cbmc/mm__io_8cpp_source.html

/*******************************************************************\


Module: Perform Memory-mapped I/O instrumentation


Author: Daniel Kroening


Date:   April 2017


\*******************************************************************/


#include "mm_io.h"


#include <util/fresh_symbol.h>

#include <util/message.h>

#include <util/pointer_expr.h>

#include <util/pointer_offset_size.h>

#include <util/pointer_predicates.h>

#include <util/replace_expr.h>


#include "goto_model.h"


#include <set>


class mm_iot

{

public:

  explicit mm_iot(symbol_table_baset &symbol_table);


  void mm_io(goto_functionst::goto_functiont &goto_function);


  std::size_t reads_replaced = 0;

  std::size_t writes_replaced = 0;


protected:

  const irep_idt id_r = CPROVER_PREFIX "mm_io_r";

  const irep_idt id_w = CPROVER_PREFIX "mm_io_w";


  const namespacet ns;

  exprt mm_io_r;

  exprt mm_io_r_value;

  exprt mm_io_w;

};

class mm_iot {…};


mm_iot::mm_iot(symbol_table_baset &symbol_table)

  : ns(symbol_table),

    mm_io_r(nil_exprt{}),

    mm_io_r_value(nil_exprt{}),

    mm_io_w(nil_exprt{})

{

  if(const auto mm_io_r_symbol = symbol_table.lookup(id_r))

  {

    mm_io_r = mm_io_r_symbol->symbol_expr();


    mm_io_r_value = get_fresh_aux_symbol(

                      to_code_type(mm_io_r.type()).return_type(),

                      id2string(id_r) + "$value",

                      id2string(id_r) + "$value",

                      mm_io_r_symbol->location,

                      mm_io_r_symbol->mode,

                      symbol_table)

                      .symbol_expr();

  }


  if(const auto mm_io_w_symbol = symbol_table.lookup(id_w))

    mm_io_w = mm_io_w_symbol->symbol_expr();

}

mm_iot::mm_iot(symbol_table_baset &symbol_table) {…}


static std::set<dereference_exprt> collect_deref_expr(const exprt &src)

{

  std::set<dereference_exprt> collected;

  src.visit_pre([&collected](const exprt &e) {

    if(e.id() == ID_dereference)

      collected.insert(to_dereference_expr(e));

  });

  return collected;

}

static std::set<dereference_exprt> collect_deref_expr(const exprt &src) {…}


void mm_iot::mm_io(goto_functionst::goto_functiont &goto_function)

{

  // return early when there is nothing to be done

  if(mm_io_r.is_nil() && mm_io_w.is_nil())

    return;


  for(auto it = goto_function.body.instructions.begin();

      it != goto_function.body.instructions.end();

      it++)

  {

    if(!it->is_assign())

      continue;


    auto &a_lhs = it->assign_lhs();

    auto &a_rhs = it->assign_rhs_nonconst();

    const auto deref_expr_r = collect_deref_expr(a_rhs);


    if(mm_io_r.is_not_nil())

    {

      if(deref_expr_r.size() == 1)

      {

        const dereference_exprt &d = *deref_expr_r.begin();

        source_locationt source_location = it->source_location();

        const code_typet &ct = to_code_type(mm_io_r.type());


        if_exprt if_expr(

          integer_address(d.pointer()),

          typecast_exprt::conditional_cast(mm_io_r_value, d.type()),

          d);

        replace_expr(d, if_expr, a_rhs);


        const typet &pt = ct.parameters()[0].type();

        const typet &st = ct.parameters()[1].type();

        auto size_opt = size_of_expr(d.type(), ns);

        CHECK_RETURN(size_opt.has_value());

        auto call = goto_programt::make_function_call(

          mm_io_r_value,

          mm_io_r,

          {typecast_exprt(d.pointer(), pt),

           typecast_exprt(size_opt.value(), st)},

          source_location);

        goto_function.body.insert_before_swap(it, call);

        ++reads_replaced;

        it++;

      }

    }


    if(mm_io_w.is_not_nil())

    {

      if(a_lhs.id() == ID_dereference)

      {

        const dereference_exprt &d = to_dereference_expr(a_lhs);

        source_locationt source_location = it->source_location();

        const code_typet &ct = to_code_type(mm_io_w.type());

        const typet &pt = ct.parameters()[0].type();

        const typet &st = ct.parameters()[1].type();

        const typet &vt = ct.parameters()[2].type();

        auto size_opt = size_of_expr(d.type(), ns);

        CHECK_RETURN(size_opt.has_value());

        const code_function_callt fc(

          mm_io_w,

          {typecast_exprt(d.pointer(), pt),

           typecast_exprt(size_opt.value(), st),

           typecast_exprt(a_rhs, vt)});

        goto_function.body.insert_before_swap(it);

        *it = goto_programt::make_function_call(fc, source_location);

        ++writes_replaced;

        it++;

      }

    }

  }

}

void mm_iot::mm_io(goto_functionst::goto_functiont &goto_function) {…}


void mm_io(

  symbol_tablet &symbol_table,

  goto_functionst &goto_functions,

  message_handlert &message_handler)

{

  mm_iot rewrite{symbol_table};


  for(auto &f : goto_functions.function_map)

    rewrite.mm_io(f.second);


  if(rewrite.reads_replaced || rewrite.writes_replaced)

  {

    messaget log{message_handler};

    log.status() << "Replaced MMIO operations: " << rewrite.reads_replaced

                 << " read(s), " << rewrite.writes_replaced << " write(s)"

                 << messaget::eom;

  }

}

void mm_io( {…}


void mm_io(goto_modelt &model, message_handlert &message_handler)

{

  mm_io(model.symbol_table, model.goto_functions, message_handler);

}

void mm_io(goto_modelt &model, message_handlert &message_handler) {…}

ait
ait supplies three of the four components needed: an abstract interpreter (in this case handling func...
Definition ai.h:562

code_function_callt
goto_instruction_codet representation of a function call statement.
Definition goto_instruction_code.h:271

code_typet
Base type of functions.
Definition std_types.h:583

dereference_exprt
Operator to dereference a pointer.
Definition pointer_expr.h:834

dereference_exprt::pointer
exprt & pointer()
Definition pointer_expr.h:847

dstringt
dstringt has one field, an unsigned integer no which is an index into a static table of strings.
Definition dstring.h:38

exprt
Base class for all expressions.
Definition expr.h:56

exprt::visit_pre
void visit_pre(std::function< void(exprt &)>)
Definition expr.cpp:227

exprt::type
typet & type()
Return the type of the expression.
Definition expr.h:84

goto_functionst
A collection of goto functions.
Definition goto_functions.h:25

goto_functionst::function_map
function_mapt function_map
Definition goto_functions.h:29

goto_functionst::goto_functiont
::goto_functiont goto_functiont
Definition goto_functions.h:27

goto_modelt
Definition goto_model.h:27

goto_modelt::symbol_table
symbol_tablet symbol_table
Symbol table.
Definition goto_model.h:31

goto_modelt::goto_functions
goto_functionst goto_functions
GOTO functions.
Definition goto_model.h:34

goto_programt::make_function_call
static instructiont make_function_call(const code_function_callt &_code, const source_locationt &l=source_locationt::nil())
Create a function call instruction.
Definition goto_program.h:1089

if_exprt
The trinary if-then-else operator.
Definition std_expr.h:2497

irept::is_not_nil
bool is_not_nil() const
Definition irep.h:372

irept::id
const irep_idt & id() const
Definition irep.h:388

irept::is_nil
bool is_nil() const
Definition irep.h:368

message_handlert
Definition message.h:27

messaget
Class that provides messages with a built-in verbosity 'level'.
Definition message.h:154

messaget::eom
static eomt eom
Definition message.h:289

mm_iot
Definition mm_io.cpp:28

mm_iot::id_r
const irep_idt id_r
Definition mm_io.cpp:38

mm_iot::id_w
const irep_idt id_w
Definition mm_io.cpp:39

mm_iot::reads_replaced
std::size_t reads_replaced
Definition mm_io.cpp:34

mm_iot::mm_io_r
exprt mm_io_r
Definition mm_io.cpp:42

mm_iot::mm_iot
mm_iot(symbol_table_baset &symbol_table)
Definition mm_io.cpp:47

mm_iot::writes_replaced
std::size_t writes_replaced
Definition mm_io.cpp:35

mm_iot::mm_io_r_value
exprt mm_io_r_value
Definition mm_io.cpp:43

mm_iot::mm_io
void mm_io(goto_functionst::goto_functiont &goto_function)
Definition mm_io.cpp:81

mm_iot::mm_io_w
exprt mm_io_w
Definition mm_io.cpp:44

mm_iot::ns
const namespacet ns
Definition mm_io.cpp:41

namespacet
A namespacet is essentially one or two symbol tables bound together, to allow for symbol lookups in t...
Definition namespace.h:91

nil_exprt
The NIL expression.
Definition std_expr.h:3208

source_locationt
Definition source_location.h:20

symbol_table_baset
The symbol table base class interface.
Definition symbol_table_base.h:23

symbol_table_baset::lookup
const symbolt * lookup(const irep_idt &name) const
Find a symbol in the symbol table for read-only access.
Definition symbol_table_base.h:96

symbol_tablet
The symbol table.
Definition symbol_table.h:14

symbolt::symbol_expr
class symbol_exprt symbol_expr() const
Produces a symbol_exprt for a symbol.
Definition symbol.cpp:121

typecast_exprt
Semantic type conversion.
Definition std_expr.h:2073

typecast_exprt::conditional_cast
static exprt conditional_cast(const exprt &expr, const typet &type)
Definition std_expr.h:2081

typet
The type of an expression, extends irept.
Definition type.h:29

CPROVER_PREFIX
#define CPROVER_PREFIX
Definition cprover_prefix.h:14

get_fresh_aux_symbol
symbolt & get_fresh_aux_symbol(const typet &type, const std::string &name_prefix, const std::string &basename_prefix, const source_locationt &source_location, const irep_idt &symbol_mode, const namespacet &ns, symbol_table_baset &symbol_table)
Installs a fresh-named symbol with respect to the given namespace ns with the requested name pattern ...
Definition fresh_symbol.cpp:32

fresh_symbol.h
Fresh auxiliary symbol creation.

goto_model.h
Symbol Table + CFG.

id2string
const std::string & id2string(const irep_idt &d)
Definition irep.h:44

log
double log(double x)
Definition math.c:2449

mm_io
void mm_io(symbol_tablet &symbol_table, goto_functionst &goto_functions, message_handlert &message_handler)
Definition mm_io.cpp:154

collect_deref_expr
static std::set< dereference_exprt > collect_deref_expr(const exprt &src)
Definition mm_io.cpp:71

mm_io.h
Perform Memory-mapped I/O instrumentation.

pointer_expr.h
API to expression classes for Pointers.

to_dereference_expr
const dereference_exprt & to_dereference_expr(const exprt &expr)
Cast an exprt to a dereference_exprt.
Definition pointer_expr.h:890

size_of_expr
std::optional< exprt > size_of_expr(const typet &type, const namespacet &ns)
Definition pointer_offset_size.cpp:287

pointer_offset_size.h
Pointer Logic.

integer_address
exprt integer_address(const exprt &pointer)
Definition pointer_predicates.cpp:65

pointer_predicates.h
Various predicates over pointers in programs.

replace_expr
bool replace_expr(const exprt &what, const exprt &by, exprt &dest)
Definition replace_expr.cpp:12

replace_expr.h

CHECK_RETURN
#define CHECK_RETURN(CONDITION)
Definition invariant.h:495

message.h

to_code_type
const code_typet & to_code_type(const typet &type)
Cast a typet to a code_typet.
Definition std_types.h:788