cbmc/auto__objects_8cpp_source.html

 /*******************************************************************\


 Module: Symbolic Execution of ANSI-C


 Author: Daniel Kroening, kroening@kroening.com


 \*******************************************************************/


 #include <util/fresh_symbol.h>

 #include <util/pointer_expr.h>

 #include <util/std_code.h>

 #include <util/std_expr.h>


 #include "goto_symex.h"


 exprt goto_symext::make_auto_object(const typet &type, statet &state)

 {

   // produce auto-object symbol

   symbolt &symbol = get_fresh_aux_symbol(

     type,

     "symex",

     "auto_object",

     state.source.pc->source_location(),

     ID_C,

     state.symbol_table);

   symbol.is_thread_local = false;

   symbol.is_file_local = false;


   return symbol.symbol_expr();

 }


 void goto_symext::initialize_auto_object(const exprt &expr, statet &state)

 {

   DATA_INVARIANT(

     expr.type().id() != ID_struct,

     "no L2-renamed expression expected, all struct-like types should be tags");


   if(

     auto struct_tag_type = type_try_dynamic_cast<struct_tag_typet>(expr.type()))

   {

     const struct_typet &struct_type = ns.follow_tag(*struct_tag_type);


     for(const auto &comp : struct_type.components())

     {

       member_exprt member_expr(expr, comp.get_name(), comp.type());


       initialize_auto_object(member_expr, state);

     }

   }

   else if(auto pointer_type = type_try_dynamic_cast<pointer_typet>(expr.type()))

   {

     const typet &base_type = pointer_type->base_type();


     // we don't like function pointers and

     // we don't like void *

     if(base_type.id() != ID_code && base_type.id() != ID_empty)

     {

       // could be NULL nondeterministically


       address_of_exprt address_of_expr(

         make_auto_object(base_type, state), *pointer_type);


       if_exprt rhs(

         side_effect_expr_nondett(bool_typet(), expr.source_location()),

         null_pointer_exprt(*pointer_type),

         address_of_expr);


       symex_assign(state, expr, rhs);

     }

   }

 }


 void goto_symext::trigger_auto_object(const exprt &expr, statet &state)

 {

   expr.visit_pre([&state, this](const exprt &e) {

     if(is_ssa_expr(e))

     {

       const ssa_exprt &ssa_expr = to_ssa_expr(e);

       const irep_idt &obj_identifier = ssa_expr.get_object_name();


       if(obj_identifier != statet::guard_identifier())

       {

         const symbolt &symbol = ns.lookup(obj_identifier);


         if(symbol.base_name.starts_with("symex::auto_object"))

         {

           // done already?

           if(!state.get_level2().current_names.has_key(

                ssa_expr.get_identifier()))

           {

             initialize_auto_object(e, state);

           }

         }

       }

     }

   });

 }

pointer_type
pointer_typet pointer_type(const typet &subtype)
Definition: c_types.cpp:235

address_of_exprt
Operator to return the address of an object.
Definition: pointer_expr.h:540

bool_typet
The Boolean type.
Definition: std_types.h:36

dstringt
dstringt has one field, an unsigned integer no which is an index into a static table of strings.
Definition: dstring.h:38

dstringt::starts_with
bool starts_with(const char *s) const
equivalent of as_string().starts_with(s)
Definition: dstring.h:95

exprt
Base class for all expressions.
Definition: expr.h:56

exprt::source_location
const source_locationt & source_location() const
Definition: expr.h:231

exprt::visit_pre
void visit_pre(std::function< void(exprt &)>)
Definition: expr.cpp:227

exprt::type
typet & type()
Return the type of the expression.
Definition: expr.h:84

goto_statet::get_level2
const symex_level2t & get_level2() const
Definition: goto_state.h:45

goto_symex_statet
Central data structure: state.
Definition: goto_symex_state.h:43

goto_symex_statet::guard_identifier
static irep_idt guard_identifier()
Definition: goto_symex_state.h:141

goto_symex_statet::symbol_table
symbol_tablet symbol_table
contains symbols that are minted during symbolic execution, such as dynamically created objects etc.
Definition: goto_symex_state.h:67

goto_symex_statet::source
symex_targett::sourcet source
Definition: goto_symex_state.h:62

goto_symext::initialize_auto_object
void initialize_auto_object(const exprt &, statet &)
Definition: auto_objects.cpp:35

goto_symext::ns
namespacet ns
Initialized just before symbolic execution begins, to point to both outer_symbol_table and the symbol...
Definition: goto_symex.h:258

goto_symext::trigger_auto_object
void trigger_auto_object(const exprt &, statet &)
Definition: auto_objects.cpp:76

goto_symext::symex_assign
void symex_assign(statet &state, const exprt &lhs, const exprt &rhs)
Symbolically execute an ASSIGN instruction or simulate such an execution for a synthetic assignment.
Definition: goto_symex.cpp:38

goto_symext::make_auto_object
exprt make_auto_object(const typet &, statet &)
Definition: auto_objects.cpp:19

if_exprt
The trinary if-then-else operator.
Definition: std_expr.h:2375

irept::id
const irep_idt & id() const
Definition: irep.h:388

member_exprt
Extract member of struct or union.
Definition: std_expr.h:2849

namespace_baset::follow_tag
const union_typet & follow_tag(const union_tag_typet &) const
Follow type tag of union type.
Definition: namespace.cpp:63

namespacet::lookup
bool lookup(const irep_idt &name, const symbolt *&symbol) const override
See documentation for namespace_baset::lookup().
Definition: namespace.cpp:148

null_pointer_exprt
The null pointer constant.
Definition: pointer_expr.h:909

pointer_typet::base_type
const typet & base_type() const
The type of the data what we point to.
Definition: pointer_expr.h:35

sharing_mapt::has_key
bool has_key(const key_type &k) const
Check if key is in map.
Definition: sharing_map.h:377

side_effect_expr_nondett
A side_effect_exprt that returns a non-deterministically chosen value.
Definition: std_code.h:1520

ssa_exprt
Expression providing an SSA-renamed symbol of expressions.
Definition: ssa_expr.h:17

ssa_exprt::get_object_name
irep_idt get_object_name() const

struct_typet
Structure type, corresponds to C style structs.
Definition: std_types.h:231

struct_union_typet::components
const componentst & components() const
Definition: std_types.h:147

symbol_exprt::get_identifier
const irep_idt & get_identifier() const
Definition: std_expr.h:160

symbolt
Symbol table entry.
Definition: symbol.h:28

symbolt::base_name
irep_idt base_name
Base (non-scoped) name.
Definition: symbol.h:46

symbolt::is_file_local
bool is_file_local
Definition: symbol.h:73

symbolt::is_thread_local
bool is_thread_local
Definition: symbol.h:71

symbolt::symbol_expr
class symbol_exprt symbol_expr() const
Produces a symbol_exprt for a symbol.
Definition: symbol.cpp:121

typet
The type of an expression, extends irept.
Definition: type.h:29

get_fresh_aux_symbol
symbolt & get_fresh_aux_symbol(const typet &type, const std::string &name_prefix, const std::string &basename_prefix, const source_locationt &source_location, const irep_idt &symbol_mode, const namespacet &ns, symbol_table_baset &symbol_table)
Installs a fresh-named symbol with respect to the given namespace ns with the requested name pattern ...
Definition: fresh_symbol.cpp:32

fresh_symbol.h
Fresh auxiliary symbol creation.

goto_symex.h
Symbolic Execution.

pointer_expr.h
API to expression classes for Pointers.

DATA_INVARIANT
#define DATA_INVARIANT(CONDITION, REASON)
This condition should be used to document that assumptions that are made on goto_functions,...
Definition: invariant.h:534

to_ssa_expr
const ssa_exprt & to_ssa_expr(const exprt &expr)
Cast a generic exprt to an ssa_exprt.
Definition: ssa_expr.h:145

is_ssa_expr
bool is_ssa_expr(const exprt &expr)
Definition: ssa_expr.h:125

std_code.h

std_expr.h
API to expression classes.

symex_level2t::current_names
symex_renaming_levelt current_names
Definition: renaming_level.h:70

symex_targett::sourcet::pc
goto_programt::const_targett pc
Definition: symex_target.h:42