Linking: replace conflicting pointer types when one declaration is extern

tautschnig · tautschnig · commit 3086f21ac5c7 · 2018-08-13T13:15:42.000Z
diff --git a/regression/cbmc/Linking8/a.c b/regression/cbmc/Linking8/a.c
@@ -0,0 +1,11 @@
+#include <stdlib.h>
+
+void foo();
+
+int main()
+{
+  extern void *p;
+  p = malloc(sizeof(int));
+  foo();
+  return 0;
+}
diff --git a/regression/cbmc/Linking8/b.c b/regression/cbmc/Linking8/b.c
@@ -0,0 +1,6 @@
+int *p;
+
+void foo()
+{
+  *p = 42;
+}
diff --git a/regression/cbmc/Linking8/test.desc b/regression/cbmc/Linking8/test.desc
@@ -0,0 +1,8 @@
+CORE
+b.c
+a.c --pointer-check
+^EXIT=0$
+^SIGNAL=0$
+^VERIFICATION SUCCESSFUL$
+--
+^warning: ignoring
diff --git a/src/ansi-c/c_typecheck_base.cpp b/src/ansi-c/c_typecheck_base.cpp
@@ -67,6 +67,15 @@ void c_typecheck_baset::typecheck_symbol(symbolt &symbol)
     // and have static lifetime
     new_name=root_name;
     symbol.is_static_lifetime=true;
+
+    if(symbol.value.is_not_nil())
+    {
+      // According to the C standard this should be an error, but at least some
+      // versions of Visual Studio insist to use this in their C library, and
+      // GCC just warns as well.
+      warning().source_location = symbol.value.find_source_location();
+      warning() << "`extern' symbol should not have an initializer" << eom;
+    }
   }
   else if(!is_function && symbol.value.id()==ID_code)
   {
diff --git a/src/goto-symex/symex_dereference.cpp b/src/goto-symex/symex_dereference.cpp
@@ -214,6 +214,23 @@ exprt goto_symext::address_arithmetic(
     else
       result=address_of_exprt(result);
   }
+  else if(expr.id() == ID_typecast)
+  {
+    const typecast_exprt &tc_expr = to_typecast_expr(expr);
+
+    result = address_arithmetic(tc_expr.op(), state, guard, keep_array);
+
+    // treat &array as &array[0]
+    const typet &expr_type = ns.follow(expr.type());
+    typet dest_type_subtype;
+
+    if(expr_type.id() == ID_array && !keep_array)
+      dest_type_subtype = expr_type.subtype();
+    else
+      dest_type_subtype = expr_type;
+
+    result = typecast_exprt(result, pointer_type(dest_type_subtype));
+  }
   else
     throw "goto_symext::address_arithmetic does not handle "+expr.id_string();
 
diff --git a/src/linking/linking.cpp b/src/linking/linking.cpp
@@ -24,6 +24,21 @@ Author: Daniel Kroening, kroening@kroening.com
 
 #include "linking_class.h"
 
+bool casting_replace_symbolt::replace_symbol_expr(symbol_exprt &s) const
+{
+  expr_mapt::const_iterator it = expr_map.find(s.get_identifier());
+
+  if(it == expr_map.end())
+    return true;
+
+  const exprt &e = it->second;
+
+  typet type = s.type();
+  static_cast<exprt &>(s) = typecast_exprt::conditional_cast(e, type);
+
+  return false;
+}
+
 std::string linkingt::expr_to_string(
   const namespacet &ns,
   const irep_idt &identifier,
@@ -875,6 +890,11 @@ bool linkingt::adjust_object_type_rec(
       "conflicting pointer types for variable");
     #endif
 
+    if(info.old_symbol.is_extern && !info.new_symbol.is_extern)
+    {
+      info.set_to_new = true; // store new type
+    }
+
     return false;
   }
   else if(t1.id()==ID_array &&
@@ -961,10 +981,10 @@ void linkingt::duplicate_object_symbol(
   symbolt &new_symbol)
 {
   // both are variables
+  bool set_to_new = false;
 
   if(!base_type_eq(old_symbol.type, new_symbol.type, ns))
   {
-    bool set_to_new=false;
     bool failed=
       adjust_object_type(old_symbol, new_symbol, set_to_new);
 
@@ -1043,6 +1063,14 @@ void linkingt::duplicate_object_symbol(
       }
     }
   }
+  else if(
+    set_to_new && !old_symbol.value.is_nil() &&
+    !old_symbol.value.get_bool(ID_C_zero_initializer))
+  {
+    // the type has been updated, now make sure that the initialising assignment
+    // will have matching types
+    old_symbol.value.make_typecast(old_symbol.type);
+  }
 }
 
 void linkingt::duplicate_non_type_symbol(
diff --git a/src/linking/linking_class.h b/src/linking/linking_class.h
@@ -18,6 +18,18 @@ Author: Daniel Kroening, kroening@kroening.com
 #include <util/typecheck.h>
 #include <util/std_expr.h>
 
+class casting_replace_symbolt : public replace_symbolt
+{
+public:
+  casting_replace_symbolt(const namespacet &ns)
+    : replace_symbolt(ns)
+  {
+  }
+
+private:
+  bool replace_symbol_expr(symbol_exprt &dest) const override;
+};
+
 class linkingt:public typecheckt
 {
 public:
@@ -28,15 +40,13 @@ class linkingt:public typecheckt
     typecheckt(_message_handler),
     main_symbol_table(_main_symbol_table),
     src_symbol_table(_src_symbol_table),
-    ns(_main_symbol_table)
+    ns(_main_symbol_table),
+    object_type_updates(ns)
   {
   }
 
   virtual void typecheck();
 
-  rename_symbolt rename_symbol;
-  unchecked_replace_symbolt object_type_updates;
-
 protected:
   bool needs_renaming_type(
     const symbolt &old_symbol,
@@ -177,6 +187,10 @@ class linkingt:public typecheckt
 
   // the new IDs created by renaming
   std::unordered_set<irep_idt> renamed_ids;
+
+public:
+  casting_replace_symbolt object_type_updates;
+  rename_symbolt rename_symbol;
 };
 
 #endif // CPROVER_LINKING_LINKING_CLASS_H

-Original file line number
+Diff line change
@@ @@ -0,0 +1,6 @@ @@
 +int *p;
++
 +void foo()
 +{
 +  *p = 42;
 +}