cbmc/goto__program__dereference_8cpp_source.html

 /*******************************************************************\


 Module: Dereferencing Operations on GOTO Programs


 Author: Daniel Kroening, kroening@kroening.com


 \*******************************************************************/


 #include "goto_program_dereference.h"


 #include <util/expr_util.h>

 #include <util/options.h>

 #include <util/pointer_expr.h>

 #include <util/std_code.h>

 #include <util/symbol_table.h>


 #include <goto-programs/goto_model.h>


 const symbolt *

 goto_program_dereferencet::get_or_create_failed_symbol(const exprt &expr)

 {

   if(expr.id()==ID_symbol)

   {

     if(expr.get_bool(ID_C_invalid_object))

       return nullptr;


     const symbolt &ptr_symbol = ns.lookup(to_symbol_expr(expr));


     const irep_idt &failed_symbol = ptr_symbol.type.get(ID_C_failed_symbol);


     if(failed_symbol.empty())

       return nullptr;


     const symbolt *symbol = nullptr;

     ns.lookup(failed_symbol, symbol);

     return symbol;

   }


   return nullptr;

 }


 void goto_program_dereferencet::dereference_rec(exprt &expr)

 {

   if(!has_subexpr(expr, ID_dereference))

     return;


   if(expr.id()==ID_and || expr.id()==ID_or)

   {

     if(!expr.is_boolean())

       throw expr.id_string()+" must be Boolean, but got "+

             expr.pretty();


     for(auto &op : expr.operands())

     {

       if(!op.is_boolean())

         throw expr.id_string()+" takes Boolean operands only, but got "+

               op.pretty();


       if(has_subexpr(op, ID_dereference))

         dereference_rec(op);

     }

     return;

   }

   else if(expr.id()==ID_if)

   {

     auto &if_expr = to_if_expr(expr);


     if(!if_expr.cond().is_boolean())

     {

       std::string msg = "first argument of if must be boolean, but got " +

                         if_expr.cond().pretty();

       throw msg;

     }


     dereference_rec(if_expr.cond());


     bool o1 = has_subexpr(if_expr.true_case(), ID_dereference);

     bool o2 = has_subexpr(if_expr.false_case(), ID_dereference);


     if(o1)

       dereference_rec(if_expr.true_case());


     if(o2)

       dereference_rec(if_expr.false_case());


     return;

   }


   if(expr.id() == ID_address_of)

   {

     // turn &*p to p

     // this has *no* side effect!


     if(to_address_of_expr(expr).object().id() == ID_dereference)

       expr = typecast_exprt::conditional_cast(

         to_dereference_expr(to_address_of_expr(expr).object()).pointer(),

         expr.type());

   }


   Forall_operands(it, expr)

     dereference_rec(*it);


   if(expr.id()==ID_dereference)

   {

     expr = dereference.dereference(to_dereference_expr(expr).pointer());

   }

   else if(expr.id()==ID_index)

   {

     // this is old stuff and will go away


     if(to_index_expr(expr).array().type().id() == ID_pointer)

     {

       exprt tmp1(ID_plus, to_index_expr(expr).array().type());

       tmp1.operands().swap(expr.operands());


       exprt tmp2 = dereference.dereference(tmp1);

       tmp2.swap(expr);

     }

   }

 }


 std::vector<exprt>

 goto_program_dereferencet::get_value_set(const exprt &expr) const

 {

   return value_sets.get_values(current_function, current_target, expr);

 }


 void goto_program_dereferencet::dereference_expr(

   exprt &expr,

   const bool checks_only)

 {

   if(checks_only)

   {

     exprt tmp(expr);

     dereference_rec(tmp);

   }

   else

     dereference_rec(expr);

 }


 void goto_program_dereferencet::dereference_program(

   goto_programt &goto_program,

   bool checks_only)

 {

   for(goto_programt::instructionst::iterator

       it=goto_program.instructions.begin();

       it!=goto_program.instructions.end();

       it++)

   {

     new_code.clear();

     dereference_instruction(it, checks_only);


     // insert new instructions

     while(!new_code.instructions.empty())

     {

       goto_program.insert_before_swap(it, new_code.instructions.front());

       new_code.instructions.pop_front();

       it++;

     }

   }

 }


 void goto_program_dereferencet::dereference_program(

   goto_functionst &goto_functions,

   bool checks_only)

 {

   for(goto_functionst::function_mapt::iterator

       it=goto_functions.function_map.begin();

       it!=goto_functions.function_map.end();

       it++)

     dereference_program(it->second.body, checks_only);

 }


 void goto_program_dereferencet::dereference_instruction(

   goto_programt::targett target,

   bool checks_only)

 {

   current_target=target;

   goto_programt::instructiont &i=*target;


   if(i.has_condition())

     dereference_expr(i.condition_nonconst(), checks_only);


   if(i.is_assign())

   {

     dereference_expr(i.assign_lhs_nonconst(), checks_only);

     dereference_expr(i.assign_rhs_nonconst(), checks_only);

   }

   else if(i.is_function_call())

   {

     if(as_const(i).call_lhs().is_not_nil())

       dereference_expr(i.call_lhs(), checks_only);


     dereference_expr(i.call_function(), checks_only);


     for(auto &arg : i.call_arguments())

       dereference_expr(arg, checks_only);

   }

   else if(i.is_set_return_value())

   {

     dereference_expr(i.return_value(), checks_only);

   }

   else if(i.is_other())

   {

     auto code = i.get_other();

     const irep_idt &statement = code.get_statement();


     if(statement==ID_expression)

     {

       if(code.operands().size() != 1)

         throw "expression expects one operand";


       dereference_expr(to_code_expression(code).expression(), checks_only);

     }

     else if(statement==ID_printf)

     {

       for(auto &op : code.operands())

         dereference_expr(op, checks_only);

     }


     i.set_other(code);

   }

 }


 void goto_program_dereferencet::dereference_expression(

   const irep_idt &function_id,

   goto_programt::const_targett target,

   exprt &expr)

 {

   current_function = function_id;

   current_target=target;

   dereference_expr(expr, false);

 }


 void remove_pointers(

   goto_modelt &goto_model,

   value_setst &value_sets,

   message_handlert &message_handler)

 {

   namespacet ns(goto_model.symbol_table);


   optionst options;


   goto_program_dereferencet goto_program_dereference(

     ns, goto_model.symbol_table, options, value_sets, message_handler);


   for(auto &gf_entry : goto_model.goto_functions.function_map)

     goto_program_dereference.dereference_program(gf_entry.second.body);

 }


 void dereference(

   const irep_idt &function_id,

   goto_programt::const_targett target,

   exprt &expr,

   const namespacet &ns,

   value_setst &value_sets,

   message_handlert &message_handler)

 {

   optionst options;

   symbol_tablet new_symbol_table;

   goto_program_dereferencet goto_program_dereference(

     ns, new_symbol_table, options, value_sets, message_handler);

   goto_program_dereference.dereference_expression(function_id, target, expr);

 }

as_const
const T & as_const(T &value)
Return a reference to the same object but ensures the type is const.
Definition: as_const.h:14

dstringt
dstringt has one field, an unsigned integer no which is an index into a static table of strings.
Definition: dstring.h:38

dstringt::empty
bool empty() const
Definition: dstring.h:89

exprt
Base class for all expressions.
Definition: expr.h:56

exprt::is_boolean
bool is_boolean() const
Return whether the expression represents a Boolean.
Definition: expr.h:224

exprt::type
typet & type()
Return the type of the expression.
Definition: expr.h:84

exprt::operands
operandst & operands()
Definition: expr.h:94

goto_functionst
A collection of goto functions.
Definition: goto_functions.h:25

goto_functionst::function_map
function_mapt function_map
Definition: goto_functions.h:29

goto_modelt
Definition: goto_model.h:27

goto_modelt::symbol_table
symbol_tablet symbol_table
Symbol table.
Definition: goto_model.h:31

goto_modelt::goto_functions
goto_functionst goto_functions
GOTO functions.
Definition: goto_model.h:34

goto_program_dereferencet
Wrapper for functions removing dereferences in expressions contained in a goto program.
Definition: goto_program_dereference.h:30

goto_program_dereferencet::dereference_program
void dereference_program(goto_programt &goto_program, bool checks_only=false)
Definition: goto_program_dereference.cpp:158

goto_program_dereferencet::get_or_create_failed_symbol
const symbolt * get_or_create_failed_symbol(const exprt &expr) override
Definition: goto_program_dereference.cpp:25

goto_program_dereferencet::ns
const namespacet & ns
Definition: goto_program_dereference.h:75

goto_program_dereferencet::dereference_expr
void dereference_expr(exprt &expr, const bool checks_only)
Remove dereference expressions contained in expr.
Definition: goto_program_dereference.cpp:145

goto_program_dereferencet::dereference
value_set_dereferencet dereference
Definition: goto_program_dereference.h:77

goto_program_dereferencet::get_value_set
std::vector< exprt > get_value_set(const exprt &expr) const override
Gets the value set corresponding to the current target and expression expr.
Definition: goto_program_dereference.cpp:135

goto_program_dereferencet::dereference_instruction
void dereference_instruction(goto_programt::targett target, bool checks_only=false)
Remove dereference from expressions contained in the instruction at target.
Definition: goto_program_dereference.cpp:195

goto_program_dereferencet::dereference_rec
void dereference_rec(exprt &expr)
Turn subexpression of expr of the form &*p into p and use dereference on subexpressions of the form *...
Definition: goto_program_dereference.cpp:50

goto_program_dereferencet::new_code
goto_programt new_code
Definition: goto_program_dereference.h:93

goto_program_dereferencet::value_sets
value_setst & value_sets
Definition: goto_program_dereference.h:76

goto_program_dereferencet::current_target
goto_programt::const_targett current_target
Definition: goto_program_dereference.h:92

goto_program_dereferencet::dereference_expression
void dereference_expression(const irep_idt &function_id, goto_programt::const_targett target, exprt &expr)
Set the current target to target and remove derefence from expr.
Definition: goto_program_dereference.cpp:247

goto_program_dereferencet::current_function
irep_idt current_function
Definition: goto_program_dereference.h:91

goto_programt::instructiont
This class represents an instruction in the GOTO intermediate representation.
Definition: goto_program.h:181

goto_programt::instructiont::call_lhs
const exprt & call_lhs() const
Get the lhs of a FUNCTION_CALL (may be nil)
Definition: goto_program.h:286

goto_programt::instructiont::is_set_return_value
bool is_set_return_value() const
Definition: goto_program.h:492

goto_programt::instructiont::call_function
const exprt & call_function() const
Get the function that is called for FUNCTION_CALL.
Definition: goto_program.h:272

goto_programt::instructiont::has_condition
bool has_condition() const
Does this instruction have a condition?
Definition: goto_program.h:360

goto_programt::instructiont::assign_rhs_nonconst
exprt & assign_rhs_nonconst()
Get the rhs of the assignment for ASSIGN.
Definition: goto_program.h:221

goto_programt::instructiont::condition_nonconst
exprt & condition_nonconst()
Get the condition of gotos, assume, assert.
Definition: goto_program.h:373

goto_programt::instructiont::return_value
const exprt & return_value() const
Get the return value of a SET_RETURN_VALUE instruction.
Definition: goto_program.h:258

goto_programt::instructiont::is_other
bool is_other() const
Definition: goto_program.h:499

goto_programt::instructiont::get_other
const goto_instruction_codet & get_other() const
Get the statement for OTHER.
Definition: goto_program.h:314

goto_programt::instructiont::is_function_call
bool is_function_call() const
Definition: goto_program.h:494

goto_programt::instructiont::set_other
void set_other(goto_instruction_codet &c)
Set the statement for OTHER.
Definition: goto_program.h:321

goto_programt::instructiont::is_assign
bool is_assign() const
Definition: goto_program.h:493

goto_programt::instructiont::call_arguments
const exprt::operandst & call_arguments() const
Get the arguments of a FUNCTION_CALL.
Definition: goto_program.h:300

goto_programt::instructiont::assign_lhs_nonconst
exprt & assign_lhs_nonconst()
Get the lhs of the assignment for ASSIGN.
Definition: goto_program.h:207

goto_programt
A generic container class for the GOTO intermediate representation of one function.
Definition: goto_program.h:73

goto_programt::instructions
instructionst instructions
The list of instructions in the goto program.
Definition: goto_program.h:622

goto_programt::clear
void clear()
Clear the goto program.
Definition: goto_program.h:820

goto_programt::insert_before_swap
void insert_before_swap(targett target)
Insertion that preserves jumps to "target".
Definition: goto_program.h:643

goto_programt::targett
instructionst::iterator targett
Definition: goto_program.h:614

goto_programt::const_targett
instructionst::const_iterator const_targett
Definition: goto_program.h:615

irept::get_bool
bool get_bool(const irep_idt &name) const
Definition: irep.cpp:57

irept::pretty
std::string pretty(unsigned indent=0, unsigned max_indent=0) const
Definition: irep.cpp:482

irept::get
const irep_idt & get(const irep_idt &name) const
Definition: irep.cpp:44

irept::id_string
const std::string & id_string() const
Definition: irep.h:391

irept::id
const irep_idt & id() const
Definition: irep.h:388

irept::swap
void swap(irept &irep)
Definition: irep.h:434

message_handlert
Definition: message.h:27

namespacet
A namespacet is essentially one or two symbol tables bound together, to allow for symbol lookups in t...
Definition: namespace.h:94

namespacet::lookup
bool lookup(const irep_idt &name, const symbolt *&symbol) const override
See documentation for namespace_baset::lookup().
Definition: namespace.cpp:148

optionst
Definition: options.h:23

symbol_tablet
The symbol table.
Definition: symbol_table.h:14

symbolt
Symbol table entry.
Definition: symbol.h:28

symbolt::type
typet type
Type of symbol.
Definition: symbol.h:31

typecast_exprt::conditional_cast
static exprt conditional_cast(const exprt &expr, const typet &type)
Definition: std_expr.h:2081

value_set_dereferencet::dereference
exprt dereference(const exprt &pointer, bool display_points_to_sets=false)
Dereference the given pointer-expression.
Definition: value_set_dereference.cpp:143

value_setst
Definition: value_sets.h:22

value_setst::get_values
virtual std::vector< exprt > get_values(const irep_idt &function_id, goto_programt::const_targett l, const exprt &expr)=0

Forall_operands
#define Forall_operands(it, expr)
Definition: expr.h:27

has_subexpr
bool has_subexpr(const exprt &expr, const std::function< bool(const exprt &)> &pred)
returns true if the expression has a subexpression that satisfies pred
Definition: expr_util.cpp:115

expr_util.h
Deprecated expression utility functions.

goto_model.h
Symbol Table + CFG.

dereference
void dereference(const irep_idt &function_id, goto_programt::const_targett target, exprt &expr, const namespacet &ns, value_setst &value_sets, message_handlert &message_handler)
Remove dereferences in expr using value_sets to determine to what objects the pointers may be pointin...
Definition: goto_program_dereference.cpp:278

remove_pointers
void remove_pointers(goto_modelt &goto_model, value_setst &value_sets, message_handlert &message_handler)
Remove dereferences in all expressions contained in the program goto_model.
Definition: goto_program_dereference.cpp:260

goto_program_dereference.h
Value Set.

options.h
Options.

pointer_expr.h
API to expression classes for Pointers.

to_dereference_expr
const dereference_exprt & to_dereference_expr(const exprt &expr)
Cast an exprt to a dereference_exprt.
Definition: pointer_expr.h:890

to_address_of_expr
const address_of_exprt & to_address_of_expr(const exprt &expr)
Cast an exprt to an address_of_exprt.
Definition: pointer_expr.h:577

std_code.h

to_code_expression
code_expressiont & to_code_expression(codet &code)
Definition: std_code.h:1428

to_if_expr
const if_exprt & to_if_expr(const exprt &expr)
Cast an exprt to an if_exprt.
Definition: std_expr.h:2455

to_symbol_expr
const symbol_exprt & to_symbol_expr(const exprt &expr)
Cast an exprt to a symbol_exprt.
Definition: std_expr.h:272

to_index_expr
const index_exprt & to_index_expr(const exprt &expr)
Cast an exprt to an index_exprt.
Definition: std_expr.h:1538

symbol_table.h
Author: Diffblue Ltd.