module type S =sig..end
Signature of abstract memory locations.
type
type
abstract locations
type
abstract offsets
val top : location
val equal_loc : location -> location -> bool
val equal_offset : offset -> offset -> bool
val pretty_loc : Stdlib.Format.formatter -> location -> unit
val pretty_offset : Stdlib.Format.formatter -> offset -> unit
val to_value : location -> value
val size : location -> Int_Base.t
val replace_base : Base.substitution ->
location -> locationreplace_base substitution location replaces the variables represented
by the location according to substitution.
These functions are used to create the alarms that report undesirable
behaviors, when a location abstraction does not meet the prerequisites of
an operation. Thereafter, the location is assumed to meet them to continue
the analysis.
See the documentation of Abstract_value.truth for more details.
val assume_no_overlap : partial:bool ->
location ->
location ->
(location * location)
Abstract_location.truthAssumes that two locations do not overlap. If partial is true, the
concrete locations may be equal, but different locations must not overlap.
Otherwise, the locations must be completely separate.
val assume_valid_location : for_writing:bool ->
bitfield:bool ->
location ->
location Abstract_location.truthAssumes that the given location is valid for a read or write operation,
according to the for_writing boolean. Used to emit memory access alarms.
If the location is not completely valid, reduces it to its valid part.
bitfield indicates whether the location may be the one of a bitfield;
if it is false, the location can be assumed to be byte aligned.
val no_offset : offset
val forward_field : Cil_types.typ ->
Cil_types.fieldinfo ->
offset -> offsetComputes the field offset of a fieldinfo, with the given remaining offset. The given type must the one of the structure or the union.
val forward_index : Cil_types.typ ->
value ->
offset -> offsetforward_index typ value offset computes the array index offset of
(Index (ind, off)), where the index expression ind evaluates to value
and the remaining offset off evaluates to offset.
typ must be the type pointed by the array.
Evaluation of the location of an lvalue, when the offset has already been evaluated. In case of a pointer, its expression has also been evaluated to a value.
val forward_variable : Cil_types.typ ->
Cil_types.varinfo ->
offset -> location Eval.or_bottomVar case in the AST: the host is a variable.
val forward_pointer : Cil_types.typ ->
value ->
offset -> location Eval.or_bottomMem case in the AST: the host is a pointer.
val eval_varinfo : Cil_types.varinfo -> locationFor an unary forward operation F, the inverse backward operator B tries to reduce the argument values of the operation, given its result.
It must satisfy:
if B arg res = v
then ∀ a ⊆ arg such that F a ⊆ res, a ⊆ v
i.e. B arg res returns a value v larger than all subvalues of arg
whose result through F is included in res.
If F arg ∈ res is impossible, then v should be bottom.
Any n-ary operator may be considered as a unary operator on a vector of values, the inclusion being lifted pointwise.
val backward_variable : Cil_types.varinfo ->
location -> offset Eval.or_bottom
val backward_pointer : value ->
offset ->
location ->
(value * offset) Eval.or_bottom
val backward_field : Cil_types.typ ->
Cil_types.fieldinfo ->
offset -> offset Eval.or_bottom
val backward_index : Cil_types.typ ->
index:value ->
remaining:offset ->
offset ->
(value * offset) Eval.or_bottom