Enable the write stack for pointers to structs

This works correctly so we don't need to cautiously throw away stacks of
pointers to structs. The original concern was pointers to structs being
used as pointers to the first component, but the goto program introduces
a cast which means we don't create the pointer.

Added a unit test to document this behavior.

Author: thk123

regression/goto-analyzer/sensitivity-test-common-files/pointer_to_struct_sensitivity_tests.c

@@ -24,5 +24,30 @@ int main(int argc, char *argv[])
   __CPROVER_assert(p->b==2.0, "p->b==2.0");
   __CPROVER_assert(p->b==1.0, "p->b==1.0");
 
+  // pointers to components
+  int * comp_p = &x.a;
+  __CPROVER_assert(comp_p==&x.a, "comp_p==&x.a");
+  __CPROVER_assert(comp_p==&x.b, "comp_p==&x.b");
+  __CPROVER_assert(*comp_p==0, "*comp_p==0");
+  __CPROVER_assert(*comp_p==1, "*comp_p==1");
+
+  float * compb_p = &x.b;
+  __CPROVER_assert(compb_p==&x.a, "compb_p==&x.a");
+  __CPROVER_assert(compb_p==&x.b, "compb_p==&x.b");
+  __CPROVER_assert(*compb_p==2.0, "*compb_p==2.0");
+  __CPROVER_assert(*compb_p==1.0, "*compb_p==1.0");
+
+  // Use pointer implicitly pointing at the first component
+  int * implicit_p = &x;
+  __CPROVER_assert(implicit_p==&x.a, "implicit_p==&x.a");
+  __CPROVER_assert(implicit_p==&x, "implicit_p==&x");
+  __CPROVER_assert(*implicit_p==0, "*implicit_p==0");
+  __CPROVER_assert(*implicit_p==1, "*implicit_p==1");
+
+  // Write through pointer implicitly pointing at the first component
+  *implicit_p=5;
+  __CPROVER_assert(x.a==5, "x.a==5");
+  __CPROVER_assert(x.a==1, "x.a==1");
+
   return 0;
 }

regression/goto-analyzer/sensitivity-test-constants-pointer-to-constants-struct/test.desc

@@ -1,16 +1,30 @@
-KNOWNBUG
+CORE
 sensitivity_test_constants_pointer_to_constants_struct.c
 --variable --pointers --structs --verify
 ^EXIT=0$
 ^SIGNAL=0$
-^\[main.assertion.1\] .* \(\*p\).a==0: Success$
-^\[main.assertion.2\] .* \(\*p\).a==1: Failure \(if reachable\)$
-^\[main.assertion.3\] .* p->a==0: Success$
-^\[main.assertion.4\] .* p->a==1: Failure \(if reachable\)$
-^\[main.assertion.5\] .* p->b==2.0: Success$
-^\[main.assertion.6\] .* p->b==1.0: Failure \(if reachable\)$
+^\[main\.assertion\.1\] .* \(\*p\).a==0: Success$
+^\[main\.assertion\.2\] .* \(\*p\).a==1: Failure \(if reachable\)$
+^\[main\.assertion\.3\] .* p->a==0: Success$
+^\[main\.assertion\.4\] .* p->a==1: Failure \(if reachable\)$
+^\[main\.assertion\.5\] .* p->b==2.0: Success$
+^\[main\.assertion\.6\] .* p->b==1.0: Failure \(if reachable\)$
+^\[main\.assertion\.9\] .* \*comp_p==0: Success$
+^\[main\.assertion\.10\] .* \*comp_p==1: Failure \(if reachable\)$
+^\[main\.assertion\.13\] .* \*compb_p==2.0: Success$
+^\[main\.assertion\.14\] .* \*compb_p==1.0: Failure \(if reachable\)$
+^\[main\.assertion\.17\] .* \*implicit_p==0: Unknown$
+^\[main\.assertion\.18\] .* \*implicit_p==1: Unknown$
+^\[main\.assertion\.19\] .* x.a==5: Unknown$
+^\[main\.assertion\.20\] .* x.a==1: Unknown$
 --
 ^warning: ignoring
 --
-The final two assertions are the wrong way round as modifying the pointer
-does not seem to be propogating through. See #96
+The following assertions are not checked since simplify_expr doesn't handle
+them. See issue diffblue/cbmc-toyota#145
+^\[main\.assertion\.7\] .* comp_p==&x.a: Success
+^\[main\.assertion\.8\] .* comp_p==&x.b: Failure \(if reachable\)$
+^\[main\.assertion\.11\] .* compb_p==&x.a: Failure \(if reachable\)$
+^\[main\.assertion\.12\] .* compb_p==&x.b: Success
+^\[main\.assertion\.15\] .* implicit_p==&x.a: Success
+^\[main\.assertion\.16\] .* implicit_p==&x: Success

regression/goto-analyzer/sensitivity-test-constants-pointer-to-two-value-struct/test.desc

@@ -9,5 +9,19 @@ sensitivity_test_constants_pointer_to_two_value_struct.c
 ^\[main.assertion.4\] .* p->a==1: Unknown$
 ^\[main.assertion.5\] .* p->b==2.0: Unknown$
 ^\[main.assertion.6\] .* p->b==1.0: Unknown$
+\[main\.assertion\.7\] .* comp_p==&x\.a: Unknown$
+\[main\.assertion\.8\] .* comp_p==&x\.b: Unknown$
+\[main\.assertion\.9\] .* \*comp_p==0: Unknown$
+\[main\.assertion\.10\] .* \*comp_p==1: Unknown$
+\[main\.assertion\.11\] .* compb_p==&x\.a: Unknown$
+\[main\.assertion\.12\] .* compb_p==&x\.b: Unknown$
+\[main\.assertion\.13\] .* \*compb_p==2\.0: Unknown$
+\[main\.assertion\.14\] .* \*compb_p==1\.0: Unknown$
+\[main\.assertion\.15\] .* implicit_p==&x\.a: Unknown$
+\[main\.assertion\.16\] .* implicit_p==&x: Unknown$
+\[main\.assertion\.17\] .* \*implicit_p==0: Unknown$
+\[main\.assertion\.18\] .* \*implicit_p==1: Unknown$
+\[main\.assertion\.19\] .* x\.a==5: Unknown$
+\[main\.assertion\.20\] .* x\.a==1: Unknown$
 --
 ^warning: ignoring

regression/goto-analyzer/sensitivity-test-two-value-pointer-to-two-value-struct/test.desc

@@ -9,5 +9,18 @@ sensitivity_test_two_value_pointer_to_two_value_struct.c
 ^\[main.assertion.4\] .* p->a==1: Unknown$
 ^\[main.assertion.5\] .* p->b==2.0: Unknown$
 ^\[main.assertion.6\] .* p->b==1.0: Unknown$
+^\[main.assertion.8\] .* comp_p==&x.b: Unknown$
+^\[main.assertion.9\] .* \*comp_p==0: Unknown$
+^\[main.assertion.10\] .* \*comp_p==1: Unknown$
+^\[main.assertion.11\] .* compb_p==&x.a: Unknown$
+^\[main.assertion.12\] .* compb_p==&x.b: Unknown$
+^\[main.assertion.13\] .* \*compb_p==2.0: Unknown$
+^\[main.assertion.14\] .* \*compb_p==1.0: Unknown$
+^\[main.assertion.15\] .* implicit_p==&x.a: Unknown$
+^\[main.assertion.16\] .* implicit_p==&x: Unknown$
+^\[main.assertion.17\] .* \*implicit_p==0: Unknown$
+^\[main.assertion.18\] .* \*implicit_p==1: Unknown$
+^\[main.assertion.19\] .* x.a==5: Unknown$
+^\[main.assertion.20\] .* x.a==1: Unknown$
 --
 ^warning: ignoring

src/analyses/variable-sensitivity/write_stack.cpp

@@ -60,14 +60,6 @@ void write_stackt::construct_stack_to_pointer(
 {
   PRECONDITION(expr.type().id()==ID_pointer);
 
-  // If we are a pointer to a struct, we do not currently support reading
-  // writing directly to it so just create a top stack
-  if(ns.follow(expr.type().subtype()).id()==ID_struct)
-  {
-    top_stack=true;
-    return;
-  }
-
   if(expr.id()==ID_address_of)
   {
     // resovle reminder, can either be a symbol, member or index of

unit/analyses/variable-sensitivity/write_stack.cpp

@@ -353,15 +353,29 @@ SCENARIO("Constructing write stacks",
       }
       WHEN("Constructing from &s")
       {
-        // fiddly as it depends on the type to some degree
-        // if we want to make a (struct str *) then we want to make a pointer to
-        // &s
-        // If it is a pointer to the type of the first component then we really
-        // want &(s.comp)
-        // for now we just reject and create a junk stack
         exprt in_expr=to_expr("&s", ns);
         CAPTURE(expr2c(in_expr, ns));
 
+        THEN("Then should get a write stack representing &s")
+        {
+          auto stack=write_stackt(in_expr, environment, ns);
+          REQUIRE_FALSE(stack.is_top_value());
+          const exprt &out_expr=stack.to_expression();
+
+          CAPTURE(expr2c(out_expr, ns));
+
+          REQUIRE(out_expr.id()==ID_address_of);
+          const exprt &object=out_expr.op0();
+          require_exprt::require_symbol(object, "s");
+        }
+      }
+      WHEN("Constructing from (int *)&s")
+      {
+        // TODO: we could in theory analyse the struct and offset the pointer
+        // but not yet
+        exprt in_expr=to_expr("(int *)&s", ns);
+        CAPTURE(expr2c(in_expr, ns));
+
         THEN("Then should get a top stack")
         {
           auto stack=write_stackt(in_expr, environment, ns);
@@ -419,9 +433,16 @@ SCENARIO("Constructing write stacks",
 
         THEN("The constructed stack should be TOP")
         {
-          // Since we don't allow constructing a pointer to a struct yet
           auto stack=write_stackt(in_expr, environment, ns);
-          REQUIRE(stack.is_top_value());
+          REQUIRE_FALSE(stack.is_top_value());
+          const exprt &out_expr=stack.to_expression();
+
+          CAPTURE(expr2c(out_expr, ns));
+
+          REQUIRE(out_expr.id()==ID_address_of);
+          const exprt &object=out_expr.op0();
+          const index_exprt &index_expr=require_exprt::require_index(object, 1);
+          require_exprt::require_symbol(index_expr.array(), "arr_s");
         }
       }
       GIVEN("A symbol int x")