cbmc/dfcc_8h_source.html

 /*******************************************************************\


 Module: Dynamic frame condition checking for function contracts


 Author: Remi Delmas, delmasrd@amazon.com


 \*******************************************************************/


 #ifndef CPROVER_GOTO_INSTRUMENT_CONTRACTS_DYNAMIC_FRAMES_DFCC_H

 #define CPROVER_GOTO_INSTRUMENT_CONTRACTS_DYNAMIC_FRAMES_DFCC_H


 #include <util/exception_utils.h>

 #include <util/irep.h>

 #include <util/message.h>


 #include "dfcc_contract_clauses_codegen.h"

 #include "dfcc_contract_handler.h"

 #include "dfcc_instrument.h"

 #include "dfcc_library.h"

 #include "dfcc_lift_memory_predicates.h"

 #include "dfcc_spec_functions.h"

 #include "dfcc_swap_and_wrap.h"


 #include <map>

 #include <set>


 class goto_modelt;

 class messaget;

 class message_handlert;

 class symbolt;

 class conditional_target_group_exprt;

 class optionst;


 #define FLAG_DFCC "dfcc"

 #define OPT_DFCC "(" FLAG_DFCC "):"


 #define HELP_DFCC                                                              \

   " {y--dfcc} {uharness} \t "                                                  \

   "activate dynamic frame condition checking for contracts using the given "   \

   "harness as entry point\n"


 #define FLAG_ENFORCE_CONTRACT_REC "enforce-contract-rec"

 #define OPT_ENFORCE_CONTRACT_REC "(" FLAG_ENFORCE_CONTRACT_REC "):"

 #define HELP_ENFORCE_CONTRACT_REC                                              \

   " {y--enforce-contract-rec} {ufunction}[{y/}{ucontract}] \t "                \

   "wrap {ufunction} with an assertion of the contract and assume recursive "   \

   "calls to "                                                                  \

   "{ufunction} satisfy the contract\n"


 class invalid_function_contract_pair_exceptiont : public cprover_exception_baset

 {

 public:

   explicit invalid_function_contract_pair_exceptiont(

     std::string reason,

     std::string correct_format = "");


   std::string what() const override;


   std::string correct_format;

 };


 void dfcc(

   const optionst &options,

   goto_modelt &goto_model,

   const irep_idt &harness_id,

   const std::optional<irep_idt> &to_check,

   const bool allow_recursive_calls,

   const std::set<irep_idt> &to_replace,

   const loop_contract_configt loop_contract_config,

   const std::set<std::string> &to_exclude_from_nondet_static,

   message_handlert &message_handler);


 class dfcct

 {

 public:

   dfcct(

     const optionst &options,

     goto_modelt &goto_model,

     const irep_idt &harness_id,

     const std::optional<std::pair<irep_idt, irep_idt>> &to_check,

     const bool allow_recursive_calls,

     const std::map<irep_idt, irep_idt> &to_replace,

     const loop_contract_configt loop_contract_config,

     message_handlert &message_handler,

     const std::set<std::string> &to_exclude_from_nondet_static);


   void transform_goto_model();


 protected:

   const optionst &options;

   goto_modelt &goto_model;

   const irep_idt &harness_id;

   const std::optional<std::pair<irep_idt, irep_idt>> &to_check;

   const bool allow_recursive_calls;

   const std::map<irep_idt, irep_idt> &to_replace;

   const loop_contract_configt loop_contract_config;

   const std::set<std::string> &to_exclude_from_nondet_static;

   message_handlert &message_handler;

   messaget log;


   // Singletons that hold the global state of the program transformation

   // (caches etc.)

   dfcc_libraryt library;

   namespacet ns;

   dfcc_spec_functionst spec_functions;

   dfcc_contract_clauses_codegent contract_clauses_codegen;

   dfcc_instrumentt instrument;

   dfcc_lift_memory_predicatest memory_predicates;

   dfcc_contract_handlert contract_handler;

   dfcc_swap_and_wrapt swap_and_wrap;


   std::size_t max_assigns_clause_size;


   // partition the set of functions of the goto_model

   std::set<irep_idt> pure_contract_symbols;

   std::set<irep_idt> other_symbols;

   std::set<irep_idt> function_pointer_contracts;


   void check_transform_goto_model_preconditions();


   void partition_function_symbols(

     std::set<irep_idt> &pure_contract_symbols,

     std::set<irep_idt> &other_symbols);


   void link_model_and_load_dfcc_library();

   void instrument_harness_function();

   void lift_memory_predicates();

   void wrap_checked_function();

   void wrap_replaced_functions();

   void wrap_discovered_function_pointer_contracts();

   void instrument_other_functions();


   void reinitialize_model();

 };


 #endif

conditional_target_group_exprt
A class for an expression that represents a conditional target or a list of targets sharing a common ...
Definition: c_expr.h:233

cprover_exception_baset
Base class for exceptions thrown in the cprover project.
Definition: c_errors.h:64

cprover_exception_baset::reason
std::string reason
The reason this exception was generated.
Definition: c_errors.h:83

dfcc_contract_clauses_codegent
Translates assigns and frees clauses of a function contract or loop contract into GOTO programs that ...
Definition: dfcc_contract_clauses_codegen.h:36

dfcc_contract_handlert
A contract is represented by a function declaration or definition with contract clauses attached to i...
Definition: dfcc_contract_handler.h:65

dfcc_instrumentt
This class instruments GOTO functions or instruction sequences for frame condition checking and loop ...
Definition: dfcc_instrument.h:44

dfcc_libraryt
Class interface to library types and functions defined in cprover_contracts.c.
Definition: dfcc_library.h:154

dfcc_lift_memory_predicatest
Definition: dfcc_lift_memory_predicates.h:37

dfcc_spec_functionst
This class rewrites GOTO functions that use the built-ins:
Definition: dfcc_spec_functions.h:44

dfcc_swap_and_wrapt
Definition: dfcc_swap_and_wrap.h:42

dfcct
Entry point into the contracts transformation.
Definition: dfcc.h:116

dfcct::goto_model
goto_modelt & goto_model
Definition: dfcc.h:168

dfcct::function_pointer_contracts
std::set< irep_idt > function_pointer_contracts
Definition: dfcc.h:196

dfcct::options
const optionst & options
Definition: dfcc.h:167

dfcct::pure_contract_symbols
std::set< irep_idt > pure_contract_symbols
Definition: dfcc.h:194

dfcct::spec_functions
dfcc_spec_functionst spec_functions
Definition: dfcc.h:182

dfcct::instrument_harness_function
void instrument_harness_function()
Definition: dfcc.cpp:305

dfcct::instrument_other_functions
void instrument_other_functions()
Definition: dfcc.cpp:446

dfcct::loop_contract_config
const loop_contract_configt loop_contract_config
Definition: dfcc.h:173

dfcct::reinitialize_model
void reinitialize_model()
Re-initialise the GOTO model.
Definition: dfcc.cpp:521

dfcct::to_exclude_from_nondet_static
const std::set< std::string > & to_exclude_from_nondet_static
Definition: dfcc.h:174

dfcct::dfcct
dfcct(const optionst &options, goto_modelt &goto_model, const irep_idt &harness_id, const std::optional< std::pair< irep_idt, irep_idt >> &to_check, const bool allow_recursive_calls, const std::map< irep_idt, irep_idt > &to_replace, const loop_contract_configt loop_contract_config, message_handlert &message_handler, const std::set< std::string > &to_exclude_from_nondet_static)
Class constructor.
Definition: dfcc.cpp:141

dfcct::link_model_and_load_dfcc_library
void link_model_and_load_dfcc_library()
Definition: dfcc.cpp:283

dfcct::swap_and_wrap
dfcc_swap_and_wrapt swap_and_wrap
Definition: dfcc.h:187

dfcct::memory_predicates
dfcc_lift_memory_predicatest memory_predicates
Definition: dfcc.h:185

dfcct::wrap_checked_function
void wrap_checked_function()
Definition: dfcc.cpp:330

dfcct::lift_memory_predicates
void lift_memory_predicates()
Definition: dfcc.cpp:318

dfcct::log
messaget log
Definition: dfcc.h:176

dfcct::to_check
const std::optional< std::pair< irep_idt, irep_idt > > & to_check
Definition: dfcc.h:170

dfcct::check_transform_goto_model_preconditions
void check_transform_goto_model_preconditions()
Checks preconditions on arguments of transform_goto_model.
Definition: dfcc.cpp:192

dfcct::max_assigns_clause_size
std::size_t max_assigns_clause_size
Tracks the maximum number of targets in any assigns clause handled in the transformation (used to spe...
Definition: dfcc.h:191

dfcct::transform_goto_model
void transform_goto_model()
Applies function contracts and loop contracts transformation to GOTO model using the dynamic frame co...
Definition: dfcc.cpp:466

dfcct::instrument
dfcc_instrumentt instrument
Definition: dfcc.h:184

dfcct::library
dfcc_libraryt library
Definition: dfcc.h:180

dfcct::wrap_replaced_functions
void wrap_replaced_functions()
Definition: dfcc.cpp:359

dfcct::message_handler
message_handlert & message_handler
Definition: dfcc.h:175

dfcct::harness_id
const irep_idt & harness_id
Definition: dfcc.h:169

dfcct::contract_clauses_codegen
dfcc_contract_clauses_codegent contract_clauses_codegen
Definition: dfcc.h:183

dfcct::allow_recursive_calls
const bool allow_recursive_calls
Definition: dfcc.h:171

dfcct::other_symbols
std::set< irep_idt > other_symbols
Definition: dfcc.h:195

dfcct::contract_handler
dfcc_contract_handlert contract_handler
Definition: dfcc.h:186

dfcct::to_replace
const std::map< irep_idt, irep_idt > & to_replace
Definition: dfcc.h:172

dfcct::partition_function_symbols
void partition_function_symbols(std::set< irep_idt > &pure_contract_symbols, std::set< irep_idt > &other_symbols)
Partitions the function symbols of the symbol table into pure contracts and other function symbols sy...
Definition: dfcc.cpp:256

dfcct::wrap_discovered_function_pointer_contracts
void wrap_discovered_function_pointer_contracts()
Definition: dfcc.cpp:376

dfcct::ns
namespacet ns
Definition: dfcc.h:181

dstringt
dstringt has one field, an unsigned integer no which is an index into a static table of strings.
Definition: dstring.h:38

goto_modelt
Definition: goto_model.h:27

invalid_function_contract_pair_exceptiont
Exception thrown for bad function/contract specification pairs passed on the CLI.
Definition: dfcc.h:73

invalid_function_contract_pair_exceptiont::invalid_function_contract_pair_exceptiont
invalid_function_contract_pair_exceptiont(std::string reason, std::string correct_format="")
Definition: dfcc.cpp:50

invalid_function_contract_pair_exceptiont::what
std::string what() const override
A human readable description of what went wrong.
Definition: dfcc.cpp:58

invalid_function_contract_pair_exceptiont::correct_format
std::string correct_format
Definition: dfcc.h:81

message_handlert
Definition: message.h:27

messaget
Class that provides messages with a built-in verbosity 'level'.
Definition: message.h:154

namespacet
A namespacet is essentially one or two symbol tables bound together, to allow for symbol lookups in t...
Definition: namespace.h:94

optionst
Definition: options.h:23

symbolt
Symbol table entry.
Definition: symbol.h:28

dfcc_contract_clauses_codegen.h
Translates assigns and frees clauses of a function contract or loop contract into goto programs that ...

dfcc_contract_handler.h
Specialisation of dfcc_contract_handlert for contracts.

dfcc_instrument.h
Add instrumentation to a goto program to perform frame condition checks.

dfcc_library.h
Dynamic frame condition checking library loading.

dfcc_lift_memory_predicates.h
Collects all user-defined predicates that call functions is_fresh, pointer_in_range,...

dfcc_spec_functions.h
Translate functions that specify assignable and freeable targets declaratively into active functions ...

dfcc_swap_and_wrap.h
Given a function_id and contract_id, swaps its body to a function with a fresh mangled name,...

exception_utils.h

dfcc
void dfcc(const optionst &options, goto_modelt &goto_model, const irep_idt &harness_id, const std::optional< irep_idt > &to_check, const bool allow_recursive_calls, const std::set< irep_idt > &to_replace, const loop_contract_configt loop_contract_config, const std::set< std::string > &to_exclude_from_nondet_static, message_handlert &message_handler)
Applies function contracts transformation to GOTO model, using the dynamic frame condition checking a...
Definition: dfcc.cpp:113

irep.h

message.h

loop_contract_configt
Loop contract configurations.
Definition: loop_contract_config.h:19