CBMC
shadow_memory.h
Go to the documentation of this file.
1 /*******************************************************************\
2 
3 Module: Symex Shadow Memory Instrumentation
4 
5 Author: Peter Schrammel
6 
7 \*******************************************************************/
8 
11 
12 #ifndef CPROVER_GOTO_SYMEX_SHADOW_MEMORY_H
13 #define CPROVER_GOTO_SYMEX_SHADOW_MEMORY_H
14 
15 #include <util/expr.h>
16 #include <util/message.h>
17 
18 #include "shadow_memory_field_definitions.h"
19 
20 #define SHADOW_MEMORY_PREFIX "SM__"
21 #define SHADOW_MEMORY_FIELD_DECL "field_decl"
22 #define SHADOW_MEMORY_GLOBAL_SCOPE "_global"
23 #define SHADOW_MEMORY_LOCAL_SCOPE "_local"
24 #define SHADOW_MEMORY_GET_FIELD "get_field"
25 #define SHADOW_MEMORY_SET_FIELD "set_field"
26 #define SHADOW_MEMORY_SYMBOL_PREFIX "__SM"
27 
28 class code_function_callt;
29 class abstract_goto_modelt;
30 class goto_symex_statet;
31 class side_effect_exprt;
32 class ssa_exprt;
33 class symbol_exprt;
34 
36 class shadow_memoryt
37 {
38 public:
39  shadow_memoryt(
40  const std::function<void(goto_symex_statet &, const exprt &, const exprt &)>
41  symex_assign,
42  const namespacet &ns,
43  message_handlert &message_handler)
44  : symex_assign(symex_assign), ns(ns), log(message_handler)
45  {
46  }
47 
53  static shadow_memory_field_definitionst gather_field_declarations(
54  const abstract_goto_modelt &goto_model,
55  message_handlert &message_handler);
56 
60  void symex_field_static_init(goto_symex_statet &state, const ssa_exprt &lhs);
61 
66  void symex_field_static_init_string_constant(
67  goto_symex_statet &state,
68  const ssa_exprt &expr,
69  const exprt &rhs);
70 
74  void symex_field_local_init(goto_symex_statet &state, const ssa_exprt &expr);
75 
80  void symex_field_dynamic_init(
81  goto_symex_statet &state,
82  const exprt &expr,
83  const side_effect_exprt &code);
84 
89  void symex_get_field(
90  goto_symex_statet &state,
91  const exprt &lhs,
92  const exprt::operandst &arguments);
93 
97  void
98  symex_set_field(goto_symex_statet &state, const exprt::operandst &arguments);
99 
100 private:
106  static void convert_field_declaration(
107  const code_function_callt &code_function_call,
108  shadow_memory_field_definitionst::field_definitiont &fields,
109  bool is_global,
110  message_handlert &message_handler);
111 
117  void initialize_shadow_memory(
118  goto_symex_statet &state,
119  exprt expr,
120  const shadow_memory_field_definitionst::field_definitiont &fields);
121 
128  const symbol_exprt &add_field(
129  goto_symex_statet &state,
130  const exprt &expr,
131  const irep_idt &field_name,
132  const typet &field_type);
133 
134 private:
135  const std::function<void(goto_symex_statet &, const exprt &, const exprt)>
136  symex_assign;
137  const namespacet &ns;
138  messaget log;
139 };
140 
141 #endif // CPROVER_GOTO_SYMEX_SHADOW_MEMORY_H
abstract_goto_modelt
Abstract interface to eager or lazy GOTO models.
Definition: abstract_goto_model.h:22
code_function_callt
goto_instruction_codet representation of a function call statement.
Definition: goto_instruction_code.h:271
dstringt
dstringt has one field, an unsigned integer no which is an index into a static table of strings.
Definition: dstring.h:38
exprt
Base class for all expressions.
Definition: expr.h:56
exprt::operandst
std::vector< exprt > operandst
Definition: expr.h:58
goto_symex_statet
Central data structure: state.
Definition: goto_symex_state.h:43
message_handlert
Definition: message.h:27
messaget
Class that provides messages with a built-in verbosity 'level'.
Definition: message.h:154
namespacet
A namespacet is essentially one or two symbol tables bound together, to allow for symbol lookups in t...
Definition: namespace.h:94
shadow_memory_field_definitionst
The shadow memory field definitions.
Definition: shadow_memory_field_definitions.h:21
shadow_memory_field_definitionst::field_definitiont
std::map< irep_idt, exprt > field_definitiont
A field definition mapping a field name to its initial value.
Definition: shadow_memory_field_definitions.h:24
shadow_memoryt
The shadow memory instrumentation performed during symbolic execution.
Definition: shadow_memory.h:37
shadow_memoryt::add_field
const symbol_exprt & add_field(goto_symex_statet &state, const exprt &expr, const irep_idt &field_name, const typet &field_type)
Registers a shadow memory field for the given original memory.
Definition: shadow_memory.cpp:67
shadow_memoryt::symex_get_field
void symex_get_field(goto_symex_statet &state, const exprt &lhs, const exprt::operandst &arguments)
Symbolically executes a __CPROVER_get_field call.
Definition: shadow_memory.cpp:194
shadow_memoryt::convert_field_declaration
static void convert_field_declaration(const code_function_callt &code_function_call, shadow_memory_field_definitionst::field_definitiont &fields, bool is_global, message_handlert &message_handler)
Converts a field declaration.
Definition: shadow_memory.cpp:509
shadow_memoryt::symex_field_dynamic_init
void symex_field_dynamic_init(goto_symex_statet &state, const exprt &expr, const side_effect_exprt &code)
Initialize global-scope shadow memory for dynamically allocated memory.
Definition: shadow_memory.cpp:449
shadow_memoryt::symex_field_static_init
void symex_field_static_init(goto_symex_statet &state, const ssa_exprt &lhs)
Initialize global-scope shadow memory for global/static variables.
Definition: shadow_memory.cpp:343
shadow_memoryt::symex_assign
const std::function< void(goto_symex_statet &, const exprt &, const exprt)> symex_assign
Definition: shadow_memory.h:136
shadow_memoryt::symex_field_static_init_string_constant
void symex_field_static_init_string_constant(goto_symex_statet &state, const ssa_exprt &expr, const exprt &rhs)
Initialize global-scope shadow memory for string constants.
Definition: shadow_memory.cpp:381
shadow_memoryt::log
messaget log
Definition: shadow_memory.h:138
shadow_memoryt::ns
const namespacet & ns
Definition: shadow_memory.h:137
shadow_memoryt::gather_field_declarations
static shadow_memory_field_definitionst gather_field_declarations(const abstract_goto_modelt &goto_model, message_handlert &message_handler)
Gathers the available shadow memory field definitions (__CPROVER_field_decl calls) from the goto mode...
Definition: shadow_memory.cpp:461
shadow_memoryt::symex_field_local_init
void symex_field_local_init(goto_symex_statet &state, const ssa_exprt &expr)
Initialize local-scope shadow memory for local variables and parameters.
Definition: shadow_memory.cpp:406
shadow_memoryt::shadow_memoryt
shadow_memoryt(const std::function< void(goto_symex_statet &, const exprt &, const exprt &)> symex_assign, const namespacet &ns, message_handlert &message_handler)
Definition: shadow_memory.h:39
shadow_memoryt::initialize_shadow_memory
void initialize_shadow_memory(goto_symex_statet &state, exprt expr, const shadow_memory_field_definitionst::field_definitiont &fields)
Allocates and initializes a shadow memory field for the given original memory.
Definition: shadow_memory.cpp:28
shadow_memoryt::symex_set_field
void symex_set_field(goto_symex_statet &state, const exprt::operandst &arguments)
Symbolically executes a __CPROVER_set_field call.
Definition: shadow_memory.cpp:91
side_effect_exprt
An expression containing a side effect.
Definition: std_code.h:1450
ssa_exprt
Expression providing an SSA-renamed symbol of expressions.
Definition: ssa_expr.h:17
symbol_exprt
Expression to hold a symbol (variable)
Definition: std_expr.h:131
typet
The type of an expression, extends irept.
Definition: type.h:29
shadow_memory_field_definitions.h
Symex Shadow Memory Field Definitions.