def field_accessor_functions(field: Field,
package_name: str) -> List[Subprogram]:
precondition = Precondition(
And(COMMON_PRECONDITION, LogCall(f'Valid_{field.name} (Buffer)')))
functions: List[Subprogram] = []
if isinstance(field.type, Array):
for attribute in ['First', 'Last']:
functions.append(
ExpressionFunction(
f'Get_{field.name}_{attribute}', 'Types.Index_Type',
[('Buffer', 'Types.Bytes')],
IfExpression([(
LogCall(f'Valid_{field.name}_{variant_id} (Buffer)'),
LogCall(
f'Get_{field.name}_{variant_id}_{attribute} (Buffer)'
)) for variant_id in field.variants],
'Unreachable_Types_Index_Type'),
[precondition]))
body: List[Statement] = [
Assignment('First', MathCall(f'Get_{field.name}_First (Buffer)')),
Assignment('Last', MathCall(f'Get_{field.name}_Last (Buffer)'))
]
postcondition = Postcondition(
And(
Equal(Value('First'),
MathCall(f'Get_{field.name}_First (Buffer)')),
Equal(Value('Last'),
MathCall(f'Get_{field.name}_Last (Buffer)'))))
if 'Payload' not in field.type.name:
predicate = f'{package_name}.{field.type.name}.Is_Contained (Buffer (First .. Last))'
body.append(PragmaStatement('Assume', [predicate]))
postcondition.expr = And(postcondition.expr, LogCall(predicate))
functions.append(
Procedure(f'Get_{field.name}', [('Buffer', 'Types.Bytes'),
('First', 'out Types.Index_Type'),
('Last', 'out Types.Index_Type')],
[], body, [precondition, postcondition]))
else:
functions.append(
ExpressionFunction(
f'Get_{field.name}', field.type.name,
[('Buffer', 'Types.Bytes')],
IfExpression(
[(LogCall(f'Valid_{field.name}_{variant_id} (Buffer)'),
MathCall(f'Get_{field.name}_{variant_id} (Buffer)'))
for variant_id in field.variants],
f'Unreachable_{field.type.name}'), [precondition]))
return functions
def _create_init_proc(self, slots: Sequence[NumberedSlotInfo]) -> UnitPart:
proc = ProcedureSpecification(
"Initialize",
[OutParameter(["S"], "Slots"),
Parameter(["M"], "Memory")])
return UnitPart(
[
SubprogramDeclaration(
proc,
[Postcondition(Call("Initialized", [Variable("S")]))]),
],
[
SubprogramBody(
proc,
declarations=[],
statements=([
Assignment(
"S" * self._slot_name(slot.slot_id),
UnrestrictedAccess(
Variable(ID(f"M.Slot_{slot.slot_id}"))),
) for slot in slots
] if slots else [NullStatement()]),
aspects=[SparkMode(off=True)],
)
],
)
def set_context_cursor_composite_field(field_name: str) -> Assignment:
return Assignment(
Indexed(
Variable("Ctx.Cursors"),
Variable(field_name),
),
NamedAggregate(
("State", Variable("S_Structural_Valid")),
(
"First",
Call(
"Field_First",
[Variable("Ctx"), Variable(field_name)],
),
),
(
"Last",
Call(
"Field_Last",
[Variable("Ctx"), Variable(field_name)],
),
),
("Value", Variable("Value")),
(
"Predecessor",
Selected(
Indexed(
Variable("Ctx.Cursors"),
Variable(field_name),
),
"Predecessor",
),
),
),
)
def initialize_field_statements(self, message: Message, field: Field) -> Sequence[Statement]:
return [
CallStatement("Reset_Dependent_Fields", [Name("Ctx"), Name(field.affixed_name)],),
Assignment(
"Ctx",
Aggregate(
Selected("Ctx", "Buffer_First"),
Selected("Ctx", "Buffer_Last"),
Selected("Ctx", "First"),
Name("Last"),
Selected("Ctx", "Buffer"),
Selected("Ctx", "Cursors"),
),
),
# WORKAROUND:
# Limitation of GNAT Community 2019 / SPARK Pro 20.0
# Provability of predicate is increased by adding part of
# predicate as assert
PragmaStatement(
"Assert", [str(self.message_structure_invariant(message, prefix=True))],
),
Assignment(
Indexed(Selected("Ctx", "Cursors"), Name(field.affixed_name)),
NamedAggregate(
("State", Name("S_Structural_Valid")),
("First", Name("First")),
("Last", Name("Last")),
("Value", NamedAggregate(("Fld", Name(field.affixed_name))),),
(
"Predecessor",
Selected(
Indexed(Selected("Ctx", "Cursors"), Name(field.affixed_name),),
"Predecessor",
),
),
),
),
Assignment(
Indexed(
Selected("Ctx", "Cursors"),
Call("Successor", [Name("Ctx"), Name(field.affixed_name)]),
),
NamedAggregate(
("State", Name("S_Invalid")), ("Predecessor", Name(field.affixed_name)),
),
),
]
def set_context_cursor_scalar() -> Assignment:
return Assignment(
Indexed(Variable("Ctx.Cursors"), Variable("Fld")),
NamedAggregate(
("State", Variable("S_Valid")),
("First", Call("Field_First",
[Variable("Ctx"), Variable("Fld")])),
("Last", Call("Field_Last",
[Variable("Ctx"), Variable("Fld")])),
("Value", Variable("Value")),
(
"Predecessor",
Selected(Indexed(Variable("Ctx.Cursors"), Variable("Fld")),
"Predecessor"),
),
),
)
def _create_finalize_proc(self,
slots: Sequence[NumberedSlotInfo]) -> UnitPart:
proc = ProcedureSpecification("Finalize",
[InOutParameter(["S"], "Slots")])
return UnitPart(
[
SubprogramDeclaration(
proc,
[Postcondition(Call("Uninitialized", [Variable("S")]))]),
],
[
SubprogramBody(
proc,
declarations=[],
statements=([
Assignment(
"S" * self._slot_name(slot.slot_id),
Variable("null"),
) for slot in slots
] if slots else [NullStatement()]),
aspects=[SparkMode(off=True)],
)
],
)
def create_internal_functions(
self, message: Message, scalar_fields: Mapping[Field, Scalar]
) -> UnitPart:
return UnitPart(
[],
[
SubprogramBody(
ProcedureSpecification(
"Set_Field_Value",
[
InOutParameter(["Ctx"], "Context"),
Parameter(["Val"], "Field_Dependent_Value"),
OutParameter(["Fst", "Lst"], self.types.bit_index),
],
),
[
*self.common.field_bit_location_declarations(Selected("Val", "Fld")),
*self.common.field_byte_location_declarations(),
],
[
Assignment("Fst", Name("First")),
Assignment("Lst", Name("Last")),
CaseStatement(
Selected("Val", "Fld"),
[
(
Name(f.affixed_name),
[
CallStatement(
"Insert",
[
Selected("Val", f"{f.name}_Value"),
Slice(
Selected(Selected("Ctx", "Buffer"), "all"),
Name("Buffer_First"),
Name("Buffer_Last"),
),
Name("Offset"),
],
)
if f in scalar_fields
else NullStatement()
],
)
for f in message.all_fields
],
),
],
[
Precondition(
AndThen(
Not(Constrained("Ctx")),
Call("Has_Buffer", [Name("Ctx")]),
In(Selected("Val", "Fld"), Range("Field")),
Call("Valid_Next", [Name("Ctx"), Selected("Val", "Fld")]),
self.common.sufficient_space_for_field_condition(
Selected("Val", "Fld")
),
ForAllIn(
"F",
Range("Field"),
If(
[
(
Call(
"Structural_Valid",
[
Indexed(
Selected("Ctx", "Cursors"), Name("F"),
)
],
),
LessEqual(
Selected(
Indexed(
Selected("Ctx", "Cursors"), Name("F"),
),
"Last",
),
Call(
"Field_Last",
[Name("Ctx"), Selected("Val", "Fld")],
),
),
)
]
),
),
)
),
Postcondition(
And(
Call("Has_Buffer", [Name("Ctx")]),
Equal(
Name("Fst"),
Call("Field_First", [Name("Ctx"), Selected("Val", "Fld")]),
),
Equal(
Name("Lst"),
Call("Field_Last", [Name("Ctx"), Selected("Val", "Fld")]),
),
GreaterEqual(Name("Fst"), Selected("Ctx", "First")),
LessEqual(Name("Fst"), Add(Name("Lst"), Number(1))),
LessEqual(
Call(self.types.byte_index, [Name("Lst")]),
Selected("Ctx", "Buffer_Last"),
),
ForAllIn(
"F",
Range("Field"),
If(
[
(
Call(
"Structural_Valid",
[
Indexed(
Selected("Ctx", "Cursors"), Name("F"),
)
],
),
LessEqual(
Selected(
Indexed(
Selected("Ctx", "Cursors"), Name("F"),
),
"Last",
),
Name("Lst"),
),
)
]
),
),
*[
Equal(e, Old(e))
for e in [
Selected("Ctx", "Buffer_First"),
Selected("Ctx", "Buffer_Last"),
Selected("Ctx", "First"),
Selected("Ctx", "Cursors"),
]
],
)
),
],
)
],
)
def create_scalar_setter_procedures(
self, message: Message, scalar_fields: Mapping[Field, Scalar]
) -> UnitPart:
def specification(field: Field, field_type: Type) -> ProcedureSpecification:
type_name = (
field_type.enum_name
if isinstance(field_type, Enumeration) and field_type.always_valid
else field_type.name
)
return ProcedureSpecification(
f"Set_{field.name}",
[
InOutParameter(["Ctx"], "Context"),
Parameter(["Val"], f"{message.package}.{type_name}"),
],
)
return UnitPart(
[
SubprogramDeclaration(
specification(f, t),
[
Precondition(
AndThen(
*self.setter_preconditions(f),
Call(
"Field_Condition",
[
Name("Ctx"),
Aggregate(
Name(f.affixed_name),
Name("Val")
if not isinstance(t, Enumeration)
else Call("Convert", [Name("Val")]),
),
],
),
Call("Valid", [Name("Val")])
if not isinstance(t, Enumeration)
else TRUE,
self.common.sufficient_space_for_field_condition(
Name(f.affixed_name)
),
)
),
Postcondition(
And(
VALID_CONTEXT,
Call("Has_Buffer", [Name("Ctx")]),
Call("Valid", [Name("Ctx"), Name(f.affixed_name)]),
Equal(
Call(f"Get_{f.name}", [Name("Ctx")]),
Aggregate(TRUE, Name("Val"))
if isinstance(t, Enumeration) and t.always_valid
else Name("Val"),
),
*self.setter_postconditions(message, f, t),
*[
Equal(
Call("Cursor", [Name("Ctx"), Name(p.affixed_name)]),
Old(Call("Cursor", [Name("Ctx"), Name(p.affixed_name)])),
)
for p in message.predecessors(f)
],
)
),
],
)
for f, t in scalar_fields.items()
],
[
SubprogramBody(
specification(f, t),
[
ObjectDeclaration(
["Field_Value"],
"Field_Dependent_Value",
Aggregate(
Name(f.affixed_name),
Name("Val")
if not isinstance(t, Enumeration)
else Call("Convert", [Name("Val")]),
),
True,
),
ObjectDeclaration(["First", "Last"], self.types.bit_index),
],
[
CallStatement(
"Reset_Dependent_Fields", [Name("Ctx"), Name(f.affixed_name)],
),
CallStatement(
"Set_Field_Value",
[Name("Ctx"), Name("Field_Value"), Name("First"), Name("Last")],
),
Assignment(
"Ctx",
Aggregate(
Selected("Ctx", "Buffer_First"),
Selected("Ctx", "Buffer_Last"),
Selected("Ctx", "First"),
Name("Last"),
Selected("Ctx", "Buffer"),
Selected("Ctx", "Cursors"),
),
),
Assignment(
Indexed(Selected("Ctx", "Cursors"), Name(f.affixed_name)),
NamedAggregate(
("State", Name("S_Valid")),
("First", Name("First")),
("Last", Name("Last")),
("Value", Name("Field_Value")),
(
"Predecessor",
Selected(
Indexed(Selected("Ctx", "Cursors"), Name(f.affixed_name)),
"Predecessor",
),
),
),
),
Assignment(
Indexed(
Selected("Ctx", "Cursors"),
Call("Successor", [Name("Ctx"), Name(f.affixed_name)]),
),
NamedAggregate(
("State", Name("S_Invalid")), ("Predecessor", Name(f.affixed_name)),
),
),
],
)
for f, t in scalar_fields.items()
],
)
def array_functions(array: Array, package: str) -> List[Subprogram]:
common_precondition = LogCall(f'Is_Contained (Buffer)')
return [
Function('Valid_First', 'Boolean', [('Buffer', 'Types.Bytes')], [], [
ReturnStatement(
LogCall('Valid_Next (Buffer, Offset_Type (Buffer\'First))'))
], [Precondition(common_precondition)]),
Procedure('Get_First', [
('Buffer', 'Types.Bytes'), ('Offset', 'out Offset_Type'),
('First', 'out Types.Index_Type'), ('Last', 'out Types.Index_Type')
], [], [
Assignment('Offset', Value('Offset_Type (Buffer\'First)')),
CallStatement('Get_Next', ['Buffer', 'Offset', 'First', 'Last'])
], [
Precondition(
And(common_precondition, LogCall('Valid_First (Buffer)'))),
Postcondition(
And(
And(GreaterEqual(Value('First'), First('Buffer')),
LessEqual(Value('Last'), Last('Buffer'))),
LogCall(f'{package}.{array.element_type}.Is_Contained '
'(Buffer (First .. Last))')))
]),
Function('Valid_Next', 'Boolean', [
('Buffer', 'Types.Bytes'), ('Offset', 'Offset_Type')
], [], [
PragmaStatement('Assume', [
(f'{package}.{array.element_type}.Is_Contained '
'(Buffer (Types.Index_Type (Offset) .. Buffer\'Last))')
]),
ReturnStatement(
LogCall(
f'{package}.{array.element_type}.Is_Valid '
'(Buffer (Types.Index_Type (Offset) .. Buffer\'Last))'))
], [Precondition(common_precondition)]),
Procedure(
'Get_Next', [('Buffer', 'Types.Bytes'),
('Offset', 'in out Offset_Type'),
('First', 'out Types.Index_Type'),
('Last', 'out Types.Index_Type')], [],
[
Assignment('First', Value('Types.Index_Type (Offset)')),
Assignment(
'Last',
Add(
Value('First'),
Cast(
'Types.Length_Type',
MathCall(f'{package}.{array.element_type}.'
'Message_Length (Buffer (First '
'.. Buffer\'Last))')), Number(-1))),
Assignment('Offset', Value('Offset_Type (Last + 1)')),
PragmaStatement(
'Assume', [(f'{package}.{array.element_type}.Is_Contained '
'(Buffer (First .. Last))')])
], [
Precondition(
And(common_precondition,
LogCall('Valid_Next (Buffer, Offset)'))),
Postcondition(
And(
And(GreaterEqual(Value('First'), First('Buffer')),
LessEqual(Value('Last'), Last('Buffer'))),
LogCall(f'{package}.{array.element_type}.Is_Contained '
'(Buffer (First .. Last))')))
])
]
def create_verify_procedure(self, message: Message,
context_invariant: Sequence[Expr]) -> UnitPart:
specification = ProcedureSpecification(
"Verify",
[InOutParameter(["Ctx"], "Context"),
Parameter(["Fld"], "Field")])
valid_field_condition = And(
Call(
"Valid_Value",
[Variable("Value")],
),
Call(
"Field_Condition",
[
Variable("Ctx"),
Variable("Value"),
*([
Call(
"Field_Length",
[Variable("Ctx"), Variable("Fld")])
] if common.length_dependent_condition(message) else []),
],
),
)
set_cursors_statements = [
IfStatement(
[(
Call("Composite_Field", [Variable("Fld")]),
[
Assignment(
Indexed(Variable("Ctx.Cursors"), Variable("Fld")),
NamedAggregate(
("State", Variable("S_Structural_Valid")),
(
"First",
Call("Field_First",
[Variable("Ctx"),
Variable("Fld")]),
),
(
"Last",
Call("Field_Last",
[Variable("Ctx"),
Variable("Fld")]),
),
("Value", Variable("Value")),
(
"Predecessor",
Selected(
Indexed(Variable("Ctx.Cursors"),
Variable("Fld")),
"Predecessor",
),
),
),
)
],
)],
[
Assignment(
Indexed(Variable("Ctx.Cursors"), Variable("Fld")),
NamedAggregate(
("State", Variable("S_Valid")),
("First",
Call("Field_First",
[Variable("Ctx"),
Variable("Fld")])),
("Last",
Call("Field_Last",
[Variable("Ctx"),
Variable("Fld")])),
("Value", Variable("Value")),
(
"Predecessor",
Selected(
Indexed(Variable("Ctx.Cursors"),
Variable("Fld")), "Predecessor"),
),
),
)
],
),
# WORKAROUND:
# Limitation of GNAT Community 2019 / SPARK Pro 20.0
# Provability of predicate is increased by adding part of
# predicate as assert
PragmaStatement("Assert", [
str(common.message_structure_invariant(message, self.prefix))
]),
# WORKAROUND:
# Limitation of GNAT Community 2019 / SPARK Pro 20.0
# Provability of predicate is increased by splitting
# assignment in multiple statements
IfStatement([(
Equal(Variable("Fld"), Variable(f.affixed_name)),
[
Assignment(
Indexed(
Variable("Ctx.Cursors"),
Call("Successor",
[Variable("Ctx"),
Variable("Fld")]),
),
NamedAggregate(
("State", Variable("S_Invalid")),
("Predecessor", Variable("Fld")),
),
)
],
) for f in message.fields]),
]
return UnitPart(
[
SubprogramDeclaration(
specification,
[
Postcondition(
And(
Equal(
Call("Has_Buffer", [Variable("Ctx")]),
Old(Call("Has_Buffer", [Variable("Ctx")])),
),
*context_invariant,
)),
],
)
],
[
SubprogramBody(
specification,
[ObjectDeclaration(["Value"], "Field_Dependent_Value")],
[
IfStatement([(
AndThen(
Call("Has_Buffer", [Variable("Ctx")]),
Call(
"Invalid",
[
Indexed(Variable("Ctx.Cursors"),
Variable("Fld"))
],
),
Call("Valid_Predecessor",
[Variable("Ctx"),
Variable("Fld")]),
Call("Path_Condition",
[Variable("Ctx"),
Variable("Fld")]),
),
[
IfStatement(
[(
Call(
"Sufficient_Buffer_Length",
[Variable("Ctx"),
Variable("Fld")],
),
[
Assignment(
"Value",
Call(
"Get_Field_Value",
[
Variable("Ctx"),
Variable("Fld")
],
),
),
IfStatement(
[(
valid_field_condition,
set_cursors_statements,
)],
[
Assignment(
Indexed(
Variable(
"Ctx.Cursors"),
Variable("Fld"),
),
NamedAggregate(
(
"State",
Variable(
"S_Invalid"
),
),
(
"Predecessor",
Variable(
FINAL.
affixed_name
),
),
),
)
],
),
],
)],
[
Assignment(
Indexed(Variable("Ctx.Cursors"),
Variable("Fld")),
NamedAggregate(
("State",
Variable("S_Incomplete")),
(
"Predecessor",
Variable(
FINAL.affixed_name),
),
),
)
],
)
],
)], )
],
)
],
)
def create_internal_functions(
self, message: Message,
scalar_fields: Mapping[Field, Scalar]) -> UnitPart:
return UnitPart(
[],
[
SubprogramBody(
ProcedureSpecification(
"Set_Field_Value",
[
InOutParameter(["Ctx"], "Context"),
Parameter(["Val"], "Field_Dependent_Value"),
OutParameter(["Fst", "Lst"],
const.TYPES_BIT_INDEX),
],
),
[
*common.field_bit_location_declarations(
Variable("Val.Fld")),
*common.field_byte_location_declarations(),
*unique(
self.insert_function(common.full_base_type_name(t))
for t in message.types.values()
if isinstance(t, Scalar)),
],
[
Assignment("Fst", Variable("First")),
Assignment("Lst", Variable("Last")),
CaseStatement(
Variable("Val.Fld"),
[(
Variable(f.affixed_name),
[
CallStatement(
"Insert",
[
Variable(f"Val.{f.name}_Value"),
Slice(
Variable("Ctx.Buffer.all"),
Variable("Buffer_First"),
Variable("Buffer_Last"),
),
Variable("Offset"),
],
)
if f in scalar_fields else NullStatement()
],
) for f in message.all_fields],
),
],
[
Precondition(
AndThen(
Not(Constrained("Ctx")),
Call("Has_Buffer", [Variable("Ctx")]),
In(Variable("Val.Fld"), Range("Field")),
Call("Valid_Next",
[Variable("Ctx"),
Variable("Val.Fld")]),
common.sufficient_space_for_field_condition(
Variable("Val.Fld")),
ForAllIn(
"F",
Range("Field"),
If([(
Call(
"Structural_Valid",
[
Indexed(
Variable("Ctx.Cursors"),
Variable("F"),
)
],
),
LessEqual(
Selected(
Indexed(
Variable("Ctx.Cursors"),
Variable("F"),
),
"Last",
),
Call(
"Field_Last",
[
Variable("Ctx"),
Variable("Val.Fld")
],
),
),
)]),
),
)),
Postcondition(
And(
Call("Has_Buffer", [Variable("Ctx")]),
Equal(
Variable("Fst"),
Call(
"Field_First",
[Variable("Ctx"),
Variable("Val.Fld")]),
),
Equal(
Variable("Lst"),
Call(
"Field_Last",
[Variable("Ctx"),
Variable("Val.Fld")]),
),
GreaterEqual(Variable("Fst"),
Variable("Ctx.First")),
LessEqual(Variable("Fst"),
Add(Variable("Lst"), Number(1))),
LessEqual(
Call(const.TYPES_BYTE_INDEX,
[Variable("Lst")]),
Variable("Ctx.Buffer_Last"),
),
ForAllIn(
"F",
Range("Field"),
If([(
Call(
"Structural_Valid",
[
Indexed(
Variable("Ctx.Cursors"),
Variable("F"),
)
],
),
LessEqual(
Selected(
Indexed(
Variable("Ctx.Cursors"),
Variable("F"),
),
"Last",
),
Variable("Lst"),
),
)]),
),
*[
Equal(e, Old(e)) for e in [
Variable("Ctx.Buffer_First"),
Variable("Ctx.Buffer_Last"),
Variable("Ctx.First"),
Variable("Ctx.Cursors"),
]
],
)),
],
)
] if scalar_fields else [],
)
def create_composite_setter_empty_procedures(self,
message: Message) -> UnitPart:
def specification(field: Field) -> ProcedureSpecification:
return ProcedureSpecification(f"Set_{field.name}_Empty",
[InOutParameter(["Ctx"], "Context")])
return UnitPart(
[
*[
SubprogramDeclaration(
specification(f),
[
Precondition(
AndThen(
*self.setter_preconditions(f),
*self.
unbounded_composite_setter_preconditions(
message, f),
Equal(
Call(
"Field_Length",
[
Variable("Ctx"),
Variable(f.affixed_name)
],
),
Number(0),
),
)),
Postcondition(
And(*self.composite_setter_postconditions(
message, f))),
],
) for f, t in message.types.items()
if message.is_possibly_empty(f)
],
],
[
SubprogramBody(
specification(f),
[
ObjectDeclaration(
["First"],
const.TYPES_BIT_INDEX,
Call("Field_First",
[Variable("Ctx"),
Variable(f.affixed_name)]),
True,
),
ObjectDeclaration(
["Last"],
const.TYPES_BIT_INDEX,
Call("Field_Last",
[Variable("Ctx"),
Variable(f.affixed_name)]),
True,
),
],
[
CallStatement(
"Reset_Dependent_Fields",
[Variable("Ctx"),
Variable(f.affixed_name)],
),
Assignment(
"Ctx",
Aggregate(
Variable("Ctx.Buffer_First"),
Variable("Ctx.Buffer_Last"),
Variable("Ctx.First"),
Variable("Last"),
Variable("Ctx.Buffer"),
Variable("Ctx.Cursors"),
),
),
Assignment(
Indexed(Variable("Ctx.Cursors"),
Variable(f.affixed_name)),
NamedAggregate(
("State", Variable("S_Valid")),
("First", Variable("First")),
("Last", Variable("Last")),
("Value",
NamedAggregate(
("Fld", Variable(f.affixed_name)))),
(
"Predecessor",
Selected(
Indexed(Variable("Ctx.Cursors"),
Variable(f.affixed_name)),
"Predecessor",
),
),
),
),
Assignment(
Indexed(
Variable("Ctx.Cursors"),
Call("Successor", [
Variable("Ctx"),
Variable(f.affixed_name)
]),
),
NamedAggregate(
("State", Variable("S_Invalid")),
("Predecessor", Variable(f.affixed_name)),
),
),
],
) for f, t in message.types.items()
if message.is_possibly_empty(f)
],
)
def create_scalar_setter_procedures(
self, message: Message,
scalar_fields: Mapping[Field, Scalar]) -> UnitPart:
def specification(field: Field,
field_type: Type) -> ProcedureSpecification:
if field_type.package == BUILTINS_PACKAGE:
type_name = ID(field_type.name)
elif isinstance(field_type,
Enumeration) and field_type.always_valid:
type_name = common.prefixed_type_name(
common.full_enum_name(field_type), self.prefix)
else:
type_name = common.prefixed_type_name(field_type.identifier,
self.prefix)
return ProcedureSpecification(
f"Set_{field.name}",
[
InOutParameter(["Ctx"], "Context"),
Parameter(["Val"], type_name)
],
)
return UnitPart(
[
SubprogramDeclaration(
specification(f, t),
[
Precondition(
AndThen(
*self.setter_preconditions(f),
Call(
"Field_Condition",
[
Variable("Ctx"),
Aggregate(
Variable(f.affixed_name),
Call("To_Base", [Variable("Val")]),
),
],
),
Call("Valid",
[Call("To_Base", [Variable("Val")])])
if not isinstance(t, Enumeration) else TRUE,
common.sufficient_space_for_field_condition(
Variable(f.affixed_name)),
)),
Postcondition(
And(
Call("Has_Buffer", [Variable("Ctx")]),
Call("Valid", [
Variable("Ctx"),
Variable(f.affixed_name)
]),
Equal(
Call(f"Get_{f.name}", [Variable("Ctx")]),
Aggregate(TRUE, Variable("Val"))
if isinstance(t, Enumeration)
and t.always_valid else Variable("Val"),
),
*self.setter_postconditions(message, f),
*[
Equal(
Call(
"Context_Cursor",
[
Variable("Ctx"),
Variable(p.affixed_name)
],
),
Old(
Call(
"Context_Cursor",
[
Variable("Ctx"),
Variable(p.affixed_name)
],
)),
) for p in message.predecessors(f)
],
)),
],
) for f, t in scalar_fields.items()
],
[
SubprogramBody(
specification(f, t),
[
ObjectDeclaration(
["Field_Value"],
"Field_Dependent_Value",
Aggregate(
Variable(f.affixed_name),
Call("To_Base", [Variable("Val")]),
),
True,
),
ObjectDeclaration(["First", "Last"],
const.TYPES_BIT_INDEX),
],
[
CallStatement(
"Reset_Dependent_Fields",
[Variable("Ctx"),
Variable(f.affixed_name)],
),
CallStatement(
"Set_Field_Value",
[
Variable("Ctx"),
Variable("Field_Value"),
Variable("First"),
Variable("Last"),
],
),
Assignment(
"Ctx",
Aggregate(
Variable("Ctx.Buffer_First"),
Variable("Ctx.Buffer_Last"),
Variable("Ctx.First"),
Variable("Last"),
Variable("Ctx.Buffer"),
Variable("Ctx.Cursors"),
),
),
Assignment(
Indexed(Variable("Ctx.Cursors"),
Variable(f.affixed_name)),
NamedAggregate(
("State", Variable("S_Valid")),
("First", Variable("First")),
("Last", Variable("Last")),
("Value", Variable("Field_Value")),
(
"Predecessor",
Selected(
Indexed(Variable("Ctx.Cursors"),
Variable(f.affixed_name)),
"Predecessor",
),
),
),
),
Assignment(
Indexed(
Variable("Ctx.Cursors"),
Call("Successor", [
Variable("Ctx"),
Variable(f.affixed_name)
]),
),
NamedAggregate(
("State", Variable("S_Invalid")),
("Predecessor", Variable(f.affixed_name)),
),
),
],
) for f, t in scalar_fields.items()
],
)
def create_opaque_getter_procedures(
self, message: Message,
opaque_fields: Sequence[Field]) -> UnitPart:
def specification(field: Field) -> ProcedureSpecification:
return ProcedureSpecification(
f"Get_{field.name}",
[
Parameter(["Ctx"], "Context"),
OutParameter(["Data"], const.TYPES_BYTES)
],
)
return UnitPart(
[
SubprogramDeclaration(
specification(f),
[
Precondition(
AndThen(
Call(
self.prefix * message.identifier *
"Has_Buffer",
[Variable("Ctx")],
),
Call(
self.prefix * message.identifier *
"Structural_Valid",
[
Variable("Ctx"),
Variable(
self.prefix * message.identifier *
f.affixed_name),
],
),
Call(
self.prefix * message.identifier *
"Valid_Next",
[
Variable("Ctx"),
Variable(
self.prefix * message.identifier *
f.affixed_name),
],
),
Equal(
Length("Data"),
Call(
const.TYPES_TO_LENGTH,
[
Call(
self.prefix *
message.identifier *
"Field_Size",
[
Variable("Ctx"),
Variable(self.prefix *
message.identifier
* f.affixed_name),
],
)
],
),
),
)),
Postcondition(
Call(
"Equal",
[
Variable("Ctx"),
Variable(f.affixed_name),
Variable("Data"),
],
)),
],
) for f in opaque_fields
],
[
SubprogramBody(
specification(f),
[
ObjectDeclaration(
["First"],
const.TYPES_INDEX,
Call(
const.TYPES_TO_INDEX,
[
Selected(
Indexed(
Variable("Ctx.Cursors"),
Variable(f.affixed_name),
),
"First",
)
],
),
constant=True,
),
ObjectDeclaration(
["Last"],
const.TYPES_INDEX,
Call(
const.TYPES_TO_INDEX,
[
Selected(
Indexed(
Variable("Ctx.Cursors"),
Variable(f.affixed_name),
),
"Last",
)
],
),
constant=True,
),
],
[
Assignment(
"Data",
NamedAggregate(
("others", First(const.TYPES_BYTE))),
),
Assignment(
Slice(
Variable("Data"),
First("Data"),
Add(First("Data"),
Sub(Variable("Last"), Variable("First"))),
),
Slice(
Variable("Ctx.Buffer.all"),
Variable("First"),
Variable("Last"),
),
),
],
) for f in opaque_fields
],
)
def create_verify_procedure(
self,
message: Message,
scalar_fields: Mapping[Field, Scalar],
composite_fields: Sequence[Field],
) -> UnitPart:
specification = ProcedureSpecification(
"Verify",
[InOutParameter(["Ctx"], "Context"),
Parameter(["Fld"], "Field")])
valid_field_condition = AndThen(
Call(
"Valid_Value",
[Variable("Fld"), Variable("Value")],
),
Call(
"Field_Condition",
[
Variable("Ctx"),
Variable("Fld"),
*([Variable("Value")] if
common.has_value_dependent_condition(message) else []),
*([
Slice(
Variable("Ctx.Buffer.all"),
Call(
const.TYPES_TO_INDEX,
[
Call("Field_First",
[Variable("Ctx"),
Variable("Fld")])
],
),
Call(
const.TYPES_TO_INDEX,
[
Call("Field_Last",
[Variable("Ctx"),
Variable("Fld")])
],
),
)
] if common.has_aggregate_dependent_condition(message) else
[]),
*([Call("Field_Size",
[Variable("Ctx"), Variable("Fld")])]
if common.has_size_dependent_condition(message) else []),
],
),
)
last = Mul(
Div(
Add(
Call("Field_Last",
[Variable("Ctx"), Variable("Fld")]),
Size(const.TYPES_BYTE),
-Number(1),
),
Size(const.TYPES_BYTE),
),
Size(const.TYPES_BYTE),
)
set_cursors_statements = [
*([
PragmaStatement(
"Assert",
[
If([(
Or(*[
Equal(Variable("Fld"), Variable(
f.affixed_name))
for f in message.direct_predecessors(FINAL)
]),
Equal(
Mod(
Call("Field_Last",
[Variable("Ctx"),
Variable("Fld")]),
Size(const.TYPES_BYTE),
),
Number(0),
),
)])
],
)
] if len(message.fields) > 1 else []),
# Improve provability of context predicate
PragmaStatement(
"Assert",
[Equal(Mod(last, Size(const.TYPES_BYTE)), Number(0))]),
Assignment(Variable("Ctx.Verified_Last"), last),
PragmaStatement(
"Assert",
[
LessEqual(
Call("Field_Last", [Variable("Ctx"),
Variable("Fld")]),
Variable("Ctx.Verified_Last"),
)
],
),
IfStatement(
[(
Call("Composite_Field", [Variable("Fld")]),
[set_context_cursor_composite_field("Fld")],
)],
[set_context_cursor_scalar()],
) if scalar_fields and composite_fields else
set_context_cursor_scalar()
if scalar_fields and not composite_fields else
set_context_cursor_composite_field("Fld"),
*([
# https://github.com/Componolit/RecordFlux/issues/664
# The provability of the context predicate is increased by splitting the
# assignment into multiple statements.
Assignment(
Indexed(
Variable("Ctx.Cursors"),
Call(
"Successor",
[Variable("Ctx"), Variable("Fld")],
),
),
NamedAggregate(
("State", Variable("S_Invalid")),
("Predecessor", Variable("Fld")),
),
)
] if len(message.fields) > 1 else []),
]
return UnitPart(
[
SubprogramDeclaration(
specification,
[
Precondition(
Call(
self.prefix * message.identifier *
"Has_Buffer",
[Variable("Ctx")],
)),
Postcondition(
And(
Call("Has_Buffer", [Variable("Ctx")]),
*common.context_invariant(message),
)),
],
)
],
[
SubprogramBody(
specification,
[ObjectDeclaration(["Value"], const.TYPES_BASE_INT)],
[
IfStatement([(
AndThen(
Call(
"Invalid",
[
Indexed(Variable("Ctx.Cursors"),
Variable("Fld"))
],
),
Call("Valid_Predecessor",
[Variable("Ctx"),
Variable("Fld")]),
Call("Path_Condition",
[Variable("Ctx"),
Variable("Fld")]),
),
[
IfStatement(
[(
Call(
"Sufficient_Buffer_Length",
[Variable("Ctx"),
Variable("Fld")],
),
[
Assignment(
"Value",
If(
[(
Call(
"Composite_Field",
[
Variable(
"Fld"),
],
),
Number(0),
)],
Call(
"Get",
[
Variable("Ctx"),
Variable("Fld"),
],
),
) if scalar_fields
and composite_fields else Call(
"Get",
[
Variable("Ctx"),
Variable("Fld"),
],
) if scalar_fields else
Number(0),
),
IfStatement(
[(
valid_field_condition,
set_cursors_statements,
)],
[
Assignment(
Indexed(
Variable(
"Ctx.Cursors"),
Variable("Fld"),
),
NamedAggregate(
(
"State",
Variable(
"S_Invalid"
),
),
(
"Predecessor",
Variable(
FINAL.
affixed_name,
),
),
),
)
],
),
],
)],
[
Assignment(
Indexed(Variable("Ctx.Cursors"),
Variable("Fld")),
NamedAggregate(
("State",
Variable("S_Incomplete")),
(
"Predecessor",
Variable(
FINAL.affixed_name),
),
),
)
],
)
],
)], )
],
)
],
)
def initialize_field_statements(
field: model.Field, reset_written_last: bool = False
) -> Sequence[Statement]:
return [
CallStatement(
"Reset_Dependent_Fields",
[Variable("Ctx"), Variable(field.affixed_name)],
),
# https://github.com/Componolit/RecordFlux/issues/868
PragmaStatement(
"Warnings",
[
Variable("Off"),
String("attribute Update is an obsolescent feature"),
],
),
Assignment(
"Ctx",
Update(
"Ctx",
("Verified_Last", Variable("Last")),
(
"Written_Last",
Variable("Last")
if reset_written_last
else Max(
const.TYPES_BIT_LENGTH,
Variable("Ctx.Written_Last"),
Variable("Last"),
),
),
),
),
PragmaStatement(
"Warnings",
[
Variable("On"),
String("attribute Update is an obsolescent feature"),
],
),
Assignment(
Indexed(Variable("Ctx.Cursors"), Variable(field.affixed_name)),
NamedAggregate(
("State", Variable("S_Structural_Valid")),
("First", Variable("First")),
("Last", Variable("Last")),
("Value", Number(0)),
(
"Predecessor",
Selected(
Indexed(
Variable("Ctx.Cursors"),
Variable(field.affixed_name),
),
"Predecessor",
),
),
),
),
Assignment(
Indexed(
Variable("Ctx.Cursors"),
Call(
"Successor",
[Variable("Ctx"), Variable(field.affixed_name)],
),
),
NamedAggregate(
("State", Variable("S_Invalid")),
("Predecessor", Variable(field.affixed_name)),
),
),
]