This module is responsible for the synthesis of code (in the form of a sequence of codet statements) that can allocate and initialize non-deterministically both primitive Java types and objects. More...
Go to the source code of this file.
gen_nondet_init below, but instead of allocating and non-deterministically initializing the the argument expr passed to that function, we create a static global object of type type and non-deterministically initialize it. expr, allocating child objects as necessary and nondet-initializing their members, or if MAY_ or MUST_UPDATE_IN_PLACE is set, re-initializing already-allocated objects. expr. This module is responsible for the synthesis of code (in the form of a sequence of codet statements) that can allocate and initialize non-deterministically both primitive Java types and objects.
The non-deterministic initialization of one object triggers the non-deterministic initialization of all its fields, which in turn could be references to other objects. We thus speak about an object tree.
This is useful for, e.g., the creation of a verification harness (non-det initialization of the parameters of the method to verify), mocking methods that are called but for which we don't have a body (overapproximating the return value and possibly side effects).
The two main APIs are gen_nondet_init() and object_factory() (which calls gen_nondet_init()), at the bottom of the file. A call to
gen_nondet_init(expr, code, ..., update_in_place)
appends to code (a code_blockt) a sequence of statements that non-deterministically initialize the expr (which is expected to be an l-value exprt) with a primitive or reference value of type equal to or compatible with expr.type() – see documentation for the argument pointer_type_selector for additional details. gen_nondet_init() is the starting point of a recursive algorithm, and most other functions in this file are different (recursive or base) cases depending on the type of expr.
The code generated mainly depends on the parameter update_in_place. Assume that expr is a reference to an object (in our IR, that means a pointer to a struct).
When update_in_place == NO_UPDATE_IN_PLACE, the following code is generated:
When update_in_place == MUST_UPDATE_IN_PLACE, the following code is generated (assuming that MyClass has fields "int x" and "OtherClass y"):
When update_in_place == MAY_UPDATE_IN_PLACE, the following code is generated:
Definition in file java_object_factory.h.
Definition at line 136 of file java_object_factory.h.
| Enumerator | |
|---|---|
| NO_UPDATE_IN_PLACE | |
| MAY_UPDATE_IN_PLACE | |
| MUST_UPDATE_IN_PLACE | |
Definition at line 106 of file java_object_factory.h.
Synthesize GOTO for generating a array of nondet length to be stored in the expr.
Definition at line 1372 of file java_object_factory.cpp.
Initializes a primitive-typed or reference-typed object tree rooted at expr, allocating child objects as necessary and nondet-initializing their members, or if MAY_ or MUST_UPDATE_IN_PLACE is set, re-initializing already-allocated objects.
expr and child objects it refers to. init_code will be inserted to. This includes any necessary temporaries, and if create_dyn_objs is false, any allocated objects. @class_identifier. expr from scratch MAY_UPDATE_IN_PLACE: generate a runtime nondet branch between the NO_ and MUST_ cases. MUST_UPDATE_IN_PLACE: reinitialize an existing object Definition at line 1621 of file java_object_factory.cpp.
Call gen_nondet_init() above with a default (identity) pointer_type_selector.
Definition at line 1678 of file java_object_factory.cpp.
Call object_factory() above with a default (identity) pointer_type_selector.
Definition at line 1654 of file java_object_factory.cpp.
Similar to gen_nondet_init below, but instead of allocating and non-deterministically initializing the the argument expr passed to that function, we create a static global object of type type and non-deterministically initialize it.
See gen_nondet_init for a description of the parameters. The only new one is type, which is the type of the object to create.
symbol_table gains any new symbols created, and init_code gains any instructions required to initialize either the returned value or its child objects Definition at line 1544 of file java_object_factory.cpp.