Merge pull request #3882 from tautschnig/deprecation-to_integer2

Use numeric_cast<mp_integer> instead of deprecated to_integer variants [blocks: #3800]

Author: tautschnig

regression/cbmc-library/memmove-01/main.c

@@ -47,5 +47,11 @@ int main(int argc, char *argv[])
   printf("%d %d %d %d %d %d %d\n", a[0], a[1], a[2], a[3], a[4], a[5], a[6]);
 
   assert(a[0] == -2147483600);
+  assert(a[1] == -2147221455);
+  assert(a[2] == -2147221455);
+  assert(a[3] == -2147221455);
+  assert(a[4] == 16);
+  assert(a[5] == 256);
+  assert(a[6] == 16384);
   return 0;
 }

regression/cbmc-library/memmove-01/test.desc

@@ -1,8 +1,13 @@
-CORE
+KNOWNBUG
 main.c
 --unwind 17
 ^EXIT=0$
 ^SIGNAL=0$
 ^VERIFICATION SUCCESSFUL$
 --
 ^warning: ignoring
+--
+Since we cannot constant-propagate lsize, we generate byte_extract operations
+over an int-array of unknown size when invoking memmove. This could be fixed by
+not using array_copy/array_replace in memmove, extensions to the byte-operator
+lowering, or field-sensitive SSA (this regression test is fully deterministic).

src/analyses/goto_rw.cpp

@@ -150,22 +150,21 @@ void rw_range_sett::get_objects_byte_extract(
 {
   const exprt simp_offset=simplify_expr(be.offset(), ns);
 
-  mp_integer index;
-  if(range_start==-1 || to_integer(simp_offset, index))
+  auto index = numeric_cast<mp_integer>(simp_offset);
+  if(range_start == -1 || !index.has_value())
     get_objects_rec(mode, be.op(), -1, size);
   else
   {
-    index*=8;
-    if(index>=pointer_offset_bits(be.op().type(), ns))
+    *index *= 8;
+    if(*index >= *pointer_offset_bits(be.op().type(), ns))
       return;
 
     endianness_mapt map(
       be.op().type(),
       be.id()==ID_byte_extract_little_endian,
       ns);
-    assert(index<std::numeric_limits<size_t>::max());
     range_spect offset =
-      range_start + map.map_bit(numeric_cast_v<std::size_t>(index));
+      range_start + map.map_bit(numeric_cast_v<std::size_t>(*index));
     get_objects_rec(mode, be.op(), offset, size);
   }
 }

src/ansi-c/c_typecheck_expr.cpp

@@ -2899,12 +2899,13 @@ bool c_typecheck_baset::gcc_vector_types_compatible(
   // This is relatively restrictive!
 
   // compare dimension
-  mp_integer s0, s1;
-  if(to_integer(type0.size(), s0))
+  const auto s0 = numeric_cast<mp_integer>(type0.size());
+  const auto s1 = numeric_cast<mp_integer>(type1.size());
+  if(!s0.has_value())
     return false;
-  if(to_integer(type1.size(), s1))
+  if(!s1.has_value())
     return false;
-  if(s0!=s1)
+  if(*s0 != *s1)
     return false;
 
   // compare subtype

src/ansi-c/c_typecheck_initializer.cpp

@@ -91,29 +91,30 @@ exprt c_typecheck_baset::do_initializer_rec(
        to_array_type(full_type).is_complete())
     {
       // check size
-      mp_integer array_size;
-      if(to_integer(to_array_type(full_type).size(), array_size))
+      const auto array_size =
+        numeric_cast<mp_integer>(to_array_type(full_type).size());
+      if(!array_size.has_value())
       {
         error().source_location = value.source_location();
         error() << "array size needs to be constant, got "
                 << to_string(to_array_type(full_type).size()) << eom;
         throw 0;
       }
 
-      if(array_size<0)
+      if(*array_size < 0)
       {
         error().source_location = value.source_location();
         error() << "array size must not be negative" << eom;
         throw 0;
       }
 
-      if(mp_integer(tmp.operands().size())>array_size)
+      if(mp_integer(tmp.operands().size()) > *array_size)
       {
         // cut off long strings. gcc does a warning for this
-        tmp.operands().resize(numeric_cast_v<std::size_t>(array_size));
+        tmp.operands().resize(numeric_cast_v<std::size_t>(*array_size));
         tmp.type()=type;
       }
-      else if(mp_integer(tmp.operands().size())<array_size)
+      else if(mp_integer(tmp.operands().size()) < *array_size)
       {
         // fill up
         tmp.type()=type;
@@ -126,7 +127,7 @@ exprt c_typecheck_baset::do_initializer_rec(
                   << to_string(full_type.subtype()) << "'" << eom;
           throw 0;
         }
-        tmp.operands().resize(numeric_cast_v<std::size_t>(array_size), *zero);
+        tmp.operands().resize(numeric_cast_v<std::size_t>(*array_size), *zero);
       }
     }
 
@@ -152,29 +153,30 @@ exprt c_typecheck_baset::do_initializer_rec(
        to_array_type(full_type).is_complete())
     {
       // check size
-      mp_integer array_size;
-      if(to_integer(to_array_type(full_type).size(), array_size))
+      const auto array_size =
+        numeric_cast<mp_integer>(to_array_type(full_type).size());
+      if(!array_size.has_value())
       {
         error().source_location = value.source_location();
         error() << "array size needs to be constant, got "
                 << to_string(to_array_type(full_type).size()) << eom;
         throw 0;
       }
 
-      if(array_size<0)
+      if(*array_size < 0)
       {
         error().source_location = value.source_location();
         error() << "array size must not be negative" << eom;
         throw 0;
       }
 
-      if(mp_integer(tmp2.operands().size())>array_size)
+      if(mp_integer(tmp2.operands().size()) > *array_size)
       {
         // cut off long strings. gcc does a warning for this
-        tmp2.operands().resize(numeric_cast_v<std::size_t>(array_size));
+        tmp2.operands().resize(numeric_cast_v<std::size_t>(*array_size));
         tmp2.type()=type;
       }
-      else if(mp_integer(tmp2.operands().size())<array_size)
+      else if(mp_integer(tmp2.operands().size()) < *array_size)
       {
         // fill up
         tmp2.type()=type;
@@ -187,7 +189,7 @@ exprt c_typecheck_baset::do_initializer_rec(
                   << to_string(full_type.subtype()) << "'" << eom;
           throw 0;
         }
-        tmp2.operands().resize(numeric_cast_v<std::size_t>(array_size), *zero);
+        tmp2.operands().resize(numeric_cast_v<std::size_t>(*array_size), *zero);
       }
     }
 
@@ -319,35 +321,34 @@ void c_typecheck_baset::designator_enter(
     }
     else
     {
-      mp_integer array_size;
-
-      if(to_integer(array_type.size(), array_size))
+      const auto array_size = numeric_cast<mp_integer>(array_type.size());
+      if(!array_size.has_value())
       {
         error().source_location = array_type.size().source_location();
         error() << "array has non-constant size `"
                 << to_string(array_type.size()) << "'" << eom;
         throw 0;
       }
 
-      entry.size = numeric_cast_v<std::size_t>(array_size);
+      entry.size = numeric_cast_v<std::size_t>(*array_size);
       entry.subtype=array_type.subtype();
     }
   }
   else if(full_type.id()==ID_vector)
   {
     const vector_typet &vector_type=to_vector_type(full_type);
 
-    mp_integer vector_size;
+    const auto vector_size = numeric_cast<mp_integer>(vector_type.size());
 
-    if(to_integer(vector_type.size(), vector_size))
+    if(!vector_size.has_value())
     {
       error().source_location = vector_type.size().source_location();
       error() << "vector has non-constant size `"
               << to_string(vector_type.size()) << "'" << eom;
       throw 0;
     }
 
-    entry.size = numeric_cast_v<std::size_t>(vector_size);
+    entry.size = numeric_cast_v<std::size_t>(*vector_size);
     entry.subtype=vector_type.subtype();
   }
   else
@@ -735,7 +736,11 @@ designatort c_typecheck_baset::make_designator(
 
       if(to_array_type(full_type).size().is_nil())
         size=0;
-      else if(to_integer(to_array_type(full_type).size(), size))
+      else if(
+        const auto size_opt =
+          numeric_cast<mp_integer>(to_array_type(full_type).size()))
+        size = *size_opt;
+      else
       {
         error().source_location = d_op.op0().source_location();
         error() << "expected constant array size" << eom;

src/ansi-c/c_typecheck_type.cpp

@@ -703,17 +703,17 @@ void c_typecheck_baset::typecheck_vector_type(vector_typet &type)
 
   simplify(size_expr, *this);
 
-  mp_integer sub_size;
+  const auto sub_size = numeric_cast<mp_integer>(size_expr);
 
-  if(to_integer(size_expr, sub_size))
+  if(!sub_size.has_value())
   {
     error().source_location=source_location;
     error() << "failed to determine size of vector base type `"
             << to_string(type.subtype()) << "'" << eom;
     throw 0;
   }
 
-  if(sub_size==0)
+  if(*sub_size == 0)
   {
     error().source_location=source_location;
     error() << "type had size 0: `"
@@ -722,16 +722,16 @@ void c_typecheck_baset::typecheck_vector_type(vector_typet &type)
   }
 
   // adjust by width of base type
-  if(s%sub_size!=0)
+  if(s % *sub_size != 0)
   {
     error().source_location=source_location;
     error() << "vector size (" << s
-            << ") expected to be multiple of base type size (" << sub_size
+            << ") expected to be multiple of base type size (" << *sub_size
             << ")" << eom;
     throw 0;
   }
 
-  s/=sub_size;
+  s /= *sub_size;
 
   type.size()=from_integer(s, signed_size_type());
 }

src/cpp/cpp_typecheck_initializer.cpp

@@ -270,12 +270,12 @@ void cpp_typecheckt::zero_initializer(
 
       exprt component_size=size_of_expr(component.type(), *this);
 
-      mp_integer size_int;
-      if(!to_integer(component_size, size_int))
+      const auto size_int = numeric_cast<mp_integer>(component_size);
+      if(size_int.has_value())
       {
-        if(size_int>max_comp_size)
+        if(*size_int > max_comp_size)
         {
-          max_comp_size=size_int;
+          max_comp_size = *size_int;
           comp=component;
         }
       }

src/cpp/cpp_typecheck_resolve.cpp

@@ -696,16 +696,16 @@ exprt cpp_typecheck_resolvet::do_builtin(
 
     resolve_argument(argument, fargs);
 
-    mp_integer i;
-    if(to_integer(argument, i))
+    const auto i = numeric_cast<mp_integer>(argument);
+    if(!i.has_value())
     {
       cpp_typecheck.error().source_location=source_location;
       cpp_typecheck.error() << "template argument must be constant"
                             << messaget::eom;
       throw 0;
     }
 
-    if(i<1)
+    if(*i < 1)
     {
       cpp_typecheck.error().source_location=source_location;
       cpp_typecheck.error()
@@ -715,7 +715,7 @@ exprt cpp_typecheck_resolvet::do_builtin(
     }
 
     dest=type_exprt(typet(base_name));
-    dest.type().set(ID_width, integer2string(i));
+    dest.type().set(ID_width, integer2string(*i));
   }
   else if(base_name==ID_fixedbv)
   {
@@ -751,25 +751,27 @@ exprt cpp_typecheck_resolvet::do_builtin(
       throw 0;
     }
 
-    mp_integer width, integer_bits;
+    const auto width = numeric_cast<mp_integer>(argument0);
 
-    if(to_integer(argument0, width))
+    if(!width.has_value())
     {
       cpp_typecheck.error().source_location=argument0.find_source_location();
       cpp_typecheck.error() << "template argument must be constant"
                             << messaget::eom;
       throw 0;
     }
 
-    if(to_integer(argument1, integer_bits))
+    const auto integer_bits = numeric_cast<mp_integer>(argument1);
+
+    if(!integer_bits.has_value())
     {
       cpp_typecheck.error().source_location=argument1.find_source_location();
       cpp_typecheck.error() << "template argument must be constant"
                             << messaget::eom;
       throw 0;
     }
 
-    if(width<1)
+    if(*width < 1)
     {
       cpp_typecheck.error().source_location=argument0.find_source_location();
       cpp_typecheck.error()
@@ -778,7 +780,7 @@ exprt cpp_typecheck_resolvet::do_builtin(
       throw 0;
     }
 
-    if(integer_bits<0)
+    if(*integer_bits < 0)
     {
       cpp_typecheck.error().source_location=argument1.find_source_location();
       cpp_typecheck.error()
@@ -787,7 +789,7 @@ exprt cpp_typecheck_resolvet::do_builtin(
       throw 0;
     }
 
-    if(integer_bits>width)
+    if(*integer_bits > *width)
     {
       cpp_typecheck.error().source_location=argument1.find_source_location();
       cpp_typecheck.error()
@@ -797,8 +799,8 @@ exprt cpp_typecheck_resolvet::do_builtin(
     }
 
     dest=type_exprt(typet(base_name));
-    dest.type().set(ID_width, integer2string(width));
-    dest.type().set(ID_integer_bits, integer2string(integer_bits));
+    dest.type().set(ID_width, integer2string(*width));
+    dest.type().set(ID_integer_bits, integer2string(*integer_bits));
   }
   else if(base_name==ID_integer)
   {