36 template <
typename K,
typename V>
37 std::map<V, K>
swap_map(std::map<K, V>
const &map)
39 std::map<V, K> result;
40 for(
auto const &pair : map)
41 result.insert({pair.second, pair.first});
46 #define CONTRACTS_PREFIX CPROVER_PREFIX "contracts_"
51 return std::map<dfcc_typet, irep_idt>{
177 : goto_model(goto_model),
178 message_handler(message_handler),
179 log(message_handler),
202 return dfcc_hook.find(function_id)->second;
206 std::optional<dfcc_funt>
211 return {found->second};
219 sl.
add_pragma(
"disable:pointer-primitive-check");
220 sl.
add_pragma(
"disable:pointer-overflow-check");
221 sl.
add_pragma(
"disable:signed-overflow-check");
222 sl.
add_pragma(
"disable:unsigned-overflow-check");
224 sl.
add_pragma(
"disable:undefined-shift-check");
232 for(
auto &inst :
function.body.instructions)
241 std::set<irep_idt> missing;
244 missing.insert(
"malloc");
248 missing.insert(
"free");
263 symbol_tablet::symbolst::const_iterator found =
268 found->second.value.is_nil())
270 missing.insert(pair.second);
281 !
loaded,
"the cprover_contracts library can only be loaded once");
288 to_instrument.insert(
"malloc");
289 to_instrument.insert(
"free");
292 std::set<irep_idt> to_load;
305 to_load.insert(
"malloc");
306 to_load.insert(
"free");
317 for(
const auto &symbol_pair : tmp_symbol_table.
symbols)
319 const auto &sym = symbol_pair.first;
325 for(
const auto &
id : missing)
342 found->second.body_available(),
343 "The body of DFCC library function " +
id2string(pair.second) +
344 " could not be found");
370 return {found->second};
434 "dfcc_libraryt::specialize_functions can only be called once");
438 std::list<std::string> loop_names;
442 const auto &
function = entry.first;
443 const auto &loop_id = entry.second;
444 std::stringstream stream;
446 << contract_assigns_size + 1;
447 const auto &str = stream.str();
448 loop_names.push_back(str);
468 "dfcc_libraryt::fix_malloc_free_calls can only be called once");
477 if(ins->is_function_call())
479 const auto &
function = ins->call_function();
481 if(
function.
id() == ID_symbol)
498 std::string options =
"assert-false";
504 const auto &function_id = it.first;
507 auto &goto_function =
518 const irep_idt map_name =
"__dfcc_instrumented_functions";
530 "__dfcc_instrumented_functions",
533 "<built-in-library>",
539 const std::set<irep_idt> &instrumented_functions,
543 auto instrumented_functions_map =
546 for(
auto &function_id : instrumented_functions)
551 auto index_expr =
index_exprt(instrumented_functions_map, object_id);
559 const exprt &address_of_write_set,
560 const exprt &max_assigns_clause_size,
561 const exprt &max_frees_clause_size,
562 const exprt &assume_requires_ctx,
563 const exprt &assert_requires_ctx,
564 const exprt &assume_ensures_ctx,
565 const exprt &assert_ensures_ctx,
566 const exprt &allow_allocate,
567 const exprt &allow_deallocate,
570 auto function_symbol =
575 arguments.emplace_back(address_of_write_set);
577 arguments.emplace_back(max_assigns_clause_size);
579 arguments.emplace_back(max_frees_clause_size);
580 arguments.push_back(assume_requires_ctx);
581 arguments.push_back(assert_requires_ctx);
582 arguments.push_back(assume_ensures_ctx);
583 arguments.push_back(assert_ensures_ctx);
584 arguments.push_back(allow_allocate);
585 arguments.push_back(allow_deallocate);
591 const exprt &address_of_write_set,
592 const exprt &max_assigns_clause_size,
596 address_of_write_set,
597 max_assigns_clause_size,
609 const exprt &write_set_ptr,
620 const exprt &write_set_ptr,
626 {write_set_ptr, ptr});
632 const exprt &write_set_ptr,
638 {write_set_ptr, ptr});
644 const exprt &write_set_ptr,
650 {write_set_ptr, ptr});
656 const exprt &write_set_ptr,
662 {write_set_ptr, ptr});
669 const exprt &check_var,
670 const exprt &write_set_ptr,
683 const exprt &check_var,
684 const exprt &write_set_ptr,
692 {write_set_ptr, ptr, size});
698 const exprt &check_var,
699 const exprt &write_set_ptr,
706 {write_set_ptr, dest});
712 const exprt &check_var,
713 const exprt &write_set_ptr,
720 {write_set_ptr, dest});
726 const exprt &check_var,
727 const exprt &write_set_ptr,
735 {write_set_ptr, dest, src});
741 const exprt &check_var,
742 const exprt &write_set_ptr,
749 {write_set_ptr, ptr});
755 const exprt &check_var,
756 const exprt &write_set_ptr,
763 {write_set_ptr, ptr});
770 const exprt &check_var,
771 const exprt &reference_write_set_ptr,
772 const exprt &candidate_write_set_ptr,
779 {reference_write_set_ptr, candidate_write_set_ptr});
786 const exprt &check_var,
787 const exprt &reference_write_set_ptr,
788 const exprt &candidate_write_set_ptr,
795 {reference_write_set_ptr, candidate_write_set_ptr});
801 const exprt &write_set_ptr,
802 const exprt &target_write_set_ptr,
807 {write_set_ptr, target_write_set_ptr});
813 const exprt &write_set_ptr,
814 const exprt &is_fresh_obj_set_ptr,
819 {write_set_ptr, is_fresh_obj_set_ptr});
825 const exprt &write_set_postconditions_ptr,
826 const exprt &write_set_to_link_ptr,
831 {write_set_postconditions_ptr, write_set_to_link_ptr});
837 const exprt &write_set_postconditions_ptr,
838 const exprt &write_set_to_link_ptr,
843 {write_set_postconditions_ptr, write_set_to_link_ptr});
851 const exprt &write_set_ptr,
857 {ptr, write_set_ptr});
864 const exprt &obj_set_ptr,
876 const exprt &obj_set_ptr,
void cprover_c_library_factory_force_load(const std::set< irep_idt > &functions, symbol_table_baset &symbol_table, message_handlert &message_handler)
Load the requested function symbols from the cprover library and add them to the symbol table regardl...
API to expression classes that are internal to the C frontend.
unsignedbv_typet unsigned_char_type()
Operator to return the address of an object.
Array constructor from single element.
goto_instruction_codet representation of a function call statement.
struct configt::ansi_ct ansi_c
const code_function_callt write_set_record_dead_call(const exprt &write_set_ptr, const exprt &ptr, const source_locationt &source_location)
Builds call to __CPROVER_contracts_write_set_record_dead.
const std::map< irep_idt, dfcc_funt > havoc_hook
Maps front-end functions to library functions giving their havoc semantics.
const code_function_callt write_set_check_allocated_deallocated_is_empty_call(const exprt &check_var, const exprt &write_set_ptr, const source_locationt &source_location)
Builds call to __CPROVER_contracts_write_set_check_allocated_deallocated_is_empty.
const code_function_callt obj_set_create_indexed_by_object_id_call(const exprt &obj_set_ptr, const source_locationt &source_location)
Builds call to __CPROVER_contracts_obj_set_create_indexed_by_object_id.
static bool inlined
True iff the library functions are inlined.
const std::map< irep_idt, dfcc_funt > dfcc_hook
Maps built-in function names to enums to use for instrumentation.
const code_function_callt write_set_check_assignment_call(const exprt &check_var, const exprt &write_set_ptr, const exprt &ptr, const exprt &size, const source_locationt &source_location)
Builds call to __CPROVER_contracts_write_set_check_assignment.
static bool loaded
True iff the contracts library symbols are loaded.
dfcc_libraryt(goto_modelt &goto_model, message_handlert &lmessage_handler)
Class constructor.
void fix_malloc_free_calls()
Fixes function calls to malloc and free in library functions.
static bool malloc_free_fixed
True iff the library functions uses of malloc and free are fixed.
bool is_front_end_builtin(const irep_idt &function_id) const
Returns true iff the given function_id is one of __CPROVER_assignable, __CPROVER_object_whole,...
const code_function_callt link_allocated_call(const exprt &write_set_postconditions_ptr, const exprt &write_set_to_link_ptr, const source_locationt &source_location)
Builds call to __CPROVER_contracts_link_allocated.
const code_function_callt write_set_record_deallocated_call(const exprt &write_set_ptr, const exprt &ptr, const source_locationt &source_location)
Builds call to __CPROVER_contracts_write_set_record_deallocated.
const code_function_callt write_set_add_decl_call(const exprt &write_set_ptr, const exprt &ptr, const source_locationt &source_location)
Builds call to __CPROVER_contracts_write_set_add_decl.
void inline_functions()
Inlines library functions that need to be inlined before use.
const code_function_callt write_set_check_array_copy_call(const exprt &check_var, const exprt &write_set_ptr, const exprt &dest, const source_locationt &source_location)
Builds call to __CPROVER_contracts_write_set_check_array_copy.
const code_function_callt write_set_add_allocated_call(const exprt &write_set_ptr, const exprt &ptr, const source_locationt &source_location)
Builds call to __CPROVER_contracts_write_set_add_allocated.
std::optional< dfcc_funt > get_dfcc_fun(const irep_idt &id) const
Returns the dfcc_funt that corresponds to the given id if any.
void add_instrumented_functions_map_init_instructions(const std::set< irep_idt > &instrumented_functions, const source_locationt &source_location, goto_programt &dest)
Generates instructions to initialize the instrumented function map symbol from the given set of instr...
const std::map< dfcc_typet, irep_idt > dfcc_type_to_name
Enum to type name mapping.
const symbolt & get_instrumented_functions_map_symbol()
Returns the "__dfcc_instrumented_functions" symbol or creates it if it does not exist already.
const std::map< dfcc_funt, irep_idt > dfcc_fun_to_name
enum to function name mapping
const std::map< irep_idt, dfcc_funt > dfcc_name_to_fun
const code_function_callt write_set_check_array_set_call(const exprt &check_var, const exprt &write_set_ptr, const exprt &dest, const source_locationt &source_location)
Builds call to __CPROVER_contracts_write_set_check_array_set.
const code_function_callt write_set_check_array_replace_call(const exprt &check_var, const exprt &write_set_ptr, const exprt &dest, const exprt &src, const source_locationt &source_location)
Builds call to __CPROVER_contracts_write_set_check_array_replace.
const code_function_callt write_set_release_call(const exprt &write_set_ptr, const source_locationt &source_location)
Builds call to __CPROVER_contracts_write_set_release.
void inhibit_front_end_builtins()
Adds an ASSERT(false) body to all front-end functions __CPROVER_object_whole __CPROVER_object_upto __...
const code_function_callt obj_set_release_call(const exprt &obj_set_ptr, const source_locationt &source_location)
Builds call to __CPROVER_contracts_obj_set_release.
const irep_idt & get_dfcc_fun_name(dfcc_funt fun) const
Returns the name of the given dfcc_funt.
dfcc_funt get_hook(const irep_idt &function_id) const
Returns the library instrumentation hook for the given front-end function.
bool is_dfcc_library_symbol(const irep_idt &id) const
True iff the given id is one of the library symbols.
const code_function_callt write_set_check_deallocate_call(const exprt &check_var, const exprt &write_set_ptr, const exprt &ptr, const source_locationt &source_location)
Builds call to __CPROVER_contracts_write_set_check_deallocate.
const code_function_callt link_deallocated_call(const exprt &write_set_postconditions_ptr, const exprt &write_set_to_link_ptr, const source_locationt &source_location)
Builds call to __CPROVER_contracts_link_deallocated.
const code_function_callt write_set_check_assigns_clause_inclusion_call(const exprt &check_var, const exprt &reference_write_set_ptr, const exprt &candidate_write_set_ptr, const source_locationt &source_location)
Builds call to __CPROVER_contracts_write_set_check_assigns_clause_inclusion.
const code_function_callt link_is_fresh_call(const exprt &write_set_ptr, const exprt &is_fresh_obj_set_ptr, const source_locationt &source_location)
Builds call to __CPROVER_contracts_link_is_fresh.
message_handlert & message_handler
std::map< dfcc_typet, typet > dfcc_type
Maps enum values to the actual types (dynamically loaded)
std::set< irep_idt > get_missing_funs()
Collects the names of all library functions currently missing from the goto_model into missing.
const code_function_callt write_set_create_call(const exprt &write_set_ptr, const exprt &contract_assigns_size, const exprt &contract_frees_size, const exprt &assume_requires_ctx, const exprt &assert_requires_ctx, const exprt &assume_ensures_ctx, const exprt &assert_ensures_ctx, const exprt &allow_allocate, const exprt &allow_deallocate, const source_locationt &source_location)
Builds call to __CPROVER_contracts_write_set_create.
const code_function_callt write_set_check_frees_clause_inclusion_call(const exprt &check_var, const exprt &reference_write_set_ptr, const exprt &candidate_write_set_ptr, const source_locationt &source_location)
Builds call to __CPROVER_contracts_write_set_check_frees_clause_inclusion.
const code_function_callt write_set_check_havoc_object_call(const exprt &check_var, const exprt &write_set_ptr, const exprt &ptr, const source_locationt &source_location)
Builds call to __CPROVER_contracts_write_set_check_havoc_object.
void disable_checks()
Adds "checked" pragmas to instructions of all library functions instructions.
const code_function_callt check_replace_ensures_was_freed_preconditions_call(const exprt &ptr, const exprt &write_set_ptr, const source_locationt &source_location)
Builds call to __CPROVER_contracts_check_replace_ensures_was_freed_preconditions.
const code_function_callt write_set_deallocate_freeable_call(const exprt &write_set_ptr, const exprt &target_write_set_ptr, const source_locationt &source_location)
Builds call to __CPROVER_contracts_write_set_deallocate_freeable.
void specialize(const std::size_t contract_assigns_size_hint)
Specializes the library by unwinding loops in library functions to the given assigns clause size.
std::map< dfcc_funt, symbolt > dfcc_fun_symbol
Maps enum values to the actual function symbols (dynamically loaded)
std::optional< dfcc_funt > get_havoc_hook(const irep_idt &function_id) const
Returns the library instrumentation hook for the given built-in.
void load(std::set< irep_idt > &to_instrument)
After calling this function, all library types and functions are present in the the goto_model.
static bool specialized
True iff the library functions are specialized to a particular contract.
dstringt has one field, an unsigned integer no which is an index into a static table of strings.
Base class for all expressions.
source_locationt & add_source_location()
typet & type()
Return the type of the expression.
The Boolean constant false.
function_mapt function_map
symbol_tablet symbol_table
Symbol table.
goto_functionst goto_functions
GOTO functions.
A generic container class for the GOTO intermediate representation of one function.
static instructiont make_assignment(const code_assignt &_code, const source_locationt &l=source_locationt::nil())
Create an assignment instruction.
targett add(instructiont &&instruction)
Adds a given instruction at the end.
An expression denoting infinity.
mstreamt & status() const
A namespacet is essentially one or two symbol tables bound together, to allow for symbol lookups in t...
bool lookup(const irep_idt &name, const symbolt *&symbol) const override
See documentation for namespace_baset::lookup().
void add_pragma(const irep_idt &pragma)
void set_identifier(const irep_idt &identifier)
const irep_idt & get_identifier() const
symbolt & get_writeable_ref(const irep_idt &name)
Find a symbol in the symbol table for read-write access.
const symbolst & symbols
Read-only field, used to look up symbols given their names.
const symbolt & lookup_ref(const irep_idt &name) const
Find a symbol in the symbol table for read-only access.
bool has_symbol(const irep_idt &name) const
Check whether a symbol exists in the symbol table.
virtual std::pair< symbolt &, bool > insert(symbolt symbol) override
Author: Diffblue Ltd.
void set_compiled()
Set the symbol's value to "compiled"; to be used once the code-typed value has been converted to a go...
class symbol_exprt symbol_expr() const
Produces a symbol_exprt for a symbol.
const std::map< dfcc_funt, irep_idt > create_dfcc_fun_to_name()
const std::map< irep_idt, dfcc_funt > create_dfcc_hook()
static const std::set< dfcc_funt > to_inline
set of functions that need to be inlined
const std::map< irep_idt, dfcc_funt > create_havoc_hook()
std::map< V, K > swap_map(std::map< K, V > const &map)
Swaps keys and values in a map.
static void add_checked_pragmas(source_locationt &sl)
const std::map< dfcc_typet, irep_idt > create_dfcc_type_to_name()
Creates the enum to type name mapping.
static const std::set< dfcc_funt > fix_malloc_free_set
Set of functions that contain calls to assignable_malloc or assignable_free.
static const std::map< dfcc_funt, int > to_unwind
set of functions that need to be unwound to assigns clause size with corresponding loop identifiers.
const std::set< irep_idt > create_assignable_builtin_names()
Dynamic frame condition checking library loading.
dfcc_funt
One enum value per function defined by the cprover_dfcc.c library file.
@ WRITE_SET_INSERT_OBJECT_UPTO
@ WRITE_SET_CHECK_ASSIGNMENT
@ WRITE_SET_INSERT_ASSIGNABLE
@ WRITE_SET_CHECK_FREES_CLAUSE_INCLUSION
@ WRITE_SET_INSERT_OBJECT_WHOLE
@ WRITE_SET_DEALLOCATE_FREEABLE
@ WRITE_SET_CHECK_ARRAY_REPLACE
@ WRITE_SET_CHECK_HAVOC_OBJECT
@ OBJ_SET_CREATE_INDEXED_BY_OBJECT_ID
@ WRITE_SET_CHECK_DEALLOCATE
@ WRITE_SET_CHECK_ALLOCATED_DEALLOCATED_IS_EMPTY
@ WRITE_SET_CHECK_ARRAY_SET
@ WRITE_SET_CHECK_ASSIGNS_CLAUSE_INCLUSION
@ WRITE_SET_HAVOC_GET_ASSIGNABLE_TARGET
@ WRITE_SET_CHECK_ARRAY_COPY
@ REPLACE_ENSURES_WAS_FREED_PRECONDITIONS
@ WRITE_SET_RECORD_DEALLOCATED
@ WRITE_SET_ADD_ALLOCATED
@ WRITE_SET_HAVOC_OBJECT_WHOLE
@ WRITE_SET_INSERT_OBJECT_FROM
dfcc_typet
One enum value per type defined by the cprover_dfcc.c library file.
@ WRITE_SET
type of descriptors of assignable/freeable sets of locations
@ CAR_SET_PTR
type of pointers to sets of CAR
@ CAR_SET
type of sets of CAR
@ OBJ_SET_PTR
type of pointers to sets of object identifiers
@ OBJ_SET
type of sets of object identifiers
@ WRITE_SET_PTR
type of pointers to descriptors of assignable/freeable sets of locations
@ CAR
type of descriptors of conditionally assignable ranges of bytes
Dynamic frame condition checking utility functions.
std::unique_ptr< generate_function_bodiest > generate_function_bodies_factory(const std::string &options, const c_object_factory_parameterst &object_factory_parameters, const symbol_tablet &symbol_table, message_handlert &message_handler)
Create the type that actually generates the functions.
void generate_function_bodies(const std::regex &functions_regex, const generate_function_bodiest &generate_function_body, goto_modelt &model, message_handlert &message_handler)
Generate function bodies with some default behavior: assert-false, assume-false, assert-false-assume-...
void goto_convert(const codet &code, symbol_table_baset &symbol_table, goto_programt &dest, message_handlert &message_handler, const irep_idt &mode)
Goto Programs with Functions.
#define Forall_goto_program_instructions(it, program)
const std::string & id2string(const irep_idt &d)
API to expression classes for Pointers.
exprt pointer_object(const exprt &p)
Various predicates over pointers in programs.
#define PRECONDITION_WITH_DIAGNOSTICS(CONDITION,...)
#define PRECONDITION(CONDITION)
API to expression classes.
const symbol_exprt & to_symbol_expr(const exprt &expr)
Cast an exprt to a symbol_exprt.
static symbolt & get_function_symbol(symbol_table_baset &, const irep_idt &function_id)
Returns the symbolt for function_id.
static void inline_function(goto_modelt &goto_model, const irep_idt &function_id, message_handlert &message_handler)
Inlines the given function, aborts on recursive calls during inlining.
static const symbolt & create_static_symbol(symbol_table_baset &, const typet &type, const std::string &prefix, const std::string &base_name, const source_locationt &source_location, const irep_idt &mode, const irep_idt &module, const exprt &initial_value, const bool no_nondet_initialization=true)
Adds a new static symbol named prefix::base_name of type type with value initial_value in the symbol ...
1.9.1