Skip to content

Document recursive functions support in contracts #7188

New issue
New issue
Open
Open
Document recursive functions support in contracts#7188
Assignees
remi-delmas-3000
Labels
Code ContractsFunction and loop contractsawsBugs or features of importance to AWS CBMC usersdocumentation
@feliperodri

Description

@feliperodri
feliperodri
opened on Oct 5, 2022

CBMC version: 5.67.0
Operating system: N/A

Currently we:

  • rename the target function, say f, to original_f
  • generate a wrapper function with the same name and insert assumptions & assertions as per the contracts
  • all calls to original_f are now replaced with calls to the wrapper f because of renaming

This would result in unsoundness for recursive functions. For example, consider the test.c file below:

int f(int y)
__CPROVER_requires(y >= 0)
__CPROVER_ensures(y >= 0)
{
    if (y < 0)
        return y;
    else
    {
        f(-1);
        assert(0);
    }
}
  • Running cbmc --function f test.c reports a failure, as expected
  • However, running goto-cc --function f test.c -o test.goto && goto-instrument --enforce-contract f test.goto test_enforced.goto && cbmc test_enforced.goto reports success!

A Possible Fix

As discussed, one way to fix this would be to:

  • preserve the name for the original function, no original_f
  • create a new name for the wrapper function f_enforced or something like that
  • replace the call to f with a call to f_enforced only at the entry point (the first call in the CFG)

Metadata

Metadata

Assignees

Labels

Code ContractsFunction and loop contractsawsBugs or features of importance to AWS CBMC usersdocumentation

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions