public TransferCmd CopyTransferCmd(TransferCmd cmd) { Contract.Requires(cmd != null); Contract.Ensures(Contract.Result<TransferCmd>() != null); TransferCmd transferCmd; GotoCmd gotocmd = cmd as GotoCmd; if (gotocmd != null) { Contract.Assert(gotocmd.labelNames != null); List<String> labels = new List<String>(); labels.AddRange(gotocmd.labelNames); transferCmd = new GotoCmd(cmd.tok, labels); } else { ReturnExprCmd returnExprCmd = cmd as ReturnExprCmd; if (returnExprCmd != null) { transferCmd = new ReturnExprCmd(cmd.tok, CopyExpr(returnExprCmd.Expr)); } else { transferCmd = new ReturnCmd(cmd.tok); } } return transferCmd; }
private Implementation WrapperNoninterferenceCheckerImpl() { var linearTypeChecker = civlTypeChecker.linearTypeChecker; List <Variable> inputs = new List <Variable>(); foreach (string domainName in linearTypeChecker.linearDomains.Keys) { inputs.Add(linearTypeChecker.LinearDomainInFormal(domainName)); } foreach (Variable g in civlTypeChecker.GlobalVariables) { inputs.Add(OldGlobalFormal(g)); } List <Block> blocks = new List <Block>(); TransferCmd transferCmd = new ReturnCmd(Token.NoToken); if (noninterferenceCheckerDecls.Count > 0) { List <Block> blockTargets = new List <Block>(); List <String> labelTargets = new List <String>(); int labelCount = 0; foreach (Procedure proc in noninterferenceCheckerDecls.OfType <Procedure>()) { List <Expr> exprSeq = new List <Expr>(); foreach (Variable v in inputs) { exprSeq.Add(Expr.Ident(v)); } CallCmd callCmd = new CallCmd(Token.NoToken, proc.Name, exprSeq, new List <IdentifierExpr>()); callCmd.Proc = proc; string label = $"L_{labelCount++}"; Block block = new Block(Token.NoToken, label, new List <Cmd> { callCmd }, new ReturnCmd(Token.NoToken)); labelTargets.Add(label); blockTargets.Add(block); blocks.Add(block); } transferCmd = new GotoCmd(Token.NoToken, labelTargets, blockTargets); } blocks.Insert(0, new Block(Token.NoToken, "enter", new List <Cmd>(), transferCmd)); var yieldImpl = new Implementation(Token.NoToken, wrapperNoninterferenceCheckerProc.Name, new List <TypeVariable>(), inputs, new List <Variable>(), new List <Variable>(), blocks); yieldImpl.Proc = wrapperNoninterferenceCheckerProc; CivlUtil.AddInlineAttribute(yieldImpl); return(yieldImpl); }
internal void Propagate(ReturnCmd node, Procedure caller) { if (procCallers.ContainsKey(caller)) { foreach (var cs in procCallers[caller]) { workList.Add(cs); } } }
///////////////////////////////////////////////////////////////////////////////////// private void setControlStatement(BasicBlock current, ReturnCmd returnCmd, BasicBlock next) { if (returnCmd is ReturnExprCmd) { //TODO: Do we support return expressions? // Microsoft.Boogie.Expr boogieReturnValue = ((Microsoft.Boogie.ReturnExprCmd)returnCmd).Expr; // Expression return } current.setControlStatement(new UnconditionalBranch(current, exit)); }
private List <Block> DeepCopyBlocks(List <Block> lb, List <Block> uncheckables) { List <Block> clones = new List <Block>(); List <Block> uncheck_ = new List <Block>(); Dictionary <Block, Block> clonemap = new Dictionary <Block, Block>(); foreach (Block b in lb) { Block clone = CloneBlock(b); clones.Add(clone); clonemap[b] = clone; if (uncheckables.Contains(b)) { uncheck_.Add(clone); } } uncheckables.Clear(); uncheckables.AddRange(uncheck_); // update the successors and predecessors foreach (Block b in lb) { List <Block> newpreds = new List <Block>(); foreach (Block b_ in b.Predecessors) { newpreds.Add(clonemap[b_]); } clonemap[b].Predecessors = newpreds; GotoCmd gc = b.TransferCmd as GotoCmd; ReturnCmd rc = b.TransferCmd as ReturnCmd; if (gc != null) { List <String> lseq = new List <String>(); List <Block> bseq = new List <Block>(); foreach (string s in gc.labelNames) { lseq.Add(s); } foreach (Block b_ in gc.labelTargets) { bseq.Add(clonemap[b_]); } GotoCmd tcmd = new GotoCmd(gc.tok, lseq, bseq); clonemap[b].TransferCmd = tcmd; } else if (rc != null) { clonemap[b].TransferCmd = new ReturnCmd(rc.tok); } } return(clones); }
public override ReturnCmd VisitReturnCmd(ReturnCmd node) { Block currBlock = worklist.cmdBlocks[node]; var taintSet = worklist.GatherPredecessorsState(node, currBlock); if (worklist.Assign(node, taintSet)) { worklist.Propagate(node, nodeToImpl[node].Proc); } // set the taint result for the procedure var proc = nodeToImpl[node].Proc; if (!ProcTaint.ContainsKey(proc)) { ProcTaint[proc] = new TaintSet(); } ProcTaint[proc].JoinWith(worklist.stateSpace[node]); Utils.VariableUtils.FixFormals(nodeToImpl[node], ProcTaint[proc]); return(node); }
private HashSet <int> GetStateOfTargetBlock(TransferCmd tc, Dictionary <Absy, int> bodyGraphForImplPhaseJ, int yTypeCheckCurrentPhaseNum, List <int> initialStates, List <int> finalStates) { HashSet <int> targetBlockEntryStates = new HashSet <int>(); if (tc is ReturnCmd) { ReturnCmd returnCmd = tc as ReturnCmd; int source = bodyGraphForImplPhaseJ[tc]; finalStates.Add(source); //Console.WriteLine(" There is a return baby ! " + source.ToString()); // Do Nothing } else if (tc is GotoCmd) { GotoCmd transferCmd = tc as GotoCmd; foreach (Block block in transferCmd.labelTargets) { if (block.Cmds.Count == 0) { targetBlockEntryStates.Add(bodyGraphForImplPhaseJ[block.TransferCmd]); //Target block is empty. Add state of target block's transfer command (Goto or Return) } else if (block.Cmds.Count >= 1) { if (IsCallCmdExitPoint(block.Cmds[0], yTypeCheckCurrentPhaseNum)) { // Create artificial final state and put this into final states int targetState = Math.Abs(Guid.NewGuid().GetHashCode()); finalStates.Add(targetState); targetBlockEntryStates.Add(targetState); } else { targetBlockEntryStates.Add(bodyGraphForImplPhaseJ[block.Cmds[0]]); } } } } return(targetBlockEntryStates); }
public override ReturnCmd VisitReturnCmd(ReturnCmd node) { Block currBlock = worklist.cmdBlocks[node]; Dependencies dependencies = worklist.GatherPredecessorsState(node, currBlock); if (worklist.Assign(node, dependencies)) { worklist.Propagate(node, nodeToImpl[node].Proc); } var proc = nodeToImpl[node].Proc; // set the dependencies result for the procedure if (!ProcDependencies.ContainsKey(proc)) { ProcDependencies[proc] = new Dependencies(); } ProcDependencies[proc].JoinWith(worklist.stateSpace[node]); //ProcDependencies[proc].FixFormals(nodeToImpl[node]); // top down taint can't flow up if (!procExitTDTaint.ContainsKey(proc)) { procExitTDTaint[proc] = new Dependencies(); } ProcDependencies[proc].Where(d => d.Value.Contains(Utils.VariableUtils.TopDownTaintVar)).Iter(dep => { dep.Value.Remove(Utils.VariableUtils.TopDownTaintVar); procExitTDTaint[proc][dep.Key] = new VarSet(); if (Analysis.DacMerged == null || (IsImpactedInput(proc, dep.Key) && IsImpactedOutput(proc, dep.Key))) { procExitTDTaint[proc][dep.Key].Add(Utils.VariableUtils.TopDownTaintVar); } }); // Remove taint based on DAC this.RemoveTaintBasedOnDac(nodeToImpl[node]); return(node); }
public override ReturnCmd VisitReturnCmd(ReturnCmd node) { add(node); return(base.VisitReturnCmd(node)); }
public override ReturnCmd VisitReturnCmd(ReturnCmd node) { return(base.VisitReturnCmd((ReturnCmd)node.Clone())); }
Block Visit(GraphNode node) { Contract.Requires(node != null); Contract.Ensures(Contract.Result <Block>() != null); Block orig = node.Block; if (newBlocks.TryGetValue(orig, out var nw)) { Contract.Assert(nw != null); } else { List <Cmd> body; TransferCmd tcmd; Contract.Assert(orig.TransferCmd != null); if (next == null && node.IsCutPoint) { // as the body, use the assert/assume commands that make up the loop invariant body = new List <Cmd>(); foreach (Cmd /*!*/ c in node.Body) { Contract.Assert(c != null); if (c is PredicateCmd || c is CommentCmd) { body.Add(c); } else { break; } } if (soundLoopUnrolling) { body.Add(new AssertCmd(orig.tok, Bpl.Expr.False)); } else { body.Add(new AssumeCmd(orig.tok, Bpl.Expr.False)); } tcmd = new ReturnCmd(orig.TransferCmd.tok); } else { body = node.Body; List <Block> newSuccs = new List <Block>(); foreach (GraphNode succ in node.ForwardEdges) { Block s; if (containingSCC[node] == containingSCC[succ]) { s = Visit(succ); } else { Contract.Assert(head != null); // follows from object invariant s = head.Visit(succ); } newSuccs.Add(s); } Contract.Assert(next != null || node.BackEdges.Count == 0); // follows from if-else test above and the GraphNode invariant foreach (GraphNode succ in node.BackEdges) { Contract.Assert(next != null); // since if we get here, node.BackEdges.Count != 0 Block s = next.Visit(succ); newSuccs.Add(s); } if (newSuccs.Count == 0) { tcmd = new ReturnCmd(orig.TransferCmd.tok); } else { tcmd = new GotoCmd(orig.TransferCmd.tok, newSuccs); } } nw = new Block(orig.tok, orig.Label + "#" + this.c, body, tcmd); newBlocks.Add(orig, nw); newBlockSeqGlobal.Add(nw); } return(nw); }
private void CreateMainProcedure(Function reach) { //blocks List <Block> mainBlocks = new List <Block>(); List <Variable> locals = new List <Variable>(); HashSet <Constant> blockCallConsts = new HashSet <Constant>(); foreach (Implementation impl in prog.TopLevelDeclarations.Where(x => x is Implementation)) { // skip this impl if it is not marked as an entrypoint if (useProvidedEntryPoints && !QKeyValue.FindBoolAttribute(impl.Proc.Attributes, "entrypoint")) { continue; } impl.Attributes = BoogieUtil.removeAttr("entrypoint", impl.Attributes); impl.Proc.Attributes = BoogieUtil.removeAttr("entrypoint", impl.Proc.Attributes); // skip initialization procedure if (QKeyValue.FindBoolAttribute(impl.Attributes, AvnAnnotations.InitialializationProcAttr) || QKeyValue.FindBoolAttribute(impl.Proc.Attributes, AvnAnnotations.InitialializationProcAttr)) { continue; } entrypoints.Add(impl.Name); //allocate params var args = new List <Variable>(); var rets = new List <Variable>(); impl.OutParams.ForEach(v => rets.Add(BoogieAstFactory.MkLocal(v.Name + "_" + impl.Name, v.TypedIdent.Type))); if (Options.allocateParameters) { // use impl.Proc here to pickup scalar/pointer attributes impl.Proc.InParams.ForEach(v => { var l = BoogieAstFactory.MkLocal(v.Name + "_" + impl.Name, v.TypedIdent.Type); // We are delibrately dropping the attributes so that // all parameters are initialized by allocation //l.Attributes = v.Attributes; args.Add(l); }); locals.AddRange(args); } else { impl.Proc.InParams.ForEach(v => { var g = BoogieAstFactory.MkGlobal(v.Name + "_" + impl.Name, v.TypedIdent.Type); //g.Attributes = v.Attributes; args.Add(g); }); globalParams.AddRange(args); } locals.AddRange(rets); //call var blockCallConst = new Constant(Token.NoToken, new TypedIdent(Token.NoToken, "__block_call_" + impl.Name, btype.Bool), false); blockCallConsts.Add(blockCallConst); blockEntryPointConstants[blockCallConst.Name] = impl.Name; impl2BlockingConstant[impl.Name] = blockCallConst; var blockCallAssumeCmd = new AssumeCmd(Token.NoToken, IdentifierExpr.Ident(blockCallConst)); var cmds = new List <Cmd>(); cmds.Add(blockCallAssumeCmd); if (Options.allocateParameters) // allocate parameters if option is enabled { var argMallocCmds = AllocatePointersAsUnknowns(args); cmds.AddRange(argMallocCmds); } // The beginning of an entry point must be reachable: assume reach(true); cmds.Add(new AssumeCmd(Token.NoToken, new NAryExpr(Token.NoToken, new FunctionCall(reach), new List <Expr> { Expr.True }))); var callCmd = new CallCmd(Token.NoToken, impl.Name, args.ConvertAll(x => (Expr)IdentifierExpr.Ident(x)), rets.ConvertAll(x => IdentifierExpr.Ident(x))); callCmd.Attributes = new QKeyValue(Token.NoToken, AvUtil.AvnAnnotations.AvhEntryPointAttr, new List <object>(), callCmd.Attributes); cmds.Add(callCmd); //succ var txCmd = new ReturnCmd(Token.NoToken); var blk = BoogieAstFactory.MkBlock(cmds, txCmd); mainBlocks.Add(blk); } foreach (Procedure proc in prog.TopLevelDeclarations.OfType <Procedure>()) { proc.Attributes = BoogieUtil.removeAttr("entrypoint", proc.Attributes); } // add global variables to prog // globals.Iter(x => prog.AddTopLevelDeclaration(x)); //add the constants to the prog blockCallConsts.Iter(x => prog.AddTopLevelDeclaration(x)); //TODO: get globals of type refs/pointers and maps var initCmd = (AssumeCmd)BoogieAstFactory.MkAssume(Expr.True); var globalCmds = new List <Cmd>() { initCmd }; //add call to corralExtraInit var init = Instrumentations.GetEnvironmentAssumptionsProc(prog); if (init != null && !Options.DelayInitialization) { globalCmds.Add(BoogieAstFactory.MkCall(init, new List <Expr>(), new List <Variable>())); } // Dont initialize Boogie instrumentation variables prog.GlobalVariables .Where(g => g.Name == "alloc" || BoogieUtil.checkAttrExists(AvnAnnotations.AllocatorVarAttr, g.Attributes)) .Where(g => !BoogieUtil.checkAttrExists("scalar", g.Attributes)) .Iter(g => g.AddAttribute("scalar")); // initialize globals prog.GlobalVariables .Where(g => g.Name != "alloc" && !BoogieUtil.checkAttrExists(AvnAnnotations.AllocatorVarAttr, g.Attributes)) .Iter(g => g.Attributes = BoogieUtil.removeAttrs(new HashSet <string> { "scalar", "pointer" }, g.Attributes)); globalCmds.AddRange(AllocatePointersAsUnknowns(prog.GlobalVariables.Select(x => (Variable)x).ToList())); if (init != null && Options.DelayInitialization) { globalCmds.Add(BoogieAstFactory.MkCall(init, new List <Expr>(), new List <Variable>())); } // globals for parameters prog.AddTopLevelDeclarations(globalParams); //first block var transferCmd = mainBlocks.Count > 0 ? (TransferCmd)(new GotoCmd(Token.NoToken, mainBlocks)) : (TransferCmd)(new ReturnCmd(Token.NoToken)); Block blkStart = new Block(Token.NoToken, "CorralMainStart", globalCmds, transferCmd); var blocks = new List <Block>(); blocks.Add(blkStart); blocks.AddRange(mainBlocks); var mainProcImpl = BoogieAstFactory.MkImpl(AvnAnnotations.CORRAL_MAIN_PROC, new List <Variable>(), new List <Variable>(), locals, blocks); mainProcImpl[0].AddAttribute("entrypoint"); prog.AddTopLevelDeclarations(mainProcImpl); }
public override ReturnCmd VisitReturnCmd(ReturnCmd node) { //Contract.Requires(node != null); Contract.Ensures(Contract.Result <ReturnCmd>() != null); return(base.VisitReturnCmd((ReturnCmd)node.Clone())); }
public virtual ReturnCmd VisitReturnCmd(ReturnCmd node) { Contract.Requires(node != null); Contract.Ensures(Contract.Result <ReturnCmd>() != null); return((ReturnCmd)this.VisitTransferCmd(node)); }
public override ReturnCmd VisitReturnCmd(ReturnCmd node) { return(node); }
public TerminatedWithoutError(ReturnCmd location) { this.ExitLocation = new ProgramLocation(location); }
private string CreateNewImplementation(Implementation impl, List <Block> blocks) { if (!this.NameCounter.ContainsKey(impl.Name)) { this.NameCounter.Add(impl.Name, 0); } this.NameCounter[impl.Name]++; var newInParams = new List <Variable>(); foreach (var v in impl.Proc.InParams) { newInParams.Add(new Duplicator().VisitVariable(v.Clone() as Variable) as Variable); } var newOutParams = new List <Variable>(); foreach (var v in impl.Proc.OutParams) { newOutParams.Add(new Duplicator().VisitVariable(v.Clone() as Variable) as Variable); } var newLocalParams = new List <Variable>(); foreach (var v in impl.LocVars) { newLocalParams.Add(new Duplicator().VisitVariable(v.Clone() as Variable) as Variable); } var newBlocks = new List <Block>(); foreach (var b in impl.Blocks) { if (blocks.Any(val => val.Label.Equals(b.Label))) { continue; } var newCmds = new List <Cmd>(); foreach (var cmd in b.Cmds) { newCmds.Add(new Duplicator().Visit(cmd.Clone()) as Cmd); } TransferCmd transferCmd = null; if (b.TransferCmd is GotoCmd) { transferCmd = new GotoCmd(Token.NoToken, new List <string>(), new List <Block>()); } else { transferCmd = new ReturnCmd(Token.NoToken); } newBlocks.Add(new Block(Token.NoToken, b.Label, newCmds, transferCmd)); } foreach (var b in newBlocks) { if (!(b.TransferCmd is GotoCmd)) { continue; } var originalBlock = impl.Blocks.Find(val => val.Label.Equals(b.Label)); var originalTransfer = originalBlock.TransferCmd as GotoCmd; var gotoCmd = b.TransferCmd as GotoCmd; foreach (var target in originalTransfer.labelTargets) { if (blocks.Any(val => val.Label.Equals(target.Label))) { continue; } var newTarget = newBlocks.Find(val => val.Label.Equals(target.Label)); gotoCmd.labelTargets.Add(newTarget); gotoCmd.labelNames.Add(newTarget.Label); } } var newImpl = new Implementation(Token.NoToken, impl.Name + "#" + this.NameCounter[impl.Name], new List <TypeVariable>(), newInParams, newOutParams, newLocalParams, newBlocks, impl.Attributes); var newProc = this.CreateNewProcedure(newImpl, impl.Proc.Modifies); var newCons = this.CreateNewConstant(newImpl); this.AC.TopLevelDeclarations.Add(newProc); this.AC.TopLevelDeclarations.Add(newImpl); this.AC.TopLevelDeclarations.Add(newCons); return(newImpl.Name); }