cbmc/dfcc__swap__and__wrap_8cpp_source.html

/*******************************************************************\


Module: Dynamic frame condition checking


Author: Remi Delmas, delmarsd@amazon.com


\*******************************************************************/


#include "dfcc_swap_and_wrap.h"


#include <util/config.h>

#include <util/expr_util.h>

#include <util/format_expr.h>

#include <util/format_type.h>

#include <util/fresh_symbol.h>

#include <util/mathematical_expr.h>

#include <util/mathematical_types.h>

#include <util/namespace.h>

#include <util/pointer_expr.h>

#include <util/pointer_offset_size.h>

#include <util/pointer_predicates.h>

#include <util/std_expr.h>


#include <goto-programs/goto_functions.h>

#include <goto-programs/goto_inline.h>

#include <goto-programs/goto_model.h>

#include <goto-programs/instrument_preconditions.h>

#include <goto-programs/remove_skip.h>


#include <ansi-c/c_expr.h>

#include <ansi-c/cprover_library.h>

#include <ansi-c/goto-conversion/link_to_library.h>

#include <goto-instrument/contracts/cfg_info.h>

#include <goto-instrument/contracts/utils.h>

#include <linking/static_lifetime_init.h>


dfcc_swap_and_wrapt::dfcc_swap_and_wrapt(

  goto_modelt &goto_model,

  message_handlert &message_handler,

  dfcc_libraryt &library,

  dfcc_instrumentt &instrument,

  dfcc_spec_functionst &spec_functions,

  dfcc_contract_handlert &contract_handler)

  : goto_model(goto_model),

    message_handler(message_handler),

    log(message_handler),

    library(library),

    instrument(instrument),

    spec_functions(spec_functions),

    contract_handler(contract_handler),

    ns(goto_model.symbol_table)

{

}


// static map

std::map<

  irep_idt,

  std::pair<irep_idt, std::pair<dfcc_contract_modet, loop_contract_configt>>>

  dfcc_swap_and_wrapt::cache;


void dfcc_swap_and_wrapt::swap_and_wrap(

  const dfcc_contract_modet contract_mode,

  const loop_contract_configt &loop_contract_config,

  const irep_idt &function_id,

  const irep_idt &contract_id,

  std::set<irep_idt> &function_pointer_contracts,

  bool allow_recursive_calls)

{

  auto pair = cache.insert(

    {function_id, {contract_id, {contract_mode, loop_contract_config}}});

  auto inserted = pair.second;


  if(!inserted)

  {

    irep_idt old_contract_id = pair.first->second.first;

    dfcc_contract_modet old_contract_mode = pair.first->second.second.first;

    loop_contract_configt old_loop_contract_config =

      pair.first->second.second.second;


    // different swap already performed, abort (should be unreachable)

    if(

      old_contract_id != contract_id || old_contract_mode != contract_mode ||

      old_loop_contract_config != loop_contract_config)

    {

      std::ostringstream err_msg;

      err_msg << "DFCC: multiple attempts to swap and wrap function '"

              << function_id << "':\n";

      err_msg << "- with '" << old_contract_id << "' in "

              << dfcc_contract_mode_to_string(old_contract_mode) << " "

              << old_loop_contract_config.to_string() << "\n";

      err_msg << "- with '" << contract_id << "' in "

              << dfcc_contract_mode_to_string(contract_mode) << " "

              << loop_contract_config.to_string() << "\n";

      throw invalid_input_exceptiont(err_msg.str());

    }

    // same swap already performed

    return;

  }


  // actually perform the translation

  switch(contract_mode)

  {

  case dfcc_contract_modet::CHECK:

  {

    check_contract(

      loop_contract_config,

      function_id,

      contract_id,

      function_pointer_contracts,

      allow_recursive_calls);

    break;

  }

  case dfcc_contract_modet::REPLACE:

  {

    replace_with_contract(function_id, contract_id, function_pointer_contracts);

    break;

  }

  }

}


void dfcc_swap_and_wrapt::get_swapped_functions(std::set<irep_idt> &dest) const

{

  for(const auto &it : dfcc_swap_and_wrapt::cache)

  {

    dest.insert(it.first);

  }

}


void dfcc_swap_and_wrapt::check_contract(

  const loop_contract_configt &loop_contract_config,

  const irep_idt &function_id,

  const irep_idt &contract_id,

  std::set<irep_idt> &function_pointer_contracts,

  bool allow_recursive_calls)

{

  // all code generation needs to run on functions with unmodified signatures

  const irep_idt &wrapper_id = function_id;

  const irep_idt wrapped_id =

    id2string(wrapper_id) + "_wrapped_for_contract_checking";

  dfcc_utilst::wrap_function(goto_model, wrapper_id, wrapped_id);


  // wrapper body

  goto_programt body;


  const auto &wrapper_symbol =

    dfcc_utilst::get_function_symbol(goto_model.symbol_table, wrapper_id);


  auto check_started = dfcc_utilst::create_static_symbol(

                         goto_model.symbol_table,

                         bool_typet(),

                         id2string(function_id),

                         "__contract_check_in_progress",

                         wrapper_symbol.location,

                         wrapper_symbol.mode,

                         wrapper_symbol.module,

                         false_exprt())

                         .symbol_expr();


  auto check_completed = dfcc_utilst::create_static_symbol(

                           goto_model.symbol_table,

                           bool_typet(),

                           id2string(function_id),

                           "__contract_checked_once",

                           wrapper_symbol.location,

                           wrapper_symbol.mode,

                           wrapper_symbol.module,

                           false_exprt())

                           .symbol_expr();


  auto check_started_goto = body.add(goto_programt::make_incomplete_goto(

    check_started, wrapper_symbol.location));


  // At most a single top level call to the checked function in any execution


  // Recursive calls within a contract check correspond to

  // `check_started && !check_completed` and are allowed.


  // Any other call occuring with `check_completed` true is forbidden.

  source_locationt sl(wrapper_symbol.location);

  sl.set_function(wrapper_symbol.name);

  sl.set_property_class("single_top_level_call");

  sl.set_comment(

    "Only a single top-level call to function " + id2string(function_id) +

    " when checking contract " + id2string(contract_id));

  body.add(goto_programt::make_assertion(not_exprt(check_completed), sl));

  body.add(goto_programt::make_assignment(

    check_started, true_exprt(), wrapper_symbol.location));


  const auto write_set_symbol = dfcc_utilst::create_new_parameter_symbol(

    goto_model.symbol_table,

    function_id,

    "__write_set_to_check",

    library.dfcc_type[dfcc_typet::CAR_SET_PTR]);


  contract_handler.add_contract_instructions(

    dfcc_contract_modet::CHECK,

    wrapper_id,

    wrapped_id,

    contract_id,

    write_set_symbol,

    body,

    function_pointer_contracts);


  body.add(goto_programt::make_assignment(

    check_completed, true_exprt(), wrapper_symbol.location));

  body.add(goto_programt::make_assignment(

    check_started, false_exprt(), wrapper_symbol.location));


  // unconditionally Jump to the end after the check

  auto goto_end_function =

    body.add(goto_programt::make_incomplete_goto(wrapper_symbol.location));


  // Jump to the replacement section if check already in progress

  auto contract_replacement_label =

    body.add(goto_programt::make_skip(wrapper_symbol.location));

  check_started_goto->complete_goto(contract_replacement_label);


  if(allow_recursive_calls)

  {

    contract_handler.add_contract_instructions(

      dfcc_contract_modet::REPLACE,

      wrapper_id,

      wrapped_id,

      contract_id,

      write_set_symbol,

      body,

      function_pointer_contracts);

  }

  else

  {

    source_locationt sl(wrapper_symbol.location);

    sl.set_function(wrapper_symbol.name);

    sl.set_property_class("no_recursive_call");

    sl.set_comment(

      "No recursive call to function " + id2string(function_id) +

      " when checking contract " + id2string(contract_id));

    body.add(goto_programt::make_assertion(false_exprt(), sl));

    body.add(

      goto_programt::make_assumption(false_exprt(), wrapper_symbol.location));

  }


  auto end_function_label =

    body.add(goto_programt::make_end_function(wrapper_symbol.location));

  goto_end_function->complete_goto(end_function_label);


  // write the body to the GOTO function

  goto_model.goto_functions.function_map.at(function_id).body.swap(body);


  // extend the signature of the wrapper function with the write set parameter

  dfcc_utilst::add_parameter(goto_model, write_set_symbol, function_id);


  goto_model.goto_functions.function_map.at(wrapper_id).make_hidden();


  // instrument the wrapped function

  instrument.instrument_wrapped_function(

    wrapped_id, wrapper_id, loop_contract_config, function_pointer_contracts);


  goto_model.goto_functions.update();

}


void dfcc_swap_and_wrapt::replace_with_contract(

  const irep_idt &function_id,

  const irep_idt &contract_id,

  std::set<irep_idt> &function_pointer_contracts)

{

  const irep_idt &wrapper_id = function_id;

  const irep_idt wrapped_id =

    id2string(function_id) + "_wrapped_for_replacement_with_contract";

  dfcc_utilst::wrap_function(goto_model, function_id, wrapped_id);


  const auto write_set_symbol = dfcc_utilst::create_new_parameter_symbol(

    goto_model.symbol_table,

    function_id,

    "__write_set_to_check",

    library.dfcc_type[dfcc_typet::CAR_SET_PTR]);


  goto_programt body;


  contract_handler.add_contract_instructions(

    dfcc_contract_modet::REPLACE,

    wrapper_id,

    wrapped_id,

    contract_id,

    write_set_symbol,

    body,

    function_pointer_contracts);


  body.add(goto_programt::make_end_function(

    dfcc_utilst::get_function_symbol(goto_model.symbol_table, wrapper_id)

      .location));


  goto_model.goto_functions.function_map.at(wrapper_id).make_hidden();


  // write the body to the GOTO function

  goto_model.goto_functions.function_map.at(function_id).body.swap(body);


  // extend the signature with the new write set parameter

  dfcc_utilst::add_parameter(goto_model, write_set_symbol, function_id);

}


cprover_library.h

c_expr.h
API to expression classes that are internal to the C frontend.

cfg_info.h
Classes providing CFG-based information about symbols to guide simplifications in function and loop a...

ait
ait supplies three of the four components needed: an abstract interpreter (in this case handling func...
Definition ai.h:562

bool_typet
The Boolean type.
Definition std_types.h:36

dfcc_contract_handlert
A contract is represented by a function declaration or definition with contract clauses attached to i...
Definition dfcc_contract_handler.h:65

dfcc_contract_handlert::add_contract_instructions
void add_contract_instructions(const dfcc_contract_modet contract_mode, const irep_idt &wrapper_id, const irep_idt &wrapped_id, const irep_idt &contract_id, const symbolt &wrapper_write_set_symbol, goto_programt &dest, std::set< irep_idt > &function_pointer_contracts)
Adds instructions in dest modeling contract checking, assuming that ret_t wrapper_id(params) is the f...
Definition dfcc_contract_handler.cpp:88

dfcc_instrumentt
This class instruments GOTO functions or instruction sequences for frame condition checking and loop ...
Definition dfcc_instrument.h:44

dfcc_instrumentt::instrument_wrapped_function
void instrument_wrapped_function(const irep_idt &wrapped_function_id, const irep_idt &initial_function_id, const loop_contract_configt &loop_contract_config, std::set< irep_idt > &function_pointer_contracts)
Instruments a GOTO function by adding an extra write set parameter and inserting frame condition chec...
Definition dfcc_instrument.cpp:353

dfcc_libraryt
Class interface to library types and functions defined in cprover_contracts.c.
Definition dfcc_library.h:164

dfcc_libraryt::dfcc_type
std::map< dfcc_typet, typet > dfcc_type
Maps enum values to the actual types (dynamically loaded)
Definition dfcc_library.h:222

dfcc_spec_functionst
This class rewrites GOTO functions that use the built-ins:
Definition dfcc_spec_functions.h:57

dfcc_swap_and_wrapt::goto_model
goto_modelt & goto_model
Definition dfcc_swap_and_wrap.h:86

dfcc_swap_and_wrapt::check_contract
void check_contract(const loop_contract_configt &loop_contract_config, const irep_idt &function_id, const irep_idt &contract_id, std::set< irep_idt > &function_pointer_contracts, bool allow_recursive_calls)
Swaps-and-wraps the given function_id in a wrapper function that checks the given contract_id.
Definition dfcc_swap_and_wrap.cpp:153

dfcc_swap_and_wrapt::library
dfcc_libraryt & library
Definition dfcc_swap_and_wrap.h:89

dfcc_swap_and_wrapt::dfcc_swap_and_wrapt
dfcc_swap_and_wrapt(goto_modelt &goto_model, message_handlert &message_handler, dfcc_libraryt &library, dfcc_instrumentt &instrument, dfcc_spec_functionst &spec_functions, dfcc_contract_handlert &contract_handler)
Definition dfcc_swap_and_wrap.cpp:37

dfcc_swap_and_wrapt::get_swapped_functions
void get_swapped_functions(std::set< irep_idt > &dest) const
Adds the set of swapped functions to dest.
Definition dfcc_swap_and_wrap.cpp:121

dfcc_swap_and_wrapt::cache
static std::map< irep_idt, std::pair< irep_idt, std::pair< dfcc_contract_modet, loop_contract_configt > > > cache
remember all functions that were swapped/wrapped and in which mode
Definition dfcc_swap_and_wrap.h:99

dfcc_swap_and_wrapt::instrument
dfcc_instrumentt & instrument
Definition dfcc_swap_and_wrap.h:90

dfcc_swap_and_wrapt::contract_handler
dfcc_contract_handlert & contract_handler
Definition dfcc_swap_and_wrap.h:92

dfcc_swap_and_wrapt::replace_with_contract
void replace_with_contract(const irep_idt &function_id, const irep_idt &contract_id, std::set< irep_idt > &function_pointer_contracts)
Swaps-and-wraps the given function_id in a wrapper function that models the abstract behaviour of con...
Definition dfcc_swap_and_wrap.cpp:285

dfcc_swap_and_wrapt::swap_and_wrap
void swap_and_wrap(const dfcc_contract_modet contract_mode, const loop_contract_configt &loop_contract_config, const irep_idt &function_id, const irep_idt &contract_id, std::set< irep_idt > &function_pointer_contracts, bool allow_recursive_calls)
Definition dfcc_swap_and_wrap.cpp:61

dstringt
dstringt has one field, an unsigned integer no which is an index into a static table of strings.
Definition dstring.h:38

false_exprt
The Boolean constant false.
Definition std_expr.h:3199

goto_functionst::function_map
function_mapt function_map
Definition goto_functions.h:29

goto_functionst::update
void update()
Definition goto_functions.h:88

goto_modelt
Definition goto_model.h:27

goto_modelt::symbol_table
symbol_tablet symbol_table
Symbol table.
Definition goto_model.h:31

goto_modelt::goto_functions
goto_functionst goto_functions
GOTO functions.
Definition goto_model.h:34

goto_programt
A generic container class for the GOTO intermediate representation of one function.
Definition goto_program.h:72

goto_programt::make_assumption
static instructiont make_assumption(const exprt &g, const source_locationt &l=source_locationt::nil())
Definition goto_program.h:944

goto_programt::make_end_function
static instructiont make_end_function(const source_locationt &l=source_locationt::nil())
Definition goto_program.h:1000

goto_programt::make_assignment
static instructiont make_assignment(const code_assignt &_code, const source_locationt &l=source_locationt::nil())
Create an assignment instruction.
Definition goto_program.h:1064

goto_programt::make_skip
static instructiont make_skip(const source_locationt &l=source_locationt::nil())
Definition goto_program.h:890

goto_programt::add
targett add(instructiont &&instruction)
Adds a given instruction at the end.
Definition goto_program.h:738

goto_programt::make_assertion
static instructiont make_assertion(const exprt &g, const source_locationt &l=source_locationt::nil())
Definition goto_program.h:932

goto_programt::make_incomplete_goto
static instructiont make_incomplete_goto(const exprt &_cond, const source_locationt &l=source_locationt::nil())
Definition goto_program.h:1010

invalid_input_exceptiont
Thrown when user-provided input cannot be processed.
Definition exception_utils.h:163

message_handlert
Definition message.h:27

not_exprt
Boolean negation.
Definition std_expr.h:2454

source_locationt
Definition source_location.h:20

true_exprt
The Boolean constant true.
Definition std_expr.h:3190

config.h

dfcc_contract_mode_to_string
std::string dfcc_contract_mode_to_string(const dfcc_contract_modet mode)
Definition dfcc_contract_mode.cpp:15

dfcc_contract_modet
dfcc_contract_modet
Enum type representing the contract checking and replacement modes.
Definition dfcc_contract_mode.h:20

dfcc_contract_modet::REPLACE
@ REPLACE

dfcc_contract_modet::CHECK
@ CHECK

dfcc_typet::CAR_SET_PTR
@ CAR_SET_PTR
type of pointers to sets of CAR

dfcc_swap_and_wrap.h
Given a function_id and contract_id, swaps its body to a function with a fresh mangled name,...

expr_util.h
Deprecated expression utility functions.

format_expr.h

format_type.h

fresh_symbol.h
Fresh auxiliary symbol creation.

goto_functions.h
Goto Programs with Functions.

goto_inline.h
Function Inlining This gives a number of different interfaces to the function inlining functionality ...

goto_model.h
Symbol Table + CFG.

instrument_preconditions.h

id2string
const std::string & id2string(const irep_idt &d)
Definition irep.h:44

link_to_library.h
Library Linking.

log
double log(double x)
Definition math.c:2449

mathematical_expr.h
API to expression classes for 'mathematical' expressions.

mathematical_types.h
Mathematical types.

namespace.h

pointer_expr.h
API to expression classes for Pointers.

pointer_offset_size.h
Pointer Logic.

pointer_predicates.h
Various predicates over pointers in programs.

remove_skip.h
Program Transformation.

static_lifetime_init.h

std_expr.h
API to expression classes.

dfcc_utilst::get_function_symbol
static symbolt & get_function_symbol(symbol_table_baset &, const irep_idt &function_id)
Returns the symbolt for function_id.
Definition dfcc_utils.cpp:72

dfcc_utilst::create_new_parameter_symbol
static const symbolt & create_new_parameter_symbol(symbol_table_baset &, const irep_idt &function_id, const std::string &base_name, const typet &type)
Creates a new parameter symbol for the given function_id.
Definition dfcc_utils.cpp:124

dfcc_utilst::wrap_function
static void wrap_function(goto_modelt &goto_model, const irep_idt &function_id, const irep_idt &wrapped_function_id)
Given a function to wrap foo and a new name wrapped_foo
Definition dfcc_utils.cpp:324

dfcc_utilst::create_static_symbol
static const symbolt & create_static_symbol(symbol_table_baset &, const typet &type, const std::string &prefix, const std::string &base_name, const source_locationt &source_location, const irep_idt &mode, const irep_idt &module, const exprt &initial_value, const bool no_nondet_initialization=true)
Adds a new static symbol named prefix::base_name of type type with value initial_value in the symbol ...
Definition dfcc_utils.cpp:103

dfcc_utilst::add_parameter
static void add_parameter(goto_modelt &, const symbolt &symbol, const irep_idt &function_id)
Adds the given symbol as parameter to the function symbol's code_type.
Definition dfcc_utils.cpp:156

loop_contract_configt
Loop contract configurations.
Definition loop_contract_config.h:19

loop_contract_configt::to_string
std::string to_string() const
Definition loop_contract_config.h:30

utils.h

irep_idt
dstringt irep_idt
Definition verification_result.h:16