From b5ae130f95bce29ed61439629dc31b3277c48f2d Mon Sep 17 00:00:00 2001 From: l-kent Date: Fri, 23 Feb 2024 12:14:45 +1000 Subject: [PATCH 1/8] merge MemoryStore into MemoryAssign, make BProcedure and BProcedure have default parameter values, make Register take an Int as parameter instead of BitVecType, split Memory into StackMemory and SharedMemory, rename LocalAssign to Assign to avoid confusion about what 'local' means in this context --- src/main/scala/analysis/Analysis.scala | 16 +-- .../scala/analysis/BasicIRConstProp.scala | 4 +- src/main/scala/analysis/Cfg.scala | 2 +- .../scala/analysis/SteensgaardAnalysis.scala | 4 +- src/main/scala/analysis/VSA.scala | 14 +- src/main/scala/bap/BAPExpr.scala | 32 +---- src/main/scala/boogie/BCmd.scala | 2 +- src/main/scala/boogie/BProgram.scala | 20 +-- src/main/scala/ir/Expr.scala | 65 +++++---- src/main/scala/ir/Interpreter.scala | 33 ++--- src/main/scala/ir/Program.scala | 8 +- src/main/scala/ir/Statement.scala | 30 ++-- src/main/scala/ir/Visitor.scala | 59 ++++---- src/main/scala/translating/BAPToIR.scala | 10 +- src/main/scala/translating/GTIRBToIR.scala | 18 +-- src/main/scala/translating/ILtoIL.scala | 22 ++- src/main/scala/translating/IRToBoogie.scala | 129 ++++++++---------- .../scala/translating/SemanticsLoader.scala | 33 +++-- src/main/scala/util/RunUtils.scala | 2 +- 19 files changed, 228 insertions(+), 275 deletions(-) diff --git a/src/main/scala/analysis/Analysis.scala b/src/main/scala/analysis/Analysis.scala index 6330ba8cf..31d181179 100644 --- a/src/main/scala/analysis/Analysis.scala +++ b/src/main/scala/analysis/Analysis.scala @@ -80,7 +80,7 @@ trait ConstantPropagation(val cfg: ProgramCfg) { case r: CfgCommandNode => r.data match // assignments - case la: LocalAssign => + case la: Assign => s + (la.lhs -> eval(la.rhs, s)) // all others: like no-ops case _ => s @@ -174,13 +174,13 @@ trait MemoryRegionAnalysis(val cfg: ProgramCfg, val first: Set[CfgNode] = cfg.funEntries.toSet - private val stackPointer = Register("R31", BitVecType(64)) - private val linkRegister = Register("R30", BitVecType(64)) - private val framePointer = Register("R29", BitVecType(64)) + private val stackPointer = Register("R31", 64) + private val linkRegister = Register("R30", 64) + private val framePointer = Register("R29", 64) private val ignoreRegions: Set[Expr] = Set(linkRegister, framePointer) - private val mallocVariable = Register("R0", BitVecType(64)) + private val mallocVariable = Register("R0", 64) def eval(exp: Expr, env: Set[MemoryRegion], n: CfgCommandNode): Set[MemoryRegion] = { Logger.debug(s"evaluating $exp") @@ -256,12 +256,12 @@ trait MemoryRegionAnalysis(val cfg: ProgramCfg, s } case memAssign: MemoryAssign => - if (ignoreRegions.contains(memAssign.rhs.value)) { + if (ignoreRegions.contains(memAssign.value)) { return s } - val result = eval(memAssign.rhs.index, s, cmd) + val result = eval(memAssign.index, s, cmd) regionLattice.lub(s, result) - case localAssign: LocalAssign => + case localAssign: Assign => var m = s unwrapExpr(localAssign.rhs).foreach { case memoryLoad: MemoryLoad => diff --git a/src/main/scala/analysis/BasicIRConstProp.scala b/src/main/scala/analysis/BasicIRConstProp.scala index 06abef535..484d01ab6 100644 --- a/src/main/scala/analysis/BasicIRConstProp.scala +++ b/src/main/scala/analysis/BasicIRConstProp.scala @@ -54,9 +54,9 @@ trait ILValueAnalysisMisc: */ def localTransfer(n: CFGPosition, s: statelattice.Element): statelattice.Element = n match - case la: LocalAssign => + case la: Assign => s + (la.lhs -> eval(la.rhs, s)) - case c: Call => s ++ callerPreservedRegisters.filter(reg => s.keys.exists(_.name == reg)).map(n => Register(n, BitVecType(64)) -> statelattice.sublattice.top).toMap + case c: Call => s ++ callerPreservedRegisters.filter(reg => s.keys.exists(_.name == reg)).map(n => Register(n, 64) -> statelattice.sublattice.top).toMap case _ => s diff --git a/src/main/scala/analysis/Cfg.scala b/src/main/scala/analysis/Cfg.scala index c5f931572..d07ea87c5 100644 --- a/src/main/scala/analysis/Cfg.scala +++ b/src/main/scala/analysis/Cfg.scala @@ -587,7 +587,7 @@ class ProgramCfgFactory: // R30 is the link register - this stores the address to return to. // For now just add a node expressing that we are to return to the previous context. - if (iCall.target == Register("R30", BitVecType(64))) { + if (iCall.target == Register("R30", 64)) { val returnNode = CfgProcedureReturnNode() cfg.addEdge(jmpNode, returnNode) cfg.addEdge(returnNode, funcExitNode) diff --git a/src/main/scala/analysis/SteensgaardAnalysis.scala b/src/main/scala/analysis/SteensgaardAnalysis.scala index be1b4034e..5c55ea9bc 100644 --- a/src/main/scala/analysis/SteensgaardAnalysis.scala +++ b/src/main/scala/analysis/SteensgaardAnalysis.scala @@ -1,7 +1,7 @@ package analysis import analysis.solvers.{Cons, Term, UnionFindSolver, Var} -import ir.{Block, DirectCall, Expr, LocalAssign, MemoryAssign, Procedure, Program, Variable, BitVecLiteral} +import ir.{Block, DirectCall, Expr, Assign, MemoryAssign, Procedure, Program, Variable, BitVecLiteral} import util.Logger import java.io.{File, PrintWriter} @@ -55,7 +55,7 @@ class SteensgaardAnalysis(program: Program, constantPropResult: Map[CfgNode, Map // case AAssignStmt(id1: AIdentifier, AUnaryOp(DerefOp, id2: AIdentifier, _), _) => ??? //<--- Complete here // case AAssignStmt(ADerefWrite(id1: AIdentifier, _), id2: AIdentifier, _) => ??? //<--- Complete here - case localAssign: LocalAssign => + case localAssign: Assign => localAssign.rhs match { case variable: Variable => localAssign.lhs match diff --git a/src/main/scala/analysis/VSA.scala b/src/main/scala/analysis/VSA.scala index a09a1c5f3..306240da5 100644 --- a/src/main/scala/analysis/VSA.scala +++ b/src/main/scala/analysis/VSA.scala @@ -49,13 +49,13 @@ trait ValueSetAnalysis(cfg: ProgramCfg, val first: Set[CfgNode] = Set(cfg.startNode) - private val stackPointer = Register("R31", BitVecType(64)) - private val linkRegister = Register("R30", BitVecType(64)) - private val framePointer = Register("R29", BitVecType(64)) + private val stackPointer = Register("R31", 64) + private val linkRegister = Register("R30", 64) + private val framePointer = Register("R29", 64) private val ignoreRegions: Set[Expr] = Set(linkRegister, framePointer) - private val mallocVariable = Register("R0", BitVecType(64)) + private val mallocVariable = Register("R0", 64) def resolveGlobalOffset(address: BigInt): String = { val tableAddress = globalOffsets(address) @@ -106,7 +106,7 @@ trait ValueSetAnalysis(cfg: ProgramCfg, Logger.debug(s"node: $n") var m = s cmd match - case localAssign: LocalAssign => + case localAssign: Assign => localAssign.rhs match case memoryLoad: MemoryLoad => exprToRegion(memoryLoad.index, n) match @@ -133,12 +133,12 @@ trait ValueSetAnalysis(cfg: ProgramCfg, m } case memAssign: MemoryAssign => - memAssign.rhs.index match + memAssign.index match case binOp: BinaryExpr => val region: Option[MemoryRegion] = exprToRegion(binOp, n) region match case Some(r: MemoryRegion) => - val storeValue = memAssign.rhs.value + val storeValue = memAssign.value evaluateExpression(storeValue, constantProp(n)) match case Some(bitVecLiteral: BitVecLiteral) => m = m + (r -> Set(getValueType(bitVecLiteral))) diff --git a/src/main/scala/bap/BAPExpr.scala b/src/main/scala/bap/BAPExpr.scala index c91bfb731..0fedc28f0 100644 --- a/src/main/scala/bap/BAPExpr.scala +++ b/src/main/scala/bap/BAPExpr.scala @@ -239,7 +239,7 @@ trait BAPVar extends BAPVariable { } case class BAPRegister(override val name: String, override val size: Int) extends BAPVar { - override def toIR: Register = Register(s"$name", BitVecType(size)) + override def toIR: Register = Register(s"$name", size) } case class BAPLocalVar(override val name: String, override val size: Int) extends BAPVar { @@ -253,38 +253,12 @@ case class BAPMemAccess(memory: BAPMemory, index: BAPExpr, endian: Endian, overr override def toIR: MemoryLoad = MemoryLoad(memory.toIR, index.toIR, endian, size) } -/* -object BAPMemAccess { - // initialise to replace stack references - def init(memory: BAPMemory, index: BAPExpr, endian: Endian, size: Int): BAPMemAccess = { - if (index.locals.contains(BAPLocalVar("R31", 64))) { - BAPMemAccess(memory.copy(name = "stack"), index, endian, size) - } else { - BAPMemAccess(memory, index, endian, size) - } - } -} - */ - case class BAPMemory(name: String, addressSize: Int, valueSize: Int) extends BAPVariable { override val size: Int = valueSize // should reconsider - override def toIR: Memory = Memory(name, addressSize, valueSize) + override def toIR: Memory = SharedMemory(name, addressSize, valueSize) } case class BAPStore(memory: BAPMemory, index: BAPExpr, value: BAPExpr, endian: Endian, size: Int) extends BAPExpr { - override def toIR: MemoryStore = MemoryStore(memory.toIR, index.toIR, value.toIR, endian, size) + override def toIR: Expr = ??? // should not encounter override def toString: String = s"${memory.name}[$index] := $value" } - -/* -object BAPStore { - // initialise to replace stack references - def init(memory: BAPMemory, index: BAPExpr, value: BAPExpr, endian: Endian, size: Int): BAPStore = { - if (index.locals.contains(BAPLocalVar("R31", 64))) { - BAPStore(memory.copy(name = "stack"), index, value, endian, size) - } else { - BAPStore(memory, index, value, endian, size) - } - } -} - */ diff --git a/src/main/scala/boogie/BCmd.scala b/src/main/scala/boogie/BCmd.scala index f8a8cf34f..63a1d19d9 100644 --- a/src/main/scala/boogie/BCmd.scala +++ b/src/main/scala/boogie/BCmd.scala @@ -41,7 +41,7 @@ case class BAssume(body: BExpr, comment: Option[String] = None, override val att override def globals: Set[BVar] = body.globals } -case class BProcedureCall(name: String, lhss: Seq[BVar], params: Seq[BExpr], comment: Option[String] = None) extends BCmd { +case class BProcedureCall(name: String, lhss: Seq[BVar] = Seq(), params: Seq[BExpr] = Seq(), comment: Option[String] = None) extends BCmd { override def toString: String = { if (lhss.isEmpty) { s"call $attrString$name();" diff --git a/src/main/scala/boogie/BProgram.scala b/src/main/scala/boogie/BProgram.scala index 7eae0b359..e24ec086f 100644 --- a/src/main/scala/boogie/BProgram.scala +++ b/src/main/scala/boogie/BProgram.scala @@ -26,16 +26,16 @@ trait BDeclaration extends HasAttributes { case class BProcedure( name: String, - in: List[BVar], - out: List[BVar], - ensures: List[BExpr], - requires: List[BExpr], - ensuresDirect: List[String], - requiresDirect: List[String], - freeEnsures: List[BExpr], - freeRequires: List[BExpr], - modifies: Set[BVar], - body: List[BCmdOrBlock], + in: List[BVar] = Nil, + out: List[BVar] = Nil, + ensures: List[BExpr] = Nil, + requires: List[BExpr] = Nil, + ensuresDirect: List[String] = Nil, + requiresDirect: List[String] = Nil, + freeEnsures: List[BExpr] = Nil, + freeRequires: List[BExpr] = Nil, + modifies: Set[BVar] = Set(), + body: List[BCmdOrBlock] = Nil, override val attributes: List[BAttribute] = List() ) extends BDeclaration with Ordered[BProcedure] { diff --git a/src/main/scala/ir/Expr.scala b/src/main/scala/ir/Expr.scala index 29507dce1..519d619d0 100644 --- a/src/main/scala/ir/Expr.scala +++ b/src/main/scala/ir/Expr.scala @@ -303,30 +303,13 @@ enum Endian { case BigEndian } -case class MemoryStore(mem: Memory, index: Expr, value: Expr, endian: Endian, size: Int) extends Expr { - override def toBoogie: BMemoryStore = BMemoryStore(mem.toBoogie, index.toBoogie, value.toBoogie, endian, size) - override def toGamma: GammaStore = - GammaStore(mem.toGamma, index.toBoogie, value.toGamma, size, size / mem.valueSize) - - override def gammas: Set[Expr] = Set() - override def loads: Set[MemoryLoad] = index.loads ++ value.loads - override def variables: Set[Variable] = index.variables ++ value.variables - - override def getType: IRType = BitVecType(size) - override def toString: String = s"MemoryStore($mem, $index, $value, $endian, $size)" - override def acceptVisit(visitor: Visitor): Expr = visitor.visitMemoryStore(this) -} - case class MemoryLoad(mem: Memory, index: Expr, endian: Endian, size: Int) extends Expr { override def toBoogie: BMemoryLoad = BMemoryLoad(mem.toBoogie, index.toBoogie, endian, size) - override def toGamma: BExpr = if (mem.name == "stack") { - GammaLoad(mem.toGamma, index.toBoogie, size, size / mem.valueSize) - } else { - BinaryBExpr( - BoolOR, - GammaLoad(mem.toGamma, index.toBoogie, size, size / mem.valueSize), - L(mem.toBoogie, index.toBoogie) - ) + override def toGamma: BExpr = mem match { + case m: StackMemory => + GammaLoad(m.toGamma, index.toBoogie, size, size / m.valueSize) + case m: SharedMemory => + BinaryBExpr(BoolOR, GammaLoad(m.toGamma, index.toBoogie, size, size / m.valueSize), L(m.toBoogie, index.toBoogie)) } override def variables: Set[Variable] = index.variables override def gammas: Set[Expr] = Set(this) @@ -336,17 +319,35 @@ case class MemoryLoad(mem: Memory, index: Expr, endian: Endian, size: Int) exten override def acceptVisit(visitor: Visitor): Expr = visitor.visitMemoryLoad(this) } +// Means something has a global scope from the perspective of the IR and Boogie +// Not the same as global in the sense of shared memory between threads sealed trait Global -case class Memory(name: String, addressSize: Int, valueSize: Int) extends Expr with Global { - override def toBoogie: BMapVar = - BMapVar(name, MapBType(BitVecBType(addressSize), BitVecBType(valueSize)), Scope.Global) +// A memory section +sealed trait Memory extends Expr with Global { + val name: String + val addressSize: Int + val valueSize: Int + override def toBoogie: BMapVar = BMapVar(name, MapBType(BitVecBType(addressSize), BitVecBType(valueSize)), Scope.Global) override def toGamma: BMapVar = BMapVar(s"Gamma_$name", MapBType(BitVecBType(addressSize), BoolBType), Scope.Global) override val getType: IRType = MapType(BitVecType(addressSize), BitVecType(valueSize)) override def toString: String = s"Memory($name, $addressSize, $valueSize)" - override def acceptVisit(visitor: Visitor): Expr = visitor.visitMemory(this) + + override def acceptVisit(visitor: Visitor): Memory = + throw new Exception("visitor " + visitor + " unimplemented for: " + this) +} + +// A stack section of memory, which is local to a thread +case class StackMemory(override val name: String, override val addressSize: Int, override val valueSize: Int) extends Memory { + override def acceptVisit(visitor: Visitor): Memory = visitor.visitStackMemory(this) } +// A non-stack region of memory, which is shared between threads +case class SharedMemory(override val name: String, override val addressSize: Int, override val valueSize: Int) extends Memory { + override def acceptVisit(visitor: Visitor): Memory = visitor.visitSharedMemory(this) +} + +// A variable that is accessible without a memory load/store sealed trait Variable extends Expr { val name: String val irType: IRType @@ -357,25 +358,23 @@ sealed trait Variable extends Expr { // placeholder definition not actually used override def toGamma: BVar = BVariable(s"$name", irType.toBoogie, Scope.Global) - def size: Int = irType match { - case b: BitVecType => b.size - case _ => throw new Exception("tried to get size of non-bitvector") - } - override def toString: String = s"Variable($name, $irType)" override def acceptVisit(visitor: Visitor): Variable = throw new Exception("visitor " + visitor + " unimplemented for: " + this) } -case class Register(override val name: String, override val irType: IRType) extends Variable with Global { +// Variable with global scope (in a 'accessible from any procedure' sense), not related to the concurrent shared memory sense +// These are all hardware registers +case class Register(override val name: String, size: Int) extends Variable with Global { override def toGamma: BVar = BVariable(s"Gamma_$name", BoolBType, Scope.Global) override def toBoogie: BVar = BVariable(s"$name", irType.toBoogie, Scope.Global) override def toString: String = s"Register($name, $irType)" override def acceptVisit(visitor: Visitor): Variable = visitor.visitRegister(this) - override def size: Int = irType.asInstanceOf[BitVecType].size + override val irType: BitVecType = BitVecType(size) } +// Variable with scope local to the procedure, typically a temporary variable created in the lifting process case class LocalVar(override val name: String, override val irType: IRType) extends Variable { override def toGamma: BVar = BVariable(s"Gamma_$name", BoolBType, Scope.Local) override def toBoogie: BVar = BVariable(s"$name", irType.toBoogie, Scope.Local) diff --git a/src/main/scala/ir/Interpreter.scala b/src/main/scala/ir/Interpreter.scala index 3a1c2bf4c..03a8d7188 100644 --- a/src/main/scala/ir/Interpreter.scala +++ b/src/main/scala/ir/Interpreter.scala @@ -93,13 +93,6 @@ class Interpreter() { Logger.debug(s"\t$ml") val index: Int = eval(ml.index, env).value.toInt getMemory(index, ml.size, ml.endian, mems) - - case ms: MemoryStore => - val index: Int = eval(ms.index, env).value.toInt - val value: BitVecLiteral = eval(ms.value, env) - Logger.debug(s"\tMemoryStore(mem:${ms.mem}, index:0x${index.toHexString}, value:0x${value.value - .toString(16)}[u${value.size}], size:${ms.size})") - setMemory(index, ms.size, ms.endian, value, mems) } } @@ -269,7 +262,7 @@ class Interpreter() { break case ic: IndirectCall => Logger.debug(s"$ic") - if (ic.target == Register("R30", BitVecType(64)) && ic.returnTarget.isEmpty) { + if (ic.target == Register("R30", 64) && ic.returnTarget.isEmpty) { if (returnBlock.nonEmpty) { nextBlock = Some(returnBlock.pop()) } else { @@ -286,18 +279,26 @@ class Interpreter() { private def interpretStatement(s: Statement): Unit = { s match { - case assign: LocalAssign => + case assign: Assign => Logger.debug(s"LocalAssign ${assign.lhs} = ${assign.rhs}") val evalRight = eval(assign.rhs, regs) Logger.debug(s"LocalAssign ${assign.lhs} := 0x${evalRight.value.toString(16)}[u${evalRight.size}]\n") regs += (assign.lhs -> evalRight) case assign: MemoryAssign => - Logger.debug(s"MemoryAssign ${assign.lhs} = ${assign.rhs}") - val evalRight = eval(assign.rhs, regs) - evalRight match { + Logger.debug(s"MemoryAssign ${assign.mem}[${assign.index}] = ${assign.value}") + + val index: Int = eval(assign.index, regs).value.toInt + val value: BitVecLiteral = eval(assign.value, regs) + Logger.debug(s"\tMemoryStore(mem:${assign.mem}, index:0x${index.toHexString}, value:0x${ + value.value + .toString(16) + }[u${value.size}], size:${assign.size})") + + val evalStore = setMemory(index, assign.size, assign.endian, value, mems) + evalStore match { case BitVecLiteral(value, size) => - Logger.debug(s"MemoryAssign ${assign.lhs} := 0x${value.toString(16)}[u$size]\n") + Logger.debug(s"MemoryAssign ${assign.mem} := 0x${value.toString(16)}[u$size]\n") } case _ : NOP => case assert: Assert => @@ -327,9 +328,9 @@ class Interpreter() { } // Initial SP, FP and LR to regs - regs += (Register("R31", BitVecType(64)) -> SP) - regs += (Register("R29", BitVecType(64)) -> FP) - regs += (Register("R30", BitVecType(64)) -> LR) + regs += (Register("R31", 64) -> SP) + regs += (Register("R29", 64) -> FP) + regs += (Register("R30", 64) -> LR) // Program.Procedure interpretProcedure(IRProgram.mainProcedure) diff --git a/src/main/scala/ir/Program.scala b/src/main/scala/ir/Program.scala index 2a83604e3..4e6e7222b 100644 --- a/src/main/scala/ir/Program.scala +++ b/src/main/scala/ir/Program.scala @@ -81,12 +81,14 @@ class Program(var procedures: ArrayBuffer[Procedure], var mainProcedure: Procedu if ((name.startsWith("R") || name.startsWith("V")) && (name.length == 2 || name.length == 3) && name.substring(1).forall(_.isDigit)) { if (name.startsWith("R")) { - Register(name, BitVecType(64)) + Register(name, 64) } else { - Register(name, BitVecType(128)) + Register(name, 128) } + } else if (name == "stack") { + StackMemory(name, 64, 8) } else { - Memory(name, 64, 8) + SharedMemory(name, 64, 8) } } diff --git a/src/main/scala/ir/Statement.scala b/src/main/scala/ir/Statement.scala index 4eeaac7b4..ffc8e2bd7 100644 --- a/src/main/scala/ir/Statement.scala +++ b/src/main/scala/ir/Statement.scala @@ -1,4 +1,5 @@ package ir +import boogie.{BMapVar, GammaStore} import intrusivelist.IntrusiveListElement import collection.mutable @@ -19,34 +20,31 @@ sealed trait Command extends HasParent[Block] { sealed trait Statement extends Command, HasParent[Block], IntrusiveListElement[Statement] { def modifies: Set[Global] = Set() - //def locals: Set[Variable] = Set() def acceptVisit(visitor: Visitor): Statement = throw new Exception( "visitor " + visitor + " unimplemented for: " + this ) } -class LocalAssign(var lhs: Variable, var rhs: Expr, override val label: Option[String] = None) extends Statement { - //override def locals: Set[Variable] = rhs.locals + lhs +class Assign(var lhs: Variable, var rhs: Expr, override val label: Option[String] = None) extends Statement { override def modifies: Set[Global] = lhs match { case r: Register => Set(r) case _ => Set() } override def toString: String = s"$labelStr$lhs := $rhs" - override def acceptVisit(visitor: Visitor): Statement = visitor.visitLocalAssign(this) + override def acceptVisit(visitor: Visitor): Statement = visitor.visitAssign(this) } -object LocalAssign: - def unapply(l: LocalAssign): Option[(Variable, Expr, Option[String])] = Some(l.lhs, l.rhs, l.label) +object Assign: + def unapply(l: Assign): Option[(Variable, Expr, Option[String])] = Some(l.lhs, l.rhs, l.label) -class MemoryAssign(var lhs: Memory, var rhs: MemoryStore, override val label: Option[String] = None) extends Statement { - override def modifies: Set[Global] = Set(lhs) - //override def locals: Set[Variable] = rhs.locals - override def toString: String = s"$labelStr$lhs := $rhs" +class MemoryAssign(var mem: Memory, var index: Expr, var value: Expr, var endian: Endian, var size: Int, override val label: Option[String] = None) extends Statement { + override def modifies: Set[Global] = Set(mem) + override def toString: String = s"$labelStr$mem[$index] := MemoryStore($value, $endian, $size)" override def acceptVisit(visitor: Visitor): Statement = visitor.visitMemoryAssign(this) } object MemoryAssign: - def unapply(m: MemoryAssign): Option[(Memory, MemoryStore, Option[String])] = Some(m.lhs, m.rhs, m.label) + def unapply(m: MemoryAssign): Option[(Memory, Expr, Expr, Endian, Int, Option[String])] = Some(m.mem, m.index, m.value, m.endian, m.size, m.label) class NOP(override val label: Option[String] = None) extends Statement { override def toString: String = s"NOP $labelStr" @@ -80,8 +78,6 @@ sealed trait Jump extends Command, HasParent[Block] { def acceptVisit(visitor: Visitor): Jump = throw new Exception("visitor " + visitor + " unimplemented for: " + this) } - - class GoTo private (private var _targets: mutable.Set[Block], override val label: Option[String]) extends Jump { def this(targets: Iterable[Block], label: Option[String] = None) = this(mutable.Set.from(targets), label) @@ -129,10 +125,6 @@ object GoTo: sealed trait Call extends Jump class DirectCall(val target: Procedure, var returnTarget: Option[Block], override val label: Option[String] = None) extends Call { - /* override def locals: Set[Variable] = condition match { - case Some(c) => c.locals - case None => Set() - } */ override def calls: Set[Procedure] = Set(target) override def toString: String = s"${labelStr}DirectCall(${target.name}, ${returnTarget.map(_.label)})" override def acceptVisit(visitor: Visitor): Jump = visitor.visitDirectCall(this) @@ -148,10 +140,6 @@ object DirectCall: def unapply(i: DirectCall): Option[(Procedure, Option[Block], Option[String])] = Some(i.target, i.returnTarget, i.label) class IndirectCall(var target: Variable, var returnTarget: Option[Block], override val label: Option[String] = None) extends Call { - /* override def locals: Set[Variable] = condition match { - case Some(c) => c.locals + target - case None => Set(target) - } */ override def toString: String = s"${labelStr}IndirectCall($target, ${returnTarget.map(_.label)})" override def acceptVisit(visitor: Visitor): Jump = visitor.visitIndirectCall(this) } diff --git a/src/main/scala/ir/Visitor.scala b/src/main/scala/ir/Visitor.scala index bc6be9a52..07f61dca9 100644 --- a/src/main/scala/ir/Visitor.scala +++ b/src/main/scala/ir/Visitor.scala @@ -10,15 +10,16 @@ abstract class Visitor { def visitStatement(node: Statement): Statement = node.acceptVisit(this) - def visitLocalAssign(node: LocalAssign): Statement = { + def visitAssign(node: Assign): Statement = { node.lhs = visitVariable(node.lhs) node.rhs = visitExpr(node.rhs) node } def visitMemoryAssign(node: MemoryAssign): Statement = { - node.lhs = visitMemory(node.lhs) - node.rhs = visitMemoryStore(node.rhs) + node.mem = visitMemory(node.mem) + node.index = visitExpr(node.index) + node.value = visitExpr(node.value) node } @@ -109,15 +110,15 @@ abstract class Visitor { node.copy(arg1 = visitExpr(node.arg1), arg2 = visitExpr(node.arg2)) } - def visitMemoryStore(node: MemoryStore): MemoryStore = { - node.copy(mem = visitMemory(node.mem), index = visitExpr(node.index), value = visitExpr(node.value)) - } - def visitMemoryLoad(node: MemoryLoad): Expr = { node.copy(mem = visitMemory(node.mem), index = visitExpr(node.index)) } - def visitMemory(node: Memory): Memory = node + def visitMemory(node: Memory): Memory = node.acceptVisit(this) + + def visitStackMemory(node: StackMemory): Memory = node + + def visitSharedMemory(node: SharedMemory): Memory = node def visitVariable(node: Variable): Variable = node.acceptVisit(this) @@ -161,28 +162,22 @@ abstract class ReadOnlyVisitor extends Visitor { node } - override def visitMemoryStore(node: MemoryStore): MemoryStore = { - visitMemory(node.mem) - visitExpr(node.index) - visitExpr(node.value) - node - } - override def visitMemoryLoad(node: MemoryLoad): Expr = { visitMemory(node.mem) visitExpr(node.index) node } - override def visitLocalAssign(node: LocalAssign): Statement = { + override def visitAssign(node: Assign): Statement = { visitVariable(node.lhs) visitExpr(node.rhs) node } override def visitMemoryAssign(node: MemoryAssign): Statement = { - visitMemory(node.lhs) - visitMemoryStore(node.rhs) + visitMemory(node.mem) + visitExpr(node.index) + visitExpr(node.value) node } @@ -289,8 +284,8 @@ abstract class IntraproceduralControlFlowVisitor extends Visitor { // TODO: does this break for programs with loops? need to calculate a fixed-point? class StackSubstituter extends IntraproceduralControlFlowVisitor { - private val stackPointer = Register("R31", BitVecType(64)) - private val stackMemory = Memory("stack", 64, 8) + private val stackPointer = Register("R31", 64) + private val stackMemory = StackMemory("stack", 64, 8) val stackRefs: mutable.Set[Variable] = mutable.Set(stackPointer) override def visitProcedure(node: Procedure): Procedure = { @@ -310,7 +305,7 @@ class StackSubstituter extends IntraproceduralControlFlowVisitor { } } - override def visitLocalAssign(node: LocalAssign): Statement = { + override def visitAssign(node: Assign): Statement = { node.lhs = visitVariable(node.lhs) node.rhs = visitExpr(node.rhs) @@ -328,10 +323,9 @@ class StackSubstituter extends IntraproceduralControlFlowVisitor { } override def visitMemoryAssign(node: MemoryAssign): Statement = { - val indexStackRefs = node.rhs.index.variables.intersect(stackRefs) + val indexStackRefs = node.index.variables.intersect(stackRefs) if (indexStackRefs.nonEmpty) { - node.lhs = stackMemory - node.rhs = node.rhs.copy(mem = stackMemory) + node.mem = stackMemory } node } @@ -363,7 +357,15 @@ class Renamer(reserved: Set[String]) extends Visitor { } } - override def visitMemory(node: Memory): Memory = { + override def visitStackMemory(node: StackMemory): StackMemory = { + if (reserved.contains(node.name)) { + node.copy(name = s"#${node.name}") + } else { + node + } + } + + override def visitSharedMemory(node: SharedMemory): SharedMemory = { if (reserved.contains(node.name)) { node.copy(name = s"#${node.name}") } else { @@ -407,15 +409,12 @@ class VariablesWithoutStoresLoads extends ReadOnlyVisitor { variables.add(node) node } + override def visitLocalVar(node: LocalVar): LocalVar = { variables.add(node) node } - override def visitMemoryStore(node: MemoryStore): MemoryStore = { - node - } - override def visitMemoryLoad(node: MemoryLoad): MemoryLoad = { node } @@ -430,7 +429,7 @@ class ConvertToSingleProcedureReturn extends Visitor { case Some(b) => b case None => val name = node.parent.parent.name + "_return" - val returnBlock = new Block(name, None, List(), new IndirectCall(Register("R30", BitVecType(64)), None, None)) + val returnBlock = Block(name, None, List(), IndirectCall(Register("R30", 64), None, None)) node.parent.parent.addBlocks(returnBlock) node.parent.parent.returnBlock = Some(returnBlock) } diff --git a/src/main/scala/translating/BAPToIR.scala b/src/main/scala/translating/BAPToIR.scala index 0ce4cd791..d2f56c309 100644 --- a/src/main/scala/translating/BAPToIR.scala +++ b/src/main/scala/translating/BAPToIR.scala @@ -69,8 +69,14 @@ class BAPToIR(var program: BAPProgram, mainAddress: Int) { } private def translate(s: BAPStatement) = s match { - case b: BAPMemAssign => MemoryAssign(b.lhs.toIR, b.rhs.toIR, Some(b.line)) - case b: BAPLocalAssign => LocalAssign(b.lhs.toIR, b.rhs.toIR, Some(b.line)) + case b: BAPMemAssign => + val mem = b.lhs.toIR + if (mem != b.rhs.memory.toIR) { + throw Exception(s"$b has conflicting lhs ${b.lhs} and rhs ${b.rhs.memory}") + } + MemoryAssign(mem, b.rhs.index.toIR, b.rhs.value.toIR, b.rhs.endian, b.rhs.size, Some(b.line)) + case b: BAPLocalAssign => + Assign(b.lhs.toIR, b.rhs.toIR, Some(b.line)) } /** diff --git a/src/main/scala/translating/GTIRBToIR.scala b/src/main/scala/translating/GTIRBToIR.scala index 68345580f..9954a1e48 100644 --- a/src/main/scala/translating/GTIRBToIR.scala +++ b/src/main/scala/translating/GTIRBToIR.scala @@ -136,12 +136,12 @@ class GTIRBToIR(mods: Seq[Module], parserMap: immutable.Map[String, Array[Array[ var regNum = 0 val in = if (name == "main") { - ArrayBuffer(Parameter("main_argc", 32, Register("R0", BitVecType(64))), Parameter("main_argv", 64, Register("R1", BitVecType(64)))) + ArrayBuffer(Parameter("main_argc", 32, Register("R0", 64)), Parameter("main_argv", 64, Register("R1", 64))) } else { ArrayBuffer() } - val out = ArrayBuffer(Parameter(name + "_result", 32, Register("R0", BitVecType(64)))) + val out = ArrayBuffer(Parameter(name + "_result", 32, Register("R0", 64))) (in, out) } @@ -221,7 +221,7 @@ class GTIRBToIR(mods: Seq[Module], parserMap: immutable.Map[String, Array[Array[ private def removePCAssign(block: Block): Unit = { block.statements.last match { - case LocalAssign(lhs: Register, _, _) if lhs.name == "_PC" => block.statements.remove(block.statements.last) + case Assign(lhs: Register, _, _) if lhs.name == "_PC" => block.statements.remove(block.statements.last) case _ => throw Exception(s"expected block ${block.label} to have a program counter assignment at its end") } } @@ -313,7 +313,7 @@ class GTIRBToIR(mods: Seq[Module], parserMap: immutable.Map[String, Array[Array[ // assignment to program counter not associated with an edge // caused by indirect call that DDisasm fails to identify // potentially requires splitting block - case l: LocalAssign if l.lhs == Register("_PC", BitVecType(64)) => + case l: Assign if l.lhs == Register("_PC", 64) => val newBlocks = handleUnidentifiedIndirectCall(l, currentBlock, block.label, newBlockCount) procedure.addBlocks(newBlocks) newBlockCount += newBlocks.size @@ -349,7 +349,7 @@ class GTIRBToIR(mods: Seq[Module], parserMap: immutable.Map[String, Array[Array[ // If the PC assignment is at the end of the block, an indirect call is added to the block // The PC assignment is removed in all cases // No other cases of unhandled program counter assignments have been identified yet - private def handleUnidentifiedIndirectCall(l: LocalAssign, currentBlock: Block, parentLabel: String, newBlockCountIn: Int): ArrayBuffer[Block] = { + private def handleUnidentifiedIndirectCall(l: Assign, currentBlock: Block, parentLabel: String, newBlockCountIn: Int): ArrayBuffer[Block] = { val newBlocks = ArrayBuffer[Block]() var newBlockCount = newBlockCountIn @@ -386,7 +386,7 @@ class GTIRBToIR(mods: Seq[Module], parserMap: immutable.Map[String, Array[Array[ } // check that R30 has been set by previous statement - if it did not then this is a case that requires further investigation currentBlock.statements.getPrev(l) match { - case LocalAssign(Register("R30", BitVecType(64)), _, _) => + case Assign(Register("R30", 64), _, _) => case _ => throw Exception("unhandled assignment to PC did not set R30 beforehand") } @@ -454,7 +454,7 @@ class GTIRBToIR(mods: Seq[Module], parserMap: immutable.Map[String, Array[Array[ if (proxySymbols.isEmpty) { // indirect call with no further information val target = block.statements.last match { - case LocalAssign(lhs: Register, rhs: Register, _) if lhs.name == "_PC" => rhs + case Assign(lhs: Register, rhs: Register, _) if lhs.name == "_PC" => rhs case _ => throw Exception(s"no assignment to program counter found before indirect call in block ${block.label}") } block.statements.remove(block.statements.last) // remove _PC assignment @@ -508,7 +508,7 @@ class GTIRBToIR(mods: Seq[Module], parserMap: immutable.Map[String, Array[Array[ case EdgeLabel(false, _, Type_Return, _) => // return statement, value of 'direct' is just whether DDisasm has resolved the return target removePCAssign(block) - IndirectCall(Register("R30", BitVecType(64)), None) + IndirectCall(Register("R30", 64), None) case EdgeLabel(false, true, Type_Fallthrough, _) => // end of block that doesn't end in a control flow instruction and falls through to next if (entranceUUIDtoProcedure.contains(edge.targetUuid)) { @@ -546,7 +546,7 @@ class GTIRBToIR(mods: Seq[Module], parserMap: immutable.Map[String, Array[Array[ if (edgeLabels.forall { (e: EdgeLabel) => !e.conditional && e.direct && e.`type` == Type_Return }) { // multiple resolved returns, translate as single return removePCAssign(block) - IndirectCall(Register("R30", BitVecType(64)), None) + IndirectCall(Register("R30", 64), None) } else if (edgeLabels.forall { (e: EdgeLabel) => !e.conditional && !e.direct && e.`type` == Type_Branch }) { // resolved indirect call diff --git a/src/main/scala/translating/ILtoIL.scala b/src/main/scala/translating/ILtoIL.scala index bdbc10a81..b34100704 100644 --- a/src/main/scala/translating/ILtoIL.scala +++ b/src/main/scala/translating/ILtoIL.scala @@ -32,7 +32,7 @@ private class ILSerialiser extends ReadOnlyVisitor { override def visitStatement(node: Statement): Statement = node.acceptVisit(this) - override def visitLocalAssign(node: LocalAssign): Statement = { + override def visitAssign(node: Assign): Statement = { program ++= "LocalAssign(" visitVariable(node.lhs) program ++= " := " @@ -43,7 +43,12 @@ private class ILSerialiser extends ReadOnlyVisitor { override def visitMemoryAssign(node: MemoryAssign): Statement = { program ++= "MemoryAssign(" - visitMemoryStore(node.rhs) + visitMemory(node.mem) + program ++= "[" + visitExpr(node.index) + program ++= "]" + program ++= " := " + visitExpr(node.value) program ++= ")" node } @@ -202,17 +207,6 @@ private class ILSerialiser extends ReadOnlyVisitor { node } - override def visitMemoryStore(node: MemoryStore): MemoryStore = { - program ++= "MemoryStore(" - visitMemory(node.mem) - program ++= "[" - visitExpr(node.index) - program ++= "] := " - visitExpr(node.value) - program ++= ")" - node - } - override def visitMemoryLoad(node: MemoryLoad): Expr = { program ++= "MemoryLoad(" visitMemory(node.mem) @@ -244,7 +238,7 @@ private class ILSerialiser extends ReadOnlyVisitor { } override def visitLiteral(node: Literal): Literal = { - program ++= node.toString() + program ++= node.toString node } diff --git a/src/main/scala/translating/IRToBoogie.scala b/src/main/scala/translating/IRToBoogie.scala index 62b9d26ca..4fa796417 100644 --- a/src/main/scala/translating/IRToBoogie.scala +++ b/src/main/scala/translating/IRToBoogie.scala @@ -30,8 +30,6 @@ class IRToBoogie(var program: Program, var spec: Specification) { private val mem = BMapVar("mem", MapBType(BitVecBType(64), BitVecBType(8)), Scope.Global) private val Gamma_mem = BMapVar("Gamma_mem", MapBType(BitVecBType(64), BoolBType), Scope.Global) - private val stack = BMapVar("stack", MapBType(BitVecBType(64), BitVecBType(8)), Scope.Global) - private val Gamma_stack = BMapVar("Gamma_stack", MapBType(BitVecBType(64), BoolBType), Scope.Global) private val mem_in = BMapVar("mem$in", MapBType(BitVecBType(64), BitVecBType(8)), Scope.Parameter) private val Gamma_mem_in = BMapVar("Gamma_mem$in", MapBType(BitVecBType(64), BoolBType), Scope.Parameter) @@ -48,8 +46,8 @@ class IRToBoogie(var program: Program, var spec: Specification) { private val modifiedCheck: Set[BVar] = (for (i <- 19 to 29) yield { Set(BVariable("R" + i, BitVecBType(64), Scope.Global), BVariable("Gamma_R" + i, BoolBType, Scope.Global)) }).flatten.toSet ++ Set( - BVariable("R" + 31, BitVecBType(64), Scope.Global), - BVariable("Gamma_R" + 31, BoolBType, Scope.Global) + BVariable("R31", BitVecBType(64), Scope.Global), + BVariable("Gamma_R31", BoolBType, Scope.Global) ) def translate(boogieGeneratorConfig: BoogieGeneratorConfig): BProgram = { @@ -65,18 +63,10 @@ class IRToBoogie(var program: Program, var spec: Specification) { globals.map(g => BConstAxiomPair(BVarDecl(g.toAddrVar, List(externAttr)), g.toAxiom)).toList.sorted val guaranteeReflexive = BProcedure( - "guarantee_reflexive", - List(), - List(), - List(), - List(), - List(), - List(), - List(), - List(), - Set(mem, Gamma_mem), - guaranteesReflexive.map(g => BAssert(g)), - List(externAttr) + name = "guarantee_reflexive", + modifies = Set(mem, Gamma_mem), + body = guaranteesReflexive.map(g => BAssert(g)), + attributes = List(externAttr) ) val rgProcs = genRely(relies, readOnlyMemory) :+ guaranteeReflexive @@ -116,13 +106,10 @@ class IRToBoogie(var program: Program, var spec: Specification) { } else { reliesUsed } - val relyProc = BProcedure("rely", List(), List(), relyEnsures, List(), List(), List(), readOnlyMemory, List(), - Set(mem, Gamma_mem), List(), List(externAttr)) - val relyTransitive = BProcedure("rely_transitive", List(), List(), reliesUsed, List(), List(), List(), List(), List(), - Set(mem, Gamma_mem), List(BProcedureCall("rely", List(), List()), BProcedureCall("rely", List(), List())), - List(externAttr)) - val relyReflexive = BProcedure("rely_reflexive", List(), List(), List(), List(), List(), List(), List(), List(), - Set(), reliesReflexive.map(r => BAssert(r)), List(externAttr)) + val relyProc = BProcedure("rely", ensures = relyEnsures, freeEnsures = readOnlyMemory, modifies = Set(mem, Gamma_mem), attributes = List(externAttr)) + val relyTransitive = BProcedure("rely_transitive", ensures = reliesUsed, modifies = Set(mem, Gamma_mem), body = List(BProcedureCall("rely"), BProcedureCall("rely")), + attributes = List(externAttr)) + val relyReflexive = BProcedure("rely_reflexive", body = reliesReflexive.map(r => BAssert(r)), attributes = List(externAttr)) List(relyProc, relyTransitive, relyReflexive) } @@ -140,8 +127,7 @@ class IRToBoogie(var program: Program, var spec: Specification) { } else { reliesUsed } - BProcedure("rely$inv", List(mem_in, Gamma_mem_in), List(mem_out, Gamma_mem_out), relyEnsures, List(), List(), - List(), List(), List(), Set(), List(), List(externAttr)) + BProcedure("rely$inv", List(mem_in, Gamma_mem_in), List(mem_out, Gamma_mem_out), relyEnsures, attributes = List(externAttr)) } def genInv(name: String): List[BProcedure] = { @@ -176,13 +162,12 @@ class IRToBoogie(var program: Program, var spec: Specification) { val invEnsures = List(BinaryBExpr(BoolOR, relyOneLine, guaranteeOneLine)) val invProc = BProcedure(name + "$inv", List(mem_in, Gamma_mem_in), List(mem_out, Gamma_mem_out), invEnsures, - List(), List(), List(), List(), List(), Set(), List(), List(externAttr)) + attributes = List(externAttr)) val invTransitive = BProcedure(name + "$inv_transitive", List(mem_in, Gamma_mem_in), List(mem_out, Gamma_mem_out), - invEnsures, List(), List(), List(), List(), List(), Set(), - List(BProcedureCall(name + "$inv", List(mem_out, Gamma_mem_out), List(mem_in, Gamma_mem_in)), + invEnsures, body = List(BProcedureCall(name + "$inv", List(mem_out, Gamma_mem_out), List(mem_in, Gamma_mem_in)), BProcedureCall(name + "$inv", List(mem_out, Gamma_mem_out), List(mem_out, Gamma_mem_out)) - ), List(externAttr)) + ), attributes = List(externAttr)) List(invProc, invTransitive) } @@ -198,8 +183,8 @@ class IRToBoogie(var program: Program, var spec: Specification) { val guaranteeAssume = BAssume(guaranteeOneLine) // G_c is ensures clause - BProcedure(name + "$guarantee", List(mem_in, Gamma_mem_in), List(mem_out, Gamma_mem_out), guaranteesParam, List(), - List(), List(), List(), List(), Set(), List(guaranteeAssume), List(externAttr)) + BProcedure(name + "$guarantee", List(mem_in, Gamma_mem_in), List(mem_out, Gamma_mem_out), guaranteesParam, + body = List(guaranteeAssume), attributes = List(externAttr)) } /** @@ -535,7 +520,7 @@ class IRToBoogie(var program: Program, var spec: Specification) { def translate(j: Jump): List[BCmd] = j match { case d: DirectCall => - val call = BProcedureCall(d.target.name, List(), List()) + val call = BProcedureCall(d.target.name) val returnTarget = d.returnTarget match { case Some(r) => GoToCmd(Seq(r.label)) case None => BAssume(FalseBLiteral, Some("no return target")) @@ -562,7 +547,7 @@ class IRToBoogie(var program: Program, var spec: Specification) { case g: GoTo => // collects all targets of the goto with a branch condition that we need to check the security level for // and collects the variables for that - val conditions = g.targets.flatMap(_.statements.headOption).collect { case a: Assume if a.checkSecurity => a } + val conditions = g.targets.flatMap(_.statements.headOption()).collect { case a: Assume if a.checkSecurity => a } val conditionVariables = conditions.flatMap(_.body.variables) val gammas = conditionVariables.map(_.toGamma).toList.sorted val conditionAssert: List[BCmd] = if (gammas.size > 1) { @@ -580,54 +565,60 @@ class IRToBoogie(var program: Program, var spec: Specification) { def translate(s: Statement): List[BCmd] = s match { case m: NOP => List.empty case m: MemoryAssign => - val lhs = m.lhs.toBoogie - val rhs = m.rhs.toBoogie - val lhsGamma = m.lhs.toGamma - val rhsGamma = m.rhs.toGamma + val lhs = m.mem.toBoogie + val rhs = BMemoryStore(m.mem.toBoogie, m.index.toBoogie, m.value.toBoogie, m.endian, m.size) + val lhsGamma = m.mem.toGamma + val rhsGamma = GammaStore(m.mem.toGamma, m.index.toBoogie, m.value.toGamma, m.size, m.size / m.mem.valueSize) val store = AssignCmd(List(lhs, lhsGamma), List(rhs, rhsGamma)) val stateSplit = s match { - case MemoryAssign(_,_, Some(label)) => List(captureStateStatement(s"$label")) - case LocalAssign(_,_, Some(label)) => List(captureStateStatement(s"$label")) + case MemoryAssign(_, _, _, _, _, Some(label)) => List(captureStateStatement(s"$label")) + case Assign(_, _, Some(label)) => List(captureStateStatement(s"$label")) case _ => List.empty } - if (lhs == stack) { - List(store) ++ stateSplit - } else { - val rely = BProcedureCall("rely", List(), List()) - val gammaValueCheck = BAssert(BinaryBExpr(BoolIMPLIES, L(lhs, rhs.index), m.rhs.value.toGamma)) - val oldAssigns = - guaranteeOldVars.map(g => AssignCmd(g.toOldVar, BMemoryLoad(lhs, g.toAddrVar, Endian.LittleEndian, g.size))) - val oldGammaAssigns = controlled.map(g => - AssignCmd( - g.toOldGamma, - BinaryBExpr(BoolOR, GammaLoad(lhsGamma, g.toAddrVar, g.size, g.size / m.lhs.valueSize), L(lhs, g.toAddrVar)) + m.mem match { + case s: StackMemory => + List(store) ++ stateSplit + case s: SharedMemory => + val rely = BProcedureCall("rely") + val gammaValueCheck = BAssert(BinaryBExpr(BoolIMPLIES, L(lhs, rhs.index), m.value.toGamma)) + val oldAssigns = + guaranteeOldVars.map(g => AssignCmd(g.toOldVar, BMemoryLoad(lhs, g.toAddrVar, Endian.LittleEndian, g.size))) + val oldGammaAssigns = controlled.map(g => + AssignCmd( + g.toOldGamma, + BinaryBExpr(BoolOR, GammaLoad(lhsGamma, g.toAddrVar, g.size, g.size / m.mem.valueSize), L(lhs, g.toAddrVar)) + ) ) - ) - val secureUpdate = for (c <- controls.keys) yield { - val addrCheck = BinaryBExpr(BVEQ, rhs.index, c.toAddrVar) - val checks = controls(c).map(v => BinaryBExpr(BoolIMPLIES, L(lhs, v.toAddrVar), v.toOldGamma)).toList - val checksAnd = if (checks.size > 1) { - checks.tail.foldLeft(checks.head)((next: BExpr, ands: BExpr) => BinaryBExpr(BoolAND, next, ands)) - } else { - checks.head + val secureUpdate = for (c <- controls.keys) yield { + val addrCheck = BinaryBExpr(BVEQ, rhs.index, c.toAddrVar) + val checks = controls(c).map(v => BinaryBExpr(BoolIMPLIES, L(lhs, v.toAddrVar), v.toOldGamma)).toList + val checksAnd = if (checks.size > 1) { + checks.tail.foldLeft(checks.head)((next: BExpr, ands: BExpr) => BinaryBExpr(BoolAND, next, ands)) + } else { + checks.head + } + BAssert(BinaryBExpr(BoolIMPLIES, addrCheck, checksAnd)) } - BAssert(BinaryBExpr(BoolIMPLIES, addrCheck, checksAnd)) - } - val guaranteeChecks = guarantees.map(v => BAssert(v)) - (List(rely, gammaValueCheck) ++ oldAssigns ++ oldGammaAssigns :+ store) ++ secureUpdate ++ guaranteeChecks ++ stateSplit + val guaranteeChecks = guarantees.map(v => BAssert(v)) + (List(rely, gammaValueCheck) ++ oldAssigns ++ oldGammaAssigns :+ store) ++ secureUpdate ++ guaranteeChecks ++ stateSplit } - case l: LocalAssign => + case l: Assign => val lhs = l.lhs.toBoogie val rhs = l.rhs.toBoogie val lhsGamma = l.lhs.toGamma val rhsGamma = l.rhs.toGamma val assign = AssignCmd(List(lhs, lhsGamma), List(rhs, rhsGamma)) - val loads = rhs.loads.collect { case m: BMemoryLoad => m } - if (loads.isEmpty || loads.forall(_.memory == stack)) { - List(assign) - } else { - val memories = loads.map(m => m.memory).toSeq.sorted - List(BProcedureCall("rely", Seq(), Seq()), assign) + val loads = l.rhs.loads + if (loads.size > 1) { + throw Exception(s"$l contains multiple loads") + } + // add rely call if assignment contains a non-stack load + loads.headOption match { + case Some(MemoryLoad(SharedMemory(_, _, _), _, _, _)) => + List(BProcedureCall("rely"), assign) + case _ => + // load is a stack load or doesn't exist + List(assign) } case a: Assert => val body = a.body.toBoogie diff --git a/src/main/scala/translating/SemanticsLoader.scala b/src/main/scala/translating/SemanticsLoader.scala index 2aa452ff3..bf77b9f3b 100644 --- a/src/main/scala/translating/SemanticsLoader.scala +++ b/src/main/scala/translating/SemanticsLoader.scala @@ -94,7 +94,7 @@ class SemanticsLoader(parserMap: immutable.Map[String, Array[Array[StmtContext]] function match { case "Mem.set.0" => checkArgs(function, 1, 4, typeArgs.size, args.size, ctx.getText) - val mem = Memory("mem", 64, 8) // yanked from BAP + val mem = SharedMemory("mem", 64, 8) // yanked from BAP val size = parseInt(typeArgs.head) * 8 val index = visitExpr(args.head) val value = visitExpr(args(3)) @@ -110,8 +110,7 @@ class SemanticsLoader(parserMap: immutable.Map[String, Array[Array[StmtContext]] // LittleEndian is an assumption if (index.isDefined && value.isDefined) { - val memstore = MemoryStore(mem, index.get, value.get, Endian.LittleEndian, size) - Some(MemoryAssign(mem, memstore, label)) + Some(MemoryAssign(mem, index.get, value.get, Endian.LittleEndian, size, label)) } else { None } @@ -154,36 +153,36 @@ class SemanticsLoader(parserMap: immutable.Map[String, Array[Array[StmtContext]] ctx.lvars.ID().asScala.foreach(lvar => varMap += (lvar.getText -> ty)) } - private def visitVarDecl(ctx: VarDeclContext, label: Option[String] = None): Option[LocalAssign] = { + private def visitVarDecl(ctx: VarDeclContext, label: Option[String] = None): Option[Assign] = { val ty = visitType(ctx.`type`()) val name = ctx.lvar.getText varMap += (name -> ty) val expr = visitExpr(ctx.expr()) if (expr.isDefined) { - Some(LocalAssign(LocalVar(name, ty), expr.get, label)) + Some(Assign(LocalVar(name, ty), expr.get, label)) } else { None } } - private def visitAssign(ctx: AssignContext, label: Option[String] = None): Option[LocalAssign] = { + private def visitAssign(ctx: AssignContext, label: Option[String] = None): Option[Assign] = { val lhs = visitLexpr(ctx.lexpr) val rhs = visitExpr(ctx.expr) if (lhs.isDefined && rhs.isDefined) { - Some(LocalAssign(lhs.get, rhs.get, label)) + Some(Assign(lhs.get, rhs.get, label)) } else { None } } - private def visitConstDecl(ctx: ConstDeclContext, label: Option[String] = None): Option[LocalAssign] = { + private def visitConstDecl(ctx: ConstDeclContext, label: Option[String] = None): Option[Assign] = { val ty = visitType(ctx.`type`()) val name = ctx.lvar.getText constMap += (name -> ty) val expr = visitExpr(ctx.expr) if (expr.isDefined) { - Some(LocalAssign(LocalVar(name + "$" + blockCount + "$" + instructionCount, ty), expr.get, label)) + Some(Assign(LocalVar(name + "$" + blockCount + "$" + instructionCount, ty), expr.get, label)) } else { None } @@ -220,11 +219,11 @@ class SemanticsLoader(parserMap: immutable.Map[String, Array[Array[StmtContext]] name match { case n if constMap.contains(n) => Some(LocalVar(n + "$" + blockCount + "$" + instructionCount, constMap(n))) case v if varMap.contains(v) => Some(LocalVar(v, varMap(v))) - case "SP_EL0" => Some(Register("R31", BitVecType(64))) - case "_PC" => Some(Register("_PC", BitVecType(64))) + case "SP_EL0" => Some(Register("R31", 64)) + case "_PC" => Some(Register("_PC", 64)) case "TRUE" => Some(TrueLiteral) case "FALSE" => Some(FalseLiteral) - case "FPCR" => Some(LocalVar("FPCR", BitVecType(32))) + case "FPCR" => Some(Register("FPCR", 32)) // ignore the following case "__BranchTaken" => None case "BTypeNext" => None @@ -249,7 +248,7 @@ class SemanticsLoader(parserMap: immutable.Map[String, Array[Array[StmtContext]] function match { case "Mem.read.0" => checkArgs(function, 1, 3, typeArgs.size, args.size, ctx.getText) - val mem = Memory("mem", 64, 8) + val mem = SharedMemory("mem", 64, 8) val index = visitExpr(args.head) val size = parseInt(typeArgs.head) * 8 @@ -474,8 +473,8 @@ class SemanticsLoader(parserMap: immutable.Map[String, Array[Array[StmtContext]] name match { case n if constMap.contains(n) => Some(LocalVar(n + "$" + blockCount + "$" + instructionCount, constMap(n))) case v if varMap.contains(v) => Some(LocalVar(v, varMap(v))) - case "SP_EL0" => Some(Register("R31", BitVecType(64))) - case "_PC" => Some(Register("_PC", BitVecType(64))) + case "SP_EL0" => Some(Register("R31", 64)) + case "_PC" => Some(Register("_PC", 64)) // ignore the following case "TRUE" => throw Exception(s"Boolean literal $name in LExpr ${ctx.getText}") case "FALSE" => throw Exception(s"Boolean literal $name in LExpr ${ctx.getText}") @@ -516,8 +515,8 @@ class SemanticsLoader(parserMap: immutable.Map[String, Array[Array[StmtContext]] private def resolveArrayExpr(name: String, index: Int): Register = { name match { - case "_R" => Register(s"R$index", BitVecType(64)) - case "_Z" => Register(s"V$index", BitVecType(128)) + case "_R" => Register(s"R$index", 64) + case "_Z" => Register(s"V$index", 128) case _ => throw Exception(s"unidentified Expr_Array ($name, $index)") } } diff --git a/src/main/scala/util/RunUtils.scala b/src/main/scala/util/RunUtils.scala index 9faab06fb..c3f79e147 100644 --- a/src/main/scala/util/RunUtils.scala +++ b/src/main/scala/util/RunUtils.scala @@ -42,7 +42,7 @@ object RunUtils { val reserved: Set[String] = Set("free") // constants - private val exitRegister: Variable = Register("R30", BitVecType(64)) + private val exitRegister: Variable = Register("R30", 64) def loadBAP(fileName: String): BAPProgram = { val ADTLexer = BAP_ADTLexer(CharStreams.fromFileName(fileName)) From 2354dbe0a5f5d5ee7814d568540c24e1334232d2 Mon Sep 17 00:00:00 2001 From: l-kent Date: Fri, 23 Feb 2024 13:09:37 +1000 Subject: [PATCH 2/8] make Memory not an Expr as it can only make sense as part of loads and stores --- src/main/scala/bap/BAPExpr.scala | 20 +++------- src/main/scala/ir/Expr.scala | 48 ++++++++++++------------ src/main/scala/ir/Interpreter.scala | 4 -- src/main/scala/translating/BAPToIR.scala | 4 +- 4 files changed, 31 insertions(+), 45 deletions(-) diff --git a/src/main/scala/bap/BAPExpr.scala b/src/main/scala/bap/BAPExpr.scala index 0fedc28f0..7408328dd 100644 --- a/src/main/scala/bap/BAPExpr.scala +++ b/src/main/scala/bap/BAPExpr.scala @@ -7,19 +7,6 @@ import ir._ trait BAPExpr { def toIR: Expr - /* def toGamma: Expr = { - val gammaVars: Set[Expr] = gammas.map(_.toGamma) - if (gammaVars.isEmpty) { - TrueLiteral - } else if (gammaVars.size == 1) { - gammaVars.head - } else { - gammaVars.tail.foldLeft(gammaVars.head) { (join: Expr, next: Expr) => - BinaryExpr(BoolAND, next, join) - } - } - } - */ /* * The size of output of the given expression. * @@ -250,12 +237,15 @@ case class BAPLocalVar(override val name: String, override val size: Int) extend */ case class BAPMemAccess(memory: BAPMemory, index: BAPExpr, endian: Endian, override val size: Int) extends BAPVariable { override def toString: String = s"${memory.name}[$index]" - override def toIR: MemoryLoad = MemoryLoad(memory.toIR, index.toIR, endian, size) + override def toIR: MemoryLoad = { + MemoryLoad(memory.toIRMemory, index.toIR, endian, size) + } } case class BAPMemory(name: String, addressSize: Int, valueSize: Int) extends BAPVariable { override val size: Int = valueSize // should reconsider - override def toIR: Memory = SharedMemory(name, addressSize, valueSize) + override def toIR: Expr = ??? // should not encounter + def toIRMemory: Memory = SharedMemory(name, addressSize, valueSize) } case class BAPStore(memory: BAPMemory, index: BAPExpr, value: BAPExpr, endian: Endian, size: Int) extends BAPExpr { diff --git a/src/main/scala/ir/Expr.scala b/src/main/scala/ir/Expr.scala index 519d619d0..21da15e23 100644 --- a/src/main/scala/ir/Expr.scala +++ b/src/main/scala/ir/Expr.scala @@ -323,30 +323,6 @@ case class MemoryLoad(mem: Memory, index: Expr, endian: Endian, size: Int) exten // Not the same as global in the sense of shared memory between threads sealed trait Global -// A memory section -sealed trait Memory extends Expr with Global { - val name: String - val addressSize: Int - val valueSize: Int - override def toBoogie: BMapVar = BMapVar(name, MapBType(BitVecBType(addressSize), BitVecBType(valueSize)), Scope.Global) - override def toGamma: BMapVar = BMapVar(s"Gamma_$name", MapBType(BitVecBType(addressSize), BoolBType), Scope.Global) - override val getType: IRType = MapType(BitVecType(addressSize), BitVecType(valueSize)) - override def toString: String = s"Memory($name, $addressSize, $valueSize)" - - override def acceptVisit(visitor: Visitor): Memory = - throw new Exception("visitor " + visitor + " unimplemented for: " + this) -} - -// A stack section of memory, which is local to a thread -case class StackMemory(override val name: String, override val addressSize: Int, override val valueSize: Int) extends Memory { - override def acceptVisit(visitor: Visitor): Memory = visitor.visitStackMemory(this) -} - -// A non-stack region of memory, which is shared between threads -case class SharedMemory(override val name: String, override val addressSize: Int, override val valueSize: Int) extends Memory { - override def acceptVisit(visitor: Visitor): Memory = visitor.visitSharedMemory(this) -} - // A variable that is accessible without a memory load/store sealed trait Variable extends Expr { val name: String @@ -381,3 +357,27 @@ case class LocalVar(override val name: String, override val irType: IRType) exte override def toString: String = s"LocalVar($name, $irType)" override def acceptVisit(visitor: Visitor): Variable = visitor.visitLocalVar(this) } + +// A memory section +sealed trait Memory extends Global { + val name: String + val addressSize: Int + val valueSize: Int + def toBoogie: BMapVar = BMapVar(name, MapBType(BitVecBType(addressSize), BitVecBType(valueSize)), Scope.Global) + def toGamma: BMapVar = BMapVar(s"Gamma_$name", MapBType(BitVecBType(addressSize), BoolBType), Scope.Global) + val getType: IRType = MapType(BitVecType(addressSize), BitVecType(valueSize)) + override def toString: String = s"Memory($name, $addressSize, $valueSize)" + + def acceptVisit(visitor: Visitor): Memory = + throw new Exception("visitor " + visitor + " unimplemented for: " + this) +} + +// A stack section of memory, which is local to a thread +case class StackMemory(override val name: String, override val addressSize: Int, override val valueSize: Int) extends Memory { + override def acceptVisit(visitor: Visitor): Memory = visitor.visitStackMemory(this) +} + +// A non-stack region of memory, which is shared between threads +case class SharedMemory(override val name: String, override val addressSize: Int, override val valueSize: Int) extends Memory { + override def acceptVisit(visitor: Visitor): Memory = visitor.visitSharedMemory(this) +} \ No newline at end of file diff --git a/src/main/scala/ir/Interpreter.scala b/src/main/scala/ir/Interpreter.scala index 03a8d7188..4ccce3051 100644 --- a/src/main/scala/ir/Interpreter.scala +++ b/src/main/scala/ir/Interpreter.scala @@ -85,10 +85,6 @@ class Interpreter() { case BVNOT => smt_bvnot(arg) } - case m: Memory => - Logger.debug(s"\t$m") - ??? - case ml: MemoryLoad => Logger.debug(s"\t$ml") val index: Int = eval(ml.index, env).value.toInt diff --git a/src/main/scala/translating/BAPToIR.scala b/src/main/scala/translating/BAPToIR.scala index d2f56c309..5f0fd8c73 100644 --- a/src/main/scala/translating/BAPToIR.scala +++ b/src/main/scala/translating/BAPToIR.scala @@ -70,8 +70,8 @@ class BAPToIR(var program: BAPProgram, mainAddress: Int) { private def translate(s: BAPStatement) = s match { case b: BAPMemAssign => - val mem = b.lhs.toIR - if (mem != b.rhs.memory.toIR) { + val mem = b.lhs.toIRMemory + if (mem != b.rhs.memory.toIRMemory) { throw Exception(s"$b has conflicting lhs ${b.lhs} and rhs ${b.rhs.memory}") } MemoryAssign(mem, b.rhs.index.toIR, b.rhs.value.toIR, b.rhs.endian, b.rhs.size, Some(b.line)) From 4da2ea4083e929ee88ae6d1f45df4a5155813924 Mon Sep 17 00:00:00 2001 From: l-kent Date: Fri, 23 Feb 2024 14:40:28 +1000 Subject: [PATCH 3/8] comment invariants --- src/main/scala/ir/Statement.scala | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/main/scala/ir/Statement.scala b/src/main/scala/ir/Statement.scala index ffc8e2bd7..a53e28340 100644 --- a/src/main/scala/ir/Statement.scala +++ b/src/main/scala/ir/Statement.scala @@ -25,6 +25,7 @@ sealed trait Statement extends Command, HasParent[Block], IntrusiveListElement[S ) } +// invariant: rhs contains at most one MemoryLoad class Assign(var lhs: Variable, var rhs: Expr, override val label: Option[String] = None) extends Statement { override def modifies: Set[Global] = lhs match { case r: Register => Set(r) @@ -37,6 +38,7 @@ class Assign(var lhs: Variable, var rhs: Expr, override val label: Option[String object Assign: def unapply(l: Assign): Option[(Variable, Expr, Option[String])] = Some(l.lhs, l.rhs, l.label) +// invariant: index and value do not contain MemoryLoads class MemoryAssign(var mem: Memory, var index: Expr, var value: Expr, var endian: Endian, var size: Int, override val label: Option[String] = None) extends Statement { override def modifies: Set[Global] = Set(mem) override def toString: String = s"$labelStr$mem[$index] := MemoryStore($value, $endian, $size)" @@ -113,7 +115,6 @@ class GoTo private (private var _targets: mutable.Set[Block], override val label } } - override def toString: String = s"${labelStr}NonDetGoTo(${targets.map(_.label).mkString(", ")})" override def acceptVisit(visitor: Visitor): Jump = visitor.visitGoTo(this) } From 143b330293ffb0fbee9c4a21ee8bd12fce0cd7d6 Mon Sep 17 00:00:00 2001 From: l-kent Date: Fri, 23 Feb 2024 14:45:52 +1000 Subject: [PATCH 4/8] make state register flags IR registers --- src/main/scala/translating/BAPLoader.scala | 7 ++++--- src/main/scala/translating/SemanticsLoader.scala | 8 ++++---- 2 files changed, 8 insertions(+), 7 deletions(-) diff --git a/src/main/scala/translating/BAPLoader.scala b/src/main/scala/translating/BAPLoader.scala index 0bed4383a..606003a0e 100644 --- a/src/main/scala/translating/BAPLoader.scala +++ b/src/main/scala/translating/BAPLoader.scala @@ -67,9 +67,10 @@ object BAPLoader { def visitImmVar(ctx: ImmVarContext): BAPVar = { val name = parseAllowed(visitQuoteString(ctx.name)) - if ( - (name.startsWith("R") || name - .startsWith("V")) && (name.length == 2 || name.length == 3) && name.substring(1).forall(_.isDigit) + if (((name.startsWith("R") || name.startsWith("V")) + && (name.length == 2 || name.length == 3) + && name.substring(1).forall(_.isDigit)) || + (name == "NF" || name == "ZF" || name == "CF" || name == "VF") ) { BAPRegister(name, parseInt(ctx.size)) } else { diff --git a/src/main/scala/translating/SemanticsLoader.scala b/src/main/scala/translating/SemanticsLoader.scala index bf77b9f3b..60c0b405f 100644 --- a/src/main/scala/translating/SemanticsLoader.scala +++ b/src/main/scala/translating/SemanticsLoader.scala @@ -431,7 +431,7 @@ class SemanticsLoader(parserMap: immutable.Map[String, Array[Array[StmtContext]] } } - private def visitExprField(ctx: ExprFieldContext): LocalVar = { + private def visitExprField(ctx: ExprFieldContext): Register = { val name = ctx.expr match { case e: ExprVarContext => e.ID.getText case _ => throw Exception(s"expected ${ctx.getText} to have an Expr_Var as first parameter") @@ -485,7 +485,7 @@ class SemanticsLoader(parserMap: immutable.Map[String, Array[Array[StmtContext]] } } - private def visitLExprField(ctx: LExprFieldContext): LocalVar = { + private def visitLExprField(ctx: LExprFieldContext): Register = { val name = ctx.lexpr match { case l: LExprVarContext => l.ID.getText case _ => throw Exception(s"expected ${ctx.getText} to have an LExpr_Var as first parameter") @@ -505,10 +505,10 @@ class SemanticsLoader(parserMap: immutable.Map[String, Array[Array[StmtContext]] resolveArrayExpr(name, index) } - private def resolveFieldExpr(name: String, field: String): LocalVar = { + private def resolveFieldExpr(name: String, field: String): Register = { name match { case "PSTATE" if field == "V" || field == "C" || field == "Z" || field == "N" => - LocalVar(field + "F", BitVecType(1)) + Register(field + "F", 1) case _ => throw Exception(s"unidentified Expr_Field ($name, $field)") } } From fbbc9302cc9ecd20a2b42b605f930227cdc934d3 Mon Sep 17 00:00:00 2001 From: l-kent Date: Fri, 23 Feb 2024 15:03:25 +1000 Subject: [PATCH 5/8] updated expected & updatedexpected task for BAP --- build.sbt | 6 +- .../clang/basic_function_call_reader.expected | 20 +- .../basic_function_call_reader.expected | 18 +- .../basic_function_call_reader.expected | 20 +- .../basic_function_call_reader.expected | 20 +- .../gcc/basic_function_call_reader.expected | 20 +- .../basic_function_call_reader.expected | 2 +- .../basic_function_call_reader.expected | 18 +- .../basic_function_call_reader.expected | 20 +- .../clang/basic_lock_read.expected | 18 +- .../clang_O2/basic_lock_read.expected | 2 +- .../basic_lock_read.expected | 22 +- .../clang_pic/basic_lock_read.expected | 22 +- .../gcc/basic_lock_read.expected | 18 +- .../gcc_O2/basic_lock_read.expected | 2 +- .../basic_lock_read.expected | 18 +- .../gcc_pic/basic_lock_read.expected | 18 +- .../clang/basic_lock_security_read.expected | 20 +- .../basic_lock_security_read.expected | 18 +- .../basic_lock_security_read.expected | 22 +- .../basic_lock_security_read.expected | 22 +- .../gcc/basic_lock_security_read.expected | 20 +- .../basic_lock_security_read.expected | 18 +- .../gcc_pic/basic_lock_security_read.expected | 20 +- .../clang/basic_operation_evaluation.expected | 20 +- .../basic_operation_evaluation.expected | 18 +- .../basic_operation_evaluation.expected | 18 +- .../gcc/basic_operation_evaluation.expected | 2 +- .../basic_operation_evaluation.expected | 2 +- .../clang/basic_sec_policy_read.expected | 20 +- .../clang_O2/basic_sec_policy_read.expected | 20 +- .../basic_sec_policy_read.expected | 20 +- .../clang_pic/basic_sec_policy_read.expected | 18 +- .../gcc/basic_sec_policy_read.expected | 20 +- .../basic_sec_policy_read.expected | 18 +- .../gcc_pic/basic_sec_policy_read.expected | 18 +- src/test/correct/cjump/clang/cjump.expected | 18 +- .../cjump/clang_no_plt_no_pic/cjump.expected | 18 +- .../correct/cjump/clang_pic/cjump.expected | 22 +- src/test/correct/cjump/gcc/cjump.expected | 18 +- .../cjump/gcc_no_plt_no_pic/cjump.expected | 20 +- src/test/correct/cjump/gcc_pic/cjump.expected | 20 +- .../ifbranches/clang/ifbranches.expected | 18 +- .../ifbranches/clang_O2/ifbranches.expected | 20 +- .../clang_no_plt_no_pic/ifbranches.expected | 20 +- .../ifbranches/clang_pic/ifbranches.expected | 20 +- .../ifbranches/gcc/ifbranches.expected | 18 +- .../ifbranches/gcc_O2/ifbranches.expected | 20 +- .../gcc_no_plt_no_pic/ifbranches.expected | 20 +- .../ifbranches/gcc_pic/ifbranches.expected | 20 +- .../correct/ifglobal/clang/ifglobal.expected | 22 +- .../ifglobal/clang_O2/ifglobal.expected | 2 +- .../clang_no_plt_no_pic/ifglobal.expected | 20 +- .../ifglobal/clang_pic/ifglobal.expected | 18 +- .../correct/ifglobal/gcc/ifglobal.expected | 18 +- .../gcc_no_plt_no_pic/ifglobal.expected | 20 +- .../ifglobal/gcc_pic/ifglobal.expected | 18 +- .../clang/initialisation.expected | 18 +- .../initialisation.expected | 18 +- .../clang_pic/initialisation.expected | 18 +- .../jumptable3/gcc/jumptable3.expected | 38 +-- .../jumptable3/gcc_O2/jumptable3.expected | 28 +- .../gcc_no_plt_no_pic/jumptable3.expected | 38 +-- .../jumptable3/gcc_pic/jumptable3.expected | 40 +-- .../malloc_memcpy_strlen_memset_free.expected | 293 ++++++++-------- .../correct/nestedif/clang/nestedif.expected | 26 +- .../clang_no_plt_no_pic/nestedif.expected | 24 +- .../nestedif/clang_pic/nestedif.expected | 26 +- .../correct/nestedif/gcc/nestedif.expected | 24 +- .../gcc_no_plt_no_pic/nestedif.expected | 18 +- .../nestedif/gcc_pic/nestedif.expected | 22 +- .../simple_jump/clang/simple_jump.expected | 22 +- .../clang_no_plt_no_pic/simple_jump.expected | 22 +- .../clang_pic/simple_jump.expected | 18 +- .../simple_jump/gcc/simple_jump.expected | 20 +- .../gcc_no_plt_no_pic/simple_jump.expected | 18 +- .../simple_jump/gcc_pic/simple_jump.expected | 18 +- src/test/correct/switch/clang/switch.expected | 22 +- .../clang_no_plt_no_pic/switch.expected | 22 +- .../correct/switch/clang_pic/switch.expected | 24 +- src/test/correct/switch/gcc/switch.expected | 20 +- .../switch/gcc_no_plt_no_pic/switch.expected | 18 +- .../correct/switch/gcc_pic/switch.expected | 22 +- src/test/correct/switch2/gcc/switch2.expected | 28 +- .../gcc_no_plt_no_pic/switch2.expected | 30 +- .../correct/switch2/gcc_pic/switch2.expected | 24 +- .../correct/syscall/gcc_O2/syscall.expected | 5 + .../clang/using_gamma_conditional.expected | 20 +- .../clang_O2/using_gamma_conditional.expected | 20 +- .../using_gamma_conditional.expected | 22 +- .../using_gamma_conditional.expected | 18 +- .../gcc/using_gamma_conditional.expected | 20 +- .../gcc_O2/using_gamma_conditional.expected | 20 +- .../using_gamma_conditional.expected | 20 +- .../gcc_pic/using_gamma_conditional.expected | 20 +- .../incorrect/iflocal/clang/iflocal.expected | 22 +- .../clang_no_plt_no_pic/iflocal.expected | 22 +- .../iflocal/clang_pic/iflocal.expected | 22 +- .../incorrect/iflocal/gcc/iflocal.expected | 18 +- .../gcc_no_plt_no_pic/iflocal.expected | 18 +- .../iflocal/gcc_pic/iflocal.expected | 18 +- .../malloc_memcpy_strlen_memset_free.expected | 320 +++++++++--------- .../malloc_memcpy_strlen_memset_free.expected | 298 ++++++++-------- .../clang/nestedifglobal.expected | 22 +- .../nestedifglobal.expected | 24 +- .../clang_pic/nestedifglobal.expected | 24 +- .../gcc/nestedifglobal.expected | 24 +- .../gcc_no_plt_no_pic/nestedifglobal.expected | 22 +- .../gcc_pic/nestedifglobal.expected | 22 +- 109 files changed, 1497 insertions(+), 1491 deletions(-) diff --git a/build.sbt b/build.sbt index 34e8b69bf..e73a7bba4 100644 --- a/build.sbt +++ b/build.sbt @@ -39,9 +39,9 @@ libraryDependencies ++= Seq( ) libraryDependencies += "io.spray" %% "spray-json" % "1.3.6" -lazy val updateExpected = taskKey[Unit]("updates .expected for test cases") +lazy val updateExpectedBAP = taskKey[Unit]("updates .expected for BAP test cases") -updateExpected := { +updateExpectedBAP := { val correctPath = baseDirectory.value / "src" / "test" / "correct" val incorrectPath = baseDirectory.value / "src" / "test" / "incorrect" @@ -52,7 +52,7 @@ updateExpected := { val variations = (e * "*") filter { _.isDirectory } for (v <- variations.get()) { val name = e.getName - val outPath = v / (name + ".bpl") + val outPath = v / (name + "_bap.bpl") val expectedPath = v / (name + ".expected") val resultPath = v / (name + "_result.txt") if (resultPath.exists()) { diff --git a/src/test/correct/basic_function_call_reader/clang/basic_function_call_reader.expected b/src/test/correct/basic_function_call_reader/clang/basic_function_call_reader.expected index e0d4ac96b..51de8168c 100644 --- a/src/test/correct/basic_function_call_reader/clang/basic_function_call_reader.expected +++ b/src/test/correct/basic_function_call_reader/clang/basic_function_call_reader.expected @@ -1,11 +1,19 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; var {:extern} Gamma_R8: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; var {:extern} R8: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $x_addr: bv64; @@ -93,7 +101,7 @@ implementation {:extern} guarantee_reflexive() } procedure main(); - modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_mem, Gamma_stack, R0, R31, R8, mem, stack; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_R8, Gamma_VF, Gamma_ZF, Gamma_mem, Gamma_stack, NF, R0, R31, R8, VF, ZF, mem, stack; free requires (memory_load64_le(mem, 69664bv64) == 0bv64); free requires (memory_load64_le(mem, 69672bv64) == 69672bv64); free requires (memory_load8_le(mem, 1908bv64) == 1bv8); @@ -118,15 +126,7 @@ procedure main(); implementation main() { var #4: bv32; - var CF: bv1; var Gamma_#4: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; @@ -159,7 +159,7 @@ implementation main() l00000348: assume {:captureState "l00000348"} true; assert Gamma_R8; - goto l00000348_goto_l0000037a, l00000348_goto_l00000350; + goto l00000348_goto_l00000350, l00000348_goto_l0000037a; l00000350: assume {:captureState "l00000350"} true; R8, Gamma_R8 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); diff --git a/src/test/correct/basic_function_call_reader/clang_O2/basic_function_call_reader.expected b/src/test/correct/basic_function_call_reader/clang_O2/basic_function_call_reader.expected index fb01ac4e4..9d53d3cfd 100644 --- a/src/test/correct/basic_function_call_reader/clang_O2/basic_function_call_reader.expected +++ b/src/test/correct/basic_function_call_reader/clang_O2/basic_function_call_reader.expected @@ -1,10 +1,18 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R8: bool; var {:extern} Gamma_R9: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R8: bv64; var {:extern} R9: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; const {:extern} $x_addr: bv64; axiom ($x_addr == 69688bv64); @@ -83,7 +91,7 @@ implementation {:extern} guarantee_reflexive() } procedure main(); - modifies Gamma_R0, Gamma_R8, Gamma_R9, Gamma_mem, R0, R8, R9, mem; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R8, Gamma_R9, Gamma_VF, Gamma_ZF, Gamma_mem, NF, R0, R8, R9, VF, ZF, mem; free requires (memory_load64_le(mem, 69664bv64) == 0bv64); free requires (memory_load64_le(mem, 69672bv64) == 69672bv64); free requires (memory_load8_le(mem, 1860bv64) == 1bv8); @@ -106,15 +114,7 @@ procedure main(); implementation main() { var #4: bv32; - var CF: bv1; var Gamma_#4: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; lmain: assume {:captureState "lmain"} true; R8, Gamma_R8 := 69632bv64, true; diff --git a/src/test/correct/basic_function_call_reader/clang_no_plt_no_pic/basic_function_call_reader.expected b/src/test/correct/basic_function_call_reader/clang_no_plt_no_pic/basic_function_call_reader.expected index f041bdf4a..09cbb05ff 100644 --- a/src/test/correct/basic_function_call_reader/clang_no_plt_no_pic/basic_function_call_reader.expected +++ b/src/test/correct/basic_function_call_reader/clang_no_plt_no_pic/basic_function_call_reader.expected @@ -1,11 +1,19 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; var {:extern} Gamma_R8: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; var {:extern} R8: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $x_addr: bv64; @@ -93,7 +101,7 @@ implementation {:extern} guarantee_reflexive() } procedure main(); - modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_mem, Gamma_stack, R0, R31, R8, mem, stack; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_R8, Gamma_VF, Gamma_ZF, Gamma_mem, Gamma_stack, NF, R0, R31, R8, VF, ZF, mem, stack; free requires (memory_load64_le(mem, 69664bv64) == 0bv64); free requires (memory_load64_le(mem, 69672bv64) == 69672bv64); free requires (memory_load8_le(mem, 1908bv64) == 1bv8); @@ -118,15 +126,7 @@ procedure main(); implementation main() { var #4: bv32; - var CF: bv1; var Gamma_#4: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; @@ -147,7 +147,7 @@ implementation main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l00000985, lmain_goto_l00000988; + goto lmain_goto_l00000988, lmain_goto_l00000985; l00000988: assume {:captureState "l00000988"} true; R8, Gamma_R8 := 1bv64, true; diff --git a/src/test/correct/basic_function_call_reader/clang_pic/basic_function_call_reader.expected b/src/test/correct/basic_function_call_reader/clang_pic/basic_function_call_reader.expected index 8ce836552..0fd8f9700 100644 --- a/src/test/correct/basic_function_call_reader/clang_pic/basic_function_call_reader.expected +++ b/src/test/correct/basic_function_call_reader/clang_pic/basic_function_call_reader.expected @@ -1,11 +1,19 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; var {:extern} Gamma_R8: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; var {:extern} R8: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $x_addr: bv64; @@ -99,7 +107,7 @@ implementation {:extern} guarantee_reflexive() } procedure main(); - modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_mem, Gamma_stack, R0, R31, R8, mem, stack; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_R8, Gamma_VF, Gamma_ZF, Gamma_mem, Gamma_stack, NF, R0, R31, R8, VF, ZF, mem, stack; free requires (memory_load64_le(mem, 69664bv64) == 0bv64); free requires (memory_load64_le(mem, 69672bv64) == 69672bv64); free requires (memory_load8_le(mem, 1980bv64) == 1bv8); @@ -128,15 +136,7 @@ procedure main(); implementation main() { var #4: bv32; - var CF: bv1; var Gamma_#4: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; @@ -161,7 +161,7 @@ implementation main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l00000358, lmain_goto_l0000035b; + goto lmain_goto_l0000035b, lmain_goto_l00000358; l0000035b: assume {:captureState "l0000035b"} true; R8, Gamma_R8 := 1bv64, true; diff --git a/src/test/correct/basic_function_call_reader/gcc/basic_function_call_reader.expected b/src/test/correct/basic_function_call_reader/gcc/basic_function_call_reader.expected index d71c3e779..b17237b08 100644 --- a/src/test/correct/basic_function_call_reader/gcc/basic_function_call_reader.expected +++ b/src/test/correct/basic_function_call_reader/gcc/basic_function_call_reader.expected @@ -1,9 +1,17 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $x_addr: bv64; @@ -91,7 +99,7 @@ implementation {:extern} guarantee_reflexive() } procedure main(); - modifies Gamma_R0, Gamma_R31, Gamma_mem, Gamma_stack, R0, R31, mem, stack; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_VF, Gamma_ZF, Gamma_mem, Gamma_stack, NF, R0, R31, VF, ZF, mem, stack; free requires (memory_load64_le(mem, 69632bv64) == 0bv64); free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); free requires (memory_load8_le(mem, 1892bv64) == 1bv8); @@ -116,15 +124,7 @@ procedure main(); implementation main() { var #4: bv32; - var CF: bv1; var Gamma_#4: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; @@ -144,7 +144,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#4, 1bv32), 0bv32), Gamma_#4; NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l00000349, lmain_goto_l00000332; + goto lmain_goto_l00000332, lmain_goto_l00000349; l00000332: assume {:captureState "l00000332"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); diff --git a/src/test/correct/basic_function_call_reader/gcc_O2/basic_function_call_reader.expected b/src/test/correct/basic_function_call_reader/gcc_O2/basic_function_call_reader.expected index d1f5db87f..1a40b8d2d 100644 --- a/src/test/correct/basic_function_call_reader/gcc_O2/basic_function_call_reader.expected +++ b/src/test/correct/basic_function_call_reader/gcc_O2/basic_function_call_reader.expected @@ -103,7 +103,7 @@ implementation main() call rely(); R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, bvadd64(R0, 20bv64))), (gamma_load32(Gamma_mem, bvadd64(R0, 20bv64)) || L(mem, bvadd64(R0, 20bv64))); assert Gamma_R0; - goto lmain_goto_l00000398, lmain_goto_l000001bc; + goto lmain_goto_l000001bc, lmain_goto_l00000398; l00000398: assume {:captureState "l00000398"} true; call rely(); diff --git a/src/test/correct/basic_function_call_reader/gcc_no_plt_no_pic/basic_function_call_reader.expected b/src/test/correct/basic_function_call_reader/gcc_no_plt_no_pic/basic_function_call_reader.expected index 790fdac03..58182e98e 100644 --- a/src/test/correct/basic_function_call_reader/gcc_no_plt_no_pic/basic_function_call_reader.expected +++ b/src/test/correct/basic_function_call_reader/gcc_no_plt_no_pic/basic_function_call_reader.expected @@ -1,9 +1,17 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $x_addr: bv64; @@ -91,7 +99,7 @@ implementation {:extern} guarantee_reflexive() } procedure main(); - modifies Gamma_R0, Gamma_R31, Gamma_mem, Gamma_stack, R0, R31, mem, stack; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_VF, Gamma_ZF, Gamma_mem, Gamma_stack, NF, R0, R31, VF, ZF, mem, stack; free requires (memory_load64_le(mem, 69632bv64) == 0bv64); free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); free requires (memory_load8_le(mem, 1892bv64) == 1bv8); @@ -116,15 +124,7 @@ procedure main(); implementation main() { var #4: bv32; - var CF: bv1; var Gamma_#4: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; diff --git a/src/test/correct/basic_function_call_reader/gcc_pic/basic_function_call_reader.expected b/src/test/correct/basic_function_call_reader/gcc_pic/basic_function_call_reader.expected index 274ce16ba..b1fe70ac7 100644 --- a/src/test/correct/basic_function_call_reader/gcc_pic/basic_function_call_reader.expected +++ b/src/test/correct/basic_function_call_reader/gcc_pic/basic_function_call_reader.expected @@ -1,9 +1,17 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $x_addr: bv64; @@ -97,7 +105,7 @@ implementation {:extern} guarantee_reflexive() } procedure main(); - modifies Gamma_R0, Gamma_R31, Gamma_mem, Gamma_stack, R0, R31, mem, stack; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_VF, Gamma_ZF, Gamma_mem, Gamma_stack, NF, R0, R31, VF, ZF, mem, stack; free requires (memory_load64_le(mem, 69632bv64) == 0bv64); free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); free requires (memory_load8_le(mem, 1956bv64) == 1bv8); @@ -126,15 +134,7 @@ procedure main(); implementation main() { var #4: bv32; - var CF: bv1; var Gamma_#4: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; @@ -156,7 +156,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#4, 1bv32), 0bv32), Gamma_#4; NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l0000034b, lmain_goto_l00000334; + goto lmain_goto_l00000334, lmain_goto_l0000034b; l00000334: assume {:captureState "l00000334"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); diff --git a/src/test/correct/basic_lock_read/clang/basic_lock_read.expected b/src/test/correct/basic_lock_read/clang/basic_lock_read.expected index db6595a90..368fa8b4b 100644 --- a/src/test/correct/basic_lock_read/clang/basic_lock_read.expected +++ b/src/test/correct/basic_lock_read/clang/basic_lock_read.expected @@ -1,11 +1,19 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; var {:extern} Gamma_R8: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; var {:extern} R8: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $x_addr: bv64; @@ -89,7 +97,7 @@ implementation {:extern} guarantee_reflexive() } procedure main(); - modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_mem, Gamma_stack, R0, R31, R8, mem, stack; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_R8, Gamma_VF, Gamma_ZF, Gamma_mem, Gamma_stack, NF, R0, R31, R8, VF, ZF, mem, stack; free requires (memory_load64_le(mem, 69664bv64) == 0bv64); free requires (memory_load64_le(mem, 69672bv64) == 69672bv64); free requires (memory_load8_le(mem, 1900bv64) == 1bv8); @@ -115,15 +123,7 @@ procedure main(); implementation main() { var #4: bv32; - var CF: bv1; var Gamma_#4: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; var z_old: bv32; lmain: assume {:captureState "lmain"} true; diff --git a/src/test/correct/basic_lock_read/clang_O2/basic_lock_read.expected b/src/test/correct/basic_lock_read/clang_O2/basic_lock_read.expected index 197fdeb2c..2a14332bf 100644 --- a/src/test/correct/basic_lock_read/clang_O2/basic_lock_read.expected +++ b/src/test/correct/basic_lock_read/clang_O2/basic_lock_read.expected @@ -108,7 +108,7 @@ implementation main() call rely(); R8, Gamma_R8 := zero_extend32_32(memory_load32_le(mem, bvadd64(R8, 52bv64))), (gamma_load32(Gamma_mem, bvadd64(R8, 52bv64)) || L(mem, bvadd64(R8, 52bv64))); assert Gamma_R8; - goto lmain_goto_l000002dc, lmain_goto_l000002f7; + goto lmain_goto_l000002f7, lmain_goto_l000002dc; l000002dc: assume {:captureState "l000002dc"} true; R8, Gamma_R8 := 69632bv64, true; diff --git a/src/test/correct/basic_lock_read/clang_no_plt_no_pic/basic_lock_read.expected b/src/test/correct/basic_lock_read/clang_no_plt_no_pic/basic_lock_read.expected index 4f8620c1a..bea2fa1a4 100644 --- a/src/test/correct/basic_lock_read/clang_no_plt_no_pic/basic_lock_read.expected +++ b/src/test/correct/basic_lock_read/clang_no_plt_no_pic/basic_lock_read.expected @@ -1,11 +1,19 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; var {:extern} Gamma_R8: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; var {:extern} R8: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $x_addr: bv64; @@ -89,7 +97,7 @@ implementation {:extern} guarantee_reflexive() } procedure main(); - modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_mem, Gamma_stack, R0, R31, R8, mem, stack; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_R8, Gamma_VF, Gamma_ZF, Gamma_mem, Gamma_stack, NF, R0, R31, R8, VF, ZF, mem, stack; free requires (memory_load64_le(mem, 69664bv64) == 0bv64); free requires (memory_load64_le(mem, 69672bv64) == 69672bv64); free requires (memory_load8_le(mem, 1900bv64) == 1bv8); @@ -115,15 +123,7 @@ procedure main(); implementation main() { var #4: bv32; - var CF: bv1; var Gamma_#4: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; var z_old: bv32; lmain: assume {:captureState "lmain"} true; @@ -142,7 +142,7 @@ implementation main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l0000095b, lmain_goto_l00000958; + goto lmain_goto_l00000958, lmain_goto_l0000095b; l0000095b: assume {:captureState "l0000095b"} true; R8, Gamma_R8 := 1bv64, true; @@ -154,7 +154,7 @@ implementation main() l0000095e: assume {:captureState "l0000095e"} true; assert Gamma_R8; - goto l0000095e_goto_l00000966, l0000095e_goto_l0000097d; + goto l0000095e_goto_l0000097d, l0000095e_goto_l00000966; l0000097d: assume {:captureState "l0000097d"} true; goto l0000097e; diff --git a/src/test/correct/basic_lock_read/clang_pic/basic_lock_read.expected b/src/test/correct/basic_lock_read/clang_pic/basic_lock_read.expected index 1ebf43397..44f2ddd47 100644 --- a/src/test/correct/basic_lock_read/clang_pic/basic_lock_read.expected +++ b/src/test/correct/basic_lock_read/clang_pic/basic_lock_read.expected @@ -1,11 +1,19 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; var {:extern} Gamma_R8: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; var {:extern} R8: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $x_addr: bv64; @@ -95,7 +103,7 @@ implementation {:extern} guarantee_reflexive() } procedure main(); - modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_mem, Gamma_stack, R0, R31, R8, mem, stack; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_R8, Gamma_VF, Gamma_ZF, Gamma_mem, Gamma_stack, NF, R0, R31, R8, VF, ZF, mem, stack; free requires (memory_load64_le(mem, 69664bv64) == 0bv64); free requires (memory_load64_le(mem, 69672bv64) == 69672bv64); free requires (memory_load8_le(mem, 1972bv64) == 1bv8); @@ -125,15 +133,7 @@ procedure main(); implementation main() { var #4: bv32; - var CF: bv1; var Gamma_#4: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; var z_old: bv32; lmain: assume {:captureState "lmain"} true; @@ -154,7 +154,7 @@ implementation main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l0000033f, lmain_goto_l0000033c; + goto lmain_goto_l0000033c, lmain_goto_l0000033f; l0000033f: assume {:captureState "l0000033f"} true; R8, Gamma_R8 := 1bv64, true; @@ -166,7 +166,7 @@ implementation main() l00000342: assume {:captureState "l00000342"} true; assert Gamma_R8; - goto l00000342_goto_l0000034a, l00000342_goto_l00000361; + goto l00000342_goto_l00000361, l00000342_goto_l0000034a; l00000361: assume {:captureState "l00000361"} true; goto l00000362; diff --git a/src/test/correct/basic_lock_read/gcc/basic_lock_read.expected b/src/test/correct/basic_lock_read/gcc/basic_lock_read.expected index c83f5c166..e9cda79fa 100644 --- a/src/test/correct/basic_lock_read/gcc/basic_lock_read.expected +++ b/src/test/correct/basic_lock_read/gcc/basic_lock_read.expected @@ -1,9 +1,17 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $x_addr: bv64; @@ -87,7 +95,7 @@ implementation {:extern} guarantee_reflexive() } procedure main(); - modifies Gamma_R0, Gamma_R31, Gamma_mem, Gamma_stack, R0, R31, mem, stack; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_VF, Gamma_ZF, Gamma_mem, Gamma_stack, NF, R0, R31, VF, ZF, mem, stack; free requires (memory_load64_le(mem, 69632bv64) == 0bv64); free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); free requires (memory_load8_le(mem, 1900bv64) == 1bv8); @@ -113,15 +121,7 @@ procedure main(); implementation main() { var #4: bv32; - var CF: bv1; var Gamma_#4: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; var z_old: bv32; lmain: assume {:captureState "lmain"} true; diff --git a/src/test/correct/basic_lock_read/gcc_O2/basic_lock_read.expected b/src/test/correct/basic_lock_read/gcc_O2/basic_lock_read.expected index 2a16b5a6a..5bc387a30 100644 --- a/src/test/correct/basic_lock_read/gcc_O2/basic_lock_read.expected +++ b/src/test/correct/basic_lock_read/gcc_O2/basic_lock_read.expected @@ -110,7 +110,7 @@ implementation main() call rely(); R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, bvadd64(R0, 20bv64))), (gamma_load32(Gamma_mem, bvadd64(R0, 20bv64)) || L(mem, bvadd64(R0, 20bv64))); assert Gamma_R0; - goto lmain_goto_l000001bd, lmain_goto_l0000039c; + goto lmain_goto_l0000039c, lmain_goto_l000001bd; l0000039c: assume {:captureState "l0000039c"} true; call rely(); diff --git a/src/test/correct/basic_lock_read/gcc_no_plt_no_pic/basic_lock_read.expected b/src/test/correct/basic_lock_read/gcc_no_plt_no_pic/basic_lock_read.expected index 58f5ddf79..592be48df 100644 --- a/src/test/correct/basic_lock_read/gcc_no_plt_no_pic/basic_lock_read.expected +++ b/src/test/correct/basic_lock_read/gcc_no_plt_no_pic/basic_lock_read.expected @@ -1,9 +1,17 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $x_addr: bv64; @@ -87,7 +95,7 @@ implementation {:extern} guarantee_reflexive() } procedure main(); - modifies Gamma_R0, Gamma_R31, Gamma_mem, Gamma_stack, R0, R31, mem, stack; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_VF, Gamma_ZF, Gamma_mem, Gamma_stack, NF, R0, R31, VF, ZF, mem, stack; free requires (memory_load64_le(mem, 69632bv64) == 0bv64); free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); free requires (memory_load8_le(mem, 1900bv64) == 1bv8); @@ -113,15 +121,7 @@ procedure main(); implementation main() { var #4: bv32; - var CF: bv1; var Gamma_#4: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; var z_old: bv32; lmain: assume {:captureState "lmain"} true; diff --git a/src/test/correct/basic_lock_read/gcc_pic/basic_lock_read.expected b/src/test/correct/basic_lock_read/gcc_pic/basic_lock_read.expected index 084d0cad4..9c5e29ee0 100644 --- a/src/test/correct/basic_lock_read/gcc_pic/basic_lock_read.expected +++ b/src/test/correct/basic_lock_read/gcc_pic/basic_lock_read.expected @@ -1,9 +1,17 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $x_addr: bv64; @@ -93,7 +101,7 @@ implementation {:extern} guarantee_reflexive() } procedure main(); - modifies Gamma_R0, Gamma_R31, Gamma_mem, Gamma_stack, R0, R31, mem, stack; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_VF, Gamma_ZF, Gamma_mem, Gamma_stack, NF, R0, R31, VF, ZF, mem, stack; free requires (memory_load64_le(mem, 69632bv64) == 0bv64); free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); free requires (memory_load8_le(mem, 1964bv64) == 1bv8); @@ -123,15 +131,7 @@ procedure main(); implementation main() { var #4: bv32; - var CF: bv1; var Gamma_#4: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; var z_old: bv32; lmain: assume {:captureState "lmain"} true; diff --git a/src/test/correct/basic_lock_security_read/clang/basic_lock_security_read.expected b/src/test/correct/basic_lock_security_read/clang/basic_lock_security_read.expected index cf0ff5fbe..b1688c5cd 100644 --- a/src/test/correct/basic_lock_security_read/clang/basic_lock_security_read.expected +++ b/src/test/correct/basic_lock_security_read/clang/basic_lock_security_read.expected @@ -1,11 +1,19 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; var {:extern} Gamma_R8: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; var {:extern} R8: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $x_addr: bv64; @@ -89,7 +97,7 @@ implementation {:extern} guarantee_reflexive() } procedure main(); - modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_mem, Gamma_stack, R0, R31, R8, mem, stack; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_R8, Gamma_VF, Gamma_ZF, Gamma_mem, Gamma_stack, NF, R0, R31, R8, VF, ZF, mem, stack; free requires (memory_load64_le(mem, 69664bv64) == 0bv64); free requires (memory_load64_le(mem, 69672bv64) == 69672bv64); free requires (memory_load8_le(mem, 1896bv64) == 1bv8); @@ -114,15 +122,7 @@ procedure main(); implementation main() { var #4: bv32; - var CF: bv1; var Gamma_#4: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; @@ -140,7 +140,7 @@ implementation main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l00000329, lmain_goto_l0000032c; + goto lmain_goto_l0000032c, lmain_goto_l00000329; l0000032c: assume {:captureState "l0000032c"} true; R8, Gamma_R8 := 1bv64, true; diff --git a/src/test/correct/basic_lock_security_read/clang_O2/basic_lock_security_read.expected b/src/test/correct/basic_lock_security_read/clang_O2/basic_lock_security_read.expected index d9f9cea02..790f76e8e 100644 --- a/src/test/correct/basic_lock_security_read/clang_O2/basic_lock_security_read.expected +++ b/src/test/correct/basic_lock_security_read/clang_O2/basic_lock_security_read.expected @@ -1,10 +1,18 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R8: bool; var {:extern} Gamma_R9: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R8: bv64; var {:extern} R9: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; const {:extern} $x_addr: bv64; axiom ($x_addr == 69688bv64); @@ -79,7 +87,7 @@ implementation {:extern} guarantee_reflexive() } procedure main(); - modifies Gamma_R0, Gamma_R8, Gamma_R9, Gamma_mem, R0, R8, R9, mem; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R8, Gamma_R9, Gamma_VF, Gamma_ZF, Gamma_mem, NF, R0, R8, R9, VF, ZF, mem; free requires (memory_load64_le(mem, 69664bv64) == 0bv64); free requires (memory_load64_le(mem, 69672bv64) == 69672bv64); free requires (memory_load8_le(mem, 1860bv64) == 1bv8); @@ -102,15 +110,7 @@ procedure main(); implementation main() { var #4: bv32; - var CF: bv1; var Gamma_#4: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; lmain: assume {:captureState "lmain"} true; R8, Gamma_R8 := 69632bv64, true; diff --git a/src/test/correct/basic_lock_security_read/clang_no_plt_no_pic/basic_lock_security_read.expected b/src/test/correct/basic_lock_security_read/clang_no_plt_no_pic/basic_lock_security_read.expected index 55416eb78..28ef73e25 100644 --- a/src/test/correct/basic_lock_security_read/clang_no_plt_no_pic/basic_lock_security_read.expected +++ b/src/test/correct/basic_lock_security_read/clang_no_plt_no_pic/basic_lock_security_read.expected @@ -1,11 +1,19 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; var {:extern} Gamma_R8: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; var {:extern} R8: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $x_addr: bv64; @@ -89,7 +97,7 @@ implementation {:extern} guarantee_reflexive() } procedure main(); - modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_mem, Gamma_stack, R0, R31, R8, mem, stack; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_R8, Gamma_VF, Gamma_ZF, Gamma_mem, Gamma_stack, NF, R0, R31, R8, VF, ZF, mem, stack; free requires (memory_load64_le(mem, 69664bv64) == 0bv64); free requires (memory_load64_le(mem, 69672bv64) == 69672bv64); free requires (memory_load8_le(mem, 1896bv64) == 1bv8); @@ -114,15 +122,7 @@ procedure main(); implementation main() { var #4: bv32; - var CF: bv1; var Gamma_#4: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; @@ -140,7 +140,7 @@ implementation main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l0000094a, lmain_goto_l00000947; + goto lmain_goto_l00000947, lmain_goto_l0000094a; l0000094a: assume {:captureState "l0000094a"} true; R8, Gamma_R8 := 1bv64, true; @@ -152,7 +152,7 @@ implementation main() l0000094d: assume {:captureState "l0000094d"} true; assert Gamma_R8; - goto l0000094d_goto_l00000955, l0000094d_goto_l0000096c; + goto l0000094d_goto_l0000096c, l0000094d_goto_l00000955; l0000096c: assume {:captureState "l0000096c"} true; goto l0000096d; diff --git a/src/test/correct/basic_lock_security_read/clang_pic/basic_lock_security_read.expected b/src/test/correct/basic_lock_security_read/clang_pic/basic_lock_security_read.expected index 79910e11b..44e56abef 100644 --- a/src/test/correct/basic_lock_security_read/clang_pic/basic_lock_security_read.expected +++ b/src/test/correct/basic_lock_security_read/clang_pic/basic_lock_security_read.expected @@ -1,11 +1,19 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; var {:extern} Gamma_R8: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; var {:extern} R8: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $x_addr: bv64; @@ -95,7 +103,7 @@ implementation {:extern} guarantee_reflexive() } procedure main(); - modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_mem, Gamma_stack, R0, R31, R8, mem, stack; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_R8, Gamma_VF, Gamma_ZF, Gamma_mem, Gamma_stack, NF, R0, R31, R8, VF, ZF, mem, stack; free requires (memory_load64_le(mem, 69664bv64) == 0bv64); free requires (memory_load64_le(mem, 69672bv64) == 69672bv64); free requires (memory_load8_le(mem, 1968bv64) == 1bv8); @@ -124,15 +132,7 @@ procedure main(); implementation main() { var #4: bv32; - var CF: bv1; var Gamma_#4: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; @@ -152,7 +152,7 @@ implementation main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l00000338, lmain_goto_l0000033b; + goto lmain_goto_l0000033b, lmain_goto_l00000338; l0000033b: assume {:captureState "l0000033b"} true; R8, Gamma_R8 := 1bv64, true; @@ -164,7 +164,7 @@ implementation main() l0000033e: assume {:captureState "l0000033e"} true; assert Gamma_R8; - goto l0000033e_goto_l0000035d, l0000033e_goto_l00000346; + goto l0000033e_goto_l00000346, l0000033e_goto_l0000035d; l0000035d: assume {:captureState "l0000035d"} true; goto l0000035e; diff --git a/src/test/correct/basic_lock_security_read/gcc/basic_lock_security_read.expected b/src/test/correct/basic_lock_security_read/gcc/basic_lock_security_read.expected index 4f7c77915..0734a734e 100644 --- a/src/test/correct/basic_lock_security_read/gcc/basic_lock_security_read.expected +++ b/src/test/correct/basic_lock_security_read/gcc/basic_lock_security_read.expected @@ -1,9 +1,17 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $x_addr: bv64; @@ -87,7 +95,7 @@ implementation {:extern} guarantee_reflexive() } procedure main(); - modifies Gamma_R0, Gamma_R31, Gamma_mem, Gamma_stack, R0, R31, mem, stack; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_VF, Gamma_ZF, Gamma_mem, Gamma_stack, NF, R0, R31, VF, ZF, mem, stack; free requires (memory_load64_le(mem, 69632bv64) == 0bv64); free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); free requires (memory_load8_le(mem, 1888bv64) == 1bv8); @@ -112,15 +120,7 @@ procedure main(); implementation main() { var #4: bv32; - var CF: bv1; var Gamma_#4: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; @@ -136,7 +136,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#4, 1bv32), 0bv32), Gamma_#4; NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l00000332, lmain_goto_l0000031b; + goto lmain_goto_l0000031b, lmain_goto_l00000332; l00000332: assume {:captureState "l00000332"} true; R0, Gamma_R0 := 69632bv64, true; diff --git a/src/test/correct/basic_lock_security_read/gcc_no_plt_no_pic/basic_lock_security_read.expected b/src/test/correct/basic_lock_security_read/gcc_no_plt_no_pic/basic_lock_security_read.expected index 8fee3b91e..3a53f0467 100644 --- a/src/test/correct/basic_lock_security_read/gcc_no_plt_no_pic/basic_lock_security_read.expected +++ b/src/test/correct/basic_lock_security_read/gcc_no_plt_no_pic/basic_lock_security_read.expected @@ -1,9 +1,17 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $x_addr: bv64; @@ -87,7 +95,7 @@ implementation {:extern} guarantee_reflexive() } procedure main(); - modifies Gamma_R0, Gamma_R31, Gamma_mem, Gamma_stack, R0, R31, mem, stack; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_VF, Gamma_ZF, Gamma_mem, Gamma_stack, NF, R0, R31, VF, ZF, mem, stack; free requires (memory_load64_le(mem, 69632bv64) == 0bv64); free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); free requires (memory_load8_le(mem, 1888bv64) == 1bv8); @@ -112,15 +120,7 @@ procedure main(); implementation main() { var #4: bv32; - var CF: bv1; var Gamma_#4: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; diff --git a/src/test/correct/basic_lock_security_read/gcc_pic/basic_lock_security_read.expected b/src/test/correct/basic_lock_security_read/gcc_pic/basic_lock_security_read.expected index f002e09a4..db96e67c1 100644 --- a/src/test/correct/basic_lock_security_read/gcc_pic/basic_lock_security_read.expected +++ b/src/test/correct/basic_lock_security_read/gcc_pic/basic_lock_security_read.expected @@ -1,9 +1,17 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $x_addr: bv64; @@ -93,7 +101,7 @@ implementation {:extern} guarantee_reflexive() } procedure main(); - modifies Gamma_R0, Gamma_R31, Gamma_mem, Gamma_stack, R0, R31, mem, stack; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_VF, Gamma_ZF, Gamma_mem, Gamma_stack, NF, R0, R31, VF, ZF, mem, stack; free requires (memory_load64_le(mem, 69632bv64) == 0bv64); free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); free requires (memory_load8_le(mem, 1952bv64) == 1bv8); @@ -122,15 +130,7 @@ procedure main(); implementation main() { var #4: bv32; - var CF: bv1; var Gamma_#4: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; @@ -147,7 +147,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#4, 1bv32), 0bv32), Gamma_#4; NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l00000333, lmain_goto_l0000031c; + goto lmain_goto_l0000031c, lmain_goto_l00000333; l00000333: assume {:captureState "l00000333"} true; R0, Gamma_R0 := 65536bv64, true; diff --git a/src/test/correct/basic_operation_evaluation/clang/basic_operation_evaluation.expected b/src/test/correct/basic_operation_evaluation/clang/basic_operation_evaluation.expected index 034341749..a3c307696 100644 --- a/src/test/correct/basic_operation_evaluation/clang/basic_operation_evaluation.expected +++ b/src/test/correct/basic_operation_evaluation/clang/basic_operation_evaluation.expected @@ -1,17 +1,25 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R1: bool; var {:extern} Gamma_R10: bool; var {:extern} Gamma_R31: bool; var {:extern} Gamma_R8: bool; var {:extern} Gamma_R9: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R1: bv64; var {:extern} R10: bv64; var {:extern} R31: bv64; var {:extern} R8: bv64; var {:extern} R9: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $_IO_stdin_used_addr: bv64; @@ -92,7 +100,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies Gamma_R0, Gamma_R10, Gamma_R31, Gamma_R8, Gamma_R9, Gamma_stack, R0, R10, R31, R8, R9, stack; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R10, Gamma_R31, Gamma_R8, Gamma_R9, Gamma_VF, Gamma_ZF, Gamma_stack, NF, R0, R10, R31, R8, R9, VF, ZF, stack; free requires (memory_load64_le(mem, 69664bv64) == 0bv64); free requires (memory_load64_le(mem, 69672bv64) == 69672bv64); free requires (memory_load8_le(mem, 1952bv64) == 1bv8); @@ -118,16 +126,8 @@ implementation main() { var #4: bv32; var #5: bv32; - var CF: bv1; var Gamma_#4: bool; var Gamma_#5: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551584bv64), Gamma_R31; @@ -164,7 +164,7 @@ implementation main() R8, Gamma_R8 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); R10, Gamma_R10 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); assert Gamma_R10; - goto lmain_goto_l000003c9, lmain_goto_l000003ce; + goto lmain_goto_l000003ce, lmain_goto_l000003c9; l000003ce: assume {:captureState "l000003ce"} true; R9, Gamma_R9 := zero_extend32_32(bvsdiv33(sign_extend1_32(R8[32:0]), sign_extend1_32(R10[32:0]))[32:0]), (Gamma_R10 && Gamma_R8); diff --git a/src/test/correct/basic_operation_evaluation/clang_no_plt_no_pic/basic_operation_evaluation.expected b/src/test/correct/basic_operation_evaluation/clang_no_plt_no_pic/basic_operation_evaluation.expected index 3e31a9755..a522637ce 100644 --- a/src/test/correct/basic_operation_evaluation/clang_no_plt_no_pic/basic_operation_evaluation.expected +++ b/src/test/correct/basic_operation_evaluation/clang_no_plt_no_pic/basic_operation_evaluation.expected @@ -1,17 +1,25 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R1: bool; var {:extern} Gamma_R10: bool; var {:extern} Gamma_R31: bool; var {:extern} Gamma_R8: bool; var {:extern} Gamma_R9: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R1: bv64; var {:extern} R10: bv64; var {:extern} R31: bv64; var {:extern} R8: bv64; var {:extern} R9: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $_IO_stdin_used_addr: bv64; @@ -92,7 +100,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies Gamma_R0, Gamma_R10, Gamma_R31, Gamma_R8, Gamma_R9, Gamma_stack, R0, R10, R31, R8, R9, stack; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R10, Gamma_R31, Gamma_R8, Gamma_R9, Gamma_VF, Gamma_ZF, Gamma_stack, NF, R0, R10, R31, R8, R9, VF, ZF, stack; free requires (memory_load64_le(mem, 69664bv64) == 0bv64); free requires (memory_load64_le(mem, 69672bv64) == 69672bv64); free requires (memory_load8_le(mem, 1952bv64) == 1bv8); @@ -118,16 +126,8 @@ implementation main() { var #4: bv32; var #5: bv32; - var CF: bv1; var Gamma_#4: bool; var Gamma_#5: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551584bv64), Gamma_R31; diff --git a/src/test/correct/basic_operation_evaluation/clang_pic/basic_operation_evaluation.expected b/src/test/correct/basic_operation_evaluation/clang_pic/basic_operation_evaluation.expected index 3e31a9755..a522637ce 100644 --- a/src/test/correct/basic_operation_evaluation/clang_pic/basic_operation_evaluation.expected +++ b/src/test/correct/basic_operation_evaluation/clang_pic/basic_operation_evaluation.expected @@ -1,17 +1,25 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R1: bool; var {:extern} Gamma_R10: bool; var {:extern} Gamma_R31: bool; var {:extern} Gamma_R8: bool; var {:extern} Gamma_R9: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R1: bv64; var {:extern} R10: bv64; var {:extern} R31: bv64; var {:extern} R8: bv64; var {:extern} R9: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $_IO_stdin_used_addr: bv64; @@ -92,7 +100,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies Gamma_R0, Gamma_R10, Gamma_R31, Gamma_R8, Gamma_R9, Gamma_stack, R0, R10, R31, R8, R9, stack; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R10, Gamma_R31, Gamma_R8, Gamma_R9, Gamma_VF, Gamma_ZF, Gamma_stack, NF, R0, R10, R31, R8, R9, VF, ZF, stack; free requires (memory_load64_le(mem, 69664bv64) == 0bv64); free requires (memory_load64_le(mem, 69672bv64) == 69672bv64); free requires (memory_load8_le(mem, 1952bv64) == 1bv8); @@ -118,16 +126,8 @@ implementation main() { var #4: bv32; var #5: bv32; - var CF: bv1; var Gamma_#4: bool; var Gamma_#5: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551584bv64), Gamma_R31; diff --git a/src/test/correct/basic_operation_evaluation/gcc/basic_operation_evaluation.expected b/src/test/correct/basic_operation_evaluation/gcc/basic_operation_evaluation.expected index 519a3eea4..f749d9aa1 100644 --- a/src/test/correct/basic_operation_evaluation/gcc/basic_operation_evaluation.expected +++ b/src/test/correct/basic_operation_evaluation/gcc/basic_operation_evaluation.expected @@ -140,7 +140,7 @@ implementation main() R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 20bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 20bv64)); R1, Gamma_R1 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 24bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 24bv64)); assert Gamma_R1; - goto lmain_goto_l000003b8, lmain_goto_l000003b3; + goto lmain_goto_l000003b3, lmain_goto_l000003b8; l000003b8: assume {:captureState "l000003b8"} true; R2, Gamma_R2 := zero_extend32_32(bvsdiv33(sign_extend1_32(R0[32:0]), sign_extend1_32(R1[32:0]))[32:0]), (Gamma_R1 && Gamma_R0); diff --git a/src/test/correct/basic_operation_evaluation/gcc_no_plt_no_pic/basic_operation_evaluation.expected b/src/test/correct/basic_operation_evaluation/gcc_no_plt_no_pic/basic_operation_evaluation.expected index e452e806d..4e9789b9f 100644 --- a/src/test/correct/basic_operation_evaluation/gcc_no_plt_no_pic/basic_operation_evaluation.expected +++ b/src/test/correct/basic_operation_evaluation/gcc_no_plt_no_pic/basic_operation_evaluation.expected @@ -140,7 +140,7 @@ implementation main() R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 20bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 20bv64)); R1, Gamma_R1 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 24bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 24bv64)); assert Gamma_R1; - goto lmain_goto_l00000a6e, lmain_goto_l00000a73; + goto lmain_goto_l00000a73, lmain_goto_l00000a6e; l00000a73: assume {:captureState "l00000a73"} true; R2, Gamma_R2 := zero_extend32_32(bvsdiv33(sign_extend1_32(R0[32:0]), sign_extend1_32(R1[32:0]))[32:0]), (Gamma_R1 && Gamma_R0); diff --git a/src/test/correct/basic_sec_policy_read/clang/basic_sec_policy_read.expected b/src/test/correct/basic_sec_policy_read/clang/basic_sec_policy_read.expected index 3c10d40f5..f37f852ba 100644 --- a/src/test/correct/basic_sec_policy_read/clang/basic_sec_policy_read.expected +++ b/src/test/correct/basic_sec_policy_read/clang/basic_sec_policy_read.expected @@ -1,11 +1,19 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; var {:extern} Gamma_R8: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; var {:extern} R8: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $x_addr: bv64; @@ -89,7 +97,7 @@ implementation {:extern} guarantee_reflexive() } procedure main(); - modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_mem, Gamma_stack, R0, R31, R8, mem, stack; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_R8, Gamma_VF, Gamma_ZF, Gamma_mem, Gamma_stack, NF, R0, R31, R8, VF, ZF, mem, stack; free requires (memory_load64_le(mem, 69664bv64) == 0bv64); free requires (memory_load64_le(mem, 69672bv64) == 69672bv64); free requires (memory_load8_le(mem, 1896bv64) == 1bv8); @@ -114,15 +122,7 @@ procedure main(); implementation main() { var #4: bv32; - var CF: bv1; var Gamma_#4: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; @@ -143,7 +143,7 @@ implementation main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l00000336, lmain_goto_l00000339; + goto lmain_goto_l00000339, lmain_goto_l00000336; l00000339: assume {:captureState "l00000339"} true; R8, Gamma_R8 := 1bv64, true; diff --git a/src/test/correct/basic_sec_policy_read/clang_O2/basic_sec_policy_read.expected b/src/test/correct/basic_sec_policy_read/clang_O2/basic_sec_policy_read.expected index 64769e137..05b01f874 100644 --- a/src/test/correct/basic_sec_policy_read/clang_O2/basic_sec_policy_read.expected +++ b/src/test/correct/basic_sec_policy_read/clang_O2/basic_sec_policy_read.expected @@ -1,10 +1,18 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R8: bool; var {:extern} Gamma_R9: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R8: bv64; var {:extern} R9: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; const {:extern} $x_addr: bv64; axiom ($x_addr == 69684bv64); @@ -79,7 +87,7 @@ implementation {:extern} guarantee_reflexive() } procedure main(); - modifies Gamma_R0, Gamma_R8, Gamma_R9, Gamma_mem, R0, R8, R9, mem; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R8, Gamma_R9, Gamma_VF, Gamma_ZF, Gamma_mem, NF, R0, R8, R9, VF, ZF, mem; free requires (memory_load64_le(mem, 69664bv64) == 0bv64); free requires (memory_load64_le(mem, 69672bv64) == 69672bv64); free requires (memory_load8_le(mem, 1860bv64) == 1bv8); @@ -102,15 +110,7 @@ procedure main(); implementation main() { var #4: bv32; - var CF: bv1; var Gamma_#4: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; lmain: assume {:captureState "lmain"} true; R8, Gamma_R8 := 69632bv64, true; @@ -125,7 +125,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#4, 1bv32), 0bv32), Gamma_#4; NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l000002fd, lmain_goto_l000002fa; + goto lmain_goto_l000002fa, lmain_goto_l000002fd; l000002fd: assume {:captureState "l000002fd"} true; R0, Gamma_R0 := 0bv64, true; diff --git a/src/test/correct/basic_sec_policy_read/clang_no_plt_no_pic/basic_sec_policy_read.expected b/src/test/correct/basic_sec_policy_read/clang_no_plt_no_pic/basic_sec_policy_read.expected index d8d8d2f6c..cf574baa9 100644 --- a/src/test/correct/basic_sec_policy_read/clang_no_plt_no_pic/basic_sec_policy_read.expected +++ b/src/test/correct/basic_sec_policy_read/clang_no_plt_no_pic/basic_sec_policy_read.expected @@ -1,11 +1,19 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; var {:extern} Gamma_R8: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; var {:extern} R8: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $x_addr: bv64; @@ -89,7 +97,7 @@ implementation {:extern} guarantee_reflexive() } procedure main(); - modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_mem, Gamma_stack, R0, R31, R8, mem, stack; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_R8, Gamma_VF, Gamma_ZF, Gamma_mem, Gamma_stack, NF, R0, R31, R8, VF, ZF, mem, stack; free requires (memory_load64_le(mem, 69664bv64) == 0bv64); free requires (memory_load64_le(mem, 69672bv64) == 69672bv64); free requires (memory_load8_le(mem, 1896bv64) == 1bv8); @@ -114,15 +122,7 @@ procedure main(); implementation main() { var #4: bv32; - var CF: bv1; var Gamma_#4: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; @@ -143,7 +143,7 @@ implementation main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l00000954, lmain_goto_l00000957; + goto lmain_goto_l00000957, lmain_goto_l00000954; l00000957: assume {:captureState "l00000957"} true; R8, Gamma_R8 := 1bv64, true; diff --git a/src/test/correct/basic_sec_policy_read/clang_pic/basic_sec_policy_read.expected b/src/test/correct/basic_sec_policy_read/clang_pic/basic_sec_policy_read.expected index 9f2fb9d46..334cfb61d 100644 --- a/src/test/correct/basic_sec_policy_read/clang_pic/basic_sec_policy_read.expected +++ b/src/test/correct/basic_sec_policy_read/clang_pic/basic_sec_policy_read.expected @@ -1,11 +1,19 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; var {:extern} Gamma_R8: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; var {:extern} R8: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $x_addr: bv64; @@ -95,7 +103,7 @@ implementation {:extern} guarantee_reflexive() } procedure main(); - modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_mem, Gamma_stack, R0, R31, R8, mem, stack; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_R8, Gamma_VF, Gamma_ZF, Gamma_mem, Gamma_stack, NF, R0, R31, R8, VF, ZF, mem, stack; free requires (memory_load64_le(mem, 69664bv64) == 0bv64); free requires (memory_load64_le(mem, 69672bv64) == 69672bv64); free requires (memory_load8_le(mem, 1968bv64) == 1bv8); @@ -124,15 +132,7 @@ procedure main(); implementation main() { var #4: bv32; - var CF: bv1; var Gamma_#4: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; diff --git a/src/test/correct/basic_sec_policy_read/gcc/basic_sec_policy_read.expected b/src/test/correct/basic_sec_policy_read/gcc/basic_sec_policy_read.expected index 9a64a11dd..9f7e31c2e 100644 --- a/src/test/correct/basic_sec_policy_read/gcc/basic_sec_policy_read.expected +++ b/src/test/correct/basic_sec_policy_read/gcc/basic_sec_policy_read.expected @@ -1,9 +1,17 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $x_addr: bv64; @@ -87,7 +95,7 @@ implementation {:extern} guarantee_reflexive() } procedure main(); - modifies Gamma_R0, Gamma_R31, Gamma_mem, Gamma_stack, R0, R31, mem, stack; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_VF, Gamma_ZF, Gamma_mem, Gamma_stack, NF, R0, R31, VF, ZF, mem, stack; free requires (memory_load64_le(mem, 69632bv64) == 0bv64); free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); free requires (memory_load8_le(mem, 1888bv64) == 1bv8); @@ -112,15 +120,7 @@ procedure main(); implementation main() { var #4: bv32; - var CF: bv1; var Gamma_#4: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; @@ -140,7 +140,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#4, 1bv32), 0bv32), Gamma_#4; NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l0000032e, lmain_goto_l00000345; + goto lmain_goto_l00000345, lmain_goto_l0000032e; l00000345: assume {:captureState "l00000345"} true; stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), 0bv32), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), true); diff --git a/src/test/correct/basic_sec_policy_read/gcc_no_plt_no_pic/basic_sec_policy_read.expected b/src/test/correct/basic_sec_policy_read/gcc_no_plt_no_pic/basic_sec_policy_read.expected index 16de0c96b..ad1418bff 100644 --- a/src/test/correct/basic_sec_policy_read/gcc_no_plt_no_pic/basic_sec_policy_read.expected +++ b/src/test/correct/basic_sec_policy_read/gcc_no_plt_no_pic/basic_sec_policy_read.expected @@ -1,9 +1,17 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $x_addr: bv64; @@ -87,7 +95,7 @@ implementation {:extern} guarantee_reflexive() } procedure main(); - modifies Gamma_R0, Gamma_R31, Gamma_mem, Gamma_stack, R0, R31, mem, stack; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_VF, Gamma_ZF, Gamma_mem, Gamma_stack, NF, R0, R31, VF, ZF, mem, stack; free requires (memory_load64_le(mem, 69632bv64) == 0bv64); free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); free requires (memory_load8_le(mem, 1888bv64) == 1bv8); @@ -112,15 +120,7 @@ procedure main(); implementation main() { var #4: bv32; - var CF: bv1; var Gamma_#4: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; diff --git a/src/test/correct/basic_sec_policy_read/gcc_pic/basic_sec_policy_read.expected b/src/test/correct/basic_sec_policy_read/gcc_pic/basic_sec_policy_read.expected index f9ba8fe64..65677e9f5 100644 --- a/src/test/correct/basic_sec_policy_read/gcc_pic/basic_sec_policy_read.expected +++ b/src/test/correct/basic_sec_policy_read/gcc_pic/basic_sec_policy_read.expected @@ -1,9 +1,17 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $x_addr: bv64; @@ -93,7 +101,7 @@ implementation {:extern} guarantee_reflexive() } procedure main(); - modifies Gamma_R0, Gamma_R31, Gamma_mem, Gamma_stack, R0, R31, mem, stack; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_VF, Gamma_ZF, Gamma_mem, Gamma_stack, NF, R0, R31, VF, ZF, mem, stack; free requires (memory_load64_le(mem, 69632bv64) == 0bv64); free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); free requires (memory_load8_le(mem, 1952bv64) == 1bv8); @@ -122,15 +130,7 @@ procedure main(); implementation main() { var #4: bv32; - var CF: bv1; var Gamma_#4: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; diff --git a/src/test/correct/cjump/clang/cjump.expected b/src/test/correct/cjump/clang/cjump.expected index 752d25473..58a2bbcf4 100644 --- a/src/test/correct/cjump/clang/cjump.expected +++ b/src/test/correct/cjump/clang/cjump.expected @@ -1,13 +1,21 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; var {:extern} Gamma_R8: bool; var {:extern} Gamma_R9: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; var {:extern} R8: bv64; var {:extern} R9: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $x_addr: bv64; @@ -82,7 +90,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_R9, Gamma_mem, Gamma_stack, R0, R31, R8, R9, mem, stack; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_R8, Gamma_R9, Gamma_VF, Gamma_ZF, Gamma_mem, Gamma_stack, NF, R0, R31, R8, R9, VF, ZF, mem, stack; requires (gamma_load32(Gamma_mem, $x_addr) == true); requires (gamma_load32(Gamma_mem, $y_addr) == false); free requires (memory_load64_le(mem, 69664bv64) == 0bv64); @@ -109,15 +117,7 @@ procedure main(); implementation main() { var #4: bv32; - var CF: bv1; var Gamma_#4: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; diff --git a/src/test/correct/cjump/clang_no_plt_no_pic/cjump.expected b/src/test/correct/cjump/clang_no_plt_no_pic/cjump.expected index 98abee50c..e27a5b57f 100644 --- a/src/test/correct/cjump/clang_no_plt_no_pic/cjump.expected +++ b/src/test/correct/cjump/clang_no_plt_no_pic/cjump.expected @@ -1,13 +1,21 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; var {:extern} Gamma_R8: bool; var {:extern} Gamma_R9: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; var {:extern} R8: bv64; var {:extern} R9: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $x_addr: bv64; @@ -82,7 +90,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_R9, Gamma_mem, Gamma_stack, R0, R31, R8, R9, mem, stack; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_R8, Gamma_R9, Gamma_VF, Gamma_ZF, Gamma_mem, Gamma_stack, NF, R0, R31, R8, R9, VF, ZF, mem, stack; requires (gamma_load32(Gamma_mem, $x_addr) == true); requires (gamma_load32(Gamma_mem, $y_addr) == false); free requires (memory_load64_le(mem, 69664bv64) == 0bv64); @@ -109,15 +117,7 @@ procedure main(); implementation main() { var #4: bv32; - var CF: bv1; var Gamma_#4: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; diff --git a/src/test/correct/cjump/clang_pic/cjump.expected b/src/test/correct/cjump/clang_pic/cjump.expected index 0ef8aeb1b..4ce7b55cf 100644 --- a/src/test/correct/cjump/clang_pic/cjump.expected +++ b/src/test/correct/cjump/clang_pic/cjump.expected @@ -1,13 +1,21 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; var {:extern} Gamma_R8: bool; var {:extern} Gamma_R9: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; var {:extern} R8: bv64; var {:extern} R9: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $x_addr: bv64; @@ -88,7 +96,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_R9, Gamma_mem, Gamma_stack, R0, R31, R8, R9, mem, stack; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_R8, Gamma_R9, Gamma_VF, Gamma_ZF, Gamma_mem, Gamma_stack, NF, R0, R31, R8, R9, VF, ZF, mem, stack; requires (gamma_load32(Gamma_mem, $x_addr) == true); requires (gamma_load32(Gamma_mem, $y_addr) == false); free requires (memory_load64_le(mem, 69664bv64) == 0bv64); @@ -119,15 +127,7 @@ procedure main(); implementation main() { var #4: bv32; - var CF: bv1; var Gamma_#4: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; @@ -150,7 +150,7 @@ implementation main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l00000359, lmain_goto_l00000356; + goto lmain_goto_l00000356, lmain_goto_l00000359; l00000359: assume {:captureState "l00000359"} true; R8, Gamma_R8 := 1bv64, true; @@ -162,7 +162,7 @@ implementation main() l0000035c: assume {:captureState "l0000035c"} true; assert Gamma_R8; - goto l0000035c_goto_l00000398, l0000035c_goto_l00000364; + goto l0000035c_goto_l00000364, l0000035c_goto_l00000398; l00000364: assume {:captureState "l00000364"} true; R9, Gamma_R9 := 65536bv64, true; diff --git a/src/test/correct/cjump/gcc/cjump.expected b/src/test/correct/cjump/gcc/cjump.expected index 6752e3f52..6bfefcb36 100644 --- a/src/test/correct/cjump/gcc/cjump.expected +++ b/src/test/correct/cjump/gcc/cjump.expected @@ -1,8 +1,16 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R1: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R1: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; const {:extern} $x_addr: bv64; axiom ($x_addr == 69652bv64); @@ -76,7 +84,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies Gamma_R0, Gamma_R1, Gamma_mem, R0, R1, mem; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R1, Gamma_VF, Gamma_ZF, Gamma_mem, NF, R0, R1, VF, ZF, mem; requires (gamma_load32(Gamma_mem, $x_addr) == true); requires (gamma_load32(Gamma_mem, $y_addr) == false); free requires (memory_load64_le(mem, 69632bv64) == 0bv64); @@ -101,15 +109,7 @@ procedure main(); implementation main() { var #4: bv32; - var CF: bv1; var Gamma_#4: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; lmain: assume {:captureState "lmain"} true; R0, Gamma_R0 := 69632bv64, true; diff --git a/src/test/correct/cjump/gcc_no_plt_no_pic/cjump.expected b/src/test/correct/cjump/gcc_no_plt_no_pic/cjump.expected index 5285c14a0..39d8430f5 100644 --- a/src/test/correct/cjump/gcc_no_plt_no_pic/cjump.expected +++ b/src/test/correct/cjump/gcc_no_plt_no_pic/cjump.expected @@ -1,8 +1,16 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R1: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R1: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; const {:extern} $x_addr: bv64; axiom ($x_addr == 69652bv64); @@ -76,7 +84,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies Gamma_R0, Gamma_R1, Gamma_mem, R0, R1, mem; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R1, Gamma_VF, Gamma_ZF, Gamma_mem, NF, R0, R1, VF, ZF, mem; requires (gamma_load32(Gamma_mem, $x_addr) == true); requires (gamma_load32(Gamma_mem, $y_addr) == false); free requires (memory_load64_le(mem, 69632bv64) == 0bv64); @@ -101,15 +109,7 @@ procedure main(); implementation main() { var #4: bv32; - var CF: bv1; var Gamma_#4: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; lmain: assume {:captureState "lmain"} true; R0, Gamma_R0 := 69632bv64, true; @@ -129,7 +129,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#4, 1bv32), 0bv32), Gamma_#4; NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l000009a3, lmain_goto_l0000097c; + goto lmain_goto_l0000097c, lmain_goto_l000009a3; l0000097c: assume {:captureState "l0000097c"} true; R0, Gamma_R0 := 69632bv64, true; diff --git a/src/test/correct/cjump/gcc_pic/cjump.expected b/src/test/correct/cjump/gcc_pic/cjump.expected index 2be57000d..ca014cdd8 100644 --- a/src/test/correct/cjump/gcc_pic/cjump.expected +++ b/src/test/correct/cjump/gcc_pic/cjump.expected @@ -1,8 +1,16 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R1: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R1: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; const {:extern} $x_addr: bv64; axiom ($x_addr == 69652bv64); @@ -82,7 +90,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies Gamma_R0, Gamma_R1, Gamma_mem, R0, R1, mem; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R1, Gamma_VF, Gamma_ZF, Gamma_mem, NF, R0, R1, VF, ZF, mem; requires (gamma_load32(Gamma_mem, $x_addr) == true); requires (gamma_load32(Gamma_mem, $y_addr) == false); free requires (memory_load64_le(mem, 69632bv64) == 0bv64); @@ -111,15 +119,7 @@ procedure main(); implementation main() { var #4: bv32; - var CF: bv1; var Gamma_#4: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; lmain: assume {:captureState "lmain"} true; R0, Gamma_R0 := 65536bv64, true; @@ -141,7 +141,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#4, 1bv32), 0bv32), Gamma_#4; NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l00000340, lmain_goto_l00000368; + goto lmain_goto_l00000368, lmain_goto_l00000340; l00000340: assume {:captureState "l00000340"} true; R0, Gamma_R0 := 65536bv64, true; diff --git a/src/test/correct/ifbranches/clang/ifbranches.expected b/src/test/correct/ifbranches/clang/ifbranches.expected index 82749e80d..082770cb7 100644 --- a/src/test/correct/ifbranches/clang/ifbranches.expected +++ b/src/test/correct/ifbranches/clang/ifbranches.expected @@ -1,13 +1,21 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R1: bool; var {:extern} Gamma_R31: bool; var {:extern} Gamma_R8: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R1: bv64; var {:extern} R31: bv64; var {:extern} R8: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; function {:extern} {:bvbuiltin "bvadd"} bvadd32(bv32, bv32) returns (bv32); @@ -82,7 +90,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_stack, R0, R31, R8, stack; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_R8, Gamma_VF, Gamma_ZF, Gamma_stack, NF, R0, R31, R8, VF, ZF, stack; requires (Gamma_R0 == true); free requires (memory_load64_le(mem, 69664bv64) == 0bv64); free requires (memory_load64_le(mem, 69672bv64) == 69672bv64); @@ -108,15 +116,7 @@ procedure main(); implementation main() { var #4: bv32; - var CF: bv1; var Gamma_#4: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551584bv64), Gamma_R31; diff --git a/src/test/correct/ifbranches/clang_O2/ifbranches.expected b/src/test/correct/ifbranches/clang_O2/ifbranches.expected index 573cc292a..a2c2372fd 100644 --- a/src/test/correct/ifbranches/clang_O2/ifbranches.expected +++ b/src/test/correct/ifbranches/clang_O2/ifbranches.expected @@ -1,8 +1,16 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R8: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R8: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; function {:extern} {:bvbuiltin "bvadd"} bvadd32(bv32, bv32) returns (bv32); function {:extern} {:bvbuiltin "bvadd"} bvadd33(bv33, bv33) returns (bv33); @@ -52,7 +60,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies Gamma_R0, Gamma_R8, R0, R8; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R8, Gamma_VF, Gamma_ZF, NF, R0, R8, VF, ZF; requires (Gamma_R0 == true); free requires (memory_load64_le(mem, 69664bv64) == 0bv64); free requires (memory_load64_le(mem, 69672bv64) == 69672bv64); @@ -76,15 +84,7 @@ procedure main(); implementation main() { var #4: bv32; - var CF: bv1; var Gamma_#4: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; lmain: assume {:captureState "lmain"} true; R8, Gamma_R8 := 2bv64, true; @@ -94,7 +94,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#4, 1bv32), 0bv32), Gamma_#4; NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l000002db, lmain_goto_l000002df; + goto lmain_goto_l000002df, lmain_goto_l000002db; l000002df: assume {:captureState "l000002df"} true; R0, Gamma_R0 := zero_extend32_32(bvadd32(R8[32:0], 1bv32)), Gamma_R8; diff --git a/src/test/correct/ifbranches/clang_no_plt_no_pic/ifbranches.expected b/src/test/correct/ifbranches/clang_no_plt_no_pic/ifbranches.expected index 896b4800a..f8d2ac958 100644 --- a/src/test/correct/ifbranches/clang_no_plt_no_pic/ifbranches.expected +++ b/src/test/correct/ifbranches/clang_no_plt_no_pic/ifbranches.expected @@ -1,13 +1,21 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R1: bool; var {:extern} Gamma_R31: bool; var {:extern} Gamma_R8: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R1: bv64; var {:extern} R31: bv64; var {:extern} R8: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; function {:extern} {:bvbuiltin "bvadd"} bvadd32(bv32, bv32) returns (bv32); @@ -82,7 +90,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_stack, R0, R31, R8, stack; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_R8, Gamma_VF, Gamma_ZF, Gamma_stack, NF, R0, R31, R8, VF, ZF, stack; requires (Gamma_R0 == true); free requires (memory_load64_le(mem, 69664bv64) == 0bv64); free requires (memory_load64_le(mem, 69672bv64) == 69672bv64); @@ -108,15 +116,7 @@ procedure main(); implementation main() { var #4: bv32; - var CF: bv1; var Gamma_#4: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551584bv64), Gamma_R31; @@ -136,7 +136,7 @@ implementation main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l000009b8, lmain_goto_l000009bb; + goto lmain_goto_l000009bb, lmain_goto_l000009b8; l000009bb: assume {:captureState "l000009bb"} true; R8, Gamma_R8 := 1bv64, true; diff --git a/src/test/correct/ifbranches/clang_pic/ifbranches.expected b/src/test/correct/ifbranches/clang_pic/ifbranches.expected index 896b4800a..19a0bd77c 100644 --- a/src/test/correct/ifbranches/clang_pic/ifbranches.expected +++ b/src/test/correct/ifbranches/clang_pic/ifbranches.expected @@ -1,13 +1,21 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R1: bool; var {:extern} Gamma_R31: bool; var {:extern} Gamma_R8: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R1: bv64; var {:extern} R31: bv64; var {:extern} R8: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; function {:extern} {:bvbuiltin "bvadd"} bvadd32(bv32, bv32) returns (bv32); @@ -82,7 +90,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_stack, R0, R31, R8, stack; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_R8, Gamma_VF, Gamma_ZF, Gamma_stack, NF, R0, R31, R8, VF, ZF, stack; requires (Gamma_R0 == true); free requires (memory_load64_le(mem, 69664bv64) == 0bv64); free requires (memory_load64_le(mem, 69672bv64) == 69672bv64); @@ -108,15 +116,7 @@ procedure main(); implementation main() { var #4: bv32; - var CF: bv1; var Gamma_#4: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551584bv64), Gamma_R31; @@ -148,7 +148,7 @@ implementation main() l000009be: assume {:captureState "l000009be"} true; assert Gamma_R8; - goto l000009be_goto_l000009c6, l000009be_goto_l00000a03; + goto l000009be_goto_l00000a03, l000009be_goto_l000009c6; l000009c6: assume {:captureState "l000009c6"} true; R8, Gamma_R8 := 2bv64, true; diff --git a/src/test/correct/ifbranches/gcc/ifbranches.expected b/src/test/correct/ifbranches/gcc/ifbranches.expected index 0c1ad49a2..6b9c78e6f 100644 --- a/src/test/correct/ifbranches/gcc/ifbranches.expected +++ b/src/test/correct/ifbranches/gcc/ifbranches.expected @@ -1,11 +1,19 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R1: bool; var {:extern} Gamma_R31: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R1: bv64; var {:extern} R31: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; function {:extern} {:bvbuiltin "bvadd"} bvadd32(bv32, bv32) returns (bv32); @@ -80,7 +88,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies Gamma_R0, Gamma_R31, Gamma_stack, R0, R31, stack; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_VF, Gamma_ZF, Gamma_stack, NF, R0, R31, VF, ZF, stack; requires (Gamma_R0 == true); free requires (memory_load64_le(mem, 69632bv64) == 0bv64); free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); @@ -106,15 +114,7 @@ procedure main(); implementation main() { var #4: bv32; - var CF: bv1; var Gamma_#4: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551584bv64), Gamma_R31; diff --git a/src/test/correct/ifbranches/gcc_O2/ifbranches.expected b/src/test/correct/ifbranches/gcc_O2/ifbranches.expected index 6a1edc35e..d0e86a0f5 100644 --- a/src/test/correct/ifbranches/gcc_O2/ifbranches.expected +++ b/src/test/correct/ifbranches/gcc_O2/ifbranches.expected @@ -1,6 +1,14 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R0: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; function {:extern} {:bvbuiltin "bvadd"} bvadd32(bv32, bv32) returns (bv32); function {:extern} {:bvbuiltin "bvadd"} bvadd33(bv33, bv33) returns (bv33); @@ -50,7 +58,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies Gamma_R0, R0; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_VF, Gamma_ZF, NF, R0, VF, ZF; requires (Gamma_R0 == true); free requires (memory_load64_le(mem, 69632bv64) == 0bv64); free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); @@ -74,15 +82,7 @@ procedure main(); implementation main() { var #1: bv32; - var CF: bv1; var Gamma_#1: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; lmain: assume {:captureState "lmain"} true; #1, Gamma_#1 := bvadd32(R0[32:0], 4294967295bv32), Gamma_R0; @@ -91,7 +91,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#1, 1bv32), 0bv32), Gamma_#1; NF, Gamma_NF := bvadd32(#1, 1bv32)[32:31], Gamma_#1; assert Gamma_ZF; - goto lmain_goto_l000001c3, lmain_goto_l000001c6; + goto lmain_goto_l000001c6, lmain_goto_l000001c3; l000001c6: assume {:captureState "l000001c6"} true; R0, Gamma_R0 := 1bv64, true; diff --git a/src/test/correct/ifbranches/gcc_no_plt_no_pic/ifbranches.expected b/src/test/correct/ifbranches/gcc_no_plt_no_pic/ifbranches.expected index a023fc70b..60408fa36 100644 --- a/src/test/correct/ifbranches/gcc_no_plt_no_pic/ifbranches.expected +++ b/src/test/correct/ifbranches/gcc_no_plt_no_pic/ifbranches.expected @@ -1,11 +1,19 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R1: bool; var {:extern} Gamma_R31: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R1: bv64; var {:extern} R31: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; function {:extern} {:bvbuiltin "bvadd"} bvadd32(bv32, bv32) returns (bv32); @@ -80,7 +88,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies Gamma_R0, Gamma_R31, Gamma_stack, R0, R31, stack; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_VF, Gamma_ZF, Gamma_stack, NF, R0, R31, VF, ZF, stack; requires (Gamma_R0 == true); free requires (memory_load64_le(mem, 69632bv64) == 0bv64); free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); @@ -106,15 +114,7 @@ procedure main(); implementation main() { var #4: bv32; - var CF: bv1; var Gamma_#4: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551584bv64), Gamma_R31; @@ -131,7 +131,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#4, 1bv32), 0bv32), Gamma_#4; NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l00000963, lmain_goto_l0000099c; + goto lmain_goto_l0000099c, lmain_goto_l00000963; l00000963: assume {:captureState "l00000963"} true; R0, Gamma_R0 := 2bv64, true; diff --git a/src/test/correct/ifbranches/gcc_pic/ifbranches.expected b/src/test/correct/ifbranches/gcc_pic/ifbranches.expected index a023fc70b..60408fa36 100644 --- a/src/test/correct/ifbranches/gcc_pic/ifbranches.expected +++ b/src/test/correct/ifbranches/gcc_pic/ifbranches.expected @@ -1,11 +1,19 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R1: bool; var {:extern} Gamma_R31: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R1: bv64; var {:extern} R31: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; function {:extern} {:bvbuiltin "bvadd"} bvadd32(bv32, bv32) returns (bv32); @@ -80,7 +88,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies Gamma_R0, Gamma_R31, Gamma_stack, R0, R31, stack; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_VF, Gamma_ZF, Gamma_stack, NF, R0, R31, VF, ZF, stack; requires (Gamma_R0 == true); free requires (memory_load64_le(mem, 69632bv64) == 0bv64); free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); @@ -106,15 +114,7 @@ procedure main(); implementation main() { var #4: bv32; - var CF: bv1; var Gamma_#4: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551584bv64), Gamma_R31; @@ -131,7 +131,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#4, 1bv32), 0bv32), Gamma_#4; NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l00000963, lmain_goto_l0000099c; + goto lmain_goto_l0000099c, lmain_goto_l00000963; l00000963: assume {:captureState "l00000963"} true; R0, Gamma_R0 := 2bv64, true; diff --git a/src/test/correct/ifglobal/clang/ifglobal.expected b/src/test/correct/ifglobal/clang/ifglobal.expected index 4f9a5c230..cfec982b5 100644 --- a/src/test/correct/ifglobal/clang/ifglobal.expected +++ b/src/test/correct/ifglobal/clang/ifglobal.expected @@ -1,13 +1,21 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; var {:extern} Gamma_R8: bool; var {:extern} Gamma_R9: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; var {:extern} R8: bv64; var {:extern} R9: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $x_addr: bv64; @@ -80,7 +88,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_R9, Gamma_mem, Gamma_stack, R0, R31, R8, R9, mem, stack; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_R8, Gamma_R9, Gamma_VF, Gamma_ZF, Gamma_mem, Gamma_stack, NF, R0, R31, R8, R9, VF, ZF, mem, stack; free requires (memory_load64_le(mem, 69664bv64) == 0bv64); free requires (memory_load64_le(mem, 69672bv64) == 69672bv64); free requires (memory_load8_le(mem, 1892bv64) == 1bv8); @@ -105,15 +113,7 @@ procedure main(); implementation main() { var #4: bv32; - var CF: bv1; var Gamma_#4: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; @@ -129,7 +129,7 @@ implementation main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l0000031e, lmain_goto_l00000321; + goto lmain_goto_l00000321, lmain_goto_l0000031e; l00000321: assume {:captureState "l00000321"} true; R8, Gamma_R8 := 1bv64, true; @@ -141,7 +141,7 @@ implementation main() l00000324: assume {:captureState "l00000324"} true; assert Gamma_R8; - goto l00000324_goto_l0000032c, l00000324_goto_l00000343; + goto l00000324_goto_l00000343, l00000324_goto_l0000032c; l00000343: assume {:captureState "l00000343"} true; goto l00000344; diff --git a/src/test/correct/ifglobal/clang_O2/ifglobal.expected b/src/test/correct/ifglobal/clang_O2/ifglobal.expected index 782eeaf4d..b7b4a0378 100644 --- a/src/test/correct/ifglobal/clang_O2/ifglobal.expected +++ b/src/test/correct/ifglobal/clang_O2/ifglobal.expected @@ -97,7 +97,7 @@ implementation main() call rely(); R9, Gamma_R9 := zero_extend32_32(memory_load32_le(mem, bvadd64(R8, 52bv64))), (gamma_load32(Gamma_mem, bvadd64(R8, 52bv64)) || L(mem, bvadd64(R8, 52bv64))); assert Gamma_R9; - goto lmain_goto_l000002dc, lmain_goto_l000002f8; + goto lmain_goto_l000002f8, lmain_goto_l000002dc; l000002dc: assume {:captureState "l000002dc"} true; R9, Gamma_R9 := 1bv64, true; diff --git a/src/test/correct/ifglobal/clang_no_plt_no_pic/ifglobal.expected b/src/test/correct/ifglobal/clang_no_plt_no_pic/ifglobal.expected index a2cf3c86a..d341f79eb 100644 --- a/src/test/correct/ifglobal/clang_no_plt_no_pic/ifglobal.expected +++ b/src/test/correct/ifglobal/clang_no_plt_no_pic/ifglobal.expected @@ -1,13 +1,21 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; var {:extern} Gamma_R8: bool; var {:extern} Gamma_R9: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; var {:extern} R8: bv64; var {:extern} R9: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $x_addr: bv64; @@ -80,7 +88,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_R9, Gamma_mem, Gamma_stack, R0, R31, R8, R9, mem, stack; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_R8, Gamma_R9, Gamma_VF, Gamma_ZF, Gamma_mem, Gamma_stack, NF, R0, R31, R8, R9, VF, ZF, mem, stack; free requires (memory_load64_le(mem, 69664bv64) == 0bv64); free requires (memory_load64_le(mem, 69672bv64) == 69672bv64); free requires (memory_load8_le(mem, 1892bv64) == 1bv8); @@ -105,15 +113,7 @@ procedure main(); implementation main() { var #4: bv32; - var CF: bv1; var Gamma_#4: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; @@ -141,7 +141,7 @@ implementation main() l00000933: assume {:captureState "l00000933"} true; assert Gamma_R8; - goto l00000933_goto_l0000093b, l00000933_goto_l00000952; + goto l00000933_goto_l00000952, l00000933_goto_l0000093b; l00000952: assume {:captureState "l00000952"} true; goto l00000953; diff --git a/src/test/correct/ifglobal/clang_pic/ifglobal.expected b/src/test/correct/ifglobal/clang_pic/ifglobal.expected index c9631ddb9..36cf75b18 100644 --- a/src/test/correct/ifglobal/clang_pic/ifglobal.expected +++ b/src/test/correct/ifglobal/clang_pic/ifglobal.expected @@ -1,13 +1,21 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; var {:extern} Gamma_R8: bool; var {:extern} Gamma_R9: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; var {:extern} R8: bv64; var {:extern} R9: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $x_addr: bv64; @@ -85,7 +93,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_R9, Gamma_mem, Gamma_stack, R0, R31, R8, R9, mem, stack; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_R8, Gamma_R9, Gamma_VF, Gamma_ZF, Gamma_mem, Gamma_stack, NF, R0, R31, R8, R9, VF, ZF, mem, stack; free requires (memory_load64_le(mem, 69664bv64) == 0bv64); free requires (memory_load64_le(mem, 69672bv64) == 69672bv64); free requires (memory_load8_le(mem, 1964bv64) == 1bv8); @@ -112,15 +120,7 @@ procedure main(); implementation main() { var #4: bv32; - var CF: bv1; var Gamma_#4: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; diff --git a/src/test/correct/ifglobal/gcc/ifglobal.expected b/src/test/correct/ifglobal/gcc/ifglobal.expected index cc675c447..fb46e3457 100644 --- a/src/test/correct/ifglobal/gcc/ifglobal.expected +++ b/src/test/correct/ifglobal/gcc/ifglobal.expected @@ -1,8 +1,16 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R1: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R1: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; const {:extern} $x_addr: bv64; axiom ($x_addr == 69652bv64); @@ -74,7 +82,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies Gamma_R0, Gamma_R1, Gamma_mem, R0, R1, mem; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R1, Gamma_VF, Gamma_ZF, Gamma_mem, NF, R0, R1, VF, ZF, mem; free requires (memory_load64_le(mem, 69632bv64) == 0bv64); free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); free requires (memory_load8_le(mem, 1876bv64) == 1bv8); @@ -97,15 +105,7 @@ procedure main(); implementation main() { var #4: bv32; - var CF: bv1; var Gamma_#4: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; lmain: assume {:captureState "lmain"} true; R0, Gamma_R0 := 69632bv64, true; diff --git a/src/test/correct/ifglobal/gcc_no_plt_no_pic/ifglobal.expected b/src/test/correct/ifglobal/gcc_no_plt_no_pic/ifglobal.expected index 6d2e955fa..982e4d0c0 100644 --- a/src/test/correct/ifglobal/gcc_no_plt_no_pic/ifglobal.expected +++ b/src/test/correct/ifglobal/gcc_no_plt_no_pic/ifglobal.expected @@ -1,8 +1,16 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R1: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R1: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; const {:extern} $x_addr: bv64; axiom ($x_addr == 69652bv64); @@ -74,7 +82,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies Gamma_R0, Gamma_R1, Gamma_mem, R0, R1, mem; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R1, Gamma_VF, Gamma_ZF, Gamma_mem, NF, R0, R1, VF, ZF, mem; free requires (memory_load64_le(mem, 69632bv64) == 0bv64); free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); free requires (memory_load8_le(mem, 1876bv64) == 1bv8); @@ -97,15 +105,7 @@ procedure main(); implementation main() { var #4: bv32; - var CF: bv1; var Gamma_#4: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; lmain: assume {:captureState "lmain"} true; R0, Gamma_R0 := 69632bv64, true; @@ -118,7 +118,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#4, 1bv32), 0bv32), Gamma_#4; NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l000008e5, lmain_goto_l000008d6; + goto lmain_goto_l000008d6, lmain_goto_l000008e5; l000008e5: assume {:captureState "l000008e5"} true; R0, Gamma_R0 := 69632bv64, true; diff --git a/src/test/correct/ifglobal/gcc_pic/ifglobal.expected b/src/test/correct/ifglobal/gcc_pic/ifglobal.expected index e29207861..02246ecb1 100644 --- a/src/test/correct/ifglobal/gcc_pic/ifglobal.expected +++ b/src/test/correct/ifglobal/gcc_pic/ifglobal.expected @@ -1,8 +1,16 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R1: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R1: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; const {:extern} $x_addr: bv64; axiom ($x_addr == 69652bv64); @@ -79,7 +87,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies Gamma_R0, Gamma_R1, Gamma_mem, R0, R1, mem; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R1, Gamma_VF, Gamma_ZF, Gamma_mem, NF, R0, R1, VF, ZF, mem; free requires (memory_load64_le(mem, 69632bv64) == 0bv64); free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); free requires (memory_load8_le(mem, 1940bv64) == 1bv8); @@ -104,15 +112,7 @@ procedure main(); implementation main() { var #4: bv32; - var CF: bv1; var Gamma_#4: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; lmain: assume {:captureState "lmain"} true; R0, Gamma_R0 := 65536bv64, true; diff --git a/src/test/correct/initialisation/clang/initialisation.expected b/src/test/correct/initialisation/clang/initialisation.expected index ecea71deb..20338557a 100644 --- a/src/test/correct/initialisation/clang/initialisation.expected +++ b/src/test/correct/initialisation/clang/initialisation.expected @@ -1,14 +1,22 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R10: bool; var {:extern} Gamma_R11: bool; var {:extern} Gamma_R8: bool; var {:extern} Gamma_R9: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R10: bv64; var {:extern} R11: bv64; var {:extern} R8: bv64; var {:extern} R9: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; const {:extern} $a_addr: bv64; axiom ($a_addr == 69696bv64); @@ -110,7 +118,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies Gamma_R0, Gamma_R10, Gamma_R11, Gamma_R8, Gamma_R9, Gamma_mem, R0, R10, R11, R8, R9, mem; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R10, Gamma_R11, Gamma_R8, Gamma_R9, Gamma_VF, Gamma_ZF, Gamma_mem, NF, R0, R10, R11, R8, R9, VF, ZF, mem; free requires (memory_load64_le(mem, 69664bv64) == 0bv64); free requires (memory_load64_le(mem, 69672bv64) == 69672bv64); free requires (memory_load64_le(mem, 69680bv64) == 416611827717bv64); @@ -139,15 +147,7 @@ procedure main(); implementation main() { var #4: bv64; - var CF: bv1; var Gamma_#4: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; lmain: assume {:captureState "lmain"} true; R8, Gamma_R8 := 69632bv64, true; diff --git a/src/test/correct/initialisation/clang_no_plt_no_pic/initialisation.expected b/src/test/correct/initialisation/clang_no_plt_no_pic/initialisation.expected index c1ab572b1..1f055c32f 100644 --- a/src/test/correct/initialisation/clang_no_plt_no_pic/initialisation.expected +++ b/src/test/correct/initialisation/clang_no_plt_no_pic/initialisation.expected @@ -1,14 +1,22 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R10: bool; var {:extern} Gamma_R11: bool; var {:extern} Gamma_R8: bool; var {:extern} Gamma_R9: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R10: bv64; var {:extern} R11: bv64; var {:extern} R8: bv64; var {:extern} R9: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; const {:extern} $a_addr: bv64; axiom ($a_addr == 69696bv64); @@ -110,7 +118,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies Gamma_R0, Gamma_R10, Gamma_R11, Gamma_R8, Gamma_R9, Gamma_mem, R0, R10, R11, R8, R9, mem; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R10, Gamma_R11, Gamma_R8, Gamma_R9, Gamma_VF, Gamma_ZF, Gamma_mem, NF, R0, R10, R11, R8, R9, VF, ZF, mem; free requires (memory_load64_le(mem, 69664bv64) == 0bv64); free requires (memory_load64_le(mem, 69672bv64) == 69672bv64); free requires (memory_load64_le(mem, 69680bv64) == 416611827717bv64); @@ -139,15 +147,7 @@ procedure main(); implementation main() { var #4: bv64; - var CF: bv1; var Gamma_#4: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; lmain: assume {:captureState "lmain"} true; R8, Gamma_R8 := 69632bv64, true; diff --git a/src/test/correct/initialisation/clang_pic/initialisation.expected b/src/test/correct/initialisation/clang_pic/initialisation.expected index 2e1916a59..42b134963 100644 --- a/src/test/correct/initialisation/clang_pic/initialisation.expected +++ b/src/test/correct/initialisation/clang_pic/initialisation.expected @@ -1,12 +1,20 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R10: bool; var {:extern} Gamma_R8: bool; var {:extern} Gamma_R9: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R10: bv64; var {:extern} R8: bv64; var {:extern} R9: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; const {:extern} $a_addr: bv64; axiom ($a_addr == 69696bv64); @@ -112,7 +120,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies Gamma_R0, Gamma_R10, Gamma_R8, Gamma_R9, Gamma_mem, R0, R10, R8, R9, mem; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R10, Gamma_R8, Gamma_R9, Gamma_VF, Gamma_ZF, Gamma_mem, NF, R0, R10, R8, R9, VF, ZF, mem; free requires (memory_load64_le(mem, 69664bv64) == 0bv64); free requires (memory_load64_le(mem, 69672bv64) == 69672bv64); free requires (memory_load64_le(mem, 69680bv64) == 416611827717bv64); @@ -149,15 +157,7 @@ procedure main(); implementation main() { var #4: bv64; - var CF: bv1; var Gamma_#4: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; lmain: assume {:captureState "lmain"} true; R9, Gamma_R9 := 65536bv64, true; diff --git a/src/test/correct/jumptable3/gcc/jumptable3.expected b/src/test/correct/jumptable3/gcc/jumptable3.expected index f8daceebb..2362de10d 100644 --- a/src/test/correct/jumptable3/gcc/jumptable3.expected +++ b/src/test/correct/jumptable3/gcc/jumptable3.expected @@ -1,15 +1,23 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R1: bool; var {:extern} Gamma_R29: bool; var {:extern} Gamma_R30: bool; var {:extern} Gamma_R31: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R1: bv64; var {:extern} R29: bv64; var {:extern} R30: bv64; var {:extern} R31: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; function {:extern} L(memory: [bv64]bv8, index: bv64) returns (bool) { @@ -173,7 +181,7 @@ implementation add_two() } procedure main(); - modifies Gamma_R0, Gamma_R1, Gamma_R29, Gamma_R30, Gamma_R31, Gamma_mem, Gamma_stack, R0, R1, R29, R30, R31, mem, stack; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R1, Gamma_R29, Gamma_R30, Gamma_R31, Gamma_VF, Gamma_ZF, Gamma_mem, Gamma_stack, NF, R0, R1, R29, R30, R31, VF, ZF, mem, stack; requires (Gamma_R0 == true); free requires (memory_load8_le(mem, 69632bv64) == 0bv8); free requires (memory_load8_le(mem, 69633bv64) == 0bv8); @@ -241,7 +249,6 @@ implementation main() var #7: bv32; var #8: bv32; var #9: bv32; - var CF: bv1; var Gamma_#10: bool; var Gamma_#11: bool; var Gamma_#12: bool; @@ -265,13 +272,6 @@ implementation main() var Gamma_#7: bool; var Gamma_#8: bool; var Gamma_#9: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; lmain: assume {:captureState "lmain"} true; #4, Gamma_#4 := bvadd64(R31, 18446744073709551584bv64), Gamma_R31; @@ -360,7 +360,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#9, 1bv32), 0bv32), Gamma_#9; NF, Gamma_NF := bvadd32(#9, 1bv32)[32:31], Gamma_#9; assert Gamma_ZF; - goto l0000066b_goto_l000006a3, l0000066b_goto_l0000068c; + goto l0000066b_goto_l0000068c, l0000066b_goto_l000006a3; l0000068c: assume {:captureState "l0000068c"} true; R30, Gamma_R30 := 2276bv64, true; @@ -393,7 +393,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#11, 1bv32), 0bv32), Gamma_#11; NF, Gamma_NF := bvadd32(#11, 1bv32)[32:31], Gamma_#11; assert Gamma_ZF; - goto l000006cb_goto_l00000703, l000006cb_goto_l000006ec; + goto l000006cb_goto_l000006ec, l000006cb_goto_l00000703; l00000703: assume {:captureState "l00000703"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -423,7 +423,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#14, 1bv32), 0bv32), Gamma_#14; NF, Gamma_NF := bvadd32(#14, 1bv32)[32:31], Gamma_#14; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l00000758_goto_l000005d7, l00000758_goto_l00000780; + goto l00000758_goto_l00000780, l00000758_goto_l000005d7; l00000780: assume {:captureState "l00000780"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -453,7 +453,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#17, 1bv32), 0bv32), Gamma_#17; NF, Gamma_NF := bvadd32(#17, 1bv32)[32:31], Gamma_#17; assert Gamma_ZF; - goto l000007d5_goto_l00000809, l000007d5_goto_l000007f6; + goto l000007d5_goto_l000007f6, l000007d5_goto_l00000809; l000007f6: assume {:captureState "l000007f6"} true; R30, Gamma_R30 := 2248bv64, true; @@ -496,7 +496,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#18, 1bv32), 0bv32), Gamma_#18; NF, Gamma_NF := bvadd32(#18, 1bv32)[32:31], Gamma_#18; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l00000809_goto_l00000831, l00000809_goto_l000005d7; + goto l00000809_goto_l000005d7, l00000809_goto_l00000831; l00000831: assume {:captureState "l00000831"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -524,7 +524,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#20, 1bv32), 0bv32), Gamma_#20; NF, Gamma_NF := bvadd32(#20, 1bv32)[32:31], Gamma_#20; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l00000862_goto_l000005d7, l00000862_goto_l0000088a; + goto l00000862_goto_l0000088a, l00000862_goto_l000005d7; l0000088a: assume {:captureState "l0000088a"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -534,7 +534,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#21, 1bv32), 0bv32), Gamma_#21; NF, Gamma_NF := bvadd32(#21, 1bv32)[32:31], Gamma_#21; assert Gamma_ZF; - goto l0000088a_goto_l000008ab, l0000088a_goto_l000008c2; + goto l0000088a_goto_l000008c2, l0000088a_goto_l000008ab; l000008ab: assume {:captureState "l000008ab"} true; R30, Gamma_R30 := 2228bv64, true; @@ -557,7 +557,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#22, 1bv32), 0bv32), Gamma_#22; NF, Gamma_NF := bvadd32(#22, 1bv32)[32:31], Gamma_#22; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l000008c2_goto_l000008ea, l000008c2_goto_l000005d7; + goto l000008c2_goto_l000005d7, l000008c2_goto_l000008ea; l000008ea: assume {:captureState "l000008ea"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -577,7 +577,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#24, 1bv32), 0bv32), Gamma_#24; NF, Gamma_NF := bvadd32(#24, 1bv32)[32:31], Gamma_#24; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l0000091b_goto_l00000943, l0000091b_goto_l000005d7; + goto l0000091b_goto_l000005d7, l0000091b_goto_l00000943; l00000943: assume {:captureState "l00000943"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -605,7 +605,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#26, 1bv32), 0bv32), Gamma_#26; NF, Gamma_NF := bvadd32(#26, 1bv32)[32:31], Gamma_#26; assert Gamma_ZF; - goto l0000097b_goto_l000009a1, l0000097b_goto_l00000974; + goto l0000097b_goto_l00000974, l0000097b_goto_l000009a1; l00000974: assume {:captureState "l00000974"} true; R30, Gamma_R30 := 2216bv64, true; diff --git a/src/test/correct/jumptable3/gcc_O2/jumptable3.expected b/src/test/correct/jumptable3/gcc_O2/jumptable3.expected index bb7c003c0..66c4e54fe 100644 --- a/src/test/correct/jumptable3/gcc_O2/jumptable3.expected +++ b/src/test/correct/jumptable3/gcc_O2/jumptable3.expected @@ -1,8 +1,16 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R1: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R1: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; function {:extern} L(memory: [bv64]bv8, index: bv64) returns (bool) { false @@ -73,7 +81,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies Gamma_R0, Gamma_R1, Gamma_mem, R0, R1, mem; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R1, Gamma_VF, Gamma_ZF, Gamma_mem, NF, R0, R1, VF, ZF, mem; requires (Gamma_R0 == true); free requires (memory_load8_le(mem, 69632bv64) == 0bv8); free requires (memory_load8_le(mem, 69633bv64) == 0bv8); @@ -124,7 +132,6 @@ implementation main() var #7: bv32; var #8: bv32; var #9: bv32; - var CF: bv1; var Gamma_#1: bool; var Gamma_#10: bool; var Gamma_#11: bool; @@ -135,13 +142,6 @@ implementation main() var Gamma_#7: bool; var Gamma_#8: bool; var Gamma_#9: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; lmain: assume {:captureState "lmain"} true; R1, Gamma_R1 := 69632bv64, true; @@ -165,7 +165,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#8, 1bv32), 0bv32), Gamma_#8; NF, Gamma_NF := bvadd32(#8, 1bv32)[32:31], Gamma_#8; assert Gamma_ZF; - goto l000006e8_goto_l000005f9, l000006e8_goto_l0000070c; + goto l000006e8_goto_l0000070c, l000006e8_goto_l000005f9; l000005f9: assume {:captureState "l000005f9"} true; call rely(); @@ -197,7 +197,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#7, 1bv32), 0bv32), Gamma_#7; NF, Gamma_NF := bvadd32(#7, 1bv32)[32:31], Gamma_#7; assert Gamma_ZF; - goto l00000663_goto_l00000347, l00000663_goto_l0000036b; + goto l00000663_goto_l0000036b, l00000663_goto_l00000347; l00000715: assume {:captureState "l00000715"} true; #9, Gamma_#9 := bvadd32(R0[32:0], 4294967285bv32), Gamma_R0; @@ -206,7 +206,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#9, 1bv32), 0bv32), Gamma_#9; NF, Gamma_NF := bvadd32(#9, 1bv32)[32:31], Gamma_#9; assert Gamma_ZF; - goto l00000715_goto_l00000612, l00000715_goto_l00000734; + goto l00000715_goto_l00000734, l00000715_goto_l00000612; l00000612: assume {:captureState "l00000612"} true; call rely(); @@ -349,11 +349,11 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#13, 1bv32), 0bv32), Gamma_#13; NF, Gamma_NF := bvadd32(#13, 1bv32)[32:31], Gamma_#13; assert Gamma_ZF; - goto l000007a8_goto_l000006d0, l000007a8_goto_l00000368; + goto l000007a8_goto_l00000368, l000007a8_goto_l000006d0; l00000368: assume {:captureState "l00000368"} true; assert Gamma_R0; - goto l00000368_goto_l000005a3, l00000368_goto_l0000036b; + goto l00000368_goto_l0000036b, l00000368_goto_l000005a3; l0000036b: assume {:captureState "l0000036b"} true; R0, Gamma_R0 := 1bv64, true; diff --git a/src/test/correct/jumptable3/gcc_no_plt_no_pic/jumptable3.expected b/src/test/correct/jumptable3/gcc_no_plt_no_pic/jumptable3.expected index 430488687..26466ca0e 100644 --- a/src/test/correct/jumptable3/gcc_no_plt_no_pic/jumptable3.expected +++ b/src/test/correct/jumptable3/gcc_no_plt_no_pic/jumptable3.expected @@ -1,15 +1,23 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R1: bool; var {:extern} Gamma_R29: bool; var {:extern} Gamma_R30: bool; var {:extern} Gamma_R31: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R1: bv64; var {:extern} R29: bv64; var {:extern} R30: bv64; var {:extern} R31: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; function {:extern} L(memory: [bv64]bv8, index: bv64) returns (bool) { @@ -173,7 +181,7 @@ implementation add_two() } procedure main(); - modifies Gamma_R0, Gamma_R1, Gamma_R29, Gamma_R30, Gamma_R31, Gamma_mem, Gamma_stack, R0, R1, R29, R30, R31, mem, stack; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R1, Gamma_R29, Gamma_R30, Gamma_R31, Gamma_VF, Gamma_ZF, Gamma_mem, Gamma_stack, NF, R0, R1, R29, R30, R31, VF, ZF, mem, stack; requires (Gamma_R0 == true); free requires (memory_load8_le(mem, 69632bv64) == 0bv8); free requires (memory_load8_le(mem, 69633bv64) == 0bv8); @@ -241,7 +249,6 @@ implementation main() var #7: bv32; var #8: bv32; var #9: bv32; - var CF: bv1; var Gamma_#10: bool; var Gamma_#11: bool; var Gamma_#12: bool; @@ -265,13 +272,6 @@ implementation main() var Gamma_#7: bool; var Gamma_#8: bool; var Gamma_#9: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; lmain: assume {:captureState "lmain"} true; #4, Gamma_#4 := bvadd64(R31, 18446744073709551584bv64), Gamma_R31; @@ -302,7 +302,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#6, 1bv32), 0bv32), Gamma_#6; NF, Gamma_NF := bvadd32(#6, 1bv32)[32:31], Gamma_#6; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l0000133b_goto_l00001363, l0000133b_goto_l00001332; + goto l0000133b_goto_l00001332, l0000133b_goto_l00001363; l00001363: assume {:captureState "l00001363"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -312,7 +312,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#7, 1bv32), 0bv32), Gamma_#7; NF, Gamma_NF := bvadd32(#7, 1bv32)[32:31], Gamma_#7; assert Gamma_ZF; - goto l00001363_goto_l0000139e, l00001363_goto_l00001384; + goto l00001363_goto_l00001384, l00001363_goto_l0000139e; l00001384: assume {:captureState "l00001384"} true; R30, Gamma_R30 := 2288bv64, true; @@ -413,7 +413,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#13, 1bv32), 0bv32), Gamma_#13; NF, Gamma_NF := bvadd32(#13, 1bv32)[32:31], Gamma_#13; assert Gamma_ZF; - goto l00001486_goto_l000014a7, l00001486_goto_l000014b3; + goto l00001486_goto_l000014b3, l00001486_goto_l000014a7; l000014b3: assume {:captureState "l000014b3"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -423,7 +423,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#14, 1bv32), 0bv32), Gamma_#14; NF, Gamma_NF := bvadd32(#14, 1bv32)[32:31], Gamma_#14; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l000014b3_goto_l00001332, l000014b3_goto_l000014db; + goto l000014b3_goto_l000014db, l000014b3_goto_l00001332; l000014db: assume {:captureState "l000014db"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -433,7 +433,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#15, 1bv32), 0bv32), Gamma_#15; NF, Gamma_NF := bvadd32(#15, 1bv32)[32:31], Gamma_#15; assert Gamma_ZF; - goto l000014db_goto_l00001508, l000014db_goto_l000014fc; + goto l000014db_goto_l000014fc, l000014db_goto_l00001508; l00001508: assume {:captureState "l00001508"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -443,7 +443,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#16, 1bv32), 0bv32), Gamma_#16; NF, Gamma_NF := bvadd32(#16, 1bv32)[32:31], Gamma_#16; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l00001508_goto_l00001332, l00001508_goto_l00001530; + goto l00001508_goto_l00001530, l00001508_goto_l00001332; l00001530: assume {:captureState "l00001530"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -496,7 +496,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#18, 1bv32), 0bv32), Gamma_#18; NF, Gamma_NF := bvadd32(#18, 1bv32)[32:31], Gamma_#18; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l00001564_goto_l0000158c, l00001564_goto_l00001332; + goto l00001564_goto_l00001332, l00001564_goto_l0000158c; l0000158c: assume {:captureState "l0000158c"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -557,7 +557,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#22, 1bv32), 0bv32), Gamma_#22; NF, Gamma_NF := bvadd32(#22, 1bv32)[32:31], Gamma_#22; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l0000161d_goto_l00001332, l0000161d_goto_l00001645; + goto l0000161d_goto_l00001645, l0000161d_goto_l00001332; l00001645: assume {:captureState "l00001645"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -587,7 +587,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#25, 1bv32), 0bv32), Gamma_#25; NF, Gamma_NF := bvadd32(#25, 1bv32)[32:31], Gamma_#25; assert Gamma_ZF; - goto l0000169e_goto_l000016bf, l0000169e_goto_l000016d6; + goto l0000169e_goto_l000016d6, l0000169e_goto_l000016bf; l000016bf: assume {:captureState "l000016bf"} true; R30, Gamma_R30 := 2208bv64, true; @@ -605,7 +605,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#26, 1bv32), 0bv32), Gamma_#26; NF, Gamma_NF := bvadd32(#26, 1bv32)[32:31], Gamma_#26; assert Gamma_ZF; - goto l000016d6_goto_l000016cf, l000016d6_goto_l000016fc; + goto l000016d6_goto_l000016fc, l000016d6_goto_l000016cf; l000016cf: assume {:captureState "l000016cf"} true; R30, Gamma_R30 := 2216bv64, true; diff --git a/src/test/correct/jumptable3/gcc_pic/jumptable3.expected b/src/test/correct/jumptable3/gcc_pic/jumptable3.expected index 95c915903..90bc6b903 100644 --- a/src/test/correct/jumptable3/gcc_pic/jumptable3.expected +++ b/src/test/correct/jumptable3/gcc_pic/jumptable3.expected @@ -1,15 +1,23 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R1: bool; var {:extern} Gamma_R29: bool; var {:extern} Gamma_R30: bool; var {:extern} Gamma_R31: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R1: bv64; var {:extern} R29: bv64; var {:extern} R30: bv64; var {:extern} R31: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; function {:extern} L(memory: [bv64]bv8, index: bv64) returns (bool) { @@ -182,7 +190,7 @@ implementation add_two() } procedure main(); - modifies Gamma_R0, Gamma_R1, Gamma_R29, Gamma_R30, Gamma_R31, Gamma_mem, Gamma_stack, R0, R1, R29, R30, R31, mem, stack; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R1, Gamma_R29, Gamma_R30, Gamma_R31, Gamma_VF, Gamma_ZF, Gamma_mem, Gamma_stack, NF, R0, R1, R29, R30, R31, VF, ZF, mem, stack; requires (Gamma_R0 == true); free requires (memory_load8_le(mem, 69632bv64) == 0bv8); free requires (memory_load8_le(mem, 69633bv64) == 0bv8); @@ -252,7 +260,6 @@ implementation main() var #7: bv32; var #8: bv32; var #9: bv32; - var CF: bv1; var Gamma_#10: bool; var Gamma_#11: bool; var Gamma_#12: bool; @@ -276,13 +283,6 @@ implementation main() var Gamma_#7: bool; var Gamma_#8: bool; var Gamma_#9: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; lmain: assume {:captureState "lmain"} true; #4, Gamma_#4 := bvadd64(R31, 18446744073709551584bv64), Gamma_R31; @@ -361,7 +361,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#8, 1bv32), 0bv32), Gamma_#8; NF, Gamma_NF := bvadd32(#8, 1bv32)[32:31], Gamma_#8; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l0000064a_goto_l000005de, l0000064a_goto_l00000672; + goto l0000064a_goto_l00000672, l0000064a_goto_l000005de; l00000672: assume {:captureState "l00000672"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -371,7 +371,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#9, 1bv32), 0bv32), Gamma_#9; NF, Gamma_NF := bvadd32(#9, 1bv32)[32:31], Gamma_#9; assert Gamma_ZF; - goto l00000672_goto_l00000693, l00000672_goto_l000006aa; + goto l00000672_goto_l000006aa, l00000672_goto_l00000693; l00000693: assume {:captureState "l00000693"} true; R30, Gamma_R30 := 2340bv64, true; @@ -394,7 +394,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#10, 1bv32), 0bv32), Gamma_#10; NF, Gamma_NF := bvadd32(#10, 1bv32)[32:31], Gamma_#10; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l000006aa_goto_l000006d2, l000006aa_goto_l000005de; + goto l000006aa_goto_l000005de, l000006aa_goto_l000006d2; l000006d2: assume {:captureState "l000006d2"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -414,7 +414,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#12, 1bv32), 0bv32), Gamma_#12; NF, Gamma_NF := bvadd32(#12, 1bv32)[32:31], Gamma_#12; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l0000070a_goto_l000005de, l0000070a_goto_l00000732; + goto l0000070a_goto_l00000732, l0000070a_goto_l000005de; l00000732: assume {:captureState "l00000732"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -424,7 +424,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#13, 1bv32), 0bv32), Gamma_#13; NF, Gamma_NF := bvadd32(#13, 1bv32)[32:31], Gamma_#13; assert Gamma_ZF; - goto l00000732_goto_l0000075f, l00000732_goto_l00000753; + goto l00000732_goto_l00000753, l00000732_goto_l0000075f; l0000075f: assume {:captureState "l0000075f"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -464,7 +464,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#17, 1bv32), 0bv32), Gamma_#17; NF, Gamma_NF := bvadd32(#17, 1bv32)[32:31], Gamma_#17; assert Gamma_ZF; - goto l000007dc_goto_l000007fd, l000007dc_goto_l00000810; + goto l000007dc_goto_l00000810, l000007dc_goto_l000007fd; l000007fd: assume {:captureState "l000007fd"} true; R30, Gamma_R30 := 2312bv64, true; @@ -507,7 +507,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#18, 1bv32), 0bv32), Gamma_#18; NF, Gamma_NF := bvadd32(#18, 1bv32)[32:31], Gamma_#18; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l00000810_goto_l000005de, l00000810_goto_l00000838; + goto l00000810_goto_l00000838, l00000810_goto_l000005de; l00000838: assume {:captureState "l00000838"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -517,7 +517,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#19, 1bv32), 0bv32), Gamma_#19; NF, Gamma_NF := bvadd32(#19, 1bv32)[32:31], Gamma_#19; assert Gamma_ZF; - goto l00000838_goto_l00000869, l00000838_goto_l00000859; + goto l00000838_goto_l00000859, l00000838_goto_l00000869; l00000859: assume {:captureState "l00000859"} true; R30, Gamma_R30 := 2304bv64, true; @@ -568,7 +568,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#22, 1bv32), 0bv32), Gamma_#22; NF, Gamma_NF := bvadd32(#22, 1bv32)[32:31], Gamma_#22; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l000008c9_goto_l000008f1, l000008c9_goto_l000005de; + goto l000008c9_goto_l000005de, l000008c9_goto_l000008f1; l000008f1: assume {:captureState "l000008f1"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -578,7 +578,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#23, 1bv32), 0bv32), Gamma_#23; NF, Gamma_NF := bvadd32(#23, 1bv32)[32:31], Gamma_#23; assert Gamma_ZF; - goto l000008f1_goto_l00000912, l000008f1_goto_l00000922; + goto l000008f1_goto_l00000922, l000008f1_goto_l00000912; l00000922: assume {:captureState "l00000922"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -588,7 +588,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#24, 1bv32), 0bv32), Gamma_#24; NF, Gamma_NF := bvadd32(#24, 1bv32)[32:31], Gamma_#24; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l00000922_goto_l0000094a, l00000922_goto_l000005de; + goto l00000922_goto_l000005de, l00000922_goto_l0000094a; l0000094a: assume {:captureState "l0000094a"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); diff --git a/src/test/correct/malloc_memcpy_strlen_memset_free/gcc_O2/malloc_memcpy_strlen_memset_free.expected b/src/test/correct/malloc_memcpy_strlen_memset_free/gcc_O2/malloc_memcpy_strlen_memset_free.expected index 6b661768e..a9323a45e 100644 --- a/src/test/correct/malloc_memcpy_strlen_memset_free/gcc_O2/malloc_memcpy_strlen_memset_free.expected +++ b/src/test/correct/malloc_memcpy_strlen_memset_free/gcc_O2/malloc_memcpy_strlen_memset_free.expected @@ -7,6 +7,7 @@ var {:extern} Gamma_R2: bool; var {:extern} Gamma_R20: bool; var {:extern} Gamma_R21: bool; var {:extern} Gamma_R29: bool; +var {:extern} Gamma_R3: bool; var {:extern} Gamma_R30: bool; var {:extern} Gamma_R31: bool; var {:extern} Gamma_malloc_base: [bv64]bool; @@ -23,6 +24,7 @@ var {:extern} R2: bv64; var {:extern} R20: bv64; var {:extern} R21: bv64; var {:extern} R29: bv64; +var {:extern} R3: bv64; var {:extern} R30: bv64; var {:extern} R31: bv64; var {:extern} malloc_base: [bv64]bv8; @@ -31,11 +33,11 @@ var {:extern} malloc_end: [bv64]bv8; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $buf_addr: bv64; -axiom ($buf_addr == 131192bv64); +axiom ($buf_addr == 69672bv64); const {:extern} $password_addr: bv64; -axiom ($password_addr == 131179bv64); +axiom ($password_addr == 69659bv64); const {:extern} $stext_addr: bv64; -axiom ($stext_addr == 131168bv64); +axiom ($stext_addr == 69648bv64); function {:extern} L(memory: [bv64]bv8, index: bv64) returns (bool) { false } @@ -82,10 +84,10 @@ procedure {:extern} rely(); free ensures (memory_load8_le(mem, 2473bv64) == 0bv8); free ensures (memory_load8_le(mem, 2474bv64) == 2bv8); free ensures (memory_load8_le(mem, 2475bv64) == 0bv8); - free ensures (memory_load64_le(mem, 130504bv64) == 2448bv64); - free ensures (memory_load64_le(mem, 130512bv64) == 2368bv64); - free ensures (memory_load64_le(mem, 131032bv64) == 1984bv64); - free ensures (memory_load64_le(mem, 131160bv64) == 131160bv64); + free ensures (memory_load64_le(mem, 68968bv64) == 2448bv64); + free ensures (memory_load64_le(mem, 68976bv64) == 2368bv64); + free ensures (memory_load64_le(mem, 69616bv64) == 1984bv64); + free ensures (memory_load64_le(mem, 69640bv64) == 69640bv64); procedure {:extern} rely_transitive(); modifies Gamma_mem, mem; @@ -103,6 +105,25 @@ procedure {:extern} rely_reflexive(); procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; +procedure __memcpy_chk(); + modifies Gamma_R16, Gamma_R17, R16, R17; + free requires (memory_load8_le(mem, 2472bv64) == 1bv8); + free requires (memory_load8_le(mem, 2473bv64) == 0bv8); + free requires (memory_load8_le(mem, 2474bv64) == 2bv8); + free requires (memory_load8_le(mem, 2475bv64) == 0bv8); + free requires (memory_load64_le(mem, 68968bv64) == 2448bv64); + free requires (memory_load64_le(mem, 68976bv64) == 2368bv64); + free requires (memory_load64_le(mem, 69616bv64) == 1984bv64); + free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); + free ensures (memory_load8_le(mem, 2472bv64) == 1bv8); + free ensures (memory_load8_le(mem, 2473bv64) == 0bv8); + free ensures (memory_load8_le(mem, 2474bv64) == 2bv8); + free ensures (memory_load8_le(mem, 2475bv64) == 0bv8); + free ensures (memory_load64_le(mem, 68968bv64) == 2448bv64); + free ensures (memory_load64_le(mem, 68976bv64) == 2368bv64); + free ensures (memory_load64_le(mem, 69616bv64) == 1984bv64); + free ensures (memory_load64_le(mem, 69640bv64) == 69640bv64); + procedure #free(); modifies Gamma_R16, Gamma_R17, R16, R17; requires (forall i : int, j: bv64 :: (malloc_base[i] == R0 && bvuge64(j, R0) && bvult64(j, malloc_end[i])) ==> Gamma_mem[j]); @@ -110,61 +131,61 @@ procedure #free(); free requires (memory_load8_le(mem, 2473bv64) == 0bv8); free requires (memory_load8_le(mem, 2474bv64) == 2bv8); free requires (memory_load8_le(mem, 2475bv64) == 0bv8); - free requires (memory_load64_le(mem, 130504bv64) == 2448bv64); - free requires (memory_load64_le(mem, 130512bv64) == 2368bv64); - free requires (memory_load64_le(mem, 131032bv64) == 1984bv64); - free requires (memory_load64_le(mem, 131160bv64) == 131160bv64); + free requires (memory_load64_le(mem, 68968bv64) == 2448bv64); + free requires (memory_load64_le(mem, 68976bv64) == 2368bv64); + free requires (memory_load64_le(mem, 69616bv64) == 1984bv64); + free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); free ensures (memory_load8_le(mem, 2472bv64) == 1bv8); free ensures (memory_load8_le(mem, 2473bv64) == 0bv8); free ensures (memory_load8_le(mem, 2474bv64) == 2bv8); free ensures (memory_load8_le(mem, 2475bv64) == 0bv8); - free ensures (memory_load64_le(mem, 130504bv64) == 2448bv64); - free ensures (memory_load64_le(mem, 130512bv64) == 2368bv64); - free ensures (memory_load64_le(mem, 131032bv64) == 1984bv64); - free ensures (memory_load64_le(mem, 131160bv64) == 131160bv64); + free ensures (memory_load64_le(mem, 68968bv64) == 2448bv64); + free ensures (memory_load64_le(mem, 68976bv64) == 2368bv64); + free ensures (memory_load64_le(mem, 69616bv64) == 1984bv64); + free ensures (memory_load64_le(mem, 69640bv64) == 69640bv64); procedure main(); - modifies Gamma_R0, Gamma_R1, Gamma_R16, Gamma_R17, Gamma_R19, Gamma_R2, Gamma_R20, Gamma_R21, Gamma_R29, Gamma_R30, Gamma_R31, Gamma_malloc_base, Gamma_malloc_count, Gamma_malloc_end, Gamma_mem, Gamma_stack, R0, R1, R16, R17, R19, R2, R20, R21, R29, R30, R31, malloc_base, malloc_count, malloc_end, mem, stack; + modifies Gamma_R0, Gamma_R1, Gamma_R16, Gamma_R17, Gamma_R19, Gamma_R2, Gamma_R20, Gamma_R21, Gamma_R29, Gamma_R3, Gamma_R30, Gamma_R31, Gamma_malloc_base, Gamma_malloc_count, Gamma_malloc_end, Gamma_mem, Gamma_stack, R0, R1, R16, R17, R19, R2, R20, R21, R29, R3, R30, R31, malloc_base, malloc_count, malloc_end, mem, stack; requires (gamma_load8(Gamma_mem, $password_addr) == false); requires malloc_count == 0; requires gamma_load32(Gamma_mem, memory_load64_le(mem, $stext_addr)); requires R31 == 100bv64; - free requires (memory_load8_le(mem, 131152bv64) == 0bv8); - free requires (memory_load8_le(mem, 131153bv64) == 0bv8); - free requires (memory_load8_le(mem, 131154bv64) == 0bv8); - free requires (memory_load8_le(mem, 131155bv64) == 0bv8); - free requires (memory_load8_le(mem, 131156bv64) == 0bv8); - free requires (memory_load8_le(mem, 131157bv64) == 0bv8); - free requires (memory_load8_le(mem, 131158bv64) == 0bv8); - free requires (memory_load8_le(mem, 131159bv64) == 0bv8); - free requires (memory_load8_le(mem, 131160bv64) == 88bv8); - free requires (memory_load8_le(mem, 131161bv64) == 0bv8); - free requires (memory_load8_le(mem, 131162bv64) == 2bv8); - free requires (memory_load8_le(mem, 131163bv64) == 0bv8); - free requires (memory_load8_le(mem, 131164bv64) == 0bv8); - free requires (memory_load8_le(mem, 131165bv64) == 0bv8); - free requires (memory_load8_le(mem, 131166bv64) == 0bv8); - free requires (memory_load8_le(mem, 131167bv64) == 0bv8); - free requires (memory_load8_le(mem, 131168bv64) == 117bv8); - free requires (memory_load8_le(mem, 131169bv64) == 115bv8); - free requires (memory_load8_le(mem, 131170bv64) == 101bv8); - free requires (memory_load8_le(mem, 131171bv64) == 114bv8); - free requires (memory_load8_le(mem, 131172bv64) == 58bv8); - free requires (memory_load8_le(mem, 131173bv64) == 112bv8); - free requires (memory_load8_le(mem, 131174bv64) == 97bv8); - free requires (memory_load8_le(mem, 131175bv64) == 115bv8); - free requires (memory_load8_le(mem, 131176bv64) == 115bv8); - free requires (memory_load8_le(mem, 131177bv64) == 0bv8); - free requires (memory_load8_le(mem, 131178bv64) == 0bv8); - free requires (memory_load8_le(mem, 131179bv64) == 7bv8); + free requires (memory_load8_le(mem, 69632bv64) == 0bv8); + free requires (memory_load8_le(mem, 69633bv64) == 0bv8); + free requires (memory_load8_le(mem, 69634bv64) == 0bv8); + free requires (memory_load8_le(mem, 69635bv64) == 0bv8); + free requires (memory_load8_le(mem, 69636bv64) == 0bv8); + free requires (memory_load8_le(mem, 69637bv64) == 0bv8); + free requires (memory_load8_le(mem, 69638bv64) == 0bv8); + free requires (memory_load8_le(mem, 69639bv64) == 0bv8); + free requires (memory_load8_le(mem, 69640bv64) == 8bv8); + free requires (memory_load8_le(mem, 69641bv64) == 16bv8); + free requires (memory_load8_le(mem, 69642bv64) == 1bv8); + free requires (memory_load8_le(mem, 69643bv64) == 0bv8); + free requires (memory_load8_le(mem, 69644bv64) == 0bv8); + free requires (memory_load8_le(mem, 69645bv64) == 0bv8); + free requires (memory_load8_le(mem, 69646bv64) == 0bv8); + free requires (memory_load8_le(mem, 69647bv64) == 0bv8); + free requires (memory_load8_le(mem, 69648bv64) == 117bv8); + free requires (memory_load8_le(mem, 69649bv64) == 115bv8); + free requires (memory_load8_le(mem, 69650bv64) == 101bv8); + free requires (memory_load8_le(mem, 69651bv64) == 114bv8); + free requires (memory_load8_le(mem, 69652bv64) == 58bv8); + free requires (memory_load8_le(mem, 69653bv64) == 112bv8); + free requires (memory_load8_le(mem, 69654bv64) == 97bv8); + free requires (memory_load8_le(mem, 69655bv64) == 115bv8); + free requires (memory_load8_le(mem, 69656bv64) == 115bv8); + free requires (memory_load8_le(mem, 69657bv64) == 0bv8); + free requires (memory_load8_le(mem, 69658bv64) == 0bv8); + free requires (memory_load8_le(mem, 69659bv64) == 7bv8); free requires (memory_load8_le(mem, 2472bv64) == 1bv8); free requires (memory_load8_le(mem, 2473bv64) == 0bv8); free requires (memory_load8_le(mem, 2474bv64) == 2bv8); free requires (memory_load8_le(mem, 2475bv64) == 0bv8); - free requires (memory_load64_le(mem, 130504bv64) == 2448bv64); - free requires (memory_load64_le(mem, 130512bv64) == 2368bv64); - free requires (memory_load64_le(mem, 131032bv64) == 1984bv64); - free requires (memory_load64_le(mem, 131160bv64) == 131160bv64); + free requires (memory_load64_le(mem, 68968bv64) == 2448bv64); + free requires (memory_load64_le(mem, 68976bv64) == 2368bv64); + free requires (memory_load64_le(mem, 69616bv64) == 1984bv64); + free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); free ensures (Gamma_R19 == old(Gamma_R19)); free ensures (Gamma_R20 == old(Gamma_R20)); free ensures (Gamma_R21 == old(Gamma_R21)); @@ -179,10 +200,10 @@ procedure main(); free ensures (memory_load8_le(mem, 2473bv64) == 0bv8); free ensures (memory_load8_le(mem, 2474bv64) == 2bv8); free ensures (memory_load8_le(mem, 2475bv64) == 0bv8); - free ensures (memory_load64_le(mem, 130504bv64) == 2448bv64); - free ensures (memory_load64_le(mem, 130512bv64) == 2368bv64); - free ensures (memory_load64_le(mem, 131032bv64) == 1984bv64); - free ensures (memory_load64_le(mem, 131160bv64) == 131160bv64); + free ensures (memory_load64_le(mem, 68968bv64) == 2448bv64); + free ensures (memory_load64_le(mem, 68976bv64) == 2368bv64); + free ensures (memory_load64_le(mem, 69616bv64) == 1984bv64); + free ensures (memory_load64_le(mem, 69640bv64) == 69640bv64); implementation main() { @@ -196,79 +217,80 @@ implementation main() assume {:captureState "lmain"} true; #1, Gamma_#1 := bvadd64(R31, 18446744073709551568bv64), Gamma_R31; stack, Gamma_stack := memory_store64_le(stack, #1, R29), gamma_store64(Gamma_stack, #1, Gamma_R29); - assume {:captureState "%00000233"} true; + assume {:captureState "%00000232"} true; stack, Gamma_stack := memory_store64_le(stack, bvadd64(#1, 8bv64), R30), gamma_store64(Gamma_stack, bvadd64(#1, 8bv64), Gamma_R30); - assume {:captureState "%00000239"} true; + assume {:captureState "%00000238"} true; R31, Gamma_R31 := #1, Gamma_#1; R0, Gamma_R0 := 11bv64, true; R29, Gamma_R29 := R31, Gamma_R31; stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 32bv64), R21), gamma_store64(Gamma_stack, bvadd64(R31, 32bv64), Gamma_R21); - assume {:captureState "%00000250"} true; - R21, Gamma_R21 := 131072bv64, true; + assume {:captureState "%0000024f"} true; + R21, Gamma_R21 := 69632bv64, true; #2, Gamma_#2 := bvadd64(R31, 16bv64), Gamma_R31; stack, Gamma_stack := memory_store64_le(stack, #2, R19), gamma_store64(Gamma_stack, #2, Gamma_R19); - assume {:captureState "%00000261"} true; + assume {:captureState "%00000260"} true; stack, Gamma_stack := memory_store64_le(stack, bvadd64(#2, 8bv64), R20), gamma_store64(Gamma_stack, bvadd64(#2, 8bv64), Gamma_R20); - assume {:captureState "%00000267"} true; + assume {:captureState "%00000266"} true; R30, Gamma_R30 := 2012bv64, true; call malloc(); - goto l00000271; - l00000271: - assume {:captureState "l00000271"} true; - R20, Gamma_R20 := 131072bv64, true; - R20, Gamma_R20 := bvadd64(R20, 96bv64), Gamma_R20; + goto l00000270; + l00000270: + assume {:captureState "l00000270"} true; + R20, Gamma_R20 := 69632bv64, true; + R20, Gamma_R20 := bvadd64(R20, 16bv64), Gamma_R20; R19, Gamma_R19 := R0, Gamma_R0; R0, Gamma_R0 := R20, Gamma_R20; call rely(); - assert (L(mem, bvadd64(R21, 120bv64)) ==> Gamma_R19); - mem, Gamma_mem := memory_store64_le(mem, bvadd64(R21, 120bv64), R19), gamma_store64(Gamma_mem, bvadd64(R21, 120bv64), Gamma_R19); - assume {:captureState "%0000028e"} true; + assert (L(mem, bvadd64(R21, 40bv64)) ==> Gamma_R19); + mem, Gamma_mem := memory_store64_le(mem, bvadd64(R21, 40bv64), R19), gamma_store64(Gamma_mem, bvadd64(R21, 40bv64), Gamma_R19); + assume {:captureState "%0000028d"} true; R30, Gamma_R30 := 2036bv64, true; call strlen(); - goto l00000298; - l00000298: - assume {:captureState "l00000298"} true; + goto l00000297; + l00000297: + assume {:captureState "l00000297"} true; R2, Gamma_R2 := R0, Gamma_R0; R1, Gamma_R1 := R20, Gamma_R20; + R3, Gamma_R3 := 11bv64, true; R0, Gamma_R0 := R19, Gamma_R19; - R30, Gamma_R30 := 2052bv64, true; - call memcpy(); - goto l000002b2; - l000002b2: - assume {:captureState "l000002b2"} true; + R30, Gamma_R30 := 2056bv64, true; + call __memcpy_chk(); + goto l000002b6; + l000002b6: + assume {:captureState "l000002b6"} true; R0, Gamma_R0 := R19, Gamma_R19; - R30, Gamma_R30 := 2060bv64, true; + R30, Gamma_R30 := 2064bv64, true; call puts(); - goto l000002c0; - l000002c0: - assume {:captureState "l000002c0"} true; + goto l000002c4; + l000002c4: + assume {:captureState "l000002c4"} true; call rely(); - R19, Gamma_R19 := memory_load64_le(mem, bvadd64(R21, 120bv64)), (gamma_load64(Gamma_mem, bvadd64(R21, 120bv64)) || L(mem, bvadd64(R21, 120bv64))); + R19, Gamma_R19 := memory_load64_le(mem, bvadd64(R21, 40bv64)), (gamma_load64(Gamma_mem, bvadd64(R21, 40bv64)) || L(mem, bvadd64(R21, 40bv64))); R0, Gamma_R0 := R19, Gamma_R19; - R30, Gamma_R30 := 2072bv64, true; + R30, Gamma_R30 := 2076bv64, true; call strlen(); - goto l000002d4; - l000002d4: - assume {:captureState "l000002d4"} true; + goto l000002d8; + l000002d8: + assume {:captureState "l000002d8"} true; R1, Gamma_R1 := 1bv64, true; R2, Gamma_R2 := R0, Gamma_R0; R0, Gamma_R0 := R19, Gamma_R19; - R30, Gamma_R30 := 2088bv64, true; + R30, Gamma_R30 := 2092bv64, true; call memset(); - goto l000002ed; - l000002ed: - assume {:captureState "l000002ed"} true; + goto l000002f1; + l000002f1: + assume {:captureState "l000002f1"} true; call rely(); - R0, Gamma_R0 := memory_load64_le(mem, bvadd64(R21, 120bv64)), (gamma_load64(Gamma_mem, bvadd64(R21, 120bv64)) || L(mem, bvadd64(R21, 120bv64))); - R30, Gamma_R30 := 2096bv64, true; + R0, Gamma_R0 := memory_load64_le(mem, bvadd64(R21, 40bv64)), (gamma_load64(Gamma_mem, bvadd64(R21, 40bv64)) || L(mem, bvadd64(R21, 40bv64))); + R30, Gamma_R30 := 2100bv64, true; call #free(); - goto l000002fc; - l000002fc: - assume {:captureState "l000002fc"} true; + goto l00000300; + l00000300: + assume {:captureState "l00000300"} true; + R0, Gamma_R0 := 0bv64, true; #3, Gamma_#3 := bvadd64(R31, 16bv64), Gamma_R31; R19, Gamma_R19 := memory_load64_le(stack, #3), gamma_load64(Gamma_stack, #3); R20, Gamma_R20 := memory_load64_le(stack, bvadd64(#3, 8bv64)), gamma_load64(Gamma_stack, bvadd64(#3, 8bv64)); - R0, Gamma_R0 := 0bv64, true; R21, Gamma_R21 := memory_load64_le(stack, bvadd64(R31, 32bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 32bv64)); R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); @@ -287,10 +309,10 @@ procedure malloc(); free requires (memory_load8_le(mem, 2473bv64) == 0bv8); free requires (memory_load8_le(mem, 2474bv64) == 2bv8); free requires (memory_load8_le(mem, 2475bv64) == 0bv8); - free requires (memory_load64_le(mem, 130504bv64) == 2448bv64); - free requires (memory_load64_le(mem, 130512bv64) == 2368bv64); - free requires (memory_load64_le(mem, 131032bv64) == 1984bv64); - free requires (memory_load64_le(mem, 131160bv64) == 131160bv64); + free requires (memory_load64_le(mem, 68968bv64) == 2448bv64); + free requires (memory_load64_le(mem, 68976bv64) == 2368bv64); + free requires (memory_load64_le(mem, 69616bv64) == 1984bv64); + free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); ensures Gamma_R0 == true; ensures malloc_count == old(malloc_count) + 1; ensures bvugt64(malloc_end[malloc_count], malloc_base[malloc_count]); @@ -304,31 +326,10 @@ procedure malloc(); free ensures (memory_load8_le(mem, 2473bv64) == 0bv8); free ensures (memory_load8_le(mem, 2474bv64) == 2bv8); free ensures (memory_load8_le(mem, 2475bv64) == 0bv8); - free ensures (memory_load64_le(mem, 130504bv64) == 2448bv64); - free ensures (memory_load64_le(mem, 130512bv64) == 2368bv64); - free ensures (memory_load64_le(mem, 131032bv64) == 1984bv64); - free ensures (memory_load64_le(mem, 131160bv64) == 131160bv64); - -procedure memcpy(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; - free requires (memory_load8_le(mem, 2472bv64) == 1bv8); - free requires (memory_load8_le(mem, 2473bv64) == 0bv8); - free requires (memory_load8_le(mem, 2474bv64) == 2bv8); - free requires (memory_load8_le(mem, 2475bv64) == 0bv8); - free requires (memory_load64_le(mem, 130504bv64) == 2448bv64); - free requires (memory_load64_le(mem, 130512bv64) == 2368bv64); - free requires (memory_load64_le(mem, 131032bv64) == 1984bv64); - free requires (memory_load64_le(mem, 131160bv64) == 131160bv64); - ensures (forall i: bv64 :: (Gamma_mem[i] == if (bvule64(R0, i) && bvult64(i, bvadd64(R0, R2))) then gamma_load8((Gamma_mem), bvadd64(bvsub64(i, R0), R1)) else old(gamma_load8(Gamma_mem, i)))); - ensures (forall i: bv64 :: (mem[i] == if (bvule64(R0, i) && bvult64(i,bvadd64(R0, R2))) then memory_load8_le((mem), bvadd64(bvsub64(i, R0), R1)) else old(memory_load8_le(mem, i)))); - free ensures (memory_load8_le(mem, 2472bv64) == 1bv8); - free ensures (memory_load8_le(mem, 2473bv64) == 0bv8); - free ensures (memory_load8_le(mem, 2474bv64) == 2bv8); - free ensures (memory_load8_le(mem, 2475bv64) == 0bv8); - free ensures (memory_load64_le(mem, 130504bv64) == 2448bv64); - free ensures (memory_load64_le(mem, 130512bv64) == 2368bv64); - free ensures (memory_load64_le(mem, 131032bv64) == 1984bv64); - free ensures (memory_load64_le(mem, 131160bv64) == 131160bv64); + free ensures (memory_load64_le(mem, 68968bv64) == 2448bv64); + free ensures (memory_load64_le(mem, 68976bv64) == 2368bv64); + free ensures (memory_load64_le(mem, 69616bv64) == 1984bv64); + free ensures (memory_load64_le(mem, 69640bv64) == 69640bv64); procedure memset(); modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; @@ -337,10 +338,10 @@ procedure memset(); free requires (memory_load8_le(mem, 2473bv64) == 0bv8); free requires (memory_load8_le(mem, 2474bv64) == 2bv8); free requires (memory_load8_le(mem, 2475bv64) == 0bv8); - free requires (memory_load64_le(mem, 130504bv64) == 2448bv64); - free requires (memory_load64_le(mem, 130512bv64) == 2368bv64); - free requires (memory_load64_le(mem, 131032bv64) == 1984bv64); - free requires (memory_load64_le(mem, 131160bv64) == 131160bv64); + free requires (memory_load64_le(mem, 68968bv64) == 2448bv64); + free requires (memory_load64_le(mem, 68976bv64) == 2368bv64); + free requires (memory_load64_le(mem, 69616bv64) == 1984bv64); + free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); ensures ((memory_load64_le(mem, $buf_addr) == old(memory_load64_le(mem, $buf_addr))) && (memory_load8_le(mem, $password_addr) == old(memory_load8_le(mem, $password_addr)))); ensures (forall i: bv64 :: (Gamma_mem[i] == if (bvule64(R0, i) && bvult64(i,bvadd64(R0, R2))) then Gamma_R1 else old(gamma_load8(Gamma_mem, i)))); ensures (forall i: bv64 :: (mem[i] == if (bvule64(R0, i) && bvult64(i,bvadd64(R0, R2))) then R1[8:0] else old(memory_load8_le(mem, i)))); @@ -348,10 +349,10 @@ procedure memset(); free ensures (memory_load8_le(mem, 2473bv64) == 0bv8); free ensures (memory_load8_le(mem, 2474bv64) == 2bv8); free ensures (memory_load8_le(mem, 2475bv64) == 0bv8); - free ensures (memory_load64_le(mem, 130504bv64) == 2448bv64); - free ensures (memory_load64_le(mem, 130512bv64) == 2368bv64); - free ensures (memory_load64_le(mem, 131032bv64) == 1984bv64); - free ensures (memory_load64_le(mem, 131160bv64) == 131160bv64); + free ensures (memory_load64_le(mem, 68968bv64) == 2448bv64); + free ensures (memory_load64_le(mem, 68976bv64) == 2368bv64); + free ensures (memory_load64_le(mem, 69616bv64) == 1984bv64); + free ensures (memory_load64_le(mem, 69640bv64) == 69640bv64); procedure puts(); modifies Gamma_R16, Gamma_R17, R16, R17; @@ -359,18 +360,18 @@ procedure puts(); free requires (memory_load8_le(mem, 2473bv64) == 0bv8); free requires (memory_load8_le(mem, 2474bv64) == 2bv8); free requires (memory_load8_le(mem, 2475bv64) == 0bv8); - free requires (memory_load64_le(mem, 130504bv64) == 2448bv64); - free requires (memory_load64_le(mem, 130512bv64) == 2368bv64); - free requires (memory_load64_le(mem, 131032bv64) == 1984bv64); - free requires (memory_load64_le(mem, 131160bv64) == 131160bv64); + free requires (memory_load64_le(mem, 68968bv64) == 2448bv64); + free requires (memory_load64_le(mem, 68976bv64) == 2368bv64); + free requires (memory_load64_le(mem, 69616bv64) == 1984bv64); + free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); free ensures (memory_load8_le(mem, 2472bv64) == 1bv8); free ensures (memory_load8_le(mem, 2473bv64) == 0bv8); free ensures (memory_load8_le(mem, 2474bv64) == 2bv8); free ensures (memory_load8_le(mem, 2475bv64) == 0bv8); - free ensures (memory_load64_le(mem, 130504bv64) == 2448bv64); - free ensures (memory_load64_le(mem, 130512bv64) == 2368bv64); - free ensures (memory_load64_le(mem, 131032bv64) == 1984bv64); - free ensures (memory_load64_le(mem, 131160bv64) == 131160bv64); + free ensures (memory_load64_le(mem, 68968bv64) == 2448bv64); + free ensures (memory_load64_le(mem, 68976bv64) == 2368bv64); + free ensures (memory_load64_le(mem, 69616bv64) == 1984bv64); + free ensures (memory_load64_le(mem, 69640bv64) == 69640bv64); procedure strlen(); modifies Gamma_R0, Gamma_R16, Gamma_R17, R0, R16, R17; @@ -378,10 +379,10 @@ procedure strlen(); free requires (memory_load8_le(mem, 2473bv64) == 0bv8); free requires (memory_load8_le(mem, 2474bv64) == 2bv8); free requires (memory_load8_le(mem, 2475bv64) == 0bv8); - free requires (memory_load64_le(mem, 130504bv64) == 2448bv64); - free requires (memory_load64_le(mem, 130512bv64) == 2368bv64); - free requires (memory_load64_le(mem, 131032bv64) == 1984bv64); - free requires (memory_load64_le(mem, 131160bv64) == 131160bv64); + free requires (memory_load64_le(mem, 68968bv64) == 2448bv64); + free requires (memory_load64_le(mem, 68976bv64) == 2368bv64); + free requires (memory_load64_le(mem, 69616bv64) == 1984bv64); + free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); ensures Gamma_R0 == true; ensures (forall i: bv64 :: (bvule64(old(R0), i)) && (bvult64(i, bvadd64(old(R0), R0))) ==> mem[i] != 0bv8); ensures (memory_load8_le(mem, bvadd64(old(R0), R0)) == 0bv8); @@ -390,8 +391,8 @@ procedure strlen(); free ensures (memory_load8_le(mem, 2473bv64) == 0bv8); free ensures (memory_load8_le(mem, 2474bv64) == 2bv8); free ensures (memory_load8_le(mem, 2475bv64) == 0bv8); - free ensures (memory_load64_le(mem, 130504bv64) == 2448bv64); - free ensures (memory_load64_le(mem, 130512bv64) == 2368bv64); - free ensures (memory_load64_le(mem, 131032bv64) == 1984bv64); - free ensures (memory_load64_le(mem, 131160bv64) == 131160bv64); + free ensures (memory_load64_le(mem, 68968bv64) == 2448bv64); + free ensures (memory_load64_le(mem, 68976bv64) == 2368bv64); + free ensures (memory_load64_le(mem, 69616bv64) == 1984bv64); + free ensures (memory_load64_le(mem, 69640bv64) == 69640bv64); diff --git a/src/test/correct/nestedif/clang/nestedif.expected b/src/test/correct/nestedif/clang/nestedif.expected index ab32e4390..d5aeae0de 100644 --- a/src/test/correct/nestedif/clang/nestedif.expected +++ b/src/test/correct/nestedif/clang/nestedif.expected @@ -1,11 +1,19 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; var {:extern} Gamma_R8: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; var {:extern} R8: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $_IO_stdin_used_addr: bv64; @@ -74,7 +82,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_stack, R0, R31, R8, stack; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_R8, Gamma_VF, Gamma_ZF, Gamma_stack, NF, R0, R31, R8, VF, ZF, stack; free requires (memory_load64_le(mem, 69664bv64) == 0bv64); free requires (memory_load64_le(mem, 69672bv64) == 69672bv64); free requires (memory_load8_le(mem, 1968bv64) == 1bv8); @@ -101,17 +109,9 @@ implementation main() var #4: bv32; var #5: bv32; var #6: bv32; - var CF: bv1; var Gamma_#4: bool; var Gamma_#5: bool; var Gamma_#6: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; @@ -130,7 +130,7 @@ implementation main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l0000037c, lmain_goto_l00000379; + goto lmain_goto_l00000379, lmain_goto_l0000037c; l0000037c: assume {:captureState "l0000037c"} true; R8, Gamma_R8 := 1bv64, true; @@ -142,7 +142,7 @@ implementation main() l0000037f: assume {:captureState "l0000037f"} true; assert Gamma_R8; - goto l0000037f_goto_l00000442, l0000037f_goto_l00000387; + goto l0000037f_goto_l00000387, l0000037f_goto_l00000442; l00000387: assume {:captureState "l00000387"} true; R8, Gamma_R8 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); @@ -153,7 +153,7 @@ implementation main() NF, Gamma_NF := bvadd32(#5, 1bv32)[32:31], Gamma_#5; R8, Gamma_R8 := zero_extend32_32(bvadd32(#5, 1bv32)), Gamma_#5; assert Gamma_ZF; - goto l00000387_goto_l000003b5, l00000387_goto_l000003b2; + goto l00000387_goto_l000003b2, l00000387_goto_l000003b5; l000003b5: assume {:captureState "l000003b5"} true; R8, Gamma_R8 := 1bv64, true; @@ -165,7 +165,7 @@ implementation main() l000003b8: assume {:captureState "l000003b8"} true; assert Gamma_R8; - goto l000003b8_goto_l000003c0, l000003b8_goto_l0000042d; + goto l000003b8_goto_l0000042d, l000003b8_goto_l000003c0; l000003c0: assume {:captureState "l000003c0"} true; R8, Gamma_R8 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); diff --git a/src/test/correct/nestedif/clang_no_plt_no_pic/nestedif.expected b/src/test/correct/nestedif/clang_no_plt_no_pic/nestedif.expected index 4f0bf3c3b..8c1596351 100644 --- a/src/test/correct/nestedif/clang_no_plt_no_pic/nestedif.expected +++ b/src/test/correct/nestedif/clang_no_plt_no_pic/nestedif.expected @@ -1,11 +1,19 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; var {:extern} Gamma_R8: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; var {:extern} R8: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $_IO_stdin_used_addr: bv64; @@ -74,7 +82,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_stack, R0, R31, R8, stack; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_R8, Gamma_VF, Gamma_ZF, Gamma_stack, NF, R0, R31, R8, VF, ZF, stack; free requires (memory_load64_le(mem, 69664bv64) == 0bv64); free requires (memory_load64_le(mem, 69672bv64) == 69672bv64); free requires (memory_load8_le(mem, 1968bv64) == 1bv8); @@ -101,17 +109,9 @@ implementation main() var #4: bv32; var #5: bv32; var #6: bv32; - var CF: bv1; var Gamma_#4: bool; var Gamma_#5: bool; var Gamma_#6: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; @@ -142,7 +142,7 @@ implementation main() l00000ab0: assume {:captureState "l00000ab0"} true; assert Gamma_R8; - goto l00000ab0_goto_l00000b73, l00000ab0_goto_l00000ab8; + goto l00000ab0_goto_l00000ab8, l00000ab0_goto_l00000b73; l00000ab8: assume {:captureState "l00000ab8"} true; R8, Gamma_R8 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); @@ -176,7 +176,7 @@ implementation main() NF, Gamma_NF := bvadd32(#6, 1bv32)[32:31], Gamma_#6; R8, Gamma_R8 := zero_extend32_32(bvadd32(#6, 1bv32)), Gamma_#6; assert Gamma_ZF; - goto l00000af1_goto_l00000b1c, l00000af1_goto_l00000b1f; + goto l00000af1_goto_l00000b1f, l00000af1_goto_l00000b1c; l00000b1f: assume {:captureState "l00000b1f"} true; R8, Gamma_R8 := 1bv64, true; @@ -188,7 +188,7 @@ implementation main() l00000b22: assume {:captureState "l00000b22"} true; assert Gamma_R8; - goto l00000b22_goto_l00000b49, l00000b22_goto_l00000b2a; + goto l00000b22_goto_l00000b2a, l00000b22_goto_l00000b49; l00000b49: assume {:captureState "l00000b49"} true; goto l00000b4a; diff --git a/src/test/correct/nestedif/clang_pic/nestedif.expected b/src/test/correct/nestedif/clang_pic/nestedif.expected index 4f0bf3c3b..8bc2d9fb7 100644 --- a/src/test/correct/nestedif/clang_pic/nestedif.expected +++ b/src/test/correct/nestedif/clang_pic/nestedif.expected @@ -1,11 +1,19 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; var {:extern} Gamma_R8: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; var {:extern} R8: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $_IO_stdin_used_addr: bv64; @@ -74,7 +82,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_stack, R0, R31, R8, stack; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_R8, Gamma_VF, Gamma_ZF, Gamma_stack, NF, R0, R31, R8, VF, ZF, stack; free requires (memory_load64_le(mem, 69664bv64) == 0bv64); free requires (memory_load64_le(mem, 69672bv64) == 69672bv64); free requires (memory_load8_le(mem, 1968bv64) == 1bv8); @@ -101,17 +109,9 @@ implementation main() var #4: bv32; var #5: bv32; var #6: bv32; - var CF: bv1; var Gamma_#4: bool; var Gamma_#5: bool; var Gamma_#6: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; @@ -130,7 +130,7 @@ implementation main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l00000aaa, lmain_goto_l00000aad; + goto lmain_goto_l00000aad, lmain_goto_l00000aaa; l00000aad: assume {:captureState "l00000aad"} true; R8, Gamma_R8 := 1bv64, true; @@ -165,7 +165,7 @@ implementation main() l00000ae9: assume {:captureState "l00000ae9"} true; assert Gamma_R8; - goto l00000ae9_goto_l00000af1, l00000ae9_goto_l00000b5e; + goto l00000ae9_goto_l00000b5e, l00000ae9_goto_l00000af1; l00000af1: assume {:captureState "l00000af1"} true; R8, Gamma_R8 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); @@ -176,7 +176,7 @@ implementation main() NF, Gamma_NF := bvadd32(#6, 1bv32)[32:31], Gamma_#6; R8, Gamma_R8 := zero_extend32_32(bvadd32(#6, 1bv32)), Gamma_#6; assert Gamma_ZF; - goto l00000af1_goto_l00000b1c, l00000af1_goto_l00000b1f; + goto l00000af1_goto_l00000b1f, l00000af1_goto_l00000b1c; l00000b1f: assume {:captureState "l00000b1f"} true; R8, Gamma_R8 := 1bv64, true; @@ -188,7 +188,7 @@ implementation main() l00000b22: assume {:captureState "l00000b22"} true; assert Gamma_R8; - goto l00000b22_goto_l00000b49, l00000b22_goto_l00000b2a; + goto l00000b22_goto_l00000b2a, l00000b22_goto_l00000b49; l00000b49: assume {:captureState "l00000b49"} true; goto l00000b4a; diff --git a/src/test/correct/nestedif/gcc/nestedif.expected b/src/test/correct/nestedif/gcc/nestedif.expected index 27090aae3..a60501655 100644 --- a/src/test/correct/nestedif/gcc/nestedif.expected +++ b/src/test/correct/nestedif/gcc/nestedif.expected @@ -1,9 +1,17 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $_IO_stdin_used_addr: bv64; @@ -72,7 +80,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies Gamma_R0, Gamma_R31, Gamma_stack, R0, R31, stack; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_VF, Gamma_ZF, Gamma_stack, NF, R0, R31, VF, ZF, stack; free requires (memory_load64_le(mem, 69632bv64) == 0bv64); free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); free requires (memory_load8_le(mem, 1928bv64) == 1bv8); @@ -99,17 +107,9 @@ implementation main() var #4: bv32; var #5: bv32; var #6: bv32; - var CF: bv1; var Gamma_#4: bool; var Gamma_#5: bool; var Gamma_#6: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; @@ -125,7 +125,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#4, 1bv32), 0bv32), Gamma_#4; NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l00000345, lmain_goto_l000003c4; + goto lmain_goto_l000003c4, lmain_goto_l00000345; l00000345: assume {:captureState "l00000345"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); @@ -135,7 +135,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#5, 1bv32), 0bv32), Gamma_#5; NF, Gamma_NF := bvadd32(#5, 1bv32)[32:31], Gamma_#5; assert Gamma_ZF; - goto l00000345_goto_l0000036b, l00000345_goto_l000003b3; + goto l00000345_goto_l000003b3, l00000345_goto_l0000036b; l0000036b: assume {:captureState "l0000036b"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); @@ -145,7 +145,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#6, 1bv32), 0bv32), Gamma_#6; NF, Gamma_NF := bvadd32(#6, 1bv32)[32:31], Gamma_#6; assert Gamma_ZF; - goto l0000036b_goto_l000003a6, l0000036b_goto_l00000391; + goto l0000036b_goto_l00000391, l0000036b_goto_l000003a6; l000003a6: assume {:captureState "l000003a6"} true; R0, Gamma_R0 := 7bv64, true; diff --git a/src/test/correct/nestedif/gcc_no_plt_no_pic/nestedif.expected b/src/test/correct/nestedif/gcc_no_plt_no_pic/nestedif.expected index 930878b90..64fd4e1f3 100644 --- a/src/test/correct/nestedif/gcc_no_plt_no_pic/nestedif.expected +++ b/src/test/correct/nestedif/gcc_no_plt_no_pic/nestedif.expected @@ -1,9 +1,17 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $_IO_stdin_used_addr: bv64; @@ -72,7 +80,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies Gamma_R0, Gamma_R31, Gamma_stack, R0, R31, stack; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_VF, Gamma_ZF, Gamma_stack, NF, R0, R31, VF, ZF, stack; free requires (memory_load64_le(mem, 69632bv64) == 0bv64); free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); free requires (memory_load8_le(mem, 1928bv64) == 1bv8); @@ -99,17 +107,9 @@ implementation main() var #4: bv32; var #5: bv32; var #6: bv32; - var CF: bv1; var Gamma_#4: bool; var Gamma_#5: bool; var Gamma_#6: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; diff --git a/src/test/correct/nestedif/gcc_pic/nestedif.expected b/src/test/correct/nestedif/gcc_pic/nestedif.expected index 930878b90..4d193b516 100644 --- a/src/test/correct/nestedif/gcc_pic/nestedif.expected +++ b/src/test/correct/nestedif/gcc_pic/nestedif.expected @@ -1,9 +1,17 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $_IO_stdin_used_addr: bv64; @@ -72,7 +80,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies Gamma_R0, Gamma_R31, Gamma_stack, R0, R31, stack; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_VF, Gamma_ZF, Gamma_stack, NF, R0, R31, VF, ZF, stack; free requires (memory_load64_le(mem, 69632bv64) == 0bv64); free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); free requires (memory_load8_le(mem, 1928bv64) == 1bv8); @@ -99,17 +107,9 @@ implementation main() var #4: bv32; var #5: bv32; var #6: bv32; - var CF: bv1; var Gamma_#4: bool; var Gamma_#5: bool; var Gamma_#6: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; @@ -135,7 +135,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#5, 1bv32), 0bv32), Gamma_#5; NF, Gamma_NF := bvadd32(#5, 1bv32)[32:31], Gamma_#5; assert Gamma_ZF; - goto l000009e1_goto_l00000a07, l000009e1_goto_l00000a4f; + goto l000009e1_goto_l00000a4f, l000009e1_goto_l00000a07; l00000a07: assume {:captureState "l00000a07"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); @@ -145,7 +145,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#6, 1bv32), 0bv32), Gamma_#6; NF, Gamma_NF := bvadd32(#6, 1bv32)[32:31], Gamma_#6; assert Gamma_ZF; - goto l00000a07_goto_l00000a2d, l00000a07_goto_l00000a42; + goto l00000a07_goto_l00000a42, l00000a07_goto_l00000a2d; l00000a42: assume {:captureState "l00000a42"} true; R0, Gamma_R0 := 7bv64, true; diff --git a/src/test/correct/simple_jump/clang/simple_jump.expected b/src/test/correct/simple_jump/clang/simple_jump.expected index 3220b9d4b..b7ce17016 100644 --- a/src/test/correct/simple_jump/clang/simple_jump.expected +++ b/src/test/correct/simple_jump/clang/simple_jump.expected @@ -1,11 +1,19 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; var {:extern} Gamma_R8: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; var {:extern} R8: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $_IO_stdin_used_addr: bv64; @@ -74,7 +82,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_stack, R0, R31, R8, stack; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_R8, Gamma_VF, Gamma_ZF, Gamma_stack, NF, R0, R31, R8, VF, ZF, stack; free requires (memory_load64_le(mem, 69664bv64) == 0bv64); free requires (memory_load64_le(mem, 69672bv64) == 69672bv64); free requires (memory_load8_le(mem, 1892bv64) == 1bv8); @@ -99,15 +107,7 @@ procedure main(); implementation main() { var #4: bv32; - var CF: bv1; var Gamma_#4: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; @@ -124,7 +124,7 @@ implementation main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l00000326, lmain_goto_l00000329; + goto lmain_goto_l00000329, lmain_goto_l00000326; l00000329: assume {:captureState "l00000329"} true; R8, Gamma_R8 := 1bv64, true; @@ -136,7 +136,7 @@ implementation main() l0000032c: assume {:captureState "l0000032c"} true; assert Gamma_R8; - goto l0000032c_goto_l00000334, l0000032c_goto_l0000034b; + goto l0000032c_goto_l0000034b, l0000032c_goto_l00000334; l0000034b: assume {:captureState "l0000034b"} true; goto l0000034c; diff --git a/src/test/correct/simple_jump/clang_no_plt_no_pic/simple_jump.expected b/src/test/correct/simple_jump/clang_no_plt_no_pic/simple_jump.expected index fd482b3c1..f37300456 100644 --- a/src/test/correct/simple_jump/clang_no_plt_no_pic/simple_jump.expected +++ b/src/test/correct/simple_jump/clang_no_plt_no_pic/simple_jump.expected @@ -1,11 +1,19 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; var {:extern} Gamma_R8: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; var {:extern} R8: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $_IO_stdin_used_addr: bv64; @@ -74,7 +82,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_stack, R0, R31, R8, stack; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_R8, Gamma_VF, Gamma_ZF, Gamma_stack, NF, R0, R31, R8, VF, ZF, stack; free requires (memory_load64_le(mem, 69664bv64) == 0bv64); free requires (memory_load64_le(mem, 69672bv64) == 69672bv64); free requires (memory_load8_le(mem, 1892bv64) == 1bv8); @@ -99,15 +107,7 @@ procedure main(); implementation main() { var #4: bv32; - var CF: bv1; var Gamma_#4: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; @@ -124,7 +124,7 @@ implementation main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l00000938, lmain_goto_l0000093b; + goto lmain_goto_l0000093b, lmain_goto_l00000938; l0000093b: assume {:captureState "l0000093b"} true; R8, Gamma_R8 := 1bv64, true; @@ -136,7 +136,7 @@ implementation main() l0000093e: assume {:captureState "l0000093e"} true; assert Gamma_R8; - goto l0000093e_goto_l00000946, l0000093e_goto_l0000095d; + goto l0000093e_goto_l0000095d, l0000093e_goto_l00000946; l0000095d: assume {:captureState "l0000095d"} true; goto l0000095e; diff --git a/src/test/correct/simple_jump/clang_pic/simple_jump.expected b/src/test/correct/simple_jump/clang_pic/simple_jump.expected index fd482b3c1..ff4be636c 100644 --- a/src/test/correct/simple_jump/clang_pic/simple_jump.expected +++ b/src/test/correct/simple_jump/clang_pic/simple_jump.expected @@ -1,11 +1,19 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; var {:extern} Gamma_R8: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; var {:extern} R8: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $_IO_stdin_used_addr: bv64; @@ -74,7 +82,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_stack, R0, R31, R8, stack; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_R8, Gamma_VF, Gamma_ZF, Gamma_stack, NF, R0, R31, R8, VF, ZF, stack; free requires (memory_load64_le(mem, 69664bv64) == 0bv64); free requires (memory_load64_le(mem, 69672bv64) == 69672bv64); free requires (memory_load8_le(mem, 1892bv64) == 1bv8); @@ -99,15 +107,7 @@ procedure main(); implementation main() { var #4: bv32; - var CF: bv1; var Gamma_#4: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; diff --git a/src/test/correct/simple_jump/gcc/simple_jump.expected b/src/test/correct/simple_jump/gcc/simple_jump.expected index 300a26ba3..544d421d4 100644 --- a/src/test/correct/simple_jump/gcc/simple_jump.expected +++ b/src/test/correct/simple_jump/gcc/simple_jump.expected @@ -1,9 +1,17 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $_IO_stdin_used_addr: bv64; @@ -72,7 +80,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies Gamma_R0, Gamma_R31, Gamma_stack, R0, R31, stack; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_VF, Gamma_ZF, Gamma_stack, NF, R0, R31, VF, ZF, stack; free requires (memory_load64_le(mem, 69632bv64) == 0bv64); free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); free requires (memory_load8_le(mem, 1876bv64) == 1bv8); @@ -97,15 +105,7 @@ procedure main(); implementation main() { var #4: bv32; - var CF: bv1; var Gamma_#4: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; @@ -119,7 +119,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#4, 1bv32), 0bv32), Gamma_#4; NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l0000031f, lmain_goto_l0000030a; + goto lmain_goto_l0000030a, lmain_goto_l0000031f; l0000031f: assume {:captureState "l0000031f"} true; R0, Gamma_R0 := 6bv64, true; diff --git a/src/test/correct/simple_jump/gcc_no_plt_no_pic/simple_jump.expected b/src/test/correct/simple_jump/gcc_no_plt_no_pic/simple_jump.expected index 13fba5eb2..c6ccb5561 100644 --- a/src/test/correct/simple_jump/gcc_no_plt_no_pic/simple_jump.expected +++ b/src/test/correct/simple_jump/gcc_no_plt_no_pic/simple_jump.expected @@ -1,9 +1,17 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $_IO_stdin_used_addr: bv64; @@ -72,7 +80,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies Gamma_R0, Gamma_R31, Gamma_stack, R0, R31, stack; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_VF, Gamma_ZF, Gamma_stack, NF, R0, R31, VF, ZF, stack; free requires (memory_load64_le(mem, 69632bv64) == 0bv64); free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); free requires (memory_load8_le(mem, 1876bv64) == 1bv8); @@ -97,15 +105,7 @@ procedure main(); implementation main() { var #4: bv32; - var CF: bv1; var Gamma_#4: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; diff --git a/src/test/correct/simple_jump/gcc_pic/simple_jump.expected b/src/test/correct/simple_jump/gcc_pic/simple_jump.expected index 13fba5eb2..c6ccb5561 100644 --- a/src/test/correct/simple_jump/gcc_pic/simple_jump.expected +++ b/src/test/correct/simple_jump/gcc_pic/simple_jump.expected @@ -1,9 +1,17 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $_IO_stdin_used_addr: bv64; @@ -72,7 +80,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies Gamma_R0, Gamma_R31, Gamma_stack, R0, R31, stack; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_VF, Gamma_ZF, Gamma_stack, NF, R0, R31, VF, ZF, stack; free requires (memory_load64_le(mem, 69632bv64) == 0bv64); free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); free requires (memory_load8_le(mem, 1876bv64) == 1bv8); @@ -97,15 +105,7 @@ procedure main(); implementation main() { var #4: bv32; - var CF: bv1; var Gamma_#4: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; diff --git a/src/test/correct/switch/clang/switch.expected b/src/test/correct/switch/clang/switch.expected index ad2745ee3..e12cdc28c 100644 --- a/src/test/correct/switch/clang/switch.expected +++ b/src/test/correct/switch/clang/switch.expected @@ -1,9 +1,17 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R31: bool; var {:extern} Gamma_R8: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R31: bv64; var {:extern} R8: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $_IO_stdin_used_addr: bv64; @@ -72,7 +80,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies Gamma_R31, Gamma_R8, Gamma_stack, R31, R8, stack; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R31, Gamma_R8, Gamma_VF, Gamma_ZF, Gamma_stack, NF, R31, R8, VF, ZF, stack; free requires (memory_load64_le(mem, 69664bv64) == 0bv64); free requires (memory_load64_le(mem, 69672bv64) == 69672bv64); free requires (memory_load8_le(mem, 1936bv64) == 1bv8); @@ -98,16 +106,8 @@ implementation main() { var #4: bv32; var #5: bv32; - var CF: bv1; var Gamma_#4: bool; var Gamma_#5: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; @@ -138,7 +138,7 @@ implementation main() l00000360: assume {:captureState "l00000360"} true; assert Gamma_R8; - goto l00000360_goto_l00000368, l00000360_goto_l0000039a; + goto l00000360_goto_l0000039a, l00000360_goto_l00000368; l0000039a: assume {:captureState "l0000039a"} true; goto l0000039b; @@ -152,7 +152,7 @@ implementation main() NF, Gamma_NF := bvadd32(#5, 1bv32)[32:31], Gamma_#5; R8, Gamma_R8 := zero_extend32_32(bvadd32(#5, 1bv32)), Gamma_#5; assert Gamma_ZF; - goto l0000039b_goto_l000003c4, l0000039b_goto_l000003c7; + goto l0000039b_goto_l000003c7, l0000039b_goto_l000003c4; l000003c7: assume {:captureState "l000003c7"} true; R8, Gamma_R8 := 1bv64, true; diff --git a/src/test/correct/switch/clang_no_plt_no_pic/switch.expected b/src/test/correct/switch/clang_no_plt_no_pic/switch.expected index 6a652efbf..0ce028181 100644 --- a/src/test/correct/switch/clang_no_plt_no_pic/switch.expected +++ b/src/test/correct/switch/clang_no_plt_no_pic/switch.expected @@ -1,9 +1,17 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R31: bool; var {:extern} Gamma_R8: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R31: bv64; var {:extern} R8: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $_IO_stdin_used_addr: bv64; @@ -72,7 +80,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies Gamma_R31, Gamma_R8, Gamma_stack, R31, R8, stack; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R31, Gamma_R8, Gamma_VF, Gamma_ZF, Gamma_stack, NF, R31, R8, VF, ZF, stack; free requires (memory_load64_le(mem, 69664bv64) == 0bv64); free requires (memory_load64_le(mem, 69672bv64) == 69672bv64); free requires (memory_load8_le(mem, 1936bv64) == 1bv8); @@ -98,16 +106,8 @@ implementation main() { var #4: bv32; var #5: bv32; - var CF: bv1; var Gamma_#4: bool; var Gamma_#5: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; @@ -138,7 +138,7 @@ implementation main() l00000a15: assume {:captureState "l00000a15"} true; assert Gamma_R8; - goto l00000a15_goto_l00000a1d, l00000a15_goto_l00000a4f; + goto l00000a15_goto_l00000a4f, l00000a15_goto_l00000a1d; l00000a4f: assume {:captureState "l00000a4f"} true; goto l00000a50; @@ -164,7 +164,7 @@ implementation main() l00000a7f: assume {:captureState "l00000a7f"} true; assert Gamma_R8; - goto l00000a7f_goto_l00000a3e, l00000a7f_goto_l00000a8c; + goto l00000a7f_goto_l00000a8c, l00000a7f_goto_l00000a3e; l00000a3e: assume {:captureState "l00000a3e"} true; R8, Gamma_R8 := 5bv64, true; diff --git a/src/test/correct/switch/clang_pic/switch.expected b/src/test/correct/switch/clang_pic/switch.expected index 6a652efbf..f9f250451 100644 --- a/src/test/correct/switch/clang_pic/switch.expected +++ b/src/test/correct/switch/clang_pic/switch.expected @@ -1,9 +1,17 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R31: bool; var {:extern} Gamma_R8: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R31: bv64; var {:extern} R8: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $_IO_stdin_used_addr: bv64; @@ -72,7 +80,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies Gamma_R31, Gamma_R8, Gamma_stack, R31, R8, stack; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R31, Gamma_R8, Gamma_VF, Gamma_ZF, Gamma_stack, NF, R31, R8, VF, ZF, stack; free requires (memory_load64_le(mem, 69664bv64) == 0bv64); free requires (memory_load64_le(mem, 69672bv64) == 69672bv64); free requires (memory_load8_le(mem, 1936bv64) == 1bv8); @@ -98,16 +106,8 @@ implementation main() { var #4: bv32; var #5: bv32; - var CF: bv1; var Gamma_#4: bool; var Gamma_#5: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; @@ -126,7 +126,7 @@ implementation main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l00000a0f, lmain_goto_l00000a12; + goto lmain_goto_l00000a12, lmain_goto_l00000a0f; l00000a12: assume {:captureState "l00000a12"} true; R8, Gamma_R8 := 1bv64, true; @@ -138,7 +138,7 @@ implementation main() l00000a15: assume {:captureState "l00000a15"} true; assert Gamma_R8; - goto l00000a15_goto_l00000a1d, l00000a15_goto_l00000a4f; + goto l00000a15_goto_l00000a4f, l00000a15_goto_l00000a1d; l00000a4f: assume {:captureState "l00000a4f"} true; goto l00000a50; @@ -164,7 +164,7 @@ implementation main() l00000a7f: assume {:captureState "l00000a7f"} true; assert Gamma_R8; - goto l00000a7f_goto_l00000a3e, l00000a7f_goto_l00000a8c; + goto l00000a7f_goto_l00000a8c, l00000a7f_goto_l00000a3e; l00000a3e: assume {:captureState "l00000a3e"} true; R8, Gamma_R8 := 5bv64, true; diff --git a/src/test/correct/switch/gcc/switch.expected b/src/test/correct/switch/gcc/switch.expected index dbcad0f6e..f397cb204 100644 --- a/src/test/correct/switch/gcc/switch.expected +++ b/src/test/correct/switch/gcc/switch.expected @@ -1,9 +1,17 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $_IO_stdin_used_addr: bv64; @@ -72,7 +80,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies Gamma_R0, Gamma_R31, Gamma_stack, R0, R31, stack; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_VF, Gamma_ZF, Gamma_stack, NF, R0, R31, VF, ZF, stack; free requires (memory_load64_le(mem, 69632bv64) == 0bv64); free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); free requires (memory_load8_le(mem, 1916bv64) == 1bv8); @@ -98,16 +106,8 @@ implementation main() { var #4: bv32; var #5: bv32; - var CF: bv1; var Gamma_#4: bool; var Gamma_#5: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; @@ -133,7 +133,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#5, 1bv32), 0bv32), Gamma_#5; NF, Gamma_NF := bvadd32(#5, 1bv32)[32:31], Gamma_#5; assert Gamma_ZF; - goto l0000036b_goto_l0000035c, l0000036b_goto_l00000391; + goto l0000036b_goto_l00000391, l0000036b_goto_l0000035c; l0000035c: assume {:captureState "l0000035c"} true; R0, Gamma_R0 := 5bv64, true; diff --git a/src/test/correct/switch/gcc_no_plt_no_pic/switch.expected b/src/test/correct/switch/gcc_no_plt_no_pic/switch.expected index b0e94c9ff..fac5f0e72 100644 --- a/src/test/correct/switch/gcc_no_plt_no_pic/switch.expected +++ b/src/test/correct/switch/gcc_no_plt_no_pic/switch.expected @@ -1,9 +1,17 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $_IO_stdin_used_addr: bv64; @@ -72,7 +80,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies Gamma_R0, Gamma_R31, Gamma_stack, R0, R31, stack; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_VF, Gamma_ZF, Gamma_stack, NF, R0, R31, VF, ZF, stack; free requires (memory_load64_le(mem, 69632bv64) == 0bv64); free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); free requires (memory_load8_le(mem, 1916bv64) == 1bv8); @@ -98,16 +106,8 @@ implementation main() { var #4: bv32; var #5: bv32; - var CF: bv1; var Gamma_#4: bool; var Gamma_#5: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; diff --git a/src/test/correct/switch/gcc_pic/switch.expected b/src/test/correct/switch/gcc_pic/switch.expected index b0e94c9ff..7247b5016 100644 --- a/src/test/correct/switch/gcc_pic/switch.expected +++ b/src/test/correct/switch/gcc_pic/switch.expected @@ -1,9 +1,17 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $_IO_stdin_used_addr: bv64; @@ -72,7 +80,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies Gamma_R0, Gamma_R31, Gamma_stack, R0, R31, stack; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_VF, Gamma_ZF, Gamma_stack, NF, R0, R31, VF, ZF, stack; free requires (memory_load64_le(mem, 69632bv64) == 0bv64); free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); free requires (memory_load8_le(mem, 1916bv64) == 1bv8); @@ -98,16 +106,8 @@ implementation main() { var #4: bv32; var #5: bv32; - var CF: bv1; var Gamma_#4: bool; var Gamma_#5: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; @@ -123,7 +123,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#4, 1bv32), 0bv32), Gamma_#4; NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l00000998, lmain_goto_l000009ca; + goto lmain_goto_l000009ca, lmain_goto_l00000998; l000009ca: assume {:captureState "l000009ca"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); @@ -133,7 +133,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#5, 1bv32), 0bv32), Gamma_#5; NF, Gamma_NF := bvadd32(#5, 1bv32)[32:31], Gamma_#5; assert Gamma_ZF; - goto l000009ca_goto_l000009bb, l000009ca_goto_l000009f0; + goto l000009ca_goto_l000009f0, l000009ca_goto_l000009bb; l000009bb: assume {:captureState "l000009bb"} true; R0, Gamma_R0 := 5bv64, true; diff --git a/src/test/correct/switch2/gcc/switch2.expected b/src/test/correct/switch2/gcc/switch2.expected index 0b80a0dc2..3932da079 100644 --- a/src/test/correct/switch2/gcc/switch2.expected +++ b/src/test/correct/switch2/gcc/switch2.expected @@ -1,15 +1,23 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R1: bool; var {:extern} Gamma_R29: bool; var {:extern} Gamma_R30: bool; var {:extern} Gamma_R31: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R1: bv64; var {:extern} R29: bv64; var {:extern} R30: bv64; var {:extern} R31: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; function {:extern} {:bvbuiltin "bvadd"} bvadd32(bv32, bv32) returns (bv32); @@ -89,7 +97,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies Gamma_R0, Gamma_R29, Gamma_R30, Gamma_R31, Gamma_stack, R0, R29, R30, R31, stack; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R29, Gamma_R30, Gamma_R31, Gamma_VF, Gamma_ZF, Gamma_stack, NF, R0, R29, R30, R31, VF, ZF, stack; requires (Gamma_R0 == true); free requires (memory_load64_le(mem, 69632bv64) == 0bv64); free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); @@ -125,7 +133,6 @@ implementation main() var #7: bv32; var #8: bv32; var #9: bv32; - var CF: bv1; var Gamma_#10: bool; var Gamma_#11: bool; var Gamma_#12: bool; @@ -135,13 +142,6 @@ implementation main() var Gamma_#7: bool; var Gamma_#8: bool; var Gamma_#9: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; lmain: assume {:captureState "lmain"} true; #4, Gamma_#4 := bvadd64(R31, 18446744073709551568bv64), Gamma_R31; @@ -180,7 +180,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#6, 1bv32), 0bv32), Gamma_#6; NF, Gamma_NF := bvadd32(#6, 1bv32)[32:31], Gamma_#6; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l00000408_goto_l000003e2, l00000408_goto_l00000430; + goto l00000408_goto_l00000430, l00000408_goto_l000003e2; l00000430: assume {:captureState "l00000430"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -210,7 +210,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#9, 1bv32), 0bv32), Gamma_#9; NF, Gamma_NF := bvadd32(#9, 1bv32)[32:31], Gamma_#9; assert Gamma_ZF; - goto l0000048f_goto_l000004b0, l0000048f_goto_l000004e2; + goto l0000048f_goto_l000004e2, l0000048f_goto_l000004b0; l000004b0: assume {:captureState "l000004b0"} true; R30, Gamma_R30 := 1944bv64, true; @@ -230,7 +230,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#10, 1bv32), 0bv32), Gamma_#10; NF, Gamma_NF := bvadd32(#10, 1bv32)[32:31], Gamma_#10; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l000004e2_goto_l0000050a, l000004e2_goto_l000003e2; + goto l000004e2_goto_l000003e2, l000004e2_goto_l0000050a; l0000050a: assume {:captureState "l0000050a"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -240,7 +240,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#11, 1bv32), 0bv32), Gamma_#11; NF, Gamma_NF := bvadd32(#11, 1bv32)[32:31], Gamma_#11; assert Gamma_ZF; - goto l0000050a_goto_l000004c4, l0000050a_goto_l00000530; + goto l0000050a_goto_l00000530, l0000050a_goto_l000004c4; l000004c4: assume {:captureState "l000004c4"} true; R0, Gamma_R0 := 1bv64, true; @@ -256,7 +256,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#12, 1bv32), 0bv32), Gamma_#12; NF, Gamma_NF := bvadd32(#12, 1bv32)[32:31], Gamma_#12; assert Gamma_ZF; - goto l00000530_goto_l000004d5, l00000530_goto_l00000556; + goto l00000530_goto_l00000556, l00000530_goto_l000004d5; l000004d5: assume {:captureState "l000004d5"} true; R0, Gamma_R0 := 2bv64, true; diff --git a/src/test/correct/switch2/gcc_no_plt_no_pic/switch2.expected b/src/test/correct/switch2/gcc_no_plt_no_pic/switch2.expected index 7b5b056df..16bc01cbe 100644 --- a/src/test/correct/switch2/gcc_no_plt_no_pic/switch2.expected +++ b/src/test/correct/switch2/gcc_no_plt_no_pic/switch2.expected @@ -1,15 +1,23 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R1: bool; var {:extern} Gamma_R29: bool; var {:extern} Gamma_R30: bool; var {:extern} Gamma_R31: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R1: bv64; var {:extern} R29: bv64; var {:extern} R30: bv64; var {:extern} R31: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; function {:extern} {:bvbuiltin "bvadd"} bvadd32(bv32, bv32) returns (bv32); @@ -89,7 +97,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies Gamma_R0, Gamma_R29, Gamma_R30, Gamma_R31, Gamma_stack, R0, R29, R30, R31, stack; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R29, Gamma_R30, Gamma_R31, Gamma_VF, Gamma_ZF, Gamma_stack, NF, R0, R29, R30, R31, VF, ZF, stack; requires (Gamma_R0 == true); free requires (memory_load64_le(mem, 69632bv64) == 0bv64); free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); @@ -125,7 +133,6 @@ implementation main() var #7: bv32; var #8: bv32; var #9: bv32; - var CF: bv1; var Gamma_#10: bool; var Gamma_#11: bool; var Gamma_#12: bool; @@ -135,13 +142,6 @@ implementation main() var Gamma_#7: bool; var Gamma_#8: bool; var Gamma_#9: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; lmain: assume {:captureState "lmain"} true; #4, Gamma_#4 := bvadd64(R31, 18446744073709551568bv64), Gamma_R31; @@ -164,7 +164,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#5, 1bv32), 0bv32), Gamma_#5; NF, Gamma_NF := bvadd32(#5, 1bv32)[32:31], Gamma_#5; assert Gamma_ZF; - goto lmain_goto_l00000c2f, lmain_goto_l00000c67; + goto lmain_goto_l00000c67, lmain_goto_l00000c2f; l00000c2f: assume {:captureState "l00000c2f"} true; R0, Gamma_R0 := 4bv64, true; @@ -180,7 +180,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#6, 1bv32), 0bv32), Gamma_#6; NF, Gamma_NF := bvadd32(#6, 1bv32)[32:31], Gamma_#6; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l00000c67_goto_l00000c41, l00000c67_goto_l00000c8f; + goto l00000c67_goto_l00000c8f, l00000c67_goto_l00000c41; l00000c8f: assume {:captureState "l00000c8f"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -190,7 +190,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#7, 1bv32), 0bv32), Gamma_#7; NF, Gamma_NF := bvadd32(#7, 1bv32)[32:31], Gamma_#7; assert Gamma_ZF; - goto l00000c8f_goto_l00000cb0, l00000c8f_goto_l00000cc6; + goto l00000c8f_goto_l00000cc6, l00000c8f_goto_l00000cb0; l00000cc6: assume {:captureState "l00000cc6"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -210,7 +210,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#9, 1bv32), 0bv32), Gamma_#9; NF, Gamma_NF := bvadd32(#9, 1bv32)[32:31], Gamma_#9; assert Gamma_ZF; - goto l00000cee_goto_l00000d41, l00000cee_goto_l00000d0f; + goto l00000cee_goto_l00000d0f, l00000cee_goto_l00000d41; l00000d0f: assume {:captureState "l00000d0f"} true; R30, Gamma_R30 := 1944bv64, true; @@ -240,7 +240,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#11, 1bv32), 0bv32), Gamma_#11; NF, Gamma_NF := bvadd32(#11, 1bv32)[32:31], Gamma_#11; assert Gamma_ZF; - goto l00000d69_goto_l00000d8f, l00000d69_goto_l00000d23; + goto l00000d69_goto_l00000d23, l00000d69_goto_l00000d8f; l00000d23: assume {:captureState "l00000d23"} true; R0, Gamma_R0 := 1bv64, true; @@ -256,7 +256,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#12, 1bv32), 0bv32), Gamma_#12; NF, Gamma_NF := bvadd32(#12, 1bv32)[32:31], Gamma_#12; assert Gamma_ZF; - goto l00000d8f_goto_l00000d34, l00000d8f_goto_l00000db5; + goto l00000d8f_goto_l00000db5, l00000d8f_goto_l00000d34; l00000d34: assume {:captureState "l00000d34"} true; R0, Gamma_R0 := 2bv64, true; diff --git a/src/test/correct/switch2/gcc_pic/switch2.expected b/src/test/correct/switch2/gcc_pic/switch2.expected index 7b5b056df..3f254f943 100644 --- a/src/test/correct/switch2/gcc_pic/switch2.expected +++ b/src/test/correct/switch2/gcc_pic/switch2.expected @@ -1,15 +1,23 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R1: bool; var {:extern} Gamma_R29: bool; var {:extern} Gamma_R30: bool; var {:extern} Gamma_R31: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R1: bv64; var {:extern} R29: bv64; var {:extern} R30: bv64; var {:extern} R31: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; function {:extern} {:bvbuiltin "bvadd"} bvadd32(bv32, bv32) returns (bv32); @@ -89,7 +97,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies Gamma_R0, Gamma_R29, Gamma_R30, Gamma_R31, Gamma_stack, R0, R29, R30, R31, stack; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R29, Gamma_R30, Gamma_R31, Gamma_VF, Gamma_ZF, Gamma_stack, NF, R0, R29, R30, R31, VF, ZF, stack; requires (Gamma_R0 == true); free requires (memory_load64_le(mem, 69632bv64) == 0bv64); free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); @@ -125,7 +133,6 @@ implementation main() var #7: bv32; var #8: bv32; var #9: bv32; - var CF: bv1; var Gamma_#10: bool; var Gamma_#11: bool; var Gamma_#12: bool; @@ -135,13 +142,6 @@ implementation main() var Gamma_#7: bool; var Gamma_#8: bool; var Gamma_#9: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; lmain: assume {:captureState "lmain"} true; #4, Gamma_#4 := bvadd64(R31, 18446744073709551568bv64), Gamma_R31; @@ -190,7 +190,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#7, 1bv32), 0bv32), Gamma_#7; NF, Gamma_NF := bvadd32(#7, 1bv32)[32:31], Gamma_#7; assert Gamma_ZF; - goto l00000c8f_goto_l00000cb0, l00000c8f_goto_l00000cc6; + goto l00000c8f_goto_l00000cc6, l00000c8f_goto_l00000cb0; l00000cc6: assume {:captureState "l00000cc6"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -200,7 +200,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#8, 1bv32), 0bv32), Gamma_#8; NF, Gamma_NF := bvadd32(#8, 1bv32)[32:31], Gamma_#8; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l00000cc6_goto_l00000cee, l00000cc6_goto_l00000c41; + goto l00000cc6_goto_l00000c41, l00000cc6_goto_l00000cee; l00000cee: assume {:captureState "l00000cee"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -230,7 +230,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#10, 1bv32), 0bv32), Gamma_#10; NF, Gamma_NF := bvadd32(#10, 1bv32)[32:31], Gamma_#10; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l00000d41_goto_l00000d69, l00000d41_goto_l00000c41; + goto l00000d41_goto_l00000c41, l00000d41_goto_l00000d69; l00000d69: assume {:captureState "l00000d69"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); diff --git a/src/test/correct/syscall/gcc_O2/syscall.expected b/src/test/correct/syscall/gcc_O2/syscall.expected index 616be9705..fcb66403d 100644 --- a/src/test/correct/syscall/gcc_O2/syscall.expected +++ b/src/test/correct/syscall/gcc_O2/syscall.expected @@ -1,4 +1,8 @@ +var {:extern} Gamma_R16: bool; +var {:extern} Gamma_R17: bool; var {:extern} Gamma_mem: [bv64]bool; +var {:extern} R16: bv64; +var {:extern} R17: bv64; var {:extern} mem: [bv64]bv8; const {:extern} $_IO_stdin_used_addr: bv64; axiom ($_IO_stdin_used_addr == 1960bv64); @@ -41,6 +45,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure fork(); + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load64_le(mem, 69632bv64) == 0bv64); free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); free requires (memory_load8_le(mem, 1960bv64) == 1bv8); diff --git a/src/test/correct/using_gamma_conditional/clang/using_gamma_conditional.expected b/src/test/correct/using_gamma_conditional/clang/using_gamma_conditional.expected index 62f7b98ac..492def287 100644 --- a/src/test/correct/using_gamma_conditional/clang/using_gamma_conditional.expected +++ b/src/test/correct/using_gamma_conditional/clang/using_gamma_conditional.expected @@ -1,11 +1,19 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; var {:extern} Gamma_R8: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; var {:extern} R8: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $x_addr: bv64; @@ -89,7 +97,7 @@ implementation {:extern} guarantee_reflexive() } procedure main(); - modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_mem, Gamma_stack, R0, R31, R8, mem, stack; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_R8, Gamma_VF, Gamma_ZF, Gamma_mem, Gamma_stack, NF, R0, R31, R8, VF, ZF, mem, stack; requires (gamma_load32(Gamma_mem, $x_addr) == true); free requires (memory_load64_le(mem, 69664bv64) == 0bv64); free requires (memory_load64_le(mem, 69672bv64) == 69672bv64); @@ -115,15 +123,7 @@ procedure main(); implementation main() { var #4: bv32; - var CF: bv1; var Gamma_#4: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; @@ -139,7 +139,7 @@ implementation main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l00000325, lmain_goto_l00000322; + goto lmain_goto_l00000322, lmain_goto_l00000325; l00000325: assume {:captureState "l00000325"} true; R8, Gamma_R8 := 1bv64, true; diff --git a/src/test/correct/using_gamma_conditional/clang_O2/using_gamma_conditional.expected b/src/test/correct/using_gamma_conditional/clang_O2/using_gamma_conditional.expected index 05b23af86..bafc4645c 100644 --- a/src/test/correct/using_gamma_conditional/clang_O2/using_gamma_conditional.expected +++ b/src/test/correct/using_gamma_conditional/clang_O2/using_gamma_conditional.expected @@ -1,8 +1,16 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R8: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R8: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; const {:extern} $x_addr: bv64; axiom ($x_addr == 69684bv64); @@ -77,7 +85,7 @@ implementation {:extern} guarantee_reflexive() } procedure main(); - modifies Gamma_R0, Gamma_R8, Gamma_mem, R0, R8, mem; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R8, Gamma_VF, Gamma_ZF, Gamma_mem, NF, R0, R8, VF, ZF, mem; requires (gamma_load32(Gamma_mem, $x_addr) == true); free requires (memory_load64_le(mem, 69664bv64) == 0bv64); free requires (memory_load64_le(mem, 69672bv64) == 69672bv64); @@ -101,15 +109,7 @@ procedure main(); implementation main() { var #4: bv32; - var CF: bv1; var Gamma_#4: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; lmain: assume {:captureState "lmain"} true; R8, Gamma_R8 := 69632bv64, true; @@ -121,7 +121,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#4, 1bv32), 0bv32), Gamma_#4; NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l000002e5, lmain_goto_l000002e8; + goto lmain_goto_l000002e8, lmain_goto_l000002e5; l000002e8: assume {:captureState "l000002e8"} true; R0, Gamma_R0 := 1bv64, true; diff --git a/src/test/correct/using_gamma_conditional/clang_no_plt_no_pic/using_gamma_conditional.expected b/src/test/correct/using_gamma_conditional/clang_no_plt_no_pic/using_gamma_conditional.expected index 16225a823..0949c6569 100644 --- a/src/test/correct/using_gamma_conditional/clang_no_plt_no_pic/using_gamma_conditional.expected +++ b/src/test/correct/using_gamma_conditional/clang_no_plt_no_pic/using_gamma_conditional.expected @@ -1,11 +1,19 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; var {:extern} Gamma_R8: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; var {:extern} R8: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $x_addr: bv64; @@ -89,7 +97,7 @@ implementation {:extern} guarantee_reflexive() } procedure main(); - modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_mem, Gamma_stack, R0, R31, R8, mem, stack; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_R8, Gamma_VF, Gamma_ZF, Gamma_mem, Gamma_stack, NF, R0, R31, R8, VF, ZF, mem, stack; requires (gamma_load32(Gamma_mem, $x_addr) == true); free requires (memory_load64_le(mem, 69664bv64) == 0bv64); free requires (memory_load64_le(mem, 69672bv64) == 69672bv64); @@ -115,15 +123,7 @@ procedure main(); implementation main() { var #4: bv32; - var CF: bv1; var Gamma_#4: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; @@ -139,7 +139,7 @@ implementation main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l0000093d, lmain_goto_l00000940; + goto lmain_goto_l00000940, lmain_goto_l0000093d; l00000940: assume {:captureState "l00000940"} true; R8, Gamma_R8 := 1bv64, true; @@ -151,7 +151,7 @@ implementation main() l00000943: assume {:captureState "l00000943"} true; assert Gamma_R8; - goto l00000943_goto_l00000973, l00000943_goto_l0000094b; + goto l00000943_goto_l0000094b, l00000943_goto_l00000973; l0000094b: assume {:captureState "l0000094b"} true; R8, Gamma_R8 := 1bv64, true; diff --git a/src/test/correct/using_gamma_conditional/clang_pic/using_gamma_conditional.expected b/src/test/correct/using_gamma_conditional/clang_pic/using_gamma_conditional.expected index 6ace33958..5e37d4c27 100644 --- a/src/test/correct/using_gamma_conditional/clang_pic/using_gamma_conditional.expected +++ b/src/test/correct/using_gamma_conditional/clang_pic/using_gamma_conditional.expected @@ -1,11 +1,19 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; var {:extern} Gamma_R8: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; var {:extern} R8: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $x_addr: bv64; @@ -94,7 +102,7 @@ implementation {:extern} guarantee_reflexive() } procedure main(); - modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_mem, Gamma_stack, R0, R31, R8, mem, stack; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_R8, Gamma_VF, Gamma_ZF, Gamma_mem, Gamma_stack, NF, R0, R31, R8, VF, ZF, mem, stack; requires (gamma_load32(Gamma_mem, $x_addr) == true); free requires (memory_load64_le(mem, 69664bv64) == 0bv64); free requires (memory_load64_le(mem, 69672bv64) == 69672bv64); @@ -122,15 +130,7 @@ procedure main(); implementation main() { var #4: bv32; - var CF: bv1; var Gamma_#4: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; diff --git a/src/test/correct/using_gamma_conditional/gcc/using_gamma_conditional.expected b/src/test/correct/using_gamma_conditional/gcc/using_gamma_conditional.expected index 306130a16..58b6324e1 100644 --- a/src/test/correct/using_gamma_conditional/gcc/using_gamma_conditional.expected +++ b/src/test/correct/using_gamma_conditional/gcc/using_gamma_conditional.expected @@ -1,6 +1,14 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R0: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; const {:extern} $x_addr: bv64; axiom ($x_addr == 69652bv64); @@ -75,7 +83,7 @@ implementation {:extern} guarantee_reflexive() } procedure main(); - modifies Gamma_R0, Gamma_mem, R0, mem; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_VF, Gamma_ZF, Gamma_mem, NF, R0, VF, ZF, mem; requires (gamma_load32(Gamma_mem, $x_addr) == true); free requires (memory_load64_le(mem, 69632bv64) == 0bv64); free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); @@ -99,15 +107,7 @@ procedure main(); implementation main() { var #4: bv32; - var CF: bv1; var Gamma_#4: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; lmain: assume {:captureState "lmain"} true; R0, Gamma_R0 := 69632bv64, true; @@ -120,7 +120,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#4, 1bv32), 0bv32), Gamma_#4; NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l000002fa, lmain_goto_l00000309; + goto lmain_goto_l00000309, lmain_goto_l000002fa; l000002fa: assume {:captureState "l000002fa"} true; R0, Gamma_R0 := 1bv64, true; diff --git a/src/test/correct/using_gamma_conditional/gcc_O2/using_gamma_conditional.expected b/src/test/correct/using_gamma_conditional/gcc_O2/using_gamma_conditional.expected index 5110cd257..08fd9338d 100644 --- a/src/test/correct/using_gamma_conditional/gcc_O2/using_gamma_conditional.expected +++ b/src/test/correct/using_gamma_conditional/gcc_O2/using_gamma_conditional.expected @@ -1,6 +1,14 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R0: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; const {:extern} $x_addr: bv64; axiom ($x_addr == 69652bv64); @@ -75,7 +83,7 @@ implementation {:extern} guarantee_reflexive() } procedure main(); - modifies Gamma_R0, Gamma_mem, R0, mem; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_VF, Gamma_ZF, Gamma_mem, NF, R0, VF, ZF, mem; requires (gamma_load32(Gamma_mem, $x_addr) == true); free requires (memory_load64_le(mem, 69632bv64) == 0bv64); free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); @@ -99,15 +107,7 @@ procedure main(); implementation main() { var #1: bv32; - var CF: bv1; var Gamma_#1: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; lmain: assume {:captureState "lmain"} true; R0, Gamma_R0 := 69632bv64, true; @@ -119,7 +119,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#1, 1bv32), 0bv32), Gamma_#1; NF, Gamma_NF := bvadd32(#1, 1bv32)[32:31], Gamma_#1; assert Gamma_ZF; - goto lmain_goto_l000001d2, lmain_goto_l000001cf; + goto lmain_goto_l000001cf, lmain_goto_l000001d2; l000001d2: assume {:captureState "l000001d2"} true; R0, Gamma_R0 := 1bv64, true; diff --git a/src/test/correct/using_gamma_conditional/gcc_no_plt_no_pic/using_gamma_conditional.expected b/src/test/correct/using_gamma_conditional/gcc_no_plt_no_pic/using_gamma_conditional.expected index 7c57465d3..2cb9a14c6 100644 --- a/src/test/correct/using_gamma_conditional/gcc_no_plt_no_pic/using_gamma_conditional.expected +++ b/src/test/correct/using_gamma_conditional/gcc_no_plt_no_pic/using_gamma_conditional.expected @@ -1,6 +1,14 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R0: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; const {:extern} $x_addr: bv64; axiom ($x_addr == 69652bv64); @@ -75,7 +83,7 @@ implementation {:extern} guarantee_reflexive() } procedure main(); - modifies Gamma_R0, Gamma_mem, R0, mem; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_VF, Gamma_ZF, Gamma_mem, NF, R0, VF, ZF, mem; requires (gamma_load32(Gamma_mem, $x_addr) == true); free requires (memory_load64_le(mem, 69632bv64) == 0bv64); free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); @@ -99,15 +107,7 @@ procedure main(); implementation main() { var #4: bv32; - var CF: bv1; var Gamma_#4: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; lmain: assume {:captureState "lmain"} true; R0, Gamma_R0 := 69632bv64, true; @@ -120,7 +120,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#4, 1bv32), 0bv32), Gamma_#4; NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l000008c2, lmain_goto_l000008b3; + goto lmain_goto_l000008b3, lmain_goto_l000008c2; l000008b3: assume {:captureState "l000008b3"} true; R0, Gamma_R0 := 1bv64, true; diff --git a/src/test/correct/using_gamma_conditional/gcc_pic/using_gamma_conditional.expected b/src/test/correct/using_gamma_conditional/gcc_pic/using_gamma_conditional.expected index 8bfc79117..c10bec040 100644 --- a/src/test/correct/using_gamma_conditional/gcc_pic/using_gamma_conditional.expected +++ b/src/test/correct/using_gamma_conditional/gcc_pic/using_gamma_conditional.expected @@ -1,6 +1,14 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R0: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; const {:extern} $x_addr: bv64; axiom ($x_addr == 69652bv64); @@ -80,7 +88,7 @@ implementation {:extern} guarantee_reflexive() } procedure main(); - modifies Gamma_R0, Gamma_mem, R0, mem; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_VF, Gamma_ZF, Gamma_mem, NF, R0, VF, ZF, mem; requires (gamma_load32(Gamma_mem, $x_addr) == true); free requires (memory_load64_le(mem, 69632bv64) == 0bv64); free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); @@ -106,15 +114,7 @@ procedure main(); implementation main() { var #4: bv32; - var CF: bv1; var Gamma_#4: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; lmain: assume {:captureState "lmain"} true; R0, Gamma_R0 := 65536bv64, true; @@ -128,7 +128,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#4, 1bv32), 0bv32), Gamma_#4; NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l000002fb, lmain_goto_l0000030a; + goto lmain_goto_l0000030a, lmain_goto_l000002fb; l000002fb: assume {:captureState "l000002fb"} true; R0, Gamma_R0 := 1bv64, true; diff --git a/src/test/incorrect/iflocal/clang/iflocal.expected b/src/test/incorrect/iflocal/clang/iflocal.expected index 9e64ca4aa..2ac7e5717 100644 --- a/src/test/incorrect/iflocal/clang/iflocal.expected +++ b/src/test/incorrect/iflocal/clang/iflocal.expected @@ -1,11 +1,19 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; var {:extern} Gamma_R8: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; var {:extern} R8: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; function {:extern} {:bvbuiltin "bvadd"} bvadd32(bv32, bv32) returns (bv32); @@ -72,7 +80,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_stack, R0, R31, R8, stack; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_R8, Gamma_VF, Gamma_ZF, Gamma_stack, NF, R0, R31, R8, VF, ZF, stack; free requires (memory_load64_le(mem, 69664bv64) == 0bv64); free requires (memory_load64_le(mem, 69672bv64) == 69672bv64); free requires (memory_load8_le(mem, 1896bv64) == 1bv8); @@ -97,15 +105,7 @@ procedure main(); implementation main() { var #4: bv32; - var CF: bv1; var Gamma_#4: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; @@ -124,7 +124,7 @@ implementation main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l00000337, lmain_goto_l00000334; + goto lmain_goto_l00000334, lmain_goto_l00000337; l00000337: assume {:captureState "l00000337"} true; R8, Gamma_R8 := 1bv64, true; @@ -136,7 +136,7 @@ implementation main() l0000033a: assume {:captureState "l0000033a"} true; assert Gamma_R8; - goto l0000033a_goto_l00000359, l0000033a_goto_l00000342; + goto l0000033a_goto_l00000342, l0000033a_goto_l00000359; l00000359: assume {:captureState "l00000359"} true; goto l0000035a; diff --git a/src/test/incorrect/iflocal/clang_no_plt_no_pic/iflocal.expected b/src/test/incorrect/iflocal/clang_no_plt_no_pic/iflocal.expected index fe970c7e9..d65b1519d 100644 --- a/src/test/incorrect/iflocal/clang_no_plt_no_pic/iflocal.expected +++ b/src/test/incorrect/iflocal/clang_no_plt_no_pic/iflocal.expected @@ -1,11 +1,19 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; var {:extern} Gamma_R8: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; var {:extern} R8: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; function {:extern} {:bvbuiltin "bvadd"} bvadd32(bv32, bv32) returns (bv32); @@ -72,7 +80,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_stack, R0, R31, R8, stack; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_R8, Gamma_VF, Gamma_ZF, Gamma_stack, NF, R0, R31, R8, VF, ZF, stack; free requires (memory_load64_le(mem, 69664bv64) == 0bv64); free requires (memory_load64_le(mem, 69672bv64) == 69672bv64); free requires (memory_load8_le(mem, 1896bv64) == 1bv8); @@ -97,15 +105,7 @@ procedure main(); implementation main() { var #4: bv32; - var CF: bv1; var Gamma_#4: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; @@ -124,7 +124,7 @@ implementation main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l00000956, lmain_goto_l00000959; + goto lmain_goto_l00000959, lmain_goto_l00000956; l00000959: assume {:captureState "l00000959"} true; R8, Gamma_R8 := 1bv64, true; @@ -136,7 +136,7 @@ implementation main() l0000095c: assume {:captureState "l0000095c"} true; assert Gamma_R8; - goto l0000095c_goto_l00000964, l0000095c_goto_l0000097b; + goto l0000095c_goto_l0000097b, l0000095c_goto_l00000964; l0000097b: assume {:captureState "l0000097b"} true; goto l0000097c; diff --git a/src/test/incorrect/iflocal/clang_pic/iflocal.expected b/src/test/incorrect/iflocal/clang_pic/iflocal.expected index fe970c7e9..d65b1519d 100644 --- a/src/test/incorrect/iflocal/clang_pic/iflocal.expected +++ b/src/test/incorrect/iflocal/clang_pic/iflocal.expected @@ -1,11 +1,19 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; var {:extern} Gamma_R8: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; var {:extern} R8: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; function {:extern} {:bvbuiltin "bvadd"} bvadd32(bv32, bv32) returns (bv32); @@ -72,7 +80,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_stack, R0, R31, R8, stack; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_R8, Gamma_VF, Gamma_ZF, Gamma_stack, NF, R0, R31, R8, VF, ZF, stack; free requires (memory_load64_le(mem, 69664bv64) == 0bv64); free requires (memory_load64_le(mem, 69672bv64) == 69672bv64); free requires (memory_load8_le(mem, 1896bv64) == 1bv8); @@ -97,15 +105,7 @@ procedure main(); implementation main() { var #4: bv32; - var CF: bv1; var Gamma_#4: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; @@ -124,7 +124,7 @@ implementation main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l00000956, lmain_goto_l00000959; + goto lmain_goto_l00000959, lmain_goto_l00000956; l00000959: assume {:captureState "l00000959"} true; R8, Gamma_R8 := 1bv64, true; @@ -136,7 +136,7 @@ implementation main() l0000095c: assume {:captureState "l0000095c"} true; assert Gamma_R8; - goto l0000095c_goto_l00000964, l0000095c_goto_l0000097b; + goto l0000095c_goto_l0000097b, l0000095c_goto_l00000964; l0000097b: assume {:captureState "l0000097b"} true; goto l0000097c; diff --git a/src/test/incorrect/iflocal/gcc/iflocal.expected b/src/test/incorrect/iflocal/gcc/iflocal.expected index 78557ab71..9b449da49 100644 --- a/src/test/incorrect/iflocal/gcc/iflocal.expected +++ b/src/test/incorrect/iflocal/gcc/iflocal.expected @@ -1,9 +1,17 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; function {:extern} {:bvbuiltin "bvadd"} bvadd32(bv32, bv32) returns (bv32); @@ -70,7 +78,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies Gamma_R0, Gamma_R31, Gamma_stack, R0, R31, stack; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_VF, Gamma_ZF, Gamma_stack, NF, R0, R31, VF, ZF, stack; free requires (memory_load64_le(mem, 69632bv64) == 0bv64); free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); free requires (memory_load8_le(mem, 1880bv64) == 1bv8); @@ -95,15 +103,7 @@ procedure main(); implementation main() { var #4: bv32; - var CF: bv1; var Gamma_#4: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551584bv64), Gamma_R31; diff --git a/src/test/incorrect/iflocal/gcc_no_plt_no_pic/iflocal.expected b/src/test/incorrect/iflocal/gcc_no_plt_no_pic/iflocal.expected index 0ce1d7ed2..ea4389931 100644 --- a/src/test/incorrect/iflocal/gcc_no_plt_no_pic/iflocal.expected +++ b/src/test/incorrect/iflocal/gcc_no_plt_no_pic/iflocal.expected @@ -1,9 +1,17 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; function {:extern} {:bvbuiltin "bvadd"} bvadd32(bv32, bv32) returns (bv32); @@ -70,7 +78,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies Gamma_R0, Gamma_R31, Gamma_stack, R0, R31, stack; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_VF, Gamma_ZF, Gamma_stack, NF, R0, R31, VF, ZF, stack; free requires (memory_load64_le(mem, 69632bv64) == 0bv64); free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); free requires (memory_load8_le(mem, 1880bv64) == 1bv8); @@ -95,15 +103,7 @@ procedure main(); implementation main() { var #4: bv32; - var CF: bv1; var Gamma_#4: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551584bv64), Gamma_R31; diff --git a/src/test/incorrect/iflocal/gcc_pic/iflocal.expected b/src/test/incorrect/iflocal/gcc_pic/iflocal.expected index 0ce1d7ed2..ea4389931 100644 --- a/src/test/incorrect/iflocal/gcc_pic/iflocal.expected +++ b/src/test/incorrect/iflocal/gcc_pic/iflocal.expected @@ -1,9 +1,17 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; function {:extern} {:bvbuiltin "bvadd"} bvadd32(bv32, bv32) returns (bv32); @@ -70,7 +78,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies Gamma_R0, Gamma_R31, Gamma_stack, R0, R31, stack; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_VF, Gamma_ZF, Gamma_stack, NF, R0, R31, VF, ZF, stack; free requires (memory_load64_le(mem, 69632bv64) == 0bv64); free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); free requires (memory_load8_le(mem, 1880bv64) == 1bv8); @@ -95,15 +103,7 @@ procedure main(); implementation main() { var #4: bv32; - var CF: bv1; var Gamma_#4: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551584bv64), Gamma_R31; diff --git a/src/test/incorrect/malloc_memcpy_strlen_memset_free/clang_O2/malloc_memcpy_strlen_memset_free.expected b/src/test/incorrect/malloc_memcpy_strlen_memset_free/clang_O2/malloc_memcpy_strlen_memset_free.expected index e2a86f07c..b3c33e870 100644 --- a/src/test/incorrect/malloc_memcpy_strlen_memset_free/clang_O2/malloc_memcpy_strlen_memset_free.expected +++ b/src/test/incorrect/malloc_memcpy_strlen_memset_free/clang_O2/malloc_memcpy_strlen_memset_free.expected @@ -33,11 +33,11 @@ var {:extern} malloc_end: [bv64]bv8; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $buf_addr: bv64; -axiom ($buf_addr == 131192bv64); +axiom ($buf_addr == 69752bv64); const {:extern} $password_addr: bv64; -axiom ($password_addr == 131168bv64); +axiom ($password_addr == 69728bv64); const {:extern} $stext_addr: bv64; -axiom ($stext_addr == 131169bv64); +axiom ($stext_addr == 69729bv64); function {:extern} L(memory: [bv64]bv8, index: bv64) returns (bool) { false } @@ -88,14 +88,14 @@ procedure {:extern} rely(); modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); - free ensures (memory_load8_le(mem, 2484bv64) == 1bv8); - free ensures (memory_load8_le(mem, 2485bv64) == 0bv8); - free ensures (memory_load8_le(mem, 2486bv64) == 2bv8); - free ensures (memory_load8_le(mem, 2487bv64) == 0bv8); - free ensures (memory_load64_le(mem, 130488bv64) == 2320bv64); - free ensures (memory_load64_le(mem, 130496bv64) == 2240bv64); - free ensures (memory_load64_le(mem, 131032bv64) == 2324bv64); - free ensures (memory_load64_le(mem, 131160bv64) == 131160bv64); + free ensures (memory_load8_le(mem, 2420bv64) == 1bv8); + free ensures (memory_load8_le(mem, 2421bv64) == 0bv8); + free ensures (memory_load8_le(mem, 2422bv64) == 2bv8); + free ensures (memory_load8_le(mem, 2423bv64) == 0bv8); + free ensures (memory_load64_le(mem, 69064bv64) == 2256bv64); + free ensures (memory_load64_le(mem, 69072bv64) == 2176bv64); + free ensures (memory_load64_le(mem, 69592bv64) == 2260bv64); + free ensures (memory_load64_le(mem, 69720bv64) == 69720bv64); procedure {:extern} rely_transitive(); modifies Gamma_mem, mem; @@ -116,22 +116,22 @@ procedure {:extern} guarantee_reflexive(); procedure #free(); modifies Gamma_R16, Gamma_R17, R16, R17; requires (forall i : int, j: bv64 :: (malloc_base[i] == R0 && bvuge64(j, R0) && bvult64(j, malloc_end[i])) ==> Gamma_mem[j]); - free requires (memory_load8_le(mem, 2484bv64) == 1bv8); - free requires (memory_load8_le(mem, 2485bv64) == 0bv8); - free requires (memory_load8_le(mem, 2486bv64) == 2bv8); - free requires (memory_load8_le(mem, 2487bv64) == 0bv8); - free requires (memory_load64_le(mem, 130488bv64) == 2320bv64); - free requires (memory_load64_le(mem, 130496bv64) == 2240bv64); - free requires (memory_load64_le(mem, 131032bv64) == 2324bv64); - free requires (memory_load64_le(mem, 131160bv64) == 131160bv64); - free ensures (memory_load8_le(mem, 2484bv64) == 1bv8); - free ensures (memory_load8_le(mem, 2485bv64) == 0bv8); - free ensures (memory_load8_le(mem, 2486bv64) == 2bv8); - free ensures (memory_load8_le(mem, 2487bv64) == 0bv8); - free ensures (memory_load64_le(mem, 130488bv64) == 2320bv64); - free ensures (memory_load64_le(mem, 130496bv64) == 2240bv64); - free ensures (memory_load64_le(mem, 131032bv64) == 2324bv64); - free ensures (memory_load64_le(mem, 131160bv64) == 131160bv64); + free requires (memory_load8_le(mem, 2420bv64) == 1bv8); + free requires (memory_load8_le(mem, 2421bv64) == 0bv8); + free requires (memory_load8_le(mem, 2422bv64) == 2bv8); + free requires (memory_load8_le(mem, 2423bv64) == 0bv8); + free requires (memory_load64_le(mem, 69064bv64) == 2256bv64); + free requires (memory_load64_le(mem, 69072bv64) == 2176bv64); + free requires (memory_load64_le(mem, 69592bv64) == 2260bv64); + free requires (memory_load64_le(mem, 69720bv64) == 69720bv64); + free ensures (memory_load8_le(mem, 2420bv64) == 1bv8); + free ensures (memory_load8_le(mem, 2421bv64) == 0bv8); + free ensures (memory_load8_le(mem, 2422bv64) == 2bv8); + free ensures (memory_load8_le(mem, 2423bv64) == 0bv8); + free ensures (memory_load64_le(mem, 69064bv64) == 2256bv64); + free ensures (memory_load64_le(mem, 69072bv64) == 2176bv64); + free ensures (memory_load64_le(mem, 69592bv64) == 2260bv64); + free ensures (memory_load64_le(mem, 69720bv64) == 69720bv64); procedure main(); modifies Gamma_R0, Gamma_R1, Gamma_R16, Gamma_R17, Gamma_R19, Gamma_R2, Gamma_R20, Gamma_R21, Gamma_R29, Gamma_R30, Gamma_R31, Gamma_R8, Gamma_malloc_base, Gamma_malloc_count, Gamma_malloc_end, Gamma_mem, Gamma_stack, R0, R1, R16, R17, R19, R2, R20, R21, R29, R30, R31, R8, malloc_base, malloc_count, malloc_end, mem, stack; @@ -139,42 +139,42 @@ procedure main(); requires malloc_count == 0; requires gamma_load32(Gamma_mem, memory_load64_le(mem, $stext_addr)); requires R31 == 100bv64; - free requires (memory_load8_le(mem, 131152bv64) == 0bv8); - free requires (memory_load8_le(mem, 131153bv64) == 0bv8); - free requires (memory_load8_le(mem, 131154bv64) == 0bv8); - free requires (memory_load8_le(mem, 131155bv64) == 0bv8); - free requires (memory_load8_le(mem, 131156bv64) == 0bv8); - free requires (memory_load8_le(mem, 131157bv64) == 0bv8); - free requires (memory_load8_le(mem, 131158bv64) == 0bv8); - free requires (memory_load8_le(mem, 131159bv64) == 0bv8); - free requires (memory_load8_le(mem, 131160bv64) == 88bv8); - free requires (memory_load8_le(mem, 131161bv64) == 0bv8); - free requires (memory_load8_le(mem, 131162bv64) == 2bv8); - free requires (memory_load8_le(mem, 131163bv64) == 0bv8); - free requires (memory_load8_le(mem, 131164bv64) == 0bv8); - free requires (memory_load8_le(mem, 131165bv64) == 0bv8); - free requires (memory_load8_le(mem, 131166bv64) == 0bv8); - free requires (memory_load8_le(mem, 131167bv64) == 0bv8); - free requires (memory_load8_le(mem, 131168bv64) == 7bv8); - free requires (memory_load8_le(mem, 131169bv64) == 117bv8); - free requires (memory_load8_le(mem, 131170bv64) == 115bv8); - free requires (memory_load8_le(mem, 131171bv64) == 101bv8); - free requires (memory_load8_le(mem, 131172bv64) == 114bv8); - free requires (memory_load8_le(mem, 131173bv64) == 58bv8); - free requires (memory_load8_le(mem, 131174bv64) == 112bv8); - free requires (memory_load8_le(mem, 131175bv64) == 97bv8); - free requires (memory_load8_le(mem, 131176bv64) == 115bv8); - free requires (memory_load8_le(mem, 131177bv64) == 115bv8); - free requires (memory_load8_le(mem, 131178bv64) == 0bv8); - free requires (memory_load8_le(mem, 131179bv64) == 0bv8); - free requires (memory_load8_le(mem, 2484bv64) == 1bv8); - free requires (memory_load8_le(mem, 2485bv64) == 0bv8); - free requires (memory_load8_le(mem, 2486bv64) == 2bv8); - free requires (memory_load8_le(mem, 2487bv64) == 0bv8); - free requires (memory_load64_le(mem, 130488bv64) == 2320bv64); - free requires (memory_load64_le(mem, 130496bv64) == 2240bv64); - free requires (memory_load64_le(mem, 131032bv64) == 2324bv64); - free requires (memory_load64_le(mem, 131160bv64) == 131160bv64); + free requires (memory_load8_le(mem, 69712bv64) == 0bv8); + free requires (memory_load8_le(mem, 69713bv64) == 0bv8); + free requires (memory_load8_le(mem, 69714bv64) == 0bv8); + free requires (memory_load8_le(mem, 69715bv64) == 0bv8); + free requires (memory_load8_le(mem, 69716bv64) == 0bv8); + free requires (memory_load8_le(mem, 69717bv64) == 0bv8); + free requires (memory_load8_le(mem, 69718bv64) == 0bv8); + free requires (memory_load8_le(mem, 69719bv64) == 0bv8); + free requires (memory_load8_le(mem, 69720bv64) == 88bv8); + free requires (memory_load8_le(mem, 69721bv64) == 16bv8); + free requires (memory_load8_le(mem, 69722bv64) == 1bv8); + free requires (memory_load8_le(mem, 69723bv64) == 0bv8); + free requires (memory_load8_le(mem, 69724bv64) == 0bv8); + free requires (memory_load8_le(mem, 69725bv64) == 0bv8); + free requires (memory_load8_le(mem, 69726bv64) == 0bv8); + free requires (memory_load8_le(mem, 69727bv64) == 0bv8); + free requires (memory_load8_le(mem, 69728bv64) == 7bv8); + free requires (memory_load8_le(mem, 69729bv64) == 117bv8); + free requires (memory_load8_le(mem, 69730bv64) == 115bv8); + free requires (memory_load8_le(mem, 69731bv64) == 101bv8); + free requires (memory_load8_le(mem, 69732bv64) == 114bv8); + free requires (memory_load8_le(mem, 69733bv64) == 58bv8); + free requires (memory_load8_le(mem, 69734bv64) == 112bv8); + free requires (memory_load8_le(mem, 69735bv64) == 97bv8); + free requires (memory_load8_le(mem, 69736bv64) == 115bv8); + free requires (memory_load8_le(mem, 69737bv64) == 115bv8); + free requires (memory_load8_le(mem, 69738bv64) == 0bv8); + free requires (memory_load8_le(mem, 69739bv64) == 0bv8); + free requires (memory_load8_le(mem, 2420bv64) == 1bv8); + free requires (memory_load8_le(mem, 2421bv64) == 0bv8); + free requires (memory_load8_le(mem, 2422bv64) == 2bv8); + free requires (memory_load8_le(mem, 2423bv64) == 0bv8); + free requires (memory_load64_le(mem, 69064bv64) == 2256bv64); + free requires (memory_load64_le(mem, 69072bv64) == 2176bv64); + free requires (memory_load64_le(mem, 69592bv64) == 2260bv64); + free requires (memory_load64_le(mem, 69720bv64) == 69720bv64); free ensures (Gamma_R19 == old(Gamma_R19)); free ensures (Gamma_R20 == old(Gamma_R20)); free ensures (Gamma_R21 == old(Gamma_R21)); @@ -185,14 +185,14 @@ procedure main(); free ensures (R21 == old(R21)); free ensures (R29 == old(R29)); free ensures (R31 == old(R31)); - free ensures (memory_load8_le(mem, 2484bv64) == 1bv8); - free ensures (memory_load8_le(mem, 2485bv64) == 0bv8); - free ensures (memory_load8_le(mem, 2486bv64) == 2bv8); - free ensures (memory_load8_le(mem, 2487bv64) == 0bv8); - free ensures (memory_load64_le(mem, 130488bv64) == 2320bv64); - free ensures (memory_load64_le(mem, 130496bv64) == 2240bv64); - free ensures (memory_load64_le(mem, 131032bv64) == 2324bv64); - free ensures (memory_load64_le(mem, 131160bv64) == 131160bv64); + free ensures (memory_load8_le(mem, 2420bv64) == 1bv8); + free ensures (memory_load8_le(mem, 2421bv64) == 0bv8); + free ensures (memory_load8_le(mem, 2422bv64) == 2bv8); + free ensures (memory_load8_le(mem, 2423bv64) == 0bv8); + free ensures (memory_load64_le(mem, 69064bv64) == 2256bv64); + free ensures (memory_load64_le(mem, 69072bv64) == 2176bv64); + free ensures (memory_load64_le(mem, 69592bv64) == 2260bv64); + free ensures (memory_load64_le(mem, 69720bv64) == 69720bv64); implementation main() { @@ -219,13 +219,13 @@ implementation main() assume {:captureState "%00000364"} true; R29, Gamma_R29 := R31, Gamma_R31; R0, Gamma_R0 := 11bv64, true; - R30, Gamma_R30 := 2348bv64, true; + R30, Gamma_R30 := 2284bv64, true; call malloc(); goto l00000379; l00000379: assume {:captureState "l00000379"} true; - R21, Gamma_R21 := 131072bv64, true; - R20, Gamma_R20 := 131072bv64, true; + R21, Gamma_R21 := 69632bv64, true; + R20, Gamma_R20 := 69632bv64, true; R20, Gamma_R20 := bvadd64(R20, 97bv64), Gamma_R20; R19, Gamma_R19 := R0, Gamma_R0; call rely(); @@ -233,7 +233,7 @@ implementation main() mem, Gamma_mem := memory_store64_le(mem, bvadd64(R21, 120bv64), R0), gamma_store64(Gamma_mem, bvadd64(R21, 120bv64), Gamma_R0); assume {:captureState "%00000395"} true; R0, Gamma_R0 := R20, Gamma_R20; - R30, Gamma_R30 := 2376bv64, true; + R30, Gamma_R30 := 2312bv64, true; call strlen(); goto l000003a5; l000003a5: @@ -241,13 +241,13 @@ implementation main() R2, Gamma_R2 := R0, Gamma_R0; R0, Gamma_R0 := R19, Gamma_R19; R1, Gamma_R1 := R20, Gamma_R20; - R30, Gamma_R30 := 2392bv64, true; + R30, Gamma_R30 := 2328bv64, true; call memcpy(); goto l000003bf; l000003bf: assume {:captureState "l000003bf"} true; R0, Gamma_R0 := R19, Gamma_R19; - R30, Gamma_R30 := 2400bv64, true; + R30, Gamma_R30 := 2336bv64, true; call puts(); goto l000003cd; l000003cd: @@ -261,7 +261,7 @@ implementation main() call rely(); R19, Gamma_R19 := memory_load64_le(mem, bvadd64(R21, 120bv64)), (gamma_load64(Gamma_mem, bvadd64(R21, 120bv64)) || L(mem, bvadd64(R21, 120bv64))); R0, Gamma_R0 := R19, Gamma_R19; - R30, Gamma_R30 := 2420bv64, true; + R30, Gamma_R30 := 2356bv64, true; call strlen(); goto l000003ef; l000003ef: @@ -269,14 +269,14 @@ implementation main() R2, Gamma_R2 := R0, Gamma_R0; R0, Gamma_R0 := R19, Gamma_R19; R1, Gamma_R1 := 1bv64, true; - R30, Gamma_R30 := 2436bv64, true; + R30, Gamma_R30 := 2372bv64, true; call memset(); goto l00000408; l00000408: assume {:captureState "l00000408"} true; call rely(); R0, Gamma_R0 := memory_load64_le(mem, bvadd64(R21, 120bv64)), (gamma_load64(Gamma_mem, bvadd64(R21, 120bv64)) || L(mem, bvadd64(R21, 120bv64))); - R30, Gamma_R30 := 2444bv64, true; + R30, Gamma_R30 := 2380bv64, true; call #free(); goto l00000417; l00000417: @@ -299,14 +299,14 @@ procedure malloc(); modifies Gamma_R0, Gamma_R16, Gamma_R17, Gamma_malloc_base, Gamma_malloc_count, Gamma_malloc_end, R0, R16, R17, malloc_base, malloc_count, malloc_end; requires bvugt64(R0, 0bv64); requires Gamma_R0 == true; - free requires (memory_load8_le(mem, 2484bv64) == 1bv8); - free requires (memory_load8_le(mem, 2485bv64) == 0bv8); - free requires (memory_load8_le(mem, 2486bv64) == 2bv8); - free requires (memory_load8_le(mem, 2487bv64) == 0bv8); - free requires (memory_load64_le(mem, 130488bv64) == 2320bv64); - free requires (memory_load64_le(mem, 130496bv64) == 2240bv64); - free requires (memory_load64_le(mem, 131032bv64) == 2324bv64); - free requires (memory_load64_le(mem, 131160bv64) == 131160bv64); + free requires (memory_load8_le(mem, 2420bv64) == 1bv8); + free requires (memory_load8_le(mem, 2421bv64) == 0bv8); + free requires (memory_load8_le(mem, 2422bv64) == 2bv8); + free requires (memory_load8_le(mem, 2423bv64) == 0bv8); + free requires (memory_load64_le(mem, 69064bv64) == 2256bv64); + free requires (memory_load64_le(mem, 69072bv64) == 2176bv64); + free requires (memory_load64_le(mem, 69592bv64) == 2260bv64); + free requires (memory_load64_le(mem, 69720bv64) == 69720bv64); ensures ((memory_load64_le(mem, $buf_addr) == old(memory_load64_le(mem, $buf_addr))) && (memory_load8_le(mem, $password_addr) == old(memory_load8_le(mem, $password_addr)))); ensures Gamma_R0 == true; ensures malloc_count == old(malloc_count) + 1; @@ -317,100 +317,100 @@ procedure malloc(); ensures (forall i: int :: i != malloc_count ==> malloc_base[i] == old(malloc_base[i]) && malloc_end[i] == old(malloc_end[i])); ensures bvuge64(R0, 100000000bv64); ensures (forall i : bv64 :: (bvuge64(i, R0) && bvult64(i, bvadd64(R0, old(R0)))) ==> (Gamma_mem[i] && gamma_load8(Gamma_mem, i))); - free ensures (memory_load8_le(mem, 2484bv64) == 1bv8); - free ensures (memory_load8_le(mem, 2485bv64) == 0bv8); - free ensures (memory_load8_le(mem, 2486bv64) == 2bv8); - free ensures (memory_load8_le(mem, 2487bv64) == 0bv8); - free ensures (memory_load64_le(mem, 130488bv64) == 2320bv64); - free ensures (memory_load64_le(mem, 130496bv64) == 2240bv64); - free ensures (memory_load64_le(mem, 131032bv64) == 2324bv64); - free ensures (memory_load64_le(mem, 131160bv64) == 131160bv64); + free ensures (memory_load8_le(mem, 2420bv64) == 1bv8); + free ensures (memory_load8_le(mem, 2421bv64) == 0bv8); + free ensures (memory_load8_le(mem, 2422bv64) == 2bv8); + free ensures (memory_load8_le(mem, 2423bv64) == 0bv8); + free ensures (memory_load64_le(mem, 69064bv64) == 2256bv64); + free ensures (memory_load64_le(mem, 69072bv64) == 2176bv64); + free ensures (memory_load64_le(mem, 69592bv64) == 2260bv64); + free ensures (memory_load64_le(mem, 69720bv64) == 69720bv64); procedure memcpy(); modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; - free requires (memory_load8_le(mem, 2484bv64) == 1bv8); - free requires (memory_load8_le(mem, 2485bv64) == 0bv8); - free requires (memory_load8_le(mem, 2486bv64) == 2bv8); - free requires (memory_load8_le(mem, 2487bv64) == 0bv8); - free requires (memory_load64_le(mem, 130488bv64) == 2320bv64); - free requires (memory_load64_le(mem, 130496bv64) == 2240bv64); - free requires (memory_load64_le(mem, 131032bv64) == 2324bv64); - free requires (memory_load64_le(mem, 131160bv64) == 131160bv64); + free requires (memory_load8_le(mem, 2420bv64) == 1bv8); + free requires (memory_load8_le(mem, 2421bv64) == 0bv8); + free requires (memory_load8_le(mem, 2422bv64) == 2bv8); + free requires (memory_load8_le(mem, 2423bv64) == 0bv8); + free requires (memory_load64_le(mem, 69064bv64) == 2256bv64); + free requires (memory_load64_le(mem, 69072bv64) == 2176bv64); + free requires (memory_load64_le(mem, 69592bv64) == 2260bv64); + free requires (memory_load64_le(mem, 69720bv64) == 69720bv64); ensures ((memory_load64_le(mem, $buf_addr) == old(memory_load64_le(mem, $buf_addr))) && (memory_load8_le(mem, $password_addr) == old(memory_load8_le(mem, $password_addr)))); ensures (forall i: bv64 :: (Gamma_mem[i] == if (bvule64(R0, i) && bvult64(i, bvadd64(R0, R2))) then gamma_load8((Gamma_mem), bvadd64(bvsub64(i, R0), R1)) else old(gamma_load8(Gamma_mem, i)))); ensures (forall i: bv64 :: (mem[i] == if (bvule64(R0, i) && bvult64(i,bvadd64(R0, R2))) then memory_load8_le((mem), bvadd64(bvsub64(i, R0), R1)) else old(memory_load8_le(mem, i)))); - free ensures (memory_load8_le(mem, 2484bv64) == 1bv8); - free ensures (memory_load8_le(mem, 2485bv64) == 0bv8); - free ensures (memory_load8_le(mem, 2486bv64) == 2bv8); - free ensures (memory_load8_le(mem, 2487bv64) == 0bv8); - free ensures (memory_load64_le(mem, 130488bv64) == 2320bv64); - free ensures (memory_load64_le(mem, 130496bv64) == 2240bv64); - free ensures (memory_load64_le(mem, 131032bv64) == 2324bv64); - free ensures (memory_load64_le(mem, 131160bv64) == 131160bv64); + free ensures (memory_load8_le(mem, 2420bv64) == 1bv8); + free ensures (memory_load8_le(mem, 2421bv64) == 0bv8); + free ensures (memory_load8_le(mem, 2422bv64) == 2bv8); + free ensures (memory_load8_le(mem, 2423bv64) == 0bv8); + free ensures (memory_load64_le(mem, 69064bv64) == 2256bv64); + free ensures (memory_load64_le(mem, 69072bv64) == 2176bv64); + free ensures (memory_load64_le(mem, 69592bv64) == 2260bv64); + free ensures (memory_load64_le(mem, 69720bv64) == 69720bv64); procedure memset(); modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; requires Gamma_R1; - free requires (memory_load8_le(mem, 2484bv64) == 1bv8); - free requires (memory_load8_le(mem, 2485bv64) == 0bv8); - free requires (memory_load8_le(mem, 2486bv64) == 2bv8); - free requires (memory_load8_le(mem, 2487bv64) == 0bv8); - free requires (memory_load64_le(mem, 130488bv64) == 2320bv64); - free requires (memory_load64_le(mem, 130496bv64) == 2240bv64); - free requires (memory_load64_le(mem, 131032bv64) == 2324bv64); - free requires (memory_load64_le(mem, 131160bv64) == 131160bv64); + free requires (memory_load8_le(mem, 2420bv64) == 1bv8); + free requires (memory_load8_le(mem, 2421bv64) == 0bv8); + free requires (memory_load8_le(mem, 2422bv64) == 2bv8); + free requires (memory_load8_le(mem, 2423bv64) == 0bv8); + free requires (memory_load64_le(mem, 69064bv64) == 2256bv64); + free requires (memory_load64_le(mem, 69072bv64) == 2176bv64); + free requires (memory_load64_le(mem, 69592bv64) == 2260bv64); + free requires (memory_load64_le(mem, 69720bv64) == 69720bv64); ensures ((memory_load64_le(mem, $buf_addr) == old(memory_load64_le(mem, $buf_addr))) && (memory_load8_le(mem, $password_addr) == old(memory_load8_le(mem, $password_addr)))); ensures (forall i: bv64 :: (Gamma_mem[i] == if (bvule64(R0, i) && bvult64(i,bvadd64(R0, R2))) then Gamma_R1 else old(gamma_load8(Gamma_mem, i)))); ensures (forall i: bv64 :: (mem[i] == if (bvule64(R0, i) && bvult64(i,bvadd64(R0, R2))) then R1[8:0] else old(memory_load8_le(mem, i)))); - free ensures (memory_load8_le(mem, 2484bv64) == 1bv8); - free ensures (memory_load8_le(mem, 2485bv64) == 0bv8); - free ensures (memory_load8_le(mem, 2486bv64) == 2bv8); - free ensures (memory_load8_le(mem, 2487bv64) == 0bv8); - free ensures (memory_load64_le(mem, 130488bv64) == 2320bv64); - free ensures (memory_load64_le(mem, 130496bv64) == 2240bv64); - free ensures (memory_load64_le(mem, 131032bv64) == 2324bv64); - free ensures (memory_load64_le(mem, 131160bv64) == 131160bv64); + free ensures (memory_load8_le(mem, 2420bv64) == 1bv8); + free ensures (memory_load8_le(mem, 2421bv64) == 0bv8); + free ensures (memory_load8_le(mem, 2422bv64) == 2bv8); + free ensures (memory_load8_le(mem, 2423bv64) == 0bv8); + free ensures (memory_load64_le(mem, 69064bv64) == 2256bv64); + free ensures (memory_load64_le(mem, 69072bv64) == 2176bv64); + free ensures (memory_load64_le(mem, 69592bv64) == 2260bv64); + free ensures (memory_load64_le(mem, 69720bv64) == 69720bv64); procedure puts(); modifies Gamma_R16, Gamma_R17, R16, R17; - free requires (memory_load8_le(mem, 2484bv64) == 1bv8); - free requires (memory_load8_le(mem, 2485bv64) == 0bv8); - free requires (memory_load8_le(mem, 2486bv64) == 2bv8); - free requires (memory_load8_le(mem, 2487bv64) == 0bv8); - free requires (memory_load64_le(mem, 130488bv64) == 2320bv64); - free requires (memory_load64_le(mem, 130496bv64) == 2240bv64); - free requires (memory_load64_le(mem, 131032bv64) == 2324bv64); - free requires (memory_load64_le(mem, 131160bv64) == 131160bv64); - free ensures (memory_load8_le(mem, 2484bv64) == 1bv8); - free ensures (memory_load8_le(mem, 2485bv64) == 0bv8); - free ensures (memory_load8_le(mem, 2486bv64) == 2bv8); - free ensures (memory_load8_le(mem, 2487bv64) == 0bv8); - free ensures (memory_load64_le(mem, 130488bv64) == 2320bv64); - free ensures (memory_load64_le(mem, 130496bv64) == 2240bv64); - free ensures (memory_load64_le(mem, 131032bv64) == 2324bv64); - free ensures (memory_load64_le(mem, 131160bv64) == 131160bv64); + free requires (memory_load8_le(mem, 2420bv64) == 1bv8); + free requires (memory_load8_le(mem, 2421bv64) == 0bv8); + free requires (memory_load8_le(mem, 2422bv64) == 2bv8); + free requires (memory_load8_le(mem, 2423bv64) == 0bv8); + free requires (memory_load64_le(mem, 69064bv64) == 2256bv64); + free requires (memory_load64_le(mem, 69072bv64) == 2176bv64); + free requires (memory_load64_le(mem, 69592bv64) == 2260bv64); + free requires (memory_load64_le(mem, 69720bv64) == 69720bv64); + free ensures (memory_load8_le(mem, 2420bv64) == 1bv8); + free ensures (memory_load8_le(mem, 2421bv64) == 0bv8); + free ensures (memory_load8_le(mem, 2422bv64) == 2bv8); + free ensures (memory_load8_le(mem, 2423bv64) == 0bv8); + free ensures (memory_load64_le(mem, 69064bv64) == 2256bv64); + free ensures (memory_load64_le(mem, 69072bv64) == 2176bv64); + free ensures (memory_load64_le(mem, 69592bv64) == 2260bv64); + free ensures (memory_load64_le(mem, 69720bv64) == 69720bv64); procedure strlen(); modifies Gamma_R0, Gamma_R16, Gamma_R17, R0, R16, R17; - free requires (memory_load8_le(mem, 2484bv64) == 1bv8); - free requires (memory_load8_le(mem, 2485bv64) == 0bv8); - free requires (memory_load8_le(mem, 2486bv64) == 2bv8); - free requires (memory_load8_le(mem, 2487bv64) == 0bv8); - free requires (memory_load64_le(mem, 130488bv64) == 2320bv64); - free requires (memory_load64_le(mem, 130496bv64) == 2240bv64); - free requires (memory_load64_le(mem, 131032bv64) == 2324bv64); - free requires (memory_load64_le(mem, 131160bv64) == 131160bv64); + free requires (memory_load8_le(mem, 2420bv64) == 1bv8); + free requires (memory_load8_le(mem, 2421bv64) == 0bv8); + free requires (memory_load8_le(mem, 2422bv64) == 2bv8); + free requires (memory_load8_le(mem, 2423bv64) == 0bv8); + free requires (memory_load64_le(mem, 69064bv64) == 2256bv64); + free requires (memory_load64_le(mem, 69072bv64) == 2176bv64); + free requires (memory_load64_le(mem, 69592bv64) == 2260bv64); + free requires (memory_load64_le(mem, 69720bv64) == 69720bv64); ensures (((memory_load64_le(mem, $buf_addr) == old(memory_load64_le(mem, $buf_addr))) && (memory_load8_le(mem, $password_addr) == old(memory_load8_le(mem, $password_addr)))) && (memory_load8_le(mem, $stext_addr) == old(memory_load8_le(mem, $stext_addr)))); ensures Gamma_R0 == true; ensures (forall i: bv64 :: (bvule64(old(R0), i)) && (bvult64(i, bvadd64(old(R0), R0))) ==> mem[i] != 0bv8); ensures (memory_load8_le(mem, bvadd64(old(R0), R0)) == 0bv8); ensures (bvult64(old(R0), bvadd64(bvadd64(old(R0), R0), 1bv64))); - free ensures (memory_load8_le(mem, 2484bv64) == 1bv8); - free ensures (memory_load8_le(mem, 2485bv64) == 0bv8); - free ensures (memory_load8_le(mem, 2486bv64) == 2bv8); - free ensures (memory_load8_le(mem, 2487bv64) == 0bv8); - free ensures (memory_load64_le(mem, 130488bv64) == 2320bv64); - free ensures (memory_load64_le(mem, 130496bv64) == 2240bv64); - free ensures (memory_load64_le(mem, 131032bv64) == 2324bv64); - free ensures (memory_load64_le(mem, 131160bv64) == 131160bv64); + free ensures (memory_load8_le(mem, 2420bv64) == 1bv8); + free ensures (memory_load8_le(mem, 2421bv64) == 0bv8); + free ensures (memory_load8_le(mem, 2422bv64) == 2bv8); + free ensures (memory_load8_le(mem, 2423bv64) == 0bv8); + free ensures (memory_load64_le(mem, 69064bv64) == 2256bv64); + free ensures (memory_load64_le(mem, 69072bv64) == 2176bv64); + free ensures (memory_load64_le(mem, 69592bv64) == 2260bv64); + free ensures (memory_load64_le(mem, 69720bv64) == 69720bv64); diff --git a/src/test/incorrect/malloc_memcpy_strlen_memset_free/gcc_O2/malloc_memcpy_strlen_memset_free.expected b/src/test/incorrect/malloc_memcpy_strlen_memset_free/gcc_O2/malloc_memcpy_strlen_memset_free.expected index 699c5028e..b73ca0312 100644 --- a/src/test/incorrect/malloc_memcpy_strlen_memset_free/gcc_O2/malloc_memcpy_strlen_memset_free.expected +++ b/src/test/incorrect/malloc_memcpy_strlen_memset_free/gcc_O2/malloc_memcpy_strlen_memset_free.expected @@ -7,6 +7,7 @@ var {:extern} Gamma_R2: bool; var {:extern} Gamma_R20: bool; var {:extern} Gamma_R21: bool; var {:extern} Gamma_R29: bool; +var {:extern} Gamma_R3: bool; var {:extern} Gamma_R30: bool; var {:extern} Gamma_R31: bool; var {:extern} Gamma_malloc_base: [bv64]bool; @@ -23,6 +24,7 @@ var {:extern} R2: bv64; var {:extern} R20: bv64; var {:extern} R21: bv64; var {:extern} R29: bv64; +var {:extern} R3: bv64; var {:extern} R30: bv64; var {:extern} R31: bv64; var {:extern} malloc_base: [bv64]bv8; @@ -31,11 +33,11 @@ var {:extern} malloc_end: [bv64]bv8; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $buf_addr: bv64; -axiom ($buf_addr == 131192bv64); +axiom ($buf_addr == 69672bv64); const {:extern} $password_addr: bv64; -axiom ($password_addr == 131179bv64); +axiom ($password_addr == 69659bv64); const {:extern} $stext_addr: bv64; -axiom ($stext_addr == 131168bv64); +axiom ($stext_addr == 69648bv64); function {:extern} L(memory: [bv64]bv8, index: bv64) returns (bool) { false } @@ -90,10 +92,10 @@ procedure {:extern} rely(); free ensures (memory_load8_le(mem, 2473bv64) == 0bv8); free ensures (memory_load8_le(mem, 2474bv64) == 2bv8); free ensures (memory_load8_le(mem, 2475bv64) == 0bv8); - free ensures (memory_load64_le(mem, 130504bv64) == 2448bv64); - free ensures (memory_load64_le(mem, 130512bv64) == 2368bv64); - free ensures (memory_load64_le(mem, 131032bv64) == 1984bv64); - free ensures (memory_load64_le(mem, 131160bv64) == 131160bv64); + free ensures (memory_load64_le(mem, 68968bv64) == 2448bv64); + free ensures (memory_load64_le(mem, 68976bv64) == 2368bv64); + free ensures (memory_load64_le(mem, 69616bv64) == 1984bv64); + free ensures (memory_load64_le(mem, 69640bv64) == 69640bv64); procedure {:extern} rely_transitive(); modifies Gamma_mem, mem; @@ -111,6 +113,25 @@ procedure {:extern} rely_reflexive(); procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; +procedure __memcpy_chk(); + modifies Gamma_R16, Gamma_R17, R16, R17; + free requires (memory_load8_le(mem, 2472bv64) == 1bv8); + free requires (memory_load8_le(mem, 2473bv64) == 0bv8); + free requires (memory_load8_le(mem, 2474bv64) == 2bv8); + free requires (memory_load8_le(mem, 2475bv64) == 0bv8); + free requires (memory_load64_le(mem, 68968bv64) == 2448bv64); + free requires (memory_load64_le(mem, 68976bv64) == 2368bv64); + free requires (memory_load64_le(mem, 69616bv64) == 1984bv64); + free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); + free ensures (memory_load8_le(mem, 2472bv64) == 1bv8); + free ensures (memory_load8_le(mem, 2473bv64) == 0bv8); + free ensures (memory_load8_le(mem, 2474bv64) == 2bv8); + free ensures (memory_load8_le(mem, 2475bv64) == 0bv8); + free ensures (memory_load64_le(mem, 68968bv64) == 2448bv64); + free ensures (memory_load64_le(mem, 68976bv64) == 2368bv64); + free ensures (memory_load64_le(mem, 69616bv64) == 1984bv64); + free ensures (memory_load64_le(mem, 69640bv64) == 69640bv64); + procedure #free(); modifies Gamma_R16, Gamma_R17, R16, R17; requires (forall i : int, j: bv64 :: (malloc_base[i] == R0 && bvuge64(j, R0) && bvult64(j, malloc_end[i])) ==> Gamma_mem[j]); @@ -118,61 +139,61 @@ procedure #free(); free requires (memory_load8_le(mem, 2473bv64) == 0bv8); free requires (memory_load8_le(mem, 2474bv64) == 2bv8); free requires (memory_load8_le(mem, 2475bv64) == 0bv8); - free requires (memory_load64_le(mem, 130504bv64) == 2448bv64); - free requires (memory_load64_le(mem, 130512bv64) == 2368bv64); - free requires (memory_load64_le(mem, 131032bv64) == 1984bv64); - free requires (memory_load64_le(mem, 131160bv64) == 131160bv64); + free requires (memory_load64_le(mem, 68968bv64) == 2448bv64); + free requires (memory_load64_le(mem, 68976bv64) == 2368bv64); + free requires (memory_load64_le(mem, 69616bv64) == 1984bv64); + free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); free ensures (memory_load8_le(mem, 2472bv64) == 1bv8); free ensures (memory_load8_le(mem, 2473bv64) == 0bv8); free ensures (memory_load8_le(mem, 2474bv64) == 2bv8); free ensures (memory_load8_le(mem, 2475bv64) == 0bv8); - free ensures (memory_load64_le(mem, 130504bv64) == 2448bv64); - free ensures (memory_load64_le(mem, 130512bv64) == 2368bv64); - free ensures (memory_load64_le(mem, 131032bv64) == 1984bv64); - free ensures (memory_load64_le(mem, 131160bv64) == 131160bv64); + free ensures (memory_load64_le(mem, 68968bv64) == 2448bv64); + free ensures (memory_load64_le(mem, 68976bv64) == 2368bv64); + free ensures (memory_load64_le(mem, 69616bv64) == 1984bv64); + free ensures (memory_load64_le(mem, 69640bv64) == 69640bv64); procedure main(); - modifies Gamma_R0, Gamma_R1, Gamma_R16, Gamma_R17, Gamma_R19, Gamma_R2, Gamma_R20, Gamma_R21, Gamma_R29, Gamma_R30, Gamma_R31, Gamma_malloc_base, Gamma_malloc_count, Gamma_malloc_end, Gamma_mem, Gamma_stack, R0, R1, R16, R17, R19, R2, R20, R21, R29, R30, R31, malloc_base, malloc_count, malloc_end, mem, stack; + modifies Gamma_R0, Gamma_R1, Gamma_R16, Gamma_R17, Gamma_R19, Gamma_R2, Gamma_R20, Gamma_R21, Gamma_R29, Gamma_R3, Gamma_R30, Gamma_R31, Gamma_malloc_base, Gamma_malloc_count, Gamma_malloc_end, Gamma_mem, Gamma_stack, R0, R1, R16, R17, R19, R2, R20, R21, R29, R3, R30, R31, malloc_base, malloc_count, malloc_end, mem, stack; requires (gamma_load8(Gamma_mem, $password_addr) == false); requires malloc_count == 0; requires gamma_load32(Gamma_mem, memory_load64_le(mem, $stext_addr)); requires R31 == 100bv64; - free requires (memory_load8_le(mem, 131152bv64) == 0bv8); - free requires (memory_load8_le(mem, 131153bv64) == 0bv8); - free requires (memory_load8_le(mem, 131154bv64) == 0bv8); - free requires (memory_load8_le(mem, 131155bv64) == 0bv8); - free requires (memory_load8_le(mem, 131156bv64) == 0bv8); - free requires (memory_load8_le(mem, 131157bv64) == 0bv8); - free requires (memory_load8_le(mem, 131158bv64) == 0bv8); - free requires (memory_load8_le(mem, 131159bv64) == 0bv8); - free requires (memory_load8_le(mem, 131160bv64) == 88bv8); - free requires (memory_load8_le(mem, 131161bv64) == 0bv8); - free requires (memory_load8_le(mem, 131162bv64) == 2bv8); - free requires (memory_load8_le(mem, 131163bv64) == 0bv8); - free requires (memory_load8_le(mem, 131164bv64) == 0bv8); - free requires (memory_load8_le(mem, 131165bv64) == 0bv8); - free requires (memory_load8_le(mem, 131166bv64) == 0bv8); - free requires (memory_load8_le(mem, 131167bv64) == 0bv8); - free requires (memory_load8_le(mem, 131168bv64) == 117bv8); - free requires (memory_load8_le(mem, 131169bv64) == 115bv8); - free requires (memory_load8_le(mem, 131170bv64) == 101bv8); - free requires (memory_load8_le(mem, 131171bv64) == 114bv8); - free requires (memory_load8_le(mem, 131172bv64) == 58bv8); - free requires (memory_load8_le(mem, 131173bv64) == 112bv8); - free requires (memory_load8_le(mem, 131174bv64) == 97bv8); - free requires (memory_load8_le(mem, 131175bv64) == 115bv8); - free requires (memory_load8_le(mem, 131176bv64) == 115bv8); - free requires (memory_load8_le(mem, 131177bv64) == 0bv8); - free requires (memory_load8_le(mem, 131178bv64) == 0bv8); - free requires (memory_load8_le(mem, 131179bv64) == 7bv8); + free requires (memory_load8_le(mem, 69632bv64) == 0bv8); + free requires (memory_load8_le(mem, 69633bv64) == 0bv8); + free requires (memory_load8_le(mem, 69634bv64) == 0bv8); + free requires (memory_load8_le(mem, 69635bv64) == 0bv8); + free requires (memory_load8_le(mem, 69636bv64) == 0bv8); + free requires (memory_load8_le(mem, 69637bv64) == 0bv8); + free requires (memory_load8_le(mem, 69638bv64) == 0bv8); + free requires (memory_load8_le(mem, 69639bv64) == 0bv8); + free requires (memory_load8_le(mem, 69640bv64) == 8bv8); + free requires (memory_load8_le(mem, 69641bv64) == 16bv8); + free requires (memory_load8_le(mem, 69642bv64) == 1bv8); + free requires (memory_load8_le(mem, 69643bv64) == 0bv8); + free requires (memory_load8_le(mem, 69644bv64) == 0bv8); + free requires (memory_load8_le(mem, 69645bv64) == 0bv8); + free requires (memory_load8_le(mem, 69646bv64) == 0bv8); + free requires (memory_load8_le(mem, 69647bv64) == 0bv8); + free requires (memory_load8_le(mem, 69648bv64) == 117bv8); + free requires (memory_load8_le(mem, 69649bv64) == 115bv8); + free requires (memory_load8_le(mem, 69650bv64) == 101bv8); + free requires (memory_load8_le(mem, 69651bv64) == 114bv8); + free requires (memory_load8_le(mem, 69652bv64) == 58bv8); + free requires (memory_load8_le(mem, 69653bv64) == 112bv8); + free requires (memory_load8_le(mem, 69654bv64) == 97bv8); + free requires (memory_load8_le(mem, 69655bv64) == 115bv8); + free requires (memory_load8_le(mem, 69656bv64) == 115bv8); + free requires (memory_load8_le(mem, 69657bv64) == 0bv8); + free requires (memory_load8_le(mem, 69658bv64) == 0bv8); + free requires (memory_load8_le(mem, 69659bv64) == 7bv8); free requires (memory_load8_le(mem, 2472bv64) == 1bv8); free requires (memory_load8_le(mem, 2473bv64) == 0bv8); free requires (memory_load8_le(mem, 2474bv64) == 2bv8); free requires (memory_load8_le(mem, 2475bv64) == 0bv8); - free requires (memory_load64_le(mem, 130504bv64) == 2448bv64); - free requires (memory_load64_le(mem, 130512bv64) == 2368bv64); - free requires (memory_load64_le(mem, 131032bv64) == 1984bv64); - free requires (memory_load64_le(mem, 131160bv64) == 131160bv64); + free requires (memory_load64_le(mem, 68968bv64) == 2448bv64); + free requires (memory_load64_le(mem, 68976bv64) == 2368bv64); + free requires (memory_load64_le(mem, 69616bv64) == 1984bv64); + free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); free ensures (Gamma_R19 == old(Gamma_R19)); free ensures (Gamma_R20 == old(Gamma_R20)); free ensures (Gamma_R21 == old(Gamma_R21)); @@ -187,10 +208,10 @@ procedure main(); free ensures (memory_load8_le(mem, 2473bv64) == 0bv8); free ensures (memory_load8_le(mem, 2474bv64) == 2bv8); free ensures (memory_load8_le(mem, 2475bv64) == 0bv8); - free ensures (memory_load64_le(mem, 130504bv64) == 2448bv64); - free ensures (memory_load64_le(mem, 130512bv64) == 2368bv64); - free ensures (memory_load64_le(mem, 131032bv64) == 1984bv64); - free ensures (memory_load64_le(mem, 131160bv64) == 131160bv64); + free ensures (memory_load64_le(mem, 68968bv64) == 2448bv64); + free ensures (memory_load64_le(mem, 68976bv64) == 2368bv64); + free ensures (memory_load64_le(mem, 69616bv64) == 1984bv64); + free ensures (memory_load64_le(mem, 69640bv64) == 69640bv64); implementation main() { @@ -204,85 +225,86 @@ implementation main() assume {:captureState "lmain"} true; #1, Gamma_#1 := bvadd64(R31, 18446744073709551568bv64), Gamma_R31; stack, Gamma_stack := memory_store64_le(stack, #1, R29), gamma_store64(Gamma_stack, #1, Gamma_R29); - assume {:captureState "%00000233"} true; + assume {:captureState "%00000232"} true; stack, Gamma_stack := memory_store64_le(stack, bvadd64(#1, 8bv64), R30), gamma_store64(Gamma_stack, bvadd64(#1, 8bv64), Gamma_R30); - assume {:captureState "%00000239"} true; + assume {:captureState "%00000238"} true; R31, Gamma_R31 := #1, Gamma_#1; R0, Gamma_R0 := 11bv64, true; R29, Gamma_R29 := R31, Gamma_R31; #2, Gamma_#2 := bvadd64(R31, 16bv64), Gamma_R31; stack, Gamma_stack := memory_store64_le(stack, #2, R19), gamma_store64(Gamma_stack, #2, Gamma_R19); - assume {:captureState "%00000254"} true; + assume {:captureState "%00000253"} true; stack, Gamma_stack := memory_store64_le(stack, bvadd64(#2, 8bv64), R20), gamma_store64(Gamma_stack, bvadd64(#2, 8bv64), Gamma_R20); - assume {:captureState "%0000025a"} true; - R20, Gamma_R20 := 131072bv64, true; + assume {:captureState "%00000259"} true; + R20, Gamma_R20 := 69632bv64, true; stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 32bv64), R21), gamma_store64(Gamma_stack, bvadd64(R31, 32bv64), Gamma_R21); - assume {:captureState "%00000267"} true; + assume {:captureState "%00000266"} true; R30, Gamma_R30 := 2012bv64, true; call malloc(); - goto l00000271; - l00000271: - assume {:captureState "l00000271"} true; - R21, Gamma_R21 := 131072bv64, true; - R21, Gamma_R21 := bvadd64(R21, 96bv64), Gamma_R21; + goto l00000270; + l00000270: + assume {:captureState "l00000270"} true; + R21, Gamma_R21 := 69632bv64, true; + R21, Gamma_R21 := bvadd64(R21, 16bv64), Gamma_R21; R19, Gamma_R19 := R0, Gamma_R0; R0, Gamma_R0 := R21, Gamma_R21; call rely(); - assert (L(mem, bvadd64(R20, 120bv64)) ==> Gamma_R19); - mem, Gamma_mem := memory_store64_le(mem, bvadd64(R20, 120bv64), R19), gamma_store64(Gamma_mem, bvadd64(R20, 120bv64), Gamma_R19); - assume {:captureState "%0000028e"} true; + assert (L(mem, bvadd64(R20, 40bv64)) ==> Gamma_R19); + mem, Gamma_mem := memory_store64_le(mem, bvadd64(R20, 40bv64), R19), gamma_store64(Gamma_mem, bvadd64(R20, 40bv64), Gamma_R19); + assume {:captureState "%0000028d"} true; R30, Gamma_R30 := 2036bv64, true; call strlen(); - goto l00000298; - l00000298: - assume {:captureState "l00000298"} true; + goto l00000297; + l00000297: + assume {:captureState "l00000297"} true; R1, Gamma_R1 := R21, Gamma_R21; R2, Gamma_R2 := R0, Gamma_R0; + R3, Gamma_R3 := 11bv64, true; R0, Gamma_R0 := R19, Gamma_R19; - R30, Gamma_R30 := 2052bv64, true; - call memcpy(); - goto l000002b2; - l000002b2: - assume {:captureState "l000002b2"} true; + R30, Gamma_R30 := 2056bv64, true; + call __memcpy_chk(); + goto l000002b6; + l000002b6: + assume {:captureState "l000002b6"} true; R0, Gamma_R0 := R19, Gamma_R19; - R30, Gamma_R30 := 2060bv64, true; + R30, Gamma_R30 := 2064bv64, true; call puts(); - goto l000002c0; - l000002c0: - assume {:captureState "l000002c0"} true; + goto l000002c4; + l000002c4: + assume {:captureState "l000002c4"} true; call rely(); - R0, Gamma_R0 := memory_load64_le(mem, bvadd64(R20, 120bv64)), (gamma_load64(Gamma_mem, bvadd64(R20, 120bv64)) || L(mem, bvadd64(R20, 120bv64))); + R0, Gamma_R0 := memory_load64_le(mem, bvadd64(R20, 40bv64)), (gamma_load64(Gamma_mem, bvadd64(R20, 40bv64)) || L(mem, bvadd64(R20, 40bv64))); call rely(); assert (L(mem, bvadd64(R0, 4bv64)) ==> true); mem, Gamma_mem := memory_store8_le(mem, bvadd64(R0, 4bv64), 0bv8), gamma_store8(Gamma_mem, bvadd64(R0, 4bv64), true); - assume {:captureState "%000002cc"} true; + assume {:captureState "%000002d0"} true; call rely(); - R19, Gamma_R19 := memory_load64_le(mem, bvadd64(R20, 120bv64)), (gamma_load64(Gamma_mem, bvadd64(R20, 120bv64)) || L(mem, bvadd64(R20, 120bv64))); + R19, Gamma_R19 := memory_load64_le(mem, bvadd64(R20, 40bv64)), (gamma_load64(Gamma_mem, bvadd64(R20, 40bv64)) || L(mem, bvadd64(R20, 40bv64))); R0, Gamma_R0 := R19, Gamma_R19; - R30, Gamma_R30 := 2080bv64, true; + R30, Gamma_R30 := 2084bv64, true; call strlen(); - goto l000002e2; - l000002e2: - assume {:captureState "l000002e2"} true; + goto l000002e6; + l000002e6: + assume {:captureState "l000002e6"} true; R1, Gamma_R1 := 1bv64, true; R2, Gamma_R2 := R0, Gamma_R0; R0, Gamma_R0 := R19, Gamma_R19; - R30, Gamma_R30 := 2096bv64, true; + R30, Gamma_R30 := 2100bv64, true; call memset(); - goto l000002fb; - l000002fb: - assume {:captureState "l000002fb"} true; + goto l000002ff; + l000002ff: + assume {:captureState "l000002ff"} true; call rely(); - R0, Gamma_R0 := memory_load64_le(mem, bvadd64(R20, 120bv64)), (gamma_load64(Gamma_mem, bvadd64(R20, 120bv64)) || L(mem, bvadd64(R20, 120bv64))); - R30, Gamma_R30 := 2104bv64, true; + R0, Gamma_R0 := memory_load64_le(mem, bvadd64(R20, 40bv64)), (gamma_load64(Gamma_mem, bvadd64(R20, 40bv64)) || L(mem, bvadd64(R20, 40bv64))); + R30, Gamma_R30 := 2108bv64, true; call #free(); - goto l0000030a; - l0000030a: - assume {:captureState "l0000030a"} true; + goto l0000030e; + l0000030e: + assume {:captureState "l0000030e"} true; + R0, Gamma_R0 := 0bv64, true; #3, Gamma_#3 := bvadd64(R31, 16bv64), Gamma_R31; R19, Gamma_R19 := memory_load64_le(stack, #3), gamma_load64(Gamma_stack, #3); R20, Gamma_R20 := memory_load64_le(stack, bvadd64(#3, 8bv64)), gamma_load64(Gamma_stack, bvadd64(#3, 8bv64)); - R0, Gamma_R0 := 0bv64, true; R21, Gamma_R21 := memory_load64_le(stack, bvadd64(R31, 32bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 32bv64)); R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); @@ -301,10 +323,10 @@ procedure malloc(); free requires (memory_load8_le(mem, 2473bv64) == 0bv8); free requires (memory_load8_le(mem, 2474bv64) == 2bv8); free requires (memory_load8_le(mem, 2475bv64) == 0bv8); - free requires (memory_load64_le(mem, 130504bv64) == 2448bv64); - free requires (memory_load64_le(mem, 130512bv64) == 2368bv64); - free requires (memory_load64_le(mem, 131032bv64) == 1984bv64); - free requires (memory_load64_le(mem, 131160bv64) == 131160bv64); + free requires (memory_load64_le(mem, 68968bv64) == 2448bv64); + free requires (memory_load64_le(mem, 68976bv64) == 2368bv64); + free requires (memory_load64_le(mem, 69616bv64) == 1984bv64); + free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); ensures ((memory_load64_le(mem, $buf_addr) == old(memory_load64_le(mem, $buf_addr))) && (memory_load8_le(mem, $password_addr) == old(memory_load8_le(mem, $password_addr)))); ensures Gamma_R0 == true; ensures malloc_count == old(malloc_count) + 1; @@ -319,32 +341,10 @@ procedure malloc(); free ensures (memory_load8_le(mem, 2473bv64) == 0bv8); free ensures (memory_load8_le(mem, 2474bv64) == 2bv8); free ensures (memory_load8_le(mem, 2475bv64) == 0bv8); - free ensures (memory_load64_le(mem, 130504bv64) == 2448bv64); - free ensures (memory_load64_le(mem, 130512bv64) == 2368bv64); - free ensures (memory_load64_le(mem, 131032bv64) == 1984bv64); - free ensures (memory_load64_le(mem, 131160bv64) == 131160bv64); - -procedure memcpy(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; - free requires (memory_load8_le(mem, 2472bv64) == 1bv8); - free requires (memory_load8_le(mem, 2473bv64) == 0bv8); - free requires (memory_load8_le(mem, 2474bv64) == 2bv8); - free requires (memory_load8_le(mem, 2475bv64) == 0bv8); - free requires (memory_load64_le(mem, 130504bv64) == 2448bv64); - free requires (memory_load64_le(mem, 130512bv64) == 2368bv64); - free requires (memory_load64_le(mem, 131032bv64) == 1984bv64); - free requires (memory_load64_le(mem, 131160bv64) == 131160bv64); - ensures ((memory_load64_le(mem, $buf_addr) == old(memory_load64_le(mem, $buf_addr))) && (memory_load8_le(mem, $password_addr) == old(memory_load8_le(mem, $password_addr)))); - ensures (forall i: bv64 :: (Gamma_mem[i] == if (bvule64(R0, i) && bvult64(i, bvadd64(R0, R2))) then gamma_load8((Gamma_mem), bvadd64(bvsub64(i, R0), R1)) else old(gamma_load8(Gamma_mem, i)))); - ensures (forall i: bv64 :: (mem[i] == if (bvule64(R0, i) && bvult64(i,bvadd64(R0, R2))) then memory_load8_le((mem), bvadd64(bvsub64(i, R0), R1)) else old(memory_load8_le(mem, i)))); - free ensures (memory_load8_le(mem, 2472bv64) == 1bv8); - free ensures (memory_load8_le(mem, 2473bv64) == 0bv8); - free ensures (memory_load8_le(mem, 2474bv64) == 2bv8); - free ensures (memory_load8_le(mem, 2475bv64) == 0bv8); - free ensures (memory_load64_le(mem, 130504bv64) == 2448bv64); - free ensures (memory_load64_le(mem, 130512bv64) == 2368bv64); - free ensures (memory_load64_le(mem, 131032bv64) == 1984bv64); - free ensures (memory_load64_le(mem, 131160bv64) == 131160bv64); + free ensures (memory_load64_le(mem, 68968bv64) == 2448bv64); + free ensures (memory_load64_le(mem, 68976bv64) == 2368bv64); + free ensures (memory_load64_le(mem, 69616bv64) == 1984bv64); + free ensures (memory_load64_le(mem, 69640bv64) == 69640bv64); procedure memset(); modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; @@ -353,10 +353,10 @@ procedure memset(); free requires (memory_load8_le(mem, 2473bv64) == 0bv8); free requires (memory_load8_le(mem, 2474bv64) == 2bv8); free requires (memory_load8_le(mem, 2475bv64) == 0bv8); - free requires (memory_load64_le(mem, 130504bv64) == 2448bv64); - free requires (memory_load64_le(mem, 130512bv64) == 2368bv64); - free requires (memory_load64_le(mem, 131032bv64) == 1984bv64); - free requires (memory_load64_le(mem, 131160bv64) == 131160bv64); + free requires (memory_load64_le(mem, 68968bv64) == 2448bv64); + free requires (memory_load64_le(mem, 68976bv64) == 2368bv64); + free requires (memory_load64_le(mem, 69616bv64) == 1984bv64); + free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); ensures ((memory_load64_le(mem, $buf_addr) == old(memory_load64_le(mem, $buf_addr))) && (memory_load8_le(mem, $password_addr) == old(memory_load8_le(mem, $password_addr)))); ensures (forall i: bv64 :: (Gamma_mem[i] == if (bvule64(R0, i) && bvult64(i,bvadd64(R0, R2))) then Gamma_R1 else old(gamma_load8(Gamma_mem, i)))); ensures (forall i: bv64 :: (mem[i] == if (bvule64(R0, i) && bvult64(i,bvadd64(R0, R2))) then R1[8:0] else old(memory_load8_le(mem, i)))); @@ -364,10 +364,10 @@ procedure memset(); free ensures (memory_load8_le(mem, 2473bv64) == 0bv8); free ensures (memory_load8_le(mem, 2474bv64) == 2bv8); free ensures (memory_load8_le(mem, 2475bv64) == 0bv8); - free ensures (memory_load64_le(mem, 130504bv64) == 2448bv64); - free ensures (memory_load64_le(mem, 130512bv64) == 2368bv64); - free ensures (memory_load64_le(mem, 131032bv64) == 1984bv64); - free ensures (memory_load64_le(mem, 131160bv64) == 131160bv64); + free ensures (memory_load64_le(mem, 68968bv64) == 2448bv64); + free ensures (memory_load64_le(mem, 68976bv64) == 2368bv64); + free ensures (memory_load64_le(mem, 69616bv64) == 1984bv64); + free ensures (memory_load64_le(mem, 69640bv64) == 69640bv64); procedure puts(); modifies Gamma_R16, Gamma_R17, R16, R17; @@ -375,18 +375,18 @@ procedure puts(); free requires (memory_load8_le(mem, 2473bv64) == 0bv8); free requires (memory_load8_le(mem, 2474bv64) == 2bv8); free requires (memory_load8_le(mem, 2475bv64) == 0bv8); - free requires (memory_load64_le(mem, 130504bv64) == 2448bv64); - free requires (memory_load64_le(mem, 130512bv64) == 2368bv64); - free requires (memory_load64_le(mem, 131032bv64) == 1984bv64); - free requires (memory_load64_le(mem, 131160bv64) == 131160bv64); + free requires (memory_load64_le(mem, 68968bv64) == 2448bv64); + free requires (memory_load64_le(mem, 68976bv64) == 2368bv64); + free requires (memory_load64_le(mem, 69616bv64) == 1984bv64); + free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); free ensures (memory_load8_le(mem, 2472bv64) == 1bv8); free ensures (memory_load8_le(mem, 2473bv64) == 0bv8); free ensures (memory_load8_le(mem, 2474bv64) == 2bv8); free ensures (memory_load8_le(mem, 2475bv64) == 0bv8); - free ensures (memory_load64_le(mem, 130504bv64) == 2448bv64); - free ensures (memory_load64_le(mem, 130512bv64) == 2368bv64); - free ensures (memory_load64_le(mem, 131032bv64) == 1984bv64); - free ensures (memory_load64_le(mem, 131160bv64) == 131160bv64); + free ensures (memory_load64_le(mem, 68968bv64) == 2448bv64); + free ensures (memory_load64_le(mem, 68976bv64) == 2368bv64); + free ensures (memory_load64_le(mem, 69616bv64) == 1984bv64); + free ensures (memory_load64_le(mem, 69640bv64) == 69640bv64); procedure strlen(); modifies Gamma_R0, Gamma_R16, Gamma_R17, R0, R16, R17; @@ -394,10 +394,10 @@ procedure strlen(); free requires (memory_load8_le(mem, 2473bv64) == 0bv8); free requires (memory_load8_le(mem, 2474bv64) == 2bv8); free requires (memory_load8_le(mem, 2475bv64) == 0bv8); - free requires (memory_load64_le(mem, 130504bv64) == 2448bv64); - free requires (memory_load64_le(mem, 130512bv64) == 2368bv64); - free requires (memory_load64_le(mem, 131032bv64) == 1984bv64); - free requires (memory_load64_le(mem, 131160bv64) == 131160bv64); + free requires (memory_load64_le(mem, 68968bv64) == 2448bv64); + free requires (memory_load64_le(mem, 68976bv64) == 2368bv64); + free requires (memory_load64_le(mem, 69616bv64) == 1984bv64); + free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); ensures (((memory_load64_le(mem, $buf_addr) == old(memory_load64_le(mem, $buf_addr))) && (memory_load8_le(mem, $password_addr) == old(memory_load8_le(mem, $password_addr)))) && (memory_load8_le(mem, $stext_addr) == old(memory_load8_le(mem, $stext_addr)))); ensures Gamma_R0 == true; ensures (forall i: bv64 :: (bvule64(old(R0), i)) && (bvult64(i, bvadd64(old(R0), R0))) ==> mem[i] != 0bv8); @@ -407,8 +407,8 @@ procedure strlen(); free ensures (memory_load8_le(mem, 2473bv64) == 0bv8); free ensures (memory_load8_le(mem, 2474bv64) == 2bv8); free ensures (memory_load8_le(mem, 2475bv64) == 0bv8); - free ensures (memory_load64_le(mem, 130504bv64) == 2448bv64); - free ensures (memory_load64_le(mem, 130512bv64) == 2368bv64); - free ensures (memory_load64_le(mem, 131032bv64) == 1984bv64); - free ensures (memory_load64_le(mem, 131160bv64) == 131160bv64); + free ensures (memory_load64_le(mem, 68968bv64) == 2448bv64); + free ensures (memory_load64_le(mem, 68976bv64) == 2368bv64); + free ensures (memory_load64_le(mem, 69616bv64) == 1984bv64); + free ensures (memory_load64_le(mem, 69640bv64) == 69640bv64); diff --git a/src/test/incorrect/nestedifglobal/clang/nestedifglobal.expected b/src/test/incorrect/nestedifglobal/clang/nestedifglobal.expected index c58d474bb..9d9de9aeb 100644 --- a/src/test/incorrect/nestedifglobal/clang/nestedifglobal.expected +++ b/src/test/incorrect/nestedifglobal/clang/nestedifglobal.expected @@ -1,13 +1,21 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; var {:extern} Gamma_R8: bool; var {:extern} Gamma_R9: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; var {:extern} R8: bv64; var {:extern} R9: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; function {:extern} L(memory: [bv64]bv8, index: bv64) returns (bool) { @@ -78,7 +86,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_R9, Gamma_mem, Gamma_stack, R0, R31, R8, R9, mem, stack; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_R8, Gamma_R9, Gamma_VF, Gamma_ZF, Gamma_mem, Gamma_stack, NF, R0, R31, R8, R9, VF, ZF, mem, stack; free requires (memory_load64_le(mem, 69664bv64) == 0bv64); free requires (memory_load64_le(mem, 69672bv64) == 69672bv64); free requires (memory_load8_le(mem, 1976bv64) == 1bv8); @@ -105,17 +113,9 @@ implementation main() var #4: bv32; var #5: bv32; var #6: bv32; - var CF: bv1; var Gamma_#4: bool; var Gamma_#5: bool; var Gamma_#6: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; @@ -186,7 +186,7 @@ implementation main() l000003d4: assume {:captureState "l000003d4"} true; assert Gamma_R8; - goto l000003d4_goto_l00000448, l000003d4_goto_l000003dc; + goto l000003d4_goto_l000003dc, l000003d4_goto_l00000448; l00000448: assume {:captureState "l00000448"} true; goto l00000449; @@ -206,7 +206,7 @@ implementation main() NF, Gamma_NF := bvadd32(#6, 1bv32)[32:31], Gamma_#6; R8, Gamma_R8 := zero_extend32_32(bvadd32(#6, 1bv32)), Gamma_#6; assert Gamma_ZF; - goto l000003dc_goto_l0000040a, l000003dc_goto_l00000407; + goto l000003dc_goto_l00000407, l000003dc_goto_l0000040a; l0000040a: assume {:captureState "l0000040a"} true; R8, Gamma_R8 := 1bv64, true; diff --git a/src/test/incorrect/nestedifglobal/clang_no_plt_no_pic/nestedifglobal.expected b/src/test/incorrect/nestedifglobal/clang_no_plt_no_pic/nestedifglobal.expected index 02557b876..162400ad2 100644 --- a/src/test/incorrect/nestedifglobal/clang_no_plt_no_pic/nestedifglobal.expected +++ b/src/test/incorrect/nestedifglobal/clang_no_plt_no_pic/nestedifglobal.expected @@ -1,13 +1,21 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; var {:extern} Gamma_R8: bool; var {:extern} Gamma_R9: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; var {:extern} R8: bv64; var {:extern} R9: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; function {:extern} L(memory: [bv64]bv8, index: bv64) returns (bool) { @@ -78,7 +86,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_R9, Gamma_mem, Gamma_stack, R0, R31, R8, R9, mem, stack; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_R8, Gamma_R9, Gamma_VF, Gamma_ZF, Gamma_mem, Gamma_stack, NF, R0, R31, R8, R9, VF, ZF, mem, stack; free requires (memory_load64_le(mem, 69664bv64) == 0bv64); free requires (memory_load64_le(mem, 69672bv64) == 69672bv64); free requires (memory_load8_le(mem, 1976bv64) == 1bv8); @@ -105,17 +113,9 @@ implementation main() var #4: bv32; var #5: bv32; var #6: bv32; - var CF: bv1; var Gamma_#4: bool; var Gamma_#5: bool; var Gamma_#6: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; @@ -152,7 +152,7 @@ implementation main() l00000ae6: assume {:captureState "l00000ae6"} true; assert Gamma_R8; - goto l00000ae6_goto_l00000aee, l00000ae6_goto_l00000bad; + goto l00000ae6_goto_l00000bad, l00000ae6_goto_l00000aee; l00000bad: assume {:captureState "l00000bad"} true; goto l00000bae; @@ -186,7 +186,7 @@ implementation main() l00000b24: assume {:captureState "l00000b24"} true; assert Gamma_R8; - goto l00000b24_goto_l00000b2c, l00000b24_goto_l00000b98; + goto l00000b24_goto_l00000b98, l00000b24_goto_l00000b2c; l00000b98: assume {:captureState "l00000b98"} true; goto l00000b99; @@ -218,7 +218,7 @@ implementation main() l00000b5d: assume {:captureState "l00000b5d"} true; assert Gamma_R8; - goto l00000b5d_goto_l00000b65, l00000b5d_goto_l00000b7c; + goto l00000b5d_goto_l00000b7c, l00000b5d_goto_l00000b65; l00000b7c: assume {:captureState "l00000b7c"} true; goto l00000b7d; diff --git a/src/test/incorrect/nestedifglobal/clang_pic/nestedifglobal.expected b/src/test/incorrect/nestedifglobal/clang_pic/nestedifglobal.expected index 6bf072afb..014b65275 100644 --- a/src/test/incorrect/nestedifglobal/clang_pic/nestedifglobal.expected +++ b/src/test/incorrect/nestedifglobal/clang_pic/nestedifglobal.expected @@ -1,13 +1,21 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; var {:extern} Gamma_R8: bool; var {:extern} Gamma_R9: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; var {:extern} R8: bv64; var {:extern} R9: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; function {:extern} L(memory: [bv64]bv8, index: bv64) returns (bool) { @@ -92,7 +100,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_R9, Gamma_mem, Gamma_stack, R0, R31, R8, R9, mem, stack; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_R8, Gamma_R9, Gamma_VF, Gamma_ZF, Gamma_mem, Gamma_stack, NF, R0, R31, R8, R9, VF, ZF, mem, stack; free requires (memory_load64_le(mem, 69664bv64) == 0bv64); free requires (memory_load64_le(mem, 69672bv64) == 69672bv64); free requires (memory_load8_le(mem, 2052bv64) == 1bv8); @@ -123,17 +131,9 @@ implementation main() var #4: bv32; var #5: bv32; var #6: bv32; - var CF: bv1; var Gamma_#4: bool; var Gamma_#5: bool; var Gamma_#6: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551584bv64), Gamma_R31; @@ -162,7 +162,7 @@ implementation main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l000003ae, lmain_goto_l000003ab; + goto lmain_goto_l000003ab, lmain_goto_l000003ae; l000003ae: assume {:captureState "l000003ae"} true; R8, Gamma_R8 := 1bv64, true; @@ -208,7 +208,7 @@ implementation main() l000003f1: assume {:captureState "l000003f1"} true; assert Gamma_R8; - goto l000003f1_goto_l000003f9, l000003f1_goto_l0000046c; + goto l000003f1_goto_l0000046c, l000003f1_goto_l000003f9; l0000046c: assume {:captureState "l0000046c"} true; goto l0000046d; @@ -228,7 +228,7 @@ implementation main() NF, Gamma_NF := bvadd32(#6, 1bv32)[32:31], Gamma_#6; R8, Gamma_R8 := zero_extend32_32(bvadd32(#6, 1bv32)), Gamma_#6; assert Gamma_ZF; - goto l000003f9_goto_l00000424, l000003f9_goto_l00000427; + goto l000003f9_goto_l00000427, l000003f9_goto_l00000424; l00000427: assume {:captureState "l00000427"} true; R8, Gamma_R8 := 1bv64, true; diff --git a/src/test/incorrect/nestedifglobal/gcc/nestedifglobal.expected b/src/test/incorrect/nestedifglobal/gcc/nestedifglobal.expected index f3fac9965..70e9aedd4 100644 --- a/src/test/incorrect/nestedifglobal/gcc/nestedifglobal.expected +++ b/src/test/incorrect/nestedifglobal/gcc/nestedifglobal.expected @@ -1,11 +1,19 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R1: bool; var {:extern} Gamma_R31: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R1: bv64; var {:extern} R31: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; function {:extern} L(memory: [bv64]bv8, index: bv64) returns (bool) { @@ -76,7 +84,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies Gamma_R0, Gamma_R1, Gamma_R31, Gamma_mem, Gamma_stack, R0, R1, R31, mem, stack; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R1, Gamma_R31, Gamma_VF, Gamma_ZF, Gamma_mem, Gamma_stack, NF, R0, R1, R31, VF, ZF, mem, stack; free requires (memory_load64_le(mem, 69632bv64) == 0bv64); free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); free requires (memory_load8_le(mem, 1956bv64) == 1bv8); @@ -103,17 +111,9 @@ implementation main() var #4: bv32; var #5: bv32; var #6: bv32; - var CF: bv1; var Gamma_#4: bool; var Gamma_#5: bool; var Gamma_#6: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551584bv64), Gamma_R31; @@ -138,7 +138,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#4, 1bv32), 0bv32), Gamma_#4; NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l00000414, lmain_goto_l00000381; + goto lmain_goto_l00000381, lmain_goto_l00000414; l00000414: assume {:captureState "l00000414"} true; R0, Gamma_R0 := 3bv64, true; @@ -157,7 +157,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#5, 1bv32), 0bv32), Gamma_#5; NF, Gamma_NF := bvadd32(#5, 1bv32)[32:31], Gamma_#5; assert Gamma_ZF; - goto l00000381_goto_l000003b2, l00000381_goto_l00000407; + goto l00000381_goto_l00000407, l00000381_goto_l000003b2; l00000407: assume {:captureState "l00000407"} true; R0, Gamma_R0 := 5bv64, true; @@ -173,7 +173,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#6, 1bv32), 0bv32), Gamma_#6; NF, Gamma_NF := bvadd32(#6, 1bv32)[32:31], Gamma_#6; assert Gamma_ZF; - goto l000003b2_goto_l000003d8, l000003b2_goto_l000003ed; + goto l000003b2_goto_l000003ed, l000003b2_goto_l000003d8; l000003ed: assume {:captureState "l000003ed"} true; R0, Gamma_R0 := 69632bv64, true; diff --git a/src/test/incorrect/nestedifglobal/gcc_no_plt_no_pic/nestedifglobal.expected b/src/test/incorrect/nestedifglobal/gcc_no_plt_no_pic/nestedifglobal.expected index 2a1a9c7d2..ba0e034e1 100644 --- a/src/test/incorrect/nestedifglobal/gcc_no_plt_no_pic/nestedifglobal.expected +++ b/src/test/incorrect/nestedifglobal/gcc_no_plt_no_pic/nestedifglobal.expected @@ -1,11 +1,19 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R1: bool; var {:extern} Gamma_R31: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R1: bv64; var {:extern} R31: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; function {:extern} L(memory: [bv64]bv8, index: bv64) returns (bool) { @@ -76,7 +84,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies Gamma_R0, Gamma_R1, Gamma_R31, Gamma_mem, Gamma_stack, R0, R1, R31, mem, stack; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R1, Gamma_R31, Gamma_VF, Gamma_ZF, Gamma_mem, Gamma_stack, NF, R0, R1, R31, VF, ZF, mem, stack; free requires (memory_load64_le(mem, 69632bv64) == 0bv64); free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); free requires (memory_load8_le(mem, 1956bv64) == 1bv8); @@ -103,17 +111,9 @@ implementation main() var #4: bv32; var #5: bv32; var #6: bv32; - var CF: bv1; var Gamma_#4: bool; var Gamma_#5: bool; var Gamma_#6: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551584bv64), Gamma_R31; @@ -138,7 +138,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#4, 1bv32), 0bv32), Gamma_#4; NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l00000b0c, lmain_goto_l00000a79; + goto lmain_goto_l00000a79, lmain_goto_l00000b0c; l00000b0c: assume {:captureState "l00000b0c"} true; R0, Gamma_R0 := 3bv64, true; @@ -173,7 +173,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#6, 1bv32), 0bv32), Gamma_#6; NF, Gamma_NF := bvadd32(#6, 1bv32)[32:31], Gamma_#6; assert Gamma_ZF; - goto l00000aaa_goto_l00000ae5, l00000aaa_goto_l00000ad0; + goto l00000aaa_goto_l00000ad0, l00000aaa_goto_l00000ae5; l00000ae5: assume {:captureState "l00000ae5"} true; R0, Gamma_R0 := 69632bv64, true; diff --git a/src/test/incorrect/nestedifglobal/gcc_pic/nestedifglobal.expected b/src/test/incorrect/nestedifglobal/gcc_pic/nestedifglobal.expected index 476bfca22..151109cbf 100644 --- a/src/test/incorrect/nestedifglobal/gcc_pic/nestedifglobal.expected +++ b/src/test/incorrect/nestedifglobal/gcc_pic/nestedifglobal.expected @@ -1,11 +1,19 @@ +var {:extern} CF: bv1; +var {:extern} Gamma_CF: bool; +var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R1: bool; var {:extern} Gamma_R31: bool; +var {:extern} Gamma_VF: bool; +var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; +var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R1: bv64; var {:extern} R31: bv64; +var {:extern} VF: bv1; +var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; function {:extern} L(memory: [bv64]bv8, index: bv64) returns (bool) { @@ -82,7 +90,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies Gamma_R0, Gamma_R1, Gamma_R31, Gamma_mem, Gamma_stack, R0, R1, R31, mem, stack; + modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R1, Gamma_R31, Gamma_VF, Gamma_ZF, Gamma_mem, Gamma_stack, NF, R0, R1, R31, VF, ZF, mem, stack; free requires (memory_load64_le(mem, 69632bv64) == 0bv64); free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); free requires (memory_load8_le(mem, 2020bv64) == 1bv8); @@ -113,17 +121,9 @@ implementation main() var #4: bv32; var #5: bv32; var #6: bv32; - var CF: bv1; var Gamma_#4: bool; var Gamma_#5: bool; var Gamma_#6: bool; - var Gamma_CF: bool; - var Gamma_NF: bool; - var Gamma_VF: bool; - var Gamma_ZF: bool; - var NF: bv1; - var VF: bv1; - var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551584bv64), Gamma_R31; @@ -150,7 +150,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#4, 1bv32), 0bv32), Gamma_#4; NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l00000383, lmain_goto_l00000418; + goto lmain_goto_l00000418, lmain_goto_l00000383; l00000418: assume {:captureState "l00000418"} true; R0, Gamma_R0 := 3bv64, true; @@ -186,7 +186,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#6, 1bv32), 0bv32), Gamma_#6; NF, Gamma_NF := bvadd32(#6, 1bv32)[32:31], Gamma_#6; assert Gamma_ZF; - goto l000003b5_goto_l000003f0, l000003b5_goto_l000003db; + goto l000003b5_goto_l000003db, l000003b5_goto_l000003f0; l000003f0: assume {:captureState "l000003f0"} true; R0, Gamma_R0 := 65536bv64, true; From d5dc2f276d07fb126c9a7780fe59afb147dfbfb5 Mon Sep 17 00:00:00 2001 From: l-kent Date: Thu, 6 Jun 2024 10:20:45 +1000 Subject: [PATCH 6/8] fix merge --- src/main/scala/analysis/ANR.scala | 14 ++--- src/main/scala/analysis/Analysis.scala | 8 +-- .../analysis/InterLiveVarsAnalysis.scala | 8 +-- .../InterprocSteensgaardAnalysis.scala | 36 ++++++------- .../analysis/IntraLiveVarsAnalysis.scala | 8 +-- .../scala/analysis/MemoryRegionAnalysis.scala | 28 +++++----- src/main/scala/analysis/ParamAnalysis.scala | 6 +-- src/main/scala/analysis/RNA.scala | 14 ++--- .../scala/analysis/RegToMemAnalysis.scala | 8 +-- src/main/scala/analysis/SSAForm.scala | 16 +++--- src/main/scala/ir/Program.scala | 2 +- src/main/scala/ir/dsl/DSL.scala | 28 +++++----- src/test/scala/LiveVarsAnalysisTests.scala | 52 +++++++++---------- src/test/scala/PointsToTest.scala | 44 ++++++++-------- src/test/scala/ir/IRTest.scala | 42 +++++++-------- 15 files changed, 157 insertions(+), 157 deletions(-) diff --git a/src/main/scala/analysis/ANR.scala b/src/main/scala/analysis/ANR.scala index 60567adba..33a8ed296 100644 --- a/src/main/scala/analysis/ANR.scala +++ b/src/main/scala/analysis/ANR.scala @@ -19,9 +19,9 @@ trait ANRAnalysis(cfg: ProgramCfg) { val first: Set[CfgNode] = Set(cfg.startNode) - private val stackPointer = Register("R31", BitVecType(64)) - private val linkRegister = Register("R30", BitVecType(64)) - private val framePointer = Register("R29", BitVecType(64)) + private val stackPointer = Register("R31", 64) + private val linkRegister = Register("R30", 64) + private val framePointer = Register("R29", 64) private val ignoreRegions: Set[Expr] = Set(linkRegister, framePointer, stackPointer) @@ -35,12 +35,12 @@ trait ANRAnalysis(cfg: ProgramCfg) { case assert: Assert => m.diff(assert.body.variables) case memoryAssign: MemoryAssign => - m.diff(memoryAssign.lhs.variables ++ memoryAssign.rhs.variables) + m.diff(memoryAssign.index.variables) case indirectCall: IndirectCall => m - indirectCall.target - case localAssign: LocalAssign => - m = m.diff(localAssign.rhs.variables) - if ignoreRegions.contains(localAssign.lhs) then m else m + localAssign.lhs + case assign: Assign => + m = m.diff(assign.rhs.variables) + if ignoreRegions.contains(assign.lhs) then m else m + assign.lhs case _ => m } diff --git a/src/main/scala/analysis/Analysis.scala b/src/main/scala/analysis/Analysis.scala index d42c730ee..e4ab0200b 100644 --- a/src/main/scala/analysis/Analysis.scala +++ b/src/main/scala/analysis/Analysis.scala @@ -162,14 +162,14 @@ trait ConstantPropagationWithSSA(val cfg: ProgramCfg) { case r: CfgCommandNode => r.data match { // assignments - case la: LocalAssign => + case a: Assign => val lhsWrappers = s.collect { - case (k, v) if RegisterVariableWrapper(k.variable) == RegisterWrapperEqualSets(la.lhs) => (k, v) + case (k, v) if RegisterVariableWrapper(k.variable) == RegisterWrapperEqualSets(a.lhs) => (k, v) } if (lhsWrappers.nonEmpty) { - s ++ lhsWrappers.map((k, v) => (k, v.union(eval(la.rhs, s)))) + s ++ lhsWrappers.map((k, v) => (k, v.union(eval(a.rhs, s)))) } else { - s + (RegisterWrapperEqualSets(la.lhs) -> eval(la.rhs, s)) + s + (RegisterWrapperEqualSets(a.lhs) -> eval(a.rhs, s)) } // all others: like no-ops case _ => s diff --git a/src/main/scala/analysis/InterLiveVarsAnalysis.scala b/src/main/scala/analysis/InterLiveVarsAnalysis.scala index a26cb9baa..93a34d076 100644 --- a/src/main/scala/analysis/InterLiveVarsAnalysis.scala +++ b/src/main/scala/analysis/InterLiveVarsAnalysis.scala @@ -1,7 +1,7 @@ package analysis import analysis.solvers.BackwardIDESolver -import ir.{Assert, Assume, GoTo, CFGPosition, Command, DirectCall, IndirectCall, LocalAssign, MemoryAssign, Procedure, Program, Variable, toShortString} +import ir.{Assert, Assume, GoTo, CFGPosition, Command, DirectCall, IndirectCall, Assign, MemoryAssign, Procedure, Program, Variable, toShortString} /** * Micro-transfer-functions for LiveVar analysis @@ -35,7 +35,7 @@ trait LiveVarsAnalysisFunctions extends BackwardIDEAnalysis[Variable, TwoElement def edgesOther(n: CFGPosition)(d: DL): Map[DL, EdgeFunction[TwoElement]] = { n match - case LocalAssign(variable, expr, _) => // (s - variable) ++ expr.variables + case Assign(variable, expr, _) => // (s - variable) ++ expr.variables d match case Left(value) => if value == variable then @@ -47,11 +47,11 @@ trait LiveVarsAnalysisFunctions extends BackwardIDEAnalysis[Variable, TwoElement (mp, expVar) => mp + (Left(expVar) -> ConstEdge(TwoElementTop)) } - case MemoryAssign(_, store, _) => // s ++ store.index.variables ++ store.value.variables + case MemoryAssign(_, index, value, _, _, _) => // s ++ store.index.variables ++ store.value.variables d match case Left(value) => Map(d -> IdEdge()) case Right(_) => - (store.index.variables ++ store.value.variables).foldLeft(Map[DL, EdgeFunction[TwoElement]](d -> IdEdge())) { + (index.variables ++ value.variables).foldLeft(Map[DL, EdgeFunction[TwoElement]](d -> IdEdge())) { (mp, storVar) => mp + (Left(storVar) -> ConstEdge(TwoElementTop)) } diff --git a/src/main/scala/analysis/InterprocSteensgaardAnalysis.scala b/src/main/scala/analysis/InterprocSteensgaardAnalysis.scala index b85d3dce3..e3345d762 100644 --- a/src/main/scala/analysis/InterprocSteensgaardAnalysis.scala +++ b/src/main/scala/analysis/InterprocSteensgaardAnalysis.scala @@ -46,11 +46,11 @@ class InterprocSteensgaardAnalysis( val solver: UnionFindSolver[StTerm] = UnionFindSolver() - private val stackPointer = Register("R31", BitVecType(64)) - private val linkRegister = Register("R30", BitVecType(64)) - private val framePointer = Register("R29", BitVecType(64)) + private val stackPointer = Register("R31", 64) + private val linkRegister = Register("R30", 64) + private val framePointer = Register("R29", 64) private val ignoreRegions: Set[Expr] = Set(linkRegister, framePointer) - private val mallocVariable = Register("R0", BitVecType(64)) + private val mallocVariable = Register("R0", 64) var mallocCount: Int = 0 var stackCount: Int = 0 @@ -239,19 +239,19 @@ class InterprocSteensgaardAnalysis( unify(IdentifierVariable(RegisterVariableWrapper(mallocVariable)), PointerRef(AllocVariable(alloc))) } - case localAssign: LocalAssign => - localAssign.rhs match { + case assign:Assign => + assign.rhs match { case binOp: BinaryExpr => // X1 = &X2: [[X1]] = ↑[[X2]] exprToRegion(binOp, cmd).foreach( - x => unify(IdentifierVariable(RegisterVariableWrapper(localAssign.lhs)), PointerRef(AllocVariable(x))) + x => unify(IdentifierVariable(RegisterVariableWrapper(assign.lhs)), PointerRef(AllocVariable(x))) ) // TODO: should lookout for global base + offset case as well case _ => - unwrapExpr(localAssign.rhs).foreach { + unwrapExpr(assign.rhs).foreach { case memoryLoad: MemoryLoad => // X1 = *X2: [[X2]] = ↑a ^ [[X1]] = a where a is a fresh term variable - val X1 = localAssign.lhs + val X1 = assign.lhs val X2_star = exprToRegion(memoryLoad.index, cmd) val alpha = FreshVariable() X2_star.foreach( @@ -263,17 +263,17 @@ class InterprocSteensgaardAnalysis( Logger.debug("Index: " + memoryLoad.index) Logger.debug("X2_star: " + X2_star) Logger.debug("X1: " + X1) - Logger.debug("LocalAssign: " + localAssign) + Logger.debug("LocalAssign: " + assign) // TODO: This might not be correct for globals // X1 = &X: [[X1]] = ↑[[X2]] (but for globals) val $X2 = exprToRegion(memoryLoad.index, cmd) $X2.foreach( - x => unify(IdentifierVariable(RegisterVariableWrapper(localAssign.lhs)), PointerRef(AllocVariable(x))) + x => unify(IdentifierVariable(RegisterVariableWrapper(assign.lhs)), PointerRef(AllocVariable(x))) ) case variable: Variable => // X1 = X2: [[X1]] = [[X2]] - val X1 = localAssign.lhs + val X1 = assign.lhs val X2 = variable unify(IdentifierVariable(RegisterVariableWrapper(X1)), IdentifierVariable(RegisterVariableWrapper(X2))) case _ => // do nothing @@ -281,17 +281,17 @@ class InterprocSteensgaardAnalysis( } case memoryAssign: MemoryAssign => // *X1 = X2: [[X1]] = ↑a ^ [[X2]] = a where a is a fresh term variable - val X1_star = exprToRegion(memoryAssign.rhs.index, cmd) - val X2 = evaluateExpressionWithSSA(memoryAssign.rhs.value, constantProp(n)) + val X1_star = exprToRegion(memoryAssign.index, cmd) + val X2 = evaluateExpressionWithSSA(memoryAssign.value, constantProp(n)) var possibleRegions = Set[MemoryRegion]() if (X2.isEmpty) { - Logger.debug("Maybe a region: " + exprToRegion(memoryAssign.rhs.value, cmd)) - possibleRegions = exprToRegion(memoryAssign.rhs.value, cmd) + Logger.debug("Maybe a region: " + exprToRegion(memoryAssign.value, cmd)) + possibleRegions = exprToRegion(memoryAssign.value, cmd) } Logger.debug("X2 is: " + X2) - Logger.debug("Evaluated: " + memoryAssign.rhs.value) + Logger.debug("Evaluated: " + memoryAssign.value) Logger.debug("Region " + X1_star) - Logger.debug("Index " + memoryAssign.rhs.index) + Logger.debug("Index " + memoryAssign.index) val alpha = FreshVariable() X1_star.foreach(x => unify(ExpressionVariable(x), PointerRef(alpha)) diff --git a/src/main/scala/analysis/IntraLiveVarsAnalysis.scala b/src/main/scala/analysis/IntraLiveVarsAnalysis.scala index 12f6663a8..1624dcdfb 100644 --- a/src/main/scala/analysis/IntraLiveVarsAnalysis.scala +++ b/src/main/scala/analysis/IntraLiveVarsAnalysis.scala @@ -1,18 +1,18 @@ package analysis import analysis.solvers.SimpleWorklistFixpointSolver -import ir.{Assert, Assume, Block, CFGPosition, Call, DirectCall, GoTo, IndirectCall, Jump, LocalAssign, MemoryAssign, NOP, Procedure, Program, Statement, Variable} +import ir.{Assert, Assume, Block, CFGPosition, Call, DirectCall, GoTo, IndirectCall, Jump, Assign, MemoryAssign, NOP, Procedure, Program, Statement, Variable} abstract class LivenessAnalysis(program: Program) extends Analysis[Any]: - val lattice: MapLattice[CFGPosition, Set[Variable], PowersetLattice[Variable]] = new MapLattice(new PowersetLattice()) + val lattice: MapLattice[CFGPosition, Set[Variable], PowersetLattice[Variable]] = MapLattice(PowersetLattice()) val domain: Set[CFGPosition] = Set.empty ++ program def transfer(n: CFGPosition, s: Set[Variable]): Set[Variable] = { n match { case p: Procedure => s case b: Block => s - case LocalAssign(variable, expr, _) => (s - variable) ++ expr.variables - case MemoryAssign(_, store, _) => s ++ store.index.variables ++ store.value.variables + case Assign(variable, expr, _) => (s - variable) ++ expr.variables + case MemoryAssign(_, index, value, _, _, _) => s ++ index.variables ++ value.variables case Assume(expr, _, _, _) => s ++ expr.variables case Assert(expr, _, _) => s ++ expr.variables case IndirectCall(variable, _, _) => s + variable diff --git a/src/main/scala/analysis/MemoryRegionAnalysis.scala b/src/main/scala/analysis/MemoryRegionAnalysis.scala index 363827758..4db13d0d8 100644 --- a/src/main/scala/analysis/MemoryRegionAnalysis.scala +++ b/src/main/scala/analysis/MemoryRegionAnalysis.scala @@ -53,14 +53,14 @@ trait MemoryRegionAnalysis(val cfg: ProgramCfg, Logger.debug("Stack detection") Logger.debug(spList) stmt match { - case localAssign: LocalAssign => - if (spList.contains(localAssign.rhs)) { + case assign: Assign => + if (spList.contains(assign.rhs)) { // add lhs to spList - spList.addOne(localAssign.lhs) + spList.addOne(assign.lhs) } else { // remove lhs from spList - if spList.contains(localAssign.lhs) && localAssign.lhs != stackPointer then // TODO: This is a hack: it should check for stack ptr using the wrapper - spList.remove(spList.indexOf(localAssign.lhs)) + if spList.contains(assign.lhs) && assign.lhs != stackPointer then // TODO: This is a hack: it should check for stack ptr using the wrapper + spList.remove(spList.indexOf(assign.lhs)) } // TODO: should handle the store case (last case) case _ => @@ -80,10 +80,10 @@ trait MemoryRegionAnalysis(val cfg: ProgramCfg, val first: Set[CfgNode] = cfg.funEntries.toSet - private val stackPointer = Register("R31", BitVecType(64)) - private val linkRegister = Register("R30", BitVecType(64)) - private val framePointer = Register("R29", BitVecType(64)) - private val mallocVariable = Register("R0", BitVecType(64)) + private val stackPointer = Register("R31", 64) + private val linkRegister = Register("R30", 64) + private val framePointer = Register("R29", 64) + private val mallocVariable = Register("R0", 64) private val spList = ListBuffer[Expr](stackPointer) private val ignoreRegions: Set[Expr] = Set(linkRegister, framePointer) // TODO: this could be used instead of regionAccesses in other analyses to reduce the Expr to region conversion @@ -202,16 +202,16 @@ trait MemoryRegionAnalysis(val cfg: ProgramCfg, s } case memAssign: MemoryAssign => - if (ignoreRegions.contains(memAssign.rhs.value)) { + if (ignoreRegions.contains(memAssign.value)) { s } else { - val result = eval(memAssign.rhs.index, s, cmd) + val result = eval(memAssign.index, s, cmd) regionLattice.lub(s, result) } - case localAssign: LocalAssign => - stackDetection(localAssign) + case assign: Assign => + stackDetection(assign) var m = s - unwrapExpr(localAssign.rhs).foreach { + unwrapExpr(assign.rhs).foreach { case memoryLoad: MemoryLoad => val result = eval(memoryLoad.index, s, cmd) m = regionLattice.lub(m, result) diff --git a/src/main/scala/analysis/ParamAnalysis.scala b/src/main/scala/analysis/ParamAnalysis.scala index 3e116c0b2..7a05a3b14 100644 --- a/src/main/scala/analysis/ParamAnalysis.scala +++ b/src/main/scala/analysis/ParamAnalysis.scala @@ -22,9 +22,9 @@ class ParamAnalysis(val program: Program) extends Analysis[Any] { case _ => s } - private val stackPointer = Register("R31", BitVecType(64)) - private val linkRegister = Register("R30", BitVecType(64)) - private val framePointer = Register("R29", BitVecType(64)) + private val stackPointer = Register("R31", 64) + private val linkRegister = Register("R30", 64) + private val framePointer = Register("R29", 64) private val ignoreRegisters: Set[Variable] = Set(linkRegister, framePointer, stackPointer) diff --git a/src/main/scala/analysis/RNA.scala b/src/main/scala/analysis/RNA.scala index 58d544aec..d4316c220 100644 --- a/src/main/scala/analysis/RNA.scala +++ b/src/main/scala/analysis/RNA.scala @@ -20,9 +20,9 @@ trait RNAAnalysis(cfg: ProgramCfg) { val first: Set[CfgNode] = Set(cfg.startNode) - private val stackPointer = Register("R31", BitVecType(64)) - private val linkRegister = Register("R30", BitVecType(64)) - private val framePointer = Register("R29", BitVecType(64)) + private val stackPointer = Register("R31", 64) + private val linkRegister = Register("R30", 64) + private val framePointer = Register("R29", 64) private val ignoreRegions: Set[Expr] = Set(linkRegister, framePointer, stackPointer) @@ -36,13 +36,13 @@ trait RNAAnalysis(cfg: ProgramCfg) { case assert: Assert => m.union(assert.body.variables.filter(!ignoreRegions.contains(_))) case memoryAssign: MemoryAssign => - m.union((memoryAssign.lhs.variables ++ memoryAssign.rhs.variables).filter(!ignoreRegions.contains(_))) + m.union(memoryAssign.index.variables.filter(!ignoreRegions.contains(_))) case indirectCall: IndirectCall => if (ignoreRegions.contains(indirectCall.target)) return m m + indirectCall.target - case localAssign: LocalAssign => - m = m - localAssign.lhs - m.union(localAssign.rhs.variables.filter(!ignoreRegions.contains(_))) + case assign: Assign => + m = m - assign.lhs + m.union(assign.rhs.variables.filter(!ignoreRegions.contains(_))) case _ => m } diff --git a/src/main/scala/analysis/RegToMemAnalysis.scala b/src/main/scala/analysis/RegToMemAnalysis.scala index 3d5d5664d..fa0a9d686 100644 --- a/src/main/scala/analysis/RegToMemAnalysis.scala +++ b/src/main/scala/analysis/RegToMemAnalysis.scala @@ -28,13 +28,13 @@ trait RegionAccessesAnalysis(cfg: ProgramCfg, constantProp: Map[CfgNode, Map[Var */ def eval(cmd: Command, constants: Map[Variable, FlatElement[BitVecLiteral]], s: Map[RegisterVariableWrapper, FlatElement[Expr]]): Map[RegisterVariableWrapper, FlatElement[Expr]] = { cmd match { - case localAssign: LocalAssign => - localAssign.rhs match { + case assign: Assign => + assign.rhs match { case memoryLoad: MemoryLoad => - s + (RegisterVariableWrapper(localAssign.lhs) -> FlatEl(memoryLoad)) + s + (RegisterVariableWrapper(assign.lhs) -> FlatEl(memoryLoad)) case binaryExpr: BinaryExpr => if (evaluateExpression(binaryExpr.arg1, constants).isEmpty) { // approximates Base + Offset - s + (RegisterVariableWrapper(localAssign.lhs) -> FlatEl(binaryExpr)) + s + (RegisterVariableWrapper(assign.lhs) -> FlatEl(binaryExpr)) } else { s } diff --git a/src/main/scala/analysis/SSAForm.scala b/src/main/scala/analysis/SSAForm.scala index be5e4fd03..553c15921 100644 --- a/src/main/scala/analysis/SSAForm.scala +++ b/src/main/scala/analysis/SSAForm.scala @@ -52,18 +52,18 @@ class SSAForm(program: Program) { for (stmt <- currentBlock.statements) { Logger.debug(stmt) stmt match { - case localAssign: LocalAssign => - transformVariables(localAssign.rhs.variables, currentBlock, proc) - val maxVal = varMaxTracker.getOrElseUpdate(localAssign.lhs.name, 0) - blockBasedMappings((currentBlock, localAssign.lhs.name)) = mutable.Set(maxVal) + case assign: Assign => + transformVariables(assign.rhs.variables, currentBlock, proc) + val maxVal = varMaxTracker.getOrElseUpdate(assign.lhs.name, 0) + blockBasedMappings((currentBlock, assign.lhs.name)) = mutable.Set(maxVal) - localAssign.lhs.ssa_id.clear() - localAssign.lhs.ssa_id.addAll(blockBasedMappings((currentBlock, localAssign.lhs.name))) + assign.lhs.ssa_id.clear() + assign.lhs.ssa_id.addAll(blockBasedMappings((currentBlock, assign.lhs.name))) - varMaxTracker(localAssign.lhs.name) = blockBasedMappings((currentBlock, localAssign.lhs.name)).max + 1 + varMaxTracker(assign.lhs.name) = blockBasedMappings((currentBlock, assign.lhs.name)).max + 1 case memoryAssign: MemoryAssign => - transformVariables(memoryAssign.rhs.variables, currentBlock, proc) + transformVariables(memoryAssign.index.variables, currentBlock, proc) case assume: Assume => transformVariables(assume.body.variables, currentBlock, proc) diff --git a/src/main/scala/ir/Program.scala b/src/main/scala/ir/Program.scala index 5c88ea197..7e6b15954 100644 --- a/src/main/scala/ir/Program.scala +++ b/src/main/scala/ir/Program.scala @@ -471,7 +471,7 @@ class Block private ( object Block { def procedureReturn(from: Procedure): Block = { - Block(from.name + "_basil_return", None, List(), IndirectCall(Register("R30", BitVecType(64)))) + Block(from.name + "_basil_return", None, List(), IndirectCall(Register("R30", 64))) } } diff --git a/src/main/scala/ir/dsl/DSL.scala b/src/main/scala/ir/dsl/DSL.scala index 161f0d19e..b1cd9d717 100644 --- a/src/main/scala/ir/dsl/DSL.scala +++ b/src/main/scala/ir/dsl/DSL.scala @@ -3,18 +3,18 @@ import ir.* import scala.collection.mutable import scala.collection.immutable.* -val R0: Register = Register("R0", BitVecType(64)) -val R1: Register = Register("R1", BitVecType(64)) -val R2: Register = Register("R2", BitVecType(64)) -val R3: Register = Register("R3", BitVecType(64)) -val R4: Register = Register("R4", BitVecType(64)) -val R5: Register = Register("R5", BitVecType(64)) -val R6: Register = Register("R6", BitVecType(64)) -val R7: Register = Register("R7", BitVecType(64)) -val R29: Register = Register("R29", BitVecType(64)) -val R30: Register = Register("R30", BitVecType(64)) -val R31: Register = Register("R31", BitVecType(64)) -val ret: EventuallyIndirectCall = EventuallyIndirectCall(Register("R30", BitVecType(64)), None) +val R0: Register = Register("R0", 64) +val R1: Register = Register("R1", 64) +val R2: Register = Register("R2", 64) +val R3: Register = Register("R3", 64) +val R4: Register = Register("R4", 64) +val R5: Register = Register("R5", 64) +val R6: Register = Register("R6", 64) +val R7: Register = Register("R7", 64) +val R29: Register = Register("R29", 64) +val R30: Register = Register("R30", 64) +val R31: Register = Register("R31", 64) +val ret: EventuallyIndirectCall = EventuallyIndirectCall(Register("R30", 64), None) def bv32(i: Int): BitVecLiteral = BitVecLiteral(i, 32) @@ -115,9 +115,9 @@ def proc(label: String, blocks: EventuallyBlock*): EventuallyProcedure = { } -def mem: Memory = Memory("mem", 64, 8) +def mem: SharedMemory = SharedMemory("mem", 64, 8) -def stack: Memory = Memory("stack", 64, 8) +def stack: SharedMemory = SharedMemory("stack", 64, 8) def prog(procedures: EventuallyProcedure*): Program = { diff --git a/src/test/scala/LiveVarsAnalysisTests.scala b/src/test/scala/LiveVarsAnalysisTests.scala index e47c63679..8e487c47f 100644 --- a/src/test/scala/LiveVarsAnalysisTests.scala +++ b/src/test/scala/LiveVarsAnalysisTests.scala @@ -1,6 +1,6 @@ import analysis.{InterLiveVarsAnalysis, TwoElementTop} import ir.dsl.* -import ir.{BitVecLiteral, BitVecType, ConvertToSingleProcedureReturn, dsl, LocalAssign, LocalVar, Program, Register, Statement, Variable} +import ir.{BitVecLiteral, BitVecType, ConvertToSingleProcedureReturn, dsl, Assign, LocalVar, Program, Register, Statement, Variable} import org.scalatest.funsuite.AnyFunSuite import test_util.TestUtil import util.BASILResult @@ -21,10 +21,10 @@ class LiveVarsAnalysisTests extends AnyFunSuite, TestUtil { def differentCalleesBothLive(): Unit = { val constant1 = bv64(1) - val r0ConstantAssign = LocalAssign(R0, constant1, Some("00001")) - val r1ConstantAssign = LocalAssign(R1, constant1, Some("00002")) - val r2r0Assign = LocalAssign(R2, R0, Some("00003")) - val r2r1Assign = LocalAssign(R2, R1, Some("00004")) + val r0ConstantAssign = Assign(R0, constant1, Some("00001")) + val r1ConstantAssign = Assign(R1, constant1, Some("00002")) + val r2r0Assign = Assign(R2, R0, Some("00003")) + val r2r1Assign = Assign(R2, R1, Some("00004")) var program: Program = prog( proc("main", @@ -58,11 +58,11 @@ class LiveVarsAnalysisTests extends AnyFunSuite, TestUtil { def differentCalleesOneAlive(): Unit = { val constant1 = bv64(1) - val r0ConstantAssign = LocalAssign(R0, constant1, Some("00001")) - val r1ConstantAssign = LocalAssign(R1, constant1, Some("00002")) - val r2r0Assign = LocalAssign(R2, R0, Some("00003")) - val r2r1Assign = LocalAssign(R2, R1, Some("00004")) - val r1Reassign = LocalAssign(R1, BitVecLiteral(2, 64), Some("00005")) + val r0ConstantAssign = Assign(R0, constant1, Some("00001")) + val r1ConstantAssign = Assign(R1, constant1, Some("00002")) + val r2r0Assign = Assign(R2, R0, Some("00003")) + val r2r1Assign = Assign(R2, R1, Some("00004")) + val r1Reassign = Assign(R1, BitVecLiteral(2, 64), Some("00005")) var program: Program = prog( proc("main", @@ -96,10 +96,10 @@ class LiveVarsAnalysisTests extends AnyFunSuite, TestUtil { def twoCallers(): Unit = { val constant1 = bv64(1) - val r0ConstantAssign = LocalAssign(R0, constant1, Some("00001")) - val r0Reassign = LocalAssign(R0, BitVecLiteral(2, 64), Some("00004")) - val r1Assign = LocalAssign(R0, R1, Some("00002")) - val r2Assign = LocalAssign(R0, R2, Some("00003")) + val r0ConstantAssign = Assign(R0, constant1, Some("00001")) + val r0Reassign = Assign(R0, BitVecLiteral(2, 64), Some("00004")) + val r1Assign = Assign(R0, R1, Some("00002")) + val r2Assign = Assign(R0, R2, Some("00003")) var program = prog( proc("main", @@ -116,7 +116,7 @@ class LiveVarsAnalysisTests extends AnyFunSuite, TestUtil { createSimpleProc("callee3", Seq(r2Assign)), proc("wrapper1", block("wrapper1_first_call", - LocalAssign(R1, constant1), + Assign(R1, constant1), call("callee", Some("wrapper1_second_call")) ), block("wrapper1_second_call", @@ -125,7 +125,7 @@ class LiveVarsAnalysisTests extends AnyFunSuite, TestUtil { ), proc("wrapper2", block("wrapper2_first_call", - LocalAssign(R2, constant1), + Assign(R2, constant1), call("callee", Some("wrapper2_second_call")) ), block("wrapper2_second_call", @@ -151,11 +151,11 @@ class LiveVarsAnalysisTests extends AnyFunSuite, TestUtil { call("killer", Some("aftercall")) ), block("aftercall", - LocalAssign(R0, R1), + Assign(R0, R1), ret ) ), - createSimpleProc("killer", Seq(LocalAssign(R1, bv64(1)))) + createSimpleProc("killer", Seq(Assign(R1, bv64(1)))) ) val returnUnifier = ConvertToSingleProcedureReturn() @@ -169,8 +169,8 @@ class LiveVarsAnalysisTests extends AnyFunSuite, TestUtil { } def simpleBranch(): Unit = { - val r1Assign = LocalAssign(R0, R1, Some("00001")) - val r2Assign = LocalAssign(R0, R2, Some("00002")) + val r1Assign = Assign(R0, R1, Some("00001")) + val r2Assign = Assign(R0, R2, Some("00002")) var program : Program = prog( proc( @@ -211,11 +211,11 @@ class LiveVarsAnalysisTests extends AnyFunSuite, TestUtil { proc("main", block( "lmain", - LocalAssign(R0, R1), + Assign(R0, R1), call("main", Some("return")) ), block("return", - LocalAssign(R0, R2), + Assign(R0, R2), ret ) ) @@ -235,7 +235,7 @@ class LiveVarsAnalysisTests extends AnyFunSuite, TestUtil { var program: Program = prog( proc("main", block("lmain", - LocalAssign(R0, R1), + Assign(R0, R1), goto("recursion", "non-recursion") ), block( @@ -243,7 +243,7 @@ class LiveVarsAnalysisTests extends AnyFunSuite, TestUtil { call("main", Some("assign")) ), block("assign", - LocalAssign(R0, R2), + Assign(R0, R2), goto("return") ), block( @@ -350,9 +350,9 @@ class LiveVarsAnalysisTests extends AnyFunSuite, TestUtil { // block after branch assert(analysisResults(blocks("l00000342")) == Map(R30 -> TwoElementTop, R31 -> TwoElementTop)) // branch blocks - assert(analysisResults(blocks("lmain_goto_l00000330")) == Map(LocalVar("ZF", BitVecType(1)) -> TwoElementTop, + assert(analysisResults(blocks("lmain_goto_l00000330")) == Map(Register("ZF", 1) -> TwoElementTop, R30 -> TwoElementTop, R31 -> TwoElementTop)) - assert(analysisResults(blocks("lmain_goto_l00000369")) == Map(LocalVar("ZF", BitVecType(1)) -> TwoElementTop, + assert(analysisResults(blocks("lmain_goto_l00000369")) == Map(Register("ZF", 1) -> TwoElementTop, R30 -> TwoElementTop, R31 -> TwoElementTop)) } } diff --git a/src/test/scala/PointsToTest.scala b/src/test/scala/PointsToTest.scala index afcb2d6bb..5f09294df 100644 --- a/src/test/scala/PointsToTest.scala +++ b/src/test/scala/PointsToTest.scala @@ -47,7 +47,7 @@ class PointsToTest extends AnyFunSuite with OneInstancePerTest with BeforeAndAft } def getRegister(name: String): Register = { - Register(name, BitVecType(64)) + Register(name, 64) } /** @@ -57,11 +57,11 @@ class PointsToTest extends AnyFunSuite with OneInstancePerTest with BeforeAndAft var program: Program = prog( proc("main", block("0x0", - LocalAssign(getRegister("R6"), getRegister("R31")), + Assign(getRegister("R6"), getRegister("R31")), goto("0x1") ), block("0x1", - MemoryAssign(mem, MemoryStore(mem, BinaryExpr(BVADD, getRegister("R6"), bv64(4)), bv64(10), LittleEndian, 64)), + MemoryAssign(mem, BinaryExpr(BVADD, getRegister("R6"), bv64(4)), bv64(10), LittleEndian, 64), goto("returntarget") ), block("returntarget", @@ -87,8 +87,8 @@ class PointsToTest extends AnyFunSuite with OneInstancePerTest with BeforeAndAft var program: Program = prog( proc("main", block("0x0", - LocalAssign(getRegister("R1"), MemoryLoad(mem, BinaryExpr(BVADD, getRegister("R31"), bv64(6)), LittleEndian, 64)), - LocalAssign(getRegister("R3"), MemoryLoad(mem, BinaryExpr(BVADD, getRegister("R31"), bv64(4)), LittleEndian, 64)), + Assign(getRegister("R1"), MemoryLoad(mem, BinaryExpr(BVADD, getRegister("R31"), bv64(6)), LittleEndian, 64)), + Assign(getRegister("R3"), MemoryLoad(mem, BinaryExpr(BVADD, getRegister("R31"), bv64(4)), LittleEndian, 64)), goto("0x1") ), block("0x1", @@ -125,14 +125,14 @@ class PointsToTest extends AnyFunSuite with OneInstancePerTest with BeforeAndAft // val program: Program = prog( // proc("main", // block("0x0", -// LocalAssign(getRegister("R1"), MemoryLoad(mem, BinaryExpr(BVADD, getRegister("R31"), bv64(6)), LittleEndian, 64)), -// LocalAssign(getRegister("R3"), BinaryExpr(BVADD, getRegister("R31"), bv64(10))), -// LocalAssign(getRegister("R4"), BinaryExpr(BVADD, getRegister("R31"), bv64(20))), +// Assign(getRegister("R1"), MemoryLoad(mem, BinaryExpr(BVADD, getRegister("R31"), bv64(6)), LittleEndian, 64)), +// Assign(getRegister("R3"), BinaryExpr(BVADD, getRegister("R31"), bv64(10))), +// Assign(getRegister("R4"), BinaryExpr(BVADD, getRegister("R31"), bv64(20))), // goto("0x1") // ), // block("0x1", // MemoryAssign(mem, MemoryStore(mem, BinaryExpr(BVADD, getRegister("R31"), bv64(4)), bv64(4), LittleEndian, 64)), -// LocalAssign(getRegister("R6"), MemoryLoad(mem, getRegister("R3"), LittleEndian, 64)), +// Assign(getRegister("R6"), MemoryLoad(mem, getRegister("R3"), LittleEndian, 64)), // MemoryAssign(mem, MemoryStore(mem, getRegister("R4"), bv64(3), LittleEndian, 64)), // goto("returntarget") // ), @@ -163,8 +163,8 @@ class PointsToTest extends AnyFunSuite with OneInstancePerTest with BeforeAndAft var program: Program = prog( proc("main", block("0x0", - LocalAssign(getRegister("R0"), MemoryLoad(mem, BinaryExpr(BVADD, getRegister("R31"), bv64(6)), LittleEndian, 64)), - LocalAssign(getRegister("R1"), BinaryExpr(BVADD, getRegister("R31"), bv64(10))), + Assign(getRegister("R0"), MemoryLoad(mem, BinaryExpr(BVADD, getRegister("R31"), bv64(6)), LittleEndian, 64)), + Assign(getRegister("R1"), BinaryExpr(BVADD, getRegister("R31"), bv64(10))), goto("0x1") ), block("0x1", @@ -176,8 +176,8 @@ class PointsToTest extends AnyFunSuite with OneInstancePerTest with BeforeAndAft ), proc("p2", block("l_p2", - LocalAssign(getRegister("R3"), getRegister("R0")), - LocalAssign(getRegister("R2"), MemoryLoad(mem, getRegister("R1"), LittleEndian, 64)), + Assign(getRegister("R3"), getRegister("R0")), + Assign(getRegister("R2"), MemoryLoad(mem, getRegister("R1"), LittleEndian, 64)), goto("l_p2_1"), ), block("l_p2_1", @@ -212,8 +212,8 @@ class PointsToTest extends AnyFunSuite with OneInstancePerTest with BeforeAndAft var program: Program = prog( proc("main", block("0x0", - LocalAssign(getRegister("R0"), MemoryLoad(mem, BinaryExpr(BVADD, getRegister("R31"), bv64(6)), LittleEndian, 64)), - LocalAssign(getRegister("R1"), BinaryExpr(BVADD, getRegister("R31"), bv64(10))), + Assign(getRegister("R0"), MemoryLoad(mem, BinaryExpr(BVADD, getRegister("R31"), bv64(6)), LittleEndian, 64)), + Assign(getRegister("R1"), BinaryExpr(BVADD, getRegister("R31"), bv64(10))), goto("0x1") ), block("0x1", @@ -225,8 +225,8 @@ class PointsToTest extends AnyFunSuite with OneInstancePerTest with BeforeAndAft ), proc("foo", block("l_foo", - LocalAssign(getRegister("R0"), MemoryLoad(mem, BinaryExpr(BVADD, getRegister("R31"), bv64(6)), LittleEndian, 64)), - LocalAssign(getRegister("R1"), BinaryExpr(BVADD, getRegister("R31"), bv64(10))), + Assign(getRegister("R0"), MemoryLoad(mem, BinaryExpr(BVADD, getRegister("R31"), bv64(6)), LittleEndian, 64)), + Assign(getRegister("R1"), BinaryExpr(BVADD, getRegister("R31"), bv64(10))), call("p2", Some("l_foo_1")) ), block("l_foo_1", @@ -235,8 +235,8 @@ class PointsToTest extends AnyFunSuite with OneInstancePerTest with BeforeAndAft ), proc("p2", block("l_p2", - LocalAssign(getRegister("R3"), getRegister("R0")), - LocalAssign(getRegister("R2"), MemoryLoad(mem, getRegister("R1"), LittleEndian, 64)), + Assign(getRegister("R3"), getRegister("R0")), + Assign(getRegister("R2"), MemoryLoad(mem, getRegister("R1"), LittleEndian, 64)), goto("l_p2_1"), ), block("l_p2_1", @@ -282,8 +282,8 @@ class PointsToTest extends AnyFunSuite with OneInstancePerTest with BeforeAndAft // val program: Program = prog( // proc("main", // block("0x0", -// LocalAssign(getRegister("R0"), bv64(400)), -// LocalAssign(getRegister("R1"), MemoryLoad(mem, BinaryExpr(BVADD, getRegister("R0"), bv64(46)), LittleEndian, 64)), +// Assign(getRegister("R0"), bv64(400)), +// Assign(getRegister("R1"), MemoryLoad(mem, BinaryExpr(BVADD, getRegister("R0"), bv64(46)), LittleEndian, 64)), // call(getRegister("R1"), Some("returntarget")) // ), // block("returntarget", @@ -292,7 +292,7 @@ class PointsToTest extends AnyFunSuite with OneInstancePerTest with BeforeAndAft // ), // proc("foo", // block("l_foo", -// LocalAssign(getRegister("R3"), bv64(1)), +// Assign(getRegister("R3"), bv64(1)), // goto("l_foo_1"), // ), // block("l_foo_1", diff --git a/src/test/scala/ir/IRTest.scala b/src/test/scala/ir/IRTest.scala index dd1e21081..0f77bb74f 100644 --- a/src/test/scala/ir/IRTest.scala +++ b/src/test/scala/ir/IRTest.scala @@ -136,12 +136,12 @@ class IRTest extends AnyFunSuite { val p = prog( proc("main", block("l_main", - LocalAssign(R0, bv64(10)), - LocalAssign(R1, bv64(10)), + Assign(R0, bv64(10)), + Assign(R1, bv64(10)), goto("newblock") ), block("l_main_1", - LocalAssign(R0, bv64(22)), + Assign(R0, bv64(22)), call("p2", Some("returntarget")) ), block("returntarget", @@ -149,7 +149,7 @@ class IRTest extends AnyFunSuite { ) ), proc("p2", - block("l_p2", LocalAssign(R0, bv64(10)), goto("l_p2_1")), + block("l_p2", Assign(R0, bv64(10)), goto("l_p2_1")), block("l_p2_1", ret) ) ) @@ -200,15 +200,15 @@ class IRTest extends AnyFunSuite { ) val b2 = block("newblock2", - LocalAssign(R0, bv64(22)), - LocalAssign(R0, bv64(22)), - LocalAssign(R0, bv64(22)), + Assign(R0, bv64(22)), + Assign(R0, bv64(22)), + Assign(R0, bv64(22)), goto("lmain2") ).resolve(p) val b1 = block("newblock1", - LocalAssign(R0, bv64(22)), - LocalAssign(R0, bv64(22)), - LocalAssign(R0, bv64(22)), + Assign(R0, bv64(22)), + Assign(R0, bv64(22)), + Assign(R0, bv64(22)), goto("lmain2") ).resolve(p) @@ -243,15 +243,15 @@ class IRTest extends AnyFunSuite { val b1= block("newblock2", - LocalAssign(R0, bv64(22)), - LocalAssign(R0, bv64(22)), - LocalAssign(R0, bv64(22)), + Assign(R0, bv64(22)), + Assign(R0, bv64(22)), + Assign(R0, bv64(22)), call("main", None) ).resolve(p) val b2 = block("newblock1", - LocalAssign(R0, bv64(22)), - LocalAssign(R0, bv64(22)), - LocalAssign(R0, bv64(22)), + Assign(R0, bv64(22)), + Assign(R0, bv64(22)), + Assign(R0, bv64(22)), ret ).resolve(p) @@ -270,7 +270,7 @@ class IRTest extends AnyFunSuite { assert(called.incomingCalls().isEmpty) val b3 = block("newblock3", - LocalAssign(R0, bv64(22)), + Assign(R0, bv64(22)), call("called", None) ).resolve(p) @@ -301,8 +301,8 @@ class IRTest extends AnyFunSuite { val p = prog( proc("main", block("l_main", - LocalAssign(R0, bv64(10)), - LocalAssign(R1, bv64(10)), + Assign(R0, bv64(10)), + Assign(R1, bv64(10)), goto("returntarget") ), block("returntarget", @@ -326,13 +326,13 @@ class IRTest extends AnyFunSuite { val p = prog( proc("p1", block("b1", - LocalAssign(R0, bv64(10)), + Assign(R0, bv64(10)), ret ) ), proc("main", block("l_main", - LocalAssign(R0, bv64(10)), + Assign(R0, bv64(10)), call("p1", Some("returntarget")) ), block("returntarget", From 523b0d446cbf7283f64222b51d36e32c4bf97076 Mon Sep 17 00:00:00 2001 From: l-kent Date: Thu, 6 Jun 2024 10:29:43 +1000 Subject: [PATCH 7/8] fix merge --- src/test/scala/ir/IRTest.scala | 2 -- 1 file changed, 2 deletions(-) diff --git a/src/test/scala/ir/IRTest.scala b/src/test/scala/ir/IRTest.scala index 9303b5b83..7c06315d3 100644 --- a/src/test/scala/ir/IRTest.scala +++ b/src/test/scala/ir/IRTest.scala @@ -369,13 +369,11 @@ class IRTest extends AnyFunSuite { val p = prog( proc("p1", block("b1", - LocalAssign(R0, bv64(10)), ret ) ), proc("main", block("l_main", - LocalAssign(R0, bv64(10)), indirectCall(R1, Some("returntarget")) ), block("block2", From d8e528b4ab0976f21f23c0164636bc5de4239797 Mon Sep 17 00:00:00 2001 From: l-kent Date: Thu, 6 Jun 2024 10:44:12 +1000 Subject: [PATCH 8/8] update expected --- .../clang/basic_function_call_reader.expected | 20 +- .../basic_function_call_reader.expected | 18 +- .../basic_function_call_reader.expected | 20 +- .../basic_function_call_reader.expected | 20 +- .../gcc/basic_function_call_reader.expected | 20 +- .../basic_function_call_reader.expected | 2 +- .../basic_function_call_reader.expected | 18 +- .../basic_function_call_reader.expected | 20 +- .../clang/basic_lock_read.expected | 18 +- .../clang_O2/basic_lock_read.expected | 2 +- .../basic_lock_read.expected | 22 +- .../clang_pic/basic_lock_read.expected | 22 +- .../gcc/basic_lock_read.expected | 18 +- .../gcc_O2/basic_lock_read.expected | 2 +- .../basic_lock_read.expected | 18 +- .../gcc_pic/basic_lock_read.expected | 18 +- .../clang/basic_lock_security_read.expected | 20 +- .../basic_lock_security_read.expected | 18 +- .../basic_lock_security_read.expected | 22 +- .../basic_lock_security_read.expected | 22 +- .../gcc/basic_lock_security_read.expected | 20 +- .../basic_lock_security_read.expected | 18 +- .../gcc_pic/basic_lock_security_read.expected | 20 +- .../clang/basic_operation_evaluation.expected | 20 +- .../basic_operation_evaluation.expected | 18 +- .../basic_operation_evaluation.expected | 18 +- .../gcc/basic_operation_evaluation.expected | 2 +- .../basic_operation_evaluation.expected | 2 +- .../clang/basic_sec_policy_read.expected | 20 +- .../clang_O2/basic_sec_policy_read.expected | 20 +- .../basic_sec_policy_read.expected | 20 +- .../clang_pic/basic_sec_policy_read.expected | 18 +- .../gcc/basic_sec_policy_read.expected | 20 +- .../basic_sec_policy_read.expected | 18 +- .../gcc_pic/basic_sec_policy_read.expected | 18 +- src/test/correct/cjump/clang/cjump.expected | 18 +- .../cjump/clang_no_plt_no_pic/cjump.expected | 18 +- .../correct/cjump/clang_pic/cjump.expected | 22 +- src/test/correct/cjump/gcc/cjump.expected | 18 +- .../cjump/gcc_no_plt_no_pic/cjump.expected | 20 +- src/test/correct/cjump/gcc_pic/cjump.expected | 20 +- .../ifbranches/clang/ifbranches.expected | 18 +- .../ifbranches/clang_O2/ifbranches.expected | 20 +- .../clang_no_plt_no_pic/ifbranches.expected | 20 +- .../ifbranches/clang_pic/ifbranches.expected | 20 +- .../ifbranches/gcc/ifbranches.expected | 18 +- .../ifbranches/gcc_O2/ifbranches.expected | 20 +- .../gcc_no_plt_no_pic/ifbranches.expected | 20 +- .../ifbranches/gcc_pic/ifbranches.expected | 20 +- .../correct/ifglobal/clang/ifglobal.expected | 22 +- .../ifglobal/clang_O2/ifglobal.expected | 2 +- .../clang_no_plt_no_pic/ifglobal.expected | 20 +- .../ifglobal/clang_pic/ifglobal.expected | 18 +- .../correct/ifglobal/gcc/ifglobal.expected | 18 +- .../gcc_no_plt_no_pic/ifglobal.expected | 20 +- .../ifglobal/gcc_pic/ifglobal.expected | 18 +- .../clang/initialisation.expected | 18 +- .../initialisation.expected | 18 +- .../clang_pic/initialisation.expected | 18 +- .../jumptable3/gcc/jumptable3.expected | 38 +-- .../jumptable3/gcc_O2/jumptable3.expected | 28 +- .../gcc_no_plt_no_pic/jumptable3.expected | 38 +-- .../jumptable3/gcc_pic/jumptable3.expected | 40 +-- .../malloc_memcpy_strlen_memset_free.expected | 293 ++++++++-------- .../correct/nestedif/clang/nestedif.expected | 26 +- .../clang_no_plt_no_pic/nestedif.expected | 24 +- .../nestedif/clang_pic/nestedif.expected | 26 +- .../correct/nestedif/gcc/nestedif.expected | 24 +- .../gcc_no_plt_no_pic/nestedif.expected | 18 +- .../nestedif/gcc_pic/nestedif.expected | 22 +- .../simple_jump/clang/simple_jump.expected | 22 +- .../clang_no_plt_no_pic/simple_jump.expected | 22 +- .../clang_pic/simple_jump.expected | 18 +- .../simple_jump/gcc/simple_jump.expected | 20 +- .../gcc_no_plt_no_pic/simple_jump.expected | 18 +- .../simple_jump/gcc_pic/simple_jump.expected | 18 +- src/test/correct/switch/clang/switch.expected | 22 +- .../clang_no_plt_no_pic/switch.expected | 22 +- .../correct/switch/clang_pic/switch.expected | 24 +- src/test/correct/switch/gcc/switch.expected | 20 +- .../switch/gcc_no_plt_no_pic/switch.expected | 18 +- .../correct/switch/gcc_pic/switch.expected | 22 +- src/test/correct/switch2/gcc/switch2.expected | 28 +- .../gcc_no_plt_no_pic/switch2.expected | 30 +- .../correct/switch2/gcc_pic/switch2.expected | 24 +- .../correct/syscall/gcc_O2/syscall.expected | 5 - .../clang/using_gamma_conditional.expected | 20 +- .../clang_O2/using_gamma_conditional.expected | 20 +- .../using_gamma_conditional.expected | 22 +- .../using_gamma_conditional.expected | 18 +- .../gcc/using_gamma_conditional.expected | 20 +- .../gcc_O2/using_gamma_conditional.expected | 20 +- .../using_gamma_conditional.expected | 20 +- .../gcc_pic/using_gamma_conditional.expected | 20 +- .../incorrect/iflocal/clang/iflocal.expected | 22 +- .../clang_no_plt_no_pic/iflocal.expected | 22 +- .../iflocal/clang_pic/iflocal.expected | 22 +- .../incorrect/iflocal/gcc/iflocal.expected | 18 +- .../gcc_no_plt_no_pic/iflocal.expected | 18 +- .../iflocal/gcc_pic/iflocal.expected | 18 +- .../malloc_memcpy_strlen_memset_free.expected | 320 +++++++++--------- .../malloc_memcpy_strlen_memset_free.expected | 298 ++++++++-------- .../clang/nestedifglobal.expected | 22 +- .../nestedifglobal.expected | 24 +- .../clang_pic/nestedifglobal.expected | 24 +- .../gcc/nestedifglobal.expected | 24 +- .../gcc_no_plt_no_pic/nestedifglobal.expected | 22 +- .../gcc_pic/nestedifglobal.expected | 22 +- 108 files changed, 1488 insertions(+), 1494 deletions(-) diff --git a/src/test/correct/basic_function_call_reader/clang/basic_function_call_reader.expected b/src/test/correct/basic_function_call_reader/clang/basic_function_call_reader.expected index 51de8168c..e0d4ac96b 100644 --- a/src/test/correct/basic_function_call_reader/clang/basic_function_call_reader.expected +++ b/src/test/correct/basic_function_call_reader/clang/basic_function_call_reader.expected @@ -1,19 +1,11 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; var {:extern} Gamma_R8: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; var {:extern} R8: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $x_addr: bv64; @@ -101,7 +93,7 @@ implementation {:extern} guarantee_reflexive() } procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_R8, Gamma_VF, Gamma_ZF, Gamma_mem, Gamma_stack, NF, R0, R31, R8, VF, ZF, mem, stack; + modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_mem, Gamma_stack, R0, R31, R8, mem, stack; free requires (memory_load64_le(mem, 69664bv64) == 0bv64); free requires (memory_load64_le(mem, 69672bv64) == 69672bv64); free requires (memory_load8_le(mem, 1908bv64) == 1bv8); @@ -126,7 +118,15 @@ procedure main(); implementation main() { var #4: bv32; + var CF: bv1; var Gamma_#4: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; @@ -159,7 +159,7 @@ implementation main() l00000348: assume {:captureState "l00000348"} true; assert Gamma_R8; - goto l00000348_goto_l00000350, l00000348_goto_l0000037a; + goto l00000348_goto_l0000037a, l00000348_goto_l00000350; l00000350: assume {:captureState "l00000350"} true; R8, Gamma_R8 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); diff --git a/src/test/correct/basic_function_call_reader/clang_O2/basic_function_call_reader.expected b/src/test/correct/basic_function_call_reader/clang_O2/basic_function_call_reader.expected index 9d53d3cfd..fb01ac4e4 100644 --- a/src/test/correct/basic_function_call_reader/clang_O2/basic_function_call_reader.expected +++ b/src/test/correct/basic_function_call_reader/clang_O2/basic_function_call_reader.expected @@ -1,18 +1,10 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R8: bool; var {:extern} Gamma_R9: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R8: bv64; var {:extern} R9: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; const {:extern} $x_addr: bv64; axiom ($x_addr == 69688bv64); @@ -91,7 +83,7 @@ implementation {:extern} guarantee_reflexive() } procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R8, Gamma_R9, Gamma_VF, Gamma_ZF, Gamma_mem, NF, R0, R8, R9, VF, ZF, mem; + modifies Gamma_R0, Gamma_R8, Gamma_R9, Gamma_mem, R0, R8, R9, mem; free requires (memory_load64_le(mem, 69664bv64) == 0bv64); free requires (memory_load64_le(mem, 69672bv64) == 69672bv64); free requires (memory_load8_le(mem, 1860bv64) == 1bv8); @@ -114,7 +106,15 @@ procedure main(); implementation main() { var #4: bv32; + var CF: bv1; var Gamma_#4: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; lmain: assume {:captureState "lmain"} true; R8, Gamma_R8 := 69632bv64, true; diff --git a/src/test/correct/basic_function_call_reader/clang_no_plt_no_pic/basic_function_call_reader.expected b/src/test/correct/basic_function_call_reader/clang_no_plt_no_pic/basic_function_call_reader.expected index 09cbb05ff..f041bdf4a 100644 --- a/src/test/correct/basic_function_call_reader/clang_no_plt_no_pic/basic_function_call_reader.expected +++ b/src/test/correct/basic_function_call_reader/clang_no_plt_no_pic/basic_function_call_reader.expected @@ -1,19 +1,11 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; var {:extern} Gamma_R8: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; var {:extern} R8: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $x_addr: bv64; @@ -101,7 +93,7 @@ implementation {:extern} guarantee_reflexive() } procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_R8, Gamma_VF, Gamma_ZF, Gamma_mem, Gamma_stack, NF, R0, R31, R8, VF, ZF, mem, stack; + modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_mem, Gamma_stack, R0, R31, R8, mem, stack; free requires (memory_load64_le(mem, 69664bv64) == 0bv64); free requires (memory_load64_le(mem, 69672bv64) == 69672bv64); free requires (memory_load8_le(mem, 1908bv64) == 1bv8); @@ -126,7 +118,15 @@ procedure main(); implementation main() { var #4: bv32; + var CF: bv1; var Gamma_#4: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; @@ -147,7 +147,7 @@ implementation main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l00000988, lmain_goto_l00000985; + goto lmain_goto_l00000985, lmain_goto_l00000988; l00000988: assume {:captureState "l00000988"} true; R8, Gamma_R8 := 1bv64, true; diff --git a/src/test/correct/basic_function_call_reader/clang_pic/basic_function_call_reader.expected b/src/test/correct/basic_function_call_reader/clang_pic/basic_function_call_reader.expected index 0fd8f9700..8ce836552 100644 --- a/src/test/correct/basic_function_call_reader/clang_pic/basic_function_call_reader.expected +++ b/src/test/correct/basic_function_call_reader/clang_pic/basic_function_call_reader.expected @@ -1,19 +1,11 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; var {:extern} Gamma_R8: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; var {:extern} R8: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $x_addr: bv64; @@ -107,7 +99,7 @@ implementation {:extern} guarantee_reflexive() } procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_R8, Gamma_VF, Gamma_ZF, Gamma_mem, Gamma_stack, NF, R0, R31, R8, VF, ZF, mem, stack; + modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_mem, Gamma_stack, R0, R31, R8, mem, stack; free requires (memory_load64_le(mem, 69664bv64) == 0bv64); free requires (memory_load64_le(mem, 69672bv64) == 69672bv64); free requires (memory_load8_le(mem, 1980bv64) == 1bv8); @@ -136,7 +128,15 @@ procedure main(); implementation main() { var #4: bv32; + var CF: bv1; var Gamma_#4: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; @@ -161,7 +161,7 @@ implementation main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l0000035b, lmain_goto_l00000358; + goto lmain_goto_l00000358, lmain_goto_l0000035b; l0000035b: assume {:captureState "l0000035b"} true; R8, Gamma_R8 := 1bv64, true; diff --git a/src/test/correct/basic_function_call_reader/gcc/basic_function_call_reader.expected b/src/test/correct/basic_function_call_reader/gcc/basic_function_call_reader.expected index b17237b08..d71c3e779 100644 --- a/src/test/correct/basic_function_call_reader/gcc/basic_function_call_reader.expected +++ b/src/test/correct/basic_function_call_reader/gcc/basic_function_call_reader.expected @@ -1,17 +1,9 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $x_addr: bv64; @@ -99,7 +91,7 @@ implementation {:extern} guarantee_reflexive() } procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_VF, Gamma_ZF, Gamma_mem, Gamma_stack, NF, R0, R31, VF, ZF, mem, stack; + modifies Gamma_R0, Gamma_R31, Gamma_mem, Gamma_stack, R0, R31, mem, stack; free requires (memory_load64_le(mem, 69632bv64) == 0bv64); free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); free requires (memory_load8_le(mem, 1892bv64) == 1bv8); @@ -124,7 +116,15 @@ procedure main(); implementation main() { var #4: bv32; + var CF: bv1; var Gamma_#4: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; @@ -144,7 +144,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#4, 1bv32), 0bv32), Gamma_#4; NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l00000332, lmain_goto_l00000349; + goto lmain_goto_l00000349, lmain_goto_l00000332; l00000332: assume {:captureState "l00000332"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); diff --git a/src/test/correct/basic_function_call_reader/gcc_O2/basic_function_call_reader.expected b/src/test/correct/basic_function_call_reader/gcc_O2/basic_function_call_reader.expected index 1a40b8d2d..d1f5db87f 100644 --- a/src/test/correct/basic_function_call_reader/gcc_O2/basic_function_call_reader.expected +++ b/src/test/correct/basic_function_call_reader/gcc_O2/basic_function_call_reader.expected @@ -103,7 +103,7 @@ implementation main() call rely(); R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, bvadd64(R0, 20bv64))), (gamma_load32(Gamma_mem, bvadd64(R0, 20bv64)) || L(mem, bvadd64(R0, 20bv64))); assert Gamma_R0; - goto lmain_goto_l000001bc, lmain_goto_l00000398; + goto lmain_goto_l00000398, lmain_goto_l000001bc; l00000398: assume {:captureState "l00000398"} true; call rely(); diff --git a/src/test/correct/basic_function_call_reader/gcc_no_plt_no_pic/basic_function_call_reader.expected b/src/test/correct/basic_function_call_reader/gcc_no_plt_no_pic/basic_function_call_reader.expected index 58182e98e..790fdac03 100644 --- a/src/test/correct/basic_function_call_reader/gcc_no_plt_no_pic/basic_function_call_reader.expected +++ b/src/test/correct/basic_function_call_reader/gcc_no_plt_no_pic/basic_function_call_reader.expected @@ -1,17 +1,9 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $x_addr: bv64; @@ -99,7 +91,7 @@ implementation {:extern} guarantee_reflexive() } procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_VF, Gamma_ZF, Gamma_mem, Gamma_stack, NF, R0, R31, VF, ZF, mem, stack; + modifies Gamma_R0, Gamma_R31, Gamma_mem, Gamma_stack, R0, R31, mem, stack; free requires (memory_load64_le(mem, 69632bv64) == 0bv64); free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); free requires (memory_load8_le(mem, 1892bv64) == 1bv8); @@ -124,7 +116,15 @@ procedure main(); implementation main() { var #4: bv32; + var CF: bv1; var Gamma_#4: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; diff --git a/src/test/correct/basic_function_call_reader/gcc_pic/basic_function_call_reader.expected b/src/test/correct/basic_function_call_reader/gcc_pic/basic_function_call_reader.expected index b1fe70ac7..274ce16ba 100644 --- a/src/test/correct/basic_function_call_reader/gcc_pic/basic_function_call_reader.expected +++ b/src/test/correct/basic_function_call_reader/gcc_pic/basic_function_call_reader.expected @@ -1,17 +1,9 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $x_addr: bv64; @@ -105,7 +97,7 @@ implementation {:extern} guarantee_reflexive() } procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_VF, Gamma_ZF, Gamma_mem, Gamma_stack, NF, R0, R31, VF, ZF, mem, stack; + modifies Gamma_R0, Gamma_R31, Gamma_mem, Gamma_stack, R0, R31, mem, stack; free requires (memory_load64_le(mem, 69632bv64) == 0bv64); free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); free requires (memory_load8_le(mem, 1956bv64) == 1bv8); @@ -134,7 +126,15 @@ procedure main(); implementation main() { var #4: bv32; + var CF: bv1; var Gamma_#4: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; @@ -156,7 +156,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#4, 1bv32), 0bv32), Gamma_#4; NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l00000334, lmain_goto_l0000034b; + goto lmain_goto_l0000034b, lmain_goto_l00000334; l00000334: assume {:captureState "l00000334"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); diff --git a/src/test/correct/basic_lock_read/clang/basic_lock_read.expected b/src/test/correct/basic_lock_read/clang/basic_lock_read.expected index 368fa8b4b..db6595a90 100644 --- a/src/test/correct/basic_lock_read/clang/basic_lock_read.expected +++ b/src/test/correct/basic_lock_read/clang/basic_lock_read.expected @@ -1,19 +1,11 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; var {:extern} Gamma_R8: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; var {:extern} R8: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $x_addr: bv64; @@ -97,7 +89,7 @@ implementation {:extern} guarantee_reflexive() } procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_R8, Gamma_VF, Gamma_ZF, Gamma_mem, Gamma_stack, NF, R0, R31, R8, VF, ZF, mem, stack; + modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_mem, Gamma_stack, R0, R31, R8, mem, stack; free requires (memory_load64_le(mem, 69664bv64) == 0bv64); free requires (memory_load64_le(mem, 69672bv64) == 69672bv64); free requires (memory_load8_le(mem, 1900bv64) == 1bv8); @@ -123,7 +115,15 @@ procedure main(); implementation main() { var #4: bv32; + var CF: bv1; var Gamma_#4: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; var z_old: bv32; lmain: assume {:captureState "lmain"} true; diff --git a/src/test/correct/basic_lock_read/clang_O2/basic_lock_read.expected b/src/test/correct/basic_lock_read/clang_O2/basic_lock_read.expected index 2a14332bf..197fdeb2c 100644 --- a/src/test/correct/basic_lock_read/clang_O2/basic_lock_read.expected +++ b/src/test/correct/basic_lock_read/clang_O2/basic_lock_read.expected @@ -108,7 +108,7 @@ implementation main() call rely(); R8, Gamma_R8 := zero_extend32_32(memory_load32_le(mem, bvadd64(R8, 52bv64))), (gamma_load32(Gamma_mem, bvadd64(R8, 52bv64)) || L(mem, bvadd64(R8, 52bv64))); assert Gamma_R8; - goto lmain_goto_l000002f7, lmain_goto_l000002dc; + goto lmain_goto_l000002dc, lmain_goto_l000002f7; l000002dc: assume {:captureState "l000002dc"} true; R8, Gamma_R8 := 69632bv64, true; diff --git a/src/test/correct/basic_lock_read/clang_no_plt_no_pic/basic_lock_read.expected b/src/test/correct/basic_lock_read/clang_no_plt_no_pic/basic_lock_read.expected index bea2fa1a4..4f8620c1a 100644 --- a/src/test/correct/basic_lock_read/clang_no_plt_no_pic/basic_lock_read.expected +++ b/src/test/correct/basic_lock_read/clang_no_plt_no_pic/basic_lock_read.expected @@ -1,19 +1,11 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; var {:extern} Gamma_R8: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; var {:extern} R8: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $x_addr: bv64; @@ -97,7 +89,7 @@ implementation {:extern} guarantee_reflexive() } procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_R8, Gamma_VF, Gamma_ZF, Gamma_mem, Gamma_stack, NF, R0, R31, R8, VF, ZF, mem, stack; + modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_mem, Gamma_stack, R0, R31, R8, mem, stack; free requires (memory_load64_le(mem, 69664bv64) == 0bv64); free requires (memory_load64_le(mem, 69672bv64) == 69672bv64); free requires (memory_load8_le(mem, 1900bv64) == 1bv8); @@ -123,7 +115,15 @@ procedure main(); implementation main() { var #4: bv32; + var CF: bv1; var Gamma_#4: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; var z_old: bv32; lmain: assume {:captureState "lmain"} true; @@ -142,7 +142,7 @@ implementation main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l00000958, lmain_goto_l0000095b; + goto lmain_goto_l0000095b, lmain_goto_l00000958; l0000095b: assume {:captureState "l0000095b"} true; R8, Gamma_R8 := 1bv64, true; @@ -154,7 +154,7 @@ implementation main() l0000095e: assume {:captureState "l0000095e"} true; assert Gamma_R8; - goto l0000095e_goto_l0000097d, l0000095e_goto_l00000966; + goto l0000095e_goto_l00000966, l0000095e_goto_l0000097d; l0000097d: assume {:captureState "l0000097d"} true; goto l0000097e; diff --git a/src/test/correct/basic_lock_read/clang_pic/basic_lock_read.expected b/src/test/correct/basic_lock_read/clang_pic/basic_lock_read.expected index 44f2ddd47..1ebf43397 100644 --- a/src/test/correct/basic_lock_read/clang_pic/basic_lock_read.expected +++ b/src/test/correct/basic_lock_read/clang_pic/basic_lock_read.expected @@ -1,19 +1,11 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; var {:extern} Gamma_R8: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; var {:extern} R8: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $x_addr: bv64; @@ -103,7 +95,7 @@ implementation {:extern} guarantee_reflexive() } procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_R8, Gamma_VF, Gamma_ZF, Gamma_mem, Gamma_stack, NF, R0, R31, R8, VF, ZF, mem, stack; + modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_mem, Gamma_stack, R0, R31, R8, mem, stack; free requires (memory_load64_le(mem, 69664bv64) == 0bv64); free requires (memory_load64_le(mem, 69672bv64) == 69672bv64); free requires (memory_load8_le(mem, 1972bv64) == 1bv8); @@ -133,7 +125,15 @@ procedure main(); implementation main() { var #4: bv32; + var CF: bv1; var Gamma_#4: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; var z_old: bv32; lmain: assume {:captureState "lmain"} true; @@ -154,7 +154,7 @@ implementation main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l0000033c, lmain_goto_l0000033f; + goto lmain_goto_l0000033f, lmain_goto_l0000033c; l0000033f: assume {:captureState "l0000033f"} true; R8, Gamma_R8 := 1bv64, true; @@ -166,7 +166,7 @@ implementation main() l00000342: assume {:captureState "l00000342"} true; assert Gamma_R8; - goto l00000342_goto_l00000361, l00000342_goto_l0000034a; + goto l00000342_goto_l0000034a, l00000342_goto_l00000361; l00000361: assume {:captureState "l00000361"} true; goto l00000362; diff --git a/src/test/correct/basic_lock_read/gcc/basic_lock_read.expected b/src/test/correct/basic_lock_read/gcc/basic_lock_read.expected index e9cda79fa..c83f5c166 100644 --- a/src/test/correct/basic_lock_read/gcc/basic_lock_read.expected +++ b/src/test/correct/basic_lock_read/gcc/basic_lock_read.expected @@ -1,17 +1,9 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $x_addr: bv64; @@ -95,7 +87,7 @@ implementation {:extern} guarantee_reflexive() } procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_VF, Gamma_ZF, Gamma_mem, Gamma_stack, NF, R0, R31, VF, ZF, mem, stack; + modifies Gamma_R0, Gamma_R31, Gamma_mem, Gamma_stack, R0, R31, mem, stack; free requires (memory_load64_le(mem, 69632bv64) == 0bv64); free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); free requires (memory_load8_le(mem, 1900bv64) == 1bv8); @@ -121,7 +113,15 @@ procedure main(); implementation main() { var #4: bv32; + var CF: bv1; var Gamma_#4: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; var z_old: bv32; lmain: assume {:captureState "lmain"} true; diff --git a/src/test/correct/basic_lock_read/gcc_O2/basic_lock_read.expected b/src/test/correct/basic_lock_read/gcc_O2/basic_lock_read.expected index 5bc387a30..2a16b5a6a 100644 --- a/src/test/correct/basic_lock_read/gcc_O2/basic_lock_read.expected +++ b/src/test/correct/basic_lock_read/gcc_O2/basic_lock_read.expected @@ -110,7 +110,7 @@ implementation main() call rely(); R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, bvadd64(R0, 20bv64))), (gamma_load32(Gamma_mem, bvadd64(R0, 20bv64)) || L(mem, bvadd64(R0, 20bv64))); assert Gamma_R0; - goto lmain_goto_l0000039c, lmain_goto_l000001bd; + goto lmain_goto_l000001bd, lmain_goto_l0000039c; l0000039c: assume {:captureState "l0000039c"} true; call rely(); diff --git a/src/test/correct/basic_lock_read/gcc_no_plt_no_pic/basic_lock_read.expected b/src/test/correct/basic_lock_read/gcc_no_plt_no_pic/basic_lock_read.expected index 592be48df..58f5ddf79 100644 --- a/src/test/correct/basic_lock_read/gcc_no_plt_no_pic/basic_lock_read.expected +++ b/src/test/correct/basic_lock_read/gcc_no_plt_no_pic/basic_lock_read.expected @@ -1,17 +1,9 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $x_addr: bv64; @@ -95,7 +87,7 @@ implementation {:extern} guarantee_reflexive() } procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_VF, Gamma_ZF, Gamma_mem, Gamma_stack, NF, R0, R31, VF, ZF, mem, stack; + modifies Gamma_R0, Gamma_R31, Gamma_mem, Gamma_stack, R0, R31, mem, stack; free requires (memory_load64_le(mem, 69632bv64) == 0bv64); free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); free requires (memory_load8_le(mem, 1900bv64) == 1bv8); @@ -121,7 +113,15 @@ procedure main(); implementation main() { var #4: bv32; + var CF: bv1; var Gamma_#4: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; var z_old: bv32; lmain: assume {:captureState "lmain"} true; diff --git a/src/test/correct/basic_lock_read/gcc_pic/basic_lock_read.expected b/src/test/correct/basic_lock_read/gcc_pic/basic_lock_read.expected index 9c5e29ee0..084d0cad4 100644 --- a/src/test/correct/basic_lock_read/gcc_pic/basic_lock_read.expected +++ b/src/test/correct/basic_lock_read/gcc_pic/basic_lock_read.expected @@ -1,17 +1,9 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $x_addr: bv64; @@ -101,7 +93,7 @@ implementation {:extern} guarantee_reflexive() } procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_VF, Gamma_ZF, Gamma_mem, Gamma_stack, NF, R0, R31, VF, ZF, mem, stack; + modifies Gamma_R0, Gamma_R31, Gamma_mem, Gamma_stack, R0, R31, mem, stack; free requires (memory_load64_le(mem, 69632bv64) == 0bv64); free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); free requires (memory_load8_le(mem, 1964bv64) == 1bv8); @@ -131,7 +123,15 @@ procedure main(); implementation main() { var #4: bv32; + var CF: bv1; var Gamma_#4: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; var z_old: bv32; lmain: assume {:captureState "lmain"} true; diff --git a/src/test/correct/basic_lock_security_read/clang/basic_lock_security_read.expected b/src/test/correct/basic_lock_security_read/clang/basic_lock_security_read.expected index b1688c5cd..cf0ff5fbe 100644 --- a/src/test/correct/basic_lock_security_read/clang/basic_lock_security_read.expected +++ b/src/test/correct/basic_lock_security_read/clang/basic_lock_security_read.expected @@ -1,19 +1,11 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; var {:extern} Gamma_R8: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; var {:extern} R8: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $x_addr: bv64; @@ -97,7 +89,7 @@ implementation {:extern} guarantee_reflexive() } procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_R8, Gamma_VF, Gamma_ZF, Gamma_mem, Gamma_stack, NF, R0, R31, R8, VF, ZF, mem, stack; + modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_mem, Gamma_stack, R0, R31, R8, mem, stack; free requires (memory_load64_le(mem, 69664bv64) == 0bv64); free requires (memory_load64_le(mem, 69672bv64) == 69672bv64); free requires (memory_load8_le(mem, 1896bv64) == 1bv8); @@ -122,7 +114,15 @@ procedure main(); implementation main() { var #4: bv32; + var CF: bv1; var Gamma_#4: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; @@ -140,7 +140,7 @@ implementation main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l0000032c, lmain_goto_l00000329; + goto lmain_goto_l00000329, lmain_goto_l0000032c; l0000032c: assume {:captureState "l0000032c"} true; R8, Gamma_R8 := 1bv64, true; diff --git a/src/test/correct/basic_lock_security_read/clang_O2/basic_lock_security_read.expected b/src/test/correct/basic_lock_security_read/clang_O2/basic_lock_security_read.expected index 790f76e8e..d9f9cea02 100644 --- a/src/test/correct/basic_lock_security_read/clang_O2/basic_lock_security_read.expected +++ b/src/test/correct/basic_lock_security_read/clang_O2/basic_lock_security_read.expected @@ -1,18 +1,10 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R8: bool; var {:extern} Gamma_R9: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R8: bv64; var {:extern} R9: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; const {:extern} $x_addr: bv64; axiom ($x_addr == 69688bv64); @@ -87,7 +79,7 @@ implementation {:extern} guarantee_reflexive() } procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R8, Gamma_R9, Gamma_VF, Gamma_ZF, Gamma_mem, NF, R0, R8, R9, VF, ZF, mem; + modifies Gamma_R0, Gamma_R8, Gamma_R9, Gamma_mem, R0, R8, R9, mem; free requires (memory_load64_le(mem, 69664bv64) == 0bv64); free requires (memory_load64_le(mem, 69672bv64) == 69672bv64); free requires (memory_load8_le(mem, 1860bv64) == 1bv8); @@ -110,7 +102,15 @@ procedure main(); implementation main() { var #4: bv32; + var CF: bv1; var Gamma_#4: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; lmain: assume {:captureState "lmain"} true; R8, Gamma_R8 := 69632bv64, true; diff --git a/src/test/correct/basic_lock_security_read/clang_no_plt_no_pic/basic_lock_security_read.expected b/src/test/correct/basic_lock_security_read/clang_no_plt_no_pic/basic_lock_security_read.expected index 28ef73e25..55416eb78 100644 --- a/src/test/correct/basic_lock_security_read/clang_no_plt_no_pic/basic_lock_security_read.expected +++ b/src/test/correct/basic_lock_security_read/clang_no_plt_no_pic/basic_lock_security_read.expected @@ -1,19 +1,11 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; var {:extern} Gamma_R8: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; var {:extern} R8: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $x_addr: bv64; @@ -97,7 +89,7 @@ implementation {:extern} guarantee_reflexive() } procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_R8, Gamma_VF, Gamma_ZF, Gamma_mem, Gamma_stack, NF, R0, R31, R8, VF, ZF, mem, stack; + modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_mem, Gamma_stack, R0, R31, R8, mem, stack; free requires (memory_load64_le(mem, 69664bv64) == 0bv64); free requires (memory_load64_le(mem, 69672bv64) == 69672bv64); free requires (memory_load8_le(mem, 1896bv64) == 1bv8); @@ -122,7 +114,15 @@ procedure main(); implementation main() { var #4: bv32; + var CF: bv1; var Gamma_#4: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; @@ -140,7 +140,7 @@ implementation main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l00000947, lmain_goto_l0000094a; + goto lmain_goto_l0000094a, lmain_goto_l00000947; l0000094a: assume {:captureState "l0000094a"} true; R8, Gamma_R8 := 1bv64, true; @@ -152,7 +152,7 @@ implementation main() l0000094d: assume {:captureState "l0000094d"} true; assert Gamma_R8; - goto l0000094d_goto_l0000096c, l0000094d_goto_l00000955; + goto l0000094d_goto_l00000955, l0000094d_goto_l0000096c; l0000096c: assume {:captureState "l0000096c"} true; goto l0000096d; diff --git a/src/test/correct/basic_lock_security_read/clang_pic/basic_lock_security_read.expected b/src/test/correct/basic_lock_security_read/clang_pic/basic_lock_security_read.expected index 44e56abef..79910e11b 100644 --- a/src/test/correct/basic_lock_security_read/clang_pic/basic_lock_security_read.expected +++ b/src/test/correct/basic_lock_security_read/clang_pic/basic_lock_security_read.expected @@ -1,19 +1,11 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; var {:extern} Gamma_R8: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; var {:extern} R8: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $x_addr: bv64; @@ -103,7 +95,7 @@ implementation {:extern} guarantee_reflexive() } procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_R8, Gamma_VF, Gamma_ZF, Gamma_mem, Gamma_stack, NF, R0, R31, R8, VF, ZF, mem, stack; + modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_mem, Gamma_stack, R0, R31, R8, mem, stack; free requires (memory_load64_le(mem, 69664bv64) == 0bv64); free requires (memory_load64_le(mem, 69672bv64) == 69672bv64); free requires (memory_load8_le(mem, 1968bv64) == 1bv8); @@ -132,7 +124,15 @@ procedure main(); implementation main() { var #4: bv32; + var CF: bv1; var Gamma_#4: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; @@ -152,7 +152,7 @@ implementation main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l0000033b, lmain_goto_l00000338; + goto lmain_goto_l00000338, lmain_goto_l0000033b; l0000033b: assume {:captureState "l0000033b"} true; R8, Gamma_R8 := 1bv64, true; @@ -164,7 +164,7 @@ implementation main() l0000033e: assume {:captureState "l0000033e"} true; assert Gamma_R8; - goto l0000033e_goto_l00000346, l0000033e_goto_l0000035d; + goto l0000033e_goto_l0000035d, l0000033e_goto_l00000346; l0000035d: assume {:captureState "l0000035d"} true; goto l0000035e; diff --git a/src/test/correct/basic_lock_security_read/gcc/basic_lock_security_read.expected b/src/test/correct/basic_lock_security_read/gcc/basic_lock_security_read.expected index 0734a734e..4f7c77915 100644 --- a/src/test/correct/basic_lock_security_read/gcc/basic_lock_security_read.expected +++ b/src/test/correct/basic_lock_security_read/gcc/basic_lock_security_read.expected @@ -1,17 +1,9 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $x_addr: bv64; @@ -95,7 +87,7 @@ implementation {:extern} guarantee_reflexive() } procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_VF, Gamma_ZF, Gamma_mem, Gamma_stack, NF, R0, R31, VF, ZF, mem, stack; + modifies Gamma_R0, Gamma_R31, Gamma_mem, Gamma_stack, R0, R31, mem, stack; free requires (memory_load64_le(mem, 69632bv64) == 0bv64); free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); free requires (memory_load8_le(mem, 1888bv64) == 1bv8); @@ -120,7 +112,15 @@ procedure main(); implementation main() { var #4: bv32; + var CF: bv1; var Gamma_#4: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; @@ -136,7 +136,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#4, 1bv32), 0bv32), Gamma_#4; NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l0000031b, lmain_goto_l00000332; + goto lmain_goto_l00000332, lmain_goto_l0000031b; l00000332: assume {:captureState "l00000332"} true; R0, Gamma_R0 := 69632bv64, true; diff --git a/src/test/correct/basic_lock_security_read/gcc_no_plt_no_pic/basic_lock_security_read.expected b/src/test/correct/basic_lock_security_read/gcc_no_plt_no_pic/basic_lock_security_read.expected index 3a53f0467..8fee3b91e 100644 --- a/src/test/correct/basic_lock_security_read/gcc_no_plt_no_pic/basic_lock_security_read.expected +++ b/src/test/correct/basic_lock_security_read/gcc_no_plt_no_pic/basic_lock_security_read.expected @@ -1,17 +1,9 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $x_addr: bv64; @@ -95,7 +87,7 @@ implementation {:extern} guarantee_reflexive() } procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_VF, Gamma_ZF, Gamma_mem, Gamma_stack, NF, R0, R31, VF, ZF, mem, stack; + modifies Gamma_R0, Gamma_R31, Gamma_mem, Gamma_stack, R0, R31, mem, stack; free requires (memory_load64_le(mem, 69632bv64) == 0bv64); free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); free requires (memory_load8_le(mem, 1888bv64) == 1bv8); @@ -120,7 +112,15 @@ procedure main(); implementation main() { var #4: bv32; + var CF: bv1; var Gamma_#4: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; diff --git a/src/test/correct/basic_lock_security_read/gcc_pic/basic_lock_security_read.expected b/src/test/correct/basic_lock_security_read/gcc_pic/basic_lock_security_read.expected index db96e67c1..f002e09a4 100644 --- a/src/test/correct/basic_lock_security_read/gcc_pic/basic_lock_security_read.expected +++ b/src/test/correct/basic_lock_security_read/gcc_pic/basic_lock_security_read.expected @@ -1,17 +1,9 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $x_addr: bv64; @@ -101,7 +93,7 @@ implementation {:extern} guarantee_reflexive() } procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_VF, Gamma_ZF, Gamma_mem, Gamma_stack, NF, R0, R31, VF, ZF, mem, stack; + modifies Gamma_R0, Gamma_R31, Gamma_mem, Gamma_stack, R0, R31, mem, stack; free requires (memory_load64_le(mem, 69632bv64) == 0bv64); free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); free requires (memory_load8_le(mem, 1952bv64) == 1bv8); @@ -130,7 +122,15 @@ procedure main(); implementation main() { var #4: bv32; + var CF: bv1; var Gamma_#4: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; @@ -147,7 +147,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#4, 1bv32), 0bv32), Gamma_#4; NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l0000031c, lmain_goto_l00000333; + goto lmain_goto_l00000333, lmain_goto_l0000031c; l00000333: assume {:captureState "l00000333"} true; R0, Gamma_R0 := 65536bv64, true; diff --git a/src/test/correct/basic_operation_evaluation/clang/basic_operation_evaluation.expected b/src/test/correct/basic_operation_evaluation/clang/basic_operation_evaluation.expected index a3c307696..034341749 100644 --- a/src/test/correct/basic_operation_evaluation/clang/basic_operation_evaluation.expected +++ b/src/test/correct/basic_operation_evaluation/clang/basic_operation_evaluation.expected @@ -1,25 +1,17 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R1: bool; var {:extern} Gamma_R10: bool; var {:extern} Gamma_R31: bool; var {:extern} Gamma_R8: bool; var {:extern} Gamma_R9: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R1: bv64; var {:extern} R10: bv64; var {:extern} R31: bv64; var {:extern} R8: bv64; var {:extern} R9: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $_IO_stdin_used_addr: bv64; @@ -100,7 +92,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R10, Gamma_R31, Gamma_R8, Gamma_R9, Gamma_VF, Gamma_ZF, Gamma_stack, NF, R0, R10, R31, R8, R9, VF, ZF, stack; + modifies Gamma_R0, Gamma_R10, Gamma_R31, Gamma_R8, Gamma_R9, Gamma_stack, R0, R10, R31, R8, R9, stack; free requires (memory_load64_le(mem, 69664bv64) == 0bv64); free requires (memory_load64_le(mem, 69672bv64) == 69672bv64); free requires (memory_load8_le(mem, 1952bv64) == 1bv8); @@ -126,8 +118,16 @@ implementation main() { var #4: bv32; var #5: bv32; + var CF: bv1; var Gamma_#4: bool; var Gamma_#5: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551584bv64), Gamma_R31; @@ -164,7 +164,7 @@ implementation main() R8, Gamma_R8 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); R10, Gamma_R10 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); assert Gamma_R10; - goto lmain_goto_l000003ce, lmain_goto_l000003c9; + goto lmain_goto_l000003c9, lmain_goto_l000003ce; l000003ce: assume {:captureState "l000003ce"} true; R9, Gamma_R9 := zero_extend32_32(bvsdiv33(sign_extend1_32(R8[32:0]), sign_extend1_32(R10[32:0]))[32:0]), (Gamma_R10 && Gamma_R8); diff --git a/src/test/correct/basic_operation_evaluation/clang_no_plt_no_pic/basic_operation_evaluation.expected b/src/test/correct/basic_operation_evaluation/clang_no_plt_no_pic/basic_operation_evaluation.expected index a522637ce..3e31a9755 100644 --- a/src/test/correct/basic_operation_evaluation/clang_no_plt_no_pic/basic_operation_evaluation.expected +++ b/src/test/correct/basic_operation_evaluation/clang_no_plt_no_pic/basic_operation_evaluation.expected @@ -1,25 +1,17 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R1: bool; var {:extern} Gamma_R10: bool; var {:extern} Gamma_R31: bool; var {:extern} Gamma_R8: bool; var {:extern} Gamma_R9: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R1: bv64; var {:extern} R10: bv64; var {:extern} R31: bv64; var {:extern} R8: bv64; var {:extern} R9: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $_IO_stdin_used_addr: bv64; @@ -100,7 +92,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R10, Gamma_R31, Gamma_R8, Gamma_R9, Gamma_VF, Gamma_ZF, Gamma_stack, NF, R0, R10, R31, R8, R9, VF, ZF, stack; + modifies Gamma_R0, Gamma_R10, Gamma_R31, Gamma_R8, Gamma_R9, Gamma_stack, R0, R10, R31, R8, R9, stack; free requires (memory_load64_le(mem, 69664bv64) == 0bv64); free requires (memory_load64_le(mem, 69672bv64) == 69672bv64); free requires (memory_load8_le(mem, 1952bv64) == 1bv8); @@ -126,8 +118,16 @@ implementation main() { var #4: bv32; var #5: bv32; + var CF: bv1; var Gamma_#4: bool; var Gamma_#5: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551584bv64), Gamma_R31; diff --git a/src/test/correct/basic_operation_evaluation/clang_pic/basic_operation_evaluation.expected b/src/test/correct/basic_operation_evaluation/clang_pic/basic_operation_evaluation.expected index a522637ce..3e31a9755 100644 --- a/src/test/correct/basic_operation_evaluation/clang_pic/basic_operation_evaluation.expected +++ b/src/test/correct/basic_operation_evaluation/clang_pic/basic_operation_evaluation.expected @@ -1,25 +1,17 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R1: bool; var {:extern} Gamma_R10: bool; var {:extern} Gamma_R31: bool; var {:extern} Gamma_R8: bool; var {:extern} Gamma_R9: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R1: bv64; var {:extern} R10: bv64; var {:extern} R31: bv64; var {:extern} R8: bv64; var {:extern} R9: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $_IO_stdin_used_addr: bv64; @@ -100,7 +92,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R10, Gamma_R31, Gamma_R8, Gamma_R9, Gamma_VF, Gamma_ZF, Gamma_stack, NF, R0, R10, R31, R8, R9, VF, ZF, stack; + modifies Gamma_R0, Gamma_R10, Gamma_R31, Gamma_R8, Gamma_R9, Gamma_stack, R0, R10, R31, R8, R9, stack; free requires (memory_load64_le(mem, 69664bv64) == 0bv64); free requires (memory_load64_le(mem, 69672bv64) == 69672bv64); free requires (memory_load8_le(mem, 1952bv64) == 1bv8); @@ -126,8 +118,16 @@ implementation main() { var #4: bv32; var #5: bv32; + var CF: bv1; var Gamma_#4: bool; var Gamma_#5: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551584bv64), Gamma_R31; diff --git a/src/test/correct/basic_operation_evaluation/gcc/basic_operation_evaluation.expected b/src/test/correct/basic_operation_evaluation/gcc/basic_operation_evaluation.expected index f749d9aa1..519a3eea4 100644 --- a/src/test/correct/basic_operation_evaluation/gcc/basic_operation_evaluation.expected +++ b/src/test/correct/basic_operation_evaluation/gcc/basic_operation_evaluation.expected @@ -140,7 +140,7 @@ implementation main() R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 20bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 20bv64)); R1, Gamma_R1 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 24bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 24bv64)); assert Gamma_R1; - goto lmain_goto_l000003b3, lmain_goto_l000003b8; + goto lmain_goto_l000003b8, lmain_goto_l000003b3; l000003b8: assume {:captureState "l000003b8"} true; R2, Gamma_R2 := zero_extend32_32(bvsdiv33(sign_extend1_32(R0[32:0]), sign_extend1_32(R1[32:0]))[32:0]), (Gamma_R1 && Gamma_R0); diff --git a/src/test/correct/basic_operation_evaluation/gcc_no_plt_no_pic/basic_operation_evaluation.expected b/src/test/correct/basic_operation_evaluation/gcc_no_plt_no_pic/basic_operation_evaluation.expected index 4e9789b9f..e452e806d 100644 --- a/src/test/correct/basic_operation_evaluation/gcc_no_plt_no_pic/basic_operation_evaluation.expected +++ b/src/test/correct/basic_operation_evaluation/gcc_no_plt_no_pic/basic_operation_evaluation.expected @@ -140,7 +140,7 @@ implementation main() R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 20bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 20bv64)); R1, Gamma_R1 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 24bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 24bv64)); assert Gamma_R1; - goto lmain_goto_l00000a73, lmain_goto_l00000a6e; + goto lmain_goto_l00000a6e, lmain_goto_l00000a73; l00000a73: assume {:captureState "l00000a73"} true; R2, Gamma_R2 := zero_extend32_32(bvsdiv33(sign_extend1_32(R0[32:0]), sign_extend1_32(R1[32:0]))[32:0]), (Gamma_R1 && Gamma_R0); diff --git a/src/test/correct/basic_sec_policy_read/clang/basic_sec_policy_read.expected b/src/test/correct/basic_sec_policy_read/clang/basic_sec_policy_read.expected index f37f852ba..3c10d40f5 100644 --- a/src/test/correct/basic_sec_policy_read/clang/basic_sec_policy_read.expected +++ b/src/test/correct/basic_sec_policy_read/clang/basic_sec_policy_read.expected @@ -1,19 +1,11 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; var {:extern} Gamma_R8: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; var {:extern} R8: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $x_addr: bv64; @@ -97,7 +89,7 @@ implementation {:extern} guarantee_reflexive() } procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_R8, Gamma_VF, Gamma_ZF, Gamma_mem, Gamma_stack, NF, R0, R31, R8, VF, ZF, mem, stack; + modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_mem, Gamma_stack, R0, R31, R8, mem, stack; free requires (memory_load64_le(mem, 69664bv64) == 0bv64); free requires (memory_load64_le(mem, 69672bv64) == 69672bv64); free requires (memory_load8_le(mem, 1896bv64) == 1bv8); @@ -122,7 +114,15 @@ procedure main(); implementation main() { var #4: bv32; + var CF: bv1; var Gamma_#4: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; @@ -143,7 +143,7 @@ implementation main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l00000339, lmain_goto_l00000336; + goto lmain_goto_l00000336, lmain_goto_l00000339; l00000339: assume {:captureState "l00000339"} true; R8, Gamma_R8 := 1bv64, true; diff --git a/src/test/correct/basic_sec_policy_read/clang_O2/basic_sec_policy_read.expected b/src/test/correct/basic_sec_policy_read/clang_O2/basic_sec_policy_read.expected index 05b01f874..64769e137 100644 --- a/src/test/correct/basic_sec_policy_read/clang_O2/basic_sec_policy_read.expected +++ b/src/test/correct/basic_sec_policy_read/clang_O2/basic_sec_policy_read.expected @@ -1,18 +1,10 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R8: bool; var {:extern} Gamma_R9: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R8: bv64; var {:extern} R9: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; const {:extern} $x_addr: bv64; axiom ($x_addr == 69684bv64); @@ -87,7 +79,7 @@ implementation {:extern} guarantee_reflexive() } procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R8, Gamma_R9, Gamma_VF, Gamma_ZF, Gamma_mem, NF, R0, R8, R9, VF, ZF, mem; + modifies Gamma_R0, Gamma_R8, Gamma_R9, Gamma_mem, R0, R8, R9, mem; free requires (memory_load64_le(mem, 69664bv64) == 0bv64); free requires (memory_load64_le(mem, 69672bv64) == 69672bv64); free requires (memory_load8_le(mem, 1860bv64) == 1bv8); @@ -110,7 +102,15 @@ procedure main(); implementation main() { var #4: bv32; + var CF: bv1; var Gamma_#4: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; lmain: assume {:captureState "lmain"} true; R8, Gamma_R8 := 69632bv64, true; @@ -125,7 +125,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#4, 1bv32), 0bv32), Gamma_#4; NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l000002fa, lmain_goto_l000002fd; + goto lmain_goto_l000002fd, lmain_goto_l000002fa; l000002fd: assume {:captureState "l000002fd"} true; R0, Gamma_R0 := 0bv64, true; diff --git a/src/test/correct/basic_sec_policy_read/clang_no_plt_no_pic/basic_sec_policy_read.expected b/src/test/correct/basic_sec_policy_read/clang_no_plt_no_pic/basic_sec_policy_read.expected index cf574baa9..d8d8d2f6c 100644 --- a/src/test/correct/basic_sec_policy_read/clang_no_plt_no_pic/basic_sec_policy_read.expected +++ b/src/test/correct/basic_sec_policy_read/clang_no_plt_no_pic/basic_sec_policy_read.expected @@ -1,19 +1,11 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; var {:extern} Gamma_R8: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; var {:extern} R8: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $x_addr: bv64; @@ -97,7 +89,7 @@ implementation {:extern} guarantee_reflexive() } procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_R8, Gamma_VF, Gamma_ZF, Gamma_mem, Gamma_stack, NF, R0, R31, R8, VF, ZF, mem, stack; + modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_mem, Gamma_stack, R0, R31, R8, mem, stack; free requires (memory_load64_le(mem, 69664bv64) == 0bv64); free requires (memory_load64_le(mem, 69672bv64) == 69672bv64); free requires (memory_load8_le(mem, 1896bv64) == 1bv8); @@ -122,7 +114,15 @@ procedure main(); implementation main() { var #4: bv32; + var CF: bv1; var Gamma_#4: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; @@ -143,7 +143,7 @@ implementation main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l00000957, lmain_goto_l00000954; + goto lmain_goto_l00000954, lmain_goto_l00000957; l00000957: assume {:captureState "l00000957"} true; R8, Gamma_R8 := 1bv64, true; diff --git a/src/test/correct/basic_sec_policy_read/clang_pic/basic_sec_policy_read.expected b/src/test/correct/basic_sec_policy_read/clang_pic/basic_sec_policy_read.expected index 334cfb61d..9f2fb9d46 100644 --- a/src/test/correct/basic_sec_policy_read/clang_pic/basic_sec_policy_read.expected +++ b/src/test/correct/basic_sec_policy_read/clang_pic/basic_sec_policy_read.expected @@ -1,19 +1,11 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; var {:extern} Gamma_R8: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; var {:extern} R8: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $x_addr: bv64; @@ -103,7 +95,7 @@ implementation {:extern} guarantee_reflexive() } procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_R8, Gamma_VF, Gamma_ZF, Gamma_mem, Gamma_stack, NF, R0, R31, R8, VF, ZF, mem, stack; + modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_mem, Gamma_stack, R0, R31, R8, mem, stack; free requires (memory_load64_le(mem, 69664bv64) == 0bv64); free requires (memory_load64_le(mem, 69672bv64) == 69672bv64); free requires (memory_load8_le(mem, 1968bv64) == 1bv8); @@ -132,7 +124,15 @@ procedure main(); implementation main() { var #4: bv32; + var CF: bv1; var Gamma_#4: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; diff --git a/src/test/correct/basic_sec_policy_read/gcc/basic_sec_policy_read.expected b/src/test/correct/basic_sec_policy_read/gcc/basic_sec_policy_read.expected index 9f7e31c2e..9a64a11dd 100644 --- a/src/test/correct/basic_sec_policy_read/gcc/basic_sec_policy_read.expected +++ b/src/test/correct/basic_sec_policy_read/gcc/basic_sec_policy_read.expected @@ -1,17 +1,9 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $x_addr: bv64; @@ -95,7 +87,7 @@ implementation {:extern} guarantee_reflexive() } procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_VF, Gamma_ZF, Gamma_mem, Gamma_stack, NF, R0, R31, VF, ZF, mem, stack; + modifies Gamma_R0, Gamma_R31, Gamma_mem, Gamma_stack, R0, R31, mem, stack; free requires (memory_load64_le(mem, 69632bv64) == 0bv64); free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); free requires (memory_load8_le(mem, 1888bv64) == 1bv8); @@ -120,7 +112,15 @@ procedure main(); implementation main() { var #4: bv32; + var CF: bv1; var Gamma_#4: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; @@ -140,7 +140,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#4, 1bv32), 0bv32), Gamma_#4; NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l00000345, lmain_goto_l0000032e; + goto lmain_goto_l0000032e, lmain_goto_l00000345; l00000345: assume {:captureState "l00000345"} true; stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), 0bv32), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), true); diff --git a/src/test/correct/basic_sec_policy_read/gcc_no_plt_no_pic/basic_sec_policy_read.expected b/src/test/correct/basic_sec_policy_read/gcc_no_plt_no_pic/basic_sec_policy_read.expected index ad1418bff..16de0c96b 100644 --- a/src/test/correct/basic_sec_policy_read/gcc_no_plt_no_pic/basic_sec_policy_read.expected +++ b/src/test/correct/basic_sec_policy_read/gcc_no_plt_no_pic/basic_sec_policy_read.expected @@ -1,17 +1,9 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $x_addr: bv64; @@ -95,7 +87,7 @@ implementation {:extern} guarantee_reflexive() } procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_VF, Gamma_ZF, Gamma_mem, Gamma_stack, NF, R0, R31, VF, ZF, mem, stack; + modifies Gamma_R0, Gamma_R31, Gamma_mem, Gamma_stack, R0, R31, mem, stack; free requires (memory_load64_le(mem, 69632bv64) == 0bv64); free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); free requires (memory_load8_le(mem, 1888bv64) == 1bv8); @@ -120,7 +112,15 @@ procedure main(); implementation main() { var #4: bv32; + var CF: bv1; var Gamma_#4: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; diff --git a/src/test/correct/basic_sec_policy_read/gcc_pic/basic_sec_policy_read.expected b/src/test/correct/basic_sec_policy_read/gcc_pic/basic_sec_policy_read.expected index 65677e9f5..f9ba8fe64 100644 --- a/src/test/correct/basic_sec_policy_read/gcc_pic/basic_sec_policy_read.expected +++ b/src/test/correct/basic_sec_policy_read/gcc_pic/basic_sec_policy_read.expected @@ -1,17 +1,9 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $x_addr: bv64; @@ -101,7 +93,7 @@ implementation {:extern} guarantee_reflexive() } procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_VF, Gamma_ZF, Gamma_mem, Gamma_stack, NF, R0, R31, VF, ZF, mem, stack; + modifies Gamma_R0, Gamma_R31, Gamma_mem, Gamma_stack, R0, R31, mem, stack; free requires (memory_load64_le(mem, 69632bv64) == 0bv64); free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); free requires (memory_load8_le(mem, 1952bv64) == 1bv8); @@ -130,7 +122,15 @@ procedure main(); implementation main() { var #4: bv32; + var CF: bv1; var Gamma_#4: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; diff --git a/src/test/correct/cjump/clang/cjump.expected b/src/test/correct/cjump/clang/cjump.expected index 58a2bbcf4..752d25473 100644 --- a/src/test/correct/cjump/clang/cjump.expected +++ b/src/test/correct/cjump/clang/cjump.expected @@ -1,21 +1,13 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; var {:extern} Gamma_R8: bool; var {:extern} Gamma_R9: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; var {:extern} R8: bv64; var {:extern} R9: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $x_addr: bv64; @@ -90,7 +82,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_R8, Gamma_R9, Gamma_VF, Gamma_ZF, Gamma_mem, Gamma_stack, NF, R0, R31, R8, R9, VF, ZF, mem, stack; + modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_R9, Gamma_mem, Gamma_stack, R0, R31, R8, R9, mem, stack; requires (gamma_load32(Gamma_mem, $x_addr) == true); requires (gamma_load32(Gamma_mem, $y_addr) == false); free requires (memory_load64_le(mem, 69664bv64) == 0bv64); @@ -117,7 +109,15 @@ procedure main(); implementation main() { var #4: bv32; + var CF: bv1; var Gamma_#4: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; diff --git a/src/test/correct/cjump/clang_no_plt_no_pic/cjump.expected b/src/test/correct/cjump/clang_no_plt_no_pic/cjump.expected index e27a5b57f..98abee50c 100644 --- a/src/test/correct/cjump/clang_no_plt_no_pic/cjump.expected +++ b/src/test/correct/cjump/clang_no_plt_no_pic/cjump.expected @@ -1,21 +1,13 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; var {:extern} Gamma_R8: bool; var {:extern} Gamma_R9: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; var {:extern} R8: bv64; var {:extern} R9: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $x_addr: bv64; @@ -90,7 +82,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_R8, Gamma_R9, Gamma_VF, Gamma_ZF, Gamma_mem, Gamma_stack, NF, R0, R31, R8, R9, VF, ZF, mem, stack; + modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_R9, Gamma_mem, Gamma_stack, R0, R31, R8, R9, mem, stack; requires (gamma_load32(Gamma_mem, $x_addr) == true); requires (gamma_load32(Gamma_mem, $y_addr) == false); free requires (memory_load64_le(mem, 69664bv64) == 0bv64); @@ -117,7 +109,15 @@ procedure main(); implementation main() { var #4: bv32; + var CF: bv1; var Gamma_#4: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; diff --git a/src/test/correct/cjump/clang_pic/cjump.expected b/src/test/correct/cjump/clang_pic/cjump.expected index 4ce7b55cf..0ef8aeb1b 100644 --- a/src/test/correct/cjump/clang_pic/cjump.expected +++ b/src/test/correct/cjump/clang_pic/cjump.expected @@ -1,21 +1,13 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; var {:extern} Gamma_R8: bool; var {:extern} Gamma_R9: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; var {:extern} R8: bv64; var {:extern} R9: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $x_addr: bv64; @@ -96,7 +88,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_R8, Gamma_R9, Gamma_VF, Gamma_ZF, Gamma_mem, Gamma_stack, NF, R0, R31, R8, R9, VF, ZF, mem, stack; + modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_R9, Gamma_mem, Gamma_stack, R0, R31, R8, R9, mem, stack; requires (gamma_load32(Gamma_mem, $x_addr) == true); requires (gamma_load32(Gamma_mem, $y_addr) == false); free requires (memory_load64_le(mem, 69664bv64) == 0bv64); @@ -127,7 +119,15 @@ procedure main(); implementation main() { var #4: bv32; + var CF: bv1; var Gamma_#4: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; @@ -150,7 +150,7 @@ implementation main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l00000356, lmain_goto_l00000359; + goto lmain_goto_l00000359, lmain_goto_l00000356; l00000359: assume {:captureState "l00000359"} true; R8, Gamma_R8 := 1bv64, true; @@ -162,7 +162,7 @@ implementation main() l0000035c: assume {:captureState "l0000035c"} true; assert Gamma_R8; - goto l0000035c_goto_l00000364, l0000035c_goto_l00000398; + goto l0000035c_goto_l00000398, l0000035c_goto_l00000364; l00000364: assume {:captureState "l00000364"} true; R9, Gamma_R9 := 65536bv64, true; diff --git a/src/test/correct/cjump/gcc/cjump.expected b/src/test/correct/cjump/gcc/cjump.expected index 6bfefcb36..6752e3f52 100644 --- a/src/test/correct/cjump/gcc/cjump.expected +++ b/src/test/correct/cjump/gcc/cjump.expected @@ -1,16 +1,8 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R1: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R1: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; const {:extern} $x_addr: bv64; axiom ($x_addr == 69652bv64); @@ -84,7 +76,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R1, Gamma_VF, Gamma_ZF, Gamma_mem, NF, R0, R1, VF, ZF, mem; + modifies Gamma_R0, Gamma_R1, Gamma_mem, R0, R1, mem; requires (gamma_load32(Gamma_mem, $x_addr) == true); requires (gamma_load32(Gamma_mem, $y_addr) == false); free requires (memory_load64_le(mem, 69632bv64) == 0bv64); @@ -109,7 +101,15 @@ procedure main(); implementation main() { var #4: bv32; + var CF: bv1; var Gamma_#4: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; lmain: assume {:captureState "lmain"} true; R0, Gamma_R0 := 69632bv64, true; diff --git a/src/test/correct/cjump/gcc_no_plt_no_pic/cjump.expected b/src/test/correct/cjump/gcc_no_plt_no_pic/cjump.expected index 39d8430f5..5285c14a0 100644 --- a/src/test/correct/cjump/gcc_no_plt_no_pic/cjump.expected +++ b/src/test/correct/cjump/gcc_no_plt_no_pic/cjump.expected @@ -1,16 +1,8 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R1: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R1: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; const {:extern} $x_addr: bv64; axiom ($x_addr == 69652bv64); @@ -84,7 +76,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R1, Gamma_VF, Gamma_ZF, Gamma_mem, NF, R0, R1, VF, ZF, mem; + modifies Gamma_R0, Gamma_R1, Gamma_mem, R0, R1, mem; requires (gamma_load32(Gamma_mem, $x_addr) == true); requires (gamma_load32(Gamma_mem, $y_addr) == false); free requires (memory_load64_le(mem, 69632bv64) == 0bv64); @@ -109,7 +101,15 @@ procedure main(); implementation main() { var #4: bv32; + var CF: bv1; var Gamma_#4: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; lmain: assume {:captureState "lmain"} true; R0, Gamma_R0 := 69632bv64, true; @@ -129,7 +129,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#4, 1bv32), 0bv32), Gamma_#4; NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l0000097c, lmain_goto_l000009a3; + goto lmain_goto_l000009a3, lmain_goto_l0000097c; l0000097c: assume {:captureState "l0000097c"} true; R0, Gamma_R0 := 69632bv64, true; diff --git a/src/test/correct/cjump/gcc_pic/cjump.expected b/src/test/correct/cjump/gcc_pic/cjump.expected index ca014cdd8..2be57000d 100644 --- a/src/test/correct/cjump/gcc_pic/cjump.expected +++ b/src/test/correct/cjump/gcc_pic/cjump.expected @@ -1,16 +1,8 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R1: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R1: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; const {:extern} $x_addr: bv64; axiom ($x_addr == 69652bv64); @@ -90,7 +82,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R1, Gamma_VF, Gamma_ZF, Gamma_mem, NF, R0, R1, VF, ZF, mem; + modifies Gamma_R0, Gamma_R1, Gamma_mem, R0, R1, mem; requires (gamma_load32(Gamma_mem, $x_addr) == true); requires (gamma_load32(Gamma_mem, $y_addr) == false); free requires (memory_load64_le(mem, 69632bv64) == 0bv64); @@ -119,7 +111,15 @@ procedure main(); implementation main() { var #4: bv32; + var CF: bv1; var Gamma_#4: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; lmain: assume {:captureState "lmain"} true; R0, Gamma_R0 := 65536bv64, true; @@ -141,7 +141,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#4, 1bv32), 0bv32), Gamma_#4; NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l00000368, lmain_goto_l00000340; + goto lmain_goto_l00000340, lmain_goto_l00000368; l00000340: assume {:captureState "l00000340"} true; R0, Gamma_R0 := 65536bv64, true; diff --git a/src/test/correct/ifbranches/clang/ifbranches.expected b/src/test/correct/ifbranches/clang/ifbranches.expected index 082770cb7..82749e80d 100644 --- a/src/test/correct/ifbranches/clang/ifbranches.expected +++ b/src/test/correct/ifbranches/clang/ifbranches.expected @@ -1,21 +1,13 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R1: bool; var {:extern} Gamma_R31: bool; var {:extern} Gamma_R8: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R1: bv64; var {:extern} R31: bv64; var {:extern} R8: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; function {:extern} {:bvbuiltin "bvadd"} bvadd32(bv32, bv32) returns (bv32); @@ -90,7 +82,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_R8, Gamma_VF, Gamma_ZF, Gamma_stack, NF, R0, R31, R8, VF, ZF, stack; + modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_stack, R0, R31, R8, stack; requires (Gamma_R0 == true); free requires (memory_load64_le(mem, 69664bv64) == 0bv64); free requires (memory_load64_le(mem, 69672bv64) == 69672bv64); @@ -116,7 +108,15 @@ procedure main(); implementation main() { var #4: bv32; + var CF: bv1; var Gamma_#4: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551584bv64), Gamma_R31; diff --git a/src/test/correct/ifbranches/clang_O2/ifbranches.expected b/src/test/correct/ifbranches/clang_O2/ifbranches.expected index a2c2372fd..573cc292a 100644 --- a/src/test/correct/ifbranches/clang_O2/ifbranches.expected +++ b/src/test/correct/ifbranches/clang_O2/ifbranches.expected @@ -1,16 +1,8 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R8: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R8: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; function {:extern} {:bvbuiltin "bvadd"} bvadd32(bv32, bv32) returns (bv32); function {:extern} {:bvbuiltin "bvadd"} bvadd33(bv33, bv33) returns (bv33); @@ -60,7 +52,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R8, Gamma_VF, Gamma_ZF, NF, R0, R8, VF, ZF; + modifies Gamma_R0, Gamma_R8, R0, R8; requires (Gamma_R0 == true); free requires (memory_load64_le(mem, 69664bv64) == 0bv64); free requires (memory_load64_le(mem, 69672bv64) == 69672bv64); @@ -84,7 +76,15 @@ procedure main(); implementation main() { var #4: bv32; + var CF: bv1; var Gamma_#4: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; lmain: assume {:captureState "lmain"} true; R8, Gamma_R8 := 2bv64, true; @@ -94,7 +94,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#4, 1bv32), 0bv32), Gamma_#4; NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l000002df, lmain_goto_l000002db; + goto lmain_goto_l000002db, lmain_goto_l000002df; l000002df: assume {:captureState "l000002df"} true; R0, Gamma_R0 := zero_extend32_32(bvadd32(R8[32:0], 1bv32)), Gamma_R8; diff --git a/src/test/correct/ifbranches/clang_no_plt_no_pic/ifbranches.expected b/src/test/correct/ifbranches/clang_no_plt_no_pic/ifbranches.expected index f8d2ac958..896b4800a 100644 --- a/src/test/correct/ifbranches/clang_no_plt_no_pic/ifbranches.expected +++ b/src/test/correct/ifbranches/clang_no_plt_no_pic/ifbranches.expected @@ -1,21 +1,13 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R1: bool; var {:extern} Gamma_R31: bool; var {:extern} Gamma_R8: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R1: bv64; var {:extern} R31: bv64; var {:extern} R8: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; function {:extern} {:bvbuiltin "bvadd"} bvadd32(bv32, bv32) returns (bv32); @@ -90,7 +82,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_R8, Gamma_VF, Gamma_ZF, Gamma_stack, NF, R0, R31, R8, VF, ZF, stack; + modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_stack, R0, R31, R8, stack; requires (Gamma_R0 == true); free requires (memory_load64_le(mem, 69664bv64) == 0bv64); free requires (memory_load64_le(mem, 69672bv64) == 69672bv64); @@ -116,7 +108,15 @@ procedure main(); implementation main() { var #4: bv32; + var CF: bv1; var Gamma_#4: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551584bv64), Gamma_R31; @@ -136,7 +136,7 @@ implementation main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l000009bb, lmain_goto_l000009b8; + goto lmain_goto_l000009b8, lmain_goto_l000009bb; l000009bb: assume {:captureState "l000009bb"} true; R8, Gamma_R8 := 1bv64, true; diff --git a/src/test/correct/ifbranches/clang_pic/ifbranches.expected b/src/test/correct/ifbranches/clang_pic/ifbranches.expected index 19a0bd77c..896b4800a 100644 --- a/src/test/correct/ifbranches/clang_pic/ifbranches.expected +++ b/src/test/correct/ifbranches/clang_pic/ifbranches.expected @@ -1,21 +1,13 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R1: bool; var {:extern} Gamma_R31: bool; var {:extern} Gamma_R8: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R1: bv64; var {:extern} R31: bv64; var {:extern} R8: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; function {:extern} {:bvbuiltin "bvadd"} bvadd32(bv32, bv32) returns (bv32); @@ -90,7 +82,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_R8, Gamma_VF, Gamma_ZF, Gamma_stack, NF, R0, R31, R8, VF, ZF, stack; + modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_stack, R0, R31, R8, stack; requires (Gamma_R0 == true); free requires (memory_load64_le(mem, 69664bv64) == 0bv64); free requires (memory_load64_le(mem, 69672bv64) == 69672bv64); @@ -116,7 +108,15 @@ procedure main(); implementation main() { var #4: bv32; + var CF: bv1; var Gamma_#4: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551584bv64), Gamma_R31; @@ -148,7 +148,7 @@ implementation main() l000009be: assume {:captureState "l000009be"} true; assert Gamma_R8; - goto l000009be_goto_l00000a03, l000009be_goto_l000009c6; + goto l000009be_goto_l000009c6, l000009be_goto_l00000a03; l000009c6: assume {:captureState "l000009c6"} true; R8, Gamma_R8 := 2bv64, true; diff --git a/src/test/correct/ifbranches/gcc/ifbranches.expected b/src/test/correct/ifbranches/gcc/ifbranches.expected index 6b9c78e6f..0c1ad49a2 100644 --- a/src/test/correct/ifbranches/gcc/ifbranches.expected +++ b/src/test/correct/ifbranches/gcc/ifbranches.expected @@ -1,19 +1,11 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R1: bool; var {:extern} Gamma_R31: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R1: bv64; var {:extern} R31: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; function {:extern} {:bvbuiltin "bvadd"} bvadd32(bv32, bv32) returns (bv32); @@ -88,7 +80,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_VF, Gamma_ZF, Gamma_stack, NF, R0, R31, VF, ZF, stack; + modifies Gamma_R0, Gamma_R31, Gamma_stack, R0, R31, stack; requires (Gamma_R0 == true); free requires (memory_load64_le(mem, 69632bv64) == 0bv64); free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); @@ -114,7 +106,15 @@ procedure main(); implementation main() { var #4: bv32; + var CF: bv1; var Gamma_#4: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551584bv64), Gamma_R31; diff --git a/src/test/correct/ifbranches/gcc_O2/ifbranches.expected b/src/test/correct/ifbranches/gcc_O2/ifbranches.expected index d0e86a0f5..6a1edc35e 100644 --- a/src/test/correct/ifbranches/gcc_O2/ifbranches.expected +++ b/src/test/correct/ifbranches/gcc_O2/ifbranches.expected @@ -1,14 +1,6 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R0: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; function {:extern} {:bvbuiltin "bvadd"} bvadd32(bv32, bv32) returns (bv32); function {:extern} {:bvbuiltin "bvadd"} bvadd33(bv33, bv33) returns (bv33); @@ -58,7 +50,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_VF, Gamma_ZF, NF, R0, VF, ZF; + modifies Gamma_R0, R0; requires (Gamma_R0 == true); free requires (memory_load64_le(mem, 69632bv64) == 0bv64); free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); @@ -82,7 +74,15 @@ procedure main(); implementation main() { var #1: bv32; + var CF: bv1; var Gamma_#1: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; lmain: assume {:captureState "lmain"} true; #1, Gamma_#1 := bvadd32(R0[32:0], 4294967295bv32), Gamma_R0; @@ -91,7 +91,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#1, 1bv32), 0bv32), Gamma_#1; NF, Gamma_NF := bvadd32(#1, 1bv32)[32:31], Gamma_#1; assert Gamma_ZF; - goto lmain_goto_l000001c6, lmain_goto_l000001c3; + goto lmain_goto_l000001c3, lmain_goto_l000001c6; l000001c6: assume {:captureState "l000001c6"} true; R0, Gamma_R0 := 1bv64, true; diff --git a/src/test/correct/ifbranches/gcc_no_plt_no_pic/ifbranches.expected b/src/test/correct/ifbranches/gcc_no_plt_no_pic/ifbranches.expected index 60408fa36..a023fc70b 100644 --- a/src/test/correct/ifbranches/gcc_no_plt_no_pic/ifbranches.expected +++ b/src/test/correct/ifbranches/gcc_no_plt_no_pic/ifbranches.expected @@ -1,19 +1,11 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R1: bool; var {:extern} Gamma_R31: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R1: bv64; var {:extern} R31: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; function {:extern} {:bvbuiltin "bvadd"} bvadd32(bv32, bv32) returns (bv32); @@ -88,7 +80,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_VF, Gamma_ZF, Gamma_stack, NF, R0, R31, VF, ZF, stack; + modifies Gamma_R0, Gamma_R31, Gamma_stack, R0, R31, stack; requires (Gamma_R0 == true); free requires (memory_load64_le(mem, 69632bv64) == 0bv64); free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); @@ -114,7 +106,15 @@ procedure main(); implementation main() { var #4: bv32; + var CF: bv1; var Gamma_#4: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551584bv64), Gamma_R31; @@ -131,7 +131,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#4, 1bv32), 0bv32), Gamma_#4; NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l0000099c, lmain_goto_l00000963; + goto lmain_goto_l00000963, lmain_goto_l0000099c; l00000963: assume {:captureState "l00000963"} true; R0, Gamma_R0 := 2bv64, true; diff --git a/src/test/correct/ifbranches/gcc_pic/ifbranches.expected b/src/test/correct/ifbranches/gcc_pic/ifbranches.expected index 60408fa36..a023fc70b 100644 --- a/src/test/correct/ifbranches/gcc_pic/ifbranches.expected +++ b/src/test/correct/ifbranches/gcc_pic/ifbranches.expected @@ -1,19 +1,11 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R1: bool; var {:extern} Gamma_R31: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R1: bv64; var {:extern} R31: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; function {:extern} {:bvbuiltin "bvadd"} bvadd32(bv32, bv32) returns (bv32); @@ -88,7 +80,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_VF, Gamma_ZF, Gamma_stack, NF, R0, R31, VF, ZF, stack; + modifies Gamma_R0, Gamma_R31, Gamma_stack, R0, R31, stack; requires (Gamma_R0 == true); free requires (memory_load64_le(mem, 69632bv64) == 0bv64); free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); @@ -114,7 +106,15 @@ procedure main(); implementation main() { var #4: bv32; + var CF: bv1; var Gamma_#4: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551584bv64), Gamma_R31; @@ -131,7 +131,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#4, 1bv32), 0bv32), Gamma_#4; NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l0000099c, lmain_goto_l00000963; + goto lmain_goto_l00000963, lmain_goto_l0000099c; l00000963: assume {:captureState "l00000963"} true; R0, Gamma_R0 := 2bv64, true; diff --git a/src/test/correct/ifglobal/clang/ifglobal.expected b/src/test/correct/ifglobal/clang/ifglobal.expected index cfec982b5..4f9a5c230 100644 --- a/src/test/correct/ifglobal/clang/ifglobal.expected +++ b/src/test/correct/ifglobal/clang/ifglobal.expected @@ -1,21 +1,13 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; var {:extern} Gamma_R8: bool; var {:extern} Gamma_R9: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; var {:extern} R8: bv64; var {:extern} R9: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $x_addr: bv64; @@ -88,7 +80,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_R8, Gamma_R9, Gamma_VF, Gamma_ZF, Gamma_mem, Gamma_stack, NF, R0, R31, R8, R9, VF, ZF, mem, stack; + modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_R9, Gamma_mem, Gamma_stack, R0, R31, R8, R9, mem, stack; free requires (memory_load64_le(mem, 69664bv64) == 0bv64); free requires (memory_load64_le(mem, 69672bv64) == 69672bv64); free requires (memory_load8_le(mem, 1892bv64) == 1bv8); @@ -113,7 +105,15 @@ procedure main(); implementation main() { var #4: bv32; + var CF: bv1; var Gamma_#4: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; @@ -129,7 +129,7 @@ implementation main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l00000321, lmain_goto_l0000031e; + goto lmain_goto_l0000031e, lmain_goto_l00000321; l00000321: assume {:captureState "l00000321"} true; R8, Gamma_R8 := 1bv64, true; @@ -141,7 +141,7 @@ implementation main() l00000324: assume {:captureState "l00000324"} true; assert Gamma_R8; - goto l00000324_goto_l00000343, l00000324_goto_l0000032c; + goto l00000324_goto_l0000032c, l00000324_goto_l00000343; l00000343: assume {:captureState "l00000343"} true; goto l00000344; diff --git a/src/test/correct/ifglobal/clang_O2/ifglobal.expected b/src/test/correct/ifglobal/clang_O2/ifglobal.expected index b7b4a0378..782eeaf4d 100644 --- a/src/test/correct/ifglobal/clang_O2/ifglobal.expected +++ b/src/test/correct/ifglobal/clang_O2/ifglobal.expected @@ -97,7 +97,7 @@ implementation main() call rely(); R9, Gamma_R9 := zero_extend32_32(memory_load32_le(mem, bvadd64(R8, 52bv64))), (gamma_load32(Gamma_mem, bvadd64(R8, 52bv64)) || L(mem, bvadd64(R8, 52bv64))); assert Gamma_R9; - goto lmain_goto_l000002f8, lmain_goto_l000002dc; + goto lmain_goto_l000002dc, lmain_goto_l000002f8; l000002dc: assume {:captureState "l000002dc"} true; R9, Gamma_R9 := 1bv64, true; diff --git a/src/test/correct/ifglobal/clang_no_plt_no_pic/ifglobal.expected b/src/test/correct/ifglobal/clang_no_plt_no_pic/ifglobal.expected index d341f79eb..a2cf3c86a 100644 --- a/src/test/correct/ifglobal/clang_no_plt_no_pic/ifglobal.expected +++ b/src/test/correct/ifglobal/clang_no_plt_no_pic/ifglobal.expected @@ -1,21 +1,13 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; var {:extern} Gamma_R8: bool; var {:extern} Gamma_R9: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; var {:extern} R8: bv64; var {:extern} R9: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $x_addr: bv64; @@ -88,7 +80,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_R8, Gamma_R9, Gamma_VF, Gamma_ZF, Gamma_mem, Gamma_stack, NF, R0, R31, R8, R9, VF, ZF, mem, stack; + modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_R9, Gamma_mem, Gamma_stack, R0, R31, R8, R9, mem, stack; free requires (memory_load64_le(mem, 69664bv64) == 0bv64); free requires (memory_load64_le(mem, 69672bv64) == 69672bv64); free requires (memory_load8_le(mem, 1892bv64) == 1bv8); @@ -113,7 +105,15 @@ procedure main(); implementation main() { var #4: bv32; + var CF: bv1; var Gamma_#4: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; @@ -141,7 +141,7 @@ implementation main() l00000933: assume {:captureState "l00000933"} true; assert Gamma_R8; - goto l00000933_goto_l00000952, l00000933_goto_l0000093b; + goto l00000933_goto_l0000093b, l00000933_goto_l00000952; l00000952: assume {:captureState "l00000952"} true; goto l00000953; diff --git a/src/test/correct/ifglobal/clang_pic/ifglobal.expected b/src/test/correct/ifglobal/clang_pic/ifglobal.expected index 36cf75b18..c9631ddb9 100644 --- a/src/test/correct/ifglobal/clang_pic/ifglobal.expected +++ b/src/test/correct/ifglobal/clang_pic/ifglobal.expected @@ -1,21 +1,13 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; var {:extern} Gamma_R8: bool; var {:extern} Gamma_R9: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; var {:extern} R8: bv64; var {:extern} R9: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $x_addr: bv64; @@ -93,7 +85,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_R8, Gamma_R9, Gamma_VF, Gamma_ZF, Gamma_mem, Gamma_stack, NF, R0, R31, R8, R9, VF, ZF, mem, stack; + modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_R9, Gamma_mem, Gamma_stack, R0, R31, R8, R9, mem, stack; free requires (memory_load64_le(mem, 69664bv64) == 0bv64); free requires (memory_load64_le(mem, 69672bv64) == 69672bv64); free requires (memory_load8_le(mem, 1964bv64) == 1bv8); @@ -120,7 +112,15 @@ procedure main(); implementation main() { var #4: bv32; + var CF: bv1; var Gamma_#4: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; diff --git a/src/test/correct/ifglobal/gcc/ifglobal.expected b/src/test/correct/ifglobal/gcc/ifglobal.expected index fb46e3457..cc675c447 100644 --- a/src/test/correct/ifglobal/gcc/ifglobal.expected +++ b/src/test/correct/ifglobal/gcc/ifglobal.expected @@ -1,16 +1,8 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R1: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R1: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; const {:extern} $x_addr: bv64; axiom ($x_addr == 69652bv64); @@ -82,7 +74,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R1, Gamma_VF, Gamma_ZF, Gamma_mem, NF, R0, R1, VF, ZF, mem; + modifies Gamma_R0, Gamma_R1, Gamma_mem, R0, R1, mem; free requires (memory_load64_le(mem, 69632bv64) == 0bv64); free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); free requires (memory_load8_le(mem, 1876bv64) == 1bv8); @@ -105,7 +97,15 @@ procedure main(); implementation main() { var #4: bv32; + var CF: bv1; var Gamma_#4: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; lmain: assume {:captureState "lmain"} true; R0, Gamma_R0 := 69632bv64, true; diff --git a/src/test/correct/ifglobal/gcc_no_plt_no_pic/ifglobal.expected b/src/test/correct/ifglobal/gcc_no_plt_no_pic/ifglobal.expected index 982e4d0c0..6d2e955fa 100644 --- a/src/test/correct/ifglobal/gcc_no_plt_no_pic/ifglobal.expected +++ b/src/test/correct/ifglobal/gcc_no_plt_no_pic/ifglobal.expected @@ -1,16 +1,8 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R1: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R1: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; const {:extern} $x_addr: bv64; axiom ($x_addr == 69652bv64); @@ -82,7 +74,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R1, Gamma_VF, Gamma_ZF, Gamma_mem, NF, R0, R1, VF, ZF, mem; + modifies Gamma_R0, Gamma_R1, Gamma_mem, R0, R1, mem; free requires (memory_load64_le(mem, 69632bv64) == 0bv64); free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); free requires (memory_load8_le(mem, 1876bv64) == 1bv8); @@ -105,7 +97,15 @@ procedure main(); implementation main() { var #4: bv32; + var CF: bv1; var Gamma_#4: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; lmain: assume {:captureState "lmain"} true; R0, Gamma_R0 := 69632bv64, true; @@ -118,7 +118,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#4, 1bv32), 0bv32), Gamma_#4; NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l000008d6, lmain_goto_l000008e5; + goto lmain_goto_l000008e5, lmain_goto_l000008d6; l000008e5: assume {:captureState "l000008e5"} true; R0, Gamma_R0 := 69632bv64, true; diff --git a/src/test/correct/ifglobal/gcc_pic/ifglobal.expected b/src/test/correct/ifglobal/gcc_pic/ifglobal.expected index 02246ecb1..e29207861 100644 --- a/src/test/correct/ifglobal/gcc_pic/ifglobal.expected +++ b/src/test/correct/ifglobal/gcc_pic/ifglobal.expected @@ -1,16 +1,8 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R1: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R1: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; const {:extern} $x_addr: bv64; axiom ($x_addr == 69652bv64); @@ -87,7 +79,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R1, Gamma_VF, Gamma_ZF, Gamma_mem, NF, R0, R1, VF, ZF, mem; + modifies Gamma_R0, Gamma_R1, Gamma_mem, R0, R1, mem; free requires (memory_load64_le(mem, 69632bv64) == 0bv64); free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); free requires (memory_load8_le(mem, 1940bv64) == 1bv8); @@ -112,7 +104,15 @@ procedure main(); implementation main() { var #4: bv32; + var CF: bv1; var Gamma_#4: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; lmain: assume {:captureState "lmain"} true; R0, Gamma_R0 := 65536bv64, true; diff --git a/src/test/correct/initialisation/clang/initialisation.expected b/src/test/correct/initialisation/clang/initialisation.expected index 20338557a..ecea71deb 100644 --- a/src/test/correct/initialisation/clang/initialisation.expected +++ b/src/test/correct/initialisation/clang/initialisation.expected @@ -1,22 +1,14 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R10: bool; var {:extern} Gamma_R11: bool; var {:extern} Gamma_R8: bool; var {:extern} Gamma_R9: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R10: bv64; var {:extern} R11: bv64; var {:extern} R8: bv64; var {:extern} R9: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; const {:extern} $a_addr: bv64; axiom ($a_addr == 69696bv64); @@ -118,7 +110,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R10, Gamma_R11, Gamma_R8, Gamma_R9, Gamma_VF, Gamma_ZF, Gamma_mem, NF, R0, R10, R11, R8, R9, VF, ZF, mem; + modifies Gamma_R0, Gamma_R10, Gamma_R11, Gamma_R8, Gamma_R9, Gamma_mem, R0, R10, R11, R8, R9, mem; free requires (memory_load64_le(mem, 69664bv64) == 0bv64); free requires (memory_load64_le(mem, 69672bv64) == 69672bv64); free requires (memory_load64_le(mem, 69680bv64) == 416611827717bv64); @@ -147,7 +139,15 @@ procedure main(); implementation main() { var #4: bv64; + var CF: bv1; var Gamma_#4: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; lmain: assume {:captureState "lmain"} true; R8, Gamma_R8 := 69632bv64, true; diff --git a/src/test/correct/initialisation/clang_no_plt_no_pic/initialisation.expected b/src/test/correct/initialisation/clang_no_plt_no_pic/initialisation.expected index 1f055c32f..c1ab572b1 100644 --- a/src/test/correct/initialisation/clang_no_plt_no_pic/initialisation.expected +++ b/src/test/correct/initialisation/clang_no_plt_no_pic/initialisation.expected @@ -1,22 +1,14 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R10: bool; var {:extern} Gamma_R11: bool; var {:extern} Gamma_R8: bool; var {:extern} Gamma_R9: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R10: bv64; var {:extern} R11: bv64; var {:extern} R8: bv64; var {:extern} R9: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; const {:extern} $a_addr: bv64; axiom ($a_addr == 69696bv64); @@ -118,7 +110,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R10, Gamma_R11, Gamma_R8, Gamma_R9, Gamma_VF, Gamma_ZF, Gamma_mem, NF, R0, R10, R11, R8, R9, VF, ZF, mem; + modifies Gamma_R0, Gamma_R10, Gamma_R11, Gamma_R8, Gamma_R9, Gamma_mem, R0, R10, R11, R8, R9, mem; free requires (memory_load64_le(mem, 69664bv64) == 0bv64); free requires (memory_load64_le(mem, 69672bv64) == 69672bv64); free requires (memory_load64_le(mem, 69680bv64) == 416611827717bv64); @@ -147,7 +139,15 @@ procedure main(); implementation main() { var #4: bv64; + var CF: bv1; var Gamma_#4: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; lmain: assume {:captureState "lmain"} true; R8, Gamma_R8 := 69632bv64, true; diff --git a/src/test/correct/initialisation/clang_pic/initialisation.expected b/src/test/correct/initialisation/clang_pic/initialisation.expected index 42b134963..2e1916a59 100644 --- a/src/test/correct/initialisation/clang_pic/initialisation.expected +++ b/src/test/correct/initialisation/clang_pic/initialisation.expected @@ -1,20 +1,12 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R10: bool; var {:extern} Gamma_R8: bool; var {:extern} Gamma_R9: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R10: bv64; var {:extern} R8: bv64; var {:extern} R9: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; const {:extern} $a_addr: bv64; axiom ($a_addr == 69696bv64); @@ -120,7 +112,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R10, Gamma_R8, Gamma_R9, Gamma_VF, Gamma_ZF, Gamma_mem, NF, R0, R10, R8, R9, VF, ZF, mem; + modifies Gamma_R0, Gamma_R10, Gamma_R8, Gamma_R9, Gamma_mem, R0, R10, R8, R9, mem; free requires (memory_load64_le(mem, 69664bv64) == 0bv64); free requires (memory_load64_le(mem, 69672bv64) == 69672bv64); free requires (memory_load64_le(mem, 69680bv64) == 416611827717bv64); @@ -157,7 +149,15 @@ procedure main(); implementation main() { var #4: bv64; + var CF: bv1; var Gamma_#4: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; lmain: assume {:captureState "lmain"} true; R9, Gamma_R9 := 65536bv64, true; diff --git a/src/test/correct/jumptable3/gcc/jumptable3.expected b/src/test/correct/jumptable3/gcc/jumptable3.expected index 2362de10d..f8daceebb 100644 --- a/src/test/correct/jumptable3/gcc/jumptable3.expected +++ b/src/test/correct/jumptable3/gcc/jumptable3.expected @@ -1,23 +1,15 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R1: bool; var {:extern} Gamma_R29: bool; var {:extern} Gamma_R30: bool; var {:extern} Gamma_R31: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R1: bv64; var {:extern} R29: bv64; var {:extern} R30: bv64; var {:extern} R31: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; function {:extern} L(memory: [bv64]bv8, index: bv64) returns (bool) { @@ -181,7 +173,7 @@ implementation add_two() } procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R1, Gamma_R29, Gamma_R30, Gamma_R31, Gamma_VF, Gamma_ZF, Gamma_mem, Gamma_stack, NF, R0, R1, R29, R30, R31, VF, ZF, mem, stack; + modifies Gamma_R0, Gamma_R1, Gamma_R29, Gamma_R30, Gamma_R31, Gamma_mem, Gamma_stack, R0, R1, R29, R30, R31, mem, stack; requires (Gamma_R0 == true); free requires (memory_load8_le(mem, 69632bv64) == 0bv8); free requires (memory_load8_le(mem, 69633bv64) == 0bv8); @@ -249,6 +241,7 @@ implementation main() var #7: bv32; var #8: bv32; var #9: bv32; + var CF: bv1; var Gamma_#10: bool; var Gamma_#11: bool; var Gamma_#12: bool; @@ -272,6 +265,13 @@ implementation main() var Gamma_#7: bool; var Gamma_#8: bool; var Gamma_#9: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; lmain: assume {:captureState "lmain"} true; #4, Gamma_#4 := bvadd64(R31, 18446744073709551584bv64), Gamma_R31; @@ -360,7 +360,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#9, 1bv32), 0bv32), Gamma_#9; NF, Gamma_NF := bvadd32(#9, 1bv32)[32:31], Gamma_#9; assert Gamma_ZF; - goto l0000066b_goto_l0000068c, l0000066b_goto_l000006a3; + goto l0000066b_goto_l000006a3, l0000066b_goto_l0000068c; l0000068c: assume {:captureState "l0000068c"} true; R30, Gamma_R30 := 2276bv64, true; @@ -393,7 +393,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#11, 1bv32), 0bv32), Gamma_#11; NF, Gamma_NF := bvadd32(#11, 1bv32)[32:31], Gamma_#11; assert Gamma_ZF; - goto l000006cb_goto_l000006ec, l000006cb_goto_l00000703; + goto l000006cb_goto_l00000703, l000006cb_goto_l000006ec; l00000703: assume {:captureState "l00000703"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -423,7 +423,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#14, 1bv32), 0bv32), Gamma_#14; NF, Gamma_NF := bvadd32(#14, 1bv32)[32:31], Gamma_#14; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l00000758_goto_l00000780, l00000758_goto_l000005d7; + goto l00000758_goto_l000005d7, l00000758_goto_l00000780; l00000780: assume {:captureState "l00000780"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -453,7 +453,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#17, 1bv32), 0bv32), Gamma_#17; NF, Gamma_NF := bvadd32(#17, 1bv32)[32:31], Gamma_#17; assert Gamma_ZF; - goto l000007d5_goto_l000007f6, l000007d5_goto_l00000809; + goto l000007d5_goto_l00000809, l000007d5_goto_l000007f6; l000007f6: assume {:captureState "l000007f6"} true; R30, Gamma_R30 := 2248bv64, true; @@ -496,7 +496,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#18, 1bv32), 0bv32), Gamma_#18; NF, Gamma_NF := bvadd32(#18, 1bv32)[32:31], Gamma_#18; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l00000809_goto_l000005d7, l00000809_goto_l00000831; + goto l00000809_goto_l00000831, l00000809_goto_l000005d7; l00000831: assume {:captureState "l00000831"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -524,7 +524,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#20, 1bv32), 0bv32), Gamma_#20; NF, Gamma_NF := bvadd32(#20, 1bv32)[32:31], Gamma_#20; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l00000862_goto_l0000088a, l00000862_goto_l000005d7; + goto l00000862_goto_l000005d7, l00000862_goto_l0000088a; l0000088a: assume {:captureState "l0000088a"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -534,7 +534,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#21, 1bv32), 0bv32), Gamma_#21; NF, Gamma_NF := bvadd32(#21, 1bv32)[32:31], Gamma_#21; assert Gamma_ZF; - goto l0000088a_goto_l000008c2, l0000088a_goto_l000008ab; + goto l0000088a_goto_l000008ab, l0000088a_goto_l000008c2; l000008ab: assume {:captureState "l000008ab"} true; R30, Gamma_R30 := 2228bv64, true; @@ -557,7 +557,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#22, 1bv32), 0bv32), Gamma_#22; NF, Gamma_NF := bvadd32(#22, 1bv32)[32:31], Gamma_#22; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l000008c2_goto_l000005d7, l000008c2_goto_l000008ea; + goto l000008c2_goto_l000008ea, l000008c2_goto_l000005d7; l000008ea: assume {:captureState "l000008ea"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -577,7 +577,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#24, 1bv32), 0bv32), Gamma_#24; NF, Gamma_NF := bvadd32(#24, 1bv32)[32:31], Gamma_#24; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l0000091b_goto_l000005d7, l0000091b_goto_l00000943; + goto l0000091b_goto_l00000943, l0000091b_goto_l000005d7; l00000943: assume {:captureState "l00000943"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -605,7 +605,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#26, 1bv32), 0bv32), Gamma_#26; NF, Gamma_NF := bvadd32(#26, 1bv32)[32:31], Gamma_#26; assert Gamma_ZF; - goto l0000097b_goto_l00000974, l0000097b_goto_l000009a1; + goto l0000097b_goto_l000009a1, l0000097b_goto_l00000974; l00000974: assume {:captureState "l00000974"} true; R30, Gamma_R30 := 2216bv64, true; diff --git a/src/test/correct/jumptable3/gcc_O2/jumptable3.expected b/src/test/correct/jumptable3/gcc_O2/jumptable3.expected index 66c4e54fe..bb7c003c0 100644 --- a/src/test/correct/jumptable3/gcc_O2/jumptable3.expected +++ b/src/test/correct/jumptable3/gcc_O2/jumptable3.expected @@ -1,16 +1,8 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R1: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R1: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; function {:extern} L(memory: [bv64]bv8, index: bv64) returns (bool) { false @@ -81,7 +73,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R1, Gamma_VF, Gamma_ZF, Gamma_mem, NF, R0, R1, VF, ZF, mem; + modifies Gamma_R0, Gamma_R1, Gamma_mem, R0, R1, mem; requires (Gamma_R0 == true); free requires (memory_load8_le(mem, 69632bv64) == 0bv8); free requires (memory_load8_le(mem, 69633bv64) == 0bv8); @@ -132,6 +124,7 @@ implementation main() var #7: bv32; var #8: bv32; var #9: bv32; + var CF: bv1; var Gamma_#1: bool; var Gamma_#10: bool; var Gamma_#11: bool; @@ -142,6 +135,13 @@ implementation main() var Gamma_#7: bool; var Gamma_#8: bool; var Gamma_#9: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; lmain: assume {:captureState "lmain"} true; R1, Gamma_R1 := 69632bv64, true; @@ -165,7 +165,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#8, 1bv32), 0bv32), Gamma_#8; NF, Gamma_NF := bvadd32(#8, 1bv32)[32:31], Gamma_#8; assert Gamma_ZF; - goto l000006e8_goto_l0000070c, l000006e8_goto_l000005f9; + goto l000006e8_goto_l000005f9, l000006e8_goto_l0000070c; l000005f9: assume {:captureState "l000005f9"} true; call rely(); @@ -197,7 +197,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#7, 1bv32), 0bv32), Gamma_#7; NF, Gamma_NF := bvadd32(#7, 1bv32)[32:31], Gamma_#7; assert Gamma_ZF; - goto l00000663_goto_l0000036b, l00000663_goto_l00000347; + goto l00000663_goto_l00000347, l00000663_goto_l0000036b; l00000715: assume {:captureState "l00000715"} true; #9, Gamma_#9 := bvadd32(R0[32:0], 4294967285bv32), Gamma_R0; @@ -206,7 +206,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#9, 1bv32), 0bv32), Gamma_#9; NF, Gamma_NF := bvadd32(#9, 1bv32)[32:31], Gamma_#9; assert Gamma_ZF; - goto l00000715_goto_l00000734, l00000715_goto_l00000612; + goto l00000715_goto_l00000612, l00000715_goto_l00000734; l00000612: assume {:captureState "l00000612"} true; call rely(); @@ -349,11 +349,11 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#13, 1bv32), 0bv32), Gamma_#13; NF, Gamma_NF := bvadd32(#13, 1bv32)[32:31], Gamma_#13; assert Gamma_ZF; - goto l000007a8_goto_l00000368, l000007a8_goto_l000006d0; + goto l000007a8_goto_l000006d0, l000007a8_goto_l00000368; l00000368: assume {:captureState "l00000368"} true; assert Gamma_R0; - goto l00000368_goto_l0000036b, l00000368_goto_l000005a3; + goto l00000368_goto_l000005a3, l00000368_goto_l0000036b; l0000036b: assume {:captureState "l0000036b"} true; R0, Gamma_R0 := 1bv64, true; diff --git a/src/test/correct/jumptable3/gcc_no_plt_no_pic/jumptable3.expected b/src/test/correct/jumptable3/gcc_no_plt_no_pic/jumptable3.expected index 26466ca0e..430488687 100644 --- a/src/test/correct/jumptable3/gcc_no_plt_no_pic/jumptable3.expected +++ b/src/test/correct/jumptable3/gcc_no_plt_no_pic/jumptable3.expected @@ -1,23 +1,15 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R1: bool; var {:extern} Gamma_R29: bool; var {:extern} Gamma_R30: bool; var {:extern} Gamma_R31: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R1: bv64; var {:extern} R29: bv64; var {:extern} R30: bv64; var {:extern} R31: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; function {:extern} L(memory: [bv64]bv8, index: bv64) returns (bool) { @@ -181,7 +173,7 @@ implementation add_two() } procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R1, Gamma_R29, Gamma_R30, Gamma_R31, Gamma_VF, Gamma_ZF, Gamma_mem, Gamma_stack, NF, R0, R1, R29, R30, R31, VF, ZF, mem, stack; + modifies Gamma_R0, Gamma_R1, Gamma_R29, Gamma_R30, Gamma_R31, Gamma_mem, Gamma_stack, R0, R1, R29, R30, R31, mem, stack; requires (Gamma_R0 == true); free requires (memory_load8_le(mem, 69632bv64) == 0bv8); free requires (memory_load8_le(mem, 69633bv64) == 0bv8); @@ -249,6 +241,7 @@ implementation main() var #7: bv32; var #8: bv32; var #9: bv32; + var CF: bv1; var Gamma_#10: bool; var Gamma_#11: bool; var Gamma_#12: bool; @@ -272,6 +265,13 @@ implementation main() var Gamma_#7: bool; var Gamma_#8: bool; var Gamma_#9: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; lmain: assume {:captureState "lmain"} true; #4, Gamma_#4 := bvadd64(R31, 18446744073709551584bv64), Gamma_R31; @@ -302,7 +302,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#6, 1bv32), 0bv32), Gamma_#6; NF, Gamma_NF := bvadd32(#6, 1bv32)[32:31], Gamma_#6; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l0000133b_goto_l00001332, l0000133b_goto_l00001363; + goto l0000133b_goto_l00001363, l0000133b_goto_l00001332; l00001363: assume {:captureState "l00001363"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -312,7 +312,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#7, 1bv32), 0bv32), Gamma_#7; NF, Gamma_NF := bvadd32(#7, 1bv32)[32:31], Gamma_#7; assert Gamma_ZF; - goto l00001363_goto_l00001384, l00001363_goto_l0000139e; + goto l00001363_goto_l0000139e, l00001363_goto_l00001384; l00001384: assume {:captureState "l00001384"} true; R30, Gamma_R30 := 2288bv64, true; @@ -413,7 +413,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#13, 1bv32), 0bv32), Gamma_#13; NF, Gamma_NF := bvadd32(#13, 1bv32)[32:31], Gamma_#13; assert Gamma_ZF; - goto l00001486_goto_l000014b3, l00001486_goto_l000014a7; + goto l00001486_goto_l000014a7, l00001486_goto_l000014b3; l000014b3: assume {:captureState "l000014b3"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -423,7 +423,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#14, 1bv32), 0bv32), Gamma_#14; NF, Gamma_NF := bvadd32(#14, 1bv32)[32:31], Gamma_#14; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l000014b3_goto_l000014db, l000014b3_goto_l00001332; + goto l000014b3_goto_l00001332, l000014b3_goto_l000014db; l000014db: assume {:captureState "l000014db"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -433,7 +433,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#15, 1bv32), 0bv32), Gamma_#15; NF, Gamma_NF := bvadd32(#15, 1bv32)[32:31], Gamma_#15; assert Gamma_ZF; - goto l000014db_goto_l000014fc, l000014db_goto_l00001508; + goto l000014db_goto_l00001508, l000014db_goto_l000014fc; l00001508: assume {:captureState "l00001508"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -443,7 +443,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#16, 1bv32), 0bv32), Gamma_#16; NF, Gamma_NF := bvadd32(#16, 1bv32)[32:31], Gamma_#16; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l00001508_goto_l00001530, l00001508_goto_l00001332; + goto l00001508_goto_l00001332, l00001508_goto_l00001530; l00001530: assume {:captureState "l00001530"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -496,7 +496,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#18, 1bv32), 0bv32), Gamma_#18; NF, Gamma_NF := bvadd32(#18, 1bv32)[32:31], Gamma_#18; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l00001564_goto_l00001332, l00001564_goto_l0000158c; + goto l00001564_goto_l0000158c, l00001564_goto_l00001332; l0000158c: assume {:captureState "l0000158c"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -557,7 +557,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#22, 1bv32), 0bv32), Gamma_#22; NF, Gamma_NF := bvadd32(#22, 1bv32)[32:31], Gamma_#22; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l0000161d_goto_l00001645, l0000161d_goto_l00001332; + goto l0000161d_goto_l00001332, l0000161d_goto_l00001645; l00001645: assume {:captureState "l00001645"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -587,7 +587,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#25, 1bv32), 0bv32), Gamma_#25; NF, Gamma_NF := bvadd32(#25, 1bv32)[32:31], Gamma_#25; assert Gamma_ZF; - goto l0000169e_goto_l000016d6, l0000169e_goto_l000016bf; + goto l0000169e_goto_l000016bf, l0000169e_goto_l000016d6; l000016bf: assume {:captureState "l000016bf"} true; R30, Gamma_R30 := 2208bv64, true; @@ -605,7 +605,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#26, 1bv32), 0bv32), Gamma_#26; NF, Gamma_NF := bvadd32(#26, 1bv32)[32:31], Gamma_#26; assert Gamma_ZF; - goto l000016d6_goto_l000016fc, l000016d6_goto_l000016cf; + goto l000016d6_goto_l000016cf, l000016d6_goto_l000016fc; l000016cf: assume {:captureState "l000016cf"} true; R30, Gamma_R30 := 2216bv64, true; diff --git a/src/test/correct/jumptable3/gcc_pic/jumptable3.expected b/src/test/correct/jumptable3/gcc_pic/jumptable3.expected index 90bc6b903..95c915903 100644 --- a/src/test/correct/jumptable3/gcc_pic/jumptable3.expected +++ b/src/test/correct/jumptable3/gcc_pic/jumptable3.expected @@ -1,23 +1,15 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R1: bool; var {:extern} Gamma_R29: bool; var {:extern} Gamma_R30: bool; var {:extern} Gamma_R31: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R1: bv64; var {:extern} R29: bv64; var {:extern} R30: bv64; var {:extern} R31: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; function {:extern} L(memory: [bv64]bv8, index: bv64) returns (bool) { @@ -190,7 +182,7 @@ implementation add_two() } procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R1, Gamma_R29, Gamma_R30, Gamma_R31, Gamma_VF, Gamma_ZF, Gamma_mem, Gamma_stack, NF, R0, R1, R29, R30, R31, VF, ZF, mem, stack; + modifies Gamma_R0, Gamma_R1, Gamma_R29, Gamma_R30, Gamma_R31, Gamma_mem, Gamma_stack, R0, R1, R29, R30, R31, mem, stack; requires (Gamma_R0 == true); free requires (memory_load8_le(mem, 69632bv64) == 0bv8); free requires (memory_load8_le(mem, 69633bv64) == 0bv8); @@ -260,6 +252,7 @@ implementation main() var #7: bv32; var #8: bv32; var #9: bv32; + var CF: bv1; var Gamma_#10: bool; var Gamma_#11: bool; var Gamma_#12: bool; @@ -283,6 +276,13 @@ implementation main() var Gamma_#7: bool; var Gamma_#8: bool; var Gamma_#9: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; lmain: assume {:captureState "lmain"} true; #4, Gamma_#4 := bvadd64(R31, 18446744073709551584bv64), Gamma_R31; @@ -361,7 +361,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#8, 1bv32), 0bv32), Gamma_#8; NF, Gamma_NF := bvadd32(#8, 1bv32)[32:31], Gamma_#8; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l0000064a_goto_l00000672, l0000064a_goto_l000005de; + goto l0000064a_goto_l000005de, l0000064a_goto_l00000672; l00000672: assume {:captureState "l00000672"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -371,7 +371,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#9, 1bv32), 0bv32), Gamma_#9; NF, Gamma_NF := bvadd32(#9, 1bv32)[32:31], Gamma_#9; assert Gamma_ZF; - goto l00000672_goto_l000006aa, l00000672_goto_l00000693; + goto l00000672_goto_l00000693, l00000672_goto_l000006aa; l00000693: assume {:captureState "l00000693"} true; R30, Gamma_R30 := 2340bv64, true; @@ -394,7 +394,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#10, 1bv32), 0bv32), Gamma_#10; NF, Gamma_NF := bvadd32(#10, 1bv32)[32:31], Gamma_#10; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l000006aa_goto_l000005de, l000006aa_goto_l000006d2; + goto l000006aa_goto_l000006d2, l000006aa_goto_l000005de; l000006d2: assume {:captureState "l000006d2"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -414,7 +414,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#12, 1bv32), 0bv32), Gamma_#12; NF, Gamma_NF := bvadd32(#12, 1bv32)[32:31], Gamma_#12; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l0000070a_goto_l00000732, l0000070a_goto_l000005de; + goto l0000070a_goto_l000005de, l0000070a_goto_l00000732; l00000732: assume {:captureState "l00000732"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -424,7 +424,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#13, 1bv32), 0bv32), Gamma_#13; NF, Gamma_NF := bvadd32(#13, 1bv32)[32:31], Gamma_#13; assert Gamma_ZF; - goto l00000732_goto_l00000753, l00000732_goto_l0000075f; + goto l00000732_goto_l0000075f, l00000732_goto_l00000753; l0000075f: assume {:captureState "l0000075f"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -464,7 +464,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#17, 1bv32), 0bv32), Gamma_#17; NF, Gamma_NF := bvadd32(#17, 1bv32)[32:31], Gamma_#17; assert Gamma_ZF; - goto l000007dc_goto_l00000810, l000007dc_goto_l000007fd; + goto l000007dc_goto_l000007fd, l000007dc_goto_l00000810; l000007fd: assume {:captureState "l000007fd"} true; R30, Gamma_R30 := 2312bv64, true; @@ -507,7 +507,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#18, 1bv32), 0bv32), Gamma_#18; NF, Gamma_NF := bvadd32(#18, 1bv32)[32:31], Gamma_#18; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l00000810_goto_l00000838, l00000810_goto_l000005de; + goto l00000810_goto_l000005de, l00000810_goto_l00000838; l00000838: assume {:captureState "l00000838"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -517,7 +517,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#19, 1bv32), 0bv32), Gamma_#19; NF, Gamma_NF := bvadd32(#19, 1bv32)[32:31], Gamma_#19; assert Gamma_ZF; - goto l00000838_goto_l00000859, l00000838_goto_l00000869; + goto l00000838_goto_l00000869, l00000838_goto_l00000859; l00000859: assume {:captureState "l00000859"} true; R30, Gamma_R30 := 2304bv64, true; @@ -568,7 +568,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#22, 1bv32), 0bv32), Gamma_#22; NF, Gamma_NF := bvadd32(#22, 1bv32)[32:31], Gamma_#22; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l000008c9_goto_l000005de, l000008c9_goto_l000008f1; + goto l000008c9_goto_l000008f1, l000008c9_goto_l000005de; l000008f1: assume {:captureState "l000008f1"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -578,7 +578,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#23, 1bv32), 0bv32), Gamma_#23; NF, Gamma_NF := bvadd32(#23, 1bv32)[32:31], Gamma_#23; assert Gamma_ZF; - goto l000008f1_goto_l00000922, l000008f1_goto_l00000912; + goto l000008f1_goto_l00000912, l000008f1_goto_l00000922; l00000922: assume {:captureState "l00000922"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -588,7 +588,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#24, 1bv32), 0bv32), Gamma_#24; NF, Gamma_NF := bvadd32(#24, 1bv32)[32:31], Gamma_#24; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l00000922_goto_l000005de, l00000922_goto_l0000094a; + goto l00000922_goto_l0000094a, l00000922_goto_l000005de; l0000094a: assume {:captureState "l0000094a"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); diff --git a/src/test/correct/malloc_memcpy_strlen_memset_free/gcc_O2/malloc_memcpy_strlen_memset_free.expected b/src/test/correct/malloc_memcpy_strlen_memset_free/gcc_O2/malloc_memcpy_strlen_memset_free.expected index a9323a45e..6b661768e 100644 --- a/src/test/correct/malloc_memcpy_strlen_memset_free/gcc_O2/malloc_memcpy_strlen_memset_free.expected +++ b/src/test/correct/malloc_memcpy_strlen_memset_free/gcc_O2/malloc_memcpy_strlen_memset_free.expected @@ -7,7 +7,6 @@ var {:extern} Gamma_R2: bool; var {:extern} Gamma_R20: bool; var {:extern} Gamma_R21: bool; var {:extern} Gamma_R29: bool; -var {:extern} Gamma_R3: bool; var {:extern} Gamma_R30: bool; var {:extern} Gamma_R31: bool; var {:extern} Gamma_malloc_base: [bv64]bool; @@ -24,7 +23,6 @@ var {:extern} R2: bv64; var {:extern} R20: bv64; var {:extern} R21: bv64; var {:extern} R29: bv64; -var {:extern} R3: bv64; var {:extern} R30: bv64; var {:extern} R31: bv64; var {:extern} malloc_base: [bv64]bv8; @@ -33,11 +31,11 @@ var {:extern} malloc_end: [bv64]bv8; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $buf_addr: bv64; -axiom ($buf_addr == 69672bv64); +axiom ($buf_addr == 131192bv64); const {:extern} $password_addr: bv64; -axiom ($password_addr == 69659bv64); +axiom ($password_addr == 131179bv64); const {:extern} $stext_addr: bv64; -axiom ($stext_addr == 69648bv64); +axiom ($stext_addr == 131168bv64); function {:extern} L(memory: [bv64]bv8, index: bv64) returns (bool) { false } @@ -84,10 +82,10 @@ procedure {:extern} rely(); free ensures (memory_load8_le(mem, 2473bv64) == 0bv8); free ensures (memory_load8_le(mem, 2474bv64) == 2bv8); free ensures (memory_load8_le(mem, 2475bv64) == 0bv8); - free ensures (memory_load64_le(mem, 68968bv64) == 2448bv64); - free ensures (memory_load64_le(mem, 68976bv64) == 2368bv64); - free ensures (memory_load64_le(mem, 69616bv64) == 1984bv64); - free ensures (memory_load64_le(mem, 69640bv64) == 69640bv64); + free ensures (memory_load64_le(mem, 130504bv64) == 2448bv64); + free ensures (memory_load64_le(mem, 130512bv64) == 2368bv64); + free ensures (memory_load64_le(mem, 131032bv64) == 1984bv64); + free ensures (memory_load64_le(mem, 131160bv64) == 131160bv64); procedure {:extern} rely_transitive(); modifies Gamma_mem, mem; @@ -105,25 +103,6 @@ procedure {:extern} rely_reflexive(); procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; -procedure __memcpy_chk(); - modifies Gamma_R16, Gamma_R17, R16, R17; - free requires (memory_load8_le(mem, 2472bv64) == 1bv8); - free requires (memory_load8_le(mem, 2473bv64) == 0bv8); - free requires (memory_load8_le(mem, 2474bv64) == 2bv8); - free requires (memory_load8_le(mem, 2475bv64) == 0bv8); - free requires (memory_load64_le(mem, 68968bv64) == 2448bv64); - free requires (memory_load64_le(mem, 68976bv64) == 2368bv64); - free requires (memory_load64_le(mem, 69616bv64) == 1984bv64); - free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); - free ensures (memory_load8_le(mem, 2472bv64) == 1bv8); - free ensures (memory_load8_le(mem, 2473bv64) == 0bv8); - free ensures (memory_load8_le(mem, 2474bv64) == 2bv8); - free ensures (memory_load8_le(mem, 2475bv64) == 0bv8); - free ensures (memory_load64_le(mem, 68968bv64) == 2448bv64); - free ensures (memory_load64_le(mem, 68976bv64) == 2368bv64); - free ensures (memory_load64_le(mem, 69616bv64) == 1984bv64); - free ensures (memory_load64_le(mem, 69640bv64) == 69640bv64); - procedure #free(); modifies Gamma_R16, Gamma_R17, R16, R17; requires (forall i : int, j: bv64 :: (malloc_base[i] == R0 && bvuge64(j, R0) && bvult64(j, malloc_end[i])) ==> Gamma_mem[j]); @@ -131,61 +110,61 @@ procedure #free(); free requires (memory_load8_le(mem, 2473bv64) == 0bv8); free requires (memory_load8_le(mem, 2474bv64) == 2bv8); free requires (memory_load8_le(mem, 2475bv64) == 0bv8); - free requires (memory_load64_le(mem, 68968bv64) == 2448bv64); - free requires (memory_load64_le(mem, 68976bv64) == 2368bv64); - free requires (memory_load64_le(mem, 69616bv64) == 1984bv64); - free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); + free requires (memory_load64_le(mem, 130504bv64) == 2448bv64); + free requires (memory_load64_le(mem, 130512bv64) == 2368bv64); + free requires (memory_load64_le(mem, 131032bv64) == 1984bv64); + free requires (memory_load64_le(mem, 131160bv64) == 131160bv64); free ensures (memory_load8_le(mem, 2472bv64) == 1bv8); free ensures (memory_load8_le(mem, 2473bv64) == 0bv8); free ensures (memory_load8_le(mem, 2474bv64) == 2bv8); free ensures (memory_load8_le(mem, 2475bv64) == 0bv8); - free ensures (memory_load64_le(mem, 68968bv64) == 2448bv64); - free ensures (memory_load64_le(mem, 68976bv64) == 2368bv64); - free ensures (memory_load64_le(mem, 69616bv64) == 1984bv64); - free ensures (memory_load64_le(mem, 69640bv64) == 69640bv64); + free ensures (memory_load64_le(mem, 130504bv64) == 2448bv64); + free ensures (memory_load64_le(mem, 130512bv64) == 2368bv64); + free ensures (memory_load64_le(mem, 131032bv64) == 1984bv64); + free ensures (memory_load64_le(mem, 131160bv64) == 131160bv64); procedure main(); - modifies Gamma_R0, Gamma_R1, Gamma_R16, Gamma_R17, Gamma_R19, Gamma_R2, Gamma_R20, Gamma_R21, Gamma_R29, Gamma_R3, Gamma_R30, Gamma_R31, Gamma_malloc_base, Gamma_malloc_count, Gamma_malloc_end, Gamma_mem, Gamma_stack, R0, R1, R16, R17, R19, R2, R20, R21, R29, R3, R30, R31, malloc_base, malloc_count, malloc_end, mem, stack; + modifies Gamma_R0, Gamma_R1, Gamma_R16, Gamma_R17, Gamma_R19, Gamma_R2, Gamma_R20, Gamma_R21, Gamma_R29, Gamma_R30, Gamma_R31, Gamma_malloc_base, Gamma_malloc_count, Gamma_malloc_end, Gamma_mem, Gamma_stack, R0, R1, R16, R17, R19, R2, R20, R21, R29, R30, R31, malloc_base, malloc_count, malloc_end, mem, stack; requires (gamma_load8(Gamma_mem, $password_addr) == false); requires malloc_count == 0; requires gamma_load32(Gamma_mem, memory_load64_le(mem, $stext_addr)); requires R31 == 100bv64; - free requires (memory_load8_le(mem, 69632bv64) == 0bv8); - free requires (memory_load8_le(mem, 69633bv64) == 0bv8); - free requires (memory_load8_le(mem, 69634bv64) == 0bv8); - free requires (memory_load8_le(mem, 69635bv64) == 0bv8); - free requires (memory_load8_le(mem, 69636bv64) == 0bv8); - free requires (memory_load8_le(mem, 69637bv64) == 0bv8); - free requires (memory_load8_le(mem, 69638bv64) == 0bv8); - free requires (memory_load8_le(mem, 69639bv64) == 0bv8); - free requires (memory_load8_le(mem, 69640bv64) == 8bv8); - free requires (memory_load8_le(mem, 69641bv64) == 16bv8); - free requires (memory_load8_le(mem, 69642bv64) == 1bv8); - free requires (memory_load8_le(mem, 69643bv64) == 0bv8); - free requires (memory_load8_le(mem, 69644bv64) == 0bv8); - free requires (memory_load8_le(mem, 69645bv64) == 0bv8); - free requires (memory_load8_le(mem, 69646bv64) == 0bv8); - free requires (memory_load8_le(mem, 69647bv64) == 0bv8); - free requires (memory_load8_le(mem, 69648bv64) == 117bv8); - free requires (memory_load8_le(mem, 69649bv64) == 115bv8); - free requires (memory_load8_le(mem, 69650bv64) == 101bv8); - free requires (memory_load8_le(mem, 69651bv64) == 114bv8); - free requires (memory_load8_le(mem, 69652bv64) == 58bv8); - free requires (memory_load8_le(mem, 69653bv64) == 112bv8); - free requires (memory_load8_le(mem, 69654bv64) == 97bv8); - free requires (memory_load8_le(mem, 69655bv64) == 115bv8); - free requires (memory_load8_le(mem, 69656bv64) == 115bv8); - free requires (memory_load8_le(mem, 69657bv64) == 0bv8); - free requires (memory_load8_le(mem, 69658bv64) == 0bv8); - free requires (memory_load8_le(mem, 69659bv64) == 7bv8); + free requires (memory_load8_le(mem, 131152bv64) == 0bv8); + free requires (memory_load8_le(mem, 131153bv64) == 0bv8); + free requires (memory_load8_le(mem, 131154bv64) == 0bv8); + free requires (memory_load8_le(mem, 131155bv64) == 0bv8); + free requires (memory_load8_le(mem, 131156bv64) == 0bv8); + free requires (memory_load8_le(mem, 131157bv64) == 0bv8); + free requires (memory_load8_le(mem, 131158bv64) == 0bv8); + free requires (memory_load8_le(mem, 131159bv64) == 0bv8); + free requires (memory_load8_le(mem, 131160bv64) == 88bv8); + free requires (memory_load8_le(mem, 131161bv64) == 0bv8); + free requires (memory_load8_le(mem, 131162bv64) == 2bv8); + free requires (memory_load8_le(mem, 131163bv64) == 0bv8); + free requires (memory_load8_le(mem, 131164bv64) == 0bv8); + free requires (memory_load8_le(mem, 131165bv64) == 0bv8); + free requires (memory_load8_le(mem, 131166bv64) == 0bv8); + free requires (memory_load8_le(mem, 131167bv64) == 0bv8); + free requires (memory_load8_le(mem, 131168bv64) == 117bv8); + free requires (memory_load8_le(mem, 131169bv64) == 115bv8); + free requires (memory_load8_le(mem, 131170bv64) == 101bv8); + free requires (memory_load8_le(mem, 131171bv64) == 114bv8); + free requires (memory_load8_le(mem, 131172bv64) == 58bv8); + free requires (memory_load8_le(mem, 131173bv64) == 112bv8); + free requires (memory_load8_le(mem, 131174bv64) == 97bv8); + free requires (memory_load8_le(mem, 131175bv64) == 115bv8); + free requires (memory_load8_le(mem, 131176bv64) == 115bv8); + free requires (memory_load8_le(mem, 131177bv64) == 0bv8); + free requires (memory_load8_le(mem, 131178bv64) == 0bv8); + free requires (memory_load8_le(mem, 131179bv64) == 7bv8); free requires (memory_load8_le(mem, 2472bv64) == 1bv8); free requires (memory_load8_le(mem, 2473bv64) == 0bv8); free requires (memory_load8_le(mem, 2474bv64) == 2bv8); free requires (memory_load8_le(mem, 2475bv64) == 0bv8); - free requires (memory_load64_le(mem, 68968bv64) == 2448bv64); - free requires (memory_load64_le(mem, 68976bv64) == 2368bv64); - free requires (memory_load64_le(mem, 69616bv64) == 1984bv64); - free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); + free requires (memory_load64_le(mem, 130504bv64) == 2448bv64); + free requires (memory_load64_le(mem, 130512bv64) == 2368bv64); + free requires (memory_load64_le(mem, 131032bv64) == 1984bv64); + free requires (memory_load64_le(mem, 131160bv64) == 131160bv64); free ensures (Gamma_R19 == old(Gamma_R19)); free ensures (Gamma_R20 == old(Gamma_R20)); free ensures (Gamma_R21 == old(Gamma_R21)); @@ -200,10 +179,10 @@ procedure main(); free ensures (memory_load8_le(mem, 2473bv64) == 0bv8); free ensures (memory_load8_le(mem, 2474bv64) == 2bv8); free ensures (memory_load8_le(mem, 2475bv64) == 0bv8); - free ensures (memory_load64_le(mem, 68968bv64) == 2448bv64); - free ensures (memory_load64_le(mem, 68976bv64) == 2368bv64); - free ensures (memory_load64_le(mem, 69616bv64) == 1984bv64); - free ensures (memory_load64_le(mem, 69640bv64) == 69640bv64); + free ensures (memory_load64_le(mem, 130504bv64) == 2448bv64); + free ensures (memory_load64_le(mem, 130512bv64) == 2368bv64); + free ensures (memory_load64_le(mem, 131032bv64) == 1984bv64); + free ensures (memory_load64_le(mem, 131160bv64) == 131160bv64); implementation main() { @@ -217,80 +196,79 @@ implementation main() assume {:captureState "lmain"} true; #1, Gamma_#1 := bvadd64(R31, 18446744073709551568bv64), Gamma_R31; stack, Gamma_stack := memory_store64_le(stack, #1, R29), gamma_store64(Gamma_stack, #1, Gamma_R29); - assume {:captureState "%00000232"} true; + assume {:captureState "%00000233"} true; stack, Gamma_stack := memory_store64_le(stack, bvadd64(#1, 8bv64), R30), gamma_store64(Gamma_stack, bvadd64(#1, 8bv64), Gamma_R30); - assume {:captureState "%00000238"} true; + assume {:captureState "%00000239"} true; R31, Gamma_R31 := #1, Gamma_#1; R0, Gamma_R0 := 11bv64, true; R29, Gamma_R29 := R31, Gamma_R31; stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 32bv64), R21), gamma_store64(Gamma_stack, bvadd64(R31, 32bv64), Gamma_R21); - assume {:captureState "%0000024f"} true; - R21, Gamma_R21 := 69632bv64, true; + assume {:captureState "%00000250"} true; + R21, Gamma_R21 := 131072bv64, true; #2, Gamma_#2 := bvadd64(R31, 16bv64), Gamma_R31; stack, Gamma_stack := memory_store64_le(stack, #2, R19), gamma_store64(Gamma_stack, #2, Gamma_R19); - assume {:captureState "%00000260"} true; + assume {:captureState "%00000261"} true; stack, Gamma_stack := memory_store64_le(stack, bvadd64(#2, 8bv64), R20), gamma_store64(Gamma_stack, bvadd64(#2, 8bv64), Gamma_R20); - assume {:captureState "%00000266"} true; + assume {:captureState "%00000267"} true; R30, Gamma_R30 := 2012bv64, true; call malloc(); - goto l00000270; - l00000270: - assume {:captureState "l00000270"} true; - R20, Gamma_R20 := 69632bv64, true; - R20, Gamma_R20 := bvadd64(R20, 16bv64), Gamma_R20; + goto l00000271; + l00000271: + assume {:captureState "l00000271"} true; + R20, Gamma_R20 := 131072bv64, true; + R20, Gamma_R20 := bvadd64(R20, 96bv64), Gamma_R20; R19, Gamma_R19 := R0, Gamma_R0; R0, Gamma_R0 := R20, Gamma_R20; call rely(); - assert (L(mem, bvadd64(R21, 40bv64)) ==> Gamma_R19); - mem, Gamma_mem := memory_store64_le(mem, bvadd64(R21, 40bv64), R19), gamma_store64(Gamma_mem, bvadd64(R21, 40bv64), Gamma_R19); - assume {:captureState "%0000028d"} true; + assert (L(mem, bvadd64(R21, 120bv64)) ==> Gamma_R19); + mem, Gamma_mem := memory_store64_le(mem, bvadd64(R21, 120bv64), R19), gamma_store64(Gamma_mem, bvadd64(R21, 120bv64), Gamma_R19); + assume {:captureState "%0000028e"} true; R30, Gamma_R30 := 2036bv64, true; call strlen(); - goto l00000297; - l00000297: - assume {:captureState "l00000297"} true; + goto l00000298; + l00000298: + assume {:captureState "l00000298"} true; R2, Gamma_R2 := R0, Gamma_R0; R1, Gamma_R1 := R20, Gamma_R20; - R3, Gamma_R3 := 11bv64, true; R0, Gamma_R0 := R19, Gamma_R19; - R30, Gamma_R30 := 2056bv64, true; - call __memcpy_chk(); - goto l000002b6; - l000002b6: - assume {:captureState "l000002b6"} true; + R30, Gamma_R30 := 2052bv64, true; + call memcpy(); + goto l000002b2; + l000002b2: + assume {:captureState "l000002b2"} true; R0, Gamma_R0 := R19, Gamma_R19; - R30, Gamma_R30 := 2064bv64, true; + R30, Gamma_R30 := 2060bv64, true; call puts(); - goto l000002c4; - l000002c4: - assume {:captureState "l000002c4"} true; + goto l000002c0; + l000002c0: + assume {:captureState "l000002c0"} true; call rely(); - R19, Gamma_R19 := memory_load64_le(mem, bvadd64(R21, 40bv64)), (gamma_load64(Gamma_mem, bvadd64(R21, 40bv64)) || L(mem, bvadd64(R21, 40bv64))); + R19, Gamma_R19 := memory_load64_le(mem, bvadd64(R21, 120bv64)), (gamma_load64(Gamma_mem, bvadd64(R21, 120bv64)) || L(mem, bvadd64(R21, 120bv64))); R0, Gamma_R0 := R19, Gamma_R19; - R30, Gamma_R30 := 2076bv64, true; + R30, Gamma_R30 := 2072bv64, true; call strlen(); - goto l000002d8; - l000002d8: - assume {:captureState "l000002d8"} true; + goto l000002d4; + l000002d4: + assume {:captureState "l000002d4"} true; R1, Gamma_R1 := 1bv64, true; R2, Gamma_R2 := R0, Gamma_R0; R0, Gamma_R0 := R19, Gamma_R19; - R30, Gamma_R30 := 2092bv64, true; + R30, Gamma_R30 := 2088bv64, true; call memset(); - goto l000002f1; - l000002f1: - assume {:captureState "l000002f1"} true; + goto l000002ed; + l000002ed: + assume {:captureState "l000002ed"} true; call rely(); - R0, Gamma_R0 := memory_load64_le(mem, bvadd64(R21, 40bv64)), (gamma_load64(Gamma_mem, bvadd64(R21, 40bv64)) || L(mem, bvadd64(R21, 40bv64))); - R30, Gamma_R30 := 2100bv64, true; + R0, Gamma_R0 := memory_load64_le(mem, bvadd64(R21, 120bv64)), (gamma_load64(Gamma_mem, bvadd64(R21, 120bv64)) || L(mem, bvadd64(R21, 120bv64))); + R30, Gamma_R30 := 2096bv64, true; call #free(); - goto l00000300; - l00000300: - assume {:captureState "l00000300"} true; - R0, Gamma_R0 := 0bv64, true; + goto l000002fc; + l000002fc: + assume {:captureState "l000002fc"} true; #3, Gamma_#3 := bvadd64(R31, 16bv64), Gamma_R31; R19, Gamma_R19 := memory_load64_le(stack, #3), gamma_load64(Gamma_stack, #3); R20, Gamma_R20 := memory_load64_le(stack, bvadd64(#3, 8bv64)), gamma_load64(Gamma_stack, bvadd64(#3, 8bv64)); + R0, Gamma_R0 := 0bv64, true; R21, Gamma_R21 := memory_load64_le(stack, bvadd64(R31, 32bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 32bv64)); R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); @@ -309,10 +287,10 @@ procedure malloc(); free requires (memory_load8_le(mem, 2473bv64) == 0bv8); free requires (memory_load8_le(mem, 2474bv64) == 2bv8); free requires (memory_load8_le(mem, 2475bv64) == 0bv8); - free requires (memory_load64_le(mem, 68968bv64) == 2448bv64); - free requires (memory_load64_le(mem, 68976bv64) == 2368bv64); - free requires (memory_load64_le(mem, 69616bv64) == 1984bv64); - free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); + free requires (memory_load64_le(mem, 130504bv64) == 2448bv64); + free requires (memory_load64_le(mem, 130512bv64) == 2368bv64); + free requires (memory_load64_le(mem, 131032bv64) == 1984bv64); + free requires (memory_load64_le(mem, 131160bv64) == 131160bv64); ensures Gamma_R0 == true; ensures malloc_count == old(malloc_count) + 1; ensures bvugt64(malloc_end[malloc_count], malloc_base[malloc_count]); @@ -326,10 +304,31 @@ procedure malloc(); free ensures (memory_load8_le(mem, 2473bv64) == 0bv8); free ensures (memory_load8_le(mem, 2474bv64) == 2bv8); free ensures (memory_load8_le(mem, 2475bv64) == 0bv8); - free ensures (memory_load64_le(mem, 68968bv64) == 2448bv64); - free ensures (memory_load64_le(mem, 68976bv64) == 2368bv64); - free ensures (memory_load64_le(mem, 69616bv64) == 1984bv64); - free ensures (memory_load64_le(mem, 69640bv64) == 69640bv64); + free ensures (memory_load64_le(mem, 130504bv64) == 2448bv64); + free ensures (memory_load64_le(mem, 130512bv64) == 2368bv64); + free ensures (memory_load64_le(mem, 131032bv64) == 1984bv64); + free ensures (memory_load64_le(mem, 131160bv64) == 131160bv64); + +procedure memcpy(); + modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + free requires (memory_load8_le(mem, 2472bv64) == 1bv8); + free requires (memory_load8_le(mem, 2473bv64) == 0bv8); + free requires (memory_load8_le(mem, 2474bv64) == 2bv8); + free requires (memory_load8_le(mem, 2475bv64) == 0bv8); + free requires (memory_load64_le(mem, 130504bv64) == 2448bv64); + free requires (memory_load64_le(mem, 130512bv64) == 2368bv64); + free requires (memory_load64_le(mem, 131032bv64) == 1984bv64); + free requires (memory_load64_le(mem, 131160bv64) == 131160bv64); + ensures (forall i: bv64 :: (Gamma_mem[i] == if (bvule64(R0, i) && bvult64(i, bvadd64(R0, R2))) then gamma_load8((Gamma_mem), bvadd64(bvsub64(i, R0), R1)) else old(gamma_load8(Gamma_mem, i)))); + ensures (forall i: bv64 :: (mem[i] == if (bvule64(R0, i) && bvult64(i,bvadd64(R0, R2))) then memory_load8_le((mem), bvadd64(bvsub64(i, R0), R1)) else old(memory_load8_le(mem, i)))); + free ensures (memory_load8_le(mem, 2472bv64) == 1bv8); + free ensures (memory_load8_le(mem, 2473bv64) == 0bv8); + free ensures (memory_load8_le(mem, 2474bv64) == 2bv8); + free ensures (memory_load8_le(mem, 2475bv64) == 0bv8); + free ensures (memory_load64_le(mem, 130504bv64) == 2448bv64); + free ensures (memory_load64_le(mem, 130512bv64) == 2368bv64); + free ensures (memory_load64_le(mem, 131032bv64) == 1984bv64); + free ensures (memory_load64_le(mem, 131160bv64) == 131160bv64); procedure memset(); modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; @@ -338,10 +337,10 @@ procedure memset(); free requires (memory_load8_le(mem, 2473bv64) == 0bv8); free requires (memory_load8_le(mem, 2474bv64) == 2bv8); free requires (memory_load8_le(mem, 2475bv64) == 0bv8); - free requires (memory_load64_le(mem, 68968bv64) == 2448bv64); - free requires (memory_load64_le(mem, 68976bv64) == 2368bv64); - free requires (memory_load64_le(mem, 69616bv64) == 1984bv64); - free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); + free requires (memory_load64_le(mem, 130504bv64) == 2448bv64); + free requires (memory_load64_le(mem, 130512bv64) == 2368bv64); + free requires (memory_load64_le(mem, 131032bv64) == 1984bv64); + free requires (memory_load64_le(mem, 131160bv64) == 131160bv64); ensures ((memory_load64_le(mem, $buf_addr) == old(memory_load64_le(mem, $buf_addr))) && (memory_load8_le(mem, $password_addr) == old(memory_load8_le(mem, $password_addr)))); ensures (forall i: bv64 :: (Gamma_mem[i] == if (bvule64(R0, i) && bvult64(i,bvadd64(R0, R2))) then Gamma_R1 else old(gamma_load8(Gamma_mem, i)))); ensures (forall i: bv64 :: (mem[i] == if (bvule64(R0, i) && bvult64(i,bvadd64(R0, R2))) then R1[8:0] else old(memory_load8_le(mem, i)))); @@ -349,10 +348,10 @@ procedure memset(); free ensures (memory_load8_le(mem, 2473bv64) == 0bv8); free ensures (memory_load8_le(mem, 2474bv64) == 2bv8); free ensures (memory_load8_le(mem, 2475bv64) == 0bv8); - free ensures (memory_load64_le(mem, 68968bv64) == 2448bv64); - free ensures (memory_load64_le(mem, 68976bv64) == 2368bv64); - free ensures (memory_load64_le(mem, 69616bv64) == 1984bv64); - free ensures (memory_load64_le(mem, 69640bv64) == 69640bv64); + free ensures (memory_load64_le(mem, 130504bv64) == 2448bv64); + free ensures (memory_load64_le(mem, 130512bv64) == 2368bv64); + free ensures (memory_load64_le(mem, 131032bv64) == 1984bv64); + free ensures (memory_load64_le(mem, 131160bv64) == 131160bv64); procedure puts(); modifies Gamma_R16, Gamma_R17, R16, R17; @@ -360,18 +359,18 @@ procedure puts(); free requires (memory_load8_le(mem, 2473bv64) == 0bv8); free requires (memory_load8_le(mem, 2474bv64) == 2bv8); free requires (memory_load8_le(mem, 2475bv64) == 0bv8); - free requires (memory_load64_le(mem, 68968bv64) == 2448bv64); - free requires (memory_load64_le(mem, 68976bv64) == 2368bv64); - free requires (memory_load64_le(mem, 69616bv64) == 1984bv64); - free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); + free requires (memory_load64_le(mem, 130504bv64) == 2448bv64); + free requires (memory_load64_le(mem, 130512bv64) == 2368bv64); + free requires (memory_load64_le(mem, 131032bv64) == 1984bv64); + free requires (memory_load64_le(mem, 131160bv64) == 131160bv64); free ensures (memory_load8_le(mem, 2472bv64) == 1bv8); free ensures (memory_load8_le(mem, 2473bv64) == 0bv8); free ensures (memory_load8_le(mem, 2474bv64) == 2bv8); free ensures (memory_load8_le(mem, 2475bv64) == 0bv8); - free ensures (memory_load64_le(mem, 68968bv64) == 2448bv64); - free ensures (memory_load64_le(mem, 68976bv64) == 2368bv64); - free ensures (memory_load64_le(mem, 69616bv64) == 1984bv64); - free ensures (memory_load64_le(mem, 69640bv64) == 69640bv64); + free ensures (memory_load64_le(mem, 130504bv64) == 2448bv64); + free ensures (memory_load64_le(mem, 130512bv64) == 2368bv64); + free ensures (memory_load64_le(mem, 131032bv64) == 1984bv64); + free ensures (memory_load64_le(mem, 131160bv64) == 131160bv64); procedure strlen(); modifies Gamma_R0, Gamma_R16, Gamma_R17, R0, R16, R17; @@ -379,10 +378,10 @@ procedure strlen(); free requires (memory_load8_le(mem, 2473bv64) == 0bv8); free requires (memory_load8_le(mem, 2474bv64) == 2bv8); free requires (memory_load8_le(mem, 2475bv64) == 0bv8); - free requires (memory_load64_le(mem, 68968bv64) == 2448bv64); - free requires (memory_load64_le(mem, 68976bv64) == 2368bv64); - free requires (memory_load64_le(mem, 69616bv64) == 1984bv64); - free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); + free requires (memory_load64_le(mem, 130504bv64) == 2448bv64); + free requires (memory_load64_le(mem, 130512bv64) == 2368bv64); + free requires (memory_load64_le(mem, 131032bv64) == 1984bv64); + free requires (memory_load64_le(mem, 131160bv64) == 131160bv64); ensures Gamma_R0 == true; ensures (forall i: bv64 :: (bvule64(old(R0), i)) && (bvult64(i, bvadd64(old(R0), R0))) ==> mem[i] != 0bv8); ensures (memory_load8_le(mem, bvadd64(old(R0), R0)) == 0bv8); @@ -391,8 +390,8 @@ procedure strlen(); free ensures (memory_load8_le(mem, 2473bv64) == 0bv8); free ensures (memory_load8_le(mem, 2474bv64) == 2bv8); free ensures (memory_load8_le(mem, 2475bv64) == 0bv8); - free ensures (memory_load64_le(mem, 68968bv64) == 2448bv64); - free ensures (memory_load64_le(mem, 68976bv64) == 2368bv64); - free ensures (memory_load64_le(mem, 69616bv64) == 1984bv64); - free ensures (memory_load64_le(mem, 69640bv64) == 69640bv64); + free ensures (memory_load64_le(mem, 130504bv64) == 2448bv64); + free ensures (memory_load64_le(mem, 130512bv64) == 2368bv64); + free ensures (memory_load64_le(mem, 131032bv64) == 1984bv64); + free ensures (memory_load64_le(mem, 131160bv64) == 131160bv64); diff --git a/src/test/correct/nestedif/clang/nestedif.expected b/src/test/correct/nestedif/clang/nestedif.expected index d5aeae0de..ab32e4390 100644 --- a/src/test/correct/nestedif/clang/nestedif.expected +++ b/src/test/correct/nestedif/clang/nestedif.expected @@ -1,19 +1,11 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; var {:extern} Gamma_R8: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; var {:extern} R8: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $_IO_stdin_used_addr: bv64; @@ -82,7 +74,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_R8, Gamma_VF, Gamma_ZF, Gamma_stack, NF, R0, R31, R8, VF, ZF, stack; + modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_stack, R0, R31, R8, stack; free requires (memory_load64_le(mem, 69664bv64) == 0bv64); free requires (memory_load64_le(mem, 69672bv64) == 69672bv64); free requires (memory_load8_le(mem, 1968bv64) == 1bv8); @@ -109,9 +101,17 @@ implementation main() var #4: bv32; var #5: bv32; var #6: bv32; + var CF: bv1; var Gamma_#4: bool; var Gamma_#5: bool; var Gamma_#6: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; @@ -130,7 +130,7 @@ implementation main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l00000379, lmain_goto_l0000037c; + goto lmain_goto_l0000037c, lmain_goto_l00000379; l0000037c: assume {:captureState "l0000037c"} true; R8, Gamma_R8 := 1bv64, true; @@ -142,7 +142,7 @@ implementation main() l0000037f: assume {:captureState "l0000037f"} true; assert Gamma_R8; - goto l0000037f_goto_l00000387, l0000037f_goto_l00000442; + goto l0000037f_goto_l00000442, l0000037f_goto_l00000387; l00000387: assume {:captureState "l00000387"} true; R8, Gamma_R8 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); @@ -153,7 +153,7 @@ implementation main() NF, Gamma_NF := bvadd32(#5, 1bv32)[32:31], Gamma_#5; R8, Gamma_R8 := zero_extend32_32(bvadd32(#5, 1bv32)), Gamma_#5; assert Gamma_ZF; - goto l00000387_goto_l000003b2, l00000387_goto_l000003b5; + goto l00000387_goto_l000003b5, l00000387_goto_l000003b2; l000003b5: assume {:captureState "l000003b5"} true; R8, Gamma_R8 := 1bv64, true; @@ -165,7 +165,7 @@ implementation main() l000003b8: assume {:captureState "l000003b8"} true; assert Gamma_R8; - goto l000003b8_goto_l0000042d, l000003b8_goto_l000003c0; + goto l000003b8_goto_l000003c0, l000003b8_goto_l0000042d; l000003c0: assume {:captureState "l000003c0"} true; R8, Gamma_R8 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); diff --git a/src/test/correct/nestedif/clang_no_plt_no_pic/nestedif.expected b/src/test/correct/nestedif/clang_no_plt_no_pic/nestedif.expected index 8c1596351..4f0bf3c3b 100644 --- a/src/test/correct/nestedif/clang_no_plt_no_pic/nestedif.expected +++ b/src/test/correct/nestedif/clang_no_plt_no_pic/nestedif.expected @@ -1,19 +1,11 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; var {:extern} Gamma_R8: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; var {:extern} R8: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $_IO_stdin_used_addr: bv64; @@ -82,7 +74,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_R8, Gamma_VF, Gamma_ZF, Gamma_stack, NF, R0, R31, R8, VF, ZF, stack; + modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_stack, R0, R31, R8, stack; free requires (memory_load64_le(mem, 69664bv64) == 0bv64); free requires (memory_load64_le(mem, 69672bv64) == 69672bv64); free requires (memory_load8_le(mem, 1968bv64) == 1bv8); @@ -109,9 +101,17 @@ implementation main() var #4: bv32; var #5: bv32; var #6: bv32; + var CF: bv1; var Gamma_#4: bool; var Gamma_#5: bool; var Gamma_#6: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; @@ -142,7 +142,7 @@ implementation main() l00000ab0: assume {:captureState "l00000ab0"} true; assert Gamma_R8; - goto l00000ab0_goto_l00000ab8, l00000ab0_goto_l00000b73; + goto l00000ab0_goto_l00000b73, l00000ab0_goto_l00000ab8; l00000ab8: assume {:captureState "l00000ab8"} true; R8, Gamma_R8 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); @@ -176,7 +176,7 @@ implementation main() NF, Gamma_NF := bvadd32(#6, 1bv32)[32:31], Gamma_#6; R8, Gamma_R8 := zero_extend32_32(bvadd32(#6, 1bv32)), Gamma_#6; assert Gamma_ZF; - goto l00000af1_goto_l00000b1f, l00000af1_goto_l00000b1c; + goto l00000af1_goto_l00000b1c, l00000af1_goto_l00000b1f; l00000b1f: assume {:captureState "l00000b1f"} true; R8, Gamma_R8 := 1bv64, true; @@ -188,7 +188,7 @@ implementation main() l00000b22: assume {:captureState "l00000b22"} true; assert Gamma_R8; - goto l00000b22_goto_l00000b2a, l00000b22_goto_l00000b49; + goto l00000b22_goto_l00000b49, l00000b22_goto_l00000b2a; l00000b49: assume {:captureState "l00000b49"} true; goto l00000b4a; diff --git a/src/test/correct/nestedif/clang_pic/nestedif.expected b/src/test/correct/nestedif/clang_pic/nestedif.expected index 8bc2d9fb7..4f0bf3c3b 100644 --- a/src/test/correct/nestedif/clang_pic/nestedif.expected +++ b/src/test/correct/nestedif/clang_pic/nestedif.expected @@ -1,19 +1,11 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; var {:extern} Gamma_R8: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; var {:extern} R8: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $_IO_stdin_used_addr: bv64; @@ -82,7 +74,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_R8, Gamma_VF, Gamma_ZF, Gamma_stack, NF, R0, R31, R8, VF, ZF, stack; + modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_stack, R0, R31, R8, stack; free requires (memory_load64_le(mem, 69664bv64) == 0bv64); free requires (memory_load64_le(mem, 69672bv64) == 69672bv64); free requires (memory_load8_le(mem, 1968bv64) == 1bv8); @@ -109,9 +101,17 @@ implementation main() var #4: bv32; var #5: bv32; var #6: bv32; + var CF: bv1; var Gamma_#4: bool; var Gamma_#5: bool; var Gamma_#6: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; @@ -130,7 +130,7 @@ implementation main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l00000aad, lmain_goto_l00000aaa; + goto lmain_goto_l00000aaa, lmain_goto_l00000aad; l00000aad: assume {:captureState "l00000aad"} true; R8, Gamma_R8 := 1bv64, true; @@ -165,7 +165,7 @@ implementation main() l00000ae9: assume {:captureState "l00000ae9"} true; assert Gamma_R8; - goto l00000ae9_goto_l00000b5e, l00000ae9_goto_l00000af1; + goto l00000ae9_goto_l00000af1, l00000ae9_goto_l00000b5e; l00000af1: assume {:captureState "l00000af1"} true; R8, Gamma_R8 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); @@ -176,7 +176,7 @@ implementation main() NF, Gamma_NF := bvadd32(#6, 1bv32)[32:31], Gamma_#6; R8, Gamma_R8 := zero_extend32_32(bvadd32(#6, 1bv32)), Gamma_#6; assert Gamma_ZF; - goto l00000af1_goto_l00000b1f, l00000af1_goto_l00000b1c; + goto l00000af1_goto_l00000b1c, l00000af1_goto_l00000b1f; l00000b1f: assume {:captureState "l00000b1f"} true; R8, Gamma_R8 := 1bv64, true; @@ -188,7 +188,7 @@ implementation main() l00000b22: assume {:captureState "l00000b22"} true; assert Gamma_R8; - goto l00000b22_goto_l00000b2a, l00000b22_goto_l00000b49; + goto l00000b22_goto_l00000b49, l00000b22_goto_l00000b2a; l00000b49: assume {:captureState "l00000b49"} true; goto l00000b4a; diff --git a/src/test/correct/nestedif/gcc/nestedif.expected b/src/test/correct/nestedif/gcc/nestedif.expected index a60501655..27090aae3 100644 --- a/src/test/correct/nestedif/gcc/nestedif.expected +++ b/src/test/correct/nestedif/gcc/nestedif.expected @@ -1,17 +1,9 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $_IO_stdin_used_addr: bv64; @@ -80,7 +72,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_VF, Gamma_ZF, Gamma_stack, NF, R0, R31, VF, ZF, stack; + modifies Gamma_R0, Gamma_R31, Gamma_stack, R0, R31, stack; free requires (memory_load64_le(mem, 69632bv64) == 0bv64); free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); free requires (memory_load8_le(mem, 1928bv64) == 1bv8); @@ -107,9 +99,17 @@ implementation main() var #4: bv32; var #5: bv32; var #6: bv32; + var CF: bv1; var Gamma_#4: bool; var Gamma_#5: bool; var Gamma_#6: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; @@ -125,7 +125,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#4, 1bv32), 0bv32), Gamma_#4; NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l000003c4, lmain_goto_l00000345; + goto lmain_goto_l00000345, lmain_goto_l000003c4; l00000345: assume {:captureState "l00000345"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); @@ -135,7 +135,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#5, 1bv32), 0bv32), Gamma_#5; NF, Gamma_NF := bvadd32(#5, 1bv32)[32:31], Gamma_#5; assert Gamma_ZF; - goto l00000345_goto_l000003b3, l00000345_goto_l0000036b; + goto l00000345_goto_l0000036b, l00000345_goto_l000003b3; l0000036b: assume {:captureState "l0000036b"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); @@ -145,7 +145,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#6, 1bv32), 0bv32), Gamma_#6; NF, Gamma_NF := bvadd32(#6, 1bv32)[32:31], Gamma_#6; assert Gamma_ZF; - goto l0000036b_goto_l00000391, l0000036b_goto_l000003a6; + goto l0000036b_goto_l000003a6, l0000036b_goto_l00000391; l000003a6: assume {:captureState "l000003a6"} true; R0, Gamma_R0 := 7bv64, true; diff --git a/src/test/correct/nestedif/gcc_no_plt_no_pic/nestedif.expected b/src/test/correct/nestedif/gcc_no_plt_no_pic/nestedif.expected index 64fd4e1f3..930878b90 100644 --- a/src/test/correct/nestedif/gcc_no_plt_no_pic/nestedif.expected +++ b/src/test/correct/nestedif/gcc_no_plt_no_pic/nestedif.expected @@ -1,17 +1,9 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $_IO_stdin_used_addr: bv64; @@ -80,7 +72,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_VF, Gamma_ZF, Gamma_stack, NF, R0, R31, VF, ZF, stack; + modifies Gamma_R0, Gamma_R31, Gamma_stack, R0, R31, stack; free requires (memory_load64_le(mem, 69632bv64) == 0bv64); free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); free requires (memory_load8_le(mem, 1928bv64) == 1bv8); @@ -107,9 +99,17 @@ implementation main() var #4: bv32; var #5: bv32; var #6: bv32; + var CF: bv1; var Gamma_#4: bool; var Gamma_#5: bool; var Gamma_#6: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; diff --git a/src/test/correct/nestedif/gcc_pic/nestedif.expected b/src/test/correct/nestedif/gcc_pic/nestedif.expected index 4d193b516..930878b90 100644 --- a/src/test/correct/nestedif/gcc_pic/nestedif.expected +++ b/src/test/correct/nestedif/gcc_pic/nestedif.expected @@ -1,17 +1,9 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $_IO_stdin_used_addr: bv64; @@ -80,7 +72,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_VF, Gamma_ZF, Gamma_stack, NF, R0, R31, VF, ZF, stack; + modifies Gamma_R0, Gamma_R31, Gamma_stack, R0, R31, stack; free requires (memory_load64_le(mem, 69632bv64) == 0bv64); free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); free requires (memory_load8_le(mem, 1928bv64) == 1bv8); @@ -107,9 +99,17 @@ implementation main() var #4: bv32; var #5: bv32; var #6: bv32; + var CF: bv1; var Gamma_#4: bool; var Gamma_#5: bool; var Gamma_#6: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; @@ -135,7 +135,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#5, 1bv32), 0bv32), Gamma_#5; NF, Gamma_NF := bvadd32(#5, 1bv32)[32:31], Gamma_#5; assert Gamma_ZF; - goto l000009e1_goto_l00000a4f, l000009e1_goto_l00000a07; + goto l000009e1_goto_l00000a07, l000009e1_goto_l00000a4f; l00000a07: assume {:captureState "l00000a07"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); @@ -145,7 +145,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#6, 1bv32), 0bv32), Gamma_#6; NF, Gamma_NF := bvadd32(#6, 1bv32)[32:31], Gamma_#6; assert Gamma_ZF; - goto l00000a07_goto_l00000a42, l00000a07_goto_l00000a2d; + goto l00000a07_goto_l00000a2d, l00000a07_goto_l00000a42; l00000a42: assume {:captureState "l00000a42"} true; R0, Gamma_R0 := 7bv64, true; diff --git a/src/test/correct/simple_jump/clang/simple_jump.expected b/src/test/correct/simple_jump/clang/simple_jump.expected index b7ce17016..3220b9d4b 100644 --- a/src/test/correct/simple_jump/clang/simple_jump.expected +++ b/src/test/correct/simple_jump/clang/simple_jump.expected @@ -1,19 +1,11 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; var {:extern} Gamma_R8: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; var {:extern} R8: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $_IO_stdin_used_addr: bv64; @@ -82,7 +74,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_R8, Gamma_VF, Gamma_ZF, Gamma_stack, NF, R0, R31, R8, VF, ZF, stack; + modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_stack, R0, R31, R8, stack; free requires (memory_load64_le(mem, 69664bv64) == 0bv64); free requires (memory_load64_le(mem, 69672bv64) == 69672bv64); free requires (memory_load8_le(mem, 1892bv64) == 1bv8); @@ -107,7 +99,15 @@ procedure main(); implementation main() { var #4: bv32; + var CF: bv1; var Gamma_#4: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; @@ -124,7 +124,7 @@ implementation main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l00000329, lmain_goto_l00000326; + goto lmain_goto_l00000326, lmain_goto_l00000329; l00000329: assume {:captureState "l00000329"} true; R8, Gamma_R8 := 1bv64, true; @@ -136,7 +136,7 @@ implementation main() l0000032c: assume {:captureState "l0000032c"} true; assert Gamma_R8; - goto l0000032c_goto_l0000034b, l0000032c_goto_l00000334; + goto l0000032c_goto_l00000334, l0000032c_goto_l0000034b; l0000034b: assume {:captureState "l0000034b"} true; goto l0000034c; diff --git a/src/test/correct/simple_jump/clang_no_plt_no_pic/simple_jump.expected b/src/test/correct/simple_jump/clang_no_plt_no_pic/simple_jump.expected index f37300456..fd482b3c1 100644 --- a/src/test/correct/simple_jump/clang_no_plt_no_pic/simple_jump.expected +++ b/src/test/correct/simple_jump/clang_no_plt_no_pic/simple_jump.expected @@ -1,19 +1,11 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; var {:extern} Gamma_R8: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; var {:extern} R8: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $_IO_stdin_used_addr: bv64; @@ -82,7 +74,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_R8, Gamma_VF, Gamma_ZF, Gamma_stack, NF, R0, R31, R8, VF, ZF, stack; + modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_stack, R0, R31, R8, stack; free requires (memory_load64_le(mem, 69664bv64) == 0bv64); free requires (memory_load64_le(mem, 69672bv64) == 69672bv64); free requires (memory_load8_le(mem, 1892bv64) == 1bv8); @@ -107,7 +99,15 @@ procedure main(); implementation main() { var #4: bv32; + var CF: bv1; var Gamma_#4: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; @@ -124,7 +124,7 @@ implementation main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l0000093b, lmain_goto_l00000938; + goto lmain_goto_l00000938, lmain_goto_l0000093b; l0000093b: assume {:captureState "l0000093b"} true; R8, Gamma_R8 := 1bv64, true; @@ -136,7 +136,7 @@ implementation main() l0000093e: assume {:captureState "l0000093e"} true; assert Gamma_R8; - goto l0000093e_goto_l0000095d, l0000093e_goto_l00000946; + goto l0000093e_goto_l00000946, l0000093e_goto_l0000095d; l0000095d: assume {:captureState "l0000095d"} true; goto l0000095e; diff --git a/src/test/correct/simple_jump/clang_pic/simple_jump.expected b/src/test/correct/simple_jump/clang_pic/simple_jump.expected index ff4be636c..fd482b3c1 100644 --- a/src/test/correct/simple_jump/clang_pic/simple_jump.expected +++ b/src/test/correct/simple_jump/clang_pic/simple_jump.expected @@ -1,19 +1,11 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; var {:extern} Gamma_R8: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; var {:extern} R8: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $_IO_stdin_used_addr: bv64; @@ -82,7 +74,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_R8, Gamma_VF, Gamma_ZF, Gamma_stack, NF, R0, R31, R8, VF, ZF, stack; + modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_stack, R0, R31, R8, stack; free requires (memory_load64_le(mem, 69664bv64) == 0bv64); free requires (memory_load64_le(mem, 69672bv64) == 69672bv64); free requires (memory_load8_le(mem, 1892bv64) == 1bv8); @@ -107,7 +99,15 @@ procedure main(); implementation main() { var #4: bv32; + var CF: bv1; var Gamma_#4: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; diff --git a/src/test/correct/simple_jump/gcc/simple_jump.expected b/src/test/correct/simple_jump/gcc/simple_jump.expected index 544d421d4..300a26ba3 100644 --- a/src/test/correct/simple_jump/gcc/simple_jump.expected +++ b/src/test/correct/simple_jump/gcc/simple_jump.expected @@ -1,17 +1,9 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $_IO_stdin_used_addr: bv64; @@ -80,7 +72,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_VF, Gamma_ZF, Gamma_stack, NF, R0, R31, VF, ZF, stack; + modifies Gamma_R0, Gamma_R31, Gamma_stack, R0, R31, stack; free requires (memory_load64_le(mem, 69632bv64) == 0bv64); free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); free requires (memory_load8_le(mem, 1876bv64) == 1bv8); @@ -105,7 +97,15 @@ procedure main(); implementation main() { var #4: bv32; + var CF: bv1; var Gamma_#4: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; @@ -119,7 +119,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#4, 1bv32), 0bv32), Gamma_#4; NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l0000030a, lmain_goto_l0000031f; + goto lmain_goto_l0000031f, lmain_goto_l0000030a; l0000031f: assume {:captureState "l0000031f"} true; R0, Gamma_R0 := 6bv64, true; diff --git a/src/test/correct/simple_jump/gcc_no_plt_no_pic/simple_jump.expected b/src/test/correct/simple_jump/gcc_no_plt_no_pic/simple_jump.expected index c6ccb5561..13fba5eb2 100644 --- a/src/test/correct/simple_jump/gcc_no_plt_no_pic/simple_jump.expected +++ b/src/test/correct/simple_jump/gcc_no_plt_no_pic/simple_jump.expected @@ -1,17 +1,9 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $_IO_stdin_used_addr: bv64; @@ -80,7 +72,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_VF, Gamma_ZF, Gamma_stack, NF, R0, R31, VF, ZF, stack; + modifies Gamma_R0, Gamma_R31, Gamma_stack, R0, R31, stack; free requires (memory_load64_le(mem, 69632bv64) == 0bv64); free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); free requires (memory_load8_le(mem, 1876bv64) == 1bv8); @@ -105,7 +97,15 @@ procedure main(); implementation main() { var #4: bv32; + var CF: bv1; var Gamma_#4: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; diff --git a/src/test/correct/simple_jump/gcc_pic/simple_jump.expected b/src/test/correct/simple_jump/gcc_pic/simple_jump.expected index c6ccb5561..13fba5eb2 100644 --- a/src/test/correct/simple_jump/gcc_pic/simple_jump.expected +++ b/src/test/correct/simple_jump/gcc_pic/simple_jump.expected @@ -1,17 +1,9 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $_IO_stdin_used_addr: bv64; @@ -80,7 +72,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_VF, Gamma_ZF, Gamma_stack, NF, R0, R31, VF, ZF, stack; + modifies Gamma_R0, Gamma_R31, Gamma_stack, R0, R31, stack; free requires (memory_load64_le(mem, 69632bv64) == 0bv64); free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); free requires (memory_load8_le(mem, 1876bv64) == 1bv8); @@ -105,7 +97,15 @@ procedure main(); implementation main() { var #4: bv32; + var CF: bv1; var Gamma_#4: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; diff --git a/src/test/correct/switch/clang/switch.expected b/src/test/correct/switch/clang/switch.expected index e12cdc28c..ad2745ee3 100644 --- a/src/test/correct/switch/clang/switch.expected +++ b/src/test/correct/switch/clang/switch.expected @@ -1,17 +1,9 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R31: bool; var {:extern} Gamma_R8: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R31: bv64; var {:extern} R8: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $_IO_stdin_used_addr: bv64; @@ -80,7 +72,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R31, Gamma_R8, Gamma_VF, Gamma_ZF, Gamma_stack, NF, R31, R8, VF, ZF, stack; + modifies Gamma_R31, Gamma_R8, Gamma_stack, R31, R8, stack; free requires (memory_load64_le(mem, 69664bv64) == 0bv64); free requires (memory_load64_le(mem, 69672bv64) == 69672bv64); free requires (memory_load8_le(mem, 1936bv64) == 1bv8); @@ -106,8 +98,16 @@ implementation main() { var #4: bv32; var #5: bv32; + var CF: bv1; var Gamma_#4: bool; var Gamma_#5: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; @@ -138,7 +138,7 @@ implementation main() l00000360: assume {:captureState "l00000360"} true; assert Gamma_R8; - goto l00000360_goto_l0000039a, l00000360_goto_l00000368; + goto l00000360_goto_l00000368, l00000360_goto_l0000039a; l0000039a: assume {:captureState "l0000039a"} true; goto l0000039b; @@ -152,7 +152,7 @@ implementation main() NF, Gamma_NF := bvadd32(#5, 1bv32)[32:31], Gamma_#5; R8, Gamma_R8 := zero_extend32_32(bvadd32(#5, 1bv32)), Gamma_#5; assert Gamma_ZF; - goto l0000039b_goto_l000003c7, l0000039b_goto_l000003c4; + goto l0000039b_goto_l000003c4, l0000039b_goto_l000003c7; l000003c7: assume {:captureState "l000003c7"} true; R8, Gamma_R8 := 1bv64, true; diff --git a/src/test/correct/switch/clang_no_plt_no_pic/switch.expected b/src/test/correct/switch/clang_no_plt_no_pic/switch.expected index 0ce028181..6a652efbf 100644 --- a/src/test/correct/switch/clang_no_plt_no_pic/switch.expected +++ b/src/test/correct/switch/clang_no_plt_no_pic/switch.expected @@ -1,17 +1,9 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R31: bool; var {:extern} Gamma_R8: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R31: bv64; var {:extern} R8: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $_IO_stdin_used_addr: bv64; @@ -80,7 +72,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R31, Gamma_R8, Gamma_VF, Gamma_ZF, Gamma_stack, NF, R31, R8, VF, ZF, stack; + modifies Gamma_R31, Gamma_R8, Gamma_stack, R31, R8, stack; free requires (memory_load64_le(mem, 69664bv64) == 0bv64); free requires (memory_load64_le(mem, 69672bv64) == 69672bv64); free requires (memory_load8_le(mem, 1936bv64) == 1bv8); @@ -106,8 +98,16 @@ implementation main() { var #4: bv32; var #5: bv32; + var CF: bv1; var Gamma_#4: bool; var Gamma_#5: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; @@ -138,7 +138,7 @@ implementation main() l00000a15: assume {:captureState "l00000a15"} true; assert Gamma_R8; - goto l00000a15_goto_l00000a4f, l00000a15_goto_l00000a1d; + goto l00000a15_goto_l00000a1d, l00000a15_goto_l00000a4f; l00000a4f: assume {:captureState "l00000a4f"} true; goto l00000a50; @@ -164,7 +164,7 @@ implementation main() l00000a7f: assume {:captureState "l00000a7f"} true; assert Gamma_R8; - goto l00000a7f_goto_l00000a8c, l00000a7f_goto_l00000a3e; + goto l00000a7f_goto_l00000a3e, l00000a7f_goto_l00000a8c; l00000a3e: assume {:captureState "l00000a3e"} true; R8, Gamma_R8 := 5bv64, true; diff --git a/src/test/correct/switch/clang_pic/switch.expected b/src/test/correct/switch/clang_pic/switch.expected index f9f250451..6a652efbf 100644 --- a/src/test/correct/switch/clang_pic/switch.expected +++ b/src/test/correct/switch/clang_pic/switch.expected @@ -1,17 +1,9 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R31: bool; var {:extern} Gamma_R8: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R31: bv64; var {:extern} R8: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $_IO_stdin_used_addr: bv64; @@ -80,7 +72,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R31, Gamma_R8, Gamma_VF, Gamma_ZF, Gamma_stack, NF, R31, R8, VF, ZF, stack; + modifies Gamma_R31, Gamma_R8, Gamma_stack, R31, R8, stack; free requires (memory_load64_le(mem, 69664bv64) == 0bv64); free requires (memory_load64_le(mem, 69672bv64) == 69672bv64); free requires (memory_load8_le(mem, 1936bv64) == 1bv8); @@ -106,8 +98,16 @@ implementation main() { var #4: bv32; var #5: bv32; + var CF: bv1; var Gamma_#4: bool; var Gamma_#5: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; @@ -126,7 +126,7 @@ implementation main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l00000a12, lmain_goto_l00000a0f; + goto lmain_goto_l00000a0f, lmain_goto_l00000a12; l00000a12: assume {:captureState "l00000a12"} true; R8, Gamma_R8 := 1bv64, true; @@ -138,7 +138,7 @@ implementation main() l00000a15: assume {:captureState "l00000a15"} true; assert Gamma_R8; - goto l00000a15_goto_l00000a4f, l00000a15_goto_l00000a1d; + goto l00000a15_goto_l00000a1d, l00000a15_goto_l00000a4f; l00000a4f: assume {:captureState "l00000a4f"} true; goto l00000a50; @@ -164,7 +164,7 @@ implementation main() l00000a7f: assume {:captureState "l00000a7f"} true; assert Gamma_R8; - goto l00000a7f_goto_l00000a8c, l00000a7f_goto_l00000a3e; + goto l00000a7f_goto_l00000a3e, l00000a7f_goto_l00000a8c; l00000a3e: assume {:captureState "l00000a3e"} true; R8, Gamma_R8 := 5bv64, true; diff --git a/src/test/correct/switch/gcc/switch.expected b/src/test/correct/switch/gcc/switch.expected index f397cb204..dbcad0f6e 100644 --- a/src/test/correct/switch/gcc/switch.expected +++ b/src/test/correct/switch/gcc/switch.expected @@ -1,17 +1,9 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $_IO_stdin_used_addr: bv64; @@ -80,7 +72,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_VF, Gamma_ZF, Gamma_stack, NF, R0, R31, VF, ZF, stack; + modifies Gamma_R0, Gamma_R31, Gamma_stack, R0, R31, stack; free requires (memory_load64_le(mem, 69632bv64) == 0bv64); free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); free requires (memory_load8_le(mem, 1916bv64) == 1bv8); @@ -106,8 +98,16 @@ implementation main() { var #4: bv32; var #5: bv32; + var CF: bv1; var Gamma_#4: bool; var Gamma_#5: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; @@ -133,7 +133,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#5, 1bv32), 0bv32), Gamma_#5; NF, Gamma_NF := bvadd32(#5, 1bv32)[32:31], Gamma_#5; assert Gamma_ZF; - goto l0000036b_goto_l00000391, l0000036b_goto_l0000035c; + goto l0000036b_goto_l0000035c, l0000036b_goto_l00000391; l0000035c: assume {:captureState "l0000035c"} true; R0, Gamma_R0 := 5bv64, true; diff --git a/src/test/correct/switch/gcc_no_plt_no_pic/switch.expected b/src/test/correct/switch/gcc_no_plt_no_pic/switch.expected index fac5f0e72..b0e94c9ff 100644 --- a/src/test/correct/switch/gcc_no_plt_no_pic/switch.expected +++ b/src/test/correct/switch/gcc_no_plt_no_pic/switch.expected @@ -1,17 +1,9 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $_IO_stdin_used_addr: bv64; @@ -80,7 +72,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_VF, Gamma_ZF, Gamma_stack, NF, R0, R31, VF, ZF, stack; + modifies Gamma_R0, Gamma_R31, Gamma_stack, R0, R31, stack; free requires (memory_load64_le(mem, 69632bv64) == 0bv64); free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); free requires (memory_load8_le(mem, 1916bv64) == 1bv8); @@ -106,8 +98,16 @@ implementation main() { var #4: bv32; var #5: bv32; + var CF: bv1; var Gamma_#4: bool; var Gamma_#5: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; diff --git a/src/test/correct/switch/gcc_pic/switch.expected b/src/test/correct/switch/gcc_pic/switch.expected index 7247b5016..b0e94c9ff 100644 --- a/src/test/correct/switch/gcc_pic/switch.expected +++ b/src/test/correct/switch/gcc_pic/switch.expected @@ -1,17 +1,9 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $_IO_stdin_used_addr: bv64; @@ -80,7 +72,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_VF, Gamma_ZF, Gamma_stack, NF, R0, R31, VF, ZF, stack; + modifies Gamma_R0, Gamma_R31, Gamma_stack, R0, R31, stack; free requires (memory_load64_le(mem, 69632bv64) == 0bv64); free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); free requires (memory_load8_le(mem, 1916bv64) == 1bv8); @@ -106,8 +98,16 @@ implementation main() { var #4: bv32; var #5: bv32; + var CF: bv1; var Gamma_#4: bool; var Gamma_#5: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; @@ -123,7 +123,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#4, 1bv32), 0bv32), Gamma_#4; NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l000009ca, lmain_goto_l00000998; + goto lmain_goto_l00000998, lmain_goto_l000009ca; l000009ca: assume {:captureState "l000009ca"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); @@ -133,7 +133,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#5, 1bv32), 0bv32), Gamma_#5; NF, Gamma_NF := bvadd32(#5, 1bv32)[32:31], Gamma_#5; assert Gamma_ZF; - goto l000009ca_goto_l000009f0, l000009ca_goto_l000009bb; + goto l000009ca_goto_l000009bb, l000009ca_goto_l000009f0; l000009bb: assume {:captureState "l000009bb"} true; R0, Gamma_R0 := 5bv64, true; diff --git a/src/test/correct/switch2/gcc/switch2.expected b/src/test/correct/switch2/gcc/switch2.expected index 3932da079..0b80a0dc2 100644 --- a/src/test/correct/switch2/gcc/switch2.expected +++ b/src/test/correct/switch2/gcc/switch2.expected @@ -1,23 +1,15 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R1: bool; var {:extern} Gamma_R29: bool; var {:extern} Gamma_R30: bool; var {:extern} Gamma_R31: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R1: bv64; var {:extern} R29: bv64; var {:extern} R30: bv64; var {:extern} R31: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; function {:extern} {:bvbuiltin "bvadd"} bvadd32(bv32, bv32) returns (bv32); @@ -97,7 +89,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R29, Gamma_R30, Gamma_R31, Gamma_VF, Gamma_ZF, Gamma_stack, NF, R0, R29, R30, R31, VF, ZF, stack; + modifies Gamma_R0, Gamma_R29, Gamma_R30, Gamma_R31, Gamma_stack, R0, R29, R30, R31, stack; requires (Gamma_R0 == true); free requires (memory_load64_le(mem, 69632bv64) == 0bv64); free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); @@ -133,6 +125,7 @@ implementation main() var #7: bv32; var #8: bv32; var #9: bv32; + var CF: bv1; var Gamma_#10: bool; var Gamma_#11: bool; var Gamma_#12: bool; @@ -142,6 +135,13 @@ implementation main() var Gamma_#7: bool; var Gamma_#8: bool; var Gamma_#9: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; lmain: assume {:captureState "lmain"} true; #4, Gamma_#4 := bvadd64(R31, 18446744073709551568bv64), Gamma_R31; @@ -180,7 +180,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#6, 1bv32), 0bv32), Gamma_#6; NF, Gamma_NF := bvadd32(#6, 1bv32)[32:31], Gamma_#6; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l00000408_goto_l00000430, l00000408_goto_l000003e2; + goto l00000408_goto_l000003e2, l00000408_goto_l00000430; l00000430: assume {:captureState "l00000430"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -210,7 +210,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#9, 1bv32), 0bv32), Gamma_#9; NF, Gamma_NF := bvadd32(#9, 1bv32)[32:31], Gamma_#9; assert Gamma_ZF; - goto l0000048f_goto_l000004e2, l0000048f_goto_l000004b0; + goto l0000048f_goto_l000004b0, l0000048f_goto_l000004e2; l000004b0: assume {:captureState "l000004b0"} true; R30, Gamma_R30 := 1944bv64, true; @@ -230,7 +230,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#10, 1bv32), 0bv32), Gamma_#10; NF, Gamma_NF := bvadd32(#10, 1bv32)[32:31], Gamma_#10; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l000004e2_goto_l000003e2, l000004e2_goto_l0000050a; + goto l000004e2_goto_l0000050a, l000004e2_goto_l000003e2; l0000050a: assume {:captureState "l0000050a"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -240,7 +240,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#11, 1bv32), 0bv32), Gamma_#11; NF, Gamma_NF := bvadd32(#11, 1bv32)[32:31], Gamma_#11; assert Gamma_ZF; - goto l0000050a_goto_l00000530, l0000050a_goto_l000004c4; + goto l0000050a_goto_l000004c4, l0000050a_goto_l00000530; l000004c4: assume {:captureState "l000004c4"} true; R0, Gamma_R0 := 1bv64, true; @@ -256,7 +256,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#12, 1bv32), 0bv32), Gamma_#12; NF, Gamma_NF := bvadd32(#12, 1bv32)[32:31], Gamma_#12; assert Gamma_ZF; - goto l00000530_goto_l00000556, l00000530_goto_l000004d5; + goto l00000530_goto_l000004d5, l00000530_goto_l00000556; l000004d5: assume {:captureState "l000004d5"} true; R0, Gamma_R0 := 2bv64, true; diff --git a/src/test/correct/switch2/gcc_no_plt_no_pic/switch2.expected b/src/test/correct/switch2/gcc_no_plt_no_pic/switch2.expected index 16bc01cbe..7b5b056df 100644 --- a/src/test/correct/switch2/gcc_no_plt_no_pic/switch2.expected +++ b/src/test/correct/switch2/gcc_no_plt_no_pic/switch2.expected @@ -1,23 +1,15 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R1: bool; var {:extern} Gamma_R29: bool; var {:extern} Gamma_R30: bool; var {:extern} Gamma_R31: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R1: bv64; var {:extern} R29: bv64; var {:extern} R30: bv64; var {:extern} R31: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; function {:extern} {:bvbuiltin "bvadd"} bvadd32(bv32, bv32) returns (bv32); @@ -97,7 +89,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R29, Gamma_R30, Gamma_R31, Gamma_VF, Gamma_ZF, Gamma_stack, NF, R0, R29, R30, R31, VF, ZF, stack; + modifies Gamma_R0, Gamma_R29, Gamma_R30, Gamma_R31, Gamma_stack, R0, R29, R30, R31, stack; requires (Gamma_R0 == true); free requires (memory_load64_le(mem, 69632bv64) == 0bv64); free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); @@ -133,6 +125,7 @@ implementation main() var #7: bv32; var #8: bv32; var #9: bv32; + var CF: bv1; var Gamma_#10: bool; var Gamma_#11: bool; var Gamma_#12: bool; @@ -142,6 +135,13 @@ implementation main() var Gamma_#7: bool; var Gamma_#8: bool; var Gamma_#9: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; lmain: assume {:captureState "lmain"} true; #4, Gamma_#4 := bvadd64(R31, 18446744073709551568bv64), Gamma_R31; @@ -164,7 +164,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#5, 1bv32), 0bv32), Gamma_#5; NF, Gamma_NF := bvadd32(#5, 1bv32)[32:31], Gamma_#5; assert Gamma_ZF; - goto lmain_goto_l00000c67, lmain_goto_l00000c2f; + goto lmain_goto_l00000c2f, lmain_goto_l00000c67; l00000c2f: assume {:captureState "l00000c2f"} true; R0, Gamma_R0 := 4bv64, true; @@ -180,7 +180,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#6, 1bv32), 0bv32), Gamma_#6; NF, Gamma_NF := bvadd32(#6, 1bv32)[32:31], Gamma_#6; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l00000c67_goto_l00000c8f, l00000c67_goto_l00000c41; + goto l00000c67_goto_l00000c41, l00000c67_goto_l00000c8f; l00000c8f: assume {:captureState "l00000c8f"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -190,7 +190,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#7, 1bv32), 0bv32), Gamma_#7; NF, Gamma_NF := bvadd32(#7, 1bv32)[32:31], Gamma_#7; assert Gamma_ZF; - goto l00000c8f_goto_l00000cc6, l00000c8f_goto_l00000cb0; + goto l00000c8f_goto_l00000cb0, l00000c8f_goto_l00000cc6; l00000cc6: assume {:captureState "l00000cc6"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -210,7 +210,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#9, 1bv32), 0bv32), Gamma_#9; NF, Gamma_NF := bvadd32(#9, 1bv32)[32:31], Gamma_#9; assert Gamma_ZF; - goto l00000cee_goto_l00000d0f, l00000cee_goto_l00000d41; + goto l00000cee_goto_l00000d41, l00000cee_goto_l00000d0f; l00000d0f: assume {:captureState "l00000d0f"} true; R30, Gamma_R30 := 1944bv64, true; @@ -240,7 +240,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#11, 1bv32), 0bv32), Gamma_#11; NF, Gamma_NF := bvadd32(#11, 1bv32)[32:31], Gamma_#11; assert Gamma_ZF; - goto l00000d69_goto_l00000d23, l00000d69_goto_l00000d8f; + goto l00000d69_goto_l00000d8f, l00000d69_goto_l00000d23; l00000d23: assume {:captureState "l00000d23"} true; R0, Gamma_R0 := 1bv64, true; @@ -256,7 +256,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#12, 1bv32), 0bv32), Gamma_#12; NF, Gamma_NF := bvadd32(#12, 1bv32)[32:31], Gamma_#12; assert Gamma_ZF; - goto l00000d8f_goto_l00000db5, l00000d8f_goto_l00000d34; + goto l00000d8f_goto_l00000d34, l00000d8f_goto_l00000db5; l00000d34: assume {:captureState "l00000d34"} true; R0, Gamma_R0 := 2bv64, true; diff --git a/src/test/correct/switch2/gcc_pic/switch2.expected b/src/test/correct/switch2/gcc_pic/switch2.expected index 3f254f943..7b5b056df 100644 --- a/src/test/correct/switch2/gcc_pic/switch2.expected +++ b/src/test/correct/switch2/gcc_pic/switch2.expected @@ -1,23 +1,15 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R1: bool; var {:extern} Gamma_R29: bool; var {:extern} Gamma_R30: bool; var {:extern} Gamma_R31: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R1: bv64; var {:extern} R29: bv64; var {:extern} R30: bv64; var {:extern} R31: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; function {:extern} {:bvbuiltin "bvadd"} bvadd32(bv32, bv32) returns (bv32); @@ -97,7 +89,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R29, Gamma_R30, Gamma_R31, Gamma_VF, Gamma_ZF, Gamma_stack, NF, R0, R29, R30, R31, VF, ZF, stack; + modifies Gamma_R0, Gamma_R29, Gamma_R30, Gamma_R31, Gamma_stack, R0, R29, R30, R31, stack; requires (Gamma_R0 == true); free requires (memory_load64_le(mem, 69632bv64) == 0bv64); free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); @@ -133,6 +125,7 @@ implementation main() var #7: bv32; var #8: bv32; var #9: bv32; + var CF: bv1; var Gamma_#10: bool; var Gamma_#11: bool; var Gamma_#12: bool; @@ -142,6 +135,13 @@ implementation main() var Gamma_#7: bool; var Gamma_#8: bool; var Gamma_#9: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; lmain: assume {:captureState "lmain"} true; #4, Gamma_#4 := bvadd64(R31, 18446744073709551568bv64), Gamma_R31; @@ -190,7 +190,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#7, 1bv32), 0bv32), Gamma_#7; NF, Gamma_NF := bvadd32(#7, 1bv32)[32:31], Gamma_#7; assert Gamma_ZF; - goto l00000c8f_goto_l00000cc6, l00000c8f_goto_l00000cb0; + goto l00000c8f_goto_l00000cb0, l00000c8f_goto_l00000cc6; l00000cc6: assume {:captureState "l00000cc6"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -200,7 +200,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#8, 1bv32), 0bv32), Gamma_#8; NF, Gamma_NF := bvadd32(#8, 1bv32)[32:31], Gamma_#8; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l00000cc6_goto_l00000c41, l00000cc6_goto_l00000cee; + goto l00000cc6_goto_l00000cee, l00000cc6_goto_l00000c41; l00000cee: assume {:captureState "l00000cee"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -230,7 +230,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#10, 1bv32), 0bv32), Gamma_#10; NF, Gamma_NF := bvadd32(#10, 1bv32)[32:31], Gamma_#10; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l00000d41_goto_l00000c41, l00000d41_goto_l00000d69; + goto l00000d41_goto_l00000d69, l00000d41_goto_l00000c41; l00000d69: assume {:captureState "l00000d69"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); diff --git a/src/test/correct/syscall/gcc_O2/syscall.expected b/src/test/correct/syscall/gcc_O2/syscall.expected index fcb66403d..616be9705 100644 --- a/src/test/correct/syscall/gcc_O2/syscall.expected +++ b/src/test/correct/syscall/gcc_O2/syscall.expected @@ -1,8 +1,4 @@ -var {:extern} Gamma_R16: bool; -var {:extern} Gamma_R17: bool; var {:extern} Gamma_mem: [bv64]bool; -var {:extern} R16: bv64; -var {:extern} R17: bv64; var {:extern} mem: [bv64]bv8; const {:extern} $_IO_stdin_used_addr: bv64; axiom ($_IO_stdin_used_addr == 1960bv64); @@ -45,7 +41,6 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure fork(); - modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load64_le(mem, 69632bv64) == 0bv64); free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); free requires (memory_load8_le(mem, 1960bv64) == 1bv8); diff --git a/src/test/correct/using_gamma_conditional/clang/using_gamma_conditional.expected b/src/test/correct/using_gamma_conditional/clang/using_gamma_conditional.expected index 492def287..62f7b98ac 100644 --- a/src/test/correct/using_gamma_conditional/clang/using_gamma_conditional.expected +++ b/src/test/correct/using_gamma_conditional/clang/using_gamma_conditional.expected @@ -1,19 +1,11 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; var {:extern} Gamma_R8: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; var {:extern} R8: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $x_addr: bv64; @@ -97,7 +89,7 @@ implementation {:extern} guarantee_reflexive() } procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_R8, Gamma_VF, Gamma_ZF, Gamma_mem, Gamma_stack, NF, R0, R31, R8, VF, ZF, mem, stack; + modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_mem, Gamma_stack, R0, R31, R8, mem, stack; requires (gamma_load32(Gamma_mem, $x_addr) == true); free requires (memory_load64_le(mem, 69664bv64) == 0bv64); free requires (memory_load64_le(mem, 69672bv64) == 69672bv64); @@ -123,7 +115,15 @@ procedure main(); implementation main() { var #4: bv32; + var CF: bv1; var Gamma_#4: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; @@ -139,7 +139,7 @@ implementation main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l00000322, lmain_goto_l00000325; + goto lmain_goto_l00000325, lmain_goto_l00000322; l00000325: assume {:captureState "l00000325"} true; R8, Gamma_R8 := 1bv64, true; diff --git a/src/test/correct/using_gamma_conditional/clang_O2/using_gamma_conditional.expected b/src/test/correct/using_gamma_conditional/clang_O2/using_gamma_conditional.expected index bafc4645c..05b23af86 100644 --- a/src/test/correct/using_gamma_conditional/clang_O2/using_gamma_conditional.expected +++ b/src/test/correct/using_gamma_conditional/clang_O2/using_gamma_conditional.expected @@ -1,16 +1,8 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R8: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R8: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; const {:extern} $x_addr: bv64; axiom ($x_addr == 69684bv64); @@ -85,7 +77,7 @@ implementation {:extern} guarantee_reflexive() } procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R8, Gamma_VF, Gamma_ZF, Gamma_mem, NF, R0, R8, VF, ZF, mem; + modifies Gamma_R0, Gamma_R8, Gamma_mem, R0, R8, mem; requires (gamma_load32(Gamma_mem, $x_addr) == true); free requires (memory_load64_le(mem, 69664bv64) == 0bv64); free requires (memory_load64_le(mem, 69672bv64) == 69672bv64); @@ -109,7 +101,15 @@ procedure main(); implementation main() { var #4: bv32; + var CF: bv1; var Gamma_#4: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; lmain: assume {:captureState "lmain"} true; R8, Gamma_R8 := 69632bv64, true; @@ -121,7 +121,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#4, 1bv32), 0bv32), Gamma_#4; NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l000002e8, lmain_goto_l000002e5; + goto lmain_goto_l000002e5, lmain_goto_l000002e8; l000002e8: assume {:captureState "l000002e8"} true; R0, Gamma_R0 := 1bv64, true; diff --git a/src/test/correct/using_gamma_conditional/clang_no_plt_no_pic/using_gamma_conditional.expected b/src/test/correct/using_gamma_conditional/clang_no_plt_no_pic/using_gamma_conditional.expected index 0949c6569..16225a823 100644 --- a/src/test/correct/using_gamma_conditional/clang_no_plt_no_pic/using_gamma_conditional.expected +++ b/src/test/correct/using_gamma_conditional/clang_no_plt_no_pic/using_gamma_conditional.expected @@ -1,19 +1,11 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; var {:extern} Gamma_R8: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; var {:extern} R8: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $x_addr: bv64; @@ -97,7 +89,7 @@ implementation {:extern} guarantee_reflexive() } procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_R8, Gamma_VF, Gamma_ZF, Gamma_mem, Gamma_stack, NF, R0, R31, R8, VF, ZF, mem, stack; + modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_mem, Gamma_stack, R0, R31, R8, mem, stack; requires (gamma_load32(Gamma_mem, $x_addr) == true); free requires (memory_load64_le(mem, 69664bv64) == 0bv64); free requires (memory_load64_le(mem, 69672bv64) == 69672bv64); @@ -123,7 +115,15 @@ procedure main(); implementation main() { var #4: bv32; + var CF: bv1; var Gamma_#4: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; @@ -139,7 +139,7 @@ implementation main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l00000940, lmain_goto_l0000093d; + goto lmain_goto_l0000093d, lmain_goto_l00000940; l00000940: assume {:captureState "l00000940"} true; R8, Gamma_R8 := 1bv64, true; @@ -151,7 +151,7 @@ implementation main() l00000943: assume {:captureState "l00000943"} true; assert Gamma_R8; - goto l00000943_goto_l0000094b, l00000943_goto_l00000973; + goto l00000943_goto_l00000973, l00000943_goto_l0000094b; l0000094b: assume {:captureState "l0000094b"} true; R8, Gamma_R8 := 1bv64, true; diff --git a/src/test/correct/using_gamma_conditional/clang_pic/using_gamma_conditional.expected b/src/test/correct/using_gamma_conditional/clang_pic/using_gamma_conditional.expected index 5e37d4c27..6ace33958 100644 --- a/src/test/correct/using_gamma_conditional/clang_pic/using_gamma_conditional.expected +++ b/src/test/correct/using_gamma_conditional/clang_pic/using_gamma_conditional.expected @@ -1,19 +1,11 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; var {:extern} Gamma_R8: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; var {:extern} R8: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $x_addr: bv64; @@ -102,7 +94,7 @@ implementation {:extern} guarantee_reflexive() } procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_R8, Gamma_VF, Gamma_ZF, Gamma_mem, Gamma_stack, NF, R0, R31, R8, VF, ZF, mem, stack; + modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_mem, Gamma_stack, R0, R31, R8, mem, stack; requires (gamma_load32(Gamma_mem, $x_addr) == true); free requires (memory_load64_le(mem, 69664bv64) == 0bv64); free requires (memory_load64_le(mem, 69672bv64) == 69672bv64); @@ -130,7 +122,15 @@ procedure main(); implementation main() { var #4: bv32; + var CF: bv1; var Gamma_#4: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; diff --git a/src/test/correct/using_gamma_conditional/gcc/using_gamma_conditional.expected b/src/test/correct/using_gamma_conditional/gcc/using_gamma_conditional.expected index 58b6324e1..306130a16 100644 --- a/src/test/correct/using_gamma_conditional/gcc/using_gamma_conditional.expected +++ b/src/test/correct/using_gamma_conditional/gcc/using_gamma_conditional.expected @@ -1,14 +1,6 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R0: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; const {:extern} $x_addr: bv64; axiom ($x_addr == 69652bv64); @@ -83,7 +75,7 @@ implementation {:extern} guarantee_reflexive() } procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_VF, Gamma_ZF, Gamma_mem, NF, R0, VF, ZF, mem; + modifies Gamma_R0, Gamma_mem, R0, mem; requires (gamma_load32(Gamma_mem, $x_addr) == true); free requires (memory_load64_le(mem, 69632bv64) == 0bv64); free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); @@ -107,7 +99,15 @@ procedure main(); implementation main() { var #4: bv32; + var CF: bv1; var Gamma_#4: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; lmain: assume {:captureState "lmain"} true; R0, Gamma_R0 := 69632bv64, true; @@ -120,7 +120,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#4, 1bv32), 0bv32), Gamma_#4; NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l00000309, lmain_goto_l000002fa; + goto lmain_goto_l000002fa, lmain_goto_l00000309; l000002fa: assume {:captureState "l000002fa"} true; R0, Gamma_R0 := 1bv64, true; diff --git a/src/test/correct/using_gamma_conditional/gcc_O2/using_gamma_conditional.expected b/src/test/correct/using_gamma_conditional/gcc_O2/using_gamma_conditional.expected index 08fd9338d..5110cd257 100644 --- a/src/test/correct/using_gamma_conditional/gcc_O2/using_gamma_conditional.expected +++ b/src/test/correct/using_gamma_conditional/gcc_O2/using_gamma_conditional.expected @@ -1,14 +1,6 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R0: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; const {:extern} $x_addr: bv64; axiom ($x_addr == 69652bv64); @@ -83,7 +75,7 @@ implementation {:extern} guarantee_reflexive() } procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_VF, Gamma_ZF, Gamma_mem, NF, R0, VF, ZF, mem; + modifies Gamma_R0, Gamma_mem, R0, mem; requires (gamma_load32(Gamma_mem, $x_addr) == true); free requires (memory_load64_le(mem, 69632bv64) == 0bv64); free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); @@ -107,7 +99,15 @@ procedure main(); implementation main() { var #1: bv32; + var CF: bv1; var Gamma_#1: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; lmain: assume {:captureState "lmain"} true; R0, Gamma_R0 := 69632bv64, true; @@ -119,7 +119,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#1, 1bv32), 0bv32), Gamma_#1; NF, Gamma_NF := bvadd32(#1, 1bv32)[32:31], Gamma_#1; assert Gamma_ZF; - goto lmain_goto_l000001cf, lmain_goto_l000001d2; + goto lmain_goto_l000001d2, lmain_goto_l000001cf; l000001d2: assume {:captureState "l000001d2"} true; R0, Gamma_R0 := 1bv64, true; diff --git a/src/test/correct/using_gamma_conditional/gcc_no_plt_no_pic/using_gamma_conditional.expected b/src/test/correct/using_gamma_conditional/gcc_no_plt_no_pic/using_gamma_conditional.expected index 2cb9a14c6..7c57465d3 100644 --- a/src/test/correct/using_gamma_conditional/gcc_no_plt_no_pic/using_gamma_conditional.expected +++ b/src/test/correct/using_gamma_conditional/gcc_no_plt_no_pic/using_gamma_conditional.expected @@ -1,14 +1,6 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R0: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; const {:extern} $x_addr: bv64; axiom ($x_addr == 69652bv64); @@ -83,7 +75,7 @@ implementation {:extern} guarantee_reflexive() } procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_VF, Gamma_ZF, Gamma_mem, NF, R0, VF, ZF, mem; + modifies Gamma_R0, Gamma_mem, R0, mem; requires (gamma_load32(Gamma_mem, $x_addr) == true); free requires (memory_load64_le(mem, 69632bv64) == 0bv64); free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); @@ -107,7 +99,15 @@ procedure main(); implementation main() { var #4: bv32; + var CF: bv1; var Gamma_#4: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; lmain: assume {:captureState "lmain"} true; R0, Gamma_R0 := 69632bv64, true; @@ -120,7 +120,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#4, 1bv32), 0bv32), Gamma_#4; NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l000008b3, lmain_goto_l000008c2; + goto lmain_goto_l000008c2, lmain_goto_l000008b3; l000008b3: assume {:captureState "l000008b3"} true; R0, Gamma_R0 := 1bv64, true; diff --git a/src/test/correct/using_gamma_conditional/gcc_pic/using_gamma_conditional.expected b/src/test/correct/using_gamma_conditional/gcc_pic/using_gamma_conditional.expected index c10bec040..8bfc79117 100644 --- a/src/test/correct/using_gamma_conditional/gcc_pic/using_gamma_conditional.expected +++ b/src/test/correct/using_gamma_conditional/gcc_pic/using_gamma_conditional.expected @@ -1,14 +1,6 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R0: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; const {:extern} $x_addr: bv64; axiom ($x_addr == 69652bv64); @@ -88,7 +80,7 @@ implementation {:extern} guarantee_reflexive() } procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_VF, Gamma_ZF, Gamma_mem, NF, R0, VF, ZF, mem; + modifies Gamma_R0, Gamma_mem, R0, mem; requires (gamma_load32(Gamma_mem, $x_addr) == true); free requires (memory_load64_le(mem, 69632bv64) == 0bv64); free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); @@ -114,7 +106,15 @@ procedure main(); implementation main() { var #4: bv32; + var CF: bv1; var Gamma_#4: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; lmain: assume {:captureState "lmain"} true; R0, Gamma_R0 := 65536bv64, true; @@ -128,7 +128,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#4, 1bv32), 0bv32), Gamma_#4; NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l0000030a, lmain_goto_l000002fb; + goto lmain_goto_l000002fb, lmain_goto_l0000030a; l000002fb: assume {:captureState "l000002fb"} true; R0, Gamma_R0 := 1bv64, true; diff --git a/src/test/incorrect/iflocal/clang/iflocal.expected b/src/test/incorrect/iflocal/clang/iflocal.expected index 2ac7e5717..9e64ca4aa 100644 --- a/src/test/incorrect/iflocal/clang/iflocal.expected +++ b/src/test/incorrect/iflocal/clang/iflocal.expected @@ -1,19 +1,11 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; var {:extern} Gamma_R8: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; var {:extern} R8: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; function {:extern} {:bvbuiltin "bvadd"} bvadd32(bv32, bv32) returns (bv32); @@ -80,7 +72,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_R8, Gamma_VF, Gamma_ZF, Gamma_stack, NF, R0, R31, R8, VF, ZF, stack; + modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_stack, R0, R31, R8, stack; free requires (memory_load64_le(mem, 69664bv64) == 0bv64); free requires (memory_load64_le(mem, 69672bv64) == 69672bv64); free requires (memory_load8_le(mem, 1896bv64) == 1bv8); @@ -105,7 +97,15 @@ procedure main(); implementation main() { var #4: bv32; + var CF: bv1; var Gamma_#4: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; @@ -124,7 +124,7 @@ implementation main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l00000334, lmain_goto_l00000337; + goto lmain_goto_l00000337, lmain_goto_l00000334; l00000337: assume {:captureState "l00000337"} true; R8, Gamma_R8 := 1bv64, true; @@ -136,7 +136,7 @@ implementation main() l0000033a: assume {:captureState "l0000033a"} true; assert Gamma_R8; - goto l0000033a_goto_l00000342, l0000033a_goto_l00000359; + goto l0000033a_goto_l00000359, l0000033a_goto_l00000342; l00000359: assume {:captureState "l00000359"} true; goto l0000035a; diff --git a/src/test/incorrect/iflocal/clang_no_plt_no_pic/iflocal.expected b/src/test/incorrect/iflocal/clang_no_plt_no_pic/iflocal.expected index d65b1519d..fe970c7e9 100644 --- a/src/test/incorrect/iflocal/clang_no_plt_no_pic/iflocal.expected +++ b/src/test/incorrect/iflocal/clang_no_plt_no_pic/iflocal.expected @@ -1,19 +1,11 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; var {:extern} Gamma_R8: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; var {:extern} R8: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; function {:extern} {:bvbuiltin "bvadd"} bvadd32(bv32, bv32) returns (bv32); @@ -80,7 +72,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_R8, Gamma_VF, Gamma_ZF, Gamma_stack, NF, R0, R31, R8, VF, ZF, stack; + modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_stack, R0, R31, R8, stack; free requires (memory_load64_le(mem, 69664bv64) == 0bv64); free requires (memory_load64_le(mem, 69672bv64) == 69672bv64); free requires (memory_load8_le(mem, 1896bv64) == 1bv8); @@ -105,7 +97,15 @@ procedure main(); implementation main() { var #4: bv32; + var CF: bv1; var Gamma_#4: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; @@ -124,7 +124,7 @@ implementation main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l00000959, lmain_goto_l00000956; + goto lmain_goto_l00000956, lmain_goto_l00000959; l00000959: assume {:captureState "l00000959"} true; R8, Gamma_R8 := 1bv64, true; @@ -136,7 +136,7 @@ implementation main() l0000095c: assume {:captureState "l0000095c"} true; assert Gamma_R8; - goto l0000095c_goto_l0000097b, l0000095c_goto_l00000964; + goto l0000095c_goto_l00000964, l0000095c_goto_l0000097b; l0000097b: assume {:captureState "l0000097b"} true; goto l0000097c; diff --git a/src/test/incorrect/iflocal/clang_pic/iflocal.expected b/src/test/incorrect/iflocal/clang_pic/iflocal.expected index d65b1519d..fe970c7e9 100644 --- a/src/test/incorrect/iflocal/clang_pic/iflocal.expected +++ b/src/test/incorrect/iflocal/clang_pic/iflocal.expected @@ -1,19 +1,11 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; var {:extern} Gamma_R8: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; var {:extern} R8: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; function {:extern} {:bvbuiltin "bvadd"} bvadd32(bv32, bv32) returns (bv32); @@ -80,7 +72,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_R8, Gamma_VF, Gamma_ZF, Gamma_stack, NF, R0, R31, R8, VF, ZF, stack; + modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_stack, R0, R31, R8, stack; free requires (memory_load64_le(mem, 69664bv64) == 0bv64); free requires (memory_load64_le(mem, 69672bv64) == 69672bv64); free requires (memory_load8_le(mem, 1896bv64) == 1bv8); @@ -105,7 +97,15 @@ procedure main(); implementation main() { var #4: bv32; + var CF: bv1; var Gamma_#4: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; @@ -124,7 +124,7 @@ implementation main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l00000959, lmain_goto_l00000956; + goto lmain_goto_l00000956, lmain_goto_l00000959; l00000959: assume {:captureState "l00000959"} true; R8, Gamma_R8 := 1bv64, true; @@ -136,7 +136,7 @@ implementation main() l0000095c: assume {:captureState "l0000095c"} true; assert Gamma_R8; - goto l0000095c_goto_l0000097b, l0000095c_goto_l00000964; + goto l0000095c_goto_l00000964, l0000095c_goto_l0000097b; l0000097b: assume {:captureState "l0000097b"} true; goto l0000097c; diff --git a/src/test/incorrect/iflocal/gcc/iflocal.expected b/src/test/incorrect/iflocal/gcc/iflocal.expected index 9b449da49..78557ab71 100644 --- a/src/test/incorrect/iflocal/gcc/iflocal.expected +++ b/src/test/incorrect/iflocal/gcc/iflocal.expected @@ -1,17 +1,9 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; function {:extern} {:bvbuiltin "bvadd"} bvadd32(bv32, bv32) returns (bv32); @@ -78,7 +70,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_VF, Gamma_ZF, Gamma_stack, NF, R0, R31, VF, ZF, stack; + modifies Gamma_R0, Gamma_R31, Gamma_stack, R0, R31, stack; free requires (memory_load64_le(mem, 69632bv64) == 0bv64); free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); free requires (memory_load8_le(mem, 1880bv64) == 1bv8); @@ -103,7 +95,15 @@ procedure main(); implementation main() { var #4: bv32; + var CF: bv1; var Gamma_#4: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551584bv64), Gamma_R31; diff --git a/src/test/incorrect/iflocal/gcc_no_plt_no_pic/iflocal.expected b/src/test/incorrect/iflocal/gcc_no_plt_no_pic/iflocal.expected index ea4389931..0ce1d7ed2 100644 --- a/src/test/incorrect/iflocal/gcc_no_plt_no_pic/iflocal.expected +++ b/src/test/incorrect/iflocal/gcc_no_plt_no_pic/iflocal.expected @@ -1,17 +1,9 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; function {:extern} {:bvbuiltin "bvadd"} bvadd32(bv32, bv32) returns (bv32); @@ -78,7 +70,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_VF, Gamma_ZF, Gamma_stack, NF, R0, R31, VF, ZF, stack; + modifies Gamma_R0, Gamma_R31, Gamma_stack, R0, R31, stack; free requires (memory_load64_le(mem, 69632bv64) == 0bv64); free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); free requires (memory_load8_le(mem, 1880bv64) == 1bv8); @@ -103,7 +95,15 @@ procedure main(); implementation main() { var #4: bv32; + var CF: bv1; var Gamma_#4: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551584bv64), Gamma_R31; diff --git a/src/test/incorrect/iflocal/gcc_pic/iflocal.expected b/src/test/incorrect/iflocal/gcc_pic/iflocal.expected index ea4389931..0ce1d7ed2 100644 --- a/src/test/incorrect/iflocal/gcc_pic/iflocal.expected +++ b/src/test/incorrect/iflocal/gcc_pic/iflocal.expected @@ -1,17 +1,9 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; function {:extern} {:bvbuiltin "bvadd"} bvadd32(bv32, bv32) returns (bv32); @@ -78,7 +70,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_VF, Gamma_ZF, Gamma_stack, NF, R0, R31, VF, ZF, stack; + modifies Gamma_R0, Gamma_R31, Gamma_stack, R0, R31, stack; free requires (memory_load64_le(mem, 69632bv64) == 0bv64); free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); free requires (memory_load8_le(mem, 1880bv64) == 1bv8); @@ -103,7 +95,15 @@ procedure main(); implementation main() { var #4: bv32; + var CF: bv1; var Gamma_#4: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551584bv64), Gamma_R31; diff --git a/src/test/incorrect/malloc_memcpy_strlen_memset_free/clang_O2/malloc_memcpy_strlen_memset_free.expected b/src/test/incorrect/malloc_memcpy_strlen_memset_free/clang_O2/malloc_memcpy_strlen_memset_free.expected index b3c33e870..e2a86f07c 100644 --- a/src/test/incorrect/malloc_memcpy_strlen_memset_free/clang_O2/malloc_memcpy_strlen_memset_free.expected +++ b/src/test/incorrect/malloc_memcpy_strlen_memset_free/clang_O2/malloc_memcpy_strlen_memset_free.expected @@ -33,11 +33,11 @@ var {:extern} malloc_end: [bv64]bv8; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $buf_addr: bv64; -axiom ($buf_addr == 69752bv64); +axiom ($buf_addr == 131192bv64); const {:extern} $password_addr: bv64; -axiom ($password_addr == 69728bv64); +axiom ($password_addr == 131168bv64); const {:extern} $stext_addr: bv64; -axiom ($stext_addr == 69729bv64); +axiom ($stext_addr == 131169bv64); function {:extern} L(memory: [bv64]bv8, index: bv64) returns (bool) { false } @@ -88,14 +88,14 @@ procedure {:extern} rely(); modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); - free ensures (memory_load8_le(mem, 2420bv64) == 1bv8); - free ensures (memory_load8_le(mem, 2421bv64) == 0bv8); - free ensures (memory_load8_le(mem, 2422bv64) == 2bv8); - free ensures (memory_load8_le(mem, 2423bv64) == 0bv8); - free ensures (memory_load64_le(mem, 69064bv64) == 2256bv64); - free ensures (memory_load64_le(mem, 69072bv64) == 2176bv64); - free ensures (memory_load64_le(mem, 69592bv64) == 2260bv64); - free ensures (memory_load64_le(mem, 69720bv64) == 69720bv64); + free ensures (memory_load8_le(mem, 2484bv64) == 1bv8); + free ensures (memory_load8_le(mem, 2485bv64) == 0bv8); + free ensures (memory_load8_le(mem, 2486bv64) == 2bv8); + free ensures (memory_load8_le(mem, 2487bv64) == 0bv8); + free ensures (memory_load64_le(mem, 130488bv64) == 2320bv64); + free ensures (memory_load64_le(mem, 130496bv64) == 2240bv64); + free ensures (memory_load64_le(mem, 131032bv64) == 2324bv64); + free ensures (memory_load64_le(mem, 131160bv64) == 131160bv64); procedure {:extern} rely_transitive(); modifies Gamma_mem, mem; @@ -116,22 +116,22 @@ procedure {:extern} guarantee_reflexive(); procedure #free(); modifies Gamma_R16, Gamma_R17, R16, R17; requires (forall i : int, j: bv64 :: (malloc_base[i] == R0 && bvuge64(j, R0) && bvult64(j, malloc_end[i])) ==> Gamma_mem[j]); - free requires (memory_load8_le(mem, 2420bv64) == 1bv8); - free requires (memory_load8_le(mem, 2421bv64) == 0bv8); - free requires (memory_load8_le(mem, 2422bv64) == 2bv8); - free requires (memory_load8_le(mem, 2423bv64) == 0bv8); - free requires (memory_load64_le(mem, 69064bv64) == 2256bv64); - free requires (memory_load64_le(mem, 69072bv64) == 2176bv64); - free requires (memory_load64_le(mem, 69592bv64) == 2260bv64); - free requires (memory_load64_le(mem, 69720bv64) == 69720bv64); - free ensures (memory_load8_le(mem, 2420bv64) == 1bv8); - free ensures (memory_load8_le(mem, 2421bv64) == 0bv8); - free ensures (memory_load8_le(mem, 2422bv64) == 2bv8); - free ensures (memory_load8_le(mem, 2423bv64) == 0bv8); - free ensures (memory_load64_le(mem, 69064bv64) == 2256bv64); - free ensures (memory_load64_le(mem, 69072bv64) == 2176bv64); - free ensures (memory_load64_le(mem, 69592bv64) == 2260bv64); - free ensures (memory_load64_le(mem, 69720bv64) == 69720bv64); + free requires (memory_load8_le(mem, 2484bv64) == 1bv8); + free requires (memory_load8_le(mem, 2485bv64) == 0bv8); + free requires (memory_load8_le(mem, 2486bv64) == 2bv8); + free requires (memory_load8_le(mem, 2487bv64) == 0bv8); + free requires (memory_load64_le(mem, 130488bv64) == 2320bv64); + free requires (memory_load64_le(mem, 130496bv64) == 2240bv64); + free requires (memory_load64_le(mem, 131032bv64) == 2324bv64); + free requires (memory_load64_le(mem, 131160bv64) == 131160bv64); + free ensures (memory_load8_le(mem, 2484bv64) == 1bv8); + free ensures (memory_load8_le(mem, 2485bv64) == 0bv8); + free ensures (memory_load8_le(mem, 2486bv64) == 2bv8); + free ensures (memory_load8_le(mem, 2487bv64) == 0bv8); + free ensures (memory_load64_le(mem, 130488bv64) == 2320bv64); + free ensures (memory_load64_le(mem, 130496bv64) == 2240bv64); + free ensures (memory_load64_le(mem, 131032bv64) == 2324bv64); + free ensures (memory_load64_le(mem, 131160bv64) == 131160bv64); procedure main(); modifies Gamma_R0, Gamma_R1, Gamma_R16, Gamma_R17, Gamma_R19, Gamma_R2, Gamma_R20, Gamma_R21, Gamma_R29, Gamma_R30, Gamma_R31, Gamma_R8, Gamma_malloc_base, Gamma_malloc_count, Gamma_malloc_end, Gamma_mem, Gamma_stack, R0, R1, R16, R17, R19, R2, R20, R21, R29, R30, R31, R8, malloc_base, malloc_count, malloc_end, mem, stack; @@ -139,42 +139,42 @@ procedure main(); requires malloc_count == 0; requires gamma_load32(Gamma_mem, memory_load64_le(mem, $stext_addr)); requires R31 == 100bv64; - free requires (memory_load8_le(mem, 69712bv64) == 0bv8); - free requires (memory_load8_le(mem, 69713bv64) == 0bv8); - free requires (memory_load8_le(mem, 69714bv64) == 0bv8); - free requires (memory_load8_le(mem, 69715bv64) == 0bv8); - free requires (memory_load8_le(mem, 69716bv64) == 0bv8); - free requires (memory_load8_le(mem, 69717bv64) == 0bv8); - free requires (memory_load8_le(mem, 69718bv64) == 0bv8); - free requires (memory_load8_le(mem, 69719bv64) == 0bv8); - free requires (memory_load8_le(mem, 69720bv64) == 88bv8); - free requires (memory_load8_le(mem, 69721bv64) == 16bv8); - free requires (memory_load8_le(mem, 69722bv64) == 1bv8); - free requires (memory_load8_le(mem, 69723bv64) == 0bv8); - free requires (memory_load8_le(mem, 69724bv64) == 0bv8); - free requires (memory_load8_le(mem, 69725bv64) == 0bv8); - free requires (memory_load8_le(mem, 69726bv64) == 0bv8); - free requires (memory_load8_le(mem, 69727bv64) == 0bv8); - free requires (memory_load8_le(mem, 69728bv64) == 7bv8); - free requires (memory_load8_le(mem, 69729bv64) == 117bv8); - free requires (memory_load8_le(mem, 69730bv64) == 115bv8); - free requires (memory_load8_le(mem, 69731bv64) == 101bv8); - free requires (memory_load8_le(mem, 69732bv64) == 114bv8); - free requires (memory_load8_le(mem, 69733bv64) == 58bv8); - free requires (memory_load8_le(mem, 69734bv64) == 112bv8); - free requires (memory_load8_le(mem, 69735bv64) == 97bv8); - free requires (memory_load8_le(mem, 69736bv64) == 115bv8); - free requires (memory_load8_le(mem, 69737bv64) == 115bv8); - free requires (memory_load8_le(mem, 69738bv64) == 0bv8); - free requires (memory_load8_le(mem, 69739bv64) == 0bv8); - free requires (memory_load8_le(mem, 2420bv64) == 1bv8); - free requires (memory_load8_le(mem, 2421bv64) == 0bv8); - free requires (memory_load8_le(mem, 2422bv64) == 2bv8); - free requires (memory_load8_le(mem, 2423bv64) == 0bv8); - free requires (memory_load64_le(mem, 69064bv64) == 2256bv64); - free requires (memory_load64_le(mem, 69072bv64) == 2176bv64); - free requires (memory_load64_le(mem, 69592bv64) == 2260bv64); - free requires (memory_load64_le(mem, 69720bv64) == 69720bv64); + free requires (memory_load8_le(mem, 131152bv64) == 0bv8); + free requires (memory_load8_le(mem, 131153bv64) == 0bv8); + free requires (memory_load8_le(mem, 131154bv64) == 0bv8); + free requires (memory_load8_le(mem, 131155bv64) == 0bv8); + free requires (memory_load8_le(mem, 131156bv64) == 0bv8); + free requires (memory_load8_le(mem, 131157bv64) == 0bv8); + free requires (memory_load8_le(mem, 131158bv64) == 0bv8); + free requires (memory_load8_le(mem, 131159bv64) == 0bv8); + free requires (memory_load8_le(mem, 131160bv64) == 88bv8); + free requires (memory_load8_le(mem, 131161bv64) == 0bv8); + free requires (memory_load8_le(mem, 131162bv64) == 2bv8); + free requires (memory_load8_le(mem, 131163bv64) == 0bv8); + free requires (memory_load8_le(mem, 131164bv64) == 0bv8); + free requires (memory_load8_le(mem, 131165bv64) == 0bv8); + free requires (memory_load8_le(mem, 131166bv64) == 0bv8); + free requires (memory_load8_le(mem, 131167bv64) == 0bv8); + free requires (memory_load8_le(mem, 131168bv64) == 7bv8); + free requires (memory_load8_le(mem, 131169bv64) == 117bv8); + free requires (memory_load8_le(mem, 131170bv64) == 115bv8); + free requires (memory_load8_le(mem, 131171bv64) == 101bv8); + free requires (memory_load8_le(mem, 131172bv64) == 114bv8); + free requires (memory_load8_le(mem, 131173bv64) == 58bv8); + free requires (memory_load8_le(mem, 131174bv64) == 112bv8); + free requires (memory_load8_le(mem, 131175bv64) == 97bv8); + free requires (memory_load8_le(mem, 131176bv64) == 115bv8); + free requires (memory_load8_le(mem, 131177bv64) == 115bv8); + free requires (memory_load8_le(mem, 131178bv64) == 0bv8); + free requires (memory_load8_le(mem, 131179bv64) == 0bv8); + free requires (memory_load8_le(mem, 2484bv64) == 1bv8); + free requires (memory_load8_le(mem, 2485bv64) == 0bv8); + free requires (memory_load8_le(mem, 2486bv64) == 2bv8); + free requires (memory_load8_le(mem, 2487bv64) == 0bv8); + free requires (memory_load64_le(mem, 130488bv64) == 2320bv64); + free requires (memory_load64_le(mem, 130496bv64) == 2240bv64); + free requires (memory_load64_le(mem, 131032bv64) == 2324bv64); + free requires (memory_load64_le(mem, 131160bv64) == 131160bv64); free ensures (Gamma_R19 == old(Gamma_R19)); free ensures (Gamma_R20 == old(Gamma_R20)); free ensures (Gamma_R21 == old(Gamma_R21)); @@ -185,14 +185,14 @@ procedure main(); free ensures (R21 == old(R21)); free ensures (R29 == old(R29)); free ensures (R31 == old(R31)); - free ensures (memory_load8_le(mem, 2420bv64) == 1bv8); - free ensures (memory_load8_le(mem, 2421bv64) == 0bv8); - free ensures (memory_load8_le(mem, 2422bv64) == 2bv8); - free ensures (memory_load8_le(mem, 2423bv64) == 0bv8); - free ensures (memory_load64_le(mem, 69064bv64) == 2256bv64); - free ensures (memory_load64_le(mem, 69072bv64) == 2176bv64); - free ensures (memory_load64_le(mem, 69592bv64) == 2260bv64); - free ensures (memory_load64_le(mem, 69720bv64) == 69720bv64); + free ensures (memory_load8_le(mem, 2484bv64) == 1bv8); + free ensures (memory_load8_le(mem, 2485bv64) == 0bv8); + free ensures (memory_load8_le(mem, 2486bv64) == 2bv8); + free ensures (memory_load8_le(mem, 2487bv64) == 0bv8); + free ensures (memory_load64_le(mem, 130488bv64) == 2320bv64); + free ensures (memory_load64_le(mem, 130496bv64) == 2240bv64); + free ensures (memory_load64_le(mem, 131032bv64) == 2324bv64); + free ensures (memory_load64_le(mem, 131160bv64) == 131160bv64); implementation main() { @@ -219,13 +219,13 @@ implementation main() assume {:captureState "%00000364"} true; R29, Gamma_R29 := R31, Gamma_R31; R0, Gamma_R0 := 11bv64, true; - R30, Gamma_R30 := 2284bv64, true; + R30, Gamma_R30 := 2348bv64, true; call malloc(); goto l00000379; l00000379: assume {:captureState "l00000379"} true; - R21, Gamma_R21 := 69632bv64, true; - R20, Gamma_R20 := 69632bv64, true; + R21, Gamma_R21 := 131072bv64, true; + R20, Gamma_R20 := 131072bv64, true; R20, Gamma_R20 := bvadd64(R20, 97bv64), Gamma_R20; R19, Gamma_R19 := R0, Gamma_R0; call rely(); @@ -233,7 +233,7 @@ implementation main() mem, Gamma_mem := memory_store64_le(mem, bvadd64(R21, 120bv64), R0), gamma_store64(Gamma_mem, bvadd64(R21, 120bv64), Gamma_R0); assume {:captureState "%00000395"} true; R0, Gamma_R0 := R20, Gamma_R20; - R30, Gamma_R30 := 2312bv64, true; + R30, Gamma_R30 := 2376bv64, true; call strlen(); goto l000003a5; l000003a5: @@ -241,13 +241,13 @@ implementation main() R2, Gamma_R2 := R0, Gamma_R0; R0, Gamma_R0 := R19, Gamma_R19; R1, Gamma_R1 := R20, Gamma_R20; - R30, Gamma_R30 := 2328bv64, true; + R30, Gamma_R30 := 2392bv64, true; call memcpy(); goto l000003bf; l000003bf: assume {:captureState "l000003bf"} true; R0, Gamma_R0 := R19, Gamma_R19; - R30, Gamma_R30 := 2336bv64, true; + R30, Gamma_R30 := 2400bv64, true; call puts(); goto l000003cd; l000003cd: @@ -261,7 +261,7 @@ implementation main() call rely(); R19, Gamma_R19 := memory_load64_le(mem, bvadd64(R21, 120bv64)), (gamma_load64(Gamma_mem, bvadd64(R21, 120bv64)) || L(mem, bvadd64(R21, 120bv64))); R0, Gamma_R0 := R19, Gamma_R19; - R30, Gamma_R30 := 2356bv64, true; + R30, Gamma_R30 := 2420bv64, true; call strlen(); goto l000003ef; l000003ef: @@ -269,14 +269,14 @@ implementation main() R2, Gamma_R2 := R0, Gamma_R0; R0, Gamma_R0 := R19, Gamma_R19; R1, Gamma_R1 := 1bv64, true; - R30, Gamma_R30 := 2372bv64, true; + R30, Gamma_R30 := 2436bv64, true; call memset(); goto l00000408; l00000408: assume {:captureState "l00000408"} true; call rely(); R0, Gamma_R0 := memory_load64_le(mem, bvadd64(R21, 120bv64)), (gamma_load64(Gamma_mem, bvadd64(R21, 120bv64)) || L(mem, bvadd64(R21, 120bv64))); - R30, Gamma_R30 := 2380bv64, true; + R30, Gamma_R30 := 2444bv64, true; call #free(); goto l00000417; l00000417: @@ -299,14 +299,14 @@ procedure malloc(); modifies Gamma_R0, Gamma_R16, Gamma_R17, Gamma_malloc_base, Gamma_malloc_count, Gamma_malloc_end, R0, R16, R17, malloc_base, malloc_count, malloc_end; requires bvugt64(R0, 0bv64); requires Gamma_R0 == true; - free requires (memory_load8_le(mem, 2420bv64) == 1bv8); - free requires (memory_load8_le(mem, 2421bv64) == 0bv8); - free requires (memory_load8_le(mem, 2422bv64) == 2bv8); - free requires (memory_load8_le(mem, 2423bv64) == 0bv8); - free requires (memory_load64_le(mem, 69064bv64) == 2256bv64); - free requires (memory_load64_le(mem, 69072bv64) == 2176bv64); - free requires (memory_load64_le(mem, 69592bv64) == 2260bv64); - free requires (memory_load64_le(mem, 69720bv64) == 69720bv64); + free requires (memory_load8_le(mem, 2484bv64) == 1bv8); + free requires (memory_load8_le(mem, 2485bv64) == 0bv8); + free requires (memory_load8_le(mem, 2486bv64) == 2bv8); + free requires (memory_load8_le(mem, 2487bv64) == 0bv8); + free requires (memory_load64_le(mem, 130488bv64) == 2320bv64); + free requires (memory_load64_le(mem, 130496bv64) == 2240bv64); + free requires (memory_load64_le(mem, 131032bv64) == 2324bv64); + free requires (memory_load64_le(mem, 131160bv64) == 131160bv64); ensures ((memory_load64_le(mem, $buf_addr) == old(memory_load64_le(mem, $buf_addr))) && (memory_load8_le(mem, $password_addr) == old(memory_load8_le(mem, $password_addr)))); ensures Gamma_R0 == true; ensures malloc_count == old(malloc_count) + 1; @@ -317,100 +317,100 @@ procedure malloc(); ensures (forall i: int :: i != malloc_count ==> malloc_base[i] == old(malloc_base[i]) && malloc_end[i] == old(malloc_end[i])); ensures bvuge64(R0, 100000000bv64); ensures (forall i : bv64 :: (bvuge64(i, R0) && bvult64(i, bvadd64(R0, old(R0)))) ==> (Gamma_mem[i] && gamma_load8(Gamma_mem, i))); - free ensures (memory_load8_le(mem, 2420bv64) == 1bv8); - free ensures (memory_load8_le(mem, 2421bv64) == 0bv8); - free ensures (memory_load8_le(mem, 2422bv64) == 2bv8); - free ensures (memory_load8_le(mem, 2423bv64) == 0bv8); - free ensures (memory_load64_le(mem, 69064bv64) == 2256bv64); - free ensures (memory_load64_le(mem, 69072bv64) == 2176bv64); - free ensures (memory_load64_le(mem, 69592bv64) == 2260bv64); - free ensures (memory_load64_le(mem, 69720bv64) == 69720bv64); + free ensures (memory_load8_le(mem, 2484bv64) == 1bv8); + free ensures (memory_load8_le(mem, 2485bv64) == 0bv8); + free ensures (memory_load8_le(mem, 2486bv64) == 2bv8); + free ensures (memory_load8_le(mem, 2487bv64) == 0bv8); + free ensures (memory_load64_le(mem, 130488bv64) == 2320bv64); + free ensures (memory_load64_le(mem, 130496bv64) == 2240bv64); + free ensures (memory_load64_le(mem, 131032bv64) == 2324bv64); + free ensures (memory_load64_le(mem, 131160bv64) == 131160bv64); procedure memcpy(); modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; - free requires (memory_load8_le(mem, 2420bv64) == 1bv8); - free requires (memory_load8_le(mem, 2421bv64) == 0bv8); - free requires (memory_load8_le(mem, 2422bv64) == 2bv8); - free requires (memory_load8_le(mem, 2423bv64) == 0bv8); - free requires (memory_load64_le(mem, 69064bv64) == 2256bv64); - free requires (memory_load64_le(mem, 69072bv64) == 2176bv64); - free requires (memory_load64_le(mem, 69592bv64) == 2260bv64); - free requires (memory_load64_le(mem, 69720bv64) == 69720bv64); + free requires (memory_load8_le(mem, 2484bv64) == 1bv8); + free requires (memory_load8_le(mem, 2485bv64) == 0bv8); + free requires (memory_load8_le(mem, 2486bv64) == 2bv8); + free requires (memory_load8_le(mem, 2487bv64) == 0bv8); + free requires (memory_load64_le(mem, 130488bv64) == 2320bv64); + free requires (memory_load64_le(mem, 130496bv64) == 2240bv64); + free requires (memory_load64_le(mem, 131032bv64) == 2324bv64); + free requires (memory_load64_le(mem, 131160bv64) == 131160bv64); ensures ((memory_load64_le(mem, $buf_addr) == old(memory_load64_le(mem, $buf_addr))) && (memory_load8_le(mem, $password_addr) == old(memory_load8_le(mem, $password_addr)))); ensures (forall i: bv64 :: (Gamma_mem[i] == if (bvule64(R0, i) && bvult64(i, bvadd64(R0, R2))) then gamma_load8((Gamma_mem), bvadd64(bvsub64(i, R0), R1)) else old(gamma_load8(Gamma_mem, i)))); ensures (forall i: bv64 :: (mem[i] == if (bvule64(R0, i) && bvult64(i,bvadd64(R0, R2))) then memory_load8_le((mem), bvadd64(bvsub64(i, R0), R1)) else old(memory_load8_le(mem, i)))); - free ensures (memory_load8_le(mem, 2420bv64) == 1bv8); - free ensures (memory_load8_le(mem, 2421bv64) == 0bv8); - free ensures (memory_load8_le(mem, 2422bv64) == 2bv8); - free ensures (memory_load8_le(mem, 2423bv64) == 0bv8); - free ensures (memory_load64_le(mem, 69064bv64) == 2256bv64); - free ensures (memory_load64_le(mem, 69072bv64) == 2176bv64); - free ensures (memory_load64_le(mem, 69592bv64) == 2260bv64); - free ensures (memory_load64_le(mem, 69720bv64) == 69720bv64); + free ensures (memory_load8_le(mem, 2484bv64) == 1bv8); + free ensures (memory_load8_le(mem, 2485bv64) == 0bv8); + free ensures (memory_load8_le(mem, 2486bv64) == 2bv8); + free ensures (memory_load8_le(mem, 2487bv64) == 0bv8); + free ensures (memory_load64_le(mem, 130488bv64) == 2320bv64); + free ensures (memory_load64_le(mem, 130496bv64) == 2240bv64); + free ensures (memory_load64_le(mem, 131032bv64) == 2324bv64); + free ensures (memory_load64_le(mem, 131160bv64) == 131160bv64); procedure memset(); modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; requires Gamma_R1; - free requires (memory_load8_le(mem, 2420bv64) == 1bv8); - free requires (memory_load8_le(mem, 2421bv64) == 0bv8); - free requires (memory_load8_le(mem, 2422bv64) == 2bv8); - free requires (memory_load8_le(mem, 2423bv64) == 0bv8); - free requires (memory_load64_le(mem, 69064bv64) == 2256bv64); - free requires (memory_load64_le(mem, 69072bv64) == 2176bv64); - free requires (memory_load64_le(mem, 69592bv64) == 2260bv64); - free requires (memory_load64_le(mem, 69720bv64) == 69720bv64); + free requires (memory_load8_le(mem, 2484bv64) == 1bv8); + free requires (memory_load8_le(mem, 2485bv64) == 0bv8); + free requires (memory_load8_le(mem, 2486bv64) == 2bv8); + free requires (memory_load8_le(mem, 2487bv64) == 0bv8); + free requires (memory_load64_le(mem, 130488bv64) == 2320bv64); + free requires (memory_load64_le(mem, 130496bv64) == 2240bv64); + free requires (memory_load64_le(mem, 131032bv64) == 2324bv64); + free requires (memory_load64_le(mem, 131160bv64) == 131160bv64); ensures ((memory_load64_le(mem, $buf_addr) == old(memory_load64_le(mem, $buf_addr))) && (memory_load8_le(mem, $password_addr) == old(memory_load8_le(mem, $password_addr)))); ensures (forall i: bv64 :: (Gamma_mem[i] == if (bvule64(R0, i) && bvult64(i,bvadd64(R0, R2))) then Gamma_R1 else old(gamma_load8(Gamma_mem, i)))); ensures (forall i: bv64 :: (mem[i] == if (bvule64(R0, i) && bvult64(i,bvadd64(R0, R2))) then R1[8:0] else old(memory_load8_le(mem, i)))); - free ensures (memory_load8_le(mem, 2420bv64) == 1bv8); - free ensures (memory_load8_le(mem, 2421bv64) == 0bv8); - free ensures (memory_load8_le(mem, 2422bv64) == 2bv8); - free ensures (memory_load8_le(mem, 2423bv64) == 0bv8); - free ensures (memory_load64_le(mem, 69064bv64) == 2256bv64); - free ensures (memory_load64_le(mem, 69072bv64) == 2176bv64); - free ensures (memory_load64_le(mem, 69592bv64) == 2260bv64); - free ensures (memory_load64_le(mem, 69720bv64) == 69720bv64); + free ensures (memory_load8_le(mem, 2484bv64) == 1bv8); + free ensures (memory_load8_le(mem, 2485bv64) == 0bv8); + free ensures (memory_load8_le(mem, 2486bv64) == 2bv8); + free ensures (memory_load8_le(mem, 2487bv64) == 0bv8); + free ensures (memory_load64_le(mem, 130488bv64) == 2320bv64); + free ensures (memory_load64_le(mem, 130496bv64) == 2240bv64); + free ensures (memory_load64_le(mem, 131032bv64) == 2324bv64); + free ensures (memory_load64_le(mem, 131160bv64) == 131160bv64); procedure puts(); modifies Gamma_R16, Gamma_R17, R16, R17; - free requires (memory_load8_le(mem, 2420bv64) == 1bv8); - free requires (memory_load8_le(mem, 2421bv64) == 0bv8); - free requires (memory_load8_le(mem, 2422bv64) == 2bv8); - free requires (memory_load8_le(mem, 2423bv64) == 0bv8); - free requires (memory_load64_le(mem, 69064bv64) == 2256bv64); - free requires (memory_load64_le(mem, 69072bv64) == 2176bv64); - free requires (memory_load64_le(mem, 69592bv64) == 2260bv64); - free requires (memory_load64_le(mem, 69720bv64) == 69720bv64); - free ensures (memory_load8_le(mem, 2420bv64) == 1bv8); - free ensures (memory_load8_le(mem, 2421bv64) == 0bv8); - free ensures (memory_load8_le(mem, 2422bv64) == 2bv8); - free ensures (memory_load8_le(mem, 2423bv64) == 0bv8); - free ensures (memory_load64_le(mem, 69064bv64) == 2256bv64); - free ensures (memory_load64_le(mem, 69072bv64) == 2176bv64); - free ensures (memory_load64_le(mem, 69592bv64) == 2260bv64); - free ensures (memory_load64_le(mem, 69720bv64) == 69720bv64); + free requires (memory_load8_le(mem, 2484bv64) == 1bv8); + free requires (memory_load8_le(mem, 2485bv64) == 0bv8); + free requires (memory_load8_le(mem, 2486bv64) == 2bv8); + free requires (memory_load8_le(mem, 2487bv64) == 0bv8); + free requires (memory_load64_le(mem, 130488bv64) == 2320bv64); + free requires (memory_load64_le(mem, 130496bv64) == 2240bv64); + free requires (memory_load64_le(mem, 131032bv64) == 2324bv64); + free requires (memory_load64_le(mem, 131160bv64) == 131160bv64); + free ensures (memory_load8_le(mem, 2484bv64) == 1bv8); + free ensures (memory_load8_le(mem, 2485bv64) == 0bv8); + free ensures (memory_load8_le(mem, 2486bv64) == 2bv8); + free ensures (memory_load8_le(mem, 2487bv64) == 0bv8); + free ensures (memory_load64_le(mem, 130488bv64) == 2320bv64); + free ensures (memory_load64_le(mem, 130496bv64) == 2240bv64); + free ensures (memory_load64_le(mem, 131032bv64) == 2324bv64); + free ensures (memory_load64_le(mem, 131160bv64) == 131160bv64); procedure strlen(); modifies Gamma_R0, Gamma_R16, Gamma_R17, R0, R16, R17; - free requires (memory_load8_le(mem, 2420bv64) == 1bv8); - free requires (memory_load8_le(mem, 2421bv64) == 0bv8); - free requires (memory_load8_le(mem, 2422bv64) == 2bv8); - free requires (memory_load8_le(mem, 2423bv64) == 0bv8); - free requires (memory_load64_le(mem, 69064bv64) == 2256bv64); - free requires (memory_load64_le(mem, 69072bv64) == 2176bv64); - free requires (memory_load64_le(mem, 69592bv64) == 2260bv64); - free requires (memory_load64_le(mem, 69720bv64) == 69720bv64); + free requires (memory_load8_le(mem, 2484bv64) == 1bv8); + free requires (memory_load8_le(mem, 2485bv64) == 0bv8); + free requires (memory_load8_le(mem, 2486bv64) == 2bv8); + free requires (memory_load8_le(mem, 2487bv64) == 0bv8); + free requires (memory_load64_le(mem, 130488bv64) == 2320bv64); + free requires (memory_load64_le(mem, 130496bv64) == 2240bv64); + free requires (memory_load64_le(mem, 131032bv64) == 2324bv64); + free requires (memory_load64_le(mem, 131160bv64) == 131160bv64); ensures (((memory_load64_le(mem, $buf_addr) == old(memory_load64_le(mem, $buf_addr))) && (memory_load8_le(mem, $password_addr) == old(memory_load8_le(mem, $password_addr)))) && (memory_load8_le(mem, $stext_addr) == old(memory_load8_le(mem, $stext_addr)))); ensures Gamma_R0 == true; ensures (forall i: bv64 :: (bvule64(old(R0), i)) && (bvult64(i, bvadd64(old(R0), R0))) ==> mem[i] != 0bv8); ensures (memory_load8_le(mem, bvadd64(old(R0), R0)) == 0bv8); ensures (bvult64(old(R0), bvadd64(bvadd64(old(R0), R0), 1bv64))); - free ensures (memory_load8_le(mem, 2420bv64) == 1bv8); - free ensures (memory_load8_le(mem, 2421bv64) == 0bv8); - free ensures (memory_load8_le(mem, 2422bv64) == 2bv8); - free ensures (memory_load8_le(mem, 2423bv64) == 0bv8); - free ensures (memory_load64_le(mem, 69064bv64) == 2256bv64); - free ensures (memory_load64_le(mem, 69072bv64) == 2176bv64); - free ensures (memory_load64_le(mem, 69592bv64) == 2260bv64); - free ensures (memory_load64_le(mem, 69720bv64) == 69720bv64); + free ensures (memory_load8_le(mem, 2484bv64) == 1bv8); + free ensures (memory_load8_le(mem, 2485bv64) == 0bv8); + free ensures (memory_load8_le(mem, 2486bv64) == 2bv8); + free ensures (memory_load8_le(mem, 2487bv64) == 0bv8); + free ensures (memory_load64_le(mem, 130488bv64) == 2320bv64); + free ensures (memory_load64_le(mem, 130496bv64) == 2240bv64); + free ensures (memory_load64_le(mem, 131032bv64) == 2324bv64); + free ensures (memory_load64_le(mem, 131160bv64) == 131160bv64); diff --git a/src/test/incorrect/malloc_memcpy_strlen_memset_free/gcc_O2/malloc_memcpy_strlen_memset_free.expected b/src/test/incorrect/malloc_memcpy_strlen_memset_free/gcc_O2/malloc_memcpy_strlen_memset_free.expected index b73ca0312..699c5028e 100644 --- a/src/test/incorrect/malloc_memcpy_strlen_memset_free/gcc_O2/malloc_memcpy_strlen_memset_free.expected +++ b/src/test/incorrect/malloc_memcpy_strlen_memset_free/gcc_O2/malloc_memcpy_strlen_memset_free.expected @@ -7,7 +7,6 @@ var {:extern} Gamma_R2: bool; var {:extern} Gamma_R20: bool; var {:extern} Gamma_R21: bool; var {:extern} Gamma_R29: bool; -var {:extern} Gamma_R3: bool; var {:extern} Gamma_R30: bool; var {:extern} Gamma_R31: bool; var {:extern} Gamma_malloc_base: [bv64]bool; @@ -24,7 +23,6 @@ var {:extern} R2: bv64; var {:extern} R20: bv64; var {:extern} R21: bv64; var {:extern} R29: bv64; -var {:extern} R3: bv64; var {:extern} R30: bv64; var {:extern} R31: bv64; var {:extern} malloc_base: [bv64]bv8; @@ -33,11 +31,11 @@ var {:extern} malloc_end: [bv64]bv8; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; const {:extern} $buf_addr: bv64; -axiom ($buf_addr == 69672bv64); +axiom ($buf_addr == 131192bv64); const {:extern} $password_addr: bv64; -axiom ($password_addr == 69659bv64); +axiom ($password_addr == 131179bv64); const {:extern} $stext_addr: bv64; -axiom ($stext_addr == 69648bv64); +axiom ($stext_addr == 131168bv64); function {:extern} L(memory: [bv64]bv8, index: bv64) returns (bool) { false } @@ -92,10 +90,10 @@ procedure {:extern} rely(); free ensures (memory_load8_le(mem, 2473bv64) == 0bv8); free ensures (memory_load8_le(mem, 2474bv64) == 2bv8); free ensures (memory_load8_le(mem, 2475bv64) == 0bv8); - free ensures (memory_load64_le(mem, 68968bv64) == 2448bv64); - free ensures (memory_load64_le(mem, 68976bv64) == 2368bv64); - free ensures (memory_load64_le(mem, 69616bv64) == 1984bv64); - free ensures (memory_load64_le(mem, 69640bv64) == 69640bv64); + free ensures (memory_load64_le(mem, 130504bv64) == 2448bv64); + free ensures (memory_load64_le(mem, 130512bv64) == 2368bv64); + free ensures (memory_load64_le(mem, 131032bv64) == 1984bv64); + free ensures (memory_load64_le(mem, 131160bv64) == 131160bv64); procedure {:extern} rely_transitive(); modifies Gamma_mem, mem; @@ -113,25 +111,6 @@ procedure {:extern} rely_reflexive(); procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; -procedure __memcpy_chk(); - modifies Gamma_R16, Gamma_R17, R16, R17; - free requires (memory_load8_le(mem, 2472bv64) == 1bv8); - free requires (memory_load8_le(mem, 2473bv64) == 0bv8); - free requires (memory_load8_le(mem, 2474bv64) == 2bv8); - free requires (memory_load8_le(mem, 2475bv64) == 0bv8); - free requires (memory_load64_le(mem, 68968bv64) == 2448bv64); - free requires (memory_load64_le(mem, 68976bv64) == 2368bv64); - free requires (memory_load64_le(mem, 69616bv64) == 1984bv64); - free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); - free ensures (memory_load8_le(mem, 2472bv64) == 1bv8); - free ensures (memory_load8_le(mem, 2473bv64) == 0bv8); - free ensures (memory_load8_le(mem, 2474bv64) == 2bv8); - free ensures (memory_load8_le(mem, 2475bv64) == 0bv8); - free ensures (memory_load64_le(mem, 68968bv64) == 2448bv64); - free ensures (memory_load64_le(mem, 68976bv64) == 2368bv64); - free ensures (memory_load64_le(mem, 69616bv64) == 1984bv64); - free ensures (memory_load64_le(mem, 69640bv64) == 69640bv64); - procedure #free(); modifies Gamma_R16, Gamma_R17, R16, R17; requires (forall i : int, j: bv64 :: (malloc_base[i] == R0 && bvuge64(j, R0) && bvult64(j, malloc_end[i])) ==> Gamma_mem[j]); @@ -139,61 +118,61 @@ procedure #free(); free requires (memory_load8_le(mem, 2473bv64) == 0bv8); free requires (memory_load8_le(mem, 2474bv64) == 2bv8); free requires (memory_load8_le(mem, 2475bv64) == 0bv8); - free requires (memory_load64_le(mem, 68968bv64) == 2448bv64); - free requires (memory_load64_le(mem, 68976bv64) == 2368bv64); - free requires (memory_load64_le(mem, 69616bv64) == 1984bv64); - free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); + free requires (memory_load64_le(mem, 130504bv64) == 2448bv64); + free requires (memory_load64_le(mem, 130512bv64) == 2368bv64); + free requires (memory_load64_le(mem, 131032bv64) == 1984bv64); + free requires (memory_load64_le(mem, 131160bv64) == 131160bv64); free ensures (memory_load8_le(mem, 2472bv64) == 1bv8); free ensures (memory_load8_le(mem, 2473bv64) == 0bv8); free ensures (memory_load8_le(mem, 2474bv64) == 2bv8); free ensures (memory_load8_le(mem, 2475bv64) == 0bv8); - free ensures (memory_load64_le(mem, 68968bv64) == 2448bv64); - free ensures (memory_load64_le(mem, 68976bv64) == 2368bv64); - free ensures (memory_load64_le(mem, 69616bv64) == 1984bv64); - free ensures (memory_load64_le(mem, 69640bv64) == 69640bv64); + free ensures (memory_load64_le(mem, 130504bv64) == 2448bv64); + free ensures (memory_load64_le(mem, 130512bv64) == 2368bv64); + free ensures (memory_load64_le(mem, 131032bv64) == 1984bv64); + free ensures (memory_load64_le(mem, 131160bv64) == 131160bv64); procedure main(); - modifies Gamma_R0, Gamma_R1, Gamma_R16, Gamma_R17, Gamma_R19, Gamma_R2, Gamma_R20, Gamma_R21, Gamma_R29, Gamma_R3, Gamma_R30, Gamma_R31, Gamma_malloc_base, Gamma_malloc_count, Gamma_malloc_end, Gamma_mem, Gamma_stack, R0, R1, R16, R17, R19, R2, R20, R21, R29, R3, R30, R31, malloc_base, malloc_count, malloc_end, mem, stack; + modifies Gamma_R0, Gamma_R1, Gamma_R16, Gamma_R17, Gamma_R19, Gamma_R2, Gamma_R20, Gamma_R21, Gamma_R29, Gamma_R30, Gamma_R31, Gamma_malloc_base, Gamma_malloc_count, Gamma_malloc_end, Gamma_mem, Gamma_stack, R0, R1, R16, R17, R19, R2, R20, R21, R29, R30, R31, malloc_base, malloc_count, malloc_end, mem, stack; requires (gamma_load8(Gamma_mem, $password_addr) == false); requires malloc_count == 0; requires gamma_load32(Gamma_mem, memory_load64_le(mem, $stext_addr)); requires R31 == 100bv64; - free requires (memory_load8_le(mem, 69632bv64) == 0bv8); - free requires (memory_load8_le(mem, 69633bv64) == 0bv8); - free requires (memory_load8_le(mem, 69634bv64) == 0bv8); - free requires (memory_load8_le(mem, 69635bv64) == 0bv8); - free requires (memory_load8_le(mem, 69636bv64) == 0bv8); - free requires (memory_load8_le(mem, 69637bv64) == 0bv8); - free requires (memory_load8_le(mem, 69638bv64) == 0bv8); - free requires (memory_load8_le(mem, 69639bv64) == 0bv8); - free requires (memory_load8_le(mem, 69640bv64) == 8bv8); - free requires (memory_load8_le(mem, 69641bv64) == 16bv8); - free requires (memory_load8_le(mem, 69642bv64) == 1bv8); - free requires (memory_load8_le(mem, 69643bv64) == 0bv8); - free requires (memory_load8_le(mem, 69644bv64) == 0bv8); - free requires (memory_load8_le(mem, 69645bv64) == 0bv8); - free requires (memory_load8_le(mem, 69646bv64) == 0bv8); - free requires (memory_load8_le(mem, 69647bv64) == 0bv8); - free requires (memory_load8_le(mem, 69648bv64) == 117bv8); - free requires (memory_load8_le(mem, 69649bv64) == 115bv8); - free requires (memory_load8_le(mem, 69650bv64) == 101bv8); - free requires (memory_load8_le(mem, 69651bv64) == 114bv8); - free requires (memory_load8_le(mem, 69652bv64) == 58bv8); - free requires (memory_load8_le(mem, 69653bv64) == 112bv8); - free requires (memory_load8_le(mem, 69654bv64) == 97bv8); - free requires (memory_load8_le(mem, 69655bv64) == 115bv8); - free requires (memory_load8_le(mem, 69656bv64) == 115bv8); - free requires (memory_load8_le(mem, 69657bv64) == 0bv8); - free requires (memory_load8_le(mem, 69658bv64) == 0bv8); - free requires (memory_load8_le(mem, 69659bv64) == 7bv8); + free requires (memory_load8_le(mem, 131152bv64) == 0bv8); + free requires (memory_load8_le(mem, 131153bv64) == 0bv8); + free requires (memory_load8_le(mem, 131154bv64) == 0bv8); + free requires (memory_load8_le(mem, 131155bv64) == 0bv8); + free requires (memory_load8_le(mem, 131156bv64) == 0bv8); + free requires (memory_load8_le(mem, 131157bv64) == 0bv8); + free requires (memory_load8_le(mem, 131158bv64) == 0bv8); + free requires (memory_load8_le(mem, 131159bv64) == 0bv8); + free requires (memory_load8_le(mem, 131160bv64) == 88bv8); + free requires (memory_load8_le(mem, 131161bv64) == 0bv8); + free requires (memory_load8_le(mem, 131162bv64) == 2bv8); + free requires (memory_load8_le(mem, 131163bv64) == 0bv8); + free requires (memory_load8_le(mem, 131164bv64) == 0bv8); + free requires (memory_load8_le(mem, 131165bv64) == 0bv8); + free requires (memory_load8_le(mem, 131166bv64) == 0bv8); + free requires (memory_load8_le(mem, 131167bv64) == 0bv8); + free requires (memory_load8_le(mem, 131168bv64) == 117bv8); + free requires (memory_load8_le(mem, 131169bv64) == 115bv8); + free requires (memory_load8_le(mem, 131170bv64) == 101bv8); + free requires (memory_load8_le(mem, 131171bv64) == 114bv8); + free requires (memory_load8_le(mem, 131172bv64) == 58bv8); + free requires (memory_load8_le(mem, 131173bv64) == 112bv8); + free requires (memory_load8_le(mem, 131174bv64) == 97bv8); + free requires (memory_load8_le(mem, 131175bv64) == 115bv8); + free requires (memory_load8_le(mem, 131176bv64) == 115bv8); + free requires (memory_load8_le(mem, 131177bv64) == 0bv8); + free requires (memory_load8_le(mem, 131178bv64) == 0bv8); + free requires (memory_load8_le(mem, 131179bv64) == 7bv8); free requires (memory_load8_le(mem, 2472bv64) == 1bv8); free requires (memory_load8_le(mem, 2473bv64) == 0bv8); free requires (memory_load8_le(mem, 2474bv64) == 2bv8); free requires (memory_load8_le(mem, 2475bv64) == 0bv8); - free requires (memory_load64_le(mem, 68968bv64) == 2448bv64); - free requires (memory_load64_le(mem, 68976bv64) == 2368bv64); - free requires (memory_load64_le(mem, 69616bv64) == 1984bv64); - free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); + free requires (memory_load64_le(mem, 130504bv64) == 2448bv64); + free requires (memory_load64_le(mem, 130512bv64) == 2368bv64); + free requires (memory_load64_le(mem, 131032bv64) == 1984bv64); + free requires (memory_load64_le(mem, 131160bv64) == 131160bv64); free ensures (Gamma_R19 == old(Gamma_R19)); free ensures (Gamma_R20 == old(Gamma_R20)); free ensures (Gamma_R21 == old(Gamma_R21)); @@ -208,10 +187,10 @@ procedure main(); free ensures (memory_load8_le(mem, 2473bv64) == 0bv8); free ensures (memory_load8_le(mem, 2474bv64) == 2bv8); free ensures (memory_load8_le(mem, 2475bv64) == 0bv8); - free ensures (memory_load64_le(mem, 68968bv64) == 2448bv64); - free ensures (memory_load64_le(mem, 68976bv64) == 2368bv64); - free ensures (memory_load64_le(mem, 69616bv64) == 1984bv64); - free ensures (memory_load64_le(mem, 69640bv64) == 69640bv64); + free ensures (memory_load64_le(mem, 130504bv64) == 2448bv64); + free ensures (memory_load64_le(mem, 130512bv64) == 2368bv64); + free ensures (memory_load64_le(mem, 131032bv64) == 1984bv64); + free ensures (memory_load64_le(mem, 131160bv64) == 131160bv64); implementation main() { @@ -225,86 +204,85 @@ implementation main() assume {:captureState "lmain"} true; #1, Gamma_#1 := bvadd64(R31, 18446744073709551568bv64), Gamma_R31; stack, Gamma_stack := memory_store64_le(stack, #1, R29), gamma_store64(Gamma_stack, #1, Gamma_R29); - assume {:captureState "%00000232"} true; + assume {:captureState "%00000233"} true; stack, Gamma_stack := memory_store64_le(stack, bvadd64(#1, 8bv64), R30), gamma_store64(Gamma_stack, bvadd64(#1, 8bv64), Gamma_R30); - assume {:captureState "%00000238"} true; + assume {:captureState "%00000239"} true; R31, Gamma_R31 := #1, Gamma_#1; R0, Gamma_R0 := 11bv64, true; R29, Gamma_R29 := R31, Gamma_R31; #2, Gamma_#2 := bvadd64(R31, 16bv64), Gamma_R31; stack, Gamma_stack := memory_store64_le(stack, #2, R19), gamma_store64(Gamma_stack, #2, Gamma_R19); - assume {:captureState "%00000253"} true; + assume {:captureState "%00000254"} true; stack, Gamma_stack := memory_store64_le(stack, bvadd64(#2, 8bv64), R20), gamma_store64(Gamma_stack, bvadd64(#2, 8bv64), Gamma_R20); - assume {:captureState "%00000259"} true; - R20, Gamma_R20 := 69632bv64, true; + assume {:captureState "%0000025a"} true; + R20, Gamma_R20 := 131072bv64, true; stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 32bv64), R21), gamma_store64(Gamma_stack, bvadd64(R31, 32bv64), Gamma_R21); - assume {:captureState "%00000266"} true; + assume {:captureState "%00000267"} true; R30, Gamma_R30 := 2012bv64, true; call malloc(); - goto l00000270; - l00000270: - assume {:captureState "l00000270"} true; - R21, Gamma_R21 := 69632bv64, true; - R21, Gamma_R21 := bvadd64(R21, 16bv64), Gamma_R21; + goto l00000271; + l00000271: + assume {:captureState "l00000271"} true; + R21, Gamma_R21 := 131072bv64, true; + R21, Gamma_R21 := bvadd64(R21, 96bv64), Gamma_R21; R19, Gamma_R19 := R0, Gamma_R0; R0, Gamma_R0 := R21, Gamma_R21; call rely(); - assert (L(mem, bvadd64(R20, 40bv64)) ==> Gamma_R19); - mem, Gamma_mem := memory_store64_le(mem, bvadd64(R20, 40bv64), R19), gamma_store64(Gamma_mem, bvadd64(R20, 40bv64), Gamma_R19); - assume {:captureState "%0000028d"} true; + assert (L(mem, bvadd64(R20, 120bv64)) ==> Gamma_R19); + mem, Gamma_mem := memory_store64_le(mem, bvadd64(R20, 120bv64), R19), gamma_store64(Gamma_mem, bvadd64(R20, 120bv64), Gamma_R19); + assume {:captureState "%0000028e"} true; R30, Gamma_R30 := 2036bv64, true; call strlen(); - goto l00000297; - l00000297: - assume {:captureState "l00000297"} true; + goto l00000298; + l00000298: + assume {:captureState "l00000298"} true; R1, Gamma_R1 := R21, Gamma_R21; R2, Gamma_R2 := R0, Gamma_R0; - R3, Gamma_R3 := 11bv64, true; R0, Gamma_R0 := R19, Gamma_R19; - R30, Gamma_R30 := 2056bv64, true; - call __memcpy_chk(); - goto l000002b6; - l000002b6: - assume {:captureState "l000002b6"} true; + R30, Gamma_R30 := 2052bv64, true; + call memcpy(); + goto l000002b2; + l000002b2: + assume {:captureState "l000002b2"} true; R0, Gamma_R0 := R19, Gamma_R19; - R30, Gamma_R30 := 2064bv64, true; + R30, Gamma_R30 := 2060bv64, true; call puts(); - goto l000002c4; - l000002c4: - assume {:captureState "l000002c4"} true; + goto l000002c0; + l000002c0: + assume {:captureState "l000002c0"} true; call rely(); - R0, Gamma_R0 := memory_load64_le(mem, bvadd64(R20, 40bv64)), (gamma_load64(Gamma_mem, bvadd64(R20, 40bv64)) || L(mem, bvadd64(R20, 40bv64))); + R0, Gamma_R0 := memory_load64_le(mem, bvadd64(R20, 120bv64)), (gamma_load64(Gamma_mem, bvadd64(R20, 120bv64)) || L(mem, bvadd64(R20, 120bv64))); call rely(); assert (L(mem, bvadd64(R0, 4bv64)) ==> true); mem, Gamma_mem := memory_store8_le(mem, bvadd64(R0, 4bv64), 0bv8), gamma_store8(Gamma_mem, bvadd64(R0, 4bv64), true); - assume {:captureState "%000002d0"} true; + assume {:captureState "%000002cc"} true; call rely(); - R19, Gamma_R19 := memory_load64_le(mem, bvadd64(R20, 40bv64)), (gamma_load64(Gamma_mem, bvadd64(R20, 40bv64)) || L(mem, bvadd64(R20, 40bv64))); + R19, Gamma_R19 := memory_load64_le(mem, bvadd64(R20, 120bv64)), (gamma_load64(Gamma_mem, bvadd64(R20, 120bv64)) || L(mem, bvadd64(R20, 120bv64))); R0, Gamma_R0 := R19, Gamma_R19; - R30, Gamma_R30 := 2084bv64, true; + R30, Gamma_R30 := 2080bv64, true; call strlen(); - goto l000002e6; - l000002e6: - assume {:captureState "l000002e6"} true; + goto l000002e2; + l000002e2: + assume {:captureState "l000002e2"} true; R1, Gamma_R1 := 1bv64, true; R2, Gamma_R2 := R0, Gamma_R0; R0, Gamma_R0 := R19, Gamma_R19; - R30, Gamma_R30 := 2100bv64, true; + R30, Gamma_R30 := 2096bv64, true; call memset(); - goto l000002ff; - l000002ff: - assume {:captureState "l000002ff"} true; + goto l000002fb; + l000002fb: + assume {:captureState "l000002fb"} true; call rely(); - R0, Gamma_R0 := memory_load64_le(mem, bvadd64(R20, 40bv64)), (gamma_load64(Gamma_mem, bvadd64(R20, 40bv64)) || L(mem, bvadd64(R20, 40bv64))); - R30, Gamma_R30 := 2108bv64, true; + R0, Gamma_R0 := memory_load64_le(mem, bvadd64(R20, 120bv64)), (gamma_load64(Gamma_mem, bvadd64(R20, 120bv64)) || L(mem, bvadd64(R20, 120bv64))); + R30, Gamma_R30 := 2104bv64, true; call #free(); - goto l0000030e; - l0000030e: - assume {:captureState "l0000030e"} true; - R0, Gamma_R0 := 0bv64, true; + goto l0000030a; + l0000030a: + assume {:captureState "l0000030a"} true; #3, Gamma_#3 := bvadd64(R31, 16bv64), Gamma_R31; R19, Gamma_R19 := memory_load64_le(stack, #3), gamma_load64(Gamma_stack, #3); R20, Gamma_R20 := memory_load64_le(stack, bvadd64(#3, 8bv64)), gamma_load64(Gamma_stack, bvadd64(#3, 8bv64)); + R0, Gamma_R0 := 0bv64, true; R21, Gamma_R21 := memory_load64_le(stack, bvadd64(R31, 32bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 32bv64)); R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); @@ -323,10 +301,10 @@ procedure malloc(); free requires (memory_load8_le(mem, 2473bv64) == 0bv8); free requires (memory_load8_le(mem, 2474bv64) == 2bv8); free requires (memory_load8_le(mem, 2475bv64) == 0bv8); - free requires (memory_load64_le(mem, 68968bv64) == 2448bv64); - free requires (memory_load64_le(mem, 68976bv64) == 2368bv64); - free requires (memory_load64_le(mem, 69616bv64) == 1984bv64); - free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); + free requires (memory_load64_le(mem, 130504bv64) == 2448bv64); + free requires (memory_load64_le(mem, 130512bv64) == 2368bv64); + free requires (memory_load64_le(mem, 131032bv64) == 1984bv64); + free requires (memory_load64_le(mem, 131160bv64) == 131160bv64); ensures ((memory_load64_le(mem, $buf_addr) == old(memory_load64_le(mem, $buf_addr))) && (memory_load8_le(mem, $password_addr) == old(memory_load8_le(mem, $password_addr)))); ensures Gamma_R0 == true; ensures malloc_count == old(malloc_count) + 1; @@ -341,10 +319,32 @@ procedure malloc(); free ensures (memory_load8_le(mem, 2473bv64) == 0bv8); free ensures (memory_load8_le(mem, 2474bv64) == 2bv8); free ensures (memory_load8_le(mem, 2475bv64) == 0bv8); - free ensures (memory_load64_le(mem, 68968bv64) == 2448bv64); - free ensures (memory_load64_le(mem, 68976bv64) == 2368bv64); - free ensures (memory_load64_le(mem, 69616bv64) == 1984bv64); - free ensures (memory_load64_le(mem, 69640bv64) == 69640bv64); + free ensures (memory_load64_le(mem, 130504bv64) == 2448bv64); + free ensures (memory_load64_le(mem, 130512bv64) == 2368bv64); + free ensures (memory_load64_le(mem, 131032bv64) == 1984bv64); + free ensures (memory_load64_le(mem, 131160bv64) == 131160bv64); + +procedure memcpy(); + modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + free requires (memory_load8_le(mem, 2472bv64) == 1bv8); + free requires (memory_load8_le(mem, 2473bv64) == 0bv8); + free requires (memory_load8_le(mem, 2474bv64) == 2bv8); + free requires (memory_load8_le(mem, 2475bv64) == 0bv8); + free requires (memory_load64_le(mem, 130504bv64) == 2448bv64); + free requires (memory_load64_le(mem, 130512bv64) == 2368bv64); + free requires (memory_load64_le(mem, 131032bv64) == 1984bv64); + free requires (memory_load64_le(mem, 131160bv64) == 131160bv64); + ensures ((memory_load64_le(mem, $buf_addr) == old(memory_load64_le(mem, $buf_addr))) && (memory_load8_le(mem, $password_addr) == old(memory_load8_le(mem, $password_addr)))); + ensures (forall i: bv64 :: (Gamma_mem[i] == if (bvule64(R0, i) && bvult64(i, bvadd64(R0, R2))) then gamma_load8((Gamma_mem), bvadd64(bvsub64(i, R0), R1)) else old(gamma_load8(Gamma_mem, i)))); + ensures (forall i: bv64 :: (mem[i] == if (bvule64(R0, i) && bvult64(i,bvadd64(R0, R2))) then memory_load8_le((mem), bvadd64(bvsub64(i, R0), R1)) else old(memory_load8_le(mem, i)))); + free ensures (memory_load8_le(mem, 2472bv64) == 1bv8); + free ensures (memory_load8_le(mem, 2473bv64) == 0bv8); + free ensures (memory_load8_le(mem, 2474bv64) == 2bv8); + free ensures (memory_load8_le(mem, 2475bv64) == 0bv8); + free ensures (memory_load64_le(mem, 130504bv64) == 2448bv64); + free ensures (memory_load64_le(mem, 130512bv64) == 2368bv64); + free ensures (memory_load64_le(mem, 131032bv64) == 1984bv64); + free ensures (memory_load64_le(mem, 131160bv64) == 131160bv64); procedure memset(); modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; @@ -353,10 +353,10 @@ procedure memset(); free requires (memory_load8_le(mem, 2473bv64) == 0bv8); free requires (memory_load8_le(mem, 2474bv64) == 2bv8); free requires (memory_load8_le(mem, 2475bv64) == 0bv8); - free requires (memory_load64_le(mem, 68968bv64) == 2448bv64); - free requires (memory_load64_le(mem, 68976bv64) == 2368bv64); - free requires (memory_load64_le(mem, 69616bv64) == 1984bv64); - free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); + free requires (memory_load64_le(mem, 130504bv64) == 2448bv64); + free requires (memory_load64_le(mem, 130512bv64) == 2368bv64); + free requires (memory_load64_le(mem, 131032bv64) == 1984bv64); + free requires (memory_load64_le(mem, 131160bv64) == 131160bv64); ensures ((memory_load64_le(mem, $buf_addr) == old(memory_load64_le(mem, $buf_addr))) && (memory_load8_le(mem, $password_addr) == old(memory_load8_le(mem, $password_addr)))); ensures (forall i: bv64 :: (Gamma_mem[i] == if (bvule64(R0, i) && bvult64(i,bvadd64(R0, R2))) then Gamma_R1 else old(gamma_load8(Gamma_mem, i)))); ensures (forall i: bv64 :: (mem[i] == if (bvule64(R0, i) && bvult64(i,bvadd64(R0, R2))) then R1[8:0] else old(memory_load8_le(mem, i)))); @@ -364,10 +364,10 @@ procedure memset(); free ensures (memory_load8_le(mem, 2473bv64) == 0bv8); free ensures (memory_load8_le(mem, 2474bv64) == 2bv8); free ensures (memory_load8_le(mem, 2475bv64) == 0bv8); - free ensures (memory_load64_le(mem, 68968bv64) == 2448bv64); - free ensures (memory_load64_le(mem, 68976bv64) == 2368bv64); - free ensures (memory_load64_le(mem, 69616bv64) == 1984bv64); - free ensures (memory_load64_le(mem, 69640bv64) == 69640bv64); + free ensures (memory_load64_le(mem, 130504bv64) == 2448bv64); + free ensures (memory_load64_le(mem, 130512bv64) == 2368bv64); + free ensures (memory_load64_le(mem, 131032bv64) == 1984bv64); + free ensures (memory_load64_le(mem, 131160bv64) == 131160bv64); procedure puts(); modifies Gamma_R16, Gamma_R17, R16, R17; @@ -375,18 +375,18 @@ procedure puts(); free requires (memory_load8_le(mem, 2473bv64) == 0bv8); free requires (memory_load8_le(mem, 2474bv64) == 2bv8); free requires (memory_load8_le(mem, 2475bv64) == 0bv8); - free requires (memory_load64_le(mem, 68968bv64) == 2448bv64); - free requires (memory_load64_le(mem, 68976bv64) == 2368bv64); - free requires (memory_load64_le(mem, 69616bv64) == 1984bv64); - free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); + free requires (memory_load64_le(mem, 130504bv64) == 2448bv64); + free requires (memory_load64_le(mem, 130512bv64) == 2368bv64); + free requires (memory_load64_le(mem, 131032bv64) == 1984bv64); + free requires (memory_load64_le(mem, 131160bv64) == 131160bv64); free ensures (memory_load8_le(mem, 2472bv64) == 1bv8); free ensures (memory_load8_le(mem, 2473bv64) == 0bv8); free ensures (memory_load8_le(mem, 2474bv64) == 2bv8); free ensures (memory_load8_le(mem, 2475bv64) == 0bv8); - free ensures (memory_load64_le(mem, 68968bv64) == 2448bv64); - free ensures (memory_load64_le(mem, 68976bv64) == 2368bv64); - free ensures (memory_load64_le(mem, 69616bv64) == 1984bv64); - free ensures (memory_load64_le(mem, 69640bv64) == 69640bv64); + free ensures (memory_load64_le(mem, 130504bv64) == 2448bv64); + free ensures (memory_load64_le(mem, 130512bv64) == 2368bv64); + free ensures (memory_load64_le(mem, 131032bv64) == 1984bv64); + free ensures (memory_load64_le(mem, 131160bv64) == 131160bv64); procedure strlen(); modifies Gamma_R0, Gamma_R16, Gamma_R17, R0, R16, R17; @@ -394,10 +394,10 @@ procedure strlen(); free requires (memory_load8_le(mem, 2473bv64) == 0bv8); free requires (memory_load8_le(mem, 2474bv64) == 2bv8); free requires (memory_load8_le(mem, 2475bv64) == 0bv8); - free requires (memory_load64_le(mem, 68968bv64) == 2448bv64); - free requires (memory_load64_le(mem, 68976bv64) == 2368bv64); - free requires (memory_load64_le(mem, 69616bv64) == 1984bv64); - free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); + free requires (memory_load64_le(mem, 130504bv64) == 2448bv64); + free requires (memory_load64_le(mem, 130512bv64) == 2368bv64); + free requires (memory_load64_le(mem, 131032bv64) == 1984bv64); + free requires (memory_load64_le(mem, 131160bv64) == 131160bv64); ensures (((memory_load64_le(mem, $buf_addr) == old(memory_load64_le(mem, $buf_addr))) && (memory_load8_le(mem, $password_addr) == old(memory_load8_le(mem, $password_addr)))) && (memory_load8_le(mem, $stext_addr) == old(memory_load8_le(mem, $stext_addr)))); ensures Gamma_R0 == true; ensures (forall i: bv64 :: (bvule64(old(R0), i)) && (bvult64(i, bvadd64(old(R0), R0))) ==> mem[i] != 0bv8); @@ -407,8 +407,8 @@ procedure strlen(); free ensures (memory_load8_le(mem, 2473bv64) == 0bv8); free ensures (memory_load8_le(mem, 2474bv64) == 2bv8); free ensures (memory_load8_le(mem, 2475bv64) == 0bv8); - free ensures (memory_load64_le(mem, 68968bv64) == 2448bv64); - free ensures (memory_load64_le(mem, 68976bv64) == 2368bv64); - free ensures (memory_load64_le(mem, 69616bv64) == 1984bv64); - free ensures (memory_load64_le(mem, 69640bv64) == 69640bv64); + free ensures (memory_load64_le(mem, 130504bv64) == 2448bv64); + free ensures (memory_load64_le(mem, 130512bv64) == 2368bv64); + free ensures (memory_load64_le(mem, 131032bv64) == 1984bv64); + free ensures (memory_load64_le(mem, 131160bv64) == 131160bv64); diff --git a/src/test/incorrect/nestedifglobal/clang/nestedifglobal.expected b/src/test/incorrect/nestedifglobal/clang/nestedifglobal.expected index 9d9de9aeb..c58d474bb 100644 --- a/src/test/incorrect/nestedifglobal/clang/nestedifglobal.expected +++ b/src/test/incorrect/nestedifglobal/clang/nestedifglobal.expected @@ -1,21 +1,13 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; var {:extern} Gamma_R8: bool; var {:extern} Gamma_R9: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; var {:extern} R8: bv64; var {:extern} R9: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; function {:extern} L(memory: [bv64]bv8, index: bv64) returns (bool) { @@ -86,7 +78,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_R8, Gamma_R9, Gamma_VF, Gamma_ZF, Gamma_mem, Gamma_stack, NF, R0, R31, R8, R9, VF, ZF, mem, stack; + modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_R9, Gamma_mem, Gamma_stack, R0, R31, R8, R9, mem, stack; free requires (memory_load64_le(mem, 69664bv64) == 0bv64); free requires (memory_load64_le(mem, 69672bv64) == 69672bv64); free requires (memory_load8_le(mem, 1976bv64) == 1bv8); @@ -113,9 +105,17 @@ implementation main() var #4: bv32; var #5: bv32; var #6: bv32; + var CF: bv1; var Gamma_#4: bool; var Gamma_#5: bool; var Gamma_#6: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; @@ -186,7 +186,7 @@ implementation main() l000003d4: assume {:captureState "l000003d4"} true; assert Gamma_R8; - goto l000003d4_goto_l000003dc, l000003d4_goto_l00000448; + goto l000003d4_goto_l00000448, l000003d4_goto_l000003dc; l00000448: assume {:captureState "l00000448"} true; goto l00000449; @@ -206,7 +206,7 @@ implementation main() NF, Gamma_NF := bvadd32(#6, 1bv32)[32:31], Gamma_#6; R8, Gamma_R8 := zero_extend32_32(bvadd32(#6, 1bv32)), Gamma_#6; assert Gamma_ZF; - goto l000003dc_goto_l00000407, l000003dc_goto_l0000040a; + goto l000003dc_goto_l0000040a, l000003dc_goto_l00000407; l0000040a: assume {:captureState "l0000040a"} true; R8, Gamma_R8 := 1bv64, true; diff --git a/src/test/incorrect/nestedifglobal/clang_no_plt_no_pic/nestedifglobal.expected b/src/test/incorrect/nestedifglobal/clang_no_plt_no_pic/nestedifglobal.expected index 162400ad2..02557b876 100644 --- a/src/test/incorrect/nestedifglobal/clang_no_plt_no_pic/nestedifglobal.expected +++ b/src/test/incorrect/nestedifglobal/clang_no_plt_no_pic/nestedifglobal.expected @@ -1,21 +1,13 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; var {:extern} Gamma_R8: bool; var {:extern} Gamma_R9: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; var {:extern} R8: bv64; var {:extern} R9: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; function {:extern} L(memory: [bv64]bv8, index: bv64) returns (bool) { @@ -86,7 +78,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_R8, Gamma_R9, Gamma_VF, Gamma_ZF, Gamma_mem, Gamma_stack, NF, R0, R31, R8, R9, VF, ZF, mem, stack; + modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_R9, Gamma_mem, Gamma_stack, R0, R31, R8, R9, mem, stack; free requires (memory_load64_le(mem, 69664bv64) == 0bv64); free requires (memory_load64_le(mem, 69672bv64) == 69672bv64); free requires (memory_load8_le(mem, 1976bv64) == 1bv8); @@ -113,9 +105,17 @@ implementation main() var #4: bv32; var #5: bv32; var #6: bv32; + var CF: bv1; var Gamma_#4: bool; var Gamma_#5: bool; var Gamma_#6: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551600bv64), Gamma_R31; @@ -152,7 +152,7 @@ implementation main() l00000ae6: assume {:captureState "l00000ae6"} true; assert Gamma_R8; - goto l00000ae6_goto_l00000bad, l00000ae6_goto_l00000aee; + goto l00000ae6_goto_l00000aee, l00000ae6_goto_l00000bad; l00000bad: assume {:captureState "l00000bad"} true; goto l00000bae; @@ -186,7 +186,7 @@ implementation main() l00000b24: assume {:captureState "l00000b24"} true; assert Gamma_R8; - goto l00000b24_goto_l00000b98, l00000b24_goto_l00000b2c; + goto l00000b24_goto_l00000b2c, l00000b24_goto_l00000b98; l00000b98: assume {:captureState "l00000b98"} true; goto l00000b99; @@ -218,7 +218,7 @@ implementation main() l00000b5d: assume {:captureState "l00000b5d"} true; assert Gamma_R8; - goto l00000b5d_goto_l00000b7c, l00000b5d_goto_l00000b65; + goto l00000b5d_goto_l00000b65, l00000b5d_goto_l00000b7c; l00000b7c: assume {:captureState "l00000b7c"} true; goto l00000b7d; diff --git a/src/test/incorrect/nestedifglobal/clang_pic/nestedifglobal.expected b/src/test/incorrect/nestedifglobal/clang_pic/nestedifglobal.expected index 014b65275..6bf072afb 100644 --- a/src/test/incorrect/nestedifglobal/clang_pic/nestedifglobal.expected +++ b/src/test/incorrect/nestedifglobal/clang_pic/nestedifglobal.expected @@ -1,21 +1,13 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R31: bool; var {:extern} Gamma_R8: bool; var {:extern} Gamma_R9: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R31: bv64; var {:extern} R8: bv64; var {:extern} R9: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; function {:extern} L(memory: [bv64]bv8, index: bv64) returns (bool) { @@ -100,7 +92,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R31, Gamma_R8, Gamma_R9, Gamma_VF, Gamma_ZF, Gamma_mem, Gamma_stack, NF, R0, R31, R8, R9, VF, ZF, mem, stack; + modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_R9, Gamma_mem, Gamma_stack, R0, R31, R8, R9, mem, stack; free requires (memory_load64_le(mem, 69664bv64) == 0bv64); free requires (memory_load64_le(mem, 69672bv64) == 69672bv64); free requires (memory_load8_le(mem, 2052bv64) == 1bv8); @@ -131,9 +123,17 @@ implementation main() var #4: bv32; var #5: bv32; var #6: bv32; + var CF: bv1; var Gamma_#4: bool; var Gamma_#5: bool; var Gamma_#6: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551584bv64), Gamma_R31; @@ -162,7 +162,7 @@ implementation main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l000003ab, lmain_goto_l000003ae; + goto lmain_goto_l000003ae, lmain_goto_l000003ab; l000003ae: assume {:captureState "l000003ae"} true; R8, Gamma_R8 := 1bv64, true; @@ -208,7 +208,7 @@ implementation main() l000003f1: assume {:captureState "l000003f1"} true; assert Gamma_R8; - goto l000003f1_goto_l0000046c, l000003f1_goto_l000003f9; + goto l000003f1_goto_l000003f9, l000003f1_goto_l0000046c; l0000046c: assume {:captureState "l0000046c"} true; goto l0000046d; @@ -228,7 +228,7 @@ implementation main() NF, Gamma_NF := bvadd32(#6, 1bv32)[32:31], Gamma_#6; R8, Gamma_R8 := zero_extend32_32(bvadd32(#6, 1bv32)), Gamma_#6; assert Gamma_ZF; - goto l000003f9_goto_l00000427, l000003f9_goto_l00000424; + goto l000003f9_goto_l00000424, l000003f9_goto_l00000427; l00000427: assume {:captureState "l00000427"} true; R8, Gamma_R8 := 1bv64, true; diff --git a/src/test/incorrect/nestedifglobal/gcc/nestedifglobal.expected b/src/test/incorrect/nestedifglobal/gcc/nestedifglobal.expected index 70e9aedd4..f3fac9965 100644 --- a/src/test/incorrect/nestedifglobal/gcc/nestedifglobal.expected +++ b/src/test/incorrect/nestedifglobal/gcc/nestedifglobal.expected @@ -1,19 +1,11 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R1: bool; var {:extern} Gamma_R31: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R1: bv64; var {:extern} R31: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; function {:extern} L(memory: [bv64]bv8, index: bv64) returns (bool) { @@ -84,7 +76,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R1, Gamma_R31, Gamma_VF, Gamma_ZF, Gamma_mem, Gamma_stack, NF, R0, R1, R31, VF, ZF, mem, stack; + modifies Gamma_R0, Gamma_R1, Gamma_R31, Gamma_mem, Gamma_stack, R0, R1, R31, mem, stack; free requires (memory_load64_le(mem, 69632bv64) == 0bv64); free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); free requires (memory_load8_le(mem, 1956bv64) == 1bv8); @@ -111,9 +103,17 @@ implementation main() var #4: bv32; var #5: bv32; var #6: bv32; + var CF: bv1; var Gamma_#4: bool; var Gamma_#5: bool; var Gamma_#6: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551584bv64), Gamma_R31; @@ -138,7 +138,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#4, 1bv32), 0bv32), Gamma_#4; NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l00000381, lmain_goto_l00000414; + goto lmain_goto_l00000414, lmain_goto_l00000381; l00000414: assume {:captureState "l00000414"} true; R0, Gamma_R0 := 3bv64, true; @@ -157,7 +157,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#5, 1bv32), 0bv32), Gamma_#5; NF, Gamma_NF := bvadd32(#5, 1bv32)[32:31], Gamma_#5; assert Gamma_ZF; - goto l00000381_goto_l00000407, l00000381_goto_l000003b2; + goto l00000381_goto_l000003b2, l00000381_goto_l00000407; l00000407: assume {:captureState "l00000407"} true; R0, Gamma_R0 := 5bv64, true; @@ -173,7 +173,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#6, 1bv32), 0bv32), Gamma_#6; NF, Gamma_NF := bvadd32(#6, 1bv32)[32:31], Gamma_#6; assert Gamma_ZF; - goto l000003b2_goto_l000003ed, l000003b2_goto_l000003d8; + goto l000003b2_goto_l000003d8, l000003b2_goto_l000003ed; l000003ed: assume {:captureState "l000003ed"} true; R0, Gamma_R0 := 69632bv64, true; diff --git a/src/test/incorrect/nestedifglobal/gcc_no_plt_no_pic/nestedifglobal.expected b/src/test/incorrect/nestedifglobal/gcc_no_plt_no_pic/nestedifglobal.expected index ba0e034e1..2a1a9c7d2 100644 --- a/src/test/incorrect/nestedifglobal/gcc_no_plt_no_pic/nestedifglobal.expected +++ b/src/test/incorrect/nestedifglobal/gcc_no_plt_no_pic/nestedifglobal.expected @@ -1,19 +1,11 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R1: bool; var {:extern} Gamma_R31: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R1: bv64; var {:extern} R31: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; function {:extern} L(memory: [bv64]bv8, index: bv64) returns (bool) { @@ -84,7 +76,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R1, Gamma_R31, Gamma_VF, Gamma_ZF, Gamma_mem, Gamma_stack, NF, R0, R1, R31, VF, ZF, mem, stack; + modifies Gamma_R0, Gamma_R1, Gamma_R31, Gamma_mem, Gamma_stack, R0, R1, R31, mem, stack; free requires (memory_load64_le(mem, 69632bv64) == 0bv64); free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); free requires (memory_load8_le(mem, 1956bv64) == 1bv8); @@ -111,9 +103,17 @@ implementation main() var #4: bv32; var #5: bv32; var #6: bv32; + var CF: bv1; var Gamma_#4: bool; var Gamma_#5: bool; var Gamma_#6: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551584bv64), Gamma_R31; @@ -138,7 +138,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#4, 1bv32), 0bv32), Gamma_#4; NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l00000a79, lmain_goto_l00000b0c; + goto lmain_goto_l00000b0c, lmain_goto_l00000a79; l00000b0c: assume {:captureState "l00000b0c"} true; R0, Gamma_R0 := 3bv64, true; @@ -173,7 +173,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#6, 1bv32), 0bv32), Gamma_#6; NF, Gamma_NF := bvadd32(#6, 1bv32)[32:31], Gamma_#6; assert Gamma_ZF; - goto l00000aaa_goto_l00000ad0, l00000aaa_goto_l00000ae5; + goto l00000aaa_goto_l00000ae5, l00000aaa_goto_l00000ad0; l00000ae5: assume {:captureState "l00000ae5"} true; R0, Gamma_R0 := 69632bv64, true; diff --git a/src/test/incorrect/nestedifglobal/gcc_pic/nestedifglobal.expected b/src/test/incorrect/nestedifglobal/gcc_pic/nestedifglobal.expected index 151109cbf..476bfca22 100644 --- a/src/test/incorrect/nestedifglobal/gcc_pic/nestedifglobal.expected +++ b/src/test/incorrect/nestedifglobal/gcc_pic/nestedifglobal.expected @@ -1,19 +1,11 @@ -var {:extern} CF: bv1; -var {:extern} Gamma_CF: bool; -var {:extern} Gamma_NF: bool; var {:extern} Gamma_R0: bool; var {:extern} Gamma_R1: bool; var {:extern} Gamma_R31: bool; -var {:extern} Gamma_VF: bool; -var {:extern} Gamma_ZF: bool; var {:extern} Gamma_mem: [bv64]bool; var {:extern} Gamma_stack: [bv64]bool; -var {:extern} NF: bv1; var {:extern} R0: bv64; var {:extern} R1: bv64; var {:extern} R31: bv64; -var {:extern} VF: bv1; -var {:extern} ZF: bv1; var {:extern} mem: [bv64]bv8; var {:extern} stack: [bv64]bv8; function {:extern} L(memory: [bv64]bv8, index: bv64) returns (bool) { @@ -90,7 +82,7 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure main(); - modifies CF, Gamma_CF, Gamma_NF, Gamma_R0, Gamma_R1, Gamma_R31, Gamma_VF, Gamma_ZF, Gamma_mem, Gamma_stack, NF, R0, R1, R31, VF, ZF, mem, stack; + modifies Gamma_R0, Gamma_R1, Gamma_R31, Gamma_mem, Gamma_stack, R0, R1, R31, mem, stack; free requires (memory_load64_le(mem, 69632bv64) == 0bv64); free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); free requires (memory_load8_le(mem, 2020bv64) == 1bv8); @@ -121,9 +113,17 @@ implementation main() var #4: bv32; var #5: bv32; var #6: bv32; + var CF: bv1; var Gamma_#4: bool; var Gamma_#5: bool; var Gamma_#6: bool; + var Gamma_CF: bool; + var Gamma_NF: bool; + var Gamma_VF: bool; + var Gamma_ZF: bool; + var NF: bv1; + var VF: bv1; + var ZF: bv1; lmain: assume {:captureState "lmain"} true; R31, Gamma_R31 := bvadd64(R31, 18446744073709551584bv64), Gamma_R31; @@ -150,7 +150,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#4, 1bv32), 0bv32), Gamma_#4; NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l00000418, lmain_goto_l00000383; + goto lmain_goto_l00000383, lmain_goto_l00000418; l00000418: assume {:captureState "l00000418"} true; R0, Gamma_R0 := 3bv64, true; @@ -186,7 +186,7 @@ implementation main() ZF, Gamma_ZF := bvcomp32(bvadd32(#6, 1bv32), 0bv32), Gamma_#6; NF, Gamma_NF := bvadd32(#6, 1bv32)[32:31], Gamma_#6; assert Gamma_ZF; - goto l000003b5_goto_l000003db, l000003b5_goto_l000003f0; + goto l000003b5_goto_l000003f0, l000003b5_goto_l000003db; l000003f0: assume {:captureState "l000003f0"} true; R0, Gamma_R0 := 65536bv64, true;