cbmc/dfcc_8h_source.html

/*******************************************************************\


Module: Dynamic frame condition checking for function contracts


Author: Remi Delmas, delmasrd@amazon.com


\*******************************************************************/


#ifndef CPROVER_GOTO_INSTRUMENT_CONTRACTS_DYNAMIC_FRAMES_DFCC_H

#define CPROVER_GOTO_INSTRUMENT_CONTRACTS_DYNAMIC_FRAMES_DFCC_H


#include <util/exception_utils.h>

#include <util/irep.h>

#include <util/message.h>


#include "dfcc_contract_clauses_codegen.h"

#include "dfcc_contract_handler.h"

#include "dfcc_instrument.h"

#include "dfcc_library.h"

#include "dfcc_lift_memory_predicates.h"

#include "dfcc_spec_functions.h"

#include "dfcc_swap_and_wrap.h"


#include <map>

#include <set>


class goto_modelt;

class messaget;

class message_handlert;

class symbolt;

class conditional_target_group_exprt;

class optionst;


#define FLAG_DFCC "dfcc"

#define OPT_DFCC "(" FLAG_DFCC "):"


#define HELP_DFCC                                                              \

  " {y--dfcc} {uharness} \t "                                                  \

  "activate dynamic frame condition checking for contracts using the given "   \

  "harness as entry point\n"


#define FLAG_ENFORCE_CONTRACT_REC "enforce-contract-rec"

#define OPT_ENFORCE_CONTRACT_REC "(" FLAG_ENFORCE_CONTRACT_REC "):"


#define HELP_ENFORCE_CONTRACT_REC                                              \

  " {y--enforce-contract-rec} {ufunction}[{y/}{ucontract}] \t "                \

  "wrap {ufunction} with an assertion of the contract and assume recursive "   \

  "calls to "                                                                  \

  "{ufunction} satisfy the contract\n"


class invalid_function_contract_pair_exceptiont : public cprover_exception_baset

{

public:

  explicit invalid_function_contract_pair_exceptiont(

    std::string reason,

    std::string correct_format = "");


  std::string what() const override;


  std::string correct_format;

};


void dfcc(

  const optionst &options,

  goto_modelt &goto_model,

  const irep_idt &harness_id,

  const std::optional<irep_idt> &to_check,

  const bool allow_recursive_calls,

  const std::set<irep_idt> &to_replace,

  const loop_contract_configt loop_contract_config,

  const std::set<std::string> &to_exclude_from_nondet_static,

  message_handlert &message_handler);


class dfcct

{

public:

  dfcct(

    const optionst &options,

    goto_modelt &goto_model,

    const irep_idt &harness_id,

    const std::optional<std::pair<irep_idt, irep_idt>> &to_check,

    const bool allow_recursive_calls,

    const std::map<irep_idt, irep_idt> &to_replace,

    const loop_contract_configt loop_contract_config,

    message_handlert &message_handler,

    const std::set<std::string> &to_exclude_from_nondet_static);


  void transform_goto_model();


protected:

  const optionst &options;

  goto_modelt &goto_model;

  const irep_idt &harness_id;

  const std::optional<std::pair<irep_idt, irep_idt>> &to_check;

  const bool allow_recursive_calls;

  const std::map<irep_idt, irep_idt> &to_replace;

  const loop_contract_configt loop_contract_config;

  const std::set<std::string> &to_exclude_from_nondet_static;

  message_handlert &message_handler;

  messaget log;


  // Singletons that hold the global state of the program transformation

  // (caches etc.)

  dfcc_libraryt library;

  namespacet ns;

  dfcc_spec_functionst spec_functions;

  dfcc_contract_clauses_codegent contract_clauses_codegen;

  dfcc_instrumentt instrument;

  dfcc_lift_memory_predicatest memory_predicates;

  dfcc_contract_handlert contract_handler;

  dfcc_swap_and_wrapt swap_and_wrap;


  std::size_t max_assigns_clause_size;


  // partition the set of functions of the goto_model

  std::set<irep_idt> pure_contract_symbols;

  std::set<irep_idt> other_symbols;

  std::set<irep_idt> function_pointer_contracts;


  void check_transform_goto_model_preconditions();


  void partition_function_symbols(

    std::set<irep_idt> &pure_contract_symbols,

    std::set<irep_idt> &other_symbols);


  void link_model_and_load_dfcc_library();

  void instrument_harness_function();

  void lift_memory_predicates();

  void wrap_checked_function();

  void wrap_replaced_functions();

  void wrap_discovered_function_pointer_contracts();

  void instrument_other_functions();


  void reinitialize_model();

};


#endif

conditional_target_group_exprt
A class for an expression that represents a conditional target or a list of targets sharing a common ...
Definition c_expr.h:233

cprover_exception_baset
Base class for exceptions thrown in the cprover project.
Definition c_errors.h:64

cprover_exception_baset::reason
std::string reason
The reason this exception was generated.
Definition c_errors.h:83

dfcc_contract_clauses_codegent
Translates assigns and frees clauses of a function contract or loop contract into GOTO programs that ...
Definition dfcc_contract_clauses_codegen.h:29

dfcc_contract_handlert
A contract is represented by a function declaration or definition with contract clauses attached to i...
Definition dfcc_contract_handler.h:60

dfcc_instrumentt
This class instruments GOTO functions or instruction sequences for frame condition checking and loop ...
Definition dfcc_instrument.h:44

dfcc_libraryt
Class interface to library types and functions defined in cprover_contracts.c.
Definition dfcc_library.h:163

dfcc_lift_memory_predicatest
Definition dfcc_lift_memory_predicates.h:36

dfcc_spec_functionst
This class rewrites GOTO functions that use the built-ins:
Definition dfcc_spec_functions.h:49

dfcc_swap_and_wrapt
Definition dfcc_swap_and_wrap.h:40

dfcct
Entry point into the contracts transformation.
Definition dfcc.h:116

dfcct::goto_model
goto_modelt & goto_model
Definition dfcc.h:168

dfcct::function_pointer_contracts
std::set< irep_idt > function_pointer_contracts
Definition dfcc.h:196

dfcct::options
const optionst & options
Definition dfcc.h:167

dfcct::pure_contract_symbols
std::set< irep_idt > pure_contract_symbols
Definition dfcc.h:194

dfcct::spec_functions
dfcc_spec_functionst spec_functions
Definition dfcc.h:182

dfcct::instrument_harness_function
void instrument_harness_function()
Definition dfcc.cpp:291

dfcct::instrument_other_functions
void instrument_other_functions()
Definition dfcc.cpp:432

dfcct::loop_contract_config
const loop_contract_configt loop_contract_config
Definition dfcc.h:173

dfcct::reinitialize_model
void reinitialize_model()
Re-initialise the GOTO model.
Definition dfcc.cpp:507

dfcct::to_exclude_from_nondet_static
const std::set< std::string > & to_exclude_from_nondet_static
Definition dfcc.h:174

dfcct::link_model_and_load_dfcc_library
void link_model_and_load_dfcc_library()
Definition dfcc.cpp:269

dfcct::swap_and_wrap
dfcc_swap_and_wrapt swap_and_wrap
Definition dfcc.h:187

dfcct::memory_predicates
dfcc_lift_memory_predicatest memory_predicates
Definition dfcc.h:185

dfcct::wrap_checked_function
void wrap_checked_function()
Definition dfcc.cpp:316

dfcct::lift_memory_predicates
void lift_memory_predicates()
Definition dfcc.cpp:304

dfcct::log
messaget log
Definition dfcc.h:176

dfcct::to_check
const std::optional< std::pair< irep_idt, irep_idt > > & to_check
Definition dfcc.h:170

dfcct::check_transform_goto_model_preconditions
void check_transform_goto_model_preconditions()
Checks preconditions on arguments of transform_goto_model.
Definition dfcc.cpp:172

dfcct::max_assigns_clause_size
std::size_t max_assigns_clause_size
Tracks the maximum number of targets in any assigns clause handled in the transformation (used to spe...
Definition dfcc.h:191

dfcct::transform_goto_model
void transform_goto_model()
Applies function contracts and loop contracts transformation to GOTO model using the dynamic frame co...
Definition dfcc.cpp:452

dfcct::instrument
dfcc_instrumentt instrument
Definition dfcc.h:184

dfcct::library
dfcc_libraryt library
Definition dfcc.h:180

dfcct::wrap_replaced_functions
void wrap_replaced_functions()
Definition dfcc.cpp:345

dfcct::message_handler
message_handlert & message_handler
Definition dfcc.h:175

dfcct::harness_id
const irep_idt & harness_id
Definition dfcc.h:169

dfcct::contract_clauses_codegen
dfcc_contract_clauses_codegent contract_clauses_codegen
Definition dfcc.h:183

dfcct::allow_recursive_calls
const bool allow_recursive_calls
Definition dfcc.h:171

dfcct::other_symbols
std::set< irep_idt > other_symbols
Definition dfcc.h:195

dfcct::contract_handler
dfcc_contract_handlert contract_handler
Definition dfcc.h:186

dfcct::to_replace
const std::map< irep_idt, irep_idt > & to_replace
Definition dfcc.h:172

dfcct::partition_function_symbols
void partition_function_symbols(std::set< irep_idt > &pure_contract_symbols, std::set< irep_idt > &other_symbols)
Partitions the function symbols of the symbol table into pure contracts and other function symbols sy...
Definition dfcc.cpp:236

dfcct::wrap_discovered_function_pointer_contracts
void wrap_discovered_function_pointer_contracts()
Definition dfcc.cpp:362

dfcct::ns
namespacet ns
Definition dfcc.h:181

dstringt
dstringt has one field, an unsigned integer no which is an index into a static table of strings.
Definition dstring.h:38

goto_modelt
Definition goto_model.h:27

invalid_function_contract_pair_exceptiont
Exception thrown for bad function/contract specification pairs passed on the CLI.
Definition dfcc.h:73

invalid_function_contract_pair_exceptiont::what
std::string what() const override
A human readable description of what went wrong.
Definition dfcc.cpp:38

invalid_function_contract_pair_exceptiont::correct_format
std::string correct_format
Definition dfcc.h:81

message_handlert
Definition message.h:27

messaget
Class that provides messages with a built-in verbosity 'level'.
Definition message.h:154

namespacet
A namespacet is essentially one or two symbol tables bound together, to allow for symbol lookups in t...
Definition namespace.h:91

optionst
Definition options.h:23

symbolt
Symbol table entry.
Definition symbol.h:28

dfcc_contract_clauses_codegen.h
Translates assigns and frees clauses of a function contract or loop contract into goto programs that ...

dfcc_contract_handler.h
Specialisation of dfcc_contract_handlert for contracts.

dfcc_instrument.h
Add instrumentation to a goto program to perform frame condition checks.

dfcc_library.h
Dynamic frame condition checking library loading.

dfcc_lift_memory_predicates.h
Collects all user-defined predicates that call functions is_fresh, pointer_in_range,...

dfcc_spec_functions.h
Translate functions that specify assignable and freeable targets declaratively into active functions ...

dfcc_swap_and_wrap.h
Given a function_id and contract_id, swaps its body to a function with a fresh mangled name,...

exception_utils.h

dfcc
void dfcc(const optionst &options, goto_modelt &goto_model, const irep_idt &harness_id, const std::optional< irep_idt > &to_check, const bool allow_recursive_calls, const std::set< irep_idt > &to_replace, const loop_contract_configt loop_contract_config, const std::set< std::string > &to_exclude_from_nondet_static, message_handlert &message_handler)
Applies function contracts transformation to GOTO model, using the dynamic frame condition checking a...
Definition dfcc.cpp:93

irep.h

message.h

loop_contract_configt
Loop contract configurations.
Definition loop_contract_config.h:19