public override Method VisitMethod(Method method) { if (this.analyzer != null) { INonNullInformation nonNullInfo = this.analyzer.NonNullInfo; if (nonNullInfo == null) { nonNullInfo = NonNullChecker.Check(this.typeSystem, method, this.analyzer); nonNullInfoCache[method] = nonNullInfo; } } // To be sure that requires are computed // as I am bypassing that blocks of code if (method.Contract != null) { RequiresList requiresL = method.Contract.Requires; EnsuresList ensuresL = method.Contract.Ensures; } return(base.VisitMethod(method)); }
public void Visit(RequiresList requires) { if (requires == null) return; for (int i = 0; i < requires.Count; i++) { this.Visit(requires[i]); } }
public RequiresList Apply(RequiresList reqs) { if (specializer != null) { specializer.CurrentMethod = method; specializer.CurrentType = method.DeclaringType; reqs = specializer.VisitRequiresList(reqs); } RequiresList result = this.VisitRequiresList(reqs); return result; }
// Ensures: // Preconditions != null // && ForAll{Requires r in Preconditions; // r.Condition is BlockExpression // && r.Condition.Type == Void // && IsClump(r.Condition.Block.Statements) // Postconditions != null // && ForAll{Ensures e in Posconditions; // e.PostCondition is BlockExpression // && e.PostCondition.Type == Void // && IsClump(e.PostCondition.Block.Statements) // (In addition, each Requires is a RequiresPlain when the contract // call is Contract.Requires and is a RequiresOtherwise when the // contract call is Critical.Requires. In the latter case, the // ThrowException is filled in correctly.) // /// <summary> /// /// </summary> /// <param name="method"></param> /// <param name="Preconditions"></param> /// <param name="Postconditions"></param> /// <param name="Validations"></param> /// <param name="contractInitializerBlock">used to store extra closure initializations from abbrevs and validators</param> public void CheapAndDirty( Method method, ref RequiresList Preconditions, ref EnsuresList Postconditions, ref RequiresList Validations, ref EnsuresList modelPostConditions, Block contractInitializerBlock, ref HelperMethods.StackDepthTracker dupStackTracker) { if (this.verbose) { Console.WriteLine("Method : " + method.FullName); } if (method == null || method.Body == null || method.Body.Statements == null || method.Body.Statements.Count <= 0) { return; } Block methodBody = method.Body; int n = methodBody.Statements.Count; int beginning = 0; while (beginning < n && methodBody.Statements[beginning] is PreambleBlock) { beginning++; } int lastBlockContainingContract; int lastStatementContainingContract; bool anyContractCall = FindLastBlockWithContracts(methodBody.Statements, beginning, out lastBlockContainingContract, out lastStatementContainingContract); // Make sure any locals in the contracts are disjoint from the locals in the rest of the body // can use the same one throughout GatherLocals gatherLocals = new GatherLocals(); SourceContext lastContractSourceContext = method.SourceContext; if (!anyContractCall) { if (this.verbose) { Console.WriteLine("\tNo contracts found"); } // still need to check for bad other contract calls in method body goto CheckBody; } Block lastBlock = methodBody.Statements[lastBlockContainingContract] as Block; lastContractSourceContext = lastBlock.SourceContext; // probably not a good context, what to do if one can't be found? if (lastBlock.Statements != null && 0 <= lastStatementContainingContract && lastStatementContainingContract < lastBlock.Statements.Count) { lastContractSourceContext = lastBlock.Statements[lastStatementContainingContract].SourceContext; } // Make sure contract section is not in any try-catch region TrivialHashtable<int> block2Index = new TrivialHashtable<int>(methodBody.Statements.Count); for (int i = 0, nn = methodBody.Statements.Count; i < nn; i++) { if (methodBody.Statements[i] == null) continue; block2Index[methodBody.Statements[i].UniqueKey] = i; } // Check each exception handler and see if any overlap with the contract section for (int i = 0, nn = method.ExceptionHandlers == null ? 0 : method.ExceptionHandlers.Count; i < nn; i++) { ExceptionHandler eh = method.ExceptionHandlers[i]; if (eh == null) continue; if (((int) block2Index[eh.BlockAfterTryEnd.UniqueKey]) < beginning || lastBlockContainingContract < ((int) block2Index[eh.TryStartBlock.UniqueKey])) { continue; // can't overlap } this.HandleError(method, 1024, "Contract section within try block.", lastContractSourceContext); return; } // Extract <beginning,0> to <lastBlockContainingContract,lastStatmentContainingContract> StatementList contractClump = HelperMethods.ExtractClump(methodBody.Statements, beginning, 0, lastBlockContainingContract, lastStatementContainingContract); // Look for bad stuff BadStuff(method, contractClump, lastContractSourceContext); // Make sure that the entire contract section is closed. if (!CheckClump(method, gatherLocals, currentMethodSourceContext, new Block(contractClump))) { return; } // Checking that had the side effect of populating the hashtable, but now each contract will be individually visited. // That process needs to start with a fresh table. gatherLocals.Locals = new TrivialHashtable(); Preconditions = new RequiresList(); Postconditions = new EnsuresList(); Validations = new RequiresList(); modelPostConditions = new EnsuresList(); if (!ExtractFromClump( contractClump, method, gatherLocals, Preconditions, Postconditions, Validations, modelPostConditions, lastContractSourceContext, method, contractInitializerBlock, ref dupStackTracker)) { return; } CheckBody: // Check "real" method body for use of any locals used in contracts // var checkMethodBody = new CheckForBadContractStuffInMethodBody(gatherLocals, this.CallErrorFound, method); var checkMethodBody = new CheckLocals(gatherLocals); checkMethodBody.Visit(methodBody); if (!this.fSharp && checkMethodBody.reUseOfExistingLocal != null) { SourceContext sc = lastContractSourceContext; this.HandleError(method, 1025, "After contract block, found use of local variable '" + checkMethodBody.reUseOfExistingLocal.Name.Name + "' defined in contract block", sc); } }
/// <summary> /// Method replaces Requires to Assume in the MoveNext method of the async or iterator state machine. /// </summary> private void ReplaceRequiresWithAssumeInMoveNext(RequiresList origPreconditions, AssumeBlock originalContractPosition) { Contract.Assert(origPreconditions != null); if (originalContractPosition != null && originalContractPosition.Statements != null /*&& origPreconditions != null */&& origPreconditions.Count > 0) { var origStatements = originalContractPosition.Statements; foreach (var pre in origPreconditions) { if (pre == null) continue; var assume = new MethodCall( new MemberBinding(null, this.contractNodes.AssumeMethod), new ExpressionList(pre.Condition), NodeType.Call); assume.SourceContext = pre.SourceContext; var assumeStmt = new ExpressionStatement(assume); assumeStmt.SourceContext = pre.SourceContext; origStatements.Add(assumeStmt); } } }
private void ProcessClosureClass(Method method, TypeNode closure, bool isAsync) { Contract.Requires(method != null); Contract.Requires(closure != null); Method movenext = closure.GetMethod(StandardIds.MoveNext); if (movenext == null) return; movenext.IsAsync = isAsync; if (movenext.Body == null) return; if (movenext.Body.Statements == null) return; SourceContext defaultSourceContext; Block contractInitializerBlock = new Block(new StatementList()); HelperMethods.StackDepthTracker dupStackTracker = new HelperMethods.StackDepthTracker(); AssumeBlock originalContractPosition; StatementList contractClump = GetContractClumpFromMoveNext(method, movenext, contractNodes, contractInitializerBlock.Statements, out defaultSourceContext, ref dupStackTracker, out originalContractPosition); if (contractClump != null) { // Look for bad stuff BadStuff(method, contractClump, defaultSourceContext); // Make sure any locals in the contracts are disjoint from the locals in the rest of the body // can use the same one throughout GatherLocals gatherLocals = new GatherLocals(); // Make sure that the entire contract section is closed. if (!CheckClump(movenext, gatherLocals, currentMethodSourceContext, new Block(contractClump))) { movenext.ClearBody(); return; } // Checking that had the side effect of populating the hashtable, but now each contract will be individually visited. // That process needs to start with a fresh table. gatherLocals.Locals = new TrivialHashtable(); RequiresList Preconditions = new RequiresList(); EnsuresList Postconditions = new EnsuresList(); RequiresList Validations = new RequiresList(); EnsuresList modelPostconditions = new EnsuresList(); EnsuresList asyncPostconditions = null; // REVIEW: What should we do with the Validations in this case? Should we map them to the enumerator method? Maybe not, since without // rewriting this won't happen. if (!ExtractFromClump(contractClump, movenext, gatherLocals, Preconditions, Postconditions, Validations, modelPostconditions, defaultSourceContext, method, contractInitializerBlock, ref dupStackTracker)) { movenext.ClearBody(); return; } if (isAsync) { asyncPostconditions = SplitAsyncEnsures(ref Postconditions, method); } try { // Next is to attach the preconditions to method (instead of movenext) // To do so, we have to duplicate the expressions and statements in Precondition, Postcondition and contractInitializerBlock Duplicator dup = new Duplicator(closure.DeclaringModule, method.DeclaringType); var origPreconditions = Preconditions; var origValidations = Validations; var origcontractInitializerBlock = contractInitializerBlock; Preconditions = dup.VisitRequiresList(Preconditions); Postconditions = dup.VisitEnsuresList(Postconditions); Validations = dup.VisitRequiresList(Validations); contractInitializerBlock = dup.VisitBlock(contractInitializerBlock); asyncPostconditions = dup.VisitEnsuresList(asyncPostconditions); var mapClosureExpToOriginal = BuildMappingFromClosureToOriginal(closure, movenext, method); Preconditions = mapClosureExpToOriginal.Apply(Preconditions); Postconditions = mapClosureExpToOriginal.Apply(Postconditions); Validations = mapClosureExpToOriginal.Apply(Validations); contractInitializerBlock = mapClosureExpToOriginal.Apply(contractInitializerBlock); asyncPostconditions = mapClosureExpToOriginal.Apply(asyncPostconditions); //MemberList members = FindClosureMembersInContract(closure, movenext); // MakeClosureAccessibleToOriginalMethod(closure, members); if (method.Contract == null) method.Contract = new MethodContract(method); method.Contract.Requires = Preconditions; method.Contract.Validations = Validations; // Postconditions are sanity checked here, because Result<T> must be compared against the // return type of the original method. It is most conveniently done after the type substitution. // TODO: refactor the checking part altogether out of ExtractFromClump. method.Contract.Ensures = Postconditions; method.Contract.ModelEnsures = modelPostconditions; method.Contract.ContractInitializer = contractInitializerBlock; method.Contract.AsyncEnsures = asyncPostconditions; // Following replacement causes some weird issues for complex preconditions (like x != null && x.Length > 0) // when CCRewriter is used with /publicsurface or Preconditions only. // This fix could be temporal and proper fix would be applied in the future. // After discussion this issue with original CC authors (Mike Barnett and Francesco Logozzo), // we decided that this fix is safe and lack of Assume statement in the MoveNext method will not affect // customers (neither CCRewriter customers nor CCCheck customers). // If this assumption would not be true in the future, proper fix should be applied. // put requires as assumes into movenext method at original position // ReplaceRequiresWithAssumeInMoveNext(origPreconditions, originalContractPosition); // no postPreamble to initialize, as method is not a ctor } finally { // this is done in caller!!! //// normalize contract by forcing IsPure to look at attributes and removing contract it is empty //var contract = method.Contract; //var isPure = contract.IsPure; //if (!isPure && contract.RequiresCount == 0 && contract.EnsuresCount == 0 && contract.ModelEnsuresCount == 0 && contract.ValidationsCount == 0 && contract.AsyncEnsuresCount == 0) //{ // method.Contract = null; //} else //{ // // turn helper method calls to Result, OldValue, ValueAtReturn into proper AST nodes. // this.extractionFinalizer.VisitMethodContract(method.Contract); //} } } }
// Instead of overriding VisitRequiresPlain or VisitRequiresOtherwise, just process the list. // Almost all of the code is the same for both plain and otherwise requires. // This could be done by overriding VisitRequires -- but would depend upon introducing // a VisitRequires method in StandardVisitor. public override RequiresList VisitRequiresList(RequiresList Requires){ // add a default precondition here and not earlier in the pipeline so it doesn't confuse // the contract inheritance checks. // REVIEW: probably better to add it earlier and have a HasCompilerGeneratedSignature on it // so it can be ignored in the inheritance checks. bool addDefaultPrecondition = this.currentMethod != null && !this.currentMethod.IsStatic && !this.currentMethod.IsAbstract && this.currentMethod.Body != null && this.currentMethod.Body.Statements != null && !(this.currentMethod.HasCompilerGeneratedSignature && !this.currentMethod.Name.Name.StartsWith("get_") && !this.currentMethod.Name.Name.StartsWith("set_")) && this.currentMethod.NodeType != NodeType.InstanceInitializer && this.currentMethod.NodeType != NodeType.StaticInitializer && (this.currentType != null && this.currentType.Contract != null && this.currentType.Contract.FramePropertyGetter != null) && this.currentMethod.GetAttribute(SystemTypes.NoDefaultContractAttribute) == null ; RequiresList newRequires = new RequiresList(); if (addDefaultPrecondition){ Method frameGetter = this.currentType.Contract.FramePropertyGetter; Method m = null; // We used to use "get_CanStartWriting" for non-virtual methods. But Rustan and I decided // that it should be fine to use the transitive one for all methods. It is more liberal // but still prevents re-entrance into a method in a frame that is exposed. m = SystemTypes.Guard.GetMethod(Identifier.For("get_CanStartWritingTransitively"), null); // default precondition is (as normalized IR): // requires this.get_FrameGuard().get_CanStartWriting(); if it is a non-virtual method // requires this.get_FrameGuard().get_CanStartWritingTransitively(); if it is a virtual method if (frameGetter != null && m != null){ SourceContext sc = this.currentMethod.Name.SourceContext; MethodCall getFrameGuard = new MethodCall(new MemberBinding(this.currentThisParameter, frameGetter), null, NodeType.MethodCall, SystemTypes.Guard, sc); Requires r = new RequiresOtherwise( new MethodCall( new MemberBinding(getFrameGuard,m), null, NodeType.MethodCall, SystemTypes.Boolean), new Construct(new MemberBinding(null, SystemTypes.RequiresException.GetConstructor(SystemTypes.String)), new ExpressionList(new Literal("The target object of this call must be exposable.", SystemTypes.String)), SystemTypes.RequiresException) ); r.SourceContext = sc; newRequires.Add(r); } } if ((this.currentMethod.IsPublic || this.currentMethod.IsFamilyOrAssembly) && !(this.currentCompilation != null && this.currentCompilation.CompilerParameters != null && ((CompilerOptions)this.currentCompilation.CompilerParameters).DisableNullParameterValidation)){ ParameterList parameters = this.currentMethod.Parameters; for (int i = 0, n = parameters == null ? 0 : parameters.Count; i < n; i++){ Parameter parameter = parameters[i]; if (parameter != null && !parameter.IsOut && this.typeSystem.IsNonNullType(parameter.Type)){ RequiresOtherwise r; Reference rtype = parameter.Type as Reference; if (rtype == null) { TypeNode parameterType = TypeNode.StripModifier(parameter.Type, SystemTypes.NonNullType); Expression e = null; if (this.useGenerics && (parameterType is TypeParameter || parameterType is ClassParameter)) { e = new BinaryExpression(parameter, new MemberBinding(null, parameterType), NodeType.Box, SystemTypes.Object, parameter.SourceContext); } else { e = new ParameterBinding(parameter, parameter.SourceContext); } r = new RequiresOtherwise( new BinaryExpression(e, new Literal(null, TypeNode.StripModifiers(parameter.Type)), NodeType.Ne, SystemTypes.Boolean, parameter.SourceContext), new Construct(new MemberBinding(null, SystemTypes.ArgumentNullException.GetConstructor(SystemTypes.String)), new ExpressionList(new Literal(parameter.Name.Name, SystemTypes.String)), SystemTypes.ArgumentNullException)); } else { // have to perform deref r = new RequiresOtherwise( new BinaryExpression(new AddressDereference(new ParameterBinding(parameter, parameter.SourceContext), rtype.ElementType), new Literal(null, TypeNode.StripModifiers(rtype.ElementType)), NodeType.Ne, SystemTypes.Boolean, parameter.SourceContext), new Construct(new MemberBinding(null, SystemTypes.ArgumentNullException.GetConstructor(SystemTypes.String)), new ExpressionList(new Literal(parameter.Name.Name, SystemTypes.String)), SystemTypes.ArgumentNullException)); } r.SourceContext = parameter.SourceContext; newRequires.Add(r); } } } for (int i = 0, n = Requires == null ? 0 : Requires.Count; i < n; i++){ newRequires.Add(Requires[i]); } if (newRequires.Count == 0) return Requires; Block preConditionBlock = new Block(new StatementList()); preConditionBlock.HasLocals = true; for (int i = 0, n = newRequires.Count; i < n; i++) { Requires r = newRequires[i]; if (r == null) continue; if (r.Condition == null) continue; // Code generation for preconditions needs to be such that the // data flow analysis will "see" the consequences. If the value // of the precondition is assigned to a local, then the information // is lost. // // try { // if re goto pre_i_holds; // } // catch { throw new ErrorDuringPreConditionEvaluation(...); } // throw new PreConditionException(...); // pre_i_holds: nop bool noAllocationAllowed = this.currentMethod.GetAttribute(SystemTypes.BartokNoHeapAllocationAttribute) != null; Local exceptionDuringPreCondition = new Local(Identifier.For("SS$exceptionDuringPreCondition" + i),SystemTypes.Exception); Local exceptionDuringPreCondition3 = new Local(Identifier.For("SS$objectExceptionDuringPreCondition" + i),SystemTypes.Object); Expression cond = r.Condition; string condition = cond != null && cond.SourceContext.SourceText != null && cond.SourceContext.SourceText.Length > 0 ? cond.SourceContext.SourceText : "<unknown condition>"; Expression ec2; Expression ec3; if (noAllocationAllowed) { ec2 = ec3 = new MemberBinding(null, SystemTypes.PreAllocatedExceptions.GetField(Identifier.For("InvalidContract"))); } else { MemberBinding excBinding2 = new MemberBinding(null, SystemTypes.InvalidContractException.GetConstructor(SystemTypes.String, SystemTypes.Exception)); MemberBinding excBinding3 = new MemberBinding(null, SystemTypes.InvalidContractException.GetConstructor(SystemTypes.String)); string msg2 = "Exception occurred during evaluation of precondition '" + condition + "' in method '" + currentMethod.FullName + "'"; ec2 = new Construct(excBinding2, new ExpressionList(new Literal(msg2, SystemTypes.String), exceptionDuringPreCondition)); ec3 = new Construct(excBinding3, new ExpressionList(new Literal(msg2, SystemTypes.String))); } #region If the precondition fails, throw an exception Expression throwExpression = null; #region Create the expression to throw. Deal with different subtypes of Requires if (noAllocationAllowed) { throwExpression = new MemberBinding(null, SystemTypes.PreAllocatedExceptions.GetField(Identifier.For("Requires"))); } else { if (r is RequiresPlain) { MemberBinding excBinding = new MemberBinding(null, SystemTypes.RequiresException.GetConstructor(SystemTypes.String)); Construct ec = new Construct(excBinding, new ExpressionList()); string msg = "Precondition '" + condition + "' violated from method '" + currentMethod.FullName + "'"; ec.Operands.Add(new Literal(msg, SystemTypes.String)); throwExpression = ec; } else if (r is RequiresOtherwise) { RequiresOtherwise otherwise = (RequiresOtherwise)r; if (otherwise.ThrowException is Literal) { // it was "requires P otherwise E" where E is a type name of an exception class Literal l = (Literal)otherwise.ThrowException; Class exceptionClass = (Class)l.Value; MemberBinding excBinding = new MemberBinding(null, this.GetTypeView(exceptionClass).GetConstructor()); // what to do if there is no nullary constructor? I guess that should have been checked in the context checker Construct ec = new Construct(excBinding, new ExpressionList()); throwExpression = ec; } else { // it was "requires P otherwise new E(...)" (or some other expression whose value is an exception) throwExpression = this.VisitExpression(otherwise.ThrowException); } } else { Debug.Assert(false, "Expecting only RequiresOtherwise and RequiresPlain as subtypes of Requires"); } } #endregion Throw t = new Throw(throwExpression,r.SourceContext); #endregion Block pre_i_holds = new Block(); //CatchList cl = new CatchList(2); //cl.Add(new Catch(new Block(new StatementList(new Throw(ec2,r.Condition.SourceContext))),exceptionDuringPreCondition,SystemTypes.Exception)); //cl.Add(new Catch(new Block(new StatementList(new Throw(ec3,r.Condition.SourceContext))),exceptionDuringPreCondition3,SystemTypes.Object)); //Try tryPre = new Try(new Block(new StatementList(new If(r.Condition,new Block(new StatementList(new Branch(null,pre_i_holds))),null))),cl,null,null,null); //preConditionBlock.Statements.Add(tryPre); preConditionBlock.Statements.Add(new If(r.Condition,new Block(new StatementList(new Branch(null,pre_i_holds))),null)); preConditionBlock.Statements.Add(t); preConditionBlock.Statements.Add(pre_i_holds); } preConditionBlock = this.VisitBlock(preConditionBlock); this.currentContractPrelude.Statements.Add(preConditionBlock); return Requires; }
private void CopyValidatorContracts(Method targetMethod, Method validatorMethodInstance, Expression targetObject, ExpressionList actuals, RequiresList Preconditions, SourceContext useSite, Block validatorPrefix) { // make sure to have extracted contracts from the validator method prior if (validatorMethodInstance.DeclaringType.DeclaringModule == targetMethod.DeclaringType.DeclaringModule) { var validatorMethod = validatorMethodInstance; while (validatorMethod.Template != null) { validatorMethod = validatorMethod.Template; } this.VisitMethod(validatorMethod); } if (validatorMethodInstance.Contract == null) return; var copier = new AbbreviationDuplicator(validatorMethodInstance, targetMethod, this.contractNodes, validatorMethodInstance, targetObject, actuals); var validatorContract = HelperMethods.DuplicateContractAndClosureParts(copier, targetMethod, validatorMethodInstance, this.contractNodes, false); if (validatorContract == null) return; MoveValidatorRequires(targetMethod, validatorContract.Requires, Preconditions, useSite, validatorContract.ContractInitializer, validatorPrefix); }
public virtual RequiresList VisitRequiresList(RequiresList Requires) { if (Requires == null) return null; for (int i = 0, n = Requires.Count; i < n; i++) Requires[i] = (Requires) this.Visit(Requires[i]); return Requires; }
private void EmitInterleavedValidationsAndRequires(Method method, List<Requires> inherited, RequiresList validations, Block newBody) { List<Requires> reqSequence = new List<Requires>(); if (validations != null) { foreach (var val in validations) { var ro = val as RequiresOtherwise; if (ro != null) { FlushEmitOrdinaryRequires(reqSequence, method, newBody); if (this.Emit(RuntimeContractEmitFlags.LegacyRequires)) { newBody.Statements.Add(GenerateValidationCode(ro)); } } else { if (EmitRequires((RequiresPlain)val, this.skipQuantifiers)) { reqSequence.Add(val); } } } } if (inherited.Count > 0) { foreach (var req in inherited) { reqSequence.Add(req); } } FlushEmitOrdinaryRequires(reqSequence, method, newBody); }
/// <summary> /// Need to have this override so that inherited preconditions are not /// checked again. /// </summary> /// <param name="Requires"></param> /// <returns></returns> public override RequiresList VisitRequiresList(RequiresList Requires) { if (Requires == null) return null; for (int i = 0, n = Requires.Count; i < n; i++) { if (Requires[i] == null || Requires[i].Inherited) { continue; } Requires[i] = (Requires)this.Visit(Requires[i]); } return Requires; }
public virtual void VisitRequiresList(RequiresList Requires) { if (Requires == null) return; for (int i = 0, n = Requires.Count; i < n; i++) this.Visit(Requires[i]); }
public override RequiresList VisitRequiresList(RequiresList Requires) { if (Requires == null) return null; return base.VisitRequiresList(Requires.Clone()); }
public virtual RequiresList VisitRequiresList(RequiresList requires1, RequiresList requires2) { if (requires1 == null) return null; for (int i = 0, n = requires1.Count, m = requires2 == null ? 0 : requires2.Count; i < n; i++) { //^ assert requires2 != null; if (i >= m) requires1[i] = (Requires)this.Visit(requires1[i], null); else requires1[i] = (Requires)this.Visit(requires1[i], requires2[i]); } return requires1; }
private Invariant TryLiftingPropertyInvariantToPropertyRequiresEnsures(TypeNode typeNode, Invariant invariant) { List<Member> referencedMembers; var autoprops = AutoPropFinder.FindAutoProperty(this, typeNode, invariant.Condition, out referencedMembers); if (autoprops == null || autoprops.Count == 0) return invariant; foreach (var autoPropertyUsed in autoprops) { var getter = HelperMethods.Unspecialize(autoPropertyUsed.Getter); if (!AllReferencedMembersAsVisibleAs(getter, referencedMembers)) continue; var setter = HelperMethods.Unspecialize(autoPropertyUsed.Setter); if (getter.Contract == null) { getter.Contract = new MethodContract(getter); } if (setter.Contract == null) { setter.Contract = new MethodContract(setter); } var ensuresList = getter.Contract.Ensures; if (ensuresList == null) { getter.Contract.Ensures = ensuresList = new EnsuresList(); } var requiresList = setter.Contract.Requires; if (requiresList == null) { setter.Contract.Requires = requiresList = new RequiresList(); } var validationList = setter.Contract.Validations; if (validationList == null) { setter.Contract.Validations = validationList = new RequiresList(); } Requires req; Ensures ens; ChangePropertyInvariantIntoRequiresEnsures.Transform(this, autoPropertyUsed, invariant, out req, out ens); requiresList.Add(req); validationList.Add(req); ensuresList.Add(ens); // make sure the property getter isn't visited again if (!this.visitedMethods.ContainsKey(autoPropertyUsed.Getter)) { this.visitedMethods.Add(autoPropertyUsed.Getter, autoPropertyUsed.Getter); } if (!this.visitedMethods.ContainsKey(autoPropertyUsed.Setter)) { this.visitedMethods.Add(autoPropertyUsed.Setter, autoPropertyUsed.Setter); } } ReplaceAutoPropertiesWithCorrespondingFields.Replace(autoprops, invariant); return invariant; }
/// <summary> /// </summary> /// <param name="validationContractInitializer">possibly empty initializer from closures in validators. Must be added as prefix to first requires</param> /// <param name="validationPrefix">Possibly empty statement list of code preceeding validator call. Must be added to first /// requires.</param> private void MoveValidatorRequires(Method targetMethod, RequiresList requiresList, RequiresList Preconditions, SourceContext useSite, Block validationContractInitializer, Block validationPrefix) { bool isFromValidation = true; if (requiresList == null) return; foreach (RequiresPlain req in requiresList) { if (!req.DefSite.IsValid) { req.DefSite = req.SourceContext; } req.SourceContext = useSite; req.IsFromValidation = isFromValidation; // mark that we copied this from a validator when necessary // re-sanitize user message for this context req.UserMessage = SanitizeUserMessage(targetMethod, req.UserMessage, useSite); // check if first requires and add prefixes if (HelperMethods.IsNonTrivial(validationPrefix)) { req.Condition = new BlockExpression( new Block(new StatementList(validationPrefix, new ExpressionStatement(req.Condition)))); validationPrefix = null; } if (HelperMethods.IsNonTrivial(validationContractInitializer)) { req.Condition = new BlockExpression( new Block(new StatementList(validationContractInitializer, new ExpressionStatement(req.Condition)))); validationContractInitializer = null; } Preconditions.Add(req); } }
private bool ExtractFromClump(StatementList contractClump, Method method, GatherLocals gatherLocals, RequiresList Preconditions, EnsuresList Postconditions, RequiresList validations, EnsuresList modelPostconditions, SourceContext defaultContext, Method originalMethod, Block contractInitializer, ref HelperMethods.StackDepthTracker dupStackTracker) { // set the state so that the contract clump is used for extraction (as opposed to the method body as it used to) StatementList stmts = contractClump; int beginning = 0; int n = stmts.Count; int seginning = HelperMethods.FindNextRealStatement(((Block) stmts[beginning]).Statements, 0); bool endContractFound = false; bool postConditionFound = false; SourceContext currentSourceContext; for (int i = beginning; i < n; i++) { Block b = (Block) stmts[i]; if (b == null) continue; for (int j = 0, m = b.Statements == null ? 0 : b.Statements.Count; j < m; j++) { if (dupStackTracker.IsValid && dupStackTracker.Depth >= 0) { b.Statements[j] = dupStackTracker.Visit(b.Statements[j]); } Statement s = b.Statements[j]; if (s == null) continue; Block currentClump; Throw t = null; t = s as Throw; Method calledMethod = HelperMethods.IsMethodCall(s); if ((t != null || (calledMethod != null && calledMethod.DeclaringType != null && calledMethod.DeclaringType != this.contractNodes.ContractClass && HelperMethods.IsVoidType(calledMethod.ReturnType) && !this.contractNodes.IsContractOrValidatorOrAbbreviatorMethod(calledMethod)))) { // Treat throw statements as (part of) a precondition // don't accept "throw ..." unless it comes in the "precondition section" // then treat the current clump as a precondition, but need to massage it a bit: // all branches to the block just after the throw should be modified to be branches to // a new manufactured block that sets a fresh local to "true". The // throw itself should be changed to set the same local to "false". That way the // clump can be treated as the value of precondition (because the branch polarity has // already been negated as part of the code gen). // This test was supposed to be a sanity check that the current block contained // only "throw ..." or else "nop; throw ...". But I've also seen "ThrowHelper.Throw(...); nop", // so I'm just going to comment this out for now. //if (!((m == 1 && j == 0) || (m == 2 && j == 1))) { // Preconditions = new RequiresList(); // Postconditions = new EnsuresList(); // return; // throw new ExtractorException(); //} Expression exception; // The clump being extracted may contain code/blocks that represent (part of) // the expression that is being thrown (if the original throw expression had // control flow in it from boolean expressions and/or ternary expressions). b.Statements[j] = null; // wipe out throw statement currentClump = new Block(HelperMethods.ExtractClump(stmts, beginning, seginning, i, j)); int currentClumpLength = i - beginning + 1; // there better be a next block because that must have been the target for all of the branches // that didn't cause the throw to happen if (!(i < n - 1)) { this.HandleError(method, 1027, "Malformed contract.", s.SourceContext); return false; } Block nextBlock = (Block) stmts[i + 1]; // cast succeeds because body is clump Local valueOfPrecondition = new Local(Identifier.For("_preConditionHolds"), SystemTypes.Boolean); Block preconditionHolds = new Block(new StatementList(new AssignmentStatement(valueOfPrecondition, Literal.True))); ReplaceBranchTarget rbt = new ReplaceBranchTarget(nextBlock, preconditionHolds); rbt.VisitBlock(currentClump); int ILOffset; CountPopExpressions cpe = new CountPopExpressions(); currentSourceContext = s.SourceContext; cpe.Visit(s); if (0 < cpe.PopOccurrences) { // then there is a set of blocks that represent the exception: the Reader // was not able to decompile it back into an expression. Extract the set // from the current clump and make it into a block expression // Find the last block that has a branch to "preconditionHolds". After that are all of the blocks // that represent the evaluation of the exception int branchBlockIndex = currentClumpLength - 2; // can't be the current block: that has the throw in it while (0 <= branchBlockIndex) { Block possibleBranchBlock = currentClump.Statements[branchBlockIndex] as Block; Branch br = possibleBranchBlock.Statements[possibleBranchBlock.Statements.Count - 1] as Branch; if (br != null && br.Target == preconditionHolds) { break; } branchBlockIndex--; } if (branchBlockIndex < 0) { this.HandleError(method, 1028, "Malformed exception constructor in contract.", defaultContext); return false; } Block exceptionBlock = new Block(HelperMethods.ExtractClump(currentClump.Statements, branchBlockIndex + 1, 0, currentClumpLength - 1, ((Block) currentClump.Statements[currentClumpLength - 1]).Statements.Count - 1)); exceptionBlock.Statements.Add(new ExpressionStatement(t.Expression)); SourceContext sctx = ((Block) exceptionBlock.Statements[0]).Statements[0].SourceContext; if (sctx.IsValid) { currentSourceContext = sctx; } else { SourceContext tmp; bool foundContext = HelperMethods.GetLastSourceContext(exceptionBlock.Statements, out tmp); if (foundContext) currentSourceContext = tmp; } if (!CheckClump(method, gatherLocals, currentSourceContext, exceptionBlock)) return false; exception = new BlockExpression(exceptionBlock, SystemTypes.Exception); ILOffset = t.ILOffset; } else { currentSourceContext = s.SourceContext; if (t != null) { // then the statement is "throw ..." exception = t.Expression; ILOffset = t.ILOffset; } else { ExpressionStatement throwHelperCall = s as ExpressionStatement; Debug.Assert(throwHelperCall != null); exception = throwHelperCall.Expression; ILOffset = s.ILOffset; } exception.SourceContext = currentSourceContext; SourceContext tmp; bool foundContext = HelperMethods.GetLastSourceContext(currentClump.Statements, out tmp); if (foundContext) currentSourceContext = tmp; } Block returnValueOfPrecondition = new Block(new StatementList(new ExpressionStatement(valueOfPrecondition))); Statement extraAssumeFalse = this.ExtraAssumeFalseOnThrow(); Block preconditionFails = new Block(new StatementList(new AssignmentStatement(valueOfPrecondition, Literal.False), extraAssumeFalse, new Branch(null, returnValueOfPrecondition, true, false, false))); //Block preconditionFails = new Block(new StatementList(new AssignmentStatement(valueOfPrecondition, Literal.False), new Branch(null, returnValueOfPrecondition, true, false, false))); currentClump.Statements.Add(preconditionFails); // replace throw statement currentClump.Statements.Add(preconditionHolds); currentClump.Statements.Add(returnValueOfPrecondition); if (!CheckClump(originalMethod, gatherLocals, currentSourceContext, currentClump)) return false; BlockExpression be = new BlockExpression(currentClump, SystemTypes.Boolean); be.SourceContext = currentSourceContext; var ro = new RequiresOtherwise(be, exception); ro.ILOffset = ILOffset; ro.SourceContext = currentSourceContext; if (postConditionFound) { HandleError(originalMethod, 1013, "Precondition found after postcondition.", currentSourceContext); return false; } validations.Add(ro); var req = new RequiresPlain(be, FindExceptionThrown.Find(exception)); req.IsFromValidation = true; req.ILOffset = ro.ILOffset; req.SourceContext = ro.SourceContext; Preconditions.Add(req); } else { if (contractNodes.IsContractMethod(calledMethod)) { // Treat calls to contract methods if (endContractFound) { HandleError(originalMethod, 1012, "Contract call found after prior EndContractBlock.", s.SourceContext); break; } if (contractNodes.IsEndContract(calledMethod)) { endContractFound = true; continue; } MethodCall mc = ((ExpressionStatement) s).Expression as MethodCall; Expression arg = mc.Operands[0]; arg.SourceContext = s.SourceContext; MethodContractElement mce; currentSourceContext = s.SourceContext; Expression condition; if (beginning == i && seginning == j) { // Deal with the simple case: the reader decompiled the call into a single statement condition = arg; } else { b.Statements[j] = new ExpressionStatement(arg); // construct a clump from // methodBody.Statements[beginning].Statements[seginning] to // methodBody.Statements[i].Statements[j] currentClump = new Block(HelperMethods.ExtractClump(stmts, beginning, seginning, i, j)); if (!currentSourceContext.IsValid) { // then a good source context has not been found yet. Grovel around in the clump // to see if there is a better one SourceContext sctx; if (HelperMethods.FindContext(currentClump, currentSourceContext, out sctx)) currentSourceContext = sctx; } if (!CheckClump(originalMethod, gatherLocals, currentSourceContext, currentClump)) return false; BlockExpression be = new BlockExpression(currentClump); condition = be; } condition.SourceContext = currentSourceContext; if (contractNodes.IsPlainPrecondition(calledMethod)) { var req = new RequiresPlain(condition); contractNodes.IsRequiresWithException(calledMethod, out req.ExceptionType); mce = req; } else if (this.contractNodes.IsPostcondition(calledMethod)) { mce = new EnsuresNormal(condition); } else if (contractNodes.IsExceptionalPostcondition(calledMethod)) { EnsuresExceptional ee = new EnsuresExceptional(condition); // Extract the type of exception. ee.Type = calledMethod.TemplateArguments[0]; mce = ee; } else { throw new InvalidOperationException("Cannot recognize contract method"); } mce.SourceContext = currentSourceContext; mce.ILOffset = mc.ILOffset; if (1 < mc.Operands.Count) { var candidate = SanitizeUserMessage(method, mc.Operands[1], currentSourceContext); mce.UserMessage = candidate; } if (2 < mc.Operands.Count) { Literal lit = mc.Operands[2] as Literal; if (lit != null) { mce.SourceConditionText = lit; } } // determine Model status mce.UsesModels = CodeInspector.UsesModel(mce.Assertion, this.contractNodes); // Check context rules switch (mce.NodeType) { case NodeType.RequiresPlain: if (postConditionFound) { this.HandleError(originalMethod, 1014, "Precondition found after postcondition.", currentSourceContext); return false; } if (mce.UsesModels) { this.HandleError(originalMethod, 1073, "Preconditions may not refer to model members.", currentSourceContext); return false; } var rp = (RequiresPlain) mce; Preconditions.Add(rp); validations.Add(rp); // also add to the internal validation list break; // TODO: check visibility of post conditions based on visibility of possible implementation case NodeType.EnsuresNormal: case NodeType.EnsuresExceptional: Ensures ensures = (Ensures) mce; if (mce.UsesModels) { if (this.IncludeModels) { modelPostconditions.Add(ensures); } } else { Postconditions.Add(ensures); } postConditionFound = true; break; } } else if (ContractNodes.IsValidatorMethod(calledMethod)) { // Treat calls to Contract validators if (endContractFound) { this.HandleError(originalMethod, 1012, "Contract call found after prior EndContractBlock.", s.SourceContext); break; } MethodCall mc = ((ExpressionStatement) s).Expression as MethodCall; var memberBinding = (MemberBinding) mc.Callee; currentSourceContext = s.SourceContext; Statement validation; Block validationPrefix; if (beginning == i && seginning == j) { // Deal with the simple case: the reader decompiled the call into a single statement validation = s; validationPrefix = null; } else { // The clump may contain multiple statements ending in the validator call. // to extract the code as Requires<E>, we need to keep the statements preceeding // the validator call, as they may contain local initialization etc. These should go // into the first Requires<E> that the validator expands to. This way, if there are // no Requires<E> expanded from the validator, then the statements can be omitted. // At the same time, the statements won't be duplicated when validations are emitted. // // If the validator call contains any pops, then the extraction must fail saying it // is too complicated. // must null out statement with call before extract clump b.Statements[j] = null; // we have a copy in mc, s validationPrefix = new Block(HelperMethods.ExtractClump(stmts, beginning, seginning, i, j)); if (!currentSourceContext.IsValid) { // then a good source context has not been found yet. Grovel around in the clump // to see if there is a better one SourceContext sctx; if (HelperMethods.FindContext(validationPrefix, currentSourceContext, out sctx)) currentSourceContext = sctx; } if (CountPopExpressions.Count(mc) > 0) { this.HandleError(method, 1071, "Arguments to contract validator call are too complicated. Please simplify.", currentSourceContext); return false; } if (!CheckClump(originalMethod, gatherLocals, currentSourceContext, validationPrefix)) return false; validation = new Block(new StatementList(validationPrefix, s)); validation.SourceContext = currentSourceContext; } var ro = new RequiresOtherwise(null, new BlockExpression(new Block(new StatementList(validation)))); validations.Add(ro); CopyValidatorContracts( method, calledMethod, memberBinding.TargetObject, mc.Operands, Preconditions, currentSourceContext, validationPrefix); } else if (ContractNodes.IsAbbreviatorMethod(calledMethod)) { // Treat calls to Contract abbreviators if (endContractFound) { this.HandleError(originalMethod, 1012, "Contract call found after prior EndContractBlock.", s.SourceContext); break; } MethodCall mc = ((ExpressionStatement) s).Expression as MethodCall; var memberBinding = (MemberBinding) mc.Callee; currentSourceContext = s.SourceContext; if (beginning == i && seginning == j) { // Deal with the simple case: the reader decompiled the call into a single statement // nothing to do. All is in the call and its arguments } else { // The clump may contain multiple statements ending in the abbreviator call. // We need to keep the statements preceeding the abbreviator call and add them to the // contract initializer block. The reason we cannot add them to the first expansion contract // of the abbreviator is that the abbreviator may give rise to closure initialization which will // be hoisted into the closure initializer block. This closure initializer may refer to the // locals initialized by the present statement sequence, so it must precede it. // // If the abbreviator call contains any pops, then the extraction must fail saying it // is too complicated. // grab prefix of clump minus last call statement. // must null out current call statement before we extract clump (ow. it stays in body) b.Statements[j] = null; currentClump = new Block(HelperMethods.ExtractClump(stmts, beginning, seginning, i, j)); if (!currentSourceContext.IsValid) { // then a good source context has not been found yet. Grovel around in the clump // to see if there is a better one SourceContext sctx; if (HelperMethods.FindContext(currentClump, currentSourceContext, out sctx)) currentSourceContext = sctx; } if (CountPopExpressions.Count(mc) > 0) { this.HandleError(method, 1070, "Arguments to contract abbreviator call are too complicated. Please simplify.", currentSourceContext); return false; } if (!CheckClump(originalMethod, gatherLocals, currentSourceContext, currentClump)) return false; if (HelperMethods.IsNonTrivial(currentClump)) { contractInitializer.Statements.Add(currentClump); } } CopyAbbreviatorContracts(method, calledMethod, memberBinding.TargetObject, mc.Operands, Preconditions, Postconditions, currentSourceContext, validations, contractInitializer); } else { // important to continue here and accumulate blocks/statements for next contract! if (i == beginning && j == seginning && s.NodeType == NodeType.Nop) { // nop following contract is often associated with previous code, so skip it seginning = j + 1; } continue; } } // Re-initialize current state after contract has been found beginning = i; seginning = j + 1; //seginning = HelperMethods.FindNextRealStatement(((Block)stmts[i]).Statements, j + 1); if (seginning < 0) seginning = 0; //b = (Block)stmts[i]; // IMPORTANT! Need this to keep "b" in sync } } if (this.verbose) { Console.WriteLine("\tNumber of Preconditions: " + Preconditions.Count); Console.WriteLine("\tNumber of Postconditions: " + Postconditions.Count); } return true; }
private void MoveAbbreviatorRequires(Method targetMethod, RequiresList requiresList, RequiresList Preconditions, RequiresList validations, SourceContext useSite) { Contract.Requires(validations != null); if (requiresList == null) return; foreach (RequiresPlain req in requiresList) { if (!req.DefSite.IsValid) { req.DefSite = req.SourceContext; } req.SourceContext = useSite; req.IsFromValidation = false; // re-sanitize user message for this context req.UserMessage = SanitizeUserMessage(targetMethod, req.UserMessage, useSite); Preconditions.Add(req); validations.Add(req); // we keep everything on both lists so we can emit for validation or standard } }
private void CopyAbbreviatorContracts(Method targetMethod, Method abbreviatorMethodInstance, Expression targetObject, ExpressionList actuals, RequiresList Preconditions, EnsuresList Postconditions, SourceContext useSite, RequiresList validations, Block contractInitializer) { Contract.Requires(validations != null); // make sure to have extracted contracts from the abbreviator method prior if (abbreviatorMethodInstance.DeclaringType.DeclaringModule == targetMethod.DeclaringType.DeclaringModule) { var abbrevMethod = abbreviatorMethodInstance; while (abbrevMethod.Template != null) { abbrevMethod = abbrevMethod.Template; } this.VisitMethod(abbrevMethod); } if (abbreviatorMethodInstance.Contract == null) return; var copier = new AbbreviationDuplicator(abbreviatorMethodInstance, targetMethod, this.contractNodes, abbreviatorMethodInstance, targetObject, actuals); var abbrevContract = HelperMethods.DuplicateContractAndClosureParts(copier, targetMethod, abbreviatorMethodInstance, this.contractNodes, true); if (abbrevContract == null) return; if (HelperMethods.IsNonTrivial(abbrevContract.ContractInitializer)) { contractInitializer.Statements.Add(abbrevContract.ContractInitializer); } MoveAbbreviatorRequires(targetMethod, abbrevContract.Requires, Preconditions, validations, useSite); MoveAbbreviatorEnsures(targetMethod, abbrevContract.Ensures, Postconditions, useSite); }
public EventingVisitor(Action<RequiresList> visitRequiresList) { VisitedRequiresList += visitRequiresList; } public event Action<RequiresList> VisitedRequiresList; public override RequiresList VisitRequiresList(RequiresList Requires) { if (VisitedRequiresList != null) VisitedRequiresList(Requires); return base.VisitRequiresList(Requires); }