Implement fact export for manually-written and inferred function contracts

[yuxincs]

This PR implements the fact export for manually-written and inferred function contracts. Specifically it enhances the functioncontracts sub-analyzer, which imports contracts from upstream packages, parses/infers the contracts for the local package, combine the contract map and return it. It now also exports the contracts for the exported functions in the local package to be consumed by its downstream packages.

Tests are also added to ensure the fact export and import logic works.

[codecov]

Codecov Report

Attention: Patch coverage is 55.00000% with 9 lines in your changes are missing coverage. Please review.

Project coverage is 87.44%. Comparing base (4c694b0) to head (5222335).

Files	Patch %	Lines
assertion/function/functioncontracts/analyzer.go	61.11%	4 Missing and 3 partials ⚠️
assertion/function/analyzer.go	0.00%	2 Missing ⚠️

Additional details and impacted files

@@                               Coverage Diff                               @@
##           yuxincs/refactor-function-contract-analyzer     #240      +/-   ##
===============================================================================
- Coverage                                        87.83%   87.44%   -0.39%     
===============================================================================
  Files                                               60       61       +1     
  Lines                                             7758     7812      +54     
===============================================================================
+ Hits                                              6814     6831      +17     
- Misses                                             766      800      +34     
- Partials                                           178      181       +3     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[github-actions]

Golden Test

Warning

❌ NilAway errors reported on stdlib are different 📉.

3296 errors on base branch (yuxincs/refactor-function-contract-analyzer, 4c694b0)
3282 errors on test branch (4bbea55)

Diffs

+ /opt/hostedtoolcache/go/1.22.2/x64/src/math/big/int.go:190:21: Potential nil panic detected. Observed nil flow from source to dereference point: 
+ 	- elliptic/p256_test.go:70:29: result 0 of `SetString()` lacking guarding; passed as arg `x1` to `ScalarMult()` via the assignment(s):
+ 		- `new(...).SetString(...)` to `x` at elliptic/p256_test.go:64:3
+ 	- elliptic/params.go:287:27: passed as parameter `Bx` to `CurveParams.ScalarMult()` (implementing `Curve.ScalarMult()`)
+ 	- elliptic/params.go:302:33: function parameter `Bx` passed as arg `x1` to `addJacobian()`
+ 	- elliptic/params.go:147:25: function parameter `x1` passed as arg `x` to `Mul()`
+ 	- big/int.go:190:21: function parameter `x` accessed field `abs`
+ /opt/hostedtoolcache/go/1.22.2/x64/src/math/big/int.go:190:21: Potential nil panic detected. Observed nil flow from source to dereference point: 
+ 	- elliptic/p256_test.go:70:32: result 0 of `SetString()` lacking guarding; passed as arg `y1` to `ScalarMult()` via the assignment(s):
+ 		- `new(...).SetString(...)` to `y` at elliptic/p256_test.go:65:3
+ 	- elliptic/params.go:287:27: passed as parameter `By` to `CurveParams.ScalarMult()` (implementing `Curve.ScalarMult()`)
+ 	- elliptic/params.go:302:37: function parameter `By` passed as arg `y1` to `addJacobian()`
+ 	- elliptic/params.go:160:25: function parameter `y1` passed as arg `x` to `Mul()`
+ 	- big/int.go:190:21: function parameter `x` accessed field `abs`
- /opt/hostedtoolcache/go/1.22.2/x64/src/bytes/example_test.go:130:2: Potential nil panic detected. Observed nil flow from source to dereference point: 
- 	- bytes/bytes.go:1344:10: literal `nil` returned from `Clone()` in position 0
- 	- bytes/example_test.go:130:2: result 0 of `Clone()` sliced into via the assignment(s):
- 		- `bytes.Clone(b)` to `clone` at bytes/example_test.go:128:2
- /opt/hostedtoolcache/go/1.22.2/x64/src/crypto/ecdsa/ecdsa.go:396:5: Potential nil panic detected. Observed nil flow from source to dereference point: 
- 	- bytes/bytes.go:1344:10: literal `nil` returned from `Clone()` in position 0
- 	- ecdsa/ecdsa.go:396:5: result 0 of `Clone()` sliced into via the assignment(s):
- 		- `bytes.Clone(...)` to `hash` at ecdsa/ecdsa.go:394:4
- 
- (Same nil source could also cause potential nil panic(s) at 2 other place(s): "ecdsa/ecdsa.go:398:6", and "ecdsa/ecdsa.go:398:17".)
- /opt/hostedtoolcache/go/1.22.2/x64/src/crypto/internal/bigmod/nat.go:194:30: Potential nil panic detected. Observed nil flow from source to dereference point: 
- 	- bytes/bytes.go:1344:10: literal `nil` returned from `Clone()` in position 0
- 	- ecdsa/ecdsa.go:403:34: result 0 of `Clone()` passed as arg `b` to `SetOverflowingBytes()` via the assignment(s):
- 		- `bytes.Clone(...)` to `hash` at ecdsa/ecdsa.go:394:4
- 	- bigmod/nat.go:170:23: function parameter `b` passed as arg `b` to `setBytes()`
- 	- bigmod/nat.go:194:30: function parameter `b` sliced into
- /opt/hostedtoolcache/go/1.22.2/x64/src/crypto/md5/md5.go:128:7: Potential nil panic detected. Observed nil flow from source to dereference point: 
- 	- bytes/bytes.go:1344:10: literal `nil` returned from `Clone()` in position 0
- 	- encodemeta/encode.go:86:15: result 0 of `Clone()` assigned into field `encoded`
- 	- encodemeta/encode.go:104:24: field `encoded` passed as arg `p` to `Write()`
- 	- md5/md5.go:111:18: passed as parameter `p` to `digest.Write()` (implementing `Writer.Write()`)
- 	- md5/md5.go:128:7: function parameter `p` sliced into
- /opt/hostedtoolcache/go/1.22.2/x64/src/crypto/sha256/sha256.go:190:7: Potential nil panic detected. Observed nil flow from source to dereference point: 
- 	- bytes/bytes.go:1344:10: literal `nil` returned from `Clone()` in position 0
- 	- fuzz/mem.go:106:9: result 0 of `Clone()` returned from `valueCopy()` in position 0
- 	- fuzz/worker.go:1068:21: result 0 of `valueCopy()` passed as arg `data` to `Sum256()` via the assignment(s):
- 		- `mem.valueCopy()` to `entryOut.Data` at fuzz/worker.go:1046:4
- 	- sha256/sha256.go:259:10: function parameter `data` passed as arg `p` to `Write()`
- 	- sha256/sha256.go:190:7: function parameter `p` sliced into
- /opt/hostedtoolcache/go/1.22.2/x64/src/crypto/sha256/sha256.go:190:7: Potential nil panic detected. Observed nil flow from source to dereference point: 
- 	- bytes/bytes.go:1344:10: literal `nil` returned from `Clone()` in position 0
- 	- fuzz/mem.go:106:9: result 0 of `Clone()` returned from `valueCopy()` in position 0
- 	- fuzz/worker.go:812:27: result 0 of `valueCopy()` passed as arg `data` to `Sum256()` via the assignment(s):
- 		- `<-ws.memMu` to `mem` at fuzz/worker.go:806:2
- 	- sha256/sha256.go:259:10: function parameter `data` passed as arg `p` to `Write()`
- 	- sha256/sha256.go:190:7: function parameter `p` sliced into
- /opt/hostedtoolcache/go/1.22.2/x64/src/crypto/sha256/sha256.go:190:7: Potential nil panic detected. Observed nil flow from source to dereference point: 
- 	- bytes/bytes.go:1344:10: literal `nil

 ...(truncated)...

x.go:380:54: Potential nil panic detected. Observed nil flow from source to dereference point: 
- 	- bytes/bytes.go:1344:10: literal `nil` returned from `Clone()` in position 0
- 	- os/example_test.go:386:36: result 0 of `Clone()` passed as arg `data` to `WriteFile()` via the assignment(s):
- 		- `bytes.Clone(...)` to `config` at os/example_test.go:376:2
- 	- os/file.go:819:19: function parameter `data` passed as arg `b` to `Write()`
- 	- os/file.go:189:18: function parameter `b` passed as arg `b` to `write()`
- 	- os/file_posix.go:46:23: function parameter `b` passed as arg `p` to `Write()`
- 	- poll/fd_unix.go:380:54: function parameter `p` sliced into
- /opt/hostedtoolcache/go/1.22.2/x64/src/math/big/int.go:99:11: Potential nil panic detected. Observed nil flow from source to dereference point: 
- 	- elliptic/elliptic_test.go:240:9: result 1 of `GenerateKey()` lacking guarding; passed as arg `x` to `Neg()` via the assignment(s):
- 		- `GenerateKey(...)` to `x` at elliptic/elliptic_test.go:236:5
- 	- big/int.go:136:8: function parameter `x` passed as arg `x` to `Set()` at big/int.go:136:8
- 	- big/int.go:99:11: function parameter `x` at big/int.go:136:8 accessed field `neg`
- /opt/hostedtoolcache/go/1.22.2/x64/src/math/big/int.go:99:11: Potential nil panic detected. Observed nil flow from source to dereference point: 
- 	- elliptic/elliptic_test.go:242:9: result 2 of `GenerateKey()` lacking guarding; passed as arg `x` to `Neg()` via the assignment(s):
- 		- `GenerateKey(...)` to `y` at elliptic/elliptic_test.go:236:8
- 	- big/int.go:136:8: function parameter `x` passed as arg `x` to `Set()` at big/int.go:136:8
- 	- big/int.go:99:11: function parameter `x` at big/int.go:136:8 accessed field `neg`
- /opt/hostedtoolcache/go/1.22.2/x64/src/math/big/int.go:99:11: Potential nil panic detected. Observed nil flow from source to dereference point: 
- 	- elliptic/p256_test.go:70:29: result 0 of `SetString()` lacking guarding; passed as arg `x1` to `ScalarMult()` via the assignment(s):
- 		- `new(...).SetString(...)` to `x` at elliptic/p256_test.go:64:3
- 	- elliptic/params.go:287:27: passed as parameter `Bx` to `CurveParams.ScalarMult()` (implementing `Curve.ScalarMult()`)
- 	- elliptic/params.go:302:33: function parameter `Bx` passed as arg `x1` to `addJacobian()`
- 	- elliptic/params.go:136:10: function parameter `x1` passed as arg `x` to `Set()`
- 	- big/int.go:99:11: function parameter `x` accessed field `neg`
- /opt/hostedtoolcache/go/1.22.2/x64/src/math/big/int.go:99:11: Potential nil panic detected. Observed nil flow from source to dereference point: 
- 	- elliptic/p256_test.go:70:32: result 0 of `SetString()` lacking guarding; passed as arg `y1` to `ScalarMult()` via the assignment(s):
- 		- `new(...).SetString(...)` to `y` at elliptic/p256_test.go:65:3
- 	- elliptic/params.go:287:27: passed as parameter `By` to `CurveParams.ScalarMult()` (implementing `Curve.ScalarMult()`)
- 	- elliptic/params.go:302:37: function parameter `By` passed as arg `y1` to `addJacobian()`
- 	- elliptic/params.go:137:10: function parameter `y1` passed as arg `x` to `Set()`
- 	- big/int.go:99:11: function parameter `x` accessed field `neg`
- /opt/hostedtoolcache/go/1.22.2/x64/src/math/big/nat.go:1342:24: Potential nil panic detected. Observed nil flow from source to dereference point: 
- 	- cryptobyte/asn1.go:330:16: unassigned variable `bytes` passed as arg `buf` to `SetBytes()`
- 	- big/int.go:515:25: function parameter `buf` passed as arg `buf` to `setBytes()`
- 	- big/nat.go:1342:24: function parameter `buf` sliced into
- /opt/hostedtoolcache/go/1.22.2/x64/src/math/big/nat.go:1342:24: Potential nil panic detected. Observed nil flow from source to dereference point: 
- 	- nistec/p256_ordinv.go:101:9: unassigned variable `xOut` returned from `P256OrdInverse()` in position 0
- 	- elliptic/nistec_p256.go:28:31: result 0 of `P256OrdInverse()` passed as arg `buf` to `SetBytes()` via the assignment(s):
- 		- `nistec.P256OrdInverse(...)` to `inverse` at elliptic/nistec_p256.go:24:2
- 	- big/int.go:515:25: function parameter `buf` passed as arg `buf` to `setBytes()`
- 	- big/nat.go:1342:24: function parameter `buf` sliced into
- /opt/hostedtoolcache/go/1.22.2/x64/src/math/big/nat.go:1342:24: Potential nil panic detected. Observed nil flow from source to dereference point: 
- 	- x509/name_constraints_test.go:1609:39: unassigned variable `serialBytes` passed as arg `buf` to `SetBytes()`
- 	- big/int.go:515:25: function parameter `buf` passed as arg `buf` to `setBytes()`
- 	- big/nat.go:1342:24: function parameter `buf` sliced into
- /opt/hostedtoolcache/go/1.22.2/x64/src/math/big/nat.go:1342:24: Potential nil panic detected. Observed nil flow from source to dereference point: 
- 	- x509/name_constraints_test.go:1645:39: unassigned variable `serialBytes` passed as arg `buf` to `SetBytes()`
- 	- big/int.go:515:25: function parameter `buf` passed as arg `buf` to `setBytes()`
- 	- big/nat.go:1342:24: function parameter `buf` sliced into

[sonalmahajan15]

Great job supporting cross-package contracts!

[sonalmahajan15]

Suggested change

	// The existing contracts are imported from upstream packages about upstream functions,
	// The existing contracts imported from upstream packages are about upstream functions,

[sonalmahajan15]

Nice!