Merge pull request #6327 from feliperodri/free-assigns

No need to track write set with temporary variables

Author: feliperodri

regression/contracts/assigns_enforce_17/test.desc

@@ -3,7 +3,7 @@ main.c
 --enforce-all-contracts
 ^EXIT=0$
 ^SIGNAL=0$
-^\[main.assertion.\d+\] line \d+ assertion x \=\= 0\: SUCCESS$
+^\[main.assertion.\d+\] line \d+ assertion x \=\= 0: SUCCESS$
 ^VERIFICATION SUCCESSFUL$
 --
 --

regression/contracts/assigns_enforce_structs_04/test.desc

@@ -3,10 +3,10 @@ main.c
 --enforce-all-contracts
 ^EXIT=10$
 ^SIGNAL=0$
-^\[f1.\d+\] line \d+ Check that p\-\>y is assignable\: FAILURE$
-^\[f2.\d+\] line \d+ Check that p\-\>x is assignable\: FAILURE$
-^\[f3.\d+\] line \d+ Check that p\-\>y is assignable\: SUCCESS$
-^\[f4.\d+\] line \d+ Check that p is assignable\: FAILURE$
+^\[f1.\d+\] line \d+ Check that p->y is assignable: FAILURE$
+^\[f2.\d+\] line \d+ Check that p->x is assignable: FAILURE$
+^\[f3.\d+\] line \d+ Check that p->y is assignable: SUCCESS$
+^\[f4.\d+\] line \d+ Check that p is assignable: FAILURE$
 ^VERIFICATION FAILED$
 --
 --

regression/contracts/assigns_enforce_structs_05/test.desc

@@ -3,10 +3,10 @@ main.c
 --enforce-all-contracts
 ^EXIT=10$
 ^SIGNAL=0$
-^\[f1.\d+\] line \d+ Check that p\-\>y is assignable\: FAILURE$
-^\[f1.\d+\] line \d+ Check that p\-\>x\[\(.*\)0\] is assignable\: SUCCESS$
-^\[f1.\d+\] line \d+ Check that p\-\>x\[\(.*\)1\] is assignable\: SUCCESS$
-^\[f1.\d+\] line \d+ Check that p\-\>x\[\(.*\)2\] is assignable\: SUCCESS$
+^\[f1.\d+\] line \d+ Check that p->y is assignable: FAILURE$
+^\[f1.\d+\] line \d+ Check that p->x\[\(.*\)0\] is assignable: SUCCESS$
+^\[f1.\d+\] line \d+ Check that p->x\[\(.*\)1\] is assignable: SUCCESS$
+^\[f1.\d+\] line \d+ Check that p->x\[\(.*\)2\] is assignable: SUCCESS$
 ^VERIFICATION FAILED$
 --
 --

regression/contracts/assigns_enforce_structs_06/test.desc

@@ -3,14 +3,14 @@ main.c
 --enforce-all-contracts
 ^EXIT=10$
 ^SIGNAL=0$
-^\[f1.\d+\] line \d+ Check that p\-\>buf\[\(.*\)0\] is assignable\: SUCCESS$
-^\[f1.\d+\] line \d+ Check that p\-\>buf\[\(.*\)1\] is assignable\: SUCCESS$
-^\[f1.\d+\] line \d+ Check that p\-\>buf\[\(.*\)2\] is assignable\: SUCCESS$
-^\[f1.\d+\] line \d+ Check that p\-\>size is assignable\: FAILURE$
-^\[f2.\d+\] line \d+ Check that p\-\>buf\[\(.*\)0\] is assignable\: FAILURE$
-^\[f2.\d+\] line \d+ Check that p\-\>size is assignable\: SUCCESS$
-^\[f3.\d+\] line \d+ Check that p\-\>buf is assignable\: SUCCESS$
-^\[f3.\d+\] line \d+ Check that p\-\>size is assignable\: SUCCESS$
+^\[f1.\d+\] line \d+ Check that p->buf\[\(.*\)0\] is assignable: SUCCESS$
+^\[f1.\d+\] line \d+ Check that p->buf\[\(.*\)1\] is assignable: SUCCESS$
+^\[f1.\d+\] line \d+ Check that p->buf\[\(.*\)2\] is assignable: SUCCESS$
+^\[f1.\d+\] line \d+ Check that p->size is assignable: FAILURE$
+^\[f2.\d+\] line \d+ Check that p->buf\[\(.*\)0\] is assignable: FAILURE$
+^\[f2.\d+\] line \d+ Check that p->size is assignable: SUCCESS$
+^\[f3.\d+\] line \d+ Check that p->buf is assignable: SUCCESS$
+^\[f3.\d+\] line \d+ Check that p->size is assignable: SUCCESS$
 ^VERIFICATION FAILED$
 --
 --

regression/contracts/assigns_enforce_structs_07/main.c

@@ -0,0 +1,34 @@
+#include <assert.h>
+#include <stdint.h>
+#include <stdlib.h>
+
+struct pair
+{
+  uint8_t *buf;
+  size_t size;
+};
+
+struct pair_of_pairs
+{
+  struct pair *p;
+};
+
+void f1(struct pair *p) __CPROVER_assigns(*(p->buf))
+{
+  p->buf[0] = 0;
+}
+
+void f2(struct pair_of_pairs *pp) __CPROVER_assigns(*(pp->p->buf))
+{
+  pp->p->buf[0] = 0;
+}
+
+int main()
+{
+  struct pair *p = nondet_bool() ? malloc(sizeof(*p)) : NULL;
+  f1(p);
+  struct pair_of_pairs *pp = malloc(sizeof(*pp));
+  f2(pp);
+
+  return 0;
+}

regression/contracts/assigns_enforce_structs_07/test.desc

@@ -0,0 +1,14 @@
+CORE
+main.c
+--enforce-all-contracts _ --pointer-check
+^EXIT=10$
+^SIGNAL=0$
+^\[f1.\d+\] line \d+ Check that p->buf\[\(.*\)0\] is assignable: FAILURE$
+^\[f1.pointer\_dereference.\d+\] line \d+ dereference failure: pointer NULL in p->buf: FAILURE$
+^\[f2.\d+\] line \d+ Check that pp->p->buf\[\(.*\)0\] is assignable: FAILURE$
+^\[f2.pointer\_dereference.\d+\] line \d+ dereference failure: pointer NULL in pp->p->buf: FAILURE$
+^VERIFICATION FAILED$
+--
+--
+Checks whether CBMC properly evaluates write set of members
+from invalid objects. In this case, they are not writable.

regression/contracts/assigns_replace_07/main.c

@@ -0,0 +1,25 @@
+#include <assert.h>
+#include <stdint.h>
+#include <stdlib.h>
+
+struct pair
+{
+  uint8_t *buf;
+  size_t size;
+};
+
+void f1(struct pair *p) __CPROVER_assigns(*(p->buf))
+  __CPROVER_ensures(p->buf[0] == 0)
+{
+  p->buf[0] = 0;
+}
+
+int main()
+{
+  struct pair *p = nondet_bool() ? malloc(sizeof(*p)) : NULL;
+  f1(p);
+  // clang-format off
+  assert(p != NULL ==> p->buf[0] == 0);
+  // clang-format on
+  return 0;
+}

regression/contracts/assigns_replace_07/test.desc

@@ -0,0 +1,12 @@
+CORE
+main.c
+--replace-all-calls-with-contracts _ --pointer-check
+^EXIT=10$
+^SIGNAL=0$
+^\[pointer\_dereference.\d+\] file main.c line \d+ dereference failure: pointer NULL in p->buf: FAILURE$
+^\[main.assertion.\d+\] line \d+ assertion p \!\= NULL \=\=> p->buf\[0\] \=\= 0: FAILURE$
+^VERIFICATION FAILED$
+--
+--
+Checks whether CBMC properly evaluates write set of members
+from invalid objects. In this case, they are not writable.

regression/contracts/assigns_type_checking_valid_cases/test.desc

@@ -4,8 +4,8 @@ main.c
 ^EXIT=0$
 ^SIGNAL=0$
 ^\[foo1.\d+\] line \d+ Check that a is assignable: SUCCESS$
-^\[foo10.\d+\] line \d+ Check that buffer\-\>len is assignable: SUCCESS$
-^\[foo10.\d+\] line \d+ Check that buffer\-\>aux\.allocated is assignable: SUCCESS$
+^\[foo10.\d+\] line \d+ Check that buffer->len is assignable: SUCCESS$
+^\[foo10.\d+\] line \d+ Check that buffer->aux\.allocated is assignable: SUCCESS$
 ^\[foo2.\d+\] line \d+ Check that b is assignable: SUCCESS$
 ^\[foo3.\d+\] line \d+ Check that b is assignable: SUCCESS$
 ^\[foo3.\d+\] line \d+ Check that y is assignable: SUCCESS$
@@ -14,10 +14,10 @@ main.c
 ^\[foo4.\d+\] line \d+ Check that \*x is assignable: SUCCESS$
 ^\[foo5.\d+\] line \d+ Check that buffer.data is assignable: SUCCESS$
 ^\[foo5.\d+\] line \d+ Check that buffer.len is assignable: SUCCESS$
-^\[foo6.\d+\] line \d+ Check that \*buffer\-\>data is assignable: SUCCESS$
-^\[foo6.\d+\] line \d+ Check that buffer\-\>len is assignable: SUCCESS$
-^\[foo7.\d+\] line \d+ Check that \*buffer\-\>data is assignable: SUCCESS$
-^\[foo7.\d+\] line \d+ Check that buffer\-\>len is assignable: SUCCESS$
+^\[foo6.\d+\] line \d+ Check that \*buffer->data is assignable: SUCCESS$
+^\[foo6.\d+\] line \d+ Check that buffer->len is assignable: SUCCESS$
+^\[foo7.\d+\] line \d+ Check that \*buffer->data is assignable: SUCCESS$
+^\[foo7.\d+\] line \d+ Check that buffer->len is assignable: SUCCESS$
 ^\[foo8.\d+\] line \d+ Check that array\[\(.* int\)0\] is assignable: SUCCESS$
 ^\[foo8.\d+\] line \d+ Check that array\[\(.* int\)1\] is assignable: SUCCESS$
 ^\[foo8.\d+\] line \d+ Check that array\[\(.* int\)2\] is assignable: SUCCESS$

regression/contracts/assigns_validity_pointer_01/test.desc

@@ -16,9 +16,6 @@ ASSUME .*::tmp_if_expr\$\d
 IF ¬\(z ≠ NULL\) THEN GOTO \d
 ASSIGN .*::tmp_if_expr\$\d := \(\*z = 7 \? true : false\)
 ASSUME .*::tmp_if_expr\$\d
-// foo
-ASSUME \*.*::tmp_cc\$\d > 0
-ASSERT \*.*::tmp_cc\$\d = 3
 --
 \[3\] file main\.c line 6 assertion: FAILURE
 --