cbmc/dfcc__root__object_8cpp_source.html

/*******************************************************************\


Module: Dynamic frame condition checking


Author: Remi Delmas, delmasrd@amazon.com


Date: March 2023


\*******************************************************************/


#include "dfcc_root_object.h"


#include <util/byte_operators.h>

#include <util/cprover_prefix.h>

#include <util/expr.h>

#include <util/expr_util.h>

#include <util/pointer_expr.h>

#include <util/std_code.h>


#include <goto-programs/pointer_arithmetic.h>


static void


root_objects_rec(const exprt &expr, std::unordered_set<exprt, irep_hash> &dest)

{

  if(expr.id() == ID_symbol)

  {

    dest.insert(expr);

  }

  else if(expr.id() == ID_index)

  {

    root_objects_rec(to_index_expr(expr).array(), dest);

  }

  else if(expr.id() == ID_member)

  {

    const typet &type = to_member_expr(expr).struct_op().type();

    DATA_INVARIANT(

      type.id() == ID_struct || type.id() == ID_struct_tag ||

        type.id() == ID_union || type.id() == ID_union_tag,

      "unexpected assignment to member of '" + type.id_string() + "'");

    root_objects_rec(to_member_expr(expr).compound(), dest);

  }

  else if(expr.id() == ID_if)

  {

    root_objects_rec(to_if_expr(expr).true_case(), dest);

    root_objects_rec(to_if_expr(expr).false_case(), dest);

  }

  else if(expr.id() == ID_typecast)

  {

    root_objects_rec(to_typecast_expr(expr).op(), dest);

  }

  else if(

    expr.id() == ID_byte_extract_little_endian ||

    expr.id() == ID_byte_extract_big_endian)

  {

    root_objects_rec(to_byte_extract_expr(expr).op(), dest);

  }

  else if(expr.id() == ID_complex_real)

  {

    root_objects_rec(to_complex_real_expr(expr).op(), dest);

  }

  else if(expr.id() == ID_complex_imag)

  {

    root_objects_rec(to_complex_imag_expr(expr).op(), dest);

  }

  else if(const auto &deref = expr_try_dynamic_cast<dereference_exprt>(expr))

  {

    // normalise the dereferenced pointer into `pointer + offset`, extract

    // pointer expression and try some simplifications

    const exprt &pointer = pointer_arithmetict(deref->pointer()).pointer;

    const source_locationt source_location = expr.source_location();

    if(const auto &if_expr = expr_try_dynamic_cast<if_exprt>(pointer))

    {

      // split on disjunctions

      // *(c ? true_case : false_case) => rec(*true_case); rec(*false_case)

      dereference_exprt if_true(if_expr->true_case());

      if_true.add_source_location() = source_location;

      root_objects_rec(if_true, dest);

      dereference_exprt if_false(if_expr->false_case());

      if_false.add_source_location() = source_location;

      root_objects_rec(if_false, dest);

    }

    else if(

      const auto &address_of_expr =

        expr_try_dynamic_cast<address_of_exprt>(pointer))

    {

      // *(&object + offset) => rec(object)

      root_objects_rec(skip_typecast(address_of_expr->object()), dest);

    }

    else

    {

      // simplify *(pointer + offset) to *pointer and stop here

      dereference_exprt deref(pointer);

      deref.add_source_location() = source_location;

      dest.insert(deref);

    }

  }

  else

  {

    // Stop here for anything else.

    dest.insert(expr);

  }

}

root_objects_rec(const exprt &expr, std::unordered_set<exprt, irep_hash> &dest) {…}


static exprt slice_op_to_deref(const exprt &expr)

{

  if(

    const auto &function_call_expr =

      expr_try_dynamic_cast<side_effect_expr_function_callt>(expr))

  {

    auto function_expr = function_call_expr->function();

    INVARIANT(

      function_expr.id() == ID_symbol,

      "no function pointer calls in loop assigns clause targets");

    auto function_id = to_symbol_expr(function_expr).get_identifier();

    INVARIANT(

      function_id == CPROVER_PREFIX "assignable" ||

        function_id == CPROVER_PREFIX "object_whole" ||

        function_id == CPROVER_PREFIX "object_from" ||

        function_id == CPROVER_PREFIX "object_upto",

      "can only handle built-in function calls in assigns clause targets");

    return dereference_exprt(

      skip_typecast(function_call_expr->arguments().at(0)));

  }

  else

  {

    return expr;

  }

}

static exprt slice_op_to_deref(const exprt &expr) {…}


std::unordered_set<exprt, irep_hash> dfcc_root_objects(const exprt &expr)

{

  std::unordered_set<exprt, irep_hash> result;

  root_objects_rec(slice_op_to_deref(expr), result);

  return result;

}

std::unordered_set<exprt, irep_hash> dfcc_root_objects(const exprt &expr) {…}

byte_operators.h
Expression classes for byte-level operators.

to_byte_extract_expr
const byte_extract_exprt & to_byte_extract_expr(const exprt &expr)
Definition byte_operators.h:70

ait
ait supplies three of the four components needed: an abstract interpreter (in this case handling func...
Definition ai.h:562

dereference_exprt
Operator to dereference a pointer.
Definition pointer_expr.h:834

exprt
Base class for all expressions.
Definition expr.h:56

exprt::source_location
const source_locationt & source_location() const
Definition expr.h:231

irept::id_string
const std::string & id_string() const
Definition irep.h:391

irept::id
const irep_idt & id() const
Definition irep.h:388

source_locationt
Definition source_location.h:20

typet
The type of an expression, extends irept.
Definition type.h:29

cprover_prefix.h

CPROVER_PREFIX
#define CPROVER_PREFIX
Definition cprover_prefix.h:14

slice_op_to_deref
static exprt slice_op_to_deref(const exprt &expr)
Translates object slice expressions found in assigns clause targets to dereference expressions so tha...
Definition dfcc_root_object.cpp:107

dfcc_root_objects
std::unordered_set< exprt, irep_hash > dfcc_root_objects(const exprt &expr)
Computes a set of root object expressions from an lvalue or assigns clause target expression.
Definition dfcc_root_object.cpp:133

root_objects_rec
static void root_objects_rec(const exprt &expr, std::unordered_set< exprt, irep_hash > &dest)
Recursively computes a set of root object expressions for expr.
Definition dfcc_root_object.cpp:24

dfcc_root_object.h
Utility functions that compute root object expressions for assigns clause targets and LHS expressions...

expr.h

skip_typecast
const exprt & skip_typecast(const exprt &expr)
find the expression nested inside typecasts, if any
Definition expr_util.cpp:193

expr_util.h
Deprecated expression utility functions.

pointer_arithmetic.h

pointer_expr.h
API to expression classes for Pointers.

DATA_INVARIANT
#define DATA_INVARIANT(CONDITION, REASON)
This condition should be used to document that assumptions that are made on goto_functions,...
Definition invariant.h:534

INVARIANT
#define INVARIANT(CONDITION, REASON)
This macro uses the wrapper function 'invariant_violated_string'.
Definition invariant.h:423

std_code.h

to_index_expr
const index_exprt & to_index_expr(const exprt &expr)
Cast an exprt to an index_exprt.
Definition std_expr.h:1538

to_typecast_expr
const typecast_exprt & to_typecast_expr(const exprt &expr)
Cast an exprt to a typecast_exprt.
Definition std_expr.h:2107

to_if_expr
const if_exprt & to_if_expr(const exprt &expr)
Cast an exprt to an if_exprt.
Definition std_expr.h:2577

to_member_expr
const member_exprt & to_member_expr(const exprt &expr)
Cast an exprt to a member_exprt.
Definition std_expr.h:3063

to_complex_imag_expr
const complex_imag_exprt & to_complex_imag_expr(const exprt &expr)
Cast an exprt to a complex_imag_exprt.
Definition std_expr.h:2053

to_complex_real_expr
const complex_real_exprt & to_complex_real_expr(const exprt &expr)
Cast an exprt to a complex_real_exprt.
Definition std_expr.h:2010

to_symbol_expr
const symbol_exprt & to_symbol_expr(const exprt &expr)
Cast an exprt to a symbol_exprt.
Definition std_expr.h:272

pointer_arithmetict
Definition pointer_arithmetic.h:16

pointer_arithmetict::pointer
exprt pointer
Definition pointer_arithmetic.h:17