cbmc/dfcc__contract__functions_8cpp_source.html

/*******************************************************************\


Module: Dynamic frame condition checking for function contracts


Author: Remi Delmas, delmasrd@amazon.com

Date: August 2022


\*******************************************************************/

#include "dfcc_contract_functions.h"


#include <util/expr_util.h>

#include <util/fresh_symbol.h>

#include <util/invariant.h>

#include <util/mathematical_expr.h>

#include <util/namespace.h>

#include <util/pointer_offset_size.h>

#include <util/std_expr.h>


#include <goto-programs/goto_model.h>


#include <ansi-c/c_expr.h>

#include <goto-instrument/contracts/utils.h>

#include <langapi/language_util.h>


#include "dfcc_contract_clauses_codegen.h"

#include "dfcc_instrument.h"

#include "dfcc_library.h"

#include "dfcc_spec_functions.h"


dfcc_contract_functionst::dfcc_contract_functionst(

  const symbolt &pure_contract_symbol,

  goto_modelt &goto_model,

  message_handlert &message_handler,

  dfcc_libraryt &library,

  dfcc_spec_functionst &spec_functions,

  dfcc_contract_clauses_codegent &contract_clauses_codegen,

  dfcc_instrumentt &instrument)

  : pure_contract_symbol(pure_contract_symbol),

    code_with_contract(to_code_with_contract_type(pure_contract_symbol.type)),

    spec_assigns_function_id(

      id2string(pure_contract_symbol.name) + "::assigns"),

    spec_assigns_havoc_function_id(

      id2string(pure_contract_symbol.name) + "::assigns::havoc"),

    spec_frees_function_id(id2string(pure_contract_symbol.name) + "::frees"),

    language_mode(pure_contract_symbol.mode),

    goto_model(goto_model),

    message_handler(message_handler),

    log(message_handler),

    library(library),

    spec_functions(spec_functions),

    contract_clauses_codegen(contract_clauses_codegen),

    instrument(instrument),

    ns(goto_model.symbol_table)

{

  gen_spec_assigns_function();


  spec_functions.generate_havoc_function(

    spec_assigns_function_id,

    spec_assigns_havoc_function_id,

    nof_assigns_targets);


  spec_functions.to_spec_assigns_function(

    spec_assigns_function_id, nof_assigns_targets);


  gen_spec_frees_function();


  spec_functions.to_spec_frees_function(

    spec_frees_function_id, nof_frees_targets);


  instrument_without_loop_contracts_check_no_pointer_contracts(

    spec_assigns_function_id);


  instrument_without_loop_contracts_check_no_pointer_contracts(

    spec_frees_function_id);

}

dfcc_contract_functionst::dfcc_contract_functionst( {…}


void dfcc_contract_functionst::

  instrument_without_loop_contracts_check_no_pointer_contracts(

    const irep_idt &spec_function_id)

{

  std::set<irep_idt> function_pointer_contracts;

  instrument.instrument_function(

    spec_function_id, loop_contract_configt{false}, function_pointer_contracts);


  INVARIANT(

    function_pointer_contracts.empty(),

    id2string(spec_function_id) + " shall not contain calls to " CPROVER_PREFIX

                                  "obeys_contract");

}

void dfcc_contract_functionst:: {…}


const symbolt &


dfcc_contract_functionst::get_spec_assigns_function_symbol() const

{

  return ns.lookup(spec_assigns_function_id);

}

dfcc_contract_functionst::get_spec_assigns_function_symbol() const {…}


const symbolt &


dfcc_contract_functionst::get_spec_assigns_havoc_function_symbol() const

{

  return ns.lookup(spec_assigns_havoc_function_id);

}

dfcc_contract_functionst::get_spec_assigns_havoc_function_symbol() const {…}


const symbolt &dfcc_contract_functionst::get_spec_frees_function_symbol() const

{

  return ns.lookup(spec_frees_function_id);

}

const symbolt &dfcc_contract_functionst::get_spec_frees_function_symbol() const {…}


const std::size_t dfcc_contract_functionst::get_nof_assigns_targets() const

{

  return nof_assigns_targets;

}

const std::size_t dfcc_contract_functionst::get_nof_assigns_targets() const {…}


const std::size_t dfcc_contract_functionst::get_nof_frees_targets() const

{

  return nof_frees_targets;

}

const std::size_t dfcc_contract_functionst::get_nof_frees_targets() const {…}


void dfcc_contract_functionst::gen_spec_assigns_function()

{

  const auto &spec_function_symbol = dfcc_utilst::clone_and_rename_function(

    goto_model,

    pure_contract_symbol.name,

    spec_assigns_function_id,

    empty_typet());


  const auto &spec_function_id = spec_function_symbol.name;


  auto &spec_code_type = to_code_type(spec_function_symbol.type);


  exprt::operandst lambda_parameters;


  if(code_with_contract.return_type().id() != ID_empty)

  {

    // use a dummy symbol for __CPROVER_return_value

    // which does occur in the assigns clause anyway

    lambda_parameters.push_back(

      symbol_exprt("dummy_return_value", code_with_contract.return_type()));

  }


  for(const auto &param_id : spec_code_type.parameter_identifiers())

  {

    lambda_parameters.push_back(ns.lookup(param_id).symbol_expr());

  }


  // fetch the goto_function to add instructions to

  goto_functiont &goto_function =

    goto_model.goto_functions.function_map.at(spec_function_id);


  exprt::operandst targets;


  for(const exprt &target : code_with_contract.c_assigns())

  {

    auto new_target = to_lambda_expr(target).application(lambda_parameters);

    new_target.add_source_location() = target.source_location();

    targets.push_back(new_target);

  }


  goto_programt &body = goto_function.body;

  contract_clauses_codegen.gen_spec_assigns_instructions(

    spec_function_symbol.mode, targets, body);

  body.add(goto_programt::make_end_function(spec_function_symbol.location));


  goto_model.goto_functions.update();

}

void dfcc_contract_functionst::gen_spec_assigns_function() {…}


void dfcc_contract_functionst::gen_spec_frees_function()

{

  // fetch pure contract symbol

  const auto &code_with_contract =

    to_code_with_contract_type(pure_contract_symbol.type);


  auto &spec_function_symbol = dfcc_utilst::clone_and_rename_function(

    goto_model,

    pure_contract_symbol.name,

    spec_frees_function_id,

    empty_typet());


  const auto &spec_function_id = spec_function_symbol.name;


  auto &spec_code_type = to_code_type(spec_function_symbol.type);


  exprt::operandst lambda_parameters;


  if(code_with_contract.return_type().id() != ID_empty)

  {

    // use a dummy symbol for __CPROVER_return_value

    // which does occur in the assigns clause anyway

    symbolt dummy;

    dummy.name = "dummy_return_value";

    dummy.type = code_with_contract.return_type();

    lambda_parameters.push_back(dummy.symbol_expr());

  }


  for(const auto &param_id : spec_code_type.parameter_identifiers())

  {

    lambda_parameters.push_back(ns.lookup(param_id).symbol_expr());

  }


  // fetch the goto_function to add instructions to

  goto_functiont &goto_function =

    goto_model.goto_functions.function_map.at(spec_function_id);


  exprt::operandst targets;


  for(const exprt &target : code_with_contract.c_frees())

  {

    auto new_target = to_lambda_expr(target).application(lambda_parameters);

    new_target.add_source_location() = target.source_location();

    targets.push_back(new_target);

  }


  goto_programt &body = goto_function.body;

  contract_clauses_codegen.gen_spec_frees_instructions(

    spec_function_symbol.mode, targets, body);

  body.add(goto_programt::make_end_function(spec_function_symbol.location));


  goto_model.goto_functions.update();

}

void dfcc_contract_functionst::gen_spec_frees_function() {…}

c_expr.h
API to expression classes that are internal to the C frontend.

to_code_with_contract_type
const code_with_contract_typet & to_code_with_contract_type(const typet &type)
Cast a typet to a code_with_contract_typet.
Definition c_types.h:467

ait
ait supplies three of the four components needed: an abstract interpreter (in this case handling func...
Definition ai.h:562

dfcc_contract_clauses_codegent
Translates assigns and frees clauses of a function contract or loop contract into GOTO programs that ...
Definition dfcc_contract_clauses_codegen.h:36

dfcc_contract_clauses_codegent::gen_spec_assigns_instructions
void gen_spec_assigns_instructions(const irep_idt &language_mode, const exprt::operandst &assigns_clause, goto_programt &dest)
Generates instructions encoding the assigns_clause targets and adds them to dest.
Definition dfcc_contract_clauses_codegen.cpp:43

dfcc_contract_clauses_codegent::gen_spec_frees_instructions
void gen_spec_frees_instructions(const irep_idt &language_mode, const exprt::operandst &frees_clause, goto_programt &dest)
Generates instructions encoding the frees_clause targets and adds them to dest.
Definition dfcc_contract_clauses_codegen.cpp:71

dfcc_contract_functionst::gen_spec_frees_function
void gen_spec_frees_function()
Translates the contract's frees clause to a GOTO function that uses the freeable built-in to express ...
Definition dfcc_contract_functions.cpp:166

dfcc_contract_functionst::nof_assigns_targets
std::size_t nof_assigns_targets
Definition dfcc_contract_functions.h:130

dfcc_contract_functionst::spec_assigns_havoc_function_id
const irep_idt spec_assigns_havoc_function_id
Identifier of the contract::c_assigns::havoc function.
Definition dfcc_contract_functions.h:113

dfcc_contract_functionst::ns
namespacet ns
Definition dfcc_contract_functions.h:129

dfcc_contract_functionst::instrument
dfcc_instrumentt & instrument
Definition dfcc_contract_functions.h:128

dfcc_contract_functionst::code_with_contract
const code_with_contract_typet & code_with_contract
The code_with_contract_type carrying the contract clauses.
Definition dfcc_contract_functions.h:107

dfcc_contract_functionst::get_spec_frees_function_symbol
const symbolt & get_spec_frees_function_symbol() const
Returns the contract::frees function symbol.
Definition dfcc_contract_functions.cpp:103

dfcc_contract_functionst::goto_model
goto_modelt & goto_model
Definition dfcc_contract_functions.h:122

dfcc_contract_functionst::nof_frees_targets
std::size_t nof_frees_targets
Definition dfcc_contract_functions.h:131

dfcc_contract_functionst::contract_clauses_codegen
dfcc_contract_clauses_codegent & contract_clauses_codegen
Definition dfcc_contract_functions.h:127

dfcc_contract_functionst::spec_assigns_function_id
const irep_idt spec_assigns_function_id
Identifier of the contract::c_assigns function.
Definition dfcc_contract_functions.h:110

dfcc_contract_functionst::instrument_without_loop_contracts_check_no_pointer_contracts
void instrument_without_loop_contracts_check_no_pointer_contracts(const irep_idt &spec_function_id)
Instruments the given function without loop contracts and checks that no function pointer contracts w...
Definition dfcc_contract_functions.cpp:78

dfcc_contract_functionst::dfcc_contract_functionst
dfcc_contract_functionst(const symbolt &pure_contract_symbol, goto_modelt &goto_model, message_handlert &message_handler, dfcc_libraryt &library, dfcc_spec_functionst &spec_functions, dfcc_contract_clauses_codegent &contract_clauses_codegen, dfcc_instrumentt &instrument)
Definition dfcc_contract_functions.cpp:30

dfcc_contract_functionst::get_spec_assigns_function_symbol
const symbolt & get_spec_assigns_function_symbol() const
Returns the contract::c_assigns function symbol.
Definition dfcc_contract_functions.cpp:92

dfcc_contract_functionst::pure_contract_symbol
const symbolt & pure_contract_symbol
The function symbol carrying the contract.
Definition dfcc_contract_functions.h:104

dfcc_contract_functionst::get_nof_assigns_targets
const std::size_t get_nof_assigns_targets() const
Returns the maximum number of targets in the assigns clause.
Definition dfcc_contract_functions.cpp:108

dfcc_contract_functionst::get_spec_assigns_havoc_function_symbol
const symbolt & get_spec_assigns_havoc_function_symbol() const
Returns the contract::c_assigns::havoc function symbol.
Definition dfcc_contract_functions.cpp:98

dfcc_contract_functionst::gen_spec_assigns_function
void gen_spec_assigns_function()
Translates the contract's assigns clause to a GOTO function that uses the assignable,...
Definition dfcc_contract_functions.cpp:118

dfcc_contract_functionst::spec_frees_function_id
const irep_idt spec_frees_function_id
Identifier of the contract::frees function.
Definition dfcc_contract_functions.h:116

dfcc_contract_functionst::spec_functions
dfcc_spec_functionst & spec_functions
Definition dfcc_contract_functions.h:126

dfcc_contract_functionst::get_nof_frees_targets
const std::size_t get_nof_frees_targets() const
Returns the maximum number of targets in the frees clause.
Definition dfcc_contract_functions.cpp:113

dfcc_instrumentt
This class instruments GOTO functions or instruction sequences for frame condition checking and loop ...
Definition dfcc_instrument.h:44

dfcc_instrumentt::instrument_function
void instrument_function(const irep_idt &function_id, const loop_contract_configt &loop_contract_config, std::set< irep_idt > &function_pointer_contracts)
Instruments a GOTO function by adding an extra write set parameter and instrumenting its body instruc...
Definition dfcc_instrument.cpp:318

dfcc_libraryt
Class interface to library types and functions defined in cprover_contracts.c.
Definition dfcc_library.h:164

dfcc_spec_functionst
This class rewrites GOTO functions that use the built-ins:
Definition dfcc_spec_functions.h:57

dfcc_spec_functionst::to_spec_assigns_function
void to_spec_assigns_function(const irep_idt &function_id, std::size_t &nof_targets)
Transforms (in place) a function.
Definition dfcc_spec_functions.cpp:278

dfcc_spec_functionst::generate_havoc_function
void generate_havoc_function(const irep_idt &function_id, const irep_idt &havoc_function_id, std::size_t &nof_targets)
Generates the havoc function for a function contract.
Definition dfcc_spec_functions.cpp:43

dfcc_spec_functionst::to_spec_frees_function
void to_spec_frees_function(const irep_idt &function_id, std::size_t &nof_targets)
Transforms (in place) a function.
Definition dfcc_spec_functions.cpp:361

dstringt
dstringt has one field, an unsigned integer no which is an index into a static table of strings.
Definition dstring.h:38

empty_typet
The empty type.
Definition std_types.h:51

exprt
Base class for all expressions.
Definition expr.h:56

exprt::operandst
std::vector< exprt > operandst
Definition expr.h:58

goto_functionst::function_map
function_mapt function_map
Definition goto_functions.h:29

goto_functionst::update
void update()
Definition goto_functions.h:88

goto_functiont
A goto function, consisting of function body (see body) and parameter identifiers (see parameter_iden...
Definition goto_function.h:24

goto_functiont::body
goto_programt body
Definition goto_function.h:26

goto_modelt
Definition goto_model.h:27

goto_modelt::goto_functions
goto_functionst goto_functions
GOTO functions.
Definition goto_model.h:34

goto_programt
A generic container class for the GOTO intermediate representation of one function.
Definition goto_program.h:73

goto_programt::make_end_function
static instructiont make_end_function(const source_locationt &l=source_locationt::nil())
Definition goto_program.h:1001

goto_programt::add
targett add(instructiont &&instruction)
Adds a given instruction at the end.
Definition goto_program.h:739

message_handlert
Definition message.h:27

namespacet::lookup
bool lookup(const irep_idt &name, const symbolt *&symbol) const override
See documentation for namespace_baset::lookup().
Definition namespace.cpp:134

symbol_exprt
Expression to hold a symbol (variable)
Definition std_expr.h:131

symbolt
Symbol table entry.
Definition symbol.h:28

symbolt::symbol_expr
class symbol_exprt symbol_expr() const
Produces a symbol_exprt for a symbol.
Definition symbol.cpp:121

symbolt::type
typet type
Type of symbol.
Definition symbol.h:31

symbolt::name
irep_idt name
The unique identifier.
Definition symbol.h:40

CPROVER_PREFIX
#define CPROVER_PREFIX
Definition cprover_prefix.h:14

dfcc_contract_clauses_codegen.h
Translates assigns and frees clauses of a function contract or loop contract into goto programs that ...

dfcc_contract_functions.h
Translates assigns and frees clauses of a function contract into goto functions that allow to build a...

dfcc_instrument.h
Add instrumentation to a goto program to perform frame condition checks.

dfcc_library.h
Dynamic frame condition checking library loading.

dfcc_spec_functions.h
Translate functions that specify assignable and freeable targets declaratively into active functions ...

expr_util.h
Deprecated expression utility functions.

fresh_symbol.h
Fresh auxiliary symbol creation.

goto_model.h
Symbol Table + CFG.

id2string
const std::string & id2string(const irep_idt &d)
Definition irep.h:44

language_util.h

log
double log(double x)
Definition math.c:2449

mathematical_expr.h
API to expression classes for 'mathematical' expressions.

to_lambda_expr
const lambda_exprt & to_lambda_expr(const exprt &expr)
Cast an exprt to a lambda_exprt.
Definition mathematical_expr.h:477

namespace.h

pointer_offset_size.h
Pointer Logic.

invariant.h

INVARIANT
#define INVARIANT(CONDITION, REASON)
This macro uses the wrapper function 'invariant_violated_string'.
Definition invariant.h:423

std_expr.h
API to expression classes.

to_code_type
const code_typet & to_code_type(const typet &type)
Cast a typet to a code_typet.
Definition std_types.h:788

dfcc_utilst::clone_and_rename_function
static const symbolt & clone_and_rename_function(goto_modelt &goto_model, const irep_idt &function_id, const irep_idt &new_function_id, std::optional< typet > new_return_type)
Creates a new function symbol and goto_function entry in the goto_functions_map by cloning the given ...
Definition dfcc_utils.cpp:300

loop_contract_configt
Loop contract configurations.
Definition loop_contract_config.h:19

utils.h