CBMC
Loading...
Searching...
No Matches
recursive_initialization.cpp
Go to the documentation of this file.
1/******************************************************************\
2
3Module: recursive_initialization
4
5Author: Diffblue Ltd.
6
7\******************************************************************/
8
9#include "recursive_initialization.h"
10
11#include <goto-programs/name_mangler.h>
12
13#include <util/arith_tools.h>
14#include <util/c_types.h>
15#include <util/fresh_symbol.h>
16#include <util/irep.h>
17#include <util/optional_utils.h>
18#include <util/pointer_expr.h>
19#include <util/pointer_offset_size.h>
20#include <util/rename.h>
21#include <util/std_code.h>
22#include <util/string2int.h>
23#include <util/string_utils.h>
24
25#include <iterator>
26
27#include "common_harness_generator_options.h"
28#include "goto_harness_generator.h"
29
30bool recursive_initialization_configt::handle_option(
31 const std::string &option,
32 const std::list<std::string> &values)
33{
34 if(option == COMMON_HARNESS_GENERATOR_MIN_NULL_TREE_DEPTH_OPT)
35 {
36 auto const value =
37 harness_options_parser::require_exactly_one_value(option, values);
38 auto const user_min_null_tree_depth =
39 string2optional<std::size_t>(value, 10);
40 if(user_min_null_tree_depth.has_value())
41 {
42 min_null_tree_depth = user_min_null_tree_depth.value();
43 }
44 else
45 {
46 throw invalid_command_line_argument_exceptiont{
47 "failed to convert '" + value + "' to integer",
48 "--" COMMON_HARNESS_GENERATOR_MIN_NULL_TREE_DEPTH_OPT};
49 }
50 return true;
51 }
52 else if(option == COMMON_HARNESS_GENERATOR_MAX_NONDET_TREE_DEPTH_OPT)
53 {
54 auto const value =
55 harness_options_parser::require_exactly_one_value(option, values);
56 auto const user_max_nondet_tree_depth =
57 string2optional<std::size_t>(value, 10);
58 if(user_max_nondet_tree_depth.has_value())
59 {
60 max_nondet_tree_depth = user_max_nondet_tree_depth.value();
61 }
62 else
63 {
64 throw invalid_command_line_argument_exceptiont{
65 "failed to convert '" + value + "' to integer",
66 "--" COMMON_HARNESS_GENERATOR_MAX_NONDET_TREE_DEPTH_OPT};
67 }
68 return true;
69 }
70 else if(option == COMMON_HARNESS_GENERATOR_MAX_ARRAY_SIZE_OPT)
71 {
72 max_dynamic_array_size = harness_options_parser::require_one_size_value(
73 COMMON_HARNESS_GENERATOR_MAX_ARRAY_SIZE_OPT, values);
74 return true;
75 }
76 else if(option == COMMON_HARNESS_GENERATOR_MIN_ARRAY_SIZE_OPT)
77 {
78 min_dynamic_array_size = harness_options_parser::require_one_size_value(
79 COMMON_HARNESS_GENERATOR_MIN_ARRAY_SIZE_OPT, values);
80 return true;
81 }
82 else if(option == COMMON_HARNESS_GENERATOR_FUNCTION_POINTER_CAN_BE_NULL_OPT)
83 {
84 std::transform(
85 values.begin(),
86 values.end(),
87 std::inserter(
88 potential_null_function_pointers,
89 potential_null_function_pointers.end()),
90 [](const std::string &opt) -> irep_idt { return irep_idt{opt}; });
91 return true;
92 }
93 else if(option == COMMON_HARNESS_GENERATOR_HAVOC_MEMBER_OPT)
94 {
95 const auto list_of_members_string =
96 harness_options_parser::require_exactly_one_value(
97 COMMON_HARNESS_GENERATOR_HAVOC_MEMBER_OPT, values);
98 const auto list_of_members = split_string(list_of_members_string, ',');
99 for(const auto &member : list_of_members)
100 {
101 const auto selection_spec_strings = split_string(member, '.');
102
103 selection_specs.push_back({});
104 auto &selection_spec = selection_specs.back();
105 std::transform(
106 selection_spec_strings.begin(),
107 selection_spec_strings.end(),
108 std::back_inserter(selection_spec),
109 [](const std::string &member_name_string) {
110 return irep_idt{member_name_string};
111 });
112 }
113 return true;
114 }
115 return false;
116}
117
118recursive_initializationt::recursive_initializationt(
119 recursive_initialization_configt initialization_config,
120 goto_modelt &goto_model)
121 : initialization_config(std::move(initialization_config)),
122 goto_model(goto_model),
123 max_depth_var_name(get_fresh_global_name(
124 "max_depth",
125 from_integer(
126 initialization_config.max_nondet_tree_depth,
127 signed_int_type()))),
128 min_depth_var_name(get_fresh_global_name(
129 "min_depth",
130 from_integer(
131 initialization_config.min_null_tree_depth,
132 signed_int_type())))
133{
134 common_arguments_origins.resize(
135 this->initialization_config.pointers_to_treat_equal.size());
136}
137
138void recursive_initializationt::initialize(
139 const exprt &lhs,
140 const exprt &depth,
141 code_blockt &body)
142{
143 if(lhs.id() == ID_symbol && !initialization_config.selection_specs.empty())
144 {
145 auto lhs_id = to_symbol_expr(lhs).get_identifier();
146 for(const auto &selection_spec : initialization_config.selection_specs)
147 {
148 if(selection_spec.front() == lhs_id)
149 {
150 initialize_selected_member(lhs, depth, body, selection_spec);
151 return;
152 }
153 }
154 }
155 // special handling for the case that pointer arguments should be treated
156 // equal: if the equality is enforced (rather than the pointers may be equal),
157 // then we don't even build the constructor functions
158 if(lhs.id() == ID_symbol)
159 {
160 const auto maybe_cluster_index =
161 find_equal_cluster(to_symbol_expr(lhs).get_identifier());
162 if(maybe_cluster_index.has_value())
163 {
164 if(common_arguments_origins[*maybe_cluster_index].has_value())
165 {
166 const auto set_equal_case =
167 code_assignt{lhs, *common_arguments_origins[*maybe_cluster_index]};
168 if(initialization_config.arguments_may_be_equal)
169 {
170 const irep_idt &fun_name = build_constructor(lhs);
171 const symbolt &fun_symbol =
172 goto_model.symbol_table.lookup_ref(fun_name);
173 const auto proper_init_case = code_function_callt{
174 fun_symbol.symbol_expr(), {depth, address_of_exprt{lhs}}};
175 const auto should_make_equal =
176 get_fresh_local_typed_symexpr("should_make_equal", bool_typet{});
177 body.add(code_declt{should_make_equal});
178 body.add(code_ifthenelset{
179 should_make_equal, set_equal_case, proper_init_case});
180 }
181 else
182 {
183 body.add(set_equal_case);
184 }
185 return;
186 }
187 else
188 {
189 common_arguments_origins[*maybe_cluster_index] = lhs;
190 }
191 }
192 }
193
194 const irep_idt &fun_name = build_constructor(lhs);
195 const symbolt &fun_symbol = goto_model.symbol_table.lookup_ref(fun_name);
196
197 if(lhs.id() == ID_symbol)
198 {
199 const irep_idt &lhs_name = to_symbol_expr(lhs).get_identifier();
200 if(should_be_treated_as_array(lhs_name))
201 {
202 auto size_var = get_associated_size_variable(lhs_name);
203 if(size_var.has_value())
204 {
205 const symbol_exprt &size_symbol =
206 goto_model.symbol_table.lookup_ref(size_var.value()).symbol_expr();
207 body.add(code_function_callt{
208 fun_symbol.symbol_expr(),
209 {depth, address_of_exprt{lhs}, address_of_exprt{size_symbol}}});
210 }
211 else
212 {
213 const auto &fun_type_params =
214 to_code_type(fun_symbol.type).parameters();
215 const pointer_typet *size_var_type =
216 type_try_dynamic_cast<pointer_typet>(fun_type_params.back().type());
217 INVARIANT(size_var_type, "Size parameter must have pointer type.");
218 body.add(code_function_callt{
219 fun_symbol.symbol_expr(),
220 {depth, address_of_exprt{lhs}, null_pointer_exprt{*size_var_type}}});
221 }
222 return;
223 }
224 for(const auto &irep_pair :
225 initialization_config.array_name_to_associated_array_size_variable)
226 {
227 // skip initialisation of array-size variables
228 if(irep_pair.second == lhs_name)
229 return;
230 }
231 }
232 body.add(code_function_callt{fun_symbol.symbol_expr(),
233 {depth, address_of_exprt{lhs}}});
234}
235
245
246code_blockt recursive_initializationt::build_constructor_body(
247 const exprt &depth_symbol,
248 const symbol_exprt &result_symbol,
249 const std::optional<exprt> &size_symbol,
250 const std::optional<irep_idt> &lhs_name,
251 const bool is_nullable)
252{
253 PRECONDITION(result_symbol.type().id() == ID_pointer);
254 const typet &type = to_pointer_type(result_symbol.type()).base_type();
255 if(type.id() == ID_struct_tag)
256 {
257 return build_struct_constructor(depth_symbol, result_symbol);
258 }
259 else if(type.id() == ID_pointer)
260 {
261 if(to_pointer_type(type).base_type().id() == ID_code)
262 {
263 return build_function_pointer_constructor(result_symbol, is_nullable);
264 }
265 if(to_pointer_type(type).base_type().id() == ID_empty)
266 {
267 // always initalize void* pointers as NULL
268 return build_null_pointer(result_symbol);
269 }
270 if(lhs_name.has_value())
271 {
272 if(should_be_treated_as_array(*lhs_name))
273 {
274 CHECK_RETURN(size_symbol.has_value());
275 return build_dynamic_array_constructor(
276 depth_symbol, result_symbol, *size_symbol, lhs_name);
277 }
278 }
279 return build_pointer_constructor(depth_symbol, result_symbol);
280 }
281 else if(type.id() == ID_array)
282 {
283 return build_array_constructor(depth_symbol, result_symbol);
284 }
285 else
286 {
287 return build_nondet_constructor(result_symbol);
288 }
289}
290
291irep_idt recursive_initializationt::build_constructor(const exprt &expr)
292{
293 // for `expr` of type T builds a declaration of a function:
294 //
295 // void type_constructor_T(int depth_T, T *result);
296 //
297 // or in case a `size` is associated with the `expr`
298 //
299 // void type_constructor_T(int depth_T, T *result_T, int *size);
300 std::optional<irep_idt> size_var;
301 std::optional<irep_idt> expr_name;
302 bool is_nullable = false;
303 bool has_size_param = false;
304 if(expr.id() == ID_symbol)
305 {
306 expr_name = to_symbol_expr(expr).get_identifier();
307 is_nullable = initialization_config.potential_null_function_pointers.count(
308 expr_name.value());
309 if(should_be_treated_as_array(*expr_name))
310 {
311 size_var = get_associated_size_variable(*expr_name);
312 has_size_param = true;
313 }
314 }
315 const typet &type = expr.type();
316 const constructor_keyt key{type, is_nullable, has_size_param};
317 if(type_constructor_names.find(key) != type_constructor_names.end())
318 return type_constructor_names[key];
319
320 const std::string &pretty_type = type2id(type);
321 symbolt &depth_symbol =
322 get_fresh_param_symbol("depth_" + pretty_type, signed_int_type());
323 depth_symbol.value = from_integer(0, signed_int_type());
324
325 code_typet::parameterst fun_params;
326 code_typet::parametert depth_parameter{signed_int_type()};
327 depth_parameter.set_identifier(depth_symbol.name);
328 fun_params.push_back(depth_parameter);
329
330 const typet &result_type = pointer_type(type);
331 const symbolt &result_symbol =
332 get_fresh_param_symbol("result_" + pretty_type, result_type);
333 code_typet::parametert result_parameter{result_type};
334 result_parameter.set_identifier(result_symbol.name);
335 fun_params.push_back(result_parameter);
336
337 auto &symbol_table = goto_model.symbol_table;
338 std::optional<exprt> size_symbol_expr;
339 if(expr_name.has_value() && should_be_treated_as_array(*expr_name))
340 {
341 typet size_var_type;
342 if(size_var.has_value())
343 {
344 const symbol_exprt &size_var_symbol_expr =
345 symbol_table.lookup_ref(*size_var).symbol_expr();
346 size_var_type = pointer_type(size_var_symbol_expr.type());
347 }
348 else
349 size_var_type = pointer_type(signed_int_type());
350
351 const symbolt &size_symbol =
352 get_fresh_param_symbol("size_" + pretty_type, size_var_type);
353 fun_params.push_back(code_typet::parametert{size_var_type});
354 fun_params.back().set_identifier(size_symbol.name);
355 size_symbol_expr = size_symbol.symbol_expr();
356 }
357 const symbolt &function_symbol = get_fresh_fun_symbol(
358 "type_constructor_" + pretty_type, code_typet{fun_params, empty_typet{}});
359 type_constructor_names[key] = function_symbol.name;
360 symbolt *mutable_symbol = symbol_table.get_writeable(function_symbol.name);
361
362 // the body is specific for each type of expression
363 mutable_symbol->value = build_constructor_body(
364 depth_symbol.symbol_expr(),
365 result_symbol.symbol_expr(),
366 size_symbol_expr,
367 // the expression name may be needed to decide if expr should be treated as
368 // a string
369 expr_name,
370 is_nullable);
371
372 return type_constructor_names.at(key);
373}
374
375bool recursive_initializationt::should_be_treated_as_array(
376 const irep_idt &array_name) const
377{
378 return initialization_config.pointers_to_treat_as_arrays.find(array_name) !=
379 initialization_config.pointers_to_treat_as_arrays.end();
380}
381
382std::optional<recursive_initializationt::equal_cluster_idt>
383recursive_initializationt::find_equal_cluster(const irep_idt &name) const
384{
385 for(equal_cluster_idt index = 0;
386 index != initialization_config.pointers_to_treat_equal.size();
387 ++index)
388 {
389 if(initialization_config.pointers_to_treat_equal[index].count(name) != 0)
390 return index;
391 }
392 return {};
393}
394
395bool recursive_initializationt::is_array_size_parameter(
396 const irep_idt &cmdline_arg) const
397{
398 return initialization_config.variables_that_hold_array_sizes.find(
399 cmdline_arg) !=
400 initialization_config.variables_that_hold_array_sizes.end();
401}
402
403std::optional<irep_idt> recursive_initializationt::get_associated_size_variable(
404 const irep_idt &array_name) const
405{
406 return optional_lookup(
407 initialization_config.array_name_to_associated_array_size_variable,
408 array_name);
409}
410
411bool recursive_initializationt::should_be_treated_as_cstring(
412 const irep_idt &pointer_name) const
413{
414 return initialization_config.pointers_to_treat_as_cstrings.count(
415 pointer_name) != 0;
416}
417
418std::string recursive_initialization_configt::to_string() const
419{
420 std::ostringstream out{};
421 out << "recursive_initialization_config {"
422 << "\n min_null_tree_depth = " << min_null_tree_depth
423 << "\n max_nondet_tree_depth = " << max_nondet_tree_depth
424 << "\n mode = " << mode
425 << "\n max_dynamic_array_size = " << max_dynamic_array_size
426 << "\n min_dynamic_array_size = " << min_dynamic_array_size
427 << "\n pointers_to_treat_as_arrays = [";
428 for(auto const &pointer : pointers_to_treat_as_arrays)
429 {
430 out << "\n " << pointer;
431 }
432 out << "\n ]"
433 << "\n variables_that_hold_array_sizes = [";
434 for(auto const &array_size : variables_that_hold_array_sizes)
435 {
436 out << "\n " << array_size;
437 }
438 out << "\n ]";
439 out << "\n array_name_to_associated_size_variable = [";
440 for(auto const &associated_array_size :
441 array_name_to_associated_array_size_variable)
442 {
443 out << "\n " << associated_array_size.first << " -> "
444 << associated_array_size.second;
445 }
446 out << "\n ]";
447 out << "\n pointers_to_treat_as_cstrings = [";
448 for(const auto &pointer_to_treat_as_string_name :
449 pointers_to_treat_as_cstrings)
450 {
451 out << "\n " << pointer_to_treat_as_string_name << std::endl;
452 }
453 out << "\n ]";
454 out << "\n}";
455 return out.str();
456}
457
458static symbolt &get_fresh_global_symbol(
459 symbol_tablet &symbol_table,
460 const std::string &symbol_base_name,
461 typet symbol_type,
462 irep_idt mode)
463{
464 source_locationt source_location{};
465 source_location.set_file(GOTO_HARNESS_PREFIX "harness.c");
466 symbolt &fresh_symbol = get_fresh_aux_symbol(
467 std::move(symbol_type),
468 GOTO_HARNESS_PREFIX,
469 symbol_base_name,
470 source_locationt{},
471 mode,
472 symbol_table);
473 fresh_symbol.base_name = fresh_symbol.pretty_name = symbol_base_name;
474 fresh_symbol.is_static_lifetime = true;
475 fresh_symbol.is_lvalue = true;
476 fresh_symbol.is_auxiliary = false;
477 fresh_symbol.is_file_local = false;
478 fresh_symbol.is_thread_local = false;
479 fresh_symbol.is_state_var = false;
480 fresh_symbol.module = GOTO_HARNESS_PREFIX "harness";
481 fresh_symbol.location = std::move(source_location);
482 return fresh_symbol;
483}
484
485irep_idt recursive_initializationt::get_fresh_global_name(
486 const std::string &symbol_name,
487 const exprt &initial_value) const
488{
489 auto &fresh_symbol = get_fresh_global_symbol(
490 goto_model.symbol_table,
491 symbol_name,
492 signed_int_type(), // FIXME why always signed_int_type???
493 initialization_config.mode);
494 fresh_symbol.value = initial_value;
495 return fresh_symbol.name;
496}
497
498symbol_exprt recursive_initializationt::get_fresh_global_symexpr(
499 const std::string &symbol_name) const
500{
501 auto &fresh_symbol = get_fresh_global_symbol(
502 goto_model.symbol_table,
503 symbol_name,
504 signed_int_type(),
505 initialization_config.mode);
506 fresh_symbol.value = from_integer(0, signed_int_type());
507 return fresh_symbol.symbol_expr();
508}
509
510symbol_exprt recursive_initializationt::get_fresh_local_symexpr(
511 const std::string &symbol_name) const
512{
513 symbolt &fresh_symbol = get_fresh_aux_symbol(
514 signed_int_type(),
515 GOTO_HARNESS_PREFIX,
516 symbol_name,
517 source_locationt{},
518 initialization_config.mode,
519 goto_model.symbol_table);
520 fresh_symbol.is_lvalue = true;
521 fresh_symbol.value = from_integer(0, signed_int_type());
522 return fresh_symbol.symbol_expr();
523}
524
525symbol_exprt recursive_initializationt::get_fresh_local_typed_symexpr(
526 const std::string &symbol_name,
527 const typet &type) const
528{
529 symbolt &fresh_symbol = get_fresh_aux_symbol(
530 type,
531 GOTO_HARNESS_PREFIX,
532 symbol_name,
533 source_locationt{},
534 initialization_config.mode,
535 goto_model.symbol_table);
536 fresh_symbol.is_lvalue = true;
537 fresh_symbol.mode = initialization_config.mode;
538 return fresh_symbol.symbol_expr();
539}
540
541const symbolt &recursive_initializationt::get_fresh_fun_symbol(
542 const std::string &fun_name,
543 const typet &fun_type)
544{
545 irep_idt fresh_name =
546 get_new_name(fun_name, namespacet{goto_model.symbol_table}, '_');
547
548 // create the function symbol
549 symbolt function_symbol{};
550 function_symbol.name = function_symbol.base_name =
551 function_symbol.pretty_name = fresh_name;
552
553 function_symbol.is_lvalue = true;
554 function_symbol.mode = initialization_config.mode;
555 function_symbol.type = fun_type;
556
557 auto r = goto_model.symbol_table.insert(function_symbol);
558 CHECK_RETURN(r.second);
559 return *goto_model.symbol_table.lookup(fresh_name);
560}
561
579
580symbol_exprt
587
588std::string recursive_initializationt::type2id(const typet &type) const
589{
590 if(type.id() == ID_struct_tag)
591 {
592 auto st_tag = id2string(to_struct_tag_type(type).get_identifier());
593 std::replace(st_tag.begin(), st_tag.end(), '-', '_');
594 return st_tag;
595 }
596 else if(type.id() == ID_pointer)
597 return "ptr_" + type2id(to_pointer_type(type).base_type());
598 else if(type.id() == ID_array)
599 {
600 const auto array_size =
601 numeric_cast_v<std::size_t>(to_constant_expr(to_array_type(type).size()));
602 return "arr_" + type2id(to_array_type(type).element_type()) + "_" +
603 std::to_string(array_size);
604 }
605 else if(type == char_type())
606 return "char";
607 else if(type.id() == ID_signedbv)
608 return "int";
609 else if(type.id() == ID_unsignedbv)
610 return "uint";
611 else
612 return "";
613}
614
615code_blockt recursive_initializationt::build_pointer_constructor(
616 const exprt &depth,
617 const symbol_exprt &result)
618{
619 PRECONDITION(result.type().id() == ID_pointer);
620 const typet &type = to_pointer_type(result.type()).base_type();
621 PRECONDITION(type.id() == ID_pointer);
622 PRECONDITION(to_pointer_type(type).base_type().id() != ID_empty);
623
624 code_blockt body{};
625 // build:
626 // void type_constructor_ptr_T(int depth, T** result)
627 // {
628 // if(has_seen && depth >= max_depth)
629 // *result=NULL;
630 // return
631 // if(nondet()) {
632 // size_t has_seen_prev;
633 // has_seen_prev = T_has_seen;
634 // T_has_seen = 1;
635 // *result = malloc(sizeof(T));
636 // type_constructor_T(depth+1, *result);
637 // T_has_seen=has_seen_prev;
638 // }
639 // else
640 // *result=NULL;
641 // }
642
643 binary_predicate_exprt depth_gt_max_depth{
644 depth, ID_ge, get_symbol_expr(max_depth_var_name)};
645 exprt::operandst should_not_recurse{depth_gt_max_depth};
646
647 std::optional<symbol_exprt> has_seen;
648 if(can_cast_type<struct_tag_typet>(to_pointer_type(type).base_type()))
649 has_seen = get_fresh_global_symexpr(
650 "has_seen_" + type2id(to_pointer_type(type).base_type()));
651
652 if(has_seen.has_value())
653 {
654 equal_exprt has_seen_expr{*has_seen, from_integer(1, has_seen->type())};
655 should_not_recurse.push_back(has_seen_expr);
656 }
657
658 null_pointer_exprt nullptr_expr{
659 pointer_type(to_pointer_type(type).base_type())};
660 const code_assignt assign_null{dereference_exprt{result}, nullptr_expr};
661 code_blockt null_and_return{{assign_null, code_frontend_returnt{}}};
662 body.add(code_ifthenelset{conjunction(should_not_recurse), null_and_return});
663
664 const auto should_recurse_nondet =
665 get_fresh_local_typed_symexpr("should_recurse_nondet", bool_typet{});
666 body.add(code_declt{should_recurse_nondet});
667 exprt::operandst should_recurse_ops{
668 binary_predicate_exprt{depth, ID_lt, get_symbol_expr(min_depth_var_name)},
669 should_recurse_nondet};
670 code_blockt then_case{};
671
672 code_assignt seen_assign_prev{};
673 if(has_seen.has_value())
674 {
675 const symbol_exprt &has_seen_prev = get_fresh_local_symexpr(
676 "has_seen_prev_" + type2id(to_pointer_type(type).base_type()));
677 then_case.add(code_declt{has_seen_prev});
678 then_case.add(code_assignt{has_seen_prev, *has_seen});
679 then_case.add(code_assignt{*has_seen, from_integer(1, has_seen->type())});
680 seen_assign_prev = code_assignt{*has_seen, has_seen_prev};
681 }
682
683 // we want to initialize the pointee as non-const even for pointer to const
684 const pointer_typet non_const_pointer_type =
685 pointer_type(remove_const(to_pointer_type(type).base_type()));
686 const symbol_exprt &local_result =
687 get_fresh_local_typed_symexpr("local_result", non_const_pointer_type);
688
689 then_case.add(code_declt{local_result});
690 const namespacet ns{goto_model.symbol_table};
691 then_case.add(code_assignt{
692 local_result,
693 side_effect_exprt{
694 ID_allocate,
695 {*size_of_expr(non_const_pointer_type.base_type(), ns), false_exprt{}},
696 non_const_pointer_type,
697 source_locationt::nil()}});
698 initialize(
699 dereference_exprt{local_result},
700 plus_exprt{depth, from_integer(1, depth.type())},
701 then_case);
702 then_case.add(code_assignt{dereference_exprt{result}, local_result});
703
704 if(has_seen.has_value())
705 {
706 then_case.add(seen_assign_prev);
707 }
708
709 body.add(
710 code_ifthenelset{disjunction(should_recurse_ops), then_case, assign_null});
711 return body;
712}
713
714code_blockt recursive_initializationt::build_array_constructor(
715 const exprt &depth,
716 const symbol_exprt &result)
717{
718 PRECONDITION(result.type().id() == ID_pointer);
719 const typet &type = to_pointer_type(result.type()).base_type();
720 PRECONDITION(type.id() == ID_array);
721 const array_typet &array_type = to_array_type(type);
722 const auto array_size =
723 numeric_cast_v<std::size_t>(to_constant_expr(array_type.size()));
724 code_blockt body{};
725
726 for(std::size_t index = 0; index < array_size; index++)
727 {
728 initialize(
729 index_exprt{dereference_exprt{result}, from_integer(index, size_type())},
730 depth,
731 body);
732 }
733 return body;
734}
735
736code_blockt recursive_initializationt::build_struct_constructor(
737 const exprt &depth,
738 const symbol_exprt &result)
739{
740 PRECONDITION(result.type().id() == ID_pointer);
741 const typet &struct_type = to_pointer_type(result.type()).base_type();
742 PRECONDITION(struct_type.id() == ID_struct_tag);
743 code_blockt body{};
744 const namespacet ns{goto_model.symbol_table};
745 for(const auto &component :
746 ns.follow_tag(to_struct_tag_type(struct_type)).components())
747 {
748 if(component.get_is_padding())
749 {
750 continue;
751 }
752 // if the struct component is const we need to cast away the const
753 // for initialisation purposes.
754 // As far as I'm aware that's the closest thing to a 'correct' way
755 // to initialize dynamically allocated structs with const components
756 exprt component_initialisation_lhs = [&result, &component]() -> exprt {
757 auto member_expr = member_exprt{dereference_exprt{result}, component};
758 if(component.type().get_bool(ID_C_constant))
759 {
760 return dereference_exprt{
761 typecast_exprt{address_of_exprt{std::move(member_expr)},
762 pointer_type(remove_const(component.type()))}};
763 }
764 else
765 {
766 return std::move(member_expr);
767 }
768 }();
769 initialize(component_initialisation_lhs, depth, body);
770 }
771 return body;
772}
773
774code_blockt recursive_initializationt::build_nondet_constructor(
775 const symbol_exprt &result) const
776{
777 PRECONDITION(result.type().id() == ID_pointer);
778 code_blockt body{};
779 auto const nondet_symbol = get_fresh_local_typed_symexpr(
780 "nondet", to_pointer_type(result.type()).base_type());
781 body.add(code_declt{nondet_symbol});
782 body.add(code_assignt{dereference_exprt{result}, nondet_symbol});
783 return body;
784}
785
786code_blockt recursive_initializationt::build_dynamic_array_constructor(
787 const exprt &depth,
788 const symbol_exprt &result,
789 const exprt &size,
790 const std::optional<irep_idt> &lhs_name)
791{
792 PRECONDITION(result.type().id() == ID_pointer);
793 const typet &dynamic_array_type = to_pointer_type(result.type()).base_type();
794 PRECONDITION(dynamic_array_type.id() == ID_pointer);
795 const typet &element_type = to_pointer_type(dynamic_array_type).base_type();
796 PRECONDITION(element_type.id() != ID_empty);
797
798 // builds:
799 // void type_constructor_ptr_T(int depth, T** result, int* size)
800 // {
801 // int nondet_size;
802 // assume(nondet_size >= min_array_size && nondet_size <= max_array_size);
803 // T* local_result = malloc(nondet_size * sizeof(T));
804 // for (int i = 0; i < nondet_size; ++i)
805 // {
806 // type_construct_T(depth+1, local_result+i);
807 // }
808 // *result = local_result;
809 // if (size!=NULL)
810 // *size = nondet_size;
811 // }
812
813 const auto min_array_size = initialization_config.min_dynamic_array_size;
814 const auto max_array_size = initialization_config.max_dynamic_array_size;
815 PRECONDITION(max_array_size >= min_array_size);
816
817 code_blockt body{};
818 const symbol_exprt &nondet_size = get_fresh_local_symexpr("nondet_size");
819 body.add(code_declt{nondet_size});
820
821 body.add(code_assumet{and_exprt{
822 binary_relation_exprt{
823 nondet_size, ID_ge, from_integer(min_array_size, nondet_size.type())},
824 binary_relation_exprt{
825 nondet_size, ID_le, from_integer(max_array_size, nondet_size.type())}}});
826
827 // we want the local result to be mutable so we can initialise it
828 const typet mutable_dynamic_array_type =
829 pointer_type(remove_const(element_type));
830 const symbol_exprt &local_result =
831 get_fresh_local_typed_symexpr("local_result", mutable_dynamic_array_type);
832 body.add(code_declt{local_result});
833 const namespacet ns{goto_model.symbol_table};
834 for(auto array_size = min_array_size; array_size <= max_array_size;
835 ++array_size)
836 {
837 body.add(code_ifthenelset{
838 equal_exprt{nondet_size, from_integer(array_size, nondet_size.type())},
839 code_assignt{
840 local_result,
841 side_effect_exprt{
842 ID_allocate,
843 {mult_exprt{
844 from_integer(array_size, size_type()),
845 *size_of_expr(element_type, ns)},
846 false_exprt{}},
847 mutable_dynamic_array_type,
848 source_locationt::nil()}}});
849 }
850
851 const symbol_exprt &index_iter = get_fresh_local_symexpr("index");
852 body.add(code_declt{index_iter});
853 code_assignt for_init{index_iter, from_integer(0, index_iter.type())};
854 binary_relation_exprt for_cond{index_iter, ID_lt, nondet_size};
855 side_effect_exprt for_iter{
856 ID_preincrement, {index_iter}, typet{}, source_locationt{}};
857 code_blockt for_body{};
858 if(lhs_name.has_value() && should_be_treated_as_cstring(*lhs_name))
859 {
860 code_blockt else_case{};
861 initialize(
862 dereference_exprt{plus_exprt{local_result, index_iter}},
863 plus_exprt{depth, from_integer(1, depth.type())},
864 else_case);
865 else_case.add(code_assumet{
866 notequal_exprt{dereference_exprt{plus_exprt{local_result, index_iter}},
867 from_integer(0, char_type())}});
868
869 for_body.add(code_ifthenelset{
870 equal_exprt{
871 index_iter,
872 minus_exprt{nondet_size, from_integer(1, nondet_size.type())}},
873 code_assignt{dereference_exprt{plus_exprt{local_result, index_iter}},
874 from_integer(0, char_type())},
875 else_case});
876 }
877 else
878 {
879 initialize(
880 dereference_exprt{plus_exprt{local_result, index_iter}},
881 plus_exprt{depth, from_integer(1, depth.type())},
882 for_body);
883 }
884
885 body.add(code_fort{for_init, for_cond, for_iter, for_body});
886 body.add(code_assignt{dereference_exprt{result}, local_result});
887
888 CHECK_RETURN(size.type().id() == ID_pointer);
889 body.add(code_ifthenelset{
890 notequal_exprt{size, null_pointer_exprt{to_pointer_type(size.type())}},
891 code_assignt{
892 dereference_exprt{size},
893 typecast_exprt::conditional_cast(
894 nondet_size, to_pointer_type(size.type()).base_type())}});
895
896 return body;
897}
898
899bool recursive_initializationt::needs_freeing(const exprt &expr) const
900{
901 if(
902 expr.type().id() != ID_pointer ||
903 to_pointer_type(expr.type()).base_type().id() == ID_code)
904 return false;
905 for(auto const &common_arguments_origin : common_arguments_origins)
906 {
907 if(common_arguments_origin.has_value() && expr.id() == ID_symbol)
908 {
909 auto origin_name =
910 to_symbol_expr(*common_arguments_origin).get_identifier();
911 auto expr_name = to_symbol_expr(expr).get_identifier();
912 return origin_name == expr_name;
913 }
914 }
915 return true;
916}
917
918code_blockt
919recursive_initializationt::deallocate_code(const exprt &pointer) const
920{
921 code_blockt block;
922 const auto should_track =
923 get_fresh_local_typed_symexpr("mark_deallocated", bool_typet{});
924 block.add(code_declt{should_track});
925 const symbol_exprt deallocated = goto_model.get_symbol_table()
926 .lookup_ref(CPROVER_PREFIX "deallocated")
927 .symbol_expr();
928 block.add(code_ifthenelset{
929 should_track,
930 code_assignt{
931 deallocated,
932 typecast_exprt::conditional_cast(pointer, deallocated.type())}});
933 return block;
934}
935
936void recursive_initializationt::free_if_possible(
937 const exprt &expr,
938 code_blockt &body)
939{
940 PRECONDITION(expr.id() == ID_symbol);
941 const auto expr_id = to_symbol_expr(expr).get_identifier();
942 const auto maybe_cluster_index = find_equal_cluster(expr_id);
943 if(!maybe_cluster_index.has_value())
944 {
945 // not in any equality cluster -> just free
946 body.add(deallocate_code(expr));
947 return;
948 }
949
950 if(
951 to_symbol_expr(*common_arguments_origins[*maybe_cluster_index])
952 .get_identifier() != expr_id &&
953 initialization_config.arguments_may_be_equal)
954 {
955 // in equality cluster but not common origin -> free if not equal to origin
956 const auto condition =
957 notequal_exprt{expr, *common_arguments_origins[*maybe_cluster_index]};
958 body.add(code_ifthenelset{condition, deallocate_code(expr)});
959 }
960 else
961 {
962 // expr is common origin, leave freeing until the rest of the cluster is
963 // freed
964 return;
965 }
966}
967
975
976code_blockt recursive_initializationt::build_function_pointer_constructor(
977 const symbol_exprt &result,
978 bool is_nullable)
979{
980 PRECONDITION(can_cast_type<pointer_typet>(result.type()));
981 const auto &result_type = to_pointer_type(result.type());
982 PRECONDITION(can_cast_type<pointer_typet>(result_type.base_type()));
983 const auto &function_pointer_type = to_pointer_type(result_type.base_type());
984 PRECONDITION(can_cast_type<code_typet>(function_pointer_type.base_type()));
985 const auto &function_type = to_code_type(function_pointer_type.base_type());
986
987 std::vector<exprt> targets;
988
989 for(const auto &sym : goto_model.get_symbol_table())
990 {
991 if(sym.second.type == function_type)
992 {
993 targets.push_back(address_of_exprt{sym.second.symbol_expr()});
994 }
995 }
996
997 if(is_nullable)
998 targets.push_back(null_pointer_exprt{function_pointer_type});
999
1000 code_blockt body{};
1001
1002 const auto function_pointer_selector =
1003 get_fresh_local_symexpr("function_pointer_selector");
1004 body.add(code_declt{function_pointer_selector});
1005 auto function_pointer_index = std::size_t{0};
1006
1007 for(const auto &target : targets)
1008 {
1009 auto const assign = code_assignt{dereference_exprt{result}, target};
1010 auto const sym_to_lookup =
1011 target.id() == ID_address_of
1012 ?
1013 // This is either address of or pointer; in pointer case, we don't
1014 // need to do anything. In the address of case, the operand is
1015 // a symbol representing a target function.
1016 to_symbol_expr(to_address_of_expr(target).object()).get_identifier()
1017 : "";
1018 // skip referencing globals because the corresponding symbols in the symbol
1019 // table are no longer marked as file local.
1020 if(sym_to_lookup.starts_with(FILE_LOCAL_PREFIX))
1021 {
1022 continue;
1023 }
1024 else if(
1025 goto_model.get_symbol_table().lookup(sym_to_lookup) &&
1026 goto_model.get_symbol_table().lookup(sym_to_lookup)->is_file_local)
1027 {
1028 continue;
1029 }
1030
1031 if(function_pointer_index != targets.size() - 1)
1032 {
1033 auto const condition = equal_exprt{
1034 function_pointer_selector,
1035 from_integer(function_pointer_index, function_pointer_selector.type())};
1036 auto const then = code_blockt{{assign, code_frontend_returnt{}}};
1037 body.add(code_ifthenelset{condition, then});
1038 }
1039 else
1040 {
1041 body.add(assign);
1042 }
1043 ++function_pointer_index;
1044 }
1045
1046 return body;
1047}
1048
1049void recursive_initializationt::initialize_selected_member(
1050 const exprt &lhs,
1051 const exprt &depth,
1052 code_blockt &body,
1053 const std::vector<irep_idt> &selection_spec)
1054{
1055 PRECONDITION(lhs.id() == ID_symbol);
1056 PRECONDITION(lhs.type().id() == ID_struct_tag);
1057 PRECONDITION(!selection_spec.empty());
1058
1059 auto component_member = lhs;
1060 const namespacet ns{goto_model.symbol_table};
1061
1062 for(auto it = selection_spec.begin() + 1; it != selection_spec.end(); it++)
1063 {
1064 if(component_member.type().id() != ID_struct_tag)
1065 {
1066 throw invalid_command_line_argument_exceptiont{
1067 "'" + id2string(*it) + "' is not a component name",
1068 "--" COMMON_HARNESS_GENERATOR_HAVOC_MEMBER_OPT};
1069 }
1070 const auto &struct_tag_type = to_struct_tag_type(component_member.type());
1071 const auto &struct_type = to_struct_type(ns.follow_tag(struct_tag_type));
1072
1073 bool found = false;
1074 for(auto const &component : struct_type.components())
1075 {
1076 const auto &component_type = component.type();
1077 const auto component_name = component.get_name();
1078
1079 if(*it == component_name)
1080 {
1081 component_member =
1082 member_exprt{component_member, component_name, component_type};
1083 found = true;
1084 break;
1085 }
1086 }
1087 if(!found)
1088 {
1089 throw invalid_command_line_argument_exceptiont{
1090 "'" + id2string(*it) + "' is not a component name",
1091 "--" COMMON_HARNESS_GENERATOR_HAVOC_MEMBER_OPT};
1092 }
1093 }
1094 initialize(component_member, depth, body);
1095}
from_integer
constant_exprt from_integer(const mp_integer &int_value, const typet &type)
Definition arith_tools.cpp:99
arith_tools.h
array_name
std::string array_name(const namespacet &ns, const exprt &expr)
Definition array_name.cpp:19
assign_null
static code_frontend_assignt assign_null(const exprt &expr)
One of the base cases of the recursive algorithm.
Definition assignments_from_json.cpp:383
result_symbol
static symbolt result_symbol(const irep_idt &identifier, const typet &type, const source_locationt &source_location, symbol_table_baset &symbol_table)
Definition c_typecheck_gcc_polymorphic_builtins.cpp:610
signed_int_type
signedbv_typet signed_int_type()
Definition c_types.cpp:22
pointer_type
pointer_typet pointer_type(const typet &subtype)
Definition c_types.cpp:235
char_type
bitvector_typet char_type()
Definition c_types.cpp:106
c_types.h
address_of_exprt
Operator to return the address of an object.
Definition pointer_expr.h:540
ait
ait supplies three of the four components needed: an abstract interpreter (in this case handling func...
Definition ai.h:562
and_exprt
Boolean AND.
Definition std_expr.h:2125
array_typet
Arrays with given size.
Definition std_types.h:807
binary_predicate_exprt
A base class for expressions that are predicates, i.e., Boolean-typed, and that take exactly two argu...
Definition std_expr.h:731
binary_relation_exprt
A base class for relations, i.e., binary predicates whose two operands have the same type.
Definition std_expr.h:762
bool_typet
The Boolean type.
Definition std_types.h:36
code_assignt
A goto_instruction_codet representing an assignment in the program.
Definition goto_instruction_code.h:22
code_assumet
An assumption, which must hold in subsequent code.
Definition std_code.h:217
code_blockt
A codet representing sequential composition of program statements.
Definition std_code.h:130
code_blockt::add
void add(const codet &code)
Definition std_code.h:168
code_declt
A goto_instruction_codet representing the declaration of a local variable.
Definition goto_instruction_code.h:204
code_fort
codet representation of a for statement.
Definition std_code.h:734
code_frontend_returnt
codet representation of a "return from a function" statement.
Definition std_code.h:893
code_function_callt
goto_instruction_codet representation of a function call statement.
Definition goto_instruction_code.h:271
code_ifthenelset
codet representation of an if-then-else statement.
Definition std_code.h:460
code_typet::parametert
Definition std_types.h:600
code_typet
Base type of functions.
Definition std_types.h:583
code_typet::parameterst
std::vector< parametert > parameterst
Definition std_types.h:586
dereference_exprt
Operator to dereference a pointer.
Definition pointer_expr.h:834
dstringt
dstringt has one field, an unsigned integer no which is an index into a static table of strings.
Definition dstring.h:38
empty_typet
The empty type.
Definition std_types.h:51
equal_exprt
Equality.
Definition std_expr.h:1366
exprt
Base class for all expressions.
Definition expr.h:56
exprt::operandst
std::vector< exprt > operandst
Definition expr.h:58
exprt::type
typet & type()
Return the type of the expression.
Definition expr.h:84
false_exprt
The Boolean constant false.
Definition std_expr.h:3200
goto_modelt
Definition goto_model.h:27
goto_modelt::get_symbol_table
const symbol_tablet & get_symbol_table() const override
Accessor to get the symbol table.
Definition goto_model.h:84
goto_modelt::symbol_table
symbol_tablet symbol_table
Symbol table.
Definition goto_model.h:31
index_exprt
Array index operator.
Definition std_expr.h:1470
invalid_command_line_argument_exceptiont
Thrown when users pass incorrect command line arguments, for example passing no files to analysis or ...
Definition exception_utils.h:51
irept::id
const irep_idt & id() const
Definition irep.h:388
irept::add
irept & add(const irep_idt &name)
Definition irep.cpp:103
member_exprt
Extract member of struct or union.
Definition std_expr.h:2972
minus_exprt
Binary minus.
Definition std_expr.h:1061
mult_exprt
Binary multiplication Associativity is not specified.
Definition std_expr.h:1107
namespacet
A namespacet is essentially one or two symbol tables bound together, to allow for symbol lookups in t...
Definition namespace.h:91
notequal_exprt
Disequality.
Definition std_expr.h:1425
null_pointer_exprt
The null pointer constant.
Definition pointer_expr.h:909
plus_exprt
The plus expression Associativity is not specified.
Definition std_expr.h:1002
pointer_typet
The pointer type These are both 'bitvector_typet' (they have a width) and 'type_with_subtypet' (they ...
Definition pointer_expr.h:24
recursive_initializationt::goto_model
goto_modelt & goto_model
Definition recursive_initialization.h:117
recursive_initializationt::initialize_selected_member
void initialize_selected_member(const exprt &lhs, const exprt &depth, code_blockt &body, const std::vector< irep_idt > &selection_spec)
Select the specified struct-member to be non-deterministically initialized.
Definition recursive_initialization.cpp:1049
recursive_initializationt::type2id
std::string type2id(const typet &type) const
Simple pretty-printer for typet.
Definition recursive_initialization.cpp:588
recursive_initializationt::free_if_possible
void free_if_possible(const exprt &expr, code_blockt &body)
Definition recursive_initialization.cpp:936
recursive_initializationt::type_constructor_names
type_constructor_namest type_constructor_names
Definition recursive_initialization.h:120
recursive_initializationt::build_dynamic_array_constructor
code_blockt build_dynamic_array_constructor(const exprt &depth, const symbol_exprt &result, const exprt &size, const std::optional< irep_idt > &lhs_name)
Constructor for dynamic arrays: allocate memory for n elements (n is random but bounded) and initiali...
Definition recursive_initialization.cpp:786
recursive_initializationt::build_constructor_body
code_blockt build_constructor_body(const exprt &depth_symbol, const symbol_exprt &result_symbol, const std::optional< exprt > &size_symbol, const std::optional< irep_idt > &lhs_name, const bool is_nullable)
Case analysis for which constructor should be used.
Definition recursive_initialization.cpp:246
recursive_initializationt::common_arguments_origins
std::vector< std::optional< exprt > > common_arguments_origins
Definition recursive_initialization.h:121
recursive_initializationt::build_nondet_constructor
code_blockt build_nondet_constructor(const symbol_exprt &result) const
Default constructor: assigns non-deterministic value of the right type.
Definition recursive_initialization.cpp:774
recursive_initializationt::find_equal_cluster
std::optional< equal_cluster_idt > find_equal_cluster(const irep_idt &name) const
Definition recursive_initialization.cpp:383
recursive_initializationt::build_struct_constructor
code_blockt build_struct_constructor(const exprt &depth, const symbol_exprt &result)
Constructor for structures: simply iterates over members and initialise each one.
Definition recursive_initialization.cpp:736
recursive_initializationt::build_constructor
irep_idt build_constructor(const exprt &expr)
Check if a constructor for the type of expr already exists and create it if not.
Definition recursive_initialization.cpp:291
recursive_initializationt::max_depth_var_name
irep_idt max_depth_var_name
Definition recursive_initialization.h:118
recursive_initializationt::get_fresh_global_name
irep_idt get_fresh_global_name(const std::string &symbol_name, const exprt &initial_value) const
Construct a new global symbol of type int and set it's value to initial_value.
Definition recursive_initialization.cpp:485
recursive_initializationt::build_function_pointer_constructor
code_blockt build_function_pointer_constructor(const symbol_exprt &result, bool is_nullable)
Constructor for function pointers.
Definition recursive_initialization.cpp:976
recursive_initializationt::deallocate_code
code_blockt deallocate_code(const exprt &pointer) const
Generate code mimicking __CPROVER_deallocate (which is what C's free calls) with pointer as argument.
Definition recursive_initialization.cpp:919
recursive_initializationt::initialization_config
const recursive_initialization_configt initialization_config
Definition recursive_initialization.h:116
recursive_initializationt::min_depth_var_name
irep_idt min_depth_var_name
Definition recursive_initialization.h:119
recursive_initializationt::get_fresh_local_typed_symexpr
symbol_exprt get_fresh_local_typed_symexpr(const std::string &symbol_name, const typet &type) const
Construct a new local symbol of type type initialised to init_value.
Definition recursive_initialization.cpp:525
recursive_initializationt::get_associated_size_variable
std::optional< irep_idt > get_associated_size_variable(const irep_idt &array_name) const
Definition recursive_initialization.cpp:403
recursive_initializationt::build_array_constructor
code_blockt build_array_constructor(const exprt &depth, const symbol_exprt &result)
Constructor for arrays: simply iterates over elements and initialise each one.
Definition recursive_initialization.cpp:714
recursive_initializationt::recursive_initializationt
recursive_initializationt(recursive_initialization_configt initialization_config, goto_modelt &goto_model)
Definition recursive_initialization.cpp:118
recursive_initializationt::equal_cluster_idt
std::size_t equal_cluster_idt
Definition recursive_initialization.h:66
recursive_initializationt::free_cluster_origins
void free_cluster_origins(code_blockt &body)
Definition recursive_initialization.cpp:968
recursive_initializationt::should_be_treated_as_array
bool should_be_treated_as_array(const irep_idt &pointer_name) const
Definition recursive_initialization.cpp:375
recursive_initializationt::initialize
void initialize(const exprt &lhs, const exprt &depth, code_blockt &body)
Generate initialisation code for lhs into body.
Definition recursive_initialization.cpp:138
recursive_initializationt::needs_freeing
bool needs_freeing(const exprt &expr) const
Definition recursive_initialization.cpp:899
recursive_initializationt::get_fresh_fun_symbol
const symbolt & get_fresh_fun_symbol(const std::string &fun_name, const typet &fun_type)
Construct a new function symbol of type fun_type.
Definition recursive_initialization.cpp:541
recursive_initializationt::should_be_treated_as_cstring
bool should_be_treated_as_cstring(const irep_idt &pointer_name) const
Definition recursive_initialization.cpp:411
recursive_initializationt::get_fresh_local_symexpr
symbol_exprt get_fresh_local_symexpr(const std::string &symbol_name) const
Construct a new local symbol of type int initialised to 0.
Definition recursive_initialization.cpp:510
recursive_initializationt::is_array_size_parameter
bool is_array_size_parameter(const irep_idt &cmdline_arg) const
Definition recursive_initialization.cpp:395
recursive_initializationt::get_symbol_expr
symbol_exprt get_symbol_expr(const irep_idt &symbol_name) const
Recover the symbol expression from symbol table.
Definition recursive_initialization.cpp:581
recursive_initializationt::get_fresh_global_symexpr
symbol_exprt get_fresh_global_symexpr(const std::string &symbol_name) const
Construct a new global symbol of type int initialised to 0.
Definition recursive_initialization.cpp:498
recursive_initializationt::build_pointer_constructor
code_blockt build_pointer_constructor(const exprt &depth, const symbol_exprt &result)
Generic constructor for all pointers: only builds one pointee (not an array) but may recourse in case...
Definition recursive_initialization.cpp:615
recursive_initializationt::get_fresh_param_symbol
symbolt & get_fresh_param_symbol(const std::string &param_name, const typet &param_type)
Construct a new parameter symbol of type param_type.
Definition recursive_initialization.cpp:562
side_effect_exprt
An expression containing a side effect.
Definition std_code.h:1450
source_locationt
Definition source_location.h:20
source_locationt::nil
static const source_locationt & nil()
Definition source_location.h:200
source_locationt::set_file
void set_file(const irep_idt &file)
Definition source_location.h:104
symbol_exprt
Expression to hold a symbol (variable)
Definition std_expr.h:131
symbol_table_baset::lookup
const symbolt * lookup(const irep_idt &name) const
Find a symbol in the symbol table for read-only access.
Definition symbol_table_base.h:96
symbol_table_baset::add
bool add(const symbolt &symbol)
Add a new symbol to the symbol table.
Definition symbol_table_base.cpp:18
symbol_table_baset::lookup_ref
const symbolt & lookup_ref(const irep_idt &name) const
Find a symbol in the symbol table for read-only access.
Definition symbol_table_base.h:105
symbol_tablet
The symbol table.
Definition symbol_table.h:14
symbol_tablet::insert
virtual std::pair< symbolt &, bool > insert(symbolt symbol) override
Author: Diffblue Ltd.
Definition symbol_table.cpp:17
symbolt
Symbol table entry.
Definition symbol.h:28
symbolt::is_auxiliary
bool is_auxiliary
Definition symbol.h:77
symbolt::is_file_local
bool is_file_local
Definition symbol.h:73
symbolt::is_static_lifetime
bool is_static_lifetime
Definition symbol.h:70
symbolt::is_thread_local
bool is_thread_local
Definition symbol.h:71
symbolt::location
source_locationt location
Source code location of definition of symbol.
Definition symbol.h:37
symbolt::is_state_var
bool is_state_var
Definition symbol.h:66
symbolt::symbol_expr
class symbol_exprt symbol_expr() const
Produces a symbol_exprt for a symbol.
Definition symbol.cpp:121
symbolt::pretty_name
irep_idt pretty_name
Language-specific display name.
Definition symbol.h:52
symbolt::base_name
irep_idt irep_idt base_name
Name of module the symbol belongs to.
Definition symbol.h:46
symbolt::is_lvalue
bool is_lvalue
Definition symbol.h:72
symbolt::value
exprt value
Initial value of symbol.
Definition symbol.h:34
symbolt::mode
irep_idt mode
Language mode.
Definition symbol.h:49
typecast_exprt
Semantic type conversion.
Definition std_expr.h:2073
typecast_exprt::conditional_cast
static exprt conditional_cast(const exprt &expr, const typet &type)
Definition std_expr.h:2081
typet
The type of an expression, extends irept.
Definition type.h:29
common_harness_generator_options.h
COMMON_HARNESS_GENERATOR_FUNCTION_POINTER_CAN_BE_NULL_OPT
#define COMMON_HARNESS_GENERATOR_FUNCTION_POINTER_CAN_BE_NULL_OPT
Definition common_harness_generator_options.h:17
COMMON_HARNESS_GENERATOR_MIN_ARRAY_SIZE_OPT
#define COMMON_HARNESS_GENERATOR_MIN_ARRAY_SIZE_OPT
Definition common_harness_generator_options.h:15
COMMON_HARNESS_GENERATOR_MIN_NULL_TREE_DEPTH_OPT
#define COMMON_HARNESS_GENERATOR_MIN_NULL_TREE_DEPTH_OPT
Definition common_harness_generator_options.h:12
COMMON_HARNESS_GENERATOR_MAX_ARRAY_SIZE_OPT
#define COMMON_HARNESS_GENERATOR_MAX_ARRAY_SIZE_OPT
Definition common_harness_generator_options.h:16
COMMON_HARNESS_GENERATOR_MAX_NONDET_TREE_DEPTH_OPT
#define COMMON_HARNESS_GENERATOR_MAX_NONDET_TREE_DEPTH_OPT
Definition common_harness_generator_options.h:13
COMMON_HARNESS_GENERATOR_HAVOC_MEMBER_OPT
#define COMMON_HARNESS_GENERATOR_HAVOC_MEMBER_OPT
Definition common_harness_generator_options.h:19
CPROVER_PREFIX
#define CPROVER_PREFIX
Definition cprover_prefix.h:14
get_fresh_aux_symbol
symbolt & get_fresh_aux_symbol(const typet &type, const std::string &name_prefix, const std::string &basename_prefix, const source_locationt &source_location, const irep_idt &symbol_mode, const namespacet &ns, symbol_table_baset &symbol_table)
Installs a fresh-named symbol with respect to the given namespace ns with the requested name pattern ...
Definition fresh_symbol.cpp:32
fresh_symbol.h
Fresh auxiliary symbol creation.
goto_harness_generator.h
id2string
const std::string & id2string(const irep_idt &d)
Definition irep.h:44
r
static int8_t r
Definition irep_hash.h:60
name_mangler.h
Mangle names of file-local functions to make them unique.
FILE_LOCAL_PREFIX
#define FILE_LOCAL_PREFIX
Definition name_mangler.h:16
harness_options_parser::require_exactly_one_value
std::string require_exactly_one_value(const std::string &option, const std::list< std::string > &values)
Returns the only value of a single element list, throws an exception if not passed a single element l...
Definition goto_harness_generator.cpp:21
harness_options_parser::require_one_size_value
std::size_t require_one_size_value(const std::string &option, const std::list< std::string > &values)
Returns the only Nat value of a single element list, throws an exception if not passed a single eleme...
Definition goto_harness_generator.cpp:41
std
STL namespace.
optional_utils.h
optional_lookup
auto optional_lookup(const map_like_collectiont &map, const keyt &key) -> std::optional< decltype(map.find(key) ->second)>
Lookup a key in a map, if found return the associated value, nullopt otherwise.
Definition optional_utils.h:17
pointer_expr.h
API to expression classes for Pointers.
to_address_of_expr
const address_of_exprt & to_address_of_expr(const exprt &expr)
Cast an exprt to an address_of_exprt.
Definition pointer_expr.h:577
to_pointer_type
const pointer_typet & to_pointer_type(const typet &type)
Cast a typet to a pointer_typet.
Definition pointer_expr.h:93
size_of_expr
std::optional< exprt > size_of_expr(const typet &type, const namespacet &ns)
Definition pointer_offset_size.cpp:287
pointer_offset_size.h
Pointer Logic.
deallocated
exprt deallocated(const exprt &pointer, const namespacet &ns)
Definition pointer_predicates.cpp:43
get_fresh_global_symbol
static symbolt & get_fresh_global_symbol(symbol_tablet &symbol_table, const std::string &symbol_base_name, typet symbol_type, irep_idt mode)
Definition recursive_initialization.cpp:458
build_null_pointer
code_blockt build_null_pointer(const symbol_exprt &result_symbol)
Definition recursive_initialization.cpp:236
recursive_initialization.h
GOTO_HARNESS_PREFIX
#define GOTO_HARNESS_PREFIX
Definition recursive_initialization.h:25
get_new_name
irep_idt get_new_name(const irep_idt &name, const namespacet &ns, char delimiter)
Build and identifier not yet present in the namespace ns based on name.
Definition rename.cpp:16
CHECK_RETURN
#define CHECK_RETURN(CONDITION)
Definition invariant.h:495
PRECONDITION
#define PRECONDITION(CONDITION)
Definition invariant.h:463
INVARIANT
#define INVARIANT(CONDITION, REASON)
This macro uses the wrapper function 'invariant_violated_string'.
Definition invariant.h:423
std_code.h
disjunction
exprt disjunction(const exprt::operandst &op)
1) generates a disjunction for two or more operands 2) for one operand, returns the operand 3) return...
Definition std_expr.cpp:71
component
auto component(T &struct_expr, const irep_idt &name, const namespacet &ns) -> decltype(struct_expr.op0())
Definition std_expr.cpp:122
conjunction
exprt conjunction(exprt a, exprt b)
Conjunction of two expressions.
Definition std_expr.cpp:83
to_constant_expr
const constant_exprt & to_constant_expr(const exprt &expr)
Cast an exprt to a constant_exprt.
Definition std_expr.h:3173
to_symbol_expr
const symbol_exprt & to_symbol_expr(const exprt &expr)
Cast an exprt to a symbol_exprt.
Definition std_expr.h:272
to_code_type
const code_typet & to_code_type(const typet &type)
Cast a typet to a code_typet.
Definition std_types.h:788
to_struct_type
const struct_typet & to_struct_type(const typet &type)
Cast a typet to a struct_typet.
Definition std_types.h:308
to_struct_tag_type
const struct_tag_typet & to_struct_tag_type(const typet &type)
Cast a typet to a struct_tag_typet.
Definition std_types.h:518
to_array_type
const array_typet & to_array_type(const typet &type)
Cast a typet to an array_typet.
Definition std_types.h:888
split_string
void split_string(const std::string &s, char delim, std::vector< std::string > &result, bool strip, bool remove_empty)
Definition string_utils.cpp:39
string_utils.h
recursive_initialization_configt
Definition recursive_initialization.h:27
recursive_initialization_configt::pointers_to_treat_as_cstrings
std::set< irep_idt > pointers_to_treat_as_cstrings
Definition recursive_initialization.h:41
recursive_initialization_configt::pointers_to_treat_equal
std::vector< std::set< irep_idt > > pointers_to_treat_equal
Definition recursive_initialization.h:42
recursive_initialization_configt::array_name_to_associated_array_size_variable
std::map< irep_idt, irep_idt > array_name_to_associated_array_size_variable
Definition recursive_initialization.h:39
recursive_initialization_configt::handle_option
bool handle_option(const std::string &option, const std::list< std::string > &values)
Parse the options specific for recursive initialisation.
Definition recursive_initialization.cpp:30
recursive_initialization_configt::max_dynamic_array_size
std::size_t max_dynamic_array_size
Definition recursive_initialization.h:34
recursive_initialization_configt::variables_that_hold_array_sizes
std::set< irep_idt > variables_that_hold_array_sizes
Definition recursive_initialization.h:38
recursive_initialization_configt::max_nondet_tree_depth
std::size_t max_nondet_tree_depth
Definition recursive_initialization.h:29
recursive_initialization_configt::pointers_to_treat_as_arrays
std::set< irep_idt > pointers_to_treat_as_arrays
Definition recursive_initialization.h:37
recursive_initialization_configt::min_null_tree_depth
std::size_t min_null_tree_depth
Definition recursive_initialization.h:28
recursive_initialization_configt::min_dynamic_array_size
std::size_t min_dynamic_array_size
Definition recursive_initialization.h:35
recursive_initialization_configt::to_string
std::string to_string() const
Definition recursive_initialization.cpp:418
recursive_initialization_configt::potential_null_function_pointers
std::unordered_set< irep_idt > potential_null_function_pointers
Definition recursive_initialization.h:31
recursive_initialization_configt::mode
irep_idt mode
Definition recursive_initialization.h:30
recursive_initializationt::constructor_keyt
Definition recursive_initialization.h:68
remove_const
typet remove_const(typet type)
Remove const qualifier from type (if any).
Definition type.cpp:32
size_type
#define size_type
Definition unistd.c:186