Function Contracts: Mutual recursion function contract wrapper for replace code stub #3316
Labels
[C] Feature / Enhancement
A new feature request or enhancement to an existing feature.
Z-Contracts
Issue related to code contracts
Milestone
Function contracts are not being properly expanded when the recursive call to the function occurs outside of the function body
Consider the following code:
Within the verification of
even
, we would expect it to callodd
which refers to the code stub recursively marked version ofeven
because you are re-entering theeven
function during the verification of it.Instead, we get the following expansion:
Note that
even_check_882c72
callsodd
which callseven
instead of the recursive wrappereven_recursion_wrapper_882c72
even though functions are marked by#[kanitool::recursion]
While this example is easier, consider the example of mutually recursive functions with mutable arguments:
We would expect
odd
to expand out with the same modifies clause wrapper in the way that CBMC augments all functions with a write set. Instead we get the following:This suggests we might need some kind of transformation on the whole code base like CBMC does where the write set is a pointer to pointers, and if the pointer is NULL, we don't check for inclusion into the write set, but if the pointer is a valid pointer of pointers, then we check the write set.
The text was updated successfully, but these errors were encountered: