Update CLI for applyin loop contracts with dfcc

Author: qinheping

regression/contracts-dfcc/detect_loop_locals/main.c

@@ -0,0 +1,12 @@
+#include <stdlib.h>
+
+int main()
+{
+  unsigned char *i = malloc(5);
+
+  while(i != i + 5)
+    __CPROVER_loop_invariant(1 == 1)
+    {
+      const char lower = *i++;
+    }
+}

regression/contracts-dfcc/detect_loop_locals/test.desc

@@ -0,0 +1,10 @@
+CORE
+main.c
+--dfcc main --apply-loop-contracts
+^\[main.assigns.\d+\].*line 10 Check that i is assignable: SUCCESS$
+^EXIT=0$
+^SIGNAL=0$
+^VERIFICATION SUCCESSFUL$
+--
+--
+Checks that loop local variables do not cause explicit checks.

regression/contracts-dfcc/detect_loop_locals2/main.c

@@ -0,0 +1,28 @@
+static void foo()
+{
+  unsigned i;
+
+  for(i = 0; i < 16; i++)
+    __CPROVER_loop_invariant(1 == 1)
+    {
+      int v = 1;
+    }
+}
+
+static void bar()
+{
+  unsigned i;
+
+  for(i = 0; i < 16; i++)
+    __CPROVER_loop_invariant(1 == 1)
+    {
+      int v = 1;
+    }
+}
+
+int main()
+{
+  bar();
+  foo();
+  foo();
+}

regression/contracts-dfcc/detect_loop_locals2/test.desc

@@ -0,0 +1,11 @@
+CORE
+main.c
+--dfcc main --apply-loop-contracts
+^\[bar.assigns.\d+\].*Check that i is assignable: SUCCESS$
+^\[foo.assigns.\d+\].*Check that i is assignable: SUCCESS$
+^EXIT=0$
+^SIGNAL=0$
+^VERIFICATION SUCCESSFUL$
+--
+--
+Checks that loop local variables do not cause explicit checks 

regression/contracts-dfcc/invar_assigns_opt/test.desc

@@ -1,18 +1,18 @@
 CORE
 main.c
---dfcc main
+--dfcc main --apply-loop-contracts
 ^EXIT=0$
 ^SIGNAL=0$
-^\[main.\d+\] .* Check loop invariant before entry: SUCCESS$
-^\[main.\d+\] .* Check that loop invariant is preserved: SUCCESS$
-^\[main.\d+\] .* Check decreases clause on loop iteration: SUCCESS$
-^\[main.assertion.\d+\] .* assertion r1 == 0: SUCCESS$
-^\[main.\d+\] .* Check loop invariant before entry: SUCCESS$
-^\[main.assigns.\d+\] .* Check that s2 is assignable: SUCCESS$
-^\[main.assigns.\d+\] .* Check that r2 is assignable: SUCCESS$
-^\[main.\d+\] .* Check that loop invariant is preserved: SUCCESS$
-^\[main.\d+\] .* Check decreases clause on loop iteration: SUCCESS$
-^\[main.assertion.\d+\] .* assertion r2 == 0: SUCCESS$
+^\[foo.\d+\] .* Check loop invariant before entry: SUCCESS$
+^\[foo.\d+\] .* Check that loop invariant is preserved: SUCCESS$
+^\[foo.\d+\] .* Check decreases clause on loop iteration: SUCCESS$
+^\[foo.assertion.\d+\] .* assertion r1 == 0: SUCCESS$
+^\[foo.\d+\] .* Check loop invariant before entry: SUCCESS$
+^\[foo.assigns.\d+\] .* Check that s2 is assignable: SUCCESS$
+^\[foo.assigns.\d+\] .* Check that r2 is assignable: SUCCESS$
+^\[foo.\d+\] .* Check that loop invariant is preserved: SUCCESS$
+^\[foo.\d+\] .* Check decreases clause on loop iteration: SUCCESS$
+^\[foo.assertion.\d+\] .* assertion r2 == 0: SUCCESS$
 ^VERIFICATION SUCCESSFUL$
 --
 --

regression/contracts-dfcc/loop_assigns-01/test.desc

@@ -1,13 +1,13 @@
 CORE
 main.c
---dfcc main
+--dfcc main --apply-loop-contracts
 ^EXIT=10$
 ^SIGNAL=0$
-^\[main.\d+\] .* Check loop invariant before entry: SUCCESS$
-^\[main.assigns.\d+\] .* Check that i is assignable: SUCCESS$
-^\[main.assigns.\d+\] .* Check that b->data\[(.*)i\] is assignable: SUCCESS$
-^\[main.\d+\] .* Check that loop invariant is preserved: SUCCESS$
-^\[main.assertion.\d+\] .* assertion b->data\[5\] == 0: FAILURE$
+^\[foo.\d+\] .* Check loop invariant before entry: SUCCESS$
+^\[foo.assigns.\d+\] .* Check that i is assignable: SUCCESS$
+^\[foo.assigns.\d+\] .* Check that b->data\[(.*)i\] is assignable: SUCCESS$
+^\[foo.\d+\] .* Check that loop invariant is preserved: SUCCESS$
+^\[foo.assertion.\d+\] .* assertion b->data\[5\] == 0: FAILURE$
 ^VERIFICATION FAILED$
 --
 --

regression/contracts-dfcc/loop_assigns_inference-02/test.desc

@@ -1,14 +1,14 @@
 CORE
 main.c
---dfcc main
+--dfcc main --apply-loop-contracts
 ^EXIT=0$
 ^SIGNAL=0$
-^\[main.\d+\] .* Check loop invariant before entry: SUCCESS$
-^\[main.\d+\] .* Check that loop invariant is preserved: SUCCESS$
-^\[main.assigns.\d+\] .* Check that i is assignable: SUCCESS$
-^\[main.assigns.\d+\] .* Check that b\[(.*)i\] is assignable: SUCCESS$
+^\[foo.\d+\] .* Check loop invariant before entry: SUCCESS$
+^\[foo.\d+\] .* Check that loop invariant is preserved: SUCCESS$
+^\[foo.assigns.\d+\] .* Check that i is assignable: SUCCESS$
+^\[foo.assigns.\d+\] .* Check that b\[(.*)i\] is assignable: SUCCESS$
 ^VERIFICATION SUCCESSFUL$
 --
 --
-This test checks assigns clauses (i, __CPROVER_POINTER_OBJECT(b)) is inferred,
+This test checks assigns clauses (i, __CPROVER_object_whole(b)) is inferred,
 and widened correctly.

src/goto-instrument/contracts/dynamic-frames/dfcc.cpp

@@ -121,6 +121,7 @@ void dfcc(
   const bool allow_recursive_calls,
   const std::set<irep_idt> &to_replace,
   const bool apply_loop_contracts,
+  const bool unwind_transformed_loops,
   const std::set<std::string> &to_exclude_from_nondet_static,
   message_handlert &message_handler)
 {
@@ -137,6 +138,7 @@ void dfcc(
     allow_recursive_calls,
     to_replace_map,
     apply_loop_contracts,
+    unwind_transformed_loops,
     to_exclude_from_nondet_static,
     message_handler);
 }
@@ -149,6 +151,7 @@ void dfcc(
   const bool allow_recursive_calls,
   const std::map<irep_idt, irep_idt> &to_replace,
   const bool apply_loop_contracts,
+  const bool unwind_transformed_loops,
   const std::set<std::string> &to_exclude_from_nondet_static,
   message_handlert &message_handler)
 {
@@ -160,6 +163,7 @@ void dfcc(
     allow_recursive_calls,
     to_replace,
     apply_loop_contracts,
+    unwind_transformed_loops,
     message_handler,
     to_exclude_from_nondet_static};
 }
@@ -172,6 +176,7 @@ dfcct::dfcct(
   const bool allow_recursive_calls,
   const std::map<irep_idt, irep_idt> &to_replace,
   const bool apply_loop_contracts,
+  const bool unwind_transformed_loops,
   message_handlert &message_handler,
   const std::set<std::string> &to_exclude_from_nondet_static)
   : options(options),
@@ -213,9 +218,16 @@ dfcct::dfcct(
       library,
       spec_functions,
       contract_clauses_codegen),
-    instrument(goto_model, message_handler, utils, loop_instrument, library),
+    instrument(
+      goto_model,
+      message_handler,
+      utils,
+      loop_instrument,
+      apply_loop_contracts,
+      library),
     max_assigns_clause_size(0)
 {
+  instrument.unwind_transformed_loops = unwind_transformed_loops;
   transform_goto_model();
 }
 

src/goto-instrument/contracts/dynamic-frames/dfcc.h

@@ -100,6 +100,8 @@ class invalid_function_contract_pair_exceptiont : public cprover_exception_baset
 /// \param allow_recursive_calls Allow the checked function to be recursive
 /// \param to_replace set of functions to replace with their contract
 /// \param apply_loop_contracts apply loop contract transformations iff true
+/// \param unwind_transformed_loops unwind transformed loops after applying loop
+///                                 contracts.
 /// \param to_exclude_from_nondet_static set of symbols to exclude when havocing
 /// static program symbols.
 /// \param message_handler used for debug/warning/error messages
@@ -111,6 +113,7 @@ void dfcc(
   const bool allow_recursive_calls,
   const std::set<irep_idt> &to_replace,
   const bool apply_loop_contracts,
+  const bool unwind_transformed_loops,
   const std::set<std::string> &to_exclude_from_nondet_static,
   message_handlert &message_handler);
 
@@ -129,7 +132,9 @@ void dfcc(
 /// \param to_check (function,contract) pair for contract checking
 /// \param allow_recursive_calls Allow the checked function to be recursive
 /// \param to_replace Functions-to-contract mapping for replacement
-/// \param apply_loop_contracts Spply loop contract transformations iff true
+/// \param apply_loop_contracts Apply loop contract transformations iff true
+/// \param unwind_transformed_loops unwind transformed loops after applying loop
+///                                 contracts.
 /// \param to_exclude_from_nondet_static Set of symbols to exclude when havocing
 /// static program symbols.
 /// \param message_handler used for debug/warning/error messages
@@ -141,6 +146,7 @@ void dfcc(
   const bool allow_recursive_calls,
   const std::map<irep_idt, irep_idt> &to_replace,
   const bool apply_loop_contracts,
+  const bool unwind_transformed_loops,
   const std::set<std::string> &to_exclude_from_nondet_static,
   message_handlert &message_handler);
 
@@ -159,6 +165,8 @@ class dfcct
   /// \param to_replace functions-to-contract mapping for replacement
   /// \param apply_loop_contracts apply loop contract transformations iff true
   /// havocing static program symbols.
+  /// \param unwind_transformed_loops unwind transformed loops after applying loop
+  ///                                 contracts.
   /// \param message_handler used for debug/warning/error messages
   /// \param to_exclude_from_nondet_static set of symbols to exclude when
   dfcct(
@@ -169,6 +177,7 @@ class dfcct
     const bool allow_recursive_calls,
     const std::map<irep_idt, irep_idt> &to_replace,
     const bool apply_loop_contracts,
+    const bool unwind_transformed_loops,
     message_handlert &message_handler,
     const std::set<std::string> &to_exclude_from_nondet_static);
 
@@ -194,7 +203,7 @@ class dfcct
   ///   (replacement mode)
   /// - instrument all remaining functions GOTO model
   /// - (this includes standard library functions).
-  /// - specialise the instrumentation functions by unwiding loops they contain
+  /// - specialise the instrumentation functions by unwinding loops they contain
   /// to the maximum size of any assigns clause involved in the model.
   void transform_goto_model();
 
@@ -278,7 +287,7 @@ class dfcct
   /// for each instrumented function
   ///
   /// A call to `nondet_static` will re-generate the initialize function with
-  /// nondet values. The intrumentation statics will not get nondet initialised
+  /// nondet values. The instrumentation statics will not get nondet initialised
   /// by virtue of being tagged with ID_C_no_nondet_initialization.
   ///
   /// However, nondet_static expects instructions to be either function calls