chc.proof package
Proof obligations and their proofs.
There are two types of proof obligations:
primary proof obligations (ppo’s)
supporting proof obligations (spo’s)
All proof obligations are expressed as assertions over program variables using a set of custom predicates.
Primary proof obligations are generated on the source for all constructs that can possibly result in undefined behavior. An example is:
*p = 0;
would generate the primary proof obligation
not-null(p)
Primary proof obligations are generated up front and the set of primary proof obligations remains fixed after that.
Supporting proof obligations are generated in support of assumptions generated (or added by the user) to discharge primary proof obligations (or other supporting proof obligations). Consider for example:
f(int *p){ *p = 0; }
The only way (without changing the code) to discharge the not-null(p)
proof obligation is to assume that the parameter p is not null. Thus
this assumption is (automatically) generated on api of the function f.
This, in turn, results in supporting proof obligations being generated
for each call site, e.g., the call
f(q);
will cause the supporting proof obligation:
not-null(q)
to be (automatically) generated.
The set of supporting proof obligations grows over the course of the analysis as new assumptions are introduced, new supporting proof obligations to justify these assumptions may have to be generated, which in turn need to be discharged themselves, providing thus a bottom-up context-sensitivity.
External assumption on a function. |
|
Dictionary for proof obligation predicates. |
|
Object representation of OCaml po_predicate_t. |
|
Dictionary of proof obligation types at function level. |
|
Base class for objects in the function-level proof obligation dictionary. |
|
Supporting proof obligation for a call site. |
|
Supporting proof obligations related to a single call site. |
|
Support proof obligation for a local assumption made. |
|
Super class of all (primary and supporting) proof obligations. |
|
Primary proof obligation. |
|
The collection of all primary proof obligations in a function. |
|
Main access point for a function's primary and supporting proof obligations. |
|
Supporting proof obligation for a return site. |
|
All supporting proof obligations associated with a single return site. |
|
Container for all supporting proof obligations in a function. |
|
Proof obligation predicate. |
|
Dependencies of proof on assumptions and invariants. |
|
Diagnostic messages related to an open proof obligation. |
|
Primary proof obligation as generated. |
|
Supporting proof obligation as generated to provide evidence for assumptions. |
Submodules
- chc.proof.AssumptionType module
- chc.proof.CFilePredicateDictionary module
- chc.proof.CFilePredicateRecord module
- chc.proof.CFunPODictionary module
- chc.proof.CFunPODictionaryRecord module
- chc.proof.CFunctionCallsiteSPO module
- chc.proof.CFunctionCallsiteSPOs module
- chc.proof.CFunctionLocalSPO module
- chc.proof.CFunctionPO module
- chc.proof.CFunctionPPO module
- chc.proof.CFunctionPPOs module
- chc.proof.CFunctionProofs module
- chc.proof.CFunctionReturnsiteSPO module
- chc.proof.CFunctionReturnsiteSPOs module
- chc.proof.CFunctionSPOs module
- chc.proof.CPOPredicate module
- chc.proof.CproofDependencies module
- chc.proof.CproofDiagnostic module
- chc.proof.PPOType module
- chc.proof.SPOType module