CBMC
goto_instrument_parse_options.cpp
Go to the documentation of this file.
1 /*******************************************************************\
2 
3 Module: Main Module
4 
5 Author: Daniel Kroening, kroening@kroening.com
6 
7 \*******************************************************************/
8 
11 
12 #include "goto_instrument_parse_options.h"
13 
14 #include <util/exception_utils.h>
15 #include <util/exit_codes.h>
16 #include <util/json.h>
17 #include <util/options.h>
18 #include <util/string2int.h>
19 #include <util/string_utils.h>
20 #include <util/version.h>
21 
22 #include <fstream>
23 #include <iostream>
24 #include <memory>
25 
26 #ifdef _MSC_VER
27 # include <util/unicode.h>
28 #endif
29 
30 #include <goto-programs/class_hierarchy.h>
31 #include <goto-programs/ensure_one_backedge_per_target.h>
32 #include <goto-programs/goto_check.h>
33 #include <goto-programs/goto_inline.h>
34 #include <goto-programs/interpreter.h>
35 #include <goto-programs/label_function_pointer_call_sites.h>
36 #include <goto-programs/link_to_library.h>
37 #include <goto-programs/loop_ids.h>
38 #include <goto-programs/parameter_assignments.h>
39 #include <goto-programs/read_goto_binary.h>
40 #include <goto-programs/remove_calls_no_body.h>
41 #include <goto-programs/remove_function_pointers.h>
42 #include <goto-programs/remove_returns.h>
43 #include <goto-programs/remove_skip.h>
44 #include <goto-programs/remove_unused_functions.h>
45 #include <goto-programs/remove_virtual_functions.h>
46 #include <goto-programs/restrict_function_pointers.h>
47 #include <goto-programs/rewrite_union.h>
48 #include <goto-programs/set_properties.h>
49 #include <goto-programs/show_properties.h>
50 #include <goto-programs/show_symbol_table.h>
51 #include <goto-programs/slice_global_inits.h>
52 #include <goto-programs/string_abstraction.h>
53 #include <goto-programs/write_goto_binary.h>
54 
55 #include <analyses/call_graph.h>
56 #include <analyses/constant_propagator.h>
57 #include <analyses/custom_bitvector_analysis.h>
58 #include <analyses/dependence_graph.h>
59 #include <analyses/escape_analysis.h>
60 #include <analyses/global_may_alias.h>
61 #include <analyses/interval_analysis.h>
62 #include <analyses/interval_domain.h>
63 #include <analyses/is_threaded.h>
64 #include <analyses/lexical_loops.h>
65 #include <analyses/local_bitvector_analysis.h>
66 #include <analyses/local_safe_pointers.h>
67 #include <analyses/natural_loops.h>
68 #include <analyses/reaching_definitions.h>
69 #include <analyses/sese_regions.h>
70 #include <ansi-c/ansi_c_language.h>
71 #include <ansi-c/c_object_factory_parameters.h>
72 #include <ansi-c/cprover_library.h>
73 #include <ansi-c/gcc_version.h>
74 #include <assembler/remove_asm.h>
75 #include <cpp/cprover_library.h>
76 #include <pointer-analysis/add_failed_symbols.h>
77 #include <pointer-analysis/show_value_sets.h>
78 #include <pointer-analysis/value_set_analysis.h>
79 
80 #include "alignment_checks.h"
81 #include "branch.h"
82 #include "call_sequences.h"
83 #include "concurrency.h"
84 #include "dot.h"
85 #include "full_slicer.h"
86 #include "function.h"
87 #include "havoc_loops.h"
88 #include "horn_encoding.h"
89 #include "insert_final_assert_false.h"
90 #include "interrupt.h"
91 #include "k_induction.h"
92 #include "mmio.h"
93 #include "model_argc_argv.h"
94 #include "nondet_static.h"
95 #include "nondet_volatile.h"
96 #include "points_to.h"
97 #include "race_check.h"
98 #include "reachability_slicer.h"
99 #include "remove_function.h"
100 #include "rw_set.h"
101 #include "show_locations.h"
102 #include "skip_loops.h"
103 #include "splice_call.h"
104 #include "stack_depth.h"
105 #include "thread_instrumentation.h"
106 #include "undefined_functions.h"
107 #include "unwind.h"
108 #include "value_set_fi_fp_removal.h"
109 
110 #include "accelerate/accelerate.h"
111 
113 int goto_instrument_parse_optionst::doit()
114 {
115  if(cmdline.isset("version"))
116  {
117  std::cout << CBMC_VERSION << '\n';
118  return CPROVER_EXIT_SUCCESS;
119  }
120 
121  if(cmdline.args.size()!=1 && cmdline.args.size()!=2)
122  {
123  help();
124  return CPROVER_EXIT_USAGE_ERROR;
125  }
126 
127  messaget::eval_verbosity(
128  cmdline.get_value("verbosity"), messaget::M_STATISTICS, ui_message_handler);
129 
130  {
131  register_languages();
132 
133  get_goto_program();
134 
135  // configure gcc, if required -- get_goto_program will have set the config
136  if(config.ansi_c.preprocessor == configt::ansi_ct::preprocessort::GCC)
137  {
138  gcc_versiont gcc_version;
139  gcc_version.get("gcc");
140  configure_gcc(gcc_version);
141  }
142 
143  {
144  const bool validate_only = cmdline.isset("validate-goto-binary");
145 
146  if(validate_only || cmdline.isset("validate-goto-model"))
147  {
148  goto_model.validate(validation_modet::EXCEPTION);
149 
150  if(validate_only)
151  {
152  return CPROVER_EXIT_SUCCESS;
153  }
154  }
155  }
156 
157  instrument_goto_program();
158 
159  if(cmdline.isset("validate-goto-model"))
160  {
161  goto_model.validate();
162  }
163 
164  {
165  bool unwind_given=cmdline.isset("unwind");
166  bool unwindset_given=cmdline.isset("unwindset");
167  bool unwindset_file_given=cmdline.isset("unwindset-file");
168 
169  if(unwindset_given && unwindset_file_given)
170  throw "only one of --unwindset and --unwindset-file supported at a "
171  "time";
172 
173  if(unwind_given || unwindset_given || unwindset_file_given)
174  {
175  unwindsett unwindset{goto_model};
176 
177  if(unwind_given)
178  unwindset.parse_unwind(cmdline.get_value("unwind"));
179 
180  if(unwindset_file_given)
181  {
182  unwindset.parse_unwindset_file(
183  cmdline.get_value("unwindset-file"), ui_message_handler);
184  }
185 
186  if(unwindset_given)
187  {
188  unwindset.parse_unwindset(
189  cmdline.get_comma_separated_values("unwindset"),
190  ui_message_handler);
191  }
192 
193  bool unwinding_assertions=cmdline.isset("unwinding-assertions");
194  bool partial_loops=cmdline.isset("partial-loops");
195  bool continue_as_loops=cmdline.isset("continue-as-loops");
196  if(continue_as_loops)
197  {
198  if(unwinding_assertions)
199  {
200  throw "unwinding assertions cannot be used with "
201  "--continue-as-loops";
202  }
203  else if(partial_loops)
204  throw "partial loops cannot be used with --continue-as-loops";
205  }
206 
207  goto_unwindt::unwind_strategyt unwind_strategy=
208  goto_unwindt::unwind_strategyt::ASSUME;
209 
210  if(unwinding_assertions)
211  {
212  if(partial_loops)
213  unwind_strategy = goto_unwindt::unwind_strategyt::ASSERT_PARTIAL;
214  else
215  unwind_strategy = goto_unwindt::unwind_strategyt::ASSERT_ASSUME;
216  }
217  else if(partial_loops)
218  {
219  unwind_strategy=goto_unwindt::unwind_strategyt::PARTIAL;
220  }
221  else if(continue_as_loops)
222  {
223  unwind_strategy=goto_unwindt::unwind_strategyt::CONTINUE;
224  }
225 
226  goto_unwindt goto_unwind;
227  goto_unwind(goto_model, unwindset, unwind_strategy);
228 
229  if(cmdline.isset("log"))
230  {
231  std::string filename=cmdline.get_value("log");
232  bool have_file=!filename.empty() && filename!="-";
233 
234  jsont result=goto_unwind.output_log_json();
235 
236  if(have_file)
237  {
238 #ifdef _MSC_VER
239  std::ofstream of(widen(filename));
240 #else
241  std::ofstream of(filename);
242 #endif
243  if(!of)
244  throw "failed to open file "+filename;
245 
246  of << result;
247  of.close();
248  }
249  else
250  {
251  std::cout << result << '\n';
252  }
253  }
254 
255  // goto_unwind holds references to instructions, only do remove_skip
256  // after having generated the log above
257  remove_skip(goto_model);
258  }
259  }
260 
261  if(cmdline.isset("show-threaded"))
262  {
263  namespacet ns(goto_model.symbol_table);
264 
265  is_threadedt is_threaded(goto_model);
266 
267  for(const auto &gf_entry : goto_model.goto_functions.function_map)
268  {
269  std::cout << "////\n";
270  std::cout << "//// Function: " << gf_entry.first << '\n';
271  std::cout << "////\n\n";
272 
273  const goto_programt &goto_program = gf_entry.second.body;
274 
275  forall_goto_program_instructions(i_it, goto_program)
276  {
277  i_it->output(std::cout);
278  std::cout << "Is threaded: " << (is_threaded(i_it)?"True":"False")
279  << "\n\n";
280  }
281  }
282 
283  return CPROVER_EXIT_SUCCESS;
284  }
285 
286  if(cmdline.isset("insert-final-assert-false"))
287  {
288  log.status() << "Inserting final assert false" << messaget::eom;
289  bool fail = insert_final_assert_false(
290  goto_model,
291  cmdline.get_value("insert-final-assert-false"),
292  ui_message_handler);
293  if(fail)
294  {
295  return CPROVER_EXIT_INTERNAL_ERROR;
296  }
297  // otherwise, fall-through to write new binary
298  }
299 
300  if(cmdline.isset("show-value-sets"))
301  {
302  do_indirect_call_and_rtti_removal();
303 
304  // recalculate numbers, etc.
305  goto_model.goto_functions.update();
306 
307  log.status() << "Pointer Analysis" << messaget::eom;
308  namespacet ns(goto_model.symbol_table);
309  value_set_analysist value_set_analysis(ns);
310  value_set_analysis(goto_model.goto_functions);
311  show_value_sets(
312  ui_message_handler.get_ui(), goto_model, value_set_analysis);
313  return CPROVER_EXIT_SUCCESS;
314  }
315 
316  if(cmdline.isset("show-global-may-alias"))
317  {
318  do_indirect_call_and_rtti_removal();
319  do_remove_returns();
320  parameter_assignments(goto_model);
321 
322  // recalculate numbers, etc.
323  goto_model.goto_functions.update();
324 
325  global_may_alias_analysist global_may_alias_analysis;
326  global_may_alias_analysis(goto_model);
327  global_may_alias_analysis.output(goto_model, std::cout);
328 
329  return CPROVER_EXIT_SUCCESS;
330  }
331 
332  if(cmdline.isset("show-local-bitvector-analysis"))
333  {
334  do_indirect_call_and_rtti_removal();
335  parameter_assignments(goto_model);
336 
337  // recalculate numbers, etc.
338  goto_model.goto_functions.update();
339 
340  namespacet ns(goto_model.symbol_table);
341 
342  for(const auto &gf_entry : goto_model.goto_functions.function_map)
343  {
344  local_bitvector_analysist local_bitvector_analysis(gf_entry.second, ns);
345  std::cout << ">>>>\n";
346  std::cout << ">>>> " << gf_entry.first << '\n';
347  std::cout << ">>>>\n";
348  local_bitvector_analysis.output(std::cout, gf_entry.second, ns);
349  std::cout << '\n';
350  }
351 
352  return CPROVER_EXIT_SUCCESS;
353  }
354 
355  if(cmdline.isset("show-local-safe-pointers") ||
356  cmdline.isset("show-safe-dereferences"))
357  {
358  // Ensure location numbering is unique:
359  goto_model.goto_functions.update();
360 
361  namespacet ns(goto_model.symbol_table);
362 
363  for(const auto &gf_entry : goto_model.goto_functions.function_map)
364  {
365  local_safe_pointerst local_safe_pointers;
366  local_safe_pointers(gf_entry.second.body);
367  std::cout << ">>>>\n";
368  std::cout << ">>>> " << gf_entry.first << '\n';
369  std::cout << ">>>>\n";
370  if(cmdline.isset("show-local-safe-pointers"))
371  local_safe_pointers.output(std::cout, gf_entry.second.body, ns);
372  else
373  {
374  local_safe_pointers.output_safe_dereferences(
375  std::cout, gf_entry.second.body, ns);
376  }
377  std::cout << '\n';
378  }
379 
380  return CPROVER_EXIT_SUCCESS;
381  }
382 
383  if(cmdline.isset("show-sese-regions"))
384  {
385  // Ensure location numbering is unique:
386  goto_model.goto_functions.update();
387 
388  namespacet ns(goto_model.symbol_table);
389 
390  for(const auto &gf_entry : goto_model.goto_functions.function_map)
391  {
392  sese_region_analysist sese_region_analysis;
393  sese_region_analysis(gf_entry.second.body);
394  std::cout << ">>>>\n";
395  std::cout << ">>>> " << gf_entry.first << '\n';
396  std::cout << ">>>>\n";
397  sese_region_analysis.output(std::cout, gf_entry.second.body, ns);
398  std::cout << '\n';
399  }
400 
401  return CPROVER_EXIT_SUCCESS;
402  }
403 
404  if(cmdline.isset("show-custom-bitvector-analysis"))
405  {
406  do_indirect_call_and_rtti_removal();
407  do_remove_returns();
408  parameter_assignments(goto_model);
409 
410  remove_unused_functions(goto_model, ui_message_handler);
411 
412  if(!cmdline.isset("inline"))
413  {
414  thread_exit_instrumentation(goto_model);
415  mutex_init_instrumentation(goto_model);
416  }
417 
418  // recalculate numbers, etc.
419  goto_model.goto_functions.update();
420 
421  custom_bitvector_analysist custom_bitvector_analysis;
422  custom_bitvector_analysis(goto_model);
423  custom_bitvector_analysis.output(goto_model, std::cout);
424 
425  return CPROVER_EXIT_SUCCESS;
426  }
427 
428  if(cmdline.isset("show-escape-analysis"))
429  {
430  do_indirect_call_and_rtti_removal();
431  do_remove_returns();
432  parameter_assignments(goto_model);
433 
434  // recalculate numbers, etc.
435  goto_model.goto_functions.update();
436 
437  escape_analysist escape_analysis;
438  escape_analysis(goto_model);
439  escape_analysis.output(goto_model, std::cout);
440 
441  return CPROVER_EXIT_SUCCESS;
442  }
443 
444  if(cmdline.isset("custom-bitvector-analysis"))
445  {
446  do_indirect_call_and_rtti_removal();
447  do_remove_returns();
448  parameter_assignments(goto_model);
449 
450  remove_unused_functions(goto_model, ui_message_handler);
451 
452  if(!cmdline.isset("inline"))
453  {
454  thread_exit_instrumentation(goto_model);
455  mutex_init_instrumentation(goto_model);
456  }
457 
458  // recalculate numbers, etc.
459  goto_model.goto_functions.update();
460 
461  namespacet ns(goto_model.symbol_table);
462 
463  custom_bitvector_analysist custom_bitvector_analysis;
464  custom_bitvector_analysis(goto_model);
465  custom_bitvector_analysis.check(
466  goto_model,
467  cmdline.isset("xml-ui"),
468  std::cout);
469 
470  return CPROVER_EXIT_SUCCESS;
471  }
472 
473  if(cmdline.isset("show-points-to"))
474  {
475  do_indirect_call_and_rtti_removal();
476 
477  // recalculate numbers, etc.
478  goto_model.goto_functions.update();
479 
480  namespacet ns(goto_model.symbol_table);
481 
482  log.status() << "Pointer Analysis" << messaget::eom;
483  points_tot points_to;
484  points_to(goto_model);
485  points_to.output(std::cout);
486  return CPROVER_EXIT_SUCCESS;
487  }
488 
489  if(cmdline.isset("show-intervals"))
490  {
491  do_indirect_call_and_rtti_removal();
492 
493  // recalculate numbers, etc.
494  goto_model.goto_functions.update();
495 
496  log.status() << "Interval Analysis" << messaget::eom;
497  namespacet ns(goto_model.symbol_table);
498  ait<interval_domaint> interval_analysis;
499  interval_analysis(goto_model);
500  interval_analysis.output(goto_model, std::cout);
501  return CPROVER_EXIT_SUCCESS;
502  }
503 
504  if(cmdline.isset("show-call-sequences"))
505  {
506  do_indirect_call_and_rtti_removal();
507  show_call_sequences(goto_model);
508  return CPROVER_EXIT_SUCCESS;
509  }
510 
511  if(cmdline.isset("check-call-sequence"))
512  {
513  do_remove_returns();
514  check_call_sequence(goto_model);
515  return CPROVER_EXIT_SUCCESS;
516  }
517 
518  if(cmdline.isset("list-calls-args"))
519  {
520  do_indirect_call_and_rtti_removal();
521 
522  list_calls_and_arguments(goto_model);
523 
524  return CPROVER_EXIT_SUCCESS;
525  }
526 
527  if(cmdline.isset("show-rw-set"))
528  {
529  namespacet ns(goto_model.symbol_table);
530 
531  if(!cmdline.isset("inline"))
532  {
533  do_indirect_call_and_rtti_removal();
534 
535  // recalculate numbers, etc.
536  goto_model.goto_functions.update();
537  }
538 
539  log.status() << "Pointer Analysis" << messaget::eom;
540  value_set_analysist value_set_analysis(ns);
541  value_set_analysis(goto_model.goto_functions);
542 
543  const symbolt &symbol=ns.lookup(ID_main);
544  symbol_exprt main(symbol.name, symbol.type);
545 
546  std::cout <<
547  rw_set_functiont(value_set_analysis, goto_model, main);
548  return CPROVER_EXIT_SUCCESS;
549  }
550 
551  if(cmdline.isset("show-symbol-table"))
552  {
553  ::show_symbol_table(goto_model, ui_message_handler);
554  return CPROVER_EXIT_SUCCESS;
555  }
556 
557  if(cmdline.isset("show-reaching-definitions"))
558  {
559  do_indirect_call_and_rtti_removal();
560 
561  const namespacet ns(goto_model.symbol_table);
562  reaching_definitions_analysist rd_analysis(ns);
563  rd_analysis(goto_model);
564  rd_analysis.output(goto_model, std::cout);
565 
566  return CPROVER_EXIT_SUCCESS;
567  }
568 
569  if(cmdline.isset("show-dependence-graph"))
570  {
571  do_indirect_call_and_rtti_removal();
572 
573  const namespacet ns(goto_model.symbol_table);
574  dependence_grapht dependence_graph(ns);
575  dependence_graph(goto_model);
576  dependence_graph.output(goto_model, std::cout);
577  dependence_graph.output_dot(std::cout);
578 
579  return CPROVER_EXIT_SUCCESS;
580  }
581 
582  if(cmdline.isset("count-eloc"))
583  {
584  count_eloc(goto_model);
585  return CPROVER_EXIT_SUCCESS;
586  }
587 
588  if(cmdline.isset("list-eloc"))
589  {
590  list_eloc(goto_model);
591  return CPROVER_EXIT_SUCCESS;
592  }
593 
594  if(cmdline.isset("print-path-lengths"))
595  {
596  print_path_lengths(goto_model);
597  return CPROVER_EXIT_SUCCESS;
598  }
599 
600  if(cmdline.isset("print-global-state-size"))
601  {
602  print_global_state_size(goto_model);
603  return CPROVER_EXIT_SUCCESS;
604  }
605 
606  if(cmdline.isset("list-symbols"))
607  {
608  show_symbol_table_brief(goto_model, ui_message_handler);
609  return CPROVER_EXIT_SUCCESS;
610  }
611 
612  if(cmdline.isset("show-uninitialized"))
613  {
614  show_uninitialized(goto_model, std::cout);
615  return CPROVER_EXIT_SUCCESS;
616  }
617 
618  if(cmdline.isset("interpreter"))
619  {
620  do_indirect_call_and_rtti_removal();
621  rewrite_union(goto_model);
622 
623  log.status() << "Starting interpreter" << messaget::eom;
624  interpreter(goto_model, ui_message_handler);
625  return CPROVER_EXIT_SUCCESS;
626  }
627 
628  if(cmdline.isset("show-claims") ||
629  cmdline.isset("show-properties"))
630  {
631  const namespacet ns(goto_model.symbol_table);
632  show_properties(goto_model, ui_message_handler);
633  return CPROVER_EXIT_SUCCESS;
634  }
635 
636  if(cmdline.isset("document-claims-html") ||
637  cmdline.isset("document-properties-html"))
638  {
639  document_properties_html(goto_model, std::cout);
640  return CPROVER_EXIT_SUCCESS;
641  }
642 
643  if(cmdline.isset("document-claims-latex") ||
644  cmdline.isset("document-properties-latex"))
645  {
646  document_properties_latex(goto_model, std::cout);
647  return CPROVER_EXIT_SUCCESS;
648  }
649 
650  if(cmdline.isset("show-loops"))
651  {
652  show_loop_ids(ui_message_handler.get_ui(), goto_model);
653  return CPROVER_EXIT_SUCCESS;
654  }
655 
656  if(cmdline.isset("show-natural-loops"))
657  {
658  show_natural_loops(goto_model, std::cout);
659  return CPROVER_EXIT_SUCCESS;
660  }
661 
662  if(cmdline.isset("show-lexical-loops"))
663  {
664  show_lexical_loops(goto_model, std::cout);
665  }
666 
667  if(cmdline.isset("print-internal-representation"))
668  {
669  for(auto const &pair : goto_model.goto_functions.function_map)
670  for(auto const &ins : pair.second.body.instructions)
671  {
672  if(ins.code().is_not_nil())
673  log.status() << ins.code().pretty() << messaget::eom;
674  if(ins.has_condition())
675  {
676  log.status() << "[guard] " << ins.condition().pretty()
677  << messaget::eom;
678  }
679  }
680  return CPROVER_EXIT_SUCCESS;
681  }
682 
683  if(
684  cmdline.isset("show-goto-functions") ||
685  cmdline.isset("list-goto-functions"))
686  {
687  show_goto_functions(
688  goto_model, ui_message_handler, cmdline.isset("list-goto-functions"));
689  return CPROVER_EXIT_SUCCESS;
690  }
691 
692  if(cmdline.isset("list-undefined-functions"))
693  {
694  list_undefined_functions(goto_model, std::cout);
695  return CPROVER_EXIT_SUCCESS;
696  }
697 
698  // experimental: print structs
699  if(cmdline.isset("show-struct-alignment"))
700  {
701  print_struct_alignment_problems(goto_model.symbol_table, std::cout);
702  return CPROVER_EXIT_SUCCESS;
703  }
704 
705  if(cmdline.isset("show-locations"))
706  {
707  show_locations(ui_message_handler.get_ui(), goto_model);
708  return CPROVER_EXIT_SUCCESS;
709  }
710 
711  if(
712  cmdline.isset("dump-c") || cmdline.isset("dump-cpp") ||
713  cmdline.isset("dump-c-type-header"))
714  {
715  const bool is_cpp=cmdline.isset("dump-cpp");
716  const bool is_header = cmdline.isset("dump-c-type-header");
717  const bool h_libc=!cmdline.isset("no-system-headers");
718  const bool h_all=cmdline.isset("use-all-headers");
719  const bool harness=cmdline.isset("harness");
720  namespacet ns(goto_model.symbol_table);
721 
722  // restore RETURN instructions in case remove_returns had been
723  // applied
724  restore_returns(goto_model);
725 
726  // dump_c (actually goto_program2code) requires valid instruction
727  // location numbers:
728  goto_model.goto_functions.update();
729 
730  if(cmdline.args.size()==2)
731  {
732  #ifdef _MSC_VER
733  std::ofstream out(widen(cmdline.args[1]));
734  #else
735  std::ofstream out(cmdline.args[1]);
736  #endif
737  if(!out)
738  {
739  log.error() << "failed to write to '" << cmdline.args[1] << "'";
740  return CPROVER_EXIT_CONVERSION_FAILED;
741  }
742  if(is_header)
743  {
744  dump_c_type_header(
745  goto_model.goto_functions,
746  h_libc,
747  h_all,
748  harness,
749  ns,
750  cmdline.get_value("dump-c-type-header"),
751  out);
752  }
753  else
754  {
755  (is_cpp ? dump_cpp : dump_c)(
756  goto_model.goto_functions, h_libc, h_all, harness, ns, out);
757  }
758  }
759  else
760  {
761  if(is_header)
762  {
763  dump_c_type_header(
764  goto_model.goto_functions,
765  h_libc,
766  h_all,
767  harness,
768  ns,
769  cmdline.get_value("dump-c-type-header"),
770  std::cout);
771  }
772  else
773  {
774  (is_cpp ? dump_cpp : dump_c)(
775  goto_model.goto_functions, h_libc, h_all, harness, ns, std::cout);
776  }
777  }
778 
779  return CPROVER_EXIT_SUCCESS;
780  }
781 
782  if(cmdline.isset("call-graph"))
783  {
784  do_indirect_call_and_rtti_removal();
785  call_grapht call_graph(goto_model);
786 
787  if(cmdline.isset("xml"))
788  call_graph.output_xml(std::cout);
789  else if(cmdline.isset("dot"))
790  call_graph.output_dot(std::cout);
791  else
792  call_graph.output(std::cout);
793 
794  return CPROVER_EXIT_SUCCESS;
795  }
796 
797  if(cmdline.isset("reachable-call-graph"))
798  {
799  do_indirect_call_and_rtti_removal();
800  call_grapht call_graph =
801  call_grapht::create_from_root_function(
802  goto_model, goto_functionst::entry_point(), false);
803  if(cmdline.isset("xml"))
804  call_graph.output_xml(std::cout);
805  else if(cmdline.isset("dot"))
806  call_graph.output_dot(std::cout);
807  else
808  call_graph.output(std::cout);
809 
810  return 0;
811  }
812 
813  if(cmdline.isset("show-class-hierarchy"))
814  {
815  class_hierarchyt hierarchy;
816  hierarchy(goto_model.symbol_table);
817  if(cmdline.isset("dot"))
818  hierarchy.output_dot(std::cout);
819  else
820  show_class_hierarchy(hierarchy, ui_message_handler);
821 
822  return CPROVER_EXIT_SUCCESS;
823  }
824 
825  if(cmdline.isset("dot"))
826  {
827  namespacet ns(goto_model.symbol_table);
828 
829  if(cmdline.args.size()==2)
830  {
831  #ifdef _MSC_VER
832  std::ofstream out(widen(cmdline.args[1]));
833  #else
834  std::ofstream out(cmdline.args[1]);
835  #endif
836  if(!out)
837  {
838  log.error() << "failed to write to " << cmdline.args[1] << "'";
839  return CPROVER_EXIT_CONVERSION_FAILED;
840  }
841 
842  dot(goto_model, out);
843  }
844  else
845  dot(goto_model, std::cout);
846 
847  return CPROVER_EXIT_SUCCESS;
848  }
849 
850  if(cmdline.isset("accelerate"))
851  {
852  do_indirect_call_and_rtti_removal();
853 
854  namespacet ns(goto_model.symbol_table);
855 
856  log.status() << "Performing full inlining" << messaget::eom;
857  goto_inline(goto_model, ui_message_handler);
858 
859  log.status() << "Removing calls to functions without a body"
860  << messaget::eom;
861  remove_calls_no_bodyt remove_calls_no_body;
862  remove_calls_no_body(goto_model.goto_functions, ui_message_handler);
863 
864  log.status() << "Accelerating" << messaget::eom;
865  guard_managert guard_manager;
866  accelerate_functions(
867  goto_model, ui_message_handler, cmdline.isset("z3"), guard_manager);
868  remove_skip(goto_model);
869  }
870 
871  if(cmdline.isset("horn"))
872  {
873  log.status() << "Horn-clause encoding" << messaget::eom;
874  namespacet ns(goto_model.symbol_table);
875 
876  if(cmdline.args.size()==2)
877  {
878  #ifdef _MSC_VER
879  std::ofstream out(widen(cmdline.args[1]));
880  #else
881  std::ofstream out(cmdline.args[1]);
882  #endif
883 
884  if(!out)
885  {
886  log.error() << "Failed to open output file " << cmdline.args[1]
887  << messaget::eom;
888  return CPROVER_EXIT_CONVERSION_FAILED;
889  }
890 
891  horn_encoding(goto_model, out);
892  }
893  else
894  horn_encoding(goto_model, std::cout);
895 
896  return CPROVER_EXIT_SUCCESS;
897  }
898 
899  if(cmdline.isset("drop-unused-functions"))
900  {
901  do_indirect_call_and_rtti_removal();
902 
903  log.status() << "Removing unused functions" << messaget::eom;
904  remove_unused_functions(goto_model.goto_functions, ui_message_handler);
905  }
906 
907  if(cmdline.isset("undefined-function-is-assume-false"))
908  {
909  do_indirect_call_and_rtti_removal();
910  undefined_function_abort_path(goto_model);
911  }
912 
913  // write new binary?
914  if(cmdline.args.size()==2)
915  {
916  log.status() << "Writing GOTO program to '" << cmdline.args[1] << "'"
917  << messaget::eom;
918 
919  if(write_goto_binary(cmdline.args[1], goto_model, ui_message_handler))
920  return CPROVER_EXIT_CONVERSION_FAILED;
921  else
922  return CPROVER_EXIT_SUCCESS;
923  }
924  else if(cmdline.args.size() < 2)
925  {
926  throw invalid_command_line_argument_exceptiont(
927  "Invalid number of positional arguments passed",
928  "[in] [out]",
929  "goto-instrument needs one input and one output file, aside from other "
930  "flags");
931  }
932 
933  help();
934  return CPROVER_EXIT_USAGE_ERROR;
935  }
936 // NOLINTNEXTLINE(readability/fn_size)
937 }
938 
939 void goto_instrument_parse_optionst::do_indirect_call_and_rtti_removal(
940  bool force)
941 {
942  if(function_pointer_removal_done && !force)
943  return;
944 
945  function_pointer_removal_done=true;
946 
947  log.status() << "Function Pointer Removal" << messaget::eom;
948  remove_function_pointers(ui_message_handler, goto_model, false);
949  log.status() << "Virtual function removal" << messaget::eom;
950  remove_virtual_functions(goto_model);
951  log.status() << "Cleaning inline assembler statements" << messaget::eom;
952  remove_asm(goto_model);
953 }
954 
958 void goto_instrument_parse_optionst::do_remove_const_function_pointers_only()
959 {
960  // Don't bother if we've already done a full function pointer
961  // removal.
962  if(function_pointer_removal_done)
963  {
964  return;
965  }
966 
967  log.status() << "Removing const function pointers only" << messaget::eom;
968  remove_function_pointers(
969  ui_message_handler,
970  goto_model,
971  true); // abort if we can't resolve via const pointers
972 }
973 
974 void goto_instrument_parse_optionst::do_partial_inlining()
975 {
976  if(partial_inlining_done)
977  return;
978 
979  partial_inlining_done=true;
980 
981  if(!cmdline.isset("inline"))
982  {
983  log.status() << "Partial Inlining" << messaget::eom;
984  goto_partial_inline(goto_model, ui_message_handler);
985  }
986 }
987 
988 void goto_instrument_parse_optionst::do_remove_returns()
989 {
990  if(remove_returns_done)
991  return;
992 
993  remove_returns_done=true;
994 
995  log.status() << "Removing returns" << messaget::eom;
996  remove_returns(goto_model);
997 }
998 
999 void goto_instrument_parse_optionst::get_goto_program()
1000 {
1001  log.status() << "Reading GOTO program from '" << cmdline.args[0] << "'"
1002  << messaget::eom;
1003 
1004  config.set(cmdline);
1005 
1006  auto result = read_goto_binary(cmdline.args[0], ui_message_handler);
1007 
1008  if(!result.has_value())
1009  throw 0;
1010 
1011  goto_model = std::move(result.value());
1012 
1013  config.set_from_symbol_table(goto_model.symbol_table);
1014 }
1015 
1016 void goto_instrument_parse_optionst::instrument_goto_program()
1017 {
1018  optionst options;
1019 
1020  parse_nondet_volatile_options(cmdline, options);
1021 
1022  // disable simplify when adding various checks?
1023  if(cmdline.isset("no-simplify"))
1024  options.set_option("simplify", false);
1025  else
1026  options.set_option("simplify", true);
1027 
1028  // all checks supported by goto_check
1029  PARSE_OPTIONS_GOTO_CHECK(cmdline, options);
1030 
1031  // initialize argv with valid pointers
1032  if(cmdline.isset("model-argc-argv"))
1033  {
1034  unsigned max_argc=
1035  safe_string2unsigned(cmdline.get_value("model-argc-argv"));
1036 
1037  log.status() << "Adding up to " << max_argc << " command line arguments"
1038  << messaget::eom;
1039  if(model_argc_argv(goto_model, max_argc, ui_message_handler))
1040  throw 0;
1041  }
1042 
1043  if(cmdline.isset("remove-function-body"))
1044  {
1045  remove_functions(
1046  goto_model,
1047  cmdline.get_values("remove-function-body"),
1048  ui_message_handler);
1049  }
1050 
1051  // we add the library in some cases, as some analyses benefit
1052 
1053  if(
1054  cmdline.isset("add-library") || cmdline.isset("mm") ||
1055  cmdline.isset("reachability-slice") ||
1056  cmdline.isset("reachability-slice-fb") ||
1057  cmdline.isset("fp-reachability-slice"))
1058  {
1059  if(cmdline.isset("show-custom-bitvector-analysis") ||
1060  cmdline.isset("custom-bitvector-analysis"))
1061  {
1062  config.ansi_c.defines.push_back(
1063  std::string(CPROVER_PREFIX) + "CUSTOM_BITVECTOR_ANALYSIS");
1064  }
1065 
1066  // remove inline assembler as that may yield further library function calls
1067  // that need to be resolved
1068  remove_asm(goto_model);
1069 
1070  // add the library
1071  log.status() << "Adding CPROVER library (" << config.ansi_c.arch << ")"
1072  << messaget::eom;
1073  link_to_library(
1074  goto_model, ui_message_handler, cprover_cpp_library_factory);
1075  link_to_library(goto_model, ui_message_handler, cprover_c_library_factory);
1076  }
1077 
1078  {
1079  parse_function_pointer_restriction_options_from_cmdline(cmdline, options);
1080 
1081  if(
1082  options.is_set(RESTRICT_FUNCTION_POINTER_OPT) ||
1083  options.is_set(RESTRICT_FUNCTION_POINTER_BY_NAME_OPT) ||
1084  options.is_set(RESTRICT_FUNCTION_POINTER_FROM_FILE_OPT))
1085  {
1086  label_function_pointer_call_sites(goto_model);
1087 
1088  restrict_function_pointers(ui_message_handler, goto_model, options);
1089  }
1090  }
1091 
1092  // skip over selected loops
1093  if(cmdline.isset("skip-loops"))
1094  {
1095  log.status() << "Adding gotos to skip loops" << messaget::eom;
1096  if(skip_loops(
1097  goto_model, cmdline.get_value("skip-loops"), ui_message_handler))
1098  {
1099  throw 0;
1100  }
1101  }
1102 
1103  // now do full inlining, if requested
1104  if(cmdline.isset("inline"))
1105  {
1106  do_indirect_call_and_rtti_removal(true);
1107 
1108  if(cmdline.isset("show-custom-bitvector-analysis") ||
1109  cmdline.isset("custom-bitvector-analysis"))
1110  {
1111  do_remove_returns();
1112  thread_exit_instrumentation(goto_model);
1113  mutex_init_instrumentation(goto_model);
1114  }
1115 
1116  log.status() << "Performing full inlining" << messaget::eom;
1117  goto_inline(goto_model, ui_message_handler, true);
1118  }
1119 
1120  if(cmdline.isset("show-custom-bitvector-analysis") ||
1121  cmdline.isset("custom-bitvector-analysis"))
1122  {
1123  log.status() << "Propagating Constants" << messaget::eom;
1124  constant_propagator_ait constant_propagator_ai(goto_model);
1125  remove_skip(goto_model);
1126  }
1127 
1128  if(cmdline.isset("escape-analysis"))
1129  {
1130  do_indirect_call_and_rtti_removal();
1131  do_remove_returns();
1132  parameter_assignments(goto_model);
1133 
1134  // recalculate numbers, etc.
1135  goto_model.goto_functions.update();
1136 
1137  log.status() << "Escape Analysis" << messaget::eom;
1138  escape_analysist escape_analysis;
1139  escape_analysis(goto_model);
1140  escape_analysis.instrument(goto_model);
1141 
1142  // inline added functions, they are often small
1143  goto_partial_inline(goto_model, ui_message_handler);
1144 
1145  // recalculate numbers, etc.
1146  goto_model.goto_functions.update();
1147  }
1148 
1149  if(cmdline.isset("synthesize-loop-invariants"))
1150  {
1151  log.warning() << "Loop invariant synthesizer is still work in progress. "
1152  "It only generates TRUE as invariants."
1153  << messaget::eom;
1154 
1155  // Synthesize loop invariants and annotate them into `goto_model`
1156  enumerative_loop_invariant_synthesizert synthesizer(goto_model, log);
1157  annotate_invariants(synthesizer.synthesize_all(), goto_model, log);
1158  }
1159 
1160  if(
1161  cmdline.isset(FLAG_LOOP_CONTRACTS) || cmdline.isset(FLAG_REPLACE_CALL) ||
1162  cmdline.isset(FLAG_ENFORCE_CONTRACT))
1163  {
1164  do_indirect_call_and_rtti_removal();
1165  code_contractst contracts(goto_model, log);
1166 
1167  std::set<std::string> to_replace(
1168  cmdline.get_values(FLAG_REPLACE_CALL).begin(),
1169  cmdline.get_values(FLAG_REPLACE_CALL).end());
1170 
1171  std::set<std::string> to_enforce(
1172  cmdline.get_values(FLAG_ENFORCE_CONTRACT).begin(),
1173  cmdline.get_values(FLAG_ENFORCE_CONTRACT).end());
1174 
1175  std::set<std::string> to_exclude_from_nondet_static(
1176  cmdline.get_values("nondet-static-exclude").begin(),
1177  cmdline.get_values("nondet-static-exclude").end());
1178 
1179  // It’s important to keep the order of contracts instrumentation, i.e.,
1180  // first replacement then enforcement. We rely on contract replacement
1181  // and inlining of sub-function calls to properly annotate all
1182  // assignments.
1183  contracts.replace_calls(to_replace);
1184  contracts.enforce_contracts(to_enforce, to_exclude_from_nondet_static);
1185 
1186  if(cmdline.isset(FLAG_LOOP_CONTRACTS))
1187  contracts.apply_loop_contracts(to_exclude_from_nondet_static);
1188  }
1189 
1190  if(cmdline.isset("value-set-fi-fp-removal"))
1191  {
1192  value_set_fi_fp_removal(goto_model, ui_message_handler);
1193  do_indirect_call_and_rtti_removal();
1194  }
1195 
1196  // replace function pointers, if explicitly requested
1197  if(cmdline.isset("remove-function-pointers"))
1198  {
1199  do_indirect_call_and_rtti_removal();
1200  }
1201  else if(cmdline.isset("remove-const-function-pointers"))
1202  {
1203  do_remove_const_function_pointers_only();
1204  }
1205 
1206  if(cmdline.isset("replace-calls"))
1207  {
1208  do_indirect_call_and_rtti_removal();
1209 
1210  replace_callst replace_calls;
1211  replace_calls(goto_model, cmdline.get_values("replace-calls"));
1212  }
1213 
1214  if(cmdline.isset("function-inline"))
1215  {
1216  std::string function=cmdline.get_value("function-inline");
1217  PRECONDITION(!function.empty());
1218 
1219  bool caching=!cmdline.isset("no-caching");
1220 
1221  do_indirect_call_and_rtti_removal();
1222 
1223  log.status() << "Inlining calls of function '" << function << "'"
1224  << messaget::eom;
1225 
1226  if(!cmdline.isset("log"))
1227  {
1228  goto_function_inline(
1229  goto_model, function, ui_message_handler, true, caching);
1230  }
1231  else
1232  {
1233  std::string filename=cmdline.get_value("log");
1234  bool have_file=!filename.empty() && filename!="-";
1235 
1236  jsont result = goto_function_inline_and_log(
1237  goto_model, function, ui_message_handler, true, caching);
1238 
1239  if(have_file)
1240  {
1241 #ifdef _MSC_VER
1242  std::ofstream of(widen(filename));
1243 #else
1244  std::ofstream of(filename);
1245 #endif
1246  if(!of)
1247  throw "failed to open file "+filename;
1248 
1249  of << result;
1250  of.close();
1251  }
1252  else
1253  {
1254  std::cout << result << '\n';
1255  }
1256  }
1257 
1258  goto_model.goto_functions.update();
1259  goto_model.goto_functions.compute_loop_numbers();
1260  }
1261 
1262  if(cmdline.isset("partial-inline"))
1263  {
1264  do_indirect_call_and_rtti_removal();
1265 
1266  log.status() << "Partial inlining" << messaget::eom;
1267  goto_partial_inline(goto_model, ui_message_handler, 0, true);
1268 
1269  goto_model.goto_functions.update();
1270  goto_model.goto_functions.compute_loop_numbers();
1271  }
1272 
1273  if(cmdline.isset("remove-calls-no-body"))
1274  {
1275  log.status() << "Removing calls to functions without a body"
1276  << messaget::eom;
1277 
1278  remove_calls_no_bodyt remove_calls_no_body;
1279  remove_calls_no_body(goto_model.goto_functions, ui_message_handler);
1280 
1281  goto_model.goto_functions.update();
1282  goto_model.goto_functions.compute_loop_numbers();
1283  }
1284 
1285  if(cmdline.isset("constant-propagator"))
1286  {
1287  do_indirect_call_and_rtti_removal();
1288  do_remove_returns();
1289 
1290  log.status() << "Propagating Constants" << messaget::eom;
1291  log.warning() << "**** WARNING: Constant propagation as performed by "
1292  "goto-instrument is not expected to be sound. Do not use "
1293  "--constant-propagator if soundness is important for your "
1294  "use case."
1295  << messaget::eom;
1296 
1297  constant_propagator_ait constant_propagator_ai(goto_model);
1298  remove_skip(goto_model);
1299  }
1300 
1301  if(cmdline.isset("generate-function-body"))
1302  {
1303  optionst c_object_factory_options;
1304  parse_c_object_factory_options(cmdline, c_object_factory_options);
1305  c_object_factory_parameterst object_factory_parameters(
1306  c_object_factory_options);
1307 
1308  auto generate_implementation = generate_function_bodies_factory(
1309  cmdline.get_value("generate-function-body-options"),
1310  object_factory_parameters,
1311  goto_model.symbol_table,
1312  ui_message_handler);
1313  generate_function_bodies(
1314  std::regex(cmdline.get_value("generate-function-body")),
1315  *generate_implementation,
1316  goto_model,
1317  ui_message_handler);
1318  }
1319 
1320  if(cmdline.isset("generate-havocing-body"))
1321  {
1322  optionst c_object_factory_options;
1323  parse_c_object_factory_options(cmdline, c_object_factory_options);
1324  c_object_factory_parameterst object_factory_parameters(
1325  c_object_factory_options);
1326 
1327  auto options_split =
1328  split_string(cmdline.get_value("generate-havocing-body"), ',');
1329  if(options_split.size() < 2)
1330  throw invalid_command_line_argument_exceptiont{
1331  "not enough arguments for this option", "--generate-havocing-body"};
1332 
1333  if(options_split.size() == 2)
1334  {
1335  auto generate_implementation = generate_function_bodies_factory(
1336  std::string{"havoc,"} + options_split.back(),
1337  object_factory_parameters,
1338  goto_model.symbol_table,
1339  ui_message_handler);
1340  generate_function_bodies(
1341  std::regex(options_split[0]),
1342  *generate_implementation,
1343  goto_model,
1344  ui_message_handler);
1345  }
1346  else
1347  {
1348  CHECK_RETURN(options_split.size() % 2 == 1);
1349  for(size_t i = 1; i + 1 < options_split.size(); i += 2)
1350  {
1351  auto generate_implementation = generate_function_bodies_factory(
1352  std::string{"havoc,"} + options_split[i + 1],
1353  object_factory_parameters,
1354  goto_model.symbol_table,
1355  ui_message_handler);
1356  generate_function_bodies(
1357  options_split[0],
1358  options_split[i],
1359  *generate_implementation,
1360  goto_model,
1361  ui_message_handler);
1362  }
1363  }
1364  }
1365 
1366  // add generic checks, if needed
1367  goto_check_c(options, goto_model, ui_message_handler);
1368  transform_assertions_assumptions(options, goto_model);
1369 
1370  // check for uninitalized local variables
1371  if(cmdline.isset("uninitialized-check"))
1372  {
1373  log.status() << "Adding checks for uninitialized local variables"
1374  << messaget::eom;
1375  add_uninitialized_locals_assertions(goto_model);
1376  }
1377 
1378  // check for maximum call stack size
1379  if(cmdline.isset("stack-depth"))
1380  {
1381  log.status() << "Adding check for maximum call stack size" << messaget::eom;
1382  stack_depth(
1383  goto_model,
1384  safe_string2size_t(cmdline.get_value("stack-depth")),
1385  ui_message_handler);
1386  }
1387 
1388  // ignore default/user-specified initialization of variables with static
1389  // lifetime
1390  if(cmdline.isset("nondet-static-exclude"))
1391  {
1392  log.status() << "Adding nondeterministic initialization "
1393  "of static/global variables except for "
1394  "the specified ones."
1395  << messaget::eom;
1396  std::set<std::string> to_exclude(
1397  cmdline.get_values("nondet-static-exclude").begin(),
1398  cmdline.get_values("nondet-static-exclude").end());
1399  nondet_static(goto_model, to_exclude);
1400  }
1401  else if(cmdline.isset("nondet-static"))
1402  {
1403  log.status() << "Adding nondeterministic initialization "
1404  "of static/global variables"
1405  << messaget::eom;
1406  nondet_static(goto_model);
1407  }
1408 
1409  if(cmdline.isset("slice-global-inits"))
1410  {
1411  log.status() << "Slicing away initializations of unused global variables"
1412  << messaget::eom;
1413  slice_global_inits(goto_model, ui_message_handler);
1414  }
1415 
1416  if(cmdline.isset("string-abstraction"))
1417  {
1418  do_indirect_call_and_rtti_removal();
1419  do_remove_returns();
1420 
1421  log.status() << "String Abstraction" << messaget::eom;
1422  string_abstraction(goto_model, ui_message_handler);
1423  }
1424 
1425  // some analyses require function pointer removal and partial inlining
1426 
1427  if(cmdline.isset("remove-pointers") ||
1428  cmdline.isset("race-check") ||
1429  cmdline.isset("mm") ||
1430  cmdline.isset("isr") ||
1431  cmdline.isset("concurrency"))
1432  {
1433  do_indirect_call_and_rtti_removal();
1434 
1435  log.status() << "Pointer Analysis" << messaget::eom;
1436  const namespacet ns(goto_model.symbol_table);
1437  value_set_analysist value_set_analysis(ns);
1438  value_set_analysis(goto_model.goto_functions);
1439 
1440  if(cmdline.isset("remove-pointers"))
1441  {
1442  // removing pointers
1443  log.status() << "Removing Pointers" << messaget::eom;
1444  remove_pointers(goto_model, value_set_analysis);
1445  }
1446 
1447  if(cmdline.isset("race-check"))
1448  {
1449  log.status() << "Adding Race Checks" << messaget::eom;
1450  race_check(value_set_analysis, goto_model);
1451  }
1452 
1453  if(cmdline.isset("mm"))
1454  {
1455  std::string mm=cmdline.get_value("mm");
1456  memory_modelt model;
1457 
1458  // strategy of instrumentation
1459  instrumentation_strategyt inst_strategy;
1460  if(cmdline.isset("one-event-per-cycle"))
1461  inst_strategy=one_event_per_cycle;
1462  else if(cmdline.isset("minimum-interference"))
1463  inst_strategy=min_interference;
1464  else if(cmdline.isset("read-first"))
1465  inst_strategy=read_first;
1466  else if(cmdline.isset("write-first"))
1467  inst_strategy=write_first;
1468  else if(cmdline.isset("my-events"))
1469  inst_strategy=my_events;
1470  else
1471  /* default: instruments all unsafe pairs */
1472  inst_strategy=all;
1473 
1474  const unsigned max_var=
1475  cmdline.isset("max-var")?
1476  unsafe_string2unsigned(cmdline.get_value("max-var")):0;
1477  const unsigned max_po_trans=
1478  cmdline.isset("max-po-trans")?
1479  unsafe_string2unsigned(cmdline.get_value("max-po-trans")):0;
1480 
1481  if(mm=="tso")
1482  {
1483  log.status() << "Adding weak memory (TSO) Instrumentation"
1484  << messaget::eom;
1485  model=TSO;
1486  }
1487  else if(mm=="pso")
1488  {
1489  log.status() << "Adding weak memory (PSO) Instrumentation"
1490  << messaget::eom;
1491  model=PSO;
1492  }
1493  else if(mm=="rmo")
1494  {
1495  log.status() << "Adding weak memory (RMO) Instrumentation"
1496  << messaget::eom;
1497  model=RMO;
1498  }
1499  else if(mm=="power")
1500  {
1501  log.status() << "Adding weak memory (Power) Instrumentation"
1502  << messaget::eom;
1503  model=Power;
1504  }
1505  else
1506  {
1507  log.error() << "Unknown weak memory model '" << mm << "'"
1508  << messaget::eom;
1509  model=Unknown;
1510  }
1511 
1512  loop_strategyt loops=arrays_only;
1513 
1514  if(cmdline.isset("force-loop-duplication"))
1515  loops=all_loops;
1516  if(cmdline.isset("no-loop-duplication"))
1517  loops=no_loop;
1518 
1519  if(model!=Unknown)
1520  weak_memory(
1521  model,
1522  value_set_analysis,
1523  goto_model,
1524  cmdline.isset("scc"),
1525  inst_strategy,
1526  !cmdline.isset("cfg-kill"),
1527  cmdline.isset("no-dependencies"),
1528  loops,
1529  max_var,
1530  max_po_trans,
1531  !cmdline.isset("no-po-rendering"),
1532  cmdline.isset("render-cluster-file"),
1533  cmdline.isset("render-cluster-function"),
1534  cmdline.isset("cav11"),
1535  cmdline.isset("hide-internals"),
1536  ui_message_handler,
1537  cmdline.isset("ignore-arrays"));
1538  }
1539 
1540  // Interrupt handler
1541  if(cmdline.isset("isr"))
1542  {
1543  log.status() << "Instrumenting interrupt handler" << messaget::eom;
1544  interrupt(
1545  value_set_analysis,
1546  goto_model,
1547  cmdline.get_value("isr"));
1548  }
1549 
1550  // Memory-mapped I/O
1551  if(cmdline.isset("mmio"))
1552  {
1553  log.status() << "Instrumenting memory-mapped I/O" << messaget::eom;
1554  mmio(value_set_analysis, goto_model);
1555  }
1556 
1557  if(cmdline.isset("concurrency"))
1558  {
1559  log.status() << "Sequentializing concurrency" << messaget::eom;
1560  concurrency(value_set_analysis, goto_model);
1561  }
1562  }
1563 
1564  if(cmdline.isset("interval-analysis"))
1565  {
1566  log.status() << "Interval analysis" << messaget::eom;
1567  interval_analysis(goto_model);
1568  }
1569 
1570  if(cmdline.isset("havoc-loops"))
1571  {
1572  log.status() << "Havocking loops" << messaget::eom;
1573  havoc_loops(goto_model);
1574  }
1575 
1576  if(cmdline.isset("k-induction"))
1577  {
1578  bool base_case=cmdline.isset("base-case");
1579  bool step_case=cmdline.isset("step-case");
1580 
1581  if(step_case && base_case)
1582  throw "please specify only one of --step-case and --base-case";
1583  else if(!step_case && !base_case)
1584  throw "please specify one of --step-case and --base-case";
1585 
1586  unsigned k=unsafe_string2unsigned(cmdline.get_value("k-induction"));
1587 
1588  if(k==0)
1589  throw "please give k>=1";
1590 
1591  log.status() << "Instrumenting k-induction for k=" << k << ", "
1592  << (base_case ? "base case" : "step case") << messaget::eom;
1593 
1594  k_induction(goto_model, base_case, step_case, k);
1595  }
1596 
1597  if(cmdline.isset("function-enter"))
1598  {
1599  log.status() << "Function enter instrumentation" << messaget::eom;
1600  function_enter(
1601  goto_model,
1602  cmdline.get_value("function-enter"));
1603  }
1604 
1605  if(cmdline.isset("function-exit"))
1606  {
1607  log.status() << "Function exit instrumentation" << messaget::eom;
1608  function_exit(
1609  goto_model,
1610  cmdline.get_value("function-exit"));
1611  }
1612 
1613  if(cmdline.isset("branch"))
1614  {
1615  log.status() << "Branch instrumentation" << messaget::eom;
1616  branch(
1617  goto_model,
1618  cmdline.get_value("branch"));
1619  }
1620 
1621  // add failed symbols
1622  add_failed_symbols(goto_model.symbol_table);
1623 
1624  // recalculate numbers, etc.
1625  goto_model.goto_functions.update();
1626 
1627  // add loop ids
1628  goto_model.goto_functions.compute_loop_numbers();
1629 
1630  // label the assertions
1631  label_properties(goto_model);
1632 
1633  nondet_volatile(goto_model, options);
1634 
1635  // reachability slice?
1636  if(cmdline.isset("reachability-slice"))
1637  {
1638  do_indirect_call_and_rtti_removal();
1639 
1640  log.status() << "Performing a reachability slice" << messaget::eom;
1641 
1642  // reachability_slicer requires that the model has unique location numbers:
1643  goto_model.goto_functions.update();
1644 
1645  if(cmdline.isset("property"))
1646  {
1647  reachability_slicer(
1648  goto_model, cmdline.get_values("property"), ui_message_handler);
1649  }
1650  else
1651  reachability_slicer(goto_model, ui_message_handler);
1652  }
1653 
1654  if(cmdline.isset("fp-reachability-slice"))
1655  {
1656  do_indirect_call_and_rtti_removal();
1657 
1658  log.status() << "Performing a function pointer reachability slice"
1659  << messaget::eom;
1660  function_path_reachability_slicer(
1661  goto_model,
1662  cmdline.get_comma_separated_values("fp-reachability-slice"),
1663  ui_message_handler);
1664  }
1665 
1666  // full slice?
1667  if(cmdline.isset("full-slice"))
1668  {
1669  do_indirect_call_and_rtti_removal();
1670  do_remove_returns();
1671 
1672  log.status() << "Performing a full slice" << messaget::eom;
1673  if(cmdline.isset("property"))
1674  property_slicer(goto_model, cmdline.get_values("property"));
1675  else
1676  {
1677  // full_slicer requires that the model has unique location numbers:
1678  goto_model.goto_functions.update();
1679  full_slicer(goto_model);
1680  }
1681  }
1682 
1683  // splice option
1684  if(cmdline.isset("splice-call"))
1685  {
1686  log.status() << "Performing call splicing" << messaget::eom;
1687  std::string callercallee=cmdline.get_value("splice-call");
1688  if(splice_call(
1689  goto_model.goto_functions,
1690  callercallee,
1691  goto_model.symbol_table,
1692  ui_message_handler))
1693  throw 0;
1694  }
1695 
1696  // aggressive slicer
1697  if(cmdline.isset("aggressive-slice"))
1698  {
1699  do_indirect_call_and_rtti_removal();
1700 
1701  // reachability_slicer requires that the model has unique location numbers:
1702  goto_model.goto_functions.update();
1703 
1704  log.status() << "Slicing away initializations of unused global variables"
1705  << messaget::eom;
1706  slice_global_inits(goto_model, ui_message_handler);
1707 
1708  log.status() << "Performing an aggressive slice" << messaget::eom;
1709  aggressive_slicert aggressive_slicer(goto_model, ui_message_handler);
1710 
1711  if(cmdline.isset("aggressive-slice-call-depth"))
1712  aggressive_slicer.call_depth =
1713  safe_string2unsigned(cmdline.get_value("aggressive-slice-call-depth"));
1714 
1715  if(cmdline.isset("aggressive-slice-preserve-function"))
1716  aggressive_slicer.preserve_functions(
1717  cmdline.get_values("aggressive-slice-preserve-function"));
1718 
1719  if(cmdline.isset("property"))
1720  aggressive_slicer.user_specified_properties =
1721  cmdline.get_values("property");
1722 
1723  if(cmdline.isset("aggressive-slice-preserve-functions-containing"))
1724  aggressive_slicer.name_snippets =
1725  cmdline.get_values("aggressive-slice-preserve-functions-containing");
1726 
1727  aggressive_slicer.preserve_all_direct_paths =
1728  cmdline.isset("aggressive-slice-preserve-all-direct-paths");
1729 
1730  aggressive_slicer.doit();
1731 
1732  goto_model.goto_functions.update();
1733 
1734  log.status() << "Performing a reachability slice" << messaget::eom;
1735  if(cmdline.isset("property"))
1736  {
1737  reachability_slicer(
1738  goto_model, cmdline.get_values("property"), ui_message_handler);
1739  }
1740  else
1741  reachability_slicer(goto_model, ui_message_handler);
1742  }
1743 
1744  if(cmdline.isset("ensure-one-backedge-per-target"))
1745  {
1746  log.status() << "Trying to force one backedge per target" << messaget::eom;
1747  ensure_one_backedge_per_target(goto_model);
1748  }
1749 
1750  // recalculate numbers, etc.
1751  goto_model.goto_functions.update();
1752 }
1753 
1755 void goto_instrument_parse_optionst::help()
1756 {
1757  // clang-format off
1758  std::cout << '\n' << banner_string("Goto-Instrument", CBMC_VERSION) << '\n'
1759  << align_center_with_border("Copyright (C) 2008-2013") << '\n'
1760  << align_center_with_border("Daniel Kroening") << '\n'
1761  << align_center_with_border("kroening@kroening.com") << '\n'
1762  <<
1763  "\n"
1764  "Usage: Purpose:\n"
1765  "\n"
1766  " goto-instrument [-?] [-h] [--help] show help\n"
1767  " goto-instrument --version show version and exit\n"
1768  " goto-instrument [options] in [out] perform analysis or instrumentation\n"
1769  "\n"
1770  "Dump Source:\n"
1771  HELP_DUMP_C
1772  " --horn print program as constrained horn clauses\n"
1773  "\n"
1774  "Diagnosis:\n"
1775  HELP_SHOW_PROPERTIES
1776  HELP_DOCUMENT_PROPERTIES
1777  " --show-symbol-table show loaded symbol table\n"
1778  " --list-symbols list symbols with type information\n"
1779  HELP_SHOW_GOTO_FUNCTIONS
1780  HELP_GOTO_PROGRAM_STATS
1781  " --show-locations show all source locations\n"
1782  " --dot generate CFG graph in DOT format\n"
1783  " --print-internal-representation\n" // NOLINTNEXTLINE(*)
1784  " show verbose internal representation of the program\n"
1785  " --list-undefined-functions list functions without body\n"
1786  // NOLINTNEXTLINE(whitespace/line_length)
1787  " --list-calls-args list all function calls with their arguments\n"
1788  " --call-graph show graph of function calls\n"
1789  // NOLINTNEXTLINE(whitespace/line_length)
1790  " --reachable-call-graph show graph of function calls potentially reachable from main function\n"
1791  HELP_SHOW_CLASS_HIERARCHY
1792  HELP_VALIDATE
1793  // NOLINTNEXTLINE(whitespace/line_length)
1794  " --validate-goto-binary check the well-formedness of the passed in goto\n"
1795  " binary and then exit\n"
1796  " --interpreter do concrete execution\n"
1797  "\n"
1798  "Data-flow analyses:\n"
1799  " --show-struct-alignment show struct members that might be concurrently accessed\n" // NOLINT(*)
1800  // NOLINTNEXTLINE(whitespace/line_length)
1801  " --show-threaded show instructions that may be executed by more than one thread\n"
1802  " --show-local-safe-pointers show pointer expressions that are trivially dominated by a not-null check\n" // NOLINT(*)
1803  " --show-safe-dereferences show pointer expressions that are trivially dominated by a not-null check\n" // NOLINT(*)
1804  " *and* used as a dereference operand\n" // NOLINT(*)
1805  " --show-value-sets show points-to information (using value sets)\n" // NOLINT(*)
1806  " --show-global-may-alias show may-alias information over globals\n"
1807  " --show-local-bitvector-analysis\n"
1808  " show procedure-local pointer analysis\n"
1809  " --escape-analysis perform escape analysis\n"
1810  " --show-escape-analysis show results of escape analysis\n"
1811  " --custom-bitvector-analysis perform configurable bitvector analysis\n"
1812  " --show-custom-bitvector-analysis\n"
1813  " show results of configurable bitvector analysis\n" // NOLINT(*)
1814  " --interval-analysis perform interval analysis\n"
1815  " --show-intervals show results of interval analysis\n"
1816  " --show-uninitialized show maybe-uninitialized variables\n"
1817  " --show-points-to show points-to information\n"
1818  " --show-rw-set show read-write sets\n"
1819  " --show-call-sequences show function call sequences\n"
1820  " --show-reaching-definitions show reaching definitions\n"
1821  " --show-dependence-graph show program-dependence graph\n"
1822  " --show-sese-regions show single-entry-single-exit regions\n"
1823  "\n"
1824  "Safety checks:\n"
1825  " --no-assertions ignore user assertions\n"
1826  HELP_GOTO_CHECK
1827  HELP_UNINITIALIZED_CHECK
1828  " --stack-depth n add check that call stack size of non-inlined functions never exceeds n\n" // NOLINT(*)
1829  " --race-check add floating-point data race checks\n"
1830  "\n"
1831  "Semantic transformations:\n"
1832  << HELP_NONDET_VOLATILE <<
1833  " --isr <function> instruments an interrupt service routine\n"
1834  " --mmio instruments memory-mapped I/O\n"
1835  " --nondet-static add nondeterministic initialization of variables with static lifetime\n" // NOLINT(*)
1836  " --nondet-static-exclude e same as nondet-static except for the variable e\n" //NOLINT(*)
1837  " (use multiple times if required)\n"
1838  " --function-enter <f>, --function-exit <f>, --branch <f>\n"
1839  " instruments a call to <f> at the beginning,\n" // NOLINT(*)
1840  " the exit, or a branch point, respectively\n"
1841  " --splice-call caller,callee prepends a call to callee in the body of caller\n" // NOLINT(*)
1842  " --check-call-sequence <seq> instruments checks to assert that all call\n"
1843  " sequences match <seq>\n"
1844  " --undefined-function-is-assume-false\n"
1845  // NOLINTNEXTLINE(whitespace/line_length)
1846  " convert each call to an undefined function to assume(false)\n"
1847  HELP_INSERT_FINAL_ASSERT_FALSE
1848  HELP_REPLACE_FUNCTION_BODY
1849  HELP_RESTRICT_FUNCTION_POINTER
1850  HELP_REMOVE_CALLS_NO_BODY
1851  " --add-library add models of C library functions\n"
1852  HELP_CONFIG_LIBRARY
1853  " --model-argc-argv <n> model up to <n> command line arguments\n"
1854  // NOLINTNEXTLINE(whitespace/line_length)
1855  " --remove-function-body <f> remove the implementation of function <f> (may be repeated)\n"
1856  HELP_REPLACE_CALLS
1857  HELP_ANSI_C_LANGUAGE
1858  "\n"
1859  "Semantics-preserving transformations:\n"
1860  " --ensure-one-backedge-per-target\n"
1861  " transform loop bodies such that there is a\n"
1862  " single edge back to the loop head\n"
1863  " --drop-unused-functions drop functions trivially unreachable from main function\n" // NOLINT(*)
1864  HELP_REMOVE_POINTERS
1865  " --constant-propagator propagate constants and simplify expressions\n" // NOLINT(*)
1866  " --inline perform full inlining\n"
1867  " --partial-inline perform partial inlining\n"
1868  " --function-inline <function> transitively inline all calls <function> makes\n" // NOLINT(*)
1869  " --no-caching disable caching of intermediate results during transitive function inlining\n" // NOLINT(*)
1870  " --log <file> log in json format which code segments were inlined, use with --function-inline\n" // NOLINT(*)
1871  " --remove-function-pointers replace function pointers by case statement over function calls\n" // NOLINT(*)
1872  HELP_REMOVE_CONST_FUNCTION_POINTERS
1873  " --value-set-fi-fp-removal build flow-insensitive value set and replace function pointers by a case statement\n" // NOLINT(*)
1874  " over the possible assignments. If the set of possible assignments is empty the function pointer\n" // NOLINT(*)
1875  " is removed using the standard remove-function-pointers pass. \n" // NOLINT(*)
1876  "\n"
1877  "Loop information and transformations:\n"
1878  HELP_UNWINDSET
1879  " --unwindset-file <file> read unwindset from file\n"
1880  " --partial-loops permit paths with partial loops\n"
1881  " --unwinding-assertions generate unwinding assertions\n"
1882  " --continue-as-loops add loop for remaining iterations after unwound part\n" // NOLINT(*)
1883  " --k-induction <k> check loops with k-induction\n"
1884  " --step-case k-induction: do step-case\n"
1885  " --base-case k-induction: do base-case\n"
1886  " --havoc-loops over-approximate all loops\n"
1887  " --accelerate add loop accelerators\n"
1888  " --z3 use Z3 when computing loop accelerators\n"
1889  " --skip-loops <loop-ids> add gotos to skip selected loops during execution\n" // NOLINT(*)
1890  " --show-lexical-loops show single-entry-single-back-edge loops\n"
1891  " --show-natural-loops show natural loop heads\n"
1892  "\n"
1893  "Memory model instrumentations:\n"
1894  HELP_WMM_FULL
1895  "\n"
1896  "Slicing:\n"
1897  HELP_REACHABILITY_SLICER
1898  " --full-slice slice away instructions that don't affect assertions\n" // NOLINT(*)
1899  " --property id slice with respect to specific property only\n" // NOLINT(*)
1900  " --slice-global-inits slice away initializations of unused global variables\n" // NOLINT(*)
1901  " --aggressive-slice remove bodies of any functions not on the shortest path between\n" // NOLINT(*)
1902  " the start function and the function containing the property(s)\n" // NOLINT(*)
1903  " --aggressive-slice-call-depth <n>\n"
1904  " used with aggressive-slice, preserves all functions within <n> function calls\n" // NOLINT(*)
1905  " of the functions on the shortest path\n"
1906  " --aggressive-slice-preserve-function <f>\n"
1907  " force the aggressive slicer to preserve function <f>\n" // NOLINT(*)
1908  " --aggressive-slice-preserve-functions-containing <f>\n"
1909  " force the aggressive slicer to preserve all functions with names containing <f>\n" // NOLINT(*)
1910  " --aggressive-slice-preserve-all-direct-paths \n"
1911  " force aggressive slicer to preserve all direct paths\n" // NOLINT(*)
1912  "\n"
1913  "Code contracts:\n"
1914  HELP_LOOP_CONTRACTS
1915  HELP_LOOP_INVARIANT_SYNTHESIZER
1916  HELP_REPLACE_CALL
1917  HELP_ENFORCE_CONTRACT
1918  "\n"
1919  "User-interface options:\n"
1920  HELP_FLUSH
1921  " --xml output files in XML where supported\n"
1922  " --xml-ui use XML-formatted output\n"
1923  " --json-ui use JSON-formatted output\n"
1924  " --verbosity # verbosity level\n"
1925  HELP_TIMESTAMP
1926  "\n";
1927  // clang-format on
1928 }
goto_instrument_parse_optionst::help
void help() override
display command line help
Definition: goto_instrument_parse_options.cpp:1755
cprover_library.h
cmdlinet::args
argst args
Definition: cmdline.h:145
value_set_fi_fp_removal
void value_set_fi_fp_removal(goto_modelt &goto_model, message_handlert &message_handler)
Builds the flow-insensitive value set for all function pointers and replaces function pointers with a...
Definition: value_set_fi_fp_removal.cpp:20
Unknown
@ Unknown
Definition: wmm.h:19
exception_utils.h
HELP_REACHABILITY_SLICER
#define HELP_REACHABILITY_SLICER
Definition: reachability_slicer.h:48
configt::ansi_ct::defines
std::list< std::string > defines
Definition: config.h:250
HELP_SHOW_GOTO_FUNCTIONS
#define HELP_SHOW_GOTO_FUNCTIONS
Definition: show_goto_functions.h:25
no_loop
@ no_loop
Definition: wmm.h:40
HELP_LOOP_INVARIANT_SYNTHESIZER
#define HELP_LOOP_INVARIANT_SYNTHESIZER
Definition: loop_invariant_synthesizer_base.h:20
TSO
@ TSO
Definition: wmm.h:20
HELP_GOTO_CHECK
#define HELP_GOTO_CHECK
Definition: goto_check_c.h:53
string_abstraction.h
concurrency.h
HELP_REMOVE_POINTERS
#define HELP_REMOVE_POINTERS
Definition: goto_program_dereference.h:113
gcc_versiont::get
void get(const std::string &executable)
Definition: gcc_version.cpp:18
havoc_loops.h
rewrite_union.h
horn_encoding
void horn_encoding(const goto_modelt &goto_model, std::ostream &out)
Definition: horn_encoding.cpp:1208
class_hierarchyt
Non-graph-based representation of the class hierarchy.
Definition: class_hierarchy.h:42
horn_encoding.h
parse_options_baset::ui_message_handler
ui_message_handlert ui_message_handler
Definition: parse_options.h:45
link_to_library
void link_to_library(goto_modelt &goto_model, message_handlert &message_handler, const std::function< void(const std::set< irep_idt > &, symbol_tablet &, message_handlert &)> &library)
Complete missing function definitions using the library.
Definition: link_to_library.cpp:25
parse_c_object_factory_options
void parse_c_object_factory_options(const cmdlinet &cmdline, optionst &options)
Parse the c object factory parameters from a given command line.
Definition: c_object_factory_parameters.cpp:11
goto_unwindt::unwind_strategyt
unwind_strategyt
Definition: unwind.h:24
local_bitvector_analysis.h
enumerative_loop_invariant_synthesizert
Enumerative loop invariant synthesizers.
Definition: enumerative_loop_invariant_synthesizer.h:28
RESTRICT_FUNCTION_POINTER_BY_NAME_OPT
#define RESTRICT_FUNCTION_POINTER_BY_NAME_OPT
Definition: restrict_function_pointers.h:39
cmdlinet::isset
virtual bool isset(char option) const
Definition: cmdline.cpp:30
nondet_static
static void nondet_static(const namespacet &ns, goto_functionst &goto_functions, const irep_idt &fct_name)
Nondeterministically initializes global scope variables in a goto-function.
Definition: nondet_static.cpp:80
dependence_grapht
Definition: dependence_graph.h:211
print_global_state_size
void print_global_state_size(const goto_modelt &goto_model)
Definition: count_eloc.cpp:158
goto_instrument_parse_optionst::do_remove_returns
void do_remove_returns()
Definition: goto_instrument_parse_options.cpp:988
RMO
@ RMO
Definition: wmm.h:22
goto_instrument_parse_optionst::do_partial_inlining
void do_partial_inlining()
Definition: goto_instrument_parse_options.cpp:974
goto_inline.h
optionst
Definition: options.h:22
goto_instrument_parse_optionst::function_pointer_removal_done
bool function_pointer_removal_done
Definition: goto_instrument_parse_options.h:154
mutex_init_instrumentation
void mutex_init_instrumentation(const symbol_tablet &symbol_table, goto_programt &goto_program, typet lock_type)
Definition: thread_instrumentation.cpp:83
CHECK_RETURN
#define CHECK_RETURN(CONDITION)
Definition: invariant.h:495
string_utils.h
skip_loops.h
gcc_version.h
show_class_hierarchy
void show_class_hierarchy(const class_hierarchyt &hierarchy, ui_message_handlert &message_handler, bool children_only)
Output the class hierarchy.
Definition: class_hierarchy.cpp:262
messaget::M_STATISTICS
@ M_STATISTICS
Definition: message.h:171
code_contractst::apply_loop_contracts
void apply_loop_contracts(const std::set< std::string > &to_exclude_from_nondet_init={})
Applies loop contract transformations.
Definition: contracts.cpp:1607
show_natural_loops
void show_natural_loops(const goto_modelt &goto_model, std::ostream &out)
Definition: natural_loops.h:92
sese_region_analysist::output
void output(std::ostream &out, const goto_programt &goto_program, const namespacet &ns) const
Definition: sese_regions.cpp:230
HELP_DOCUMENT_PROPERTIES
#define HELP_DOCUMENT_PROPERTIES
Definition: document_properties.h:32
messaget::status
mstreamt & status() const
Definition: message.h:414
code_contractst::replace_calls
void replace_calls(const std::set< std::string > &to_replace)
Replace all calls to each function in the to_replace set with that function's contract.
Definition: contracts.cpp:1567
show_properties
void show_properties(const namespacet &ns, const irep_idt &identifier, message_handlert &message_handler, ui_message_handlert::uit ui, const goto_programt &goto_program)
Definition: show_properties.cpp:44
custom_bitvector_analysis.h
goto_function_inline_and_log
jsont goto_function_inline_and_log(goto_modelt &goto_model, const irep_idt function, message_handlert &message_handler, bool adjust_function, bool caching)
Definition: goto_inline.cpp:308
goto_partial_inline
void goto_partial_inline(goto_modelt &goto_model, message_handlert &message_handler, unsigned smallfunc_limit, bool adjust_function)
Inline all function calls to functions either marked as "inlined" or smaller than smallfunc_limit (by...
Definition: goto_inline.cpp:122
symbolt::type
typet type
Type of symbol.
Definition: symbol.h:31
concurrency
void concurrency(value_setst &value_sets, goto_modelt &goto_model)
Definition: concurrency.cpp:192
local_safe_pointerst::output_safe_dereferences
void output_safe_dereferences(std::ostream &stream, const goto_programt &program, const namespacet &ns)
Output safely dereferenced expressions per instruction in human-readable format.
Definition: local_safe_pointers.cpp:234
write_goto_binary
bool write_goto_binary(std::ostream &out, const symbol_tablet &symbol_table, const goto_functionst &goto_functions, irep_serializationt &irepconverter)
Writes a goto program to disc, using goto binary format.
Definition: write_goto_binary.cpp:24
FLAG_REPLACE_CALL
#define FLAG_REPLACE_CALL
Definition: contracts.h:41
dot
void dot(const goto_modelt &src, std::ostream &out)
Definition: dot.cpp:353
remove_skip
void remove_skip(goto_programt &goto_program, goto_programt::targett begin, goto_programt::targett end)
remove unnecessary skip statements
Definition: remove_skip.cpp:87
local_safe_pointerst
A very simple, cheap analysis to determine when dereference operations are trivially guarded by a che...
Definition: local_safe_pointers.h:27
model_argc_argv
bool model_argc_argv(goto_modelt &goto_model, unsigned max_argc, message_handlert &message_handler)
Set up argv with up to max_argc pointers into an array of 4096 bytes.
Definition: model_argc_argv.cpp:39
parameter_assignments
void parameter_assignments(symbol_tablet &symbol_table, goto_functionst &goto_functions)
removes returns
Definition: parameter_assignments.cpp:93
label_function_pointer_call_sites
void label_function_pointer_call_sites(goto_modelt &goto_model)
This ensures that call instructions can be only one of two things:
Definition: label_function_pointer_call_sites.cpp:15
splice_call
bool splice_call(goto_functionst &goto_functions, const std::string &callercallee, const symbol_tablet &symbol_table, message_handlert &message_handler)
Definition: splice_call.cpp:34
show_lexical_loops
void show_lexical_loops(const goto_modelt &goto_model, std::ostream &out)
Definition: lexical_loops.h:191
skip_loops
static bool skip_loops(goto_programt &goto_program, const loop_idst &loop_ids, messaget &message)
Definition: skip_loops.cpp:24
remove_virtual_functions.h
remove_asm.h
HELP_SHOW_CLASS_HIERARCHY
#define HELP_SHOW_CLASS_HIERARCHY
Definition: class_hierarchy.h:28
constant_propagator.h
PSO
@ PSO
Definition: wmm.h:21
slice_global_inits
void slice_global_inits(goto_modelt &goto_model, message_handlert &message_handler)
Remove initialization of global variables that are not used in any function reachable from the entry ...
Definition: slice_global_inits.cpp:29
configure_gcc
void configure_gcc(const gcc_versiont &gcc_version)
Definition: gcc_version.cpp:147
goto_unwindt::unwind_strategyt::ASSERT_PARTIAL
@ ASSERT_PARTIAL
value_set_analysis_templatet
This template class implements a data-flow analysis which keeps track of what values different variab...
Definition: value_set_analysis.h:37
remove_virtual_functions
void remove_virtual_functions(symbol_table_baset &symbol_table, goto_functionst &goto_functions)
Remove virtual function calls from all functions in the specified list and replace them with their mo...
Definition: remove_virtual_functions.cpp:728
interpreter.h
show_uninitialized
void show_uninitialized(const goto_modelt &goto_model, std::ostream &out)
Definition: uninitialized.cpp:207
race_check
static void race_check(value_setst &value_sets, symbol_tablet &symbol_table, const irep_idt &function_id, goto_programt &goto_program, w_guardst &w_guards)
Definition: race_check.cpp:161
goto_unwindt::unwind_strategyt::CONTINUE
@ CONTINUE
add_uninitialized_locals_assertions
void add_uninitialized_locals_assertions(goto_modelt &goto_model)
Definition: uninitialized.cpp:197
ait
ait supplies three of the four components needed: an abstract interpreter (in this case handling func...
Definition: ai.h:563
remove_calls_no_body.h
goto_instrument_parse_optionst::do_remove_const_function_pointers_only
void do_remove_const_function_pointers_only()
Remove function pointers that can be resolved by analysing const variables (i.e.
Definition: goto_instrument_parse_options.cpp:958
Power
@ Power
Definition: wmm.h:23
enumerative_loop_invariant_synthesizert::synthesize_all
invariant_mapt synthesize_all() override
This synthesizer guarantees that, with the synthesized loop invariants, all checks in the annotated G...
Definition: enumerative_loop_invariant_synthesizer.cpp:39
mmio.h
link_to_library.h
show_loop_ids
void show_loop_ids(ui_message_handlert::uit ui, const goto_modelt &goto_model)
Definition: loop_ids.cpp:21
generate_function_bodies
void generate_function_bodies(const std::regex &functions_regex, const generate_function_bodiest &generate_function_body, goto_modelt &model, message_handlert &message_handler)
Generate function bodies with some default behavior: assert-false, assume-false, assert-false-assume-...
Definition: generate_function_bodies.cpp:511
aggressive_slicert::preserve_all_direct_paths
bool preserve_all_direct_paths
Definition: aggressive_slicer.h:68
options.h
optionst::set_option
void set_option(const std::string &option, const bool value)
Definition: options.cpp:28
call_graph.h
function_path_reachability_slicer
void function_path_reachability_slicer(goto_modelt &goto_model, const std::list< std::string > &functions_list, message_handlert &message_handler)
Perform reachability slicing on goto_model for selected functions.
Definition: reachability_slicer.cpp:438
goto_instrument_parse_optionst::doit
int doit() override
invoke main modules
Definition: goto_instrument_parse_options.cpp:113
k_induction.h
FLAG_LOOP_CONTRACTS
#define FLAG_LOOP_CONTRACTS
Definition: contracts.h:36
goto_unwindt::unwind_strategyt::ASSERT_ASSUME
@ ASSERT_ASSUME
insert_final_assert_false.h
messaget::eom
static eomt eom
Definition: message.h:297
HELP_REPLACE_CALL
#define HELP_REPLACE_CALL
Definition: contracts.h:42
show_symbol_table
void show_symbol_table(const symbol_tablet &symbol_table, ui_message_handlert &ui)
Definition: show_symbol_table.cpp:242
ensure_one_backedge_per_target
bool ensure_one_backedge_per_target(goto_programt::targett &it, goto_programt &goto_program)
Definition: ensure_one_backedge_per_target.cpp:25
configt::ansi_c
struct configt::ansi_ct ansi_c
goto_functionst::function_map
function_mapt function_map
Definition: goto_functions.h:29
version.h
remove_unused_functions
void remove_unused_functions(goto_modelt &goto_model, message_handlert &message_handler)
Definition: remove_unused_functions.cpp:18
symbol_exprt
Expression to hold a symbol (variable)
Definition: std_expr.h:112
call_grapht::output_xml
void output_xml(std::ostream &out) const
Definition: call_graph.cpp:282
race_check.h
nondet_static.h
jsont
Definition: json.h:26
sese_regions.h
write_first
@ write_first
Definition: wmm.h:31
loop_strategyt
loop_strategyt
Definition: wmm.h:36
call_grapht::output_dot
void output_dot(std::ostream &out) const
Definition: call_graph.cpp:255
interpreter
void interpreter(const goto_modelt &goto_model, message_handlert &message_handler)
Definition: interpreter.cpp:1066
safe_string2size_t
std::size_t safe_string2size_t(const std::string &str, int base)
Definition: string2int.cpp:23
show_value_sets
void show_value_sets(ui_message_handlert::uit ui, const goto_modelt &goto_model, const value_set_analysist &value_set_analysis)
Definition: show_value_sets.cpp:22
HELP_DUMP_C
#define HELP_DUMP_C
Definition: dump_c.h:52
label_properties
void label_properties(goto_modelt &goto_model)
Definition: set_properties.cpp:45
print_struct_alignment_problems
void print_struct_alignment_problems(const symbol_tablet &symbol_table, std::ostream &out)
Definition: alignment_checks.cpp:22
reaching_definitions_analysist
Definition: reaching_definitions.h:354
write_goto_binary.h
goto_check_c
void goto_check_c(const irep_idt &function_identifier, goto_functionst::goto_functiont &goto_function, const namespacet &ns, const optionst &options, message_handlert &message_handler)
Definition: goto_check_c.cpp:2397
list_undefined_functions
void list_undefined_functions(const goto_modelt &goto_model, std::ostream &os)
Definition: undefined_functions.cpp:22
cmdlinet::get_comma_separated_values
std::list< std::string > get_comma_separated_values(const char *option) const
Collect all occurrences of option option and split their values on each comma, merging them into a si...
Definition: cmdline.cpp:121
HELP_ENFORCE_CONTRACT
#define HELP_ENFORCE_CONTRACT
Definition: contracts.h:47
call_grapht::create_from_root_function
static call_grapht create_from_root_function(const goto_modelt &model, const irep_idt &root, bool collect_callsites)
Definition: call_graph.h:53
thread_instrumentation.h
lexical_loops.h
splice_call.h
goto_unwindt::unwind_strategyt::PARTIAL
@ PARTIAL
is_threadedt
Definition: is_threaded.h:21
ui_message_handlert::get_ui
virtual uit get_ui() const
Definition: ui_message.h:33
goto_unwindt::unwind_strategyt::ASSUME
@ ASSUME
namespacet
A namespacet is essentially one or two symbol tables bound together, to allow for symbol lookups in t...
Definition: namespace.h:90
guard_expr_managert
This is unused by this implementation of guards, but can be used by other implementations of the same...
Definition: guard_expr.h:19
string2int.h
namespacet::lookup
bool lookup(const irep_idt &name, const symbolt *&symbol) const override
See documentation for namespace_baset::lookup().
Definition: namespace.cpp:138
split_string
void split_string(const std::string &s, char delim, std::vector< std::string > &result, bool strip, bool remove_empty)
Definition: string_utils.cpp:39
set_properties.h
show_call_sequences
void show_call_sequences(const irep_idt &caller, const goto_programt &goto_program)
Definition: call_sequences.cpp:27
aggressive_slicert::doit
void doit()
Removes the body of all functions except those on the shortest path or functions that are reachable f...
Definition: aggressive_slicer.cpp:76
parse_function_pointer_restriction_options_from_cmdline
void parse_function_pointer_restriction_options_from_cmdline(const cmdlinet &cmdline, optionst &options)
Definition: restrict_function_pointers.cpp:195
full_slicer
void full_slicer(goto_functionst &goto_functions, const namespacet &ns, const slicing_criteriont &criterion)
Definition: full_slicer.cpp:348
dot.h
interrupt.h
CBMC_VERSION
const char * CBMC_VERSION
escape_analysist
Definition: escape_analysis.h:108
show_symbol_table_brief
void show_symbol_table_brief(const symbol_tablet &symbol_table, ui_message_handlert &ui)
Definition: show_symbol_table.cpp:269
c_object_factory_parameters.h
messaget::error
mstreamt & error() const
Definition: message.h:399
c_object_factory_parameterst
Definition: c_object_factory_parameters.h:14
HELP_INSERT_FINAL_ASSERT_FALSE
#define HELP_INSERT_FINAL_ASSERT_FALSE
Definition: insert_final_assert_false.h:53
banner_string
std::string banner_string(const std::string &front_end, const std::string &version)
Definition: parse_options.cpp:174
all_loops
@ all_loops
Definition: wmm.h:39
unwindsett
Definition: unwindset.h:23
configt::ansi_ct::preprocessor
preprocessort preprocessor
Definition: config.h:248
branch
void branch(goto_modelt &goto_model, const irep_idt &id)
Definition: branch.cpp:22
goto_instrument_parse_optionst::do_indirect_call_and_rtti_removal
void do_indirect_call_and_rtti_removal(bool force=false)
Definition: goto_instrument_parse_options.cpp:939
restrict_function_pointers.h
goto_instrument_parse_optionst::get_goto_program
void get_goto_program()
Definition: goto_instrument_parse_options.cpp:999
check_call_sequence
void check_call_sequence(const goto_modelt &goto_model)
Definition: call_sequences.cpp:252
HELP_GOTO_PROGRAM_STATS
#define HELP_GOTO_PROGRAM_STATS
Definition: count_eloc.h:30
points_tot
Definition: points_to.h:22
goto_instrument_parse_optionst::register_languages
void register_languages() override
Definition: goto_instrument_languages.cpp:19
dump_c
void dump_c(const goto_functionst &src, const bool use_system_headers, const bool use_all_headers, const bool include_harness, const namespacet &ns, std::ostream &out)
Definition: dump_c.cpp:1591
undefined_function_abort_path
void undefined_function_abort_path(goto_modelt &goto_model)
Definition: undefined_functions.cpp:35
unwind.h
HELP_UNWINDSET
#define HELP_UNWINDSET
Definition: unwindset.h:76
optionst::is_set
bool is_set(const std::string &option) const
N.B. opts.is_set("foo") does not imply opts.get_bool_option("foo")
Definition: options.cpp:62
PRECONDITION
#define PRECONDITION(CONDITION)
Definition: invariant.h:463
document_properties_latex
void document_properties_latex(const goto_modelt &goto_model, std::ostream &out)
Definition: document_properties.cpp:369
interrupt
static void interrupt(value_setst &value_sets, const symbol_tablet &symbol_table, const irep_idt &function_id, goto_programt &goto_program, const symbol_exprt &interrupt_handler, const rw_set_baset &isr_rw_set)
Definition: interrupt.cpp:58
remove_function_pointers
void remove_function_pointers(message_handlert &_message_handler, goto_modelt &goto_model, bool only_remove_const_fps)
Definition: remove_function_pointers.cpp:533
property_slicer
void property_slicer(goto_functionst &goto_functions, const namespacet &ns, const std::list< std::string > &properties)
Definition: full_slicer.cpp:371
show_properties.h
remove_pointers
void remove_pointers(goto_modelt &goto_model, value_setst &value_sets)
Remove dereferences in all expressions contained in the program goto_model.
Definition: goto_program_dereference.cpp:260
is_threaded.h
goto_instrument_parse_optionst::instrument_goto_program
void instrument_goto_program()
Definition: goto_instrument_parse_options.cpp:1016
goto_unwindt
Definition: unwind.h:21
HELP_REMOVE_CALLS_NO_BODY
#define HELP_REMOVE_CALLS_NO_BODY
Definition: remove_calls_no_body.h:44
HELP_LOOP_CONTRACTS
#define HELP_LOOP_CONTRACTS
Definition: contracts.h:37
dump_c_type_header
void dump_c_type_header(const goto_functionst &src, const bool use_system_headers, const bool use_all_headers, const bool include_harness, const namespacet &ns, const std::string module, std::ostream &out)
Definition: dump_c.cpp:1626
cmdlinet::get_value
std::string get_value(char option) const
Definition: cmdline.cpp:48
show_symbol_table.h
stack_depth
static void stack_depth(goto_programt &goto_program, const symbol_exprt &symbol, const std::size_t i_depth, const exprt &max_depth)
Definition: stack_depth.cpp:61
code_contractst
Definition: contracts.h:55
remove_function.h
rewrite_union
void rewrite_union(exprt &expr)
We rewrite u.c for unions u into byte_extract(u, 0), and { .c = v } into byte_update(NIL,...
Definition: rewrite_union.cpp:65
HELP_SHOW_PROPERTIES
#define HELP_SHOW_PROPERTIES
Definition: show_properties.h:30
value_set_fi_fp_removal.h
k_induction
void k_induction(goto_modelt &goto_model, bool base_case, bool step_case, unsigned k)
Definition: k_induction.cpp:162
custom_bitvector_analysist
Definition: custom_bitvector_analysis.h:148
HELP_REMOVE_CONST_FUNCTION_POINTERS
#define HELP_REMOVE_CONST_FUNCTION_POINTERS
Definition: remove_const_function_pointers.h:112
count_eloc
void count_eloc(const goto_modelt &goto_model)
Definition: count_eloc.cpp:54
accelerate.h
configt::ansi_ct::arch
irep_idt arch
Definition: config.h:206
show_goto_functions
void show_goto_functions(const namespacet &ns, ui_message_handlert &ui_message_handler, const goto_functionst &goto_functions, bool list_only)
Definition: show_goto_functions.cpp:20
PARSE_OPTIONS_GOTO_CHECK
#define PARSE_OPTIONS_GOTO_CHECK(cmdline, options)
Definition: goto_check_c.h:74
transform_assertions_assumptions
static void transform_assertions_assumptions(goto_programt &goto_program, bool enable_assertions, bool enable_built_in_assertions, bool enable_assumptions)
Definition: goto_check.cpp:19
HELP_CONFIG_LIBRARY
#define HELP_CONFIG_LIBRARY
Definition: config.h:64
aggressive_slicert::call_depth
std::size_t call_depth
Definition: aggressive_slicer.h:66
function_enter
void function_enter(goto_modelt &goto_model, const irep_idt &id)
Definition: function.cpp:76
local_safe_pointers.h
reaching_definitions.h
escape_analysist::instrument
void instrument(goto_modelt &)
Definition: escape_analysis.cpp:449
goto_check.h
configt::set_from_symbol_table
void set_from_symbol_table(const symbol_tablet &)
Definition: config.cpp:1254
goto_function_inline
void goto_function_inline(goto_modelt &goto_model, const irep_idt function, message_handlert &message_handler, bool adjust_function, bool caching)
Transitively inline all function calls made from a particular function.
Definition: goto_inline.cpp:239
goto_functionst::compute_loop_numbers
void compute_loop_numbers()
Definition: goto_functions.cpp:54
CPROVER_EXIT_CONVERSION_FAILED
#define CPROVER_EXIT_CONVERSION_FAILED
Failure to convert / write to another format.
Definition: exit_codes.h:62
widen
std::wstring widen(const char *s)
Definition: unicode.cpp:48
HELP_REPLACE_FUNCTION_BODY
#define HELP_REPLACE_FUNCTION_BODY
Definition: generate_function_bodies.h:93
branch.h
read_goto_binary.h
local_bitvector_analysist::output
void output(std::ostream &out, const goto_functiont &goto_function, const namespacet &ns) const
Definition: local_bitvector_analysis.cpp:343
weak_memory
void weak_memory(memory_modelt model, value_setst &value_sets, goto_modelt &goto_model, bool SCC, instrumentation_strategyt event_strategy, bool no_cfg_kill, bool no_dependencies, loop_strategyt duplicate_body, unsigned input_max_var, unsigned input_max_po_trans, bool render_po, bool render_file, bool render_function, bool cav11_option, bool hide_internals, message_handlert &message_handler, bool ignore_arrays)
Definition: weak_memory.cpp:107
parse_nondet_volatile_options
void parse_nondet_volatile_options(const cmdlinet &cmdline, optionst &options)
Definition: nondet_volatile.cpp:409
full_slicer.h
goto_instrument_parse_optionst::partial_inlining_done
bool partial_inlining_done
Definition: goto_instrument_parse_options.h:155
memory_modelt
memory_modelt
Definition: wmm.h:17
configt::ansi_ct::preprocessort::GCC
@ GCC
my_events
@ my_events
Definition: wmm.h:32
safe_string2unsigned
unsigned safe_string2unsigned(const std::string &str, int base)
Definition: string2int.cpp:16
parse_options_baset::main
virtual int main()
Definition: parse_options.cpp:78
read_first
@ read_first
Definition: wmm.h:30
mmio
static void mmio(value_setst &value_sets, const symbol_tablet &symbol_table, const irep_idt &function_id, goto_programt &goto_program)
Definition: mmio.cpp:24
HELP_ANSI_C_LANGUAGE
#define HELP_ANSI_C_LANGUAGE
Definition: ansi_c_language.h:27
local_safe_pointerst::output
void output(std::ostream &stream, const goto_programt &program, const namespacet &ns)
Output non-null expressions per instruction in human-readable format.
Definition: local_safe_pointers.cpp:190
aggressive_slicert::user_specified_properties
std::list< std::string > user_specified_properties
Definition: aggressive_slicer.h:63
global_may_alias_analysist
This is a may analysis (i.e.
Definition: global_may_alias.h:101
remove_returns.h
remove_unused_functions.h
config
configt config
Definition: config.cpp:25
remove_functions
void remove_functions(goto_modelt &goto_model, const std::list< std::string > &names, message_handlert &message_handler)
Remove the body of all functions listed in "names" such that an analysis will treat it as a side-effe...
Definition: remove_function.cpp:68
gcc_versiont
Definition: gcc_version.h:19
local_bitvector_analysist
Definition: local_bitvector_analysis.h:22
parse_options_baset::log
messaget log
Definition: parse_options.h:46
function.h
call_grapht
A call graph (https://en.wikipedia.org/wiki/Call_graph) for a GOTO model or GOTO functions collection...
Definition: call_graph.h:43
points_to.h
goto_instrument_parse_optionst::remove_returns_done
bool remove_returns_done
Definition: goto_instrument_parse_options.h:156
class_hierarchy.h
interval_domain.h
stack_depth.h
show_locations.h
show_locations
void show_locations(ui_message_handlert::uit ui, const irep_idt function_id, const goto_programt &goto_program)
Definition: show_locations.cpp:20
aggressive_slicert
The aggressive slicer removes the body of all the functions except those on the shortest path,...
Definition: aggressive_slicer.h:34
annotate_invariants
void annotate_invariants(const invariant_mapt &invariant_map, goto_modelt &goto_model, messaget &log)
Annotate the invariants in invariant_map to their corresponding loops.
Definition: synthesizer_utils.cpp:93
undefined_functions.h
min_interference
@ min_interference
Definition: wmm.h:29
arrays_only
@ arrays_only
Definition: wmm.h:38
goto_modelt::goto_functions
goto_functionst goto_functions
GOTO functions.
Definition: goto_model.h:33
validation_modet::EXCEPTION
@ EXCEPTION
ansi_c_language.h
RESTRICT_FUNCTION_POINTER_OPT
#define RESTRICT_FUNCTION_POINTER_OPT
Definition: restrict_function_pointers.h:36
cprover_c_library_factory
void cprover_c_library_factory(const std::set< irep_idt > &functions, symbol_tablet &symbol_table, message_handlert &message_handler)
Definition: cprover_library.cpp:98
call_sequences.h
ai_baset::output
virtual void output(const namespacet &ns, const irep_idt &function_id, const goto_programt &goto_program, std::ostream &out) const
Output the abstract states for a single function.
Definition: ai.cpp:40
remove_calls_no_bodyt
Definition: remove_calls_no_body.h:20
symbolt
Symbol table entry.
Definition: symbol.h:27
configt::set
bool set(const cmdlinet &cmdline)
Definition: config.cpp:798
rw_set.h
exit_codes.h
call_grapht::output
void output(std::ostream &out) const
Definition: call_graph.cpp:272
natural_loops.h
constant_propagator_ait
Definition: constant_propagator.h:170
RESTRICT_FUNCTION_POINTER_FROM_FILE_OPT
#define RESTRICT_FUNCTION_POINTER_FROM_FILE_OPT
Definition: restrict_function_pointers.h:37
one_event_per_cycle
@ one_event_per_cycle
Definition: wmm.h:33
remove_returns
void remove_returns(symbol_table_baset &symbol_table, goto_functionst &goto_functions)
removes returns
Definition: remove_returns.cpp:255
show_value_sets.h
aggressive_slicert::name_snippets
std::list< std::string > name_snippets
Definition: aggressive_slicer.h:67
CPROVER_EXIT_USAGE_ERROR
#define CPROVER_EXIT_USAGE_ERROR
A usage error is returned when the command line is invalid or conflicting.
Definition: exit_codes.h:33
nondet_volatile.h
CPROVER_PREFIX
#define CPROVER_PREFIX
Definition: cprover_prefix.h:14
replace_callst
Definition: replace_calls.h:26
unsafe_string2unsigned
unsigned unsafe_string2unsigned(const std::string &str, int base)
Definition: string2int.cpp:35
goto_functionst::update
void update()
Definition: goto_functions.h:83
json.h
remove_asm
void remove_asm(goto_functionst &goto_functions, symbol_tablet &symbol_table)
Replaces inline assembly instructions in the goto program (i.e., instructions of kind OTHER with a co...
Definition: remove_asm.cpp:512
accelerate_functions
void accelerate_functions(goto_modelt &goto_model, message_handlert &message_handler, bool use_z3, guard_managert &guard_manager)
Definition: accelerate.cpp:637
unicode.h
parameter_assignments.h
aggressive_slicert::preserve_functions
void preserve_functions(const std::list< std::string > &function_list)
Adds a list of functions to the set of functions for the aggressive slicer to preserve.
Definition: aggressive_slicer.h:59
goto_programt
A generic container class for the GOTO intermediate representation of one function.
Definition: goto_program.h:72
grapht::output_dot
void output_dot(std::ostream &out) const
Definition: graph.h:990
class_hierarchyt::output_dot
void output_dot(std::ostream &) const
Output class hierarchy in Graphviz DOT format.
Definition: class_hierarchy.cpp:218
custom_bitvector_analysist::check
void check(const goto_modelt &, bool xml, std::ostream &)
Definition: custom_bitvector_analysis.cpp:767
points_tot::output
void output(std::ostream &out) const
Definition: points_to.cpp:33
insert_final_assert_false
bool insert_final_assert_false(goto_modelt &goto_model, const std::string &function_to_instrument, message_handlert &message_handler)
Transform a goto program by inserting assert(false) at the end of a given function function_to_instru...
Definition: insert_final_assert_false.cpp:53
read_goto_binary
static bool read_goto_binary(const std::string &filename, symbol_tablet &, goto_functionst &, message_handlert &)
Read a goto binary from a file, but do not update config.
Definition: read_goto_binary.cpp:61
goto_modelt::validate
void validate(const validation_modet vm=validation_modet::INVARIANT, const goto_model_validation_optionst &goto_model_validation_options=goto_model_validation_optionst{}) const override
Check that the goto model is well-formed.
Definition: goto_model.h:98
loop_ids.h
generate_function_bodies_factory
std::unique_ptr< generate_function_bodiest > generate_function_bodies_factory(const std::string &options, const c_object_factory_parameterst &object_factory_parameters, const symbol_tablet &symbol_table, message_handlert &message_handler)
Create the type that actually generates the functions.
Definition: generate_function_bodies.cpp:385
reachability_slicer.h
goto_instrument_parse_optionst::goto_model
goto_modelt goto_model
Definition: goto_instrument_parse_options.h:158
model_argc_argv.h
function_exit
void function_exit(goto_modelt &goto_model, const irep_idt &id)
Definition: function.cpp:101
FLAG_ENFORCE_CONTRACT
#define FLAG_ENFORCE_CONTRACT
Definition: contracts.h:46
instrumentation_strategyt
instrumentation_strategyt
Definition: wmm.h:26
slice_global_inits.h
add_failed_symbols.h
goto_functionst::entry_point
static irep_idt entry_point()
Get the identifier of the entry point to a goto model.
Definition: goto_functions.h:92
CPROVER_EXIT_INTERNAL_ERROR
#define CPROVER_EXIT_INTERNAL_ERROR
An error has been encountered during processing the requested analysis.
Definition: exit_codes.h:45
document_properties_html
void document_properties_html(const goto_modelt &goto_model, std::ostream &out)
Definition: document_properties.cpp:362
add_failed_symbols
void add_failed_symbols(symbol_table_baset &symbol_table)
Create a failed-dereference symbol for all symbols in the given table that need one (i....
Definition: add_failed_symbols.cpp:78
global_may_alias.h
havoc_loops
void havoc_loops(goto_modelt &goto_model)
Definition: havoc_loops.cpp:116
alignment_checks.h
ensure_one_backedge_per_target.h
CPROVER_EXIT_SUCCESS
#define CPROVER_EXIT_SUCCESS
Success indicates the required analysis has been performed without error.
Definition: exit_codes.h:16
code_contractst::enforce_contracts
void enforce_contracts(const std::set< std::string > &to_enforce, const std::set< std::string > &to_exclude_from_nondet_init={})
Turn requires & ensures into assumptions and assertions for each of the named functions.
Definition: contracts.cpp:1619
value_set_analysis.h
HELP_REPLACE_CALLS
#define HELP_REPLACE_CALLS
Definition: replace_calls.h:58
string_abstraction
void string_abstraction(goto_modelt &goto_model, message_handlert &message_handler)
Definition: string_abstraction.cpp:72
messaget::eval_verbosity
static unsigned eval_verbosity(const std::string &user_input, const message_levelt default_verbosity, message_handlert &dest)
Parse a (user-)provided string as a verbosity level and set it as the verbosity of dest.
Definition: message.cpp:105
remove_skip.h
list_eloc
void list_eloc(const goto_modelt &goto_model)
Definition: count_eloc.cpp:68
label_function_pointer_call_sites.h
all
@ all
Definition: wmm.h:28
nondet_volatile
void nondet_volatile(goto_modelt &goto_model, const optionst &options)
Havoc reads from volatile expressions, if enabled in the options.
Definition: nondet_volatile.cpp:455
messaget::warning
mstreamt & warning() const
Definition: message.h:404
invalid_command_line_argument_exceptiont
Thrown when users pass incorrect command line arguments, for example passing no files to analysis or ...
Definition: exception_utils.h:50
thread_exit_instrumentation
void thread_exit_instrumentation(goto_programt &goto_program)
Definition: thread_instrumentation.cpp:26
HELP_UNINITIALIZED_CHECK
#define HELP_UNINITIALIZED_CHECK
Definition: uninitialized.h:29
cmdlinet::get_values
const std::list< std::string > & get_values(const std::string &option) const
Definition: cmdline.cpp:109
remove_function_pointers.h
HELP_WMM_FULL
#define HELP_WMM_FULL
Definition: weak_memory.h:94
parse_options_baset::cmdline
cmdlinet cmdline
Definition: parse_options.h:28
goto_modelt::symbol_table
symbol_tablet symbol_table
Symbol table.
Definition: goto_model.h:30
rw_set_functiont
Definition: rw_set.h:202
align_center_with_border
std::string align_center_with_border(const std::string &text)
Utility for displaying help centered messages borderered by "* *".
Definition: parse_options.cpp:161
print_path_lengths
void print_path_lengths(const goto_modelt &goto_model)
Definition: count_eloc.cpp:85
sese_region_analysist
Definition: sese_regions.h:19
symbolt::name
irep_idt name
The unique identifier.
Definition: symbol.h:40
cprover_library.h
restore_returns
void restore_returns(goto_modelt &goto_model)
restores return statements
Definition: remove_returns.cpp:397
dump_cpp
void dump_cpp(const goto_functionst &src, const bool use_system_headers, const bool use_all_headers, const bool include_harness, const namespacet &ns, std::ostream &out)
Definition: dump_c.cpp:1604
restrict_function_pointers
void restrict_function_pointers(message_handlert &message_handler, goto_modelt &goto_model, const optionst &options)
Apply function pointer restrictions to a goto_model.
Definition: restrict_function_pointers.cpp:169
forall_goto_program_instructions
#define forall_goto_program_instructions(it, program)
Definition: goto_program.h:1229
interval_analysis.h
list_calls_and_arguments
static void list_calls_and_arguments(const namespacet &ns, const goto_programt &goto_program)
Definition: call_sequences.cpp:271
dependence_graph.h
goto_unwindt::output_log_json
jsont output_log_json() const
Definition: unwind.h:77
HELP_TIMESTAMP
#define HELP_TIMESTAMP
Definition: timestamper.h:14
goto_instrument_parse_options.h
HELP_FLUSH
#define HELP_FLUSH
Definition: ui_message.h:108
reachability_slicer
void reachability_slicer(goto_modelt &goto_model, const bool include_forward_reachability, message_handlert &message_handler)
Perform reachability slicing on goto_model, with respect to the criterion given by all properties.
Definition: reachability_slicer.cpp:397
HELP_RESTRICT_FUNCTION_POINTER
#define HELP_RESTRICT_FUNCTION_POINTER
Definition: restrict_function_pointers.h:49
interval_analysis
void interval_analysis(goto_modelt &goto_model)
Initialises the abstract interpretation over interval domain and instruments instructions using inter...
Definition: interval_analysis.cpp:90
cprover_cpp_library_factory
void cprover_cpp_library_factory(const std::set< irep_idt > &functions, symbol_tablet &symbol_table, message_handlert &message_handler)
Definition: cprover_library.cpp:38
goto_inline
void goto_inline(goto_modelt &goto_model, message_handlert &message_handler, bool adjust_function)
Inline every function call into the entry_point() function.
Definition: goto_inline.cpp:26
escape_analysis.h
HELP_VALIDATE
#define HELP_VALIDATE
Definition: validation_interface.h:16
HELP_NONDET_VOLATILE
#define HELP_NONDET_VOLATILE
Definition: nondet_volatile.h:32