Replace side effects expressions inside address_of

tautschnig · tautschnig · commit c09873ba07fe · 2019-03-31T20:55:13.000Z
The C++ front-end may generate expressions that take the address of side
effects, such as temporary objects or assignments, when a reference is
taken. These side effects need to be replaced, just as is done outside
address_of expressions.
diff --git a/regression/cbmc-cpp/lvalue1/main.cpp b/regression/cbmc-cpp/lvalue1/main.cpp
@@ -0,0 +1,20 @@
+#include <cassert>
+enum asd
+{
+  ASD,
+  ABC
+};
+
+int main()
+{
+  asd a = ASD, b = ASD;
+
+  // casts to references are lvalues
+  asd &c = (asd &)((int &)a |= (int &)b);
+  assert(a == ASD);
+  c = ABC;
+  assert(a == ABC);
+
+  // in C++, comma expressions are lvalues
+  (a, b) = ASD;
+}
diff --git a/regression/cbmc-cpp/lvalue1/test.desc b/regression/cbmc-cpp/lvalue1/test.desc
@@ -0,0 +1,10 @@
+CORE
+main.cpp
+
+^EXIT=0$
+^SIGNAL=0$
+VERIFICATION SUCCESSFUL
+--
+^warning: ignoring
+^CONVERSION ERROR$
+--
diff --git a/regression/systemc/Masc1/test.desc b/regression/systemc/Masc1/test.desc
@@ -1,4 +1,4 @@
-KNOWNBUG
+CORE
 main.cpp
 
 ^EXIT=0$
diff --git a/regression/systemc/MascInst1/test.desc b/regression/systemc/MascInst1/test.desc
@@ -1,4 +1,4 @@
-KNOWNBUG
+CORE
 main.cpp
 
 ^EXIT=0$
diff --git a/regression/systemc/This1/test.desc b/regression/systemc/This1/test.desc
@@ -1,4 +1,4 @@
-KNOWNBUG
+CORE
 main.cpp
 
 ^EXIT=0$
diff --git a/src/cpp/cpp_constructor.cpp b/src/cpp/cpp_constructor.cpp
@@ -269,9 +269,8 @@ void cpp_typecheckt::new_temporary(
   exprt &temporary)
 {
   // create temporary object
-  exprt tmp_object_expr=exprt(ID_side_effect, type);
-  tmp_object_expr.set(ID_statement, ID_temporary_object);
-  tmp_object_expr.add_source_location()= source_location;
+  side_effect_exprt tmp_object_expr(ID_temporary_object, type, source_location);
+  tmp_object_expr.set(ID_mode, ID_cpp);
 
   exprt new_object(ID_new_object);
   new_object.add_source_location()=tmp_object_expr.source_location();
diff --git a/src/cpp/cpp_typecheck_conversions.cpp b/src/cpp/cpp_typecheck_conversions.cpp
@@ -911,6 +911,7 @@ bool cpp_typecheckt::user_defined_conversion_sequence(
             ID_temporary_object, type, expr.source_location());
           tmp_object_expr.copy_to_operands(deref);
           tmp_object_expr.set(ID_C_lvalue, true);
+          tmp_object_expr.set(ID_mode, ID_cpp);
 
           new_expr.swap(tmp_object_expr);
           return true;
@@ -1390,6 +1391,7 @@ bool cpp_typecheckt::reference_binding(
       // create temporary object
       side_effect_exprt tmp(
         ID_temporary_object, type.subtype(), expr.source_location());
+      tmp.set(ID_mode, ID_cpp);
       // tmp.set(ID_C_lvalue, true);
       tmp.add_to_operands(std::move(new_expr));
       new_expr.swap(tmp);
diff --git a/src/goto-programs/goto_clean_expr.cpp b/src/goto-programs/goto_clean_expr.cpp
@@ -487,6 +487,10 @@ void goto_convertt::clean_expr_address_of(
     // do again
     clean_expr_address_of(expr, dest, mode);
   }
+  else if(expr.id() == ID_side_effect)
+  {
+    remove_side_effect(to_side_effect_expr(expr), dest, mode, true);
+  }
   else
     Forall_operands(it, expr)
       clean_expr_address_of(*it, dest, mode);

Original file line number	Diff line number	Diff line change
`@@ -1,4 +1,4 @@`
`1`		`-KNOWNBUG`
	`1`	`+CORE`
`2`	`2`	`main.cpp`
`3`	`3`
`4`	`4`	`^EXIT=0$`