Collaboration diagram for goto_check_ct:Classes | |
| struct | conditiont |
Public Types | |
| typedef goto_functionst::goto_functiont | goto_functiont |
Public Member Functions | |
| goto_check_ct (const namespacet &_ns, const optionst &_options, message_handlert &_message_handler) | |
| void | goto_check (const irep_idt &function_identifier, goto_functiont &goto_function) |
| void | collect_allocations (const goto_functionst &goto_functions) |
| Fill the list of allocations allocationst with <address, size> for every allocation instruction. More... | |
Protected Types | |
| enum | check_statust { ENABLE , DISABLE , CHECKED } |
| activation statuses for named checks More... | |
| using | guardt = std::function< exprt(exprt)> |
| using | conditionst = std::list< conditiont > |
| typedef std::set< std::pair< exprt, exprt > > | assertionst |
| typedef optionst::value_listt | error_labelst |
| typedef std::pair< exprt, exprt > | allocationt |
| typedef std::list< allocationt > | allocationst |
| using | named_check_statust = std::optional< std::pair< irep_idt, check_statust > > |
| optional (named-check, status) pair More... | |
Protected Member Functions | |
| void | check_shadow_memory_api_calls (const goto_programt::instructiont &) |
| void | check_rec_address (const exprt &expr, const guardt &guard) |
| Check an address-of expression: if it is a dereference then check the pointer if it is an index then address-check the array and then check the index. More... | |
| void | check_rec_logical_op (const exprt &expr, const guardt &guard) |
| Check a logical operation: check each operand in separation while extending the guarding condition as follows. More... | |
| void | check_rec_if (const if_exprt &if_expr, const guardt &guard) |
| Check an if expression: check the if-condition alone, and then check the true/false-cases with the guard extended with if-condition and it's negation, respectively. More... | |
| bool | check_rec_member (const member_exprt &member, const guardt &guard) |
| Check that a member expression is valid: More... | |
| void | check_rec_div (const div_exprt &div_expr, const guardt &guard) |
| Check that a division is valid: check for division by zero, overflow and NaN (for floating point numbers). More... | |
| void | check_rec_arithmetic_op (const exprt &expr, const guardt &guard) |
| Check that an arithmetic operation is valid: overflow check, NaN-check (for floating point numbers), and pointer overflow check. More... | |
| void | check_rec (const exprt &expr, const guardt &guard) |
Recursively descend into expr and run the appropriate check for each sub-expression, while collecting the condition for the check in guard. More... | |
| void | check (const exprt &expr) |
Initiate the recursively analysis of expr with its ‘guard’ set to TRUE. More... | |
| void | bounds_check (const exprt &, const guardt &) |
| void | bounds_check_index (const index_exprt &, const guardt &) |
| void | bounds_check_bit_count (const unary_exprt &, const guardt &) |
| void | div_by_zero_check (const div_exprt &, const guardt &) |
| void | float_div_by_zero_check (const div_exprt &, const guardt &) |
| void | mod_by_zero_check (const mod_exprt &, const guardt &) |
| void | mod_overflow_check (const mod_exprt &, const guardt &) |
| check a mod expression for the case INT_MIN % -1 More... | |
| void | enum_range_check (const exprt &, const guardt &) |
| void | undefined_shift_check (const shift_exprt &, const guardt &) |
| void | pointer_rel_check (const binary_exprt &, const guardt &) |
| void | pointer_overflow_check (const exprt &, const guardt &) |
| void | memory_leak_check (const irep_idt &function_id) |
| void | pointer_validity_check (const dereference_exprt &expr, const exprt &src_expr, const guardt &guard) |
| Generates VCCs for the validity of the given dereferencing operation. More... | |
| void | pointer_primitive_check (const exprt &expr, const guardt &guard) |
| Generates VCCs to check that pointers passed to pointer primitives are either null or valid. More... | |
| bool | requires_pointer_primitive_check (const exprt &expr) |
| Returns true if the given expression is a pointer primitive that requires validation of the operand to guard against misuse. More... | |
| std::optional< goto_check_ct::conditiont > | get_pointer_is_null_condition (const exprt &address, const exprt &size) |
| conditionst | get_pointer_points_to_valid_memory_conditions (const exprt &address, const exprt &size) |
| exprt | is_in_bounds_of_some_explicit_allocation (const exprt &pointer, const exprt &size) |
| conditionst | get_pointer_dereferenceable_conditions (const exprt &address, const exprt &size) |
| void | integer_overflow_check (const exprt &, const guardt &) |
| void | conversion_check (const exprt &, const guardt &) |
| void | float_overflow_check (const exprt &, const guardt &) |
| void | nan_check (const exprt &, const guardt &) |
| std::string | array_name (const exprt &) |
| void | add_guarded_property (const exprt &asserted_expr, const std::string &comment, const std::string &property_class, bool is_fatal, const source_locationt &source_location, const exprt &src_expr, const guardt &guard) |
Include the asserted_expr in the code conditioned by the guard. More... | |
| void | invalidate (const exprt &lhs) |
Remove all assertions containing the symbol in lhs as well as all assertions containing dereference. More... | |
| void | add_active_named_check_pragmas (source_locationt &source_location) const |
| Adds "checked" pragmas for all currently active named checks on the given source location. More... | |
| void | add_all_checked_named_check_pragmas (source_locationt &source_location) const |
| Adds "checked" pragmas for all named checks on the given source location (prevents any the instanciation of any ulterior check). More... | |
| named_check_statust | match_named_check (const irep_idt &named_check) const |
| Matches a named-check string of the form. More... | |
Protected Attributes | |
| const namespacet & | ns |
| std::unique_ptr< local_bitvector_analysist > | local_bitvector_analysis |
| goto_programt::const_targett | current_target |
| messaget | log |
| const guardt | identity = [](exprt expr) { return expr; } |
| goto_programt | new_code |
| assertionst | assertions |
| bool | enable_bounds_check |
| bool | enable_pointer_check |
| bool | enable_memory_leak_check |
| bool | enable_memory_cleanup_check |
| bool | enable_div_by_zero_check |
| bool | enable_float_div_by_zero_check |
| bool | enable_enum_range_check |
| bool | enable_signed_overflow_check |
| bool | enable_unsigned_overflow_check |
| bool | enable_pointer_overflow_check |
| bool | enable_conversion_check |
| bool | enable_undefined_shift_check |
| bool | enable_float_overflow_check |
| bool | enable_simplify |
| bool | enable_nan_check |
| bool | retain_trivial |
| bool | enable_assert_to_assume |
| bool | enable_pointer_primitive_check |
| std::map< irep_idt, bool * > | name_to_flag |
| Maps a named-check name to the corresponding boolean flag. More... | |
| error_labelst | error_labels |
| allocationst | allocations |
| irep_idt | mode |
Detailed Description
Definition at line 45 of file goto_check_c.cpp.
Member Typedef Documentation
◆ allocationst
|
protected |
Definition at line 307 of file goto_check_c.cpp.
◆ allocationt
|
protected |
Definition at line 306 of file goto_check_c.cpp.
◆ assertionst
|
protected |
Definition at line 255 of file goto_check_c.cpp.
◆ conditionst
|
protected |
Definition at line 177 of file goto_check_c.cpp.
◆ error_labelst
|
protected |
Definition at line 301 of file goto_check_c.cpp.
◆ goto_functiont
Definition at line 83 of file goto_check_c.cpp.
◆ guardt
|
protected |
Definition at line 102 of file goto_check_c.cpp.
◆ named_check_statust
|
protected |
optional (named-check, status) pair
Definition at line 330 of file goto_check_c.cpp.
Member Enumeration Documentation
◆ check_statust
|
protected |
activation statuses for named checks
| Enumerator | |
|---|---|
| ENABLE | |
| DISABLE | |
| CHECKED | |
Definition at line 322 of file goto_check_c.cpp.
Constructor & Destructor Documentation
◆ goto_check_ct()
|
inline |
Definition at line 48 of file goto_check_c.cpp.
Member Function Documentation
◆ add_active_named_check_pragmas()
|
protected |
Adds "checked" pragmas for all currently active named checks on the given source location.
Definition at line 2508 of file goto_check_c.cpp.
◆ add_all_checked_named_check_pragmas()
|
protected |
Adds "checked" pragmas for all named checks on the given source location (prevents any the instanciation of any ulterior check).
Definition at line 2516 of file goto_check_c.cpp.
◆ add_guarded_property()
|
protected |
Include the asserted_expr in the code conditioned by the guard.
- Parameters
-
asserted_expr expression to be asserted comment human readable comment property_class classification of the property is_fatal property checks for undefined behavior source_location the source location of the original expression src_expr the original expression to be included in the comment guard the condition under which the asserted expression should be taken into account
Definition at line 1755 of file goto_check_c.cpp.
◆ array_name()
|
protected |
Definition at line 1553 of file goto_check_c.cpp.
◆ bounds_check()
Definition at line 1558 of file goto_check_c.cpp.
◆ bounds_check_bit_count()
|
protected |
Definition at line 1732 of file goto_check_c.cpp.
◆ bounds_check_index()
|
protected |
Definition at line 1575 of file goto_check_c.cpp.
◆ check()
|
protected |
Initiate the recursively analysis of expr with its ‘guard’ set to TRUE.
- Parameters
-
expr the expression to be checked
Definition at line 2062 of file goto_check_c.cpp.
◆ check_rec()
Recursively descend into expr and run the appropriate check for each sub-expression, while collecting the condition for the check in guard.
- Parameters
-
expr the expression to be checked guard the condition for when the check should be made
Definition at line 1972 of file goto_check_c.cpp.
◆ check_rec_address()
Check an address-of expression: if it is a dereference then check the pointer if it is an index then address-check the array and then check the index.
- Parameters
-
expr the expression to be checked guard the condition for the check
Definition at line 1802 of file goto_check_c.cpp.
◆ check_rec_arithmetic_op()
Check that an arithmetic operation is valid: overflow check, NaN-check (for floating point numbers), and pointer overflow check.
- Parameters
-
expr the expression to be checked guard the condition for the check
Definition at line 1945 of file goto_check_c.cpp.
◆ check_rec_div()
Check that a division is valid: check for division by zero, overflow and NaN (for floating point numbers).
- Parameters
-
div_expr the expression to be checked guard the condition for the check
Definition at line 1916 of file goto_check_c.cpp.
◆ check_rec_if()
Check an if expression: check the if-condition alone, and then check the true/false-cases with the guard extended with if-condition and it's negation, respectively.
- Parameters
-
if_expr the expression to be checked guard the condition for the check (extended with the (negation of the) if-condition for recursively calls)
Definition at line 1852 of file goto_check_c.cpp.
◆ check_rec_logical_op()
Check a logical operation: check each operand in separation while extending the guarding condition as follows.
a /\ b /\ c ==> check(a, TRUE), check(b, a), check (c, a /\ b) a \/ b \/ c ==> check(a, TRUE), check(b, ~a), check (c, ~a /\ ~b)
- Parameters
-
expr the expression to be checked guard the condition for the check (extended with the previous operands (or their negations) for recursively calls)
Definition at line 1825 of file goto_check_c.cpp.
◆ check_rec_member()
|
protected |
Check that a member expression is valid:
- check the structure this expression is a member of (via pointer of its dereference)
- run pointer-validity check on ‘*(s+member_offset)’ instead of ‘s->member’ to avoid checking safety of ‘s’
- check all operands of the expression
- Parameters
-
member the expression to be checked guard the condition for the check
- Returns
- true if no more checks are required for
memberor its sub-expressions
Definition at line 1875 of file goto_check_c.cpp.
◆ check_shadow_memory_api_calls()
|
protected |
Definition at line 2330 of file goto_check_c.cpp.
◆ collect_allocations()
| void goto_check_ct::collect_allocations | ( | const goto_functionst & | goto_functions | ) |
Fill the list of allocations allocationst with <address, size> for every allocation instruction.
Also check that each allocation is well-formed.
- Parameters
-
goto_functions goto functions from which the allocations are to be collected
Definition at line 434 of file goto_check_c.cpp.
◆ conversion_check()
Definition at line 692 of file goto_check_c.cpp.
◆ div_by_zero_check()
Definition at line 496 of file goto_check_c.cpp.
◆ enum_range_check()
Definition at line 540 of file goto_check_c.cpp.
◆ float_div_by_zero_check()
|
protected |
Definition at line 518 of file goto_check_c.cpp.
◆ float_overflow_check()
Definition at line 1114 of file goto_check_c.cpp.
◆ get_pointer_dereferenceable_conditions()
|
protected |
Definition at line 1540 of file goto_check_c.cpp.
◆ get_pointer_is_null_condition()
|
protected |
Definition at line 2428 of file goto_check_c.cpp.
◆ get_pointer_points_to_valid_memory_conditions()
|
protected |
Definition at line 2350 of file goto_check_c.cpp.
◆ goto_check()
| void goto_check_ct::goto_check | ( | const irep_idt & | function_identifier, |
| goto_functiont & | goto_function | ||
| ) |
Definition at line 2090 of file goto_check_c.cpp.
◆ integer_overflow_check()
Definition at line 862 of file goto_check_c.cpp.
◆ invalidate()
|
protected |
Remove all assertions containing the symbol in lhs as well as all assertions containing dereference.
- Parameters
-
lhs the left-hand-side expression whose symbol should be invalidated
Definition at line 466 of file goto_check_c.cpp.
◆ is_in_bounds_of_some_explicit_allocation()
|
protected |
Definition at line 2449 of file goto_check_c.cpp.
◆ match_named_check()
|
protected |
Matches a named-check string of the form.
- Returns
- a pair (name, status) if the match succeeds and the name is known, nothing otherwise.
Definition at line 2524 of file goto_check_c.cpp.
◆ memory_leak_check()
|
protected |
Definition at line 2067 of file goto_check_c.cpp.
◆ mod_by_zero_check()
Definition at line 636 of file goto_check_c.cpp.
◆ mod_overflow_check()
check a mod expression for the case INT_MIN % -1
Definition at line 659 of file goto_check_c.cpp.
◆ nan_check()
Definition at line 1225 of file goto_check_c.cpp.
◆ pointer_overflow_check()
Definition at line 1380 of file goto_check_c.cpp.
◆ pointer_primitive_check()
Generates VCCs to check that pointers passed to pointer primitives are either null or valid.
- Parameters
-
expr the pointer primitive expression guard the condition under which the operation happens
Definition at line 1479 of file goto_check_c.cpp.
◆ pointer_rel_check()
|
protected |
Definition at line 1334 of file goto_check_c.cpp.
◆ pointer_validity_check()
|
protected |
Generates VCCs for the validity of the given dereferencing operation.
- Parameters
-
expr the expression to be checked src_expr The expression as found in the program, prior to any rewriting guard the condition under which the operation happens
Definition at line 1437 of file goto_check_c.cpp.
◆ requires_pointer_primitive_check()
|
protected |
Returns true if the given expression is a pointer primitive that requires validation of the operand to guard against misuse.
- Parameters
-
expr expression
- Returns
- true if the given expression is a pointer primitive that requires checking
Definition at line 1521 of file goto_check_c.cpp.
◆ undefined_shift_check()
|
protected |
Definition at line 565 of file goto_check_c.cpp.
Member Data Documentation
◆ allocations
|
protected |
Definition at line 308 of file goto_check_c.cpp.
◆ assertions
|
protected |
Definition at line 256 of file goto_check_c.cpp.
◆ current_target
|
protected |
Definition at line 99 of file goto_check_c.cpp.
◆ enable_assert_to_assume
|
protected |
Definition at line 280 of file goto_check_c.cpp.
◆ enable_bounds_check
|
protected |
Definition at line 264 of file goto_check_c.cpp.
◆ enable_conversion_check
|
protected |
Definition at line 274 of file goto_check_c.cpp.
◆ enable_div_by_zero_check
|
protected |
Definition at line 268 of file goto_check_c.cpp.
◆ enable_enum_range_check
|
protected |
Definition at line 270 of file goto_check_c.cpp.
◆ enable_float_div_by_zero_check
|
protected |
Definition at line 269 of file goto_check_c.cpp.
◆ enable_float_overflow_check
|
protected |
Definition at line 276 of file goto_check_c.cpp.
◆ enable_memory_cleanup_check
|
protected |
Definition at line 267 of file goto_check_c.cpp.
◆ enable_memory_leak_check
|
protected |
Definition at line 266 of file goto_check_c.cpp.
◆ enable_nan_check
|
protected |
Definition at line 278 of file goto_check_c.cpp.
◆ enable_pointer_check
|
protected |
Definition at line 265 of file goto_check_c.cpp.
◆ enable_pointer_overflow_check
|
protected |
Definition at line 273 of file goto_check_c.cpp.
◆ enable_pointer_primitive_check
|
protected |
Definition at line 281 of file goto_check_c.cpp.
◆ enable_signed_overflow_check
|
protected |
Definition at line 271 of file goto_check_c.cpp.
◆ enable_simplify
|
protected |
Definition at line 277 of file goto_check_c.cpp.
◆ enable_undefined_shift_check
|
protected |
Definition at line 275 of file goto_check_c.cpp.
◆ enable_unsigned_overflow_check
|
protected |
Definition at line 272 of file goto_check_c.cpp.
◆ error_labels
|
protected |
Definition at line 302 of file goto_check_c.cpp.
◆ identity
Definition at line 103 of file goto_check_c.cpp.
◆ local_bitvector_analysis
|
protected |
Definition at line 98 of file goto_check_c.cpp.
◆ log
|
protected |
Definition at line 100 of file goto_check_c.cpp.
◆ mode
|
protected |
Definition at line 310 of file goto_check_c.cpp.
◆ name_to_flag
|
protected |
Maps a named-check name to the corresponding boolean flag.
Definition at line 284 of file goto_check_c.cpp.
◆ new_code
|
protected |
Definition at line 254 of file goto_check_c.cpp.
◆ ns
|
protected |
Definition at line 97 of file goto_check_c.cpp.
◆ retain_trivial
|
protected |
Definition at line 279 of file goto_check_c.cpp.
The documentation for this class was generated from the following file:
- /home/runner/work/cbmc/cbmc/src/ansi-c/goto-conversion/goto_check_c.cpp
