Code contracts: match up introducing/removing parameter map modifications

tautschnig · tautschnig · commit f2920da09011 · 2018-06-05T11:19:42.000Z
Code contracts that introduce local declarations result in nested
typecheck_declaration calls. The artificial __CPROVER_return_value symbol must
then be added/removed by a single call only.
diff --git a/regression/ansi-c/code_contracts1/main.c b/regression/ansi-c/code_contracts1/main.c
@@ -0,0 +1,17 @@
+int foo()
+__CPROVER_ensures(__CPROVER_forall {int i; 1 == 1})
+{
+  return 1;
+}
+
+int bar()
+__CPROVER_ensures(__CPROVER_forall {int i; 1 == 1} &&
+                  __CPROVER_return_value == 1)
+{
+  return 1;
+}
+
+int main() {
+  foo();
+  bar();
+}
diff --git a/regression/ansi-c/code_contracts1/test.desc b/regression/ansi-c/code_contracts1/test.desc
@@ -0,0 +1,8 @@
+CORE
+main.c
+
+^EXIT=0$
+^SIGNAL=0$
+--
+^warning: ignoring
+^CONVERSION ERROR$
diff --git a/src/ansi-c/c_typecheck_base.cpp b/src/ansi-c/c_typecheck_base.cpp
@@ -758,11 +758,15 @@ void c_typecheck_baset::typecheck_declaration(
       typet ret_type=empty_typet();
       if(new_symbol.type.id()==ID_code)
         ret_type=to_code_type(new_symbol.type).return_type();
-      assert(parameter_map.empty());
       if(ret_type.id()!=ID_empty)
+      {
+        DATA_INVARIANT(
+          parameter_map.empty(), "parameter map should be cleared");
         parameter_map["__CPROVER_return_value"]=ret_type;
+      }
       typecheck_spec_expr(contract, ID_C_spec_ensures);
-      parameter_map.clear();
+      if(ret_type.id()!=ID_empty)
+        parameter_map.clear();
 
       if(contract.find(ID_C_spec_requires).is_not_nil())
         new_symbol.type.add(ID_C_spec_requires)=
