cbmc/dfcc__swap__and__wrap_8cpp_source.html

/*******************************************************************\


Module: Dynamic frame condition checking


Author: Remi Delmas, delmarsd@amazon.com


\*******************************************************************/


#include "dfcc_swap_and_wrap.h"


#include <goto-programs/remove_skip.h>


#include "dfcc_contract_handler.h"

#include "dfcc_instrument.h"

#include "dfcc_library.h"

#include "dfcc_utils.h"


dfcc_swap_and_wrapt::dfcc_swap_and_wrapt(

  goto_modelt &goto_model,

  message_handlert &message_handler,

  dfcc_libraryt &library,

  dfcc_instrumentt &instrument,

  dfcc_spec_functionst &spec_functions,

  dfcc_contract_handlert &contract_handler)

  : goto_model(goto_model),

    message_handler(message_handler),

    log(message_handler),

    library(library),

    instrument(instrument),

    spec_functions(spec_functions),

    contract_handler(contract_handler),

    ns(goto_model.symbol_table)

{

}


// static map

std::map<

  irep_idt,

  std::pair<irep_idt, std::pair<dfcc_contract_modet, loop_contract_configt>>>

  dfcc_swap_and_wrapt::cache;


void dfcc_swap_and_wrapt::swap_and_wrap(

  const dfcc_contract_modet contract_mode,

  const loop_contract_configt &loop_contract_config,

  const irep_idt &function_id,

  const irep_idt &contract_id,

  std::set<irep_idt> &function_pointer_contracts,

  bool allow_recursive_calls)

{

  auto pair = cache.insert(

    {function_id, {contract_id, {contract_mode, loop_contract_config}}});

  auto inserted = pair.second;


  if(!inserted)

  {

    irep_idt old_contract_id = pair.first->second.first;

    dfcc_contract_modet old_contract_mode = pair.first->second.second.first;

    loop_contract_configt old_loop_contract_config =

      pair.first->second.second.second;


    // different swap already performed, abort (should be unreachable)

    if(

      old_contract_id != contract_id || old_contract_mode != contract_mode ||

      old_loop_contract_config != loop_contract_config)

    {

      std::ostringstream err_msg;

      err_msg << "DFCC: multiple attempts to swap and wrap function '"

              << function_id << "':\n";

      err_msg << "- with '" << old_contract_id << "' in "

              << dfcc_contract_mode_to_string(old_contract_mode) << " "

              << old_loop_contract_config.to_string() << "\n";

      err_msg << "- with '" << contract_id << "' in "

              << dfcc_contract_mode_to_string(contract_mode) << " "

              << loop_contract_config.to_string() << "\n";

      throw invalid_input_exceptiont(err_msg.str());

    }

    // same swap already performed

    return;

  }


  // actually perform the translation

  switch(contract_mode)

  {

  case dfcc_contract_modet::CHECK:

  {

    check_contract(

      loop_contract_config,

      function_id,

      contract_id,

      function_pointer_contracts,

      allow_recursive_calls);

    break;

  }

  case dfcc_contract_modet::REPLACE:

  {

    replace_with_contract(function_id, contract_id, function_pointer_contracts);

    break;

  }

  }

}


void dfcc_swap_and_wrapt::get_swapped_functions(std::set<irep_idt> &dest) const

{

  for(const auto &it : dfcc_swap_and_wrapt::cache)

  {

    dest.insert(it.first);

  }

}


void dfcc_swap_and_wrapt::check_contract(

  const loop_contract_configt &loop_contract_config,

  const irep_idt &function_id,

  const irep_idt &contract_id,

  std::set<irep_idt> &function_pointer_contracts,

  bool allow_recursive_calls)

{

  // all code generation needs to run on functions with unmodified signatures

  const irep_idt &wrapper_id = function_id;

  const irep_idt wrapped_id =

    id2string(wrapper_id) + "_wrapped_for_contract_checking";

  dfcc_utilst::wrap_function(goto_model, wrapper_id, wrapped_id);


  // wrapper body

  goto_programt body;


  const auto &wrapper_symbol =

    dfcc_utilst::get_function_symbol(goto_model.symbol_table, wrapper_id);


  auto check_started = dfcc_utilst::create_static_symbol(

                         goto_model.symbol_table,

                         bool_typet(),

                         id2string(function_id),

                         "__contract_check_in_progress",

                         wrapper_symbol.location,

                         wrapper_symbol.mode,

                         wrapper_symbol.module,

                         false_exprt())

                         .symbol_expr();


  auto check_completed = dfcc_utilst::create_static_symbol(

                           goto_model.symbol_table,

                           bool_typet(),

                           id2string(function_id),

                           "__contract_checked_once",

                           wrapper_symbol.location,

                           wrapper_symbol.mode,

                           wrapper_symbol.module,

                           false_exprt())

                           .symbol_expr();


  auto check_started_goto = body.add(goto_programt::make_incomplete_goto(

    check_started, wrapper_symbol.location));


  // At most a single top level call to the checked function in any execution


  // Recursive calls within a contract check correspond to

  // `check_started && !check_completed` and are allowed.


  // Any other call occuring with `check_completed` true is forbidden.

  source_locationt sl(wrapper_symbol.location);

  sl.set_function(wrapper_symbol.name);

  sl.set_property_class("single_top_level_call");

  sl.set_comment(

    "Only a single top-level call to function " + id2string(function_id) +

    " when checking contract " + id2string(contract_id));

  body.add(goto_programt::make_assertion(not_exprt(check_completed), sl));

  body.add(goto_programt::make_assignment(

    check_started, true_exprt(), wrapper_symbol.location));


  const auto write_set_symbol = dfcc_utilst::create_new_parameter_symbol(

    goto_model.symbol_table,

    function_id,

    "__write_set_to_check",

    library.dfcc_type[dfcc_typet::CAR_SET_PTR]);


  contract_handler.add_contract_instructions(

    dfcc_contract_modet::CHECK,

    wrapper_id,

    wrapped_id,

    contract_id,

    write_set_symbol,

    body,

    function_pointer_contracts);


  body.add(goto_programt::make_assignment(

    check_completed, true_exprt(), wrapper_symbol.location));

  body.add(goto_programt::make_assignment(

    check_started, false_exprt(), wrapper_symbol.location));


  // unconditionally Jump to the end after the check

  auto goto_end_function =

    body.add(goto_programt::make_incomplete_goto(wrapper_symbol.location));


  // Jump to the replacement section if check already in progress

  auto contract_replacement_label =

    body.add(goto_programt::make_skip(wrapper_symbol.location));

  check_started_goto->complete_goto(contract_replacement_label);


  if(allow_recursive_calls)

  {

    contract_handler.add_contract_instructions(

      dfcc_contract_modet::REPLACE,

      wrapper_id,

      wrapped_id,

      contract_id,

      write_set_symbol,

      body,

      function_pointer_contracts);

  }

  else

  {

    source_locationt sl(wrapper_symbol.location);

    sl.set_function(wrapper_symbol.name);

    sl.set_property_class("no_recursive_call");

    sl.set_comment(

      "No recursive call to function " + id2string(function_id) +

      " when checking contract " + id2string(contract_id));

    body.add(goto_programt::make_assertion(false_exprt(), sl));

    body.add(

      goto_programt::make_assumption(false_exprt(), wrapper_symbol.location));

  }


  auto end_function_label =

    body.add(goto_programt::make_end_function(wrapper_symbol.location));

  goto_end_function->complete_goto(end_function_label);


  // write the body to the GOTO function

  goto_model.goto_functions.function_map.at(function_id).body.swap(body);


  // extend the signature of the wrapper function with the write set parameter

  dfcc_utilst::add_parameter(goto_model, write_set_symbol, function_id);


  goto_model.goto_functions.function_map.at(wrapper_id).make_hidden();


  // instrument the wrapped function

  instrument.instrument_wrapped_function(

    wrapped_id, wrapper_id, loop_contract_config, function_pointer_contracts);


  goto_model.goto_functions.update();

}


void dfcc_swap_and_wrapt::replace_with_contract(

  const irep_idt &function_id,

  const irep_idt &contract_id,

  std::set<irep_idt> &function_pointer_contracts)

{

  const irep_idt &wrapper_id = function_id;

  const irep_idt wrapped_id =

    id2string(function_id) + "_wrapped_for_replacement_with_contract";

  dfcc_utilst::wrap_function(goto_model, function_id, wrapped_id);


  const auto write_set_symbol = dfcc_utilst::create_new_parameter_symbol(

    goto_model.symbol_table,

    function_id,

    "__write_set_to_check",

    library.dfcc_type[dfcc_typet::CAR_SET_PTR]);


  goto_programt body;


  contract_handler.add_contract_instructions(

    dfcc_contract_modet::REPLACE,

    wrapper_id,

    wrapped_id,

    contract_id,

    write_set_symbol,

    body,

    function_pointer_contracts);


  body.add(goto_programt::make_end_function(

    dfcc_utilst::get_function_symbol(goto_model.symbol_table, wrapper_id)

      .location));


  goto_model.goto_functions.function_map.at(wrapper_id).make_hidden();


  // write the body to the GOTO function

  goto_model.goto_functions.function_map.at(function_id).body.swap(body);


  // extend the signature with the new write set parameter

  dfcc_utilst::add_parameter(goto_model, write_set_symbol, function_id);

}


ait
ait supplies three of the four components needed: an abstract interpreter (in this case handling func...
Definition ai.h:562

bool_typet
The Boolean type.
Definition std_types.h:36

dfcc_contract_handlert
A contract is represented by a function declaration or definition with contract clauses attached to i...
Definition dfcc_contract_handler.h:60

dfcc_contract_handlert::add_contract_instructions
void add_contract_instructions(const dfcc_contract_modet contract_mode, const irep_idt &wrapper_id, const irep_idt &wrapped_id, const irep_idt &contract_id, const symbolt &wrapper_write_set_symbol, goto_programt &dest, std::set< irep_idt > &function_pointer_contracts)
Adds instructions in dest modeling contract checking, assuming that ret_t wrapper_id(params) is the f...
Definition dfcc_contract_handler.cpp:73

dfcc_instrumentt
This class instruments GOTO functions or instruction sequences for frame condition checking and loop ...
Definition dfcc_instrument.h:44

dfcc_instrumentt::instrument_wrapped_function
void instrument_wrapped_function(const irep_idt &wrapped_function_id, const irep_idt &initial_function_id, const loop_contract_configt &loop_contract_config, std::set< irep_idt > &function_pointer_contracts)
Instruments a GOTO function by adding an extra write set parameter and inserting frame condition chec...
Definition dfcc_instrument.cpp:353

dfcc_libraryt
Class interface to library types and functions defined in cprover_contracts.c.
Definition dfcc_library.h:163

dfcc_libraryt::dfcc_type
std::map< dfcc_typet, typet > dfcc_type
Maps enum values to the actual types (dynamically loaded)
Definition dfcc_library.h:221

dfcc_spec_functionst
This class rewrites GOTO functions that use the built-ins:
Definition dfcc_spec_functions.h:49

dfcc_swap_and_wrapt::goto_model
goto_modelt & goto_model
Definition dfcc_swap_and_wrap.h:84

dfcc_swap_and_wrapt::check_contract
void check_contract(const loop_contract_configt &loop_contract_config, const irep_idt &function_id, const irep_idt &contract_id, std::set< irep_idt > &function_pointer_contracts, bool allow_recursive_calls)
Swaps-and-wraps the given function_id in a wrapper function that checks the given contract_id.
Definition dfcc_swap_and_wrap.cpp:134

dfcc_swap_and_wrapt::library
dfcc_libraryt & library
Definition dfcc_swap_and_wrap.h:87

dfcc_swap_and_wrapt::dfcc_swap_and_wrapt
dfcc_swap_and_wrapt(goto_modelt &goto_model, message_handlert &message_handler, dfcc_libraryt &library, dfcc_instrumentt &instrument, dfcc_spec_functionst &spec_functions, dfcc_contract_handlert &contract_handler)
Definition dfcc_swap_and_wrap.cpp:18

dfcc_swap_and_wrapt::get_swapped_functions
void get_swapped_functions(std::set< irep_idt > &dest) const
Adds the set of swapped functions to dest.
Definition dfcc_swap_and_wrap.cpp:102

dfcc_swap_and_wrapt::cache
static std::map< irep_idt, std::pair< irep_idt, std::pair< dfcc_contract_modet, loop_contract_configt > > > cache
remember all functions that were swapped/wrapped and in which mode
Definition dfcc_swap_and_wrap.h:97

dfcc_swap_and_wrapt::instrument
dfcc_instrumentt & instrument
Definition dfcc_swap_and_wrap.h:88

dfcc_swap_and_wrapt::contract_handler
dfcc_contract_handlert & contract_handler
Definition dfcc_swap_and_wrap.h:90

dfcc_swap_and_wrapt::replace_with_contract
void replace_with_contract(const irep_idt &function_id, const irep_idt &contract_id, std::set< irep_idt > &function_pointer_contracts)
Swaps-and-wraps the given function_id in a wrapper function that models the abstract behaviour of con...
Definition dfcc_swap_and_wrap.cpp:266

dfcc_swap_and_wrapt::swap_and_wrap
void swap_and_wrap(const dfcc_contract_modet contract_mode, const loop_contract_configt &loop_contract_config, const irep_idt &function_id, const irep_idt &contract_id, std::set< irep_idt > &function_pointer_contracts, bool allow_recursive_calls)
Definition dfcc_swap_and_wrap.cpp:42

dstringt
dstringt has one field, an unsigned integer no which is an index into a static table of strings.
Definition dstring.h:38

false_exprt
The Boolean constant false.
Definition std_expr.h:3200

goto_functionst::function_map
function_mapt function_map
Definition goto_functions.h:29

goto_functionst::update
void update()
Definition goto_functions.h:88

goto_modelt
Definition goto_model.h:27

goto_modelt::symbol_table
symbol_tablet symbol_table
Symbol table.
Definition goto_model.h:31

goto_modelt::goto_functions
goto_functionst goto_functions
GOTO functions.
Definition goto_model.h:34

goto_programt
A generic container class for the GOTO intermediate representation of one function.
Definition goto_program.h:72

goto_programt::make_assumption
static instructiont make_assumption(const exprt &g, const source_locationt &l=source_locationt::nil())
Definition goto_program.h:944

goto_programt::make_end_function
static instructiont make_end_function(const source_locationt &l=source_locationt::nil())
Definition goto_program.h:1000

goto_programt::make_assignment
static instructiont make_assignment(const code_assignt &_code, const source_locationt &l=source_locationt::nil())
Create an assignment instruction.
Definition goto_program.h:1064

goto_programt::make_skip
static instructiont make_skip(const source_locationt &l=source_locationt::nil())
Definition goto_program.h:890

goto_programt::add
targett add(instructiont &&instruction)
Adds a given instruction at the end.
Definition goto_program.h:738

goto_programt::make_assertion
static instructiont make_assertion(const exprt &g, const source_locationt &l=source_locationt::nil())
Definition goto_program.h:932

goto_programt::make_incomplete_goto
static instructiont make_incomplete_goto(const exprt &_cond, const source_locationt &l=source_locationt::nil())
Definition goto_program.h:1010

invalid_input_exceptiont
Thrown when user-provided input cannot be processed.
Definition exception_utils.h:163

message_handlert
Definition message.h:27

not_exprt
Boolean negation.
Definition std_expr.h:2459

source_locationt
Definition source_location.h:20

true_exprt
The Boolean constant true.
Definition std_expr.h:3191

dfcc_contract_handler.h
Specialisation of dfcc_contract_handlert for contracts.

dfcc_contract_mode_to_string
std::string dfcc_contract_mode_to_string(const dfcc_contract_modet mode)
Definition dfcc_contract_mode.cpp:15

dfcc_contract_modet
dfcc_contract_modet
Enum type representing the contract checking and replacement modes.
Definition dfcc_contract_mode.h:20

dfcc_contract_modet::REPLACE
@ REPLACE

dfcc_contract_modet::CHECK
@ CHECK

dfcc_instrument.h
Add instrumentation to a goto program to perform frame condition checks.

dfcc_library.h
Dynamic frame condition checking library loading.

dfcc_typet::CAR_SET_PTR
@ CAR_SET_PTR
type of pointers to sets of CAR

dfcc_swap_and_wrap.h
Given a function_id and contract_id, swaps its body to a function with a fresh mangled name,...

dfcc_utils.h
Dynamic frame condition checking utility functions.

id2string
const std::string & id2string(const irep_idt &d)
Definition irep.h:44

log
double log(double x)
Definition math.c:2449

remove_skip.h
Program Transformation.

dfcc_utilst::get_function_symbol
static symbolt & get_function_symbol(symbol_table_baset &, const irep_idt &function_id)
Returns the symbolt for function_id.
Definition dfcc_utils.cpp:72

dfcc_utilst::create_new_parameter_symbol
static const symbolt & create_new_parameter_symbol(symbol_table_baset &, const irep_idt &function_id, const std::string &base_name, const typet &type)
Creates a new parameter symbol for the given function_id.
Definition dfcc_utils.cpp:124

dfcc_utilst::wrap_function
static void wrap_function(goto_modelt &goto_model, const irep_idt &function_id, const irep_idt &wrapped_function_id)
Given a function to wrap foo and a new name wrapped_foo
Definition dfcc_utils.cpp:324

dfcc_utilst::create_static_symbol
static const symbolt & create_static_symbol(symbol_table_baset &, const typet &type, const std::string &prefix, const std::string &base_name, const source_locationt &source_location, const irep_idt &mode, const irep_idt &module, const exprt &initial_value, const bool no_nondet_initialization=true)
Adds a new static symbol named prefix::base_name of type type with value initial_value in the symbol ...
Definition dfcc_utils.cpp:103

dfcc_utilst::add_parameter
static void add_parameter(goto_modelt &, const symbolt &symbol, const irep_idt &function_id)
Adds the given symbol as parameter to the function symbol's code_type.
Definition dfcc_utils.cpp:156

loop_contract_configt
Loop contract configurations.
Definition loop_contract_config.h:19

loop_contract_configt::to_string
std::string to_string() const
Definition loop_contract_config.h:30

irep_idt
dstringt irep_idt
Definition verification_result.h:16