public override void VisitEnsuresExceptional(EnsuresExceptional exceptional)
{
// Since we can copy contracts around now, we may already have the source text if it comes from a contract reference assembly
if (exceptional.SourceConditionText != null)
{
return;
}
string source = GetSource("Contract.Ensures", ContextForTextExtraction(exceptional));
if (source == null)
{
if (writeOutput)
{
Console.WriteLine("<error generating documentation>");
}
}
else
{
exceptional.SourceConditionText = new Literal(source, SystemTypes.String);
if (writeOutput)
{
Indent();
Console.WriteLine("{0}", source);
}
}
}
public override EnsuresExceptional VisitEnsuresExceptional(EnsuresExceptional exceptional)
{
var result = base.VisitEnsuresExceptional(exceptional);
result.UserMessage = (Expression)Visit(result.UserMessage);
return(result);
}
public override EnsuresExceptional VisitEnsuresExceptional(EnsuresExceptional exceptional)
{
if (exceptional == null)
{
return(null);
}
var result = base.VisitEnsuresExceptional(exceptional);
result.UserMessage = ExtractorVisitor.FilterUserMessage(this.targetMethod, result.UserMessage);
return(result);
}
public override EnsuresExceptional VisitEnsuresExceptional(EnsuresExceptional exceptional) {
// BUGBUG? How safe is it to assume that the Variable is a NameBinding at this point?
// But if it isn't what can possibly be done with it? If it isn't resolved to something,
// the Checker pass will wipe it out.
NameBinding nb = exceptional.Variable as NameBinding;
if (nb != null) {
exceptional.Variable = new Local(nb.Identifier, exceptional.Type);
}
exceptional.PostCondition = this.VisitBooleanExpression(exceptional.PostCondition);
return exceptional;
}
public override EnsuresExceptional VisitEnsuresExceptional(EnsuresExceptional exceptional){
if (exceptional == null) return null;
this.VisitResolvedTypeReference(exceptional.Type, exceptional.TypeExpression);
return base.VisitEnsuresExceptional(exceptional);
}
public virtual void VisitEnsuresExceptional(EnsuresExceptional exceptional)
{
if (exceptional == null) return;
this.VisitExpression(exceptional.PostCondition);
this.VisitTypeReference(exceptional.Type);
this.VisitExpression(exceptional.Variable);
}
private void CheckEnsuresExceptional(Method method, EnsuresExceptional ensuresExceptional)
{
// F: Is this a precondition? Or simply return when method == null
Contract.Requires(method != null);
if (ensuresExceptional == null) return;
if (ensuresExceptional.Type != null)
{
if (!HelperMethods.IsTypeAsVisibleAs(ensuresExceptional.Type, method))
{
var msg =
string.Format(
"Exception type {0} in EnsuresOnThrow<E> has less visibility than enclosing method {1}",
ensuresExceptional.Type.FullName, method.FullName);
this.errorHandler(new Error(1037, msg, ensuresExceptional.SourceContext));
}
}
}
private bool ExtractFromClump(StatementList contractClump, Method method, GatherLocals gatherLocals,
RequiresList Preconditions, EnsuresList Postconditions, RequiresList validations,
EnsuresList modelPostconditions, SourceContext defaultContext, Method originalMethod,
Block contractInitializer, ref HelperMethods.StackDepthTracker dupStackTracker)
{
// set the state so that the contract clump is used for extraction (as opposed to the method body as it used to)
StatementList stmts = contractClump;
int beginning = 0;
int n = stmts.Count;
int seginning = HelperMethods.FindNextRealStatement(((Block) stmts[beginning]).Statements, 0);
bool endContractFound = false;
bool postConditionFound = false;
SourceContext currentSourceContext;
for (int i = beginning; i < n; i++)
{
Block b = (Block) stmts[i];
if (b == null) continue;
for (int j = 0, m = b.Statements == null ? 0 : b.Statements.Count; j < m; j++)
{
if (dupStackTracker.IsValid && dupStackTracker.Depth >= 0)
{
b.Statements[j] = dupStackTracker.Visit(b.Statements[j]);
}
Statement s = b.Statements[j];
if (s == null) continue;
Block currentClump;
Throw t = null;
t = s as Throw;
Method calledMethod = HelperMethods.IsMethodCall(s);
if ((t != null ||
(calledMethod != null &&
calledMethod.DeclaringType != null &&
calledMethod.DeclaringType != this.contractNodes.ContractClass &&
HelperMethods.IsVoidType(calledMethod.ReturnType) &&
!this.contractNodes.IsContractOrValidatorOrAbbreviatorMethod(calledMethod))))
{
// Treat throw statements as (part of) a precondition
// don't accept "throw ..." unless it comes in the "precondition section"
// then treat the current clump as a precondition, but need to massage it a bit:
// all branches to the block just after the throw should be modified to be branches to
// a new manufactured block that sets a fresh local to "true". The
// throw itself should be changed to set the same local to "false". That way the
// clump can be treated as the value of precondition (because the branch polarity has
// already been negated as part of the code gen).
// This test was supposed to be a sanity check that the current block contained
// only "throw ..." or else "nop; throw ...". But I've also seen "ThrowHelper.Throw(...); nop",
// so I'm just going to comment this out for now.
//if (!((m == 1 && j == 0) || (m == 2 && j == 1))) {
// Preconditions = new RequiresList();
// Postconditions = new EnsuresList();
// return; // throw new ExtractorException();
//}
Expression exception;
// The clump being extracted may contain code/blocks that represent (part of)
// the expression that is being thrown (if the original throw expression had
// control flow in it from boolean expressions and/or ternary expressions).
b.Statements[j] = null; // wipe out throw statement
currentClump = new Block(HelperMethods.ExtractClump(stmts, beginning, seginning, i, j));
int currentClumpLength = i - beginning + 1;
// there better be a next block because that must have been the target for all of the branches
// that didn't cause the throw to happen
if (!(i < n - 1))
{
this.HandleError(method, 1027, "Malformed contract.", s.SourceContext);
return false;
}
Block nextBlock = (Block) stmts[i + 1]; // cast succeeds because body is clump
Local valueOfPrecondition = new Local(Identifier.For("_preConditionHolds"), SystemTypes.Boolean);
Block preconditionHolds = new Block(new StatementList(new AssignmentStatement(valueOfPrecondition, Literal.True)));
ReplaceBranchTarget rbt = new ReplaceBranchTarget(nextBlock, preconditionHolds);
rbt.VisitBlock(currentClump);
int ILOffset;
CountPopExpressions cpe = new CountPopExpressions();
currentSourceContext = s.SourceContext;
cpe.Visit(s);
if (0 < cpe.PopOccurrences)
{
// then there is a set of blocks that represent the exception: the Reader
// was not able to decompile it back into an expression. Extract the set
// from the current clump and make it into a block expression
// Find the last block that has a branch to "preconditionHolds". After that are all of the blocks
// that represent the evaluation of the exception
int branchBlockIndex = currentClumpLength - 2;
// can't be the current block: that has the throw in it
while (0 <= branchBlockIndex)
{
Block possibleBranchBlock = currentClump.Statements[branchBlockIndex] as Block;
Branch br = possibleBranchBlock.Statements[possibleBranchBlock.Statements.Count - 1] as Branch;
if (br != null && br.Target == preconditionHolds)
{
break;
}
branchBlockIndex--;
}
if (branchBlockIndex < 0)
{
this.HandleError(method, 1028, "Malformed exception constructor in contract.", defaultContext);
return false;
}
Block exceptionBlock =
new Block(HelperMethods.ExtractClump(currentClump.Statements, branchBlockIndex + 1, 0,
currentClumpLength - 1,
((Block) currentClump.Statements[currentClumpLength - 1]).Statements.Count - 1));
exceptionBlock.Statements.Add(new ExpressionStatement(t.Expression));
SourceContext sctx = ((Block) exceptionBlock.Statements[0]).Statements[0].SourceContext;
if (sctx.IsValid)
{
currentSourceContext = sctx;
}
else
{
SourceContext tmp;
bool foundContext = HelperMethods.GetLastSourceContext(exceptionBlock.Statements, out tmp);
if (foundContext)
currentSourceContext = tmp;
}
if (!CheckClump(method, gatherLocals, currentSourceContext, exceptionBlock)) return false;
exception = new BlockExpression(exceptionBlock, SystemTypes.Exception);
ILOffset = t.ILOffset;
}
else
{
currentSourceContext = s.SourceContext;
if (t != null)
{
// then the statement is "throw ..."
exception = t.Expression;
ILOffset = t.ILOffset;
}
else
{
ExpressionStatement throwHelperCall = s as ExpressionStatement;
Debug.Assert(throwHelperCall != null);
exception = throwHelperCall.Expression;
ILOffset = s.ILOffset;
}
exception.SourceContext = currentSourceContext;
SourceContext tmp;
bool foundContext = HelperMethods.GetLastSourceContext(currentClump.Statements, out tmp);
if (foundContext)
currentSourceContext = tmp;
}
Block returnValueOfPrecondition = new Block(new StatementList(new ExpressionStatement(valueOfPrecondition)));
Statement extraAssumeFalse = this.ExtraAssumeFalseOnThrow();
Block preconditionFails =
new Block(new StatementList(new AssignmentStatement(valueOfPrecondition, Literal.False),
extraAssumeFalse, new Branch(null, returnValueOfPrecondition, true, false, false)));
//Block preconditionFails = new Block(new StatementList(new AssignmentStatement(valueOfPrecondition, Literal.False), new Branch(null, returnValueOfPrecondition, true, false, false)));
currentClump.Statements.Add(preconditionFails); // replace throw statement
currentClump.Statements.Add(preconditionHolds);
currentClump.Statements.Add(returnValueOfPrecondition);
if (!CheckClump(originalMethod, gatherLocals, currentSourceContext, currentClump)) return false;
BlockExpression be = new BlockExpression(currentClump, SystemTypes.Boolean);
be.SourceContext = currentSourceContext;
var ro = new RequiresOtherwise(be, exception);
ro.ILOffset = ILOffset;
ro.SourceContext = currentSourceContext;
if (postConditionFound)
{
HandleError(originalMethod, 1013, "Precondition found after postcondition.", currentSourceContext);
return false;
}
validations.Add(ro);
var req = new RequiresPlain(be, FindExceptionThrown.Find(exception));
req.IsFromValidation = true;
req.ILOffset = ro.ILOffset;
req.SourceContext = ro.SourceContext;
Preconditions.Add(req);
}
else
{
if (contractNodes.IsContractMethod(calledMethod))
{
// Treat calls to contract methods
if (endContractFound)
{
HandleError(originalMethod, 1012, "Contract call found after prior EndContractBlock.", s.SourceContext);
break;
}
if (contractNodes.IsEndContract(calledMethod))
{
endContractFound = true;
continue;
}
MethodCall mc = ((ExpressionStatement) s).Expression as MethodCall;
Expression arg = mc.Operands[0];
arg.SourceContext = s.SourceContext;
MethodContractElement mce;
currentSourceContext = s.SourceContext;
Expression condition;
if (beginning == i && seginning == j)
{
// Deal with the simple case: the reader decompiled the call into a single statement
condition = arg;
}
else
{
b.Statements[j] = new ExpressionStatement(arg);
// construct a clump from
// methodBody.Statements[beginning].Statements[seginning] to
// methodBody.Statements[i].Statements[j]
currentClump = new Block(HelperMethods.ExtractClump(stmts, beginning, seginning, i, j));
if (!currentSourceContext.IsValid)
{
// then a good source context has not been found yet. Grovel around in the clump
// to see if there is a better one
SourceContext sctx;
if (HelperMethods.FindContext(currentClump, currentSourceContext, out sctx))
currentSourceContext = sctx;
}
if (!CheckClump(originalMethod, gatherLocals, currentSourceContext, currentClump))
return false;
BlockExpression be = new BlockExpression(currentClump);
condition = be;
}
condition.SourceContext = currentSourceContext;
if (contractNodes.IsPlainPrecondition(calledMethod))
{
var req = new RequiresPlain(condition);
contractNodes.IsRequiresWithException(calledMethod, out req.ExceptionType);
mce = req;
}
else if (this.contractNodes.IsPostcondition(calledMethod))
{
mce = new EnsuresNormal(condition);
}
else if (contractNodes.IsExceptionalPostcondition(calledMethod))
{
EnsuresExceptional ee = new EnsuresExceptional(condition);
// Extract the type of exception.
ee.Type = calledMethod.TemplateArguments[0];
mce = ee;
}
else
{
throw new InvalidOperationException("Cannot recognize contract method");
}
mce.SourceContext = currentSourceContext;
mce.ILOffset = mc.ILOffset;
if (1 < mc.Operands.Count)
{
var candidate = SanitizeUserMessage(method, mc.Operands[1], currentSourceContext);
mce.UserMessage = candidate;
}
if (2 < mc.Operands.Count)
{
Literal lit = mc.Operands[2] as Literal;
if (lit != null)
{
mce.SourceConditionText = lit;
}
}
// determine Model status
mce.UsesModels = CodeInspector.UsesModel(mce.Assertion, this.contractNodes);
// Check context rules
switch (mce.NodeType)
{
case NodeType.RequiresPlain:
if (postConditionFound)
{
this.HandleError(originalMethod, 1014, "Precondition found after postcondition.", currentSourceContext);
return false;
}
if (mce.UsesModels)
{
this.HandleError(originalMethod, 1073, "Preconditions may not refer to model members.", currentSourceContext);
return false;
}
var rp = (RequiresPlain) mce;
Preconditions.Add(rp);
validations.Add(rp); // also add to the internal validation list
break;
// TODO: check visibility of post conditions based on visibility of possible implementation
case NodeType.EnsuresNormal:
case NodeType.EnsuresExceptional:
Ensures ensures = (Ensures) mce;
if (mce.UsesModels)
{
if (this.IncludeModels)
{
modelPostconditions.Add(ensures);
}
}
else
{
Postconditions.Add(ensures);
}
postConditionFound = true;
break;
}
}
else if (ContractNodes.IsValidatorMethod(calledMethod))
{
// Treat calls to Contract validators
if (endContractFound)
{
this.HandleError(originalMethod, 1012,
"Contract call found after prior EndContractBlock.", s.SourceContext);
break;
}
MethodCall mc = ((ExpressionStatement) s).Expression as MethodCall;
var memberBinding = (MemberBinding) mc.Callee;
currentSourceContext = s.SourceContext;
Statement validation;
Block validationPrefix;
if (beginning == i && seginning == j)
{
// Deal with the simple case: the reader decompiled the call into a single statement
validation = s;
validationPrefix = null;
}
else
{
// The clump may contain multiple statements ending in the validator call.
// to extract the code as Requires<E>, we need to keep the statements preceeding
// the validator call, as they may contain local initialization etc. These should go
// into the first Requires<E> that the validator expands to. This way, if there are
// no Requires<E> expanded from the validator, then the statements can be omitted.
// At the same time, the statements won't be duplicated when validations are emitted.
//
// If the validator call contains any pops, then the extraction must fail saying it
// is too complicated.
// must null out statement with call before extract clump
b.Statements[j] = null; // we have a copy in mc, s
validationPrefix = new Block(HelperMethods.ExtractClump(stmts, beginning, seginning, i, j));
if (!currentSourceContext.IsValid)
{
// then a good source context has not been found yet. Grovel around in the clump
// to see if there is a better one
SourceContext sctx;
if (HelperMethods.FindContext(validationPrefix, currentSourceContext, out sctx))
currentSourceContext = sctx;
}
if (CountPopExpressions.Count(mc) > 0)
{
this.HandleError(method, 1071,
"Arguments to contract validator call are too complicated. Please simplify.",
currentSourceContext);
return false;
}
if (!CheckClump(originalMethod, gatherLocals, currentSourceContext, validationPrefix))
return false;
validation = new Block(new StatementList(validationPrefix, s));
validation.SourceContext = currentSourceContext;
}
var ro = new RequiresOtherwise(null, new BlockExpression(new Block(new StatementList(validation))));
validations.Add(ro);
CopyValidatorContracts(
method, calledMethod, memberBinding.TargetObject, mc.Operands,
Preconditions, currentSourceContext, validationPrefix);
}
else if (ContractNodes.IsAbbreviatorMethod(calledMethod))
{
// Treat calls to Contract abbreviators
if (endContractFound)
{
this.HandleError(originalMethod, 1012, "Contract call found after prior EndContractBlock.", s.SourceContext);
break;
}
MethodCall mc = ((ExpressionStatement) s).Expression as MethodCall;
var memberBinding = (MemberBinding) mc.Callee;
currentSourceContext = s.SourceContext;
if (beginning == i && seginning == j)
{
// Deal with the simple case: the reader decompiled the call into a single statement
// nothing to do. All is in the call and its arguments
}
else
{
// The clump may contain multiple statements ending in the abbreviator call.
// We need to keep the statements preceeding the abbreviator call and add them to the
// contract initializer block. The reason we cannot add them to the first expansion contract
// of the abbreviator is that the abbreviator may give rise to closure initialization which will
// be hoisted into the closure initializer block. This closure initializer may refer to the
// locals initialized by the present statement sequence, so it must precede it.
//
// If the abbreviator call contains any pops, then the extraction must fail saying it
// is too complicated.
// grab prefix of clump minus last call statement.
// must null out current call statement before we extract clump (ow. it stays in body)
b.Statements[j] = null;
currentClump = new Block(HelperMethods.ExtractClump(stmts, beginning, seginning, i, j));
if (!currentSourceContext.IsValid)
{
// then a good source context has not been found yet. Grovel around in the clump
// to see if there is a better one
SourceContext sctx;
if (HelperMethods.FindContext(currentClump, currentSourceContext, out sctx))
currentSourceContext = sctx;
}
if (CountPopExpressions.Count(mc) > 0)
{
this.HandleError(method, 1070,
"Arguments to contract abbreviator call are too complicated. Please simplify.",
currentSourceContext);
return false;
}
if (!CheckClump(originalMethod, gatherLocals, currentSourceContext, currentClump))
return false;
if (HelperMethods.IsNonTrivial(currentClump))
{
contractInitializer.Statements.Add(currentClump);
}
}
CopyAbbreviatorContracts(method, calledMethod, memberBinding.TargetObject, mc.Operands,
Preconditions, Postconditions, currentSourceContext, validations, contractInitializer);
}
else
{
// important to continue here and accumulate blocks/statements for next contract!
if (i == beginning && j == seginning && s.NodeType == NodeType.Nop)
{
// nop following contract is often associated with previous code, so skip it
seginning = j + 1;
}
continue;
}
}
// Re-initialize current state after contract has been found
beginning = i;
seginning = j + 1;
//seginning = HelperMethods.FindNextRealStatement(((Block)stmts[i]).Statements, j + 1);
if (seginning < 0) seginning = 0;
//b = (Block)stmts[i]; // IMPORTANT! Need this to keep "b" in sync
}
}
if (this.verbose)
{
Console.WriteLine("\tNumber of Preconditions: " + Preconditions.Count);
Console.WriteLine("\tNumber of Postconditions: " + Postconditions.Count);
}
return true;
}
private void ParseMethodContract(Method m, TokenSet followers, ref bool swallowedSemicolonAlready){
bool savedParsingStatement = this.parsingStatement;
if (this.currentToken != Token.EndOfFile) this.parsingStatement = true;
if (!swallowedSemicolonAlready) m.SourceContext.EndPos = this.scanner.endPos;
MethodContract mc = new MethodContract(m);
SourceContext initialSourceContext = this.scanner.CurrentSourceContext;
while ( Parser.ContractStart[this.currentToken] ) {
SourceContext ctx = this.scanner.CurrentSourceContext;
Node n = null;
int finalPos = 0;
switch ( this.currentToken ) {
case Token.Requires: {
this.GetNextToken();
if (this.currentToken == Token.LeftBrace){
this.HandleError(Error.ExpectedExpression);
break; // without this, the left bracket gets parsed as an anonymous nested function
}
Expression e = this.ParseExpression(followers|ContractStart|Token.Otherwise);
if (mc.Requires == null) mc.Requires = new RequiresList();
if (this.currentToken != Token.Otherwise) {
Requires r = new RequiresPlain(e);
n = r;
mc.Requires.Add(r);
}else {
this.Skip(Token.Otherwise);
Expression e2 = this.ParseExpression(followers|ContractStart);
Requires r = new RequiresOtherwise(e,e2);
n = r;
mc.Requires.Add(r);
}
finalPos = this.scanner.CurrentSourceContext.EndPos;
swallowedSemicolonAlready= (this.currentToken == Token.Semicolon);
this.SkipSemiColon(followers|ContractStart);
break;
}
case Token.Modifies: {
// modifies expressions have their source context set here within this
// case, so don't use the variable "n" to hold on to the AST otherwise
// it will have the wrong source context set for it at the end of the switch
// statement
n = null;
this.insideModifiesClause = true;
list : {
this.GetNextToken(); // Token.Modifies or Token.Comma
SourceContext sctx = this.scanner.CurrentSourceContext;
Expression e = this.ParseExpression(followers | ContractStart | Token.Comma);
if (mc.Modifies == null) mc.Modifies = new ExpressionList();
if (e != null) { // REVIEW: does this just silently miss errors?
sctx.EndPos = e.SourceContext.EndPos;
ModifiesClause modClause = e as ModifiesClause;
if (modClause != null) {
e.SourceContext = sctx;
}
else {
e = new UnaryExpression(e, NodeType.RefAddress, sctx);
}
mc.Modifies.Add(e);
}
if (this.currentToken == Token.Comma)
goto list;
}
swallowedSemicolonAlready= (this.currentToken == Token.Semicolon);
finalPos = this.scanner.CurrentSourceContext.EndPos;
this.SkipSemiColon(followers|ContractStart);
this.insideModifiesClause = false;
break;
}
case Token.Ensures: {
InEnsuresContext = true;
this.GetNextToken();
if (this.currentToken == Token.LeftBrace){
this.HandleError(Error.ExpectedExpression);
break; // without this, the left bracket gets parsed as an anonymous nested function
}
Expression e = this.ParseExpression(followers|ContractStart);
if (mc.Ensures == null) mc.Ensures = new EnsuresList();
EnsuresNormal en = new EnsuresNormal(e);
n = en;
mc.Ensures.Add(en);
finalPos = this.scanner.CurrentSourceContext.EndPos;
swallowedSemicolonAlready= (this.currentToken == Token.Semicolon);
this.SkipSemiColon(followers|ContractStart);
InEnsuresContext = false;
break;
}
case Token.Throws: {
this.GetNextToken();
// throws (E1) ensures P;
// throws (E1 e) ensures P;
// throws E1 ensures P;
// throws E1, E2, ...;
// Note, for constuctors, only the last of these forms is allowed.
if (mc.Ensures == null) {
mc.Ensures = new EnsuresList();
// Note, this list may be left empty in case of parsing errors below.
}
EnsuresExceptional exc = new EnsuresExceptional();
exc.SourceContext = this.scanner.CurrentSourceContext;
bool hasLeftParen = false;
if (this.currentToken == Token.LeftParenthesis) {
hasLeftParen = true;
this.Skip(Token.LeftParenthesis);
}
exc.Type = exc.TypeExpression = this.ParseTypeExpression(Identifier.Empty, followers|Token.Identifier|Token.RightParenthesis|ContractStart);
if (hasLeftParen && Parser.IdentifierOrNonReservedKeyword[this.currentToken]) {
exc.Variable = this.scanner.GetIdentifier();
exc.Variable.Type = exc.Type;
this.GetNextToken();
}else{
exc.Variable = null; // need to be able to distinguish whether the source contains a variable or not
}
if (hasLeftParen) {
this.Skip(Token.RightParenthesis);
}
if (hasLeftParen || this.currentToken == Token.Ensures) {
// throws (E1) ensures P;
// throws (E1 e) ensures P;
// throws E1 ensures P;
SourceContext ctxEnsures = this.scanner.CurrentSourceContext;
this.Skip(Token.Ensures);
InEnsuresContext = true;
Expression ens = this.ParseExpression(followers|ContractStart);
InEnsuresContext = false;
// Do the constructor check now. This is rather late, since the whole throws...ensures
// has now been parsed, but this may lead to better parse-error recovery.
if (m is InstanceInitializer) {
this.HandleError(ctxEnsures, Error.ThrowsEnsuresOnConstructor);
// ignore what was parsed
exc.PostCondition = new Literal(true, null, ctx);
}else{
exc.PostCondition = ens;
}
mc.Ensures.Add(exc);
}else{
// throws E1, E2, ...;
// exc.PostCondition = new Literal(true, null, ctx);
mc.Ensures.Add(exc);
while (this.currentToken == Token.Comma) {
this.GetNextToken();
exc = new EnsuresExceptional();
exc.SourceContext = this.scanner.CurrentSourceContext;
exc.Type = exc.TypeExpression = this.ParseTypeExpression(Identifier.Empty, followers|Token.Comma|ContractStart);
exc.Variable = new Local(TypeExpressionFor("System", "Exception"));
exc.Variable.SourceContext = ctx;
exc.PostCondition = new Literal(true, null, ctx);
mc.Ensures.Add(exc);
}
}
finalPos = this.scanner.CurrentSourceContext.EndPos;
swallowedSemicolonAlready= (this.currentToken == Token.Semicolon);
this.SkipSemiColon(followers|ContractStart);
n = exc;
break;
}
}
if (n != null) {
n.SourceContext= ctx;
n.SourceContext.EndPos = finalPos ;
}
m.SourceContext.EndPos = finalPos;
}
// What error to generate here?
if (!followers[this.currentToken])
this.SkipTo(followers);
if (initialSourceContext.EndPos != this.scanner.CurrentSourceContext.EndPos) {
// then a contract really was parsed
m.Contract = mc;
}
if (this.currentToken != Token.EndOfFile) this.parsingStatement = savedParsingStatement;
}
public override EnsuresExceptional VisitEnsuresExceptional (EnsuresExceptional exceptional) {
if (exceptional == null) return null;
if (exceptional.PostCondition == null || exceptional.Variable == null) {
return base.VisitEnsuresExceptional(exceptional);
}
// Create the scoping structure only if there is a user-defined variable to bind to
// the exception and there is a condition. (This code was copied from VisitCatch.)
exceptional.Type = this.VisitTypeReference(exceptional.Type);
SourceContext sctx = exceptional.PostCondition.SourceContext;
Scope savedScope = this.scope;
Block b = new Block(new StatementList(new ExpressionStatement(exceptional.PostCondition)));
Scope scope = this.scope = new BlockScope(savedScope, b);
this.AddToAllScopes(this.scope);
TrivialHashtable savedTargetFor = this.targetFor;
TrivialHashtable targetFor = this.targetFor = new TrivialHashtable();
IdentifierList labelList = this.labelList;
int n = labelList.Count;
for (int i = 0; i < n; i++) {
Identifier label = labelList[i];
targetFor[label.UniqueIdKey] = savedTargetFor[label.UniqueIdKey];
}
Identifier throwsId = exceptional.Variable as Identifier;
if (throwsId != null) {
Field f = new Field();
f.DeclaringType = scope;
f.Flags = FieldFlags.CompilerControlled;
f.Name = throwsId;
f.Type = exceptional.Type;
scope.Members.Add(f);
exceptional.Variable = new MemberBinding(new ImplicitThis(scope, 0), f, throwsId.SourceContext);
}
this.scope = scope;
this.AddToAllScopes(this.scope);
Declarer declarer = this.GetDeclarer();
declarer.VisitBlock(b, scope, targetFor, labelList);
b = base.VisitBlock(b);
exceptional.PostCondition = new BlockExpression(b, SystemTypes.Boolean, sctx);
this.scope = savedScope;
this.targetFor = savedTargetFor;
labelList.Count = n;
return exceptional;
}
public override EnsuresExceptional VisitEnsuresExceptional(EnsuresExceptional exceptional) {
if (exceptional == null) return null;
{
#region Generate the runtime code for checking the postcondition
Expression en = exceptional.PostCondition;
if (en == null) return exceptional;
StatementList exsuresStatements = new StatementList();
Block exsuresBlock = new Block(exsuresStatements);
exsuresBlock.HasLocals = true;
// Code generation for postconditions needs to be such that the
// data flow analysis will "see" the consequences. If the value
// of the postcondition is assigned to a local, then the information
// is lost.
//
// for the throws clause: throws (E e) ensures Q(e)
// generate:
//
// ... at beginning of all exceptional postconditions ...
// ... generated in VisitMethod ...
// catch (Exception caught_exception){
//
// E e = caught_exception as E;
// if (e == null || en) goto L;
// throw new PostConditionException(...);
// L: nop
//
// ... at end of all exceptional postconditions ...
// ... generated in VisitMethod ...
// rethrow
//
// The reason for generating the if test this way is to avoid trying to branch out
// of the catch block
Block post_holds = new Block(new StatementList(new Statement(NodeType.Nop)));
#region Evaluate the postcondition within a try block. If an exception happens during evaluation, throw a wrapped exception.
bool noAllocationAllowed = this.currentMethod.GetAttribute(SystemTypes.BartokNoHeapAllocationAttribute) != null;
Local exceptionDuringPostCondition = new Local(Identifier.For("SS$exceptionDuringPostCondition"),SystemTypes.Exception);
Local objectExceptionDuringPostCondition = new Local(Identifier.For("SS$objectExceptionDuringPostCondition"),SystemTypes.Exception);
Expression cond = exceptional.PostCondition;
string condition = cond != null && cond.SourceContext.SourceText != null && cond.SourceContext.SourceText.Length > 0 ?
cond.SourceContext.SourceText : "<unknown condition>";
Expression ec2;
Expression ec3;
if (noAllocationAllowed) {
ec2 = new MemberBinding(null, SystemTypes.PreAllocatedExceptions.GetField(Identifier.For("InvalidContract")));
ec3 = new MemberBinding(null, SystemTypes.PreAllocatedExceptions.GetField(Identifier.For("InvalidContract")));
}
else {
MemberBinding excBinding2 = new MemberBinding(null, SystemTypes.EnsuresException.GetConstructor(SystemTypes.String, SystemTypes.Exception));
MemberBinding excBinding3 = new MemberBinding(null, SystemTypes.EnsuresException.GetConstructor(SystemTypes.String));
string msg2 = "Exception occurred during evaluation of postcondition '" + condition + "' in method '" + currentMethod.FullName + "'";
ec2 = new Construct(excBinding2, new ExpressionList(new Literal(msg2, SystemTypes.String), exceptionDuringPostCondition));
ec3 = new Construct(excBinding3, new ExpressionList(new Literal(msg2, SystemTypes.String)));
}
#endregion
#region Throw an exception if the value of the postcondition was false
Expression thrownException;
if (noAllocationAllowed) {
thrownException = new MemberBinding(null, SystemTypes.PreAllocatedExceptions.GetField(Identifier.For("Ensures")));
}
else {
MemberBinding excBinding = new MemberBinding(null, SystemTypes.EnsuresException.GetConstructor(SystemTypes.String));
Construct ec = new Construct(excBinding, new ExpressionList());
string msg = "Exceptional postcondition '" + condition + "' violated from method '" + currentMethod.FullName + "'";
ec.Operands.Add(new Literal(msg, SystemTypes.String));
thrownException = ec;
}
Throw t2 = new Throw(thrownException,exceptional.SourceContext);
#endregion
exceptional.Variable = this.VisitExpression(exceptional.Variable);
#region Create a local to hold the exception
Local e;
if (exceptional.Variable == null) {
e = new Local(Identifier.Empty,exceptional.Type,exsuresBlock);
} else {
e = (Local)exceptional.Variable;
}
#endregion
// E e = caught_exception as E;
AssignmentStatement castToThrowType = new AssignmentStatement(e,
new BinaryExpression(this.currentExceptionalTerminationException,
new Literal(exceptional.Type, SystemTypes.Type), NodeType.Isinst, exceptional.Type));
exsuresStatements.Add(castToThrowType);
// e == null || Q(e)
Expression disjunction = new BinaryExpression(
new BinaryExpression(e, Literal.Null, NodeType.Eq),
en,
NodeType.LogicalOr);
exsuresStatements.Add(new If(disjunction, new Block(new StatementList(new Branch(null, post_holds))), null));
exsuresStatements.Add(t2);
exsuresStatements.Add(post_holds);
exsuresBlock = this.VisitBlock(exsuresBlock);
this.currentContractExceptionalTerminationChecks.Add(exsuresBlock);
#endregion
return exceptional;
}
}
public override EnsuresExceptional VisitEnsuresExceptional(EnsuresExceptional exceptional)
{
// since clousot doesn't handle exceptional post yet, we filter them out here.
// TODO: refactor Ensures into two lists: normal and exceptional
return(null);
}
public override EnsuresExceptional VisitEnsuresExceptional(EnsuresExceptional exceptional)
{
var result = base.VisitEnsuresExceptional(exceptional);
result.UserMessage = (Expression) Visit(result.UserMessage);
return result;
}
public EventingVisitor(Action<EnsuresExceptional> visitEnsuresExceptional) { VisitedEnsuresExceptional += visitEnsuresExceptional; } public event Action<EnsuresExceptional> VisitedEnsuresExceptional; public override EnsuresExceptional VisitEnsuresExceptional(EnsuresExceptional exceptional) { if (VisitedEnsuresExceptional != null) VisitedEnsuresExceptional(exceptional); return base.VisitEnsuresExceptional(exceptional); }
protected override object VisitCall(Variable dest, Variable receiver, Method callee, ExpressionList arguments, bool virtcall, Statement stat, object arg)
{
ExposureState estate = (ExposureState)arg;
if (callee.CciKind == Cci.CciMemberKind.FrameGuardGetter)
{
// associate dest with receiver, because unpack is going to happen with dest as receiver
estate.AssignFrameFor(dest, receiver, callee.DeclaringType); // receiver could be a subtype of the type that the frame guard is for
}
else if (callee == UnpackMethod)
{
if (estate.IsFrameExposable(receiver))
{
// BUGBUG: Using CopyVariable encodes the assumption that StartWritingTransitively returns itself!!! It may not!
estate.CopyVariable(receiver, dest);
estate.AssignFrameForExposed(dest);
}
else
{
TypeNode t = estate.LowerBoundOfObjectPointedToByFrame(receiver);
if (t == null) // BUGBUG: is this the same as it being Top?
{
HandleError(stat, stat, Error.DontKnowIfCanExposeObject);
}
else
{
HandleError(stat, stat, Error.ExposingExposedObject);
}
return(null);
}
}
else if (callee == PackMethod)
{
estate.AssignFrameForNotExposed(receiver);
}
else if (callee == IsExposableMethod)
{
estate.AssignFunctionLink(ExposureState.EqIsExposableId, dest, receiver);
}
else if (callee == IsExposedMethod)
{
estate.AssignEqIsExposed(dest, receiver);
}
else if (callee == AssertMethod)
{
Variable v = arguments[0] as Variable;
if (v != null && estate.IsFalse(v))
{
return(null);
}
}
// Push possible exceptions to handlers.
for (int i = 0; i < callee.Contract.Ensures.Count; i++)
{
EnsuresExceptional e = callee.Contract.Ensures[i] as EnsuresExceptional;
if (e != null)
{
ExposureState newnn = new ExposureState(estate);
newnn.currentException = e.Type;
ExposureChecker.PushExceptionState(ExposureChecker.currBlock, newnn);
}
}
return(arg);
}
public virtual EnsuresExceptional VisitEnsuresExceptional(EnsuresExceptional exceptional1, EnsuresExceptional exceptional2) {
if (exceptional1 == null) return null;
if (exceptional2 == null) {
exceptional1.PostCondition = this.VisitExpression(exceptional1.PostCondition, null);
exceptional1.Type = this.VisitTypeReference(exceptional1.Type, null);
exceptional1.Variable = this.VisitExpression(exceptional1.Variable, null);
}else{
exceptional1.PostCondition = this.VisitExpression(exceptional1.PostCondition, exceptional2.PostCondition);
exceptional1.Type = this.VisitTypeReference(exceptional1.Type, exceptional2.Type);
exceptional1.Variable = this.VisitExpression(exceptional1.Variable, exceptional2.Variable);
}
return exceptional1;
}
public virtual EnsuresExceptional VisitEnsuresExceptional(EnsuresExceptional exceptional) {
if (exceptional == null) return null;
exceptional.PostCondition = this.VisitExpression(exceptional.PostCondition);
exceptional.Type = this.VisitTypeReference(exceptional.Type);
exceptional.Variable = this.VisitExpression(exceptional.Variable);
return exceptional;
}
public override EnsuresExceptional VisitEnsuresExceptional(EnsuresExceptional exceptional)
{
if (exceptional == null) return null;
return base.VisitEnsuresExceptional((EnsuresExceptional)exceptional.Clone());
}
public override void VisitEnsuresExceptional(EnsuresExceptional exceptional)
{
this.checkingExceptionalPostcondition = true;
base.VisitEnsuresExceptional(exceptional);
}
public override EnsuresExceptional VisitEnsuresExceptional(EnsuresExceptional exceptional)
{
if (exceptional == null) return null;
var result = base.VisitEnsuresExceptional(exceptional);
result.UserMessage = ExtractorVisitor.FilterUserMessage(this.targetMethod, result.UserMessage);
return result;
}
public override void VisitEnsuresExceptional(EnsuresExceptional exceptional)
{
seenDup = false;
base.VisitEnsuresExceptional(exceptional);
}
public override EnsuresExceptional VisitEnsuresExceptional(EnsuresExceptional exceptional)
{
// since clousot doesn't handle exceptional post yet, we filter them out here.
// TODO: refactor Ensures into two lists: normal and exceptional
return null;
}
