C library: add creat, open, openat

These take pointer-typed arguments, which we should check for validity.
Also add their large-filesystem version (with suffix 64).

Author: tautschnig

regression/cbmc-library/creat-01/main.c

@@ -0,0 +1,9 @@
+#include <fcntl.h>
+
+int main()
+{
+  char *unint_path;
+  mode_t mode;
+  int fd = creat(unint_path, mode);
+  return 0;
+}

regression/cbmc-library/creat-01/test.desc

@@ -0,0 +1,9 @@
+CORE
+main.c
+--pointer-check --bounds-check
+dereference failure: pointer invalid in \*pathname: FAILURE$
+^VERIFICATION FAILED$
+^EXIT=10$
+^SIGNAL=0$
+--
+^warning: ignoring

regression/cbmc-library/fcntl-01/main.c

@@ -3,7 +3,10 @@
 
 int main()
 {
-  fcntl();
-  assert(0);
+  int flags;
+  int fd = open("foo", flags);
+  int cmd;
+  int result = fcntl(fd, cmd);
+  assert(fd >= 0 || result == -1);
   return 0;
 }

regression/cbmc-library/fcntl-01/test.desc

@@ -1,4 +1,4 @@
-KNOWNBUG
+CORE
 main.c
 --pointer-check --bounds-check
 ^EXIT=0$

regression/cbmc-library/open-01/main.c

@@ -0,0 +1,9 @@
+#include <fcntl.h>
+
+int main()
+{
+  char *unint_path;
+  int flags;
+  int fd = open(unint_path, flags);
+  return 0;
+}

regression/cbmc-library/open-01/test.desc

@@ -0,0 +1,9 @@
+CORE
+main.c
+--pointer-check --bounds-check
+dereference failure: pointer invalid in \*pathname: FAILURE$
+^VERIFICATION FAILED$
+^EXIT=10$
+^SIGNAL=0$
+--
+^warning: ignoring

regression/cbmc-library/openat-01/main.c

@@ -0,0 +1,10 @@
+#include <fcntl.h>
+
+int main()
+{
+  int dirfd;
+  char *unint_path;
+  int flags;
+  int fd = openat(dirfd, unint_path, flags);
+  return 0;
+}

regression/cbmc-library/openat-01/test.desc

@@ -0,0 +1,9 @@
+CORE
+main.c
+--pointer-check --bounds-check
+dereference failure: pointer invalid in \*pathname: FAILURE$
+^VERIFICATION FAILED$
+^EXIT=10$
+^SIGNAL=0$
+--
+^warning: ignoring

src/ansi-c/library/fcntl.c

@@ -1,17 +1,179 @@
-/* FUNCTION: fcntl */
+/* FUNCTION: __CPROVER_fcntl */
 
 #ifndef __CPROVER_FCNTL_H_INCLUDED
 #include <fcntl.h>
 #define __CPROVER_FCNTL_H_INCLUDED
 #endif
 
+#ifndef __CPROVER_ERRNO_H_INCLUDED
+#  include <errno.h>
+#  define __CPROVER_ERRNO_H_INCLUDED
+#endif
+
 int __VERIFIER_nondet_int(void);
 
-int fcntl(int fd, int cmd, ...)
+int __CPROVER_fcntl(int fd, int cmd)
 {
 __CPROVER_HIDE:;
+  if(fd < 0)
+  {
+    errno = EBADF;
+    return -1;
+  }
+
   int return_value=__VERIFIER_nondet_int();
   (void)fd;
   (void)cmd;
   return return_value;
 }
+
+/* FUNCTION: fcntl */
+
+int __CPROVER_fcntl(int, int);
+
+int fcntl(int fd, int cmd, ...)
+{
+  return __CPROVER_fcntl(fd, cmd);
+}
+
+/* FUNCTION: fcntl64 */
+
+int __CPROVER_fcntl(int, int);
+
+int fcntl64(int fd, int cmd, ...)
+{
+  return __CPROVER_fcntl(fd, cmd);
+}
+
+/* FUNCTION: __CPROVER_open */
+
+#ifndef __CPROVER_FCNTL_H_INCLUDED
+#  include <fcntl.h>
+#  define __CPROVER_FCNTL_H_INCLUDED
+#endif
+
+int __VERIFIER_nondet_int(void);
+
+int __CPROVER_open(const char *pathname, int flags)
+{
+__CPROVER_HIDE:;
+  int return_value = __VERIFIER_nondet_int();
+  __CPROVER_assume(return_value >= -1);
+  (void)*pathname;
+  (void)flags;
+  return return_value;
+}
+
+/* FUNCTION: open */
+
+int __CPROVER_open(const char *, int);
+
+int open(const char *pathname, int flags, ...)
+{
+  return __CPROVER_open(pathname, flags);
+}
+
+/* FUNCTION: open64 */
+
+int __CPROVER_open(const char *, int);
+
+int open64(const char *pathname, int flags, ...)
+{
+  return __CPROVER_open(pathname, flags);
+}
+
+/* FUNCTION: __CPROVER_creat */
+
+#ifndef __CPROVER_FCNTL_H_INCLUDED
+#  include <fcntl.h>
+#  define __CPROVER_FCNTL_H_INCLUDED
+#endif
+
+int __VERIFIER_nondet_int(void);
+
+int __CPROVER_creat(const char *pathname, mode_t mode)
+{
+__CPROVER_HIDE:;
+  int return_value = __VERIFIER_nondet_int();
+  __CPROVER_assume(return_value >= -1);
+  (void)*pathname;
+  (void)mode;
+  return return_value;
+}
+
+/* FUNCTION: creat */
+
+#ifndef __CPROVER_FCNTL_H_INCLUDED
+#  include <fcntl.h>
+#  define __CPROVER_FCNTL_H_INCLUDED
+#endif
+
+int __CPROVER_creat(const char *, mode_t);
+
+int creat(const char *pathname, mode_t mode)
+{
+  return __CPROVER_creat(pathname, mode);
+}
+
+/* FUNCTION: creat64 */
+
+#ifndef __CPROVER_FCNTL_H_INCLUDED
+#  include <fcntl.h>
+#  define __CPROVER_FCNTL_H_INCLUDED
+#endif
+
+int __CPROVER_creat(const char *, mode_t);
+
+int creat64(const char *pathname, mode_t mode)
+{
+  return __CPROVER_creat(pathname, mode);
+}
+
+/* FUNCTION: __CPROVER_openat */
+
+#ifndef __CPROVER_FCNTL_H_INCLUDED
+#  include <fcntl.h>
+#  define __CPROVER_FCNTL_H_INCLUDED
+#endif
+
+#ifndef __CPROVER_ERRNO_H_INCLUDED
+#  include <errno.h>
+#  define __CPROVER_ERRNO_H_INCLUDED
+#endif
+
+int __VERIFIER_nondet_int(void);
+
+int __CPROVER_openat(int dirfd, const char *pathname, int flags)
+{
+__CPROVER_HIDE:;
+  if(dirfd < 0)
+  {
+    errno = EBADF;
+    return -1;
+  }
+
+  int return_value = __VERIFIER_nondet_int();
+  __CPROVER_assume(return_value >= -1);
+  (void)dirfd;
+  (void)*pathname;
+  (void)flags;
+  return return_value;
+}
+
+/* FUNCTION: openat */
+
+int __CPROVER_openat(int dirfd, const char *pathname, int flags);
+
+int openat(int dirfd, const char *pathname, int flags, ...)
+{
+  return __CPROVER_openat(dirfd, pathname, flags);
+}
+
+/* FUNCTION: openat64 */
+
+int __CPROVER_openat(int dirfd, const char *pathname, int flags);
+
+int openat64(int dirfd, const char *pathname, int flags, ...)
+{
+  return __CPROVER_openat(dirfd, pathname, flags);
+}

src/ansi-c/library_check.sh

@@ -52,6 +52,8 @@ perl -p -i -e 's/^__srget\n//' __functions # gets, FreeBSD
 perl -p -i -e 's/^__swbuf\n//' __functions # putc, FreeBSD
 
 # Some functions are covered by existing tests:
+perl -p -i -e 's/^__CPROVER_(creat|fcntl|open|openat)\n//' __functions # creat, fcntl, open, openat
+perl -p -i -e 's/^(creat|fcntl|open|openat)64\n//' __functions # same as creat, fcntl, open, openat
 perl -p -i -e 's/^__CPROVER_deallocate\n//' __functions # free-01
 perl -p -i -e 's/^__builtin_alloca\n//' __functions # alloca-01
 perl -p -i -e 's/^fclose_cleanup\n//' __functions # fopen