Packages/c/cbmc-doc-6.9.0-1.fc45.x86_64.rpm

/*******************************************************************\


Module: Rewrite {r,w,rw}_ok expressions as required by symbolic execution


Author: Michael Tautschnig


\*******************************************************************/


#include "rewrite_rw_ok.h"


#include <util/expr_iterator.h>

#include <util/pointer_expr.h>


#include <goto-programs/goto_model.h>


static std::optional<exprt> rewrite_rw_ok(exprt expr, const namespacet &ns)

{

  bool unchanged = true;


  for(auto it = expr.depth_begin(), itend = expr.depth_end();

      it != itend;) // no ++it

  {

    if(auto r_or_w_ok = expr_try_dynamic_cast<r_or_w_ok_exprt>(*it))

    {

      const auto &id = it->id();

      exprt replacement =

        prophecy_r_or_w_ok_exprt{

          id == ID_r_ok   ? ID_prophecy_r_ok

          : id == ID_w_ok ? ID_prophecy_w_ok

                          : ID_prophecy_rw_ok,

          r_or_w_ok->pointer(),

          r_or_w_ok->size(),

          ns.lookup(CPROVER_PREFIX "deallocated").symbol_expr(),

          ns.lookup(CPROVER_PREFIX "dead_object").symbol_expr()}

          .with_source_location(*it);


      it.mutate() = std::move(replacement);

      unchanged = false;

      it.next_sibling_or_parent();

    }

    else if(

      auto pointer_in_range =

        expr_try_dynamic_cast<pointer_in_range_exprt>(*it))

    {

      exprt replacement =

        prophecy_pointer_in_range_exprt{

          pointer_in_range->lower_bound(),

          pointer_in_range->pointer(),

          pointer_in_range->upper_bound(),

          ns.lookup(CPROVER_PREFIX "deallocated").symbol_expr(),

          ns.lookup(CPROVER_PREFIX "dead_object").symbol_expr()}

          .with_source_location(*it);


      it.mutate() = std::move(replacement);

      unchanged = false;

      it.next_sibling_or_parent();

    }

    else

      ++it;

  }


  if(unchanged)

    return {};

  else

    return std::move(expr);

}


static void rewrite_rw_ok(

  goto_functionst::goto_functiont &goto_function,

  const namespacet &ns)

{

  for(auto &instruction : goto_function.body.instructions)

    instruction.transform(

      [&ns](exprt expr) { return rewrite_rw_ok(expr, ns); });

}


void rewrite_rw_ok(goto_modelt &goto_model)

{

  const namespacet ns(goto_model.symbol_table);


  for(auto &gf_entry : goto_model.goto_functions.function_map)

    rewrite_rw_ok(gf_entry.second, ns);

}


exprt
Base class for all expressions.
Definition expr.h:57

exprt::depth_end
depth_iteratort depth_end()
Definition expr.cpp:170

exprt::depth_begin
depth_iteratort depth_begin()
Definition expr.cpp:168

exprt::with_source_location
exprt & with_source_location(source_locationt location) &
Add the source location from location, if it is non-nil.
Definition expr.h:102

goto_functionst::function_map
function_mapt function_map
Definition goto_functions.h:29

goto_functionst::goto_functiont
::goto_functiont goto_functiont
Definition goto_functions.h:27

goto_modelt
Definition goto_model.h:27

goto_modelt::symbol_table
symbol_tablet symbol_table
Symbol table.
Definition goto_model.h:31

goto_modelt::goto_functions
goto_functionst goto_functions
GOTO functions.
Definition goto_model.h:34

namespacet
A namespacet is essentially one or two symbol tables bound together, to allow for symbol lookups in t...
Definition namespace.h:91

namespacet::lookup
bool lookup(const irep_idt &name, const symbolt *&symbol) const override
See documentation for namespace_baset::lookup().
Definition namespace.cpp:134

prophecy_pointer_in_range_exprt
pointer_in_range (see pointer_in_range_exprt) with prophecy expressions to encode whether a pointer r...
Definition pointer_expr.h:453

prophecy_r_or_w_ok_exprt
A base class for a predicate that indicates that an address range is ok to read or write or both.
Definition pointer_expr.h:1019

CPROVER_PREFIX
#define CPROVER_PREFIX
Definition cprover_prefix.h:14

expr_try_dynamic_cast
auto expr_try_dynamic_cast(TExpr &base) -> typename detail::expr_try_dynamic_cast_return_typet< T, TExpr >::type
Try to cast a reference to a generic exprt to a specific derived class.
Definition expr_cast.h:81

expr_iterator.h
Forward depth-first search iterators These iterators' copy operations are expensive,...

goto_model.h
Symbol Table + CFG.

pointer_expr.h
API to expression classes for Pointers.

rewrite_rw_ok
static std::optional< exprt > rewrite_rw_ok(exprt expr, const namespacet &ns)
Definition rewrite_rw_ok.cpp:16

rewrite_rw_ok.h
Rewrite r/w/rw_ok expressions to ones including prophecy variables recording the state.