source: CIVL/include/headers/civlc.cvh@ 1aaefd4

main test-branch
Last change on this file since 1aaefd4 was 1aaefd4, checked in by Wenhao Wu <wuwenhao@…>, 3 years ago

Add the declaration of the system function $elaborate_domain to civlc.cvh and call it in $omp_arrive_loop,
so that the domain can be concrete before iterating.
Also, add an exception handling in CommonSymbolicUtility in case a symbolic domain is iterated.

git-svn-id: svn://vsl.cis.udel.edu/civl/trunk@5754 fb995dde-84ed-4084-dfe6-e5aef3e2452c
  • Property mode set to 100644
File size: 8.0 KB
Line 
1/* This header file contains the core definitions of the CIVL-C language,
2 * including standard types and function prototypes.
3 */
4
5#ifndef _CIVLC_
6#define _CIVLC_
7
8#pragma CIVL ACSL
9/* ********************* Standard Constants and Types ********************* */
10#define $true 1
11
12#define $false 0
13
14#ifndef NULL
15#define NULL ((void*)0)
16#endif
17
18#ifndef __UNSIGNED_BOUND
19#define __UNSIGNED_BOUND 32
20#endif
21
22#define $elaborate(x) for(int _i = 0; _i < (x); _i++)
23
24typedef unsigned long int size_t;
25
26/* ************************** Basic CIVL-C Types ************************** */
27/* The CIVL-C process reference type */
28typedef struct $proc $proc;
29
30/* The CIVL-C scope type, used to represent a scope */
31typedef struct $scope $scope;
32
33/* The CIVL-C program state refrence type */
34typedef struct $state $state;
35
36/* The CIVL-C dynamic type, used to represent a symbolic type */
37typedef struct $dynamic $dynamic;
38
39/* **************************** Misc. Functions **************************** */
40
41/* Wait for another process p to terminate. */
42/*@ depends_on \nothing;
43 @*/
44$system void $wait($proc p);
45
46/* Blocks until all processes referred to by the given
47 array terminates. */
48/*@ depends_on \nothing;
49 @*/
50$system void $waitall($proc *procs, int numProcs);
51
52/* Terminate the calling process. */
53/*@ depends_on \nothing;
54 @ executes_when \true;
55 @*/
56$system void $exit(void);
57
58/* Checks if the given process has terminated.
59 *
60 * The result returned could change from false to true
61 * if any transition in p executes. Currently we don't
62 * have any way to say "depends on any transition in p".
63 */
64/*@
65 @ executes_when \true;
66 @*/
67$system _Bool $is_terminated($proc p);
68
69/* Nondeterministic choice of integer i, such that 0<=i<n. */
70/*@ depends_on \nothing;
71 @ executes_when \true;
72 @*/
73$system int $choose_int(int n);
74
75/*@ depends_on \nothing;
76 @ executes_when \true;
77 @*/
78$system void $elaborate_domain($domain d);
79
80/*@ depends_on \nothing;
81 @ executes_when \true;
82 @*/
83$system void $assert(_Bool expr, ...);
84
85/*@ depends_on \nothing;
86 @ executes_when \true;
87 @*/
88$system void $assume(_Bool expr);
89
90/* get a unique non-negative integer number for time count */
91/*@ depends_on \nothing;
92 @ executes_when \true;
93 @*/
94$system int $next_time_count(void);
95
96/* print the path condition of the current state */
97/*@
98 @ depends_on \nothing;
99 @ executes_when \true;
100 @*/
101$system void $pathCondition(void);
102
103/* is the given value concrete? */
104/*@ pure;
105 @ depends_on \nothing;
106 @ executes_when \true;
107 @*/
108$system $pure _Bool $is_concrete_int(int value);
109
110/* **************************** Memory Functions *************************** */
111
112/* The CIVL-C malloc function, which takes a reference to a scope */
113/*@ depends_on \nothing;
114 @ executes_when \true;
115 @*/
116$system void* $malloc($scope s, int size);
117
118/* The CIVL-C de-allocation function, which takes a pointer, just like
119 * the standard "free" */
120/*@ depends_on \access(p);
121 @ executes_when \true;
122 @*/
123$system void $free(void *p);
124
125
126/* Assigns arbitrary value to the memory location specified by the given pointer.
127 */
128/*@ depends_on \access(ptr);
129 @ executes_when \true;
130 @*/
131$system void $havoc(void *ptr);
132
133/* Special $abstract function meant to temporarily "hide" a pointer value from
134 * being considered reachable by POR analysis
135 */
136$abstract void* $hide(const void* ptr);
137
138/* Replaces any subexpressions of the value of ptr of the form $hide(p_expr) with
139 * p_expr. In other words, it pulls out the arguments to any calls to $hide,
140 * "revealing" them to be reachable by POR again.
141 */
142/*@ pure;
143 @ depends_on \nothing;
144 @ executes_when \true;
145 @*/
146$system void* $reveal(const void* ptr);
147
148/* Determines if a given pointer value is an application of the $abstract function
149 * $hide (potentially, inside of a cast and/or with an offset)
150 */
151/*@ pure;
152 @ depends_on \nothing;
153 @ executes_when \true;
154 @*/
155$system _Bool $hidden(const void* ptr);
156
157/* Assigns default value to the object referred by the given pointer
158 * "ptr" as if the object has static storage. The definition of
159 * default values of objects having static storage conforms C11
160 * standard.
161 *
162 * The object pointed by "ptr" must have some type.
163 */
164/*@ depends_on \access(ptr);
165 @ executes_when \true;
166 @*/
167$system void $default_value(void *ptr);
168
169/* Returns the value of real number power operation with the given base and exponent.
170 */
171/*@ pure;
172 @ depends_on \nothing;
173 @ executes_when \true;
174 @*/
175$system double $pow(double base, double exp);
176
177/** returns true iff the given pointer is a dereferable pointer */
178/*@ depends_on \nothing;
179 @ executes_when \true;
180 @*/
181$system $state_f _Bool $is_derefable(void * ptr);
182
183/* Returns the reference to a snapshot of the current process from the
184 current state */
185/*@ depends_on \nothing;
186 @ executes_when \true;
187 @*/
188$system $state_f $state $get_state();
189
190/* Returns the reference to the current state */
191/*@ depends_on \nothing; */
192/*@ executes_when \true; */
193$system $state $get_full_state();
194
195// the types will be updated to $integer later
196/*@ pure;
197 @ depends_on \nothing;
198 @ executes_when \true;
199 @*/
200$system int $remainder(int x, int y);
201
202/*@ pure;
203 @ depends_on \nothing;
204 @ executes_when \true;
205 @*/
206$system int $quotient(int x, int y);
207
208/* Push an assumption into the partial path condition stack belong to
209 the calling process. */
210/*@ depends_on \nothing; */
211/*@ executes_when \true; */
212$system void $assume_push(_Bool pred);
213
214/* Pop an entry out of a partial path condition stack belong to the
215 calling process. */
216/*@ depends_on \nothing; */
217/*@ executes_when \true; */
218$system void $assume_pop();
219
220/** The system function informs the verifier that the process is
221 entering an local block. To the verifier, everything in a local
222 block is purely local, i.e., nothing can affect any other process.
223 */
224/*@ depends_on \nothing; */
225/*@ executes_when \true; */
226$system void $local_start();
227
228/** The system function informs the verifier that the process is
229 leaving an local block.
230 */
231$system void $local_end();
232
233/*********************************************************************
234 * As long as a process has a non-empty write set stack, any
235 * modification on variables and memroy heap objects will be recorded
236 * in the write set.
237 *********************************************************************/
238
239/* This is a system function which has the same specification as $when
240 but more strict requirements: The given condition can ONLY change
241 from false to true (or stay true) in any execution of a program,
242 otherwise CIVL will not guarantee the soundness for deadlock-free
243 property.
244 */
245/*@ depends_on \nothing;
246 @*/
247$system void $unidirectional_when(_Bool condition);
248
249/*@ depends_on \access(value);
250 @ executes_when \true;
251 @*/
252$atomic_f void $output_assign(void * output,const void * value, int size);
253
254/* returns the size (in bytes) of the heap of the given scope */
255$system $atomic_f size_t $heap_size($scope scope);
256
257/** The base address q of a pointer p is:
258 *
259 * 1. q := p, if p points anything other than an array element.
260 *
261 * 2. q := a pointer to the first element of the array referred by p,
262 * if p points an array element.
263 *
264 * Note that an "array" here means the physical array which is always
265 * one-dimensional. And a sequence of memory spaces allocated by
266 * malloc will be seen as an array.
267 */
268/*@ depends_on \nothing;
269 @ executes_when \true;
270 @*/
271$system $state_f void * $array_base_address_of(const void *ptr);
272
273
274/** This system function itself is a no-op. However, when a process
275 is at a call to this function, other processes are allowed to
276 interrupt this process. This behavior is in the contrary to an
277 atomic execution that a process cannot be interrupted by other
278 processes. NOTE that allowing other processes to interrupt the
279 current process does not necessarily mean that the interruption
280 will happen. Whether an interruption actually happens (i.e.,
281 transitions of more processes than the current one are enabled at
282 the current state) depends on the POR algorithm.
283 */
284/*@ depends_on \nothing;
285 @*/
286$system void $yield();
287
288#endif
289
290
291
292
Note: See TracBrowser for help on using the repository browser.