Changes between Version 4 and Version 5 of ContractReduction


Ignore:
Timestamp:
07/01/14 15:22:23 (12 years ago)
Author:
siegel
Comment:

--

Legend:

Unmodified
Added
Removed
Modified

  • ContractReduction

    v4 v5  
    11== Contract Reduction Language  ==
    22
    3 Given a process `p` that is at a state that a call to a system function `f` is enabled,
    4 if `p` is chosen in the ample set, then the following represents the set of processes other than
    5 `p` that have to be in the ample set as well:
     3The following contractual clause may appear in a function contract in the same places that `$ensures` or `$requires` clauses can appear:
     4{{{
     5$depends expr ;
     6}}}
     7where `expr` is an expression of type function-from-`$proc`-to-boolean.  This expression will usually be specified as a lambda expression:
     8{{{
     9$depends $lambda($proc p) e ;
     10}}}
     11where `e` is a boolean expression, usually involving `p`.
    612
    7 `$ample{ BOOLEAN EXPRESSION }`
     13The following boolean expressions may be used as constituents in the boolean expression `e`:
    814
    9     where `BOOLEAN EXPRESSION` is composed of the following functions over `f`'s arguments (`a, ...`).
     15- `$reach($proc p, void * obj)`
     16    returns true iff the memory unit pointed to by `obj` is reachable from process `p`.  This means there is a path from the variables on the call stack of `p` to the memory unit, following following array elements, struct members, and pointer dereferences.
    1017
    11 - `$reach(a, ...)`
    12     returns true iff the memory unit of the object `a` (or others if present) is reachable by a given process `p'`.
     18- `$reach_rec($proc p, void * obj)`
     19    returns true iff any of the memory units reachable from the object pointed to by obj (including the object pointed to by `obj` itself) is reachable from process `p'`.
    1320
    14 - `$reach_from(a, ...)`
    15     returns true iff any of the memory units reachable from the object `a` (or others if present) is reachable by a given process `p'`.
     21- `$write($proc p, void * obj)`
     22    returns true iff the memory unit pointed to by `obj` is not only reachable from `p` but if it is possible that `p` (or a process spawned by `p`) could write to that memory unit at some point now or in the future.
    1623
    17 - `$write(a, ...)`
    18     returns true iff the memory unit of the object `a` (or others if present) is to be written now or in the future by a given process `p'`.
     24- `$write_rec($proc p, void * obj)`
     25    like above but true if any of the memory units in the reachable region specified by `obj` may be written to
    1926
    20 - `$write_from(a, ...)`
    21     returns true iff any of the memory units reachable from the object `a` (or others if present) is to be written now or in the future by a given process `p'`.
    22 
    23 - `$ample{$true}`
    24     any process exists in the state should be in the ample set
    25 
    26 - `$ample{$false}`
    27     any process other than the current process (`$self`) need NOT be in the ample set.
    2827
    2928Conditional amples set: `[COND] $ample{EXPR1} : $ample(EXPR2)`