introduce cstrlen_exprt

kroening · kroening · commit 8c0e26346128 · 2022-07-01T07:59:35.000+01:00
diff --git a/regression/cprover/basic/assume1.desc b/regression/cprover/basic/assume1.desc
@@ -3,7 +3,7 @@ assume1.c
 --text --solve --inline
 ^EXIT=10$
 ^SIGNAL=0$
-^ \(\d+\) ∀ ς : state \. true ⇒ SInitial\(ς\)$
+^ \(\d+\) ∀ ς : state \. initial_state\(ς\) ⇒ SInitial\(ς\)$
 ^ \(\d+\) S0 = SInitial$
 ^ \(\d+\) S1 = S0$
 ^\(\d+\) ∀ ς : state \. \(S20\(ς\) ∧ ς\(❝main::1::x❞\) ≥ 10\) ⇒ S21\(ς\)$
diff --git a/regression/cprover/basic/basic1.desc b/regression/cprover/basic/basic1.desc
@@ -3,7 +3,7 @@ basic1.c
 --text --solve --inline
 ^EXIT=0$
 ^SIGNAL=0$
-^ \(\d+\) ∀ ς : state \. true ⇒ SInitial\(ς\)$
+^ \(\d+\) ∀ ς : state \. initial_state\(ς\) ⇒ SInitial\(ς\)$
 ^ \(\d+\) S0 = SInitial$
 ^\(\d+\) ∀ ς : state \. S17\(ς\) ⇒ S18\(ς\[❝x❞:=0\]\)$
 ^\(\d+\) ∀ ς : state \. S20\(ς\) ⇒ S21\(ς\[❝x❞:=1\]\)$
diff --git a/regression/cprover/contracts/check_assigns3.c b/regression/cprover/contracts/check_assigns3.c
@@ -0,0 +1,20 @@
+void my_function1(int *parameter)
+  __CPROVER_requires(__CPROVER_w_ok(parameter))
+  __CPROVER_assigns(*parameter) // passes
+{
+  *parameter = 10;
+}
+
+void my_function2(int *parameter)
+  __CPROVER_requires(__CPROVER_w_ok(parameter))
+  __CPROVER_assigns() // fails
+{
+  *parameter = 10;
+}
+
+void my_function3(int *parameter)
+  __CPROVER_requires(__CPROVER_w_ok(parameter))
+  // implicit assigns clause fails
+{
+  *parameter = 10;
+}
diff --git a/regression/cprover/contracts/check_assigns3.desc b/regression/cprover/contracts/check_assigns3.desc
@@ -0,0 +1,9 @@
+CORE
+check_assigns3.c
+
+^EXIT=10$
+^SIGNAL=0$
+^\[my_function1\.assigns\.1\] line \d+ assigns clause: SUCCESS$
+^\[my_function2\.assigns\.1\] line \d+ assigns clause: REFUTED
+^\[my_function3\.assigns\.1\] line \d+ assigns clause: REFUTED
+--
diff --git a/regression/cprover/contracts/check_assigns4.c b/regression/cprover/contracts/check_assigns4.c
@@ -0,0 +1,29 @@
+struct S
+{
+  int x, y;
+} global;
+
+void my_function1(void)
+  __CPROVER_assigns(global) // passes
+{
+  global.x = 10;
+  global.y = 10;
+}
+
+void my_function2(void)
+  __CPROVER_assigns(global.x) // passes
+{
+  global.x = 10;
+}
+
+void my_function3(void)
+  __CPROVER_assigns(global.y) // passes
+{
+  global.y = 10;
+}
+
+void my_function4(void)
+  __CPROVER_assigns(global.y) // fails
+{
+  global.x = 10;
+}
diff --git a/regression/cprover/contracts/check_assigns4.desc b/regression/cprover/contracts/check_assigns4.desc
@@ -0,0 +1,11 @@
+KNOWNBUG
+check_assigns4.c
+
+^EXIT=10$
+^SIGNAL=0$
+^\[my_function1\.assigns\.1\] line \d+ assigns clause: SUCCESS$
+^\[my_function1\.assigns\.2\] line \d+ assigns clause: SUCCESS$
+^\[my_function2\.assigns\.1\] line \d+ assigns clause: SUCCESS$
+^\[my_function3\.assigns\.1\] line \d+ assigns clause: SUCCESS$
+^\[my_function4\.assigns\.1\] line \d+ assigns clause: REFUTED$
+--
diff --git a/regression/cprover/contracts/check_assigns5.c b/regression/cprover/contracts/check_assigns5.c
@@ -0,0 +1,29 @@
+struct S
+{
+  int x, y;
+};
+
+void my_function1(struct S *s)
+  __CPROVER_assigns(*s) // passes
+{
+  s->x = 10;
+  s->y = 10;
+}
+
+void my_function2(struct S *s)
+  __CPROVER_assigns(s->x) // passes
+{
+  s->x = 10;
+}
+
+void my_function3(struct S *s)
+  __CPROVER_assigns(s->y) // passes
+{
+  s->y = 10;
+}
+
+void my_function4(struct S *s)
+  __CPROVER_assigns(s->y) // fails
+{
+  s->x = 10;
+}
diff --git a/regression/cprover/contracts/check_assigns5.desc b/regression/cprover/contracts/check_assigns5.desc
@@ -0,0 +1,11 @@
+KNOWNBUG
+check_assigns5.c
+
+^EXIT=10$
+^SIGNAL=0$
+^\[my_function1\.assigns\.1\] line \d+ assigns clause: SUCCESS$
+^\[my_function1\.assigns\.2\] line \d+ assigns clause: SUCCESS$
+^\[my_function2\.assigns\.1\] line \d+ assigns clause: SUCCESS$
+^\[my_function3\.assigns\.1\] line \d+ assigns clause: SUCCESS$
+^\[my_function4\.assigns\.1\] line \d+ assigns clause: REFUTED$
+--
diff --git a/regression/cprover/contracts/check_assigns6.c b/regression/cprover/contracts/check_assigns6.c
@@ -0,0 +1,15 @@
+int global;
+_Bool flag;
+
+void my_function1()
+  __CPROVER_assigns(flag: global) // passes
+{
+  if(flag)
+    global = 10;
+}
+
+void my_function2()
+  __CPROVER_assigns(flag: global) // fails
+{
+  global = 10;
+}
diff --git a/regression/cprover/contracts/check_assigns6.desc b/regression/cprover/contracts/check_assigns6.desc
@@ -0,0 +1,8 @@
+CORE
+check_assigns6.c
+
+^EXIT=10$
+^SIGNAL=0$
+^\[my_function1\.assigns\.1\] line \d+ assigns clause: SUCCESS$
+^\[my_function2\.assigns\.1\] line \d+ assigns clause: REFUTED$
+--
diff --git a/regression/cprover/contracts/check_postcondition3.desc b/regression/cprover/contracts/check_postcondition3.desc
@@ -1,8 +1,10 @@
-KNOWNBUG
+CORE
 check_postcondition3.c
 
 ^EXIT=10$
 ^SIGNAL=0$
+^\[my_function1\.assigns\.1\] line \d+ assigns clause: SUCCESS$
 ^\[my_function1\.postcondition\.1\] line \d+ postcondition: SUCCESS$
+^\[my_function2\.assigns\.1\] line \d+ assigns clause: SUCCESS$
 ^\[my_function2\.postcondition\.1\] line \d+ postcondition: REFUTED$
 --
diff --git a/regression/cprover/contracts/check_postcondition4.c b/regression/cprover/contracts/check_postcondition4.c
@@ -0,0 +1,10 @@
+int x, y;
+
+void my_function()
+  __CPROVER_ensures(x == 10) // passes
+  __CPROVER_ensures(y == 20) // fails
+  __CPROVER_assigns(x, y)
+{
+  x = 10;
+  y = 10;
+}
diff --git a/regression/cprover/contracts/check_postcondition4.desc b/regression/cprover/contracts/check_postcondition4.desc
@@ -0,0 +1,8 @@
+CORE
+check_postcondition4.c
+
+^EXIT=10$
+^SIGNAL=0$
+^\[my_function\.postcondition\.2\] line \d+ postcondition x == 10: SUCCESS$
+^\[my_function\.postcondition\.1\] line \d+ postcondition y == 20: REFUTED$
+--
diff --git a/regression/cprover/contracts/check_precondition1.desc b/regression/cprover/contracts/check_precondition1.desc
@@ -3,6 +3,6 @@ check_precondition1.c
 
 ^EXIT=10$
 ^SIGNAL=0$
-^\[main\.precondition\.1\] line \d+ precondition my_function: REFUTED$
-^\[main\.precondition\.2\] line \d+ precondition my_function: SUCCESS$
+^\[main\.precondition\.1\] line \d+ my_function precondition .*: REFUTED$
+^\[main\.precondition\.2\] line \d+ my_function precondition .*: SUCCESS$
 --
diff --git a/regression/cprover/contracts/check_precondition2.desc b/regression/cprover/contracts/check_precondition2.desc
@@ -3,5 +3,5 @@ check_precondition2.c
 
 ^EXIT=0$
 ^SIGNAL=0$
-^\[caller\.precondition\.1\] line \d+ precondition callee: SUCCESS$
+^\[caller\.precondition\.1\] line \d+ callee precondition parameter >= 10: SUCCESS$
 --
diff --git a/regression/cprover/contracts/nested1.c b/regression/cprover/contracts/nested1.c
@@ -0,0 +1,12 @@
+void callee(int *p)
+  __CPROVER_requires(__CPROVER_rw_ok(p))
+{
+}
+
+void caller(int *p)
+  __CPROVER_requires(__CPROVER_rw_ok(p))
+{
+  int i;
+  __CPROVER_assert(__CPROVER_rw_ok(p), "property 1");
+  callee(&i);
+}
diff --git a/regression/cprover/contracts/nested1.desc b/regression/cprover/contracts/nested1.desc
@@ -0,0 +1,8 @@
+CORE
+nested1.c
+
+^EXIT=0$
+^SIGNAL=0$
+^\[caller\.assertion\.1\] line \d+ property 1: SUCCESS$
+^\[caller\.precondition\.1\] line \d+ callee precondition .*: SUCCESS$
+--
diff --git a/regression/cprover/contracts/one_function1.c b/regression/cprover/contracts/one_function1.c
@@ -0,0 +1,7 @@
+void my_function1() __CPROVER_ensures(0) // fails
+{
+}
+
+void my_function2() __CPROVER_ensures(1) // passes
+{
+}
diff --git a/regression/cprover/contracts/one_function1.desc b/regression/cprover/contracts/one_function1.desc
@@ -0,0 +1,8 @@
+CORE
+one_function1.c
+--contract my_function2
+^EXIT=0$
+^SIGNAL=0$
+^\[my_function2\.postcondition\.1\] line \d+ postcondition: SUCCESS$
+--
+^\[my_function1\.postcondition\.1\] line \d+ postcondition: REFUTED$
diff --git a/regression/cprover/contracts/recursive_function1.desc b/regression/cprover/contracts/recursive_function1.desc
@@ -3,5 +3,5 @@ recursive_function1.c
 
 ^EXIT=0$
 ^SIGNAL=0$
-^\[recursive_function\.precondition\.1] line \d+ precondition recursive_function: SUCCESS$
+^\[recursive_function\.precondition\.1] line \d+ recursive_function precondition.*: SUCCESS$
 --
diff --git a/regression/cprover/contracts/recursive_function2.c b/regression/cprover/contracts/recursive_function2.c
@@ -0,0 +1,5 @@
+int recursive_function()
+  __CPROVER_ensures(__CPROVER_return_value == 10) // passes
+{
+  return recursive_function();
+}
diff --git a/regression/cprover/contracts/recursive_function2.desc b/regression/cprover/contracts/recursive_function2.desc
@@ -0,0 +1,7 @@
+CORE
+recursive_function2.c
+
+^EXIT=0$
+^SIGNAL=0$
+^\[recursive_function\.postcondition\.1] line \d+ postcondition: SUCCESS$
+--
diff --git a/regression/cprover/contracts/use_precondition2.c b/regression/cprover/contracts/use_precondition2.c
@@ -0,0 +1,6 @@
+void my_function(const int *p)
+  __CPROVER_requires(__CPROVER_r_ok(p))
+  __CPROVER_requires(*p >= 20)
+{
+  __CPROVER_assert(*p != 0, "property 1"); // passes
+}
diff --git a/regression/cprover/contracts/use_precondition2.desc b/regression/cprover/contracts/use_precondition2.desc
@@ -0,0 +1,9 @@
+CORE
+use_precondition2.c
+--safety
+^EXIT=0$
+^SIGNAL=0$
+^\[my_function\.pointer\.1\] line \d+ pointer p safe: SUCCESS$
+^\[my_function\.pointer\.2\] line \d+ pointer p safe: SUCCESS$
+^\[my_function\.assertion\.1\] line \d+ property 1: SUCCESS$
+--
diff --git a/regression/cprover/cstrings/strlen2.c b/regression/cprover/cstrings/strlen2.c
@@ -0,0 +1,7 @@
+__CPROVER_size_t strlen(const char *);
+
+int main()
+{
+  strlen("foo"); // safe
+  strlen(0); // unsafe
+}
diff --git a/regression/cprover/cstrings/strlen2.desc b/regression/cprover/cstrings/strlen2.desc
@@ -0,0 +1,8 @@
+CORE
+strlen2.c
+--safety
+^EXIT=10$
+^SIGNAL=0$
+^\[main\.strlen\.1\] line \d+ strlen argument must be C string: SUCCESS$
+^\[main\.strlen\.2\] line \d+ strlen argument must be C string: REFUTED$
+--
diff --git a/regression/cprover/pointers/aliasing1.c b/regression/cprover/pointers/aliasing1.c
@@ -0,0 +1,12 @@
+int main(void)
+{
+  int *p;
+  __CPROVER_assume(__CPROVER_rw_ok(p));
+  
+  int i;
+  __CPROVER_assert(__CPROVER_rw_ok(p), "property 1"); // should pass
+
+  p = &i; // take address of i
+
+  return 0;
+}
diff --git a/regression/cprover/pointers/aliasing1.desc b/regression/cprover/pointers/aliasing1.desc
@@ -0,0 +1,7 @@
+CORE
+aliasing1.c
+
+^EXIT=0$
+^SIGNAL=0$
+^\[main\.assertion\.1\] line \d+ property 1: SUCCESS$
+--
diff --git a/regression/cprover/pointers/pointer_to_local1.c b/regression/cprover/pointers/pointer_to_local1.c
@@ -1,4 +1,4 @@
-void foo(int *p) __CPROVER_requires(__CPROVER_w_ok(p))
+void foo(int *p) __CPROVER_requires(__CPROVER_w_ok(p)) __CPROVER_assigns(*p)
 {
   int i;
 
diff --git a/regression/cprover/pointers/struct_pointer6.c b/regression/cprover/pointers/struct_pointer6.c
@@ -5,7 +5,7 @@ struct buf {
 int main()
 {
   struct buf *b;
-  __CPROVER_assume(__CPROVER_r_ok(b));
+  __CPROVER_assume(__CPROVER_r_ok(b)); // must not alias with x
   __CPROVER_assume(b->len == 456);
 
   __CPROVER_size_t x, *size_t_ptr = &x;
diff --git a/regression/cprover/pointers/struct_pointer6.desc b/regression/cprover/pointers/struct_pointer6.desc
@@ -1,4 +1,4 @@
-KNOWNBUG
+CORE
 struct_pointer6.c
 
 ^EXIT=0$
diff --git a/regression/cprover/safety/local_out_of_scope3.c b/regression/cprover/safety/local_out_of_scope3.c
@@ -4,6 +4,7 @@ int main()
   __CPROVER_assume(__CPROVER_r_ok(p));
   {
     int x;
+    __CPROVER_assert(p != &x, "property 1"); // passes
   }
-  __CPROVER_assert(__CPROVER_r_ok(p), "property 1");
+  __CPROVER_assert(__CPROVER_r_ok(p), "property 2"); // passes
 }
diff --git a/regression/cprover/safety/local_out_of_scope3.desc b/regression/cprover/safety/local_out_of_scope3.desc
@@ -1,7 +1,8 @@
-KNOWNBUG
+CORE
 local_out_of_scope3.c
 
-^EXIT=10$
+^EXIT=0$
 ^SIGNAL=0$
-^\[main\.pointer\.1\] line \d+ pointer p safe: SUCCESS$
+^\[main\.assertion\.1\] line \d+ property 1: SUCCESS$
+^\[main\.assertion\.2\] line \d+ property 2: SUCCESS$
 --
diff --git a/regression/cprover/unions/union1.c b/regression/cprover/unions/union1.c
@@ -0,0 +1,18 @@
+union U
+{
+  int i;
+  char ch;
+};
+
+int main()
+{
+  union U u;
+
+  u.i = 1;
+  __CPROVER_assert(u.i==1, "property 1"); // passes
+
+  u.ch = 2;
+  __CPROVER_assert(u.ch==2, "property 2"); // passes
+
+  return 0;
+}
diff --git a/regression/cprover/unions/union1.desc b/regression/cprover/unions/union1.desc
@@ -0,0 +1,8 @@
+CORE
+union1.c
+
+^EXIT=0$
+^SIGNAL=0$
+^\[main\.assertion\.1\] line \d+ property 1: SUCCESS$
+^\[main\.assertion\.2\] line \d+ property 2: SUCCESS$
+--
diff --git a/regression/cprover/unions/union2.c b/regression/cprover/unions/union2.c
diff --git a/regression/cprover/unions/union2.desc b/regression/cprover/unions/union2.desc
diff --git a/src/ansi-c/c_typecheck_expr.cpp b/src/ansi-c/c_typecheck_expr.cpp
diff --git a/src/cprover/axioms.cpp b/src/cprover/axioms.cpp
diff --git a/src/cprover/axioms.h b/src/cprover/axioms.h
diff --git a/src/cprover/c_safety_checks.cpp b/src/cprover/c_safety_checks.cpp
diff --git a/src/cprover/counterexample_found.cpp b/src/cprover/counterexample_found.cpp
diff --git a/src/cprover/cprover_parse_options.cpp b/src/cprover/cprover_parse_options.cpp
diff --git a/src/cprover/cprover_parse_options.h b/src/cprover/cprover_parse_options.h
diff --git a/src/cprover/instrument_contracts.cpp b/src/cprover/instrument_contracts.cpp
diff --git a/src/cprover/state.h b/src/cprover/state.h
diff --git a/src/cprover/state_encoding.cpp b/src/cprover/state_encoding.cpp
diff --git a/src/cprover/state_encoding.h b/src/cprover/state_encoding.h
diff --git a/src/cprover/state_encoding_targets.cpp b/src/cprover/state_encoding_targets.cpp
diff --git a/src/solvers/smt2/smt2_conv.cpp b/src/solvers/smt2/smt2_conv.cpp
diff --git a/src/util/irep_ids.def b/src/util/irep_ids.def
diff --git a/src/util/pointer_expr.h b/src/util/pointer_expr.h
