cbmc/auto__objects_8cpp_source.html

/*******************************************************************\


Module: Symbolic Execution of ANSI-C


Author: Daniel Kroening, kroening@kroening.com


\*******************************************************************/


#include <util/fresh_symbol.h>

#include <util/pointer_expr.h>

#include <util/std_code.h>

#include <util/std_expr.h>


#include "goto_symex.h"


exprt goto_symext::make_auto_object(const typet &type, statet &state)

{

  // produce auto-object symbol

  symbolt &symbol = get_fresh_aux_symbol(

    type,

    "symex",

    "auto_object",

    state.source.pc->source_location(),

    ID_C,

    state.symbol_table);

  symbol.is_thread_local = false;

  symbol.is_file_local = false;


  return symbol.symbol_expr();

}

exprt goto_symext::make_auto_object(const typet &type, statet &state) {…}


void goto_symext::initialize_auto_object(const exprt &expr, statet &state)

{

  DATA_INVARIANT(

    expr.type().id() != ID_struct,

    "no L2-renamed expression expected, all struct-like types should be tags");


  if(

    auto struct_tag_type = type_try_dynamic_cast<struct_tag_typet>(expr.type()))

  {

    const struct_typet &struct_type = ns.follow_tag(*struct_tag_type);


    for(const auto &comp : struct_type.components())

    {

      member_exprt member_expr(expr, comp.get_name(), comp.type());


      initialize_auto_object(member_expr, state);

    }

  }

  else if(auto pointer_type = type_try_dynamic_cast<pointer_typet>(expr.type()))

  {

    const typet &base_type = pointer_type->base_type();


    // we don't like function pointers and

    // we don't like void *

    if(base_type.id() != ID_code && base_type.id() != ID_empty)

    {

      // could be NULL nondeterministically


      address_of_exprt address_of_expr(

        make_auto_object(base_type, state), *pointer_type);


      if_exprt rhs(

        side_effect_expr_nondett(bool_typet(), expr.source_location()),

        null_pointer_exprt(*pointer_type),

        address_of_expr);


      symex_assign(state, expr, rhs);

    }

  }

}

void goto_symext::initialize_auto_object(const exprt &expr, statet &state) {…}


void goto_symext::trigger_auto_object(const exprt &expr, statet &state)

{

  expr.visit_pre([&state, this](const exprt &e) {

    if(is_ssa_expr(e))

    {

      const ssa_exprt &ssa_expr = to_ssa_expr(e);

      const irep_idt &obj_identifier = ssa_expr.get_object_name();


      if(obj_identifier != statet::guard_identifier())

      {

        const symbolt &symbol = ns.lookup(obj_identifier);


        if(symbol.base_name.starts_with("symex::auto_object"))

        {

          // done already?

          if(!state.get_level2().current_names.has_key(

               ssa_expr.get_identifier()))

          {

            initialize_auto_object(e, state);

          }

        }

      }

    }

  });

}

void goto_symext::trigger_auto_object(const exprt &expr, statet &state) {…}

pointer_type
pointer_typet pointer_type(const typet &subtype)
Definition c_types.cpp:235

address_of_exprt
Operator to return the address of an object.
Definition pointer_expr.h:540

ait
ait supplies three of the four components needed: an abstract interpreter (in this case handling func...
Definition ai.h:562

bool_typet
The Boolean type.
Definition std_types.h:36

dstringt
dstringt has one field, an unsigned integer no which is an index into a static table of strings.
Definition dstring.h:38

dstringt::starts_with
bool starts_with(const char *s) const
equivalent of as_string().starts_with(s)
Definition dstring.h:95

exprt
Base class for all expressions.
Definition expr.h:56

exprt::visit_pre
void visit_pre(std::function< void(exprt &)>)
Definition expr.cpp:227

exprt::type
typet & type()
Return the type of the expression.
Definition expr.h:84

exprt::source_location
const source_locationt & source_location() const
Definition expr.h:231

goto_statet::get_level2
const symex_level2t & get_level2() const
Definition goto_state.h:45

goto_symex_statet
Central data structure: state.
Definition goto_symex_state.h:42

goto_symex_statet::guard_identifier
static irep_idt guard_identifier()
Definition goto_symex_state.h:140

goto_symex_statet::symbol_table
symbol_tablet symbol_table
contains symbols that are minted during symbolic execution, such as dynamically created objects etc.
Definition goto_symex_state.h:66

goto_symex_statet::source
symex_targett::sourcet source
Definition goto_symex_state.h:61

goto_symext::initialize_auto_object
void initialize_auto_object(const exprt &, statet &)
Definition auto_objects.cpp:35

goto_symext::ns
namespacet ns
Initialized just before symbolic execution begins, to point to both outer_symbol_table and the symbol...
Definition goto_symex.h:258

goto_symext::trigger_auto_object
void trigger_auto_object(const exprt &, statet &)
Definition auto_objects.cpp:76

goto_symext::symex_assign
void symex_assign(statet &state, const exprt &lhs, const exprt &rhs)
Symbolically execute an ASSIGN instruction or simulate such an execution for a synthetic assignment.
Definition goto_symex.cpp:38

goto_symext::make_auto_object
exprt make_auto_object(const typet &, statet &)
Definition auto_objects.cpp:19

if_exprt
The trinary if-then-else operator.
Definition std_expr.h:2497

irept::id
const irep_idt & id() const
Definition irep.h:388

member_exprt
Extract member of struct or union.
Definition std_expr.h:2971

namespace_baset::follow_tag
const union_typet & follow_tag(const union_tag_typet &) const
Follow type tag of union type.
Definition namespace.cpp:49

namespacet::lookup
bool lookup(const irep_idt &name, const symbolt *&symbol) const override
See documentation for namespace_baset::lookup().
Definition namespace.cpp:134

null_pointer_exprt
The null pointer constant.
Definition pointer_expr.h:909

pointer_typet::base_type
const typet & base_type() const
The type of the data what we point to.
Definition pointer_expr.h:35

side_effect_expr_nondett
A side_effect_exprt that returns a non-deterministically chosen value.
Definition std_code.h:1520

ssa_exprt
Expression providing an SSA-renamed symbol of expressions.
Definition ssa_expr.h:17

struct_typet
Structure type, corresponds to C style structs.
Definition std_types.h:231

symbolt
Symbol table entry.
Definition symbol.h:28

symbolt::is_file_local
bool is_file_local
Definition symbol.h:73

symbolt::is_thread_local
bool is_thread_local
Definition symbol.h:71

symbolt::symbol_expr
class symbol_exprt symbol_expr() const
Produces a symbol_exprt for a symbol.
Definition symbol.cpp:121

symbolt::base_name
irep_idt irep_idt base_name
Name of module the symbol belongs to.
Definition symbol.h:46

typet
The type of an expression, extends irept.
Definition type.h:29

get_fresh_aux_symbol
symbolt & get_fresh_aux_symbol(const typet &type, const std::string &name_prefix, const std::string &basename_prefix, const source_locationt &source_location, const irep_idt &symbol_mode, const namespacet &ns, symbol_table_baset &symbol_table)
Installs a fresh-named symbol with respect to the given namespace ns with the requested name pattern ...
Definition fresh_symbol.cpp:32

fresh_symbol.h
Fresh auxiliary symbol creation.

goto_symex.h
Symbolic Execution.

pointer_expr.h
API to expression classes for Pointers.

DATA_INVARIANT
#define DATA_INVARIANT(CONDITION, REASON)
This condition should be used to document that assumptions that are made on goto_functions,...
Definition invariant.h:534

is_ssa_expr
bool is_ssa_expr(const exprt &expr)
Definition ssa_expr.h:125

to_ssa_expr
const ssa_exprt & to_ssa_expr(const exprt &expr)
Cast a generic exprt to an ssa_exprt.
Definition ssa_expr.h:145

std_code.h

std_expr.h
API to expression classes.

symex_targett::sourcet::pc
goto_programt::const_targett pc
Definition symex_target.h:42