cbmc/dfcc__contract__functions_8cpp_source.html

 /*******************************************************************\


 Module: Dynamic frame condition checking for function contracts


 Author: Remi Delmas, delmasrd@amazon.com

 Date: August 2022


 \*******************************************************************/

 #include "dfcc_contract_functions.h"


 #include <util/expr_util.h>

 #include <util/fresh_symbol.h>

 #include <util/invariant.h>

 #include <util/mathematical_expr.h>

 #include <util/namespace.h>

 #include <util/pointer_offset_size.h>

 #include <util/std_expr.h>


 #include <goto-programs/goto_model.h>


 #include <ansi-c/c_expr.h>

 #include <goto-instrument/contracts/utils.h>

 #include <langapi/language_util.h>


 #include "dfcc_contract_clauses_codegen.h"

 #include "dfcc_instrument.h"

 #include "dfcc_library.h"

 #include "dfcc_spec_functions.h"


 dfcc_contract_functionst::dfcc_contract_functionst(

   const symbolt &pure_contract_symbol,

   goto_modelt &goto_model,

   message_handlert &message_handler,

   dfcc_libraryt &library,

   dfcc_spec_functionst &spec_functions,

   dfcc_contract_clauses_codegent &contract_clauses_codegen,

   dfcc_instrumentt &instrument)

   : pure_contract_symbol(pure_contract_symbol),

     code_with_contract(to_code_with_contract_type(pure_contract_symbol.type)),

     spec_assigns_function_id(

       id2string(pure_contract_symbol.name) + "::assigns"),

     spec_assigns_havoc_function_id(

       id2string(pure_contract_symbol.name) + "::assigns::havoc"),

     spec_frees_function_id(id2string(pure_contract_symbol.name) + "::frees"),

     language_mode(pure_contract_symbol.mode),

     goto_model(goto_model),

     message_handler(message_handler),

     log(message_handler),

     library(library),

     spec_functions(spec_functions),

     contract_clauses_codegen(contract_clauses_codegen),

     instrument(instrument),

     ns(goto_model.symbol_table)

 {

   gen_spec_assigns_function();


   spec_functions.generate_havoc_function(

     spec_assigns_function_id,

     spec_assigns_havoc_function_id,

     nof_assigns_targets);


   spec_functions.to_spec_assigns_function(

     spec_assigns_function_id, nof_assigns_targets);


   gen_spec_frees_function();


   spec_functions.to_spec_frees_function(

     spec_frees_function_id, nof_frees_targets);


   instrument_without_loop_contracts_check_no_pointer_contracts(

     spec_assigns_function_id);


   instrument_without_loop_contracts_check_no_pointer_contracts(

     spec_frees_function_id);

 }


 void dfcc_contract_functionst::

   instrument_without_loop_contracts_check_no_pointer_contracts(

     const irep_idt &spec_function_id)

 {

   std::set<irep_idt> function_pointer_contracts;

   instrument.instrument_function(

     spec_function_id, loop_contract_configt{false}, function_pointer_contracts);


   INVARIANT(

     function_pointer_contracts.empty(),

     id2string(spec_function_id) + " shall not contain calls to " CPROVER_PREFIX

                                   "obeys_contract");

 }


 const symbolt &

 dfcc_contract_functionst::get_spec_assigns_function_symbol() const

 {

   return ns.lookup(spec_assigns_function_id);

 }


 const symbolt &

 dfcc_contract_functionst::get_spec_assigns_havoc_function_symbol() const

 {

   return ns.lookup(spec_assigns_havoc_function_id);

 }


 const symbolt &dfcc_contract_functionst::get_spec_frees_function_symbol() const

 {

   return ns.lookup(spec_frees_function_id);

 }


 const std::size_t dfcc_contract_functionst::get_nof_assigns_targets() const

 {

   return nof_assigns_targets;

 }


 const std::size_t dfcc_contract_functionst::get_nof_frees_targets() const

 {

   return nof_frees_targets;

 }


 void dfcc_contract_functionst::gen_spec_assigns_function()

 {

   const auto &spec_function_symbol = dfcc_utilst::clone_and_rename_function(

     goto_model,

     pure_contract_symbol.name,

     spec_assigns_function_id,

     empty_typet());


   const auto &spec_function_id = spec_function_symbol.name;


   auto &spec_code_type = to_code_type(spec_function_symbol.type);


   exprt::operandst lambda_parameters;


   if(code_with_contract.return_type().id() != ID_empty)

   {

     // use a dummy symbol for __CPROVER_return_value

     // which does occur in the assigns clause anyway

     lambda_parameters.push_back(

       symbol_exprt("dummy_return_value", code_with_contract.return_type()));

   }


   for(const auto &param_id : spec_code_type.parameter_identifiers())

   {

     lambda_parameters.push_back(ns.lookup(param_id).symbol_expr());

   }


   // fetch the goto_function to add instructions to

   goto_functiont &goto_function =

     goto_model.goto_functions.function_map.at(spec_function_id);


   exprt::operandst targets;


   for(const exprt &target : code_with_contract.c_assigns())

   {

     auto new_target = to_lambda_expr(target).application(lambda_parameters);

     new_target.add_source_location() = target.source_location();

     targets.push_back(new_target);

   }


   goto_programt &body = goto_function.body;

   contract_clauses_codegen.gen_spec_assigns_instructions(

     spec_function_symbol.mode, targets, body);

   body.add(goto_programt::make_end_function(spec_function_symbol.location));


   goto_model.goto_functions.update();

 }


 void dfcc_contract_functionst::gen_spec_frees_function()

 {

   // fetch pure contract symbol

   const auto &code_with_contract =

     to_code_with_contract_type(pure_contract_symbol.type);


   auto &spec_function_symbol = dfcc_utilst::clone_and_rename_function(

     goto_model,

     pure_contract_symbol.name,

     spec_frees_function_id,

     empty_typet());


   const auto &spec_function_id = spec_function_symbol.name;


   auto &spec_code_type = to_code_type(spec_function_symbol.type);


   exprt::operandst lambda_parameters;


   if(code_with_contract.return_type().id() != ID_empty)

   {

     // use a dummy symbol for __CPROVER_return_value

     // which does occur in the assigns clause anyway

     symbolt dummy;

     dummy.name = "dummy_return_value";

     dummy.type = code_with_contract.return_type();

     lambda_parameters.push_back(dummy.symbol_expr());

   }


   for(const auto &param_id : spec_code_type.parameter_identifiers())

   {

     lambda_parameters.push_back(ns.lookup(param_id).symbol_expr());

   }


   // fetch the goto_function to add instructions to

   goto_functiont &goto_function =

     goto_model.goto_functions.function_map.at(spec_function_id);


   exprt::operandst targets;


   for(const exprt &target : code_with_contract.c_frees())

   {

     auto new_target = to_lambda_expr(target).application(lambda_parameters);

     new_target.add_source_location() = target.source_location();

     targets.push_back(new_target);

   }


   goto_programt &body = goto_function.body;

   contract_clauses_codegen.gen_spec_frees_instructions(

     spec_function_symbol.mode, targets, body);

   body.add(goto_programt::make_end_function(spec_function_symbol.location));


   goto_model.goto_functions.update();

 }

c_expr.h
API to expression classes that are internal to the C frontend.

to_code_with_contract_type
const code_with_contract_typet & to_code_with_contract_type(const typet &type)
Cast a typet to a code_with_contract_typet.
Definition: c_types.h:467

code_typet::return_type
const typet & return_type() const
Definition: std_types.h:689

code_with_contract_typet::c_assigns
const exprt::operandst & c_assigns() const
Definition: c_types.h:408

code_with_contract_typet::c_frees
const exprt::operandst & c_frees() const
Definition: c_types.h:418

dfcc_contract_clauses_codegent
Translates assigns and frees clauses of a function contract or loop contract into GOTO programs that ...
Definition: dfcc_contract_clauses_codegen.h:36

dfcc_contract_clauses_codegent::gen_spec_assigns_instructions
void gen_spec_assigns_instructions(const irep_idt &language_mode, const exprt::operandst &assigns_clause, goto_programt &dest)
Generates instructions encoding the assigns_clause targets and adds them to dest.
Definition: dfcc_contract_clauses_codegen.cpp:43

dfcc_contract_clauses_codegent::gen_spec_frees_instructions
void gen_spec_frees_instructions(const irep_idt &language_mode, const exprt::operandst &frees_clause, goto_programt &dest)
Generates instructions encoding the frees_clause targets and adds them to dest.
Definition: dfcc_contract_clauses_codegen.cpp:71

dfcc_contract_functionst::gen_spec_frees_function
void gen_spec_frees_function()
Translates the contract's frees clause to a GOTO function that uses the freeable built-in to express ...
Definition: dfcc_contract_functions.cpp:166

dfcc_contract_functionst::nof_assigns_targets
std::size_t nof_assigns_targets
Definition: dfcc_contract_functions.h:130

dfcc_contract_functionst::spec_assigns_havoc_function_id
const irep_idt spec_assigns_havoc_function_id
Identifier of the contract::c_assigns::havoc function.
Definition: dfcc_contract_functions.h:113

dfcc_contract_functionst::ns
namespacet ns
Definition: dfcc_contract_functions.h:129

dfcc_contract_functionst::instrument
dfcc_instrumentt & instrument
Definition: dfcc_contract_functions.h:128

dfcc_contract_functionst::code_with_contract
const code_with_contract_typet & code_with_contract
The code_with_contract_type carrying the contract clauses.
Definition: dfcc_contract_functions.h:107

dfcc_contract_functionst::get_spec_frees_function_symbol
const symbolt & get_spec_frees_function_symbol() const
Returns the contract::frees function symbol.
Definition: dfcc_contract_functions.cpp:103

dfcc_contract_functionst::goto_model
goto_modelt & goto_model
Definition: dfcc_contract_functions.h:122

dfcc_contract_functionst::nof_frees_targets
std::size_t nof_frees_targets
Definition: dfcc_contract_functions.h:131

dfcc_contract_functionst::contract_clauses_codegen
dfcc_contract_clauses_codegent & contract_clauses_codegen
Definition: dfcc_contract_functions.h:127

dfcc_contract_functionst::spec_assigns_function_id
const irep_idt spec_assigns_function_id
Identifier of the contract::c_assigns function.
Definition: dfcc_contract_functions.h:110

dfcc_contract_functionst::instrument_without_loop_contracts_check_no_pointer_contracts
void instrument_without_loop_contracts_check_no_pointer_contracts(const irep_idt &spec_function_id)
Instruments the given function without loop contracts and checks that no function pointer contracts w...
Definition: dfcc_contract_functions.cpp:78

dfcc_contract_functionst::dfcc_contract_functionst
dfcc_contract_functionst(const symbolt &pure_contract_symbol, goto_modelt &goto_model, message_handlert &message_handler, dfcc_libraryt &library, dfcc_spec_functionst &spec_functions, dfcc_contract_clauses_codegent &contract_clauses_codegen, dfcc_instrumentt &instrument)
Definition: dfcc_contract_functions.cpp:30

dfcc_contract_functionst::get_spec_assigns_function_symbol
const symbolt & get_spec_assigns_function_symbol() const
Returns the contract::c_assigns function symbol.
Definition: dfcc_contract_functions.cpp:92

dfcc_contract_functionst::pure_contract_symbol
const symbolt & pure_contract_symbol
The function symbol carrying the contract.
Definition: dfcc_contract_functions.h:104

dfcc_contract_functionst::get_nof_assigns_targets
const std::size_t get_nof_assigns_targets() const
Returns the maximum number of targets in the assigns clause.
Definition: dfcc_contract_functions.cpp:108

dfcc_contract_functionst::get_spec_assigns_havoc_function_symbol
const symbolt & get_spec_assigns_havoc_function_symbol() const
Returns the contract::c_assigns::havoc function symbol.
Definition: dfcc_contract_functions.cpp:98

dfcc_contract_functionst::gen_spec_assigns_function
void gen_spec_assigns_function()
Translates the contract's assigns clause to a GOTO function that uses the assignable,...
Definition: dfcc_contract_functions.cpp:118

dfcc_contract_functionst::spec_frees_function_id
const irep_idt spec_frees_function_id
Identifier of the contract::frees function.
Definition: dfcc_contract_functions.h:116

dfcc_contract_functionst::spec_functions
dfcc_spec_functionst & spec_functions
Definition: dfcc_contract_functions.h:126

dfcc_contract_functionst::get_nof_frees_targets
const std::size_t get_nof_frees_targets() const
Returns the maximum number of targets in the frees clause.
Definition: dfcc_contract_functions.cpp:113

dfcc_instrumentt
This class instruments GOTO functions or instruction sequences for frame condition checking and loop ...
Definition: dfcc_instrument.h:44

dfcc_instrumentt::instrument_function
void instrument_function(const irep_idt &function_id, const loop_contract_configt &loop_contract_config, std::set< irep_idt > &function_pointer_contracts)
Instruments a GOTO function by adding an extra write set parameter and instrumenting its body instruc...
Definition: dfcc_instrument.cpp:317

dfcc_libraryt
Class interface to library types and functions defined in cprover_contracts.c.
Definition: dfcc_library.h:154

dfcc_spec_functionst
This class rewrites GOTO functions that use the built-ins:
Definition: dfcc_spec_functions.h:44

dfcc_spec_functionst::to_spec_assigns_function
void to_spec_assigns_function(const irep_idt &function_id, std::size_t &nof_targets)
Transforms (in place) a function.
Definition: dfcc_spec_functions.cpp:246

dfcc_spec_functionst::generate_havoc_function
void generate_havoc_function(const irep_idt &function_id, const irep_idt &havoc_function_id, std::size_t &nof_targets)
From a function:
Definition: dfcc_spec_functions.cpp:43

dfcc_spec_functionst::to_spec_frees_function
void to_spec_frees_function(const irep_idt &function_id, std::size_t &nof_targets)
Transforms (in place) a function.
Definition: dfcc_spec_functions.cpp:329

dstringt
dstringt has one field, an unsigned integer no which is an index into a static table of strings.
Definition: dstring.h:38

empty_typet
The empty type.
Definition: std_types.h:51

exprt
Base class for all expressions.
Definition: expr.h:56

exprt::operandst
std::vector< exprt > operandst
Definition: expr.h:58

exprt::add_source_location
source_locationt & add_source_location()
Definition: expr.h:236

goto_functionst::function_map
function_mapt function_map
Definition: goto_functions.h:29

goto_functionst::update
void update()
Definition: goto_functions.h:88

goto_functiont
A goto function, consisting of function body (see body) and parameter identifiers (see parameter_iden...
Definition: goto_function.h:24

goto_functiont::body
goto_programt body
Definition: goto_function.h:26

goto_modelt
Definition: goto_model.h:27

goto_modelt::goto_functions
goto_functionst goto_functions
GOTO functions.
Definition: goto_model.h:34

goto_programt
A generic container class for the GOTO intermediate representation of one function.
Definition: goto_program.h:73

goto_programt::make_end_function
static instructiont make_end_function(const source_locationt &l=source_locationt::nil())
Definition: goto_program.h:1001

goto_programt::add
targett add(instructiont &&instruction)
Adds a given instruction at the end.
Definition: goto_program.h:739

irept::id
const irep_idt & id() const
Definition: irep.h:388

lambda_exprt::application
exprt application(const operandst &arguments) const
Definition: mathematical_expr.h:454

message_handlert
Definition: message.h:27

namespacet::lookup
bool lookup(const irep_idt &name, const symbolt *&symbol) const override
See documentation for namespace_baset::lookup().
Definition: namespace.cpp:148

symbol_exprt
Expression to hold a symbol (variable)
Definition: std_expr.h:131

symbolt
Symbol table entry.
Definition: symbol.h:28

symbolt::symbol_expr
class symbol_exprt symbol_expr() const
Produces a symbol_exprt for a symbol.
Definition: symbol.cpp:121

symbolt::type
typet type
Type of symbol.
Definition: symbol.h:31

symbolt::name
irep_idt name
The unique identifier.
Definition: symbol.h:40

CPROVER_PREFIX
#define CPROVER_PREFIX
Definition: cprover_prefix.h:14

dfcc_contract_clauses_codegen.h
Translates assigns and frees clauses of a function contract or loop contract into goto programs that ...

dfcc_contract_functions.h
Translates assigns and frees clauses of a function contract into goto functions that allow to build a...

dfcc_instrument.h
Add instrumentation to a goto program to perform frame condition checks.

dfcc_library.h
Dynamic frame condition checking library loading.

dfcc_spec_functions.h
Translate functions that specify assignable and freeable targets declaratively into active functions ...

expr_util.h
Deprecated expression utility functions.

fresh_symbol.h
Fresh auxiliary symbol creation.

goto_model.h
Symbol Table + CFG.

id2string
const std::string & id2string(const irep_idt &d)
Definition: irep.h:44

language_util.h

log
double log(double x)
Definition: math.c:2776

mathematical_expr.h
API to expression classes for 'mathematical' expressions.

to_lambda_expr
const lambda_exprt & to_lambda_expr(const exprt &expr)
Cast an exprt to a lambda_exprt.
Definition: mathematical_expr.h:477

namespace.h

pointer_offset_size.h
Pointer Logic.

invariant.h

std_expr.h
API to expression classes.

to_code_type
const code_typet & to_code_type(const typet &type)
Cast a typet to a code_typet.
Definition: std_types.h:788

dfcc_utilst::clone_and_rename_function
static const symbolt & clone_and_rename_function(goto_modelt &goto_model, const irep_idt &function_id, const irep_idt &new_function_id, std::optional< typet > new_return_type)
Creates a new function symbol and goto_function entry in the goto_functions_map by cloning the given ...
Definition: dfcc_utils.cpp:300

loop_contract_configt
Loop contract configurations.
Definition: loop_contract_config.h:19

utils.h

validation_modet::INVARIANT
@ INVARIANT