Add changes suggested during code review.

NlightNFotis · NlightNFotis · commit 112bd5bb90a5 · 2018-07-24T11:11:10.000+01:00
diff --git a/src/goto-symex/build_goto_trace.cpp b/src/goto-symex/build_goto_trace.cpp
@@ -222,7 +222,7 @@ void build_goto_trace(
       else if(it->is_atomic_end() && current_time<0)
         current_time*=-1;
 
-      PRECONDITION(current_time>=0);
+      INVARIANT(current_time>=0, "time keeping inconsistency");
       // move any steps gathered in an atomic section
 
       if(time_before<0)
diff --git a/src/goto-symex/goto_symex_state.cpp b/src/goto-symex/goto_symex_state.cpp
@@ -493,9 +493,10 @@ void goto_symex_statet::rename(
   }
   else if(expr.id()==ID_address_of)
   {
-    PRECONDITION(expr.operands().size() == 1);
-    rename_address(expr.op0(), ns, level);
     PRECONDITION(expr.type().id() == ID_pointer);
+    DATA_INVARIANT(
+    	expr.operands().size() == 1, "address_of should have a single operand");
+    rename_address(expr.op0(), ns, level);
     expr.type().subtype()=expr.op0().type();
   }
   else
diff --git a/src/goto-symex/postcondition.cpp b/src/goto-symex/postcondition.cpp
@@ -76,19 +76,22 @@ bool postconditiont::is_used_address_of(
   }
   else if(expr.id()==ID_index)
   {
-    PRECONDITION(expr.operands().size() == 2);
+    DATA_INVARIANT(
+    	expr.operands().size() == 2, "index expression should have two operands");
     return
       is_used_address_of(expr.op0(), identifier) ||
       is_used(expr.op1(), identifier);
   }
   else if(expr.id()==ID_member)
   {
-    PRECONDITION(expr.operands().size() == 1);
+    DATA_INVARIANT(
+    	expr.operands().size() == 1, "member expression should only have one operand");
     return is_used_address_of(expr.op0(), identifier);
   }
   else if(expr.id()==ID_dereference)
   {
-    PRECONDITION(expr.operands().size() == 1);
+    DATA_INVARIANT(
+    	expr.operands().size() == 1, "dereference expression should only have one operand");
     return is_used(expr.op0(), identifier);
   }
 
@@ -154,7 +157,9 @@ bool postconditiont::is_used(
   if(expr.id()==ID_address_of)
   {
     // only do index!
-    PRECONDITION(expr.operands().size() == 1);
+    DATA_INVARIANT(
+    	expr.operands().size() == 1,
+    	"address_of expression expected to have one operand at this point");
     return is_used_address_of(expr.op0(), identifier);
   }
   else if(expr.id()==ID_symbol &&
@@ -168,7 +173,9 @@ bool postconditiont::is_used(
   }
   else if(expr.id()==ID_dereference)
   {
-    PRECONDITION(expr.operands().size() == 1);
+    DATA_INVARIANT(
+    	expr.operands().size() == 1,
+    	"dereference expression expected to have one operand");
 
     // aliasing may happen here
 
diff --git a/src/goto-symex/precondition.cpp b/src/goto-symex/precondition.cpp
@@ -78,18 +78,21 @@ void preconditiont::compute_address_of(exprt &dest)
   }
   else if(dest.id()==ID_index)
   {
-    PRECONDITION(dest.operands().size() == 2);
+    DATA_INVARIANT(
+    	dest.operands().size() == 2, "index expression expected to have two operands");
     compute_address_of(dest.op0());
     compute(dest.op1());
   }
   else if(dest.id()==ID_member)
   {
-    PRECONDITION(dest.operands().size() == 1);
+    DATA_INVARIANT(
+    	dest.operands().size() == 1, "member expression expected to have one operand");
     compute_address_of(dest.op0());
   }
   else if(dest.id()==ID_dereference)
   {
-    PRECONDITION(dest.operands().size() == 1);
+    DATA_INVARIANT(
+    	dest.operands().size() == 1, "dereference expression expected to have 1 operand");
     compute(dest.op0());
   }
 }
@@ -104,12 +107,16 @@ void preconditiont::compute_rec(exprt &dest)
   if(dest.id()==ID_address_of)
   {
     // only do index!
-    PRECONDITION(dest.operands().size() == 1);
+    DATA_INVARIANT(
+    	dest.operands().size() == 1,
+    	"address_of expression expected to have one operand at this point");
     compute_address_of(dest.op0());
   }
   else if(dest.id()==ID_dereference)
   {
-    PRECONDITION(dest.operands().size() == 1);
+    DATA_INVARIANT(
+    	dest.operands().size() == 1,
+    	"dereference expression expected to have one operand at this point");
 
     const irep_idt &lhs_identifier=SSA_step.ssa_lhs.get_object_name();
 
diff --git a/src/goto-symex/slice_by_trace.cpp b/src/goto-symex/slice_by_trace.cpp
@@ -99,10 +99,6 @@ void symex_slice_by_tracet::slice_by_trace(
       simplify(copy_last, ns);
       implications.insert(copy_last);
     }
-    else if(!(g_copy.id()==ID_constant))
-    {
-      UNHANDLED_CASE;
-    }
   }
 
   slice_SSA_steps(equation, implications); // Slice based on implications
diff --git a/src/goto-symex/symex_assign.cpp b/src/goto-symex/symex_assign.cpp
@@ -55,8 +55,9 @@ void goto_symext::symex_assign(
       symex_allocate(state, lhs, side_effect_expr);
     else if(statement==ID_printf)
     {
-      if(lhs.is_not_nil())
-        throw "printf: unexpected assignment";
+    	PRECONDITION(!lhs.is_not_nil());
+      // if(lhs.is_not_nil())
+        // throw "printf: unexpected assignment";
       symex_printf(state, side_effect_expr);
     }
     else if(statement==ID_gcc_builtin_va_arg_next)
@@ -106,12 +107,15 @@ exprt goto_symext::add_to_lhs(
 
   while(p->is_not_nil())
   {
-    PRECONDITION(p->id()!=ID_symbol);
-    PRECONDITION(p->operands().size()>=1);
+    INVARIANT(
+    	p->id() != ID_symbol, "expected pointed-to expression to be a symbol");
+    INVARIANT(
+    	p->operands().size() >= 1,
+    	"expected pointed-to expression to have at least one operand");
     p=&p->op0();
   }
 
-  PRECONDITION(p->is_nil());
+  INVARIANT(p->is_nil(), "expected pointed-to expression to be nil at this point");
 
   *p=tmp_what;
   return new_lhs;
@@ -366,7 +370,9 @@ void goto_symext::symex_assign_struct_member(
   // typecasts involved? C++ does that for inheritance.
   if(lhs_struct.id()==ID_typecast)
   {
-    PRECONDITION(lhs_struct.operands().size() == 1);
+    DATA_INVARIANT(
+    	lhs_struct.operands().size() == 1,
+    	"typecast expression expected to have one operand");
 
     if(lhs_struct.op0().id() == ID_null_object)
     {
@@ -445,7 +451,7 @@ void goto_symext::symex_assign_if(
     guard.swap(old_guard);
   }
 
-  if(!renamed_guard.is_true())
+if(!renamed_guard.is_true())
   {
     guard.add(not_exprt(renamed_guard));
     symex_assign_rec(
diff --git a/src/goto-symex/symex_atomic_section.cpp b/src/goto-symex/symex_atomic_section.cpp
@@ -16,10 +16,9 @@ void goto_symext::symex_atomic_begin(statet &state)
   if(state.guard.is_false())
     return;
 
-  // we don't allow any nesting of atomic sections
-  INVARIANT(state.atomic_section_id == 0, 
-  	"nested atomic section detected at " +
-      state.source.pc->source_location.as_string());
+  INVARIANT(
+  	state.atomic_section_id == 0, 
+  	"we don't support nesting of atomic sections");
 
   state.atomic_section_id=++atomic_section_counter;
   state.read_in_atomic_section.clear();
diff --git a/src/goto-symex/symex_builtin_functions.cpp b/src/goto-symex/symex_builtin_functions.cpp
@@ -174,7 +174,7 @@ void goto_symext::symex_allocate(
         ns,
         null_message);
 
-    PRECONDITION(zero_value.is_not_nil())
+    CHECK_RETURN(zero_value.is_not_nil());
     code_assignt assignment(value_symbol.symbol_expr(), zero_value);
     symex_assign(state, assignment);
   }
@@ -229,7 +229,7 @@ void goto_symext::symex_gcc_builtin_va_arg_next(
   const exprt &lhs,
   const side_effect_exprt &code)
 {
-  PRECONDITION(code.operands().size() != 1);
+  PRECONDITION(code.operands().size() == 1);
 
   if(lhs.is_nil())
     return; // ignore
@@ -518,7 +518,7 @@ void goto_symext::symex_macro(
 {
   const irep_idt &identifier=code.op0().get(ID_identifier);
 
-  PRECONDITION(identifier == CPROVER_MACRO_PREFIX "waitfor")
+  PRECONDITION(identifier == CPROVER_MACRO_PREFIX "waitfor");
   #if 0
   exprt new_fc("waitfor", fc.type());
 
diff --git a/src/goto-symex/symex_dead.cpp b/src/goto-symex/symex_dead.cpp
@@ -23,8 +23,8 @@ void goto_symext::symex_dead(statet &state)
 
   const codet &code=to_code(instruction.code);
 
-  PRECONDITION(code.operands().size()!=1);
-	PRECONDITION(code.op0().id()!=ID_symbol);
+  PRECONDITION(code.operands().size()==1);
+  PRECONDITION(code.op0().id()==ID_symbol);
   
   // We increase the L2 renaming to make these non-deterministic.
   // We also prevent propagation of old values.
diff --git a/src/goto-symex/symex_decl.cpp b/src/goto-symex/symex_decl.cpp
@@ -26,7 +26,6 @@ void goto_symext::symex_decl(statet &state)
   const codet &code=to_code(instruction.code);
 
   // two-operand decl not supported here
-  PRECONDITION(code.operands().size()!=2);
   // we handle the decl with only one operand
   PRECONDITION(code.operands().size()==1);
   PRECONDITION(code.op0().id()!=ID_symbol);
diff --git a/src/goto-symex/symex_dereference.cpp b/src/goto-symex/symex_dereference.cpp
@@ -155,7 +155,9 @@ exprt goto_symext::address_arithmetic(
   }
   else if(expr.id()==ID_dereference)
   {
-  	PRECONDITION(expr.operands().size()==1);
+  	DATA_INVARIANT(
+  		expr.operands().size() == 1,
+  		"dereference expression expected to have one operand");
     // ANSI-C guarantees &*p == p no matter what p is,
     // even if it's complete garbage
     // just grab the pointer, but be wary of further dereferencing
@@ -234,7 +236,9 @@ void goto_symext::dereference_rec(
 {
   if(expr.id()==ID_dereference)
   {
-    PRECONDITION(expr.operands().size()==1);
+    DATA_INVARIANT(
+    	expr.operands().size() == 1,
+    	"dereference expression expected to have one operand");
 
     bool expr_is_not_null = false;
 
diff --git a/src/goto-symex/symex_function_call.cpp b/src/goto-symex/symex_function_call.cpp
@@ -173,7 +173,7 @@ void goto_symext::symex_function_call(
   // expression ids(), like ID_Dereference, please expand the
   // precondition appropriately.
   PRECONDITION(function.id() == ID_symbol);
-	symex_function_call_symbol(get_goto_function, state, code);
+  symex_function_call_symbol(get_goto_function, state, code);
 }
 
 void goto_symext::symex_function_call_symbol(
@@ -427,7 +427,9 @@ void goto_symext::return_assignment(statet &state)
 
   target.location(state.guard.as_expr(), state.source);
 
-  PRECONDITION(code.operands().size() == 1);
+  PRECONDITION(
+  	code.operands().size() == 1 ||
+  	frame.return_value.is_nil());
   
   exprt value=code.op0();
 
@@ -441,6 +443,4 @@ void goto_symext::return_assignment(statet &state)
 
     symex_assign(state, assignment);
   }
-
-  POSTCONDITION(!frame.return_value.is_not_nil());
 }
diff --git a/src/goto-symex/symex_goto.cpp b/src/goto-symex/symex_goto.cpp
@@ -49,7 +49,7 @@ void goto_symext::symex_goto(statet &state)
 
   // we only do deterministic gotos for now
   DATA_INVARIANT(
-  	instruction.targets.size()!=1, "no support for non-deterministic gotos");
+  	instruction.targets.size() == 1, "no support for non-deterministic gotos");
 
   goto_programt::const_targett goto_target=
     instruction.get_target();
diff --git a/src/goto-symex/symex_main.cpp b/src/goto-symex/symex_main.cpp
@@ -107,8 +107,12 @@ void goto_symext::rewrite_quantifiers(exprt &expr, statet &state)
   {
     // forall X. P -> P
     // we keep the quantified variable unique by means of L2 renaming
-    PRECONDITION(expr.operands().size() == 2);
-    PRECONDITION(expr.op0().id() == ID_symbol);
+    DATA_INVARIANT(
+    	expr.operands().size() == 2,
+    	"for_all expression expected to have two operands");
+    DATA_INVARIANT(
+    	expr.op0().id() == ID_symbol,
+    	"first operand of for_all expression expected to be a symbol");
     symbol_exprt tmp0=
       to_symbol_expr(to_ssa_expr(expr.op0()).get_original_expr());
     symex_decl(state, tmp0);
diff --git a/src/goto-symex/symex_other.cpp b/src/goto-symex/symex_other.cpp
@@ -137,7 +137,9 @@ void goto_symext::symex_other(
     // 3. build an assignment where the type on lhs and rhs is:
     // - array_copy: the type of the first array (even if the second is smaller)
     // - array_replace: the type of the second array (even if it is smaller)
-  	PRECONDITION(code.operands().size() == 2);
+  	DATA_INVARIANT(
+  		code.operands().size() == 2,
+  		"expected statement to have two operands at this point");
 
     // we need to add dereferencing for both operands
     dereference_exprt dest_array(code.op0());
@@ -185,7 +187,9 @@ void goto_symext::symex_other(
     // process_array_expr)
     // 3. use the type of the resulting array to construct an array_of
     // expression
-    PRECONDITION(code.operands().size() == 2);
+    DATA_INVARIANT(
+  		code.operands().size() == 2,
+  		"expected statement to have two operands at this point");
 
     // we need to add dereferencing for the first operand
     exprt array_expr = dereference_exprt(code.op0());
@@ -230,7 +234,9 @@ void goto_symext::symex_other(
     // 3. build an assignment where the lhs is the previous third argument, and
     // the right-hand side is an equality over the arrays, if their types match;
     // if the types don't match the result trivially is false
-    PRECONDITION(code.operands().size() == 3);
+    DATA_INVARIANT(
+  		code.operands().size() == 3,
+  		"expected statement to have three operands at this point");
 
     // we need to add dereferencing for the first two
     dereference_exprt array1(code.op0());
@@ -262,7 +268,9 @@ void goto_symext::symex_other(
   }
   else if(statement==ID_havoc_object)
   {
-    PRECONDITION(code.operands().size()==1);
+    DATA_INVARIANT(
+  		code.operands().size() == 1,
+  		"expected statement to have one operand at this point");
 
     // we need to add dereferencing for the first operand
     dereference_exprt object(code.op0(), empty_typet());

Original file line number	Diff line number	Diff line change
`@@ -493,9 +493,10 @@ void goto_symex_statet::rename(`
`493`	`493`	`}`
`494`	`494`	`else if(expr.id()==ID_address_of)`
`495`	`495`	`{`
`496`		`- PRECONDITION(expr.operands().size() == 1);`
`497`		`- rename_address(expr.op0(), ns, level);`
`498`	`496`	`PRECONDITION(expr.type().id() == ID_pointer);`
	`497`	`+ DATA_INVARIANT(`
	`498`	`+ expr.operands().size() == 1, "address_of should have a single operand");`
	`499`	`+ rename_address(expr.op0(), ns, level);`
`499`	`500`	`expr.type().subtype()=expr.op0().type();`
`500`	`501`	`}`
`501`	`502`	`else`
Original file line number	Diff line number	Diff line change
`@@ -76,19 +76,22 @@ bool postconditiont::is_used_address_of(`
`76`	`76`	`}`
`77`	`77`	`else if(expr.id()==ID_index)`
`78`	`78`	`{`
`79`		`- PRECONDITION(expr.operands().size() == 2);`
	`79`	`+ DATA_INVARIANT(`
	`80`	`+ expr.operands().size() == 2, "index expression should have two operands");`
`80`	`81`	`return`
`81`	`82`	`is_used_address_of(expr.op0(), identifier) \|\|`
`82`	`83`	`is_used(expr.op1(), identifier);`
`83`	`84`	`}`
`84`	`85`	`else if(expr.id()==ID_member)`
`85`	`86`	`{`
`86`		`- PRECONDITION(expr.operands().size() == 1);`
	`87`	`+ DATA_INVARIANT(`
	`88`	`+ expr.operands().size() == 1, "member expression should only have one operand");`
`87`	`89`	`return is_used_address_of(expr.op0(), identifier);`
`88`	`90`	`}`
`89`	`91`	`else if(expr.id()==ID_dereference)`
`90`	`92`	`{`
`91`		`- PRECONDITION(expr.operands().size() == 1);`
	`93`	`+ DATA_INVARIANT(`
	`94`	`+ expr.operands().size() == 1, "dereference expression should only have one operand");`
`92`	`95`	`return is_used(expr.op0(), identifier);`
`93`	`96`	`}`
`94`	`97`
`@@ -154,7 +157,9 @@ bool postconditiont::is_used(`
`154`	`157`	`if(expr.id()==ID_address_of)`
`155`	`158`	`{`
`156`	`159`	`// only do index!`
`157`		`- PRECONDITION(expr.operands().size() == 1);`
	`160`	`+ DATA_INVARIANT(`
	`161`	`+ expr.operands().size() == 1,`
	`162`	`+ "address_of expression expected to have one operand at this point");`
`158`	`163`	`return is_used_address_of(expr.op0(), identifier);`
`159`	`164`	`}`
`160`	`165`	`else if(expr.id()==ID_symbol &&`
`@@ -168,7 +173,9 @@ bool postconditiont::is_used(`
`168`	`173`	`}`
`169`	`174`	`else if(expr.id()==ID_dereference)`
`170`	`175`	`{`
`171`		`- PRECONDITION(expr.operands().size() == 1);`
	`176`	`+ DATA_INVARIANT(`
	`177`	`+ expr.operands().size() == 1,`
	`178`	`+ "dereference expression expected to have one operand");`
`172`	`179`
`173`	`180`	`// aliasing may happen here`
`174`	`181`
Original file line number	Diff line number	Diff line change
`@@ -78,18 +78,21 @@ void preconditiont::compute_address_of(exprt &dest)`
`78`	`78`	`}`
`79`	`79`	`else if(dest.id()==ID_index)`
`80`	`80`	`{`
`81`		`- PRECONDITION(dest.operands().size() == 2);`
	`81`	`+ DATA_INVARIANT(`
	`82`	`+ dest.operands().size() == 2, "index expression expected to have two operands");`
`82`	`83`	`compute_address_of(dest.op0());`
`83`	`84`	`compute(dest.op1());`
`84`	`85`	`}`
`85`	`86`	`else if(dest.id()==ID_member)`
`86`	`87`	`{`
`87`		`- PRECONDITION(dest.operands().size() == 1);`
	`88`	`+ DATA_INVARIANT(`
	`89`	`+ dest.operands().size() == 1, "member expression expected to have one operand");`
`88`	`90`	`compute_address_of(dest.op0());`
`89`	`91`	`}`
`90`	`92`	`else if(dest.id()==ID_dereference)`
`91`	`93`	`{`
`92`		`- PRECONDITION(dest.operands().size() == 1);`
	`94`	`+ DATA_INVARIANT(`
	`95`	`+ dest.operands().size() == 1, "dereference expression expected to have 1 operand");`
`93`	`96`	`compute(dest.op0());`
`94`	`97`	`}`
`95`	`98`	`}`
`@@ -104,12 +107,16 @@ void preconditiont::compute_rec(exprt &dest)`
`104`	`107`	`if(dest.id()==ID_address_of)`
`105`	`108`	`{`
`106`	`109`	`// only do index!`
`107`		`- PRECONDITION(dest.operands().size() == 1);`
	`110`	`+ DATA_INVARIANT(`
	`111`	`+ dest.operands().size() == 1,`
	`112`	`+ "address_of expression expected to have one operand at this point");`
`108`	`113`	`compute_address_of(dest.op0());`
`109`	`114`	`}`
`110`	`115`	`else if(dest.id()==ID_dereference)`
`111`	`116`	`{`
`112`		`- PRECONDITION(dest.operands().size() == 1);`
	`117`	`+ DATA_INVARIANT(`
	`118`	`+ dest.operands().size() == 1,`
	`119`	`+ "dereference expression expected to have one operand at this point");`
`113`	`120`
`114`	`121`	`const irep_idt &lhs_identifier=SSA_step.ssa_lhs.get_object_name();`
`115`	`122`
Original file line number	Diff line number	Diff line change
`@@ -99,10 +99,6 @@ void symex_slice_by_tracet::slice_by_trace(`
`99`	`99`	`simplify(copy_last, ns);`
`100`	`100`	`implications.insert(copy_last);`
`101`	`101`	`}`
`102`		`- else if(!(g_copy.id()==ID_constant))`
`103`		`- {`
`104`		`- UNHANDLED_CASE;`
`105`		`- }`
`106`	`102`	`}`
`107`	`103`
`108`	`104`	`slice_SSA_steps(equation, implications); // Slice based on implications`
Original file line number	Diff line number	Diff line change
`@@ -55,8 +55,9 @@ void goto_symext::symex_assign(`
`55`	`55`	`symex_allocate(state, lhs, side_effect_expr);`
`56`	`56`	`else if(statement==ID_printf)`
`57`	`57`	`{`
`58`		`- if(lhs.is_not_nil())`
`59`		`- throw "printf: unexpected assignment";`
	`58`	`+ PRECONDITION(!lhs.is_not_nil());`
	`59`	`+ // if(lhs.is_not_nil())`
	`60`	`+ // throw "printf: unexpected assignment";`
`60`	`61`	`symex_printf(state, side_effect_expr);`
`61`	`62`	`}`
`62`	`63`	`else if(statement==ID_gcc_builtin_va_arg_next)`
`@@ -106,12 +107,15 @@ exprt goto_symext::add_to_lhs(`
`106`	`107`
`107`	`108`	`while(p->is_not_nil())`
`108`	`109`	`{`
`109`		`- PRECONDITION(p->id()!=ID_symbol);`
`110`		`- PRECONDITION(p->operands().size()>=1);`
	`110`	`+ INVARIANT(`
	`111`	`+ p->id() != ID_symbol, "expected pointed-to expression to be a symbol");`
	`112`	`+ INVARIANT(`
	`113`	`+ p->operands().size() >= 1,`
	`114`	`+ "expected pointed-to expression to have at least one operand");`
`111`	`115`	`p=&p->op0();`
`112`	`116`	`}`
`113`	`117`
`114`		`- PRECONDITION(p->is_nil());`
	`118`	`+ INVARIANT(p->is_nil(), "expected pointed-to expression to be nil at this point");`
`115`	`119`
`116`	`120`	`*p=tmp_what;`
`117`	`121`	`return new_lhs;`
`@@ -366,7 +370,9 @@ void goto_symext::symex_assign_struct_member(`
`366`	`370`	`// typecasts involved? C++ does that for inheritance.`
`367`	`371`	`if(lhs_struct.id()==ID_typecast)`
`368`	`372`	`{`
`369`		`- PRECONDITION(lhs_struct.operands().size() == 1);`
	`373`	`+ DATA_INVARIANT(`
	`374`	`+ lhs_struct.operands().size() == 1,`
	`375`	`+ "typecast expression expected to have one operand");`
`370`	`376`
`371`	`377`	`if(lhs_struct.op0().id() == ID_null_object)`
`372`	`378`	`{`
`@@ -445,7 +451,7 @@ void goto_symext::symex_assign_if(`
`445`	`451`	`guard.swap(old_guard);`
`446`	`452`	`}`
`447`	`453`
`448`		`- if(!renamed_guard.is_true())`
	`454`	`+if(!renamed_guard.is_true())`
`449`	`455`	`{`
`450`	`456`	`guard.add(not_exprt(renamed_guard));`
`451`	`457`	`symex_assign_rec(`