cbmc/dfcc__contract__handler_8cpp_source.html

/*******************************************************************\


Module: Dynamic frame condition checking for function contracts


Author: Remi Delmas, delmasrd@amazon.com

Date: August 2022


\*******************************************************************/


#include "dfcc_contract_handler.h"


#include <util/arith_tools.h>

#include <util/c_types.h>

#include <util/expr_util.h>

#include <util/format_type.h>

#include <util/fresh_symbol.h>

#include <util/invariant.h>

#include <util/mathematical_expr.h>

#include <util/namespace.h>

#include <util/pointer_offset_size.h>

#include <util/std_expr.h>


#include <goto-programs/goto_model.h>

#include <goto-programs/remove_function_pointers.h>


#include <ansi-c/c_expr.h>

#include <goto-instrument/contracts/utils.h>

#include <langapi/language_util.h>


#include "dfcc_instrument.h"

#include "dfcc_library.h"

#include "dfcc_spec_functions.h"

#include "dfcc_wrapper_program.h"


std::map<irep_idt, dfcc_contract_functionst>

  dfcc_contract_handlert::contract_cache;


dfcc_contract_handlert::dfcc_contract_handlert(

  goto_modelt &goto_model,

  message_handlert &message_handler,

  dfcc_libraryt &library,

  dfcc_instrumentt &instrument,

  dfcc_lift_memory_predicatest &memory_predicates,

  dfcc_spec_functionst &spec_functions,

  dfcc_contract_clauses_codegent &contract_clauses_codegen)

  : goto_model(goto_model),

    message_handler(message_handler),

    log(message_handler),

    library(library),

    instrument(instrument),

    memory_predicates(memory_predicates),

    spec_functions(spec_functions),

    contract_clauses_codegen(contract_clauses_codegen),

    ns(goto_model.symbol_table)

{

}


const dfcc_contract_functionst &


dfcc_contract_handlert::get_contract_functions(const irep_idt &contract_id)

{

  auto iter = dfcc_contract_handlert::contract_cache.find(contract_id);


  // return existing value

  if(iter != dfcc_contract_handlert::contract_cache.end())

    return iter->second;


  // insert new value

  return dfcc_contract_handlert::contract_cache

    .insert(

      {contract_id,

       dfcc_contract_functionst(

         get_pure_contract_symbol(contract_id),

         goto_model,

         message_handler,

         library,

         spec_functions,

         contract_clauses_codegen,

         instrument)})

    .first->second;

}


const std::size_t


dfcc_contract_handlert::get_assigns_clause_size(const irep_idt &contract_id)

{

  return get_contract_functions(contract_id).get_nof_assigns_targets();

}


void dfcc_contract_handlert::add_contract_instructions(

  const dfcc_contract_modet contract_mode,

  const irep_idt &wrapper_id,

  const irep_idt &wrapped_id,

  const irep_idt &contract_id,

  const symbolt &wrapper_write_set_symbol,

  goto_programt &dest,

  std::set<irep_idt> &function_pointer_contracts)

{

  dfcc_wrapper_programt(

    contract_mode,

    dfcc_utilst::get_function_symbol(goto_model.symbol_table, wrapper_id),

    dfcc_utilst::get_function_symbol(goto_model.symbol_table, wrapped_id),

    get_contract_functions(contract_id),

    wrapper_write_set_symbol,

    goto_model,

    message_handler,

    library,

    instrument,

    memory_predicates)

    .add_to_dest(dest, function_pointer_contracts);

}


const symbolt &dfcc_contract_handlert::get_pure_contract_symbol(

  const irep_idt &contract_id,

  const std::optional<irep_idt> function_id_opt)

{

  auto pure_contract_id = "contract::" + id2string(contract_id);

  const symbolt *pure_contract_symbol = nullptr;

  if(!ns.lookup(pure_contract_id, pure_contract_symbol))

  {

    if(function_id_opt.has_value())

    {

      auto function_id = function_id_opt.value();

      const auto &function_symbol =

        dfcc_utilst::get_function_symbol(goto_model.symbol_table, function_id);

      check_signature_compat(

        function_id,

        to_code_type(function_symbol.type),

        pure_contract_id,

        to_code_type(pure_contract_symbol->type));

    }

    return *pure_contract_symbol;

  }

  else

  {

    // The contract symbol might not have been created if the function had

    // no contract or a contract with all empty clauses (which is equivalent).

    // in that case we create a fresh symbol again with empty clauses.

    PRECONDITION_WITH_DIAGNOSTICS(

      function_id_opt.has_value(),

      "Contract '" + pure_contract_id +

        "' not found, the identifier of an existing function must be provided "

        "to derive a default contract");


    auto function_id = function_id_opt.value();

    const auto &function_symbol =

      dfcc_utilst::get_function_symbol(goto_model.symbol_table, function_id);


    log.warning() << "Contract '" << contract_id

                  << "' not found, deriving empty pure contract '"

                  << pure_contract_id << "' from function '" << function_id

                  << "'" << messaget::eom;


    symbolt new_symbol{

      pure_contract_id, function_symbol.type, function_symbol.mode};

    new_symbol.base_name = pure_contract_id;

    new_symbol.pretty_name = pure_contract_id;

    new_symbol.is_property = true;

    new_symbol.module = function_symbol.module;

    new_symbol.location = function_symbol.location;

    auto entry = goto_model.symbol_table.insert(std::move(new_symbol));

    INVARIANT(

      entry.second,

      "contract '" + id2string(function_symbol.display_name()) +

        "' already set at " + id2string(entry.first.location.as_string()));

    // this lookup will work and set the pointer

    // no need to check for signature compatibility

    ns.lookup(pure_contract_id, pure_contract_symbol);

    return *pure_contract_symbol;

  }

}


void dfcc_contract_handlert::check_signature_compat(

  const irep_idt &contract_id,

  const code_typet &contract_type,

  const irep_idt &pure_contract_id,

  const code_typet &pure_contract_type)

{

  // can we turn a call to `contract` into a call to `pure_contract` ?

  bool compatible =

    function_is_type_compatible(true, contract_type, pure_contract_type, ns);


  if(!compatible)

  {

    std::ostringstream err_msg;

    err_msg << "dfcc_contract_handlert: function '" << contract_id

            << "' and the corresponding pure contract symbol '"

            << pure_contract_id << "' have incompatible type signatures:\n";


    err_msg << "- contract return type "

            << from_type(ns, contract_id, contract_type.return_type()) << "\n";


    for(const auto &param : contract_type.parameters())

    {

      err_msg << "- contract param type "

              << from_type(ns, contract_id, param.type()) << "\n";

    }


    err_msg << "- pure contract return type "

            << from_type(ns, pure_contract_id, pure_contract_type.return_type())

            << "\n";


    for(const auto &param : pure_contract_type.parameters())

    {

      err_msg << "- pure contract param type "

              << from_type(ns, pure_contract_id, param.type()) << "\n";

    }


    err_msg << "aborting."

            << "\n";

    throw invalid_source_file_exceptiont(

      err_msg.str(), contract_type.source_location());

  }

}


arith_tools.h

c_expr.h
API to expression classes that are internal to the C frontend.

c_types.h

ait
ait supplies three of the four components needed: an abstract interpreter (in this case handling func...
Definition ai.h:562

code_typet
Base type of functions.
Definition std_types.h:583

dfcc_contract_clauses_codegent
Translates assigns and frees clauses of a function contract or loop contract into GOTO programs that ...
Definition dfcc_contract_clauses_codegen.h:36

dfcc_contract_functionst
Generates GOTO functions modelling a contract assigns and frees clauses.
Definition dfcc_contract_functions.h:64

dfcc_contract_handlert::log
messaget log
Definition dfcc_contract_handler.h:118

dfcc_contract_handlert::check_signature_compat
void check_signature_compat(const irep_idt &contract_id, const code_typet &contract_type, const irep_idt &pure_contract_id, const code_typet &pure_contract_type)
Throws an error if the type signatures are not compatible.
Definition dfcc_contract_handler.cpp:171

dfcc_contract_handlert::spec_functions
dfcc_spec_functionst & spec_functions
Definition dfcc_contract_handler.h:122

dfcc_contract_handlert::get_pure_contract_symbol
const symbolt & get_pure_contract_symbol(const irep_idt &contract_id, const std::optional< irep_idt > function_id_opt={})
Searches for a symbol named "contract::contract_id" in the symbol table.
Definition dfcc_contract_handler.cpp:111

dfcc_contract_handlert::ns
namespacet ns
Definition dfcc_contract_handler.h:124

dfcc_contract_handlert::contract_cache
static std::map< irep_idt, dfcc_contract_functionst > contract_cache
Definition dfcc_contract_handler.h:127

dfcc_contract_handlert::memory_predicates
dfcc_lift_memory_predicatest & memory_predicates
Definition dfcc_contract_handler.h:121

dfcc_contract_handlert::message_handler
message_handlert & message_handler
Definition dfcc_contract_handler.h:117

dfcc_contract_handlert::contract_clauses_codegen
dfcc_contract_clauses_codegent & contract_clauses_codegen
Definition dfcc_contract_handler.h:123

dfcc_contract_handlert::get_assigns_clause_size
const std::size_t get_assigns_clause_size(const irep_idt &contract_id)
Returns the size assigns clause of the given contract in number of targets.
Definition dfcc_contract_handler.cpp:83

dfcc_contract_handlert::goto_model
goto_modelt & goto_model
Definition dfcc_contract_handler.h:116

dfcc_contract_handlert::library
dfcc_libraryt & library
Definition dfcc_contract_handler.h:119

dfcc_contract_handlert::add_contract_instructions
void add_contract_instructions(const dfcc_contract_modet contract_mode, const irep_idt &wrapper_id, const irep_idt &wrapped_id, const irep_idt &contract_id, const symbolt &wrapper_write_set_symbol, goto_programt &dest, std::set< irep_idt > &function_pointer_contracts)
Adds instructions in dest modeling contract checking, assuming that ret_t wrapper_id(params) is the f...
Definition dfcc_contract_handler.cpp:88

dfcc_contract_handlert::instrument
dfcc_instrumentt & instrument
Definition dfcc_contract_handler.h:120

dfcc_contract_handlert::dfcc_contract_handlert
dfcc_contract_handlert(goto_modelt &goto_model, message_handlert &message_handler, dfcc_libraryt &library, dfcc_instrumentt &instrument, dfcc_lift_memory_predicatest &memory_predicates, dfcc_spec_functionst &spec_functions, dfcc_contract_clauses_codegent &contract_clauses_codegen)
Definition dfcc_contract_handler.cpp:38

dfcc_contract_handlert::get_contract_functions
const dfcc_contract_functionst & get_contract_functions(const irep_idt &contract_id)
Returns the dfcc_contract_functionst object for the given contract from the cache,...
Definition dfcc_contract_handler.cpp:59

dfcc_instrumentt
This class instruments GOTO functions or instruction sequences for frame condition checking and loop ...
Definition dfcc_instrument.h:44

dfcc_libraryt
Class interface to library types and functions defined in cprover_contracts.c.
Definition dfcc_library.h:164

dfcc_lift_memory_predicatest
Definition dfcc_lift_memory_predicates.h:37

dfcc_spec_functionst
This class rewrites GOTO functions that use the built-ins:
Definition dfcc_spec_functions.h:57

dfcc_wrapper_programt
Generates the body of a wrapper function from a contract specified using requires,...
Definition dfcc_wrapper_program.h:98

dfcc_wrapper_programt::add_to_dest
void add_to_dest(goto_programt &dest, std::set< irep_idt > &dest_fp_contracts)
Adds the whole program to dest and the discovered function pointer contracts dest_fp_contracts.
Definition dfcc_wrapper_program.cpp:237

dstringt
dstringt has one field, an unsigned integer no which is an index into a static table of strings.
Definition dstring.h:38

goto_modelt
Definition goto_model.h:27

goto_modelt::symbol_table
symbol_tablet symbol_table
Symbol table.
Definition goto_model.h:31

goto_programt
A generic container class for the GOTO intermediate representation of one function.
Definition goto_program.h:72

invalid_source_file_exceptiont
Thrown when we can't handle something in an input source file.
Definition exception_utils.h:172

message_handlert
Definition message.h:27

messaget::warning
mstreamt & warning() const
Definition message.h:396

messaget::eom
static eomt eom
Definition message.h:289

namespacet::lookup
bool lookup(const irep_idt &name, const symbolt *&symbol) const override
See documentation for namespace_baset::lookup().
Definition namespace.cpp:134

symbol_tablet::insert
virtual std::pair< symbolt &, bool > insert(symbolt symbol) override
Author: Diffblue Ltd.
Definition symbol_table.cpp:17

symbolt
Symbol table entry.
Definition symbol.h:28

symbolt::type
typet type
Type of symbol.
Definition symbol.h:31

dfcc_contract_handler.h
Specialisation of dfcc_contract_handlert for contracts.

dfcc_contract_modet
dfcc_contract_modet
Enum type representing the contract checking and replacement modes.
Definition dfcc_contract_mode.h:20

dfcc_instrument.h
Add instrumentation to a goto program to perform frame condition checks.

dfcc_library.h
Dynamic frame condition checking library loading.

dfcc_spec_functions.h
Translate functions that specify assignable and freeable targets declaratively into active functions ...

dfcc_wrapper_program.h
Generates the body of a wrapper function from a contract for contract checking or contract replacemen...

expr_util.h
Deprecated expression utility functions.

format_type.h

fresh_symbol.h
Fresh auxiliary symbol creation.

goto_model.h
Symbol Table + CFG.

id2string
const std::string & id2string(const irep_idt &d)
Definition irep.h:44

from_type
std::string from_type(const namespacet &ns, const irep_idt &identifier, const typet &type)
Definition language_util.cpp:52

language_util.h

log
double log(double x)
Definition math.c:2449

mathematical_expr.h
API to expression classes for 'mathematical' expressions.

namespace.h

pointer_offset_size.h
Pointer Logic.

function_is_type_compatible
bool function_is_type_compatible(bool return_value_used, const code_typet &call_type, const code_typet &function_type, const namespacet &ns)
Returns true iff call_type can be converted to produce a function call of the same type as function_t...
Definition remove_function_pointers.cpp:129

remove_function_pointers.h
Remove Indirect Function Calls.

invariant.h

PRECONDITION_WITH_DIAGNOSTICS
#define PRECONDITION_WITH_DIAGNOSTICS(CONDITION,...)
Definition invariant.h:464

INVARIANT
#define INVARIANT(CONDITION, REASON)
This macro uses the wrapper function 'invariant_violated_string'.
Definition invariant.h:423

std_expr.h
API to expression classes.

to_code_type
const code_typet & to_code_type(const typet &type)
Cast a typet to a code_typet.
Definition std_types.h:788

dfcc_utilst::get_function_symbol
static symbolt & get_function_symbol(symbol_table_baset &, const irep_idt &function_id)
Returns the symbolt for function_id.
Definition dfcc_utils.cpp:72

utils.h