From 6e6824402eb9a4b44ebd6bb465049bf87635b2b7 Mon Sep 17 00:00:00 2001 From: Alistair Michael Date: Tue, 7 Nov 2023 11:42:09 +1000 Subject: [PATCH 01/42] move il classes to separate files --- src/main/scala/ir/Block.scala | 29 +++++++++ src/main/scala/ir/Procedure.scala | 82 ++++++++++++++++++++++++++ src/main/scala/ir/Program.scala | 98 ------------------------------- src/main/scala/ir/Statement.scala | 4 +- 4 files changed, 113 insertions(+), 100 deletions(-) create mode 100644 src/main/scala/ir/Block.scala create mode 100644 src/main/scala/ir/Procedure.scala diff --git a/src/main/scala/ir/Block.scala b/src/main/scala/ir/Block.scala new file mode 100644 index 000000000..278d05c44 --- /dev/null +++ b/src/main/scala/ir/Block.scala @@ -0,0 +1,29 @@ +package ir + +import scala.collection.mutable.ArrayBuffer + +class Block( + var label: String, + var address: Option[Int], + var statements: ArrayBuffer[Statement], + var jumps: ArrayBuffer[Jump] + ) { + def calls: Set[Procedure] = jumps.flatMap(_.calls).toSet + + def modifies: Set[Global] = statements.flatMap(_.modifies).toSet + //def locals: Set[Variable] = statements.flatMap(_.locals).toSet ++ jumps.flatMap(_.locals).toSet + + override def toString: String = { + // display all statements and jumps + val statementsString = statements.map(_.toString).mkString("\n") + val jumpsString = jumps.map(_.toString).mkString("\n") + s"Block $label with $statementsString\n$jumpsString" + } + + override def equals(obj: scala.Any): Boolean = + obj match + case b: Block => b.label == this.label + case _ => false + + override def hashCode(): Int = label.hashCode() +} diff --git a/src/main/scala/ir/Procedure.scala b/src/main/scala/ir/Procedure.scala new file mode 100644 index 000000000..b4606f599 --- /dev/null +++ b/src/main/scala/ir/Procedure.scala @@ -0,0 +1,82 @@ +package ir + +import boogie.{BParam, BVariable, BitVecBType, BoolBType} + +import scala.collection.mutable +import scala.collection.mutable.ArrayBuffer + +class Procedure( + var name: String, + var address: Option[Int], + var blocks: ArrayBuffer[Block], + var in: ArrayBuffer[Parameter], + var out: ArrayBuffer[Parameter] + ) { + def calls: Set[Procedure] = blocks.flatMap(_.calls).toSet + override def toString: String = { + s"Procedure $name at ${address.getOrElse("None")} with ${blocks.size} blocks and ${in.size} in and ${out.size} out parameters" + } + var modifies: mutable.Set[Global] = mutable.Set() + + def stackIdentification(): Unit = { + val stackPointer = Register("R31", BitVecType(64)) + val stackRefs: mutable.Set[Variable] = mutable.Set(stackPointer) + val visitedBlocks: mutable.Set[Block] = mutable.Set() + val stackMemory = Memory("stack", 64, 8) + val firstBlock = blocks.headOption + firstBlock.foreach(visitBlock) + + // does not handle loops but we do not currently support loops in block CFG so this should do for now anyway + def visitBlock(b: Block): Unit = { + if (visitedBlocks.contains(b)) { + return + } + for (s <- b.statements) { + s match { + case l: LocalAssign => + // replace mem with stack in loads if index contains stack references + val loads = l.rhs.loads + for (load <- loads) { + val loadStackRefs = load.index.variables.intersect(stackRefs) + if (loadStackRefs.nonEmpty) { + load.mem = stackMemory + } + } + + // update stack references + val variableVisitor = VariablesWithoutStoresLoads() + variableVisitor.visitExpr(l.rhs) + + val rhsStackRefs = variableVisitor.variables.toSet.intersect(stackRefs) + if (rhsStackRefs.nonEmpty) { + stackRefs.add(l.lhs) + } else if (stackRefs.contains(l.lhs) && l.lhs != stackPointer) { + stackRefs.remove(l.lhs) + } + case m: MemoryAssign => + // replace mem with stack if index contains stack reference + val indexStackRefs = m.rhs.index.variables.intersect(stackRefs) + if (indexStackRefs.nonEmpty) { + m.lhs = stackMemory + m.rhs.mem = stackMemory + } + case _ => + } + } + visitedBlocks.add(b) + for (j <- b.jumps) { + j match { + case g: GoTo => visitBlock(g.target) + case d: DirectCall => d.returnTarget.foreach(visitBlock) + case i: IndirectCall => i.returnTarget.foreach(visitBlock) + case n: NonDetGoTo => n.targets.foreach(visitBlock) + } + } + } + } + +} +class Parameter(var name: String, var size: Int, var value: Register) { + def toBoogie: BVariable = BParam(name, BitVecBType(size)) + def toGamma: BVariable = BParam(s"Gamma_$name", BoolBType) +} diff --git a/src/main/scala/ir/Program.scala b/src/main/scala/ir/Program.scala index c14ff8661..162badfea 100644 --- a/src/main/scala/ir/Program.scala +++ b/src/main/scala/ir/Program.scala @@ -111,107 +111,9 @@ class Program(var procedures: ArrayBuffer[Procedure], var mainProcedure: Procedu } -class Procedure( - var name: String, - var address: Option[Int], - var blocks: ArrayBuffer[Block], - var in: ArrayBuffer[Parameter], - var out: ArrayBuffer[Parameter] -) { - def calls: Set[Procedure] = blocks.flatMap(_.calls).toSet - override def toString: String = { - s"Procedure $name at ${address.getOrElse("None")} with ${blocks.size} blocks and ${in.size} in and ${out.size} out parameters" - } - var modifies: mutable.Set[Global] = mutable.Set() - - def stackIdentification(): Unit = { - val stackPointer = Register("R31", BitVecType(64)) - val stackRefs: mutable.Set[Variable] = mutable.Set(stackPointer) - val visitedBlocks: mutable.Set[Block] = mutable.Set() - val stackMemory = Memory("stack", 64, 8) - val firstBlock = blocks.headOption - firstBlock.foreach(visitBlock) - - // does not handle loops but we do not currently support loops in block CFG so this should do for now anyway - def visitBlock(b: Block): Unit = { - if (visitedBlocks.contains(b)) { - return - } - for (s <- b.statements) { - s match { - case l: LocalAssign => - // replace mem with stack in loads if index contains stack references - val loads = l.rhs.loads - for (load <- loads) { - val loadStackRefs = load.index.variables.intersect(stackRefs) - if (loadStackRefs.nonEmpty) { - load.mem = stackMemory - } - } - - // update stack references - val variableVisitor = VariablesWithoutStoresLoads() - variableVisitor.visitExpr(l.rhs) - - val rhsStackRefs = variableVisitor.variables.toSet.intersect(stackRefs) - if (rhsStackRefs.nonEmpty) { - stackRefs.add(l.lhs) - } else if (stackRefs.contains(l.lhs) && l.lhs != stackPointer) { - stackRefs.remove(l.lhs) - } - case m: MemoryAssign => - // replace mem with stack if index contains stack reference - val indexStackRefs = m.rhs.index.variables.intersect(stackRefs) - if (indexStackRefs.nonEmpty) { - m.lhs = stackMemory - m.rhs.mem = stackMemory - } - case _ => - } - } - visitedBlocks.add(b) - for (j <- b.jumps) { - j match { - case g: GoTo => visitBlock(g.target) - case d: DirectCall => d.returnTarget.foreach(visitBlock) - case i: IndirectCall => i.returnTarget.foreach(visitBlock) - case n: NonDetGoTo => n.targets.foreach(visitBlock) - } - } - } - } - -} -class Block( - var label: String, - var address: Option[Int], - var statements: ArrayBuffer[Statement], - var jumps: ArrayBuffer[Jump] -) { - def calls: Set[Procedure] = jumps.flatMap(_.calls).toSet - def modifies: Set[Global] = statements.flatMap(_.modifies).toSet - //def locals: Set[Variable] = statements.flatMap(_.locals).toSet ++ jumps.flatMap(_.locals).toSet - - override def toString: String = { - // display all statements and jumps - val statementsString = statements.map(_.toString).mkString("\n") - val jumpsString = jumps.map(_.toString).mkString("\n") - s"Block $label with $statementsString\n$jumpsString" - } - - override def equals(obj: scala.Any): Boolean = - obj match - case b: Block => b.label == this.label - case _ => false - override def hashCode(): Int = label.hashCode() -} -class Parameter(var name: String, var size: Int, var value: Register) { - def toBoogie: BVariable = BParam(name, BitVecBType(size)) - def toGamma: BVariable = BParam(s"Gamma_$name", BoolBType) -} /** * @param name name diff --git a/src/main/scala/ir/Statement.scala b/src/main/scala/ir/Statement.scala index 07a65fe4b..faf8c4163 100644 --- a/src/main/scala/ir/Statement.scala +++ b/src/main/scala/ir/Statement.scala @@ -1,6 +1,6 @@ package ir -trait Command { +sealed trait Command { val label: Option[String] def labelStr: String = label match { case Some(s) => s"$s: " @@ -8,7 +8,7 @@ trait Command { } } -trait Statement extends Command { +sealed trait Statement extends Command { def modifies: Set[Global] = Set() //def locals: Set[Variable] = Set() def acceptVisit(visitor: Visitor): Statement = throw new Exception( From 0acf9b7dfe2287b00003fab8ee20f6bc4da1e5cf Mon Sep 17 00:00:00 2001 From: Alistair Michael Date: Tue, 7 Nov 2023 11:56:36 +1000 Subject: [PATCH 02/42] move il classes to separate files --- src/main/scala/ir/IRCursor.scala | 5 +++++ 1 file changed, 5 insertions(+) create mode 100644 src/main/scala/ir/IRCursor.scala diff --git a/src/main/scala/ir/IRCursor.scala b/src/main/scala/ir/IRCursor.scala new file mode 100644 index 000000000..75f9a9c28 --- /dev/null +++ b/src/main/scala/ir/IRCursor.scala @@ -0,0 +1,5 @@ +package ir + +class IRCursor { + +} From c3f63b60da50131ed224c59f72d9b69a07389daa Mon Sep 17 00:00:00 2001 From: Alistair Michael Date: Tue, 7 Nov 2023 13:33:03 +1000 Subject: [PATCH 03/42] add parent references to il --- src/main/scala/analysis/Cfg.scala | 2 +- src/main/scala/ir/Block.scala | 3 ++- src/main/scala/ir/IRCursor.scala | 3 --- src/main/scala/ir/Statement.scala | 20 +++++++++-------- src/main/scala/translating/BAPToIR.scala | 28 +++++++++++++----------- src/main/scala/util/RunUtils.scala | 16 +++++++++----- 6 files changed, 39 insertions(+), 33 deletions(-) diff --git a/src/main/scala/analysis/Cfg.scala b/src/main/scala/analysis/Cfg.scala index 2c0c2e4d7..1c8881b8a 100644 --- a/src/main/scala/analysis/Cfg.scala +++ b/src/main/scala/analysis/Cfg.scala @@ -761,7 +761,7 @@ class ProgramCfgFactory: jmps.head match { case jmp: GoTo => // `GoTo`s are just edges, so introduce a fake `start of block` that can be jmp'd to - val ghostNode = CfgGhostNode(block = block, parent = funcEntryNode, data = NOP(jmp.label)) + val ghostNode = CfgGhostNode(block = block, parent = funcEntryNode, data = NOP(jmp.label, block)) cfg.addEdge(prevNode, ghostNode, cond) precNode = ghostNode visitedBlocks += (block -> ghostNode) diff --git a/src/main/scala/ir/Block.scala b/src/main/scala/ir/Block.scala index 278d05c44..6bd862860 100644 --- a/src/main/scala/ir/Block.scala +++ b/src/main/scala/ir/Block.scala @@ -6,7 +6,8 @@ class Block( var label: String, var address: Option[Int], var statements: ArrayBuffer[Statement], - var jumps: ArrayBuffer[Jump] + var jumps: ArrayBuffer[Jump], + var procedure: Procedure ) { def calls: Set[Procedure] = jumps.flatMap(_.calls).toSet diff --git a/src/main/scala/ir/IRCursor.scala b/src/main/scala/ir/IRCursor.scala index 75f9a9c28..8fba9aa3e 100644 --- a/src/main/scala/ir/IRCursor.scala +++ b/src/main/scala/ir/IRCursor.scala @@ -1,5 +1,2 @@ package ir -class IRCursor { - -} diff --git a/src/main/scala/ir/Statement.scala b/src/main/scala/ir/Statement.scala index faf8c4163..8a0918ae8 100644 --- a/src/main/scala/ir/Statement.scala +++ b/src/main/scala/ir/Statement.scala @@ -2,6 +2,8 @@ package ir sealed trait Command { val label: Option[String] + var parent: Block + def labelStr: String = label match { case Some(s) => s"$s: " case None => "" @@ -16,7 +18,7 @@ sealed trait Statement extends Command { ) } -class LocalAssign(var lhs: Variable, var rhs: Expr, override val label: Option[String] = None) extends Statement { +class LocalAssign(var lhs: Variable, var rhs: Expr, var parent: Block, override val label: Option[String] = None) extends Statement { //override def locals: Set[Variable] = rhs.locals + lhs override def modifies: Set[Global] = lhs match { case r: Register => Set(r) @@ -29,7 +31,7 @@ class LocalAssign(var lhs: Variable, var rhs: Expr, override val label: Option[S object LocalAssign: def unapply(l: LocalAssign): Option[(Variable, Expr, Option[String])] = Some(l.lhs, l.rhs, l.label) -class MemoryAssign(var lhs: Memory, var rhs: MemoryStore, override val label: Option[String] = None) extends Statement { +class MemoryAssign(var lhs: Memory, var rhs: MemoryStore, var parent: Block, override val label: Option[String] = None) extends Statement { override def modifies: Set[Global] = Set(lhs) //override def locals: Set[Variable] = rhs.locals override def toString: String = s"$labelStr$lhs := $rhs" @@ -39,12 +41,12 @@ class MemoryAssign(var lhs: Memory, var rhs: MemoryStore, override val label: Op object MemoryAssign: def unapply(m: MemoryAssign): Option[(Memory, MemoryStore, Option[String])] = Some(m.lhs, m.rhs, m.label) -case class NOP(override val label: Option[String] = None) extends Statement { +case class NOP(override val label: Option[String] = None, var parent: Block) extends Statement { override def toString: String = s"$labelStr" override def acceptVisit(visitor: Visitor): Statement = this } -class Assert(var body: Expr, var comment: Option[String] = None, override val label: Option[String] = None) extends Statement { +class Assert(var body: Expr, var parent: Block, var comment: Option[String] = None, override val label: Option[String] = None) extends Statement { override def toString: String = s"${labelStr}assert $body" + comment.map(" //" + _) override def acceptVisit(visitor: Visitor): Statement = visitor.visitAssert(this) } @@ -52,7 +54,7 @@ class Assert(var body: Expr, var comment: Option[String] = None, override val la object Assert: def unapply(a: Assert): Option[(Expr, Option[String], Option[String])] = Some(a.body, a.comment, a.label) -class Assume(var body: Expr, var comment: Option[String] = None, override val label: Option[String] = None) extends Statement { +class Assume(var body: Expr, var parent: Block, var comment: Option[String] = None, override val label: Option[String] = None) extends Statement { override def toString: String = s"${labelStr}assume $body" + comment.map(" //" + _) override def acceptVisit(visitor: Visitor): Statement = visitor.visitAssume(this) } @@ -67,7 +69,7 @@ trait Jump extends Command { def acceptVisit(visitor: Visitor): Jump = throw new Exception("visitor " + visitor + " unimplemented for: " + this) } -class GoTo(var target: Block, var condition: Option[Expr], override val label: Option[String] = None) extends Jump { +class GoTo(var target: Block, var parent: Block, var condition: Option[Expr], override val label: Option[String] = None) extends Jump { /* override def locals: Set[Variable] = condition match { case Some(c) => c.locals case None => Set() @@ -80,12 +82,12 @@ class GoTo(var target: Block, var condition: Option[Expr], override val label: O object GoTo: def unapply(g: GoTo): Option[(Block, Option[Expr], Option[String])] = Some(g.target, g.condition, g.label) -class NonDetGoTo(var targets: Seq[Block], override val label: Option[String] = None) extends Jump { +class NonDetGoTo(var targets: Seq[Block], var parent: Block, override val label: Option[String] = None) extends Jump { override def toString: String = s"${labelStr}NonDetGoTo(${targets.map(_.label).mkString(", ")})" override def acceptVisit(visitor: Visitor): Jump = visitor.visitNonDetGoTo(this) } -class DirectCall(var target: Procedure, var returnTarget: Option[Block], override val label: Option[String] = None) extends Jump { +class DirectCall(var target: Procedure, var returnTarget: Option[Block], var parent: Block, override val label: Option[String] = None) extends Jump { /* override def locals: Set[Variable] = condition match { case Some(c) => c.locals case None => Set() @@ -98,7 +100,7 @@ class DirectCall(var target: Procedure, var returnTarget: Option[Block], overrid object DirectCall: def unapply(i: DirectCall): Option[(Procedure, Option[Block], Option[String])] = Some(i.target, i.returnTarget, i.label) -class IndirectCall(var target: Variable, var returnTarget: Option[Block], override val label: Option[String] = None) extends Jump { +class IndirectCall(var target: Variable, var parent: Block, var returnTarget: Option[Block], override val label: Option[String] = None) extends Jump { /* override def locals: Set[Variable] = condition match { case Some(c) => c.locals + target case None => Set(target) diff --git a/src/main/scala/translating/BAPToIR.scala b/src/main/scala/translating/BAPToIR.scala index 1ba1099d6..0a0cc5478 100644 --- a/src/main/scala/translating/BAPToIR.scala +++ b/src/main/scala/translating/BAPToIR.scala @@ -17,20 +17,21 @@ class BAPToIR(var program: BAPProgram, mainAddress: Int) { val procedures: ArrayBuffer[Procedure] = ArrayBuffer() for (s <- program.subroutines) { val blocks: ArrayBuffer[Block] = ArrayBuffer() + val in: ArrayBuffer[Parameter] = ArrayBuffer() + val out: ArrayBuffer[Parameter] = ArrayBuffer() + val procedure = Procedure(s.name, Some(s.address), blocks, in, out) + for (b <- s.blocks) { - val block = Block(b.label, b.address, ArrayBuffer(), ArrayBuffer()) + val block = Block(b.label, b.address, ArrayBuffer(), ArrayBuffer(), procedure) blocks.append(block) labelToBlock.addOne(b.label, block) } - val in: ArrayBuffer[Parameter] = ArrayBuffer() for (p <- s.in) { in.append(p.toIR) } - val out: ArrayBuffer[Parameter] = ArrayBuffer() for (p <- s.out) { out.append(p.toIR) } - val procedure = Procedure(s.name, Some(s.address), blocks, in, out) if (s.address == mainAddress) { mainProcedure = Some(procedure) } @@ -42,10 +43,10 @@ class BAPToIR(var program: BAPProgram, mainAddress: Int) { for (b <- s.blocks) { val block = labelToBlock(b.label) for (st <- b.statements) { - block.statements.append(translate(st)) + block.statements.append(translate(st, block)) } for (j <- b.jumps) { - block.jumps.append(translate(j)) + block.jumps.append(translate(j, block)) } } } @@ -59,22 +60,23 @@ class BAPToIR(var program: BAPProgram, mainAddress: Int) { Program(procedures, mainProcedure.get, memorySections, ArrayBuffer()) } - private def translate(s: BAPStatement) = s match { - case b: BAPMemAssign => MemoryAssign(b.lhs.toIR, b.rhs.toIR, Some(b.line)) - case b: BAPLocalAssign => LocalAssign(b.lhs.toIR, b.rhs.toIR, Some(b.line)) + private def translate(s: BAPStatement, parent: Block) = s match { + case b: BAPMemAssign => MemoryAssign(b.lhs.toIR, b.rhs.toIR, parent, Some(b.line)) + case b: BAPLocalAssign => LocalAssign(b.lhs.toIR, b.rhs.toIR, parent, Some(b.line)) } - private def translate(j: BAPJump) = j match { + private def translate(j: BAPJump, parent: Block) = j match { case b: BAPDirectCall => DirectCall( nameToProcedure(b.target), b.returnTarget.map(t => labelToBlock(t)), - Some(b.line) + parent, + Some(b.line), ) case b: BAPIndirectCall => - IndirectCall(b.target.toIR, b.returnTarget.map(t => labelToBlock(t)), Some(b.line)) + IndirectCall(b.target.toIR, parent, b.returnTarget.map(t => labelToBlock(t)), Some(b.line)) case b: BAPGoTo => - GoTo(labelToBlock(b.target), coerceToBool(b.condition), Some(b.line)) + GoTo(labelToBlock(b.target), parent, coerceToBool(b.condition), Some(b.line)) } /* diff --git a/src/main/scala/util/RunUtils.scala b/src/main/scala/util/RunUtils.scala index 4e29d94c0..56965a54a 100644 --- a/src/main/scala/util/RunUtils.scala +++ b/src/main/scala/util/RunUtils.scala @@ -327,21 +327,25 @@ object RunUtils { val targets = targetNames.map(name => IRProgram.procedures.filter(_.name.equals(name)).head) if (targets.size == 1) { modified = true - val newCall = DirectCall(targets.head, indirectCall.returnTarget) + val newCall = DirectCall(targets.head, indirectCall.returnTarget, block) block.jumps.remove(block.jumps.indexOf(indirectCall)) block.jumps.append(newCall) } else if (targets.size > 1) { modified = true - val procedure = c.parent.data + val procedure: Procedure = c.parent.data + val newBlocks = for (t <- targets) yield { - val assume = Assume(BinaryExpr(BVEQ, indirectCall.target, BitVecLiteral(t.address.get, 64))) val newLabel: String = block.label + t.name - val directCall = DirectCall(t, indirectCall.returnTarget) - Block(newLabel, None, ArrayBuffer(assume), ArrayBuffer(directCall)) + val newBlock = Block(newLabel, None, ArrayBuffer(), ArrayBuffer(), procedure) + val assume = Assume(BinaryExpr(BVEQ, indirectCall.target, BitVecLiteral(t.address.get, 64)), newBlock) + val directCall = DirectCall(t, indirectCall.returnTarget, newBlock) + newBlock.statements.addOne(assume) + newBlock.jumps.addOne(directCall) + newBlock } procedure.blocks.addAll(newBlocks) block.jumps.remove(block.jumps.indexOf(indirectCall)) - val newCall = NonDetGoTo(newBlocks) + val newCall = NonDetGoTo(newBlocks, block) block.jumps.append(newCall) } case _ => From ff306673808cf0618849fccc76b7eca98d3cf89a Mon Sep 17 00:00:00 2001 From: Alistair Michael Date: Wed, 8 Nov 2023 09:55:34 +1000 Subject: [PATCH 04/42] initial intrusive list work --- src/main/scala/ir/Block.scala | 7 + src/main/scala/ir/IRCursor.scala | 146 +++++++++++++++++- src/main/scala/ir/Statement.scala | 1 + .../ir/IntrusiveListPublicInterfaceTest.scala | 28 ++++ src/test/scala/ir/IntrusiveListTest.scala | 74 +++++++++ 5 files changed, 255 insertions(+), 1 deletion(-) create mode 100644 src/test/scala/ir/IntrusiveListPublicInterfaceTest.scala create mode 100644 src/test/scala/ir/IntrusiveListTest.scala diff --git a/src/main/scala/ir/Block.scala b/src/main/scala/ir/Block.scala index 6bd862860..714708c90 100644 --- a/src/main/scala/ir/Block.scala +++ b/src/main/scala/ir/Block.scala @@ -9,6 +9,13 @@ class Block( var jumps: ArrayBuffer[Jump], var procedure: Procedure ) { + + //def addStatementAfter(statement: Statement, newStatement: Statement): Statement = { + // val i = statements.indexOf(statement) + // statements.insert(i, newStatement) + //} + + def calls: Set[Procedure] = jumps.flatMap(_.calls).toSet def modifies: Set[Global] = statements.flatMap(_.modifies).toSet diff --git a/src/main/scala/ir/IRCursor.scala b/src/main/scala/ir/IRCursor.scala index 8fba9aa3e..f259a9b77 100644 --- a/src/main/scala/ir/IRCursor.scala +++ b/src/main/scala/ir/IRCursor.scala @@ -1,2 +1,146 @@ -package ir +package intrusiveList +import collection.immutable.Seq +import collection.mutable + + + + + +class IntrusiveList[T <: IntrusiveListElement](): + + private val list: mutable.HashSet[T] = mutable.HashSet.empty + // if size == 1 then first.get == last.get + private var first: Option[T] = None + private var last: Option[T] = None + + def head(): T = first.get + + def back(): T = last.get + + def prepend(newElem: T): T = { + if (first.isDefined) { + first.get.insertBefore(newElem) + } + first = Some(newElem) + if (last.isEmpty) { + last = Some(newElem) + } + list.add(newElem) + newElem + } + + def append(newElem : T): T = { + if (last.isDefined) { + last.get.insertAfter(newElem) + } + last = Some(newElem) + if (first.isEmpty) { + first = Some(newElem) + } + assert(list.add(newElem)) + newElem + } + + def remove(intrusiveListElement: T): T = { + list.remove(intrusiveListElement) + intrusiveListElement.remove().asInstanceOf[T] + } + + def insertAfter(intrusiveListElement: T, newElem: T): Unit = { + assert(list.contains(intrusiveListElement)) + list.add(intrusiveListElement.insertAfter(newElem).asInstanceOf[T]) + if (intrusiveListElement == last) { + last = Some(newElem) + } + } + def insertBefore(intrusiveListElement: T, newElem: T): Unit = { + assert(list.contains(intrusiveListElement)) + list.add(intrusiveListElement.insertBefore(newElem).asInstanceOf[T]) + + if (intrusiveListElement == first) { + first = Some(newElem) + } + } + + def size: Int = list.size + +trait IntrusiveListElement: + private var next: Option[IntrusiveListElement] = None + private var prev: Option[IntrusiveListElement] = None + private[intrusiveList] def insertBefore(elem: IntrusiveListElement): IntrusiveListElement = { + elem.prev = prev + if (prev.isDefined) { + prev.get.next = Some(elem) + } + prev = Some(elem) + elem.next = Some(this) + elem + } + + private[intrusiveList] def insertAfter(elem: IntrusiveListElement): IntrusiveListElement = { + if (next.isDefined) { + next.get.prev = Some(elem) + } + elem.next = next + next = Some(elem) + elem.prev = Some(this) + elem + } + + private[intrusiveList] def remove(): IntrusiveListElement = { + if (next.isDefined) { + next.get.prev = prev + } + if (prev.isDefined) { + prev.get.next = next + } + this + } + + private[intrusiveList] def append(elem: IntrusiveListElement): IntrusiveListElement = { + last().insertAfter(elem) + } + + private[intrusiveList] def prepend(elem: IntrusiveListElement): IntrusiveListElement = { + first().insertBefore(elem) + } + + private[intrusiveList] def getNext: IntrusiveListElement = next.get + + private[intrusiveList] def getPrev: IntrusiveListElement = prev.get + + private[intrusiveList] def hasNext: Boolean = next.isDefined + private[intrusiveList] def hasPrev: Boolean = prev.isDefined + + private[intrusiveList] def last(): IntrusiveListElement = { + next match { + case Some(n) => n.last() + case None => this + } + } + + private[intrusiveList] def first(): IntrusiveListElement = { + prev match { + case Some(n) => n.first() + case None => this + } + } + + + + +//type Position = Procedure | Block | Statement +//class IRCursor(val position: Position) { +// +// //def succ() : Seq(IRCursor) = { +// // position match { +// // case p: Procedure => Seq(IRCursor(p.blocks.head)) +// // case b: Block => Seq(IRCursor(b.statements.head)) +// // case s: Statement => Seq(s.parent.statements.ne()) +// +// // } +// //} +// +// +//} diff --git a/src/main/scala/ir/Statement.scala b/src/main/scala/ir/Statement.scala index 8a0918ae8..4074f7b7f 100644 --- a/src/main/scala/ir/Statement.scala +++ b/src/main/scala/ir/Statement.scala @@ -8,6 +8,7 @@ sealed trait Command { case Some(s) => s"$s: " case None => "" } + } sealed trait Statement extends Command { diff --git a/src/test/scala/ir/IntrusiveListPublicInterfaceTest.scala b/src/test/scala/ir/IntrusiveListPublicInterfaceTest.scala new file mode 100644 index 000000000..183f0b527 --- /dev/null +++ b/src/test/scala/ir/IntrusiveListPublicInterfaceTest.scala @@ -0,0 +1,28 @@ +package ir +import org.scalatest.funsuite.AnyFunSuite +import intrusiveList.{IntrusiveList, IntrusiveListElement} + +case class Elem(val t: Float) extends IntrusiveListElement + +class IntrusiveListPublicInterfaceTest extends AnyFunSuite { + + test("general stuff") { + val x = IntrusiveList[Elem]() + val toInsert = Elem(10) + val f = x.append(toInsert) + assert(x.size == 1) + assert(f eq toInsert) + + x.append(Elem(11)) + x.append(Elem(12)) + x.append(Elem(13)) + x.append(Elem(14)) + + var y = x.head() + assert(y.t == 10) + assert(x.back().t == 14) + + + } + +} diff --git a/src/test/scala/ir/IntrusiveListTest.scala b/src/test/scala/ir/IntrusiveListTest.scala new file mode 100644 index 000000000..7ab980d2c --- /dev/null +++ b/src/test/scala/ir/IntrusiveListTest.scala @@ -0,0 +1,74 @@ +package intrusiveList + +import org.scalatest.funsuite.AnyFunSuite + +case class Elem(val t: Float) extends IntrusiveListElement +class IntrusiveListElemTest extends AnyFunSuite { + + test("basic") { + val x = IntrusiveList[Elem]() + val toInsert = Elem(10) + val f: IntrusiveListElement = x.append(toInsert) + assert(x.size == 1) + assert(f.last() == f) + assert(f eq toInsert) + } + + test("ListElem traversal") { + val x = Elem(10); + val p1 = x.insertBefore(Elem(9)) + assert(p1.hasNext) + assert(x.hasPrev) + assert(p1.getNext eq x) + + assert(x.getPrev eq p1) + assert(x.getPrev == Elem(9)) + val p2 = p1.insertBefore(Elem(8)) + assert(p2.getNext eq p1) + assert(p1.getPrev eq p2) + val p3 = p2.insertBefore(Elem(7)) + + assert(x.last() == x) + assert(p3.first() == p3) + + assert(p3.getNext eq p2) + assert(p2.getPrev eq p3) + + assert(x.first() eq p3) + assert(p3.last() eq x) + + p2.insertAfter(Elem(8.5)) + assert(p3.last() eq x) + + p3.insertAfter(Elem(7.5)) + assert(x.first() eq p3) + } + + test("ListElem remove") { + val p0 = Elem(10) + val p1 = p0.insertAfter(Elem(9)) + val p2 = p1.insertAfter(Elem(8)) + val p3 = p2.insertAfter(Elem(7)) + + p2.remove() + assert(p3.first() == p0) + assert(p0.last() == p3) + } + + test("ListElem remove2") { + val p0 = Elem(10) + val p1 = p0.insertAfter(Elem(9)) + val p2 = p1.insertAfter(Elem(8)) + val p3 = p2.insertAfter(Elem(7)) + + p2.remove() + assert(p3.first() == p0) + assert(p0.last() == p3) + } + + + + // test("IntrusiveList insertRemove") + + +} From aeba76247bc49fdc61e294a59b0f9a2d1dedcf0a Mon Sep 17 00:00:00 2001 From: Alistair Michael Date: Wed, 8 Nov 2023 15:15:01 +1000 Subject: [PATCH 05/42] refactor il to use intrusive list and fix intrusive list --- src/main/scala/analysis/Cfg.scala | 2 +- src/main/scala/ir/Block.scala | 7 +- src/main/scala/ir/IRCursor.scala | 249 ++++++++++++++---- src/main/scala/ir/Procedure.scala | 4 +- src/main/scala/ir/Statement.scala | 3 +- src/main/scala/ir/Visitor.scala | 11 +- src/main/scala/translating/BAPToIR.scala | 5 +- src/main/scala/translating/ILtoIL.scala | 8 +- src/main/scala/util/RunUtils.scala | 5 +- .../ir/IntrusiveListPublicInterfaceTest.scala | 131 ++++++++- 10 files changed, 355 insertions(+), 70 deletions(-) diff --git a/src/main/scala/analysis/Cfg.scala b/src/main/scala/analysis/Cfg.scala index 1c8881b8a..0415d6e02 100644 --- a/src/main/scala/analysis/Cfg.scala +++ b/src/main/scala/analysis/Cfg.scala @@ -688,7 +688,7 @@ class ProgramCfgFactory: block.statements.size match { case i if i > 0 => // Block contains some statements - val endStmt: CfgCommandNode = visitStmts(block.statements, prevBlockEnd, cond) + val endStmt: CfgCommandNode = visitStmts(ArrayBuffer.from(block.statements), prevBlockEnd, cond) visitJumps(block.jumps, endStmt, TrueLiteral, solitary = false) case _ => // Only jumps in this block diff --git a/src/main/scala/ir/Block.scala b/src/main/scala/ir/Block.scala index 714708c90..631dc5b77 100644 --- a/src/main/scala/ir/Block.scala +++ b/src/main/scala/ir/Block.scala @@ -1,14 +1,17 @@ package ir +import intrusiveList.IntrusiveList +import intrusiveList.IntrusiveListElement + import scala.collection.mutable.ArrayBuffer class Block( var label: String, var address: Option[Int], - var statements: ArrayBuffer[Statement], + var statements: IntrusiveList[Statement], var jumps: ArrayBuffer[Jump], var procedure: Procedure - ) { + ) extends IntrusiveListElement { //def addStatementAfter(statement: Statement, newStatement: Statement): Statement = { // val i = statements.indexOf(statement) diff --git a/src/main/scala/ir/IRCursor.scala b/src/main/scala/ir/IRCursor.scala index f259a9b77..7494917ae 100644 --- a/src/main/scala/ir/IRCursor.scala +++ b/src/main/scala/ir/IRCursor.scala @@ -1,74 +1,191 @@ package intrusiveList - -import collection.immutable.Seq import collection.mutable +final class IntrusiveList[T <: IntrusiveListElement] private (var numElems: Int, var firstElem: Option[T], var lastElem: Option[T]) extends mutable.Iterable[T], mutable.Growable[T]: + // invariant: + // numElems == first.length() + // if size == 0 then first == last == None + // else if size == 1 then first.get == last.get + // else first = last.get.first() && last == first.get.last() + // Growable + override def knownSize: Int = numElems -class IntrusiveList[T <: IntrusiveListElement](): + override def addOne(elem: T): IntrusiveList.this.type = { + append(elem) + this + } - private val list: mutable.HashSet[T] = mutable.HashSet.empty - // if size == 1 then first.get == last.get - private var first: Option[T] = None - private var last: Option[T] = None + override def clear(): Unit = { + while (size > 0) { + this.remove(lastElem.get) + } + } - def head(): T = first.get + override def addAll(xs: IterableOnce[T]): IntrusiveList.this.type = { + xs.iterator.foreach(append) + this + } + // end Growable + def this() = this(0, None, None) - def back(): T = last.get + // Iterable - def prepend(newElem: T): T = { - if (first.isDefined) { - first.get.insertBefore(newElem) + /* + * O(n); get nth element + */ + def apply(i: Int): T = { + // TODO: cache? + assert(i < size) + var elem = firstElem.get + for (c <- 0 until i) { + elem = elem.getNext.asInstanceOf[T] } - first = Some(newElem) - if (last.isEmpty) { - last = Some(newElem) + elem + } + + class IntrusiveListIterator(var elem: Option[IntrusiveListElement]) extends Iterator[T] { + override def hasNext: Boolean = elem.isDefined + override def next: T = { + val t = elem.get.asInstanceOf[T] + elem = t.next + t + } + } + + def iterator: Iterator[T] = IntrusiveListIterator(firstElem) + + // end Iterable + + + def iteratorFrom(elem: IntrusiveListElement): Iterator[T] = { + assert(elem.first() == firstElem.get) + IntrusiveListIterator(Some(elem)) + } + + // Implementation + + override def size: Int = numElems + + override def head(): T = firstElem.get + + private def containsRef(elem: T): Boolean = { + if (size == 0) { + false + } else { + firstElem.get.containsRef(elem) + } + } + + def contains(elem: T): Boolean = { + if (size == 0) { + false + } else { + firstElem.get.contains(elem) + } + } + + def back(): T = lastElem.get + + def prepend(newElem: T): T = { + assert(newElem.unitary) + assert(!containsRef(newElem)) + if (size > 0) { + insertBefore(firstElem.get, newElem) + } else { + firstElem = Some(newElem) + lastElem = Some(newElem) + numElems = 1 } - list.add(newElem) newElem } def append(newElem : T): T = { - if (last.isDefined) { - last.get.insertAfter(newElem) - } - last = Some(newElem) - if (first.isEmpty) { - first = Some(newElem) + assert(newElem.unitary) + assert(!containsRef(newElem)) + if (size > 0) { + insertAfter(lastElem.get, newElem) + } else { + firstElem = Some(newElem) + lastElem = Some(newElem) + numElems = 1 } - assert(list.add(newElem)) newElem } + def replace(elem: T, withElem: T): T = { + assert(containsRef(elem)) + if (elem ne withElem) { + assert(withElem.unitary) + assert(!containsRef(withElem)) + val newElem: T = insertAfter(elem, withElem) + val removed = remove(elem) + newElem + } else { + withElem + } + } + def remove(intrusiveListElement: T): T = { - list.remove(intrusiveListElement) + assert(size >= 0) + assert(containsRef(intrusiveListElement)) + numElems -= 1 + if (intrusiveListElement == lastElem.get) { + lastElem = intrusiveListElement.prev.asInstanceOf[Option[T]] + } + if (intrusiveListElement == firstElem.get) { + firstElem = intrusiveListElement.next.asInstanceOf[Option[T]] + } intrusiveListElement.remove().asInstanceOf[T] } - def insertAfter(intrusiveListElement: T, newElem: T): Unit = { - assert(list.contains(intrusiveListElement)) - list.add(intrusiveListElement.insertAfter(newElem).asInstanceOf[T]) - if (intrusiveListElement == last) { - last = Some(newElem) + + def insertAfter(intrusiveListElement: T, newElem: T): T = { + assert(size >= 1) + assert(containsRef(intrusiveListElement)) + assert(!containsRef(newElem)) + assert(newElem.unitary) + numElems += 1 + if (intrusiveListElement == lastElem.get) { + lastElem = Some(newElem) } + intrusiveListElement.insertAfter(newElem).asInstanceOf[T] } - def insertBefore(intrusiveListElement: T, newElem: T): Unit = { - assert(list.contains(intrusiveListElement)) - list.add(intrusiveListElement.insertBefore(newElem).asInstanceOf[T]) - if (intrusiveListElement == first) { - first = Some(newElem) + def insertBefore(intrusiveListElement: T, newElem: T): T = { + assert(size >= 1) + assert(containsRef(intrusiveListElement)) + assert(!containsRef(newElem)) + assert(newElem.unitary) + numElems += 1 + if (intrusiveListElement == firstElem.get) { + firstElem = Some(newElem) } + intrusiveListElement.insertBefore(newElem).asInstanceOf[T] } - def size: Int = list.size + def getNext(elem: T): T = { + elem.getNext.asInstanceOf[T] + } + + def hasNext(elem: T): Boolean = { + elem.hasNext + } + + def hasPrev(elem: T): Boolean = { + elem.hasPrev + } + + def getPrev(elem: T): T = { + elem.getPrev.asInstanceOf[T] + } trait IntrusiveListElement: - private var next: Option[IntrusiveListElement] = None - private var prev: Option[IntrusiveListElement] = None - private[intrusiveList] def insertBefore(elem: IntrusiveListElement): IntrusiveListElement = { + private[intrusiveList] var next: Option[IntrusiveListElement] = None + private[intrusiveList] var prev: Option[IntrusiveListElement] = None + private[intrusiveList] final def insertBefore(elem: IntrusiveListElement): IntrusiveListElement = { elem.prev = prev if (prev.isDefined) { prev.get.next = Some(elem) @@ -78,7 +195,10 @@ trait IntrusiveListElement: elem } - private[intrusiveList] def insertAfter(elem: IntrusiveListElement): IntrusiveListElement = { + private[intrusiveList] final def unitary: Boolean = next.isEmpty && prev.isEmpty + + + private[intrusiveList] final def insertAfter(elem: IntrusiveListElement): IntrusiveListElement = { if (next.isDefined) { next.get.prev = Some(elem) } @@ -88,45 +208,75 @@ trait IntrusiveListElement: elem } - private[intrusiveList] def remove(): IntrusiveListElement = { + private[intrusiveList] final def replace(elem: IntrusiveListElement): IntrusiveListElement = { + insertAfter(elem) + remove() + elem + } + + private[intrusiveList] final def remove(): IntrusiveListElement = { if (next.isDefined) { next.get.prev = prev } if (prev.isDefined) { prev.get.next = next } + this.next = None + this.prev = None this } - private[intrusiveList] def append(elem: IntrusiveListElement): IntrusiveListElement = { + private[intrusiveList] final def append(elem: IntrusiveListElement): IntrusiveListElement = { last().insertAfter(elem) } - private[intrusiveList] def prepend(elem: IntrusiveListElement): IntrusiveListElement = { + private[intrusiveList] final def prepend(elem: IntrusiveListElement): IntrusiveListElement = { first().insertBefore(elem) } - private[intrusiveList] def getNext: IntrusiveListElement = next.get + private[intrusiveList] final def getNext: IntrusiveListElement = next.get - private[intrusiveList] def getPrev: IntrusiveListElement = prev.get + private[intrusiveList] final def getPrev: IntrusiveListElement = prev.get - private[intrusiveList] def hasNext: Boolean = next.isDefined - private[intrusiveList] def hasPrev: Boolean = prev.isDefined + private[intrusiveList] final def hasNext: Boolean = next.isDefined + private[intrusiveList] final def hasPrev: Boolean = prev.isDefined - private[intrusiveList] def last(): IntrusiveListElement = { + private[intrusiveList] final def last(): IntrusiveListElement = { next match { case Some(n) => n.last() case None => this } } - private[intrusiveList] def first(): IntrusiveListElement = { + private[intrusiveList] final def first(): IntrusiveListElement = { prev match { case Some(n) => n.first() case None => this } } + private[intrusiveList] final def splice(at: IntrusiveListElement, insertBegin: IntrusiveListElement, + insertEnd: IntrusiveListElement): Unit = { + assert(insertEnd.last() == insertEnd) + assert(insertBegin.last() == insertEnd) + assert(insertBegin.first() == insertBegin) + assert(insertEnd.first() == insertBegin) + assert(!at.contains(insertBegin)) + + at.next.foreach(_.prev = Some(insertEnd)) + insertBegin.prev = Some(at) + at.next = Some(insertBegin) + + } + + private[intrusiveList] final def contains(elem: IntrusiveListElement): Boolean = { + elem.first() == first() + } + + private[intrusiveList] final def containsRef(elem: IntrusiveListElement): Boolean = { + elem.first() eq first() + } + @@ -142,5 +292,4 @@ trait IntrusiveListElement: // // } // //} // -// -//} +// \ No newline at end of file diff --git a/src/main/scala/ir/Procedure.scala b/src/main/scala/ir/Procedure.scala index b4606f599..a9d84cb2f 100644 --- a/src/main/scala/ir/Procedure.scala +++ b/src/main/scala/ir/Procedure.scala @@ -4,11 +4,13 @@ import boogie.{BParam, BVariable, BitVecBType, BoolBType} import scala.collection.mutable import scala.collection.mutable.ArrayBuffer +import intrusiveList.IntrusiveList +import intrusiveList.IntrusiveListElement class Procedure( var name: String, var address: Option[Int], - var blocks: ArrayBuffer[Block], + var blocks: IntrusiveList[Block], var in: ArrayBuffer[Parameter], var out: ArrayBuffer[Parameter] ) { diff --git a/src/main/scala/ir/Statement.scala b/src/main/scala/ir/Statement.scala index 4074f7b7f..a2434e506 100644 --- a/src/main/scala/ir/Statement.scala +++ b/src/main/scala/ir/Statement.scala @@ -1,4 +1,5 @@ package ir +import intrusiveList.IntrusiveListElement sealed trait Command { val label: Option[String] @@ -11,7 +12,7 @@ sealed trait Command { } -sealed trait Statement extends Command { +sealed trait Statement extends Command with IntrusiveListElement { def modifies: Set[Global] = Set() //def locals: Set[Variable] = Set() def acceptVisit(visitor: Visitor): Statement = throw new Exception( diff --git a/src/main/scala/ir/Visitor.scala b/src/main/scala/ir/Visitor.scala index c121bfc4b..dadeee222 100644 --- a/src/main/scala/ir/Visitor.scala +++ b/src/main/scala/ir/Visitor.scala @@ -2,6 +2,7 @@ package ir import scala.collection.mutable.ArrayBuffer import scala.collection.mutable +import intrusiveList.IntrusiveList abstract class Visitor { @@ -52,8 +53,8 @@ abstract class Visitor { } def visitBlock(node: Block): Block = { - for (i <- node.statements.indices) { - node.statements(i) = visitStatement(node.statements(i)) + for (s <- node.statements) { + node.statements.replace(s, visitStatement(s)) } for (i <- node.jumps.indices) { node.jumps(i) = visitJump(node.jumps(i)) @@ -62,8 +63,8 @@ abstract class Visitor { } def visitProcedure(node: Procedure): Procedure = { - for (i <- node.blocks.indices) { - node.blocks(i) = visitBlock(node.blocks(i)) + for (b <- node.blocks) { + node.blocks.replace(b, visitBlock(b)) } for (i <- node.in.indices) { node.in(i) = visitParameter(node.in(i)) @@ -318,7 +319,7 @@ class ExternalRemover(external: Set[String]) extends Visitor { if (external.contains(node.name)) { // update the modifies set before removing the body node.modifies.addAll(node.blocks.flatMap(_.modifies)) - node.blocks = ArrayBuffer() + node.blocks = IntrusiveList() } super.visitProcedure(node) } diff --git a/src/main/scala/translating/BAPToIR.scala b/src/main/scala/translating/BAPToIR.scala index 0a0cc5478..ff9c78985 100644 --- a/src/main/scala/translating/BAPToIR.scala +++ b/src/main/scala/translating/BAPToIR.scala @@ -6,6 +6,7 @@ import specification._ import scala.collection.mutable import scala.collection.mutable.Map import scala.collection.mutable.ArrayBuffer +import intrusiveList.IntrusiveList class BAPToIR(var program: BAPProgram, mainAddress: Int) { @@ -16,13 +17,13 @@ class BAPToIR(var program: BAPProgram, mainAddress: Int) { var mainProcedure: Option[Procedure] = None val procedures: ArrayBuffer[Procedure] = ArrayBuffer() for (s <- program.subroutines) { - val blocks: ArrayBuffer[Block] = ArrayBuffer() + val blocks: IntrusiveList[Block] = IntrusiveList[Block]() val in: ArrayBuffer[Parameter] = ArrayBuffer() val out: ArrayBuffer[Parameter] = ArrayBuffer() val procedure = Procedure(s.name, Some(s.address), blocks, in, out) for (b <- s.blocks) { - val block = Block(b.label, b.address, ArrayBuffer(), ArrayBuffer(), procedure) + val block = Block(b.label, b.address, IntrusiveList(), ArrayBuffer(), procedure) blocks.append(block) labelToBlock.addOne(b.label, block) } diff --git a/src/main/scala/translating/ILtoIL.scala b/src/main/scala/translating/ILtoIL.scala index 18cfa8d57..41338723f 100644 --- a/src/main/scala/translating/ILtoIL.scala +++ b/src/main/scala/translating/ILtoIL.scala @@ -96,9 +96,9 @@ private class ILSerialiser extends ReadOnlyVisitor { program ++= "statements(\n" indentLevel += 1 - for (i <- node.statements.indices) { + for (s <- node.statements) { program ++= getIndent() - visitStatement(node.statements(i)) + visitStatement(s) program ++= "\n" } indentLevel -= 1 @@ -138,8 +138,8 @@ private class ILSerialiser extends ReadOnlyVisitor { } program ++= "), " program ++= "blocks(\n" - for (i <- node.blocks.indices) { - visitBlock(node.blocks(i)) + for (b <- node.blocks) { + visitBlock(b) } program ++= ")),\n" indentLevel -= 1 diff --git a/src/main/scala/util/RunUtils.scala b/src/main/scala/util/RunUtils.scala index 56965a54a..e2c0ad4ce 100644 --- a/src/main/scala/util/RunUtils.scala +++ b/src/main/scala/util/RunUtils.scala @@ -18,6 +18,7 @@ import org.antlr.v4.runtime.tree.ParseTreeWalker import org.antlr.v4.runtime.{CharStreams, CommonTokenStream} import translating.* import util.Logger +import intrusiveList.IntrusiveList import scala.collection.mutable @@ -336,7 +337,7 @@ object RunUtils { val newBlocks = for (t <- targets) yield { val newLabel: String = block.label + t.name - val newBlock = Block(newLabel, None, ArrayBuffer(), ArrayBuffer(), procedure) + val newBlock = Block(newLabel, None, IntrusiveList(), ArrayBuffer(), procedure) val assume = Assume(BinaryExpr(BVEQ, indirectCall.target, BitVecLiteral(t.address.get, 64)), newBlock) val directCall = DirectCall(t, indirectCall.returnTarget, newBlock) newBlock.statements.addOne(assume) @@ -357,7 +358,7 @@ object RunUtils { } def addFakeProcedure(name: String): Unit = { - IRProgram.procedures += Procedure(name, None, ArrayBuffer(), ArrayBuffer(), ArrayBuffer()) + IRProgram.procedures += Procedure(name, None, IntrusiveList(), ArrayBuffer(), ArrayBuffer()) } def resolveAddresses(valueSet: Set[Value]): Set[AddressValue] = { diff --git a/src/test/scala/ir/IntrusiveListPublicInterfaceTest.scala b/src/test/scala/ir/IntrusiveListPublicInterfaceTest.scala index 183f0b527..5c6666a74 100644 --- a/src/test/scala/ir/IntrusiveListPublicInterfaceTest.scala +++ b/src/test/scala/ir/IntrusiveListPublicInterfaceTest.scala @@ -6,7 +6,38 @@ case class Elem(val t: Float) extends IntrusiveListElement class IntrusiveListPublicInterfaceTest extends AnyFunSuite { - test("general stuff") { + def getSequentialList(elems: Int = 15) : IntrusiveList[Elem] = { + val x = IntrusiveList[Elem]() + + for (i <- 0 until elems) { + x.append(Elem(i)) + } + x + } + + test("append size iter vals") { + + val x = IntrusiveList[Elem]() + + for (i <- 0 until 15) { + assert(x.size == i) + x.append(Elem(i)) + assert(x.size == i + 1) + } + + var j = 0 + for (v <- x) { + assert(v.t == j) + j += 1 + } + + assert(x(0).t == 0) + assert(x(1).t == 1) + assert(x(5).t == 5) + + } + + test("Append") { val x = IntrusiveList[Elem]() val toInsert = Elem(10) val f = x.append(toInsert) @@ -18,11 +49,107 @@ class IntrusiveListPublicInterfaceTest extends AnyFunSuite { x.append(Elem(13)) x.append(Elem(14)) - var y = x.head() + x.foreach(println(_)) + + val y = x.head() assert(y.t == 10) assert(x.back().t == 14) + } + + test("Clear") { + val l = getSequentialList(15) + assert(l.size == 15) + l.clear() + assert(l.size == 0) + + for (e <- l) { + assert(false) + } + } + test("Replace diff") { + val l = getSequentialList(5) + val old = Array.from(l) + assert(l(2).t == 2) + assert(l.size == 5) + l.replace(l(2), Elem(100)) + assert(l.size == 5) + assert(l(2).t == 100) + for (i <- 0 until 5) { + if (i != 2) { + assert(l(i) == old(i)) + } + } } + test("Replace same") { + val l = getSequentialList(5) + val old = Array.from(l) + + assert(l(2).t == 2) + l.replace(l(2), l(2)) + assert(l.size == 5) + + for (i <- 0 until 5) { + assert(l(i) == old(i)) + } + } + + test("Swap list elems remove/insertAfter") { + val l = getSequentialList(5) + val old = Array.from(l) + + assert(l(2).t == 2) + val removed = l.remove(l(2)) + l.insertAfter(l(2), removed) + assert(l.size == 5) + assert(l(2).t == 3) + assert(l(3).t == 2) + + for (i <- 0 until 5) { + if (i != 2 && i != 3) { + assert(l(i) == old(i)) + } + } + } + + test("Prepend") { + val l = IntrusiveList[Elem]() + for (i <- 0 until 5) { + l.prepend(Elem(i)) + } + assert(l.size == 5) + + for (i <- 0 until 5) { + assert(l(i).t == 4 - i) + } + } + + test("prep/append") { + val l = IntrusiveList[Elem]() + for (i <- 0 until 5) { + l.prepend(Elem(i)) + l.append(Elem(i)) + } + assert(l.size == 10) + + for (i <- 0 until 5) { + assert(l(i).t == 4 - i) + } + for (i <- 0 until 5) { + assert(l(5 + i).t == i) + } + } + + test("iteratorFrom") { + val l = getSequentialList(10) + val it = l.iteratorFrom(l(2)) + assert(it.hasNext) + assert(it.next().t == 2) + assert(l.iteratorFrom(l(2)).length == 8) + assert(it.length == 7) + } + + } From c270d15506306473155cc315c3b0b338b808d28d Mon Sep 17 00:00:00 2001 From: Alistair Michael Date: Thu, 9 Nov 2023 13:39:50 +1000 Subject: [PATCH 06/42] initial work to add backwards intraproc links to IL --- src/main/scala/analysis/Cfg.scala | 11 +- src/main/scala/ir/Block.scala | 66 +++- src/main/scala/ir/IRCursor.scala | 352 ++++-------------- src/main/scala/ir/Interpreter.scala | 6 +- src/main/scala/ir/Procedure.scala | 3 +- src/main/scala/ir/Program.scala | 4 +- src/main/scala/ir/Statement.scala | 74 +++- src/main/scala/ir/Visitor.scala | 9 +- src/main/scala/translating/BAPToIR.scala | 8 +- src/main/scala/translating/ILtoIL.scala | 11 +- src/main/scala/translating/IRToBoogie.scala | 9 +- src/main/scala/util/IntrusiveList.scala | 296 +++++++++++++++ src/main/scala/util/RunUtils.scala | 13 +- .../ir/IntrusiveListPublicInterfaceTest.scala | 10 + 14 files changed, 537 insertions(+), 335 deletions(-) create mode 100644 src/main/scala/util/IntrusiveList.scala diff --git a/src/main/scala/analysis/Cfg.scala b/src/main/scala/analysis/Cfg.scala index 0415d6e02..601d35d6b 100644 --- a/src/main/scala/analysis/Cfg.scala +++ b/src/main/scala/analysis/Cfg.scala @@ -744,7 +744,7 @@ class ProgramCfgFactory: * @param solitary * `True` if this block contains no statements, `False` otherwise */ - def visitJumps(jmps: ArrayBuffer[Jump], prevNode: CfgNode, cond: Expr, solitary: Boolean): Unit = { + def visitJumps(jmps: Iterable[Jump], prevNode: CfgNode, cond: Expr, solitary: Boolean): Unit = { val jmpNode: CfgJumpNode = CfgJumpNode(data = jmps.head, block = block, parent = funcEntryNode) var precNode: CfgNode = prevNode @@ -759,8 +759,8 @@ class ProgramCfgFactory: Currently we display these nodes in the DOT view of the CFG, however these could be hidden if desired. */ jmps.head match { - case jmp: GoTo => - // `GoTo`s are just edges, so introduce a fake `start of block` that can be jmp'd to + case jmp: DetGoTo => + // `DetGoTo`s are just edges, so introduce a fake `start of block` that can be jmp'd to val ghostNode = CfgGhostNode(block = block, parent = funcEntryNode, data = NOP(jmp.label, block)) cfg.addEdge(prevNode, ghostNode, cond) precNode = ghostNode @@ -774,7 +774,7 @@ class ProgramCfgFactory: // TODO this is not a robust approach jmps.head match { - case goto: GoTo => + case goto: DetGoTo => // Process first jump var targetBlock: Block = goto.target var targetCond: Expr = goto.condition match { @@ -793,7 +793,7 @@ class ProgramCfgFactory: /* TODO it is not a safe assumption that there are a maximum of two jumps, or that a GoTo will follow a GoTo */ if (targetCond != TrueLiteral) { - val secondGoto: GoTo = jmps.tail.head.asInstanceOf[GoTo] + val secondGoto: DetGoTo = jmps.tail.head.asInstanceOf[DetGoTo] targetBlock = secondGoto.target // IR doesn't store negation of condition, so we must do it manually targetCond = negateConditional(targetCond) @@ -889,7 +889,6 @@ class ProgramCfgFactory: cfg.addEdge(jmpNode, noReturn) cfg.addEdge(noReturn, funcExitNode) } - case _ => assert(false, s"unexpected jump encountered, jumps: $jmps") } // `jmps.head` match } // `visitJumps` function } // `visitBlocks` function diff --git a/src/main/scala/ir/Block.scala b/src/main/scala/ir/Block.scala index 631dc5b77..bc09a45b6 100644 --- a/src/main/scala/ir/Block.scala +++ b/src/main/scala/ir/Block.scala @@ -1,28 +1,82 @@ package ir +import collection.mutable +import scala.collection.immutable import intrusiveList.IntrusiveList import intrusiveList.IntrusiveListElement import scala.collection.mutable.ArrayBuffer -class Block( - var label: String, +class Block private + (var label: String, var address: Option[Int], - var statements: IntrusiveList[Statement], - var jumps: ArrayBuffer[Jump], - var procedure: Procedure + val statements: IntrusiveList[Statement], + // invariant: all Goto targets are disjoint + private val _jumps: mutable.HashSet[GoTo], + private val _calls: mutable.HashSet[Call], + val incomingJumps: mutable.HashSet[Block], + val parent: Procedure ) extends IntrusiveListElement { + + def this(label: String, address: Option[Int], statements: IterableOnce[Statement], jumps: IterableOnce[GoTo], calls: IterableOnce[Call], parent: Procedure) = { + this(label, address, IntrusiveList.from(statements), mutable.HashSet.from(jumps), mutable.HashSet.from(calls), mutable.HashSet.empty, parent) + } + + def jumps: immutable.Set[Jump] = (_jumps ++ _calls) to immutable.Set + + + def addJump(j: Jump): Boolean = { + j match { + case g: GoTo => _jumps.add(g) + case c: Call => _calls.add(c) + } + } + + def removeJump(j: Jump) = { + // assume you do not have two jumps to the same block from this block; would'nt make sense + j match { + case g: DetGoTo => { + g.target.incomingJumps.remove(this) + _jumps.remove(g) + } + case g: NonDetGoTo => { + g.targets.foreach(t => t.incomingJumps.remove(this)) + _jumps.remove(g) + } + case c: Call => _calls.remove(c) + } + } + + def replaceJump(j: Jump, newJ: Jump) : Unit = { + if (j eq newJ) { + // GoTo/Call is responsible for maintaining the CFG if it is modified in-place + return + } + (j, newJ) match { + case (g: GoTo, f: GoTo) => { + removeJump(j) + addJump(newJ) + } + case (g: Call, f: Call) => replaceJump(g,f) + case (_, _) => throw Exception("Programmer error: must replace with same type") + } + } + //def addStatementAfter(statement: Statement, newStatement: Statement): Statement = { // val i = statements.indexOf(statement) // statements.insert(i, newStatement) //} - def calls: Set[Procedure] = jumps.flatMap(_.calls).toSet + def calls: Set[Procedure] = _calls.flatMap(_.calls).toSet def modifies: Set[Global] = statements.flatMap(_.modifies).toSet //def locals: Set[Variable] = statements.flatMap(_.locals).toSet ++ jumps.flatMap(_.locals).toSet + + def calledBy: Set[Block] = { + Set.empty + } override def toString: String = { // display all statements and jumps diff --git a/src/main/scala/ir/IRCursor.scala b/src/main/scala/ir/IRCursor.scala index 7494917ae..c836ee7aa 100644 --- a/src/main/scala/ir/IRCursor.scala +++ b/src/main/scala/ir/IRCursor.scala @@ -1,295 +1,79 @@ -package intrusiveList -import collection.mutable - - -final class IntrusiveList[T <: IntrusiveListElement] private (var numElems: Int, var firstElem: Option[T], var lastElem: Option[T]) extends mutable.Iterable[T], mutable.Growable[T]: - // invariant: - // numElems == first.length() - - // if size == 0 then first == last == None - // else if size == 1 then first.get == last.get - // else first = last.get.first() && last == first.get.last() - - // Growable - override def knownSize: Int = numElems - - override def addOne(elem: T): IntrusiveList.this.type = { - append(elem) - this - } - - override def clear(): Unit = { - while (size > 0) { - this.remove(lastElem.get) - } - } - - override def addAll(xs: IterableOnce[T]): IntrusiveList.this.type = { - xs.iterator.foreach(append) - this - } - // end Growable - def this() = this(0, None, None) - - // Iterable - - /* - * O(n); get nth element - */ - def apply(i: Int): T = { - // TODO: cache? - assert(i < size) - var elem = firstElem.get - for (c <- 0 until i) { - elem = elem.getNext.asInstanceOf[T] - } - elem - } - - class IntrusiveListIterator(var elem: Option[IntrusiveListElement]) extends Iterator[T] { - override def hasNext: Boolean = elem.isDefined - override def next: T = { - val t = elem.get.asInstanceOf[T] - elem = t.next - t - } - } - - def iterator: Iterator[T] = IntrusiveListIterator(firstElem) - - // end Iterable - - - def iteratorFrom(elem: IntrusiveListElement): Iterator[T] = { - assert(elem.first() == firstElem.get) - IntrusiveListIterator(Some(elem)) - } - - // Implementation - - override def size: Int = numElems - - override def head(): T = firstElem.get - - private def containsRef(elem: T): Boolean = { - if (size == 0) { - false - } else { - firstElem.get.containsRef(elem) - } - } - - def contains(elem: T): Boolean = { - if (size == 0) { - false - } else { - firstElem.get.contains(elem) - } - } - - def back(): T = lastElem.get - - def prepend(newElem: T): T = { - assert(newElem.unitary) - assert(!containsRef(newElem)) - if (size > 0) { - insertBefore(firstElem.get, newElem) - } else { - firstElem = Some(newElem) - lastElem = Some(newElem) - numElems = 1 - } - newElem - } - - def append(newElem : T): T = { - assert(newElem.unitary) - assert(!containsRef(newElem)) - if (size > 0) { - insertAfter(lastElem.get, newElem) - } else { - firstElem = Some(newElem) - lastElem = Some(newElem) - numElems = 1 - } - newElem - } - - def replace(elem: T, withElem: T): T = { - assert(containsRef(elem)) - if (elem ne withElem) { - assert(withElem.unitary) - assert(!containsRef(withElem)) - val newElem: T = insertAfter(elem, withElem) - val removed = remove(elem) - newElem - } else { - withElem - } - } - - def remove(intrusiveListElement: T): T = { - assert(size >= 0) - assert(containsRef(intrusiveListElement)) - numElems -= 1 - if (intrusiveListElement == lastElem.get) { - lastElem = intrusiveListElement.prev.asInstanceOf[Option[T]] - } - if (intrusiveListElement == firstElem.get) { - firstElem = intrusiveListElement.next.asInstanceOf[Option[T]] - } - intrusiveListElement.remove().asInstanceOf[T] - } - - - def insertAfter(intrusiveListElement: T, newElem: T): T = { - assert(size >= 1) - assert(containsRef(intrusiveListElement)) - assert(!containsRef(newElem)) - assert(newElem.unitary) - numElems += 1 - if (intrusiveListElement == lastElem.get) { - lastElem = Some(newElem) - } - intrusiveListElement.insertAfter(newElem).asInstanceOf[T] - } - - def insertBefore(intrusiveListElement: T, newElem: T): T = { - assert(size >= 1) - assert(containsRef(intrusiveListElement)) - assert(!containsRef(newElem)) - assert(newElem.unitary) - numElems += 1 - if (intrusiveListElement == firstElem.get) { - firstElem = Some(newElem) - } - intrusiveListElement.insertBefore(newElem).asInstanceOf[T] - } - - def getNext(elem: T): T = { - elem.getNext.asInstanceOf[T] - } - - def hasNext(elem: T): Boolean = { - elem.hasNext - } - - def hasPrev(elem: T): Boolean = { - elem.hasPrev - } - - def getPrev(elem: T): T = { - elem.getPrev.asInstanceOf[T] - } - -trait IntrusiveListElement: - private[intrusiveList] var next: Option[IntrusiveListElement] = None - private[intrusiveList] var prev: Option[IntrusiveListElement] = None - private[intrusiveList] final def insertBefore(elem: IntrusiveListElement): IntrusiveListElement = { - elem.prev = prev - if (prev.isDefined) { - prev.get.next = Some(elem) - } - prev = Some(elem) - elem.next = Some(this) - elem - } - - private[intrusiveList] final def unitary: Boolean = next.isEmpty && prev.isEmpty - - - private[intrusiveList] final def insertAfter(elem: IntrusiveListElement): IntrusiveListElement = { - if (next.isDefined) { - next.get.prev = Some(elem) - } - elem.next = next - next = Some(elem) - elem.prev = Some(this) - elem - } - - private[intrusiveList] final def replace(elem: IntrusiveListElement): IntrusiveListElement = { - insertAfter(elem) - remove() - elem - } - - private[intrusiveList] final def remove(): IntrusiveListElement = { - if (next.isDefined) { - next.get.prev = prev - } - if (prev.isDefined) { - prev.get.next = next - } - this.next = None - this.prev = None - this - } - - private[intrusiveList] final def append(elem: IntrusiveListElement): IntrusiveListElement = { - last().insertAfter(elem) - } - - private[intrusiveList] final def prepend(elem: IntrusiveListElement): IntrusiveListElement = { - first().insertBefore(elem) - } - - private[intrusiveList] final def getNext: IntrusiveListElement = next.get - - private[intrusiveList] final def getPrev: IntrusiveListElement = prev.get - - private[intrusiveList] final def hasNext: Boolean = next.isDefined - private[intrusiveList] final def hasPrev: Boolean = prev.isDefined - - private[intrusiveList] final def last(): IntrusiveListElement = { - next match { - case Some(n) => n.last() - case None => this +package ir + +enum PositionType { + case Before, After, On +} + +// intra-procedural +type ILPosition = Procedure | Block | Command +type CFGPosition = Procedure | Block | Command | ProcedureUnknownJump | ProcedureReturn + +// Interprocedural +// position = (call string) + Position + +case class ProcedureUnknownJump(pos: CFGPosition) +case class ProcedureReturn(procedure: Procedure, pos: CFGPosition) + +case class IntraProcIRCursor(pos: CFGPosition) { + + def succ(): Set[CFGPosition] = { + pos match { + case s: Statement => + if (s.parent.statements.hasNext(s)) { + Set(s.parent.statements.getNext(s)) + } else { + s.parent.jumps.toSet + } + case j: Jump => j match { + case g: DetGoTo => Set[CFGPosition](g.target) + case n: NonDetGoTo => n.targets.toSet + case c: DirectCall => c.returnTarget match + case Some(b) => Set(b) + case None => Set(ProcedureUnknownJump(c)) + case i: IndirectCall => i match + case IndirectCall(v, parent, ret, label) => + if (v.name == "R30") { + Set(ProcedureReturn(parent.parent, pos)) + } else { + ret match + case Some(block) => Set(block) + case None => Set(ProcedureUnknownJump(pos)) + } } - } - - private[intrusiveList] final def first(): IntrusiveListElement = { - prev match { - case Some(n) => n.first() - case None => this + case b: Block => Set[CFGPosition](b.statements.head()) + case proc: Procedure => Set(proc.blocks.head()) + case _: ProcedureUnknownJump => Set() + case _: ProcedureReturn => Set() } } - private[intrusiveList] final def splice(at: IntrusiveListElement, insertBegin: IntrusiveListElement, - insertEnd: IntrusiveListElement): Unit = { - assert(insertEnd.last() == insertEnd) - assert(insertBegin.last() == insertEnd) - assert(insertBegin.first() == insertBegin) - assert(insertEnd.first() == insertBegin) - assert(!at.contains(insertBegin)) - at.next.foreach(_.prev = Some(insertEnd)) - insertBegin.prev = Some(at) - at.next = Some(insertBegin) - - } - - private[intrusiveList] final def contains(elem: IntrusiveListElement): Boolean = { - elem.first() == first() + def pred(): Set[CFGPosition] = { + pos match { + case s: Statement => + if (s.parent.statements.hasPrev(s)) { + Set(s.parent.statements.getPrev(s)) + } else { + Set(s.parent) // predecessor blocks + } + case j: Jump => Set(j.parent.statements.last) + case b: Block => ??? // predecessor edges + case proc: Procedure => Set() + case r: ProcedureUnknownJump => Set(r.pos) + case r: ProcedureReturn => Set(r.pos) + } } - private[intrusiveList] final def containsRef(elem: IntrusiveListElement): Boolean = { - elem.first() eq first() - } + //def succ() : Seq(IRCursor) = { + // position match { + // case p: Procedure => Seq(IRCursor(p.blocks.head)) + // case b: Block => Seq(IRCursor(b.statements.head)) + // case s: Statement => Seq(s.parent.statements.ne()) + // } +} -//type Position = Procedure | Block | Statement -//class IRCursor(val position: Position) { -// -// //def succ() : Seq(IRCursor) = { -// // position match { -// // case p: Procedure => Seq(IRCursor(p.blocks.head)) -// // case b: Block => Seq(IRCursor(b.statements.head)) -// // case s: Statement => Seq(s.parent.statements.ne()) -// -// // } -// //} -// -// \ No newline at end of file +object IRCursor { +} diff --git a/src/main/scala/ir/Interpreter.scala b/src/main/scala/ir/Interpreter.scala index 6f793bbf5..a25fc485b 100644 --- a/src/main/scala/ir/Interpreter.scala +++ b/src/main/scala/ir/Interpreter.scala @@ -191,7 +191,8 @@ class Interpreter() { for ((jump, index) <- b.jumps.zipWithIndex) { Logger.debug(s"jump[$index]:") jump match { - case gt: GoTo => + case gt: NonDetGoTo => ??? + case gt: DetGoTo => Logger.debug(s"$gt") gt.condition match { case Some(value) => @@ -250,7 +251,8 @@ class Interpreter() { Logger.debug(s"MemoryAssign ${assign.lhs} := 0x${value.toString(16)}[u$size]\n") case _ => throw new Exception("cannot register non-bitvectors") } - + case _ : NOP => () + case _ : Assume => () case assert: Assert => Logger.debug(assert) ??? diff --git a/src/main/scala/ir/Procedure.scala b/src/main/scala/ir/Procedure.scala index a9d84cb2f..3f999e44e 100644 --- a/src/main/scala/ir/Procedure.scala +++ b/src/main/scala/ir/Procedure.scala @@ -5,7 +5,6 @@ import boogie.{BParam, BVariable, BitVecBType, BoolBType} import scala.collection.mutable import scala.collection.mutable.ArrayBuffer import intrusiveList.IntrusiveList -import intrusiveList.IntrusiveListElement class Procedure( var name: String, @@ -68,7 +67,7 @@ class Procedure( visitedBlocks.add(b) for (j <- b.jumps) { j match { - case g: GoTo => visitBlock(g.target) + case g: DetGoTo => visitBlock(g.target) case d: DirectCall => d.returnTarget.foreach(visitBlock) case i: IndirectCall => i.returnTarget.foreach(visitBlock) case n: NonDetGoTo => n.targets.foreach(visitBlock) diff --git a/src/main/scala/ir/Program.scala b/src/main/scala/ir/Program.scala index 162badfea..8fa0c5250 100644 --- a/src/main/scala/ir/Program.scala +++ b/src/main/scala/ir/Program.scala @@ -5,7 +5,9 @@ import scala.collection.mutable import boogie.* import analysis.BitVectorEval -class Program(var procedures: ArrayBuffer[Procedure], var mainProcedure: Procedure, var initialMemory: ArrayBuffer[MemorySection], var readOnlyMemory: ArrayBuffer[MemorySection]) { +class Program(var procedures: ArrayBuffer[Procedure], var mainProcedure: Procedure, + var initialMemory: ArrayBuffer[MemorySection], + var readOnlyMemory: ArrayBuffer[MemorySection]) { // This shouldn't be run before indirect calls are resolved? def stripUnreachableFunctions(): Unit = { diff --git a/src/main/scala/ir/Statement.scala b/src/main/scala/ir/Statement.scala index a2434e506..1e5287dfd 100644 --- a/src/main/scala/ir/Statement.scala +++ b/src/main/scala/ir/Statement.scala @@ -1,5 +1,7 @@ package ir import intrusiveList.IntrusiveListElement +import collection.mutable + sealed trait Command { val label: Option[String] @@ -31,7 +33,7 @@ class LocalAssign(var lhs: Variable, var rhs: Expr, var parent: Block, override } object LocalAssign: - def unapply(l: LocalAssign): Option[(Variable, Expr, Option[String])] = Some(l.lhs, l.rhs, l.label) + def unapply(l: LocalAssign): Option[(Variable, Expr, Block, Option[String])] = Some(l.lhs, l.rhs, l.parent, l.label) class MemoryAssign(var lhs: Memory, var rhs: MemoryStore, var parent: Block, override val label: Option[String] = None) extends Statement { override def modifies: Set[Global] = Set(lhs) @@ -41,7 +43,7 @@ class MemoryAssign(var lhs: Memory, var rhs: MemoryStore, var parent: Block, ov } object MemoryAssign: - def unapply(m: MemoryAssign): Option[(Memory, MemoryStore, Option[String])] = Some(m.lhs, m.rhs, m.label) + def unapply(m: MemoryAssign): Option[(Memory, MemoryStore, Block, Option[String])] = Some(m.lhs, m.rhs, m.parent, m.label) case class NOP(override val label: Option[String] = None, var parent: Block) extends Statement { override def toString: String = s"$labelStr" @@ -54,7 +56,7 @@ class Assert(var body: Expr, var parent: Block, var comment: Option[String] = No } object Assert: - def unapply(a: Assert): Option[(Expr, Option[String], Option[String])] = Some(a.body, a.comment, a.label) + def unapply(a: Assert): Option[(Expr, Block, Option[String], Option[String])] = Some(a.body, a.parent, a.comment, a.label) class Assume(var body: Expr, var parent: Block, var comment: Option[String] = None, override val label: Option[String] = None) extends Statement { override def toString: String = s"${labelStr}assume $body" + comment.map(" //" + _) @@ -62,34 +64,78 @@ class Assume(var body: Expr, var parent: Block, var comment: Option[String] = N } object Assume: - def unapply(a: Assume): Option[(Expr, Option[String], Option[String])] = Some(a.body, a.comment, a.label) + def unapply(a: Assume): Option[(Expr, Block, Option[String], Option[String])] = Some(a.body, a.parent, a.comment, a.label) -trait Jump extends Command { +sealed trait Jump extends Command { def modifies: Set[Global] = Set() //def locals: Set[Variable] = Set() def calls: Set[Procedure] = Set() def acceptVisit(visitor: Visitor): Jump = throw new Exception("visitor " + visitor + " unimplemented for: " + this) } -class GoTo(var target: Block, var parent: Block, var condition: Option[Expr], override val label: Option[String] = None) extends Jump { + +sealed trait GoTo extends Jump + +sealed class DetGoTo (private var _target: Block, var parent: Block, var condition: Option[Expr], override val label: Option[String] = None) extends GoTo { + _target.incomingJumps.add(parent) + /* override def locals: Set[Variable] = condition match { case Some(c) => c.locals case None => Set() } */ - override def toString: String = s"${labelStr}GoTo(${target.label}, $condition)" + + def target: Block = _target + + def replaceTarget(newTarget: Block): Block = { + _target.incomingJumps.remove(parent) + newTarget.incomingJumps.add(parent) + _target = newTarget + _target + } + + override def toString: String = s"${labelStr}GoTo(${_target.label}, $condition)" override def acceptVisit(visitor: Visitor): Jump = visitor.visitGoTo(this) } -object GoTo: - def unapply(g: GoTo): Option[(Block, Option[Expr], Option[String])] = Some(g.target, g.condition, g.label) +object DetGoTo: + def unapply(g: DetGoTo): Option[(Block, Block, Option[Expr], Option[String])] = Some(g.target, g.parent, g.condition, g.label) + +class NonDetGoTo private (private var _targets: mutable.Set[Block], var parent: Block, override val label: Option[String]) extends GoTo { + _targets.foreach(_.incomingJumps.add(parent)) + + + def this(targets: IterableOnce[Block], parent: Block, label: Option[String] = None) = this(mutable.Set.from(targets), parent, label) + + def targets: Set[Block] = _targets.toSet + + def addAllTargets(t: Iterable[Block]): Unit = { + t.foreach(addTarget(_)) + } + + def addTarget(t: Block): Unit = { + if (_targets.add(t)) { + t.incomingJumps.add(parent) + } + } + + def removeTarget(t: Block): Unit = { + // making the assumption that blocks only contain the same outgoing edge once + // e.g. We don't have two edges going to the same block under different conditions + if (_targets.remove(t)) { + t.incomingJumps.remove(parent) + } + } + -class NonDetGoTo(var targets: Seq[Block], var parent: Block, override val label: Option[String] = None) extends Jump { override def toString: String = s"${labelStr}NonDetGoTo(${targets.map(_.label).mkString(", ")})" override def acceptVisit(visitor: Visitor): Jump = visitor.visitNonDetGoTo(this) } -class DirectCall(var target: Procedure, var returnTarget: Option[Block], var parent: Block, override val label: Option[String] = None) extends Jump { + +sealed trait Call extends Jump + +class DirectCall(var target: Procedure, var returnTarget: Option[Block], var parent: Block, override val label: Option[String] = None) extends Call { /* override def locals: Set[Variable] = condition match { case Some(c) => c.locals case None => Set() @@ -100,9 +146,9 @@ class DirectCall(var target: Procedure, var returnTarget: Option[Block], var par } object DirectCall: - def unapply(i: DirectCall): Option[(Procedure, Option[Block], Option[String])] = Some(i.target, i.returnTarget, i.label) + def unapply(i: DirectCall): Option[(Procedure, Option[Block], Block, Option[String])] = Some(i.target, i.returnTarget, i.parent, i.label) -class IndirectCall(var target: Variable, var parent: Block, var returnTarget: Option[Block], override val label: Option[String] = None) extends Jump { +class IndirectCall(var target: Variable, var parent: Block, var returnTarget: Option[Block], override val label: Option[String] = None) extends Call { /* override def locals: Set[Variable] = condition match { case Some(c) => c.locals + target case None => Set(target) @@ -112,4 +158,4 @@ class IndirectCall(var target: Variable, var parent: Block, var returnTarget: Op } object IndirectCall: - def unapply(i: IndirectCall): Option[(Variable, Option[Block], Option[String])] = Some(i.target, i.returnTarget, i.label) \ No newline at end of file + def unapply(i: IndirectCall): Option[(Variable, Block, Option[Block], Option[String])] = Some(i.target, i.parent, i.returnTarget, i.label) diff --git a/src/main/scala/ir/Visitor.scala b/src/main/scala/ir/Visitor.scala index dadeee222..22441ac1c 100644 --- a/src/main/scala/ir/Visitor.scala +++ b/src/main/scala/ir/Visitor.scala @@ -34,7 +34,7 @@ abstract class Visitor { def visitJump(node: Jump): Jump = node.acceptVisit(this) - def visitGoTo(node: GoTo): Jump = { + def visitGoTo(node: DetGoTo): Jump = { node.condition = node.condition.map(visitExpr) node } @@ -56,8 +56,9 @@ abstract class Visitor { for (s <- node.statements) { node.statements.replace(s, visitStatement(s)) } - for (i <- node.jumps.indices) { - node.jumps(i) = visitJump(node.jumps(i)) + for (j <- node.jumps) { + node.replaceJump(j, visitJump(j)) + //node.jumps(i) = visitJump(j) } node } @@ -215,7 +216,7 @@ abstract class ReadOnlyVisitor extends Visitor { node } - override def visitGoTo(node: GoTo): Jump = { + override def visitGoTo(node: DetGoTo): Jump = { node } diff --git a/src/main/scala/translating/BAPToIR.scala b/src/main/scala/translating/BAPToIR.scala index ff9c78985..498962ae7 100644 --- a/src/main/scala/translating/BAPToIR.scala +++ b/src/main/scala/translating/BAPToIR.scala @@ -23,7 +23,7 @@ class BAPToIR(var program: BAPProgram, mainAddress: Int) { val procedure = Procedure(s.name, Some(s.address), blocks, in, out) for (b <- s.blocks) { - val block = Block(b.label, b.address, IntrusiveList(), ArrayBuffer(), procedure) + val block = Block(b.label, b.address, IntrusiveList(), Seq(), Seq(), procedure) blocks.append(block) labelToBlock.addOne(b.label, block) } @@ -47,7 +47,7 @@ class BAPToIR(var program: BAPProgram, mainAddress: Int) { block.statements.append(translate(st, block)) } for (j <- b.jumps) { - block.jumps.append(translate(j, block)) + block.addJump(translate(j, block)) } } } @@ -66,7 +66,7 @@ class BAPToIR(var program: BAPProgram, mainAddress: Int) { case b: BAPLocalAssign => LocalAssign(b.lhs.toIR, b.rhs.toIR, parent, Some(b.line)) } - private def translate(j: BAPJump, parent: Block) = j match { + private def translate(j: BAPJump, parent: Block) : Jump = j match { case b: BAPDirectCall => DirectCall( nameToProcedure(b.target), @@ -77,7 +77,7 @@ class BAPToIR(var program: BAPProgram, mainAddress: Int) { case b: BAPIndirectCall => IndirectCall(b.target.toIR, parent, b.returnTarget.map(t => labelToBlock(t)), Some(b.line)) case b: BAPGoTo => - GoTo(labelToBlock(b.target), parent, coerceToBool(b.condition), Some(b.line)) + DetGoTo(labelToBlock(b.target), parent, coerceToBool(b.condition), Some(b.line)) } /* diff --git a/src/main/scala/translating/ILtoIL.scala b/src/main/scala/translating/ILtoIL.scala index 41338723f..3c5c47a67 100644 --- a/src/main/scala/translating/ILtoIL.scala +++ b/src/main/scala/translating/ILtoIL.scala @@ -60,7 +60,16 @@ private class ILSerialiser extends ReadOnlyVisitor { node } - override def visitGoTo(node: GoTo): Jump = { + + override def visitNonDetGoTo(node: NonDetGoTo): Jump = { + program ++= "NonDetGoTo({" + // TODO + program ++= node.targets.map(blockIdentifier(_)).mkString(", ") + program ++= "})" // GoTo + node + } + + override def visitGoTo(node: DetGoTo): Jump = { program ++= "GoTo(" // TODO program ++= blockIdentifier(node.target) diff --git a/src/main/scala/translating/IRToBoogie.scala b/src/main/scala/translating/IRToBoogie.scala index a20f63aa6..d56859185 100644 --- a/src/main/scala/translating/IRToBoogie.scala +++ b/src/main/scala/translating/IRToBoogie.scala @@ -412,7 +412,7 @@ class IRToBoogie(var program: Program, var spec: Specification) { case None => unresolved ++ List(Comment("no return target"), BAssume(FalseBLiteral)) } } - case g: GoTo => + case g: DetGoTo => g.condition match { case Some(c) => val guard = c.toBoogie @@ -422,10 +422,11 @@ class IRToBoogie(var program: Program, var spec: Specification) { List(GoToCmd(Seq(g.target.label))) } case n: NonDetGoTo => - List(GoToCmd(n.targets.map(_.label))) + List(GoToCmd(n.targets.map(_.label).toSeq)) } def translate(s: Statement): List[BCmd] = s match { + case m: NOP => List.empty case m: MemoryAssign => val lhs = m.lhs.toBoogie val rhs = m.rhs.toBoogie @@ -433,8 +434,8 @@ class IRToBoogie(var program: Program, var spec: Specification) { val rhsGamma = m.rhs.toGamma val store = AssignCmd(List(lhs, lhsGamma), List(rhs, rhsGamma)) val stateSplit = s match { - case MemoryAssign(_,_, Some(label)) => List(captureStateStatement(s"$label")) - case LocalAssign(_,_, Some(label)) => List(captureStateStatement(s"$label")) + case MemoryAssign(_,_, parent, Some(label)) => List(captureStateStatement(s"$label")) + case LocalAssign(_,_, parent, Some(label)) => List(captureStateStatement(s"$label")) case _ => List.empty } if (lhs == stack) { diff --git a/src/main/scala/util/IntrusiveList.scala b/src/main/scala/util/IntrusiveList.scala new file mode 100644 index 000000000..9dad1eec7 --- /dev/null +++ b/src/main/scala/util/IntrusiveList.scala @@ -0,0 +1,296 @@ +package intrusiveList +import scala.collection.mutable + +// TODO: implement IterableOps +// So need iterablefactory https://docs.scala-lang.org/overviews/core/custom-collections.html + +final class IntrusiveList[T <: IntrusiveListElement] private (var numElems: Int, var firstElem: Option[T], var lastElem: Option[T]) + extends mutable.Iterable[T], mutable.Growable[T]: + // invariant: + // numElems == first.length() + + // if size == 0 then first == last == None + // else if size == 1 then first.get == last.get + // else first = last.get.first() && last == first.get.last() + + // Growable + override def knownSize: Int = numElems + + override def addOne(elem: T): IntrusiveList.this.type = { + append(elem) + this + } + + override def clear(): Unit = { + while (size > 0) { + this.remove(lastElem.get) + } + } + + override def addAll(xs: IterableOnce[T]): IntrusiveList.this.type = { + xs.iterator.foreach(append) + this + } + // end Growable + + def this() = this(0, None, None) + + // Iterable + + /* + * O(n); get nth element + */ + def apply(i: Int): T = { + // TODO: cache? + assert(i < size) + var elem = firstElem.get + for (c <- 0 until i) { + elem = elem.getNext.asInstanceOf[T] + } + elem + } + + class IntrusiveListIterator(var elem: Option[IntrusiveListElement]) extends Iterator[T] { + override def hasNext: Boolean = elem.isDefined + override def next: T = { + val t = elem.get.asInstanceOf[T] + elem = t.next + t + } + } + + def iterator: Iterator[T] = IntrusiveListIterator(firstElem) + + // end Iterable + + + def iteratorFrom(elem: IntrusiveListElement): Iterator[T] = { + assert(elem.first() == firstElem.get) + IntrusiveListIterator(Some(elem)) + } + + // Implementation + + override def size: Int = numElems + + override def head(): T = firstElem.get + + def begin(): T = firstElem.get + + private def containsRef(elem: T): Boolean = { + if (size == 0) { + false + } else { + firstElem.get.containsRef(elem) + } + } + + def contains(elem: T): Boolean = { + if (size == 0) { + false + } else { + firstElem.get.contains(elem) + } + } + + def back(): T = lastElem.get + + def prepend(newElem: T): T = { + assert(newElem.unitary) + assert(!containsRef(newElem)) + if (size > 0) { + insertBefore(firstElem.get, newElem) + } else { + firstElem = Some(newElem) + lastElem = Some(newElem) + numElems = 1 + } + newElem + } + + def append(newElem : T): T = { + assert(newElem.unitary) + assert(!containsRef(newElem)) + if (size > 0) { + insertAfter(lastElem.get, newElem) + } else { + firstElem = Some(newElem) + lastElem = Some(newElem) + numElems = 1 + } + newElem + } + + def replace(elem: T, withElem: T): T = { + assert(containsRef(elem)) + if (elem ne withElem) { + assert(withElem.unitary) + assert(!containsRef(withElem)) + val newElem: T = insertAfter(elem, withElem) + val removed = remove(elem) + newElem + } else { + withElem + } + } + + def remove(intrusiveListElement: T): T = { + assert(size >= 0) + assert(containsRef(intrusiveListElement)) + numElems -= 1 + if (intrusiveListElement == lastElem.get) { + lastElem = intrusiveListElement.prev.asInstanceOf[Option[T]] + } + if (intrusiveListElement == firstElem.get) { + firstElem = intrusiveListElement.next.asInstanceOf[Option[T]] + } + intrusiveListElement.remove().asInstanceOf[T] + } + + + def insertAfter(intrusiveListElement: T, newElem: T): T = { + assert(size >= 1) + assert(containsRef(intrusiveListElement)) + assert(!containsRef(newElem)) + assert(newElem.unitary) + numElems += 1 + if (intrusiveListElement == lastElem.get) { + lastElem = Some(newElem) + } + intrusiveListElement.insertAfter(newElem).asInstanceOf[T] + } + + def insertBefore(intrusiveListElement: T, newElem: T): T = { + assert(size >= 1) + assert(containsRef(intrusiveListElement)) + assert(!containsRef(newElem)) + assert(newElem.unitary) + numElems += 1 + if (intrusiveListElement == firstElem.get) { + firstElem = Some(newElem) + } + intrusiveListElement.insertBefore(newElem).asInstanceOf[T] + } + + def getNext(elem: T): T = { + elem.getNext.asInstanceOf[T] + } + + def hasNext(elem: T): Boolean = { + elem.hasNext + } + + def hasPrev(elem: T): Boolean = { + elem.hasPrev + } + + def getPrev(elem: T): T = { + elem.getPrev.asInstanceOf[T] + } + +object IntrusiveList { + def from[T <: IntrusiveListElement](it: IterableOnce[T]): IntrusiveList[T] = { + val l = new IntrusiveList[T]() + l.addAll(it) + l + } + def empty[T <: IntrusiveListElement] : IntrusiveList[T] = new IntrusiveList[T]() + +} + +trait IntrusiveListElement: + private[intrusiveList] var next: Option[IntrusiveListElement] = None + private[intrusiveList] var prev: Option[IntrusiveListElement] = None + private[intrusiveList] final def insertBefore(elem: IntrusiveListElement): IntrusiveListElement = { + elem.prev = prev + if (prev.isDefined) { + prev.get.next = Some(elem) + } + prev = Some(elem) + elem.next = Some(this) + elem + } + + private[intrusiveList] final def unitary: Boolean = next.isEmpty && prev.isEmpty + + + private[intrusiveList] final def insertAfter(elem: IntrusiveListElement): IntrusiveListElement = { + if (next.isDefined) { + next.get.prev = Some(elem) + } + elem.next = next + next = Some(elem) + elem.prev = Some(this) + elem + } + + private[intrusiveList] final def replace(elem: IntrusiveListElement): IntrusiveListElement = { + insertAfter(elem) + remove() + elem + } + + private[intrusiveList] final def remove(): IntrusiveListElement = { + if (next.isDefined) { + next.get.prev = prev + } + if (prev.isDefined) { + prev.get.next = next + } + this.next = None + this.prev = None + this + } + + private[intrusiveList] final def append(elem: IntrusiveListElement): IntrusiveListElement = { + last().insertAfter(elem) + } + + private[intrusiveList] final def prepend(elem: IntrusiveListElement): IntrusiveListElement = { + first().insertBefore(elem) + } + + private[intrusiveList] final def getNext: IntrusiveListElement = next.get + + private[intrusiveList] final def getPrev: IntrusiveListElement = prev.get + + private[intrusiveList] final def hasNext: Boolean = next.isDefined + private[intrusiveList] final def hasPrev: Boolean = prev.isDefined + + private[intrusiveList] final def last(): IntrusiveListElement = { + next match { + case Some(n) => n.last() + case None => this + } + } + + private[intrusiveList] final def first(): IntrusiveListElement = { + prev match { + case Some(n) => n.first() + case None => this + } + } + + private[intrusiveList] final def splice(at: IntrusiveListElement, insertBegin: IntrusiveListElement, + insertEnd: IntrusiveListElement): Unit = { + assert(insertEnd.last() == insertEnd) + assert(insertBegin.last() == insertEnd) + assert(insertBegin.first() == insertBegin) + assert(insertEnd.first() == insertBegin) + assert(!at.contains(insertBegin)) + + at.next.foreach(_.prev = Some(insertEnd)) + insertBegin.prev = Some(at) + at.next = Some(insertBegin) + + } + + private[intrusiveList] final def contains(elem: IntrusiveListElement): Boolean = { + elem.first() == first() + } + + private[intrusiveList] final def containsRef(elem: IntrusiveListElement): Boolean = { + elem.first() eq first() + } + + diff --git a/src/main/scala/util/RunUtils.scala b/src/main/scala/util/RunUtils.scala index e2c0ad4ce..8a32a3a78 100644 --- a/src/main/scala/util/RunUtils.scala +++ b/src/main/scala/util/RunUtils.scala @@ -329,25 +329,24 @@ object RunUtils { if (targets.size == 1) { modified = true val newCall = DirectCall(targets.head, indirectCall.returnTarget, block) - block.jumps.remove(block.jumps.indexOf(indirectCall)) - block.jumps.append(newCall) + block.replaceJump(indirectCall, newCall) } else if (targets.size > 1) { modified = true val procedure: Procedure = c.parent.data val newBlocks = for (t <- targets) yield { val newLabel: String = block.label + t.name - val newBlock = Block(newLabel, None, IntrusiveList(), ArrayBuffer(), procedure) + val newBlock = Block(newLabel, None, IntrusiveList(), Seq(), Seq(), procedure) val assume = Assume(BinaryExpr(BVEQ, indirectCall.target, BitVecLiteral(t.address.get, 64)), newBlock) val directCall = DirectCall(t, indirectCall.returnTarget, newBlock) newBlock.statements.addOne(assume) - newBlock.jumps.addOne(directCall) + newBlock.addJump(directCall) newBlock } procedure.blocks.addAll(newBlocks) - block.jumps.remove(block.jumps.indexOf(indirectCall)) - val newCall = NonDetGoTo(newBlocks, block) - block.jumps.append(newCall) + //block.jumps.remove(block.jumps.indexOf(indirectCall)) + block.removeJump(indirectCall) + block.addJump(NonDetGoTo(newBlocks, block)) } case _ => case _ => diff --git a/src/test/scala/ir/IntrusiveListPublicInterfaceTest.scala b/src/test/scala/ir/IntrusiveListPublicInterfaceTest.scala index 5c6666a74..2bd0203d8 100644 --- a/src/test/scala/ir/IntrusiveListPublicInterfaceTest.scala +++ b/src/test/scala/ir/IntrusiveListPublicInterfaceTest.scala @@ -151,5 +151,15 @@ class IntrusiveListPublicInterfaceTest extends AnyFunSuite { assert(it.length == 7) } + test("addAll") { + val l = getSequentialList(3) + val toAdd = List(Elem(3),Elem(4),Elem(5)) + l.addAll(toAdd) + + for (i <- 0 until 6) { + assert(l(i).t == i) + } + } + } From 118ecffe717e2e27781a34c8aecb0f3bf2f9cd71 Mon Sep 17 00:00:00 2001 From: Alistair Michael Date: Thu, 9 Nov 2023 13:50:01 +1000 Subject: [PATCH 07/42] add assertions --- src/main/scala/ir/Block.scala | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/main/scala/ir/Block.scala b/src/main/scala/ir/Block.scala index bc09a45b6..04cf47e33 100644 --- a/src/main/scala/ir/Block.scala +++ b/src/main/scala/ir/Block.scala @@ -27,6 +27,7 @@ class Block private def addJump(j: Jump): Boolean = { + assert(j.parent == this) j match { case g: GoTo => _jumps.add(g) case c: Call => _calls.add(c) @@ -34,6 +35,7 @@ class Block private } def removeJump(j: Jump) = { + assert(j.parent == this) // assume you do not have two jumps to the same block from this block; would'nt make sense j match { case g: DetGoTo => { @@ -49,6 +51,7 @@ class Block private } def replaceJump(j: Jump, newJ: Jump) : Unit = { + assert((j.parent == this) && (newJ.parent == this)) if (j eq newJ) { // GoTo/Call is responsible for maintaining the CFG if it is modified in-place return From 2e4f9e84b0e28a53ce391829b05d2ca173e75473 Mon Sep 17 00:00:00 2001 From: Alistair Michael Date: Thu, 9 Nov 2023 14:58:53 +1000 Subject: [PATCH 08/42] fix jump order issue --- src/main/scala/ir/Block.scala | 40 +++++++----------- src/main/scala/ir/IRCursor.scala | 1 + src/main/scala/ir/Statement.scala | 46 +++++++++++++-------- src/main/scala/translating/BAPToIR.scala | 2 +- src/main/scala/translating/IRToBoogie.scala | 3 +- src/main/scala/util/RunUtils.scala | 2 +- 6 files changed, 48 insertions(+), 46 deletions(-) diff --git a/src/main/scala/ir/Block.scala b/src/main/scala/ir/Block.scala index 04cf47e33..966a0a573 100644 --- a/src/main/scala/ir/Block.scala +++ b/src/main/scala/ir/Block.scala @@ -12,42 +12,32 @@ class Block private var address: Option[Int], val statements: IntrusiveList[Statement], // invariant: all Goto targets are disjoint - private val _jumps: mutable.HashSet[GoTo], - private val _calls: mutable.HashSet[Call], + private val _jumps: IntrusiveList[Jump], + //private val _calls: IntrusiveList[Call], val incomingJumps: mutable.HashSet[Block], val parent: Procedure ) extends IntrusiveListElement { - def this(label: String, address: Option[Int], statements: IterableOnce[Statement], jumps: IterableOnce[GoTo], calls: IterableOnce[Call], parent: Procedure) = { - this(label, address, IntrusiveList.from(statements), mutable.HashSet.from(jumps), mutable.HashSet.from(calls), mutable.HashSet.empty, parent) + def this(label: String, address: Option[Int], statements: IterableOnce[Statement], jumps: IterableOnce[Jump], parent: Procedure) = { + this(label, address, IntrusiveList.from(statements), IntrusiveList.from(jumps), mutable.HashSet.empty, parent) } - def jumps: immutable.Set[Jump] = (_jumps ++ _calls) to immutable.Set + def jumps: immutable.List[Jump] = _jumps to immutable.List - def addJump(j: Jump): Boolean = { - assert(j.parent == this) - j match { - case g: GoTo => _jumps.add(g) - case c: Call => _calls.add(c) - } + def addJump(j: Jump): Unit = { + j.parent = this + _jumps.append(j) } - def removeJump(j: Jump) = { + def removeJump(j: Jump) : Unit = { assert(j.parent == this) - // assume you do not have two jumps to the same block from this block; would'nt make sense - j match { - case g: DetGoTo => { - g.target.incomingJumps.remove(this) - _jumps.remove(g) - } - case g: NonDetGoTo => { - g.targets.foreach(t => t.incomingJumps.remove(this)) - _jumps.remove(g) - } - case c: Call => _calls.remove(c) - } + j match + case g: GoTo => g.deParent() + case _ => () + + _jumps.remove(j) } def replaceJump(j: Jump, newJ: Jump) : Unit = { @@ -72,7 +62,7 @@ class Block private //} - def calls: Set[Procedure] = _calls.flatMap(_.calls).toSet + def calls: Set[Procedure] = _jumps.flatMap(_.calls).toSet def modifies: Set[Global] = statements.flatMap(_.modifies).toSet //def locals: Set[Variable] = statements.flatMap(_.locals).toSet ++ jumps.flatMap(_.locals).toSet diff --git a/src/main/scala/ir/IRCursor.scala b/src/main/scala/ir/IRCursor.scala index c836ee7aa..ab66810e0 100644 --- a/src/main/scala/ir/IRCursor.scala +++ b/src/main/scala/ir/IRCursor.scala @@ -25,6 +25,7 @@ case class IntraProcIRCursor(pos: CFGPosition) { s.parent.jumps.toSet } case j: Jump => j match { + /* TODO jumps are ordered so prior jumps mask later jumps; assuming the union of the conditions is total */ case g: DetGoTo => Set[CFGPosition](g.target) case n: NonDetGoTo => n.targets.toSet case c: DirectCall => c.returnTarget match diff --git a/src/main/scala/ir/Statement.scala b/src/main/scala/ir/Statement.scala index 1e5287dfd..719fe38ad 100644 --- a/src/main/scala/ir/Statement.scala +++ b/src/main/scala/ir/Statement.scala @@ -66,7 +66,7 @@ class Assume(var body: Expr, var parent: Block, var comment: Option[String] = N object Assume: def unapply(a: Assume): Option[(Expr, Block, Option[String], Option[String])] = Some(a.body, a.parent, a.comment, a.label) -sealed trait Jump extends Command { +sealed trait Jump extends Command, IntrusiveListElement { def modifies: Set[Global] = Set() //def locals: Set[Variable] = Set() def calls: Set[Procedure] = Set() @@ -74,24 +74,32 @@ sealed trait Jump extends Command { } -sealed trait GoTo extends Jump +sealed trait GoTo extends Jump { + /* ONLY remove backwards control flow edge */ + def deParent() : Unit +} sealed class DetGoTo (private var _target: Block, var parent: Block, var condition: Option[Expr], override val label: Option[String] = None) extends GoTo { - _target.incomingJumps.add(parent) - - /* override def locals: Set[Variable] = condition match { - case Some(c) => c.locals - case None => Set() - } */ - - def target: Block = _target - - def replaceTarget(newTarget: Block): Block = { - _target.incomingJumps.remove(parent) - newTarget.incomingJumps.add(parent) - _target = newTarget - _target - } + _target.incomingJumps.add(parent) + + /* override def locals: Set[Variable] = condition match { + case Some(c) => c.locals + case None => Set() + } */ + + def target: Block = _target + + override def deParent() : Unit = { + // assume you do not have two jumps to the same block from this block; would'nt make sense + target.incomingJumps.remove(parent) + } + + def replaceTarget(newTarget: Block): Block = { + _target.incomingJumps.remove(parent) + newTarget.incomingJumps.add(parent) + _target = newTarget + _target + } override def toString: String = s"${labelStr}GoTo(${_target.label}, $condition)" @@ -119,6 +127,10 @@ class NonDetGoTo private (private var _targets: mutable.Set[Block], var parent: } } + override def deParent() : Unit = { + targets.foreach(_.incomingJumps.remove(parent)) + } + def removeTarget(t: Block): Unit = { // making the assumption that blocks only contain the same outgoing edge once // e.g. We don't have two edges going to the same block under different conditions diff --git a/src/main/scala/translating/BAPToIR.scala b/src/main/scala/translating/BAPToIR.scala index 498962ae7..2c1f46cde 100644 --- a/src/main/scala/translating/BAPToIR.scala +++ b/src/main/scala/translating/BAPToIR.scala @@ -23,7 +23,7 @@ class BAPToIR(var program: BAPProgram, mainAddress: Int) { val procedure = Procedure(s.name, Some(s.address), blocks, in, out) for (b <- s.blocks) { - val block = Block(b.label, b.address, IntrusiveList(), Seq(), Seq(), procedure) + val block = Block(b.label, b.address, Seq(), Seq(), procedure) blocks.append(block) labelToBlock.addOne(b.label, block) } diff --git a/src/main/scala/translating/IRToBoogie.scala b/src/main/scala/translating/IRToBoogie.scala index d56859185..7f13ff305 100644 --- a/src/main/scala/translating/IRToBoogie.scala +++ b/src/main/scala/translating/IRToBoogie.scala @@ -387,8 +387,7 @@ class IRToBoogie(var program: Program, var spec: Specification) { def translateBlock(b: Block): BBlock = { val captureState = captureStateStatement(s"${b.label}") - val cmds = List(captureState) - ++ (b.statements.flatMap(s => translate(s)) ++ b.jumps.flatMap(j => translate(j))) + val cmds = (List(captureState) ++ (b.statements.flatMap(s => translate(s))) ++ b.jumps.flatMap(j => translate(j))) BBlock(b.label, cmds) } diff --git a/src/main/scala/util/RunUtils.scala b/src/main/scala/util/RunUtils.scala index 8a32a3a78..b70fd81f9 100644 --- a/src/main/scala/util/RunUtils.scala +++ b/src/main/scala/util/RunUtils.scala @@ -336,7 +336,7 @@ object RunUtils { val newBlocks = for (t <- targets) yield { val newLabel: String = block.label + t.name - val newBlock = Block(newLabel, None, IntrusiveList(), Seq(), Seq(), procedure) + val newBlock = Block(newLabel, None, Seq(), Seq(), procedure) val assume = Assume(BinaryExpr(BVEQ, indirectCall.target, BitVecLiteral(t.address.get, 64)), newBlock) val directCall = DirectCall(t, indirectCall.returnTarget, newBlock) newBlock.statements.addOne(assume) From d6dafeb2813e7205300066925f9f1b9bd4f917cb Mon Sep 17 00:00:00 2001 From: Alistair Michael Date: Thu, 9 Nov 2023 16:11:32 +1000 Subject: [PATCH 09/42] add procedure called-by links --- src/main/scala/ir/Block.scala | 37 +++++++++++++++---------------- src/main/scala/ir/IRCursor.scala | 9 ++++---- src/main/scala/ir/Procedure.scala | 18 ++++++++++++++- src/main/scala/ir/Statement.scala | 3 ++- 4 files changed, 41 insertions(+), 26 deletions(-) diff --git a/src/main/scala/ir/Block.scala b/src/main/scala/ir/Block.scala index 966a0a573..d8ebf6ed3 100644 --- a/src/main/scala/ir/Block.scala +++ b/src/main/scala/ir/Block.scala @@ -17,28 +17,27 @@ class Block private val incomingJumps: mutable.HashSet[Block], val parent: Procedure ) extends IntrusiveListElement { + def this(label: String, address: Option[Int], statements: IterableOnce[Statement], jumps: IterableOnce[Jump], parent: Procedure) = { + this(label, address, IntrusiveList.from(statements), IntrusiveList.from(jumps), mutable.HashSet.empty, parent) + } + def jumps: immutable.List[Jump] = _jumps to immutable.List + + def addJump(j: Jump): Unit = { + j.parent = this + _jumps.append(j) + } - def this(label: String, address: Option[Int], statements: IterableOnce[Statement], jumps: IterableOnce[Jump], parent: Procedure) = { - this(label, address, IntrusiveList.from(statements), IntrusiveList.from(jumps), mutable.HashSet.empty, parent) - } - - def jumps: immutable.List[Jump] = _jumps to immutable.List + def predecessors: immutable.Set[Block] = incomingJumps to immutable.Set - - def addJump(j: Jump): Unit = { - j.parent = this - _jumps.append(j) - } - - def removeJump(j: Jump) : Unit = { - assert(j.parent == this) - j match - case g: GoTo => g.deParent() - case _ => () - - _jumps.remove(j) - } + def removeJump(j: Jump) : Unit = { + assert(j.parent == this) + j match + case g: GoTo => g.deParent() + case _ => () + + _jumps.remove(j) + } def replaceJump(j: Jump, newJ: Jump) : Unit = { assert((j.parent == this) && (newJ.parent == this)) diff --git a/src/main/scala/ir/IRCursor.scala b/src/main/scala/ir/IRCursor.scala index ab66810e0..c7da25719 100644 --- a/src/main/scala/ir/IRCursor.scala +++ b/src/main/scala/ir/IRCursor.scala @@ -15,7 +15,6 @@ case class ProcedureUnknownJump(pos: CFGPosition) case class ProcedureReturn(procedure: Procedure, pos: CFGPosition) case class IntraProcIRCursor(pos: CFGPosition) { - def succ(): Set[CFGPosition] = { pos match { case s: Statement => @@ -25,7 +24,8 @@ case class IntraProcIRCursor(pos: CFGPosition) { s.parent.jumps.toSet } case j: Jump => j match { - /* TODO jumps are ordered so prior jumps mask later jumps; assuming the union of the conditions is total */ + /* TODO jumps are ordered so prior jumps mask later jumps; assuming the union of the conditions is total + * This will not be the case once we make all jumps nondeterministic. */ case g: DetGoTo => Set[CFGPosition](g.target) case n: NonDetGoTo => n.targets.toSet case c: DirectCall => c.returnTarget match @@ -48,7 +48,6 @@ case class IntraProcIRCursor(pos: CFGPosition) { } } - def pred(): Set[CFGPosition] = { pos match { case s: Statement => @@ -57,8 +56,8 @@ case class IntraProcIRCursor(pos: CFGPosition) { } else { Set(s.parent) // predecessor blocks } - case j: Jump => Set(j.parent.statements.last) - case b: Block => ??? // predecessor edges + case j: Jump => if j.parent.statements.isEmpty then Set(j.parent) else Set(j.parent.statements.last) + case b: Block => b.predecessors.asInstanceOf[Set[CFGPosition]] case proc: Procedure => Set() case r: ProcedureUnknownJump => Set(r.pos) case r: ProcedureReturn => Set(r.pos) diff --git a/src/main/scala/ir/Procedure.scala b/src/main/scala/ir/Procedure.scala index 3f999e44e..9919a5aa6 100644 --- a/src/main/scala/ir/Procedure.scala +++ b/src/main/scala/ir/Procedure.scala @@ -6,19 +6,35 @@ import scala.collection.mutable import scala.collection.mutable.ArrayBuffer import intrusiveList.IntrusiveList -class Procedure( +class Procedure ( var name: String, var address: Option[Int], var blocks: IntrusiveList[Block], var in: ArrayBuffer[Parameter], var out: ArrayBuffer[Parameter] ) { + + + private var _callers = new mutable.HashMap[Procedure, mutable.Set[Call]] with mutable.MultiMap[Procedure, Call] + def calls: Set[Procedure] = blocks.flatMap(_.calls).toSet override def toString: String = { s"Procedure $name at ${address.getOrElse("None")} with ${blocks.size} blocks and ${in.size} in and ${out.size} out parameters" } + + def removeCaller(c: Call): Unit = { + _callers.removeBinding(c.parent.parent, c) + } + + def addCaller(c: Call): Unit = { + _callers.addBinding(c.parent.parent, c) + } + + def callers(): Iterable[Procedure] = _callers.keySet + var modifies: mutable.Set[Global] = mutable.Set() + def stackIdentification(): Unit = { val stackPointer = Register("R31", BitVecType(64)) val stackRefs: mutable.Set[Variable] = mutable.Set(stackPointer) diff --git a/src/main/scala/ir/Statement.scala b/src/main/scala/ir/Statement.scala index 719fe38ad..2440dd9a9 100644 --- a/src/main/scala/ir/Statement.scala +++ b/src/main/scala/ir/Statement.scala @@ -147,7 +147,8 @@ class NonDetGoTo private (private var _targets: mutable.Set[Block], var parent: sealed trait Call extends Jump -class DirectCall(var target: Procedure, var returnTarget: Option[Block], var parent: Block, override val label: Option[String] = None) extends Call { +class DirectCall(val target: Procedure, var returnTarget: Option[Block], var parent: Block, override val label: Option[String] = None) extends Call { + target.addCaller(this) /* override def locals: Set[Variable] = condition match { case Some(c) => c.locals case None => Set() From 3a2d6bd6c1a9efbf9342831433abc216085d6625 Mon Sep 17 00:00:00 2001 From: Alistair Michael Date: Fri, 10 Nov 2023 11:59:04 +1000 Subject: [PATCH 10/42] move intra to trait param on dependencies --- src/main/scala/analysis/Analysis.scala | 6 +- .../scala/analysis/BasicIRConstProp.scala | 120 ++++++++++++++++++ src/main/scala/analysis/Dependencies.scala | 19 ++- .../scala/analysis/SteensgaardAnalysis.scala | 2 +- src/main/scala/analysis/VSA.scala | 1 + .../analysis/solvers/FixPointSolver.scala | 40 +++--- .../analysis/solvers/MonotonicSolver.scala | 10 +- src/main/scala/ir/IRCursor.scala | 10 +- src/main/scala/util/RunUtils.scala | 6 +- 9 files changed, 172 insertions(+), 42 deletions(-) create mode 100644 src/main/scala/analysis/BasicIRConstProp.scala diff --git a/src/main/scala/analysis/Analysis.scala b/src/main/scala/analysis/Analysis.scala index b7584bae7..8969a2428 100644 --- a/src/main/scala/analysis/Analysis.scala +++ b/src/main/scala/analysis/Analysis.scala @@ -18,7 +18,7 @@ trait Analysis[+R]: /** Performs the analysis and returns the result. */ - def analyze(intra: Boolean): R + def analyze(): R /** A flow-sensitive analysis. * @param stateAfterNode @@ -128,9 +128,9 @@ abstract class ValueAnalysisWorklistSolver[L <: LatticeWithOps]( ) extends SimpleValueAnalysis(cfg) with SimplePushDownWorklistFixpointSolver[CfgNode] with ForwardDependencies + with Dependencies[CfgNode](true) object ConstantPropagationAnalysis: - class WorklistSolver(cfg: ProgramCfg) extends ValueAnalysisWorklistSolver(cfg, ConstantPropagationLattice) @@ -406,9 +406,9 @@ abstract class IntraprocMemoryRegionAnalysisWorklistSolver[L <: PowersetLattice[ ) extends MemoryRegionAnalysis(cfg, globals, globalOffsets, subroutines, constantProp) with SimpleMonotonicSolver[CfgNode] with ForwardDependencies + with Dependencies[CfgNode](true) object MemoryRegionAnalysis: - class WorklistSolver( cfg: ProgramCfg, globals: Map[BigInt, String], diff --git a/src/main/scala/analysis/BasicIRConstProp.scala b/src/main/scala/analysis/BasicIRConstProp.scala new file mode 100644 index 000000000..ccb732b21 --- /dev/null +++ b/src/main/scala/analysis/BasicIRConstProp.scala @@ -0,0 +1,120 @@ +package analysis +import ir.* + +import analysis.solvers.* + + +trait ILValueAnalysisMisc: + val valuelattice: LatticeWithOps + val statelattice: MapLattice[Variable, valuelattice.type] = new MapLattice(valuelattice) + + def eval(exp: Expr, env: statelattice.Element): valuelattice.Element = + import valuelattice._ + exp match + case id: Variable => env(id) + case n: Literal => literal(n) + case ze: ZeroExtend => zero_extend(ze.extension, eval(ze.body, env)) + case se: SignExtend => sign_extend(se.extension, eval(se.body, env)) + case e: Extract => extract(e.end, e.start, eval(e.body, env)) + case bin: BinaryExpr => + val left = eval(bin.arg1, env) + val right = eval(bin.arg2, env) + bin.op match + case BVADD => bvadd(left, right) + case BVSUB => bvsub(left, right) + case BVMUL => bvmul(left, right) + case BVUDIV => bvudiv(left, right) + case BVSDIV => bvsdiv(left, right) + case BVSREM => bvsrem(left, right) + case BVUREM => bvurem(left, right) + case BVSMOD => bvsmod(left, right) + case BVAND => bvand(left, right) + case BVOR => bvor(left, right) + case BVXOR => bvxor(left, right) + case BVNAND => bvnand(left, right) + case BVNOR => bvnor(left, right) + case BVXNOR => bvxnor(left, right) + case BVSHL => bvshl(left, right) + case BVLSHR => bvlshr(left, right) + case BVASHR => bvashr(left, right) + case BVCOMP => bvcomp(left, right) + + case BVULE => bvule(left, right) + case BVUGE => bvuge(left, right) + case BVULT => bvult(left, right) + case BVUGT => bvugt(left, right) + + case BVSLE => bvsle(left, right) + case BVSGE => bvsge(left, right) + case BVSLT => bvslt(left, right) + case BVSGT => bvsgt(left, right) + + case BVCONCAT => concat(left, right) + case BVNEQ => bvneq(left, right) + case BVEQ => bveq(left, right) + + case un: UnaryExpr => + val arg = eval(un.arg, env) + + un.op match + case BVNOT => bvnot(arg) + case BVNEG => bvneg(arg) + + case _ => valuelattice.top + + + + /** Transfer function for state lattice elements. + */ + def localTransfer(n: IntraProcIRCursor.Node, s: statelattice.Element): statelattice.Element = + n match + case la: LocalAssign => + s + (la.lhs -> eval(la.rhs, s)) + case _ => s + +///** Base class for value analysis with simple (non-lifted) lattice. +// */ +//abstract class SimpleValueAnalysis(val cfg: ICFG) extends FlowSensitiveAnalysis(true) with ValueAnalysisMisc: +// +// /** The analysis lattice. +// */ +// val lattice: MapLattice[CfgNode, statelattice.type] = MapLattice(statelattice) +// +// // val domain: Set[CfgNode] = cfg.nodes.toSet +// +// /** Transfer function for state lattice elements. (Same as `localTransfer` for simple value analysis.) +// */ +// def transfer(n: CfgNode, s: statelattice.Element): statelattice.Element = localTransfer(n, s) +// +//abstract class ValueAnalysisWorklistSolver[L <: LatticeWithOps]( +// cfg: ICFG, +// val valuelattice: L +//) extends SimpleValueAnalysis(cfg) +// with SimplePushDownWorklistFixpointSolver[CfgNode] +// with ForwardDependencies + + + + +//trait WorklistFixPointSolver[NodeType, L <: Lattice, +W <: Worklist[NodeType]]() { +// val worklist: W +// val lattice: MapLattice[NodeType, L] +// val dependencies: Dependencies[NodeType] +// +// def transfer(n: NodeType, s: lattice.sublattice.Element): lattice.sublattice.Element +// +// def funsub(n: NodeType, x: lattice.Element): lattice.sublattice.Element = +// transfer(n, join(n, x)) +// +// +// def join(n: NodeType, o: lattice.Element): lattice.sublattice.Element = +// val states = dependencies.indep(n).map(o(_)) +// states.foldLeft(lattice.sublattice.bottom)((acc, pred) => lattice.sublattice.lub(acc, pred)) +//} +// +//object constprop extends WorklistFixPointSolver[IntraProcIRCursor.Node, ConstantPropagationLattice, ListSetWorklist[IntraProcIRCursor.Node]] { +// +// +//} + + diff --git a/src/main/scala/analysis/Dependencies.scala b/src/main/scala/analysis/Dependencies.scala index 7f85b5b92..398f2262c 100644 --- a/src/main/scala/analysis/Dependencies.scala +++ b/src/main/scala/analysis/Dependencies.scala @@ -1,8 +1,9 @@ package analysis +import ir.IntraProcIRCursor /** Dependency methods for worklist-based analyses. */ -trait Dependencies[N]: +trait Dependencies[N](val intra: Boolean): /** Outgoing dependencies. Used when propagating dataflow to successors. * @param n @@ -10,7 +11,7 @@ trait Dependencies[N]: * @return * the elements that depend on the given element */ - def outdep(n: N, intra: Boolean): Set[N] + def outdep(n: N): Set[N] /** Incoming dependencies. Used when computing the join from predecessors. * @param n @@ -18,7 +19,7 @@ trait Dependencies[N]: * @return * the elements that the given element depends on */ - def indep(n: N, intra: Boolean): Set[N] + def indep(n: N): Set[N] /** Dependency methods for forward analyses. */ @@ -27,8 +28,16 @@ trait ForwardDependencies extends Dependencies[CfgNode]: /* TODO: add functionality here for distinguishing between Intra / Inter */ // Also add support for getting edges / conditions here? - def outdep(n: CfgNode, intra: Boolean = true): Set[CfgNode] = + override def outdep(n: CfgNode): Set[CfgNode] = if intra then n.succ(intra).toSet else n.succ(intra).toSet.union(n.succ(!intra).toSet) - def indep(n: CfgNode, intra: Boolean = true): Set[CfgNode] = + override def indep(n: CfgNode): Set[CfgNode] = if intra then n.pred(intra).toSet else n.pred(intra).toSet.union(n.pred(!intra).toSet) + + + +/** Dependency methods for forward analyses. + */ +object IntraProcDependencies extends Dependencies[IntraProcIRCursor.Node](true): + override def outdep(n: IntraProcIRCursor.Node): Set[IntraProcIRCursor.Node] = IntraProcIRCursor.succ(n).toSet + override def indep(n: IntraProcIRCursor.Node): Set[IntraProcIRCursor.Node] = IntraProcIRCursor.pred(n) diff --git a/src/main/scala/analysis/SteensgaardAnalysis.scala b/src/main/scala/analysis/SteensgaardAnalysis.scala index d2d771ea2..d1880d50c 100644 --- a/src/main/scala/analysis/SteensgaardAnalysis.scala +++ b/src/main/scala/analysis/SteensgaardAnalysis.scala @@ -24,7 +24,7 @@ class SteensgaardAnalysis(program: Program, constantPropResult: Map[CfgNode, Map /** @inheritdoc */ - def analyze(intra: Boolean): Unit = + def analyze(): Unit = // generate the constraints by traversing the AST and solve them on-the-fly visit(program, ()) diff --git a/src/main/scala/analysis/VSA.scala b/src/main/scala/analysis/VSA.scala index c83a5ed59..24cd67767 100644 --- a/src/main/scala/analysis/VSA.scala +++ b/src/main/scala/analysis/VSA.scala @@ -207,6 +207,7 @@ abstract class IntraprocValueSetAnalysisWorklistSolver[L <: VSALatticeElem]( ) extends ValueSetAnalysis(cfg, globals, externalFunctions, globalOffsets, subroutines, mmm, constantProp) with SimpleMonotonicSolver[CfgNode] with ForwardDependencies + with Dependencies[CfgNode](true) object ValueSetAnalysis: diff --git a/src/main/scala/analysis/solvers/FixPointSolver.scala b/src/main/scala/analysis/solvers/FixPointSolver.scala index 6bbe4be53..c751e27fd 100644 --- a/src/main/scala/analysis/solvers/FixPointSolver.scala +++ b/src/main/scala/analysis/solvers/FixPointSolver.scala @@ -13,7 +13,7 @@ trait LatticeSolver: /** The analyze function. */ - def analyze(intra: Boolean): lattice.Element + def analyze(): lattice.Element /** Base trait for map lattice solvers. * @tparam N @@ -40,13 +40,13 @@ trait MapLatticeSolver[N] extends LatticeSolver with Dependencies[N]: * @return * the output sublattice element */ - def funsub(n: N, x: lattice.Element, intra: Boolean): lattice.sublattice.Element = - transfer(n, join(n, x, intra)) + def funsub(n: N, x: lattice.Element): lattice.sublattice.Element = + transfer(n, join(n, x)) /** Computes the least upper bound of the incoming elements. */ - def join(n: N, o: lattice.Element, intra: Boolean): lattice.sublattice.Element = - val states = indep(n, intra).map(o(_)) + def join(n: N, o: lattice.Element): lattice.sublattice.Element = + val states = indep(n).map(o(_)) states.foldLeft(lattice.sublattice.bottom)((acc, pred) => lattice.sublattice.lub(acc, pred)) /** An abstract worklist algorithm. @@ -58,7 +58,7 @@ trait Worklist[N]: /** Called by [[run]] to process an item from the worklist. */ - def process(n: N, intra: Boolean): Unit + def process(n: N): Unit /** Adds an item to the worklist. */ @@ -73,7 +73,7 @@ trait Worklist[N]: * @param first * the initial contents of the worklist */ - def run(first: Set[N], intra: Boolean): Unit + def run(first: Set[N]): Unit /** A simple worklist algorithm based on `scala.collection.immutable.ListSet`. * @@ -84,17 +84,17 @@ trait ListSetWorklist[N] extends Worklist[N]: private var worklist = new ListSet[N] - def add(n: N) = + override def add(n: N) = worklist += n - def add(ns: Set[N]) = worklist ++= ns + override def add(ns: Set[N]) = worklist ++= ns - def run(first: Set[N], intra: Boolean) = + override def run(first: Set[N]) = worklist = new ListSet[N] ++ first while worklist.nonEmpty do val n = worklist.head worklist = worklist.tail - process(n, intra) + process(n) /** Base trait for worklist-based fixpoint solvers. * @@ -106,12 +106,12 @@ trait WorklistFixpointSolver[N] extends MapLatticeSolver[N] with ListSetWorklist */ var x: lattice.Element = _ - def process(n: N, intra: Boolean) = + def process(n: N) = val xn = x(n) - val y = funsub(n, x, intra) + val y = funsub(n, x) if y != xn then x += n -> y - add(outdep(n, intra)) + add(outdep(n)) /** Worklist-based fixpoint solver. * @@ -132,9 +132,9 @@ trait SimpleWorklistFixpointSolver[N] extends WorklistFixpointSolver[N]: * the new lattice element */ - def analyze(intra: Boolean): lattice.Element = + override def analyze(): lattice.Element = x = lattice.bottom - run(domain, intra) + run(domain) x /** A pushDown worklist-based fixpoint solvers. Pushes the results of the analysis one node down. This is used to have @@ -164,14 +164,14 @@ trait PushDownWorklistFixpointSolver[N] extends MapLatticeSolver[N] with ListSet } } - def process(n: N, intra: Boolean) = + def process(n: N) = //val y = funsub(n, x, intra) val xn = x(n) val y = transfer(n, xn) val t = lattice.sublattice.lub(xn, y) - for succ <- outdep(n, intra) do propagate(y, succ) + for succ <- outdep(n) do propagate(y, succ) /** Worklist-based fixpoint solver. * @@ -192,7 +192,7 @@ trait SimplePushDownWorklistFixpointSolver[N] extends PushDownWorklistFixpointSo * the new lattice element */ - def analyze(intra: Boolean): lattice.Element = + override def analyze(): lattice.Element = x = lattice.bottom - run(domain, intra) + run(domain) x diff --git a/src/main/scala/analysis/solvers/MonotonicSolver.scala b/src/main/scala/analysis/solvers/MonotonicSolver.scala index 1c8f5aaeb..6bc5775b1 100644 --- a/src/main/scala/analysis/solvers/MonotonicSolver.scala +++ b/src/main/scala/analysis/solvers/MonotonicSolver.scala @@ -24,15 +24,15 @@ trait SimpleMonotonicSolver[N] extends MapLatticeSolver[N] with ListSetWorklist[ private val loopEscape: mutable.Set[N] = mutable.Set.empty - def process(n: N, intra: Boolean): Unit = + override def process(n: N): Unit = val xn = x(n) - val y = funsub(n, x, intra) + val y = funsub(n, x) if y != xn || !loopEscape.contains(n) then loopEscape.add(n) x += n -> y - add(outdep(n, intra)) + add(outdep(n)) - def analyze(intra: Boolean): lattice.Element = + override def analyze(): lattice.Element = // TODO this sort of type-dependent code should not be in the generic solver // should probably base it upon WorklistFixpointSolverWithReachability from TIP instead? val first: Set[N] = if (intra) { @@ -43,5 +43,5 @@ trait SimpleMonotonicSolver[N] extends MapLatticeSolver[N] with ListSetWorklist[ } x = lattice.bottom - run(first, intra) + run(first) x diff --git a/src/main/scala/ir/IRCursor.scala b/src/main/scala/ir/IRCursor.scala index c7da25719..052ccc605 100644 --- a/src/main/scala/ir/IRCursor.scala +++ b/src/main/scala/ir/IRCursor.scala @@ -14,8 +14,10 @@ type CFGPosition = Procedure | Block | Command | ProcedureUnknownJump | Procedu case class ProcedureUnknownJump(pos: CFGPosition) case class ProcedureReturn(procedure: Procedure, pos: CFGPosition) -case class IntraProcIRCursor(pos: CFGPosition) { - def succ(): Set[CFGPosition] = { +object IntraProcIRCursor { + type Node = CFGPosition + + def succ(pos: CFGPosition): Set[CFGPosition] = { pos match { case s: Statement => if (s.parent.statements.hasNext(s)) { @@ -48,7 +50,7 @@ case class IntraProcIRCursor(pos: CFGPosition) { } } - def pred(): Set[CFGPosition] = { + def pred(pos: CFGPosition): Set[CFGPosition] = { pos match { case s: Statement => if (s.parent.statements.hasPrev(s)) { @@ -75,5 +77,3 @@ case class IntraProcIRCursor(pos: CFGPosition) { } -object IRCursor { -} diff --git a/src/main/scala/util/RunUtils.scala b/src/main/scala/util/RunUtils.scala index b70fd81f9..cef5ad63f 100644 --- a/src/main/scala/util/RunUtils.scala +++ b/src/main/scala/util/RunUtils.scala @@ -146,14 +146,14 @@ object RunUtils { Logger.info("[!] Running Constant Propagation") val constPropSolver = ConstantPropagationAnalysis.WorklistSolver(cfg) - val constPropResult: Map[CfgNode, Map[Variable, ConstantPropagationLattice.Element]] = constPropSolver.analyze(true) + val constPropResult: Map[CfgNode, Map[Variable, ConstantPropagationLattice.Element]] = constPropSolver.analyze() config.analysisDotPath.foreach(s => writeToFile(cfg.toDot(Output.labeler(constPropResult, constPropSolver.stateAfterNode), Output.dotIder), s"${s}_constprop$iteration.dot")) config.analysisResultsPath.foreach(s => writeToFile(printAnalysisResults(cfg, constPropResult, iteration), s"${s}_constprop$iteration.txt")) Logger.info("[!] Running MRA") val mraSolver = MemoryRegionAnalysis.WorklistSolver(cfg, globalAddresses, globalOffsets, mergedSubroutines, constPropResult) - val mraResult: Map[CfgNode, Set[MemoryRegion]] = mraSolver.analyze(true) + val mraResult: Map[CfgNode, Set[MemoryRegion]] = mraSolver.analyze() memoryRegionAnalysisResults = mraResult config.analysisDotPath.foreach(s => writeToFile(cfg.toDot(Output.labeler(mraResult, mraSolver.stateAfterNode), Output.dotIder), s"${s}_mra$iteration.dot")) @@ -166,7 +166,7 @@ object RunUtils { Logger.info("[!] Running VSA") val vsaSolver = ValueSetAnalysis.WorklistSolver(cfg, globalAddresses, externalAddresses, globalOffsets, subroutines, mmm, constPropResult) - val vsaResult: Map[CfgNode, Map[Variable | MemoryRegion, Set[Value]]] = vsaSolver.analyze(false) + val vsaResult: Map[CfgNode, Map[Variable | MemoryRegion, Set[Value]]] = vsaSolver.analyze() config.analysisDotPath.foreach(s => writeToFile(cfg.toDot(Output.labeler(vsaResult, vsaSolver.stateAfterNode), Output.dotIder), s"${s}_vsa$iteration.dot")) config.analysisResultsPath.foreach(s => writeToFile(printAnalysisResults(cfg, vsaResult, iteration), s"${s}_vsa$iteration.txt")) From a3b2c88bd60ef4cb97edf14e8b1eded65da329b8 Mon Sep 17 00:00:00 2001 From: Alistair Michael Date: Fri, 10 Nov 2023 14:40:18 +1000 Subject: [PATCH 11/42] implement prototype IL constprop --- .../scala/analysis/BasicIRConstProp.scala | 43 ++++++++++--------- src/main/scala/analysis/Dependencies.scala | 6 ++- src/main/scala/analysis/UtilMethods.scala | 6 ++- src/main/scala/ir/Block.scala | 11 +++-- src/main/scala/ir/IRCursor.scala | 26 +++++++++-- src/main/scala/util/RunUtils.scala | 18 ++++++++ 6 files changed, 80 insertions(+), 30 deletions(-) diff --git a/src/main/scala/analysis/BasicIRConstProp.scala b/src/main/scala/analysis/BasicIRConstProp.scala index ccb732b21..18e84ebdd 100644 --- a/src/main/scala/analysis/BasicIRConstProp.scala +++ b/src/main/scala/analysis/BasicIRConstProp.scala @@ -72,28 +72,31 @@ trait ILValueAnalysisMisc: s + (la.lhs -> eval(la.rhs, s)) case _ => s -///** Base class for value analysis with simple (non-lifted) lattice. -// */ -//abstract class SimpleValueAnalysis(val cfg: ICFG) extends FlowSensitiveAnalysis(true) with ValueAnalysisMisc: -// -// /** The analysis lattice. -// */ -// val lattice: MapLattice[CfgNode, statelattice.type] = MapLattice(statelattice) -// -// // val domain: Set[CfgNode] = cfg.nodes.toSet -// -// /** Transfer function for state lattice elements. (Same as `localTransfer` for simple value analysis.) -// */ -// def transfer(n: CfgNode, s: statelattice.Element): statelattice.Element = localTransfer(n, s) -// -//abstract class ValueAnalysisWorklistSolver[L <: LatticeWithOps]( -// cfg: ICFG, -// val valuelattice: L -//) extends SimpleValueAnalysis(cfg) -// with SimplePushDownWorklistFixpointSolver[CfgNode] -// with ForwardDependencies +type IRNode = IntraProcIRCursor.Node +//abstract class ilvalueanalysis( +// val prog: program, +// ) extends flowsensitiveanalysis(true) +// with ilvalueanalysismisc: +// +// override val lattice: maplattice[irnode, statelattice.type] +// +// override val domain : set[irnode] = prog.procedures.toset +// override def transfer(n: irnode, s: statelattice.element): statelattice.element = localtransfer(n, s) + +object IRSimpleValueAnalysis: + class Solver[+L <: LatticeWithOps](prog: Program, val valuelattice: L) extends FlowSensitiveAnalysis(true) + with IntraProcDependencies + with Dependencies[IRNode](true) + with ILValueAnalysisMisc + with SimplePushDownWorklistFixpointSolver[IRNode] + : + /* Worklist initial set */ + override val lattice: MapLattice[IRNode, statelattice.type] = MapLattice(statelattice) + + override val domain : Set[IRNode] = computeDomain(prog).toSet + def transfer(n: IRNode, s: statelattice.Element): statelattice.Element = localTransfer(n, s) //trait WorklistFixPointSolver[NodeType, L <: Lattice, +W <: Worklist[NodeType]]() { diff --git a/src/main/scala/analysis/Dependencies.scala b/src/main/scala/analysis/Dependencies.scala index 398f2262c..5aefdfcba 100644 --- a/src/main/scala/analysis/Dependencies.scala +++ b/src/main/scala/analysis/Dependencies.scala @@ -36,8 +36,12 @@ trait ForwardDependencies extends Dependencies[CfgNode]: +trait IntraProcDependencies extends Dependencies[IntraProcIRCursor.Node]: + override def outdep(n: IntraProcIRCursor.Node): Set[IntraProcIRCursor.Node] = IntraProcDependencies.outdep(n) + override def indep(n: IntraProcIRCursor.Node): Set[IntraProcIRCursor.Node] = IntraProcDependencies.indep(n) + /** Dependency methods for forward analyses. */ object IntraProcDependencies extends Dependencies[IntraProcIRCursor.Node](true): - override def outdep(n: IntraProcIRCursor.Node): Set[IntraProcIRCursor.Node] = IntraProcIRCursor.succ(n).toSet + override def outdep(n: IntraProcIRCursor.Node): Set[IntraProcIRCursor.Node] = IntraProcIRCursor.succ(n) override def indep(n: IntraProcIRCursor.Node): Set[IntraProcIRCursor.Node] = IntraProcIRCursor.pred(n) diff --git a/src/main/scala/analysis/UtilMethods.scala b/src/main/scala/analysis/UtilMethods.scala index d72acd22d..a09e2a436 100644 --- a/src/main/scala/analysis/UtilMethods.scala +++ b/src/main/scala/analysis/UtilMethods.scala @@ -25,7 +25,11 @@ def evaluateExpression(exp: Expr, constantPropResult: Map[Variable, ConstantProp case BVSUB => Some(BitVectorEval.smt_bvsub(l, r)) case BVASHR => Some(BitVectorEval.smt_bvashr(l, r)) case BVCOMP => Some(BitVectorEval.smt_bvcomp(l, r)) - case _ => throw new RuntimeException("Binary operation support not implemented: " + binOp.op) + case x => { + Logger.error("Binary operation support not implemented: " + binOp.op) + None + } + } case _ => None } diff --git a/src/main/scala/ir/Block.scala b/src/main/scala/ir/Block.scala index d8ebf6ed3..44f58e6a8 100644 --- a/src/main/scala/ir/Block.scala +++ b/src/main/scala/ir/Block.scala @@ -34,8 +34,8 @@ class Block private assert(j.parent == this) j match case g: GoTo => g.deParent() - case _ => () - + case c: Call => // TODO: maintain Procedure graph + _jumps.remove(j) } @@ -50,8 +50,11 @@ class Block private removeJump(j) addJump(newJ) } - case (g: Call, f: Call) => replaceJump(g,f) - case (_, _) => throw Exception("Programmer error: must replace with same type") + case (g: Call, f: Call) => { + removeJump(g) + addJump(f) + } + case (_, _) => throw Exception("Programmer error: can not replace jump with call or vice versa") } } diff --git a/src/main/scala/ir/IRCursor.scala b/src/main/scala/ir/IRCursor.scala index 052ccc605..1715c1773 100644 --- a/src/main/scala/ir/IRCursor.scala +++ b/src/main/scala/ir/IRCursor.scala @@ -1,4 +1,5 @@ package ir +import collection.mutable enum PositionType { case Before, After, On @@ -6,13 +7,14 @@ enum PositionType { // intra-procedural type ILPosition = Procedure | Block | Command -type CFGPosition = Procedure | Block | Command | ProcedureUnknownJump | ProcedureReturn +type CFGPosition = Procedure | Block | Command | ProcedureUnknownJump | ProcedureReturn | ProcedureExit // Interprocedural // position = (call string) + Position case class ProcedureUnknownJump(pos: CFGPosition) case class ProcedureReturn(procedure: Procedure, pos: CFGPosition) +case class ProcedureExit(procedure: Procedure) object IntraProcIRCursor { type Node = CFGPosition @@ -43,10 +45,11 @@ object IntraProcIRCursor { case None => Set(ProcedureUnknownJump(pos)) } } - case b: Block => Set[CFGPosition](b.statements.head()) - case proc: Procedure => Set(proc.blocks.head()) + case b: Block => if b.statements.isEmpty then Set(b.jumps.head) else Set[CFGPosition](b.statements.head()) + case proc: Procedure => if proc.blocks.isEmpty then Set(ProcedureExit(proc)) else Set(proc.blocks.head()) case _: ProcedureUnknownJump => Set() - case _: ProcedureReturn => Set() + case b: ProcedureReturn => Set(ProcedureExit(b.procedure)) + case e: ProcedureExit => Set() } } @@ -77,3 +80,18 @@ object IntraProcIRCursor { } +def computeDomain(prog: Program): mutable.Set[CFGPosition] = { + val domain : mutable.Set[CFGPosition] = mutable.Set.from(prog.procedures) + + var sizeBefore = 0 + var sizeAfter = domain.size + while (sizeBefore != sizeAfter) { + for (i <- domain) { + domain.addAll(IntraProcIRCursor.succ(i)) + } + sizeBefore = sizeAfter + sizeAfter = domain.size + } + domain +} + diff --git a/src/main/scala/util/RunUtils.scala b/src/main/scala/util/RunUtils.scala index cef5ad63f..e97e331cc 100644 --- a/src/main/scala/util/RunUtils.scala +++ b/src/main/scala/util/RunUtils.scala @@ -144,10 +144,28 @@ object RunUtils { val cfg = ProgramCfgFactory().fromIR(IRProgram) + val domain = computeDomain(IRProgram) + Logger.info("[!] Running Constant Propagation") val constPropSolver = ConstantPropagationAnalysis.WorklistSolver(cfg) val constPropResult: Map[CfgNode, Map[Variable, ConstantPropagationLattice.Element]] = constPropSolver.analyze() + val ilcpsolver = IRSimpleValueAnalysis.Solver(IRProgram, ConstantPropagationLattice) + val newCPResult: ilcpsolver.lattice.Element = ilcpsolver.analyze() + + val newRes = newCPResult.flatMap((x, y) => y.flatMap { + case (_, ilcpsolver.lattice.sublattice.sublattice.FlatElement.Top) => None + case (_, ilcpsolver.lattice.sublattice.sublattice.FlatElement.Bot) => None + case z => Some(z) + }) + val oldRes = constPropResult.flatMap((x, y) => y.flatMap { + case (_, constPropSolver.lattice.sublattice.sublattice.FlatElement.Top) => None + case (_, constPropSolver.lattice.sublattice.sublattice.FlatElement.Bot) => None + case z => Some(z) + }) + // newRes and oldRes should have value equality + + config.analysisDotPath.foreach(s => writeToFile(cfg.toDot(Output.labeler(constPropResult, constPropSolver.stateAfterNode), Output.dotIder), s"${s}_constprop$iteration.dot")) config.analysisResultsPath.foreach(s => writeToFile(printAnalysisResults(cfg, constPropResult, iteration), s"${s}_constprop$iteration.txt")) From cd355dde8c796e92f1271cfca3d7119ee46f952e Mon Sep 17 00:00:00 2001 From: Alistair Michael Date: Fri, 10 Nov 2023 15:06:33 +1000 Subject: [PATCH 12/42] cleanup --- .../scala/analysis/BasicIRConstProp.scala | 36 -------------- src/main/scala/ir/Block.scala | 7 +-- src/main/scala/ir/IRCursor.scala | 49 +++++++++---------- src/main/scala/ir/Statement.scala | 14 ++++-- 4 files changed, 35 insertions(+), 71 deletions(-) diff --git a/src/main/scala/analysis/BasicIRConstProp.scala b/src/main/scala/analysis/BasicIRConstProp.scala index 18e84ebdd..d87458c21 100644 --- a/src/main/scala/analysis/BasicIRConstProp.scala +++ b/src/main/scala/analysis/BasicIRConstProp.scala @@ -3,7 +3,6 @@ import ir.* import analysis.solvers.* - trait ILValueAnalysisMisc: val valuelattice: LatticeWithOps val statelattice: MapLattice[Variable, valuelattice.type] = new MapLattice(valuelattice) @@ -63,7 +62,6 @@ trait ILValueAnalysisMisc: case _ => valuelattice.top - /** Transfer function for state lattice elements. */ def localTransfer(n: IntraProcIRCursor.Node, s: statelattice.Element): statelattice.Element = @@ -75,16 +73,6 @@ trait ILValueAnalysisMisc: type IRNode = IntraProcIRCursor.Node -//abstract class ilvalueanalysis( -// val prog: program, -// ) extends flowsensitiveanalysis(true) -// with ilvalueanalysismisc: -// -// override val lattice: maplattice[irnode, statelattice.type] -// -// override val domain : set[irnode] = prog.procedures.toset -// override def transfer(n: irnode, s: statelattice.element): statelattice.element = localtransfer(n, s) - object IRSimpleValueAnalysis: class Solver[+L <: LatticeWithOps](prog: Program, val valuelattice: L) extends FlowSensitiveAnalysis(true) with IntraProcDependencies @@ -97,27 +85,3 @@ object IRSimpleValueAnalysis: override val domain : Set[IRNode] = computeDomain(prog).toSet def transfer(n: IRNode, s: statelattice.Element): statelattice.Element = localTransfer(n, s) - - -//trait WorklistFixPointSolver[NodeType, L <: Lattice, +W <: Worklist[NodeType]]() { -// val worklist: W -// val lattice: MapLattice[NodeType, L] -// val dependencies: Dependencies[NodeType] -// -// def transfer(n: NodeType, s: lattice.sublattice.Element): lattice.sublattice.Element -// -// def funsub(n: NodeType, x: lattice.Element): lattice.sublattice.Element = -// transfer(n, join(n, x)) -// -// -// def join(n: NodeType, o: lattice.Element): lattice.sublattice.Element = -// val states = dependencies.indep(n).map(o(_)) -// states.foldLeft(lattice.sublattice.bottom)((acc, pred) => lattice.sublattice.lub(acc, pred)) -//} -// -//object constprop extends WorklistFixPointSolver[IntraProcIRCursor.Node, ConstantPropagationLattice, ListSetWorklist[IntraProcIRCursor.Node]] { -// -// -//} - - diff --git a/src/main/scala/ir/Block.scala b/src/main/scala/ir/Block.scala index 44f58e6a8..cd5816490 100644 --- a/src/main/scala/ir/Block.scala +++ b/src/main/scala/ir/Block.scala @@ -32,15 +32,12 @@ class Block private def removeJump(j: Jump) : Unit = { assert(j.parent == this) - j match - case g: GoTo => g.deParent() - case c: Call => // TODO: maintain Procedure graph - + j.deParent() _jumps.remove(j) } def replaceJump(j: Jump, newJ: Jump) : Unit = { - assert((j.parent == this) && (newJ.parent == this)) + assert((j.parent == this)) if (j eq newJ) { // GoTo/Call is responsible for maintaining the CFG if it is modified in-place return diff --git a/src/main/scala/ir/IRCursor.scala b/src/main/scala/ir/IRCursor.scala index 1715c1773..8a12be22b 100644 --- a/src/main/scala/ir/IRCursor.scala +++ b/src/main/scala/ir/IRCursor.scala @@ -1,20 +1,27 @@ package ir import collection.mutable -enum PositionType { - case Before, After, On -} +/* + * Defines a position in the IL / CFG; this becomes the lhs of the state map lattice in a static analysis. + */ +type CFGPosition = Procedure | Block | Command | ProcedureUnknownJump | ProcedureExit -// intra-procedural -type ILPosition = Procedure | Block | Command -type CFGPosition = Procedure | Block | Command | ProcedureUnknownJump | ProcedureReturn | ProcedureExit // Interprocedural // position = (call string) + Position -case class ProcedureUnknownJump(pos: CFGPosition) -case class ProcedureReturn(procedure: Procedure, pos: CFGPosition) -case class ProcedureExit(procedure: Procedure) + +/* + An additional CFG node which implicitly follows the node at `pos` + A call to an unknown procedure without a return to here + */ +case class ProcedureUnknownJump(fromProcedure: Procedure, pos: CFGPosition) + +/* + * An additional CFG node which implicitly follows the node at `pos` + * The exit from a procedure from pos (the last command/jump in the procedure). + */ +case class ProcedureExit(fromProcedure: Procedure, pos: CFGPosition) object IntraProcIRCursor { type Node = CFGPosition @@ -34,21 +41,20 @@ object IntraProcIRCursor { case n: NonDetGoTo => n.targets.toSet case c: DirectCall => c.returnTarget match case Some(b) => Set(b) - case None => Set(ProcedureUnknownJump(c)) + case None => Set(ProcedureUnknownJump(c.parent.parent, c)) case i: IndirectCall => i match case IndirectCall(v, parent, ret, label) => if (v.name == "R30") { - Set(ProcedureReturn(parent.parent, pos)) + Set(ProcedureExit(parent.parent, pos)) } else { ret match case Some(block) => Set(block) - case None => Set(ProcedureUnknownJump(pos)) + case None => Set(ProcedureUnknownJump(i.parent.parent, pos)) } } case b: Block => if b.statements.isEmpty then Set(b.jumps.head) else Set[CFGPosition](b.statements.head()) - case proc: Procedure => if proc.blocks.isEmpty then Set(ProcedureExit(proc)) else Set(proc.blocks.head()) - case _: ProcedureUnknownJump => Set() - case b: ProcedureReturn => Set(ProcedureExit(b.procedure)) + case proc: Procedure => if proc.blocks.isEmpty then Set(ProcedureExit(proc, proc)) else Set(proc.blocks.head()) + case j: ProcedureUnknownJump => Set(ProcedureExit(j.fromProcedure, j)) case e: ProcedureExit => Set() } } @@ -63,20 +69,11 @@ object IntraProcIRCursor { } case j: Jump => if j.parent.statements.isEmpty then Set(j.parent) else Set(j.parent.statements.last) case b: Block => b.predecessors.asInstanceOf[Set[CFGPosition]] - case proc: Procedure => Set() + case proc: Procedure => Set() // intraproc case r: ProcedureUnknownJump => Set(r.pos) - case r: ProcedureReturn => Set(r.pos) + case r: ProcedureExit => Set(r.pos) } } - - - //def succ() : Seq(IRCursor) = { - // position match { - // case p: Procedure => Seq(IRCursor(p.blocks.head)) - // case b: Block => Seq(IRCursor(b.statements.head)) - // case s: Statement => Seq(s.parent.statements.ne()) - - // } } diff --git a/src/main/scala/ir/Statement.scala b/src/main/scala/ir/Statement.scala index 2440dd9a9..fe2a64582 100644 --- a/src/main/scala/ir/Statement.scala +++ b/src/main/scala/ir/Statement.scala @@ -71,13 +71,13 @@ sealed trait Jump extends Command, IntrusiveListElement { //def locals: Set[Variable] = Set() def calls: Set[Procedure] = Set() def acceptVisit(visitor: Visitor): Jump = throw new Exception("visitor " + visitor + " unimplemented for: " + this) + + /* Remove backwards control flow records from IL */ + def deParent(): Unit } -sealed trait GoTo extends Jump { - /* ONLY remove backwards control flow edge */ - def deParent() : Unit -} +sealed trait GoTo extends Jump sealed class DetGoTo (private var _target: Block, var parent: Block, var condition: Option[Expr], override val label: Option[String] = None) extends GoTo { _target.incomingJumps.add(parent) @@ -156,6 +156,10 @@ class DirectCall(val target: Procedure, var returnTarget: Option[Block], var par override def calls: Set[Procedure] = Set(target) override def toString: String = s"${labelStr}DirectCall(${target.name}, ${returnTarget.map(_.label)})" override def acceptVisit(visitor: Visitor): Jump = visitor.visitDirectCall(this) + + override def deParent(): Unit = { + target.removeCaller(this) + } } object DirectCall: @@ -168,6 +172,8 @@ class IndirectCall(var target: Variable, var parent: Block, var returnTarget: Op } */ override def toString: String = s"${labelStr}IndirectCall($target, ${returnTarget.map(_.label)})" override def acceptVisit(visitor: Visitor): Jump = visitor.visitIndirectCall(this) + + override def deParent(): Unit = {} } object IndirectCall: From 51ed5766cd79ad236d23213986d1df7a6bfa094a Mon Sep 17 00:00:00 2001 From: Alistair Michael Date: Fri, 10 Nov 2023 16:26:51 +1000 Subject: [PATCH 13/42] explanation --- docs/il-cfg.md | 133 +++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 133 insertions(+) create mode 100644 docs/il-cfg.md diff --git a/docs/il-cfg.md b/docs/il-cfg.md new file mode 100644 index 000000000..91e1172d7 --- /dev/null +++ b/docs/il-cfg.md @@ -0,0 +1,133 @@ +CFG Iterator Implementation +=========================== + +This file explains the in-place CFG representation on top of the IL. + +Motivations +----------- + +We want a unified IL and CFG representation to avoid the problem of keeping two datastructures in sync, +and to essentially avoid the problem of defining the correspondence between the static analysis state domain, and +the IL in order to apply a transformation to the IL using the CFG results. + +It also reduces the number of places refactors need to be applied, and reduces memory overhead for static analyses +(hopefully). + + +Interpreting the CFG from the IL +-------------------------------- + +The IL has two structural interpretations: + +1. Its syntax tree; expressions have sub expressions and so on. + - This can be traversed using Visitors + - The traversal order is defined by the order of terms in the language with a depth-first traversal of sub-terms. +2. Its control flow graph; this is part of the language's semantics, and is inferred from the Jump and Call statements. + - This is traversed using the control flow iterator, or by constructing the separate Tip-style CFG and traversing that. + From here on we describe the 'control-flow iterator'. + - The traversal order is defined by the `Dependency` structure and `Worklist` solvers and the predecessor/successor + relation between pairs of nodes + +We need to derive the predecessor/successor relation on CFG nodes IL . + +1. CFG positions are defined as + - The entry to a procedure + - An exit from a procedure + - The beginning of a block within a procedure + - A statement command within a block + - A jump or call command within a block + +For example we define the language as horn clauses; + +First we have basic blocks belonging to a procedure. + + Procedure(id) + Block(id, procedure) + +A list of sequential statements belonging to a block + + Statement(id, block, index) + +A list of jumps (either Calls or GoTos) belonging to a block, which occur after the statements. GoTos form the +intraprocedural edges, and Calls form the interprocedural edges. + + GoTo(id, block, index, destinationBlock) + Call(id, block, index, destination) + +The CFG extends this language with the following nodes: + + ProcedureExit(id, procedure, fromJump) + CallReturn(id, fromCall) + +A statement and jump is both considered a command. All IL terms, commands, blocks, and procedures, have a unique +identifier. + + Jump(id, block) :- GoTo(id, block, _) + Jump(id, block) :- Call(id, block, _) + Command(id) :- Statement(id, _, _) + Command(id) :- Jump(id, _) + +The predecessor/successor relation is defined as a function of the CFG node. + + pred(i, j) :- succ(j, i) + + succ(block, statement) :- Statement(statement, block, 0) + succ(statement1, statement2) :- Statement(statement1, block, i), Statement(statement2, block, i + 1) + succ(statement, goto) :- Statement(block, _last), Jump(block, goto), _last = max i forall Statement(block, i) + + succ(goto, block) :- GoTo(goto, _, _, block) + + // We always insert nodes for calls to return to + CallReturn(i, call) :- Call(call, _, _, _) + succ(call, callreturn) :- CallReturn(callreturn, call), Procedure(call) + + // a 'return' from the procedure is an indirect call to register R30 + succ(call, exit) :- Call(call, block, _, "R30"), ProcedureExit(exit, procedure, call), Block(block, procedure) + +For an interprocedural CFG we also have: + + succ(call, procedure) :- Call(call, _, _, procedure) + succ(exit, returnNode) :- ProcedureExit(exit, procedure, call), CallReturn(returnNode, call) + +Implementation +-------------- + +We want it to be possible to define `succ(term, _)` and `pred(term, _)` for any given term in the IL in `O(1)`. +Successors are easily derived but predecessors are not stored with their successors. Furthermore `ProcedureExit`, +and `CallReturn` are not inherently present in the IL. + +In code we have a set of Calls, and Gotos present in the IL; these form the edges. Then all vertices in the CFG +store a list of references to their set of incoming and outgoing edges. Specifically this means + + Statement: + - reference to parent block + - procedure to find the next or previous statement in the block + + Block + - reference to parent procedure + - list of incoming GoTos + - list of Jumps + - Outgoing Calls + - Outgoing GoTos + + Procedure + - list of incoming Calls + - subroutine to compute the set of all outgoing calls in all contained blocks + +To maintain this superimposed graph it is neccessary to make the actual call lists private, and only allow +modification of through interfaces which maintain the graph. + +Maintenence of the graph is the responsibility of the Block class: adding or removing jumps must ensure the edge + references are maintained. + +Jumps: +- Must implement an interface to allow adding or removing edge references (references to themself) to and from their + target + +Blocks and Procedures: +- Implement an interface for adding and removing edge references + + +Furthermore; +- Reparenting Blocks and Commands in the IL must preserve the parent field, this is not really implemented yet + From 1ee3c3f559bc08c922868f58c00ad18a091837c7 Mon Sep 17 00:00:00 2001 From: Alistair Michael Date: Fri, 10 Nov 2023 16:40:04 +1000 Subject: [PATCH 14/42] minor edit --- docs/il-cfg.md | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/docs/il-cfg.md b/docs/il-cfg.md index 91e1172d7..cbc637601 100644 --- a/docs/il-cfg.md +++ b/docs/il-cfg.md @@ -49,7 +49,7 @@ A list of sequential statements belonging to a block Statement(id, block, index) A list of jumps (either Calls or GoTos) belonging to a block, which occur after the statements. GoTos form the -intraprocedural edges, and Calls form the interprocedural edges. +intra-procedural edges, and Calls form the inter-procedural edges. GoTo(id, block, index, destinationBlock) Call(id, block, index, destination) @@ -97,7 +97,10 @@ Successors are easily derived but predecessors are not stored with their success and `CallReturn` are not inherently present in the IL. In code we have a set of Calls, and Gotos present in the IL; these form the edges. Then all vertices in the CFG -store a list of references to their set of incoming and outgoing edges. Specifically this means +store a list of references to their set of incoming and outgoing edges. In a sense the 'id's in the formulation above +become the JVM object IDs. + +Specifically this means we store Statement: - reference to parent block @@ -106,7 +109,7 @@ store a list of references to their set of incoming and outgoing edges. Specific Block - reference to parent procedure - list of incoming GoTos - - list of Jumps + - list of Jumps including - Outgoing Calls - Outgoing GoTos @@ -114,10 +117,10 @@ store a list of references to their set of incoming and outgoing edges. Specific - list of incoming Calls - subroutine to compute the set of all outgoing calls in all contained blocks -To maintain this superimposed graph it is neccessary to make the actual call lists private, and only allow +To maintain this superimposed graph it is necessary to make the actual call lists private, and only allow modification of through interfaces which maintain the graph. -Maintenence of the graph is the responsibility of the Block class: adding or removing jumps must ensure the edge +Maintenance of the graph is the responsibility of the Block class: adding or removing jumps must ensure the edge references are maintained. Jumps: @@ -127,7 +130,5 @@ Jumps: Blocks and Procedures: - Implement an interface for adding and removing edge references - Furthermore; - Reparenting Blocks and Commands in the IL must preserve the parent field, this is not really implemented yet - From b7d9a47d40f81e938d2f66e44ad543da34bc58a5 Mon Sep 17 00:00:00 2001 From: Alistair Michael Date: Fri, 10 Nov 2023 17:20:11 +1000 Subject: [PATCH 15/42] edit --- docs/il-cfg.md | 47 +++++++++++++++++++++++++++++------------------ 1 file changed, 29 insertions(+), 18 deletions(-) diff --git a/docs/il-cfg.md b/docs/il-cfg.md index cbc637601..40fecea96 100644 --- a/docs/il-cfg.md +++ b/docs/il-cfg.md @@ -37,7 +37,8 @@ We need to derive the predecessor/successor relation on CFG nodes IL . - A statement command within a block - A jump or call command within a block -For example we define the language as horn clauses; +For example we define the language as statements for horn clauses. (`A :- B` means B produces A, with `,` indicating +conjunction and `;` indicating disjunction) First we have basic blocks belonging to a procedure. @@ -52,22 +53,23 @@ A list of jumps (either Calls or GoTos) belonging to a block, which occur after intra-procedural edges, and Calls form the inter-procedural edges. GoTo(id, block, index, destinationBlock) - Call(id, block, index, destination) + Call(id, block, index, destinationProcedure) + Jump(id, block) :- GoTo(id, block, _) ; Call(id, block, _) + +Statements and Jumps are both considered commands. All IL terms, commands, blocks, and procedures, have a unique +identifier. All of the above are considered IL terms. + + Command(id) :- Statement(id, _, _) ; Jump(id, _) + ILTerm(id) :- Procedure(id); Block(id, _); Command(id) The CFG extends this language with the following nodes: - ProcedureExit(id, procedure, fromJump) + ProcedureExit(id, fromProcedure, fromJump) CallReturn(id, fromCall) -A statement and jump is both considered a command. All IL terms, commands, blocks, and procedures, have a unique -identifier. + CFGNode(id) :- ProcedureExit(id,_,_) ; CallReturn(id,_) ; ILTerm(id) - Jump(id, block) :- GoTo(id, block, _) - Jump(id, block) :- Call(id, block, _) - Command(id) :- Statement(id, _, _) - Command(id) :- Jump(id, _) - -The predecessor/successor relation is defined as a function of the CFG node. +The predecessor/successor relates CFGNodes to CFGNodes, and is simply defined in terms of the nodes pred(i, j) :- succ(j, i) @@ -75,7 +77,7 @@ The predecessor/successor relation is defined as a function of the CFG node. succ(statement1, statement2) :- Statement(statement1, block, i), Statement(statement2, block, i + 1) succ(statement, goto) :- Statement(block, _last), Jump(block, goto), _last = max i forall Statement(block, i) - succ(goto, block) :- GoTo(goto, _, _, block) + succ(goto, targetBlock) :- GoTo(goto, _, _, targetBlock) // We always insert nodes for calls to return to CallReturn(i, call) :- Call(call, _, _, _) @@ -84,11 +86,15 @@ The predecessor/successor relation is defined as a function of the CFG node. // a 'return' from the procedure is an indirect call to register R30 succ(call, exit) :- Call(call, block, _, "R30"), ProcedureExit(exit, procedure, call), Block(block, procedure) -For an interprocedural CFG we also have: +For an inter-procedural CFG we also have: - succ(call, procedure) :- Call(call, _, _, procedure) + succ(call, targetProcedure) :- Call(call, _, _, targetProcedure) succ(exit, returnNode) :- ProcedureExit(exit, procedure, call), CallReturn(returnNode, call) +So a sequential application of `succ` might look like + + ProcedureA -> {Block0} -> {Statement1} -> {Statement2} -> {Jump0, Jump1} -> {Block1} | {Block2} -> ... + Implementation -------------- @@ -96,15 +102,20 @@ We want it to be possible to define `succ(term, _)` and `pred(term, _)` for any Successors are easily derived but predecessors are not stored with their successors. Furthermore `ProcedureExit`, and `CallReturn` are not inherently present in the IL. -In code we have a set of Calls, and Gotos present in the IL; these form the edges. Then all vertices in the CFG -store a list of references to their set of incoming and outgoing edges. In a sense the 'id's in the formulation above -become the JVM object IDs. +In code we have a set of Calls, and Gotos present in the IL: these define the edges from themselves to their target. + +Then all vertices in the CFG---that is all Commands, Blocks, and Procedures in the IL---store a list of references to +their set of incoming and outgoing edges. In a sense the 'id's in the formulation above become the JVM object IDs. + +For Blocks and Procedures this means a `Set` of call statements. For Commands this means they are +stored in their block in an intrusive linked list. Specifically this means we store - Statement: + Command: - reference to parent block - procedure to find the next or previous statement in the block + - IntrusiveListElement trait inserts a next() and previous() method forming the linked list Block - reference to parent procedure From a6af61e788fca5c9aa9dd577964e3d3f8917da97 Mon Sep 17 00:00:00 2001 From: Alistair Michael Date: Mon, 13 Nov 2023 13:17:27 +1000 Subject: [PATCH 16/42] output il cfg --- src/main/scala/cfg_visualiser/DotTools.scala | 1 + src/main/scala/ir/IRCursor.scala | 53 ++++++++++ src/main/scala/util/RunUtils.scala | 100 ++++++++++++++++++- 3 files changed, 153 insertions(+), 1 deletion(-) diff --git a/src/main/scala/cfg_visualiser/DotTools.scala b/src/main/scala/cfg_visualiser/DotTools.scala index d50897b44..de6b7a570 100644 --- a/src/main/scala/cfg_visualiser/DotTools.scala +++ b/src/main/scala/cfg_visualiser/DotTools.scala @@ -12,6 +12,7 @@ object IDGenerator { } def wrap(input: String, width: Integer = 20): String = + return input if (input.length() <= width) { input } else { diff --git a/src/main/scala/ir/IRCursor.scala b/src/main/scala/ir/IRCursor.scala index 8a12be22b..8fd69b326 100644 --- a/src/main/scala/ir/IRCursor.scala +++ b/src/main/scala/ir/IRCursor.scala @@ -1,4 +1,7 @@ package ir +import cfg_visualiser.DotElement +import cfg_visualiser.{DotArrow, DotGraph, DotInlineArrow, DotInterArrow, DotIntraArrow, DotNode, DotRegularArrow} + import collection.mutable /* @@ -92,3 +95,53 @@ def computeDomain(prog: Program): mutable.Set[CFGPosition] = { domain } + +def toDot(prog: Program, labels: Map[CFGPosition, String] = Map.empty) : String = { + val visited : mutable.Set[CFGPosition] = mutable.Set.from(prog.procedures) + var labelcounter = 0 + + def label(l: Option[String]) = { + l match { + case Some(s) => s + case None => + labelcounter += 1 + s"node$labelcounter" + } + } + + val dotNodes = mutable.Map[CFGPosition, DotNode]() + var dotArrows = mutable.ListBuffer[DotArrow]() + + val domain = computeDomain(prog) + + def nodeText(node: CFGPosition): String = { + var text = node match { + case s: Block => f"[Block] ${s.label}" + case s => s.toString + } + if (labels.contains(node)) { + text += "\n" ++ labels(node) + } + text + } + + for (node <- domain) { + node match + case s: Command => dotNodes.addOne(s -> DotNode(label(s.label), nodeText(s))) + case s: Block => dotNodes.addOne(s -> DotNode(label(None), nodeText(s))) + case s => dotNodes.addOne(s -> DotNode(label(None), nodeText(s))) + } + + for (node <- domain) { + node match { + case s : Call => + IntraProcIRCursor.succ(s).foreach(n => dotArrows.addOne(DotInterArrow(dotNodes(s), dotNodes(n)))) + case s => + IntraProcIRCursor.succ(s).foreach(n => dotArrows.addOne(DotIntraArrow(dotNodes(s), dotNodes(n)))) + case _ => () + } + } + + val allNodes = dotNodes.values.toList.sortBy(n => n.id) + new DotGraph("CursorCFG", allNodes, dotArrows).toDotString +} \ No newline at end of file diff --git a/src/main/scala/util/RunUtils.scala b/src/main/scala/util/RunUtils.scala index e97e331cc..bd361e312 100644 --- a/src/main/scala/util/RunUtils.scala +++ b/src/main/scala/util/RunUtils.scala @@ -163,10 +163,21 @@ object RunUtils { case (_, constPropSolver.lattice.sublattice.sublattice.FlatElement.Bot) => None case z => Some(z) }) + val both = newRes.toSet.intersect(oldRes.toSet) + val notnew = (newRes.toSet).filter(x => !both.contains(x)) + val notOld = (oldRes.toSet).filter(x => !both.contains(x)) // newRes and oldRes should have value equality + config.analysisResultsPath.foreach(s => writeToFile(printAnalysisResults(IRProgram, newCPResult, iteration), s"${s}_newconstprop$iteration.txt")) + + config.analysisResultsPath.foreach(s => writeToFile(toDot(IRProgram), s"program.dot")) + config.analysisResultsPath.foreach(s => writeToFile(toDot(IRProgram, newCPResult.map((k,v) => (k, v.toString))), s"program-constprop.dot")) + config.analysisDotPath.foreach(s => writeToFile(cfg.toDot(Output.labeler(constPropResult, constPropSolver.stateAfterNode), Output.dotIder), s"${s}_constprop$iteration.dot")) + + config.analysisDotPath.foreach(s => writeToFile(cfg.toDot(Output.labeler(constPropResult, constPropSolver.stateAfterNode), Output.dotIder), s"${s}_constprop$iteration.dot")) + config.analysisResultsPath.foreach(s => writeToFile(printAnalysisResults(cfg, constPropResult, iteration), s"${s}_constprop$iteration.txt")) Logger.info("[!] Running MRA") @@ -206,7 +217,94 @@ object RunUtils { newIR } - def printAnalysisResults(cfg: ProgramCfg, result: Map[CfgNode, _], iteration: Int): String = { + def printAnalysisResults(cfg: Program, result: Map[IntraProcIRCursor.Node, _], iteration: Int): String = { + val functionEntries = cfg.procedures + val s = StringBuilder() + s.append(System.lineSeparator()) + for (f <- functionEntries) { + val stack: mutable.Stack[IntraProcIRCursor.Node] = mutable.Stack() + val visited: mutable.Set[IntraProcIRCursor.Node] = mutable.Set() + stack.push(f) + var previousBlock: String = "" + var isEntryNode = false + while (stack.nonEmpty) { + val next = stack.pop() + if (!visited.contains(next)) { + visited.add(next) + next.match { + case c: Block => printBlock(c) + case c: Call => s.append(System.lineSeparator()) + isEntryNode = false + printNode(c) + case c: Command => + //if (c.parent.label != previousBlock) { + // printBlock(c.parent) + //} + printNode(c) + previousBlock = c.parent.label + isEntryNode = false + case c: Procedure => + printNode(c) + isEntryNode = true + case _ => isEntryNode = false + } + val successors = IntraProcIRCursor.succ(next) + if (successors.size > 1) { + val successorsCmd = successors.collect { case c: Command => c }.toSeq.sortBy(_.label) + printGoTo(successorsCmd) + for (s <- successorsCmd) { + if (!visited.contains(s)) { + stack.push(s) + } + } + } else if (successors.size == 1) { + val successor = successors.head + if (!visited.contains(successor)) { + stack.push(successor) + } + successor.match { + case c: Command if (c.parent.label != previousBlock) && (!isEntryNode) => printGoTo(Seq(c)) + case _ => + } + } + } + } + s.append(System.lineSeparator()) + } + + def printNode(node: IntraProcIRCursor.Node): Unit = { + node match { + case _: Statement => s.append("[Stmt] ") + case _: Procedure => s.append("[FunctionEntry] ") + case _: Call => s.append("[Jmp] ") + case _ => () + } + + s.append(node) + s.append(" :: ") + s.append(result(node)) + s.append(System.lineSeparator()) + } + + def printGoTo(nodes: Seq[Command]): Unit = { + s.append("[GoTo] ") + s.append(nodes.map(_.label).mkString(", ")) + s.append(System.lineSeparator()) + s.append(System.lineSeparator()) + } + + def printBlock(node: Block): Unit = { + s.append("[Block] ") + s.append(node.label) + s.append(System.lineSeparator()) + } + + + s.toString() + } + + + def printAnalysisResults(cfg: ProgramCfg, result: Map[CfgNode, _], iteration: Int): String = { val functionEntries = cfg.nodes.collect { case n: CfgFunctionEntryNode => n }.toSeq.sortBy(_.data.name) val s = StringBuilder() s.append(System.lineSeparator()) From 0dee8b98bfc9b34925b2e369799e831c22499b40 Mon Sep 17 00:00:00 2001 From: Alistair Michael Date: Tue, 21 Nov 2023 17:25:13 +1000 Subject: [PATCH 17/42] undo split up block and procedure --- src/main/scala/ir/Block.scala | 77 ------------- src/main/scala/ir/Procedure.scala | 92 ---------------- src/main/scala/ir/Program.scala | 173 +++++++++++++++++++++++++++++- 3 files changed, 172 insertions(+), 170 deletions(-) diff --git a/src/main/scala/ir/Block.scala b/src/main/scala/ir/Block.scala index cd5816490..075aa16b9 100644 --- a/src/main/scala/ir/Block.scala +++ b/src/main/scala/ir/Block.scala @@ -7,80 +7,3 @@ import intrusiveList.IntrusiveListElement import scala.collection.mutable.ArrayBuffer -class Block private - (var label: String, - var address: Option[Int], - val statements: IntrusiveList[Statement], - // invariant: all Goto targets are disjoint - private val _jumps: IntrusiveList[Jump], - //private val _calls: IntrusiveList[Call], - val incomingJumps: mutable.HashSet[Block], - val parent: Procedure - ) extends IntrusiveListElement { - def this(label: String, address: Option[Int], statements: IterableOnce[Statement], jumps: IterableOnce[Jump], parent: Procedure) = { - this(label, address, IntrusiveList.from(statements), IntrusiveList.from(jumps), mutable.HashSet.empty, parent) - } - - def jumps: immutable.List[Jump] = _jumps to immutable.List - - def addJump(j: Jump): Unit = { - j.parent = this - _jumps.append(j) - } - - def predecessors: immutable.Set[Block] = incomingJumps to immutable.Set - - def removeJump(j: Jump) : Unit = { - assert(j.parent == this) - j.deParent() - _jumps.remove(j) - } - - def replaceJump(j: Jump, newJ: Jump) : Unit = { - assert((j.parent == this)) - if (j eq newJ) { - // GoTo/Call is responsible for maintaining the CFG if it is modified in-place - return - } - (j, newJ) match { - case (g: GoTo, f: GoTo) => { - removeJump(j) - addJump(newJ) - } - case (g: Call, f: Call) => { - removeJump(g) - addJump(f) - } - case (_, _) => throw Exception("Programmer error: can not replace jump with call or vice versa") - } - } - - //def addStatementAfter(statement: Statement, newStatement: Statement): Statement = { - // val i = statements.indexOf(statement) - // statements.insert(i, newStatement) - //} - - - def calls: Set[Procedure] = _jumps.flatMap(_.calls).toSet - - def modifies: Set[Global] = statements.flatMap(_.modifies).toSet - //def locals: Set[Variable] = statements.flatMap(_.locals).toSet ++ jumps.flatMap(_.locals).toSet - - def calledBy: Set[Block] = { - Set.empty - } - - override def toString: String = { - // display all statements and jumps - val statementsString = statements.map(_.toString).mkString("\n") - val jumpsString = jumps.map(_.toString).mkString("\n") - s"Block $label with $statementsString\n$jumpsString" - } - - override def equals(obj: scala.Any): Boolean = - obj match - case b: Block => b.label == this.label - case _ => false - - override def hashCode(): Int = label.hashCode() -} diff --git a/src/main/scala/ir/Procedure.scala b/src/main/scala/ir/Procedure.scala index 9919a5aa6..90d967308 100644 --- a/src/main/scala/ir/Procedure.scala +++ b/src/main/scala/ir/Procedure.scala @@ -5,95 +5,3 @@ import boogie.{BParam, BVariable, BitVecBType, BoolBType} import scala.collection.mutable import scala.collection.mutable.ArrayBuffer import intrusiveList.IntrusiveList - -class Procedure ( - var name: String, - var address: Option[Int], - var blocks: IntrusiveList[Block], - var in: ArrayBuffer[Parameter], - var out: ArrayBuffer[Parameter] - ) { - - - private var _callers = new mutable.HashMap[Procedure, mutable.Set[Call]] with mutable.MultiMap[Procedure, Call] - - def calls: Set[Procedure] = blocks.flatMap(_.calls).toSet - override def toString: String = { - s"Procedure $name at ${address.getOrElse("None")} with ${blocks.size} blocks and ${in.size} in and ${out.size} out parameters" - } - - def removeCaller(c: Call): Unit = { - _callers.removeBinding(c.parent.parent, c) - } - - def addCaller(c: Call): Unit = { - _callers.addBinding(c.parent.parent, c) - } - - def callers(): Iterable[Procedure] = _callers.keySet - - var modifies: mutable.Set[Global] = mutable.Set() - - - def stackIdentification(): Unit = { - val stackPointer = Register("R31", BitVecType(64)) - val stackRefs: mutable.Set[Variable] = mutable.Set(stackPointer) - val visitedBlocks: mutable.Set[Block] = mutable.Set() - val stackMemory = Memory("stack", 64, 8) - val firstBlock = blocks.headOption - firstBlock.foreach(visitBlock) - - // does not handle loops but we do not currently support loops in block CFG so this should do for now anyway - def visitBlock(b: Block): Unit = { - if (visitedBlocks.contains(b)) { - return - } - for (s <- b.statements) { - s match { - case l: LocalAssign => - // replace mem with stack in loads if index contains stack references - val loads = l.rhs.loads - for (load <- loads) { - val loadStackRefs = load.index.variables.intersect(stackRefs) - if (loadStackRefs.nonEmpty) { - load.mem = stackMemory - } - } - - // update stack references - val variableVisitor = VariablesWithoutStoresLoads() - variableVisitor.visitExpr(l.rhs) - - val rhsStackRefs = variableVisitor.variables.toSet.intersect(stackRefs) - if (rhsStackRefs.nonEmpty) { - stackRefs.add(l.lhs) - } else if (stackRefs.contains(l.lhs) && l.lhs != stackPointer) { - stackRefs.remove(l.lhs) - } - case m: MemoryAssign => - // replace mem with stack if index contains stack reference - val indexStackRefs = m.rhs.index.variables.intersect(stackRefs) - if (indexStackRefs.nonEmpty) { - m.lhs = stackMemory - m.rhs.mem = stackMemory - } - case _ => - } - } - visitedBlocks.add(b) - for (j <- b.jumps) { - j match { - case g: DetGoTo => visitBlock(g.target) - case d: DirectCall => d.returnTarget.foreach(visitBlock) - case i: IndirectCall => i.returnTarget.foreach(visitBlock) - case n: NonDetGoTo => n.targets.foreach(visitBlock) - } - } - } - } - -} -class Parameter(var name: String, var size: Int, var value: Register) { - def toBoogie: BVariable = BParam(name, BitVecBType(size)) - def toGamma: BVariable = BParam(s"Gamma_$name", BoolBType) -} diff --git a/src/main/scala/ir/Program.scala b/src/main/scala/ir/Program.scala index 8fa0c5250..daa07eed4 100644 --- a/src/main/scala/ir/Program.scala +++ b/src/main/scala/ir/Program.scala @@ -1,9 +1,10 @@ package ir import scala.collection.mutable.ArrayBuffer -import scala.collection.mutable +import scala.collection.{immutable, mutable} import boogie.* import analysis.BitVectorEval +import intrusiveList.{IntrusiveList, IntrusiveListElement} class Program(var procedures: ArrayBuffer[Procedure], var mainProcedure: Procedure, var initialMemory: ArrayBuffer[MemorySection], @@ -113,6 +114,176 @@ class Program(var procedures: ArrayBuffer[Procedure], var mainProcedure: Procedu } +class Procedure ( + var name: String, + var address: Option[Int], + var blocks: IntrusiveList[Block], + var in: ArrayBuffer[Parameter], + var out: ArrayBuffer[Parameter] + ) { + + + private var _callers = new mutable.HashMap[Procedure, mutable.Set[Call]] with mutable.MultiMap[Procedure, Call] + + def calls: Set[Procedure] = blocks.flatMap(_.calls).toSet + override def toString: String = { + s"Procedure $name at ${address.getOrElse("None")} with ${blocks.size} blocks and ${in.size} in and ${out.size} out parameters" + } + + def removeCaller(c: Call): Unit = { + _callers.removeBinding(c.parent.parent, c) + } + + def addCaller(c: Call): Unit = { + _callers.addBinding(c.parent.parent, c) + } + + def callers(): Iterable[Procedure] = _callers.keySet + + var modifies: mutable.Set[Global] = mutable.Set() + + + def stackIdentification(): Unit = { + val stackPointer = Register("R31", BitVecType(64)) + val stackRefs: mutable.Set[Variable] = mutable.Set(stackPointer) + val visitedBlocks: mutable.Set[Block] = mutable.Set() + val stackMemory = Memory("stack", 64, 8) + val firstBlock = blocks.headOption + firstBlock.foreach(visitBlock) + + // does not handle loops but we do not currently support loops in block CFG so this should do for now anyway + def visitBlock(b: Block): Unit = { + if (visitedBlocks.contains(b)) { + return + } + for (s <- b.statements) { + s match { + case l: LocalAssign => + // replace mem with stack in loads if index contains stack references + val loads = l.rhs.loads + for (load <- loads) { + val loadStackRefs = load.index.variables.intersect(stackRefs) + if (loadStackRefs.nonEmpty) { + load.mem = stackMemory + } + } + + // update stack references + val variableVisitor = VariablesWithoutStoresLoads() + variableVisitor.visitExpr(l.rhs) + + val rhsStackRefs = variableVisitor.variables.toSet.intersect(stackRefs) + if (rhsStackRefs.nonEmpty) { + stackRefs.add(l.lhs) + } else if (stackRefs.contains(l.lhs) && l.lhs != stackPointer) { + stackRefs.remove(l.lhs) + } + case m: MemoryAssign => + // replace mem with stack if index contains stack reference + val indexStackRefs = m.rhs.index.variables.intersect(stackRefs) + if (indexStackRefs.nonEmpty) { + m.lhs = stackMemory + m.rhs.mem = stackMemory + } + case _ => + } + } + visitedBlocks.add(b) + for (j <- b.jumps) { + j match { + case g: DetGoTo => visitBlock(g.target) + case d: DirectCall => d.returnTarget.foreach(visitBlock) + case i: IndirectCall => i.returnTarget.foreach(visitBlock) + case n: NonDetGoTo => n.targets.foreach(visitBlock) + } + } + } + } + +} +class Parameter(var name: String, var size: Int, var value: Register) { + def toBoogie: BVariable = BParam(name, BitVecBType(size)) + def toGamma: BVariable = BParam(s"Gamma_$name", BoolBType) +} + + +class Block private +(var label: String, + var address: Option[Int], + val statements: IntrusiveList[Statement], + // invariant: all Goto targets are disjoint + private val _jumps: IntrusiveList[Jump], + //private val _calls: IntrusiveList[Call], + val incomingJumps: mutable.HashSet[Block], + val parent: Procedure +) extends IntrusiveListElement { + def this(label: String, address: Option[Int], statements: IterableOnce[Statement], jumps: IterableOnce[Jump], parent: Procedure) = { + this(label, address, IntrusiveList.from(statements), IntrusiveList.from(jumps), mutable.HashSet.empty, parent) + } + + def jumps: immutable.List[Jump] = _jumps to immutable.List + + def addJump(j: Jump): Unit = { + j.parent = this + _jumps.append(j) + } + + def predecessors: immutable.Set[Block] = incomingJumps to immutable.Set + + def removeJump(j: Jump) : Unit = { + assert(j.parent == this) + j.deParent() + _jumps.remove(j) + } + + def replaceJump(j: Jump, newJ: Jump) : Unit = { + assert((j.parent == this)) + if (j eq newJ) { + // GoTo/Call is responsible for maintaining the CFG if it is modified in-place + return + } + (j, newJ) match { + case (g: GoTo, f: GoTo) => { + removeJump(j) + addJump(newJ) + } + case (g: Call, f: Call) => { + removeJump(g) + addJump(f) + } + case (_, _) => throw Exception("Programmer error: can not replace jump with call or vice versa") + } + } + + //def addStatementAfter(statement: Statement, newStatement: Statement): Statement = { + // val i = statements.indexOf(statement) + // statements.insert(i, newStatement) + //} + + + def calls: Set[Procedure] = _jumps.flatMap(_.calls).toSet + + def modifies: Set[Global] = statements.flatMap(_.modifies).toSet + //def locals: Set[Variable] = statements.flatMap(_.locals).toSet ++ jumps.flatMap(_.locals).toSet + + def calledBy: Set[Block] = { + Set.empty + } + + override def toString: String = { + // display all statements and jumps + val statementsString = statements.map(_.toString).mkString("\n") + val jumpsString = jumps.map(_.toString).mkString("\n") + s"Block $label with $statementsString\n$jumpsString" + } + + override def equals(obj: scala.Any): Boolean = + obj match + case b: Block => b.label == this.label + case _ => false + + override def hashCode(): Int = label.hashCode() +} From c57b73a0ecd8c59b69e4cefb0717a9fd107474cc Mon Sep 17 00:00:00 2001 From: Alistair Michael Date: Mon, 27 Nov 2023 16:14:30 +1000 Subject: [PATCH 18/42] update expected --- .../clang/basic_function_call_reader.expected | 2 +- .../basic_function_call_reader.expected | 2 +- .../basic_function_call_reader.expected | 2 +- .../gcc/basic_function_call_reader.expected | 2 +- .../basic_function_call_reader.expected | 2 +- .../basic_function_call_reader.expected | 2 +- .../basic_function_call_reader.expected | 2 +- .../clang/basic_lock_read.expected | 2 +- .../basic_lock_read.expected | 2 +- .../clang_pic/basic_lock_read.expected | 2 +- .../basic_lock_read.expected | 2 +- .../gcc_pic/basic_lock_read.expected | 2 +- .../clang/basic_lock_security_read.expected | 2 +- .../basic_lock_security_read.expected | 2 +- .../basic_lock_security_read.expected | 2 +- .../basic_lock_security_read.expected | 2 +- .../gcc/basic_lock_security_read.expected | 2 +- .../gcc_pic/basic_lock_security_read.expected | 2 +- .../basic_operation_evaluation.expected | 2 +- .../basic_operation_evaluation.expected | 2 +- .../gcc/basic_operation_evaluation.expected | 2 +- .../clang/basic_sec_policy_read.expected | 2 +- .../clang_O2/basic_sec_policy_read.expected | 2 +- .../clang_pic/basic_sec_policy_read.expected | 2 +- .../basic_sec_policy_read.expected | 2 +- .../gcc_pic/basic_sec_policy_read.expected | 2 +- .../correct/cjump/clang_pic/cjump.expected | 4 +-- src/test/correct/cjump/gcc/cjump.expected | 2 +- .../cjump/gcc_no_plt_no_pic/cjump.expected | 2 +- .../ifbranches/gcc/ifbranches.expected | 2 +- .../clang_no_plt_no_pic/ifglobal.expected | 2 +- .../ifglobal/clang_pic/ifglobal.expected | 2 +- .../correct/ifglobal/gcc/ifglobal.expected | 2 +- .../gcc_no_plt_no_pic/ifglobal.expected | 2 +- .../jumptable3/gcc/jumptable3.expected | 26 +++++++++---------- .../jumptable3/gcc_O2/jumptable3.expected | 16 ++++++------ .../gcc_no_plt_no_pic/jumptable3.expected | 26 +++++++++---------- .../jumptable3/gcc_pic/jumptable3.expected | 26 +++++++++---------- .../correct/nestedif/clang/nestedif.expected | 6 ++--- .../clang_no_plt_no_pic/nestedif.expected | 6 ++--- .../nestedif/clang_pic/nestedif.expected | 6 ++--- .../correct/nestedif/gcc/nestedif.expected | 2 +- .../simple_jump/gcc/simple_jump.expected | 2 +- .../gcc_no_plt_no_pic/simple_jump.expected | 2 +- .../simple_jump/gcc_pic/simple_jump.expected | 2 +- .../clang_no_plt_no_pic/switch.expected | 2 +- .../correct/switch/clang_pic/switch.expected | 2 +- src/test/correct/switch/gcc/switch.expected | 2 +- src/test/correct/switch2/gcc/switch2.expected | 2 +- .../gcc_no_plt_no_pic/switch2.expected | 8 +++--- .../correct/switch2/gcc_pic/switch2.expected | 8 +++--- .../clang/using_gamma_conditional.expected | 2 +- .../using_gamma_conditional.expected | 2 +- .../using_gamma_conditional.expected | 2 +- .../gcc_O2/using_gamma_conditional.expected | 2 +- .../using_gamma_conditional.expected | 2 +- .../incorrect/iflocal/clang/iflocal.expected | 4 +-- .../clang/nestedifglobal.expected | 8 +++--- .../nestedifglobal.expected | 4 +-- .../clang_pic/nestedifglobal.expected | 4 +-- .../gcc/nestedifglobal.expected | 2 +- .../gcc_no_plt_no_pic/nestedifglobal.expected | 4 +-- .../gcc_pic/nestedifglobal.expected | 4 +-- 63 files changed, 127 insertions(+), 127 deletions(-) diff --git a/src/test/correct/basic_function_call_reader/clang/basic_function_call_reader.expected b/src/test/correct/basic_function_call_reader/clang/basic_function_call_reader.expected index e7add125d..40ca88286 100644 --- a/src/test/correct/basic_function_call_reader/clang/basic_function_call_reader.expected +++ b/src/test/correct/basic_function_call_reader/clang/basic_function_call_reader.expected @@ -245,7 +245,7 @@ procedure main() l00000348: assume {:captureState "l00000348"} true; assert Gamma_R8; - goto l00000348_goto_l00000350, l00000348_goto_l0000037a; + goto l00000348_goto_l0000037a, l00000348_goto_l00000350; l00000350: assume {:captureState "l00000350"} true; R8, Gamma_R8 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); diff --git a/src/test/correct/basic_function_call_reader/clang_O2/basic_function_call_reader.expected b/src/test/correct/basic_function_call_reader/clang_O2/basic_function_call_reader.expected index 49025abea..297801a4b 100644 --- a/src/test/correct/basic_function_call_reader/clang_O2/basic_function_call_reader.expected +++ b/src/test/correct/basic_function_call_reader/clang_O2/basic_function_call_reader.expected @@ -215,7 +215,7 @@ procedure main() ZF, Gamma_ZF := bvcomp32(bvadd32(#4, 1bv32), 0bv32), Gamma_#4; NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l000002f9, lmain_goto_l000002fd; + goto lmain_goto_l000002fd, lmain_goto_l000002f9; l000002fd: assume {:captureState "l000002fd"} true; R0, Gamma_R0 := zero_extend32_32(R9[32:0]), Gamma_R9; diff --git a/src/test/correct/basic_function_call_reader/clang_no_plt_no_pic/basic_function_call_reader.expected b/src/test/correct/basic_function_call_reader/clang_no_plt_no_pic/basic_function_call_reader.expected index 80fd49730..5e2f83ca1 100644 --- a/src/test/correct/basic_function_call_reader/clang_no_plt_no_pic/basic_function_call_reader.expected +++ b/src/test/correct/basic_function_call_reader/clang_no_plt_no_pic/basic_function_call_reader.expected @@ -245,7 +245,7 @@ procedure main() l0000098b: assume {:captureState "l0000098b"} true; assert Gamma_R8; - goto l0000098b_goto_l00000993, l0000098b_goto_l000009bd; + goto l0000098b_goto_l000009bd, l0000098b_goto_l00000993; l00000993: assume {:captureState "l00000993"} true; R8, Gamma_R8 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); diff --git a/src/test/correct/basic_function_call_reader/gcc/basic_function_call_reader.expected b/src/test/correct/basic_function_call_reader/gcc/basic_function_call_reader.expected index f9c7deafc..5f063faf5 100644 --- a/src/test/correct/basic_function_call_reader/gcc/basic_function_call_reader.expected +++ b/src/test/correct/basic_function_call_reader/gcc/basic_function_call_reader.expected @@ -230,7 +230,7 @@ procedure main() ZF, Gamma_ZF := bvcomp32(bvadd32(#4, 1bv32), 0bv32), Gamma_#4; NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l00000332, lmain_goto_l00000349; + goto lmain_goto_l00000349, lmain_goto_l00000332; l00000332: assume {:captureState "l00000332"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); diff --git a/src/test/correct/basic_function_call_reader/gcc_O2/basic_function_call_reader.expected b/src/test/correct/basic_function_call_reader/gcc_O2/basic_function_call_reader.expected index ad0366224..32456e254 100644 --- a/src/test/correct/basic_function_call_reader/gcc_O2/basic_function_call_reader.expected +++ b/src/test/correct/basic_function_call_reader/gcc_O2/basic_function_call_reader.expected @@ -189,7 +189,7 @@ procedure main() call rely(); R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, bvadd64(R0, 20bv64))), (gamma_load32(Gamma_mem, bvadd64(R0, 20bv64)) || L(mem, bvadd64(R0, 20bv64))); assert Gamma_R0; - goto lmain_goto_l000001bc, lmain_goto_l00000398; + goto lmain_goto_l00000398, lmain_goto_l000001bc; l00000398: assume {:captureState "l00000398"} true; call rely(); diff --git a/src/test/correct/basic_function_call_reader/gcc_no_plt_no_pic/basic_function_call_reader.expected b/src/test/correct/basic_function_call_reader/gcc_no_plt_no_pic/basic_function_call_reader.expected index d417cea69..4e6114cb7 100644 --- a/src/test/correct/basic_function_call_reader/gcc_no_plt_no_pic/basic_function_call_reader.expected +++ b/src/test/correct/basic_function_call_reader/gcc_no_plt_no_pic/basic_function_call_reader.expected @@ -230,7 +230,7 @@ procedure main() ZF, Gamma_ZF := bvcomp32(bvadd32(#4, 1bv32), 0bv32), Gamma_#4; NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l00000937, lmain_goto_l0000094e; + goto lmain_goto_l0000094e, lmain_goto_l00000937; l00000937: assume {:captureState "l00000937"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); diff --git a/src/test/correct/basic_function_call_reader/gcc_pic/basic_function_call_reader.expected b/src/test/correct/basic_function_call_reader/gcc_pic/basic_function_call_reader.expected index 60dcad679..00bc7a897 100644 --- a/src/test/correct/basic_function_call_reader/gcc_pic/basic_function_call_reader.expected +++ b/src/test/correct/basic_function_call_reader/gcc_pic/basic_function_call_reader.expected @@ -288,7 +288,7 @@ procedure main() ZF, Gamma_ZF := bvcomp32(bvadd32(#4, 1bv32), 0bv32), Gamma_#4; NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l00000334, lmain_goto_l0000034b; + goto lmain_goto_l0000034b, lmain_goto_l00000334; l00000334: assume {:captureState "l00000334"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); diff --git a/src/test/correct/basic_lock_read/clang/basic_lock_read.expected b/src/test/correct/basic_lock_read/clang/basic_lock_read.expected index 9a12d05e8..1c3a5a3f7 100644 --- a/src/test/correct/basic_lock_read/clang/basic_lock_read.expected +++ b/src/test/correct/basic_lock_read/clang/basic_lock_read.expected @@ -228,7 +228,7 @@ procedure main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l0000032d, lmain_goto_l00000330; + goto lmain_goto_l00000330, lmain_goto_l0000032d; l00000330: assume {:captureState "l00000330"} true; R8, Gamma_R8 := 1bv64, true; diff --git a/src/test/correct/basic_lock_read/clang_no_plt_no_pic/basic_lock_read.expected b/src/test/correct/basic_lock_read/clang_no_plt_no_pic/basic_lock_read.expected index 31eb2d168..fa4bbf9ea 100644 --- a/src/test/correct/basic_lock_read/clang_no_plt_no_pic/basic_lock_read.expected +++ b/src/test/correct/basic_lock_read/clang_no_plt_no_pic/basic_lock_read.expected @@ -228,7 +228,7 @@ procedure main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l00000958, lmain_goto_l0000095b; + goto lmain_goto_l0000095b, lmain_goto_l00000958; l0000095b: assume {:captureState "l0000095b"} true; R8, Gamma_R8 := 1bv64, true; diff --git a/src/test/correct/basic_lock_read/clang_pic/basic_lock_read.expected b/src/test/correct/basic_lock_read/clang_pic/basic_lock_read.expected index e7ccaa507..e28d3c353 100644 --- a/src/test/correct/basic_lock_read/clang_pic/basic_lock_read.expected +++ b/src/test/correct/basic_lock_read/clang_pic/basic_lock_read.expected @@ -286,7 +286,7 @@ procedure main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l0000033c, lmain_goto_l0000033f; + goto lmain_goto_l0000033f, lmain_goto_l0000033c; l0000033f: assume {:captureState "l0000033f"} true; R8, Gamma_R8 := 1bv64, true; diff --git a/src/test/correct/basic_lock_read/gcc_no_plt_no_pic/basic_lock_read.expected b/src/test/correct/basic_lock_read/gcc_no_plt_no_pic/basic_lock_read.expected index 9156594f7..3d86091ff 100644 --- a/src/test/correct/basic_lock_read/gcc_no_plt_no_pic/basic_lock_read.expected +++ b/src/test/correct/basic_lock_read/gcc_no_plt_no_pic/basic_lock_read.expected @@ -224,7 +224,7 @@ procedure main() ZF, Gamma_ZF := bvcomp32(bvadd32(#4, 1bv32), 0bv32), Gamma_#4; NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l00000948, lmain_goto_l0000095f; + goto lmain_goto_l0000095f, lmain_goto_l00000948; l0000095f: assume {:captureState "l0000095f"} true; R0, Gamma_R0 := 69632bv64, true; diff --git a/src/test/correct/basic_lock_read/gcc_pic/basic_lock_read.expected b/src/test/correct/basic_lock_read/gcc_pic/basic_lock_read.expected index 6146649e8..8d9b04baa 100644 --- a/src/test/correct/basic_lock_read/gcc_pic/basic_lock_read.expected +++ b/src/test/correct/basic_lock_read/gcc_pic/basic_lock_read.expected @@ -281,7 +281,7 @@ procedure main() ZF, Gamma_ZF := bvcomp32(bvadd32(#4, 1bv32), 0bv32), Gamma_#4; NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l00000328, lmain_goto_l0000033f; + goto lmain_goto_l0000033f, lmain_goto_l00000328; l0000033f: assume {:captureState "l0000033f"} true; R0, Gamma_R0 := 65536bv64, true; diff --git a/src/test/correct/basic_lock_security_read/clang/basic_lock_security_read.expected b/src/test/correct/basic_lock_security_read/clang/basic_lock_security_read.expected index 09f70f03f..82b5f57d7 100644 --- a/src/test/correct/basic_lock_security_read/clang/basic_lock_security_read.expected +++ b/src/test/correct/basic_lock_security_read/clang/basic_lock_security_read.expected @@ -238,7 +238,7 @@ procedure main() l0000032f: assume {:captureState "l0000032f"} true; assert Gamma_R8; - goto l0000032f_goto_l00000337, l0000032f_goto_l0000034e; + goto l0000032f_goto_l0000034e, l0000032f_goto_l00000337; l0000034e: assume {:captureState "l0000034e"} true; goto l0000034f; diff --git a/src/test/correct/basic_lock_security_read/clang_O2/basic_lock_security_read.expected b/src/test/correct/basic_lock_security_read/clang_O2/basic_lock_security_read.expected index a2f10d1ca..17802c3cc 100644 --- a/src/test/correct/basic_lock_security_read/clang_O2/basic_lock_security_read.expected +++ b/src/test/correct/basic_lock_security_read/clang_O2/basic_lock_security_read.expected @@ -211,7 +211,7 @@ procedure main() ZF, Gamma_ZF := bvcomp32(bvadd32(#4, 1bv32), 0bv32), Gamma_#4; NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l000002fa, lmain_goto_l000002fd; + goto lmain_goto_l000002fd, lmain_goto_l000002fa; l000002fd: assume {:captureState "l000002fd"} true; R0, Gamma_R0 := 0bv64, true; diff --git a/src/test/correct/basic_lock_security_read/clang_no_plt_no_pic/basic_lock_security_read.expected b/src/test/correct/basic_lock_security_read/clang_no_plt_no_pic/basic_lock_security_read.expected index d4c28b724..de955442e 100644 --- a/src/test/correct/basic_lock_security_read/clang_no_plt_no_pic/basic_lock_security_read.expected +++ b/src/test/correct/basic_lock_security_read/clang_no_plt_no_pic/basic_lock_security_read.expected @@ -226,7 +226,7 @@ procedure main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l00000947, lmain_goto_l0000094a; + goto lmain_goto_l0000094a, lmain_goto_l00000947; l0000094a: assume {:captureState "l0000094a"} true; R8, Gamma_R8 := 1bv64, true; diff --git a/src/test/correct/basic_lock_security_read/clang_pic/basic_lock_security_read.expected b/src/test/correct/basic_lock_security_read/clang_pic/basic_lock_security_read.expected index 0b25229ee..dda912b72 100644 --- a/src/test/correct/basic_lock_security_read/clang_pic/basic_lock_security_read.expected +++ b/src/test/correct/basic_lock_security_read/clang_pic/basic_lock_security_read.expected @@ -296,7 +296,7 @@ procedure main() l0000033e: assume {:captureState "l0000033e"} true; assert Gamma_R8; - goto l0000033e_goto_l00000346, l0000033e_goto_l0000035d; + goto l0000033e_goto_l0000035d, l0000033e_goto_l00000346; l0000035d: assume {:captureState "l0000035d"} true; goto l0000035e; diff --git a/src/test/correct/basic_lock_security_read/gcc/basic_lock_security_read.expected b/src/test/correct/basic_lock_security_read/gcc/basic_lock_security_read.expected index 634a9333e..0aae07f2c 100644 --- a/src/test/correct/basic_lock_security_read/gcc/basic_lock_security_read.expected +++ b/src/test/correct/basic_lock_security_read/gcc/basic_lock_security_read.expected @@ -222,7 +222,7 @@ procedure main() ZF, Gamma_ZF := bvcomp32(bvadd32(#4, 1bv32), 0bv32), Gamma_#4; NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l0000031b, lmain_goto_l00000332; + goto lmain_goto_l00000332, lmain_goto_l0000031b; l00000332: assume {:captureState "l00000332"} true; R0, Gamma_R0 := 69632bv64, true; diff --git a/src/test/correct/basic_lock_security_read/gcc_pic/basic_lock_security_read.expected b/src/test/correct/basic_lock_security_read/gcc_pic/basic_lock_security_read.expected index 32ac0823c..edee39617 100644 --- a/src/test/correct/basic_lock_security_read/gcc_pic/basic_lock_security_read.expected +++ b/src/test/correct/basic_lock_security_read/gcc_pic/basic_lock_security_read.expected @@ -279,7 +279,7 @@ procedure main() ZF, Gamma_ZF := bvcomp32(bvadd32(#4, 1bv32), 0bv32), Gamma_#4; NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l0000031c, lmain_goto_l00000333; + goto lmain_goto_l00000333, lmain_goto_l0000031c; l00000333: assume {:captureState "l00000333"} true; R0, Gamma_R0 := 65536bv64, true; diff --git a/src/test/correct/basic_operation_evaluation/clang_no_plt_no_pic/basic_operation_evaluation.expected b/src/test/correct/basic_operation_evaluation/clang_no_plt_no_pic/basic_operation_evaluation.expected index 69b3dc72e..dd3e282d6 100644 --- a/src/test/correct/basic_operation_evaluation/clang_no_plt_no_pic/basic_operation_evaluation.expected +++ b/src/test/correct/basic_operation_evaluation/clang_no_plt_no_pic/basic_operation_evaluation.expected @@ -254,7 +254,7 @@ procedure main() R8, Gamma_R8 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); R10, Gamma_R10 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); assert Gamma_R10; - goto lmain_goto_l00000aac, lmain_goto_l00000ab1; + goto lmain_goto_l00000ab1, lmain_goto_l00000aac; l00000ab1: assume {:captureState "l00000ab1"} true; R9, Gamma_R9 := zero_extend32_32(bvsdiv33(sign_extend1_32(R8[32:0]), sign_extend1_32(R10[32:0]))[32:0]), (Gamma_R10 && Gamma_R8); diff --git a/src/test/correct/basic_operation_evaluation/clang_pic/basic_operation_evaluation.expected b/src/test/correct/basic_operation_evaluation/clang_pic/basic_operation_evaluation.expected index 69b3dc72e..dd3e282d6 100644 --- a/src/test/correct/basic_operation_evaluation/clang_pic/basic_operation_evaluation.expected +++ b/src/test/correct/basic_operation_evaluation/clang_pic/basic_operation_evaluation.expected @@ -254,7 +254,7 @@ procedure main() R8, Gamma_R8 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); R10, Gamma_R10 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); assert Gamma_R10; - goto lmain_goto_l00000aac, lmain_goto_l00000ab1; + goto lmain_goto_l00000ab1, lmain_goto_l00000aac; l00000ab1: assume {:captureState "l00000ab1"} true; R9, Gamma_R9 := zero_extend32_32(bvsdiv33(sign_extend1_32(R8[32:0]), sign_extend1_32(R10[32:0]))[32:0]), (Gamma_R10 && Gamma_R8); diff --git a/src/test/correct/basic_operation_evaluation/gcc/basic_operation_evaluation.expected b/src/test/correct/basic_operation_evaluation/gcc/basic_operation_evaluation.expected index 255fa84d0..9c550f842 100644 --- a/src/test/correct/basic_operation_evaluation/gcc/basic_operation_evaluation.expected +++ b/src/test/correct/basic_operation_evaluation/gcc/basic_operation_evaluation.expected @@ -230,7 +230,7 @@ procedure main() R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 20bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 20bv64)); R1, Gamma_R1 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 24bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 24bv64)); assert Gamma_R1; - goto lmain_goto_l000003b3, lmain_goto_l000003b8; + goto lmain_goto_l000003b8, lmain_goto_l000003b3; l000003b8: assume {:captureState "l000003b8"} true; R2, Gamma_R2 := zero_extend32_32(bvsdiv33(sign_extend1_32(R0[32:0]), sign_extend1_32(R1[32:0]))[32:0]), (Gamma_R1 && Gamma_R0); diff --git a/src/test/correct/basic_sec_policy_read/clang/basic_sec_policy_read.expected b/src/test/correct/basic_sec_policy_read/clang/basic_sec_policy_read.expected index ccd417130..ffbad047c 100644 --- a/src/test/correct/basic_sec_policy_read/clang/basic_sec_policy_read.expected +++ b/src/test/correct/basic_sec_policy_read/clang/basic_sec_policy_read.expected @@ -241,7 +241,7 @@ procedure main() l0000033c: assume {:captureState "l0000033c"} true; assert Gamma_R8; - goto l0000033c_goto_l00000344, l0000033c_goto_l0000035b; + goto l0000033c_goto_l0000035b, l0000033c_goto_l00000344; l0000035b: assume {:captureState "l0000035b"} true; goto l0000035c; diff --git a/src/test/correct/basic_sec_policy_read/clang_O2/basic_sec_policy_read.expected b/src/test/correct/basic_sec_policy_read/clang_O2/basic_sec_policy_read.expected index 92491b85c..f53a693c9 100644 --- a/src/test/correct/basic_sec_policy_read/clang_O2/basic_sec_policy_read.expected +++ b/src/test/correct/basic_sec_policy_read/clang_O2/basic_sec_policy_read.expected @@ -211,7 +211,7 @@ procedure main() ZF, Gamma_ZF := bvcomp32(bvadd32(#4, 1bv32), 0bv32), Gamma_#4; NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l000002fa, lmain_goto_l000002fd; + goto lmain_goto_l000002fd, lmain_goto_l000002fa; l000002fd: assume {:captureState "l000002fd"} true; R0, Gamma_R0 := 0bv64, true; diff --git a/src/test/correct/basic_sec_policy_read/clang_pic/basic_sec_policy_read.expected b/src/test/correct/basic_sec_policy_read/clang_pic/basic_sec_policy_read.expected index 4046bd5c3..b69676cde 100644 --- a/src/test/correct/basic_sec_policy_read/clang_pic/basic_sec_policy_read.expected +++ b/src/test/correct/basic_sec_policy_read/clang_pic/basic_sec_policy_read.expected @@ -301,7 +301,7 @@ procedure main() l00000352: assume {:captureState "l00000352"} true; assert Gamma_R8; - goto l00000352_goto_l0000035a, l00000352_goto_l00000371; + goto l00000352_goto_l00000371, l00000352_goto_l0000035a; l00000371: assume {:captureState "l00000371"} true; goto l00000372; diff --git a/src/test/correct/basic_sec_policy_read/gcc_no_plt_no_pic/basic_sec_policy_read.expected b/src/test/correct/basic_sec_policy_read/gcc_no_plt_no_pic/basic_sec_policy_read.expected index 7882f9a88..3873bde91 100644 --- a/src/test/correct/basic_sec_policy_read/gcc_no_plt_no_pic/basic_sec_policy_read.expected +++ b/src/test/correct/basic_sec_policy_read/gcc_no_plt_no_pic/basic_sec_policy_read.expected @@ -226,7 +226,7 @@ procedure main() ZF, Gamma_ZF := bvcomp32(bvadd32(#4, 1bv32), 0bv32), Gamma_#4; NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l0000092b, lmain_goto_l00000942; + goto lmain_goto_l00000942, lmain_goto_l0000092b; l00000942: assume {:captureState "l00000942"} true; stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), 0bv32), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), true); diff --git a/src/test/correct/basic_sec_policy_read/gcc_pic/basic_sec_policy_read.expected b/src/test/correct/basic_sec_policy_read/gcc_pic/basic_sec_policy_read.expected index 2802fe353..ee0280058 100644 --- a/src/test/correct/basic_sec_policy_read/gcc_pic/basic_sec_policy_read.expected +++ b/src/test/correct/basic_sec_policy_read/gcc_pic/basic_sec_policy_read.expected @@ -284,7 +284,7 @@ procedure main() ZF, Gamma_ZF := bvcomp32(bvadd32(#4, 1bv32), 0bv32), Gamma_#4; NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l00000330, lmain_goto_l00000347; + goto lmain_goto_l00000347, lmain_goto_l00000330; l00000347: assume {:captureState "l00000347"} true; stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), 0bv32), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), true); diff --git a/src/test/correct/cjump/clang_pic/cjump.expected b/src/test/correct/cjump/clang_pic/cjump.expected index 1ecbdeb7c..b7f1ae582 100644 --- a/src/test/correct/cjump/clang_pic/cjump.expected +++ b/src/test/correct/cjump/clang_pic/cjump.expected @@ -286,7 +286,7 @@ procedure main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l00000356, lmain_goto_l00000359; + goto lmain_goto_l00000359, lmain_goto_l00000356; l00000359: assume {:captureState "l00000359"} true; R8, Gamma_R8 := 1bv64, true; @@ -298,7 +298,7 @@ procedure main() l0000035c: assume {:captureState "l0000035c"} true; assert Gamma_R8; - goto l0000035c_goto_l00000364, l0000035c_goto_l00000398; + goto l0000035c_goto_l00000398, l0000035c_goto_l00000364; l00000364: assume {:captureState "l00000364"} true; R9, Gamma_R9 := 65536bv64, true; diff --git a/src/test/correct/cjump/gcc/cjump.expected b/src/test/correct/cjump/gcc/cjump.expected index 9a98e6265..dba45cd99 100644 --- a/src/test/correct/cjump/gcc/cjump.expected +++ b/src/test/correct/cjump/gcc/cjump.expected @@ -219,7 +219,7 @@ procedure main() ZF, Gamma_ZF := bvcomp32(bvadd32(#4, 1bv32), 0bv32), Gamma_#4; NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l0000033e, lmain_goto_l00000365; + goto lmain_goto_l00000365, lmain_goto_l0000033e; l0000033e: assume {:captureState "l0000033e"} true; R0, Gamma_R0 := 69632bv64, true; diff --git a/src/test/correct/cjump/gcc_no_plt_no_pic/cjump.expected b/src/test/correct/cjump/gcc_no_plt_no_pic/cjump.expected index 1f3af0871..c3719ff53 100644 --- a/src/test/correct/cjump/gcc_no_plt_no_pic/cjump.expected +++ b/src/test/correct/cjump/gcc_no_plt_no_pic/cjump.expected @@ -219,7 +219,7 @@ procedure main() ZF, Gamma_ZF := bvcomp32(bvadd32(#4, 1bv32), 0bv32), Gamma_#4; NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l0000097c, lmain_goto_l000009a3; + goto lmain_goto_l000009a3, lmain_goto_l0000097c; l0000097c: assume {:captureState "l0000097c"} true; R0, Gamma_R0 := 69632bv64, true; diff --git a/src/test/correct/ifbranches/gcc/ifbranches.expected b/src/test/correct/ifbranches/gcc/ifbranches.expected index cd7916e92..fc4b3fe3b 100644 --- a/src/test/correct/ifbranches/gcc/ifbranches.expected +++ b/src/test/correct/ifbranches/gcc/ifbranches.expected @@ -221,7 +221,7 @@ procedure main() ZF, Gamma_ZF := bvcomp32(bvadd32(#4, 1bv32), 0bv32), Gamma_#4; NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l00000330, lmain_goto_l00000369; + goto lmain_goto_l00000369, lmain_goto_l00000330; l00000330: assume {:captureState "l00000330"} true; R0, Gamma_R0 := 2bv64, true; diff --git a/src/test/correct/ifglobal/clang_no_plt_no_pic/ifglobal.expected b/src/test/correct/ifglobal/clang_no_plt_no_pic/ifglobal.expected index 8ae5517aa..c434815ef 100644 --- a/src/test/correct/ifglobal/clang_no_plt_no_pic/ifglobal.expected +++ b/src/test/correct/ifglobal/clang_no_plt_no_pic/ifglobal.expected @@ -219,7 +219,7 @@ procedure main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l0000092d, lmain_goto_l00000930; + goto lmain_goto_l00000930, lmain_goto_l0000092d; l00000930: assume {:captureState "l00000930"} true; R8, Gamma_R8 := 1bv64, true; diff --git a/src/test/correct/ifglobal/clang_pic/ifglobal.expected b/src/test/correct/ifglobal/clang_pic/ifglobal.expected index 2f170c699..f58241469 100644 --- a/src/test/correct/ifglobal/clang_pic/ifglobal.expected +++ b/src/test/correct/ifglobal/clang_pic/ifglobal.expected @@ -253,7 +253,7 @@ procedure main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l0000032d, lmain_goto_l00000330; + goto lmain_goto_l00000330, lmain_goto_l0000032d; l00000330: assume {:captureState "l00000330"} true; R8, Gamma_R8 := 1bv64, true; diff --git a/src/test/correct/ifglobal/gcc/ifglobal.expected b/src/test/correct/ifglobal/gcc/ifglobal.expected index a82d65ba3..ca03efa47 100644 --- a/src/test/correct/ifglobal/gcc/ifglobal.expected +++ b/src/test/correct/ifglobal/gcc/ifglobal.expected @@ -208,7 +208,7 @@ procedure main() ZF, Gamma_ZF := bvcomp32(bvadd32(#4, 1bv32), 0bv32), Gamma_#4; NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l00000302, lmain_goto_l00000311; + goto lmain_goto_l00000311, lmain_goto_l00000302; l00000311: assume {:captureState "l00000311"} true; R0, Gamma_R0 := 69632bv64, true; diff --git a/src/test/correct/ifglobal/gcc_no_plt_no_pic/ifglobal.expected b/src/test/correct/ifglobal/gcc_no_plt_no_pic/ifglobal.expected index bc013859c..643fff971 100644 --- a/src/test/correct/ifglobal/gcc_no_plt_no_pic/ifglobal.expected +++ b/src/test/correct/ifglobal/gcc_no_plt_no_pic/ifglobal.expected @@ -208,7 +208,7 @@ procedure main() ZF, Gamma_ZF := bvcomp32(bvadd32(#4, 1bv32), 0bv32), Gamma_#4; NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l000008d6, lmain_goto_l000008e5; + goto lmain_goto_l000008e5, lmain_goto_l000008d6; l000008e5: assume {:captureState "l000008e5"} true; R0, Gamma_R0 := 69632bv64, true; diff --git a/src/test/correct/jumptable3/gcc/jumptable3.expected b/src/test/correct/jumptable3/gcc/jumptable3.expected index c0d970237..0fa14fbeb 100644 --- a/src/test/correct/jumptable3/gcc/jumptable3.expected +++ b/src/test/correct/jumptable3/gcc/jumptable3.expected @@ -474,7 +474,7 @@ procedure main() ZF, Gamma_ZF := bvcomp32(bvadd32(#5, 1bv32), 0bv32), Gamma_#5; NF, Gamma_NF := bvadd32(#5, 1bv32)[32:31], Gamma_#5; assert Gamma_ZF; - goto lmain_goto_l00000599, lmain_goto_l000005e0; + goto lmain_goto_l000005e0, lmain_goto_l00000599; l000005e0: assume {:captureState "l000005e0"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -542,7 +542,7 @@ procedure main() ZF, Gamma_ZF := bvcomp32(bvadd32(#9, 1bv32), 0bv32), Gamma_#9; NF, Gamma_NF := bvadd32(#9, 1bv32)[32:31], Gamma_#9; assert Gamma_ZF; - goto l0000066b_goto_l0000068c, l0000066b_goto_l000006a3; + goto l0000066b_goto_l000006a3, l0000066b_goto_l0000068c; l0000068c: assume {:captureState "l0000068c"} true; R30, Gamma_R30 := 2276bv64, true; @@ -575,7 +575,7 @@ procedure main() ZF, Gamma_ZF := bvcomp32(bvadd32(#11, 1bv32), 0bv32), Gamma_#11; NF, Gamma_NF := bvadd32(#11, 1bv32)[32:31], Gamma_#11; assert Gamma_ZF; - goto l000006cb_goto_l000006ec, l000006cb_goto_l00000703; + goto l000006cb_goto_l00000703, l000006cb_goto_l000006ec; l00000703: assume {:captureState "l00000703"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -585,7 +585,7 @@ procedure main() ZF, Gamma_ZF := bvcomp32(bvadd32(#12, 1bv32), 0bv32), Gamma_#12; NF, Gamma_NF := bvadd32(#12, 1bv32)[32:31], Gamma_#12; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l00000703_goto_l000005d7, l00000703_goto_l0000072b; + goto l00000703_goto_l0000072b, l00000703_goto_l000005d7; l0000072b: assume {:captureState "l0000072b"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -595,7 +595,7 @@ procedure main() ZF, Gamma_ZF := bvcomp32(bvadd32(#13, 1bv32), 0bv32), Gamma_#13; NF, Gamma_NF := bvadd32(#13, 1bv32)[32:31], Gamma_#13; assert Gamma_ZF; - goto l0000072b_goto_l0000074c, l0000072b_goto_l00000758; + goto l0000072b_goto_l00000758, l0000072b_goto_l0000074c; l00000758: assume {:captureState "l00000758"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -625,7 +625,7 @@ procedure main() ZF, Gamma_ZF := bvcomp32(bvadd32(#16, 1bv32), 0bv32), Gamma_#16; NF, Gamma_NF := bvadd32(#16, 1bv32)[32:31], Gamma_#16; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l000007ad_goto_l000005d7, l000007ad_goto_l000007d5; + goto l000007ad_goto_l000007d5, l000007ad_goto_l000005d7; l000007d5: assume {:captureState "l000007d5"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -635,7 +635,7 @@ procedure main() ZF, Gamma_ZF := bvcomp32(bvadd32(#17, 1bv32), 0bv32), Gamma_#17; NF, Gamma_NF := bvadd32(#17, 1bv32)[32:31], Gamma_#17; assert Gamma_ZF; - goto l000007d5_goto_l000007f6, l000007d5_goto_l00000809; + goto l000007d5_goto_l00000809, l000007d5_goto_l000007f6; l000007f6: assume {:captureState "l000007f6"} true; R30, Gamma_R30 := 2248bv64, true; @@ -678,7 +678,7 @@ procedure main() ZF, Gamma_ZF := bvcomp32(bvadd32(#18, 1bv32), 0bv32), Gamma_#18; NF, Gamma_NF := bvadd32(#18, 1bv32)[32:31], Gamma_#18; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l00000809_goto_l000005d7, l00000809_goto_l00000831; + goto l00000809_goto_l00000831, l00000809_goto_l000005d7; l00000831: assume {:captureState "l00000831"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -688,7 +688,7 @@ procedure main() ZF, Gamma_ZF := bvcomp32(bvadd32(#19, 1bv32), 0bv32), Gamma_#19; NF, Gamma_NF := bvadd32(#19, 1bv32)[32:31], Gamma_#19; assert Gamma_ZF; - goto l00000831_goto_l00000852, l00000831_goto_l00000862; + goto l00000831_goto_l00000862, l00000831_goto_l00000852; l00000852: assume {:captureState "l00000852"} true; R30, Gamma_R30 := 2240bv64, true; @@ -739,7 +739,7 @@ procedure main() ZF, Gamma_ZF := bvcomp32(bvadd32(#22, 1bv32), 0bv32), Gamma_#22; NF, Gamma_NF := bvadd32(#22, 1bv32)[32:31], Gamma_#22; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l000008c2_goto_l000005d7, l000008c2_goto_l000008ea; + goto l000008c2_goto_l000008ea, l000008c2_goto_l000005d7; l000008ea: assume {:captureState "l000008ea"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -759,7 +759,7 @@ procedure main() ZF, Gamma_ZF := bvcomp32(bvadd32(#24, 1bv32), 0bv32), Gamma_#24; NF, Gamma_NF := bvadd32(#24, 1bv32)[32:31], Gamma_#24; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l0000091b_goto_l000005d7, l0000091b_goto_l00000943; + goto l0000091b_goto_l00000943, l0000091b_goto_l000005d7; l00000943: assume {:captureState "l00000943"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -769,7 +769,7 @@ procedure main() ZF, Gamma_ZF := bvcomp32(bvadd32(#25, 1bv32), 0bv32), Gamma_#25; NF, Gamma_NF := bvadd32(#25, 1bv32)[32:31], Gamma_#25; assert Gamma_ZF; - goto l00000943_goto_l00000964, l00000943_goto_l0000097b; + goto l00000943_goto_l0000097b, l00000943_goto_l00000964; l00000964: assume {:captureState "l00000964"} true; R30, Gamma_R30 := 2208bv64, true; @@ -787,7 +787,7 @@ procedure main() ZF, Gamma_ZF := bvcomp32(bvadd32(#26, 1bv32), 0bv32), Gamma_#26; NF, Gamma_NF := bvadd32(#26, 1bv32)[32:31], Gamma_#26; assert Gamma_ZF; - goto l0000097b_goto_l00000974, l0000097b_goto_l000009a1; + goto l0000097b_goto_l000009a1, l0000097b_goto_l00000974; l00000974: assume {:captureState "l00000974"} true; R30, Gamma_R30 := 2216bv64, true; diff --git a/src/test/correct/jumptable3/gcc_O2/jumptable3.expected b/src/test/correct/jumptable3/gcc_O2/jumptable3.expected index 27d281ba8..35ab2a3e8 100644 --- a/src/test/correct/jumptable3/gcc_O2/jumptable3.expected +++ b/src/test/correct/jumptable3/gcc_O2/jumptable3.expected @@ -231,7 +231,7 @@ procedure main() l00000753: assume {:captureState "l00000753"} true; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l00000753_goto_l000006e8, l00000753_goto_l0000075c; + goto l00000753_goto_l0000075c, l00000753_goto_l000006e8; l000006e8: assume {:captureState "l000006e8"} true; R1, Gamma_R1 := 69632bv64, true; @@ -264,7 +264,7 @@ procedure main() ZF, Gamma_ZF := bvcomp32(bvadd32(#6, 1bv32), 0bv32), Gamma_#6; NF, Gamma_NF := bvadd32(#6, 1bv32)[32:31], Gamma_#6; assert Gamma_ZF; - goto l00000644_goto_l00000331, l00000644_goto_l00000663; + goto l00000644_goto_l00000663, l00000644_goto_l00000331; l00000663: assume {:captureState "l00000663"} true; #7, Gamma_#7 := bvadd32(R0[32:0], 4294967287bv32), Gamma_R0; @@ -273,7 +273,7 @@ procedure main() ZF, Gamma_ZF := bvcomp32(bvadd32(#7, 1bv32), 0bv32), Gamma_#7; NF, Gamma_NF := bvadd32(#7, 1bv32)[32:31], Gamma_#7; assert Gamma_ZF; - goto l00000663_goto_l0000036b, l00000663_goto_l00000347; + goto l00000663_goto_l00000347, l00000663_goto_l0000036b; l00000715: assume {:captureState "l00000715"} true; #9, Gamma_#9 := bvadd32(R0[32:0], 4294967285bv32), Gamma_R0; @@ -320,7 +320,7 @@ procedure main() ZF, Gamma_ZF := bvcomp32(bvadd32(#11, 1bv32), 0bv32), Gamma_#11; NF, Gamma_NF := bvadd32(#11, 1bv32)[32:31], Gamma_#11; assert Gamma_ZF; - goto l0000075c_goto_l0000069c, l0000075c_goto_l0000077b; + goto l0000075c_goto_l0000077b, l0000075c_goto_l0000069c; l0000069c: assume {:captureState "l0000069c"} true; R1, Gamma_R1 := 69632bv64, true; @@ -335,7 +335,7 @@ procedure main() l0000077b: assume {:captureState "l0000077b"} true; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l0000077b_goto_l000005bc, l0000077b_goto_l00000784; + goto l0000077b_goto_l00000784, l0000077b_goto_l000005bc; l000005bc: assume {:captureState "l000005bc"} true; #5, Gamma_#5 := bvadd32(R0[32:0], 4294967291bv32), Gamma_R0; @@ -344,7 +344,7 @@ procedure main() ZF, Gamma_ZF := bvcomp32(bvadd32(#5, 1bv32), 0bv32), Gamma_#5; NF, Gamma_NF := bvadd32(#5, 1bv32)[32:31], Gamma_#5; assert Gamma_ZF; - goto l000005bc_goto_l000005d6, l000005bc_goto_l00000682; + goto l000005bc_goto_l00000682, l000005bc_goto_l000005d6; l000005d6: assume {:captureState "l000005d6"} true; R1, Gamma_R1 := 69632bv64, true; @@ -425,11 +425,11 @@ procedure main() ZF, Gamma_ZF := bvcomp32(bvadd32(#13, 1bv32), 0bv32), Gamma_#13; NF, Gamma_NF := bvadd32(#13, 1bv32)[32:31], Gamma_#13; assert Gamma_ZF; - goto l000007a8_goto_l00000368, l000007a8_goto_l000006d0; + goto l000007a8_goto_l000006d0, l000007a8_goto_l00000368; l00000368: assume {:captureState "l00000368"} true; assert Gamma_R0; - goto l00000368_goto_l0000036b, l00000368_goto_l000005a3; + goto l00000368_goto_l000005a3, l00000368_goto_l0000036b; l0000036b: assume {:captureState "l0000036b"} true; R0, Gamma_R0 := 1bv64, true; diff --git a/src/test/correct/jumptable3/gcc_no_plt_no_pic/jumptable3.expected b/src/test/correct/jumptable3/gcc_no_plt_no_pic/jumptable3.expected index 75b244d38..b0842bac6 100644 --- a/src/test/correct/jumptable3/gcc_no_plt_no_pic/jumptable3.expected +++ b/src/test/correct/jumptable3/gcc_no_plt_no_pic/jumptable3.expected @@ -474,7 +474,7 @@ procedure main() ZF, Gamma_ZF := bvcomp32(bvadd32(#5, 1bv32), 0bv32), Gamma_#5; NF, Gamma_NF := bvadd32(#5, 1bv32)[32:31], Gamma_#5; assert Gamma_ZF; - goto lmain_goto_l000012f4, lmain_goto_l0000133b; + goto lmain_goto_l0000133b, lmain_goto_l000012f4; l0000133b: assume {:captureState "l0000133b"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -484,7 +484,7 @@ procedure main() ZF, Gamma_ZF := bvcomp32(bvadd32(#6, 1bv32), 0bv32), Gamma_#6; NF, Gamma_NF := bvadd32(#6, 1bv32)[32:31], Gamma_#6; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l0000133b_goto_l00001332, l0000133b_goto_l00001363; + goto l0000133b_goto_l00001363, l0000133b_goto_l00001332; l00001363: assume {:captureState "l00001363"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -494,7 +494,7 @@ procedure main() ZF, Gamma_ZF := bvcomp32(bvadd32(#7, 1bv32), 0bv32), Gamma_#7; NF, Gamma_NF := bvadd32(#7, 1bv32)[32:31], Gamma_#7; assert Gamma_ZF; - goto l00001363_goto_l00001384, l00001363_goto_l0000139e; + goto l00001363_goto_l0000139e, l00001363_goto_l00001384; l00001384: assume {:captureState "l00001384"} true; R30, Gamma_R30 := 2288bv64, true; @@ -532,7 +532,7 @@ procedure main() ZF, Gamma_ZF := bvcomp32(bvadd32(#8, 1bv32), 0bv32), Gamma_#8; NF, Gamma_NF := bvadd32(#8, 1bv32)[32:31], Gamma_#8; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l0000139e_goto_l00001332, l0000139e_goto_l000013c6; + goto l0000139e_goto_l000013c6, l0000139e_goto_l00001332; l000013c6: assume {:captureState "l000013c6"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -575,7 +575,7 @@ procedure main() ZF, Gamma_ZF := bvcomp32(bvadd32(#11, 1bv32), 0bv32), Gamma_#11; NF, Gamma_NF := bvadd32(#11, 1bv32)[32:31], Gamma_#11; assert Gamma_ZF; - goto l00001426_goto_l00001447, l00001426_goto_l0000145e; + goto l00001426_goto_l0000145e, l00001426_goto_l00001447; l0000145e: assume {:captureState "l0000145e"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -585,7 +585,7 @@ procedure main() ZF, Gamma_ZF := bvcomp32(bvadd32(#12, 1bv32), 0bv32), Gamma_#12; NF, Gamma_NF := bvadd32(#12, 1bv32)[32:31], Gamma_#12; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l0000145e_goto_l00001332, l0000145e_goto_l00001486; + goto l0000145e_goto_l00001486, l0000145e_goto_l00001332; l00001486: assume {:captureState "l00001486"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -615,7 +615,7 @@ procedure main() ZF, Gamma_ZF := bvcomp32(bvadd32(#15, 1bv32), 0bv32), Gamma_#15; NF, Gamma_NF := bvadd32(#15, 1bv32)[32:31], Gamma_#15; assert Gamma_ZF; - goto l000014db_goto_l000014fc, l000014db_goto_l00001508; + goto l000014db_goto_l00001508, l000014db_goto_l000014fc; l00001508: assume {:captureState "l00001508"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -635,7 +635,7 @@ procedure main() ZF, Gamma_ZF := bvcomp32(bvadd32(#17, 1bv32), 0bv32), Gamma_#17; NF, Gamma_NF := bvadd32(#17, 1bv32)[32:31], Gamma_#17; assert Gamma_ZF; - goto l00001530_goto_l00001551, l00001530_goto_l00001564; + goto l00001530_goto_l00001564, l00001530_goto_l00001551; l00001551: assume {:captureState "l00001551"} true; R30, Gamma_R30 := 2248bv64, true; @@ -678,7 +678,7 @@ procedure main() ZF, Gamma_ZF := bvcomp32(bvadd32(#18, 1bv32), 0bv32), Gamma_#18; NF, Gamma_NF := bvadd32(#18, 1bv32)[32:31], Gamma_#18; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l00001564_goto_l00001332, l00001564_goto_l0000158c; + goto l00001564_goto_l0000158c, l00001564_goto_l00001332; l0000158c: assume {:captureState "l0000158c"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -688,7 +688,7 @@ procedure main() ZF, Gamma_ZF := bvcomp32(bvadd32(#19, 1bv32), 0bv32), Gamma_#19; NF, Gamma_NF := bvadd32(#19, 1bv32)[32:31], Gamma_#19; assert Gamma_ZF; - goto l0000158c_goto_l000015ad, l0000158c_goto_l000015bd; + goto l0000158c_goto_l000015bd, l0000158c_goto_l000015ad; l000015ad: assume {:captureState "l000015ad"} true; R30, Gamma_R30 := 2240bv64, true; @@ -706,7 +706,7 @@ procedure main() ZF, Gamma_ZF := bvcomp32(bvadd32(#20, 1bv32), 0bv32), Gamma_#20; NF, Gamma_NF := bvadd32(#20, 1bv32)[32:31], Gamma_#20; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l000015bd_goto_l00001332, l000015bd_goto_l000015e5; + goto l000015bd_goto_l000015e5, l000015bd_goto_l00001332; l000015e5: assume {:captureState "l000015e5"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -716,7 +716,7 @@ procedure main() ZF, Gamma_ZF := bvcomp32(bvadd32(#21, 1bv32), 0bv32), Gamma_#21; NF, Gamma_NF := bvadd32(#21, 1bv32)[32:31], Gamma_#21; assert Gamma_ZF; - goto l000015e5_goto_l00001606, l000015e5_goto_l0000161d; + goto l000015e5_goto_l0000161d, l000015e5_goto_l00001606; l00001606: assume {:captureState "l00001606"} true; R30, Gamma_R30 := 2228bv64, true; @@ -749,7 +749,7 @@ procedure main() ZF, Gamma_ZF := bvcomp32(bvadd32(#23, 1bv32), 0bv32), Gamma_#23; NF, Gamma_NF := bvadd32(#23, 1bv32)[32:31], Gamma_#23; assert Gamma_ZF; - goto l00001645_goto_l00001666, l00001645_goto_l00001676; + goto l00001645_goto_l00001676, l00001645_goto_l00001666; l00001676: assume {:captureState "l00001676"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); diff --git a/src/test/correct/jumptable3/gcc_pic/jumptable3.expected b/src/test/correct/jumptable3/gcc_pic/jumptable3.expected index f0bff08a8..e03bfb332 100644 --- a/src/test/correct/jumptable3/gcc_pic/jumptable3.expected +++ b/src/test/correct/jumptable3/gcc_pic/jumptable3.expected @@ -534,7 +534,7 @@ procedure main() ZF, Gamma_ZF := bvcomp32(bvadd32(#5, 1bv32), 0bv32), Gamma_#5; NF, Gamma_NF := bvadd32(#5, 1bv32)[32:31], Gamma_#5; assert Gamma_ZF; - goto lmain_goto_l0000059f, lmain_goto_l000005e7; + goto lmain_goto_l000005e7, lmain_goto_l0000059f; l000005e7: assume {:captureState "l000005e7"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -625,7 +625,7 @@ procedure main() ZF, Gamma_ZF := bvcomp32(bvadd32(#10, 1bv32), 0bv32), Gamma_#10; NF, Gamma_NF := bvadd32(#10, 1bv32)[32:31], Gamma_#10; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l000006aa_goto_l000005de, l000006aa_goto_l000006d2; + goto l000006aa_goto_l000006d2, l000006aa_goto_l000005de; l000006d2: assume {:captureState "l000006d2"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -635,7 +635,7 @@ procedure main() ZF, Gamma_ZF := bvcomp32(bvadd32(#11, 1bv32), 0bv32), Gamma_#11; NF, Gamma_NF := bvadd32(#11, 1bv32)[32:31], Gamma_#11; assert Gamma_ZF; - goto l000006d2_goto_l000006f3, l000006d2_goto_l0000070a; + goto l000006d2_goto_l0000070a, l000006d2_goto_l000006f3; l0000070a: assume {:captureState "l0000070a"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -655,7 +655,7 @@ procedure main() ZF, Gamma_ZF := bvcomp32(bvadd32(#13, 1bv32), 0bv32), Gamma_#13; NF, Gamma_NF := bvadd32(#13, 1bv32)[32:31], Gamma_#13; assert Gamma_ZF; - goto l00000732_goto_l00000753, l00000732_goto_l0000075f; + goto l00000732_goto_l0000075f, l00000732_goto_l00000753; l0000075f: assume {:captureState "l0000075f"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -665,7 +665,7 @@ procedure main() ZF, Gamma_ZF := bvcomp32(bvadd32(#14, 1bv32), 0bv32), Gamma_#14; NF, Gamma_NF := bvadd32(#14, 1bv32)[32:31], Gamma_#14; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l0000075f_goto_l000005de, l0000075f_goto_l00000787; + goto l0000075f_goto_l00000787, l0000075f_goto_l000005de; l00000787: assume {:captureState "l00000787"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -675,7 +675,7 @@ procedure main() ZF, Gamma_ZF := bvcomp32(bvadd32(#15, 1bv32), 0bv32), Gamma_#15; NF, Gamma_NF := bvadd32(#15, 1bv32)[32:31], Gamma_#15; assert Gamma_ZF; - goto l00000787_goto_l000007a8, l00000787_goto_l000007b4; + goto l00000787_goto_l000007b4, l00000787_goto_l000007a8; l000007b4: assume {:captureState "l000007b4"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -685,7 +685,7 @@ procedure main() ZF, Gamma_ZF := bvcomp32(bvadd32(#16, 1bv32), 0bv32), Gamma_#16; NF, Gamma_NF := bvadd32(#16, 1bv32)[32:31], Gamma_#16; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l000007b4_goto_l000005de, l000007b4_goto_l000007dc; + goto l000007b4_goto_l000007dc, l000007b4_goto_l000005de; l000007dc: assume {:captureState "l000007dc"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -748,7 +748,7 @@ procedure main() ZF, Gamma_ZF := bvcomp32(bvadd32(#19, 1bv32), 0bv32), Gamma_#19; NF, Gamma_NF := bvadd32(#19, 1bv32)[32:31], Gamma_#19; assert Gamma_ZF; - goto l00000838_goto_l00000859, l00000838_goto_l00000869; + goto l00000838_goto_l00000869, l00000838_goto_l00000859; l00000859: assume {:captureState "l00000859"} true; R30, Gamma_R30 := 2304bv64, true; @@ -766,7 +766,7 @@ procedure main() ZF, Gamma_ZF := bvcomp32(bvadd32(#20, 1bv32), 0bv32), Gamma_#20; NF, Gamma_NF := bvadd32(#20, 1bv32)[32:31], Gamma_#20; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l00000869_goto_l000005de, l00000869_goto_l00000891; + goto l00000869_goto_l00000891, l00000869_goto_l000005de; l00000891: assume {:captureState "l00000891"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -799,7 +799,7 @@ procedure main() ZF, Gamma_ZF := bvcomp32(bvadd32(#22, 1bv32), 0bv32), Gamma_#22; NF, Gamma_NF := bvadd32(#22, 1bv32)[32:31], Gamma_#22; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l000008c9_goto_l000005de, l000008c9_goto_l000008f1; + goto l000008c9_goto_l000008f1, l000008c9_goto_l000005de; l000008f1: assume {:captureState "l000008f1"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -819,7 +819,7 @@ procedure main() ZF, Gamma_ZF := bvcomp32(bvadd32(#24, 1bv32), 0bv32), Gamma_#24; NF, Gamma_NF := bvadd32(#24, 1bv32)[32:31], Gamma_#24; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l00000922_goto_l000005de, l00000922_goto_l0000094a; + goto l00000922_goto_l0000094a, l00000922_goto_l000005de; l0000094a: assume {:captureState "l0000094a"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -829,7 +829,7 @@ procedure main() ZF, Gamma_ZF := bvcomp32(bvadd32(#25, 1bv32), 0bv32), Gamma_#25; NF, Gamma_NF := bvadd32(#25, 1bv32)[32:31], Gamma_#25; assert Gamma_ZF; - goto l0000094a_goto_l0000096b, l0000094a_goto_l00000982; + goto l0000094a_goto_l00000982, l0000094a_goto_l0000096b; l0000096b: assume {:captureState "l0000096b"} true; R30, Gamma_R30 := 2272bv64, true; @@ -847,7 +847,7 @@ procedure main() ZF, Gamma_ZF := bvcomp32(bvadd32(#26, 1bv32), 0bv32), Gamma_#26; NF, Gamma_NF := bvadd32(#26, 1bv32)[32:31], Gamma_#26; assert Gamma_ZF; - goto l00000982_goto_l0000097b, l00000982_goto_l000009a8; + goto l00000982_goto_l000009a8, l00000982_goto_l0000097b; l0000097b: assume {:captureState "l0000097b"} true; R30, Gamma_R30 := 2280bv64, true; diff --git a/src/test/correct/nestedif/clang/nestedif.expected b/src/test/correct/nestedif/clang/nestedif.expected index cc4c39950..76f85d458 100644 --- a/src/test/correct/nestedif/clang/nestedif.expected +++ b/src/test/correct/nestedif/clang/nestedif.expected @@ -220,7 +220,7 @@ procedure main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l00000379, lmain_goto_l0000037c; + goto lmain_goto_l0000037c, lmain_goto_l00000379; l0000037c: assume {:captureState "l0000037c"} true; R8, Gamma_R8 := 1bv64, true; @@ -232,7 +232,7 @@ procedure main() l0000037f: assume {:captureState "l0000037f"} true; assert Gamma_R8; - goto l0000037f_goto_l00000387, l0000037f_goto_l00000442; + goto l0000037f_goto_l00000442, l0000037f_goto_l00000387; l00000387: assume {:captureState "l00000387"} true; R8, Gamma_R8 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); @@ -243,7 +243,7 @@ procedure main() NF, Gamma_NF := bvadd32(#5, 1bv32)[32:31], Gamma_#5; R8, Gamma_R8 := zero_extend32_32(bvadd32(#5, 1bv32)), Gamma_#5; assert Gamma_ZF; - goto l00000387_goto_l000003b2, l00000387_goto_l000003b5; + goto l00000387_goto_l000003b5, l00000387_goto_l000003b2; l000003b5: assume {:captureState "l000003b5"} true; R8, Gamma_R8 := 1bv64, true; diff --git a/src/test/correct/nestedif/clang_no_plt_no_pic/nestedif.expected b/src/test/correct/nestedif/clang_no_plt_no_pic/nestedif.expected index 6e883b1f1..80c5beae2 100644 --- a/src/test/correct/nestedif/clang_no_plt_no_pic/nestedif.expected +++ b/src/test/correct/nestedif/clang_no_plt_no_pic/nestedif.expected @@ -232,7 +232,7 @@ procedure main() l00000ab0: assume {:captureState "l00000ab0"} true; assert Gamma_R8; - goto l00000ab0_goto_l00000ab8, l00000ab0_goto_l00000b73; + goto l00000ab0_goto_l00000b73, l00000ab0_goto_l00000ab8; l00000ab8: assume {:captureState "l00000ab8"} true; R8, Gamma_R8 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); @@ -243,7 +243,7 @@ procedure main() NF, Gamma_NF := bvadd32(#5, 1bv32)[32:31], Gamma_#5; R8, Gamma_R8 := zero_extend32_32(bvadd32(#5, 1bv32)), Gamma_#5; assert Gamma_ZF; - goto l00000ab8_goto_l00000ae3, l00000ab8_goto_l00000ae6; + goto l00000ab8_goto_l00000ae6, l00000ab8_goto_l00000ae3; l00000ae6: assume {:captureState "l00000ae6"} true; R8, Gamma_R8 := 1bv64, true; @@ -278,7 +278,7 @@ procedure main() l00000b22: assume {:captureState "l00000b22"} true; assert Gamma_R8; - goto l00000b22_goto_l00000b2a, l00000b22_goto_l00000b49; + goto l00000b22_goto_l00000b49, l00000b22_goto_l00000b2a; l00000b49: assume {:captureState "l00000b49"} true; goto l00000b4a; diff --git a/src/test/correct/nestedif/clang_pic/nestedif.expected b/src/test/correct/nestedif/clang_pic/nestedif.expected index 6e883b1f1..80c5beae2 100644 --- a/src/test/correct/nestedif/clang_pic/nestedif.expected +++ b/src/test/correct/nestedif/clang_pic/nestedif.expected @@ -232,7 +232,7 @@ procedure main() l00000ab0: assume {:captureState "l00000ab0"} true; assert Gamma_R8; - goto l00000ab0_goto_l00000ab8, l00000ab0_goto_l00000b73; + goto l00000ab0_goto_l00000b73, l00000ab0_goto_l00000ab8; l00000ab8: assume {:captureState "l00000ab8"} true; R8, Gamma_R8 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); @@ -243,7 +243,7 @@ procedure main() NF, Gamma_NF := bvadd32(#5, 1bv32)[32:31], Gamma_#5; R8, Gamma_R8 := zero_extend32_32(bvadd32(#5, 1bv32)), Gamma_#5; assert Gamma_ZF; - goto l00000ab8_goto_l00000ae3, l00000ab8_goto_l00000ae6; + goto l00000ab8_goto_l00000ae6, l00000ab8_goto_l00000ae3; l00000ae6: assume {:captureState "l00000ae6"} true; R8, Gamma_R8 := 1bv64, true; @@ -278,7 +278,7 @@ procedure main() l00000b22: assume {:captureState "l00000b22"} true; assert Gamma_R8; - goto l00000b22_goto_l00000b2a, l00000b22_goto_l00000b49; + goto l00000b22_goto_l00000b49, l00000b22_goto_l00000b2a; l00000b49: assume {:captureState "l00000b49"} true; goto l00000b4a; diff --git a/src/test/correct/nestedif/gcc/nestedif.expected b/src/test/correct/nestedif/gcc/nestedif.expected index 66735fb03..01fc15bd5 100644 --- a/src/test/correct/nestedif/gcc/nestedif.expected +++ b/src/test/correct/nestedif/gcc/nestedif.expected @@ -235,7 +235,7 @@ procedure main() ZF, Gamma_ZF := bvcomp32(bvadd32(#6, 1bv32), 0bv32), Gamma_#6; NF, Gamma_NF := bvadd32(#6, 1bv32)[32:31], Gamma_#6; assert Gamma_ZF; - goto l0000036b_goto_l00000391, l0000036b_goto_l000003a6; + goto l0000036b_goto_l000003a6, l0000036b_goto_l00000391; l000003a6: assume {:captureState "l000003a6"} true; R0, Gamma_R0 := 7bv64, true; diff --git a/src/test/correct/simple_jump/gcc/simple_jump.expected b/src/test/correct/simple_jump/gcc/simple_jump.expected index 90f4f92e4..4195b886a 100644 --- a/src/test/correct/simple_jump/gcc/simple_jump.expected +++ b/src/test/correct/simple_jump/gcc/simple_jump.expected @@ -209,7 +209,7 @@ procedure main() ZF, Gamma_ZF := bvcomp32(bvadd32(#4, 1bv32), 0bv32), Gamma_#4; NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l0000030a, lmain_goto_l0000031f; + goto lmain_goto_l0000031f, lmain_goto_l0000030a; l0000031f: assume {:captureState "l0000031f"} true; R0, Gamma_R0 := 6bv64, true; diff --git a/src/test/correct/simple_jump/gcc_no_plt_no_pic/simple_jump.expected b/src/test/correct/simple_jump/gcc_no_plt_no_pic/simple_jump.expected index fca2ea8b1..cb9614234 100644 --- a/src/test/correct/simple_jump/gcc_no_plt_no_pic/simple_jump.expected +++ b/src/test/correct/simple_jump/gcc_no_plt_no_pic/simple_jump.expected @@ -209,7 +209,7 @@ procedure main() ZF, Gamma_ZF := bvcomp32(bvadd32(#4, 1bv32), 0bv32), Gamma_#4; NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l000008e1, lmain_goto_l000008f6; + goto lmain_goto_l000008f6, lmain_goto_l000008e1; l000008f6: assume {:captureState "l000008f6"} true; R0, Gamma_R0 := 6bv64, true; diff --git a/src/test/correct/simple_jump/gcc_pic/simple_jump.expected b/src/test/correct/simple_jump/gcc_pic/simple_jump.expected index fca2ea8b1..cb9614234 100644 --- a/src/test/correct/simple_jump/gcc_pic/simple_jump.expected +++ b/src/test/correct/simple_jump/gcc_pic/simple_jump.expected @@ -209,7 +209,7 @@ procedure main() ZF, Gamma_ZF := bvcomp32(bvadd32(#4, 1bv32), 0bv32), Gamma_#4; NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l000008e1, lmain_goto_l000008f6; + goto lmain_goto_l000008f6, lmain_goto_l000008e1; l000008f6: assume {:captureState "l000008f6"} true; R0, Gamma_R0 := 6bv64, true; diff --git a/src/test/correct/switch/clang_no_plt_no_pic/switch.expected b/src/test/correct/switch/clang_no_plt_no_pic/switch.expected index 198585344..aaf01b543 100644 --- a/src/test/correct/switch/clang_no_plt_no_pic/switch.expected +++ b/src/test/correct/switch/clang_no_plt_no_pic/switch.expected @@ -242,7 +242,7 @@ procedure main() NF, Gamma_NF := bvadd32(#5, 1bv32)[32:31], Gamma_#5; R8, Gamma_R8 := zero_extend32_32(bvadd32(#5, 1bv32)), Gamma_#5; assert Gamma_ZF; - goto l00000a50_goto_l00000a79, l00000a50_goto_l00000a7c; + goto l00000a50_goto_l00000a7c, l00000a50_goto_l00000a79; l00000a7c: assume {:captureState "l00000a7c"} true; R8, Gamma_R8 := 1bv64, true; diff --git a/src/test/correct/switch/clang_pic/switch.expected b/src/test/correct/switch/clang_pic/switch.expected index 198585344..aaf01b543 100644 --- a/src/test/correct/switch/clang_pic/switch.expected +++ b/src/test/correct/switch/clang_pic/switch.expected @@ -242,7 +242,7 @@ procedure main() NF, Gamma_NF := bvadd32(#5, 1bv32)[32:31], Gamma_#5; R8, Gamma_R8 := zero_extend32_32(bvadd32(#5, 1bv32)), Gamma_#5; assert Gamma_ZF; - goto l00000a50_goto_l00000a79, l00000a50_goto_l00000a7c; + goto l00000a50_goto_l00000a7c, l00000a50_goto_l00000a79; l00000a7c: assume {:captureState "l00000a7c"} true; R8, Gamma_R8 := 1bv64, true; diff --git a/src/test/correct/switch/gcc/switch.expected b/src/test/correct/switch/gcc/switch.expected index 355bb8743..93a705102 100644 --- a/src/test/correct/switch/gcc/switch.expected +++ b/src/test/correct/switch/gcc/switch.expected @@ -213,7 +213,7 @@ procedure main() ZF, Gamma_ZF := bvcomp32(bvadd32(#4, 1bv32), 0bv32), Gamma_#4; NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l00000339, lmain_goto_l0000036b; + goto lmain_goto_l0000036b, lmain_goto_l00000339; l0000036b: assume {:captureState "l0000036b"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); diff --git a/src/test/correct/switch2/gcc/switch2.expected b/src/test/correct/switch2/gcc/switch2.expected index 317bf93c9..7443d262f 100644 --- a/src/test/correct/switch2/gcc/switch2.expected +++ b/src/test/correct/switch2/gcc/switch2.expected @@ -324,7 +324,7 @@ procedure main() ZF, Gamma_ZF := bvcomp32(bvadd32(#10, 1bv32), 0bv32), Gamma_#10; NF, Gamma_NF := bvadd32(#10, 1bv32)[32:31], Gamma_#10; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l000004e2_goto_l000003e2, l000004e2_goto_l0000050a; + goto l000004e2_goto_l0000050a, l000004e2_goto_l000003e2; l0000050a: assume {:captureState "l0000050a"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); diff --git a/src/test/correct/switch2/gcc_no_plt_no_pic/switch2.expected b/src/test/correct/switch2/gcc_no_plt_no_pic/switch2.expected index 6f0e32d47..21091a5b1 100644 --- a/src/test/correct/switch2/gcc_no_plt_no_pic/switch2.expected +++ b/src/test/correct/switch2/gcc_no_plt_no_pic/switch2.expected @@ -294,7 +294,7 @@ procedure main() ZF, Gamma_ZF := bvcomp32(bvadd32(#8, 1bv32), 0bv32), Gamma_#8; NF, Gamma_NF := bvadd32(#8, 1bv32)[32:31], Gamma_#8; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l00000cc6_goto_l00000c41, l00000cc6_goto_l00000cee; + goto l00000cc6_goto_l00000cee, l00000cc6_goto_l00000c41; l00000cee: assume {:captureState "l00000cee"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -304,7 +304,7 @@ procedure main() ZF, Gamma_ZF := bvcomp32(bvadd32(#9, 1bv32), 0bv32), Gamma_#9; NF, Gamma_NF := bvadd32(#9, 1bv32)[32:31], Gamma_#9; assert Gamma_ZF; - goto l00000cee_goto_l00000d0f, l00000cee_goto_l00000d41; + goto l00000cee_goto_l00000d41, l00000cee_goto_l00000d0f; l00000d0f: assume {:captureState "l00000d0f"} true; R30, Gamma_R30 := 1944bv64, true; @@ -324,7 +324,7 @@ procedure main() ZF, Gamma_ZF := bvcomp32(bvadd32(#10, 1bv32), 0bv32), Gamma_#10; NF, Gamma_NF := bvadd32(#10, 1bv32)[32:31], Gamma_#10; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l00000d41_goto_l00000c41, l00000d41_goto_l00000d69; + goto l00000d41_goto_l00000d69, l00000d41_goto_l00000c41; l00000d69: assume {:captureState "l00000d69"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -334,7 +334,7 @@ procedure main() ZF, Gamma_ZF := bvcomp32(bvadd32(#11, 1bv32), 0bv32), Gamma_#11; NF, Gamma_NF := bvadd32(#11, 1bv32)[32:31], Gamma_#11; assert Gamma_ZF; - goto l00000d69_goto_l00000d23, l00000d69_goto_l00000d8f; + goto l00000d69_goto_l00000d8f, l00000d69_goto_l00000d23; l00000d23: assume {:captureState "l00000d23"} true; R0, Gamma_R0 := 1bv64, true; diff --git a/src/test/correct/switch2/gcc_pic/switch2.expected b/src/test/correct/switch2/gcc_pic/switch2.expected index 6f0e32d47..21091a5b1 100644 --- a/src/test/correct/switch2/gcc_pic/switch2.expected +++ b/src/test/correct/switch2/gcc_pic/switch2.expected @@ -294,7 +294,7 @@ procedure main() ZF, Gamma_ZF := bvcomp32(bvadd32(#8, 1bv32), 0bv32), Gamma_#8; NF, Gamma_NF := bvadd32(#8, 1bv32)[32:31], Gamma_#8; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l00000cc6_goto_l00000c41, l00000cc6_goto_l00000cee; + goto l00000cc6_goto_l00000cee, l00000cc6_goto_l00000c41; l00000cee: assume {:captureState "l00000cee"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -304,7 +304,7 @@ procedure main() ZF, Gamma_ZF := bvcomp32(bvadd32(#9, 1bv32), 0bv32), Gamma_#9; NF, Gamma_NF := bvadd32(#9, 1bv32)[32:31], Gamma_#9; assert Gamma_ZF; - goto l00000cee_goto_l00000d0f, l00000cee_goto_l00000d41; + goto l00000cee_goto_l00000d41, l00000cee_goto_l00000d0f; l00000d0f: assume {:captureState "l00000d0f"} true; R30, Gamma_R30 := 1944bv64, true; @@ -324,7 +324,7 @@ procedure main() ZF, Gamma_ZF := bvcomp32(bvadd32(#10, 1bv32), 0bv32), Gamma_#10; NF, Gamma_NF := bvadd32(#10, 1bv32)[32:31], Gamma_#10; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l00000d41_goto_l00000c41, l00000d41_goto_l00000d69; + goto l00000d41_goto_l00000d69, l00000d41_goto_l00000c41; l00000d69: assume {:captureState "l00000d69"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -334,7 +334,7 @@ procedure main() ZF, Gamma_ZF := bvcomp32(bvadd32(#11, 1bv32), 0bv32), Gamma_#11; NF, Gamma_NF := bvadd32(#11, 1bv32)[32:31], Gamma_#11; assert Gamma_ZF; - goto l00000d69_goto_l00000d23, l00000d69_goto_l00000d8f; + goto l00000d69_goto_l00000d8f, l00000d69_goto_l00000d23; l00000d23: assume {:captureState "l00000d23"} true; R0, Gamma_R0 := 1bv64, true; diff --git a/src/test/correct/using_gamma_conditional/clang/using_gamma_conditional.expected b/src/test/correct/using_gamma_conditional/clang/using_gamma_conditional.expected index b1773a812..a89fe9994 100644 --- a/src/test/correct/using_gamma_conditional/clang/using_gamma_conditional.expected +++ b/src/test/correct/using_gamma_conditional/clang/using_gamma_conditional.expected @@ -225,7 +225,7 @@ procedure main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l00000322, lmain_goto_l00000325; + goto lmain_goto_l00000325, lmain_goto_l00000322; l00000325: assume {:captureState "l00000325"} true; R8, Gamma_R8 := 1bv64, true; diff --git a/src/test/correct/using_gamma_conditional/clang_no_plt_no_pic/using_gamma_conditional.expected b/src/test/correct/using_gamma_conditional/clang_no_plt_no_pic/using_gamma_conditional.expected index bb9a9caa9..47e86bf5c 100644 --- a/src/test/correct/using_gamma_conditional/clang_no_plt_no_pic/using_gamma_conditional.expected +++ b/src/test/correct/using_gamma_conditional/clang_no_plt_no_pic/using_gamma_conditional.expected @@ -237,7 +237,7 @@ procedure main() l00000943: assume {:captureState "l00000943"} true; assert Gamma_R8; - goto l00000943_goto_l0000094b, l00000943_goto_l00000973; + goto l00000943_goto_l00000973, l00000943_goto_l0000094b; l0000094b: assume {:captureState "l0000094b"} true; R8, Gamma_R8 := 1bv64, true; diff --git a/src/test/correct/using_gamma_conditional/clang_pic/using_gamma_conditional.expected b/src/test/correct/using_gamma_conditional/clang_pic/using_gamma_conditional.expected index 022cc6fb7..218a90bcb 100644 --- a/src/test/correct/using_gamma_conditional/clang_pic/using_gamma_conditional.expected +++ b/src/test/correct/using_gamma_conditional/clang_pic/using_gamma_conditional.expected @@ -259,7 +259,7 @@ procedure main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l0000032d, lmain_goto_l00000330; + goto lmain_goto_l00000330, lmain_goto_l0000032d; l00000330: assume {:captureState "l00000330"} true; R8, Gamma_R8 := 1bv64, true; diff --git a/src/test/correct/using_gamma_conditional/gcc_O2/using_gamma_conditional.expected b/src/test/correct/using_gamma_conditional/gcc_O2/using_gamma_conditional.expected index 62ead8320..11811a30a 100644 --- a/src/test/correct/using_gamma_conditional/gcc_O2/using_gamma_conditional.expected +++ b/src/test/correct/using_gamma_conditional/gcc_O2/using_gamma_conditional.expected @@ -205,7 +205,7 @@ procedure main() ZF, Gamma_ZF := bvcomp32(bvadd32(#1, 1bv32), 0bv32), Gamma_#1; NF, Gamma_NF := bvadd32(#1, 1bv32)[32:31], Gamma_#1; assert Gamma_ZF; - goto lmain_goto_l000001cf, lmain_goto_l000001d2; + goto lmain_goto_l000001d2, lmain_goto_l000001cf; l000001d2: assume {:captureState "l000001d2"} true; R0, Gamma_R0 := 1bv64, true; diff --git a/src/test/correct/using_gamma_conditional/gcc_no_plt_no_pic/using_gamma_conditional.expected b/src/test/correct/using_gamma_conditional/gcc_no_plt_no_pic/using_gamma_conditional.expected index 1eb9759f1..f2e4fa7f1 100644 --- a/src/test/correct/using_gamma_conditional/gcc_no_plt_no_pic/using_gamma_conditional.expected +++ b/src/test/correct/using_gamma_conditional/gcc_no_plt_no_pic/using_gamma_conditional.expected @@ -206,7 +206,7 @@ procedure main() ZF, Gamma_ZF := bvcomp32(bvadd32(#4, 1bv32), 0bv32), Gamma_#4; NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l000008b3, lmain_goto_l000008c2; + goto lmain_goto_l000008c2, lmain_goto_l000008b3; l000008b3: assume {:captureState "l000008b3"} true; R0, Gamma_R0 := 1bv64, true; diff --git a/src/test/incorrect/iflocal/clang/iflocal.expected b/src/test/incorrect/iflocal/clang/iflocal.expected index f90233011..8ed1272aa 100644 --- a/src/test/incorrect/iflocal/clang/iflocal.expected +++ b/src/test/incorrect/iflocal/clang/iflocal.expected @@ -214,7 +214,7 @@ procedure main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l00000334, lmain_goto_l00000337; + goto lmain_goto_l00000337, lmain_goto_l00000334; l00000337: assume {:captureState "l00000337"} true; R8, Gamma_R8 := 1bv64, true; @@ -226,7 +226,7 @@ procedure main() l0000033a: assume {:captureState "l0000033a"} true; assert Gamma_R8; - goto l0000033a_goto_l00000342, l0000033a_goto_l00000359; + goto l0000033a_goto_l00000359, l0000033a_goto_l00000342; l00000359: assume {:captureState "l00000359"} true; goto l0000035a; diff --git a/src/test/incorrect/nestedifglobal/clang/nestedifglobal.expected b/src/test/incorrect/nestedifglobal/clang/nestedifglobal.expected index 87cfa4dab..4201a58a0 100644 --- a/src/test/incorrect/nestedifglobal/clang/nestedifglobal.expected +++ b/src/test/incorrect/nestedifglobal/clang/nestedifglobal.expected @@ -242,7 +242,7 @@ procedure main() l00000396: assume {:captureState "l00000396"} true; assert Gamma_R8; - goto l00000396_goto_l0000039e, l00000396_goto_l0000045d; + goto l00000396_goto_l0000045d, l00000396_goto_l0000039e; l0000045d: assume {:captureState "l0000045d"} true; goto l0000045e; @@ -264,7 +264,7 @@ procedure main() NF, Gamma_NF := bvadd32(#5, 1bv32)[32:31], Gamma_#5; R8, Gamma_R8 := zero_extend32_32(bvadd32(#5, 1bv32)), Gamma_#5; assert Gamma_ZF; - goto l0000039e_goto_l000003ce, l0000039e_goto_l000003d1; + goto l0000039e_goto_l000003d1, l0000039e_goto_l000003ce; l000003d1: assume {:captureState "l000003d1"} true; R8, Gamma_R8 := 1bv64, true; @@ -276,7 +276,7 @@ procedure main() l000003d4: assume {:captureState "l000003d4"} true; assert Gamma_R8; - goto l000003d4_goto_l000003dc, l000003d4_goto_l00000448; + goto l000003d4_goto_l00000448, l000003d4_goto_l000003dc; l00000448: assume {:captureState "l00000448"} true; goto l00000449; @@ -296,7 +296,7 @@ procedure main() NF, Gamma_NF := bvadd32(#6, 1bv32)[32:31], Gamma_#6; R8, Gamma_R8 := zero_extend32_32(bvadd32(#6, 1bv32)), Gamma_#6; assert Gamma_ZF; - goto l000003dc_goto_l00000407, l000003dc_goto_l0000040a; + goto l000003dc_goto_l0000040a, l000003dc_goto_l00000407; l0000040a: assume {:captureState "l0000040a"} true; R8, Gamma_R8 := 1bv64, true; diff --git a/src/test/incorrect/nestedifglobal/clang_no_plt_no_pic/nestedifglobal.expected b/src/test/incorrect/nestedifglobal/clang_no_plt_no_pic/nestedifglobal.expected index bd4cadff9..e66bea4a0 100644 --- a/src/test/incorrect/nestedifglobal/clang_no_plt_no_pic/nestedifglobal.expected +++ b/src/test/incorrect/nestedifglobal/clang_no_plt_no_pic/nestedifglobal.expected @@ -230,7 +230,7 @@ procedure main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l00000ae0, lmain_goto_l00000ae3; + goto lmain_goto_l00000ae3, lmain_goto_l00000ae0; l00000ae3: assume {:captureState "l00000ae3"} true; R8, Gamma_R8 := 1bv64, true; @@ -296,7 +296,7 @@ procedure main() NF, Gamma_NF := bvadd32(#6, 1bv32)[32:31], Gamma_#6; R8, Gamma_R8 := zero_extend32_32(bvadd32(#6, 1bv32)), Gamma_#6; assert Gamma_ZF; - goto l00000b2c_goto_l00000b57, l00000b2c_goto_l00000b5a; + goto l00000b2c_goto_l00000b5a, l00000b2c_goto_l00000b57; l00000b5a: assume {:captureState "l00000b5a"} true; R8, Gamma_R8 := 1bv64, true; diff --git a/src/test/incorrect/nestedifglobal/clang_pic/nestedifglobal.expected b/src/test/incorrect/nestedifglobal/clang_pic/nestedifglobal.expected index e3f54f47c..b907550a3 100644 --- a/src/test/incorrect/nestedifglobal/clang_pic/nestedifglobal.expected +++ b/src/test/incorrect/nestedifglobal/clang_pic/nestedifglobal.expected @@ -298,7 +298,7 @@ procedure main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l000003ab, lmain_goto_l000003ae; + goto lmain_goto_l000003ae, lmain_goto_l000003ab; l000003ae: assume {:captureState "l000003ae"} true; R8, Gamma_R8 := 1bv64, true; @@ -376,7 +376,7 @@ procedure main() l0000042a: assume {:captureState "l0000042a"} true; assert Gamma_R8; - goto l0000042a_goto_l00000432, l0000042a_goto_l00000449; + goto l0000042a_goto_l00000449, l0000042a_goto_l00000432; l00000449: assume {:captureState "l00000449"} true; goto l0000044a; diff --git a/src/test/incorrect/nestedifglobal/gcc/nestedifglobal.expected b/src/test/incorrect/nestedifglobal/gcc/nestedifglobal.expected index fa0a032fa..b04c26305 100644 --- a/src/test/incorrect/nestedifglobal/gcc/nestedifglobal.expected +++ b/src/test/incorrect/nestedifglobal/gcc/nestedifglobal.expected @@ -228,7 +228,7 @@ procedure main() ZF, Gamma_ZF := bvcomp32(bvadd32(#4, 1bv32), 0bv32), Gamma_#4; NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l00000381, lmain_goto_l00000414; + goto lmain_goto_l00000414, lmain_goto_l00000381; l00000414: assume {:captureState "l00000414"} true; R0, Gamma_R0 := 3bv64, true; diff --git a/src/test/incorrect/nestedifglobal/gcc_no_plt_no_pic/nestedifglobal.expected b/src/test/incorrect/nestedifglobal/gcc_no_plt_no_pic/nestedifglobal.expected index ccd235a1c..805a86bd5 100644 --- a/src/test/incorrect/nestedifglobal/gcc_no_plt_no_pic/nestedifglobal.expected +++ b/src/test/incorrect/nestedifglobal/gcc_no_plt_no_pic/nestedifglobal.expected @@ -228,7 +228,7 @@ procedure main() ZF, Gamma_ZF := bvcomp32(bvadd32(#4, 1bv32), 0bv32), Gamma_#4; NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; - goto lmain_goto_l00000a79, lmain_goto_l00000b0c; + goto lmain_goto_l00000b0c, lmain_goto_l00000a79; l00000b0c: assume {:captureState "l00000b0c"} true; R0, Gamma_R0 := 3bv64, true; @@ -263,7 +263,7 @@ procedure main() ZF, Gamma_ZF := bvcomp32(bvadd32(#6, 1bv32), 0bv32), Gamma_#6; NF, Gamma_NF := bvadd32(#6, 1bv32)[32:31], Gamma_#6; assert Gamma_ZF; - goto l00000aaa_goto_l00000ad0, l00000aaa_goto_l00000ae5; + goto l00000aaa_goto_l00000ae5, l00000aaa_goto_l00000ad0; l00000ae5: assume {:captureState "l00000ae5"} true; R0, Gamma_R0 := 69632bv64, true; diff --git a/src/test/incorrect/nestedifglobal/gcc_pic/nestedifglobal.expected b/src/test/incorrect/nestedifglobal/gcc_pic/nestedifglobal.expected index f2b82be6a..df2ded000 100644 --- a/src/test/incorrect/nestedifglobal/gcc_pic/nestedifglobal.expected +++ b/src/test/incorrect/nestedifglobal/gcc_pic/nestedifglobal.expected @@ -306,7 +306,7 @@ procedure main() ZF, Gamma_ZF := bvcomp32(bvadd32(#5, 1bv32), 0bv32), Gamma_#5; NF, Gamma_NF := bvadd32(#5, 1bv32)[32:31], Gamma_#5; assert Gamma_ZF; - goto l00000383_goto_l000003b5, l00000383_goto_l0000040b; + goto l00000383_goto_l0000040b, l00000383_goto_l000003b5; l0000040b: assume {:captureState "l0000040b"} true; R0, Gamma_R0 := 5bv64, true; @@ -322,7 +322,7 @@ procedure main() ZF, Gamma_ZF := bvcomp32(bvadd32(#6, 1bv32), 0bv32), Gamma_#6; NF, Gamma_NF := bvadd32(#6, 1bv32)[32:31], Gamma_#6; assert Gamma_ZF; - goto l000003b5_goto_l000003db, l000003b5_goto_l000003f0; + goto l000003b5_goto_l000003f0, l000003b5_goto_l000003db; l000003f0: assume {:captureState "l000003f0"} true; R0, Gamma_R0 := 65536bv64, true; From b2eb8390ceaca7686364d79d34e0326f8650b9d0 Mon Sep 17 00:00:00 2001 From: Alistair Michael Date: Mon, 27 Nov 2023 18:26:38 +1000 Subject: [PATCH 19/42] cleanup --- src/main/scala/analysis/Cfg.scala | 6 ++--- src/main/scala/ir/IRCursor.scala | 16 +++++++------ src/main/scala/ir/Interpreter.scala | 2 +- src/main/scala/ir/Program.scala | 29 +++++++++++++++++++----- src/main/scala/ir/Statement.scala | 8 +++++++ src/main/scala/ir/Visitor.scala | 11 ++++++++- src/main/scala/translating/BAPToIR.scala | 2 ++ src/main/scala/util/RunUtils.scala | 6 ++++- 8 files changed, 61 insertions(+), 19 deletions(-) diff --git a/src/main/scala/analysis/Cfg.scala b/src/main/scala/analysis/Cfg.scala index 6b350a7d9..6c61e9563 100644 --- a/src/main/scala/analysis/Cfg.scala +++ b/src/main/scala/analysis/Cfg.scala @@ -217,7 +217,7 @@ case class CfgFunctionEntryNode( override val succInter: mutable.Set[CfgEdge] = mutable.Set[CfgEdge](), data: Procedure ) extends CfgNodeWithData[Procedure]: - override def block: Block = data.blocks.head + override def block: Block = data.entryBlock.get override def toString: String = s"[FunctionEntry] $data" /** Copy this node, but give unique ID and reset edges */ @@ -233,7 +233,7 @@ case class CfgFunctionExitNode( override val succInter: mutable.Set[CfgEdge] = mutable.Set[CfgEdge](), data: Procedure ) extends CfgNodeWithData[Procedure]: - override def block: Block = data.blocks.head + override def block: Block = data.entryBlock.get override def toString: String = s"[FunctionExit] $data" /** Copy this node, but give unique ID and reset edges */ @@ -653,7 +653,7 @@ class ProgramCfgFactory: val visitedBlocks: mutable.HashMap[Block, CfgCommandNode] = mutable.HashMap[Block, CfgCommandNode]() // Recurse through blocks - visitBlock(proc.blocks.head, funcEntryNode, TrueLiteral) + visitBlock(proc.entryBlock.get, funcEntryNode, TrueLiteral) /** Add a block to the CFG. A block in this case is a basic block, so it contains a list of consecutive statements * followed by a jump at the end to another block. We process statements in this block (if they exist), and then diff --git a/src/main/scala/ir/IRCursor.scala b/src/main/scala/ir/IRCursor.scala index 2bbd532ad..4d7136c5f 100644 --- a/src/main/scala/ir/IRCursor.scala +++ b/src/main/scala/ir/IRCursor.scala @@ -38,23 +38,25 @@ object IntraProcIRCursor { Set(s.parent.jump) } case j: Jump => j match { - /* TODO jumps are ordered so prior jumps mask later jumps; assuming the union of the conditions is total - * This will not be the case once we make all jumps nondeterministic. */ case n: GoTo => n.targets.asInstanceOf[Set[CFGPosition]] case c: DirectCall => c.returnTarget match case Some(b) => Set(b) - case None => Set(ProcedureUnknownJump(c.parent.parent, c)) + case None => Set() case i: IndirectCall => if (i.target.name == "R30") { - Set(ProcedureExit(i.parent.parent, pos)) + Set() } else { i.returnTarget match case Some(block: Block) => Set[CFGPosition](block) - case None => Set(ProcedureUnknownJump(i.parent.parent, pos)) + case None => Set() } } - case b: Block => if b.statements.isEmpty then Set[CFGPosition](b.jump) else Set[CFGPosition](b.statements.head()) - case proc: Procedure => if proc.blocks.isEmpty then Set(ProcedureExit(proc, proc)) else Set(proc.blocks.head()) + case b: Block => + if b.statements.isEmpty + then Set[CFGPosition](b.jump) + else Set[CFGPosition](b.statements.head()) + case proc: Procedure => + if proc.entryBlock.isEmpty then Set(proc.returnBlock) else Set(proc.entryBlock.get) case j: ProcedureUnknownJump => Set(ProcedureExit(j.fromProcedure, j)) case e: ProcedureExit => Set() } diff --git a/src/main/scala/ir/Interpreter.scala b/src/main/scala/ir/Interpreter.scala index eafd4b914..bc54f40f4 100644 --- a/src/main/scala/ir/Interpreter.scala +++ b/src/main/scala/ir/Interpreter.scala @@ -172,7 +172,7 @@ class Interpreter() { } // Procedure.Block - p.blocks.headOption match { + p.entryBlock match { case Some(block) => nextBlock = Some(block) case None => nextBlock = Some(returnBlock.pop()) } diff --git a/src/main/scala/ir/Program.scala b/src/main/scala/ir/Program.scala index 3f6ac058b..38c855ee4 100644 --- a/src/main/scala/ir/Program.scala +++ b/src/main/scala/ir/Program.scala @@ -7,7 +7,7 @@ import analysis.BitVectorEval import intrusiveList.{IntrusiveList, IntrusiveListElement} trait HasParent[T]: - protected var _parent: Option[T] = None + private var _parent: Option[T] = None def parent: T = _parent.get protected final def setParentValue(p: T): Unit = _parent = Some(p) @@ -126,20 +126,35 @@ class Program(var procedures: ArrayBuffer[Procedure], var mainProcedure: Procedu class Procedure ( var name: String, - var address: Option[Int], - var blocks: IntrusiveList[Block], - var in: ArrayBuffer[Parameter], - var out: ArrayBuffer[Parameter] + var address: Option[Int] = None, + val blocks: IntrusiveList[Block] = IntrusiveList(), + var in: ArrayBuffer[Parameter] = ArrayBuffer(), + var out: ArrayBuffer[Parameter] = ArrayBuffer(), ) { blocks.onInsert = x => { + x.deParent() x.setParent(this) } blocks.onRemove = x => { x.deParent() } + private var _entryBlock: Option[Block] = None + val returnBlock: Block = new Block(name + "_return", None, List(NOP()), new IndirectCall(Register("R30", BitVecType(64)), None, Some(name))) + returnBlock.setParent(this) + //blocks.append(returnBlock) + private var _callers = new mutable.HashMap[Procedure, mutable.Set[Call]] with mutable.MultiMap[Procedure, Call] + def entryBlock: Option[Block] = { + _entryBlock match { + case None => + _entryBlock = blocks.find(p => p.address == address) + _entryBlock + case Some(b) => Some(b) + } + } + def calls: Set[Procedure] = blocks.flatMap(_.calls).toSet override def toString: String = { s"Procedure $name at ${address.getOrElse("None")} with ${blocks.size} blocks and ${in.size} in and ${out.size} out parameters" @@ -169,7 +184,7 @@ class Procedure ( val stackRefs: mutable.Set[Variable] = mutable.Set(stackPointer) val visitedBlocks: mutable.Set[Block] = mutable.Set() val stackMemory = Memory("stack", 64, 8) - val firstBlock = blocks.headOption + val firstBlock = entryBlock firstBlock.foreach(visitBlock) // does not handle loops but we do not currently support loops in block CFG so this should do for now anyway @@ -269,6 +284,8 @@ class Block private (var label: String, this } + def isReturn: Boolean = this == parent.returnBlock + // def replaceGoTo(targets: Iterable[Block], label: Option[String] = None): this.type = { // _jump.foreach(_.deParent) // _jump = Some(GoTo(targets, label).setParent(this)) diff --git a/src/main/scala/ir/Statement.scala b/src/main/scala/ir/Statement.scala index 12bb548fe..fc303937c 100644 --- a/src/main/scala/ir/Statement.scala +++ b/src/main/scala/ir/Statement.scala @@ -152,6 +152,14 @@ class IndirectCall(var target: Variable, var returnTarget: Option[Block], overri } */ override def toString: String = s"${labelStr}IndirectCall($target, ${returnTarget.map(_.label)})" override def acceptVisit(visitor: Visitor): Jump = visitor.visitIndirectCall(this) + + override def equals(obj: Any): Boolean = { + obj match + case c: IndirectCall => c.parent == parent && c.target == target && c.returnTarget == c.returnTarget && c.label == label + case o: Any => false + } + + override def hashCode(): Int = toString.hashCode } object IndirectCall: diff --git a/src/main/scala/ir/Visitor.scala b/src/main/scala/ir/Visitor.scala index 8f15f5780..6ba9fa82f 100644 --- a/src/main/scala/ir/Visitor.scala +++ b/src/main/scala/ir/Visitor.scala @@ -310,7 +310,7 @@ class ExternalRemover(external: Set[String]) extends Visitor { if (external.contains(node.name)) { // update the modifies set before removing the body node.modifies.addAll(node.blocks.flatMap(_.modifies)) - node.blocks = IntrusiveList() + node.blocks.clear() } super.visitProcedure(node) } @@ -339,3 +339,12 @@ class VariablesWithoutStoresLoads extends ReadOnlyVisitor { } } + +class ConvertToSingleProcedureReturn extends Visitor { + override def visitJump(node: Jump): Jump = { + node match + case c: IndirectCall => + if c.target.name == "R30" then GoTo(Seq(c.parent.parent.returnBlock)) else node + case _ => node + } +} diff --git a/src/main/scala/translating/BAPToIR.scala b/src/main/scala/translating/BAPToIR.scala index 71a56bace..e68e5536b 100644 --- a/src/main/scala/translating/BAPToIR.scala +++ b/src/main/scala/translating/BAPToIR.scala @@ -23,6 +23,8 @@ class BAPToIR(var program: BAPProgram, mainAddress: Int) { val in: ArrayBuffer[Parameter] = ArrayBuffer() val out: ArrayBuffer[Parameter] = ArrayBuffer() val procedure = Procedure(s.name, Some(s.address), blocks, in, out) + + for (b <- s.blocks) { val block = Block(b.label, b.address, ArrayBuffer()) blocks.append(block) diff --git a/src/main/scala/util/RunUtils.scala b/src/main/scala/util/RunUtils.scala index 0c105a077..abb05ef44 100644 --- a/src/main/scala/util/RunUtils.scala +++ b/src/main/scala/util/RunUtils.scala @@ -22,6 +22,7 @@ import intrusiveList.IntrusiveList import scala.collection.mutable + object RunUtils { var memoryRegionAnalysisResults: Map[CfgNode, Set[MemoryRegion]] = Map() @@ -88,8 +89,11 @@ object RunUtils { val externalNames = externalFunctions.map(e => e.name) val externalRemover = ExternalRemover(externalNames) val renamer = Renamer(reserved) + val returnUnifier = ConvertToSingleProcedureReturn() IRProgram = externalRemover.visitProgram(IRProgram) IRProgram = renamer.visitProgram(IRProgram) + //IRProgram = returnUnifier.visitProgram(IRProgram) + q.loading.dumpIL.foreach(s => writeToFile(serialiseIL(IRProgram), s"$s-before-analysis.il")) @@ -454,9 +458,9 @@ object RunUtils { val newLabel: String = block.label + t.name val bl = Block(newLabel, None, ArrayBuffer(assume)).replaceJump(DirectCall(t, indirectCall.returnTarget, None)) //val directCall = DirectCall(t, indirectCall.returnTarget, null) - procedure.addBlock(bl) newBlocks.append(bl) } + procedure.blocks.addAll(newBlocks) block.replaceJump(GoTo(newBlocks, indirectCall.label)) } case _ => From c5c6ed4040b129d495da59943e7c375ca9d2bd47 Mon Sep 17 00:00:00 2001 From: Alistair Michael Date: Tue, 28 Nov 2023 13:49:11 +1000 Subject: [PATCH 20/42] add procedure return block and distinct entry block --- src/main/scala/analysis/Cfg.scala | 4 +- src/main/scala/ir/IRCursor.scala | 9 +-- src/main/scala/ir/Program.scala | 80 +++++++++++++++++++----- src/main/scala/ir/Statement.scala | 7 ++- src/main/scala/ir/Visitor.scala | 6 +- src/main/scala/ir/package.scala | 3 + src/main/scala/translating/BAPToIR.scala | 16 ++--- src/main/scala/util/RunUtils.scala | 6 +- 8 files changed, 94 insertions(+), 37 deletions(-) create mode 100644 src/main/scala/ir/package.scala diff --git a/src/main/scala/analysis/Cfg.scala b/src/main/scala/analysis/Cfg.scala index 6c61e9563..9b0f7919f 100644 --- a/src/main/scala/analysis/Cfg.scala +++ b/src/main/scala/analysis/Cfg.scala @@ -653,7 +653,9 @@ class ProgramCfgFactory: val visitedBlocks: mutable.HashMap[Block, CfgCommandNode] = mutable.HashMap[Block, CfgCommandNode]() // Recurse through blocks - visitBlock(proc.entryBlock.get, funcEntryNode, TrueLiteral) + proc.entryBlock.foreach(visitBlock(_, funcEntryNode, TrueLiteral)) + // If it has no entry-block we still visit the exit block because VSA analysis expects everything to have an Exit + visitBlock(proc.returnBlock, funcEntryNode, TrueLiteral) /** Add a block to the CFG. A block in this case is a basic block, so it contains a list of consecutive statements * followed by a jump at the end to another block. We process statements in this block (if they exist), and then diff --git a/src/main/scala/ir/IRCursor.scala b/src/main/scala/ir/IRCursor.scala index 4d7136c5f..f8e1acffc 100644 --- a/src/main/scala/ir/IRCursor.scala +++ b/src/main/scala/ir/IRCursor.scala @@ -53,7 +53,7 @@ object IntraProcIRCursor { } case b: Block => if b.statements.isEmpty - then Set[CFGPosition](b.jump) + then Set.from(b.jumpSet) else Set[CFGPosition](b.statements.head()) case proc: Procedure => if proc.entryBlock.isEmpty then Set(proc.returnBlock) else Set(proc.entryBlock.get) @@ -88,6 +88,7 @@ def computeDomain(prog: Program): mutable.Set[CFGPosition] = { while (sizeBefore != sizeAfter) { for (i <- domain) { domain.addAll(IntraProcIRCursor.succ(i)) + domain.addAll(IntraProcIRCursor.pred(i)) } sizeBefore = sizeAfter sizeAfter = domain.size @@ -128,8 +129,8 @@ def toDot(prog: Program, labels: Map[CFGPosition, String] = Map.empty) : String for (node <- domain) { node match case s: Command => dotNodes.addOne(s -> DotNode(label(s.label), nodeText(s))) - case s: Block => dotNodes.addOne(s -> DotNode(label(None), nodeText(s))) - case s => dotNodes.addOne(s -> DotNode(label(None), nodeText(s))) + case s: Block => dotNodes.addOne(s -> DotNode(label(Some(s.label)), nodeText(s))) + case s => dotNodes.addOne(s -> DotNode(label(Some(s.toString)), nodeText(s))) } for (node <- domain) { @@ -137,7 +138,7 @@ def toDot(prog: Program, labels: Map[CFGPosition, String] = Map.empty) : String case s : Call => IntraProcIRCursor.succ(s).foreach(n => dotArrows.addOne(DotInterArrow(dotNodes(s), dotNodes(n)))) case s => - IntraProcIRCursor.succ(s).foreach(n => dotArrows.addOne(DotIntraArrow(dotNodes(s), dotNodes(n)))) + IntraProcIRCursor.succ(s).foreach(n => dotArrows.addOne(DotRegularArrow(dotNodes(s), dotNodes(n)))) case _ => () } } diff --git a/src/main/scala/ir/Program.scala b/src/main/scala/ir/Program.scala index 38c855ee4..b9843bbfc 100644 --- a/src/main/scala/ir/Program.scala +++ b/src/main/scala/ir/Program.scala @@ -7,6 +7,12 @@ import analysis.BitVectorEval import intrusiveList.{IntrusiveList, IntrusiveListElement} trait HasParent[T]: + /* + If a node is reachable from the IL then it *must* have a parent defined. This will only be null until + the object is fully initialised. + + All IL structures must set the parent of the child to itself, when a child is added to itself. + */ private var _parent: Option[T] = None def parent: T = _parent.get @@ -124,25 +130,21 @@ class Program(var procedures: ArrayBuffer[Procedure], var mainProcedure: Procedu } -class Procedure ( +class Procedure private ( var name: String, - var address: Option[Int] = None, - val blocks: IntrusiveList[Block] = IntrusiveList(), - var in: ArrayBuffer[Parameter] = ArrayBuffer(), - var out: ArrayBuffer[Parameter] = ArrayBuffer(), + var address: Option[Int], + private val _blocks: mutable.HashSet[Block], + var in: ArrayBuffer[Parameter], + var out: ArrayBuffer[Parameter], ) { - blocks.onInsert = x => { - x.deParent() - x.setParent(this) - } - blocks.onRemove = x => { - x.deParent() + + def this(name: String, address: Option[Int] = None , blocks: IterableOnce[Block] = ArrayBuffer(), in: IterableOnce[Parameter] = ArrayBuffer(), out: IterableOnce[Parameter] = ArrayBuffer()) = { + this(name, address, mutable.HashSet.from(blocks), ArrayBuffer.from(in), ArrayBuffer.from(out)) } private var _entryBlock: Option[Block] = None - val returnBlock: Block = new Block(name + "_return", None, List(NOP()), new IndirectCall(Register("R30", BitVecType(64)), None, Some(name))) - returnBlock.setParent(this) - //blocks.append(returnBlock) + val returnBlock: Block = new Block(name + "_return", None, List(), new IndirectCall(Register("R30", BitVecType(64)), None, Some(name))) + addBlocks(returnBlock) private var _callers = new mutable.HashMap[Procedure, mutable.Set[Call]] with mutable.MultiMap[Procedure, Call] @@ -160,14 +162,56 @@ class Procedure ( s"Procedure $name at ${address.getOrElse("None")} with ${blocks.size} blocks and ${in.size} in and ${out.size} out parameters" } + def blocks: Iterator[Block] = _blocks.iterator + def removeCaller(c: Call): Unit = { _callers.removeBinding(c.parent.parent, c) } - def addBlock(block: Block): Block = { + def addBlocks(block: Block): Block = { block.deParent() block.setParent(this) - blocks.append(block) + _blocks.add(block) + block + } + + def addBlocks(blocks: Iterable[Block]): Unit = { + for (elem <- blocks) { + addBlocks(elem) + } + } + + def replaceBlock(oldBlock: Block, block: Block): Block = { + require(_blocks.contains(oldBlock) || block == returnBlock) + if (oldBlock ne block) { + removeBlocks(oldBlock) + addBlocks(block) + } + block + } + + /** + * Removes all blocks and replaces them with the provided iterator. + * + * @param newBlocks the new set of blocks + * @return an iterator to the new block set + */ + def replaceBlocks(newBlocks: Iterable[Block]): Iterator[Block] = { + _blocks.clear + addBlocks(newBlocks) + blocks + } + + + def removeBlocks(block: Block): Block = { + block.deParent() + _blocks.remove(block) + block + } + def removeBlocks(blocks: Iterable[Block]): Unit = { + for (elem <- blocks) { + removeBlocks(elem) + } } def addCaller(c: Call): Unit = { @@ -268,6 +312,10 @@ class Block private (var label: String, this(label, address, IntrusiveList.from(statements), None, mutable.HashSet.empty) } + def this(label: String, address: Option[Int] = None) = { + this(label, address, IntrusiveList(), None, mutable.HashSet.empty) + } + def jump: Jump = _jump.get def jumpSet: Set[Jump] = _jump.toSet diff --git a/src/main/scala/ir/Statement.scala b/src/main/scala/ir/Statement.scala index fc303937c..a3b5d546e 100644 --- a/src/main/scala/ir/Statement.scala +++ b/src/main/scala/ir/Statement.scala @@ -4,6 +4,9 @@ import intrusiveList.IntrusiveListElement import scala.collection.mutable.ArrayBuffer import collection.mutable +/* + To support the state-free IL iteration in CFG order all Commands must be classes with a unique object ref. +*/ sealed trait Command extends HasParent[Block] { val label: Option[String] @@ -46,8 +49,8 @@ class MemoryAssign(var lhs: Memory, var rhs: MemoryStore, override val label: O object MemoryAssign: def unapply(m: MemoryAssign): Option[(Memory, MemoryStore, Option[String])] = Some(m.lhs, m.rhs, m.label) -case class NOP(override val label: Option[String] = None) extends Statement { - override def toString: String = s"$labelStr" +class NOP(override val label: Option[String] = None) extends Statement { + override def toString: String = s"NOP $labelStr" override def acceptVisit(visitor: Visitor): Statement = this } diff --git a/src/main/scala/ir/Visitor.scala b/src/main/scala/ir/Visitor.scala index 6ba9fa82f..8eafe4d16 100644 --- a/src/main/scala/ir/Visitor.scala +++ b/src/main/scala/ir/Visitor.scala @@ -57,7 +57,7 @@ abstract class Visitor { def visitProcedure(node: Procedure): Procedure = { for (b <- node.blocks) { - node.blocks.replace(b, visitBlock(b)) + node.replaceBlock(b, visitBlock(b)) } for (i <- node.in.indices) { node.in(i) = visitParameter(node.in(i)) @@ -310,7 +310,7 @@ class ExternalRemover(external: Set[String]) extends Visitor { if (external.contains(node.name)) { // update the modifies set before removing the body node.modifies.addAll(node.blocks.flatMap(_.modifies)) - node.blocks.clear() + node.replaceBlocks(Seq()) } super.visitProcedure(node) } @@ -344,7 +344,7 @@ class ConvertToSingleProcedureReturn extends Visitor { override def visitJump(node: Jump): Jump = { node match case c: IndirectCall => - if c.target.name == "R30" then GoTo(Seq(c.parent.parent.returnBlock)) else node + if c.target.name == "R30" && c.returnTarget.isEmpty && c.parent != c.parent.parent.returnBlock then GoTo(Seq(c.parent.parent.returnBlock)) else node case _ => node } } diff --git a/src/main/scala/ir/package.scala b/src/main/scala/ir/package.scala new file mode 100644 index 000000000..ecb6f7b89 --- /dev/null +++ b/src/main/scala/ir/package.scala @@ -0,0 +1,3 @@ +package object ir { + +} diff --git a/src/main/scala/translating/BAPToIR.scala b/src/main/scala/translating/BAPToIR.scala index e68e5536b..4793040bd 100644 --- a/src/main/scala/translating/BAPToIR.scala +++ b/src/main/scala/translating/BAPToIR.scala @@ -19,22 +19,22 @@ class BAPToIR(var program: BAPProgram, mainAddress: Int) { var mainProcedure: Option[Procedure] = None val procedures: ArrayBuffer[Procedure] = ArrayBuffer() for (s <- program.subroutines) { - val blocks: IntrusiveList[Block] = IntrusiveList[Block]() - val in: ArrayBuffer[Parameter] = ArrayBuffer() - val out: ArrayBuffer[Parameter] = ArrayBuffer() - val procedure = Procedure(s.name, Some(s.address), blocks, in, out) + //val blocks: mutable.HashSet[Block] = mutable.HashSet[Block]() + //val in: ArrayBuffer[Parameter] = ArrayBuffer() + //val out: ArrayBuffer[Parameter] = ArrayBuffer() + val procedure = Procedure(s.name, Some(s.address), Seq(), Seq(), Seq()) for (b <- s.blocks) { val block = Block(b.label, b.address, ArrayBuffer()) - blocks.append(block) + procedure.addBlocks(block) labelToBlock.addOne(b.label, block) } for (p <- s.in) { - in.append(p.toIR) + procedure.in.append(p.toIR) } for (p <- s.out) { - out.append(p.toIR) + procedure.out.append(p.toIR) } if (s.address == mainAddress) { mainProcedure = Some(procedure) @@ -51,8 +51,8 @@ class BAPToIR(var program: BAPProgram, mainAddress: Int) { block.statements.append(translate(st, block)) } val (jump, newBlocks) = translate(b.jumps, block) + procedure.addBlocks(newBlocks) block.replaceJump(jump) - procedure.blocks.addAll(newBlocks) } } diff --git a/src/main/scala/util/RunUtils.scala b/src/main/scala/util/RunUtils.scala index abb05ef44..b3647bcb1 100644 --- a/src/main/scala/util/RunUtils.scala +++ b/src/main/scala/util/RunUtils.scala @@ -92,7 +92,7 @@ object RunUtils { val returnUnifier = ConvertToSingleProcedureReturn() IRProgram = externalRemover.visitProgram(IRProgram) IRProgram = renamer.visitProgram(IRProgram) - //IRProgram = returnUnifier.visitProgram(IRProgram) + IRProgram = returnUnifier.visitProgram(IRProgram) q.loading.dumpIL.foreach(s => writeToFile(serialiseIL(IRProgram), s"$s-before-analysis.il")) @@ -460,7 +460,7 @@ object RunUtils { //val directCall = DirectCall(t, indirectCall.returnTarget, null) newBlocks.append(bl) } - procedure.blocks.addAll(newBlocks) + procedure.addBlocks(newBlocks) block.replaceJump(GoTo(newBlocks, indirectCall.label)) } case _ => @@ -472,7 +472,7 @@ object RunUtils { } def addFakeProcedure(name: String): Unit = { - IRProgram.procedures += Procedure(name, None, IntrusiveList(), ArrayBuffer(), ArrayBuffer()) + IRProgram.procedures += Procedure(name) } def resolveAddresses(valueSet: Set[Value]): Set[AddressValue] = { From ddb02697114aa351d249297c8ed7bdc3b96ce7cc Mon Sep 17 00:00:00 2001 From: Alistair Michael Date: Tue, 28 Nov 2023 14:34:33 +1000 Subject: [PATCH 21/42] handle call in constprop --- .../scala/analysis/BasicIRConstProp.scala | 2 + src/main/scala/ir/IRCursor.scala | 66 ++++++++++++++----- src/main/scala/translating/BAPToIR.scala | 10 +-- src/main/scala/translating/ILtoIL.scala | 5 +- src/main/scala/util/IntrusiveList.scala | 3 + 5 files changed, 58 insertions(+), 28 deletions(-) diff --git a/src/main/scala/analysis/BasicIRConstProp.scala b/src/main/scala/analysis/BasicIRConstProp.scala index d87458c21..ae3f70a7d 100644 --- a/src/main/scala/analysis/BasicIRConstProp.scala +++ b/src/main/scala/analysis/BasicIRConstProp.scala @@ -61,6 +61,7 @@ trait ILValueAnalysisMisc: case _ => valuelattice.top + val calleePreservedRegisters = Set("R0", "R1", "R2", "R3", "R4", "R5", "R6", "R7", "R8", "R9", "R10", "R11") /** Transfer function for state lattice elements. */ @@ -68,6 +69,7 @@ trait ILValueAnalysisMisc: n match case la: LocalAssign => s + (la.lhs -> eval(la.rhs, s)) + case c: Call => s ++ calleePreservedRegisters.filter(reg => s.keys.exists(_.name == reg)).map(n => Register(n, BitVecType(64)) -> statelattice.sublattice.top).toMap case _ => s diff --git a/src/main/scala/ir/IRCursor.scala b/src/main/scala/ir/IRCursor.scala index f8e1acffc..f0352dbd5 100644 --- a/src/main/scala/ir/IRCursor.scala +++ b/src/main/scala/ir/IRCursor.scala @@ -3,34 +3,56 @@ import cfg_visualiser.DotElement import cfg_visualiser.{DotArrow, DotGraph, DotInlineArrow, DotInterArrow, DotIntraArrow, DotNode, DotRegularArrow} import collection.mutable +import scala.annotation.tailrec /* * Defines a position in the IL / CFG; this becomes the lhs of the state map lattice in a static analysis. */ -type CFGPosition = Procedure | Block | Command | ProcedureUnknownJump | ProcedureExit +type CFGPosition = Procedure | Block | Command // Interprocedural // position = (call string) + Position + /* - An additional CFG node which implicitly follows the node at `pos` - A call to an unknown procedure without a return to here + Closed trace-perspective beginning of a composite IL structure. */ -case class ProcedureUnknownJump(fromProcedure: Procedure, pos: CFGPosition) +def begin(c: CFGPosition): CFGPosition = { + c match { + case p:Procedure => p + case b:Block => b + case s:Statement => s.parent.statements.head() + case s:Jump => s + } +} /* - * An additional CFG node which implicitly follows the node at `pos` - * The exit from a procedure from pos (the last command/jump in the procedure). + Closed trace-perspective end of a composite IL structure. */ -case class ProcedureExit(fromProcedure: Procedure, pos: CFGPosition) +@tailrec +def end(c: CFGPosition): CFGPosition = { + c match { + case p:Procedure => end(p.returnBlock) + case b:Block => b.jump + case s:Statement => s.parent.statements.back() + case s:Jump => s + } +} + object IntraProcIRCursor { type Node = CFGPosition def succ(pos: CFGPosition): Set[CFGPosition] = { pos match { + case proc: Procedure => + if proc.entryBlock.isEmpty then Set(proc.returnBlock) else Set(proc.entryBlock.get) + case b: Block => + if b.statements.isEmpty + then Set.from(b.jumpSet) + else Set[CFGPosition](b.statements.head()) case s: Statement => if (s.parent.statements.hasNext(s)) { Set(s.parent.statements.getNext(s)) @@ -51,14 +73,6 @@ object IntraProcIRCursor { case None => Set() } } - case b: Block => - if b.statements.isEmpty - then Set.from(b.jumpSet) - else Set[CFGPosition](b.statements.head()) - case proc: Procedure => - if proc.entryBlock.isEmpty then Set(proc.returnBlock) else Set(proc.entryBlock.get) - case j: ProcedureUnknownJump => Set(ProcedureExit(j.fromProcedure, j)) - case e: ProcedureExit => Set() } } @@ -71,14 +85,30 @@ object IntraProcIRCursor { Set(s.parent) // predecessor blocks } case j: Jump => if j.parent.statements.isEmpty then Set(j.parent) else Set(j.parent.statements.last) - case b: Block => b.predecessors.asInstanceOf[Set[CFGPosition]] + case b: Block => b.predecessors.map(end) case proc: Procedure => Set() // intraproc - case r: ProcedureUnknownJump => Set(r.pos) - case r: ProcedureExit => Set(r.pos) } } } +object InterProcIRCursor { + type Node = CFGPosition + + def succ(pos: CFGPosition): Set[CFGPosition] = { + IntraProcIRCursor.succ(pos) ++ (pos match + case c: DirectCall => Set(c.target) + case _ => Set() + ) + } + def pred(pos: CFGPosition): Set[CFGPosition] = { + IntraProcIRCursor.pred(pos) ++ (pos match + case c: Procedure => c.callers().map(end) + case b: Block => if b.isReturn then b.parent.callers().map(end) else Set() + case _ => Set() + ) + } +} + def computeDomain(prog: Program): mutable.Set[CFGPosition] = { val domain : mutable.Set[CFGPosition] = mutable.Set.from(prog.procedures) diff --git a/src/main/scala/translating/BAPToIR.scala b/src/main/scala/translating/BAPToIR.scala index 4793040bd..ff25e2ec3 100644 --- a/src/main/scala/translating/BAPToIR.scala +++ b/src/main/scala/translating/BAPToIR.scala @@ -19,11 +19,7 @@ class BAPToIR(var program: BAPProgram, mainAddress: Int) { var mainProcedure: Option[Procedure] = None val procedures: ArrayBuffer[Procedure] = ArrayBuffer() for (s <- program.subroutines) { - //val blocks: mutable.HashSet[Block] = mutable.HashSet[Block]() - //val in: ArrayBuffer[Parameter] = ArrayBuffer() - //val out: ArrayBuffer[Parameter] = ArrayBuffer() - val procedure = Procedure(s.name, Some(s.address), Seq(), Seq(), Seq()) - + val procedure = Procedure(s.name, Some(s.address)) for (b <- s.blocks) { val block = Block(b.label, b.address, ArrayBuffer()) @@ -48,7 +44,7 @@ class BAPToIR(var program: BAPProgram, mainAddress: Int) { for (b <- s.blocks) { val block = labelToBlock(b.label) for (st <- b.statements) { - block.statements.append(translate(st, block)) + block.statements.append(translate(st)) } val (jump, newBlocks) = translate(b.jumps, block) procedure.addBlocks(newBlocks) @@ -65,7 +61,7 @@ class BAPToIR(var program: BAPProgram, mainAddress: Int) { Program(procedures, mainProcedure.get, memorySections, ArrayBuffer()) } - private def translate(s: BAPStatement, parent: Block) = s match { + private def translate(s: BAPStatement) = s match { case b: BAPMemAssign => MemoryAssign(b.lhs.toIR, b.rhs.toIR, Some(b.line)) case b: BAPLocalAssign => LocalAssign(b.lhs.toIR, b.rhs.toIR, Some(b.line)) } diff --git a/src/main/scala/translating/ILtoIL.scala b/src/main/scala/translating/ILtoIL.scala index 8af2b1505..bdbc10a81 100644 --- a/src/main/scala/translating/ILtoIL.scala +++ b/src/main/scala/translating/ILtoIL.scala @@ -62,10 +62,9 @@ private class ILSerialiser extends ReadOnlyVisitor { override def visitGoTo(node: GoTo): GoTo = { - program ++= "NonDetGoTo({" - // TODO + program ++= "GoTo(" program ++= node.targets.map(blockIdentifier).mkString(", ") - program ++= "})" // GoTo + program ++= ")" // GoTo node } diff --git a/src/main/scala/util/IntrusiveList.scala b/src/main/scala/util/IntrusiveList.scala index 3a5f2f6e0..8afb59075 100644 --- a/src/main/scala/util/IntrusiveList.scala +++ b/src/main/scala/util/IntrusiveList.scala @@ -80,6 +80,9 @@ final class IntrusiveList[T <: IntrusiveListElement] private (var numElems: Int, override def head(): T = firstElem.get + override def headOption(): Option[T] = firstElem + + def begin(): T = firstElem.get private def containsRef(elem: T): Boolean = { From c04a1f19e19042a3256c8f33129bfd1f9141e91a Mon Sep 17 00:00:00 2001 From: Alistair Michael Date: Tue, 28 Nov 2023 18:48:21 +1000 Subject: [PATCH 22/42] fix broken tests & cleanup --- src/main/scala/ir/IRCursor.scala | 2 +- src/main/scala/ir/Program.scala | 159 +++++++++++--------- src/main/scala/ir/Statement.scala | 22 +-- src/main/scala/translating/BAPToIR.scala | 10 +- src/main/scala/translating/IRToBoogie.scala | 6 +- src/main/scala/util/RunUtils.scala | 2 +- 6 files changed, 104 insertions(+), 97 deletions(-) diff --git a/src/main/scala/ir/IRCursor.scala b/src/main/scala/ir/IRCursor.scala index f0352dbd5..6dcd3dd0d 100644 --- a/src/main/scala/ir/IRCursor.scala +++ b/src/main/scala/ir/IRCursor.scala @@ -51,7 +51,7 @@ object IntraProcIRCursor { if proc.entryBlock.isEmpty then Set(proc.returnBlock) else Set(proc.entryBlock.get) case b: Block => if b.statements.isEmpty - then Set.from(b.jumpSet) + then Set(b.jump) else Set[CFGPosition](b.statements.head()) case s: Statement => if (s.parent.statements.hasNext(s)) { diff --git a/src/main/scala/ir/Program.scala b/src/main/scala/ir/Program.scala index b9843bbfc..8dc8a027c 100644 --- a/src/main/scala/ir/Program.scala +++ b/src/main/scala/ir/Program.scala @@ -16,11 +16,51 @@ trait HasParent[T]: private var _parent: Option[T] = None def parent: T = _parent.get - protected final def setParentValue(p: T): Unit = _parent = Some(p) - def deParent(): Unit = {} + /** + * Update any IL control-flow links implied by this relation. + * NOT necessarily idempotent. + * For example; + * - Registering calls with their target procedure + * - Registering jumps with their target block + * + * TODO: consider making abstract to force implementers to consider the linking. + * @param p The new parent + */ + protected[this] def linkParent(p: T): Unit = () - def setParent(p: T): Unit = setParentValue(p) + /** + * Update any IL control-flow links implied by this relation. + * NOT necessarily idempotent. + */ + protected[this] def unlinkParent(): Unit = () + + +/** + * Remove this element's parent and update any IL control-flow links implied by this relation. + * Is idempotent. + */ + final def deParent(): Unit = if _parent.isDefined then { + unlinkParent() + _parent = None + } + + /** + * Set this element's parent and update any IL control-flow links implied by this relation. + * If another parent is already set then it will be de-parented and unlinked from that first. + * Is idempotent. + */ + final def setParent(p: T): Unit = { + _parent match + case Some(existing) if existing == p => () + case None => + _parent = Some(p) + linkParent(p) + case Some(_) => + deParent() + _parent = Some(p) + linkParent(p) + } class Program(var procedures: ArrayBuffer[Procedure], var mainProcedure: Procedure, var initialMemory: ArrayBuffer[MemorySection], @@ -133,39 +173,41 @@ class Program(var procedures: ArrayBuffer[Procedure], var mainProcedure: Procedu class Procedure private ( var name: String, var address: Option[Int], + var entryBlock: Option[Block], private val _blocks: mutable.HashSet[Block], var in: ArrayBuffer[Parameter], var out: ArrayBuffer[Parameter], ) { - - def this(name: String, address: Option[Int] = None , blocks: IterableOnce[Block] = ArrayBuffer(), in: IterableOnce[Parameter] = ArrayBuffer(), out: IterableOnce[Parameter] = ArrayBuffer()) = { - this(name, address, mutable.HashSet.from(blocks), ArrayBuffer.from(in), ArrayBuffer.from(out)) - } - - private var _entryBlock: Option[Block] = None + /* First block executed when the procedure begins */ + /* returnBlock: Single return point for all returns from the procedure to its caller; always defined but only included + * in `blocks` if the procedure contains any real blocks.*/ val returnBlock: Block = new Block(name + "_return", None, List(), new IndirectCall(Register("R30", BitVecType(64)), None, Some(name))) - addBlocks(returnBlock) + returnBlock.setParent(this) - private var _callers = new mutable.HashMap[Procedure, mutable.Set[Call]] with mutable.MultiMap[Procedure, Call] + private var _callers = new mutable.HashSet[Call] - def entryBlock: Option[Block] = { - _entryBlock match { - case None => - _entryBlock = blocks.find(p => p.address == address) - _entryBlock - case Some(b) => Some(b) - } + def this(name: String, address: Option[Int] = None , entryBlock: Option[Block] = None, blocks: IterableOnce[Block] = ArrayBuffer(), in: IterableOnce[Parameter] = ArrayBuffer(), out: IterableOnce[Parameter] = ArrayBuffer()) = { + this(name, address, entryBlock, mutable.HashSet.from(blocks), ArrayBuffer.from(in), ArrayBuffer.from(out)) } - def calls: Set[Procedure] = blocks.flatMap(_.calls).toSet override def toString: String = { s"Procedure $name at ${address.getOrElse("None")} with ${blocks.size} blocks and ${in.size} in and ${out.size} out parameters" } - def blocks: Iterator[Block] = _blocks.iterator + def calls: Set[Procedure] = blocks.iterator.flatMap(_.calls).toSet + + /** + * Horrible, compensating for not storing the blocks in-order and storing initialBlock and returnBlock separately. + * @return + */ + def blocks: Seq[Block] = + (entryBlock match + case Some(b) if _blocks.nonEmpty => Seq(b) ++ _blocks.filter(x => x ne b).toSeq + case _ => _blocks.toSeq) + ++ (if _blocks.nonEmpty then Seq(returnBlock) else Seq()) def removeCaller(c: Call): Unit = { - _callers.removeBinding(c.parent.parent, c) + _callers.add(c) } def addBlocks(block: Block): Block = { @@ -182,8 +224,8 @@ class Procedure private ( } def replaceBlock(oldBlock: Block, block: Block): Block = { - require(_blocks.contains(oldBlock) || block == returnBlock) if (oldBlock ne block) { + require(_blocks.contains(oldBlock) || block == returnBlock) removeBlocks(oldBlock) addBlocks(block) } @@ -196,13 +238,11 @@ class Procedure private ( * @param newBlocks the new set of blocks * @return an iterator to the new block set */ - def replaceBlocks(newBlocks: Iterable[Block]): Iterator[Block] = { - _blocks.clear + def replaceBlocks(newBlocks: Iterable[Block]): Unit = { + removeBlocks(_blocks) addBlocks(newBlocks) - blocks } - def removeBlocks(block: Block): Block = { block.deParent() _blocks.remove(block) @@ -215,10 +255,10 @@ class Procedure private ( } def addCaller(c: Call): Unit = { - _callers.addBinding(c.parent.parent, c) + _callers.remove(c) } - def callers(): Iterable[Procedure] = _callers.keySet + def callers(): Iterable[Procedure] = _callers.map(_.parent.parent).toSet[Procedure] var modifies: mutable.Set[Global] = mutable.Set() @@ -287,81 +327,47 @@ class Parameter(var name: String, var size: Int, var value: Register) { class Block private (var label: String, var address: Option[Int], val statements: IntrusiveList[Statement], - // invariant: all Goto targets are disjoint - private var _jump: Option[Jump], - //private val _calls: IntrusiveList[Call], + private var _jump: Jump, val incomingJumps: mutable.HashSet[Block], ) extends IntrusiveListElement, HasParent[Procedure] { statements.foreach(_.setParent(this)) - _jump.foreach(_.setParent(this)) + _jump.setParent(this) + statements.onInsert = x => x.setParent(this) statements.onRemove = x => x.deParent() - statements.onInsert = parenter - - def parenter(c: Statement): Statement = { - c.setParent(this) - c - } def this(label: String, address: Option[Int], statements: IterableOnce[Statement], jump: Jump) = { - this(label, address, IntrusiveList.from(statements), Some(jump), mutable.HashSet.empty) - _jump.foreach(_.setParent(this)) + this(label, address, IntrusiveList.from(statements), jump, mutable.HashSet.empty) } def this(label: String, address: Option[Int], statements: IterableOnce[Statement]) = { - this(label, address, IntrusiveList.from(statements), None, mutable.HashSet.empty) + this(label, address, IntrusiveList.from(statements), GoTo(Seq(), Some(label + "_unknown")), mutable.HashSet.empty) } def this(label: String, address: Option[Int] = None) = { - this(label, address, IntrusiveList(), None, mutable.HashSet.empty) + this(label, address, IntrusiveList(), GoTo(Seq(), Some(label + "_unknown")), mutable.HashSet.empty) } - def jump: Jump = _jump.get - def jumpSet: Set[Jump] = _jump.toSet + def jump: Jump = _jump def addGoToTargets(targets: mutable.Set[Block]): this.type = { - require(_jump.isDefined && _jump.get.isInstanceOf[GoTo]) - _jump.foreach(_.asInstanceOf[GoTo].addAllTargets(targets)) + require(_jump.parent == this && _jump.isInstanceOf[GoTo]) + _jump.asInstanceOf[GoTo].addAllTargets(targets) this } def replaceJump(j: Jump): this.type = { - _jump.foreach(_.deParent()) + _jump.deParent() j.setParent(this) - _jump = Some(j) + _jump = j this } def isReturn: Boolean = this == parent.returnBlock -// def replaceGoTo(targets: Iterable[Block], label: Option[String] = None): this.type = { -// _jump.foreach(_.deParent) -// _jump = Some(GoTo(targets, label).setParent(this)) -// this -// } -// -// def replaceDirectCall(target: Procedure, returnTarget: Option[Block] = None, label: Option[String] = None): this.type = { -// _jump.foreach(_.deParent) -// _jump = Some(DirectCall(target, returnTarget, label).setParent(this)) -// this -// } -// -// def addIndirectCall(target: Variable, returnTarget: Option[Block] = None, label: Option[String] = None): this.type = { -// _jump.foreach(_.deParent) -// _jump = Some(IndirectCall(target, returnTarget, label).setParent(this)) -// this -// } - - def removeJump(): this.type = { - _jump.foreach(_.deParent()) - _jump = None - this - } - - def predecessors: immutable.Set[Block] = incomingJumps to immutable.Set - def calls: Set[Procedure] = _jump.toSet.flatMap(_.calls) + def calls: Set[Procedure] = _jump.calls def modifies: Set[Global] = statements.flatMap(_.modifies).toSet //def locals: Set[Variable] = statements.flatMap(_.locals).toSet ++ jumps.flatMap(_.locals).toSet @@ -382,7 +388,10 @@ class Block private (var label: String, case _ => false override def hashCode(): Int = label.hashCode() -} + + override def linkParent(p: Procedure): Unit = () // TODO; cannot support moving blocks around + override def unlinkParent(): Unit = () // TODO + } /** diff --git a/src/main/scala/ir/Statement.scala b/src/main/scala/ir/Statement.scala index a3b5d546e..9a29d963b 100644 --- a/src/main/scala/ir/Statement.scala +++ b/src/main/scala/ir/Statement.scala @@ -1,7 +1,6 @@ package ir import intrusiveList.IntrusiveListElement -import scala.collection.mutable.ArrayBuffer import collection.mutable /* @@ -99,12 +98,13 @@ class GoTo private (private var _targets: mutable.Set[Block], override val label } } - override def setParent(b: Block): Unit = { - setParentValue(b) + override def linkParent(b: Block): Unit = { _targets.foreach(_.incomingJumps.add(parent)) } - override def deParent(): Unit = targets.foreach(_.incomingJumps.remove(parent)) + override def unlinkParent(): Unit = { + targets.foreach(_.incomingJumps.remove(parent)) + } def removeTarget(t: Block): Unit = { @@ -136,13 +136,11 @@ class DirectCall(val target: Procedure, var returnTarget: Option[Block], overri override def toString: String = s"${labelStr}DirectCall(${target.name}, ${returnTarget.map(_.label)})" override def acceptVisit(visitor: Visitor): Jump = visitor.visitDirectCall(this) - override def setParent(p: Block): Unit = { - super.setParent(p) + override def linkParent(p: Block): Unit = { target.addCaller(this) } - override def deParent(): Unit = target.removeCaller(this) - + override def unlinkParent(): Unit = target.removeCaller(this) } object DirectCall: @@ -155,14 +153,6 @@ class IndirectCall(var target: Variable, var returnTarget: Option[Block], overri } */ override def toString: String = s"${labelStr}IndirectCall($target, ${returnTarget.map(_.label)})" override def acceptVisit(visitor: Visitor): Jump = visitor.visitIndirectCall(this) - - override def equals(obj: Any): Boolean = { - obj match - case c: IndirectCall => c.parent == parent && c.target == target && c.returnTarget == c.returnTarget && c.label == label - case o: Any => false - } - - override def hashCode(): Int = toString.hashCode } object IndirectCall: diff --git a/src/main/scala/translating/BAPToIR.scala b/src/main/scala/translating/BAPToIR.scala index ff25e2ec3..b27824d56 100644 --- a/src/main/scala/translating/BAPToIR.scala +++ b/src/main/scala/translating/BAPToIR.scala @@ -20,9 +20,12 @@ class BAPToIR(var program: BAPProgram, mainAddress: Int) { val procedures: ArrayBuffer[Procedure] = ArrayBuffer() for (s <- program.subroutines) { val procedure = Procedure(s.name, Some(s.address)) + val t = Block("terminate", None) + t.replaceJump(GoTo(Seq(t))) + procedure.addBlocks(t) for (b <- s.blocks) { - val block = Block(b.label, b.address, ArrayBuffer()) + val block = Block(b.label, b.address, ArrayBuffer(), GoTo(Seq(t))) procedure.addBlocks(block) labelToBlock.addOne(b.label, block) } @@ -50,6 +53,11 @@ class BAPToIR(var program: BAPProgram, mainAddress: Int) { procedure.addBlocks(newBlocks) block.replaceJump(jump) } + + // Set entry block to the block with the same address as the procedure or the first in sequence + procedure.entryBlock = procedure.blocks.find(b => b.address == procedure.address) + if procedure.entryBlock.isEmpty then procedure.entryBlock = procedure.blocks.headOption + } val memorySections: ArrayBuffer[MemorySection] = ArrayBuffer() diff --git a/src/main/scala/translating/IRToBoogie.scala b/src/main/scala/translating/IRToBoogie.scala index 7bc7c0109..94b945af9 100644 --- a/src/main/scala/translating/IRToBoogie.scala +++ b/src/main/scala/translating/IRToBoogie.scala @@ -323,9 +323,9 @@ class IRToBoogie(var program: Program, var spec: Specification) { def translateProcedure(p: Procedure, readOnlyMemory: List[BExpr]): BProcedure = { - val body = p.blocks.map(b => translateBlock(b)) + val body = p.blocks.map(translateBlock).toList - val callsRely: Boolean = body.flatten(_.body).exists(_ match + val callsRely: Boolean = body.flatMap(_.body).exists(_ match case BProcedureCall("rely", lhs, params, comment) => true case _ => false) @@ -387,7 +387,7 @@ class IRToBoogie(var program: Program, var spec: Specification) { def translateBlock(b: Block): BBlock = { val captureState = captureStateStatement(s"${b.label}") - val cmds = List(captureState) ++ (b.statements.flatMap(s => translate(s)) ++ translate(b.jump)) + val cmds = List(captureState) ++ b.statements.flatMap(s => translate(s)) ++ translate(b.jump) BBlock(b.label, cmds) } diff --git a/src/main/scala/util/RunUtils.scala b/src/main/scala/util/RunUtils.scala index 8784893b9..0ad3f9968 100644 --- a/src/main/scala/util/RunUtils.scala +++ b/src/main/scala/util/RunUtils.scala @@ -456,7 +456,7 @@ object RunUtils { for (t <- targets) { val assume = Assume(BinaryExpr(BVEQ, indirectCall.target, BitVecLiteral(t.address.get, 64)), null) val newLabel: String = block.label + t.name - val bl = Block(newLabel, None, ArrayBuffer(assume)).replaceJump(DirectCall(t, indirectCall.returnTarget, None)) + val bl = Block(newLabel, None, ArrayBuffer(assume), DirectCall(t, indirectCall.returnTarget, None)) //val directCall = DirectCall(t, indirectCall.returnTarget, null) newBlocks.append(bl) } From 678e3d3d1eb1640a0c50ff2896efaaa823d0b676 Mon Sep 17 00:00:00 2001 From: Alistair Michael Date: Tue, 28 Nov 2023 18:49:22 +1000 Subject: [PATCH 23/42] udpate expected --- .../clang/arrays_simple.expected | 6 + .../clang_O2/arrays_simple.expected | 6 + .../arrays_simple.expected | 6 + .../clang_pic/arrays_simple.expected | 6 + .../gcc_O2/arrays_simple.expected | 6 + .../clang/basic_arrays_read.expected | 6 + .../clang_O2/basic_arrays_read.expected | 6 + .../basic_arrays_read.expected | 6 + .../clang_pic/basic_arrays_read.expected | 6 + .../gcc/basic_arrays_read.expected | 6 + .../gcc_O2/basic_arrays_read.expected | 6 + .../basic_arrays_read.expected | 6 + .../gcc_pic/basic_arrays_read.expected | 6 + .../clang/basic_arrays_write.expected | 6 + .../clang_O2/basic_arrays_write.expected | 6 + .../basic_arrays_write.expected | 6 + .../clang_pic/basic_arrays_write.expected | 6 + .../gcc/basic_arrays_write.expected | 6 + .../gcc_O2/basic_arrays_write.expected | 6 + .../basic_arrays_write.expected | 6 + .../gcc_pic/basic_arrays_write.expected | 6 + .../clang/basic_assign_assign.expected | 6 + .../clang_O2/basic_assign_assign.expected | 6 + .../basic_assign_assign.expected | 6 + .../clang_pic/basic_assign_assign.expected | 6 + .../gcc/basic_assign_assign.expected | 6 + .../gcc_O2/basic_assign_assign.expected | 6 + .../basic_assign_assign.expected | 6 + .../gcc_pic/basic_assign_assign.expected | 6 + .../clang/basic_assign_increment.expected | 6 + .../clang_O2/basic_assign_increment.expected | 6 + .../basic_assign_increment.expected | 6 + .../clang_pic/basic_assign_increment.expected | 6 + .../gcc/basic_assign_increment.expected | 6 + .../gcc_O2/basic_assign_increment.expected | 6 + .../basic_assign_increment.expected | 6 + .../gcc_pic/basic_assign_increment.expected | 6 + .../clang/basic_function_call_caller.expected | 12 + .../basic_function_call_caller.expected | 6 + .../basic_function_call_caller.expected | 12 + .../basic_function_call_caller.expected | 12 + .../gcc/basic_function_call_caller.expected | 12 + .../basic_function_call_caller.expected | 6 + .../basic_function_call_caller.expected | 12 + .../basic_function_call_caller.expected | 12 + .../clang/basic_function_call_reader.expected | 56 +- .../basic_function_call_reader.expected | 28 +- .../basic_function_call_reader.expected | 56 +- .../basic_function_call_reader.expected | 74 +- .../gcc/basic_function_call_reader.expected | 16 +- .../basic_function_call_reader.expected | 26 +- .../basic_function_call_reader.expected | 24 +- .../basic_function_call_reader.expected | 22 +- .../clang/basic_lock_read.expected | 46 +- .../clang_O2/basic_lock_read.expected | 24 +- .../basic_lock_read.expected | 48 +- .../clang_pic/basic_lock_read.expected | 60 +- .../gcc/basic_lock_read.expected | 24 +- .../gcc_O2/basic_lock_read.expected | 22 +- .../basic_lock_read.expected | 22 +- .../gcc_pic/basic_lock_read.expected | 24 +- .../clang/basic_lock_security_read.expected | 54 +- .../basic_lock_security_read.expected | 20 +- .../basic_lock_security_read.expected | 40 +- .../basic_lock_security_read.expected | 46 +- .../gcc/basic_lock_security_read.expected | 30 +- .../gcc_O2/basic_lock_security_read.expected | 20 +- .../basic_lock_security_read.expected | 30 +- .../gcc_pic/basic_lock_security_read.expected | 30 +- .../clang/basic_lock_security_write.expected | 6 + .../basic_lock_security_write.expected | 6 + .../basic_lock_security_write.expected | 6 + .../basic_lock_security_write.expected | 6 + .../gcc/basic_lock_security_write.expected | 6 + .../gcc_O2/basic_lock_security_write.expected | 6 + .../basic_lock_security_write.expected | 6 + .../basic_lock_security_write.expected | 6 + .../clang/basic_lock_unlock.expected | 6 + .../clang_O2/basic_lock_unlock.expected | 6 + .../basic_lock_unlock.expected | 6 + .../clang_pic/basic_lock_unlock.expected | 6 + .../gcc/basic_lock_unlock.expected | 6 + .../gcc_O2/basic_lock_unlock.expected | 6 + .../basic_lock_unlock.expected | 6 + .../gcc_pic/basic_lock_unlock.expected | 6 + .../clang/basic_loop_assign.expected | 6 + .../clang_O2/basic_loop_assign.expected | 6 + .../basic_loop_assign.expected | 6 + .../clang_pic/basic_loop_assign.expected | 6 + .../gcc/basic_loop_assign.expected | 6 + .../gcc_O2/basic_loop_assign.expected | 6 + .../basic_loop_assign.expected | 6 + .../gcc_pic/basic_loop_assign.expected | 6 + .../clang/basic_operation_evaluation.expected | 24 +- .../basic_operation_evaluation.expected | 6 + .../basic_operation_evaluation.expected | 38 +- .../basic_operation_evaluation.expected | 38 +- .../gcc/basic_operation_evaluation.expected | 16 +- .../basic_operation_evaluation.expected | 6 + .../basic_operation_evaluation.expected | 24 +- .../basic_operation_evaluation.expected | 24 +- .../clang/basic_sec_policy_read.expected | 38 +- .../clang_O2/basic_sec_policy_read.expected | 20 +- .../basic_sec_policy_read.expected | 38 +- .../clang_pic/basic_sec_policy_read.expected | 54 +- .../gcc/basic_sec_policy_read.expected | 16 +- .../gcc_O2/basic_sec_policy_read.expected | 20 +- .../basic_sec_policy_read.expected | 24 +- .../gcc_pic/basic_sec_policy_read.expected | 16 +- .../clang/basic_sec_policy_write.expected | 6 + .../clang_O2/basic_sec_policy_write.expected | 6 + .../basic_sec_policy_write.expected | 6 + .../clang_pic/basic_sec_policy_write.expected | 6 + .../gcc/basic_sec_policy_write.expected | 6 + .../gcc_O2/basic_sec_policy_write.expected | 6 + .../basic_sec_policy_write.expected | 6 + .../gcc_pic/basic_sec_policy_write.expected | 6 + .../clang/basicassign_gamma0.expected | 6 + .../clang_O2/basicassign_gamma0.expected | 6 + .../basicassign_gamma0.expected | 6 + .../clang_pic/basicassign_gamma0.expected | 6 + .../gcc/basicassign_gamma0.expected | 6 + .../gcc_O2/basicassign_gamma0.expected | 6 + .../basicassign_gamma0.expected | 6 + .../gcc_pic/basicassign_gamma0.expected | 6 + .../basicfree/clang/basicfree.expected | 18 +- .../basicfree/clang_O2/basicfree.expected | 6 + .../clang_no_plt_no_pic/basicfree.expected | 6 + .../basicfree/clang_pic/basicfree.expected | 6 + .../correct/basicfree/gcc/basicfree.expected | 6 + .../basicfree/gcc_O2/basicfree.expected | 6 + .../gcc_no_plt_no_pic/basicfree.expected | 6 + .../basicfree/gcc_pic/basicfree.expected | 6 + src/test/correct/cjump/clang/cjump.expected | 56 +- .../correct/cjump/clang_O2/cjump.expected | 6 + .../cjump/clang_no_plt_no_pic/cjump.expected | 78 +- .../correct/cjump/clang_pic/cjump.expected | 54 +- src/test/correct/cjump/gcc/cjump.expected | 28 +- src/test/correct/cjump/gcc_O2/cjump.expected | 6 + .../cjump/gcc_no_plt_no_pic/cjump.expected | 28 +- src/test/correct/cjump/gcc_pic/cjump.expected | 44 +- .../correct/function/clang/function.expected | 12 + .../function/clang_O2/function.expected | 6 + .../clang_no_plt_no_pic/function.expected | 12 + .../function/clang_pic/function.expected | 12 + .../correct/function/gcc/function.expected | 12 + .../correct/function/gcc_O2/function.expected | 6 + .../gcc_no_plt_no_pic/function.expected | 12 + .../function/gcc_pic/function.expected | 12 + .../function1/clang/function1.expected | 12 + .../function1/clang_O2/function1.expected | 6 + .../clang_no_plt_no_pic/function1.expected | 24 +- .../function1/clang_pic/function1.expected | 24 +- .../correct/function1/gcc/function1.expected | 12 + .../function1/gcc_O2/function1.expected | 6 + .../gcc_no_plt_no_pic/function1.expected | 12 + .../function1/gcc_pic/function1.expected | 24 +- .../clang/functions_with_params.expected | 12 + .../clang_O2/functions_with_params.expected | 6 + .../functions_with_params.expected | 12 + .../clang_pic/functions_with_params.expected | 12 + .../gcc/functions_with_params.expected | 12 + .../gcc_O2/functions_with_params.expected | 6 + .../functions_with_params.expected | 12 + .../gcc_pic/functions_with_params.expected | 12 + .../ifbranches/clang/ifbranches.expected | 64 +- .../ifbranches/clang_O2/ifbranches.expected | 22 +- .../clang_no_plt_no_pic/ifbranches.expected | 60 +- .../ifbranches/clang_pic/ifbranches.expected | 60 +- .../ifbranches/gcc/ifbranches.expected | 28 +- .../ifbranches/gcc_O2/ifbranches.expected | 24 +- .../gcc_no_plt_no_pic/ifbranches.expected | 28 +- .../ifbranches/gcc_pic/ifbranches.expected | 28 +- .../correct/ifglobal/clang/ifglobal.expected | 64 +- .../ifglobal/clang_O2/ifglobal.expected | 30 +- .../clang_no_plt_no_pic/ifglobal.expected | 40 +- .../ifglobal/clang_pic/ifglobal.expected | 46 +- .../correct/ifglobal/gcc/ifglobal.expected | 28 +- .../correct/ifglobal/gcc_O2/ifglobal.expected | 22 +- .../gcc_no_plt_no_pic/ifglobal.expected | 22 +- .../ifglobal/gcc_pic/ifglobal.expected | 16 +- .../clang_O2/indirect_call.expected | 6 + .../gcc_O2/indirect_call.expected | 22 +- .../clang/initialisation.expected | 6 + .../clang_O2/initialisation.expected | 6 + .../initialisation.expected | 6 + .../clang_pic/initialisation.expected | 6 + .../gcc/initialisation.expected | 6 + .../gcc_O2/initialisation.expected | 6 + .../gcc_no_plt_no_pic/initialisation.expected | 6 + .../gcc_pic/initialisation.expected | 6 + .../jumptable/clang_O2/jumptable.expected | 6 + .../jumptable/gcc_O2/jumptable.expected | 44 +- .../jumptable3/gcc/jumptable3.expected | 858 ++++++++--------- .../jumptable3/gcc_O2/jumptable3.expected | 460 ++++----- .../gcc_no_plt_no_pic/jumptable3.expected | 862 ++++++++--------- .../jumptable3/gcc_pic/jumptable3.expected | 882 +++++++++--------- .../clang/malloc_with_local.expected | 48 +- .../clang_O2/malloc_with_local.expected | 22 +- .../malloc_with_local.expected | 58 +- .../clang_pic/malloc_with_local.expected | 58 +- .../gcc/malloc_with_local.expected | 80 +- .../gcc_O2/malloc_with_local.expected | 18 +- .../malloc_with_local.expected | 78 +- .../gcc_pic/malloc_with_local.expected | 78 +- .../clang/malloc_with_local2.expected | 102 +- .../clang_O2/malloc_with_local2.expected | 22 +- .../malloc_with_local2.expected | 32 +- .../clang_pic/malloc_with_local2.expected | 32 +- .../gcc/malloc_with_local2.expected | 68 +- .../gcc_O2/malloc_with_local2.expected | 18 +- .../malloc_with_local2.expected | 80 +- .../gcc_pic/malloc_with_local2.expected | 80 +- .../clang/malloc_with_local3.expected | 110 ++- .../clang_O2/malloc_with_local3.expected | 22 +- .../malloc_with_local3.expected | 110 ++- .../clang_pic/malloc_with_local3.expected | 110 ++- .../gcc/malloc_with_local3.expected | 96 +- .../gcc_O2/malloc_with_local3.expected | 30 +- .../malloc_with_local3.expected | 80 +- .../gcc_pic/malloc_with_local3.expected | 80 +- .../multi_malloc/clang/multi_malloc.expected | 64 +- .../clang_O2/multi_malloc.expected | 18 +- .../clang_no_plt_no_pic/multi_malloc.expected | 52 +- .../clang_pic/multi_malloc.expected | 52 +- .../multi_malloc/gcc/multi_malloc.expected | 64 +- .../multi_malloc/gcc_O2/multi_malloc.expected | 6 + .../gcc_no_plt_no_pic/multi_malloc.expected | 66 +- .../gcc_pic/multi_malloc.expected | 66 +- .../correct/nestedif/clang/nestedif.expected | 220 ++--- .../nestedif/clang_O2/nestedif.expected | 6 + .../clang_no_plt_no_pic/nestedif.expected | 206 ++-- .../nestedif/clang_pic/nestedif.expected | 206 ++-- .../correct/nestedif/gcc/nestedif.expected | 92 +- .../correct/nestedif/gcc_O2/nestedif.expected | 6 + .../gcc_no_plt_no_pic/nestedif.expected | 84 +- .../nestedif/gcc_pic/nestedif.expected | 84 +- .../clang/no_interference_update_x.expected | 6 + .../no_interference_update_x.expected | 6 + .../no_interference_update_x.expected | 6 + .../no_interference_update_x.expected | 6 + .../gcc/no_interference_update_x.expected | 6 + .../gcc_O2/no_interference_update_x.expected | 6 + .../no_interference_update_x.expected | 6 + .../gcc_pic/no_interference_update_x.expected | 6 + .../clang/no_interference_update_y.expected | 6 + .../no_interference_update_y.expected | 6 + .../no_interference_update_y.expected | 6 + .../no_interference_update_y.expected | 6 + .../gcc/no_interference_update_y.expected | 6 + .../gcc_O2/no_interference_update_y.expected | 6 + .../no_interference_update_y.expected | 6 + .../gcc_pic/no_interference_update_y.expected | 6 + .../secret_write/clang/secret_write.expected | 6 + .../clang_O2/secret_write.expected | 6 + .../clang_no_plt_no_pic/secret_write.expected | 6 + .../clang_pic/secret_write.expected | 6 + .../secret_write/gcc/secret_write.expected | 6 + .../secret_write/gcc_O2/secret_write.expected | 6 + .../gcc_no_plt_no_pic/secret_write.expected | 6 + .../gcc_pic/secret_write.expected | 6 + .../simple_jump/clang/simple_jump.expected | 40 +- .../simple_jump/clang_O2/simple_jump.expected | 6 + .../clang_no_plt_no_pic/simple_jump.expected | 48 +- .../clang_pic/simple_jump.expected | 48 +- .../simple_jump/gcc/simple_jump.expected | 8 +- .../simple_jump/gcc_O2/simple_jump.expected | 6 + .../gcc_no_plt_no_pic/simple_jump.expected | 8 +- .../simple_jump/gcc_pic/simple_jump.expected | 8 +- src/test/correct/switch/clang/switch.expected | 148 +-- .../correct/switch/clang_O2/switch.expected | 6 + .../clang_no_plt_no_pic/switch.expected | 128 +-- .../correct/switch/clang_pic/switch.expected | 128 +-- src/test/correct/switch/gcc/switch.expected | 66 +- .../correct/switch/gcc_O2/switch.expected | 6 + .../switch/gcc_no_plt_no_pic/switch.expected | 46 +- .../correct/switch/gcc_pic/switch.expected | 46 +- .../correct/switch2/clang_O2/switch2.expected | 6 + src/test/correct/switch2/gcc/switch2.expected | 288 +++--- .../correct/switch2/gcc_O2/switch2.expected | 6 + .../gcc_no_plt_no_pic/switch2.expected | 278 +++--- .../correct/switch2/gcc_pic/switch2.expected | 278 +++--- .../correct/syscall/clang/syscall.expected | 6 + .../clang_no_plt_no_pic/syscall.expected | 6 + .../syscall/clang_pic/syscall.expected | 6 + src/test/correct/syscall/gcc/syscall.expected | 6 + .../correct/syscall/gcc_O2/syscall.expected | 5 - .../gcc_no_plt_no_pic/syscall.expected | 6 + .../correct/syscall/gcc_pic/syscall.expected | 6 + .../clang/using_gamma_conditional.expected | 70 +- .../clang_O2/using_gamma_conditional.expected | 20 +- .../using_gamma_conditional.expected | 62 +- .../using_gamma_conditional.expected | 60 +- .../gcc/using_gamma_conditional.expected | 12 +- .../gcc_O2/using_gamma_conditional.expected | 28 +- .../using_gamma_conditional.expected | 20 +- .../gcc_pic/using_gamma_conditional.expected | 24 +- .../clang/using_gamma_write_z.expected | 6 + .../clang_O2/using_gamma_write_z.expected | 6 + .../using_gamma_write_z.expected | 6 + .../clang_pic/using_gamma_write_z.expected | 6 + .../gcc/using_gamma_write_z.expected | 6 + .../gcc_O2/using_gamma_write_z.expected | 6 + .../using_gamma_write_z.expected | 6 + .../gcc_pic/using_gamma_write_z.expected | 6 + .../basicassign/clang/basicassign.expected | 6 + .../basicassign/clang_O2/basicassign.expected | 6 + .../clang_no_plt_no_pic/basicassign.expected | 6 + .../clang_pic/basicassign.expected | 6 + .../basicassign/gcc/basicassign.expected | 6 + .../basicassign/gcc_O2/basicassign.expected | 6 + .../gcc_no_plt_no_pic/basicassign.expected | 6 + .../basicassign/gcc_pic/basicassign.expected | 6 + .../basicassign1/clang/basicassign1.expected | 6 + .../clang_O2/basicassign1.expected | 6 + .../clang_no_plt_no_pic/basicassign1.expected | 6 + .../clang_pic/basicassign1.expected | 6 + .../basicassign1/gcc/basicassign1.expected | 6 + .../basicassign1/gcc_O2/basicassign1.expected | 6 + .../gcc_no_plt_no_pic/basicassign1.expected | 6 + .../gcc_pic/basicassign1.expected | 6 + .../basicassign2/clang/basicassign2.expected | 6 + .../clang_O2/basicassign2.expected | 6 + .../clang_no_plt_no_pic/basicassign2.expected | 6 + .../clang_pic/basicassign2.expected | 6 + .../basicassign2/gcc/basicassign2.expected | 6 + .../basicassign2/gcc_O2/basicassign2.expected | 6 + .../gcc_no_plt_no_pic/basicassign2.expected | 6 + .../gcc_pic/basicassign2.expected | 6 + .../basicassign3/clang/basicassign3.expected | 6 + .../clang_O2/basicassign3.expected | 6 + .../clang_no_plt_no_pic/basicassign3.expected | 6 + .../clang_pic/basicassign3.expected | 6 + .../basicassign3/gcc/basicassign3.expected | 6 + .../basicassign3/gcc_O2/basicassign3.expected | 6 + .../gcc_no_plt_no_pic/basicassign3.expected | 6 + .../gcc_pic/basicassign3.expected | 6 + .../incorrect/iflocal/clang/iflocal.expected | 48 +- .../clang_no_plt_no_pic/iflocal.expected | 40 +- .../iflocal/clang_pic/iflocal.expected | 40 +- .../incorrect/iflocal/gcc/iflocal.expected | 24 +- .../gcc_no_plt_no_pic/iflocal.expected | 20 +- .../iflocal/gcc_pic/iflocal.expected | 20 +- .../clang/nestedifglobal.expected | 218 ++--- .../nestedifglobal.expected | 202 ++-- .../clang_pic/nestedifglobal.expected | 196 ++-- .../gcc/nestedifglobal.expected | 80 +- .../gcc_no_plt_no_pic/nestedifglobal.expected | 82 +- .../gcc_pic/nestedifglobal.expected | 102 +- 349 files changed, 7386 insertions(+), 5021 deletions(-) diff --git a/src/test/correct/arrays_simple/clang/arrays_simple.expected b/src/test/correct/arrays_simple/clang/arrays_simple.expected index ca54b2d0a..121e04c73 100644 --- a/src/test/correct/arrays_simple/clang/arrays_simple.expected +++ b/src/test/correct/arrays_simple/clang/arrays_simple.expected @@ -194,5 +194,11 @@ procedure main() assume {:captureState "%000008b7"} true; R0, Gamma_R0 := 0bv64, true; R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/arrays_simple/clang_O2/arrays_simple.expected b/src/test/correct/arrays_simple/clang_O2/arrays_simple.expected index b904c03a5..91c86ad15 100644 --- a/src/test/correct/arrays_simple/clang_O2/arrays_simple.expected +++ b/src/test/correct/arrays_simple/clang_O2/arrays_simple.expected @@ -157,5 +157,11 @@ procedure main() lmain: assume {:captureState "lmain"} true; R0, Gamma_R0 := 0bv64, true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/arrays_simple/clang_no_plt_no_pic/arrays_simple.expected b/src/test/correct/arrays_simple/clang_no_plt_no_pic/arrays_simple.expected index ca54b2d0a..121e04c73 100644 --- a/src/test/correct/arrays_simple/clang_no_plt_no_pic/arrays_simple.expected +++ b/src/test/correct/arrays_simple/clang_no_plt_no_pic/arrays_simple.expected @@ -194,5 +194,11 @@ procedure main() assume {:captureState "%000008b7"} true; R0, Gamma_R0 := 0bv64, true; R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/arrays_simple/clang_pic/arrays_simple.expected b/src/test/correct/arrays_simple/clang_pic/arrays_simple.expected index ca54b2d0a..121e04c73 100644 --- a/src/test/correct/arrays_simple/clang_pic/arrays_simple.expected +++ b/src/test/correct/arrays_simple/clang_pic/arrays_simple.expected @@ -194,5 +194,11 @@ procedure main() assume {:captureState "%000008b7"} true; R0, Gamma_R0 := 0bv64, true; R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/arrays_simple/gcc_O2/arrays_simple.expected b/src/test/correct/arrays_simple/gcc_O2/arrays_simple.expected index 306991d20..0918aa3d9 100644 --- a/src/test/correct/arrays_simple/gcc_O2/arrays_simple.expected +++ b/src/test/correct/arrays_simple/gcc_O2/arrays_simple.expected @@ -157,5 +157,11 @@ procedure main() lmain: assume {:captureState "lmain"} true; R0, Gamma_R0 := 0bv64, true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/basic_arrays_read/clang/basic_arrays_read.expected b/src/test/correct/basic_arrays_read/clang/basic_arrays_read.expected index 4bdf41446..6d2a0c9d2 100644 --- a/src/test/correct/basic_arrays_read/clang/basic_arrays_read.expected +++ b/src/test/correct/basic_arrays_read/clang/basic_arrays_read.expected @@ -203,5 +203,11 @@ procedure main() call rely(); R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, bvadd64(R8, 52bv64))), (gamma_load32(Gamma_mem, bvadd64(R8, 52bv64)) || L(mem, bvadd64(R8, 52bv64))); R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/basic_arrays_read/clang_O2/basic_arrays_read.expected b/src/test/correct/basic_arrays_read/clang_O2/basic_arrays_read.expected index 053a779de..d1baabff3 100644 --- a/src/test/correct/basic_arrays_read/clang_O2/basic_arrays_read.expected +++ b/src/test/correct/basic_arrays_read/clang_O2/basic_arrays_read.expected @@ -187,5 +187,11 @@ procedure main() mem, Gamma_mem := memory_store32_le(mem, bvadd64(R8, 52bv64), 0bv32), gamma_store32(Gamma_mem, bvadd64(R8, 52bv64), true); assert true; assume {:captureState "%000002c9"} true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/basic_arrays_read/clang_no_plt_no_pic/basic_arrays_read.expected b/src/test/correct/basic_arrays_read/clang_no_plt_no_pic/basic_arrays_read.expected index 8fa9643f0..bd4286921 100644 --- a/src/test/correct/basic_arrays_read/clang_no_plt_no_pic/basic_arrays_read.expected +++ b/src/test/correct/basic_arrays_read/clang_no_plt_no_pic/basic_arrays_read.expected @@ -203,5 +203,11 @@ procedure main() call rely(); R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, bvadd64(R8, 52bv64))), (gamma_load32(Gamma_mem, bvadd64(R8, 52bv64)) || L(mem, bvadd64(R8, 52bv64))); R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/basic_arrays_read/clang_pic/basic_arrays_read.expected b/src/test/correct/basic_arrays_read/clang_pic/basic_arrays_read.expected index fe469ac3d..cbe3e8044 100644 --- a/src/test/correct/basic_arrays_read/clang_pic/basic_arrays_read.expected +++ b/src/test/correct/basic_arrays_read/clang_pic/basic_arrays_read.expected @@ -237,5 +237,11 @@ procedure main() call rely(); R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, R8)), (gamma_load32(Gamma_mem, R8) || L(mem, R8)); R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/basic_arrays_read/gcc/basic_arrays_read.expected b/src/test/correct/basic_arrays_read/gcc/basic_arrays_read.expected index 39f86e8f0..2a41e5240 100644 --- a/src/test/correct/basic_arrays_read/gcc/basic_arrays_read.expected +++ b/src/test/correct/basic_arrays_read/gcc/basic_arrays_read.expected @@ -194,5 +194,11 @@ procedure main() R0, Gamma_R0 := bvadd64(R0, 24bv64), Gamma_R0; call rely(); R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, R0)), (gamma_load32(Gamma_mem, R0) || L(mem, R0)); + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/basic_arrays_read/gcc_O2/basic_arrays_read.expected b/src/test/correct/basic_arrays_read/gcc_O2/basic_arrays_read.expected index 897f29d0a..b92d78087 100644 --- a/src/test/correct/basic_arrays_read/gcc_O2/basic_arrays_read.expected +++ b/src/test/correct/basic_arrays_read/gcc_O2/basic_arrays_read.expected @@ -187,5 +187,11 @@ procedure main() mem, Gamma_mem := memory_store32_le(mem, bvadd64(R1, 24bv64), 0bv32), gamma_store32(Gamma_mem, bvadd64(R1, 24bv64), true); assert true; assume {:captureState "%000001b7"} true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/basic_arrays_read/gcc_no_plt_no_pic/basic_arrays_read.expected b/src/test/correct/basic_arrays_read/gcc_no_plt_no_pic/basic_arrays_read.expected index fe51c2369..e7066c199 100644 --- a/src/test/correct/basic_arrays_read/gcc_no_plt_no_pic/basic_arrays_read.expected +++ b/src/test/correct/basic_arrays_read/gcc_no_plt_no_pic/basic_arrays_read.expected @@ -194,5 +194,11 @@ procedure main() R0, Gamma_R0 := bvadd64(R0, 24bv64), Gamma_R0; call rely(); R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, R0)), (gamma_load32(Gamma_mem, R0) || L(mem, R0)); + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/basic_arrays_read/gcc_pic/basic_arrays_read.expected b/src/test/correct/basic_arrays_read/gcc_pic/basic_arrays_read.expected index b8d3ae1b0..08dab06b4 100644 --- a/src/test/correct/basic_arrays_read/gcc_pic/basic_arrays_read.expected +++ b/src/test/correct/basic_arrays_read/gcc_pic/basic_arrays_read.expected @@ -228,5 +228,11 @@ procedure main() R0, Gamma_R0 := memory_load64_le(mem, bvadd64(R0, 4080bv64)), (gamma_load64(Gamma_mem, bvadd64(R0, 4080bv64)) || L(mem, bvadd64(R0, 4080bv64))); call rely(); R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, R0)), (gamma_load32(Gamma_mem, R0) || L(mem, R0)); + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/basic_arrays_write/clang/basic_arrays_write.expected b/src/test/correct/basic_arrays_write/clang/basic_arrays_write.expected index 802dd2fd8..2e71eee76 100644 --- a/src/test/correct/basic_arrays_write/clang/basic_arrays_write.expected +++ b/src/test/correct/basic_arrays_write/clang/basic_arrays_write.expected @@ -209,5 +209,11 @@ procedure main() assume {:captureState "%000002f4"} true; R0, Gamma_R0 := 0bv64, true; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/basic_arrays_write/clang_O2/basic_arrays_write.expected b/src/test/correct/basic_arrays_write/clang_O2/basic_arrays_write.expected index 0b0f67500..ddaa5921f 100644 --- a/src/test/correct/basic_arrays_write/clang_O2/basic_arrays_write.expected +++ b/src/test/correct/basic_arrays_write/clang_O2/basic_arrays_write.expected @@ -194,5 +194,11 @@ procedure main() mem, Gamma_mem := memory_store32_le(mem, bvadd64(R9, 56bv64), R8[32:0]), gamma_store32(Gamma_mem, bvadd64(R9, 56bv64), Gamma_R8); assert (arr$0_old == memory_load32_le(mem, bvadd64($arr_addr, 0bv64))); assume {:captureState "%000002d4"} true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/basic_arrays_write/clang_no_plt_no_pic/basic_arrays_write.expected b/src/test/correct/basic_arrays_write/clang_no_plt_no_pic/basic_arrays_write.expected index 451345fbe..ef576eff0 100644 --- a/src/test/correct/basic_arrays_write/clang_no_plt_no_pic/basic_arrays_write.expected +++ b/src/test/correct/basic_arrays_write/clang_no_plt_no_pic/basic_arrays_write.expected @@ -209,5 +209,11 @@ procedure main() assume {:captureState "%0000089f"} true; R0, Gamma_R0 := 0bv64, true; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/basic_arrays_write/clang_pic/basic_arrays_write.expected b/src/test/correct/basic_arrays_write/clang_pic/basic_arrays_write.expected index d97347e01..658cb2f3d 100644 --- a/src/test/correct/basic_arrays_write/clang_pic/basic_arrays_write.expected +++ b/src/test/correct/basic_arrays_write/clang_pic/basic_arrays_write.expected @@ -242,5 +242,11 @@ procedure main() assume {:captureState "%000002f5"} true; R0, Gamma_R0 := 0bv64, true; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/basic_arrays_write/gcc/basic_arrays_write.expected b/src/test/correct/basic_arrays_write/gcc/basic_arrays_write.expected index 633928146..f322b3d3d 100644 --- a/src/test/correct/basic_arrays_write/gcc/basic_arrays_write.expected +++ b/src/test/correct/basic_arrays_write/gcc/basic_arrays_write.expected @@ -207,5 +207,11 @@ procedure main() assume {:captureState "%000002f4"} true; R0, Gamma_R0 := 0bv64, true; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/basic_arrays_write/gcc_O2/basic_arrays_write.expected b/src/test/correct/basic_arrays_write/gcc_O2/basic_arrays_write.expected index 72ddd2b51..dc94f3d31 100644 --- a/src/test/correct/basic_arrays_write/gcc_O2/basic_arrays_write.expected +++ b/src/test/correct/basic_arrays_write/gcc_O2/basic_arrays_write.expected @@ -194,5 +194,11 @@ procedure main() mem, Gamma_mem := memory_store32_le(mem, bvadd64(R1, 28bv64), R2[32:0]), gamma_store32(Gamma_mem, bvadd64(R1, 28bv64), Gamma_R2); assert (arr$0_old == memory_load32_le(mem, bvadd64($arr_addr, 0bv64))); assume {:captureState "%000001be"} true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/basic_arrays_write/gcc_no_plt_no_pic/basic_arrays_write.expected b/src/test/correct/basic_arrays_write/gcc_no_plt_no_pic/basic_arrays_write.expected index acde06d29..133d6d05e 100644 --- a/src/test/correct/basic_arrays_write/gcc_no_plt_no_pic/basic_arrays_write.expected +++ b/src/test/correct/basic_arrays_write/gcc_no_plt_no_pic/basic_arrays_write.expected @@ -207,5 +207,11 @@ procedure main() assume {:captureState "%0000089f"} true; R0, Gamma_R0 := 0bv64, true; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/basic_arrays_write/gcc_pic/basic_arrays_write.expected b/src/test/correct/basic_arrays_write/gcc_pic/basic_arrays_write.expected index f49966fbc..3c865b447 100644 --- a/src/test/correct/basic_arrays_write/gcc_pic/basic_arrays_write.expected +++ b/src/test/correct/basic_arrays_write/gcc_pic/basic_arrays_write.expected @@ -240,5 +240,11 @@ procedure main() assume {:captureState "%000002f5"} true; R0, Gamma_R0 := 0bv64, true; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/basic_assign_assign/clang/basic_assign_assign.expected b/src/test/correct/basic_assign_assign/clang/basic_assign_assign.expected index 45d3ed040..5108e2304 100644 --- a/src/test/correct/basic_assign_assign/clang/basic_assign_assign.expected +++ b/src/test/correct/basic_assign_assign/clang/basic_assign_assign.expected @@ -194,5 +194,11 @@ procedure main() assert ((memory_load32_le(mem, $x_addr) == x_old) || (memory_load32_le(mem, $x_addr) == 5bv32)); assume {:captureState "%000002ce"} true; R0, Gamma_R0 := 0bv64, true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/basic_assign_assign/clang_O2/basic_assign_assign.expected b/src/test/correct/basic_assign_assign/clang_O2/basic_assign_assign.expected index 00e811d26..cf2947341 100644 --- a/src/test/correct/basic_assign_assign/clang_O2/basic_assign_assign.expected +++ b/src/test/correct/basic_assign_assign/clang_O2/basic_assign_assign.expected @@ -194,5 +194,11 @@ procedure main() mem, Gamma_mem := memory_store32_le(mem, bvadd64(R8, 52bv64), R9[32:0]), gamma_store32(Gamma_mem, bvadd64(R8, 52bv64), Gamma_R9); assert ((memory_load32_le(mem, $x_addr) == x_old) || (memory_load32_le(mem, $x_addr) == 5bv32)); assume {:captureState "%000002d3"} true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/basic_assign_assign/clang_no_plt_no_pic/basic_assign_assign.expected b/src/test/correct/basic_assign_assign/clang_no_plt_no_pic/basic_assign_assign.expected index 1d38b377b..0ded243d0 100644 --- a/src/test/correct/basic_assign_assign/clang_no_plt_no_pic/basic_assign_assign.expected +++ b/src/test/correct/basic_assign_assign/clang_no_plt_no_pic/basic_assign_assign.expected @@ -194,5 +194,11 @@ procedure main() assert ((memory_load32_le(mem, $x_addr) == x_old) || (memory_load32_le(mem, $x_addr) == 5bv32)); assume {:captureState "%00000845"} true; R0, Gamma_R0 := 0bv64, true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/basic_assign_assign/clang_pic/basic_assign_assign.expected b/src/test/correct/basic_assign_assign/clang_pic/basic_assign_assign.expected index 17aef59a5..cad48175d 100644 --- a/src/test/correct/basic_assign_assign/clang_pic/basic_assign_assign.expected +++ b/src/test/correct/basic_assign_assign/clang_pic/basic_assign_assign.expected @@ -228,5 +228,11 @@ procedure main() assert ((memory_load32_le(mem, $x_addr) == x_old) || (memory_load32_le(mem, $x_addr) == 5bv32)); assume {:captureState "%000002d9"} true; R0, Gamma_R0 := 0bv64, true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/basic_assign_assign/gcc/basic_assign_assign.expected b/src/test/correct/basic_assign_assign/gcc/basic_assign_assign.expected index 238102d1a..9baf8d5de 100644 --- a/src/test/correct/basic_assign_assign/gcc/basic_assign_assign.expected +++ b/src/test/correct/basic_assign_assign/gcc/basic_assign_assign.expected @@ -193,5 +193,11 @@ procedure main() assert ((memory_load32_le(mem, $x_addr) == x_old) || (memory_load32_le(mem, $x_addr) == 5bv32)); assume {:captureState "%000002d8"} true; R0, Gamma_R0 := 0bv64, true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/basic_assign_assign/gcc_O2/basic_assign_assign.expected b/src/test/correct/basic_assign_assign/gcc_O2/basic_assign_assign.expected index 81d8fdece..b598dac2a 100644 --- a/src/test/correct/basic_assign_assign/gcc_O2/basic_assign_assign.expected +++ b/src/test/correct/basic_assign_assign/gcc_O2/basic_assign_assign.expected @@ -194,5 +194,11 @@ procedure main() mem, Gamma_mem := memory_store32_le(mem, bvadd64(R1, 20bv64), R2[32:0]), gamma_store32(Gamma_mem, bvadd64(R1, 20bv64), Gamma_R2); assert ((memory_load32_le(mem, $x_addr) == x_old) || (memory_load32_le(mem, $x_addr) == 5bv32)); assume {:captureState "%000001bd"} true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/basic_assign_assign/gcc_no_plt_no_pic/basic_assign_assign.expected b/src/test/correct/basic_assign_assign/gcc_no_plt_no_pic/basic_assign_assign.expected index 1b1ef4f87..fdf653f2e 100644 --- a/src/test/correct/basic_assign_assign/gcc_no_plt_no_pic/basic_assign_assign.expected +++ b/src/test/correct/basic_assign_assign/gcc_no_plt_no_pic/basic_assign_assign.expected @@ -193,5 +193,11 @@ procedure main() assert ((memory_load32_le(mem, $x_addr) == x_old) || (memory_load32_le(mem, $x_addr) == 5bv32)); assume {:captureState "%0000085b"} true; R0, Gamma_R0 := 0bv64, true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/basic_assign_assign/gcc_pic/basic_assign_assign.expected b/src/test/correct/basic_assign_assign/gcc_pic/basic_assign_assign.expected index ffd291153..b3ef83ae0 100644 --- a/src/test/correct/basic_assign_assign/gcc_pic/basic_assign_assign.expected +++ b/src/test/correct/basic_assign_assign/gcc_pic/basic_assign_assign.expected @@ -226,5 +226,11 @@ procedure main() assert ((memory_load32_le(mem, $x_addr) == x_old) || (memory_load32_le(mem, $x_addr) == 5bv32)); assume {:captureState "%000002d9"} true; R0, Gamma_R0 := 0bv64, true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/basic_assign_increment/clang/basic_assign_increment.expected b/src/test/correct/basic_assign_increment/clang/basic_assign_increment.expected index 528931a0f..151412d4f 100644 --- a/src/test/correct/basic_assign_increment/clang/basic_assign_increment.expected +++ b/src/test/correct/basic_assign_increment/clang/basic_assign_increment.expected @@ -202,5 +202,11 @@ procedure main() assert (((memory_load32_le(mem, $x_addr) == x_old) || (memory_load32_le(mem, $x_addr) == 1bv32)) || (memory_load32_le(mem, $x_addr) == 6bv32)); assume {:captureState "%000002da"} true; R0, Gamma_R0 := 0bv64, true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/basic_assign_increment/clang_O2/basic_assign_increment.expected b/src/test/correct/basic_assign_increment/clang_O2/basic_assign_increment.expected index 68697865d..43ead9803 100644 --- a/src/test/correct/basic_assign_increment/clang_O2/basic_assign_increment.expected +++ b/src/test/correct/basic_assign_increment/clang_O2/basic_assign_increment.expected @@ -202,5 +202,11 @@ procedure main() mem, Gamma_mem := memory_store32_le(mem, bvadd64(R8, 52bv64), R9[32:0]), gamma_store32(Gamma_mem, bvadd64(R8, 52bv64), Gamma_R9); assert (((memory_load32_le(mem, $x_addr) == x_old) || (memory_load32_le(mem, $x_addr) == 1bv32)) || (memory_load32_le(mem, $x_addr) == 6bv32)); assume {:captureState "%000002df"} true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/basic_assign_increment/clang_no_plt_no_pic/basic_assign_increment.expected b/src/test/correct/basic_assign_increment/clang_no_plt_no_pic/basic_assign_increment.expected index fcde38982..fee458995 100644 --- a/src/test/correct/basic_assign_increment/clang_no_plt_no_pic/basic_assign_increment.expected +++ b/src/test/correct/basic_assign_increment/clang_no_plt_no_pic/basic_assign_increment.expected @@ -202,5 +202,11 @@ procedure main() assert (((memory_load32_le(mem, $x_addr) == x_old) || (memory_load32_le(mem, $x_addr) == 1bv32)) || (memory_load32_le(mem, $x_addr) == 6bv32)); assume {:captureState "%0000085f"} true; R0, Gamma_R0 := 0bv64, true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/basic_assign_increment/clang_pic/basic_assign_increment.expected b/src/test/correct/basic_assign_increment/clang_pic/basic_assign_increment.expected index 86e9d68ec..5285d851d 100644 --- a/src/test/correct/basic_assign_increment/clang_pic/basic_assign_increment.expected +++ b/src/test/correct/basic_assign_increment/clang_pic/basic_assign_increment.expected @@ -236,5 +236,11 @@ procedure main() assert (((memory_load32_le(mem, $x_addr) == x_old) || (memory_load32_le(mem, $x_addr) == 1bv32)) || (memory_load32_le(mem, $x_addr) == 6bv32)); assume {:captureState "%000002e5"} true; R0, Gamma_R0 := 0bv64, true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/basic_assign_increment/gcc/basic_assign_increment.expected b/src/test/correct/basic_assign_increment/gcc/basic_assign_increment.expected index 1c13cd862..c83f21137 100644 --- a/src/test/correct/basic_assign_increment/gcc/basic_assign_increment.expected +++ b/src/test/correct/basic_assign_increment/gcc/basic_assign_increment.expected @@ -203,5 +203,11 @@ procedure main() assert (((memory_load32_le(mem, $x_addr) == x_old) || (memory_load32_le(mem, $x_addr) == 1bv32)) || (memory_load32_le(mem, $x_addr) == 6bv32)); assume {:captureState "%000002f7"} true; R0, Gamma_R0 := 0bv64, true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/basic_assign_increment/gcc_O2/basic_assign_increment.expected b/src/test/correct/basic_assign_increment/gcc_O2/basic_assign_increment.expected index 07a2894d0..8523ccf09 100644 --- a/src/test/correct/basic_assign_increment/gcc_O2/basic_assign_increment.expected +++ b/src/test/correct/basic_assign_increment/gcc_O2/basic_assign_increment.expected @@ -202,5 +202,11 @@ procedure main() mem, Gamma_mem := memory_store32_le(mem, bvadd64(R2, 20bv64), R1[32:0]), gamma_store32(Gamma_mem, bvadd64(R2, 20bv64), Gamma_R1); assert (((memory_load32_le(mem, $x_addr) == x_old) || (memory_load32_le(mem, $x_addr) == 1bv32)) || (memory_load32_le(mem, $x_addr) == 6bv32)); assume {:captureState "%000001c5"} true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/basic_assign_increment/gcc_no_plt_no_pic/basic_assign_increment.expected b/src/test/correct/basic_assign_increment/gcc_no_plt_no_pic/basic_assign_increment.expected index 01ec2e5fb..1fdd85c43 100644 --- a/src/test/correct/basic_assign_increment/gcc_no_plt_no_pic/basic_assign_increment.expected +++ b/src/test/correct/basic_assign_increment/gcc_no_plt_no_pic/basic_assign_increment.expected @@ -203,5 +203,11 @@ procedure main() assert (((memory_load32_le(mem, $x_addr) == x_old) || (memory_load32_le(mem, $x_addr) == 1bv32)) || (memory_load32_le(mem, $x_addr) == 6bv32)); assume {:captureState "%0000089f"} true; R0, Gamma_R0 := 0bv64, true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/basic_assign_increment/gcc_pic/basic_assign_increment.expected b/src/test/correct/basic_assign_increment/gcc_pic/basic_assign_increment.expected index 0f73e2bfe..e7935f379 100644 --- a/src/test/correct/basic_assign_increment/gcc_pic/basic_assign_increment.expected +++ b/src/test/correct/basic_assign_increment/gcc_pic/basic_assign_increment.expected @@ -237,5 +237,11 @@ procedure main() assert (((memory_load32_le(mem, $x_addr) == x_old) || (memory_load32_le(mem, $x_addr) == 1bv32)) || (memory_load32_le(mem, $x_addr) == 6bv32)); assume {:captureState "%000002f9"} true; R0, Gamma_R0 := 0bv64, true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/basic_function_call_caller/clang/basic_function_call_caller.expected b/src/test/correct/basic_function_call_caller/clang/basic_function_call_caller.expected index 6c8610d8c..f3e012683 100644 --- a/src/test/correct/basic_function_call_caller/clang/basic_function_call_caller.expected +++ b/src/test/correct/basic_function_call_caller/clang/basic_function_call_caller.expected @@ -268,6 +268,12 @@ procedure main() R29, Gamma_R29 := memory_load64_le(stack, #5), gamma_load64(Gamma_stack, #5); R30, Gamma_R30 := memory_load64_le(stack, bvadd64(#5, 8bv64)), gamma_load64(Gamma_stack, bvadd64(#5, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } @@ -350,5 +356,11 @@ procedure zero() lzero: assume {:captureState "lzero"} true; R0, Gamma_R0 := 0bv64, true; + goto zero_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + zero_return: + assume {:captureState "zero_return"} true; return; } diff --git a/src/test/correct/basic_function_call_caller/clang_O2/basic_function_call_caller.expected b/src/test/correct/basic_function_call_caller/clang_O2/basic_function_call_caller.expected index 74d7abc58..93d1add47 100644 --- a/src/test/correct/basic_function_call_caller/clang_O2/basic_function_call_caller.expected +++ b/src/test/correct/basic_function_call_caller/clang_O2/basic_function_call_caller.expected @@ -220,5 +220,11 @@ procedure main() assert ((x_old == 0bv32) ==> (memory_load32_le(mem, $x_addr) == 0bv32)); assert (Gamma_y_old ==> ((memory_load32_le(mem, $x_addr) == 0bv32) || gamma_load32(Gamma_mem, $y_addr))); assume {:captureState "%000002fa"} true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/basic_function_call_caller/clang_no_plt_no_pic/basic_function_call_caller.expected b/src/test/correct/basic_function_call_caller/clang_no_plt_no_pic/basic_function_call_caller.expected index 04a6a5d25..74c72de44 100644 --- a/src/test/correct/basic_function_call_caller/clang_no_plt_no_pic/basic_function_call_caller.expected +++ b/src/test/correct/basic_function_call_caller/clang_no_plt_no_pic/basic_function_call_caller.expected @@ -240,6 +240,9 @@ procedure main() R30, Gamma_R30 := 1840bv64, true; call zero(); goto l00000938; + terminate: + assume {:captureState "terminate"} true; + goto terminate; l00000938: assume {:captureState "l00000938"} true; R8, Gamma_R8 := 69632bv64, true; @@ -268,6 +271,9 @@ procedure main() R29, Gamma_R29 := memory_load64_le(stack, #5), gamma_load64(Gamma_stack, #5); R30, Gamma_R30 := memory_load64_le(stack, bvadd64(#5, 8bv64)), gamma_load64(Gamma_stack, bvadd64(#5, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; + goto main_return; + main_return: + assume {:captureState "main_return"} true; return; } @@ -350,5 +356,11 @@ procedure zero() lzero: assume {:captureState "lzero"} true; R0, Gamma_R0 := 0bv64, true; + goto zero_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + zero_return: + assume {:captureState "zero_return"} true; return; } diff --git a/src/test/correct/basic_function_call_caller/clang_pic/basic_function_call_caller.expected b/src/test/correct/basic_function_call_caller/clang_pic/basic_function_call_caller.expected index 861158d4a..67d787008 100644 --- a/src/test/correct/basic_function_call_caller/clang_pic/basic_function_call_caller.expected +++ b/src/test/correct/basic_function_call_caller/clang_pic/basic_function_call_caller.expected @@ -320,6 +320,12 @@ procedure main() R29, Gamma_R29 := memory_load64_le(stack, #5), gamma_load64(Gamma_stack, #5); R30, Gamma_R30 := memory_load64_le(stack, bvadd64(#5, 8bv64)), gamma_load64(Gamma_stack, bvadd64(#5, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } @@ -434,5 +440,11 @@ procedure zero() lzero: assume {:captureState "lzero"} true; R0, Gamma_R0 := 0bv64, true; + goto zero_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + zero_return: + assume {:captureState "zero_return"} true; return; } diff --git a/src/test/correct/basic_function_call_caller/gcc/basic_function_call_caller.expected b/src/test/correct/basic_function_call_caller/gcc/basic_function_call_caller.expected index d350182f1..72fba0e7c 100644 --- a/src/test/correct/basic_function_call_caller/gcc/basic_function_call_caller.expected +++ b/src/test/correct/basic_function_call_caller/gcc/basic_function_call_caller.expected @@ -266,6 +266,12 @@ procedure main() R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } @@ -348,5 +354,11 @@ procedure zero() lzero: assume {:captureState "lzero"} true; R0, Gamma_R0 := 0bv64, true; + goto zero_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + zero_return: + assume {:captureState "zero_return"} true; return; } diff --git a/src/test/correct/basic_function_call_caller/gcc_O2/basic_function_call_caller.expected b/src/test/correct/basic_function_call_caller/gcc_O2/basic_function_call_caller.expected index 0d135f9f8..0c40f66b1 100644 --- a/src/test/correct/basic_function_call_caller/gcc_O2/basic_function_call_caller.expected +++ b/src/test/correct/basic_function_call_caller/gcc_O2/basic_function_call_caller.expected @@ -220,5 +220,11 @@ procedure main() assert ((x_old == 0bv32) ==> (memory_load32_le(mem, $x_addr) == 0bv32)); assert (Gamma_y_old ==> ((memory_load32_le(mem, $x_addr) == 0bv32) || gamma_load32(Gamma_mem, $y_addr))); assume {:captureState "%000001df"} true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/basic_function_call_caller/gcc_no_plt_no_pic/basic_function_call_caller.expected b/src/test/correct/basic_function_call_caller/gcc_no_plt_no_pic/basic_function_call_caller.expected index 39a811b3e..0985dd9bd 100644 --- a/src/test/correct/basic_function_call_caller/gcc_no_plt_no_pic/basic_function_call_caller.expected +++ b/src/test/correct/basic_function_call_caller/gcc_no_plt_no_pic/basic_function_call_caller.expected @@ -266,6 +266,12 @@ procedure main() R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } @@ -348,5 +354,11 @@ procedure zero() lzero: assume {:captureState "lzero"} true; R0, Gamma_R0 := 0bv64, true; + goto zero_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + zero_return: + assume {:captureState "zero_return"} true; return; } diff --git a/src/test/correct/basic_function_call_caller/gcc_pic/basic_function_call_caller.expected b/src/test/correct/basic_function_call_caller/gcc_pic/basic_function_call_caller.expected index 75e7e00b2..479939e40 100644 --- a/src/test/correct/basic_function_call_caller/gcc_pic/basic_function_call_caller.expected +++ b/src/test/correct/basic_function_call_caller/gcc_pic/basic_function_call_caller.expected @@ -316,6 +316,12 @@ procedure main() R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } @@ -430,5 +436,11 @@ procedure zero() lzero: assume {:captureState "lzero"} true; R0, Gamma_R0 := 0bv64, true; + goto zero_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + zero_return: + assume {:captureState "zero_return"} true; return; } diff --git a/src/test/correct/basic_function_call_reader/clang/basic_function_call_reader.expected b/src/test/correct/basic_function_call_reader/clang/basic_function_call_reader.expected index 40ca88286..751f75609 100644 --- a/src/test/correct/basic_function_call_reader/clang/basic_function_call_reader.expected +++ b/src/test/correct/basic_function_call_reader/clang/basic_function_call_reader.expected @@ -234,41 +234,37 @@ procedure main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; goto lmain_goto_l00000342, lmain_goto_l00000345; - l00000345: - assume {:captureState "l00000345"} true; - R8, Gamma_R8 := 1bv64, true; - goto l00000348; l00000342: assume {:captureState "l00000342"} true; R8, Gamma_R8 := 0bv64, true; goto l00000348; - l00000348: - assume {:captureState "l00000348"} true; - assert Gamma_R8; - goto l00000348_goto_l0000037a, l00000348_goto_l00000350; + l00000348_goto_l0000037a: + assume {:captureState "l00000348_goto_l0000037a"} true; + assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); + goto l0000037a; + l00000365: + assume {:captureState "l00000365"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); + R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; l00000350: assume {:captureState "l00000350"} true; R8, Gamma_R8 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R8); assume {:captureState "%00000362"} true; goto l00000365; - l0000037a: - assume {:captureState "l0000037a"} true; - goto l0000037b; - l0000037b: - assume {:captureState "l0000037b"} true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), 0bv32), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), true); - assume {:captureState "%00000383"} true; - goto l00000365; - l00000365: - assume {:captureState "l00000365"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); - R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; - return; lmain_goto_l00000342: assume {:captureState "lmain_goto_l00000342"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); goto l00000342; + l00000345: + assume {:captureState "l00000345"} true; + R8, Gamma_R8 := 1bv64, true; + goto l00000348; + l00000348: + assume {:captureState "l00000348"} true; + assert Gamma_R8; + goto l00000348_goto_l0000037a, l00000348_goto_l00000350; lmain_goto_l00000345: assume {:captureState "lmain_goto_l00000345"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); @@ -277,8 +273,18 @@ procedure main() assume {:captureState "l00000348_goto_l00000350"} true; assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); goto l00000350; - l00000348_goto_l0000037a: - assume {:captureState "l00000348_goto_l0000037a"} true; - assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); - goto l0000037a; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + l0000037a: + assume {:captureState "l0000037a"} true; + goto l0000037b; + l0000037b: + assume {:captureState "l0000037b"} true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), 0bv32), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), true); + assume {:captureState "%00000383"} true; + goto l00000365; + main_return: + assume {:captureState "main_return"} true; + return; } diff --git a/src/test/correct/basic_function_call_reader/clang_O2/basic_function_call_reader.expected b/src/test/correct/basic_function_call_reader/clang_O2/basic_function_call_reader.expected index 297801a4b..189216d6c 100644 --- a/src/test/correct/basic_function_call_reader/clang_O2/basic_function_call_reader.expected +++ b/src/test/correct/basic_function_call_reader/clang_O2/basic_function_call_reader.expected @@ -216,23 +216,29 @@ procedure main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; goto lmain_goto_l000002fd, lmain_goto_l000002f9; - l000002fd: - assume {:captureState "l000002fd"} true; - R0, Gamma_R0 := zero_extend32_32(R9[32:0]), Gamma_R9; - goto l00000300; + lmain_goto_l000002fd: + assume {:captureState "lmain_goto_l000002fd"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l000002fd; l000002f9: assume {:captureState "l000002f9"} true; R0, Gamma_R0 := 0bv64, true; goto l00000300; - l00000300: - assume {:captureState "l00000300"} true; - return; lmain_goto_l000002f9: assume {:captureState "lmain_goto_l000002f9"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); goto l000002f9; - lmain_goto_l000002fd: - assume {:captureState "lmain_goto_l000002fd"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l000002fd; + l000002fd: + assume {:captureState "l000002fd"} true; + R0, Gamma_R0 := zero_extend32_32(R9[32:0]), Gamma_R9; + goto l00000300; + l00000300: + assume {:captureState "l00000300"} true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; + return; } diff --git a/src/test/correct/basic_function_call_reader/clang_no_plt_no_pic/basic_function_call_reader.expected b/src/test/correct/basic_function_call_reader/clang_no_plt_no_pic/basic_function_call_reader.expected index 5e2f83ca1..e2af142df 100644 --- a/src/test/correct/basic_function_call_reader/clang_no_plt_no_pic/basic_function_call_reader.expected +++ b/src/test/correct/basic_function_call_reader/clang_no_plt_no_pic/basic_function_call_reader.expected @@ -234,41 +234,21 @@ procedure main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; goto lmain_goto_l00000985, lmain_goto_l00000988; - l00000988: - assume {:captureState "l00000988"} true; - R8, Gamma_R8 := 1bv64, true; - goto l0000098b; - l00000985: - assume {:captureState "l00000985"} true; - R8, Gamma_R8 := 0bv64, true; - goto l0000098b; - l0000098b: - assume {:captureState "l0000098b"} true; - assert Gamma_R8; - goto l0000098b_goto_l000009bd, l0000098b_goto_l00000993; l00000993: assume {:captureState "l00000993"} true; R8, Gamma_R8 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R8); assume {:captureState "%000009a5"} true; goto l000009a8; - l000009bd: - assume {:captureState "l000009bd"} true; - goto l000009be; - l000009be: - assume {:captureState "l000009be"} true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), 0bv32), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), true); - assume {:captureState "%000009c6"} true; - goto l000009a8; - l000009a8: - assume {:captureState "l000009a8"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); - R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; - return; lmain_goto_l00000985: assume {:captureState "lmain_goto_l00000985"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); goto l00000985; + l000009a8: + assume {:captureState "l000009a8"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); + R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; lmain_goto_l00000988: assume {:captureState "lmain_goto_l00000988"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); @@ -277,8 +257,34 @@ procedure main() assume {:captureState "l0000098b_goto_l00000993"} true; assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); goto l00000993; + l000009bd: + assume {:captureState "l000009bd"} true; + goto l000009be; + l00000988: + assume {:captureState "l00000988"} true; + R8, Gamma_R8 := 1bv64, true; + goto l0000098b; + l00000985: + assume {:captureState "l00000985"} true; + R8, Gamma_R8 := 0bv64, true; + goto l0000098b; l0000098b_goto_l000009bd: assume {:captureState "l0000098b_goto_l000009bd"} true; assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); goto l000009bd; + l0000098b: + assume {:captureState "l0000098b"} true; + assert Gamma_R8; + goto l0000098b_goto_l000009bd, l0000098b_goto_l00000993; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + l000009be: + assume {:captureState "l000009be"} true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), 0bv32), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), true); + assume {:captureState "%000009c6"} true; + goto l000009a8; + main_return: + assume {:captureState "main_return"} true; + return; } diff --git a/src/test/correct/basic_function_call_reader/clang_pic/basic_function_call_reader.expected b/src/test/correct/basic_function_call_reader/clang_pic/basic_function_call_reader.expected index 4ade8ab46..ee48d8ef9 100644 --- a/src/test/correct/basic_function_call_reader/clang_pic/basic_function_call_reader.expected +++ b/src/test/correct/basic_function_call_reader/clang_pic/basic_function_call_reader.expected @@ -294,51 +294,57 @@ procedure main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; goto lmain_goto_l00000358, lmain_goto_l0000035b; - l0000035b: - assume {:captureState "l0000035b"} true; - R8, Gamma_R8 := 1bv64, true; - goto l0000035e; - l00000358: - assume {:captureState "l00000358"} true; - R8, Gamma_R8 := 0bv64, true; - goto l0000035e; - l0000035e: - assume {:captureState "l0000035e"} true; - assert Gamma_R8; - goto l0000035e_goto_l00000366, l0000035e_goto_l00000390; - l00000366: - assume {:captureState "l00000366"} true; - R8, Gamma_R8 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R8); - assume {:captureState "%00000378"} true; - goto l0000037b; - l00000390: - assume {:captureState "l00000390"} true; - goto l00000391; l00000391: assume {:captureState "l00000391"} true; stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), 0bv32), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), true); assume {:captureState "%00000399"} true; goto l0000037b; - l0000037b: - assume {:captureState "l0000037b"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); - R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; - return; - lmain_goto_l00000358: - assume {:captureState "lmain_goto_l00000358"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l00000358; + l00000390: + assume {:captureState "l00000390"} true; + goto l00000391; lmain_goto_l0000035b: assume {:captureState "lmain_goto_l0000035b"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); goto l0000035b; - l0000035e_goto_l00000366: - assume {:captureState "l0000035e_goto_l00000366"} true; - assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); - goto l00000366; l0000035e_goto_l00000390: assume {:captureState "l0000035e_goto_l00000390"} true; assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); goto l00000390; + lmain_goto_l00000358: + assume {:captureState "lmain_goto_l00000358"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l00000358; + l00000366: + assume {:captureState "l00000366"} true; + R8, Gamma_R8 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R8); + assume {:captureState "%00000378"} true; + goto l0000037b; + l00000358: + assume {:captureState "l00000358"} true; + R8, Gamma_R8 := 0bv64, true; + goto l0000035e; + l0000035b: + assume {:captureState "l0000035b"} true; + R8, Gamma_R8 := 1bv64, true; + goto l0000035e; + l0000035e: + assume {:captureState "l0000035e"} true; + assert Gamma_R8; + goto l0000035e_goto_l00000366, l0000035e_goto_l00000390; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + l0000035e_goto_l00000366: + assume {:captureState "l0000035e_goto_l00000366"} true; + assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); + goto l00000366; + l0000037b: + assume {:captureState "l0000037b"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); + R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + main_return: + assume {:captureState "main_return"} true; + return; } diff --git a/src/test/correct/basic_function_call_reader/gcc/basic_function_call_reader.expected b/src/test/correct/basic_function_call_reader/gcc/basic_function_call_reader.expected index 5f063faf5..7233c276f 100644 --- a/src/test/correct/basic_function_call_reader/gcc/basic_function_call_reader.expected +++ b/src/test/correct/basic_function_call_reader/gcc/basic_function_call_reader.expected @@ -231,10 +231,6 @@ procedure main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; goto lmain_goto_l00000349, lmain_goto_l00000332; - l00000332: - assume {:captureState "l00000332"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); - goto l0000033e; l00000349: assume {:captureState "l00000349"} true; R0, Gamma_R0 := 0bv64, true; @@ -242,13 +238,23 @@ procedure main() l0000033e: assume {:captureState "l0000033e"} true; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; - return; + goto main_return; lmain_goto_l00000332: assume {:captureState "lmain_goto_l00000332"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); goto l00000332; + l00000332: + assume {:captureState "l00000332"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); + goto l0000033e; lmain_goto_l00000349: assume {:captureState "lmain_goto_l00000349"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); goto l00000349; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; + return; } diff --git a/src/test/correct/basic_function_call_reader/gcc_O2/basic_function_call_reader.expected b/src/test/correct/basic_function_call_reader/gcc_O2/basic_function_call_reader.expected index 32456e254..76e6603d7 100644 --- a/src/test/correct/basic_function_call_reader/gcc_O2/basic_function_call_reader.expected +++ b/src/test/correct/basic_function_call_reader/gcc_O2/basic_function_call_reader.expected @@ -190,20 +190,26 @@ procedure main() R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, bvadd64(R0, 20bv64))), (gamma_load32(Gamma_mem, bvadd64(R0, 20bv64)) || L(mem, bvadd64(R0, 20bv64))); assert Gamma_R0; goto lmain_goto_l00000398, lmain_goto_l000001bc; + lmain_goto_l00000398: + assume {:captureState "lmain_goto_l00000398"} true; + assume (bvcomp32(R0[32:0], 0bv32) == 0bv1); + goto l00000398; + lmain_goto_l000001bc: + assume {:captureState "lmain_goto_l000001bc"} true; + assume (bvcomp32(R0[32:0], 0bv32) != 0bv1); + goto l000001bc; + l000001bc: + assume {:captureState "l000001bc"} true; + goto main_return; l00000398: assume {:captureState "l00000398"} true; call rely(); R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, bvadd64(R1, 4bv64))), (gamma_load32(Gamma_mem, bvadd64(R1, 4bv64)) || L(mem, bvadd64(R1, 4bv64))); goto l000001bc; - l000001bc: - assume {:captureState "l000001bc"} true; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; - lmain_goto_l000001bc: - assume {:captureState "lmain_goto_l000001bc"} true; - assume (bvcomp32(R0[32:0], 0bv32) != 0bv1); - goto l000001bc; - lmain_goto_l00000398: - assume {:captureState "lmain_goto_l00000398"} true; - assume (bvcomp32(R0[32:0], 0bv32) == 0bv1); - goto l00000398; } diff --git a/src/test/correct/basic_function_call_reader/gcc_no_plt_no_pic/basic_function_call_reader.expected b/src/test/correct/basic_function_call_reader/gcc_no_plt_no_pic/basic_function_call_reader.expected index 4e6114cb7..484f6bcd0 100644 --- a/src/test/correct/basic_function_call_reader/gcc_no_plt_no_pic/basic_function_call_reader.expected +++ b/src/test/correct/basic_function_call_reader/gcc_no_plt_no_pic/basic_function_call_reader.expected @@ -231,10 +231,6 @@ procedure main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; goto lmain_goto_l0000094e, lmain_goto_l00000937; - l00000937: - assume {:captureState "l00000937"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); - goto l00000943; l0000094e: assume {:captureState "l0000094e"} true; R0, Gamma_R0 := 0bv64, true; @@ -242,13 +238,23 @@ procedure main() l00000943: assume {:captureState "l00000943"} true; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; - return; - lmain_goto_l00000937: - assume {:captureState "lmain_goto_l00000937"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); - goto l00000937; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; lmain_goto_l0000094e: assume {:captureState "lmain_goto_l0000094e"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); goto l0000094e; + lmain_goto_l00000937: + assume {:captureState "lmain_goto_l00000937"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); + goto l00000937; + l00000937: + assume {:captureState "l00000937"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); + goto l00000943; + main_return: + assume {:captureState "main_return"} true; + return; } diff --git a/src/test/correct/basic_function_call_reader/gcc_pic/basic_function_call_reader.expected b/src/test/correct/basic_function_call_reader/gcc_pic/basic_function_call_reader.expected index 00bc7a897..f6a889a26 100644 --- a/src/test/correct/basic_function_call_reader/gcc_pic/basic_function_call_reader.expected +++ b/src/test/correct/basic_function_call_reader/gcc_pic/basic_function_call_reader.expected @@ -289,24 +289,30 @@ procedure main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; goto lmain_goto_l0000034b, lmain_goto_l00000334; + lmain_goto_l0000034b: + assume {:captureState "lmain_goto_l0000034b"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); + goto l0000034b; l00000334: assume {:captureState "l00000334"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); goto l00000340; + lmain_goto_l00000334: + assume {:captureState "lmain_goto_l00000334"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); + goto l00000334; l0000034b: assume {:captureState "l0000034b"} true; R0, Gamma_R0 := 0bv64, true; goto l00000340; + terminate: + assume {:captureState "terminate"} true; + goto terminate; l00000340: assume {:captureState "l00000340"} true; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + main_return: + assume {:captureState "main_return"} true; return; - lmain_goto_l00000334: - assume {:captureState "lmain_goto_l00000334"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); - goto l00000334; - lmain_goto_l0000034b: - assume {:captureState "lmain_goto_l0000034b"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); - goto l0000034b; } diff --git a/src/test/correct/basic_lock_read/clang/basic_lock_read.expected b/src/test/correct/basic_lock_read/clang/basic_lock_read.expected index 1c3a5a3f7..af934dfb1 100644 --- a/src/test/correct/basic_lock_read/clang/basic_lock_read.expected +++ b/src/test/correct/basic_lock_read/clang/basic_lock_read.expected @@ -229,21 +229,18 @@ procedure main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; goto lmain_goto_l00000330, lmain_goto_l0000032d; - l00000330: - assume {:captureState "l00000330"} true; - R8, Gamma_R8 := 1bv64, true; - goto l00000333; + lmain_goto_l00000330: + assume {:captureState "lmain_goto_l00000330"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l00000330; l0000032d: assume {:captureState "l0000032d"} true; R8, Gamma_R8 := 0bv64, true; goto l00000333; - l00000333: - assume {:captureState "l00000333"} true; - assert Gamma_R8; - goto l00000333_goto_l0000033b, l00000333_goto_l00000352; - l00000352: - assume {:captureState "l00000352"} true; - goto l00000353; + lmain_goto_l0000032d: + assume {:captureState "lmain_goto_l0000032d"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l0000032d; l00000353: assume {:captureState "l00000353"} true; R8, Gamma_R8 := 69632bv64, true; @@ -258,19 +255,25 @@ procedure main() stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 8bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 8bv64), Gamma_R8); assume {:captureState "%0000036f"} true; goto l0000033b; + l00000352: + assume {:captureState "l00000352"} true; + goto l00000353; + l00000330: + assume {:captureState "l00000330"} true; + R8, Gamma_R8 := 1bv64, true; + goto l00000333; + l00000333: + assume {:captureState "l00000333"} true; + assert Gamma_R8; + goto l00000333_goto_l0000033b, l00000333_goto_l00000352; l0000033b: assume {:captureState "l0000033b"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; - return; - lmain_goto_l0000032d: - assume {:captureState "lmain_goto_l0000032d"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l0000032d; - lmain_goto_l00000330: - assume {:captureState "lmain_goto_l00000330"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l00000330; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; l00000333_goto_l0000033b: assume {:captureState "l00000333_goto_l0000033b"} true; assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); @@ -279,4 +282,7 @@ procedure main() assume {:captureState "l00000333_goto_l00000352"} true; assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); goto l00000352; + main_return: + assume {:captureState "main_return"} true; + return; } diff --git a/src/test/correct/basic_lock_read/clang_O2/basic_lock_read.expected b/src/test/correct/basic_lock_read/clang_O2/basic_lock_read.expected index cddb678c2..4bcf85bf9 100644 --- a/src/test/correct/basic_lock_read/clang_O2/basic_lock_read.expected +++ b/src/test/correct/basic_lock_read/clang_O2/basic_lock_read.expected @@ -195,6 +195,14 @@ procedure main() R8, Gamma_R8 := zero_extend32_32(memory_load32_le(mem, bvadd64(R8, 52bv64))), (gamma_load32(Gamma_mem, bvadd64(R8, 52bv64)) || L(mem, bvadd64(R8, 52bv64))); assert Gamma_R8; goto lmain_goto_l000002dc, lmain_goto_l000002f7; + lmain_goto_l000002dc: + assume {:captureState "lmain_goto_l000002dc"} true; + assume (bvcomp32(R8[32:0], 0bv32) != 0bv1); + goto l000002dc; + lmain_goto_l000002f7: + assume {:captureState "lmain_goto_l000002f7"} true; + assume (bvcomp32(R8[32:0], 0bv32) == 0bv1); + goto l000002f7; l000002dc: assume {:captureState "l000002dc"} true; R8, Gamma_R8 := 69632bv64, true; @@ -205,17 +213,15 @@ procedure main() assert (memory_load32_le(mem, $z_addr) == z_old); assume {:captureState "%000002eb"} true; R0, Gamma_R0 := 0bv64, true; - return; + goto main_return; l000002f7: assume {:captureState "l000002f7"} true; R0, Gamma_R0 := 0bv64, true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; - lmain_goto_l000002dc: - assume {:captureState "lmain_goto_l000002dc"} true; - assume (bvcomp32(R8[32:0], 0bv32) != 0bv1); - goto l000002dc; - lmain_goto_l000002f7: - assume {:captureState "lmain_goto_l000002f7"} true; - assume (bvcomp32(R8[32:0], 0bv32) == 0bv1); - goto l000002f7; } diff --git a/src/test/correct/basic_lock_read/clang_no_plt_no_pic/basic_lock_read.expected b/src/test/correct/basic_lock_read/clang_no_plt_no_pic/basic_lock_read.expected index fa4bbf9ea..6982dd8c7 100644 --- a/src/test/correct/basic_lock_read/clang_no_plt_no_pic/basic_lock_read.expected +++ b/src/test/correct/basic_lock_read/clang_no_plt_no_pic/basic_lock_read.expected @@ -229,14 +229,11 @@ procedure main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; goto lmain_goto_l0000095b, lmain_goto_l00000958; - l0000095b: - assume {:captureState "l0000095b"} true; - R8, Gamma_R8 := 1bv64, true; - goto l0000095e; - l00000958: - assume {:captureState "l00000958"} true; - R8, Gamma_R8 := 0bv64, true; - goto l0000095e; + l00000966: + assume {:captureState "l00000966"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); + R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; l0000095e: assume {:captureState "l0000095e"} true; assert Gamma_R8; @@ -244,6 +241,10 @@ procedure main() l0000097d: assume {:captureState "l0000097d"} true; goto l0000097e; + l0000095b: + assume {:captureState "l0000095b"} true; + R8, Gamma_R8 := 1bv64, true; + goto l0000095e; l0000097e: assume {:captureState "l0000097e"} true; R8, Gamma_R8 := 69632bv64, true; @@ -258,25 +259,30 @@ procedure main() stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 8bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 8bv64), Gamma_R8); assume {:captureState "%0000099a"} true; goto l00000966; - l00000966: - assume {:captureState "l00000966"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); - R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; - return; - lmain_goto_l00000958: - assume {:captureState "lmain_goto_l00000958"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l00000958; - lmain_goto_l0000095b: - assume {:captureState "lmain_goto_l0000095b"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l0000095b; l0000095e_goto_l00000966: assume {:captureState "l0000095e_goto_l00000966"} true; assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); goto l00000966; + lmain_goto_l0000095b: + assume {:captureState "lmain_goto_l0000095b"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l0000095b; l0000095e_goto_l0000097d: assume {:captureState "l0000095e_goto_l0000097d"} true; assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); goto l0000097d; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + l00000958: + assume {:captureState "l00000958"} true; + R8, Gamma_R8 := 0bv64, true; + goto l0000095e; + lmain_goto_l00000958: + assume {:captureState "lmain_goto_l00000958"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l00000958; + main_return: + assume {:captureState "main_return"} true; + return; } diff --git a/src/test/correct/basic_lock_read/clang_pic/basic_lock_read.expected b/src/test/correct/basic_lock_read/clang_pic/basic_lock_read.expected index e28d3c353..c7ea4b821 100644 --- a/src/test/correct/basic_lock_read/clang_pic/basic_lock_read.expected +++ b/src/test/correct/basic_lock_read/clang_pic/basic_lock_read.expected @@ -287,21 +287,42 @@ procedure main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; goto lmain_goto_l0000033f, lmain_goto_l0000033c; + l00000342_goto_l0000034a: + assume {:captureState "l00000342_goto_l0000034a"} true; + assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); + goto l0000034a; + lmain_goto_l0000033c: + assume {:captureState "lmain_goto_l0000033c"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l0000033c; + l00000342_goto_l00000361: + assume {:captureState "l00000342_goto_l00000361"} true; + assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); + goto l00000361; l0000033f: assume {:captureState "l0000033f"} true; R8, Gamma_R8 := 1bv64, true; goto l00000342; - l0000033c: - assume {:captureState "l0000033c"} true; - R8, Gamma_R8 := 0bv64, true; - goto l00000342; l00000342: assume {:captureState "l00000342"} true; assert Gamma_R8; goto l00000342_goto_l0000034a, l00000342_goto_l00000361; - l00000361: - assume {:captureState "l00000361"} true; - goto l00000362; + l0000034a: + assume {:captureState "l0000034a"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); + R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + lmain_goto_l0000033f: + assume {:captureState "lmain_goto_l0000033f"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l0000033f; + l0000033c: + assume {:captureState "l0000033c"} true; + R8, Gamma_R8 := 0bv64, true; + goto l00000342; + terminate: + assume {:captureState "terminate"} true; + goto terminate; l00000362: assume {:captureState "l00000362"} true; R8, Gamma_R8 := 65536bv64, true; @@ -318,25 +339,10 @@ procedure main() stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 8bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 8bv64), Gamma_R8); assume {:captureState "%00000385"} true; goto l0000034a; - l0000034a: - assume {:captureState "l0000034a"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); - R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + l00000361: + assume {:captureState "l00000361"} true; + goto l00000362; + main_return: + assume {:captureState "main_return"} true; return; - lmain_goto_l0000033c: - assume {:captureState "lmain_goto_l0000033c"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l0000033c; - lmain_goto_l0000033f: - assume {:captureState "lmain_goto_l0000033f"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l0000033f; - l00000342_goto_l0000034a: - assume {:captureState "l00000342_goto_l0000034a"} true; - assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); - goto l0000034a; - l00000342_goto_l00000361: - assume {:captureState "l00000342_goto_l00000361"} true; - assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); - goto l00000361; } diff --git a/src/test/correct/basic_lock_read/gcc/basic_lock_read.expected b/src/test/correct/basic_lock_read/gcc/basic_lock_read.expected index f3d1f915f..32c50f26b 100644 --- a/src/test/correct/basic_lock_read/gcc/basic_lock_read.expected +++ b/src/test/correct/basic_lock_read/gcc/basic_lock_read.expected @@ -225,6 +225,11 @@ procedure main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; goto lmain_goto_l00000327, lmain_goto_l0000033e; + l00000327: + assume {:captureState "l00000327"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); + R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; l0000033e: assume {:captureState "l0000033e"} true; R0, Gamma_R0 := 69632bv64, true; @@ -242,17 +247,18 @@ procedure main() stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R0); assume {:captureState "%00000368"} true; goto l00000327; - l00000327: - assume {:captureState "l00000327"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); - R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; - return; - lmain_goto_l00000327: - assume {:captureState "lmain_goto_l00000327"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); - goto l00000327; lmain_goto_l0000033e: assume {:captureState "lmain_goto_l0000033e"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); goto l0000033e; + lmain_goto_l00000327: + assume {:captureState "lmain_goto_l00000327"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); + goto l00000327; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; + return; } diff --git a/src/test/correct/basic_lock_read/gcc_O2/basic_lock_read.expected b/src/test/correct/basic_lock_read/gcc_O2/basic_lock_read.expected index 269cc87f0..c3f5bd96d 100644 --- a/src/test/correct/basic_lock_read/gcc_O2/basic_lock_read.expected +++ b/src/test/correct/basic_lock_read/gcc_O2/basic_lock_read.expected @@ -197,6 +197,17 @@ procedure main() R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, bvadd64(R0, 20bv64))), (gamma_load32(Gamma_mem, bvadd64(R0, 20bv64)) || L(mem, bvadd64(R0, 20bv64))); assert Gamma_R0; goto lmain_goto_l000001bd, lmain_goto_l0000039c; + lmain_goto_l000001bd: + assume {:captureState "lmain_goto_l000001bd"} true; + assume (bvnot1(bvcomp32(R0[32:0], 0bv32)) != 0bv1); + goto l000001bd; + l000001bd: + assume {:captureState "l000001bd"} true; + R0, Gamma_R0 := 0bv64, true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; l0000039c: assume {:captureState "l0000039c"} true; call rely(); @@ -206,16 +217,11 @@ procedure main() assert (memory_load32_le(mem, $z_addr) == z_old); assume {:captureState "%000003a1"} true; goto l000001bd; - l000001bd: - assume {:captureState "l000001bd"} true; - R0, Gamma_R0 := 0bv64, true; - return; - lmain_goto_l000001bd: - assume {:captureState "lmain_goto_l000001bd"} true; - assume (bvnot1(bvcomp32(R0[32:0], 0bv32)) != 0bv1); - goto l000001bd; lmain_goto_l0000039c: assume {:captureState "lmain_goto_l0000039c"} true; assume (bvnot1(bvcomp32(R0[32:0], 0bv32)) == 0bv1); goto l0000039c; + main_return: + assume {:captureState "main_return"} true; + return; } diff --git a/src/test/correct/basic_lock_read/gcc_no_plt_no_pic/basic_lock_read.expected b/src/test/correct/basic_lock_read/gcc_no_plt_no_pic/basic_lock_read.expected index 3d86091ff..38e60630f 100644 --- a/src/test/correct/basic_lock_read/gcc_no_plt_no_pic/basic_lock_read.expected +++ b/src/test/correct/basic_lock_read/gcc_no_plt_no_pic/basic_lock_read.expected @@ -242,17 +242,23 @@ procedure main() stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R0); assume {:captureState "%00000989"} true; goto l00000948; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + lmain_goto_l0000095f: + assume {:captureState "lmain_goto_l0000095f"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); + goto l0000095f; + lmain_goto_l00000948: + assume {:captureState "lmain_goto_l00000948"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); + goto l00000948; l00000948: assume {:captureState "l00000948"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + main_return: + assume {:captureState "main_return"} true; return; - lmain_goto_l00000948: - assume {:captureState "lmain_goto_l00000948"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); - goto l00000948; - lmain_goto_l0000095f: - assume {:captureState "lmain_goto_l0000095f"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); - goto l0000095f; } diff --git a/src/test/correct/basic_lock_read/gcc_pic/basic_lock_read.expected b/src/test/correct/basic_lock_read/gcc_pic/basic_lock_read.expected index 8d9b04baa..b6ecab503 100644 --- a/src/test/correct/basic_lock_read/gcc_pic/basic_lock_read.expected +++ b/src/test/correct/basic_lock_read/gcc_pic/basic_lock_read.expected @@ -282,6 +282,11 @@ procedure main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; goto lmain_goto_l0000033f, lmain_goto_l00000328; + l00000328: + assume {:captureState "l00000328"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); + R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; l0000033f: assume {:captureState "l0000033f"} true; R0, Gamma_R0 := 65536bv64, true; @@ -301,17 +306,18 @@ procedure main() stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R0); assume {:captureState "%0000036b"} true; goto l00000328; - l00000328: - assume {:captureState "l00000328"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); - R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; - return; - lmain_goto_l00000328: - assume {:captureState "lmain_goto_l00000328"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); - goto l00000328; lmain_goto_l0000033f: assume {:captureState "lmain_goto_l0000033f"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); goto l0000033f; + lmain_goto_l00000328: + assume {:captureState "lmain_goto_l00000328"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); + goto l00000328; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; + return; } diff --git a/src/test/correct/basic_lock_security_read/clang/basic_lock_security_read.expected b/src/test/correct/basic_lock_security_read/clang/basic_lock_security_read.expected index 82b5f57d7..a979ced01 100644 --- a/src/test/correct/basic_lock_security_read/clang/basic_lock_security_read.expected +++ b/src/test/correct/basic_lock_security_read/clang/basic_lock_security_read.expected @@ -227,21 +227,14 @@ procedure main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; goto lmain_goto_l00000329, lmain_goto_l0000032c; - l0000032c: - assume {:captureState "l0000032c"} true; - R8, Gamma_R8 := 1bv64, true; - goto l0000032f; l00000329: assume {:captureState "l00000329"} true; R8, Gamma_R8 := 0bv64, true; goto l0000032f; - l0000032f: - assume {:captureState "l0000032f"} true; - assert Gamma_R8; - goto l0000032f_goto_l0000034e, l0000032f_goto_l00000337; - l0000034e: - assume {:captureState "l0000034e"} true; - goto l0000034f; + l0000032f_goto_l0000034e: + assume {:captureState "l0000032f_goto_l0000034e"} true; + assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); + goto l0000034e; l0000034f: assume {:captureState "l0000034f"} true; R8, Gamma_R8 := 69632bv64, true; @@ -250,25 +243,38 @@ procedure main() stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 8bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 8bv64), Gamma_R8); assume {:captureState "%00000364"} true; goto l00000337; + l0000034e: + assume {:captureState "l0000034e"} true; + goto l0000034f; + l0000032c: + assume {:captureState "l0000032c"} true; + R8, Gamma_R8 := 1bv64, true; + goto l0000032f; + l0000032f: + assume {:captureState "l0000032f"} true; + assert Gamma_R8; + goto l0000032f_goto_l0000034e, l0000032f_goto_l00000337; l00000337: assume {:captureState "l00000337"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; - return; - lmain_goto_l00000329: - assume {:captureState "lmain_goto_l00000329"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l00000329; - lmain_goto_l0000032c: - assume {:captureState "lmain_goto_l0000032c"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l0000032c; + goto main_return; l0000032f_goto_l00000337: assume {:captureState "l0000032f_goto_l00000337"} true; assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); goto l00000337; - l0000032f_goto_l0000034e: - assume {:captureState "l0000032f_goto_l0000034e"} true; - assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); - goto l0000034e; + lmain_goto_l0000032c: + assume {:captureState "lmain_goto_l0000032c"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l0000032c; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + lmain_goto_l00000329: + assume {:captureState "lmain_goto_l00000329"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l00000329; + main_return: + assume {:captureState "main_return"} true; + return; } diff --git a/src/test/correct/basic_lock_security_read/clang_O2/basic_lock_security_read.expected b/src/test/correct/basic_lock_security_read/clang_O2/basic_lock_security_read.expected index 17802c3cc..2707a6f37 100644 --- a/src/test/correct/basic_lock_security_read/clang_O2/basic_lock_security_read.expected +++ b/src/test/correct/basic_lock_security_read/clang_O2/basic_lock_security_read.expected @@ -212,23 +212,29 @@ procedure main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; goto lmain_goto_l000002fd, lmain_goto_l000002fa; + lmain_goto_l000002fd: + assume {:captureState "lmain_goto_l000002fd"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l000002fd; l000002fd: assume {:captureState "l000002fd"} true; R0, Gamma_R0 := 0bv64, true; goto l00000300; + l00000300: + assume {:captureState "l00000300"} true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; l000002fa: assume {:captureState "l000002fa"} true; R0, Gamma_R0 := zero_extend32_32(R9[32:0]), Gamma_R9; goto l00000300; - l00000300: - assume {:captureState "l00000300"} true; - return; lmain_goto_l000002fa: assume {:captureState "lmain_goto_l000002fa"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); goto l000002fa; - lmain_goto_l000002fd: - assume {:captureState "lmain_goto_l000002fd"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l000002fd; + main_return: + assume {:captureState "main_return"} true; + return; } diff --git a/src/test/correct/basic_lock_security_read/clang_no_plt_no_pic/basic_lock_security_read.expected b/src/test/correct/basic_lock_security_read/clang_no_plt_no_pic/basic_lock_security_read.expected index de955442e..60ed644d1 100644 --- a/src/test/correct/basic_lock_security_read/clang_no_plt_no_pic/basic_lock_security_read.expected +++ b/src/test/correct/basic_lock_security_read/clang_no_plt_no_pic/basic_lock_security_read.expected @@ -227,18 +227,19 @@ procedure main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; goto lmain_goto_l0000094a, lmain_goto_l00000947; - l0000094a: - assume {:captureState "l0000094a"} true; - R8, Gamma_R8 := 1bv64, true; - goto l0000094d; - l00000947: - assume {:captureState "l00000947"} true; - R8, Gamma_R8 := 0bv64, true; - goto l0000094d; l0000094d: assume {:captureState "l0000094d"} true; assert Gamma_R8; goto l0000094d_goto_l00000955, l0000094d_goto_l0000096c; + l00000955: + assume {:captureState "l00000955"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); + R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + l0000094a: + assume {:captureState "l0000094a"} true; + R8, Gamma_R8 := 1bv64, true; + goto l0000094d; l0000096c: assume {:captureState "l0000096c"} true; goto l0000096d; @@ -250,25 +251,30 @@ procedure main() stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 8bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 8bv64), Gamma_R8); assume {:captureState "%00000982"} true; goto l00000955; - l00000955: - assume {:captureState "l00000955"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); - R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; - return; - lmain_goto_l00000947: - assume {:captureState "lmain_goto_l00000947"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l00000947; lmain_goto_l0000094a: assume {:captureState "lmain_goto_l0000094a"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); goto l0000094a; + terminate: + assume {:captureState "terminate"} true; + goto terminate; l0000094d_goto_l00000955: assume {:captureState "l0000094d_goto_l00000955"} true; assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); goto l00000955; + l00000947: + assume {:captureState "l00000947"} true; + R8, Gamma_R8 := 0bv64, true; + goto l0000094d; l0000094d_goto_l0000096c: assume {:captureState "l0000094d_goto_l0000096c"} true; assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); goto l0000096c; + lmain_goto_l00000947: + assume {:captureState "lmain_goto_l00000947"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l00000947; + main_return: + assume {:captureState "main_return"} true; + return; } diff --git a/src/test/correct/basic_lock_security_read/clang_pic/basic_lock_security_read.expected b/src/test/correct/basic_lock_security_read/clang_pic/basic_lock_security_read.expected index dda912b72..4467c6f88 100644 --- a/src/test/correct/basic_lock_security_read/clang_pic/basic_lock_security_read.expected +++ b/src/test/correct/basic_lock_security_read/clang_pic/basic_lock_security_read.expected @@ -285,10 +285,6 @@ procedure main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; goto lmain_goto_l00000338, lmain_goto_l0000033b; - l0000033b: - assume {:captureState "l0000033b"} true; - R8, Gamma_R8 := 1bv64, true; - goto l0000033e; l00000338: assume {:captureState "l00000338"} true; R8, Gamma_R8 := 0bv64, true; @@ -297,9 +293,15 @@ procedure main() assume {:captureState "l0000033e"} true; assert Gamma_R8; goto l0000033e_goto_l0000035d, l0000033e_goto_l00000346; - l0000035d: - assume {:captureState "l0000035d"} true; - goto l0000035e; + l00000346: + assume {:captureState "l00000346"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); + R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + lmain_goto_l0000033b: + assume {:captureState "lmain_goto_l0000033b"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l0000033b; l0000035e: assume {:captureState "l0000035e"} true; R8, Gamma_R8 := 65536bv64, true; @@ -310,25 +312,29 @@ procedure main() stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 8bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 8bv64), Gamma_R8); assume {:captureState "%0000037a"} true; goto l00000346; - l00000346: - assume {:captureState "l00000346"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); - R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; - return; + l0000035d: + assume {:captureState "l0000035d"} true; + goto l0000035e; + l0000033b: + assume {:captureState "l0000033b"} true; + R8, Gamma_R8 := 1bv64, true; + goto l0000033e; lmain_goto_l00000338: assume {:captureState "lmain_goto_l00000338"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); goto l00000338; - lmain_goto_l0000033b: - assume {:captureState "lmain_goto_l0000033b"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l0000033b; - l0000033e_goto_l00000346: - assume {:captureState "l0000033e_goto_l00000346"} true; - assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); - goto l00000346; + terminate: + assume {:captureState "terminate"} true; + goto terminate; l0000033e_goto_l0000035d: assume {:captureState "l0000033e_goto_l0000035d"} true; assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); goto l0000035d; + l0000033e_goto_l00000346: + assume {:captureState "l0000033e_goto_l00000346"} true; + assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); + goto l00000346; + main_return: + assume {:captureState "main_return"} true; + return; } diff --git a/src/test/correct/basic_lock_security_read/gcc/basic_lock_security_read.expected b/src/test/correct/basic_lock_security_read/gcc/basic_lock_security_read.expected index 0aae07f2c..16d6b2608 100644 --- a/src/test/correct/basic_lock_security_read/gcc/basic_lock_security_read.expected +++ b/src/test/correct/basic_lock_security_read/gcc/basic_lock_security_read.expected @@ -223,6 +223,19 @@ procedure main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; goto lmain_goto_l00000332, lmain_goto_l0000031b; + l0000031b: + assume {:captureState "l0000031b"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); + R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + lmain_goto_l00000332: + assume {:captureState "lmain_goto_l00000332"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); + goto l00000332; + lmain_goto_l0000031b: + assume {:captureState "lmain_goto_l0000031b"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); + goto l0000031b; l00000332: assume {:captureState "l00000332"} true; R0, Gamma_R0 := 69632bv64, true; @@ -232,17 +245,10 @@ procedure main() stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R0); assume {:captureState "%0000034a"} true; goto l0000031b; - l0000031b: - assume {:captureState "l0000031b"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); - R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; - lmain_goto_l0000031b: - assume {:captureState "lmain_goto_l0000031b"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); - goto l0000031b; - lmain_goto_l00000332: - assume {:captureState "lmain_goto_l00000332"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); - goto l00000332; } diff --git a/src/test/correct/basic_lock_security_read/gcc_O2/basic_lock_security_read.expected b/src/test/correct/basic_lock_security_read/gcc_O2/basic_lock_security_read.expected index e439d3e8c..d01bd3aa2 100644 --- a/src/test/correct/basic_lock_security_read/gcc_O2/basic_lock_security_read.expected +++ b/src/test/correct/basic_lock_security_read/gcc_O2/basic_lock_security_read.expected @@ -190,20 +190,26 @@ procedure main() R1, Gamma_R1 := zero_extend32_32(memory_load32_le(mem, bvadd64(R1, 20bv64))), (gamma_load32(Gamma_mem, bvadd64(R1, 20bv64)) || L(mem, bvadd64(R1, 20bv64))); assert Gamma_R1; goto lmain_goto_l000001c2, lmain_goto_l0000039c; + lmain_goto_l000001c2: + assume {:captureState "lmain_goto_l000001c2"} true; + assume (bvnot1(bvcomp32(R1[32:0], 0bv32)) != 0bv1); + goto l000001c2; + l000001c2: + assume {:captureState "l000001c2"} true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; l0000039c: assume {:captureState "l0000039c"} true; call rely(); R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, bvadd64(R2, 4bv64))), (gamma_load32(Gamma_mem, bvadd64(R2, 4bv64)) || L(mem, bvadd64(R2, 4bv64))); goto l000001c2; - l000001c2: - assume {:captureState "l000001c2"} true; - return; - lmain_goto_l000001c2: - assume {:captureState "lmain_goto_l000001c2"} true; - assume (bvnot1(bvcomp32(R1[32:0], 0bv32)) != 0bv1); - goto l000001c2; lmain_goto_l0000039c: assume {:captureState "lmain_goto_l0000039c"} true; assume (bvnot1(bvcomp32(R1[32:0], 0bv32)) == 0bv1); goto l0000039c; + main_return: + assume {:captureState "main_return"} true; + return; } diff --git a/src/test/correct/basic_lock_security_read/gcc_no_plt_no_pic/basic_lock_security_read.expected b/src/test/correct/basic_lock_security_read/gcc_no_plt_no_pic/basic_lock_security_read.expected index 2a17426c5..7180ce0d5 100644 --- a/src/test/correct/basic_lock_security_read/gcc_no_plt_no_pic/basic_lock_security_read.expected +++ b/src/test/correct/basic_lock_security_read/gcc_no_plt_no_pic/basic_lock_security_read.expected @@ -223,6 +223,22 @@ procedure main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; goto lmain_goto_l00000918, lmain_goto_l0000092f; + lmain_goto_l00000918: + assume {:captureState "lmain_goto_l00000918"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); + goto l00000918; + l00000918: + assume {:captureState "l00000918"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); + R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + lmain_goto_l0000092f: + assume {:captureState "lmain_goto_l0000092f"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); + goto l0000092f; l0000092f: assume {:captureState "l0000092f"} true; R0, Gamma_R0 := 69632bv64, true; @@ -232,17 +248,7 @@ procedure main() stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R0); assume {:captureState "%00000947"} true; goto l00000918; - l00000918: - assume {:captureState "l00000918"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); - R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + main_return: + assume {:captureState "main_return"} true; return; - lmain_goto_l00000918: - assume {:captureState "lmain_goto_l00000918"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); - goto l00000918; - lmain_goto_l0000092f: - assume {:captureState "lmain_goto_l0000092f"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); - goto l0000092f; } diff --git a/src/test/correct/basic_lock_security_read/gcc_pic/basic_lock_security_read.expected b/src/test/correct/basic_lock_security_read/gcc_pic/basic_lock_security_read.expected index edee39617..a9070a0fc 100644 --- a/src/test/correct/basic_lock_security_read/gcc_pic/basic_lock_security_read.expected +++ b/src/test/correct/basic_lock_security_read/gcc_pic/basic_lock_security_read.expected @@ -280,6 +280,19 @@ procedure main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; goto lmain_goto_l00000333, lmain_goto_l0000031c; + l0000031c: + assume {:captureState "l0000031c"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); + R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + lmain_goto_l00000333: + assume {:captureState "lmain_goto_l00000333"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); + goto l00000333; + lmain_goto_l0000031c: + assume {:captureState "lmain_goto_l0000031c"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); + goto l0000031c; l00000333: assume {:captureState "l00000333"} true; R0, Gamma_R0 := 65536bv64, true; @@ -290,17 +303,10 @@ procedure main() stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R0); assume {:captureState "%0000034c"} true; goto l0000031c; - l0000031c: - assume {:captureState "l0000031c"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); - R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; - lmain_goto_l0000031c: - assume {:captureState "lmain_goto_l0000031c"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); - goto l0000031c; - lmain_goto_l00000333: - assume {:captureState "lmain_goto_l00000333"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); - goto l00000333; } diff --git a/src/test/correct/basic_lock_security_write/clang/basic_lock_security_write.expected b/src/test/correct/basic_lock_security_write/clang/basic_lock_security_write.expected index f2f05a0b1..df5066676 100644 --- a/src/test/correct/basic_lock_security_write/clang/basic_lock_security_write.expected +++ b/src/test/correct/basic_lock_security_write/clang/basic_lock_security_write.expected @@ -247,5 +247,11 @@ procedure main() assert ((z_old == 0bv32) ==> ((memory_load32_le(mem, $x_addr) == x_old) && (memory_load32_le(mem, $z_addr) == z_old))); assume {:captureState "%00000323"} true; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/basic_lock_security_write/clang_O2/basic_lock_security_write.expected b/src/test/correct/basic_lock_security_write/clang_O2/basic_lock_security_write.expected index dd56def9f..083f2427c 100644 --- a/src/test/correct/basic_lock_security_write/clang_O2/basic_lock_security_write.expected +++ b/src/test/correct/basic_lock_security_write/clang_O2/basic_lock_security_write.expected @@ -214,5 +214,11 @@ procedure main() assert ((bvadd64(R9, 52bv64) == $z_addr) ==> (L(mem, $x_addr) ==> Gamma_x_old)); assert ((z_old == 0bv32) ==> ((memory_load32_le(mem, $x_addr) == x_old) && (memory_load32_le(mem, $z_addr) == z_old))); assume {:captureState "%000002dd"} true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/basic_lock_security_write/clang_no_plt_no_pic/basic_lock_security_write.expected b/src/test/correct/basic_lock_security_write/clang_no_plt_no_pic/basic_lock_security_write.expected index f38c4c74d..d4d3b145e 100644 --- a/src/test/correct/basic_lock_security_write/clang_no_plt_no_pic/basic_lock_security_write.expected +++ b/src/test/correct/basic_lock_security_write/clang_no_plt_no_pic/basic_lock_security_write.expected @@ -247,5 +247,11 @@ procedure main() assert ((z_old == 0bv32) ==> ((memory_load32_le(mem, $x_addr) == x_old) && (memory_load32_le(mem, $z_addr) == z_old))); assume {:captureState "%00000900"} true; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/basic_lock_security_write/clang_pic/basic_lock_security_write.expected b/src/test/correct/basic_lock_security_write/clang_pic/basic_lock_security_write.expected index f99743610..02e7807b9 100644 --- a/src/test/correct/basic_lock_security_write/clang_pic/basic_lock_security_write.expected +++ b/src/test/correct/basic_lock_security_write/clang_pic/basic_lock_security_write.expected @@ -307,5 +307,11 @@ procedure main() assert ((z_old == 0bv32) ==> ((memory_load32_le(mem, $x_addr) == x_old) && (memory_load32_le(mem, $z_addr) == z_old))); assume {:captureState "%00000339"} true; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/basic_lock_security_write/gcc/basic_lock_security_write.expected b/src/test/correct/basic_lock_security_write/gcc/basic_lock_security_write.expected index ba5c4d59d..3c95913ad 100644 --- a/src/test/correct/basic_lock_security_write/gcc/basic_lock_security_write.expected +++ b/src/test/correct/basic_lock_security_write/gcc/basic_lock_security_write.expected @@ -249,5 +249,11 @@ procedure main() assume {:captureState "%00000358"} true; R0, Gamma_R0 := 0bv64, true; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/basic_lock_security_write/gcc_O2/basic_lock_security_write.expected b/src/test/correct/basic_lock_security_write/gcc_O2/basic_lock_security_write.expected index 4bbaa34c0..443fd92e0 100644 --- a/src/test/correct/basic_lock_security_write/gcc_O2/basic_lock_security_write.expected +++ b/src/test/correct/basic_lock_security_write/gcc_O2/basic_lock_security_write.expected @@ -214,5 +214,11 @@ procedure main() assert ((bvadd64(R2, 4bv64) == $z_addr) ==> (L(mem, $x_addr) ==> Gamma_x_old)); assert ((z_old == 0bv32) ==> ((memory_load32_le(mem, $x_addr) == x_old) && (memory_load32_le(mem, $z_addr) == z_old))); assume {:captureState "%000001c4"} true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/basic_lock_security_write/gcc_no_plt_no_pic/basic_lock_security_write.expected b/src/test/correct/basic_lock_security_write/gcc_no_plt_no_pic/basic_lock_security_write.expected index b374205cf..bbed43fdf 100644 --- a/src/test/correct/basic_lock_security_write/gcc_no_plt_no_pic/basic_lock_security_write.expected +++ b/src/test/correct/basic_lock_security_write/gcc_no_plt_no_pic/basic_lock_security_write.expected @@ -249,5 +249,11 @@ procedure main() assume {:captureState "%0000097b"} true; R0, Gamma_R0 := 0bv64, true; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/basic_lock_security_write/gcc_pic/basic_lock_security_write.expected b/src/test/correct/basic_lock_security_write/gcc_pic/basic_lock_security_write.expected index cb4b9c8ca..8574be31a 100644 --- a/src/test/correct/basic_lock_security_write/gcc_pic/basic_lock_security_write.expected +++ b/src/test/correct/basic_lock_security_write/gcc_pic/basic_lock_security_write.expected @@ -309,5 +309,11 @@ procedure main() assume {:captureState "%0000035c"} true; R0, Gamma_R0 := 0bv64, true; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/basic_lock_unlock/clang/basic_lock_unlock.expected b/src/test/correct/basic_lock_unlock/clang/basic_lock_unlock.expected index 52936b563..08da21341 100644 --- a/src/test/correct/basic_lock_unlock/clang/basic_lock_unlock.expected +++ b/src/test/correct/basic_lock_unlock/clang/basic_lock_unlock.expected @@ -205,5 +205,11 @@ procedure main() mem, Gamma_mem := memory_store32_le(mem, bvadd64(R8, 56bv64), 0bv32), gamma_store32(Gamma_mem, bvadd64(R8, 56bv64), true); assert ((z_old == 0bv32) ==> ((memory_load32_le(mem, $x_addr) == x_old) && (memory_load32_le(mem, $z_addr) == z_old))); assume {:captureState "%000002e7"} true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/basic_lock_unlock/clang_O2/basic_lock_unlock.expected b/src/test/correct/basic_lock_unlock/clang_O2/basic_lock_unlock.expected index d052faebb..a378e6351 100644 --- a/src/test/correct/basic_lock_unlock/clang_O2/basic_lock_unlock.expected +++ b/src/test/correct/basic_lock_unlock/clang_O2/basic_lock_unlock.expected @@ -207,5 +207,11 @@ procedure main() mem, Gamma_mem := memory_store32_le(mem, bvadd64(R10, 56bv64), 0bv32), gamma_store32(Gamma_mem, bvadd64(R10, 56bv64), true); assert ((z_old == 0bv32) ==> ((memory_load32_le(mem, $x_addr) == x_old) && (memory_load32_le(mem, $z_addr) == z_old))); assume {:captureState "%000002e7"} true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/basic_lock_unlock/clang_no_plt_no_pic/basic_lock_unlock.expected b/src/test/correct/basic_lock_unlock/clang_no_plt_no_pic/basic_lock_unlock.expected index 934a892e7..20985befb 100644 --- a/src/test/correct/basic_lock_unlock/clang_no_plt_no_pic/basic_lock_unlock.expected +++ b/src/test/correct/basic_lock_unlock/clang_no_plt_no_pic/basic_lock_unlock.expected @@ -205,5 +205,11 @@ procedure main() mem, Gamma_mem := memory_store32_le(mem, bvadd64(R8, 56bv64), 0bv32), gamma_store32(Gamma_mem, bvadd64(R8, 56bv64), true); assert ((z_old == 0bv32) ==> ((memory_load32_le(mem, $x_addr) == x_old) && (memory_load32_le(mem, $z_addr) == z_old))); assume {:captureState "%00000876"} true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/basic_lock_unlock/clang_pic/basic_lock_unlock.expected b/src/test/correct/basic_lock_unlock/clang_pic/basic_lock_unlock.expected index 1b825317d..411ddfb1b 100644 --- a/src/test/correct/basic_lock_unlock/clang_pic/basic_lock_unlock.expected +++ b/src/test/correct/basic_lock_unlock/clang_pic/basic_lock_unlock.expected @@ -265,5 +265,11 @@ procedure main() mem, Gamma_mem := memory_store32_le(mem, R8, 0bv32), gamma_store32(Gamma_mem, R8, true); assert ((z_old == 0bv32) ==> ((memory_load32_le(mem, $x_addr) == x_old) && (memory_load32_le(mem, $z_addr) == z_old))); assume {:captureState "%000002fd"} true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/basic_lock_unlock/gcc/basic_lock_unlock.expected b/src/test/correct/basic_lock_unlock/gcc/basic_lock_unlock.expected index 45c3f0f16..de3dd25c7 100644 --- a/src/test/correct/basic_lock_unlock/gcc/basic_lock_unlock.expected +++ b/src/test/correct/basic_lock_unlock/gcc/basic_lock_unlock.expected @@ -205,5 +205,11 @@ procedure main() assert ((z_old == 0bv32) ==> ((memory_load32_le(mem, $x_addr) == x_old) && (memory_load32_le(mem, $z_addr) == z_old))); assume {:captureState "%000002f6"} true; R0, Gamma_R0 := 0bv64, true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/basic_lock_unlock/gcc_O2/basic_lock_unlock.expected b/src/test/correct/basic_lock_unlock/gcc_O2/basic_lock_unlock.expected index 4bb063905..42f5987c8 100644 --- a/src/test/correct/basic_lock_unlock/gcc_O2/basic_lock_unlock.expected +++ b/src/test/correct/basic_lock_unlock/gcc_O2/basic_lock_unlock.expected @@ -207,5 +207,11 @@ procedure main() mem, Gamma_mem := memory_store32_le(mem, bvadd64(R2, 4bv64), 0bv32), gamma_store32(Gamma_mem, bvadd64(R2, 4bv64), true); assert ((z_old == 0bv32) ==> ((memory_load32_le(mem, $x_addr) == x_old) && (memory_load32_le(mem, $z_addr) == z_old))); assume {:captureState "%000001ca"} true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/basic_lock_unlock/gcc_no_plt_no_pic/basic_lock_unlock.expected b/src/test/correct/basic_lock_unlock/gcc_no_plt_no_pic/basic_lock_unlock.expected index 7de6a308f..efdcfa128 100644 --- a/src/test/correct/basic_lock_unlock/gcc_no_plt_no_pic/basic_lock_unlock.expected +++ b/src/test/correct/basic_lock_unlock/gcc_no_plt_no_pic/basic_lock_unlock.expected @@ -205,5 +205,11 @@ procedure main() assert ((z_old == 0bv32) ==> ((memory_load32_le(mem, $x_addr) == x_old) && (memory_load32_le(mem, $z_addr) == z_old))); assume {:captureState "%0000089d"} true; R0, Gamma_R0 := 0bv64, true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/basic_lock_unlock/gcc_pic/basic_lock_unlock.expected b/src/test/correct/basic_lock_unlock/gcc_pic/basic_lock_unlock.expected index e7f59e5d7..96f9859ff 100644 --- a/src/test/correct/basic_lock_unlock/gcc_pic/basic_lock_unlock.expected +++ b/src/test/correct/basic_lock_unlock/gcc_pic/basic_lock_unlock.expected @@ -263,5 +263,11 @@ procedure main() assert ((z_old == 0bv32) ==> ((memory_load32_le(mem, $x_addr) == x_old) && (memory_load32_le(mem, $z_addr) == z_old))); assume {:captureState "%000002f8"} true; R0, Gamma_R0 := 0bv64, true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/basic_loop_assign/clang/basic_loop_assign.expected b/src/test/correct/basic_loop_assign/clang/basic_loop_assign.expected index 1702ab871..ee4e60ca2 100644 --- a/src/test/correct/basic_loop_assign/clang/basic_loop_assign.expected +++ b/src/test/correct/basic_loop_assign/clang/basic_loop_assign.expected @@ -196,5 +196,11 @@ procedure main() assert (((memory_load32_le(mem, $x_addr) == x_old) || ((memory_load32_le(mem, $x_addr) == 20bv32) && (x_old == 0bv32))) || ((memory_load32_le(mem, $x_addr) == 20bv32) && bvsle32(x_old, 10bv32))); assume {:captureState "%000002ce"} true; R0, Gamma_R0 := 0bv64, true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/basic_loop_assign/clang_O2/basic_loop_assign.expected b/src/test/correct/basic_loop_assign/clang_O2/basic_loop_assign.expected index 8031b1142..43ce0fc33 100644 --- a/src/test/correct/basic_loop_assign/clang_O2/basic_loop_assign.expected +++ b/src/test/correct/basic_loop_assign/clang_O2/basic_loop_assign.expected @@ -196,5 +196,11 @@ procedure main() mem, Gamma_mem := memory_store32_le(mem, bvadd64(R8, 52bv64), R9[32:0]), gamma_store32(Gamma_mem, bvadd64(R8, 52bv64), Gamma_R9); assert (((memory_load32_le(mem, $x_addr) == x_old) || ((memory_load32_le(mem, $x_addr) == 20bv32) && (x_old == 0bv32))) || ((memory_load32_le(mem, $x_addr) == 20bv32) && bvsle32(x_old, 10bv32))); assume {:captureState "%000002d3"} true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/basic_loop_assign/clang_no_plt_no_pic/basic_loop_assign.expected b/src/test/correct/basic_loop_assign/clang_no_plt_no_pic/basic_loop_assign.expected index 45a841343..a3c388072 100644 --- a/src/test/correct/basic_loop_assign/clang_no_plt_no_pic/basic_loop_assign.expected +++ b/src/test/correct/basic_loop_assign/clang_no_plt_no_pic/basic_loop_assign.expected @@ -196,5 +196,11 @@ procedure main() assert (((memory_load32_le(mem, $x_addr) == x_old) || ((memory_load32_le(mem, $x_addr) == 20bv32) && (x_old == 0bv32))) || ((memory_load32_le(mem, $x_addr) == 20bv32) && bvsle32(x_old, 10bv32))); assume {:captureState "%00000845"} true; R0, Gamma_R0 := 0bv64, true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/basic_loop_assign/clang_pic/basic_loop_assign.expected b/src/test/correct/basic_loop_assign/clang_pic/basic_loop_assign.expected index 9c2937fd7..028ca06bc 100644 --- a/src/test/correct/basic_loop_assign/clang_pic/basic_loop_assign.expected +++ b/src/test/correct/basic_loop_assign/clang_pic/basic_loop_assign.expected @@ -230,5 +230,11 @@ procedure main() assert (((memory_load32_le(mem, $x_addr) == x_old) || ((memory_load32_le(mem, $x_addr) == 20bv32) && (x_old == 0bv32))) || ((memory_load32_le(mem, $x_addr) == 20bv32) && bvsle32(x_old, 10bv32))); assume {:captureState "%000002d9"} true; R0, Gamma_R0 := 0bv64, true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/basic_loop_assign/gcc/basic_loop_assign.expected b/src/test/correct/basic_loop_assign/gcc/basic_loop_assign.expected index 55d86092d..dfa2c4f74 100644 --- a/src/test/correct/basic_loop_assign/gcc/basic_loop_assign.expected +++ b/src/test/correct/basic_loop_assign/gcc/basic_loop_assign.expected @@ -195,5 +195,11 @@ procedure main() assert (((memory_load32_le(mem, $x_addr) == x_old) || ((memory_load32_le(mem, $x_addr) == 20bv32) && (x_old == 0bv32))) || ((memory_load32_le(mem, $x_addr) == 20bv32) && bvsle32(x_old, 10bv32))); assume {:captureState "%000002d8"} true; R0, Gamma_R0 := 0bv64, true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/basic_loop_assign/gcc_O2/basic_loop_assign.expected b/src/test/correct/basic_loop_assign/gcc_O2/basic_loop_assign.expected index 8a5abed56..62e7740c9 100644 --- a/src/test/correct/basic_loop_assign/gcc_O2/basic_loop_assign.expected +++ b/src/test/correct/basic_loop_assign/gcc_O2/basic_loop_assign.expected @@ -196,5 +196,11 @@ procedure main() mem, Gamma_mem := memory_store32_le(mem, bvadd64(R1, 20bv64), R2[32:0]), gamma_store32(Gamma_mem, bvadd64(R1, 20bv64), Gamma_R2); assert (((memory_load32_le(mem, $x_addr) == x_old) || ((memory_load32_le(mem, $x_addr) == 20bv32) && (x_old == 0bv32))) || ((memory_load32_le(mem, $x_addr) == 20bv32) && bvsle32(x_old, 10bv32))); assume {:captureState "%000001bd"} true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/basic_loop_assign/gcc_no_plt_no_pic/basic_loop_assign.expected b/src/test/correct/basic_loop_assign/gcc_no_plt_no_pic/basic_loop_assign.expected index 406846cdd..c2c65066e 100644 --- a/src/test/correct/basic_loop_assign/gcc_no_plt_no_pic/basic_loop_assign.expected +++ b/src/test/correct/basic_loop_assign/gcc_no_plt_no_pic/basic_loop_assign.expected @@ -195,5 +195,11 @@ procedure main() assert (((memory_load32_le(mem, $x_addr) == x_old) || ((memory_load32_le(mem, $x_addr) == 20bv32) && (x_old == 0bv32))) || ((memory_load32_le(mem, $x_addr) == 20bv32) && bvsle32(x_old, 10bv32))); assume {:captureState "%0000085b"} true; R0, Gamma_R0 := 0bv64, true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/basic_loop_assign/gcc_pic/basic_loop_assign.expected b/src/test/correct/basic_loop_assign/gcc_pic/basic_loop_assign.expected index 4296b2ef3..3c28f5b65 100644 --- a/src/test/correct/basic_loop_assign/gcc_pic/basic_loop_assign.expected +++ b/src/test/correct/basic_loop_assign/gcc_pic/basic_loop_assign.expected @@ -228,5 +228,11 @@ procedure main() assert (((memory_load32_le(mem, $x_addr) == x_old) || ((memory_load32_le(mem, $x_addr) == 20bv32) && (x_old == 0bv32))) || ((memory_load32_le(mem, $x_addr) == 20bv32) && bvsle32(x_old, 10bv32))); assume {:captureState "%000002d9"} true; R0, Gamma_R0 := 0bv64, true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/basic_operation_evaluation/clang/basic_operation_evaluation.expected b/src/test/correct/basic_operation_evaluation/clang/basic_operation_evaluation.expected index 1b7086b6a..f39128900 100644 --- a/src/test/correct/basic_operation_evaluation/clang/basic_operation_evaluation.expected +++ b/src/test/correct/basic_operation_evaluation/clang/basic_operation_evaluation.expected @@ -255,14 +255,18 @@ procedure main() R10, Gamma_R10 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); assert Gamma_R10; goto lmain_goto_l000003c9, lmain_goto_l000003ce; - l000003ce: - assume {:captureState "l000003ce"} true; - R9, Gamma_R9 := zero_extend32_32(bvsdiv33(sign_extend1_32(R8[32:0]), sign_extend1_32(R10[32:0]))[32:0]), (Gamma_R10 && Gamma_R8); - goto l000003d1; l000003c9: assume {:captureState "l000003c9"} true; R9, Gamma_R9 := 0bv64, true; goto l000003d1; + l000003ce: + assume {:captureState "l000003ce"} true; + R9, Gamma_R9 := zero_extend32_32(bvsdiv33(sign_extend1_32(R8[32:0]), sign_extend1_32(R10[32:0]))[32:0]), (Gamma_R10 && Gamma_R8); + goto l000003d1; + lmain_goto_l000003ce: + assume {:captureState "lmain_goto_l000003ce"} true; + assume (bvcomp32(R10[32:0], 0bv32) == 0bv1); + goto l000003ce; l000003d1: assume {:captureState "l000003d1"} true; R9, Gamma_R9 := zero_extend32_32(bvmul64(zero_extend32_32(R9[32:0]), zero_extend32_32(R10[32:0]))[32:0]), (Gamma_R10 && Gamma_R9); @@ -276,13 +280,15 @@ procedure main() stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 4bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 4bv64), Gamma_R8); assume {:captureState "%00000407"} true; R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; - return; + goto main_return; lmain_goto_l000003c9: assume {:captureState "lmain_goto_l000003c9"} true; assume (bvcomp32(R10[32:0], 0bv32) != 0bv1); goto l000003c9; - lmain_goto_l000003ce: - assume {:captureState "lmain_goto_l000003ce"} true; - assume (bvcomp32(R10[32:0], 0bv32) == 0bv1); - goto l000003ce; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; + return; } diff --git a/src/test/correct/basic_operation_evaluation/clang_O2/basic_operation_evaluation.expected b/src/test/correct/basic_operation_evaluation/clang_O2/basic_operation_evaluation.expected index b904c03a5..91c86ad15 100644 --- a/src/test/correct/basic_operation_evaluation/clang_O2/basic_operation_evaluation.expected +++ b/src/test/correct/basic_operation_evaluation/clang_O2/basic_operation_evaluation.expected @@ -157,5 +157,11 @@ procedure main() lmain: assume {:captureState "lmain"} true; R0, Gamma_R0 := 0bv64, true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/basic_operation_evaluation/clang_no_plt_no_pic/basic_operation_evaluation.expected b/src/test/correct/basic_operation_evaluation/clang_no_plt_no_pic/basic_operation_evaluation.expected index dd3e282d6..777803502 100644 --- a/src/test/correct/basic_operation_evaluation/clang_no_plt_no_pic/basic_operation_evaluation.expected +++ b/src/test/correct/basic_operation_evaluation/clang_no_plt_no_pic/basic_operation_evaluation.expected @@ -255,14 +255,14 @@ procedure main() R10, Gamma_R10 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); assert Gamma_R10; goto lmain_goto_l00000ab1, lmain_goto_l00000aac; - l00000ab1: - assume {:captureState "l00000ab1"} true; - R9, Gamma_R9 := zero_extend32_32(bvsdiv33(sign_extend1_32(R8[32:0]), sign_extend1_32(R10[32:0]))[32:0]), (Gamma_R10 && Gamma_R8); - goto l00000ab4; - l00000aac: - assume {:captureState "l00000aac"} true; - R9, Gamma_R9 := 0bv64, true; - goto l00000ab4; + lmain_goto_l00000ab1: + assume {:captureState "lmain_goto_l00000ab1"} true; + assume (bvcomp32(R10[32:0], 0bv32) == 0bv1); + goto l00000ab1; + lmain_goto_l00000aac: + assume {:captureState "lmain_goto_l00000aac"} true; + assume (bvcomp32(R10[32:0], 0bv32) != 0bv1); + goto l00000aac; l00000ab4: assume {:captureState "l00000ab4"} true; R9, Gamma_R9 := zero_extend32_32(bvmul64(zero_extend32_32(R9[32:0]), zero_extend32_32(R10[32:0]))[32:0]), (Gamma_R10 && Gamma_R9); @@ -276,13 +276,19 @@ procedure main() stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 4bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 4bv64), Gamma_R8); assume {:captureState "%00000aea"} true; R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; + goto main_return; + l00000aac: + assume {:captureState "l00000aac"} true; + R9, Gamma_R9 := 0bv64, true; + goto l00000ab4; + l00000ab1: + assume {:captureState "l00000ab1"} true; + R9, Gamma_R9 := zero_extend32_32(bvsdiv33(sign_extend1_32(R8[32:0]), sign_extend1_32(R10[32:0]))[32:0]), (Gamma_R10 && Gamma_R8); + goto l00000ab4; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; - lmain_goto_l00000aac: - assume {:captureState "lmain_goto_l00000aac"} true; - assume (bvcomp32(R10[32:0], 0bv32) != 0bv1); - goto l00000aac; - lmain_goto_l00000ab1: - assume {:captureState "lmain_goto_l00000ab1"} true; - assume (bvcomp32(R10[32:0], 0bv32) == 0bv1); - goto l00000ab1; } diff --git a/src/test/correct/basic_operation_evaluation/clang_pic/basic_operation_evaluation.expected b/src/test/correct/basic_operation_evaluation/clang_pic/basic_operation_evaluation.expected index dd3e282d6..777803502 100644 --- a/src/test/correct/basic_operation_evaluation/clang_pic/basic_operation_evaluation.expected +++ b/src/test/correct/basic_operation_evaluation/clang_pic/basic_operation_evaluation.expected @@ -255,14 +255,14 @@ procedure main() R10, Gamma_R10 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); assert Gamma_R10; goto lmain_goto_l00000ab1, lmain_goto_l00000aac; - l00000ab1: - assume {:captureState "l00000ab1"} true; - R9, Gamma_R9 := zero_extend32_32(bvsdiv33(sign_extend1_32(R8[32:0]), sign_extend1_32(R10[32:0]))[32:0]), (Gamma_R10 && Gamma_R8); - goto l00000ab4; - l00000aac: - assume {:captureState "l00000aac"} true; - R9, Gamma_R9 := 0bv64, true; - goto l00000ab4; + lmain_goto_l00000ab1: + assume {:captureState "lmain_goto_l00000ab1"} true; + assume (bvcomp32(R10[32:0], 0bv32) == 0bv1); + goto l00000ab1; + lmain_goto_l00000aac: + assume {:captureState "lmain_goto_l00000aac"} true; + assume (bvcomp32(R10[32:0], 0bv32) != 0bv1); + goto l00000aac; l00000ab4: assume {:captureState "l00000ab4"} true; R9, Gamma_R9 := zero_extend32_32(bvmul64(zero_extend32_32(R9[32:0]), zero_extend32_32(R10[32:0]))[32:0]), (Gamma_R10 && Gamma_R9); @@ -276,13 +276,19 @@ procedure main() stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 4bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 4bv64), Gamma_R8); assume {:captureState "%00000aea"} true; R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; + goto main_return; + l00000aac: + assume {:captureState "l00000aac"} true; + R9, Gamma_R9 := 0bv64, true; + goto l00000ab4; + l00000ab1: + assume {:captureState "l00000ab1"} true; + R9, Gamma_R9 := zero_extend32_32(bvsdiv33(sign_extend1_32(R8[32:0]), sign_extend1_32(R10[32:0]))[32:0]), (Gamma_R10 && Gamma_R8); + goto l00000ab4; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; - lmain_goto_l00000aac: - assume {:captureState "lmain_goto_l00000aac"} true; - assume (bvcomp32(R10[32:0], 0bv32) != 0bv1); - goto l00000aac; - lmain_goto_l00000ab1: - assume {:captureState "lmain_goto_l00000ab1"} true; - assume (bvcomp32(R10[32:0], 0bv32) == 0bv1); - goto l00000ab1; } diff --git a/src/test/correct/basic_operation_evaluation/gcc/basic_operation_evaluation.expected b/src/test/correct/basic_operation_evaluation/gcc/basic_operation_evaluation.expected index 9c550f842..b0f7a3933 100644 --- a/src/test/correct/basic_operation_evaluation/gcc/basic_operation_evaluation.expected +++ b/src/test/correct/basic_operation_evaluation/gcc/basic_operation_evaluation.expected @@ -239,6 +239,10 @@ procedure main() assume {:captureState "l000003b3"} true; R2, Gamma_R2 := 0bv64, true; goto l000003bb; + lmain_goto_l000003b3: + assume {:captureState "lmain_goto_l000003b3"} true; + assume (bvcomp32(R1[32:0], 0bv32) != 0bv1); + goto l000003b3; l000003bb: assume {:captureState "l000003bb"} true; R1, Gamma_R1 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 24bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 24bv64)); @@ -248,13 +252,15 @@ procedure main() assume {:captureState "%000003dc"} true; R0, Gamma_R0 := 0bv64, true; R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; - return; - lmain_goto_l000003b3: - assume {:captureState "lmain_goto_l000003b3"} true; - assume (bvcomp32(R1[32:0], 0bv32) != 0bv1); - goto l000003b3; + goto main_return; lmain_goto_l000003b8: assume {:captureState "lmain_goto_l000003b8"} true; assume (bvcomp32(R1[32:0], 0bv32) == 0bv1); goto l000003b8; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; + return; } diff --git a/src/test/correct/basic_operation_evaluation/gcc_O2/basic_operation_evaluation.expected b/src/test/correct/basic_operation_evaluation/gcc_O2/basic_operation_evaluation.expected index 306991d20..0918aa3d9 100644 --- a/src/test/correct/basic_operation_evaluation/gcc_O2/basic_operation_evaluation.expected +++ b/src/test/correct/basic_operation_evaluation/gcc_O2/basic_operation_evaluation.expected @@ -157,5 +157,11 @@ procedure main() lmain: assume {:captureState "lmain"} true; R0, Gamma_R0 := 0bv64, true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/basic_operation_evaluation/gcc_no_plt_no_pic/basic_operation_evaluation.expected b/src/test/correct/basic_operation_evaluation/gcc_no_plt_no_pic/basic_operation_evaluation.expected index b0c230c36..e0ec1c246 100644 --- a/src/test/correct/basic_operation_evaluation/gcc_no_plt_no_pic/basic_operation_evaluation.expected +++ b/src/test/correct/basic_operation_evaluation/gcc_no_plt_no_pic/basic_operation_evaluation.expected @@ -231,10 +231,10 @@ procedure main() R1, Gamma_R1 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 24bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 24bv64)); assert Gamma_R1; goto lmain_goto_l00000a6e, lmain_goto_l00000a73; - l00000a73: - assume {:captureState "l00000a73"} true; - R2, Gamma_R2 := zero_extend32_32(bvsdiv33(sign_extend1_32(R0[32:0]), sign_extend1_32(R1[32:0]))[32:0]), (Gamma_R1 && Gamma_R0); - goto l00000a76; + lmain_goto_l00000a6e: + assume {:captureState "lmain_goto_l00000a6e"} true; + assume (bvcomp32(R1[32:0], 0bv32) != 0bv1); + goto l00000a6e; l00000a6e: assume {:captureState "l00000a6e"} true; R2, Gamma_R2 := 0bv64, true; @@ -248,13 +248,19 @@ procedure main() assume {:captureState "%00000a97"} true; R0, Gamma_R0 := 0bv64, true; R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; - return; - lmain_goto_l00000a6e: - assume {:captureState "lmain_goto_l00000a6e"} true; - assume (bvcomp32(R1[32:0], 0bv32) != 0bv1); - goto l00000a6e; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; lmain_goto_l00000a73: assume {:captureState "lmain_goto_l00000a73"} true; assume (bvcomp32(R1[32:0], 0bv32) == 0bv1); goto l00000a73; + l00000a73: + assume {:captureState "l00000a73"} true; + R2, Gamma_R2 := zero_extend32_32(bvsdiv33(sign_extend1_32(R0[32:0]), sign_extend1_32(R1[32:0]))[32:0]), (Gamma_R1 && Gamma_R0); + goto l00000a76; + main_return: + assume {:captureState "main_return"} true; + return; } diff --git a/src/test/correct/basic_operation_evaluation/gcc_pic/basic_operation_evaluation.expected b/src/test/correct/basic_operation_evaluation/gcc_pic/basic_operation_evaluation.expected index b0c230c36..e0ec1c246 100644 --- a/src/test/correct/basic_operation_evaluation/gcc_pic/basic_operation_evaluation.expected +++ b/src/test/correct/basic_operation_evaluation/gcc_pic/basic_operation_evaluation.expected @@ -231,10 +231,10 @@ procedure main() R1, Gamma_R1 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 24bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 24bv64)); assert Gamma_R1; goto lmain_goto_l00000a6e, lmain_goto_l00000a73; - l00000a73: - assume {:captureState "l00000a73"} true; - R2, Gamma_R2 := zero_extend32_32(bvsdiv33(sign_extend1_32(R0[32:0]), sign_extend1_32(R1[32:0]))[32:0]), (Gamma_R1 && Gamma_R0); - goto l00000a76; + lmain_goto_l00000a6e: + assume {:captureState "lmain_goto_l00000a6e"} true; + assume (bvcomp32(R1[32:0], 0bv32) != 0bv1); + goto l00000a6e; l00000a6e: assume {:captureState "l00000a6e"} true; R2, Gamma_R2 := 0bv64, true; @@ -248,13 +248,19 @@ procedure main() assume {:captureState "%00000a97"} true; R0, Gamma_R0 := 0bv64, true; R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; - return; - lmain_goto_l00000a6e: - assume {:captureState "lmain_goto_l00000a6e"} true; - assume (bvcomp32(R1[32:0], 0bv32) != 0bv1); - goto l00000a6e; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; lmain_goto_l00000a73: assume {:captureState "lmain_goto_l00000a73"} true; assume (bvcomp32(R1[32:0], 0bv32) == 0bv1); goto l00000a73; + l00000a73: + assume {:captureState "l00000a73"} true; + R2, Gamma_R2 := zero_extend32_32(bvsdiv33(sign_extend1_32(R0[32:0]), sign_extend1_32(R1[32:0]))[32:0]), (Gamma_R1 && Gamma_R0); + goto l00000a76; + main_return: + assume {:captureState "main_return"} true; + return; } diff --git a/src/test/correct/basic_sec_policy_read/clang/basic_sec_policy_read.expected b/src/test/correct/basic_sec_policy_read/clang/basic_sec_policy_read.expected index ffbad047c..63c8713e6 100644 --- a/src/test/correct/basic_sec_policy_read/clang/basic_sec_policy_read.expected +++ b/src/test/correct/basic_sec_policy_read/clang/basic_sec_policy_read.expected @@ -238,27 +238,31 @@ procedure main() assume {:captureState "l00000336"} true; R8, Gamma_R8 := 0bv64, true; goto l0000033c; - l0000033c: - assume {:captureState "l0000033c"} true; - assert Gamma_R8; - goto l0000033c_goto_l0000035b, l0000033c_goto_l00000344; - l0000035b: - assume {:captureState "l0000035b"} true; - goto l0000035c; + l0000033c_goto_l0000035b: + assume {:captureState "l0000033c_goto_l0000035b"} true; + assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); + goto l0000035b; l0000035c: assume {:captureState "l0000035c"} true; stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 8bv64), 0bv32), gamma_store32(Gamma_stack, bvadd64(R31, 8bv64), true); assume {:captureState "%00000364"} true; goto l00000344; - l00000344: - assume {:captureState "l00000344"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); - R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; - return; + l0000035b: + assume {:captureState "l0000035b"} true; + goto l0000035c; lmain_goto_l00000336: assume {:captureState "lmain_goto_l00000336"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); goto l00000336; + l00000344: + assume {:captureState "l00000344"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); + R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + l0000033c: + assume {:captureState "l0000033c"} true; + assert Gamma_R8; + goto l0000033c_goto_l0000035b, l0000033c_goto_l00000344; lmain_goto_l00000339: assume {:captureState "lmain_goto_l00000339"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); @@ -267,8 +271,10 @@ procedure main() assume {:captureState "l0000033c_goto_l00000344"} true; assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); goto l00000344; - l0000033c_goto_l0000035b: - assume {:captureState "l0000033c_goto_l0000035b"} true; - assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); - goto l0000035b; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; + return; } diff --git a/src/test/correct/basic_sec_policy_read/clang_O2/basic_sec_policy_read.expected b/src/test/correct/basic_sec_policy_read/clang_O2/basic_sec_policy_read.expected index f53a693c9..f106b6baa 100644 --- a/src/test/correct/basic_sec_policy_read/clang_O2/basic_sec_policy_read.expected +++ b/src/test/correct/basic_sec_policy_read/clang_O2/basic_sec_policy_read.expected @@ -212,23 +212,29 @@ procedure main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; goto lmain_goto_l000002fd, lmain_goto_l000002fa; + lmain_goto_l000002fd: + assume {:captureState "lmain_goto_l000002fd"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l000002fd; l000002fd: assume {:captureState "l000002fd"} true; R0, Gamma_R0 := 0bv64, true; goto l00000300; + l00000300: + assume {:captureState "l00000300"} true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; l000002fa: assume {:captureState "l000002fa"} true; R0, Gamma_R0 := zero_extend32_32(R9[32:0]), Gamma_R9; goto l00000300; - l00000300: - assume {:captureState "l00000300"} true; - return; lmain_goto_l000002fa: assume {:captureState "lmain_goto_l000002fa"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); goto l000002fa; - lmain_goto_l000002fd: - assume {:captureState "lmain_goto_l000002fd"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l000002fd; + main_return: + assume {:captureState "main_return"} true; + return; } diff --git a/src/test/correct/basic_sec_policy_read/clang_no_plt_no_pic/basic_sec_policy_read.expected b/src/test/correct/basic_sec_policy_read/clang_no_plt_no_pic/basic_sec_policy_read.expected index 230807188..33c15e2f7 100644 --- a/src/test/correct/basic_sec_policy_read/clang_no_plt_no_pic/basic_sec_policy_read.expected +++ b/src/test/correct/basic_sec_policy_read/clang_no_plt_no_pic/basic_sec_policy_read.expected @@ -230,45 +230,51 @@ procedure main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; goto lmain_goto_l00000954, lmain_goto_l00000957; + l0000095a_goto_l00000962: + assume {:captureState "l0000095a_goto_l00000962"} true; + assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); + goto l00000962; l00000957: assume {:captureState "l00000957"} true; R8, Gamma_R8 := 1bv64, true; goto l0000095a; + l00000979: + assume {:captureState "l00000979"} true; + goto l0000097a; l00000954: assume {:captureState "l00000954"} true; R8, Gamma_R8 := 0bv64, true; goto l0000095a; + l00000962: + assume {:captureState "l00000962"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); + R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; l0000095a: assume {:captureState "l0000095a"} true; assert Gamma_R8; goto l0000095a_goto_l00000962, l0000095a_goto_l00000979; - l00000979: - assume {:captureState "l00000979"} true; - goto l0000097a; l0000097a: assume {:captureState "l0000097a"} true; stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 8bv64), 0bv32), gamma_store32(Gamma_stack, bvadd64(R31, 8bv64), true); assume {:captureState "%00000982"} true; goto l00000962; - l00000962: - assume {:captureState "l00000962"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); - R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; - return; + l0000095a_goto_l00000979: + assume {:captureState "l0000095a_goto_l00000979"} true; + assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); + goto l00000979; lmain_goto_l00000954: assume {:captureState "lmain_goto_l00000954"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); goto l00000954; + terminate: + assume {:captureState "terminate"} true; + goto terminate; lmain_goto_l00000957: assume {:captureState "lmain_goto_l00000957"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); goto l00000957; - l0000095a_goto_l00000962: - assume {:captureState "l0000095a_goto_l00000962"} true; - assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); - goto l00000962; - l0000095a_goto_l00000979: - assume {:captureState "l0000095a_goto_l00000979"} true; - assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); - goto l00000979; + main_return: + assume {:captureState "main_return"} true; + return; } diff --git a/src/test/correct/basic_sec_policy_read/clang_pic/basic_sec_policy_read.expected b/src/test/correct/basic_sec_policy_read/clang_pic/basic_sec_policy_read.expected index b69676cde..6439b542e 100644 --- a/src/test/correct/basic_sec_policy_read/clang_pic/basic_sec_policy_read.expected +++ b/src/test/correct/basic_sec_policy_read/clang_pic/basic_sec_policy_read.expected @@ -290,45 +290,51 @@ procedure main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; goto lmain_goto_l0000034c, lmain_goto_l0000034f; + l00000352_goto_l00000371: + assume {:captureState "l00000352_goto_l00000371"} true; + assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); + goto l00000371; + l00000352_goto_l0000035a: + assume {:captureState "l00000352_goto_l0000035a"} true; + assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); + goto l0000035a; l0000034f: assume {:captureState "l0000034f"} true; R8, Gamma_R8 := 1bv64, true; goto l00000352; - l0000034c: - assume {:captureState "l0000034c"} true; - R8, Gamma_R8 := 0bv64, true; - goto l00000352; + lmain_goto_l0000034c: + assume {:captureState "lmain_goto_l0000034c"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); + goto l0000034c; + lmain_goto_l0000034f: + assume {:captureState "lmain_goto_l0000034f"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); + goto l0000034f; l00000352: assume {:captureState "l00000352"} true; assert Gamma_R8; goto l00000352_goto_l00000371, l00000352_goto_l0000035a; + l0000034c: + assume {:captureState "l0000034c"} true; + R8, Gamma_R8 := 0bv64, true; + goto l00000352; + terminate: + assume {:captureState "terminate"} true; + goto terminate; l00000371: assume {:captureState "l00000371"} true; goto l00000372; + l0000035a: + assume {:captureState "l0000035a"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); + R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; l00000372: assume {:captureState "l00000372"} true; stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 8bv64), 0bv32), gamma_store32(Gamma_stack, bvadd64(R31, 8bv64), true); assume {:captureState "%0000037a"} true; goto l0000035a; - l0000035a: - assume {:captureState "l0000035a"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); - R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + main_return: + assume {:captureState "main_return"} true; return; - lmain_goto_l0000034c: - assume {:captureState "lmain_goto_l0000034c"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); - goto l0000034c; - lmain_goto_l0000034f: - assume {:captureState "lmain_goto_l0000034f"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); - goto l0000034f; - l00000352_goto_l0000035a: - assume {:captureState "l00000352_goto_l0000035a"} true; - assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); - goto l0000035a; - l00000352_goto_l00000371: - assume {:captureState "l00000352_goto_l00000371"} true; - assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); - goto l00000371; } diff --git a/src/test/correct/basic_sec_policy_read/gcc/basic_sec_policy_read.expected b/src/test/correct/basic_sec_policy_read/gcc/basic_sec_policy_read.expected index 7bae9d7fb..3d6276516 100644 --- a/src/test/correct/basic_sec_policy_read/gcc/basic_sec_policy_read.expected +++ b/src/test/correct/basic_sec_policy_read/gcc/basic_sec_policy_read.expected @@ -236,13 +236,19 @@ procedure main() assume {:captureState "l0000032e"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; - return; - lmain_goto_l0000032e: - assume {:captureState "lmain_goto_l0000032e"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l0000032e; + goto main_return; lmain_goto_l00000345: assume {:captureState "lmain_goto_l00000345"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); goto l00000345; + lmain_goto_l0000032e: + assume {:captureState "lmain_goto_l0000032e"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l0000032e; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; + return; } diff --git a/src/test/correct/basic_sec_policy_read/gcc_O2/basic_sec_policy_read.expected b/src/test/correct/basic_sec_policy_read/gcc_O2/basic_sec_policy_read.expected index 44fc144b9..6769cf9f2 100644 --- a/src/test/correct/basic_sec_policy_read/gcc_O2/basic_sec_policy_read.expected +++ b/src/test/correct/basic_sec_policy_read/gcc_O2/basic_sec_policy_read.expected @@ -190,20 +190,26 @@ procedure main() R1, Gamma_R1 := zero_extend32_32(memory_load32_le(mem, bvadd64(R1, 20bv64))), (gamma_load32(Gamma_mem, bvadd64(R1, 20bv64)) || L(mem, bvadd64(R1, 20bv64))); assert Gamma_R1; goto lmain_goto_l000001c2, lmain_goto_l0000039c; + lmain_goto_l000001c2: + assume {:captureState "lmain_goto_l000001c2"} true; + assume (bvnot1(bvcomp32(R1[32:0], 0bv32)) != 0bv1); + goto l000001c2; + l000001c2: + assume {:captureState "l000001c2"} true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; l0000039c: assume {:captureState "l0000039c"} true; call rely(); R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, bvadd64(R2, 4bv64))), (gamma_load32(Gamma_mem, bvadd64(R2, 4bv64)) || L(mem, bvadd64(R2, 4bv64))); goto l000001c2; - l000001c2: - assume {:captureState "l000001c2"} true; - return; - lmain_goto_l000001c2: - assume {:captureState "lmain_goto_l000001c2"} true; - assume (bvnot1(bvcomp32(R1[32:0], 0bv32)) != 0bv1); - goto l000001c2; lmain_goto_l0000039c: assume {:captureState "lmain_goto_l0000039c"} true; assume (bvnot1(bvcomp32(R1[32:0], 0bv32)) == 0bv1); goto l0000039c; + main_return: + assume {:captureState "main_return"} true; + return; } diff --git a/src/test/correct/basic_sec_policy_read/gcc_no_plt_no_pic/basic_sec_policy_read.expected b/src/test/correct/basic_sec_policy_read/gcc_no_plt_no_pic/basic_sec_policy_read.expected index 3873bde91..1b24919fd 100644 --- a/src/test/correct/basic_sec_policy_read/gcc_no_plt_no_pic/basic_sec_policy_read.expected +++ b/src/test/correct/basic_sec_policy_read/gcc_no_plt_no_pic/basic_sec_policy_read.expected @@ -227,22 +227,28 @@ procedure main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; goto lmain_goto_l00000942, lmain_goto_l0000092b; - l00000942: - assume {:captureState "l00000942"} true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), 0bv32), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), true); - assume {:captureState "%00000947"} true; - goto l0000092b; l0000092b: assume {:captureState "l0000092b"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; - return; - lmain_goto_l0000092b: - assume {:captureState "lmain_goto_l0000092b"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto main_return; + l00000942: + assume {:captureState "l00000942"} true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), 0bv32), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), true); + assume {:captureState "%00000947"} true; goto l0000092b; lmain_goto_l00000942: assume {:captureState "lmain_goto_l00000942"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); goto l00000942; + lmain_goto_l0000092b: + assume {:captureState "lmain_goto_l0000092b"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l0000092b; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; + return; } diff --git a/src/test/correct/basic_sec_policy_read/gcc_pic/basic_sec_policy_read.expected b/src/test/correct/basic_sec_policy_read/gcc_pic/basic_sec_policy_read.expected index ee0280058..a3cda8213 100644 --- a/src/test/correct/basic_sec_policy_read/gcc_pic/basic_sec_policy_read.expected +++ b/src/test/correct/basic_sec_policy_read/gcc_pic/basic_sec_policy_read.expected @@ -285,6 +285,10 @@ procedure main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; goto lmain_goto_l00000347, lmain_goto_l00000330; + lmain_goto_l00000330: + assume {:captureState "lmain_goto_l00000330"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l00000330; l00000347: assume {:captureState "l00000347"} true; stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), 0bv32), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), true); @@ -294,13 +298,15 @@ procedure main() assume {:captureState "l00000330"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; - return; - lmain_goto_l00000330: - assume {:captureState "lmain_goto_l00000330"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l00000330; + goto main_return; lmain_goto_l00000347: assume {:captureState "lmain_goto_l00000347"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); goto l00000347; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; + return; } diff --git a/src/test/correct/basic_sec_policy_write/clang/basic_sec_policy_write.expected b/src/test/correct/basic_sec_policy_write/clang/basic_sec_policy_write.expected index 201b37eeb..2cd41ee0d 100644 --- a/src/test/correct/basic_sec_policy_write/clang/basic_sec_policy_write.expected +++ b/src/test/correct/basic_sec_policy_write/clang/basic_sec_policy_write.expected @@ -242,5 +242,11 @@ procedure main() assert ((z_old != 0bv32) ==> (memory_load32_le(mem, $z_addr) != 0bv32)); assume {:captureState "%0000032d"} true; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/basic_sec_policy_write/clang_O2/basic_sec_policy_write.expected b/src/test/correct/basic_sec_policy_write/clang_O2/basic_sec_policy_write.expected index 9dac0c99a..a7d07d4f8 100644 --- a/src/test/correct/basic_sec_policy_write/clang_O2/basic_sec_policy_write.expected +++ b/src/test/correct/basic_sec_policy_write/clang_O2/basic_sec_policy_write.expected @@ -213,5 +213,11 @@ procedure main() assert ((bvadd64(R9, 52bv64) == $z_addr) ==> (L(mem, $x_addr) ==> Gamma_x_old)); assert ((z_old != 0bv32) ==> (memory_load32_le(mem, $z_addr) != 0bv32)); assume {:captureState "%000002e7"} true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/basic_sec_policy_write/clang_no_plt_no_pic/basic_sec_policy_write.expected b/src/test/correct/basic_sec_policy_write/clang_no_plt_no_pic/basic_sec_policy_write.expected index bf97d9983..8afacc364 100644 --- a/src/test/correct/basic_sec_policy_write/clang_no_plt_no_pic/basic_sec_policy_write.expected +++ b/src/test/correct/basic_sec_policy_write/clang_no_plt_no_pic/basic_sec_policy_write.expected @@ -242,5 +242,11 @@ procedure main() assert ((z_old != 0bv32) ==> (memory_load32_le(mem, $z_addr) != 0bv32)); assume {:captureState "%00000916"} true; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/basic_sec_policy_write/clang_pic/basic_sec_policy_write.expected b/src/test/correct/basic_sec_policy_write/clang_pic/basic_sec_policy_write.expected index 36ab6f168..0e77ec7c2 100644 --- a/src/test/correct/basic_sec_policy_write/clang_pic/basic_sec_policy_write.expected +++ b/src/test/correct/basic_sec_policy_write/clang_pic/basic_sec_policy_write.expected @@ -302,5 +302,11 @@ procedure main() assert ((z_old != 0bv32) ==> (memory_load32_le(mem, $z_addr) != 0bv32)); assume {:captureState "%00000343"} true; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/basic_sec_policy_write/gcc/basic_sec_policy_write.expected b/src/test/correct/basic_sec_policy_write/gcc/basic_sec_policy_write.expected index e1602790f..960616bd0 100644 --- a/src/test/correct/basic_sec_policy_write/gcc/basic_sec_policy_write.expected +++ b/src/test/correct/basic_sec_policy_write/gcc/basic_sec_policy_write.expected @@ -244,5 +244,11 @@ procedure main() assume {:captureState "%00000362"} true; R0, Gamma_R0 := 0bv64, true; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/basic_sec_policy_write/gcc_O2/basic_sec_policy_write.expected b/src/test/correct/basic_sec_policy_write/gcc_O2/basic_sec_policy_write.expected index 08c116932..1ab98e60b 100644 --- a/src/test/correct/basic_sec_policy_write/gcc_O2/basic_sec_policy_write.expected +++ b/src/test/correct/basic_sec_policy_write/gcc_O2/basic_sec_policy_write.expected @@ -213,5 +213,11 @@ procedure main() assert ((bvadd64(R2, 4bv64) == $z_addr) ==> (L(mem, $x_addr) ==> Gamma_x_old)); assert ((z_old != 0bv32) ==> (memory_load32_le(mem, $z_addr) != 0bv32)); assume {:captureState "%000001ca"} true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/basic_sec_policy_write/gcc_no_plt_no_pic/basic_sec_policy_write.expected b/src/test/correct/basic_sec_policy_write/gcc_no_plt_no_pic/basic_sec_policy_write.expected index 959c60219..ce8841057 100644 --- a/src/test/correct/basic_sec_policy_write/gcc_no_plt_no_pic/basic_sec_policy_write.expected +++ b/src/test/correct/basic_sec_policy_write/gcc_no_plt_no_pic/basic_sec_policy_write.expected @@ -244,5 +244,11 @@ procedure main() assume {:captureState "%00000991"} true; R0, Gamma_R0 := 0bv64, true; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/basic_sec_policy_write/gcc_pic/basic_sec_policy_write.expected b/src/test/correct/basic_sec_policy_write/gcc_pic/basic_sec_policy_write.expected index 1fd3aca8c..8fa02bba0 100644 --- a/src/test/correct/basic_sec_policy_write/gcc_pic/basic_sec_policy_write.expected +++ b/src/test/correct/basic_sec_policy_write/gcc_pic/basic_sec_policy_write.expected @@ -304,5 +304,11 @@ procedure main() assume {:captureState "%00000366"} true; R0, Gamma_R0 := 0bv64, true; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/basicassign_gamma0/clang/basicassign_gamma0.expected b/src/test/correct/basicassign_gamma0/clang/basicassign_gamma0.expected index 4fd51f050..79db2270d 100644 --- a/src/test/correct/basicassign_gamma0/clang/basicassign_gamma0.expected +++ b/src/test/correct/basicassign_gamma0/clang/basicassign_gamma0.expected @@ -196,5 +196,11 @@ procedure main() mem, Gamma_mem := memory_store32_le(mem, bvadd64(R9, 56bv64), R8[32:0]), gamma_store32(Gamma_mem, bvadd64(R9, 56bv64), Gamma_R8); assume {:captureState "%000002d9"} true; R0, Gamma_R0 := 0bv64, true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/basicassign_gamma0/clang_O2/basicassign_gamma0.expected b/src/test/correct/basicassign_gamma0/clang_O2/basicassign_gamma0.expected index 0a66841bf..d51b9ba7c 100644 --- a/src/test/correct/basicassign_gamma0/clang_O2/basicassign_gamma0.expected +++ b/src/test/correct/basicassign_gamma0/clang_O2/basicassign_gamma0.expected @@ -196,5 +196,11 @@ procedure main() assert (L(mem, bvadd64(R9, 56bv64)) ==> Gamma_R8); mem, Gamma_mem := memory_store32_le(mem, bvadd64(R9, 56bv64), R8[32:0]), gamma_store32(Gamma_mem, bvadd64(R9, 56bv64), Gamma_R8); assume {:captureState "%000002de"} true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/basicassign_gamma0/clang_no_plt_no_pic/basicassign_gamma0.expected b/src/test/correct/basicassign_gamma0/clang_no_plt_no_pic/basicassign_gamma0.expected index 2a980ae8e..4526b469f 100644 --- a/src/test/correct/basicassign_gamma0/clang_no_plt_no_pic/basicassign_gamma0.expected +++ b/src/test/correct/basicassign_gamma0/clang_no_plt_no_pic/basicassign_gamma0.expected @@ -196,5 +196,11 @@ procedure main() mem, Gamma_mem := memory_store32_le(mem, bvadd64(R9, 56bv64), R8[32:0]), gamma_store32(Gamma_mem, bvadd64(R9, 56bv64), Gamma_R8); assume {:captureState "%0000085d"} true; R0, Gamma_R0 := 0bv64, true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/basicassign_gamma0/clang_pic/basicassign_gamma0.expected b/src/test/correct/basicassign_gamma0/clang_pic/basicassign_gamma0.expected index 49233a65d..58d3372b5 100644 --- a/src/test/correct/basicassign_gamma0/clang_pic/basicassign_gamma0.expected +++ b/src/test/correct/basicassign_gamma0/clang_pic/basicassign_gamma0.expected @@ -256,5 +256,11 @@ procedure main() mem, Gamma_mem := memory_store32_le(mem, R9, R8[32:0]), gamma_store32(Gamma_mem, R9, Gamma_R8); assume {:captureState "%000002ef"} true; R0, Gamma_R0 := 0bv64, true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/basicassign_gamma0/gcc/basicassign_gamma0.expected b/src/test/correct/basicassign_gamma0/gcc/basicassign_gamma0.expected index 61c06314d..337e76d68 100644 --- a/src/test/correct/basicassign_gamma0/gcc/basicassign_gamma0.expected +++ b/src/test/correct/basicassign_gamma0/gcc/basicassign_gamma0.expected @@ -196,5 +196,11 @@ procedure main() mem, Gamma_mem := memory_store32_le(mem, R0, R1[32:0]), gamma_store32(Gamma_mem, R0, Gamma_R1); assume {:captureState "%000002ed"} true; R0, Gamma_R0 := 0bv64, true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/basicassign_gamma0/gcc_O2/basicassign_gamma0.expected b/src/test/correct/basicassign_gamma0/gcc_O2/basicassign_gamma0.expected index 80ca6e118..b292fb2b9 100644 --- a/src/test/correct/basicassign_gamma0/gcc_O2/basicassign_gamma0.expected +++ b/src/test/correct/basicassign_gamma0/gcc_O2/basicassign_gamma0.expected @@ -196,5 +196,11 @@ procedure main() assert (L(mem, bvadd64(R1, 20bv64)) ==> Gamma_R2); mem, Gamma_mem := memory_store32_le(mem, bvadd64(R1, 20bv64), R2[32:0]), gamma_store32(Gamma_mem, bvadd64(R1, 20bv64), Gamma_R2); assume {:captureState "%000001c5"} true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/basicassign_gamma0/gcc_no_plt_no_pic/basicassign_gamma0.expected b/src/test/correct/basicassign_gamma0/gcc_no_plt_no_pic/basicassign_gamma0.expected index f64a19b05..d5f19684f 100644 --- a/src/test/correct/basicassign_gamma0/gcc_no_plt_no_pic/basicassign_gamma0.expected +++ b/src/test/correct/basicassign_gamma0/gcc_no_plt_no_pic/basicassign_gamma0.expected @@ -196,5 +196,11 @@ procedure main() mem, Gamma_mem := memory_store32_le(mem, R0, R1[32:0]), gamma_store32(Gamma_mem, R0, Gamma_R1); assume {:captureState "%00000889"} true; R0, Gamma_R0 := 0bv64, true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/basicassign_gamma0/gcc_pic/basicassign_gamma0.expected b/src/test/correct/basicassign_gamma0/gcc_pic/basicassign_gamma0.expected index 640aca070..0f0efdb00 100644 --- a/src/test/correct/basicassign_gamma0/gcc_pic/basicassign_gamma0.expected +++ b/src/test/correct/basicassign_gamma0/gcc_pic/basicassign_gamma0.expected @@ -254,5 +254,11 @@ procedure main() mem, Gamma_mem := memory_store32_le(mem, R0, R1[32:0]), gamma_store32(Gamma_mem, R0, Gamma_R1); assume {:captureState "%000002ef"} true; R0, Gamma_R0 := 0bv64, true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/basicfree/clang/basicfree.expected b/src/test/correct/basicfree/clang/basicfree.expected index 726176432..5ab7c0927 100644 --- a/src/test/correct/basicfree/clang/basicfree.expected +++ b/src/test/correct/basicfree/clang/basicfree.expected @@ -295,6 +295,13 @@ procedure main() R30, Gamma_R30 := 2024bv64, true; call malloc(); goto l0000030d; + l00000338: + assume {:captureState "l00000338"} true; + #5, Gamma_#5 := bvadd64(R31, 16bv64), Gamma_R31; + R29, Gamma_R29 := memory_load64_le(stack, #5), gamma_load64(Gamma_stack, #5); + R30, Gamma_R30 := memory_load64_le(stack, bvadd64(#5, 8bv64)), gamma_load64(Gamma_stack, bvadd64(#5, 8bv64)); + R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; + goto main_return; l0000030d: assume {:captureState "l0000030d"} true; stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 8bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 8bv64), Gamma_R0); @@ -309,12 +316,11 @@ procedure main() R30, Gamma_R30 := 2048bv64, true; call #free(); goto l00000338; - l00000338: - assume {:captureState "l00000338"} true; - #5, Gamma_#5 := bvadd64(R31, 16bv64), Gamma_R31; - R29, Gamma_R29 := memory_load64_le(stack, #5), gamma_load64(Gamma_stack, #5); - R30, Gamma_R30 := memory_load64_le(stack, bvadd64(#5, 8bv64)), gamma_load64(Gamma_stack, bvadd64(#5, 8bv64)); - R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/basicfree/clang_O2/basicfree.expected b/src/test/correct/basicfree/clang_O2/basicfree.expected index ae43ad872..abc430756 100644 --- a/src/test/correct/basicfree/clang_O2/basicfree.expected +++ b/src/test/correct/basicfree/clang_O2/basicfree.expected @@ -153,5 +153,11 @@ procedure main() { lmain: assume {:captureState "lmain"} true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/basicfree/clang_no_plt_no_pic/basicfree.expected b/src/test/correct/basicfree/clang_no_plt_no_pic/basicfree.expected index 76c2aa03f..736374024 100644 --- a/src/test/correct/basicfree/clang_no_plt_no_pic/basicfree.expected +++ b/src/test/correct/basicfree/clang_no_plt_no_pic/basicfree.expected @@ -315,6 +315,12 @@ procedure main() R29, Gamma_R29 := memory_load64_le(stack, #5), gamma_load64(Gamma_stack, #5); R30, Gamma_R30 := memory_load64_le(stack, bvadd64(#5, 8bv64)), gamma_load64(Gamma_stack, bvadd64(#5, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/basicfree/clang_pic/basicfree.expected b/src/test/correct/basicfree/clang_pic/basicfree.expected index 76c2aa03f..736374024 100644 --- a/src/test/correct/basicfree/clang_pic/basicfree.expected +++ b/src/test/correct/basicfree/clang_pic/basicfree.expected @@ -315,6 +315,12 @@ procedure main() R29, Gamma_R29 := memory_load64_le(stack, #5), gamma_load64(Gamma_stack, #5); R30, Gamma_R30 := memory_load64_le(stack, bvadd64(#5, 8bv64)), gamma_load64(Gamma_stack, bvadd64(#5, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/basicfree/gcc/basicfree.expected b/src/test/correct/basicfree/gcc/basicfree.expected index 0abdad17b..3c8846d26 100644 --- a/src/test/correct/basicfree/gcc/basicfree.expected +++ b/src/test/correct/basicfree/gcc/basicfree.expected @@ -310,6 +310,12 @@ procedure main() R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/basicfree/gcc_O2/basicfree.expected b/src/test/correct/basicfree/gcc_O2/basicfree.expected index f96261171..ab6b5b132 100644 --- a/src/test/correct/basicfree/gcc_O2/basicfree.expected +++ b/src/test/correct/basicfree/gcc_O2/basicfree.expected @@ -153,5 +153,11 @@ procedure main() { lmain: assume {:captureState "lmain"} true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/basicfree/gcc_no_plt_no_pic/basicfree.expected b/src/test/correct/basicfree/gcc_no_plt_no_pic/basicfree.expected index 07b9f0233..21f7b7989 100644 --- a/src/test/correct/basicfree/gcc_no_plt_no_pic/basicfree.expected +++ b/src/test/correct/basicfree/gcc_no_plt_no_pic/basicfree.expected @@ -310,6 +310,12 @@ procedure main() R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/basicfree/gcc_pic/basicfree.expected b/src/test/correct/basicfree/gcc_pic/basicfree.expected index 07b9f0233..21f7b7989 100644 --- a/src/test/correct/basicfree/gcc_pic/basicfree.expected +++ b/src/test/correct/basicfree/gcc_pic/basicfree.expected @@ -310,6 +310,12 @@ procedure main() R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/cjump/clang/cjump.expected b/src/test/correct/cjump/clang/cjump.expected index 539ef9a99..ec0dfb505 100644 --- a/src/test/correct/cjump/clang/cjump.expected +++ b/src/test/correct/cjump/clang/cjump.expected @@ -229,18 +229,14 @@ procedure main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; goto lmain_goto_l00000343, lmain_goto_l00000346; - l00000346: - assume {:captureState "l00000346"} true; - R8, Gamma_R8 := 1bv64, true; - goto l00000349; + l00000349_goto_l00000351: + assume {:captureState "l00000349_goto_l00000351"} true; + assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); + goto l00000351; l00000343: assume {:captureState "l00000343"} true; R8, Gamma_R8 := 0bv64, true; goto l00000349; - l00000349: - assume {:captureState "l00000349"} true; - assert Gamma_R8; - goto l00000349_goto_l00000351, l00000349_goto_l0000037e; l00000351: assume {:captureState "l00000351"} true; R9, Gamma_R9 := 69632bv64, true; @@ -250,6 +246,27 @@ procedure main() mem, Gamma_mem := memory_store32_le(mem, bvadd64(R9, 56bv64), R8[32:0]), gamma_store32(Gamma_mem, bvadd64(R9, 56bv64), Gamma_R8); assume {:captureState "%00000366"} true; goto l00000369; + l00000349: + assume {:captureState "l00000349"} true; + assert Gamma_R8; + goto l00000349_goto_l00000351, l00000349_goto_l0000037e; + l00000346: + assume {:captureState "l00000346"} true; + R8, Gamma_R8 := 1bv64, true; + goto l00000349; + lmain_goto_l00000343: + assume {:captureState "lmain_goto_l00000343"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); + goto l00000343; + lmain_goto_l00000346: + assume {:captureState "lmain_goto_l00000346"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); + goto l00000346; + l00000369: + assume {:captureState "l00000369"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); + R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; l0000037e: assume {:captureState "l0000037e"} true; goto l0000037f; @@ -262,25 +279,14 @@ procedure main() mem, Gamma_mem := memory_store32_le(mem, bvadd64(R9, 56bv64), R8[32:0]), gamma_store32(Gamma_mem, bvadd64(R9, 56bv64), Gamma_R8); assume {:captureState "%00000392"} true; goto l00000369; - l00000369: - assume {:captureState "l00000369"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); - R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; - return; - lmain_goto_l00000343: - assume {:captureState "lmain_goto_l00000343"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); - goto l00000343; - lmain_goto_l00000346: - assume {:captureState "lmain_goto_l00000346"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); - goto l00000346; - l00000349_goto_l00000351: - assume {:captureState "l00000349_goto_l00000351"} true; - assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); - goto l00000351; + terminate: + assume {:captureState "terminate"} true; + goto terminate; l00000349_goto_l0000037e: assume {:captureState "l00000349_goto_l0000037e"} true; assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); goto l0000037e; + main_return: + assume {:captureState "main_return"} true; + return; } diff --git a/src/test/correct/cjump/clang_O2/cjump.expected b/src/test/correct/cjump/clang_O2/cjump.expected index d3e291679..4891e96d6 100644 --- a/src/test/correct/cjump/clang_O2/cjump.expected +++ b/src/test/correct/cjump/clang_O2/cjump.expected @@ -198,5 +198,11 @@ procedure main() assert (L(mem, bvadd64(R10, 56bv64)) ==> Gamma_R11); mem, Gamma_mem := memory_store32_le(mem, bvadd64(R10, 56bv64), R11[32:0]), gamma_store32(Gamma_mem, bvadd64(R10, 56bv64), Gamma_R11); assume {:captureState "%000002f1"} true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/cjump/clang_no_plt_no_pic/cjump.expected b/src/test/correct/cjump/clang_no_plt_no_pic/cjump.expected index 796eec6f1..5efe98b5c 100644 --- a/src/test/correct/cjump/clang_no_plt_no_pic/cjump.expected +++ b/src/test/correct/cjump/clang_no_plt_no_pic/cjump.expected @@ -229,58 +229,64 @@ procedure main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; goto lmain_goto_l00000999, lmain_goto_l0000099c; - l0000099c: - assume {:captureState "l0000099c"} true; - R8, Gamma_R8 := 1bv64, true; - goto l0000099f; - l00000999: - assume {:captureState "l00000999"} true; - R8, Gamma_R8 := 0bv64, true; - goto l0000099f; - l0000099f: - assume {:captureState "l0000099f"} true; - assert Gamma_R8; - goto l0000099f_goto_l000009a7, l0000099f_goto_l000009d4; - l000009a7: - assume {:captureState "l000009a7"} true; + l000009d5: + assume {:captureState "l000009d5"} true; + R8, Gamma_R8 := 3bv64, true; R9, Gamma_R9 := 69632bv64, true; - R8, Gamma_R8 := 2bv64, true; call rely(); assert (L(mem, bvadd64(R9, 56bv64)) ==> Gamma_R8); mem, Gamma_mem := memory_store32_le(mem, bvadd64(R9, 56bv64), R8[32:0]), gamma_store32(Gamma_mem, bvadd64(R9, 56bv64), Gamma_R8); - assume {:captureState "%000009bc"} true; + assume {:captureState "%000009e8"} true; goto l000009bf; l000009d4: assume {:captureState "l000009d4"} true; goto l000009d5; - l000009d5: - assume {:captureState "l000009d5"} true; - R8, Gamma_R8 := 3bv64, true; + l0000099f: + assume {:captureState "l0000099f"} true; + assert Gamma_R8; + goto l0000099f_goto_l000009a7, l0000099f_goto_l000009d4; + lmain_goto_l0000099c: + assume {:captureState "lmain_goto_l0000099c"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); + goto l0000099c; + lmain_goto_l00000999: + assume {:captureState "lmain_goto_l00000999"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); + goto l00000999; + l000009a7: + assume {:captureState "l000009a7"} true; R9, Gamma_R9 := 69632bv64, true; + R8, Gamma_R8 := 2bv64, true; call rely(); assert (L(mem, bvadd64(R9, 56bv64)) ==> Gamma_R8); mem, Gamma_mem := memory_store32_le(mem, bvadd64(R9, 56bv64), R8[32:0]), gamma_store32(Gamma_mem, bvadd64(R9, 56bv64), Gamma_R8); - assume {:captureState "%000009e8"} true; + assume {:captureState "%000009bc"} true; goto l000009bf; + l0000099f_goto_l000009d4: + assume {:captureState "l0000099f_goto_l000009d4"} true; + assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); + goto l000009d4; + l00000999: + assume {:captureState "l00000999"} true; + R8, Gamma_R8 := 0bv64, true; + goto l0000099f; + l0000099f_goto_l000009a7: + assume {:captureState "l0000099f_goto_l000009a7"} true; + assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); + goto l000009a7; + l0000099c: + assume {:captureState "l0000099c"} true; + R8, Gamma_R8 := 1bv64, true; + goto l0000099f; + terminate: + assume {:captureState "terminate"} true; + goto terminate; l000009bf: assume {:captureState "l000009bf"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + main_return: + assume {:captureState "main_return"} true; return; - lmain_goto_l00000999: - assume {:captureState "lmain_goto_l00000999"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); - goto l00000999; - lmain_goto_l0000099c: - assume {:captureState "lmain_goto_l0000099c"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); - goto l0000099c; - l0000099f_goto_l000009a7: - assume {:captureState "l0000099f_goto_l000009a7"} true; - assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); - goto l000009a7; - l0000099f_goto_l000009d4: - assume {:captureState "l0000099f_goto_l000009d4"} true; - assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); - goto l000009d4; } diff --git a/src/test/correct/cjump/clang_pic/cjump.expected b/src/test/correct/cjump/clang_pic/cjump.expected index b7f1ae582..1c6da8825 100644 --- a/src/test/correct/cjump/clang_pic/cjump.expected +++ b/src/test/correct/cjump/clang_pic/cjump.expected @@ -287,18 +287,6 @@ procedure main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; goto lmain_goto_l00000359, lmain_goto_l00000356; - l00000359: - assume {:captureState "l00000359"} true; - R8, Gamma_R8 := 1bv64, true; - goto l0000035c; - l00000356: - assume {:captureState "l00000356"} true; - R8, Gamma_R8 := 0bv64, true; - goto l0000035c; - l0000035c: - assume {:captureState "l0000035c"} true; - assert Gamma_R8; - goto l0000035c_goto_l00000398, l0000035c_goto_l00000364; l00000364: assume {:captureState "l00000364"} true; R9, Gamma_R9 := 65536bv64, true; @@ -310,9 +298,10 @@ procedure main() mem, Gamma_mem := memory_store32_le(mem, R9, R8[32:0]), gamma_store32(Gamma_mem, R9, Gamma_R8); assume {:captureState "%00000380"} true; goto l00000383; - l00000398: - assume {:captureState "l00000398"} true; - goto l00000399; + lmain_goto_l00000359: + assume {:captureState "lmain_goto_l00000359"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); + goto l00000359; l00000399: assume {:captureState "l00000399"} true; R8, Gamma_R8 := 3bv64, true; @@ -324,25 +313,42 @@ procedure main() mem, Gamma_mem := memory_store32_le(mem, R9, R8[32:0]), gamma_store32(Gamma_mem, R9, Gamma_R8); assume {:captureState "%000003b3"} true; goto l00000383; + l00000398: + assume {:captureState "l00000398"} true; + goto l00000399; l00000383: assume {:captureState "l00000383"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; - return; + goto main_return; + l00000356: + assume {:captureState "l00000356"} true; + R8, Gamma_R8 := 0bv64, true; + goto l0000035c; + l00000359: + assume {:captureState "l00000359"} true; + R8, Gamma_R8 := 1bv64, true; + goto l0000035c; lmain_goto_l00000356: assume {:captureState "lmain_goto_l00000356"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); goto l00000356; - lmain_goto_l00000359: - assume {:captureState "lmain_goto_l00000359"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); - goto l00000359; - l0000035c_goto_l00000364: - assume {:captureState "l0000035c_goto_l00000364"} true; - assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); - goto l00000364; l0000035c_goto_l00000398: assume {:captureState "l0000035c_goto_l00000398"} true; assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); goto l00000398; + l0000035c: + assume {:captureState "l0000035c"} true; + assert Gamma_R8; + goto l0000035c_goto_l00000398, l0000035c_goto_l00000364; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + l0000035c_goto_l00000364: + assume {:captureState "l0000035c_goto_l00000364"} true; + assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); + goto l00000364; + main_return: + assume {:captureState "main_return"} true; + return; } diff --git a/src/test/correct/cjump/gcc/cjump.expected b/src/test/correct/cjump/gcc/cjump.expected index dba45cd99..0e0ea9c1b 100644 --- a/src/test/correct/cjump/gcc/cjump.expected +++ b/src/test/correct/cjump/gcc/cjump.expected @@ -230,6 +230,18 @@ procedure main() mem, Gamma_mem := memory_store32_le(mem, R0, R1[32:0]), gamma_store32(Gamma_mem, R0, Gamma_R1); assume {:captureState "%00000359"} true; goto l0000035b; + lmain_goto_l00000365: + assume {:captureState "lmain_goto_l00000365"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l00000365; + lmain_goto_l0000033e: + assume {:captureState "lmain_goto_l0000033e"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l0000033e; + l0000035b: + assume {:captureState "l0000035b"} true; + R0, Gamma_R0 := 0bv64, true; + goto main_return; l00000365: assume {:captureState "l00000365"} true; R0, Gamma_R0 := 69632bv64, true; @@ -240,16 +252,10 @@ procedure main() mem, Gamma_mem := memory_store32_le(mem, R0, R1[32:0]), gamma_store32(Gamma_mem, R0, Gamma_R1); assume {:captureState "%0000037b"} true; goto l0000035b; - l0000035b: - assume {:captureState "l0000035b"} true; - R0, Gamma_R0 := 0bv64, true; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; - lmain_goto_l0000033e: - assume {:captureState "lmain_goto_l0000033e"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l0000033e; - lmain_goto_l00000365: - assume {:captureState "lmain_goto_l00000365"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l00000365; } diff --git a/src/test/correct/cjump/gcc_O2/cjump.expected b/src/test/correct/cjump/gcc_O2/cjump.expected index a280e9d8a..8811d0fb2 100644 --- a/src/test/correct/cjump/gcc_O2/cjump.expected +++ b/src/test/correct/cjump/gcc_O2/cjump.expected @@ -196,5 +196,11 @@ procedure main() assert (L(mem, bvadd64(R1, 4bv64)) ==> Gamma_R2); mem, Gamma_mem := memory_store32_le(mem, bvadd64(R1, 4bv64), R2[32:0]), gamma_store32(Gamma_mem, bvadd64(R1, 4bv64), Gamma_R2); assume {:captureState "%000001d0"} true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/cjump/gcc_no_plt_no_pic/cjump.expected b/src/test/correct/cjump/gcc_no_plt_no_pic/cjump.expected index c3719ff53..e46100cda 100644 --- a/src/test/correct/cjump/gcc_no_plt_no_pic/cjump.expected +++ b/src/test/correct/cjump/gcc_no_plt_no_pic/cjump.expected @@ -220,16 +220,6 @@ procedure main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; goto lmain_goto_l000009a3, lmain_goto_l0000097c; - l0000097c: - assume {:captureState "l0000097c"} true; - R0, Gamma_R0 := 69632bv64, true; - R0, Gamma_R0 := bvadd64(R0, 24bv64), Gamma_R0; - R1, Gamma_R1 := 2bv64, true; - call rely(); - assert (L(mem, R0) ==> Gamma_R1); - mem, Gamma_mem := memory_store32_le(mem, R0, R1[32:0]), gamma_store32(Gamma_mem, R0, Gamma_R1); - assume {:captureState "%00000997"} true; - goto l00000999; l000009a3: assume {:captureState "l000009a3"} true; R0, Gamma_R0 := 69632bv64, true; @@ -243,13 +233,29 @@ procedure main() l00000999: assume {:captureState "l00000999"} true; R0, Gamma_R0 := 0bv64, true; - return; + goto main_return; lmain_goto_l0000097c: assume {:captureState "lmain_goto_l0000097c"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); goto l0000097c; + l0000097c: + assume {:captureState "l0000097c"} true; + R0, Gamma_R0 := 69632bv64, true; + R0, Gamma_R0 := bvadd64(R0, 24bv64), Gamma_R0; + R1, Gamma_R1 := 2bv64, true; + call rely(); + assert (L(mem, R0) ==> Gamma_R1); + mem, Gamma_mem := memory_store32_le(mem, R0, R1[32:0]), gamma_store32(Gamma_mem, R0, Gamma_R1); + assume {:captureState "%00000997"} true; + goto l00000999; + terminate: + assume {:captureState "terminate"} true; + goto terminate; lmain_goto_l000009a3: assume {:captureState "lmain_goto_l000009a3"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); goto l000009a3; + main_return: + assume {:captureState "main_return"} true; + return; } diff --git a/src/test/correct/cjump/gcc_pic/cjump.expected b/src/test/correct/cjump/gcc_pic/cjump.expected index 5ca9cc9fa..67d3acb56 100644 --- a/src/test/correct/cjump/gcc_pic/cjump.expected +++ b/src/test/correct/cjump/gcc_pic/cjump.expected @@ -278,17 +278,10 @@ procedure main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; goto lmain_goto_l00000340, lmain_goto_l00000368; - l00000340: - assume {:captureState "l00000340"} true; - R0, Gamma_R0 := 65536bv64, true; - call rely(); - R0, Gamma_R0 := memory_load64_le(mem, bvadd64(R0, 4072bv64)), (gamma_load64(Gamma_mem, bvadd64(R0, 4072bv64)) || L(mem, bvadd64(R0, 4072bv64))); - R1, Gamma_R1 := 2bv64, true; - call rely(); - assert (L(mem, R0) ==> Gamma_R1); - mem, Gamma_mem := memory_store32_le(mem, R0, R1[32:0]), gamma_store32(Gamma_mem, R0, Gamma_R1); - assume {:captureState "%0000035c"} true; - goto l0000035e; + lmain_goto_l00000340: + assume {:captureState "lmain_goto_l00000340"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l00000340; l00000368: assume {:captureState "l00000368"} true; R0, Gamma_R0 := 65536bv64, true; @@ -300,16 +293,29 @@ procedure main() mem, Gamma_mem := memory_store32_le(mem, R0, R1[32:0]), gamma_store32(Gamma_mem, R0, Gamma_R1); assume {:captureState "%0000037f"} true; goto l0000035e; - l0000035e: - assume {:captureState "l0000035e"} true; - R0, Gamma_R0 := 0bv64, true; - return; - lmain_goto_l00000340: - assume {:captureState "lmain_goto_l00000340"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l00000340; lmain_goto_l00000368: assume {:captureState "lmain_goto_l00000368"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); goto l00000368; + l0000035e: + assume {:captureState "l0000035e"} true; + R0, Gamma_R0 := 0bv64, true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + l00000340: + assume {:captureState "l00000340"} true; + R0, Gamma_R0 := 65536bv64, true; + call rely(); + R0, Gamma_R0 := memory_load64_le(mem, bvadd64(R0, 4072bv64)), (gamma_load64(Gamma_mem, bvadd64(R0, 4072bv64)) || L(mem, bvadd64(R0, 4072bv64))); + R1, Gamma_R1 := 2bv64, true; + call rely(); + assert (L(mem, R0) ==> Gamma_R1); + mem, Gamma_mem := memory_store32_le(mem, R0, R1[32:0]), gamma_store32(Gamma_mem, R0, Gamma_R1); + assume {:captureState "%0000035c"} true; + goto l0000035e; + main_return: + assume {:captureState "main_return"} true; + return; } diff --git a/src/test/correct/function/clang/function.expected b/src/test/correct/function/clang/function.expected index 5f0453715..80985a02b 100644 --- a/src/test/correct/function/clang/function.expected +++ b/src/test/correct/function/clang/function.expected @@ -189,6 +189,12 @@ procedure get_two() lget_two: assume {:captureState "lget_two"} true; R0, Gamma_R0 := 2bv64, true; + goto get_two_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + get_two_return: + assume {:captureState "get_two_return"} true; return; } @@ -320,5 +326,11 @@ procedure main() R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/function/clang_O2/function.expected b/src/test/correct/function/clang_O2/function.expected index fd677be34..4de5fe980 100644 --- a/src/test/correct/function/clang_O2/function.expected +++ b/src/test/correct/function/clang_O2/function.expected @@ -198,5 +198,11 @@ procedure main() assert (L(mem, bvadd64(R10, 56bv64)) ==> Gamma_R11); mem, Gamma_mem := memory_store32_le(mem, bvadd64(R10, 56bv64), R11[32:0]), gamma_store32(Gamma_mem, bvadd64(R10, 56bv64), Gamma_R11); assume {:captureState "%000002f9"} true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/function/clang_no_plt_no_pic/function.expected b/src/test/correct/function/clang_no_plt_no_pic/function.expected index 5f0453715..80985a02b 100644 --- a/src/test/correct/function/clang_no_plt_no_pic/function.expected +++ b/src/test/correct/function/clang_no_plt_no_pic/function.expected @@ -189,6 +189,12 @@ procedure get_two() lget_two: assume {:captureState "lget_two"} true; R0, Gamma_R0 := 2bv64, true; + goto get_two_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + get_two_return: + assume {:captureState "get_two_return"} true; return; } @@ -320,5 +326,11 @@ procedure main() R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/function/clang_pic/function.expected b/src/test/correct/function/clang_pic/function.expected index 3937a0029..9a2687027 100644 --- a/src/test/correct/function/clang_pic/function.expected +++ b/src/test/correct/function/clang_pic/function.expected @@ -237,6 +237,12 @@ procedure get_two() lget_two: assume {:captureState "lget_two"} true; R0, Gamma_R0 := 2bv64, true; + goto get_two_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + get_two_return: + assume {:captureState "get_two_return"} true; return; } @@ -404,5 +410,11 @@ procedure main() R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/function/gcc/function.expected b/src/test/correct/function/gcc/function.expected index 81e902be8..329c32c1e 100644 --- a/src/test/correct/function/gcc/function.expected +++ b/src/test/correct/function/gcc/function.expected @@ -188,6 +188,12 @@ procedure get_two() lget_two: assume {:captureState "lget_two"} true; R0, Gamma_R0 := 2bv64, true; + goto get_two_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + get_two_return: + assume {:captureState "get_two_return"} true; return; } @@ -322,5 +328,11 @@ procedure main() R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/function/gcc_O2/function.expected b/src/test/correct/function/gcc_O2/function.expected index d1f3a9437..879bea546 100644 --- a/src/test/correct/function/gcc_O2/function.expected +++ b/src/test/correct/function/gcc_O2/function.expected @@ -196,5 +196,11 @@ procedure main() assert (L(mem, bvadd64(R1, 4bv64)) ==> Gamma_R2); mem, Gamma_mem := memory_store32_le(mem, bvadd64(R1, 4bv64), R2[32:0]), gamma_store32(Gamma_mem, bvadd64(R1, 4bv64), Gamma_R2); assume {:captureState "%000001e4"} true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/function/gcc_no_plt_no_pic/function.expected b/src/test/correct/function/gcc_no_plt_no_pic/function.expected index 81e902be8..329c32c1e 100644 --- a/src/test/correct/function/gcc_no_plt_no_pic/function.expected +++ b/src/test/correct/function/gcc_no_plt_no_pic/function.expected @@ -188,6 +188,12 @@ procedure get_two() lget_two: assume {:captureState "lget_two"} true; R0, Gamma_R0 := 2bv64, true; + goto get_two_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + get_two_return: + assume {:captureState "get_two_return"} true; return; } @@ -322,5 +328,11 @@ procedure main() R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/function/gcc_pic/function.expected b/src/test/correct/function/gcc_pic/function.expected index ecdb2f43c..3a318b1a5 100644 --- a/src/test/correct/function/gcc_pic/function.expected +++ b/src/test/correct/function/gcc_pic/function.expected @@ -236,6 +236,12 @@ procedure get_two() lget_two: assume {:captureState "lget_two"} true; R0, Gamma_R0 := 2bv64, true; + goto get_two_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + get_two_return: + assume {:captureState "get_two_return"} true; return; } @@ -404,5 +410,11 @@ procedure main() R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/function1/clang/function1.expected b/src/test/correct/function1/clang/function1.expected index 22620843f..08a0e42b4 100644 --- a/src/test/correct/function1/clang/function1.expected +++ b/src/test/correct/function1/clang/function1.expected @@ -245,6 +245,12 @@ procedure get_two() R8, Gamma_R8 := bvadd64(R8, sign_extend32_32(R9[32:0])), (Gamma_R9 && Gamma_R8); R0, Gamma_R0 := zero_extend32_32(R8[32:0]), Gamma_R8; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto get_two_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + get_two_return: + assume {:captureState "get_two_return"} true; return; } @@ -396,6 +402,12 @@ procedure main() R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/function1/clang_O2/function1.expected b/src/test/correct/function1/clang_O2/function1.expected index bddeefebb..08de9f209 100644 --- a/src/test/correct/function1/clang_O2/function1.expected +++ b/src/test/correct/function1/clang_O2/function1.expected @@ -257,12 +257,18 @@ procedure main() R30, Gamma_R30 := 1944bv64, true; call printf(); goto l00000371; + terminate: + assume {:captureState "terminate"} true; + goto terminate; l00000371: assume {:captureState "l00000371"} true; R0, Gamma_R0 := 0bv64, true; R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/function1/clang_no_plt_no_pic/function1.expected b/src/test/correct/function1/clang_no_plt_no_pic/function1.expected index aa6caaf17..35e574523 100644 --- a/src/test/correct/function1/clang_no_plt_no_pic/function1.expected +++ b/src/test/correct/function1/clang_no_plt_no_pic/function1.expected @@ -245,6 +245,12 @@ procedure get_two() R8, Gamma_R8 := bvadd64(R8, sign_extend32_32(R9[32:0])), (Gamma_R9 && Gamma_R8); R0, Gamma_R0 := zero_extend32_32(R8[32:0]), Gamma_R8; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto get_two_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + get_two_return: + assume {:captureState "get_two_return"} true; return; } @@ -376,6 +382,13 @@ procedure main() R30, Gamma_R30 := 1968bv64, true; call get_two(); goto l00000adf; + l00000b06: + assume {:captureState "l00000b06"} true; + R0, Gamma_R0 := 0bv64, true; + R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); + R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); + R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; l00000adf: assume {:captureState "l00000adf"} true; R8, Gamma_R8 := 69632bv64, true; @@ -390,12 +403,11 @@ procedure main() R30, Gamma_R30 := 1992bv64, true; call printf(); goto l00000b06; - l00000b06: - assume {:captureState "l00000b06"} true; - R0, Gamma_R0 := 0bv64, true; - R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); - R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); - R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/function1/clang_pic/function1.expected b/src/test/correct/function1/clang_pic/function1.expected index 2c77c2294..998504616 100644 --- a/src/test/correct/function1/clang_pic/function1.expected +++ b/src/test/correct/function1/clang_pic/function1.expected @@ -293,6 +293,12 @@ procedure get_two() R8, Gamma_R8 := bvadd64(R8, sign_extend32_32(R9[32:0])), (Gamma_R9 && Gamma_R8); R0, Gamma_R0 := zero_extend32_32(R8[32:0]), Gamma_R8; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto get_two_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + get_two_return: + assume {:captureState "get_two_return"} true; return; } @@ -458,6 +464,13 @@ procedure main() R30, Gamma_R30 := 2036bv64, true; call get_two(); goto l000003dd; + l0000040b: + assume {:captureState "l0000040b"} true; + R0, Gamma_R0 := 0bv64, true; + R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); + R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); + R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; l000003dd: assume {:captureState "l000003dd"} true; R8, Gamma_R8 := 65536bv64, true; @@ -474,12 +487,11 @@ procedure main() R30, Gamma_R30 := 2064bv64, true; call printf(); goto l0000040b; - l0000040b: - assume {:captureState "l0000040b"} true; - R0, Gamma_R0 := 0bv64, true; - R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); - R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); - R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/function1/gcc/function1.expected b/src/test/correct/function1/gcc/function1.expected index a95a503aa..a902ed78e 100644 --- a/src/test/correct/function1/gcc/function1.expected +++ b/src/test/correct/function1/gcc/function1.expected @@ -252,6 +252,12 @@ procedure get_two() R0, Gamma_R0 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); R0, Gamma_R0 := zero_extend32_32(bvadd32(R1[32:0], R0[32:0])), (Gamma_R0 && Gamma_R1); R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto get_two_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + get_two_return: + assume {:captureState "get_two_return"} true; return; } @@ -417,6 +423,12 @@ procedure main() R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/function1/gcc_O2/function1.expected b/src/test/correct/function1/gcc_O2/function1.expected index 8296db663..3ae3c2281 100644 --- a/src/test/correct/function1/gcc_O2/function1.expected +++ b/src/test/correct/function1/gcc_O2/function1.expected @@ -360,5 +360,11 @@ procedure main() R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/function1/gcc_no_plt_no_pic/function1.expected b/src/test/correct/function1/gcc_no_plt_no_pic/function1.expected index 711e70cf1..e04c37dd9 100644 --- a/src/test/correct/function1/gcc_no_plt_no_pic/function1.expected +++ b/src/test/correct/function1/gcc_no_plt_no_pic/function1.expected @@ -252,6 +252,12 @@ procedure get_two() R0, Gamma_R0 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); R0, Gamma_R0 := zero_extend32_32(bvadd32(R1[32:0], R0[32:0])), (Gamma_R0 && Gamma_R1); R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto get_two_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + get_two_return: + assume {:captureState "get_two_return"} true; return; } @@ -417,6 +423,12 @@ procedure main() R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/function1/gcc_pic/function1.expected b/src/test/correct/function1/gcc_pic/function1.expected index 313d20eac..cf8fbb4b6 100644 --- a/src/test/correct/function1/gcc_pic/function1.expected +++ b/src/test/correct/function1/gcc_pic/function1.expected @@ -300,6 +300,12 @@ procedure get_two() R0, Gamma_R0 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); R0, Gamma_R0 := zero_extend32_32(bvadd32(R1[32:0], R0[32:0])), (Gamma_R0 && Gamma_R1); R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto get_two_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + get_two_return: + assume {:captureState "get_two_return"} true; return; } @@ -473,6 +479,13 @@ procedure main() R30, Gamma_R30 := 2036bv64, true; call get_two(); goto l000003ed; + l00000433: + assume {:captureState "l00000433"} true; + R0, Gamma_R0 := 0bv64, true; + R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); + R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); + R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; l000003ed: assume {:captureState "l000003ed"} true; R1, Gamma_R1 := zero_extend32_32(R0[32:0]), Gamma_R0; @@ -494,12 +507,11 @@ procedure main() R30, Gamma_R30 := 2080bv64, true; call printf(); goto l00000433; - l00000433: - assume {:captureState "l00000433"} true; - R0, Gamma_R0 := 0bv64, true; - R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); - R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); - R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/functions_with_params/clang/functions_with_params.expected b/src/test/correct/functions_with_params/clang/functions_with_params.expected index dfe4dc6cb..78f7ee396 100644 --- a/src/test/correct/functions_with_params/clang/functions_with_params.expected +++ b/src/test/correct/functions_with_params/clang/functions_with_params.expected @@ -235,6 +235,12 @@ procedure main() R29, Gamma_R29 := memory_load64_le(stack, #5), gamma_load64(Gamma_stack, #5); R30, Gamma_R30 := memory_load64_le(stack, bvadd64(#5, 8bv64)), gamma_load64(Gamma_stack, bvadd64(#5, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } @@ -323,5 +329,11 @@ procedure plus_one() R8, Gamma_R8 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); R0, Gamma_R0 := zero_extend32_32(bvadd32(R8[32:0], 1bv32)), Gamma_R8; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto plus_one_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + plus_one_return: + assume {:captureState "plus_one_return"} true; return; } diff --git a/src/test/correct/functions_with_params/clang_O2/functions_with_params.expected b/src/test/correct/functions_with_params/clang_O2/functions_with_params.expected index c92fd296f..82e284cc8 100644 --- a/src/test/correct/functions_with_params/clang_O2/functions_with_params.expected +++ b/src/test/correct/functions_with_params/clang_O2/functions_with_params.expected @@ -157,5 +157,11 @@ procedure main() lmain: assume {:captureState "lmain"} true; R0, Gamma_R0 := 0bv64, true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/functions_with_params/clang_no_plt_no_pic/functions_with_params.expected b/src/test/correct/functions_with_params/clang_no_plt_no_pic/functions_with_params.expected index 1136a902b..bc9463c3c 100644 --- a/src/test/correct/functions_with_params/clang_no_plt_no_pic/functions_with_params.expected +++ b/src/test/correct/functions_with_params/clang_no_plt_no_pic/functions_with_params.expected @@ -235,6 +235,12 @@ procedure main() R29, Gamma_R29 := memory_load64_le(stack, #5), gamma_load64(Gamma_stack, #5); R30, Gamma_R30 := memory_load64_le(stack, bvadd64(#5, 8bv64)), gamma_load64(Gamma_stack, bvadd64(#5, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } @@ -323,5 +329,11 @@ procedure plus_one() R8, Gamma_R8 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); R0, Gamma_R0 := zero_extend32_32(bvadd32(R8[32:0], 1bv32)), Gamma_R8; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto plus_one_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + plus_one_return: + assume {:captureState "plus_one_return"} true; return; } diff --git a/src/test/correct/functions_with_params/clang_pic/functions_with_params.expected b/src/test/correct/functions_with_params/clang_pic/functions_with_params.expected index 1136a902b..bc9463c3c 100644 --- a/src/test/correct/functions_with_params/clang_pic/functions_with_params.expected +++ b/src/test/correct/functions_with_params/clang_pic/functions_with_params.expected @@ -235,6 +235,12 @@ procedure main() R29, Gamma_R29 := memory_load64_le(stack, #5), gamma_load64(Gamma_stack, #5); R30, Gamma_R30 := memory_load64_le(stack, bvadd64(#5, 8bv64)), gamma_load64(Gamma_stack, bvadd64(#5, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } @@ -323,5 +329,11 @@ procedure plus_one() R8, Gamma_R8 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); R0, Gamma_R0 := zero_extend32_32(bvadd32(R8[32:0], 1bv32)), Gamma_R8; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto plus_one_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + plus_one_return: + assume {:captureState "plus_one_return"} true; return; } diff --git a/src/test/correct/functions_with_params/gcc/functions_with_params.expected b/src/test/correct/functions_with_params/gcc/functions_with_params.expected index 284845f2f..346b137c8 100644 --- a/src/test/correct/functions_with_params/gcc/functions_with_params.expected +++ b/src/test/correct/functions_with_params/gcc/functions_with_params.expected @@ -230,6 +230,12 @@ procedure main() R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } @@ -318,5 +324,11 @@ procedure plus_one() R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); R0, Gamma_R0 := zero_extend32_32(bvadd32(R0[32:0], 1bv32)), Gamma_R0; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto plus_one_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + plus_one_return: + assume {:captureState "plus_one_return"} true; return; } diff --git a/src/test/correct/functions_with_params/gcc_O2/functions_with_params.expected b/src/test/correct/functions_with_params/gcc_O2/functions_with_params.expected index 031602cf6..79ad5fd8f 100644 --- a/src/test/correct/functions_with_params/gcc_O2/functions_with_params.expected +++ b/src/test/correct/functions_with_params/gcc_O2/functions_with_params.expected @@ -157,5 +157,11 @@ procedure main() lmain: assume {:captureState "lmain"} true; R0, Gamma_R0 := 0bv64, true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/functions_with_params/gcc_no_plt_no_pic/functions_with_params.expected b/src/test/correct/functions_with_params/gcc_no_plt_no_pic/functions_with_params.expected index 03251913e..4b400c996 100644 --- a/src/test/correct/functions_with_params/gcc_no_plt_no_pic/functions_with_params.expected +++ b/src/test/correct/functions_with_params/gcc_no_plt_no_pic/functions_with_params.expected @@ -230,6 +230,12 @@ procedure main() R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } @@ -318,5 +324,11 @@ procedure plus_one() R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); R0, Gamma_R0 := zero_extend32_32(bvadd32(R0[32:0], 1bv32)), Gamma_R0; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto plus_one_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + plus_one_return: + assume {:captureState "plus_one_return"} true; return; } diff --git a/src/test/correct/functions_with_params/gcc_pic/functions_with_params.expected b/src/test/correct/functions_with_params/gcc_pic/functions_with_params.expected index 03251913e..4b400c996 100644 --- a/src/test/correct/functions_with_params/gcc_pic/functions_with_params.expected +++ b/src/test/correct/functions_with_params/gcc_pic/functions_with_params.expected @@ -230,6 +230,12 @@ procedure main() R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } @@ -318,5 +324,11 @@ procedure plus_one() R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); R0, Gamma_R0 := zero_extend32_32(bvadd32(R0[32:0], 1bv32)), Gamma_R0; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto plus_one_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + plus_one_return: + assume {:captureState "plus_one_return"} true; return; } diff --git a/src/test/correct/ifbranches/clang/ifbranches.expected b/src/test/correct/ifbranches/clang/ifbranches.expected index f43c98adb..d5dfd11c3 100644 --- a/src/test/correct/ifbranches/clang/ifbranches.expected +++ b/src/test/correct/ifbranches/clang/ifbranches.expected @@ -231,29 +231,35 @@ procedure main() assume {:captureState "l0000034f"} true; R8, Gamma_R8 := 1bv64, true; goto l00000352; - l0000034c: - assume {:captureState "l0000034c"} true; - R8, Gamma_R8 := 0bv64, true; - goto l00000352; + l00000352_goto_l00000397: + assume {:captureState "l00000352_goto_l00000397"} true; + assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); + goto l00000397; + lmain_goto_l0000034c: + assume {:captureState "lmain_goto_l0000034c"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l0000034c; + lmain_goto_l0000034f: + assume {:captureState "lmain_goto_l0000034f"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l0000034f; + l00000397: + assume {:captureState "l00000397"} true; + goto l00000398; l00000352: assume {:captureState "l00000352"} true; assert Gamma_R8; goto l00000352_goto_l0000035a, l00000352_goto_l00000397; - l0000035a: - assume {:captureState "l0000035a"} true; - R8, Gamma_R8 := 2bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R8); - assume {:captureState "%0000036a"} true; - goto l0000036d; - l00000397: - assume {:captureState "l00000397"} true; - goto l00000398; l00000398: assume {:captureState "l00000398"} true; R8, Gamma_R8 := 1bv64, true; stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R8); assume {:captureState "%000003a6"} true; goto l0000036d; + l00000352_goto_l0000035a: + assume {:captureState "l00000352_goto_l0000035a"} true; + assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); + goto l0000035a; l0000036d: assume {:captureState "l0000036d"} true; R8, Gamma_R8 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); @@ -262,21 +268,21 @@ procedure main() assume {:captureState "%00000383"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; + goto main_return; + l0000034c: + assume {:captureState "l0000034c"} true; + R8, Gamma_R8 := 0bv64, true; + goto l00000352; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + l0000035a: + assume {:captureState "l0000035a"} true; + R8, Gamma_R8 := 2bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R8); + assume {:captureState "%0000036a"} true; + goto l0000036d; + main_return: + assume {:captureState "main_return"} true; return; - lmain_goto_l0000034c: - assume {:captureState "lmain_goto_l0000034c"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l0000034c; - lmain_goto_l0000034f: - assume {:captureState "lmain_goto_l0000034f"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l0000034f; - l00000352_goto_l0000035a: - assume {:captureState "l00000352_goto_l0000035a"} true; - assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); - goto l0000035a; - l00000352_goto_l00000397: - assume {:captureState "l00000352_goto_l00000397"} true; - assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); - goto l00000397; } diff --git a/src/test/correct/ifbranches/clang_O2/ifbranches.expected b/src/test/correct/ifbranches/clang_O2/ifbranches.expected index 4617d4c7f..69405008f 100644 --- a/src/test/correct/ifbranches/clang_O2/ifbranches.expected +++ b/src/test/correct/ifbranches/clang_O2/ifbranches.expected @@ -184,23 +184,29 @@ procedure main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; goto lmain_goto_l000002db, lmain_goto_l000002df; + lmain_goto_l000002db: + assume {:captureState "lmain_goto_l000002db"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l000002db; l000002df: assume {:captureState "l000002df"} true; R0, Gamma_R0 := zero_extend32_32(bvadd32(R8[32:0], 1bv32)), Gamma_R8; goto l000002e2; + lmain_goto_l000002df: + assume {:captureState "lmain_goto_l000002df"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l000002df; l000002db: assume {:captureState "l000002db"} true; R0, Gamma_R0 := zero_extend32_32(R8[32:0]), Gamma_R8; goto l000002e2; + terminate: + assume {:captureState "terminate"} true; + goto terminate; l000002e2: assume {:captureState "l000002e2"} true; + goto main_return; + main_return: + assume {:captureState "main_return"} true; return; - lmain_goto_l000002db: - assume {:captureState "lmain_goto_l000002db"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l000002db; - lmain_goto_l000002df: - assume {:captureState "lmain_goto_l000002df"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l000002df; } diff --git a/src/test/correct/ifbranches/clang_no_plt_no_pic/ifbranches.expected b/src/test/correct/ifbranches/clang_no_plt_no_pic/ifbranches.expected index 852ead596..f18274e41 100644 --- a/src/test/correct/ifbranches/clang_no_plt_no_pic/ifbranches.expected +++ b/src/test/correct/ifbranches/clang_no_plt_no_pic/ifbranches.expected @@ -227,24 +227,10 @@ procedure main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; goto lmain_goto_l000009b8, lmain_goto_l000009bb; - l000009bb: - assume {:captureState "l000009bb"} true; - R8, Gamma_R8 := 1bv64, true; - goto l000009be; - l000009b8: - assume {:captureState "l000009b8"} true; - R8, Gamma_R8 := 0bv64, true; - goto l000009be; - l000009be: - assume {:captureState "l000009be"} true; - assert Gamma_R8; - goto l000009be_goto_l000009c6, l000009be_goto_l00000a03; - l000009c6: - assume {:captureState "l000009c6"} true; - R8, Gamma_R8 := 2bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R8); - assume {:captureState "%000009d6"} true; - goto l000009d9; + l000009be_goto_l000009c6: + assume {:captureState "l000009be_goto_l000009c6"} true; + assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); + goto l000009c6; l00000a03: assume {:captureState "l00000a03"} true; goto l00000a04; @@ -254,6 +240,10 @@ procedure main() stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R8); assume {:captureState "%00000a12"} true; goto l000009d9; + lmain_goto_l000009bb: + assume {:captureState "lmain_goto_l000009bb"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l000009bb; l000009d9: assume {:captureState "l000009d9"} true; R8, Gamma_R8 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); @@ -262,21 +252,37 @@ procedure main() assume {:captureState "%000009ef"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; - return; + goto main_return; + l000009b8: + assume {:captureState "l000009b8"} true; + R8, Gamma_R8 := 0bv64, true; + goto l000009be; + l000009c6: + assume {:captureState "l000009c6"} true; + R8, Gamma_R8 := 2bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R8); + assume {:captureState "%000009d6"} true; + goto l000009d9; lmain_goto_l000009b8: assume {:captureState "lmain_goto_l000009b8"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); goto l000009b8; - lmain_goto_l000009bb: - assume {:captureState "lmain_goto_l000009bb"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l000009bb; - l000009be_goto_l000009c6: - assume {:captureState "l000009be_goto_l000009c6"} true; - assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); - goto l000009c6; + l000009bb: + assume {:captureState "l000009bb"} true; + R8, Gamma_R8 := 1bv64, true; + goto l000009be; + terminate: + assume {:captureState "terminate"} true; + goto terminate; l000009be_goto_l00000a03: assume {:captureState "l000009be_goto_l00000a03"} true; assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); goto l00000a03; + l000009be: + assume {:captureState "l000009be"} true; + assert Gamma_R8; + goto l000009be_goto_l000009c6, l000009be_goto_l00000a03; + main_return: + assume {:captureState "main_return"} true; + return; } diff --git a/src/test/correct/ifbranches/clang_pic/ifbranches.expected b/src/test/correct/ifbranches/clang_pic/ifbranches.expected index 852ead596..f18274e41 100644 --- a/src/test/correct/ifbranches/clang_pic/ifbranches.expected +++ b/src/test/correct/ifbranches/clang_pic/ifbranches.expected @@ -227,24 +227,10 @@ procedure main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; goto lmain_goto_l000009b8, lmain_goto_l000009bb; - l000009bb: - assume {:captureState "l000009bb"} true; - R8, Gamma_R8 := 1bv64, true; - goto l000009be; - l000009b8: - assume {:captureState "l000009b8"} true; - R8, Gamma_R8 := 0bv64, true; - goto l000009be; - l000009be: - assume {:captureState "l000009be"} true; - assert Gamma_R8; - goto l000009be_goto_l000009c6, l000009be_goto_l00000a03; - l000009c6: - assume {:captureState "l000009c6"} true; - R8, Gamma_R8 := 2bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R8); - assume {:captureState "%000009d6"} true; - goto l000009d9; + l000009be_goto_l000009c6: + assume {:captureState "l000009be_goto_l000009c6"} true; + assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); + goto l000009c6; l00000a03: assume {:captureState "l00000a03"} true; goto l00000a04; @@ -254,6 +240,10 @@ procedure main() stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R8); assume {:captureState "%00000a12"} true; goto l000009d9; + lmain_goto_l000009bb: + assume {:captureState "lmain_goto_l000009bb"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l000009bb; l000009d9: assume {:captureState "l000009d9"} true; R8, Gamma_R8 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); @@ -262,21 +252,37 @@ procedure main() assume {:captureState "%000009ef"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; - return; + goto main_return; + l000009b8: + assume {:captureState "l000009b8"} true; + R8, Gamma_R8 := 0bv64, true; + goto l000009be; + l000009c6: + assume {:captureState "l000009c6"} true; + R8, Gamma_R8 := 2bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R8); + assume {:captureState "%000009d6"} true; + goto l000009d9; lmain_goto_l000009b8: assume {:captureState "lmain_goto_l000009b8"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); goto l000009b8; - lmain_goto_l000009bb: - assume {:captureState "lmain_goto_l000009bb"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l000009bb; - l000009be_goto_l000009c6: - assume {:captureState "l000009be_goto_l000009c6"} true; - assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); - goto l000009c6; + l000009bb: + assume {:captureState "l000009bb"} true; + R8, Gamma_R8 := 1bv64, true; + goto l000009be; + terminate: + assume {:captureState "terminate"} true; + goto terminate; l000009be_goto_l00000a03: assume {:captureState "l000009be_goto_l00000a03"} true; assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); goto l00000a03; + l000009be: + assume {:captureState "l000009be"} true; + assert Gamma_R8; + goto l000009be_goto_l000009c6, l000009be_goto_l00000a03; + main_return: + assume {:captureState "main_return"} true; + return; } diff --git a/src/test/correct/ifbranches/gcc/ifbranches.expected b/src/test/correct/ifbranches/gcc/ifbranches.expected index fc4b3fe3b..85bf7ce5a 100644 --- a/src/test/correct/ifbranches/gcc/ifbranches.expected +++ b/src/test/correct/ifbranches/gcc/ifbranches.expected @@ -222,12 +222,10 @@ procedure main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; goto lmain_goto_l00000369, lmain_goto_l00000330; - l00000330: - assume {:captureState "l00000330"} true; - R0, Gamma_R0 := 2bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 24bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 24bv64), Gamma_R0); - assume {:captureState "%00000340"} true; - goto l00000342; + lmain_goto_l00000330: + assume {:captureState "lmain_goto_l00000330"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); + goto l00000330; l00000369: assume {:captureState "l00000369"} true; R0, Gamma_R0 := 1bv64, true; @@ -242,13 +240,21 @@ procedure main() assume {:captureState "%00000355"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; - return; - lmain_goto_l00000330: - assume {:captureState "lmain_goto_l00000330"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); - goto l00000330; + goto main_return; + l00000330: + assume {:captureState "l00000330"} true; + R0, Gamma_R0 := 2bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 24bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 24bv64), Gamma_R0); + assume {:captureState "%00000340"} true; + goto l00000342; lmain_goto_l00000369: assume {:captureState "lmain_goto_l00000369"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); goto l00000369; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; + return; } diff --git a/src/test/correct/ifbranches/gcc_O2/ifbranches.expected b/src/test/correct/ifbranches/gcc_O2/ifbranches.expected index 6a212af81..51a188d46 100644 --- a/src/test/correct/ifbranches/gcc_O2/ifbranches.expected +++ b/src/test/correct/ifbranches/gcc_O2/ifbranches.expected @@ -181,24 +181,30 @@ procedure main() NF, Gamma_NF := bvadd32(#1, 1bv32)[32:31], Gamma_#1; assert Gamma_ZF; goto lmain_goto_l000001c3, lmain_goto_l000001c6; + lmain_goto_l000001c3: + assume {:captureState "lmain_goto_l000001c3"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l000001c3; l000001c6: assume {:captureState "l000001c6"} true; R0, Gamma_R0 := 1bv64, true; goto l000001c9; - l000001c3: - assume {:captureState "l000001c3"} true; - R0, Gamma_R0 := 0bv64, true; - goto l000001c9; l000001c9: assume {:captureState "l000001c9"} true; R0, Gamma_R0 := zero_extend32_32(bvadd32(R0[32:0], 2bv32)), Gamma_R0; - return; - lmain_goto_l000001c3: - assume {:captureState "lmain_goto_l000001c3"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l000001c3; + goto main_return; lmain_goto_l000001c6: assume {:captureState "lmain_goto_l000001c6"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); goto l000001c6; + l000001c3: + assume {:captureState "l000001c3"} true; + R0, Gamma_R0 := 0bv64, true; + goto l000001c9; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; + return; } diff --git a/src/test/correct/ifbranches/gcc_no_plt_no_pic/ifbranches.expected b/src/test/correct/ifbranches/gcc_no_plt_no_pic/ifbranches.expected index da091cc0a..a642b9102 100644 --- a/src/test/correct/ifbranches/gcc_no_plt_no_pic/ifbranches.expected +++ b/src/test/correct/ifbranches/gcc_no_plt_no_pic/ifbranches.expected @@ -228,12 +228,10 @@ procedure main() stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 24bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 24bv64), Gamma_R0); assume {:captureState "%00000973"} true; goto l00000975; - l0000099c: - assume {:captureState "l0000099c"} true; - R0, Gamma_R0 := 1bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 24bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 24bv64), Gamma_R0); - assume {:captureState "%000009a7"} true; - goto l00000975; + lmain_goto_l0000099c: + assume {:captureState "lmain_goto_l0000099c"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); + goto l0000099c; l00000975: assume {:captureState "l00000975"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 24bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 24bv64)); @@ -242,13 +240,21 @@ procedure main() assume {:captureState "%00000988"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; - return; + goto main_return; + l0000099c: + assume {:captureState "l0000099c"} true; + R0, Gamma_R0 := 1bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 24bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 24bv64), Gamma_R0); + assume {:captureState "%000009a7"} true; + goto l00000975; lmain_goto_l00000963: assume {:captureState "lmain_goto_l00000963"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); goto l00000963; - lmain_goto_l0000099c: - assume {:captureState "lmain_goto_l0000099c"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); - goto l0000099c; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; + return; } diff --git a/src/test/correct/ifbranches/gcc_pic/ifbranches.expected b/src/test/correct/ifbranches/gcc_pic/ifbranches.expected index da091cc0a..a642b9102 100644 --- a/src/test/correct/ifbranches/gcc_pic/ifbranches.expected +++ b/src/test/correct/ifbranches/gcc_pic/ifbranches.expected @@ -228,12 +228,10 @@ procedure main() stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 24bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 24bv64), Gamma_R0); assume {:captureState "%00000973"} true; goto l00000975; - l0000099c: - assume {:captureState "l0000099c"} true; - R0, Gamma_R0 := 1bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 24bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 24bv64), Gamma_R0); - assume {:captureState "%000009a7"} true; - goto l00000975; + lmain_goto_l0000099c: + assume {:captureState "lmain_goto_l0000099c"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); + goto l0000099c; l00000975: assume {:captureState "l00000975"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 24bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 24bv64)); @@ -242,13 +240,21 @@ procedure main() assume {:captureState "%00000988"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; - return; + goto main_return; + l0000099c: + assume {:captureState "l0000099c"} true; + R0, Gamma_R0 := 1bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 24bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 24bv64), Gamma_R0); + assume {:captureState "%000009a7"} true; + goto l00000975; lmain_goto_l00000963: assume {:captureState "lmain_goto_l00000963"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); goto l00000963; - lmain_goto_l0000099c: - assume {:captureState "lmain_goto_l0000099c"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); - goto l0000099c; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; + return; } diff --git a/src/test/correct/ifglobal/clang/ifglobal.expected b/src/test/correct/ifglobal/clang/ifglobal.expected index 70d46adf3..2772c52d5 100644 --- a/src/test/correct/ifglobal/clang/ifglobal.expected +++ b/src/test/correct/ifglobal/clang/ifglobal.expected @@ -220,49 +220,55 @@ procedure main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; goto lmain_goto_l0000031e, lmain_goto_l00000321; - l00000321: - assume {:captureState "l00000321"} true; - R8, Gamma_R8 := 1bv64, true; - goto l00000324; - l0000031e: - assume {:captureState "l0000031e"} true; - R8, Gamma_R8 := 0bv64, true; - goto l00000324; + l00000324_goto_l0000032c: + assume {:captureState "l00000324_goto_l0000032c"} true; + assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); + goto l0000032c; l00000324: assume {:captureState "l00000324"} true; assert Gamma_R8; goto l00000324_goto_l0000032c, l00000324_goto_l00000343; - l00000343: - assume {:captureState "l00000343"} true; - goto l00000344; - l00000344: - assume {:captureState "l00000344"} true; - R8, Gamma_R8 := 1bv64, true; - R9, Gamma_R9 := 69632bv64, true; - call rely(); - assert (L(mem, bvadd64(R9, 52bv64)) ==> Gamma_R8); - mem, Gamma_mem := memory_store32_le(mem, bvadd64(R9, 52bv64), R8[32:0]), gamma_store32(Gamma_mem, bvadd64(R9, 52bv64), Gamma_R8); - assume {:captureState "%00000357"} true; - goto l0000032c; l0000032c: assume {:captureState "l0000032c"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; - return; - lmain_goto_l0000031e: - assume {:captureState "lmain_goto_l0000031e"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l0000031e; + goto main_return; lmain_goto_l00000321: assume {:captureState "lmain_goto_l00000321"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); goto l00000321; - l00000324_goto_l0000032c: - assume {:captureState "l00000324_goto_l0000032c"} true; - assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); - goto l0000032c; l00000324_goto_l00000343: assume {:captureState "l00000324_goto_l00000343"} true; assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); goto l00000343; + l0000031e: + assume {:captureState "l0000031e"} true; + R8, Gamma_R8 := 0bv64, true; + goto l00000324; + lmain_goto_l0000031e: + assume {:captureState "lmain_goto_l0000031e"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l0000031e; + l00000344: + assume {:captureState "l00000344"} true; + R8, Gamma_R8 := 1bv64, true; + R9, Gamma_R9 := 69632bv64, true; + call rely(); + assert (L(mem, bvadd64(R9, 52bv64)) ==> Gamma_R8); + mem, Gamma_mem := memory_store32_le(mem, bvadd64(R9, 52bv64), R8[32:0]), gamma_store32(Gamma_mem, bvadd64(R9, 52bv64), Gamma_R8); + assume {:captureState "%00000357"} true; + goto l0000032c; + l00000321: + assume {:captureState "l00000321"} true; + R8, Gamma_R8 := 1bv64, true; + goto l00000324; + l00000343: + assume {:captureState "l00000343"} true; + goto l00000344; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; + return; } diff --git a/src/test/correct/ifglobal/clang_O2/ifglobal.expected b/src/test/correct/ifglobal/clang_O2/ifglobal.expected index 2181d6c4f..af49c16ff 100644 --- a/src/test/correct/ifglobal/clang_O2/ifglobal.expected +++ b/src/test/correct/ifglobal/clang_O2/ifglobal.expected @@ -188,6 +188,18 @@ procedure main() R9, Gamma_R9 := zero_extend32_32(memory_load32_le(mem, bvadd64(R8, 52bv64))), (gamma_load32(Gamma_mem, bvadd64(R8, 52bv64)) || L(mem, bvadd64(R8, 52bv64))); assert Gamma_R9; goto lmain_goto_l000002dc, lmain_goto_l000002f8; + lmain_goto_l000002dc: + assume {:captureState "lmain_goto_l000002dc"} true; + assume (bvcomp32(R9[32:0], 0bv32) != 0bv1); + goto l000002dc; + l000002f8: + assume {:captureState "l000002f8"} true; + R0, Gamma_R0 := 0bv64, true; + goto main_return; + lmain_goto_l000002f8: + assume {:captureState "lmain_goto_l000002f8"} true; + assume (bvcomp32(R9[32:0], 0bv32) == 0bv1); + goto l000002f8; l000002dc: assume {:captureState "l000002dc"} true; R9, Gamma_R9 := 1bv64, true; @@ -196,17 +208,11 @@ procedure main() mem, Gamma_mem := memory_store32_le(mem, bvadd64(R8, 52bv64), R9[32:0]), gamma_store32(Gamma_mem, bvadd64(R8, 52bv64), Gamma_R9); assume {:captureState "%000002ec"} true; R0, Gamma_R0 := 0bv64, true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; - l000002f8: - assume {:captureState "l000002f8"} true; - R0, Gamma_R0 := 0bv64, true; - return; - lmain_goto_l000002dc: - assume {:captureState "lmain_goto_l000002dc"} true; - assume (bvcomp32(R9[32:0], 0bv32) != 0bv1); - goto l000002dc; - lmain_goto_l000002f8: - assume {:captureState "lmain_goto_l000002f8"} true; - assume (bvcomp32(R9[32:0], 0bv32) == 0bv1); - goto l000002f8; } diff --git a/src/test/correct/ifglobal/clang_no_plt_no_pic/ifglobal.expected b/src/test/correct/ifglobal/clang_no_plt_no_pic/ifglobal.expected index c434815ef..edfe619a2 100644 --- a/src/test/correct/ifglobal/clang_no_plt_no_pic/ifglobal.expected +++ b/src/test/correct/ifglobal/clang_no_plt_no_pic/ifglobal.expected @@ -220,14 +220,15 @@ procedure main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; goto lmain_goto_l00000930, lmain_goto_l0000092d; - l00000930: - assume {:captureState "l00000930"} true; - R8, Gamma_R8 := 1bv64, true; - goto l00000933; l0000092d: assume {:captureState "l0000092d"} true; R8, Gamma_R8 := 0bv64, true; goto l00000933; + l0000093b: + assume {:captureState "l0000093b"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); + R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; l00000933: assume {:captureState "l00000933"} true; assert Gamma_R8; @@ -235,6 +236,10 @@ procedure main() l00000952: assume {:captureState "l00000952"} true; goto l00000953; + l00000930: + assume {:captureState "l00000930"} true; + R8, Gamma_R8 := 1bv64, true; + goto l00000933; l00000953: assume {:captureState "l00000953"} true; R8, Gamma_R8 := 1bv64, true; @@ -244,25 +249,26 @@ procedure main() mem, Gamma_mem := memory_store32_le(mem, bvadd64(R9, 52bv64), R8[32:0]), gamma_store32(Gamma_mem, bvadd64(R9, 52bv64), Gamma_R8); assume {:captureState "%00000966"} true; goto l0000093b; - l0000093b: - assume {:captureState "l0000093b"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); - R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; - return; - lmain_goto_l0000092d: - assume {:captureState "lmain_goto_l0000092d"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l0000092d; - lmain_goto_l00000930: - assume {:captureState "lmain_goto_l00000930"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l00000930; l00000933_goto_l0000093b: assume {:captureState "l00000933_goto_l0000093b"} true; assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); goto l0000093b; + lmain_goto_l00000930: + assume {:captureState "lmain_goto_l00000930"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l00000930; l00000933_goto_l00000952: assume {:captureState "l00000933_goto_l00000952"} true; assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); goto l00000952; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + lmain_goto_l0000092d: + assume {:captureState "lmain_goto_l0000092d"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l0000092d; + main_return: + assume {:captureState "main_return"} true; + return; } diff --git a/src/test/correct/ifglobal/clang_pic/ifglobal.expected b/src/test/correct/ifglobal/clang_pic/ifglobal.expected index f58241469..54a4b38a4 100644 --- a/src/test/correct/ifglobal/clang_pic/ifglobal.expected +++ b/src/test/correct/ifglobal/clang_pic/ifglobal.expected @@ -254,21 +254,18 @@ procedure main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; goto lmain_goto_l00000330, lmain_goto_l0000032d; - l00000330: - assume {:captureState "l00000330"} true; - R8, Gamma_R8 := 1bv64, true; - goto l00000333; + lmain_goto_l00000330: + assume {:captureState "lmain_goto_l00000330"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l00000330; l0000032d: assume {:captureState "l0000032d"} true; R8, Gamma_R8 := 0bv64, true; goto l00000333; - l00000333: - assume {:captureState "l00000333"} true; - assert Gamma_R8; - goto l00000333_goto_l0000033b, l00000333_goto_l00000352; - l00000352: - assume {:captureState "l00000352"} true; - goto l00000353; + lmain_goto_l0000032d: + assume {:captureState "lmain_goto_l0000032d"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l0000032d; l00000353: assume {:captureState "l00000353"} true; R8, Gamma_R8 := 1bv64, true; @@ -280,19 +277,25 @@ procedure main() mem, Gamma_mem := memory_store32_le(mem, R9, R8[32:0]), gamma_store32(Gamma_mem, R9, Gamma_R8); assume {:captureState "%0000036d"} true; goto l0000033b; + l00000352: + assume {:captureState "l00000352"} true; + goto l00000353; + l00000330: + assume {:captureState "l00000330"} true; + R8, Gamma_R8 := 1bv64, true; + goto l00000333; + l00000333: + assume {:captureState "l00000333"} true; + assert Gamma_R8; + goto l00000333_goto_l0000033b, l00000333_goto_l00000352; l0000033b: assume {:captureState "l0000033b"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; - return; - lmain_goto_l0000032d: - assume {:captureState "lmain_goto_l0000032d"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l0000032d; - lmain_goto_l00000330: - assume {:captureState "lmain_goto_l00000330"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l00000330; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; l00000333_goto_l0000033b: assume {:captureState "l00000333_goto_l0000033b"} true; assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); @@ -301,4 +304,7 @@ procedure main() assume {:captureState "l00000333_goto_l00000352"} true; assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); goto l00000352; + main_return: + assume {:captureState "main_return"} true; + return; } diff --git a/src/test/correct/ifglobal/gcc/ifglobal.expected b/src/test/correct/ifglobal/gcc/ifglobal.expected index ca03efa47..0e88f79c5 100644 --- a/src/test/correct/ifglobal/gcc/ifglobal.expected +++ b/src/test/correct/ifglobal/gcc/ifglobal.expected @@ -209,6 +209,18 @@ procedure main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; goto lmain_goto_l00000311, lmain_goto_l00000302; + l00000302: + assume {:captureState "l00000302"} true; + R0, Gamma_R0 := 0bv64, true; + goto main_return; + lmain_goto_l00000311: + assume {:captureState "lmain_goto_l00000311"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); + goto l00000311; + lmain_goto_l00000302: + assume {:captureState "lmain_goto_l00000302"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); + goto l00000302; l00000311: assume {:captureState "l00000311"} true; R0, Gamma_R0 := 69632bv64, true; @@ -219,16 +231,10 @@ procedure main() mem, Gamma_mem := memory_store32_le(mem, R0, R1[32:0]), gamma_store32(Gamma_mem, R0, Gamma_R1); assume {:captureState "%00000327"} true; goto l00000302; - l00000302: - assume {:captureState "l00000302"} true; - R0, Gamma_R0 := 0bv64, true; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; - lmain_goto_l00000302: - assume {:captureState "lmain_goto_l00000302"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); - goto l00000302; - lmain_goto_l00000311: - assume {:captureState "lmain_goto_l00000311"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); - goto l00000311; } diff --git a/src/test/correct/ifglobal/gcc_O2/ifglobal.expected b/src/test/correct/ifglobal/gcc_O2/ifglobal.expected index 07170dee4..b535d3144 100644 --- a/src/test/correct/ifglobal/gcc_O2/ifglobal.expected +++ b/src/test/correct/ifglobal/gcc_O2/ifglobal.expected @@ -187,6 +187,14 @@ procedure main() R1, Gamma_R1 := zero_extend32_32(memory_load32_le(mem, bvadd64(R0, 20bv64))), (gamma_load32(Gamma_mem, bvadd64(R0, 20bv64)) || L(mem, bvadd64(R0, 20bv64))); assert Gamma_R1; goto lmain_goto_l000001b7, lmain_goto_l00000396; + lmain_goto_l00000396: + assume {:captureState "lmain_goto_l00000396"} true; + assume (bvnot1(bvcomp32(R1[32:0], 0bv32)) == 0bv1); + goto l00000396; + l000001b7: + assume {:captureState "l000001b7"} true; + R0, Gamma_R0 := 0bv64, true; + goto main_return; l00000396: assume {:captureState "l00000396"} true; R1, Gamma_R1 := 1bv64, true; @@ -195,16 +203,14 @@ procedure main() mem, Gamma_mem := memory_store32_le(mem, bvadd64(R0, 20bv64), R1[32:0]), gamma_store32(Gamma_mem, bvadd64(R0, 20bv64), Gamma_R1); assume {:captureState "%000003a1"} true; goto l000001b7; - l000001b7: - assume {:captureState "l000001b7"} true; - R0, Gamma_R0 := 0bv64, true; - return; lmain_goto_l000001b7: assume {:captureState "lmain_goto_l000001b7"} true; assume (bvnot1(bvcomp32(R1[32:0], 0bv32)) != 0bv1); goto l000001b7; - lmain_goto_l00000396: - assume {:captureState "lmain_goto_l00000396"} true; - assume (bvnot1(bvcomp32(R1[32:0], 0bv32)) == 0bv1); - goto l00000396; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; + return; } diff --git a/src/test/correct/ifglobal/gcc_no_plt_no_pic/ifglobal.expected b/src/test/correct/ifglobal/gcc_no_plt_no_pic/ifglobal.expected index 643fff971..5aaf4942c 100644 --- a/src/test/correct/ifglobal/gcc_no_plt_no_pic/ifglobal.expected +++ b/src/test/correct/ifglobal/gcc_no_plt_no_pic/ifglobal.expected @@ -209,6 +209,10 @@ procedure main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; goto lmain_goto_l000008e5, lmain_goto_l000008d6; + l000008d6: + assume {:captureState "l000008d6"} true; + R0, Gamma_R0 := 0bv64, true; + goto main_return; l000008e5: assume {:captureState "l000008e5"} true; R0, Gamma_R0 := 69632bv64, true; @@ -219,16 +223,18 @@ procedure main() mem, Gamma_mem := memory_store32_le(mem, R0, R1[32:0]), gamma_store32(Gamma_mem, R0, Gamma_R1); assume {:captureState "%000008fb"} true; goto l000008d6; - l000008d6: - assume {:captureState "l000008d6"} true; - R0, Gamma_R0 := 0bv64, true; - return; - lmain_goto_l000008d6: - assume {:captureState "lmain_goto_l000008d6"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); - goto l000008d6; lmain_goto_l000008e5: assume {:captureState "lmain_goto_l000008e5"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); goto l000008e5; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + lmain_goto_l000008d6: + assume {:captureState "lmain_goto_l000008d6"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); + goto l000008d6; + main_return: + assume {:captureState "main_return"} true; + return; } diff --git a/src/test/correct/ifglobal/gcc_pic/ifglobal.expected b/src/test/correct/ifglobal/gcc_pic/ifglobal.expected index 66adb7f43..cbf9a5a8d 100644 --- a/src/test/correct/ifglobal/gcc_pic/ifglobal.expected +++ b/src/test/correct/ifglobal/gcc_pic/ifglobal.expected @@ -256,13 +256,19 @@ procedure main() l00000303: assume {:captureState "l00000303"} true; R0, Gamma_R0 := 0bv64, true; - return; - lmain_goto_l00000303: - assume {:captureState "lmain_goto_l00000303"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); - goto l00000303; + goto main_return; lmain_goto_l00000312: assume {:captureState "lmain_goto_l00000312"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); goto l00000312; + lmain_goto_l00000303: + assume {:captureState "lmain_goto_l00000303"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); + goto l00000303; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; + return; } diff --git a/src/test/correct/indirect_call/clang_O2/indirect_call.expected b/src/test/correct/indirect_call/clang_O2/indirect_call.expected index d04773ed9..1f854f847 100644 --- a/src/test/correct/indirect_call/clang_O2/indirect_call.expected +++ b/src/test/correct/indirect_call/clang_O2/indirect_call.expected @@ -342,6 +342,12 @@ procedure main() R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/indirect_call/gcc_O2/indirect_call.expected b/src/test/correct/indirect_call/gcc_O2/indirect_call.expected index 992bdfc81..5b6a59856 100644 --- a/src/test/correct/indirect_call/gcc_O2/indirect_call.expected +++ b/src/test/correct/indirect_call/gcc_O2/indirect_call.expected @@ -318,6 +318,12 @@ procedure greet() call puts(); //no return target assume false; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + greet_return: + assume {:captureState "greet_return"} true; + return; } procedure main() @@ -527,17 +533,23 @@ procedure main() R30, Gamma_R30 := 1620bv64, true; call puts(); goto l000001ef; - l000001ef: - assume {:captureState "l000001ef"} true; - R30, Gamma_R30 := 1624bv64, true; - call greet(); - goto l00000205; l00000205: assume {:captureState "l00000205"} true; R0, Gamma_R0 := 0bv64, true; R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + l000001ef: + assume {:captureState "l000001ef"} true; + R30, Gamma_R30 := 1624bv64, true; + call greet(); + goto l00000205; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/initialisation/clang/initialisation.expected b/src/test/correct/initialisation/clang/initialisation.expected index 4a8b8a7ad..9806722fd 100644 --- a/src/test/correct/initialisation/clang/initialisation.expected +++ b/src/test/correct/initialisation/clang/initialisation.expected @@ -305,5 +305,11 @@ procedure main() mem, Gamma_mem := memory_store8_le(mem, bvadd64(R9, 52bv64), R8[8:0]), gamma_store8(Gamma_mem, bvadd64(R9, 52bv64), Gamma_R8); assume {:captureState "%00000381"} true; R0, Gamma_R0 := 0bv64, true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/initialisation/clang_O2/initialisation.expected b/src/test/correct/initialisation/clang_O2/initialisation.expected index 5bbd94028..566c1977f 100644 --- a/src/test/correct/initialisation/clang_O2/initialisation.expected +++ b/src/test/correct/initialisation/clang_O2/initialisation.expected @@ -291,5 +291,11 @@ procedure main() assert (L(mem, bvadd64(R12, 52bv64)) ==> Gamma_R10); mem, Gamma_mem := memory_store8_le(mem, bvadd64(R12, 52bv64), R10[8:0]), gamma_store8(Gamma_mem, bvadd64(R12, 52bv64), Gamma_R10); assume {:captureState "%00000367"} true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/initialisation/clang_no_plt_no_pic/initialisation.expected b/src/test/correct/initialisation/clang_no_plt_no_pic/initialisation.expected index 2487e0171..ba1dbdd5a 100644 --- a/src/test/correct/initialisation/clang_no_plt_no_pic/initialisation.expected +++ b/src/test/correct/initialisation/clang_no_plt_no_pic/initialisation.expected @@ -305,5 +305,11 @@ procedure main() mem, Gamma_mem := memory_store8_le(mem, bvadd64(R9, 52bv64), R8[8:0]), gamma_store8(Gamma_mem, bvadd64(R9, 52bv64), Gamma_R8); assume {:captureState "%000009c9"} true; R0, Gamma_R0 := 0bv64, true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/initialisation/clang_pic/initialisation.expected b/src/test/correct/initialisation/clang_pic/initialisation.expected index 6fb983d9b..edfff2997 100644 --- a/src/test/correct/initialisation/clang_pic/initialisation.expected +++ b/src/test/correct/initialisation/clang_pic/initialisation.expected @@ -405,5 +405,11 @@ procedure main() mem, Gamma_mem := memory_store8_le(mem, R9, R8[8:0]), gamma_store8(Gamma_mem, R9, Gamma_R8); assume {:captureState "%0000039a"} true; R0, Gamma_R0 := 0bv64, true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/initialisation/gcc/initialisation.expected b/src/test/correct/initialisation/gcc/initialisation.expected index cd8f95208..76f16a5e6 100644 --- a/src/test/correct/initialisation/gcc/initialisation.expected +++ b/src/test/correct/initialisation/gcc/initialisation.expected @@ -289,5 +289,11 @@ procedure main() mem, Gamma_mem := memory_store8_le(mem, R0, R1[8:0]), gamma_store8(Gamma_mem, R0, Gamma_R1); assume {:captureState "%000003d6"} true; R0, Gamma_R0 := 0bv64, true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/initialisation/gcc_O2/initialisation.expected b/src/test/correct/initialisation/gcc_O2/initialisation.expected index 0b0da4f5d..765b0e105 100644 --- a/src/test/correct/initialisation/gcc_O2/initialisation.expected +++ b/src/test/correct/initialisation/gcc_O2/initialisation.expected @@ -285,5 +285,11 @@ procedure main() assert (L(mem, bvadd64(R1, 24bv64)) ==> Gamma_R2); mem, Gamma_mem := memory_store8_le(mem, bvadd64(R1, 24bv64), R2[8:0]), gamma_store8(Gamma_mem, bvadd64(R1, 24bv64), Gamma_R2); assume {:captureState "%0000020a"} true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/initialisation/gcc_no_plt_no_pic/initialisation.expected b/src/test/correct/initialisation/gcc_no_plt_no_pic/initialisation.expected index 418adaae6..babee9188 100644 --- a/src/test/correct/initialisation/gcc_no_plt_no_pic/initialisation.expected +++ b/src/test/correct/initialisation/gcc_no_plt_no_pic/initialisation.expected @@ -289,5 +289,11 @@ procedure main() mem, Gamma_mem := memory_store8_le(mem, R0, R1[8:0]), gamma_store8(Gamma_mem, R0, Gamma_R1); assume {:captureState "%00000a89"} true; R0, Gamma_R0 := 0bv64, true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/initialisation/gcc_pic/initialisation.expected b/src/test/correct/initialisation/gcc_pic/initialisation.expected index 4f95961a3..f5cc117c9 100644 --- a/src/test/correct/initialisation/gcc_pic/initialisation.expected +++ b/src/test/correct/initialisation/gcc_pic/initialisation.expected @@ -393,5 +393,11 @@ procedure main() mem, Gamma_mem := memory_store8_le(mem, R0, R1[8:0]), gamma_store8(Gamma_mem, R0, Gamma_R1); assume {:captureState "%000003de"} true; R0, Gamma_R0 := 0bv64, true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/jumptable/clang_O2/jumptable.expected b/src/test/correct/jumptable/clang_O2/jumptable.expected index 8de643ece..d6fac803d 100644 --- a/src/test/correct/jumptable/clang_O2/jumptable.expected +++ b/src/test/correct/jumptable/clang_O2/jumptable.expected @@ -198,5 +198,11 @@ procedure main() assert (L(mem, bvadd64(R8, 48bv64)) ==> Gamma_R9); mem, Gamma_mem := memory_store32_le(mem, bvadd64(R8, 48bv64), R9[32:0]), gamma_store32(Gamma_mem, bvadd64(R8, 48bv64), Gamma_R9); assume {:captureState "%00000378"} true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/jumptable/gcc_O2/jumptable.expected b/src/test/correct/jumptable/gcc_O2/jumptable.expected index 0b02b32d3..60e368f18 100644 --- a/src/test/correct/jumptable/gcc_O2/jumptable.expected +++ b/src/test/correct/jumptable/gcc_O2/jumptable.expected @@ -199,6 +199,12 @@ procedure add_six() assert (L(mem, bvadd64(R1, 16bv64)) ==> Gamma_R0); mem, Gamma_mem := memory_store32_le(mem, bvadd64(R1, 16bv64), R0[32:0]), gamma_store32(Gamma_mem, bvadd64(R1, 16bv64), Gamma_R0); assume {:captureState "%00000252"} true; + goto add_six_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + add_six_return: + assume {:captureState "add_six_return"} true; return; } @@ -287,6 +293,12 @@ procedure add_two() assert (L(mem, bvadd64(R1, 16bv64)) ==> Gamma_R0); mem, Gamma_mem := memory_store32_le(mem, bvadd64(R1, 16bv64), R0[32:0]), gamma_store32(Gamma_mem, bvadd64(R1, 16bv64), Gamma_R0); assume {:captureState "%00000233"} true; + goto add_two_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + add_two_return: + assume {:captureState "add_two_return"} true; return; } @@ -403,22 +415,28 @@ procedure main() R30, Gamma_R30 := 1548bv64, true; call add_two(); goto l0000027c; - l0000027c: - assume {:captureState "l0000027c"} true; - R30, Gamma_R30 := 1552bv64, true; - call add_six(); - goto l00000283; - l00000283: - assume {:captureState "l00000283"} true; - R30, Gamma_R30 := 1556bv64, true; - call sub_seven(); - goto l0000028a; l0000028a: assume {:captureState "l0000028a"} true; R0, Gamma_R0 := 0bv64, true; R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + l00000283: + assume {:captureState "l00000283"} true; + R30, Gamma_R30 := 1556bv64, true; + call sub_seven(); + goto l0000028a; + l0000027c: + assume {:captureState "l0000027c"} true; + R30, Gamma_R30 := 1552bv64, true; + call add_six(); + goto l00000283; + main_return: + assume {:captureState "main_return"} true; return; } @@ -507,5 +525,11 @@ procedure sub_seven() assert (L(mem, bvadd64(R1, 16bv64)) ==> Gamma_R0); mem, Gamma_mem := memory_store32_le(mem, bvadd64(R1, 16bv64), R0[32:0]), gamma_store32(Gamma_mem, bvadd64(R1, 16bv64), Gamma_R0); assume {:captureState "%00000275"} true; + goto sub_seven_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + sub_seven_return: + assume {:captureState "sub_seven_return"} true; return; } diff --git a/src/test/correct/jumptable3/gcc/jumptable3.expected b/src/test/correct/jumptable3/gcc/jumptable3.expected index 0fa14fbeb..09b2a2fc4 100644 --- a/src/test/correct/jumptable3/gcc/jumptable3.expected +++ b/src/test/correct/jumptable3/gcc/jumptable3.expected @@ -206,6 +206,12 @@ procedure add_six() assert (L(mem, R0) ==> Gamma_R1); mem, Gamma_mem := memory_store32_le(mem, R0, R1[32:0]), gamma_store32(Gamma_mem, R0, Gamma_R1); assume {:captureState "%00000511"} true; + goto add_six_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + add_six_return: + assume {:captureState "add_six_return"} true; return; } @@ -297,6 +303,12 @@ procedure add_two() assert (L(mem, R0) ==> Gamma_R1); mem, Gamma_mem := memory_store32_le(mem, R0, R1[32:0]), gamma_store32(Gamma_mem, R0, Gamma_R1); assume {:captureState "%000004df"} true; + goto add_two_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + add_two_return: + assume {:captureState "add_two_return"} true; return; } @@ -475,16 +487,53 @@ procedure main() NF, Gamma_NF := bvadd32(#5, 1bv32)[32:31], Gamma_#5; assert Gamma_ZF; goto lmain_goto_l000005e0, lmain_goto_l00000599; - l000005e0: - assume {:captureState "l000005e0"} true; + l00000758_goto_l000005d7: + assume {:captureState "l00000758_goto_l000005d7"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); + goto l000005d7; + l000006a3: + assume {:captureState "l000006a3"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #6, Gamma_#6 := bvadd32(R0[32:0], 4294967284bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#6, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934581bv33))), (Gamma_R0 && Gamma_#6); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#6, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967285bv33))), (Gamma_R0 && Gamma_#6); - ZF, Gamma_ZF := bvcomp32(bvadd32(#6, 1bv32), 0bv32), Gamma_#6; - NF, Gamma_NF := bvadd32(#6, 1bv32)[32:31], Gamma_#6; + #10, Gamma_#10 := bvadd32(R0[32:0], 4294967286bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#10, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934583bv33))), (Gamma_R0 && Gamma_#10); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#10, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967287bv33))), (Gamma_R0 && Gamma_#10); + ZF, Gamma_ZF := bvcomp32(bvadd32(#10, 1bv32), 0bv32), Gamma_#10; + NF, Gamma_NF := bvadd32(#10, 1bv32)[32:31], Gamma_#10; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l000005e0_goto_l000005d7, l000005e0_goto_l00000608; + goto l000006a3_goto_l000005d7, l000006a3_goto_l000006cb; + l0000088a_goto_l000008ab: + assume {:captureState "l0000088a_goto_l000008ab"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l000008ab; + l0000097b_goto_l00000974: + assume {:captureState "l0000097b_goto_l00000974"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l00000974; + l00000643_goto_l0000066b: + assume {:captureState "l00000643_goto_l0000066b"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); + goto l0000066b; + l000007d5_goto_l00000809: + assume {:captureState "l000007d5_goto_l00000809"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l00000809; + l00000862_goto_l000005d7: + assume {:captureState "l00000862_goto_l000005d7"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); + goto l000005d7; + l00000964: + assume {:captureState "l00000964"} true; + R30, Gamma_R30 := 2208bv64, true; + call add_two(); + goto l00000970; + l000006a3_goto_l000005d7: + assume {:captureState "l000006a3_goto_l000005d7"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); + goto l000005d7; + l00000943_goto_l0000097b: + assume {:captureState "l00000943_goto_l0000097b"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l0000097b; l00000608: assume {:captureState "l00000608"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -495,44 +544,62 @@ procedure main() NF, Gamma_NF := bvadd32(#7, 1bv32)[32:31], Gamma_#7; assert Gamma_ZF; goto l00000608_goto_l00000629, l00000608_goto_l00000643; - l00000629: - assume {:captureState "l00000629"} true; - R30, Gamma_R30 := 2288bv64, true; - call sub_seven(); - goto l00000635; - l00000635: - assume {:captureState "l00000635"} true; - R30, Gamma_R30 := 2292bv64, true; - call add_two(); - goto l0000063c; - l0000063c: - assume {:captureState "l0000063c"} true; - R30, Gamma_R30 := 2296bv64, true; - call add_six(); - goto l00000599; - l00000599: - assume {:captureState "l00000599"} true; - R30, Gamma_R30 := 2300bv64, true; - call sub_seven(); - goto l000005a5; - l000005a5: - assume {:captureState "l000005a5"} true; - R30, Gamma_R30 := 2304bv64, true; - call add_two(); - goto l000005ac; - l000005ac: - assume {:captureState "l000005ac"} true; - goto l000005ad; - l00000643: - assume {:captureState "l00000643"} true; + l000006cb_goto_l00000703: + assume {:captureState "l000006cb_goto_l00000703"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l00000703; + l00000780_goto_l000007ad: + assume {:captureState "l00000780_goto_l000007ad"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l000007ad; + l00000809_goto_l000005d7: + assume {:captureState "l00000809_goto_l000005d7"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); + goto l000005d7; + l000007d5_goto_l000007f6: + assume {:captureState "l000007d5_goto_l000007f6"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l000007f6; + l000008c2_goto_l000008ea: + assume {:captureState "l000008c2_goto_l000008ea"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); + goto l000008ea; + l0000066b_goto_l000006a3: + assume {:captureState "l0000066b_goto_l000006a3"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l000006a3; + l000007ad: + assume {:captureState "l000007ad"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #8, Gamma_#8 := bvadd32(R0[32:0], 4294967285bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#8, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934582bv33))), (Gamma_R0 && Gamma_#8); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#8, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967286bv33))), (Gamma_R0 && Gamma_#8); - ZF, Gamma_ZF := bvcomp32(bvadd32(#8, 1bv32), 0bv32), Gamma_#8; - NF, Gamma_NF := bvadd32(#8, 1bv32)[32:31], Gamma_#8; + #16, Gamma_#16 := bvadd32(R0[32:0], 4294967289bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#16, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934586bv33))), (Gamma_R0 && Gamma_#16); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#16, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967290bv33))), (Gamma_R0 && Gamma_#16); + ZF, Gamma_ZF := bvcomp32(bvadd32(#16, 1bv32), 0bv32), Gamma_#16; + NF, Gamma_NF := bvadd32(#16, 1bv32)[32:31], Gamma_#16; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l00000643_goto_l000005d7, l00000643_goto_l0000066b; + goto l000007ad_goto_l000007d5, l000007ad_goto_l000005d7; + l0000097b_goto_l000009a1: + assume {:captureState "l0000097b_goto_l000009a1"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l000009a1; + l00000831: + assume {:captureState "l00000831"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #19, Gamma_#19 := bvadd32(R0[32:0], 4294967291bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#19, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934588bv33))), (Gamma_R0 && Gamma_#19); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#19, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967292bv33))), (Gamma_R0 && Gamma_#19); + ZF, Gamma_ZF := bvcomp32(bvadd32(#19, 1bv32), 0bv32), Gamma_#19; + NF, Gamma_NF := bvadd32(#19, 1bv32)[32:31], Gamma_#19; + assert Gamma_ZF; + goto l00000831_goto_l00000862, l00000831_goto_l00000852; + l00000862_goto_l0000088a: + assume {:captureState "l00000862_goto_l0000088a"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); + goto l0000088a; + l0000088a_goto_l000008c2: + assume {:captureState "l0000088a_goto_l000008c2"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l000008c2; l0000066b: assume {:captureState "l0000066b"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -543,39 +610,42 @@ procedure main() NF, Gamma_NF := bvadd32(#9, 1bv32)[32:31], Gamma_#9; assert Gamma_ZF; goto l0000066b_goto_l000006a3, l0000066b_goto_l0000068c; - l0000068c: - assume {:captureState "l0000068c"} true; - R30, Gamma_R30 := 2276bv64, true; - call add_two(); - goto l00000698; - l00000698: - assume {:captureState "l00000698"} true; - R30, Gamma_R30 := 2280bv64, true; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + l000007a1: + assume {:captureState "l000007a1"} true; + R30, Gamma_R30 := 2256bv64, true; call add_six(); - goto l0000069f; - l0000069f: - assume {:captureState "l0000069f"} true; - goto l000005ad; - l000006a3: - assume {:captureState "l000006a3"} true; + goto l0000074c; + l000008c2: + assume {:captureState "l000008c2"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #10, Gamma_#10 := bvadd32(R0[32:0], 4294967286bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#10, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934583bv33))), (Gamma_R0 && Gamma_#10); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#10, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967287bv33))), (Gamma_R0 && Gamma_#10); - ZF, Gamma_ZF := bvcomp32(bvadd32(#10, 1bv32), 0bv32), Gamma_#10; - NF, Gamma_NF := bvadd32(#10, 1bv32)[32:31], Gamma_#10; + #22, Gamma_#22 := bvadd32(R0[32:0], 4294967292bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#22, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934589bv33))), (Gamma_R0 && Gamma_#22); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#22, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967293bv33))), (Gamma_R0 && Gamma_#22); + ZF, Gamma_ZF := bvcomp32(bvadd32(#22, 1bv32), 0bv32), Gamma_#22; + NF, Gamma_NF := bvadd32(#22, 1bv32)[32:31], Gamma_#22; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l000006a3_goto_l000005d7, l000006a3_goto_l000006cb; - l000006cb: - assume {:captureState "l000006cb"} true; + goto l000008c2_goto_l000008ea, l000008c2_goto_l000005d7; + l000007ad_goto_l000007d5: + assume {:captureState "l000007ad_goto_l000007d5"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); + goto l000007d5; + l000006a3_goto_l000006cb: + assume {:captureState "l000006a3_goto_l000006cb"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); + goto l000006cb; + l00000780: + assume {:captureState "l00000780"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #11, Gamma_#11 := bvadd32(R0[32:0], 4294967287bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#11, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934584bv33))), (Gamma_R0 && Gamma_#11); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#11, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967288bv33))), (Gamma_R0 && Gamma_#11); - ZF, Gamma_ZF := bvcomp32(bvadd32(#11, 1bv32), 0bv32), Gamma_#11; - NF, Gamma_NF := bvadd32(#11, 1bv32)[32:31], Gamma_#11; + #15, Gamma_#15 := bvadd32(R0[32:0], 4294967289bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#15, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934586bv33))), (Gamma_R0 && Gamma_#15); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#15, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967290bv33))), (Gamma_R0 && Gamma_#15); + ZF, Gamma_ZF := bvcomp32(bvadd32(#15, 1bv32), 0bv32), Gamma_#15; + NF, Gamma_NF := bvadd32(#15, 1bv32)[32:31], Gamma_#15; assert Gamma_ZF; - goto l000006cb_goto_l00000703, l000006cb_goto_l000006ec; + goto l00000780_goto_l000007a1, l00000780_goto_l000007ad; l00000703: assume {:captureState "l00000703"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -586,127 +656,95 @@ procedure main() NF, Gamma_NF := bvadd32(#12, 1bv32)[32:31], Gamma_#12; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); goto l00000703_goto_l0000072b, l00000703_goto_l000005d7; - l0000072b: - assume {:captureState "l0000072b"} true; + l000008be: + assume {:captureState "l000008be"} true; + goto l000005ad; + l00000943: + assume {:captureState "l00000943"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #13, Gamma_#13 := bvadd32(R0[32:0], 4294967288bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#13, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934585bv33))), (Gamma_R0 && Gamma_#13); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#13, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967289bv33))), (Gamma_R0 && Gamma_#13); - ZF, Gamma_ZF := bvcomp32(bvadd32(#13, 1bv32), 0bv32), Gamma_#13; - NF, Gamma_NF := bvadd32(#13, 1bv32)[32:31], Gamma_#13; + #25, Gamma_#25 := bvadd32(R0[32:0], 4294967295bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#25, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 0bv33))), (Gamma_R0 && Gamma_#25); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#25, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967296bv33))), (Gamma_R0 && Gamma_#25); + ZF, Gamma_ZF := bvcomp32(bvadd32(#25, 1bv32), 0bv32), Gamma_#25; + NF, Gamma_NF := bvadd32(#25, 1bv32)[32:31], Gamma_#25; assert Gamma_ZF; - goto l0000072b_goto_l00000758, l0000072b_goto_l0000074c; - l00000758: - assume {:captureState "l00000758"} true; + goto l00000943_goto_l0000097b, l00000943_goto_l00000964; + l000006ff: + assume {:captureState "l000006ff"} true; + goto l000005ad; + l00000943_goto_l00000964: + assume {:captureState "l00000943_goto_l00000964"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l00000964; + l0000091b: + assume {:captureState "l0000091b"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #14, Gamma_#14 := bvadd32(R0[32:0], 4294967288bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#14, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934585bv33))), (Gamma_R0 && Gamma_#14); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#14, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967289bv33))), (Gamma_R0 && Gamma_#14); - ZF, Gamma_ZF := bvcomp32(bvadd32(#14, 1bv32), 0bv32), Gamma_#14; - NF, Gamma_NF := bvadd32(#14, 1bv32)[32:31], Gamma_#14; + #24, Gamma_#24 := bvadd32(R0[32:0], 4294967293bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#24, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934590bv33))), (Gamma_R0 && Gamma_#24); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#24, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967294bv33))), (Gamma_R0 && Gamma_#24); + ZF, Gamma_ZF := bvcomp32(bvadd32(#24, 1bv32), 0bv32), Gamma_#24; + NF, Gamma_NF := bvadd32(#24, 1bv32)[32:31], Gamma_#24; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l00000758_goto_l000005d7, l00000758_goto_l00000780; - l00000780: - assume {:captureState "l00000780"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #15, Gamma_#15 := bvadd32(R0[32:0], 4294967289bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#15, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934586bv33))), (Gamma_R0 && Gamma_#15); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#15, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967290bv33))), (Gamma_R0 && Gamma_#15); - ZF, Gamma_ZF := bvcomp32(bvadd32(#15, 1bv32), 0bv32), Gamma_#15; - NF, Gamma_NF := bvadd32(#15, 1bv32)[32:31], Gamma_#15; - assert Gamma_ZF; - goto l00000780_goto_l000007a1, l00000780_goto_l000007ad; - l000007ad: - assume {:captureState "l000007ad"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #16, Gamma_#16 := bvadd32(R0[32:0], 4294967289bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#16, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934586bv33))), (Gamma_R0 && Gamma_#16); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#16, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967290bv33))), (Gamma_R0 && Gamma_#16); - ZF, Gamma_ZF := bvcomp32(bvadd32(#16, 1bv32), 0bv32), Gamma_#16; - NF, Gamma_NF := bvadd32(#16, 1bv32)[32:31], Gamma_#16; - assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l000007ad_goto_l000007d5, l000007ad_goto_l000005d7; - l000007d5: - assume {:captureState "l000007d5"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #17, Gamma_#17 := bvadd32(R0[32:0], 4294967290bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#17, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934587bv33))), (Gamma_R0 && Gamma_#17); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#17, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967291bv33))), (Gamma_R0 && Gamma_#17); - ZF, Gamma_ZF := bvcomp32(bvadd32(#17, 1bv32), 0bv32), Gamma_#17; - NF, Gamma_NF := bvadd32(#17, 1bv32)[32:31], Gamma_#17; - assert Gamma_ZF; - goto l000007d5_goto_l00000809, l000007d5_goto_l000007f6; - l000007f6: - assume {:captureState "l000007f6"} true; - R30, Gamma_R30 := 2248bv64, true; + goto l0000091b_goto_l00000943, l0000091b_goto_l000005d7; + l000005d7: + assume {:captureState "l000005d7"} true; + R0, Gamma_R0 := 1bv64, true; + goto l000005c2; + l000006f8: + assume {:captureState "l000006f8"} true; + R30, Gamma_R30 := 2268bv64, true; call add_six(); - goto l00000802; - l00000802: - assume {:captureState "l00000802"} true; - R30, Gamma_R30 := 2252bv64, true; - call add_two(); - goto l000007a1; - l000007a1: - assume {:captureState "l000007a1"} true; - R30, Gamma_R30 := 2256bv64, true; + goto l000006ff; + l0000063c: + assume {:captureState "l0000063c"} true; + R30, Gamma_R30 := 2296bv64, true; call add_six(); - goto l0000074c; - l0000074c: - assume {:captureState "l0000074c"} true; - R30, Gamma_R30 := 2260bv64, true; + goto l00000599; + l00000758_goto_l00000780: + assume {:captureState "l00000758_goto_l00000780"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); + goto l00000780; + l000008b7: + assume {:captureState "l000008b7"} true; + R30, Gamma_R30 := 2232bv64, true; call sub_seven(); - goto l000006ec; + goto l000008be; + l000005e0_goto_l000005d7: + assume {:captureState "l000005e0_goto_l000005d7"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); + goto l000005d7; + l000008ab: + assume {:captureState "l000008ab"} true; + R30, Gamma_R30 := 2228bv64, true; + call add_two(); + goto l000008b7; l000006ec: assume {:captureState "l000006ec"} true; R30, Gamma_R30 := 2264bv64, true; call sub_seven(); goto l000006f8; - l000006f8: - assume {:captureState "l000006f8"} true; - R30, Gamma_R30 := 2268bv64, true; - call add_six(); - goto l000006ff; - l000006ff: - assume {:captureState "l000006ff"} true; - goto l000005ad; - l00000809: - assume {:captureState "l00000809"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #18, Gamma_#18 := bvadd32(R0[32:0], 4294967290bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#18, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934587bv33))), (Gamma_R0 && Gamma_#18); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#18, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967291bv33))), (Gamma_R0 && Gamma_#18); - ZF, Gamma_ZF := bvcomp32(bvadd32(#18, 1bv32), 0bv32), Gamma_#18; - NF, Gamma_NF := bvadd32(#18, 1bv32)[32:31], Gamma_#18; - assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l00000809_goto_l00000831, l00000809_goto_l000005d7; - l00000831: - assume {:captureState "l00000831"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #19, Gamma_#19 := bvadd32(R0[32:0], 4294967291bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#19, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934588bv33))), (Gamma_R0 && Gamma_#19); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#19, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967292bv33))), (Gamma_R0 && Gamma_#19); - ZF, Gamma_ZF := bvcomp32(bvadd32(#19, 1bv32), 0bv32), Gamma_#19; - NF, Gamma_NF := bvadd32(#19, 1bv32)[32:31], Gamma_#19; - assert Gamma_ZF; - goto l00000831_goto_l00000862, l00000831_goto_l00000852; - l00000852: - assume {:captureState "l00000852"} true; - R30, Gamma_R30 := 2240bv64, true; - call add_six(); - goto l0000085e; - l0000085e: - assume {:captureState "l0000085e"} true; - goto l000005ad; - l00000862: - assume {:captureState "l00000862"} true; + lmain_goto_l00000599: + assume {:captureState "lmain_goto_l00000599"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l00000599; + l00000703_goto_l0000072b: + assume {:captureState "l00000703_goto_l0000072b"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); + goto l0000072b; + l000005e0: + assume {:captureState "l000005e0"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #20, Gamma_#20 := bvadd32(R0[32:0], 4294967291bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#20, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934588bv33))), (Gamma_R0 && Gamma_#20); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#20, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967292bv33))), (Gamma_R0 && Gamma_#20); - ZF, Gamma_ZF := bvcomp32(bvadd32(#20, 1bv32), 0bv32), Gamma_#20; - NF, Gamma_NF := bvadd32(#20, 1bv32)[32:31], Gamma_#20; + #6, Gamma_#6 := bvadd32(R0[32:0], 4294967284bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#6, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934581bv33))), (Gamma_R0 && Gamma_#6); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#6, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967285bv33))), (Gamma_R0 && Gamma_#6); + ZF, Gamma_ZF := bvcomp32(bvadd32(#6, 1bv32), 0bv32), Gamma_#6; + NF, Gamma_NF := bvadd32(#6, 1bv32)[32:31], Gamma_#6; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l00000862_goto_l000005d7, l00000862_goto_l0000088a; + goto l000005e0_goto_l000005d7, l000005e0_goto_l00000608; + l0000066b_goto_l0000068c: + assume {:captureState "l0000066b_goto_l0000068c"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l0000068c; l0000088a: assume {:captureState "l0000088a"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -717,67 +755,83 @@ procedure main() NF, Gamma_NF := bvadd32(#21, 1bv32)[32:31], Gamma_#21; assert Gamma_ZF; goto l0000088a_goto_l000008ab, l0000088a_goto_l000008c2; - l000008ab: - assume {:captureState "l000008ab"} true; - R30, Gamma_R30 := 2228bv64, true; - call add_two(); - goto l000008b7; - l000008b7: - assume {:captureState "l000008b7"} true; - R30, Gamma_R30 := 2232bv64, true; + l00000809_goto_l00000831: + assume {:captureState "l00000809_goto_l00000831"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); + goto l00000831; + l0000090b: + assume {:captureState "l0000090b"} true; + R30, Gamma_R30 := 2220bv64, true; call sub_seven(); - goto l000008be; - l000008be: - assume {:captureState "l000008be"} true; - goto l000005ad; - l000008c2: - assume {:captureState "l000008c2"} true; + goto l00000917; + l0000074c: + assume {:captureState "l0000074c"} true; + R30, Gamma_R30 := 2260bv64, true; + call sub_seven(); + goto l000006ec; + l0000072b_goto_l0000074c: + assume {:captureState "l0000072b_goto_l0000074c"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l0000074c; + l000005c2: + assume {:captureState "l000005c2"} true; + R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); + R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); + R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; + goto main_return; + l00000802: + assume {:captureState "l00000802"} true; + R30, Gamma_R30 := 2252bv64, true; + call add_two(); + goto l000007a1; + l00000608_goto_l00000629: + assume {:captureState "l00000608_goto_l00000629"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l00000629; + l00000831_goto_l00000862: + assume {:captureState "l00000831_goto_l00000862"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l00000862; + l00000643: + assume {:captureState "l00000643"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #22, Gamma_#22 := bvadd32(R0[32:0], 4294967292bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#22, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934589bv33))), (Gamma_R0 && Gamma_#22); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#22, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967293bv33))), (Gamma_R0 && Gamma_#22); - ZF, Gamma_ZF := bvcomp32(bvadd32(#22, 1bv32), 0bv32), Gamma_#22; - NF, Gamma_NF := bvadd32(#22, 1bv32)[32:31], Gamma_#22; + #8, Gamma_#8 := bvadd32(R0[32:0], 4294967285bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#8, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934582bv33))), (Gamma_R0 && Gamma_#8); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#8, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967286bv33))), (Gamma_R0 && Gamma_#8); + ZF, Gamma_ZF := bvcomp32(bvadd32(#8, 1bv32), 0bv32), Gamma_#8; + NF, Gamma_NF := bvadd32(#8, 1bv32)[32:31], Gamma_#8; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l000008c2_goto_l000008ea, l000008c2_goto_l000005d7; - l000008ea: - assume {:captureState "l000008ea"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #23, Gamma_#23 := bvadd32(R0[32:0], 4294967293bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#23, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934590bv33))), (Gamma_R0 && Gamma_#23); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#23, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967294bv33))), (Gamma_R0 && Gamma_#23); - ZF, Gamma_ZF := bvcomp32(bvadd32(#23, 1bv32), 0bv32), Gamma_#23; - NF, Gamma_NF := bvadd32(#23, 1bv32)[32:31], Gamma_#23; - assert Gamma_ZF; - goto l000008ea_goto_l0000090b, l000008ea_goto_l0000091b; - l0000091b: - assume {:captureState "l0000091b"} true; + goto l00000643_goto_l000005d7, l00000643_goto_l0000066b; + l00000809: + assume {:captureState "l00000809"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #24, Gamma_#24 := bvadd32(R0[32:0], 4294967293bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#24, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934590bv33))), (Gamma_R0 && Gamma_#24); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#24, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967294bv33))), (Gamma_R0 && Gamma_#24); - ZF, Gamma_ZF := bvcomp32(bvadd32(#24, 1bv32), 0bv32), Gamma_#24; - NF, Gamma_NF := bvadd32(#24, 1bv32)[32:31], Gamma_#24; + #18, Gamma_#18 := bvadd32(R0[32:0], 4294967290bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#18, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934587bv33))), (Gamma_R0 && Gamma_#18); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#18, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967291bv33))), (Gamma_R0 && Gamma_#18); + ZF, Gamma_ZF := bvcomp32(bvadd32(#18, 1bv32), 0bv32), Gamma_#18; + NF, Gamma_NF := bvadd32(#18, 1bv32)[32:31], Gamma_#18; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l0000091b_goto_l00000943, l0000091b_goto_l000005d7; - l00000943: - assume {:captureState "l00000943"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #25, Gamma_#25 := bvadd32(R0[32:0], 4294967295bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#25, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 0bv33))), (Gamma_R0 && Gamma_#25); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#25, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967296bv33))), (Gamma_R0 && Gamma_#25); - ZF, Gamma_ZF := bvcomp32(bvadd32(#25, 1bv32), 0bv32), Gamma_#25; - NF, Gamma_NF := bvadd32(#25, 1bv32)[32:31], Gamma_#25; - assert Gamma_ZF; - goto l00000943_goto_l0000097b, l00000943_goto_l00000964; - l00000964: - assume {:captureState "l00000964"} true; - R30, Gamma_R30 := 2208bv64, true; - call add_two(); - goto l00000970; - l00000970: - assume {:captureState "l00000970"} true; + goto l00000809_goto_l00000831, l00000809_goto_l000005d7; + l0000091b_goto_l000005d7: + assume {:captureState "l0000091b_goto_l000005d7"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); + goto l000005d7; + l0000085e: + assume {:captureState "l0000085e"} true; goto l000005ad; + lmain_goto_l000005e0: + assume {:captureState "lmain_goto_l000005e0"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l000005e0; + l000008c2_goto_l000005d7: + assume {:captureState "l000008c2_goto_l000005d7"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); + goto l000005d7; + l000007f6: + assume {:captureState "l000007f6"} true; + R30, Gamma_R30 := 2248bv64, true; + call add_six(); + goto l00000802; l0000097b: assume {:captureState "l0000097b"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -788,215 +842,179 @@ procedure main() NF, Gamma_NF := bvadd32(#26, 1bv32)[32:31], Gamma_#26; assert Gamma_ZF; goto l0000097b_goto_l000009a1, l0000097b_goto_l00000974; - l00000974: - assume {:captureState "l00000974"} true; - R30, Gamma_R30 := 2216bv64, true; - call add_six(); - goto l0000090b; - l0000090b: - assume {:captureState "l0000090b"} true; - R30, Gamma_R30 := 2220bv64, true; - call sub_seven(); - goto l00000917; - l00000917: - assume {:captureState "l00000917"} true; - goto l000005ad; - l000005ad: - assume {:captureState "l000005ad"} true; - R0, Gamma_R0 := 69632bv64, true; - R0, Gamma_R0 := bvadd64(R0, 16bv64), Gamma_R0; - call rely(); - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, R0)), (gamma_load32(Gamma_mem, R0) || L(mem, R0)); - goto l000005c2; - l000009a1: - assume {:captureState "l000009a1"} true; - goto l000005d7; - l000005d7: - assume {:captureState "l000005d7"} true; - R0, Gamma_R0 := 1bv64, true; - goto l000005c2; - l000005c2: - assume {:captureState "l000005c2"} true; - R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); - R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); - R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; - return; - lmain_goto_l00000599: - assume {:captureState "lmain_goto_l00000599"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l00000599; - lmain_goto_l000005e0: - assume {:captureState "lmain_goto_l000005e0"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l000005e0; - l000005e0_goto_l000005d7: - assume {:captureState "l000005e0_goto_l000005d7"} true; + l00000643_goto_l000005d7: + assume {:captureState "l00000643_goto_l000005d7"} true; assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); goto l000005d7; - l000005e0_goto_l00000608: - assume {:captureState "l000005e0_goto_l00000608"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); - goto l00000608; - l00000608_goto_l00000629: - assume {:captureState "l00000608_goto_l00000629"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l00000629; l00000608_goto_l00000643: assume {:captureState "l00000608_goto_l00000643"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); goto l00000643; - l00000643_goto_l000005d7: - assume {:captureState "l00000643_goto_l000005d7"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); - goto l000005d7; - l00000643_goto_l0000066b: - assume {:captureState "l00000643_goto_l0000066b"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); - goto l0000066b; - l0000066b_goto_l0000068c: - assume {:captureState "l0000066b_goto_l0000068c"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l0000068c; - l0000066b_goto_l000006a3: - assume {:captureState "l0000066b_goto_l000006a3"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l000006a3; - l000006a3_goto_l000005d7: - assume {:captureState "l000006a3_goto_l000005d7"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); - goto l000005d7; - l000006a3_goto_l000006cb: - assume {:captureState "l000006a3_goto_l000006cb"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); - goto l000006cb; - l000006cb_goto_l000006ec: - assume {:captureState "l000006cb_goto_l000006ec"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l000006ec; - l000006cb_goto_l00000703: - assume {:captureState "l000006cb_goto_l00000703"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l00000703; - l00000703_goto_l000005d7: - assume {:captureState "l00000703_goto_l000005d7"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); - goto l000005d7; - l00000703_goto_l0000072b: - assume {:captureState "l00000703_goto_l0000072b"} true; + l0000091b_goto_l00000943: + assume {:captureState "l0000091b_goto_l00000943"} true; assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); - goto l0000072b; - l0000072b_goto_l0000074c: - assume {:captureState "l0000072b_goto_l0000074c"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l0000074c; + goto l00000943; + l00000758: + assume {:captureState "l00000758"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #14, Gamma_#14 := bvadd32(R0[32:0], 4294967288bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#14, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934585bv33))), (Gamma_R0 && Gamma_#14); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#14, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967289bv33))), (Gamma_R0 && Gamma_#14); + ZF, Gamma_ZF := bvcomp32(bvadd32(#14, 1bv32), 0bv32), Gamma_#14; + NF, Gamma_NF := bvadd32(#14, 1bv32)[32:31], Gamma_#14; + assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); + goto l00000758_goto_l000005d7, l00000758_goto_l00000780; l0000072b_goto_l00000758: assume {:captureState "l0000072b_goto_l00000758"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); goto l00000758; - l00000758_goto_l000005d7: - assume {:captureState "l00000758_goto_l000005d7"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); - goto l000005d7; - l00000758_goto_l00000780: - assume {:captureState "l00000758_goto_l00000780"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); - goto l00000780; - l00000780_goto_l000007a1: - assume {:captureState "l00000780_goto_l000007a1"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l000007a1; - l00000780_goto_l000007ad: - assume {:captureState "l00000780_goto_l000007ad"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l000007ad; - l000007ad_goto_l000005d7: - assume {:captureState "l000007ad_goto_l000005d7"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); - goto l000005d7; - l000007ad_goto_l000007d5: - assume {:captureState "l000007ad_goto_l000007d5"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); - goto l000007d5; - l000007d5_goto_l000007f6: - assume {:captureState "l000007d5_goto_l000007f6"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l000007f6; - l000007d5_goto_l00000809: - assume {:captureState "l000007d5_goto_l00000809"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l00000809; - l00000809_goto_l000005d7: - assume {:captureState "l00000809_goto_l000005d7"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); - goto l000005d7; - l00000809_goto_l00000831: - assume {:captureState "l00000809_goto_l00000831"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); - goto l00000831; + l000005ad: + assume {:captureState "l000005ad"} true; + R0, Gamma_R0 := 69632bv64, true; + R0, Gamma_R0 := bvadd64(R0, 16bv64), Gamma_R0; + call rely(); + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, R0)), (gamma_load32(Gamma_mem, R0) || L(mem, R0)); + goto l000005c2; + l00000635: + assume {:captureState "l00000635"} true; + R30, Gamma_R30 := 2292bv64, true; + call add_two(); + goto l0000063c; + l000005ac: + assume {:captureState "l000005ac"} true; + goto l000005ad; l00000831_goto_l00000852: assume {:captureState "l00000831_goto_l00000852"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); goto l00000852; - l00000831_goto_l00000862: - assume {:captureState "l00000831_goto_l00000862"} true; + l00000599: + assume {:captureState "l00000599"} true; + R30, Gamma_R30 := 2300bv64, true; + call sub_seven(); + goto l000005a5; + l000006cb: + assume {:captureState "l000006cb"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #11, Gamma_#11 := bvadd32(R0[32:0], 4294967287bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#11, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934584bv33))), (Gamma_R0 && Gamma_#11); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#11, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967288bv33))), (Gamma_R0 && Gamma_#11); + ZF, Gamma_ZF := bvcomp32(bvadd32(#11, 1bv32), 0bv32), Gamma_#11; + NF, Gamma_NF := bvadd32(#11, 1bv32)[32:31], Gamma_#11; + assert Gamma_ZF; + goto l000006cb_goto_l00000703, l000006cb_goto_l000006ec; + l00000917: + assume {:captureState "l00000917"} true; + goto l000005ad; + l000008ea_goto_l0000091b: + assume {:captureState "l000008ea_goto_l0000091b"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l00000862; - l00000862_goto_l000005d7: - assume {:captureState "l00000862_goto_l000005d7"} true; + goto l0000091b; + l000005a5: + assume {:captureState "l000005a5"} true; + R30, Gamma_R30 := 2304bv64, true; + call add_two(); + goto l000005ac; + l000009a1: + assume {:captureState "l000009a1"} true; + goto l000005d7; + l0000072b: + assume {:captureState "l0000072b"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #13, Gamma_#13 := bvadd32(R0[32:0], 4294967288bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#13, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934585bv33))), (Gamma_R0 && Gamma_#13); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#13, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967289bv33))), (Gamma_R0 && Gamma_#13); + ZF, Gamma_ZF := bvcomp32(bvadd32(#13, 1bv32), 0bv32), Gamma_#13; + NF, Gamma_NF := bvadd32(#13, 1bv32)[32:31], Gamma_#13; + assert Gamma_ZF; + goto l0000072b_goto_l00000758, l0000072b_goto_l0000074c; + l000007ad_goto_l000005d7: + assume {:captureState "l000007ad_goto_l000005d7"} true; assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); goto l000005d7; - l00000862_goto_l0000088a: - assume {:captureState "l00000862_goto_l0000088a"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); - goto l0000088a; - l0000088a_goto_l000008ab: - assume {:captureState "l0000088a_goto_l000008ab"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l000008ab; - l0000088a_goto_l000008c2: - assume {:captureState "l0000088a_goto_l000008c2"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l000008c2; - l000008c2_goto_l000005d7: - assume {:captureState "l000008c2_goto_l000005d7"} true; + l00000862: + assume {:captureState "l00000862"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #20, Gamma_#20 := bvadd32(R0[32:0], 4294967291bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#20, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934588bv33))), (Gamma_R0 && Gamma_#20); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#20, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967292bv33))), (Gamma_R0 && Gamma_#20); + ZF, Gamma_ZF := bvcomp32(bvadd32(#20, 1bv32), 0bv32), Gamma_#20; + NF, Gamma_NF := bvadd32(#20, 1bv32)[32:31], Gamma_#20; + assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); + goto l00000862_goto_l000005d7, l00000862_goto_l0000088a; + l00000703_goto_l000005d7: + assume {:captureState "l00000703_goto_l000005d7"} true; assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); goto l000005d7; - l000008c2_goto_l000008ea: - assume {:captureState "l000008c2_goto_l000008ea"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); - goto l000008ea; + l0000069f: + assume {:captureState "l0000069f"} true; + goto l000005ad; + l00000629: + assume {:captureState "l00000629"} true; + R30, Gamma_R30 := 2288bv64, true; + call sub_seven(); + goto l00000635; l000008ea_goto_l0000090b: assume {:captureState "l000008ea_goto_l0000090b"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); goto l0000090b; - l000008ea_goto_l0000091b: - assume {:captureState "l000008ea_goto_l0000091b"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l0000091b; - l0000091b_goto_l000005d7: - assume {:captureState "l0000091b_goto_l000005d7"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); - goto l000005d7; - l0000091b_goto_l00000943: - assume {:captureState "l0000091b_goto_l00000943"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); - goto l00000943; - l00000943_goto_l00000964: - assume {:captureState "l00000943_goto_l00000964"} true; + l000007d5: + assume {:captureState "l000007d5"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #17, Gamma_#17 := bvadd32(R0[32:0], 4294967290bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#17, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934587bv33))), (Gamma_R0 && Gamma_#17); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#17, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967291bv33))), (Gamma_R0 && Gamma_#17); + ZF, Gamma_ZF := bvcomp32(bvadd32(#17, 1bv32), 0bv32), Gamma_#17; + NF, Gamma_NF := bvadd32(#17, 1bv32)[32:31], Gamma_#17; + assert Gamma_ZF; + goto l000007d5_goto_l00000809, l000007d5_goto_l000007f6; + l00000970: + assume {:captureState "l00000970"} true; + goto l000005ad; + l00000974: + assume {:captureState "l00000974"} true; + R30, Gamma_R30 := 2216bv64, true; + call add_six(); + goto l0000090b; + l000008ea: + assume {:captureState "l000008ea"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #23, Gamma_#23 := bvadd32(R0[32:0], 4294967293bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#23, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934590bv33))), (Gamma_R0 && Gamma_#23); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#23, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967294bv33))), (Gamma_R0 && Gamma_#23); + ZF, Gamma_ZF := bvcomp32(bvadd32(#23, 1bv32), 0bv32), Gamma_#23; + NF, Gamma_NF := bvadd32(#23, 1bv32)[32:31], Gamma_#23; + assert Gamma_ZF; + goto l000008ea_goto_l0000090b, l000008ea_goto_l0000091b; + l00000698: + assume {:captureState "l00000698"} true; + R30, Gamma_R30 := 2280bv64, true; + call add_six(); + goto l0000069f; + l00000852: + assume {:captureState "l00000852"} true; + R30, Gamma_R30 := 2240bv64, true; + call add_six(); + goto l0000085e; + l000006cb_goto_l000006ec: + assume {:captureState "l000006cb_goto_l000006ec"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l00000964; - l00000943_goto_l0000097b: - assume {:captureState "l00000943_goto_l0000097b"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l0000097b; - l0000097b_goto_l00000974: - assume {:captureState "l0000097b_goto_l00000974"} true; + goto l000006ec; + l00000780_goto_l000007a1: + assume {:captureState "l00000780_goto_l000007a1"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l00000974; - l0000097b_goto_l000009a1: - assume {:captureState "l0000097b_goto_l000009a1"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l000009a1; + goto l000007a1; + l000005e0_goto_l00000608: + assume {:captureState "l000005e0_goto_l00000608"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); + goto l00000608; + l0000068c: + assume {:captureState "l0000068c"} true; + R30, Gamma_R30 := 2276bv64, true; + call add_two(); + goto l00000698; + main_return: + assume {:captureState "main_return"} true; + return; } procedure sub_seven() @@ -1087,5 +1105,11 @@ procedure sub_seven() assert (L(mem, R0) ==> Gamma_R1); mem, Gamma_mem := memory_store32_le(mem, R0, R1[32:0]), gamma_store32(Gamma_mem, R0, Gamma_R1); assume {:captureState "%00000543"} true; + goto sub_seven_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + sub_seven_return: + assume {:captureState "sub_seven_return"} true; return; } diff --git a/src/test/correct/jumptable3/gcc_O2/jumptable3.expected b/src/test/correct/jumptable3/gcc_O2/jumptable3.expected index 35ab2a3e8..dee6571a6 100644 --- a/src/test/correct/jumptable3/gcc_O2/jumptable3.expected +++ b/src/test/correct/jumptable3/gcc_O2/jumptable3.expected @@ -228,10 +228,14 @@ procedure main() NF, Gamma_NF := bvadd32(#1, 1bv32)[32:31], Gamma_#1; assert Gamma_ZF; goto lmain_goto_l00000317, lmain_goto_l00000753; - l00000753: - assume {:captureState "l00000753"} true; + l0000070c: + assume {:captureState "l0000070c"} true; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l00000753_goto_l0000075c, l00000753_goto_l000006e8; + goto l0000070c_goto_l00000644, l0000070c_goto_l00000715; + l0000077b_goto_l00000784: + assume {:captureState "l0000077b_goto_l00000784"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); + goto l00000784; l000006e8: assume {:captureState "l000006e8"} true; R1, Gamma_R1 := 69632bv64, true; @@ -242,20 +246,45 @@ procedure main() NF, Gamma_NF := bvadd32(#8, 1bv32)[32:31], Gamma_#8; assert Gamma_ZF; goto l000006e8_goto_l000005f9, l000006e8_goto_l0000070c; - l000005f9: - assume {:captureState "l000005f9"} true; + l00000753_goto_l0000075c: + assume {:captureState "l00000753_goto_l0000075c"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); + goto l0000075c; + l00000682: + assume {:captureState "l00000682"} true; + R1, Gamma_R1 := 69632bv64, true; call rely(); R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, bvadd64(R1, 16bv64))), (gamma_load32(Gamma_mem, bvadd64(R1, 16bv64)) || L(mem, bvadd64(R1, 16bv64))); R0, Gamma_R0 := zero_extend32_32(bvadd32(R0[32:0], 8bv32)), Gamma_R0; call rely(); assert (L(mem, bvadd64(R1, 16bv64)) ==> Gamma_R0); mem, Gamma_mem := memory_store32_le(mem, bvadd64(R1, 16bv64), R0[32:0]), gamma_store32(Gamma_mem, bvadd64(R1, 16bv64), Gamma_R0); - assume {:captureState "%0000060c"} true; - goto l00000360; - l0000070c: - assume {:captureState "l0000070c"} true; - assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l0000070c_goto_l00000644, l0000070c_goto_l00000715; + assume {:captureState "%0000069a"} true; + goto l00000317; + l00000784_goto_l000006ba: + assume {:captureState "l00000784_goto_l000006ba"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l000006ba; + l00000360: + assume {:captureState "l00000360"} true; + goto main_return; + l00000663_goto_l00000347: + assume {:captureState "l00000663_goto_l00000347"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); + goto l00000347; + l00000368: + assume {:captureState "l00000368"} true; + assert Gamma_R0; + goto l00000368_goto_l000005a3, l00000368_goto_l0000036b; + l000005bc: + assume {:captureState "l000005bc"} true; + #5, Gamma_#5 := bvadd32(R0[32:0], 4294967291bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#5, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934588bv33))), (Gamma_R0 && Gamma_#5); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#5, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967292bv33))), (Gamma_R0 && Gamma_#5); + ZF, Gamma_ZF := bvcomp32(bvadd32(#5, 1bv32), 0bv32), Gamma_#5; + NF, Gamma_NF := bvadd32(#5, 1bv32)[32:31], Gamma_#5; + assert Gamma_ZF; + goto l000005bc_goto_l00000682, l000005bc_goto_l000005d6; l00000644: assume {:captureState "l00000644"} true; #6, Gamma_#6 := bvadd32(R0[32:0], 4294967288bv32), Gamma_R0; @@ -265,15 +294,42 @@ procedure main() NF, Gamma_NF := bvadd32(#6, 1bv32)[32:31], Gamma_#6; assert Gamma_ZF; goto l00000644_goto_l00000663, l00000644_goto_l00000331; - l00000663: - assume {:captureState "l00000663"} true; - #7, Gamma_#7 := bvadd32(R0[32:0], 4294967287bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#7, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934584bv33))), (Gamma_R0 && Gamma_#7); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#7, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967288bv33))), (Gamma_R0 && Gamma_#7); - ZF, Gamma_ZF := bvcomp32(bvadd32(#7, 1bv32), 0bv32), Gamma_#7; - NF, Gamma_NF := bvadd32(#7, 1bv32)[32:31], Gamma_#7; - assert Gamma_ZF; - goto l00000663_goto_l00000347, l00000663_goto_l0000036b; + l0000070c_goto_l00000715: + assume {:captureState "l0000070c_goto_l00000715"} true; + assume (bvnot1(bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1))) == 0bv1); + goto l00000715; + l000005bc_goto_l00000682: + assume {:captureState "l000005bc_goto_l00000682"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l00000682; + l000005f9: + assume {:captureState "l000005f9"} true; + call rely(); + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, bvadd64(R1, 16bv64))), (gamma_load32(Gamma_mem, bvadd64(R1, 16bv64)) || L(mem, bvadd64(R1, 16bv64))); + R0, Gamma_R0 := zero_extend32_32(bvadd32(R0[32:0], 8bv32)), Gamma_R0; + call rely(); + assert (L(mem, bvadd64(R1, 16bv64)) ==> Gamma_R0); + mem, Gamma_mem := memory_store32_le(mem, bvadd64(R1, 16bv64), R0[32:0]), gamma_store32(Gamma_mem, bvadd64(R1, 16bv64), Gamma_R0); + assume {:captureState "%0000060c"} true; + goto l00000360; + l00000644_goto_l00000331: + assume {:captureState "l00000644_goto_l00000331"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l00000331; + l000007a8_goto_l00000368: + assume {:captureState "l000007a8_goto_l00000368"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); + goto l00000368; + l00000317: + assume {:captureState "l00000317"} true; + call rely(); + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, bvadd64(R1, 16bv64))), (gamma_load32(Gamma_mem, bvadd64(R1, 16bv64)) || L(mem, bvadd64(R1, 16bv64))); + R0, Gamma_R0 := zero_extend32_32(bvadd32(R0[32:0], 6bv32)), Gamma_R0; + call rely(); + assert (L(mem, bvadd64(R1, 16bv64)) ==> Gamma_R0); + mem, Gamma_mem := memory_store32_le(mem, bvadd64(R1, 16bv64), R0[32:0]), gamma_store32(Gamma_mem, bvadd64(R1, 16bv64), Gamma_R0); + assume {:captureState "%0000032f"} true; + goto l00000331; l00000715: assume {:captureState "l00000715"} true; #9, Gamma_#9 := bvadd32(R0[32:0], 4294967285bv32), Gamma_R0; @@ -283,290 +339,240 @@ procedure main() NF, Gamma_NF := bvadd32(#9, 1bv32)[32:31], Gamma_#9; assert Gamma_ZF; goto l00000715_goto_l00000612, l00000715_goto_l00000734; - l00000612: - assume {:captureState "l00000612"} true; + l00000784_goto_l000007a8: + assume {:captureState "l00000784_goto_l000007a8"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l000007a8; + l00000753: + assume {:captureState "l00000753"} true; + assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); + goto l00000753_goto_l0000075c, l00000753_goto_l000006e8; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + l00000663_goto_l0000036b: + assume {:captureState "l00000663_goto_l0000036b"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); + goto l0000036b; + l00000368_goto_l000005a3: + assume {:captureState "l00000368_goto_l000005a3"} true; + assume (bvnot1(bvcomp32(R0[32:0], 0bv32)) == 0bv1); + goto l000005a3; + l0000077b_goto_l000005bc: + assume {:captureState "l0000077b_goto_l000005bc"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); + goto l000005bc; + l000005a3: + assume {:captureState "l000005a3"} true; call rely(); R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, bvadd64(R1, 16bv64))), (gamma_load32(Gamma_mem, bvadd64(R1, 16bv64)) || L(mem, bvadd64(R1, 16bv64))); - R0, Gamma_R0 := zero_extend32_32(bvadd32(R0[32:0], 1bv32)), Gamma_R0; + R0, Gamma_R0 := zero_extend32_32(bvadd32(R0[32:0], 2bv32)), Gamma_R0; call rely(); assert (L(mem, bvadd64(R1, 16bv64)) ==> Gamma_R0); mem, Gamma_mem := memory_store32_le(mem, bvadd64(R1, 16bv64), R0[32:0]), gamma_store32(Gamma_mem, bvadd64(R1, 16bv64), Gamma_R0); - assume {:captureState "%00000625"} true; - goto l00000628; - l00000734: - assume {:captureState "l00000734"} true; - #10, Gamma_#10 := bvadd32(R0[32:0], 4294967284bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#10, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934581bv33))), (Gamma_R0 && Gamma_#10); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#10, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967285bv33))), (Gamma_R0 && Gamma_#10); - ZF, Gamma_ZF := bvcomp32(bvadd32(#10, 1bv32), 0bv32), Gamma_#10; - NF, Gamma_NF := bvadd32(#10, 1bv32)[32:31], Gamma_#10; + assume {:captureState "%000005b6"} true; + goto l00000360; + l00000715_goto_l00000612: + assume {:captureState "l00000715_goto_l00000612"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l00000612; + l00000784: + assume {:captureState "l00000784"} true; + R1, Gamma_R1 := 69632bv64, true; + #12, Gamma_#12 := bvadd32(R0[32:0], 4294967294bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#12, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934591bv33))), (Gamma_R0 && Gamma_#12); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#12, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967295bv33))), (Gamma_R0 && Gamma_#12); + ZF, Gamma_ZF := bvcomp32(bvadd32(#12, 1bv32), 0bv32), Gamma_#12; + NF, Gamma_NF := bvadd32(#12, 1bv32)[32:31], Gamma_#12; assert Gamma_ZF; - goto l00000734_goto_l0000036b, l00000734_goto_l00000628; - l00000628: - assume {:captureState "l00000628"} true; + goto l00000784_goto_l000006ba, l00000784_goto_l000007a8; + l00000663: + assume {:captureState "l00000663"} true; + #7, Gamma_#7 := bvadd32(R0[32:0], 4294967287bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#7, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934584bv33))), (Gamma_R0 && Gamma_#7); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#7, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967288bv33))), (Gamma_R0 && Gamma_#7); + ZF, Gamma_ZF := bvcomp32(bvadd32(#7, 1bv32), 0bv32), Gamma_#7; + NF, Gamma_NF := bvadd32(#7, 1bv32)[32:31], Gamma_#7; + assert Gamma_ZF; + goto l00000663_goto_l00000347, l00000663_goto_l0000036b; + l000007a8: + assume {:captureState "l000007a8"} true; + #13, Gamma_#13 := bvadd32(R0[32:0], 4294967293bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#13, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934590bv33))), (Gamma_R0 && Gamma_#13); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#13, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967294bv33))), (Gamma_R0 && Gamma_#13); + ZF, Gamma_ZF := bvcomp32(bvadd32(#13, 1bv32), 0bv32), Gamma_#13; + NF, Gamma_NF := bvadd32(#13, 1bv32)[32:31], Gamma_#13; + assert Gamma_ZF; + goto l000007a8_goto_l000006d0, l000007a8_goto_l00000368; + l00000734_goto_l0000036b: + assume {:captureState "l00000734_goto_l0000036b"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); + goto l0000036b; + l0000075c_goto_l0000077b: + assume {:captureState "l0000075c_goto_l0000077b"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l0000077b; + l00000347: + assume {:captureState "l00000347"} true; call rely(); R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, bvadd64(R1, 16bv64))), (gamma_load32(Gamma_mem, bvadd64(R1, 16bv64)) || L(mem, bvadd64(R1, 16bv64))); - R0, Gamma_R0 := zero_extend32_32(bvadd32(R0[32:0], 4294967291bv32)), Gamma_R0; + R0, Gamma_R0 := zero_extend32_32(bvadd32(R0[32:0], 4294967295bv32)), Gamma_R0; call rely(); assert (L(mem, bvadd64(R1, 16bv64)) ==> Gamma_R0); mem, Gamma_mem := memory_store32_le(mem, bvadd64(R1, 16bv64), R0[32:0]), gamma_store32(Gamma_mem, bvadd64(R1, 16bv64), Gamma_R0); - assume {:captureState "%0000063e"} true; + assume {:captureState "%0000035d"} true; goto l00000360; - l0000075c: - assume {:captureState "l0000075c"} true; - #11, Gamma_#11 := bvadd32(R0[32:0], 4294967292bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#11, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934589bv33))), (Gamma_R0 && Gamma_#11); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#11, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967293bv33))), (Gamma_R0 && Gamma_#11); - ZF, Gamma_ZF := bvcomp32(bvadd32(#11, 1bv32), 0bv32), Gamma_#11; - NF, Gamma_NF := bvadd32(#11, 1bv32)[32:31], Gamma_#11; - assert Gamma_ZF; - goto l0000075c_goto_l0000077b, l0000075c_goto_l0000069c; - l0000069c: - assume {:captureState "l0000069c"} true; - R1, Gamma_R1 := 69632bv64, true; + l000006ba: + assume {:captureState "l000006ba"} true; call rely(); R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, bvadd64(R1, 16bv64))), (gamma_load32(Gamma_mem, bvadd64(R1, 16bv64)) || L(mem, bvadd64(R1, 16bv64))); - R0, Gamma_R0 := zero_extend32_32(bvadd32(R0[32:0], 4294967291bv32)), Gamma_R0; + R0, Gamma_R0 := zero_extend32_32(bvadd32(R0[32:0], 6bv32)), Gamma_R0; call rely(); assert (L(mem, bvadd64(R1, 16bv64)) ==> Gamma_R0); mem, Gamma_mem := memory_store32_le(mem, bvadd64(R1, 16bv64), R0[32:0]), gamma_store32(Gamma_mem, bvadd64(R1, 16bv64), Gamma_R0); - assume {:captureState "%000006b4"} true; - goto l00000360; + assume {:captureState "%000006cd"} true; + goto l000006d0; + l00000368_goto_l0000036b: + assume {:captureState "l00000368_goto_l0000036b"} true; + assume (bvnot1(bvcomp32(R0[32:0], 0bv32)) != 0bv1); + goto l0000036b; l0000077b: assume {:captureState "l0000077b"} true; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); goto l0000077b_goto_l00000784, l0000077b_goto_l000005bc; - l000005bc: - assume {:captureState "l000005bc"} true; - #5, Gamma_#5 := bvadd32(R0[32:0], 4294967291bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#5, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934588bv33))), (Gamma_R0 && Gamma_#5); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#5, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967292bv33))), (Gamma_R0 && Gamma_#5); - ZF, Gamma_ZF := bvcomp32(bvadd32(#5, 1bv32), 0bv32), Gamma_#5; - NF, Gamma_NF := bvadd32(#5, 1bv32)[32:31], Gamma_#5; - assert Gamma_ZF; - goto l000005bc_goto_l00000682, l000005bc_goto_l000005d6; - l000005d6: - assume {:captureState "l000005d6"} true; - R1, Gamma_R1 := 69632bv64, true; + l000006d0: + assume {:captureState "l000006d0"} true; call rely(); R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, bvadd64(R1, 16bv64))), (gamma_load32(Gamma_mem, bvadd64(R1, 16bv64)) || L(mem, bvadd64(R1, 16bv64))); - R0, Gamma_R0 := zero_extend32_32(bvadd32(R0[32:0], 6bv32)), Gamma_R0; + R0, Gamma_R0 := zero_extend32_32(bvadd32(R0[32:0], 4294967289bv32)), Gamma_R0; call rely(); assert (L(mem, bvadd64(R1, 16bv64)) ==> Gamma_R0); mem, Gamma_mem := memory_store32_le(mem, bvadd64(R1, 16bv64), R0[32:0]), gamma_store32(Gamma_mem, bvadd64(R1, 16bv64), Gamma_R0); - assume {:captureState "%000005f3"} true; + assume {:captureState "%000006e6"} true; goto l00000360; - l00000682: - assume {:captureState "l00000682"} true; + l0000069c: + assume {:captureState "l0000069c"} true; R1, Gamma_R1 := 69632bv64, true; call rely(); R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, bvadd64(R1, 16bv64))), (gamma_load32(Gamma_mem, bvadd64(R1, 16bv64)) || L(mem, bvadd64(R1, 16bv64))); - R0, Gamma_R0 := zero_extend32_32(bvadd32(R0[32:0], 8bv32)), Gamma_R0; - call rely(); - assert (L(mem, bvadd64(R1, 16bv64)) ==> Gamma_R0); - mem, Gamma_mem := memory_store32_le(mem, bvadd64(R1, 16bv64), R0[32:0]), gamma_store32(Gamma_mem, bvadd64(R1, 16bv64), Gamma_R0); - assume {:captureState "%0000069a"} true; - goto l00000317; - l00000317: - assume {:captureState "l00000317"} true; - call rely(); - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, bvadd64(R1, 16bv64))), (gamma_load32(Gamma_mem, bvadd64(R1, 16bv64)) || L(mem, bvadd64(R1, 16bv64))); - R0, Gamma_R0 := zero_extend32_32(bvadd32(R0[32:0], 6bv32)), Gamma_R0; - call rely(); - assert (L(mem, bvadd64(R1, 16bv64)) ==> Gamma_R0); - mem, Gamma_mem := memory_store32_le(mem, bvadd64(R1, 16bv64), R0[32:0]), gamma_store32(Gamma_mem, bvadd64(R1, 16bv64), Gamma_R0); - assume {:captureState "%0000032f"} true; - goto l00000331; - l00000331: - assume {:captureState "l00000331"} true; - call rely(); - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, bvadd64(R1, 16bv64))), (gamma_load32(Gamma_mem, bvadd64(R1, 16bv64)) || L(mem, bvadd64(R1, 16bv64))); - R0, Gamma_R0 := zero_extend32_32(bvadd32(R0[32:0], 4294967289bv32)), Gamma_R0; + R0, Gamma_R0 := zero_extend32_32(bvadd32(R0[32:0], 4294967291bv32)), Gamma_R0; call rely(); assert (L(mem, bvadd64(R1, 16bv64)) ==> Gamma_R0); mem, Gamma_mem := memory_store32_le(mem, bvadd64(R1, 16bv64), R0[32:0]), gamma_store32(Gamma_mem, bvadd64(R1, 16bv64), Gamma_R0); - assume {:captureState "%00000344"} true; - goto l00000347; - l00000347: - assume {:captureState "l00000347"} true; + assume {:captureState "%000006b4"} true; + goto l00000360; + l00000628: + assume {:captureState "l00000628"} true; call rely(); R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, bvadd64(R1, 16bv64))), (gamma_load32(Gamma_mem, bvadd64(R1, 16bv64)) || L(mem, bvadd64(R1, 16bv64))); - R0, Gamma_R0 := zero_extend32_32(bvadd32(R0[32:0], 4294967295bv32)), Gamma_R0; + R0, Gamma_R0 := zero_extend32_32(bvadd32(R0[32:0], 4294967291bv32)), Gamma_R0; call rely(); assert (L(mem, bvadd64(R1, 16bv64)) ==> Gamma_R0); mem, Gamma_mem := memory_store32_le(mem, bvadd64(R1, 16bv64), R0[32:0]), gamma_store32(Gamma_mem, bvadd64(R1, 16bv64), Gamma_R0); - assume {:captureState "%0000035d"} true; + assume {:captureState "%0000063e"} true; goto l00000360; - l00000784: - assume {:captureState "l00000784"} true; + l000006e8_goto_l0000070c: + assume {:captureState "l000006e8_goto_l0000070c"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l0000070c; + l000005d6: + assume {:captureState "l000005d6"} true; R1, Gamma_R1 := 69632bv64, true; - #12, Gamma_#12 := bvadd32(R0[32:0], 4294967294bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#12, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934591bv33))), (Gamma_R0 && Gamma_#12); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#12, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967295bv33))), (Gamma_R0 && Gamma_#12); - ZF, Gamma_ZF := bvcomp32(bvadd32(#12, 1bv32), 0bv32), Gamma_#12; - NF, Gamma_NF := bvadd32(#12, 1bv32)[32:31], Gamma_#12; - assert Gamma_ZF; - goto l00000784_goto_l000006ba, l00000784_goto_l000007a8; - l000006ba: - assume {:captureState "l000006ba"} true; call rely(); R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, bvadd64(R1, 16bv64))), (gamma_load32(Gamma_mem, bvadd64(R1, 16bv64)) || L(mem, bvadd64(R1, 16bv64))); R0, Gamma_R0 := zero_extend32_32(bvadd32(R0[32:0], 6bv32)), Gamma_R0; call rely(); assert (L(mem, bvadd64(R1, 16bv64)) ==> Gamma_R0); mem, Gamma_mem := memory_store32_le(mem, bvadd64(R1, 16bv64), R0[32:0]), gamma_store32(Gamma_mem, bvadd64(R1, 16bv64), Gamma_R0); - assume {:captureState "%000006cd"} true; - goto l000006d0; - l000007a8: - assume {:captureState "l000007a8"} true; - #13, Gamma_#13 := bvadd32(R0[32:0], 4294967293bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#13, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934590bv33))), (Gamma_R0 && Gamma_#13); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#13, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967294bv33))), (Gamma_R0 && Gamma_#13); - ZF, Gamma_ZF := bvcomp32(bvadd32(#13, 1bv32), 0bv32), Gamma_#13; - NF, Gamma_NF := bvadd32(#13, 1bv32)[32:31], Gamma_#13; - assert Gamma_ZF; - goto l000007a8_goto_l000006d0, l000007a8_goto_l00000368; - l00000368: - assume {:captureState "l00000368"} true; - assert Gamma_R0; - goto l00000368_goto_l000005a3, l00000368_goto_l0000036b; - l0000036b: - assume {:captureState "l0000036b"} true; - R0, Gamma_R0 := 1bv64, true; - return; - l000005a3: - assume {:captureState "l000005a3"} true; - call rely(); - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, bvadd64(R1, 16bv64))), (gamma_load32(Gamma_mem, bvadd64(R1, 16bv64)) || L(mem, bvadd64(R1, 16bv64))); - R0, Gamma_R0 := zero_extend32_32(bvadd32(R0[32:0], 2bv32)), Gamma_R0; - call rely(); - assert (L(mem, bvadd64(R1, 16bv64)) ==> Gamma_R0); - mem, Gamma_mem := memory_store32_le(mem, bvadd64(R1, 16bv64), R0[32:0]), gamma_store32(Gamma_mem, bvadd64(R1, 16bv64), Gamma_R0); - assume {:captureState "%000005b6"} true; + assume {:captureState "%000005f3"} true; goto l00000360; - l000006d0: - assume {:captureState "l000006d0"} true; + l0000075c: + assume {:captureState "l0000075c"} true; + #11, Gamma_#11 := bvadd32(R0[32:0], 4294967292bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#11, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934589bv33))), (Gamma_R0 && Gamma_#11); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#11, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967293bv33))), (Gamma_R0 && Gamma_#11); + ZF, Gamma_ZF := bvcomp32(bvadd32(#11, 1bv32), 0bv32), Gamma_#11; + NF, Gamma_NF := bvadd32(#11, 1bv32)[32:31], Gamma_#11; + assert Gamma_ZF; + goto l0000075c_goto_l0000077b, l0000075c_goto_l0000069c; + l00000331: + assume {:captureState "l00000331"} true; call rely(); R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, bvadd64(R1, 16bv64))), (gamma_load32(Gamma_mem, bvadd64(R1, 16bv64)) || L(mem, bvadd64(R1, 16bv64))); R0, Gamma_R0 := zero_extend32_32(bvadd32(R0[32:0], 4294967289bv32)), Gamma_R0; call rely(); assert (L(mem, bvadd64(R1, 16bv64)) ==> Gamma_R0); mem, Gamma_mem := memory_store32_le(mem, bvadd64(R1, 16bv64), R0[32:0]), gamma_store32(Gamma_mem, bvadd64(R1, 16bv64), Gamma_R0); - assume {:captureState "%000006e6"} true; - goto l00000360; - l00000360: - assume {:captureState "l00000360"} true; - return; + assume {:captureState "%00000344"} true; + goto l00000347; lmain_goto_l00000317: assume {:captureState "lmain_goto_l00000317"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); goto l00000317; - lmain_goto_l00000753: - assume {:captureState "lmain_goto_l00000753"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l00000753; - l00000753_goto_l000006e8: - assume {:captureState "l00000753_goto_l000006e8"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); - goto l000006e8; - l00000753_goto_l0000075c: - assume {:captureState "l00000753_goto_l0000075c"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); - goto l0000075c; - l000006e8_goto_l000005f9: - assume {:captureState "l000006e8_goto_l000005f9"} true; + l0000075c_goto_l0000069c: + assume {:captureState "l0000075c_goto_l0000069c"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l000005f9; - l000006e8_goto_l0000070c: - assume {:captureState "l000006e8_goto_l0000070c"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l0000070c; + goto l0000069c; l0000070c_goto_l00000644: assume {:captureState "l0000070c_goto_l00000644"} true; assume (bvnot1(bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1))) != 0bv1); goto l00000644; - l0000070c_goto_l00000715: - assume {:captureState "l0000070c_goto_l00000715"} true; - assume (bvnot1(bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1))) == 0bv1); - goto l00000715; - l00000644_goto_l00000331: - assume {:captureState "l00000644_goto_l00000331"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l00000331; + l00000753_goto_l000006e8: + assume {:captureState "l00000753_goto_l000006e8"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); + goto l000006e8; l00000644_goto_l00000663: assume {:captureState "l00000644_goto_l00000663"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); goto l00000663; - l00000663_goto_l0000036b: - assume {:captureState "l00000663_goto_l0000036b"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); - goto l0000036b; - l00000663_goto_l00000347: - assume {:captureState "l00000663_goto_l00000347"} true; + l000007a8_goto_l000006d0: + assume {:captureState "l000007a8_goto_l000006d0"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); - goto l00000347; - l00000715_goto_l00000612: - assume {:captureState "l00000715_goto_l00000612"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l00000612; + goto l000006d0; + l00000734: + assume {:captureState "l00000734"} true; + #10, Gamma_#10 := bvadd32(R0[32:0], 4294967284bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#10, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934581bv33))), (Gamma_R0 && Gamma_#10); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#10, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967285bv33))), (Gamma_R0 && Gamma_#10); + ZF, Gamma_ZF := bvcomp32(bvadd32(#10, 1bv32), 0bv32), Gamma_#10; + NF, Gamma_NF := bvadd32(#10, 1bv32)[32:31], Gamma_#10; + assert Gamma_ZF; + goto l00000734_goto_l0000036b, l00000734_goto_l00000628; + l00000612: + assume {:captureState "l00000612"} true; + call rely(); + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, bvadd64(R1, 16bv64))), (gamma_load32(Gamma_mem, bvadd64(R1, 16bv64)) || L(mem, bvadd64(R1, 16bv64))); + R0, Gamma_R0 := zero_extend32_32(bvadd32(R0[32:0], 1bv32)), Gamma_R0; + call rely(); + assert (L(mem, bvadd64(R1, 16bv64)) ==> Gamma_R0); + mem, Gamma_mem := memory_store32_le(mem, bvadd64(R1, 16bv64), R0[32:0]), gamma_store32(Gamma_mem, bvadd64(R1, 16bv64), Gamma_R0); + assume {:captureState "%00000625"} true; + goto l00000628; l00000715_goto_l00000734: assume {:captureState "l00000715_goto_l00000734"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); goto l00000734; - l00000734_goto_l0000036b: - assume {:captureState "l00000734_goto_l0000036b"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); - goto l0000036b; + lmain_goto_l00000753: + assume {:captureState "lmain_goto_l00000753"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l00000753; + l000006e8_goto_l000005f9: + assume {:captureState "l000006e8_goto_l000005f9"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l000005f9; + l0000036b: + assume {:captureState "l0000036b"} true; + R0, Gamma_R0 := 1bv64, true; + goto main_return; l00000734_goto_l00000628: assume {:captureState "l00000734_goto_l00000628"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); goto l00000628; - l0000075c_goto_l0000069c: - assume {:captureState "l0000075c_goto_l0000069c"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l0000069c; - l0000075c_goto_l0000077b: - assume {:captureState "l0000075c_goto_l0000077b"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l0000077b; - l0000077b_goto_l000005bc: - assume {:captureState "l0000077b_goto_l000005bc"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); - goto l000005bc; - l0000077b_goto_l00000784: - assume {:captureState "l0000077b_goto_l00000784"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); - goto l00000784; l000005bc_goto_l000005d6: assume {:captureState "l000005bc_goto_l000005d6"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); goto l000005d6; - l000005bc_goto_l00000682: - assume {:captureState "l000005bc_goto_l00000682"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l00000682; - l00000784_goto_l000006ba: - assume {:captureState "l00000784_goto_l000006ba"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l000006ba; - l00000784_goto_l000007a8: - assume {:captureState "l00000784_goto_l000007a8"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l000007a8; - l000007a8_goto_l00000368: - assume {:captureState "l000007a8_goto_l00000368"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); - goto l00000368; - l000007a8_goto_l000006d0: - assume {:captureState "l000007a8_goto_l000006d0"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); - goto l000006d0; - l00000368_goto_l0000036b: - assume {:captureState "l00000368_goto_l0000036b"} true; - assume (bvnot1(bvcomp32(R0[32:0], 0bv32)) != 0bv1); - goto l0000036b; - l00000368_goto_l000005a3: - assume {:captureState "l00000368_goto_l000005a3"} true; - assume (bvnot1(bvcomp32(R0[32:0], 0bv32)) == 0bv1); - goto l000005a3; + main_return: + assume {:captureState "main_return"} true; + return; } diff --git a/src/test/correct/jumptable3/gcc_no_plt_no_pic/jumptable3.expected b/src/test/correct/jumptable3/gcc_no_plt_no_pic/jumptable3.expected index b0842bac6..05ccf4f57 100644 --- a/src/test/correct/jumptable3/gcc_no_plt_no_pic/jumptable3.expected +++ b/src/test/correct/jumptable3/gcc_no_plt_no_pic/jumptable3.expected @@ -206,6 +206,12 @@ procedure add_six() assert (L(mem, R0) ==> Gamma_R1); mem, Gamma_mem := memory_store32_le(mem, R0, R1[32:0]), gamma_store32(Gamma_mem, R0, Gamma_R1); assume {:captureState "%0000126c"} true; + goto add_six_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + add_six_return: + assume {:captureState "add_six_return"} true; return; } @@ -297,6 +303,12 @@ procedure add_two() assert (L(mem, R0) ==> Gamma_R1); mem, Gamma_mem := memory_store32_le(mem, R0, R1[32:0]), gamma_store32(Gamma_mem, R0, Gamma_R1); assume {:captureState "%0000123a"} true; + goto add_two_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + add_two_return: + assume {:captureState "add_two_return"} true; return; } @@ -475,87 +487,59 @@ procedure main() NF, Gamma_NF := bvadd32(#5, 1bv32)[32:31], Gamma_#5; assert Gamma_ZF; goto lmain_goto_l0000133b, lmain_goto_l000012f4; - l0000133b: - assume {:captureState "l0000133b"} true; + l000014b3: + assume {:captureState "l000014b3"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #6, Gamma_#6 := bvadd32(R0[32:0], 4294967284bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#6, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934581bv33))), (Gamma_R0 && Gamma_#6); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#6, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967285bv33))), (Gamma_R0 && Gamma_#6); - ZF, Gamma_ZF := bvcomp32(bvadd32(#6, 1bv32), 0bv32), Gamma_#6; - NF, Gamma_NF := bvadd32(#6, 1bv32)[32:31], Gamma_#6; + #14, Gamma_#14 := bvadd32(R0[32:0], 4294967288bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#14, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934585bv33))), (Gamma_R0 && Gamma_#14); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#14, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967289bv33))), (Gamma_R0 && Gamma_#14); + ZF, Gamma_ZF := bvcomp32(bvadd32(#14, 1bv32), 0bv32), Gamma_#14; + NF, Gamma_NF := bvadd32(#14, 1bv32)[32:31], Gamma_#14; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l0000133b_goto_l00001363, l0000133b_goto_l00001332; - l00001363: - assume {:captureState "l00001363"} true; + goto l000014b3_goto_l00001332, l000014b3_goto_l000014db; + l00001530: + assume {:captureState "l00001530"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #7, Gamma_#7 := bvadd32(R0[32:0], 4294967285bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#7, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934582bv33))), (Gamma_R0 && Gamma_#7); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#7, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967286bv33))), (Gamma_R0 && Gamma_#7); - ZF, Gamma_ZF := bvcomp32(bvadd32(#7, 1bv32), 0bv32), Gamma_#7; - NF, Gamma_NF := bvadd32(#7, 1bv32)[32:31], Gamma_#7; + #17, Gamma_#17 := bvadd32(R0[32:0], 4294967290bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#17, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934587bv33))), (Gamma_R0 && Gamma_#17); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#17, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967291bv33))), (Gamma_R0 && Gamma_#17); + ZF, Gamma_ZF := bvcomp32(bvadd32(#17, 1bv32), 0bv32), Gamma_#17; + NF, Gamma_NF := bvadd32(#17, 1bv32)[32:31], Gamma_#17; assert Gamma_ZF; - goto l00001363_goto_l0000139e, l00001363_goto_l00001384; - l00001384: - assume {:captureState "l00001384"} true; - R30, Gamma_R30 := 2288bv64, true; - call sub_seven(); - goto l00001390; - l00001390: - assume {:captureState "l00001390"} true; - R30, Gamma_R30 := 2292bv64, true; - call add_two(); - goto l00001397; - l00001397: - assume {:captureState "l00001397"} true; - R30, Gamma_R30 := 2296bv64, true; - call add_six(); - goto l000012f4; - l000012f4: - assume {:captureState "l000012f4"} true; - R30, Gamma_R30 := 2300bv64, true; + goto l00001530_goto_l00001564, l00001530_goto_l00001551; + l00001645_goto_l00001676: + assume {:captureState "l00001645_goto_l00001676"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l00001676; + l000015bd_goto_l000015e5: + assume {:captureState "l000015bd_goto_l000015e5"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); + goto l000015e5; + l00001486_goto_l000014a7: + assume {:captureState "l00001486_goto_l000014a7"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l000014a7; + l000013c6_goto_l000013e7: + assume {:captureState "l000013c6_goto_l000013e7"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l000013e7; + l000014b3_goto_l000014db: + assume {:captureState "l000014b3_goto_l000014db"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); + goto l000014db; + l000014a7: + assume {:captureState "l000014a7"} true; + R30, Gamma_R30 := 2260bv64, true; call sub_seven(); - goto l00001300; - l00001300: - assume {:captureState "l00001300"} true; - R30, Gamma_R30 := 2304bv64, true; - call add_two(); - goto l00001307; - l00001307: - assume {:captureState "l00001307"} true; - goto l00001308; - l0000139e: - assume {:captureState "l0000139e"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #8, Gamma_#8 := bvadd32(R0[32:0], 4294967285bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#8, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934582bv33))), (Gamma_R0 && Gamma_#8); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#8, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967286bv33))), (Gamma_R0 && Gamma_#8); - ZF, Gamma_ZF := bvcomp32(bvadd32(#8, 1bv32), 0bv32), Gamma_#8; - NF, Gamma_NF := bvadd32(#8, 1bv32)[32:31], Gamma_#8; - assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l0000139e_goto_l000013c6, l0000139e_goto_l00001332; - l000013c6: - assume {:captureState "l000013c6"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #9, Gamma_#9 := bvadd32(R0[32:0], 4294967286bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#9, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934583bv33))), (Gamma_R0 && Gamma_#9); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#9, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967287bv33))), (Gamma_R0 && Gamma_#9); - ZF, Gamma_ZF := bvcomp32(bvadd32(#9, 1bv32), 0bv32), Gamma_#9; - NF, Gamma_NF := bvadd32(#9, 1bv32)[32:31], Gamma_#9; - assert Gamma_ZF; - goto l000013c6_goto_l000013e7, l000013c6_goto_l000013fe; - l000013e7: - assume {:captureState "l000013e7"} true; - R30, Gamma_R30 := 2276bv64, true; - call add_two(); - goto l000013f3; - l000013f3: - assume {:captureState "l000013f3"} true; - R30, Gamma_R30 := 2280bv64, true; - call add_six(); - goto l000013fa; - l000013fa: - assume {:captureState "l000013fa"} true; - goto l00001308; + goto l00001447; + l000014db_goto_l000014fc: + assume {:captureState "l000014db_goto_l000014fc"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l000014fc; + l000014db_goto_l00001508: + assume {:captureState "l000014db_goto_l00001508"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l00001508; l000013fe: assume {:captureState "l000013fe"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -566,26 +550,6 @@ procedure main() NF, Gamma_NF := bvadd32(#10, 1bv32)[32:31], Gamma_#10; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); goto l000013fe_goto_l00001332, l000013fe_goto_l00001426; - l00001426: - assume {:captureState "l00001426"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #11, Gamma_#11 := bvadd32(R0[32:0], 4294967287bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#11, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934584bv33))), (Gamma_R0 && Gamma_#11); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#11, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967288bv33))), (Gamma_R0 && Gamma_#11); - ZF, Gamma_ZF := bvcomp32(bvadd32(#11, 1bv32), 0bv32), Gamma_#11; - NF, Gamma_NF := bvadd32(#11, 1bv32)[32:31], Gamma_#11; - assert Gamma_ZF; - goto l00001426_goto_l0000145e, l00001426_goto_l00001447; - l0000145e: - assume {:captureState "l0000145e"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #12, Gamma_#12 := bvadd32(R0[32:0], 4294967287bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#12, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934584bv33))), (Gamma_R0 && Gamma_#12); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#12, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967288bv33))), (Gamma_R0 && Gamma_#12); - ZF, Gamma_ZF := bvcomp32(bvadd32(#12, 1bv32), 0bv32), Gamma_#12; - NF, Gamma_NF := bvadd32(#12, 1bv32)[32:31], Gamma_#12; - assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l0000145e_goto_l00001486, l0000145e_goto_l00001332; l00001486: assume {:captureState "l00001486"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -596,89 +560,111 @@ procedure main() NF, Gamma_NF := bvadd32(#13, 1bv32)[32:31], Gamma_#13; assert Gamma_ZF; goto l00001486_goto_l000014a7, l00001486_goto_l000014b3; - l000014b3: - assume {:captureState "l000014b3"} true; + l000016d6_goto_l000016cf: + assume {:captureState "l000016d6_goto_l000016cf"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l000016cf; + l00001363: + assume {:captureState "l00001363"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #14, Gamma_#14 := bvadd32(R0[32:0], 4294967288bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#14, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934585bv33))), (Gamma_R0 && Gamma_#14); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#14, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967289bv33))), (Gamma_R0 && Gamma_#14); - ZF, Gamma_ZF := bvcomp32(bvadd32(#14, 1bv32), 0bv32), Gamma_#14; - NF, Gamma_NF := bvadd32(#14, 1bv32)[32:31], Gamma_#14; - assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l000014b3_goto_l00001332, l000014b3_goto_l000014db; - l000014db: - assume {:captureState "l000014db"} true; + #7, Gamma_#7 := bvadd32(R0[32:0], 4294967285bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#7, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934582bv33))), (Gamma_R0 && Gamma_#7); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#7, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967286bv33))), (Gamma_R0 && Gamma_#7); + ZF, Gamma_ZF := bvcomp32(bvadd32(#7, 1bv32), 0bv32), Gamma_#7; + NF, Gamma_NF := bvadd32(#7, 1bv32)[32:31], Gamma_#7; + assert Gamma_ZF; + goto l00001363_goto_l0000139e, l00001363_goto_l00001384; + l00001645_goto_l00001666: + assume {:captureState "l00001645_goto_l00001666"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l00001666; + l000013fa: + assume {:captureState "l000013fa"} true; + goto l00001308; + l00001645: + assume {:captureState "l00001645"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #15, Gamma_#15 := bvadd32(R0[32:0], 4294967289bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#15, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934586bv33))), (Gamma_R0 && Gamma_#15); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#15, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967290bv33))), (Gamma_R0 && Gamma_#15); - ZF, Gamma_ZF := bvcomp32(bvadd32(#15, 1bv32), 0bv32), Gamma_#15; - NF, Gamma_NF := bvadd32(#15, 1bv32)[32:31], Gamma_#15; + #23, Gamma_#23 := bvadd32(R0[32:0], 4294967293bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#23, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934590bv33))), (Gamma_R0 && Gamma_#23); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#23, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967294bv33))), (Gamma_R0 && Gamma_#23); + ZF, Gamma_ZF := bvcomp32(bvadd32(#23, 1bv32), 0bv32), Gamma_#23; + NF, Gamma_NF := bvadd32(#23, 1bv32)[32:31], Gamma_#23; assert Gamma_ZF; - goto l000014db_goto_l00001508, l000014db_goto_l000014fc; - l00001508: - assume {:captureState "l00001508"} true; + goto l00001645_goto_l00001676, l00001645_goto_l00001666; + l000015bd: + assume {:captureState "l000015bd"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #16, Gamma_#16 := bvadd32(R0[32:0], 4294967289bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#16, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934586bv33))), (Gamma_R0 && Gamma_#16); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#16, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967290bv33))), (Gamma_R0 && Gamma_#16); - ZF, Gamma_ZF := bvcomp32(bvadd32(#16, 1bv32), 0bv32), Gamma_#16; - NF, Gamma_NF := bvadd32(#16, 1bv32)[32:31], Gamma_#16; + #20, Gamma_#20 := bvadd32(R0[32:0], 4294967291bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#20, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934588bv33))), (Gamma_R0 && Gamma_#20); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#20, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967292bv33))), (Gamma_R0 && Gamma_#20); + ZF, Gamma_ZF := bvcomp32(bvadd32(#20, 1bv32), 0bv32), Gamma_#20; + NF, Gamma_NF := bvadd32(#20, 1bv32)[32:31], Gamma_#20; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l00001508_goto_l00001332, l00001508_goto_l00001530; - l00001530: - assume {:captureState "l00001530"} true; + goto l000015bd_goto_l000015e5, l000015bd_goto_l00001332; + l00001486_goto_l000014b3: + assume {:captureState "l00001486_goto_l000014b3"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l000014b3; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + l000012f4: + assume {:captureState "l000012f4"} true; + R30, Gamma_R30 := 2300bv64, true; + call sub_seven(); + goto l00001300; + l00001564_goto_l00001332: + assume {:captureState "l00001564_goto_l00001332"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); + goto l00001332; + l000015b9: + assume {:captureState "l000015b9"} true; + goto l00001308; + l0000158c_goto_l000015bd: + assume {:captureState "l0000158c_goto_l000015bd"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l000015bd; + l0000161d: + assume {:captureState "l0000161d"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #17, Gamma_#17 := bvadd32(R0[32:0], 4294967290bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#17, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934587bv33))), (Gamma_R0 && Gamma_#17); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#17, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967291bv33))), (Gamma_R0 && Gamma_#17); - ZF, Gamma_ZF := bvcomp32(bvadd32(#17, 1bv32), 0bv32), Gamma_#17; - NF, Gamma_NF := bvadd32(#17, 1bv32)[32:31], Gamma_#17; + #22, Gamma_#22 := bvadd32(R0[32:0], 4294967292bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#22, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934589bv33))), (Gamma_R0 && Gamma_#22); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#22, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967293bv33))), (Gamma_R0 && Gamma_#22); + ZF, Gamma_ZF := bvcomp32(bvadd32(#22, 1bv32), 0bv32), Gamma_#22; + NF, Gamma_NF := bvadd32(#22, 1bv32)[32:31], Gamma_#22; + assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); + goto l0000161d_goto_l00001332, l0000161d_goto_l00001645; + l000016d6: + assume {:captureState "l000016d6"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #26, Gamma_#26 := bvadd32(R0[32:0], 4294967294bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#26, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934591bv33))), (Gamma_R0 && Gamma_#26); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#26, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967295bv33))), (Gamma_R0 && Gamma_#26); + ZF, Gamma_ZF := bvcomp32(bvadd32(#26, 1bv32), 0bv32), Gamma_#26; + NF, Gamma_NF := bvadd32(#26, 1bv32)[32:31], Gamma_#26; assert Gamma_ZF; - goto l00001530_goto_l00001564, l00001530_goto_l00001551; - l00001551: - assume {:captureState "l00001551"} true; - R30, Gamma_R30 := 2248bv64, true; - call add_six(); - goto l0000155d; - l0000155d: - assume {:captureState "l0000155d"} true; - R30, Gamma_R30 := 2252bv64, true; - call add_two(); - goto l000014fc; - l000014fc: - assume {:captureState "l000014fc"} true; - R30, Gamma_R30 := 2256bv64, true; + goto l000016d6_goto_l000016cf, l000016d6_goto_l000016fc; + l00001676_goto_l0000169e: + assume {:captureState "l00001676_goto_l0000169e"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); + goto l0000169e; + l000016cf: + assume {:captureState "l000016cf"} true; + R30, Gamma_R30 := 2216bv64, true; call add_six(); - goto l000014a7; - l000014a7: - assume {:captureState "l000014a7"} true; - R30, Gamma_R30 := 2260bv64, true; - call sub_seven(); - goto l00001447; - l00001447: - assume {:captureState "l00001447"} true; - R30, Gamma_R30 := 2264bv64, true; - call sub_seven(); - goto l00001453; - l00001453: - assume {:captureState "l00001453"} true; - R30, Gamma_R30 := 2268bv64, true; + goto l00001666; + l00001530_goto_l00001564: + assume {:captureState "l00001530_goto_l00001564"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l00001564; + l000015ad: + assume {:captureState "l000015ad"} true; + R30, Gamma_R30 := 2240bv64, true; call add_six(); - goto l0000145a; - l0000145a: - assume {:captureState "l0000145a"} true; + goto l000015b9; + l000016cb: + assume {:captureState "l000016cb"} true; goto l00001308; - l00001564: - assume {:captureState "l00001564"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #18, Gamma_#18 := bvadd32(R0[32:0], 4294967290bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#18, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934587bv33))), (Gamma_R0 && Gamma_#18); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#18, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967291bv33))), (Gamma_R0 && Gamma_#18); - ZF, Gamma_ZF := bvcomp32(bvadd32(#18, 1bv32), 0bv32), Gamma_#18; - NF, Gamma_NF := bvadd32(#18, 1bv32)[32:31], Gamma_#18; - assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l00001564_goto_l0000158c, l00001564_goto_l00001332; l0000158c: assume {:captureState "l0000158c"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -689,77 +675,65 @@ procedure main() NF, Gamma_NF := bvadd32(#19, 1bv32)[32:31], Gamma_#19; assert Gamma_ZF; goto l0000158c_goto_l000015bd, l0000158c_goto_l000015ad; - l000015ad: - assume {:captureState "l000015ad"} true; - R30, Gamma_R30 := 2240bv64, true; + l0000133b_goto_l00001363: + assume {:captureState "l0000133b_goto_l00001363"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); + goto l00001363; + l0000158c_goto_l000015ad: + assume {:captureState "l0000158c_goto_l000015ad"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l000015ad; + l000013e7: + assume {:captureState "l000013e7"} true; + R30, Gamma_R30 := 2276bv64, true; + call add_two(); + goto l000013f3; + l000014fc: + assume {:captureState "l000014fc"} true; + R30, Gamma_R30 := 2256bv64, true; call add_six(); - goto l000015b9; - l000015b9: - assume {:captureState "l000015b9"} true; - goto l00001308; - l000015bd: - assume {:captureState "l000015bd"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #20, Gamma_#20 := bvadd32(R0[32:0], 4294967291bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#20, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934588bv33))), (Gamma_R0 && Gamma_#20); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#20, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967292bv33))), (Gamma_R0 && Gamma_#20); - ZF, Gamma_ZF := bvcomp32(bvadd32(#20, 1bv32), 0bv32), Gamma_#20; - NF, Gamma_NF := bvadd32(#20, 1bv32)[32:31], Gamma_#20; - assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l000015bd_goto_l000015e5, l000015bd_goto_l00001332; - l000015e5: - assume {:captureState "l000015e5"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #21, Gamma_#21 := bvadd32(R0[32:0], 4294967292bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#21, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934589bv33))), (Gamma_R0 && Gamma_#21); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#21, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967293bv33))), (Gamma_R0 && Gamma_#21); - ZF, Gamma_ZF := bvcomp32(bvadd32(#21, 1bv32), 0bv32), Gamma_#21; - NF, Gamma_NF := bvadd32(#21, 1bv32)[32:31], Gamma_#21; - assert Gamma_ZF; - goto l000015e5_goto_l0000161d, l000015e5_goto_l00001606; - l00001606: - assume {:captureState "l00001606"} true; - R30, Gamma_R30 := 2228bv64, true; + goto l000014a7; + l00001564_goto_l0000158c: + assume {:captureState "l00001564_goto_l0000158c"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); + goto l0000158c; + l00001508_goto_l00001530: + assume {:captureState "l00001508_goto_l00001530"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); + goto l00001530; + l000016bf: + assume {:captureState "l000016bf"} true; + R30, Gamma_R30 := 2208bv64, true; call add_two(); - goto l00001612; - l00001612: - assume {:captureState "l00001612"} true; - R30, Gamma_R30 := 2232bv64, true; - call sub_seven(); - goto l00001619; - l00001619: - assume {:captureState "l00001619"} true; - goto l00001308; - l0000161d: - assume {:captureState "l0000161d"} true; + goto l000016cb; + l0000139e_goto_l00001332: + assume {:captureState "l0000139e_goto_l00001332"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); + goto l00001332; + l0000145e: + assume {:captureState "l0000145e"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #22, Gamma_#22 := bvadd32(R0[32:0], 4294967292bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#22, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934589bv33))), (Gamma_R0 && Gamma_#22); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#22, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967293bv33))), (Gamma_R0 && Gamma_#22); - ZF, Gamma_ZF := bvcomp32(bvadd32(#22, 1bv32), 0bv32), Gamma_#22; - NF, Gamma_NF := bvadd32(#22, 1bv32)[32:31], Gamma_#22; + #12, Gamma_#12 := bvadd32(R0[32:0], 4294967287bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#12, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934584bv33))), (Gamma_R0 && Gamma_#12); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#12, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967288bv33))), (Gamma_R0 && Gamma_#12); + ZF, Gamma_ZF := bvcomp32(bvadd32(#12, 1bv32), 0bv32), Gamma_#12; + NF, Gamma_NF := bvadd32(#12, 1bv32)[32:31], Gamma_#12; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l0000161d_goto_l00001332, l0000161d_goto_l00001645; - l00001645: - assume {:captureState "l00001645"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #23, Gamma_#23 := bvadd32(R0[32:0], 4294967293bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#23, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934590bv33))), (Gamma_R0 && Gamma_#23); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#23, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967294bv33))), (Gamma_R0 && Gamma_#23); - ZF, Gamma_ZF := bvcomp32(bvadd32(#23, 1bv32), 0bv32), Gamma_#23; - NF, Gamma_NF := bvadd32(#23, 1bv32)[32:31], Gamma_#23; - assert Gamma_ZF; - goto l00001645_goto_l00001676, l00001645_goto_l00001666; - l00001676: - assume {:captureState "l00001676"} true; + goto l0000145e_goto_l00001486, l0000145e_goto_l00001332; + l000014b3_goto_l00001332: + assume {:captureState "l000014b3_goto_l00001332"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); + goto l00001332; + l0000133b: + assume {:captureState "l0000133b"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #24, Gamma_#24 := bvadd32(R0[32:0], 4294967293bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#24, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934590bv33))), (Gamma_R0 && Gamma_#24); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#24, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967294bv33))), (Gamma_R0 && Gamma_#24); - ZF, Gamma_ZF := bvcomp32(bvadd32(#24, 1bv32), 0bv32), Gamma_#24; - NF, Gamma_NF := bvadd32(#24, 1bv32)[32:31], Gamma_#24; + #6, Gamma_#6 := bvadd32(R0[32:0], 4294967284bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#6, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934581bv33))), (Gamma_R0 && Gamma_#6); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#6, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967285bv33))), (Gamma_R0 && Gamma_#6); + ZF, Gamma_ZF := bvcomp32(bvadd32(#6, 1bv32), 0bv32), Gamma_#6; + NF, Gamma_NF := bvadd32(#6, 1bv32)[32:31], Gamma_#6; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l00001676_goto_l00001332, l00001676_goto_l0000169e; + goto l0000133b_goto_l00001363, l0000133b_goto_l00001332; l0000169e: assume {:captureState "l0000169e"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -770,189 +744,136 @@ procedure main() NF, Gamma_NF := bvadd32(#25, 1bv32)[32:31], Gamma_#25; assert Gamma_ZF; goto l0000169e_goto_l000016bf, l0000169e_goto_l000016d6; - l000016bf: - assume {:captureState "l000016bf"} true; - R30, Gamma_R30 := 2208bv64, true; - call add_two(); - goto l000016cb; - l000016cb: - assume {:captureState "l000016cb"} true; - goto l00001308; - l000016d6: - assume {:captureState "l000016d6"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #26, Gamma_#26 := bvadd32(R0[32:0], 4294967294bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#26, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934591bv33))), (Gamma_R0 && Gamma_#26); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#26, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967295bv33))), (Gamma_R0 && Gamma_#26); - ZF, Gamma_ZF := bvcomp32(bvadd32(#26, 1bv32), 0bv32), Gamma_#26; - NF, Gamma_NF := bvadd32(#26, 1bv32)[32:31], Gamma_#26; - assert Gamma_ZF; - goto l000016d6_goto_l000016cf, l000016d6_goto_l000016fc; - l000016cf: - assume {:captureState "l000016cf"} true; - R30, Gamma_R30 := 2216bv64, true; + l00001676_goto_l00001332: + assume {:captureState "l00001676_goto_l00001332"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); + goto l00001332; + l000013fe_goto_l00001332: + assume {:captureState "l000013fe_goto_l00001332"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); + goto l00001332; + l0000145e_goto_l00001332: + assume {:captureState "l0000145e_goto_l00001332"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); + goto l00001332; + l000013f3: + assume {:captureState "l000013f3"} true; + R30, Gamma_R30 := 2280bv64, true; call add_six(); - goto l00001666; - l00001666: - assume {:captureState "l00001666"} true; - R30, Gamma_R30 := 2220bv64, true; - call sub_seven(); - goto l00001672; - l00001672: - assume {:captureState "l00001672"} true; + goto l000013fa; + l0000145a: + assume {:captureState "l0000145a"} true; goto l00001308; - l00001308: - assume {:captureState "l00001308"} true; - R0, Gamma_R0 := 69632bv64, true; - R0, Gamma_R0 := bvadd64(R0, 16bv64), Gamma_R0; - call rely(); - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, R0)), (gamma_load32(Gamma_mem, R0) || L(mem, R0)); - goto l0000131d; - l000016fc: - assume {:captureState "l000016fc"} true; - goto l00001332; - l00001332: - assume {:captureState "l00001332"} true; - R0, Gamma_R0 := 1bv64, true; - goto l0000131d; + l00001508: + assume {:captureState "l00001508"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #16, Gamma_#16 := bvadd32(R0[32:0], 4294967289bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#16, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934586bv33))), (Gamma_R0 && Gamma_#16); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#16, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967290bv33))), (Gamma_R0 && Gamma_#16); + ZF, Gamma_ZF := bvcomp32(bvadd32(#16, 1bv32), 0bv32), Gamma_#16; + NF, Gamma_NF := bvadd32(#16, 1bv32)[32:31], Gamma_#16; + assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); + goto l00001508_goto_l00001332, l00001508_goto_l00001530; l0000131d: assume {:captureState "l0000131d"} true; R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; - return; - lmain_goto_l000012f4: - assume {:captureState "lmain_goto_l000012f4"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l000012f4; - lmain_goto_l0000133b: - assume {:captureState "lmain_goto_l0000133b"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l0000133b; - l0000133b_goto_l00001332: - assume {:captureState "l0000133b_goto_l00001332"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); - goto l00001332; - l0000133b_goto_l00001363: - assume {:captureState "l0000133b_goto_l00001363"} true; + goto main_return; + l0000139e_goto_l000013c6: + assume {:captureState "l0000139e_goto_l000013c6"} true; assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); - goto l00001363; - l00001363_goto_l00001384: - assume {:captureState "l00001363_goto_l00001384"} true; + goto l000013c6; + l00001332: + assume {:captureState "l00001332"} true; + R0, Gamma_R0 := 1bv64, true; + goto l0000131d; + l00001453: + assume {:captureState "l00001453"} true; + R30, Gamma_R30 := 2268bv64, true; + call add_six(); + goto l0000145a; + l0000169e_goto_l000016bf: + assume {:captureState "l0000169e_goto_l000016bf"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l00001384; + goto l000016bf; + l00001612: + assume {:captureState "l00001612"} true; + R30, Gamma_R30 := 2232bv64, true; + call sub_seven(); + goto l00001619; l00001363_goto_l0000139e: assume {:captureState "l00001363_goto_l0000139e"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); goto l0000139e; - l0000139e_goto_l00001332: - assume {:captureState "l0000139e_goto_l00001332"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); - goto l00001332; - l0000139e_goto_l000013c6: - assume {:captureState "l0000139e_goto_l000013c6"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); - goto l000013c6; - l000013c6_goto_l000013e7: - assume {:captureState "l000013c6_goto_l000013e7"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l000013e7; - l000013c6_goto_l000013fe: - assume {:captureState "l000013c6_goto_l000013fe"} true; + l000016d6_goto_l000016fc: + assume {:captureState "l000016d6_goto_l000016fc"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l000013fe; - l000013fe_goto_l00001332: - assume {:captureState "l000013fe_goto_l00001332"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); - goto l00001332; - l000013fe_goto_l00001426: - assume {:captureState "l000013fe_goto_l00001426"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); - goto l00001426; + goto l000016fc; + l00001619: + assume {:captureState "l00001619"} true; + goto l00001308; + lmain_goto_l0000133b: + assume {:captureState "lmain_goto_l0000133b"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l0000133b; l00001426_goto_l00001447: assume {:captureState "l00001426_goto_l00001447"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); goto l00001447; - l00001426_goto_l0000145e: - assume {:captureState "l00001426_goto_l0000145e"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l0000145e; - l0000145e_goto_l00001332: - assume {:captureState "l0000145e_goto_l00001332"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); - goto l00001332; - l0000145e_goto_l00001486: - assume {:captureState "l0000145e_goto_l00001486"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); - goto l00001486; - l00001486_goto_l000014a7: - assume {:captureState "l00001486_goto_l000014a7"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l000014a7; - l00001486_goto_l000014b3: - assume {:captureState "l00001486_goto_l000014b3"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l000014b3; - l000014b3_goto_l00001332: - assume {:captureState "l000014b3_goto_l00001332"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); - goto l00001332; - l000014b3_goto_l000014db: - assume {:captureState "l000014b3_goto_l000014db"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); - goto l000014db; - l000014db_goto_l000014fc: - assume {:captureState "l000014db_goto_l000014fc"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l000014fc; - l000014db_goto_l00001508: - assume {:captureState "l000014db_goto_l00001508"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l00001508; - l00001508_goto_l00001332: - assume {:captureState "l00001508_goto_l00001332"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); - goto l00001332; - l00001508_goto_l00001530: - assume {:captureState "l00001508_goto_l00001530"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); - goto l00001530; + l000013c6: + assume {:captureState "l000013c6"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #9, Gamma_#9 := bvadd32(R0[32:0], 4294967286bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#9, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934583bv33))), (Gamma_R0 && Gamma_#9); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#9, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967287bv33))), (Gamma_R0 && Gamma_#9); + ZF, Gamma_ZF := bvcomp32(bvadd32(#9, 1bv32), 0bv32), Gamma_#9; + NF, Gamma_NF := bvadd32(#9, 1bv32)[32:31], Gamma_#9; + assert Gamma_ZF; + goto l000013c6_goto_l000013e7, l000013c6_goto_l000013fe; + l00001564: + assume {:captureState "l00001564"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #18, Gamma_#18 := bvadd32(R0[32:0], 4294967290bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#18, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934587bv33))), (Gamma_R0 && Gamma_#18); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#18, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967291bv33))), (Gamma_R0 && Gamma_#18); + ZF, Gamma_ZF := bvcomp32(bvadd32(#18, 1bv32), 0bv32), Gamma_#18; + NF, Gamma_NF := bvadd32(#18, 1bv32)[32:31], Gamma_#18; + assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); + goto l00001564_goto_l0000158c, l00001564_goto_l00001332; + l000014db: + assume {:captureState "l000014db"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #15, Gamma_#15 := bvadd32(R0[32:0], 4294967289bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#15, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934586bv33))), (Gamma_R0 && Gamma_#15); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#15, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967290bv33))), (Gamma_R0 && Gamma_#15); + ZF, Gamma_ZF := bvcomp32(bvadd32(#15, 1bv32), 0bv32), Gamma_#15; + NF, Gamma_NF := bvadd32(#15, 1bv32)[32:31], Gamma_#15; + assert Gamma_ZF; + goto l000014db_goto_l00001508, l000014db_goto_l000014fc; + l00001606: + assume {:captureState "l00001606"} true; + R30, Gamma_R30 := 2228bv64, true; + call add_two(); + goto l00001612; + l00001447: + assume {:captureState "l00001447"} true; + R30, Gamma_R30 := 2264bv64, true; + call sub_seven(); + goto l00001453; l00001530_goto_l00001551: assume {:captureState "l00001530_goto_l00001551"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); goto l00001551; - l00001530_goto_l00001564: - assume {:captureState "l00001530_goto_l00001564"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l00001564; - l00001564_goto_l00001332: - assume {:captureState "l00001564_goto_l00001332"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); - goto l00001332; - l00001564_goto_l0000158c: - assume {:captureState "l00001564_goto_l0000158c"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); - goto l0000158c; - l0000158c_goto_l000015ad: - assume {:captureState "l0000158c_goto_l000015ad"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l000015ad; - l0000158c_goto_l000015bd: - assume {:captureState "l0000158c_goto_l000015bd"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l000015bd; l000015bd_goto_l00001332: assume {:captureState "l000015bd_goto_l00001332"} true; assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); goto l00001332; - l000015bd_goto_l000015e5: - assume {:captureState "l000015bd_goto_l000015e5"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); - goto l000015e5; - l000015e5_goto_l00001606: - assume {:captureState "l000015e5_goto_l00001606"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l00001606; + l0000155d: + assume {:captureState "l0000155d"} true; + R30, Gamma_R30 := 2252bv64, true; + call add_two(); + goto l000014fc; l000015e5_goto_l0000161d: assume {:captureState "l000015e5_goto_l0000161d"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); @@ -961,42 +882,139 @@ procedure main() assume {:captureState "l0000161d_goto_l00001332"} true; assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); goto l00001332; + l0000139e: + assume {:captureState "l0000139e"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #8, Gamma_#8 := bvadd32(R0[32:0], 4294967285bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#8, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934582bv33))), (Gamma_R0 && Gamma_#8); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#8, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967286bv33))), (Gamma_R0 && Gamma_#8); + ZF, Gamma_ZF := bvcomp32(bvadd32(#8, 1bv32), 0bv32), Gamma_#8; + NF, Gamma_NF := bvadd32(#8, 1bv32)[32:31], Gamma_#8; + assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); + goto l0000139e_goto_l000013c6, l0000139e_goto_l00001332; + l0000169e_goto_l000016d6: + assume {:captureState "l0000169e_goto_l000016d6"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l000016d6; + l0000133b_goto_l00001332: + assume {:captureState "l0000133b_goto_l00001332"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); + goto l00001332; + l00001390: + assume {:captureState "l00001390"} true; + R30, Gamma_R30 := 2292bv64, true; + call add_two(); + goto l00001397; + l000015e5_goto_l00001606: + assume {:captureState "l000015e5_goto_l00001606"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l00001606; + l00001363_goto_l00001384: + assume {:captureState "l00001363_goto_l00001384"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l00001384; l0000161d_goto_l00001645: assume {:captureState "l0000161d_goto_l00001645"} true; assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); goto l00001645; - l00001645_goto_l00001666: - assume {:captureState "l00001645_goto_l00001666"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l00001666; - l00001645_goto_l00001676: - assume {:captureState "l00001645_goto_l00001676"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l00001676; - l00001676_goto_l00001332: - assume {:captureState "l00001676_goto_l00001332"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); - goto l00001332; - l00001676_goto_l0000169e: - assume {:captureState "l00001676_goto_l0000169e"} true; + l00001397: + assume {:captureState "l00001397"} true; + R30, Gamma_R30 := 2296bv64, true; + call add_six(); + goto l000012f4; + l00001551: + assume {:captureState "l00001551"} true; + R30, Gamma_R30 := 2248bv64, true; + call add_six(); + goto l0000155d; + l00001672: + assume {:captureState "l00001672"} true; + goto l00001308; + l00001676: + assume {:captureState "l00001676"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #24, Gamma_#24 := bvadd32(R0[32:0], 4294967293bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#24, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934590bv33))), (Gamma_R0 && Gamma_#24); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#24, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967294bv33))), (Gamma_R0 && Gamma_#24); + ZF, Gamma_ZF := bvcomp32(bvadd32(#24, 1bv32), 0bv32), Gamma_#24; + NF, Gamma_NF := bvadd32(#24, 1bv32)[32:31], Gamma_#24; + assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); + goto l00001676_goto_l00001332, l00001676_goto_l0000169e; + l000013fe_goto_l00001426: + assume {:captureState "l000013fe_goto_l00001426"} true; assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); - goto l0000169e; - l0000169e_goto_l000016bf: - assume {:captureState "l0000169e_goto_l000016bf"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l000016bf; - l0000169e_goto_l000016d6: - assume {:captureState "l0000169e_goto_l000016d6"} true; + goto l00001426; + l000013c6_goto_l000013fe: + assume {:captureState "l000013c6_goto_l000013fe"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l000016d6; - l000016d6_goto_l000016cf: - assume {:captureState "l000016d6_goto_l000016cf"} true; + goto l000013fe; + l0000145e_goto_l00001486: + assume {:captureState "l0000145e_goto_l00001486"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); + goto l00001486; + lmain_goto_l000012f4: + assume {:captureState "lmain_goto_l000012f4"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l000016cf; - l000016d6_goto_l000016fc: - assume {:captureState "l000016d6_goto_l000016fc"} true; + goto l000012f4; + l000015e5: + assume {:captureState "l000015e5"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #21, Gamma_#21 := bvadd32(R0[32:0], 4294967292bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#21, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934589bv33))), (Gamma_R0 && Gamma_#21); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#21, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967293bv33))), (Gamma_R0 && Gamma_#21); + ZF, Gamma_ZF := bvcomp32(bvadd32(#21, 1bv32), 0bv32), Gamma_#21; + NF, Gamma_NF := bvadd32(#21, 1bv32)[32:31], Gamma_#21; + assert Gamma_ZF; + goto l000015e5_goto_l0000161d, l000015e5_goto_l00001606; + l00001300: + assume {:captureState "l00001300"} true; + R30, Gamma_R30 := 2304bv64, true; + call add_two(); + goto l00001307; + l000016fc: + assume {:captureState "l000016fc"} true; + goto l00001332; + l00001426_goto_l0000145e: + assume {:captureState "l00001426_goto_l0000145e"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l000016fc; + goto l0000145e; + l00001384: + assume {:captureState "l00001384"} true; + R30, Gamma_R30 := 2288bv64, true; + call sub_seven(); + goto l00001390; + l00001308: + assume {:captureState "l00001308"} true; + R0, Gamma_R0 := 69632bv64, true; + R0, Gamma_R0 := bvadd64(R0, 16bv64), Gamma_R0; + call rely(); + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, R0)), (gamma_load32(Gamma_mem, R0) || L(mem, R0)); + goto l0000131d; + l00001508_goto_l00001332: + assume {:captureState "l00001508_goto_l00001332"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); + goto l00001332; + l00001307: + assume {:captureState "l00001307"} true; + goto l00001308; + l00001426: + assume {:captureState "l00001426"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #11, Gamma_#11 := bvadd32(R0[32:0], 4294967287bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#11, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934584bv33))), (Gamma_R0 && Gamma_#11); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#11, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967288bv33))), (Gamma_R0 && Gamma_#11); + ZF, Gamma_ZF := bvcomp32(bvadd32(#11, 1bv32), 0bv32), Gamma_#11; + NF, Gamma_NF := bvadd32(#11, 1bv32)[32:31], Gamma_#11; + assert Gamma_ZF; + goto l00001426_goto_l0000145e, l00001426_goto_l00001447; + l00001666: + assume {:captureState "l00001666"} true; + R30, Gamma_R30 := 2220bv64, true; + call sub_seven(); + goto l00001672; + main_return: + assume {:captureState "main_return"} true; + return; } procedure sub_seven() @@ -1087,5 +1105,11 @@ procedure sub_seven() assert (L(mem, R0) ==> Gamma_R1); mem, Gamma_mem := memory_store32_le(mem, R0, R1[32:0]), gamma_store32(Gamma_mem, R0, Gamma_R1); assume {:captureState "%0000129e"} true; + goto sub_seven_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + sub_seven_return: + assume {:captureState "sub_seven_return"} true; return; } diff --git a/src/test/correct/jumptable3/gcc_pic/jumptable3.expected b/src/test/correct/jumptable3/gcc_pic/jumptable3.expected index e03bfb332..15eee74c7 100644 --- a/src/test/correct/jumptable3/gcc_pic/jumptable3.expected +++ b/src/test/correct/jumptable3/gcc_pic/jumptable3.expected @@ -232,6 +232,12 @@ procedure add_six() assert (L(mem, R0) ==> Gamma_R1); mem, Gamma_mem := memory_store32_le(mem, R0, R1[32:0]), gamma_store32(Gamma_mem, R0, Gamma_R1); assume {:captureState "%00000515"} true; + goto add_six_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + add_six_return: + assume {:captureState "add_six_return"} true; return; } @@ -341,6 +347,12 @@ procedure add_two() assert (L(mem, R0) ==> Gamma_R1); mem, Gamma_mem := memory_store32_le(mem, R0, R1[32:0]), gamma_store32(Gamma_mem, R0, Gamma_R1); assume {:captureState "%000004e1"} true; + goto add_two_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + add_two_return: + assume {:captureState "add_two_return"} true; return; } @@ -535,107 +547,13 @@ procedure main() NF, Gamma_NF := bvadd32(#5, 1bv32)[32:31], Gamma_#5; assert Gamma_ZF; goto lmain_goto_l000005e7, lmain_goto_l0000059f; - l000005e7: - assume {:captureState "l000005e7"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #6, Gamma_#6 := bvadd32(R0[32:0], 4294967284bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#6, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934581bv33))), (Gamma_R0 && Gamma_#6); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#6, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967285bv33))), (Gamma_R0 && Gamma_#6); - ZF, Gamma_ZF := bvcomp32(bvadd32(#6, 1bv32), 0bv32), Gamma_#6; - NF, Gamma_NF := bvadd32(#6, 1bv32)[32:31], Gamma_#6; - assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l000005e7_goto_l000005de, l000005e7_goto_l0000060f; - l0000060f: - assume {:captureState "l0000060f"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #7, Gamma_#7 := bvadd32(R0[32:0], 4294967285bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#7, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934582bv33))), (Gamma_R0 && Gamma_#7); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#7, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967286bv33))), (Gamma_R0 && Gamma_#7); - ZF, Gamma_ZF := bvcomp32(bvadd32(#7, 1bv32), 0bv32), Gamma_#7; - NF, Gamma_NF := bvadd32(#7, 1bv32)[32:31], Gamma_#7; - assert Gamma_ZF; - goto l0000060f_goto_l00000630, l0000060f_goto_l0000064a; - l00000630: - assume {:captureState "l00000630"} true; - R30, Gamma_R30 := 2352bv64, true; - call sub_seven(); - goto l0000063c; - l0000063c: - assume {:captureState "l0000063c"} true; - R30, Gamma_R30 := 2356bv64, true; - call add_two(); - goto l00000643; - l00000643: - assume {:captureState "l00000643"} true; - R30, Gamma_R30 := 2360bv64, true; - call add_six(); - goto l0000059f; - l0000059f: - assume {:captureState "l0000059f"} true; - R30, Gamma_R30 := 2364bv64, true; - call sub_seven(); - goto l000005ab; - l000005ab: - assume {:captureState "l000005ab"} true; - R30, Gamma_R30 := 2368bv64, true; - call add_two(); - goto l000005b2; - l000005b2: - assume {:captureState "l000005b2"} true; - goto l000005b3; - l0000064a: - assume {:captureState "l0000064a"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #8, Gamma_#8 := bvadd32(R0[32:0], 4294967285bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#8, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934582bv33))), (Gamma_R0 && Gamma_#8); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#8, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967286bv33))), (Gamma_R0 && Gamma_#8); - ZF, Gamma_ZF := bvcomp32(bvadd32(#8, 1bv32), 0bv32), Gamma_#8; - NF, Gamma_NF := bvadd32(#8, 1bv32)[32:31], Gamma_#8; - assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l0000064a_goto_l000005de, l0000064a_goto_l00000672; - l00000672: - assume {:captureState "l00000672"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #9, Gamma_#9 := bvadd32(R0[32:0], 4294967286bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#9, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934583bv33))), (Gamma_R0 && Gamma_#9); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#9, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967287bv33))), (Gamma_R0 && Gamma_#9); - ZF, Gamma_ZF := bvcomp32(bvadd32(#9, 1bv32), 0bv32), Gamma_#9; - NF, Gamma_NF := bvadd32(#9, 1bv32)[32:31], Gamma_#9; - assert Gamma_ZF; - goto l00000672_goto_l00000693, l00000672_goto_l000006aa; - l00000693: - assume {:captureState "l00000693"} true; - R30, Gamma_R30 := 2340bv64, true; - call add_two(); - goto l0000069f; - l0000069f: - assume {:captureState "l0000069f"} true; - R30, Gamma_R30 := 2344bv64, true; - call add_six(); - goto l000006a6; l000006a6: assume {:captureState "l000006a6"} true; goto l000005b3; - l000006aa: - assume {:captureState "l000006aa"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #10, Gamma_#10 := bvadd32(R0[32:0], 4294967286bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#10, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934583bv33))), (Gamma_R0 && Gamma_#10); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#10, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967287bv33))), (Gamma_R0 && Gamma_#10); - ZF, Gamma_ZF := bvcomp32(bvadd32(#10, 1bv32), 0bv32), Gamma_#10; - NF, Gamma_NF := bvadd32(#10, 1bv32)[32:31], Gamma_#10; - assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l000006aa_goto_l000006d2, l000006aa_goto_l000005de; - l000006d2: - assume {:captureState "l000006d2"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #11, Gamma_#11 := bvadd32(R0[32:0], 4294967287bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#11, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934584bv33))), (Gamma_R0 && Gamma_#11); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#11, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967288bv33))), (Gamma_R0 && Gamma_#11); - ZF, Gamma_ZF := bvcomp32(bvadd32(#11, 1bv32), 0bv32), Gamma_#11; - NF, Gamma_NF := bvadd32(#11, 1bv32)[32:31], Gamma_#11; - assert Gamma_ZF; - goto l000006d2_goto_l0000070a, l000006d2_goto_l000006f3; + l000006d2_goto_l0000070a: + assume {:captureState "l000006d2_goto_l0000070a"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l0000070a; l0000070a: assume {:captureState "l0000070a"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -646,36 +564,74 @@ procedure main() NF, Gamma_NF := bvadd32(#12, 1bv32)[32:31], Gamma_#12; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); goto l0000070a_goto_l000005de, l0000070a_goto_l00000732; - l00000732: - assume {:captureState "l00000732"} true; + l0000094a: + assume {:captureState "l0000094a"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #13, Gamma_#13 := bvadd32(R0[32:0], 4294967288bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#13, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934585bv33))), (Gamma_R0 && Gamma_#13); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#13, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967289bv33))), (Gamma_R0 && Gamma_#13); - ZF, Gamma_ZF := bvcomp32(bvadd32(#13, 1bv32), 0bv32), Gamma_#13; - NF, Gamma_NF := bvadd32(#13, 1bv32)[32:31], Gamma_#13; + #25, Gamma_#25 := bvadd32(R0[32:0], 4294967295bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#25, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 0bv33))), (Gamma_R0 && Gamma_#25); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#25, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967296bv33))), (Gamma_R0 && Gamma_#25); + ZF, Gamma_ZF := bvcomp32(bvadd32(#25, 1bv32), 0bv32), Gamma_#25; + NF, Gamma_NF := bvadd32(#25, 1bv32)[32:31], Gamma_#25; assert Gamma_ZF; - goto l00000732_goto_l0000075f, l00000732_goto_l00000753; - l0000075f: - assume {:captureState "l0000075f"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #14, Gamma_#14 := bvadd32(R0[32:0], 4294967288bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#14, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934585bv33))), (Gamma_R0 && Gamma_#14); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#14, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967289bv33))), (Gamma_R0 && Gamma_#14); - ZF, Gamma_ZF := bvcomp32(bvadd32(#14, 1bv32), 0bv32), Gamma_#14; - NF, Gamma_NF := bvadd32(#14, 1bv32)[32:31], Gamma_#14; - assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l0000075f_goto_l00000787, l0000075f_goto_l000005de; - l00000787: - assume {:captureState "l00000787"} true; + goto l0000094a_goto_l00000982, l0000094a_goto_l0000096b; + l000008c9_goto_l000008f1: + assume {:captureState "l000008c9_goto_l000008f1"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); + goto l000008f1; + l000007dc_goto_l00000810: + assume {:captureState "l000007dc_goto_l00000810"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l00000810; + l00000787_goto_l000007b4: + assume {:captureState "l00000787_goto_l000007b4"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l000007b4; + l00000982_goto_l000009a8: + assume {:captureState "l00000982_goto_l000009a8"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l000009a8; + l00000810_goto_l000005de: + assume {:captureState "l00000810_goto_l000005de"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); + goto l000005de; + l00000891_goto_l000008c9: + assume {:captureState "l00000891_goto_l000008c9"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l000008c9; + l000008f1_goto_l00000922: + assume {:captureState "l000008f1_goto_l00000922"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l00000922; + l000006aa_goto_l000005de: + assume {:captureState "l000006aa_goto_l000005de"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); + goto l000005de; + l0000075f_goto_l00000787: + assume {:captureState "l0000075f_goto_l00000787"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); + goto l00000787; + l0000075f_goto_l000005de: + assume {:captureState "l0000075f_goto_l000005de"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); + goto l000005de; + l000008f1: + assume {:captureState "l000008f1"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #15, Gamma_#15 := bvadd32(R0[32:0], 4294967289bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#15, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934586bv33))), (Gamma_R0 && Gamma_#15); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#15, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967290bv33))), (Gamma_R0 && Gamma_#15); - ZF, Gamma_ZF := bvcomp32(bvadd32(#15, 1bv32), 0bv32), Gamma_#15; - NF, Gamma_NF := bvadd32(#15, 1bv32)[32:31], Gamma_#15; + #23, Gamma_#23 := bvadd32(R0[32:0], 4294967293bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#23, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934590bv33))), (Gamma_R0 && Gamma_#23); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#23, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967294bv33))), (Gamma_R0 && Gamma_#23); + ZF, Gamma_ZF := bvcomp32(bvadd32(#23, 1bv32), 0bv32), Gamma_#23; + NF, Gamma_NF := bvadd32(#23, 1bv32)[32:31], Gamma_#23; assert Gamma_ZF; - goto l00000787_goto_l000007b4, l00000787_goto_l000007a8; + goto l000008f1_goto_l00000912, l000008f1_goto_l00000922; + l00000982_goto_l0000097b: + assume {:captureState "l00000982_goto_l0000097b"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l0000097b; + l000007dc_goto_l000007fd: + assume {:captureState "l000007dc_goto_l000007fd"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l000007fd; l000007b4: assume {:captureState "l000007b4"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -686,59 +642,35 @@ procedure main() NF, Gamma_NF := bvadd32(#16, 1bv32)[32:31], Gamma_#16; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); goto l000007b4_goto_l000007dc, l000007b4_goto_l000005de; - l000007dc: - assume {:captureState "l000007dc"} true; + l000005e7_goto_l000005de: + assume {:captureState "l000005e7_goto_l000005de"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); + goto l000005de; + l00000810_goto_l00000838: + assume {:captureState "l00000810_goto_l00000838"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); + goto l00000838; + l00000672: + assume {:captureState "l00000672"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #17, Gamma_#17 := bvadd32(R0[32:0], 4294967290bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#17, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934587bv33))), (Gamma_R0 && Gamma_#17); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#17, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967291bv33))), (Gamma_R0 && Gamma_#17); - ZF, Gamma_ZF := bvcomp32(bvadd32(#17, 1bv32), 0bv32), Gamma_#17; - NF, Gamma_NF := bvadd32(#17, 1bv32)[32:31], Gamma_#17; + #9, Gamma_#9 := bvadd32(R0[32:0], 4294967286bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#9, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934583bv33))), (Gamma_R0 && Gamma_#9); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#9, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967287bv33))), (Gamma_R0 && Gamma_#9); + ZF, Gamma_ZF := bvcomp32(bvadd32(#9, 1bv32), 0bv32), Gamma_#9; + NF, Gamma_NF := bvadd32(#9, 1bv32)[32:31], Gamma_#9; assert Gamma_ZF; - goto l000007dc_goto_l000007fd, l000007dc_goto_l00000810; - l000007fd: - assume {:captureState "l000007fd"} true; - R30, Gamma_R30 := 2312bv64, true; - call add_six(); - goto l00000809; - l00000809: - assume {:captureState "l00000809"} true; - R30, Gamma_R30 := 2316bv64, true; - call add_two(); - goto l000007a8; - l000007a8: - assume {:captureState "l000007a8"} true; - R30, Gamma_R30 := 2320bv64, true; - call add_six(); - goto l00000753; - l00000753: - assume {:captureState "l00000753"} true; - R30, Gamma_R30 := 2324bv64, true; - call sub_seven(); - goto l000006f3; - l000006f3: - assume {:captureState "l000006f3"} true; - R30, Gamma_R30 := 2328bv64, true; - call sub_seven(); - goto l000006ff; - l000006ff: - assume {:captureState "l000006ff"} true; - R30, Gamma_R30 := 2332bv64, true; - call add_six(); - goto l00000706; - l00000706: - assume {:captureState "l00000706"} true; - goto l000005b3; - l00000810: - assume {:captureState "l00000810"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #18, Gamma_#18 := bvadd32(R0[32:0], 4294967290bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#18, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934587bv33))), (Gamma_R0 && Gamma_#18); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#18, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967291bv33))), (Gamma_R0 && Gamma_#18); - ZF, Gamma_ZF := bvcomp32(bvadd32(#18, 1bv32), 0bv32), Gamma_#18; - NF, Gamma_NF := bvadd32(#18, 1bv32)[32:31], Gamma_#18; - assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l00000810_goto_l000005de, l00000810_goto_l00000838; + goto l00000672_goto_l00000693, l00000672_goto_l000006aa; + l0000070a_goto_l000005de: + assume {:captureState "l0000070a_goto_l000005de"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); + goto l000005de; + l00000869_goto_l00000891: + assume {:captureState "l00000869_goto_l00000891"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); + goto l00000891; + terminate: + assume {:captureState "terminate"} true; + goto terminate; l00000838: assume {:captureState "l00000838"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -749,24 +681,113 @@ procedure main() NF, Gamma_NF := bvadd32(#19, 1bv32)[32:31], Gamma_#19; assert Gamma_ZF; goto l00000838_goto_l00000869, l00000838_goto_l00000859; - l00000859: - assume {:captureState "l00000859"} true; - R30, Gamma_R30 := 2304bv64, true; + l000008c5: + assume {:captureState "l000008c5"} true; + goto l000005b3; + l0000064a_goto_l00000672: + assume {:captureState "l0000064a_goto_l00000672"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); + goto l00000672; + l000005e7: + assume {:captureState "l000005e7"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #6, Gamma_#6 := bvadd32(R0[32:0], 4294967284bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#6, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934581bv33))), (Gamma_R0 && Gamma_#6); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#6, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967285bv33))), (Gamma_R0 && Gamma_#6); + ZF, Gamma_ZF := bvcomp32(bvadd32(#6, 1bv32), 0bv32), Gamma_#6; + NF, Gamma_NF := bvadd32(#6, 1bv32)[32:31], Gamma_#6; + assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); + goto l000005e7_goto_l000005de, l000005e7_goto_l0000060f; + lmain_goto_l0000059f: + assume {:captureState "lmain_goto_l0000059f"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l0000059f; + l000007a8: + assume {:captureState "l000007a8"} true; + R30, Gamma_R30 := 2320bv64, true; call add_six(); - goto l00000865; - l00000865: - assume {:captureState "l00000865"} true; + goto l00000753; + l000008c9: + assume {:captureState "l000008c9"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #22, Gamma_#22 := bvadd32(R0[32:0], 4294967292bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#22, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934589bv33))), (Gamma_R0 && Gamma_#22); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#22, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967293bv33))), (Gamma_R0 && Gamma_#22); + ZF, Gamma_ZF := bvcomp32(bvadd32(#22, 1bv32), 0bv32), Gamma_#22; + NF, Gamma_NF := bvadd32(#22, 1bv32)[32:31], Gamma_#22; + assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); + goto l000008c9_goto_l000008f1, l000008c9_goto_l000005de; + l0000070a_goto_l00000732: + assume {:captureState "l0000070a_goto_l00000732"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); + goto l00000732; + l000008be: + assume {:captureState "l000008be"} true; + R30, Gamma_R30 := 2296bv64, true; + call sub_seven(); + goto l000008c5; + l00000891_goto_l000008b2: + assume {:captureState "l00000891_goto_l000008b2"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l000008b2; + l00000787: + assume {:captureState "l00000787"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #15, Gamma_#15 := bvadd32(R0[32:0], 4294967289bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#15, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934586bv33))), (Gamma_R0 && Gamma_#15); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#15, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967290bv33))), (Gamma_R0 && Gamma_#15); + ZF, Gamma_ZF := bvcomp32(bvadd32(#15, 1bv32), 0bv32), Gamma_#15; + NF, Gamma_NF := bvadd32(#15, 1bv32)[32:31], Gamma_#15; + assert Gamma_ZF; + goto l00000787_goto_l000007b4, l00000787_goto_l000007a8; + l000005de: + assume {:captureState "l000005de"} true; + R0, Gamma_R0 := 1bv64, true; + goto l000005c9; + l000006ff: + assume {:captureState "l000006ff"} true; + R30, Gamma_R30 := 2332bv64, true; + call add_six(); + goto l00000706; + l000008c9_goto_l000005de: + assume {:captureState "l000008c9_goto_l000005de"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); + goto l000005de; + l000007b4_goto_l000007dc: + assume {:captureState "l000007b4_goto_l000007dc"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); + goto l000007dc; + l00000869_goto_l000005de: + assume {:captureState "l00000869_goto_l000005de"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); + goto l000005de; + l00000706: + assume {:captureState "l00000706"} true; goto l000005b3; - l00000869: - assume {:captureState "l00000869"} true; + l0000075f: + assume {:captureState "l0000075f"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #20, Gamma_#20 := bvadd32(R0[32:0], 4294967291bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#20, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934588bv33))), (Gamma_R0 && Gamma_#20); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#20, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967292bv33))), (Gamma_R0 && Gamma_#20); - ZF, Gamma_ZF := bvcomp32(bvadd32(#20, 1bv32), 0bv32), Gamma_#20; - NF, Gamma_NF := bvadd32(#20, 1bv32)[32:31], Gamma_#20; + #14, Gamma_#14 := bvadd32(R0[32:0], 4294967288bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#14, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934585bv33))), (Gamma_R0 && Gamma_#14); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#14, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967289bv33))), (Gamma_R0 && Gamma_#14); + ZF, Gamma_ZF := bvcomp32(bvadd32(#14, 1bv32), 0bv32), Gamma_#14; + NF, Gamma_NF := bvadd32(#14, 1bv32)[32:31], Gamma_#14; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l00000869_goto_l00000891, l00000869_goto_l000005de; + goto l0000075f_goto_l00000787, l0000075f_goto_l000005de; + l000008b2: + assume {:captureState "l000008b2"} true; + R30, Gamma_R30 := 2292bv64, true; + call add_two(); + goto l000008be; + l0000063c: + assume {:captureState "l0000063c"} true; + R30, Gamma_R30 := 2356bv64, true; + call add_two(); + goto l00000643; + l000006d2_goto_l000006f3: + assume {:captureState "l000006d2_goto_l000006f3"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l000006f3; l00000891: assume {:captureState "l00000891"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -777,39 +798,67 @@ procedure main() NF, Gamma_NF := bvadd32(#21, 1bv32)[32:31], Gamma_#21; assert Gamma_ZF; goto l00000891_goto_l000008b2, l00000891_goto_l000008c9; - l000008b2: - assume {:captureState "l000008b2"} true; - R30, Gamma_R30 := 2292bv64, true; - call add_two(); - goto l000008be; - l000008be: - assume {:captureState "l000008be"} true; - R30, Gamma_R30 := 2296bv64, true; - call sub_seven(); - goto l000008c5; - l000008c5: - assume {:captureState "l000008c5"} true; + l0000060f_goto_l00000630: + assume {:captureState "l0000060f_goto_l00000630"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l00000630; + l0000091e: + assume {:captureState "l0000091e"} true; goto l000005b3; - l000008c9: - assume {:captureState "l000008c9"} true; + l00000838_goto_l00000869: + assume {:captureState "l00000838_goto_l00000869"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l00000869; + l000008f1_goto_l00000912: + assume {:captureState "l000008f1_goto_l00000912"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l00000912; + l00000810: + assume {:captureState "l00000810"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #22, Gamma_#22 := bvadd32(R0[32:0], 4294967292bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#22, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934589bv33))), (Gamma_R0 && Gamma_#22); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#22, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967293bv33))), (Gamma_R0 && Gamma_#22); - ZF, Gamma_ZF := bvcomp32(bvadd32(#22, 1bv32), 0bv32), Gamma_#22; - NF, Gamma_NF := bvadd32(#22, 1bv32)[32:31], Gamma_#22; + #18, Gamma_#18 := bvadd32(R0[32:0], 4294967290bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#18, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934587bv33))), (Gamma_R0 && Gamma_#18); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#18, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967291bv33))), (Gamma_R0 && Gamma_#18); + ZF, Gamma_ZF := bvcomp32(bvadd32(#18, 1bv32), 0bv32), Gamma_#18; + NF, Gamma_NF := bvadd32(#18, 1bv32)[32:31], Gamma_#18; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l000008c9_goto_l000008f1, l000008c9_goto_l000005de; - l000008f1: - assume {:captureState "l000008f1"} true; + goto l00000810_goto_l000005de, l00000810_goto_l00000838; + l0000064a: + assume {:captureState "l0000064a"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #23, Gamma_#23 := bvadd32(R0[32:0], 4294967293bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#23, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934590bv33))), (Gamma_R0 && Gamma_#23); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#23, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967294bv33))), (Gamma_R0 && Gamma_#23); - ZF, Gamma_ZF := bvcomp32(bvadd32(#23, 1bv32), 0bv32), Gamma_#23; - NF, Gamma_NF := bvadd32(#23, 1bv32)[32:31], Gamma_#23; - assert Gamma_ZF; - goto l000008f1_goto_l00000912, l000008f1_goto_l00000922; + #8, Gamma_#8 := bvadd32(R0[32:0], 4294967285bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#8, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934582bv33))), (Gamma_R0 && Gamma_#8); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#8, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967286bv33))), (Gamma_R0 && Gamma_#8); + ZF, Gamma_ZF := bvcomp32(bvadd32(#8, 1bv32), 0bv32), Gamma_#8; + NF, Gamma_NF := bvadd32(#8, 1bv32)[32:31], Gamma_#8; + assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); + goto l0000064a_goto_l000005de, l0000064a_goto_l00000672; + l00000922_goto_l0000094a: + assume {:captureState "l00000922_goto_l0000094a"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); + goto l0000094a; + l00000732_goto_l0000075f: + assume {:captureState "l00000732_goto_l0000075f"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l0000075f; + l000006aa_goto_l000006d2: + assume {:captureState "l000006aa_goto_l000006d2"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); + goto l000006d2; + l000005c9: + assume {:captureState "l000005c9"} true; + R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); + R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); + R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; + goto main_return; + l00000922_goto_l000005de: + assume {:captureState "l00000922_goto_l000005de"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); + goto l000005de; + l00000838_goto_l00000859: + assume {:captureState "l00000838_goto_l00000859"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l00000859; l00000922: assume {:captureState "l00000922"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -820,47 +869,39 @@ procedure main() NF, Gamma_NF := bvadd32(#24, 1bv32)[32:31], Gamma_#24; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); goto l00000922_goto_l0000094a, l00000922_goto_l000005de; - l0000094a: - assume {:captureState "l0000094a"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #25, Gamma_#25 := bvadd32(R0[32:0], 4294967295bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#25, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 0bv33))), (Gamma_R0 && Gamma_#25); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#25, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967296bv33))), (Gamma_R0 && Gamma_#25); - ZF, Gamma_ZF := bvcomp32(bvadd32(#25, 1bv32), 0bv32), Gamma_#25; - NF, Gamma_NF := bvadd32(#25, 1bv32)[32:31], Gamma_#25; - assert Gamma_ZF; - goto l0000094a_goto_l00000982, l0000094a_goto_l0000096b; - l0000096b: - assume {:captureState "l0000096b"} true; - R30, Gamma_R30 := 2272bv64, true; - call add_two(); - goto l00000977; - l00000977: - assume {:captureState "l00000977"} true; - goto l000005b3; - l00000982: - assume {:captureState "l00000982"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #26, Gamma_#26 := bvadd32(R0[32:0], 4294967294bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#26, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934591bv33))), (Gamma_R0 && Gamma_#26); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#26, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967295bv33))), (Gamma_R0 && Gamma_#26); - ZF, Gamma_ZF := bvcomp32(bvadd32(#26, 1bv32), 0bv32), Gamma_#26; - NF, Gamma_NF := bvadd32(#26, 1bv32)[32:31], Gamma_#26; - assert Gamma_ZF; - goto l00000982_goto_l000009a8, l00000982_goto_l0000097b; - l0000097b: - assume {:captureState "l0000097b"} true; - R30, Gamma_R30 := 2280bv64, true; + l00000643: + assume {:captureState "l00000643"} true; + R30, Gamma_R30 := 2360bv64, true; call add_six(); - goto l00000912; - l00000912: - assume {:captureState "l00000912"} true; - R30, Gamma_R30 := 2284bv64, true; - call sub_seven(); - goto l0000091e; - l0000091e: - assume {:captureState "l0000091e"} true; - goto l000005b3; + goto l0000059f; + l000007fd: + assume {:captureState "l000007fd"} true; + R30, Gamma_R30 := 2312bv64, true; + call add_six(); + goto l00000809; + l0000059f: + assume {:captureState "l0000059f"} true; + R30, Gamma_R30 := 2364bv64, true; + call sub_seven(); + goto l000005ab; + lmain_goto_l000005e7: + assume {:captureState "lmain_goto_l000005e7"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l000005e7; + l000006f3: + assume {:captureState "l000006f3"} true; + R30, Gamma_R30 := 2328bv64, true; + call sub_seven(); + goto l000006ff; + l00000809: + assume {:captureState "l00000809"} true; + R30, Gamma_R30 := 2316bv64, true; + call add_two(); + goto l000007a8; + l0000064a_goto_l000005de: + assume {:captureState "l0000064a_goto_l000005de"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); + goto l000005de; l000005b3: assume {:captureState "l000005b3"} true; R0, Gamma_R0 := 65536bv64, true; @@ -869,195 +910,172 @@ procedure main() call rely(); R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, R0)), (gamma_load32(Gamma_mem, R0) || L(mem, R0)); goto l000005c9; - l000009a8: - assume {:captureState "l000009a8"} true; - goto l000005de; - l000005de: - assume {:captureState "l000005de"} true; - R0, Gamma_R0 := 1bv64, true; - goto l000005c9; - l000005c9: - assume {:captureState "l000005c9"} true; - R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); - R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); - R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; - return; - lmain_goto_l0000059f: - assume {:captureState "lmain_goto_l0000059f"} true; + l0000097b: + assume {:captureState "l0000097b"} true; + R30, Gamma_R30 := 2280bv64, true; + call add_six(); + goto l00000912; + l000006d2: + assume {:captureState "l000006d2"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #11, Gamma_#11 := bvadd32(R0[32:0], 4294967287bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#11, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934584bv33))), (Gamma_R0 && Gamma_#11); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#11, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967288bv33))), (Gamma_R0 && Gamma_#11); + ZF, Gamma_ZF := bvcomp32(bvadd32(#11, 1bv32), 0bv32), Gamma_#11; + NF, Gamma_NF := bvadd32(#11, 1bv32)[32:31], Gamma_#11; + assert Gamma_ZF; + goto l000006d2_goto_l0000070a, l000006d2_goto_l000006f3; + l000005b2: + assume {:captureState "l000005b2"} true; + goto l000005b3; + l00000630: + assume {:captureState "l00000630"} true; + R30, Gamma_R30 := 2352bv64, true; + call sub_seven(); + goto l0000063c; + l00000912: + assume {:captureState "l00000912"} true; + R30, Gamma_R30 := 2284bv64, true; + call sub_seven(); + goto l0000091e; + l000005ab: + assume {:captureState "l000005ab"} true; + R30, Gamma_R30 := 2368bv64, true; + call add_two(); + goto l000005b2; + l00000732_goto_l00000753: + assume {:captureState "l00000732_goto_l00000753"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l0000059f; - lmain_goto_l000005e7: - assume {:captureState "lmain_goto_l000005e7"} true; + goto l00000753; + l00000753: + assume {:captureState "l00000753"} true; + R30, Gamma_R30 := 2324bv64, true; + call sub_seven(); + goto l000006f3; + l0000060f_goto_l0000064a: + assume {:captureState "l0000060f_goto_l0000064a"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l000005e7; - l000005e7_goto_l000005de: - assume {:captureState "l000005e7_goto_l000005de"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); - goto l000005de; + goto l0000064a; l000005e7_goto_l0000060f: assume {:captureState "l000005e7_goto_l0000060f"} true; assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); goto l0000060f; - l0000060f_goto_l00000630: - assume {:captureState "l0000060f_goto_l00000630"} true; + l0000096b: + assume {:captureState "l0000096b"} true; + R30, Gamma_R30 := 2272bv64, true; + call add_two(); + goto l00000977; + l00000982: + assume {:captureState "l00000982"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #26, Gamma_#26 := bvadd32(R0[32:0], 4294967294bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#26, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934591bv33))), (Gamma_R0 && Gamma_#26); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#26, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967295bv33))), (Gamma_R0 && Gamma_#26); + ZF, Gamma_ZF := bvcomp32(bvadd32(#26, 1bv32), 0bv32), Gamma_#26; + NF, Gamma_NF := bvadd32(#26, 1bv32)[32:31], Gamma_#26; + assert Gamma_ZF; + goto l00000982_goto_l000009a8, l00000982_goto_l0000097b; + l000009a8: + assume {:captureState "l000009a8"} true; + goto l000005de; + l0000094a_goto_l0000096b: + assume {:captureState "l0000094a_goto_l0000096b"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l00000630; - l0000060f_goto_l0000064a: - assume {:captureState "l0000060f_goto_l0000064a"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l0000064a; - l0000064a_goto_l000005de: - assume {:captureState "l0000064a_goto_l000005de"} true; + goto l0000096b; + l0000060f: + assume {:captureState "l0000060f"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #7, Gamma_#7 := bvadd32(R0[32:0], 4294967285bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#7, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934582bv33))), (Gamma_R0 && Gamma_#7); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#7, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967286bv33))), (Gamma_R0 && Gamma_#7); + ZF, Gamma_ZF := bvcomp32(bvadd32(#7, 1bv32), 0bv32), Gamma_#7; + NF, Gamma_NF := bvadd32(#7, 1bv32)[32:31], Gamma_#7; + assert Gamma_ZF; + goto l0000060f_goto_l00000630, l0000060f_goto_l0000064a; + l00000869: + assume {:captureState "l00000869"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #20, Gamma_#20 := bvadd32(R0[32:0], 4294967291bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#20, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934588bv33))), (Gamma_R0 && Gamma_#20); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#20, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967292bv33))), (Gamma_R0 && Gamma_#20); + ZF, Gamma_ZF := bvcomp32(bvadd32(#20, 1bv32), 0bv32), Gamma_#20; + NF, Gamma_NF := bvadd32(#20, 1bv32)[32:31], Gamma_#20; + assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); + goto l00000869_goto_l00000891, l00000869_goto_l000005de; + l000007dc: + assume {:captureState "l000007dc"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #17, Gamma_#17 := bvadd32(R0[32:0], 4294967290bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#17, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934587bv33))), (Gamma_R0 && Gamma_#17); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#17, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967291bv33))), (Gamma_R0 && Gamma_#17); + ZF, Gamma_ZF := bvcomp32(bvadd32(#17, 1bv32), 0bv32), Gamma_#17; + NF, Gamma_NF := bvadd32(#17, 1bv32)[32:31], Gamma_#17; + assert Gamma_ZF; + goto l000007dc_goto_l000007fd, l000007dc_goto_l00000810; + l00000865: + assume {:captureState "l00000865"} true; + goto l000005b3; + l000007b4_goto_l000005de: + assume {:captureState "l000007b4_goto_l000005de"} true; assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); goto l000005de; - l0000064a_goto_l00000672: - assume {:captureState "l0000064a_goto_l00000672"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); - goto l00000672; - l00000672_goto_l00000693: - assume {:captureState "l00000672_goto_l00000693"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l00000693; + l0000094a_goto_l00000982: + assume {:captureState "l0000094a_goto_l00000982"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l00000982; + l0000069f: + assume {:captureState "l0000069f"} true; + R30, Gamma_R30 := 2344bv64, true; + call add_six(); + goto l000006a6; l00000672_goto_l000006aa: assume {:captureState "l00000672_goto_l000006aa"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); goto l000006aa; - l000006aa_goto_l000005de: - assume {:captureState "l000006aa_goto_l000005de"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); - goto l000005de; - l000006aa_goto_l000006d2: - assume {:captureState "l000006aa_goto_l000006d2"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); - goto l000006d2; - l000006d2_goto_l000006f3: - assume {:captureState "l000006d2_goto_l000006f3"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l000006f3; - l000006d2_goto_l0000070a: - assume {:captureState "l000006d2_goto_l0000070a"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l0000070a; - l0000070a_goto_l000005de: - assume {:captureState "l0000070a_goto_l000005de"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); - goto l000005de; - l0000070a_goto_l00000732: - assume {:captureState "l0000070a_goto_l00000732"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); - goto l00000732; - l00000732_goto_l00000753: - assume {:captureState "l00000732_goto_l00000753"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l00000753; - l00000732_goto_l0000075f: - assume {:captureState "l00000732_goto_l0000075f"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l0000075f; - l0000075f_goto_l000005de: - assume {:captureState "l0000075f_goto_l000005de"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); - goto l000005de; - l0000075f_goto_l00000787: - assume {:captureState "l0000075f_goto_l00000787"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); - goto l00000787; l00000787_goto_l000007a8: assume {:captureState "l00000787_goto_l000007a8"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); goto l000007a8; - l00000787_goto_l000007b4: - assume {:captureState "l00000787_goto_l000007b4"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l000007b4; - l000007b4_goto_l000005de: - assume {:captureState "l000007b4_goto_l000005de"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); - goto l000005de; - l000007b4_goto_l000007dc: - assume {:captureState "l000007b4_goto_l000007dc"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); - goto l000007dc; - l000007dc_goto_l000007fd: - assume {:captureState "l000007dc_goto_l000007fd"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l000007fd; - l000007dc_goto_l00000810: - assume {:captureState "l000007dc_goto_l00000810"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l00000810; - l00000810_goto_l000005de: - assume {:captureState "l00000810_goto_l000005de"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); - goto l000005de; - l00000810_goto_l00000838: - assume {:captureState "l00000810_goto_l00000838"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); - goto l00000838; - l00000838_goto_l00000859: - assume {:captureState "l00000838_goto_l00000859"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l00000859; - l00000838_goto_l00000869: - assume {:captureState "l00000838_goto_l00000869"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l00000869; - l00000869_goto_l000005de: - assume {:captureState "l00000869_goto_l000005de"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); - goto l000005de; - l00000869_goto_l00000891: - assume {:captureState "l00000869_goto_l00000891"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); - goto l00000891; - l00000891_goto_l000008b2: - assume {:captureState "l00000891_goto_l000008b2"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l000008b2; - l00000891_goto_l000008c9: - assume {:captureState "l00000891_goto_l000008c9"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l000008c9; - l000008c9_goto_l000005de: - assume {:captureState "l000008c9_goto_l000005de"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); - goto l000005de; - l000008c9_goto_l000008f1: - assume {:captureState "l000008c9_goto_l000008f1"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); - goto l000008f1; - l000008f1_goto_l00000912: - assume {:captureState "l000008f1_goto_l00000912"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l00000912; - l000008f1_goto_l00000922: - assume {:captureState "l000008f1_goto_l00000922"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l00000922; - l00000922_goto_l000005de: - assume {:captureState "l00000922_goto_l000005de"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); - goto l000005de; - l00000922_goto_l0000094a: - assume {:captureState "l00000922_goto_l0000094a"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); - goto l0000094a; - l0000094a_goto_l0000096b: - assume {:captureState "l0000094a_goto_l0000096b"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l0000096b; - l0000094a_goto_l00000982: - assume {:captureState "l0000094a_goto_l00000982"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l00000982; - l00000982_goto_l0000097b: - assume {:captureState "l00000982_goto_l0000097b"} true; + l00000672_goto_l00000693: + assume {:captureState "l00000672_goto_l00000693"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l0000097b; - l00000982_goto_l000009a8: - assume {:captureState "l00000982_goto_l000009a8"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l000009a8; + goto l00000693; + l00000693: + assume {:captureState "l00000693"} true; + R30, Gamma_R30 := 2340bv64, true; + call add_two(); + goto l0000069f; + l00000977: + assume {:captureState "l00000977"} true; + goto l000005b3; + l00000732: + assume {:captureState "l00000732"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #13, Gamma_#13 := bvadd32(R0[32:0], 4294967288bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#13, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934585bv33))), (Gamma_R0 && Gamma_#13); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#13, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967289bv33))), (Gamma_R0 && Gamma_#13); + ZF, Gamma_ZF := bvcomp32(bvadd32(#13, 1bv32), 0bv32), Gamma_#13; + NF, Gamma_NF := bvadd32(#13, 1bv32)[32:31], Gamma_#13; + assert Gamma_ZF; + goto l00000732_goto_l0000075f, l00000732_goto_l00000753; + l000006aa: + assume {:captureState "l000006aa"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #10, Gamma_#10 := bvadd32(R0[32:0], 4294967286bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#10, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934583bv33))), (Gamma_R0 && Gamma_#10); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#10, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967287bv33))), (Gamma_R0 && Gamma_#10); + ZF, Gamma_ZF := bvcomp32(bvadd32(#10, 1bv32), 0bv32), Gamma_#10; + NF, Gamma_NF := bvadd32(#10, 1bv32)[32:31], Gamma_#10; + assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); + goto l000006aa_goto_l000006d2, l000006aa_goto_l000005de; + l00000859: + assume {:captureState "l00000859"} true; + R30, Gamma_R30 := 2304bv64, true; + call add_six(); + goto l00000865; + main_return: + assume {:captureState "main_return"} true; + return; } procedure sub_seven() @@ -1166,5 +1184,11 @@ procedure sub_seven() assert (L(mem, R0) ==> Gamma_R1); mem, Gamma_mem := memory_store32_le(mem, R0, R1[32:0]), gamma_store32(Gamma_mem, R0, Gamma_R1); assume {:captureState "%00000549"} true; + goto sub_seven_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + sub_seven_return: + assume {:captureState "sub_seven_return"} true; return; } diff --git a/src/test/correct/malloc_with_local/clang/malloc_with_local.expected b/src/test/correct/malloc_with_local/clang/malloc_with_local.expected index ecaf1a185..9682dff81 100644 --- a/src/test/correct/malloc_with_local/clang/malloc_with_local.expected +++ b/src/test/correct/malloc_with_local/clang/malloc_with_local.expected @@ -624,6 +624,14 @@ procedure main() R30, Gamma_R30 := 2100bv64, true; call malloc(); goto l00000391; + l00000459: + assume {:captureState "l00000459"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, R31)), gamma_load32(Gamma_stack, R31); + #5, Gamma_#5 := bvadd64(R31, 32bv64), Gamma_R31; + R29, Gamma_R29 := memory_load64_le(stack, #5), gamma_load64(Gamma_stack, #5); + R30, Gamma_R30 := memory_load64_le(stack, bvadd64(#5, 8bv64)), gamma_load64(Gamma_stack, bvadd64(#5, 8bv64)); + R31, Gamma_R31 := bvadd64(R31, 48bv64), Gamma_R31; + goto main_return; l00000391: assume {:captureState "l00000391"} true; stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 16bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 16bv64), Gamma_R0); @@ -632,6 +640,20 @@ procedure main() R30, Gamma_R30 := 2112bv64, true; call malloc(); goto l000003a5; + l00000423: + assume {:captureState "l00000423"} true; + R1, Gamma_R1 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 4bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 4bv64)); + R0, Gamma_R0 := 0bv64, true; + R0, Gamma_R0 := bvadd64(R0, 2293bv64), Gamma_R0; + R30, Gamma_R30 := 2204bv64, true; + call printf(); + goto l0000043c; + l0000043c: + assume {:captureState "l0000043c"} true; + R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 16bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 16bv64)); + R30, Gamma_R30 := 2212bv64, true; + call #free(); + goto l0000044b; l000003a5: assume {:captureState "l000003a5"} true; stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 8bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 8bv64), Gamma_R0); @@ -669,33 +691,17 @@ procedure main() R30, Gamma_R30 := 2188bv64, true; call printf(); goto l00000423; - l00000423: - assume {:captureState "l00000423"} true; - R1, Gamma_R1 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 4bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 4bv64)); - R0, Gamma_R0 := 0bv64, true; - R0, Gamma_R0 := bvadd64(R0, 2293bv64), Gamma_R0; - R30, Gamma_R30 := 2204bv64, true; - call printf(); - goto l0000043c; - l0000043c: - assume {:captureState "l0000043c"} true; - R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 16bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 16bv64)); - R30, Gamma_R30 := 2212bv64, true; - call #free(); - goto l0000044b; l0000044b: assume {:captureState "l0000044b"} true; R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); R30, Gamma_R30 := 2220bv64, true; call #free(); goto l00000459; - l00000459: - assume {:captureState "l00000459"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, R31)), gamma_load32(Gamma_stack, R31); - #5, Gamma_#5 := bvadd64(R31, 32bv64), Gamma_R31; - R29, Gamma_R29 := memory_load64_le(stack, #5), gamma_load64(Gamma_stack, #5); - R30, Gamma_R30 := memory_load64_le(stack, bvadd64(#5, 8bv64)), gamma_load64(Gamma_stack, bvadd64(#5, 8bv64)); - R31, Gamma_R31 := bvadd64(R31, 48bv64), Gamma_R31; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/malloc_with_local/clang_O2/malloc_with_local.expected b/src/test/correct/malloc_with_local/clang_O2/malloc_with_local.expected index 775c83e11..f45ad3852 100644 --- a/src/test/correct/malloc_with_local/clang_O2/malloc_with_local.expected +++ b/src/test/correct/malloc_with_local/clang_O2/malloc_with_local.expected @@ -386,14 +386,6 @@ procedure main() R30, Gamma_R30 := 1900bv64, true; call printf(); goto l00000322; - l00000322: - assume {:captureState "l00000322"} true; - R0, Gamma_R0 := 0bv64, true; - R0, Gamma_R0 := bvadd64(R0, 1985bv64), Gamma_R0; - R1, Gamma_R1 := 42bv64, true; - R30, Gamma_R30 := 1916bv64, true; - call printf(); - goto l00000339; l00000339: assume {:captureState "l00000339"} true; R0, Gamma_R0 := 0bv64, true; @@ -402,12 +394,26 @@ procedure main() R30, Gamma_R30 := 1932bv64, true; call printf(); goto l00000350; + l00000322: + assume {:captureState "l00000322"} true; + R0, Gamma_R0 := 0bv64, true; + R0, Gamma_R0 := bvadd64(R0, 1985bv64), Gamma_R0; + R1, Gamma_R1 := 42bv64, true; + R30, Gamma_R30 := 1916bv64, true; + call printf(); + goto l00000339; + terminate: + assume {:captureState "terminate"} true; + goto terminate; l00000350: assume {:captureState "l00000350"} true; R0, Gamma_R0 := 0bv64, true; R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/malloc_with_local/clang_no_plt_no_pic/malloc_with_local.expected b/src/test/correct/malloc_with_local/clang_no_plt_no_pic/malloc_with_local.expected index 07ac928d3..a614eb452 100644 --- a/src/test/correct/malloc_with_local/clang_no_plt_no_pic/malloc_with_local.expected +++ b/src/test/correct/malloc_with_local/clang_no_plt_no_pic/malloc_with_local.expected @@ -624,14 +624,6 @@ procedure main() R30, Gamma_R30 := 2100bv64, true; call malloc(); goto l00000b03; - l00000b03: - assume {:captureState "l00000b03"} true; - stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 16bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 16bv64), Gamma_R0); - assume {:captureState "%00000b09"} true; - R0, Gamma_R0 := 4bv64, true; - R30, Gamma_R30 := 2112bv64, true; - call malloc(); - goto l00000b17; l00000b17: assume {:captureState "l00000b17"} true; stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 8bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 8bv64), Gamma_R0); @@ -659,24 +651,6 @@ procedure main() R30, Gamma_R30 := 2168bv64, true; call printf(); goto l00000b75; - l00000b75: - assume {:captureState "l00000b75"} true; - R8, Gamma_R8 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); - call rely(); - R1, Gamma_R1 := zero_extend32_32(memory_load32_le(mem, R8)), (gamma_load32(Gamma_mem, R8) || L(mem, R8)); - R0, Gamma_R0 := 0bv64, true; - R0, Gamma_R0 := bvadd64(R0, 2277bv64), Gamma_R0; - R30, Gamma_R30 := 2188bv64, true; - call printf(); - goto l00000b95; - l00000b95: - assume {:captureState "l00000b95"} true; - R1, Gamma_R1 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 4bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 4bv64)); - R0, Gamma_R0 := 0bv64, true; - R0, Gamma_R0 := bvadd64(R0, 2293bv64), Gamma_R0; - R30, Gamma_R30 := 2204bv64, true; - call printf(); - goto l00000bae; l00000bae: assume {:captureState "l00000bae"} true; R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 16bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 16bv64)); @@ -689,6 +663,24 @@ procedure main() R30, Gamma_R30 := 2220bv64, true; call #free(); goto l00000bcb; + l00000b03: + assume {:captureState "l00000b03"} true; + stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 16bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 16bv64), Gamma_R0); + assume {:captureState "%00000b09"} true; + R0, Gamma_R0 := 4bv64, true; + R30, Gamma_R30 := 2112bv64, true; + call malloc(); + goto l00000b17; + l00000b75: + assume {:captureState "l00000b75"} true; + R8, Gamma_R8 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); + call rely(); + R1, Gamma_R1 := zero_extend32_32(memory_load32_le(mem, R8)), (gamma_load32(Gamma_mem, R8) || L(mem, R8)); + R0, Gamma_R0 := 0bv64, true; + R0, Gamma_R0 := bvadd64(R0, 2277bv64), Gamma_R0; + R30, Gamma_R30 := 2188bv64, true; + call printf(); + goto l00000b95; l00000bcb: assume {:captureState "l00000bcb"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, R31)), gamma_load32(Gamma_stack, R31); @@ -696,6 +688,20 @@ procedure main() R29, Gamma_R29 := memory_load64_le(stack, #5), gamma_load64(Gamma_stack, #5); R30, Gamma_R30 := memory_load64_le(stack, bvadd64(#5, 8bv64)), gamma_load64(Gamma_stack, bvadd64(#5, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 48bv64), Gamma_R31; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + l00000b95: + assume {:captureState "l00000b95"} true; + R1, Gamma_R1 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 4bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 4bv64)); + R0, Gamma_R0 := 0bv64, true; + R0, Gamma_R0 := bvadd64(R0, 2293bv64), Gamma_R0; + R30, Gamma_R30 := 2204bv64, true; + call printf(); + goto l00000bae; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/malloc_with_local/clang_pic/malloc_with_local.expected b/src/test/correct/malloc_with_local/clang_pic/malloc_with_local.expected index 07ac928d3..a614eb452 100644 --- a/src/test/correct/malloc_with_local/clang_pic/malloc_with_local.expected +++ b/src/test/correct/malloc_with_local/clang_pic/malloc_with_local.expected @@ -624,14 +624,6 @@ procedure main() R30, Gamma_R30 := 2100bv64, true; call malloc(); goto l00000b03; - l00000b03: - assume {:captureState "l00000b03"} true; - stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 16bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 16bv64), Gamma_R0); - assume {:captureState "%00000b09"} true; - R0, Gamma_R0 := 4bv64, true; - R30, Gamma_R30 := 2112bv64, true; - call malloc(); - goto l00000b17; l00000b17: assume {:captureState "l00000b17"} true; stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 8bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 8bv64), Gamma_R0); @@ -659,24 +651,6 @@ procedure main() R30, Gamma_R30 := 2168bv64, true; call printf(); goto l00000b75; - l00000b75: - assume {:captureState "l00000b75"} true; - R8, Gamma_R8 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); - call rely(); - R1, Gamma_R1 := zero_extend32_32(memory_load32_le(mem, R8)), (gamma_load32(Gamma_mem, R8) || L(mem, R8)); - R0, Gamma_R0 := 0bv64, true; - R0, Gamma_R0 := bvadd64(R0, 2277bv64), Gamma_R0; - R30, Gamma_R30 := 2188bv64, true; - call printf(); - goto l00000b95; - l00000b95: - assume {:captureState "l00000b95"} true; - R1, Gamma_R1 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 4bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 4bv64)); - R0, Gamma_R0 := 0bv64, true; - R0, Gamma_R0 := bvadd64(R0, 2293bv64), Gamma_R0; - R30, Gamma_R30 := 2204bv64, true; - call printf(); - goto l00000bae; l00000bae: assume {:captureState "l00000bae"} true; R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 16bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 16bv64)); @@ -689,6 +663,24 @@ procedure main() R30, Gamma_R30 := 2220bv64, true; call #free(); goto l00000bcb; + l00000b03: + assume {:captureState "l00000b03"} true; + stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 16bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 16bv64), Gamma_R0); + assume {:captureState "%00000b09"} true; + R0, Gamma_R0 := 4bv64, true; + R30, Gamma_R30 := 2112bv64, true; + call malloc(); + goto l00000b17; + l00000b75: + assume {:captureState "l00000b75"} true; + R8, Gamma_R8 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); + call rely(); + R1, Gamma_R1 := zero_extend32_32(memory_load32_le(mem, R8)), (gamma_load32(Gamma_mem, R8) || L(mem, R8)); + R0, Gamma_R0 := 0bv64, true; + R0, Gamma_R0 := bvadd64(R0, 2277bv64), Gamma_R0; + R30, Gamma_R30 := 2188bv64, true; + call printf(); + goto l00000b95; l00000bcb: assume {:captureState "l00000bcb"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, R31)), gamma_load32(Gamma_stack, R31); @@ -696,6 +688,20 @@ procedure main() R29, Gamma_R29 := memory_load64_le(stack, #5), gamma_load64(Gamma_stack, #5); R30, Gamma_R30 := memory_load64_le(stack, bvadd64(#5, 8bv64)), gamma_load64(Gamma_stack, bvadd64(#5, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 48bv64), Gamma_R31; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + l00000b95: + assume {:captureState "l00000b95"} true; + R1, Gamma_R1 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 4bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 4bv64)); + R0, Gamma_R0 := 0bv64, true; + R0, Gamma_R0 := bvadd64(R0, 2293bv64), Gamma_R0; + R30, Gamma_R30 := 2204bv64, true; + call printf(); + goto l00000bae; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/malloc_with_local/gcc/malloc_with_local.expected b/src/test/correct/malloc_with_local/gcc/malloc_with_local.expected index 7853707b6..eb6ffd63c 100644 --- a/src/test/correct/malloc_with_local/gcc/malloc_with_local.expected +++ b/src/test/correct/malloc_with_local/gcc/malloc_with_local.expected @@ -668,6 +668,44 @@ procedure main() R30, Gamma_R30 := 2084bv64, true; call malloc(); goto l0000036f; + l0000040d: + assume {:captureState "l0000040d"} true; + R1, Gamma_R1 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + R0, Gamma_R0 := 0bv64, true; + R0, Gamma_R0 := bvadd64(R0, 2296bv64), Gamma_R0; + R30, Gamma_R30 := 2196bv64, true; + call printf(); + goto l00000426; + l00000426: + assume {:captureState "l00000426"} true; + R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 32bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 32bv64)); + R30, Gamma_R30 := 2204bv64, true; + call #free(); + goto l00000435; + l000003e7: + assume {:captureState "l000003e7"} true; + R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 40bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 40bv64)); + call rely(); + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, R0)), (gamma_load32(Gamma_mem, R0) || L(mem, R0)); + R1, Gamma_R1 := zero_extend32_32(R0[32:0]), Gamma_R0; + R0, Gamma_R0 := 0bv64, true; + R0, Gamma_R0 := bvadd64(R0, 2280bv64), Gamma_R0; + R30, Gamma_R30 := 2180bv64, true; + call printf(); + goto l0000040d; + l00000435: + assume {:captureState "l00000435"} true; + R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 40bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 40bv64)); + R30, Gamma_R30 := 2212bv64, true; + call #free(); + goto l00000443; + l00000443: + assume {:captureState "l00000443"} true; + R0, Gamma_R0 := 0bv64, true; + R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); + R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); + R31, Gamma_R31 := bvadd64(R31, 48bv64), Gamma_R31; + goto main_return; l0000036f: assume {:captureState "l0000036f"} true; stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 32bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 32bv64), Gamma_R0); @@ -676,6 +714,9 @@ procedure main() R30, Gamma_R30 := 2096bv64, true; call malloc(); goto l00000383; + terminate: + assume {:captureState "terminate"} true; + goto terminate; l00000383: assume {:captureState "l00000383"} true; stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 40bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 40bv64), Gamma_R0); @@ -704,43 +745,8 @@ procedure main() R30, Gamma_R30 := 2156bv64, true; call printf(); goto l000003e7; - l000003e7: - assume {:captureState "l000003e7"} true; - R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 40bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 40bv64)); - call rely(); - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, R0)), (gamma_load32(Gamma_mem, R0) || L(mem, R0)); - R1, Gamma_R1 := zero_extend32_32(R0[32:0]), Gamma_R0; - R0, Gamma_R0 := 0bv64, true; - R0, Gamma_R0 := bvadd64(R0, 2280bv64), Gamma_R0; - R30, Gamma_R30 := 2180bv64, true; - call printf(); - goto l0000040d; - l0000040d: - assume {:captureState "l0000040d"} true; - R1, Gamma_R1 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - R0, Gamma_R0 := 0bv64, true; - R0, Gamma_R0 := bvadd64(R0, 2296bv64), Gamma_R0; - R30, Gamma_R30 := 2196bv64, true; - call printf(); - goto l00000426; - l00000426: - assume {:captureState "l00000426"} true; - R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 32bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 32bv64)); - R30, Gamma_R30 := 2204bv64, true; - call #free(); - goto l00000435; - l00000435: - assume {:captureState "l00000435"} true; - R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 40bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 40bv64)); - R30, Gamma_R30 := 2212bv64, true; - call #free(); - goto l00000443; - l00000443: - assume {:captureState "l00000443"} true; - R0, Gamma_R0 := 0bv64, true; - R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); - R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); - R31, Gamma_R31 := bvadd64(R31, 48bv64), Gamma_R31; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/malloc_with_local/gcc_O2/malloc_with_local.expected b/src/test/correct/malloc_with_local/gcc_O2/malloc_with_local.expected index 2f63e0068..ae465b1b2 100644 --- a/src/test/correct/malloc_with_local/gcc_O2/malloc_with_local.expected +++ b/src/test/correct/malloc_with_local/gcc_O2/malloc_with_local.expected @@ -639,6 +639,13 @@ procedure main() R30, Gamma_R30 := 1692bv64, true; call __printf_chk(); goto l00000221; + l00000259: + assume {:captureState "l00000259"} true; + R0, Gamma_R0 := 0bv64, true; + R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); + R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); + R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; l00000221: assume {:captureState "l00000221"} true; R2, Gamma_R2 := 42bv64, true; @@ -657,11 +664,10 @@ procedure main() R30, Gamma_R30 := 1732bv64, true; call __printf_chk(); goto l00000259; - l00000259: - assume {:captureState "l00000259"} true; - R0, Gamma_R0 := 0bv64, true; - R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); - R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); - R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/malloc_with_local/gcc_no_plt_no_pic/malloc_with_local.expected b/src/test/correct/malloc_with_local/gcc_no_plt_no_pic/malloc_with_local.expected index 91f3ea4d7..af3d2c995 100644 --- a/src/test/correct/malloc_with_local/gcc_no_plt_no_pic/malloc_with_local.expected +++ b/src/test/correct/malloc_with_local/gcc_no_plt_no_pic/malloc_with_local.expected @@ -668,42 +668,6 @@ procedure main() R30, Gamma_R30 := 2084bv64, true; call malloc(); goto l00000ac0; - l00000ac0: - assume {:captureState "l00000ac0"} true; - stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 32bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 32bv64), Gamma_R0); - assume {:captureState "%00000ac6"} true; - R0, Gamma_R0 := 4bv64, true; - R30, Gamma_R30 := 2096bv64, true; - call malloc(); - goto l00000ad4; - l00000ad4: - assume {:captureState "l00000ad4"} true; - stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 40bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 40bv64), Gamma_R0); - assume {:captureState "%00000ada"} true; - R0, Gamma_R0 := 10bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 28bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 28bv64), Gamma_R0); - assume {:captureState "%00000ae7"} true; - R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 32bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 32bv64)); - R1, Gamma_R1 := 65bv64, true; - call rely(); - assert (L(mem, R0) ==> Gamma_R1); - mem, Gamma_mem := memory_store8_le(mem, R0, R1[8:0]), gamma_store8(Gamma_mem, R0, Gamma_R1); - assume {:captureState "%00000afb"} true; - R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 40bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 40bv64)); - R1, Gamma_R1 := 42bv64, true; - call rely(); - assert (L(mem, R0) ==> Gamma_R1); - mem, Gamma_mem := memory_store32_le(mem, R0, R1[32:0]), gamma_store32(Gamma_mem, R0, Gamma_R1); - assume {:captureState "%00000b0f"} true; - R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 32bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 32bv64)); - call rely(); - R0, Gamma_R0 := zero_extend56_8(memory_load8_le(mem, R0)), (gamma_load8(Gamma_mem, R0) || L(mem, R0)); - R1, Gamma_R1 := zero_extend32_32(R0[32:0]), Gamma_R0; - R0, Gamma_R0 := 0bv64, true; - R0, Gamma_R0 := bvadd64(R0, 2256bv64), Gamma_R0; - R30, Gamma_R30 := 2156bv64, true; - call printf(); - goto l00000b38; l00000b38: assume {:captureState "l00000b38"} true; R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 40bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 40bv64)); @@ -735,12 +699,54 @@ procedure main() R30, Gamma_R30 := 2212bv64, true; call #free(); goto l00000b94; + l00000ad4: + assume {:captureState "l00000ad4"} true; + stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 40bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 40bv64), Gamma_R0); + assume {:captureState "%00000ada"} true; + R0, Gamma_R0 := 10bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 28bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 28bv64), Gamma_R0); + assume {:captureState "%00000ae7"} true; + R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 32bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 32bv64)); + R1, Gamma_R1 := 65bv64, true; + call rely(); + assert (L(mem, R0) ==> Gamma_R1); + mem, Gamma_mem := memory_store8_le(mem, R0, R1[8:0]), gamma_store8(Gamma_mem, R0, Gamma_R1); + assume {:captureState "%00000afb"} true; + R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 40bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 40bv64)); + R1, Gamma_R1 := 42bv64, true; + call rely(); + assert (L(mem, R0) ==> Gamma_R1); + mem, Gamma_mem := memory_store32_le(mem, R0, R1[32:0]), gamma_store32(Gamma_mem, R0, Gamma_R1); + assume {:captureState "%00000b0f"} true; + R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 32bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 32bv64)); + call rely(); + R0, Gamma_R0 := zero_extend56_8(memory_load8_le(mem, R0)), (gamma_load8(Gamma_mem, R0) || L(mem, R0)); + R1, Gamma_R1 := zero_extend32_32(R0[32:0]), Gamma_R0; + R0, Gamma_R0 := 0bv64, true; + R0, Gamma_R0 := bvadd64(R0, 2256bv64), Gamma_R0; + R30, Gamma_R30 := 2156bv64, true; + call printf(); + goto l00000b38; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + l00000ac0: + assume {:captureState "l00000ac0"} true; + stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 32bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 32bv64), Gamma_R0); + assume {:captureState "%00000ac6"} true; + R0, Gamma_R0 := 4bv64, true; + R30, Gamma_R30 := 2096bv64, true; + call malloc(); + goto l00000ad4; l00000b94: assume {:captureState "l00000b94"} true; R0, Gamma_R0 := 0bv64, true; R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 48bv64), Gamma_R31; + goto main_return; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/malloc_with_local/gcc_pic/malloc_with_local.expected b/src/test/correct/malloc_with_local/gcc_pic/malloc_with_local.expected index 91f3ea4d7..af3d2c995 100644 --- a/src/test/correct/malloc_with_local/gcc_pic/malloc_with_local.expected +++ b/src/test/correct/malloc_with_local/gcc_pic/malloc_with_local.expected @@ -668,42 +668,6 @@ procedure main() R30, Gamma_R30 := 2084bv64, true; call malloc(); goto l00000ac0; - l00000ac0: - assume {:captureState "l00000ac0"} true; - stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 32bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 32bv64), Gamma_R0); - assume {:captureState "%00000ac6"} true; - R0, Gamma_R0 := 4bv64, true; - R30, Gamma_R30 := 2096bv64, true; - call malloc(); - goto l00000ad4; - l00000ad4: - assume {:captureState "l00000ad4"} true; - stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 40bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 40bv64), Gamma_R0); - assume {:captureState "%00000ada"} true; - R0, Gamma_R0 := 10bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 28bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 28bv64), Gamma_R0); - assume {:captureState "%00000ae7"} true; - R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 32bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 32bv64)); - R1, Gamma_R1 := 65bv64, true; - call rely(); - assert (L(mem, R0) ==> Gamma_R1); - mem, Gamma_mem := memory_store8_le(mem, R0, R1[8:0]), gamma_store8(Gamma_mem, R0, Gamma_R1); - assume {:captureState "%00000afb"} true; - R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 40bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 40bv64)); - R1, Gamma_R1 := 42bv64, true; - call rely(); - assert (L(mem, R0) ==> Gamma_R1); - mem, Gamma_mem := memory_store32_le(mem, R0, R1[32:0]), gamma_store32(Gamma_mem, R0, Gamma_R1); - assume {:captureState "%00000b0f"} true; - R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 32bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 32bv64)); - call rely(); - R0, Gamma_R0 := zero_extend56_8(memory_load8_le(mem, R0)), (gamma_load8(Gamma_mem, R0) || L(mem, R0)); - R1, Gamma_R1 := zero_extend32_32(R0[32:0]), Gamma_R0; - R0, Gamma_R0 := 0bv64, true; - R0, Gamma_R0 := bvadd64(R0, 2256bv64), Gamma_R0; - R30, Gamma_R30 := 2156bv64, true; - call printf(); - goto l00000b38; l00000b38: assume {:captureState "l00000b38"} true; R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 40bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 40bv64)); @@ -735,12 +699,54 @@ procedure main() R30, Gamma_R30 := 2212bv64, true; call #free(); goto l00000b94; + l00000ad4: + assume {:captureState "l00000ad4"} true; + stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 40bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 40bv64), Gamma_R0); + assume {:captureState "%00000ada"} true; + R0, Gamma_R0 := 10bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 28bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 28bv64), Gamma_R0); + assume {:captureState "%00000ae7"} true; + R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 32bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 32bv64)); + R1, Gamma_R1 := 65bv64, true; + call rely(); + assert (L(mem, R0) ==> Gamma_R1); + mem, Gamma_mem := memory_store8_le(mem, R0, R1[8:0]), gamma_store8(Gamma_mem, R0, Gamma_R1); + assume {:captureState "%00000afb"} true; + R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 40bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 40bv64)); + R1, Gamma_R1 := 42bv64, true; + call rely(); + assert (L(mem, R0) ==> Gamma_R1); + mem, Gamma_mem := memory_store32_le(mem, R0, R1[32:0]), gamma_store32(Gamma_mem, R0, Gamma_R1); + assume {:captureState "%00000b0f"} true; + R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 32bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 32bv64)); + call rely(); + R0, Gamma_R0 := zero_extend56_8(memory_load8_le(mem, R0)), (gamma_load8(Gamma_mem, R0) || L(mem, R0)); + R1, Gamma_R1 := zero_extend32_32(R0[32:0]), Gamma_R0; + R0, Gamma_R0 := 0bv64, true; + R0, Gamma_R0 := bvadd64(R0, 2256bv64), Gamma_R0; + R30, Gamma_R30 := 2156bv64, true; + call printf(); + goto l00000b38; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + l00000ac0: + assume {:captureState "l00000ac0"} true; + stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 32bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 32bv64), Gamma_R0); + assume {:captureState "%00000ac6"} true; + R0, Gamma_R0 := 4bv64, true; + R30, Gamma_R30 := 2096bv64, true; + call malloc(); + goto l00000ad4; l00000b94: assume {:captureState "l00000b94"} true; R0, Gamma_R0 := 0bv64, true; R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 48bv64), Gamma_R31; + goto main_return; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/malloc_with_local2/clang/malloc_with_local2.expected b/src/test/correct/malloc_with_local2/clang/malloc_with_local2.expected index 6030ae003..17f71adec 100644 --- a/src/test/correct/malloc_with_local2/clang/malloc_with_local2.expected +++ b/src/test/correct/malloc_with_local2/clang/malloc_with_local2.expected @@ -624,31 +624,6 @@ procedure main() R30, Gamma_R30 := 2100bv64, true; call malloc(); goto l000003b5; - l000003b5: - assume {:captureState "l000003b5"} true; - stack, Gamma_stack := memory_store64_le(stack, bvadd64(R29, 18446744073709551600bv64), R0), gamma_store64(Gamma_stack, bvadd64(R29, 18446744073709551600bv64), Gamma_R0); - assume {:captureState "%000003bb"} true; - R8, Gamma_R8 := 11bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R29, 18446744073709551596bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R29, 18446744073709551596bv64), Gamma_R8); - assume {:captureState "%000003c8"} true; - R0, Gamma_R0 := 4bv64, true; - stack, Gamma_stack := memory_store64_le(stack, R31, R0), gamma_store64(Gamma_stack, R31, Gamma_R0); - assume {:captureState "%000003d5"} true; - R30, Gamma_R30 := 2124bv64, true; - call malloc(); - goto l000003de; - l000003de: - assume {:captureState "l000003de"} true; - R8, Gamma_R8 := R0, Gamma_R0; - R0, Gamma_R0 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); - stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 32bv64), R8), gamma_store64(Gamma_stack, bvadd64(R31, 32bv64), Gamma_R8); - assume {:captureState "%000003f1"} true; - R8, Gamma_R8 := 10bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 28bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 28bv64), Gamma_R8); - assume {:captureState "%000003fe"} true; - R30, Gamma_R30 := 2148bv64, true; - call malloc(); - goto l00000407; l00000407: assume {:captureState "l00000407"} true; stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 16bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 16bv64), Gamma_R0); @@ -676,16 +651,45 @@ procedure main() R30, Gamma_R30 := 2204bv64, true; call printf(); goto l00000465; - l00000465: - assume {:captureState "l00000465"} true; - R8, Gamma_R8 := memory_load64_le(stack, bvadd64(R31, 32bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 32bv64)); - call rely(); - R1, Gamma_R1 := zero_extend32_32(memory_load32_le(mem, R8)), (gamma_load32(Gamma_mem, R8) || L(mem, R8)); - R0, Gamma_R0 := 0bv64, true; - R0, Gamma_R0 := bvadd64(R0, 2313bv64), Gamma_R0; - R30, Gamma_R30 := 2224bv64, true; - call printf(); - goto l00000485; + l000003de: + assume {:captureState "l000003de"} true; + R8, Gamma_R8 := R0, Gamma_R0; + R0, Gamma_R0 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); + stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 32bv64), R8), gamma_store64(Gamma_stack, bvadd64(R31, 32bv64), Gamma_R8); + assume {:captureState "%000003f1"} true; + R8, Gamma_R8 := 10bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 28bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 28bv64), Gamma_R8); + assume {:captureState "%000003fe"} true; + R30, Gamma_R30 := 2148bv64, true; + call malloc(); + goto l00000407; + l000004ad: + assume {:captureState "l000004ad"} true; + R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 32bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 32bv64)); + R30, Gamma_R30 := 2256bv64, true; + call #free(); + goto l000004bb; + l000004bb: + assume {:captureState "l000004bb"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); + #5, Gamma_#5 := bvadd64(R31, 64bv64), Gamma_R31; + R29, Gamma_R29 := memory_load64_le(stack, #5), gamma_load64(Gamma_stack, #5); + R30, Gamma_R30 := memory_load64_le(stack, bvadd64(#5, 8bv64)), gamma_load64(Gamma_stack, bvadd64(#5, 8bv64)); + R31, Gamma_R31 := bvadd64(R31, 80bv64), Gamma_R31; + goto main_return; + l000003b5: + assume {:captureState "l000003b5"} true; + stack, Gamma_stack := memory_store64_le(stack, bvadd64(R29, 18446744073709551600bv64), R0), gamma_store64(Gamma_stack, bvadd64(R29, 18446744073709551600bv64), Gamma_R0); + assume {:captureState "%000003bb"} true; + R8, Gamma_R8 := 11bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R29, 18446744073709551596bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R29, 18446744073709551596bv64), Gamma_R8); + assume {:captureState "%000003c8"} true; + R0, Gamma_R0 := 4bv64, true; + stack, Gamma_stack := memory_store64_le(stack, R31, R0), gamma_store64(Gamma_stack, R31, Gamma_R0); + assume {:captureState "%000003d5"} true; + R30, Gamma_R30 := 2124bv64, true; + call malloc(); + goto l000003de; l00000485: assume {:captureState "l00000485"} true; R1, Gamma_R1 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -700,19 +704,21 @@ procedure main() R30, Gamma_R30 := 2248bv64, true; call #free(); goto l000004ad; - l000004ad: - assume {:captureState "l000004ad"} true; - R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 32bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 32bv64)); - R30, Gamma_R30 := 2256bv64, true; - call #free(); - goto l000004bb; - l000004bb: - assume {:captureState "l000004bb"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); - #5, Gamma_#5 := bvadd64(R31, 64bv64), Gamma_R31; - R29, Gamma_R29 := memory_load64_le(stack, #5), gamma_load64(Gamma_stack, #5); - R30, Gamma_R30 := memory_load64_le(stack, bvadd64(#5, 8bv64)), gamma_load64(Gamma_stack, bvadd64(#5, 8bv64)); - R31, Gamma_R31 := bvadd64(R31, 80bv64), Gamma_R31; + l00000465: + assume {:captureState "l00000465"} true; + R8, Gamma_R8 := memory_load64_le(stack, bvadd64(R31, 32bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 32bv64)); + call rely(); + R1, Gamma_R1 := zero_extend32_32(memory_load32_le(mem, R8)), (gamma_load32(Gamma_mem, R8) || L(mem, R8)); + R0, Gamma_R0 := 0bv64, true; + R0, Gamma_R0 := bvadd64(R0, 2313bv64), Gamma_R0; + R30, Gamma_R30 := 2224bv64, true; + call printf(); + goto l00000485; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/malloc_with_local2/clang_O2/malloc_with_local2.expected b/src/test/correct/malloc_with_local2/clang_O2/malloc_with_local2.expected index 775c83e11..f45ad3852 100644 --- a/src/test/correct/malloc_with_local2/clang_O2/malloc_with_local2.expected +++ b/src/test/correct/malloc_with_local2/clang_O2/malloc_with_local2.expected @@ -386,14 +386,6 @@ procedure main() R30, Gamma_R30 := 1900bv64, true; call printf(); goto l00000322; - l00000322: - assume {:captureState "l00000322"} true; - R0, Gamma_R0 := 0bv64, true; - R0, Gamma_R0 := bvadd64(R0, 1985bv64), Gamma_R0; - R1, Gamma_R1 := 42bv64, true; - R30, Gamma_R30 := 1916bv64, true; - call printf(); - goto l00000339; l00000339: assume {:captureState "l00000339"} true; R0, Gamma_R0 := 0bv64, true; @@ -402,12 +394,26 @@ procedure main() R30, Gamma_R30 := 1932bv64, true; call printf(); goto l00000350; + l00000322: + assume {:captureState "l00000322"} true; + R0, Gamma_R0 := 0bv64, true; + R0, Gamma_R0 := bvadd64(R0, 1985bv64), Gamma_R0; + R1, Gamma_R1 := 42bv64, true; + R30, Gamma_R30 := 1916bv64, true; + call printf(); + goto l00000339; + terminate: + assume {:captureState "terminate"} true; + goto terminate; l00000350: assume {:captureState "l00000350"} true; R0, Gamma_R0 := 0bv64, true; R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/malloc_with_local2/clang_no_plt_no_pic/malloc_with_local2.expected b/src/test/correct/malloc_with_local2/clang_no_plt_no_pic/malloc_with_local2.expected index 8645f53a7..00a18b4c8 100644 --- a/src/test/correct/malloc_with_local2/clang_no_plt_no_pic/malloc_with_local2.expected +++ b/src/test/correct/malloc_with_local2/clang_no_plt_no_pic/malloc_with_local2.expected @@ -649,6 +649,14 @@ procedure main() R30, Gamma_R30 := 2148bv64, true; call malloc(); goto l00000be4; + l00000c98: + assume {:captureState "l00000c98"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); + #5, Gamma_#5 := bvadd64(R31, 64bv64), Gamma_R31; + R29, Gamma_R29 := memory_load64_le(stack, #5), gamma_load64(Gamma_stack, #5); + R30, Gamma_R30 := memory_load64_le(stack, bvadd64(#5, 8bv64)), gamma_load64(Gamma_stack, bvadd64(#5, 8bv64)); + R31, Gamma_R31 := bvadd64(R31, 80bv64), Gamma_R31; + goto main_return; l00000be4: assume {:captureState "l00000be4"} true; stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 16bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 16bv64), Gamma_R0); @@ -686,6 +694,15 @@ procedure main() R30, Gamma_R30 := 2224bv64, true; call printf(); goto l00000c62; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + l00000c7b: + assume {:captureState "l00000c7b"} true; + R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R29, 18446744073709551600bv64)), gamma_load64(Gamma_stack, bvadd64(R29, 18446744073709551600bv64)); + R30, Gamma_R30 := 2248bv64, true; + call #free(); + goto l00000c8a; l00000c62: assume {:captureState "l00000c62"} true; R1, Gamma_R1 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -694,25 +711,14 @@ procedure main() R30, Gamma_R30 := 2240bv64, true; call printf(); goto l00000c7b; - l00000c7b: - assume {:captureState "l00000c7b"} true; - R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R29, 18446744073709551600bv64)), gamma_load64(Gamma_stack, bvadd64(R29, 18446744073709551600bv64)); - R30, Gamma_R30 := 2248bv64, true; - call #free(); - goto l00000c8a; l00000c8a: assume {:captureState "l00000c8a"} true; R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 32bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 32bv64)); R30, Gamma_R30 := 2256bv64, true; call #free(); goto l00000c98; - l00000c98: - assume {:captureState "l00000c98"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); - #5, Gamma_#5 := bvadd64(R31, 64bv64), Gamma_R31; - R29, Gamma_R29 := memory_load64_le(stack, #5), gamma_load64(Gamma_stack, #5); - R30, Gamma_R30 := memory_load64_le(stack, bvadd64(#5, 8bv64)), gamma_load64(Gamma_stack, bvadd64(#5, 8bv64)); - R31, Gamma_R31 := bvadd64(R31, 80bv64), Gamma_R31; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/malloc_with_local2/clang_pic/malloc_with_local2.expected b/src/test/correct/malloc_with_local2/clang_pic/malloc_with_local2.expected index 8645f53a7..00a18b4c8 100644 --- a/src/test/correct/malloc_with_local2/clang_pic/malloc_with_local2.expected +++ b/src/test/correct/malloc_with_local2/clang_pic/malloc_with_local2.expected @@ -649,6 +649,14 @@ procedure main() R30, Gamma_R30 := 2148bv64, true; call malloc(); goto l00000be4; + l00000c98: + assume {:captureState "l00000c98"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); + #5, Gamma_#5 := bvadd64(R31, 64bv64), Gamma_R31; + R29, Gamma_R29 := memory_load64_le(stack, #5), gamma_load64(Gamma_stack, #5); + R30, Gamma_R30 := memory_load64_le(stack, bvadd64(#5, 8bv64)), gamma_load64(Gamma_stack, bvadd64(#5, 8bv64)); + R31, Gamma_R31 := bvadd64(R31, 80bv64), Gamma_R31; + goto main_return; l00000be4: assume {:captureState "l00000be4"} true; stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 16bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 16bv64), Gamma_R0); @@ -686,6 +694,15 @@ procedure main() R30, Gamma_R30 := 2224bv64, true; call printf(); goto l00000c62; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + l00000c7b: + assume {:captureState "l00000c7b"} true; + R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R29, 18446744073709551600bv64)), gamma_load64(Gamma_stack, bvadd64(R29, 18446744073709551600bv64)); + R30, Gamma_R30 := 2248bv64, true; + call #free(); + goto l00000c8a; l00000c62: assume {:captureState "l00000c62"} true; R1, Gamma_R1 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -694,25 +711,14 @@ procedure main() R30, Gamma_R30 := 2240bv64, true; call printf(); goto l00000c7b; - l00000c7b: - assume {:captureState "l00000c7b"} true; - R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R29, 18446744073709551600bv64)), gamma_load64(Gamma_stack, bvadd64(R29, 18446744073709551600bv64)); - R30, Gamma_R30 := 2248bv64, true; - call #free(); - goto l00000c8a; l00000c8a: assume {:captureState "l00000c8a"} true; R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 32bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 32bv64)); R30, Gamma_R30 := 2256bv64, true; call #free(); goto l00000c98; - l00000c98: - assume {:captureState "l00000c98"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); - #5, Gamma_#5 := bvadd64(R31, 64bv64), Gamma_R31; - R29, Gamma_R29 := memory_load64_le(stack, #5), gamma_load64(Gamma_stack, #5); - R30, Gamma_R30 := memory_load64_le(stack, bvadd64(#5, 8bv64)), gamma_load64(Gamma_stack, bvadd64(#5, 8bv64)); - R31, Gamma_R31 := bvadd64(R31, 80bv64), Gamma_R31; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/malloc_with_local2/gcc/malloc_with_local2.expected b/src/test/correct/malloc_with_local2/gcc/malloc_with_local2.expected index 503331b2c..109fef269 100644 --- a/src/test/correct/malloc_with_local2/gcc/malloc_with_local2.expected +++ b/src/test/correct/malloc_with_local2/gcc/malloc_with_local2.expected @@ -668,17 +668,6 @@ procedure main() R30, Gamma_R30 := 2084bv64, true; call malloc(); goto l0000038b; - l0000038b: - assume {:captureState "l0000038b"} true; - stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 40bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 40bv64), Gamma_R0); - assume {:captureState "%00000391"} true; - R0, Gamma_R0 := 11bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 28bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 28bv64), Gamma_R0); - assume {:captureState "%0000039e"} true; - R0, Gamma_R0 := 4bv64, true; - R30, Gamma_R30 := 2104bv64, true; - call malloc(); - goto l000003ac; l000003ac: assume {:captureState "l000003ac"} true; stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 48bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 48bv64), Gamma_R0); @@ -718,6 +707,27 @@ procedure main() R30, Gamma_R30 := 2184bv64, true; call printf(); goto l00000431; + l00000457: + assume {:captureState "l00000457"} true; + R1, Gamma_R1 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 32bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 32bv64)); + R0, Gamma_R0 := 0bv64, true; + R0, Gamma_R0 := bvadd64(R0, 2320bv64), Gamma_R0; + R30, Gamma_R30 := 2224bv64, true; + call printf(); + goto l00000470; + l0000048d: + assume {:captureState "l0000048d"} true; + R0, Gamma_R0 := 0bv64, true; + R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); + R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); + R31, Gamma_R31 := bvadd64(R31, 64bv64), Gamma_R31; + goto main_return; + l0000047f: + assume {:captureState "l0000047f"} true; + R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 48bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 48bv64)); + R30, Gamma_R30 := 2240bv64, true; + call #free(); + goto l0000048d; l00000431: assume {:captureState "l00000431"} true; R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 48bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 48bv64)); @@ -729,32 +739,28 @@ procedure main() R30, Gamma_R30 := 2208bv64, true; call printf(); goto l00000457; - l00000457: - assume {:captureState "l00000457"} true; - R1, Gamma_R1 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 32bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 32bv64)); - R0, Gamma_R0 := 0bv64, true; - R0, Gamma_R0 := bvadd64(R0, 2320bv64), Gamma_R0; - R30, Gamma_R30 := 2224bv64, true; - call printf(); - goto l00000470; + terminate: + assume {:captureState "terminate"} true; + goto terminate; l00000470: assume {:captureState "l00000470"} true; R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 40bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 40bv64)); R30, Gamma_R30 := 2232bv64, true; call #free(); goto l0000047f; - l0000047f: - assume {:captureState "l0000047f"} true; - R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 48bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 48bv64)); - R30, Gamma_R30 := 2240bv64, true; - call #free(); - goto l0000048d; - l0000048d: - assume {:captureState "l0000048d"} true; - R0, Gamma_R0 := 0bv64, true; - R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); - R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); - R31, Gamma_R31 := bvadd64(R31, 64bv64), Gamma_R31; + l0000038b: + assume {:captureState "l0000038b"} true; + stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 40bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 40bv64), Gamma_R0); + assume {:captureState "%00000391"} true; + R0, Gamma_R0 := 11bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 28bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 28bv64), Gamma_R0); + assume {:captureState "%0000039e"} true; + R0, Gamma_R0 := 4bv64, true; + R30, Gamma_R30 := 2104bv64, true; + call malloc(); + goto l000003ac; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/malloc_with_local2/gcc_O2/malloc_with_local2.expected b/src/test/correct/malloc_with_local2/gcc_O2/malloc_with_local2.expected index 2f63e0068..ae465b1b2 100644 --- a/src/test/correct/malloc_with_local2/gcc_O2/malloc_with_local2.expected +++ b/src/test/correct/malloc_with_local2/gcc_O2/malloc_with_local2.expected @@ -639,6 +639,13 @@ procedure main() R30, Gamma_R30 := 1692bv64, true; call __printf_chk(); goto l00000221; + l00000259: + assume {:captureState "l00000259"} true; + R0, Gamma_R0 := 0bv64, true; + R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); + R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); + R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; l00000221: assume {:captureState "l00000221"} true; R2, Gamma_R2 := 42bv64, true; @@ -657,11 +664,10 @@ procedure main() R30, Gamma_R30 := 1732bv64, true; call __printf_chk(); goto l00000259; - l00000259: - assume {:captureState "l00000259"} true; - R0, Gamma_R0 := 0bv64, true; - R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); - R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); - R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/malloc_with_local2/gcc_no_plt_no_pic/malloc_with_local2.expected b/src/test/correct/malloc_with_local2/gcc_no_plt_no_pic/malloc_with_local2.expected index 76eed4543..ebb6bcaca 100644 --- a/src/test/correct/malloc_with_local2/gcc_no_plt_no_pic/malloc_with_local2.expected +++ b/src/test/correct/malloc_with_local2/gcc_no_plt_no_pic/malloc_with_local2.expected @@ -668,6 +668,19 @@ procedure main() R30, Gamma_R30 := 2084bv64, true; call malloc(); goto l00000b2d; + l00000c2f: + assume {:captureState "l00000c2f"} true; + R0, Gamma_R0 := 0bv64, true; + R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); + R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); + R31, Gamma_R31 := bvadd64(R31, 64bv64), Gamma_R31; + goto main_return; + l00000c12: + assume {:captureState "l00000c12"} true; + R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 40bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 40bv64)); + R30, Gamma_R30 := 2232bv64, true; + call #free(); + goto l00000c21; l00000b2d: assume {:captureState "l00000b2d"} true; stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 40bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 40bv64), Gamma_R0); @@ -679,17 +692,20 @@ procedure main() R30, Gamma_R30 := 2104bv64, true; call malloc(); goto l00000b4e; - l00000b4e: - assume {:captureState "l00000b4e"} true; - stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 48bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 48bv64), Gamma_R0); - assume {:captureState "%00000b54"} true; - R0, Gamma_R0 := 10bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 32bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 32bv64), Gamma_R0); - assume {:captureState "%00000b61"} true; - R0, Gamma_R0 := 4bv64, true; - R30, Gamma_R30 := 2124bv64, true; - call malloc(); - goto l00000b6f; + l00000bf9: + assume {:captureState "l00000bf9"} true; + R1, Gamma_R1 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 32bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 32bv64)); + R0, Gamma_R0 := 0bv64, true; + R0, Gamma_R0 := bvadd64(R0, 2320bv64), Gamma_R0; + R30, Gamma_R30 := 2224bv64, true; + call printf(); + goto l00000c12; + l00000c21: + assume {:captureState "l00000c21"} true; + R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 48bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 48bv64)); + R30, Gamma_R30 := 2240bv64, true; + call #free(); + goto l00000c2f; l00000b6f: assume {:captureState "l00000b6f"} true; stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 56bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 56bv64), Gamma_R0); @@ -718,6 +734,17 @@ procedure main() R30, Gamma_R30 := 2184bv64, true; call printf(); goto l00000bd3; + l00000b4e: + assume {:captureState "l00000b4e"} true; + stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 48bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 48bv64), Gamma_R0); + assume {:captureState "%00000b54"} true; + R0, Gamma_R0 := 10bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 32bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 32bv64), Gamma_R0); + assume {:captureState "%00000b61"} true; + R0, Gamma_R0 := 4bv64, true; + R30, Gamma_R30 := 2124bv64, true; + call malloc(); + goto l00000b6f; l00000bd3: assume {:captureState "l00000bd3"} true; R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 48bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 48bv64)); @@ -729,32 +756,11 @@ procedure main() R30, Gamma_R30 := 2208bv64, true; call printf(); goto l00000bf9; - l00000bf9: - assume {:captureState "l00000bf9"} true; - R1, Gamma_R1 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 32bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 32bv64)); - R0, Gamma_R0 := 0bv64, true; - R0, Gamma_R0 := bvadd64(R0, 2320bv64), Gamma_R0; - R30, Gamma_R30 := 2224bv64, true; - call printf(); - goto l00000c12; - l00000c12: - assume {:captureState "l00000c12"} true; - R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 40bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 40bv64)); - R30, Gamma_R30 := 2232bv64, true; - call #free(); - goto l00000c21; - l00000c21: - assume {:captureState "l00000c21"} true; - R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 48bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 48bv64)); - R30, Gamma_R30 := 2240bv64, true; - call #free(); - goto l00000c2f; - l00000c2f: - assume {:captureState "l00000c2f"} true; - R0, Gamma_R0 := 0bv64, true; - R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); - R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); - R31, Gamma_R31 := bvadd64(R31, 64bv64), Gamma_R31; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/malloc_with_local2/gcc_pic/malloc_with_local2.expected b/src/test/correct/malloc_with_local2/gcc_pic/malloc_with_local2.expected index 76eed4543..ebb6bcaca 100644 --- a/src/test/correct/malloc_with_local2/gcc_pic/malloc_with_local2.expected +++ b/src/test/correct/malloc_with_local2/gcc_pic/malloc_with_local2.expected @@ -668,6 +668,19 @@ procedure main() R30, Gamma_R30 := 2084bv64, true; call malloc(); goto l00000b2d; + l00000c2f: + assume {:captureState "l00000c2f"} true; + R0, Gamma_R0 := 0bv64, true; + R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); + R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); + R31, Gamma_R31 := bvadd64(R31, 64bv64), Gamma_R31; + goto main_return; + l00000c12: + assume {:captureState "l00000c12"} true; + R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 40bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 40bv64)); + R30, Gamma_R30 := 2232bv64, true; + call #free(); + goto l00000c21; l00000b2d: assume {:captureState "l00000b2d"} true; stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 40bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 40bv64), Gamma_R0); @@ -679,17 +692,20 @@ procedure main() R30, Gamma_R30 := 2104bv64, true; call malloc(); goto l00000b4e; - l00000b4e: - assume {:captureState "l00000b4e"} true; - stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 48bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 48bv64), Gamma_R0); - assume {:captureState "%00000b54"} true; - R0, Gamma_R0 := 10bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 32bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 32bv64), Gamma_R0); - assume {:captureState "%00000b61"} true; - R0, Gamma_R0 := 4bv64, true; - R30, Gamma_R30 := 2124bv64, true; - call malloc(); - goto l00000b6f; + l00000bf9: + assume {:captureState "l00000bf9"} true; + R1, Gamma_R1 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 32bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 32bv64)); + R0, Gamma_R0 := 0bv64, true; + R0, Gamma_R0 := bvadd64(R0, 2320bv64), Gamma_R0; + R30, Gamma_R30 := 2224bv64, true; + call printf(); + goto l00000c12; + l00000c21: + assume {:captureState "l00000c21"} true; + R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 48bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 48bv64)); + R30, Gamma_R30 := 2240bv64, true; + call #free(); + goto l00000c2f; l00000b6f: assume {:captureState "l00000b6f"} true; stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 56bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 56bv64), Gamma_R0); @@ -718,6 +734,17 @@ procedure main() R30, Gamma_R30 := 2184bv64, true; call printf(); goto l00000bd3; + l00000b4e: + assume {:captureState "l00000b4e"} true; + stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 48bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 48bv64), Gamma_R0); + assume {:captureState "%00000b54"} true; + R0, Gamma_R0 := 10bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 32bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 32bv64), Gamma_R0); + assume {:captureState "%00000b61"} true; + R0, Gamma_R0 := 4bv64, true; + R30, Gamma_R30 := 2124bv64, true; + call malloc(); + goto l00000b6f; l00000bd3: assume {:captureState "l00000bd3"} true; R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 48bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 48bv64)); @@ -729,32 +756,11 @@ procedure main() R30, Gamma_R30 := 2208bv64, true; call printf(); goto l00000bf9; - l00000bf9: - assume {:captureState "l00000bf9"} true; - R1, Gamma_R1 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 32bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 32bv64)); - R0, Gamma_R0 := 0bv64, true; - R0, Gamma_R0 := bvadd64(R0, 2320bv64), Gamma_R0; - R30, Gamma_R30 := 2224bv64, true; - call printf(); - goto l00000c12; - l00000c12: - assume {:captureState "l00000c12"} true; - R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 40bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 40bv64)); - R30, Gamma_R30 := 2232bv64, true; - call #free(); - goto l00000c21; - l00000c21: - assume {:captureState "l00000c21"} true; - R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 48bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 48bv64)); - R30, Gamma_R30 := 2240bv64, true; - call #free(); - goto l00000c2f; - l00000c2f: - assume {:captureState "l00000c2f"} true; - R0, Gamma_R0 := 0bv64, true; - R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); - R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); - R31, Gamma_R31 := bvadd64(R31, 64bv64), Gamma_R31; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/malloc_with_local3/clang/malloc_with_local3.expected b/src/test/correct/malloc_with_local3/clang/malloc_with_local3.expected index f97fa4098..84a07762c 100644 --- a/src/test/correct/malloc_with_local3/clang/malloc_with_local3.expected +++ b/src/test/correct/malloc_with_local3/clang/malloc_with_local3.expected @@ -655,6 +655,34 @@ procedure main() R30, Gamma_R30 := 2100bv64, true; call malloc(); goto l000003e9; + l00000504: + assume {:captureState "l00000504"} true; + R8, Gamma_R8 := memory_load64_le(stack, bvadd64(R31, 32bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 32bv64)); + call rely(); + R1, Gamma_R1 := zero_extend32_32(memory_load32_le(mem, R8)), (gamma_load32(Gamma_mem, R8) || L(mem, R8)); + R0, Gamma_R0 := 0bv64, true; + R0, Gamma_R0 := bvadd64(R0, 2348bv64), Gamma_R0; + R30, Gamma_R30 := 2212bv64, true; + call printf(); + goto l00000524; + l00000412: + assume {:captureState "l00000412"} true; + R8, Gamma_R8 := R0, Gamma_R0; + R0, Gamma_R0 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); + stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 32bv64), R8), gamma_store64(Gamma_stack, bvadd64(R31, 32bv64), Gamma_R8); + assume {:captureState "%00000425"} true; + R8, Gamma_R8 := 10bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 28bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 28bv64), Gamma_R8); + assume {:captureState "%00000432"} true; + R30, Gamma_R30 := 2148bv64, true; + call malloc(); + goto l0000043b; + l0000054c: + assume {:captureState "l0000054c"} true; + R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 32bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 32bv64)); + R30, Gamma_R30 := 2244bv64, true; + call #free(); + goto l0000055a; l000003e9: assume {:captureState "l000003e9"} true; stack, Gamma_stack := memory_store64_le(stack, bvadd64(R29, 18446744073709551600bv64), R0), gamma_store64(Gamma_stack, bvadd64(R29, 18446744073709551600bv64), Gamma_R0); @@ -668,18 +696,28 @@ procedure main() R30, Gamma_R30 := 2124bv64, true; call malloc(); goto l00000412; - l00000412: - assume {:captureState "l00000412"} true; - R8, Gamma_R8 := R0, Gamma_R0; - R0, Gamma_R0 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); - stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 32bv64), R8), gamma_store64(Gamma_stack, bvadd64(R31, 32bv64), Gamma_R8); - assume {:captureState "%00000425"} true; - R8, Gamma_R8 := 10bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 28bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 28bv64), Gamma_R8); - assume {:captureState "%00000432"} true; - R30, Gamma_R30 := 2148bv64, true; - call malloc(); - goto l0000043b; + l00000524: + assume {:captureState "l00000524"} true; + R1, Gamma_R1 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + R0, Gamma_R0 := 0bv64, true; + R0, Gamma_R0 := bvadd64(R0, 2364bv64), Gamma_R0; + R30, Gamma_R30 := 2228bv64, true; + call printf(); + goto l0000053d; + l0000053d: + assume {:captureState "l0000053d"} true; + R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R29, 18446744073709551600bv64)), gamma_load64(Gamma_stack, bvadd64(R29, 18446744073709551600bv64)); + R30, Gamma_R30 := 2236bv64, true; + call #free(); + goto l0000054c; + l0000055a: + assume {:captureState "l0000055a"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); + #7, Gamma_#7 := bvadd64(R31, 64bv64), Gamma_R31; + R29, Gamma_R29 := memory_load64_le(stack, #7), gamma_load64(Gamma_stack, #7); + R30, Gamma_R30 := memory_load64_le(stack, bvadd64(#7, 8bv64)), gamma_load64(Gamma_stack, bvadd64(#7, 8bv64)); + R31, Gamma_R31 := bvadd64(R31, 80bv64), Gamma_R31; + goto main_return; l0000043b: assume {:captureState "l0000043b"} true; stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 16bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 16bv64), Gamma_R0); @@ -703,43 +741,11 @@ procedure main() R30, Gamma_R30 := 2192bv64, true; call printCharValue(); goto l00000504; - l00000504: - assume {:captureState "l00000504"} true; - R8, Gamma_R8 := memory_load64_le(stack, bvadd64(R31, 32bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 32bv64)); - call rely(); - R1, Gamma_R1 := zero_extend32_32(memory_load32_le(mem, R8)), (gamma_load32(Gamma_mem, R8) || L(mem, R8)); - R0, Gamma_R0 := 0bv64, true; - R0, Gamma_R0 := bvadd64(R0, 2348bv64), Gamma_R0; - R30, Gamma_R30 := 2212bv64, true; - call printf(); - goto l00000524; - l00000524: - assume {:captureState "l00000524"} true; - R1, Gamma_R1 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - R0, Gamma_R0 := 0bv64, true; - R0, Gamma_R0 := bvadd64(R0, 2364bv64), Gamma_R0; - R30, Gamma_R30 := 2228bv64, true; - call printf(); - goto l0000053d; - l0000053d: - assume {:captureState "l0000053d"} true; - R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R29, 18446744073709551600bv64)), gamma_load64(Gamma_stack, bvadd64(R29, 18446744073709551600bv64)); - R30, Gamma_R30 := 2236bv64, true; - call #free(); - goto l0000054c; - l0000054c: - assume {:captureState "l0000054c"} true; - R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 32bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 32bv64)); - R30, Gamma_R30 := 2244bv64, true; - call #free(); - goto l0000055a; - l0000055a: - assume {:captureState "l0000055a"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); - #7, Gamma_#7 := bvadd64(R31, 64bv64), Gamma_R31; - R29, Gamma_R29 := memory_load64_le(stack, #7), gamma_load64(Gamma_stack, #7); - R30, Gamma_R30 := memory_load64_le(stack, bvadd64(#7, 8bv64)), gamma_load64(Gamma_stack, bvadd64(#7, 8bv64)); - R31, Gamma_R31 := bvadd64(R31, 80bv64), Gamma_R31; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } @@ -1198,6 +1204,12 @@ procedure printCharValue() R29, Gamma_R29 := memory_load64_le(stack, #6), gamma_load64(Gamma_stack, #6); R30, Gamma_R30 := memory_load64_le(stack, bvadd64(#6, 8bv64)), gamma_load64(Gamma_stack, bvadd64(#6, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; + goto printCharValue_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + printCharValue_return: + assume {:captureState "printCharValue_return"} true; return; } diff --git a/src/test/correct/malloc_with_local3/clang_O2/malloc_with_local3.expected b/src/test/correct/malloc_with_local3/clang_O2/malloc_with_local3.expected index de0df8c0a..83b48b5ce 100644 --- a/src/test/correct/malloc_with_local3/clang_O2/malloc_with_local3.expected +++ b/src/test/correct/malloc_with_local3/clang_O2/malloc_with_local3.expected @@ -404,14 +404,6 @@ procedure main() R30, Gamma_R30 := 1900bv64, true; call printf(); goto l00000342; - l00000342: - assume {:captureState "l00000342"} true; - R0, Gamma_R0 := 0bv64, true; - R0, Gamma_R0 := bvadd64(R0, 2000bv64), Gamma_R0; - R1, Gamma_R1 := 42bv64, true; - R30, Gamma_R30 := 1916bv64, true; - call printf(); - goto l00000359; l00000359: assume {:captureState "l00000359"} true; R0, Gamma_R0 := 0bv64, true; @@ -420,12 +412,26 @@ procedure main() R30, Gamma_R30 := 1932bv64, true; call printf(); goto l00000370; + l00000342: + assume {:captureState "l00000342"} true; + R0, Gamma_R0 := 0bv64, true; + R0, Gamma_R0 := bvadd64(R0, 2000bv64), Gamma_R0; + R1, Gamma_R1 := 42bv64, true; + R30, Gamma_R30 := 1916bv64, true; + call printf(); + goto l00000359; + terminate: + assume {:captureState "terminate"} true; + goto terminate; l00000370: assume {:captureState "l00000370"} true; R0, Gamma_R0 := 0bv64, true; R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/malloc_with_local3/clang_no_plt_no_pic/malloc_with_local3.expected b/src/test/correct/malloc_with_local3/clang_no_plt_no_pic/malloc_with_local3.expected index 4e8f07b3e..d02be9c89 100644 --- a/src/test/correct/malloc_with_local3/clang_no_plt_no_pic/malloc_with_local3.expected +++ b/src/test/correct/malloc_with_local3/clang_no_plt_no_pic/malloc_with_local3.expected @@ -655,31 +655,20 @@ procedure main() R30, Gamma_R30 := 2100bv64, true; call malloc(); goto l00000c74; - l00000c74: - assume {:captureState "l00000c74"} true; - stack, Gamma_stack := memory_store64_le(stack, bvadd64(R29, 18446744073709551600bv64), R0), gamma_store64(Gamma_stack, bvadd64(R29, 18446744073709551600bv64), Gamma_R0); - assume {:captureState "%00000c7a"} true; - R8, Gamma_R8 := 11bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R29, 18446744073709551596bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R29, 18446744073709551596bv64), Gamma_R8); - assume {:captureState "%00000c87"} true; - R0, Gamma_R0 := 4bv64, true; - stack, Gamma_stack := memory_store64_le(stack, R31, R0), gamma_store64(Gamma_stack, R31, Gamma_R0); - assume {:captureState "%00000c94"} true; - R30, Gamma_R30 := 2124bv64, true; - call malloc(); - goto l00000c9d; - l00000c9d: - assume {:captureState "l00000c9d"} true; - R8, Gamma_R8 := R0, Gamma_R0; - R0, Gamma_R0 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); - stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 32bv64), R8), gamma_store64(Gamma_stack, bvadd64(R31, 32bv64), Gamma_R8); - assume {:captureState "%00000cb0"} true; - R8, Gamma_R8 := 10bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 28bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 28bv64), Gamma_R8); - assume {:captureState "%00000cbd"} true; - R30, Gamma_R30 := 2148bv64, true; - call malloc(); - goto l00000cc6; + l00000daf: + assume {:captureState "l00000daf"} true; + R1, Gamma_R1 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + R0, Gamma_R0 := 0bv64, true; + R0, Gamma_R0 := bvadd64(R0, 2364bv64), Gamma_R0; + R30, Gamma_R30 := 2228bv64, true; + call printf(); + goto l00000dc8; + l00000dc8: + assume {:captureState "l00000dc8"} true; + R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R29, 18446744073709551600bv64)), gamma_load64(Gamma_stack, bvadd64(R29, 18446744073709551600bv64)); + R30, Gamma_R30 := 2236bv64, true; + call #free(); + goto l00000dd7; l00000cc6: assume {:captureState "l00000cc6"} true; stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 16bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 16bv64), Gamma_R0); @@ -703,30 +692,6 @@ procedure main() R30, Gamma_R30 := 2192bv64, true; call printCharValue(); goto l00000d8f; - l00000d8f: - assume {:captureState "l00000d8f"} true; - R8, Gamma_R8 := memory_load64_le(stack, bvadd64(R31, 32bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 32bv64)); - call rely(); - R1, Gamma_R1 := zero_extend32_32(memory_load32_le(mem, R8)), (gamma_load32(Gamma_mem, R8) || L(mem, R8)); - R0, Gamma_R0 := 0bv64, true; - R0, Gamma_R0 := bvadd64(R0, 2348bv64), Gamma_R0; - R30, Gamma_R30 := 2212bv64, true; - call printf(); - goto l00000daf; - l00000daf: - assume {:captureState "l00000daf"} true; - R1, Gamma_R1 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - R0, Gamma_R0 := 0bv64, true; - R0, Gamma_R0 := bvadd64(R0, 2364bv64), Gamma_R0; - R30, Gamma_R30 := 2228bv64, true; - call printf(); - goto l00000dc8; - l00000dc8: - assume {:captureState "l00000dc8"} true; - R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R29, 18446744073709551600bv64)), gamma_load64(Gamma_stack, bvadd64(R29, 18446744073709551600bv64)); - R30, Gamma_R30 := 2236bv64, true; - call #free(); - goto l00000dd7; l00000dd7: assume {:captureState "l00000dd7"} true; R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 32bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 32bv64)); @@ -740,6 +705,47 @@ procedure main() R29, Gamma_R29 := memory_load64_le(stack, #7), gamma_load64(Gamma_stack, #7); R30, Gamma_R30 := memory_load64_le(stack, bvadd64(#7, 8bv64)), gamma_load64(Gamma_stack, bvadd64(#7, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 80bv64), Gamma_R31; + goto main_return; + l00000d8f: + assume {:captureState "l00000d8f"} true; + R8, Gamma_R8 := memory_load64_le(stack, bvadd64(R31, 32bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 32bv64)); + call rely(); + R1, Gamma_R1 := zero_extend32_32(memory_load32_le(mem, R8)), (gamma_load32(Gamma_mem, R8) || L(mem, R8)); + R0, Gamma_R0 := 0bv64, true; + R0, Gamma_R0 := bvadd64(R0, 2348bv64), Gamma_R0; + R30, Gamma_R30 := 2212bv64, true; + call printf(); + goto l00000daf; + l00000c74: + assume {:captureState "l00000c74"} true; + stack, Gamma_stack := memory_store64_le(stack, bvadd64(R29, 18446744073709551600bv64), R0), gamma_store64(Gamma_stack, bvadd64(R29, 18446744073709551600bv64), Gamma_R0); + assume {:captureState "%00000c7a"} true; + R8, Gamma_R8 := 11bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R29, 18446744073709551596bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R29, 18446744073709551596bv64), Gamma_R8); + assume {:captureState "%00000c87"} true; + R0, Gamma_R0 := 4bv64, true; + stack, Gamma_stack := memory_store64_le(stack, R31, R0), gamma_store64(Gamma_stack, R31, Gamma_R0); + assume {:captureState "%00000c94"} true; + R30, Gamma_R30 := 2124bv64, true; + call malloc(); + goto l00000c9d; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + l00000c9d: + assume {:captureState "l00000c9d"} true; + R8, Gamma_R8 := R0, Gamma_R0; + R0, Gamma_R0 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); + stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 32bv64), R8), gamma_store64(Gamma_stack, bvadd64(R31, 32bv64), Gamma_R8); + assume {:captureState "%00000cb0"} true; + R8, Gamma_R8 := 10bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 28bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 28bv64), Gamma_R8); + assume {:captureState "%00000cbd"} true; + R30, Gamma_R30 := 2148bv64, true; + call malloc(); + goto l00000cc6; + main_return: + assume {:captureState "main_return"} true; return; } @@ -1198,6 +1204,12 @@ procedure printCharValue() R29, Gamma_R29 := memory_load64_le(stack, #6), gamma_load64(Gamma_stack, #6); R30, Gamma_R30 := memory_load64_le(stack, bvadd64(#6, 8bv64)), gamma_load64(Gamma_stack, bvadd64(#6, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; + goto printCharValue_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + printCharValue_return: + assume {:captureState "printCharValue_return"} true; return; } diff --git a/src/test/correct/malloc_with_local3/clang_pic/malloc_with_local3.expected b/src/test/correct/malloc_with_local3/clang_pic/malloc_with_local3.expected index 4e8f07b3e..d02be9c89 100644 --- a/src/test/correct/malloc_with_local3/clang_pic/malloc_with_local3.expected +++ b/src/test/correct/malloc_with_local3/clang_pic/malloc_with_local3.expected @@ -655,31 +655,20 @@ procedure main() R30, Gamma_R30 := 2100bv64, true; call malloc(); goto l00000c74; - l00000c74: - assume {:captureState "l00000c74"} true; - stack, Gamma_stack := memory_store64_le(stack, bvadd64(R29, 18446744073709551600bv64), R0), gamma_store64(Gamma_stack, bvadd64(R29, 18446744073709551600bv64), Gamma_R0); - assume {:captureState "%00000c7a"} true; - R8, Gamma_R8 := 11bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R29, 18446744073709551596bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R29, 18446744073709551596bv64), Gamma_R8); - assume {:captureState "%00000c87"} true; - R0, Gamma_R0 := 4bv64, true; - stack, Gamma_stack := memory_store64_le(stack, R31, R0), gamma_store64(Gamma_stack, R31, Gamma_R0); - assume {:captureState "%00000c94"} true; - R30, Gamma_R30 := 2124bv64, true; - call malloc(); - goto l00000c9d; - l00000c9d: - assume {:captureState "l00000c9d"} true; - R8, Gamma_R8 := R0, Gamma_R0; - R0, Gamma_R0 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); - stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 32bv64), R8), gamma_store64(Gamma_stack, bvadd64(R31, 32bv64), Gamma_R8); - assume {:captureState "%00000cb0"} true; - R8, Gamma_R8 := 10bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 28bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 28bv64), Gamma_R8); - assume {:captureState "%00000cbd"} true; - R30, Gamma_R30 := 2148bv64, true; - call malloc(); - goto l00000cc6; + l00000daf: + assume {:captureState "l00000daf"} true; + R1, Gamma_R1 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + R0, Gamma_R0 := 0bv64, true; + R0, Gamma_R0 := bvadd64(R0, 2364bv64), Gamma_R0; + R30, Gamma_R30 := 2228bv64, true; + call printf(); + goto l00000dc8; + l00000dc8: + assume {:captureState "l00000dc8"} true; + R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R29, 18446744073709551600bv64)), gamma_load64(Gamma_stack, bvadd64(R29, 18446744073709551600bv64)); + R30, Gamma_R30 := 2236bv64, true; + call #free(); + goto l00000dd7; l00000cc6: assume {:captureState "l00000cc6"} true; stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 16bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 16bv64), Gamma_R0); @@ -703,30 +692,6 @@ procedure main() R30, Gamma_R30 := 2192bv64, true; call printCharValue(); goto l00000d8f; - l00000d8f: - assume {:captureState "l00000d8f"} true; - R8, Gamma_R8 := memory_load64_le(stack, bvadd64(R31, 32bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 32bv64)); - call rely(); - R1, Gamma_R1 := zero_extend32_32(memory_load32_le(mem, R8)), (gamma_load32(Gamma_mem, R8) || L(mem, R8)); - R0, Gamma_R0 := 0bv64, true; - R0, Gamma_R0 := bvadd64(R0, 2348bv64), Gamma_R0; - R30, Gamma_R30 := 2212bv64, true; - call printf(); - goto l00000daf; - l00000daf: - assume {:captureState "l00000daf"} true; - R1, Gamma_R1 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - R0, Gamma_R0 := 0bv64, true; - R0, Gamma_R0 := bvadd64(R0, 2364bv64), Gamma_R0; - R30, Gamma_R30 := 2228bv64, true; - call printf(); - goto l00000dc8; - l00000dc8: - assume {:captureState "l00000dc8"} true; - R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R29, 18446744073709551600bv64)), gamma_load64(Gamma_stack, bvadd64(R29, 18446744073709551600bv64)); - R30, Gamma_R30 := 2236bv64, true; - call #free(); - goto l00000dd7; l00000dd7: assume {:captureState "l00000dd7"} true; R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 32bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 32bv64)); @@ -740,6 +705,47 @@ procedure main() R29, Gamma_R29 := memory_load64_le(stack, #7), gamma_load64(Gamma_stack, #7); R30, Gamma_R30 := memory_load64_le(stack, bvadd64(#7, 8bv64)), gamma_load64(Gamma_stack, bvadd64(#7, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 80bv64), Gamma_R31; + goto main_return; + l00000d8f: + assume {:captureState "l00000d8f"} true; + R8, Gamma_R8 := memory_load64_le(stack, bvadd64(R31, 32bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 32bv64)); + call rely(); + R1, Gamma_R1 := zero_extend32_32(memory_load32_le(mem, R8)), (gamma_load32(Gamma_mem, R8) || L(mem, R8)); + R0, Gamma_R0 := 0bv64, true; + R0, Gamma_R0 := bvadd64(R0, 2348bv64), Gamma_R0; + R30, Gamma_R30 := 2212bv64, true; + call printf(); + goto l00000daf; + l00000c74: + assume {:captureState "l00000c74"} true; + stack, Gamma_stack := memory_store64_le(stack, bvadd64(R29, 18446744073709551600bv64), R0), gamma_store64(Gamma_stack, bvadd64(R29, 18446744073709551600bv64), Gamma_R0); + assume {:captureState "%00000c7a"} true; + R8, Gamma_R8 := 11bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R29, 18446744073709551596bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R29, 18446744073709551596bv64), Gamma_R8); + assume {:captureState "%00000c87"} true; + R0, Gamma_R0 := 4bv64, true; + stack, Gamma_stack := memory_store64_le(stack, R31, R0), gamma_store64(Gamma_stack, R31, Gamma_R0); + assume {:captureState "%00000c94"} true; + R30, Gamma_R30 := 2124bv64, true; + call malloc(); + goto l00000c9d; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + l00000c9d: + assume {:captureState "l00000c9d"} true; + R8, Gamma_R8 := R0, Gamma_R0; + R0, Gamma_R0 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); + stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 32bv64), R8), gamma_store64(Gamma_stack, bvadd64(R31, 32bv64), Gamma_R8); + assume {:captureState "%00000cb0"} true; + R8, Gamma_R8 := 10bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 28bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 28bv64), Gamma_R8); + assume {:captureState "%00000cbd"} true; + R30, Gamma_R30 := 2148bv64, true; + call malloc(); + goto l00000cc6; + main_return: + assume {:captureState "main_return"} true; return; } @@ -1198,6 +1204,12 @@ procedure printCharValue() R29, Gamma_R29 := memory_load64_le(stack, #6), gamma_load64(Gamma_stack, #6); R30, Gamma_R30 := memory_load64_le(stack, bvadd64(#6, 8bv64)), gamma_load64(Gamma_stack, bvadd64(#6, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; + goto printCharValue_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + printCharValue_return: + assume {:captureState "printCharValue_return"} true; return; } diff --git a/src/test/correct/malloc_with_local3/gcc/malloc_with_local3.expected b/src/test/correct/malloc_with_local3/gcc/malloc_with_local3.expected index 84eaf0dd9..448fa0cac 100644 --- a/src/test/correct/malloc_with_local3/gcc/malloc_with_local3.expected +++ b/src/test/correct/malloc_with_local3/gcc/malloc_with_local3.expected @@ -689,28 +689,13 @@ procedure main() R30, Gamma_R30 := 2084bv64, true; call malloc(); goto l000003c3; - l000003c3: - assume {:captureState "l000003c3"} true; - stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 40bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 40bv64), Gamma_R0); - assume {:captureState "%000003c9"} true; - R0, Gamma_R0 := 11bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 28bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 28bv64), Gamma_R0); - assume {:captureState "%000003d6"} true; - R0, Gamma_R0 := 4bv64, true; - R30, Gamma_R30 := 2104bv64, true; - call malloc(); - goto l000003e4; - l000003e4: - assume {:captureState "l000003e4"} true; - stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 48bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 48bv64), Gamma_R0); - assume {:captureState "%000003ea"} true; - R0, Gamma_R0 := 10bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 32bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 32bv64), Gamma_R0); - assume {:captureState "%000003f7"} true; - R0, Gamma_R0 := 4bv64, true; - R30, Gamma_R30 := 2124bv64, true; - call malloc(); - goto l00000405; + l00000537: + assume {:captureState "l00000537"} true; + R0, Gamma_R0 := 0bv64, true; + R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); + R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); + R31, Gamma_R31 := bvadd64(R31, 64bv64), Gamma_R31; + goto main_return; l00000405: assume {:captureState "l00000405"} true; stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 56bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 56bv64), Gamma_R0); @@ -734,6 +719,20 @@ procedure main() R30, Gamma_R30 := 2168bv64, true; call printCharValue(); goto l000004db; + l0000051a: + assume {:captureState "l0000051a"} true; + R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 40bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 40bv64)); + R30, Gamma_R30 := 2216bv64, true; + call #free(); + goto l00000529; + l00000501: + assume {:captureState "l00000501"} true; + R1, Gamma_R1 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 32bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 32bv64)); + R0, Gamma_R0 := 0bv64, true; + R0, Gamma_R0 := bvadd64(R0, 2352bv64), Gamma_R0; + R30, Gamma_R30 := 2208bv64, true; + call printf(); + goto l0000051a; l000004db: assume {:captureState "l000004db"} true; R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 48bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 48bv64)); @@ -745,32 +744,39 @@ procedure main() R30, Gamma_R30 := 2192bv64, true; call printf(); goto l00000501; - l00000501: - assume {:captureState "l00000501"} true; - R1, Gamma_R1 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 32bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 32bv64)); - R0, Gamma_R0 := 0bv64, true; - R0, Gamma_R0 := bvadd64(R0, 2352bv64), Gamma_R0; - R30, Gamma_R30 := 2208bv64, true; - call printf(); - goto l0000051a; - l0000051a: - assume {:captureState "l0000051a"} true; - R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 40bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 40bv64)); - R30, Gamma_R30 := 2216bv64, true; - call #free(); - goto l00000529; + l000003c3: + assume {:captureState "l000003c3"} true; + stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 40bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 40bv64), Gamma_R0); + assume {:captureState "%000003c9"} true; + R0, Gamma_R0 := 11bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 28bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 28bv64), Gamma_R0); + assume {:captureState "%000003d6"} true; + R0, Gamma_R0 := 4bv64, true; + R30, Gamma_R30 := 2104bv64, true; + call malloc(); + goto l000003e4; + l000003e4: + assume {:captureState "l000003e4"} true; + stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 48bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 48bv64), Gamma_R0); + assume {:captureState "%000003ea"} true; + R0, Gamma_R0 := 10bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 32bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 32bv64), Gamma_R0); + assume {:captureState "%000003f7"} true; + R0, Gamma_R0 := 4bv64, true; + R30, Gamma_R30 := 2124bv64, true; + call malloc(); + goto l00000405; + terminate: + assume {:captureState "terminate"} true; + goto terminate; l00000529: assume {:captureState "l00000529"} true; R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 48bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 48bv64)); R30, Gamma_R30 := 2224bv64, true; call #free(); goto l00000537; - l00000537: - assume {:captureState "l00000537"} true; - R0, Gamma_R0 := 0bv64, true; - R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); - R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); - R31, Gamma_R31 := bvadd64(R31, 64bv64), Gamma_R31; + main_return: + assume {:captureState "main_return"} true; return; } @@ -1265,6 +1271,12 @@ procedure printCharValue() R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; + goto printCharValue_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + printCharValue_return: + assume {:captureState "printCharValue_return"} true; return; } diff --git a/src/test/correct/malloc_with_local3/gcc_O2/malloc_with_local3.expected b/src/test/correct/malloc_with_local3/gcc_O2/malloc_with_local3.expected index cb33d38b0..172781bea 100644 --- a/src/test/correct/malloc_with_local3/gcc_O2/malloc_with_local3.expected +++ b/src/test/correct/malloc_with_local3/gcc_O2/malloc_with_local3.expected @@ -880,6 +880,15 @@ procedure main() R30, Gamma_R30 := 1812bv64, true; call malloc(); goto l00000249; + l0000029a: + assume {:captureState "l0000029a"} true; + R2, Gamma_R2 := 42bv64, true; + R1, Gamma_R1 := 0bv64, true; + R0, Gamma_R0 := 1bv64, true; + R1, Gamma_R1 := bvadd64(R1, 2296bv64), Gamma_R1; + R30, Gamma_R30 := 1848bv64, true; + call __printf_chk(); + goto l000002b6; l00000249: assume {:captureState "l00000249"} true; R1, Gamma_R1 := 65bv64, true; @@ -891,15 +900,6 @@ procedure main() R30, Gamma_R30 := 1828bv64, true; call printCharValue(); goto l0000029a; - l0000029a: - assume {:captureState "l0000029a"} true; - R2, Gamma_R2 := 42bv64, true; - R1, Gamma_R1 := 0bv64, true; - R0, Gamma_R0 := 1bv64, true; - R1, Gamma_R1 := bvadd64(R1, 2296bv64), Gamma_R1; - R30, Gamma_R30 := 1848bv64, true; - call __printf_chk(); - goto l000002b6; l000002b6: assume {:captureState "l000002b6"} true; R1, Gamma_R1 := 0bv64, true; @@ -915,6 +915,9 @@ procedure main() R30, Gamma_R30 := 1876bv64, true; call #free(); goto l000002e0; + terminate: + assume {:captureState "terminate"} true; + goto terminate; l000002e0: assume {:captureState "l000002e0"} true; R0, Gamma_R0 := 0bv64, true; @@ -922,6 +925,9 @@ procedure main() R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; + goto main_return; + main_return: + assume {:captureState "main_return"} true; return; } @@ -1376,4 +1382,10 @@ procedure printCharValue() call __printf_chk(); //no return target assume false; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + printCharValue_return: + assume {:captureState "printCharValue_return"} true; + return; } diff --git a/src/test/correct/malloc_with_local3/gcc_no_plt_no_pic/malloc_with_local3.expected b/src/test/correct/malloc_with_local3/gcc_no_plt_no_pic/malloc_with_local3.expected index 5b5324742..42e445b67 100644 --- a/src/test/correct/malloc_with_local3/gcc_no_plt_no_pic/malloc_with_local3.expected +++ b/src/test/correct/malloc_with_local3/gcc_no_plt_no_pic/malloc_with_local3.expected @@ -700,40 +700,6 @@ procedure main() R30, Gamma_R30 := 2104bv64, true; call malloc(); goto l00000c40; - l00000c40: - assume {:captureState "l00000c40"} true; - stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 48bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 48bv64), Gamma_R0); - assume {:captureState "%00000c46"} true; - R0, Gamma_R0 := 10bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 32bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 32bv64), Gamma_R0); - assume {:captureState "%00000c53"} true; - R0, Gamma_R0 := 4bv64, true; - R30, Gamma_R30 := 2124bv64, true; - call malloc(); - goto l00000c61; - l00000c61: - assume {:captureState "l00000c61"} true; - stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 56bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 56bv64), Gamma_R0); - assume {:captureState "%00000c67"} true; - R0, Gamma_R0 := 9bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 36bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 36bv64), Gamma_R0); - assume {:captureState "%00000c74"} true; - R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 40bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 40bv64)); - R1, Gamma_R1 := 65bv64, true; - call rely(); - assert (L(mem, R0) ==> Gamma_R1); - mem, Gamma_mem := memory_store8_le(mem, R0, R1[8:0]), gamma_store8(Gamma_mem, R0, Gamma_R1); - assume {:captureState "%00000c88"} true; - R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 48bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 48bv64)); - R1, Gamma_R1 := 42bv64, true; - call rely(); - assert (L(mem, R0) ==> Gamma_R1); - mem, Gamma_mem := memory_store32_le(mem, R0, R1[32:0]), gamma_store32(Gamma_mem, R0, Gamma_R1); - assume {:captureState "%00000c9c"} true; - R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 40bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 40bv64)); - R30, Gamma_R30 := 2168bv64, true; - call printCharValue(); - goto l00000d37; l00000d37: assume {:captureState "l00000d37"} true; R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 48bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 48bv64)); @@ -765,12 +731,52 @@ procedure main() R30, Gamma_R30 := 2224bv64, true; call #free(); goto l00000d93; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + l00000c61: + assume {:captureState "l00000c61"} true; + stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 56bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 56bv64), Gamma_R0); + assume {:captureState "%00000c67"} true; + R0, Gamma_R0 := 9bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 36bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 36bv64), Gamma_R0); + assume {:captureState "%00000c74"} true; + R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 40bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 40bv64)); + R1, Gamma_R1 := 65bv64, true; + call rely(); + assert (L(mem, R0) ==> Gamma_R1); + mem, Gamma_mem := memory_store8_le(mem, R0, R1[8:0]), gamma_store8(Gamma_mem, R0, Gamma_R1); + assume {:captureState "%00000c88"} true; + R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 48bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 48bv64)); + R1, Gamma_R1 := 42bv64, true; + call rely(); + assert (L(mem, R0) ==> Gamma_R1); + mem, Gamma_mem := memory_store32_le(mem, R0, R1[32:0]), gamma_store32(Gamma_mem, R0, Gamma_R1); + assume {:captureState "%00000c9c"} true; + R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 40bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 40bv64)); + R30, Gamma_R30 := 2168bv64, true; + call printCharValue(); + goto l00000d37; l00000d93: assume {:captureState "l00000d93"} true; R0, Gamma_R0 := 0bv64, true; R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 64bv64), Gamma_R31; + goto main_return; + l00000c40: + assume {:captureState "l00000c40"} true; + stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 48bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 48bv64), Gamma_R0); + assume {:captureState "%00000c46"} true; + R0, Gamma_R0 := 10bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 32bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 32bv64), Gamma_R0); + assume {:captureState "%00000c53"} true; + R0, Gamma_R0 := 4bv64, true; + R30, Gamma_R30 := 2124bv64, true; + call malloc(); + goto l00000c61; + main_return: + assume {:captureState "main_return"} true; return; } @@ -1265,6 +1271,12 @@ procedure printCharValue() R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; + goto printCharValue_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + printCharValue_return: + assume {:captureState "printCharValue_return"} true; return; } diff --git a/src/test/correct/malloc_with_local3/gcc_pic/malloc_with_local3.expected b/src/test/correct/malloc_with_local3/gcc_pic/malloc_with_local3.expected index 5b5324742..42e445b67 100644 --- a/src/test/correct/malloc_with_local3/gcc_pic/malloc_with_local3.expected +++ b/src/test/correct/malloc_with_local3/gcc_pic/malloc_with_local3.expected @@ -700,40 +700,6 @@ procedure main() R30, Gamma_R30 := 2104bv64, true; call malloc(); goto l00000c40; - l00000c40: - assume {:captureState "l00000c40"} true; - stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 48bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 48bv64), Gamma_R0); - assume {:captureState "%00000c46"} true; - R0, Gamma_R0 := 10bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 32bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 32bv64), Gamma_R0); - assume {:captureState "%00000c53"} true; - R0, Gamma_R0 := 4bv64, true; - R30, Gamma_R30 := 2124bv64, true; - call malloc(); - goto l00000c61; - l00000c61: - assume {:captureState "l00000c61"} true; - stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 56bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 56bv64), Gamma_R0); - assume {:captureState "%00000c67"} true; - R0, Gamma_R0 := 9bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 36bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 36bv64), Gamma_R0); - assume {:captureState "%00000c74"} true; - R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 40bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 40bv64)); - R1, Gamma_R1 := 65bv64, true; - call rely(); - assert (L(mem, R0) ==> Gamma_R1); - mem, Gamma_mem := memory_store8_le(mem, R0, R1[8:0]), gamma_store8(Gamma_mem, R0, Gamma_R1); - assume {:captureState "%00000c88"} true; - R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 48bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 48bv64)); - R1, Gamma_R1 := 42bv64, true; - call rely(); - assert (L(mem, R0) ==> Gamma_R1); - mem, Gamma_mem := memory_store32_le(mem, R0, R1[32:0]), gamma_store32(Gamma_mem, R0, Gamma_R1); - assume {:captureState "%00000c9c"} true; - R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 40bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 40bv64)); - R30, Gamma_R30 := 2168bv64, true; - call printCharValue(); - goto l00000d37; l00000d37: assume {:captureState "l00000d37"} true; R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 48bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 48bv64)); @@ -765,12 +731,52 @@ procedure main() R30, Gamma_R30 := 2224bv64, true; call #free(); goto l00000d93; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + l00000c61: + assume {:captureState "l00000c61"} true; + stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 56bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 56bv64), Gamma_R0); + assume {:captureState "%00000c67"} true; + R0, Gamma_R0 := 9bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 36bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 36bv64), Gamma_R0); + assume {:captureState "%00000c74"} true; + R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 40bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 40bv64)); + R1, Gamma_R1 := 65bv64, true; + call rely(); + assert (L(mem, R0) ==> Gamma_R1); + mem, Gamma_mem := memory_store8_le(mem, R0, R1[8:0]), gamma_store8(Gamma_mem, R0, Gamma_R1); + assume {:captureState "%00000c88"} true; + R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 48bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 48bv64)); + R1, Gamma_R1 := 42bv64, true; + call rely(); + assert (L(mem, R0) ==> Gamma_R1); + mem, Gamma_mem := memory_store32_le(mem, R0, R1[32:0]), gamma_store32(Gamma_mem, R0, Gamma_R1); + assume {:captureState "%00000c9c"} true; + R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 40bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 40bv64)); + R30, Gamma_R30 := 2168bv64, true; + call printCharValue(); + goto l00000d37; l00000d93: assume {:captureState "l00000d93"} true; R0, Gamma_R0 := 0bv64, true; R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 64bv64), Gamma_R31; + goto main_return; + l00000c40: + assume {:captureState "l00000c40"} true; + stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 48bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 48bv64), Gamma_R0); + assume {:captureState "%00000c46"} true; + R0, Gamma_R0 := 10bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 32bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 32bv64), Gamma_R0); + assume {:captureState "%00000c53"} true; + R0, Gamma_R0 := 4bv64, true; + R30, Gamma_R30 := 2124bv64, true; + call malloc(); + goto l00000c61; + main_return: + assume {:captureState "main_return"} true; return; } @@ -1265,6 +1271,12 @@ procedure printCharValue() R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; + goto printCharValue_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + printCharValue_return: + assume {:captureState "printCharValue_return"} true; return; } diff --git a/src/test/correct/multi_malloc/clang/multi_malloc.expected b/src/test/correct/multi_malloc/clang/multi_malloc.expected index 829a6b1d3..74a2cc464 100644 --- a/src/test/correct/multi_malloc/clang/multi_malloc.expected +++ b/src/test/correct/multi_malloc/clang/multi_malloc.expected @@ -489,6 +489,20 @@ procedure main() R30, Gamma_R30 := 2100bv64, true; call malloc(); goto l00000379; + l0000040d: + assume {:captureState "l0000040d"} true; + R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); + R30, Gamma_R30 := 2196bv64, true; + call #free(); + goto l0000041b; + l0000041b: + assume {:captureState "l0000041b"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 4bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 4bv64)); + #5, Gamma_#5 := bvadd64(R31, 32bv64), Gamma_R31; + R29, Gamma_R29 := memory_load64_le(stack, #5), gamma_load64(Gamma_stack, #5); + R30, Gamma_R30 := memory_load64_le(stack, bvadd64(#5, 8bv64)), gamma_load64(Gamma_stack, bvadd64(#5, 8bv64)); + R31, Gamma_R31 := bvadd64(R31, 48bv64), Gamma_R31; + goto main_return; l00000379: assume {:captureState "l00000379"} true; stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 16bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 16bv64), Gamma_R0); @@ -497,6 +511,25 @@ procedure main() R30, Gamma_R30 := 2112bv64, true; call malloc(); goto l0000038d; + l000003de: + assume {:captureState "l000003de"} true; + R8, Gamma_R8 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); + call rely(); + R1, Gamma_R1 := zero_extend32_32(memory_load32_le(mem, R8)), (gamma_load32(Gamma_mem, R8) || L(mem, R8)); + R0, Gamma_R0 := 0bv64, true; + R0, Gamma_R0 := bvadd64(R0, 2253bv64), Gamma_R0; + R30, Gamma_R30 := 2180bv64, true; + call printf(); + goto l000003fe; + l000003fe: + assume {:captureState "l000003fe"} true; + R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 16bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 16bv64)); + R30, Gamma_R30 := 2188bv64, true; + call #free(); + goto l0000040d; + terminate: + assume {:captureState "terminate"} true; + goto terminate; l0000038d: assume {:captureState "l0000038d"} true; stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 8bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 8bv64), Gamma_R0); @@ -521,35 +554,8 @@ procedure main() R30, Gamma_R30 := 2160bv64, true; call printf(); goto l000003de; - l000003de: - assume {:captureState "l000003de"} true; - R8, Gamma_R8 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); - call rely(); - R1, Gamma_R1 := zero_extend32_32(memory_load32_le(mem, R8)), (gamma_load32(Gamma_mem, R8) || L(mem, R8)); - R0, Gamma_R0 := 0bv64, true; - R0, Gamma_R0 := bvadd64(R0, 2253bv64), Gamma_R0; - R30, Gamma_R30 := 2180bv64, true; - call printf(); - goto l000003fe; - l000003fe: - assume {:captureState "l000003fe"} true; - R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 16bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 16bv64)); - R30, Gamma_R30 := 2188bv64, true; - call #free(); - goto l0000040d; - l0000040d: - assume {:captureState "l0000040d"} true; - R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); - R30, Gamma_R30 := 2196bv64, true; - call #free(); - goto l0000041b; - l0000041b: - assume {:captureState "l0000041b"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 4bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 4bv64)); - #5, Gamma_#5 := bvadd64(R31, 32bv64), Gamma_R31; - R29, Gamma_R29 := memory_load64_le(stack, #5), gamma_load64(Gamma_stack, #5); - R30, Gamma_R30 := memory_load64_le(stack, bvadd64(#5, 8bv64)), gamma_load64(Gamma_stack, bvadd64(#5, 8bv64)); - R31, Gamma_R31 := bvadd64(R31, 48bv64), Gamma_R31; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/multi_malloc/clang_O2/multi_malloc.expected b/src/test/correct/multi_malloc/clang_O2/multi_malloc.expected index d1762ce6b..978c7cdae 100644 --- a/src/test/correct/multi_malloc/clang_O2/multi_malloc.expected +++ b/src/test/correct/multi_malloc/clang_O2/multi_malloc.expected @@ -305,6 +305,13 @@ procedure main() R30, Gamma_R30 := 1900bv64, true; call printf(); goto l00000312; + l00000329: + assume {:captureState "l00000329"} true; + R0, Gamma_R0 := 0bv64, true; + R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); + R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); + R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; l00000312: assume {:captureState "l00000312"} true; R0, Gamma_R0 := 0bv64, true; @@ -313,12 +320,11 @@ procedure main() R30, Gamma_R30 := 1916bv64, true; call printf(); goto l00000329; - l00000329: - assume {:captureState "l00000329"} true; - R0, Gamma_R0 := 0bv64, true; - R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); - R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); - R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/multi_malloc/clang_no_plt_no_pic/multi_malloc.expected b/src/test/correct/multi_malloc/clang_no_plt_no_pic/multi_malloc.expected index 002ba1344..b822714e1 100644 --- a/src/test/correct/multi_malloc/clang_no_plt_no_pic/multi_malloc.expected +++ b/src/test/correct/multi_malloc/clang_no_plt_no_pic/multi_malloc.expected @@ -497,6 +497,30 @@ procedure main() R30, Gamma_R30 := 2112bv64, true; call malloc(); goto l00000abb; + l00000b49: + assume {:captureState "l00000b49"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 4bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 4bv64)); + #5, Gamma_#5 := bvadd64(R31, 32bv64), Gamma_R31; + R29, Gamma_R29 := memory_load64_le(stack, #5), gamma_load64(Gamma_stack, #5); + R30, Gamma_R30 := memory_load64_le(stack, bvadd64(#5, 8bv64)), gamma_load64(Gamma_stack, bvadd64(#5, 8bv64)); + R31, Gamma_R31 := bvadd64(R31, 48bv64), Gamma_R31; + goto main_return; + l00000b0c: + assume {:captureState "l00000b0c"} true; + R8, Gamma_R8 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); + call rely(); + R1, Gamma_R1 := zero_extend32_32(memory_load32_le(mem, R8)), (gamma_load32(Gamma_mem, R8) || L(mem, R8)); + R0, Gamma_R0 := 0bv64, true; + R0, Gamma_R0 := bvadd64(R0, 2253bv64), Gamma_R0; + R30, Gamma_R30 := 2180bv64, true; + call printf(); + goto l00000b2c; + l00000b2c: + assume {:captureState "l00000b2c"} true; + R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 16bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 16bv64)); + R30, Gamma_R30 := 2188bv64, true; + call #free(); + goto l00000b3b; l00000abb: assume {:captureState "l00000abb"} true; stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 8bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 8bv64), Gamma_R0); @@ -521,35 +545,17 @@ procedure main() R30, Gamma_R30 := 2160bv64, true; call printf(); goto l00000b0c; - l00000b0c: - assume {:captureState "l00000b0c"} true; - R8, Gamma_R8 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); - call rely(); - R1, Gamma_R1 := zero_extend32_32(memory_load32_le(mem, R8)), (gamma_load32(Gamma_mem, R8) || L(mem, R8)); - R0, Gamma_R0 := 0bv64, true; - R0, Gamma_R0 := bvadd64(R0, 2253bv64), Gamma_R0; - R30, Gamma_R30 := 2180bv64, true; - call printf(); - goto l00000b2c; - l00000b2c: - assume {:captureState "l00000b2c"} true; - R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 16bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 16bv64)); - R30, Gamma_R30 := 2188bv64, true; - call #free(); - goto l00000b3b; l00000b3b: assume {:captureState "l00000b3b"} true; R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); R30, Gamma_R30 := 2196bv64, true; call #free(); goto l00000b49; - l00000b49: - assume {:captureState "l00000b49"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 4bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 4bv64)); - #5, Gamma_#5 := bvadd64(R31, 32bv64), Gamma_R31; - R29, Gamma_R29 := memory_load64_le(stack, #5), gamma_load64(Gamma_stack, #5); - R30, Gamma_R30 := memory_load64_le(stack, bvadd64(#5, 8bv64)), gamma_load64(Gamma_stack, bvadd64(#5, 8bv64)); - R31, Gamma_R31 := bvadd64(R31, 48bv64), Gamma_R31; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/multi_malloc/clang_pic/multi_malloc.expected b/src/test/correct/multi_malloc/clang_pic/multi_malloc.expected index 002ba1344..b822714e1 100644 --- a/src/test/correct/multi_malloc/clang_pic/multi_malloc.expected +++ b/src/test/correct/multi_malloc/clang_pic/multi_malloc.expected @@ -497,6 +497,30 @@ procedure main() R30, Gamma_R30 := 2112bv64, true; call malloc(); goto l00000abb; + l00000b49: + assume {:captureState "l00000b49"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 4bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 4bv64)); + #5, Gamma_#5 := bvadd64(R31, 32bv64), Gamma_R31; + R29, Gamma_R29 := memory_load64_le(stack, #5), gamma_load64(Gamma_stack, #5); + R30, Gamma_R30 := memory_load64_le(stack, bvadd64(#5, 8bv64)), gamma_load64(Gamma_stack, bvadd64(#5, 8bv64)); + R31, Gamma_R31 := bvadd64(R31, 48bv64), Gamma_R31; + goto main_return; + l00000b0c: + assume {:captureState "l00000b0c"} true; + R8, Gamma_R8 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); + call rely(); + R1, Gamma_R1 := zero_extend32_32(memory_load32_le(mem, R8)), (gamma_load32(Gamma_mem, R8) || L(mem, R8)); + R0, Gamma_R0 := 0bv64, true; + R0, Gamma_R0 := bvadd64(R0, 2253bv64), Gamma_R0; + R30, Gamma_R30 := 2180bv64, true; + call printf(); + goto l00000b2c; + l00000b2c: + assume {:captureState "l00000b2c"} true; + R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 16bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 16bv64)); + R30, Gamma_R30 := 2188bv64, true; + call #free(); + goto l00000b3b; l00000abb: assume {:captureState "l00000abb"} true; stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 8bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 8bv64), Gamma_R0); @@ -521,35 +545,17 @@ procedure main() R30, Gamma_R30 := 2160bv64, true; call printf(); goto l00000b0c; - l00000b0c: - assume {:captureState "l00000b0c"} true; - R8, Gamma_R8 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); - call rely(); - R1, Gamma_R1 := zero_extend32_32(memory_load32_le(mem, R8)), (gamma_load32(Gamma_mem, R8) || L(mem, R8)); - R0, Gamma_R0 := 0bv64, true; - R0, Gamma_R0 := bvadd64(R0, 2253bv64), Gamma_R0; - R30, Gamma_R30 := 2180bv64, true; - call printf(); - goto l00000b2c; - l00000b2c: - assume {:captureState "l00000b2c"} true; - R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 16bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 16bv64)); - R30, Gamma_R30 := 2188bv64, true; - call #free(); - goto l00000b3b; l00000b3b: assume {:captureState "l00000b3b"} true; R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); R30, Gamma_R30 := 2196bv64, true; call #free(); goto l00000b49; - l00000b49: - assume {:captureState "l00000b49"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 4bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 4bv64)); - #5, Gamma_#5 := bvadd64(R31, 32bv64), Gamma_R31; - R29, Gamma_R29 := memory_load64_le(stack, #5), gamma_load64(Gamma_stack, #5); - R30, Gamma_R30 := memory_load64_le(stack, bvadd64(#5, 8bv64)), gamma_load64(Gamma_stack, bvadd64(#5, 8bv64)); - R31, Gamma_R31 := bvadd64(R31, 48bv64), Gamma_R31; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/multi_malloc/gcc/multi_malloc.expected b/src/test/correct/multi_malloc/gcc/multi_malloc.expected index 183a05c34..431047675 100644 --- a/src/test/correct/multi_malloc/gcc/multi_malloc.expected +++ b/src/test/correct/multi_malloc/gcc/multi_malloc.expected @@ -533,6 +533,13 @@ procedure main() R30, Gamma_R30 := 2084bv64, true; call malloc(); goto l00000357; + l00000405: + assume {:captureState "l00000405"} true; + R0, Gamma_R0 := 0bv64, true; + R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); + R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); + R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; + goto main_return; l00000357: assume {:captureState "l00000357"} true; stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 16bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 16bv64), Gamma_R0); @@ -541,6 +548,32 @@ procedure main() R30, Gamma_R30 := 2096bv64, true; call malloc(); goto l0000036b; + l000003f7: + assume {:captureState "l000003f7"} true; + R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 24bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 24bv64)); + R30, Gamma_R30 := 2188bv64, true; + call #free(); + goto l00000405; + l000003e8: + assume {:captureState "l000003e8"} true; + R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 16bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 16bv64)); + R30, Gamma_R30 := 2180bv64, true; + call #free(); + goto l000003f7; + l000003c2: + assume {:captureState "l000003c2"} true; + R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 24bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 24bv64)); + call rely(); + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, R0)), (gamma_load32(Gamma_mem, R0) || L(mem, R0)); + R1, Gamma_R1 := zero_extend32_32(R0[32:0]), Gamma_R0; + R0, Gamma_R0 := 0bv64, true; + R0, Gamma_R0 := bvadd64(R0, 2256bv64), Gamma_R0; + R30, Gamma_R30 := 2172bv64, true; + call printf(); + goto l000003e8; + terminate: + assume {:captureState "terminate"} true; + goto terminate; l0000036b: assume {:captureState "l0000036b"} true; stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 24bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 24bv64), Gamma_R0); @@ -566,35 +599,8 @@ procedure main() R30, Gamma_R30 := 2148bv64, true; call printf(); goto l000003c2; - l000003c2: - assume {:captureState "l000003c2"} true; - R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 24bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 24bv64)); - call rely(); - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, R0)), (gamma_load32(Gamma_mem, R0) || L(mem, R0)); - R1, Gamma_R1 := zero_extend32_32(R0[32:0]), Gamma_R0; - R0, Gamma_R0 := 0bv64, true; - R0, Gamma_R0 := bvadd64(R0, 2256bv64), Gamma_R0; - R30, Gamma_R30 := 2172bv64, true; - call printf(); - goto l000003e8; - l000003e8: - assume {:captureState "l000003e8"} true; - R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 16bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 16bv64)); - R30, Gamma_R30 := 2180bv64, true; - call #free(); - goto l000003f7; - l000003f7: - assume {:captureState "l000003f7"} true; - R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 24bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 24bv64)); - R30, Gamma_R30 := 2188bv64, true; - call #free(); - goto l00000405; - l00000405: - assume {:captureState "l00000405"} true; - R0, Gamma_R0 := 0bv64, true; - R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); - R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); - R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/multi_malloc/gcc_O2/multi_malloc.expected b/src/test/correct/multi_malloc/gcc_O2/multi_malloc.expected index 4fa5bf17f..f89076ba9 100644 --- a/src/test/correct/multi_malloc/gcc_O2/multi_malloc.expected +++ b/src/test/correct/multi_malloc/gcc_O2/multi_malloc.expected @@ -504,6 +504,9 @@ procedure main() R30, Gamma_R30 := 1692bv64, true; call __printf_chk(); goto l000001e1; + terminate: + assume {:captureState "terminate"} true; + goto terminate; l000001e1: assume {:captureState "l000001e1"} true; R2, Gamma_R2 := 42bv64, true; @@ -519,5 +522,8 @@ procedure main() R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/multi_malloc/gcc_no_plt_no_pic/multi_malloc.expected b/src/test/correct/multi_malloc/gcc_no_plt_no_pic/multi_malloc.expected index 417806157..0e6ad18e2 100644 --- a/src/test/correct/multi_malloc/gcc_no_plt_no_pic/multi_malloc.expected +++ b/src/test/correct/multi_malloc/gcc_no_plt_no_pic/multi_malloc.expected @@ -533,14 +533,23 @@ procedure main() R30, Gamma_R30 := 2084bv64, true; call malloc(); goto l00000a64; - l00000a64: - assume {:captureState "l00000a64"} true; - stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 16bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 16bv64), Gamma_R0); - assume {:captureState "%00000a6a"} true; - R0, Gamma_R0 := 4bv64, true; - R30, Gamma_R30 := 2096bv64, true; - call malloc(); - goto l00000a78; + l00000b04: + assume {:captureState "l00000b04"} true; + R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 24bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 24bv64)); + R30, Gamma_R30 := 2188bv64, true; + call #free(); + goto l00000b12; + l00000acf: + assume {:captureState "l00000acf"} true; + R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 24bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 24bv64)); + call rely(); + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, R0)), (gamma_load32(Gamma_mem, R0) || L(mem, R0)); + R1, Gamma_R1 := zero_extend32_32(R0[32:0]), Gamma_R0; + R0, Gamma_R0 := 0bv64, true; + R0, Gamma_R0 := bvadd64(R0, 2256bv64), Gamma_R0; + R30, Gamma_R30 := 2172bv64, true; + call printf(); + goto l00000af5; l00000a78: assume {:captureState "l00000a78"} true; stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 24bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 24bv64), Gamma_R0); @@ -566,35 +575,32 @@ procedure main() R30, Gamma_R30 := 2148bv64, true; call printf(); goto l00000acf; - l00000acf: - assume {:captureState "l00000acf"} true; - R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 24bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 24bv64)); - call rely(); - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, R0)), (gamma_load32(Gamma_mem, R0) || L(mem, R0)); - R1, Gamma_R1 := zero_extend32_32(R0[32:0]), Gamma_R0; + l00000b12: + assume {:captureState "l00000b12"} true; R0, Gamma_R0 := 0bv64, true; - R0, Gamma_R0 := bvadd64(R0, 2256bv64), Gamma_R0; - R30, Gamma_R30 := 2172bv64, true; - call printf(); - goto l00000af5; + R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); + R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); + R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; + goto main_return; l00000af5: assume {:captureState "l00000af5"} true; R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 16bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 16bv64)); R30, Gamma_R30 := 2180bv64, true; call #free(); goto l00000b04; - l00000b04: - assume {:captureState "l00000b04"} true; - R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 24bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 24bv64)); - R30, Gamma_R30 := 2188bv64, true; - call #free(); - goto l00000b12; - l00000b12: - assume {:captureState "l00000b12"} true; - R0, Gamma_R0 := 0bv64, true; - R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); - R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); - R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + l00000a64: + assume {:captureState "l00000a64"} true; + stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 16bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 16bv64), Gamma_R0); + assume {:captureState "%00000a6a"} true; + R0, Gamma_R0 := 4bv64, true; + R30, Gamma_R30 := 2096bv64, true; + call malloc(); + goto l00000a78; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/multi_malloc/gcc_pic/multi_malloc.expected b/src/test/correct/multi_malloc/gcc_pic/multi_malloc.expected index 417806157..0e6ad18e2 100644 --- a/src/test/correct/multi_malloc/gcc_pic/multi_malloc.expected +++ b/src/test/correct/multi_malloc/gcc_pic/multi_malloc.expected @@ -533,14 +533,23 @@ procedure main() R30, Gamma_R30 := 2084bv64, true; call malloc(); goto l00000a64; - l00000a64: - assume {:captureState "l00000a64"} true; - stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 16bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 16bv64), Gamma_R0); - assume {:captureState "%00000a6a"} true; - R0, Gamma_R0 := 4bv64, true; - R30, Gamma_R30 := 2096bv64, true; - call malloc(); - goto l00000a78; + l00000b04: + assume {:captureState "l00000b04"} true; + R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 24bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 24bv64)); + R30, Gamma_R30 := 2188bv64, true; + call #free(); + goto l00000b12; + l00000acf: + assume {:captureState "l00000acf"} true; + R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 24bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 24bv64)); + call rely(); + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, R0)), (gamma_load32(Gamma_mem, R0) || L(mem, R0)); + R1, Gamma_R1 := zero_extend32_32(R0[32:0]), Gamma_R0; + R0, Gamma_R0 := 0bv64, true; + R0, Gamma_R0 := bvadd64(R0, 2256bv64), Gamma_R0; + R30, Gamma_R30 := 2172bv64, true; + call printf(); + goto l00000af5; l00000a78: assume {:captureState "l00000a78"} true; stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 24bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 24bv64), Gamma_R0); @@ -566,35 +575,32 @@ procedure main() R30, Gamma_R30 := 2148bv64, true; call printf(); goto l00000acf; - l00000acf: - assume {:captureState "l00000acf"} true; - R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 24bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 24bv64)); - call rely(); - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, R0)), (gamma_load32(Gamma_mem, R0) || L(mem, R0)); - R1, Gamma_R1 := zero_extend32_32(R0[32:0]), Gamma_R0; + l00000b12: + assume {:captureState "l00000b12"} true; R0, Gamma_R0 := 0bv64, true; - R0, Gamma_R0 := bvadd64(R0, 2256bv64), Gamma_R0; - R30, Gamma_R30 := 2172bv64, true; - call printf(); - goto l00000af5; + R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); + R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); + R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; + goto main_return; l00000af5: assume {:captureState "l00000af5"} true; R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 16bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 16bv64)); R30, Gamma_R30 := 2180bv64, true; call #free(); goto l00000b04; - l00000b04: - assume {:captureState "l00000b04"} true; - R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 24bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 24bv64)); - R30, Gamma_R30 := 2188bv64, true; - call #free(); - goto l00000b12; - l00000b12: - assume {:captureState "l00000b12"} true; - R0, Gamma_R0 := 0bv64, true; - R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); - R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); - R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + l00000a64: + assume {:captureState "l00000a64"} true; + stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 16bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 16bv64), Gamma_R0); + assume {:captureState "%00000a6a"} true; + R0, Gamma_R0 := 4bv64, true; + R30, Gamma_R30 := 2096bv64, true; + call malloc(); + goto l00000a78; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/nestedif/clang/nestedif.expected b/src/test/correct/nestedif/clang/nestedif.expected index 76f85d458..1d3419ecb 100644 --- a/src/test/correct/nestedif/clang/nestedif.expected +++ b/src/test/correct/nestedif/clang/nestedif.expected @@ -221,18 +221,51 @@ procedure main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; goto lmain_goto_l0000037c, lmain_goto_l00000379; - l0000037c: - assume {:captureState "l0000037c"} true; - R8, Gamma_R8 := 1bv64, true; - goto l0000037f; - l00000379: - assume {:captureState "l00000379"} true; - R8, Gamma_R8 := 0bv64, true; - goto l0000037f; - l0000037f: - assume {:captureState "l0000037f"} true; - assert Gamma_R8; - goto l0000037f_goto_l00000442, l0000037f_goto_l00000387; + l00000387_goto_l000003b5: + assume {:captureState "l00000387_goto_l000003b5"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l000003b5; + lmain_goto_l0000037c: + assume {:captureState "lmain_goto_l0000037c"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l0000037c; + l00000387_goto_l000003b2: + assume {:captureState "l00000387_goto_l000003b2"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l000003b2; + l0000037f_goto_l00000442: + assume {:captureState "l0000037f_goto_l00000442"} true; + assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); + goto l00000442; + l0000037f_goto_l00000387: + assume {:captureState "l0000037f_goto_l00000387"} true; + assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); + goto l00000387; + l0000042e: + assume {:captureState "l0000042e"} true; + R8, Gamma_R8 := 5bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 4bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 4bv64), Gamma_R8); + assume {:captureState "%0000043c"} true; + goto l000003ff; + l000003b8_goto_l0000042d: + assume {:captureState "l000003b8_goto_l0000042d"} true; + assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); + goto l0000042d; + l0000042d: + assume {:captureState "l0000042d"} true; + goto l0000042e; + l000003ff: + assume {:captureState "l000003ff"} true; + goto l00000403; + l00000443: + assume {:captureState "l00000443"} true; + R8, Gamma_R8 := 3bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 4bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 4bv64), Gamma_R8); + assume {:captureState "%00000451"} true; + goto l00000403; + l00000442: + assume {:captureState "l00000442"} true; + goto l00000443; l00000387: assume {:captureState "l00000387"} true; R8, Gamma_R8 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); @@ -244,125 +277,98 @@ procedure main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#5, 1bv32)), Gamma_#5; assert Gamma_ZF; goto l00000387_goto_l000003b5, l00000387_goto_l000003b2; - l000003b5: - assume {:captureState "l000003b5"} true; - R8, Gamma_R8 := 1bv64, true; - goto l000003b8; + l000003c0_goto_l000003eb: + assume {:captureState "l000003c0_goto_l000003eb"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l000003eb; + l000003f1_goto_l00000418: + assume {:captureState "l000003f1_goto_l00000418"} true; + assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); + goto l00000418; + l000003c0_goto_l000003ee: + assume {:captureState "l000003c0_goto_l000003ee"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l000003ee; + l00000403: + assume {:captureState "l00000403"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); + R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; l000003b2: assume {:captureState "l000003b2"} true; R8, Gamma_R8 := 0bv64, true; goto l000003b8; + l0000037f: + assume {:captureState "l0000037f"} true; + assert Gamma_R8; + goto l0000037f_goto_l00000442, l0000037f_goto_l00000387; + l0000037c: + assume {:captureState "l0000037c"} true; + R8, Gamma_R8 := 1bv64, true; + goto l0000037f; + l000003f1: + assume {:captureState "l000003f1"} true; + assert Gamma_R8; + goto l000003f1_goto_l000003f9, l000003f1_goto_l00000418; l000003b8: assume {:captureState "l000003b8"} true; assert Gamma_R8; goto l000003b8_goto_l000003c0, l000003b8_goto_l0000042d; - l000003c0: - assume {:captureState "l000003c0"} true; - R8, Gamma_R8 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); - #6, Gamma_#6 := bvadd32(R8[32:0], 4294967293bv32), Gamma_R8; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#6, 1bv32)), bvadd33(sign_extend1_32(R8[32:0]), 8589934590bv33))), (Gamma_R8 && Gamma_#6); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#6, 1bv32)), bvadd33(zero_extend1_32(R8[32:0]), 4294967294bv33))), (Gamma_R8 && Gamma_#6); - ZF, Gamma_ZF := bvcomp32(bvadd32(#6, 1bv32), 0bv32), Gamma_#6; - NF, Gamma_NF := bvadd32(#6, 1bv32)[32:31], Gamma_#6; - R8, Gamma_R8 := zero_extend32_32(bvadd32(#6, 1bv32)), Gamma_#6; - assert Gamma_ZF; - goto l000003c0_goto_l000003eb, l000003c0_goto_l000003ee; - l000003ee: - assume {:captureState "l000003ee"} true; + l000003f9: + assume {:captureState "l000003f9"} true; + goto l000003ff; + l000003b5: + assume {:captureState "l000003b5"} true; R8, Gamma_R8 := 1bv64, true; - goto l000003f1; + goto l000003b8; l000003eb: assume {:captureState "l000003eb"} true; R8, Gamma_R8 := 0bv64, true; goto l000003f1; - l000003f1: - assume {:captureState "l000003f1"} true; - assert Gamma_R8; - goto l000003f1_goto_l000003f9, l000003f1_goto_l00000418; + l000003ee: + assume {:captureState "l000003ee"} true; + R8, Gamma_R8 := 1bv64, true; + goto l000003f1; l00000418: assume {:captureState "l00000418"} true; goto l00000419; - l00000419: - assume {:captureState "l00000419"} true; - R8, Gamma_R8 := 7bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 4bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 4bv64), Gamma_R8); - assume {:captureState "%00000427"} true; - goto l000003f9; - l000003f9: - assume {:captureState "l000003f9"} true; - goto l000003ff; - l0000042d: - assume {:captureState "l0000042d"} true; - goto l0000042e; - l0000042e: - assume {:captureState "l0000042e"} true; - R8, Gamma_R8 := 5bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 4bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 4bv64), Gamma_R8); - assume {:captureState "%0000043c"} true; - goto l000003ff; - l000003ff: - assume {:captureState "l000003ff"} true; - goto l00000403; - l00000442: - assume {:captureState "l00000442"} true; - goto l00000443; - l00000443: - assume {:captureState "l00000443"} true; - R8, Gamma_R8 := 3bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 4bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 4bv64), Gamma_R8); - assume {:captureState "%00000451"} true; - goto l00000403; - l00000403: - assume {:captureState "l00000403"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); - R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; - return; + l00000379: + assume {:captureState "l00000379"} true; + R8, Gamma_R8 := 0bv64, true; + goto l0000037f; lmain_goto_l00000379: assume {:captureState "lmain_goto_l00000379"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); goto l00000379; - lmain_goto_l0000037c: - assume {:captureState "lmain_goto_l0000037c"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l0000037c; - l0000037f_goto_l00000387: - assume {:captureState "l0000037f_goto_l00000387"} true; + l000003f1_goto_l000003f9: + assume {:captureState "l000003f1_goto_l000003f9"} true; assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); - goto l00000387; - l0000037f_goto_l00000442: - assume {:captureState "l0000037f_goto_l00000442"} true; - assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); - goto l00000442; - l00000387_goto_l000003b2: - assume {:captureState "l00000387_goto_l000003b2"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l000003b2; - l00000387_goto_l000003b5: - assume {:captureState "l00000387_goto_l000003b5"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l000003b5; + goto l000003f9; + l000003c0: + assume {:captureState "l000003c0"} true; + R8, Gamma_R8 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); + #6, Gamma_#6 := bvadd32(R8[32:0], 4294967293bv32), Gamma_R8; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#6, 1bv32)), bvadd33(sign_extend1_32(R8[32:0]), 8589934590bv33))), (Gamma_R8 && Gamma_#6); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#6, 1bv32)), bvadd33(zero_extend1_32(R8[32:0]), 4294967294bv33))), (Gamma_R8 && Gamma_#6); + ZF, Gamma_ZF := bvcomp32(bvadd32(#6, 1bv32), 0bv32), Gamma_#6; + NF, Gamma_NF := bvadd32(#6, 1bv32)[32:31], Gamma_#6; + R8, Gamma_R8 := zero_extend32_32(bvadd32(#6, 1bv32)), Gamma_#6; + assert Gamma_ZF; + goto l000003c0_goto_l000003eb, l000003c0_goto_l000003ee; + terminate: + assume {:captureState "terminate"} true; + goto terminate; l000003b8_goto_l000003c0: assume {:captureState "l000003b8_goto_l000003c0"} true; assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); goto l000003c0; - l000003b8_goto_l0000042d: - assume {:captureState "l000003b8_goto_l0000042d"} true; - assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); - goto l0000042d; - l000003c0_goto_l000003eb: - assume {:captureState "l000003c0_goto_l000003eb"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l000003eb; - l000003c0_goto_l000003ee: - assume {:captureState "l000003c0_goto_l000003ee"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l000003ee; - l000003f1_goto_l000003f9: - assume {:captureState "l000003f1_goto_l000003f9"} true; - assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); + l00000419: + assume {:captureState "l00000419"} true; + R8, Gamma_R8 := 7bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 4bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 4bv64), Gamma_R8); + assume {:captureState "%00000427"} true; goto l000003f9; - l000003f1_goto_l00000418: - assume {:captureState "l000003f1_goto_l00000418"} true; - assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); - goto l00000418; + main_return: + assume {:captureState "main_return"} true; + return; } diff --git a/src/test/correct/nestedif/clang_O2/nestedif.expected b/src/test/correct/nestedif/clang_O2/nestedif.expected index b904c03a5..91c86ad15 100644 --- a/src/test/correct/nestedif/clang_O2/nestedif.expected +++ b/src/test/correct/nestedif/clang_O2/nestedif.expected @@ -157,5 +157,11 @@ procedure main() lmain: assume {:captureState "lmain"} true; R0, Gamma_R0 := 0bv64, true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/nestedif/clang_no_plt_no_pic/nestedif.expected b/src/test/correct/nestedif/clang_no_plt_no_pic/nestedif.expected index 80c5beae2..3d639f655 100644 --- a/src/test/correct/nestedif/clang_no_plt_no_pic/nestedif.expected +++ b/src/test/correct/nestedif/clang_no_plt_no_pic/nestedif.expected @@ -221,41 +221,50 @@ procedure main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; goto lmain_goto_l00000aaa, lmain_goto_l00000aad; - l00000aad: - assume {:captureState "l00000aad"} true; - R8, Gamma_R8 := 1bv64, true; - goto l00000ab0; - l00000aaa: - assume {:captureState "l00000aaa"} true; - R8, Gamma_R8 := 0bv64, true; - goto l00000ab0; + l00000ab8_goto_l00000ae6: + assume {:captureState "l00000ab8_goto_l00000ae6"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l00000ae6; + lmain_goto_l00000aaa: + assume {:captureState "lmain_goto_l00000aaa"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l00000aaa; + l00000ab0_goto_l00000b73: + assume {:captureState "l00000ab0_goto_l00000b73"} true; + assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); + goto l00000b73; + l00000ab8_goto_l00000ae3: + assume {:captureState "l00000ab8_goto_l00000ae3"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l00000ae3; + lmain_goto_l00000aad: + assume {:captureState "lmain_goto_l00000aad"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l00000aad; + l00000b22_goto_l00000b49: + assume {:captureState "l00000b22_goto_l00000b49"} true; + assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); + goto l00000b49; + l00000b49: + assume {:captureState "l00000b49"} true; + goto l00000b4a; + l00000b5e: + assume {:captureState "l00000b5e"} true; + goto l00000b5f; + l00000b5f: + assume {:captureState "l00000b5f"} true; + R8, Gamma_R8 := 5bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 4bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 4bv64), Gamma_R8); + assume {:captureState "%00000b6d"} true; + goto l00000b30; l00000ab0: assume {:captureState "l00000ab0"} true; assert Gamma_R8; goto l00000ab0_goto_l00000b73, l00000ab0_goto_l00000ab8; - l00000ab8: - assume {:captureState "l00000ab8"} true; - R8, Gamma_R8 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); - #5, Gamma_#5 := bvadd32(R8[32:0], 4294967294bv32), Gamma_R8; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#5, 1bv32)), bvadd33(sign_extend1_32(R8[32:0]), 8589934591bv33))), (Gamma_R8 && Gamma_#5); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#5, 1bv32)), bvadd33(zero_extend1_32(R8[32:0]), 4294967295bv33))), (Gamma_R8 && Gamma_#5); - ZF, Gamma_ZF := bvcomp32(bvadd32(#5, 1bv32), 0bv32), Gamma_#5; - NF, Gamma_NF := bvadd32(#5, 1bv32)[32:31], Gamma_#5; - R8, Gamma_R8 := zero_extend32_32(bvadd32(#5, 1bv32)), Gamma_#5; - assert Gamma_ZF; - goto l00000ab8_goto_l00000ae6, l00000ab8_goto_l00000ae3; - l00000ae6: - assume {:captureState "l00000ae6"} true; - R8, Gamma_R8 := 1bv64, true; - goto l00000ae9; - l00000ae3: - assume {:captureState "l00000ae3"} true; - R8, Gamma_R8 := 0bv64, true; - goto l00000ae9; - l00000ae9: - assume {:captureState "l00000ae9"} true; - assert Gamma_R8; - goto l00000ae9_goto_l00000af1, l00000ae9_goto_l00000b5e; + l00000ae9_goto_l00000b5e: + assume {:captureState "l00000ae9_goto_l00000b5e"} true; + assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); + goto l00000b5e; l00000af1: assume {:captureState "l00000af1"} true; R8, Gamma_R8 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); @@ -267,6 +276,17 @@ procedure main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#6, 1bv32)), Gamma_#6; assert Gamma_ZF; goto l00000af1_goto_l00000b1c, l00000af1_goto_l00000b1f; + l00000ab8: + assume {:captureState "l00000ab8"} true; + R8, Gamma_R8 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); + #5, Gamma_#5 := bvadd32(R8[32:0], 4294967294bv32), Gamma_R8; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#5, 1bv32)), bvadd33(sign_extend1_32(R8[32:0]), 8589934591bv33))), (Gamma_R8 && Gamma_#5); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#5, 1bv32)), bvadd33(zero_extend1_32(R8[32:0]), 4294967295bv33))), (Gamma_R8 && Gamma_#5); + ZF, Gamma_ZF := bvcomp32(bvadd32(#5, 1bv32), 0bv32), Gamma_#5; + NF, Gamma_NF := bvadd32(#5, 1bv32)[32:31], Gamma_#5; + R8, Gamma_R8 := zero_extend32_32(bvadd32(#5, 1bv32)), Gamma_#5; + assert Gamma_ZF; + goto l00000ab8_goto_l00000ae6, l00000ab8_goto_l00000ae3; l00000b1f: assume {:captureState "l00000b1f"} true; R8, Gamma_R8 := 1bv64, true; @@ -275,34 +295,19 @@ procedure main() assume {:captureState "l00000b1c"} true; R8, Gamma_R8 := 0bv64, true; goto l00000b22; - l00000b22: - assume {:captureState "l00000b22"} true; - assert Gamma_R8; - goto l00000b22_goto_l00000b49, l00000b22_goto_l00000b2a; - l00000b49: - assume {:captureState "l00000b49"} true; - goto l00000b4a; - l00000b4a: - assume {:captureState "l00000b4a"} true; - R8, Gamma_R8 := 7bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 4bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 4bv64), Gamma_R8); - assume {:captureState "%00000b58"} true; - goto l00000b2a; - l00000b2a: - assume {:captureState "l00000b2a"} true; - goto l00000b30; - l00000b5e: - assume {:captureState "l00000b5e"} true; - goto l00000b5f; - l00000b5f: - assume {:captureState "l00000b5f"} true; - R8, Gamma_R8 := 5bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 4bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 4bv64), Gamma_R8); - assume {:captureState "%00000b6d"} true; - goto l00000b30; - l00000b30: - assume {:captureState "l00000b30"} true; - goto l00000b34; + l00000b34: + assume {:captureState "l00000b34"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); + R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + l00000ab0_goto_l00000ab8: + assume {:captureState "l00000ab0_goto_l00000ab8"} true; + assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); + goto l00000ab8; + l00000aaa: + assume {:captureState "l00000aaa"} true; + R8, Gamma_R8 := 0bv64, true; + goto l00000ab0; l00000b73: assume {:captureState "l00000b73"} true; goto l00000b74; @@ -312,57 +317,58 @@ procedure main() stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 4bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 4bv64), Gamma_R8); assume {:captureState "%00000b82"} true; goto l00000b34; - l00000b34: - assume {:captureState "l00000b34"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); - R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; - return; - lmain_goto_l00000aaa: - assume {:captureState "lmain_goto_l00000aaa"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l00000aaa; - lmain_goto_l00000aad: - assume {:captureState "lmain_goto_l00000aad"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l00000aad; - l00000ab0_goto_l00000ab8: - assume {:captureState "l00000ab0_goto_l00000ab8"} true; - assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); - goto l00000ab8; - l00000ab0_goto_l00000b73: - assume {:captureState "l00000ab0_goto_l00000b73"} true; - assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); - goto l00000b73; - l00000ab8_goto_l00000ae3: - assume {:captureState "l00000ab8_goto_l00000ae3"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l00000ae3; - l00000ab8_goto_l00000ae6: - assume {:captureState "l00000ab8_goto_l00000ae6"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l00000ae6; - l00000ae9_goto_l00000af1: - assume {:captureState "l00000ae9_goto_l00000af1"} true; - assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); - goto l00000af1; - l00000ae9_goto_l00000b5e: - assume {:captureState "l00000ae9_goto_l00000b5e"} true; - assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); - goto l00000b5e; + l00000b30: + assume {:captureState "l00000b30"} true; + goto l00000b34; l00000af1_goto_l00000b1c: assume {:captureState "l00000af1_goto_l00000b1c"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); goto l00000b1c; + l00000aad: + assume {:captureState "l00000aad"} true; + R8, Gamma_R8 := 1bv64, true; + goto l00000ab0; l00000af1_goto_l00000b1f: assume {:captureState "l00000af1_goto_l00000b1f"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); goto l00000b1f; + l00000ae6: + assume {:captureState "l00000ae6"} true; + R8, Gamma_R8 := 1bv64, true; + goto l00000ae9; + l00000b2a: + assume {:captureState "l00000b2a"} true; + goto l00000b30; + l00000ae3: + assume {:captureState "l00000ae3"} true; + R8, Gamma_R8 := 0bv64, true; + goto l00000ae9; + l00000b4a: + assume {:captureState "l00000b4a"} true; + R8, Gamma_R8 := 7bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 4bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 4bv64), Gamma_R8); + assume {:captureState "%00000b58"} true; + goto l00000b2a; + l00000ae9_goto_l00000af1: + assume {:captureState "l00000ae9_goto_l00000af1"} true; + assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); + goto l00000af1; + l00000ae9: + assume {:captureState "l00000ae9"} true; + assert Gamma_R8; + goto l00000ae9_goto_l00000af1, l00000ae9_goto_l00000b5e; + l00000b22: + assume {:captureState "l00000b22"} true; + assert Gamma_R8; + goto l00000b22_goto_l00000b49, l00000b22_goto_l00000b2a; + terminate: + assume {:captureState "terminate"} true; + goto terminate; l00000b22_goto_l00000b2a: assume {:captureState "l00000b22_goto_l00000b2a"} true; assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); goto l00000b2a; - l00000b22_goto_l00000b49: - assume {:captureState "l00000b22_goto_l00000b49"} true; - assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); - goto l00000b49; + main_return: + assume {:captureState "main_return"} true; + return; } diff --git a/src/test/correct/nestedif/clang_pic/nestedif.expected b/src/test/correct/nestedif/clang_pic/nestedif.expected index 80c5beae2..3d639f655 100644 --- a/src/test/correct/nestedif/clang_pic/nestedif.expected +++ b/src/test/correct/nestedif/clang_pic/nestedif.expected @@ -221,41 +221,50 @@ procedure main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; goto lmain_goto_l00000aaa, lmain_goto_l00000aad; - l00000aad: - assume {:captureState "l00000aad"} true; - R8, Gamma_R8 := 1bv64, true; - goto l00000ab0; - l00000aaa: - assume {:captureState "l00000aaa"} true; - R8, Gamma_R8 := 0bv64, true; - goto l00000ab0; + l00000ab8_goto_l00000ae6: + assume {:captureState "l00000ab8_goto_l00000ae6"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l00000ae6; + lmain_goto_l00000aaa: + assume {:captureState "lmain_goto_l00000aaa"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l00000aaa; + l00000ab0_goto_l00000b73: + assume {:captureState "l00000ab0_goto_l00000b73"} true; + assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); + goto l00000b73; + l00000ab8_goto_l00000ae3: + assume {:captureState "l00000ab8_goto_l00000ae3"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l00000ae3; + lmain_goto_l00000aad: + assume {:captureState "lmain_goto_l00000aad"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l00000aad; + l00000b22_goto_l00000b49: + assume {:captureState "l00000b22_goto_l00000b49"} true; + assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); + goto l00000b49; + l00000b49: + assume {:captureState "l00000b49"} true; + goto l00000b4a; + l00000b5e: + assume {:captureState "l00000b5e"} true; + goto l00000b5f; + l00000b5f: + assume {:captureState "l00000b5f"} true; + R8, Gamma_R8 := 5bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 4bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 4bv64), Gamma_R8); + assume {:captureState "%00000b6d"} true; + goto l00000b30; l00000ab0: assume {:captureState "l00000ab0"} true; assert Gamma_R8; goto l00000ab0_goto_l00000b73, l00000ab0_goto_l00000ab8; - l00000ab8: - assume {:captureState "l00000ab8"} true; - R8, Gamma_R8 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); - #5, Gamma_#5 := bvadd32(R8[32:0], 4294967294bv32), Gamma_R8; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#5, 1bv32)), bvadd33(sign_extend1_32(R8[32:0]), 8589934591bv33))), (Gamma_R8 && Gamma_#5); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#5, 1bv32)), bvadd33(zero_extend1_32(R8[32:0]), 4294967295bv33))), (Gamma_R8 && Gamma_#5); - ZF, Gamma_ZF := bvcomp32(bvadd32(#5, 1bv32), 0bv32), Gamma_#5; - NF, Gamma_NF := bvadd32(#5, 1bv32)[32:31], Gamma_#5; - R8, Gamma_R8 := zero_extend32_32(bvadd32(#5, 1bv32)), Gamma_#5; - assert Gamma_ZF; - goto l00000ab8_goto_l00000ae6, l00000ab8_goto_l00000ae3; - l00000ae6: - assume {:captureState "l00000ae6"} true; - R8, Gamma_R8 := 1bv64, true; - goto l00000ae9; - l00000ae3: - assume {:captureState "l00000ae3"} true; - R8, Gamma_R8 := 0bv64, true; - goto l00000ae9; - l00000ae9: - assume {:captureState "l00000ae9"} true; - assert Gamma_R8; - goto l00000ae9_goto_l00000af1, l00000ae9_goto_l00000b5e; + l00000ae9_goto_l00000b5e: + assume {:captureState "l00000ae9_goto_l00000b5e"} true; + assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); + goto l00000b5e; l00000af1: assume {:captureState "l00000af1"} true; R8, Gamma_R8 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); @@ -267,6 +276,17 @@ procedure main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#6, 1bv32)), Gamma_#6; assert Gamma_ZF; goto l00000af1_goto_l00000b1c, l00000af1_goto_l00000b1f; + l00000ab8: + assume {:captureState "l00000ab8"} true; + R8, Gamma_R8 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); + #5, Gamma_#5 := bvadd32(R8[32:0], 4294967294bv32), Gamma_R8; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#5, 1bv32)), bvadd33(sign_extend1_32(R8[32:0]), 8589934591bv33))), (Gamma_R8 && Gamma_#5); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#5, 1bv32)), bvadd33(zero_extend1_32(R8[32:0]), 4294967295bv33))), (Gamma_R8 && Gamma_#5); + ZF, Gamma_ZF := bvcomp32(bvadd32(#5, 1bv32), 0bv32), Gamma_#5; + NF, Gamma_NF := bvadd32(#5, 1bv32)[32:31], Gamma_#5; + R8, Gamma_R8 := zero_extend32_32(bvadd32(#5, 1bv32)), Gamma_#5; + assert Gamma_ZF; + goto l00000ab8_goto_l00000ae6, l00000ab8_goto_l00000ae3; l00000b1f: assume {:captureState "l00000b1f"} true; R8, Gamma_R8 := 1bv64, true; @@ -275,34 +295,19 @@ procedure main() assume {:captureState "l00000b1c"} true; R8, Gamma_R8 := 0bv64, true; goto l00000b22; - l00000b22: - assume {:captureState "l00000b22"} true; - assert Gamma_R8; - goto l00000b22_goto_l00000b49, l00000b22_goto_l00000b2a; - l00000b49: - assume {:captureState "l00000b49"} true; - goto l00000b4a; - l00000b4a: - assume {:captureState "l00000b4a"} true; - R8, Gamma_R8 := 7bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 4bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 4bv64), Gamma_R8); - assume {:captureState "%00000b58"} true; - goto l00000b2a; - l00000b2a: - assume {:captureState "l00000b2a"} true; - goto l00000b30; - l00000b5e: - assume {:captureState "l00000b5e"} true; - goto l00000b5f; - l00000b5f: - assume {:captureState "l00000b5f"} true; - R8, Gamma_R8 := 5bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 4bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 4bv64), Gamma_R8); - assume {:captureState "%00000b6d"} true; - goto l00000b30; - l00000b30: - assume {:captureState "l00000b30"} true; - goto l00000b34; + l00000b34: + assume {:captureState "l00000b34"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); + R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + l00000ab0_goto_l00000ab8: + assume {:captureState "l00000ab0_goto_l00000ab8"} true; + assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); + goto l00000ab8; + l00000aaa: + assume {:captureState "l00000aaa"} true; + R8, Gamma_R8 := 0bv64, true; + goto l00000ab0; l00000b73: assume {:captureState "l00000b73"} true; goto l00000b74; @@ -312,57 +317,58 @@ procedure main() stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 4bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 4bv64), Gamma_R8); assume {:captureState "%00000b82"} true; goto l00000b34; - l00000b34: - assume {:captureState "l00000b34"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); - R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; - return; - lmain_goto_l00000aaa: - assume {:captureState "lmain_goto_l00000aaa"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l00000aaa; - lmain_goto_l00000aad: - assume {:captureState "lmain_goto_l00000aad"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l00000aad; - l00000ab0_goto_l00000ab8: - assume {:captureState "l00000ab0_goto_l00000ab8"} true; - assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); - goto l00000ab8; - l00000ab0_goto_l00000b73: - assume {:captureState "l00000ab0_goto_l00000b73"} true; - assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); - goto l00000b73; - l00000ab8_goto_l00000ae3: - assume {:captureState "l00000ab8_goto_l00000ae3"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l00000ae3; - l00000ab8_goto_l00000ae6: - assume {:captureState "l00000ab8_goto_l00000ae6"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l00000ae6; - l00000ae9_goto_l00000af1: - assume {:captureState "l00000ae9_goto_l00000af1"} true; - assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); - goto l00000af1; - l00000ae9_goto_l00000b5e: - assume {:captureState "l00000ae9_goto_l00000b5e"} true; - assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); - goto l00000b5e; + l00000b30: + assume {:captureState "l00000b30"} true; + goto l00000b34; l00000af1_goto_l00000b1c: assume {:captureState "l00000af1_goto_l00000b1c"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); goto l00000b1c; + l00000aad: + assume {:captureState "l00000aad"} true; + R8, Gamma_R8 := 1bv64, true; + goto l00000ab0; l00000af1_goto_l00000b1f: assume {:captureState "l00000af1_goto_l00000b1f"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); goto l00000b1f; + l00000ae6: + assume {:captureState "l00000ae6"} true; + R8, Gamma_R8 := 1bv64, true; + goto l00000ae9; + l00000b2a: + assume {:captureState "l00000b2a"} true; + goto l00000b30; + l00000ae3: + assume {:captureState "l00000ae3"} true; + R8, Gamma_R8 := 0bv64, true; + goto l00000ae9; + l00000b4a: + assume {:captureState "l00000b4a"} true; + R8, Gamma_R8 := 7bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 4bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 4bv64), Gamma_R8); + assume {:captureState "%00000b58"} true; + goto l00000b2a; + l00000ae9_goto_l00000af1: + assume {:captureState "l00000ae9_goto_l00000af1"} true; + assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); + goto l00000af1; + l00000ae9: + assume {:captureState "l00000ae9"} true; + assert Gamma_R8; + goto l00000ae9_goto_l00000af1, l00000ae9_goto_l00000b5e; + l00000b22: + assume {:captureState "l00000b22"} true; + assert Gamma_R8; + goto l00000b22_goto_l00000b49, l00000b22_goto_l00000b2a; + terminate: + assume {:captureState "terminate"} true; + goto terminate; l00000b22_goto_l00000b2a: assume {:captureState "l00000b22_goto_l00000b2a"} true; assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); goto l00000b2a; - l00000b22_goto_l00000b49: - assume {:captureState "l00000b22_goto_l00000b49"} true; - assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); - goto l00000b49; + main_return: + assume {:captureState "main_return"} true; + return; } diff --git a/src/test/correct/nestedif/gcc/nestedif.expected b/src/test/correct/nestedif/gcc/nestedif.expected index 01fc15bd5..6d0a8fc32 100644 --- a/src/test/correct/nestedif/gcc/nestedif.expected +++ b/src/test/correct/nestedif/gcc/nestedif.expected @@ -216,6 +216,45 @@ procedure main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; goto lmain_goto_l00000345, lmain_goto_l000003c4; + l000003a6: + assume {:captureState "l000003a6"} true; + R0, Gamma_R0 := 7bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R0); + assume {:captureState "%000003b1"} true; + goto l00000391; + l00000345_goto_l0000036b: + assume {:captureState "l00000345_goto_l0000036b"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); + goto l0000036b; + l00000391: + assume {:captureState "l00000391"} true; + R0, Gamma_R0 := 0bv64, true; + R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + l000003c4: + assume {:captureState "l000003c4"} true; + R0, Gamma_R0 := 3bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R0); + assume {:captureState "%000003cf"} true; + goto l00000391; + l000003b3: + assume {:captureState "l000003b3"} true; + R0, Gamma_R0 := 5bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R0); + assume {:captureState "%000003be"} true; + goto l00000391; + lmain_goto_l000003c4: + assume {:captureState "lmain_goto_l000003c4"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); + goto l000003c4; + l0000036b_goto_l000003a6: + assume {:captureState "l0000036b_goto_l000003a6"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); + goto l000003a6; + l0000036b_goto_l00000391: + assume {:captureState "l0000036b_goto_l00000391"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); + goto l00000391; l00000345: assume {:captureState "l00000345"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); @@ -226,6 +265,13 @@ procedure main() NF, Gamma_NF := bvadd32(#5, 1bv32)[32:31], Gamma_#5; assert Gamma_ZF; goto l00000345_goto_l0000036b, l00000345_goto_l000003b3; + lmain_goto_l00000345: + assume {:captureState "lmain_goto_l00000345"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); + goto l00000345; + terminate: + assume {:captureState "terminate"} true; + goto terminate; l0000036b: assume {:captureState "l0000036b"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); @@ -236,51 +282,11 @@ procedure main() NF, Gamma_NF := bvadd32(#6, 1bv32)[32:31], Gamma_#6; assert Gamma_ZF; goto l0000036b_goto_l000003a6, l0000036b_goto_l00000391; - l000003a6: - assume {:captureState "l000003a6"} true; - R0, Gamma_R0 := 7bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R0); - assume {:captureState "%000003b1"} true; - goto l00000391; - l000003b3: - assume {:captureState "l000003b3"} true; - R0, Gamma_R0 := 5bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R0); - assume {:captureState "%000003be"} true; - goto l00000391; - l000003c4: - assume {:captureState "l000003c4"} true; - R0, Gamma_R0 := 3bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R0); - assume {:captureState "%000003cf"} true; - goto l00000391; - l00000391: - assume {:captureState "l00000391"} true; - R0, Gamma_R0 := 0bv64, true; - R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; - return; - lmain_goto_l00000345: - assume {:captureState "lmain_goto_l00000345"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); - goto l00000345; - lmain_goto_l000003c4: - assume {:captureState "lmain_goto_l000003c4"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); - goto l000003c4; - l00000345_goto_l0000036b: - assume {:captureState "l00000345_goto_l0000036b"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); - goto l0000036b; l00000345_goto_l000003b3: assume {:captureState "l00000345_goto_l000003b3"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); goto l000003b3; - l0000036b_goto_l00000391: - assume {:captureState "l0000036b_goto_l00000391"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); - goto l00000391; - l0000036b_goto_l000003a6: - assume {:captureState "l0000036b_goto_l000003a6"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); - goto l000003a6; + main_return: + assume {:captureState "main_return"} true; + return; } diff --git a/src/test/correct/nestedif/gcc_O2/nestedif.expected b/src/test/correct/nestedif/gcc_O2/nestedif.expected index 306991d20..0918aa3d9 100644 --- a/src/test/correct/nestedif/gcc_O2/nestedif.expected +++ b/src/test/correct/nestedif/gcc_O2/nestedif.expected @@ -157,5 +157,11 @@ procedure main() lmain: assume {:captureState "lmain"} true; R0, Gamma_R0 := 0bv64, true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/nestedif/gcc_no_plt_no_pic/nestedif.expected b/src/test/correct/nestedif/gcc_no_plt_no_pic/nestedif.expected index 10003d950..2ef618ea9 100644 --- a/src/test/correct/nestedif/gcc_no_plt_no_pic/nestedif.expected +++ b/src/test/correct/nestedif/gcc_no_plt_no_pic/nestedif.expected @@ -216,16 +216,6 @@ procedure main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; goto lmain_goto_l000009e1, lmain_goto_l00000a60; - l000009e1: - assume {:captureState "l000009e1"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); - #5, Gamma_#5 := bvadd32(R0[32:0], 4294967294bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#5, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934591bv33))), (Gamma_R0 && Gamma_#5); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#5, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967295bv33))), (Gamma_R0 && Gamma_#5); - ZF, Gamma_ZF := bvcomp32(bvadd32(#5, 1bv32), 0bv32), Gamma_#5; - NF, Gamma_NF := bvadd32(#5, 1bv32)[32:31], Gamma_#5; - assert Gamma_ZF; - goto l000009e1_goto_l00000a07, l000009e1_goto_l00000a4f; l00000a07: assume {:captureState "l00000a07"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); @@ -236,51 +226,67 @@ procedure main() NF, Gamma_NF := bvadd32(#6, 1bv32)[32:31], Gamma_#6; assert Gamma_ZF; goto l00000a07_goto_l00000a2d, l00000a07_goto_l00000a42; - l00000a42: - assume {:captureState "l00000a42"} true; - R0, Gamma_R0 := 7bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R0); - assume {:captureState "%00000a4d"} true; - goto l00000a2d; + l000009e1_goto_l00000a4f: + assume {:captureState "l000009e1_goto_l00000a4f"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); + goto l00000a4f; + lmain_goto_l000009e1: + assume {:captureState "lmain_goto_l000009e1"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); + goto l000009e1; + l00000a07_goto_l00000a42: + assume {:captureState "l00000a07_goto_l00000a42"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); + goto l00000a42; + l000009e1: + assume {:captureState "l000009e1"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); + #5, Gamma_#5 := bvadd32(R0[32:0], 4294967294bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#5, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934591bv33))), (Gamma_R0 && Gamma_#5); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#5, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967295bv33))), (Gamma_R0 && Gamma_#5); + ZF, Gamma_ZF := bvcomp32(bvadd32(#5, 1bv32), 0bv32), Gamma_#5; + NF, Gamma_NF := bvadd32(#5, 1bv32)[32:31], Gamma_#5; + assert Gamma_ZF; + goto l000009e1_goto_l00000a07, l000009e1_goto_l00000a4f; + l00000a2d: + assume {:captureState "l00000a2d"} true; + R0, Gamma_R0 := 0bv64, true; + R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; l00000a4f: assume {:captureState "l00000a4f"} true; R0, Gamma_R0 := 5bv64, true; stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R0); assume {:captureState "%00000a5a"} true; goto l00000a2d; + lmain_goto_l00000a60: + assume {:captureState "lmain_goto_l00000a60"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); + goto l00000a60; l00000a60: assume {:captureState "l00000a60"} true; R0, Gamma_R0 := 3bv64, true; stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R0); assume {:captureState "%00000a6b"} true; goto l00000a2d; - l00000a2d: - assume {:captureState "l00000a2d"} true; - R0, Gamma_R0 := 0bv64, true; - R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; - return; - lmain_goto_l000009e1: - assume {:captureState "lmain_goto_l000009e1"} true; + l00000a07_goto_l00000a2d: + assume {:captureState "l00000a07_goto_l00000a2d"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); - goto l000009e1; - lmain_goto_l00000a60: - assume {:captureState "lmain_goto_l00000a60"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); - goto l00000a60; + goto l00000a2d; l000009e1_goto_l00000a07: assume {:captureState "l000009e1_goto_l00000a07"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); goto l00000a07; - l000009e1_goto_l00000a4f: - assume {:captureState "l000009e1_goto_l00000a4f"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); - goto l00000a4f; - l00000a07_goto_l00000a2d: - assume {:captureState "l00000a07_goto_l00000a2d"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); + terminate: + assume {:captureState "terminate"} true; + goto terminate; + l00000a42: + assume {:captureState "l00000a42"} true; + R0, Gamma_R0 := 7bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R0); + assume {:captureState "%00000a4d"} true; goto l00000a2d; - l00000a07_goto_l00000a42: - assume {:captureState "l00000a07_goto_l00000a42"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); - goto l00000a42; + main_return: + assume {:captureState "main_return"} true; + return; } diff --git a/src/test/correct/nestedif/gcc_pic/nestedif.expected b/src/test/correct/nestedif/gcc_pic/nestedif.expected index 10003d950..2ef618ea9 100644 --- a/src/test/correct/nestedif/gcc_pic/nestedif.expected +++ b/src/test/correct/nestedif/gcc_pic/nestedif.expected @@ -216,16 +216,6 @@ procedure main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; goto lmain_goto_l000009e1, lmain_goto_l00000a60; - l000009e1: - assume {:captureState "l000009e1"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); - #5, Gamma_#5 := bvadd32(R0[32:0], 4294967294bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#5, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934591bv33))), (Gamma_R0 && Gamma_#5); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#5, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967295bv33))), (Gamma_R0 && Gamma_#5); - ZF, Gamma_ZF := bvcomp32(bvadd32(#5, 1bv32), 0bv32), Gamma_#5; - NF, Gamma_NF := bvadd32(#5, 1bv32)[32:31], Gamma_#5; - assert Gamma_ZF; - goto l000009e1_goto_l00000a07, l000009e1_goto_l00000a4f; l00000a07: assume {:captureState "l00000a07"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); @@ -236,51 +226,67 @@ procedure main() NF, Gamma_NF := bvadd32(#6, 1bv32)[32:31], Gamma_#6; assert Gamma_ZF; goto l00000a07_goto_l00000a2d, l00000a07_goto_l00000a42; - l00000a42: - assume {:captureState "l00000a42"} true; - R0, Gamma_R0 := 7bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R0); - assume {:captureState "%00000a4d"} true; - goto l00000a2d; + l000009e1_goto_l00000a4f: + assume {:captureState "l000009e1_goto_l00000a4f"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); + goto l00000a4f; + lmain_goto_l000009e1: + assume {:captureState "lmain_goto_l000009e1"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); + goto l000009e1; + l00000a07_goto_l00000a42: + assume {:captureState "l00000a07_goto_l00000a42"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); + goto l00000a42; + l000009e1: + assume {:captureState "l000009e1"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); + #5, Gamma_#5 := bvadd32(R0[32:0], 4294967294bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#5, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934591bv33))), (Gamma_R0 && Gamma_#5); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#5, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967295bv33))), (Gamma_R0 && Gamma_#5); + ZF, Gamma_ZF := bvcomp32(bvadd32(#5, 1bv32), 0bv32), Gamma_#5; + NF, Gamma_NF := bvadd32(#5, 1bv32)[32:31], Gamma_#5; + assert Gamma_ZF; + goto l000009e1_goto_l00000a07, l000009e1_goto_l00000a4f; + l00000a2d: + assume {:captureState "l00000a2d"} true; + R0, Gamma_R0 := 0bv64, true; + R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; l00000a4f: assume {:captureState "l00000a4f"} true; R0, Gamma_R0 := 5bv64, true; stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R0); assume {:captureState "%00000a5a"} true; goto l00000a2d; + lmain_goto_l00000a60: + assume {:captureState "lmain_goto_l00000a60"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); + goto l00000a60; l00000a60: assume {:captureState "l00000a60"} true; R0, Gamma_R0 := 3bv64, true; stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R0); assume {:captureState "%00000a6b"} true; goto l00000a2d; - l00000a2d: - assume {:captureState "l00000a2d"} true; - R0, Gamma_R0 := 0bv64, true; - R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; - return; - lmain_goto_l000009e1: - assume {:captureState "lmain_goto_l000009e1"} true; + l00000a07_goto_l00000a2d: + assume {:captureState "l00000a07_goto_l00000a2d"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); - goto l000009e1; - lmain_goto_l00000a60: - assume {:captureState "lmain_goto_l00000a60"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); - goto l00000a60; + goto l00000a2d; l000009e1_goto_l00000a07: assume {:captureState "l000009e1_goto_l00000a07"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); goto l00000a07; - l000009e1_goto_l00000a4f: - assume {:captureState "l000009e1_goto_l00000a4f"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); - goto l00000a4f; - l00000a07_goto_l00000a2d: - assume {:captureState "l00000a07_goto_l00000a2d"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); + terminate: + assume {:captureState "terminate"} true; + goto terminate; + l00000a42: + assume {:captureState "l00000a42"} true; + R0, Gamma_R0 := 7bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R0); + assume {:captureState "%00000a4d"} true; goto l00000a2d; - l00000a07_goto_l00000a42: - assume {:captureState "l00000a07_goto_l00000a42"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); - goto l00000a42; + main_return: + assume {:captureState "main_return"} true; + return; } diff --git a/src/test/correct/no_interference_update_x/clang/no_interference_update_x.expected b/src/test/correct/no_interference_update_x/clang/no_interference_update_x.expected index 7a6a27fd0..009e6ae45 100644 --- a/src/test/correct/no_interference_update_x/clang/no_interference_update_x.expected +++ b/src/test/correct/no_interference_update_x/clang/no_interference_update_x.expected @@ -195,5 +195,11 @@ procedure main() assert (memory_load32_le(mem, $y_addr) == y_old); assume {:captureState "%000002ce"} true; R0, Gamma_R0 := 0bv64, true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/no_interference_update_x/clang_O2/no_interference_update_x.expected b/src/test/correct/no_interference_update_x/clang_O2/no_interference_update_x.expected index 740a585c8..5bdc78f2c 100644 --- a/src/test/correct/no_interference_update_x/clang_O2/no_interference_update_x.expected +++ b/src/test/correct/no_interference_update_x/clang_O2/no_interference_update_x.expected @@ -195,5 +195,11 @@ procedure main() mem, Gamma_mem := memory_store32_le(mem, bvadd64(R8, 52bv64), R9[32:0]), gamma_store32(Gamma_mem, bvadd64(R8, 52bv64), Gamma_R9); assert (memory_load32_le(mem, $y_addr) == y_old); assume {:captureState "%000002d3"} true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/no_interference_update_x/clang_no_plt_no_pic/no_interference_update_x.expected b/src/test/correct/no_interference_update_x/clang_no_plt_no_pic/no_interference_update_x.expected index 293d1dbc9..e930a15fe 100644 --- a/src/test/correct/no_interference_update_x/clang_no_plt_no_pic/no_interference_update_x.expected +++ b/src/test/correct/no_interference_update_x/clang_no_plt_no_pic/no_interference_update_x.expected @@ -195,5 +195,11 @@ procedure main() assert (memory_load32_le(mem, $y_addr) == y_old); assume {:captureState "%00000845"} true; R0, Gamma_R0 := 0bv64, true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/no_interference_update_x/clang_pic/no_interference_update_x.expected b/src/test/correct/no_interference_update_x/clang_pic/no_interference_update_x.expected index a5a054cf9..e59f5333a 100644 --- a/src/test/correct/no_interference_update_x/clang_pic/no_interference_update_x.expected +++ b/src/test/correct/no_interference_update_x/clang_pic/no_interference_update_x.expected @@ -229,5 +229,11 @@ procedure main() assert (memory_load32_le(mem, $y_addr) == y_old); assume {:captureState "%000002d9"} true; R0, Gamma_R0 := 0bv64, true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/no_interference_update_x/gcc/no_interference_update_x.expected b/src/test/correct/no_interference_update_x/gcc/no_interference_update_x.expected index 48ecd68b7..5cbe32bf9 100644 --- a/src/test/correct/no_interference_update_x/gcc/no_interference_update_x.expected +++ b/src/test/correct/no_interference_update_x/gcc/no_interference_update_x.expected @@ -194,5 +194,11 @@ procedure main() assert (memory_load32_le(mem, $y_addr) == y_old); assume {:captureState "%000002d8"} true; R0, Gamma_R0 := 0bv64, true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/no_interference_update_x/gcc_O2/no_interference_update_x.expected b/src/test/correct/no_interference_update_x/gcc_O2/no_interference_update_x.expected index ef1344e1e..fb0cfcf5b 100644 --- a/src/test/correct/no_interference_update_x/gcc_O2/no_interference_update_x.expected +++ b/src/test/correct/no_interference_update_x/gcc_O2/no_interference_update_x.expected @@ -195,5 +195,11 @@ procedure main() mem, Gamma_mem := memory_store32_le(mem, bvadd64(R1, 20bv64), R2[32:0]), gamma_store32(Gamma_mem, bvadd64(R1, 20bv64), Gamma_R2); assert (memory_load32_le(mem, $y_addr) == y_old); assume {:captureState "%000001bd"} true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/no_interference_update_x/gcc_no_plt_no_pic/no_interference_update_x.expected b/src/test/correct/no_interference_update_x/gcc_no_plt_no_pic/no_interference_update_x.expected index 09a38ab49..2f16d6159 100644 --- a/src/test/correct/no_interference_update_x/gcc_no_plt_no_pic/no_interference_update_x.expected +++ b/src/test/correct/no_interference_update_x/gcc_no_plt_no_pic/no_interference_update_x.expected @@ -194,5 +194,11 @@ procedure main() assert (memory_load32_le(mem, $y_addr) == y_old); assume {:captureState "%0000085b"} true; R0, Gamma_R0 := 0bv64, true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/no_interference_update_x/gcc_pic/no_interference_update_x.expected b/src/test/correct/no_interference_update_x/gcc_pic/no_interference_update_x.expected index b07082212..51d8ed8f9 100644 --- a/src/test/correct/no_interference_update_x/gcc_pic/no_interference_update_x.expected +++ b/src/test/correct/no_interference_update_x/gcc_pic/no_interference_update_x.expected @@ -227,5 +227,11 @@ procedure main() assert (memory_load32_le(mem, $y_addr) == y_old); assume {:captureState "%000002d9"} true; R0, Gamma_R0 := 0bv64, true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/no_interference_update_y/clang/no_interference_update_y.expected b/src/test/correct/no_interference_update_y/clang/no_interference_update_y.expected index 2bb856649..8cdef6db0 100644 --- a/src/test/correct/no_interference_update_y/clang/no_interference_update_y.expected +++ b/src/test/correct/no_interference_update_y/clang/no_interference_update_y.expected @@ -195,5 +195,11 @@ procedure main() assert (memory_load32_le(mem, $x_addr) == x_old); assume {:captureState "%000002ce"} true; R0, Gamma_R0 := 0bv64, true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/no_interference_update_y/clang_O2/no_interference_update_y.expected b/src/test/correct/no_interference_update_y/clang_O2/no_interference_update_y.expected index 81e2f7c66..86206551f 100644 --- a/src/test/correct/no_interference_update_y/clang_O2/no_interference_update_y.expected +++ b/src/test/correct/no_interference_update_y/clang_O2/no_interference_update_y.expected @@ -195,5 +195,11 @@ procedure main() mem, Gamma_mem := memory_store32_le(mem, bvadd64(R8, 52bv64), R9[32:0]), gamma_store32(Gamma_mem, bvadd64(R8, 52bv64), Gamma_R9); assert (memory_load32_le(mem, $x_addr) == x_old); assume {:captureState "%000002d3"} true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/no_interference_update_y/clang_no_plt_no_pic/no_interference_update_y.expected b/src/test/correct/no_interference_update_y/clang_no_plt_no_pic/no_interference_update_y.expected index ac0a8d545..80c33d6ed 100644 --- a/src/test/correct/no_interference_update_y/clang_no_plt_no_pic/no_interference_update_y.expected +++ b/src/test/correct/no_interference_update_y/clang_no_plt_no_pic/no_interference_update_y.expected @@ -195,5 +195,11 @@ procedure main() assert (memory_load32_le(mem, $x_addr) == x_old); assume {:captureState "%00000845"} true; R0, Gamma_R0 := 0bv64, true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/no_interference_update_y/clang_pic/no_interference_update_y.expected b/src/test/correct/no_interference_update_y/clang_pic/no_interference_update_y.expected index 963551bd0..e37d80782 100644 --- a/src/test/correct/no_interference_update_y/clang_pic/no_interference_update_y.expected +++ b/src/test/correct/no_interference_update_y/clang_pic/no_interference_update_y.expected @@ -229,5 +229,11 @@ procedure main() assert (memory_load32_le(mem, $x_addr) == x_old); assume {:captureState "%000002d9"} true; R0, Gamma_R0 := 0bv64, true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/no_interference_update_y/gcc/no_interference_update_y.expected b/src/test/correct/no_interference_update_y/gcc/no_interference_update_y.expected index 20a7bf882..e53abcb67 100644 --- a/src/test/correct/no_interference_update_y/gcc/no_interference_update_y.expected +++ b/src/test/correct/no_interference_update_y/gcc/no_interference_update_y.expected @@ -194,5 +194,11 @@ procedure main() assert (memory_load32_le(mem, $x_addr) == x_old); assume {:captureState "%000002d8"} true; R0, Gamma_R0 := 0bv64, true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/no_interference_update_y/gcc_O2/no_interference_update_y.expected b/src/test/correct/no_interference_update_y/gcc_O2/no_interference_update_y.expected index 01c79156a..670bf9dce 100644 --- a/src/test/correct/no_interference_update_y/gcc_O2/no_interference_update_y.expected +++ b/src/test/correct/no_interference_update_y/gcc_O2/no_interference_update_y.expected @@ -195,5 +195,11 @@ procedure main() mem, Gamma_mem := memory_store32_le(mem, bvadd64(R1, 20bv64), R2[32:0]), gamma_store32(Gamma_mem, bvadd64(R1, 20bv64), Gamma_R2); assert (memory_load32_le(mem, $x_addr) == x_old); assume {:captureState "%000001bd"} true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/no_interference_update_y/gcc_no_plt_no_pic/no_interference_update_y.expected b/src/test/correct/no_interference_update_y/gcc_no_plt_no_pic/no_interference_update_y.expected index 658b4eb22..20ebed36e 100644 --- a/src/test/correct/no_interference_update_y/gcc_no_plt_no_pic/no_interference_update_y.expected +++ b/src/test/correct/no_interference_update_y/gcc_no_plt_no_pic/no_interference_update_y.expected @@ -194,5 +194,11 @@ procedure main() assert (memory_load32_le(mem, $x_addr) == x_old); assume {:captureState "%0000085b"} true; R0, Gamma_R0 := 0bv64, true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/no_interference_update_y/gcc_pic/no_interference_update_y.expected b/src/test/correct/no_interference_update_y/gcc_pic/no_interference_update_y.expected index 0cd4b1423..60923f161 100644 --- a/src/test/correct/no_interference_update_y/gcc_pic/no_interference_update_y.expected +++ b/src/test/correct/no_interference_update_y/gcc_pic/no_interference_update_y.expected @@ -227,5 +227,11 @@ procedure main() assert (memory_load32_le(mem, $x_addr) == x_old); assume {:captureState "%000002d9"} true; R0, Gamma_R0 := 0bv64, true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/secret_write/clang/secret_write.expected b/src/test/correct/secret_write/clang/secret_write.expected index 731e47319..16724cc83 100644 --- a/src/test/correct/secret_write/clang/secret_write.expected +++ b/src/test/correct/secret_write/clang/secret_write.expected @@ -257,5 +257,11 @@ procedure main() assert ((bvadd64(R9, 52bv64) == $z_addr) ==> (L(mem, $x_addr) ==> Gamma_x_old)); assert bvsge32(memory_load32_le(mem, $z_addr), z_old); assume {:captureState "%0000033f"} true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/secret_write/clang_O2/secret_write.expected b/src/test/correct/secret_write/clang_O2/secret_write.expected index 0adc7d048..de15862c0 100644 --- a/src/test/correct/secret_write/clang_O2/secret_write.expected +++ b/src/test/correct/secret_write/clang_O2/secret_write.expected @@ -223,5 +223,11 @@ procedure main() assert ((bvadd64(R9, 52bv64) == $z_addr) ==> (L(mem, $x_addr) ==> Gamma_x_old)); assert bvsge32(memory_load32_le(mem, $z_addr), z_old); assume {:captureState "%000002e7"} true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/secret_write/clang_no_plt_no_pic/secret_write.expected b/src/test/correct/secret_write/clang_no_plt_no_pic/secret_write.expected index 2e4c0f4d2..030e3be43 100644 --- a/src/test/correct/secret_write/clang_no_plt_no_pic/secret_write.expected +++ b/src/test/correct/secret_write/clang_no_plt_no_pic/secret_write.expected @@ -257,5 +257,11 @@ procedure main() assert ((bvadd64(R9, 52bv64) == $z_addr) ==> (L(mem, $x_addr) ==> Gamma_x_old)); assert bvsge32(memory_load32_le(mem, $z_addr), z_old); assume {:captureState "%00000936"} true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/secret_write/clang_pic/secret_write.expected b/src/test/correct/secret_write/clang_pic/secret_write.expected index 53c9b519b..ad9cb3006 100644 --- a/src/test/correct/secret_write/clang_pic/secret_write.expected +++ b/src/test/correct/secret_write/clang_pic/secret_write.expected @@ -343,5 +343,11 @@ procedure main() assert ((R9 == $z_addr) ==> (L(mem, $x_addr) ==> Gamma_x_old)); assert bvsge32(memory_load32_le(mem, $z_addr), z_old); assume {:captureState "%00000360"} true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/secret_write/gcc/secret_write.expected b/src/test/correct/secret_write/gcc/secret_write.expected index fbb8b7faf..04ecbda5f 100644 --- a/src/test/correct/secret_write/gcc/secret_write.expected +++ b/src/test/correct/secret_write/gcc/secret_write.expected @@ -266,5 +266,11 @@ procedure main() assert bvsge32(memory_load32_le(mem, $z_addr), z_old); assume {:captureState "%000003b7"} true; R0, Gamma_R0 := 0bv64, true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/secret_write/gcc_O2/secret_write.expected b/src/test/correct/secret_write/gcc_O2/secret_write.expected index 393a51bf6..53529e4f5 100644 --- a/src/test/correct/secret_write/gcc_O2/secret_write.expected +++ b/src/test/correct/secret_write/gcc_O2/secret_write.expected @@ -223,5 +223,11 @@ procedure main() assert ((bvadd64(R2, 4bv64) == $z_addr) ==> (L(mem, $x_addr) ==> Gamma_x_old)); assert bvsge32(memory_load32_le(mem, $z_addr), z_old); assume {:captureState "%000001ca"} true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/secret_write/gcc_no_plt_no_pic/secret_write.expected b/src/test/correct/secret_write/gcc_no_plt_no_pic/secret_write.expected index 9d6a27f3f..d3fa78bba 100644 --- a/src/test/correct/secret_write/gcc_no_plt_no_pic/secret_write.expected +++ b/src/test/correct/secret_write/gcc_no_plt_no_pic/secret_write.expected @@ -266,5 +266,11 @@ procedure main() assert bvsge32(memory_load32_le(mem, $z_addr), z_old); assume {:captureState "%00000a45"} true; R0, Gamma_R0 := 0bv64, true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/secret_write/gcc_pic/secret_write.expected b/src/test/correct/secret_write/gcc_pic/secret_write.expected index 2275cb362..ff4632805 100644 --- a/src/test/correct/secret_write/gcc_pic/secret_write.expected +++ b/src/test/correct/secret_write/gcc_pic/secret_write.expected @@ -354,5 +354,11 @@ procedure main() assert bvsge32(memory_load32_le(mem, $z_addr), z_old); assume {:captureState "%000003bf"} true; R0, Gamma_R0 := 0bv64, true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/simple_jump/clang/simple_jump.expected b/src/test/correct/simple_jump/clang/simple_jump.expected index 8ae879c7e..32def4468 100644 --- a/src/test/correct/simple_jump/clang/simple_jump.expected +++ b/src/test/correct/simple_jump/clang/simple_jump.expected @@ -219,42 +219,48 @@ procedure main() assume {:captureState "l00000329"} true; R8, Gamma_R8 := 1bv64, true; goto l0000032c; - l00000326: - assume {:captureState "l00000326"} true; - R8, Gamma_R8 := 0bv64, true; - goto l0000032c; l0000032c: assume {:captureState "l0000032c"} true; assert Gamma_R8; goto l0000032c_goto_l00000334, l0000032c_goto_l0000034b; + l00000334: + assume {:captureState "l00000334"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); + R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + l00000326: + assume {:captureState "l00000326"} true; + R8, Gamma_R8 := 0bv64, true; + goto l0000032c; l0000034b: assume {:captureState "l0000034b"} true; goto l0000034c; + lmain_goto_l00000326: + assume {:captureState "lmain_goto_l00000326"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l00000326; l0000034c: assume {:captureState "l0000034c"} true; R8, Gamma_R8 := 6bv64, true; stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 8bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 8bv64), Gamma_R8); assume {:captureState "%0000035a"} true; goto l00000334; - l00000334: - assume {:captureState "l00000334"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); - R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; - return; - lmain_goto_l00000326: - assume {:captureState "lmain_goto_l00000326"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l00000326; - lmain_goto_l00000329: - assume {:captureState "lmain_goto_l00000329"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l00000329; + terminate: + assume {:captureState "terminate"} true; + goto terminate; l0000032c_goto_l00000334: assume {:captureState "l0000032c_goto_l00000334"} true; assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); goto l00000334; + lmain_goto_l00000329: + assume {:captureState "lmain_goto_l00000329"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l00000329; l0000032c_goto_l0000034b: assume {:captureState "l0000032c_goto_l0000034b"} true; assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); goto l0000034b; + main_return: + assume {:captureState "main_return"} true; + return; } diff --git a/src/test/correct/simple_jump/clang_O2/simple_jump.expected b/src/test/correct/simple_jump/clang_O2/simple_jump.expected index b904c03a5..91c86ad15 100644 --- a/src/test/correct/simple_jump/clang_O2/simple_jump.expected +++ b/src/test/correct/simple_jump/clang_O2/simple_jump.expected @@ -157,5 +157,11 @@ procedure main() lmain: assume {:captureState "lmain"} true; R0, Gamma_R0 := 0bv64, true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/simple_jump/clang_no_plt_no_pic/simple_jump.expected b/src/test/correct/simple_jump/clang_no_plt_no_pic/simple_jump.expected index 7d5b217e6..1c39d87d8 100644 --- a/src/test/correct/simple_jump/clang_no_plt_no_pic/simple_jump.expected +++ b/src/test/correct/simple_jump/clang_no_plt_no_pic/simple_jump.expected @@ -215,18 +215,23 @@ procedure main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; goto lmain_goto_l00000938, lmain_goto_l0000093b; - l0000093b: - assume {:captureState "l0000093b"} true; - R8, Gamma_R8 := 1bv64, true; - goto l0000093e; - l00000938: - assume {:captureState "l00000938"} true; - R8, Gamma_R8 := 0bv64, true; - goto l0000093e; l0000093e: assume {:captureState "l0000093e"} true; assert Gamma_R8; goto l0000093e_goto_l00000946, l0000093e_goto_l0000095d; + l00000946: + assume {:captureState "l00000946"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); + R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + lmain_goto_l00000938: + assume {:captureState "lmain_goto_l00000938"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l00000938; + l0000093b: + assume {:captureState "l0000093b"} true; + R8, Gamma_R8 := 1bv64, true; + goto l0000093e; l0000095d: assume {:captureState "l0000095d"} true; goto l0000095e; @@ -236,19 +241,6 @@ procedure main() stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 8bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 8bv64), Gamma_R8); assume {:captureState "%0000096c"} true; goto l00000946; - l00000946: - assume {:captureState "l00000946"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); - R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; - return; - lmain_goto_l00000938: - assume {:captureState "lmain_goto_l00000938"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l00000938; - lmain_goto_l0000093b: - assume {:captureState "lmain_goto_l0000093b"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l0000093b; l0000093e_goto_l00000946: assume {:captureState "l0000093e_goto_l00000946"} true; assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); @@ -257,4 +249,18 @@ procedure main() assume {:captureState "l0000093e_goto_l0000095d"} true; assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); goto l0000095d; + lmain_goto_l0000093b: + assume {:captureState "lmain_goto_l0000093b"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l0000093b; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + l00000938: + assume {:captureState "l00000938"} true; + R8, Gamma_R8 := 0bv64, true; + goto l0000093e; + main_return: + assume {:captureState "main_return"} true; + return; } diff --git a/src/test/correct/simple_jump/clang_pic/simple_jump.expected b/src/test/correct/simple_jump/clang_pic/simple_jump.expected index 7d5b217e6..1c39d87d8 100644 --- a/src/test/correct/simple_jump/clang_pic/simple_jump.expected +++ b/src/test/correct/simple_jump/clang_pic/simple_jump.expected @@ -215,18 +215,23 @@ procedure main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; goto lmain_goto_l00000938, lmain_goto_l0000093b; - l0000093b: - assume {:captureState "l0000093b"} true; - R8, Gamma_R8 := 1bv64, true; - goto l0000093e; - l00000938: - assume {:captureState "l00000938"} true; - R8, Gamma_R8 := 0bv64, true; - goto l0000093e; l0000093e: assume {:captureState "l0000093e"} true; assert Gamma_R8; goto l0000093e_goto_l00000946, l0000093e_goto_l0000095d; + l00000946: + assume {:captureState "l00000946"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); + R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + lmain_goto_l00000938: + assume {:captureState "lmain_goto_l00000938"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l00000938; + l0000093b: + assume {:captureState "l0000093b"} true; + R8, Gamma_R8 := 1bv64, true; + goto l0000093e; l0000095d: assume {:captureState "l0000095d"} true; goto l0000095e; @@ -236,19 +241,6 @@ procedure main() stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 8bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 8bv64), Gamma_R8); assume {:captureState "%0000096c"} true; goto l00000946; - l00000946: - assume {:captureState "l00000946"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); - R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; - return; - lmain_goto_l00000938: - assume {:captureState "lmain_goto_l00000938"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l00000938; - lmain_goto_l0000093b: - assume {:captureState "lmain_goto_l0000093b"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l0000093b; l0000093e_goto_l00000946: assume {:captureState "l0000093e_goto_l00000946"} true; assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); @@ -257,4 +249,18 @@ procedure main() assume {:captureState "l0000093e_goto_l0000095d"} true; assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); goto l0000095d; + lmain_goto_l0000093b: + assume {:captureState "lmain_goto_l0000093b"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l0000093b; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + l00000938: + assume {:captureState "l00000938"} true; + R8, Gamma_R8 := 0bv64, true; + goto l0000093e; + main_return: + assume {:captureState "main_return"} true; + return; } diff --git a/src/test/correct/simple_jump/gcc/simple_jump.expected b/src/test/correct/simple_jump/gcc/simple_jump.expected index 4195b886a..4845c038c 100644 --- a/src/test/correct/simple_jump/gcc/simple_jump.expected +++ b/src/test/correct/simple_jump/gcc/simple_jump.expected @@ -220,7 +220,7 @@ procedure main() assume {:captureState "l0000030a"} true; R0, Gamma_R0 := 0bv64, true; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; - return; + goto main_return; lmain_goto_l0000030a: assume {:captureState "lmain_goto_l0000030a"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); @@ -229,4 +229,10 @@ procedure main() assume {:captureState "lmain_goto_l0000031f"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); goto l0000031f; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; + return; } diff --git a/src/test/correct/simple_jump/gcc_O2/simple_jump.expected b/src/test/correct/simple_jump/gcc_O2/simple_jump.expected index 306991d20..0918aa3d9 100644 --- a/src/test/correct/simple_jump/gcc_O2/simple_jump.expected +++ b/src/test/correct/simple_jump/gcc_O2/simple_jump.expected @@ -157,5 +157,11 @@ procedure main() lmain: assume {:captureState "lmain"} true; R0, Gamma_R0 := 0bv64, true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/simple_jump/gcc_no_plt_no_pic/simple_jump.expected b/src/test/correct/simple_jump/gcc_no_plt_no_pic/simple_jump.expected index cb9614234..89636d949 100644 --- a/src/test/correct/simple_jump/gcc_no_plt_no_pic/simple_jump.expected +++ b/src/test/correct/simple_jump/gcc_no_plt_no_pic/simple_jump.expected @@ -220,7 +220,7 @@ procedure main() assume {:captureState "l000008e1"} true; R0, Gamma_R0 := 0bv64, true; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; - return; + goto main_return; lmain_goto_l000008e1: assume {:captureState "lmain_goto_l000008e1"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); @@ -229,4 +229,10 @@ procedure main() assume {:captureState "lmain_goto_l000008f6"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); goto l000008f6; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; + return; } diff --git a/src/test/correct/simple_jump/gcc_pic/simple_jump.expected b/src/test/correct/simple_jump/gcc_pic/simple_jump.expected index cb9614234..89636d949 100644 --- a/src/test/correct/simple_jump/gcc_pic/simple_jump.expected +++ b/src/test/correct/simple_jump/gcc_pic/simple_jump.expected @@ -220,7 +220,7 @@ procedure main() assume {:captureState "l000008e1"} true; R0, Gamma_R0 := 0bv64, true; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; - return; + goto main_return; lmain_goto_l000008e1: assume {:captureState "lmain_goto_l000008e1"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); @@ -229,4 +229,10 @@ procedure main() assume {:captureState "lmain_goto_l000008f6"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); goto l000008f6; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; + return; } diff --git a/src/test/correct/switch/clang/switch.expected b/src/test/correct/switch/clang/switch.expected index b33b54140..ab60b0f1e 100644 --- a/src/test/correct/switch/clang/switch.expected +++ b/src/test/correct/switch/clang/switch.expected @@ -217,99 +217,105 @@ procedure main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; goto lmain_goto_l0000035a, lmain_goto_l0000035d; - l0000035d: - assume {:captureState "l0000035d"} true; - R8, Gamma_R8 := 1bv64, true; - goto l00000360; - l0000035a: - assume {:captureState "l0000035a"} true; - R8, Gamma_R8 := 0bv64, true; - goto l00000360; - l00000360: - assume {:captureState "l00000360"} true; - assert Gamma_R8; - goto l00000360_goto_l00000368, l00000360_goto_l0000039a; - l0000039a: - assume {:captureState "l0000039a"} true; - goto l0000039b; - l0000039b: - assume {:captureState "l0000039b"} true; - R8, Gamma_R8 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 4bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 4bv64)); - #5, Gamma_#5 := bvadd32(R8[32:0], 4294967292bv32), Gamma_R8; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#5, 1bv32)), bvadd33(sign_extend1_32(R8[32:0]), 8589934589bv33))), (Gamma_R8 && Gamma_#5); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#5, 1bv32)), bvadd33(zero_extend1_32(R8[32:0]), 4294967293bv33))), (Gamma_R8 && Gamma_#5); - ZF, Gamma_ZF := bvcomp32(bvadd32(#5, 1bv32), 0bv32), Gamma_#5; - NF, Gamma_NF := bvadd32(#5, 1bv32)[32:31], Gamma_#5; - R8, Gamma_R8 := zero_extend32_32(bvadd32(#5, 1bv32)), Gamma_#5; - assert Gamma_ZF; - goto l0000039b_goto_l000003c4, l0000039b_goto_l000003c7; - l000003c7: - assume {:captureState "l000003c7"} true; - R8, Gamma_R8 := 1bv64, true; - goto l000003ca; + lmain_goto_l0000035a: + assume {:captureState "lmain_goto_l0000035a"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); + goto l0000035a; l000003c4: assume {:captureState "l000003c4"} true; R8, Gamma_R8 := 0bv64, true; goto l000003ca; - l000003ca: - assume {:captureState "l000003ca"} true; - assert Gamma_R8; - goto l000003ca_goto_l00000389, l000003ca_goto_l000003d7; - l00000389: - assume {:captureState "l00000389"} true; - R8, Gamma_R8 := 5bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 8bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 8bv64), Gamma_R8); - assume {:captureState "%00000394"} true; - goto l0000037b; - l000003d7: - assume {:captureState "l000003d7"} true; - goto l000003d8; + lmain_goto_l0000035d: + assume {:captureState "lmain_goto_l0000035d"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); + goto l0000035d; l000003d8: assume {:captureState "l000003d8"} true; R8, Gamma_R8 := 3bv64, true; stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 8bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 8bv64), Gamma_R8); assume {:captureState "%000003e6"} true; goto l00000368; - l00000368: - assume {:captureState "l00000368"} true; + l000003c7: + assume {:captureState "l000003c7"} true; R8, Gamma_R8 := 1bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 8bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 8bv64), Gamma_R8); - assume {:captureState "%00000378"} true; - goto l0000037b; - l0000037b: - assume {:captureState "l0000037b"} true; - R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; - return; - lmain_goto_l0000035a: - assume {:captureState "lmain_goto_l0000035a"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); - goto l0000035a; - lmain_goto_l0000035d: - assume {:captureState "lmain_goto_l0000035d"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); - goto l0000035d; - l00000360_goto_l00000368: - assume {:captureState "l00000360_goto_l00000368"} true; + goto l000003ca; + l000003d7: + assume {:captureState "l000003d7"} true; + goto l000003d8; + l000003ca_goto_l00000389: + assume {:captureState "l000003ca_goto_l00000389"} true; assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); - goto l00000368; - l00000360_goto_l0000039a: - assume {:captureState "l00000360_goto_l0000039a"} true; - assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); - goto l0000039a; + goto l00000389; + l000003ca: + assume {:captureState "l000003ca"} true; + assert Gamma_R8; + goto l000003ca_goto_l00000389, l000003ca_goto_l000003d7; l0000039b_goto_l000003c4: assume {:captureState "l0000039b_goto_l000003c4"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); goto l000003c4; + l00000360: + assume {:captureState "l00000360"} true; + assert Gamma_R8; + goto l00000360_goto_l00000368, l00000360_goto_l0000039a; + l00000360_goto_l00000368: + assume {:captureState "l00000360_goto_l00000368"} true; + assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); + goto l00000368; l0000039b_goto_l000003c7: assume {:captureState "l0000039b_goto_l000003c7"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); goto l000003c7; - l000003ca_goto_l00000389: - assume {:captureState "l000003ca_goto_l00000389"} true; - assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); - goto l00000389; + l0000039a: + assume {:captureState "l0000039a"} true; + goto l0000039b; + l00000368: + assume {:captureState "l00000368"} true; + R8, Gamma_R8 := 1bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 8bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 8bv64), Gamma_R8); + assume {:captureState "%00000378"} true; + goto l0000037b; + l00000389: + assume {:captureState "l00000389"} true; + R8, Gamma_R8 := 5bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 8bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 8bv64), Gamma_R8); + assume {:captureState "%00000394"} true; + goto l0000037b; l000003ca_goto_l000003d7: assume {:captureState "l000003ca_goto_l000003d7"} true; assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); goto l000003d7; + l00000360_goto_l0000039a: + assume {:captureState "l00000360_goto_l0000039a"} true; + assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); + goto l0000039a; + l0000035d: + assume {:captureState "l0000035d"} true; + R8, Gamma_R8 := 1bv64, true; + goto l00000360; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + l0000039b: + assume {:captureState "l0000039b"} true; + R8, Gamma_R8 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 4bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 4bv64)); + #5, Gamma_#5 := bvadd32(R8[32:0], 4294967292bv32), Gamma_R8; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#5, 1bv32)), bvadd33(sign_extend1_32(R8[32:0]), 8589934589bv33))), (Gamma_R8 && Gamma_#5); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#5, 1bv32)), bvadd33(zero_extend1_32(R8[32:0]), 4294967293bv33))), (Gamma_R8 && Gamma_#5); + ZF, Gamma_ZF := bvcomp32(bvadd32(#5, 1bv32), 0bv32), Gamma_#5; + NF, Gamma_NF := bvadd32(#5, 1bv32)[32:31], Gamma_#5; + R8, Gamma_R8 := zero_extend32_32(bvadd32(#5, 1bv32)), Gamma_#5; + assert Gamma_ZF; + goto l0000039b_goto_l000003c4, l0000039b_goto_l000003c7; + l0000035a: + assume {:captureState "l0000035a"} true; + R8, Gamma_R8 := 0bv64, true; + goto l00000360; + l0000037b: + assume {:captureState "l0000037b"} true; + R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + main_return: + assume {:captureState "main_return"} true; + return; } diff --git a/src/test/correct/switch/clang_O2/switch.expected b/src/test/correct/switch/clang_O2/switch.expected index ae43ad872..abc430756 100644 --- a/src/test/correct/switch/clang_O2/switch.expected +++ b/src/test/correct/switch/clang_O2/switch.expected @@ -153,5 +153,11 @@ procedure main() { lmain: assume {:captureState "lmain"} true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/switch/clang_no_plt_no_pic/switch.expected b/src/test/correct/switch/clang_no_plt_no_pic/switch.expected index aaf01b543..cd59561db 100644 --- a/src/test/correct/switch/clang_no_plt_no_pic/switch.expected +++ b/src/test/correct/switch/clang_no_plt_no_pic/switch.expected @@ -217,50 +217,39 @@ procedure main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; goto lmain_goto_l00000a0f, lmain_goto_l00000a12; - l00000a12: - assume {:captureState "l00000a12"} true; - R8, Gamma_R8 := 1bv64, true; - goto l00000a15; - l00000a0f: - assume {:captureState "l00000a0f"} true; - R8, Gamma_R8 := 0bv64, true; - goto l00000a15; + l00000a50_goto_l00000a7c: + assume {:captureState "l00000a50_goto_l00000a7c"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l00000a7c; + lmain_goto_l00000a12: + assume {:captureState "lmain_goto_l00000a12"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); + goto l00000a12; l00000a15: assume {:captureState "l00000a15"} true; assert Gamma_R8; goto l00000a15_goto_l00000a1d, l00000a15_goto_l00000a4f; + l00000a3e: + assume {:captureState "l00000a3e"} true; + R8, Gamma_R8 := 5bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 8bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 8bv64), Gamma_R8); + assume {:captureState "%00000a49"} true; + goto l00000a30; l00000a4f: assume {:captureState "l00000a4f"} true; goto l00000a50; - l00000a50: - assume {:captureState "l00000a50"} true; - R8, Gamma_R8 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 4bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 4bv64)); - #5, Gamma_#5 := bvadd32(R8[32:0], 4294967292bv32), Gamma_R8; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#5, 1bv32)), bvadd33(sign_extend1_32(R8[32:0]), 8589934589bv33))), (Gamma_R8 && Gamma_#5); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#5, 1bv32)), bvadd33(zero_extend1_32(R8[32:0]), 4294967293bv33))), (Gamma_R8 && Gamma_#5); - ZF, Gamma_ZF := bvcomp32(bvadd32(#5, 1bv32), 0bv32), Gamma_#5; - NF, Gamma_NF := bvadd32(#5, 1bv32)[32:31], Gamma_#5; - R8, Gamma_R8 := zero_extend32_32(bvadd32(#5, 1bv32)), Gamma_#5; - assert Gamma_ZF; - goto l00000a50_goto_l00000a7c, l00000a50_goto_l00000a79; - l00000a7c: - assume {:captureState "l00000a7c"} true; - R8, Gamma_R8 := 1bv64, true; - goto l00000a7f; - l00000a79: - assume {:captureState "l00000a79"} true; - R8, Gamma_R8 := 0bv64, true; - goto l00000a7f; + l00000a7f_goto_l00000a3e: + assume {:captureState "l00000a7f_goto_l00000a3e"} true; + assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); + goto l00000a3e; l00000a7f: assume {:captureState "l00000a7f"} true; assert Gamma_R8; goto l00000a7f_goto_l00000a3e, l00000a7f_goto_l00000a8c; - l00000a3e: - assume {:captureState "l00000a3e"} true; - R8, Gamma_R8 := 5bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 8bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 8bv64), Gamma_R8); - assume {:captureState "%00000a49"} true; - goto l00000a30; + lmain_goto_l00000a0f: + assume {:captureState "lmain_goto_l00000a0f"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); + goto l00000a0f; l00000a8c: assume {:captureState "l00000a8c"} true; goto l00000a8d; @@ -270,46 +259,63 @@ procedure main() stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 8bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 8bv64), Gamma_R8); assume {:captureState "%00000a9b"} true; goto l00000a1d; + l00000a7c: + assume {:captureState "l00000a7c"} true; + R8, Gamma_R8 := 1bv64, true; + goto l00000a7f; + l00000a7f_goto_l00000a8c: + assume {:captureState "l00000a7f_goto_l00000a8c"} true; + assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); + goto l00000a8c; + l00000a15_goto_l00000a1d: + assume {:captureState "l00000a15_goto_l00000a1d"} true; + assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); + goto l00000a1d; + l00000a0f: + assume {:captureState "l00000a0f"} true; + R8, Gamma_R8 := 0bv64, true; + goto l00000a15; l00000a1d: assume {:captureState "l00000a1d"} true; R8, Gamma_R8 := 1bv64, true; stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 8bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 8bv64), Gamma_R8); assume {:captureState "%00000a2d"} true; goto l00000a30; - l00000a30: - assume {:captureState "l00000a30"} true; - R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; - return; - lmain_goto_l00000a0f: - assume {:captureState "lmain_goto_l00000a0f"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); - goto l00000a0f; - lmain_goto_l00000a12: - assume {:captureState "lmain_goto_l00000a12"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); - goto l00000a12; - l00000a15_goto_l00000a1d: - assume {:captureState "l00000a15_goto_l00000a1d"} true; - assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); - goto l00000a1d; l00000a15_goto_l00000a4f: assume {:captureState "l00000a15_goto_l00000a4f"} true; assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); goto l00000a4f; + l00000a12: + assume {:captureState "l00000a12"} true; + R8, Gamma_R8 := 1bv64, true; + goto l00000a15; + l00000a79: + assume {:captureState "l00000a79"} true; + R8, Gamma_R8 := 0bv64, true; + goto l00000a7f; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + l00000a30: + assume {:captureState "l00000a30"} true; + R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; l00000a50_goto_l00000a79: assume {:captureState "l00000a50_goto_l00000a79"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); goto l00000a79; - l00000a50_goto_l00000a7c: - assume {:captureState "l00000a50_goto_l00000a7c"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l00000a7c; - l00000a7f_goto_l00000a3e: - assume {:captureState "l00000a7f_goto_l00000a3e"} true; - assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); - goto l00000a3e; - l00000a7f_goto_l00000a8c: - assume {:captureState "l00000a7f_goto_l00000a8c"} true; - assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); - goto l00000a8c; + l00000a50: + assume {:captureState "l00000a50"} true; + R8, Gamma_R8 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 4bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 4bv64)); + #5, Gamma_#5 := bvadd32(R8[32:0], 4294967292bv32), Gamma_R8; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#5, 1bv32)), bvadd33(sign_extend1_32(R8[32:0]), 8589934589bv33))), (Gamma_R8 && Gamma_#5); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#5, 1bv32)), bvadd33(zero_extend1_32(R8[32:0]), 4294967293bv33))), (Gamma_R8 && Gamma_#5); + ZF, Gamma_ZF := bvcomp32(bvadd32(#5, 1bv32), 0bv32), Gamma_#5; + NF, Gamma_NF := bvadd32(#5, 1bv32)[32:31], Gamma_#5; + R8, Gamma_R8 := zero_extend32_32(bvadd32(#5, 1bv32)), Gamma_#5; + assert Gamma_ZF; + goto l00000a50_goto_l00000a7c, l00000a50_goto_l00000a79; + main_return: + assume {:captureState "main_return"} true; + return; } diff --git a/src/test/correct/switch/clang_pic/switch.expected b/src/test/correct/switch/clang_pic/switch.expected index aaf01b543..cd59561db 100644 --- a/src/test/correct/switch/clang_pic/switch.expected +++ b/src/test/correct/switch/clang_pic/switch.expected @@ -217,50 +217,39 @@ procedure main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; goto lmain_goto_l00000a0f, lmain_goto_l00000a12; - l00000a12: - assume {:captureState "l00000a12"} true; - R8, Gamma_R8 := 1bv64, true; - goto l00000a15; - l00000a0f: - assume {:captureState "l00000a0f"} true; - R8, Gamma_R8 := 0bv64, true; - goto l00000a15; + l00000a50_goto_l00000a7c: + assume {:captureState "l00000a50_goto_l00000a7c"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l00000a7c; + lmain_goto_l00000a12: + assume {:captureState "lmain_goto_l00000a12"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); + goto l00000a12; l00000a15: assume {:captureState "l00000a15"} true; assert Gamma_R8; goto l00000a15_goto_l00000a1d, l00000a15_goto_l00000a4f; + l00000a3e: + assume {:captureState "l00000a3e"} true; + R8, Gamma_R8 := 5bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 8bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 8bv64), Gamma_R8); + assume {:captureState "%00000a49"} true; + goto l00000a30; l00000a4f: assume {:captureState "l00000a4f"} true; goto l00000a50; - l00000a50: - assume {:captureState "l00000a50"} true; - R8, Gamma_R8 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 4bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 4bv64)); - #5, Gamma_#5 := bvadd32(R8[32:0], 4294967292bv32), Gamma_R8; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#5, 1bv32)), bvadd33(sign_extend1_32(R8[32:0]), 8589934589bv33))), (Gamma_R8 && Gamma_#5); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#5, 1bv32)), bvadd33(zero_extend1_32(R8[32:0]), 4294967293bv33))), (Gamma_R8 && Gamma_#5); - ZF, Gamma_ZF := bvcomp32(bvadd32(#5, 1bv32), 0bv32), Gamma_#5; - NF, Gamma_NF := bvadd32(#5, 1bv32)[32:31], Gamma_#5; - R8, Gamma_R8 := zero_extend32_32(bvadd32(#5, 1bv32)), Gamma_#5; - assert Gamma_ZF; - goto l00000a50_goto_l00000a7c, l00000a50_goto_l00000a79; - l00000a7c: - assume {:captureState "l00000a7c"} true; - R8, Gamma_R8 := 1bv64, true; - goto l00000a7f; - l00000a79: - assume {:captureState "l00000a79"} true; - R8, Gamma_R8 := 0bv64, true; - goto l00000a7f; + l00000a7f_goto_l00000a3e: + assume {:captureState "l00000a7f_goto_l00000a3e"} true; + assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); + goto l00000a3e; l00000a7f: assume {:captureState "l00000a7f"} true; assert Gamma_R8; goto l00000a7f_goto_l00000a3e, l00000a7f_goto_l00000a8c; - l00000a3e: - assume {:captureState "l00000a3e"} true; - R8, Gamma_R8 := 5bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 8bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 8bv64), Gamma_R8); - assume {:captureState "%00000a49"} true; - goto l00000a30; + lmain_goto_l00000a0f: + assume {:captureState "lmain_goto_l00000a0f"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); + goto l00000a0f; l00000a8c: assume {:captureState "l00000a8c"} true; goto l00000a8d; @@ -270,46 +259,63 @@ procedure main() stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 8bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 8bv64), Gamma_R8); assume {:captureState "%00000a9b"} true; goto l00000a1d; + l00000a7c: + assume {:captureState "l00000a7c"} true; + R8, Gamma_R8 := 1bv64, true; + goto l00000a7f; + l00000a7f_goto_l00000a8c: + assume {:captureState "l00000a7f_goto_l00000a8c"} true; + assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); + goto l00000a8c; + l00000a15_goto_l00000a1d: + assume {:captureState "l00000a15_goto_l00000a1d"} true; + assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); + goto l00000a1d; + l00000a0f: + assume {:captureState "l00000a0f"} true; + R8, Gamma_R8 := 0bv64, true; + goto l00000a15; l00000a1d: assume {:captureState "l00000a1d"} true; R8, Gamma_R8 := 1bv64, true; stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 8bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 8bv64), Gamma_R8); assume {:captureState "%00000a2d"} true; goto l00000a30; - l00000a30: - assume {:captureState "l00000a30"} true; - R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; - return; - lmain_goto_l00000a0f: - assume {:captureState "lmain_goto_l00000a0f"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); - goto l00000a0f; - lmain_goto_l00000a12: - assume {:captureState "lmain_goto_l00000a12"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); - goto l00000a12; - l00000a15_goto_l00000a1d: - assume {:captureState "l00000a15_goto_l00000a1d"} true; - assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); - goto l00000a1d; l00000a15_goto_l00000a4f: assume {:captureState "l00000a15_goto_l00000a4f"} true; assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); goto l00000a4f; + l00000a12: + assume {:captureState "l00000a12"} true; + R8, Gamma_R8 := 1bv64, true; + goto l00000a15; + l00000a79: + assume {:captureState "l00000a79"} true; + R8, Gamma_R8 := 0bv64, true; + goto l00000a7f; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + l00000a30: + assume {:captureState "l00000a30"} true; + R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; l00000a50_goto_l00000a79: assume {:captureState "l00000a50_goto_l00000a79"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); goto l00000a79; - l00000a50_goto_l00000a7c: - assume {:captureState "l00000a50_goto_l00000a7c"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l00000a7c; - l00000a7f_goto_l00000a3e: - assume {:captureState "l00000a7f_goto_l00000a3e"} true; - assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); - goto l00000a3e; - l00000a7f_goto_l00000a8c: - assume {:captureState "l00000a7f_goto_l00000a8c"} true; - assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); - goto l00000a8c; + l00000a50: + assume {:captureState "l00000a50"} true; + R8, Gamma_R8 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 4bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 4bv64)); + #5, Gamma_#5 := bvadd32(R8[32:0], 4294967292bv32), Gamma_R8; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#5, 1bv32)), bvadd33(sign_extend1_32(R8[32:0]), 8589934589bv33))), (Gamma_R8 && Gamma_#5); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#5, 1bv32)), bvadd33(zero_extend1_32(R8[32:0]), 4294967293bv33))), (Gamma_R8 && Gamma_#5); + ZF, Gamma_ZF := bvcomp32(bvadd32(#5, 1bv32), 0bv32), Gamma_#5; + NF, Gamma_NF := bvadd32(#5, 1bv32)[32:31], Gamma_#5; + R8, Gamma_R8 := zero_extend32_32(bvadd32(#5, 1bv32)), Gamma_#5; + assert Gamma_ZF; + goto l00000a50_goto_l00000a7c, l00000a50_goto_l00000a79; + main_return: + assume {:captureState "main_return"} true; + return; } diff --git a/src/test/correct/switch/gcc/switch.expected b/src/test/correct/switch/gcc/switch.expected index 93a705102..90db08d2e 100644 --- a/src/test/correct/switch/gcc/switch.expected +++ b/src/test/correct/switch/gcc/switch.expected @@ -214,42 +214,12 @@ procedure main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; goto lmain_goto_l0000036b, lmain_goto_l00000339; - l0000036b: - assume {:captureState "l0000036b"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); - #5, Gamma_#5 := bvadd32(R0[32:0], 4294967292bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#5, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934589bv33))), (Gamma_R0 && Gamma_#5); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#5, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967293bv33))), (Gamma_R0 && Gamma_#5); - ZF, Gamma_ZF := bvcomp32(bvadd32(#5, 1bv32), 0bv32), Gamma_#5; - NF, Gamma_NF := bvadd32(#5, 1bv32)[32:31], Gamma_#5; - assert Gamma_ZF; - goto l0000036b_goto_l0000035c, l0000036b_goto_l00000391; - l0000035c: - assume {:captureState "l0000035c"} true; - R0, Gamma_R0 := 5bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R0); - assume {:captureState "%00000367"} true; - goto l0000034c; - l00000391: - assume {:captureState "l00000391"} true; - R0, Gamma_R0 := 3bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R0); - assume {:captureState "%0000039c"} true; - goto l00000339; l00000339: assume {:captureState "l00000339"} true; R0, Gamma_R0 := 1bv64, true; stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R0); assume {:captureState "%00000349"} true; goto l0000034c; - l0000034c: - assume {:captureState "l0000034c"} true; - R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; - return; - lmain_goto_l00000339: - assume {:captureState "lmain_goto_l00000339"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l00000339; lmain_goto_l0000036b: assume {:captureState "lmain_goto_l0000036b"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); @@ -258,8 +228,44 @@ procedure main() assume {:captureState "l0000036b_goto_l0000035c"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); goto l0000035c; + l00000391: + assume {:captureState "l00000391"} true; + R0, Gamma_R0 := 3bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R0); + assume {:captureState "%0000039c"} true; + goto l00000339; + l0000035c: + assume {:captureState "l0000035c"} true; + R0, Gamma_R0 := 5bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R0); + assume {:captureState "%00000367"} true; + goto l0000034c; + lmain_goto_l00000339: + assume {:captureState "lmain_goto_l00000339"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l00000339; l0000036b_goto_l00000391: assume {:captureState "l0000036b_goto_l00000391"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); goto l00000391; + l0000034c: + assume {:captureState "l0000034c"} true; + R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + l0000036b: + assume {:captureState "l0000036b"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); + #5, Gamma_#5 := bvadd32(R0[32:0], 4294967292bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#5, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934589bv33))), (Gamma_R0 && Gamma_#5); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#5, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967293bv33))), (Gamma_R0 && Gamma_#5); + ZF, Gamma_ZF := bvcomp32(bvadd32(#5, 1bv32), 0bv32), Gamma_#5; + NF, Gamma_NF := bvadd32(#5, 1bv32)[32:31], Gamma_#5; + assert Gamma_ZF; + goto l0000036b_goto_l0000035c, l0000036b_goto_l00000391; + main_return: + assume {:captureState "main_return"} true; + return; } diff --git a/src/test/correct/switch/gcc_O2/switch.expected b/src/test/correct/switch/gcc_O2/switch.expected index f96261171..ab6b5b132 100644 --- a/src/test/correct/switch/gcc_O2/switch.expected +++ b/src/test/correct/switch/gcc_O2/switch.expected @@ -153,5 +153,11 @@ procedure main() { lmain: assume {:captureState "lmain"} true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/switch/gcc_no_plt_no_pic/switch.expected b/src/test/correct/switch/gcc_no_plt_no_pic/switch.expected index 6e21b2c50..5046a0757 100644 --- a/src/test/correct/switch/gcc_no_plt_no_pic/switch.expected +++ b/src/test/correct/switch/gcc_no_plt_no_pic/switch.expected @@ -214,6 +214,22 @@ procedure main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; goto lmain_goto_l00000998, lmain_goto_l000009ca; + l000009ab: + assume {:captureState "l000009ab"} true; + R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + l00000998: + assume {:captureState "l00000998"} true; + R0, Gamma_R0 := 1bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R0); + assume {:captureState "%000009a8"} true; + goto l000009ab; + l000009bb: + assume {:captureState "l000009bb"} true; + R0, Gamma_R0 := 5bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R0); + assume {:captureState "%000009c6"} true; + goto l000009ab; l000009ca: assume {:captureState "l000009ca"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); @@ -224,28 +240,16 @@ procedure main() NF, Gamma_NF := bvadd32(#5, 1bv32)[32:31], Gamma_#5; assert Gamma_ZF; goto l000009ca_goto_l000009bb, l000009ca_goto_l000009f0; - l000009bb: - assume {:captureState "l000009bb"} true; - R0, Gamma_R0 := 5bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R0); - assume {:captureState "%000009c6"} true; - goto l000009ab; + l000009ca_goto_l000009f0: + assume {:captureState "l000009ca_goto_l000009f0"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); + goto l000009f0; l000009f0: assume {:captureState "l000009f0"} true; R0, Gamma_R0 := 3bv64, true; stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R0); assume {:captureState "%000009fb"} true; goto l00000998; - l00000998: - assume {:captureState "l00000998"} true; - R0, Gamma_R0 := 1bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R0); - assume {:captureState "%000009a8"} true; - goto l000009ab; - l000009ab: - assume {:captureState "l000009ab"} true; - R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; - return; lmain_goto_l00000998: assume {:captureState "lmain_goto_l00000998"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); @@ -254,12 +258,14 @@ procedure main() assume {:captureState "lmain_goto_l000009ca"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); goto l000009ca; + terminate: + assume {:captureState "terminate"} true; + goto terminate; l000009ca_goto_l000009bb: assume {:captureState "l000009ca_goto_l000009bb"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); goto l000009bb; - l000009ca_goto_l000009f0: - assume {:captureState "l000009ca_goto_l000009f0"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); - goto l000009f0; + main_return: + assume {:captureState "main_return"} true; + return; } diff --git a/src/test/correct/switch/gcc_pic/switch.expected b/src/test/correct/switch/gcc_pic/switch.expected index 6e21b2c50..5046a0757 100644 --- a/src/test/correct/switch/gcc_pic/switch.expected +++ b/src/test/correct/switch/gcc_pic/switch.expected @@ -214,6 +214,22 @@ procedure main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; goto lmain_goto_l00000998, lmain_goto_l000009ca; + l000009ab: + assume {:captureState "l000009ab"} true; + R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + l00000998: + assume {:captureState "l00000998"} true; + R0, Gamma_R0 := 1bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R0); + assume {:captureState "%000009a8"} true; + goto l000009ab; + l000009bb: + assume {:captureState "l000009bb"} true; + R0, Gamma_R0 := 5bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R0); + assume {:captureState "%000009c6"} true; + goto l000009ab; l000009ca: assume {:captureState "l000009ca"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); @@ -224,28 +240,16 @@ procedure main() NF, Gamma_NF := bvadd32(#5, 1bv32)[32:31], Gamma_#5; assert Gamma_ZF; goto l000009ca_goto_l000009bb, l000009ca_goto_l000009f0; - l000009bb: - assume {:captureState "l000009bb"} true; - R0, Gamma_R0 := 5bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R0); - assume {:captureState "%000009c6"} true; - goto l000009ab; + l000009ca_goto_l000009f0: + assume {:captureState "l000009ca_goto_l000009f0"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); + goto l000009f0; l000009f0: assume {:captureState "l000009f0"} true; R0, Gamma_R0 := 3bv64, true; stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R0); assume {:captureState "%000009fb"} true; goto l00000998; - l00000998: - assume {:captureState "l00000998"} true; - R0, Gamma_R0 := 1bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R0); - assume {:captureState "%000009a8"} true; - goto l000009ab; - l000009ab: - assume {:captureState "l000009ab"} true; - R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; - return; lmain_goto_l00000998: assume {:captureState "lmain_goto_l00000998"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); @@ -254,12 +258,14 @@ procedure main() assume {:captureState "lmain_goto_l000009ca"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); goto l000009ca; + terminate: + assume {:captureState "terminate"} true; + goto terminate; l000009ca_goto_l000009bb: assume {:captureState "l000009ca_goto_l000009bb"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); goto l000009bb; - l000009ca_goto_l000009f0: - assume {:captureState "l000009ca_goto_l000009f0"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); - goto l000009f0; + main_return: + assume {:captureState "main_return"} true; + return; } diff --git a/src/test/correct/switch2/clang_O2/switch2.expected b/src/test/correct/switch2/clang_O2/switch2.expected index 9083f1e41..4e38cac8c 100644 --- a/src/test/correct/switch2/clang_O2/switch2.expected +++ b/src/test/correct/switch2/clang_O2/switch2.expected @@ -153,5 +153,11 @@ procedure main() { lmain: assume {:captureState "lmain"} true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/switch2/gcc/switch2.expected b/src/test/correct/switch2/gcc/switch2.expected index 7443d262f..04e893fba 100644 --- a/src/test/correct/switch2/gcc/switch2.expected +++ b/src/test/correct/switch2/gcc/switch2.expected @@ -259,12 +259,86 @@ procedure main() NF, Gamma_NF := bvadd32(#5, 1bv32)[32:31], Gamma_#5; assert Gamma_ZF; goto lmain_goto_l000003d0, lmain_goto_l00000408; - l000003d0: - assume {:captureState "l000003d0"} true; - R0, Gamma_R0 := 4bv64, true; + lmain_goto_l000003d0: + assume {:captureState "lmain_goto_l000003d0"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l000003d0; + l000004e2_goto_l0000050a: + assume {:captureState "l000004e2_goto_l0000050a"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); + goto l0000050a; + l00000467_goto_l0000048f: + assume {:captureState "l00000467_goto_l0000048f"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); + goto l0000048f; + l0000050a: + assume {:captureState "l0000050a"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #11, Gamma_#11 := bvadd32(R0[32:0], 4294967294bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#11, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934591bv33))), (Gamma_R0 && Gamma_#11); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#11, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967295bv33))), (Gamma_R0 && Gamma_#11); + ZF, Gamma_ZF := bvcomp32(bvadd32(#11, 1bv32), 0bv32), Gamma_#11; + NF, Gamma_NF := bvadd32(#11, 1bv32)[32:31], Gamma_#11; + assert Gamma_ZF; + goto l0000050a_goto_l000004c4, l0000050a_goto_l00000530; + l000004c4: + assume {:captureState "l000004c4"} true; + R0, Gamma_R0 := 1bv64, true; stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 44bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 44bv64), Gamma_R0); - assume {:captureState "%000003e0"} true; + assume {:captureState "%000004cf"} true; + goto l000003f1; + l00000408_goto_l000003e2: + assume {:captureState "l00000408_goto_l000003e2"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); + goto l000003e2; + l000004e2_goto_l000003e2: + assume {:captureState "l000004e2_goto_l000003e2"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); + goto l000003e2; + lmain_goto_l00000408: + assume {:captureState "lmain_goto_l00000408"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l00000408; + l0000048f_goto_l000004b0: + assume {:captureState "l0000048f_goto_l000004b0"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l000004b0; + l00000467: + assume {:captureState "l00000467"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #8, Gamma_#8 := bvadd32(R0[32:0], 4294967291bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#8, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934588bv33))), (Gamma_R0 && Gamma_#8); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#8, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967292bv33))), (Gamma_R0 && Gamma_#8); + ZF, Gamma_ZF := bvcomp32(bvadd32(#8, 1bv32), 0bv32), Gamma_#8; + NF, Gamma_NF := bvadd32(#8, 1bv32)[32:31], Gamma_#8; + assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); + goto l00000467_goto_l000003e2, l00000467_goto_l0000048f; + l000004bc: + assume {:captureState "l000004bc"} true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 44bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 44bv64), Gamma_R0); + assume {:captureState "%000004c2"} true; + goto l000004c4; + l0000050a_goto_l000004c4: + assume {:captureState "l0000050a_goto_l000004c4"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l000004c4; + l000004b0: + assume {:captureState "l000004b0"} true; + R30, Gamma_R30 := 1944bv64, true; + call r(); + goto l000004bc; + l00000530_goto_l000004d5: + assume {:captureState "l00000530_goto_l000004d5"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l000004d5; + l00000467_goto_l000003e2: + assume {:captureState "l00000467_goto_l000003e2"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); goto l000003e2; + l00000430_goto_l00000467: + assume {:captureState "l00000430_goto_l00000467"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l00000467; l00000408: assume {:captureState "l00000408"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -275,6 +349,24 @@ procedure main() NF, Gamma_NF := bvadd32(#6, 1bv32)[32:31], Gamma_#6; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); goto l00000408_goto_l000003e2, l00000408_goto_l00000430; + l000003d0: + assume {:captureState "l000003d0"} true; + R0, Gamma_R0 := 4bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 44bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 44bv64), Gamma_R0); + assume {:captureState "%000003e0"} true; + goto l000003e2; + l000003f1: + assume {:captureState "l000003f1"} true; + R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); + R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); + R31, Gamma_R31 := bvadd64(R31, 48bv64), Gamma_R31; + goto main_return; + l000004d5: + assume {:captureState "l000004d5"} true; + R0, Gamma_R0 := 2bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 44bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 44bv64), Gamma_R0); + assume {:captureState "%000004e0"} true; + goto l00000451; l00000430: assume {:captureState "l00000430"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -285,61 +377,11 @@ procedure main() NF, Gamma_NF := bvadd32(#7, 1bv32)[32:31], Gamma_#7; assert Gamma_ZF; goto l00000430_goto_l00000451, l00000430_goto_l00000467; - l00000467: - assume {:captureState "l00000467"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #8, Gamma_#8 := bvadd32(R0[32:0], 4294967291bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#8, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934588bv33))), (Gamma_R0 && Gamma_#8); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#8, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967292bv33))), (Gamma_R0 && Gamma_#8); - ZF, Gamma_ZF := bvcomp32(bvadd32(#8, 1bv32), 0bv32), Gamma_#8; - NF, Gamma_NF := bvadd32(#8, 1bv32)[32:31], Gamma_#8; - assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l00000467_goto_l000003e2, l00000467_goto_l0000048f; - l0000048f: - assume {:captureState "l0000048f"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #9, Gamma_#9 := bvadd32(R0[32:0], 4294967292bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#9, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934589bv33))), (Gamma_R0 && Gamma_#9); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#9, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967293bv33))), (Gamma_R0 && Gamma_#9); - ZF, Gamma_ZF := bvcomp32(bvadd32(#9, 1bv32), 0bv32), Gamma_#9; - NF, Gamma_NF := bvadd32(#9, 1bv32)[32:31], Gamma_#9; - assert Gamma_ZF; - goto l0000048f_goto_l000004b0, l0000048f_goto_l000004e2; - l000004b0: - assume {:captureState "l000004b0"} true; - R30, Gamma_R30 := 1944bv64, true; - call r(); - goto l000004bc; - l000004bc: - assume {:captureState "l000004bc"} true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 44bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 44bv64), Gamma_R0); - assume {:captureState "%000004c2"} true; - goto l000004c4; - l000004e2: - assume {:captureState "l000004e2"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #10, Gamma_#10 := bvadd32(R0[32:0], 4294967292bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#10, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934589bv33))), (Gamma_R0 && Gamma_#10); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#10, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967293bv33))), (Gamma_R0 && Gamma_#10); - ZF, Gamma_ZF := bvcomp32(bvadd32(#10, 1bv32), 0bv32), Gamma_#10; - NF, Gamma_NF := bvadd32(#10, 1bv32)[32:31], Gamma_#10; - assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l000004e2_goto_l0000050a, l000004e2_goto_l000003e2; - l0000050a: - assume {:captureState "l0000050a"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #11, Gamma_#11 := bvadd32(R0[32:0], 4294967294bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#11, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934591bv33))), (Gamma_R0 && Gamma_#11); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#11, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967295bv33))), (Gamma_R0 && Gamma_#11); - ZF, Gamma_ZF := bvcomp32(bvadd32(#11, 1bv32), 0bv32), Gamma_#11; - NF, Gamma_NF := bvadd32(#11, 1bv32)[32:31], Gamma_#11; - assert Gamma_ZF; - goto l0000050a_goto_l000004c4, l0000050a_goto_l00000530; - l000004c4: - assume {:captureState "l000004c4"} true; - R0, Gamma_R0 := 1bv64, true; + l00000451: + assume {:captureState "l00000451"} true; + R0, Gamma_R0 := 3bv64, true; stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 44bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 44bv64), Gamma_R0); - assume {:captureState "%000004cf"} true; + assume {:captureState "%00000461"} true; goto l000003f1; l00000530: assume {:captureState "l00000530"} true; @@ -351,97 +393,61 @@ procedure main() NF, Gamma_NF := bvadd32(#12, 1bv32)[32:31], Gamma_#12; assert Gamma_ZF; goto l00000530_goto_l000004d5, l00000530_goto_l00000556; - l000004d5: - assume {:captureState "l000004d5"} true; - R0, Gamma_R0 := 2bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 44bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 44bv64), Gamma_R0); - assume {:captureState "%000004e0"} true; - goto l00000451; - l00000451: - assume {:captureState "l00000451"} true; - R0, Gamma_R0 := 3bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 44bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 44bv64), Gamma_R0); - assume {:captureState "%00000461"} true; - goto l000003f1; - l00000556: - assume {:captureState "l00000556"} true; - goto l000003e2; - l000003e2: - assume {:captureState "l000003e2"} true; - R0, Gamma_R0 := 5bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 44bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 44bv64), Gamma_R0); - assume {:captureState "%000003ed"} true; - goto l000003f1; - l000003f1: - assume {:captureState "l000003f1"} true; - R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); - R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); - R31, Gamma_R31 := bvadd64(R31, 48bv64), Gamma_R31; - return; - lmain_goto_l000003d0: - assume {:captureState "lmain_goto_l000003d0"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l000003d0; - lmain_goto_l00000408: - assume {:captureState "lmain_goto_l00000408"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l00000408; - l00000408_goto_l000003e2: - assume {:captureState "l00000408_goto_l000003e2"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); - goto l000003e2; - l00000408_goto_l00000430: - assume {:captureState "l00000408_goto_l00000430"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); - goto l00000430; - l00000430_goto_l00000451: - assume {:captureState "l00000430_goto_l00000451"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l00000451; - l00000430_goto_l00000467: - assume {:captureState "l00000430_goto_l00000467"} true; + l00000530_goto_l00000556: + assume {:captureState "l00000530_goto_l00000556"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l00000467; - l00000467_goto_l000003e2: - assume {:captureState "l00000467_goto_l000003e2"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); - goto l000003e2; - l00000467_goto_l0000048f: - assume {:captureState "l00000467_goto_l0000048f"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); - goto l0000048f; - l0000048f_goto_l000004b0: - assume {:captureState "l0000048f_goto_l000004b0"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l000004b0; + goto l00000556; l0000048f_goto_l000004e2: assume {:captureState "l0000048f_goto_l000004e2"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); goto l000004e2; - l000004e2_goto_l000003e2: - assume {:captureState "l000004e2_goto_l000003e2"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); - goto l000003e2; - l000004e2_goto_l0000050a: - assume {:captureState "l000004e2_goto_l0000050a"} true; + l00000408_goto_l00000430: + assume {:captureState "l00000408_goto_l00000430"} true; assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); - goto l0000050a; - l0000050a_goto_l000004c4: - assume {:captureState "l0000050a_goto_l000004c4"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l000004c4; + goto l00000430; l0000050a_goto_l00000530: assume {:captureState "l0000050a_goto_l00000530"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); goto l00000530; - l00000530_goto_l000004d5: - assume {:captureState "l00000530_goto_l000004d5"} true; + l00000556: + assume {:captureState "l00000556"} true; + goto l000003e2; + l00000430_goto_l00000451: + assume {:captureState "l00000430_goto_l00000451"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l000004d5; - l00000530_goto_l00000556: - assume {:captureState "l00000530_goto_l00000556"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l00000556; + goto l00000451; + l000003e2: + assume {:captureState "l000003e2"} true; + R0, Gamma_R0 := 5bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 44bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 44bv64), Gamma_R0); + assume {:captureState "%000003ed"} true; + goto l000003f1; + l0000048f: + assume {:captureState "l0000048f"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #9, Gamma_#9 := bvadd32(R0[32:0], 4294967292bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#9, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934589bv33))), (Gamma_R0 && Gamma_#9); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#9, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967293bv33))), (Gamma_R0 && Gamma_#9); + ZF, Gamma_ZF := bvcomp32(bvadd32(#9, 1bv32), 0bv32), Gamma_#9; + NF, Gamma_NF := bvadd32(#9, 1bv32)[32:31], Gamma_#9; + assert Gamma_ZF; + goto l0000048f_goto_l000004b0, l0000048f_goto_l000004e2; + l000004e2: + assume {:captureState "l000004e2"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #10, Gamma_#10 := bvadd32(R0[32:0], 4294967292bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#10, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934589bv33))), (Gamma_R0 && Gamma_#10); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#10, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967293bv33))), (Gamma_R0 && Gamma_#10); + ZF, Gamma_ZF := bvcomp32(bvadd32(#10, 1bv32), 0bv32), Gamma_#10; + NF, Gamma_NF := bvadd32(#10, 1bv32)[32:31], Gamma_#10; + assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); + goto l000004e2_goto_l0000050a, l000004e2_goto_l000003e2; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; + return; } procedure r() @@ -522,5 +528,11 @@ procedure r() lr: assume {:captureState "lr"} true; R0, Gamma_R0 := 1bv64, true; + goto r_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + r_return: + assume {:captureState "r_return"} true; return; } diff --git a/src/test/correct/switch2/gcc_O2/switch2.expected b/src/test/correct/switch2/gcc_O2/switch2.expected index 8dd64e5d7..086d15477 100644 --- a/src/test/correct/switch2/gcc_O2/switch2.expected +++ b/src/test/correct/switch2/gcc_O2/switch2.expected @@ -153,5 +153,11 @@ procedure main() { lmain: assume {:captureState "lmain"} true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/switch2/gcc_no_plt_no_pic/switch2.expected b/src/test/correct/switch2/gcc_no_plt_no_pic/switch2.expected index 21091a5b1..c9bcc5f08 100644 --- a/src/test/correct/switch2/gcc_no_plt_no_pic/switch2.expected +++ b/src/test/correct/switch2/gcc_no_plt_no_pic/switch2.expected @@ -259,72 +259,10 @@ procedure main() NF, Gamma_NF := bvadd32(#5, 1bv32)[32:31], Gamma_#5; assert Gamma_ZF; goto lmain_goto_l00000c2f, lmain_goto_l00000c67; - l00000c2f: - assume {:captureState "l00000c2f"} true; - R0, Gamma_R0 := 4bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 44bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 44bv64), Gamma_R0); - assume {:captureState "%00000c3f"} true; - goto l00000c41; - l00000c67: - assume {:captureState "l00000c67"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #6, Gamma_#6 := bvadd32(R0[32:0], 4294967290bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#6, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934587bv33))), (Gamma_R0 && Gamma_#6); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#6, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967291bv33))), (Gamma_R0 && Gamma_#6); - ZF, Gamma_ZF := bvcomp32(bvadd32(#6, 1bv32), 0bv32), Gamma_#6; - NF, Gamma_NF := bvadd32(#6, 1bv32)[32:31], Gamma_#6; - assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l00000c67_goto_l00000c41, l00000c67_goto_l00000c8f; - l00000c8f: - assume {:captureState "l00000c8f"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #7, Gamma_#7 := bvadd32(R0[32:0], 4294967291bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#7, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934588bv33))), (Gamma_R0 && Gamma_#7); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#7, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967292bv33))), (Gamma_R0 && Gamma_#7); - ZF, Gamma_ZF := bvcomp32(bvadd32(#7, 1bv32), 0bv32), Gamma_#7; - NF, Gamma_NF := bvadd32(#7, 1bv32)[32:31], Gamma_#7; - assert Gamma_ZF; - goto l00000c8f_goto_l00000cb0, l00000c8f_goto_l00000cc6; - l00000cc6: - assume {:captureState "l00000cc6"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #8, Gamma_#8 := bvadd32(R0[32:0], 4294967291bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#8, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934588bv33))), (Gamma_R0 && Gamma_#8); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#8, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967292bv33))), (Gamma_R0 && Gamma_#8); - ZF, Gamma_ZF := bvcomp32(bvadd32(#8, 1bv32), 0bv32), Gamma_#8; - NF, Gamma_NF := bvadd32(#8, 1bv32)[32:31], Gamma_#8; - assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l00000cc6_goto_l00000cee, l00000cc6_goto_l00000c41; - l00000cee: - assume {:captureState "l00000cee"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #9, Gamma_#9 := bvadd32(R0[32:0], 4294967292bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#9, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934589bv33))), (Gamma_R0 && Gamma_#9); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#9, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967293bv33))), (Gamma_R0 && Gamma_#9); - ZF, Gamma_ZF := bvcomp32(bvadd32(#9, 1bv32), 0bv32), Gamma_#9; - NF, Gamma_NF := bvadd32(#9, 1bv32)[32:31], Gamma_#9; - assert Gamma_ZF; - goto l00000cee_goto_l00000d41, l00000cee_goto_l00000d0f; - l00000d0f: - assume {:captureState "l00000d0f"} true; - R30, Gamma_R30 := 1944bv64, true; - call r(); - goto l00000d1b; - l00000d1b: - assume {:captureState "l00000d1b"} true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 44bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 44bv64), Gamma_R0); - assume {:captureState "%00000d21"} true; - goto l00000d23; - l00000d41: - assume {:captureState "l00000d41"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #10, Gamma_#10 := bvadd32(R0[32:0], 4294967292bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#10, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934589bv33))), (Gamma_R0 && Gamma_#10); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#10, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967293bv33))), (Gamma_R0 && Gamma_#10); - ZF, Gamma_ZF := bvcomp32(bvadd32(#10, 1bv32), 0bv32), Gamma_#10; - NF, Gamma_NF := bvadd32(#10, 1bv32)[32:31], Gamma_#10; - assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l00000d41_goto_l00000d69, l00000d41_goto_l00000c41; + l00000cee_goto_l00000d41: + assume {:captureState "l00000cee_goto_l00000d41"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l00000d41; l00000d69: assume {:captureState "l00000d69"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -335,113 +273,181 @@ procedure main() NF, Gamma_NF := bvadd32(#11, 1bv32)[32:31], Gamma_#11; assert Gamma_ZF; goto l00000d69_goto_l00000d8f, l00000d69_goto_l00000d23; + l00000c67: + assume {:captureState "l00000c67"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #6, Gamma_#6 := bvadd32(R0[32:0], 4294967290bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#6, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934587bv33))), (Gamma_R0 && Gamma_#6); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#6, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967291bv33))), (Gamma_R0 && Gamma_#6); + ZF, Gamma_ZF := bvcomp32(bvadd32(#6, 1bv32), 0bv32), Gamma_#6; + NF, Gamma_NF := bvadd32(#6, 1bv32)[32:31], Gamma_#6; + assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); + goto l00000c67_goto_l00000c41, l00000c67_goto_l00000c8f; l00000d23: assume {:captureState "l00000d23"} true; R0, Gamma_R0 := 1bv64, true; stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 44bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 44bv64), Gamma_R0); assume {:captureState "%00000d2e"} true; goto l00000c50; - l00000d8f: - assume {:captureState "l00000d8f"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #12, Gamma_#12 := bvadd32(R0[32:0], 4294967293bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#12, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934590bv33))), (Gamma_R0 && Gamma_#12); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#12, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967294bv33))), (Gamma_R0 && Gamma_#12); - ZF, Gamma_ZF := bvcomp32(bvadd32(#12, 1bv32), 0bv32), Gamma_#12; - NF, Gamma_NF := bvadd32(#12, 1bv32)[32:31], Gamma_#12; - assert Gamma_ZF; - goto l00000d8f_goto_l00000d34, l00000d8f_goto_l00000db5; - l00000d34: - assume {:captureState "l00000d34"} true; - R0, Gamma_R0 := 2bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 44bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 44bv64), Gamma_R0); - assume {:captureState "%00000d3f"} true; - goto l00000cb0; l00000cb0: assume {:captureState "l00000cb0"} true; R0, Gamma_R0 := 3bv64, true; stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 44bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 44bv64), Gamma_R0); assume {:captureState "%00000cc0"} true; goto l00000c50; + l00000c8f_goto_l00000cc6: + assume {:captureState "l00000c8f_goto_l00000cc6"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l00000cc6; + l00000d41_goto_l00000c41: + assume {:captureState "l00000d41_goto_l00000c41"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); + goto l00000c41; l00000db5: assume {:captureState "l00000db5"} true; goto l00000c41; - l00000c41: - assume {:captureState "l00000c41"} true; - R0, Gamma_R0 := 5bv64, true; + l00000d1b: + assume {:captureState "l00000d1b"} true; stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 44bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 44bv64), Gamma_R0); - assume {:captureState "%00000c4c"} true; - goto l00000c50; + assume {:captureState "%00000d21"} true; + goto l00000d23; + l00000d41_goto_l00000d69: + assume {:captureState "l00000d41_goto_l00000d69"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); + goto l00000d69; + l00000cc6_goto_l00000cee: + assume {:captureState "l00000cc6_goto_l00000cee"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); + goto l00000cee; + l00000cee: + assume {:captureState "l00000cee"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #9, Gamma_#9 := bvadd32(R0[32:0], 4294967292bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#9, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934589bv33))), (Gamma_R0 && Gamma_#9); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#9, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967293bv33))), (Gamma_R0 && Gamma_#9); + ZF, Gamma_ZF := bvcomp32(bvadd32(#9, 1bv32), 0bv32), Gamma_#9; + NF, Gamma_NF := bvadd32(#9, 1bv32)[32:31], Gamma_#9; + assert Gamma_ZF; + goto l00000cee_goto_l00000d41, l00000cee_goto_l00000d0f; + l00000d69_goto_l00000d8f: + assume {:captureState "l00000d69_goto_l00000d8f"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l00000d8f; l00000c50: assume {:captureState "l00000c50"} true; R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 48bv64), Gamma_R31; - return; - lmain_goto_l00000c2f: - assume {:captureState "lmain_goto_l00000c2f"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l00000c2f; - lmain_goto_l00000c67: - assume {:captureState "lmain_goto_l00000c67"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l00000c67; + goto main_return; l00000c67_goto_l00000c41: assume {:captureState "l00000c67_goto_l00000c41"} true; assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); goto l00000c41; - l00000c67_goto_l00000c8f: - assume {:captureState "l00000c67_goto_l00000c8f"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); - goto l00000c8f; - l00000c8f_goto_l00000cb0: - assume {:captureState "l00000c8f_goto_l00000cb0"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l00000cb0; - l00000c8f_goto_l00000cc6: - assume {:captureState "l00000c8f_goto_l00000cc6"} true; + l00000d8f_goto_l00000db5: + assume {:captureState "l00000d8f_goto_l00000db5"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l00000cc6; + goto l00000db5; l00000cc6_goto_l00000c41: assume {:captureState "l00000cc6_goto_l00000c41"} true; assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); goto l00000c41; - l00000cc6_goto_l00000cee: - assume {:captureState "l00000cc6_goto_l00000cee"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); - goto l00000cee; - l00000cee_goto_l00000d0f: - assume {:captureState "l00000cee_goto_l00000d0f"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l00000d0f; - l00000cee_goto_l00000d41: - assume {:captureState "l00000cee_goto_l00000d41"} true; + lmain_goto_l00000c67: + assume {:captureState "lmain_goto_l00000c67"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l00000d41; - l00000d41_goto_l00000c41: - assume {:captureState "l00000d41_goto_l00000c41"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); - goto l00000c41; - l00000d41_goto_l00000d69: - assume {:captureState "l00000d41_goto_l00000d69"} true; + goto l00000c67; + l00000d34: + assume {:captureState "l00000d34"} true; + R0, Gamma_R0 := 2bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 44bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 44bv64), Gamma_R0); + assume {:captureState "%00000d3f"} true; + goto l00000cb0; + l00000d8f: + assume {:captureState "l00000d8f"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #12, Gamma_#12 := bvadd32(R0[32:0], 4294967293bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#12, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934590bv33))), (Gamma_R0 && Gamma_#12); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#12, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967294bv33))), (Gamma_R0 && Gamma_#12); + ZF, Gamma_ZF := bvcomp32(bvadd32(#12, 1bv32), 0bv32), Gamma_#12; + NF, Gamma_NF := bvadd32(#12, 1bv32)[32:31], Gamma_#12; + assert Gamma_ZF; + goto l00000d8f_goto_l00000d34, l00000d8f_goto_l00000db5; + l00000c8f: + assume {:captureState "l00000c8f"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #7, Gamma_#7 := bvadd32(R0[32:0], 4294967291bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#7, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934588bv33))), (Gamma_R0 && Gamma_#7); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#7, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967292bv33))), (Gamma_R0 && Gamma_#7); + ZF, Gamma_ZF := bvcomp32(bvadd32(#7, 1bv32), 0bv32), Gamma_#7; + NF, Gamma_NF := bvadd32(#7, 1bv32)[32:31], Gamma_#7; + assert Gamma_ZF; + goto l00000c8f_goto_l00000cb0, l00000c8f_goto_l00000cc6; + lmain_goto_l00000c2f: + assume {:captureState "lmain_goto_l00000c2f"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l00000c2f; + l00000c67_goto_l00000c8f: + assume {:captureState "l00000c67_goto_l00000c8f"} true; assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); - goto l00000d69; + goto l00000c8f; + l00000d0f: + assume {:captureState "l00000d0f"} true; + R30, Gamma_R30 := 1944bv64, true; + call r(); + goto l00000d1b; + l00000cc6: + assume {:captureState "l00000cc6"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #8, Gamma_#8 := bvadd32(R0[32:0], 4294967291bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#8, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934588bv33))), (Gamma_R0 && Gamma_#8); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#8, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967292bv33))), (Gamma_R0 && Gamma_#8); + ZF, Gamma_ZF := bvcomp32(bvadd32(#8, 1bv32), 0bv32), Gamma_#8; + NF, Gamma_NF := bvadd32(#8, 1bv32)[32:31], Gamma_#8; + assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); + goto l00000cc6_goto_l00000cee, l00000cc6_goto_l00000c41; + l00000c2f: + assume {:captureState "l00000c2f"} true; + R0, Gamma_R0 := 4bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 44bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 44bv64), Gamma_R0); + assume {:captureState "%00000c3f"} true; + goto l00000c41; l00000d69_goto_l00000d23: assume {:captureState "l00000d69_goto_l00000d23"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); goto l00000d23; - l00000d69_goto_l00000d8f: - assume {:captureState "l00000d69_goto_l00000d8f"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l00000d8f; + l00000c8f_goto_l00000cb0: + assume {:captureState "l00000c8f_goto_l00000cb0"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l00000cb0; l00000d8f_goto_l00000d34: assume {:captureState "l00000d8f_goto_l00000d34"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); goto l00000d34; - l00000d8f_goto_l00000db5: - assume {:captureState "l00000d8f_goto_l00000db5"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l00000db5; + l00000c41: + assume {:captureState "l00000c41"} true; + R0, Gamma_R0 := 5bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 44bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 44bv64), Gamma_R0); + assume {:captureState "%00000c4c"} true; + goto l00000c50; + l00000d41: + assume {:captureState "l00000d41"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #10, Gamma_#10 := bvadd32(R0[32:0], 4294967292bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#10, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934589bv33))), (Gamma_R0 && Gamma_#10); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#10, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967293bv33))), (Gamma_R0 && Gamma_#10); + ZF, Gamma_ZF := bvcomp32(bvadd32(#10, 1bv32), 0bv32), Gamma_#10; + NF, Gamma_NF := bvadd32(#10, 1bv32)[32:31], Gamma_#10; + assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); + goto l00000d41_goto_l00000d69, l00000d41_goto_l00000c41; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + l00000cee_goto_l00000d0f: + assume {:captureState "l00000cee_goto_l00000d0f"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l00000d0f; + main_return: + assume {:captureState "main_return"} true; + return; } procedure r() @@ -522,5 +528,11 @@ procedure r() lr: assume {:captureState "lr"} true; R0, Gamma_R0 := 1bv64, true; + goto r_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + r_return: + assume {:captureState "r_return"} true; return; } diff --git a/src/test/correct/switch2/gcc_pic/switch2.expected b/src/test/correct/switch2/gcc_pic/switch2.expected index 21091a5b1..c9bcc5f08 100644 --- a/src/test/correct/switch2/gcc_pic/switch2.expected +++ b/src/test/correct/switch2/gcc_pic/switch2.expected @@ -259,72 +259,10 @@ procedure main() NF, Gamma_NF := bvadd32(#5, 1bv32)[32:31], Gamma_#5; assert Gamma_ZF; goto lmain_goto_l00000c2f, lmain_goto_l00000c67; - l00000c2f: - assume {:captureState "l00000c2f"} true; - R0, Gamma_R0 := 4bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 44bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 44bv64), Gamma_R0); - assume {:captureState "%00000c3f"} true; - goto l00000c41; - l00000c67: - assume {:captureState "l00000c67"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #6, Gamma_#6 := bvadd32(R0[32:0], 4294967290bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#6, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934587bv33))), (Gamma_R0 && Gamma_#6); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#6, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967291bv33))), (Gamma_R0 && Gamma_#6); - ZF, Gamma_ZF := bvcomp32(bvadd32(#6, 1bv32), 0bv32), Gamma_#6; - NF, Gamma_NF := bvadd32(#6, 1bv32)[32:31], Gamma_#6; - assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l00000c67_goto_l00000c41, l00000c67_goto_l00000c8f; - l00000c8f: - assume {:captureState "l00000c8f"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #7, Gamma_#7 := bvadd32(R0[32:0], 4294967291bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#7, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934588bv33))), (Gamma_R0 && Gamma_#7); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#7, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967292bv33))), (Gamma_R0 && Gamma_#7); - ZF, Gamma_ZF := bvcomp32(bvadd32(#7, 1bv32), 0bv32), Gamma_#7; - NF, Gamma_NF := bvadd32(#7, 1bv32)[32:31], Gamma_#7; - assert Gamma_ZF; - goto l00000c8f_goto_l00000cb0, l00000c8f_goto_l00000cc6; - l00000cc6: - assume {:captureState "l00000cc6"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #8, Gamma_#8 := bvadd32(R0[32:0], 4294967291bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#8, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934588bv33))), (Gamma_R0 && Gamma_#8); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#8, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967292bv33))), (Gamma_R0 && Gamma_#8); - ZF, Gamma_ZF := bvcomp32(bvadd32(#8, 1bv32), 0bv32), Gamma_#8; - NF, Gamma_NF := bvadd32(#8, 1bv32)[32:31], Gamma_#8; - assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l00000cc6_goto_l00000cee, l00000cc6_goto_l00000c41; - l00000cee: - assume {:captureState "l00000cee"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #9, Gamma_#9 := bvadd32(R0[32:0], 4294967292bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#9, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934589bv33))), (Gamma_R0 && Gamma_#9); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#9, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967293bv33))), (Gamma_R0 && Gamma_#9); - ZF, Gamma_ZF := bvcomp32(bvadd32(#9, 1bv32), 0bv32), Gamma_#9; - NF, Gamma_NF := bvadd32(#9, 1bv32)[32:31], Gamma_#9; - assert Gamma_ZF; - goto l00000cee_goto_l00000d41, l00000cee_goto_l00000d0f; - l00000d0f: - assume {:captureState "l00000d0f"} true; - R30, Gamma_R30 := 1944bv64, true; - call r(); - goto l00000d1b; - l00000d1b: - assume {:captureState "l00000d1b"} true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 44bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 44bv64), Gamma_R0); - assume {:captureState "%00000d21"} true; - goto l00000d23; - l00000d41: - assume {:captureState "l00000d41"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #10, Gamma_#10 := bvadd32(R0[32:0], 4294967292bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#10, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934589bv33))), (Gamma_R0 && Gamma_#10); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#10, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967293bv33))), (Gamma_R0 && Gamma_#10); - ZF, Gamma_ZF := bvcomp32(bvadd32(#10, 1bv32), 0bv32), Gamma_#10; - NF, Gamma_NF := bvadd32(#10, 1bv32)[32:31], Gamma_#10; - assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l00000d41_goto_l00000d69, l00000d41_goto_l00000c41; + l00000cee_goto_l00000d41: + assume {:captureState "l00000cee_goto_l00000d41"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l00000d41; l00000d69: assume {:captureState "l00000d69"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -335,113 +273,181 @@ procedure main() NF, Gamma_NF := bvadd32(#11, 1bv32)[32:31], Gamma_#11; assert Gamma_ZF; goto l00000d69_goto_l00000d8f, l00000d69_goto_l00000d23; + l00000c67: + assume {:captureState "l00000c67"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #6, Gamma_#6 := bvadd32(R0[32:0], 4294967290bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#6, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934587bv33))), (Gamma_R0 && Gamma_#6); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#6, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967291bv33))), (Gamma_R0 && Gamma_#6); + ZF, Gamma_ZF := bvcomp32(bvadd32(#6, 1bv32), 0bv32), Gamma_#6; + NF, Gamma_NF := bvadd32(#6, 1bv32)[32:31], Gamma_#6; + assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); + goto l00000c67_goto_l00000c41, l00000c67_goto_l00000c8f; l00000d23: assume {:captureState "l00000d23"} true; R0, Gamma_R0 := 1bv64, true; stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 44bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 44bv64), Gamma_R0); assume {:captureState "%00000d2e"} true; goto l00000c50; - l00000d8f: - assume {:captureState "l00000d8f"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #12, Gamma_#12 := bvadd32(R0[32:0], 4294967293bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#12, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934590bv33))), (Gamma_R0 && Gamma_#12); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#12, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967294bv33))), (Gamma_R0 && Gamma_#12); - ZF, Gamma_ZF := bvcomp32(bvadd32(#12, 1bv32), 0bv32), Gamma_#12; - NF, Gamma_NF := bvadd32(#12, 1bv32)[32:31], Gamma_#12; - assert Gamma_ZF; - goto l00000d8f_goto_l00000d34, l00000d8f_goto_l00000db5; - l00000d34: - assume {:captureState "l00000d34"} true; - R0, Gamma_R0 := 2bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 44bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 44bv64), Gamma_R0); - assume {:captureState "%00000d3f"} true; - goto l00000cb0; l00000cb0: assume {:captureState "l00000cb0"} true; R0, Gamma_R0 := 3bv64, true; stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 44bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 44bv64), Gamma_R0); assume {:captureState "%00000cc0"} true; goto l00000c50; + l00000c8f_goto_l00000cc6: + assume {:captureState "l00000c8f_goto_l00000cc6"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l00000cc6; + l00000d41_goto_l00000c41: + assume {:captureState "l00000d41_goto_l00000c41"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); + goto l00000c41; l00000db5: assume {:captureState "l00000db5"} true; goto l00000c41; - l00000c41: - assume {:captureState "l00000c41"} true; - R0, Gamma_R0 := 5bv64, true; + l00000d1b: + assume {:captureState "l00000d1b"} true; stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 44bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 44bv64), Gamma_R0); - assume {:captureState "%00000c4c"} true; - goto l00000c50; + assume {:captureState "%00000d21"} true; + goto l00000d23; + l00000d41_goto_l00000d69: + assume {:captureState "l00000d41_goto_l00000d69"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); + goto l00000d69; + l00000cc6_goto_l00000cee: + assume {:captureState "l00000cc6_goto_l00000cee"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); + goto l00000cee; + l00000cee: + assume {:captureState "l00000cee"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #9, Gamma_#9 := bvadd32(R0[32:0], 4294967292bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#9, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934589bv33))), (Gamma_R0 && Gamma_#9); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#9, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967293bv33))), (Gamma_R0 && Gamma_#9); + ZF, Gamma_ZF := bvcomp32(bvadd32(#9, 1bv32), 0bv32), Gamma_#9; + NF, Gamma_NF := bvadd32(#9, 1bv32)[32:31], Gamma_#9; + assert Gamma_ZF; + goto l00000cee_goto_l00000d41, l00000cee_goto_l00000d0f; + l00000d69_goto_l00000d8f: + assume {:captureState "l00000d69_goto_l00000d8f"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l00000d8f; l00000c50: assume {:captureState "l00000c50"} true; R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 48bv64), Gamma_R31; - return; - lmain_goto_l00000c2f: - assume {:captureState "lmain_goto_l00000c2f"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l00000c2f; - lmain_goto_l00000c67: - assume {:captureState "lmain_goto_l00000c67"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l00000c67; + goto main_return; l00000c67_goto_l00000c41: assume {:captureState "l00000c67_goto_l00000c41"} true; assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); goto l00000c41; - l00000c67_goto_l00000c8f: - assume {:captureState "l00000c67_goto_l00000c8f"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); - goto l00000c8f; - l00000c8f_goto_l00000cb0: - assume {:captureState "l00000c8f_goto_l00000cb0"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l00000cb0; - l00000c8f_goto_l00000cc6: - assume {:captureState "l00000c8f_goto_l00000cc6"} true; + l00000d8f_goto_l00000db5: + assume {:captureState "l00000d8f_goto_l00000db5"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l00000cc6; + goto l00000db5; l00000cc6_goto_l00000c41: assume {:captureState "l00000cc6_goto_l00000c41"} true; assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); goto l00000c41; - l00000cc6_goto_l00000cee: - assume {:captureState "l00000cc6_goto_l00000cee"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); - goto l00000cee; - l00000cee_goto_l00000d0f: - assume {:captureState "l00000cee_goto_l00000d0f"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l00000d0f; - l00000cee_goto_l00000d41: - assume {:captureState "l00000cee_goto_l00000d41"} true; + lmain_goto_l00000c67: + assume {:captureState "lmain_goto_l00000c67"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l00000d41; - l00000d41_goto_l00000c41: - assume {:captureState "l00000d41_goto_l00000c41"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); - goto l00000c41; - l00000d41_goto_l00000d69: - assume {:captureState "l00000d41_goto_l00000d69"} true; + goto l00000c67; + l00000d34: + assume {:captureState "l00000d34"} true; + R0, Gamma_R0 := 2bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 44bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 44bv64), Gamma_R0); + assume {:captureState "%00000d3f"} true; + goto l00000cb0; + l00000d8f: + assume {:captureState "l00000d8f"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #12, Gamma_#12 := bvadd32(R0[32:0], 4294967293bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#12, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934590bv33))), (Gamma_R0 && Gamma_#12); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#12, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967294bv33))), (Gamma_R0 && Gamma_#12); + ZF, Gamma_ZF := bvcomp32(bvadd32(#12, 1bv32), 0bv32), Gamma_#12; + NF, Gamma_NF := bvadd32(#12, 1bv32)[32:31], Gamma_#12; + assert Gamma_ZF; + goto l00000d8f_goto_l00000d34, l00000d8f_goto_l00000db5; + l00000c8f: + assume {:captureState "l00000c8f"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #7, Gamma_#7 := bvadd32(R0[32:0], 4294967291bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#7, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934588bv33))), (Gamma_R0 && Gamma_#7); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#7, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967292bv33))), (Gamma_R0 && Gamma_#7); + ZF, Gamma_ZF := bvcomp32(bvadd32(#7, 1bv32), 0bv32), Gamma_#7; + NF, Gamma_NF := bvadd32(#7, 1bv32)[32:31], Gamma_#7; + assert Gamma_ZF; + goto l00000c8f_goto_l00000cb0, l00000c8f_goto_l00000cc6; + lmain_goto_l00000c2f: + assume {:captureState "lmain_goto_l00000c2f"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l00000c2f; + l00000c67_goto_l00000c8f: + assume {:captureState "l00000c67_goto_l00000c8f"} true; assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); - goto l00000d69; + goto l00000c8f; + l00000d0f: + assume {:captureState "l00000d0f"} true; + R30, Gamma_R30 := 1944bv64, true; + call r(); + goto l00000d1b; + l00000cc6: + assume {:captureState "l00000cc6"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #8, Gamma_#8 := bvadd32(R0[32:0], 4294967291bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#8, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934588bv33))), (Gamma_R0 && Gamma_#8); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#8, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967292bv33))), (Gamma_R0 && Gamma_#8); + ZF, Gamma_ZF := bvcomp32(bvadd32(#8, 1bv32), 0bv32), Gamma_#8; + NF, Gamma_NF := bvadd32(#8, 1bv32)[32:31], Gamma_#8; + assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); + goto l00000cc6_goto_l00000cee, l00000cc6_goto_l00000c41; + l00000c2f: + assume {:captureState "l00000c2f"} true; + R0, Gamma_R0 := 4bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 44bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 44bv64), Gamma_R0); + assume {:captureState "%00000c3f"} true; + goto l00000c41; l00000d69_goto_l00000d23: assume {:captureState "l00000d69_goto_l00000d23"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); goto l00000d23; - l00000d69_goto_l00000d8f: - assume {:captureState "l00000d69_goto_l00000d8f"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l00000d8f; + l00000c8f_goto_l00000cb0: + assume {:captureState "l00000c8f_goto_l00000cb0"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l00000cb0; l00000d8f_goto_l00000d34: assume {:captureState "l00000d8f_goto_l00000d34"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); goto l00000d34; - l00000d8f_goto_l00000db5: - assume {:captureState "l00000d8f_goto_l00000db5"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l00000db5; + l00000c41: + assume {:captureState "l00000c41"} true; + R0, Gamma_R0 := 5bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 44bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 44bv64), Gamma_R0); + assume {:captureState "%00000c4c"} true; + goto l00000c50; + l00000d41: + assume {:captureState "l00000d41"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #10, Gamma_#10 := bvadd32(R0[32:0], 4294967292bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#10, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934589bv33))), (Gamma_R0 && Gamma_#10); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#10, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967293bv33))), (Gamma_R0 && Gamma_#10); + ZF, Gamma_ZF := bvcomp32(bvadd32(#10, 1bv32), 0bv32), Gamma_#10; + NF, Gamma_NF := bvadd32(#10, 1bv32)[32:31], Gamma_#10; + assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); + goto l00000d41_goto_l00000d69, l00000d41_goto_l00000c41; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + l00000cee_goto_l00000d0f: + assume {:captureState "l00000cee_goto_l00000d0f"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l00000d0f; + main_return: + assume {:captureState "main_return"} true; + return; } procedure r() @@ -522,5 +528,11 @@ procedure r() lr: assume {:captureState "lr"} true; R0, Gamma_R0 := 1bv64, true; + goto r_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + r_return: + assume {:captureState "r_return"} true; return; } diff --git a/src/test/correct/syscall/clang/syscall.expected b/src/test/correct/syscall/clang/syscall.expected index 5c23cb30f..5c7254c56 100644 --- a/src/test/correct/syscall/clang/syscall.expected +++ b/src/test/correct/syscall/clang/syscall.expected @@ -312,5 +312,11 @@ procedure main() R29, Gamma_R29 := memory_load64_le(stack, #5), gamma_load64(Gamma_stack, #5); R30, Gamma_R30 := memory_load64_le(stack, bvadd64(#5, 8bv64)), gamma_load64(Gamma_stack, bvadd64(#5, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 48bv64), Gamma_R31; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/syscall/clang_no_plt_no_pic/syscall.expected b/src/test/correct/syscall/clang_no_plt_no_pic/syscall.expected index d0efb46c8..843793310 100644 --- a/src/test/correct/syscall/clang_no_plt_no_pic/syscall.expected +++ b/src/test/correct/syscall/clang_no_plt_no_pic/syscall.expected @@ -303,6 +303,9 @@ procedure main() R30, Gamma_R30 := 1904bv64, true; call fork(); goto l0000092f; + terminate: + assume {:captureState "terminate"} true; + goto terminate; l0000092f: assume {:captureState "l0000092f"} true; stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R0); @@ -312,5 +315,8 @@ procedure main() R29, Gamma_R29 := memory_load64_le(stack, #5), gamma_load64(Gamma_stack, #5); R30, Gamma_R30 := memory_load64_le(stack, bvadd64(#5, 8bv64)), gamma_load64(Gamma_stack, bvadd64(#5, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 48bv64), Gamma_R31; + goto main_return; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/syscall/clang_pic/syscall.expected b/src/test/correct/syscall/clang_pic/syscall.expected index d0efb46c8..843793310 100644 --- a/src/test/correct/syscall/clang_pic/syscall.expected +++ b/src/test/correct/syscall/clang_pic/syscall.expected @@ -303,6 +303,9 @@ procedure main() R30, Gamma_R30 := 1904bv64, true; call fork(); goto l0000092f; + terminate: + assume {:captureState "terminate"} true; + goto terminate; l0000092f: assume {:captureState "l0000092f"} true; stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R0); @@ -312,5 +315,8 @@ procedure main() R29, Gamma_R29 := memory_load64_le(stack, #5), gamma_load64(Gamma_stack, #5); R30, Gamma_R30 := memory_load64_le(stack, bvadd64(#5, 8bv64)), gamma_load64(Gamma_stack, bvadd64(#5, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 48bv64), Gamma_R31; + goto main_return; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/syscall/gcc/syscall.expected b/src/test/correct/syscall/gcc/syscall.expected index d10405962..c1dec7db8 100644 --- a/src/test/correct/syscall/gcc/syscall.expected +++ b/src/test/correct/syscall/gcc/syscall.expected @@ -307,5 +307,11 @@ procedure main() R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 48bv64), Gamma_R31; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/syscall/gcc_O2/syscall.expected b/src/test/correct/syscall/gcc_O2/syscall.expected index 757903692..eadfc987d 100644 --- a/src/test/correct/syscall/gcc_O2/syscall.expected +++ b/src/test/correct/syscall/gcc_O2/syscall.expected @@ -1,8 +1,4 @@ -var {:extern} Gamma_R16: bool; -var {:extern} Gamma_R17: bool; var {:extern} Gamma_mem: [bv64]bool; -var {:extern} R16: bv64; -var {:extern} R17: bv64; var {:extern} mem: [bv64]bv8; const {:extern} $_IO_stdin_used_addr: bv64; axiom ($_IO_stdin_used_addr == 1960bv64); @@ -66,7 +62,6 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure fork(); - modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 69632bv64) == 0bv8); free requires (memory_load8_le(mem, 69633bv64) == 0bv8); free requires (memory_load8_le(mem, 69634bv64) == 0bv8); diff --git a/src/test/correct/syscall/gcc_no_plt_no_pic/syscall.expected b/src/test/correct/syscall/gcc_no_plt_no_pic/syscall.expected index 712177c54..5673667e0 100644 --- a/src/test/correct/syscall/gcc_no_plt_no_pic/syscall.expected +++ b/src/test/correct/syscall/gcc_no_plt_no_pic/syscall.expected @@ -307,5 +307,11 @@ procedure main() R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 48bv64), Gamma_R31; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/syscall/gcc_pic/syscall.expected b/src/test/correct/syscall/gcc_pic/syscall.expected index 712177c54..5673667e0 100644 --- a/src/test/correct/syscall/gcc_pic/syscall.expected +++ b/src/test/correct/syscall/gcc_pic/syscall.expected @@ -307,5 +307,11 @@ procedure main() R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 48bv64), Gamma_R31; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/using_gamma_conditional/clang/using_gamma_conditional.expected b/src/test/correct/using_gamma_conditional/clang/using_gamma_conditional.expected index a89fe9994..c57b20c59 100644 --- a/src/test/correct/using_gamma_conditional/clang/using_gamma_conditional.expected +++ b/src/test/correct/using_gamma_conditional/clang/using_gamma_conditional.expected @@ -226,51 +226,57 @@ procedure main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; goto lmain_goto_l00000325, lmain_goto_l00000322; - l00000325: - assume {:captureState "l00000325"} true; + l00000330: + assume {:captureState "l00000330"} true; R8, Gamma_R8 := 1bv64, true; - goto l00000328; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R8); + assume {:captureState "%00000340"} true; + goto l00000343; + lmain_goto_l00000325: + assume {:captureState "lmain_goto_l00000325"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); + goto l00000325; l00000322: assume {:captureState "l00000322"} true; R8, Gamma_R8 := 0bv64, true; goto l00000328; + l00000343: + assume {:captureState "l00000343"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); + R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + l00000328_goto_l00000358: + assume {:captureState "l00000328_goto_l00000358"} true; + assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); + goto l00000358; l00000328: assume {:captureState "l00000328"} true; assert Gamma_R8; goto l00000328_goto_l00000330, l00000328_goto_l00000358; - l00000330: - assume {:captureState "l00000330"} true; - R8, Gamma_R8 := 1bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R8); - assume {:captureState "%00000340"} true; - goto l00000343; - l00000358: - assume {:captureState "l00000358"} true; - goto l00000359; + l00000328_goto_l00000330: + assume {:captureState "l00000328_goto_l00000330"} true; + assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); + goto l00000330; + lmain_goto_l00000322: + assume {:captureState "lmain_goto_l00000322"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); + goto l00000322; l00000359: assume {:captureState "l00000359"} true; stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), 0bv32), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), true); assume {:captureState "%00000361"} true; goto l00000343; - l00000343: - assume {:captureState "l00000343"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); - R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + l00000325: + assume {:captureState "l00000325"} true; + R8, Gamma_R8 := 1bv64, true; + goto l00000328; + l00000358: + assume {:captureState "l00000358"} true; + goto l00000359; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; - lmain_goto_l00000322: - assume {:captureState "lmain_goto_l00000322"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); - goto l00000322; - lmain_goto_l00000325: - assume {:captureState "lmain_goto_l00000325"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); - goto l00000325; - l00000328_goto_l00000330: - assume {:captureState "l00000328_goto_l00000330"} true; - assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); - goto l00000330; - l00000328_goto_l00000358: - assume {:captureState "l00000328_goto_l00000358"} true; - assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); - goto l00000358; } diff --git a/src/test/correct/using_gamma_conditional/clang_O2/using_gamma_conditional.expected b/src/test/correct/using_gamma_conditional/clang_O2/using_gamma_conditional.expected index 3b7e9dc9d..8debcd3da 100644 --- a/src/test/correct/using_gamma_conditional/clang_O2/using_gamma_conditional.expected +++ b/src/test/correct/using_gamma_conditional/clang_O2/using_gamma_conditional.expected @@ -212,13 +212,6 @@ procedure main() assume {:captureState "l000002e8"} true; R0, Gamma_R0 := 1bv64, true; goto l000002eb; - l000002e5: - assume {:captureState "l000002e5"} true; - R0, Gamma_R0 := 0bv64, true; - goto l000002eb; - l000002eb: - assume {:captureState "l000002eb"} true; - return; lmain_goto_l000002e5: assume {:captureState "lmain_goto_l000002e5"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); @@ -227,4 +220,17 @@ procedure main() assume {:captureState "lmain_goto_l000002e8"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); goto l000002e8; + l000002e5: + assume {:captureState "l000002e5"} true; + R0, Gamma_R0 := 0bv64, true; + goto l000002eb; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + l000002eb: + assume {:captureState "l000002eb"} true; + goto main_return; + main_return: + assume {:captureState "main_return"} true; + return; } diff --git a/src/test/correct/using_gamma_conditional/clang_no_plt_no_pic/using_gamma_conditional.expected b/src/test/correct/using_gamma_conditional/clang_no_plt_no_pic/using_gamma_conditional.expected index 47e86bf5c..455b6e7bd 100644 --- a/src/test/correct/using_gamma_conditional/clang_no_plt_no_pic/using_gamma_conditional.expected +++ b/src/test/correct/using_gamma_conditional/clang_no_plt_no_pic/using_gamma_conditional.expected @@ -226,51 +226,57 @@ procedure main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; goto lmain_goto_l0000093d, lmain_goto_l00000940; - l00000940: - assume {:captureState "l00000940"} true; - R8, Gamma_R8 := 1bv64, true; - goto l00000943; l0000093d: assume {:captureState "l0000093d"} true; R8, Gamma_R8 := 0bv64, true; goto l00000943; - l00000943: - assume {:captureState "l00000943"} true; - assert Gamma_R8; - goto l00000943_goto_l00000973, l00000943_goto_l0000094b; + l0000095e: + assume {:captureState "l0000095e"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); + R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; l0000094b: assume {:captureState "l0000094b"} true; R8, Gamma_R8 := 1bv64, true; stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R8); assume {:captureState "%0000095b"} true; goto l0000095e; - l00000973: - assume {:captureState "l00000973"} true; - goto l00000974; + l00000943_goto_l0000094b: + assume {:captureState "l00000943_goto_l0000094b"} true; + assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); + goto l0000094b; + l00000943: + assume {:captureState "l00000943"} true; + assert Gamma_R8; + goto l00000943_goto_l00000973, l00000943_goto_l0000094b; + l00000943_goto_l00000973: + assume {:captureState "l00000943_goto_l00000973"} true; + assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); + goto l00000973; l00000974: assume {:captureState "l00000974"} true; stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), 0bv32), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), true); assume {:captureState "%0000097c"} true; goto l0000095e; - l0000095e: - assume {:captureState "l0000095e"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); - R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; - return; - lmain_goto_l0000093d: - assume {:captureState "lmain_goto_l0000093d"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); - goto l0000093d; lmain_goto_l00000940: assume {:captureState "lmain_goto_l00000940"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); goto l00000940; - l00000943_goto_l0000094b: - assume {:captureState "l00000943_goto_l0000094b"} true; - assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); - goto l0000094b; - l00000943_goto_l00000973: - assume {:captureState "l00000943_goto_l00000973"} true; - assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); - goto l00000973; + l00000940: + assume {:captureState "l00000940"} true; + R8, Gamma_R8 := 1bv64, true; + goto l00000943; + l00000973: + assume {:captureState "l00000973"} true; + goto l00000974; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + lmain_goto_l0000093d: + assume {:captureState "lmain_goto_l0000093d"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); + goto l0000093d; + main_return: + assume {:captureState "main_return"} true; + return; } diff --git a/src/test/correct/using_gamma_conditional/clang_pic/using_gamma_conditional.expected b/src/test/correct/using_gamma_conditional/clang_pic/using_gamma_conditional.expected index 218a90bcb..c93833b2e 100644 --- a/src/test/correct/using_gamma_conditional/clang_pic/using_gamma_conditional.expected +++ b/src/test/correct/using_gamma_conditional/clang_pic/using_gamma_conditional.expected @@ -260,51 +260,57 @@ procedure main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; goto lmain_goto_l00000330, lmain_goto_l0000032d; - l00000330: - assume {:captureState "l00000330"} true; - R8, Gamma_R8 := 1bv64, true; - goto l00000333; l0000032d: assume {:captureState "l0000032d"} true; R8, Gamma_R8 := 0bv64, true; goto l00000333; - l00000333: - assume {:captureState "l00000333"} true; - assert Gamma_R8; - goto l00000333_goto_l0000033b, l00000333_goto_l00000363; - l0000033b: - assume {:captureState "l0000033b"} true; - R8, Gamma_R8 := 1bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R8); - assume {:captureState "%0000034b"} true; - goto l0000034e; - l00000363: - assume {:captureState "l00000363"} true; - goto l00000364; - l00000364: - assume {:captureState "l00000364"} true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), 0bv32), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), true); - assume {:captureState "%0000036c"} true; - goto l0000034e; l0000034e: assume {:captureState "l0000034e"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; - return; + goto main_return; lmain_goto_l0000032d: assume {:captureState "lmain_goto_l0000032d"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); goto l0000032d; - lmain_goto_l00000330: - assume {:captureState "lmain_goto_l00000330"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); - goto l00000330; + l00000364: + assume {:captureState "l00000364"} true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), 0bv32), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), true); + assume {:captureState "%0000036c"} true; + goto l0000034e; + l00000363: + assume {:captureState "l00000363"} true; + goto l00000364; + l00000330: + assume {:captureState "l00000330"} true; + R8, Gamma_R8 := 1bv64, true; + goto l00000333; + l00000333: + assume {:captureState "l00000333"} true; + assert Gamma_R8; + goto l00000333_goto_l0000033b, l00000333_goto_l00000363; l00000333_goto_l0000033b: assume {:captureState "l00000333_goto_l0000033b"} true; assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); goto l0000033b; + lmain_goto_l00000330: + assume {:captureState "lmain_goto_l00000330"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); + goto l00000330; + l0000033b: + assume {:captureState "l0000033b"} true; + R8, Gamma_R8 := 1bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R8); + assume {:captureState "%0000034b"} true; + goto l0000034e; + terminate: + assume {:captureState "terminate"} true; + goto terminate; l00000333_goto_l00000363: assume {:captureState "l00000333_goto_l00000363"} true; assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); goto l00000363; + main_return: + assume {:captureState "main_return"} true; + return; } diff --git a/src/test/correct/using_gamma_conditional/gcc/using_gamma_conditional.expected b/src/test/correct/using_gamma_conditional/gcc/using_gamma_conditional.expected index a078d99f9..2d03a49a5 100644 --- a/src/test/correct/using_gamma_conditional/gcc/using_gamma_conditional.expected +++ b/src/test/correct/using_gamma_conditional/gcc/using_gamma_conditional.expected @@ -207,6 +207,12 @@ procedure main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; goto lmain_goto_l000002fa, lmain_goto_l00000309; + l00000304: + assume {:captureState "l00000304"} true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; l000002fa: assume {:captureState "l000002fa"} true; R0, Gamma_R0 := 1bv64, true; @@ -215,9 +221,6 @@ procedure main() assume {:captureState "l00000309"} true; R0, Gamma_R0 := 0bv64, true; goto l00000304; - l00000304: - assume {:captureState "l00000304"} true; - return; lmain_goto_l000002fa: assume {:captureState "lmain_goto_l000002fa"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); @@ -226,4 +229,7 @@ procedure main() assume {:captureState "lmain_goto_l00000309"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); goto l00000309; + main_return: + assume {:captureState "main_return"} true; + return; } diff --git a/src/test/correct/using_gamma_conditional/gcc_O2/using_gamma_conditional.expected b/src/test/correct/using_gamma_conditional/gcc_O2/using_gamma_conditional.expected index 11811a30a..8db5dee79 100644 --- a/src/test/correct/using_gamma_conditional/gcc_O2/using_gamma_conditional.expected +++ b/src/test/correct/using_gamma_conditional/gcc_O2/using_gamma_conditional.expected @@ -206,23 +206,29 @@ procedure main() NF, Gamma_NF := bvadd32(#1, 1bv32)[32:31], Gamma_#1; assert Gamma_ZF; goto lmain_goto_l000001d2, lmain_goto_l000001cf; - l000001d2: - assume {:captureState "l000001d2"} true; - R0, Gamma_R0 := 1bv64, true; - goto l000001d5; + lmain_goto_l000001d2: + assume {:captureState "lmain_goto_l000001d2"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); + goto l000001d2; l000001cf: assume {:captureState "l000001cf"} true; R0, Gamma_R0 := 0bv64, true; goto l000001d5; - l000001d5: - assume {:captureState "l000001d5"} true; - return; lmain_goto_l000001cf: assume {:captureState "lmain_goto_l000001cf"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); goto l000001cf; - lmain_goto_l000001d2: - assume {:captureState "lmain_goto_l000001d2"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); - goto l000001d2; + l000001d5: + assume {:captureState "l000001d5"} true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + l000001d2: + assume {:captureState "l000001d2"} true; + R0, Gamma_R0 := 1bv64, true; + goto l000001d5; + main_return: + assume {:captureState "main_return"} true; + return; } diff --git a/src/test/correct/using_gamma_conditional/gcc_no_plt_no_pic/using_gamma_conditional.expected b/src/test/correct/using_gamma_conditional/gcc_no_plt_no_pic/using_gamma_conditional.expected index f2e4fa7f1..e567ce3b8 100644 --- a/src/test/correct/using_gamma_conditional/gcc_no_plt_no_pic/using_gamma_conditional.expected +++ b/src/test/correct/using_gamma_conditional/gcc_no_plt_no_pic/using_gamma_conditional.expected @@ -207,6 +207,9 @@ procedure main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; goto lmain_goto_l000008c2, lmain_goto_l000008b3; + l000008bd: + assume {:captureState "l000008bd"} true; + goto main_return; l000008b3: assume {:captureState "l000008b3"} true; R0, Gamma_R0 := 1bv64, true; @@ -215,15 +218,18 @@ procedure main() assume {:captureState "l000008c2"} true; R0, Gamma_R0 := 0bv64, true; goto l000008bd; - l000008bd: - assume {:captureState "l000008bd"} true; - return; - lmain_goto_l000008b3: - assume {:captureState "lmain_goto_l000008b3"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l000008b3; lmain_goto_l000008c2: assume {:captureState "lmain_goto_l000008c2"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); goto l000008c2; + lmain_goto_l000008b3: + assume {:captureState "lmain_goto_l000008b3"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l000008b3; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; + return; } diff --git a/src/test/correct/using_gamma_conditional/gcc_pic/using_gamma_conditional.expected b/src/test/correct/using_gamma_conditional/gcc_pic/using_gamma_conditional.expected index 661b64502..4a263681f 100644 --- a/src/test/correct/using_gamma_conditional/gcc_pic/using_gamma_conditional.expected +++ b/src/test/correct/using_gamma_conditional/gcc_pic/using_gamma_conditional.expected @@ -240,23 +240,29 @@ procedure main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; goto lmain_goto_l000002fb, lmain_goto_l0000030a; - l000002fb: - assume {:captureState "l000002fb"} true; - R0, Gamma_R0 := 1bv64, true; - goto l00000305; - l0000030a: - assume {:captureState "l0000030a"} true; - R0, Gamma_R0 := 0bv64, true; - goto l00000305; l00000305: assume {:captureState "l00000305"} true; - return; + goto main_return; lmain_goto_l000002fb: assume {:captureState "lmain_goto_l000002fb"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); goto l000002fb; + l0000030a: + assume {:captureState "l0000030a"} true; + R0, Gamma_R0 := 0bv64, true; + goto l00000305; lmain_goto_l0000030a: assume {:captureState "lmain_goto_l0000030a"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); goto l0000030a; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + l000002fb: + assume {:captureState "l000002fb"} true; + R0, Gamma_R0 := 1bv64, true; + goto l00000305; + main_return: + assume {:captureState "main_return"} true; + return; } diff --git a/src/test/correct/using_gamma_write_z/clang/using_gamma_write_z.expected b/src/test/correct/using_gamma_write_z/clang/using_gamma_write_z.expected index 5ab807fea..88652861a 100644 --- a/src/test/correct/using_gamma_write_z/clang/using_gamma_write_z.expected +++ b/src/test/correct/using_gamma_write_z/clang/using_gamma_write_z.expected @@ -200,5 +200,11 @@ procedure main() assert (Gamma_x_old ==> gamma_load32(Gamma_mem, $x_addr)); assume {:captureState "%000002ce"} true; R0, Gamma_R0 := 0bv64, true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/using_gamma_write_z/clang_O2/using_gamma_write_z.expected b/src/test/correct/using_gamma_write_z/clang_O2/using_gamma_write_z.expected index ba7a07752..d156c3a66 100644 --- a/src/test/correct/using_gamma_write_z/clang_O2/using_gamma_write_z.expected +++ b/src/test/correct/using_gamma_write_z/clang_O2/using_gamma_write_z.expected @@ -200,5 +200,11 @@ procedure main() assert ((bvadd64(R8, 52bv64) == $z_addr) ==> (L(mem, $x_addr) ==> Gamma_x_old)); assert (Gamma_x_old ==> gamma_load32(Gamma_mem, $x_addr)); assume {:captureState "%000002d3"} true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/using_gamma_write_z/clang_no_plt_no_pic/using_gamma_write_z.expected b/src/test/correct/using_gamma_write_z/clang_no_plt_no_pic/using_gamma_write_z.expected index 121f49afb..4c5c1196b 100644 --- a/src/test/correct/using_gamma_write_z/clang_no_plt_no_pic/using_gamma_write_z.expected +++ b/src/test/correct/using_gamma_write_z/clang_no_plt_no_pic/using_gamma_write_z.expected @@ -200,5 +200,11 @@ procedure main() assert (Gamma_x_old ==> gamma_load32(Gamma_mem, $x_addr)); assume {:captureState "%00000845"} true; R0, Gamma_R0 := 0bv64, true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/using_gamma_write_z/clang_pic/using_gamma_write_z.expected b/src/test/correct/using_gamma_write_z/clang_pic/using_gamma_write_z.expected index c05386840..829648397 100644 --- a/src/test/correct/using_gamma_write_z/clang_pic/using_gamma_write_z.expected +++ b/src/test/correct/using_gamma_write_z/clang_pic/using_gamma_write_z.expected @@ -234,5 +234,11 @@ procedure main() assert (Gamma_x_old ==> gamma_load32(Gamma_mem, $x_addr)); assume {:captureState "%000002d9"} true; R0, Gamma_R0 := 0bv64, true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/using_gamma_write_z/gcc/using_gamma_write_z.expected b/src/test/correct/using_gamma_write_z/gcc/using_gamma_write_z.expected index 195161608..fa27d280b 100644 --- a/src/test/correct/using_gamma_write_z/gcc/using_gamma_write_z.expected +++ b/src/test/correct/using_gamma_write_z/gcc/using_gamma_write_z.expected @@ -199,5 +199,11 @@ procedure main() assert (Gamma_x_old ==> gamma_load32(Gamma_mem, $x_addr)); assume {:captureState "%000002d8"} true; R0, Gamma_R0 := 0bv64, true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/using_gamma_write_z/gcc_O2/using_gamma_write_z.expected b/src/test/correct/using_gamma_write_z/gcc_O2/using_gamma_write_z.expected index 6e3d75bef..e3e250f8f 100644 --- a/src/test/correct/using_gamma_write_z/gcc_O2/using_gamma_write_z.expected +++ b/src/test/correct/using_gamma_write_z/gcc_O2/using_gamma_write_z.expected @@ -200,5 +200,11 @@ procedure main() assert ((bvadd64(R1, 20bv64) == $z_addr) ==> (L(mem, $x_addr) ==> Gamma_x_old)); assert (Gamma_x_old ==> gamma_load32(Gamma_mem, $x_addr)); assume {:captureState "%000001bd"} true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/using_gamma_write_z/gcc_no_plt_no_pic/using_gamma_write_z.expected b/src/test/correct/using_gamma_write_z/gcc_no_plt_no_pic/using_gamma_write_z.expected index 8bf981db5..1940b85d5 100644 --- a/src/test/correct/using_gamma_write_z/gcc_no_plt_no_pic/using_gamma_write_z.expected +++ b/src/test/correct/using_gamma_write_z/gcc_no_plt_no_pic/using_gamma_write_z.expected @@ -199,5 +199,11 @@ procedure main() assert (Gamma_x_old ==> gamma_load32(Gamma_mem, $x_addr)); assume {:captureState "%0000085b"} true; R0, Gamma_R0 := 0bv64, true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/using_gamma_write_z/gcc_pic/using_gamma_write_z.expected b/src/test/correct/using_gamma_write_z/gcc_pic/using_gamma_write_z.expected index 3ffffbcfb..136df201e 100644 --- a/src/test/correct/using_gamma_write_z/gcc_pic/using_gamma_write_z.expected +++ b/src/test/correct/using_gamma_write_z/gcc_pic/using_gamma_write_z.expected @@ -232,5 +232,11 @@ procedure main() assert (Gamma_x_old ==> gamma_load32(Gamma_mem, $x_addr)); assume {:captureState "%000002d9"} true; R0, Gamma_R0 := 0bv64, true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/incorrect/basicassign/clang/basicassign.expected b/src/test/incorrect/basicassign/clang/basicassign.expected index 122d69a08..5f1807521 100644 --- a/src/test/incorrect/basicassign/clang/basicassign.expected +++ b/src/test/incorrect/basicassign/clang/basicassign.expected @@ -224,5 +224,11 @@ procedure main() assert (L(mem, bvadd64(R9, 60bv64)) ==> Gamma_R8); mem, Gamma_mem := memory_store32_le(mem, bvadd64(R9, 60bv64), R8[32:0]), gamma_store32(Gamma_mem, bvadd64(R9, 60bv64), Gamma_R8); assume {:captureState "%00000337"} true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/incorrect/basicassign/clang_O2/basicassign.expected b/src/test/incorrect/basicassign/clang_O2/basicassign.expected index e3a318276..2f483e645 100644 --- a/src/test/incorrect/basicassign/clang_O2/basicassign.expected +++ b/src/test/incorrect/basicassign/clang_O2/basicassign.expected @@ -204,5 +204,11 @@ procedure main() assert (L(mem, bvadd64(R10, 60bv64)) ==> Gamma_R8); mem, Gamma_mem := memory_store32_le(mem, bvadd64(R10, 60bv64), R8[32:0]), gamma_store32(Gamma_mem, bvadd64(R10, 60bv64), Gamma_R8); assume {:captureState "%000002f3"} true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/incorrect/basicassign/clang_no_plt_no_pic/basicassign.expected b/src/test/incorrect/basicassign/clang_no_plt_no_pic/basicassign.expected index 3250d4cce..860dd8d67 100644 --- a/src/test/incorrect/basicassign/clang_no_plt_no_pic/basicassign.expected +++ b/src/test/incorrect/basicassign/clang_no_plt_no_pic/basicassign.expected @@ -224,5 +224,11 @@ procedure main() assert (L(mem, bvadd64(R9, 60bv64)) ==> Gamma_R8); mem, Gamma_mem := memory_store32_le(mem, bvadd64(R9, 60bv64), R8[32:0]), gamma_store32(Gamma_mem, bvadd64(R9, 60bv64), Gamma_R8); assume {:captureState "%00000924"} true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/incorrect/basicassign/clang_pic/basicassign.expected b/src/test/incorrect/basicassign/clang_pic/basicassign.expected index ac86f966b..8152d95bf 100644 --- a/src/test/incorrect/basicassign/clang_pic/basicassign.expected +++ b/src/test/incorrect/basicassign/clang_pic/basicassign.expected @@ -310,5 +310,11 @@ procedure main() assert (L(mem, R9) ==> Gamma_R8); mem, Gamma_mem := memory_store32_le(mem, R9, R8[32:0]), gamma_store32(Gamma_mem, R9, Gamma_R8); assume {:captureState "%00000358"} true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/incorrect/basicassign/gcc/basicassign.expected b/src/test/incorrect/basicassign/gcc/basicassign.expected index 121167794..b8b491d80 100644 --- a/src/test/incorrect/basicassign/gcc/basicassign.expected +++ b/src/test/incorrect/basicassign/gcc/basicassign.expected @@ -233,5 +233,11 @@ procedure main() mem, Gamma_mem := memory_store32_le(mem, R0, R1[32:0]), gamma_store32(Gamma_mem, R0, Gamma_R1); assume {:captureState "%000003c2"} true; R0, Gamma_R0 := 0bv64, true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/incorrect/basicassign/gcc_O2/basicassign.expected b/src/test/incorrect/basicassign/gcc_O2/basicassign.expected index 42773c210..5febdf802 100644 --- a/src/test/incorrect/basicassign/gcc_O2/basicassign.expected +++ b/src/test/incorrect/basicassign/gcc_O2/basicassign.expected @@ -204,5 +204,11 @@ procedure main() assert (L(mem, bvadd64(#1, 4bv64)) ==> Gamma_R2); mem, Gamma_mem := memory_store32_le(mem, bvadd64(#1, 4bv64), R2[32:0]), gamma_store32(Gamma_mem, bvadd64(#1, 4bv64), Gamma_R2); assume {:captureState "%000001cf"} true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/incorrect/basicassign/gcc_no_plt_no_pic/basicassign.expected b/src/test/incorrect/basicassign/gcc_no_plt_no_pic/basicassign.expected index 499b391fd..34be6147a 100644 --- a/src/test/incorrect/basicassign/gcc_no_plt_no_pic/basicassign.expected +++ b/src/test/incorrect/basicassign/gcc_no_plt_no_pic/basicassign.expected @@ -233,5 +233,11 @@ procedure main() mem, Gamma_mem := memory_store32_le(mem, R0, R1[32:0]), gamma_store32(Gamma_mem, R0, Gamma_R1); assume {:captureState "%00000a5d"} true; R0, Gamma_R0 := 0bv64, true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/incorrect/basicassign/gcc_pic/basicassign.expected b/src/test/incorrect/basicassign/gcc_pic/basicassign.expected index e67a10bdf..01a961c7f 100644 --- a/src/test/incorrect/basicassign/gcc_pic/basicassign.expected +++ b/src/test/incorrect/basicassign/gcc_pic/basicassign.expected @@ -322,5 +322,11 @@ procedure main() mem, Gamma_mem := memory_store32_le(mem, R0, R1[32:0]), gamma_store32(Gamma_mem, R0, Gamma_R1); assume {:captureState "%000003cb"} true; R0, Gamma_R0 := 0bv64, true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/incorrect/basicassign1/clang/basicassign1.expected b/src/test/incorrect/basicassign1/clang/basicassign1.expected index bd0fa29fe..88f7d6bf6 100644 --- a/src/test/incorrect/basicassign1/clang/basicassign1.expected +++ b/src/test/incorrect/basicassign1/clang/basicassign1.expected @@ -215,5 +215,11 @@ procedure main() mem, Gamma_mem := memory_store32_le(mem, bvadd64(R9, 56bv64), R8[32:0]), gamma_store32(Gamma_mem, bvadd64(R9, 56bv64), Gamma_R8); assume {:captureState "%0000033c"} true; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/incorrect/basicassign1/clang_O2/basicassign1.expected b/src/test/incorrect/basicassign1/clang_O2/basicassign1.expected index 54cfefaed..4bdcc3a12 100644 --- a/src/test/incorrect/basicassign1/clang_O2/basicassign1.expected +++ b/src/test/incorrect/basicassign1/clang_O2/basicassign1.expected @@ -191,5 +191,11 @@ procedure main() assert (L(mem, bvadd64(R9, 56bv64)) ==> Gamma_R8); mem, Gamma_mem := memory_store32_le(mem, bvadd64(R9, 56bv64), R8[32:0]), gamma_store32(Gamma_mem, bvadd64(R9, 56bv64), Gamma_R8); assume {:captureState "%000002de"} true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/incorrect/basicassign1/clang_no_plt_no_pic/basicassign1.expected b/src/test/incorrect/basicassign1/clang_no_plt_no_pic/basicassign1.expected index 05e7e5e2f..f77d5f080 100644 --- a/src/test/incorrect/basicassign1/clang_no_plt_no_pic/basicassign1.expected +++ b/src/test/incorrect/basicassign1/clang_no_plt_no_pic/basicassign1.expected @@ -215,5 +215,11 @@ procedure main() mem, Gamma_mem := memory_store32_le(mem, bvadd64(R9, 56bv64), R8[32:0]), gamma_store32(Gamma_mem, bvadd64(R9, 56bv64), Gamma_R8); assume {:captureState "%00000936"} true; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/incorrect/basicassign1/clang_pic/basicassign1.expected b/src/test/incorrect/basicassign1/clang_pic/basicassign1.expected index dc205cce6..e45f368b5 100644 --- a/src/test/incorrect/basicassign1/clang_pic/basicassign1.expected +++ b/src/test/incorrect/basicassign1/clang_pic/basicassign1.expected @@ -275,5 +275,11 @@ procedure main() mem, Gamma_mem := memory_store32_le(mem, R9, R8[32:0]), gamma_store32(Gamma_mem, R9, Gamma_R8); assume {:captureState "%00000352"} true; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/incorrect/basicassign1/gcc/basicassign1.expected b/src/test/incorrect/basicassign1/gcc/basicassign1.expected index ea9681d89..c9ddba09b 100644 --- a/src/test/incorrect/basicassign1/gcc/basicassign1.expected +++ b/src/test/incorrect/basicassign1/gcc/basicassign1.expected @@ -217,5 +217,11 @@ procedure main() assume {:captureState "%00000371"} true; R0, Gamma_R0 := 0bv64, true; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/incorrect/basicassign1/gcc_O2/basicassign1.expected b/src/test/incorrect/basicassign1/gcc_O2/basicassign1.expected index 0414017cb..4bd97c776 100644 --- a/src/test/incorrect/basicassign1/gcc_O2/basicassign1.expected +++ b/src/test/incorrect/basicassign1/gcc_O2/basicassign1.expected @@ -191,5 +191,11 @@ procedure main() assert (L(mem, bvadd64(R1, 20bv64)) ==> Gamma_R2); mem, Gamma_mem := memory_store32_le(mem, bvadd64(R1, 20bv64), R2[32:0]), gamma_store32(Gamma_mem, bvadd64(R1, 20bv64), Gamma_R2); assume {:captureState "%000001c5"} true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/incorrect/basicassign1/gcc_no_plt_no_pic/basicassign1.expected b/src/test/incorrect/basicassign1/gcc_no_plt_no_pic/basicassign1.expected index fdcbd7147..e9feedbe3 100644 --- a/src/test/incorrect/basicassign1/gcc_no_plt_no_pic/basicassign1.expected +++ b/src/test/incorrect/basicassign1/gcc_no_plt_no_pic/basicassign1.expected @@ -217,5 +217,11 @@ procedure main() assume {:captureState "%000009b1"} true; R0, Gamma_R0 := 0bv64, true; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/incorrect/basicassign1/gcc_pic/basicassign1.expected b/src/test/incorrect/basicassign1/gcc_pic/basicassign1.expected index 91a64b3f4..fe90ab5aa 100644 --- a/src/test/incorrect/basicassign1/gcc_pic/basicassign1.expected +++ b/src/test/incorrect/basicassign1/gcc_pic/basicassign1.expected @@ -277,5 +277,11 @@ procedure main() assume {:captureState "%00000375"} true; R0, Gamma_R0 := 0bv64, true; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/incorrect/basicassign2/clang/basicassign2.expected b/src/test/incorrect/basicassign2/clang/basicassign2.expected index 471ecc76c..d6a39a59f 100644 --- a/src/test/incorrect/basicassign2/clang/basicassign2.expected +++ b/src/test/incorrect/basicassign2/clang/basicassign2.expected @@ -216,5 +216,11 @@ procedure main() assume {:captureState "%00000337"} true; R0, Gamma_R0 := 0bv64, true; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/incorrect/basicassign2/clang_O2/basicassign2.expected b/src/test/incorrect/basicassign2/clang_O2/basicassign2.expected index 1443e9789..00a003c3d 100644 --- a/src/test/incorrect/basicassign2/clang_O2/basicassign2.expected +++ b/src/test/incorrect/basicassign2/clang_O2/basicassign2.expected @@ -192,5 +192,11 @@ procedure main() assert (L(mem, bvadd64(R9, 64bv64)) ==> Gamma_R8); mem, Gamma_mem := memory_store64_le(mem, bvadd64(R9, 64bv64), R8), gamma_store64(Gamma_mem, bvadd64(R9, 64bv64), Gamma_R8); assume {:captureState "%000002de"} true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/incorrect/basicassign2/clang_no_plt_no_pic/basicassign2.expected b/src/test/incorrect/basicassign2/clang_no_plt_no_pic/basicassign2.expected index 911ce67bd..10b2a8084 100644 --- a/src/test/incorrect/basicassign2/clang_no_plt_no_pic/basicassign2.expected +++ b/src/test/incorrect/basicassign2/clang_no_plt_no_pic/basicassign2.expected @@ -216,5 +216,11 @@ procedure main() assume {:captureState "%00000931"} true; R0, Gamma_R0 := 0bv64, true; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/incorrect/basicassign2/clang_pic/basicassign2.expected b/src/test/incorrect/basicassign2/clang_pic/basicassign2.expected index bb901dc08..7438d3a21 100644 --- a/src/test/incorrect/basicassign2/clang_pic/basicassign2.expected +++ b/src/test/incorrect/basicassign2/clang_pic/basicassign2.expected @@ -268,5 +268,11 @@ procedure main() assume {:captureState "%0000034d"} true; R0, Gamma_R0 := 0bv64, true; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/incorrect/basicassign2/gcc/basicassign2.expected b/src/test/incorrect/basicassign2/gcc/basicassign2.expected index 95f92fbdc..e3ef70fbe 100644 --- a/src/test/incorrect/basicassign2/gcc/basicassign2.expected +++ b/src/test/incorrect/basicassign2/gcc/basicassign2.expected @@ -218,5 +218,11 @@ procedure main() assume {:captureState "%00000371"} true; R0, Gamma_R0 := 0bv64, true; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/incorrect/basicassign2/gcc_O2/basicassign2.expected b/src/test/incorrect/basicassign2/gcc_O2/basicassign2.expected index 2116e0774..9f66eb0cd 100644 --- a/src/test/incorrect/basicassign2/gcc_O2/basicassign2.expected +++ b/src/test/incorrect/basicassign2/gcc_O2/basicassign2.expected @@ -192,5 +192,11 @@ procedure main() assert (L(mem, bvadd64(R1, 24bv64)) ==> Gamma_R2); mem, Gamma_mem := memory_store64_le(mem, bvadd64(R1, 24bv64), R2), gamma_store64(Gamma_mem, bvadd64(R1, 24bv64), Gamma_R2); assume {:captureState "%000001c5"} true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/incorrect/basicassign2/gcc_no_plt_no_pic/basicassign2.expected b/src/test/incorrect/basicassign2/gcc_no_plt_no_pic/basicassign2.expected index 190af2f08..b7517c6e9 100644 --- a/src/test/incorrect/basicassign2/gcc_no_plt_no_pic/basicassign2.expected +++ b/src/test/incorrect/basicassign2/gcc_no_plt_no_pic/basicassign2.expected @@ -218,5 +218,11 @@ procedure main() assume {:captureState "%000009b1"} true; R0, Gamma_R0 := 0bv64, true; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/incorrect/basicassign2/gcc_pic/basicassign2.expected b/src/test/incorrect/basicassign2/gcc_pic/basicassign2.expected index 1c35793fc..2a1a923e1 100644 --- a/src/test/incorrect/basicassign2/gcc_pic/basicassign2.expected +++ b/src/test/incorrect/basicassign2/gcc_pic/basicassign2.expected @@ -270,5 +270,11 @@ procedure main() assume {:captureState "%00000375"} true; R0, Gamma_R0 := 0bv64, true; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/incorrect/basicassign3/clang/basicassign3.expected b/src/test/incorrect/basicassign3/clang/basicassign3.expected index 75800d54a..7e2f57eb9 100644 --- a/src/test/incorrect/basicassign3/clang/basicassign3.expected +++ b/src/test/incorrect/basicassign3/clang/basicassign3.expected @@ -213,5 +213,11 @@ procedure main() assume {:captureState "%00000337"} true; R0, Gamma_R0 := 0bv64, true; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/incorrect/basicassign3/clang_O2/basicassign3.expected b/src/test/incorrect/basicassign3/clang_O2/basicassign3.expected index 96cc417da..dadee6a6e 100644 --- a/src/test/incorrect/basicassign3/clang_O2/basicassign3.expected +++ b/src/test/incorrect/basicassign3/clang_O2/basicassign3.expected @@ -189,5 +189,11 @@ procedure main() assert (L(mem, bvadd64(R9, 56bv64)) ==> Gamma_R8); mem, Gamma_mem := memory_store8_le(mem, bvadd64(R9, 56bv64), R8[8:0]), gamma_store8(Gamma_mem, bvadd64(R9, 56bv64), Gamma_R8); assume {:captureState "%000002de"} true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/incorrect/basicassign3/clang_no_plt_no_pic/basicassign3.expected b/src/test/incorrect/basicassign3/clang_no_plt_no_pic/basicassign3.expected index 75b959513..7cbd3ded5 100644 --- a/src/test/incorrect/basicassign3/clang_no_plt_no_pic/basicassign3.expected +++ b/src/test/incorrect/basicassign3/clang_no_plt_no_pic/basicassign3.expected @@ -213,5 +213,11 @@ procedure main() assume {:captureState "%00000931"} true; R0, Gamma_R0 := 0bv64, true; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/incorrect/basicassign3/clang_pic/basicassign3.expected b/src/test/incorrect/basicassign3/clang_pic/basicassign3.expected index 7a4df88f4..28dfa7f9d 100644 --- a/src/test/incorrect/basicassign3/clang_pic/basicassign3.expected +++ b/src/test/incorrect/basicassign3/clang_pic/basicassign3.expected @@ -273,5 +273,11 @@ procedure main() assume {:captureState "%0000034d"} true; R0, Gamma_R0 := 0bv64, true; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/incorrect/basicassign3/gcc/basicassign3.expected b/src/test/incorrect/basicassign3/gcc/basicassign3.expected index a3c547bb3..b65593154 100644 --- a/src/test/incorrect/basicassign3/gcc/basicassign3.expected +++ b/src/test/incorrect/basicassign3/gcc/basicassign3.expected @@ -215,5 +215,11 @@ procedure main() assume {:captureState "%00000371"} true; R0, Gamma_R0 := 0bv64, true; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/incorrect/basicassign3/gcc_O2/basicassign3.expected b/src/test/incorrect/basicassign3/gcc_O2/basicassign3.expected index 62c8377ad..538b12caa 100644 --- a/src/test/incorrect/basicassign3/gcc_O2/basicassign3.expected +++ b/src/test/incorrect/basicassign3/gcc_O2/basicassign3.expected @@ -189,5 +189,11 @@ procedure main() assert (L(mem, bvadd64(R1, 17bv64)) ==> Gamma_R2); mem, Gamma_mem := memory_store8_le(mem, bvadd64(R1, 17bv64), R2[8:0]), gamma_store8(Gamma_mem, bvadd64(R1, 17bv64), Gamma_R2); assume {:captureState "%000001c5"} true; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/incorrect/basicassign3/gcc_no_plt_no_pic/basicassign3.expected b/src/test/incorrect/basicassign3/gcc_no_plt_no_pic/basicassign3.expected index ea6ea1a7b..0d68eef48 100644 --- a/src/test/incorrect/basicassign3/gcc_no_plt_no_pic/basicassign3.expected +++ b/src/test/incorrect/basicassign3/gcc_no_plt_no_pic/basicassign3.expected @@ -215,5 +215,11 @@ procedure main() assume {:captureState "%000009b1"} true; R0, Gamma_R0 := 0bv64, true; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/incorrect/basicassign3/gcc_pic/basicassign3.expected b/src/test/incorrect/basicassign3/gcc_pic/basicassign3.expected index 7e6204c20..6823e0cb6 100644 --- a/src/test/incorrect/basicassign3/gcc_pic/basicassign3.expected +++ b/src/test/incorrect/basicassign3/gcc_pic/basicassign3.expected @@ -275,5 +275,11 @@ procedure main() assume {:captureState "%00000375"} true; R0, Gamma_R0 := 0bv64, true; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/incorrect/iflocal/clang/iflocal.expected b/src/test/incorrect/iflocal/clang/iflocal.expected index 8ed1272aa..82f7ca651 100644 --- a/src/test/incorrect/iflocal/clang/iflocal.expected +++ b/src/test/incorrect/iflocal/clang/iflocal.expected @@ -215,46 +215,52 @@ procedure main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; goto lmain_goto_l00000337, lmain_goto_l00000334; - l00000337: - assume {:captureState "l00000337"} true; - R8, Gamma_R8 := 1bv64, true; - goto l0000033a; l00000334: assume {:captureState "l00000334"} true; R8, Gamma_R8 := 0bv64, true; goto l0000033a; - l0000033a: - assume {:captureState "l0000033a"} true; - assert Gamma_R8; - goto l0000033a_goto_l00000359, l0000033a_goto_l00000342; l00000359: assume {:captureState "l00000359"} true; goto l0000035a; - l0000035a: - assume {:captureState "l0000035a"} true; + l00000337: + assume {:captureState "l00000337"} true; R8, Gamma_R8 := 1bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 4bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 4bv64), Gamma_R8); - assume {:captureState "%00000368"} true; + goto l0000033a; + l0000033a_goto_l00000342: + assume {:captureState "l0000033a_goto_l00000342"} true; + assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); goto l00000342; - l00000342: - assume {:captureState "l00000342"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); - R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; - return; lmain_goto_l00000334: assume {:captureState "lmain_goto_l00000334"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); goto l00000334; + l00000342: + assume {:captureState "l00000342"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); + R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + l0000033a: + assume {:captureState "l0000033a"} true; + assert Gamma_R8; + goto l0000033a_goto_l00000359, l0000033a_goto_l00000342; lmain_goto_l00000337: assume {:captureState "lmain_goto_l00000337"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); goto l00000337; - l0000033a_goto_l00000342: - assume {:captureState "l0000033a_goto_l00000342"} true; - assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); - goto l00000342; + terminate: + assume {:captureState "terminate"} true; + goto terminate; l0000033a_goto_l00000359: assume {:captureState "l0000033a_goto_l00000359"} true; assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); goto l00000359; + l0000035a: + assume {:captureState "l0000035a"} true; + R8, Gamma_R8 := 1bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 4bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 4bv64), Gamma_R8); + assume {:captureState "%00000368"} true; + goto l00000342; + main_return: + assume {:captureState "main_return"} true; + return; } diff --git a/src/test/incorrect/iflocal/clang_no_plt_no_pic/iflocal.expected b/src/test/incorrect/iflocal/clang_no_plt_no_pic/iflocal.expected index 72e0f9841..891f018eb 100644 --- a/src/test/incorrect/iflocal/clang_no_plt_no_pic/iflocal.expected +++ b/src/test/incorrect/iflocal/clang_no_plt_no_pic/iflocal.expected @@ -215,14 +215,19 @@ procedure main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; goto lmain_goto_l00000956, lmain_goto_l00000959; - l00000959: - assume {:captureState "l00000959"} true; - R8, Gamma_R8 := 1bv64, true; - goto l0000095c; l00000956: assume {:captureState "l00000956"} true; R8, Gamma_R8 := 0bv64, true; goto l0000095c; + l0000095c_goto_l00000964: + assume {:captureState "l0000095c_goto_l00000964"} true; + assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); + goto l00000964; + l00000964: + assume {:captureState "l00000964"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); + R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; l0000095c: assume {:captureState "l0000095c"} true; assert Gamma_R8; @@ -230,17 +235,19 @@ procedure main() l0000097b: assume {:captureState "l0000097b"} true; goto l0000097c; + l0000095c_goto_l0000097b: + assume {:captureState "l0000095c_goto_l0000097b"} true; + assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); + goto l0000097b; l0000097c: assume {:captureState "l0000097c"} true; R8, Gamma_R8 := 1bv64, true; stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 4bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 4bv64), Gamma_R8); assume {:captureState "%0000098a"} true; goto l00000964; - l00000964: - assume {:captureState "l00000964"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); - R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; - return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; lmain_goto_l00000956: assume {:captureState "lmain_goto_l00000956"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); @@ -249,12 +256,11 @@ procedure main() assume {:captureState "lmain_goto_l00000959"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); goto l00000959; - l0000095c_goto_l00000964: - assume {:captureState "l0000095c_goto_l00000964"} true; - assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); - goto l00000964; - l0000095c_goto_l0000097b: - assume {:captureState "l0000095c_goto_l0000097b"} true; - assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); - goto l0000097b; + l00000959: + assume {:captureState "l00000959"} true; + R8, Gamma_R8 := 1bv64, true; + goto l0000095c; + main_return: + assume {:captureState "main_return"} true; + return; } diff --git a/src/test/incorrect/iflocal/clang_pic/iflocal.expected b/src/test/incorrect/iflocal/clang_pic/iflocal.expected index 72e0f9841..891f018eb 100644 --- a/src/test/incorrect/iflocal/clang_pic/iflocal.expected +++ b/src/test/incorrect/iflocal/clang_pic/iflocal.expected @@ -215,14 +215,19 @@ procedure main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; goto lmain_goto_l00000956, lmain_goto_l00000959; - l00000959: - assume {:captureState "l00000959"} true; - R8, Gamma_R8 := 1bv64, true; - goto l0000095c; l00000956: assume {:captureState "l00000956"} true; R8, Gamma_R8 := 0bv64, true; goto l0000095c; + l0000095c_goto_l00000964: + assume {:captureState "l0000095c_goto_l00000964"} true; + assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); + goto l00000964; + l00000964: + assume {:captureState "l00000964"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); + R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; l0000095c: assume {:captureState "l0000095c"} true; assert Gamma_R8; @@ -230,17 +235,19 @@ procedure main() l0000097b: assume {:captureState "l0000097b"} true; goto l0000097c; + l0000095c_goto_l0000097b: + assume {:captureState "l0000095c_goto_l0000097b"} true; + assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); + goto l0000097b; l0000097c: assume {:captureState "l0000097c"} true; R8, Gamma_R8 := 1bv64, true; stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 4bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 4bv64), Gamma_R8); assume {:captureState "%0000098a"} true; goto l00000964; - l00000964: - assume {:captureState "l00000964"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); - R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; - return; + terminate: + assume {:captureState "terminate"} true; + goto terminate; lmain_goto_l00000956: assume {:captureState "lmain_goto_l00000956"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); @@ -249,12 +256,11 @@ procedure main() assume {:captureState "lmain_goto_l00000959"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); goto l00000959; - l0000095c_goto_l00000964: - assume {:captureState "l0000095c_goto_l00000964"} true; - assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); - goto l00000964; - l0000095c_goto_l0000097b: - assume {:captureState "l0000095c_goto_l0000097b"} true; - assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); - goto l0000097b; + l00000959: + assume {:captureState "l00000959"} true; + R8, Gamma_R8 := 1bv64, true; + goto l0000095c; + main_return: + assume {:captureState "main_return"} true; + return; } diff --git a/src/test/incorrect/iflocal/gcc/iflocal.expected b/src/test/incorrect/iflocal/gcc/iflocal.expected index 448aac10d..e5bc49a42 100644 --- a/src/test/incorrect/iflocal/gcc/iflocal.expected +++ b/src/test/incorrect/iflocal/gcc/iflocal.expected @@ -210,23 +210,29 @@ procedure main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; goto lmain_goto_l00000318, lmain_goto_l0000032d; + l00000318: + assume {:captureState "l00000318"} true; + R0, Gamma_R0 := 0bv64, true; + R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; + goto main_return; l0000032d: assume {:captureState "l0000032d"} true; R0, Gamma_R0 := 1bv64, true; stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 28bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 28bv64), Gamma_R0); assume {:captureState "%00000338"} true; goto l00000318; - l00000318: - assume {:captureState "l00000318"} true; - R0, Gamma_R0 := 0bv64, true; - R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; - return; - lmain_goto_l00000318: - assume {:captureState "lmain_goto_l00000318"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); - goto l00000318; lmain_goto_l0000032d: assume {:captureState "lmain_goto_l0000032d"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); goto l0000032d; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + lmain_goto_l00000318: + assume {:captureState "lmain_goto_l00000318"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); + goto l00000318; + main_return: + assume {:captureState "main_return"} true; + return; } diff --git a/src/test/incorrect/iflocal/gcc_no_plt_no_pic/iflocal.expected b/src/test/incorrect/iflocal/gcc_no_plt_no_pic/iflocal.expected index 2eb140e57..fa6a398ec 100644 --- a/src/test/incorrect/iflocal/gcc_no_plt_no_pic/iflocal.expected +++ b/src/test/incorrect/iflocal/gcc_no_plt_no_pic/iflocal.expected @@ -210,23 +210,29 @@ procedure main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; goto lmain_goto_l000008ff, lmain_goto_l00000914; - l00000914: - assume {:captureState "l00000914"} true; - R0, Gamma_R0 := 1bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 28bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 28bv64), Gamma_R0); - assume {:captureState "%0000091f"} true; - goto l000008ff; l000008ff: assume {:captureState "l000008ff"} true; R0, Gamma_R0 := 0bv64, true; R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; - return; + goto main_return; lmain_goto_l000008ff: assume {:captureState "lmain_goto_l000008ff"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); goto l000008ff; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + l00000914: + assume {:captureState "l00000914"} true; + R0, Gamma_R0 := 1bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 28bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 28bv64), Gamma_R0); + assume {:captureState "%0000091f"} true; + goto l000008ff; lmain_goto_l00000914: assume {:captureState "lmain_goto_l00000914"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); goto l00000914; + main_return: + assume {:captureState "main_return"} true; + return; } diff --git a/src/test/incorrect/iflocal/gcc_pic/iflocal.expected b/src/test/incorrect/iflocal/gcc_pic/iflocal.expected index 2eb140e57..fa6a398ec 100644 --- a/src/test/incorrect/iflocal/gcc_pic/iflocal.expected +++ b/src/test/incorrect/iflocal/gcc_pic/iflocal.expected @@ -210,23 +210,29 @@ procedure main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; goto lmain_goto_l000008ff, lmain_goto_l00000914; - l00000914: - assume {:captureState "l00000914"} true; - R0, Gamma_R0 := 1bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 28bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 28bv64), Gamma_R0); - assume {:captureState "%0000091f"} true; - goto l000008ff; l000008ff: assume {:captureState "l000008ff"} true; R0, Gamma_R0 := 0bv64, true; R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; - return; + goto main_return; lmain_goto_l000008ff: assume {:captureState "lmain_goto_l000008ff"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); goto l000008ff; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + l00000914: + assume {:captureState "l00000914"} true; + R0, Gamma_R0 := 1bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 28bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 28bv64), Gamma_R0); + assume {:captureState "%0000091f"} true; + goto l000008ff; lmain_goto_l00000914: assume {:captureState "lmain_goto_l00000914"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); goto l00000914; + main_return: + assume {:captureState "main_return"} true; + return; } diff --git a/src/test/incorrect/nestedifglobal/clang/nestedifglobal.expected b/src/test/incorrect/nestedifglobal/clang/nestedifglobal.expected index 4201a58a0..471a739ab 100644 --- a/src/test/incorrect/nestedifglobal/clang/nestedifglobal.expected +++ b/src/test/incorrect/nestedifglobal/clang/nestedifglobal.expected @@ -231,80 +231,6 @@ procedure main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; goto lmain_goto_l00000390, lmain_goto_l00000393; - l00000393: - assume {:captureState "l00000393"} true; - R8, Gamma_R8 := 1bv64, true; - goto l00000396; - l00000390: - assume {:captureState "l00000390"} true; - R8, Gamma_R8 := 0bv64, true; - goto l00000396; - l00000396: - assume {:captureState "l00000396"} true; - assert Gamma_R8; - goto l00000396_goto_l0000045d, l00000396_goto_l0000039e; - l0000045d: - assume {:captureState "l0000045d"} true; - goto l0000045e; - l0000045e: - assume {:captureState "l0000045e"} true; - R8, Gamma_R8 := 3bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 4bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 4bv64), Gamma_R8); - assume {:captureState "%0000046c"} true; - goto l0000039e; - l0000039e: - assume {:captureState "l0000039e"} true; - R8, Gamma_R8 := 69632bv64, true; - call rely(); - R8, Gamma_R8 := zero_extend32_32(memory_load32_le(mem, bvadd64(R8, 52bv64))), (gamma_load32(Gamma_mem, bvadd64(R8, 52bv64)) || L(mem, bvadd64(R8, 52bv64))); - #5, Gamma_#5 := bvadd32(R8[32:0], 4294967294bv32), Gamma_R8; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#5, 1bv32)), bvadd33(sign_extend1_32(R8[32:0]), 8589934591bv33))), (Gamma_R8 && Gamma_#5); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#5, 1bv32)), bvadd33(zero_extend1_32(R8[32:0]), 4294967295bv33))), (Gamma_R8 && Gamma_#5); - ZF, Gamma_ZF := bvcomp32(bvadd32(#5, 1bv32), 0bv32), Gamma_#5; - NF, Gamma_NF := bvadd32(#5, 1bv32)[32:31], Gamma_#5; - R8, Gamma_R8 := zero_extend32_32(bvadd32(#5, 1bv32)), Gamma_#5; - assert Gamma_ZF; - goto l0000039e_goto_l000003d1, l0000039e_goto_l000003ce; - l000003d1: - assume {:captureState "l000003d1"} true; - R8, Gamma_R8 := 1bv64, true; - goto l000003d4; - l000003ce: - assume {:captureState "l000003ce"} true; - R8, Gamma_R8 := 0bv64, true; - goto l000003d4; - l000003d4: - assume {:captureState "l000003d4"} true; - assert Gamma_R8; - goto l000003d4_goto_l00000448, l000003d4_goto_l000003dc; - l00000448: - assume {:captureState "l00000448"} true; - goto l00000449; - l00000449: - assume {:captureState "l00000449"} true; - R8, Gamma_R8 := 5bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 4bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 4bv64), Gamma_R8); - assume {:captureState "%00000457"} true; - goto l000003dc; - l000003dc: - assume {:captureState "l000003dc"} true; - R8, Gamma_R8 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 4bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 4bv64)); - #6, Gamma_#6 := bvadd32(R8[32:0], 4294967292bv32), Gamma_R8; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#6, 1bv32)), bvadd33(sign_extend1_32(R8[32:0]), 8589934589bv33))), (Gamma_R8 && Gamma_#6); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#6, 1bv32)), bvadd33(zero_extend1_32(R8[32:0]), 4294967293bv33))), (Gamma_R8 && Gamma_#6); - ZF, Gamma_ZF := bvcomp32(bvadd32(#6, 1bv32), 0bv32), Gamma_#6; - NF, Gamma_NF := bvadd32(#6, 1bv32)[32:31], Gamma_#6; - R8, Gamma_R8 := zero_extend32_32(bvadd32(#6, 1bv32)), Gamma_#6; - assert Gamma_ZF; - goto l000003dc_goto_l0000040a, l000003dc_goto_l00000407; - l0000040a: - assume {:captureState "l0000040a"} true; - R8, Gamma_R8 := 1bv64, true; - goto l0000040d; - l00000407: - assume {:captureState "l00000407"} true; - R8, Gamma_R8 := 0bv64, true; - goto l0000040d; l0000040d: assume {:captureState "l0000040d"} true; assert Gamma_R8; @@ -312,6 +238,14 @@ procedure main() l0000042c: assume {:captureState "l0000042c"} true; goto l0000042d; + l0000040a: + assume {:captureState "l0000040a"} true; + R8, Gamma_R8 := 1bv64, true; + goto l0000040d; + l000003d4_goto_l000003dc: + assume {:captureState "l000003d4_goto_l000003dc"} true; + assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); + goto l000003dc; l0000042d: assume {:captureState "l0000042d"} true; R8, Gamma_R8 := 69632bv64, true; @@ -320,57 +254,129 @@ procedure main() stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 4bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 4bv64), Gamma_R8); assume {:captureState "%00000442"} true; goto l00000415; - l00000415: - assume {:captureState "l00000415"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); - R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; - return; - lmain_goto_l00000390: - assume {:captureState "lmain_goto_l00000390"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l00000390; - lmain_goto_l00000393: - assume {:captureState "lmain_goto_l00000393"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l00000393; - l00000396_goto_l0000039e: - assume {:captureState "l00000396_goto_l0000039e"} true; - assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); - goto l0000039e; - l00000396_goto_l0000045d: - assume {:captureState "l00000396_goto_l0000045d"} true; + l000003dc: + assume {:captureState "l000003dc"} true; + R8, Gamma_R8 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 4bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 4bv64)); + #6, Gamma_#6 := bvadd32(R8[32:0], 4294967292bv32), Gamma_R8; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#6, 1bv32)), bvadd33(sign_extend1_32(R8[32:0]), 8589934589bv33))), (Gamma_R8 && Gamma_#6); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#6, 1bv32)), bvadd33(zero_extend1_32(R8[32:0]), 4294967293bv33))), (Gamma_R8 && Gamma_#6); + ZF, Gamma_ZF := bvcomp32(bvadd32(#6, 1bv32), 0bv32), Gamma_#6; + NF, Gamma_NF := bvadd32(#6, 1bv32)[32:31], Gamma_#6; + R8, Gamma_R8 := zero_extend32_32(bvadd32(#6, 1bv32)), Gamma_#6; + assert Gamma_ZF; + goto l000003dc_goto_l0000040a, l000003dc_goto_l00000407; + l000003d4_goto_l00000448: + assume {:captureState "l000003d4_goto_l00000448"} true; assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); - goto l0000045d; + goto l00000448; + l0000040d_goto_l00000415: + assume {:captureState "l0000040d_goto_l00000415"} true; + assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); + goto l00000415; l0000039e_goto_l000003ce: assume {:captureState "l0000039e_goto_l000003ce"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); goto l000003ce; + l00000449: + assume {:captureState "l00000449"} true; + R8, Gamma_R8 := 5bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 4bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 4bv64), Gamma_R8); + assume {:captureState "%00000457"} true; + goto l000003dc; + l00000448: + assume {:captureState "l00000448"} true; + goto l00000449; + l00000407: + assume {:captureState "l00000407"} true; + R8, Gamma_R8 := 0bv64, true; + goto l0000040d; l0000039e_goto_l000003d1: assume {:captureState "l0000039e_goto_l000003d1"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); goto l000003d1; - l000003d4_goto_l000003dc: - assume {:captureState "l000003d4_goto_l000003dc"} true; - assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); - goto l000003dc; - l000003d4_goto_l00000448: - assume {:captureState "l000003d4_goto_l00000448"} true; - assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); - goto l00000448; l000003dc_goto_l00000407: assume {:captureState "l000003dc_goto_l00000407"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); goto l00000407; + l00000396_goto_l0000045d: + assume {:captureState "l00000396_goto_l0000045d"} true; + assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); + goto l0000045d; + l000003d1: + assume {:captureState "l000003d1"} true; + R8, Gamma_R8 := 1bv64, true; + goto l000003d4; + l0000045d: + assume {:captureState "l0000045d"} true; + goto l0000045e; + l000003d4: + assume {:captureState "l000003d4"} true; + assert Gamma_R8; + goto l000003d4_goto_l00000448, l000003d4_goto_l000003dc; + l00000396_goto_l0000039e: + assume {:captureState "l00000396_goto_l0000039e"} true; + assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); + goto l0000039e; + l0000039e: + assume {:captureState "l0000039e"} true; + R8, Gamma_R8 := 69632bv64, true; + call rely(); + R8, Gamma_R8 := zero_extend32_32(memory_load32_le(mem, bvadd64(R8, 52bv64))), (gamma_load32(Gamma_mem, bvadd64(R8, 52bv64)) || L(mem, bvadd64(R8, 52bv64))); + #5, Gamma_#5 := bvadd32(R8[32:0], 4294967294bv32), Gamma_R8; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#5, 1bv32)), bvadd33(sign_extend1_32(R8[32:0]), 8589934591bv33))), (Gamma_R8 && Gamma_#5); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#5, 1bv32)), bvadd33(zero_extend1_32(R8[32:0]), 4294967295bv33))), (Gamma_R8 && Gamma_#5); + ZF, Gamma_ZF := bvcomp32(bvadd32(#5, 1bv32), 0bv32), Gamma_#5; + NF, Gamma_NF := bvadd32(#5, 1bv32)[32:31], Gamma_#5; + R8, Gamma_R8 := zero_extend32_32(bvadd32(#5, 1bv32)), Gamma_#5; + assert Gamma_ZF; + goto l0000039e_goto_l000003d1, l0000039e_goto_l000003ce; + l00000390: + assume {:captureState "l00000390"} true; + R8, Gamma_R8 := 0bv64, true; + goto l00000396; + l0000045e: + assume {:captureState "l0000045e"} true; + R8, Gamma_R8 := 3bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 4bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 4bv64), Gamma_R8); + assume {:captureState "%0000046c"} true; + goto l0000039e; + l00000396: + assume {:captureState "l00000396"} true; + assert Gamma_R8; + goto l00000396_goto_l0000045d, l00000396_goto_l0000039e; + l00000393: + assume {:captureState "l00000393"} true; + R8, Gamma_R8 := 1bv64, true; + goto l00000396; l000003dc_goto_l0000040a: assume {:captureState "l000003dc_goto_l0000040a"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); goto l0000040a; - l0000040d_goto_l00000415: - assume {:captureState "l0000040d_goto_l00000415"} true; - assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); - goto l00000415; + l00000415: + assume {:captureState "l00000415"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); + R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + l000003ce: + assume {:captureState "l000003ce"} true; + R8, Gamma_R8 := 0bv64, true; + goto l000003d4; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + lmain_goto_l00000390: + assume {:captureState "lmain_goto_l00000390"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l00000390; l0000040d_goto_l0000042c: assume {:captureState "l0000040d_goto_l0000042c"} true; assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); goto l0000042c; + lmain_goto_l00000393: + assume {:captureState "lmain_goto_l00000393"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l00000393; + main_return: + assume {:captureState "main_return"} true; + return; } diff --git a/src/test/incorrect/nestedifglobal/clang_no_plt_no_pic/nestedifglobal.expected b/src/test/incorrect/nestedifglobal/clang_no_plt_no_pic/nestedifglobal.expected index e66bea4a0..2c5a3f4b2 100644 --- a/src/test/incorrect/nestedifglobal/clang_no_plt_no_pic/nestedifglobal.expected +++ b/src/test/incorrect/nestedifglobal/clang_no_plt_no_pic/nestedifglobal.expected @@ -231,27 +231,51 @@ procedure main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; goto lmain_goto_l00000ae3, lmain_goto_l00000ae0; - l00000ae3: - assume {:captureState "l00000ae3"} true; + l00000b24: + assume {:captureState "l00000b24"} true; + assert Gamma_R8; + goto l00000b24_goto_l00000b2c, l00000b24_goto_l00000b98; + l00000b2c_goto_l00000b5a: + assume {:captureState "l00000b2c_goto_l00000b5a"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l00000b5a; + l00000b5d: + assume {:captureState "l00000b5d"} true; + assert Gamma_R8; + goto l00000b5d_goto_l00000b65, l00000b5d_goto_l00000b7c; + l00000b5a: + assume {:captureState "l00000b5a"} true; R8, Gamma_R8 := 1bv64, true; - goto l00000ae6; - l00000ae0: - assume {:captureState "l00000ae0"} true; + goto l00000b5d; + l00000b7c: + assume {:captureState "l00000b7c"} true; + goto l00000b7d; + l00000b7d: + assume {:captureState "l00000b7d"} true; + R8, Gamma_R8 := 69632bv64, true; + call rely(); + R8, Gamma_R8 := zero_extend32_32(memory_load32_le(mem, bvadd64(R8, 56bv64))), (gamma_load32(Gamma_mem, bvadd64(R8, 56bv64)) || L(mem, bvadd64(R8, 56bv64))); + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 4bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 4bv64), Gamma_R8); + assume {:captureState "%00000b92"} true; + goto l00000b65; + l00000b24_goto_l00000b98: + assume {:captureState "l00000b24_goto_l00000b98"} true; + assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); + goto l00000b98; + l00000b1e: + assume {:captureState "l00000b1e"} true; R8, Gamma_R8 := 0bv64, true; - goto l00000ae6; - l00000ae6: - assume {:captureState "l00000ae6"} true; - assert Gamma_R8; - goto l00000ae6_goto_l00000aee, l00000ae6_goto_l00000bad; - l00000bad: - assume {:captureState "l00000bad"} true; - goto l00000bae; - l00000bae: - assume {:captureState "l00000bae"} true; - R8, Gamma_R8 := 3bv64, true; + goto l00000b24; + l00000b5d_goto_l00000b65: + assume {:captureState "l00000b5d_goto_l00000b65"} true; + assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); + goto l00000b65; + l00000b99: + assume {:captureState "l00000b99"} true; + R8, Gamma_R8 := 5bv64, true; stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 4bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 4bv64), Gamma_R8); - assume {:captureState "%00000bbc"} true; - goto l00000aee; + assume {:captureState "%00000ba7"} true; + goto l00000b2c; l00000aee: assume {:captureState "l00000aee"} true; R8, Gamma_R8 := 69632bv64, true; @@ -265,27 +289,42 @@ procedure main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#5, 1bv32)), Gamma_#5; assert Gamma_ZF; goto l00000aee_goto_l00000b1e, l00000aee_goto_l00000b21; - l00000b21: - assume {:captureState "l00000b21"} true; - R8, Gamma_R8 := 1bv64, true; - goto l00000b24; - l00000b1e: - assume {:captureState "l00000b1e"} true; - R8, Gamma_R8 := 0bv64, true; - goto l00000b24; - l00000b24: - assume {:captureState "l00000b24"} true; - assert Gamma_R8; - goto l00000b24_goto_l00000b2c, l00000b24_goto_l00000b98; l00000b98: assume {:captureState "l00000b98"} true; goto l00000b99; - l00000b99: - assume {:captureState "l00000b99"} true; - R8, Gamma_R8 := 5bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 4bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 4bv64), Gamma_R8); - assume {:captureState "%00000ba7"} true; + l00000b24_goto_l00000b2c: + assume {:captureState "l00000b24_goto_l00000b2c"} true; + assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); goto l00000b2c; + l00000b2c_goto_l00000b57: + assume {:captureState "l00000b2c_goto_l00000b57"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l00000b57; + l00000aee_goto_l00000b21: + assume {:captureState "l00000aee_goto_l00000b21"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l00000b21; + l00000bae: + assume {:captureState "l00000bae"} true; + R8, Gamma_R8 := 3bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 4bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 4bv64), Gamma_R8); + assume {:captureState "%00000bbc"} true; + goto l00000aee; + l00000b57: + assume {:captureState "l00000b57"} true; + R8, Gamma_R8 := 0bv64, true; + goto l00000b5d; + l00000bad: + assume {:captureState "l00000bad"} true; + goto l00000bae; + l00000b5d_goto_l00000b7c: + assume {:captureState "l00000b5d_goto_l00000b7c"} true; + assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); + goto l00000b7c; + l00000ae6: + assume {:captureState "l00000ae6"} true; + assert Gamma_R8; + goto l00000ae6_goto_l00000aee, l00000ae6_goto_l00000bad; l00000b2c: assume {:captureState "l00000b2c"} true; R8, Gamma_R8 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 4bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 4bv64)); @@ -297,80 +336,47 @@ procedure main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#6, 1bv32)), Gamma_#6; assert Gamma_ZF; goto l00000b2c_goto_l00000b5a, l00000b2c_goto_l00000b57; - l00000b5a: - assume {:captureState "l00000b5a"} true; - R8, Gamma_R8 := 1bv64, true; - goto l00000b5d; - l00000b57: - assume {:captureState "l00000b57"} true; - R8, Gamma_R8 := 0bv64, true; - goto l00000b5d; - l00000b5d: - assume {:captureState "l00000b5d"} true; - assert Gamma_R8; - goto l00000b5d_goto_l00000b65, l00000b5d_goto_l00000b7c; - l00000b7c: - assume {:captureState "l00000b7c"} true; - goto l00000b7d; - l00000b7d: - assume {:captureState "l00000b7d"} true; - R8, Gamma_R8 := 69632bv64, true; - call rely(); - R8, Gamma_R8 := zero_extend32_32(memory_load32_le(mem, bvadd64(R8, 56bv64))), (gamma_load32(Gamma_mem, bvadd64(R8, 56bv64)) || L(mem, bvadd64(R8, 56bv64))); - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 4bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 4bv64), Gamma_R8); - assume {:captureState "%00000b92"} true; - goto l00000b65; - l00000b65: - assume {:captureState "l00000b65"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); - R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; - return; - lmain_goto_l00000ae0: - assume {:captureState "lmain_goto_l00000ae0"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l00000ae0; - lmain_goto_l00000ae3: - assume {:captureState "lmain_goto_l00000ae3"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l00000ae3; l00000ae6_goto_l00000aee: assume {:captureState "l00000ae6_goto_l00000aee"} true; assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); goto l00000aee; + l00000ae3: + assume {:captureState "l00000ae3"} true; + R8, Gamma_R8 := 1bv64, true; + goto l00000ae6; + l00000ae0: + assume {:captureState "l00000ae0"} true; + R8, Gamma_R8 := 0bv64, true; + goto l00000ae6; l00000ae6_goto_l00000bad: assume {:captureState "l00000ae6_goto_l00000bad"} true; assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); goto l00000bad; + lmain_goto_l00000ae3: + assume {:captureState "lmain_goto_l00000ae3"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l00000ae3; l00000aee_goto_l00000b1e: assume {:captureState "l00000aee_goto_l00000b1e"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); goto l00000b1e; - l00000aee_goto_l00000b21: - assume {:captureState "l00000aee_goto_l00000b21"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l00000b21; - l00000b24_goto_l00000b2c: - assume {:captureState "l00000b24_goto_l00000b2c"} true; - assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); - goto l00000b2c; - l00000b24_goto_l00000b98: - assume {:captureState "l00000b24_goto_l00000b98"} true; - assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); - goto l00000b98; - l00000b2c_goto_l00000b57: - assume {:captureState "l00000b2c_goto_l00000b57"} true; + l00000b65: + assume {:captureState "l00000b65"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); + R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + l00000b21: + assume {:captureState "l00000b21"} true; + R8, Gamma_R8 := 1bv64, true; + goto l00000b24; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + lmain_goto_l00000ae0: + assume {:captureState "lmain_goto_l00000ae0"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l00000b57; - l00000b2c_goto_l00000b5a: - assume {:captureState "l00000b2c_goto_l00000b5a"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l00000b5a; - l00000b5d_goto_l00000b65: - assume {:captureState "l00000b5d_goto_l00000b65"} true; - assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); - goto l00000b65; - l00000b5d_goto_l00000b7c: - assume {:captureState "l00000b5d_goto_l00000b7c"} true; - assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); - goto l00000b7c; + goto l00000ae0; + main_return: + assume {:captureState "main_return"} true; + return; } diff --git a/src/test/incorrect/nestedifglobal/clang_pic/nestedifglobal.expected b/src/test/incorrect/nestedifglobal/clang_pic/nestedifglobal.expected index b907550a3..40bee7d67 100644 --- a/src/test/incorrect/nestedifglobal/clang_pic/nestedifglobal.expected +++ b/src/test/incorrect/nestedifglobal/clang_pic/nestedifglobal.expected @@ -299,27 +299,54 @@ procedure main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; goto lmain_goto_l000003ae, lmain_goto_l000003ab; - l000003ae: - assume {:captureState "l000003ae"} true; - R8, Gamma_R8 := 1bv64, true; - goto l000003b1; - l000003ab: - assume {:captureState "l000003ab"} true; - R8, Gamma_R8 := 0bv64, true; - goto l000003b1; - l000003b1: - assume {:captureState "l000003b1"} true; - assert Gamma_R8; - goto l000003b1_goto_l000003b9, l000003b1_goto_l00000481; + l000003b1_goto_l000003b9: + assume {:captureState "l000003b1_goto_l000003b9"} true; + assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); + goto l000003b9; l00000481: assume {:captureState "l00000481"} true; goto l00000482; + l0000042a_goto_l00000432: + assume {:captureState "l0000042a_goto_l00000432"} true; + assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); + goto l00000432; l00000482: assume {:captureState "l00000482"} true; R8, Gamma_R8 := 3bv64, true; stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 20bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 20bv64), Gamma_R8); assume {:captureState "%00000490"} true; goto l000003b9; + l000003b9_goto_l000003eb: + assume {:captureState "l000003b9_goto_l000003eb"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l000003eb; + l00000449: + assume {:captureState "l00000449"} true; + goto l0000044a; + l00000427: + assume {:captureState "l00000427"} true; + R8, Gamma_R8 := 1bv64, true; + goto l0000042a; + l000003f1_goto_l0000046c: + assume {:captureState "l000003f1_goto_l0000046c"} true; + assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); + goto l0000046c; + l000003b9_goto_l000003ee: + assume {:captureState "l000003b9_goto_l000003ee"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l000003ee; + l00000424: + assume {:captureState "l00000424"} true; + R8, Gamma_R8 := 0bv64, true; + goto l0000042a; + l000003b1: + assume {:captureState "l000003b1"} true; + assert Gamma_R8; + goto l000003b1_goto_l000003b9, l000003b1_goto_l00000481; + l000003f1: + assume {:captureState "l000003f1"} true; + assert Gamma_R8; + goto l000003f1_goto_l000003f9, l000003f1_goto_l0000046c; l000003b9: assume {:captureState "l000003b9"} true; R8, Gamma_R8 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); @@ -333,27 +360,14 @@ procedure main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#5, 1bv32)), Gamma_#5; assert Gamma_ZF; goto l000003b9_goto_l000003eb, l000003b9_goto_l000003ee; - l000003ee: - assume {:captureState "l000003ee"} true; - R8, Gamma_R8 := 1bv64, true; - goto l000003f1; - l000003eb: - assume {:captureState "l000003eb"} true; - R8, Gamma_R8 := 0bv64, true; - goto l000003f1; - l000003f1: - assume {:captureState "l000003f1"} true; - assert Gamma_R8; - goto l000003f1_goto_l000003f9, l000003f1_goto_l0000046c; - l0000046c: - assume {:captureState "l0000046c"} true; - goto l0000046d; - l0000046d: - assume {:captureState "l0000046d"} true; - R8, Gamma_R8 := 5bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 20bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 20bv64), Gamma_R8); - assume {:captureState "%0000047b"} true; - goto l000003f9; + l000003b1_goto_l00000481: + assume {:captureState "l000003b1_goto_l00000481"} true; + assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); + goto l00000481; + l0000042a_goto_l00000449: + assume {:captureState "l0000042a_goto_l00000449"} true; + assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); + goto l00000449; l000003f9: assume {:captureState "l000003f9"} true; R8, Gamma_R8 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 20bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 20bv64)); @@ -365,21 +379,46 @@ procedure main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#6, 1bv32)), Gamma_#6; assert Gamma_ZF; goto l000003f9_goto_l00000424, l000003f9_goto_l00000427; - l00000427: - assume {:captureState "l00000427"} true; + lmain_goto_l000003ae: + assume {:captureState "lmain_goto_l000003ae"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l000003ae; + l000003eb: + assume {:captureState "l000003eb"} true; + R8, Gamma_R8 := 0bv64, true; + goto l000003f1; + l000003ee: + assume {:captureState "l000003ee"} true; R8, Gamma_R8 := 1bv64, true; - goto l0000042a; - l00000424: - assume {:captureState "l00000424"} true; + goto l000003f1; + l00000432: + assume {:captureState "l00000432"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; + goto main_return; + l000003f9_goto_l00000424: + assume {:captureState "l000003f9_goto_l00000424"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l00000424; + l000003ab: + assume {:captureState "l000003ab"} true; R8, Gamma_R8 := 0bv64, true; - goto l0000042a; - l0000042a: - assume {:captureState "l0000042a"} true; - assert Gamma_R8; - goto l0000042a_goto_l00000449, l0000042a_goto_l00000432; - l00000449: - assume {:captureState "l00000449"} true; - goto l0000044a; + goto l000003b1; + l000003ae: + assume {:captureState "l000003ae"} true; + R8, Gamma_R8 := 1bv64, true; + goto l000003b1; + l000003f9_goto_l00000427: + assume {:captureState "l000003f9_goto_l00000427"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l00000427; + lmain_goto_l000003ab: + assume {:captureState "lmain_goto_l000003ab"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l000003ab; + l0000046c: + assume {:captureState "l0000046c"} true; + goto l0000046d; l0000044a: assume {:captureState "l0000044a"} true; R8, Gamma_R8 := 65536bv64, true; @@ -390,57 +429,24 @@ procedure main() stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 20bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 20bv64), Gamma_R8); assume {:captureState "%00000466"} true; goto l00000432; - l00000432: - assume {:captureState "l00000432"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; - return; - lmain_goto_l000003ab: - assume {:captureState "lmain_goto_l000003ab"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l000003ab; - lmain_goto_l000003ae: - assume {:captureState "lmain_goto_l000003ae"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l000003ae; - l000003b1_goto_l000003b9: - assume {:captureState "l000003b1_goto_l000003b9"} true; - assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); - goto l000003b9; - l000003b1_goto_l00000481: - assume {:captureState "l000003b1_goto_l00000481"} true; - assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); - goto l00000481; - l000003b9_goto_l000003eb: - assume {:captureState "l000003b9_goto_l000003eb"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l000003eb; - l000003b9_goto_l000003ee: - assume {:captureState "l000003b9_goto_l000003ee"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l000003ee; l000003f1_goto_l000003f9: assume {:captureState "l000003f1_goto_l000003f9"} true; assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); goto l000003f9; - l000003f1_goto_l0000046c: - assume {:captureState "l000003f1_goto_l0000046c"} true; - assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); - goto l0000046c; - l000003f9_goto_l00000424: - assume {:captureState "l000003f9_goto_l00000424"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l00000424; - l000003f9_goto_l00000427: - assume {:captureState "l000003f9_goto_l00000427"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l00000427; - l0000042a_goto_l00000432: - assume {:captureState "l0000042a_goto_l00000432"} true; - assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); - goto l00000432; - l0000042a_goto_l00000449: - assume {:captureState "l0000042a_goto_l00000449"} true; - assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); - goto l00000449; + l0000042a: + assume {:captureState "l0000042a"} true; + assert Gamma_R8; + goto l0000042a_goto_l00000449, l0000042a_goto_l00000432; + l0000046d: + assume {:captureState "l0000046d"} true; + R8, Gamma_R8 := 5bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 20bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 20bv64), Gamma_R8); + assume {:captureState "%0000047b"} true; + goto l000003f9; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + main_return: + assume {:captureState "main_return"} true; + return; } diff --git a/src/test/incorrect/nestedifglobal/gcc/nestedifglobal.expected b/src/test/incorrect/nestedifglobal/gcc/nestedifglobal.expected index b04c26305..f3485a5ed 100644 --- a/src/test/incorrect/nestedifglobal/gcc/nestedifglobal.expected +++ b/src/test/incorrect/nestedifglobal/gcc/nestedifglobal.expected @@ -229,12 +229,24 @@ procedure main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; goto lmain_goto_l00000414, lmain_goto_l00000381; - l00000414: - assume {:captureState "l00000414"} true; - R0, Gamma_R0 := 3bv64, true; + l000003d8: + assume {:captureState "l000003d8"} true; + R0, Gamma_R0 := 0bv64, true; + R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; + goto main_return; + lmain_goto_l00000414: + assume {:captureState "lmain_goto_l00000414"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); + goto l00000414; + l000003ed: + assume {:captureState "l000003ed"} true; + R0, Gamma_R0 := 69632bv64, true; + R0, Gamma_R0 := bvadd64(R0, 24bv64), Gamma_R0; + call rely(); + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, R0)), (gamma_load32(Gamma_mem, R0) || L(mem, R0)); stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 28bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 28bv64), Gamma_R0); - assume {:captureState "%0000041f"} true; - goto l00000381; + assume {:captureState "%00000405"} true; + goto l000003d8; l00000381: assume {:captureState "l00000381"} true; R0, Gamma_R0 := 69632bv64, true; @@ -248,12 +260,26 @@ procedure main() NF, Gamma_NF := bvadd32(#5, 1bv32)[32:31], Gamma_#5; assert Gamma_ZF; goto l00000381_goto_l000003b2, l00000381_goto_l00000407; + l000003b2_goto_l000003ed: + assume {:captureState "l000003b2_goto_l000003ed"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); + goto l000003ed; l00000407: assume {:captureState "l00000407"} true; R0, Gamma_R0 := 5bv64, true; stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 28bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 28bv64), Gamma_R0); assume {:captureState "%00000412"} true; goto l000003b2; + l00000414: + assume {:captureState "l00000414"} true; + R0, Gamma_R0 := 3bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 28bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 28bv64), Gamma_R0); + assume {:captureState "%0000041f"} true; + goto l00000381; + l00000381_goto_l000003b2: + assume {:captureState "l00000381_goto_l000003b2"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); + goto l000003b2; l000003b2: assume {:captureState "l000003b2"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -264,42 +290,22 @@ procedure main() NF, Gamma_NF := bvadd32(#6, 1bv32)[32:31], Gamma_#6; assert Gamma_ZF; goto l000003b2_goto_l000003d8, l000003b2_goto_l000003ed; - l000003ed: - assume {:captureState "l000003ed"} true; - R0, Gamma_R0 := 69632bv64, true; - R0, Gamma_R0 := bvadd64(R0, 24bv64), Gamma_R0; - call rely(); - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, R0)), (gamma_load32(Gamma_mem, R0) || L(mem, R0)); - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 28bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 28bv64), Gamma_R0); - assume {:captureState "%00000405"} true; - goto l000003d8; - l000003d8: - assume {:captureState "l000003d8"} true; - R0, Gamma_R0 := 0bv64, true; - R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; - return; - lmain_goto_l00000381: - assume {:captureState "lmain_goto_l00000381"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); - goto l00000381; - lmain_goto_l00000414: - assume {:captureState "lmain_goto_l00000414"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); - goto l00000414; - l00000381_goto_l000003b2: - assume {:captureState "l00000381_goto_l000003b2"} true; + l000003b2_goto_l000003d8: + assume {:captureState "l000003b2_goto_l000003d8"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); - goto l000003b2; + goto l000003d8; + terminate: + assume {:captureState "terminate"} true; + goto terminate; l00000381_goto_l00000407: assume {:captureState "l00000381_goto_l00000407"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); goto l00000407; - l000003b2_goto_l000003d8: - assume {:captureState "l000003b2_goto_l000003d8"} true; + lmain_goto_l00000381: + assume {:captureState "lmain_goto_l00000381"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); - goto l000003d8; - l000003b2_goto_l000003ed: - assume {:captureState "l000003b2_goto_l000003ed"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); - goto l000003ed; + goto l00000381; + main_return: + assume {:captureState "main_return"} true; + return; } diff --git a/src/test/incorrect/nestedifglobal/gcc_no_plt_no_pic/nestedifglobal.expected b/src/test/incorrect/nestedifglobal/gcc_no_plt_no_pic/nestedifglobal.expected index 805a86bd5..57f035e0f 100644 --- a/src/test/incorrect/nestedifglobal/gcc_no_plt_no_pic/nestedifglobal.expected +++ b/src/test/incorrect/nestedifglobal/gcc_no_plt_no_pic/nestedifglobal.expected @@ -229,6 +229,40 @@ procedure main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; goto lmain_goto_l00000b0c, lmain_goto_l00000a79; + l00000aaa_goto_l00000ae5: + assume {:captureState "l00000aaa_goto_l00000ae5"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); + goto l00000ae5; + lmain_goto_l00000a79: + assume {:captureState "lmain_goto_l00000a79"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); + goto l00000a79; + l00000a79_goto_l00000aaa: + assume {:captureState "l00000a79_goto_l00000aaa"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); + goto l00000aaa; + l00000a79_goto_l00000aff: + assume {:captureState "l00000a79_goto_l00000aff"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); + goto l00000aff; + l00000ae5: + assume {:captureState "l00000ae5"} true; + R0, Gamma_R0 := 69632bv64, true; + R0, Gamma_R0 := bvadd64(R0, 24bv64), Gamma_R0; + call rely(); + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, R0)), (gamma_load32(Gamma_mem, R0) || L(mem, R0)); + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 28bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 28bv64), Gamma_R0); + assume {:captureState "%00000afd"} true; + goto l00000ad0; + l00000ad0: + assume {:captureState "l00000ad0"} true; + R0, Gamma_R0 := 0bv64, true; + R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; + goto main_return; + lmain_goto_l00000b0c: + assume {:captureState "lmain_goto_l00000b0c"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); + goto l00000b0c; l00000b0c: assume {:captureState "l00000b0c"} true; R0, Gamma_R0 := 3bv64, true; @@ -248,12 +282,6 @@ procedure main() NF, Gamma_NF := bvadd32(#5, 1bv32)[32:31], Gamma_#5; assert Gamma_ZF; goto l00000a79_goto_l00000aaa, l00000a79_goto_l00000aff; - l00000aff: - assume {:captureState "l00000aff"} true; - R0, Gamma_R0 := 5bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 28bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 28bv64), Gamma_R0); - assume {:captureState "%00000b0a"} true; - goto l00000aaa; l00000aaa: assume {:captureState "l00000aaa"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -264,42 +292,20 @@ procedure main() NF, Gamma_NF := bvadd32(#6, 1bv32)[32:31], Gamma_#6; assert Gamma_ZF; goto l00000aaa_goto_l00000ae5, l00000aaa_goto_l00000ad0; - l00000ae5: - assume {:captureState "l00000ae5"} true; - R0, Gamma_R0 := 69632bv64, true; - R0, Gamma_R0 := bvadd64(R0, 24bv64), Gamma_R0; - call rely(); - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, R0)), (gamma_load32(Gamma_mem, R0) || L(mem, R0)); + l00000aff: + assume {:captureState "l00000aff"} true; + R0, Gamma_R0 := 5bv64, true; stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 28bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 28bv64), Gamma_R0); - assume {:captureState "%00000afd"} true; - goto l00000ad0; - l00000ad0: - assume {:captureState "l00000ad0"} true; - R0, Gamma_R0 := 0bv64, true; - R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; - return; - lmain_goto_l00000a79: - assume {:captureState "lmain_goto_l00000a79"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); - goto l00000a79; - lmain_goto_l00000b0c: - assume {:captureState "lmain_goto_l00000b0c"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); - goto l00000b0c; - l00000a79_goto_l00000aaa: - assume {:captureState "l00000a79_goto_l00000aaa"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); + assume {:captureState "%00000b0a"} true; goto l00000aaa; - l00000a79_goto_l00000aff: - assume {:captureState "l00000a79_goto_l00000aff"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); - goto l00000aff; + terminate: + assume {:captureState "terminate"} true; + goto terminate; l00000aaa_goto_l00000ad0: assume {:captureState "l00000aaa_goto_l00000ad0"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); goto l00000ad0; - l00000aaa_goto_l00000ae5: - assume {:captureState "l00000aaa_goto_l00000ae5"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); - goto l00000ae5; + main_return: + assume {:captureState "main_return"} true; + return; } diff --git a/src/test/incorrect/nestedifglobal/gcc_pic/nestedifglobal.expected b/src/test/incorrect/nestedifglobal/gcc_pic/nestedifglobal.expected index df2ded000..16f293b4a 100644 --- a/src/test/incorrect/nestedifglobal/gcc_pic/nestedifglobal.expected +++ b/src/test/incorrect/nestedifglobal/gcc_pic/nestedifglobal.expected @@ -287,12 +287,43 @@ procedure main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; goto lmain_goto_l00000383, lmain_goto_l00000418; - l00000418: - assume {:captureState "l00000418"} true; - R0, Gamma_R0 := 3bv64, true; + l000003b5: + assume {:captureState "l000003b5"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #6, Gamma_#6 := bvadd32(R0[32:0], 4294967292bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#6, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934589bv33))), (Gamma_R0 && Gamma_#6); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#6, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967293bv33))), (Gamma_R0 && Gamma_#6); + ZF, Gamma_ZF := bvcomp32(bvadd32(#6, 1bv32), 0bv32), Gamma_#6; + NF, Gamma_NF := bvadd32(#6, 1bv32)[32:31], Gamma_#6; + assert Gamma_ZF; + goto l000003b5_goto_l000003f0, l000003b5_goto_l000003db; + l0000040b: + assume {:captureState "l0000040b"} true; + R0, Gamma_R0 := 5bv64, true; stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 28bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 28bv64), Gamma_R0); - assume {:captureState "%00000423"} true; - goto l00000383; + assume {:captureState "%00000416"} true; + goto l000003b5; + l000003b5_goto_l000003f0: + assume {:captureState "l000003b5_goto_l000003f0"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); + goto l000003f0; + l000003db: + assume {:captureState "l000003db"} true; + R0, Gamma_R0 := 0bv64, true; + R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; + goto main_return; + l00000383_goto_l0000040b: + assume {:captureState "l00000383_goto_l0000040b"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); + goto l0000040b; + l00000383_goto_l000003b5: + assume {:captureState "l00000383_goto_l000003b5"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); + goto l000003b5; + lmain_goto_l00000418: + assume {:captureState "lmain_goto_l00000418"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); + goto l00000418; l00000383: assume {:captureState "l00000383"} true; R0, Gamma_R0 := 65536bv64, true; @@ -307,22 +338,23 @@ procedure main() NF, Gamma_NF := bvadd32(#5, 1bv32)[32:31], Gamma_#5; assert Gamma_ZF; goto l00000383_goto_l0000040b, l00000383_goto_l000003b5; - l0000040b: - assume {:captureState "l0000040b"} true; - R0, Gamma_R0 := 5bv64, true; + lmain_goto_l00000383: + assume {:captureState "lmain_goto_l00000383"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); + goto l00000383; + l00000418: + assume {:captureState "l00000418"} true; + R0, Gamma_R0 := 3bv64, true; stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 28bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 28bv64), Gamma_R0); - assume {:captureState "%00000416"} true; - goto l000003b5; - l000003b5: - assume {:captureState "l000003b5"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #6, Gamma_#6 := bvadd32(R0[32:0], 4294967292bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#6, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934589bv33))), (Gamma_R0 && Gamma_#6); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#6, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967293bv33))), (Gamma_R0 && Gamma_#6); - ZF, Gamma_ZF := bvcomp32(bvadd32(#6, 1bv32), 0bv32), Gamma_#6; - NF, Gamma_NF := bvadd32(#6, 1bv32)[32:31], Gamma_#6; - assert Gamma_ZF; - goto l000003b5_goto_l000003f0, l000003b5_goto_l000003db; + assume {:captureState "%00000423"} true; + goto l00000383; + terminate: + assume {:captureState "terminate"} true; + goto terminate; + l000003b5_goto_l000003db: + assume {:captureState "l000003b5_goto_l000003db"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); + goto l000003db; l000003f0: assume {:captureState "l000003f0"} true; R0, Gamma_R0 := 65536bv64, true; @@ -333,33 +365,7 @@ procedure main() stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 28bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 28bv64), Gamma_R0); assume {:captureState "%00000409"} true; goto l000003db; - l000003db: - assume {:captureState "l000003db"} true; - R0, Gamma_R0 := 0bv64, true; - R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; + main_return: + assume {:captureState "main_return"} true; return; - lmain_goto_l00000383: - assume {:captureState "lmain_goto_l00000383"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); - goto l00000383; - lmain_goto_l00000418: - assume {:captureState "lmain_goto_l00000418"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); - goto l00000418; - l00000383_goto_l000003b5: - assume {:captureState "l00000383_goto_l000003b5"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); - goto l000003b5; - l00000383_goto_l0000040b: - assume {:captureState "l00000383_goto_l0000040b"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); - goto l0000040b; - l000003b5_goto_l000003db: - assume {:captureState "l000003b5_goto_l000003db"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); - goto l000003db; - l000003b5_goto_l000003f0: - assume {:captureState "l000003b5_goto_l000003f0"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); - goto l000003f0; } From 0fe3041de7f7a2e36c68272317af9a7318243e27 Mon Sep 17 00:00:00 2001 From: Alistair Michael Date: Tue, 28 Nov 2023 19:02:31 +1000 Subject: [PATCH 24/42] cleanup --- src/main/scala/translating/BAPToIR.scala | 6 +- src/main/scala/util/RunUtils.scala | 1 - .../clang/arrays_simple.expected | 3 - .../clang_O2/arrays_simple.expected | 3 - .../arrays_simple.expected | 3 - .../clang_pic/arrays_simple.expected | 3 - .../gcc_O2/arrays_simple.expected | 3 - .../clang/basic_arrays_read.expected | 3 - .../clang_O2/basic_arrays_read.expected | 3 - .../basic_arrays_read.expected | 3 - .../clang_pic/basic_arrays_read.expected | 3 - .../gcc/basic_arrays_read.expected | 3 - .../gcc_O2/basic_arrays_read.expected | 3 - .../basic_arrays_read.expected | 3 - .../gcc_pic/basic_arrays_read.expected | 3 - .../clang/basic_arrays_write.expected | 3 - .../clang_O2/basic_arrays_write.expected | 3 - .../basic_arrays_write.expected | 3 - .../clang_pic/basic_arrays_write.expected | 3 - .../gcc/basic_arrays_write.expected | 3 - .../gcc_O2/basic_arrays_write.expected | 3 - .../basic_arrays_write.expected | 3 - .../gcc_pic/basic_arrays_write.expected | 3 - .../clang/basic_assign_assign.expected | 3 - .../clang_O2/basic_assign_assign.expected | 3 - .../basic_assign_assign.expected | 3 - .../clang_pic/basic_assign_assign.expected | 3 - .../gcc/basic_assign_assign.expected | 3 - .../gcc_O2/basic_assign_assign.expected | 3 - .../basic_assign_assign.expected | 3 - .../gcc_pic/basic_assign_assign.expected | 3 - .../clang/basic_assign_increment.expected | 3 - .../clang_O2/basic_assign_increment.expected | 3 - .../basic_assign_increment.expected | 3 - .../clang_pic/basic_assign_increment.expected | 3 - .../gcc/basic_assign_increment.expected | 3 - .../gcc_O2/basic_assign_increment.expected | 3 - .../basic_assign_increment.expected | 3 - .../gcc_pic/basic_assign_increment.expected | 3 - .../clang/basic_function_call_caller.expected | 6 - .../basic_function_call_caller.expected | 3 - .../basic_function_call_caller.expected | 6 - .../basic_function_call_caller.expected | 6 - .../gcc/basic_function_call_caller.expected | 6 - .../basic_function_call_caller.expected | 3 - .../basic_function_call_caller.expected | 6 - .../basic_function_call_caller.expected | 6 - .../clang/basic_function_call_reader.expected | 41 +- .../basic_function_call_reader.expected | 3 - .../basic_function_call_reader.expected | 41 +- .../basic_function_call_reader.expected | 19 +- .../gcc/basic_function_call_reader.expected | 3 - .../basic_function_call_reader.expected | 3 - .../basic_function_call_reader.expected | 3 - .../basic_function_call_reader.expected | 3 - .../clang/basic_lock_read.expected | 3 - .../clang_O2/basic_lock_read.expected | 3 - .../basic_lock_read.expected | 3 - .../clang_pic/basic_lock_read.expected | 3 - .../gcc/basic_lock_read.expected | 3 - .../gcc_O2/basic_lock_read.expected | 3 - .../basic_lock_read.expected | 3 - .../gcc_pic/basic_lock_read.expected | 3 - .../clang/basic_lock_security_read.expected | 3 - .../basic_lock_security_read.expected | 3 - .../basic_lock_security_read.expected | 3 - .../basic_lock_security_read.expected | 3 - .../gcc/basic_lock_security_read.expected | 3 - .../gcc_O2/basic_lock_security_read.expected | 3 - .../basic_lock_security_read.expected | 3 - .../gcc_pic/basic_lock_security_read.expected | 3 - .../clang/basic_lock_security_write.expected | 3 - .../basic_lock_security_write.expected | 3 - .../basic_lock_security_write.expected | 3 - .../basic_lock_security_write.expected | 3 - .../gcc/basic_lock_security_write.expected | 3 - .../gcc_O2/basic_lock_security_write.expected | 3 - .../basic_lock_security_write.expected | 3 - .../basic_lock_security_write.expected | 3 - .../clang/basic_lock_unlock.expected | 3 - .../clang_O2/basic_lock_unlock.expected | 3 - .../basic_lock_unlock.expected | 3 - .../clang_pic/basic_lock_unlock.expected | 3 - .../gcc/basic_lock_unlock.expected | 3 - .../gcc_O2/basic_lock_unlock.expected | 3 - .../basic_lock_unlock.expected | 3 - .../gcc_pic/basic_lock_unlock.expected | 3 - .../clang/basic_loop_assign.expected | 3 - .../clang_O2/basic_loop_assign.expected | 3 - .../basic_loop_assign.expected | 3 - .../clang_pic/basic_loop_assign.expected | 3 - .../gcc/basic_loop_assign.expected | 3 - .../gcc_O2/basic_loop_assign.expected | 3 - .../basic_loop_assign.expected | 3 - .../gcc_pic/basic_loop_assign.expected | 3 - .../clang/basic_operation_evaluation.expected | 3 - .../basic_operation_evaluation.expected | 3 - .../basic_operation_evaluation.expected | 3 - .../basic_operation_evaluation.expected | 3 - .../gcc/basic_operation_evaluation.expected | 3 - .../basic_operation_evaluation.expected | 3 - .../basic_operation_evaluation.expected | 3 - .../basic_operation_evaluation.expected | 3 - .../clang/basic_sec_policy_read.expected | 3 - .../clang_O2/basic_sec_policy_read.expected | 3 - .../basic_sec_policy_read.expected | 3 - .../clang_pic/basic_sec_policy_read.expected | 3 - .../gcc/basic_sec_policy_read.expected | 3 - .../gcc_O2/basic_sec_policy_read.expected | 3 - .../basic_sec_policy_read.expected | 3 - .../gcc_pic/basic_sec_policy_read.expected | 3 - .../clang/basic_sec_policy_write.expected | 3 - .../clang_O2/basic_sec_policy_write.expected | 3 - .../basic_sec_policy_write.expected | 3 - .../clang_pic/basic_sec_policy_write.expected | 3 - .../gcc/basic_sec_policy_write.expected | 3 - .../gcc_O2/basic_sec_policy_write.expected | 3 - .../basic_sec_policy_write.expected | 3 - .../gcc_pic/basic_sec_policy_write.expected | 3 - .../clang/basicassign_gamma0.expected | 3 - .../clang_O2/basicassign_gamma0.expected | 3 - .../basicassign_gamma0.expected | 3 - .../clang_pic/basicassign_gamma0.expected | 3 - .../gcc/basicassign_gamma0.expected | 3 - .../gcc_O2/basicassign_gamma0.expected | 3 - .../basicassign_gamma0.expected | 3 - .../gcc_pic/basicassign_gamma0.expected | 3 - .../basicfree/clang/basicfree.expected | 3 - .../basicfree/clang_O2/basicfree.expected | 3 - .../clang_no_plt_no_pic/basicfree.expected | 3 - .../basicfree/clang_pic/basicfree.expected | 3 - .../correct/basicfree/gcc/basicfree.expected | 3 - .../basicfree/gcc_O2/basicfree.expected | 3 - .../gcc_no_plt_no_pic/basicfree.expected | 3 - .../basicfree/gcc_pic/basicfree.expected | 3 - src/test/correct/cjump/clang/cjump.expected | 37 +- .../correct/cjump/clang_O2/cjump.expected | 3 - .../cjump/clang_no_plt_no_pic/cjump.expected | 35 +- .../correct/cjump/clang_pic/cjump.expected | 51 +- src/test/correct/cjump/gcc/cjump.expected | 3 - src/test/correct/cjump/gcc_O2/cjump.expected | 3 - .../cjump/gcc_no_plt_no_pic/cjump.expected | 3 - src/test/correct/cjump/gcc_pic/cjump.expected | 3 - .../correct/function/clang/function.expected | 6 - .../function/clang_O2/function.expected | 3 - .../clang_no_plt_no_pic/function.expected | 6 - .../function/clang_pic/function.expected | 6 - .../correct/function/gcc/function.expected | 6 - .../correct/function/gcc_O2/function.expected | 3 - .../gcc_no_plt_no_pic/function.expected | 6 - .../function/gcc_pic/function.expected | 6 - .../function1/clang/function1.expected | 6 - .../function1/clang_O2/function1.expected | 3 - .../clang_no_plt_no_pic/function1.expected | 6 - .../function1/clang_pic/function1.expected | 6 - .../correct/function1/gcc/function1.expected | 6 - .../function1/gcc_O2/function1.expected | 3 - .../gcc_no_plt_no_pic/function1.expected | 6 - .../function1/gcc_pic/function1.expected | 6 - .../clang/functions_with_params.expected | 6 - .../clang_O2/functions_with_params.expected | 3 - .../functions_with_params.expected | 6 - .../clang_pic/functions_with_params.expected | 6 - .../gcc/functions_with_params.expected | 6 - .../gcc_O2/functions_with_params.expected | 3 - .../functions_with_params.expected | 6 - .../gcc_pic/functions_with_params.expected | 6 - .../ifbranches/clang/ifbranches.expected | 29 +- .../ifbranches/clang_O2/ifbranches.expected | 3 - .../clang_no_plt_no_pic/ifbranches.expected | 27 +- .../ifbranches/clang_pic/ifbranches.expected | 27 +- .../ifbranches/gcc/ifbranches.expected | 3 - .../ifbranches/gcc_O2/ifbranches.expected | 3 - .../gcc_no_plt_no_pic/ifbranches.expected | 3 - .../ifbranches/gcc_pic/ifbranches.expected | 3 - .../correct/ifglobal/clang/ifglobal.expected | 3 - .../ifglobal/clang_O2/ifglobal.expected | 3 - .../clang_no_plt_no_pic/ifglobal.expected | 3 - .../ifglobal/clang_pic/ifglobal.expected | 3 - .../correct/ifglobal/gcc/ifglobal.expected | 3 - .../correct/ifglobal/gcc_O2/ifglobal.expected | 3 - .../gcc_no_plt_no_pic/ifglobal.expected | 3 - .../ifglobal/gcc_pic/ifglobal.expected | 3 - .../clang_O2/indirect_call.expected | 3 - .../gcc_O2/indirect_call.expected | 6 - .../clang/initialisation.expected | 3 - .../clang_O2/initialisation.expected | 3 - .../initialisation.expected | 3 - .../clang_pic/initialisation.expected | 3 - .../gcc/initialisation.expected | 3 - .../gcc_O2/initialisation.expected | 3 - .../gcc_no_plt_no_pic/initialisation.expected | 3 - .../gcc_pic/initialisation.expected | 3 - .../jumptable/clang_O2/jumptable.expected | 3 - .../jumptable/gcc_O2/jumptable.expected | 12 - .../jumptable3/gcc/jumptable3.expected | 516 +++++++++--------- .../jumptable3/gcc_O2/jumptable3.expected | 3 - .../gcc_no_plt_no_pic/jumptable3.expected | 488 ++++++++--------- .../jumptable3/gcc_pic/jumptable3.expected | 474 ++++++++-------- .../clang/malloc_with_local.expected | 3 - .../clang_O2/malloc_with_local.expected | 3 - .../malloc_with_local.expected | 3 - .../clang_pic/malloc_with_local.expected | 3 - .../gcc/malloc_with_local.expected | 3 - .../gcc_O2/malloc_with_local.expected | 3 - .../malloc_with_local.expected | 3 - .../gcc_pic/malloc_with_local.expected | 3 - .../clang/malloc_with_local2.expected | 3 - .../clang_O2/malloc_with_local2.expected | 3 - .../malloc_with_local2.expected | 3 - .../clang_pic/malloc_with_local2.expected | 3 - .../gcc/malloc_with_local2.expected | 3 - .../gcc_O2/malloc_with_local2.expected | 3 - .../malloc_with_local2.expected | 3 - .../gcc_pic/malloc_with_local2.expected | 3 - .../clang/malloc_with_local3.expected | 6 - .../clang_O2/malloc_with_local3.expected | 3 - .../malloc_with_local3.expected | 6 - .../clang_pic/malloc_with_local3.expected | 6 - .../gcc/malloc_with_local3.expected | 6 - .../gcc_O2/malloc_with_local3.expected | 6 - .../malloc_with_local3.expected | 6 - .../gcc_pic/malloc_with_local3.expected | 6 - .../multi_malloc/clang/multi_malloc.expected | 3 - .../clang_O2/multi_malloc.expected | 3 - .../clang_no_plt_no_pic/multi_malloc.expected | 3 - .../clang_pic/multi_malloc.expected | 3 - .../multi_malloc/gcc/multi_malloc.expected | 3 - .../multi_malloc/gcc_O2/multi_malloc.expected | 3 - .../gcc_no_plt_no_pic/multi_malloc.expected | 3 - .../gcc_pic/multi_malloc.expected | 3 - .../correct/nestedif/clang/nestedif.expected | 3 - .../nestedif/clang_O2/nestedif.expected | 3 - .../clang_no_plt_no_pic/nestedif.expected | 3 - .../nestedif/clang_pic/nestedif.expected | 3 - .../correct/nestedif/gcc/nestedif.expected | 3 - .../correct/nestedif/gcc_O2/nestedif.expected | 3 - .../gcc_no_plt_no_pic/nestedif.expected | 3 - .../nestedif/gcc_pic/nestedif.expected | 3 - .../clang/no_interference_update_x.expected | 3 - .../no_interference_update_x.expected | 3 - .../no_interference_update_x.expected | 3 - .../no_interference_update_x.expected | 3 - .../gcc/no_interference_update_x.expected | 3 - .../gcc_O2/no_interference_update_x.expected | 3 - .../no_interference_update_x.expected | 3 - .../gcc_pic/no_interference_update_x.expected | 3 - .../clang/no_interference_update_y.expected | 3 - .../no_interference_update_y.expected | 3 - .../no_interference_update_y.expected | 3 - .../no_interference_update_y.expected | 3 - .../gcc/no_interference_update_y.expected | 3 - .../gcc_O2/no_interference_update_y.expected | 3 - .../no_interference_update_y.expected | 3 - .../gcc_pic/no_interference_update_y.expected | 3 - .../secret_write/clang/secret_write.expected | 3 - .../clang_O2/secret_write.expected | 3 - .../clang_no_plt_no_pic/secret_write.expected | 3 - .../clang_pic/secret_write.expected | 3 - .../secret_write/gcc/secret_write.expected | 3 - .../secret_write/gcc_O2/secret_write.expected | 3 - .../gcc_no_plt_no_pic/secret_write.expected | 3 - .../gcc_pic/secret_write.expected | 3 - .../simple_jump/clang/simple_jump.expected | 3 - .../simple_jump/clang_O2/simple_jump.expected | 3 - .../clang_no_plt_no_pic/simple_jump.expected | 3 - .../clang_pic/simple_jump.expected | 3 - .../simple_jump/gcc/simple_jump.expected | 3 - .../simple_jump/gcc_O2/simple_jump.expected | 3 - .../gcc_no_plt_no_pic/simple_jump.expected | 3 - .../simple_jump/gcc_pic/simple_jump.expected | 3 - src/test/correct/switch/clang/switch.expected | 3 - .../correct/switch/clang_O2/switch.expected | 3 - .../clang_no_plt_no_pic/switch.expected | 3 - .../correct/switch/clang_pic/switch.expected | 3 - src/test/correct/switch/gcc/switch.expected | 3 - .../correct/switch/gcc_O2/switch.expected | 3 - .../switch/gcc_no_plt_no_pic/switch.expected | 3 - .../correct/switch/gcc_pic/switch.expected | 3 - .../correct/switch2/clang_O2/switch2.expected | 3 - src/test/correct/switch2/gcc/switch2.expected | 6 - .../correct/switch2/gcc_O2/switch2.expected | 3 - .../gcc_no_plt_no_pic/switch2.expected | 6 - .../correct/switch2/gcc_pic/switch2.expected | 6 - .../correct/syscall/clang/syscall.expected | 3 - .../clang_no_plt_no_pic/syscall.expected | 3 - .../syscall/clang_pic/syscall.expected | 3 - src/test/correct/syscall/gcc/syscall.expected | 3 - .../gcc_no_plt_no_pic/syscall.expected | 3 - .../correct/syscall/gcc_pic/syscall.expected | 3 - .../clang/using_gamma_conditional.expected | 49 +- .../clang_O2/using_gamma_conditional.expected | 3 - .../using_gamma_conditional.expected | 29 +- .../using_gamma_conditional.expected | 19 +- .../gcc/using_gamma_conditional.expected | 3 - .../gcc_O2/using_gamma_conditional.expected | 3 - .../using_gamma_conditional.expected | 3 - .../gcc_pic/using_gamma_conditional.expected | 3 - .../clang/using_gamma_write_z.expected | 3 - .../clang_O2/using_gamma_write_z.expected | 3 - .../using_gamma_write_z.expected | 3 - .../clang_pic/using_gamma_write_z.expected | 3 - .../gcc/using_gamma_write_z.expected | 3 - .../gcc_O2/using_gamma_write_z.expected | 3 - .../using_gamma_write_z.expected | 3 - .../gcc_pic/using_gamma_write_z.expected | 3 - .../basicassign/clang/basicassign.expected | 3 - .../basicassign/clang_O2/basicassign.expected | 3 - .../clang_no_plt_no_pic/basicassign.expected | 3 - .../clang_pic/basicassign.expected | 3 - .../basicassign/gcc/basicassign.expected | 3 - .../basicassign/gcc_O2/basicassign.expected | 3 - .../gcc_no_plt_no_pic/basicassign.expected | 3 - .../basicassign/gcc_pic/basicassign.expected | 3 - .../basicassign1/clang/basicassign1.expected | 3 - .../clang_O2/basicassign1.expected | 3 - .../clang_no_plt_no_pic/basicassign1.expected | 3 - .../clang_pic/basicassign1.expected | 3 - .../basicassign1/gcc/basicassign1.expected | 3 - .../basicassign1/gcc_O2/basicassign1.expected | 3 - .../gcc_no_plt_no_pic/basicassign1.expected | 3 - .../gcc_pic/basicassign1.expected | 3 - .../basicassign2/clang/basicassign2.expected | 3 - .../clang_O2/basicassign2.expected | 3 - .../clang_no_plt_no_pic/basicassign2.expected | 3 - .../clang_pic/basicassign2.expected | 3 - .../basicassign2/gcc/basicassign2.expected | 3 - .../basicassign2/gcc_O2/basicassign2.expected | 3 - .../gcc_no_plt_no_pic/basicassign2.expected | 3 - .../gcc_pic/basicassign2.expected | 3 - .../basicassign3/clang/basicassign3.expected | 3 - .../clang_O2/basicassign3.expected | 3 - .../clang_no_plt_no_pic/basicassign3.expected | 3 - .../clang_pic/basicassign3.expected | 3 - .../basicassign3/gcc/basicassign3.expected | 3 - .../basicassign3/gcc_O2/basicassign3.expected | 3 - .../gcc_no_plt_no_pic/basicassign3.expected | 3 - .../gcc_pic/basicassign3.expected | 3 - .../incorrect/iflocal/clang/iflocal.expected | 3 - .../clang_no_plt_no_pic/iflocal.expected | 3 - .../iflocal/clang_pic/iflocal.expected | 3 - .../incorrect/iflocal/gcc/iflocal.expected | 3 - .../gcc_no_plt_no_pic/iflocal.expected | 3 - .../iflocal/gcc_pic/iflocal.expected | 3 - .../clang/nestedifglobal.expected | 3 - .../nestedifglobal.expected | 3 - .../clang_pic/nestedifglobal.expected | 3 - .../gcc/nestedifglobal.expected | 3 - .../gcc_no_plt_no_pic/nestedifglobal.expected | 3 - .../gcc_pic/nestedifglobal.expected | 3 - 350 files changed, 906 insertions(+), 2096 deletions(-) diff --git a/src/main/scala/translating/BAPToIR.scala b/src/main/scala/translating/BAPToIR.scala index b27824d56..a12c54b88 100644 --- a/src/main/scala/translating/BAPToIR.scala +++ b/src/main/scala/translating/BAPToIR.scala @@ -20,12 +20,8 @@ class BAPToIR(var program: BAPProgram, mainAddress: Int) { val procedures: ArrayBuffer[Procedure] = ArrayBuffer() for (s <- program.subroutines) { val procedure = Procedure(s.name, Some(s.address)) - val t = Block("terminate", None) - t.replaceJump(GoTo(Seq(t))) - procedure.addBlocks(t) - for (b <- s.blocks) { - val block = Block(b.label, b.address, ArrayBuffer(), GoTo(Seq(t))) + val block = Block(b.label, b.address) procedure.addBlocks(block) labelToBlock.addOne(b.label, block) } diff --git a/src/main/scala/util/RunUtils.scala b/src/main/scala/util/RunUtils.scala index 0ad3f9968..4793a6da7 100644 --- a/src/main/scala/util/RunUtils.scala +++ b/src/main/scala/util/RunUtils.scala @@ -457,7 +457,6 @@ object RunUtils { val assume = Assume(BinaryExpr(BVEQ, indirectCall.target, BitVecLiteral(t.address.get, 64)), null) val newLabel: String = block.label + t.name val bl = Block(newLabel, None, ArrayBuffer(assume), DirectCall(t, indirectCall.returnTarget, None)) - //val directCall = DirectCall(t, indirectCall.returnTarget, null) newBlocks.append(bl) } procedure.addBlocks(newBlocks) diff --git a/src/test/correct/arrays_simple/clang/arrays_simple.expected b/src/test/correct/arrays_simple/clang/arrays_simple.expected index 121e04c73..acd9f42f2 100644 --- a/src/test/correct/arrays_simple/clang/arrays_simple.expected +++ b/src/test/correct/arrays_simple/clang/arrays_simple.expected @@ -195,9 +195,6 @@ procedure main() R0, Gamma_R0 := 0bv64, true; R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/arrays_simple/clang_O2/arrays_simple.expected b/src/test/correct/arrays_simple/clang_O2/arrays_simple.expected index 91c86ad15..dfea39b15 100644 --- a/src/test/correct/arrays_simple/clang_O2/arrays_simple.expected +++ b/src/test/correct/arrays_simple/clang_O2/arrays_simple.expected @@ -158,9 +158,6 @@ procedure main() assume {:captureState "lmain"} true; R0, Gamma_R0 := 0bv64, true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/arrays_simple/clang_no_plt_no_pic/arrays_simple.expected b/src/test/correct/arrays_simple/clang_no_plt_no_pic/arrays_simple.expected index 121e04c73..acd9f42f2 100644 --- a/src/test/correct/arrays_simple/clang_no_plt_no_pic/arrays_simple.expected +++ b/src/test/correct/arrays_simple/clang_no_plt_no_pic/arrays_simple.expected @@ -195,9 +195,6 @@ procedure main() R0, Gamma_R0 := 0bv64, true; R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/arrays_simple/clang_pic/arrays_simple.expected b/src/test/correct/arrays_simple/clang_pic/arrays_simple.expected index 121e04c73..acd9f42f2 100644 --- a/src/test/correct/arrays_simple/clang_pic/arrays_simple.expected +++ b/src/test/correct/arrays_simple/clang_pic/arrays_simple.expected @@ -195,9 +195,6 @@ procedure main() R0, Gamma_R0 := 0bv64, true; R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/arrays_simple/gcc_O2/arrays_simple.expected b/src/test/correct/arrays_simple/gcc_O2/arrays_simple.expected index 0918aa3d9..d1a99d9c1 100644 --- a/src/test/correct/arrays_simple/gcc_O2/arrays_simple.expected +++ b/src/test/correct/arrays_simple/gcc_O2/arrays_simple.expected @@ -158,9 +158,6 @@ procedure main() assume {:captureState "lmain"} true; R0, Gamma_R0 := 0bv64, true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_arrays_read/clang/basic_arrays_read.expected b/src/test/correct/basic_arrays_read/clang/basic_arrays_read.expected index 6d2a0c9d2..33b8a38ca 100644 --- a/src/test/correct/basic_arrays_read/clang/basic_arrays_read.expected +++ b/src/test/correct/basic_arrays_read/clang/basic_arrays_read.expected @@ -204,9 +204,6 @@ procedure main() R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, bvadd64(R8, 52bv64))), (gamma_load32(Gamma_mem, bvadd64(R8, 52bv64)) || L(mem, bvadd64(R8, 52bv64))); R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_arrays_read/clang_O2/basic_arrays_read.expected b/src/test/correct/basic_arrays_read/clang_O2/basic_arrays_read.expected index d1baabff3..5810e44c9 100644 --- a/src/test/correct/basic_arrays_read/clang_O2/basic_arrays_read.expected +++ b/src/test/correct/basic_arrays_read/clang_O2/basic_arrays_read.expected @@ -188,9 +188,6 @@ procedure main() assert true; assume {:captureState "%000002c9"} true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_arrays_read/clang_no_plt_no_pic/basic_arrays_read.expected b/src/test/correct/basic_arrays_read/clang_no_plt_no_pic/basic_arrays_read.expected index bd4286921..5d846f7e9 100644 --- a/src/test/correct/basic_arrays_read/clang_no_plt_no_pic/basic_arrays_read.expected +++ b/src/test/correct/basic_arrays_read/clang_no_plt_no_pic/basic_arrays_read.expected @@ -204,9 +204,6 @@ procedure main() R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, bvadd64(R8, 52bv64))), (gamma_load32(Gamma_mem, bvadd64(R8, 52bv64)) || L(mem, bvadd64(R8, 52bv64))); R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_arrays_read/clang_pic/basic_arrays_read.expected b/src/test/correct/basic_arrays_read/clang_pic/basic_arrays_read.expected index cbe3e8044..1875e97ba 100644 --- a/src/test/correct/basic_arrays_read/clang_pic/basic_arrays_read.expected +++ b/src/test/correct/basic_arrays_read/clang_pic/basic_arrays_read.expected @@ -238,9 +238,6 @@ procedure main() R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, R8)), (gamma_load32(Gamma_mem, R8) || L(mem, R8)); R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_arrays_read/gcc/basic_arrays_read.expected b/src/test/correct/basic_arrays_read/gcc/basic_arrays_read.expected index 2a41e5240..25e885f0b 100644 --- a/src/test/correct/basic_arrays_read/gcc/basic_arrays_read.expected +++ b/src/test/correct/basic_arrays_read/gcc/basic_arrays_read.expected @@ -195,9 +195,6 @@ procedure main() call rely(); R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, R0)), (gamma_load32(Gamma_mem, R0) || L(mem, R0)); goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_arrays_read/gcc_O2/basic_arrays_read.expected b/src/test/correct/basic_arrays_read/gcc_O2/basic_arrays_read.expected index b92d78087..b85e2f26e 100644 --- a/src/test/correct/basic_arrays_read/gcc_O2/basic_arrays_read.expected +++ b/src/test/correct/basic_arrays_read/gcc_O2/basic_arrays_read.expected @@ -188,9 +188,6 @@ procedure main() assert true; assume {:captureState "%000001b7"} true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_arrays_read/gcc_no_plt_no_pic/basic_arrays_read.expected b/src/test/correct/basic_arrays_read/gcc_no_plt_no_pic/basic_arrays_read.expected index e7066c199..6db81a45a 100644 --- a/src/test/correct/basic_arrays_read/gcc_no_plt_no_pic/basic_arrays_read.expected +++ b/src/test/correct/basic_arrays_read/gcc_no_plt_no_pic/basic_arrays_read.expected @@ -195,9 +195,6 @@ procedure main() call rely(); R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, R0)), (gamma_load32(Gamma_mem, R0) || L(mem, R0)); goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_arrays_read/gcc_pic/basic_arrays_read.expected b/src/test/correct/basic_arrays_read/gcc_pic/basic_arrays_read.expected index 08dab06b4..0d7b00f37 100644 --- a/src/test/correct/basic_arrays_read/gcc_pic/basic_arrays_read.expected +++ b/src/test/correct/basic_arrays_read/gcc_pic/basic_arrays_read.expected @@ -229,9 +229,6 @@ procedure main() call rely(); R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, R0)), (gamma_load32(Gamma_mem, R0) || L(mem, R0)); goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_arrays_write/clang/basic_arrays_write.expected b/src/test/correct/basic_arrays_write/clang/basic_arrays_write.expected index 2e71eee76..65622386f 100644 --- a/src/test/correct/basic_arrays_write/clang/basic_arrays_write.expected +++ b/src/test/correct/basic_arrays_write/clang/basic_arrays_write.expected @@ -210,9 +210,6 @@ procedure main() R0, Gamma_R0 := 0bv64, true; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_arrays_write/clang_O2/basic_arrays_write.expected b/src/test/correct/basic_arrays_write/clang_O2/basic_arrays_write.expected index ddaa5921f..82122d214 100644 --- a/src/test/correct/basic_arrays_write/clang_O2/basic_arrays_write.expected +++ b/src/test/correct/basic_arrays_write/clang_O2/basic_arrays_write.expected @@ -195,9 +195,6 @@ procedure main() assert (arr$0_old == memory_load32_le(mem, bvadd64($arr_addr, 0bv64))); assume {:captureState "%000002d4"} true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_arrays_write/clang_no_plt_no_pic/basic_arrays_write.expected b/src/test/correct/basic_arrays_write/clang_no_plt_no_pic/basic_arrays_write.expected index ef576eff0..34e5fa089 100644 --- a/src/test/correct/basic_arrays_write/clang_no_plt_no_pic/basic_arrays_write.expected +++ b/src/test/correct/basic_arrays_write/clang_no_plt_no_pic/basic_arrays_write.expected @@ -210,9 +210,6 @@ procedure main() R0, Gamma_R0 := 0bv64, true; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_arrays_write/clang_pic/basic_arrays_write.expected b/src/test/correct/basic_arrays_write/clang_pic/basic_arrays_write.expected index 658cb2f3d..fb327f431 100644 --- a/src/test/correct/basic_arrays_write/clang_pic/basic_arrays_write.expected +++ b/src/test/correct/basic_arrays_write/clang_pic/basic_arrays_write.expected @@ -243,9 +243,6 @@ procedure main() R0, Gamma_R0 := 0bv64, true; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_arrays_write/gcc/basic_arrays_write.expected b/src/test/correct/basic_arrays_write/gcc/basic_arrays_write.expected index f322b3d3d..321e34390 100644 --- a/src/test/correct/basic_arrays_write/gcc/basic_arrays_write.expected +++ b/src/test/correct/basic_arrays_write/gcc/basic_arrays_write.expected @@ -208,9 +208,6 @@ procedure main() R0, Gamma_R0 := 0bv64, true; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_arrays_write/gcc_O2/basic_arrays_write.expected b/src/test/correct/basic_arrays_write/gcc_O2/basic_arrays_write.expected index dc94f3d31..e83ded622 100644 --- a/src/test/correct/basic_arrays_write/gcc_O2/basic_arrays_write.expected +++ b/src/test/correct/basic_arrays_write/gcc_O2/basic_arrays_write.expected @@ -195,9 +195,6 @@ procedure main() assert (arr$0_old == memory_load32_le(mem, bvadd64($arr_addr, 0bv64))); assume {:captureState "%000001be"} true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_arrays_write/gcc_no_plt_no_pic/basic_arrays_write.expected b/src/test/correct/basic_arrays_write/gcc_no_plt_no_pic/basic_arrays_write.expected index 133d6d05e..93179549f 100644 --- a/src/test/correct/basic_arrays_write/gcc_no_plt_no_pic/basic_arrays_write.expected +++ b/src/test/correct/basic_arrays_write/gcc_no_plt_no_pic/basic_arrays_write.expected @@ -208,9 +208,6 @@ procedure main() R0, Gamma_R0 := 0bv64, true; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_arrays_write/gcc_pic/basic_arrays_write.expected b/src/test/correct/basic_arrays_write/gcc_pic/basic_arrays_write.expected index 3c865b447..8de895097 100644 --- a/src/test/correct/basic_arrays_write/gcc_pic/basic_arrays_write.expected +++ b/src/test/correct/basic_arrays_write/gcc_pic/basic_arrays_write.expected @@ -241,9 +241,6 @@ procedure main() R0, Gamma_R0 := 0bv64, true; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_assign_assign/clang/basic_assign_assign.expected b/src/test/correct/basic_assign_assign/clang/basic_assign_assign.expected index 5108e2304..4e4415cef 100644 --- a/src/test/correct/basic_assign_assign/clang/basic_assign_assign.expected +++ b/src/test/correct/basic_assign_assign/clang/basic_assign_assign.expected @@ -195,9 +195,6 @@ procedure main() assume {:captureState "%000002ce"} true; R0, Gamma_R0 := 0bv64, true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_assign_assign/clang_O2/basic_assign_assign.expected b/src/test/correct/basic_assign_assign/clang_O2/basic_assign_assign.expected index cf2947341..2eef93a1a 100644 --- a/src/test/correct/basic_assign_assign/clang_O2/basic_assign_assign.expected +++ b/src/test/correct/basic_assign_assign/clang_O2/basic_assign_assign.expected @@ -195,9 +195,6 @@ procedure main() assert ((memory_load32_le(mem, $x_addr) == x_old) || (memory_load32_le(mem, $x_addr) == 5bv32)); assume {:captureState "%000002d3"} true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_assign_assign/clang_no_plt_no_pic/basic_assign_assign.expected b/src/test/correct/basic_assign_assign/clang_no_plt_no_pic/basic_assign_assign.expected index 0ded243d0..3fb9b2692 100644 --- a/src/test/correct/basic_assign_assign/clang_no_plt_no_pic/basic_assign_assign.expected +++ b/src/test/correct/basic_assign_assign/clang_no_plt_no_pic/basic_assign_assign.expected @@ -195,9 +195,6 @@ procedure main() assume {:captureState "%00000845"} true; R0, Gamma_R0 := 0bv64, true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_assign_assign/clang_pic/basic_assign_assign.expected b/src/test/correct/basic_assign_assign/clang_pic/basic_assign_assign.expected index cad48175d..8d1e0cf05 100644 --- a/src/test/correct/basic_assign_assign/clang_pic/basic_assign_assign.expected +++ b/src/test/correct/basic_assign_assign/clang_pic/basic_assign_assign.expected @@ -229,9 +229,6 @@ procedure main() assume {:captureState "%000002d9"} true; R0, Gamma_R0 := 0bv64, true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_assign_assign/gcc/basic_assign_assign.expected b/src/test/correct/basic_assign_assign/gcc/basic_assign_assign.expected index 9baf8d5de..c1ec99424 100644 --- a/src/test/correct/basic_assign_assign/gcc/basic_assign_assign.expected +++ b/src/test/correct/basic_assign_assign/gcc/basic_assign_assign.expected @@ -194,9 +194,6 @@ procedure main() assume {:captureState "%000002d8"} true; R0, Gamma_R0 := 0bv64, true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_assign_assign/gcc_O2/basic_assign_assign.expected b/src/test/correct/basic_assign_assign/gcc_O2/basic_assign_assign.expected index b598dac2a..cd083b183 100644 --- a/src/test/correct/basic_assign_assign/gcc_O2/basic_assign_assign.expected +++ b/src/test/correct/basic_assign_assign/gcc_O2/basic_assign_assign.expected @@ -195,9 +195,6 @@ procedure main() assert ((memory_load32_le(mem, $x_addr) == x_old) || (memory_load32_le(mem, $x_addr) == 5bv32)); assume {:captureState "%000001bd"} true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_assign_assign/gcc_no_plt_no_pic/basic_assign_assign.expected b/src/test/correct/basic_assign_assign/gcc_no_plt_no_pic/basic_assign_assign.expected index fdf653f2e..ff3ca13a2 100644 --- a/src/test/correct/basic_assign_assign/gcc_no_plt_no_pic/basic_assign_assign.expected +++ b/src/test/correct/basic_assign_assign/gcc_no_plt_no_pic/basic_assign_assign.expected @@ -194,9 +194,6 @@ procedure main() assume {:captureState "%0000085b"} true; R0, Gamma_R0 := 0bv64, true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_assign_assign/gcc_pic/basic_assign_assign.expected b/src/test/correct/basic_assign_assign/gcc_pic/basic_assign_assign.expected index b3ef83ae0..eb222c449 100644 --- a/src/test/correct/basic_assign_assign/gcc_pic/basic_assign_assign.expected +++ b/src/test/correct/basic_assign_assign/gcc_pic/basic_assign_assign.expected @@ -227,9 +227,6 @@ procedure main() assume {:captureState "%000002d9"} true; R0, Gamma_R0 := 0bv64, true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_assign_increment/clang/basic_assign_increment.expected b/src/test/correct/basic_assign_increment/clang/basic_assign_increment.expected index 151412d4f..3ee6e96d9 100644 --- a/src/test/correct/basic_assign_increment/clang/basic_assign_increment.expected +++ b/src/test/correct/basic_assign_increment/clang/basic_assign_increment.expected @@ -203,9 +203,6 @@ procedure main() assume {:captureState "%000002da"} true; R0, Gamma_R0 := 0bv64, true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_assign_increment/clang_O2/basic_assign_increment.expected b/src/test/correct/basic_assign_increment/clang_O2/basic_assign_increment.expected index 43ead9803..fef93a270 100644 --- a/src/test/correct/basic_assign_increment/clang_O2/basic_assign_increment.expected +++ b/src/test/correct/basic_assign_increment/clang_O2/basic_assign_increment.expected @@ -203,9 +203,6 @@ procedure main() assert (((memory_load32_le(mem, $x_addr) == x_old) || (memory_load32_le(mem, $x_addr) == 1bv32)) || (memory_load32_le(mem, $x_addr) == 6bv32)); assume {:captureState "%000002df"} true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_assign_increment/clang_no_plt_no_pic/basic_assign_increment.expected b/src/test/correct/basic_assign_increment/clang_no_plt_no_pic/basic_assign_increment.expected index fee458995..3dbe6966f 100644 --- a/src/test/correct/basic_assign_increment/clang_no_plt_no_pic/basic_assign_increment.expected +++ b/src/test/correct/basic_assign_increment/clang_no_plt_no_pic/basic_assign_increment.expected @@ -203,9 +203,6 @@ procedure main() assume {:captureState "%0000085f"} true; R0, Gamma_R0 := 0bv64, true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_assign_increment/clang_pic/basic_assign_increment.expected b/src/test/correct/basic_assign_increment/clang_pic/basic_assign_increment.expected index 5285d851d..315de4ff2 100644 --- a/src/test/correct/basic_assign_increment/clang_pic/basic_assign_increment.expected +++ b/src/test/correct/basic_assign_increment/clang_pic/basic_assign_increment.expected @@ -237,9 +237,6 @@ procedure main() assume {:captureState "%000002e5"} true; R0, Gamma_R0 := 0bv64, true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_assign_increment/gcc/basic_assign_increment.expected b/src/test/correct/basic_assign_increment/gcc/basic_assign_increment.expected index c83f21137..f0eacec61 100644 --- a/src/test/correct/basic_assign_increment/gcc/basic_assign_increment.expected +++ b/src/test/correct/basic_assign_increment/gcc/basic_assign_increment.expected @@ -204,9 +204,6 @@ procedure main() assume {:captureState "%000002f7"} true; R0, Gamma_R0 := 0bv64, true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_assign_increment/gcc_O2/basic_assign_increment.expected b/src/test/correct/basic_assign_increment/gcc_O2/basic_assign_increment.expected index 8523ccf09..154b6319c 100644 --- a/src/test/correct/basic_assign_increment/gcc_O2/basic_assign_increment.expected +++ b/src/test/correct/basic_assign_increment/gcc_O2/basic_assign_increment.expected @@ -203,9 +203,6 @@ procedure main() assert (((memory_load32_le(mem, $x_addr) == x_old) || (memory_load32_le(mem, $x_addr) == 1bv32)) || (memory_load32_le(mem, $x_addr) == 6bv32)); assume {:captureState "%000001c5"} true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_assign_increment/gcc_no_plt_no_pic/basic_assign_increment.expected b/src/test/correct/basic_assign_increment/gcc_no_plt_no_pic/basic_assign_increment.expected index 1fdd85c43..e505c7707 100644 --- a/src/test/correct/basic_assign_increment/gcc_no_plt_no_pic/basic_assign_increment.expected +++ b/src/test/correct/basic_assign_increment/gcc_no_plt_no_pic/basic_assign_increment.expected @@ -204,9 +204,6 @@ procedure main() assume {:captureState "%0000089f"} true; R0, Gamma_R0 := 0bv64, true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_assign_increment/gcc_pic/basic_assign_increment.expected b/src/test/correct/basic_assign_increment/gcc_pic/basic_assign_increment.expected index e7935f379..eb36592e5 100644 --- a/src/test/correct/basic_assign_increment/gcc_pic/basic_assign_increment.expected +++ b/src/test/correct/basic_assign_increment/gcc_pic/basic_assign_increment.expected @@ -238,9 +238,6 @@ procedure main() assume {:captureState "%000002f9"} true; R0, Gamma_R0 := 0bv64, true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_function_call_caller/clang/basic_function_call_caller.expected b/src/test/correct/basic_function_call_caller/clang/basic_function_call_caller.expected index f3e012683..8342a6746 100644 --- a/src/test/correct/basic_function_call_caller/clang/basic_function_call_caller.expected +++ b/src/test/correct/basic_function_call_caller/clang/basic_function_call_caller.expected @@ -269,9 +269,6 @@ procedure main() R30, Gamma_R30 := memory_load64_le(stack, bvadd64(#5, 8bv64)), gamma_load64(Gamma_stack, bvadd64(#5, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; @@ -357,9 +354,6 @@ procedure zero() assume {:captureState "lzero"} true; R0, Gamma_R0 := 0bv64, true; goto zero_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; zero_return: assume {:captureState "zero_return"} true; return; diff --git a/src/test/correct/basic_function_call_caller/clang_O2/basic_function_call_caller.expected b/src/test/correct/basic_function_call_caller/clang_O2/basic_function_call_caller.expected index 93d1add47..8e31d7953 100644 --- a/src/test/correct/basic_function_call_caller/clang_O2/basic_function_call_caller.expected +++ b/src/test/correct/basic_function_call_caller/clang_O2/basic_function_call_caller.expected @@ -221,9 +221,6 @@ procedure main() assert (Gamma_y_old ==> ((memory_load32_le(mem, $x_addr) == 0bv32) || gamma_load32(Gamma_mem, $y_addr))); assume {:captureState "%000002fa"} true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_function_call_caller/clang_no_plt_no_pic/basic_function_call_caller.expected b/src/test/correct/basic_function_call_caller/clang_no_plt_no_pic/basic_function_call_caller.expected index 74c72de44..e897a97bc 100644 --- a/src/test/correct/basic_function_call_caller/clang_no_plt_no_pic/basic_function_call_caller.expected +++ b/src/test/correct/basic_function_call_caller/clang_no_plt_no_pic/basic_function_call_caller.expected @@ -240,9 +240,6 @@ procedure main() R30, Gamma_R30 := 1840bv64, true; call zero(); goto l00000938; - terminate: - assume {:captureState "terminate"} true; - goto terminate; l00000938: assume {:captureState "l00000938"} true; R8, Gamma_R8 := 69632bv64, true; @@ -357,9 +354,6 @@ procedure zero() assume {:captureState "lzero"} true; R0, Gamma_R0 := 0bv64, true; goto zero_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; zero_return: assume {:captureState "zero_return"} true; return; diff --git a/src/test/correct/basic_function_call_caller/clang_pic/basic_function_call_caller.expected b/src/test/correct/basic_function_call_caller/clang_pic/basic_function_call_caller.expected index 67d787008..38da2e3a6 100644 --- a/src/test/correct/basic_function_call_caller/clang_pic/basic_function_call_caller.expected +++ b/src/test/correct/basic_function_call_caller/clang_pic/basic_function_call_caller.expected @@ -321,9 +321,6 @@ procedure main() R30, Gamma_R30 := memory_load64_le(stack, bvadd64(#5, 8bv64)), gamma_load64(Gamma_stack, bvadd64(#5, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; @@ -441,9 +438,6 @@ procedure zero() assume {:captureState "lzero"} true; R0, Gamma_R0 := 0bv64, true; goto zero_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; zero_return: assume {:captureState "zero_return"} true; return; diff --git a/src/test/correct/basic_function_call_caller/gcc/basic_function_call_caller.expected b/src/test/correct/basic_function_call_caller/gcc/basic_function_call_caller.expected index 72fba0e7c..0eb6ae8a1 100644 --- a/src/test/correct/basic_function_call_caller/gcc/basic_function_call_caller.expected +++ b/src/test/correct/basic_function_call_caller/gcc/basic_function_call_caller.expected @@ -267,9 +267,6 @@ procedure main() R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; @@ -355,9 +352,6 @@ procedure zero() assume {:captureState "lzero"} true; R0, Gamma_R0 := 0bv64, true; goto zero_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; zero_return: assume {:captureState "zero_return"} true; return; diff --git a/src/test/correct/basic_function_call_caller/gcc_O2/basic_function_call_caller.expected b/src/test/correct/basic_function_call_caller/gcc_O2/basic_function_call_caller.expected index 0c40f66b1..bfeb8ce3b 100644 --- a/src/test/correct/basic_function_call_caller/gcc_O2/basic_function_call_caller.expected +++ b/src/test/correct/basic_function_call_caller/gcc_O2/basic_function_call_caller.expected @@ -221,9 +221,6 @@ procedure main() assert (Gamma_y_old ==> ((memory_load32_le(mem, $x_addr) == 0bv32) || gamma_load32(Gamma_mem, $y_addr))); assume {:captureState "%000001df"} true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_function_call_caller/gcc_no_plt_no_pic/basic_function_call_caller.expected b/src/test/correct/basic_function_call_caller/gcc_no_plt_no_pic/basic_function_call_caller.expected index 0985dd9bd..21fcc3315 100644 --- a/src/test/correct/basic_function_call_caller/gcc_no_plt_no_pic/basic_function_call_caller.expected +++ b/src/test/correct/basic_function_call_caller/gcc_no_plt_no_pic/basic_function_call_caller.expected @@ -267,9 +267,6 @@ procedure main() R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; @@ -355,9 +352,6 @@ procedure zero() assume {:captureState "lzero"} true; R0, Gamma_R0 := 0bv64, true; goto zero_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; zero_return: assume {:captureState "zero_return"} true; return; diff --git a/src/test/correct/basic_function_call_caller/gcc_pic/basic_function_call_caller.expected b/src/test/correct/basic_function_call_caller/gcc_pic/basic_function_call_caller.expected index 479939e40..ae418c73c 100644 --- a/src/test/correct/basic_function_call_caller/gcc_pic/basic_function_call_caller.expected +++ b/src/test/correct/basic_function_call_caller/gcc_pic/basic_function_call_caller.expected @@ -317,9 +317,6 @@ procedure main() R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; @@ -437,9 +434,6 @@ procedure zero() assume {:captureState "lzero"} true; R0, Gamma_R0 := 0bv64, true; goto zero_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; zero_return: assume {:captureState "zero_return"} true; return; diff --git a/src/test/correct/basic_function_call_reader/clang/basic_function_call_reader.expected b/src/test/correct/basic_function_call_reader/clang/basic_function_call_reader.expected index 751f75609..52d83f01f 100644 --- a/src/test/correct/basic_function_call_reader/clang/basic_function_call_reader.expected +++ b/src/test/correct/basic_function_call_reader/clang/basic_function_call_reader.expected @@ -234,25 +234,6 @@ procedure main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; goto lmain_goto_l00000342, lmain_goto_l00000345; - l00000342: - assume {:captureState "l00000342"} true; - R8, Gamma_R8 := 0bv64, true; - goto l00000348; - l00000348_goto_l0000037a: - assume {:captureState "l00000348_goto_l0000037a"} true; - assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); - goto l0000037a; - l00000365: - assume {:captureState "l00000365"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); - R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; - goto main_return; - l00000350: - assume {:captureState "l00000350"} true; - R8, Gamma_R8 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R8); - assume {:captureState "%00000362"} true; - goto l00000365; lmain_goto_l00000342: assume {:captureState "lmain_goto_l00000342"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); @@ -269,13 +250,23 @@ procedure main() assume {:captureState "lmain_goto_l00000345"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); goto l00000345; + l00000342: + assume {:captureState "l00000342"} true; + R8, Gamma_R8 := 0bv64, true; + goto l00000348; + l00000348_goto_l0000037a: + assume {:captureState "l00000348_goto_l0000037a"} true; + assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); + goto l0000037a; + l00000365: + assume {:captureState "l00000365"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); + R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; l00000348_goto_l00000350: assume {:captureState "l00000348_goto_l00000350"} true; assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); goto l00000350; - terminate: - assume {:captureState "terminate"} true; - goto terminate; l0000037a: assume {:captureState "l0000037a"} true; goto l0000037b; @@ -284,6 +275,12 @@ procedure main() stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), 0bv32), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), true); assume {:captureState "%00000383"} true; goto l00000365; + l00000350: + assume {:captureState "l00000350"} true; + R8, Gamma_R8 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R8); + assume {:captureState "%00000362"} true; + goto l00000365; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_function_call_reader/clang_O2/basic_function_call_reader.expected b/src/test/correct/basic_function_call_reader/clang_O2/basic_function_call_reader.expected index 189216d6c..8b9c0c4a3 100644 --- a/src/test/correct/basic_function_call_reader/clang_O2/basic_function_call_reader.expected +++ b/src/test/correct/basic_function_call_reader/clang_O2/basic_function_call_reader.expected @@ -235,9 +235,6 @@ procedure main() l00000300: assume {:captureState "l00000300"} true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_function_call_reader/clang_no_plt_no_pic/basic_function_call_reader.expected b/src/test/correct/basic_function_call_reader/clang_no_plt_no_pic/basic_function_call_reader.expected index e2af142df..203a3c37e 100644 --- a/src/test/correct/basic_function_call_reader/clang_no_plt_no_pic/basic_function_call_reader.expected +++ b/src/test/correct/basic_function_call_reader/clang_no_plt_no_pic/basic_function_call_reader.expected @@ -234,25 +234,6 @@ procedure main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; goto lmain_goto_l00000985, lmain_goto_l00000988; - l00000993: - assume {:captureState "l00000993"} true; - R8, Gamma_R8 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R8); - assume {:captureState "%000009a5"} true; - goto l000009a8; - lmain_goto_l00000985: - assume {:captureState "lmain_goto_l00000985"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l00000985; - l000009a8: - assume {:captureState "l000009a8"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); - R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; - goto main_return; - lmain_goto_l00000988: - assume {:captureState "lmain_goto_l00000988"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l00000988; l0000098b_goto_l00000993: assume {:captureState "l0000098b_goto_l00000993"} true; assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); @@ -272,13 +253,29 @@ procedure main() assume {:captureState "l0000098b_goto_l000009bd"} true; assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); goto l000009bd; + l00000993: + assume {:captureState "l00000993"} true; + R8, Gamma_R8 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R8); + assume {:captureState "%000009a5"} true; + goto l000009a8; l0000098b: assume {:captureState "l0000098b"} true; assert Gamma_R8; goto l0000098b_goto_l000009bd, l0000098b_goto_l00000993; - terminate: - assume {:captureState "terminate"} true; - goto terminate; + lmain_goto_l00000985: + assume {:captureState "lmain_goto_l00000985"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l00000985; + l000009a8: + assume {:captureState "l000009a8"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); + R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + lmain_goto_l00000988: + assume {:captureState "lmain_goto_l00000988"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l00000988; l000009be: assume {:captureState "l000009be"} true; stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), 0bv32), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), true); diff --git a/src/test/correct/basic_function_call_reader/clang_pic/basic_function_call_reader.expected b/src/test/correct/basic_function_call_reader/clang_pic/basic_function_call_reader.expected index ee48d8ef9..7bb2e7226 100644 --- a/src/test/correct/basic_function_call_reader/clang_pic/basic_function_call_reader.expected +++ b/src/test/correct/basic_function_call_reader/clang_pic/basic_function_call_reader.expected @@ -310,6 +310,14 @@ procedure main() assume {:captureState "l0000035e_goto_l00000390"} true; assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); goto l00000390; + l00000358: + assume {:captureState "l00000358"} true; + R8, Gamma_R8 := 0bv64, true; + goto l0000035e; + l0000035b: + assume {:captureState "l0000035b"} true; + R8, Gamma_R8 := 1bv64, true; + goto l0000035e; lmain_goto_l00000358: assume {:captureState "lmain_goto_l00000358"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); @@ -320,21 +328,10 @@ procedure main() stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R8); assume {:captureState "%00000378"} true; goto l0000037b; - l00000358: - assume {:captureState "l00000358"} true; - R8, Gamma_R8 := 0bv64, true; - goto l0000035e; - l0000035b: - assume {:captureState "l0000035b"} true; - R8, Gamma_R8 := 1bv64, true; - goto l0000035e; l0000035e: assume {:captureState "l0000035e"} true; assert Gamma_R8; goto l0000035e_goto_l00000366, l0000035e_goto_l00000390; - terminate: - assume {:captureState "terminate"} true; - goto terminate; l0000035e_goto_l00000366: assume {:captureState "l0000035e_goto_l00000366"} true; assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); diff --git a/src/test/correct/basic_function_call_reader/gcc/basic_function_call_reader.expected b/src/test/correct/basic_function_call_reader/gcc/basic_function_call_reader.expected index 7233c276f..7062c537b 100644 --- a/src/test/correct/basic_function_call_reader/gcc/basic_function_call_reader.expected +++ b/src/test/correct/basic_function_call_reader/gcc/basic_function_call_reader.expected @@ -251,9 +251,6 @@ procedure main() assume {:captureState "lmain_goto_l00000349"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); goto l00000349; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_function_call_reader/gcc_O2/basic_function_call_reader.expected b/src/test/correct/basic_function_call_reader/gcc_O2/basic_function_call_reader.expected index 76e6603d7..62148c7d8 100644 --- a/src/test/correct/basic_function_call_reader/gcc_O2/basic_function_call_reader.expected +++ b/src/test/correct/basic_function_call_reader/gcc_O2/basic_function_call_reader.expected @@ -206,9 +206,6 @@ procedure main() call rely(); R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, bvadd64(R1, 4bv64))), (gamma_load32(Gamma_mem, bvadd64(R1, 4bv64)) || L(mem, bvadd64(R1, 4bv64))); goto l000001bc; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_function_call_reader/gcc_no_plt_no_pic/basic_function_call_reader.expected b/src/test/correct/basic_function_call_reader/gcc_no_plt_no_pic/basic_function_call_reader.expected index 484f6bcd0..5432c97ea 100644 --- a/src/test/correct/basic_function_call_reader/gcc_no_plt_no_pic/basic_function_call_reader.expected +++ b/src/test/correct/basic_function_call_reader/gcc_no_plt_no_pic/basic_function_call_reader.expected @@ -239,9 +239,6 @@ procedure main() assume {:captureState "l00000943"} true; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; lmain_goto_l0000094e: assume {:captureState "lmain_goto_l0000094e"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); diff --git a/src/test/correct/basic_function_call_reader/gcc_pic/basic_function_call_reader.expected b/src/test/correct/basic_function_call_reader/gcc_pic/basic_function_call_reader.expected index f6a889a26..867bcdd9f 100644 --- a/src/test/correct/basic_function_call_reader/gcc_pic/basic_function_call_reader.expected +++ b/src/test/correct/basic_function_call_reader/gcc_pic/basic_function_call_reader.expected @@ -305,9 +305,6 @@ procedure main() assume {:captureState "l0000034b"} true; R0, Gamma_R0 := 0bv64, true; goto l00000340; - terminate: - assume {:captureState "terminate"} true; - goto terminate; l00000340: assume {:captureState "l00000340"} true; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; diff --git a/src/test/correct/basic_lock_read/clang/basic_lock_read.expected b/src/test/correct/basic_lock_read/clang/basic_lock_read.expected index af934dfb1..9a253ef69 100644 --- a/src/test/correct/basic_lock_read/clang/basic_lock_read.expected +++ b/src/test/correct/basic_lock_read/clang/basic_lock_read.expected @@ -271,9 +271,6 @@ procedure main() R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; l00000333_goto_l0000033b: assume {:captureState "l00000333_goto_l0000033b"} true; assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); diff --git a/src/test/correct/basic_lock_read/clang_O2/basic_lock_read.expected b/src/test/correct/basic_lock_read/clang_O2/basic_lock_read.expected index 4bcf85bf9..9d030f089 100644 --- a/src/test/correct/basic_lock_read/clang_O2/basic_lock_read.expected +++ b/src/test/correct/basic_lock_read/clang_O2/basic_lock_read.expected @@ -218,9 +218,6 @@ procedure main() assume {:captureState "l000002f7"} true; R0, Gamma_R0 := 0bv64, true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_lock_read/clang_no_plt_no_pic/basic_lock_read.expected b/src/test/correct/basic_lock_read/clang_no_plt_no_pic/basic_lock_read.expected index 6982dd8c7..f8aa1fe16 100644 --- a/src/test/correct/basic_lock_read/clang_no_plt_no_pic/basic_lock_read.expected +++ b/src/test/correct/basic_lock_read/clang_no_plt_no_pic/basic_lock_read.expected @@ -271,9 +271,6 @@ procedure main() assume {:captureState "l0000095e_goto_l0000097d"} true; assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); goto l0000097d; - terminate: - assume {:captureState "terminate"} true; - goto terminate; l00000958: assume {:captureState "l00000958"} true; R8, Gamma_R8 := 0bv64, true; diff --git a/src/test/correct/basic_lock_read/clang_pic/basic_lock_read.expected b/src/test/correct/basic_lock_read/clang_pic/basic_lock_read.expected index c7ea4b821..81b4c21a3 100644 --- a/src/test/correct/basic_lock_read/clang_pic/basic_lock_read.expected +++ b/src/test/correct/basic_lock_read/clang_pic/basic_lock_read.expected @@ -320,9 +320,6 @@ procedure main() assume {:captureState "l0000033c"} true; R8, Gamma_R8 := 0bv64, true; goto l00000342; - terminate: - assume {:captureState "terminate"} true; - goto terminate; l00000362: assume {:captureState "l00000362"} true; R8, Gamma_R8 := 65536bv64, true; diff --git a/src/test/correct/basic_lock_read/gcc/basic_lock_read.expected b/src/test/correct/basic_lock_read/gcc/basic_lock_read.expected index 32c50f26b..dcd1a3a60 100644 --- a/src/test/correct/basic_lock_read/gcc/basic_lock_read.expected +++ b/src/test/correct/basic_lock_read/gcc/basic_lock_read.expected @@ -255,9 +255,6 @@ procedure main() assume {:captureState "lmain_goto_l00000327"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); goto l00000327; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_lock_read/gcc_O2/basic_lock_read.expected b/src/test/correct/basic_lock_read/gcc_O2/basic_lock_read.expected index c3f5bd96d..94ba1fb72 100644 --- a/src/test/correct/basic_lock_read/gcc_O2/basic_lock_read.expected +++ b/src/test/correct/basic_lock_read/gcc_O2/basic_lock_read.expected @@ -205,9 +205,6 @@ procedure main() assume {:captureState "l000001bd"} true; R0, Gamma_R0 := 0bv64, true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; l0000039c: assume {:captureState "l0000039c"} true; call rely(); diff --git a/src/test/correct/basic_lock_read/gcc_no_plt_no_pic/basic_lock_read.expected b/src/test/correct/basic_lock_read/gcc_no_plt_no_pic/basic_lock_read.expected index 38e60630f..cc765b821 100644 --- a/src/test/correct/basic_lock_read/gcc_no_plt_no_pic/basic_lock_read.expected +++ b/src/test/correct/basic_lock_read/gcc_no_plt_no_pic/basic_lock_read.expected @@ -242,9 +242,6 @@ procedure main() stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R0); assume {:captureState "%00000989"} true; goto l00000948; - terminate: - assume {:captureState "terminate"} true; - goto terminate; lmain_goto_l0000095f: assume {:captureState "lmain_goto_l0000095f"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); diff --git a/src/test/correct/basic_lock_read/gcc_pic/basic_lock_read.expected b/src/test/correct/basic_lock_read/gcc_pic/basic_lock_read.expected index b6ecab503..d34c9ede6 100644 --- a/src/test/correct/basic_lock_read/gcc_pic/basic_lock_read.expected +++ b/src/test/correct/basic_lock_read/gcc_pic/basic_lock_read.expected @@ -314,9 +314,6 @@ procedure main() assume {:captureState "lmain_goto_l00000328"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); goto l00000328; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_lock_security_read/clang/basic_lock_security_read.expected b/src/test/correct/basic_lock_security_read/clang/basic_lock_security_read.expected index a979ced01..330cbc0c3 100644 --- a/src/test/correct/basic_lock_security_read/clang/basic_lock_security_read.expected +++ b/src/test/correct/basic_lock_security_read/clang/basic_lock_security_read.expected @@ -267,9 +267,6 @@ procedure main() assume {:captureState "lmain_goto_l0000032c"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); goto l0000032c; - terminate: - assume {:captureState "terminate"} true; - goto terminate; lmain_goto_l00000329: assume {:captureState "lmain_goto_l00000329"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); diff --git a/src/test/correct/basic_lock_security_read/clang_O2/basic_lock_security_read.expected b/src/test/correct/basic_lock_security_read/clang_O2/basic_lock_security_read.expected index 2707a6f37..cd688ff52 100644 --- a/src/test/correct/basic_lock_security_read/clang_O2/basic_lock_security_read.expected +++ b/src/test/correct/basic_lock_security_read/clang_O2/basic_lock_security_read.expected @@ -223,9 +223,6 @@ procedure main() l00000300: assume {:captureState "l00000300"} true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; l000002fa: assume {:captureState "l000002fa"} true; R0, Gamma_R0 := zero_extend32_32(R9[32:0]), Gamma_R9; diff --git a/src/test/correct/basic_lock_security_read/clang_no_plt_no_pic/basic_lock_security_read.expected b/src/test/correct/basic_lock_security_read/clang_no_plt_no_pic/basic_lock_security_read.expected index 60ed644d1..ee479c2c3 100644 --- a/src/test/correct/basic_lock_security_read/clang_no_plt_no_pic/basic_lock_security_read.expected +++ b/src/test/correct/basic_lock_security_read/clang_no_plt_no_pic/basic_lock_security_read.expected @@ -255,9 +255,6 @@ procedure main() assume {:captureState "lmain_goto_l0000094a"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); goto l0000094a; - terminate: - assume {:captureState "terminate"} true; - goto terminate; l0000094d_goto_l00000955: assume {:captureState "l0000094d_goto_l00000955"} true; assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); diff --git a/src/test/correct/basic_lock_security_read/clang_pic/basic_lock_security_read.expected b/src/test/correct/basic_lock_security_read/clang_pic/basic_lock_security_read.expected index 4467c6f88..140ece76e 100644 --- a/src/test/correct/basic_lock_security_read/clang_pic/basic_lock_security_read.expected +++ b/src/test/correct/basic_lock_security_read/clang_pic/basic_lock_security_read.expected @@ -323,9 +323,6 @@ procedure main() assume {:captureState "lmain_goto_l00000338"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); goto l00000338; - terminate: - assume {:captureState "terminate"} true; - goto terminate; l0000033e_goto_l0000035d: assume {:captureState "l0000033e_goto_l0000035d"} true; assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); diff --git a/src/test/correct/basic_lock_security_read/gcc/basic_lock_security_read.expected b/src/test/correct/basic_lock_security_read/gcc/basic_lock_security_read.expected index 16d6b2608..d8d9d5849 100644 --- a/src/test/correct/basic_lock_security_read/gcc/basic_lock_security_read.expected +++ b/src/test/correct/basic_lock_security_read/gcc/basic_lock_security_read.expected @@ -245,9 +245,6 @@ procedure main() stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R0); assume {:captureState "%0000034a"} true; goto l0000031b; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_lock_security_read/gcc_O2/basic_lock_security_read.expected b/src/test/correct/basic_lock_security_read/gcc_O2/basic_lock_security_read.expected index d01bd3aa2..8a672ae31 100644 --- a/src/test/correct/basic_lock_security_read/gcc_O2/basic_lock_security_read.expected +++ b/src/test/correct/basic_lock_security_read/gcc_O2/basic_lock_security_read.expected @@ -197,9 +197,6 @@ procedure main() l000001c2: assume {:captureState "l000001c2"} true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; l0000039c: assume {:captureState "l0000039c"} true; call rely(); diff --git a/src/test/correct/basic_lock_security_read/gcc_no_plt_no_pic/basic_lock_security_read.expected b/src/test/correct/basic_lock_security_read/gcc_no_plt_no_pic/basic_lock_security_read.expected index 7180ce0d5..df838e894 100644 --- a/src/test/correct/basic_lock_security_read/gcc_no_plt_no_pic/basic_lock_security_read.expected +++ b/src/test/correct/basic_lock_security_read/gcc_no_plt_no_pic/basic_lock_security_read.expected @@ -232,9 +232,6 @@ procedure main() R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; lmain_goto_l0000092f: assume {:captureState "lmain_goto_l0000092f"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); diff --git a/src/test/correct/basic_lock_security_read/gcc_pic/basic_lock_security_read.expected b/src/test/correct/basic_lock_security_read/gcc_pic/basic_lock_security_read.expected index a9070a0fc..6383341a1 100644 --- a/src/test/correct/basic_lock_security_read/gcc_pic/basic_lock_security_read.expected +++ b/src/test/correct/basic_lock_security_read/gcc_pic/basic_lock_security_read.expected @@ -303,9 +303,6 @@ procedure main() stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R0); assume {:captureState "%0000034c"} true; goto l0000031c; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_lock_security_write/clang/basic_lock_security_write.expected b/src/test/correct/basic_lock_security_write/clang/basic_lock_security_write.expected index df5066676..a7b65691c 100644 --- a/src/test/correct/basic_lock_security_write/clang/basic_lock_security_write.expected +++ b/src/test/correct/basic_lock_security_write/clang/basic_lock_security_write.expected @@ -248,9 +248,6 @@ procedure main() assume {:captureState "%00000323"} true; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_lock_security_write/clang_O2/basic_lock_security_write.expected b/src/test/correct/basic_lock_security_write/clang_O2/basic_lock_security_write.expected index 083f2427c..99e2b0fed 100644 --- a/src/test/correct/basic_lock_security_write/clang_O2/basic_lock_security_write.expected +++ b/src/test/correct/basic_lock_security_write/clang_O2/basic_lock_security_write.expected @@ -215,9 +215,6 @@ procedure main() assert ((z_old == 0bv32) ==> ((memory_load32_le(mem, $x_addr) == x_old) && (memory_load32_le(mem, $z_addr) == z_old))); assume {:captureState "%000002dd"} true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_lock_security_write/clang_no_plt_no_pic/basic_lock_security_write.expected b/src/test/correct/basic_lock_security_write/clang_no_plt_no_pic/basic_lock_security_write.expected index d4d3b145e..8b1e814ad 100644 --- a/src/test/correct/basic_lock_security_write/clang_no_plt_no_pic/basic_lock_security_write.expected +++ b/src/test/correct/basic_lock_security_write/clang_no_plt_no_pic/basic_lock_security_write.expected @@ -248,9 +248,6 @@ procedure main() assume {:captureState "%00000900"} true; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_lock_security_write/clang_pic/basic_lock_security_write.expected b/src/test/correct/basic_lock_security_write/clang_pic/basic_lock_security_write.expected index 02e7807b9..e24265ef1 100644 --- a/src/test/correct/basic_lock_security_write/clang_pic/basic_lock_security_write.expected +++ b/src/test/correct/basic_lock_security_write/clang_pic/basic_lock_security_write.expected @@ -308,9 +308,6 @@ procedure main() assume {:captureState "%00000339"} true; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_lock_security_write/gcc/basic_lock_security_write.expected b/src/test/correct/basic_lock_security_write/gcc/basic_lock_security_write.expected index 3c95913ad..55f15d742 100644 --- a/src/test/correct/basic_lock_security_write/gcc/basic_lock_security_write.expected +++ b/src/test/correct/basic_lock_security_write/gcc/basic_lock_security_write.expected @@ -250,9 +250,6 @@ procedure main() R0, Gamma_R0 := 0bv64, true; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_lock_security_write/gcc_O2/basic_lock_security_write.expected b/src/test/correct/basic_lock_security_write/gcc_O2/basic_lock_security_write.expected index 443fd92e0..7fc84162b 100644 --- a/src/test/correct/basic_lock_security_write/gcc_O2/basic_lock_security_write.expected +++ b/src/test/correct/basic_lock_security_write/gcc_O2/basic_lock_security_write.expected @@ -215,9 +215,6 @@ procedure main() assert ((z_old == 0bv32) ==> ((memory_load32_le(mem, $x_addr) == x_old) && (memory_load32_le(mem, $z_addr) == z_old))); assume {:captureState "%000001c4"} true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_lock_security_write/gcc_no_plt_no_pic/basic_lock_security_write.expected b/src/test/correct/basic_lock_security_write/gcc_no_plt_no_pic/basic_lock_security_write.expected index bbed43fdf..53932b603 100644 --- a/src/test/correct/basic_lock_security_write/gcc_no_plt_no_pic/basic_lock_security_write.expected +++ b/src/test/correct/basic_lock_security_write/gcc_no_plt_no_pic/basic_lock_security_write.expected @@ -250,9 +250,6 @@ procedure main() R0, Gamma_R0 := 0bv64, true; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_lock_security_write/gcc_pic/basic_lock_security_write.expected b/src/test/correct/basic_lock_security_write/gcc_pic/basic_lock_security_write.expected index 8574be31a..a2aff70f6 100644 --- a/src/test/correct/basic_lock_security_write/gcc_pic/basic_lock_security_write.expected +++ b/src/test/correct/basic_lock_security_write/gcc_pic/basic_lock_security_write.expected @@ -310,9 +310,6 @@ procedure main() R0, Gamma_R0 := 0bv64, true; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_lock_unlock/clang/basic_lock_unlock.expected b/src/test/correct/basic_lock_unlock/clang/basic_lock_unlock.expected index 08da21341..0f8c65d87 100644 --- a/src/test/correct/basic_lock_unlock/clang/basic_lock_unlock.expected +++ b/src/test/correct/basic_lock_unlock/clang/basic_lock_unlock.expected @@ -206,9 +206,6 @@ procedure main() assert ((z_old == 0bv32) ==> ((memory_load32_le(mem, $x_addr) == x_old) && (memory_load32_le(mem, $z_addr) == z_old))); assume {:captureState "%000002e7"} true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_lock_unlock/clang_O2/basic_lock_unlock.expected b/src/test/correct/basic_lock_unlock/clang_O2/basic_lock_unlock.expected index a378e6351..eee258901 100644 --- a/src/test/correct/basic_lock_unlock/clang_O2/basic_lock_unlock.expected +++ b/src/test/correct/basic_lock_unlock/clang_O2/basic_lock_unlock.expected @@ -208,9 +208,6 @@ procedure main() assert ((z_old == 0bv32) ==> ((memory_load32_le(mem, $x_addr) == x_old) && (memory_load32_le(mem, $z_addr) == z_old))); assume {:captureState "%000002e7"} true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_lock_unlock/clang_no_plt_no_pic/basic_lock_unlock.expected b/src/test/correct/basic_lock_unlock/clang_no_plt_no_pic/basic_lock_unlock.expected index 20985befb..645ed6bf0 100644 --- a/src/test/correct/basic_lock_unlock/clang_no_plt_no_pic/basic_lock_unlock.expected +++ b/src/test/correct/basic_lock_unlock/clang_no_plt_no_pic/basic_lock_unlock.expected @@ -206,9 +206,6 @@ procedure main() assert ((z_old == 0bv32) ==> ((memory_load32_le(mem, $x_addr) == x_old) && (memory_load32_le(mem, $z_addr) == z_old))); assume {:captureState "%00000876"} true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_lock_unlock/clang_pic/basic_lock_unlock.expected b/src/test/correct/basic_lock_unlock/clang_pic/basic_lock_unlock.expected index 411ddfb1b..90d03a441 100644 --- a/src/test/correct/basic_lock_unlock/clang_pic/basic_lock_unlock.expected +++ b/src/test/correct/basic_lock_unlock/clang_pic/basic_lock_unlock.expected @@ -266,9 +266,6 @@ procedure main() assert ((z_old == 0bv32) ==> ((memory_load32_le(mem, $x_addr) == x_old) && (memory_load32_le(mem, $z_addr) == z_old))); assume {:captureState "%000002fd"} true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_lock_unlock/gcc/basic_lock_unlock.expected b/src/test/correct/basic_lock_unlock/gcc/basic_lock_unlock.expected index de3dd25c7..518fa1d58 100644 --- a/src/test/correct/basic_lock_unlock/gcc/basic_lock_unlock.expected +++ b/src/test/correct/basic_lock_unlock/gcc/basic_lock_unlock.expected @@ -206,9 +206,6 @@ procedure main() assume {:captureState "%000002f6"} true; R0, Gamma_R0 := 0bv64, true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_lock_unlock/gcc_O2/basic_lock_unlock.expected b/src/test/correct/basic_lock_unlock/gcc_O2/basic_lock_unlock.expected index 42f5987c8..301ded863 100644 --- a/src/test/correct/basic_lock_unlock/gcc_O2/basic_lock_unlock.expected +++ b/src/test/correct/basic_lock_unlock/gcc_O2/basic_lock_unlock.expected @@ -208,9 +208,6 @@ procedure main() assert ((z_old == 0bv32) ==> ((memory_load32_le(mem, $x_addr) == x_old) && (memory_load32_le(mem, $z_addr) == z_old))); assume {:captureState "%000001ca"} true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_lock_unlock/gcc_no_plt_no_pic/basic_lock_unlock.expected b/src/test/correct/basic_lock_unlock/gcc_no_plt_no_pic/basic_lock_unlock.expected index efdcfa128..89c7436c7 100644 --- a/src/test/correct/basic_lock_unlock/gcc_no_plt_no_pic/basic_lock_unlock.expected +++ b/src/test/correct/basic_lock_unlock/gcc_no_plt_no_pic/basic_lock_unlock.expected @@ -206,9 +206,6 @@ procedure main() assume {:captureState "%0000089d"} true; R0, Gamma_R0 := 0bv64, true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_lock_unlock/gcc_pic/basic_lock_unlock.expected b/src/test/correct/basic_lock_unlock/gcc_pic/basic_lock_unlock.expected index 96f9859ff..69b29dfdf 100644 --- a/src/test/correct/basic_lock_unlock/gcc_pic/basic_lock_unlock.expected +++ b/src/test/correct/basic_lock_unlock/gcc_pic/basic_lock_unlock.expected @@ -264,9 +264,6 @@ procedure main() assume {:captureState "%000002f8"} true; R0, Gamma_R0 := 0bv64, true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_loop_assign/clang/basic_loop_assign.expected b/src/test/correct/basic_loop_assign/clang/basic_loop_assign.expected index ee4e60ca2..f396d9f7a 100644 --- a/src/test/correct/basic_loop_assign/clang/basic_loop_assign.expected +++ b/src/test/correct/basic_loop_assign/clang/basic_loop_assign.expected @@ -197,9 +197,6 @@ procedure main() assume {:captureState "%000002ce"} true; R0, Gamma_R0 := 0bv64, true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_loop_assign/clang_O2/basic_loop_assign.expected b/src/test/correct/basic_loop_assign/clang_O2/basic_loop_assign.expected index 43ce0fc33..183fe071a 100644 --- a/src/test/correct/basic_loop_assign/clang_O2/basic_loop_assign.expected +++ b/src/test/correct/basic_loop_assign/clang_O2/basic_loop_assign.expected @@ -197,9 +197,6 @@ procedure main() assert (((memory_load32_le(mem, $x_addr) == x_old) || ((memory_load32_le(mem, $x_addr) == 20bv32) && (x_old == 0bv32))) || ((memory_load32_le(mem, $x_addr) == 20bv32) && bvsle32(x_old, 10bv32))); assume {:captureState "%000002d3"} true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_loop_assign/clang_no_plt_no_pic/basic_loop_assign.expected b/src/test/correct/basic_loop_assign/clang_no_plt_no_pic/basic_loop_assign.expected index a3c388072..19fa33c90 100644 --- a/src/test/correct/basic_loop_assign/clang_no_plt_no_pic/basic_loop_assign.expected +++ b/src/test/correct/basic_loop_assign/clang_no_plt_no_pic/basic_loop_assign.expected @@ -197,9 +197,6 @@ procedure main() assume {:captureState "%00000845"} true; R0, Gamma_R0 := 0bv64, true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_loop_assign/clang_pic/basic_loop_assign.expected b/src/test/correct/basic_loop_assign/clang_pic/basic_loop_assign.expected index 028ca06bc..443168325 100644 --- a/src/test/correct/basic_loop_assign/clang_pic/basic_loop_assign.expected +++ b/src/test/correct/basic_loop_assign/clang_pic/basic_loop_assign.expected @@ -231,9 +231,6 @@ procedure main() assume {:captureState "%000002d9"} true; R0, Gamma_R0 := 0bv64, true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_loop_assign/gcc/basic_loop_assign.expected b/src/test/correct/basic_loop_assign/gcc/basic_loop_assign.expected index dfa2c4f74..d18ee7224 100644 --- a/src/test/correct/basic_loop_assign/gcc/basic_loop_assign.expected +++ b/src/test/correct/basic_loop_assign/gcc/basic_loop_assign.expected @@ -196,9 +196,6 @@ procedure main() assume {:captureState "%000002d8"} true; R0, Gamma_R0 := 0bv64, true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_loop_assign/gcc_O2/basic_loop_assign.expected b/src/test/correct/basic_loop_assign/gcc_O2/basic_loop_assign.expected index 62e7740c9..bd99f4546 100644 --- a/src/test/correct/basic_loop_assign/gcc_O2/basic_loop_assign.expected +++ b/src/test/correct/basic_loop_assign/gcc_O2/basic_loop_assign.expected @@ -197,9 +197,6 @@ procedure main() assert (((memory_load32_le(mem, $x_addr) == x_old) || ((memory_load32_le(mem, $x_addr) == 20bv32) && (x_old == 0bv32))) || ((memory_load32_le(mem, $x_addr) == 20bv32) && bvsle32(x_old, 10bv32))); assume {:captureState "%000001bd"} true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_loop_assign/gcc_no_plt_no_pic/basic_loop_assign.expected b/src/test/correct/basic_loop_assign/gcc_no_plt_no_pic/basic_loop_assign.expected index c2c65066e..ee92f627f 100644 --- a/src/test/correct/basic_loop_assign/gcc_no_plt_no_pic/basic_loop_assign.expected +++ b/src/test/correct/basic_loop_assign/gcc_no_plt_no_pic/basic_loop_assign.expected @@ -196,9 +196,6 @@ procedure main() assume {:captureState "%0000085b"} true; R0, Gamma_R0 := 0bv64, true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_loop_assign/gcc_pic/basic_loop_assign.expected b/src/test/correct/basic_loop_assign/gcc_pic/basic_loop_assign.expected index 3c28f5b65..169fc701a 100644 --- a/src/test/correct/basic_loop_assign/gcc_pic/basic_loop_assign.expected +++ b/src/test/correct/basic_loop_assign/gcc_pic/basic_loop_assign.expected @@ -229,9 +229,6 @@ procedure main() assume {:captureState "%000002d9"} true; R0, Gamma_R0 := 0bv64, true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_operation_evaluation/clang/basic_operation_evaluation.expected b/src/test/correct/basic_operation_evaluation/clang/basic_operation_evaluation.expected index f39128900..1865e25d2 100644 --- a/src/test/correct/basic_operation_evaluation/clang/basic_operation_evaluation.expected +++ b/src/test/correct/basic_operation_evaluation/clang/basic_operation_evaluation.expected @@ -285,9 +285,6 @@ procedure main() assume {:captureState "lmain_goto_l000003c9"} true; assume (bvcomp32(R10[32:0], 0bv32) != 0bv1); goto l000003c9; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_operation_evaluation/clang_O2/basic_operation_evaluation.expected b/src/test/correct/basic_operation_evaluation/clang_O2/basic_operation_evaluation.expected index 91c86ad15..dfea39b15 100644 --- a/src/test/correct/basic_operation_evaluation/clang_O2/basic_operation_evaluation.expected +++ b/src/test/correct/basic_operation_evaluation/clang_O2/basic_operation_evaluation.expected @@ -158,9 +158,6 @@ procedure main() assume {:captureState "lmain"} true; R0, Gamma_R0 := 0bv64, true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_operation_evaluation/clang_no_plt_no_pic/basic_operation_evaluation.expected b/src/test/correct/basic_operation_evaluation/clang_no_plt_no_pic/basic_operation_evaluation.expected index 777803502..46393c149 100644 --- a/src/test/correct/basic_operation_evaluation/clang_no_plt_no_pic/basic_operation_evaluation.expected +++ b/src/test/correct/basic_operation_evaluation/clang_no_plt_no_pic/basic_operation_evaluation.expected @@ -285,9 +285,6 @@ procedure main() assume {:captureState "l00000ab1"} true; R9, Gamma_R9 := zero_extend32_32(bvsdiv33(sign_extend1_32(R8[32:0]), sign_extend1_32(R10[32:0]))[32:0]), (Gamma_R10 && Gamma_R8); goto l00000ab4; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_operation_evaluation/clang_pic/basic_operation_evaluation.expected b/src/test/correct/basic_operation_evaluation/clang_pic/basic_operation_evaluation.expected index 777803502..46393c149 100644 --- a/src/test/correct/basic_operation_evaluation/clang_pic/basic_operation_evaluation.expected +++ b/src/test/correct/basic_operation_evaluation/clang_pic/basic_operation_evaluation.expected @@ -285,9 +285,6 @@ procedure main() assume {:captureState "l00000ab1"} true; R9, Gamma_R9 := zero_extend32_32(bvsdiv33(sign_extend1_32(R8[32:0]), sign_extend1_32(R10[32:0]))[32:0]), (Gamma_R10 && Gamma_R8); goto l00000ab4; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_operation_evaluation/gcc/basic_operation_evaluation.expected b/src/test/correct/basic_operation_evaluation/gcc/basic_operation_evaluation.expected index b0f7a3933..dd4dd5b58 100644 --- a/src/test/correct/basic_operation_evaluation/gcc/basic_operation_evaluation.expected +++ b/src/test/correct/basic_operation_evaluation/gcc/basic_operation_evaluation.expected @@ -257,9 +257,6 @@ procedure main() assume {:captureState "lmain_goto_l000003b8"} true; assume (bvcomp32(R1[32:0], 0bv32) == 0bv1); goto l000003b8; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_operation_evaluation/gcc_O2/basic_operation_evaluation.expected b/src/test/correct/basic_operation_evaluation/gcc_O2/basic_operation_evaluation.expected index 0918aa3d9..d1a99d9c1 100644 --- a/src/test/correct/basic_operation_evaluation/gcc_O2/basic_operation_evaluation.expected +++ b/src/test/correct/basic_operation_evaluation/gcc_O2/basic_operation_evaluation.expected @@ -158,9 +158,6 @@ procedure main() assume {:captureState "lmain"} true; R0, Gamma_R0 := 0bv64, true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_operation_evaluation/gcc_no_plt_no_pic/basic_operation_evaluation.expected b/src/test/correct/basic_operation_evaluation/gcc_no_plt_no_pic/basic_operation_evaluation.expected index e0ec1c246..7ca63d4e0 100644 --- a/src/test/correct/basic_operation_evaluation/gcc_no_plt_no_pic/basic_operation_evaluation.expected +++ b/src/test/correct/basic_operation_evaluation/gcc_no_plt_no_pic/basic_operation_evaluation.expected @@ -249,9 +249,6 @@ procedure main() R0, Gamma_R0 := 0bv64, true; R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; lmain_goto_l00000a73: assume {:captureState "lmain_goto_l00000a73"} true; assume (bvcomp32(R1[32:0], 0bv32) == 0bv1); diff --git a/src/test/correct/basic_operation_evaluation/gcc_pic/basic_operation_evaluation.expected b/src/test/correct/basic_operation_evaluation/gcc_pic/basic_operation_evaluation.expected index e0ec1c246..7ca63d4e0 100644 --- a/src/test/correct/basic_operation_evaluation/gcc_pic/basic_operation_evaluation.expected +++ b/src/test/correct/basic_operation_evaluation/gcc_pic/basic_operation_evaluation.expected @@ -249,9 +249,6 @@ procedure main() R0, Gamma_R0 := 0bv64, true; R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; lmain_goto_l00000a73: assume {:captureState "lmain_goto_l00000a73"} true; assume (bvcomp32(R1[32:0], 0bv32) == 0bv1); diff --git a/src/test/correct/basic_sec_policy_read/clang/basic_sec_policy_read.expected b/src/test/correct/basic_sec_policy_read/clang/basic_sec_policy_read.expected index 63c8713e6..dc14205b2 100644 --- a/src/test/correct/basic_sec_policy_read/clang/basic_sec_policy_read.expected +++ b/src/test/correct/basic_sec_policy_read/clang/basic_sec_policy_read.expected @@ -271,9 +271,6 @@ procedure main() assume {:captureState "l0000033c_goto_l00000344"} true; assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); goto l00000344; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_sec_policy_read/clang_O2/basic_sec_policy_read.expected b/src/test/correct/basic_sec_policy_read/clang_O2/basic_sec_policy_read.expected index f106b6baa..1c0247306 100644 --- a/src/test/correct/basic_sec_policy_read/clang_O2/basic_sec_policy_read.expected +++ b/src/test/correct/basic_sec_policy_read/clang_O2/basic_sec_policy_read.expected @@ -223,9 +223,6 @@ procedure main() l00000300: assume {:captureState "l00000300"} true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; l000002fa: assume {:captureState "l000002fa"} true; R0, Gamma_R0 := zero_extend32_32(R9[32:0]), Gamma_R9; diff --git a/src/test/correct/basic_sec_policy_read/clang_no_plt_no_pic/basic_sec_policy_read.expected b/src/test/correct/basic_sec_policy_read/clang_no_plt_no_pic/basic_sec_policy_read.expected index 33c15e2f7..ca16df9ea 100644 --- a/src/test/correct/basic_sec_policy_read/clang_no_plt_no_pic/basic_sec_policy_read.expected +++ b/src/test/correct/basic_sec_policy_read/clang_no_plt_no_pic/basic_sec_policy_read.expected @@ -267,9 +267,6 @@ procedure main() assume {:captureState "lmain_goto_l00000954"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); goto l00000954; - terminate: - assume {:captureState "terminate"} true; - goto terminate; lmain_goto_l00000957: assume {:captureState "lmain_goto_l00000957"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); diff --git a/src/test/correct/basic_sec_policy_read/clang_pic/basic_sec_policy_read.expected b/src/test/correct/basic_sec_policy_read/clang_pic/basic_sec_policy_read.expected index 6439b542e..52b428aea 100644 --- a/src/test/correct/basic_sec_policy_read/clang_pic/basic_sec_policy_read.expected +++ b/src/test/correct/basic_sec_policy_read/clang_pic/basic_sec_policy_read.expected @@ -318,9 +318,6 @@ procedure main() assume {:captureState "l0000034c"} true; R8, Gamma_R8 := 0bv64, true; goto l00000352; - terminate: - assume {:captureState "terminate"} true; - goto terminate; l00000371: assume {:captureState "l00000371"} true; goto l00000372; diff --git a/src/test/correct/basic_sec_policy_read/gcc/basic_sec_policy_read.expected b/src/test/correct/basic_sec_policy_read/gcc/basic_sec_policy_read.expected index 3d6276516..93e1f3f12 100644 --- a/src/test/correct/basic_sec_policy_read/gcc/basic_sec_policy_read.expected +++ b/src/test/correct/basic_sec_policy_read/gcc/basic_sec_policy_read.expected @@ -245,9 +245,6 @@ procedure main() assume {:captureState "lmain_goto_l0000032e"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); goto l0000032e; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_sec_policy_read/gcc_O2/basic_sec_policy_read.expected b/src/test/correct/basic_sec_policy_read/gcc_O2/basic_sec_policy_read.expected index 6769cf9f2..73f3aa101 100644 --- a/src/test/correct/basic_sec_policy_read/gcc_O2/basic_sec_policy_read.expected +++ b/src/test/correct/basic_sec_policy_read/gcc_O2/basic_sec_policy_read.expected @@ -197,9 +197,6 @@ procedure main() l000001c2: assume {:captureState "l000001c2"} true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; l0000039c: assume {:captureState "l0000039c"} true; call rely(); diff --git a/src/test/correct/basic_sec_policy_read/gcc_no_plt_no_pic/basic_sec_policy_read.expected b/src/test/correct/basic_sec_policy_read/gcc_no_plt_no_pic/basic_sec_policy_read.expected index 1b24919fd..17f65649e 100644 --- a/src/test/correct/basic_sec_policy_read/gcc_no_plt_no_pic/basic_sec_policy_read.expected +++ b/src/test/correct/basic_sec_policy_read/gcc_no_plt_no_pic/basic_sec_policy_read.expected @@ -245,9 +245,6 @@ procedure main() assume {:captureState "lmain_goto_l0000092b"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); goto l0000092b; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_sec_policy_read/gcc_pic/basic_sec_policy_read.expected b/src/test/correct/basic_sec_policy_read/gcc_pic/basic_sec_policy_read.expected index a3cda8213..f04a525a7 100644 --- a/src/test/correct/basic_sec_policy_read/gcc_pic/basic_sec_policy_read.expected +++ b/src/test/correct/basic_sec_policy_read/gcc_pic/basic_sec_policy_read.expected @@ -303,9 +303,6 @@ procedure main() assume {:captureState "lmain_goto_l00000347"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); goto l00000347; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_sec_policy_write/clang/basic_sec_policy_write.expected b/src/test/correct/basic_sec_policy_write/clang/basic_sec_policy_write.expected index 2cd41ee0d..a8ccbd6fb 100644 --- a/src/test/correct/basic_sec_policy_write/clang/basic_sec_policy_write.expected +++ b/src/test/correct/basic_sec_policy_write/clang/basic_sec_policy_write.expected @@ -243,9 +243,6 @@ procedure main() assume {:captureState "%0000032d"} true; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_sec_policy_write/clang_O2/basic_sec_policy_write.expected b/src/test/correct/basic_sec_policy_write/clang_O2/basic_sec_policy_write.expected index a7d07d4f8..158597629 100644 --- a/src/test/correct/basic_sec_policy_write/clang_O2/basic_sec_policy_write.expected +++ b/src/test/correct/basic_sec_policy_write/clang_O2/basic_sec_policy_write.expected @@ -214,9 +214,6 @@ procedure main() assert ((z_old != 0bv32) ==> (memory_load32_le(mem, $z_addr) != 0bv32)); assume {:captureState "%000002e7"} true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_sec_policy_write/clang_no_plt_no_pic/basic_sec_policy_write.expected b/src/test/correct/basic_sec_policy_write/clang_no_plt_no_pic/basic_sec_policy_write.expected index 8afacc364..b0389aeee 100644 --- a/src/test/correct/basic_sec_policy_write/clang_no_plt_no_pic/basic_sec_policy_write.expected +++ b/src/test/correct/basic_sec_policy_write/clang_no_plt_no_pic/basic_sec_policy_write.expected @@ -243,9 +243,6 @@ procedure main() assume {:captureState "%00000916"} true; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_sec_policy_write/clang_pic/basic_sec_policy_write.expected b/src/test/correct/basic_sec_policy_write/clang_pic/basic_sec_policy_write.expected index 0e77ec7c2..2705b073e 100644 --- a/src/test/correct/basic_sec_policy_write/clang_pic/basic_sec_policy_write.expected +++ b/src/test/correct/basic_sec_policy_write/clang_pic/basic_sec_policy_write.expected @@ -303,9 +303,6 @@ procedure main() assume {:captureState "%00000343"} true; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_sec_policy_write/gcc/basic_sec_policy_write.expected b/src/test/correct/basic_sec_policy_write/gcc/basic_sec_policy_write.expected index 960616bd0..710590dd0 100644 --- a/src/test/correct/basic_sec_policy_write/gcc/basic_sec_policy_write.expected +++ b/src/test/correct/basic_sec_policy_write/gcc/basic_sec_policy_write.expected @@ -245,9 +245,6 @@ procedure main() R0, Gamma_R0 := 0bv64, true; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_sec_policy_write/gcc_O2/basic_sec_policy_write.expected b/src/test/correct/basic_sec_policy_write/gcc_O2/basic_sec_policy_write.expected index 1ab98e60b..4791f49cc 100644 --- a/src/test/correct/basic_sec_policy_write/gcc_O2/basic_sec_policy_write.expected +++ b/src/test/correct/basic_sec_policy_write/gcc_O2/basic_sec_policy_write.expected @@ -214,9 +214,6 @@ procedure main() assert ((z_old != 0bv32) ==> (memory_load32_le(mem, $z_addr) != 0bv32)); assume {:captureState "%000001ca"} true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_sec_policy_write/gcc_no_plt_no_pic/basic_sec_policy_write.expected b/src/test/correct/basic_sec_policy_write/gcc_no_plt_no_pic/basic_sec_policy_write.expected index ce8841057..afae77c5a 100644 --- a/src/test/correct/basic_sec_policy_write/gcc_no_plt_no_pic/basic_sec_policy_write.expected +++ b/src/test/correct/basic_sec_policy_write/gcc_no_plt_no_pic/basic_sec_policy_write.expected @@ -245,9 +245,6 @@ procedure main() R0, Gamma_R0 := 0bv64, true; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_sec_policy_write/gcc_pic/basic_sec_policy_write.expected b/src/test/correct/basic_sec_policy_write/gcc_pic/basic_sec_policy_write.expected index 8fa02bba0..95cbc2272 100644 --- a/src/test/correct/basic_sec_policy_write/gcc_pic/basic_sec_policy_write.expected +++ b/src/test/correct/basic_sec_policy_write/gcc_pic/basic_sec_policy_write.expected @@ -305,9 +305,6 @@ procedure main() R0, Gamma_R0 := 0bv64, true; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basicassign_gamma0/clang/basicassign_gamma0.expected b/src/test/correct/basicassign_gamma0/clang/basicassign_gamma0.expected index 79db2270d..b35884c14 100644 --- a/src/test/correct/basicassign_gamma0/clang/basicassign_gamma0.expected +++ b/src/test/correct/basicassign_gamma0/clang/basicassign_gamma0.expected @@ -197,9 +197,6 @@ procedure main() assume {:captureState "%000002d9"} true; R0, Gamma_R0 := 0bv64, true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basicassign_gamma0/clang_O2/basicassign_gamma0.expected b/src/test/correct/basicassign_gamma0/clang_O2/basicassign_gamma0.expected index d51b9ba7c..a706ee7df 100644 --- a/src/test/correct/basicassign_gamma0/clang_O2/basicassign_gamma0.expected +++ b/src/test/correct/basicassign_gamma0/clang_O2/basicassign_gamma0.expected @@ -197,9 +197,6 @@ procedure main() mem, Gamma_mem := memory_store32_le(mem, bvadd64(R9, 56bv64), R8[32:0]), gamma_store32(Gamma_mem, bvadd64(R9, 56bv64), Gamma_R8); assume {:captureState "%000002de"} true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basicassign_gamma0/clang_no_plt_no_pic/basicassign_gamma0.expected b/src/test/correct/basicassign_gamma0/clang_no_plt_no_pic/basicassign_gamma0.expected index 4526b469f..81402577a 100644 --- a/src/test/correct/basicassign_gamma0/clang_no_plt_no_pic/basicassign_gamma0.expected +++ b/src/test/correct/basicassign_gamma0/clang_no_plt_no_pic/basicassign_gamma0.expected @@ -197,9 +197,6 @@ procedure main() assume {:captureState "%0000085d"} true; R0, Gamma_R0 := 0bv64, true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basicassign_gamma0/clang_pic/basicassign_gamma0.expected b/src/test/correct/basicassign_gamma0/clang_pic/basicassign_gamma0.expected index 58d3372b5..2a72ae46a 100644 --- a/src/test/correct/basicassign_gamma0/clang_pic/basicassign_gamma0.expected +++ b/src/test/correct/basicassign_gamma0/clang_pic/basicassign_gamma0.expected @@ -257,9 +257,6 @@ procedure main() assume {:captureState "%000002ef"} true; R0, Gamma_R0 := 0bv64, true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basicassign_gamma0/gcc/basicassign_gamma0.expected b/src/test/correct/basicassign_gamma0/gcc/basicassign_gamma0.expected index 337e76d68..8fca18020 100644 --- a/src/test/correct/basicassign_gamma0/gcc/basicassign_gamma0.expected +++ b/src/test/correct/basicassign_gamma0/gcc/basicassign_gamma0.expected @@ -197,9 +197,6 @@ procedure main() assume {:captureState "%000002ed"} true; R0, Gamma_R0 := 0bv64, true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basicassign_gamma0/gcc_O2/basicassign_gamma0.expected b/src/test/correct/basicassign_gamma0/gcc_O2/basicassign_gamma0.expected index b292fb2b9..1be2cda39 100644 --- a/src/test/correct/basicassign_gamma0/gcc_O2/basicassign_gamma0.expected +++ b/src/test/correct/basicassign_gamma0/gcc_O2/basicassign_gamma0.expected @@ -197,9 +197,6 @@ procedure main() mem, Gamma_mem := memory_store32_le(mem, bvadd64(R1, 20bv64), R2[32:0]), gamma_store32(Gamma_mem, bvadd64(R1, 20bv64), Gamma_R2); assume {:captureState "%000001c5"} true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basicassign_gamma0/gcc_no_plt_no_pic/basicassign_gamma0.expected b/src/test/correct/basicassign_gamma0/gcc_no_plt_no_pic/basicassign_gamma0.expected index d5f19684f..44d87afe8 100644 --- a/src/test/correct/basicassign_gamma0/gcc_no_plt_no_pic/basicassign_gamma0.expected +++ b/src/test/correct/basicassign_gamma0/gcc_no_plt_no_pic/basicassign_gamma0.expected @@ -197,9 +197,6 @@ procedure main() assume {:captureState "%00000889"} true; R0, Gamma_R0 := 0bv64, true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basicassign_gamma0/gcc_pic/basicassign_gamma0.expected b/src/test/correct/basicassign_gamma0/gcc_pic/basicassign_gamma0.expected index 0f0efdb00..29eacf259 100644 --- a/src/test/correct/basicassign_gamma0/gcc_pic/basicassign_gamma0.expected +++ b/src/test/correct/basicassign_gamma0/gcc_pic/basicassign_gamma0.expected @@ -255,9 +255,6 @@ procedure main() assume {:captureState "%000002ef"} true; R0, Gamma_R0 := 0bv64, true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basicfree/clang/basicfree.expected b/src/test/correct/basicfree/clang/basicfree.expected index 5ab7c0927..6ae919533 100644 --- a/src/test/correct/basicfree/clang/basicfree.expected +++ b/src/test/correct/basicfree/clang/basicfree.expected @@ -316,9 +316,6 @@ procedure main() R30, Gamma_R30 := 2048bv64, true; call #free(); goto l00000338; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basicfree/clang_O2/basicfree.expected b/src/test/correct/basicfree/clang_O2/basicfree.expected index abc430756..58fb5e478 100644 --- a/src/test/correct/basicfree/clang_O2/basicfree.expected +++ b/src/test/correct/basicfree/clang_O2/basicfree.expected @@ -154,9 +154,6 @@ procedure main() lmain: assume {:captureState "lmain"} true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basicfree/clang_no_plt_no_pic/basicfree.expected b/src/test/correct/basicfree/clang_no_plt_no_pic/basicfree.expected index 736374024..80b3b84fb 100644 --- a/src/test/correct/basicfree/clang_no_plt_no_pic/basicfree.expected +++ b/src/test/correct/basicfree/clang_no_plt_no_pic/basicfree.expected @@ -316,9 +316,6 @@ procedure main() R30, Gamma_R30 := memory_load64_le(stack, bvadd64(#5, 8bv64)), gamma_load64(Gamma_stack, bvadd64(#5, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basicfree/clang_pic/basicfree.expected b/src/test/correct/basicfree/clang_pic/basicfree.expected index 736374024..80b3b84fb 100644 --- a/src/test/correct/basicfree/clang_pic/basicfree.expected +++ b/src/test/correct/basicfree/clang_pic/basicfree.expected @@ -316,9 +316,6 @@ procedure main() R30, Gamma_R30 := memory_load64_le(stack, bvadd64(#5, 8bv64)), gamma_load64(Gamma_stack, bvadd64(#5, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basicfree/gcc/basicfree.expected b/src/test/correct/basicfree/gcc/basicfree.expected index 3c8846d26..36f339208 100644 --- a/src/test/correct/basicfree/gcc/basicfree.expected +++ b/src/test/correct/basicfree/gcc/basicfree.expected @@ -311,9 +311,6 @@ procedure main() R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basicfree/gcc_O2/basicfree.expected b/src/test/correct/basicfree/gcc_O2/basicfree.expected index ab6b5b132..c9457a096 100644 --- a/src/test/correct/basicfree/gcc_O2/basicfree.expected +++ b/src/test/correct/basicfree/gcc_O2/basicfree.expected @@ -154,9 +154,6 @@ procedure main() lmain: assume {:captureState "lmain"} true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basicfree/gcc_no_plt_no_pic/basicfree.expected b/src/test/correct/basicfree/gcc_no_plt_no_pic/basicfree.expected index 21f7b7989..c233d0633 100644 --- a/src/test/correct/basicfree/gcc_no_plt_no_pic/basicfree.expected +++ b/src/test/correct/basicfree/gcc_no_plt_no_pic/basicfree.expected @@ -311,9 +311,6 @@ procedure main() R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basicfree/gcc_pic/basicfree.expected b/src/test/correct/basicfree/gcc_pic/basicfree.expected index 21f7b7989..c233d0633 100644 --- a/src/test/correct/basicfree/gcc_pic/basicfree.expected +++ b/src/test/correct/basicfree/gcc_pic/basicfree.expected @@ -311,9 +311,6 @@ procedure main() R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/cjump/clang/cjump.expected b/src/test/correct/cjump/clang/cjump.expected index ec0dfb505..f4ebc0628 100644 --- a/src/test/correct/cjump/clang/cjump.expected +++ b/src/test/correct/cjump/clang/cjump.expected @@ -229,23 +229,6 @@ procedure main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; goto lmain_goto_l00000343, lmain_goto_l00000346; - l00000349_goto_l00000351: - assume {:captureState "l00000349_goto_l00000351"} true; - assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); - goto l00000351; - l00000343: - assume {:captureState "l00000343"} true; - R8, Gamma_R8 := 0bv64, true; - goto l00000349; - l00000351: - assume {:captureState "l00000351"} true; - R9, Gamma_R9 := 69632bv64, true; - R8, Gamma_R8 := 2bv64, true; - call rely(); - assert (L(mem, bvadd64(R9, 56bv64)) ==> Gamma_R8); - mem, Gamma_mem := memory_store32_le(mem, bvadd64(R9, 56bv64), R8[32:0]), gamma_store32(Gamma_mem, bvadd64(R9, 56bv64), Gamma_R8); - assume {:captureState "%00000366"} true; - goto l00000369; l00000349: assume {:captureState "l00000349"} true; assert Gamma_R8; @@ -270,6 +253,10 @@ procedure main() l0000037e: assume {:captureState "l0000037e"} true; goto l0000037f; + l00000349_goto_l00000351: + assume {:captureState "l00000349_goto_l00000351"} true; + assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); + goto l00000351; l0000037f: assume {:captureState "l0000037f"} true; R8, Gamma_R8 := 3bv64, true; @@ -279,9 +266,19 @@ procedure main() mem, Gamma_mem := memory_store32_le(mem, bvadd64(R9, 56bv64), R8[32:0]), gamma_store32(Gamma_mem, bvadd64(R9, 56bv64), Gamma_R8); assume {:captureState "%00000392"} true; goto l00000369; - terminate: - assume {:captureState "terminate"} true; - goto terminate; + l00000343: + assume {:captureState "l00000343"} true; + R8, Gamma_R8 := 0bv64, true; + goto l00000349; + l00000351: + assume {:captureState "l00000351"} true; + R9, Gamma_R9 := 69632bv64, true; + R8, Gamma_R8 := 2bv64, true; + call rely(); + assert (L(mem, bvadd64(R9, 56bv64)) ==> Gamma_R8); + mem, Gamma_mem := memory_store32_le(mem, bvadd64(R9, 56bv64), R8[32:0]), gamma_store32(Gamma_mem, bvadd64(R9, 56bv64), Gamma_R8); + assume {:captureState "%00000366"} true; + goto l00000369; l00000349_goto_l0000037e: assume {:captureState "l00000349_goto_l0000037e"} true; assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); diff --git a/src/test/correct/cjump/clang_O2/cjump.expected b/src/test/correct/cjump/clang_O2/cjump.expected index 4891e96d6..776200591 100644 --- a/src/test/correct/cjump/clang_O2/cjump.expected +++ b/src/test/correct/cjump/clang_O2/cjump.expected @@ -199,9 +199,6 @@ procedure main() mem, Gamma_mem := memory_store32_le(mem, bvadd64(R10, 56bv64), R11[32:0]), gamma_store32(Gamma_mem, bvadd64(R10, 56bv64), Gamma_R11); assume {:captureState "%000002f1"} true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/cjump/clang_no_plt_no_pic/cjump.expected b/src/test/correct/cjump/clang_no_plt_no_pic/cjump.expected index 5efe98b5c..876fc4443 100644 --- a/src/test/correct/cjump/clang_no_plt_no_pic/cjump.expected +++ b/src/test/correct/cjump/clang_no_plt_no_pic/cjump.expected @@ -238,6 +238,14 @@ procedure main() mem, Gamma_mem := memory_store32_le(mem, bvadd64(R9, 56bv64), R8[32:0]), gamma_store32(Gamma_mem, bvadd64(R9, 56bv64), Gamma_R8); assume {:captureState "%000009e8"} true; goto l000009bf; + l0000099f_goto_l000009d4: + assume {:captureState "l0000099f_goto_l000009d4"} true; + assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); + goto l000009d4; + l00000999: + assume {:captureState "l00000999"} true; + R8, Gamma_R8 := 0bv64, true; + goto l0000099f; l000009d4: assume {:captureState "l000009d4"} true; goto l000009d5; @@ -249,6 +257,14 @@ procedure main() assume {:captureState "lmain_goto_l0000099c"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); goto l0000099c; + l0000099f_goto_l000009a7: + assume {:captureState "l0000099f_goto_l000009a7"} true; + assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); + goto l000009a7; + l0000099c: + assume {:captureState "l0000099c"} true; + R8, Gamma_R8 := 1bv64, true; + goto l0000099f; lmain_goto_l00000999: assume {:captureState "lmain_goto_l00000999"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); @@ -262,25 +278,6 @@ procedure main() mem, Gamma_mem := memory_store32_le(mem, bvadd64(R9, 56bv64), R8[32:0]), gamma_store32(Gamma_mem, bvadd64(R9, 56bv64), Gamma_R8); assume {:captureState "%000009bc"} true; goto l000009bf; - l0000099f_goto_l000009d4: - assume {:captureState "l0000099f_goto_l000009d4"} true; - assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); - goto l000009d4; - l00000999: - assume {:captureState "l00000999"} true; - R8, Gamma_R8 := 0bv64, true; - goto l0000099f; - l0000099f_goto_l000009a7: - assume {:captureState "l0000099f_goto_l000009a7"} true; - assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); - goto l000009a7; - l0000099c: - assume {:captureState "l0000099c"} true; - R8, Gamma_R8 := 1bv64, true; - goto l0000099f; - terminate: - assume {:captureState "terminate"} true; - goto terminate; l000009bf: assume {:captureState "l000009bf"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); diff --git a/src/test/correct/cjump/clang_pic/cjump.expected b/src/test/correct/cjump/clang_pic/cjump.expected index 1c6da8825..f253176a8 100644 --- a/src/test/correct/cjump/clang_pic/cjump.expected +++ b/src/test/correct/cjump/clang_pic/cjump.expected @@ -287,6 +287,22 @@ procedure main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; goto lmain_goto_l00000359, lmain_goto_l00000356; + l00000356: + assume {:captureState "l00000356"} true; + R8, Gamma_R8 := 0bv64, true; + goto l0000035c; + l00000359: + assume {:captureState "l00000359"} true; + R8, Gamma_R8 := 1bv64, true; + goto l0000035c; + lmain_goto_l00000356: + assume {:captureState "lmain_goto_l00000356"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); + goto l00000356; + l0000035c_goto_l00000398: + assume {:captureState "l0000035c_goto_l00000398"} true; + assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); + goto l00000398; l00000364: assume {:captureState "l00000364"} true; R9, Gamma_R9 := 65536bv64, true; @@ -298,6 +314,10 @@ procedure main() mem, Gamma_mem := memory_store32_le(mem, R9, R8[32:0]), gamma_store32(Gamma_mem, R9, Gamma_R8); assume {:captureState "%00000380"} true; goto l00000383; + l0000035c: + assume {:captureState "l0000035c"} true; + assert Gamma_R8; + goto l0000035c_goto_l00000398, l0000035c_goto_l00000364; lmain_goto_l00000359: assume {:captureState "lmain_goto_l00000359"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); @@ -316,38 +336,15 @@ procedure main() l00000398: assume {:captureState "l00000398"} true; goto l00000399; + l0000035c_goto_l00000364: + assume {:captureState "l0000035c_goto_l00000364"} true; + assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); + goto l00000364; l00000383: assume {:captureState "l00000383"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto main_return; - l00000356: - assume {:captureState "l00000356"} true; - R8, Gamma_R8 := 0bv64, true; - goto l0000035c; - l00000359: - assume {:captureState "l00000359"} true; - R8, Gamma_R8 := 1bv64, true; - goto l0000035c; - lmain_goto_l00000356: - assume {:captureState "lmain_goto_l00000356"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); - goto l00000356; - l0000035c_goto_l00000398: - assume {:captureState "l0000035c_goto_l00000398"} true; - assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); - goto l00000398; - l0000035c: - assume {:captureState "l0000035c"} true; - assert Gamma_R8; - goto l0000035c_goto_l00000398, l0000035c_goto_l00000364; - terminate: - assume {:captureState "terminate"} true; - goto terminate; - l0000035c_goto_l00000364: - assume {:captureState "l0000035c_goto_l00000364"} true; - assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); - goto l00000364; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/cjump/gcc/cjump.expected b/src/test/correct/cjump/gcc/cjump.expected index 0e0ea9c1b..63678d92e 100644 --- a/src/test/correct/cjump/gcc/cjump.expected +++ b/src/test/correct/cjump/gcc/cjump.expected @@ -252,9 +252,6 @@ procedure main() mem, Gamma_mem := memory_store32_le(mem, R0, R1[32:0]), gamma_store32(Gamma_mem, R0, Gamma_R1); assume {:captureState "%0000037b"} true; goto l0000035b; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/cjump/gcc_O2/cjump.expected b/src/test/correct/cjump/gcc_O2/cjump.expected index 8811d0fb2..c06ac50e3 100644 --- a/src/test/correct/cjump/gcc_O2/cjump.expected +++ b/src/test/correct/cjump/gcc_O2/cjump.expected @@ -197,9 +197,6 @@ procedure main() mem, Gamma_mem := memory_store32_le(mem, bvadd64(R1, 4bv64), R2[32:0]), gamma_store32(Gamma_mem, bvadd64(R1, 4bv64), Gamma_R2); assume {:captureState "%000001d0"} true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/cjump/gcc_no_plt_no_pic/cjump.expected b/src/test/correct/cjump/gcc_no_plt_no_pic/cjump.expected index e46100cda..ffee89bae 100644 --- a/src/test/correct/cjump/gcc_no_plt_no_pic/cjump.expected +++ b/src/test/correct/cjump/gcc_no_plt_no_pic/cjump.expected @@ -248,9 +248,6 @@ procedure main() mem, Gamma_mem := memory_store32_le(mem, R0, R1[32:0]), gamma_store32(Gamma_mem, R0, Gamma_R1); assume {:captureState "%00000997"} true; goto l00000999; - terminate: - assume {:captureState "terminate"} true; - goto terminate; lmain_goto_l000009a3: assume {:captureState "lmain_goto_l000009a3"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); diff --git a/src/test/correct/cjump/gcc_pic/cjump.expected b/src/test/correct/cjump/gcc_pic/cjump.expected index 67d3acb56..915e1393b 100644 --- a/src/test/correct/cjump/gcc_pic/cjump.expected +++ b/src/test/correct/cjump/gcc_pic/cjump.expected @@ -301,9 +301,6 @@ procedure main() assume {:captureState "l0000035e"} true; R0, Gamma_R0 := 0bv64, true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; l00000340: assume {:captureState "l00000340"} true; R0, Gamma_R0 := 65536bv64, true; diff --git a/src/test/correct/function/clang/function.expected b/src/test/correct/function/clang/function.expected index 80985a02b..db38a3787 100644 --- a/src/test/correct/function/clang/function.expected +++ b/src/test/correct/function/clang/function.expected @@ -190,9 +190,6 @@ procedure get_two() assume {:captureState "lget_two"} true; R0, Gamma_R0 := 2bv64, true; goto get_two_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; get_two_return: assume {:captureState "get_two_return"} true; return; @@ -327,9 +324,6 @@ procedure main() R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/function/clang_O2/function.expected b/src/test/correct/function/clang_O2/function.expected index 4de5fe980..bd5472c73 100644 --- a/src/test/correct/function/clang_O2/function.expected +++ b/src/test/correct/function/clang_O2/function.expected @@ -199,9 +199,6 @@ procedure main() mem, Gamma_mem := memory_store32_le(mem, bvadd64(R10, 56bv64), R11[32:0]), gamma_store32(Gamma_mem, bvadd64(R10, 56bv64), Gamma_R11); assume {:captureState "%000002f9"} true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/function/clang_no_plt_no_pic/function.expected b/src/test/correct/function/clang_no_plt_no_pic/function.expected index 80985a02b..db38a3787 100644 --- a/src/test/correct/function/clang_no_plt_no_pic/function.expected +++ b/src/test/correct/function/clang_no_plt_no_pic/function.expected @@ -190,9 +190,6 @@ procedure get_two() assume {:captureState "lget_two"} true; R0, Gamma_R0 := 2bv64, true; goto get_two_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; get_two_return: assume {:captureState "get_two_return"} true; return; @@ -327,9 +324,6 @@ procedure main() R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/function/clang_pic/function.expected b/src/test/correct/function/clang_pic/function.expected index 9a2687027..b753673ce 100644 --- a/src/test/correct/function/clang_pic/function.expected +++ b/src/test/correct/function/clang_pic/function.expected @@ -238,9 +238,6 @@ procedure get_two() assume {:captureState "lget_two"} true; R0, Gamma_R0 := 2bv64, true; goto get_two_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; get_two_return: assume {:captureState "get_two_return"} true; return; @@ -411,9 +408,6 @@ procedure main() R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/function/gcc/function.expected b/src/test/correct/function/gcc/function.expected index 329c32c1e..1aa6e3cb9 100644 --- a/src/test/correct/function/gcc/function.expected +++ b/src/test/correct/function/gcc/function.expected @@ -189,9 +189,6 @@ procedure get_two() assume {:captureState "lget_two"} true; R0, Gamma_R0 := 2bv64, true; goto get_two_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; get_two_return: assume {:captureState "get_two_return"} true; return; @@ -329,9 +326,6 @@ procedure main() R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/function/gcc_O2/function.expected b/src/test/correct/function/gcc_O2/function.expected index 879bea546..30dc67824 100644 --- a/src/test/correct/function/gcc_O2/function.expected +++ b/src/test/correct/function/gcc_O2/function.expected @@ -197,9 +197,6 @@ procedure main() mem, Gamma_mem := memory_store32_le(mem, bvadd64(R1, 4bv64), R2[32:0]), gamma_store32(Gamma_mem, bvadd64(R1, 4bv64), Gamma_R2); assume {:captureState "%000001e4"} true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/function/gcc_no_plt_no_pic/function.expected b/src/test/correct/function/gcc_no_plt_no_pic/function.expected index 329c32c1e..1aa6e3cb9 100644 --- a/src/test/correct/function/gcc_no_plt_no_pic/function.expected +++ b/src/test/correct/function/gcc_no_plt_no_pic/function.expected @@ -189,9 +189,6 @@ procedure get_two() assume {:captureState "lget_two"} true; R0, Gamma_R0 := 2bv64, true; goto get_two_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; get_two_return: assume {:captureState "get_two_return"} true; return; @@ -329,9 +326,6 @@ procedure main() R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/function/gcc_pic/function.expected b/src/test/correct/function/gcc_pic/function.expected index 3a318b1a5..18b93ea4a 100644 --- a/src/test/correct/function/gcc_pic/function.expected +++ b/src/test/correct/function/gcc_pic/function.expected @@ -237,9 +237,6 @@ procedure get_two() assume {:captureState "lget_two"} true; R0, Gamma_R0 := 2bv64, true; goto get_two_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; get_two_return: assume {:captureState "get_two_return"} true; return; @@ -411,9 +408,6 @@ procedure main() R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/function1/clang/function1.expected b/src/test/correct/function1/clang/function1.expected index 08a0e42b4..ce9ceacd2 100644 --- a/src/test/correct/function1/clang/function1.expected +++ b/src/test/correct/function1/clang/function1.expected @@ -246,9 +246,6 @@ procedure get_two() R0, Gamma_R0 := zero_extend32_32(R8[32:0]), Gamma_R8; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto get_two_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; get_two_return: assume {:captureState "get_two_return"} true; return; @@ -403,9 +400,6 @@ procedure main() R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/function1/clang_O2/function1.expected b/src/test/correct/function1/clang_O2/function1.expected index 08de9f209..a38dd5198 100644 --- a/src/test/correct/function1/clang_O2/function1.expected +++ b/src/test/correct/function1/clang_O2/function1.expected @@ -257,9 +257,6 @@ procedure main() R30, Gamma_R30 := 1944bv64, true; call printf(); goto l00000371; - terminate: - assume {:captureState "terminate"} true; - goto terminate; l00000371: assume {:captureState "l00000371"} true; R0, Gamma_R0 := 0bv64, true; diff --git a/src/test/correct/function1/clang_no_plt_no_pic/function1.expected b/src/test/correct/function1/clang_no_plt_no_pic/function1.expected index 35e574523..6ed53de8e 100644 --- a/src/test/correct/function1/clang_no_plt_no_pic/function1.expected +++ b/src/test/correct/function1/clang_no_plt_no_pic/function1.expected @@ -246,9 +246,6 @@ procedure get_two() R0, Gamma_R0 := zero_extend32_32(R8[32:0]), Gamma_R8; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto get_two_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; get_two_return: assume {:captureState "get_two_return"} true; return; @@ -403,9 +400,6 @@ procedure main() R30, Gamma_R30 := 1992bv64, true; call printf(); goto l00000b06; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/function1/clang_pic/function1.expected b/src/test/correct/function1/clang_pic/function1.expected index 998504616..564b4c4bf 100644 --- a/src/test/correct/function1/clang_pic/function1.expected +++ b/src/test/correct/function1/clang_pic/function1.expected @@ -294,9 +294,6 @@ procedure get_two() R0, Gamma_R0 := zero_extend32_32(R8[32:0]), Gamma_R8; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto get_two_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; get_two_return: assume {:captureState "get_two_return"} true; return; @@ -487,9 +484,6 @@ procedure main() R30, Gamma_R30 := 2064bv64, true; call printf(); goto l0000040b; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/function1/gcc/function1.expected b/src/test/correct/function1/gcc/function1.expected index a902ed78e..dd4fb3d06 100644 --- a/src/test/correct/function1/gcc/function1.expected +++ b/src/test/correct/function1/gcc/function1.expected @@ -253,9 +253,6 @@ procedure get_two() R0, Gamma_R0 := zero_extend32_32(bvadd32(R1[32:0], R0[32:0])), (Gamma_R0 && Gamma_R1); R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto get_two_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; get_two_return: assume {:captureState "get_two_return"} true; return; @@ -424,9 +421,6 @@ procedure main() R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/function1/gcc_O2/function1.expected b/src/test/correct/function1/gcc_O2/function1.expected index 3ae3c2281..67e7190c4 100644 --- a/src/test/correct/function1/gcc_O2/function1.expected +++ b/src/test/correct/function1/gcc_O2/function1.expected @@ -361,9 +361,6 @@ procedure main() R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/function1/gcc_no_plt_no_pic/function1.expected b/src/test/correct/function1/gcc_no_plt_no_pic/function1.expected index e04c37dd9..8b2bbba4a 100644 --- a/src/test/correct/function1/gcc_no_plt_no_pic/function1.expected +++ b/src/test/correct/function1/gcc_no_plt_no_pic/function1.expected @@ -253,9 +253,6 @@ procedure get_two() R0, Gamma_R0 := zero_extend32_32(bvadd32(R1[32:0], R0[32:0])), (Gamma_R0 && Gamma_R1); R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto get_two_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; get_two_return: assume {:captureState "get_two_return"} true; return; @@ -424,9 +421,6 @@ procedure main() R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/function1/gcc_pic/function1.expected b/src/test/correct/function1/gcc_pic/function1.expected index cf8fbb4b6..3f52d12cc 100644 --- a/src/test/correct/function1/gcc_pic/function1.expected +++ b/src/test/correct/function1/gcc_pic/function1.expected @@ -301,9 +301,6 @@ procedure get_two() R0, Gamma_R0 := zero_extend32_32(bvadd32(R1[32:0], R0[32:0])), (Gamma_R0 && Gamma_R1); R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto get_two_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; get_two_return: assume {:captureState "get_two_return"} true; return; @@ -507,9 +504,6 @@ procedure main() R30, Gamma_R30 := 2080bv64, true; call printf(); goto l00000433; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/functions_with_params/clang/functions_with_params.expected b/src/test/correct/functions_with_params/clang/functions_with_params.expected index 78f7ee396..9f5db692d 100644 --- a/src/test/correct/functions_with_params/clang/functions_with_params.expected +++ b/src/test/correct/functions_with_params/clang/functions_with_params.expected @@ -236,9 +236,6 @@ procedure main() R30, Gamma_R30 := memory_load64_le(stack, bvadd64(#5, 8bv64)), gamma_load64(Gamma_stack, bvadd64(#5, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; @@ -330,9 +327,6 @@ procedure plus_one() R0, Gamma_R0 := zero_extend32_32(bvadd32(R8[32:0], 1bv32)), Gamma_R8; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto plus_one_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; plus_one_return: assume {:captureState "plus_one_return"} true; return; diff --git a/src/test/correct/functions_with_params/clang_O2/functions_with_params.expected b/src/test/correct/functions_with_params/clang_O2/functions_with_params.expected index 82e284cc8..2b172a81c 100644 --- a/src/test/correct/functions_with_params/clang_O2/functions_with_params.expected +++ b/src/test/correct/functions_with_params/clang_O2/functions_with_params.expected @@ -158,9 +158,6 @@ procedure main() assume {:captureState "lmain"} true; R0, Gamma_R0 := 0bv64, true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/functions_with_params/clang_no_plt_no_pic/functions_with_params.expected b/src/test/correct/functions_with_params/clang_no_plt_no_pic/functions_with_params.expected index bc9463c3c..d37782ad8 100644 --- a/src/test/correct/functions_with_params/clang_no_plt_no_pic/functions_with_params.expected +++ b/src/test/correct/functions_with_params/clang_no_plt_no_pic/functions_with_params.expected @@ -236,9 +236,6 @@ procedure main() R30, Gamma_R30 := memory_load64_le(stack, bvadd64(#5, 8bv64)), gamma_load64(Gamma_stack, bvadd64(#5, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; @@ -330,9 +327,6 @@ procedure plus_one() R0, Gamma_R0 := zero_extend32_32(bvadd32(R8[32:0], 1bv32)), Gamma_R8; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto plus_one_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; plus_one_return: assume {:captureState "plus_one_return"} true; return; diff --git a/src/test/correct/functions_with_params/clang_pic/functions_with_params.expected b/src/test/correct/functions_with_params/clang_pic/functions_with_params.expected index bc9463c3c..d37782ad8 100644 --- a/src/test/correct/functions_with_params/clang_pic/functions_with_params.expected +++ b/src/test/correct/functions_with_params/clang_pic/functions_with_params.expected @@ -236,9 +236,6 @@ procedure main() R30, Gamma_R30 := memory_load64_le(stack, bvadd64(#5, 8bv64)), gamma_load64(Gamma_stack, bvadd64(#5, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; @@ -330,9 +327,6 @@ procedure plus_one() R0, Gamma_R0 := zero_extend32_32(bvadd32(R8[32:0], 1bv32)), Gamma_R8; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto plus_one_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; plus_one_return: assume {:captureState "plus_one_return"} true; return; diff --git a/src/test/correct/functions_with_params/gcc/functions_with_params.expected b/src/test/correct/functions_with_params/gcc/functions_with_params.expected index 346b137c8..1b9fe4db8 100644 --- a/src/test/correct/functions_with_params/gcc/functions_with_params.expected +++ b/src/test/correct/functions_with_params/gcc/functions_with_params.expected @@ -231,9 +231,6 @@ procedure main() R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; @@ -325,9 +322,6 @@ procedure plus_one() R0, Gamma_R0 := zero_extend32_32(bvadd32(R0[32:0], 1bv32)), Gamma_R0; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto plus_one_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; plus_one_return: assume {:captureState "plus_one_return"} true; return; diff --git a/src/test/correct/functions_with_params/gcc_O2/functions_with_params.expected b/src/test/correct/functions_with_params/gcc_O2/functions_with_params.expected index 79ad5fd8f..c0defe6b9 100644 --- a/src/test/correct/functions_with_params/gcc_O2/functions_with_params.expected +++ b/src/test/correct/functions_with_params/gcc_O2/functions_with_params.expected @@ -158,9 +158,6 @@ procedure main() assume {:captureState "lmain"} true; R0, Gamma_R0 := 0bv64, true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/functions_with_params/gcc_no_plt_no_pic/functions_with_params.expected b/src/test/correct/functions_with_params/gcc_no_plt_no_pic/functions_with_params.expected index 4b400c996..ff3cdad0c 100644 --- a/src/test/correct/functions_with_params/gcc_no_plt_no_pic/functions_with_params.expected +++ b/src/test/correct/functions_with_params/gcc_no_plt_no_pic/functions_with_params.expected @@ -231,9 +231,6 @@ procedure main() R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; @@ -325,9 +322,6 @@ procedure plus_one() R0, Gamma_R0 := zero_extend32_32(bvadd32(R0[32:0], 1bv32)), Gamma_R0; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto plus_one_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; plus_one_return: assume {:captureState "plus_one_return"} true; return; diff --git a/src/test/correct/functions_with_params/gcc_pic/functions_with_params.expected b/src/test/correct/functions_with_params/gcc_pic/functions_with_params.expected index 4b400c996..ff3cdad0c 100644 --- a/src/test/correct/functions_with_params/gcc_pic/functions_with_params.expected +++ b/src/test/correct/functions_with_params/gcc_pic/functions_with_params.expected @@ -231,9 +231,6 @@ procedure main() R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; @@ -325,9 +322,6 @@ procedure plus_one() R0, Gamma_R0 := zero_extend32_32(bvadd32(R0[32:0], 1bv32)), Gamma_R0; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto plus_one_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; plus_one_return: assume {:captureState "plus_one_return"} true; return; diff --git a/src/test/correct/ifbranches/clang/ifbranches.expected b/src/test/correct/ifbranches/clang/ifbranches.expected index d5dfd11c3..5cddc1344 100644 --- a/src/test/correct/ifbranches/clang/ifbranches.expected +++ b/src/test/correct/ifbranches/clang/ifbranches.expected @@ -227,6 +227,10 @@ procedure main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; goto lmain_goto_l0000034c, lmain_goto_l0000034f; + l00000352_goto_l0000035a: + assume {:captureState "l00000352_goto_l0000035a"} true; + assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); + goto l0000035a; l0000034f: assume {:captureState "l0000034f"} true; R8, Gamma_R8 := 1bv64, true; @@ -246,6 +250,15 @@ procedure main() l00000397: assume {:captureState "l00000397"} true; goto l00000398; + l0000036d: + assume {:captureState "l0000036d"} true; + R8, Gamma_R8 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); + R8, Gamma_R8 := zero_extend32_32(bvadd32(R8[32:0], 1bv32)), Gamma_R8; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 8bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 8bv64), Gamma_R8); + assume {:captureState "%00000383"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); + R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; + goto main_return; l00000352: assume {:captureState "l00000352"} true; assert Gamma_R8; @@ -256,26 +269,10 @@ procedure main() stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R8); assume {:captureState "%000003a6"} true; goto l0000036d; - l00000352_goto_l0000035a: - assume {:captureState "l00000352_goto_l0000035a"} true; - assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); - goto l0000035a; - l0000036d: - assume {:captureState "l0000036d"} true; - R8, Gamma_R8 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); - R8, Gamma_R8 := zero_extend32_32(bvadd32(R8[32:0], 1bv32)), Gamma_R8; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 8bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 8bv64), Gamma_R8); - assume {:captureState "%00000383"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); - R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; - goto main_return; l0000034c: assume {:captureState "l0000034c"} true; R8, Gamma_R8 := 0bv64, true; goto l00000352; - terminate: - assume {:captureState "terminate"} true; - goto terminate; l0000035a: assume {:captureState "l0000035a"} true; R8, Gamma_R8 := 2bv64, true; diff --git a/src/test/correct/ifbranches/clang_O2/ifbranches.expected b/src/test/correct/ifbranches/clang_O2/ifbranches.expected index 69405008f..7e1269937 100644 --- a/src/test/correct/ifbranches/clang_O2/ifbranches.expected +++ b/src/test/correct/ifbranches/clang_O2/ifbranches.expected @@ -200,9 +200,6 @@ procedure main() assume {:captureState "l000002db"} true; R0, Gamma_R0 := zero_extend32_32(R8[32:0]), Gamma_R8; goto l000002e2; - terminate: - assume {:captureState "terminate"} true; - goto terminate; l000002e2: assume {:captureState "l000002e2"} true; goto main_return; diff --git a/src/test/correct/ifbranches/clang_no_plt_no_pic/ifbranches.expected b/src/test/correct/ifbranches/clang_no_plt_no_pic/ifbranches.expected index f18274e41..d265c5c2c 100644 --- a/src/test/correct/ifbranches/clang_no_plt_no_pic/ifbranches.expected +++ b/src/test/correct/ifbranches/clang_no_plt_no_pic/ifbranches.expected @@ -227,6 +227,14 @@ procedure main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; goto lmain_goto_l000009b8, lmain_goto_l000009bb; + lmain_goto_l000009b8: + assume {:captureState "lmain_goto_l000009b8"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l000009b8; + l000009bb: + assume {:captureState "l000009bb"} true; + R8, Gamma_R8 := 1bv64, true; + goto l000009be; l000009be_goto_l000009c6: assume {:captureState "l000009be_goto_l000009c6"} true; assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); @@ -244,6 +252,10 @@ procedure main() assume {:captureState "lmain_goto_l000009bb"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); goto l000009bb; + l000009be_goto_l00000a03: + assume {:captureState "l000009be_goto_l00000a03"} true; + assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); + goto l00000a03; l000009d9: assume {:captureState "l000009d9"} true; R8, Gamma_R8 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); @@ -263,21 +275,6 @@ procedure main() stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R8); assume {:captureState "%000009d6"} true; goto l000009d9; - lmain_goto_l000009b8: - assume {:captureState "lmain_goto_l000009b8"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l000009b8; - l000009bb: - assume {:captureState "l000009bb"} true; - R8, Gamma_R8 := 1bv64, true; - goto l000009be; - terminate: - assume {:captureState "terminate"} true; - goto terminate; - l000009be_goto_l00000a03: - assume {:captureState "l000009be_goto_l00000a03"} true; - assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); - goto l00000a03; l000009be: assume {:captureState "l000009be"} true; assert Gamma_R8; diff --git a/src/test/correct/ifbranches/clang_pic/ifbranches.expected b/src/test/correct/ifbranches/clang_pic/ifbranches.expected index f18274e41..d265c5c2c 100644 --- a/src/test/correct/ifbranches/clang_pic/ifbranches.expected +++ b/src/test/correct/ifbranches/clang_pic/ifbranches.expected @@ -227,6 +227,14 @@ procedure main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; goto lmain_goto_l000009b8, lmain_goto_l000009bb; + lmain_goto_l000009b8: + assume {:captureState "lmain_goto_l000009b8"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l000009b8; + l000009bb: + assume {:captureState "l000009bb"} true; + R8, Gamma_R8 := 1bv64, true; + goto l000009be; l000009be_goto_l000009c6: assume {:captureState "l000009be_goto_l000009c6"} true; assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); @@ -244,6 +252,10 @@ procedure main() assume {:captureState "lmain_goto_l000009bb"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); goto l000009bb; + l000009be_goto_l00000a03: + assume {:captureState "l000009be_goto_l00000a03"} true; + assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); + goto l00000a03; l000009d9: assume {:captureState "l000009d9"} true; R8, Gamma_R8 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); @@ -263,21 +275,6 @@ procedure main() stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R8); assume {:captureState "%000009d6"} true; goto l000009d9; - lmain_goto_l000009b8: - assume {:captureState "lmain_goto_l000009b8"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l000009b8; - l000009bb: - assume {:captureState "l000009bb"} true; - R8, Gamma_R8 := 1bv64, true; - goto l000009be; - terminate: - assume {:captureState "terminate"} true; - goto terminate; - l000009be_goto_l00000a03: - assume {:captureState "l000009be_goto_l00000a03"} true; - assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); - goto l00000a03; l000009be: assume {:captureState "l000009be"} true; assert Gamma_R8; diff --git a/src/test/correct/ifbranches/gcc/ifbranches.expected b/src/test/correct/ifbranches/gcc/ifbranches.expected index 85bf7ce5a..f0aa58324 100644 --- a/src/test/correct/ifbranches/gcc/ifbranches.expected +++ b/src/test/correct/ifbranches/gcc/ifbranches.expected @@ -251,9 +251,6 @@ procedure main() assume {:captureState "lmain_goto_l00000369"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); goto l00000369; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/ifbranches/gcc_O2/ifbranches.expected b/src/test/correct/ifbranches/gcc_O2/ifbranches.expected index 51a188d46..5139bb697 100644 --- a/src/test/correct/ifbranches/gcc_O2/ifbranches.expected +++ b/src/test/correct/ifbranches/gcc_O2/ifbranches.expected @@ -201,9 +201,6 @@ procedure main() assume {:captureState "l000001c3"} true; R0, Gamma_R0 := 0bv64, true; goto l000001c9; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/ifbranches/gcc_no_plt_no_pic/ifbranches.expected b/src/test/correct/ifbranches/gcc_no_plt_no_pic/ifbranches.expected index a642b9102..f4527c851 100644 --- a/src/test/correct/ifbranches/gcc_no_plt_no_pic/ifbranches.expected +++ b/src/test/correct/ifbranches/gcc_no_plt_no_pic/ifbranches.expected @@ -251,9 +251,6 @@ procedure main() assume {:captureState "lmain_goto_l00000963"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); goto l00000963; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/ifbranches/gcc_pic/ifbranches.expected b/src/test/correct/ifbranches/gcc_pic/ifbranches.expected index a642b9102..f4527c851 100644 --- a/src/test/correct/ifbranches/gcc_pic/ifbranches.expected +++ b/src/test/correct/ifbranches/gcc_pic/ifbranches.expected @@ -251,9 +251,6 @@ procedure main() assume {:captureState "lmain_goto_l00000963"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); goto l00000963; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/ifglobal/clang/ifglobal.expected b/src/test/correct/ifglobal/clang/ifglobal.expected index 2772c52d5..b5a88104e 100644 --- a/src/test/correct/ifglobal/clang/ifglobal.expected +++ b/src/test/correct/ifglobal/clang/ifglobal.expected @@ -265,9 +265,6 @@ procedure main() l00000343: assume {:captureState "l00000343"} true; goto l00000344; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/ifglobal/clang_O2/ifglobal.expected b/src/test/correct/ifglobal/clang_O2/ifglobal.expected index af49c16ff..4fd649bf0 100644 --- a/src/test/correct/ifglobal/clang_O2/ifglobal.expected +++ b/src/test/correct/ifglobal/clang_O2/ifglobal.expected @@ -209,9 +209,6 @@ procedure main() assume {:captureState "%000002ec"} true; R0, Gamma_R0 := 0bv64, true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/ifglobal/clang_no_plt_no_pic/ifglobal.expected b/src/test/correct/ifglobal/clang_no_plt_no_pic/ifglobal.expected index edfe619a2..fe2364790 100644 --- a/src/test/correct/ifglobal/clang_no_plt_no_pic/ifglobal.expected +++ b/src/test/correct/ifglobal/clang_no_plt_no_pic/ifglobal.expected @@ -261,9 +261,6 @@ procedure main() assume {:captureState "l00000933_goto_l00000952"} true; assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); goto l00000952; - terminate: - assume {:captureState "terminate"} true; - goto terminate; lmain_goto_l0000092d: assume {:captureState "lmain_goto_l0000092d"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); diff --git a/src/test/correct/ifglobal/clang_pic/ifglobal.expected b/src/test/correct/ifglobal/clang_pic/ifglobal.expected index 54a4b38a4..bc2146650 100644 --- a/src/test/correct/ifglobal/clang_pic/ifglobal.expected +++ b/src/test/correct/ifglobal/clang_pic/ifglobal.expected @@ -293,9 +293,6 @@ procedure main() R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; l00000333_goto_l0000033b: assume {:captureState "l00000333_goto_l0000033b"} true; assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); diff --git a/src/test/correct/ifglobal/gcc/ifglobal.expected b/src/test/correct/ifglobal/gcc/ifglobal.expected index 0e88f79c5..7c567d365 100644 --- a/src/test/correct/ifglobal/gcc/ifglobal.expected +++ b/src/test/correct/ifglobal/gcc/ifglobal.expected @@ -231,9 +231,6 @@ procedure main() mem, Gamma_mem := memory_store32_le(mem, R0, R1[32:0]), gamma_store32(Gamma_mem, R0, Gamma_R1); assume {:captureState "%00000327"} true; goto l00000302; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/ifglobal/gcc_O2/ifglobal.expected b/src/test/correct/ifglobal/gcc_O2/ifglobal.expected index b535d3144..da704d223 100644 --- a/src/test/correct/ifglobal/gcc_O2/ifglobal.expected +++ b/src/test/correct/ifglobal/gcc_O2/ifglobal.expected @@ -207,9 +207,6 @@ procedure main() assume {:captureState "lmain_goto_l000001b7"} true; assume (bvnot1(bvcomp32(R1[32:0], 0bv32)) != 0bv1); goto l000001b7; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/ifglobal/gcc_no_plt_no_pic/ifglobal.expected b/src/test/correct/ifglobal/gcc_no_plt_no_pic/ifglobal.expected index 5aaf4942c..49c18b9a3 100644 --- a/src/test/correct/ifglobal/gcc_no_plt_no_pic/ifglobal.expected +++ b/src/test/correct/ifglobal/gcc_no_plt_no_pic/ifglobal.expected @@ -227,9 +227,6 @@ procedure main() assume {:captureState "lmain_goto_l000008e5"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); goto l000008e5; - terminate: - assume {:captureState "terminate"} true; - goto terminate; lmain_goto_l000008d6: assume {:captureState "lmain_goto_l000008d6"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); diff --git a/src/test/correct/ifglobal/gcc_pic/ifglobal.expected b/src/test/correct/ifglobal/gcc_pic/ifglobal.expected index cbf9a5a8d..e94b83dbb 100644 --- a/src/test/correct/ifglobal/gcc_pic/ifglobal.expected +++ b/src/test/correct/ifglobal/gcc_pic/ifglobal.expected @@ -265,9 +265,6 @@ procedure main() assume {:captureState "lmain_goto_l00000303"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); goto l00000303; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/indirect_call/clang_O2/indirect_call.expected b/src/test/correct/indirect_call/clang_O2/indirect_call.expected index 1f854f847..df84edf69 100644 --- a/src/test/correct/indirect_call/clang_O2/indirect_call.expected +++ b/src/test/correct/indirect_call/clang_O2/indirect_call.expected @@ -343,9 +343,6 @@ procedure main() R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/indirect_call/gcc_O2/indirect_call.expected b/src/test/correct/indirect_call/gcc_O2/indirect_call.expected index 5b6a59856..54130e3c0 100644 --- a/src/test/correct/indirect_call/gcc_O2/indirect_call.expected +++ b/src/test/correct/indirect_call/gcc_O2/indirect_call.expected @@ -318,9 +318,6 @@ procedure greet() call puts(); //no return target assume false; - terminate: - assume {:captureState "terminate"} true; - goto terminate; greet_return: assume {:captureState "greet_return"} true; return; @@ -545,9 +542,6 @@ procedure main() R30, Gamma_R30 := 1624bv64, true; call greet(); goto l00000205; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/initialisation/clang/initialisation.expected b/src/test/correct/initialisation/clang/initialisation.expected index 9806722fd..8d6ff7595 100644 --- a/src/test/correct/initialisation/clang/initialisation.expected +++ b/src/test/correct/initialisation/clang/initialisation.expected @@ -306,9 +306,6 @@ procedure main() assume {:captureState "%00000381"} true; R0, Gamma_R0 := 0bv64, true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/initialisation/clang_O2/initialisation.expected b/src/test/correct/initialisation/clang_O2/initialisation.expected index 566c1977f..335576ed2 100644 --- a/src/test/correct/initialisation/clang_O2/initialisation.expected +++ b/src/test/correct/initialisation/clang_O2/initialisation.expected @@ -292,9 +292,6 @@ procedure main() mem, Gamma_mem := memory_store8_le(mem, bvadd64(R12, 52bv64), R10[8:0]), gamma_store8(Gamma_mem, bvadd64(R12, 52bv64), Gamma_R10); assume {:captureState "%00000367"} true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/initialisation/clang_no_plt_no_pic/initialisation.expected b/src/test/correct/initialisation/clang_no_plt_no_pic/initialisation.expected index ba1dbdd5a..c4b8fb98b 100644 --- a/src/test/correct/initialisation/clang_no_plt_no_pic/initialisation.expected +++ b/src/test/correct/initialisation/clang_no_plt_no_pic/initialisation.expected @@ -306,9 +306,6 @@ procedure main() assume {:captureState "%000009c9"} true; R0, Gamma_R0 := 0bv64, true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/initialisation/clang_pic/initialisation.expected b/src/test/correct/initialisation/clang_pic/initialisation.expected index edfff2997..82d1f72a5 100644 --- a/src/test/correct/initialisation/clang_pic/initialisation.expected +++ b/src/test/correct/initialisation/clang_pic/initialisation.expected @@ -406,9 +406,6 @@ procedure main() assume {:captureState "%0000039a"} true; R0, Gamma_R0 := 0bv64, true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/initialisation/gcc/initialisation.expected b/src/test/correct/initialisation/gcc/initialisation.expected index 76f16a5e6..2d7918922 100644 --- a/src/test/correct/initialisation/gcc/initialisation.expected +++ b/src/test/correct/initialisation/gcc/initialisation.expected @@ -290,9 +290,6 @@ procedure main() assume {:captureState "%000003d6"} true; R0, Gamma_R0 := 0bv64, true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/initialisation/gcc_O2/initialisation.expected b/src/test/correct/initialisation/gcc_O2/initialisation.expected index 765b0e105..f4f71cd99 100644 --- a/src/test/correct/initialisation/gcc_O2/initialisation.expected +++ b/src/test/correct/initialisation/gcc_O2/initialisation.expected @@ -286,9 +286,6 @@ procedure main() mem, Gamma_mem := memory_store8_le(mem, bvadd64(R1, 24bv64), R2[8:0]), gamma_store8(Gamma_mem, bvadd64(R1, 24bv64), Gamma_R2); assume {:captureState "%0000020a"} true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/initialisation/gcc_no_plt_no_pic/initialisation.expected b/src/test/correct/initialisation/gcc_no_plt_no_pic/initialisation.expected index babee9188..2f0808efe 100644 --- a/src/test/correct/initialisation/gcc_no_plt_no_pic/initialisation.expected +++ b/src/test/correct/initialisation/gcc_no_plt_no_pic/initialisation.expected @@ -290,9 +290,6 @@ procedure main() assume {:captureState "%00000a89"} true; R0, Gamma_R0 := 0bv64, true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/initialisation/gcc_pic/initialisation.expected b/src/test/correct/initialisation/gcc_pic/initialisation.expected index f5cc117c9..0d8f5bed7 100644 --- a/src/test/correct/initialisation/gcc_pic/initialisation.expected +++ b/src/test/correct/initialisation/gcc_pic/initialisation.expected @@ -394,9 +394,6 @@ procedure main() assume {:captureState "%000003de"} true; R0, Gamma_R0 := 0bv64, true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/jumptable/clang_O2/jumptable.expected b/src/test/correct/jumptable/clang_O2/jumptable.expected index d6fac803d..bcbeb0a61 100644 --- a/src/test/correct/jumptable/clang_O2/jumptable.expected +++ b/src/test/correct/jumptable/clang_O2/jumptable.expected @@ -199,9 +199,6 @@ procedure main() mem, Gamma_mem := memory_store32_le(mem, bvadd64(R8, 48bv64), R9[32:0]), gamma_store32(Gamma_mem, bvadd64(R8, 48bv64), Gamma_R9); assume {:captureState "%00000378"} true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/jumptable/gcc_O2/jumptable.expected b/src/test/correct/jumptable/gcc_O2/jumptable.expected index 60e368f18..118a87d34 100644 --- a/src/test/correct/jumptable/gcc_O2/jumptable.expected +++ b/src/test/correct/jumptable/gcc_O2/jumptable.expected @@ -200,9 +200,6 @@ procedure add_six() mem, Gamma_mem := memory_store32_le(mem, bvadd64(R1, 16bv64), R0[32:0]), gamma_store32(Gamma_mem, bvadd64(R1, 16bv64), Gamma_R0); assume {:captureState "%00000252"} true; goto add_six_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; add_six_return: assume {:captureState "add_six_return"} true; return; @@ -294,9 +291,6 @@ procedure add_two() mem, Gamma_mem := memory_store32_le(mem, bvadd64(R1, 16bv64), R0[32:0]), gamma_store32(Gamma_mem, bvadd64(R1, 16bv64), Gamma_R0); assume {:captureState "%00000233"} true; goto add_two_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; add_two_return: assume {:captureState "add_two_return"} true; return; @@ -422,9 +416,6 @@ procedure main() R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; l00000283: assume {:captureState "l00000283"} true; R30, Gamma_R30 := 1556bv64, true; @@ -526,9 +517,6 @@ procedure sub_seven() mem, Gamma_mem := memory_store32_le(mem, bvadd64(R1, 16bv64), R0[32:0]), gamma_store32(Gamma_mem, bvadd64(R1, 16bv64), Gamma_R0); assume {:captureState "%00000275"} true; goto sub_seven_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; sub_seven_return: assume {:captureState "sub_seven_return"} true; return; diff --git a/src/test/correct/jumptable3/gcc/jumptable3.expected b/src/test/correct/jumptable3/gcc/jumptable3.expected index 09b2a2fc4..3d9e4cede 100644 --- a/src/test/correct/jumptable3/gcc/jumptable3.expected +++ b/src/test/correct/jumptable3/gcc/jumptable3.expected @@ -207,9 +207,6 @@ procedure add_six() mem, Gamma_mem := memory_store32_le(mem, R0, R1[32:0]), gamma_store32(Gamma_mem, R0, Gamma_R1); assume {:captureState "%00000511"} true; goto add_six_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; add_six_return: assume {:captureState "add_six_return"} true; return; @@ -304,9 +301,6 @@ procedure add_two() mem, Gamma_mem := memory_store32_le(mem, R0, R1[32:0]), gamma_store32(Gamma_mem, R0, Gamma_R1); assume {:captureState "%000004df"} true; goto add_two_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; add_two_return: assume {:captureState "add_two_return"} true; return; @@ -487,6 +481,11 @@ procedure main() NF, Gamma_NF := bvadd32(#5, 1bv32)[32:31], Gamma_#5; assert Gamma_ZF; goto lmain_goto_l000005e0, lmain_goto_l00000599; + l0000090b: + assume {:captureState "l0000090b"} true; + R30, Gamma_R30 := 2220bv64, true; + call sub_seven(); + goto l00000917; l00000758_goto_l000005d7: assume {:captureState "l00000758_goto_l000005d7"} true; assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); @@ -505,6 +504,21 @@ procedure main() assume {:captureState "l0000088a_goto_l000008ab"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); goto l000008ab; + l0000074c: + assume {:captureState "l0000074c"} true; + R30, Gamma_R30 := 2260bv64, true; + call sub_seven(); + goto l000006ec; + l0000072b_goto_l0000074c: + assume {:captureState "l0000072b_goto_l0000074c"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l0000074c; + l000005c2: + assume {:captureState "l000005c2"} true; + R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); + R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); + R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; + goto main_return; l0000097b_goto_l00000974: assume {:captureState "l0000097b_goto_l00000974"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); @@ -513,19 +527,42 @@ procedure main() assume {:captureState "l00000643_goto_l0000066b"} true; assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); goto l0000066b; + l00000802: + assume {:captureState "l00000802"} true; + R30, Gamma_R30 := 2252bv64, true; + call add_two(); + goto l000007a1; l000007d5_goto_l00000809: assume {:captureState "l000007d5_goto_l00000809"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); goto l00000809; + l00000608_goto_l00000629: + assume {:captureState "l00000608_goto_l00000629"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l00000629; l00000862_goto_l000005d7: assume {:captureState "l00000862_goto_l000005d7"} true; assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); goto l000005d7; + l00000831_goto_l00000862: + assume {:captureState "l00000831_goto_l00000862"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l00000862; l00000964: assume {:captureState "l00000964"} true; R30, Gamma_R30 := 2208bv64, true; call add_two(); goto l00000970; + l00000643: + assume {:captureState "l00000643"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #8, Gamma_#8 := bvadd32(R0[32:0], 4294967285bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#8, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934582bv33))), (Gamma_R0 && Gamma_#8); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#8, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967286bv33))), (Gamma_R0 && Gamma_#8); + ZF, Gamma_ZF := bvcomp32(bvadd32(#8, 1bv32), 0bv32), Gamma_#8; + NF, Gamma_NF := bvadd32(#8, 1bv32)[32:31], Gamma_#8; + assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); + goto l00000643_goto_l000005d7, l00000643_goto_l0000066b; l000006a3_goto_l000005d7: assume {:captureState "l000006a3_goto_l000005d7"} true; assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); @@ -534,6 +571,16 @@ procedure main() assume {:captureState "l00000943_goto_l0000097b"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); goto l0000097b; + l00000809: + assume {:captureState "l00000809"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #18, Gamma_#18 := bvadd32(R0[32:0], 4294967290bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#18, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934587bv33))), (Gamma_R0 && Gamma_#18); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#18, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967291bv33))), (Gamma_R0 && Gamma_#18); + ZF, Gamma_ZF := bvcomp32(bvadd32(#18, 1bv32), 0bv32), Gamma_#18; + NF, Gamma_NF := bvadd32(#18, 1bv32)[32:31], Gamma_#18; + assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); + goto l00000809_goto_l00000831, l00000809_goto_l000005d7; l00000608: assume {:captureState "l00000608"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -548,6 +595,44 @@ procedure main() assume {:captureState "l000006cb_goto_l00000703"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); goto l00000703; + l0000091b_goto_l000005d7: + assume {:captureState "l0000091b_goto_l000005d7"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); + goto l000005d7; + l0000085e: + assume {:captureState "l0000085e"} true; + goto l000005ad; + lmain_goto_l000005e0: + assume {:captureState "lmain_goto_l000005e0"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l000005e0; + l000008c2_goto_l000005d7: + assume {:captureState "l000008c2_goto_l000005d7"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); + goto l000005d7; + l000007f6: + assume {:captureState "l000007f6"} true; + R30, Gamma_R30 := 2248bv64, true; + call add_six(); + goto l00000802; + l0000097b: + assume {:captureState "l0000097b"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #26, Gamma_#26 := bvadd32(R0[32:0], 4294967294bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#26, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934591bv33))), (Gamma_R0 && Gamma_#26); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#26, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967295bv33))), (Gamma_R0 && Gamma_#26); + ZF, Gamma_ZF := bvcomp32(bvadd32(#26, 1bv32), 0bv32), Gamma_#26; + NF, Gamma_NF := bvadd32(#26, 1bv32)[32:31], Gamma_#26; + assert Gamma_ZF; + goto l0000097b_goto_l000009a1, l0000097b_goto_l00000974; + l00000643_goto_l000005d7: + assume {:captureState "l00000643_goto_l000005d7"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); + goto l000005d7; + l00000608_goto_l00000643: + assume {:captureState "l00000608_goto_l00000643"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l00000643; l00000780_goto_l000007ad: assume {:captureState "l00000780_goto_l000007ad"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); @@ -560,6 +645,10 @@ procedure main() assume {:captureState "l000007d5_goto_l000007f6"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); goto l000007f6; + l0000091b_goto_l00000943: + assume {:captureState "l0000091b_goto_l00000943"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); + goto l00000943; l000008c2_goto_l000008ea: assume {:captureState "l000008c2_goto_l000008ea"} true; assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); @@ -568,6 +657,16 @@ procedure main() assume {:captureState "l0000066b_goto_l000006a3"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); goto l000006a3; + l00000758: + assume {:captureState "l00000758"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #14, Gamma_#14 := bvadd32(R0[32:0], 4294967288bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#14, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934585bv33))), (Gamma_R0 && Gamma_#14); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#14, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967289bv33))), (Gamma_R0 && Gamma_#14); + ZF, Gamma_ZF := bvcomp32(bvadd32(#14, 1bv32), 0bv32), Gamma_#14; + NF, Gamma_NF := bvadd32(#14, 1bv32)[32:31], Gamma_#14; + assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); + goto l00000758_goto_l000005d7, l00000758_goto_l00000780; l000007ad: assume {:captureState "l000007ad"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -582,6 +681,22 @@ procedure main() assume {:captureState "l0000097b_goto_l000009a1"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); goto l000009a1; + l0000072b_goto_l00000758: + assume {:captureState "l0000072b_goto_l00000758"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l00000758; + l000005ad: + assume {:captureState "l000005ad"} true; + R0, Gamma_R0 := 69632bv64, true; + R0, Gamma_R0 := bvadd64(R0, 16bv64), Gamma_R0; + call rely(); + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, R0)), (gamma_load32(Gamma_mem, R0) || L(mem, R0)); + goto l000005c2; + l00000635: + assume {:captureState "l00000635"} true; + R30, Gamma_R30 := 2292bv64, true; + call add_two(); + goto l0000063c; l00000831: assume {:captureState "l00000831"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -596,10 +711,32 @@ procedure main() assume {:captureState "l00000862_goto_l0000088a"} true; assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); goto l0000088a; + l000005ac: + assume {:captureState "l000005ac"} true; + goto l000005ad; l0000088a_goto_l000008c2: assume {:captureState "l0000088a_goto_l000008c2"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); goto l000008c2; + l00000831_goto_l00000852: + assume {:captureState "l00000831_goto_l00000852"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l00000852; + l00000599: + assume {:captureState "l00000599"} true; + R30, Gamma_R30 := 2300bv64, true; + call sub_seven(); + goto l000005a5; + l000006cb: + assume {:captureState "l000006cb"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #11, Gamma_#11 := bvadd32(R0[32:0], 4294967287bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#11, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934584bv33))), (Gamma_R0 && Gamma_#11); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#11, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967288bv33))), (Gamma_R0 && Gamma_#11); + ZF, Gamma_ZF := bvcomp32(bvadd32(#11, 1bv32), 0bv32), Gamma_#11; + NF, Gamma_NF := bvadd32(#11, 1bv32)[32:31], Gamma_#11; + assert Gamma_ZF; + goto l000006cb_goto_l00000703, l000006cb_goto_l000006ec; l0000066b: assume {:captureState "l0000066b"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -610,9 +747,31 @@ procedure main() NF, Gamma_NF := bvadd32(#9, 1bv32)[32:31], Gamma_#9; assert Gamma_ZF; goto l0000066b_goto_l000006a3, l0000066b_goto_l0000068c; - terminate: - assume {:captureState "terminate"} true; - goto terminate; + l00000917: + assume {:captureState "l00000917"} true; + goto l000005ad; + l000008ea_goto_l0000091b: + assume {:captureState "l000008ea_goto_l0000091b"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l0000091b; + l000005a5: + assume {:captureState "l000005a5"} true; + R30, Gamma_R30 := 2304bv64, true; + call add_two(); + goto l000005ac; + l000009a1: + assume {:captureState "l000009a1"} true; + goto l000005d7; + l0000072b: + assume {:captureState "l0000072b"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #13, Gamma_#13 := bvadd32(R0[32:0], 4294967288bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#13, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934585bv33))), (Gamma_R0 && Gamma_#13); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#13, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967289bv33))), (Gamma_R0 && Gamma_#13); + ZF, Gamma_ZF := bvcomp32(bvadd32(#13, 1bv32), 0bv32), Gamma_#13; + NF, Gamma_NF := bvadd32(#13, 1bv32)[32:31], Gamma_#13; + assert Gamma_ZF; + goto l0000072b_goto_l00000758, l0000072b_goto_l0000074c; l000007a1: assume {:captureState "l000007a1"} true; R30, Gamma_R30 := 2256bv64, true; @@ -632,6 +791,10 @@ procedure main() assume {:captureState "l000007ad_goto_l000007d5"} true; assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); goto l000007d5; + l000007ad_goto_l000005d7: + assume {:captureState "l000007ad_goto_l000005d7"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); + goto l000005d7; l000006a3_goto_l000006cb: assume {:captureState "l000006a3_goto_l000006cb"} true; assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); @@ -676,6 +839,28 @@ procedure main() assume {:captureState "l00000943_goto_l00000964"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); goto l00000964; + l00000862: + assume {:captureState "l00000862"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #20, Gamma_#20 := bvadd32(R0[32:0], 4294967291bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#20, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934588bv33))), (Gamma_R0 && Gamma_#20); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#20, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967292bv33))), (Gamma_R0 && Gamma_#20); + ZF, Gamma_ZF := bvcomp32(bvadd32(#20, 1bv32), 0bv32), Gamma_#20; + NF, Gamma_NF := bvadd32(#20, 1bv32)[32:31], Gamma_#20; + assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); + goto l00000862_goto_l000005d7, l00000862_goto_l0000088a; + l00000703_goto_l000005d7: + assume {:captureState "l00000703_goto_l000005d7"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); + goto l000005d7; + l0000069f: + assume {:captureState "l0000069f"} true; + goto l000005ad; + l00000629: + assume {:captureState "l00000629"} true; + R30, Gamma_R30 := 2288bv64, true; + call sub_seven(); + goto l00000635; l0000091b: assume {:captureState "l0000091b"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -686,10 +871,24 @@ procedure main() NF, Gamma_NF := bvadd32(#24, 1bv32)[32:31], Gamma_#24; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); goto l0000091b_goto_l00000943, l0000091b_goto_l000005d7; + l000008ea_goto_l0000090b: + assume {:captureState "l000008ea_goto_l0000090b"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l0000090b; l000005d7: assume {:captureState "l000005d7"} true; R0, Gamma_R0 := 1bv64, true; goto l000005c2; + l000007d5: + assume {:captureState "l000007d5"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #17, Gamma_#17 := bvadd32(R0[32:0], 4294967290bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#17, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934587bv33))), (Gamma_R0 && Gamma_#17); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#17, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967291bv33))), (Gamma_R0 && Gamma_#17); + ZF, Gamma_ZF := bvcomp32(bvadd32(#17, 1bv32), 0bv32), Gamma_#17; + NF, Gamma_NF := bvadd32(#17, 1bv32)[32:31], Gamma_#17; + assert Gamma_ZF; + goto l000007d5_goto_l00000809, l000007d5_goto_l000007f6; l000006f8: assume {:captureState "l000006f8"} true; R30, Gamma_R30 := 2268bv64, true; @@ -700,6 +899,9 @@ procedure main() R30, Gamma_R30 := 2296bv64, true; call add_six(); goto l00000599; + l00000970: + assume {:captureState "l00000970"} true; + goto l000005ad; l00000758_goto_l00000780: assume {:captureState "l00000758_goto_l00000780"} true; assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); @@ -718,263 +920,16 @@ procedure main() R30, Gamma_R30 := 2228bv64, true; call add_two(); goto l000008b7; - l000006ec: - assume {:captureState "l000006ec"} true; - R30, Gamma_R30 := 2264bv64, true; - call sub_seven(); - goto l000006f8; - lmain_goto_l00000599: - assume {:captureState "lmain_goto_l00000599"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l00000599; - l00000703_goto_l0000072b: - assume {:captureState "l00000703_goto_l0000072b"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); - goto l0000072b; - l000005e0: - assume {:captureState "l000005e0"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #6, Gamma_#6 := bvadd32(R0[32:0], 4294967284bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#6, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934581bv33))), (Gamma_R0 && Gamma_#6); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#6, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967285bv33))), (Gamma_R0 && Gamma_#6); - ZF, Gamma_ZF := bvcomp32(bvadd32(#6, 1bv32), 0bv32), Gamma_#6; - NF, Gamma_NF := bvadd32(#6, 1bv32)[32:31], Gamma_#6; - assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l000005e0_goto_l000005d7, l000005e0_goto_l00000608; - l0000066b_goto_l0000068c: - assume {:captureState "l0000066b_goto_l0000068c"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l0000068c; - l0000088a: - assume {:captureState "l0000088a"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #21, Gamma_#21 := bvadd32(R0[32:0], 4294967292bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#21, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934589bv33))), (Gamma_R0 && Gamma_#21); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#21, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967293bv33))), (Gamma_R0 && Gamma_#21); - ZF, Gamma_ZF := bvcomp32(bvadd32(#21, 1bv32), 0bv32), Gamma_#21; - NF, Gamma_NF := bvadd32(#21, 1bv32)[32:31], Gamma_#21; - assert Gamma_ZF; - goto l0000088a_goto_l000008ab, l0000088a_goto_l000008c2; - l00000809_goto_l00000831: - assume {:captureState "l00000809_goto_l00000831"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); - goto l00000831; - l0000090b: - assume {:captureState "l0000090b"} true; - R30, Gamma_R30 := 2220bv64, true; - call sub_seven(); - goto l00000917; - l0000074c: - assume {:captureState "l0000074c"} true; - R30, Gamma_R30 := 2260bv64, true; - call sub_seven(); - goto l000006ec; - l0000072b_goto_l0000074c: - assume {:captureState "l0000072b_goto_l0000074c"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l0000074c; - l000005c2: - assume {:captureState "l000005c2"} true; - R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); - R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); - R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; - goto main_return; - l00000802: - assume {:captureState "l00000802"} true; - R30, Gamma_R30 := 2252bv64, true; - call add_two(); - goto l000007a1; - l00000608_goto_l00000629: - assume {:captureState "l00000608_goto_l00000629"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l00000629; - l00000831_goto_l00000862: - assume {:captureState "l00000831_goto_l00000862"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l00000862; - l00000643: - assume {:captureState "l00000643"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #8, Gamma_#8 := bvadd32(R0[32:0], 4294967285bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#8, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934582bv33))), (Gamma_R0 && Gamma_#8); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#8, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967286bv33))), (Gamma_R0 && Gamma_#8); - ZF, Gamma_ZF := bvcomp32(bvadd32(#8, 1bv32), 0bv32), Gamma_#8; - NF, Gamma_NF := bvadd32(#8, 1bv32)[32:31], Gamma_#8; - assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l00000643_goto_l000005d7, l00000643_goto_l0000066b; - l00000809: - assume {:captureState "l00000809"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #18, Gamma_#18 := bvadd32(R0[32:0], 4294967290bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#18, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934587bv33))), (Gamma_R0 && Gamma_#18); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#18, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967291bv33))), (Gamma_R0 && Gamma_#18); - ZF, Gamma_ZF := bvcomp32(bvadd32(#18, 1bv32), 0bv32), Gamma_#18; - NF, Gamma_NF := bvadd32(#18, 1bv32)[32:31], Gamma_#18; - assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l00000809_goto_l00000831, l00000809_goto_l000005d7; - l0000091b_goto_l000005d7: - assume {:captureState "l0000091b_goto_l000005d7"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); - goto l000005d7; - l0000085e: - assume {:captureState "l0000085e"} true; - goto l000005ad; - lmain_goto_l000005e0: - assume {:captureState "lmain_goto_l000005e0"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l000005e0; - l000008c2_goto_l000005d7: - assume {:captureState "l000008c2_goto_l000005d7"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); - goto l000005d7; - l000007f6: - assume {:captureState "l000007f6"} true; - R30, Gamma_R30 := 2248bv64, true; - call add_six(); - goto l00000802; - l0000097b: - assume {:captureState "l0000097b"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #26, Gamma_#26 := bvadd32(R0[32:0], 4294967294bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#26, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934591bv33))), (Gamma_R0 && Gamma_#26); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#26, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967295bv33))), (Gamma_R0 && Gamma_#26); - ZF, Gamma_ZF := bvcomp32(bvadd32(#26, 1bv32), 0bv32), Gamma_#26; - NF, Gamma_NF := bvadd32(#26, 1bv32)[32:31], Gamma_#26; - assert Gamma_ZF; - goto l0000097b_goto_l000009a1, l0000097b_goto_l00000974; - l00000643_goto_l000005d7: - assume {:captureState "l00000643_goto_l000005d7"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); - goto l000005d7; - l00000608_goto_l00000643: - assume {:captureState "l00000608_goto_l00000643"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l00000643; - l0000091b_goto_l00000943: - assume {:captureState "l0000091b_goto_l00000943"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); - goto l00000943; - l00000758: - assume {:captureState "l00000758"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #14, Gamma_#14 := bvadd32(R0[32:0], 4294967288bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#14, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934585bv33))), (Gamma_R0 && Gamma_#14); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#14, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967289bv33))), (Gamma_R0 && Gamma_#14); - ZF, Gamma_ZF := bvcomp32(bvadd32(#14, 1bv32), 0bv32), Gamma_#14; - NF, Gamma_NF := bvadd32(#14, 1bv32)[32:31], Gamma_#14; - assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l00000758_goto_l000005d7, l00000758_goto_l00000780; - l0000072b_goto_l00000758: - assume {:captureState "l0000072b_goto_l00000758"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l00000758; - l000005ad: - assume {:captureState "l000005ad"} true; - R0, Gamma_R0 := 69632bv64, true; - R0, Gamma_R0 := bvadd64(R0, 16bv64), Gamma_R0; - call rely(); - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, R0)), (gamma_load32(Gamma_mem, R0) || L(mem, R0)); - goto l000005c2; - l00000635: - assume {:captureState "l00000635"} true; - R30, Gamma_R30 := 2292bv64, true; - call add_two(); - goto l0000063c; - l000005ac: - assume {:captureState "l000005ac"} true; - goto l000005ad; - l00000831_goto_l00000852: - assume {:captureState "l00000831_goto_l00000852"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l00000852; - l00000599: - assume {:captureState "l00000599"} true; - R30, Gamma_R30 := 2300bv64, true; - call sub_seven(); - goto l000005a5; - l000006cb: - assume {:captureState "l000006cb"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #11, Gamma_#11 := bvadd32(R0[32:0], 4294967287bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#11, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934584bv33))), (Gamma_R0 && Gamma_#11); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#11, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967288bv33))), (Gamma_R0 && Gamma_#11); - ZF, Gamma_ZF := bvcomp32(bvadd32(#11, 1bv32), 0bv32), Gamma_#11; - NF, Gamma_NF := bvadd32(#11, 1bv32)[32:31], Gamma_#11; - assert Gamma_ZF; - goto l000006cb_goto_l00000703, l000006cb_goto_l000006ec; - l00000917: - assume {:captureState "l00000917"} true; - goto l000005ad; - l000008ea_goto_l0000091b: - assume {:captureState "l000008ea_goto_l0000091b"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l0000091b; - l000005a5: - assume {:captureState "l000005a5"} true; - R30, Gamma_R30 := 2304bv64, true; - call add_two(); - goto l000005ac; - l000009a1: - assume {:captureState "l000009a1"} true; - goto l000005d7; - l0000072b: - assume {:captureState "l0000072b"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #13, Gamma_#13 := bvadd32(R0[32:0], 4294967288bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#13, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934585bv33))), (Gamma_R0 && Gamma_#13); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#13, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967289bv33))), (Gamma_R0 && Gamma_#13); - ZF, Gamma_ZF := bvcomp32(bvadd32(#13, 1bv32), 0bv32), Gamma_#13; - NF, Gamma_NF := bvadd32(#13, 1bv32)[32:31], Gamma_#13; - assert Gamma_ZF; - goto l0000072b_goto_l00000758, l0000072b_goto_l0000074c; - l000007ad_goto_l000005d7: - assume {:captureState "l000007ad_goto_l000005d7"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); - goto l000005d7; - l00000862: - assume {:captureState "l00000862"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #20, Gamma_#20 := bvadd32(R0[32:0], 4294967291bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#20, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934588bv33))), (Gamma_R0 && Gamma_#20); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#20, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967292bv33))), (Gamma_R0 && Gamma_#20); - ZF, Gamma_ZF := bvcomp32(bvadd32(#20, 1bv32), 0bv32), Gamma_#20; - NF, Gamma_NF := bvadd32(#20, 1bv32)[32:31], Gamma_#20; - assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l00000862_goto_l000005d7, l00000862_goto_l0000088a; - l00000703_goto_l000005d7: - assume {:captureState "l00000703_goto_l000005d7"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); - goto l000005d7; - l0000069f: - assume {:captureState "l0000069f"} true; - goto l000005ad; - l00000629: - assume {:captureState "l00000629"} true; - R30, Gamma_R30 := 2288bv64, true; - call sub_seven(); - goto l00000635; - l000008ea_goto_l0000090b: - assume {:captureState "l000008ea_goto_l0000090b"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l0000090b; - l000007d5: - assume {:captureState "l000007d5"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #17, Gamma_#17 := bvadd32(R0[32:0], 4294967290bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#17, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934587bv33))), (Gamma_R0 && Gamma_#17); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#17, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967291bv33))), (Gamma_R0 && Gamma_#17); - ZF, Gamma_ZF := bvcomp32(bvadd32(#17, 1bv32), 0bv32), Gamma_#17; - NF, Gamma_NF := bvadd32(#17, 1bv32)[32:31], Gamma_#17; - assert Gamma_ZF; - goto l000007d5_goto_l00000809, l000007d5_goto_l000007f6; - l00000970: - assume {:captureState "l00000970"} true; - goto l000005ad; l00000974: assume {:captureState "l00000974"} true; R30, Gamma_R30 := 2216bv64, true; call add_six(); goto l0000090b; + l000006ec: + assume {:captureState "l000006ec"} true; + R30, Gamma_R30 := 2264bv64, true; + call sub_seven(); + goto l000006f8; l000008ea: assume {:captureState "l000008ea"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -985,6 +940,10 @@ procedure main() NF, Gamma_NF := bvadd32(#23, 1bv32)[32:31], Gamma_#23; assert Gamma_ZF; goto l000008ea_goto_l0000090b, l000008ea_goto_l0000091b; + lmain_goto_l00000599: + assume {:captureState "lmain_goto_l00000599"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l00000599; l00000698: assume {:captureState "l00000698"} true; R30, Gamma_R30 := 2280bv64, true; @@ -999,19 +958,51 @@ procedure main() assume {:captureState "l000006cb_goto_l000006ec"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); goto l000006ec; + l00000703_goto_l0000072b: + assume {:captureState "l00000703_goto_l0000072b"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); + goto l0000072b; l00000780_goto_l000007a1: assume {:captureState "l00000780_goto_l000007a1"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); goto l000007a1; + l000005e0: + assume {:captureState "l000005e0"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #6, Gamma_#6 := bvadd32(R0[32:0], 4294967284bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#6, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934581bv33))), (Gamma_R0 && Gamma_#6); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#6, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967285bv33))), (Gamma_R0 && Gamma_#6); + ZF, Gamma_ZF := bvcomp32(bvadd32(#6, 1bv32), 0bv32), Gamma_#6; + NF, Gamma_NF := bvadd32(#6, 1bv32)[32:31], Gamma_#6; + assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); + goto l000005e0_goto_l000005d7, l000005e0_goto_l00000608; l000005e0_goto_l00000608: assume {:captureState "l000005e0_goto_l00000608"} true; assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); goto l00000608; + l0000066b_goto_l0000068c: + assume {:captureState "l0000066b_goto_l0000068c"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l0000068c; l0000068c: assume {:captureState "l0000068c"} true; R30, Gamma_R30 := 2276bv64, true; call add_two(); goto l00000698; + l0000088a: + assume {:captureState "l0000088a"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #21, Gamma_#21 := bvadd32(R0[32:0], 4294967292bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#21, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934589bv33))), (Gamma_R0 && Gamma_#21); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#21, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967293bv33))), (Gamma_R0 && Gamma_#21); + ZF, Gamma_ZF := bvcomp32(bvadd32(#21, 1bv32), 0bv32), Gamma_#21; + NF, Gamma_NF := bvadd32(#21, 1bv32)[32:31], Gamma_#21; + assert Gamma_ZF; + goto l0000088a_goto_l000008ab, l0000088a_goto_l000008c2; + l00000809_goto_l00000831: + assume {:captureState "l00000809_goto_l00000831"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); + goto l00000831; main_return: assume {:captureState "main_return"} true; return; @@ -1106,9 +1097,6 @@ procedure sub_seven() mem, Gamma_mem := memory_store32_le(mem, R0, R1[32:0]), gamma_store32(Gamma_mem, R0, Gamma_R1); assume {:captureState "%00000543"} true; goto sub_seven_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; sub_seven_return: assume {:captureState "sub_seven_return"} true; return; diff --git a/src/test/correct/jumptable3/gcc_O2/jumptable3.expected b/src/test/correct/jumptable3/gcc_O2/jumptable3.expected index dee6571a6..3be698d6a 100644 --- a/src/test/correct/jumptable3/gcc_O2/jumptable3.expected +++ b/src/test/correct/jumptable3/gcc_O2/jumptable3.expected @@ -347,9 +347,6 @@ procedure main() assume {:captureState "l00000753"} true; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); goto l00000753_goto_l0000075c, l00000753_goto_l000006e8; - terminate: - assume {:captureState "terminate"} true; - goto terminate; l00000663_goto_l0000036b: assume {:captureState "l00000663_goto_l0000036b"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); diff --git a/src/test/correct/jumptable3/gcc_no_plt_no_pic/jumptable3.expected b/src/test/correct/jumptable3/gcc_no_plt_no_pic/jumptable3.expected index 05ccf4f57..ede386a66 100644 --- a/src/test/correct/jumptable3/gcc_no_plt_no_pic/jumptable3.expected +++ b/src/test/correct/jumptable3/gcc_no_plt_no_pic/jumptable3.expected @@ -207,9 +207,6 @@ procedure add_six() mem, Gamma_mem := memory_store32_le(mem, R0, R1[32:0]), gamma_store32(Gamma_mem, R0, Gamma_R1); assume {:captureState "%0000126c"} true; goto add_six_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; add_six_return: assume {:captureState "add_six_return"} true; return; @@ -304,9 +301,6 @@ procedure add_two() mem, Gamma_mem := memory_store32_le(mem, R0, R1[32:0]), gamma_store32(Gamma_mem, R0, Gamma_R1); assume {:captureState "%0000123a"} true; goto add_two_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; add_two_return: assume {:captureState "add_two_return"} true; return; @@ -497,6 +491,20 @@ procedure main() NF, Gamma_NF := bvadd32(#14, 1bv32)[32:31], Gamma_#14; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); goto l000014b3_goto_l00001332, l000014b3_goto_l000014db; + l0000131d: + assume {:captureState "l0000131d"} true; + R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); + R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); + R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; + goto main_return; + l0000139e_goto_l000013c6: + assume {:captureState "l0000139e_goto_l000013c6"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); + goto l000013c6; + l00001332: + assume {:captureState "l00001332"} true; + R0, Gamma_R0 := 1bv64, true; + goto l0000131d; l00001530: assume {:captureState "l00001530"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -507,10 +515,32 @@ procedure main() NF, Gamma_NF := bvadd32(#17, 1bv32)[32:31], Gamma_#17; assert Gamma_ZF; goto l00001530_goto_l00001564, l00001530_goto_l00001551; + l00001453: + assume {:captureState "l00001453"} true; + R30, Gamma_R30 := 2268bv64, true; + call add_six(); + goto l0000145a; + l0000169e_goto_l000016bf: + assume {:captureState "l0000169e_goto_l000016bf"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l000016bf; l00001645_goto_l00001676: assume {:captureState "l00001645_goto_l00001676"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); goto l00001676; + l00001612: + assume {:captureState "l00001612"} true; + R30, Gamma_R30 := 2232bv64, true; + call sub_seven(); + goto l00001619; + l00001363_goto_l0000139e: + assume {:captureState "l00001363_goto_l0000139e"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l0000139e; + l000016d6_goto_l000016fc: + assume {:captureState "l000016d6_goto_l000016fc"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l000016fc; l000015bd_goto_l000015e5: assume {:captureState "l000015bd_goto_l000015e5"} true; assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); @@ -527,6 +557,13 @@ procedure main() assume {:captureState "l000014b3_goto_l000014db"} true; assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); goto l000014db; + l00001619: + assume {:captureState "l00001619"} true; + goto l00001308; + lmain_goto_l0000133b: + assume {:captureState "lmain_goto_l0000133b"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l0000133b; l000014a7: assume {:captureState "l000014a7"} true; R30, Gamma_R30 := 2260bv64, true; @@ -536,10 +573,44 @@ procedure main() assume {:captureState "l000014db_goto_l000014fc"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); goto l000014fc; + l00001426_goto_l00001447: + assume {:captureState "l00001426_goto_l00001447"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l00001447; + l000013c6: + assume {:captureState "l000013c6"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #9, Gamma_#9 := bvadd32(R0[32:0], 4294967286bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#9, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934583bv33))), (Gamma_R0 && Gamma_#9); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#9, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967287bv33))), (Gamma_R0 && Gamma_#9); + ZF, Gamma_ZF := bvcomp32(bvadd32(#9, 1bv32), 0bv32), Gamma_#9; + NF, Gamma_NF := bvadd32(#9, 1bv32)[32:31], Gamma_#9; + assert Gamma_ZF; + goto l000013c6_goto_l000013e7, l000013c6_goto_l000013fe; l000014db_goto_l00001508: assume {:captureState "l000014db_goto_l00001508"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); goto l00001508; + l00001564: + assume {:captureState "l00001564"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #18, Gamma_#18 := bvadd32(R0[32:0], 4294967290bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#18, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934587bv33))), (Gamma_R0 && Gamma_#18); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#18, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967291bv33))), (Gamma_R0 && Gamma_#18); + ZF, Gamma_ZF := bvcomp32(bvadd32(#18, 1bv32), 0bv32), Gamma_#18; + NF, Gamma_NF := bvadd32(#18, 1bv32)[32:31], Gamma_#18; + assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); + goto l00001564_goto_l0000158c, l00001564_goto_l00001332; + l000014db: + assume {:captureState "l000014db"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #15, Gamma_#15 := bvadd32(R0[32:0], 4294967289bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#15, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934586bv33))), (Gamma_R0 && Gamma_#15); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#15, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967290bv33))), (Gamma_R0 && Gamma_#15); + ZF, Gamma_ZF := bvcomp32(bvadd32(#15, 1bv32), 0bv32), Gamma_#15; + NF, Gamma_NF := bvadd32(#15, 1bv32)[32:31], Gamma_#15; + assert Gamma_ZF; + goto l000014db_goto_l00001508, l000014db_goto_l000014fc; l000013fe: assume {:captureState "l000013fe"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -581,6 +652,11 @@ procedure main() l000013fa: assume {:captureState "l000013fa"} true; goto l00001308; + l00001606: + assume {:captureState "l00001606"} true; + R30, Gamma_R30 := 2228bv64, true; + call add_two(); + goto l00001612; l00001645: assume {:captureState "l00001645"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -591,6 +667,11 @@ procedure main() NF, Gamma_NF := bvadd32(#23, 1bv32)[32:31], Gamma_#23; assert Gamma_ZF; goto l00001645_goto_l00001676, l00001645_goto_l00001666; + l00001447: + assume {:captureState "l00001447"} true; + R30, Gamma_R30 := 2264bv64, true; + call sub_seven(); + goto l00001453; l000015bd: assume {:captureState "l000015bd"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -605,14 +686,46 @@ procedure main() assume {:captureState "l00001486_goto_l000014b3"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); goto l000014b3; - terminate: - assume {:captureState "terminate"} true; - goto terminate; + l00001530_goto_l00001551: + assume {:captureState "l00001530_goto_l00001551"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l00001551; + l000015bd_goto_l00001332: + assume {:captureState "l000015bd_goto_l00001332"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); + goto l00001332; + l0000155d: + assume {:captureState "l0000155d"} true; + R30, Gamma_R30 := 2252bv64, true; + call add_two(); + goto l000014fc; + l000015e5_goto_l0000161d: + assume {:captureState "l000015e5_goto_l0000161d"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l0000161d; + l0000161d_goto_l00001332: + assume {:captureState "l0000161d_goto_l00001332"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); + goto l00001332; + l0000139e: + assume {:captureState "l0000139e"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #8, Gamma_#8 := bvadd32(R0[32:0], 4294967285bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#8, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934582bv33))), (Gamma_R0 && Gamma_#8); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#8, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967286bv33))), (Gamma_R0 && Gamma_#8); + ZF, Gamma_ZF := bvcomp32(bvadd32(#8, 1bv32), 0bv32), Gamma_#8; + NF, Gamma_NF := bvadd32(#8, 1bv32)[32:31], Gamma_#8; + assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); + goto l0000139e_goto_l000013c6, l0000139e_goto_l00001332; l000012f4: assume {:captureState "l000012f4"} true; R30, Gamma_R30 := 2300bv64, true; call sub_seven(); goto l00001300; + l0000169e_goto_l000016d6: + assume {:captureState "l0000169e_goto_l000016d6"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l000016d6; l00001564_goto_l00001332: assume {:captureState "l00001564_goto_l00001332"} true; assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); @@ -624,6 +737,10 @@ procedure main() assume {:captureState "l0000158c_goto_l000015bd"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); goto l000015bd; + l0000133b_goto_l00001332: + assume {:captureState "l0000133b_goto_l00001332"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); + goto l00001332; l0000161d: assume {:captureState "l0000161d"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -634,6 +751,15 @@ procedure main() NF, Gamma_NF := bvadd32(#22, 1bv32)[32:31], Gamma_#22; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); goto l0000161d_goto_l00001332, l0000161d_goto_l00001645; + l00001390: + assume {:captureState "l00001390"} true; + R30, Gamma_R30 := 2292bv64, true; + call add_two(); + goto l00001397; + l000015e5_goto_l00001606: + assume {:captureState "l000015e5_goto_l00001606"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l00001606; l000016d6: assume {:captureState "l000016d6"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -644,6 +770,27 @@ procedure main() NF, Gamma_NF := bvadd32(#26, 1bv32)[32:31], Gamma_#26; assert Gamma_ZF; goto l000016d6_goto_l000016cf, l000016d6_goto_l000016fc; + l00001363_goto_l00001384: + assume {:captureState "l00001363_goto_l00001384"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l00001384; + l0000161d_goto_l00001645: + assume {:captureState "l0000161d_goto_l00001645"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); + goto l00001645; + l00001397: + assume {:captureState "l00001397"} true; + R30, Gamma_R30 := 2296bv64, true; + call add_six(); + goto l000012f4; + l00001551: + assume {:captureState "l00001551"} true; + R30, Gamma_R30 := 2248bv64, true; + call add_six(); + goto l0000155d; + l00001672: + assume {:captureState "l00001672"} true; + goto l00001308; l00001676_goto_l0000169e: assume {:captureState "l00001676_goto_l0000169e"} true; assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); @@ -665,6 +812,28 @@ procedure main() l000016cb: assume {:captureState "l000016cb"} true; goto l00001308; + l00001676: + assume {:captureState "l00001676"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #24, Gamma_#24 := bvadd32(R0[32:0], 4294967293bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#24, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934590bv33))), (Gamma_R0 && Gamma_#24); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#24, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967294bv33))), (Gamma_R0 && Gamma_#24); + ZF, Gamma_ZF := bvcomp32(bvadd32(#24, 1bv32), 0bv32), Gamma_#24; + NF, Gamma_NF := bvadd32(#24, 1bv32)[32:31], Gamma_#24; + assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); + goto l00001676_goto_l00001332, l00001676_goto_l0000169e; + l000013fe_goto_l00001426: + assume {:captureState "l000013fe_goto_l00001426"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); + goto l00001426; + l000013c6_goto_l000013fe: + assume {:captureState "l000013c6_goto_l000013fe"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l000013fe; + l0000145e_goto_l00001486: + assume {:captureState "l0000145e_goto_l00001486"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); + goto l00001486; l0000158c: assume {:captureState "l0000158c"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -683,11 +852,37 @@ procedure main() assume {:captureState "l0000158c_goto_l000015ad"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); goto l000015ad; + lmain_goto_l000012f4: + assume {:captureState "lmain_goto_l000012f4"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l000012f4; l000013e7: assume {:captureState "l000013e7"} true; R30, Gamma_R30 := 2276bv64, true; call add_two(); goto l000013f3; + l000015e5: + assume {:captureState "l000015e5"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #21, Gamma_#21 := bvadd32(R0[32:0], 4294967292bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#21, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934589bv33))), (Gamma_R0 && Gamma_#21); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#21, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967293bv33))), (Gamma_R0 && Gamma_#21); + ZF, Gamma_ZF := bvcomp32(bvadd32(#21, 1bv32), 0bv32), Gamma_#21; + NF, Gamma_NF := bvadd32(#21, 1bv32)[32:31], Gamma_#21; + assert Gamma_ZF; + goto l000015e5_goto_l0000161d, l000015e5_goto_l00001606; + l00001300: + assume {:captureState "l00001300"} true; + R30, Gamma_R30 := 2304bv64, true; + call add_two(); + goto l00001307; + l000016fc: + assume {:captureState "l000016fc"} true; + goto l00001332; + l00001426_goto_l0000145e: + assume {:captureState "l00001426_goto_l0000145e"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l0000145e; l000014fc: assume {:captureState "l000014fc"} true; R30, Gamma_R30 := 2256bv64, true; @@ -697,10 +892,29 @@ procedure main() assume {:captureState "l00001564_goto_l0000158c"} true; assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); goto l0000158c; + l00001384: + assume {:captureState "l00001384"} true; + R30, Gamma_R30 := 2288bv64, true; + call sub_seven(); + goto l00001390; + l00001308: + assume {:captureState "l00001308"} true; + R0, Gamma_R0 := 69632bv64, true; + R0, Gamma_R0 := bvadd64(R0, 16bv64), Gamma_R0; + call rely(); + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, R0)), (gamma_load32(Gamma_mem, R0) || L(mem, R0)); + goto l0000131d; + l00001508_goto_l00001332: + assume {:captureState "l00001508_goto_l00001332"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); + goto l00001332; l00001508_goto_l00001530: assume {:captureState "l00001508_goto_l00001530"} true; assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); goto l00001530; + l00001307: + assume {:captureState "l00001307"} true; + goto l00001308; l000016bf: assume {:captureState "l000016bf"} true; R30, Gamma_R30 := 2208bv64, true; @@ -710,6 +924,21 @@ procedure main() assume {:captureState "l0000139e_goto_l00001332"} true; assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); goto l00001332; + l00001426: + assume {:captureState "l00001426"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #11, Gamma_#11 := bvadd32(R0[32:0], 4294967287bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#11, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934584bv33))), (Gamma_R0 && Gamma_#11); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#11, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967288bv33))), (Gamma_R0 && Gamma_#11); + ZF, Gamma_ZF := bvcomp32(bvadd32(#11, 1bv32), 0bv32), Gamma_#11; + NF, Gamma_NF := bvadd32(#11, 1bv32)[32:31], Gamma_#11; + assert Gamma_ZF; + goto l00001426_goto_l0000145e, l00001426_goto_l00001447; + l00001666: + assume {:captureState "l00001666"} true; + R30, Gamma_R30 := 2220bv64, true; + call sub_seven(); + goto l00001672; l0000145e: assume {:captureState "l0000145e"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -774,244 +1003,6 @@ procedure main() NF, Gamma_NF := bvadd32(#16, 1bv32)[32:31], Gamma_#16; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); goto l00001508_goto_l00001332, l00001508_goto_l00001530; - l0000131d: - assume {:captureState "l0000131d"} true; - R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); - R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); - R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; - goto main_return; - l0000139e_goto_l000013c6: - assume {:captureState "l0000139e_goto_l000013c6"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); - goto l000013c6; - l00001332: - assume {:captureState "l00001332"} true; - R0, Gamma_R0 := 1bv64, true; - goto l0000131d; - l00001453: - assume {:captureState "l00001453"} true; - R30, Gamma_R30 := 2268bv64, true; - call add_six(); - goto l0000145a; - l0000169e_goto_l000016bf: - assume {:captureState "l0000169e_goto_l000016bf"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l000016bf; - l00001612: - assume {:captureState "l00001612"} true; - R30, Gamma_R30 := 2232bv64, true; - call sub_seven(); - goto l00001619; - l00001363_goto_l0000139e: - assume {:captureState "l00001363_goto_l0000139e"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l0000139e; - l000016d6_goto_l000016fc: - assume {:captureState "l000016d6_goto_l000016fc"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l000016fc; - l00001619: - assume {:captureState "l00001619"} true; - goto l00001308; - lmain_goto_l0000133b: - assume {:captureState "lmain_goto_l0000133b"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l0000133b; - l00001426_goto_l00001447: - assume {:captureState "l00001426_goto_l00001447"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l00001447; - l000013c6: - assume {:captureState "l000013c6"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #9, Gamma_#9 := bvadd32(R0[32:0], 4294967286bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#9, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934583bv33))), (Gamma_R0 && Gamma_#9); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#9, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967287bv33))), (Gamma_R0 && Gamma_#9); - ZF, Gamma_ZF := bvcomp32(bvadd32(#9, 1bv32), 0bv32), Gamma_#9; - NF, Gamma_NF := bvadd32(#9, 1bv32)[32:31], Gamma_#9; - assert Gamma_ZF; - goto l000013c6_goto_l000013e7, l000013c6_goto_l000013fe; - l00001564: - assume {:captureState "l00001564"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #18, Gamma_#18 := bvadd32(R0[32:0], 4294967290bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#18, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934587bv33))), (Gamma_R0 && Gamma_#18); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#18, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967291bv33))), (Gamma_R0 && Gamma_#18); - ZF, Gamma_ZF := bvcomp32(bvadd32(#18, 1bv32), 0bv32), Gamma_#18; - NF, Gamma_NF := bvadd32(#18, 1bv32)[32:31], Gamma_#18; - assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l00001564_goto_l0000158c, l00001564_goto_l00001332; - l000014db: - assume {:captureState "l000014db"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #15, Gamma_#15 := bvadd32(R0[32:0], 4294967289bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#15, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934586bv33))), (Gamma_R0 && Gamma_#15); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#15, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967290bv33))), (Gamma_R0 && Gamma_#15); - ZF, Gamma_ZF := bvcomp32(bvadd32(#15, 1bv32), 0bv32), Gamma_#15; - NF, Gamma_NF := bvadd32(#15, 1bv32)[32:31], Gamma_#15; - assert Gamma_ZF; - goto l000014db_goto_l00001508, l000014db_goto_l000014fc; - l00001606: - assume {:captureState "l00001606"} true; - R30, Gamma_R30 := 2228bv64, true; - call add_two(); - goto l00001612; - l00001447: - assume {:captureState "l00001447"} true; - R30, Gamma_R30 := 2264bv64, true; - call sub_seven(); - goto l00001453; - l00001530_goto_l00001551: - assume {:captureState "l00001530_goto_l00001551"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l00001551; - l000015bd_goto_l00001332: - assume {:captureState "l000015bd_goto_l00001332"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); - goto l00001332; - l0000155d: - assume {:captureState "l0000155d"} true; - R30, Gamma_R30 := 2252bv64, true; - call add_two(); - goto l000014fc; - l000015e5_goto_l0000161d: - assume {:captureState "l000015e5_goto_l0000161d"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l0000161d; - l0000161d_goto_l00001332: - assume {:captureState "l0000161d_goto_l00001332"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); - goto l00001332; - l0000139e: - assume {:captureState "l0000139e"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #8, Gamma_#8 := bvadd32(R0[32:0], 4294967285bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#8, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934582bv33))), (Gamma_R0 && Gamma_#8); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#8, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967286bv33))), (Gamma_R0 && Gamma_#8); - ZF, Gamma_ZF := bvcomp32(bvadd32(#8, 1bv32), 0bv32), Gamma_#8; - NF, Gamma_NF := bvadd32(#8, 1bv32)[32:31], Gamma_#8; - assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l0000139e_goto_l000013c6, l0000139e_goto_l00001332; - l0000169e_goto_l000016d6: - assume {:captureState "l0000169e_goto_l000016d6"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l000016d6; - l0000133b_goto_l00001332: - assume {:captureState "l0000133b_goto_l00001332"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); - goto l00001332; - l00001390: - assume {:captureState "l00001390"} true; - R30, Gamma_R30 := 2292bv64, true; - call add_two(); - goto l00001397; - l000015e5_goto_l00001606: - assume {:captureState "l000015e5_goto_l00001606"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l00001606; - l00001363_goto_l00001384: - assume {:captureState "l00001363_goto_l00001384"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l00001384; - l0000161d_goto_l00001645: - assume {:captureState "l0000161d_goto_l00001645"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); - goto l00001645; - l00001397: - assume {:captureState "l00001397"} true; - R30, Gamma_R30 := 2296bv64, true; - call add_six(); - goto l000012f4; - l00001551: - assume {:captureState "l00001551"} true; - R30, Gamma_R30 := 2248bv64, true; - call add_six(); - goto l0000155d; - l00001672: - assume {:captureState "l00001672"} true; - goto l00001308; - l00001676: - assume {:captureState "l00001676"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #24, Gamma_#24 := bvadd32(R0[32:0], 4294967293bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#24, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934590bv33))), (Gamma_R0 && Gamma_#24); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#24, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967294bv33))), (Gamma_R0 && Gamma_#24); - ZF, Gamma_ZF := bvcomp32(bvadd32(#24, 1bv32), 0bv32), Gamma_#24; - NF, Gamma_NF := bvadd32(#24, 1bv32)[32:31], Gamma_#24; - assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l00001676_goto_l00001332, l00001676_goto_l0000169e; - l000013fe_goto_l00001426: - assume {:captureState "l000013fe_goto_l00001426"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); - goto l00001426; - l000013c6_goto_l000013fe: - assume {:captureState "l000013c6_goto_l000013fe"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l000013fe; - l0000145e_goto_l00001486: - assume {:captureState "l0000145e_goto_l00001486"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); - goto l00001486; - lmain_goto_l000012f4: - assume {:captureState "lmain_goto_l000012f4"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l000012f4; - l000015e5: - assume {:captureState "l000015e5"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #21, Gamma_#21 := bvadd32(R0[32:0], 4294967292bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#21, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934589bv33))), (Gamma_R0 && Gamma_#21); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#21, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967293bv33))), (Gamma_R0 && Gamma_#21); - ZF, Gamma_ZF := bvcomp32(bvadd32(#21, 1bv32), 0bv32), Gamma_#21; - NF, Gamma_NF := bvadd32(#21, 1bv32)[32:31], Gamma_#21; - assert Gamma_ZF; - goto l000015e5_goto_l0000161d, l000015e5_goto_l00001606; - l00001300: - assume {:captureState "l00001300"} true; - R30, Gamma_R30 := 2304bv64, true; - call add_two(); - goto l00001307; - l000016fc: - assume {:captureState "l000016fc"} true; - goto l00001332; - l00001426_goto_l0000145e: - assume {:captureState "l00001426_goto_l0000145e"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l0000145e; - l00001384: - assume {:captureState "l00001384"} true; - R30, Gamma_R30 := 2288bv64, true; - call sub_seven(); - goto l00001390; - l00001308: - assume {:captureState "l00001308"} true; - R0, Gamma_R0 := 69632bv64, true; - R0, Gamma_R0 := bvadd64(R0, 16bv64), Gamma_R0; - call rely(); - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, R0)), (gamma_load32(Gamma_mem, R0) || L(mem, R0)); - goto l0000131d; - l00001508_goto_l00001332: - assume {:captureState "l00001508_goto_l00001332"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); - goto l00001332; - l00001307: - assume {:captureState "l00001307"} true; - goto l00001308; - l00001426: - assume {:captureState "l00001426"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #11, Gamma_#11 := bvadd32(R0[32:0], 4294967287bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#11, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934584bv33))), (Gamma_R0 && Gamma_#11); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#11, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967288bv33))), (Gamma_R0 && Gamma_#11); - ZF, Gamma_ZF := bvcomp32(bvadd32(#11, 1bv32), 0bv32), Gamma_#11; - NF, Gamma_NF := bvadd32(#11, 1bv32)[32:31], Gamma_#11; - assert Gamma_ZF; - goto l00001426_goto_l0000145e, l00001426_goto_l00001447; - l00001666: - assume {:captureState "l00001666"} true; - R30, Gamma_R30 := 2220bv64, true; - call sub_seven(); - goto l00001672; main_return: assume {:captureState "main_return"} true; return; @@ -1106,9 +1097,6 @@ procedure sub_seven() mem, Gamma_mem := memory_store32_le(mem, R0, R1[32:0]), gamma_store32(Gamma_mem, R0, Gamma_R1); assume {:captureState "%0000129e"} true; goto sub_seven_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; sub_seven_return: assume {:captureState "sub_seven_return"} true; return; diff --git a/src/test/correct/jumptable3/gcc_pic/jumptable3.expected b/src/test/correct/jumptable3/gcc_pic/jumptable3.expected index 15eee74c7..454a6856e 100644 --- a/src/test/correct/jumptable3/gcc_pic/jumptable3.expected +++ b/src/test/correct/jumptable3/gcc_pic/jumptable3.expected @@ -233,9 +233,6 @@ procedure add_six() mem, Gamma_mem := memory_store32_le(mem, R0, R1[32:0]), gamma_store32(Gamma_mem, R0, Gamma_R1); assume {:captureState "%00000515"} true; goto add_six_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; add_six_return: assume {:captureState "add_six_return"} true; return; @@ -348,9 +345,6 @@ procedure add_two() mem, Gamma_mem := memory_store32_le(mem, R0, R1[32:0]), gamma_store32(Gamma_mem, R0, Gamma_R1); assume {:captureState "%000004e1"} true; goto add_two_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; add_two_return: assume {:captureState "add_two_return"} true; return; @@ -547,6 +541,20 @@ procedure main() NF, Gamma_NF := bvadd32(#5, 1bv32)[32:31], Gamma_#5; assert Gamma_ZF; goto lmain_goto_l000005e7, lmain_goto_l0000059f; + l00000732_goto_l0000075f: + assume {:captureState "l00000732_goto_l0000075f"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l0000075f; + l000006aa_goto_l000006d2: + assume {:captureState "l000006aa_goto_l000006d2"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); + goto l000006d2; + l000005c9: + assume {:captureState "l000005c9"} true; + R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); + R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); + R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; + goto main_return; l000006a6: assume {:captureState "l000006a6"} true; goto l000005b3; @@ -598,14 +606,42 @@ procedure main() assume {:captureState "l00000891_goto_l000008c9"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); goto l000008c9; + l00000922_goto_l000005de: + assume {:captureState "l00000922_goto_l000005de"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); + goto l000005de; l000008f1_goto_l00000922: assume {:captureState "l000008f1_goto_l00000922"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); goto l00000922; + l00000838_goto_l00000859: + assume {:captureState "l00000838_goto_l00000859"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l00000859; l000006aa_goto_l000005de: assume {:captureState "l000006aa_goto_l000005de"} true; assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); goto l000005de; + l00000922: + assume {:captureState "l00000922"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #24, Gamma_#24 := bvadd32(R0[32:0], 4294967293bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#24, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934590bv33))), (Gamma_R0 && Gamma_#24); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#24, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967294bv33))), (Gamma_R0 && Gamma_#24); + ZF, Gamma_ZF := bvcomp32(bvadd32(#24, 1bv32), 0bv32), Gamma_#24; + NF, Gamma_NF := bvadd32(#24, 1bv32)[32:31], Gamma_#24; + assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); + goto l00000922_goto_l0000094a, l00000922_goto_l000005de; + l00000643: + assume {:captureState "l00000643"} true; + R30, Gamma_R30 := 2360bv64, true; + call add_six(); + goto l0000059f; + l000007fd: + assume {:captureState "l000007fd"} true; + R30, Gamma_R30 := 2312bv64, true; + call add_six(); + goto l00000809; l0000075f_goto_l00000787: assume {:captureState "l0000075f_goto_l00000787"} true; assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); @@ -614,6 +650,20 @@ procedure main() assume {:captureState "l0000075f_goto_l000005de"} true; assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); goto l000005de; + l0000059f: + assume {:captureState "l0000059f"} true; + R30, Gamma_R30 := 2364bv64, true; + call sub_seven(); + goto l000005ab; + lmain_goto_l000005e7: + assume {:captureState "lmain_goto_l000005e7"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l000005e7; + l000006f3: + assume {:captureState "l000006f3"} true; + R30, Gamma_R30 := 2328bv64, true; + call sub_seven(); + goto l000006ff; l000008f1: assume {:captureState "l000008f1"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -624,6 +674,11 @@ procedure main() NF, Gamma_NF := bvadd32(#23, 1bv32)[32:31], Gamma_#23; assert Gamma_ZF; goto l000008f1_goto_l00000912, l000008f1_goto_l00000922; + l00000809: + assume {:captureState "l00000809"} true; + R30, Gamma_R30 := 2316bv64, true; + call add_two(); + goto l000007a8; l00000982_goto_l0000097b: assume {:captureState "l00000982_goto_l0000097b"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); @@ -632,6 +687,10 @@ procedure main() assume {:captureState "l000007dc_goto_l000007fd"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); goto l000007fd; + l0000064a_goto_l000005de: + assume {:captureState "l0000064a_goto_l000005de"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); + goto l000005de; l000007b4: assume {:captureState "l000007b4"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -642,14 +701,45 @@ procedure main() NF, Gamma_NF := bvadd32(#16, 1bv32)[32:31], Gamma_#16; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); goto l000007b4_goto_l000007dc, l000007b4_goto_l000005de; + l000005b3: + assume {:captureState "l000005b3"} true; + R0, Gamma_R0 := 65536bv64, true; + call rely(); + R0, Gamma_R0 := memory_load64_le(mem, bvadd64(R0, 4064bv64)), (gamma_load64(Gamma_mem, bvadd64(R0, 4064bv64)) || L(mem, bvadd64(R0, 4064bv64))); + call rely(); + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, R0)), (gamma_load32(Gamma_mem, R0) || L(mem, R0)); + goto l000005c9; l000005e7_goto_l000005de: assume {:captureState "l000005e7_goto_l000005de"} true; assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); goto l000005de; + l0000097b: + assume {:captureState "l0000097b"} true; + R30, Gamma_R30 := 2280bv64, true; + call add_six(); + goto l00000912; + l000006d2: + assume {:captureState "l000006d2"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #11, Gamma_#11 := bvadd32(R0[32:0], 4294967287bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#11, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934584bv33))), (Gamma_R0 && Gamma_#11); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#11, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967288bv33))), (Gamma_R0 && Gamma_#11); + ZF, Gamma_ZF := bvcomp32(bvadd32(#11, 1bv32), 0bv32), Gamma_#11; + NF, Gamma_NF := bvadd32(#11, 1bv32)[32:31], Gamma_#11; + assert Gamma_ZF; + goto l000006d2_goto_l0000070a, l000006d2_goto_l000006f3; l00000810_goto_l00000838: assume {:captureState "l00000810_goto_l00000838"} true; assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); goto l00000838; + l000005b2: + assume {:captureState "l000005b2"} true; + goto l000005b3; + l00000630: + assume {:captureState "l00000630"} true; + R30, Gamma_R30 := 2352bv64, true; + call sub_seven(); + goto l0000063c; l00000672: assume {:captureState "l00000672"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -664,13 +754,33 @@ procedure main() assume {:captureState "l0000070a_goto_l000005de"} true; assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); goto l000005de; + l00000912: + assume {:captureState "l00000912"} true; + R30, Gamma_R30 := 2284bv64, true; + call sub_seven(); + goto l0000091e; + l000005ab: + assume {:captureState "l000005ab"} true; + R30, Gamma_R30 := 2368bv64, true; + call add_two(); + goto l000005b2; + l00000732_goto_l00000753: + assume {:captureState "l00000732_goto_l00000753"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l00000753; + l00000753: + assume {:captureState "l00000753"} true; + R30, Gamma_R30 := 2324bv64, true; + call sub_seven(); + goto l000006f3; l00000869_goto_l00000891: assume {:captureState "l00000869_goto_l00000891"} true; assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); goto l00000891; - terminate: - assume {:captureState "terminate"} true; - goto terminate; + l0000060f_goto_l0000064a: + assume {:captureState "l0000060f_goto_l0000064a"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l0000064a; l00000838: assume {:captureState "l00000838"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -681,6 +791,10 @@ procedure main() NF, Gamma_NF := bvadd32(#19, 1bv32)[32:31], Gamma_#19; assert Gamma_ZF; goto l00000838_goto_l00000869, l00000838_goto_l00000859; + l000005e7_goto_l0000060f: + assume {:captureState "l000005e7_goto_l0000060f"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); + goto l0000060f; l000008c5: assume {:captureState "l000008c5"} true; goto l000005b3; @@ -702,6 +816,28 @@ procedure main() assume {:captureState "lmain_goto_l0000059f"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); goto l0000059f; + l0000096b: + assume {:captureState "l0000096b"} true; + R30, Gamma_R30 := 2272bv64, true; + call add_two(); + goto l00000977; + l00000982: + assume {:captureState "l00000982"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #26, Gamma_#26 := bvadd32(R0[32:0], 4294967294bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#26, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934591bv33))), (Gamma_R0 && Gamma_#26); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#26, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967295bv33))), (Gamma_R0 && Gamma_#26); + ZF, Gamma_ZF := bvcomp32(bvadd32(#26, 1bv32), 0bv32), Gamma_#26; + NF, Gamma_NF := bvadd32(#26, 1bv32)[32:31], Gamma_#26; + assert Gamma_ZF; + goto l00000982_goto_l000009a8, l00000982_goto_l0000097b; + l000009a8: + assume {:captureState "l000009a8"} true; + goto l000005de; + l0000094a_goto_l0000096b: + assume {:captureState "l0000094a_goto_l0000096b"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l0000096b; l000007a8: assume {:captureState "l000007a8"} true; R30, Gamma_R30 := 2320bv64, true; @@ -717,10 +853,30 @@ procedure main() NF, Gamma_NF := bvadd32(#22, 1bv32)[32:31], Gamma_#22; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); goto l000008c9_goto_l000008f1, l000008c9_goto_l000005de; + l0000060f: + assume {:captureState "l0000060f"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #7, Gamma_#7 := bvadd32(R0[32:0], 4294967285bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#7, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934582bv33))), (Gamma_R0 && Gamma_#7); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#7, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967286bv33))), (Gamma_R0 && Gamma_#7); + ZF, Gamma_ZF := bvcomp32(bvadd32(#7, 1bv32), 0bv32), Gamma_#7; + NF, Gamma_NF := bvadd32(#7, 1bv32)[32:31], Gamma_#7; + assert Gamma_ZF; + goto l0000060f_goto_l00000630, l0000060f_goto_l0000064a; l0000070a_goto_l00000732: assume {:captureState "l0000070a_goto_l00000732"} true; assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); goto l00000732; + l00000869: + assume {:captureState "l00000869"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #20, Gamma_#20 := bvadd32(R0[32:0], 4294967291bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#20, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934588bv33))), (Gamma_R0 && Gamma_#20); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#20, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967292bv33))), (Gamma_R0 && Gamma_#20); + ZF, Gamma_ZF := bvcomp32(bvadd32(#20, 1bv32), 0bv32), Gamma_#20; + NF, Gamma_NF := bvadd32(#20, 1bv32)[32:31], Gamma_#20; + assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); + goto l00000869_goto_l00000891, l00000869_goto_l000005de; l000008be: assume {:captureState "l000008be"} true; R30, Gamma_R30 := 2296bv64, true; @@ -744,11 +900,24 @@ procedure main() assume {:captureState "l000005de"} true; R0, Gamma_R0 := 1bv64, true; goto l000005c9; + l000007dc: + assume {:captureState "l000007dc"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #17, Gamma_#17 := bvadd32(R0[32:0], 4294967290bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#17, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934587bv33))), (Gamma_R0 && Gamma_#17); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#17, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967291bv33))), (Gamma_R0 && Gamma_#17); + ZF, Gamma_ZF := bvcomp32(bvadd32(#17, 1bv32), 0bv32), Gamma_#17; + NF, Gamma_NF := bvadd32(#17, 1bv32)[32:31], Gamma_#17; + assert Gamma_ZF; + goto l000007dc_goto_l000007fd, l000007dc_goto_l00000810; l000006ff: assume {:captureState "l000006ff"} true; R30, Gamma_R30 := 2332bv64, true; call add_six(); goto l00000706; + l00000865: + assume {:captureState "l00000865"} true; + goto l000005b3; l000008c9_goto_l000005de: assume {:captureState "l000008c9_goto_l000005de"} true; assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); @@ -757,6 +926,19 @@ procedure main() assume {:captureState "l000007b4_goto_l000007dc"} true; assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); goto l000007dc; + l000007b4_goto_l000005de: + assume {:captureState "l000007b4_goto_l000005de"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); + goto l000005de; + l0000094a_goto_l00000982: + assume {:captureState "l0000094a_goto_l00000982"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l00000982; + l0000069f: + assume {:captureState "l0000069f"} true; + R30, Gamma_R30 := 2344bv64, true; + call add_six(); + goto l000006a6; l00000869_goto_l000005de: assume {:captureState "l00000869_goto_l000005de"} true; assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); @@ -764,6 +946,10 @@ procedure main() l00000706: assume {:captureState "l00000706"} true; goto l000005b3; + l00000672_goto_l000006aa: + assume {:captureState "l00000672_goto_l000006aa"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l000006aa; l0000075f: assume {:captureState "l0000075f"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -779,6 +965,10 @@ procedure main() R30, Gamma_R30 := 2292bv64, true; call add_two(); goto l000008be; + l00000787_goto_l000007a8: + assume {:captureState "l00000787_goto_l000007a8"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l000007a8; l0000063c: assume {:captureState "l0000063c"} true; R30, Gamma_R30 := 2356bv64, true; @@ -788,6 +978,15 @@ procedure main() assume {:captureState "l000006d2_goto_l000006f3"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); goto l000006f3; + l00000672_goto_l00000693: + assume {:captureState "l00000672_goto_l00000693"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l00000693; + l00000693: + assume {:captureState "l00000693"} true; + R30, Gamma_R30 := 2340bv64, true; + call add_two(); + goto l0000069f; l00000891: assume {:captureState "l00000891"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -813,6 +1012,29 @@ procedure main() assume {:captureState "l000008f1_goto_l00000912"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); goto l00000912; + l00000977: + assume {:captureState "l00000977"} true; + goto l000005b3; + l00000732: + assume {:captureState "l00000732"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #13, Gamma_#13 := bvadd32(R0[32:0], 4294967288bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#13, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934585bv33))), (Gamma_R0 && Gamma_#13); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#13, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967289bv33))), (Gamma_R0 && Gamma_#13); + ZF, Gamma_ZF := bvcomp32(bvadd32(#13, 1bv32), 0bv32), Gamma_#13; + NF, Gamma_NF := bvadd32(#13, 1bv32)[32:31], Gamma_#13; + assert Gamma_ZF; + goto l00000732_goto_l0000075f, l00000732_goto_l00000753; + l000006aa: + assume {:captureState "l000006aa"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #10, Gamma_#10 := bvadd32(R0[32:0], 4294967286bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#10, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934583bv33))), (Gamma_R0 && Gamma_#10); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#10, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967287bv33))), (Gamma_R0 && Gamma_#10); + ZF, Gamma_ZF := bvcomp32(bvadd32(#10, 1bv32), 0bv32), Gamma_#10; + NF, Gamma_NF := bvadd32(#10, 1bv32)[32:31], Gamma_#10; + assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); + goto l000006aa_goto_l000006d2, l000006aa_goto_l000005de; l00000810: assume {:captureState "l00000810"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -837,237 +1059,6 @@ procedure main() assume {:captureState "l00000922_goto_l0000094a"} true; assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); goto l0000094a; - l00000732_goto_l0000075f: - assume {:captureState "l00000732_goto_l0000075f"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l0000075f; - l000006aa_goto_l000006d2: - assume {:captureState "l000006aa_goto_l000006d2"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); - goto l000006d2; - l000005c9: - assume {:captureState "l000005c9"} true; - R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); - R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); - R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; - goto main_return; - l00000922_goto_l000005de: - assume {:captureState "l00000922_goto_l000005de"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); - goto l000005de; - l00000838_goto_l00000859: - assume {:captureState "l00000838_goto_l00000859"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l00000859; - l00000922: - assume {:captureState "l00000922"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #24, Gamma_#24 := bvadd32(R0[32:0], 4294967293bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#24, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934590bv33))), (Gamma_R0 && Gamma_#24); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#24, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967294bv33))), (Gamma_R0 && Gamma_#24); - ZF, Gamma_ZF := bvcomp32(bvadd32(#24, 1bv32), 0bv32), Gamma_#24; - NF, Gamma_NF := bvadd32(#24, 1bv32)[32:31], Gamma_#24; - assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l00000922_goto_l0000094a, l00000922_goto_l000005de; - l00000643: - assume {:captureState "l00000643"} true; - R30, Gamma_R30 := 2360bv64, true; - call add_six(); - goto l0000059f; - l000007fd: - assume {:captureState "l000007fd"} true; - R30, Gamma_R30 := 2312bv64, true; - call add_six(); - goto l00000809; - l0000059f: - assume {:captureState "l0000059f"} true; - R30, Gamma_R30 := 2364bv64, true; - call sub_seven(); - goto l000005ab; - lmain_goto_l000005e7: - assume {:captureState "lmain_goto_l000005e7"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l000005e7; - l000006f3: - assume {:captureState "l000006f3"} true; - R30, Gamma_R30 := 2328bv64, true; - call sub_seven(); - goto l000006ff; - l00000809: - assume {:captureState "l00000809"} true; - R30, Gamma_R30 := 2316bv64, true; - call add_two(); - goto l000007a8; - l0000064a_goto_l000005de: - assume {:captureState "l0000064a_goto_l000005de"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); - goto l000005de; - l000005b3: - assume {:captureState "l000005b3"} true; - R0, Gamma_R0 := 65536bv64, true; - call rely(); - R0, Gamma_R0 := memory_load64_le(mem, bvadd64(R0, 4064bv64)), (gamma_load64(Gamma_mem, bvadd64(R0, 4064bv64)) || L(mem, bvadd64(R0, 4064bv64))); - call rely(); - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, R0)), (gamma_load32(Gamma_mem, R0) || L(mem, R0)); - goto l000005c9; - l0000097b: - assume {:captureState "l0000097b"} true; - R30, Gamma_R30 := 2280bv64, true; - call add_six(); - goto l00000912; - l000006d2: - assume {:captureState "l000006d2"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #11, Gamma_#11 := bvadd32(R0[32:0], 4294967287bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#11, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934584bv33))), (Gamma_R0 && Gamma_#11); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#11, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967288bv33))), (Gamma_R0 && Gamma_#11); - ZF, Gamma_ZF := bvcomp32(bvadd32(#11, 1bv32), 0bv32), Gamma_#11; - NF, Gamma_NF := bvadd32(#11, 1bv32)[32:31], Gamma_#11; - assert Gamma_ZF; - goto l000006d2_goto_l0000070a, l000006d2_goto_l000006f3; - l000005b2: - assume {:captureState "l000005b2"} true; - goto l000005b3; - l00000630: - assume {:captureState "l00000630"} true; - R30, Gamma_R30 := 2352bv64, true; - call sub_seven(); - goto l0000063c; - l00000912: - assume {:captureState "l00000912"} true; - R30, Gamma_R30 := 2284bv64, true; - call sub_seven(); - goto l0000091e; - l000005ab: - assume {:captureState "l000005ab"} true; - R30, Gamma_R30 := 2368bv64, true; - call add_two(); - goto l000005b2; - l00000732_goto_l00000753: - assume {:captureState "l00000732_goto_l00000753"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l00000753; - l00000753: - assume {:captureState "l00000753"} true; - R30, Gamma_R30 := 2324bv64, true; - call sub_seven(); - goto l000006f3; - l0000060f_goto_l0000064a: - assume {:captureState "l0000060f_goto_l0000064a"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l0000064a; - l000005e7_goto_l0000060f: - assume {:captureState "l000005e7_goto_l0000060f"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); - goto l0000060f; - l0000096b: - assume {:captureState "l0000096b"} true; - R30, Gamma_R30 := 2272bv64, true; - call add_two(); - goto l00000977; - l00000982: - assume {:captureState "l00000982"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #26, Gamma_#26 := bvadd32(R0[32:0], 4294967294bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#26, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934591bv33))), (Gamma_R0 && Gamma_#26); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#26, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967295bv33))), (Gamma_R0 && Gamma_#26); - ZF, Gamma_ZF := bvcomp32(bvadd32(#26, 1bv32), 0bv32), Gamma_#26; - NF, Gamma_NF := bvadd32(#26, 1bv32)[32:31], Gamma_#26; - assert Gamma_ZF; - goto l00000982_goto_l000009a8, l00000982_goto_l0000097b; - l000009a8: - assume {:captureState "l000009a8"} true; - goto l000005de; - l0000094a_goto_l0000096b: - assume {:captureState "l0000094a_goto_l0000096b"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l0000096b; - l0000060f: - assume {:captureState "l0000060f"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #7, Gamma_#7 := bvadd32(R0[32:0], 4294967285bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#7, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934582bv33))), (Gamma_R0 && Gamma_#7); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#7, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967286bv33))), (Gamma_R0 && Gamma_#7); - ZF, Gamma_ZF := bvcomp32(bvadd32(#7, 1bv32), 0bv32), Gamma_#7; - NF, Gamma_NF := bvadd32(#7, 1bv32)[32:31], Gamma_#7; - assert Gamma_ZF; - goto l0000060f_goto_l00000630, l0000060f_goto_l0000064a; - l00000869: - assume {:captureState "l00000869"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #20, Gamma_#20 := bvadd32(R0[32:0], 4294967291bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#20, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934588bv33))), (Gamma_R0 && Gamma_#20); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#20, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967292bv33))), (Gamma_R0 && Gamma_#20); - ZF, Gamma_ZF := bvcomp32(bvadd32(#20, 1bv32), 0bv32), Gamma_#20; - NF, Gamma_NF := bvadd32(#20, 1bv32)[32:31], Gamma_#20; - assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l00000869_goto_l00000891, l00000869_goto_l000005de; - l000007dc: - assume {:captureState "l000007dc"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #17, Gamma_#17 := bvadd32(R0[32:0], 4294967290bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#17, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934587bv33))), (Gamma_R0 && Gamma_#17); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#17, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967291bv33))), (Gamma_R0 && Gamma_#17); - ZF, Gamma_ZF := bvcomp32(bvadd32(#17, 1bv32), 0bv32), Gamma_#17; - NF, Gamma_NF := bvadd32(#17, 1bv32)[32:31], Gamma_#17; - assert Gamma_ZF; - goto l000007dc_goto_l000007fd, l000007dc_goto_l00000810; - l00000865: - assume {:captureState "l00000865"} true; - goto l000005b3; - l000007b4_goto_l000005de: - assume {:captureState "l000007b4_goto_l000005de"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); - goto l000005de; - l0000094a_goto_l00000982: - assume {:captureState "l0000094a_goto_l00000982"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l00000982; - l0000069f: - assume {:captureState "l0000069f"} true; - R30, Gamma_R30 := 2344bv64, true; - call add_six(); - goto l000006a6; - l00000672_goto_l000006aa: - assume {:captureState "l00000672_goto_l000006aa"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l000006aa; - l00000787_goto_l000007a8: - assume {:captureState "l00000787_goto_l000007a8"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l000007a8; - l00000672_goto_l00000693: - assume {:captureState "l00000672_goto_l00000693"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l00000693; - l00000693: - assume {:captureState "l00000693"} true; - R30, Gamma_R30 := 2340bv64, true; - call add_two(); - goto l0000069f; - l00000977: - assume {:captureState "l00000977"} true; - goto l000005b3; - l00000732: - assume {:captureState "l00000732"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #13, Gamma_#13 := bvadd32(R0[32:0], 4294967288bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#13, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934585bv33))), (Gamma_R0 && Gamma_#13); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#13, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967289bv33))), (Gamma_R0 && Gamma_#13); - ZF, Gamma_ZF := bvcomp32(bvadd32(#13, 1bv32), 0bv32), Gamma_#13; - NF, Gamma_NF := bvadd32(#13, 1bv32)[32:31], Gamma_#13; - assert Gamma_ZF; - goto l00000732_goto_l0000075f, l00000732_goto_l00000753; - l000006aa: - assume {:captureState "l000006aa"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #10, Gamma_#10 := bvadd32(R0[32:0], 4294967286bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#10, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934583bv33))), (Gamma_R0 && Gamma_#10); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#10, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967287bv33))), (Gamma_R0 && Gamma_#10); - ZF, Gamma_ZF := bvcomp32(bvadd32(#10, 1bv32), 0bv32), Gamma_#10; - NF, Gamma_NF := bvadd32(#10, 1bv32)[32:31], Gamma_#10; - assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l000006aa_goto_l000006d2, l000006aa_goto_l000005de; l00000859: assume {:captureState "l00000859"} true; R30, Gamma_R30 := 2304bv64, true; @@ -1185,9 +1176,6 @@ procedure sub_seven() mem, Gamma_mem := memory_store32_le(mem, R0, R1[32:0]), gamma_store32(Gamma_mem, R0, Gamma_R1); assume {:captureState "%00000549"} true; goto sub_seven_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; sub_seven_return: assume {:captureState "sub_seven_return"} true; return; diff --git a/src/test/correct/malloc_with_local/clang/malloc_with_local.expected b/src/test/correct/malloc_with_local/clang/malloc_with_local.expected index 9682dff81..5738fad9c 100644 --- a/src/test/correct/malloc_with_local/clang/malloc_with_local.expected +++ b/src/test/correct/malloc_with_local/clang/malloc_with_local.expected @@ -697,9 +697,6 @@ procedure main() R30, Gamma_R30 := 2220bv64, true; call #free(); goto l00000459; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/malloc_with_local/clang_O2/malloc_with_local.expected b/src/test/correct/malloc_with_local/clang_O2/malloc_with_local.expected index f45ad3852..18761d02f 100644 --- a/src/test/correct/malloc_with_local/clang_O2/malloc_with_local.expected +++ b/src/test/correct/malloc_with_local/clang_O2/malloc_with_local.expected @@ -402,9 +402,6 @@ procedure main() R30, Gamma_R30 := 1916bv64, true; call printf(); goto l00000339; - terminate: - assume {:captureState "terminate"} true; - goto terminate; l00000350: assume {:captureState "l00000350"} true; R0, Gamma_R0 := 0bv64, true; diff --git a/src/test/correct/malloc_with_local/clang_no_plt_no_pic/malloc_with_local.expected b/src/test/correct/malloc_with_local/clang_no_plt_no_pic/malloc_with_local.expected index a614eb452..2f48de2c1 100644 --- a/src/test/correct/malloc_with_local/clang_no_plt_no_pic/malloc_with_local.expected +++ b/src/test/correct/malloc_with_local/clang_no_plt_no_pic/malloc_with_local.expected @@ -689,9 +689,6 @@ procedure main() R30, Gamma_R30 := memory_load64_le(stack, bvadd64(#5, 8bv64)), gamma_load64(Gamma_stack, bvadd64(#5, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 48bv64), Gamma_R31; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; l00000b95: assume {:captureState "l00000b95"} true; R1, Gamma_R1 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 4bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 4bv64)); diff --git a/src/test/correct/malloc_with_local/clang_pic/malloc_with_local.expected b/src/test/correct/malloc_with_local/clang_pic/malloc_with_local.expected index a614eb452..2f48de2c1 100644 --- a/src/test/correct/malloc_with_local/clang_pic/malloc_with_local.expected +++ b/src/test/correct/malloc_with_local/clang_pic/malloc_with_local.expected @@ -689,9 +689,6 @@ procedure main() R30, Gamma_R30 := memory_load64_le(stack, bvadd64(#5, 8bv64)), gamma_load64(Gamma_stack, bvadd64(#5, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 48bv64), Gamma_R31; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; l00000b95: assume {:captureState "l00000b95"} true; R1, Gamma_R1 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 4bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 4bv64)); diff --git a/src/test/correct/malloc_with_local/gcc/malloc_with_local.expected b/src/test/correct/malloc_with_local/gcc/malloc_with_local.expected index eb6ffd63c..bc66ff71f 100644 --- a/src/test/correct/malloc_with_local/gcc/malloc_with_local.expected +++ b/src/test/correct/malloc_with_local/gcc/malloc_with_local.expected @@ -714,9 +714,6 @@ procedure main() R30, Gamma_R30 := 2096bv64, true; call malloc(); goto l00000383; - terminate: - assume {:captureState "terminate"} true; - goto terminate; l00000383: assume {:captureState "l00000383"} true; stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 40bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 40bv64), Gamma_R0); diff --git a/src/test/correct/malloc_with_local/gcc_O2/malloc_with_local.expected b/src/test/correct/malloc_with_local/gcc_O2/malloc_with_local.expected index ae465b1b2..e307ba878 100644 --- a/src/test/correct/malloc_with_local/gcc_O2/malloc_with_local.expected +++ b/src/test/correct/malloc_with_local/gcc_O2/malloc_with_local.expected @@ -664,9 +664,6 @@ procedure main() R30, Gamma_R30 := 1732bv64, true; call __printf_chk(); goto l00000259; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/malloc_with_local/gcc_no_plt_no_pic/malloc_with_local.expected b/src/test/correct/malloc_with_local/gcc_no_plt_no_pic/malloc_with_local.expected index af3d2c995..e590b0096 100644 --- a/src/test/correct/malloc_with_local/gcc_no_plt_no_pic/malloc_with_local.expected +++ b/src/test/correct/malloc_with_local/gcc_no_plt_no_pic/malloc_with_local.expected @@ -727,9 +727,6 @@ procedure main() R30, Gamma_R30 := 2156bv64, true; call printf(); goto l00000b38; - terminate: - assume {:captureState "terminate"} true; - goto terminate; l00000ac0: assume {:captureState "l00000ac0"} true; stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 32bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 32bv64), Gamma_R0); diff --git a/src/test/correct/malloc_with_local/gcc_pic/malloc_with_local.expected b/src/test/correct/malloc_with_local/gcc_pic/malloc_with_local.expected index af3d2c995..e590b0096 100644 --- a/src/test/correct/malloc_with_local/gcc_pic/malloc_with_local.expected +++ b/src/test/correct/malloc_with_local/gcc_pic/malloc_with_local.expected @@ -727,9 +727,6 @@ procedure main() R30, Gamma_R30 := 2156bv64, true; call printf(); goto l00000b38; - terminate: - assume {:captureState "terminate"} true; - goto terminate; l00000ac0: assume {:captureState "l00000ac0"} true; stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 32bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 32bv64), Gamma_R0); diff --git a/src/test/correct/malloc_with_local2/clang/malloc_with_local2.expected b/src/test/correct/malloc_with_local2/clang/malloc_with_local2.expected index 17f71adec..6312b04fb 100644 --- a/src/test/correct/malloc_with_local2/clang/malloc_with_local2.expected +++ b/src/test/correct/malloc_with_local2/clang/malloc_with_local2.expected @@ -714,9 +714,6 @@ procedure main() R30, Gamma_R30 := 2224bv64, true; call printf(); goto l00000485; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/malloc_with_local2/clang_O2/malloc_with_local2.expected b/src/test/correct/malloc_with_local2/clang_O2/malloc_with_local2.expected index f45ad3852..18761d02f 100644 --- a/src/test/correct/malloc_with_local2/clang_O2/malloc_with_local2.expected +++ b/src/test/correct/malloc_with_local2/clang_O2/malloc_with_local2.expected @@ -402,9 +402,6 @@ procedure main() R30, Gamma_R30 := 1916bv64, true; call printf(); goto l00000339; - terminate: - assume {:captureState "terminate"} true; - goto terminate; l00000350: assume {:captureState "l00000350"} true; R0, Gamma_R0 := 0bv64, true; diff --git a/src/test/correct/malloc_with_local2/clang_no_plt_no_pic/malloc_with_local2.expected b/src/test/correct/malloc_with_local2/clang_no_plt_no_pic/malloc_with_local2.expected index 00a18b4c8..1734c2da4 100644 --- a/src/test/correct/malloc_with_local2/clang_no_plt_no_pic/malloc_with_local2.expected +++ b/src/test/correct/malloc_with_local2/clang_no_plt_no_pic/malloc_with_local2.expected @@ -694,9 +694,6 @@ procedure main() R30, Gamma_R30 := 2224bv64, true; call printf(); goto l00000c62; - terminate: - assume {:captureState "terminate"} true; - goto terminate; l00000c7b: assume {:captureState "l00000c7b"} true; R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R29, 18446744073709551600bv64)), gamma_load64(Gamma_stack, bvadd64(R29, 18446744073709551600bv64)); diff --git a/src/test/correct/malloc_with_local2/clang_pic/malloc_with_local2.expected b/src/test/correct/malloc_with_local2/clang_pic/malloc_with_local2.expected index 00a18b4c8..1734c2da4 100644 --- a/src/test/correct/malloc_with_local2/clang_pic/malloc_with_local2.expected +++ b/src/test/correct/malloc_with_local2/clang_pic/malloc_with_local2.expected @@ -694,9 +694,6 @@ procedure main() R30, Gamma_R30 := 2224bv64, true; call printf(); goto l00000c62; - terminate: - assume {:captureState "terminate"} true; - goto terminate; l00000c7b: assume {:captureState "l00000c7b"} true; R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R29, 18446744073709551600bv64)), gamma_load64(Gamma_stack, bvadd64(R29, 18446744073709551600bv64)); diff --git a/src/test/correct/malloc_with_local2/gcc/malloc_with_local2.expected b/src/test/correct/malloc_with_local2/gcc/malloc_with_local2.expected index 109fef269..46eea042a 100644 --- a/src/test/correct/malloc_with_local2/gcc/malloc_with_local2.expected +++ b/src/test/correct/malloc_with_local2/gcc/malloc_with_local2.expected @@ -739,9 +739,6 @@ procedure main() R30, Gamma_R30 := 2208bv64, true; call printf(); goto l00000457; - terminate: - assume {:captureState "terminate"} true; - goto terminate; l00000470: assume {:captureState "l00000470"} true; R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 40bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 40bv64)); diff --git a/src/test/correct/malloc_with_local2/gcc_O2/malloc_with_local2.expected b/src/test/correct/malloc_with_local2/gcc_O2/malloc_with_local2.expected index ae465b1b2..e307ba878 100644 --- a/src/test/correct/malloc_with_local2/gcc_O2/malloc_with_local2.expected +++ b/src/test/correct/malloc_with_local2/gcc_O2/malloc_with_local2.expected @@ -664,9 +664,6 @@ procedure main() R30, Gamma_R30 := 1732bv64, true; call __printf_chk(); goto l00000259; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/malloc_with_local2/gcc_no_plt_no_pic/malloc_with_local2.expected b/src/test/correct/malloc_with_local2/gcc_no_plt_no_pic/malloc_with_local2.expected index ebb6bcaca..b4e61835e 100644 --- a/src/test/correct/malloc_with_local2/gcc_no_plt_no_pic/malloc_with_local2.expected +++ b/src/test/correct/malloc_with_local2/gcc_no_plt_no_pic/malloc_with_local2.expected @@ -756,9 +756,6 @@ procedure main() R30, Gamma_R30 := 2208bv64, true; call printf(); goto l00000bf9; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/malloc_with_local2/gcc_pic/malloc_with_local2.expected b/src/test/correct/malloc_with_local2/gcc_pic/malloc_with_local2.expected index ebb6bcaca..b4e61835e 100644 --- a/src/test/correct/malloc_with_local2/gcc_pic/malloc_with_local2.expected +++ b/src/test/correct/malloc_with_local2/gcc_pic/malloc_with_local2.expected @@ -756,9 +756,6 @@ procedure main() R30, Gamma_R30 := 2208bv64, true; call printf(); goto l00000bf9; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/malloc_with_local3/clang/malloc_with_local3.expected b/src/test/correct/malloc_with_local3/clang/malloc_with_local3.expected index 84a07762c..76e8a9229 100644 --- a/src/test/correct/malloc_with_local3/clang/malloc_with_local3.expected +++ b/src/test/correct/malloc_with_local3/clang/malloc_with_local3.expected @@ -741,9 +741,6 @@ procedure main() R30, Gamma_R30 := 2192bv64, true; call printCharValue(); goto l00000504; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; @@ -1205,9 +1202,6 @@ procedure printCharValue() R30, Gamma_R30 := memory_load64_le(stack, bvadd64(#6, 8bv64)), gamma_load64(Gamma_stack, bvadd64(#6, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; goto printCharValue_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; printCharValue_return: assume {:captureState "printCharValue_return"} true; return; diff --git a/src/test/correct/malloc_with_local3/clang_O2/malloc_with_local3.expected b/src/test/correct/malloc_with_local3/clang_O2/malloc_with_local3.expected index 83b48b5ce..df1c6a9c7 100644 --- a/src/test/correct/malloc_with_local3/clang_O2/malloc_with_local3.expected +++ b/src/test/correct/malloc_with_local3/clang_O2/malloc_with_local3.expected @@ -420,9 +420,6 @@ procedure main() R30, Gamma_R30 := 1916bv64, true; call printf(); goto l00000359; - terminate: - assume {:captureState "terminate"} true; - goto terminate; l00000370: assume {:captureState "l00000370"} true; R0, Gamma_R0 := 0bv64, true; diff --git a/src/test/correct/malloc_with_local3/clang_no_plt_no_pic/malloc_with_local3.expected b/src/test/correct/malloc_with_local3/clang_no_plt_no_pic/malloc_with_local3.expected index d02be9c89..893156155 100644 --- a/src/test/correct/malloc_with_local3/clang_no_plt_no_pic/malloc_with_local3.expected +++ b/src/test/correct/malloc_with_local3/clang_no_plt_no_pic/malloc_with_local3.expected @@ -729,9 +729,6 @@ procedure main() R30, Gamma_R30 := 2124bv64, true; call malloc(); goto l00000c9d; - terminate: - assume {:captureState "terminate"} true; - goto terminate; l00000c9d: assume {:captureState "l00000c9d"} true; R8, Gamma_R8 := R0, Gamma_R0; @@ -1205,9 +1202,6 @@ procedure printCharValue() R30, Gamma_R30 := memory_load64_le(stack, bvadd64(#6, 8bv64)), gamma_load64(Gamma_stack, bvadd64(#6, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; goto printCharValue_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; printCharValue_return: assume {:captureState "printCharValue_return"} true; return; diff --git a/src/test/correct/malloc_with_local3/clang_pic/malloc_with_local3.expected b/src/test/correct/malloc_with_local3/clang_pic/malloc_with_local3.expected index d02be9c89..893156155 100644 --- a/src/test/correct/malloc_with_local3/clang_pic/malloc_with_local3.expected +++ b/src/test/correct/malloc_with_local3/clang_pic/malloc_with_local3.expected @@ -729,9 +729,6 @@ procedure main() R30, Gamma_R30 := 2124bv64, true; call malloc(); goto l00000c9d; - terminate: - assume {:captureState "terminate"} true; - goto terminate; l00000c9d: assume {:captureState "l00000c9d"} true; R8, Gamma_R8 := R0, Gamma_R0; @@ -1205,9 +1202,6 @@ procedure printCharValue() R30, Gamma_R30 := memory_load64_le(stack, bvadd64(#6, 8bv64)), gamma_load64(Gamma_stack, bvadd64(#6, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; goto printCharValue_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; printCharValue_return: assume {:captureState "printCharValue_return"} true; return; diff --git a/src/test/correct/malloc_with_local3/gcc/malloc_with_local3.expected b/src/test/correct/malloc_with_local3/gcc/malloc_with_local3.expected index 448fa0cac..25c1ec272 100644 --- a/src/test/correct/malloc_with_local3/gcc/malloc_with_local3.expected +++ b/src/test/correct/malloc_with_local3/gcc/malloc_with_local3.expected @@ -766,9 +766,6 @@ procedure main() R30, Gamma_R30 := 2124bv64, true; call malloc(); goto l00000405; - terminate: - assume {:captureState "terminate"} true; - goto terminate; l00000529: assume {:captureState "l00000529"} true; R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 48bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 48bv64)); @@ -1272,9 +1269,6 @@ procedure printCharValue() R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; goto printCharValue_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; printCharValue_return: assume {:captureState "printCharValue_return"} true; return; diff --git a/src/test/correct/malloc_with_local3/gcc_O2/malloc_with_local3.expected b/src/test/correct/malloc_with_local3/gcc_O2/malloc_with_local3.expected index 172781bea..eedb137f9 100644 --- a/src/test/correct/malloc_with_local3/gcc_O2/malloc_with_local3.expected +++ b/src/test/correct/malloc_with_local3/gcc_O2/malloc_with_local3.expected @@ -915,9 +915,6 @@ procedure main() R30, Gamma_R30 := 1876bv64, true; call #free(); goto l000002e0; - terminate: - assume {:captureState "terminate"} true; - goto terminate; l000002e0: assume {:captureState "l000002e0"} true; R0, Gamma_R0 := 0bv64, true; @@ -1382,9 +1379,6 @@ procedure printCharValue() call __printf_chk(); //no return target assume false; - terminate: - assume {:captureState "terminate"} true; - goto terminate; printCharValue_return: assume {:captureState "printCharValue_return"} true; return; diff --git a/src/test/correct/malloc_with_local3/gcc_no_plt_no_pic/malloc_with_local3.expected b/src/test/correct/malloc_with_local3/gcc_no_plt_no_pic/malloc_with_local3.expected index 42e445b67..5354e811e 100644 --- a/src/test/correct/malloc_with_local3/gcc_no_plt_no_pic/malloc_with_local3.expected +++ b/src/test/correct/malloc_with_local3/gcc_no_plt_no_pic/malloc_with_local3.expected @@ -731,9 +731,6 @@ procedure main() R30, Gamma_R30 := 2224bv64, true; call #free(); goto l00000d93; - terminate: - assume {:captureState "terminate"} true; - goto terminate; l00000c61: assume {:captureState "l00000c61"} true; stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 56bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 56bv64), Gamma_R0); @@ -1272,9 +1269,6 @@ procedure printCharValue() R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; goto printCharValue_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; printCharValue_return: assume {:captureState "printCharValue_return"} true; return; diff --git a/src/test/correct/malloc_with_local3/gcc_pic/malloc_with_local3.expected b/src/test/correct/malloc_with_local3/gcc_pic/malloc_with_local3.expected index 42e445b67..5354e811e 100644 --- a/src/test/correct/malloc_with_local3/gcc_pic/malloc_with_local3.expected +++ b/src/test/correct/malloc_with_local3/gcc_pic/malloc_with_local3.expected @@ -731,9 +731,6 @@ procedure main() R30, Gamma_R30 := 2224bv64, true; call #free(); goto l00000d93; - terminate: - assume {:captureState "terminate"} true; - goto terminate; l00000c61: assume {:captureState "l00000c61"} true; stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 56bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 56bv64), Gamma_R0); @@ -1272,9 +1269,6 @@ procedure printCharValue() R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; goto printCharValue_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; printCharValue_return: assume {:captureState "printCharValue_return"} true; return; diff --git a/src/test/correct/multi_malloc/clang/multi_malloc.expected b/src/test/correct/multi_malloc/clang/multi_malloc.expected index 74a2cc464..f985382be 100644 --- a/src/test/correct/multi_malloc/clang/multi_malloc.expected +++ b/src/test/correct/multi_malloc/clang/multi_malloc.expected @@ -527,9 +527,6 @@ procedure main() R30, Gamma_R30 := 2188bv64, true; call #free(); goto l0000040d; - terminate: - assume {:captureState "terminate"} true; - goto terminate; l0000038d: assume {:captureState "l0000038d"} true; stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 8bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 8bv64), Gamma_R0); diff --git a/src/test/correct/multi_malloc/clang_O2/multi_malloc.expected b/src/test/correct/multi_malloc/clang_O2/multi_malloc.expected index 978c7cdae..9183c7a5d 100644 --- a/src/test/correct/multi_malloc/clang_O2/multi_malloc.expected +++ b/src/test/correct/multi_malloc/clang_O2/multi_malloc.expected @@ -320,9 +320,6 @@ procedure main() R30, Gamma_R30 := 1916bv64, true; call printf(); goto l00000329; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/multi_malloc/clang_no_plt_no_pic/multi_malloc.expected b/src/test/correct/multi_malloc/clang_no_plt_no_pic/multi_malloc.expected index b822714e1..6783406ce 100644 --- a/src/test/correct/multi_malloc/clang_no_plt_no_pic/multi_malloc.expected +++ b/src/test/correct/multi_malloc/clang_no_plt_no_pic/multi_malloc.expected @@ -551,9 +551,6 @@ procedure main() R30, Gamma_R30 := 2196bv64, true; call #free(); goto l00000b49; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/multi_malloc/clang_pic/multi_malloc.expected b/src/test/correct/multi_malloc/clang_pic/multi_malloc.expected index b822714e1..6783406ce 100644 --- a/src/test/correct/multi_malloc/clang_pic/multi_malloc.expected +++ b/src/test/correct/multi_malloc/clang_pic/multi_malloc.expected @@ -551,9 +551,6 @@ procedure main() R30, Gamma_R30 := 2196bv64, true; call #free(); goto l00000b49; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/multi_malloc/gcc/multi_malloc.expected b/src/test/correct/multi_malloc/gcc/multi_malloc.expected index 431047675..d4f55bda5 100644 --- a/src/test/correct/multi_malloc/gcc/multi_malloc.expected +++ b/src/test/correct/multi_malloc/gcc/multi_malloc.expected @@ -571,9 +571,6 @@ procedure main() R30, Gamma_R30 := 2172bv64, true; call printf(); goto l000003e8; - terminate: - assume {:captureState "terminate"} true; - goto terminate; l0000036b: assume {:captureState "l0000036b"} true; stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 24bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 24bv64), Gamma_R0); diff --git a/src/test/correct/multi_malloc/gcc_O2/multi_malloc.expected b/src/test/correct/multi_malloc/gcc_O2/multi_malloc.expected index f89076ba9..344e7da35 100644 --- a/src/test/correct/multi_malloc/gcc_O2/multi_malloc.expected +++ b/src/test/correct/multi_malloc/gcc_O2/multi_malloc.expected @@ -504,9 +504,6 @@ procedure main() R30, Gamma_R30 := 1692bv64, true; call __printf_chk(); goto l000001e1; - terminate: - assume {:captureState "terminate"} true; - goto terminate; l000001e1: assume {:captureState "l000001e1"} true; R2, Gamma_R2 := 42bv64, true; diff --git a/src/test/correct/multi_malloc/gcc_no_plt_no_pic/multi_malloc.expected b/src/test/correct/multi_malloc/gcc_no_plt_no_pic/multi_malloc.expected index 0e6ad18e2..e1057b8ea 100644 --- a/src/test/correct/multi_malloc/gcc_no_plt_no_pic/multi_malloc.expected +++ b/src/test/correct/multi_malloc/gcc_no_plt_no_pic/multi_malloc.expected @@ -588,9 +588,6 @@ procedure main() R30, Gamma_R30 := 2180bv64, true; call #free(); goto l00000b04; - terminate: - assume {:captureState "terminate"} true; - goto terminate; l00000a64: assume {:captureState "l00000a64"} true; stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 16bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 16bv64), Gamma_R0); diff --git a/src/test/correct/multi_malloc/gcc_pic/multi_malloc.expected b/src/test/correct/multi_malloc/gcc_pic/multi_malloc.expected index 0e6ad18e2..e1057b8ea 100644 --- a/src/test/correct/multi_malloc/gcc_pic/multi_malloc.expected +++ b/src/test/correct/multi_malloc/gcc_pic/multi_malloc.expected @@ -588,9 +588,6 @@ procedure main() R30, Gamma_R30 := 2180bv64, true; call #free(); goto l00000b04; - terminate: - assume {:captureState "terminate"} true; - goto terminate; l00000a64: assume {:captureState "l00000a64"} true; stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 16bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 16bv64), Gamma_R0); diff --git a/src/test/correct/nestedif/clang/nestedif.expected b/src/test/correct/nestedif/clang/nestedif.expected index 1d3419ecb..ce29fb5ad 100644 --- a/src/test/correct/nestedif/clang/nestedif.expected +++ b/src/test/correct/nestedif/clang/nestedif.expected @@ -355,9 +355,6 @@ procedure main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#6, 1bv32)), Gamma_#6; assert Gamma_ZF; goto l000003c0_goto_l000003eb, l000003c0_goto_l000003ee; - terminate: - assume {:captureState "terminate"} true; - goto terminate; l000003b8_goto_l000003c0: assume {:captureState "l000003b8_goto_l000003c0"} true; assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); diff --git a/src/test/correct/nestedif/clang_O2/nestedif.expected b/src/test/correct/nestedif/clang_O2/nestedif.expected index 91c86ad15..dfea39b15 100644 --- a/src/test/correct/nestedif/clang_O2/nestedif.expected +++ b/src/test/correct/nestedif/clang_O2/nestedif.expected @@ -158,9 +158,6 @@ procedure main() assume {:captureState "lmain"} true; R0, Gamma_R0 := 0bv64, true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/nestedif/clang_no_plt_no_pic/nestedif.expected b/src/test/correct/nestedif/clang_no_plt_no_pic/nestedif.expected index 3d639f655..77e5c4465 100644 --- a/src/test/correct/nestedif/clang_no_plt_no_pic/nestedif.expected +++ b/src/test/correct/nestedif/clang_no_plt_no_pic/nestedif.expected @@ -361,9 +361,6 @@ procedure main() assume {:captureState "l00000b22"} true; assert Gamma_R8; goto l00000b22_goto_l00000b49, l00000b22_goto_l00000b2a; - terminate: - assume {:captureState "terminate"} true; - goto terminate; l00000b22_goto_l00000b2a: assume {:captureState "l00000b22_goto_l00000b2a"} true; assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); diff --git a/src/test/correct/nestedif/clang_pic/nestedif.expected b/src/test/correct/nestedif/clang_pic/nestedif.expected index 3d639f655..77e5c4465 100644 --- a/src/test/correct/nestedif/clang_pic/nestedif.expected +++ b/src/test/correct/nestedif/clang_pic/nestedif.expected @@ -361,9 +361,6 @@ procedure main() assume {:captureState "l00000b22"} true; assert Gamma_R8; goto l00000b22_goto_l00000b49, l00000b22_goto_l00000b2a; - terminate: - assume {:captureState "terminate"} true; - goto terminate; l00000b22_goto_l00000b2a: assume {:captureState "l00000b22_goto_l00000b2a"} true; assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); diff --git a/src/test/correct/nestedif/gcc/nestedif.expected b/src/test/correct/nestedif/gcc/nestedif.expected index 6d0a8fc32..3f06c4fa0 100644 --- a/src/test/correct/nestedif/gcc/nestedif.expected +++ b/src/test/correct/nestedif/gcc/nestedif.expected @@ -269,9 +269,6 @@ procedure main() assume {:captureState "lmain_goto_l00000345"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); goto l00000345; - terminate: - assume {:captureState "terminate"} true; - goto terminate; l0000036b: assume {:captureState "l0000036b"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); diff --git a/src/test/correct/nestedif/gcc_O2/nestedif.expected b/src/test/correct/nestedif/gcc_O2/nestedif.expected index 0918aa3d9..d1a99d9c1 100644 --- a/src/test/correct/nestedif/gcc_O2/nestedif.expected +++ b/src/test/correct/nestedif/gcc_O2/nestedif.expected @@ -158,9 +158,6 @@ procedure main() assume {:captureState "lmain"} true; R0, Gamma_R0 := 0bv64, true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/nestedif/gcc_no_plt_no_pic/nestedif.expected b/src/test/correct/nestedif/gcc_no_plt_no_pic/nestedif.expected index 2ef618ea9..f184dd5bb 100644 --- a/src/test/correct/nestedif/gcc_no_plt_no_pic/nestedif.expected +++ b/src/test/correct/nestedif/gcc_no_plt_no_pic/nestedif.expected @@ -277,9 +277,6 @@ procedure main() assume {:captureState "l000009e1_goto_l00000a07"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); goto l00000a07; - terminate: - assume {:captureState "terminate"} true; - goto terminate; l00000a42: assume {:captureState "l00000a42"} true; R0, Gamma_R0 := 7bv64, true; diff --git a/src/test/correct/nestedif/gcc_pic/nestedif.expected b/src/test/correct/nestedif/gcc_pic/nestedif.expected index 2ef618ea9..f184dd5bb 100644 --- a/src/test/correct/nestedif/gcc_pic/nestedif.expected +++ b/src/test/correct/nestedif/gcc_pic/nestedif.expected @@ -277,9 +277,6 @@ procedure main() assume {:captureState "l000009e1_goto_l00000a07"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); goto l00000a07; - terminate: - assume {:captureState "terminate"} true; - goto terminate; l00000a42: assume {:captureState "l00000a42"} true; R0, Gamma_R0 := 7bv64, true; diff --git a/src/test/correct/no_interference_update_x/clang/no_interference_update_x.expected b/src/test/correct/no_interference_update_x/clang/no_interference_update_x.expected index 009e6ae45..52a721274 100644 --- a/src/test/correct/no_interference_update_x/clang/no_interference_update_x.expected +++ b/src/test/correct/no_interference_update_x/clang/no_interference_update_x.expected @@ -196,9 +196,6 @@ procedure main() assume {:captureState "%000002ce"} true; R0, Gamma_R0 := 0bv64, true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/no_interference_update_x/clang_O2/no_interference_update_x.expected b/src/test/correct/no_interference_update_x/clang_O2/no_interference_update_x.expected index 5bdc78f2c..ba0ef98ab 100644 --- a/src/test/correct/no_interference_update_x/clang_O2/no_interference_update_x.expected +++ b/src/test/correct/no_interference_update_x/clang_O2/no_interference_update_x.expected @@ -196,9 +196,6 @@ procedure main() assert (memory_load32_le(mem, $y_addr) == y_old); assume {:captureState "%000002d3"} true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/no_interference_update_x/clang_no_plt_no_pic/no_interference_update_x.expected b/src/test/correct/no_interference_update_x/clang_no_plt_no_pic/no_interference_update_x.expected index e930a15fe..68aaa37ea 100644 --- a/src/test/correct/no_interference_update_x/clang_no_plt_no_pic/no_interference_update_x.expected +++ b/src/test/correct/no_interference_update_x/clang_no_plt_no_pic/no_interference_update_x.expected @@ -196,9 +196,6 @@ procedure main() assume {:captureState "%00000845"} true; R0, Gamma_R0 := 0bv64, true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/no_interference_update_x/clang_pic/no_interference_update_x.expected b/src/test/correct/no_interference_update_x/clang_pic/no_interference_update_x.expected index e59f5333a..17f94791c 100644 --- a/src/test/correct/no_interference_update_x/clang_pic/no_interference_update_x.expected +++ b/src/test/correct/no_interference_update_x/clang_pic/no_interference_update_x.expected @@ -230,9 +230,6 @@ procedure main() assume {:captureState "%000002d9"} true; R0, Gamma_R0 := 0bv64, true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/no_interference_update_x/gcc/no_interference_update_x.expected b/src/test/correct/no_interference_update_x/gcc/no_interference_update_x.expected index 5cbe32bf9..796392efa 100644 --- a/src/test/correct/no_interference_update_x/gcc/no_interference_update_x.expected +++ b/src/test/correct/no_interference_update_x/gcc/no_interference_update_x.expected @@ -195,9 +195,6 @@ procedure main() assume {:captureState "%000002d8"} true; R0, Gamma_R0 := 0bv64, true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/no_interference_update_x/gcc_O2/no_interference_update_x.expected b/src/test/correct/no_interference_update_x/gcc_O2/no_interference_update_x.expected index fb0cfcf5b..80ad6b226 100644 --- a/src/test/correct/no_interference_update_x/gcc_O2/no_interference_update_x.expected +++ b/src/test/correct/no_interference_update_x/gcc_O2/no_interference_update_x.expected @@ -196,9 +196,6 @@ procedure main() assert (memory_load32_le(mem, $y_addr) == y_old); assume {:captureState "%000001bd"} true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/no_interference_update_x/gcc_no_plt_no_pic/no_interference_update_x.expected b/src/test/correct/no_interference_update_x/gcc_no_plt_no_pic/no_interference_update_x.expected index 2f16d6159..bacfca675 100644 --- a/src/test/correct/no_interference_update_x/gcc_no_plt_no_pic/no_interference_update_x.expected +++ b/src/test/correct/no_interference_update_x/gcc_no_plt_no_pic/no_interference_update_x.expected @@ -195,9 +195,6 @@ procedure main() assume {:captureState "%0000085b"} true; R0, Gamma_R0 := 0bv64, true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/no_interference_update_x/gcc_pic/no_interference_update_x.expected b/src/test/correct/no_interference_update_x/gcc_pic/no_interference_update_x.expected index 51d8ed8f9..7d321884a 100644 --- a/src/test/correct/no_interference_update_x/gcc_pic/no_interference_update_x.expected +++ b/src/test/correct/no_interference_update_x/gcc_pic/no_interference_update_x.expected @@ -228,9 +228,6 @@ procedure main() assume {:captureState "%000002d9"} true; R0, Gamma_R0 := 0bv64, true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/no_interference_update_y/clang/no_interference_update_y.expected b/src/test/correct/no_interference_update_y/clang/no_interference_update_y.expected index 8cdef6db0..8ff9983fd 100644 --- a/src/test/correct/no_interference_update_y/clang/no_interference_update_y.expected +++ b/src/test/correct/no_interference_update_y/clang/no_interference_update_y.expected @@ -196,9 +196,6 @@ procedure main() assume {:captureState "%000002ce"} true; R0, Gamma_R0 := 0bv64, true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/no_interference_update_y/clang_O2/no_interference_update_y.expected b/src/test/correct/no_interference_update_y/clang_O2/no_interference_update_y.expected index 86206551f..3fb385769 100644 --- a/src/test/correct/no_interference_update_y/clang_O2/no_interference_update_y.expected +++ b/src/test/correct/no_interference_update_y/clang_O2/no_interference_update_y.expected @@ -196,9 +196,6 @@ procedure main() assert (memory_load32_le(mem, $x_addr) == x_old); assume {:captureState "%000002d3"} true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/no_interference_update_y/clang_no_plt_no_pic/no_interference_update_y.expected b/src/test/correct/no_interference_update_y/clang_no_plt_no_pic/no_interference_update_y.expected index 80c33d6ed..5586c168e 100644 --- a/src/test/correct/no_interference_update_y/clang_no_plt_no_pic/no_interference_update_y.expected +++ b/src/test/correct/no_interference_update_y/clang_no_plt_no_pic/no_interference_update_y.expected @@ -196,9 +196,6 @@ procedure main() assume {:captureState "%00000845"} true; R0, Gamma_R0 := 0bv64, true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/no_interference_update_y/clang_pic/no_interference_update_y.expected b/src/test/correct/no_interference_update_y/clang_pic/no_interference_update_y.expected index e37d80782..6249783da 100644 --- a/src/test/correct/no_interference_update_y/clang_pic/no_interference_update_y.expected +++ b/src/test/correct/no_interference_update_y/clang_pic/no_interference_update_y.expected @@ -230,9 +230,6 @@ procedure main() assume {:captureState "%000002d9"} true; R0, Gamma_R0 := 0bv64, true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/no_interference_update_y/gcc/no_interference_update_y.expected b/src/test/correct/no_interference_update_y/gcc/no_interference_update_y.expected index e53abcb67..d11228af2 100644 --- a/src/test/correct/no_interference_update_y/gcc/no_interference_update_y.expected +++ b/src/test/correct/no_interference_update_y/gcc/no_interference_update_y.expected @@ -195,9 +195,6 @@ procedure main() assume {:captureState "%000002d8"} true; R0, Gamma_R0 := 0bv64, true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/no_interference_update_y/gcc_O2/no_interference_update_y.expected b/src/test/correct/no_interference_update_y/gcc_O2/no_interference_update_y.expected index 670bf9dce..044e10421 100644 --- a/src/test/correct/no_interference_update_y/gcc_O2/no_interference_update_y.expected +++ b/src/test/correct/no_interference_update_y/gcc_O2/no_interference_update_y.expected @@ -196,9 +196,6 @@ procedure main() assert (memory_load32_le(mem, $x_addr) == x_old); assume {:captureState "%000001bd"} true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/no_interference_update_y/gcc_no_plt_no_pic/no_interference_update_y.expected b/src/test/correct/no_interference_update_y/gcc_no_plt_no_pic/no_interference_update_y.expected index 20ebed36e..10f39e759 100644 --- a/src/test/correct/no_interference_update_y/gcc_no_plt_no_pic/no_interference_update_y.expected +++ b/src/test/correct/no_interference_update_y/gcc_no_plt_no_pic/no_interference_update_y.expected @@ -195,9 +195,6 @@ procedure main() assume {:captureState "%0000085b"} true; R0, Gamma_R0 := 0bv64, true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/no_interference_update_y/gcc_pic/no_interference_update_y.expected b/src/test/correct/no_interference_update_y/gcc_pic/no_interference_update_y.expected index 60923f161..47bb5cfb0 100644 --- a/src/test/correct/no_interference_update_y/gcc_pic/no_interference_update_y.expected +++ b/src/test/correct/no_interference_update_y/gcc_pic/no_interference_update_y.expected @@ -228,9 +228,6 @@ procedure main() assume {:captureState "%000002d9"} true; R0, Gamma_R0 := 0bv64, true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/secret_write/clang/secret_write.expected b/src/test/correct/secret_write/clang/secret_write.expected index 16724cc83..450dbdd7a 100644 --- a/src/test/correct/secret_write/clang/secret_write.expected +++ b/src/test/correct/secret_write/clang/secret_write.expected @@ -258,9 +258,6 @@ procedure main() assert bvsge32(memory_load32_le(mem, $z_addr), z_old); assume {:captureState "%0000033f"} true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/secret_write/clang_O2/secret_write.expected b/src/test/correct/secret_write/clang_O2/secret_write.expected index de15862c0..f0ee8f29a 100644 --- a/src/test/correct/secret_write/clang_O2/secret_write.expected +++ b/src/test/correct/secret_write/clang_O2/secret_write.expected @@ -224,9 +224,6 @@ procedure main() assert bvsge32(memory_load32_le(mem, $z_addr), z_old); assume {:captureState "%000002e7"} true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/secret_write/clang_no_plt_no_pic/secret_write.expected b/src/test/correct/secret_write/clang_no_plt_no_pic/secret_write.expected index 030e3be43..8960f5767 100644 --- a/src/test/correct/secret_write/clang_no_plt_no_pic/secret_write.expected +++ b/src/test/correct/secret_write/clang_no_plt_no_pic/secret_write.expected @@ -258,9 +258,6 @@ procedure main() assert bvsge32(memory_load32_le(mem, $z_addr), z_old); assume {:captureState "%00000936"} true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/secret_write/clang_pic/secret_write.expected b/src/test/correct/secret_write/clang_pic/secret_write.expected index ad9cb3006..fdea919ab 100644 --- a/src/test/correct/secret_write/clang_pic/secret_write.expected +++ b/src/test/correct/secret_write/clang_pic/secret_write.expected @@ -344,9 +344,6 @@ procedure main() assert bvsge32(memory_load32_le(mem, $z_addr), z_old); assume {:captureState "%00000360"} true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/secret_write/gcc/secret_write.expected b/src/test/correct/secret_write/gcc/secret_write.expected index 04ecbda5f..70a913e3b 100644 --- a/src/test/correct/secret_write/gcc/secret_write.expected +++ b/src/test/correct/secret_write/gcc/secret_write.expected @@ -267,9 +267,6 @@ procedure main() assume {:captureState "%000003b7"} true; R0, Gamma_R0 := 0bv64, true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/secret_write/gcc_O2/secret_write.expected b/src/test/correct/secret_write/gcc_O2/secret_write.expected index 53529e4f5..bb0633f1f 100644 --- a/src/test/correct/secret_write/gcc_O2/secret_write.expected +++ b/src/test/correct/secret_write/gcc_O2/secret_write.expected @@ -224,9 +224,6 @@ procedure main() assert bvsge32(memory_load32_le(mem, $z_addr), z_old); assume {:captureState "%000001ca"} true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/secret_write/gcc_no_plt_no_pic/secret_write.expected b/src/test/correct/secret_write/gcc_no_plt_no_pic/secret_write.expected index d3fa78bba..394683b3d 100644 --- a/src/test/correct/secret_write/gcc_no_plt_no_pic/secret_write.expected +++ b/src/test/correct/secret_write/gcc_no_plt_no_pic/secret_write.expected @@ -267,9 +267,6 @@ procedure main() assume {:captureState "%00000a45"} true; R0, Gamma_R0 := 0bv64, true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/secret_write/gcc_pic/secret_write.expected b/src/test/correct/secret_write/gcc_pic/secret_write.expected index ff4632805..31ba8ced8 100644 --- a/src/test/correct/secret_write/gcc_pic/secret_write.expected +++ b/src/test/correct/secret_write/gcc_pic/secret_write.expected @@ -355,9 +355,6 @@ procedure main() assume {:captureState "%000003bf"} true; R0, Gamma_R0 := 0bv64, true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/simple_jump/clang/simple_jump.expected b/src/test/correct/simple_jump/clang/simple_jump.expected index 32def4468..94af3e864 100644 --- a/src/test/correct/simple_jump/clang/simple_jump.expected +++ b/src/test/correct/simple_jump/clang/simple_jump.expected @@ -245,9 +245,6 @@ procedure main() stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 8bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 8bv64), Gamma_R8); assume {:captureState "%0000035a"} true; goto l00000334; - terminate: - assume {:captureState "terminate"} true; - goto terminate; l0000032c_goto_l00000334: assume {:captureState "l0000032c_goto_l00000334"} true; assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); diff --git a/src/test/correct/simple_jump/clang_O2/simple_jump.expected b/src/test/correct/simple_jump/clang_O2/simple_jump.expected index 91c86ad15..dfea39b15 100644 --- a/src/test/correct/simple_jump/clang_O2/simple_jump.expected +++ b/src/test/correct/simple_jump/clang_O2/simple_jump.expected @@ -158,9 +158,6 @@ procedure main() assume {:captureState "lmain"} true; R0, Gamma_R0 := 0bv64, true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/simple_jump/clang_no_plt_no_pic/simple_jump.expected b/src/test/correct/simple_jump/clang_no_plt_no_pic/simple_jump.expected index 1c39d87d8..d0115cb6b 100644 --- a/src/test/correct/simple_jump/clang_no_plt_no_pic/simple_jump.expected +++ b/src/test/correct/simple_jump/clang_no_plt_no_pic/simple_jump.expected @@ -253,9 +253,6 @@ procedure main() assume {:captureState "lmain_goto_l0000093b"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); goto l0000093b; - terminate: - assume {:captureState "terminate"} true; - goto terminate; l00000938: assume {:captureState "l00000938"} true; R8, Gamma_R8 := 0bv64, true; diff --git a/src/test/correct/simple_jump/clang_pic/simple_jump.expected b/src/test/correct/simple_jump/clang_pic/simple_jump.expected index 1c39d87d8..d0115cb6b 100644 --- a/src/test/correct/simple_jump/clang_pic/simple_jump.expected +++ b/src/test/correct/simple_jump/clang_pic/simple_jump.expected @@ -253,9 +253,6 @@ procedure main() assume {:captureState "lmain_goto_l0000093b"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); goto l0000093b; - terminate: - assume {:captureState "terminate"} true; - goto terminate; l00000938: assume {:captureState "l00000938"} true; R8, Gamma_R8 := 0bv64, true; diff --git a/src/test/correct/simple_jump/gcc/simple_jump.expected b/src/test/correct/simple_jump/gcc/simple_jump.expected index 4845c038c..60ddc4709 100644 --- a/src/test/correct/simple_jump/gcc/simple_jump.expected +++ b/src/test/correct/simple_jump/gcc/simple_jump.expected @@ -229,9 +229,6 @@ procedure main() assume {:captureState "lmain_goto_l0000031f"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); goto l0000031f; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/simple_jump/gcc_O2/simple_jump.expected b/src/test/correct/simple_jump/gcc_O2/simple_jump.expected index 0918aa3d9..d1a99d9c1 100644 --- a/src/test/correct/simple_jump/gcc_O2/simple_jump.expected +++ b/src/test/correct/simple_jump/gcc_O2/simple_jump.expected @@ -158,9 +158,6 @@ procedure main() assume {:captureState "lmain"} true; R0, Gamma_R0 := 0bv64, true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/simple_jump/gcc_no_plt_no_pic/simple_jump.expected b/src/test/correct/simple_jump/gcc_no_plt_no_pic/simple_jump.expected index 89636d949..dbe9ccb79 100644 --- a/src/test/correct/simple_jump/gcc_no_plt_no_pic/simple_jump.expected +++ b/src/test/correct/simple_jump/gcc_no_plt_no_pic/simple_jump.expected @@ -229,9 +229,6 @@ procedure main() assume {:captureState "lmain_goto_l000008f6"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); goto l000008f6; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/simple_jump/gcc_pic/simple_jump.expected b/src/test/correct/simple_jump/gcc_pic/simple_jump.expected index 89636d949..dbe9ccb79 100644 --- a/src/test/correct/simple_jump/gcc_pic/simple_jump.expected +++ b/src/test/correct/simple_jump/gcc_pic/simple_jump.expected @@ -229,9 +229,6 @@ procedure main() assume {:captureState "lmain_goto_l000008f6"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); goto l000008f6; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/switch/clang/switch.expected b/src/test/correct/switch/clang/switch.expected index ab60b0f1e..5e8934bbf 100644 --- a/src/test/correct/switch/clang/switch.expected +++ b/src/test/correct/switch/clang/switch.expected @@ -293,9 +293,6 @@ procedure main() assume {:captureState "l0000035d"} true; R8, Gamma_R8 := 1bv64, true; goto l00000360; - terminate: - assume {:captureState "terminate"} true; - goto terminate; l0000039b: assume {:captureState "l0000039b"} true; R8, Gamma_R8 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 4bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 4bv64)); diff --git a/src/test/correct/switch/clang_O2/switch.expected b/src/test/correct/switch/clang_O2/switch.expected index abc430756..58fb5e478 100644 --- a/src/test/correct/switch/clang_O2/switch.expected +++ b/src/test/correct/switch/clang_O2/switch.expected @@ -154,9 +154,6 @@ procedure main() lmain: assume {:captureState "lmain"} true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/switch/clang_no_plt_no_pic/switch.expected b/src/test/correct/switch/clang_no_plt_no_pic/switch.expected index cd59561db..3bdd2f86a 100644 --- a/src/test/correct/switch/clang_no_plt_no_pic/switch.expected +++ b/src/test/correct/switch/clang_no_plt_no_pic/switch.expected @@ -293,9 +293,6 @@ procedure main() assume {:captureState "l00000a79"} true; R8, Gamma_R8 := 0bv64, true; goto l00000a7f; - terminate: - assume {:captureState "terminate"} true; - goto terminate; l00000a30: assume {:captureState "l00000a30"} true; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; diff --git a/src/test/correct/switch/clang_pic/switch.expected b/src/test/correct/switch/clang_pic/switch.expected index cd59561db..3bdd2f86a 100644 --- a/src/test/correct/switch/clang_pic/switch.expected +++ b/src/test/correct/switch/clang_pic/switch.expected @@ -293,9 +293,6 @@ procedure main() assume {:captureState "l00000a79"} true; R8, Gamma_R8 := 0bv64, true; goto l00000a7f; - terminate: - assume {:captureState "terminate"} true; - goto terminate; l00000a30: assume {:captureState "l00000a30"} true; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; diff --git a/src/test/correct/switch/gcc/switch.expected b/src/test/correct/switch/gcc/switch.expected index 90db08d2e..489330001 100644 --- a/src/test/correct/switch/gcc/switch.expected +++ b/src/test/correct/switch/gcc/switch.expected @@ -252,9 +252,6 @@ procedure main() assume {:captureState "l0000034c"} true; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; l0000036b: assume {:captureState "l0000036b"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); diff --git a/src/test/correct/switch/gcc_O2/switch.expected b/src/test/correct/switch/gcc_O2/switch.expected index ab6b5b132..c9457a096 100644 --- a/src/test/correct/switch/gcc_O2/switch.expected +++ b/src/test/correct/switch/gcc_O2/switch.expected @@ -154,9 +154,6 @@ procedure main() lmain: assume {:captureState "lmain"} true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/switch/gcc_no_plt_no_pic/switch.expected b/src/test/correct/switch/gcc_no_plt_no_pic/switch.expected index 5046a0757..a169cdfc5 100644 --- a/src/test/correct/switch/gcc_no_plt_no_pic/switch.expected +++ b/src/test/correct/switch/gcc_no_plt_no_pic/switch.expected @@ -258,9 +258,6 @@ procedure main() assume {:captureState "lmain_goto_l000009ca"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); goto l000009ca; - terminate: - assume {:captureState "terminate"} true; - goto terminate; l000009ca_goto_l000009bb: assume {:captureState "l000009ca_goto_l000009bb"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); diff --git a/src/test/correct/switch/gcc_pic/switch.expected b/src/test/correct/switch/gcc_pic/switch.expected index 5046a0757..a169cdfc5 100644 --- a/src/test/correct/switch/gcc_pic/switch.expected +++ b/src/test/correct/switch/gcc_pic/switch.expected @@ -258,9 +258,6 @@ procedure main() assume {:captureState "lmain_goto_l000009ca"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); goto l000009ca; - terminate: - assume {:captureState "terminate"} true; - goto terminate; l000009ca_goto_l000009bb: assume {:captureState "l000009ca_goto_l000009bb"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); diff --git a/src/test/correct/switch2/clang_O2/switch2.expected b/src/test/correct/switch2/clang_O2/switch2.expected index 4e38cac8c..1ea554c59 100644 --- a/src/test/correct/switch2/clang_O2/switch2.expected +++ b/src/test/correct/switch2/clang_O2/switch2.expected @@ -154,9 +154,6 @@ procedure main() lmain: assume {:captureState "lmain"} true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/switch2/gcc/switch2.expected b/src/test/correct/switch2/gcc/switch2.expected index 04e893fba..ef73128bc 100644 --- a/src/test/correct/switch2/gcc/switch2.expected +++ b/src/test/correct/switch2/gcc/switch2.expected @@ -442,9 +442,6 @@ procedure main() NF, Gamma_NF := bvadd32(#10, 1bv32)[32:31], Gamma_#10; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); goto l000004e2_goto_l0000050a, l000004e2_goto_l000003e2; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; @@ -529,9 +526,6 @@ procedure r() assume {:captureState "lr"} true; R0, Gamma_R0 := 1bv64, true; goto r_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; r_return: assume {:captureState "r_return"} true; return; diff --git a/src/test/correct/switch2/gcc_O2/switch2.expected b/src/test/correct/switch2/gcc_O2/switch2.expected index 086d15477..a61f1cad8 100644 --- a/src/test/correct/switch2/gcc_O2/switch2.expected +++ b/src/test/correct/switch2/gcc_O2/switch2.expected @@ -154,9 +154,6 @@ procedure main() lmain: assume {:captureState "lmain"} true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/switch2/gcc_no_plt_no_pic/switch2.expected b/src/test/correct/switch2/gcc_no_plt_no_pic/switch2.expected index c9bcc5f08..53a551905 100644 --- a/src/test/correct/switch2/gcc_no_plt_no_pic/switch2.expected +++ b/src/test/correct/switch2/gcc_no_plt_no_pic/switch2.expected @@ -438,9 +438,6 @@ procedure main() NF, Gamma_NF := bvadd32(#10, 1bv32)[32:31], Gamma_#10; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); goto l00000d41_goto_l00000d69, l00000d41_goto_l00000c41; - terminate: - assume {:captureState "terminate"} true; - goto terminate; l00000cee_goto_l00000d0f: assume {:captureState "l00000cee_goto_l00000d0f"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); @@ -529,9 +526,6 @@ procedure r() assume {:captureState "lr"} true; R0, Gamma_R0 := 1bv64, true; goto r_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; r_return: assume {:captureState "r_return"} true; return; diff --git a/src/test/correct/switch2/gcc_pic/switch2.expected b/src/test/correct/switch2/gcc_pic/switch2.expected index c9bcc5f08..53a551905 100644 --- a/src/test/correct/switch2/gcc_pic/switch2.expected +++ b/src/test/correct/switch2/gcc_pic/switch2.expected @@ -438,9 +438,6 @@ procedure main() NF, Gamma_NF := bvadd32(#10, 1bv32)[32:31], Gamma_#10; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); goto l00000d41_goto_l00000d69, l00000d41_goto_l00000c41; - terminate: - assume {:captureState "terminate"} true; - goto terminate; l00000cee_goto_l00000d0f: assume {:captureState "l00000cee_goto_l00000d0f"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); @@ -529,9 +526,6 @@ procedure r() assume {:captureState "lr"} true; R0, Gamma_R0 := 1bv64, true; goto r_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; r_return: assume {:captureState "r_return"} true; return; diff --git a/src/test/correct/syscall/clang/syscall.expected b/src/test/correct/syscall/clang/syscall.expected index 5c7254c56..75d7a2955 100644 --- a/src/test/correct/syscall/clang/syscall.expected +++ b/src/test/correct/syscall/clang/syscall.expected @@ -313,9 +313,6 @@ procedure main() R30, Gamma_R30 := memory_load64_le(stack, bvadd64(#5, 8bv64)), gamma_load64(Gamma_stack, bvadd64(#5, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 48bv64), Gamma_R31; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/syscall/clang_no_plt_no_pic/syscall.expected b/src/test/correct/syscall/clang_no_plt_no_pic/syscall.expected index 843793310..eecb5c58a 100644 --- a/src/test/correct/syscall/clang_no_plt_no_pic/syscall.expected +++ b/src/test/correct/syscall/clang_no_plt_no_pic/syscall.expected @@ -303,9 +303,6 @@ procedure main() R30, Gamma_R30 := 1904bv64, true; call fork(); goto l0000092f; - terminate: - assume {:captureState "terminate"} true; - goto terminate; l0000092f: assume {:captureState "l0000092f"} true; stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R0); diff --git a/src/test/correct/syscall/clang_pic/syscall.expected b/src/test/correct/syscall/clang_pic/syscall.expected index 843793310..eecb5c58a 100644 --- a/src/test/correct/syscall/clang_pic/syscall.expected +++ b/src/test/correct/syscall/clang_pic/syscall.expected @@ -303,9 +303,6 @@ procedure main() R30, Gamma_R30 := 1904bv64, true; call fork(); goto l0000092f; - terminate: - assume {:captureState "terminate"} true; - goto terminate; l0000092f: assume {:captureState "l0000092f"} true; stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R0); diff --git a/src/test/correct/syscall/gcc/syscall.expected b/src/test/correct/syscall/gcc/syscall.expected index c1dec7db8..4ccb0a281 100644 --- a/src/test/correct/syscall/gcc/syscall.expected +++ b/src/test/correct/syscall/gcc/syscall.expected @@ -308,9 +308,6 @@ procedure main() R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 48bv64), Gamma_R31; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/syscall/gcc_no_plt_no_pic/syscall.expected b/src/test/correct/syscall/gcc_no_plt_no_pic/syscall.expected index 5673667e0..38db2827a 100644 --- a/src/test/correct/syscall/gcc_no_plt_no_pic/syscall.expected +++ b/src/test/correct/syscall/gcc_no_plt_no_pic/syscall.expected @@ -308,9 +308,6 @@ procedure main() R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 48bv64), Gamma_R31; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/syscall/gcc_pic/syscall.expected b/src/test/correct/syscall/gcc_pic/syscall.expected index 5673667e0..38db2827a 100644 --- a/src/test/correct/syscall/gcc_pic/syscall.expected +++ b/src/test/correct/syscall/gcc_pic/syscall.expected @@ -308,9 +308,6 @@ procedure main() R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 48bv64), Gamma_R31; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/using_gamma_conditional/clang/using_gamma_conditional.expected b/src/test/correct/using_gamma_conditional/clang/using_gamma_conditional.expected index c57b20c59..86d770df6 100644 --- a/src/test/correct/using_gamma_conditional/clang/using_gamma_conditional.expected +++ b/src/test/correct/using_gamma_conditional/clang/using_gamma_conditional.expected @@ -226,29 +226,6 @@ procedure main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; goto lmain_goto_l00000325, lmain_goto_l00000322; - l00000330: - assume {:captureState "l00000330"} true; - R8, Gamma_R8 := 1bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R8); - assume {:captureState "%00000340"} true; - goto l00000343; - lmain_goto_l00000325: - assume {:captureState "lmain_goto_l00000325"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); - goto l00000325; - l00000322: - assume {:captureState "l00000322"} true; - R8, Gamma_R8 := 0bv64, true; - goto l00000328; - l00000343: - assume {:captureState "l00000343"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); - R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; - goto main_return; - l00000328_goto_l00000358: - assume {:captureState "l00000328_goto_l00000358"} true; - assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); - goto l00000358; l00000328: assume {:captureState "l00000328"} true; assert Gamma_R8; @@ -273,9 +250,29 @@ procedure main() l00000358: assume {:captureState "l00000358"} true; goto l00000359; - terminate: - assume {:captureState "terminate"} true; - goto terminate; + l00000330: + assume {:captureState "l00000330"} true; + R8, Gamma_R8 := 1bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R8); + assume {:captureState "%00000340"} true; + goto l00000343; + lmain_goto_l00000325: + assume {:captureState "lmain_goto_l00000325"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); + goto l00000325; + l00000322: + assume {:captureState "l00000322"} true; + R8, Gamma_R8 := 0bv64, true; + goto l00000328; + l00000343: + assume {:captureState "l00000343"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); + R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + l00000328_goto_l00000358: + assume {:captureState "l00000328_goto_l00000358"} true; + assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); + goto l00000358; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/using_gamma_conditional/clang_O2/using_gamma_conditional.expected b/src/test/correct/using_gamma_conditional/clang_O2/using_gamma_conditional.expected index 8debcd3da..4e3bafedd 100644 --- a/src/test/correct/using_gamma_conditional/clang_O2/using_gamma_conditional.expected +++ b/src/test/correct/using_gamma_conditional/clang_O2/using_gamma_conditional.expected @@ -224,9 +224,6 @@ procedure main() assume {:captureState "l000002e5"} true; R0, Gamma_R0 := 0bv64, true; goto l000002eb; - terminate: - assume {:captureState "terminate"} true; - goto terminate; l000002eb: assume {:captureState "l000002eb"} true; goto main_return; diff --git a/src/test/correct/using_gamma_conditional/clang_no_plt_no_pic/using_gamma_conditional.expected b/src/test/correct/using_gamma_conditional/clang_no_plt_no_pic/using_gamma_conditional.expected index 455b6e7bd..b032e5f6e 100644 --- a/src/test/correct/using_gamma_conditional/clang_no_plt_no_pic/using_gamma_conditional.expected +++ b/src/test/correct/using_gamma_conditional/clang_no_plt_no_pic/using_gamma_conditional.expected @@ -230,11 +230,24 @@ procedure main() assume {:captureState "l0000093d"} true; R8, Gamma_R8 := 0bv64, true; goto l00000943; + l00000943: + assume {:captureState "l00000943"} true; + assert Gamma_R8; + goto l00000943_goto_l00000973, l00000943_goto_l0000094b; l0000095e: assume {:captureState "l0000095e"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto main_return; + l00000943_goto_l00000973: + assume {:captureState "l00000943_goto_l00000973"} true; + assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); + goto l00000973; + l00000974: + assume {:captureState "l00000974"} true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), 0bv32), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), true); + assume {:captureState "%0000097c"} true; + goto l0000095e; l0000094b: assume {:captureState "l0000094b"} true; R8, Gamma_R8 := 1bv64, true; @@ -245,19 +258,6 @@ procedure main() assume {:captureState "l00000943_goto_l0000094b"} true; assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); goto l0000094b; - l00000943: - assume {:captureState "l00000943"} true; - assert Gamma_R8; - goto l00000943_goto_l00000973, l00000943_goto_l0000094b; - l00000943_goto_l00000973: - assume {:captureState "l00000943_goto_l00000973"} true; - assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); - goto l00000973; - l00000974: - assume {:captureState "l00000974"} true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), 0bv32), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), true); - assume {:captureState "%0000097c"} true; - goto l0000095e; lmain_goto_l00000940: assume {:captureState "lmain_goto_l00000940"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); @@ -269,9 +269,6 @@ procedure main() l00000973: assume {:captureState "l00000973"} true; goto l00000974; - terminate: - assume {:captureState "terminate"} true; - goto terminate; lmain_goto_l0000093d: assume {:captureState "lmain_goto_l0000093d"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); diff --git a/src/test/correct/using_gamma_conditional/clang_pic/using_gamma_conditional.expected b/src/test/correct/using_gamma_conditional/clang_pic/using_gamma_conditional.expected index c93833b2e..3a937fab7 100644 --- a/src/test/correct/using_gamma_conditional/clang_pic/using_gamma_conditional.expected +++ b/src/test/correct/using_gamma_conditional/clang_pic/using_gamma_conditional.expected @@ -260,6 +260,10 @@ procedure main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; goto lmain_goto_l00000330, lmain_goto_l0000032d; + lmain_goto_l00000330: + assume {:captureState "lmain_goto_l00000330"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); + goto l00000330; l0000032d: assume {:captureState "l0000032d"} true; R8, Gamma_R8 := 0bv64, true; @@ -289,23 +293,16 @@ procedure main() assume {:captureState "l00000333"} true; assert Gamma_R8; goto l00000333_goto_l0000033b, l00000333_goto_l00000363; - l00000333_goto_l0000033b: - assume {:captureState "l00000333_goto_l0000033b"} true; - assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); - goto l0000033b; - lmain_goto_l00000330: - assume {:captureState "lmain_goto_l00000330"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); - goto l00000330; l0000033b: assume {:captureState "l0000033b"} true; R8, Gamma_R8 := 1bv64, true; stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R8); assume {:captureState "%0000034b"} true; goto l0000034e; - terminate: - assume {:captureState "terminate"} true; - goto terminate; + l00000333_goto_l0000033b: + assume {:captureState "l00000333_goto_l0000033b"} true; + assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); + goto l0000033b; l00000333_goto_l00000363: assume {:captureState "l00000333_goto_l00000363"} true; assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); diff --git a/src/test/correct/using_gamma_conditional/gcc/using_gamma_conditional.expected b/src/test/correct/using_gamma_conditional/gcc/using_gamma_conditional.expected index 2d03a49a5..d715e8b50 100644 --- a/src/test/correct/using_gamma_conditional/gcc/using_gamma_conditional.expected +++ b/src/test/correct/using_gamma_conditional/gcc/using_gamma_conditional.expected @@ -210,9 +210,6 @@ procedure main() l00000304: assume {:captureState "l00000304"} true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; l000002fa: assume {:captureState "l000002fa"} true; R0, Gamma_R0 := 1bv64, true; diff --git a/src/test/correct/using_gamma_conditional/gcc_O2/using_gamma_conditional.expected b/src/test/correct/using_gamma_conditional/gcc_O2/using_gamma_conditional.expected index 8db5dee79..b74a13c0a 100644 --- a/src/test/correct/using_gamma_conditional/gcc_O2/using_gamma_conditional.expected +++ b/src/test/correct/using_gamma_conditional/gcc_O2/using_gamma_conditional.expected @@ -221,9 +221,6 @@ procedure main() l000001d5: assume {:captureState "l000001d5"} true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; l000001d2: assume {:captureState "l000001d2"} true; R0, Gamma_R0 := 1bv64, true; diff --git a/src/test/correct/using_gamma_conditional/gcc_no_plt_no_pic/using_gamma_conditional.expected b/src/test/correct/using_gamma_conditional/gcc_no_plt_no_pic/using_gamma_conditional.expected index e567ce3b8..4d32f329f 100644 --- a/src/test/correct/using_gamma_conditional/gcc_no_plt_no_pic/using_gamma_conditional.expected +++ b/src/test/correct/using_gamma_conditional/gcc_no_plt_no_pic/using_gamma_conditional.expected @@ -226,9 +226,6 @@ procedure main() assume {:captureState "lmain_goto_l000008b3"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); goto l000008b3; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/using_gamma_conditional/gcc_pic/using_gamma_conditional.expected b/src/test/correct/using_gamma_conditional/gcc_pic/using_gamma_conditional.expected index 4a263681f..b86502fa2 100644 --- a/src/test/correct/using_gamma_conditional/gcc_pic/using_gamma_conditional.expected +++ b/src/test/correct/using_gamma_conditional/gcc_pic/using_gamma_conditional.expected @@ -255,9 +255,6 @@ procedure main() assume {:captureState "lmain_goto_l0000030a"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); goto l0000030a; - terminate: - assume {:captureState "terminate"} true; - goto terminate; l000002fb: assume {:captureState "l000002fb"} true; R0, Gamma_R0 := 1bv64, true; diff --git a/src/test/correct/using_gamma_write_z/clang/using_gamma_write_z.expected b/src/test/correct/using_gamma_write_z/clang/using_gamma_write_z.expected index 88652861a..2ca009f35 100644 --- a/src/test/correct/using_gamma_write_z/clang/using_gamma_write_z.expected +++ b/src/test/correct/using_gamma_write_z/clang/using_gamma_write_z.expected @@ -201,9 +201,6 @@ procedure main() assume {:captureState "%000002ce"} true; R0, Gamma_R0 := 0bv64, true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/using_gamma_write_z/clang_O2/using_gamma_write_z.expected b/src/test/correct/using_gamma_write_z/clang_O2/using_gamma_write_z.expected index d156c3a66..d8a432661 100644 --- a/src/test/correct/using_gamma_write_z/clang_O2/using_gamma_write_z.expected +++ b/src/test/correct/using_gamma_write_z/clang_O2/using_gamma_write_z.expected @@ -201,9 +201,6 @@ procedure main() assert (Gamma_x_old ==> gamma_load32(Gamma_mem, $x_addr)); assume {:captureState "%000002d3"} true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/using_gamma_write_z/clang_no_plt_no_pic/using_gamma_write_z.expected b/src/test/correct/using_gamma_write_z/clang_no_plt_no_pic/using_gamma_write_z.expected index 4c5c1196b..f2a9d9ff5 100644 --- a/src/test/correct/using_gamma_write_z/clang_no_plt_no_pic/using_gamma_write_z.expected +++ b/src/test/correct/using_gamma_write_z/clang_no_plt_no_pic/using_gamma_write_z.expected @@ -201,9 +201,6 @@ procedure main() assume {:captureState "%00000845"} true; R0, Gamma_R0 := 0bv64, true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/using_gamma_write_z/clang_pic/using_gamma_write_z.expected b/src/test/correct/using_gamma_write_z/clang_pic/using_gamma_write_z.expected index 829648397..8aea2cbc4 100644 --- a/src/test/correct/using_gamma_write_z/clang_pic/using_gamma_write_z.expected +++ b/src/test/correct/using_gamma_write_z/clang_pic/using_gamma_write_z.expected @@ -235,9 +235,6 @@ procedure main() assume {:captureState "%000002d9"} true; R0, Gamma_R0 := 0bv64, true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/using_gamma_write_z/gcc/using_gamma_write_z.expected b/src/test/correct/using_gamma_write_z/gcc/using_gamma_write_z.expected index fa27d280b..cf6756250 100644 --- a/src/test/correct/using_gamma_write_z/gcc/using_gamma_write_z.expected +++ b/src/test/correct/using_gamma_write_z/gcc/using_gamma_write_z.expected @@ -200,9 +200,6 @@ procedure main() assume {:captureState "%000002d8"} true; R0, Gamma_R0 := 0bv64, true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/using_gamma_write_z/gcc_O2/using_gamma_write_z.expected b/src/test/correct/using_gamma_write_z/gcc_O2/using_gamma_write_z.expected index e3e250f8f..447fbd7c7 100644 --- a/src/test/correct/using_gamma_write_z/gcc_O2/using_gamma_write_z.expected +++ b/src/test/correct/using_gamma_write_z/gcc_O2/using_gamma_write_z.expected @@ -201,9 +201,6 @@ procedure main() assert (Gamma_x_old ==> gamma_load32(Gamma_mem, $x_addr)); assume {:captureState "%000001bd"} true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/using_gamma_write_z/gcc_no_plt_no_pic/using_gamma_write_z.expected b/src/test/correct/using_gamma_write_z/gcc_no_plt_no_pic/using_gamma_write_z.expected index 1940b85d5..713c133a8 100644 --- a/src/test/correct/using_gamma_write_z/gcc_no_plt_no_pic/using_gamma_write_z.expected +++ b/src/test/correct/using_gamma_write_z/gcc_no_plt_no_pic/using_gamma_write_z.expected @@ -200,9 +200,6 @@ procedure main() assume {:captureState "%0000085b"} true; R0, Gamma_R0 := 0bv64, true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/using_gamma_write_z/gcc_pic/using_gamma_write_z.expected b/src/test/correct/using_gamma_write_z/gcc_pic/using_gamma_write_z.expected index 136df201e..4ed97c305 100644 --- a/src/test/correct/using_gamma_write_z/gcc_pic/using_gamma_write_z.expected +++ b/src/test/correct/using_gamma_write_z/gcc_pic/using_gamma_write_z.expected @@ -233,9 +233,6 @@ procedure main() assume {:captureState "%000002d9"} true; R0, Gamma_R0 := 0bv64, true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/incorrect/basicassign/clang/basicassign.expected b/src/test/incorrect/basicassign/clang/basicassign.expected index 5f1807521..84ed56c74 100644 --- a/src/test/incorrect/basicassign/clang/basicassign.expected +++ b/src/test/incorrect/basicassign/clang/basicassign.expected @@ -225,9 +225,6 @@ procedure main() mem, Gamma_mem := memory_store32_le(mem, bvadd64(R9, 60bv64), R8[32:0]), gamma_store32(Gamma_mem, bvadd64(R9, 60bv64), Gamma_R8); assume {:captureState "%00000337"} true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/incorrect/basicassign/clang_O2/basicassign.expected b/src/test/incorrect/basicassign/clang_O2/basicassign.expected index 2f483e645..a4489dd2b 100644 --- a/src/test/incorrect/basicassign/clang_O2/basicassign.expected +++ b/src/test/incorrect/basicassign/clang_O2/basicassign.expected @@ -205,9 +205,6 @@ procedure main() mem, Gamma_mem := memory_store32_le(mem, bvadd64(R10, 60bv64), R8[32:0]), gamma_store32(Gamma_mem, bvadd64(R10, 60bv64), Gamma_R8); assume {:captureState "%000002f3"} true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/incorrect/basicassign/clang_no_plt_no_pic/basicassign.expected b/src/test/incorrect/basicassign/clang_no_plt_no_pic/basicassign.expected index 860dd8d67..b8cc8f688 100644 --- a/src/test/incorrect/basicassign/clang_no_plt_no_pic/basicassign.expected +++ b/src/test/incorrect/basicassign/clang_no_plt_no_pic/basicassign.expected @@ -225,9 +225,6 @@ procedure main() mem, Gamma_mem := memory_store32_le(mem, bvadd64(R9, 60bv64), R8[32:0]), gamma_store32(Gamma_mem, bvadd64(R9, 60bv64), Gamma_R8); assume {:captureState "%00000924"} true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/incorrect/basicassign/clang_pic/basicassign.expected b/src/test/incorrect/basicassign/clang_pic/basicassign.expected index 8152d95bf..f57315d51 100644 --- a/src/test/incorrect/basicassign/clang_pic/basicassign.expected +++ b/src/test/incorrect/basicassign/clang_pic/basicassign.expected @@ -311,9 +311,6 @@ procedure main() mem, Gamma_mem := memory_store32_le(mem, R9, R8[32:0]), gamma_store32(Gamma_mem, R9, Gamma_R8); assume {:captureState "%00000358"} true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/incorrect/basicassign/gcc/basicassign.expected b/src/test/incorrect/basicassign/gcc/basicassign.expected index b8b491d80..380240825 100644 --- a/src/test/incorrect/basicassign/gcc/basicassign.expected +++ b/src/test/incorrect/basicassign/gcc/basicassign.expected @@ -234,9 +234,6 @@ procedure main() assume {:captureState "%000003c2"} true; R0, Gamma_R0 := 0bv64, true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/incorrect/basicassign/gcc_O2/basicassign.expected b/src/test/incorrect/basicassign/gcc_O2/basicassign.expected index 5febdf802..37b0ef0a5 100644 --- a/src/test/incorrect/basicassign/gcc_O2/basicassign.expected +++ b/src/test/incorrect/basicassign/gcc_O2/basicassign.expected @@ -205,9 +205,6 @@ procedure main() mem, Gamma_mem := memory_store32_le(mem, bvadd64(#1, 4bv64), R2[32:0]), gamma_store32(Gamma_mem, bvadd64(#1, 4bv64), Gamma_R2); assume {:captureState "%000001cf"} true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/incorrect/basicassign/gcc_no_plt_no_pic/basicassign.expected b/src/test/incorrect/basicassign/gcc_no_plt_no_pic/basicassign.expected index 34be6147a..5d3abd1cd 100644 --- a/src/test/incorrect/basicassign/gcc_no_plt_no_pic/basicassign.expected +++ b/src/test/incorrect/basicassign/gcc_no_plt_no_pic/basicassign.expected @@ -234,9 +234,6 @@ procedure main() assume {:captureState "%00000a5d"} true; R0, Gamma_R0 := 0bv64, true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/incorrect/basicassign/gcc_pic/basicassign.expected b/src/test/incorrect/basicassign/gcc_pic/basicassign.expected index 01a961c7f..57b65d230 100644 --- a/src/test/incorrect/basicassign/gcc_pic/basicassign.expected +++ b/src/test/incorrect/basicassign/gcc_pic/basicassign.expected @@ -323,9 +323,6 @@ procedure main() assume {:captureState "%000003cb"} true; R0, Gamma_R0 := 0bv64, true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/incorrect/basicassign1/clang/basicassign1.expected b/src/test/incorrect/basicassign1/clang/basicassign1.expected index 88f7d6bf6..f2220737b 100644 --- a/src/test/incorrect/basicassign1/clang/basicassign1.expected +++ b/src/test/incorrect/basicassign1/clang/basicassign1.expected @@ -216,9 +216,6 @@ procedure main() assume {:captureState "%0000033c"} true; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/incorrect/basicassign1/clang_O2/basicassign1.expected b/src/test/incorrect/basicassign1/clang_O2/basicassign1.expected index 4bdcc3a12..0d5c90910 100644 --- a/src/test/incorrect/basicassign1/clang_O2/basicassign1.expected +++ b/src/test/incorrect/basicassign1/clang_O2/basicassign1.expected @@ -192,9 +192,6 @@ procedure main() mem, Gamma_mem := memory_store32_le(mem, bvadd64(R9, 56bv64), R8[32:0]), gamma_store32(Gamma_mem, bvadd64(R9, 56bv64), Gamma_R8); assume {:captureState "%000002de"} true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/incorrect/basicassign1/clang_no_plt_no_pic/basicassign1.expected b/src/test/incorrect/basicassign1/clang_no_plt_no_pic/basicassign1.expected index f77d5f080..844d15bf3 100644 --- a/src/test/incorrect/basicassign1/clang_no_plt_no_pic/basicassign1.expected +++ b/src/test/incorrect/basicassign1/clang_no_plt_no_pic/basicassign1.expected @@ -216,9 +216,6 @@ procedure main() assume {:captureState "%00000936"} true; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/incorrect/basicassign1/clang_pic/basicassign1.expected b/src/test/incorrect/basicassign1/clang_pic/basicassign1.expected index e45f368b5..6cb818c36 100644 --- a/src/test/incorrect/basicassign1/clang_pic/basicassign1.expected +++ b/src/test/incorrect/basicassign1/clang_pic/basicassign1.expected @@ -276,9 +276,6 @@ procedure main() assume {:captureState "%00000352"} true; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/incorrect/basicassign1/gcc/basicassign1.expected b/src/test/incorrect/basicassign1/gcc/basicassign1.expected index c9ddba09b..9bdf73493 100644 --- a/src/test/incorrect/basicassign1/gcc/basicassign1.expected +++ b/src/test/incorrect/basicassign1/gcc/basicassign1.expected @@ -218,9 +218,6 @@ procedure main() R0, Gamma_R0 := 0bv64, true; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/incorrect/basicassign1/gcc_O2/basicassign1.expected b/src/test/incorrect/basicassign1/gcc_O2/basicassign1.expected index 4bd97c776..6e0a6517b 100644 --- a/src/test/incorrect/basicassign1/gcc_O2/basicassign1.expected +++ b/src/test/incorrect/basicassign1/gcc_O2/basicassign1.expected @@ -192,9 +192,6 @@ procedure main() mem, Gamma_mem := memory_store32_le(mem, bvadd64(R1, 20bv64), R2[32:0]), gamma_store32(Gamma_mem, bvadd64(R1, 20bv64), Gamma_R2); assume {:captureState "%000001c5"} true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/incorrect/basicassign1/gcc_no_plt_no_pic/basicassign1.expected b/src/test/incorrect/basicassign1/gcc_no_plt_no_pic/basicassign1.expected index e9feedbe3..cd757d126 100644 --- a/src/test/incorrect/basicassign1/gcc_no_plt_no_pic/basicassign1.expected +++ b/src/test/incorrect/basicassign1/gcc_no_plt_no_pic/basicassign1.expected @@ -218,9 +218,6 @@ procedure main() R0, Gamma_R0 := 0bv64, true; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/incorrect/basicassign1/gcc_pic/basicassign1.expected b/src/test/incorrect/basicassign1/gcc_pic/basicassign1.expected index fe90ab5aa..e3b22af5c 100644 --- a/src/test/incorrect/basicassign1/gcc_pic/basicassign1.expected +++ b/src/test/incorrect/basicassign1/gcc_pic/basicassign1.expected @@ -278,9 +278,6 @@ procedure main() R0, Gamma_R0 := 0bv64, true; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/incorrect/basicassign2/clang/basicassign2.expected b/src/test/incorrect/basicassign2/clang/basicassign2.expected index d6a39a59f..a570a225d 100644 --- a/src/test/incorrect/basicassign2/clang/basicassign2.expected +++ b/src/test/incorrect/basicassign2/clang/basicassign2.expected @@ -217,9 +217,6 @@ procedure main() R0, Gamma_R0 := 0bv64, true; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/incorrect/basicassign2/clang_O2/basicassign2.expected b/src/test/incorrect/basicassign2/clang_O2/basicassign2.expected index 00a003c3d..76c749a45 100644 --- a/src/test/incorrect/basicassign2/clang_O2/basicassign2.expected +++ b/src/test/incorrect/basicassign2/clang_O2/basicassign2.expected @@ -193,9 +193,6 @@ procedure main() mem, Gamma_mem := memory_store64_le(mem, bvadd64(R9, 64bv64), R8), gamma_store64(Gamma_mem, bvadd64(R9, 64bv64), Gamma_R8); assume {:captureState "%000002de"} true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/incorrect/basicassign2/clang_no_plt_no_pic/basicassign2.expected b/src/test/incorrect/basicassign2/clang_no_plt_no_pic/basicassign2.expected index 10b2a8084..9c1225edb 100644 --- a/src/test/incorrect/basicassign2/clang_no_plt_no_pic/basicassign2.expected +++ b/src/test/incorrect/basicassign2/clang_no_plt_no_pic/basicassign2.expected @@ -217,9 +217,6 @@ procedure main() R0, Gamma_R0 := 0bv64, true; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/incorrect/basicassign2/clang_pic/basicassign2.expected b/src/test/incorrect/basicassign2/clang_pic/basicassign2.expected index 7438d3a21..9304b18e1 100644 --- a/src/test/incorrect/basicassign2/clang_pic/basicassign2.expected +++ b/src/test/incorrect/basicassign2/clang_pic/basicassign2.expected @@ -269,9 +269,6 @@ procedure main() R0, Gamma_R0 := 0bv64, true; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/incorrect/basicassign2/gcc/basicassign2.expected b/src/test/incorrect/basicassign2/gcc/basicassign2.expected index e3ef70fbe..8372ab4ad 100644 --- a/src/test/incorrect/basicassign2/gcc/basicassign2.expected +++ b/src/test/incorrect/basicassign2/gcc/basicassign2.expected @@ -219,9 +219,6 @@ procedure main() R0, Gamma_R0 := 0bv64, true; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/incorrect/basicassign2/gcc_O2/basicassign2.expected b/src/test/incorrect/basicassign2/gcc_O2/basicassign2.expected index 9f66eb0cd..34dbe34a3 100644 --- a/src/test/incorrect/basicassign2/gcc_O2/basicassign2.expected +++ b/src/test/incorrect/basicassign2/gcc_O2/basicassign2.expected @@ -193,9 +193,6 @@ procedure main() mem, Gamma_mem := memory_store64_le(mem, bvadd64(R1, 24bv64), R2), gamma_store64(Gamma_mem, bvadd64(R1, 24bv64), Gamma_R2); assume {:captureState "%000001c5"} true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/incorrect/basicassign2/gcc_no_plt_no_pic/basicassign2.expected b/src/test/incorrect/basicassign2/gcc_no_plt_no_pic/basicassign2.expected index b7517c6e9..686474f93 100644 --- a/src/test/incorrect/basicassign2/gcc_no_plt_no_pic/basicassign2.expected +++ b/src/test/incorrect/basicassign2/gcc_no_plt_no_pic/basicassign2.expected @@ -219,9 +219,6 @@ procedure main() R0, Gamma_R0 := 0bv64, true; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/incorrect/basicassign2/gcc_pic/basicassign2.expected b/src/test/incorrect/basicassign2/gcc_pic/basicassign2.expected index 2a1a923e1..483de1759 100644 --- a/src/test/incorrect/basicassign2/gcc_pic/basicassign2.expected +++ b/src/test/incorrect/basicassign2/gcc_pic/basicassign2.expected @@ -271,9 +271,6 @@ procedure main() R0, Gamma_R0 := 0bv64, true; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/incorrect/basicassign3/clang/basicassign3.expected b/src/test/incorrect/basicassign3/clang/basicassign3.expected index 7e2f57eb9..b21949a98 100644 --- a/src/test/incorrect/basicassign3/clang/basicassign3.expected +++ b/src/test/incorrect/basicassign3/clang/basicassign3.expected @@ -214,9 +214,6 @@ procedure main() R0, Gamma_R0 := 0bv64, true; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/incorrect/basicassign3/clang_O2/basicassign3.expected b/src/test/incorrect/basicassign3/clang_O2/basicassign3.expected index dadee6a6e..423a760b8 100644 --- a/src/test/incorrect/basicassign3/clang_O2/basicassign3.expected +++ b/src/test/incorrect/basicassign3/clang_O2/basicassign3.expected @@ -190,9 +190,6 @@ procedure main() mem, Gamma_mem := memory_store8_le(mem, bvadd64(R9, 56bv64), R8[8:0]), gamma_store8(Gamma_mem, bvadd64(R9, 56bv64), Gamma_R8); assume {:captureState "%000002de"} true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/incorrect/basicassign3/clang_no_plt_no_pic/basicassign3.expected b/src/test/incorrect/basicassign3/clang_no_plt_no_pic/basicassign3.expected index 7cbd3ded5..7e921dc81 100644 --- a/src/test/incorrect/basicassign3/clang_no_plt_no_pic/basicassign3.expected +++ b/src/test/incorrect/basicassign3/clang_no_plt_no_pic/basicassign3.expected @@ -214,9 +214,6 @@ procedure main() R0, Gamma_R0 := 0bv64, true; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/incorrect/basicassign3/clang_pic/basicassign3.expected b/src/test/incorrect/basicassign3/clang_pic/basicassign3.expected index 28dfa7f9d..89115297d 100644 --- a/src/test/incorrect/basicassign3/clang_pic/basicassign3.expected +++ b/src/test/incorrect/basicassign3/clang_pic/basicassign3.expected @@ -274,9 +274,6 @@ procedure main() R0, Gamma_R0 := 0bv64, true; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/incorrect/basicassign3/gcc/basicassign3.expected b/src/test/incorrect/basicassign3/gcc/basicassign3.expected index b65593154..3c01a3522 100644 --- a/src/test/incorrect/basicassign3/gcc/basicassign3.expected +++ b/src/test/incorrect/basicassign3/gcc/basicassign3.expected @@ -216,9 +216,6 @@ procedure main() R0, Gamma_R0 := 0bv64, true; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/incorrect/basicassign3/gcc_O2/basicassign3.expected b/src/test/incorrect/basicassign3/gcc_O2/basicassign3.expected index 538b12caa..089e3635c 100644 --- a/src/test/incorrect/basicassign3/gcc_O2/basicassign3.expected +++ b/src/test/incorrect/basicassign3/gcc_O2/basicassign3.expected @@ -190,9 +190,6 @@ procedure main() mem, Gamma_mem := memory_store8_le(mem, bvadd64(R1, 17bv64), R2[8:0]), gamma_store8(Gamma_mem, bvadd64(R1, 17bv64), Gamma_R2); assume {:captureState "%000001c5"} true; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/incorrect/basicassign3/gcc_no_plt_no_pic/basicassign3.expected b/src/test/incorrect/basicassign3/gcc_no_plt_no_pic/basicassign3.expected index 0d68eef48..f0e8a9a87 100644 --- a/src/test/incorrect/basicassign3/gcc_no_plt_no_pic/basicassign3.expected +++ b/src/test/incorrect/basicassign3/gcc_no_plt_no_pic/basicassign3.expected @@ -216,9 +216,6 @@ procedure main() R0, Gamma_R0 := 0bv64, true; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/incorrect/basicassign3/gcc_pic/basicassign3.expected b/src/test/incorrect/basicassign3/gcc_pic/basicassign3.expected index 6823e0cb6..7faabd4cd 100644 --- a/src/test/incorrect/basicassign3/gcc_pic/basicassign3.expected +++ b/src/test/incorrect/basicassign3/gcc_pic/basicassign3.expected @@ -276,9 +276,6 @@ procedure main() R0, Gamma_R0 := 0bv64, true; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto main_return; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/incorrect/iflocal/clang/iflocal.expected b/src/test/incorrect/iflocal/clang/iflocal.expected index 82f7ca651..5e8a2960f 100644 --- a/src/test/incorrect/iflocal/clang/iflocal.expected +++ b/src/test/incorrect/iflocal/clang/iflocal.expected @@ -247,9 +247,6 @@ procedure main() assume {:captureState "lmain_goto_l00000337"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); goto l00000337; - terminate: - assume {:captureState "terminate"} true; - goto terminate; l0000033a_goto_l00000359: assume {:captureState "l0000033a_goto_l00000359"} true; assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); diff --git a/src/test/incorrect/iflocal/clang_no_plt_no_pic/iflocal.expected b/src/test/incorrect/iflocal/clang_no_plt_no_pic/iflocal.expected index 891f018eb..d55ca2c6c 100644 --- a/src/test/incorrect/iflocal/clang_no_plt_no_pic/iflocal.expected +++ b/src/test/incorrect/iflocal/clang_no_plt_no_pic/iflocal.expected @@ -245,9 +245,6 @@ procedure main() stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 4bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 4bv64), Gamma_R8); assume {:captureState "%0000098a"} true; goto l00000964; - terminate: - assume {:captureState "terminate"} true; - goto terminate; lmain_goto_l00000956: assume {:captureState "lmain_goto_l00000956"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); diff --git a/src/test/incorrect/iflocal/clang_pic/iflocal.expected b/src/test/incorrect/iflocal/clang_pic/iflocal.expected index 891f018eb..d55ca2c6c 100644 --- a/src/test/incorrect/iflocal/clang_pic/iflocal.expected +++ b/src/test/incorrect/iflocal/clang_pic/iflocal.expected @@ -245,9 +245,6 @@ procedure main() stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 4bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 4bv64), Gamma_R8); assume {:captureState "%0000098a"} true; goto l00000964; - terminate: - assume {:captureState "terminate"} true; - goto terminate; lmain_goto_l00000956: assume {:captureState "lmain_goto_l00000956"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); diff --git a/src/test/incorrect/iflocal/gcc/iflocal.expected b/src/test/incorrect/iflocal/gcc/iflocal.expected index e5bc49a42..829e3e816 100644 --- a/src/test/incorrect/iflocal/gcc/iflocal.expected +++ b/src/test/incorrect/iflocal/gcc/iflocal.expected @@ -225,9 +225,6 @@ procedure main() assume {:captureState "lmain_goto_l0000032d"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); goto l0000032d; - terminate: - assume {:captureState "terminate"} true; - goto terminate; lmain_goto_l00000318: assume {:captureState "lmain_goto_l00000318"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); diff --git a/src/test/incorrect/iflocal/gcc_no_plt_no_pic/iflocal.expected b/src/test/incorrect/iflocal/gcc_no_plt_no_pic/iflocal.expected index fa6a398ec..78e0f83f9 100644 --- a/src/test/incorrect/iflocal/gcc_no_plt_no_pic/iflocal.expected +++ b/src/test/incorrect/iflocal/gcc_no_plt_no_pic/iflocal.expected @@ -219,9 +219,6 @@ procedure main() assume {:captureState "lmain_goto_l000008ff"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); goto l000008ff; - terminate: - assume {:captureState "terminate"} true; - goto terminate; l00000914: assume {:captureState "l00000914"} true; R0, Gamma_R0 := 1bv64, true; diff --git a/src/test/incorrect/iflocal/gcc_pic/iflocal.expected b/src/test/incorrect/iflocal/gcc_pic/iflocal.expected index fa6a398ec..78e0f83f9 100644 --- a/src/test/incorrect/iflocal/gcc_pic/iflocal.expected +++ b/src/test/incorrect/iflocal/gcc_pic/iflocal.expected @@ -219,9 +219,6 @@ procedure main() assume {:captureState "lmain_goto_l000008ff"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); goto l000008ff; - terminate: - assume {:captureState "terminate"} true; - goto terminate; l00000914: assume {:captureState "l00000914"} true; R0, Gamma_R0 := 1bv64, true; diff --git a/src/test/incorrect/nestedifglobal/clang/nestedifglobal.expected b/src/test/incorrect/nestedifglobal/clang/nestedifglobal.expected index 471a739ab..3164e1719 100644 --- a/src/test/incorrect/nestedifglobal/clang/nestedifglobal.expected +++ b/src/test/incorrect/nestedifglobal/clang/nestedifglobal.expected @@ -361,9 +361,6 @@ procedure main() assume {:captureState "l000003ce"} true; R8, Gamma_R8 := 0bv64, true; goto l000003d4; - terminate: - assume {:captureState "terminate"} true; - goto terminate; lmain_goto_l00000390: assume {:captureState "lmain_goto_l00000390"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); diff --git a/src/test/incorrect/nestedifglobal/clang_no_plt_no_pic/nestedifglobal.expected b/src/test/incorrect/nestedifglobal/clang_no_plt_no_pic/nestedifglobal.expected index 2c5a3f4b2..ae401a8c4 100644 --- a/src/test/incorrect/nestedifglobal/clang_no_plt_no_pic/nestedifglobal.expected +++ b/src/test/incorrect/nestedifglobal/clang_no_plt_no_pic/nestedifglobal.expected @@ -369,9 +369,6 @@ procedure main() assume {:captureState "l00000b21"} true; R8, Gamma_R8 := 1bv64, true; goto l00000b24; - terminate: - assume {:captureState "terminate"} true; - goto terminate; lmain_goto_l00000ae0: assume {:captureState "lmain_goto_l00000ae0"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); diff --git a/src/test/incorrect/nestedifglobal/clang_pic/nestedifglobal.expected b/src/test/incorrect/nestedifglobal/clang_pic/nestedifglobal.expected index 40bee7d67..76b57fb4f 100644 --- a/src/test/incorrect/nestedifglobal/clang_pic/nestedifglobal.expected +++ b/src/test/incorrect/nestedifglobal/clang_pic/nestedifglobal.expected @@ -443,9 +443,6 @@ procedure main() stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 20bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 20bv64), Gamma_R8); assume {:captureState "%0000047b"} true; goto l000003f9; - terminate: - assume {:captureState "terminate"} true; - goto terminate; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/incorrect/nestedifglobal/gcc/nestedifglobal.expected b/src/test/incorrect/nestedifglobal/gcc/nestedifglobal.expected index f3485a5ed..6b0c21cee 100644 --- a/src/test/incorrect/nestedifglobal/gcc/nestedifglobal.expected +++ b/src/test/incorrect/nestedifglobal/gcc/nestedifglobal.expected @@ -294,9 +294,6 @@ procedure main() assume {:captureState "l000003b2_goto_l000003d8"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); goto l000003d8; - terminate: - assume {:captureState "terminate"} true; - goto terminate; l00000381_goto_l00000407: assume {:captureState "l00000381_goto_l00000407"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); diff --git a/src/test/incorrect/nestedifglobal/gcc_no_plt_no_pic/nestedifglobal.expected b/src/test/incorrect/nestedifglobal/gcc_no_plt_no_pic/nestedifglobal.expected index 57f035e0f..0a382c221 100644 --- a/src/test/incorrect/nestedifglobal/gcc_no_plt_no_pic/nestedifglobal.expected +++ b/src/test/incorrect/nestedifglobal/gcc_no_plt_no_pic/nestedifglobal.expected @@ -298,9 +298,6 @@ procedure main() stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 28bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 28bv64), Gamma_R0); assume {:captureState "%00000b0a"} true; goto l00000aaa; - terminate: - assume {:captureState "terminate"} true; - goto terminate; l00000aaa_goto_l00000ad0: assume {:captureState "l00000aaa_goto_l00000ad0"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); diff --git a/src/test/incorrect/nestedifglobal/gcc_pic/nestedifglobal.expected b/src/test/incorrect/nestedifglobal/gcc_pic/nestedifglobal.expected index 16f293b4a..856a26b99 100644 --- a/src/test/incorrect/nestedifglobal/gcc_pic/nestedifglobal.expected +++ b/src/test/incorrect/nestedifglobal/gcc_pic/nestedifglobal.expected @@ -348,9 +348,6 @@ procedure main() stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 28bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 28bv64), Gamma_R0); assume {:captureState "%00000423"} true; goto l00000383; - terminate: - assume {:captureState "terminate"} true; - goto terminate; l000003b5_goto_l000003db: assume {:captureState "l000003b5_goto_l000003db"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); From 0fd434d768299fba5ca555748d04bc51c7e46968 Mon Sep 17 00:00:00 2001 From: Alistair Michael Date: Wed, 29 Nov 2023 10:38:50 +1000 Subject: [PATCH 25/42] cleanup output --- docs/il-cfg.md | 44 ++++++++++++++---------------- src/main/scala/util/RunUtils.scala | 9 +++--- 2 files changed, 26 insertions(+), 27 deletions(-) diff --git a/docs/il-cfg.md b/docs/il-cfg.md index 40fecea96..004c7d9f6 100644 --- a/docs/il-cfg.md +++ b/docs/il-cfg.md @@ -32,7 +32,7 @@ We need to derive the predecessor/successor relation on CFG nodes IL . 1. CFG positions are defined as - The entry to a procedure - - An exit from a procedure + - The single return point from a procedure - The beginning of a block within a procedure - A statement command within a block - A jump or call command within a block @@ -44,6 +44,9 @@ First we have basic blocks belonging to a procedure. Procedure(id) Block(id, procedure) + EntryBlock(block_id, procedure) + ReturnBlock(block_id, procedure) + Block(id, procedure) :- EntryBlock(id, procedure); ReturnBlock(id, procedure) A list of sequential statements belonging to a block @@ -52,9 +55,9 @@ A list of sequential statements belonging to a block A list of jumps (either Calls or GoTos) belonging to a block, which occur after the statements. GoTos form the intra-procedural edges, and Calls form the inter-procedural edges. - GoTo(id, block, index, destinationBlock) - Call(id, block, index, destinationProcedure) - Jump(id, block) :- GoTo(id, block, _) ; Call(id, block, _) + GoTo(id, block, destinationBlock) // multiple destinations + Call(id, block, destinationProcedure, returnBlock), count {Call(id, block, _, _)} == 1 + Jump(id, block) :- GoTo(id, block, _) ; Call(id, block, _, _) Statements and Jumps are both considered commands. All IL terms, commands, blocks, and procedures, have a unique identifier. All of the above are considered IL terms. @@ -62,14 +65,7 @@ identifier. All of the above are considered IL terms. Command(id) :- Statement(id, _, _) ; Jump(id, _) ILTerm(id) :- Procedure(id); Block(id, _); Command(id) -The CFG extends this language with the following nodes: - - ProcedureExit(id, fromProcedure, fromJump) - CallReturn(id, fromCall) - - CFGNode(id) :- ProcedureExit(id,_,_) ; CallReturn(id,_) ; ILTerm(id) - -The predecessor/successor relates CFGNodes to CFGNodes, and is simply defined in terms of the nodes +The predecessor/successor relates ILTerms to ILTerms, and is simply defined in terms of the nodes pred(i, j) :- succ(j, i) @@ -79,15 +75,11 @@ The predecessor/successor relates CFGNodes to CFGNodes, and is simply defined in succ(goto, targetBlock) :- GoTo(goto, _, _, targetBlock) - // We always insert nodes for calls to return to - CallReturn(i, call) :- Call(call, _, _, _) - succ(call, callreturn) :- CallReturn(callreturn, call), Procedure(call) - - // a 'return' from the procedure is an indirect call to register R30 - succ(call, exit) :- Call(call, block, _, "R30"), ProcedureExit(exit, procedure, call), Block(block, procedure) + succ(call, return_block) :- Call(call, block, dest_procedure, return_block) For an inter-procedural CFG we also have: + succ(call, return_block) :- ReturnBlock(return_block, call), Procedure(call) succ(call, targetProcedure) :- Call(call, _, _, targetProcedure) succ(exit, returnNode) :- ProcedureExit(exit, procedure, call), CallReturn(returnNode, call) @@ -128,11 +120,17 @@ Specifically this means we store - list of incoming Calls - subroutine to compute the set of all outgoing calls in all contained blocks -To maintain this superimposed graph it is necessary to make the actual call lists private, and only allow -modification of through interfaces which maintain the graph. - -Maintenance of the graph is the responsibility of the Block class: adding or removing jumps must ensure the edge - references are maintained. +This means the IL contains: + - Forward graph edges in the forms of calls and gotos + - Forward syntax tree edges in the form of classes containing their children as fields + - Backwards graph edges in the form of lists of incoming jumps and calls + - Procedure has list of incoming calls + - Block has list of incoming gotos + - Backwards syntax tree edges in the form of a parent field + - Implementation of the `HasParent` trait. + +To maintain the backwards edges it is necessary to make the actual data structures private, and only allow +modification through interfaces which maintain the graph/tree. Jumps: - Must implement an interface to allow adding or removing edge references (references to themself) to and from their diff --git a/src/main/scala/util/RunUtils.scala b/src/main/scala/util/RunUtils.scala index 4793a6da7..eebe8f47d 100644 --- a/src/main/scala/util/RunUtils.scala +++ b/src/main/scala/util/RunUtils.scala @@ -241,9 +241,10 @@ object RunUtils { isEntryNode = false printNode(c) case c: Command => - //if (c.parent.label != previousBlock) { - // printBlock(c.parent) - //} + if (c.parent.label != previousBlock) { + printBlock(c.parent) + } + s.append(" ") printNode(c) previousBlock = c.parent.label isEntryNode = false @@ -280,7 +281,7 @@ object RunUtils { node match { case _: Statement => s.append("[Stmt] ") case _: Procedure => s.append("[FunctionEntry] ") - case _: Call => s.append("[Jmp] ") + case _: Jump => s.append("[Jmp] ") case _ => () } From 34b6cf4adb11f0ddf57d21c58dd894b9a51630d6 Mon Sep 17 00:00:00 2001 From: Alistair Michael Date: Wed, 29 Nov 2023 11:01:08 +1000 Subject: [PATCH 26/42] cleanup --- src/main/scala/ir/Block.scala | 9 --------- src/main/scala/ir/Procedure.scala | 7 ------- 2 files changed, 16 deletions(-) delete mode 100644 src/main/scala/ir/Block.scala delete mode 100644 src/main/scala/ir/Procedure.scala diff --git a/src/main/scala/ir/Block.scala b/src/main/scala/ir/Block.scala deleted file mode 100644 index 075aa16b9..000000000 --- a/src/main/scala/ir/Block.scala +++ /dev/null @@ -1,9 +0,0 @@ -package ir - -import collection.mutable -import scala.collection.immutable -import intrusiveList.IntrusiveList -import intrusiveList.IntrusiveListElement - -import scala.collection.mutable.ArrayBuffer - diff --git a/src/main/scala/ir/Procedure.scala b/src/main/scala/ir/Procedure.scala deleted file mode 100644 index 90d967308..000000000 --- a/src/main/scala/ir/Procedure.scala +++ /dev/null @@ -1,7 +0,0 @@ -package ir - -import boogie.{BParam, BVariable, BitVecBType, BoolBType} - -import scala.collection.mutable -import scala.collection.mutable.ArrayBuffer -import intrusiveList.IntrusiveList From 8693a2923324ea10fc060fa94c8f2d6dfd4e46a7 Mon Sep 17 00:00:00 2001 From: Alistair Michael Date: Fri, 1 Dec 2023 11:36:37 +1000 Subject: [PATCH 27/42] simple review fixes --- src/main/scala/analysis/BasicIRConstProp.scala | 5 +++-- src/main/scala/analysis/Cfg.scala | 2 -- src/main/scala/cfg_visualiser/DotTools.scala | 1 - src/main/scala/ir/Program.scala | 8 +------- src/main/scala/ir/Statement.scala | 1 - src/main/scala/ir/package.scala | 3 --- src/main/scala/util/RunUtils.scala | 2 +- 7 files changed, 5 insertions(+), 17 deletions(-) delete mode 100644 src/main/scala/ir/package.scala diff --git a/src/main/scala/analysis/BasicIRConstProp.scala b/src/main/scala/analysis/BasicIRConstProp.scala index 58898c933..af421ec67 100644 --- a/src/main/scala/analysis/BasicIRConstProp.scala +++ b/src/main/scala/analysis/BasicIRConstProp.scala @@ -61,7 +61,8 @@ trait ILValueAnalysisMisc: case _ => valuelattice.top - val calleePreservedRegisters = Set("R0", "R1", "R2", "R3", "R4", "R5", "R6", "R7", "R8", "R9", "R10", "R11") + private final val callerPreservedRegisters = Set("R0", "R1", "R2", "R3", "R4", "R5", "R6", "R7", "R8", "R9", "R10", + "R11", "R12", "R13", "R14", "R15", "R16", "R17", "R18", "R30") /** Transfer function for state lattice elements. */ @@ -69,7 +70,7 @@ trait ILValueAnalysisMisc: n match case la: LocalAssign => s + (la.lhs -> eval(la.rhs, s)) - case c: Call => s ++ calleePreservedRegisters.filter(reg => s.keys.exists(_.name == reg)).map(n => Register(n, BitVecType(64)) -> statelattice.sublattice.top).toMap + case c: Call => s ++ callerPreservedRegisters.filter(reg => s.keys.exists(_.name == reg)).map(n => Register(n, BitVecType(64)) -> statelattice.sublattice.top).toMap case _ => s diff --git a/src/main/scala/analysis/Cfg.scala b/src/main/scala/analysis/Cfg.scala index 24793a734..33b7053a1 100644 --- a/src/main/scala/analysis/Cfg.scala +++ b/src/main/scala/analysis/Cfg.scala @@ -428,8 +428,6 @@ class ProgramCfgFactory: } else { // Recurse through blocks visitBlock(proc.entryBlock.get, funcEntryNode) - // If it has no entry-block we still visit the exit block because VSA analysis expects everything to have an Exit - visitBlock(proc.returnBlock, funcEntryNode) } /** Add a block to the CFG. A block in this case is a basic block, so it contains a list of consecutive statements diff --git a/src/main/scala/cfg_visualiser/DotTools.scala b/src/main/scala/cfg_visualiser/DotTools.scala index de6b7a570..d50897b44 100644 --- a/src/main/scala/cfg_visualiser/DotTools.scala +++ b/src/main/scala/cfg_visualiser/DotTools.scala @@ -12,7 +12,6 @@ object IDGenerator { } def wrap(input: String, width: Integer = 20): String = - return input if (input.length() <= width) { input } else { diff --git a/src/main/scala/ir/Program.scala b/src/main/scala/ir/Program.scala index 8dc8a027c..ac18ef503 100644 --- a/src/main/scala/ir/Program.scala +++ b/src/main/scala/ir/Program.scala @@ -207,7 +207,7 @@ class Procedure private ( ++ (if _blocks.nonEmpty then Seq(returnBlock) else Seq()) def removeCaller(c: Call): Unit = { - _callers.add(c) + _callers.remove(c) } def addBlocks(block: Block): Block = { @@ -350,12 +350,6 @@ class Block private (var label: String, def jump: Jump = _jump - def addGoToTargets(targets: mutable.Set[Block]): this.type = { - require(_jump.parent == this && _jump.isInstanceOf[GoTo]) - _jump.asInstanceOf[GoTo].addAllTargets(targets) - this - } - def replaceJump(j: Jump): this.type = { _jump.deParent() j.setParent(this) diff --git a/src/main/scala/ir/Statement.scala b/src/main/scala/ir/Statement.scala index 9a29d963b..62f4934ee 100644 --- a/src/main/scala/ir/Statement.scala +++ b/src/main/scala/ir/Statement.scala @@ -121,7 +121,6 @@ class GoTo private (private var _targets: mutable.Set[Block], override val label } object GoTo: - case class ConstructionPattern(targets: Iterable[Block], label: Option[String] = None) def unapply(g: GoTo): Option[(Set[Block], Option[String])] = Some(g.targets, g.label) diff --git a/src/main/scala/ir/package.scala b/src/main/scala/ir/package.scala deleted file mode 100644 index ecb6f7b89..000000000 --- a/src/main/scala/ir/package.scala +++ /dev/null @@ -1,3 +0,0 @@ -package object ir { - -} diff --git a/src/main/scala/util/RunUtils.scala b/src/main/scala/util/RunUtils.scala index eebe8f47d..ddb5628dc 100644 --- a/src/main/scala/util/RunUtils.scala +++ b/src/main/scala/util/RunUtils.scala @@ -455,7 +455,7 @@ object RunUtils { val procedure = c.parent.data val newBlocks = ArrayBuffer[Block]() for (t <- targets) { - val assume = Assume(BinaryExpr(BVEQ, indirectCall.target, BitVecLiteral(t.address.get, 64)), null) + val assume = Assume(BinaryExpr(BVEQ, indirectCall.target, BitVecLiteral(t.address.get, 64))) val newLabel: String = block.label + t.name val bl = Block(newLabel, None, ArrayBuffer(assume), DirectCall(t, indirectCall.returnTarget, None)) newBlocks.append(bl) From a816ecb1f886222e7bfd6cf3be9981c8359d601c Mon Sep 17 00:00:00 2001 From: Alistair Michael Date: Fri, 1 Dec 2023 13:09:32 +1000 Subject: [PATCH 28/42] cleanup entry/exit blocks somewhat --- src/main/scala/ir/IRCursor.scala | 5 +-- src/main/scala/ir/Program.scala | 66 ++++++++++++++++++++------------ src/main/scala/ir/Visitor.scala | 13 ++++++- 3 files changed, 56 insertions(+), 28 deletions(-) diff --git a/src/main/scala/ir/IRCursor.scala b/src/main/scala/ir/IRCursor.scala index 6dcd3dd0d..8fea04dd1 100644 --- a/src/main/scala/ir/IRCursor.scala +++ b/src/main/scala/ir/IRCursor.scala @@ -31,10 +31,9 @@ def begin(c: CFGPosition): CFGPosition = { /* Closed trace-perspective end of a composite IL structure. */ -@tailrec def end(c: CFGPosition): CFGPosition = { c match { - case p:Procedure => end(p.returnBlock) + case p:Procedure => p // TODO: not well-defined case b:Block => b.jump case s:Statement => s.parent.statements.back() case s:Jump => s @@ -48,7 +47,7 @@ object IntraProcIRCursor { def succ(pos: CFGPosition): Set[CFGPosition] = { pos match { case proc: Procedure => - if proc.entryBlock.isEmpty then Set(proc.returnBlock) else Set(proc.entryBlock.get) + if proc.entryBlock.isEmpty then proc.returnBlock.toSet else proc.entryBlock.toSet case b: Block => if b.statements.isEmpty then Set(b.jump) diff --git a/src/main/scala/ir/Program.scala b/src/main/scala/ir/Program.scala index ac18ef503..0fc5a90a1 100644 --- a/src/main/scala/ir/Program.scala +++ b/src/main/scala/ir/Program.scala @@ -1,7 +1,7 @@ package ir import scala.collection.mutable.ArrayBuffer -import scala.collection.{immutable, mutable} +import scala.collection.{View, immutable, mutable} import boogie.* import analysis.BitVectorEval import intrusiveList.{IntrusiveList, IntrusiveListElement} @@ -174,20 +174,19 @@ class Procedure private ( var name: String, var address: Option[Int], var entryBlock: Option[Block], + var returnBlock: Option[Block], private val _blocks: mutable.HashSet[Block], var in: ArrayBuffer[Parameter], var out: ArrayBuffer[Parameter], ) { - /* First block executed when the procedure begins */ - /* returnBlock: Single return point for all returns from the procedure to its caller; always defined but only included - * in `blocks` if the procedure contains any real blocks.*/ - val returnBlock: Block = new Block(name + "_return", None, List(), new IndirectCall(Register("R30", BitVecType(64)), None, Some(name))) - returnBlock.setParent(this) - private var _callers = new mutable.HashSet[Call] - def this(name: String, address: Option[Int] = None , entryBlock: Option[Block] = None, blocks: IterableOnce[Block] = ArrayBuffer(), in: IterableOnce[Parameter] = ArrayBuffer(), out: IterableOnce[Parameter] = ArrayBuffer()) = { - this(name, address, entryBlock, mutable.HashSet.from(blocks), ArrayBuffer.from(in), ArrayBuffer.from(out)) + // class invariant + require(returnBlock.forall(b => _blocks.contains(b)) && entryBlock.forall(b => _blocks.contains(b))) + require(_blocks.isEmpty || entryBlock.isDefined) // blocks.nonEmpty ==> entryBlock.isDefined + + def this(name: String, address: Option[Int] = None , entryBlock: Option[Block] = None, returnBlock: Option[Block] = None, blocks: Iterable[Block] = ArrayBuffer(), in: IterableOnce[Parameter] = ArrayBuffer(), out: IterableOnce[Parameter] = ArrayBuffer()) = { + this(name, address, entryBlock, returnBlock, mutable.HashSet.from(blocks), ArrayBuffer.from(in), ArrayBuffer.from(out)) } override def toString: String = { @@ -197,23 +196,21 @@ class Procedure private ( def calls: Set[Procedure] = blocks.iterator.flatMap(_.calls).toSet /** - * Horrible, compensating for not storing the blocks in-order and storing initialBlock and returnBlock separately. - * @return + * Block iteration order is defined such that that the entryBlock is first, and no order is defined beyond that. + * Both entry block and return block are elements of _blocks. */ - def blocks: Seq[Block] = - (entryBlock match - case Some(b) if _blocks.nonEmpty => Seq(b) ++ _blocks.filter(x => x ne b).toSeq - case _ => _blocks.toSeq) - ++ (if _blocks.nonEmpty then Seq(returnBlock) else Seq()) + def blocks: View[Block] = entryBlock.view ++ _blocks.filterNot(x => entryBlock.contains(x)) def removeCaller(c: Call): Unit = { _callers.remove(c) } def addBlocks(block: Block): Block = { - block.deParent() - block.setParent(this) - _blocks.add(block) + if (!_blocks.contains(block)) { + block.deParent() + block.setParent(this) + _blocks.add(block) + } block } @@ -225,9 +222,13 @@ class Procedure private ( def replaceBlock(oldBlock: Block, block: Block): Block = { if (oldBlock ne block) { - require(_blocks.contains(oldBlock) || block == returnBlock) + val isEntry: Boolean = entryBlock.isDefined && (oldBlock eq entryBlock.get) + require(_blocks.contains(oldBlock)) removeBlocks(oldBlock) addBlocks(block) + if (isEntry) { + entryBlock = Some(block) + } } block } @@ -244,8 +245,10 @@ class Procedure private ( } def removeBlocks(block: Block): Block = { - block.deParent() - _blocks.remove(block) + if (_blocks.contains(block)) { + block.deParent() + _blocks.remove(block) + } block } def removeBlocks(blocks: Iterable[Block]): Unit = { @@ -383,8 +386,23 @@ class Block private (var label: String, override def hashCode(): Int = label.hashCode() - override def linkParent(p: Procedure): Unit = () // TODO; cannot support moving blocks around - override def unlinkParent(): Unit = () // TODO + override def linkParent(p: Procedure): Unit = { + // The first block added to the procedure is the entry block + if parent.blocks.isEmpty then parent.entryBlock = Some(this) + // to connect call() links that reference jump.parent.parent + jump.setParent(this) + } + override def unlinkParent(): Unit = { + if (parent.entryBlock.isDefined && parent.entryBlock == this) { + parent.entryBlock = None + } + if (parent.returnBlock.isDefined && parent.returnBlock == this) { + parent.returnBlock = None + } + + // to disconnect call() links that reference jump.parent.parent + jump.deParent() + } } diff --git a/src/main/scala/ir/Visitor.scala b/src/main/scala/ir/Visitor.scala index 8eafe4d16..0c0773766 100644 --- a/src/main/scala/ir/Visitor.scala +++ b/src/main/scala/ir/Visitor.scala @@ -342,9 +342,20 @@ class VariablesWithoutStoresLoads extends ReadOnlyVisitor { class ConvertToSingleProcedureReturn extends Visitor { override def visitJump(node: Jump): Jump = { + + val returnBlock = node.parent.parent.returnBlock match { + case Some(b) => b + case None => { + val name = node.parent.parent.name + "_return" + val returnBlock = new Block(name, None, List(), new IndirectCall(Register("R30", BitVecType(64)), None, None)) + node.parent.parent.addBlocks(returnBlock) + node.parent.parent.returnBlock = Some(returnBlock) + } + } + node match case c: IndirectCall => - if c.target.name == "R30" && c.returnTarget.isEmpty && c.parent != c.parent.parent.returnBlock then GoTo(Seq(c.parent.parent.returnBlock)) else node + if c.target.name == "R30" && c.returnTarget.isEmpty && c.parent != c.parent.parent.returnBlock then GoTo(Seq(c.parent.parent.returnBlock.get)) else node case _ => node } } From f628b007498b64f56e442779de2d2d625d1366ca Mon Sep 17 00:00:00 2001 From: Alistair Michael Date: Fri, 1 Dec 2023 13:52:00 +1000 Subject: [PATCH 29/42] fix --- src/main/scala/ir/Program.scala | 23 +++++++++-------------- 1 file changed, 9 insertions(+), 14 deletions(-) diff --git a/src/main/scala/ir/Program.scala b/src/main/scala/ir/Program.scala index 0fc5a90a1..30cf5ec12 100644 --- a/src/main/scala/ir/Program.scala +++ b/src/main/scala/ir/Program.scala @@ -175,7 +175,7 @@ class Procedure private ( var address: Option[Int], var entryBlock: Option[Block], var returnBlock: Option[Block], - private val _blocks: mutable.HashSet[Block], + private val _blocks: mutable.LinkedHashSet[Block], var in: ArrayBuffer[Parameter], var out: ArrayBuffer[Parameter], ) { @@ -186,7 +186,7 @@ class Procedure private ( require(_blocks.isEmpty || entryBlock.isDefined) // blocks.nonEmpty ==> entryBlock.isDefined def this(name: String, address: Option[Int] = None , entryBlock: Option[Block] = None, returnBlock: Option[Block] = None, blocks: Iterable[Block] = ArrayBuffer(), in: IterableOnce[Parameter] = ArrayBuffer(), out: IterableOnce[Parameter] = ArrayBuffer()) = { - this(name, address, entryBlock, returnBlock, mutable.HashSet.from(blocks), ArrayBuffer.from(in), ArrayBuffer.from(out)) + this(name, address, entryBlock, returnBlock, mutable.LinkedHashSet.from(blocks), ArrayBuffer.from(in), ArrayBuffer.from(out)) } override def toString: String = { @@ -221,14 +221,14 @@ class Procedure private ( } def replaceBlock(oldBlock: Block, block: Block): Block = { + require(_blocks.contains(oldBlock)) if (oldBlock ne block) { - val isEntry: Boolean = entryBlock.isDefined && (oldBlock eq entryBlock.get) - require(_blocks.contains(oldBlock)) + val isEntry: Boolean = entryBlock.contains(oldBlock) + val isReturn: Boolean = returnBlock.contains(oldBlock) removeBlocks(oldBlock) addBlocks(block) - if (isEntry) { - entryBlock = Some(block) - } + if isEntry then entryBlock = Some(block) + if isReturn then returnBlock = Some(block) } block } @@ -393,13 +393,8 @@ class Block private (var label: String, jump.setParent(this) } override def unlinkParent(): Unit = { - if (parent.entryBlock.isDefined && parent.entryBlock == this) { - parent.entryBlock = None - } - if (parent.returnBlock.isDefined && parent.returnBlock == this) { - parent.returnBlock = None - } - + if parent.entryBlock.contains(this) then parent.entryBlock = None + if parent.returnBlock.contains(this) then parent.returnBlock = None // to disconnect call() links that reference jump.parent.parent jump.deParent() } From 72f3bc81c7f758058955c61f61a0a97244ad3df5 Mon Sep 17 00:00:00 2001 From: Alistair Michael Date: Fri, 1 Dec 2023 18:13:43 +1000 Subject: [PATCH 30/42] proc and block graphs --- .../scala/analysis/BasicIRConstProp.scala | 9 +- src/main/scala/analysis/Dependencies.scala | 26 ++- src/main/scala/ir/IRCursor.scala | 158 ++++++++++-------- src/main/scala/ir/Program.scala | 30 ++-- src/main/scala/ir/Statement.scala | 8 +- src/main/scala/ir/Visitor.scala | 5 +- src/main/scala/translating/BAPToIR.scala | 2 +- src/main/scala/translating/IRToBoogie.scala | 2 +- src/main/scala/util/IntrusiveList.scala | 8 + src/main/scala/util/RunUtils.scala | 7 +- 10 files changed, 151 insertions(+), 104 deletions(-) diff --git a/src/main/scala/analysis/BasicIRConstProp.scala b/src/main/scala/analysis/BasicIRConstProp.scala index af421ec67..d04bf25c9 100644 --- a/src/main/scala/analysis/BasicIRConstProp.scala +++ b/src/main/scala/analysis/BasicIRConstProp.scala @@ -74,19 +74,18 @@ trait ILValueAnalysisMisc: case _ => s -type IRNode = IntraProcIRCursor.Node +type IRNode = IRIntraproceduralDependencies.walker.Node object IRSimpleValueAnalysis: + class Solver(prog: Program) extends ILValueAnalysisMisc - with IntraProcDependencies - with Dependencies[IRNode] + with IRIntraproceduralDependencies.ForwardDependencies with Analysis[Map[IRNode, Map[Variable, FlatElement[BitVecLiteral]]]] - //with SimplePushDownWorklistFixpointSolver[IRNode] with SimplePushDownWorklistFixpointSolver[IRNode, Map[Variable, FlatElement[BitVecLiteral]], MapLattice[Variable, FlatElement[BitVecLiteral], ConstantPropagationLattice]] : /* Worklist initial set */ //override val lattice: MapLattice[IRNode, statelattice.type] = MapLattice(statelattice) override val lattice: MapLattice[IRNode, Map[Variable, FlatElement[BitVecLiteral]], MapLattice[Variable, FlatElement[BitVecLiteral], ConstantPropagationLattice]] = MapLattice(statelattice) - override val domain : Set[IRNode] = computeDomain(prog).toSet + override val domain : Set[IRNode] = computeDomain(IntraProcIRCursor, prog.procedures).toSet def transfer(n: IRNode, s: statelattice.Element): statelattice.Element = localTransfer(n, s) diff --git a/src/main/scala/analysis/Dependencies.scala b/src/main/scala/analysis/Dependencies.scala index e32011aec..e507bcaf2 100644 --- a/src/main/scala/analysis/Dependencies.scala +++ b/src/main/scala/analysis/Dependencies.scala @@ -1,5 +1,5 @@ package analysis -import ir.IntraProcIRCursor +import ir.{IRWalk, IntraProcIRCursor, InterProcIRCursor, CFGPosition} /** Dependency methods for worklist-based analyses. */ @@ -32,12 +32,20 @@ trait IntraproceduralForwardDependencies extends Dependencies[CfgNode] { } -trait IntraProcDependencies extends Dependencies[IntraProcIRCursor.Node]: - override def outdep(n: IntraProcIRCursor.Node): Set[IntraProcIRCursor.Node] = IntraProcDependencies.outdep(n) - override def indep(n: IntraProcIRCursor.Node): Set[IntraProcIRCursor.Node] = IntraProcDependencies.indep(n) +class IRDependencies[NT <: CFGPosition](val walker: IRWalk[NT]) { + trait ForwardDependencies extends Dependencies[NT] { + override def outdep(n: NT): Set[NT] = walker.succ(n) -/** Dependency methods for forward analyses. - */ -object IntraProcDependencies extends Dependencies[IntraProcIRCursor.Node]: - override def outdep(n: IntraProcIRCursor.Node): Set[IntraProcIRCursor.Node] = IntraProcIRCursor.succ(n) - override def indep(n: IntraProcIRCursor.Node): Set[IntraProcIRCursor.Node] = IntraProcIRCursor.pred(n) + override def indep(n: NT): Set[NT] = walker.pred(n) + } + + trait BackwardDependencies extends Dependencies[NT] { + override def outdep(n: NT): Set[NT] = walker.pred(n) + + override def indep(n: NT): Set[NT] = walker.succ(n) + } +} + +object IRIntraproceduralDependencies extends IRDependencies[CFGPosition](IntraProcIRCursor) + +object IRInterproceduralDependencies extends IRDependencies[CFGPosition](InterProcIRCursor) diff --git a/src/main/scala/ir/IRCursor.scala b/src/main/scala/ir/IRCursor.scala index 8fea04dd1..89104b3e6 100644 --- a/src/main/scala/ir/IRCursor.scala +++ b/src/main/scala/ir/IRCursor.scala @@ -10,67 +10,29 @@ import scala.annotation.tailrec */ type CFGPosition = Procedure | Block | Command +trait IRWalk[NT <: CFGPosition] { + type Node = NT + def succ(pos: NT): Set[NT] + def pred(pos: NT): Set[NT] -// Interprocedural -// position = (call string) + Position - - - -/* - Closed trace-perspective beginning of a composite IL structure. - */ -def begin(c: CFGPosition): CFGPosition = { - c match { - case p:Procedure => p - case b:Block => b - case s:Statement => s.parent.statements.head() - case s:Jump => s - } -} - -/* - Closed trace-perspective end of a composite IL structure. - */ -def end(c: CFGPosition): CFGPosition = { - c match { - case p:Procedure => p // TODO: not well-defined - case b:Block => b.jump - case s:Statement => s.parent.statements.back() - case s:Jump => s - } } -object IntraProcIRCursor { - type Node = CFGPosition +trait IntraProcIRCursor extends IRWalk[CFGPosition] { def succ(pos: CFGPosition): Set[CFGPosition] = { pos match { - case proc: Procedure => - if proc.entryBlock.isEmpty then proc.returnBlock.toSet else proc.entryBlock.toSet - case b: Block => - if b.statements.isEmpty - then Set(b.jump) - else Set[CFGPosition](b.statements.head()) - case s: Statement => - if (s.parent.statements.hasNext(s)) { - Set(s.parent.statements.getNext(s)) - } else { - Set(s.parent.jump) - } + case proc: Procedure => proc.entryBlock.toSet + case b: Block => Set(b.statements.headOption().getOrElse(b.jump)) + case s: Statement => Set(s.parent.statements.nextOption(s).getOrElse(s.parent.jump)) case j: Jump => j match { case n: GoTo => n.targets.asInstanceOf[Set[CFGPosition]] case c: DirectCall => c.returnTarget match case Some(b) => Set(b) case None => Set() - case i: IndirectCall => - if (i.target.name == "R30") { - Set() - } else { - i.returnTarget match + case i: IndirectCall => i.returnTarget match case Some(block: Block) => Set[CFGPosition](block) case None => Set() - } } } } @@ -84,52 +46,113 @@ object IntraProcIRCursor { Set(s.parent) // predecessor blocks } case j: Jump => if j.parent.statements.isEmpty then Set(j.parent) else Set(j.parent.statements.last) - case b: Block => b.predecessors.map(end) + case b: Block => b.incomingJumps.asInstanceOf[Set[Node]] case proc: Procedure => Set() // intraproc } } } -object InterProcIRCursor { - type Node = CFGPosition +object IntraProcIRCursor extends IntraProcIRCursor +trait IntraProcBlockIRCursor extends IRWalk[Block] { - def succ(pos: CFGPosition): Set[CFGPosition] = { - IntraProcIRCursor.succ(pos) ++ (pos match + @tailrec + final def succ(pos: Node): Set[Node] = { + pos match { + case b: Block => IntraProcIRCursor.succ(b.jump).filter(_.isInstanceOf[Block]).asInstanceOf[Set[Node]] + case s: Command => succ(s.parent) + } + } + + @tailrec + final def pred(pos: Node): Set[Node] = { + pos match { + case b: Block => if b.isEntry then Set() else b.incomingJumps.asInstanceOf[Set[Node]] + case j: Command => pred(j.parent) + } + } +} + +object IntraProcBlockIRCursor extends IntraProcBlockIRCursor + +trait InterProcIRCursor extends IRWalk[CFGPosition] { + + final def succ(pos: Node): Set[Node] = { + pos match case c: DirectCall => Set(c.target) - case _ => Set() - ) + case c: IndirectCall => Set() + case _ => IntraProcIRCursor.succ(pos) } - def pred(pos: CFGPosition): Set[CFGPosition] = { + final def pred(pos: Node): Set[Node] = { IntraProcIRCursor.pred(pos) ++ (pos match - case c: Procedure => c.callers().map(end) - case b: Block => if b.isReturn then b.parent.callers().map(end) else Set() + case c: Procedure => c.incomingCalls().toSet.asInstanceOf[Set[Node]] + case b: Block => if b.isEntry then Set(b.parent) else b.incomingJumps.toSet.asInstanceOf[Set[Node]] case _ => Set() ) } } +object InterProcIRCursor extends InterProcIRCursor + +trait InterProcBlockIRCursor extends IRWalk[Block] { + final def succ(b: Node): Set[Node] = + b.jump match { + case b: GoTo => b.targets + case c: DirectCall => c.target.entryBlock.toSet + case _ => Set() + } + final def pred(b: Node): Set[Node] = if b.isEntry then b.parent.incomingCalls().map(_.parent).toSet else b.incomingJumps.map(_.parent) +} + +trait CallGraph extends IRWalk[Procedure] { + final def succ(b: Node): Set[Node] = b.calls + + final def pred(b: Node): Set[Node] = b.incomingCalls().map(_.target).toSet +} + +object CallGraph extends CallGraph + +object InterProcBlockIRCursor extends IntraProcBlockIRCursor + +def computeDomain[T <: CFGPosition](walker: IRWalk[T], initial: IterableOnce[T]): mutable.Set[T] = { + val domain : mutable.Set[T] = mutable.Set.from(initial) -def computeDomain(prog: Program): mutable.Set[CFGPosition] = { - val domain : mutable.Set[CFGPosition] = mutable.Set.from(prog.procedures) var sizeBefore = 0 var sizeAfter = domain.size while (sizeBefore != sizeAfter) { for (i <- domain) { - domain.addAll(IntraProcIRCursor.succ(i)) - domain.addAll(IntraProcIRCursor.pred(i)) + domain.addAll(walker.succ(i)) + domain.addAll(walker.pred(i)) } sizeBefore = sizeAfter sizeAfter = domain.size } domain -} +} + + +def toDot(program: Program, labels: Map[CFGPosition, String] = Map.empty): String= { + val domain = computeDomain[CFGPosition](IntraProcIRCursor, program.procedures) + toDot[CFGPosition](domain, IntraProcIRCursor, labels) +} + +def dotCallGraph(program: Program, labels: Map[CFGPosition, String] = Map.empty): String= { + val domain = computeDomain[Procedure](CallGraph, program.procedures) + toDot[Procedure](domain, CallGraph, labels) +} + +def dotBlockGraph(program: Program, labels: Map[CFGPosition, String] = Map.empty): String= { + val domain = computeDomain[Block](IntraProcBlockIRCursor, program.procedures.flatMap(_.blocks).toSet) + toDot[Block](domain, IntraProcBlockIRCursor, labels) +} -def toDot(prog: Program, labels: Map[CFGPosition, String] = Map.empty) : String = { - val visited : mutable.Set[CFGPosition] = mutable.Set.from(prog.procedures) +def toDot[T <: CFGPosition](domain: mutable.Set[T], iterator: IRWalk[T], labels: Map[CFGPosition, String]) : String = { + + val visited : mutable.Set[CFGPosition] = mutable.Set.from(domain) var labelcounter = 0 + def label(l: Option[String]) = { l match { case Some(s) => s @@ -142,7 +165,6 @@ def toDot(prog: Program, labels: Map[CFGPosition, String] = Map.empty) : String val dotNodes = mutable.Map[CFGPosition, DotNode]() var dotArrows = mutable.ListBuffer[DotArrow]() - val domain = computeDomain(prog) def nodeText(node: CFGPosition): String = { var text = node match { @@ -165,13 +187,13 @@ def toDot(prog: Program, labels: Map[CFGPosition, String] = Map.empty) : String for (node <- domain) { node match { case s : Call => - IntraProcIRCursor.succ(s).foreach(n => dotArrows.addOne(DotInterArrow(dotNodes(s), dotNodes(n)))) + iterator.succ(s).foreach(n => dotArrows.addOne(DotInterArrow(dotNodes(s), dotNodes(n)))) case s => - IntraProcIRCursor.succ(s).foreach(n => dotArrows.addOne(DotRegularArrow(dotNodes(s), dotNodes(n)))) + iterator.succ(s).foreach(n => dotArrows.addOne(DotRegularArrow(dotNodes(s), dotNodes(n)))) case _ => () } } val allNodes = dotNodes.values.toList.sortBy(n => n.id) new DotGraph("CursorCFG", allNodes, dotArrows).toDotString -} \ No newline at end of file +} diff --git a/src/main/scala/ir/Program.scala b/src/main/scala/ir/Program.scala index 30cf5ec12..9aae1b9f1 100644 --- a/src/main/scala/ir/Program.scala +++ b/src/main/scala/ir/Program.scala @@ -175,18 +175,18 @@ class Procedure private ( var address: Option[Int], var entryBlock: Option[Block], var returnBlock: Option[Block], - private val _blocks: mutable.LinkedHashSet[Block], + private val _blocks: mutable.HashSet[Block], var in: ArrayBuffer[Parameter], var out: ArrayBuffer[Parameter], ) { - private var _callers = new mutable.HashSet[Call] + private var _callers = new mutable.HashSet[DirectCall] // class invariant require(returnBlock.forall(b => _blocks.contains(b)) && entryBlock.forall(b => _blocks.contains(b))) require(_blocks.isEmpty || entryBlock.isDefined) // blocks.nonEmpty ==> entryBlock.isDefined def this(name: String, address: Option[Int] = None , entryBlock: Option[Block] = None, returnBlock: Option[Block] = None, blocks: Iterable[Block] = ArrayBuffer(), in: IterableOnce[Parameter] = ArrayBuffer(), out: IterableOnce[Parameter] = ArrayBuffer()) = { - this(name, address, entryBlock, returnBlock, mutable.LinkedHashSet.from(blocks), ArrayBuffer.from(in), ArrayBuffer.from(out)) + this(name, address, entryBlock, returnBlock, mutable.HashSet.from(blocks), ArrayBuffer.from(in), ArrayBuffer.from(out)) } override def toString: String = { @@ -199,9 +199,13 @@ class Procedure private ( * Block iteration order is defined such that that the entryBlock is first, and no order is defined beyond that. * Both entry block and return block are elements of _blocks. */ - def blocks: View[Block] = entryBlock.view ++ _blocks.filterNot(x => entryBlock.contains(x)) + def blocks: Iterator[Block] = _blocks.iterator - def removeCaller(c: Call): Unit = { + def addCaller(c: DirectCall): Unit = { + _callers.remove(c) + } + + def removeCaller(c: DirectCall): Unit = { _callers.remove(c) } @@ -257,11 +261,9 @@ class Procedure private ( } } - def addCaller(c: Call): Unit = { - _callers.remove(c) - } def callers(): Iterable[Procedure] = _callers.map(_.parent.parent).toSet[Procedure] + def incomingCalls(): Iterator[DirectCall] = _callers.iterator var modifies: mutable.Set[Global] = mutable.Set() @@ -331,7 +333,7 @@ class Block private (var label: String, var address: Option[Int], val statements: IntrusiveList[Statement], private var _jump: Jump, - val incomingJumps: mutable.HashSet[Block], + private val _incomingJumps: mutable.HashSet[GoTo], ) extends IntrusiveListElement, HasParent[Procedure] { statements.foreach(_.setParent(this)) _jump.setParent(this) @@ -353,6 +355,11 @@ class Block private (var label: String, def jump: Jump = _jump + def incomingJumps: immutable.Set[GoTo] = _incomingJumps.toSet + + def addIncomingJump(g: GoTo) = _incomingJumps.add(g) + def removeIncomingJump(g: GoTo) = _incomingJumps.remove(g) + def replaceJump(j: Jump): this.type = { _jump.deParent() j.setParent(this) @@ -360,9 +367,8 @@ class Block private (var label: String, this } - def isReturn: Boolean = this == parent.returnBlock - - def predecessors: immutable.Set[Block] = incomingJumps to immutable.Set + def isEntry: Boolean = parent.entryBlock.contains(this) + def isReturn: Boolean = parent.returnBlock.contains(this) def calls: Set[Procedure] = _jump.calls diff --git a/src/main/scala/ir/Statement.scala b/src/main/scala/ir/Statement.scala index 62f4934ee..7cd6b4eb2 100644 --- a/src/main/scala/ir/Statement.scala +++ b/src/main/scala/ir/Statement.scala @@ -94,16 +94,16 @@ class GoTo private (private var _targets: mutable.Set[Block], override val label def addTarget(t: Block): Unit = { if (_targets.add(t)) { - t.incomingJumps.add(parent) + t.addIncomingJump(this) } } override def linkParent(b: Block): Unit = { - _targets.foreach(_.incomingJumps.add(parent)) + _targets.foreach(_.removeIncomingJump(this)) } override def unlinkParent(): Unit = { - targets.foreach(_.incomingJumps.remove(parent)) + targets.foreach(_.removeIncomingJump(this)) } @@ -111,7 +111,7 @@ class GoTo private (private var _targets: mutable.Set[Block], override val label // making the assumption that blocks only contain the same outgoing edge once // e.g. We don't have two edges going to the same block under different conditions if (_targets.remove(t)) { - t.incomingJumps.remove(parent) + t.removeIncomingJump(this) } } diff --git a/src/main/scala/ir/Visitor.scala b/src/main/scala/ir/Visitor.scala index 0c0773766..c8d008ffc 100644 --- a/src/main/scala/ir/Visitor.scala +++ b/src/main/scala/ir/Visitor.scala @@ -345,17 +345,16 @@ class ConvertToSingleProcedureReturn extends Visitor { val returnBlock = node.parent.parent.returnBlock match { case Some(b) => b - case None => { + case None => val name = node.parent.parent.name + "_return" val returnBlock = new Block(name, None, List(), new IndirectCall(Register("R30", BitVecType(64)), None, None)) node.parent.parent.addBlocks(returnBlock) node.parent.parent.returnBlock = Some(returnBlock) - } } node match case c: IndirectCall => - if c.target.name == "R30" && c.returnTarget.isEmpty && c.parent != c.parent.parent.returnBlock then GoTo(Seq(c.parent.parent.returnBlock.get)) else node + if c.target.name == "R30" && c.returnTarget.isEmpty && !c.parent.isReturn then GoTo(Seq(c.parent.parent.returnBlock.get)) else node case _ => node } } diff --git a/src/main/scala/translating/BAPToIR.scala b/src/main/scala/translating/BAPToIR.scala index a12c54b88..e9513e02a 100644 --- a/src/main/scala/translating/BAPToIR.scala +++ b/src/main/scala/translating/BAPToIR.scala @@ -52,7 +52,7 @@ class BAPToIR(var program: BAPProgram, mainAddress: Int) { // Set entry block to the block with the same address as the procedure or the first in sequence procedure.entryBlock = procedure.blocks.find(b => b.address == procedure.address) - if procedure.entryBlock.isEmpty then procedure.entryBlock = procedure.blocks.headOption + if procedure.entryBlock.isEmpty then procedure.entryBlock = procedure.blocks.nextOption() } diff --git a/src/main/scala/translating/IRToBoogie.scala b/src/main/scala/translating/IRToBoogie.scala index 94b945af9..0a912698c 100644 --- a/src/main/scala/translating/IRToBoogie.scala +++ b/src/main/scala/translating/IRToBoogie.scala @@ -323,7 +323,7 @@ class IRToBoogie(var program: Program, var spec: Specification) { def translateProcedure(p: Procedure, readOnlyMemory: List[BExpr]): BProcedure = { - val body = p.blocks.map(translateBlock).toList + val body = (p.entryBlock.view ++ p.blocks.filterNot(x => p.entryBlock.contains(x))).map(translateBlock).toList val callsRely: Boolean = body.flatMap(_.body).exists(_ match case BProcedureCall("rely", lhs, params, comment) => true diff --git a/src/main/scala/util/IntrusiveList.scala b/src/main/scala/util/IntrusiveList.scala index 8afb59075..0989c77b3 100644 --- a/src/main/scala/util/IntrusiveList.scala +++ b/src/main/scala/util/IntrusiveList.scala @@ -202,6 +202,14 @@ final class IntrusiveList[T <: IntrusiveListElement] private (var numElems: Int, elem.getPrev.asInstanceOf[T] } + def nextOption(elem: T): Option[T] = { + elem.next.asInstanceOf[Option[T]] + } + + def prevOption(elem: T): Option[T] = { + elem.prev.asInstanceOf[Option[T]] + } + object IntrusiveList { def from[T <: IntrusiveListElement](it: IterableOnce[T]): IntrusiveList[T] = { val l = new IntrusiveList[T]() diff --git a/src/main/scala/util/RunUtils.scala b/src/main/scala/util/RunUtils.scala index ddb5628dc..d5106d4b8 100644 --- a/src/main/scala/util/RunUtils.scala +++ b/src/main/scala/util/RunUtils.scala @@ -150,7 +150,7 @@ object RunUtils { val cfg = ProgramCfgFactory().fromIR(IRProgram) - val domain = computeDomain(IRProgram) + val domain = computeDomain(IntraProcIRCursor, IRProgram.procedures) Logger.info("[!] Running Constant Propagation") val constPropSolver = ConstantPropagationSolver(cfg) @@ -160,6 +160,7 @@ object RunUtils { val ilcpsolver = IRSimpleValueAnalysis.Solver(IRProgram) val newCPResult: ilcpsolver.lattice.Element = ilcpsolver.analyze() + val newRes = newCPResult.flatMap((x, y) => y.flatMap { case (_, el) if el == FlatLattice[BitVecLiteral].top || el == FlatLattice[BitVecLiteral].bottom => None case z => Some(z) @@ -193,6 +194,10 @@ object RunUtils { config.analysisDotPath.foreach(s => writeToFile(cfg.toDot(Output.labeler(mraResult, true), Output.dotIder), s"${s}_mra$iteration.dot")) config.analysisResultsPath.foreach(s => writeToFile(printAnalysisResults(cfg, mraResult, iteration), s"${s}_mra$iteration.txt")) + val callGraph = dotCallGraph(IRProgram) + writeToFile(callGraph, "callgraphtest.dot") + writeToFile(dotBlockGraph(IRProgram), "blockgraphtest.dot") + Logger.info("[!] Running MMM") val mmm = MemoryModelMap() mmm.convertMemoryRegions(mraResult, mergedSubroutines) From ba65e4d90aea36d30efa780b1547b60bee9fa69b Mon Sep 17 00:00:00 2001 From: Alistair Michael Date: Wed, 3 Jan 2024 17:46:19 +1000 Subject: [PATCH 31/42] stuff --- .../scala/analysis/BasicIRConstProp.scala | 15 ++-- src/main/scala/analysis/Dependencies.scala | 2 +- src/main/scala/ir/IRCursor.scala | 80 ++++++++++--------- src/main/scala/ir/Program.scala | 77 ++++++++++++++++-- src/main/scala/ir/Visitor.scala | 27 +++++++ src/main/scala/util/IntrusiveList.scala | 31 +++++++ src/main/scala/util/RunUtils.scala | 10 +-- 7 files changed, 183 insertions(+), 59 deletions(-) diff --git a/src/main/scala/analysis/BasicIRConstProp.scala b/src/main/scala/analysis/BasicIRConstProp.scala index d04bf25c9..b00bf9903 100644 --- a/src/main/scala/analysis/BasicIRConstProp.scala +++ b/src/main/scala/analysis/BasicIRConstProp.scala @@ -66,7 +66,7 @@ trait ILValueAnalysisMisc: /** Transfer function for state lattice elements. */ - def localTransfer(n: IntraProcIRCursor.Node, s: statelattice.Element): statelattice.Element = + def localTransfer(n: CFGPosition, s: statelattice.Element): statelattice.Element = n match case la: LocalAssign => s + (la.lhs -> eval(la.rhs, s)) @@ -74,18 +74,17 @@ trait ILValueAnalysisMisc: case _ => s -type IRNode = IRIntraproceduralDependencies.walker.Node object IRSimpleValueAnalysis: class Solver(prog: Program) extends ILValueAnalysisMisc with IRIntraproceduralDependencies.ForwardDependencies - with Analysis[Map[IRNode, Map[Variable, FlatElement[BitVecLiteral]]]] - with SimplePushDownWorklistFixpointSolver[IRNode, Map[Variable, FlatElement[BitVecLiteral]], MapLattice[Variable, FlatElement[BitVecLiteral], ConstantPropagationLattice]] + with Analysis[Map[CFGPosition, Map[Variable, FlatElement[BitVecLiteral]]]] + with SimplePushDownWorklistFixpointSolver[CFGPosition, Map[Variable, FlatElement[BitVecLiteral]], MapLattice[Variable, FlatElement[BitVecLiteral], ConstantPropagationLattice]] : /* Worklist initial set */ - //override val lattice: MapLattice[IRNode, statelattice.type] = MapLattice(statelattice) - override val lattice: MapLattice[IRNode, Map[Variable, FlatElement[BitVecLiteral]], MapLattice[Variable, FlatElement[BitVecLiteral], ConstantPropagationLattice]] = MapLattice(statelattice) + //override val lattice: MapLattice[CFGPosition, statelattice.type] = MapLattice(statelattice) + override val lattice: MapLattice[CFGPosition, Map[Variable, FlatElement[BitVecLiteral]], MapLattice[Variable, FlatElement[BitVecLiteral], ConstantPropagationLattice]] = MapLattice(statelattice) - override val domain : Set[IRNode] = computeDomain(IntraProcIRCursor, prog.procedures).toSet - def transfer(n: IRNode, s: statelattice.Element): statelattice.Element = localTransfer(n, s) + override val domain : Set[CFGPosition] = computeDomain(IntraProcIRCursor, prog.procedures).toSet + def transfer(n: CFGPosition, s: statelattice.Element): statelattice.Element = localTransfer(n, s) diff --git a/src/main/scala/analysis/Dependencies.scala b/src/main/scala/analysis/Dependencies.scala index e507bcaf2..2693ee240 100644 --- a/src/main/scala/analysis/Dependencies.scala +++ b/src/main/scala/analysis/Dependencies.scala @@ -32,7 +32,7 @@ trait IntraproceduralForwardDependencies extends Dependencies[CfgNode] { } -class IRDependencies[NT <: CFGPosition](val walker: IRWalk[NT]) { +class IRDependencies[NT <: CFGPosition](val walker: IRWalk[NT, NT]) { trait ForwardDependencies extends Dependencies[NT] { override def outdep(n: NT): Set[NT] = walker.succ(n) diff --git a/src/main/scala/ir/IRCursor.scala b/src/main/scala/ir/IRCursor.scala index 89104b3e6..b8542e58d 100644 --- a/src/main/scala/ir/IRCursor.scala +++ b/src/main/scala/ir/IRCursor.scala @@ -10,15 +10,12 @@ import scala.annotation.tailrec */ type CFGPosition = Procedure | Block | Command -trait IRWalk[NT <: CFGPosition] { - type Node = NT - def succ(pos: NT): Set[NT] - def pred(pos: NT): Set[NT] - +trait IRWalk[IN <: CFGPosition, NT <: CFGPosition & IN] { + def succ(pos: IN): Set[NT] + def pred(pos: IN): Set[NT] } - -trait IntraProcIRCursor extends IRWalk[CFGPosition] { +trait IntraProcIRCursor extends IRWalk[CFGPosition, CFGPosition] { def succ(pos: CFGPosition): Set[CFGPosition] = { pos match { @@ -46,76 +43,85 @@ trait IntraProcIRCursor extends IRWalk[CFGPosition] { Set(s.parent) // predecessor blocks } case j: Jump => if j.parent.statements.isEmpty then Set(j.parent) else Set(j.parent.statements.last) - case b: Block => b.incomingJumps.asInstanceOf[Set[Node]] + case b: Block => b.incomingJumps.asInstanceOf[Set[CFGPosition]] case proc: Procedure => Set() // intraproc } } } object IntraProcIRCursor extends IntraProcIRCursor -trait IntraProcBlockIRCursor extends IRWalk[Block] { + +trait IntraProcBlockIRCursor extends IRWalk[CFGPosition, Block] { @tailrec - final def succ(pos: Node): Set[Node] = { + final def succ(pos: CFGPosition): Set[Block] = { pos match { - case b: Block => IntraProcIRCursor.succ(b.jump).filter(_.isInstanceOf[Block]).asInstanceOf[Set[Node]] + case b: Block => b.nextBlocks case s: Command => succ(s.parent) + case s: Procedure => s.entryBlock.toSet } } @tailrec - final def pred(pos: Node): Set[Node] = { + final def pred(pos: CFGPosition): Set[Block] = { pos match { - case b: Block => if b.isEntry then Set() else b.incomingJumps.asInstanceOf[Set[Node]] + case b: Block => if b.isEntry then Set.empty else b.incomingJumps.map(_.parent) case j: Command => pred(j.parent) + case s: Procedure => Set.empty } } } - object IntraProcBlockIRCursor extends IntraProcBlockIRCursor -trait InterProcIRCursor extends IRWalk[CFGPosition] { - final def succ(pos: Node): Set[Node] = { +trait InterProcIRCursor extends IRWalk[CFGPosition, CFGPosition] { + + final def succ(pos: CFGPosition): Set[CFGPosition] = { pos match case c: DirectCall => Set(c.target) case c: IndirectCall => Set() case _ => IntraProcIRCursor.succ(pos) } - final def pred(pos: Node): Set[Node] = { + final def pred(pos: CFGPosition): Set[CFGPosition] = { IntraProcIRCursor.pred(pos) ++ (pos match - case c: Procedure => c.incomingCalls().toSet.asInstanceOf[Set[Node]] - case b: Block => if b.isEntry then Set(b.parent) else b.incomingJumps.toSet.asInstanceOf[Set[Node]] + case c: Procedure => c.incomingCalls().toSet.asInstanceOf[Set[CFGPosition]] + case b: Block => if b.isEntry then Set(b.parent) else b.incomingJumps.asInstanceOf[Set[CFGPosition]] case _ => Set() ) } } -object InterProcIRCursor extends InterProcIRCursor -trait InterProcBlockIRCursor extends IRWalk[Block] { - final def succ(b: Node): Set[Node] = - b.jump match { - case b: GoTo => b.targets - case c: DirectCall => c.target.entryBlock.toSet - case _ => Set() +trait InterProcBlockIRCursor extends IRWalk[CFGPosition, Block] { + + final def succ(pos: CFGPosition): Set[Block] = { + pos match { + case s: DirectCall => s.target.entryBlock.toSet + case _ => IntraProcBlockIRCursor.succ(pos) + } + } + + final def pred(pos: CFGPosition): Set[Block] = { + pos match { + case b: Block => if b.isEntry then b.parent.incomingCalls().map(_.parent).toSet else b.prevBlocks + case _ => IntraProcBlockIRCursor.pred(pos) + } } - final def pred(b: Node): Set[Node] = if b.isEntry then b.parent.incomingCalls().map(_.parent).toSet else b.incomingJumps.map(_.parent) } +object InterProcIRCursor extends InterProcIRCursor -trait CallGraph extends IRWalk[Procedure] { - final def succ(b: Node): Set[Node] = b.calls +trait CallGraph extends IRWalk[Procedure, Procedure] { + final def succ(b: Procedure): Set[Procedure] = b.calls - final def pred(b: Node): Set[Node] = b.incomingCalls().map(_.target).toSet + final def pred(b: Procedure): Set[Procedure] = b.incomingCalls().map(_.target).toSet } object CallGraph extends CallGraph object InterProcBlockIRCursor extends IntraProcBlockIRCursor -def computeDomain[T <: CFGPosition](walker: IRWalk[T], initial: IterableOnce[T]): mutable.Set[T] = { - val domain : mutable.Set[T] = mutable.Set.from(initial) - +def computeDomain[T <: CFGPosition, O <: T](walker: IRWalk[T, O], initial: IterableOnce[O]): mutable.Set[O] = { + val domain : mutable.Set[O] = mutable.Set.from(initial) var sizeBefore = 0 var sizeAfter = domain.size @@ -132,22 +138,22 @@ def computeDomain[T <: CFGPosition](walker: IRWalk[T], initial: IterableOnce[T]) def toDot(program: Program, labels: Map[CFGPosition, String] = Map.empty): String= { - val domain = computeDomain[CFGPosition](IntraProcIRCursor, program.procedures) + val domain = computeDomain[CFGPosition, CFGPosition](IntraProcIRCursor, program.procedures) toDot[CFGPosition](domain, IntraProcIRCursor, labels) } def dotCallGraph(program: Program, labels: Map[CFGPosition, String] = Map.empty): String= { - val domain = computeDomain[Procedure](CallGraph, program.procedures) + val domain = computeDomain[Procedure, Procedure](CallGraph, program.procedures) toDot[Procedure](domain, CallGraph, labels) } def dotBlockGraph(program: Program, labels: Map[CFGPosition, String] = Map.empty): String= { - val domain = computeDomain[Block](IntraProcBlockIRCursor, program.procedures.flatMap(_.blocks).toSet) + val domain = computeDomain[CFGPosition, Block](IntraProcBlockIRCursor, program.procedures.flatMap(_.blocks).toSet) toDot[Block](domain, IntraProcBlockIRCursor, labels) } -def toDot[T <: CFGPosition](domain: mutable.Set[T], iterator: IRWalk[T], labels: Map[CFGPosition, String]) : String = { +def toDot[T <: CFGPosition](domain: mutable.Set[T], iterator: IRWalk[? >: T, ?], labels: Map[CFGPosition, String]) : String = { val visited : mutable.Set[CFGPosition] = mutable.Set.from(domain) var labelcounter = 0 diff --git a/src/main/scala/ir/Program.scala b/src/main/scala/ir/Program.scala index 9aae1b9f1..91ca19b38 100644 --- a/src/main/scala/ir/Program.scala +++ b/src/main/scala/ir/Program.scala @@ -1,7 +1,7 @@ package ir import scala.collection.mutable.ArrayBuffer -import scala.collection.{View, immutable, mutable} +import scala.collection.{IterableOnceExtensionMethods, View, immutable, mutable} import boogie.* import analysis.BitVectorEval import intrusiveList.{IntrusiveList, IntrusiveListElement} @@ -16,6 +16,8 @@ trait HasParent[T]: private var _parent: Option[T] = None def parent: T = _parent.get + def parent_=(value: T): Unit = setParent(value) + /** * Update any IL control-flow links implied by this relation. @@ -36,7 +38,7 @@ trait HasParent[T]: protected[this] def unlinkParent(): Unit = () -/** + /** * Remove this element's parent and update any IL control-flow links implied by this relation. * Is idempotent. */ @@ -64,7 +66,7 @@ trait HasParent[T]: class Program(var procedures: ArrayBuffer[Procedure], var mainProcedure: Procedure, var initialMemory: ArrayBuffer[MemorySection], - var readOnlyMemory: ArrayBuffer[MemorySection]) { + var readOnlyMemory: ArrayBuffer[MemorySection]) extends Iterable[CFGPosition] { // This shouldn't be run before indirect calls are resolved def stripUnreachableFunctions(): Unit = { @@ -167,6 +169,19 @@ class Program(var procedures: ArrayBuffer[Procedure], var mainProcedure: Procedu initialMemory = initialMemoryNew } + override def filter(f: CFGPosition => Boolean): Iterable[CFGPosition] = { + val b = mutable.ArrayBuffer[CFGPosition]() + val m = ILMap[CFGPosition](b, n => Some(n).filter(f)) + m.visitProgram(this) + b + } + + def iterator: Iterator[CFGPosition] = { + val b = mutable.ArrayBuffer[CFGPosition]() + val m = ILMap[CFGPosition](b, n => Some(n)) + m.visitProgram(this) + b.iterator + } } @@ -175,7 +190,7 @@ class Procedure private ( var address: Option[Int], var entryBlock: Option[Block], var returnBlock: Option[Block], - private val _blocks: mutable.HashSet[Block], + private val _blocks: mutable.LinkedHashSet[Block], var in: ArrayBuffer[Parameter], var out: ArrayBuffer[Parameter], ) { @@ -183,10 +198,10 @@ class Procedure private ( // class invariant require(returnBlock.forall(b => _blocks.contains(b)) && entryBlock.forall(b => _blocks.contains(b))) - require(_blocks.isEmpty || entryBlock.isDefined) // blocks.nonEmpty ==> entryBlock.isDefined + require(_blocks.isEmpty == entryBlock.isEmpty) // blocks.nonEmpty <==> entryBlock.isDefined def this(name: String, address: Option[Int] = None , entryBlock: Option[Block] = None, returnBlock: Option[Block] = None, blocks: Iterable[Block] = ArrayBuffer(), in: IterableOnce[Parameter] = ArrayBuffer(), out: IterableOnce[Parameter] = ArrayBuffer()) = { - this(name, address, entryBlock, returnBlock, mutable.HashSet.from(blocks), ArrayBuffer.from(in), ArrayBuffer.from(out)) + this(name, address, entryBlock, returnBlock, mutable.LinkedHashSet.from(blocks), ArrayBuffer.from(in), ArrayBuffer.from(out)) } override def toString: String = { @@ -211,9 +226,11 @@ class Procedure private ( def addBlocks(block: Block): Block = { if (!_blocks.contains(block)) { - block.deParent() - block.setParent(this) + block.parent = this _blocks.add(block) + if (entryBlock.isEmpty) { + entryBlock = Some(block) + } } block } @@ -253,6 +270,9 @@ class Procedure private ( block.deParent() _blocks.remove(block) } + if (_blocks.isEmpty) { + entryBlock = None + } block } def removeBlocks(blocks: Iterable[Block]): Unit = { @@ -385,6 +405,47 @@ class Block private (var label: String, s"Block $label with $statementsString\n$jump" } + /** + * @return The intra-procedural set of successor blocks. If the block ends in a call then the empty set is returned. + */ + def nextBlocks: Set[Block] = { + jump match { + case c: GoTo => c.targets + case c: DirectCall => c.returnTarget.toSet + case c: IndirectCall => c.returnTarget.toSet + } + } + + /** + * @return The intra-procedural set of predecessor blocks. + */ + def prevBlocks: Set[Block] = { + incomingJumps.map(_.parent) + } + + /** + * If the block has a single block successor then this returns that block, otherwise None. + * + * @return The successor block if there is exactly one + */ + def singleSuccessor(block: Block): Option[Block] = { + block.jump match { + case c: GoTo if c.targets.size == 1 => c.targets.headOption + case _ => None + } + } + + /** + * If the block has a single block predecessor then this returns that block, otherwise None. + * + * @return The predecessor block if there is exactly one + */ + def singlePredecessor(block: Block): Option[Block] = { + if block.incomingJumps.size == 1 then { + block.incomingJumps.headOption.map(_.parent) + } else None + } + override def equals(obj: scala.Any): Boolean = obj match case b: Block => b.label == this.label diff --git a/src/main/scala/ir/Visitor.scala b/src/main/scala/ir/Visitor.scala index c8d008ffc..1ac8b21b4 100644 --- a/src/main/scala/ir/Visitor.scala +++ b/src/main/scala/ir/Visitor.scala @@ -340,6 +340,33 @@ class VariablesWithoutStoresLoads extends ReadOnlyVisitor { } + + +class ILMap[T](val results: mutable.Growable[T], val apply: CFGPosition => Option[T]) extends ReadOnlyVisitor { + //val results: mutable.Map[CFGPosition, T] = mutable.HashMap[CFGPosition, T]() + + override def visitJump(node: Jump): Jump = { + apply(node).foreach(results += _) + super.visitJump(node) + } + + override def visitStatement(node: Statement): Statement = { + apply(node).foreach(results += _) + super.visitStatement(node) + } + + override def visitBlock(node: Block): Block = { + apply(node).foreach(results += _) + super.visitBlock(node) + } + + override def visitProcedure(node: Procedure): Procedure = { + apply(node).foreach(results += _) + super.visitProcedure(node) + } +} + + class ConvertToSingleProcedureReturn extends Visitor { override def visitJump(node: Jump): Jump = { diff --git a/src/main/scala/util/IntrusiveList.scala b/src/main/scala/util/IntrusiveList.scala index 0989c77b3..ab01c5330 100644 --- a/src/main/scala/util/IntrusiveList.scala +++ b/src/main/scala/util/IntrusiveList.scala @@ -1,9 +1,32 @@ package intrusiveList import scala.collection.mutable + + // TODO: implement IterableOps // So need iterablefactory https://docs.scala-lang.org/overviews/core/custom-collections.html +/** + * A simple intrusive list implementation. + * + * This is a linked list with the links stored as fields within the elements contained in the list, rather + * than boxing the elements in an external list structure. + * + * Therefore this structure can hold any elements that inherit the IntrusiveListElement trait and an intrusive list + * element can only be a member of a single list at a time. + * + * However, this allows us to create an iterator, or simply get the next or previous element from any point in the list, + * as well as insert or remove anywhere in the list without invalidating the iterator. + * + * Insert or remove before or after any element: O(1) + * Create iterator: O(1) + * Find element: O(n) + * + * @param numElems The size of the list + * @param firstElem The first list element if nonempty or none if empty. + * @param lastElem THe last list element if nonempty or none if empty. + * @tparam T + */ final class IntrusiveList[T <: IntrusiveListElement] private (var numElems: Int, var firstElem: Option[T], var lastElem: Option[T]) extends mutable.Iterable[T], mutable.Growable[T]: @@ -264,6 +287,14 @@ trait IntrusiveListElement: this } + def succ(): Option[this.type] = { + next.map(_.asInstanceOf[this.type]) + } + + def pred(): Option[this.type] = { + prev.map(_.asInstanceOf[this.type]) + } + private[intrusiveList] final def append(elem: IntrusiveListElement): IntrusiveListElement = { last().insertAfter(elem) } diff --git a/src/main/scala/util/RunUtils.scala b/src/main/scala/util/RunUtils.scala index d5106d4b8..387012856 100644 --- a/src/main/scala/util/RunUtils.scala +++ b/src/main/scala/util/RunUtils.scala @@ -196,7 +196,7 @@ object RunUtils { val callGraph = dotCallGraph(IRProgram) writeToFile(callGraph, "callgraphtest.dot") - writeToFile(dotBlockGraph(IRProgram), "blockgraphtest.dot") + writeToFile(dotBlockGraph(IRProgram, IRProgram.filter(a => a.isInstanceOf[Block]).map(b => b -> b.toString).toMap), "blockgraphtest.dot") Logger.info("[!] Running MMM") val mmm = MemoryModelMap() @@ -226,13 +226,13 @@ object RunUtils { newIR } - def printAnalysisResults(cfg: Program, result: Map[IntraProcIRCursor.Node, _], iteration: Int): String = { + def printAnalysisResults(cfg: Program, result: Map[CFGPosition, _], iteration: Int): String = { val functionEntries = cfg.procedures val s = StringBuilder() s.append(System.lineSeparator()) for (f <- functionEntries) { - val stack: mutable.Stack[IntraProcIRCursor.Node] = mutable.Stack() - val visited: mutable.Set[IntraProcIRCursor.Node] = mutable.Set() + val stack: mutable.Stack[CFGPosition] = mutable.Stack() + val visited: mutable.Set[CFGPosition] = mutable.Set() stack.push(f) var previousBlock: String = "" var isEntryNode = false @@ -282,7 +282,7 @@ object RunUtils { s.append(System.lineSeparator()) } - def printNode(node: IntraProcIRCursor.Node): Unit = { + def printNode(node: CFGPosition): Unit = { node match { case _: Statement => s.append("[Stmt] ") case _: Procedure => s.append("[FunctionEntry] ") From a94fd52d9ebd1d4c73a0dc236ccaf1c78002f9df Mon Sep 17 00:00:00 2001 From: Alistair Michael Date: Mon, 8 Jan 2024 16:45:20 +1000 Subject: [PATCH 32/42] simpler analysis result printer --- .../scala/analysis/BasicIRConstProp.scala | 40 ++--- src/main/scala/ir/Program.scala | 30 +++- src/main/scala/ir/Visitor.scala | 3 +- src/main/scala/util/RunUtils.scala | 162 ++++++++---------- 4 files changed, 104 insertions(+), 131 deletions(-) diff --git a/src/main/scala/analysis/BasicIRConstProp.scala b/src/main/scala/analysis/BasicIRConstProp.scala index b00bf9903..c5299aea4 100644 --- a/src/main/scala/analysis/BasicIRConstProp.scala +++ b/src/main/scala/analysis/BasicIRConstProp.scala @@ -6,52 +6,38 @@ trait ILValueAnalysisMisc: val valuelattice: ConstantPropagationLattice = ConstantPropagationLattice() val statelattice: MapLattice[Variable, FlatElement[BitVecLiteral], ConstantPropagationLattice] = MapLattice(valuelattice) - def eval(exp: Expr, env: statelattice.Element): valuelattice.Element = + def eval(exp: Expr, env: Map[Variable, FlatElement[BitVecLiteral]]): FlatElement[BitVecLiteral] = import valuelattice._ exp match - case id: Variable => env(id) - case n: BitVecLiteral => bv(n) + case id: Variable => env(id) + case n: BitVecLiteral => bv(n) case ze: ZeroExtend => zero_extend(ze.extension, eval(ze.body, env)) case se: SignExtend => sign_extend(se.extension, eval(se.body, env)) - case e: Extract => extract(e.end, e.start, eval(e.body, env)) + case e: Extract => extract(e.end, e.start, eval(e.body, env)) case bin: BinaryExpr => val left = eval(bin.arg1, env) val right = eval(bin.arg2, env) bin.op match - case BVADD => bvadd(left, right) - case BVSUB => bvsub(left, right) - case BVMUL => bvmul(left, right) + case BVADD => bvadd(left, right) + case BVSUB => bvsub(left, right) + case BVMUL => bvmul(left, right) case BVUDIV => bvudiv(left, right) case BVSDIV => bvsdiv(left, right) case BVSREM => bvsrem(left, right) case BVUREM => bvurem(left, right) case BVSMOD => bvsmod(left, right) - case BVAND => bvand(left, right) - case BVOR => bvor(left, right) - case BVXOR => bvxor(left, right) + case BVAND => bvand(left, right) + case BVOR => bvor(left, right) + case BVXOR => bvxor(left, right) case BVNAND => bvnand(left, right) - case BVNOR => bvnor(left, right) + case BVNOR => bvnor(left, right) case BVXNOR => bvxnor(left, right) - case BVSHL => bvshl(left, right) + case BVSHL => bvshl(left, right) case BVLSHR => bvlshr(left, right) case BVASHR => bvashr(left, right) case BVCOMP => bvcomp(left, right) case BVCONCAT => concat(left, right) - //case BVULE => bvule(left, right) - //case BVUGE => bvuge(left, right) - //case BVULT => bvult(left, right) - //case BVUGT => bvugt(left, right) - - //case BVSLE => bvsle(left, right) - //case BVSGE => bvsge(left, right) - //case BVSLT => bvslt(left, right) - //case BVSGT => bvsgt(left, right) - - //case BVCONCAT => concat(left, right) - //case BVNEQ => bvneq(left, right) - //case BVEQ => bveq(left, right) - case un: UnaryExpr => val arg = eval(un.arg, env) @@ -70,7 +56,7 @@ trait ILValueAnalysisMisc: n match case la: LocalAssign => s + (la.lhs -> eval(la.rhs, s)) - case c: Call => s ++ callerPreservedRegisters.filter(reg => s.keys.exists(_.name == reg)).map(n => Register(n, BitVecType(64)) -> statelattice.sublattice.top).toMap + //case c: Call => s ++ callerPreservedRegisters.filter(reg => s.keys.exists(_.name == reg)).map(n => Register(n, BitVecType(64)) -> statelattice.sublattice.top).toMap case _ => s diff --git a/src/main/scala/ir/Program.scala b/src/main/scala/ir/Program.scala index 91ca19b38..e7d9143b4 100644 --- a/src/main/scala/ir/Program.scala +++ b/src/main/scala/ir/Program.scala @@ -169,18 +169,30 @@ class Program(var procedures: ArrayBuffer[Procedure], var mainProcedure: Procedu initialMemory = initialMemoryNew } - override def filter(f: CFGPosition => Boolean): Iterable[CFGPosition] = { - val b = mutable.ArrayBuffer[CFGPosition]() - val m = ILMap[CFGPosition](b, n => Some(n).filter(f)) - m.visitProgram(this) - b + class ILUnorderedIterator(private val begin: Program) extends Iterator[CFGPosition] { + val stack = mutable.Stack[CFGPosition]() + stack.addAll(begin.procedures) + + override def hasNext: Boolean = { + stack.nonEmpty + } + + override def next(): CFGPosition = { + val n: CFGPosition = stack.pop() + + stack.pushAll(n match { + case p : Procedure => p.blocks + case b: Block => Seq() ++ b.statements ++ Seq(b.jump) + case s: Command => Seq() + }) + + n + } + } def iterator: Iterator[CFGPosition] = { - val b = mutable.ArrayBuffer[CFGPosition]() - val m = ILMap[CFGPosition](b, n => Some(n)) - m.visitProgram(this) - b.iterator + ILUnorderedIterator(this) } } diff --git a/src/main/scala/ir/Visitor.scala b/src/main/scala/ir/Visitor.scala index 1ac8b21b4..c0faaf5ac 100644 --- a/src/main/scala/ir/Visitor.scala +++ b/src/main/scala/ir/Visitor.scala @@ -342,9 +342,8 @@ class VariablesWithoutStoresLoads extends ReadOnlyVisitor { -class ILMap[T](val results: mutable.Growable[T], val apply: CFGPosition => Option[T]) extends ReadOnlyVisitor { +class CFGPositionMap[T](val results: mutable.Growable[T], val apply: CFGPosition => Option[T]) extends ReadOnlyVisitor { //val results: mutable.Map[CFGPosition, T] = mutable.HashMap[CFGPosition, T]() - override def visitJump(node: Jump): Jump = { apply(node).foreach(results += _) super.visitJump(node) diff --git a/src/main/scala/util/RunUtils.scala b/src/main/scala/util/RunUtils.scala index 387012856..014952ace 100644 --- a/src/main/scala/util/RunUtils.scala +++ b/src/main/scala/util/RunUtils.scala @@ -19,7 +19,9 @@ import org.antlr.v4.runtime.{CharStreams, CommonTokenStream} import translating.* import util.Logger import intrusiveList.IntrusiveList +import analysis.CfgCommandNode +import scala.annotation.tailrec import scala.collection.mutable @@ -158,45 +160,50 @@ object RunUtils { def newSolverTest(): Unit = { val ilcpsolver = IRSimpleValueAnalysis.Solver(IRProgram) - val newCPResult: ilcpsolver.lattice.Element = ilcpsolver.analyze() + val newCPResult = ilcpsolver.analyze() + val newCommandDomain = ilcpsolver.domain.filter(_.isInstanceOf[Command]) val newRes = newCPResult.flatMap((x, y) => y.flatMap { case (_, el) if el == FlatLattice[BitVecLiteral].top || el == FlatLattice[BitVecLiteral].bottom => None - case z => Some(z) + case z => Some(x -> z) }) - val oldRes = constPropResult.flatMap((x, y) => y.flatMap { + val oldRes = constPropResult.filter((x,y) => x.isInstanceOf[CfgNodeWithData[CFGPosition]]).flatMap((x, y) => y.flatMap { case (_, el) if el == FlatLattice[BitVecLiteral].top || el == FlatLattice[BitVecLiteral].bottom => None - case z => Some(z) + case z => Some(x.asInstanceOf[CfgNodeWithData[Any]].data -> z) }) val both = newRes.toSet.intersect(oldRes.toSet) - val notnew = (newRes.toSet).filter(x => !both.contains(x)) - val notOld = (oldRes.toSet).filter(x => !both.contains(x)) + val notnew = (newRes.toSet).filter(x => !both.contains(x)).toList.sorted((a, b) => a._2._1.name.compare(b._2._1.name)) + val notOld = (oldRes.toSet).filter(x => !both.contains(x)).toList.sorted((a,b) => a._2._1.name.compare(b._2._1.name)) // newRes and oldRes should have value equality - config.analysisResultsPath.foreach(s => writeToFile(printAnalysisResults(IRProgram, newCPResult, iteration), s"${s}_newconstprop$iteration.txt")) + //config.analysisResultsPath.foreach(s => writeToFile(printAnalysisResults(IRProgram, newCPResult), s"${s}_newconstprop$iteration.txt")) config.analysisResultsPath.foreach(s => writeToFile(toDot(IRProgram), s"program.dot")) config.analysisResultsPath.foreach(s => writeToFile(toDot(IRProgram, newCPResult.map((k,v) => (k, v.toString))), s"program-constprop.dot")) + + config.analysisResultsPath.foreach(s => writeToFile(printAnalysisResults(IRProgram, newCPResult), s"${s}_new_cpres$iteration.txt")) + config.analysisResultsPath.foreach(s => writeToFile(printAnalysisResults(IRProgram, cfg, constPropResult), s"${s}_old_cpres$iteration.txt")) + } newSolverTest() config.analysisDotPath.foreach(s => writeToFile(cfg.toDot(Output.labeler(constPropResult, true), Output.dotIder), s"${s}_constprop$iteration.dot")) - config.analysisResultsPath.foreach(s => writeToFile(printAnalysisResults(cfg, constPropResult, iteration), s"${s}_constprop$iteration.txt")) + config.analysisResultsPath.foreach(s => writeToFile(printAnalysisResults(IRProgram, cfg, constPropResult), s"${s}_constprop$iteration.txt")) config.analysisDotPath.foreach(s => writeToFile(cfg.toDot(Output.labeler(constPropResult, true), Output.dotIder), s"${s}_constprop$iteration.dot")) - config.analysisResultsPath.foreach(s => writeToFile(printAnalysisResults(cfg, constPropResult, iteration), s"${s}_constprop$iteration.txt")) + config.analysisResultsPath.foreach(s => writeToFile(printAnalysisResults(IRProgram, cfg, constPropResult), s"${s}_constprop$iteration.txt")) Logger.info("[!] Running MRA") val mraSolver = MemoryRegionAnalysisSolver(cfg, globalAddresses, globalOffsets, mergedSubroutines, constPropResult) val mraResult = mraSolver.analyze() memoryRegionAnalysisResults = mraResult - config.analysisDotPath.foreach(s => writeToFile(cfg.toDot(Output.labeler(mraResult, true), Output.dotIder), s"${s}_mra$iteration.dot")) - config.analysisResultsPath.foreach(s => writeToFile(printAnalysisResults(cfg, mraResult, iteration), s"${s}_mra$iteration.txt")) - - val callGraph = dotCallGraph(IRProgram) - writeToFile(callGraph, "callgraphtest.dot") - writeToFile(dotBlockGraph(IRProgram, IRProgram.filter(a => a.isInstanceOf[Block]).map(b => b -> b.toString).toMap), "blockgraphtest.dot") + config.analysisDotPath.foreach(s => { + writeToFile(cfg.toDot(Output.labeler(mraResult, true), Output.dotIder), s"${s}_mra$iteration.dot") + writeToFile(dotCallGraph(IRProgram), s"${s}_callgraph$iteration.dot") + writeToFile(dotBlockGraph(IRProgram, IRProgram.filter(_.isInstanceOf[Block]).map(b => b -> b.toString).toMap), s"${s}_blockgraph$iteration.dot") + }) + config.analysisResultsPath.foreach(s => writeToFile(printAnalysisResults(IRProgram, cfg, mraResult), s"${s}_mra$iteration.txt")) Logger.info("[!] Running MMM") val mmm = MemoryModelMap() @@ -207,7 +214,7 @@ object RunUtils { val vsaResult = vsaSolver.analyze() config.analysisDotPath.foreach(s => writeToFile(cfg.toDot(Output.labeler(vsaResult, true), Output.dotIder), s"${s}_vsa$iteration.dot")) - config.analysisResultsPath.foreach(s => writeToFile(printAnalysisResults(cfg, vsaResult, iteration), s"${s}_vsa$iteration.txt")) + config.analysisResultsPath.foreach(s => writeToFile(printAnalysisResults(IRProgram, cfg, vsaResult), s"${s}_vsa$iteration.txt")) Logger.info("[!] Resolving CFG") val (newIR, modified): (Program, Boolean) = resolveCFG(cfg, vsaResult, IRProgram) @@ -226,91 +233,56 @@ object RunUtils { newIR } - def printAnalysisResults(cfg: Program, result: Map[CFGPosition, _], iteration: Int): String = { - val functionEntries = cfg.procedures - val s = StringBuilder() - s.append(System.lineSeparator()) - for (f <- functionEntries) { - val stack: mutable.Stack[CFGPosition] = mutable.Stack() - val visited: mutable.Set[CFGPosition] = mutable.Set() - stack.push(f) - var previousBlock: String = "" - var isEntryNode = false - while (stack.nonEmpty) { - val next = stack.pop() - if (!visited.contains(next)) { - visited.add(next) - next.match { - case c: Block => printBlock(c) - case c: Call => s.append(System.lineSeparator()) - isEntryNode = false - printNode(c) - case c: Command => - if (c.parent.label != previousBlock) { - printBlock(c.parent) - } - s.append(" ") - printNode(c) - previousBlock = c.parent.label - isEntryNode = false - case c: Procedure => - printNode(c) - isEntryNode = true - case _ => isEntryNode = false - } - val successors = IntraProcIRCursor.succ(next) - if (successors.size > 1) { - val successorsCmd = successors.collect { case c: Command => c }.toSeq.sortBy(_.label) - printGoTo(successorsCmd) - for (s <- successorsCmd) { - if (!visited.contains(s)) { - stack.push(s) - } - } - } else if (successors.size == 1) { - val successor = successors.head - if (!visited.contains(successor)) { - stack.push(successor) - } - successor.match { - case c: Command if (c.parent.label != previousBlock) && (!isEntryNode) => printGoTo(Seq(c)) - case _ => - } - } - } - } - s.append(System.lineSeparator()) - } - def printNode(node: CFGPosition): Unit = { + def convertAnalysisResults[T](cfg: ProgramCfg, result: Map[CfgNode, T]): Map[CFGPosition, T] = { + val results = mutable.HashMap[CFGPosition, T]() + result.foreach((node, res) => node match { - case _: Statement => s.append("[Stmt] ") - case _: Procedure => s.append("[FunctionEntry] ") - case _: Jump => s.append("[Jmp] ") + case s: CfgStatementNode => results.addOne(s.data -> res) + case s: CfgFunctionEntryNode => results.addOne(s.data -> res) + case s: CfgCommandNode => results.addOne(s.data -> res) + case s: CfgJumpNode => results.addOne(s.data -> res) case _ => () } + ) - s.append(node) - s.append(" :: ") - s.append(result(node)) - s.append(System.lineSeparator()) - } + results.toMap + } - def printGoTo(nodes: Seq[Command]): Unit = { - s.append("[GoTo] ") - s.append(nodes.map(_.label).mkString(", ")) - s.append(System.lineSeparator()) - s.append(System.lineSeparator()) - } + def printAnalysisResults[T](program: Program, cfg: ProgramCfg, result: Map[CfgNode, T]): String = { + printAnalysisResults(program, convertAnalysisResults(cfg, result)) + } - def printBlock(node: Block): Unit = { - s.append("[Block] ") - s.append(node.label) - s.append(System.lineSeparator()) - } + def printAnalysisResults(prog: Program, result: Map[CFGPosition, _]): String = { + val results = mutable.ArrayBuffer[String]() + val toVisit = mutable.Stack[CFGPosition]() + val visited = mutable.HashSet[CFGPosition]() + toVisit.pushAll(prog.procedures) + + while (toVisit.nonEmpty) { + val next = toVisit.pop() + visited.add(next) + toVisit.addAll(IntraProcBlockIRCursor.succ(next).diff(visited.collect[Block] { + case b: Block => b + })) + + def contentStr(b: CFGPosition) = { + if result.contains(b) then "\n :: " + result(b) + else "" + } + val t = next match + case p: Procedure => s"\nProcedure ${p.name}" + case b: Block => Seq( + s" Block ${b.label}${contentStr(b)}" + , b.statements.map(s => {" " + s.toString + contentStr(s)}).mkString("\n") + , " " + b.jump.toString + contentStr(b.jump)).mkString("\n") + case s: Statement => s" Statement $s${contentStr(s)}" + case s: Jump => s" Jump $s${contentStr(s)}" + results.addOne(t) + } - s.toString() + results.mkString(System.lineSeparator()) } @@ -333,6 +305,10 @@ object RunUtils { if (c.block.label != previousBlock) { printBlock(c) } + c match { + case _: CfgStatementNode => s.append(" ") + case _ => () + } printNode(c) previousBlock = c.block.label isEntryNode = false @@ -346,7 +322,7 @@ object RunUtils { } val successors = next.succIntra if (successors.size > 1) { - val successorsCmd = successors.collect { case c: CfgCommandNode => c }.toSeq.sortBy(_.data.label) + val successorsCmd = successors.collect { case c: CfgCommandNode => c }.toSeq.sortBy(_.data.toString) printGoTo(successorsCmd) for (s <- successorsCmd) { if (!visited.contains(s)) { From 353e1ba9bcbea9294ea94a3028d2730fe97f0557 Mon Sep 17 00:00:00 2001 From: Alistair Michael Date: Wed, 10 Jan 2024 15:38:57 +1000 Subject: [PATCH 33/42] fix result printer and block --- src/main/scala/ir/IRCursor.scala | 4 ++-- src/main/scala/ir/Program.scala | 18 +++++++++--------- src/main/scala/util/RunUtils.scala | 2 +- 3 files changed, 12 insertions(+), 12 deletions(-) diff --git a/src/main/scala/ir/IRCursor.scala b/src/main/scala/ir/IRCursor.scala index b8542e58d..f70d1363d 100644 --- a/src/main/scala/ir/IRCursor.scala +++ b/src/main/scala/ir/IRCursor.scala @@ -56,7 +56,7 @@ trait IntraProcBlockIRCursor extends IRWalk[CFGPosition, Block] { @tailrec final def succ(pos: CFGPosition): Set[Block] = { pos match { - case b: Block => b.nextBlocks + case b: Block => b.nextBlocks.toSet case s: Command => succ(s.parent) case s: Procedure => s.entryBlock.toSet } @@ -103,7 +103,7 @@ trait InterProcBlockIRCursor extends IRWalk[CFGPosition, Block] { final def pred(pos: CFGPosition): Set[Block] = { pos match { - case b: Block => if b.isEntry then b.parent.incomingCalls().map(_.parent).toSet else b.prevBlocks + case b: Block => if b.isEntry then b.parent.incomingCalls().map(_.parent).toSet else b.prevBlocks.toSet case _ => IntraProcBlockIRCursor.pred(pos) } } diff --git a/src/main/scala/ir/Program.scala b/src/main/scala/ir/Program.scala index e7d9143b4..d48b89fc4 100644 --- a/src/main/scala/ir/Program.scala +++ b/src/main/scala/ir/Program.scala @@ -420,18 +420,18 @@ class Block private (var label: String, /** * @return The intra-procedural set of successor blocks. If the block ends in a call then the empty set is returned. */ - def nextBlocks: Set[Block] = { + def nextBlocks: Iterable[Block] = { jump match { case c: GoTo => c.targets - case c: DirectCall => c.returnTarget.toSet - case c: IndirectCall => c.returnTarget.toSet + case c: DirectCall => c.returnTarget + case c: IndirectCall => c.returnTarget } } /** * @return The intra-procedural set of predecessor blocks. */ - def prevBlocks: Set[Block] = { + def prevBlocks: Iterable[Block] = { incomingJumps.map(_.parent) } @@ -440,8 +440,8 @@ class Block private (var label: String, * * @return The successor block if there is exactly one */ - def singleSuccessor(block: Block): Option[Block] = { - block.jump match { + def singleSuccessor: Option[Block] = { + jump match { case c: GoTo if c.targets.size == 1 => c.targets.headOption case _ => None } @@ -452,9 +452,9 @@ class Block private (var label: String, * * @return The predecessor block if there is exactly one */ - def singlePredecessor(block: Block): Option[Block] = { - if block.incomingJumps.size == 1 then { - block.incomingJumps.headOption.map(_.parent) + def singlePredecessor: Option[Block] = { + if incomingJumps.size == 1 then { + incomingJumps.headOption.map(_.parent) } else None } diff --git a/src/main/scala/util/RunUtils.scala b/src/main/scala/util/RunUtils.scala index 014952ace..f92f35cfd 100644 --- a/src/main/scala/util/RunUtils.scala +++ b/src/main/scala/util/RunUtils.scala @@ -262,7 +262,7 @@ object RunUtils { while (toVisit.nonEmpty) { val next = toVisit.pop() visited.add(next) - toVisit.addAll(IntraProcBlockIRCursor.succ(next).diff(visited.collect[Block] { + toVisit.pushAll(IntraProcBlockIRCursor.succ(next).diff(visited.collect[Block] { case b: Block => b })) From 02aeae64ebbb68d4dfe026faab71b30dce471435 Mon Sep 17 00:00:00 2001 From: Alistair Michael Date: Tue, 23 Jan 2024 14:07:38 +1000 Subject: [PATCH 34/42] simplify Dependencies --- .../scala/analysis/BasicIRConstProp.scala | 2 +- src/main/scala/analysis/Dependencies.scala | 28 ++++----- src/main/scala/ir/IRCursor.scala | 1 + src/main/scala/util/RunUtils.scala | 58 +++++++++---------- 4 files changed, 46 insertions(+), 43 deletions(-) diff --git a/src/main/scala/analysis/BasicIRConstProp.scala b/src/main/scala/analysis/BasicIRConstProp.scala index c5299aea4..ac6a634bb 100644 --- a/src/main/scala/analysis/BasicIRConstProp.scala +++ b/src/main/scala/analysis/BasicIRConstProp.scala @@ -64,7 +64,7 @@ trait ILValueAnalysisMisc: object IRSimpleValueAnalysis: class Solver(prog: Program) extends ILValueAnalysisMisc - with IRIntraproceduralDependencies.ForwardDependencies + with IRIntraproceduralForwardDependencies with Analysis[Map[CFGPosition, Map[Variable, FlatElement[BitVecLiteral]]]] with SimplePushDownWorklistFixpointSolver[CFGPosition, Map[Variable, FlatElement[BitVecLiteral]], MapLattice[Variable, FlatElement[BitVecLiteral], ConstantPropagationLattice]] : diff --git a/src/main/scala/analysis/Dependencies.scala b/src/main/scala/analysis/Dependencies.scala index 2693ee240..72989a93a 100644 --- a/src/main/scala/analysis/Dependencies.scala +++ b/src/main/scala/analysis/Dependencies.scala @@ -32,20 +32,22 @@ trait IntraproceduralForwardDependencies extends Dependencies[CfgNode] { } -class IRDependencies[NT <: CFGPosition](val walker: IRWalk[NT, NT]) { - trait ForwardDependencies extends Dependencies[NT] { - override def outdep(n: NT): Set[NT] = walker.succ(n) - - override def indep(n: NT): Set[NT] = walker.pred(n) - } - - trait BackwardDependencies extends Dependencies[NT] { - override def outdep(n: NT): Set[NT] = walker.pred(n) +trait IRInterproceduralForwardDependencies extends Dependencies[CFGPosition] { + override def outdep(n: CFGPosition): Set[CFGPosition] = InterProcIRCursor.succ(n) + override def indep(n: CFGPosition): Set[CFGPosition] = InterProcIRCursor.pred(n) +} - override def indep(n: NT): Set[NT] = walker.succ(n) - } +trait IRIntraproceduralForwardDependencies extends Dependencies[CFGPosition] { + override def outdep(n: CFGPosition): Set[CFGPosition] = IntraProcIRCursor.succ(n) + override def indep(n: CFGPosition): Set[CFGPosition] = IntraProcIRCursor.pred(n) } -object IRIntraproceduralDependencies extends IRDependencies[CFGPosition](IntraProcIRCursor) +trait IRInterproceduralBackwardDependencies extends IRInterproceduralForwardDependencies { + override def outdep(n: CFGPosition): Set[CFGPosition] = super.indep(n) + override def indep(n: CFGPosition): Set[CFGPosition] = super.outdep(n) +} -object IRInterproceduralDependencies extends IRDependencies[CFGPosition](InterProcIRCursor) +trait IRIntraproceduralBackwardDependencies extends IRIntraproceduralForwardDependencies { + override def outdep(n: CFGPosition): Set[CFGPosition] = super.indep(n) + override def indep(n: CFGPosition): Set[CFGPosition] = super.outdep(n) +} diff --git a/src/main/scala/ir/IRCursor.scala b/src/main/scala/ir/IRCursor.scala index f70d1363d..bf549c7dc 100644 --- a/src/main/scala/ir/IRCursor.scala +++ b/src/main/scala/ir/IRCursor.scala @@ -10,6 +10,7 @@ import scala.annotation.tailrec */ type CFGPosition = Procedure | Block | Command +// todo: we could just use the dependencies trait directly instead to avoid the instantiation issue trait IRWalk[IN <: CFGPosition, NT <: CFGPosition & IN] { def succ(pos: IN): Set[NT] def pred(pos: IN): Set[NT] diff --git a/src/main/scala/util/RunUtils.scala b/src/main/scala/util/RunUtils.scala index c410634ed..dace57b3b 100644 --- a/src/main/scala/util/RunUtils.scala +++ b/src/main/scala/util/RunUtils.scala @@ -166,34 +166,34 @@ object RunUtils { val constPropSolver = ConstantPropagationSolver(cfg) val constPropResult = constPropSolver.analyze() - //def newSolverTest(): Unit = { - // val ilcpsolver = IRSimpleValueAnalysis.Solver(IRProgram) - // val newCPResult = ilcpsolver.analyze() - - // val newCommandDomain = ilcpsolver.domain.filter(_.isInstanceOf[Command]) - - // val newRes = newCPResult.flatMap((x, y) => y.flatMap { - // case (_, el) if el == FlatLattice[BitVecLiteral].top || el == FlatLattice[BitVecLiteral].bottom => None - // case z => Some(x -> z) - // }) - // val oldRes = constPropResult.filter((x,y) => x.isInstanceOf[CfgNodeWithData[CFGPosition]]).flatMap((x, y) => y.flatMap { - // case (_, el) if el == FlatLattice[BitVecLiteral].top || el == FlatLattice[BitVecLiteral].bottom => None - // case z => Some(x.asInstanceOf[CfgNodeWithData[Any]].data -> z) - // }) - // val both = newRes.toSet.intersect(oldRes.toSet) - // val notnew = (newRes.toSet).filter(x => !both.contains(x)).toList.sorted((a, b) => a._2._1.name.compare(b._2._1.name)) - // val notOld = (oldRes.toSet).filter(x => !both.contains(x)).toList.sorted((a,b) => a._2._1.name.compare(b._2._1.name)) - // // newRes and oldRes should have value equality - - // //config.analysisResultsPath.foreach(s => writeToFile(printAnalysisResults(IRProgram, newCPResult), s"${s}_newconstprop$iteration.txt")) - // config.analysisResultsPath.foreach(s => writeToFile(toDot(IRProgram), s"program.dot")) - // config.analysisResultsPath.foreach(s => writeToFile(toDot(IRProgram, newCPResult.map((k,v) => (k, v.toString))), s"program-constprop.dot")) - - // config.analysisResultsPath.foreach(s => writeToFile(printAnalysisResults(IRProgram, newCPResult), s"${s}_new_cpres$iteration.txt")) - // config.analysisResultsPath.foreach(s => writeToFile(printAnalysisResults(IRProgram, cfg, constPropResult), s"${s}_old_cpres$iteration.txt")) - - //} - //newSolverTest() + def newSolverTest(): Unit = { + val ilcpsolver = IRSimpleValueAnalysis.Solver(IRProgram) + val newCPResult = ilcpsolver.analyze() + + val newCommandDomain = ilcpsolver.domain.filter(_.isInstanceOf[Command]) + + val newRes = newCPResult.flatMap((x, y) => y.flatMap { + case (_, el) if el == FlatLattice[BitVecLiteral].top || el == FlatLattice[BitVecLiteral].bottom => None + case z => Some(x -> z) + }) + val oldRes = constPropResult.filter((x,y) => x.isInstanceOf[CfgNodeWithData[CFGPosition]]).flatMap((x, y) => y.flatMap { + case (_, el) if el == FlatLattice[BitVecLiteral].top || el == FlatLattice[BitVecLiteral].bottom => None + case z => Some(x.asInstanceOf[CfgNodeWithData[Any]].data -> z) + }) + val both = newRes.toSet.intersect(oldRes.toSet) + val notnew = (newRes.toSet).filter(x => !both.contains(x)).toList.sorted((a, b) => a._2._1.name.compare(b._2._1.name)) + val notOld = (oldRes.toSet).filter(x => !both.contains(x)).toList.sorted((a,b) => a._2._1.name.compare(b._2._1.name)) + // newRes and oldRes should have value equality + + //config.analysisResultsPath.foreach(s => writeToFile(printAnalysisResults(IRProgram, newCPResult), s"${s}_newconstprop$iteration.txt")) + config.analysisResultsPath.foreach(s => writeToFile(toDot(IRProgram), s"program.dot")) + config.analysisResultsPath.foreach(s => writeToFile(toDot(IRProgram, newCPResult.map((k,v) => (k, v.toString))), s"program-constprop.dot")) + + config.analysisResultsPath.foreach(s => writeToFile(printAnalysisResults(IRProgram, newCPResult), s"${s}_new_cpres$iteration.txt")) + config.analysisResultsPath.foreach(s => writeToFile(printAnalysisResults(IRProgram, cfg, constPropResult), s"${s}_old_cpres$iteration.txt")) + + } + newSolverTest() config.analysisDotPath.foreach(s => writeToFile(cfg.toDot(Output.labeler(constPropResult, true), Output.dotIder), s"${s}_constprop$iteration.dot")) config.analysisResultsPath.foreach(s => writeToFile(printAnalysisResults(IRProgram, cfg, constPropResult), s"${s}_constprop$iteration.txt")) @@ -248,8 +248,8 @@ object RunUtils { node match { case s: CfgStatementNode => results.addOne(s.data -> res) case s: CfgFunctionEntryNode => results.addOne(s.data -> res) - case s: CfgCommandNode => results.addOne(s.data -> res) case s: CfgJumpNode => results.addOne(s.data -> res) + case s: CfgCommandNode => results.addOne(s.data -> res) case _ => () } ) From b031e9c6c2c93602e13e4471a0e2e8eecdb32516 Mon Sep 17 00:00:00 2001 From: Alistair Michael Date: Tue, 23 Jan 2024 14:15:24 +1000 Subject: [PATCH 35/42] update expected --- .../clang/basic_function_call_reader.expected | 60 +- .../basic_function_call_reader.expected | 22 +- .../basic_function_call_reader.expected | 48 +- .../basic_function_call_reader.expected | 64 +- .../gcc/basic_function_call_reader.expected | 8 +- .../basic_function_call_reader.expected | 22 +- .../basic_function_call_reader.expected | 16 +- .../basic_function_call_reader.expected | 16 +- .../clang/basic_lock_read.expected | 38 +- .../clang_O2/basic_lock_read.expected | 16 +- .../basic_lock_read.expected | 42 +- .../clang_pic/basic_lock_read.expected | 56 +- .../gcc/basic_lock_read.expected | 18 +- .../gcc_O2/basic_lock_read.expected | 16 +- .../basic_lock_read.expected | 16 +- .../gcc_pic/basic_lock_read.expected | 18 +- .../clang/basic_lock_security_read.expected | 46 +- .../basic_lock_security_read.expected | 14 +- .../basic_lock_security_read.expected | 34 +- .../basic_lock_security_read.expected | 40 +- .../gcc/basic_lock_security_read.expected | 26 +- .../gcc_O2/basic_lock_security_read.expected | 14 +- .../basic_lock_security_read.expected | 24 +- .../gcc_pic/basic_lock_security_read.expected | 26 +- .../clang/basic_operation_evaluation.expected | 16 +- .../basic_operation_evaluation.expected | 32 +- .../basic_operation_evaluation.expected | 32 +- .../gcc/basic_operation_evaluation.expected | 8 +- .../basic_operation_evaluation.expected | 16 +- .../basic_operation_evaluation.expected | 16 +- .../clang/basic_sec_policy_read.expected | 30 +- .../clang_O2/basic_sec_policy_read.expected | 14 +- .../basic_sec_policy_read.expected | 32 +- .../clang_pic/basic_sec_policy_read.expected | 48 +- .../gcc/basic_sec_policy_read.expected | 8 +- .../gcc_O2/basic_sec_policy_read.expected | 14 +- .../basic_sec_policy_read.expected | 16 +- .../gcc_pic/basic_sec_policy_read.expected | 8 +- .../basicfree/clang/basicfree.expected | 14 +- src/test/correct/cjump/clang/cjump.expected | 66 +- .../cjump/clang_no_plt_no_pic/cjump.expected | 64 +- .../correct/cjump/clang_pic/cjump.expected | 54 +- src/test/correct/cjump/gcc/cjump.expected | 24 +- .../cjump/gcc_no_plt_no_pic/cjump.expected | 20 +- src/test/correct/cjump/gcc_pic/cjump.expected | 38 +- .../clang_no_plt_no_pic/function1.expected | 14 +- .../function1/clang_pic/function1.expected | 14 +- .../function1/gcc_pic/function1.expected | 14 +- .../ifbranches/clang/ifbranches.expected | 72 +- .../ifbranches/clang_O2/ifbranches.expected | 16 +- .../clang_no_plt_no_pic/ifbranches.expected | 60 +- .../ifbranches/clang_pic/ifbranches.expected | 60 +- .../ifbranches/gcc/ifbranches.expected | 20 +- .../ifbranches/gcc_O2/ifbranches.expected | 16 +- .../gcc_no_plt_no_pic/ifbranches.expected | 20 +- .../ifbranches/gcc_pic/ifbranches.expected | 20 +- .../correct/ifglobal/clang/ifglobal.expected | 56 +- .../ifglobal/clang_O2/ifglobal.expected | 24 +- .../clang_no_plt_no_pic/ifglobal.expected | 34 +- .../ifglobal/clang_pic/ifglobal.expected | 38 +- .../correct/ifglobal/gcc/ifglobal.expected | 24 +- .../correct/ifglobal/gcc_O2/ifglobal.expected | 16 +- .../gcc_no_plt_no_pic/ifglobal.expected | 16 +- .../ifglobal/gcc_pic/ifglobal.expected | 8 +- .../gcc_O2/indirect_call.expected | 10 +- .../jumptable/gcc_O2/jumptable.expected | 20 +- .../jumptable3/gcc/jumptable3.expected | 822 ++++++++--------- .../jumptable3/gcc_O2/jumptable3.expected | 454 +++++----- .../gcc_no_plt_no_pic/jumptable3.expected | 826 ++++++++--------- .../jumptable3/gcc_pic/jumptable3.expected | 846 +++++++++--------- .../clang/malloc_with_local.expected | 44 +- .../clang_O2/malloc_with_local.expected | 16 +- .../malloc_with_local.expected | 52 +- .../clang_pic/malloc_with_local.expected | 52 +- .../gcc/malloc_with_local.expected | 76 +- .../gcc_O2/malloc_with_local.expected | 14 +- .../malloc_with_local.expected | 72 +- .../gcc_pic/malloc_with_local.expected | 72 +- .../clang/malloc_with_local2.expected | 98 +- .../clang_O2/malloc_with_local2.expected | 16 +- .../malloc_with_local2.expected | 28 +- .../clang_pic/malloc_with_local2.expected | 28 +- .../gcc/malloc_with_local2.expected | 64 +- .../gcc_O2/malloc_with_local2.expected | 14 +- .../malloc_with_local2.expected | 76 +- .../gcc_pic/malloc_with_local2.expected | 76 +- .../clang/malloc_with_local3.expected | 100 +-- .../clang_O2/malloc_with_local3.expected | 16 +- .../malloc_with_local3.expected | 98 +- .../clang_pic/malloc_with_local3.expected | 98 +- .../gcc/malloc_with_local3.expected | 86 +- .../gcc_O2/malloc_with_local3.expected | 18 +- .../malloc_with_local3.expected | 68 +- .../gcc_pic/malloc_with_local3.expected | 68 +- .../multi_malloc/clang/multi_malloc.expected | 60 +- .../clang_O2/multi_malloc.expected | 14 +- .../clang_no_plt_no_pic/multi_malloc.expected | 48 +- .../clang_pic/multi_malloc.expected | 48 +- .../multi_malloc/gcc/multi_malloc.expected | 60 +- .../gcc_no_plt_no_pic/multi_malloc.expected | 62 +- .../gcc_pic/multi_malloc.expected | 62 +- .../correct/nestedif/clang/nestedif.expected | 214 ++--- .../clang_no_plt_no_pic/nestedif.expected | 200 ++--- .../nestedif/clang_pic/nestedif.expected | 200 ++--- .../correct/nestedif/gcc/nestedif.expected | 86 +- .../gcc_no_plt_no_pic/nestedif.expected | 78 +- .../nestedif/gcc_pic/nestedif.expected | 78 +- .../simple_jump/clang/simple_jump.expected | 34 +- .../clang_no_plt_no_pic/simple_jump.expected | 42 +- .../clang_pic/simple_jump.expected | 42 +- src/test/correct/switch/clang/switch.expected | 142 +-- .../clang_no_plt_no_pic/switch.expected | 122 +-- .../correct/switch/clang_pic/switch.expected | 122 +-- src/test/correct/switch/gcc/switch.expected | 60 +- .../switch/gcc_no_plt_no_pic/switch.expected | 40 +- .../correct/switch/gcc_pic/switch.expected | 40 +- src/test/correct/switch2/gcc/switch2.expected | 276 +++--- .../gcc_no_plt_no_pic/switch2.expected | 264 +++--- .../correct/switch2/gcc_pic/switch2.expected | 264 +++--- .../correct/syscall/gcc_O2/syscall.expected | 1 - .../clang/using_gamma_conditional.expected | 56 +- .../clang_O2/using_gamma_conditional.expected | 14 +- .../using_gamma_conditional.expected | 52 +- .../using_gamma_conditional.expected | 50 +- .../gcc/using_gamma_conditional.expected | 6 +- .../gcc_O2/using_gamma_conditional.expected | 22 +- .../using_gamma_conditional.expected | 14 +- .../gcc_pic/using_gamma_conditional.expected | 16 +- .../incorrect/iflocal/clang/iflocal.expected | 40 +- .../clang_no_plt_no_pic/iflocal.expected | 34 +- .../iflocal/clang_pic/iflocal.expected | 34 +- .../incorrect/iflocal/gcc/iflocal.expected | 18 +- .../gcc_no_plt_no_pic/iflocal.expected | 12 +- .../iflocal/gcc_pic/iflocal.expected | 12 +- .../clang/nestedifglobal.expected | 212 ++--- .../nestedifglobal.expected | 196 ++-- .../clang_pic/nestedifglobal.expected | 190 ++-- .../gcc/nestedifglobal.expected | 74 +- .../gcc_no_plt_no_pic/nestedifglobal.expected | 76 +- .../gcc_pic/nestedifglobal.expected | 98 +- 140 files changed, 5012 insertions(+), 5013 deletions(-) diff --git a/src/test/correct/basic_function_call_reader/clang/basic_function_call_reader.expected b/src/test/correct/basic_function_call_reader/clang/basic_function_call_reader.expected index 93060a0bd..e0d4ac96b 100644 --- a/src/test/correct/basic_function_call_reader/clang/basic_function_call_reader.expected +++ b/src/test/correct/basic_function_call_reader/clang/basic_function_call_reader.expected @@ -148,53 +148,53 @@ implementation main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; goto lmain_goto_l00000342, lmain_goto_l00000345; - lmain_goto_l00000342: - assume {:captureState "lmain_goto_l00000342"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l00000342; l00000345: assume {:captureState "l00000345"} true; R8, Gamma_R8 := 1bv64, true; goto l00000348; - l00000348: - assume {:captureState "l00000348"} true; - assert Gamma_R8; - goto l00000348_goto_l0000037a, l00000348_goto_l00000350; - lmain_goto_l00000345: - assume {:captureState "lmain_goto_l00000345"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l00000345; l00000342: assume {:captureState "l00000342"} true; R8, Gamma_R8 := 0bv64, true; goto l00000348; - l00000348_goto_l0000037a: - assume {:captureState "l00000348_goto_l0000037a"} true; - assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); - goto l0000037a; + l00000348: + assume {:captureState "l00000348"} true; + assert Gamma_R8; + goto l00000348_goto_l0000037a, l00000348_goto_l00000350; + l00000350: + assume {:captureState "l00000350"} true; + R8, Gamma_R8 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R8); + assume {:captureState "%00000362"} true; + goto l00000365; + l0000037a: + assume {:captureState "l0000037a"} true; + goto l0000037b; + l0000037b: + assume {:captureState "l0000037b"} true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), 0bv32), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), true); + assume {:captureState "%00000383"} true; + goto l00000365; l00000365: assume {:captureState "l00000365"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto main_return; + lmain_goto_l00000342: + assume {:captureState "lmain_goto_l00000342"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l00000342; + lmain_goto_l00000345: + assume {:captureState "lmain_goto_l00000345"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l00000345; l00000348_goto_l00000350: assume {:captureState "l00000348_goto_l00000350"} true; assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); goto l00000350; - l0000037a: - assume {:captureState "l0000037a"} true; - goto l0000037b; - l0000037b: - assume {:captureState "l0000037b"} true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), 0bv32), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), true); - assume {:captureState "%00000383"} true; - goto l00000365; - l00000350: - assume {:captureState "l00000350"} true; - R8, Gamma_R8 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R8); - assume {:captureState "%00000362"} true; - goto l00000365; + l00000348_goto_l0000037a: + assume {:captureState "l00000348_goto_l0000037a"} true; + assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); + goto l0000037a; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_function_call_reader/clang_O2/basic_function_call_reader.expected b/src/test/correct/basic_function_call_reader/clang_O2/basic_function_call_reader.expected index f6bef86ab..fb01ac4e4 100644 --- a/src/test/correct/basic_function_call_reader/clang_O2/basic_function_call_reader.expected +++ b/src/test/correct/basic_function_call_reader/clang_O2/basic_function_call_reader.expected @@ -130,25 +130,25 @@ implementation main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; goto lmain_goto_l000002fd, lmain_goto_l000002f9; - lmain_goto_l000002fd: - assume {:captureState "lmain_goto_l000002fd"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l000002fd; + l000002fd: + assume {:captureState "l000002fd"} true; + R0, Gamma_R0 := zero_extend32_32(R9[32:0]), Gamma_R9; + goto l00000300; l000002f9: assume {:captureState "l000002f9"} true; R0, Gamma_R0 := 0bv64, true; goto l00000300; + l00000300: + assume {:captureState "l00000300"} true; + goto main_return; lmain_goto_l000002f9: assume {:captureState "lmain_goto_l000002f9"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); goto l000002f9; - l000002fd: - assume {:captureState "l000002fd"} true; - R0, Gamma_R0 := zero_extend32_32(R9[32:0]), Gamma_R9; - goto l00000300; - l00000300: - assume {:captureState "l00000300"} true; - goto main_return; + lmain_goto_l000002fd: + assume {:captureState "lmain_goto_l000002fd"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l000002fd; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_function_call_reader/clang_no_plt_no_pic/basic_function_call_reader.expected b/src/test/correct/basic_function_call_reader/clang_no_plt_no_pic/basic_function_call_reader.expected index d76855070..f041bdf4a 100644 --- a/src/test/correct/basic_function_call_reader/clang_no_plt_no_pic/basic_function_call_reader.expected +++ b/src/test/correct/basic_function_call_reader/clang_no_plt_no_pic/basic_function_call_reader.expected @@ -148,13 +148,6 @@ implementation main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; goto lmain_goto_l00000985, lmain_goto_l00000988; - l0000098b_goto_l00000993: - assume {:captureState "l0000098b_goto_l00000993"} true; - assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); - goto l00000993; - l000009bd: - assume {:captureState "l000009bd"} true; - goto l000009be; l00000988: assume {:captureState "l00000988"} true; R8, Gamma_R8 := 1bv64, true; @@ -163,38 +156,45 @@ implementation main() assume {:captureState "l00000985"} true; R8, Gamma_R8 := 0bv64, true; goto l0000098b; - l0000098b_goto_l000009bd: - assume {:captureState "l0000098b_goto_l000009bd"} true; - assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); - goto l000009bd; + l0000098b: + assume {:captureState "l0000098b"} true; + assert Gamma_R8; + goto l0000098b_goto_l000009bd, l0000098b_goto_l00000993; l00000993: assume {:captureState "l00000993"} true; R8, Gamma_R8 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R8); assume {:captureState "%000009a5"} true; goto l000009a8; - l0000098b: - assume {:captureState "l0000098b"} true; - assert Gamma_R8; - goto l0000098b_goto_l000009bd, l0000098b_goto_l00000993; - lmain_goto_l00000985: - assume {:captureState "lmain_goto_l00000985"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l00000985; + l000009bd: + assume {:captureState "l000009bd"} true; + goto l000009be; + l000009be: + assume {:captureState "l000009be"} true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), 0bv32), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), true); + assume {:captureState "%000009c6"} true; + goto l000009a8; l000009a8: assume {:captureState "l000009a8"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto main_return; + lmain_goto_l00000985: + assume {:captureState "lmain_goto_l00000985"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l00000985; lmain_goto_l00000988: assume {:captureState "lmain_goto_l00000988"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); goto l00000988; - l000009be: - assume {:captureState "l000009be"} true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), 0bv32), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), true); - assume {:captureState "%000009c6"} true; - goto l000009a8; + l0000098b_goto_l00000993: + assume {:captureState "l0000098b_goto_l00000993"} true; + assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); + goto l00000993; + l0000098b_goto_l000009bd: + assume {:captureState "l0000098b_goto_l000009bd"} true; + assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); + goto l000009bd; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_function_call_reader/clang_pic/basic_function_call_reader.expected b/src/test/correct/basic_function_call_reader/clang_pic/basic_function_call_reader.expected index 05710ef52..8ce836552 100644 --- a/src/test/correct/basic_function_call_reader/clang_pic/basic_function_call_reader.expected +++ b/src/test/correct/basic_function_call_reader/clang_pic/basic_function_call_reader.expected @@ -162,53 +162,53 @@ implementation main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; goto lmain_goto_l00000358, lmain_goto_l0000035b; - l00000391: - assume {:captureState "l00000391"} true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), 0bv32), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), true); - assume {:captureState "%00000399"} true; - goto l0000037b; - l00000390: - assume {:captureState "l00000390"} true; - goto l00000391; - lmain_goto_l0000035b: - assume {:captureState "lmain_goto_l0000035b"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l0000035b; - l0000035e_goto_l00000390: - assume {:captureState "l0000035e_goto_l00000390"} true; - assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); - goto l00000390; - l00000358: - assume {:captureState "l00000358"} true; - R8, Gamma_R8 := 0bv64, true; - goto l0000035e; l0000035b: assume {:captureState "l0000035b"} true; R8, Gamma_R8 := 1bv64, true; goto l0000035e; - lmain_goto_l00000358: - assume {:captureState "lmain_goto_l00000358"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l00000358; + l00000358: + assume {:captureState "l00000358"} true; + R8, Gamma_R8 := 0bv64, true; + goto l0000035e; + l0000035e: + assume {:captureState "l0000035e"} true; + assert Gamma_R8; + goto l0000035e_goto_l00000366, l0000035e_goto_l00000390; l00000366: assume {:captureState "l00000366"} true; R8, Gamma_R8 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R8); assume {:captureState "%00000378"} true; goto l0000037b; - l0000035e: - assume {:captureState "l0000035e"} true; - assert Gamma_R8; - goto l0000035e_goto_l00000366, l0000035e_goto_l00000390; - l0000035e_goto_l00000366: - assume {:captureState "l0000035e_goto_l00000366"} true; - assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); - goto l00000366; + l00000390: + assume {:captureState "l00000390"} true; + goto l00000391; + l00000391: + assume {:captureState "l00000391"} true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), 0bv32), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), true); + assume {:captureState "%00000399"} true; + goto l0000037b; l0000037b: assume {:captureState "l0000037b"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto main_return; + lmain_goto_l00000358: + assume {:captureState "lmain_goto_l00000358"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l00000358; + lmain_goto_l0000035b: + assume {:captureState "lmain_goto_l0000035b"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l0000035b; + l0000035e_goto_l00000366: + assume {:captureState "l0000035e_goto_l00000366"} true; + assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); + goto l00000366; + l0000035e_goto_l00000390: + assume {:captureState "l0000035e_goto_l00000390"} true; + assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); + goto l00000390; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_function_call_reader/gcc/basic_function_call_reader.expected b/src/test/correct/basic_function_call_reader/gcc/basic_function_call_reader.expected index 294c48d64..d71c3e779 100644 --- a/src/test/correct/basic_function_call_reader/gcc/basic_function_call_reader.expected +++ b/src/test/correct/basic_function_call_reader/gcc/basic_function_call_reader.expected @@ -145,6 +145,10 @@ implementation main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; goto lmain_goto_l00000349, lmain_goto_l00000332; + l00000332: + assume {:captureState "l00000332"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); + goto l0000033e; l00000349: assume {:captureState "l00000349"} true; R0, Gamma_R0 := 0bv64, true; @@ -157,10 +161,6 @@ implementation main() assume {:captureState "lmain_goto_l00000332"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); goto l00000332; - l00000332: - assume {:captureState "l00000332"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); - goto l0000033e; lmain_goto_l00000349: assume {:captureState "lmain_goto_l00000349"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); diff --git a/src/test/correct/basic_function_call_reader/gcc_O2/basic_function_call_reader.expected b/src/test/correct/basic_function_call_reader/gcc_O2/basic_function_call_reader.expected index de2e3c9a8..d1f5db87f 100644 --- a/src/test/correct/basic_function_call_reader/gcc_O2/basic_function_call_reader.expected +++ b/src/test/correct/basic_function_call_reader/gcc_O2/basic_function_call_reader.expected @@ -104,22 +104,22 @@ implementation main() R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, bvadd64(R0, 20bv64))), (gamma_load32(Gamma_mem, bvadd64(R0, 20bv64)) || L(mem, bvadd64(R0, 20bv64))); assert Gamma_R0; goto lmain_goto_l00000398, lmain_goto_l000001bc; - lmain_goto_l00000398: - assume {:captureState "lmain_goto_l00000398"} true; - assume (bvcomp32(R0[32:0], 0bv32) == 0bv1); - goto l00000398; - lmain_goto_l000001bc: - assume {:captureState "lmain_goto_l000001bc"} true; - assume (bvcomp32(R0[32:0], 0bv32) != 0bv1); - goto l000001bc; - l000001bc: - assume {:captureState "l000001bc"} true; - goto main_return; l00000398: assume {:captureState "l00000398"} true; call rely(); R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, bvadd64(R1, 4bv64))), (gamma_load32(Gamma_mem, bvadd64(R1, 4bv64)) || L(mem, bvadd64(R1, 4bv64))); goto l000001bc; + l000001bc: + assume {:captureState "l000001bc"} true; + goto main_return; + lmain_goto_l000001bc: + assume {:captureState "lmain_goto_l000001bc"} true; + assume (bvcomp32(R0[32:0], 0bv32) != 0bv1); + goto l000001bc; + lmain_goto_l00000398: + assume {:captureState "lmain_goto_l00000398"} true; + assume (bvcomp32(R0[32:0], 0bv32) == 0bv1); + goto l00000398; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_function_call_reader/gcc_no_plt_no_pic/basic_function_call_reader.expected b/src/test/correct/basic_function_call_reader/gcc_no_plt_no_pic/basic_function_call_reader.expected index 17f185280..790fdac03 100644 --- a/src/test/correct/basic_function_call_reader/gcc_no_plt_no_pic/basic_function_call_reader.expected +++ b/src/test/correct/basic_function_call_reader/gcc_no_plt_no_pic/basic_function_call_reader.expected @@ -145,6 +145,10 @@ implementation main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; goto lmain_goto_l0000094e, lmain_goto_l00000937; + l00000937: + assume {:captureState "l00000937"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); + goto l00000943; l0000094e: assume {:captureState "l0000094e"} true; R0, Gamma_R0 := 0bv64, true; @@ -153,18 +157,14 @@ implementation main() assume {:captureState "l00000943"} true; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto main_return; - lmain_goto_l0000094e: - assume {:captureState "lmain_goto_l0000094e"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); - goto l0000094e; lmain_goto_l00000937: assume {:captureState "lmain_goto_l00000937"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); goto l00000937; - l00000937: - assume {:captureState "l00000937"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); - goto l00000943; + lmain_goto_l0000094e: + assume {:captureState "lmain_goto_l0000094e"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); + goto l0000094e; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_function_call_reader/gcc_pic/basic_function_call_reader.expected b/src/test/correct/basic_function_call_reader/gcc_pic/basic_function_call_reader.expected index ccf27321d..274ce16ba 100644 --- a/src/test/correct/basic_function_call_reader/gcc_pic/basic_function_call_reader.expected +++ b/src/test/correct/basic_function_call_reader/gcc_pic/basic_function_call_reader.expected @@ -157,18 +157,10 @@ implementation main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; goto lmain_goto_l0000034b, lmain_goto_l00000334; - lmain_goto_l0000034b: - assume {:captureState "lmain_goto_l0000034b"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); - goto l0000034b; l00000334: assume {:captureState "l00000334"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); goto l00000340; - lmain_goto_l00000334: - assume {:captureState "lmain_goto_l00000334"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); - goto l00000334; l0000034b: assume {:captureState "l0000034b"} true; R0, Gamma_R0 := 0bv64, true; @@ -177,6 +169,14 @@ implementation main() assume {:captureState "l00000340"} true; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto main_return; + lmain_goto_l00000334: + assume {:captureState "lmain_goto_l00000334"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); + goto l00000334; + lmain_goto_l0000034b: + assume {:captureState "lmain_goto_l0000034b"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); + goto l0000034b; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_lock_read/clang/basic_lock_read.expected b/src/test/correct/basic_lock_read/clang/basic_lock_read.expected index d3253af62..db6595a90 100644 --- a/src/test/correct/basic_lock_read/clang/basic_lock_read.expected +++ b/src/test/correct/basic_lock_read/clang/basic_lock_read.expected @@ -143,18 +143,21 @@ implementation main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; goto lmain_goto_l00000330, lmain_goto_l0000032d; - lmain_goto_l00000330: - assume {:captureState "lmain_goto_l00000330"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l00000330; + l00000330: + assume {:captureState "l00000330"} true; + R8, Gamma_R8 := 1bv64, true; + goto l00000333; l0000032d: assume {:captureState "l0000032d"} true; R8, Gamma_R8 := 0bv64, true; goto l00000333; - lmain_goto_l0000032d: - assume {:captureState "lmain_goto_l0000032d"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l0000032d; + l00000333: + assume {:captureState "l00000333"} true; + assert Gamma_R8; + goto l00000333_goto_l0000033b, l00000333_goto_l00000352; + l00000352: + assume {:captureState "l00000352"} true; + goto l00000353; l00000353: assume {:captureState "l00000353"} true; R8, Gamma_R8 := 69632bv64, true; @@ -169,22 +172,19 @@ implementation main() stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 8bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 8bv64), Gamma_R8); assume {:captureState "%0000036f"} true; goto l0000033b; - l00000352: - assume {:captureState "l00000352"} true; - goto l00000353; - l00000330: - assume {:captureState "l00000330"} true; - R8, Gamma_R8 := 1bv64, true; - goto l00000333; - l00000333: - assume {:captureState "l00000333"} true; - assert Gamma_R8; - goto l00000333_goto_l0000033b, l00000333_goto_l00000352; l0000033b: assume {:captureState "l0000033b"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto main_return; + lmain_goto_l0000032d: + assume {:captureState "lmain_goto_l0000032d"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l0000032d; + lmain_goto_l00000330: + assume {:captureState "lmain_goto_l00000330"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l00000330; l00000333_goto_l0000033b: assume {:captureState "l00000333_goto_l0000033b"} true; assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); diff --git a/src/test/correct/basic_lock_read/clang_O2/basic_lock_read.expected b/src/test/correct/basic_lock_read/clang_O2/basic_lock_read.expected index 5225fd5a9..197fdeb2c 100644 --- a/src/test/correct/basic_lock_read/clang_O2/basic_lock_read.expected +++ b/src/test/correct/basic_lock_read/clang_O2/basic_lock_read.expected @@ -109,14 +109,6 @@ implementation main() R8, Gamma_R8 := zero_extend32_32(memory_load32_le(mem, bvadd64(R8, 52bv64))), (gamma_load32(Gamma_mem, bvadd64(R8, 52bv64)) || L(mem, bvadd64(R8, 52bv64))); assert Gamma_R8; goto lmain_goto_l000002dc, lmain_goto_l000002f7; - lmain_goto_l000002dc: - assume {:captureState "lmain_goto_l000002dc"} true; - assume (bvcomp32(R8[32:0], 0bv32) != 0bv1); - goto l000002dc; - lmain_goto_l000002f7: - assume {:captureState "lmain_goto_l000002f7"} true; - assume (bvcomp32(R8[32:0], 0bv32) == 0bv1); - goto l000002f7; l000002dc: assume {:captureState "l000002dc"} true; R8, Gamma_R8 := 69632bv64, true; @@ -132,6 +124,14 @@ implementation main() assume {:captureState "l000002f7"} true; R0, Gamma_R0 := 0bv64, true; goto main_return; + lmain_goto_l000002dc: + assume {:captureState "lmain_goto_l000002dc"} true; + assume (bvcomp32(R8[32:0], 0bv32) != 0bv1); + goto l000002dc; + lmain_goto_l000002f7: + assume {:captureState "lmain_goto_l000002f7"} true; + assume (bvcomp32(R8[32:0], 0bv32) == 0bv1); + goto l000002f7; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_lock_read/clang_no_plt_no_pic/basic_lock_read.expected b/src/test/correct/basic_lock_read/clang_no_plt_no_pic/basic_lock_read.expected index a835774c7..4f8620c1a 100644 --- a/src/test/correct/basic_lock_read/clang_no_plt_no_pic/basic_lock_read.expected +++ b/src/test/correct/basic_lock_read/clang_no_plt_no_pic/basic_lock_read.expected @@ -143,11 +143,14 @@ implementation main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; goto lmain_goto_l0000095b, lmain_goto_l00000958; - l00000966: - assume {:captureState "l00000966"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); - R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; - goto main_return; + l0000095b: + assume {:captureState "l0000095b"} true; + R8, Gamma_R8 := 1bv64, true; + goto l0000095e; + l00000958: + assume {:captureState "l00000958"} true; + R8, Gamma_R8 := 0bv64, true; + goto l0000095e; l0000095e: assume {:captureState "l0000095e"} true; assert Gamma_R8; @@ -155,10 +158,6 @@ implementation main() l0000097d: assume {:captureState "l0000097d"} true; goto l0000097e; - l0000095b: - assume {:captureState "l0000095b"} true; - R8, Gamma_R8 := 1bv64, true; - goto l0000095e; l0000097e: assume {:captureState "l0000097e"} true; R8, Gamma_R8 := 69632bv64, true; @@ -173,26 +172,27 @@ implementation main() stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 8bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 8bv64), Gamma_R8); assume {:captureState "%0000099a"} true; goto l00000966; - l0000095e_goto_l00000966: - assume {:captureState "l0000095e_goto_l00000966"} true; - assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); - goto l00000966; + l00000966: + assume {:captureState "l00000966"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); + R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + lmain_goto_l00000958: + assume {:captureState "lmain_goto_l00000958"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l00000958; lmain_goto_l0000095b: assume {:captureState "lmain_goto_l0000095b"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); goto l0000095b; + l0000095e_goto_l00000966: + assume {:captureState "l0000095e_goto_l00000966"} true; + assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); + goto l00000966; l0000095e_goto_l0000097d: assume {:captureState "l0000095e_goto_l0000097d"} true; assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); goto l0000097d; - l00000958: - assume {:captureState "l00000958"} true; - R8, Gamma_R8 := 0bv64, true; - goto l0000095e; - lmain_goto_l00000958: - assume {:captureState "lmain_goto_l00000958"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l00000958; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_lock_read/clang_pic/basic_lock_read.expected b/src/test/correct/basic_lock_read/clang_pic/basic_lock_read.expected index ee8ff93a5..1ebf43397 100644 --- a/src/test/correct/basic_lock_read/clang_pic/basic_lock_read.expected +++ b/src/test/correct/basic_lock_read/clang_pic/basic_lock_read.expected @@ -155,39 +155,21 @@ implementation main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; goto lmain_goto_l0000033f, lmain_goto_l0000033c; - l00000342_goto_l0000034a: - assume {:captureState "l00000342_goto_l0000034a"} true; - assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); - goto l0000034a; - lmain_goto_l0000033c: - assume {:captureState "lmain_goto_l0000033c"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l0000033c; - l00000342_goto_l00000361: - assume {:captureState "l00000342_goto_l00000361"} true; - assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); - goto l00000361; l0000033f: assume {:captureState "l0000033f"} true; R8, Gamma_R8 := 1bv64, true; goto l00000342; - l00000342: - assume {:captureState "l00000342"} true; - assert Gamma_R8; - goto l00000342_goto_l0000034a, l00000342_goto_l00000361; - l0000034a: - assume {:captureState "l0000034a"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); - R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; - goto main_return; - lmain_goto_l0000033f: - assume {:captureState "lmain_goto_l0000033f"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l0000033f; l0000033c: assume {:captureState "l0000033c"} true; R8, Gamma_R8 := 0bv64, true; goto l00000342; + l00000342: + assume {:captureState "l00000342"} true; + assert Gamma_R8; + goto l00000342_goto_l0000034a, l00000342_goto_l00000361; + l00000361: + assume {:captureState "l00000361"} true; + goto l00000362; l00000362: assume {:captureState "l00000362"} true; R8, Gamma_R8 := 65536bv64, true; @@ -204,9 +186,27 @@ implementation main() stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 8bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 8bv64), Gamma_R8); assume {:captureState "%00000385"} true; goto l0000034a; - l00000361: - assume {:captureState "l00000361"} true; - goto l00000362; + l0000034a: + assume {:captureState "l0000034a"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); + R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + lmain_goto_l0000033c: + assume {:captureState "lmain_goto_l0000033c"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l0000033c; + lmain_goto_l0000033f: + assume {:captureState "lmain_goto_l0000033f"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l0000033f; + l00000342_goto_l0000034a: + assume {:captureState "l00000342_goto_l0000034a"} true; + assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); + goto l0000034a; + l00000342_goto_l00000361: + assume {:captureState "l00000342_goto_l00000361"} true; + assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); + goto l00000361; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_lock_read/gcc/basic_lock_read.expected b/src/test/correct/basic_lock_read/gcc/basic_lock_read.expected index 8103cdd7d..c83f5c166 100644 --- a/src/test/correct/basic_lock_read/gcc/basic_lock_read.expected +++ b/src/test/correct/basic_lock_read/gcc/basic_lock_read.expected @@ -139,11 +139,6 @@ implementation main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; goto lmain_goto_l00000327, lmain_goto_l0000033e; - l00000327: - assume {:captureState "l00000327"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); - R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; - goto main_return; l0000033e: assume {:captureState "l0000033e"} true; R0, Gamma_R0 := 69632bv64, true; @@ -161,14 +156,19 @@ implementation main() stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R0); assume {:captureState "%00000368"} true; goto l00000327; - lmain_goto_l0000033e: - assume {:captureState "lmain_goto_l0000033e"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); - goto l0000033e; + l00000327: + assume {:captureState "l00000327"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); + R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; lmain_goto_l00000327: assume {:captureState "lmain_goto_l00000327"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); goto l00000327; + lmain_goto_l0000033e: + assume {:captureState "lmain_goto_l0000033e"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); + goto l0000033e; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_lock_read/gcc_O2/basic_lock_read.expected b/src/test/correct/basic_lock_read/gcc_O2/basic_lock_read.expected index 5d938582f..2a16b5a6a 100644 --- a/src/test/correct/basic_lock_read/gcc_O2/basic_lock_read.expected +++ b/src/test/correct/basic_lock_read/gcc_O2/basic_lock_read.expected @@ -111,14 +111,6 @@ implementation main() R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, bvadd64(R0, 20bv64))), (gamma_load32(Gamma_mem, bvadd64(R0, 20bv64)) || L(mem, bvadd64(R0, 20bv64))); assert Gamma_R0; goto lmain_goto_l000001bd, lmain_goto_l0000039c; - lmain_goto_l000001bd: - assume {:captureState "lmain_goto_l000001bd"} true; - assume (bvnot1(bvcomp32(R0[32:0], 0bv32)) != 0bv1); - goto l000001bd; - l000001bd: - assume {:captureState "l000001bd"} true; - R0, Gamma_R0 := 0bv64, true; - goto main_return; l0000039c: assume {:captureState "l0000039c"} true; call rely(); @@ -128,6 +120,14 @@ implementation main() assert (memory_load32_le(mem, $z_addr) == z_old); assume {:captureState "%000003a1"} true; goto l000001bd; + l000001bd: + assume {:captureState "l000001bd"} true; + R0, Gamma_R0 := 0bv64, true; + goto main_return; + lmain_goto_l000001bd: + assume {:captureState "lmain_goto_l000001bd"} true; + assume (bvnot1(bvcomp32(R0[32:0], 0bv32)) != 0bv1); + goto l000001bd; lmain_goto_l0000039c: assume {:captureState "lmain_goto_l0000039c"} true; assume (bvnot1(bvcomp32(R0[32:0], 0bv32)) == 0bv1); diff --git a/src/test/correct/basic_lock_read/gcc_no_plt_no_pic/basic_lock_read.expected b/src/test/correct/basic_lock_read/gcc_no_plt_no_pic/basic_lock_read.expected index 74c7870a8..58f5ddf79 100644 --- a/src/test/correct/basic_lock_read/gcc_no_plt_no_pic/basic_lock_read.expected +++ b/src/test/correct/basic_lock_read/gcc_no_plt_no_pic/basic_lock_read.expected @@ -156,19 +156,19 @@ implementation main() stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R0); assume {:captureState "%00000989"} true; goto l00000948; - lmain_goto_l0000095f: - assume {:captureState "lmain_goto_l0000095f"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); - goto l0000095f; - lmain_goto_l00000948: - assume {:captureState "lmain_goto_l00000948"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); - goto l00000948; l00000948: assume {:captureState "l00000948"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto main_return; + lmain_goto_l00000948: + assume {:captureState "lmain_goto_l00000948"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); + goto l00000948; + lmain_goto_l0000095f: + assume {:captureState "lmain_goto_l0000095f"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); + goto l0000095f; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_lock_read/gcc_pic/basic_lock_read.expected b/src/test/correct/basic_lock_read/gcc_pic/basic_lock_read.expected index 1174d31ba..084d0cad4 100644 --- a/src/test/correct/basic_lock_read/gcc_pic/basic_lock_read.expected +++ b/src/test/correct/basic_lock_read/gcc_pic/basic_lock_read.expected @@ -150,11 +150,6 @@ implementation main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; goto lmain_goto_l0000033f, lmain_goto_l00000328; - l00000328: - assume {:captureState "l00000328"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); - R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; - goto main_return; l0000033f: assume {:captureState "l0000033f"} true; R0, Gamma_R0 := 65536bv64, true; @@ -174,14 +169,19 @@ implementation main() stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R0); assume {:captureState "%0000036b"} true; goto l00000328; - lmain_goto_l0000033f: - assume {:captureState "lmain_goto_l0000033f"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); - goto l0000033f; + l00000328: + assume {:captureState "l00000328"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); + R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; lmain_goto_l00000328: assume {:captureState "lmain_goto_l00000328"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); goto l00000328; + lmain_goto_l0000033f: + assume {:captureState "lmain_goto_l0000033f"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); + goto l0000033f; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_lock_security_read/clang/basic_lock_security_read.expected b/src/test/correct/basic_lock_security_read/clang/basic_lock_security_read.expected index 9c992f5d5..cf0ff5fbe 100644 --- a/src/test/correct/basic_lock_security_read/clang/basic_lock_security_read.expected +++ b/src/test/correct/basic_lock_security_read/clang/basic_lock_security_read.expected @@ -141,14 +141,21 @@ implementation main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; goto lmain_goto_l00000329, lmain_goto_l0000032c; + l0000032c: + assume {:captureState "l0000032c"} true; + R8, Gamma_R8 := 1bv64, true; + goto l0000032f; l00000329: assume {:captureState "l00000329"} true; R8, Gamma_R8 := 0bv64, true; goto l0000032f; - l0000032f_goto_l0000034e: - assume {:captureState "l0000032f_goto_l0000034e"} true; - assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); - goto l0000034e; + l0000032f: + assume {:captureState "l0000032f"} true; + assert Gamma_R8; + goto l0000032f_goto_l0000034e, l0000032f_goto_l00000337; + l0000034e: + assume {:captureState "l0000034e"} true; + goto l0000034f; l0000034f: assume {:captureState "l0000034f"} true; R8, Gamma_R8 := 69632bv64, true; @@ -157,34 +164,27 @@ implementation main() stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 8bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 8bv64), Gamma_R8); assume {:captureState "%00000364"} true; goto l00000337; - l0000034e: - assume {:captureState "l0000034e"} true; - goto l0000034f; - l0000032c: - assume {:captureState "l0000032c"} true; - R8, Gamma_R8 := 1bv64, true; - goto l0000032f; - l0000032f: - assume {:captureState "l0000032f"} true; - assert Gamma_R8; - goto l0000032f_goto_l0000034e, l0000032f_goto_l00000337; l00000337: assume {:captureState "l00000337"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto main_return; - l0000032f_goto_l00000337: - assume {:captureState "l0000032f_goto_l00000337"} true; - assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); - goto l00000337; - lmain_goto_l0000032c: - assume {:captureState "lmain_goto_l0000032c"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l0000032c; lmain_goto_l00000329: assume {:captureState "lmain_goto_l00000329"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); goto l00000329; + lmain_goto_l0000032c: + assume {:captureState "lmain_goto_l0000032c"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l0000032c; + l0000032f_goto_l00000337: + assume {:captureState "l0000032f_goto_l00000337"} true; + assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); + goto l00000337; + l0000032f_goto_l0000034e: + assume {:captureState "l0000032f_goto_l0000034e"} true; + assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); + goto l0000034e; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_lock_security_read/clang_O2/basic_lock_security_read.expected b/src/test/correct/basic_lock_security_read/clang_O2/basic_lock_security_read.expected index f52f9605a..d9f9cea02 100644 --- a/src/test/correct/basic_lock_security_read/clang_O2/basic_lock_security_read.expected +++ b/src/test/correct/basic_lock_security_read/clang_O2/basic_lock_security_read.expected @@ -126,25 +126,25 @@ implementation main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; goto lmain_goto_l000002fd, lmain_goto_l000002fa; - lmain_goto_l000002fd: - assume {:captureState "lmain_goto_l000002fd"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l000002fd; l000002fd: assume {:captureState "l000002fd"} true; R0, Gamma_R0 := 0bv64, true; goto l00000300; - l00000300: - assume {:captureState "l00000300"} true; - goto main_return; l000002fa: assume {:captureState "l000002fa"} true; R0, Gamma_R0 := zero_extend32_32(R9[32:0]), Gamma_R9; goto l00000300; + l00000300: + assume {:captureState "l00000300"} true; + goto main_return; lmain_goto_l000002fa: assume {:captureState "lmain_goto_l000002fa"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); goto l000002fa; + lmain_goto_l000002fd: + assume {:captureState "lmain_goto_l000002fd"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l000002fd; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_lock_security_read/clang_no_plt_no_pic/basic_lock_security_read.expected b/src/test/correct/basic_lock_security_read/clang_no_plt_no_pic/basic_lock_security_read.expected index cdc331697..55416eb78 100644 --- a/src/test/correct/basic_lock_security_read/clang_no_plt_no_pic/basic_lock_security_read.expected +++ b/src/test/correct/basic_lock_security_read/clang_no_plt_no_pic/basic_lock_security_read.expected @@ -141,19 +141,18 @@ implementation main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; goto lmain_goto_l0000094a, lmain_goto_l00000947; - l0000094d: - assume {:captureState "l0000094d"} true; - assert Gamma_R8; - goto l0000094d_goto_l00000955, l0000094d_goto_l0000096c; - l00000955: - assume {:captureState "l00000955"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); - R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; - goto main_return; l0000094a: assume {:captureState "l0000094a"} true; R8, Gamma_R8 := 1bv64, true; goto l0000094d; + l00000947: + assume {:captureState "l00000947"} true; + R8, Gamma_R8 := 0bv64, true; + goto l0000094d; + l0000094d: + assume {:captureState "l0000094d"} true; + assert Gamma_R8; + goto l0000094d_goto_l00000955, l0000094d_goto_l0000096c; l0000096c: assume {:captureState "l0000096c"} true; goto l0000096d; @@ -165,6 +164,15 @@ implementation main() stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 8bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 8bv64), Gamma_R8); assume {:captureState "%00000982"} true; goto l00000955; + l00000955: + assume {:captureState "l00000955"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); + R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + lmain_goto_l00000947: + assume {:captureState "lmain_goto_l00000947"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l00000947; lmain_goto_l0000094a: assume {:captureState "lmain_goto_l0000094a"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); @@ -173,18 +181,10 @@ implementation main() assume {:captureState "l0000094d_goto_l00000955"} true; assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); goto l00000955; - l00000947: - assume {:captureState "l00000947"} true; - R8, Gamma_R8 := 0bv64, true; - goto l0000094d; l0000094d_goto_l0000096c: assume {:captureState "l0000094d_goto_l0000096c"} true; assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); goto l0000096c; - lmain_goto_l00000947: - assume {:captureState "lmain_goto_l00000947"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l00000947; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_lock_security_read/clang_pic/basic_lock_security_read.expected b/src/test/correct/basic_lock_security_read/clang_pic/basic_lock_security_read.expected index a28ff8309..79910e11b 100644 --- a/src/test/correct/basic_lock_security_read/clang_pic/basic_lock_security_read.expected +++ b/src/test/correct/basic_lock_security_read/clang_pic/basic_lock_security_read.expected @@ -153,6 +153,10 @@ implementation main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; goto lmain_goto_l00000338, lmain_goto_l0000033b; + l0000033b: + assume {:captureState "l0000033b"} true; + R8, Gamma_R8 := 1bv64, true; + goto l0000033e; l00000338: assume {:captureState "l00000338"} true; R8, Gamma_R8 := 0bv64, true; @@ -161,15 +165,9 @@ implementation main() assume {:captureState "l0000033e"} true; assert Gamma_R8; goto l0000033e_goto_l0000035d, l0000033e_goto_l00000346; - l00000346: - assume {:captureState "l00000346"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); - R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; - goto main_return; - lmain_goto_l0000033b: - assume {:captureState "lmain_goto_l0000033b"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l0000033b; + l0000035d: + assume {:captureState "l0000035d"} true; + goto l0000035e; l0000035e: assume {:captureState "l0000035e"} true; R8, Gamma_R8 := 65536bv64, true; @@ -180,25 +178,27 @@ implementation main() stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 8bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 8bv64), Gamma_R8); assume {:captureState "%0000037a"} true; goto l00000346; - l0000035d: - assume {:captureState "l0000035d"} true; - goto l0000035e; - l0000033b: - assume {:captureState "l0000033b"} true; - R8, Gamma_R8 := 1bv64, true; - goto l0000033e; + l00000346: + assume {:captureState "l00000346"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); + R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; lmain_goto_l00000338: assume {:captureState "lmain_goto_l00000338"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); goto l00000338; - l0000033e_goto_l0000035d: - assume {:captureState "l0000033e_goto_l0000035d"} true; - assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); - goto l0000035d; + lmain_goto_l0000033b: + assume {:captureState "lmain_goto_l0000033b"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l0000033b; l0000033e_goto_l00000346: assume {:captureState "l0000033e_goto_l00000346"} true; assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); goto l00000346; + l0000033e_goto_l0000035d: + assume {:captureState "l0000033e_goto_l0000035d"} true; + assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); + goto l0000035d; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_lock_security_read/gcc/basic_lock_security_read.expected b/src/test/correct/basic_lock_security_read/gcc/basic_lock_security_read.expected index f4c8bea64..4f7c77915 100644 --- a/src/test/correct/basic_lock_security_read/gcc/basic_lock_security_read.expected +++ b/src/test/correct/basic_lock_security_read/gcc/basic_lock_security_read.expected @@ -137,19 +137,6 @@ implementation main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; goto lmain_goto_l00000332, lmain_goto_l0000031b; - l0000031b: - assume {:captureState "l0000031b"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); - R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; - goto main_return; - lmain_goto_l00000332: - assume {:captureState "lmain_goto_l00000332"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); - goto l00000332; - lmain_goto_l0000031b: - assume {:captureState "lmain_goto_l0000031b"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); - goto l0000031b; l00000332: assume {:captureState "l00000332"} true; R0, Gamma_R0 := 69632bv64, true; @@ -159,6 +146,19 @@ implementation main() stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R0); assume {:captureState "%0000034a"} true; goto l0000031b; + l0000031b: + assume {:captureState "l0000031b"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); + R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + lmain_goto_l0000031b: + assume {:captureState "lmain_goto_l0000031b"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); + goto l0000031b; + lmain_goto_l00000332: + assume {:captureState "lmain_goto_l00000332"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); + goto l00000332; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_lock_security_read/gcc_O2/basic_lock_security_read.expected b/src/test/correct/basic_lock_security_read/gcc_O2/basic_lock_security_read.expected index 80e7b4947..bf5fcdb4a 100644 --- a/src/test/correct/basic_lock_security_read/gcc_O2/basic_lock_security_read.expected +++ b/src/test/correct/basic_lock_security_read/gcc_O2/basic_lock_security_read.expected @@ -104,18 +104,18 @@ implementation main() R1, Gamma_R1 := zero_extend32_32(memory_load32_le(mem, bvadd64(R1, 20bv64))), (gamma_load32(Gamma_mem, bvadd64(R1, 20bv64)) || L(mem, bvadd64(R1, 20bv64))); assert Gamma_R1; goto lmain_goto_l000001c2, lmain_goto_l0000039c; - lmain_goto_l000001c2: - assume {:captureState "lmain_goto_l000001c2"} true; - assume (bvnot1(bvcomp32(R1[32:0], 0bv32)) != 0bv1); - goto l000001c2; - l000001c2: - assume {:captureState "l000001c2"} true; - goto main_return; l0000039c: assume {:captureState "l0000039c"} true; call rely(); R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, bvadd64(R2, 4bv64))), (gamma_load32(Gamma_mem, bvadd64(R2, 4bv64)) || L(mem, bvadd64(R2, 4bv64))); goto l000001c2; + l000001c2: + assume {:captureState "l000001c2"} true; + goto main_return; + lmain_goto_l000001c2: + assume {:captureState "lmain_goto_l000001c2"} true; + assume (bvnot1(bvcomp32(R1[32:0], 0bv32)) != 0bv1); + goto l000001c2; lmain_goto_l0000039c: assume {:captureState "lmain_goto_l0000039c"} true; assume (bvnot1(bvcomp32(R1[32:0], 0bv32)) == 0bv1); diff --git a/src/test/correct/basic_lock_security_read/gcc_no_plt_no_pic/basic_lock_security_read.expected b/src/test/correct/basic_lock_security_read/gcc_no_plt_no_pic/basic_lock_security_read.expected index b5394cf56..8fee3b91e 100644 --- a/src/test/correct/basic_lock_security_read/gcc_no_plt_no_pic/basic_lock_security_read.expected +++ b/src/test/correct/basic_lock_security_read/gcc_no_plt_no_pic/basic_lock_security_read.expected @@ -137,28 +137,28 @@ implementation main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; goto lmain_goto_l00000918, lmain_goto_l0000092f; - lmain_goto_l00000918: - assume {:captureState "lmain_goto_l00000918"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); + l0000092f: + assume {:captureState "l0000092f"} true; + R0, Gamma_R0 := 69632bv64, true; + R0, Gamma_R0 := bvadd64(R0, 20bv64), Gamma_R0; + call rely(); + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, R0)), (gamma_load32(Gamma_mem, R0) || L(mem, R0)); + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R0); + assume {:captureState "%00000947"} true; goto l00000918; l00000918: assume {:captureState "l00000918"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto main_return; + lmain_goto_l00000918: + assume {:captureState "lmain_goto_l00000918"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); + goto l00000918; lmain_goto_l0000092f: assume {:captureState "lmain_goto_l0000092f"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); goto l0000092f; - l0000092f: - assume {:captureState "l0000092f"} true; - R0, Gamma_R0 := 69632bv64, true; - R0, Gamma_R0 := bvadd64(R0, 20bv64), Gamma_R0; - call rely(); - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, R0)), (gamma_load32(Gamma_mem, R0) || L(mem, R0)); - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R0); - assume {:captureState "%00000947"} true; - goto l00000918; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_lock_security_read/gcc_pic/basic_lock_security_read.expected b/src/test/correct/basic_lock_security_read/gcc_pic/basic_lock_security_read.expected index 1529b78ce..f002e09a4 100644 --- a/src/test/correct/basic_lock_security_read/gcc_pic/basic_lock_security_read.expected +++ b/src/test/correct/basic_lock_security_read/gcc_pic/basic_lock_security_read.expected @@ -148,19 +148,6 @@ implementation main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; goto lmain_goto_l00000333, lmain_goto_l0000031c; - l0000031c: - assume {:captureState "l0000031c"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); - R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; - goto main_return; - lmain_goto_l00000333: - assume {:captureState "lmain_goto_l00000333"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); - goto l00000333; - lmain_goto_l0000031c: - assume {:captureState "lmain_goto_l0000031c"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); - goto l0000031c; l00000333: assume {:captureState "l00000333"} true; R0, Gamma_R0 := 65536bv64, true; @@ -171,6 +158,19 @@ implementation main() stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R0); assume {:captureState "%0000034c"} true; goto l0000031c; + l0000031c: + assume {:captureState "l0000031c"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); + R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + lmain_goto_l0000031c: + assume {:captureState "lmain_goto_l0000031c"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); + goto l0000031c; + lmain_goto_l00000333: + assume {:captureState "lmain_goto_l00000333"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); + goto l00000333; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_operation_evaluation/clang/basic_operation_evaluation.expected b/src/test/correct/basic_operation_evaluation/clang/basic_operation_evaluation.expected index 97fd6f233..034341749 100644 --- a/src/test/correct/basic_operation_evaluation/clang/basic_operation_evaluation.expected +++ b/src/test/correct/basic_operation_evaluation/clang/basic_operation_evaluation.expected @@ -165,18 +165,14 @@ implementation main() R10, Gamma_R10 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); assert Gamma_R10; goto lmain_goto_l000003c9, lmain_goto_l000003ce; - l000003c9: - assume {:captureState "l000003c9"} true; - R9, Gamma_R9 := 0bv64, true; - goto l000003d1; l000003ce: assume {:captureState "l000003ce"} true; R9, Gamma_R9 := zero_extend32_32(bvsdiv33(sign_extend1_32(R8[32:0]), sign_extend1_32(R10[32:0]))[32:0]), (Gamma_R10 && Gamma_R8); goto l000003d1; - lmain_goto_l000003ce: - assume {:captureState "lmain_goto_l000003ce"} true; - assume (bvcomp32(R10[32:0], 0bv32) == 0bv1); - goto l000003ce; + l000003c9: + assume {:captureState "l000003c9"} true; + R9, Gamma_R9 := 0bv64, true; + goto l000003d1; l000003d1: assume {:captureState "l000003d1"} true; R9, Gamma_R9 := zero_extend32_32(bvmul64(zero_extend32_32(R9[32:0]), zero_extend32_32(R10[32:0]))[32:0]), (Gamma_R10 && Gamma_R9); @@ -195,6 +191,10 @@ implementation main() assume {:captureState "lmain_goto_l000003c9"} true; assume (bvcomp32(R10[32:0], 0bv32) != 0bv1); goto l000003c9; + lmain_goto_l000003ce: + assume {:captureState "lmain_goto_l000003ce"} true; + assume (bvcomp32(R10[32:0], 0bv32) == 0bv1); + goto l000003ce; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_operation_evaluation/clang_no_plt_no_pic/basic_operation_evaluation.expected b/src/test/correct/basic_operation_evaluation/clang_no_plt_no_pic/basic_operation_evaluation.expected index f17cc565f..3e31a9755 100644 --- a/src/test/correct/basic_operation_evaluation/clang_no_plt_no_pic/basic_operation_evaluation.expected +++ b/src/test/correct/basic_operation_evaluation/clang_no_plt_no_pic/basic_operation_evaluation.expected @@ -165,14 +165,14 @@ implementation main() R10, Gamma_R10 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); assert Gamma_R10; goto lmain_goto_l00000ab1, lmain_goto_l00000aac; - lmain_goto_l00000ab1: - assume {:captureState "lmain_goto_l00000ab1"} true; - assume (bvcomp32(R10[32:0], 0bv32) == 0bv1); - goto l00000ab1; - lmain_goto_l00000aac: - assume {:captureState "lmain_goto_l00000aac"} true; - assume (bvcomp32(R10[32:0], 0bv32) != 0bv1); - goto l00000aac; + l00000ab1: + assume {:captureState "l00000ab1"} true; + R9, Gamma_R9 := zero_extend32_32(bvsdiv33(sign_extend1_32(R8[32:0]), sign_extend1_32(R10[32:0]))[32:0]), (Gamma_R10 && Gamma_R8); + goto l00000ab4; + l00000aac: + assume {:captureState "l00000aac"} true; + R9, Gamma_R9 := 0bv64, true; + goto l00000ab4; l00000ab4: assume {:captureState "l00000ab4"} true; R9, Gamma_R9 := zero_extend32_32(bvmul64(zero_extend32_32(R9[32:0]), zero_extend32_32(R10[32:0]))[32:0]), (Gamma_R10 && Gamma_R9); @@ -187,14 +187,14 @@ implementation main() assume {:captureState "%00000aea"} true; R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; goto main_return; - l00000aac: - assume {:captureState "l00000aac"} true; - R9, Gamma_R9 := 0bv64, true; - goto l00000ab4; - l00000ab1: - assume {:captureState "l00000ab1"} true; - R9, Gamma_R9 := zero_extend32_32(bvsdiv33(sign_extend1_32(R8[32:0]), sign_extend1_32(R10[32:0]))[32:0]), (Gamma_R10 && Gamma_R8); - goto l00000ab4; + lmain_goto_l00000aac: + assume {:captureState "lmain_goto_l00000aac"} true; + assume (bvcomp32(R10[32:0], 0bv32) != 0bv1); + goto l00000aac; + lmain_goto_l00000ab1: + assume {:captureState "lmain_goto_l00000ab1"} true; + assume (bvcomp32(R10[32:0], 0bv32) == 0bv1); + goto l00000ab1; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_operation_evaluation/clang_pic/basic_operation_evaluation.expected b/src/test/correct/basic_operation_evaluation/clang_pic/basic_operation_evaluation.expected index f17cc565f..3e31a9755 100644 --- a/src/test/correct/basic_operation_evaluation/clang_pic/basic_operation_evaluation.expected +++ b/src/test/correct/basic_operation_evaluation/clang_pic/basic_operation_evaluation.expected @@ -165,14 +165,14 @@ implementation main() R10, Gamma_R10 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); assert Gamma_R10; goto lmain_goto_l00000ab1, lmain_goto_l00000aac; - lmain_goto_l00000ab1: - assume {:captureState "lmain_goto_l00000ab1"} true; - assume (bvcomp32(R10[32:0], 0bv32) == 0bv1); - goto l00000ab1; - lmain_goto_l00000aac: - assume {:captureState "lmain_goto_l00000aac"} true; - assume (bvcomp32(R10[32:0], 0bv32) != 0bv1); - goto l00000aac; + l00000ab1: + assume {:captureState "l00000ab1"} true; + R9, Gamma_R9 := zero_extend32_32(bvsdiv33(sign_extend1_32(R8[32:0]), sign_extend1_32(R10[32:0]))[32:0]), (Gamma_R10 && Gamma_R8); + goto l00000ab4; + l00000aac: + assume {:captureState "l00000aac"} true; + R9, Gamma_R9 := 0bv64, true; + goto l00000ab4; l00000ab4: assume {:captureState "l00000ab4"} true; R9, Gamma_R9 := zero_extend32_32(bvmul64(zero_extend32_32(R9[32:0]), zero_extend32_32(R10[32:0]))[32:0]), (Gamma_R10 && Gamma_R9); @@ -187,14 +187,14 @@ implementation main() assume {:captureState "%00000aea"} true; R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; goto main_return; - l00000aac: - assume {:captureState "l00000aac"} true; - R9, Gamma_R9 := 0bv64, true; - goto l00000ab4; - l00000ab1: - assume {:captureState "l00000ab1"} true; - R9, Gamma_R9 := zero_extend32_32(bvsdiv33(sign_extend1_32(R8[32:0]), sign_extend1_32(R10[32:0]))[32:0]), (Gamma_R10 && Gamma_R8); - goto l00000ab4; + lmain_goto_l00000aac: + assume {:captureState "lmain_goto_l00000aac"} true; + assume (bvcomp32(R10[32:0], 0bv32) != 0bv1); + goto l00000aac; + lmain_goto_l00000ab1: + assume {:captureState "lmain_goto_l00000ab1"} true; + assume (bvcomp32(R10[32:0], 0bv32) == 0bv1); + goto l00000ab1; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_operation_evaluation/gcc/basic_operation_evaluation.expected b/src/test/correct/basic_operation_evaluation/gcc/basic_operation_evaluation.expected index 34c9a5db9..519a3eea4 100644 --- a/src/test/correct/basic_operation_evaluation/gcc/basic_operation_evaluation.expected +++ b/src/test/correct/basic_operation_evaluation/gcc/basic_operation_evaluation.expected @@ -149,10 +149,6 @@ implementation main() assume {:captureState "l000003b3"} true; R2, Gamma_R2 := 0bv64, true; goto l000003bb; - lmain_goto_l000003b3: - assume {:captureState "lmain_goto_l000003b3"} true; - assume (bvcomp32(R1[32:0], 0bv32) != 0bv1); - goto l000003b3; l000003bb: assume {:captureState "l000003bb"} true; R1, Gamma_R1 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 24bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 24bv64)); @@ -163,6 +159,10 @@ implementation main() R0, Gamma_R0 := 0bv64, true; R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; goto main_return; + lmain_goto_l000003b3: + assume {:captureState "lmain_goto_l000003b3"} true; + assume (bvcomp32(R1[32:0], 0bv32) != 0bv1); + goto l000003b3; lmain_goto_l000003b8: assume {:captureState "lmain_goto_l000003b8"} true; assume (bvcomp32(R1[32:0], 0bv32) == 0bv1); diff --git a/src/test/correct/basic_operation_evaluation/gcc_no_plt_no_pic/basic_operation_evaluation.expected b/src/test/correct/basic_operation_evaluation/gcc_no_plt_no_pic/basic_operation_evaluation.expected index f3a5d85d3..e452e806d 100644 --- a/src/test/correct/basic_operation_evaluation/gcc_no_plt_no_pic/basic_operation_evaluation.expected +++ b/src/test/correct/basic_operation_evaluation/gcc_no_plt_no_pic/basic_operation_evaluation.expected @@ -141,10 +141,10 @@ implementation main() R1, Gamma_R1 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 24bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 24bv64)); assert Gamma_R1; goto lmain_goto_l00000a6e, lmain_goto_l00000a73; - lmain_goto_l00000a6e: - assume {:captureState "lmain_goto_l00000a6e"} true; - assume (bvcomp32(R1[32:0], 0bv32) != 0bv1); - goto l00000a6e; + l00000a73: + assume {:captureState "l00000a73"} true; + R2, Gamma_R2 := zero_extend32_32(bvsdiv33(sign_extend1_32(R0[32:0]), sign_extend1_32(R1[32:0]))[32:0]), (Gamma_R1 && Gamma_R0); + goto l00000a76; l00000a6e: assume {:captureState "l00000a6e"} true; R2, Gamma_R2 := 0bv64, true; @@ -159,14 +159,14 @@ implementation main() R0, Gamma_R0 := 0bv64, true; R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; goto main_return; + lmain_goto_l00000a6e: + assume {:captureState "lmain_goto_l00000a6e"} true; + assume (bvcomp32(R1[32:0], 0bv32) != 0bv1); + goto l00000a6e; lmain_goto_l00000a73: assume {:captureState "lmain_goto_l00000a73"} true; assume (bvcomp32(R1[32:0], 0bv32) == 0bv1); goto l00000a73; - l00000a73: - assume {:captureState "l00000a73"} true; - R2, Gamma_R2 := zero_extend32_32(bvsdiv33(sign_extend1_32(R0[32:0]), sign_extend1_32(R1[32:0]))[32:0]), (Gamma_R1 && Gamma_R0); - goto l00000a76; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_operation_evaluation/gcc_pic/basic_operation_evaluation.expected b/src/test/correct/basic_operation_evaluation/gcc_pic/basic_operation_evaluation.expected index f3a5d85d3..e452e806d 100644 --- a/src/test/correct/basic_operation_evaluation/gcc_pic/basic_operation_evaluation.expected +++ b/src/test/correct/basic_operation_evaluation/gcc_pic/basic_operation_evaluation.expected @@ -141,10 +141,10 @@ implementation main() R1, Gamma_R1 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 24bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 24bv64)); assert Gamma_R1; goto lmain_goto_l00000a6e, lmain_goto_l00000a73; - lmain_goto_l00000a6e: - assume {:captureState "lmain_goto_l00000a6e"} true; - assume (bvcomp32(R1[32:0], 0bv32) != 0bv1); - goto l00000a6e; + l00000a73: + assume {:captureState "l00000a73"} true; + R2, Gamma_R2 := zero_extend32_32(bvsdiv33(sign_extend1_32(R0[32:0]), sign_extend1_32(R1[32:0]))[32:0]), (Gamma_R1 && Gamma_R0); + goto l00000a76; l00000a6e: assume {:captureState "l00000a6e"} true; R2, Gamma_R2 := 0bv64, true; @@ -159,14 +159,14 @@ implementation main() R0, Gamma_R0 := 0bv64, true; R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; goto main_return; + lmain_goto_l00000a6e: + assume {:captureState "lmain_goto_l00000a6e"} true; + assume (bvcomp32(R1[32:0], 0bv32) != 0bv1); + goto l00000a6e; lmain_goto_l00000a73: assume {:captureState "lmain_goto_l00000a73"} true; assume (bvcomp32(R1[32:0], 0bv32) == 0bv1); goto l00000a73; - l00000a73: - assume {:captureState "l00000a73"} true; - R2, Gamma_R2 := zero_extend32_32(bvsdiv33(sign_extend1_32(R0[32:0]), sign_extend1_32(R1[32:0]))[32:0]), (Gamma_R1 && Gamma_R0); - goto l00000a76; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_sec_policy_read/clang/basic_sec_policy_read.expected b/src/test/correct/basic_sec_policy_read/clang/basic_sec_policy_read.expected index 0c515af45..3c10d40f5 100644 --- a/src/test/correct/basic_sec_policy_read/clang/basic_sec_policy_read.expected +++ b/src/test/correct/basic_sec_policy_read/clang/basic_sec_policy_read.expected @@ -152,31 +152,27 @@ implementation main() assume {:captureState "l00000336"} true; R8, Gamma_R8 := 0bv64, true; goto l0000033c; - l0000033c_goto_l0000035b: - assume {:captureState "l0000033c_goto_l0000035b"} true; - assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); - goto l0000035b; + l0000033c: + assume {:captureState "l0000033c"} true; + assert Gamma_R8; + goto l0000033c_goto_l0000035b, l0000033c_goto_l00000344; + l0000035b: + assume {:captureState "l0000035b"} true; + goto l0000035c; l0000035c: assume {:captureState "l0000035c"} true; stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 8bv64), 0bv32), gamma_store32(Gamma_stack, bvadd64(R31, 8bv64), true); assume {:captureState "%00000364"} true; goto l00000344; - l0000035b: - assume {:captureState "l0000035b"} true; - goto l0000035c; - lmain_goto_l00000336: - assume {:captureState "lmain_goto_l00000336"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); - goto l00000336; l00000344: assume {:captureState "l00000344"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto main_return; - l0000033c: - assume {:captureState "l0000033c"} true; - assert Gamma_R8; - goto l0000033c_goto_l0000035b, l0000033c_goto_l00000344; + lmain_goto_l00000336: + assume {:captureState "lmain_goto_l00000336"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); + goto l00000336; lmain_goto_l00000339: assume {:captureState "lmain_goto_l00000339"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); @@ -185,6 +181,10 @@ implementation main() assume {:captureState "l0000033c_goto_l00000344"} true; assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); goto l00000344; + l0000033c_goto_l0000035b: + assume {:captureState "l0000033c_goto_l0000035b"} true; + assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); + goto l0000035b; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_sec_policy_read/clang_O2/basic_sec_policy_read.expected b/src/test/correct/basic_sec_policy_read/clang_O2/basic_sec_policy_read.expected index 6723d3553..64769e137 100644 --- a/src/test/correct/basic_sec_policy_read/clang_O2/basic_sec_policy_read.expected +++ b/src/test/correct/basic_sec_policy_read/clang_O2/basic_sec_policy_read.expected @@ -126,25 +126,25 @@ implementation main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; goto lmain_goto_l000002fd, lmain_goto_l000002fa; - lmain_goto_l000002fd: - assume {:captureState "lmain_goto_l000002fd"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l000002fd; l000002fd: assume {:captureState "l000002fd"} true; R0, Gamma_R0 := 0bv64, true; goto l00000300; - l00000300: - assume {:captureState "l00000300"} true; - goto main_return; l000002fa: assume {:captureState "l000002fa"} true; R0, Gamma_R0 := zero_extend32_32(R9[32:0]), Gamma_R9; goto l00000300; + l00000300: + assume {:captureState "l00000300"} true; + goto main_return; lmain_goto_l000002fa: assume {:captureState "lmain_goto_l000002fa"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); goto l000002fa; + lmain_goto_l000002fd: + assume {:captureState "lmain_goto_l000002fd"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l000002fd; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_sec_policy_read/clang_no_plt_no_pic/basic_sec_policy_read.expected b/src/test/correct/basic_sec_policy_read/clang_no_plt_no_pic/basic_sec_policy_read.expected index ba7f619ce..d8d8d2f6c 100644 --- a/src/test/correct/basic_sec_policy_read/clang_no_plt_no_pic/basic_sec_policy_read.expected +++ b/src/test/correct/basic_sec_policy_read/clang_no_plt_no_pic/basic_sec_policy_read.expected @@ -144,39 +144,31 @@ implementation main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; goto lmain_goto_l00000954, lmain_goto_l00000957; - l0000095a_goto_l00000962: - assume {:captureState "l0000095a_goto_l00000962"} true; - assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); - goto l00000962; l00000957: assume {:captureState "l00000957"} true; R8, Gamma_R8 := 1bv64, true; goto l0000095a; - l00000979: - assume {:captureState "l00000979"} true; - goto l0000097a; l00000954: assume {:captureState "l00000954"} true; R8, Gamma_R8 := 0bv64, true; goto l0000095a; - l00000962: - assume {:captureState "l00000962"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); - R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; - goto main_return; l0000095a: assume {:captureState "l0000095a"} true; assert Gamma_R8; goto l0000095a_goto_l00000962, l0000095a_goto_l00000979; + l00000979: + assume {:captureState "l00000979"} true; + goto l0000097a; l0000097a: assume {:captureState "l0000097a"} true; stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 8bv64), 0bv32), gamma_store32(Gamma_stack, bvadd64(R31, 8bv64), true); assume {:captureState "%00000982"} true; goto l00000962; - l0000095a_goto_l00000979: - assume {:captureState "l0000095a_goto_l00000979"} true; - assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); - goto l00000979; + l00000962: + assume {:captureState "l00000962"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); + R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; lmain_goto_l00000954: assume {:captureState "lmain_goto_l00000954"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); @@ -185,6 +177,14 @@ implementation main() assume {:captureState "lmain_goto_l00000957"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); goto l00000957; + l0000095a_goto_l00000962: + assume {:captureState "l0000095a_goto_l00000962"} true; + assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); + goto l00000962; + l0000095a_goto_l00000979: + assume {:captureState "l0000095a_goto_l00000979"} true; + assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); + goto l00000979; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_sec_policy_read/clang_pic/basic_sec_policy_read.expected b/src/test/correct/basic_sec_policy_read/clang_pic/basic_sec_policy_read.expected index 74817c8d5..9f2fb9d46 100644 --- a/src/test/correct/basic_sec_policy_read/clang_pic/basic_sec_policy_read.expected +++ b/src/test/correct/basic_sec_policy_read/clang_pic/basic_sec_policy_read.expected @@ -158,47 +158,47 @@ implementation main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; goto lmain_goto_l0000034c, lmain_goto_l0000034f; - l00000352_goto_l00000371: - assume {:captureState "l00000352_goto_l00000371"} true; - assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); - goto l00000371; - l00000352_goto_l0000035a: - assume {:captureState "l00000352_goto_l0000035a"} true; - assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); - goto l0000035a; l0000034f: assume {:captureState "l0000034f"} true; R8, Gamma_R8 := 1bv64, true; goto l00000352; - lmain_goto_l0000034c: - assume {:captureState "lmain_goto_l0000034c"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); - goto l0000034c; - lmain_goto_l0000034f: - assume {:captureState "lmain_goto_l0000034f"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); - goto l0000034f; - l00000352: - assume {:captureState "l00000352"} true; - assert Gamma_R8; - goto l00000352_goto_l00000371, l00000352_goto_l0000035a; l0000034c: assume {:captureState "l0000034c"} true; R8, Gamma_R8 := 0bv64, true; goto l00000352; + l00000352: + assume {:captureState "l00000352"} true; + assert Gamma_R8; + goto l00000352_goto_l00000371, l00000352_goto_l0000035a; l00000371: assume {:captureState "l00000371"} true; goto l00000372; + l00000372: + assume {:captureState "l00000372"} true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 8bv64), 0bv32), gamma_store32(Gamma_stack, bvadd64(R31, 8bv64), true); + assume {:captureState "%0000037a"} true; + goto l0000035a; l0000035a: assume {:captureState "l0000035a"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto main_return; - l00000372: - assume {:captureState "l00000372"} true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 8bv64), 0bv32), gamma_store32(Gamma_stack, bvadd64(R31, 8bv64), true); - assume {:captureState "%0000037a"} true; + lmain_goto_l0000034c: + assume {:captureState "lmain_goto_l0000034c"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); + goto l0000034c; + lmain_goto_l0000034f: + assume {:captureState "lmain_goto_l0000034f"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); + goto l0000034f; + l00000352_goto_l0000035a: + assume {:captureState "l00000352_goto_l0000035a"} true; + assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); goto l0000035a; + l00000352_goto_l00000371: + assume {:captureState "l00000352_goto_l00000371"} true; + assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); + goto l00000371; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_sec_policy_read/gcc/basic_sec_policy_read.expected b/src/test/correct/basic_sec_policy_read/gcc/basic_sec_policy_read.expected index 84471d9c7..9a64a11dd 100644 --- a/src/test/correct/basic_sec_policy_read/gcc/basic_sec_policy_read.expected +++ b/src/test/correct/basic_sec_policy_read/gcc/basic_sec_policy_read.expected @@ -151,14 +151,14 @@ implementation main() R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto main_return; - lmain_goto_l00000345: - assume {:captureState "lmain_goto_l00000345"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l00000345; lmain_goto_l0000032e: assume {:captureState "lmain_goto_l0000032e"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); goto l0000032e; + lmain_goto_l00000345: + assume {:captureState "lmain_goto_l00000345"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l00000345; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_sec_policy_read/gcc_O2/basic_sec_policy_read.expected b/src/test/correct/basic_sec_policy_read/gcc_O2/basic_sec_policy_read.expected index 6b3872bd2..30b79f20b 100644 --- a/src/test/correct/basic_sec_policy_read/gcc_O2/basic_sec_policy_read.expected +++ b/src/test/correct/basic_sec_policy_read/gcc_O2/basic_sec_policy_read.expected @@ -104,18 +104,18 @@ implementation main() R1, Gamma_R1 := zero_extend32_32(memory_load32_le(mem, bvadd64(R1, 20bv64))), (gamma_load32(Gamma_mem, bvadd64(R1, 20bv64)) || L(mem, bvadd64(R1, 20bv64))); assert Gamma_R1; goto lmain_goto_l000001c2, lmain_goto_l0000039c; - lmain_goto_l000001c2: - assume {:captureState "lmain_goto_l000001c2"} true; - assume (bvnot1(bvcomp32(R1[32:0], 0bv32)) != 0bv1); - goto l000001c2; - l000001c2: - assume {:captureState "l000001c2"} true; - goto main_return; l0000039c: assume {:captureState "l0000039c"} true; call rely(); R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, bvadd64(R2, 4bv64))), (gamma_load32(Gamma_mem, bvadd64(R2, 4bv64)) || L(mem, bvadd64(R2, 4bv64))); goto l000001c2; + l000001c2: + assume {:captureState "l000001c2"} true; + goto main_return; + lmain_goto_l000001c2: + assume {:captureState "lmain_goto_l000001c2"} true; + assume (bvnot1(bvcomp32(R1[32:0], 0bv32)) != 0bv1); + goto l000001c2; lmain_goto_l0000039c: assume {:captureState "lmain_goto_l0000039c"} true; assume (bvnot1(bvcomp32(R1[32:0], 0bv32)) == 0bv1); diff --git a/src/test/correct/basic_sec_policy_read/gcc_no_plt_no_pic/basic_sec_policy_read.expected b/src/test/correct/basic_sec_policy_read/gcc_no_plt_no_pic/basic_sec_policy_read.expected index f88d63d1a..16de0c96b 100644 --- a/src/test/correct/basic_sec_policy_read/gcc_no_plt_no_pic/basic_sec_policy_read.expected +++ b/src/test/correct/basic_sec_policy_read/gcc_no_plt_no_pic/basic_sec_policy_read.expected @@ -141,24 +141,24 @@ implementation main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; goto lmain_goto_l00000942, lmain_goto_l0000092b; + l00000942: + assume {:captureState "l00000942"} true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), 0bv32), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), true); + assume {:captureState "%00000947"} true; + goto l0000092b; l0000092b: assume {:captureState "l0000092b"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto main_return; - l00000942: - assume {:captureState "l00000942"} true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), 0bv32), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), true); - assume {:captureState "%00000947"} true; + lmain_goto_l0000092b: + assume {:captureState "lmain_goto_l0000092b"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); goto l0000092b; lmain_goto_l00000942: assume {:captureState "lmain_goto_l00000942"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); goto l00000942; - lmain_goto_l0000092b: - assume {:captureState "lmain_goto_l0000092b"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l0000092b; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/basic_sec_policy_read/gcc_pic/basic_sec_policy_read.expected b/src/test/correct/basic_sec_policy_read/gcc_pic/basic_sec_policy_read.expected index 431f8b59f..f9ba8fe64 100644 --- a/src/test/correct/basic_sec_policy_read/gcc_pic/basic_sec_policy_read.expected +++ b/src/test/correct/basic_sec_policy_read/gcc_pic/basic_sec_policy_read.expected @@ -153,10 +153,6 @@ implementation main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; goto lmain_goto_l00000347, lmain_goto_l00000330; - lmain_goto_l00000330: - assume {:captureState "lmain_goto_l00000330"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l00000330; l00000347: assume {:captureState "l00000347"} true; stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), 0bv32), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), true); @@ -167,6 +163,10 @@ implementation main() R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto main_return; + lmain_goto_l00000330: + assume {:captureState "lmain_goto_l00000330"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l00000330; lmain_goto_l00000347: assume {:captureState "lmain_goto_l00000347"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); diff --git a/src/test/correct/basicfree/clang/basicfree.expected b/src/test/correct/basicfree/clang/basicfree.expected index b44613267..1c195a8fe 100644 --- a/src/test/correct/basicfree/clang/basicfree.expected +++ b/src/test/correct/basicfree/clang/basicfree.expected @@ -145,13 +145,6 @@ implementation main() R30, Gamma_R30 := 2024bv64, true; call malloc(); goto l0000030d; - l00000338: - assume {:captureState "l00000338"} true; - #5, Gamma_#5 := bvadd64(R31, 16bv64), Gamma_R31; - R29, Gamma_R29 := memory_load64_le(stack, #5), gamma_load64(Gamma_stack, #5); - R30, Gamma_R30 := memory_load64_le(stack, bvadd64(#5, 8bv64)), gamma_load64(Gamma_stack, bvadd64(#5, 8bv64)); - R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; - goto main_return; l0000030d: assume {:captureState "l0000030d"} true; stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 8bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 8bv64), Gamma_R0); @@ -166,6 +159,13 @@ implementation main() R30, Gamma_R30 := 2048bv64, true; call #free(); goto l00000338; + l00000338: + assume {:captureState "l00000338"} true; + #5, Gamma_#5 := bvadd64(R31, 16bv64), Gamma_R31; + R29, Gamma_R29 := memory_load64_le(stack, #5), gamma_load64(Gamma_stack, #5); + R30, Gamma_R30 := memory_load64_le(stack, bvadd64(#5, 8bv64)), gamma_load64(Gamma_stack, bvadd64(#5, 8bv64)); + R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; + goto main_return; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/cjump/clang/cjump.expected b/src/test/correct/cjump/clang/cjump.expected index 893467b4a..752d25473 100644 --- a/src/test/correct/cjump/clang/cjump.expected +++ b/src/test/correct/cjump/clang/cjump.expected @@ -139,47 +139,18 @@ implementation main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; goto lmain_goto_l00000343, lmain_goto_l00000346; - l00000349: - assume {:captureState "l00000349"} true; - assert Gamma_R8; - goto l00000349_goto_l00000351, l00000349_goto_l0000037e; l00000346: assume {:captureState "l00000346"} true; R8, Gamma_R8 := 1bv64, true; goto l00000349; - lmain_goto_l00000343: - assume {:captureState "lmain_goto_l00000343"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); - goto l00000343; - lmain_goto_l00000346: - assume {:captureState "lmain_goto_l00000346"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); - goto l00000346; - l00000369: - assume {:captureState "l00000369"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); - R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; - goto main_return; - l0000037e: - assume {:captureState "l0000037e"} true; - goto l0000037f; - l00000349_goto_l00000351: - assume {:captureState "l00000349_goto_l00000351"} true; - assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); - goto l00000351; - l0000037f: - assume {:captureState "l0000037f"} true; - R8, Gamma_R8 := 3bv64, true; - R9, Gamma_R9 := 69632bv64, true; - call rely(); - assert (L(mem, bvadd64(R9, 56bv64)) ==> Gamma_R8); - mem, Gamma_mem := memory_store32_le(mem, bvadd64(R9, 56bv64), R8[32:0]), gamma_store32(Gamma_mem, bvadd64(R9, 56bv64), Gamma_R8); - assume {:captureState "%00000392"} true; - goto l00000369; l00000343: assume {:captureState "l00000343"} true; R8, Gamma_R8 := 0bv64, true; goto l00000349; + l00000349: + assume {:captureState "l00000349"} true; + assert Gamma_R8; + goto l00000349_goto_l00000351, l00000349_goto_l0000037e; l00000351: assume {:captureState "l00000351"} true; R9, Gamma_R9 := 69632bv64, true; @@ -189,6 +160,35 @@ implementation main() mem, Gamma_mem := memory_store32_le(mem, bvadd64(R9, 56bv64), R8[32:0]), gamma_store32(Gamma_mem, bvadd64(R9, 56bv64), Gamma_R8); assume {:captureState "%00000366"} true; goto l00000369; + l0000037e: + assume {:captureState "l0000037e"} true; + goto l0000037f; + l0000037f: + assume {:captureState "l0000037f"} true; + R8, Gamma_R8 := 3bv64, true; + R9, Gamma_R9 := 69632bv64, true; + call rely(); + assert (L(mem, bvadd64(R9, 56bv64)) ==> Gamma_R8); + mem, Gamma_mem := memory_store32_le(mem, bvadd64(R9, 56bv64), R8[32:0]), gamma_store32(Gamma_mem, bvadd64(R9, 56bv64), Gamma_R8); + assume {:captureState "%00000392"} true; + goto l00000369; + l00000369: + assume {:captureState "l00000369"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); + R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + lmain_goto_l00000343: + assume {:captureState "lmain_goto_l00000343"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); + goto l00000343; + lmain_goto_l00000346: + assume {:captureState "lmain_goto_l00000346"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); + goto l00000346; + l00000349_goto_l00000351: + assume {:captureState "l00000349_goto_l00000351"} true; + assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); + goto l00000351; l00000349_goto_l0000037e: assume {:captureState "l00000349_goto_l0000037e"} true; assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); diff --git a/src/test/correct/cjump/clang_no_plt_no_pic/cjump.expected b/src/test/correct/cjump/clang_no_plt_no_pic/cjump.expected index b0fee43a8..98abee50c 100644 --- a/src/test/correct/cjump/clang_no_plt_no_pic/cjump.expected +++ b/src/test/correct/cjump/clang_no_plt_no_pic/cjump.expected @@ -139,46 +139,18 @@ implementation main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; goto lmain_goto_l00000999, lmain_goto_l0000099c; - l000009d5: - assume {:captureState "l000009d5"} true; - R8, Gamma_R8 := 3bv64, true; - R9, Gamma_R9 := 69632bv64, true; - call rely(); - assert (L(mem, bvadd64(R9, 56bv64)) ==> Gamma_R8); - mem, Gamma_mem := memory_store32_le(mem, bvadd64(R9, 56bv64), R8[32:0]), gamma_store32(Gamma_mem, bvadd64(R9, 56bv64), Gamma_R8); - assume {:captureState "%000009e8"} true; - goto l000009bf; - l0000099f_goto_l000009d4: - assume {:captureState "l0000099f_goto_l000009d4"} true; - assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); - goto l000009d4; + l0000099c: + assume {:captureState "l0000099c"} true; + R8, Gamma_R8 := 1bv64, true; + goto l0000099f; l00000999: assume {:captureState "l00000999"} true; R8, Gamma_R8 := 0bv64, true; goto l0000099f; - l000009d4: - assume {:captureState "l000009d4"} true; - goto l000009d5; l0000099f: assume {:captureState "l0000099f"} true; assert Gamma_R8; goto l0000099f_goto_l000009a7, l0000099f_goto_l000009d4; - lmain_goto_l0000099c: - assume {:captureState "lmain_goto_l0000099c"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); - goto l0000099c; - l0000099f_goto_l000009a7: - assume {:captureState "l0000099f_goto_l000009a7"} true; - assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); - goto l000009a7; - l0000099c: - assume {:captureState "l0000099c"} true; - R8, Gamma_R8 := 1bv64, true; - goto l0000099f; - lmain_goto_l00000999: - assume {:captureState "lmain_goto_l00000999"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); - goto l00000999; l000009a7: assume {:captureState "l000009a7"} true; R9, Gamma_R9 := 69632bv64, true; @@ -188,11 +160,39 @@ implementation main() mem, Gamma_mem := memory_store32_le(mem, bvadd64(R9, 56bv64), R8[32:0]), gamma_store32(Gamma_mem, bvadd64(R9, 56bv64), Gamma_R8); assume {:captureState "%000009bc"} true; goto l000009bf; + l000009d4: + assume {:captureState "l000009d4"} true; + goto l000009d5; + l000009d5: + assume {:captureState "l000009d5"} true; + R8, Gamma_R8 := 3bv64, true; + R9, Gamma_R9 := 69632bv64, true; + call rely(); + assert (L(mem, bvadd64(R9, 56bv64)) ==> Gamma_R8); + mem, Gamma_mem := memory_store32_le(mem, bvadd64(R9, 56bv64), R8[32:0]), gamma_store32(Gamma_mem, bvadd64(R9, 56bv64), Gamma_R8); + assume {:captureState "%000009e8"} true; + goto l000009bf; l000009bf: assume {:captureState "l000009bf"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto main_return; + lmain_goto_l00000999: + assume {:captureState "lmain_goto_l00000999"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); + goto l00000999; + lmain_goto_l0000099c: + assume {:captureState "lmain_goto_l0000099c"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); + goto l0000099c; + l0000099f_goto_l000009a7: + assume {:captureState "l0000099f_goto_l000009a7"} true; + assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); + goto l000009a7; + l0000099f_goto_l000009d4: + assume {:captureState "l0000099f_goto_l000009d4"} true; + assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); + goto l000009d4; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/cjump/clang_pic/cjump.expected b/src/test/correct/cjump/clang_pic/cjump.expected index 183e831cd..0ef8aeb1b 100644 --- a/src/test/correct/cjump/clang_pic/cjump.expected +++ b/src/test/correct/cjump/clang_pic/cjump.expected @@ -151,22 +151,18 @@ implementation main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; goto lmain_goto_l00000359, lmain_goto_l00000356; - l00000356: - assume {:captureState "l00000356"} true; - R8, Gamma_R8 := 0bv64, true; - goto l0000035c; l00000359: assume {:captureState "l00000359"} true; R8, Gamma_R8 := 1bv64, true; goto l0000035c; - lmain_goto_l00000356: - assume {:captureState "lmain_goto_l00000356"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); - goto l00000356; - l0000035c_goto_l00000398: - assume {:captureState "l0000035c_goto_l00000398"} true; - assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); - goto l00000398; + l00000356: + assume {:captureState "l00000356"} true; + R8, Gamma_R8 := 0bv64, true; + goto l0000035c; + l0000035c: + assume {:captureState "l0000035c"} true; + assert Gamma_R8; + goto l0000035c_goto_l00000398, l0000035c_goto_l00000364; l00000364: assume {:captureState "l00000364"} true; R9, Gamma_R9 := 65536bv64, true; @@ -178,14 +174,9 @@ implementation main() mem, Gamma_mem := memory_store32_le(mem, R9, R8[32:0]), gamma_store32(Gamma_mem, R9, Gamma_R8); assume {:captureState "%00000380"} true; goto l00000383; - l0000035c: - assume {:captureState "l0000035c"} true; - assert Gamma_R8; - goto l0000035c_goto_l00000398, l0000035c_goto_l00000364; - lmain_goto_l00000359: - assume {:captureState "lmain_goto_l00000359"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); - goto l00000359; + l00000398: + assume {:captureState "l00000398"} true; + goto l00000399; l00000399: assume {:captureState "l00000399"} true; R8, Gamma_R8 := 3bv64, true; @@ -197,18 +188,27 @@ implementation main() mem, Gamma_mem := memory_store32_le(mem, R9, R8[32:0]), gamma_store32(Gamma_mem, R9, Gamma_R8); assume {:captureState "%000003b3"} true; goto l00000383; - l00000398: - assume {:captureState "l00000398"} true; - goto l00000399; - l0000035c_goto_l00000364: - assume {:captureState "l0000035c_goto_l00000364"} true; - assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); - goto l00000364; l00000383: assume {:captureState "l00000383"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto main_return; + lmain_goto_l00000356: + assume {:captureState "lmain_goto_l00000356"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); + goto l00000356; + lmain_goto_l00000359: + assume {:captureState "lmain_goto_l00000359"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); + goto l00000359; + l0000035c_goto_l00000364: + assume {:captureState "l0000035c_goto_l00000364"} true; + assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); + goto l00000364; + l0000035c_goto_l00000398: + assume {:captureState "l0000035c_goto_l00000398"} true; + assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); + goto l00000398; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/cjump/gcc/cjump.expected b/src/test/correct/cjump/gcc/cjump.expected index b8482e0f4..6752e3f52 100644 --- a/src/test/correct/cjump/gcc/cjump.expected +++ b/src/test/correct/cjump/gcc/cjump.expected @@ -140,18 +140,6 @@ implementation main() mem, Gamma_mem := memory_store32_le(mem, R0, R1[32:0]), gamma_store32(Gamma_mem, R0, Gamma_R1); assume {:captureState "%00000359"} true; goto l0000035b; - lmain_goto_l00000365: - assume {:captureState "lmain_goto_l00000365"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l00000365; - lmain_goto_l0000033e: - assume {:captureState "lmain_goto_l0000033e"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l0000033e; - l0000035b: - assume {:captureState "l0000035b"} true; - R0, Gamma_R0 := 0bv64, true; - goto main_return; l00000365: assume {:captureState "l00000365"} true; R0, Gamma_R0 := 69632bv64, true; @@ -162,6 +150,18 @@ implementation main() mem, Gamma_mem := memory_store32_le(mem, R0, R1[32:0]), gamma_store32(Gamma_mem, R0, Gamma_R1); assume {:captureState "%0000037b"} true; goto l0000035b; + l0000035b: + assume {:captureState "l0000035b"} true; + R0, Gamma_R0 := 0bv64, true; + goto main_return; + lmain_goto_l0000033e: + assume {:captureState "lmain_goto_l0000033e"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l0000033e; + lmain_goto_l00000365: + assume {:captureState "lmain_goto_l00000365"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l00000365; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/cjump/gcc_no_plt_no_pic/cjump.expected b/src/test/correct/cjump/gcc_no_plt_no_pic/cjump.expected index d9ab5f873..5285c14a0 100644 --- a/src/test/correct/cjump/gcc_no_plt_no_pic/cjump.expected +++ b/src/test/correct/cjump/gcc_no_plt_no_pic/cjump.expected @@ -130,6 +130,16 @@ implementation main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; goto lmain_goto_l000009a3, lmain_goto_l0000097c; + l0000097c: + assume {:captureState "l0000097c"} true; + R0, Gamma_R0 := 69632bv64, true; + R0, Gamma_R0 := bvadd64(R0, 24bv64), Gamma_R0; + R1, Gamma_R1 := 2bv64, true; + call rely(); + assert (L(mem, R0) ==> Gamma_R1); + mem, Gamma_mem := memory_store32_le(mem, R0, R1[32:0]), gamma_store32(Gamma_mem, R0, Gamma_R1); + assume {:captureState "%00000997"} true; + goto l00000999; l000009a3: assume {:captureState "l000009a3"} true; R0, Gamma_R0 := 69632bv64, true; @@ -148,16 +158,6 @@ implementation main() assume {:captureState "lmain_goto_l0000097c"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); goto l0000097c; - l0000097c: - assume {:captureState "l0000097c"} true; - R0, Gamma_R0 := 69632bv64, true; - R0, Gamma_R0 := bvadd64(R0, 24bv64), Gamma_R0; - R1, Gamma_R1 := 2bv64, true; - call rely(); - assert (L(mem, R0) ==> Gamma_R1); - mem, Gamma_mem := memory_store32_le(mem, R0, R1[32:0]), gamma_store32(Gamma_mem, R0, Gamma_R1); - assume {:captureState "%00000997"} true; - goto l00000999; lmain_goto_l000009a3: assume {:captureState "lmain_goto_l000009a3"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); diff --git a/src/test/correct/cjump/gcc_pic/cjump.expected b/src/test/correct/cjump/gcc_pic/cjump.expected index f43ac0b08..2be57000d 100644 --- a/src/test/correct/cjump/gcc_pic/cjump.expected +++ b/src/test/correct/cjump/gcc_pic/cjump.expected @@ -142,10 +142,17 @@ implementation main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; goto lmain_goto_l00000340, lmain_goto_l00000368; - lmain_goto_l00000340: - assume {:captureState "lmain_goto_l00000340"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l00000340; + l00000340: + assume {:captureState "l00000340"} true; + R0, Gamma_R0 := 65536bv64, true; + call rely(); + R0, Gamma_R0 := memory_load64_le(mem, bvadd64(R0, 4072bv64)), (gamma_load64(Gamma_mem, bvadd64(R0, 4072bv64)) || L(mem, bvadd64(R0, 4072bv64))); + R1, Gamma_R1 := 2bv64, true; + call rely(); + assert (L(mem, R0) ==> Gamma_R1); + mem, Gamma_mem := memory_store32_le(mem, R0, R1[32:0]), gamma_store32(Gamma_mem, R0, Gamma_R1); + assume {:captureState "%0000035c"} true; + goto l0000035e; l00000368: assume {:captureState "l00000368"} true; R0, Gamma_R0 := 65536bv64, true; @@ -157,25 +164,18 @@ implementation main() mem, Gamma_mem := memory_store32_le(mem, R0, R1[32:0]), gamma_store32(Gamma_mem, R0, Gamma_R1); assume {:captureState "%0000037f"} true; goto l0000035e; - lmain_goto_l00000368: - assume {:captureState "lmain_goto_l00000368"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l00000368; l0000035e: assume {:captureState "l0000035e"} true; R0, Gamma_R0 := 0bv64, true; goto main_return; - l00000340: - assume {:captureState "l00000340"} true; - R0, Gamma_R0 := 65536bv64, true; - call rely(); - R0, Gamma_R0 := memory_load64_le(mem, bvadd64(R0, 4072bv64)), (gamma_load64(Gamma_mem, bvadd64(R0, 4072bv64)) || L(mem, bvadd64(R0, 4072bv64))); - R1, Gamma_R1 := 2bv64, true; - call rely(); - assert (L(mem, R0) ==> Gamma_R1); - mem, Gamma_mem := memory_store32_le(mem, R0, R1[32:0]), gamma_store32(Gamma_mem, R0, Gamma_R1); - assume {:captureState "%0000035c"} true; - goto l0000035e; + lmain_goto_l00000340: + assume {:captureState "lmain_goto_l00000340"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l00000340; + lmain_goto_l00000368: + assume {:captureState "lmain_goto_l00000368"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l00000368; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/function1/clang_no_plt_no_pic/function1.expected b/src/test/correct/function1/clang_no_plt_no_pic/function1.expected index 8dff0b1dc..94eedf788 100644 --- a/src/test/correct/function1/clang_no_plt_no_pic/function1.expected +++ b/src/test/correct/function1/clang_no_plt_no_pic/function1.expected @@ -196,13 +196,6 @@ implementation main() R30, Gamma_R30 := 1968bv64, true; call get_two(); goto l00000adf; - l00000b06: - assume {:captureState "l00000b06"} true; - R0, Gamma_R0 := 0bv64, true; - R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); - R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); - R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; - goto main_return; l00000adf: assume {:captureState "l00000adf"} true; R8, Gamma_R8 := 69632bv64, true; @@ -217,6 +210,13 @@ implementation main() R30, Gamma_R30 := 1992bv64, true; call printf(); goto l00000b06; + l00000b06: + assume {:captureState "l00000b06"} true; + R0, Gamma_R0 := 0bv64, true; + R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); + R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); + R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/function1/clang_pic/function1.expected b/src/test/correct/function1/clang_pic/function1.expected index 620a61c5d..b029d5d40 100644 --- a/src/test/correct/function1/clang_pic/function1.expected +++ b/src/test/correct/function1/clang_pic/function1.expected @@ -208,13 +208,6 @@ implementation main() R30, Gamma_R30 := 2036bv64, true; call get_two(); goto l000003dd; - l0000040b: - assume {:captureState "l0000040b"} true; - R0, Gamma_R0 := 0bv64, true; - R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); - R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); - R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; - goto main_return; l000003dd: assume {:captureState "l000003dd"} true; R8, Gamma_R8 := 65536bv64, true; @@ -231,6 +224,13 @@ implementation main() R30, Gamma_R30 := 2064bv64, true; call printf(); goto l0000040b; + l0000040b: + assume {:captureState "l0000040b"} true; + R0, Gamma_R0 := 0bv64, true; + R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); + R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); + R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/function1/gcc_pic/function1.expected b/src/test/correct/function1/gcc_pic/function1.expected index 625dcc6a0..883b6689e 100644 --- a/src/test/correct/function1/gcc_pic/function1.expected +++ b/src/test/correct/function1/gcc_pic/function1.expected @@ -258,13 +258,6 @@ implementation main() R30, Gamma_R30 := 2036bv64, true; call get_two(); goto l000003ed; - l00000433: - assume {:captureState "l00000433"} true; - R0, Gamma_R0 := 0bv64, true; - R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); - R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); - R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; - goto main_return; l000003ed: assume {:captureState "l000003ed"} true; R1, Gamma_R1 := zero_extend32_32(R0[32:0]), Gamma_R0; @@ -286,6 +279,13 @@ implementation main() R30, Gamma_R30 := 2080bv64, true; call printf(); goto l00000433; + l00000433: + assume {:captureState "l00000433"} true; + R0, Gamma_R0 := 0bv64, true; + R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); + R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); + R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/ifbranches/clang/ifbranches.expected b/src/test/correct/ifbranches/clang/ifbranches.expected index bf5f02e92..82749e80d 100644 --- a/src/test/correct/ifbranches/clang/ifbranches.expected +++ b/src/test/correct/ifbranches/clang/ifbranches.expected @@ -137,29 +137,33 @@ implementation main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; goto lmain_goto_l0000034c, lmain_goto_l0000034f; - l00000352_goto_l0000035a: - assume {:captureState "l00000352_goto_l0000035a"} true; - assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); - goto l0000035a; l0000034f: assume {:captureState "l0000034f"} true; R8, Gamma_R8 := 1bv64, true; goto l00000352; - l00000352_goto_l00000397: - assume {:captureState "l00000352_goto_l00000397"} true; - assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); - goto l00000397; - lmain_goto_l0000034c: - assume {:captureState "lmain_goto_l0000034c"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l0000034c; - lmain_goto_l0000034f: - assume {:captureState "lmain_goto_l0000034f"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l0000034f; + l0000034c: + assume {:captureState "l0000034c"} true; + R8, Gamma_R8 := 0bv64, true; + goto l00000352; + l00000352: + assume {:captureState "l00000352"} true; + assert Gamma_R8; + goto l00000352_goto_l0000035a, l00000352_goto_l00000397; + l0000035a: + assume {:captureState "l0000035a"} true; + R8, Gamma_R8 := 2bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R8); + assume {:captureState "%0000036a"} true; + goto l0000036d; l00000397: assume {:captureState "l00000397"} true; goto l00000398; + l00000398: + assume {:captureState "l00000398"} true; + R8, Gamma_R8 := 1bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R8); + assume {:captureState "%000003a6"} true; + goto l0000036d; l0000036d: assume {:captureState "l0000036d"} true; R8, Gamma_R8 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); @@ -169,26 +173,22 @@ implementation main() R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; goto main_return; - l00000352: - assume {:captureState "l00000352"} true; - assert Gamma_R8; - goto l00000352_goto_l0000035a, l00000352_goto_l00000397; - l00000398: - assume {:captureState "l00000398"} true; - R8, Gamma_R8 := 1bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R8); - assume {:captureState "%000003a6"} true; - goto l0000036d; - l0000034c: - assume {:captureState "l0000034c"} true; - R8, Gamma_R8 := 0bv64, true; - goto l00000352; - l0000035a: - assume {:captureState "l0000035a"} true; - R8, Gamma_R8 := 2bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R8); - assume {:captureState "%0000036a"} true; - goto l0000036d; + lmain_goto_l0000034c: + assume {:captureState "lmain_goto_l0000034c"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l0000034c; + lmain_goto_l0000034f: + assume {:captureState "lmain_goto_l0000034f"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l0000034f; + l00000352_goto_l0000035a: + assume {:captureState "l00000352_goto_l0000035a"} true; + assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); + goto l0000035a; + l00000352_goto_l00000397: + assume {:captureState "l00000352_goto_l00000397"} true; + assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); + goto l00000397; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/ifbranches/clang_O2/ifbranches.expected b/src/test/correct/ifbranches/clang_O2/ifbranches.expected index 228655907..573cc292a 100644 --- a/src/test/correct/ifbranches/clang_O2/ifbranches.expected +++ b/src/test/correct/ifbranches/clang_O2/ifbranches.expected @@ -95,18 +95,10 @@ implementation main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; goto lmain_goto_l000002db, lmain_goto_l000002df; - lmain_goto_l000002db: - assume {:captureState "lmain_goto_l000002db"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l000002db; l000002df: assume {:captureState "l000002df"} true; R0, Gamma_R0 := zero_extend32_32(bvadd32(R8[32:0], 1bv32)), Gamma_R8; goto l000002e2; - lmain_goto_l000002df: - assume {:captureState "lmain_goto_l000002df"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l000002df; l000002db: assume {:captureState "l000002db"} true; R0, Gamma_R0 := zero_extend32_32(R8[32:0]), Gamma_R8; @@ -114,6 +106,14 @@ implementation main() l000002e2: assume {:captureState "l000002e2"} true; goto main_return; + lmain_goto_l000002db: + assume {:captureState "lmain_goto_l000002db"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l000002db; + lmain_goto_l000002df: + assume {:captureState "lmain_goto_l000002df"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l000002df; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/ifbranches/clang_no_plt_no_pic/ifbranches.expected b/src/test/correct/ifbranches/clang_no_plt_no_pic/ifbranches.expected index 58eed46ce..896b4800a 100644 --- a/src/test/correct/ifbranches/clang_no_plt_no_pic/ifbranches.expected +++ b/src/test/correct/ifbranches/clang_no_plt_no_pic/ifbranches.expected @@ -137,18 +137,24 @@ implementation main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; goto lmain_goto_l000009b8, lmain_goto_l000009bb; - lmain_goto_l000009b8: - assume {:captureState "lmain_goto_l000009b8"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l000009b8; l000009bb: assume {:captureState "l000009bb"} true; R8, Gamma_R8 := 1bv64, true; goto l000009be; - l000009be_goto_l000009c6: - assume {:captureState "l000009be_goto_l000009c6"} true; - assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); - goto l000009c6; + l000009b8: + assume {:captureState "l000009b8"} true; + R8, Gamma_R8 := 0bv64, true; + goto l000009be; + l000009be: + assume {:captureState "l000009be"} true; + assert Gamma_R8; + goto l000009be_goto_l000009c6, l000009be_goto_l00000a03; + l000009c6: + assume {:captureState "l000009c6"} true; + R8, Gamma_R8 := 2bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R8); + assume {:captureState "%000009d6"} true; + goto l000009d9; l00000a03: assume {:captureState "l00000a03"} true; goto l00000a04; @@ -158,14 +164,6 @@ implementation main() stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R8); assume {:captureState "%00000a12"} true; goto l000009d9; - lmain_goto_l000009bb: - assume {:captureState "lmain_goto_l000009bb"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l000009bb; - l000009be_goto_l00000a03: - assume {:captureState "l000009be_goto_l00000a03"} true; - assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); - goto l00000a03; l000009d9: assume {:captureState "l000009d9"} true; R8, Gamma_R8 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); @@ -175,20 +173,22 @@ implementation main() R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; goto main_return; - l000009b8: - assume {:captureState "l000009b8"} true; - R8, Gamma_R8 := 0bv64, true; - goto l000009be; - l000009c6: - assume {:captureState "l000009c6"} true; - R8, Gamma_R8 := 2bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R8); - assume {:captureState "%000009d6"} true; - goto l000009d9; - l000009be: - assume {:captureState "l000009be"} true; - assert Gamma_R8; - goto l000009be_goto_l000009c6, l000009be_goto_l00000a03; + lmain_goto_l000009b8: + assume {:captureState "lmain_goto_l000009b8"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l000009b8; + lmain_goto_l000009bb: + assume {:captureState "lmain_goto_l000009bb"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l000009bb; + l000009be_goto_l000009c6: + assume {:captureState "l000009be_goto_l000009c6"} true; + assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); + goto l000009c6; + l000009be_goto_l00000a03: + assume {:captureState "l000009be_goto_l00000a03"} true; + assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); + goto l00000a03; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/ifbranches/clang_pic/ifbranches.expected b/src/test/correct/ifbranches/clang_pic/ifbranches.expected index 58eed46ce..896b4800a 100644 --- a/src/test/correct/ifbranches/clang_pic/ifbranches.expected +++ b/src/test/correct/ifbranches/clang_pic/ifbranches.expected @@ -137,18 +137,24 @@ implementation main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; goto lmain_goto_l000009b8, lmain_goto_l000009bb; - lmain_goto_l000009b8: - assume {:captureState "lmain_goto_l000009b8"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l000009b8; l000009bb: assume {:captureState "l000009bb"} true; R8, Gamma_R8 := 1bv64, true; goto l000009be; - l000009be_goto_l000009c6: - assume {:captureState "l000009be_goto_l000009c6"} true; - assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); - goto l000009c6; + l000009b8: + assume {:captureState "l000009b8"} true; + R8, Gamma_R8 := 0bv64, true; + goto l000009be; + l000009be: + assume {:captureState "l000009be"} true; + assert Gamma_R8; + goto l000009be_goto_l000009c6, l000009be_goto_l00000a03; + l000009c6: + assume {:captureState "l000009c6"} true; + R8, Gamma_R8 := 2bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R8); + assume {:captureState "%000009d6"} true; + goto l000009d9; l00000a03: assume {:captureState "l00000a03"} true; goto l00000a04; @@ -158,14 +164,6 @@ implementation main() stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R8); assume {:captureState "%00000a12"} true; goto l000009d9; - lmain_goto_l000009bb: - assume {:captureState "lmain_goto_l000009bb"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l000009bb; - l000009be_goto_l00000a03: - assume {:captureState "l000009be_goto_l00000a03"} true; - assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); - goto l00000a03; l000009d9: assume {:captureState "l000009d9"} true; R8, Gamma_R8 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); @@ -175,20 +173,22 @@ implementation main() R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; goto main_return; - l000009b8: - assume {:captureState "l000009b8"} true; - R8, Gamma_R8 := 0bv64, true; - goto l000009be; - l000009c6: - assume {:captureState "l000009c6"} true; - R8, Gamma_R8 := 2bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R8); - assume {:captureState "%000009d6"} true; - goto l000009d9; - l000009be: - assume {:captureState "l000009be"} true; - assert Gamma_R8; - goto l000009be_goto_l000009c6, l000009be_goto_l00000a03; + lmain_goto_l000009b8: + assume {:captureState "lmain_goto_l000009b8"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l000009b8; + lmain_goto_l000009bb: + assume {:captureState "lmain_goto_l000009bb"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l000009bb; + l000009be_goto_l000009c6: + assume {:captureState "l000009be_goto_l000009c6"} true; + assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); + goto l000009c6; + l000009be_goto_l00000a03: + assume {:captureState "l000009be_goto_l00000a03"} true; + assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); + goto l00000a03; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/ifbranches/gcc/ifbranches.expected b/src/test/correct/ifbranches/gcc/ifbranches.expected index 4ae9220d7..0c1ad49a2 100644 --- a/src/test/correct/ifbranches/gcc/ifbranches.expected +++ b/src/test/correct/ifbranches/gcc/ifbranches.expected @@ -132,10 +132,12 @@ implementation main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; goto lmain_goto_l00000369, lmain_goto_l00000330; - lmain_goto_l00000330: - assume {:captureState "lmain_goto_l00000330"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); - goto l00000330; + l00000330: + assume {:captureState "l00000330"} true; + R0, Gamma_R0 := 2bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 24bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 24bv64), Gamma_R0); + assume {:captureState "%00000340"} true; + goto l00000342; l00000369: assume {:captureState "l00000369"} true; R0, Gamma_R0 := 1bv64, true; @@ -151,12 +153,10 @@ implementation main() R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; goto main_return; - l00000330: - assume {:captureState "l00000330"} true; - R0, Gamma_R0 := 2bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 24bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 24bv64), Gamma_R0); - assume {:captureState "%00000340"} true; - goto l00000342; + lmain_goto_l00000330: + assume {:captureState "lmain_goto_l00000330"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); + goto l00000330; lmain_goto_l00000369: assume {:captureState "lmain_goto_l00000369"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); diff --git a/src/test/correct/ifbranches/gcc_O2/ifbranches.expected b/src/test/correct/ifbranches/gcc_O2/ifbranches.expected index d26592186..6a1edc35e 100644 --- a/src/test/correct/ifbranches/gcc_O2/ifbranches.expected +++ b/src/test/correct/ifbranches/gcc_O2/ifbranches.expected @@ -92,26 +92,26 @@ implementation main() NF, Gamma_NF := bvadd32(#1, 1bv32)[32:31], Gamma_#1; assert Gamma_ZF; goto lmain_goto_l000001c3, lmain_goto_l000001c6; - lmain_goto_l000001c3: - assume {:captureState "lmain_goto_l000001c3"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l000001c3; l000001c6: assume {:captureState "l000001c6"} true; R0, Gamma_R0 := 1bv64, true; goto l000001c9; + l000001c3: + assume {:captureState "l000001c3"} true; + R0, Gamma_R0 := 0bv64, true; + goto l000001c9; l000001c9: assume {:captureState "l000001c9"} true; R0, Gamma_R0 := zero_extend32_32(bvadd32(R0[32:0], 2bv32)), Gamma_R0; goto main_return; + lmain_goto_l000001c3: + assume {:captureState "lmain_goto_l000001c3"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l000001c3; lmain_goto_l000001c6: assume {:captureState "lmain_goto_l000001c6"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); goto l000001c6; - l000001c3: - assume {:captureState "l000001c3"} true; - R0, Gamma_R0 := 0bv64, true; - goto l000001c9; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/ifbranches/gcc_no_plt_no_pic/ifbranches.expected b/src/test/correct/ifbranches/gcc_no_plt_no_pic/ifbranches.expected index 5b2b1ebd0..a023fc70b 100644 --- a/src/test/correct/ifbranches/gcc_no_plt_no_pic/ifbranches.expected +++ b/src/test/correct/ifbranches/gcc_no_plt_no_pic/ifbranches.expected @@ -138,10 +138,12 @@ implementation main() stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 24bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 24bv64), Gamma_R0); assume {:captureState "%00000973"} true; goto l00000975; - lmain_goto_l0000099c: - assume {:captureState "lmain_goto_l0000099c"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); - goto l0000099c; + l0000099c: + assume {:captureState "l0000099c"} true; + R0, Gamma_R0 := 1bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 24bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 24bv64), Gamma_R0); + assume {:captureState "%000009a7"} true; + goto l00000975; l00000975: assume {:captureState "l00000975"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 24bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 24bv64)); @@ -151,16 +153,14 @@ implementation main() R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; goto main_return; - l0000099c: - assume {:captureState "l0000099c"} true; - R0, Gamma_R0 := 1bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 24bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 24bv64), Gamma_R0); - assume {:captureState "%000009a7"} true; - goto l00000975; lmain_goto_l00000963: assume {:captureState "lmain_goto_l00000963"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); goto l00000963; + lmain_goto_l0000099c: + assume {:captureState "lmain_goto_l0000099c"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); + goto l0000099c; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/ifbranches/gcc_pic/ifbranches.expected b/src/test/correct/ifbranches/gcc_pic/ifbranches.expected index 5b2b1ebd0..a023fc70b 100644 --- a/src/test/correct/ifbranches/gcc_pic/ifbranches.expected +++ b/src/test/correct/ifbranches/gcc_pic/ifbranches.expected @@ -138,10 +138,12 @@ implementation main() stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 24bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 24bv64), Gamma_R0); assume {:captureState "%00000973"} true; goto l00000975; - lmain_goto_l0000099c: - assume {:captureState "lmain_goto_l0000099c"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); - goto l0000099c; + l0000099c: + assume {:captureState "l0000099c"} true; + R0, Gamma_R0 := 1bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 24bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 24bv64), Gamma_R0); + assume {:captureState "%000009a7"} true; + goto l00000975; l00000975: assume {:captureState "l00000975"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 24bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 24bv64)); @@ -151,16 +153,14 @@ implementation main() R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; goto main_return; - l0000099c: - assume {:captureState "l0000099c"} true; - R0, Gamma_R0 := 1bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 24bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 24bv64), Gamma_R0); - assume {:captureState "%000009a7"} true; - goto l00000975; lmain_goto_l00000963: assume {:captureState "lmain_goto_l00000963"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); goto l00000963; + lmain_goto_l0000099c: + assume {:captureState "lmain_goto_l0000099c"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); + goto l0000099c; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/ifglobal/clang/ifglobal.expected b/src/test/correct/ifglobal/clang/ifglobal.expected index 094aefbb7..4f9a5c230 100644 --- a/src/test/correct/ifglobal/clang/ifglobal.expected +++ b/src/test/correct/ifglobal/clang/ifglobal.expected @@ -130,51 +130,51 @@ implementation main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; goto lmain_goto_l0000031e, lmain_goto_l00000321; - l00000324_goto_l0000032c: - assume {:captureState "l00000324_goto_l0000032c"} true; - assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); - goto l0000032c; + l00000321: + assume {:captureState "l00000321"} true; + R8, Gamma_R8 := 1bv64, true; + goto l00000324; + l0000031e: + assume {:captureState "l0000031e"} true; + R8, Gamma_R8 := 0bv64, true; + goto l00000324; l00000324: assume {:captureState "l00000324"} true; assert Gamma_R8; goto l00000324_goto_l0000032c, l00000324_goto_l00000343; + l00000343: + assume {:captureState "l00000343"} true; + goto l00000344; + l00000344: + assume {:captureState "l00000344"} true; + R8, Gamma_R8 := 1bv64, true; + R9, Gamma_R9 := 69632bv64, true; + call rely(); + assert (L(mem, bvadd64(R9, 52bv64)) ==> Gamma_R8); + mem, Gamma_mem := memory_store32_le(mem, bvadd64(R9, 52bv64), R8[32:0]), gamma_store32(Gamma_mem, bvadd64(R9, 52bv64), Gamma_R8); + assume {:captureState "%00000357"} true; + goto l0000032c; l0000032c: assume {:captureState "l0000032c"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto main_return; + lmain_goto_l0000031e: + assume {:captureState "lmain_goto_l0000031e"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l0000031e; lmain_goto_l00000321: assume {:captureState "lmain_goto_l00000321"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); goto l00000321; + l00000324_goto_l0000032c: + assume {:captureState "l00000324_goto_l0000032c"} true; + assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); + goto l0000032c; l00000324_goto_l00000343: assume {:captureState "l00000324_goto_l00000343"} true; assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); goto l00000343; - l0000031e: - assume {:captureState "l0000031e"} true; - R8, Gamma_R8 := 0bv64, true; - goto l00000324; - lmain_goto_l0000031e: - assume {:captureState "lmain_goto_l0000031e"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l0000031e; - l00000344: - assume {:captureState "l00000344"} true; - R8, Gamma_R8 := 1bv64, true; - R9, Gamma_R9 := 69632bv64, true; - call rely(); - assert (L(mem, bvadd64(R9, 52bv64)) ==> Gamma_R8); - mem, Gamma_mem := memory_store32_le(mem, bvadd64(R9, 52bv64), R8[32:0]), gamma_store32(Gamma_mem, bvadd64(R9, 52bv64), Gamma_R8); - assume {:captureState "%00000357"} true; - goto l0000032c; - l00000321: - assume {:captureState "l00000321"} true; - R8, Gamma_R8 := 1bv64, true; - goto l00000324; - l00000343: - assume {:captureState "l00000343"} true; - goto l00000344; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/ifglobal/clang_O2/ifglobal.expected b/src/test/correct/ifglobal/clang_O2/ifglobal.expected index 658d063a1..782eeaf4d 100644 --- a/src/test/correct/ifglobal/clang_O2/ifglobal.expected +++ b/src/test/correct/ifglobal/clang_O2/ifglobal.expected @@ -98,18 +98,6 @@ implementation main() R9, Gamma_R9 := zero_extend32_32(memory_load32_le(mem, bvadd64(R8, 52bv64))), (gamma_load32(Gamma_mem, bvadd64(R8, 52bv64)) || L(mem, bvadd64(R8, 52bv64))); assert Gamma_R9; goto lmain_goto_l000002dc, lmain_goto_l000002f8; - lmain_goto_l000002dc: - assume {:captureState "lmain_goto_l000002dc"} true; - assume (bvcomp32(R9[32:0], 0bv32) != 0bv1); - goto l000002dc; - l000002f8: - assume {:captureState "l000002f8"} true; - R0, Gamma_R0 := 0bv64, true; - goto main_return; - lmain_goto_l000002f8: - assume {:captureState "lmain_goto_l000002f8"} true; - assume (bvcomp32(R9[32:0], 0bv32) == 0bv1); - goto l000002f8; l000002dc: assume {:captureState "l000002dc"} true; R9, Gamma_R9 := 1bv64, true; @@ -119,6 +107,18 @@ implementation main() assume {:captureState "%000002ec"} true; R0, Gamma_R0 := 0bv64, true; goto main_return; + l000002f8: + assume {:captureState "l000002f8"} true; + R0, Gamma_R0 := 0bv64, true; + goto main_return; + lmain_goto_l000002dc: + assume {:captureState "lmain_goto_l000002dc"} true; + assume (bvcomp32(R9[32:0], 0bv32) != 0bv1); + goto l000002dc; + lmain_goto_l000002f8: + assume {:captureState "lmain_goto_l000002f8"} true; + assume (bvcomp32(R9[32:0], 0bv32) == 0bv1); + goto l000002f8; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/ifglobal/clang_no_plt_no_pic/ifglobal.expected b/src/test/correct/ifglobal/clang_no_plt_no_pic/ifglobal.expected index 48b7a75f7..a2cf3c86a 100644 --- a/src/test/correct/ifglobal/clang_no_plt_no_pic/ifglobal.expected +++ b/src/test/correct/ifglobal/clang_no_plt_no_pic/ifglobal.expected @@ -130,15 +130,14 @@ implementation main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; goto lmain_goto_l00000930, lmain_goto_l0000092d; + l00000930: + assume {:captureState "l00000930"} true; + R8, Gamma_R8 := 1bv64, true; + goto l00000933; l0000092d: assume {:captureState "l0000092d"} true; R8, Gamma_R8 := 0bv64, true; goto l00000933; - l0000093b: - assume {:captureState "l0000093b"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); - R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; - goto main_return; l00000933: assume {:captureState "l00000933"} true; assert Gamma_R8; @@ -146,10 +145,6 @@ implementation main() l00000952: assume {:captureState "l00000952"} true; goto l00000953; - l00000930: - assume {:captureState "l00000930"} true; - R8, Gamma_R8 := 1bv64, true; - goto l00000933; l00000953: assume {:captureState "l00000953"} true; R8, Gamma_R8 := 1bv64, true; @@ -159,22 +154,27 @@ implementation main() mem, Gamma_mem := memory_store32_le(mem, bvadd64(R9, 52bv64), R8[32:0]), gamma_store32(Gamma_mem, bvadd64(R9, 52bv64), Gamma_R8); assume {:captureState "%00000966"} true; goto l0000093b; - l00000933_goto_l0000093b: - assume {:captureState "l00000933_goto_l0000093b"} true; - assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); - goto l0000093b; + l0000093b: + assume {:captureState "l0000093b"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); + R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + lmain_goto_l0000092d: + assume {:captureState "lmain_goto_l0000092d"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l0000092d; lmain_goto_l00000930: assume {:captureState "lmain_goto_l00000930"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); goto l00000930; + l00000933_goto_l0000093b: + assume {:captureState "l00000933_goto_l0000093b"} true; + assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); + goto l0000093b; l00000933_goto_l00000952: assume {:captureState "l00000933_goto_l00000952"} true; assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); goto l00000952; - lmain_goto_l0000092d: - assume {:captureState "lmain_goto_l0000092d"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l0000092d; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/ifglobal/clang_pic/ifglobal.expected b/src/test/correct/ifglobal/clang_pic/ifglobal.expected index 53234c579..c9631ddb9 100644 --- a/src/test/correct/ifglobal/clang_pic/ifglobal.expected +++ b/src/test/correct/ifglobal/clang_pic/ifglobal.expected @@ -139,18 +139,21 @@ implementation main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; goto lmain_goto_l00000330, lmain_goto_l0000032d; - lmain_goto_l00000330: - assume {:captureState "lmain_goto_l00000330"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l00000330; + l00000330: + assume {:captureState "l00000330"} true; + R8, Gamma_R8 := 1bv64, true; + goto l00000333; l0000032d: assume {:captureState "l0000032d"} true; R8, Gamma_R8 := 0bv64, true; goto l00000333; - lmain_goto_l0000032d: - assume {:captureState "lmain_goto_l0000032d"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l0000032d; + l00000333: + assume {:captureState "l00000333"} true; + assert Gamma_R8; + goto l00000333_goto_l0000033b, l00000333_goto_l00000352; + l00000352: + assume {:captureState "l00000352"} true; + goto l00000353; l00000353: assume {:captureState "l00000353"} true; R8, Gamma_R8 := 1bv64, true; @@ -162,22 +165,19 @@ implementation main() mem, Gamma_mem := memory_store32_le(mem, R9, R8[32:0]), gamma_store32(Gamma_mem, R9, Gamma_R8); assume {:captureState "%0000036d"} true; goto l0000033b; - l00000352: - assume {:captureState "l00000352"} true; - goto l00000353; - l00000330: - assume {:captureState "l00000330"} true; - R8, Gamma_R8 := 1bv64, true; - goto l00000333; - l00000333: - assume {:captureState "l00000333"} true; - assert Gamma_R8; - goto l00000333_goto_l0000033b, l00000333_goto_l00000352; l0000033b: assume {:captureState "l0000033b"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto main_return; + lmain_goto_l0000032d: + assume {:captureState "lmain_goto_l0000032d"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l0000032d; + lmain_goto_l00000330: + assume {:captureState "lmain_goto_l00000330"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l00000330; l00000333_goto_l0000033b: assume {:captureState "l00000333_goto_l0000033b"} true; assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); diff --git a/src/test/correct/ifglobal/gcc/ifglobal.expected b/src/test/correct/ifglobal/gcc/ifglobal.expected index 8a9b81705..cc675c447 100644 --- a/src/test/correct/ifglobal/gcc/ifglobal.expected +++ b/src/test/correct/ifglobal/gcc/ifglobal.expected @@ -119,18 +119,6 @@ implementation main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; goto lmain_goto_l00000311, lmain_goto_l00000302; - l00000302: - assume {:captureState "l00000302"} true; - R0, Gamma_R0 := 0bv64, true; - goto main_return; - lmain_goto_l00000311: - assume {:captureState "lmain_goto_l00000311"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); - goto l00000311; - lmain_goto_l00000302: - assume {:captureState "lmain_goto_l00000302"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); - goto l00000302; l00000311: assume {:captureState "l00000311"} true; R0, Gamma_R0 := 69632bv64, true; @@ -141,6 +129,18 @@ implementation main() mem, Gamma_mem := memory_store32_le(mem, R0, R1[32:0]), gamma_store32(Gamma_mem, R0, Gamma_R1); assume {:captureState "%00000327"} true; goto l00000302; + l00000302: + assume {:captureState "l00000302"} true; + R0, Gamma_R0 := 0bv64, true; + goto main_return; + lmain_goto_l00000302: + assume {:captureState "lmain_goto_l00000302"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); + goto l00000302; + lmain_goto_l00000311: + assume {:captureState "lmain_goto_l00000311"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); + goto l00000311; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/ifglobal/gcc_O2/ifglobal.expected b/src/test/correct/ifglobal/gcc_O2/ifglobal.expected index 62eb47d20..06ad1b8f1 100644 --- a/src/test/correct/ifglobal/gcc_O2/ifglobal.expected +++ b/src/test/correct/ifglobal/gcc_O2/ifglobal.expected @@ -97,14 +97,6 @@ implementation main() R1, Gamma_R1 := zero_extend32_32(memory_load32_le(mem, bvadd64(R0, 20bv64))), (gamma_load32(Gamma_mem, bvadd64(R0, 20bv64)) || L(mem, bvadd64(R0, 20bv64))); assert Gamma_R1; goto lmain_goto_l000001b7, lmain_goto_l00000396; - lmain_goto_l00000396: - assume {:captureState "lmain_goto_l00000396"} true; - assume (bvnot1(bvcomp32(R1[32:0], 0bv32)) == 0bv1); - goto l00000396; - l000001b7: - assume {:captureState "l000001b7"} true; - R0, Gamma_R0 := 0bv64, true; - goto main_return; l00000396: assume {:captureState "l00000396"} true; R1, Gamma_R1 := 1bv64, true; @@ -113,10 +105,18 @@ implementation main() mem, Gamma_mem := memory_store32_le(mem, bvadd64(R0, 20bv64), R1[32:0]), gamma_store32(Gamma_mem, bvadd64(R0, 20bv64), Gamma_R1); assume {:captureState "%000003a1"} true; goto l000001b7; + l000001b7: + assume {:captureState "l000001b7"} true; + R0, Gamma_R0 := 0bv64, true; + goto main_return; lmain_goto_l000001b7: assume {:captureState "lmain_goto_l000001b7"} true; assume (bvnot1(bvcomp32(R1[32:0], 0bv32)) != 0bv1); goto l000001b7; + lmain_goto_l00000396: + assume {:captureState "lmain_goto_l00000396"} true; + assume (bvnot1(bvcomp32(R1[32:0], 0bv32)) == 0bv1); + goto l00000396; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/ifglobal/gcc_no_plt_no_pic/ifglobal.expected b/src/test/correct/ifglobal/gcc_no_plt_no_pic/ifglobal.expected index 7bc0cebe6..6d2e955fa 100644 --- a/src/test/correct/ifglobal/gcc_no_plt_no_pic/ifglobal.expected +++ b/src/test/correct/ifglobal/gcc_no_plt_no_pic/ifglobal.expected @@ -119,10 +119,6 @@ implementation main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; goto lmain_goto_l000008e5, lmain_goto_l000008d6; - l000008d6: - assume {:captureState "l000008d6"} true; - R0, Gamma_R0 := 0bv64, true; - goto main_return; l000008e5: assume {:captureState "l000008e5"} true; R0, Gamma_R0 := 69632bv64, true; @@ -133,14 +129,18 @@ implementation main() mem, Gamma_mem := memory_store32_le(mem, R0, R1[32:0]), gamma_store32(Gamma_mem, R0, Gamma_R1); assume {:captureState "%000008fb"} true; goto l000008d6; - lmain_goto_l000008e5: - assume {:captureState "lmain_goto_l000008e5"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); - goto l000008e5; + l000008d6: + assume {:captureState "l000008d6"} true; + R0, Gamma_R0 := 0bv64, true; + goto main_return; lmain_goto_l000008d6: assume {:captureState "lmain_goto_l000008d6"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); goto l000008d6; + lmain_goto_l000008e5: + assume {:captureState "lmain_goto_l000008e5"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); + goto l000008e5; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/ifglobal/gcc_pic/ifglobal.expected b/src/test/correct/ifglobal/gcc_pic/ifglobal.expected index 403c47f2f..e29207861 100644 --- a/src/test/correct/ifglobal/gcc_pic/ifglobal.expected +++ b/src/test/correct/ifglobal/gcc_pic/ifglobal.expected @@ -142,14 +142,14 @@ implementation main() assume {:captureState "l00000303"} true; R0, Gamma_R0 := 0bv64, true; goto main_return; - lmain_goto_l00000312: - assume {:captureState "lmain_goto_l00000312"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); - goto l00000312; lmain_goto_l00000303: assume {:captureState "lmain_goto_l00000303"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); goto l00000303; + lmain_goto_l00000312: + assume {:captureState "lmain_goto_l00000312"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); + goto l00000312; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/indirect_call/gcc_O2/indirect_call.expected b/src/test/correct/indirect_call/gcc_O2/indirect_call.expected index 4f7ee1834..a35b02300 100644 --- a/src/test/correct/indirect_call/gcc_O2/indirect_call.expected +++ b/src/test/correct/indirect_call/gcc_O2/indirect_call.expected @@ -382,6 +382,11 @@ implementation main() R30, Gamma_R30 := 1620bv64, true; call puts(); goto l000001ef; + l000001ef: + assume {:captureState "l000001ef"} true; + R30, Gamma_R30 := 1624bv64, true; + call greet(); + goto l00000205; l00000205: assume {:captureState "l00000205"} true; R0, Gamma_R0 := 0bv64, true; @@ -389,11 +394,6 @@ implementation main() R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto main_return; - l000001ef: - assume {:captureState "l000001ef"} true; - R30, Gamma_R30 := 1624bv64, true; - call greet(); - goto l00000205; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/jumptable/gcc_O2/jumptable.expected b/src/test/correct/jumptable/gcc_O2/jumptable.expected index 8e43d8c37..21747ef7e 100644 --- a/src/test/correct/jumptable/gcc_O2/jumptable.expected +++ b/src/test/correct/jumptable/gcc_O2/jumptable.expected @@ -221,6 +221,16 @@ implementation main() R30, Gamma_R30 := 1548bv64, true; call add_two(); goto l0000027c; + l0000027c: + assume {:captureState "l0000027c"} true; + R30, Gamma_R30 := 1552bv64, true; + call add_six(); + goto l00000283; + l00000283: + assume {:captureState "l00000283"} true; + R30, Gamma_R30 := 1556bv64, true; + call sub_seven(); + goto l0000028a; l0000028a: assume {:captureState "l0000028a"} true; R0, Gamma_R0 := 0bv64, true; @@ -228,16 +238,6 @@ implementation main() R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto main_return; - l00000283: - assume {:captureState "l00000283"} true; - R30, Gamma_R30 := 1556bv64, true; - call sub_seven(); - goto l0000028a; - l0000027c: - assume {:captureState "l0000027c"} true; - R30, Gamma_R30 := 1552bv64, true; - call add_six(); - goto l00000283; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/jumptable3/gcc/jumptable3.expected b/src/test/correct/jumptable3/gcc/jumptable3.expected index b73d605ca..f8daceebb 100644 --- a/src/test/correct/jumptable3/gcc/jumptable3.expected +++ b/src/test/correct/jumptable3/gcc/jumptable3.expected @@ -293,78 +293,54 @@ implementation main() NF, Gamma_NF := bvadd32(#5, 1bv32)[32:31], Gamma_#5; assert Gamma_ZF; goto lmain_goto_l000005e0, lmain_goto_l00000599; - l0000090b: - assume {:captureState "l0000090b"} true; - R30, Gamma_R30 := 2220bv64, true; - call sub_seven(); - goto l00000917; - l00000758_goto_l000005d7: - assume {:captureState "l00000758_goto_l000005d7"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); - goto l000005d7; - l000006a3: - assume {:captureState "l000006a3"} true; + l000005e0: + assume {:captureState "l000005e0"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #10, Gamma_#10 := bvadd32(R0[32:0], 4294967286bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#10, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934583bv33))), (Gamma_R0 && Gamma_#10); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#10, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967287bv33))), (Gamma_R0 && Gamma_#10); - ZF, Gamma_ZF := bvcomp32(bvadd32(#10, 1bv32), 0bv32), Gamma_#10; - NF, Gamma_NF := bvadd32(#10, 1bv32)[32:31], Gamma_#10; + #6, Gamma_#6 := bvadd32(R0[32:0], 4294967284bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#6, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934581bv33))), (Gamma_R0 && Gamma_#6); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#6, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967285bv33))), (Gamma_R0 && Gamma_#6); + ZF, Gamma_ZF := bvcomp32(bvadd32(#6, 1bv32), 0bv32), Gamma_#6; + NF, Gamma_NF := bvadd32(#6, 1bv32)[32:31], Gamma_#6; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l000006a3_goto_l000005d7, l000006a3_goto_l000006cb; - l0000088a_goto_l000008ab: - assume {:captureState "l0000088a_goto_l000008ab"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l000008ab; - l0000074c: - assume {:captureState "l0000074c"} true; - R30, Gamma_R30 := 2260bv64, true; + goto l000005e0_goto_l000005d7, l000005e0_goto_l00000608; + l00000608: + assume {:captureState "l00000608"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #7, Gamma_#7 := bvadd32(R0[32:0], 4294967285bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#7, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934582bv33))), (Gamma_R0 && Gamma_#7); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#7, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967286bv33))), (Gamma_R0 && Gamma_#7); + ZF, Gamma_ZF := bvcomp32(bvadd32(#7, 1bv32), 0bv32), Gamma_#7; + NF, Gamma_NF := bvadd32(#7, 1bv32)[32:31], Gamma_#7; + assert Gamma_ZF; + goto l00000608_goto_l00000629, l00000608_goto_l00000643; + l00000629: + assume {:captureState "l00000629"} true; + R30, Gamma_R30 := 2288bv64, true; call sub_seven(); - goto l000006ec; - l0000072b_goto_l0000074c: - assume {:captureState "l0000072b_goto_l0000074c"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l0000074c; - l000005c2: - assume {:captureState "l000005c2"} true; - R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); - R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); - R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; - goto main_return; - l0000097b_goto_l00000974: - assume {:captureState "l0000097b_goto_l00000974"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l00000974; - l00000643_goto_l0000066b: - assume {:captureState "l00000643_goto_l0000066b"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); - goto l0000066b; - l00000802: - assume {:captureState "l00000802"} true; - R30, Gamma_R30 := 2252bv64, true; + goto l00000635; + l00000635: + assume {:captureState "l00000635"} true; + R30, Gamma_R30 := 2292bv64, true; call add_two(); - goto l000007a1; - l000007d5_goto_l00000809: - assume {:captureState "l000007d5_goto_l00000809"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l00000809; - l00000608_goto_l00000629: - assume {:captureState "l00000608_goto_l00000629"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l00000629; - l00000862_goto_l000005d7: - assume {:captureState "l00000862_goto_l000005d7"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); - goto l000005d7; - l00000831_goto_l00000862: - assume {:captureState "l00000831_goto_l00000862"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l00000862; - l00000964: - assume {:captureState "l00000964"} true; - R30, Gamma_R30 := 2208bv64, true; + goto l0000063c; + l0000063c: + assume {:captureState "l0000063c"} true; + R30, Gamma_R30 := 2296bv64, true; + call add_six(); + goto l00000599; + l00000599: + assume {:captureState "l00000599"} true; + R30, Gamma_R30 := 2300bv64, true; + call sub_seven(); + goto l000005a5; + l000005a5: + assume {:captureState "l000005a5"} true; + R30, Gamma_R30 := 2304bv64, true; call add_two(); - goto l00000970; + goto l000005ac; + l000005ac: + assume {:captureState "l000005ac"} true; + goto l000005ad; l00000643: assume {:captureState "l00000643"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -375,100 +351,69 @@ implementation main() NF, Gamma_NF := bvadd32(#8, 1bv32)[32:31], Gamma_#8; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); goto l00000643_goto_l000005d7, l00000643_goto_l0000066b; - l000006a3_goto_l000005d7: - assume {:captureState "l000006a3_goto_l000005d7"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); - goto l000005d7; - l00000943_goto_l0000097b: - assume {:captureState "l00000943_goto_l0000097b"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l0000097b; - l00000809: - assume {:captureState "l00000809"} true; + l0000066b: + assume {:captureState "l0000066b"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #18, Gamma_#18 := bvadd32(R0[32:0], 4294967290bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#18, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934587bv33))), (Gamma_R0 && Gamma_#18); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#18, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967291bv33))), (Gamma_R0 && Gamma_#18); - ZF, Gamma_ZF := bvcomp32(bvadd32(#18, 1bv32), 0bv32), Gamma_#18; - NF, Gamma_NF := bvadd32(#18, 1bv32)[32:31], Gamma_#18; + #9, Gamma_#9 := bvadd32(R0[32:0], 4294967286bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#9, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934583bv33))), (Gamma_R0 && Gamma_#9); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#9, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967287bv33))), (Gamma_R0 && Gamma_#9); + ZF, Gamma_ZF := bvcomp32(bvadd32(#9, 1bv32), 0bv32), Gamma_#9; + NF, Gamma_NF := bvadd32(#9, 1bv32)[32:31], Gamma_#9; + assert Gamma_ZF; + goto l0000066b_goto_l000006a3, l0000066b_goto_l0000068c; + l0000068c: + assume {:captureState "l0000068c"} true; + R30, Gamma_R30 := 2276bv64, true; + call add_two(); + goto l00000698; + l00000698: + assume {:captureState "l00000698"} true; + R30, Gamma_R30 := 2280bv64, true; + call add_six(); + goto l0000069f; + l0000069f: + assume {:captureState "l0000069f"} true; + goto l000005ad; + l000006a3: + assume {:captureState "l000006a3"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #10, Gamma_#10 := bvadd32(R0[32:0], 4294967286bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#10, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934583bv33))), (Gamma_R0 && Gamma_#10); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#10, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967287bv33))), (Gamma_R0 && Gamma_#10); + ZF, Gamma_ZF := bvcomp32(bvadd32(#10, 1bv32), 0bv32), Gamma_#10; + NF, Gamma_NF := bvadd32(#10, 1bv32)[32:31], Gamma_#10; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l00000809_goto_l00000831, l00000809_goto_l000005d7; - l00000608: - assume {:captureState "l00000608"} true; + goto l000006a3_goto_l000005d7, l000006a3_goto_l000006cb; + l000006cb: + assume {:captureState "l000006cb"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #7, Gamma_#7 := bvadd32(R0[32:0], 4294967285bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#7, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934582bv33))), (Gamma_R0 && Gamma_#7); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#7, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967286bv33))), (Gamma_R0 && Gamma_#7); - ZF, Gamma_ZF := bvcomp32(bvadd32(#7, 1bv32), 0bv32), Gamma_#7; - NF, Gamma_NF := bvadd32(#7, 1bv32)[32:31], Gamma_#7; + #11, Gamma_#11 := bvadd32(R0[32:0], 4294967287bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#11, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934584bv33))), (Gamma_R0 && Gamma_#11); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#11, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967288bv33))), (Gamma_R0 && Gamma_#11); + ZF, Gamma_ZF := bvcomp32(bvadd32(#11, 1bv32), 0bv32), Gamma_#11; + NF, Gamma_NF := bvadd32(#11, 1bv32)[32:31], Gamma_#11; assert Gamma_ZF; - goto l00000608_goto_l00000629, l00000608_goto_l00000643; - l000006cb_goto_l00000703: - assume {:captureState "l000006cb_goto_l00000703"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l00000703; - l0000091b_goto_l000005d7: - assume {:captureState "l0000091b_goto_l000005d7"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); - goto l000005d7; - l0000085e: - assume {:captureState "l0000085e"} true; - goto l000005ad; - lmain_goto_l000005e0: - assume {:captureState "lmain_goto_l000005e0"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l000005e0; - l000008c2_goto_l000005d7: - assume {:captureState "l000008c2_goto_l000005d7"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); - goto l000005d7; - l000007f6: - assume {:captureState "l000007f6"} true; - R30, Gamma_R30 := 2248bv64, true; - call add_six(); - goto l00000802; - l0000097b: - assume {:captureState "l0000097b"} true; + goto l000006cb_goto_l00000703, l000006cb_goto_l000006ec; + l00000703: + assume {:captureState "l00000703"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #26, Gamma_#26 := bvadd32(R0[32:0], 4294967294bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#26, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934591bv33))), (Gamma_R0 && Gamma_#26); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#26, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967295bv33))), (Gamma_R0 && Gamma_#26); - ZF, Gamma_ZF := bvcomp32(bvadd32(#26, 1bv32), 0bv32), Gamma_#26; - NF, Gamma_NF := bvadd32(#26, 1bv32)[32:31], Gamma_#26; + #12, Gamma_#12 := bvadd32(R0[32:0], 4294967287bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#12, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934584bv33))), (Gamma_R0 && Gamma_#12); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#12, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967288bv33))), (Gamma_R0 && Gamma_#12); + ZF, Gamma_ZF := bvcomp32(bvadd32(#12, 1bv32), 0bv32), Gamma_#12; + NF, Gamma_NF := bvadd32(#12, 1bv32)[32:31], Gamma_#12; + assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); + goto l00000703_goto_l0000072b, l00000703_goto_l000005d7; + l0000072b: + assume {:captureState "l0000072b"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #13, Gamma_#13 := bvadd32(R0[32:0], 4294967288bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#13, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934585bv33))), (Gamma_R0 && Gamma_#13); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#13, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967289bv33))), (Gamma_R0 && Gamma_#13); + ZF, Gamma_ZF := bvcomp32(bvadd32(#13, 1bv32), 0bv32), Gamma_#13; + NF, Gamma_NF := bvadd32(#13, 1bv32)[32:31], Gamma_#13; assert Gamma_ZF; - goto l0000097b_goto_l000009a1, l0000097b_goto_l00000974; - l00000643_goto_l000005d7: - assume {:captureState "l00000643_goto_l000005d7"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); - goto l000005d7; - l00000608_goto_l00000643: - assume {:captureState "l00000608_goto_l00000643"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l00000643; - l00000780_goto_l000007ad: - assume {:captureState "l00000780_goto_l000007ad"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l000007ad; - l00000809_goto_l000005d7: - assume {:captureState "l00000809_goto_l000005d7"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); - goto l000005d7; - l000007d5_goto_l000007f6: - assume {:captureState "l000007d5_goto_l000007f6"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l000007f6; - l0000091b_goto_l00000943: - assume {:captureState "l0000091b_goto_l00000943"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); - goto l00000943; - l000008c2_goto_l000008ea: - assume {:captureState "l000008c2_goto_l000008ea"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); - goto l000008ea; - l0000066b_goto_l000006a3: - assume {:captureState "l0000066b_goto_l000006a3"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l000006a3; + goto l0000072b_goto_l00000758, l0000072b_goto_l0000074c; l00000758: assume {:captureState "l00000758"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -479,7 +424,17 @@ implementation main() NF, Gamma_NF := bvadd32(#14, 1bv32)[32:31], Gamma_#14; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); goto l00000758_goto_l000005d7, l00000758_goto_l00000780; - l000007ad: + l00000780: + assume {:captureState "l00000780"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #15, Gamma_#15 := bvadd32(R0[32:0], 4294967289bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#15, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934586bv33))), (Gamma_R0 && Gamma_#15); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#15, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967290bv33))), (Gamma_R0 && Gamma_#15); + ZF, Gamma_ZF := bvcomp32(bvadd32(#15, 1bv32), 0bv32), Gamma_#15; + NF, Gamma_NF := bvadd32(#15, 1bv32)[32:31], Gamma_#15; + assert Gamma_ZF; + goto l00000780_goto_l000007a1, l00000780_goto_l000007ad; + l000007ad: assume {:captureState "l000007ad"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); #16, Gamma_#16 := bvadd32(R0[32:0], 4294967289bv32), Gamma_R0; @@ -489,26 +444,59 @@ implementation main() NF, Gamma_NF := bvadd32(#16, 1bv32)[32:31], Gamma_#16; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); goto l000007ad_goto_l000007d5, l000007ad_goto_l000005d7; - l0000097b_goto_l000009a1: - assume {:captureState "l0000097b_goto_l000009a1"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l000009a1; - l0000072b_goto_l00000758: - assume {:captureState "l0000072b_goto_l00000758"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l00000758; - l000005ad: - assume {:captureState "l000005ad"} true; - R0, Gamma_R0 := 69632bv64, true; - R0, Gamma_R0 := bvadd64(R0, 16bv64), Gamma_R0; - call rely(); - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, R0)), (gamma_load32(Gamma_mem, R0) || L(mem, R0)); - goto l000005c2; - l00000635: - assume {:captureState "l00000635"} true; - R30, Gamma_R30 := 2292bv64, true; + l000007d5: + assume {:captureState "l000007d5"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #17, Gamma_#17 := bvadd32(R0[32:0], 4294967290bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#17, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934587bv33))), (Gamma_R0 && Gamma_#17); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#17, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967291bv33))), (Gamma_R0 && Gamma_#17); + ZF, Gamma_ZF := bvcomp32(bvadd32(#17, 1bv32), 0bv32), Gamma_#17; + NF, Gamma_NF := bvadd32(#17, 1bv32)[32:31], Gamma_#17; + assert Gamma_ZF; + goto l000007d5_goto_l00000809, l000007d5_goto_l000007f6; + l000007f6: + assume {:captureState "l000007f6"} true; + R30, Gamma_R30 := 2248bv64, true; + call add_six(); + goto l00000802; + l00000802: + assume {:captureState "l00000802"} true; + R30, Gamma_R30 := 2252bv64, true; call add_two(); - goto l0000063c; + goto l000007a1; + l000007a1: + assume {:captureState "l000007a1"} true; + R30, Gamma_R30 := 2256bv64, true; + call add_six(); + goto l0000074c; + l0000074c: + assume {:captureState "l0000074c"} true; + R30, Gamma_R30 := 2260bv64, true; + call sub_seven(); + goto l000006ec; + l000006ec: + assume {:captureState "l000006ec"} true; + R30, Gamma_R30 := 2264bv64, true; + call sub_seven(); + goto l000006f8; + l000006f8: + assume {:captureState "l000006f8"} true; + R30, Gamma_R30 := 2268bv64, true; + call add_six(); + goto l000006ff; + l000006ff: + assume {:captureState "l000006ff"} true; + goto l000005ad; + l00000809: + assume {:captureState "l00000809"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #18, Gamma_#18 := bvadd32(R0[32:0], 4294967290bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#18, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934587bv33))), (Gamma_R0 && Gamma_#18); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#18, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967291bv33))), (Gamma_R0 && Gamma_#18); + ZF, Gamma_ZF := bvcomp32(bvadd32(#18, 1bv32), 0bv32), Gamma_#18; + NF, Gamma_NF := bvadd32(#18, 1bv32)[32:31], Gamma_#18; + assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); + goto l00000809_goto_l00000831, l00000809_goto_l000005d7; l00000831: assume {:captureState "l00000831"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -519,76 +507,47 @@ implementation main() NF, Gamma_NF := bvadd32(#19, 1bv32)[32:31], Gamma_#19; assert Gamma_ZF; goto l00000831_goto_l00000862, l00000831_goto_l00000852; - l00000862_goto_l0000088a: - assume {:captureState "l00000862_goto_l0000088a"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); - goto l0000088a; - l000005ac: - assume {:captureState "l000005ac"} true; + l00000852: + assume {:captureState "l00000852"} true; + R30, Gamma_R30 := 2240bv64, true; + call add_six(); + goto l0000085e; + l0000085e: + assume {:captureState "l0000085e"} true; goto l000005ad; - l0000088a_goto_l000008c2: - assume {:captureState "l0000088a_goto_l000008c2"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l000008c2; - l00000831_goto_l00000852: - assume {:captureState "l00000831_goto_l00000852"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l00000852; - l00000599: - assume {:captureState "l00000599"} true; - R30, Gamma_R30 := 2300bv64, true; - call sub_seven(); - goto l000005a5; - l000006cb: - assume {:captureState "l000006cb"} true; + l00000862: + assume {:captureState "l00000862"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #11, Gamma_#11 := bvadd32(R0[32:0], 4294967287bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#11, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934584bv33))), (Gamma_R0 && Gamma_#11); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#11, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967288bv33))), (Gamma_R0 && Gamma_#11); - ZF, Gamma_ZF := bvcomp32(bvadd32(#11, 1bv32), 0bv32), Gamma_#11; - NF, Gamma_NF := bvadd32(#11, 1bv32)[32:31], Gamma_#11; - assert Gamma_ZF; - goto l000006cb_goto_l00000703, l000006cb_goto_l000006ec; - l0000066b: - assume {:captureState "l0000066b"} true; + #20, Gamma_#20 := bvadd32(R0[32:0], 4294967291bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#20, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934588bv33))), (Gamma_R0 && Gamma_#20); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#20, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967292bv33))), (Gamma_R0 && Gamma_#20); + ZF, Gamma_ZF := bvcomp32(bvadd32(#20, 1bv32), 0bv32), Gamma_#20; + NF, Gamma_NF := bvadd32(#20, 1bv32)[32:31], Gamma_#20; + assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); + goto l00000862_goto_l000005d7, l00000862_goto_l0000088a; + l0000088a: + assume {:captureState "l0000088a"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #9, Gamma_#9 := bvadd32(R0[32:0], 4294967286bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#9, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934583bv33))), (Gamma_R0 && Gamma_#9); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#9, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967287bv33))), (Gamma_R0 && Gamma_#9); - ZF, Gamma_ZF := bvcomp32(bvadd32(#9, 1bv32), 0bv32), Gamma_#9; - NF, Gamma_NF := bvadd32(#9, 1bv32)[32:31], Gamma_#9; + #21, Gamma_#21 := bvadd32(R0[32:0], 4294967292bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#21, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934589bv33))), (Gamma_R0 && Gamma_#21); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#21, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967293bv33))), (Gamma_R0 && Gamma_#21); + ZF, Gamma_ZF := bvcomp32(bvadd32(#21, 1bv32), 0bv32), Gamma_#21; + NF, Gamma_NF := bvadd32(#21, 1bv32)[32:31], Gamma_#21; assert Gamma_ZF; - goto l0000066b_goto_l000006a3, l0000066b_goto_l0000068c; - l00000917: - assume {:captureState "l00000917"} true; - goto l000005ad; - l000008ea_goto_l0000091b: - assume {:captureState "l000008ea_goto_l0000091b"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l0000091b; - l000005a5: - assume {:captureState "l000005a5"} true; - R30, Gamma_R30 := 2304bv64, true; + goto l0000088a_goto_l000008ab, l0000088a_goto_l000008c2; + l000008ab: + assume {:captureState "l000008ab"} true; + R30, Gamma_R30 := 2228bv64, true; call add_two(); - goto l000005ac; - l000009a1: - assume {:captureState "l000009a1"} true; - goto l000005d7; - l0000072b: - assume {:captureState "l0000072b"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #13, Gamma_#13 := bvadd32(R0[32:0], 4294967288bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#13, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934585bv33))), (Gamma_R0 && Gamma_#13); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#13, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967289bv33))), (Gamma_R0 && Gamma_#13); - ZF, Gamma_ZF := bvcomp32(bvadd32(#13, 1bv32), 0bv32), Gamma_#13; - NF, Gamma_NF := bvadd32(#13, 1bv32)[32:31], Gamma_#13; - assert Gamma_ZF; - goto l0000072b_goto_l00000758, l0000072b_goto_l0000074c; - l000007a1: - assume {:captureState "l000007a1"} true; - R30, Gamma_R30 := 2256bv64, true; - call add_six(); - goto l0000074c; + goto l000008b7; + l000008b7: + assume {:captureState "l000008b7"} true; + R30, Gamma_R30 := 2232bv64, true; + call sub_seven(); + goto l000008be; + l000008be: + assume {:captureState "l000008be"} true; + goto l000005ad; l000008c2: assume {:captureState "l000008c2"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -599,41 +558,26 @@ implementation main() NF, Gamma_NF := bvadd32(#22, 1bv32)[32:31], Gamma_#22; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); goto l000008c2_goto_l000008ea, l000008c2_goto_l000005d7; - l000007ad_goto_l000007d5: - assume {:captureState "l000007ad_goto_l000007d5"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); - goto l000007d5; - l000007ad_goto_l000005d7: - assume {:captureState "l000007ad_goto_l000005d7"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); - goto l000005d7; - l000006a3_goto_l000006cb: - assume {:captureState "l000006a3_goto_l000006cb"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); - goto l000006cb; - l00000780: - assume {:captureState "l00000780"} true; + l000008ea: + assume {:captureState "l000008ea"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #15, Gamma_#15 := bvadd32(R0[32:0], 4294967289bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#15, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934586bv33))), (Gamma_R0 && Gamma_#15); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#15, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967290bv33))), (Gamma_R0 && Gamma_#15); - ZF, Gamma_ZF := bvcomp32(bvadd32(#15, 1bv32), 0bv32), Gamma_#15; - NF, Gamma_NF := bvadd32(#15, 1bv32)[32:31], Gamma_#15; + #23, Gamma_#23 := bvadd32(R0[32:0], 4294967293bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#23, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934590bv33))), (Gamma_R0 && Gamma_#23); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#23, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967294bv33))), (Gamma_R0 && Gamma_#23); + ZF, Gamma_ZF := bvcomp32(bvadd32(#23, 1bv32), 0bv32), Gamma_#23; + NF, Gamma_NF := bvadd32(#23, 1bv32)[32:31], Gamma_#23; assert Gamma_ZF; - goto l00000780_goto_l000007a1, l00000780_goto_l000007ad; - l00000703: - assume {:captureState "l00000703"} true; + goto l000008ea_goto_l0000090b, l000008ea_goto_l0000091b; + l0000091b: + assume {:captureState "l0000091b"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #12, Gamma_#12 := bvadd32(R0[32:0], 4294967287bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#12, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934584bv33))), (Gamma_R0 && Gamma_#12); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#12, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967288bv33))), (Gamma_R0 && Gamma_#12); - ZF, Gamma_ZF := bvcomp32(bvadd32(#12, 1bv32), 0bv32), Gamma_#12; - NF, Gamma_NF := bvadd32(#12, 1bv32)[32:31], Gamma_#12; + #24, Gamma_#24 := bvadd32(R0[32:0], 4294967293bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#24, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934590bv33))), (Gamma_R0 && Gamma_#24); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#24, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967294bv33))), (Gamma_R0 && Gamma_#24); + ZF, Gamma_ZF := bvcomp32(bvadd32(#24, 1bv32), 0bv32), Gamma_#24; + NF, Gamma_NF := bvadd32(#24, 1bv32)[32:31], Gamma_#24; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l00000703_goto_l0000072b, l00000703_goto_l000005d7; - l000008be: - assume {:captureState "l000008be"} true; - goto l000005ad; + goto l0000091b_goto_l00000943, l0000091b_goto_l000005d7; l00000943: assume {:captureState "l00000943"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -644,177 +588,233 @@ implementation main() NF, Gamma_NF := bvadd32(#25, 1bv32)[32:31], Gamma_#25; assert Gamma_ZF; goto l00000943_goto_l0000097b, l00000943_goto_l00000964; - l000006ff: - assume {:captureState "l000006ff"} true; + l00000964: + assume {:captureState "l00000964"} true; + R30, Gamma_R30 := 2208bv64, true; + call add_two(); + goto l00000970; + l00000970: + assume {:captureState "l00000970"} true; goto l000005ad; - l00000943_goto_l00000964: - assume {:captureState "l00000943_goto_l00000964"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l00000964; - l00000862: - assume {:captureState "l00000862"} true; + l0000097b: + assume {:captureState "l0000097b"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #20, Gamma_#20 := bvadd32(R0[32:0], 4294967291bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#20, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934588bv33))), (Gamma_R0 && Gamma_#20); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#20, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967292bv33))), (Gamma_R0 && Gamma_#20); - ZF, Gamma_ZF := bvcomp32(bvadd32(#20, 1bv32), 0bv32), Gamma_#20; - NF, Gamma_NF := bvadd32(#20, 1bv32)[32:31], Gamma_#20; - assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l00000862_goto_l000005d7, l00000862_goto_l0000088a; - l00000703_goto_l000005d7: - assume {:captureState "l00000703_goto_l000005d7"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); - goto l000005d7; - l0000069f: - assume {:captureState "l0000069f"} true; - goto l000005ad; - l00000629: - assume {:captureState "l00000629"} true; - R30, Gamma_R30 := 2288bv64, true; - call sub_seven(); - goto l00000635; - l0000091b: - assume {:captureState "l0000091b"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #24, Gamma_#24 := bvadd32(R0[32:0], 4294967293bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#24, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934590bv33))), (Gamma_R0 && Gamma_#24); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#24, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967294bv33))), (Gamma_R0 && Gamma_#24); - ZF, Gamma_ZF := bvcomp32(bvadd32(#24, 1bv32), 0bv32), Gamma_#24; - NF, Gamma_NF := bvadd32(#24, 1bv32)[32:31], Gamma_#24; - assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l0000091b_goto_l00000943, l0000091b_goto_l000005d7; - l000008ea_goto_l0000090b: - assume {:captureState "l000008ea_goto_l0000090b"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l0000090b; - l000005d7: - assume {:captureState "l000005d7"} true; - R0, Gamma_R0 := 1bv64, true; - goto l000005c2; - l000007d5: - assume {:captureState "l000007d5"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #17, Gamma_#17 := bvadd32(R0[32:0], 4294967290bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#17, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934587bv33))), (Gamma_R0 && Gamma_#17); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#17, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967291bv33))), (Gamma_R0 && Gamma_#17); - ZF, Gamma_ZF := bvcomp32(bvadd32(#17, 1bv32), 0bv32), Gamma_#17; - NF, Gamma_NF := bvadd32(#17, 1bv32)[32:31], Gamma_#17; + #26, Gamma_#26 := bvadd32(R0[32:0], 4294967294bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#26, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934591bv33))), (Gamma_R0 && Gamma_#26); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#26, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967295bv33))), (Gamma_R0 && Gamma_#26); + ZF, Gamma_ZF := bvcomp32(bvadd32(#26, 1bv32), 0bv32), Gamma_#26; + NF, Gamma_NF := bvadd32(#26, 1bv32)[32:31], Gamma_#26; assert Gamma_ZF; - goto l000007d5_goto_l00000809, l000007d5_goto_l000007f6; - l000006f8: - assume {:captureState "l000006f8"} true; - R30, Gamma_R30 := 2268bv64, true; - call add_six(); - goto l000006ff; - l0000063c: - assume {:captureState "l0000063c"} true; - R30, Gamma_R30 := 2296bv64, true; - call add_six(); - goto l00000599; - l00000970: - assume {:captureState "l00000970"} true; - goto l000005ad; - l00000758_goto_l00000780: - assume {:captureState "l00000758_goto_l00000780"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); - goto l00000780; - l000008b7: - assume {:captureState "l000008b7"} true; - R30, Gamma_R30 := 2232bv64, true; - call sub_seven(); - goto l000008be; - l000005e0_goto_l000005d7: - assume {:captureState "l000005e0_goto_l000005d7"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); - goto l000005d7; - l000008ab: - assume {:captureState "l000008ab"} true; - R30, Gamma_R30 := 2228bv64, true; - call add_two(); - goto l000008b7; + goto l0000097b_goto_l000009a1, l0000097b_goto_l00000974; l00000974: assume {:captureState "l00000974"} true; R30, Gamma_R30 := 2216bv64, true; call add_six(); goto l0000090b; - l000006ec: - assume {:captureState "l000006ec"} true; - R30, Gamma_R30 := 2264bv64, true; + l0000090b: + assume {:captureState "l0000090b"} true; + R30, Gamma_R30 := 2220bv64, true; call sub_seven(); - goto l000006f8; - l000008ea: - assume {:captureState "l000008ea"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #23, Gamma_#23 := bvadd32(R0[32:0], 4294967293bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#23, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934590bv33))), (Gamma_R0 && Gamma_#23); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#23, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967294bv33))), (Gamma_R0 && Gamma_#23); - ZF, Gamma_ZF := bvcomp32(bvadd32(#23, 1bv32), 0bv32), Gamma_#23; - NF, Gamma_NF := bvadd32(#23, 1bv32)[32:31], Gamma_#23; - assert Gamma_ZF; - goto l000008ea_goto_l0000090b, l000008ea_goto_l0000091b; + goto l00000917; + l00000917: + assume {:captureState "l00000917"} true; + goto l000005ad; + l000005ad: + assume {:captureState "l000005ad"} true; + R0, Gamma_R0 := 69632bv64, true; + R0, Gamma_R0 := bvadd64(R0, 16bv64), Gamma_R0; + call rely(); + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, R0)), (gamma_load32(Gamma_mem, R0) || L(mem, R0)); + goto l000005c2; + l000009a1: + assume {:captureState "l000009a1"} true; + goto l000005d7; + l000005d7: + assume {:captureState "l000005d7"} true; + R0, Gamma_R0 := 1bv64, true; + goto l000005c2; + l000005c2: + assume {:captureState "l000005c2"} true; + R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); + R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); + R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; + goto main_return; lmain_goto_l00000599: assume {:captureState "lmain_goto_l00000599"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); goto l00000599; - l00000698: - assume {:captureState "l00000698"} true; - R30, Gamma_R30 := 2280bv64, true; - call add_six(); - goto l0000069f; - l00000852: - assume {:captureState "l00000852"} true; - R30, Gamma_R30 := 2240bv64, true; - call add_six(); - goto l0000085e; + lmain_goto_l000005e0: + assume {:captureState "lmain_goto_l000005e0"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l000005e0; + l000005e0_goto_l000005d7: + assume {:captureState "l000005e0_goto_l000005d7"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); + goto l000005d7; + l000005e0_goto_l00000608: + assume {:captureState "l000005e0_goto_l00000608"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); + goto l00000608; + l00000608_goto_l00000629: + assume {:captureState "l00000608_goto_l00000629"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l00000629; + l00000608_goto_l00000643: + assume {:captureState "l00000608_goto_l00000643"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l00000643; + l00000643_goto_l000005d7: + assume {:captureState "l00000643_goto_l000005d7"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); + goto l000005d7; + l00000643_goto_l0000066b: + assume {:captureState "l00000643_goto_l0000066b"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); + goto l0000066b; + l0000066b_goto_l0000068c: + assume {:captureState "l0000066b_goto_l0000068c"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l0000068c; + l0000066b_goto_l000006a3: + assume {:captureState "l0000066b_goto_l000006a3"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l000006a3; + l000006a3_goto_l000005d7: + assume {:captureState "l000006a3_goto_l000005d7"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); + goto l000005d7; + l000006a3_goto_l000006cb: + assume {:captureState "l000006a3_goto_l000006cb"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); + goto l000006cb; l000006cb_goto_l000006ec: assume {:captureState "l000006cb_goto_l000006ec"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); goto l000006ec; + l000006cb_goto_l00000703: + assume {:captureState "l000006cb_goto_l00000703"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l00000703; + l00000703_goto_l000005d7: + assume {:captureState "l00000703_goto_l000005d7"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); + goto l000005d7; l00000703_goto_l0000072b: assume {:captureState "l00000703_goto_l0000072b"} true; assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); goto l0000072b; + l0000072b_goto_l0000074c: + assume {:captureState "l0000072b_goto_l0000074c"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l0000074c; + l0000072b_goto_l00000758: + assume {:captureState "l0000072b_goto_l00000758"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l00000758; + l00000758_goto_l000005d7: + assume {:captureState "l00000758_goto_l000005d7"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); + goto l000005d7; + l00000758_goto_l00000780: + assume {:captureState "l00000758_goto_l00000780"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); + goto l00000780; l00000780_goto_l000007a1: assume {:captureState "l00000780_goto_l000007a1"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); goto l000007a1; - l000005e0: - assume {:captureState "l000005e0"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #6, Gamma_#6 := bvadd32(R0[32:0], 4294967284bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#6, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934581bv33))), (Gamma_R0 && Gamma_#6); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#6, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967285bv33))), (Gamma_R0 && Gamma_#6); - ZF, Gamma_ZF := bvcomp32(bvadd32(#6, 1bv32), 0bv32), Gamma_#6; - NF, Gamma_NF := bvadd32(#6, 1bv32)[32:31], Gamma_#6; - assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l000005e0_goto_l000005d7, l000005e0_goto_l00000608; - l000005e0_goto_l00000608: - assume {:captureState "l000005e0_goto_l00000608"} true; + l00000780_goto_l000007ad: + assume {:captureState "l00000780_goto_l000007ad"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l000007ad; + l000007ad_goto_l000005d7: + assume {:captureState "l000007ad_goto_l000005d7"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); + goto l000005d7; + l000007ad_goto_l000007d5: + assume {:captureState "l000007ad_goto_l000007d5"} true; assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); - goto l00000608; - l0000066b_goto_l0000068c: - assume {:captureState "l0000066b_goto_l0000068c"} true; + goto l000007d5; + l000007d5_goto_l000007f6: + assume {:captureState "l000007d5_goto_l000007f6"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l0000068c; - l0000068c: - assume {:captureState "l0000068c"} true; - R30, Gamma_R30 := 2276bv64, true; - call add_two(); - goto l00000698; - l0000088a: - assume {:captureState "l0000088a"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #21, Gamma_#21 := bvadd32(R0[32:0], 4294967292bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#21, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934589bv33))), (Gamma_R0 && Gamma_#21); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#21, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967293bv33))), (Gamma_R0 && Gamma_#21); - ZF, Gamma_ZF := bvcomp32(bvadd32(#21, 1bv32), 0bv32), Gamma_#21; - NF, Gamma_NF := bvadd32(#21, 1bv32)[32:31], Gamma_#21; - assert Gamma_ZF; - goto l0000088a_goto_l000008ab, l0000088a_goto_l000008c2; + goto l000007f6; + l000007d5_goto_l00000809: + assume {:captureState "l000007d5_goto_l00000809"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l00000809; + l00000809_goto_l000005d7: + assume {:captureState "l00000809_goto_l000005d7"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); + goto l000005d7; l00000809_goto_l00000831: assume {:captureState "l00000809_goto_l00000831"} true; assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); goto l00000831; + l00000831_goto_l00000852: + assume {:captureState "l00000831_goto_l00000852"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l00000852; + l00000831_goto_l00000862: + assume {:captureState "l00000831_goto_l00000862"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l00000862; + l00000862_goto_l000005d7: + assume {:captureState "l00000862_goto_l000005d7"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); + goto l000005d7; + l00000862_goto_l0000088a: + assume {:captureState "l00000862_goto_l0000088a"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); + goto l0000088a; + l0000088a_goto_l000008ab: + assume {:captureState "l0000088a_goto_l000008ab"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l000008ab; + l0000088a_goto_l000008c2: + assume {:captureState "l0000088a_goto_l000008c2"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l000008c2; + l000008c2_goto_l000005d7: + assume {:captureState "l000008c2_goto_l000005d7"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); + goto l000005d7; + l000008c2_goto_l000008ea: + assume {:captureState "l000008c2_goto_l000008ea"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); + goto l000008ea; + l000008ea_goto_l0000090b: + assume {:captureState "l000008ea_goto_l0000090b"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l0000090b; + l000008ea_goto_l0000091b: + assume {:captureState "l000008ea_goto_l0000091b"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l0000091b; + l0000091b_goto_l000005d7: + assume {:captureState "l0000091b_goto_l000005d7"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); + goto l000005d7; + l0000091b_goto_l00000943: + assume {:captureState "l0000091b_goto_l00000943"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); + goto l00000943; + l00000943_goto_l00000964: + assume {:captureState "l00000943_goto_l00000964"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l00000964; + l00000943_goto_l0000097b: + assume {:captureState "l00000943_goto_l0000097b"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l0000097b; + l0000097b_goto_l00000974: + assume {:captureState "l0000097b_goto_l00000974"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l00000974; + l0000097b_goto_l000009a1: + assume {:captureState "l0000097b_goto_l000009a1"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l000009a1; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/jumptable3/gcc_O2/jumptable3.expected b/src/test/correct/jumptable3/gcc_O2/jumptable3.expected index 8b4c5f57a..bb7c003c0 100644 --- a/src/test/correct/jumptable3/gcc_O2/jumptable3.expected +++ b/src/test/correct/jumptable3/gcc_O2/jumptable3.expected @@ -152,14 +152,10 @@ implementation main() NF, Gamma_NF := bvadd32(#1, 1bv32)[32:31], Gamma_#1; assert Gamma_ZF; goto lmain_goto_l00000317, lmain_goto_l00000753; - l0000070c: - assume {:captureState "l0000070c"} true; + l00000753: + assume {:captureState "l00000753"} true; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l0000070c_goto_l00000644, l0000070c_goto_l00000715; - l0000077b_goto_l00000784: - assume {:captureState "l0000077b_goto_l00000784"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); - goto l00000784; + goto l00000753_goto_l0000075c, l00000753_goto_l000006e8; l000006e8: assume {:captureState "l000006e8"} true; R1, Gamma_R1 := 69632bv64, true; @@ -170,45 +166,20 @@ implementation main() NF, Gamma_NF := bvadd32(#8, 1bv32)[32:31], Gamma_#8; assert Gamma_ZF; goto l000006e8_goto_l000005f9, l000006e8_goto_l0000070c; - l00000753_goto_l0000075c: - assume {:captureState "l00000753_goto_l0000075c"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); - goto l0000075c; - l00000682: - assume {:captureState "l00000682"} true; - R1, Gamma_R1 := 69632bv64, true; + l000005f9: + assume {:captureState "l000005f9"} true; call rely(); R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, bvadd64(R1, 16bv64))), (gamma_load32(Gamma_mem, bvadd64(R1, 16bv64)) || L(mem, bvadd64(R1, 16bv64))); R0, Gamma_R0 := zero_extend32_32(bvadd32(R0[32:0], 8bv32)), Gamma_R0; call rely(); assert (L(mem, bvadd64(R1, 16bv64)) ==> Gamma_R0); mem, Gamma_mem := memory_store32_le(mem, bvadd64(R1, 16bv64), R0[32:0]), gamma_store32(Gamma_mem, bvadd64(R1, 16bv64), Gamma_R0); - assume {:captureState "%0000069a"} true; - goto l00000317; - l00000784_goto_l000006ba: - assume {:captureState "l00000784_goto_l000006ba"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l000006ba; - l00000360: - assume {:captureState "l00000360"} true; - goto main_return; - l00000663_goto_l00000347: - assume {:captureState "l00000663_goto_l00000347"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); - goto l00000347; - l00000368: - assume {:captureState "l00000368"} true; - assert Gamma_R0; - goto l00000368_goto_l000005a3, l00000368_goto_l0000036b; - l000005bc: - assume {:captureState "l000005bc"} true; - #5, Gamma_#5 := bvadd32(R0[32:0], 4294967291bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#5, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934588bv33))), (Gamma_R0 && Gamma_#5); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#5, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967292bv33))), (Gamma_R0 && Gamma_#5); - ZF, Gamma_ZF := bvcomp32(bvadd32(#5, 1bv32), 0bv32), Gamma_#5; - NF, Gamma_NF := bvadd32(#5, 1bv32)[32:31], Gamma_#5; - assert Gamma_ZF; - goto l000005bc_goto_l00000682, l000005bc_goto_l000005d6; + assume {:captureState "%0000060c"} true; + goto l00000360; + l0000070c: + assume {:captureState "l0000070c"} true; + assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); + goto l0000070c_goto_l00000644, l0000070c_goto_l00000715; l00000644: assume {:captureState "l00000644"} true; #6, Gamma_#6 := bvadd32(R0[32:0], 4294967288bv32), Gamma_R0; @@ -218,42 +189,15 @@ implementation main() NF, Gamma_NF := bvadd32(#6, 1bv32)[32:31], Gamma_#6; assert Gamma_ZF; goto l00000644_goto_l00000663, l00000644_goto_l00000331; - l0000070c_goto_l00000715: - assume {:captureState "l0000070c_goto_l00000715"} true; - assume (bvnot1(bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1))) == 0bv1); - goto l00000715; - l000005bc_goto_l00000682: - assume {:captureState "l000005bc_goto_l00000682"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l00000682; - l000005f9: - assume {:captureState "l000005f9"} true; - call rely(); - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, bvadd64(R1, 16bv64))), (gamma_load32(Gamma_mem, bvadd64(R1, 16bv64)) || L(mem, bvadd64(R1, 16bv64))); - R0, Gamma_R0 := zero_extend32_32(bvadd32(R0[32:0], 8bv32)), Gamma_R0; - call rely(); - assert (L(mem, bvadd64(R1, 16bv64)) ==> Gamma_R0); - mem, Gamma_mem := memory_store32_le(mem, bvadd64(R1, 16bv64), R0[32:0]), gamma_store32(Gamma_mem, bvadd64(R1, 16bv64), Gamma_R0); - assume {:captureState "%0000060c"} true; - goto l00000360; - l00000644_goto_l00000331: - assume {:captureState "l00000644_goto_l00000331"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l00000331; - l000007a8_goto_l00000368: - assume {:captureState "l000007a8_goto_l00000368"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); - goto l00000368; - l00000317: - assume {:captureState "l00000317"} true; - call rely(); - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, bvadd64(R1, 16bv64))), (gamma_load32(Gamma_mem, bvadd64(R1, 16bv64)) || L(mem, bvadd64(R1, 16bv64))); - R0, Gamma_R0 := zero_extend32_32(bvadd32(R0[32:0], 6bv32)), Gamma_R0; - call rely(); - assert (L(mem, bvadd64(R1, 16bv64)) ==> Gamma_R0); - mem, Gamma_mem := memory_store32_le(mem, bvadd64(R1, 16bv64), R0[32:0]), gamma_store32(Gamma_mem, bvadd64(R1, 16bv64), Gamma_R0); - assume {:captureState "%0000032f"} true; - goto l00000331; + l00000663: + assume {:captureState "l00000663"} true; + #7, Gamma_#7 := bvadd32(R0[32:0], 4294967287bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#7, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934584bv33))), (Gamma_R0 && Gamma_#7); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#7, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967288bv33))), (Gamma_R0 && Gamma_#7); + ZF, Gamma_ZF := bvcomp32(bvadd32(#7, 1bv32), 0bv32), Gamma_#7; + NF, Gamma_NF := bvadd32(#7, 1bv32)[32:31], Gamma_#7; + assert Gamma_ZF; + goto l00000663_goto_l00000347, l00000663_goto_l0000036b; l00000715: assume {:captureState "l00000715"} true; #9, Gamma_#9 := bvadd32(R0[32:0], 4294967285bv32), Gamma_R0; @@ -263,236 +207,292 @@ implementation main() NF, Gamma_NF := bvadd32(#9, 1bv32)[32:31], Gamma_#9; assert Gamma_ZF; goto l00000715_goto_l00000612, l00000715_goto_l00000734; - l00000784_goto_l000007a8: - assume {:captureState "l00000784_goto_l000007a8"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l000007a8; - l00000753: - assume {:captureState "l00000753"} true; - assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l00000753_goto_l0000075c, l00000753_goto_l000006e8; - l00000663_goto_l0000036b: - assume {:captureState "l00000663_goto_l0000036b"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); - goto l0000036b; - l00000368_goto_l000005a3: - assume {:captureState "l00000368_goto_l000005a3"} true; - assume (bvnot1(bvcomp32(R0[32:0], 0bv32)) == 0bv1); - goto l000005a3; - l0000077b_goto_l000005bc: - assume {:captureState "l0000077b_goto_l000005bc"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); - goto l000005bc; - l000005a3: - assume {:captureState "l000005a3"} true; + l00000612: + assume {:captureState "l00000612"} true; call rely(); R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, bvadd64(R1, 16bv64))), (gamma_load32(Gamma_mem, bvadd64(R1, 16bv64)) || L(mem, bvadd64(R1, 16bv64))); - R0, Gamma_R0 := zero_extend32_32(bvadd32(R0[32:0], 2bv32)), Gamma_R0; + R0, Gamma_R0 := zero_extend32_32(bvadd32(R0[32:0], 1bv32)), Gamma_R0; call rely(); assert (L(mem, bvadd64(R1, 16bv64)) ==> Gamma_R0); mem, Gamma_mem := memory_store32_le(mem, bvadd64(R1, 16bv64), R0[32:0]), gamma_store32(Gamma_mem, bvadd64(R1, 16bv64), Gamma_R0); - assume {:captureState "%000005b6"} true; - goto l00000360; - l00000715_goto_l00000612: - assume {:captureState "l00000715_goto_l00000612"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l00000612; - l00000784: - assume {:captureState "l00000784"} true; - R1, Gamma_R1 := 69632bv64, true; - #12, Gamma_#12 := bvadd32(R0[32:0], 4294967294bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#12, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934591bv33))), (Gamma_R0 && Gamma_#12); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#12, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967295bv33))), (Gamma_R0 && Gamma_#12); - ZF, Gamma_ZF := bvcomp32(bvadd32(#12, 1bv32), 0bv32), Gamma_#12; - NF, Gamma_NF := bvadd32(#12, 1bv32)[32:31], Gamma_#12; - assert Gamma_ZF; - goto l00000784_goto_l000006ba, l00000784_goto_l000007a8; - l00000663: - assume {:captureState "l00000663"} true; - #7, Gamma_#7 := bvadd32(R0[32:0], 4294967287bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#7, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934584bv33))), (Gamma_R0 && Gamma_#7); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#7, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967288bv33))), (Gamma_R0 && Gamma_#7); - ZF, Gamma_ZF := bvcomp32(bvadd32(#7, 1bv32), 0bv32), Gamma_#7; - NF, Gamma_NF := bvadd32(#7, 1bv32)[32:31], Gamma_#7; - assert Gamma_ZF; - goto l00000663_goto_l00000347, l00000663_goto_l0000036b; - l000007a8: - assume {:captureState "l000007a8"} true; - #13, Gamma_#13 := bvadd32(R0[32:0], 4294967293bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#13, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934590bv33))), (Gamma_R0 && Gamma_#13); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#13, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967294bv33))), (Gamma_R0 && Gamma_#13); - ZF, Gamma_ZF := bvcomp32(bvadd32(#13, 1bv32), 0bv32), Gamma_#13; - NF, Gamma_NF := bvadd32(#13, 1bv32)[32:31], Gamma_#13; + assume {:captureState "%00000625"} true; + goto l00000628; + l00000734: + assume {:captureState "l00000734"} true; + #10, Gamma_#10 := bvadd32(R0[32:0], 4294967284bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#10, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934581bv33))), (Gamma_R0 && Gamma_#10); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#10, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967285bv33))), (Gamma_R0 && Gamma_#10); + ZF, Gamma_ZF := bvcomp32(bvadd32(#10, 1bv32), 0bv32), Gamma_#10; + NF, Gamma_NF := bvadd32(#10, 1bv32)[32:31], Gamma_#10; assert Gamma_ZF; - goto l000007a8_goto_l000006d0, l000007a8_goto_l00000368; - l00000734_goto_l0000036b: - assume {:captureState "l00000734_goto_l0000036b"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); - goto l0000036b; - l0000075c_goto_l0000077b: - assume {:captureState "l0000075c_goto_l0000077b"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l0000077b; - l00000347: - assume {:captureState "l00000347"} true; + goto l00000734_goto_l0000036b, l00000734_goto_l00000628; + l00000628: + assume {:captureState "l00000628"} true; call rely(); R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, bvadd64(R1, 16bv64))), (gamma_load32(Gamma_mem, bvadd64(R1, 16bv64)) || L(mem, bvadd64(R1, 16bv64))); - R0, Gamma_R0 := zero_extend32_32(bvadd32(R0[32:0], 4294967295bv32)), Gamma_R0; + R0, Gamma_R0 := zero_extend32_32(bvadd32(R0[32:0], 4294967291bv32)), Gamma_R0; call rely(); assert (L(mem, bvadd64(R1, 16bv64)) ==> Gamma_R0); mem, Gamma_mem := memory_store32_le(mem, bvadd64(R1, 16bv64), R0[32:0]), gamma_store32(Gamma_mem, bvadd64(R1, 16bv64), Gamma_R0); - assume {:captureState "%0000035d"} true; + assume {:captureState "%0000063e"} true; goto l00000360; - l000006ba: - assume {:captureState "l000006ba"} true; + l0000075c: + assume {:captureState "l0000075c"} true; + #11, Gamma_#11 := bvadd32(R0[32:0], 4294967292bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#11, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934589bv33))), (Gamma_R0 && Gamma_#11); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#11, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967293bv33))), (Gamma_R0 && Gamma_#11); + ZF, Gamma_ZF := bvcomp32(bvadd32(#11, 1bv32), 0bv32), Gamma_#11; + NF, Gamma_NF := bvadd32(#11, 1bv32)[32:31], Gamma_#11; + assert Gamma_ZF; + goto l0000075c_goto_l0000077b, l0000075c_goto_l0000069c; + l0000069c: + assume {:captureState "l0000069c"} true; + R1, Gamma_R1 := 69632bv64, true; call rely(); R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, bvadd64(R1, 16bv64))), (gamma_load32(Gamma_mem, bvadd64(R1, 16bv64)) || L(mem, bvadd64(R1, 16bv64))); - R0, Gamma_R0 := zero_extend32_32(bvadd32(R0[32:0], 6bv32)), Gamma_R0; + R0, Gamma_R0 := zero_extend32_32(bvadd32(R0[32:0], 4294967291bv32)), Gamma_R0; call rely(); assert (L(mem, bvadd64(R1, 16bv64)) ==> Gamma_R0); mem, Gamma_mem := memory_store32_le(mem, bvadd64(R1, 16bv64), R0[32:0]), gamma_store32(Gamma_mem, bvadd64(R1, 16bv64), Gamma_R0); - assume {:captureState "%000006cd"} true; - goto l000006d0; - l00000368_goto_l0000036b: - assume {:captureState "l00000368_goto_l0000036b"} true; - assume (bvnot1(bvcomp32(R0[32:0], 0bv32)) != 0bv1); - goto l0000036b; + assume {:captureState "%000006b4"} true; + goto l00000360; l0000077b: assume {:captureState "l0000077b"} true; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); goto l0000077b_goto_l00000784, l0000077b_goto_l000005bc; - l000006d0: - assume {:captureState "l000006d0"} true; + l000005bc: + assume {:captureState "l000005bc"} true; + #5, Gamma_#5 := bvadd32(R0[32:0], 4294967291bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#5, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934588bv33))), (Gamma_R0 && Gamma_#5); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#5, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967292bv33))), (Gamma_R0 && Gamma_#5); + ZF, Gamma_ZF := bvcomp32(bvadd32(#5, 1bv32), 0bv32), Gamma_#5; + NF, Gamma_NF := bvadd32(#5, 1bv32)[32:31], Gamma_#5; + assert Gamma_ZF; + goto l000005bc_goto_l00000682, l000005bc_goto_l000005d6; + l000005d6: + assume {:captureState "l000005d6"} true; + R1, Gamma_R1 := 69632bv64, true; call rely(); R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, bvadd64(R1, 16bv64))), (gamma_load32(Gamma_mem, bvadd64(R1, 16bv64)) || L(mem, bvadd64(R1, 16bv64))); - R0, Gamma_R0 := zero_extend32_32(bvadd32(R0[32:0], 4294967289bv32)), Gamma_R0; + R0, Gamma_R0 := zero_extend32_32(bvadd32(R0[32:0], 6bv32)), Gamma_R0; call rely(); assert (L(mem, bvadd64(R1, 16bv64)) ==> Gamma_R0); mem, Gamma_mem := memory_store32_le(mem, bvadd64(R1, 16bv64), R0[32:0]), gamma_store32(Gamma_mem, bvadd64(R1, 16bv64), Gamma_R0); - assume {:captureState "%000006e6"} true; + assume {:captureState "%000005f3"} true; goto l00000360; - l0000069c: - assume {:captureState "l0000069c"} true; + l00000682: + assume {:captureState "l00000682"} true; R1, Gamma_R1 := 69632bv64, true; call rely(); R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, bvadd64(R1, 16bv64))), (gamma_load32(Gamma_mem, bvadd64(R1, 16bv64)) || L(mem, bvadd64(R1, 16bv64))); - R0, Gamma_R0 := zero_extend32_32(bvadd32(R0[32:0], 4294967291bv32)), Gamma_R0; + R0, Gamma_R0 := zero_extend32_32(bvadd32(R0[32:0], 8bv32)), Gamma_R0; call rely(); assert (L(mem, bvadd64(R1, 16bv64)) ==> Gamma_R0); mem, Gamma_mem := memory_store32_le(mem, bvadd64(R1, 16bv64), R0[32:0]), gamma_store32(Gamma_mem, bvadd64(R1, 16bv64), Gamma_R0); - assume {:captureState "%000006b4"} true; - goto l00000360; - l00000628: - assume {:captureState "l00000628"} true; + assume {:captureState "%0000069a"} true; + goto l00000317; + l00000317: + assume {:captureState "l00000317"} true; call rely(); R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, bvadd64(R1, 16bv64))), (gamma_load32(Gamma_mem, bvadd64(R1, 16bv64)) || L(mem, bvadd64(R1, 16bv64))); - R0, Gamma_R0 := zero_extend32_32(bvadd32(R0[32:0], 4294967291bv32)), Gamma_R0; + R0, Gamma_R0 := zero_extend32_32(bvadd32(R0[32:0], 6bv32)), Gamma_R0; call rely(); assert (L(mem, bvadd64(R1, 16bv64)) ==> Gamma_R0); mem, Gamma_mem := memory_store32_le(mem, bvadd64(R1, 16bv64), R0[32:0]), gamma_store32(Gamma_mem, bvadd64(R1, 16bv64), Gamma_R0); - assume {:captureState "%0000063e"} true; + assume {:captureState "%0000032f"} true; + goto l00000331; + l00000331: + assume {:captureState "l00000331"} true; + call rely(); + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, bvadd64(R1, 16bv64))), (gamma_load32(Gamma_mem, bvadd64(R1, 16bv64)) || L(mem, bvadd64(R1, 16bv64))); + R0, Gamma_R0 := zero_extend32_32(bvadd32(R0[32:0], 4294967289bv32)), Gamma_R0; + call rely(); + assert (L(mem, bvadd64(R1, 16bv64)) ==> Gamma_R0); + mem, Gamma_mem := memory_store32_le(mem, bvadd64(R1, 16bv64), R0[32:0]), gamma_store32(Gamma_mem, bvadd64(R1, 16bv64), Gamma_R0); + assume {:captureState "%00000344"} true; + goto l00000347; + l00000347: + assume {:captureState "l00000347"} true; + call rely(); + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, bvadd64(R1, 16bv64))), (gamma_load32(Gamma_mem, bvadd64(R1, 16bv64)) || L(mem, bvadd64(R1, 16bv64))); + R0, Gamma_R0 := zero_extend32_32(bvadd32(R0[32:0], 4294967295bv32)), Gamma_R0; + call rely(); + assert (L(mem, bvadd64(R1, 16bv64)) ==> Gamma_R0); + mem, Gamma_mem := memory_store32_le(mem, bvadd64(R1, 16bv64), R0[32:0]), gamma_store32(Gamma_mem, bvadd64(R1, 16bv64), Gamma_R0); + assume {:captureState "%0000035d"} true; goto l00000360; - l000006e8_goto_l0000070c: - assume {:captureState "l000006e8_goto_l0000070c"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l0000070c; - l000005d6: - assume {:captureState "l000005d6"} true; + l00000784: + assume {:captureState "l00000784"} true; R1, Gamma_R1 := 69632bv64, true; + #12, Gamma_#12 := bvadd32(R0[32:0], 4294967294bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#12, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934591bv33))), (Gamma_R0 && Gamma_#12); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#12, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967295bv33))), (Gamma_R0 && Gamma_#12); + ZF, Gamma_ZF := bvcomp32(bvadd32(#12, 1bv32), 0bv32), Gamma_#12; + NF, Gamma_NF := bvadd32(#12, 1bv32)[32:31], Gamma_#12; + assert Gamma_ZF; + goto l00000784_goto_l000006ba, l00000784_goto_l000007a8; + l000006ba: + assume {:captureState "l000006ba"} true; call rely(); R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, bvadd64(R1, 16bv64))), (gamma_load32(Gamma_mem, bvadd64(R1, 16bv64)) || L(mem, bvadd64(R1, 16bv64))); R0, Gamma_R0 := zero_extend32_32(bvadd32(R0[32:0], 6bv32)), Gamma_R0; call rely(); assert (L(mem, bvadd64(R1, 16bv64)) ==> Gamma_R0); mem, Gamma_mem := memory_store32_le(mem, bvadd64(R1, 16bv64), R0[32:0]), gamma_store32(Gamma_mem, bvadd64(R1, 16bv64), Gamma_R0); - assume {:captureState "%000005f3"} true; - goto l00000360; - l0000075c: - assume {:captureState "l0000075c"} true; - #11, Gamma_#11 := bvadd32(R0[32:0], 4294967292bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#11, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934589bv33))), (Gamma_R0 && Gamma_#11); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#11, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967293bv33))), (Gamma_R0 && Gamma_#11); - ZF, Gamma_ZF := bvcomp32(bvadd32(#11, 1bv32), 0bv32), Gamma_#11; - NF, Gamma_NF := bvadd32(#11, 1bv32)[32:31], Gamma_#11; + assume {:captureState "%000006cd"} true; + goto l000006d0; + l000007a8: + assume {:captureState "l000007a8"} true; + #13, Gamma_#13 := bvadd32(R0[32:0], 4294967293bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#13, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934590bv33))), (Gamma_R0 && Gamma_#13); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#13, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967294bv33))), (Gamma_R0 && Gamma_#13); + ZF, Gamma_ZF := bvcomp32(bvadd32(#13, 1bv32), 0bv32), Gamma_#13; + NF, Gamma_NF := bvadd32(#13, 1bv32)[32:31], Gamma_#13; assert Gamma_ZF; - goto l0000075c_goto_l0000077b, l0000075c_goto_l0000069c; - l00000331: - assume {:captureState "l00000331"} true; + goto l000007a8_goto_l000006d0, l000007a8_goto_l00000368; + l00000368: + assume {:captureState "l00000368"} true; + assert Gamma_R0; + goto l00000368_goto_l000005a3, l00000368_goto_l0000036b; + l0000036b: + assume {:captureState "l0000036b"} true; + R0, Gamma_R0 := 1bv64, true; + goto main_return; + l000005a3: + assume {:captureState "l000005a3"} true; + call rely(); + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, bvadd64(R1, 16bv64))), (gamma_load32(Gamma_mem, bvadd64(R1, 16bv64)) || L(mem, bvadd64(R1, 16bv64))); + R0, Gamma_R0 := zero_extend32_32(bvadd32(R0[32:0], 2bv32)), Gamma_R0; + call rely(); + assert (L(mem, bvadd64(R1, 16bv64)) ==> Gamma_R0); + mem, Gamma_mem := memory_store32_le(mem, bvadd64(R1, 16bv64), R0[32:0]), gamma_store32(Gamma_mem, bvadd64(R1, 16bv64), Gamma_R0); + assume {:captureState "%000005b6"} true; + goto l00000360; + l000006d0: + assume {:captureState "l000006d0"} true; call rely(); R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, bvadd64(R1, 16bv64))), (gamma_load32(Gamma_mem, bvadd64(R1, 16bv64)) || L(mem, bvadd64(R1, 16bv64))); R0, Gamma_R0 := zero_extend32_32(bvadd32(R0[32:0], 4294967289bv32)), Gamma_R0; call rely(); assert (L(mem, bvadd64(R1, 16bv64)) ==> Gamma_R0); mem, Gamma_mem := memory_store32_le(mem, bvadd64(R1, 16bv64), R0[32:0]), gamma_store32(Gamma_mem, bvadd64(R1, 16bv64), Gamma_R0); - assume {:captureState "%00000344"} true; - goto l00000347; + assume {:captureState "%000006e6"} true; + goto l00000360; + l00000360: + assume {:captureState "l00000360"} true; + goto main_return; lmain_goto_l00000317: assume {:captureState "lmain_goto_l00000317"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); goto l00000317; - l0000075c_goto_l0000069c: - assume {:captureState "l0000075c_goto_l0000069c"} true; + lmain_goto_l00000753: + assume {:captureState "lmain_goto_l00000753"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l00000753; + l00000753_goto_l000006e8: + assume {:captureState "l00000753_goto_l000006e8"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); + goto l000006e8; + l00000753_goto_l0000075c: + assume {:captureState "l00000753_goto_l0000075c"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); + goto l0000075c; + l000006e8_goto_l000005f9: + assume {:captureState "l000006e8_goto_l000005f9"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l0000069c; + goto l000005f9; + l000006e8_goto_l0000070c: + assume {:captureState "l000006e8_goto_l0000070c"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l0000070c; l0000070c_goto_l00000644: assume {:captureState "l0000070c_goto_l00000644"} true; assume (bvnot1(bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1))) != 0bv1); goto l00000644; - l00000753_goto_l000006e8: - assume {:captureState "l00000753_goto_l000006e8"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); - goto l000006e8; + l0000070c_goto_l00000715: + assume {:captureState "l0000070c_goto_l00000715"} true; + assume (bvnot1(bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1))) == 0bv1); + goto l00000715; + l00000644_goto_l00000331: + assume {:captureState "l00000644_goto_l00000331"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l00000331; l00000644_goto_l00000663: assume {:captureState "l00000644_goto_l00000663"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); goto l00000663; - l000007a8_goto_l000006d0: - assume {:captureState "l000007a8_goto_l000006d0"} true; + l00000663_goto_l0000036b: + assume {:captureState "l00000663_goto_l0000036b"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); + goto l0000036b; + l00000663_goto_l00000347: + assume {:captureState "l00000663_goto_l00000347"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); - goto l000006d0; - l00000734: - assume {:captureState "l00000734"} true; - #10, Gamma_#10 := bvadd32(R0[32:0], 4294967284bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#10, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934581bv33))), (Gamma_R0 && Gamma_#10); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#10, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967285bv33))), (Gamma_R0 && Gamma_#10); - ZF, Gamma_ZF := bvcomp32(bvadd32(#10, 1bv32), 0bv32), Gamma_#10; - NF, Gamma_NF := bvadd32(#10, 1bv32)[32:31], Gamma_#10; - assert Gamma_ZF; - goto l00000734_goto_l0000036b, l00000734_goto_l00000628; - l00000612: - assume {:captureState "l00000612"} true; - call rely(); - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, bvadd64(R1, 16bv64))), (gamma_load32(Gamma_mem, bvadd64(R1, 16bv64)) || L(mem, bvadd64(R1, 16bv64))); - R0, Gamma_R0 := zero_extend32_32(bvadd32(R0[32:0], 1bv32)), Gamma_R0; - call rely(); - assert (L(mem, bvadd64(R1, 16bv64)) ==> Gamma_R0); - mem, Gamma_mem := memory_store32_le(mem, bvadd64(R1, 16bv64), R0[32:0]), gamma_store32(Gamma_mem, bvadd64(R1, 16bv64), Gamma_R0); - assume {:captureState "%00000625"} true; - goto l00000628; + goto l00000347; + l00000715_goto_l00000612: + assume {:captureState "l00000715_goto_l00000612"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l00000612; l00000715_goto_l00000734: assume {:captureState "l00000715_goto_l00000734"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); goto l00000734; - lmain_goto_l00000753: - assume {:captureState "lmain_goto_l00000753"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l00000753; - l000006e8_goto_l000005f9: - assume {:captureState "l000006e8_goto_l000005f9"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l000005f9; - l0000036b: - assume {:captureState "l0000036b"} true; - R0, Gamma_R0 := 1bv64, true; - goto main_return; + l00000734_goto_l0000036b: + assume {:captureState "l00000734_goto_l0000036b"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); + goto l0000036b; l00000734_goto_l00000628: assume {:captureState "l00000734_goto_l00000628"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); goto l00000628; + l0000075c_goto_l0000069c: + assume {:captureState "l0000075c_goto_l0000069c"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l0000069c; + l0000075c_goto_l0000077b: + assume {:captureState "l0000075c_goto_l0000077b"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l0000077b; + l0000077b_goto_l000005bc: + assume {:captureState "l0000077b_goto_l000005bc"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); + goto l000005bc; + l0000077b_goto_l00000784: + assume {:captureState "l0000077b_goto_l00000784"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); + goto l00000784; l000005bc_goto_l000005d6: assume {:captureState "l000005bc_goto_l000005d6"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); goto l000005d6; + l000005bc_goto_l00000682: + assume {:captureState "l000005bc_goto_l00000682"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l00000682; + l00000784_goto_l000006ba: + assume {:captureState "l00000784_goto_l000006ba"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l000006ba; + l00000784_goto_l000007a8: + assume {:captureState "l00000784_goto_l000007a8"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l000007a8; + l000007a8_goto_l00000368: + assume {:captureState "l000007a8_goto_l00000368"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); + goto l00000368; + l000007a8_goto_l000006d0: + assume {:captureState "l000007a8_goto_l000006d0"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); + goto l000006d0; + l00000368_goto_l0000036b: + assume {:captureState "l00000368_goto_l0000036b"} true; + assume (bvnot1(bvcomp32(R0[32:0], 0bv32)) != 0bv1); + goto l0000036b; + l00000368_goto_l000005a3: + assume {:captureState "l00000368_goto_l000005a3"} true; + assume (bvnot1(bvcomp32(R0[32:0], 0bv32)) == 0bv1); + goto l000005a3; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/jumptable3/gcc_no_plt_no_pic/jumptable3.expected b/src/test/correct/jumptable3/gcc_no_plt_no_pic/jumptable3.expected index 32333bbc1..430488687 100644 --- a/src/test/correct/jumptable3/gcc_no_plt_no_pic/jumptable3.expected +++ b/src/test/correct/jumptable3/gcc_no_plt_no_pic/jumptable3.expected @@ -293,102 +293,64 @@ implementation main() NF, Gamma_NF := bvadd32(#5, 1bv32)[32:31], Gamma_#5; assert Gamma_ZF; goto lmain_goto_l0000133b, lmain_goto_l000012f4; - l000014b3: - assume {:captureState "l000014b3"} true; + l0000133b: + assume {:captureState "l0000133b"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #14, Gamma_#14 := bvadd32(R0[32:0], 4294967288bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#14, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934585bv33))), (Gamma_R0 && Gamma_#14); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#14, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967289bv33))), (Gamma_R0 && Gamma_#14); - ZF, Gamma_ZF := bvcomp32(bvadd32(#14, 1bv32), 0bv32), Gamma_#14; - NF, Gamma_NF := bvadd32(#14, 1bv32)[32:31], Gamma_#14; + #6, Gamma_#6 := bvadd32(R0[32:0], 4294967284bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#6, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934581bv33))), (Gamma_R0 && Gamma_#6); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#6, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967285bv33))), (Gamma_R0 && Gamma_#6); + ZF, Gamma_ZF := bvcomp32(bvadd32(#6, 1bv32), 0bv32), Gamma_#6; + NF, Gamma_NF := bvadd32(#6, 1bv32)[32:31], Gamma_#6; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l000014b3_goto_l00001332, l000014b3_goto_l000014db; - l0000131d: - assume {:captureState "l0000131d"} true; - R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); - R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); - R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; - goto main_return; - l0000139e_goto_l000013c6: - assume {:captureState "l0000139e_goto_l000013c6"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); - goto l000013c6; - l00001332: - assume {:captureState "l00001332"} true; - R0, Gamma_R0 := 1bv64, true; - goto l0000131d; - l00001530: - assume {:captureState "l00001530"} true; + goto l0000133b_goto_l00001363, l0000133b_goto_l00001332; + l00001363: + assume {:captureState "l00001363"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #17, Gamma_#17 := bvadd32(R0[32:0], 4294967290bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#17, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934587bv33))), (Gamma_R0 && Gamma_#17); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#17, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967291bv33))), (Gamma_R0 && Gamma_#17); - ZF, Gamma_ZF := bvcomp32(bvadd32(#17, 1bv32), 0bv32), Gamma_#17; - NF, Gamma_NF := bvadd32(#17, 1bv32)[32:31], Gamma_#17; + #7, Gamma_#7 := bvadd32(R0[32:0], 4294967285bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#7, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934582bv33))), (Gamma_R0 && Gamma_#7); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#7, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967286bv33))), (Gamma_R0 && Gamma_#7); + ZF, Gamma_ZF := bvcomp32(bvadd32(#7, 1bv32), 0bv32), Gamma_#7; + NF, Gamma_NF := bvadd32(#7, 1bv32)[32:31], Gamma_#7; assert Gamma_ZF; - goto l00001530_goto_l00001564, l00001530_goto_l00001551; - l00001453: - assume {:captureState "l00001453"} true; - R30, Gamma_R30 := 2268bv64, true; + goto l00001363_goto_l0000139e, l00001363_goto_l00001384; + l00001384: + assume {:captureState "l00001384"} true; + R30, Gamma_R30 := 2288bv64, true; + call sub_seven(); + goto l00001390; + l00001390: + assume {:captureState "l00001390"} true; + R30, Gamma_R30 := 2292bv64, true; + call add_two(); + goto l00001397; + l00001397: + assume {:captureState "l00001397"} true; + R30, Gamma_R30 := 2296bv64, true; call add_six(); - goto l0000145a; - l0000169e_goto_l000016bf: - assume {:captureState "l0000169e_goto_l000016bf"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l000016bf; - l00001645_goto_l00001676: - assume {:captureState "l00001645_goto_l00001676"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l00001676; - l00001612: - assume {:captureState "l00001612"} true; - R30, Gamma_R30 := 2232bv64, true; + goto l000012f4; + l000012f4: + assume {:captureState "l000012f4"} true; + R30, Gamma_R30 := 2300bv64, true; call sub_seven(); - goto l00001619; - l00001363_goto_l0000139e: - assume {:captureState "l00001363_goto_l0000139e"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l0000139e; - l000016d6_goto_l000016fc: - assume {:captureState "l000016d6_goto_l000016fc"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l000016fc; - l000015bd_goto_l000015e5: - assume {:captureState "l000015bd_goto_l000015e5"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); - goto l000015e5; - l00001486_goto_l000014a7: - assume {:captureState "l00001486_goto_l000014a7"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l000014a7; - l000013c6_goto_l000013e7: - assume {:captureState "l000013c6_goto_l000013e7"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l000013e7; - l000014b3_goto_l000014db: - assume {:captureState "l000014b3_goto_l000014db"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); - goto l000014db; - l00001619: - assume {:captureState "l00001619"} true; + goto l00001300; + l00001300: + assume {:captureState "l00001300"} true; + R30, Gamma_R30 := 2304bv64, true; + call add_two(); + goto l00001307; + l00001307: + assume {:captureState "l00001307"} true; goto l00001308; - lmain_goto_l0000133b: - assume {:captureState "lmain_goto_l0000133b"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l0000133b; - l000014a7: - assume {:captureState "l000014a7"} true; - R30, Gamma_R30 := 2260bv64, true; - call sub_seven(); - goto l00001447; - l000014db_goto_l000014fc: - assume {:captureState "l000014db_goto_l000014fc"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l000014fc; - l00001426_goto_l00001447: - assume {:captureState "l00001426_goto_l00001447"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l00001447; + l0000139e: + assume {:captureState "l0000139e"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #8, Gamma_#8 := bvadd32(R0[32:0], 4294967285bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#8, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934582bv33))), (Gamma_R0 && Gamma_#8); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#8, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967286bv33))), (Gamma_R0 && Gamma_#8); + ZF, Gamma_ZF := bvcomp32(bvadd32(#8, 1bv32), 0bv32), Gamma_#8; + NF, Gamma_NF := bvadd32(#8, 1bv32)[32:31], Gamma_#8; + assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); + goto l0000139e_goto_l000013c6, l0000139e_goto_l00001332; l000013c6: assume {:captureState "l000013c6"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -399,30 +361,19 @@ implementation main() NF, Gamma_NF := bvadd32(#9, 1bv32)[32:31], Gamma_#9; assert Gamma_ZF; goto l000013c6_goto_l000013e7, l000013c6_goto_l000013fe; - l000014db_goto_l00001508: - assume {:captureState "l000014db_goto_l00001508"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l00001508; - l00001564: - assume {:captureState "l00001564"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #18, Gamma_#18 := bvadd32(R0[32:0], 4294967290bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#18, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934587bv33))), (Gamma_R0 && Gamma_#18); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#18, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967291bv33))), (Gamma_R0 && Gamma_#18); - ZF, Gamma_ZF := bvcomp32(bvadd32(#18, 1bv32), 0bv32), Gamma_#18; - NF, Gamma_NF := bvadd32(#18, 1bv32)[32:31], Gamma_#18; - assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l00001564_goto_l0000158c, l00001564_goto_l00001332; - l000014db: - assume {:captureState "l000014db"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #15, Gamma_#15 := bvadd32(R0[32:0], 4294967289bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#15, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934586bv33))), (Gamma_R0 && Gamma_#15); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#15, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967290bv33))), (Gamma_R0 && Gamma_#15); - ZF, Gamma_ZF := bvcomp32(bvadd32(#15, 1bv32), 0bv32), Gamma_#15; - NF, Gamma_NF := bvadd32(#15, 1bv32)[32:31], Gamma_#15; - assert Gamma_ZF; - goto l000014db_goto_l00001508, l000014db_goto_l000014fc; + l000013e7: + assume {:captureState "l000013e7"} true; + R30, Gamma_R30 := 2276bv64, true; + call add_two(); + goto l000013f3; + l000013f3: + assume {:captureState "l000013f3"} true; + R30, Gamma_R30 := 2280bv64, true; + call add_six(); + goto l000013fa; + l000013fa: + assume {:captureState "l000013fa"} true; + goto l00001308; l000013fe: assume {:captureState "l000013fe"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -433,6 +384,26 @@ implementation main() NF, Gamma_NF := bvadd32(#10, 1bv32)[32:31], Gamma_#10; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); goto l000013fe_goto_l00001332, l000013fe_goto_l00001426; + l00001426: + assume {:captureState "l00001426"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #11, Gamma_#11 := bvadd32(R0[32:0], 4294967287bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#11, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934584bv33))), (Gamma_R0 && Gamma_#11); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#11, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967288bv33))), (Gamma_R0 && Gamma_#11); + ZF, Gamma_ZF := bvcomp32(bvadd32(#11, 1bv32), 0bv32), Gamma_#11; + NF, Gamma_NF := bvadd32(#11, 1bv32)[32:31], Gamma_#11; + assert Gamma_ZF; + goto l00001426_goto_l0000145e, l00001426_goto_l00001447; + l0000145e: + assume {:captureState "l0000145e"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #12, Gamma_#12 := bvadd32(R0[32:0], 4294967287bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#12, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934584bv33))), (Gamma_R0 && Gamma_#12); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#12, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967288bv33))), (Gamma_R0 && Gamma_#12); + ZF, Gamma_ZF := bvcomp32(bvadd32(#12, 1bv32), 0bv32), Gamma_#12; + NF, Gamma_NF := bvadd32(#12, 1bv32)[32:31], Gamma_#12; + assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); + goto l0000145e_goto_l00001486, l0000145e_goto_l00001332; l00001486: assume {:captureState "l00001486"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -443,116 +414,140 @@ implementation main() NF, Gamma_NF := bvadd32(#13, 1bv32)[32:31], Gamma_#13; assert Gamma_ZF; goto l00001486_goto_l000014a7, l00001486_goto_l000014b3; - l000016d6_goto_l000016cf: - assume {:captureState "l000016d6_goto_l000016cf"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l000016cf; - l00001363: - assume {:captureState "l00001363"} true; + l000014b3: + assume {:captureState "l000014b3"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #7, Gamma_#7 := bvadd32(R0[32:0], 4294967285bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#7, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934582bv33))), (Gamma_R0 && Gamma_#7); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#7, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967286bv33))), (Gamma_R0 && Gamma_#7); - ZF, Gamma_ZF := bvcomp32(bvadd32(#7, 1bv32), 0bv32), Gamma_#7; - NF, Gamma_NF := bvadd32(#7, 1bv32)[32:31], Gamma_#7; - assert Gamma_ZF; - goto l00001363_goto_l0000139e, l00001363_goto_l00001384; - l00001645_goto_l00001666: - assume {:captureState "l00001645_goto_l00001666"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l00001666; - l000013fa: - assume {:captureState "l000013fa"} true; - goto l00001308; - l00001606: - assume {:captureState "l00001606"} true; - R30, Gamma_R30 := 2228bv64, true; - call add_two(); - goto l00001612; - l00001645: - assume {:captureState "l00001645"} true; + #14, Gamma_#14 := bvadd32(R0[32:0], 4294967288bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#14, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934585bv33))), (Gamma_R0 && Gamma_#14); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#14, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967289bv33))), (Gamma_R0 && Gamma_#14); + ZF, Gamma_ZF := bvcomp32(bvadd32(#14, 1bv32), 0bv32), Gamma_#14; + NF, Gamma_NF := bvadd32(#14, 1bv32)[32:31], Gamma_#14; + assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); + goto l000014b3_goto_l00001332, l000014b3_goto_l000014db; + l000014db: + assume {:captureState "l000014db"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #23, Gamma_#23 := bvadd32(R0[32:0], 4294967293bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#23, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934590bv33))), (Gamma_R0 && Gamma_#23); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#23, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967294bv33))), (Gamma_R0 && Gamma_#23); - ZF, Gamma_ZF := bvcomp32(bvadd32(#23, 1bv32), 0bv32), Gamma_#23; - NF, Gamma_NF := bvadd32(#23, 1bv32)[32:31], Gamma_#23; + #15, Gamma_#15 := bvadd32(R0[32:0], 4294967289bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#15, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934586bv33))), (Gamma_R0 && Gamma_#15); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#15, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967290bv33))), (Gamma_R0 && Gamma_#15); + ZF, Gamma_ZF := bvcomp32(bvadd32(#15, 1bv32), 0bv32), Gamma_#15; + NF, Gamma_NF := bvadd32(#15, 1bv32)[32:31], Gamma_#15; assert Gamma_ZF; - goto l00001645_goto_l00001676, l00001645_goto_l00001666; - l00001447: - assume {:captureState "l00001447"} true; - R30, Gamma_R30 := 2264bv64, true; - call sub_seven(); - goto l00001453; - l000015bd: - assume {:captureState "l000015bd"} true; + goto l000014db_goto_l00001508, l000014db_goto_l000014fc; + l00001508: + assume {:captureState "l00001508"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #20, Gamma_#20 := bvadd32(R0[32:0], 4294967291bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#20, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934588bv33))), (Gamma_R0 && Gamma_#20); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#20, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967292bv33))), (Gamma_R0 && Gamma_#20); - ZF, Gamma_ZF := bvcomp32(bvadd32(#20, 1bv32), 0bv32), Gamma_#20; - NF, Gamma_NF := bvadd32(#20, 1bv32)[32:31], Gamma_#20; + #16, Gamma_#16 := bvadd32(R0[32:0], 4294967289bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#16, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934586bv33))), (Gamma_R0 && Gamma_#16); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#16, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967290bv33))), (Gamma_R0 && Gamma_#16); + ZF, Gamma_ZF := bvcomp32(bvadd32(#16, 1bv32), 0bv32), Gamma_#16; + NF, Gamma_NF := bvadd32(#16, 1bv32)[32:31], Gamma_#16; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l000015bd_goto_l000015e5, l000015bd_goto_l00001332; - l00001486_goto_l000014b3: - assume {:captureState "l00001486_goto_l000014b3"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l000014b3; - l00001530_goto_l00001551: - assume {:captureState "l00001530_goto_l00001551"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l00001551; - l000015bd_goto_l00001332: - assume {:captureState "l000015bd_goto_l00001332"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); - goto l00001332; + goto l00001508_goto_l00001332, l00001508_goto_l00001530; + l00001530: + assume {:captureState "l00001530"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #17, Gamma_#17 := bvadd32(R0[32:0], 4294967290bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#17, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934587bv33))), (Gamma_R0 && Gamma_#17); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#17, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967291bv33))), (Gamma_R0 && Gamma_#17); + ZF, Gamma_ZF := bvcomp32(bvadd32(#17, 1bv32), 0bv32), Gamma_#17; + NF, Gamma_NF := bvadd32(#17, 1bv32)[32:31], Gamma_#17; + assert Gamma_ZF; + goto l00001530_goto_l00001564, l00001530_goto_l00001551; + l00001551: + assume {:captureState "l00001551"} true; + R30, Gamma_R30 := 2248bv64, true; + call add_six(); + goto l0000155d; l0000155d: assume {:captureState "l0000155d"} true; R30, Gamma_R30 := 2252bv64, true; call add_two(); goto l000014fc; - l000015e5_goto_l0000161d: - assume {:captureState "l000015e5_goto_l0000161d"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l0000161d; - l0000161d_goto_l00001332: - assume {:captureState "l0000161d_goto_l00001332"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); - goto l00001332; - l0000139e: - assume {:captureState "l0000139e"} true; + l000014fc: + assume {:captureState "l000014fc"} true; + R30, Gamma_R30 := 2256bv64, true; + call add_six(); + goto l000014a7; + l000014a7: + assume {:captureState "l000014a7"} true; + R30, Gamma_R30 := 2260bv64, true; + call sub_seven(); + goto l00001447; + l00001447: + assume {:captureState "l00001447"} true; + R30, Gamma_R30 := 2264bv64, true; + call sub_seven(); + goto l00001453; + l00001453: + assume {:captureState "l00001453"} true; + R30, Gamma_R30 := 2268bv64, true; + call add_six(); + goto l0000145a; + l0000145a: + assume {:captureState "l0000145a"} true; + goto l00001308; + l00001564: + assume {:captureState "l00001564"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #8, Gamma_#8 := bvadd32(R0[32:0], 4294967285bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#8, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934582bv33))), (Gamma_R0 && Gamma_#8); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#8, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967286bv33))), (Gamma_R0 && Gamma_#8); - ZF, Gamma_ZF := bvcomp32(bvadd32(#8, 1bv32), 0bv32), Gamma_#8; - NF, Gamma_NF := bvadd32(#8, 1bv32)[32:31], Gamma_#8; + #18, Gamma_#18 := bvadd32(R0[32:0], 4294967290bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#18, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934587bv33))), (Gamma_R0 && Gamma_#18); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#18, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967291bv33))), (Gamma_R0 && Gamma_#18); + ZF, Gamma_ZF := bvcomp32(bvadd32(#18, 1bv32), 0bv32), Gamma_#18; + NF, Gamma_NF := bvadd32(#18, 1bv32)[32:31], Gamma_#18; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l0000139e_goto_l000013c6, l0000139e_goto_l00001332; - l000012f4: - assume {:captureState "l000012f4"} true; - R30, Gamma_R30 := 2300bv64, true; - call sub_seven(); - goto l00001300; - l0000169e_goto_l000016d6: - assume {:captureState "l0000169e_goto_l000016d6"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l000016d6; - l00001564_goto_l00001332: - assume {:captureState "l00001564_goto_l00001332"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); - goto l00001332; + goto l00001564_goto_l0000158c, l00001564_goto_l00001332; + l0000158c: + assume {:captureState "l0000158c"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #19, Gamma_#19 := bvadd32(R0[32:0], 4294967291bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#19, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934588bv33))), (Gamma_R0 && Gamma_#19); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#19, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967292bv33))), (Gamma_R0 && Gamma_#19); + ZF, Gamma_ZF := bvcomp32(bvadd32(#19, 1bv32), 0bv32), Gamma_#19; + NF, Gamma_NF := bvadd32(#19, 1bv32)[32:31], Gamma_#19; + assert Gamma_ZF; + goto l0000158c_goto_l000015bd, l0000158c_goto_l000015ad; + l000015ad: + assume {:captureState "l000015ad"} true; + R30, Gamma_R30 := 2240bv64, true; + call add_six(); + goto l000015b9; l000015b9: assume {:captureState "l000015b9"} true; goto l00001308; - l0000158c_goto_l000015bd: - assume {:captureState "l0000158c_goto_l000015bd"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l000015bd; - l0000133b_goto_l00001332: - assume {:captureState "l0000133b_goto_l00001332"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); - goto l00001332; + l000015bd: + assume {:captureState "l000015bd"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #20, Gamma_#20 := bvadd32(R0[32:0], 4294967291bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#20, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934588bv33))), (Gamma_R0 && Gamma_#20); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#20, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967292bv33))), (Gamma_R0 && Gamma_#20); + ZF, Gamma_ZF := bvcomp32(bvadd32(#20, 1bv32), 0bv32), Gamma_#20; + NF, Gamma_NF := bvadd32(#20, 1bv32)[32:31], Gamma_#20; + assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); + goto l000015bd_goto_l000015e5, l000015bd_goto_l00001332; + l000015e5: + assume {:captureState "l000015e5"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #21, Gamma_#21 := bvadd32(R0[32:0], 4294967292bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#21, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934589bv33))), (Gamma_R0 && Gamma_#21); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#21, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967293bv33))), (Gamma_R0 && Gamma_#21); + ZF, Gamma_ZF := bvcomp32(bvadd32(#21, 1bv32), 0bv32), Gamma_#21; + NF, Gamma_NF := bvadd32(#21, 1bv32)[32:31], Gamma_#21; + assert Gamma_ZF; + goto l000015e5_goto_l0000161d, l000015e5_goto_l00001606; + l00001606: + assume {:captureState "l00001606"} true; + R30, Gamma_R30 := 2228bv64, true; + call add_two(); + goto l00001612; + l00001612: + assume {:captureState "l00001612"} true; + R30, Gamma_R30 := 2232bv64, true; + call sub_seven(); + goto l00001619; + l00001619: + assume {:captureState "l00001619"} true; + goto l00001308; l0000161d: assume {:captureState "l0000161d"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -563,15 +558,44 @@ implementation main() NF, Gamma_NF := bvadd32(#22, 1bv32)[32:31], Gamma_#22; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); goto l0000161d_goto_l00001332, l0000161d_goto_l00001645; - l00001390: - assume {:captureState "l00001390"} true; - R30, Gamma_R30 := 2292bv64, true; + l00001645: + assume {:captureState "l00001645"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #23, Gamma_#23 := bvadd32(R0[32:0], 4294967293bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#23, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934590bv33))), (Gamma_R0 && Gamma_#23); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#23, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967294bv33))), (Gamma_R0 && Gamma_#23); + ZF, Gamma_ZF := bvcomp32(bvadd32(#23, 1bv32), 0bv32), Gamma_#23; + NF, Gamma_NF := bvadd32(#23, 1bv32)[32:31], Gamma_#23; + assert Gamma_ZF; + goto l00001645_goto_l00001676, l00001645_goto_l00001666; + l00001676: + assume {:captureState "l00001676"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #24, Gamma_#24 := bvadd32(R0[32:0], 4294967293bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#24, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934590bv33))), (Gamma_R0 && Gamma_#24); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#24, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967294bv33))), (Gamma_R0 && Gamma_#24); + ZF, Gamma_ZF := bvcomp32(bvadd32(#24, 1bv32), 0bv32), Gamma_#24; + NF, Gamma_NF := bvadd32(#24, 1bv32)[32:31], Gamma_#24; + assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); + goto l00001676_goto_l00001332, l00001676_goto_l0000169e; + l0000169e: + assume {:captureState "l0000169e"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #25, Gamma_#25 := bvadd32(R0[32:0], 4294967295bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#25, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 0bv33))), (Gamma_R0 && Gamma_#25); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#25, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967296bv33))), (Gamma_R0 && Gamma_#25); + ZF, Gamma_ZF := bvcomp32(bvadd32(#25, 1bv32), 0bv32), Gamma_#25; + NF, Gamma_NF := bvadd32(#25, 1bv32)[32:31], Gamma_#25; + assert Gamma_ZF; + goto l0000169e_goto_l000016bf, l0000169e_goto_l000016d6; + l000016bf: + assume {:captureState "l000016bf"} true; + R30, Gamma_R30 := 2208bv64, true; call add_two(); - goto l00001397; - l000015e5_goto_l00001606: - assume {:captureState "l000015e5_goto_l00001606"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l00001606; + goto l000016cb; + l000016cb: + assume {:captureState "l000016cb"} true; + goto l00001308; l000016d6: assume {:captureState "l000016d6"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -582,140 +606,127 @@ implementation main() NF, Gamma_NF := bvadd32(#26, 1bv32)[32:31], Gamma_#26; assert Gamma_ZF; goto l000016d6_goto_l000016cf, l000016d6_goto_l000016fc; - l00001363_goto_l00001384: - assume {:captureState "l00001363_goto_l00001384"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l00001384; - l0000161d_goto_l00001645: - assume {:captureState "l0000161d_goto_l00001645"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); - goto l00001645; - l00001397: - assume {:captureState "l00001397"} true; - R30, Gamma_R30 := 2296bv64, true; - call add_six(); - goto l000012f4; - l00001551: - assume {:captureState "l00001551"} true; - R30, Gamma_R30 := 2248bv64, true; - call add_six(); - goto l0000155d; - l00001672: - assume {:captureState "l00001672"} true; - goto l00001308; - l00001676_goto_l0000169e: - assume {:captureState "l00001676_goto_l0000169e"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); - goto l0000169e; l000016cf: assume {:captureState "l000016cf"} true; R30, Gamma_R30 := 2216bv64, true; call add_six(); goto l00001666; - l00001530_goto_l00001564: - assume {:captureState "l00001530_goto_l00001564"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l00001564; - l000015ad: - assume {:captureState "l000015ad"} true; - R30, Gamma_R30 := 2240bv64, true; - call add_six(); - goto l000015b9; - l000016cb: - assume {:captureState "l000016cb"} true; + l00001666: + assume {:captureState "l00001666"} true; + R30, Gamma_R30 := 2220bv64, true; + call sub_seven(); + goto l00001672; + l00001672: + assume {:captureState "l00001672"} true; goto l00001308; - l00001676: - assume {:captureState "l00001676"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #24, Gamma_#24 := bvadd32(R0[32:0], 4294967293bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#24, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934590bv33))), (Gamma_R0 && Gamma_#24); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#24, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967294bv33))), (Gamma_R0 && Gamma_#24); - ZF, Gamma_ZF := bvcomp32(bvadd32(#24, 1bv32), 0bv32), Gamma_#24; - NF, Gamma_NF := bvadd32(#24, 1bv32)[32:31], Gamma_#24; - assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l00001676_goto_l00001332, l00001676_goto_l0000169e; - l000013fe_goto_l00001426: - assume {:captureState "l000013fe_goto_l00001426"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); - goto l00001426; - l000013c6_goto_l000013fe: - assume {:captureState "l000013c6_goto_l000013fe"} true; + l00001308: + assume {:captureState "l00001308"} true; + R0, Gamma_R0 := 69632bv64, true; + R0, Gamma_R0 := bvadd64(R0, 16bv64), Gamma_R0; + call rely(); + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, R0)), (gamma_load32(Gamma_mem, R0) || L(mem, R0)); + goto l0000131d; + l000016fc: + assume {:captureState "l000016fc"} true; + goto l00001332; + l00001332: + assume {:captureState "l00001332"} true; + R0, Gamma_R0 := 1bv64, true; + goto l0000131d; + l0000131d: + assume {:captureState "l0000131d"} true; + R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); + R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); + R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; + goto main_return; + lmain_goto_l000012f4: + assume {:captureState "lmain_goto_l000012f4"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l000012f4; + lmain_goto_l0000133b: + assume {:captureState "lmain_goto_l0000133b"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l000013fe; - l0000145e_goto_l00001486: - assume {:captureState "l0000145e_goto_l00001486"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); - goto l00001486; - l0000158c: - assume {:captureState "l0000158c"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #19, Gamma_#19 := bvadd32(R0[32:0], 4294967291bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#19, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934588bv33))), (Gamma_R0 && Gamma_#19); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#19, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967292bv33))), (Gamma_R0 && Gamma_#19); - ZF, Gamma_ZF := bvcomp32(bvadd32(#19, 1bv32), 0bv32), Gamma_#19; - NF, Gamma_NF := bvadd32(#19, 1bv32)[32:31], Gamma_#19; - assert Gamma_ZF; - goto l0000158c_goto_l000015bd, l0000158c_goto_l000015ad; + goto l0000133b; + l0000133b_goto_l00001332: + assume {:captureState "l0000133b_goto_l00001332"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); + goto l00001332; l0000133b_goto_l00001363: assume {:captureState "l0000133b_goto_l00001363"} true; assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); goto l00001363; - l0000158c_goto_l000015ad: - assume {:captureState "l0000158c_goto_l000015ad"} true; + l00001363_goto_l00001384: + assume {:captureState "l00001363_goto_l00001384"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l000015ad; - lmain_goto_l000012f4: - assume {:captureState "lmain_goto_l000012f4"} true; + goto l00001384; + l00001363_goto_l0000139e: + assume {:captureState "l00001363_goto_l0000139e"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l0000139e; + l0000139e_goto_l00001332: + assume {:captureState "l0000139e_goto_l00001332"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); + goto l00001332; + l0000139e_goto_l000013c6: + assume {:captureState "l0000139e_goto_l000013c6"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); + goto l000013c6; + l000013c6_goto_l000013e7: + assume {:captureState "l000013c6_goto_l000013e7"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l000012f4; - l000013e7: - assume {:captureState "l000013e7"} true; - R30, Gamma_R30 := 2276bv64, true; - call add_two(); - goto l000013f3; - l000015e5: - assume {:captureState "l000015e5"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #21, Gamma_#21 := bvadd32(R0[32:0], 4294967292bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#21, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934589bv33))), (Gamma_R0 && Gamma_#21); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#21, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967293bv33))), (Gamma_R0 && Gamma_#21); - ZF, Gamma_ZF := bvcomp32(bvadd32(#21, 1bv32), 0bv32), Gamma_#21; - NF, Gamma_NF := bvadd32(#21, 1bv32)[32:31], Gamma_#21; - assert Gamma_ZF; - goto l000015e5_goto_l0000161d, l000015e5_goto_l00001606; - l00001300: - assume {:captureState "l00001300"} true; - R30, Gamma_R30 := 2304bv64, true; - call add_two(); - goto l00001307; - l000016fc: - assume {:captureState "l000016fc"} true; + goto l000013e7; + l000013c6_goto_l000013fe: + assume {:captureState "l000013c6_goto_l000013fe"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l000013fe; + l000013fe_goto_l00001332: + assume {:captureState "l000013fe_goto_l00001332"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); goto l00001332; + l000013fe_goto_l00001426: + assume {:captureState "l000013fe_goto_l00001426"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); + goto l00001426; + l00001426_goto_l00001447: + assume {:captureState "l00001426_goto_l00001447"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l00001447; l00001426_goto_l0000145e: assume {:captureState "l00001426_goto_l0000145e"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); goto l0000145e; - l000014fc: - assume {:captureState "l000014fc"} true; - R30, Gamma_R30 := 2256bv64, true; - call add_six(); + l0000145e_goto_l00001332: + assume {:captureState "l0000145e_goto_l00001332"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); + goto l00001332; + l0000145e_goto_l00001486: + assume {:captureState "l0000145e_goto_l00001486"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); + goto l00001486; + l00001486_goto_l000014a7: + assume {:captureState "l00001486_goto_l000014a7"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); goto l000014a7; - l00001564_goto_l0000158c: - assume {:captureState "l00001564_goto_l0000158c"} true; + l00001486_goto_l000014b3: + assume {:captureState "l00001486_goto_l000014b3"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l000014b3; + l000014b3_goto_l00001332: + assume {:captureState "l000014b3_goto_l00001332"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); + goto l00001332; + l000014b3_goto_l000014db: + assume {:captureState "l000014b3_goto_l000014db"} true; assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); - goto l0000158c; - l00001384: - assume {:captureState "l00001384"} true; - R30, Gamma_R30 := 2288bv64, true; - call sub_seven(); - goto l00001390; - l00001308: - assume {:captureState "l00001308"} true; - R0, Gamma_R0 := 69632bv64, true; - R0, Gamma_R0 := bvadd64(R0, 16bv64), Gamma_R0; - call rely(); - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, R0)), (gamma_load32(Gamma_mem, R0) || L(mem, R0)); - goto l0000131d; + goto l000014db; + l000014db_goto_l000014fc: + assume {:captureState "l000014db_goto_l000014fc"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l000014fc; + l000014db_goto_l00001508: + assume {:captureState "l000014db_goto_l00001508"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l00001508; l00001508_goto_l00001332: assume {:captureState "l00001508_goto_l00001332"} true; assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); @@ -724,97 +735,86 @@ implementation main() assume {:captureState "l00001508_goto_l00001530"} true; assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); goto l00001530; - l00001307: - assume {:captureState "l00001307"} true; - goto l00001308; - l000016bf: - assume {:captureState "l000016bf"} true; - R30, Gamma_R30 := 2208bv64, true; - call add_two(); - goto l000016cb; - l0000139e_goto_l00001332: - assume {:captureState "l0000139e_goto_l00001332"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); - goto l00001332; - l00001426: - assume {:captureState "l00001426"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #11, Gamma_#11 := bvadd32(R0[32:0], 4294967287bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#11, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934584bv33))), (Gamma_R0 && Gamma_#11); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#11, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967288bv33))), (Gamma_R0 && Gamma_#11); - ZF, Gamma_ZF := bvcomp32(bvadd32(#11, 1bv32), 0bv32), Gamma_#11; - NF, Gamma_NF := bvadd32(#11, 1bv32)[32:31], Gamma_#11; - assert Gamma_ZF; - goto l00001426_goto_l0000145e, l00001426_goto_l00001447; - l00001666: - assume {:captureState "l00001666"} true; - R30, Gamma_R30 := 2220bv64, true; - call sub_seven(); - goto l00001672; - l0000145e: - assume {:captureState "l0000145e"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #12, Gamma_#12 := bvadd32(R0[32:0], 4294967287bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#12, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934584bv33))), (Gamma_R0 && Gamma_#12); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#12, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967288bv33))), (Gamma_R0 && Gamma_#12); - ZF, Gamma_ZF := bvcomp32(bvadd32(#12, 1bv32), 0bv32), Gamma_#12; - NF, Gamma_NF := bvadd32(#12, 1bv32)[32:31], Gamma_#12; - assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l0000145e_goto_l00001486, l0000145e_goto_l00001332; - l000014b3_goto_l00001332: - assume {:captureState "l000014b3_goto_l00001332"} true; + l00001530_goto_l00001551: + assume {:captureState "l00001530_goto_l00001551"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l00001551; + l00001530_goto_l00001564: + assume {:captureState "l00001530_goto_l00001564"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l00001564; + l00001564_goto_l00001332: + assume {:captureState "l00001564_goto_l00001332"} true; assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); goto l00001332; - l0000133b: - assume {:captureState "l0000133b"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #6, Gamma_#6 := bvadd32(R0[32:0], 4294967284bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#6, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934581bv33))), (Gamma_R0 && Gamma_#6); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#6, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967285bv33))), (Gamma_R0 && Gamma_#6); - ZF, Gamma_ZF := bvcomp32(bvadd32(#6, 1bv32), 0bv32), Gamma_#6; - NF, Gamma_NF := bvadd32(#6, 1bv32)[32:31], Gamma_#6; - assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l0000133b_goto_l00001363, l0000133b_goto_l00001332; - l0000169e: - assume {:captureState "l0000169e"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #25, Gamma_#25 := bvadd32(R0[32:0], 4294967295bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#25, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 0bv33))), (Gamma_R0 && Gamma_#25); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#25, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967296bv33))), (Gamma_R0 && Gamma_#25); - ZF, Gamma_ZF := bvcomp32(bvadd32(#25, 1bv32), 0bv32), Gamma_#25; - NF, Gamma_NF := bvadd32(#25, 1bv32)[32:31], Gamma_#25; - assert Gamma_ZF; - goto l0000169e_goto_l000016bf, l0000169e_goto_l000016d6; - l00001676_goto_l00001332: - assume {:captureState "l00001676_goto_l00001332"} true; + l00001564_goto_l0000158c: + assume {:captureState "l00001564_goto_l0000158c"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); + goto l0000158c; + l0000158c_goto_l000015ad: + assume {:captureState "l0000158c_goto_l000015ad"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l000015ad; + l0000158c_goto_l000015bd: + assume {:captureState "l0000158c_goto_l000015bd"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l000015bd; + l000015bd_goto_l00001332: + assume {:captureState "l000015bd_goto_l00001332"} true; assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); goto l00001332; - l000013fe_goto_l00001332: - assume {:captureState "l000013fe_goto_l00001332"} true; + l000015bd_goto_l000015e5: + assume {:captureState "l000015bd_goto_l000015e5"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); + goto l000015e5; + l000015e5_goto_l00001606: + assume {:captureState "l000015e5_goto_l00001606"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l00001606; + l000015e5_goto_l0000161d: + assume {:captureState "l000015e5_goto_l0000161d"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l0000161d; + l0000161d_goto_l00001332: + assume {:captureState "l0000161d_goto_l00001332"} true; assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); goto l00001332; - l0000145e_goto_l00001332: - assume {:captureState "l0000145e_goto_l00001332"} true; + l0000161d_goto_l00001645: + assume {:captureState "l0000161d_goto_l00001645"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); + goto l00001645; + l00001645_goto_l00001666: + assume {:captureState "l00001645_goto_l00001666"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l00001666; + l00001645_goto_l00001676: + assume {:captureState "l00001645_goto_l00001676"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l00001676; + l00001676_goto_l00001332: + assume {:captureState "l00001676_goto_l00001332"} true; assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); goto l00001332; - l000013f3: - assume {:captureState "l000013f3"} true; - R30, Gamma_R30 := 2280bv64, true; - call add_six(); - goto l000013fa; - l0000145a: - assume {:captureState "l0000145a"} true; - goto l00001308; - l00001508: - assume {:captureState "l00001508"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #16, Gamma_#16 := bvadd32(R0[32:0], 4294967289bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#16, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934586bv33))), (Gamma_R0 && Gamma_#16); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#16, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967290bv33))), (Gamma_R0 && Gamma_#16); - ZF, Gamma_ZF := bvcomp32(bvadd32(#16, 1bv32), 0bv32), Gamma_#16; - NF, Gamma_NF := bvadd32(#16, 1bv32)[32:31], Gamma_#16; - assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l00001508_goto_l00001332, l00001508_goto_l00001530; + l00001676_goto_l0000169e: + assume {:captureState "l00001676_goto_l0000169e"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); + goto l0000169e; + l0000169e_goto_l000016bf: + assume {:captureState "l0000169e_goto_l000016bf"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l000016bf; + l0000169e_goto_l000016d6: + assume {:captureState "l0000169e_goto_l000016d6"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l000016d6; + l000016d6_goto_l000016cf: + assume {:captureState "l000016d6_goto_l000016cf"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l000016cf; + l000016d6_goto_l000016fc: + assume {:captureState "l000016d6_goto_l000016fc"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l000016fc; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/jumptable3/gcc_pic/jumptable3.expected b/src/test/correct/jumptable3/gcc_pic/jumptable3.expected index 21dde3010..95c915903 100644 --- a/src/test/correct/jumptable3/gcc_pic/jumptable3.expected +++ b/src/test/correct/jumptable3/gcc_pic/jumptable3.expected @@ -304,183 +304,97 @@ implementation main() NF, Gamma_NF := bvadd32(#5, 1bv32)[32:31], Gamma_#5; assert Gamma_ZF; goto lmain_goto_l000005e7, lmain_goto_l0000059f; - l00000732_goto_l0000075f: - assume {:captureState "l00000732_goto_l0000075f"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l0000075f; - l000006aa_goto_l000006d2: - assume {:captureState "l000006aa_goto_l000006d2"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); - goto l000006d2; - l000005c9: - assume {:captureState "l000005c9"} true; - R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); - R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); - R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; - goto main_return; - l000006a6: - assume {:captureState "l000006a6"} true; - goto l000005b3; - l000006d2_goto_l0000070a: - assume {:captureState "l000006d2_goto_l0000070a"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l0000070a; - l0000070a: - assume {:captureState "l0000070a"} true; + l000005e7: + assume {:captureState "l000005e7"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #12, Gamma_#12 := bvadd32(R0[32:0], 4294967287bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#12, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934584bv33))), (Gamma_R0 && Gamma_#12); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#12, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967288bv33))), (Gamma_R0 && Gamma_#12); - ZF, Gamma_ZF := bvcomp32(bvadd32(#12, 1bv32), 0bv32), Gamma_#12; - NF, Gamma_NF := bvadd32(#12, 1bv32)[32:31], Gamma_#12; + #6, Gamma_#6 := bvadd32(R0[32:0], 4294967284bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#6, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934581bv33))), (Gamma_R0 && Gamma_#6); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#6, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967285bv33))), (Gamma_R0 && Gamma_#6); + ZF, Gamma_ZF := bvcomp32(bvadd32(#6, 1bv32), 0bv32), Gamma_#6; + NF, Gamma_NF := bvadd32(#6, 1bv32)[32:31], Gamma_#6; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l0000070a_goto_l000005de, l0000070a_goto_l00000732; - l0000094a: - assume {:captureState "l0000094a"} true; + goto l000005e7_goto_l000005de, l000005e7_goto_l0000060f; + l0000060f: + assume {:captureState "l0000060f"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #25, Gamma_#25 := bvadd32(R0[32:0], 4294967295bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#25, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 0bv33))), (Gamma_R0 && Gamma_#25); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#25, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967296bv33))), (Gamma_R0 && Gamma_#25); - ZF, Gamma_ZF := bvcomp32(bvadd32(#25, 1bv32), 0bv32), Gamma_#25; - NF, Gamma_NF := bvadd32(#25, 1bv32)[32:31], Gamma_#25; + #7, Gamma_#7 := bvadd32(R0[32:0], 4294967285bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#7, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934582bv33))), (Gamma_R0 && Gamma_#7); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#7, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967286bv33))), (Gamma_R0 && Gamma_#7); + ZF, Gamma_ZF := bvcomp32(bvadd32(#7, 1bv32), 0bv32), Gamma_#7; + NF, Gamma_NF := bvadd32(#7, 1bv32)[32:31], Gamma_#7; assert Gamma_ZF; - goto l0000094a_goto_l00000982, l0000094a_goto_l0000096b; - l000008c9_goto_l000008f1: - assume {:captureState "l000008c9_goto_l000008f1"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); - goto l000008f1; - l000007dc_goto_l00000810: - assume {:captureState "l000007dc_goto_l00000810"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l00000810; - l00000787_goto_l000007b4: - assume {:captureState "l00000787_goto_l000007b4"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l000007b4; - l00000982_goto_l000009a8: - assume {:captureState "l00000982_goto_l000009a8"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l000009a8; - l00000810_goto_l000005de: - assume {:captureState "l00000810_goto_l000005de"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); - goto l000005de; - l00000891_goto_l000008c9: - assume {:captureState "l00000891_goto_l000008c9"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l000008c9; - l00000922_goto_l000005de: - assume {:captureState "l00000922_goto_l000005de"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); - goto l000005de; - l000008f1_goto_l00000922: - assume {:captureState "l000008f1_goto_l00000922"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l00000922; - l00000838_goto_l00000859: - assume {:captureState "l00000838_goto_l00000859"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l00000859; - l000006aa_goto_l000005de: - assume {:captureState "l000006aa_goto_l000005de"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); - goto l000005de; - l00000922: - assume {:captureState "l00000922"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #24, Gamma_#24 := bvadd32(R0[32:0], 4294967293bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#24, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934590bv33))), (Gamma_R0 && Gamma_#24); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#24, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967294bv33))), (Gamma_R0 && Gamma_#24); - ZF, Gamma_ZF := bvcomp32(bvadd32(#24, 1bv32), 0bv32), Gamma_#24; - NF, Gamma_NF := bvadd32(#24, 1bv32)[32:31], Gamma_#24; - assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l00000922_goto_l0000094a, l00000922_goto_l000005de; + goto l0000060f_goto_l00000630, l0000060f_goto_l0000064a; + l00000630: + assume {:captureState "l00000630"} true; + R30, Gamma_R30 := 2352bv64, true; + call sub_seven(); + goto l0000063c; + l0000063c: + assume {:captureState "l0000063c"} true; + R30, Gamma_R30 := 2356bv64, true; + call add_two(); + goto l00000643; l00000643: assume {:captureState "l00000643"} true; R30, Gamma_R30 := 2360bv64, true; call add_six(); goto l0000059f; - l000007fd: - assume {:captureState "l000007fd"} true; - R30, Gamma_R30 := 2312bv64, true; - call add_six(); - goto l00000809; - l0000075f_goto_l00000787: - assume {:captureState "l0000075f_goto_l00000787"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); - goto l00000787; - l0000075f_goto_l000005de: - assume {:captureState "l0000075f_goto_l000005de"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); - goto l000005de; l0000059f: assume {:captureState "l0000059f"} true; R30, Gamma_R30 := 2364bv64, true; call sub_seven(); goto l000005ab; - lmain_goto_l000005e7: - assume {:captureState "lmain_goto_l000005e7"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l000005e7; - l000006f3: - assume {:captureState "l000006f3"} true; - R30, Gamma_R30 := 2328bv64, true; - call sub_seven(); - goto l000006ff; - l000008f1: - assume {:captureState "l000008f1"} true; + l000005ab: + assume {:captureState "l000005ab"} true; + R30, Gamma_R30 := 2368bv64, true; + call add_two(); + goto l000005b2; + l000005b2: + assume {:captureState "l000005b2"} true; + goto l000005b3; + l0000064a: + assume {:captureState "l0000064a"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #23, Gamma_#23 := bvadd32(R0[32:0], 4294967293bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#23, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934590bv33))), (Gamma_R0 && Gamma_#23); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#23, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967294bv33))), (Gamma_R0 && Gamma_#23); - ZF, Gamma_ZF := bvcomp32(bvadd32(#23, 1bv32), 0bv32), Gamma_#23; - NF, Gamma_NF := bvadd32(#23, 1bv32)[32:31], Gamma_#23; + #8, Gamma_#8 := bvadd32(R0[32:0], 4294967285bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#8, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934582bv33))), (Gamma_R0 && Gamma_#8); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#8, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967286bv33))), (Gamma_R0 && Gamma_#8); + ZF, Gamma_ZF := bvcomp32(bvadd32(#8, 1bv32), 0bv32), Gamma_#8; + NF, Gamma_NF := bvadd32(#8, 1bv32)[32:31], Gamma_#8; + assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); + goto l0000064a_goto_l000005de, l0000064a_goto_l00000672; + l00000672: + assume {:captureState "l00000672"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #9, Gamma_#9 := bvadd32(R0[32:0], 4294967286bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#9, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934583bv33))), (Gamma_R0 && Gamma_#9); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#9, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967287bv33))), (Gamma_R0 && Gamma_#9); + ZF, Gamma_ZF := bvcomp32(bvadd32(#9, 1bv32), 0bv32), Gamma_#9; + NF, Gamma_NF := bvadd32(#9, 1bv32)[32:31], Gamma_#9; assert Gamma_ZF; - goto l000008f1_goto_l00000912, l000008f1_goto_l00000922; - l00000809: - assume {:captureState "l00000809"} true; - R30, Gamma_R30 := 2316bv64, true; + goto l00000672_goto_l00000693, l00000672_goto_l000006aa; + l00000693: + assume {:captureState "l00000693"} true; + R30, Gamma_R30 := 2340bv64, true; call add_two(); - goto l000007a8; - l00000982_goto_l0000097b: - assume {:captureState "l00000982_goto_l0000097b"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l0000097b; - l000007dc_goto_l000007fd: - assume {:captureState "l000007dc_goto_l000007fd"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l000007fd; - l0000064a_goto_l000005de: - assume {:captureState "l0000064a_goto_l000005de"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); - goto l000005de; - l000007b4: - assume {:captureState "l000007b4"} true; + goto l0000069f; + l0000069f: + assume {:captureState "l0000069f"} true; + R30, Gamma_R30 := 2344bv64, true; + call add_six(); + goto l000006a6; + l000006a6: + assume {:captureState "l000006a6"} true; + goto l000005b3; + l000006aa: + assume {:captureState "l000006aa"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #16, Gamma_#16 := bvadd32(R0[32:0], 4294967289bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#16, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934586bv33))), (Gamma_R0 && Gamma_#16); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#16, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967290bv33))), (Gamma_R0 && Gamma_#16); - ZF, Gamma_ZF := bvcomp32(bvadd32(#16, 1bv32), 0bv32), Gamma_#16; - NF, Gamma_NF := bvadd32(#16, 1bv32)[32:31], Gamma_#16; + #10, Gamma_#10 := bvadd32(R0[32:0], 4294967286bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#10, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934583bv33))), (Gamma_R0 && Gamma_#10); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#10, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967287bv33))), (Gamma_R0 && Gamma_#10); + ZF, Gamma_ZF := bvcomp32(bvadd32(#10, 1bv32), 0bv32), Gamma_#10; + NF, Gamma_NF := bvadd32(#10, 1bv32)[32:31], Gamma_#10; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l000007b4_goto_l000007dc, l000007b4_goto_l000005de; - l000005b3: - assume {:captureState "l000005b3"} true; - R0, Gamma_R0 := 65536bv64, true; - call rely(); - R0, Gamma_R0 := memory_load64_le(mem, bvadd64(R0, 4064bv64)), (gamma_load64(Gamma_mem, bvadd64(R0, 4064bv64)) || L(mem, bvadd64(R0, 4064bv64))); - call rely(); - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, R0)), (gamma_load32(Gamma_mem, R0) || L(mem, R0)); - goto l000005c9; - l000005e7_goto_l000005de: - assume {:captureState "l000005e7_goto_l000005de"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); - goto l000005de; - l0000097b: - assume {:captureState "l0000097b"} true; - R30, Gamma_R30 := 2280bv64, true; - call add_six(); - goto l00000912; + goto l000006aa_goto_l000006d2, l000006aa_goto_l000005de; l000006d2: assume {:captureState "l000006d2"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -491,59 +405,109 @@ implementation main() NF, Gamma_NF := bvadd32(#11, 1bv32)[32:31], Gamma_#11; assert Gamma_ZF; goto l000006d2_goto_l0000070a, l000006d2_goto_l000006f3; - l00000810_goto_l00000838: - assume {:captureState "l00000810_goto_l00000838"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); - goto l00000838; - l000005b2: - assume {:captureState "l000005b2"} true; - goto l000005b3; - l00000630: - assume {:captureState "l00000630"} true; - R30, Gamma_R30 := 2352bv64, true; - call sub_seven(); - goto l0000063c; - l00000672: - assume {:captureState "l00000672"} true; + l0000070a: + assume {:captureState "l0000070a"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #9, Gamma_#9 := bvadd32(R0[32:0], 4294967286bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#9, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934583bv33))), (Gamma_R0 && Gamma_#9); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#9, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967287bv33))), (Gamma_R0 && Gamma_#9); - ZF, Gamma_ZF := bvcomp32(bvadd32(#9, 1bv32), 0bv32), Gamma_#9; - NF, Gamma_NF := bvadd32(#9, 1bv32)[32:31], Gamma_#9; - assert Gamma_ZF; - goto l00000672_goto_l00000693, l00000672_goto_l000006aa; - l0000070a_goto_l000005de: - assume {:captureState "l0000070a_goto_l000005de"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); - goto l000005de; - l00000912: - assume {:captureState "l00000912"} true; - R30, Gamma_R30 := 2284bv64, true; - call sub_seven(); - goto l0000091e; - l000005ab: - assume {:captureState "l000005ab"} true; - R30, Gamma_R30 := 2368bv64, true; + #12, Gamma_#12 := bvadd32(R0[32:0], 4294967287bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#12, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934584bv33))), (Gamma_R0 && Gamma_#12); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#12, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967288bv33))), (Gamma_R0 && Gamma_#12); + ZF, Gamma_ZF := bvcomp32(bvadd32(#12, 1bv32), 0bv32), Gamma_#12; + NF, Gamma_NF := bvadd32(#12, 1bv32)[32:31], Gamma_#12; + assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); + goto l0000070a_goto_l000005de, l0000070a_goto_l00000732; + l00000732: + assume {:captureState "l00000732"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #13, Gamma_#13 := bvadd32(R0[32:0], 4294967288bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#13, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934585bv33))), (Gamma_R0 && Gamma_#13); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#13, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967289bv33))), (Gamma_R0 && Gamma_#13); + ZF, Gamma_ZF := bvcomp32(bvadd32(#13, 1bv32), 0bv32), Gamma_#13; + NF, Gamma_NF := bvadd32(#13, 1bv32)[32:31], Gamma_#13; + assert Gamma_ZF; + goto l00000732_goto_l0000075f, l00000732_goto_l00000753; + l0000075f: + assume {:captureState "l0000075f"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #14, Gamma_#14 := bvadd32(R0[32:0], 4294967288bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#14, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934585bv33))), (Gamma_R0 && Gamma_#14); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#14, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967289bv33))), (Gamma_R0 && Gamma_#14); + ZF, Gamma_ZF := bvcomp32(bvadd32(#14, 1bv32), 0bv32), Gamma_#14; + NF, Gamma_NF := bvadd32(#14, 1bv32)[32:31], Gamma_#14; + assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); + goto l0000075f_goto_l00000787, l0000075f_goto_l000005de; + l00000787: + assume {:captureState "l00000787"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #15, Gamma_#15 := bvadd32(R0[32:0], 4294967289bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#15, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934586bv33))), (Gamma_R0 && Gamma_#15); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#15, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967290bv33))), (Gamma_R0 && Gamma_#15); + ZF, Gamma_ZF := bvcomp32(bvadd32(#15, 1bv32), 0bv32), Gamma_#15; + NF, Gamma_NF := bvadd32(#15, 1bv32)[32:31], Gamma_#15; + assert Gamma_ZF; + goto l00000787_goto_l000007b4, l00000787_goto_l000007a8; + l000007b4: + assume {:captureState "l000007b4"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #16, Gamma_#16 := bvadd32(R0[32:0], 4294967289bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#16, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934586bv33))), (Gamma_R0 && Gamma_#16); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#16, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967290bv33))), (Gamma_R0 && Gamma_#16); + ZF, Gamma_ZF := bvcomp32(bvadd32(#16, 1bv32), 0bv32), Gamma_#16; + NF, Gamma_NF := bvadd32(#16, 1bv32)[32:31], Gamma_#16; + assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); + goto l000007b4_goto_l000007dc, l000007b4_goto_l000005de; + l000007dc: + assume {:captureState "l000007dc"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #17, Gamma_#17 := bvadd32(R0[32:0], 4294967290bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#17, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934587bv33))), (Gamma_R0 && Gamma_#17); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#17, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967291bv33))), (Gamma_R0 && Gamma_#17); + ZF, Gamma_ZF := bvcomp32(bvadd32(#17, 1bv32), 0bv32), Gamma_#17; + NF, Gamma_NF := bvadd32(#17, 1bv32)[32:31], Gamma_#17; + assert Gamma_ZF; + goto l000007dc_goto_l000007fd, l000007dc_goto_l00000810; + l000007fd: + assume {:captureState "l000007fd"} true; + R30, Gamma_R30 := 2312bv64, true; + call add_six(); + goto l00000809; + l00000809: + assume {:captureState "l00000809"} true; + R30, Gamma_R30 := 2316bv64, true; call add_two(); - goto l000005b2; - l00000732_goto_l00000753: - assume {:captureState "l00000732_goto_l00000753"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l000007a8; + l000007a8: + assume {:captureState "l000007a8"} true; + R30, Gamma_R30 := 2320bv64, true; + call add_six(); goto l00000753; l00000753: assume {:captureState "l00000753"} true; R30, Gamma_R30 := 2324bv64, true; call sub_seven(); goto l000006f3; - l00000869_goto_l00000891: - assume {:captureState "l00000869_goto_l00000891"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); - goto l00000891; - l0000060f_goto_l0000064a: - assume {:captureState "l0000060f_goto_l0000064a"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l0000064a; + l000006f3: + assume {:captureState "l000006f3"} true; + R30, Gamma_R30 := 2328bv64, true; + call sub_seven(); + goto l000006ff; + l000006ff: + assume {:captureState "l000006ff"} true; + R30, Gamma_R30 := 2332bv64, true; + call add_six(); + goto l00000706; + l00000706: + assume {:captureState "l00000706"} true; + goto l000005b3; + l00000810: + assume {:captureState "l00000810"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #18, Gamma_#18 := bvadd32(R0[32:0], 4294967290bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#18, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934587bv33))), (Gamma_R0 && Gamma_#18); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#18, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967291bv33))), (Gamma_R0 && Gamma_#18); + ZF, Gamma_ZF := bvcomp32(bvadd32(#18, 1bv32), 0bv32), Gamma_#18; + NF, Gamma_NF := bvadd32(#18, 1bv32)[32:31], Gamma_#18; + assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); + goto l00000810_goto_l000005de, l00000810_goto_l00000838; l00000838: assume {:captureState "l00000838"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -554,36 +518,95 @@ implementation main() NF, Gamma_NF := bvadd32(#19, 1bv32)[32:31], Gamma_#19; assert Gamma_ZF; goto l00000838_goto_l00000869, l00000838_goto_l00000859; - l000005e7_goto_l0000060f: - assume {:captureState "l000005e7_goto_l0000060f"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); - goto l0000060f; + l00000859: + assume {:captureState "l00000859"} true; + R30, Gamma_R30 := 2304bv64, true; + call add_six(); + goto l00000865; + l00000865: + assume {:captureState "l00000865"} true; + goto l000005b3; + l00000869: + assume {:captureState "l00000869"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #20, Gamma_#20 := bvadd32(R0[32:0], 4294967291bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#20, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934588bv33))), (Gamma_R0 && Gamma_#20); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#20, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967292bv33))), (Gamma_R0 && Gamma_#20); + ZF, Gamma_ZF := bvcomp32(bvadd32(#20, 1bv32), 0bv32), Gamma_#20; + NF, Gamma_NF := bvadd32(#20, 1bv32)[32:31], Gamma_#20; + assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); + goto l00000869_goto_l00000891, l00000869_goto_l000005de; + l00000891: + assume {:captureState "l00000891"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #21, Gamma_#21 := bvadd32(R0[32:0], 4294967292bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#21, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934589bv33))), (Gamma_R0 && Gamma_#21); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#21, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967293bv33))), (Gamma_R0 && Gamma_#21); + ZF, Gamma_ZF := bvcomp32(bvadd32(#21, 1bv32), 0bv32), Gamma_#21; + NF, Gamma_NF := bvadd32(#21, 1bv32)[32:31], Gamma_#21; + assert Gamma_ZF; + goto l00000891_goto_l000008b2, l00000891_goto_l000008c9; + l000008b2: + assume {:captureState "l000008b2"} true; + R30, Gamma_R30 := 2292bv64, true; + call add_two(); + goto l000008be; + l000008be: + assume {:captureState "l000008be"} true; + R30, Gamma_R30 := 2296bv64, true; + call sub_seven(); + goto l000008c5; l000008c5: assume {:captureState "l000008c5"} true; goto l000005b3; - l0000064a_goto_l00000672: - assume {:captureState "l0000064a_goto_l00000672"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); - goto l00000672; - l000005e7: - assume {:captureState "l000005e7"} true; + l000008c9: + assume {:captureState "l000008c9"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #6, Gamma_#6 := bvadd32(R0[32:0], 4294967284bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#6, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934581bv33))), (Gamma_R0 && Gamma_#6); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#6, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967285bv33))), (Gamma_R0 && Gamma_#6); - ZF, Gamma_ZF := bvcomp32(bvadd32(#6, 1bv32), 0bv32), Gamma_#6; - NF, Gamma_NF := bvadd32(#6, 1bv32)[32:31], Gamma_#6; + #22, Gamma_#22 := bvadd32(R0[32:0], 4294967292bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#22, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934589bv33))), (Gamma_R0 && Gamma_#22); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#22, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967293bv33))), (Gamma_R0 && Gamma_#22); + ZF, Gamma_ZF := bvcomp32(bvadd32(#22, 1bv32), 0bv32), Gamma_#22; + NF, Gamma_NF := bvadd32(#22, 1bv32)[32:31], Gamma_#22; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l000005e7_goto_l000005de, l000005e7_goto_l0000060f; - lmain_goto_l0000059f: - assume {:captureState "lmain_goto_l0000059f"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l0000059f; + goto l000008c9_goto_l000008f1, l000008c9_goto_l000005de; + l000008f1: + assume {:captureState "l000008f1"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #23, Gamma_#23 := bvadd32(R0[32:0], 4294967293bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#23, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934590bv33))), (Gamma_R0 && Gamma_#23); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#23, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967294bv33))), (Gamma_R0 && Gamma_#23); + ZF, Gamma_ZF := bvcomp32(bvadd32(#23, 1bv32), 0bv32), Gamma_#23; + NF, Gamma_NF := bvadd32(#23, 1bv32)[32:31], Gamma_#23; + assert Gamma_ZF; + goto l000008f1_goto_l00000912, l000008f1_goto_l00000922; + l00000922: + assume {:captureState "l00000922"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #24, Gamma_#24 := bvadd32(R0[32:0], 4294967293bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#24, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934590bv33))), (Gamma_R0 && Gamma_#24); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#24, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967294bv33))), (Gamma_R0 && Gamma_#24); + ZF, Gamma_ZF := bvcomp32(bvadd32(#24, 1bv32), 0bv32), Gamma_#24; + NF, Gamma_NF := bvadd32(#24, 1bv32)[32:31], Gamma_#24; + assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); + goto l00000922_goto_l0000094a, l00000922_goto_l000005de; + l0000094a: + assume {:captureState "l0000094a"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #25, Gamma_#25 := bvadd32(R0[32:0], 4294967295bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#25, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 0bv33))), (Gamma_R0 && Gamma_#25); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#25, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967296bv33))), (Gamma_R0 && Gamma_#25); + ZF, Gamma_ZF := bvcomp32(bvadd32(#25, 1bv32), 0bv32), Gamma_#25; + NF, Gamma_NF := bvadd32(#25, 1bv32)[32:31], Gamma_#25; + assert Gamma_ZF; + goto l0000094a_goto_l00000982, l0000094a_goto_l0000096b; l0000096b: assume {:captureState "l0000096b"} true; R30, Gamma_R30 := 2272bv64, true; call add_two(); goto l00000977; + l00000977: + assume {:captureState "l00000977"} true; + goto l000005b3; l00000982: assume {:captureState "l00000982"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -594,239 +617,216 @@ implementation main() NF, Gamma_NF := bvadd32(#26, 1bv32)[32:31], Gamma_#26; assert Gamma_ZF; goto l00000982_goto_l000009a8, l00000982_goto_l0000097b; + l0000097b: + assume {:captureState "l0000097b"} true; + R30, Gamma_R30 := 2280bv64, true; + call add_six(); + goto l00000912; + l00000912: + assume {:captureState "l00000912"} true; + R30, Gamma_R30 := 2284bv64, true; + call sub_seven(); + goto l0000091e; + l0000091e: + assume {:captureState "l0000091e"} true; + goto l000005b3; + l000005b3: + assume {:captureState "l000005b3"} true; + R0, Gamma_R0 := 65536bv64, true; + call rely(); + R0, Gamma_R0 := memory_load64_le(mem, bvadd64(R0, 4064bv64)), (gamma_load64(Gamma_mem, bvadd64(R0, 4064bv64)) || L(mem, bvadd64(R0, 4064bv64))); + call rely(); + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, R0)), (gamma_load32(Gamma_mem, R0) || L(mem, R0)); + goto l000005c9; l000009a8: assume {:captureState "l000009a8"} true; goto l000005de; - l0000094a_goto_l0000096b: - assume {:captureState "l0000094a_goto_l0000096b"} true; + l000005de: + assume {:captureState "l000005de"} true; + R0, Gamma_R0 := 1bv64, true; + goto l000005c9; + l000005c9: + assume {:captureState "l000005c9"} true; + R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); + R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); + R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; + goto main_return; + lmain_goto_l0000059f: + assume {:captureState "lmain_goto_l0000059f"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l0000096b; - l000007a8: - assume {:captureState "l000007a8"} true; - R30, Gamma_R30 := 2320bv64, true; - call add_six(); - goto l00000753; - l000008c9: - assume {:captureState "l000008c9"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #22, Gamma_#22 := bvadd32(R0[32:0], 4294967292bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#22, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934589bv33))), (Gamma_R0 && Gamma_#22); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#22, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967293bv33))), (Gamma_R0 && Gamma_#22); - ZF, Gamma_ZF := bvcomp32(bvadd32(#22, 1bv32), 0bv32), Gamma_#22; - NF, Gamma_NF := bvadd32(#22, 1bv32)[32:31], Gamma_#22; - assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l000008c9_goto_l000008f1, l000008c9_goto_l000005de; - l0000060f: - assume {:captureState "l0000060f"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #7, Gamma_#7 := bvadd32(R0[32:0], 4294967285bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#7, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934582bv33))), (Gamma_R0 && Gamma_#7); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#7, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967286bv33))), (Gamma_R0 && Gamma_#7); - ZF, Gamma_ZF := bvcomp32(bvadd32(#7, 1bv32), 0bv32), Gamma_#7; - NF, Gamma_NF := bvadd32(#7, 1bv32)[32:31], Gamma_#7; - assert Gamma_ZF; - goto l0000060f_goto_l00000630, l0000060f_goto_l0000064a; - l0000070a_goto_l00000732: - assume {:captureState "l0000070a_goto_l00000732"} true; + goto l0000059f; + lmain_goto_l000005e7: + assume {:captureState "lmain_goto_l000005e7"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l000005e7; + l000005e7_goto_l000005de: + assume {:captureState "l000005e7_goto_l000005de"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); + goto l000005de; + l000005e7_goto_l0000060f: + assume {:captureState "l000005e7_goto_l0000060f"} true; assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); - goto l00000732; - l00000869: - assume {:captureState "l00000869"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #20, Gamma_#20 := bvadd32(R0[32:0], 4294967291bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#20, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934588bv33))), (Gamma_R0 && Gamma_#20); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#20, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967292bv33))), (Gamma_R0 && Gamma_#20); - ZF, Gamma_ZF := bvcomp32(bvadd32(#20, 1bv32), 0bv32), Gamma_#20; - NF, Gamma_NF := bvadd32(#20, 1bv32)[32:31], Gamma_#20; - assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l00000869_goto_l00000891, l00000869_goto_l000005de; - l000008be: - assume {:captureState "l000008be"} true; - R30, Gamma_R30 := 2296bv64, true; - call sub_seven(); - goto l000008c5; - l00000891_goto_l000008b2: - assume {:captureState "l00000891_goto_l000008b2"} true; + goto l0000060f; + l0000060f_goto_l00000630: + assume {:captureState "l0000060f_goto_l00000630"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l000008b2; - l00000787: - assume {:captureState "l00000787"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #15, Gamma_#15 := bvadd32(R0[32:0], 4294967289bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#15, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934586bv33))), (Gamma_R0 && Gamma_#15); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#15, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967290bv33))), (Gamma_R0 && Gamma_#15); - ZF, Gamma_ZF := bvcomp32(bvadd32(#15, 1bv32), 0bv32), Gamma_#15; - NF, Gamma_NF := bvadd32(#15, 1bv32)[32:31], Gamma_#15; - assert Gamma_ZF; - goto l00000787_goto_l000007b4, l00000787_goto_l000007a8; - l000005de: - assume {:captureState "l000005de"} true; - R0, Gamma_R0 := 1bv64, true; - goto l000005c9; - l000007dc: - assume {:captureState "l000007dc"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #17, Gamma_#17 := bvadd32(R0[32:0], 4294967290bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#17, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934587bv33))), (Gamma_R0 && Gamma_#17); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#17, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967291bv33))), (Gamma_R0 && Gamma_#17); - ZF, Gamma_ZF := bvcomp32(bvadd32(#17, 1bv32), 0bv32), Gamma_#17; - NF, Gamma_NF := bvadd32(#17, 1bv32)[32:31], Gamma_#17; - assert Gamma_ZF; - goto l000007dc_goto_l000007fd, l000007dc_goto_l00000810; - l000006ff: - assume {:captureState "l000006ff"} true; - R30, Gamma_R30 := 2332bv64, true; - call add_six(); - goto l00000706; - l00000865: - assume {:captureState "l00000865"} true; - goto l000005b3; - l000008c9_goto_l000005de: - assume {:captureState "l000008c9_goto_l000005de"} true; + goto l00000630; + l0000060f_goto_l0000064a: + assume {:captureState "l0000060f_goto_l0000064a"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l0000064a; + l0000064a_goto_l000005de: + assume {:captureState "l0000064a_goto_l000005de"} true; assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); goto l000005de; - l000007b4_goto_l000007dc: - assume {:captureState "l000007b4_goto_l000007dc"} true; + l0000064a_goto_l00000672: + assume {:captureState "l0000064a_goto_l00000672"} true; assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); - goto l000007dc; - l000007b4_goto_l000005de: - assume {:captureState "l000007b4_goto_l000005de"} true; + goto l00000672; + l00000672_goto_l00000693: + assume {:captureState "l00000672_goto_l00000693"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l00000693; + l00000672_goto_l000006aa: + assume {:captureState "l00000672_goto_l000006aa"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l000006aa; + l000006aa_goto_l000005de: + assume {:captureState "l000006aa_goto_l000005de"} true; assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); goto l000005de; - l0000094a_goto_l00000982: - assume {:captureState "l0000094a_goto_l00000982"} true; + l000006aa_goto_l000006d2: + assume {:captureState "l000006aa_goto_l000006d2"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); + goto l000006d2; + l000006d2_goto_l000006f3: + assume {:captureState "l000006d2_goto_l000006f3"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l000006f3; + l000006d2_goto_l0000070a: + assume {:captureState "l000006d2_goto_l0000070a"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l00000982; - l0000069f: - assume {:captureState "l0000069f"} true; - R30, Gamma_R30 := 2344bv64, true; - call add_six(); - goto l000006a6; - l00000869_goto_l000005de: - assume {:captureState "l00000869_goto_l000005de"} true; + goto l0000070a; + l0000070a_goto_l000005de: + assume {:captureState "l0000070a_goto_l000005de"} true; assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); goto l000005de; - l00000706: - assume {:captureState "l00000706"} true; - goto l000005b3; - l00000672_goto_l000006aa: - assume {:captureState "l00000672_goto_l000006aa"} true; + l0000070a_goto_l00000732: + assume {:captureState "l0000070a_goto_l00000732"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); + goto l00000732; + l00000732_goto_l00000753: + assume {:captureState "l00000732_goto_l00000753"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l00000753; + l00000732_goto_l0000075f: + assume {:captureState "l00000732_goto_l0000075f"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l000006aa; - l0000075f: - assume {:captureState "l0000075f"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #14, Gamma_#14 := bvadd32(R0[32:0], 4294967288bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#14, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934585bv33))), (Gamma_R0 && Gamma_#14); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#14, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967289bv33))), (Gamma_R0 && Gamma_#14); - ZF, Gamma_ZF := bvcomp32(bvadd32(#14, 1bv32), 0bv32), Gamma_#14; - NF, Gamma_NF := bvadd32(#14, 1bv32)[32:31], Gamma_#14; - assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l0000075f_goto_l00000787, l0000075f_goto_l000005de; - l000008b2: - assume {:captureState "l000008b2"} true; - R30, Gamma_R30 := 2292bv64, true; - call add_two(); - goto l000008be; + goto l0000075f; + l0000075f_goto_l000005de: + assume {:captureState "l0000075f_goto_l000005de"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); + goto l000005de; + l0000075f_goto_l00000787: + assume {:captureState "l0000075f_goto_l00000787"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); + goto l00000787; l00000787_goto_l000007a8: assume {:captureState "l00000787_goto_l000007a8"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); goto l000007a8; - l0000063c: - assume {:captureState "l0000063c"} true; - R30, Gamma_R30 := 2356bv64, true; - call add_two(); - goto l00000643; - l000006d2_goto_l000006f3: - assume {:captureState "l000006d2_goto_l000006f3"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l000006f3; - l00000672_goto_l00000693: - assume {:captureState "l00000672_goto_l00000693"} true; + l00000787_goto_l000007b4: + assume {:captureState "l00000787_goto_l000007b4"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l000007b4; + l000007b4_goto_l000005de: + assume {:captureState "l000007b4_goto_l000005de"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); + goto l000005de; + l000007b4_goto_l000007dc: + assume {:captureState "l000007b4_goto_l000007dc"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); + goto l000007dc; + l000007dc_goto_l000007fd: + assume {:captureState "l000007dc_goto_l000007fd"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l00000693; - l00000693: - assume {:captureState "l00000693"} true; - R30, Gamma_R30 := 2340bv64, true; - call add_two(); - goto l0000069f; - l00000891: - assume {:captureState "l00000891"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #21, Gamma_#21 := bvadd32(R0[32:0], 4294967292bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#21, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934589bv33))), (Gamma_R0 && Gamma_#21); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#21, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967293bv33))), (Gamma_R0 && Gamma_#21); - ZF, Gamma_ZF := bvcomp32(bvadd32(#21, 1bv32), 0bv32), Gamma_#21; - NF, Gamma_NF := bvadd32(#21, 1bv32)[32:31], Gamma_#21; - assert Gamma_ZF; - goto l00000891_goto_l000008b2, l00000891_goto_l000008c9; - l0000060f_goto_l00000630: - assume {:captureState "l0000060f_goto_l00000630"} true; + goto l000007fd; + l000007dc_goto_l00000810: + assume {:captureState "l000007dc_goto_l00000810"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l00000810; + l00000810_goto_l000005de: + assume {:captureState "l00000810_goto_l000005de"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); + goto l000005de; + l00000810_goto_l00000838: + assume {:captureState "l00000810_goto_l00000838"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); + goto l00000838; + l00000838_goto_l00000859: + assume {:captureState "l00000838_goto_l00000859"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l00000630; - l0000091e: - assume {:captureState "l0000091e"} true; - goto l000005b3; + goto l00000859; l00000838_goto_l00000869: assume {:captureState "l00000838_goto_l00000869"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); goto l00000869; + l00000869_goto_l000005de: + assume {:captureState "l00000869_goto_l000005de"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); + goto l000005de; + l00000869_goto_l00000891: + assume {:captureState "l00000869_goto_l00000891"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); + goto l00000891; + l00000891_goto_l000008b2: + assume {:captureState "l00000891_goto_l000008b2"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l000008b2; + l00000891_goto_l000008c9: + assume {:captureState "l00000891_goto_l000008c9"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l000008c9; + l000008c9_goto_l000005de: + assume {:captureState "l000008c9_goto_l000005de"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); + goto l000005de; + l000008c9_goto_l000008f1: + assume {:captureState "l000008c9_goto_l000008f1"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); + goto l000008f1; l000008f1_goto_l00000912: assume {:captureState "l000008f1_goto_l00000912"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); goto l00000912; - l00000977: - assume {:captureState "l00000977"} true; - goto l000005b3; - l00000732: - assume {:captureState "l00000732"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #13, Gamma_#13 := bvadd32(R0[32:0], 4294967288bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#13, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934585bv33))), (Gamma_R0 && Gamma_#13); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#13, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967289bv33))), (Gamma_R0 && Gamma_#13); - ZF, Gamma_ZF := bvcomp32(bvadd32(#13, 1bv32), 0bv32), Gamma_#13; - NF, Gamma_NF := bvadd32(#13, 1bv32)[32:31], Gamma_#13; - assert Gamma_ZF; - goto l00000732_goto_l0000075f, l00000732_goto_l00000753; - l000006aa: - assume {:captureState "l000006aa"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #10, Gamma_#10 := bvadd32(R0[32:0], 4294967286bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#10, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934583bv33))), (Gamma_R0 && Gamma_#10); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#10, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967287bv33))), (Gamma_R0 && Gamma_#10); - ZF, Gamma_ZF := bvcomp32(bvadd32(#10, 1bv32), 0bv32), Gamma_#10; - NF, Gamma_NF := bvadd32(#10, 1bv32)[32:31], Gamma_#10; - assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l000006aa_goto_l000006d2, l000006aa_goto_l000005de; - l00000810: - assume {:captureState "l00000810"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #18, Gamma_#18 := bvadd32(R0[32:0], 4294967290bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#18, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934587bv33))), (Gamma_R0 && Gamma_#18); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#18, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967291bv33))), (Gamma_R0 && Gamma_#18); - ZF, Gamma_ZF := bvcomp32(bvadd32(#18, 1bv32), 0bv32), Gamma_#18; - NF, Gamma_NF := bvadd32(#18, 1bv32)[32:31], Gamma_#18; - assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l00000810_goto_l000005de, l00000810_goto_l00000838; - l0000064a: - assume {:captureState "l0000064a"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #8, Gamma_#8 := bvadd32(R0[32:0], 4294967285bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#8, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934582bv33))), (Gamma_R0 && Gamma_#8); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#8, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967286bv33))), (Gamma_R0 && Gamma_#8); - ZF, Gamma_ZF := bvcomp32(bvadd32(#8, 1bv32), 0bv32), Gamma_#8; - NF, Gamma_NF := bvadd32(#8, 1bv32)[32:31], Gamma_#8; - assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l0000064a_goto_l000005de, l0000064a_goto_l00000672; + l000008f1_goto_l00000922: + assume {:captureState "l000008f1_goto_l00000922"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l00000922; + l00000922_goto_l000005de: + assume {:captureState "l00000922_goto_l000005de"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); + goto l000005de; l00000922_goto_l0000094a: assume {:captureState "l00000922_goto_l0000094a"} true; assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); goto l0000094a; - l00000859: - assume {:captureState "l00000859"} true; - R30, Gamma_R30 := 2304bv64, true; - call add_six(); - goto l00000865; + l0000094a_goto_l0000096b: + assume {:captureState "l0000094a_goto_l0000096b"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l0000096b; + l0000094a_goto_l00000982: + assume {:captureState "l0000094a_goto_l00000982"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l00000982; + l00000982_goto_l0000097b: + assume {:captureState "l00000982_goto_l0000097b"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l0000097b; + l00000982_goto_l000009a8: + assume {:captureState "l00000982_goto_l000009a8"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l000009a8; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/malloc_with_local/clang/malloc_with_local.expected b/src/test/correct/malloc_with_local/clang/malloc_with_local.expected index c2dc98301..be981d714 100644 --- a/src/test/correct/malloc_with_local/clang/malloc_with_local.expected +++ b/src/test/correct/malloc_with_local/clang/malloc_with_local.expected @@ -194,14 +194,6 @@ implementation main() R30, Gamma_R30 := 2100bv64, true; call malloc(); goto l00000391; - l00000459: - assume {:captureState "l00000459"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, R31)), gamma_load32(Gamma_stack, R31); - #5, Gamma_#5 := bvadd64(R31, 32bv64), Gamma_R31; - R29, Gamma_R29 := memory_load64_le(stack, #5), gamma_load64(Gamma_stack, #5); - R30, Gamma_R30 := memory_load64_le(stack, bvadd64(#5, 8bv64)), gamma_load64(Gamma_stack, bvadd64(#5, 8bv64)); - R31, Gamma_R31 := bvadd64(R31, 48bv64), Gamma_R31; - goto main_return; l00000391: assume {:captureState "l00000391"} true; stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 16bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 16bv64), Gamma_R0); @@ -210,20 +202,6 @@ implementation main() R30, Gamma_R30 := 2112bv64, true; call malloc(); goto l000003a5; - l00000423: - assume {:captureState "l00000423"} true; - R1, Gamma_R1 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 4bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 4bv64)); - R0, Gamma_R0 := 0bv64, true; - R0, Gamma_R0 := bvadd64(R0, 2293bv64), Gamma_R0; - R30, Gamma_R30 := 2204bv64, true; - call printf(); - goto l0000043c; - l0000043c: - assume {:captureState "l0000043c"} true; - R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 16bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 16bv64)); - R30, Gamma_R30 := 2212bv64, true; - call #free(); - goto l0000044b; l000003a5: assume {:captureState "l000003a5"} true; stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 8bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 8bv64), Gamma_R0); @@ -261,12 +239,34 @@ implementation main() R30, Gamma_R30 := 2188bv64, true; call printf(); goto l00000423; + l00000423: + assume {:captureState "l00000423"} true; + R1, Gamma_R1 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 4bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 4bv64)); + R0, Gamma_R0 := 0bv64, true; + R0, Gamma_R0 := bvadd64(R0, 2293bv64), Gamma_R0; + R30, Gamma_R30 := 2204bv64, true; + call printf(); + goto l0000043c; + l0000043c: + assume {:captureState "l0000043c"} true; + R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 16bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 16bv64)); + R30, Gamma_R30 := 2212bv64, true; + call #free(); + goto l0000044b; l0000044b: assume {:captureState "l0000044b"} true; R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); R30, Gamma_R30 := 2220bv64, true; call #free(); goto l00000459; + l00000459: + assume {:captureState "l00000459"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, R31)), gamma_load32(Gamma_stack, R31); + #5, Gamma_#5 := bvadd64(R31, 32bv64), Gamma_R31; + R29, Gamma_R29 := memory_load64_le(stack, #5), gamma_load64(Gamma_stack, #5); + R30, Gamma_R30 := memory_load64_le(stack, bvadd64(#5, 8bv64)), gamma_load64(Gamma_stack, bvadd64(#5, 8bv64)); + R31, Gamma_R31 := bvadd64(R31, 48bv64), Gamma_R31; + goto main_return; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/malloc_with_local/clang_O2/malloc_with_local.expected b/src/test/correct/malloc_with_local/clang_O2/malloc_with_local.expected index 7d61d1e12..46b03d849 100644 --- a/src/test/correct/malloc_with_local/clang_O2/malloc_with_local.expected +++ b/src/test/correct/malloc_with_local/clang_O2/malloc_with_local.expected @@ -292,14 +292,6 @@ implementation main() R30, Gamma_R30 := 1900bv64, true; call printf(); goto l00000322; - l00000339: - assume {:captureState "l00000339"} true; - R0, Gamma_R0 := 0bv64, true; - R0, Gamma_R0 := bvadd64(R0, 2001bv64), Gamma_R0; - R1, Gamma_R1 := 10bv64, true; - R30, Gamma_R30 := 1932bv64, true; - call printf(); - goto l00000350; l00000322: assume {:captureState "l00000322"} true; R0, Gamma_R0 := 0bv64, true; @@ -308,6 +300,14 @@ implementation main() R30, Gamma_R30 := 1916bv64, true; call printf(); goto l00000339; + l00000339: + assume {:captureState "l00000339"} true; + R0, Gamma_R0 := 0bv64, true; + R0, Gamma_R0 := bvadd64(R0, 2001bv64), Gamma_R0; + R1, Gamma_R1 := 10bv64, true; + R30, Gamma_R30 := 1932bv64, true; + call printf(); + goto l00000350; l00000350: assume {:captureState "l00000350"} true; R0, Gamma_R0 := 0bv64, true; diff --git a/src/test/correct/malloc_with_local/clang_no_plt_no_pic/malloc_with_local.expected b/src/test/correct/malloc_with_local/clang_no_plt_no_pic/malloc_with_local.expected index 34759941b..7aa6ae708 100644 --- a/src/test/correct/malloc_with_local/clang_no_plt_no_pic/malloc_with_local.expected +++ b/src/test/correct/malloc_with_local/clang_no_plt_no_pic/malloc_with_local.expected @@ -194,6 +194,14 @@ implementation main() R30, Gamma_R30 := 2100bv64, true; call malloc(); goto l00000b03; + l00000b03: + assume {:captureState "l00000b03"} true; + stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 16bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 16bv64), Gamma_R0); + assume {:captureState "%00000b09"} true; + R0, Gamma_R0 := 4bv64, true; + R30, Gamma_R30 := 2112bv64, true; + call malloc(); + goto l00000b17; l00000b17: assume {:captureState "l00000b17"} true; stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 8bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 8bv64), Gamma_R0); @@ -221,6 +229,24 @@ implementation main() R30, Gamma_R30 := 2168bv64, true; call printf(); goto l00000b75; + l00000b75: + assume {:captureState "l00000b75"} true; + R8, Gamma_R8 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); + call rely(); + R1, Gamma_R1 := zero_extend32_32(memory_load32_le(mem, R8)), (gamma_load32(Gamma_mem, R8) || L(mem, R8)); + R0, Gamma_R0 := 0bv64, true; + R0, Gamma_R0 := bvadd64(R0, 2277bv64), Gamma_R0; + R30, Gamma_R30 := 2188bv64, true; + call printf(); + goto l00000b95; + l00000b95: + assume {:captureState "l00000b95"} true; + R1, Gamma_R1 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 4bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 4bv64)); + R0, Gamma_R0 := 0bv64, true; + R0, Gamma_R0 := bvadd64(R0, 2293bv64), Gamma_R0; + R30, Gamma_R30 := 2204bv64, true; + call printf(); + goto l00000bae; l00000bae: assume {:captureState "l00000bae"} true; R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 16bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 16bv64)); @@ -233,24 +259,6 @@ implementation main() R30, Gamma_R30 := 2220bv64, true; call #free(); goto l00000bcb; - l00000b03: - assume {:captureState "l00000b03"} true; - stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 16bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 16bv64), Gamma_R0); - assume {:captureState "%00000b09"} true; - R0, Gamma_R0 := 4bv64, true; - R30, Gamma_R30 := 2112bv64, true; - call malloc(); - goto l00000b17; - l00000b75: - assume {:captureState "l00000b75"} true; - R8, Gamma_R8 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); - call rely(); - R1, Gamma_R1 := zero_extend32_32(memory_load32_le(mem, R8)), (gamma_load32(Gamma_mem, R8) || L(mem, R8)); - R0, Gamma_R0 := 0bv64, true; - R0, Gamma_R0 := bvadd64(R0, 2277bv64), Gamma_R0; - R30, Gamma_R30 := 2188bv64, true; - call printf(); - goto l00000b95; l00000bcb: assume {:captureState "l00000bcb"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, R31)), gamma_load32(Gamma_stack, R31); @@ -259,14 +267,6 @@ implementation main() R30, Gamma_R30 := memory_load64_le(stack, bvadd64(#5, 8bv64)), gamma_load64(Gamma_stack, bvadd64(#5, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 48bv64), Gamma_R31; goto main_return; - l00000b95: - assume {:captureState "l00000b95"} true; - R1, Gamma_R1 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 4bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 4bv64)); - R0, Gamma_R0 := 0bv64, true; - R0, Gamma_R0 := bvadd64(R0, 2293bv64), Gamma_R0; - R30, Gamma_R30 := 2204bv64, true; - call printf(); - goto l00000bae; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/malloc_with_local/clang_pic/malloc_with_local.expected b/src/test/correct/malloc_with_local/clang_pic/malloc_with_local.expected index 34759941b..7aa6ae708 100644 --- a/src/test/correct/malloc_with_local/clang_pic/malloc_with_local.expected +++ b/src/test/correct/malloc_with_local/clang_pic/malloc_with_local.expected @@ -194,6 +194,14 @@ implementation main() R30, Gamma_R30 := 2100bv64, true; call malloc(); goto l00000b03; + l00000b03: + assume {:captureState "l00000b03"} true; + stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 16bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 16bv64), Gamma_R0); + assume {:captureState "%00000b09"} true; + R0, Gamma_R0 := 4bv64, true; + R30, Gamma_R30 := 2112bv64, true; + call malloc(); + goto l00000b17; l00000b17: assume {:captureState "l00000b17"} true; stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 8bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 8bv64), Gamma_R0); @@ -221,6 +229,24 @@ implementation main() R30, Gamma_R30 := 2168bv64, true; call printf(); goto l00000b75; + l00000b75: + assume {:captureState "l00000b75"} true; + R8, Gamma_R8 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); + call rely(); + R1, Gamma_R1 := zero_extend32_32(memory_load32_le(mem, R8)), (gamma_load32(Gamma_mem, R8) || L(mem, R8)); + R0, Gamma_R0 := 0bv64, true; + R0, Gamma_R0 := bvadd64(R0, 2277bv64), Gamma_R0; + R30, Gamma_R30 := 2188bv64, true; + call printf(); + goto l00000b95; + l00000b95: + assume {:captureState "l00000b95"} true; + R1, Gamma_R1 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 4bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 4bv64)); + R0, Gamma_R0 := 0bv64, true; + R0, Gamma_R0 := bvadd64(R0, 2293bv64), Gamma_R0; + R30, Gamma_R30 := 2204bv64, true; + call printf(); + goto l00000bae; l00000bae: assume {:captureState "l00000bae"} true; R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 16bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 16bv64)); @@ -233,24 +259,6 @@ implementation main() R30, Gamma_R30 := 2220bv64, true; call #free(); goto l00000bcb; - l00000b03: - assume {:captureState "l00000b03"} true; - stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 16bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 16bv64), Gamma_R0); - assume {:captureState "%00000b09"} true; - R0, Gamma_R0 := 4bv64, true; - R30, Gamma_R30 := 2112bv64, true; - call malloc(); - goto l00000b17; - l00000b75: - assume {:captureState "l00000b75"} true; - R8, Gamma_R8 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); - call rely(); - R1, Gamma_R1 := zero_extend32_32(memory_load32_le(mem, R8)), (gamma_load32(Gamma_mem, R8) || L(mem, R8)); - R0, Gamma_R0 := 0bv64, true; - R0, Gamma_R0 := bvadd64(R0, 2277bv64), Gamma_R0; - R30, Gamma_R30 := 2188bv64, true; - call printf(); - goto l00000b95; l00000bcb: assume {:captureState "l00000bcb"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, R31)), gamma_load32(Gamma_stack, R31); @@ -259,14 +267,6 @@ implementation main() R30, Gamma_R30 := memory_load64_le(stack, bvadd64(#5, 8bv64)), gamma_load64(Gamma_stack, bvadd64(#5, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 48bv64), Gamma_R31; goto main_return; - l00000b95: - assume {:captureState "l00000b95"} true; - R1, Gamma_R1 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 4bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 4bv64)); - R0, Gamma_R0 := 0bv64, true; - R0, Gamma_R0 := bvadd64(R0, 2293bv64), Gamma_R0; - R30, Gamma_R30 := 2204bv64, true; - call printf(); - goto l00000bae; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/malloc_with_local/gcc/malloc_with_local.expected b/src/test/correct/malloc_with_local/gcc/malloc_with_local.expected index fc96c6f38..daa46eab2 100644 --- a/src/test/correct/malloc_with_local/gcc/malloc_with_local.expected +++ b/src/test/correct/malloc_with_local/gcc/malloc_with_local.expected @@ -518,44 +518,6 @@ implementation main() R30, Gamma_R30 := 2084bv64, true; call malloc(); goto l0000036f; - l0000040d: - assume {:captureState "l0000040d"} true; - R1, Gamma_R1 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - R0, Gamma_R0 := 0bv64, true; - R0, Gamma_R0 := bvadd64(R0, 2296bv64), Gamma_R0; - R30, Gamma_R30 := 2196bv64, true; - call printf(); - goto l00000426; - l00000426: - assume {:captureState "l00000426"} true; - R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 32bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 32bv64)); - R30, Gamma_R30 := 2204bv64, true; - call #free(); - goto l00000435; - l000003e7: - assume {:captureState "l000003e7"} true; - R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 40bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 40bv64)); - call rely(); - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, R0)), (gamma_load32(Gamma_mem, R0) || L(mem, R0)); - R1, Gamma_R1 := zero_extend32_32(R0[32:0]), Gamma_R0; - R0, Gamma_R0 := 0bv64, true; - R0, Gamma_R0 := bvadd64(R0, 2280bv64), Gamma_R0; - R30, Gamma_R30 := 2180bv64, true; - call printf(); - goto l0000040d; - l00000435: - assume {:captureState "l00000435"} true; - R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 40bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 40bv64)); - R30, Gamma_R30 := 2212bv64, true; - call #free(); - goto l00000443; - l00000443: - assume {:captureState "l00000443"} true; - R0, Gamma_R0 := 0bv64, true; - R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); - R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); - R31, Gamma_R31 := bvadd64(R31, 48bv64), Gamma_R31; - goto main_return; l0000036f: assume {:captureState "l0000036f"} true; stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 32bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 32bv64), Gamma_R0); @@ -592,6 +554,44 @@ implementation main() R30, Gamma_R30 := 2156bv64, true; call printf(); goto l000003e7; + l000003e7: + assume {:captureState "l000003e7"} true; + R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 40bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 40bv64)); + call rely(); + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, R0)), (gamma_load32(Gamma_mem, R0) || L(mem, R0)); + R1, Gamma_R1 := zero_extend32_32(R0[32:0]), Gamma_R0; + R0, Gamma_R0 := 0bv64, true; + R0, Gamma_R0 := bvadd64(R0, 2280bv64), Gamma_R0; + R30, Gamma_R30 := 2180bv64, true; + call printf(); + goto l0000040d; + l0000040d: + assume {:captureState "l0000040d"} true; + R1, Gamma_R1 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + R0, Gamma_R0 := 0bv64, true; + R0, Gamma_R0 := bvadd64(R0, 2296bv64), Gamma_R0; + R30, Gamma_R30 := 2196bv64, true; + call printf(); + goto l00000426; + l00000426: + assume {:captureState "l00000426"} true; + R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 32bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 32bv64)); + R30, Gamma_R30 := 2204bv64, true; + call #free(); + goto l00000435; + l00000435: + assume {:captureState "l00000435"} true; + R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 40bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 40bv64)); + R30, Gamma_R30 := 2212bv64, true; + call #free(); + goto l00000443; + l00000443: + assume {:captureState "l00000443"} true; + R0, Gamma_R0 := 0bv64, true; + R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); + R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); + R31, Gamma_R31 := bvadd64(R31, 48bv64), Gamma_R31; + goto main_return; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/malloc_with_local/gcc_O2/malloc_with_local.expected b/src/test/correct/malloc_with_local/gcc_O2/malloc_with_local.expected index fc15a0663..cba7a5afe 100644 --- a/src/test/correct/malloc_with_local/gcc_O2/malloc_with_local.expected +++ b/src/test/correct/malloc_with_local/gcc_O2/malloc_with_local.expected @@ -489,13 +489,6 @@ implementation main() R30, Gamma_R30 := 1692bv64, true; call __printf_chk(); goto l00000221; - l00000259: - assume {:captureState "l00000259"} true; - R0, Gamma_R0 := 0bv64, true; - R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); - R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); - R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; - goto main_return; l00000221: assume {:captureState "l00000221"} true; R2, Gamma_R2 := 42bv64, true; @@ -514,6 +507,13 @@ implementation main() R30, Gamma_R30 := 1732bv64, true; call __printf_chk(); goto l00000259; + l00000259: + assume {:captureState "l00000259"} true; + R0, Gamma_R0 := 0bv64, true; + R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); + R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); + R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/malloc_with_local/gcc_no_plt_no_pic/malloc_with_local.expected b/src/test/correct/malloc_with_local/gcc_no_plt_no_pic/malloc_with_local.expected index 51d161454..19839c24c 100644 --- a/src/test/correct/malloc_with_local/gcc_no_plt_no_pic/malloc_with_local.expected +++ b/src/test/correct/malloc_with_local/gcc_no_plt_no_pic/malloc_with_local.expected @@ -518,6 +518,42 @@ implementation main() R30, Gamma_R30 := 2084bv64, true; call malloc(); goto l00000ac0; + l00000ac0: + assume {:captureState "l00000ac0"} true; + stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 32bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 32bv64), Gamma_R0); + assume {:captureState "%00000ac6"} true; + R0, Gamma_R0 := 4bv64, true; + R30, Gamma_R30 := 2096bv64, true; + call malloc(); + goto l00000ad4; + l00000ad4: + assume {:captureState "l00000ad4"} true; + stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 40bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 40bv64), Gamma_R0); + assume {:captureState "%00000ada"} true; + R0, Gamma_R0 := 10bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 28bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 28bv64), Gamma_R0); + assume {:captureState "%00000ae7"} true; + R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 32bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 32bv64)); + R1, Gamma_R1 := 65bv64, true; + call rely(); + assert (L(mem, R0) ==> Gamma_R1); + mem, Gamma_mem := memory_store8_le(mem, R0, R1[8:0]), gamma_store8(Gamma_mem, R0, Gamma_R1); + assume {:captureState "%00000afb"} true; + R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 40bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 40bv64)); + R1, Gamma_R1 := 42bv64, true; + call rely(); + assert (L(mem, R0) ==> Gamma_R1); + mem, Gamma_mem := memory_store32_le(mem, R0, R1[32:0]), gamma_store32(Gamma_mem, R0, Gamma_R1); + assume {:captureState "%00000b0f"} true; + R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 32bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 32bv64)); + call rely(); + R0, Gamma_R0 := zero_extend56_8(memory_load8_le(mem, R0)), (gamma_load8(Gamma_mem, R0) || L(mem, R0)); + R1, Gamma_R1 := zero_extend32_32(R0[32:0]), Gamma_R0; + R0, Gamma_R0 := 0bv64, true; + R0, Gamma_R0 := bvadd64(R0, 2256bv64), Gamma_R0; + R30, Gamma_R30 := 2156bv64, true; + call printf(); + goto l00000b38; l00000b38: assume {:captureState "l00000b38"} true; R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 40bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 40bv64)); @@ -549,42 +585,6 @@ implementation main() R30, Gamma_R30 := 2212bv64, true; call #free(); goto l00000b94; - l00000ad4: - assume {:captureState "l00000ad4"} true; - stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 40bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 40bv64), Gamma_R0); - assume {:captureState "%00000ada"} true; - R0, Gamma_R0 := 10bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 28bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 28bv64), Gamma_R0); - assume {:captureState "%00000ae7"} true; - R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 32bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 32bv64)); - R1, Gamma_R1 := 65bv64, true; - call rely(); - assert (L(mem, R0) ==> Gamma_R1); - mem, Gamma_mem := memory_store8_le(mem, R0, R1[8:0]), gamma_store8(Gamma_mem, R0, Gamma_R1); - assume {:captureState "%00000afb"} true; - R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 40bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 40bv64)); - R1, Gamma_R1 := 42bv64, true; - call rely(); - assert (L(mem, R0) ==> Gamma_R1); - mem, Gamma_mem := memory_store32_le(mem, R0, R1[32:0]), gamma_store32(Gamma_mem, R0, Gamma_R1); - assume {:captureState "%00000b0f"} true; - R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 32bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 32bv64)); - call rely(); - R0, Gamma_R0 := zero_extend56_8(memory_load8_le(mem, R0)), (gamma_load8(Gamma_mem, R0) || L(mem, R0)); - R1, Gamma_R1 := zero_extend32_32(R0[32:0]), Gamma_R0; - R0, Gamma_R0 := 0bv64, true; - R0, Gamma_R0 := bvadd64(R0, 2256bv64), Gamma_R0; - R30, Gamma_R30 := 2156bv64, true; - call printf(); - goto l00000b38; - l00000ac0: - assume {:captureState "l00000ac0"} true; - stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 32bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 32bv64), Gamma_R0); - assume {:captureState "%00000ac6"} true; - R0, Gamma_R0 := 4bv64, true; - R30, Gamma_R30 := 2096bv64, true; - call malloc(); - goto l00000ad4; l00000b94: assume {:captureState "l00000b94"} true; R0, Gamma_R0 := 0bv64, true; diff --git a/src/test/correct/malloc_with_local/gcc_pic/malloc_with_local.expected b/src/test/correct/malloc_with_local/gcc_pic/malloc_with_local.expected index 51d161454..19839c24c 100644 --- a/src/test/correct/malloc_with_local/gcc_pic/malloc_with_local.expected +++ b/src/test/correct/malloc_with_local/gcc_pic/malloc_with_local.expected @@ -518,6 +518,42 @@ implementation main() R30, Gamma_R30 := 2084bv64, true; call malloc(); goto l00000ac0; + l00000ac0: + assume {:captureState "l00000ac0"} true; + stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 32bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 32bv64), Gamma_R0); + assume {:captureState "%00000ac6"} true; + R0, Gamma_R0 := 4bv64, true; + R30, Gamma_R30 := 2096bv64, true; + call malloc(); + goto l00000ad4; + l00000ad4: + assume {:captureState "l00000ad4"} true; + stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 40bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 40bv64), Gamma_R0); + assume {:captureState "%00000ada"} true; + R0, Gamma_R0 := 10bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 28bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 28bv64), Gamma_R0); + assume {:captureState "%00000ae7"} true; + R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 32bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 32bv64)); + R1, Gamma_R1 := 65bv64, true; + call rely(); + assert (L(mem, R0) ==> Gamma_R1); + mem, Gamma_mem := memory_store8_le(mem, R0, R1[8:0]), gamma_store8(Gamma_mem, R0, Gamma_R1); + assume {:captureState "%00000afb"} true; + R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 40bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 40bv64)); + R1, Gamma_R1 := 42bv64, true; + call rely(); + assert (L(mem, R0) ==> Gamma_R1); + mem, Gamma_mem := memory_store32_le(mem, R0, R1[32:0]), gamma_store32(Gamma_mem, R0, Gamma_R1); + assume {:captureState "%00000b0f"} true; + R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 32bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 32bv64)); + call rely(); + R0, Gamma_R0 := zero_extend56_8(memory_load8_le(mem, R0)), (gamma_load8(Gamma_mem, R0) || L(mem, R0)); + R1, Gamma_R1 := zero_extend32_32(R0[32:0]), Gamma_R0; + R0, Gamma_R0 := 0bv64, true; + R0, Gamma_R0 := bvadd64(R0, 2256bv64), Gamma_R0; + R30, Gamma_R30 := 2156bv64, true; + call printf(); + goto l00000b38; l00000b38: assume {:captureState "l00000b38"} true; R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 40bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 40bv64)); @@ -549,42 +585,6 @@ implementation main() R30, Gamma_R30 := 2212bv64, true; call #free(); goto l00000b94; - l00000ad4: - assume {:captureState "l00000ad4"} true; - stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 40bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 40bv64), Gamma_R0); - assume {:captureState "%00000ada"} true; - R0, Gamma_R0 := 10bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 28bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 28bv64), Gamma_R0); - assume {:captureState "%00000ae7"} true; - R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 32bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 32bv64)); - R1, Gamma_R1 := 65bv64, true; - call rely(); - assert (L(mem, R0) ==> Gamma_R1); - mem, Gamma_mem := memory_store8_le(mem, R0, R1[8:0]), gamma_store8(Gamma_mem, R0, Gamma_R1); - assume {:captureState "%00000afb"} true; - R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 40bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 40bv64)); - R1, Gamma_R1 := 42bv64, true; - call rely(); - assert (L(mem, R0) ==> Gamma_R1); - mem, Gamma_mem := memory_store32_le(mem, R0, R1[32:0]), gamma_store32(Gamma_mem, R0, Gamma_R1); - assume {:captureState "%00000b0f"} true; - R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 32bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 32bv64)); - call rely(); - R0, Gamma_R0 := zero_extend56_8(memory_load8_le(mem, R0)), (gamma_load8(Gamma_mem, R0) || L(mem, R0)); - R1, Gamma_R1 := zero_extend32_32(R0[32:0]), Gamma_R0; - R0, Gamma_R0 := 0bv64, true; - R0, Gamma_R0 := bvadd64(R0, 2256bv64), Gamma_R0; - R30, Gamma_R30 := 2156bv64, true; - call printf(); - goto l00000b38; - l00000ac0: - assume {:captureState "l00000ac0"} true; - stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 32bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 32bv64), Gamma_R0); - assume {:captureState "%00000ac6"} true; - R0, Gamma_R0 := 4bv64, true; - R30, Gamma_R30 := 2096bv64, true; - call malloc(); - goto l00000ad4; l00000b94: assume {:captureState "l00000b94"} true; R0, Gamma_R0 := 0bv64, true; diff --git a/src/test/correct/malloc_with_local2/clang/malloc_with_local2.expected b/src/test/correct/malloc_with_local2/clang/malloc_with_local2.expected index fab3b47a8..1c428d9f4 100644 --- a/src/test/correct/malloc_with_local2/clang/malloc_with_local2.expected +++ b/src/test/correct/malloc_with_local2/clang/malloc_with_local2.expected @@ -474,6 +474,31 @@ implementation main() R30, Gamma_R30 := 2100bv64, true; call malloc(); goto l000003b5; + l000003b5: + assume {:captureState "l000003b5"} true; + stack, Gamma_stack := memory_store64_le(stack, bvadd64(R29, 18446744073709551600bv64), R0), gamma_store64(Gamma_stack, bvadd64(R29, 18446744073709551600bv64), Gamma_R0); + assume {:captureState "%000003bb"} true; + R8, Gamma_R8 := 11bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R29, 18446744073709551596bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R29, 18446744073709551596bv64), Gamma_R8); + assume {:captureState "%000003c8"} true; + R0, Gamma_R0 := 4bv64, true; + stack, Gamma_stack := memory_store64_le(stack, R31, R0), gamma_store64(Gamma_stack, R31, Gamma_R0); + assume {:captureState "%000003d5"} true; + R30, Gamma_R30 := 2124bv64, true; + call malloc(); + goto l000003de; + l000003de: + assume {:captureState "l000003de"} true; + R8, Gamma_R8 := R0, Gamma_R0; + R0, Gamma_R0 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); + stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 32bv64), R8), gamma_store64(Gamma_stack, bvadd64(R31, 32bv64), Gamma_R8); + assume {:captureState "%000003f1"} true; + R8, Gamma_R8 := 10bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 28bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 28bv64), Gamma_R8); + assume {:captureState "%000003fe"} true; + R30, Gamma_R30 := 2148bv64, true; + call malloc(); + goto l00000407; l00000407: assume {:captureState "l00000407"} true; stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 16bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 16bv64), Gamma_R0); @@ -501,45 +526,16 @@ implementation main() R30, Gamma_R30 := 2204bv64, true; call printf(); goto l00000465; - l000003de: - assume {:captureState "l000003de"} true; - R8, Gamma_R8 := R0, Gamma_R0; - R0, Gamma_R0 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); - stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 32bv64), R8), gamma_store64(Gamma_stack, bvadd64(R31, 32bv64), Gamma_R8); - assume {:captureState "%000003f1"} true; - R8, Gamma_R8 := 10bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 28bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 28bv64), Gamma_R8); - assume {:captureState "%000003fe"} true; - R30, Gamma_R30 := 2148bv64, true; - call malloc(); - goto l00000407; - l000004ad: - assume {:captureState "l000004ad"} true; - R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 32bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 32bv64)); - R30, Gamma_R30 := 2256bv64, true; - call #free(); - goto l000004bb; - l000004bb: - assume {:captureState "l000004bb"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); - #5, Gamma_#5 := bvadd64(R31, 64bv64), Gamma_R31; - R29, Gamma_R29 := memory_load64_le(stack, #5), gamma_load64(Gamma_stack, #5); - R30, Gamma_R30 := memory_load64_le(stack, bvadd64(#5, 8bv64)), gamma_load64(Gamma_stack, bvadd64(#5, 8bv64)); - R31, Gamma_R31 := bvadd64(R31, 80bv64), Gamma_R31; - goto main_return; - l000003b5: - assume {:captureState "l000003b5"} true; - stack, Gamma_stack := memory_store64_le(stack, bvadd64(R29, 18446744073709551600bv64), R0), gamma_store64(Gamma_stack, bvadd64(R29, 18446744073709551600bv64), Gamma_R0); - assume {:captureState "%000003bb"} true; - R8, Gamma_R8 := 11bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R29, 18446744073709551596bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R29, 18446744073709551596bv64), Gamma_R8); - assume {:captureState "%000003c8"} true; - R0, Gamma_R0 := 4bv64, true; - stack, Gamma_stack := memory_store64_le(stack, R31, R0), gamma_store64(Gamma_stack, R31, Gamma_R0); - assume {:captureState "%000003d5"} true; - R30, Gamma_R30 := 2124bv64, true; - call malloc(); - goto l000003de; + l00000465: + assume {:captureState "l00000465"} true; + R8, Gamma_R8 := memory_load64_le(stack, bvadd64(R31, 32bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 32bv64)); + call rely(); + R1, Gamma_R1 := zero_extend32_32(memory_load32_le(mem, R8)), (gamma_load32(Gamma_mem, R8) || L(mem, R8)); + R0, Gamma_R0 := 0bv64, true; + R0, Gamma_R0 := bvadd64(R0, 2313bv64), Gamma_R0; + R30, Gamma_R30 := 2224bv64, true; + call printf(); + goto l00000485; l00000485: assume {:captureState "l00000485"} true; R1, Gamma_R1 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -554,16 +550,20 @@ implementation main() R30, Gamma_R30 := 2248bv64, true; call #free(); goto l000004ad; - l00000465: - assume {:captureState "l00000465"} true; - R8, Gamma_R8 := memory_load64_le(stack, bvadd64(R31, 32bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 32bv64)); - call rely(); - R1, Gamma_R1 := zero_extend32_32(memory_load32_le(mem, R8)), (gamma_load32(Gamma_mem, R8) || L(mem, R8)); - R0, Gamma_R0 := 0bv64, true; - R0, Gamma_R0 := bvadd64(R0, 2313bv64), Gamma_R0; - R30, Gamma_R30 := 2224bv64, true; - call printf(); - goto l00000485; + l000004ad: + assume {:captureState "l000004ad"} true; + R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 32bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 32bv64)); + R30, Gamma_R30 := 2256bv64, true; + call #free(); + goto l000004bb; + l000004bb: + assume {:captureState "l000004bb"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); + #5, Gamma_#5 := bvadd64(R31, 64bv64), Gamma_R31; + R29, Gamma_R29 := memory_load64_le(stack, #5), gamma_load64(Gamma_stack, #5); + R30, Gamma_R30 := memory_load64_le(stack, bvadd64(#5, 8bv64)), gamma_load64(Gamma_stack, bvadd64(#5, 8bv64)); + R31, Gamma_R31 := bvadd64(R31, 80bv64), Gamma_R31; + goto main_return; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/malloc_with_local2/clang_O2/malloc_with_local2.expected b/src/test/correct/malloc_with_local2/clang_O2/malloc_with_local2.expected index 7d61d1e12..46b03d849 100644 --- a/src/test/correct/malloc_with_local2/clang_O2/malloc_with_local2.expected +++ b/src/test/correct/malloc_with_local2/clang_O2/malloc_with_local2.expected @@ -292,14 +292,6 @@ implementation main() R30, Gamma_R30 := 1900bv64, true; call printf(); goto l00000322; - l00000339: - assume {:captureState "l00000339"} true; - R0, Gamma_R0 := 0bv64, true; - R0, Gamma_R0 := bvadd64(R0, 2001bv64), Gamma_R0; - R1, Gamma_R1 := 10bv64, true; - R30, Gamma_R30 := 1932bv64, true; - call printf(); - goto l00000350; l00000322: assume {:captureState "l00000322"} true; R0, Gamma_R0 := 0bv64, true; @@ -308,6 +300,14 @@ implementation main() R30, Gamma_R30 := 1916bv64, true; call printf(); goto l00000339; + l00000339: + assume {:captureState "l00000339"} true; + R0, Gamma_R0 := 0bv64, true; + R0, Gamma_R0 := bvadd64(R0, 2001bv64), Gamma_R0; + R1, Gamma_R1 := 10bv64, true; + R30, Gamma_R30 := 1932bv64, true; + call printf(); + goto l00000350; l00000350: assume {:captureState "l00000350"} true; R0, Gamma_R0 := 0bv64, true; diff --git a/src/test/correct/malloc_with_local2/clang_no_plt_no_pic/malloc_with_local2.expected b/src/test/correct/malloc_with_local2/clang_no_plt_no_pic/malloc_with_local2.expected index 5c26651e0..a1deac2aa 100644 --- a/src/test/correct/malloc_with_local2/clang_no_plt_no_pic/malloc_with_local2.expected +++ b/src/test/correct/malloc_with_local2/clang_no_plt_no_pic/malloc_with_local2.expected @@ -499,14 +499,6 @@ implementation main() R30, Gamma_R30 := 2148bv64, true; call malloc(); goto l00000be4; - l00000c98: - assume {:captureState "l00000c98"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); - #5, Gamma_#5 := bvadd64(R31, 64bv64), Gamma_R31; - R29, Gamma_R29 := memory_load64_le(stack, #5), gamma_load64(Gamma_stack, #5); - R30, Gamma_R30 := memory_load64_le(stack, bvadd64(#5, 8bv64)), gamma_load64(Gamma_stack, bvadd64(#5, 8bv64)); - R31, Gamma_R31 := bvadd64(R31, 80bv64), Gamma_R31; - goto main_return; l00000be4: assume {:captureState "l00000be4"} true; stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 16bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 16bv64), Gamma_R0); @@ -544,12 +536,6 @@ implementation main() R30, Gamma_R30 := 2224bv64, true; call printf(); goto l00000c62; - l00000c7b: - assume {:captureState "l00000c7b"} true; - R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R29, 18446744073709551600bv64)), gamma_load64(Gamma_stack, bvadd64(R29, 18446744073709551600bv64)); - R30, Gamma_R30 := 2248bv64, true; - call #free(); - goto l00000c8a; l00000c62: assume {:captureState "l00000c62"} true; R1, Gamma_R1 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -558,12 +544,26 @@ implementation main() R30, Gamma_R30 := 2240bv64, true; call printf(); goto l00000c7b; + l00000c7b: + assume {:captureState "l00000c7b"} true; + R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R29, 18446744073709551600bv64)), gamma_load64(Gamma_stack, bvadd64(R29, 18446744073709551600bv64)); + R30, Gamma_R30 := 2248bv64, true; + call #free(); + goto l00000c8a; l00000c8a: assume {:captureState "l00000c8a"} true; R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 32bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 32bv64)); R30, Gamma_R30 := 2256bv64, true; call #free(); goto l00000c98; + l00000c98: + assume {:captureState "l00000c98"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); + #5, Gamma_#5 := bvadd64(R31, 64bv64), Gamma_R31; + R29, Gamma_R29 := memory_load64_le(stack, #5), gamma_load64(Gamma_stack, #5); + R30, Gamma_R30 := memory_load64_le(stack, bvadd64(#5, 8bv64)), gamma_load64(Gamma_stack, bvadd64(#5, 8bv64)); + R31, Gamma_R31 := bvadd64(R31, 80bv64), Gamma_R31; + goto main_return; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/malloc_with_local2/clang_pic/malloc_with_local2.expected b/src/test/correct/malloc_with_local2/clang_pic/malloc_with_local2.expected index 5c26651e0..a1deac2aa 100644 --- a/src/test/correct/malloc_with_local2/clang_pic/malloc_with_local2.expected +++ b/src/test/correct/malloc_with_local2/clang_pic/malloc_with_local2.expected @@ -499,14 +499,6 @@ implementation main() R30, Gamma_R30 := 2148bv64, true; call malloc(); goto l00000be4; - l00000c98: - assume {:captureState "l00000c98"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); - #5, Gamma_#5 := bvadd64(R31, 64bv64), Gamma_R31; - R29, Gamma_R29 := memory_load64_le(stack, #5), gamma_load64(Gamma_stack, #5); - R30, Gamma_R30 := memory_load64_le(stack, bvadd64(#5, 8bv64)), gamma_load64(Gamma_stack, bvadd64(#5, 8bv64)); - R31, Gamma_R31 := bvadd64(R31, 80bv64), Gamma_R31; - goto main_return; l00000be4: assume {:captureState "l00000be4"} true; stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 16bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 16bv64), Gamma_R0); @@ -544,12 +536,6 @@ implementation main() R30, Gamma_R30 := 2224bv64, true; call printf(); goto l00000c62; - l00000c7b: - assume {:captureState "l00000c7b"} true; - R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R29, 18446744073709551600bv64)), gamma_load64(Gamma_stack, bvadd64(R29, 18446744073709551600bv64)); - R30, Gamma_R30 := 2248bv64, true; - call #free(); - goto l00000c8a; l00000c62: assume {:captureState "l00000c62"} true; R1, Gamma_R1 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -558,12 +544,26 @@ implementation main() R30, Gamma_R30 := 2240bv64, true; call printf(); goto l00000c7b; + l00000c7b: + assume {:captureState "l00000c7b"} true; + R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R29, 18446744073709551600bv64)), gamma_load64(Gamma_stack, bvadd64(R29, 18446744073709551600bv64)); + R30, Gamma_R30 := 2248bv64, true; + call #free(); + goto l00000c8a; l00000c8a: assume {:captureState "l00000c8a"} true; R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 32bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 32bv64)); R30, Gamma_R30 := 2256bv64, true; call #free(); goto l00000c98; + l00000c98: + assume {:captureState "l00000c98"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); + #5, Gamma_#5 := bvadd64(R31, 64bv64), Gamma_R31; + R29, Gamma_R29 := memory_load64_le(stack, #5), gamma_load64(Gamma_stack, #5); + R30, Gamma_R30 := memory_load64_le(stack, bvadd64(#5, 8bv64)), gamma_load64(Gamma_stack, bvadd64(#5, 8bv64)); + R31, Gamma_R31 := bvadd64(R31, 80bv64), Gamma_R31; + goto main_return; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/malloc_with_local2/gcc/malloc_with_local2.expected b/src/test/correct/malloc_with_local2/gcc/malloc_with_local2.expected index a79507cc7..82732088f 100644 --- a/src/test/correct/malloc_with_local2/gcc/malloc_with_local2.expected +++ b/src/test/correct/malloc_with_local2/gcc/malloc_with_local2.expected @@ -518,6 +518,17 @@ implementation main() R30, Gamma_R30 := 2084bv64, true; call malloc(); goto l0000038b; + l0000038b: + assume {:captureState "l0000038b"} true; + stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 40bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 40bv64), Gamma_R0); + assume {:captureState "%00000391"} true; + R0, Gamma_R0 := 11bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 28bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 28bv64), Gamma_R0); + assume {:captureState "%0000039e"} true; + R0, Gamma_R0 := 4bv64, true; + R30, Gamma_R30 := 2104bv64, true; + call malloc(); + goto l000003ac; l000003ac: assume {:captureState "l000003ac"} true; stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 48bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 48bv64), Gamma_R0); @@ -557,27 +568,6 @@ implementation main() R30, Gamma_R30 := 2184bv64, true; call printf(); goto l00000431; - l00000457: - assume {:captureState "l00000457"} true; - R1, Gamma_R1 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 32bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 32bv64)); - R0, Gamma_R0 := 0bv64, true; - R0, Gamma_R0 := bvadd64(R0, 2320bv64), Gamma_R0; - R30, Gamma_R30 := 2224bv64, true; - call printf(); - goto l00000470; - l0000048d: - assume {:captureState "l0000048d"} true; - R0, Gamma_R0 := 0bv64, true; - R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); - R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); - R31, Gamma_R31 := bvadd64(R31, 64bv64), Gamma_R31; - goto main_return; - l0000047f: - assume {:captureState "l0000047f"} true; - R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 48bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 48bv64)); - R30, Gamma_R30 := 2240bv64, true; - call #free(); - goto l0000048d; l00000431: assume {:captureState "l00000431"} true; R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 48bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 48bv64)); @@ -589,23 +579,33 @@ implementation main() R30, Gamma_R30 := 2208bv64, true; call printf(); goto l00000457; + l00000457: + assume {:captureState "l00000457"} true; + R1, Gamma_R1 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 32bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 32bv64)); + R0, Gamma_R0 := 0bv64, true; + R0, Gamma_R0 := bvadd64(R0, 2320bv64), Gamma_R0; + R30, Gamma_R30 := 2224bv64, true; + call printf(); + goto l00000470; l00000470: assume {:captureState "l00000470"} true; R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 40bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 40bv64)); R30, Gamma_R30 := 2232bv64, true; call #free(); goto l0000047f; - l0000038b: - assume {:captureState "l0000038b"} true; - stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 40bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 40bv64), Gamma_R0); - assume {:captureState "%00000391"} true; - R0, Gamma_R0 := 11bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 28bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 28bv64), Gamma_R0); - assume {:captureState "%0000039e"} true; - R0, Gamma_R0 := 4bv64, true; - R30, Gamma_R30 := 2104bv64, true; - call malloc(); - goto l000003ac; + l0000047f: + assume {:captureState "l0000047f"} true; + R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 48bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 48bv64)); + R30, Gamma_R30 := 2240bv64, true; + call #free(); + goto l0000048d; + l0000048d: + assume {:captureState "l0000048d"} true; + R0, Gamma_R0 := 0bv64, true; + R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); + R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); + R31, Gamma_R31 := bvadd64(R31, 64bv64), Gamma_R31; + goto main_return; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/malloc_with_local2/gcc_O2/malloc_with_local2.expected b/src/test/correct/malloc_with_local2/gcc_O2/malloc_with_local2.expected index fc15a0663..cba7a5afe 100644 --- a/src/test/correct/malloc_with_local2/gcc_O2/malloc_with_local2.expected +++ b/src/test/correct/malloc_with_local2/gcc_O2/malloc_with_local2.expected @@ -489,13 +489,6 @@ implementation main() R30, Gamma_R30 := 1692bv64, true; call __printf_chk(); goto l00000221; - l00000259: - assume {:captureState "l00000259"} true; - R0, Gamma_R0 := 0bv64, true; - R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); - R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); - R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; - goto main_return; l00000221: assume {:captureState "l00000221"} true; R2, Gamma_R2 := 42bv64, true; @@ -514,6 +507,13 @@ implementation main() R30, Gamma_R30 := 1732bv64, true; call __printf_chk(); goto l00000259; + l00000259: + assume {:captureState "l00000259"} true; + R0, Gamma_R0 := 0bv64, true; + R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); + R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); + R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/malloc_with_local2/gcc_no_plt_no_pic/malloc_with_local2.expected b/src/test/correct/malloc_with_local2/gcc_no_plt_no_pic/malloc_with_local2.expected index fabc4d890..caf08c32d 100644 --- a/src/test/correct/malloc_with_local2/gcc_no_plt_no_pic/malloc_with_local2.expected +++ b/src/test/correct/malloc_with_local2/gcc_no_plt_no_pic/malloc_with_local2.expected @@ -518,19 +518,6 @@ implementation main() R30, Gamma_R30 := 2084bv64, true; call malloc(); goto l00000b2d; - l00000c2f: - assume {:captureState "l00000c2f"} true; - R0, Gamma_R0 := 0bv64, true; - R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); - R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); - R31, Gamma_R31 := bvadd64(R31, 64bv64), Gamma_R31; - goto main_return; - l00000c12: - assume {:captureState "l00000c12"} true; - R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 40bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 40bv64)); - R30, Gamma_R30 := 2232bv64, true; - call #free(); - goto l00000c21; l00000b2d: assume {:captureState "l00000b2d"} true; stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 40bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 40bv64), Gamma_R0); @@ -542,20 +529,17 @@ implementation main() R30, Gamma_R30 := 2104bv64, true; call malloc(); goto l00000b4e; - l00000bf9: - assume {:captureState "l00000bf9"} true; - R1, Gamma_R1 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 32bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 32bv64)); - R0, Gamma_R0 := 0bv64, true; - R0, Gamma_R0 := bvadd64(R0, 2320bv64), Gamma_R0; - R30, Gamma_R30 := 2224bv64, true; - call printf(); - goto l00000c12; - l00000c21: - assume {:captureState "l00000c21"} true; - R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 48bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 48bv64)); - R30, Gamma_R30 := 2240bv64, true; - call #free(); - goto l00000c2f; + l00000b4e: + assume {:captureState "l00000b4e"} true; + stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 48bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 48bv64), Gamma_R0); + assume {:captureState "%00000b54"} true; + R0, Gamma_R0 := 10bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 32bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 32bv64), Gamma_R0); + assume {:captureState "%00000b61"} true; + R0, Gamma_R0 := 4bv64, true; + R30, Gamma_R30 := 2124bv64, true; + call malloc(); + goto l00000b6f; l00000b6f: assume {:captureState "l00000b6f"} true; stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 56bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 56bv64), Gamma_R0); @@ -584,17 +568,6 @@ implementation main() R30, Gamma_R30 := 2184bv64, true; call printf(); goto l00000bd3; - l00000b4e: - assume {:captureState "l00000b4e"} true; - stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 48bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 48bv64), Gamma_R0); - assume {:captureState "%00000b54"} true; - R0, Gamma_R0 := 10bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 32bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 32bv64), Gamma_R0); - assume {:captureState "%00000b61"} true; - R0, Gamma_R0 := 4bv64, true; - R30, Gamma_R30 := 2124bv64, true; - call malloc(); - goto l00000b6f; l00000bd3: assume {:captureState "l00000bd3"} true; R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 48bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 48bv64)); @@ -606,6 +579,33 @@ implementation main() R30, Gamma_R30 := 2208bv64, true; call printf(); goto l00000bf9; + l00000bf9: + assume {:captureState "l00000bf9"} true; + R1, Gamma_R1 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 32bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 32bv64)); + R0, Gamma_R0 := 0bv64, true; + R0, Gamma_R0 := bvadd64(R0, 2320bv64), Gamma_R0; + R30, Gamma_R30 := 2224bv64, true; + call printf(); + goto l00000c12; + l00000c12: + assume {:captureState "l00000c12"} true; + R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 40bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 40bv64)); + R30, Gamma_R30 := 2232bv64, true; + call #free(); + goto l00000c21; + l00000c21: + assume {:captureState "l00000c21"} true; + R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 48bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 48bv64)); + R30, Gamma_R30 := 2240bv64, true; + call #free(); + goto l00000c2f; + l00000c2f: + assume {:captureState "l00000c2f"} true; + R0, Gamma_R0 := 0bv64, true; + R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); + R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); + R31, Gamma_R31 := bvadd64(R31, 64bv64), Gamma_R31; + goto main_return; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/malloc_with_local2/gcc_pic/malloc_with_local2.expected b/src/test/correct/malloc_with_local2/gcc_pic/malloc_with_local2.expected index fabc4d890..caf08c32d 100644 --- a/src/test/correct/malloc_with_local2/gcc_pic/malloc_with_local2.expected +++ b/src/test/correct/malloc_with_local2/gcc_pic/malloc_with_local2.expected @@ -518,19 +518,6 @@ implementation main() R30, Gamma_R30 := 2084bv64, true; call malloc(); goto l00000b2d; - l00000c2f: - assume {:captureState "l00000c2f"} true; - R0, Gamma_R0 := 0bv64, true; - R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); - R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); - R31, Gamma_R31 := bvadd64(R31, 64bv64), Gamma_R31; - goto main_return; - l00000c12: - assume {:captureState "l00000c12"} true; - R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 40bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 40bv64)); - R30, Gamma_R30 := 2232bv64, true; - call #free(); - goto l00000c21; l00000b2d: assume {:captureState "l00000b2d"} true; stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 40bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 40bv64), Gamma_R0); @@ -542,20 +529,17 @@ implementation main() R30, Gamma_R30 := 2104bv64, true; call malloc(); goto l00000b4e; - l00000bf9: - assume {:captureState "l00000bf9"} true; - R1, Gamma_R1 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 32bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 32bv64)); - R0, Gamma_R0 := 0bv64, true; - R0, Gamma_R0 := bvadd64(R0, 2320bv64), Gamma_R0; - R30, Gamma_R30 := 2224bv64, true; - call printf(); - goto l00000c12; - l00000c21: - assume {:captureState "l00000c21"} true; - R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 48bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 48bv64)); - R30, Gamma_R30 := 2240bv64, true; - call #free(); - goto l00000c2f; + l00000b4e: + assume {:captureState "l00000b4e"} true; + stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 48bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 48bv64), Gamma_R0); + assume {:captureState "%00000b54"} true; + R0, Gamma_R0 := 10bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 32bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 32bv64), Gamma_R0); + assume {:captureState "%00000b61"} true; + R0, Gamma_R0 := 4bv64, true; + R30, Gamma_R30 := 2124bv64, true; + call malloc(); + goto l00000b6f; l00000b6f: assume {:captureState "l00000b6f"} true; stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 56bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 56bv64), Gamma_R0); @@ -584,17 +568,6 @@ implementation main() R30, Gamma_R30 := 2184bv64, true; call printf(); goto l00000bd3; - l00000b4e: - assume {:captureState "l00000b4e"} true; - stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 48bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 48bv64), Gamma_R0); - assume {:captureState "%00000b54"} true; - R0, Gamma_R0 := 10bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 32bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 32bv64), Gamma_R0); - assume {:captureState "%00000b61"} true; - R0, Gamma_R0 := 4bv64, true; - R30, Gamma_R30 := 2124bv64, true; - call malloc(); - goto l00000b6f; l00000bd3: assume {:captureState "l00000bd3"} true; R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 48bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 48bv64)); @@ -606,6 +579,33 @@ implementation main() R30, Gamma_R30 := 2208bv64, true; call printf(); goto l00000bf9; + l00000bf9: + assume {:captureState "l00000bf9"} true; + R1, Gamma_R1 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 32bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 32bv64)); + R0, Gamma_R0 := 0bv64, true; + R0, Gamma_R0 := bvadd64(R0, 2320bv64), Gamma_R0; + R30, Gamma_R30 := 2224bv64, true; + call printf(); + goto l00000c12; + l00000c12: + assume {:captureState "l00000c12"} true; + R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 40bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 40bv64)); + R30, Gamma_R30 := 2232bv64, true; + call #free(); + goto l00000c21; + l00000c21: + assume {:captureState "l00000c21"} true; + R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 48bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 48bv64)); + R30, Gamma_R30 := 2240bv64, true; + call #free(); + goto l00000c2f; + l00000c2f: + assume {:captureState "l00000c2f"} true; + R0, Gamma_R0 := 0bv64, true; + R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); + R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); + R31, Gamma_R31 := bvadd64(R31, 64bv64), Gamma_R31; + goto main_return; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/malloc_with_local3/clang/malloc_with_local3.expected b/src/test/correct/malloc_with_local3/clang/malloc_with_local3.expected index 1e3a9fe73..9dd908e25 100644 --- a/src/test/correct/malloc_with_local3/clang/malloc_with_local3.expected +++ b/src/test/correct/malloc_with_local3/clang/malloc_with_local3.expected @@ -505,34 +505,6 @@ implementation main() R30, Gamma_R30 := 2100bv64, true; call malloc(); goto l000003e9; - l00000504: - assume {:captureState "l00000504"} true; - R8, Gamma_R8 := memory_load64_le(stack, bvadd64(R31, 32bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 32bv64)); - call rely(); - R1, Gamma_R1 := zero_extend32_32(memory_load32_le(mem, R8)), (gamma_load32(Gamma_mem, R8) || L(mem, R8)); - R0, Gamma_R0 := 0bv64, true; - R0, Gamma_R0 := bvadd64(R0, 2348bv64), Gamma_R0; - R30, Gamma_R30 := 2212bv64, true; - call printf(); - goto l00000524; - l00000412: - assume {:captureState "l00000412"} true; - R8, Gamma_R8 := R0, Gamma_R0; - R0, Gamma_R0 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); - stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 32bv64), R8), gamma_store64(Gamma_stack, bvadd64(R31, 32bv64), Gamma_R8); - assume {:captureState "%00000425"} true; - R8, Gamma_R8 := 10bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 28bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 28bv64), Gamma_R8); - assume {:captureState "%00000432"} true; - R30, Gamma_R30 := 2148bv64, true; - call malloc(); - goto l0000043b; - l0000054c: - assume {:captureState "l0000054c"} true; - R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 32bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 32bv64)); - R30, Gamma_R30 := 2244bv64, true; - call #free(); - goto l0000055a; l000003e9: assume {:captureState "l000003e9"} true; stack, Gamma_stack := memory_store64_le(stack, bvadd64(R29, 18446744073709551600bv64), R0), gamma_store64(Gamma_stack, bvadd64(R29, 18446744073709551600bv64), Gamma_R0); @@ -546,28 +518,18 @@ implementation main() R30, Gamma_R30 := 2124bv64, true; call malloc(); goto l00000412; - l00000524: - assume {:captureState "l00000524"} true; - R1, Gamma_R1 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - R0, Gamma_R0 := 0bv64, true; - R0, Gamma_R0 := bvadd64(R0, 2364bv64), Gamma_R0; - R30, Gamma_R30 := 2228bv64, true; - call printf(); - goto l0000053d; - l0000053d: - assume {:captureState "l0000053d"} true; - R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R29, 18446744073709551600bv64)), gamma_load64(Gamma_stack, bvadd64(R29, 18446744073709551600bv64)); - R30, Gamma_R30 := 2236bv64, true; - call #free(); - goto l0000054c; - l0000055a: - assume {:captureState "l0000055a"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); - #7, Gamma_#7 := bvadd64(R31, 64bv64), Gamma_R31; - R29, Gamma_R29 := memory_load64_le(stack, #7), gamma_load64(Gamma_stack, #7); - R30, Gamma_R30 := memory_load64_le(stack, bvadd64(#7, 8bv64)), gamma_load64(Gamma_stack, bvadd64(#7, 8bv64)); - R31, Gamma_R31 := bvadd64(R31, 80bv64), Gamma_R31; - goto main_return; + l00000412: + assume {:captureState "l00000412"} true; + R8, Gamma_R8 := R0, Gamma_R0; + R0, Gamma_R0 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); + stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 32bv64), R8), gamma_store64(Gamma_stack, bvadd64(R31, 32bv64), Gamma_R8); + assume {:captureState "%00000425"} true; + R8, Gamma_R8 := 10bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 28bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 28bv64), Gamma_R8); + assume {:captureState "%00000432"} true; + R30, Gamma_R30 := 2148bv64, true; + call malloc(); + goto l0000043b; l0000043b: assume {:captureState "l0000043b"} true; stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 16bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 16bv64), Gamma_R0); @@ -591,6 +553,44 @@ implementation main() R30, Gamma_R30 := 2192bv64, true; call printCharValue(); goto l00000504; + l00000504: + assume {:captureState "l00000504"} true; + R8, Gamma_R8 := memory_load64_le(stack, bvadd64(R31, 32bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 32bv64)); + call rely(); + R1, Gamma_R1 := zero_extend32_32(memory_load32_le(mem, R8)), (gamma_load32(Gamma_mem, R8) || L(mem, R8)); + R0, Gamma_R0 := 0bv64, true; + R0, Gamma_R0 := bvadd64(R0, 2348bv64), Gamma_R0; + R30, Gamma_R30 := 2212bv64, true; + call printf(); + goto l00000524; + l00000524: + assume {:captureState "l00000524"} true; + R1, Gamma_R1 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + R0, Gamma_R0 := 0bv64, true; + R0, Gamma_R0 := bvadd64(R0, 2364bv64), Gamma_R0; + R30, Gamma_R30 := 2228bv64, true; + call printf(); + goto l0000053d; + l0000053d: + assume {:captureState "l0000053d"} true; + R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R29, 18446744073709551600bv64)), gamma_load64(Gamma_stack, bvadd64(R29, 18446744073709551600bv64)); + R30, Gamma_R30 := 2236bv64, true; + call #free(); + goto l0000054c; + l0000054c: + assume {:captureState "l0000054c"} true; + R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 32bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 32bv64)); + R30, Gamma_R30 := 2244bv64, true; + call #free(); + goto l0000055a; + l0000055a: + assume {:captureState "l0000055a"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); + #7, Gamma_#7 := bvadd64(R31, 64bv64), Gamma_R31; + R29, Gamma_R29 := memory_load64_le(stack, #7), gamma_load64(Gamma_stack, #7); + R30, Gamma_R30 := memory_load64_le(stack, bvadd64(#7, 8bv64)), gamma_load64(Gamma_stack, bvadd64(#7, 8bv64)); + R31, Gamma_R31 := bvadd64(R31, 80bv64), Gamma_R31; + goto main_return; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/malloc_with_local3/clang_O2/malloc_with_local3.expected b/src/test/correct/malloc_with_local3/clang_O2/malloc_with_local3.expected index 538a447cd..320644b92 100644 --- a/src/test/correct/malloc_with_local3/clang_O2/malloc_with_local3.expected +++ b/src/test/correct/malloc_with_local3/clang_O2/malloc_with_local3.expected @@ -310,14 +310,6 @@ implementation main() R30, Gamma_R30 := 1900bv64, true; call printf(); goto l00000342; - l00000359: - assume {:captureState "l00000359"} true; - R0, Gamma_R0 := 0bv64, true; - R0, Gamma_R0 := bvadd64(R0, 2016bv64), Gamma_R0; - R1, Gamma_R1 := 10bv64, true; - R30, Gamma_R30 := 1932bv64, true; - call printf(); - goto l00000370; l00000342: assume {:captureState "l00000342"} true; R0, Gamma_R0 := 0bv64, true; @@ -326,6 +318,14 @@ implementation main() R30, Gamma_R30 := 1916bv64, true; call printf(); goto l00000359; + l00000359: + assume {:captureState "l00000359"} true; + R0, Gamma_R0 := 0bv64, true; + R0, Gamma_R0 := bvadd64(R0, 2016bv64), Gamma_R0; + R1, Gamma_R1 := 10bv64, true; + R30, Gamma_R30 := 1932bv64, true; + call printf(); + goto l00000370; l00000370: assume {:captureState "l00000370"} true; R0, Gamma_R0 := 0bv64, true; diff --git a/src/test/correct/malloc_with_local3/clang_no_plt_no_pic/malloc_with_local3.expected b/src/test/correct/malloc_with_local3/clang_no_plt_no_pic/malloc_with_local3.expected index 78a4bebf0..2ae525952 100644 --- a/src/test/correct/malloc_with_local3/clang_no_plt_no_pic/malloc_with_local3.expected +++ b/src/test/correct/malloc_with_local3/clang_no_plt_no_pic/malloc_with_local3.expected @@ -505,20 +505,31 @@ implementation main() R30, Gamma_R30 := 2100bv64, true; call malloc(); goto l00000c74; - l00000daf: - assume {:captureState "l00000daf"} true; - R1, Gamma_R1 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - R0, Gamma_R0 := 0bv64, true; - R0, Gamma_R0 := bvadd64(R0, 2364bv64), Gamma_R0; - R30, Gamma_R30 := 2228bv64, true; - call printf(); - goto l00000dc8; - l00000dc8: - assume {:captureState "l00000dc8"} true; - R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R29, 18446744073709551600bv64)), gamma_load64(Gamma_stack, bvadd64(R29, 18446744073709551600bv64)); - R30, Gamma_R30 := 2236bv64, true; - call #free(); - goto l00000dd7; + l00000c74: + assume {:captureState "l00000c74"} true; + stack, Gamma_stack := memory_store64_le(stack, bvadd64(R29, 18446744073709551600bv64), R0), gamma_store64(Gamma_stack, bvadd64(R29, 18446744073709551600bv64), Gamma_R0); + assume {:captureState "%00000c7a"} true; + R8, Gamma_R8 := 11bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R29, 18446744073709551596bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R29, 18446744073709551596bv64), Gamma_R8); + assume {:captureState "%00000c87"} true; + R0, Gamma_R0 := 4bv64, true; + stack, Gamma_stack := memory_store64_le(stack, R31, R0), gamma_store64(Gamma_stack, R31, Gamma_R0); + assume {:captureState "%00000c94"} true; + R30, Gamma_R30 := 2124bv64, true; + call malloc(); + goto l00000c9d; + l00000c9d: + assume {:captureState "l00000c9d"} true; + R8, Gamma_R8 := R0, Gamma_R0; + R0, Gamma_R0 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); + stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 32bv64), R8), gamma_store64(Gamma_stack, bvadd64(R31, 32bv64), Gamma_R8); + assume {:captureState "%00000cb0"} true; + R8, Gamma_R8 := 10bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 28bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 28bv64), Gamma_R8); + assume {:captureState "%00000cbd"} true; + R30, Gamma_R30 := 2148bv64, true; + call malloc(); + goto l00000cc6; l00000cc6: assume {:captureState "l00000cc6"} true; stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 16bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 16bv64), Gamma_R0); @@ -542,6 +553,30 @@ implementation main() R30, Gamma_R30 := 2192bv64, true; call printCharValue(); goto l00000d8f; + l00000d8f: + assume {:captureState "l00000d8f"} true; + R8, Gamma_R8 := memory_load64_le(stack, bvadd64(R31, 32bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 32bv64)); + call rely(); + R1, Gamma_R1 := zero_extend32_32(memory_load32_le(mem, R8)), (gamma_load32(Gamma_mem, R8) || L(mem, R8)); + R0, Gamma_R0 := 0bv64, true; + R0, Gamma_R0 := bvadd64(R0, 2348bv64), Gamma_R0; + R30, Gamma_R30 := 2212bv64, true; + call printf(); + goto l00000daf; + l00000daf: + assume {:captureState "l00000daf"} true; + R1, Gamma_R1 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + R0, Gamma_R0 := 0bv64, true; + R0, Gamma_R0 := bvadd64(R0, 2364bv64), Gamma_R0; + R30, Gamma_R30 := 2228bv64, true; + call printf(); + goto l00000dc8; + l00000dc8: + assume {:captureState "l00000dc8"} true; + R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R29, 18446744073709551600bv64)), gamma_load64(Gamma_stack, bvadd64(R29, 18446744073709551600bv64)); + R30, Gamma_R30 := 2236bv64, true; + call #free(); + goto l00000dd7; l00000dd7: assume {:captureState "l00000dd7"} true; R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 32bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 32bv64)); @@ -556,41 +591,6 @@ implementation main() R30, Gamma_R30 := memory_load64_le(stack, bvadd64(#7, 8bv64)), gamma_load64(Gamma_stack, bvadd64(#7, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 80bv64), Gamma_R31; goto main_return; - l00000d8f: - assume {:captureState "l00000d8f"} true; - R8, Gamma_R8 := memory_load64_le(stack, bvadd64(R31, 32bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 32bv64)); - call rely(); - R1, Gamma_R1 := zero_extend32_32(memory_load32_le(mem, R8)), (gamma_load32(Gamma_mem, R8) || L(mem, R8)); - R0, Gamma_R0 := 0bv64, true; - R0, Gamma_R0 := bvadd64(R0, 2348bv64), Gamma_R0; - R30, Gamma_R30 := 2212bv64, true; - call printf(); - goto l00000daf; - l00000c74: - assume {:captureState "l00000c74"} true; - stack, Gamma_stack := memory_store64_le(stack, bvadd64(R29, 18446744073709551600bv64), R0), gamma_store64(Gamma_stack, bvadd64(R29, 18446744073709551600bv64), Gamma_R0); - assume {:captureState "%00000c7a"} true; - R8, Gamma_R8 := 11bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R29, 18446744073709551596bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R29, 18446744073709551596bv64), Gamma_R8); - assume {:captureState "%00000c87"} true; - R0, Gamma_R0 := 4bv64, true; - stack, Gamma_stack := memory_store64_le(stack, R31, R0), gamma_store64(Gamma_stack, R31, Gamma_R0); - assume {:captureState "%00000c94"} true; - R30, Gamma_R30 := 2124bv64, true; - call malloc(); - goto l00000c9d; - l00000c9d: - assume {:captureState "l00000c9d"} true; - R8, Gamma_R8 := R0, Gamma_R0; - R0, Gamma_R0 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); - stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 32bv64), R8), gamma_store64(Gamma_stack, bvadd64(R31, 32bv64), Gamma_R8); - assume {:captureState "%00000cb0"} true; - R8, Gamma_R8 := 10bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 28bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 28bv64), Gamma_R8); - assume {:captureState "%00000cbd"} true; - R30, Gamma_R30 := 2148bv64, true; - call malloc(); - goto l00000cc6; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/malloc_with_local3/clang_pic/malloc_with_local3.expected b/src/test/correct/malloc_with_local3/clang_pic/malloc_with_local3.expected index 78a4bebf0..2ae525952 100644 --- a/src/test/correct/malloc_with_local3/clang_pic/malloc_with_local3.expected +++ b/src/test/correct/malloc_with_local3/clang_pic/malloc_with_local3.expected @@ -505,20 +505,31 @@ implementation main() R30, Gamma_R30 := 2100bv64, true; call malloc(); goto l00000c74; - l00000daf: - assume {:captureState "l00000daf"} true; - R1, Gamma_R1 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - R0, Gamma_R0 := 0bv64, true; - R0, Gamma_R0 := bvadd64(R0, 2364bv64), Gamma_R0; - R30, Gamma_R30 := 2228bv64, true; - call printf(); - goto l00000dc8; - l00000dc8: - assume {:captureState "l00000dc8"} true; - R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R29, 18446744073709551600bv64)), gamma_load64(Gamma_stack, bvadd64(R29, 18446744073709551600bv64)); - R30, Gamma_R30 := 2236bv64, true; - call #free(); - goto l00000dd7; + l00000c74: + assume {:captureState "l00000c74"} true; + stack, Gamma_stack := memory_store64_le(stack, bvadd64(R29, 18446744073709551600bv64), R0), gamma_store64(Gamma_stack, bvadd64(R29, 18446744073709551600bv64), Gamma_R0); + assume {:captureState "%00000c7a"} true; + R8, Gamma_R8 := 11bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R29, 18446744073709551596bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R29, 18446744073709551596bv64), Gamma_R8); + assume {:captureState "%00000c87"} true; + R0, Gamma_R0 := 4bv64, true; + stack, Gamma_stack := memory_store64_le(stack, R31, R0), gamma_store64(Gamma_stack, R31, Gamma_R0); + assume {:captureState "%00000c94"} true; + R30, Gamma_R30 := 2124bv64, true; + call malloc(); + goto l00000c9d; + l00000c9d: + assume {:captureState "l00000c9d"} true; + R8, Gamma_R8 := R0, Gamma_R0; + R0, Gamma_R0 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); + stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 32bv64), R8), gamma_store64(Gamma_stack, bvadd64(R31, 32bv64), Gamma_R8); + assume {:captureState "%00000cb0"} true; + R8, Gamma_R8 := 10bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 28bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 28bv64), Gamma_R8); + assume {:captureState "%00000cbd"} true; + R30, Gamma_R30 := 2148bv64, true; + call malloc(); + goto l00000cc6; l00000cc6: assume {:captureState "l00000cc6"} true; stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 16bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 16bv64), Gamma_R0); @@ -542,6 +553,30 @@ implementation main() R30, Gamma_R30 := 2192bv64, true; call printCharValue(); goto l00000d8f; + l00000d8f: + assume {:captureState "l00000d8f"} true; + R8, Gamma_R8 := memory_load64_le(stack, bvadd64(R31, 32bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 32bv64)); + call rely(); + R1, Gamma_R1 := zero_extend32_32(memory_load32_le(mem, R8)), (gamma_load32(Gamma_mem, R8) || L(mem, R8)); + R0, Gamma_R0 := 0bv64, true; + R0, Gamma_R0 := bvadd64(R0, 2348bv64), Gamma_R0; + R30, Gamma_R30 := 2212bv64, true; + call printf(); + goto l00000daf; + l00000daf: + assume {:captureState "l00000daf"} true; + R1, Gamma_R1 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + R0, Gamma_R0 := 0bv64, true; + R0, Gamma_R0 := bvadd64(R0, 2364bv64), Gamma_R0; + R30, Gamma_R30 := 2228bv64, true; + call printf(); + goto l00000dc8; + l00000dc8: + assume {:captureState "l00000dc8"} true; + R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R29, 18446744073709551600bv64)), gamma_load64(Gamma_stack, bvadd64(R29, 18446744073709551600bv64)); + R30, Gamma_R30 := 2236bv64, true; + call #free(); + goto l00000dd7; l00000dd7: assume {:captureState "l00000dd7"} true; R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 32bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 32bv64)); @@ -556,41 +591,6 @@ implementation main() R30, Gamma_R30 := memory_load64_le(stack, bvadd64(#7, 8bv64)), gamma_load64(Gamma_stack, bvadd64(#7, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 80bv64), Gamma_R31; goto main_return; - l00000d8f: - assume {:captureState "l00000d8f"} true; - R8, Gamma_R8 := memory_load64_le(stack, bvadd64(R31, 32bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 32bv64)); - call rely(); - R1, Gamma_R1 := zero_extend32_32(memory_load32_le(mem, R8)), (gamma_load32(Gamma_mem, R8) || L(mem, R8)); - R0, Gamma_R0 := 0bv64, true; - R0, Gamma_R0 := bvadd64(R0, 2348bv64), Gamma_R0; - R30, Gamma_R30 := 2212bv64, true; - call printf(); - goto l00000daf; - l00000c74: - assume {:captureState "l00000c74"} true; - stack, Gamma_stack := memory_store64_le(stack, bvadd64(R29, 18446744073709551600bv64), R0), gamma_store64(Gamma_stack, bvadd64(R29, 18446744073709551600bv64), Gamma_R0); - assume {:captureState "%00000c7a"} true; - R8, Gamma_R8 := 11bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R29, 18446744073709551596bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R29, 18446744073709551596bv64), Gamma_R8); - assume {:captureState "%00000c87"} true; - R0, Gamma_R0 := 4bv64, true; - stack, Gamma_stack := memory_store64_le(stack, R31, R0), gamma_store64(Gamma_stack, R31, Gamma_R0); - assume {:captureState "%00000c94"} true; - R30, Gamma_R30 := 2124bv64, true; - call malloc(); - goto l00000c9d; - l00000c9d: - assume {:captureState "l00000c9d"} true; - R8, Gamma_R8 := R0, Gamma_R0; - R0, Gamma_R0 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); - stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 32bv64), R8), gamma_store64(Gamma_stack, bvadd64(R31, 32bv64), Gamma_R8); - assume {:captureState "%00000cb0"} true; - R8, Gamma_R8 := 10bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 28bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 28bv64), Gamma_R8); - assume {:captureState "%00000cbd"} true; - R30, Gamma_R30 := 2148bv64, true; - call malloc(); - goto l00000cc6; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/malloc_with_local3/gcc/malloc_with_local3.expected b/src/test/correct/malloc_with_local3/gcc/malloc_with_local3.expected index 92b59ee60..559ff51fc 100644 --- a/src/test/correct/malloc_with_local3/gcc/malloc_with_local3.expected +++ b/src/test/correct/malloc_with_local3/gcc/malloc_with_local3.expected @@ -539,13 +539,28 @@ implementation main() R30, Gamma_R30 := 2084bv64, true; call malloc(); goto l000003c3; - l00000537: - assume {:captureState "l00000537"} true; - R0, Gamma_R0 := 0bv64, true; - R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); - R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); - R31, Gamma_R31 := bvadd64(R31, 64bv64), Gamma_R31; - goto main_return; + l000003c3: + assume {:captureState "l000003c3"} true; + stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 40bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 40bv64), Gamma_R0); + assume {:captureState "%000003c9"} true; + R0, Gamma_R0 := 11bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 28bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 28bv64), Gamma_R0); + assume {:captureState "%000003d6"} true; + R0, Gamma_R0 := 4bv64, true; + R30, Gamma_R30 := 2104bv64, true; + call malloc(); + goto l000003e4; + l000003e4: + assume {:captureState "l000003e4"} true; + stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 48bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 48bv64), Gamma_R0); + assume {:captureState "%000003ea"} true; + R0, Gamma_R0 := 10bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 32bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 32bv64), Gamma_R0); + assume {:captureState "%000003f7"} true; + R0, Gamma_R0 := 4bv64, true; + R30, Gamma_R30 := 2124bv64, true; + call malloc(); + goto l00000405; l00000405: assume {:captureState "l00000405"} true; stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 56bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 56bv64), Gamma_R0); @@ -569,20 +584,6 @@ implementation main() R30, Gamma_R30 := 2168bv64, true; call printCharValue(); goto l000004db; - l0000051a: - assume {:captureState "l0000051a"} true; - R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 40bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 40bv64)); - R30, Gamma_R30 := 2216bv64, true; - call #free(); - goto l00000529; - l00000501: - assume {:captureState "l00000501"} true; - R1, Gamma_R1 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 32bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 32bv64)); - R0, Gamma_R0 := 0bv64, true; - R0, Gamma_R0 := bvadd64(R0, 2352bv64), Gamma_R0; - R30, Gamma_R30 := 2208bv64, true; - call printf(); - goto l0000051a; l000004db: assume {:captureState "l000004db"} true; R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 48bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 48bv64)); @@ -594,34 +595,33 @@ implementation main() R30, Gamma_R30 := 2192bv64, true; call printf(); goto l00000501; - l000003c3: - assume {:captureState "l000003c3"} true; - stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 40bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 40bv64), Gamma_R0); - assume {:captureState "%000003c9"} true; - R0, Gamma_R0 := 11bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 28bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 28bv64), Gamma_R0); - assume {:captureState "%000003d6"} true; - R0, Gamma_R0 := 4bv64, true; - R30, Gamma_R30 := 2104bv64, true; - call malloc(); - goto l000003e4; - l000003e4: - assume {:captureState "l000003e4"} true; - stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 48bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 48bv64), Gamma_R0); - assume {:captureState "%000003ea"} true; - R0, Gamma_R0 := 10bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 32bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 32bv64), Gamma_R0); - assume {:captureState "%000003f7"} true; - R0, Gamma_R0 := 4bv64, true; - R30, Gamma_R30 := 2124bv64, true; - call malloc(); - goto l00000405; + l00000501: + assume {:captureState "l00000501"} true; + R1, Gamma_R1 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 32bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 32bv64)); + R0, Gamma_R0 := 0bv64, true; + R0, Gamma_R0 := bvadd64(R0, 2352bv64), Gamma_R0; + R30, Gamma_R30 := 2208bv64, true; + call printf(); + goto l0000051a; + l0000051a: + assume {:captureState "l0000051a"} true; + R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 40bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 40bv64)); + R30, Gamma_R30 := 2216bv64, true; + call #free(); + goto l00000529; l00000529: assume {:captureState "l00000529"} true; R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 48bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 48bv64)); R30, Gamma_R30 := 2224bv64, true; call #free(); goto l00000537; + l00000537: + assume {:captureState "l00000537"} true; + R0, Gamma_R0 := 0bv64, true; + R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); + R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); + R31, Gamma_R31 := bvadd64(R31, 64bv64), Gamma_R31; + goto main_return; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/malloc_with_local3/gcc_O2/malloc_with_local3.expected b/src/test/correct/malloc_with_local3/gcc_O2/malloc_with_local3.expected index 357bee1a5..1cc0ccc6e 100644 --- a/src/test/correct/malloc_with_local3/gcc_O2/malloc_with_local3.expected +++ b/src/test/correct/malloc_with_local3/gcc_O2/malloc_with_local3.expected @@ -674,15 +674,6 @@ implementation main() R30, Gamma_R30 := 1812bv64, true; call malloc(); goto l00000249; - l0000029a: - assume {:captureState "l0000029a"} true; - R2, Gamma_R2 := 42bv64, true; - R1, Gamma_R1 := 0bv64, true; - R0, Gamma_R0 := 1bv64, true; - R1, Gamma_R1 := bvadd64(R1, 2296bv64), Gamma_R1; - R30, Gamma_R30 := 1848bv64, true; - call __printf_chk(); - goto l000002b6; l00000249: assume {:captureState "l00000249"} true; R1, Gamma_R1 := 65bv64, true; @@ -694,6 +685,15 @@ implementation main() R30, Gamma_R30 := 1828bv64, true; call printCharValue(); goto l0000029a; + l0000029a: + assume {:captureState "l0000029a"} true; + R2, Gamma_R2 := 42bv64, true; + R1, Gamma_R1 := 0bv64, true; + R0, Gamma_R0 := 1bv64, true; + R1, Gamma_R1 := bvadd64(R1, 2296bv64), Gamma_R1; + R30, Gamma_R30 := 1848bv64, true; + call __printf_chk(); + goto l000002b6; l000002b6: assume {:captureState "l000002b6"} true; R1, Gamma_R1 := 0bv64, true; diff --git a/src/test/correct/malloc_with_local3/gcc_no_plt_no_pic/malloc_with_local3.expected b/src/test/correct/malloc_with_local3/gcc_no_plt_no_pic/malloc_with_local3.expected index 7e672a002..0c8e610fc 100644 --- a/src/test/correct/malloc_with_local3/gcc_no_plt_no_pic/malloc_with_local3.expected +++ b/src/test/correct/malloc_with_local3/gcc_no_plt_no_pic/malloc_with_local3.expected @@ -550,6 +550,40 @@ implementation main() R30, Gamma_R30 := 2104bv64, true; call malloc(); goto l00000c40; + l00000c40: + assume {:captureState "l00000c40"} true; + stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 48bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 48bv64), Gamma_R0); + assume {:captureState "%00000c46"} true; + R0, Gamma_R0 := 10bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 32bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 32bv64), Gamma_R0); + assume {:captureState "%00000c53"} true; + R0, Gamma_R0 := 4bv64, true; + R30, Gamma_R30 := 2124bv64, true; + call malloc(); + goto l00000c61; + l00000c61: + assume {:captureState "l00000c61"} true; + stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 56bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 56bv64), Gamma_R0); + assume {:captureState "%00000c67"} true; + R0, Gamma_R0 := 9bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 36bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 36bv64), Gamma_R0); + assume {:captureState "%00000c74"} true; + R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 40bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 40bv64)); + R1, Gamma_R1 := 65bv64, true; + call rely(); + assert (L(mem, R0) ==> Gamma_R1); + mem, Gamma_mem := memory_store8_le(mem, R0, R1[8:0]), gamma_store8(Gamma_mem, R0, Gamma_R1); + assume {:captureState "%00000c88"} true; + R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 48bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 48bv64)); + R1, Gamma_R1 := 42bv64, true; + call rely(); + assert (L(mem, R0) ==> Gamma_R1); + mem, Gamma_mem := memory_store32_le(mem, R0, R1[32:0]), gamma_store32(Gamma_mem, R0, Gamma_R1); + assume {:captureState "%00000c9c"} true; + R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 40bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 40bv64)); + R30, Gamma_R30 := 2168bv64, true; + call printCharValue(); + goto l00000d37; l00000d37: assume {:captureState "l00000d37"} true; R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 48bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 48bv64)); @@ -581,29 +615,6 @@ implementation main() R30, Gamma_R30 := 2224bv64, true; call #free(); goto l00000d93; - l00000c61: - assume {:captureState "l00000c61"} true; - stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 56bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 56bv64), Gamma_R0); - assume {:captureState "%00000c67"} true; - R0, Gamma_R0 := 9bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 36bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 36bv64), Gamma_R0); - assume {:captureState "%00000c74"} true; - R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 40bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 40bv64)); - R1, Gamma_R1 := 65bv64, true; - call rely(); - assert (L(mem, R0) ==> Gamma_R1); - mem, Gamma_mem := memory_store8_le(mem, R0, R1[8:0]), gamma_store8(Gamma_mem, R0, Gamma_R1); - assume {:captureState "%00000c88"} true; - R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 48bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 48bv64)); - R1, Gamma_R1 := 42bv64, true; - call rely(); - assert (L(mem, R0) ==> Gamma_R1); - mem, Gamma_mem := memory_store32_le(mem, R0, R1[32:0]), gamma_store32(Gamma_mem, R0, Gamma_R1); - assume {:captureState "%00000c9c"} true; - R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 40bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 40bv64)); - R30, Gamma_R30 := 2168bv64, true; - call printCharValue(); - goto l00000d37; l00000d93: assume {:captureState "l00000d93"} true; R0, Gamma_R0 := 0bv64, true; @@ -611,17 +622,6 @@ implementation main() R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 64bv64), Gamma_R31; goto main_return; - l00000c40: - assume {:captureState "l00000c40"} true; - stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 48bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 48bv64), Gamma_R0); - assume {:captureState "%00000c46"} true; - R0, Gamma_R0 := 10bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 32bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 32bv64), Gamma_R0); - assume {:captureState "%00000c53"} true; - R0, Gamma_R0 := 4bv64, true; - R30, Gamma_R30 := 2124bv64, true; - call malloc(); - goto l00000c61; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/malloc_with_local3/gcc_pic/malloc_with_local3.expected b/src/test/correct/malloc_with_local3/gcc_pic/malloc_with_local3.expected index 7e672a002..0c8e610fc 100644 --- a/src/test/correct/malloc_with_local3/gcc_pic/malloc_with_local3.expected +++ b/src/test/correct/malloc_with_local3/gcc_pic/malloc_with_local3.expected @@ -550,6 +550,40 @@ implementation main() R30, Gamma_R30 := 2104bv64, true; call malloc(); goto l00000c40; + l00000c40: + assume {:captureState "l00000c40"} true; + stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 48bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 48bv64), Gamma_R0); + assume {:captureState "%00000c46"} true; + R0, Gamma_R0 := 10bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 32bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 32bv64), Gamma_R0); + assume {:captureState "%00000c53"} true; + R0, Gamma_R0 := 4bv64, true; + R30, Gamma_R30 := 2124bv64, true; + call malloc(); + goto l00000c61; + l00000c61: + assume {:captureState "l00000c61"} true; + stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 56bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 56bv64), Gamma_R0); + assume {:captureState "%00000c67"} true; + R0, Gamma_R0 := 9bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 36bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 36bv64), Gamma_R0); + assume {:captureState "%00000c74"} true; + R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 40bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 40bv64)); + R1, Gamma_R1 := 65bv64, true; + call rely(); + assert (L(mem, R0) ==> Gamma_R1); + mem, Gamma_mem := memory_store8_le(mem, R0, R1[8:0]), gamma_store8(Gamma_mem, R0, Gamma_R1); + assume {:captureState "%00000c88"} true; + R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 48bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 48bv64)); + R1, Gamma_R1 := 42bv64, true; + call rely(); + assert (L(mem, R0) ==> Gamma_R1); + mem, Gamma_mem := memory_store32_le(mem, R0, R1[32:0]), gamma_store32(Gamma_mem, R0, Gamma_R1); + assume {:captureState "%00000c9c"} true; + R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 40bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 40bv64)); + R30, Gamma_R30 := 2168bv64, true; + call printCharValue(); + goto l00000d37; l00000d37: assume {:captureState "l00000d37"} true; R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 48bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 48bv64)); @@ -581,29 +615,6 @@ implementation main() R30, Gamma_R30 := 2224bv64, true; call #free(); goto l00000d93; - l00000c61: - assume {:captureState "l00000c61"} true; - stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 56bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 56bv64), Gamma_R0); - assume {:captureState "%00000c67"} true; - R0, Gamma_R0 := 9bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 36bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 36bv64), Gamma_R0); - assume {:captureState "%00000c74"} true; - R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 40bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 40bv64)); - R1, Gamma_R1 := 65bv64, true; - call rely(); - assert (L(mem, R0) ==> Gamma_R1); - mem, Gamma_mem := memory_store8_le(mem, R0, R1[8:0]), gamma_store8(Gamma_mem, R0, Gamma_R1); - assume {:captureState "%00000c88"} true; - R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 48bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 48bv64)); - R1, Gamma_R1 := 42bv64, true; - call rely(); - assert (L(mem, R0) ==> Gamma_R1); - mem, Gamma_mem := memory_store32_le(mem, R0, R1[32:0]), gamma_store32(Gamma_mem, R0, Gamma_R1); - assume {:captureState "%00000c9c"} true; - R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 40bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 40bv64)); - R30, Gamma_R30 := 2168bv64, true; - call printCharValue(); - goto l00000d37; l00000d93: assume {:captureState "l00000d93"} true; R0, Gamma_R0 := 0bv64, true; @@ -611,17 +622,6 @@ implementation main() R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 64bv64), Gamma_R31; goto main_return; - l00000c40: - assume {:captureState "l00000c40"} true; - stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 48bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 48bv64), Gamma_R0); - assume {:captureState "%00000c46"} true; - R0, Gamma_R0 := 10bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 32bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 32bv64), Gamma_R0); - assume {:captureState "%00000c53"} true; - R0, Gamma_R0 := 4bv64, true; - R30, Gamma_R30 := 2124bv64, true; - call malloc(); - goto l00000c61; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/multi_malloc/clang/multi_malloc.expected b/src/test/correct/multi_malloc/clang/multi_malloc.expected index 790926d70..1dea76fd5 100644 --- a/src/test/correct/multi_malloc/clang/multi_malloc.expected +++ b/src/test/correct/multi_malloc/clang/multi_malloc.expected @@ -339,20 +339,6 @@ implementation main() R30, Gamma_R30 := 2100bv64, true; call malloc(); goto l00000379; - l0000040d: - assume {:captureState "l0000040d"} true; - R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); - R30, Gamma_R30 := 2196bv64, true; - call #free(); - goto l0000041b; - l0000041b: - assume {:captureState "l0000041b"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 4bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 4bv64)); - #5, Gamma_#5 := bvadd64(R31, 32bv64), Gamma_R31; - R29, Gamma_R29 := memory_load64_le(stack, #5), gamma_load64(Gamma_stack, #5); - R30, Gamma_R30 := memory_load64_le(stack, bvadd64(#5, 8bv64)), gamma_load64(Gamma_stack, bvadd64(#5, 8bv64)); - R31, Gamma_R31 := bvadd64(R31, 48bv64), Gamma_R31; - goto main_return; l00000379: assume {:captureState "l00000379"} true; stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 16bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 16bv64), Gamma_R0); @@ -361,22 +347,6 @@ implementation main() R30, Gamma_R30 := 2112bv64, true; call malloc(); goto l0000038d; - l000003de: - assume {:captureState "l000003de"} true; - R8, Gamma_R8 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); - call rely(); - R1, Gamma_R1 := zero_extend32_32(memory_load32_le(mem, R8)), (gamma_load32(Gamma_mem, R8) || L(mem, R8)); - R0, Gamma_R0 := 0bv64, true; - R0, Gamma_R0 := bvadd64(R0, 2253bv64), Gamma_R0; - R30, Gamma_R30 := 2180bv64, true; - call printf(); - goto l000003fe; - l000003fe: - assume {:captureState "l000003fe"} true; - R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 16bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 16bv64)); - R30, Gamma_R30 := 2188bv64, true; - call #free(); - goto l0000040d; l0000038d: assume {:captureState "l0000038d"} true; stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 8bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 8bv64), Gamma_R0); @@ -401,6 +371,36 @@ implementation main() R30, Gamma_R30 := 2160bv64, true; call printf(); goto l000003de; + l000003de: + assume {:captureState "l000003de"} true; + R8, Gamma_R8 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); + call rely(); + R1, Gamma_R1 := zero_extend32_32(memory_load32_le(mem, R8)), (gamma_load32(Gamma_mem, R8) || L(mem, R8)); + R0, Gamma_R0 := 0bv64, true; + R0, Gamma_R0 := bvadd64(R0, 2253bv64), Gamma_R0; + R30, Gamma_R30 := 2180bv64, true; + call printf(); + goto l000003fe; + l000003fe: + assume {:captureState "l000003fe"} true; + R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 16bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 16bv64)); + R30, Gamma_R30 := 2188bv64, true; + call #free(); + goto l0000040d; + l0000040d: + assume {:captureState "l0000040d"} true; + R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); + R30, Gamma_R30 := 2196bv64, true; + call #free(); + goto l0000041b; + l0000041b: + assume {:captureState "l0000041b"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 4bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 4bv64)); + #5, Gamma_#5 := bvadd64(R31, 32bv64), Gamma_R31; + R29, Gamma_R29 := memory_load64_le(stack, #5), gamma_load64(Gamma_stack, #5); + R30, Gamma_R30 := memory_load64_le(stack, bvadd64(#5, 8bv64)), gamma_load64(Gamma_stack, bvadd64(#5, 8bv64)); + R31, Gamma_R31 := bvadd64(R31, 48bv64), Gamma_R31; + goto main_return; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/multi_malloc/clang_O2/multi_malloc.expected b/src/test/correct/multi_malloc/clang_O2/multi_malloc.expected index 24ae706cb..657b1018d 100644 --- a/src/test/correct/multi_malloc/clang_O2/multi_malloc.expected +++ b/src/test/correct/multi_malloc/clang_O2/multi_malloc.expected @@ -211,13 +211,6 @@ implementation main() R30, Gamma_R30 := 1900bv64, true; call printf(); goto l00000312; - l00000329: - assume {:captureState "l00000329"} true; - R0, Gamma_R0 := 0bv64, true; - R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); - R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); - R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; - goto main_return; l00000312: assume {:captureState "l00000312"} true; R0, Gamma_R0 := 0bv64, true; @@ -226,6 +219,13 @@ implementation main() R30, Gamma_R30 := 1916bv64, true; call printf(); goto l00000329; + l00000329: + assume {:captureState "l00000329"} true; + R0, Gamma_R0 := 0bv64, true; + R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); + R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); + R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/multi_malloc/clang_no_plt_no_pic/multi_malloc.expected b/src/test/correct/multi_malloc/clang_no_plt_no_pic/multi_malloc.expected index 7e0444c72..71d9cf865 100644 --- a/src/test/correct/multi_malloc/clang_no_plt_no_pic/multi_malloc.expected +++ b/src/test/correct/multi_malloc/clang_no_plt_no_pic/multi_malloc.expected @@ -347,30 +347,6 @@ implementation main() R30, Gamma_R30 := 2112bv64, true; call malloc(); goto l00000abb; - l00000b49: - assume {:captureState "l00000b49"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 4bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 4bv64)); - #5, Gamma_#5 := bvadd64(R31, 32bv64), Gamma_R31; - R29, Gamma_R29 := memory_load64_le(stack, #5), gamma_load64(Gamma_stack, #5); - R30, Gamma_R30 := memory_load64_le(stack, bvadd64(#5, 8bv64)), gamma_load64(Gamma_stack, bvadd64(#5, 8bv64)); - R31, Gamma_R31 := bvadd64(R31, 48bv64), Gamma_R31; - goto main_return; - l00000b0c: - assume {:captureState "l00000b0c"} true; - R8, Gamma_R8 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); - call rely(); - R1, Gamma_R1 := zero_extend32_32(memory_load32_le(mem, R8)), (gamma_load32(Gamma_mem, R8) || L(mem, R8)); - R0, Gamma_R0 := 0bv64, true; - R0, Gamma_R0 := bvadd64(R0, 2253bv64), Gamma_R0; - R30, Gamma_R30 := 2180bv64, true; - call printf(); - goto l00000b2c; - l00000b2c: - assume {:captureState "l00000b2c"} true; - R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 16bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 16bv64)); - R30, Gamma_R30 := 2188bv64, true; - call #free(); - goto l00000b3b; l00000abb: assume {:captureState "l00000abb"} true; stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 8bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 8bv64), Gamma_R0); @@ -395,12 +371,36 @@ implementation main() R30, Gamma_R30 := 2160bv64, true; call printf(); goto l00000b0c; + l00000b0c: + assume {:captureState "l00000b0c"} true; + R8, Gamma_R8 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); + call rely(); + R1, Gamma_R1 := zero_extend32_32(memory_load32_le(mem, R8)), (gamma_load32(Gamma_mem, R8) || L(mem, R8)); + R0, Gamma_R0 := 0bv64, true; + R0, Gamma_R0 := bvadd64(R0, 2253bv64), Gamma_R0; + R30, Gamma_R30 := 2180bv64, true; + call printf(); + goto l00000b2c; + l00000b2c: + assume {:captureState "l00000b2c"} true; + R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 16bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 16bv64)); + R30, Gamma_R30 := 2188bv64, true; + call #free(); + goto l00000b3b; l00000b3b: assume {:captureState "l00000b3b"} true; R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); R30, Gamma_R30 := 2196bv64, true; call #free(); goto l00000b49; + l00000b49: + assume {:captureState "l00000b49"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 4bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 4bv64)); + #5, Gamma_#5 := bvadd64(R31, 32bv64), Gamma_R31; + R29, Gamma_R29 := memory_load64_le(stack, #5), gamma_load64(Gamma_stack, #5); + R30, Gamma_R30 := memory_load64_le(stack, bvadd64(#5, 8bv64)), gamma_load64(Gamma_stack, bvadd64(#5, 8bv64)); + R31, Gamma_R31 := bvadd64(R31, 48bv64), Gamma_R31; + goto main_return; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/multi_malloc/clang_pic/multi_malloc.expected b/src/test/correct/multi_malloc/clang_pic/multi_malloc.expected index 7e0444c72..71d9cf865 100644 --- a/src/test/correct/multi_malloc/clang_pic/multi_malloc.expected +++ b/src/test/correct/multi_malloc/clang_pic/multi_malloc.expected @@ -347,30 +347,6 @@ implementation main() R30, Gamma_R30 := 2112bv64, true; call malloc(); goto l00000abb; - l00000b49: - assume {:captureState "l00000b49"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 4bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 4bv64)); - #5, Gamma_#5 := bvadd64(R31, 32bv64), Gamma_R31; - R29, Gamma_R29 := memory_load64_le(stack, #5), gamma_load64(Gamma_stack, #5); - R30, Gamma_R30 := memory_load64_le(stack, bvadd64(#5, 8bv64)), gamma_load64(Gamma_stack, bvadd64(#5, 8bv64)); - R31, Gamma_R31 := bvadd64(R31, 48bv64), Gamma_R31; - goto main_return; - l00000b0c: - assume {:captureState "l00000b0c"} true; - R8, Gamma_R8 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); - call rely(); - R1, Gamma_R1 := zero_extend32_32(memory_load32_le(mem, R8)), (gamma_load32(Gamma_mem, R8) || L(mem, R8)); - R0, Gamma_R0 := 0bv64, true; - R0, Gamma_R0 := bvadd64(R0, 2253bv64), Gamma_R0; - R30, Gamma_R30 := 2180bv64, true; - call printf(); - goto l00000b2c; - l00000b2c: - assume {:captureState "l00000b2c"} true; - R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 16bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 16bv64)); - R30, Gamma_R30 := 2188bv64, true; - call #free(); - goto l00000b3b; l00000abb: assume {:captureState "l00000abb"} true; stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 8bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 8bv64), Gamma_R0); @@ -395,12 +371,36 @@ implementation main() R30, Gamma_R30 := 2160bv64, true; call printf(); goto l00000b0c; + l00000b0c: + assume {:captureState "l00000b0c"} true; + R8, Gamma_R8 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); + call rely(); + R1, Gamma_R1 := zero_extend32_32(memory_load32_le(mem, R8)), (gamma_load32(Gamma_mem, R8) || L(mem, R8)); + R0, Gamma_R0 := 0bv64, true; + R0, Gamma_R0 := bvadd64(R0, 2253bv64), Gamma_R0; + R30, Gamma_R30 := 2180bv64, true; + call printf(); + goto l00000b2c; + l00000b2c: + assume {:captureState "l00000b2c"} true; + R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 16bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 16bv64)); + R30, Gamma_R30 := 2188bv64, true; + call #free(); + goto l00000b3b; l00000b3b: assume {:captureState "l00000b3b"} true; R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); R30, Gamma_R30 := 2196bv64, true; call #free(); goto l00000b49; + l00000b49: + assume {:captureState "l00000b49"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 4bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 4bv64)); + #5, Gamma_#5 := bvadd64(R31, 32bv64), Gamma_R31; + R29, Gamma_R29 := memory_load64_le(stack, #5), gamma_load64(Gamma_stack, #5); + R30, Gamma_R30 := memory_load64_le(stack, bvadd64(#5, 8bv64)), gamma_load64(Gamma_stack, bvadd64(#5, 8bv64)); + R31, Gamma_R31 := bvadd64(R31, 48bv64), Gamma_R31; + goto main_return; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/multi_malloc/gcc/multi_malloc.expected b/src/test/correct/multi_malloc/gcc/multi_malloc.expected index 7057d7c19..b0e8a0597 100644 --- a/src/test/correct/multi_malloc/gcc/multi_malloc.expected +++ b/src/test/correct/multi_malloc/gcc/multi_malloc.expected @@ -173,13 +173,6 @@ implementation main() R30, Gamma_R30 := 2084bv64, true; call malloc(); goto l00000357; - l00000405: - assume {:captureState "l00000405"} true; - R0, Gamma_R0 := 0bv64, true; - R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); - R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); - R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; - goto main_return; l00000357: assume {:captureState "l00000357"} true; stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 16bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 16bv64), Gamma_R0); @@ -188,29 +181,6 @@ implementation main() R30, Gamma_R30 := 2096bv64, true; call malloc(); goto l0000036b; - l000003f7: - assume {:captureState "l000003f7"} true; - R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 24bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 24bv64)); - R30, Gamma_R30 := 2188bv64, true; - call #free(); - goto l00000405; - l000003e8: - assume {:captureState "l000003e8"} true; - R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 16bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 16bv64)); - R30, Gamma_R30 := 2180bv64, true; - call #free(); - goto l000003f7; - l000003c2: - assume {:captureState "l000003c2"} true; - R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 24bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 24bv64)); - call rely(); - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, R0)), (gamma_load32(Gamma_mem, R0) || L(mem, R0)); - R1, Gamma_R1 := zero_extend32_32(R0[32:0]), Gamma_R0; - R0, Gamma_R0 := 0bv64, true; - R0, Gamma_R0 := bvadd64(R0, 2256bv64), Gamma_R0; - R30, Gamma_R30 := 2172bv64, true; - call printf(); - goto l000003e8; l0000036b: assume {:captureState "l0000036b"} true; stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 24bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 24bv64), Gamma_R0); @@ -236,6 +206,36 @@ implementation main() R30, Gamma_R30 := 2148bv64, true; call printf(); goto l000003c2; + l000003c2: + assume {:captureState "l000003c2"} true; + R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 24bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 24bv64)); + call rely(); + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, R0)), (gamma_load32(Gamma_mem, R0) || L(mem, R0)); + R1, Gamma_R1 := zero_extend32_32(R0[32:0]), Gamma_R0; + R0, Gamma_R0 := 0bv64, true; + R0, Gamma_R0 := bvadd64(R0, 2256bv64), Gamma_R0; + R30, Gamma_R30 := 2172bv64, true; + call printf(); + goto l000003e8; + l000003e8: + assume {:captureState "l000003e8"} true; + R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 16bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 16bv64)); + R30, Gamma_R30 := 2180bv64, true; + call #free(); + goto l000003f7; + l000003f7: + assume {:captureState "l000003f7"} true; + R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 24bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 24bv64)); + R30, Gamma_R30 := 2188bv64, true; + call #free(); + goto l00000405; + l00000405: + assume {:captureState "l00000405"} true; + R0, Gamma_R0 := 0bv64, true; + R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); + R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); + R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; + goto main_return; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/multi_malloc/gcc_no_plt_no_pic/multi_malloc.expected b/src/test/correct/multi_malloc/gcc_no_plt_no_pic/multi_malloc.expected index 8c6b7bf00..4ed711cf1 100644 --- a/src/test/correct/multi_malloc/gcc_no_plt_no_pic/multi_malloc.expected +++ b/src/test/correct/multi_malloc/gcc_no_plt_no_pic/multi_malloc.expected @@ -173,23 +173,14 @@ implementation main() R30, Gamma_R30 := 2084bv64, true; call malloc(); goto l00000a64; - l00000b04: - assume {:captureState "l00000b04"} true; - R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 24bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 24bv64)); - R30, Gamma_R30 := 2188bv64, true; - call #free(); - goto l00000b12; - l00000acf: - assume {:captureState "l00000acf"} true; - R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 24bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 24bv64)); - call rely(); - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, R0)), (gamma_load32(Gamma_mem, R0) || L(mem, R0)); - R1, Gamma_R1 := zero_extend32_32(R0[32:0]), Gamma_R0; - R0, Gamma_R0 := 0bv64, true; - R0, Gamma_R0 := bvadd64(R0, 2256bv64), Gamma_R0; - R30, Gamma_R30 := 2172bv64, true; - call printf(); - goto l00000af5; + l00000a64: + assume {:captureState "l00000a64"} true; + stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 16bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 16bv64), Gamma_R0); + assume {:captureState "%00000a6a"} true; + R0, Gamma_R0 := 4bv64, true; + R30, Gamma_R30 := 2096bv64, true; + call malloc(); + goto l00000a78; l00000a78: assume {:captureState "l00000a78"} true; stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 24bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 24bv64), Gamma_R0); @@ -215,27 +206,36 @@ implementation main() R30, Gamma_R30 := 2148bv64, true; call printf(); goto l00000acf; - l00000b12: - assume {:captureState "l00000b12"} true; + l00000acf: + assume {:captureState "l00000acf"} true; + R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 24bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 24bv64)); + call rely(); + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, R0)), (gamma_load32(Gamma_mem, R0) || L(mem, R0)); + R1, Gamma_R1 := zero_extend32_32(R0[32:0]), Gamma_R0; R0, Gamma_R0 := 0bv64, true; - R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); - R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); - R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; - goto main_return; + R0, Gamma_R0 := bvadd64(R0, 2256bv64), Gamma_R0; + R30, Gamma_R30 := 2172bv64, true; + call printf(); + goto l00000af5; l00000af5: assume {:captureState "l00000af5"} true; R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 16bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 16bv64)); R30, Gamma_R30 := 2180bv64, true; call #free(); goto l00000b04; - l00000a64: - assume {:captureState "l00000a64"} true; - stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 16bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 16bv64), Gamma_R0); - assume {:captureState "%00000a6a"} true; - R0, Gamma_R0 := 4bv64, true; - R30, Gamma_R30 := 2096bv64, true; - call malloc(); - goto l00000a78; + l00000b04: + assume {:captureState "l00000b04"} true; + R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 24bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 24bv64)); + R30, Gamma_R30 := 2188bv64, true; + call #free(); + goto l00000b12; + l00000b12: + assume {:captureState "l00000b12"} true; + R0, Gamma_R0 := 0bv64, true; + R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); + R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); + R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; + goto main_return; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/multi_malloc/gcc_pic/multi_malloc.expected b/src/test/correct/multi_malloc/gcc_pic/multi_malloc.expected index 8c6b7bf00..4ed711cf1 100644 --- a/src/test/correct/multi_malloc/gcc_pic/multi_malloc.expected +++ b/src/test/correct/multi_malloc/gcc_pic/multi_malloc.expected @@ -173,23 +173,14 @@ implementation main() R30, Gamma_R30 := 2084bv64, true; call malloc(); goto l00000a64; - l00000b04: - assume {:captureState "l00000b04"} true; - R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 24bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 24bv64)); - R30, Gamma_R30 := 2188bv64, true; - call #free(); - goto l00000b12; - l00000acf: - assume {:captureState "l00000acf"} true; - R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 24bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 24bv64)); - call rely(); - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, R0)), (gamma_load32(Gamma_mem, R0) || L(mem, R0)); - R1, Gamma_R1 := zero_extend32_32(R0[32:0]), Gamma_R0; - R0, Gamma_R0 := 0bv64, true; - R0, Gamma_R0 := bvadd64(R0, 2256bv64), Gamma_R0; - R30, Gamma_R30 := 2172bv64, true; - call printf(); - goto l00000af5; + l00000a64: + assume {:captureState "l00000a64"} true; + stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 16bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 16bv64), Gamma_R0); + assume {:captureState "%00000a6a"} true; + R0, Gamma_R0 := 4bv64, true; + R30, Gamma_R30 := 2096bv64, true; + call malloc(); + goto l00000a78; l00000a78: assume {:captureState "l00000a78"} true; stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 24bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 24bv64), Gamma_R0); @@ -215,27 +206,36 @@ implementation main() R30, Gamma_R30 := 2148bv64, true; call printf(); goto l00000acf; - l00000b12: - assume {:captureState "l00000b12"} true; + l00000acf: + assume {:captureState "l00000acf"} true; + R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 24bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 24bv64)); + call rely(); + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, R0)), (gamma_load32(Gamma_mem, R0) || L(mem, R0)); + R1, Gamma_R1 := zero_extend32_32(R0[32:0]), Gamma_R0; R0, Gamma_R0 := 0bv64, true; - R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); - R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); - R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; - goto main_return; + R0, Gamma_R0 := bvadd64(R0, 2256bv64), Gamma_R0; + R30, Gamma_R30 := 2172bv64, true; + call printf(); + goto l00000af5; l00000af5: assume {:captureState "l00000af5"} true; R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 16bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 16bv64)); R30, Gamma_R30 := 2180bv64, true; call #free(); goto l00000b04; - l00000a64: - assume {:captureState "l00000a64"} true; - stack, Gamma_stack := memory_store64_le(stack, bvadd64(R31, 16bv64), R0), gamma_store64(Gamma_stack, bvadd64(R31, 16bv64), Gamma_R0); - assume {:captureState "%00000a6a"} true; - R0, Gamma_R0 := 4bv64, true; - R30, Gamma_R30 := 2096bv64, true; - call malloc(); - goto l00000a78; + l00000b04: + assume {:captureState "l00000b04"} true; + R0, Gamma_R0 := memory_load64_le(stack, bvadd64(R31, 24bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 24bv64)); + R30, Gamma_R30 := 2188bv64, true; + call #free(); + goto l00000b12; + l00000b12: + assume {:captureState "l00000b12"} true; + R0, Gamma_R0 := 0bv64, true; + R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); + R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); + R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; + goto main_return; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/nestedif/clang/nestedif.expected b/src/test/correct/nestedif/clang/nestedif.expected index 835a92d55..ab32e4390 100644 --- a/src/test/correct/nestedif/clang/nestedif.expected +++ b/src/test/correct/nestedif/clang/nestedif.expected @@ -131,51 +131,18 @@ implementation main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; goto lmain_goto_l0000037c, lmain_goto_l00000379; - l00000387_goto_l000003b5: - assume {:captureState "l00000387_goto_l000003b5"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l000003b5; - lmain_goto_l0000037c: - assume {:captureState "lmain_goto_l0000037c"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l0000037c; - l00000387_goto_l000003b2: - assume {:captureState "l00000387_goto_l000003b2"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l000003b2; - l0000037f_goto_l00000442: - assume {:captureState "l0000037f_goto_l00000442"} true; - assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); - goto l00000442; - l0000037f_goto_l00000387: - assume {:captureState "l0000037f_goto_l00000387"} true; - assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); - goto l00000387; - l0000042e: - assume {:captureState "l0000042e"} true; - R8, Gamma_R8 := 5bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 4bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 4bv64), Gamma_R8); - assume {:captureState "%0000043c"} true; - goto l000003ff; - l000003b8_goto_l0000042d: - assume {:captureState "l000003b8_goto_l0000042d"} true; - assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); - goto l0000042d; - l0000042d: - assume {:captureState "l0000042d"} true; - goto l0000042e; - l000003ff: - assume {:captureState "l000003ff"} true; - goto l00000403; - l00000443: - assume {:captureState "l00000443"} true; - R8, Gamma_R8 := 3bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 4bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 4bv64), Gamma_R8); - assume {:captureState "%00000451"} true; - goto l00000403; - l00000442: - assume {:captureState "l00000442"} true; - goto l00000443; + l0000037c: + assume {:captureState "l0000037c"} true; + R8, Gamma_R8 := 1bv64, true; + goto l0000037f; + l00000379: + assume {:captureState "l00000379"} true; + R8, Gamma_R8 := 0bv64, true; + goto l0000037f; + l0000037f: + assume {:captureState "l0000037f"} true; + assert Gamma_R8; + goto l0000037f_goto_l00000442, l0000037f_goto_l00000387; l00000387: assume {:captureState "l00000387"} true; R8, Gamma_R8 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); @@ -187,94 +154,127 @@ implementation main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#5, 1bv32)), Gamma_#5; assert Gamma_ZF; goto l00000387_goto_l000003b5, l00000387_goto_l000003b2; - l000003c0_goto_l000003eb: - assume {:captureState "l000003c0_goto_l000003eb"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l000003eb; - l000003f1_goto_l00000418: - assume {:captureState "l000003f1_goto_l00000418"} true; - assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); - goto l00000418; - l000003c0_goto_l000003ee: - assume {:captureState "l000003c0_goto_l000003ee"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l000003ee; - l00000403: - assume {:captureState "l00000403"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); - R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; - goto main_return; + l000003b5: + assume {:captureState "l000003b5"} true; + R8, Gamma_R8 := 1bv64, true; + goto l000003b8; l000003b2: assume {:captureState "l000003b2"} true; R8, Gamma_R8 := 0bv64, true; goto l000003b8; - l0000037f: - assume {:captureState "l0000037f"} true; - assert Gamma_R8; - goto l0000037f_goto_l00000442, l0000037f_goto_l00000387; - l0000037c: - assume {:captureState "l0000037c"} true; - R8, Gamma_R8 := 1bv64, true; - goto l0000037f; - l000003f1: - assume {:captureState "l000003f1"} true; - assert Gamma_R8; - goto l000003f1_goto_l000003f9, l000003f1_goto_l00000418; l000003b8: assume {:captureState "l000003b8"} true; assert Gamma_R8; goto l000003b8_goto_l000003c0, l000003b8_goto_l0000042d; - l000003f9: - assume {:captureState "l000003f9"} true; - goto l000003ff; - l000003b5: - assume {:captureState "l000003b5"} true; + l000003c0: + assume {:captureState "l000003c0"} true; + R8, Gamma_R8 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); + #6, Gamma_#6 := bvadd32(R8[32:0], 4294967293bv32), Gamma_R8; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#6, 1bv32)), bvadd33(sign_extend1_32(R8[32:0]), 8589934590bv33))), (Gamma_R8 && Gamma_#6); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#6, 1bv32)), bvadd33(zero_extend1_32(R8[32:0]), 4294967294bv33))), (Gamma_R8 && Gamma_#6); + ZF, Gamma_ZF := bvcomp32(bvadd32(#6, 1bv32), 0bv32), Gamma_#6; + NF, Gamma_NF := bvadd32(#6, 1bv32)[32:31], Gamma_#6; + R8, Gamma_R8 := zero_extend32_32(bvadd32(#6, 1bv32)), Gamma_#6; + assert Gamma_ZF; + goto l000003c0_goto_l000003eb, l000003c0_goto_l000003ee; + l000003ee: + assume {:captureState "l000003ee"} true; R8, Gamma_R8 := 1bv64, true; - goto l000003b8; + goto l000003f1; l000003eb: assume {:captureState "l000003eb"} true; R8, Gamma_R8 := 0bv64, true; goto l000003f1; - l000003ee: - assume {:captureState "l000003ee"} true; - R8, Gamma_R8 := 1bv64, true; - goto l000003f1; + l000003f1: + assume {:captureState "l000003f1"} true; + assert Gamma_R8; + goto l000003f1_goto_l000003f9, l000003f1_goto_l00000418; l00000418: assume {:captureState "l00000418"} true; goto l00000419; - l00000379: - assume {:captureState "l00000379"} true; - R8, Gamma_R8 := 0bv64, true; - goto l0000037f; + l00000419: + assume {:captureState "l00000419"} true; + R8, Gamma_R8 := 7bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 4bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 4bv64), Gamma_R8); + assume {:captureState "%00000427"} true; + goto l000003f9; + l000003f9: + assume {:captureState "l000003f9"} true; + goto l000003ff; + l0000042d: + assume {:captureState "l0000042d"} true; + goto l0000042e; + l0000042e: + assume {:captureState "l0000042e"} true; + R8, Gamma_R8 := 5bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 4bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 4bv64), Gamma_R8); + assume {:captureState "%0000043c"} true; + goto l000003ff; + l000003ff: + assume {:captureState "l000003ff"} true; + goto l00000403; + l00000442: + assume {:captureState "l00000442"} true; + goto l00000443; + l00000443: + assume {:captureState "l00000443"} true; + R8, Gamma_R8 := 3bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 4bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 4bv64), Gamma_R8); + assume {:captureState "%00000451"} true; + goto l00000403; + l00000403: + assume {:captureState "l00000403"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); + R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; lmain_goto_l00000379: assume {:captureState "lmain_goto_l00000379"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); goto l00000379; - l000003f1_goto_l000003f9: - assume {:captureState "l000003f1_goto_l000003f9"} true; + lmain_goto_l0000037c: + assume {:captureState "lmain_goto_l0000037c"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l0000037c; + l0000037f_goto_l00000387: + assume {:captureState "l0000037f_goto_l00000387"} true; assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); - goto l000003f9; - l000003c0: - assume {:captureState "l000003c0"} true; - R8, Gamma_R8 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); - #6, Gamma_#6 := bvadd32(R8[32:0], 4294967293bv32), Gamma_R8; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#6, 1bv32)), bvadd33(sign_extend1_32(R8[32:0]), 8589934590bv33))), (Gamma_R8 && Gamma_#6); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#6, 1bv32)), bvadd33(zero_extend1_32(R8[32:0]), 4294967294bv33))), (Gamma_R8 && Gamma_#6); - ZF, Gamma_ZF := bvcomp32(bvadd32(#6, 1bv32), 0bv32), Gamma_#6; - NF, Gamma_NF := bvadd32(#6, 1bv32)[32:31], Gamma_#6; - R8, Gamma_R8 := zero_extend32_32(bvadd32(#6, 1bv32)), Gamma_#6; - assert Gamma_ZF; - goto l000003c0_goto_l000003eb, l000003c0_goto_l000003ee; + goto l00000387; + l0000037f_goto_l00000442: + assume {:captureState "l0000037f_goto_l00000442"} true; + assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); + goto l00000442; + l00000387_goto_l000003b2: + assume {:captureState "l00000387_goto_l000003b2"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l000003b2; + l00000387_goto_l000003b5: + assume {:captureState "l00000387_goto_l000003b5"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l000003b5; l000003b8_goto_l000003c0: assume {:captureState "l000003b8_goto_l000003c0"} true; assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); goto l000003c0; - l00000419: - assume {:captureState "l00000419"} true; - R8, Gamma_R8 := 7bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 4bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 4bv64), Gamma_R8); - assume {:captureState "%00000427"} true; + l000003b8_goto_l0000042d: + assume {:captureState "l000003b8_goto_l0000042d"} true; + assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); + goto l0000042d; + l000003c0_goto_l000003eb: + assume {:captureState "l000003c0_goto_l000003eb"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l000003eb; + l000003c0_goto_l000003ee: + assume {:captureState "l000003c0_goto_l000003ee"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l000003ee; + l000003f1_goto_l000003f9: + assume {:captureState "l000003f1_goto_l000003f9"} true; + assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); goto l000003f9; + l000003f1_goto_l00000418: + assume {:captureState "l000003f1_goto_l00000418"} true; + assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); + goto l00000418; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/nestedif/clang_no_plt_no_pic/nestedif.expected b/src/test/correct/nestedif/clang_no_plt_no_pic/nestedif.expected index 5dc8ca5f2..4f0bf3c3b 100644 --- a/src/test/correct/nestedif/clang_no_plt_no_pic/nestedif.expected +++ b/src/test/correct/nestedif/clang_no_plt_no_pic/nestedif.expected @@ -131,61 +131,18 @@ implementation main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; goto lmain_goto_l00000aaa, lmain_goto_l00000aad; - l00000ab8_goto_l00000ae6: - assume {:captureState "l00000ab8_goto_l00000ae6"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l00000ae6; - lmain_goto_l00000aaa: - assume {:captureState "lmain_goto_l00000aaa"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l00000aaa; - l00000ab0_goto_l00000b73: - assume {:captureState "l00000ab0_goto_l00000b73"} true; - assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); - goto l00000b73; - l00000ab8_goto_l00000ae3: - assume {:captureState "l00000ab8_goto_l00000ae3"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l00000ae3; - lmain_goto_l00000aad: - assume {:captureState "lmain_goto_l00000aad"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l00000aad; - l00000b22_goto_l00000b49: - assume {:captureState "l00000b22_goto_l00000b49"} true; - assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); - goto l00000b49; - l00000b49: - assume {:captureState "l00000b49"} true; - goto l00000b4a; - l00000b5e: - assume {:captureState "l00000b5e"} true; - goto l00000b5f; - l00000b5f: - assume {:captureState "l00000b5f"} true; - R8, Gamma_R8 := 5bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 4bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 4bv64), Gamma_R8); - assume {:captureState "%00000b6d"} true; - goto l00000b30; + l00000aad: + assume {:captureState "l00000aad"} true; + R8, Gamma_R8 := 1bv64, true; + goto l00000ab0; + l00000aaa: + assume {:captureState "l00000aaa"} true; + R8, Gamma_R8 := 0bv64, true; + goto l00000ab0; l00000ab0: assume {:captureState "l00000ab0"} true; assert Gamma_R8; goto l00000ab0_goto_l00000b73, l00000ab0_goto_l00000ab8; - l00000ae9_goto_l00000b5e: - assume {:captureState "l00000ae9_goto_l00000b5e"} true; - assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); - goto l00000b5e; - l00000af1: - assume {:captureState "l00000af1"} true; - R8, Gamma_R8 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); - #6, Gamma_#6 := bvadd32(R8[32:0], 4294967293bv32), Gamma_R8; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#6, 1bv32)), bvadd33(sign_extend1_32(R8[32:0]), 8589934590bv33))), (Gamma_R8 && Gamma_#6); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#6, 1bv32)), bvadd33(zero_extend1_32(R8[32:0]), 4294967294bv33))), (Gamma_R8 && Gamma_#6); - ZF, Gamma_ZF := bvcomp32(bvadd32(#6, 1bv32), 0bv32), Gamma_#6; - NF, Gamma_NF := bvadd32(#6, 1bv32)[32:31], Gamma_#6; - R8, Gamma_R8 := zero_extend32_32(bvadd32(#6, 1bv32)), Gamma_#6; - assert Gamma_ZF; - goto l00000af1_goto_l00000b1c, l00000af1_goto_l00000b1f; l00000ab8: assume {:captureState "l00000ab8"} true; R8, Gamma_R8 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); @@ -197,6 +154,29 @@ implementation main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#5, 1bv32)), Gamma_#5; assert Gamma_ZF; goto l00000ab8_goto_l00000ae6, l00000ab8_goto_l00000ae3; + l00000ae6: + assume {:captureState "l00000ae6"} true; + R8, Gamma_R8 := 1bv64, true; + goto l00000ae9; + l00000ae3: + assume {:captureState "l00000ae3"} true; + R8, Gamma_R8 := 0bv64, true; + goto l00000ae9; + l00000ae9: + assume {:captureState "l00000ae9"} true; + assert Gamma_R8; + goto l00000ae9_goto_l00000af1, l00000ae9_goto_l00000b5e; + l00000af1: + assume {:captureState "l00000af1"} true; + R8, Gamma_R8 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); + #6, Gamma_#6 := bvadd32(R8[32:0], 4294967293bv32), Gamma_R8; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#6, 1bv32)), bvadd33(sign_extend1_32(R8[32:0]), 8589934590bv33))), (Gamma_R8 && Gamma_#6); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#6, 1bv32)), bvadd33(zero_extend1_32(R8[32:0]), 4294967294bv33))), (Gamma_R8 && Gamma_#6); + ZF, Gamma_ZF := bvcomp32(bvadd32(#6, 1bv32), 0bv32), Gamma_#6; + NF, Gamma_NF := bvadd32(#6, 1bv32)[32:31], Gamma_#6; + R8, Gamma_R8 := zero_extend32_32(bvadd32(#6, 1bv32)), Gamma_#6; + assert Gamma_ZF; + goto l00000af1_goto_l00000b1c, l00000af1_goto_l00000b1f; l00000b1f: assume {:captureState "l00000b1f"} true; R8, Gamma_R8 := 1bv64, true; @@ -205,19 +185,34 @@ implementation main() assume {:captureState "l00000b1c"} true; R8, Gamma_R8 := 0bv64, true; goto l00000b22; - l00000b34: - assume {:captureState "l00000b34"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); - R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; - goto main_return; - l00000ab0_goto_l00000ab8: - assume {:captureState "l00000ab0_goto_l00000ab8"} true; - assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); - goto l00000ab8; - l00000aaa: - assume {:captureState "l00000aaa"} true; - R8, Gamma_R8 := 0bv64, true; - goto l00000ab0; + l00000b22: + assume {:captureState "l00000b22"} true; + assert Gamma_R8; + goto l00000b22_goto_l00000b49, l00000b22_goto_l00000b2a; + l00000b49: + assume {:captureState "l00000b49"} true; + goto l00000b4a; + l00000b4a: + assume {:captureState "l00000b4a"} true; + R8, Gamma_R8 := 7bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 4bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 4bv64), Gamma_R8); + assume {:captureState "%00000b58"} true; + goto l00000b2a; + l00000b2a: + assume {:captureState "l00000b2a"} true; + goto l00000b30; + l00000b5e: + assume {:captureState "l00000b5e"} true; + goto l00000b5f; + l00000b5f: + assume {:captureState "l00000b5f"} true; + R8, Gamma_R8 := 5bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 4bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 4bv64), Gamma_R8); + assume {:captureState "%00000b6d"} true; + goto l00000b30; + l00000b30: + assume {:captureState "l00000b30"} true; + goto l00000b34; l00000b73: assume {:captureState "l00000b73"} true; goto l00000b74; @@ -227,54 +222,59 @@ implementation main() stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 4bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 4bv64), Gamma_R8); assume {:captureState "%00000b82"} true; goto l00000b34; - l00000b30: - assume {:captureState "l00000b30"} true; - goto l00000b34; + l00000b34: + assume {:captureState "l00000b34"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); + R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + lmain_goto_l00000aaa: + assume {:captureState "lmain_goto_l00000aaa"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l00000aaa; + lmain_goto_l00000aad: + assume {:captureState "lmain_goto_l00000aad"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l00000aad; + l00000ab0_goto_l00000ab8: + assume {:captureState "l00000ab0_goto_l00000ab8"} true; + assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); + goto l00000ab8; + l00000ab0_goto_l00000b73: + assume {:captureState "l00000ab0_goto_l00000b73"} true; + assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); + goto l00000b73; + l00000ab8_goto_l00000ae3: + assume {:captureState "l00000ab8_goto_l00000ae3"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l00000ae3; + l00000ab8_goto_l00000ae6: + assume {:captureState "l00000ab8_goto_l00000ae6"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l00000ae6; + l00000ae9_goto_l00000af1: + assume {:captureState "l00000ae9_goto_l00000af1"} true; + assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); + goto l00000af1; + l00000ae9_goto_l00000b5e: + assume {:captureState "l00000ae9_goto_l00000b5e"} true; + assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); + goto l00000b5e; l00000af1_goto_l00000b1c: assume {:captureState "l00000af1_goto_l00000b1c"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); goto l00000b1c; - l00000aad: - assume {:captureState "l00000aad"} true; - R8, Gamma_R8 := 1bv64, true; - goto l00000ab0; l00000af1_goto_l00000b1f: assume {:captureState "l00000af1_goto_l00000b1f"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); goto l00000b1f; - l00000ae6: - assume {:captureState "l00000ae6"} true; - R8, Gamma_R8 := 1bv64, true; - goto l00000ae9; - l00000b2a: - assume {:captureState "l00000b2a"} true; - goto l00000b30; - l00000ae3: - assume {:captureState "l00000ae3"} true; - R8, Gamma_R8 := 0bv64, true; - goto l00000ae9; - l00000b4a: - assume {:captureState "l00000b4a"} true; - R8, Gamma_R8 := 7bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 4bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 4bv64), Gamma_R8); - assume {:captureState "%00000b58"} true; - goto l00000b2a; - l00000ae9_goto_l00000af1: - assume {:captureState "l00000ae9_goto_l00000af1"} true; - assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); - goto l00000af1; - l00000ae9: - assume {:captureState "l00000ae9"} true; - assert Gamma_R8; - goto l00000ae9_goto_l00000af1, l00000ae9_goto_l00000b5e; - l00000b22: - assume {:captureState "l00000b22"} true; - assert Gamma_R8; - goto l00000b22_goto_l00000b49, l00000b22_goto_l00000b2a; l00000b22_goto_l00000b2a: assume {:captureState "l00000b22_goto_l00000b2a"} true; assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); goto l00000b2a; + l00000b22_goto_l00000b49: + assume {:captureState "l00000b22_goto_l00000b49"} true; + assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); + goto l00000b49; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/nestedif/clang_pic/nestedif.expected b/src/test/correct/nestedif/clang_pic/nestedif.expected index 5dc8ca5f2..4f0bf3c3b 100644 --- a/src/test/correct/nestedif/clang_pic/nestedif.expected +++ b/src/test/correct/nestedif/clang_pic/nestedif.expected @@ -131,61 +131,18 @@ implementation main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; goto lmain_goto_l00000aaa, lmain_goto_l00000aad; - l00000ab8_goto_l00000ae6: - assume {:captureState "l00000ab8_goto_l00000ae6"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l00000ae6; - lmain_goto_l00000aaa: - assume {:captureState "lmain_goto_l00000aaa"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l00000aaa; - l00000ab0_goto_l00000b73: - assume {:captureState "l00000ab0_goto_l00000b73"} true; - assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); - goto l00000b73; - l00000ab8_goto_l00000ae3: - assume {:captureState "l00000ab8_goto_l00000ae3"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l00000ae3; - lmain_goto_l00000aad: - assume {:captureState "lmain_goto_l00000aad"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l00000aad; - l00000b22_goto_l00000b49: - assume {:captureState "l00000b22_goto_l00000b49"} true; - assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); - goto l00000b49; - l00000b49: - assume {:captureState "l00000b49"} true; - goto l00000b4a; - l00000b5e: - assume {:captureState "l00000b5e"} true; - goto l00000b5f; - l00000b5f: - assume {:captureState "l00000b5f"} true; - R8, Gamma_R8 := 5bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 4bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 4bv64), Gamma_R8); - assume {:captureState "%00000b6d"} true; - goto l00000b30; + l00000aad: + assume {:captureState "l00000aad"} true; + R8, Gamma_R8 := 1bv64, true; + goto l00000ab0; + l00000aaa: + assume {:captureState "l00000aaa"} true; + R8, Gamma_R8 := 0bv64, true; + goto l00000ab0; l00000ab0: assume {:captureState "l00000ab0"} true; assert Gamma_R8; goto l00000ab0_goto_l00000b73, l00000ab0_goto_l00000ab8; - l00000ae9_goto_l00000b5e: - assume {:captureState "l00000ae9_goto_l00000b5e"} true; - assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); - goto l00000b5e; - l00000af1: - assume {:captureState "l00000af1"} true; - R8, Gamma_R8 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); - #6, Gamma_#6 := bvadd32(R8[32:0], 4294967293bv32), Gamma_R8; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#6, 1bv32)), bvadd33(sign_extend1_32(R8[32:0]), 8589934590bv33))), (Gamma_R8 && Gamma_#6); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#6, 1bv32)), bvadd33(zero_extend1_32(R8[32:0]), 4294967294bv33))), (Gamma_R8 && Gamma_#6); - ZF, Gamma_ZF := bvcomp32(bvadd32(#6, 1bv32), 0bv32), Gamma_#6; - NF, Gamma_NF := bvadd32(#6, 1bv32)[32:31], Gamma_#6; - R8, Gamma_R8 := zero_extend32_32(bvadd32(#6, 1bv32)), Gamma_#6; - assert Gamma_ZF; - goto l00000af1_goto_l00000b1c, l00000af1_goto_l00000b1f; l00000ab8: assume {:captureState "l00000ab8"} true; R8, Gamma_R8 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); @@ -197,6 +154,29 @@ implementation main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#5, 1bv32)), Gamma_#5; assert Gamma_ZF; goto l00000ab8_goto_l00000ae6, l00000ab8_goto_l00000ae3; + l00000ae6: + assume {:captureState "l00000ae6"} true; + R8, Gamma_R8 := 1bv64, true; + goto l00000ae9; + l00000ae3: + assume {:captureState "l00000ae3"} true; + R8, Gamma_R8 := 0bv64, true; + goto l00000ae9; + l00000ae9: + assume {:captureState "l00000ae9"} true; + assert Gamma_R8; + goto l00000ae9_goto_l00000af1, l00000ae9_goto_l00000b5e; + l00000af1: + assume {:captureState "l00000af1"} true; + R8, Gamma_R8 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); + #6, Gamma_#6 := bvadd32(R8[32:0], 4294967293bv32), Gamma_R8; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#6, 1bv32)), bvadd33(sign_extend1_32(R8[32:0]), 8589934590bv33))), (Gamma_R8 && Gamma_#6); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#6, 1bv32)), bvadd33(zero_extend1_32(R8[32:0]), 4294967294bv33))), (Gamma_R8 && Gamma_#6); + ZF, Gamma_ZF := bvcomp32(bvadd32(#6, 1bv32), 0bv32), Gamma_#6; + NF, Gamma_NF := bvadd32(#6, 1bv32)[32:31], Gamma_#6; + R8, Gamma_R8 := zero_extend32_32(bvadd32(#6, 1bv32)), Gamma_#6; + assert Gamma_ZF; + goto l00000af1_goto_l00000b1c, l00000af1_goto_l00000b1f; l00000b1f: assume {:captureState "l00000b1f"} true; R8, Gamma_R8 := 1bv64, true; @@ -205,19 +185,34 @@ implementation main() assume {:captureState "l00000b1c"} true; R8, Gamma_R8 := 0bv64, true; goto l00000b22; - l00000b34: - assume {:captureState "l00000b34"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); - R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; - goto main_return; - l00000ab0_goto_l00000ab8: - assume {:captureState "l00000ab0_goto_l00000ab8"} true; - assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); - goto l00000ab8; - l00000aaa: - assume {:captureState "l00000aaa"} true; - R8, Gamma_R8 := 0bv64, true; - goto l00000ab0; + l00000b22: + assume {:captureState "l00000b22"} true; + assert Gamma_R8; + goto l00000b22_goto_l00000b49, l00000b22_goto_l00000b2a; + l00000b49: + assume {:captureState "l00000b49"} true; + goto l00000b4a; + l00000b4a: + assume {:captureState "l00000b4a"} true; + R8, Gamma_R8 := 7bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 4bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 4bv64), Gamma_R8); + assume {:captureState "%00000b58"} true; + goto l00000b2a; + l00000b2a: + assume {:captureState "l00000b2a"} true; + goto l00000b30; + l00000b5e: + assume {:captureState "l00000b5e"} true; + goto l00000b5f; + l00000b5f: + assume {:captureState "l00000b5f"} true; + R8, Gamma_R8 := 5bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 4bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 4bv64), Gamma_R8); + assume {:captureState "%00000b6d"} true; + goto l00000b30; + l00000b30: + assume {:captureState "l00000b30"} true; + goto l00000b34; l00000b73: assume {:captureState "l00000b73"} true; goto l00000b74; @@ -227,54 +222,59 @@ implementation main() stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 4bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 4bv64), Gamma_R8); assume {:captureState "%00000b82"} true; goto l00000b34; - l00000b30: - assume {:captureState "l00000b30"} true; - goto l00000b34; + l00000b34: + assume {:captureState "l00000b34"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); + R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + lmain_goto_l00000aaa: + assume {:captureState "lmain_goto_l00000aaa"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l00000aaa; + lmain_goto_l00000aad: + assume {:captureState "lmain_goto_l00000aad"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l00000aad; + l00000ab0_goto_l00000ab8: + assume {:captureState "l00000ab0_goto_l00000ab8"} true; + assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); + goto l00000ab8; + l00000ab0_goto_l00000b73: + assume {:captureState "l00000ab0_goto_l00000b73"} true; + assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); + goto l00000b73; + l00000ab8_goto_l00000ae3: + assume {:captureState "l00000ab8_goto_l00000ae3"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l00000ae3; + l00000ab8_goto_l00000ae6: + assume {:captureState "l00000ab8_goto_l00000ae6"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l00000ae6; + l00000ae9_goto_l00000af1: + assume {:captureState "l00000ae9_goto_l00000af1"} true; + assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); + goto l00000af1; + l00000ae9_goto_l00000b5e: + assume {:captureState "l00000ae9_goto_l00000b5e"} true; + assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); + goto l00000b5e; l00000af1_goto_l00000b1c: assume {:captureState "l00000af1_goto_l00000b1c"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); goto l00000b1c; - l00000aad: - assume {:captureState "l00000aad"} true; - R8, Gamma_R8 := 1bv64, true; - goto l00000ab0; l00000af1_goto_l00000b1f: assume {:captureState "l00000af1_goto_l00000b1f"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); goto l00000b1f; - l00000ae6: - assume {:captureState "l00000ae6"} true; - R8, Gamma_R8 := 1bv64, true; - goto l00000ae9; - l00000b2a: - assume {:captureState "l00000b2a"} true; - goto l00000b30; - l00000ae3: - assume {:captureState "l00000ae3"} true; - R8, Gamma_R8 := 0bv64, true; - goto l00000ae9; - l00000b4a: - assume {:captureState "l00000b4a"} true; - R8, Gamma_R8 := 7bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 4bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 4bv64), Gamma_R8); - assume {:captureState "%00000b58"} true; - goto l00000b2a; - l00000ae9_goto_l00000af1: - assume {:captureState "l00000ae9_goto_l00000af1"} true; - assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); - goto l00000af1; - l00000ae9: - assume {:captureState "l00000ae9"} true; - assert Gamma_R8; - goto l00000ae9_goto_l00000af1, l00000ae9_goto_l00000b5e; - l00000b22: - assume {:captureState "l00000b22"} true; - assert Gamma_R8; - goto l00000b22_goto_l00000b49, l00000b22_goto_l00000b2a; l00000b22_goto_l00000b2a: assume {:captureState "l00000b22_goto_l00000b2a"} true; assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); goto l00000b2a; + l00000b22_goto_l00000b49: + assume {:captureState "l00000b22_goto_l00000b49"} true; + assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); + goto l00000b49; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/nestedif/gcc/nestedif.expected b/src/test/correct/nestedif/gcc/nestedif.expected index f9060e743..27090aae3 100644 --- a/src/test/correct/nestedif/gcc/nestedif.expected +++ b/src/test/correct/nestedif/gcc/nestedif.expected @@ -126,45 +126,6 @@ implementation main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; goto lmain_goto_l00000345, lmain_goto_l000003c4; - l000003a6: - assume {:captureState "l000003a6"} true; - R0, Gamma_R0 := 7bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R0); - assume {:captureState "%000003b1"} true; - goto l00000391; - l00000345_goto_l0000036b: - assume {:captureState "l00000345_goto_l0000036b"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); - goto l0000036b; - l00000391: - assume {:captureState "l00000391"} true; - R0, Gamma_R0 := 0bv64, true; - R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; - goto main_return; - l000003c4: - assume {:captureState "l000003c4"} true; - R0, Gamma_R0 := 3bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R0); - assume {:captureState "%000003cf"} true; - goto l00000391; - l000003b3: - assume {:captureState "l000003b3"} true; - R0, Gamma_R0 := 5bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R0); - assume {:captureState "%000003be"} true; - goto l00000391; - lmain_goto_l000003c4: - assume {:captureState "lmain_goto_l000003c4"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); - goto l000003c4; - l0000036b_goto_l000003a6: - assume {:captureState "l0000036b_goto_l000003a6"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); - goto l000003a6; - l0000036b_goto_l00000391: - assume {:captureState "l0000036b_goto_l00000391"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); - goto l00000391; l00000345: assume {:captureState "l00000345"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); @@ -175,10 +136,6 @@ implementation main() NF, Gamma_NF := bvadd32(#5, 1bv32)[32:31], Gamma_#5; assert Gamma_ZF; goto l00000345_goto_l0000036b, l00000345_goto_l000003b3; - lmain_goto_l00000345: - assume {:captureState "lmain_goto_l00000345"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); - goto l00000345; l0000036b: assume {:captureState "l0000036b"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); @@ -189,10 +146,53 @@ implementation main() NF, Gamma_NF := bvadd32(#6, 1bv32)[32:31], Gamma_#6; assert Gamma_ZF; goto l0000036b_goto_l000003a6, l0000036b_goto_l00000391; + l000003a6: + assume {:captureState "l000003a6"} true; + R0, Gamma_R0 := 7bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R0); + assume {:captureState "%000003b1"} true; + goto l00000391; + l000003b3: + assume {:captureState "l000003b3"} true; + R0, Gamma_R0 := 5bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R0); + assume {:captureState "%000003be"} true; + goto l00000391; + l000003c4: + assume {:captureState "l000003c4"} true; + R0, Gamma_R0 := 3bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R0); + assume {:captureState "%000003cf"} true; + goto l00000391; + l00000391: + assume {:captureState "l00000391"} true; + R0, Gamma_R0 := 0bv64, true; + R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + lmain_goto_l00000345: + assume {:captureState "lmain_goto_l00000345"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); + goto l00000345; + lmain_goto_l000003c4: + assume {:captureState "lmain_goto_l000003c4"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); + goto l000003c4; + l00000345_goto_l0000036b: + assume {:captureState "l00000345_goto_l0000036b"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); + goto l0000036b; l00000345_goto_l000003b3: assume {:captureState "l00000345_goto_l000003b3"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); goto l000003b3; + l0000036b_goto_l00000391: + assume {:captureState "l0000036b_goto_l00000391"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); + goto l00000391; + l0000036b_goto_l000003a6: + assume {:captureState "l0000036b_goto_l000003a6"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); + goto l000003a6; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/nestedif/gcc_no_plt_no_pic/nestedif.expected b/src/test/correct/nestedif/gcc_no_plt_no_pic/nestedif.expected index 690937710..930878b90 100644 --- a/src/test/correct/nestedif/gcc_no_plt_no_pic/nestedif.expected +++ b/src/test/correct/nestedif/gcc_no_plt_no_pic/nestedif.expected @@ -126,28 +126,6 @@ implementation main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; goto lmain_goto_l000009e1, lmain_goto_l00000a60; - l00000a07: - assume {:captureState "l00000a07"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); - #6, Gamma_#6 := bvadd32(R0[32:0], 4294967293bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#6, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934590bv33))), (Gamma_R0 && Gamma_#6); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#6, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967294bv33))), (Gamma_R0 && Gamma_#6); - ZF, Gamma_ZF := bvcomp32(bvadd32(#6, 1bv32), 0bv32), Gamma_#6; - NF, Gamma_NF := bvadd32(#6, 1bv32)[32:31], Gamma_#6; - assert Gamma_ZF; - goto l00000a07_goto_l00000a2d, l00000a07_goto_l00000a42; - l000009e1_goto_l00000a4f: - assume {:captureState "l000009e1_goto_l00000a4f"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); - goto l00000a4f; - lmain_goto_l000009e1: - assume {:captureState "lmain_goto_l000009e1"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); - goto l000009e1; - l00000a07_goto_l00000a42: - assume {:captureState "l00000a07_goto_l00000a42"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); - goto l00000a42; l000009e1: assume {:captureState "l000009e1"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); @@ -158,41 +136,63 @@ implementation main() NF, Gamma_NF := bvadd32(#5, 1bv32)[32:31], Gamma_#5; assert Gamma_ZF; goto l000009e1_goto_l00000a07, l000009e1_goto_l00000a4f; - l00000a2d: - assume {:captureState "l00000a2d"} true; - R0, Gamma_R0 := 0bv64, true; - R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; - goto main_return; + l00000a07: + assume {:captureState "l00000a07"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); + #6, Gamma_#6 := bvadd32(R0[32:0], 4294967293bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#6, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934590bv33))), (Gamma_R0 && Gamma_#6); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#6, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967294bv33))), (Gamma_R0 && Gamma_#6); + ZF, Gamma_ZF := bvcomp32(bvadd32(#6, 1bv32), 0bv32), Gamma_#6; + NF, Gamma_NF := bvadd32(#6, 1bv32)[32:31], Gamma_#6; + assert Gamma_ZF; + goto l00000a07_goto_l00000a2d, l00000a07_goto_l00000a42; + l00000a42: + assume {:captureState "l00000a42"} true; + R0, Gamma_R0 := 7bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R0); + assume {:captureState "%00000a4d"} true; + goto l00000a2d; l00000a4f: assume {:captureState "l00000a4f"} true; R0, Gamma_R0 := 5bv64, true; stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R0); assume {:captureState "%00000a5a"} true; goto l00000a2d; - lmain_goto_l00000a60: - assume {:captureState "lmain_goto_l00000a60"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); - goto l00000a60; l00000a60: assume {:captureState "l00000a60"} true; R0, Gamma_R0 := 3bv64, true; stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R0); assume {:captureState "%00000a6b"} true; goto l00000a2d; - l00000a07_goto_l00000a2d: - assume {:captureState "l00000a07_goto_l00000a2d"} true; + l00000a2d: + assume {:captureState "l00000a2d"} true; + R0, Gamma_R0 := 0bv64, true; + R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + lmain_goto_l000009e1: + assume {:captureState "lmain_goto_l000009e1"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); - goto l00000a2d; + goto l000009e1; + lmain_goto_l00000a60: + assume {:captureState "lmain_goto_l00000a60"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); + goto l00000a60; l000009e1_goto_l00000a07: assume {:captureState "l000009e1_goto_l00000a07"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); goto l00000a07; - l00000a42: - assume {:captureState "l00000a42"} true; - R0, Gamma_R0 := 7bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R0); - assume {:captureState "%00000a4d"} true; + l000009e1_goto_l00000a4f: + assume {:captureState "l000009e1_goto_l00000a4f"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); + goto l00000a4f; + l00000a07_goto_l00000a2d: + assume {:captureState "l00000a07_goto_l00000a2d"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); goto l00000a2d; + l00000a07_goto_l00000a42: + assume {:captureState "l00000a07_goto_l00000a42"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); + goto l00000a42; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/nestedif/gcc_pic/nestedif.expected b/src/test/correct/nestedif/gcc_pic/nestedif.expected index 690937710..930878b90 100644 --- a/src/test/correct/nestedif/gcc_pic/nestedif.expected +++ b/src/test/correct/nestedif/gcc_pic/nestedif.expected @@ -126,28 +126,6 @@ implementation main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; goto lmain_goto_l000009e1, lmain_goto_l00000a60; - l00000a07: - assume {:captureState "l00000a07"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); - #6, Gamma_#6 := bvadd32(R0[32:0], 4294967293bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#6, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934590bv33))), (Gamma_R0 && Gamma_#6); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#6, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967294bv33))), (Gamma_R0 && Gamma_#6); - ZF, Gamma_ZF := bvcomp32(bvadd32(#6, 1bv32), 0bv32), Gamma_#6; - NF, Gamma_NF := bvadd32(#6, 1bv32)[32:31], Gamma_#6; - assert Gamma_ZF; - goto l00000a07_goto_l00000a2d, l00000a07_goto_l00000a42; - l000009e1_goto_l00000a4f: - assume {:captureState "l000009e1_goto_l00000a4f"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); - goto l00000a4f; - lmain_goto_l000009e1: - assume {:captureState "lmain_goto_l000009e1"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); - goto l000009e1; - l00000a07_goto_l00000a42: - assume {:captureState "l00000a07_goto_l00000a42"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); - goto l00000a42; l000009e1: assume {:captureState "l000009e1"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); @@ -158,41 +136,63 @@ implementation main() NF, Gamma_NF := bvadd32(#5, 1bv32)[32:31], Gamma_#5; assert Gamma_ZF; goto l000009e1_goto_l00000a07, l000009e1_goto_l00000a4f; - l00000a2d: - assume {:captureState "l00000a2d"} true; - R0, Gamma_R0 := 0bv64, true; - R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; - goto main_return; + l00000a07: + assume {:captureState "l00000a07"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); + #6, Gamma_#6 := bvadd32(R0[32:0], 4294967293bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#6, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934590bv33))), (Gamma_R0 && Gamma_#6); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#6, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967294bv33))), (Gamma_R0 && Gamma_#6); + ZF, Gamma_ZF := bvcomp32(bvadd32(#6, 1bv32), 0bv32), Gamma_#6; + NF, Gamma_NF := bvadd32(#6, 1bv32)[32:31], Gamma_#6; + assert Gamma_ZF; + goto l00000a07_goto_l00000a2d, l00000a07_goto_l00000a42; + l00000a42: + assume {:captureState "l00000a42"} true; + R0, Gamma_R0 := 7bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R0); + assume {:captureState "%00000a4d"} true; + goto l00000a2d; l00000a4f: assume {:captureState "l00000a4f"} true; R0, Gamma_R0 := 5bv64, true; stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R0); assume {:captureState "%00000a5a"} true; goto l00000a2d; - lmain_goto_l00000a60: - assume {:captureState "lmain_goto_l00000a60"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); - goto l00000a60; l00000a60: assume {:captureState "l00000a60"} true; R0, Gamma_R0 := 3bv64, true; stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R0); assume {:captureState "%00000a6b"} true; goto l00000a2d; - l00000a07_goto_l00000a2d: - assume {:captureState "l00000a07_goto_l00000a2d"} true; + l00000a2d: + assume {:captureState "l00000a2d"} true; + R0, Gamma_R0 := 0bv64, true; + R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + lmain_goto_l000009e1: + assume {:captureState "lmain_goto_l000009e1"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); - goto l00000a2d; + goto l000009e1; + lmain_goto_l00000a60: + assume {:captureState "lmain_goto_l00000a60"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); + goto l00000a60; l000009e1_goto_l00000a07: assume {:captureState "l000009e1_goto_l00000a07"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); goto l00000a07; - l00000a42: - assume {:captureState "l00000a42"} true; - R0, Gamma_R0 := 7bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R0); - assume {:captureState "%00000a4d"} true; + l000009e1_goto_l00000a4f: + assume {:captureState "l000009e1_goto_l00000a4f"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); + goto l00000a4f; + l00000a07_goto_l00000a2d: + assume {:captureState "l00000a07_goto_l00000a2d"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); goto l00000a2d; + l00000a07_goto_l00000a42: + assume {:captureState "l00000a07_goto_l00000a42"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); + goto l00000a42; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/simple_jump/clang/simple_jump.expected b/src/test/correct/simple_jump/clang/simple_jump.expected index 86ac944fb..3220b9d4b 100644 --- a/src/test/correct/simple_jump/clang/simple_jump.expected +++ b/src/test/correct/simple_jump/clang/simple_jump.expected @@ -129,40 +129,40 @@ implementation main() assume {:captureState "l00000329"} true; R8, Gamma_R8 := 1bv64, true; goto l0000032c; - l0000032c: - assume {:captureState "l0000032c"} true; - assert Gamma_R8; - goto l0000032c_goto_l00000334, l0000032c_goto_l0000034b; - l00000334: - assume {:captureState "l00000334"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); - R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; - goto main_return; l00000326: assume {:captureState "l00000326"} true; R8, Gamma_R8 := 0bv64, true; goto l0000032c; + l0000032c: + assume {:captureState "l0000032c"} true; + assert Gamma_R8; + goto l0000032c_goto_l00000334, l0000032c_goto_l0000034b; l0000034b: assume {:captureState "l0000034b"} true; goto l0000034c; - lmain_goto_l00000326: - assume {:captureState "lmain_goto_l00000326"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l00000326; l0000034c: assume {:captureState "l0000034c"} true; R8, Gamma_R8 := 6bv64, true; stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 8bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 8bv64), Gamma_R8); assume {:captureState "%0000035a"} true; goto l00000334; - l0000032c_goto_l00000334: - assume {:captureState "l0000032c_goto_l00000334"} true; - assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); - goto l00000334; + l00000334: + assume {:captureState "l00000334"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); + R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + lmain_goto_l00000326: + assume {:captureState "lmain_goto_l00000326"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l00000326; lmain_goto_l00000329: assume {:captureState "lmain_goto_l00000329"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); goto l00000329; + l0000032c_goto_l00000334: + assume {:captureState "l0000032c_goto_l00000334"} true; + assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); + goto l00000334; l0000032c_goto_l0000034b: assume {:captureState "l0000032c_goto_l0000034b"} true; assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); diff --git a/src/test/correct/simple_jump/clang_no_plt_no_pic/simple_jump.expected b/src/test/correct/simple_jump/clang_no_plt_no_pic/simple_jump.expected index 381ccd475..fd482b3c1 100644 --- a/src/test/correct/simple_jump/clang_no_plt_no_pic/simple_jump.expected +++ b/src/test/correct/simple_jump/clang_no_plt_no_pic/simple_jump.expected @@ -125,23 +125,18 @@ implementation main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; goto lmain_goto_l00000938, lmain_goto_l0000093b; - l0000093e: - assume {:captureState "l0000093e"} true; - assert Gamma_R8; - goto l0000093e_goto_l00000946, l0000093e_goto_l0000095d; - l00000946: - assume {:captureState "l00000946"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); - R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; - goto main_return; - lmain_goto_l00000938: - assume {:captureState "lmain_goto_l00000938"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l00000938; l0000093b: assume {:captureState "l0000093b"} true; R8, Gamma_R8 := 1bv64, true; goto l0000093e; + l00000938: + assume {:captureState "l00000938"} true; + R8, Gamma_R8 := 0bv64, true; + goto l0000093e; + l0000093e: + assume {:captureState "l0000093e"} true; + assert Gamma_R8; + goto l0000093e_goto_l00000946, l0000093e_goto_l0000095d; l0000095d: assume {:captureState "l0000095d"} true; goto l0000095e; @@ -151,6 +146,19 @@ implementation main() stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 8bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 8bv64), Gamma_R8); assume {:captureState "%0000096c"} true; goto l00000946; + l00000946: + assume {:captureState "l00000946"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); + R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + lmain_goto_l00000938: + assume {:captureState "lmain_goto_l00000938"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l00000938; + lmain_goto_l0000093b: + assume {:captureState "lmain_goto_l0000093b"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l0000093b; l0000093e_goto_l00000946: assume {:captureState "l0000093e_goto_l00000946"} true; assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); @@ -159,14 +167,6 @@ implementation main() assume {:captureState "l0000093e_goto_l0000095d"} true; assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); goto l0000095d; - lmain_goto_l0000093b: - assume {:captureState "lmain_goto_l0000093b"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l0000093b; - l00000938: - assume {:captureState "l00000938"} true; - R8, Gamma_R8 := 0bv64, true; - goto l0000093e; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/simple_jump/clang_pic/simple_jump.expected b/src/test/correct/simple_jump/clang_pic/simple_jump.expected index 381ccd475..fd482b3c1 100644 --- a/src/test/correct/simple_jump/clang_pic/simple_jump.expected +++ b/src/test/correct/simple_jump/clang_pic/simple_jump.expected @@ -125,23 +125,18 @@ implementation main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; goto lmain_goto_l00000938, lmain_goto_l0000093b; - l0000093e: - assume {:captureState "l0000093e"} true; - assert Gamma_R8; - goto l0000093e_goto_l00000946, l0000093e_goto_l0000095d; - l00000946: - assume {:captureState "l00000946"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); - R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; - goto main_return; - lmain_goto_l00000938: - assume {:captureState "lmain_goto_l00000938"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l00000938; l0000093b: assume {:captureState "l0000093b"} true; R8, Gamma_R8 := 1bv64, true; goto l0000093e; + l00000938: + assume {:captureState "l00000938"} true; + R8, Gamma_R8 := 0bv64, true; + goto l0000093e; + l0000093e: + assume {:captureState "l0000093e"} true; + assert Gamma_R8; + goto l0000093e_goto_l00000946, l0000093e_goto_l0000095d; l0000095d: assume {:captureState "l0000095d"} true; goto l0000095e; @@ -151,6 +146,19 @@ implementation main() stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 8bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 8bv64), Gamma_R8); assume {:captureState "%0000096c"} true; goto l00000946; + l00000946: + assume {:captureState "l00000946"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); + R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + lmain_goto_l00000938: + assume {:captureState "lmain_goto_l00000938"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l00000938; + lmain_goto_l0000093b: + assume {:captureState "lmain_goto_l0000093b"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l0000093b; l0000093e_goto_l00000946: assume {:captureState "l0000093e_goto_l00000946"} true; assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); @@ -159,14 +167,6 @@ implementation main() assume {:captureState "l0000093e_goto_l0000095d"} true; assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); goto l0000095d; - lmain_goto_l0000093b: - assume {:captureState "lmain_goto_l0000093b"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l0000093b; - l00000938: - assume {:captureState "l00000938"} true; - R8, Gamma_R8 := 0bv64, true; - goto l0000093e; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/switch/clang/switch.expected b/src/test/correct/switch/clang/switch.expected index 465340375..ad2745ee3 100644 --- a/src/test/correct/switch/clang/switch.expected +++ b/src/test/correct/switch/clang/switch.expected @@ -127,82 +127,21 @@ implementation main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; goto lmain_goto_l0000035a, lmain_goto_l0000035d; - lmain_goto_l0000035a: - assume {:captureState "lmain_goto_l0000035a"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); - goto l0000035a; - l000003c4: - assume {:captureState "l000003c4"} true; - R8, Gamma_R8 := 0bv64, true; - goto l000003ca; - lmain_goto_l0000035d: - assume {:captureState "lmain_goto_l0000035d"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); - goto l0000035d; - l000003d8: - assume {:captureState "l000003d8"} true; - R8, Gamma_R8 := 3bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 8bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 8bv64), Gamma_R8); - assume {:captureState "%000003e6"} true; - goto l00000368; - l000003c7: - assume {:captureState "l000003c7"} true; + l0000035d: + assume {:captureState "l0000035d"} true; R8, Gamma_R8 := 1bv64, true; - goto l000003ca; - l000003d7: - assume {:captureState "l000003d7"} true; - goto l000003d8; - l000003ca_goto_l00000389: - assume {:captureState "l000003ca_goto_l00000389"} true; - assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); - goto l00000389; - l000003ca: - assume {:captureState "l000003ca"} true; - assert Gamma_R8; - goto l000003ca_goto_l00000389, l000003ca_goto_l000003d7; - l0000039b_goto_l000003c4: - assume {:captureState "l0000039b_goto_l000003c4"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l000003c4; + goto l00000360; + l0000035a: + assume {:captureState "l0000035a"} true; + R8, Gamma_R8 := 0bv64, true; + goto l00000360; l00000360: assume {:captureState "l00000360"} true; assert Gamma_R8; goto l00000360_goto_l00000368, l00000360_goto_l0000039a; - l00000360_goto_l00000368: - assume {:captureState "l00000360_goto_l00000368"} true; - assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); - goto l00000368; - l0000039b_goto_l000003c7: - assume {:captureState "l0000039b_goto_l000003c7"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l000003c7; l0000039a: assume {:captureState "l0000039a"} true; goto l0000039b; - l00000368: - assume {:captureState "l00000368"} true; - R8, Gamma_R8 := 1bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 8bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 8bv64), Gamma_R8); - assume {:captureState "%00000378"} true; - goto l0000037b; - l00000389: - assume {:captureState "l00000389"} true; - R8, Gamma_R8 := 5bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 8bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 8bv64), Gamma_R8); - assume {:captureState "%00000394"} true; - goto l0000037b; - l000003ca_goto_l000003d7: - assume {:captureState "l000003ca_goto_l000003d7"} true; - assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); - goto l000003d7; - l00000360_goto_l0000039a: - assume {:captureState "l00000360_goto_l0000039a"} true; - assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); - goto l0000039a; - l0000035d: - assume {:captureState "l0000035d"} true; - R8, Gamma_R8 := 1bv64, true; - goto l00000360; l0000039b: assume {:captureState "l0000039b"} true; R8, Gamma_R8 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 4bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 4bv64)); @@ -214,14 +153,75 @@ implementation main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#5, 1bv32)), Gamma_#5; assert Gamma_ZF; goto l0000039b_goto_l000003c4, l0000039b_goto_l000003c7; - l0000035a: - assume {:captureState "l0000035a"} true; + l000003c7: + assume {:captureState "l000003c7"} true; + R8, Gamma_R8 := 1bv64, true; + goto l000003ca; + l000003c4: + assume {:captureState "l000003c4"} true; R8, Gamma_R8 := 0bv64, true; - goto l00000360; + goto l000003ca; + l000003ca: + assume {:captureState "l000003ca"} true; + assert Gamma_R8; + goto l000003ca_goto_l00000389, l000003ca_goto_l000003d7; + l00000389: + assume {:captureState "l00000389"} true; + R8, Gamma_R8 := 5bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 8bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 8bv64), Gamma_R8); + assume {:captureState "%00000394"} true; + goto l0000037b; + l000003d7: + assume {:captureState "l000003d7"} true; + goto l000003d8; + l000003d8: + assume {:captureState "l000003d8"} true; + R8, Gamma_R8 := 3bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 8bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 8bv64), Gamma_R8); + assume {:captureState "%000003e6"} true; + goto l00000368; + l00000368: + assume {:captureState "l00000368"} true; + R8, Gamma_R8 := 1bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 8bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 8bv64), Gamma_R8); + assume {:captureState "%00000378"} true; + goto l0000037b; l0000037b: assume {:captureState "l0000037b"} true; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto main_return; + lmain_goto_l0000035a: + assume {:captureState "lmain_goto_l0000035a"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); + goto l0000035a; + lmain_goto_l0000035d: + assume {:captureState "lmain_goto_l0000035d"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); + goto l0000035d; + l00000360_goto_l00000368: + assume {:captureState "l00000360_goto_l00000368"} true; + assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); + goto l00000368; + l00000360_goto_l0000039a: + assume {:captureState "l00000360_goto_l0000039a"} true; + assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); + goto l0000039a; + l0000039b_goto_l000003c4: + assume {:captureState "l0000039b_goto_l000003c4"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l000003c4; + l0000039b_goto_l000003c7: + assume {:captureState "l0000039b_goto_l000003c7"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l000003c7; + l000003ca_goto_l00000389: + assume {:captureState "l000003ca_goto_l00000389"} true; + assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); + goto l00000389; + l000003ca_goto_l000003d7: + assume {:captureState "l000003ca_goto_l000003d7"} true; + assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); + goto l000003d7; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/switch/clang_no_plt_no_pic/switch.expected b/src/test/correct/switch/clang_no_plt_no_pic/switch.expected index e2939f777..6a652efbf 100644 --- a/src/test/correct/switch/clang_no_plt_no_pic/switch.expected +++ b/src/test/correct/switch/clang_no_plt_no_pic/switch.expected @@ -127,39 +127,50 @@ implementation main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; goto lmain_goto_l00000a0f, lmain_goto_l00000a12; - l00000a50_goto_l00000a7c: - assume {:captureState "l00000a50_goto_l00000a7c"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l00000a7c; - lmain_goto_l00000a12: - assume {:captureState "lmain_goto_l00000a12"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); - goto l00000a12; + l00000a12: + assume {:captureState "l00000a12"} true; + R8, Gamma_R8 := 1bv64, true; + goto l00000a15; + l00000a0f: + assume {:captureState "l00000a0f"} true; + R8, Gamma_R8 := 0bv64, true; + goto l00000a15; l00000a15: assume {:captureState "l00000a15"} true; assert Gamma_R8; goto l00000a15_goto_l00000a1d, l00000a15_goto_l00000a4f; - l00000a3e: - assume {:captureState "l00000a3e"} true; - R8, Gamma_R8 := 5bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 8bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 8bv64), Gamma_R8); - assume {:captureState "%00000a49"} true; - goto l00000a30; l00000a4f: assume {:captureState "l00000a4f"} true; goto l00000a50; - l00000a7f_goto_l00000a3e: - assume {:captureState "l00000a7f_goto_l00000a3e"} true; - assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); - goto l00000a3e; + l00000a50: + assume {:captureState "l00000a50"} true; + R8, Gamma_R8 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 4bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 4bv64)); + #5, Gamma_#5 := bvadd32(R8[32:0], 4294967292bv32), Gamma_R8; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#5, 1bv32)), bvadd33(sign_extend1_32(R8[32:0]), 8589934589bv33))), (Gamma_R8 && Gamma_#5); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#5, 1bv32)), bvadd33(zero_extend1_32(R8[32:0]), 4294967293bv33))), (Gamma_R8 && Gamma_#5); + ZF, Gamma_ZF := bvcomp32(bvadd32(#5, 1bv32), 0bv32), Gamma_#5; + NF, Gamma_NF := bvadd32(#5, 1bv32)[32:31], Gamma_#5; + R8, Gamma_R8 := zero_extend32_32(bvadd32(#5, 1bv32)), Gamma_#5; + assert Gamma_ZF; + goto l00000a50_goto_l00000a7c, l00000a50_goto_l00000a79; + l00000a7c: + assume {:captureState "l00000a7c"} true; + R8, Gamma_R8 := 1bv64, true; + goto l00000a7f; + l00000a79: + assume {:captureState "l00000a79"} true; + R8, Gamma_R8 := 0bv64, true; + goto l00000a7f; l00000a7f: assume {:captureState "l00000a7f"} true; assert Gamma_R8; goto l00000a7f_goto_l00000a3e, l00000a7f_goto_l00000a8c; - lmain_goto_l00000a0f: - assume {:captureState "lmain_goto_l00000a0f"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); - goto l00000a0f; + l00000a3e: + assume {:captureState "l00000a3e"} true; + R8, Gamma_R8 := 5bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 8bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 8bv64), Gamma_R8); + assume {:captureState "%00000a49"} true; + goto l00000a30; l00000a8c: assume {:captureState "l00000a8c"} true; goto l00000a8d; @@ -169,59 +180,48 @@ implementation main() stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 8bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 8bv64), Gamma_R8); assume {:captureState "%00000a9b"} true; goto l00000a1d; - l00000a7c: - assume {:captureState "l00000a7c"} true; - R8, Gamma_R8 := 1bv64, true; - goto l00000a7f; - l00000a7f_goto_l00000a8c: - assume {:captureState "l00000a7f_goto_l00000a8c"} true; - assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); - goto l00000a8c; - l00000a15_goto_l00000a1d: - assume {:captureState "l00000a15_goto_l00000a1d"} true; - assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); - goto l00000a1d; - l00000a0f: - assume {:captureState "l00000a0f"} true; - R8, Gamma_R8 := 0bv64, true; - goto l00000a15; l00000a1d: assume {:captureState "l00000a1d"} true; R8, Gamma_R8 := 1bv64, true; stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 8bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 8bv64), Gamma_R8); assume {:captureState "%00000a2d"} true; goto l00000a30; - l00000a15_goto_l00000a4f: - assume {:captureState "l00000a15_goto_l00000a4f"} true; - assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); - goto l00000a4f; - l00000a12: - assume {:captureState "l00000a12"} true; - R8, Gamma_R8 := 1bv64, true; - goto l00000a15; - l00000a79: - assume {:captureState "l00000a79"} true; - R8, Gamma_R8 := 0bv64, true; - goto l00000a7f; l00000a30: assume {:captureState "l00000a30"} true; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto main_return; + lmain_goto_l00000a0f: + assume {:captureState "lmain_goto_l00000a0f"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); + goto l00000a0f; + lmain_goto_l00000a12: + assume {:captureState "lmain_goto_l00000a12"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); + goto l00000a12; + l00000a15_goto_l00000a1d: + assume {:captureState "l00000a15_goto_l00000a1d"} true; + assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); + goto l00000a1d; + l00000a15_goto_l00000a4f: + assume {:captureState "l00000a15_goto_l00000a4f"} true; + assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); + goto l00000a4f; l00000a50_goto_l00000a79: assume {:captureState "l00000a50_goto_l00000a79"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); goto l00000a79; - l00000a50: - assume {:captureState "l00000a50"} true; - R8, Gamma_R8 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 4bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 4bv64)); - #5, Gamma_#5 := bvadd32(R8[32:0], 4294967292bv32), Gamma_R8; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#5, 1bv32)), bvadd33(sign_extend1_32(R8[32:0]), 8589934589bv33))), (Gamma_R8 && Gamma_#5); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#5, 1bv32)), bvadd33(zero_extend1_32(R8[32:0]), 4294967293bv33))), (Gamma_R8 && Gamma_#5); - ZF, Gamma_ZF := bvcomp32(bvadd32(#5, 1bv32), 0bv32), Gamma_#5; - NF, Gamma_NF := bvadd32(#5, 1bv32)[32:31], Gamma_#5; - R8, Gamma_R8 := zero_extend32_32(bvadd32(#5, 1bv32)), Gamma_#5; - assert Gamma_ZF; - goto l00000a50_goto_l00000a7c, l00000a50_goto_l00000a79; + l00000a50_goto_l00000a7c: + assume {:captureState "l00000a50_goto_l00000a7c"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l00000a7c; + l00000a7f_goto_l00000a3e: + assume {:captureState "l00000a7f_goto_l00000a3e"} true; + assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); + goto l00000a3e; + l00000a7f_goto_l00000a8c: + assume {:captureState "l00000a7f_goto_l00000a8c"} true; + assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); + goto l00000a8c; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/switch/clang_pic/switch.expected b/src/test/correct/switch/clang_pic/switch.expected index e2939f777..6a652efbf 100644 --- a/src/test/correct/switch/clang_pic/switch.expected +++ b/src/test/correct/switch/clang_pic/switch.expected @@ -127,39 +127,50 @@ implementation main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; goto lmain_goto_l00000a0f, lmain_goto_l00000a12; - l00000a50_goto_l00000a7c: - assume {:captureState "l00000a50_goto_l00000a7c"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l00000a7c; - lmain_goto_l00000a12: - assume {:captureState "lmain_goto_l00000a12"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); - goto l00000a12; + l00000a12: + assume {:captureState "l00000a12"} true; + R8, Gamma_R8 := 1bv64, true; + goto l00000a15; + l00000a0f: + assume {:captureState "l00000a0f"} true; + R8, Gamma_R8 := 0bv64, true; + goto l00000a15; l00000a15: assume {:captureState "l00000a15"} true; assert Gamma_R8; goto l00000a15_goto_l00000a1d, l00000a15_goto_l00000a4f; - l00000a3e: - assume {:captureState "l00000a3e"} true; - R8, Gamma_R8 := 5bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 8bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 8bv64), Gamma_R8); - assume {:captureState "%00000a49"} true; - goto l00000a30; l00000a4f: assume {:captureState "l00000a4f"} true; goto l00000a50; - l00000a7f_goto_l00000a3e: - assume {:captureState "l00000a7f_goto_l00000a3e"} true; - assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); - goto l00000a3e; + l00000a50: + assume {:captureState "l00000a50"} true; + R8, Gamma_R8 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 4bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 4bv64)); + #5, Gamma_#5 := bvadd32(R8[32:0], 4294967292bv32), Gamma_R8; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#5, 1bv32)), bvadd33(sign_extend1_32(R8[32:0]), 8589934589bv33))), (Gamma_R8 && Gamma_#5); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#5, 1bv32)), bvadd33(zero_extend1_32(R8[32:0]), 4294967293bv33))), (Gamma_R8 && Gamma_#5); + ZF, Gamma_ZF := bvcomp32(bvadd32(#5, 1bv32), 0bv32), Gamma_#5; + NF, Gamma_NF := bvadd32(#5, 1bv32)[32:31], Gamma_#5; + R8, Gamma_R8 := zero_extend32_32(bvadd32(#5, 1bv32)), Gamma_#5; + assert Gamma_ZF; + goto l00000a50_goto_l00000a7c, l00000a50_goto_l00000a79; + l00000a7c: + assume {:captureState "l00000a7c"} true; + R8, Gamma_R8 := 1bv64, true; + goto l00000a7f; + l00000a79: + assume {:captureState "l00000a79"} true; + R8, Gamma_R8 := 0bv64, true; + goto l00000a7f; l00000a7f: assume {:captureState "l00000a7f"} true; assert Gamma_R8; goto l00000a7f_goto_l00000a3e, l00000a7f_goto_l00000a8c; - lmain_goto_l00000a0f: - assume {:captureState "lmain_goto_l00000a0f"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); - goto l00000a0f; + l00000a3e: + assume {:captureState "l00000a3e"} true; + R8, Gamma_R8 := 5bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 8bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 8bv64), Gamma_R8); + assume {:captureState "%00000a49"} true; + goto l00000a30; l00000a8c: assume {:captureState "l00000a8c"} true; goto l00000a8d; @@ -169,59 +180,48 @@ implementation main() stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 8bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 8bv64), Gamma_R8); assume {:captureState "%00000a9b"} true; goto l00000a1d; - l00000a7c: - assume {:captureState "l00000a7c"} true; - R8, Gamma_R8 := 1bv64, true; - goto l00000a7f; - l00000a7f_goto_l00000a8c: - assume {:captureState "l00000a7f_goto_l00000a8c"} true; - assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); - goto l00000a8c; - l00000a15_goto_l00000a1d: - assume {:captureState "l00000a15_goto_l00000a1d"} true; - assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); - goto l00000a1d; - l00000a0f: - assume {:captureState "l00000a0f"} true; - R8, Gamma_R8 := 0bv64, true; - goto l00000a15; l00000a1d: assume {:captureState "l00000a1d"} true; R8, Gamma_R8 := 1bv64, true; stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 8bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 8bv64), Gamma_R8); assume {:captureState "%00000a2d"} true; goto l00000a30; - l00000a15_goto_l00000a4f: - assume {:captureState "l00000a15_goto_l00000a4f"} true; - assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); - goto l00000a4f; - l00000a12: - assume {:captureState "l00000a12"} true; - R8, Gamma_R8 := 1bv64, true; - goto l00000a15; - l00000a79: - assume {:captureState "l00000a79"} true; - R8, Gamma_R8 := 0bv64, true; - goto l00000a7f; l00000a30: assume {:captureState "l00000a30"} true; R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto main_return; + lmain_goto_l00000a0f: + assume {:captureState "lmain_goto_l00000a0f"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); + goto l00000a0f; + lmain_goto_l00000a12: + assume {:captureState "lmain_goto_l00000a12"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); + goto l00000a12; + l00000a15_goto_l00000a1d: + assume {:captureState "l00000a15_goto_l00000a1d"} true; + assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); + goto l00000a1d; + l00000a15_goto_l00000a4f: + assume {:captureState "l00000a15_goto_l00000a4f"} true; + assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); + goto l00000a4f; l00000a50_goto_l00000a79: assume {:captureState "l00000a50_goto_l00000a79"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); goto l00000a79; - l00000a50: - assume {:captureState "l00000a50"} true; - R8, Gamma_R8 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 4bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 4bv64)); - #5, Gamma_#5 := bvadd32(R8[32:0], 4294967292bv32), Gamma_R8; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#5, 1bv32)), bvadd33(sign_extend1_32(R8[32:0]), 8589934589bv33))), (Gamma_R8 && Gamma_#5); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#5, 1bv32)), bvadd33(zero_extend1_32(R8[32:0]), 4294967293bv33))), (Gamma_R8 && Gamma_#5); - ZF, Gamma_ZF := bvcomp32(bvadd32(#5, 1bv32), 0bv32), Gamma_#5; - NF, Gamma_NF := bvadd32(#5, 1bv32)[32:31], Gamma_#5; - R8, Gamma_R8 := zero_extend32_32(bvadd32(#5, 1bv32)), Gamma_#5; - assert Gamma_ZF; - goto l00000a50_goto_l00000a7c, l00000a50_goto_l00000a79; + l00000a50_goto_l00000a7c: + assume {:captureState "l00000a50_goto_l00000a7c"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l00000a7c; + l00000a7f_goto_l00000a3e: + assume {:captureState "l00000a7f_goto_l00000a3e"} true; + assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); + goto l00000a3e; + l00000a7f_goto_l00000a8c: + assume {:captureState "l00000a7f_goto_l00000a8c"} true; + assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); + goto l00000a8c; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/switch/gcc/switch.expected b/src/test/correct/switch/gcc/switch.expected index 714cfd18a..dbcad0f6e 100644 --- a/src/test/correct/switch/gcc/switch.expected +++ b/src/test/correct/switch/gcc/switch.expected @@ -124,54 +124,54 @@ implementation main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; goto lmain_goto_l0000036b, lmain_goto_l00000339; - l00000339: - assume {:captureState "l00000339"} true; - R0, Gamma_R0 := 1bv64, true; + l0000036b: + assume {:captureState "l0000036b"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); + #5, Gamma_#5 := bvadd32(R0[32:0], 4294967292bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#5, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934589bv33))), (Gamma_R0 && Gamma_#5); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#5, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967293bv33))), (Gamma_R0 && Gamma_#5); + ZF, Gamma_ZF := bvcomp32(bvadd32(#5, 1bv32), 0bv32), Gamma_#5; + NF, Gamma_NF := bvadd32(#5, 1bv32)[32:31], Gamma_#5; + assert Gamma_ZF; + goto l0000036b_goto_l0000035c, l0000036b_goto_l00000391; + l0000035c: + assume {:captureState "l0000035c"} true; + R0, Gamma_R0 := 5bv64, true; stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R0); - assume {:captureState "%00000349"} true; + assume {:captureState "%00000367"} true; goto l0000034c; - lmain_goto_l0000036b: - assume {:captureState "lmain_goto_l0000036b"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l0000036b; - l0000036b_goto_l0000035c: - assume {:captureState "l0000036b_goto_l0000035c"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); - goto l0000035c; l00000391: assume {:captureState "l00000391"} true; R0, Gamma_R0 := 3bv64, true; stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R0); assume {:captureState "%0000039c"} true; goto l00000339; - l0000035c: - assume {:captureState "l0000035c"} true; - R0, Gamma_R0 := 5bv64, true; + l00000339: + assume {:captureState "l00000339"} true; + R0, Gamma_R0 := 1bv64, true; stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R0); - assume {:captureState "%00000367"} true; + assume {:captureState "%00000349"} true; goto l0000034c; + l0000034c: + assume {:captureState "l0000034c"} true; + R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; lmain_goto_l00000339: assume {:captureState "lmain_goto_l00000339"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); goto l00000339; + lmain_goto_l0000036b: + assume {:captureState "lmain_goto_l0000036b"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l0000036b; + l0000036b_goto_l0000035c: + assume {:captureState "l0000036b_goto_l0000035c"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); + goto l0000035c; l0000036b_goto_l00000391: assume {:captureState "l0000036b_goto_l00000391"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); goto l00000391; - l0000034c: - assume {:captureState "l0000034c"} true; - R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; - goto main_return; - l0000036b: - assume {:captureState "l0000036b"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); - #5, Gamma_#5 := bvadd32(R0[32:0], 4294967292bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#5, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934589bv33))), (Gamma_R0 && Gamma_#5); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#5, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967293bv33))), (Gamma_R0 && Gamma_#5); - ZF, Gamma_ZF := bvcomp32(bvadd32(#5, 1bv32), 0bv32), Gamma_#5; - NF, Gamma_NF := bvadd32(#5, 1bv32)[32:31], Gamma_#5; - assert Gamma_ZF; - goto l0000036b_goto_l0000035c, l0000036b_goto_l00000391; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/switch/gcc_no_plt_no_pic/switch.expected b/src/test/correct/switch/gcc_no_plt_no_pic/switch.expected index 9eeffe12f..b0e94c9ff 100644 --- a/src/test/correct/switch/gcc_no_plt_no_pic/switch.expected +++ b/src/test/correct/switch/gcc_no_plt_no_pic/switch.expected @@ -124,22 +124,6 @@ implementation main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; goto lmain_goto_l00000998, lmain_goto_l000009ca; - l000009ab: - assume {:captureState "l000009ab"} true; - R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; - goto main_return; - l00000998: - assume {:captureState "l00000998"} true; - R0, Gamma_R0 := 1bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R0); - assume {:captureState "%000009a8"} true; - goto l000009ab; - l000009bb: - assume {:captureState "l000009bb"} true; - R0, Gamma_R0 := 5bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R0); - assume {:captureState "%000009c6"} true; - goto l000009ab; l000009ca: assume {:captureState "l000009ca"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); @@ -150,16 +134,28 @@ implementation main() NF, Gamma_NF := bvadd32(#5, 1bv32)[32:31], Gamma_#5; assert Gamma_ZF; goto l000009ca_goto_l000009bb, l000009ca_goto_l000009f0; - l000009ca_goto_l000009f0: - assume {:captureState "l000009ca_goto_l000009f0"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); - goto l000009f0; + l000009bb: + assume {:captureState "l000009bb"} true; + R0, Gamma_R0 := 5bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R0); + assume {:captureState "%000009c6"} true; + goto l000009ab; l000009f0: assume {:captureState "l000009f0"} true; R0, Gamma_R0 := 3bv64, true; stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R0); assume {:captureState "%000009fb"} true; goto l00000998; + l00000998: + assume {:captureState "l00000998"} true; + R0, Gamma_R0 := 1bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R0); + assume {:captureState "%000009a8"} true; + goto l000009ab; + l000009ab: + assume {:captureState "l000009ab"} true; + R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; lmain_goto_l00000998: assume {:captureState "lmain_goto_l00000998"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); @@ -172,6 +168,10 @@ implementation main() assume {:captureState "l000009ca_goto_l000009bb"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); goto l000009bb; + l000009ca_goto_l000009f0: + assume {:captureState "l000009ca_goto_l000009f0"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); + goto l000009f0; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/switch/gcc_pic/switch.expected b/src/test/correct/switch/gcc_pic/switch.expected index 9eeffe12f..b0e94c9ff 100644 --- a/src/test/correct/switch/gcc_pic/switch.expected +++ b/src/test/correct/switch/gcc_pic/switch.expected @@ -124,22 +124,6 @@ implementation main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; goto lmain_goto_l00000998, lmain_goto_l000009ca; - l000009ab: - assume {:captureState "l000009ab"} true; - R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; - goto main_return; - l00000998: - assume {:captureState "l00000998"} true; - R0, Gamma_R0 := 1bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R0); - assume {:captureState "%000009a8"} true; - goto l000009ab; - l000009bb: - assume {:captureState "l000009bb"} true; - R0, Gamma_R0 := 5bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R0); - assume {:captureState "%000009c6"} true; - goto l000009ab; l000009ca: assume {:captureState "l000009ca"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 8bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 8bv64)); @@ -150,16 +134,28 @@ implementation main() NF, Gamma_NF := bvadd32(#5, 1bv32)[32:31], Gamma_#5; assert Gamma_ZF; goto l000009ca_goto_l000009bb, l000009ca_goto_l000009f0; - l000009ca_goto_l000009f0: - assume {:captureState "l000009ca_goto_l000009f0"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); - goto l000009f0; + l000009bb: + assume {:captureState "l000009bb"} true; + R0, Gamma_R0 := 5bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R0); + assume {:captureState "%000009c6"} true; + goto l000009ab; l000009f0: assume {:captureState "l000009f0"} true; R0, Gamma_R0 := 3bv64, true; stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R0); assume {:captureState "%000009fb"} true; goto l00000998; + l00000998: + assume {:captureState "l00000998"} true; + R0, Gamma_R0 := 1bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R0); + assume {:captureState "%000009a8"} true; + goto l000009ab; + l000009ab: + assume {:captureState "l000009ab"} true; + R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; lmain_goto_l00000998: assume {:captureState "lmain_goto_l00000998"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); @@ -172,6 +168,10 @@ implementation main() assume {:captureState "l000009ca_goto_l000009bb"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); goto l000009bb; + l000009ca_goto_l000009f0: + assume {:captureState "l000009ca_goto_l000009f0"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); + goto l000009f0; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/switch2/gcc/switch2.expected b/src/test/correct/switch2/gcc/switch2.expected index 60093ec67..0b80a0dc2 100644 --- a/src/test/correct/switch2/gcc/switch2.expected +++ b/src/test/correct/switch2/gcc/switch2.expected @@ -165,86 +165,12 @@ implementation main() NF, Gamma_NF := bvadd32(#5, 1bv32)[32:31], Gamma_#5; assert Gamma_ZF; goto lmain_goto_l000003d0, lmain_goto_l00000408; - lmain_goto_l000003d0: - assume {:captureState "lmain_goto_l000003d0"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l000003d0; - l000004e2_goto_l0000050a: - assume {:captureState "l000004e2_goto_l0000050a"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); - goto l0000050a; - l00000467_goto_l0000048f: - assume {:captureState "l00000467_goto_l0000048f"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); - goto l0000048f; - l0000050a: - assume {:captureState "l0000050a"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #11, Gamma_#11 := bvadd32(R0[32:0], 4294967294bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#11, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934591bv33))), (Gamma_R0 && Gamma_#11); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#11, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967295bv33))), (Gamma_R0 && Gamma_#11); - ZF, Gamma_ZF := bvcomp32(bvadd32(#11, 1bv32), 0bv32), Gamma_#11; - NF, Gamma_NF := bvadd32(#11, 1bv32)[32:31], Gamma_#11; - assert Gamma_ZF; - goto l0000050a_goto_l000004c4, l0000050a_goto_l00000530; - l000004c4: - assume {:captureState "l000004c4"} true; - R0, Gamma_R0 := 1bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 44bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 44bv64), Gamma_R0); - assume {:captureState "%000004cf"} true; - goto l000003f1; - l00000408_goto_l000003e2: - assume {:captureState "l00000408_goto_l000003e2"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); - goto l000003e2; - l000004e2_goto_l000003e2: - assume {:captureState "l000004e2_goto_l000003e2"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); - goto l000003e2; - lmain_goto_l00000408: - assume {:captureState "lmain_goto_l00000408"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l00000408; - l0000048f_goto_l000004b0: - assume {:captureState "l0000048f_goto_l000004b0"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l000004b0; - l00000467: - assume {:captureState "l00000467"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #8, Gamma_#8 := bvadd32(R0[32:0], 4294967291bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#8, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934588bv33))), (Gamma_R0 && Gamma_#8); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#8, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967292bv33))), (Gamma_R0 && Gamma_#8); - ZF, Gamma_ZF := bvcomp32(bvadd32(#8, 1bv32), 0bv32), Gamma_#8; - NF, Gamma_NF := bvadd32(#8, 1bv32)[32:31], Gamma_#8; - assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l00000467_goto_l000003e2, l00000467_goto_l0000048f; - l000004bc: - assume {:captureState "l000004bc"} true; + l000003d0: + assume {:captureState "l000003d0"} true; + R0, Gamma_R0 := 4bv64, true; stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 44bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 44bv64), Gamma_R0); - assume {:captureState "%000004c2"} true; - goto l000004c4; - l0000050a_goto_l000004c4: - assume {:captureState "l0000050a_goto_l000004c4"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l000004c4; - l000004b0: - assume {:captureState "l000004b0"} true; - R30, Gamma_R30 := 1944bv64, true; - call r(); - goto l000004bc; - l00000530_goto_l000004d5: - assume {:captureState "l00000530_goto_l000004d5"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l000004d5; - l00000467_goto_l000003e2: - assume {:captureState "l00000467_goto_l000003e2"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); + assume {:captureState "%000003e0"} true; goto l000003e2; - l00000430_goto_l00000467: - assume {:captureState "l00000430_goto_l00000467"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l00000467; l00000408: assume {:captureState "l00000408"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -255,24 +181,6 @@ implementation main() NF, Gamma_NF := bvadd32(#6, 1bv32)[32:31], Gamma_#6; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); goto l00000408_goto_l000003e2, l00000408_goto_l00000430; - l000003d0: - assume {:captureState "l000003d0"} true; - R0, Gamma_R0 := 4bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 44bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 44bv64), Gamma_R0); - assume {:captureState "%000003e0"} true; - goto l000003e2; - l000003f1: - assume {:captureState "l000003f1"} true; - R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); - R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); - R31, Gamma_R31 := bvadd64(R31, 48bv64), Gamma_R31; - goto main_return; - l000004d5: - assume {:captureState "l000004d5"} true; - R0, Gamma_R0 := 2bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 44bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 44bv64), Gamma_R0); - assume {:captureState "%000004e0"} true; - goto l00000451; l00000430: assume {:captureState "l00000430"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -283,11 +191,61 @@ implementation main() NF, Gamma_NF := bvadd32(#7, 1bv32)[32:31], Gamma_#7; assert Gamma_ZF; goto l00000430_goto_l00000451, l00000430_goto_l00000467; - l00000451: - assume {:captureState "l00000451"} true; - R0, Gamma_R0 := 3bv64, true; + l00000467: + assume {:captureState "l00000467"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #8, Gamma_#8 := bvadd32(R0[32:0], 4294967291bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#8, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934588bv33))), (Gamma_R0 && Gamma_#8); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#8, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967292bv33))), (Gamma_R0 && Gamma_#8); + ZF, Gamma_ZF := bvcomp32(bvadd32(#8, 1bv32), 0bv32), Gamma_#8; + NF, Gamma_NF := bvadd32(#8, 1bv32)[32:31], Gamma_#8; + assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); + goto l00000467_goto_l000003e2, l00000467_goto_l0000048f; + l0000048f: + assume {:captureState "l0000048f"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #9, Gamma_#9 := bvadd32(R0[32:0], 4294967292bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#9, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934589bv33))), (Gamma_R0 && Gamma_#9); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#9, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967293bv33))), (Gamma_R0 && Gamma_#9); + ZF, Gamma_ZF := bvcomp32(bvadd32(#9, 1bv32), 0bv32), Gamma_#9; + NF, Gamma_NF := bvadd32(#9, 1bv32)[32:31], Gamma_#9; + assert Gamma_ZF; + goto l0000048f_goto_l000004b0, l0000048f_goto_l000004e2; + l000004b0: + assume {:captureState "l000004b0"} true; + R30, Gamma_R30 := 1944bv64, true; + call r(); + goto l000004bc; + l000004bc: + assume {:captureState "l000004bc"} true; stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 44bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 44bv64), Gamma_R0); - assume {:captureState "%00000461"} true; + assume {:captureState "%000004c2"} true; + goto l000004c4; + l000004e2: + assume {:captureState "l000004e2"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #10, Gamma_#10 := bvadd32(R0[32:0], 4294967292bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#10, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934589bv33))), (Gamma_R0 && Gamma_#10); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#10, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967293bv33))), (Gamma_R0 && Gamma_#10); + ZF, Gamma_ZF := bvcomp32(bvadd32(#10, 1bv32), 0bv32), Gamma_#10; + NF, Gamma_NF := bvadd32(#10, 1bv32)[32:31], Gamma_#10; + assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); + goto l000004e2_goto_l0000050a, l000004e2_goto_l000003e2; + l0000050a: + assume {:captureState "l0000050a"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #11, Gamma_#11 := bvadd32(R0[32:0], 4294967294bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#11, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934591bv33))), (Gamma_R0 && Gamma_#11); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#11, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967295bv33))), (Gamma_R0 && Gamma_#11); + ZF, Gamma_ZF := bvcomp32(bvadd32(#11, 1bv32), 0bv32), Gamma_#11; + NF, Gamma_NF := bvadd32(#11, 1bv32)[32:31], Gamma_#11; + assert Gamma_ZF; + goto l0000050a_goto_l000004c4, l0000050a_goto_l00000530; + l000004c4: + assume {:captureState "l000004c4"} true; + R0, Gamma_R0 := 1bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 44bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 44bv64), Gamma_R0); + assume {:captureState "%000004cf"} true; goto l000003f1; l00000530: assume {:captureState "l00000530"} true; @@ -299,55 +257,97 @@ implementation main() NF, Gamma_NF := bvadd32(#12, 1bv32)[32:31], Gamma_#12; assert Gamma_ZF; goto l00000530_goto_l000004d5, l00000530_goto_l00000556; - l00000530_goto_l00000556: - assume {:captureState "l00000530_goto_l00000556"} true; + l000004d5: + assume {:captureState "l000004d5"} true; + R0, Gamma_R0 := 2bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 44bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 44bv64), Gamma_R0); + assume {:captureState "%000004e0"} true; + goto l00000451; + l00000451: + assume {:captureState "l00000451"} true; + R0, Gamma_R0 := 3bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 44bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 44bv64), Gamma_R0); + assume {:captureState "%00000461"} true; + goto l000003f1; + l00000556: + assume {:captureState "l00000556"} true; + goto l000003e2; + l000003e2: + assume {:captureState "l000003e2"} true; + R0, Gamma_R0 := 5bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 44bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 44bv64), Gamma_R0); + assume {:captureState "%000003ed"} true; + goto l000003f1; + l000003f1: + assume {:captureState "l000003f1"} true; + R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); + R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); + R31, Gamma_R31 := bvadd64(R31, 48bv64), Gamma_R31; + goto main_return; + lmain_goto_l000003d0: + assume {:captureState "lmain_goto_l000003d0"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l000003d0; + lmain_goto_l00000408: + assume {:captureState "lmain_goto_l00000408"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l00000556; + goto l00000408; + l00000408_goto_l000003e2: + assume {:captureState "l00000408_goto_l000003e2"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); + goto l000003e2; + l00000408_goto_l00000430: + assume {:captureState "l00000408_goto_l00000430"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); + goto l00000430; + l00000430_goto_l00000451: + assume {:captureState "l00000430_goto_l00000451"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l00000451; + l00000430_goto_l00000467: + assume {:captureState "l00000430_goto_l00000467"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l00000467; + l00000467_goto_l000003e2: + assume {:captureState "l00000467_goto_l000003e2"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); + goto l000003e2; + l00000467_goto_l0000048f: + assume {:captureState "l00000467_goto_l0000048f"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); + goto l0000048f; + l0000048f_goto_l000004b0: + assume {:captureState "l0000048f_goto_l000004b0"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l000004b0; l0000048f_goto_l000004e2: assume {:captureState "l0000048f_goto_l000004e2"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); goto l000004e2; - l00000408_goto_l00000430: - assume {:captureState "l00000408_goto_l00000430"} true; + l000004e2_goto_l000003e2: + assume {:captureState "l000004e2_goto_l000003e2"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); + goto l000003e2; + l000004e2_goto_l0000050a: + assume {:captureState "l000004e2_goto_l0000050a"} true; assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); - goto l00000430; + goto l0000050a; + l0000050a_goto_l000004c4: + assume {:captureState "l0000050a_goto_l000004c4"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l000004c4; l0000050a_goto_l00000530: assume {:captureState "l0000050a_goto_l00000530"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); goto l00000530; - l00000556: - assume {:captureState "l00000556"} true; - goto l000003e2; - l00000430_goto_l00000451: - assume {:captureState "l00000430_goto_l00000451"} true; + l00000530_goto_l000004d5: + assume {:captureState "l00000530_goto_l000004d5"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l00000451; - l000003e2: - assume {:captureState "l000003e2"} true; - R0, Gamma_R0 := 5bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 44bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 44bv64), Gamma_R0); - assume {:captureState "%000003ed"} true; - goto l000003f1; - l0000048f: - assume {:captureState "l0000048f"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #9, Gamma_#9 := bvadd32(R0[32:0], 4294967292bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#9, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934589bv33))), (Gamma_R0 && Gamma_#9); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#9, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967293bv33))), (Gamma_R0 && Gamma_#9); - ZF, Gamma_ZF := bvcomp32(bvadd32(#9, 1bv32), 0bv32), Gamma_#9; - NF, Gamma_NF := bvadd32(#9, 1bv32)[32:31], Gamma_#9; - assert Gamma_ZF; - goto l0000048f_goto_l000004b0, l0000048f_goto_l000004e2; - l000004e2: - assume {:captureState "l000004e2"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #10, Gamma_#10 := bvadd32(R0[32:0], 4294967292bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#10, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934589bv33))), (Gamma_R0 && Gamma_#10); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#10, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967293bv33))), (Gamma_R0 && Gamma_#10); - ZF, Gamma_ZF := bvcomp32(bvadd32(#10, 1bv32), 0bv32), Gamma_#10; - NF, Gamma_NF := bvadd32(#10, 1bv32)[32:31], Gamma_#10; - assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l000004e2_goto_l0000050a, l000004e2_goto_l000003e2; + goto l000004d5; + l00000530_goto_l00000556: + assume {:captureState "l00000530_goto_l00000556"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l00000556; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/switch2/gcc_no_plt_no_pic/switch2.expected b/src/test/correct/switch2/gcc_no_plt_no_pic/switch2.expected index 33b66ce97..7b5b056df 100644 --- a/src/test/correct/switch2/gcc_no_plt_no_pic/switch2.expected +++ b/src/test/correct/switch2/gcc_no_plt_no_pic/switch2.expected @@ -165,20 +165,12 @@ implementation main() NF, Gamma_NF := bvadd32(#5, 1bv32)[32:31], Gamma_#5; assert Gamma_ZF; goto lmain_goto_l00000c2f, lmain_goto_l00000c67; - l00000cee_goto_l00000d41: - assume {:captureState "l00000cee_goto_l00000d41"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l00000d41; - l00000d69: - assume {:captureState "l00000d69"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #11, Gamma_#11 := bvadd32(R0[32:0], 4294967294bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#11, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934591bv33))), (Gamma_R0 && Gamma_#11); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#11, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967295bv33))), (Gamma_R0 && Gamma_#11); - ZF, Gamma_ZF := bvcomp32(bvadd32(#11, 1bv32), 0bv32), Gamma_#11; - NF, Gamma_NF := bvadd32(#11, 1bv32)[32:31], Gamma_#11; - assert Gamma_ZF; - goto l00000d69_goto_l00000d8f, l00000d69_goto_l00000d23; + l00000c2f: + assume {:captureState "l00000c2f"} true; + R0, Gamma_R0 := 4bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 44bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 44bv64), Gamma_R0); + assume {:captureState "%00000c3f"} true; + goto l00000c41; l00000c67: assume {:captureState "l00000c67"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -189,165 +181,173 @@ implementation main() NF, Gamma_NF := bvadd32(#6, 1bv32)[32:31], Gamma_#6; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); goto l00000c67_goto_l00000c41, l00000c67_goto_l00000c8f; + l00000c8f: + assume {:captureState "l00000c8f"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #7, Gamma_#7 := bvadd32(R0[32:0], 4294967291bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#7, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934588bv33))), (Gamma_R0 && Gamma_#7); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#7, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967292bv33))), (Gamma_R0 && Gamma_#7); + ZF, Gamma_ZF := bvcomp32(bvadd32(#7, 1bv32), 0bv32), Gamma_#7; + NF, Gamma_NF := bvadd32(#7, 1bv32)[32:31], Gamma_#7; + assert Gamma_ZF; + goto l00000c8f_goto_l00000cb0, l00000c8f_goto_l00000cc6; + l00000cc6: + assume {:captureState "l00000cc6"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #8, Gamma_#8 := bvadd32(R0[32:0], 4294967291bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#8, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934588bv33))), (Gamma_R0 && Gamma_#8); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#8, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967292bv33))), (Gamma_R0 && Gamma_#8); + ZF, Gamma_ZF := bvcomp32(bvadd32(#8, 1bv32), 0bv32), Gamma_#8; + NF, Gamma_NF := bvadd32(#8, 1bv32)[32:31], Gamma_#8; + assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); + goto l00000cc6_goto_l00000cee, l00000cc6_goto_l00000c41; + l00000cee: + assume {:captureState "l00000cee"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #9, Gamma_#9 := bvadd32(R0[32:0], 4294967292bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#9, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934589bv33))), (Gamma_R0 && Gamma_#9); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#9, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967293bv33))), (Gamma_R0 && Gamma_#9); + ZF, Gamma_ZF := bvcomp32(bvadd32(#9, 1bv32), 0bv32), Gamma_#9; + NF, Gamma_NF := bvadd32(#9, 1bv32)[32:31], Gamma_#9; + assert Gamma_ZF; + goto l00000cee_goto_l00000d41, l00000cee_goto_l00000d0f; + l00000d0f: + assume {:captureState "l00000d0f"} true; + R30, Gamma_R30 := 1944bv64, true; + call r(); + goto l00000d1b; + l00000d1b: + assume {:captureState "l00000d1b"} true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 44bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 44bv64), Gamma_R0); + assume {:captureState "%00000d21"} true; + goto l00000d23; + l00000d41: + assume {:captureState "l00000d41"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #10, Gamma_#10 := bvadd32(R0[32:0], 4294967292bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#10, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934589bv33))), (Gamma_R0 && Gamma_#10); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#10, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967293bv33))), (Gamma_R0 && Gamma_#10); + ZF, Gamma_ZF := bvcomp32(bvadd32(#10, 1bv32), 0bv32), Gamma_#10; + NF, Gamma_NF := bvadd32(#10, 1bv32)[32:31], Gamma_#10; + assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); + goto l00000d41_goto_l00000d69, l00000d41_goto_l00000c41; + l00000d69: + assume {:captureState "l00000d69"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #11, Gamma_#11 := bvadd32(R0[32:0], 4294967294bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#11, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934591bv33))), (Gamma_R0 && Gamma_#11); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#11, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967295bv33))), (Gamma_R0 && Gamma_#11); + ZF, Gamma_ZF := bvcomp32(bvadd32(#11, 1bv32), 0bv32), Gamma_#11; + NF, Gamma_NF := bvadd32(#11, 1bv32)[32:31], Gamma_#11; + assert Gamma_ZF; + goto l00000d69_goto_l00000d8f, l00000d69_goto_l00000d23; l00000d23: assume {:captureState "l00000d23"} true; R0, Gamma_R0 := 1bv64, true; stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 44bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 44bv64), Gamma_R0); assume {:captureState "%00000d2e"} true; goto l00000c50; + l00000d8f: + assume {:captureState "l00000d8f"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #12, Gamma_#12 := bvadd32(R0[32:0], 4294967293bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#12, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934590bv33))), (Gamma_R0 && Gamma_#12); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#12, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967294bv33))), (Gamma_R0 && Gamma_#12); + ZF, Gamma_ZF := bvcomp32(bvadd32(#12, 1bv32), 0bv32), Gamma_#12; + NF, Gamma_NF := bvadd32(#12, 1bv32)[32:31], Gamma_#12; + assert Gamma_ZF; + goto l00000d8f_goto_l00000d34, l00000d8f_goto_l00000db5; + l00000d34: + assume {:captureState "l00000d34"} true; + R0, Gamma_R0 := 2bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 44bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 44bv64), Gamma_R0); + assume {:captureState "%00000d3f"} true; + goto l00000cb0; l00000cb0: assume {:captureState "l00000cb0"} true; R0, Gamma_R0 := 3bv64, true; stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 44bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 44bv64), Gamma_R0); assume {:captureState "%00000cc0"} true; goto l00000c50; - l00000c8f_goto_l00000cc6: - assume {:captureState "l00000c8f_goto_l00000cc6"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l00000cc6; - l00000d41_goto_l00000c41: - assume {:captureState "l00000d41_goto_l00000c41"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); - goto l00000c41; l00000db5: assume {:captureState "l00000db5"} true; goto l00000c41; - l00000d1b: - assume {:captureState "l00000d1b"} true; + l00000c41: + assume {:captureState "l00000c41"} true; + R0, Gamma_R0 := 5bv64, true; stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 44bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 44bv64), Gamma_R0); - assume {:captureState "%00000d21"} true; - goto l00000d23; - l00000d41_goto_l00000d69: - assume {:captureState "l00000d41_goto_l00000d69"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); - goto l00000d69; - l00000cc6_goto_l00000cee: - assume {:captureState "l00000cc6_goto_l00000cee"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); - goto l00000cee; - l00000cee: - assume {:captureState "l00000cee"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #9, Gamma_#9 := bvadd32(R0[32:0], 4294967292bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#9, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934589bv33))), (Gamma_R0 && Gamma_#9); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#9, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967293bv33))), (Gamma_R0 && Gamma_#9); - ZF, Gamma_ZF := bvcomp32(bvadd32(#9, 1bv32), 0bv32), Gamma_#9; - NF, Gamma_NF := bvadd32(#9, 1bv32)[32:31], Gamma_#9; - assert Gamma_ZF; - goto l00000cee_goto_l00000d41, l00000cee_goto_l00000d0f; - l00000d69_goto_l00000d8f: - assume {:captureState "l00000d69_goto_l00000d8f"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l00000d8f; + assume {:captureState "%00000c4c"} true; + goto l00000c50; l00000c50: assume {:captureState "l00000c50"} true; R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 48bv64), Gamma_R31; goto main_return; + lmain_goto_l00000c2f: + assume {:captureState "lmain_goto_l00000c2f"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l00000c2f; + lmain_goto_l00000c67: + assume {:captureState "lmain_goto_l00000c67"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l00000c67; l00000c67_goto_l00000c41: assume {:captureState "l00000c67_goto_l00000c41"} true; assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); goto l00000c41; - l00000d8f_goto_l00000db5: - assume {:captureState "l00000d8f_goto_l00000db5"} true; + l00000c67_goto_l00000c8f: + assume {:captureState "l00000c67_goto_l00000c8f"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); + goto l00000c8f; + l00000c8f_goto_l00000cb0: + assume {:captureState "l00000c8f_goto_l00000cb0"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l00000cb0; + l00000c8f_goto_l00000cc6: + assume {:captureState "l00000c8f_goto_l00000cc6"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l00000db5; + goto l00000cc6; l00000cc6_goto_l00000c41: assume {:captureState "l00000cc6_goto_l00000c41"} true; assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); goto l00000c41; - lmain_goto_l00000c67: - assume {:captureState "lmain_goto_l00000c67"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l00000c67; - l00000d34: - assume {:captureState "l00000d34"} true; - R0, Gamma_R0 := 2bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 44bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 44bv64), Gamma_R0); - assume {:captureState "%00000d3f"} true; - goto l00000cb0; - l00000d8f: - assume {:captureState "l00000d8f"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #12, Gamma_#12 := bvadd32(R0[32:0], 4294967293bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#12, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934590bv33))), (Gamma_R0 && Gamma_#12); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#12, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967294bv33))), (Gamma_R0 && Gamma_#12); - ZF, Gamma_ZF := bvcomp32(bvadd32(#12, 1bv32), 0bv32), Gamma_#12; - NF, Gamma_NF := bvadd32(#12, 1bv32)[32:31], Gamma_#12; - assert Gamma_ZF; - goto l00000d8f_goto_l00000d34, l00000d8f_goto_l00000db5; - l00000c8f: - assume {:captureState "l00000c8f"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #7, Gamma_#7 := bvadd32(R0[32:0], 4294967291bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#7, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934588bv33))), (Gamma_R0 && Gamma_#7); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#7, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967292bv33))), (Gamma_R0 && Gamma_#7); - ZF, Gamma_ZF := bvcomp32(bvadd32(#7, 1bv32), 0bv32), Gamma_#7; - NF, Gamma_NF := bvadd32(#7, 1bv32)[32:31], Gamma_#7; - assert Gamma_ZF; - goto l00000c8f_goto_l00000cb0, l00000c8f_goto_l00000cc6; - lmain_goto_l00000c2f: - assume {:captureState "lmain_goto_l00000c2f"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l00000c2f; - l00000c67_goto_l00000c8f: - assume {:captureState "l00000c67_goto_l00000c8f"} true; + l00000cc6_goto_l00000cee: + assume {:captureState "l00000cc6_goto_l00000cee"} true; assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); - goto l00000c8f; - l00000d0f: - assume {:captureState "l00000d0f"} true; - R30, Gamma_R30 := 1944bv64, true; - call r(); - goto l00000d1b; - l00000cc6: - assume {:captureState "l00000cc6"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #8, Gamma_#8 := bvadd32(R0[32:0], 4294967291bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#8, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934588bv33))), (Gamma_R0 && Gamma_#8); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#8, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967292bv33))), (Gamma_R0 && Gamma_#8); - ZF, Gamma_ZF := bvcomp32(bvadd32(#8, 1bv32), 0bv32), Gamma_#8; - NF, Gamma_NF := bvadd32(#8, 1bv32)[32:31], Gamma_#8; - assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l00000cc6_goto_l00000cee, l00000cc6_goto_l00000c41; - l00000c2f: - assume {:captureState "l00000c2f"} true; - R0, Gamma_R0 := 4bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 44bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 44bv64), Gamma_R0); - assume {:captureState "%00000c3f"} true; + goto l00000cee; + l00000cee_goto_l00000d0f: + assume {:captureState "l00000cee_goto_l00000d0f"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l00000d0f; + l00000cee_goto_l00000d41: + assume {:captureState "l00000cee_goto_l00000d41"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l00000d41; + l00000d41_goto_l00000c41: + assume {:captureState "l00000d41_goto_l00000c41"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); goto l00000c41; + l00000d41_goto_l00000d69: + assume {:captureState "l00000d41_goto_l00000d69"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); + goto l00000d69; l00000d69_goto_l00000d23: assume {:captureState "l00000d69_goto_l00000d23"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); goto l00000d23; - l00000c8f_goto_l00000cb0: - assume {:captureState "l00000c8f_goto_l00000cb0"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l00000cb0; + l00000d69_goto_l00000d8f: + assume {:captureState "l00000d69_goto_l00000d8f"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l00000d8f; l00000d8f_goto_l00000d34: assume {:captureState "l00000d8f_goto_l00000d34"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); goto l00000d34; - l00000c41: - assume {:captureState "l00000c41"} true; - R0, Gamma_R0 := 5bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 44bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 44bv64), Gamma_R0); - assume {:captureState "%00000c4c"} true; - goto l00000c50; - l00000d41: - assume {:captureState "l00000d41"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #10, Gamma_#10 := bvadd32(R0[32:0], 4294967292bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#10, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934589bv33))), (Gamma_R0 && Gamma_#10); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#10, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967293bv33))), (Gamma_R0 && Gamma_#10); - ZF, Gamma_ZF := bvcomp32(bvadd32(#10, 1bv32), 0bv32), Gamma_#10; - NF, Gamma_NF := bvadd32(#10, 1bv32)[32:31], Gamma_#10; - assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l00000d41_goto_l00000d69, l00000d41_goto_l00000c41; - l00000cee_goto_l00000d0f: - assume {:captureState "l00000cee_goto_l00000d0f"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l00000d0f; + l00000d8f_goto_l00000db5: + assume {:captureState "l00000d8f_goto_l00000db5"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l00000db5; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/switch2/gcc_pic/switch2.expected b/src/test/correct/switch2/gcc_pic/switch2.expected index 33b66ce97..7b5b056df 100644 --- a/src/test/correct/switch2/gcc_pic/switch2.expected +++ b/src/test/correct/switch2/gcc_pic/switch2.expected @@ -165,20 +165,12 @@ implementation main() NF, Gamma_NF := bvadd32(#5, 1bv32)[32:31], Gamma_#5; assert Gamma_ZF; goto lmain_goto_l00000c2f, lmain_goto_l00000c67; - l00000cee_goto_l00000d41: - assume {:captureState "l00000cee_goto_l00000d41"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l00000d41; - l00000d69: - assume {:captureState "l00000d69"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #11, Gamma_#11 := bvadd32(R0[32:0], 4294967294bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#11, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934591bv33))), (Gamma_R0 && Gamma_#11); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#11, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967295bv33))), (Gamma_R0 && Gamma_#11); - ZF, Gamma_ZF := bvcomp32(bvadd32(#11, 1bv32), 0bv32), Gamma_#11; - NF, Gamma_NF := bvadd32(#11, 1bv32)[32:31], Gamma_#11; - assert Gamma_ZF; - goto l00000d69_goto_l00000d8f, l00000d69_goto_l00000d23; + l00000c2f: + assume {:captureState "l00000c2f"} true; + R0, Gamma_R0 := 4bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 44bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 44bv64), Gamma_R0); + assume {:captureState "%00000c3f"} true; + goto l00000c41; l00000c67: assume {:captureState "l00000c67"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -189,165 +181,173 @@ implementation main() NF, Gamma_NF := bvadd32(#6, 1bv32)[32:31], Gamma_#6; assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); goto l00000c67_goto_l00000c41, l00000c67_goto_l00000c8f; + l00000c8f: + assume {:captureState "l00000c8f"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #7, Gamma_#7 := bvadd32(R0[32:0], 4294967291bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#7, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934588bv33))), (Gamma_R0 && Gamma_#7); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#7, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967292bv33))), (Gamma_R0 && Gamma_#7); + ZF, Gamma_ZF := bvcomp32(bvadd32(#7, 1bv32), 0bv32), Gamma_#7; + NF, Gamma_NF := bvadd32(#7, 1bv32)[32:31], Gamma_#7; + assert Gamma_ZF; + goto l00000c8f_goto_l00000cb0, l00000c8f_goto_l00000cc6; + l00000cc6: + assume {:captureState "l00000cc6"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #8, Gamma_#8 := bvadd32(R0[32:0], 4294967291bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#8, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934588bv33))), (Gamma_R0 && Gamma_#8); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#8, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967292bv33))), (Gamma_R0 && Gamma_#8); + ZF, Gamma_ZF := bvcomp32(bvadd32(#8, 1bv32), 0bv32), Gamma_#8; + NF, Gamma_NF := bvadd32(#8, 1bv32)[32:31], Gamma_#8; + assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); + goto l00000cc6_goto_l00000cee, l00000cc6_goto_l00000c41; + l00000cee: + assume {:captureState "l00000cee"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #9, Gamma_#9 := bvadd32(R0[32:0], 4294967292bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#9, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934589bv33))), (Gamma_R0 && Gamma_#9); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#9, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967293bv33))), (Gamma_R0 && Gamma_#9); + ZF, Gamma_ZF := bvcomp32(bvadd32(#9, 1bv32), 0bv32), Gamma_#9; + NF, Gamma_NF := bvadd32(#9, 1bv32)[32:31], Gamma_#9; + assert Gamma_ZF; + goto l00000cee_goto_l00000d41, l00000cee_goto_l00000d0f; + l00000d0f: + assume {:captureState "l00000d0f"} true; + R30, Gamma_R30 := 1944bv64, true; + call r(); + goto l00000d1b; + l00000d1b: + assume {:captureState "l00000d1b"} true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 44bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 44bv64), Gamma_R0); + assume {:captureState "%00000d21"} true; + goto l00000d23; + l00000d41: + assume {:captureState "l00000d41"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #10, Gamma_#10 := bvadd32(R0[32:0], 4294967292bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#10, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934589bv33))), (Gamma_R0 && Gamma_#10); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#10, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967293bv33))), (Gamma_R0 && Gamma_#10); + ZF, Gamma_ZF := bvcomp32(bvadd32(#10, 1bv32), 0bv32), Gamma_#10; + NF, Gamma_NF := bvadd32(#10, 1bv32)[32:31], Gamma_#10; + assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); + goto l00000d41_goto_l00000d69, l00000d41_goto_l00000c41; + l00000d69: + assume {:captureState "l00000d69"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #11, Gamma_#11 := bvadd32(R0[32:0], 4294967294bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#11, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934591bv33))), (Gamma_R0 && Gamma_#11); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#11, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967295bv33))), (Gamma_R0 && Gamma_#11); + ZF, Gamma_ZF := bvcomp32(bvadd32(#11, 1bv32), 0bv32), Gamma_#11; + NF, Gamma_NF := bvadd32(#11, 1bv32)[32:31], Gamma_#11; + assert Gamma_ZF; + goto l00000d69_goto_l00000d8f, l00000d69_goto_l00000d23; l00000d23: assume {:captureState "l00000d23"} true; R0, Gamma_R0 := 1bv64, true; stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 44bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 44bv64), Gamma_R0); assume {:captureState "%00000d2e"} true; goto l00000c50; + l00000d8f: + assume {:captureState "l00000d8f"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #12, Gamma_#12 := bvadd32(R0[32:0], 4294967293bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#12, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934590bv33))), (Gamma_R0 && Gamma_#12); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#12, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967294bv33))), (Gamma_R0 && Gamma_#12); + ZF, Gamma_ZF := bvcomp32(bvadd32(#12, 1bv32), 0bv32), Gamma_#12; + NF, Gamma_NF := bvadd32(#12, 1bv32)[32:31], Gamma_#12; + assert Gamma_ZF; + goto l00000d8f_goto_l00000d34, l00000d8f_goto_l00000db5; + l00000d34: + assume {:captureState "l00000d34"} true; + R0, Gamma_R0 := 2bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 44bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 44bv64), Gamma_R0); + assume {:captureState "%00000d3f"} true; + goto l00000cb0; l00000cb0: assume {:captureState "l00000cb0"} true; R0, Gamma_R0 := 3bv64, true; stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 44bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 44bv64), Gamma_R0); assume {:captureState "%00000cc0"} true; goto l00000c50; - l00000c8f_goto_l00000cc6: - assume {:captureState "l00000c8f_goto_l00000cc6"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l00000cc6; - l00000d41_goto_l00000c41: - assume {:captureState "l00000d41_goto_l00000c41"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); - goto l00000c41; l00000db5: assume {:captureState "l00000db5"} true; goto l00000c41; - l00000d1b: - assume {:captureState "l00000d1b"} true; + l00000c41: + assume {:captureState "l00000c41"} true; + R0, Gamma_R0 := 5bv64, true; stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 44bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 44bv64), Gamma_R0); - assume {:captureState "%00000d21"} true; - goto l00000d23; - l00000d41_goto_l00000d69: - assume {:captureState "l00000d41_goto_l00000d69"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); - goto l00000d69; - l00000cc6_goto_l00000cee: - assume {:captureState "l00000cc6_goto_l00000cee"} true; - assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); - goto l00000cee; - l00000cee: - assume {:captureState "l00000cee"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #9, Gamma_#9 := bvadd32(R0[32:0], 4294967292bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#9, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934589bv33))), (Gamma_R0 && Gamma_#9); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#9, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967293bv33))), (Gamma_R0 && Gamma_#9); - ZF, Gamma_ZF := bvcomp32(bvadd32(#9, 1bv32), 0bv32), Gamma_#9; - NF, Gamma_NF := bvadd32(#9, 1bv32)[32:31], Gamma_#9; - assert Gamma_ZF; - goto l00000cee_goto_l00000d41, l00000cee_goto_l00000d0f; - l00000d69_goto_l00000d8f: - assume {:captureState "l00000d69_goto_l00000d8f"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l00000d8f; + assume {:captureState "%00000c4c"} true; + goto l00000c50; l00000c50: assume {:captureState "l00000c50"} true; R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 48bv64), Gamma_R31; goto main_return; + lmain_goto_l00000c2f: + assume {:captureState "lmain_goto_l00000c2f"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l00000c2f; + lmain_goto_l00000c67: + assume {:captureState "lmain_goto_l00000c67"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l00000c67; l00000c67_goto_l00000c41: assume {:captureState "l00000c67_goto_l00000c41"} true; assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); goto l00000c41; - l00000d8f_goto_l00000db5: - assume {:captureState "l00000d8f_goto_l00000db5"} true; + l00000c67_goto_l00000c8f: + assume {:captureState "l00000c67_goto_l00000c8f"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); + goto l00000c8f; + l00000c8f_goto_l00000cb0: + assume {:captureState "l00000c8f_goto_l00000cb0"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l00000cb0; + l00000c8f_goto_l00000cc6: + assume {:captureState "l00000c8f_goto_l00000cc6"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l00000db5; + goto l00000cc6; l00000cc6_goto_l00000c41: assume {:captureState "l00000cc6_goto_l00000c41"} true; assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); goto l00000c41; - lmain_goto_l00000c67: - assume {:captureState "lmain_goto_l00000c67"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l00000c67; - l00000d34: - assume {:captureState "l00000d34"} true; - R0, Gamma_R0 := 2bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 44bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 44bv64), Gamma_R0); - assume {:captureState "%00000d3f"} true; - goto l00000cb0; - l00000d8f: - assume {:captureState "l00000d8f"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #12, Gamma_#12 := bvadd32(R0[32:0], 4294967293bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#12, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934590bv33))), (Gamma_R0 && Gamma_#12); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#12, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967294bv33))), (Gamma_R0 && Gamma_#12); - ZF, Gamma_ZF := bvcomp32(bvadd32(#12, 1bv32), 0bv32), Gamma_#12; - NF, Gamma_NF := bvadd32(#12, 1bv32)[32:31], Gamma_#12; - assert Gamma_ZF; - goto l00000d8f_goto_l00000d34, l00000d8f_goto_l00000db5; - l00000c8f: - assume {:captureState "l00000c8f"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #7, Gamma_#7 := bvadd32(R0[32:0], 4294967291bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#7, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934588bv33))), (Gamma_R0 && Gamma_#7); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#7, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967292bv33))), (Gamma_R0 && Gamma_#7); - ZF, Gamma_ZF := bvcomp32(bvadd32(#7, 1bv32), 0bv32), Gamma_#7; - NF, Gamma_NF := bvadd32(#7, 1bv32)[32:31], Gamma_#7; - assert Gamma_ZF; - goto l00000c8f_goto_l00000cb0, l00000c8f_goto_l00000cc6; - lmain_goto_l00000c2f: - assume {:captureState "lmain_goto_l00000c2f"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l00000c2f; - l00000c67_goto_l00000c8f: - assume {:captureState "l00000c67_goto_l00000c8f"} true; + l00000cc6_goto_l00000cee: + assume {:captureState "l00000cc6_goto_l00000cee"} true; assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); - goto l00000c8f; - l00000d0f: - assume {:captureState "l00000d0f"} true; - R30, Gamma_R30 := 1944bv64, true; - call r(); - goto l00000d1b; - l00000cc6: - assume {:captureState "l00000cc6"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #8, Gamma_#8 := bvadd32(R0[32:0], 4294967291bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#8, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934588bv33))), (Gamma_R0 && Gamma_#8); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#8, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967292bv33))), (Gamma_R0 && Gamma_#8); - ZF, Gamma_ZF := bvcomp32(bvadd32(#8, 1bv32), 0bv32), Gamma_#8; - NF, Gamma_NF := bvadd32(#8, 1bv32)[32:31], Gamma_#8; - assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l00000cc6_goto_l00000cee, l00000cc6_goto_l00000c41; - l00000c2f: - assume {:captureState "l00000c2f"} true; - R0, Gamma_R0 := 4bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 44bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 44bv64), Gamma_R0); - assume {:captureState "%00000c3f"} true; + goto l00000cee; + l00000cee_goto_l00000d0f: + assume {:captureState "l00000cee_goto_l00000d0f"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l00000d0f; + l00000cee_goto_l00000d41: + assume {:captureState "l00000cee_goto_l00000d41"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l00000d41; + l00000d41_goto_l00000c41: + assume {:captureState "l00000d41_goto_l00000c41"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) != 0bv1); goto l00000c41; + l00000d41_goto_l00000d69: + assume {:captureState "l00000d41_goto_l00000d69"} true; + assume (bvand1(bvcomp1(NF, VF), bvcomp1(ZF, 0bv1)) == 0bv1); + goto l00000d69; l00000d69_goto_l00000d23: assume {:captureState "l00000d69_goto_l00000d23"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); goto l00000d23; - l00000c8f_goto_l00000cb0: - assume {:captureState "l00000c8f_goto_l00000cb0"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l00000cb0; + l00000d69_goto_l00000d8f: + assume {:captureState "l00000d69_goto_l00000d8f"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l00000d8f; l00000d8f_goto_l00000d34: assume {:captureState "l00000d8f_goto_l00000d34"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); goto l00000d34; - l00000c41: - assume {:captureState "l00000c41"} true; - R0, Gamma_R0 := 5bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 44bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 44bv64), Gamma_R0); - assume {:captureState "%00000c4c"} true; - goto l00000c50; - l00000d41: - assume {:captureState "l00000d41"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #10, Gamma_#10 := bvadd32(R0[32:0], 4294967292bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#10, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934589bv33))), (Gamma_R0 && Gamma_#10); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#10, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967293bv33))), (Gamma_R0 && Gamma_#10); - ZF, Gamma_ZF := bvcomp32(bvadd32(#10, 1bv32), 0bv32), Gamma_#10; - NF, Gamma_NF := bvadd32(#10, 1bv32)[32:31], Gamma_#10; - assert ((Gamma_NF && Gamma_VF) && Gamma_ZF); - goto l00000d41_goto_l00000d69, l00000d41_goto_l00000c41; - l00000cee_goto_l00000d0f: - assume {:captureState "l00000cee_goto_l00000d0f"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l00000d0f; + l00000d8f_goto_l00000db5: + assume {:captureState "l00000d8f_goto_l00000db5"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l00000db5; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/syscall/gcc_O2/syscall.expected b/src/test/correct/syscall/gcc_O2/syscall.expected index 0cf06f03d..616be9705 100644 --- a/src/test/correct/syscall/gcc_O2/syscall.expected +++ b/src/test/correct/syscall/gcc_O2/syscall.expected @@ -41,7 +41,6 @@ procedure {:extern} guarantee_reflexive(); modifies Gamma_mem, mem; procedure fork(); - modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load64_le(mem, 69632bv64) == 0bv64); free requires (memory_load64_le(mem, 69640bv64) == 69640bv64); free requires (memory_load8_le(mem, 1960bv64) == 1bv8); diff --git a/src/test/correct/using_gamma_conditional/clang/using_gamma_conditional.expected b/src/test/correct/using_gamma_conditional/clang/using_gamma_conditional.expected index 3e73307eb..62f7b98ac 100644 --- a/src/test/correct/using_gamma_conditional/clang/using_gamma_conditional.expected +++ b/src/test/correct/using_gamma_conditional/clang/using_gamma_conditional.expected @@ -140,49 +140,49 @@ implementation main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; goto lmain_goto_l00000325, lmain_goto_l00000322; - l00000328: - assume {:captureState "l00000328"} true; - assert Gamma_R8; - goto l00000328_goto_l00000330, l00000328_goto_l00000358; - l00000328_goto_l00000330: - assume {:captureState "l00000328_goto_l00000330"} true; - assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); - goto l00000330; - lmain_goto_l00000322: - assume {:captureState "lmain_goto_l00000322"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); - goto l00000322; - l00000359: - assume {:captureState "l00000359"} true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), 0bv32), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), true); - assume {:captureState "%00000361"} true; - goto l00000343; l00000325: assume {:captureState "l00000325"} true; R8, Gamma_R8 := 1bv64, true; goto l00000328; - l00000358: - assume {:captureState "l00000358"} true; - goto l00000359; + l00000322: + assume {:captureState "l00000322"} true; + R8, Gamma_R8 := 0bv64, true; + goto l00000328; + l00000328: + assume {:captureState "l00000328"} true; + assert Gamma_R8; + goto l00000328_goto_l00000330, l00000328_goto_l00000358; l00000330: assume {:captureState "l00000330"} true; R8, Gamma_R8 := 1bv64, true; stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R8); assume {:captureState "%00000340"} true; goto l00000343; - lmain_goto_l00000325: - assume {:captureState "lmain_goto_l00000325"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); - goto l00000325; - l00000322: - assume {:captureState "l00000322"} true; - R8, Gamma_R8 := 0bv64, true; - goto l00000328; + l00000358: + assume {:captureState "l00000358"} true; + goto l00000359; + l00000359: + assume {:captureState "l00000359"} true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), 0bv32), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), true); + assume {:captureState "%00000361"} true; + goto l00000343; l00000343: assume {:captureState "l00000343"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto main_return; + lmain_goto_l00000322: + assume {:captureState "lmain_goto_l00000322"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); + goto l00000322; + lmain_goto_l00000325: + assume {:captureState "lmain_goto_l00000325"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); + goto l00000325; + l00000328_goto_l00000330: + assume {:captureState "l00000328_goto_l00000330"} true; + assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); + goto l00000330; l00000328_goto_l00000358: assume {:captureState "l00000328_goto_l00000358"} true; assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); diff --git a/src/test/correct/using_gamma_conditional/clang_O2/using_gamma_conditional.expected b/src/test/correct/using_gamma_conditional/clang_O2/using_gamma_conditional.expected index 74e288cfc..05b23af86 100644 --- a/src/test/correct/using_gamma_conditional/clang_O2/using_gamma_conditional.expected +++ b/src/test/correct/using_gamma_conditional/clang_O2/using_gamma_conditional.expected @@ -126,6 +126,13 @@ implementation main() assume {:captureState "l000002e8"} true; R0, Gamma_R0 := 1bv64, true; goto l000002eb; + l000002e5: + assume {:captureState "l000002e5"} true; + R0, Gamma_R0 := 0bv64, true; + goto l000002eb; + l000002eb: + assume {:captureState "l000002eb"} true; + goto main_return; lmain_goto_l000002e5: assume {:captureState "lmain_goto_l000002e5"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); @@ -134,13 +141,6 @@ implementation main() assume {:captureState "lmain_goto_l000002e8"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); goto l000002e8; - l000002e5: - assume {:captureState "l000002e5"} true; - R0, Gamma_R0 := 0bv64, true; - goto l000002eb; - l000002eb: - assume {:captureState "l000002eb"} true; - goto main_return; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/using_gamma_conditional/clang_no_plt_no_pic/using_gamma_conditional.expected b/src/test/correct/using_gamma_conditional/clang_no_plt_no_pic/using_gamma_conditional.expected index f2cb87303..16225a823 100644 --- a/src/test/correct/using_gamma_conditional/clang_no_plt_no_pic/using_gamma_conditional.expected +++ b/src/test/correct/using_gamma_conditional/clang_no_plt_no_pic/using_gamma_conditional.expected @@ -140,6 +140,10 @@ implementation main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; goto lmain_goto_l0000093d, lmain_goto_l00000940; + l00000940: + assume {:captureState "l00000940"} true; + R8, Gamma_R8 := 1bv64, true; + goto l00000943; l0000093d: assume {:captureState "l0000093d"} true; R8, Gamma_R8 := 0bv64, true; @@ -148,45 +152,41 @@ implementation main() assume {:captureState "l00000943"} true; assert Gamma_R8; goto l00000943_goto_l00000973, l00000943_goto_l0000094b; - l0000095e: - assume {:captureState "l0000095e"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); - R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; - goto main_return; - l00000943_goto_l00000973: - assume {:captureState "l00000943_goto_l00000973"} true; - assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); - goto l00000973; - l00000974: - assume {:captureState "l00000974"} true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), 0bv32), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), true); - assume {:captureState "%0000097c"} true; - goto l0000095e; l0000094b: assume {:captureState "l0000094b"} true; R8, Gamma_R8 := 1bv64, true; stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R8); assume {:captureState "%0000095b"} true; goto l0000095e; - l00000943_goto_l0000094b: - assume {:captureState "l00000943_goto_l0000094b"} true; - assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); - goto l0000094b; - lmain_goto_l00000940: - assume {:captureState "lmain_goto_l00000940"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); - goto l00000940; - l00000940: - assume {:captureState "l00000940"} true; - R8, Gamma_R8 := 1bv64, true; - goto l00000943; l00000973: assume {:captureState "l00000973"} true; goto l00000974; + l00000974: + assume {:captureState "l00000974"} true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), 0bv32), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), true); + assume {:captureState "%0000097c"} true; + goto l0000095e; + l0000095e: + assume {:captureState "l0000095e"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); + R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; lmain_goto_l0000093d: assume {:captureState "lmain_goto_l0000093d"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); goto l0000093d; + lmain_goto_l00000940: + assume {:captureState "lmain_goto_l00000940"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); + goto l00000940; + l00000943_goto_l0000094b: + assume {:captureState "l00000943_goto_l0000094b"} true; + assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); + goto l0000094b; + l00000943_goto_l00000973: + assume {:captureState "l00000943_goto_l00000973"} true; + assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); + goto l00000973; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/using_gamma_conditional/clang_pic/using_gamma_conditional.expected b/src/test/correct/using_gamma_conditional/clang_pic/using_gamma_conditional.expected index 8f0901f26..6ace33958 100644 --- a/src/test/correct/using_gamma_conditional/clang_pic/using_gamma_conditional.expected +++ b/src/test/correct/using_gamma_conditional/clang_pic/using_gamma_conditional.expected @@ -149,35 +149,14 @@ implementation main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; goto lmain_goto_l00000330, lmain_goto_l0000032d; - lmain_goto_l00000330: - assume {:captureState "lmain_goto_l00000330"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); - goto l00000330; - l0000032d: - assume {:captureState "l0000032d"} true; - R8, Gamma_R8 := 0bv64, true; - goto l00000333; - l0000034e: - assume {:captureState "l0000034e"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); - R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; - goto main_return; - lmain_goto_l0000032d: - assume {:captureState "lmain_goto_l0000032d"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); - goto l0000032d; - l00000364: - assume {:captureState "l00000364"} true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), 0bv32), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), true); - assume {:captureState "%0000036c"} true; - goto l0000034e; - l00000363: - assume {:captureState "l00000363"} true; - goto l00000364; l00000330: assume {:captureState "l00000330"} true; R8, Gamma_R8 := 1bv64, true; goto l00000333; + l0000032d: + assume {:captureState "l0000032d"} true; + R8, Gamma_R8 := 0bv64, true; + goto l00000333; l00000333: assume {:captureState "l00000333"} true; assert Gamma_R8; @@ -188,6 +167,27 @@ implementation main() stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), Gamma_R8); assume {:captureState "%0000034b"} true; goto l0000034e; + l00000363: + assume {:captureState "l00000363"} true; + goto l00000364; + l00000364: + assume {:captureState "l00000364"} true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 12bv64), 0bv32), gamma_store32(Gamma_stack, bvadd64(R31, 12bv64), true); + assume {:captureState "%0000036c"} true; + goto l0000034e; + l0000034e: + assume {:captureState "l0000034e"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); + R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + lmain_goto_l0000032d: + assume {:captureState "lmain_goto_l0000032d"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); + goto l0000032d; + lmain_goto_l00000330: + assume {:captureState "lmain_goto_l00000330"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); + goto l00000330; l00000333_goto_l0000033b: assume {:captureState "l00000333_goto_l0000033b"} true; assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); diff --git a/src/test/correct/using_gamma_conditional/gcc/using_gamma_conditional.expected b/src/test/correct/using_gamma_conditional/gcc/using_gamma_conditional.expected index a95a27df7..306130a16 100644 --- a/src/test/correct/using_gamma_conditional/gcc/using_gamma_conditional.expected +++ b/src/test/correct/using_gamma_conditional/gcc/using_gamma_conditional.expected @@ -121,9 +121,6 @@ implementation main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; goto lmain_goto_l000002fa, lmain_goto_l00000309; - l00000304: - assume {:captureState "l00000304"} true; - goto main_return; l000002fa: assume {:captureState "l000002fa"} true; R0, Gamma_R0 := 1bv64, true; @@ -132,6 +129,9 @@ implementation main() assume {:captureState "l00000309"} true; R0, Gamma_R0 := 0bv64, true; goto l00000304; + l00000304: + assume {:captureState "l00000304"} true; + goto main_return; lmain_goto_l000002fa: assume {:captureState "lmain_goto_l000002fa"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); diff --git a/src/test/correct/using_gamma_conditional/gcc_O2/using_gamma_conditional.expected b/src/test/correct/using_gamma_conditional/gcc_O2/using_gamma_conditional.expected index 2bb96ade7..5110cd257 100644 --- a/src/test/correct/using_gamma_conditional/gcc_O2/using_gamma_conditional.expected +++ b/src/test/correct/using_gamma_conditional/gcc_O2/using_gamma_conditional.expected @@ -120,25 +120,25 @@ implementation main() NF, Gamma_NF := bvadd32(#1, 1bv32)[32:31], Gamma_#1; assert Gamma_ZF; goto lmain_goto_l000001d2, lmain_goto_l000001cf; - lmain_goto_l000001d2: - assume {:captureState "lmain_goto_l000001d2"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); - goto l000001d2; + l000001d2: + assume {:captureState "l000001d2"} true; + R0, Gamma_R0 := 1bv64, true; + goto l000001d5; l000001cf: assume {:captureState "l000001cf"} true; R0, Gamma_R0 := 0bv64, true; goto l000001d5; + l000001d5: + assume {:captureState "l000001d5"} true; + goto main_return; lmain_goto_l000001cf: assume {:captureState "lmain_goto_l000001cf"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); goto l000001cf; - l000001d5: - assume {:captureState "l000001d5"} true; - goto main_return; - l000001d2: - assume {:captureState "l000001d2"} true; - R0, Gamma_R0 := 1bv64, true; - goto l000001d5; + lmain_goto_l000001d2: + assume {:captureState "lmain_goto_l000001d2"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); + goto l000001d2; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/using_gamma_conditional/gcc_no_plt_no_pic/using_gamma_conditional.expected b/src/test/correct/using_gamma_conditional/gcc_no_plt_no_pic/using_gamma_conditional.expected index 252e046fa..7c57465d3 100644 --- a/src/test/correct/using_gamma_conditional/gcc_no_plt_no_pic/using_gamma_conditional.expected +++ b/src/test/correct/using_gamma_conditional/gcc_no_plt_no_pic/using_gamma_conditional.expected @@ -121,9 +121,6 @@ implementation main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; goto lmain_goto_l000008c2, lmain_goto_l000008b3; - l000008bd: - assume {:captureState "l000008bd"} true; - goto main_return; l000008b3: assume {:captureState "l000008b3"} true; R0, Gamma_R0 := 1bv64, true; @@ -132,14 +129,17 @@ implementation main() assume {:captureState "l000008c2"} true; R0, Gamma_R0 := 0bv64, true; goto l000008bd; - lmain_goto_l000008c2: - assume {:captureState "lmain_goto_l000008c2"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l000008c2; + l000008bd: + assume {:captureState "l000008bd"} true; + goto main_return; lmain_goto_l000008b3: assume {:captureState "lmain_goto_l000008b3"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); goto l000008b3; + lmain_goto_l000008c2: + assume {:captureState "lmain_goto_l000008c2"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l000008c2; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/correct/using_gamma_conditional/gcc_pic/using_gamma_conditional.expected b/src/test/correct/using_gamma_conditional/gcc_pic/using_gamma_conditional.expected index 87c8e6e8d..8bfc79117 100644 --- a/src/test/correct/using_gamma_conditional/gcc_pic/using_gamma_conditional.expected +++ b/src/test/correct/using_gamma_conditional/gcc_pic/using_gamma_conditional.expected @@ -129,6 +129,14 @@ implementation main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; goto lmain_goto_l000002fb, lmain_goto_l0000030a; + l000002fb: + assume {:captureState "l000002fb"} true; + R0, Gamma_R0 := 1bv64, true; + goto l00000305; + l0000030a: + assume {:captureState "l0000030a"} true; + R0, Gamma_R0 := 0bv64, true; + goto l00000305; l00000305: assume {:captureState "l00000305"} true; goto main_return; @@ -136,18 +144,10 @@ implementation main() assume {:captureState "lmain_goto_l000002fb"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); goto l000002fb; - l0000030a: - assume {:captureState "l0000030a"} true; - R0, Gamma_R0 := 0bv64, true; - goto l00000305; lmain_goto_l0000030a: assume {:captureState "lmain_goto_l0000030a"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); goto l0000030a; - l000002fb: - assume {:captureState "l000002fb"} true; - R0, Gamma_R0 := 1bv64, true; - goto l00000305; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/incorrect/iflocal/clang/iflocal.expected b/src/test/incorrect/iflocal/clang/iflocal.expected index 7436db7a8..9e64ca4aa 100644 --- a/src/test/incorrect/iflocal/clang/iflocal.expected +++ b/src/test/incorrect/iflocal/clang/iflocal.expected @@ -125,48 +125,48 @@ implementation main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; goto lmain_goto_l00000337, lmain_goto_l00000334; + l00000337: + assume {:captureState "l00000337"} true; + R8, Gamma_R8 := 1bv64, true; + goto l0000033a; l00000334: assume {:captureState "l00000334"} true; R8, Gamma_R8 := 0bv64, true; goto l0000033a; + l0000033a: + assume {:captureState "l0000033a"} true; + assert Gamma_R8; + goto l0000033a_goto_l00000359, l0000033a_goto_l00000342; l00000359: assume {:captureState "l00000359"} true; goto l0000035a; - l00000337: - assume {:captureState "l00000337"} true; + l0000035a: + assume {:captureState "l0000035a"} true; R8, Gamma_R8 := 1bv64, true; - goto l0000033a; - l0000033a_goto_l00000342: - assume {:captureState "l0000033a_goto_l00000342"} true; - assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 4bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 4bv64), Gamma_R8); + assume {:captureState "%00000368"} true; goto l00000342; - lmain_goto_l00000334: - assume {:captureState "lmain_goto_l00000334"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l00000334; l00000342: assume {:captureState "l00000342"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto main_return; - l0000033a: - assume {:captureState "l0000033a"} true; - assert Gamma_R8; - goto l0000033a_goto_l00000359, l0000033a_goto_l00000342; + lmain_goto_l00000334: + assume {:captureState "lmain_goto_l00000334"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l00000334; lmain_goto_l00000337: assume {:captureState "lmain_goto_l00000337"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); goto l00000337; + l0000033a_goto_l00000342: + assume {:captureState "l0000033a_goto_l00000342"} true; + assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); + goto l00000342; l0000033a_goto_l00000359: assume {:captureState "l0000033a_goto_l00000359"} true; assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); goto l00000359; - l0000035a: - assume {:captureState "l0000035a"} true; - R8, Gamma_R8 := 1bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 4bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 4bv64), Gamma_R8); - assume {:captureState "%00000368"} true; - goto l00000342; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/incorrect/iflocal/clang_no_plt_no_pic/iflocal.expected b/src/test/incorrect/iflocal/clang_no_plt_no_pic/iflocal.expected index a47eda290..fe970c7e9 100644 --- a/src/test/incorrect/iflocal/clang_no_plt_no_pic/iflocal.expected +++ b/src/test/incorrect/iflocal/clang_no_plt_no_pic/iflocal.expected @@ -125,19 +125,14 @@ implementation main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; goto lmain_goto_l00000956, lmain_goto_l00000959; + l00000959: + assume {:captureState "l00000959"} true; + R8, Gamma_R8 := 1bv64, true; + goto l0000095c; l00000956: assume {:captureState "l00000956"} true; R8, Gamma_R8 := 0bv64, true; goto l0000095c; - l0000095c_goto_l00000964: - assume {:captureState "l0000095c_goto_l00000964"} true; - assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); - goto l00000964; - l00000964: - assume {:captureState "l00000964"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); - R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; - goto main_return; l0000095c: assume {:captureState "l0000095c"} true; assert Gamma_R8; @@ -145,16 +140,17 @@ implementation main() l0000097b: assume {:captureState "l0000097b"} true; goto l0000097c; - l0000095c_goto_l0000097b: - assume {:captureState "l0000095c_goto_l0000097b"} true; - assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); - goto l0000097b; l0000097c: assume {:captureState "l0000097c"} true; R8, Gamma_R8 := 1bv64, true; stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 4bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 4bv64), Gamma_R8); assume {:captureState "%0000098a"} true; goto l00000964; + l00000964: + assume {:captureState "l00000964"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); + R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; lmain_goto_l00000956: assume {:captureState "lmain_goto_l00000956"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); @@ -163,10 +159,14 @@ implementation main() assume {:captureState "lmain_goto_l00000959"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); goto l00000959; - l00000959: - assume {:captureState "l00000959"} true; - R8, Gamma_R8 := 1bv64, true; - goto l0000095c; + l0000095c_goto_l00000964: + assume {:captureState "l0000095c_goto_l00000964"} true; + assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); + goto l00000964; + l0000095c_goto_l0000097b: + assume {:captureState "l0000095c_goto_l0000097b"} true; + assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); + goto l0000097b; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/incorrect/iflocal/clang_pic/iflocal.expected b/src/test/incorrect/iflocal/clang_pic/iflocal.expected index a47eda290..fe970c7e9 100644 --- a/src/test/incorrect/iflocal/clang_pic/iflocal.expected +++ b/src/test/incorrect/iflocal/clang_pic/iflocal.expected @@ -125,19 +125,14 @@ implementation main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; goto lmain_goto_l00000956, lmain_goto_l00000959; + l00000959: + assume {:captureState "l00000959"} true; + R8, Gamma_R8 := 1bv64, true; + goto l0000095c; l00000956: assume {:captureState "l00000956"} true; R8, Gamma_R8 := 0bv64, true; goto l0000095c; - l0000095c_goto_l00000964: - assume {:captureState "l0000095c_goto_l00000964"} true; - assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); - goto l00000964; - l00000964: - assume {:captureState "l00000964"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); - R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; - goto main_return; l0000095c: assume {:captureState "l0000095c"} true; assert Gamma_R8; @@ -145,16 +140,17 @@ implementation main() l0000097b: assume {:captureState "l0000097b"} true; goto l0000097c; - l0000095c_goto_l0000097b: - assume {:captureState "l0000095c_goto_l0000097b"} true; - assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); - goto l0000097b; l0000097c: assume {:captureState "l0000097c"} true; R8, Gamma_R8 := 1bv64, true; stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 4bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 4bv64), Gamma_R8); assume {:captureState "%0000098a"} true; goto l00000964; + l00000964: + assume {:captureState "l00000964"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); + R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; lmain_goto_l00000956: assume {:captureState "lmain_goto_l00000956"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); @@ -163,10 +159,14 @@ implementation main() assume {:captureState "lmain_goto_l00000959"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); goto l00000959; - l00000959: - assume {:captureState "l00000959"} true; - R8, Gamma_R8 := 1bv64, true; - goto l0000095c; + l0000095c_goto_l00000964: + assume {:captureState "l0000095c_goto_l00000964"} true; + assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); + goto l00000964; + l0000095c_goto_l0000097b: + assume {:captureState "l0000095c_goto_l0000097b"} true; + assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); + goto l0000097b; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/incorrect/iflocal/gcc/iflocal.expected b/src/test/incorrect/iflocal/gcc/iflocal.expected index 6d7196ccf..78557ab71 100644 --- a/src/test/incorrect/iflocal/gcc/iflocal.expected +++ b/src/test/incorrect/iflocal/gcc/iflocal.expected @@ -120,25 +120,25 @@ implementation main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; goto lmain_goto_l00000318, lmain_goto_l0000032d; - l00000318: - assume {:captureState "l00000318"} true; - R0, Gamma_R0 := 0bv64, true; - R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; - goto main_return; l0000032d: assume {:captureState "l0000032d"} true; R0, Gamma_R0 := 1bv64, true; stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 28bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 28bv64), Gamma_R0); assume {:captureState "%00000338"} true; goto l00000318; - lmain_goto_l0000032d: - assume {:captureState "lmain_goto_l0000032d"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); - goto l0000032d; + l00000318: + assume {:captureState "l00000318"} true; + R0, Gamma_R0 := 0bv64, true; + R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; + goto main_return; lmain_goto_l00000318: assume {:captureState "lmain_goto_l00000318"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); goto l00000318; + lmain_goto_l0000032d: + assume {:captureState "lmain_goto_l0000032d"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); + goto l0000032d; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/incorrect/iflocal/gcc_no_plt_no_pic/iflocal.expected b/src/test/incorrect/iflocal/gcc_no_plt_no_pic/iflocal.expected index 7a50c7ab1..0ce1d7ed2 100644 --- a/src/test/incorrect/iflocal/gcc_no_plt_no_pic/iflocal.expected +++ b/src/test/incorrect/iflocal/gcc_no_plt_no_pic/iflocal.expected @@ -120,6 +120,12 @@ implementation main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; goto lmain_goto_l000008ff, lmain_goto_l00000914; + l00000914: + assume {:captureState "l00000914"} true; + R0, Gamma_R0 := 1bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 28bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 28bv64), Gamma_R0); + assume {:captureState "%0000091f"} true; + goto l000008ff; l000008ff: assume {:captureState "l000008ff"} true; R0, Gamma_R0 := 0bv64, true; @@ -129,12 +135,6 @@ implementation main() assume {:captureState "lmain_goto_l000008ff"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); goto l000008ff; - l00000914: - assume {:captureState "l00000914"} true; - R0, Gamma_R0 := 1bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 28bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 28bv64), Gamma_R0); - assume {:captureState "%0000091f"} true; - goto l000008ff; lmain_goto_l00000914: assume {:captureState "lmain_goto_l00000914"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); diff --git a/src/test/incorrect/iflocal/gcc_pic/iflocal.expected b/src/test/incorrect/iflocal/gcc_pic/iflocal.expected index 7a50c7ab1..0ce1d7ed2 100644 --- a/src/test/incorrect/iflocal/gcc_pic/iflocal.expected +++ b/src/test/incorrect/iflocal/gcc_pic/iflocal.expected @@ -120,6 +120,12 @@ implementation main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; goto lmain_goto_l000008ff, lmain_goto_l00000914; + l00000914: + assume {:captureState "l00000914"} true; + R0, Gamma_R0 := 1bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 28bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 28bv64), Gamma_R0); + assume {:captureState "%0000091f"} true; + goto l000008ff; l000008ff: assume {:captureState "l000008ff"} true; R0, Gamma_R0 := 0bv64, true; @@ -129,12 +135,6 @@ implementation main() assume {:captureState "lmain_goto_l000008ff"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); goto l000008ff; - l00000914: - assume {:captureState "l00000914"} true; - R0, Gamma_R0 := 1bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 28bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 28bv64), Gamma_R0); - assume {:captureState "%0000091f"} true; - goto l000008ff; lmain_goto_l00000914: assume {:captureState "lmain_goto_l00000914"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); diff --git a/src/test/incorrect/nestedifglobal/clang/nestedifglobal.expected b/src/test/incorrect/nestedifglobal/clang/nestedifglobal.expected index 0809dd634..c58d474bb 100644 --- a/src/test/incorrect/nestedifglobal/clang/nestedifglobal.expected +++ b/src/test/incorrect/nestedifglobal/clang/nestedifglobal.expected @@ -141,29 +141,61 @@ implementation main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; goto lmain_goto_l00000390, lmain_goto_l00000393; - l0000040d: - assume {:captureState "l0000040d"} true; - assert Gamma_R8; - goto l0000040d_goto_l00000415, l0000040d_goto_l0000042c; - l0000042c: - assume {:captureState "l0000042c"} true; - goto l0000042d; - l0000040a: - assume {:captureState "l0000040a"} true; + l00000393: + assume {:captureState "l00000393"} true; R8, Gamma_R8 := 1bv64, true; - goto l0000040d; - l000003d4_goto_l000003dc: - assume {:captureState "l000003d4_goto_l000003dc"} true; - assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); - goto l000003dc; - l0000042d: - assume {:captureState "l0000042d"} true; + goto l00000396; + l00000390: + assume {:captureState "l00000390"} true; + R8, Gamma_R8 := 0bv64, true; + goto l00000396; + l00000396: + assume {:captureState "l00000396"} true; + assert Gamma_R8; + goto l00000396_goto_l0000045d, l00000396_goto_l0000039e; + l0000045d: + assume {:captureState "l0000045d"} true; + goto l0000045e; + l0000045e: + assume {:captureState "l0000045e"} true; + R8, Gamma_R8 := 3bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 4bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 4bv64), Gamma_R8); + assume {:captureState "%0000046c"} true; + goto l0000039e; + l0000039e: + assume {:captureState "l0000039e"} true; R8, Gamma_R8 := 69632bv64, true; call rely(); - R8, Gamma_R8 := zero_extend32_32(memory_load32_le(mem, bvadd64(R8, 56bv64))), (gamma_load32(Gamma_mem, bvadd64(R8, 56bv64)) || L(mem, bvadd64(R8, 56bv64))); + R8, Gamma_R8 := zero_extend32_32(memory_load32_le(mem, bvadd64(R8, 52bv64))), (gamma_load32(Gamma_mem, bvadd64(R8, 52bv64)) || L(mem, bvadd64(R8, 52bv64))); + #5, Gamma_#5 := bvadd32(R8[32:0], 4294967294bv32), Gamma_R8; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#5, 1bv32)), bvadd33(sign_extend1_32(R8[32:0]), 8589934591bv33))), (Gamma_R8 && Gamma_#5); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#5, 1bv32)), bvadd33(zero_extend1_32(R8[32:0]), 4294967295bv33))), (Gamma_R8 && Gamma_#5); + ZF, Gamma_ZF := bvcomp32(bvadd32(#5, 1bv32), 0bv32), Gamma_#5; + NF, Gamma_NF := bvadd32(#5, 1bv32)[32:31], Gamma_#5; + R8, Gamma_R8 := zero_extend32_32(bvadd32(#5, 1bv32)), Gamma_#5; + assert Gamma_ZF; + goto l0000039e_goto_l000003d1, l0000039e_goto_l000003ce; + l000003d1: + assume {:captureState "l000003d1"} true; + R8, Gamma_R8 := 1bv64, true; + goto l000003d4; + l000003ce: + assume {:captureState "l000003ce"} true; + R8, Gamma_R8 := 0bv64, true; + goto l000003d4; + l000003d4: + assume {:captureState "l000003d4"} true; + assert Gamma_R8; + goto l000003d4_goto_l00000448, l000003d4_goto_l000003dc; + l00000448: + assume {:captureState "l00000448"} true; + goto l00000449; + l00000449: + assume {:captureState "l00000449"} true; + R8, Gamma_R8 := 5bv64, true; stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 4bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 4bv64), Gamma_R8); - assume {:captureState "%00000442"} true; - goto l00000415; + assume {:captureState "%00000457"} true; + goto l000003dc; l000003dc: assume {:captureState "l000003dc"} true; R8, Gamma_R8 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 4bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 4bv64)); @@ -175,114 +207,82 @@ implementation main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#6, 1bv32)), Gamma_#6; assert Gamma_ZF; goto l000003dc_goto_l0000040a, l000003dc_goto_l00000407; - l000003d4_goto_l00000448: - assume {:captureState "l000003d4_goto_l00000448"} true; - assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); - goto l00000448; - l0000040d_goto_l00000415: - assume {:captureState "l0000040d_goto_l00000415"} true; - assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); - goto l00000415; - l0000039e_goto_l000003ce: - assume {:captureState "l0000039e_goto_l000003ce"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l000003ce; - l00000449: - assume {:captureState "l00000449"} true; - R8, Gamma_R8 := 5bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 4bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 4bv64), Gamma_R8); - assume {:captureState "%00000457"} true; - goto l000003dc; - l00000448: - assume {:captureState "l00000448"} true; - goto l00000449; + l0000040a: + assume {:captureState "l0000040a"} true; + R8, Gamma_R8 := 1bv64, true; + goto l0000040d; l00000407: assume {:captureState "l00000407"} true; R8, Gamma_R8 := 0bv64, true; goto l0000040d; - l0000039e_goto_l000003d1: - assume {:captureState "l0000039e_goto_l000003d1"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l000003d1; - l000003dc_goto_l00000407: - assume {:captureState "l000003dc_goto_l00000407"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l00000407; - l00000396_goto_l0000045d: - assume {:captureState "l00000396_goto_l0000045d"} true; - assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); - goto l0000045d; - l000003d1: - assume {:captureState "l000003d1"} true; - R8, Gamma_R8 := 1bv64, true; - goto l000003d4; - l0000045d: - assume {:captureState "l0000045d"} true; - goto l0000045e; - l000003d4: - assume {:captureState "l000003d4"} true; + l0000040d: + assume {:captureState "l0000040d"} true; assert Gamma_R8; - goto l000003d4_goto_l00000448, l000003d4_goto_l000003dc; - l00000396_goto_l0000039e: - assume {:captureState "l00000396_goto_l0000039e"} true; - assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); - goto l0000039e; - l0000039e: - assume {:captureState "l0000039e"} true; + goto l0000040d_goto_l00000415, l0000040d_goto_l0000042c; + l0000042c: + assume {:captureState "l0000042c"} true; + goto l0000042d; + l0000042d: + assume {:captureState "l0000042d"} true; R8, Gamma_R8 := 69632bv64, true; call rely(); - R8, Gamma_R8 := zero_extend32_32(memory_load32_le(mem, bvadd64(R8, 52bv64))), (gamma_load32(Gamma_mem, bvadd64(R8, 52bv64)) || L(mem, bvadd64(R8, 52bv64))); - #5, Gamma_#5 := bvadd32(R8[32:0], 4294967294bv32), Gamma_R8; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#5, 1bv32)), bvadd33(sign_extend1_32(R8[32:0]), 8589934591bv33))), (Gamma_R8 && Gamma_#5); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#5, 1bv32)), bvadd33(zero_extend1_32(R8[32:0]), 4294967295bv33))), (Gamma_R8 && Gamma_#5); - ZF, Gamma_ZF := bvcomp32(bvadd32(#5, 1bv32), 0bv32), Gamma_#5; - NF, Gamma_NF := bvadd32(#5, 1bv32)[32:31], Gamma_#5; - R8, Gamma_R8 := zero_extend32_32(bvadd32(#5, 1bv32)), Gamma_#5; - assert Gamma_ZF; - goto l0000039e_goto_l000003d1, l0000039e_goto_l000003ce; - l00000390: - assume {:captureState "l00000390"} true; - R8, Gamma_R8 := 0bv64, true; - goto l00000396; - l0000045e: - assume {:captureState "l0000045e"} true; - R8, Gamma_R8 := 3bv64, true; + R8, Gamma_R8 := zero_extend32_32(memory_load32_le(mem, bvadd64(R8, 56bv64))), (gamma_load32(Gamma_mem, bvadd64(R8, 56bv64)) || L(mem, bvadd64(R8, 56bv64))); stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 4bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 4bv64), Gamma_R8); - assume {:captureState "%0000046c"} true; - goto l0000039e; - l00000396: - assume {:captureState "l00000396"} true; - assert Gamma_R8; - goto l00000396_goto_l0000045d, l00000396_goto_l0000039e; - l00000393: - assume {:captureState "l00000393"} true; - R8, Gamma_R8 := 1bv64, true; - goto l00000396; - l000003dc_goto_l0000040a: - assume {:captureState "l000003dc_goto_l0000040a"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l0000040a; + assume {:captureState "%00000442"} true; + goto l00000415; l00000415: assume {:captureState "l00000415"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; goto main_return; - l000003ce: - assume {:captureState "l000003ce"} true; - R8, Gamma_R8 := 0bv64, true; - goto l000003d4; lmain_goto_l00000390: assume {:captureState "lmain_goto_l00000390"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); goto l00000390; - l0000040d_goto_l0000042c: - assume {:captureState "l0000040d_goto_l0000042c"} true; - assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); - goto l0000042c; lmain_goto_l00000393: assume {:captureState "lmain_goto_l00000393"} true; assume (bvcomp1(ZF, 1bv1) == 0bv1); goto l00000393; + l00000396_goto_l0000039e: + assume {:captureState "l00000396_goto_l0000039e"} true; + assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); + goto l0000039e; + l00000396_goto_l0000045d: + assume {:captureState "l00000396_goto_l0000045d"} true; + assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); + goto l0000045d; + l0000039e_goto_l000003ce: + assume {:captureState "l0000039e_goto_l000003ce"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l000003ce; + l0000039e_goto_l000003d1: + assume {:captureState "l0000039e_goto_l000003d1"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l000003d1; + l000003d4_goto_l000003dc: + assume {:captureState "l000003d4_goto_l000003dc"} true; + assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); + goto l000003dc; + l000003d4_goto_l00000448: + assume {:captureState "l000003d4_goto_l00000448"} true; + assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); + goto l00000448; + l000003dc_goto_l00000407: + assume {:captureState "l000003dc_goto_l00000407"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l00000407; + l000003dc_goto_l0000040a: + assume {:captureState "l000003dc_goto_l0000040a"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l0000040a; + l0000040d_goto_l00000415: + assume {:captureState "l0000040d_goto_l00000415"} true; + assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); + goto l00000415; + l0000040d_goto_l0000042c: + assume {:captureState "l0000040d_goto_l0000042c"} true; + assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); + goto l0000042c; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/incorrect/nestedifglobal/clang_no_plt_no_pic/nestedifglobal.expected b/src/test/incorrect/nestedifglobal/clang_no_plt_no_pic/nestedifglobal.expected index 39b94f797..02557b876 100644 --- a/src/test/incorrect/nestedifglobal/clang_no_plt_no_pic/nestedifglobal.expected +++ b/src/test/incorrect/nestedifglobal/clang_no_plt_no_pic/nestedifglobal.expected @@ -141,51 +141,27 @@ implementation main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; goto lmain_goto_l00000ae3, lmain_goto_l00000ae0; - l00000b24: - assume {:captureState "l00000b24"} true; - assert Gamma_R8; - goto l00000b24_goto_l00000b2c, l00000b24_goto_l00000b98; - l00000b2c_goto_l00000b5a: - assume {:captureState "l00000b2c_goto_l00000b5a"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l00000b5a; - l00000b5d: - assume {:captureState "l00000b5d"} true; - assert Gamma_R8; - goto l00000b5d_goto_l00000b65, l00000b5d_goto_l00000b7c; - l00000b5a: - assume {:captureState "l00000b5a"} true; + l00000ae3: + assume {:captureState "l00000ae3"} true; R8, Gamma_R8 := 1bv64, true; - goto l00000b5d; - l00000b7c: - assume {:captureState "l00000b7c"} true; - goto l00000b7d; - l00000b7d: - assume {:captureState "l00000b7d"} true; - R8, Gamma_R8 := 69632bv64, true; - call rely(); - R8, Gamma_R8 := zero_extend32_32(memory_load32_le(mem, bvadd64(R8, 56bv64))), (gamma_load32(Gamma_mem, bvadd64(R8, 56bv64)) || L(mem, bvadd64(R8, 56bv64))); - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 4bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 4bv64), Gamma_R8); - assume {:captureState "%00000b92"} true; - goto l00000b65; - l00000b24_goto_l00000b98: - assume {:captureState "l00000b24_goto_l00000b98"} true; - assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); - goto l00000b98; - l00000b1e: - assume {:captureState "l00000b1e"} true; + goto l00000ae6; + l00000ae0: + assume {:captureState "l00000ae0"} true; R8, Gamma_R8 := 0bv64, true; - goto l00000b24; - l00000b5d_goto_l00000b65: - assume {:captureState "l00000b5d_goto_l00000b65"} true; - assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); - goto l00000b65; - l00000b99: - assume {:captureState "l00000b99"} true; - R8, Gamma_R8 := 5bv64, true; + goto l00000ae6; + l00000ae6: + assume {:captureState "l00000ae6"} true; + assert Gamma_R8; + goto l00000ae6_goto_l00000aee, l00000ae6_goto_l00000bad; + l00000bad: + assume {:captureState "l00000bad"} true; + goto l00000bae; + l00000bae: + assume {:captureState "l00000bae"} true; + R8, Gamma_R8 := 3bv64, true; stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 4bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 4bv64), Gamma_R8); - assume {:captureState "%00000ba7"} true; - goto l00000b2c; + assume {:captureState "%00000bbc"} true; + goto l00000aee; l00000aee: assume {:captureState "l00000aee"} true; R8, Gamma_R8 := 69632bv64, true; @@ -199,42 +175,27 @@ implementation main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#5, 1bv32)), Gamma_#5; assert Gamma_ZF; goto l00000aee_goto_l00000b1e, l00000aee_goto_l00000b21; + l00000b21: + assume {:captureState "l00000b21"} true; + R8, Gamma_R8 := 1bv64, true; + goto l00000b24; + l00000b1e: + assume {:captureState "l00000b1e"} true; + R8, Gamma_R8 := 0bv64, true; + goto l00000b24; + l00000b24: + assume {:captureState "l00000b24"} true; + assert Gamma_R8; + goto l00000b24_goto_l00000b2c, l00000b24_goto_l00000b98; l00000b98: assume {:captureState "l00000b98"} true; goto l00000b99; - l00000b24_goto_l00000b2c: - assume {:captureState "l00000b24_goto_l00000b2c"} true; - assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); - goto l00000b2c; - l00000b2c_goto_l00000b57: - assume {:captureState "l00000b2c_goto_l00000b57"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l00000b57; - l00000aee_goto_l00000b21: - assume {:captureState "l00000aee_goto_l00000b21"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l00000b21; - l00000bae: - assume {:captureState "l00000bae"} true; - R8, Gamma_R8 := 3bv64, true; + l00000b99: + assume {:captureState "l00000b99"} true; + R8, Gamma_R8 := 5bv64, true; stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 4bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 4bv64), Gamma_R8); - assume {:captureState "%00000bbc"} true; - goto l00000aee; - l00000b57: - assume {:captureState "l00000b57"} true; - R8, Gamma_R8 := 0bv64, true; - goto l00000b5d; - l00000bad: - assume {:captureState "l00000bad"} true; - goto l00000bae; - l00000b5d_goto_l00000b7c: - assume {:captureState "l00000b5d_goto_l00000b7c"} true; - assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); - goto l00000b7c; - l00000ae6: - assume {:captureState "l00000ae6"} true; - assert Gamma_R8; - goto l00000ae6_goto_l00000aee, l00000ae6_goto_l00000bad; + assume {:captureState "%00000ba7"} true; + goto l00000b2c; l00000b2c: assume {:captureState "l00000b2c"} true; R8, Gamma_R8 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 4bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 4bv64)); @@ -246,43 +207,82 @@ implementation main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#6, 1bv32)), Gamma_#6; assert Gamma_ZF; goto l00000b2c_goto_l00000b5a, l00000b2c_goto_l00000b57; + l00000b5a: + assume {:captureState "l00000b5a"} true; + R8, Gamma_R8 := 1bv64, true; + goto l00000b5d; + l00000b57: + assume {:captureState "l00000b57"} true; + R8, Gamma_R8 := 0bv64, true; + goto l00000b5d; + l00000b5d: + assume {:captureState "l00000b5d"} true; + assert Gamma_R8; + goto l00000b5d_goto_l00000b65, l00000b5d_goto_l00000b7c; + l00000b7c: + assume {:captureState "l00000b7c"} true; + goto l00000b7d; + l00000b7d: + assume {:captureState "l00000b7d"} true; + R8, Gamma_R8 := 69632bv64, true; + call rely(); + R8, Gamma_R8 := zero_extend32_32(memory_load32_le(mem, bvadd64(R8, 56bv64))), (gamma_load32(Gamma_mem, bvadd64(R8, 56bv64)) || L(mem, bvadd64(R8, 56bv64))); + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 4bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 4bv64), Gamma_R8); + assume {:captureState "%00000b92"} true; + goto l00000b65; + l00000b65: + assume {:captureState "l00000b65"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); + R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; + goto main_return; + lmain_goto_l00000ae0: + assume {:captureState "lmain_goto_l00000ae0"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l00000ae0; + lmain_goto_l00000ae3: + assume {:captureState "lmain_goto_l00000ae3"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l00000ae3; l00000ae6_goto_l00000aee: assume {:captureState "l00000ae6_goto_l00000aee"} true; assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); goto l00000aee; - l00000ae3: - assume {:captureState "l00000ae3"} true; - R8, Gamma_R8 := 1bv64, true; - goto l00000ae6; - l00000ae0: - assume {:captureState "l00000ae0"} true; - R8, Gamma_R8 := 0bv64, true; - goto l00000ae6; l00000ae6_goto_l00000bad: assume {:captureState "l00000ae6_goto_l00000bad"} true; assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); goto l00000bad; - lmain_goto_l00000ae3: - assume {:captureState "lmain_goto_l00000ae3"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l00000ae3; l00000aee_goto_l00000b1e: assume {:captureState "l00000aee_goto_l00000b1e"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); goto l00000b1e; - l00000b65: - assume {:captureState "l00000b65"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 12bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 12bv64)); - R31, Gamma_R31 := bvadd64(R31, 16bv64), Gamma_R31; - goto main_return; - l00000b21: - assume {:captureState "l00000b21"} true; - R8, Gamma_R8 := 1bv64, true; - goto l00000b24; - lmain_goto_l00000ae0: - assume {:captureState "lmain_goto_l00000ae0"} true; + l00000aee_goto_l00000b21: + assume {:captureState "l00000aee_goto_l00000b21"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l00000b21; + l00000b24_goto_l00000b2c: + assume {:captureState "l00000b24_goto_l00000b2c"} true; + assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); + goto l00000b2c; + l00000b24_goto_l00000b98: + assume {:captureState "l00000b24_goto_l00000b98"} true; + assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); + goto l00000b98; + l00000b2c_goto_l00000b57: + assume {:captureState "l00000b2c_goto_l00000b57"} true; assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l00000ae0; + goto l00000b57; + l00000b2c_goto_l00000b5a: + assume {:captureState "l00000b2c_goto_l00000b5a"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l00000b5a; + l00000b5d_goto_l00000b65: + assume {:captureState "l00000b5d_goto_l00000b65"} true; + assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); + goto l00000b65; + l00000b5d_goto_l00000b7c: + assume {:captureState "l00000b5d_goto_l00000b7c"} true; + assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); + goto l00000b7c; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/incorrect/nestedifglobal/clang_pic/nestedifglobal.expected b/src/test/incorrect/nestedifglobal/clang_pic/nestedifglobal.expected index a0ff2102d..6bf072afb 100644 --- a/src/test/incorrect/nestedifglobal/clang_pic/nestedifglobal.expected +++ b/src/test/incorrect/nestedifglobal/clang_pic/nestedifglobal.expected @@ -163,54 +163,27 @@ implementation main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#4, 1bv32)), Gamma_#4; assert Gamma_ZF; goto lmain_goto_l000003ae, lmain_goto_l000003ab; - l000003b1_goto_l000003b9: - assume {:captureState "l000003b1_goto_l000003b9"} true; - assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); - goto l000003b9; + l000003ae: + assume {:captureState "l000003ae"} true; + R8, Gamma_R8 := 1bv64, true; + goto l000003b1; + l000003ab: + assume {:captureState "l000003ab"} true; + R8, Gamma_R8 := 0bv64, true; + goto l000003b1; + l000003b1: + assume {:captureState "l000003b1"} true; + assert Gamma_R8; + goto l000003b1_goto_l000003b9, l000003b1_goto_l00000481; l00000481: assume {:captureState "l00000481"} true; goto l00000482; - l0000042a_goto_l00000432: - assume {:captureState "l0000042a_goto_l00000432"} true; - assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); - goto l00000432; l00000482: assume {:captureState "l00000482"} true; R8, Gamma_R8 := 3bv64, true; stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 20bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 20bv64), Gamma_R8); assume {:captureState "%00000490"} true; goto l000003b9; - l000003b9_goto_l000003eb: - assume {:captureState "l000003b9_goto_l000003eb"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l000003eb; - l00000449: - assume {:captureState "l00000449"} true; - goto l0000044a; - l00000427: - assume {:captureState "l00000427"} true; - R8, Gamma_R8 := 1bv64, true; - goto l0000042a; - l000003f1_goto_l0000046c: - assume {:captureState "l000003f1_goto_l0000046c"} true; - assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); - goto l0000046c; - l000003b9_goto_l000003ee: - assume {:captureState "l000003b9_goto_l000003ee"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l000003ee; - l00000424: - assume {:captureState "l00000424"} true; - R8, Gamma_R8 := 0bv64, true; - goto l0000042a; - l000003b1: - assume {:captureState "l000003b1"} true; - assert Gamma_R8; - goto l000003b1_goto_l000003b9, l000003b1_goto_l00000481; - l000003f1: - assume {:captureState "l000003f1"} true; - assert Gamma_R8; - goto l000003f1_goto_l000003f9, l000003f1_goto_l0000046c; l000003b9: assume {:captureState "l000003b9"} true; R8, Gamma_R8 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); @@ -224,14 +197,27 @@ implementation main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#5, 1bv32)), Gamma_#5; assert Gamma_ZF; goto l000003b9_goto_l000003eb, l000003b9_goto_l000003ee; - l000003b1_goto_l00000481: - assume {:captureState "l000003b1_goto_l00000481"} true; - assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); - goto l00000481; - l0000042a_goto_l00000449: - assume {:captureState "l0000042a_goto_l00000449"} true; - assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); - goto l00000449; + l000003ee: + assume {:captureState "l000003ee"} true; + R8, Gamma_R8 := 1bv64, true; + goto l000003f1; + l000003eb: + assume {:captureState "l000003eb"} true; + R8, Gamma_R8 := 0bv64, true; + goto l000003f1; + l000003f1: + assume {:captureState "l000003f1"} true; + assert Gamma_R8; + goto l000003f1_goto_l000003f9, l000003f1_goto_l0000046c; + l0000046c: + assume {:captureState "l0000046c"} true; + goto l0000046d; + l0000046d: + assume {:captureState "l0000046d"} true; + R8, Gamma_R8 := 5bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 20bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 20bv64), Gamma_R8); + assume {:captureState "%0000047b"} true; + goto l000003f9; l000003f9: assume {:captureState "l000003f9"} true; R8, Gamma_R8 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 20bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 20bv64)); @@ -243,46 +229,21 @@ implementation main() R8, Gamma_R8 := zero_extend32_32(bvadd32(#6, 1bv32)), Gamma_#6; assert Gamma_ZF; goto l000003f9_goto_l00000424, l000003f9_goto_l00000427; - lmain_goto_l000003ae: - assume {:captureState "lmain_goto_l000003ae"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l000003ae; - l000003eb: - assume {:captureState "l000003eb"} true; - R8, Gamma_R8 := 0bv64, true; - goto l000003f1; - l000003ee: - assume {:captureState "l000003ee"} true; + l00000427: + assume {:captureState "l00000427"} true; R8, Gamma_R8 := 1bv64, true; - goto l000003f1; - l00000432: - assume {:captureState "l00000432"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; - goto main_return; - l000003f9_goto_l00000424: - assume {:captureState "l000003f9_goto_l00000424"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l00000424; - l000003ab: - assume {:captureState "l000003ab"} true; + goto l0000042a; + l00000424: + assume {:captureState "l00000424"} true; R8, Gamma_R8 := 0bv64, true; - goto l000003b1; - l000003ae: - assume {:captureState "l000003ae"} true; - R8, Gamma_R8 := 1bv64, true; - goto l000003b1; - l000003f9_goto_l00000427: - assume {:captureState "l000003f9_goto_l00000427"} true; - assume (bvcomp1(ZF, 1bv1) == 0bv1); - goto l00000427; - lmain_goto_l000003ab: - assume {:captureState "lmain_goto_l000003ab"} true; - assume (bvcomp1(ZF, 1bv1) != 0bv1); - goto l000003ab; - l0000046c: - assume {:captureState "l0000046c"} true; - goto l0000046d; + goto l0000042a; + l0000042a: + assume {:captureState "l0000042a"} true; + assert Gamma_R8; + goto l0000042a_goto_l00000449, l0000042a_goto_l00000432; + l00000449: + assume {:captureState "l00000449"} true; + goto l0000044a; l0000044a: assume {:captureState "l0000044a"} true; R8, Gamma_R8 := 65536bv64, true; @@ -293,20 +254,59 @@ implementation main() stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 20bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 20bv64), Gamma_R8); assume {:captureState "%00000466"} true; goto l00000432; + l00000432: + assume {:captureState "l00000432"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; + goto main_return; + lmain_goto_l000003ab: + assume {:captureState "lmain_goto_l000003ab"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l000003ab; + lmain_goto_l000003ae: + assume {:captureState "lmain_goto_l000003ae"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l000003ae; + l000003b1_goto_l000003b9: + assume {:captureState "l000003b1_goto_l000003b9"} true; + assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); + goto l000003b9; + l000003b1_goto_l00000481: + assume {:captureState "l000003b1_goto_l00000481"} true; + assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); + goto l00000481; + l000003b9_goto_l000003eb: + assume {:captureState "l000003b9_goto_l000003eb"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l000003eb; + l000003b9_goto_l000003ee: + assume {:captureState "l000003b9_goto_l000003ee"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l000003ee; l000003f1_goto_l000003f9: assume {:captureState "l000003f1_goto_l000003f9"} true; assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); goto l000003f9; - l0000042a: - assume {:captureState "l0000042a"} true; - assert Gamma_R8; - goto l0000042a_goto_l00000449, l0000042a_goto_l00000432; - l0000046d: - assume {:captureState "l0000046d"} true; - R8, Gamma_R8 := 5bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 20bv64), R8[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 20bv64), Gamma_R8); - assume {:captureState "%0000047b"} true; - goto l000003f9; + l000003f1_goto_l0000046c: + assume {:captureState "l000003f1_goto_l0000046c"} true; + assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); + goto l0000046c; + l000003f9_goto_l00000424: + assume {:captureState "l000003f9_goto_l00000424"} true; + assume (bvcomp1(ZF, 1bv1) != 0bv1); + goto l00000424; + l000003f9_goto_l00000427: + assume {:captureState "l000003f9_goto_l00000427"} true; + assume (bvcomp1(ZF, 1bv1) == 0bv1); + goto l00000427; + l0000042a_goto_l00000432: + assume {:captureState "l0000042a_goto_l00000432"} true; + assume (bvcomp1(R8[1:0], 1bv1) != 0bv1); + goto l00000432; + l0000042a_goto_l00000449: + assume {:captureState "l0000042a_goto_l00000449"} true; + assume (bvcomp1(R8[1:0], 1bv1) == 0bv1); + goto l00000449; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/incorrect/nestedifglobal/gcc/nestedifglobal.expected b/src/test/incorrect/nestedifglobal/gcc/nestedifglobal.expected index d8357ddb3..f3fac9965 100644 --- a/src/test/incorrect/nestedifglobal/gcc/nestedifglobal.expected +++ b/src/test/incorrect/nestedifglobal/gcc/nestedifglobal.expected @@ -139,24 +139,12 @@ implementation main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; goto lmain_goto_l00000414, lmain_goto_l00000381; - l000003d8: - assume {:captureState "l000003d8"} true; - R0, Gamma_R0 := 0bv64, true; - R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; - goto main_return; - lmain_goto_l00000414: - assume {:captureState "lmain_goto_l00000414"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); - goto l00000414; - l000003ed: - assume {:captureState "l000003ed"} true; - R0, Gamma_R0 := 69632bv64, true; - R0, Gamma_R0 := bvadd64(R0, 24bv64), Gamma_R0; - call rely(); - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, R0)), (gamma_load32(Gamma_mem, R0) || L(mem, R0)); + l00000414: + assume {:captureState "l00000414"} true; + R0, Gamma_R0 := 3bv64, true; stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 28bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 28bv64), Gamma_R0); - assume {:captureState "%00000405"} true; - goto l000003d8; + assume {:captureState "%0000041f"} true; + goto l00000381; l00000381: assume {:captureState "l00000381"} true; R0, Gamma_R0 := 69632bv64, true; @@ -170,26 +158,12 @@ implementation main() NF, Gamma_NF := bvadd32(#5, 1bv32)[32:31], Gamma_#5; assert Gamma_ZF; goto l00000381_goto_l000003b2, l00000381_goto_l00000407; - l000003b2_goto_l000003ed: - assume {:captureState "l000003b2_goto_l000003ed"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); - goto l000003ed; l00000407: assume {:captureState "l00000407"} true; R0, Gamma_R0 := 5bv64, true; stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 28bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 28bv64), Gamma_R0); assume {:captureState "%00000412"} true; goto l000003b2; - l00000414: - assume {:captureState "l00000414"} true; - R0, Gamma_R0 := 3bv64, true; - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 28bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 28bv64), Gamma_R0); - assume {:captureState "%0000041f"} true; - goto l00000381; - l00000381_goto_l000003b2: - assume {:captureState "l00000381_goto_l000003b2"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); - goto l000003b2; l000003b2: assume {:captureState "l000003b2"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -200,18 +174,44 @@ implementation main() NF, Gamma_NF := bvadd32(#6, 1bv32)[32:31], Gamma_#6; assert Gamma_ZF; goto l000003b2_goto_l000003d8, l000003b2_goto_l000003ed; - l000003b2_goto_l000003d8: - assume {:captureState "l000003b2_goto_l000003d8"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); + l000003ed: + assume {:captureState "l000003ed"} true; + R0, Gamma_R0 := 69632bv64, true; + R0, Gamma_R0 := bvadd64(R0, 24bv64), Gamma_R0; + call rely(); + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, R0)), (gamma_load32(Gamma_mem, R0) || L(mem, R0)); + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 28bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 28bv64), Gamma_R0); + assume {:captureState "%00000405"} true; goto l000003d8; + l000003d8: + assume {:captureState "l000003d8"} true; + R0, Gamma_R0 := 0bv64, true; + R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; + goto main_return; + lmain_goto_l00000381: + assume {:captureState "lmain_goto_l00000381"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); + goto l00000381; + lmain_goto_l00000414: + assume {:captureState "lmain_goto_l00000414"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); + goto l00000414; + l00000381_goto_l000003b2: + assume {:captureState "l00000381_goto_l000003b2"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); + goto l000003b2; l00000381_goto_l00000407: assume {:captureState "l00000381_goto_l00000407"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); goto l00000407; - lmain_goto_l00000381: - assume {:captureState "lmain_goto_l00000381"} true; + l000003b2_goto_l000003d8: + assume {:captureState "l000003b2_goto_l000003d8"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); - goto l00000381; + goto l000003d8; + l000003b2_goto_l000003ed: + assume {:captureState "l000003b2_goto_l000003ed"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); + goto l000003ed; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/incorrect/nestedifglobal/gcc_no_plt_no_pic/nestedifglobal.expected b/src/test/incorrect/nestedifglobal/gcc_no_plt_no_pic/nestedifglobal.expected index 46343dd6b..2a1a9c7d2 100644 --- a/src/test/incorrect/nestedifglobal/gcc_no_plt_no_pic/nestedifglobal.expected +++ b/src/test/incorrect/nestedifglobal/gcc_no_plt_no_pic/nestedifglobal.expected @@ -139,40 +139,6 @@ implementation main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; goto lmain_goto_l00000b0c, lmain_goto_l00000a79; - l00000aaa_goto_l00000ae5: - assume {:captureState "l00000aaa_goto_l00000ae5"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); - goto l00000ae5; - lmain_goto_l00000a79: - assume {:captureState "lmain_goto_l00000a79"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); - goto l00000a79; - l00000a79_goto_l00000aaa: - assume {:captureState "l00000a79_goto_l00000aaa"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); - goto l00000aaa; - l00000a79_goto_l00000aff: - assume {:captureState "l00000a79_goto_l00000aff"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); - goto l00000aff; - l00000ae5: - assume {:captureState "l00000ae5"} true; - R0, Gamma_R0 := 69632bv64, true; - R0, Gamma_R0 := bvadd64(R0, 24bv64), Gamma_R0; - call rely(); - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, R0)), (gamma_load32(Gamma_mem, R0) || L(mem, R0)); - stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 28bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 28bv64), Gamma_R0); - assume {:captureState "%00000afd"} true; - goto l00000ad0; - l00000ad0: - assume {:captureState "l00000ad0"} true; - R0, Gamma_R0 := 0bv64, true; - R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; - goto main_return; - lmain_goto_l00000b0c: - assume {:captureState "lmain_goto_l00000b0c"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); - goto l00000b0c; l00000b0c: assume {:captureState "l00000b0c"} true; R0, Gamma_R0 := 3bv64, true; @@ -192,6 +158,12 @@ implementation main() NF, Gamma_NF := bvadd32(#5, 1bv32)[32:31], Gamma_#5; assert Gamma_ZF; goto l00000a79_goto_l00000aaa, l00000a79_goto_l00000aff; + l00000aff: + assume {:captureState "l00000aff"} true; + R0, Gamma_R0 := 5bv64, true; + stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 28bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 28bv64), Gamma_R0); + assume {:captureState "%00000b0a"} true; + goto l00000aaa; l00000aaa: assume {:captureState "l00000aaa"} true; R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); @@ -202,16 +174,44 @@ implementation main() NF, Gamma_NF := bvadd32(#6, 1bv32)[32:31], Gamma_#6; assert Gamma_ZF; goto l00000aaa_goto_l00000ae5, l00000aaa_goto_l00000ad0; - l00000aff: - assume {:captureState "l00000aff"} true; - R0, Gamma_R0 := 5bv64, true; + l00000ae5: + assume {:captureState "l00000ae5"} true; + R0, Gamma_R0 := 69632bv64, true; + R0, Gamma_R0 := bvadd64(R0, 24bv64), Gamma_R0; + call rely(); + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(mem, R0)), (gamma_load32(Gamma_mem, R0) || L(mem, R0)); stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 28bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 28bv64), Gamma_R0); - assume {:captureState "%00000b0a"} true; + assume {:captureState "%00000afd"} true; + goto l00000ad0; + l00000ad0: + assume {:captureState "l00000ad0"} true; + R0, Gamma_R0 := 0bv64, true; + R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; + goto main_return; + lmain_goto_l00000a79: + assume {:captureState "lmain_goto_l00000a79"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); + goto l00000a79; + lmain_goto_l00000b0c: + assume {:captureState "lmain_goto_l00000b0c"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); + goto l00000b0c; + l00000a79_goto_l00000aaa: + assume {:captureState "l00000a79_goto_l00000aaa"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); goto l00000aaa; + l00000a79_goto_l00000aff: + assume {:captureState "l00000a79_goto_l00000aff"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); + goto l00000aff; l00000aaa_goto_l00000ad0: assume {:captureState "l00000aaa_goto_l00000ad0"} true; assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); goto l00000ad0; + l00000aaa_goto_l00000ae5: + assume {:captureState "l00000aaa_goto_l00000ae5"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); + goto l00000ae5; main_return: assume {:captureState "main_return"} true; return; diff --git a/src/test/incorrect/nestedifglobal/gcc_pic/nestedifglobal.expected b/src/test/incorrect/nestedifglobal/gcc_pic/nestedifglobal.expected index 2048a6620..476bfca22 100644 --- a/src/test/incorrect/nestedifglobal/gcc_pic/nestedifglobal.expected +++ b/src/test/incorrect/nestedifglobal/gcc_pic/nestedifglobal.expected @@ -151,43 +151,12 @@ implementation main() NF, Gamma_NF := bvadd32(#4, 1bv32)[32:31], Gamma_#4; assert Gamma_ZF; goto lmain_goto_l00000383, lmain_goto_l00000418; - l000003b5: - assume {:captureState "l000003b5"} true; - R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); - #6, Gamma_#6 := bvadd32(R0[32:0], 4294967292bv32), Gamma_R0; - VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#6, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934589bv33))), (Gamma_R0 && Gamma_#6); - CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#6, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967293bv33))), (Gamma_R0 && Gamma_#6); - ZF, Gamma_ZF := bvcomp32(bvadd32(#6, 1bv32), 0bv32), Gamma_#6; - NF, Gamma_NF := bvadd32(#6, 1bv32)[32:31], Gamma_#6; - assert Gamma_ZF; - goto l000003b5_goto_l000003f0, l000003b5_goto_l000003db; - l0000040b: - assume {:captureState "l0000040b"} true; - R0, Gamma_R0 := 5bv64, true; + l00000418: + assume {:captureState "l00000418"} true; + R0, Gamma_R0 := 3bv64, true; stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 28bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 28bv64), Gamma_R0); - assume {:captureState "%00000416"} true; - goto l000003b5; - l000003b5_goto_l000003f0: - assume {:captureState "l000003b5_goto_l000003f0"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); - goto l000003f0; - l000003db: - assume {:captureState "l000003db"} true; - R0, Gamma_R0 := 0bv64, true; - R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; - goto main_return; - l00000383_goto_l0000040b: - assume {:captureState "l00000383_goto_l0000040b"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); - goto l0000040b; - l00000383_goto_l000003b5: - assume {:captureState "l00000383_goto_l000003b5"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); - goto l000003b5; - lmain_goto_l00000418: - assume {:captureState "lmain_goto_l00000418"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); - goto l00000418; + assume {:captureState "%00000423"} true; + goto l00000383; l00000383: assume {:captureState "l00000383"} true; R0, Gamma_R0 := 65536bv64, true; @@ -202,20 +171,22 @@ implementation main() NF, Gamma_NF := bvadd32(#5, 1bv32)[32:31], Gamma_#5; assert Gamma_ZF; goto l00000383_goto_l0000040b, l00000383_goto_l000003b5; - lmain_goto_l00000383: - assume {:captureState "lmain_goto_l00000383"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); - goto l00000383; - l00000418: - assume {:captureState "l00000418"} true; - R0, Gamma_R0 := 3bv64, true; + l0000040b: + assume {:captureState "l0000040b"} true; + R0, Gamma_R0 := 5bv64, true; stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 28bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 28bv64), Gamma_R0); - assume {:captureState "%00000423"} true; - goto l00000383; - l000003b5_goto_l000003db: - assume {:captureState "l000003b5_goto_l000003db"} true; - assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); - goto l000003db; + assume {:captureState "%00000416"} true; + goto l000003b5; + l000003b5: + assume {:captureState "l000003b5"} true; + R0, Gamma_R0 := zero_extend32_32(memory_load32_le(stack, bvadd64(R31, 28bv64))), gamma_load32(Gamma_stack, bvadd64(R31, 28bv64)); + #6, Gamma_#6 := bvadd32(R0[32:0], 4294967292bv32), Gamma_R0; + VF, Gamma_VF := bvnot1(bvcomp33(sign_extend1_32(bvadd32(#6, 1bv32)), bvadd33(sign_extend1_32(R0[32:0]), 8589934589bv33))), (Gamma_R0 && Gamma_#6); + CF, Gamma_CF := bvnot1(bvcomp33(zero_extend1_32(bvadd32(#6, 1bv32)), bvadd33(zero_extend1_32(R0[32:0]), 4294967293bv33))), (Gamma_R0 && Gamma_#6); + ZF, Gamma_ZF := bvcomp32(bvadd32(#6, 1bv32), 0bv32), Gamma_#6; + NF, Gamma_NF := bvadd32(#6, 1bv32)[32:31], Gamma_#6; + assert Gamma_ZF; + goto l000003b5_goto_l000003f0, l000003b5_goto_l000003db; l000003f0: assume {:captureState "l000003f0"} true; R0, Gamma_R0 := 65536bv64, true; @@ -226,6 +197,35 @@ implementation main() stack, Gamma_stack := memory_store32_le(stack, bvadd64(R31, 28bv64), R0[32:0]), gamma_store32(Gamma_stack, bvadd64(R31, 28bv64), Gamma_R0); assume {:captureState "%00000409"} true; goto l000003db; + l000003db: + assume {:captureState "l000003db"} true; + R0, Gamma_R0 := 0bv64, true; + R31, Gamma_R31 := bvadd64(R31, 32bv64), Gamma_R31; + goto main_return; + lmain_goto_l00000383: + assume {:captureState "lmain_goto_l00000383"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); + goto l00000383; + lmain_goto_l00000418: + assume {:captureState "lmain_goto_l00000418"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); + goto l00000418; + l00000383_goto_l000003b5: + assume {:captureState "l00000383_goto_l000003b5"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); + goto l000003b5; + l00000383_goto_l0000040b: + assume {:captureState "l00000383_goto_l0000040b"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); + goto l0000040b; + l000003b5_goto_l000003db: + assume {:captureState "l000003b5_goto_l000003db"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) != 0bv1); + goto l000003db; + l000003b5_goto_l000003f0: + assume {:captureState "l000003b5_goto_l000003f0"} true; + assume (bvnot1(bvcomp1(ZF, 1bv1)) == 0bv1); + goto l000003f0; main_return: assume {:captureState "main_return"} true; return; From 68362ae7738724e497f60f44e9566edb5504268e Mon Sep 17 00:00:00 2001 From: Alistair Michael Date: Tue, 23 Jan 2024 14:55:37 +1000 Subject: [PATCH 36/42] cleanup intrusivelist typecasts --- src/main/scala/analysis/Cfg.scala | 1 - src/main/scala/ir/Program.scala | 2 +- src/main/scala/ir/Statement.scala | 6 +- src/main/scala/ir/Visitor.scala | 2 +- src/main/scala/translating/BAPToIR.scala | 2 +- src/main/scala/util/IntrusiveList.scala | 89 +++++++++---------- src/main/scala/util/RunUtils.scala | 2 +- .../ir/IntrusiveListPublicInterfaceTest.scala | 4 +- src/test/scala/ir/IntrusiveListTest.scala | 6 +- 9 files changed, 56 insertions(+), 58 deletions(-) diff --git a/src/main/scala/analysis/Cfg.scala b/src/main/scala/analysis/Cfg.scala index e2a5ff066..ae6684b69 100644 --- a/src/main/scala/analysis/Cfg.scala +++ b/src/main/scala/analysis/Cfg.scala @@ -1,7 +1,6 @@ package analysis import scala.collection.mutable -import intrusiveList.IntrusiveList import ir.* import cfg_visualiser.{DotArrow, DotGraph, DotInlineArrow, DotInterArrow, DotIntraArrow, DotNode, DotRegularArrow} diff --git a/src/main/scala/ir/Program.scala b/src/main/scala/ir/Program.scala index 701e474a6..a2fec9cc0 100644 --- a/src/main/scala/ir/Program.scala +++ b/src/main/scala/ir/Program.scala @@ -4,7 +4,7 @@ import scala.collection.mutable.ArrayBuffer import scala.collection.{IterableOnceExtensionMethods, View, immutable, mutable} import boogie.* import analysis.BitVectorEval -import intrusiveList.{IntrusiveList, IntrusiveListElement} +import intrusivelist.{IntrusiveList, IntrusiveListElement} trait HasParent[T]: /* diff --git a/src/main/scala/ir/Statement.scala b/src/main/scala/ir/Statement.scala index 7cd6b4eb2..0efe1d976 100644 --- a/src/main/scala/ir/Statement.scala +++ b/src/main/scala/ir/Statement.scala @@ -1,5 +1,5 @@ package ir -import intrusiveList.IntrusiveListElement +import intrusivelist.IntrusiveListElement import collection.mutable @@ -17,7 +17,7 @@ sealed trait Command extends HasParent[Block] { } -sealed trait Statement extends Command, HasParent[Block], IntrusiveListElement { +sealed trait Statement extends Command, HasParent[Block], IntrusiveListElement[Statement] { def modifies: Set[Global] = Set() //def locals: Set[Variable] = Set() def acceptVisit(visitor: Visitor): Statement = throw new Exception( @@ -73,7 +73,7 @@ class Assume(var body: Expr, var comment: Option[String] = None, override val la object Assume: def unapply(a: Assume): Option[(Expr, Option[String], Option[String], Boolean)] = Some(a.body, a.comment, a.label, a.checkSecurity) -sealed trait Jump extends Command, IntrusiveListElement, HasParent[Block] { +sealed trait Jump extends Command, HasParent[Block] { def modifies: Set[Global] = Set() //def locals: Set[Variable] = Set() def calls: Set[Procedure] = Set() diff --git a/src/main/scala/ir/Visitor.scala b/src/main/scala/ir/Visitor.scala index ea934ac1c..fb917121d 100644 --- a/src/main/scala/ir/Visitor.scala +++ b/src/main/scala/ir/Visitor.scala @@ -2,7 +2,7 @@ package ir import scala.collection.mutable.ArrayBuffer import scala.collection.mutable -import intrusiveList.IntrusiveList +import intrusivelist.IntrusiveList abstract class Visitor { diff --git a/src/main/scala/translating/BAPToIR.scala b/src/main/scala/translating/BAPToIR.scala index c8b5edea7..bbf2707d1 100644 --- a/src/main/scala/translating/BAPToIR.scala +++ b/src/main/scala/translating/BAPToIR.scala @@ -8,7 +8,7 @@ import specification.* import scala.collection.mutable import scala.collection.mutable.Map import scala.collection.mutable.ArrayBuffer -import intrusiveList.IntrusiveList +import intrusivelist.IntrusiveList class BAPToIR(var program: BAPProgram, mainAddress: Int) { diff --git a/src/main/scala/util/IntrusiveList.scala b/src/main/scala/util/IntrusiveList.scala index ab01c5330..0ee0e8fd5 100644 --- a/src/main/scala/util/IntrusiveList.scala +++ b/src/main/scala/util/IntrusiveList.scala @@ -1,4 +1,4 @@ -package intrusiveList +package intrusivelist import scala.collection.mutable @@ -27,9 +27,9 @@ import scala.collection.mutable * @param lastElem THe last list element if nonempty or none if empty. * @tparam T */ -final class IntrusiveList[T <: IntrusiveListElement] private (var numElems: Int, var firstElem: Option[T], - var lastElem: Option[T]) - extends mutable.Iterable[T], mutable.Growable[T]: +final class IntrusiveList[T <: IntrusiveListElement[T]] private (var numElems: Int, var firstElem: Option[T], + var lastElem: Option[T]) + extends mutable.Iterable[T], mutable.Growable[T]: var onInsert: T => Unit = x => () var onRemove: T => Unit = x => () @@ -73,15 +73,15 @@ final class IntrusiveList[T <: IntrusiveListElement] private (var numElems: Int, assert(i < size) var elem = firstElem.get for (c <- 0 until i) { - elem = elem.getNext.asInstanceOf[T] + elem = elem.getNext } elem } - class IntrusiveListIterator(var elem: Option[IntrusiveListElement]) extends Iterator[T] { + class IntrusiveListIterator(var elem: Option[T]) extends Iterator[T] { override def hasNext: Boolean = elem.isDefined override def next: T = { - val t = elem.get.asInstanceOf[T] + val t = elem.get elem = t.next t } @@ -92,7 +92,7 @@ final class IntrusiveList[T <: IntrusiveListElement] private (var numElems: Int, // end Iterable - def iteratorFrom(elem: IntrusiveListElement): Iterator[T] = { + def iteratorFrom(elem: T): Iterator[T] = { assert(elem.first() == firstElem.get) IntrusiveListIterator(Some(elem)) } @@ -172,13 +172,13 @@ final class IntrusiveList[T <: IntrusiveListElement] private (var numElems: Int, assert(containsRef(intrusiveListElement)) numElems -= 1 if (intrusiveListElement == lastElem.get) { - lastElem = intrusiveListElement.prev.asInstanceOf[Option[T]] + lastElem = intrusiveListElement.prev } if (intrusiveListElement == firstElem.get) { - firstElem = intrusiveListElement.next.asInstanceOf[Option[T]] + firstElem = intrusiveListElement.next } onRemove(intrusiveListElement) - intrusiveListElement.remove().asInstanceOf[T] + intrusiveListElement.remove() } @@ -193,7 +193,7 @@ final class IntrusiveList[T <: IntrusiveListElement] private (var numElems: Int, } onInsert(newElem) - intrusiveListElement.insertAfter(newElem).asInstanceOf[T] + intrusiveListElement.insertAfter(newElem) } def insertBefore(intrusiveListElement: T, newElem: T): T = { @@ -206,11 +206,11 @@ final class IntrusiveList[T <: IntrusiveListElement] private (var numElems: Int, firstElem = Some(newElem) } onInsert(newElem) - intrusiveListElement.insertBefore(newElem).asInstanceOf[T] + intrusiveListElement.insertBefore(newElem) } def getNext(elem: T): T = { - elem.getNext.asInstanceOf[T] + elem.getNext } def hasNext(elem: T): Boolean = { @@ -222,60 +222,59 @@ final class IntrusiveList[T <: IntrusiveListElement] private (var numElems: Int, } def getPrev(elem: T): T = { - elem.getPrev.asInstanceOf[T] + elem.getPrev } def nextOption(elem: T): Option[T] = { - elem.next.asInstanceOf[Option[T]] + elem.next } def prevOption(elem: T): Option[T] = { - elem.prev.asInstanceOf[Option[T]] + elem.prev } object IntrusiveList { - def from[T <: IntrusiveListElement](it: IterableOnce[T]): IntrusiveList[T] = { + def from[T <: IntrusiveListElement[T]](it: IterableOnce[T]): IntrusiveList[T] = { val l = new IntrusiveList[T]() l.addAll(it) l } - def empty[T <: IntrusiveListElement] : IntrusiveList[T] = new IntrusiveList[T]() - + def empty[T <: IntrusiveListElement[T]] : IntrusiveList[T] = new IntrusiveList[T]() } -trait IntrusiveListElement: - private[intrusiveList] var next: Option[IntrusiveListElement] = None - private[intrusiveList] var prev: Option[IntrusiveListElement] = None - private[intrusiveList] final def insertBefore(elem: IntrusiveListElement): IntrusiveListElement = { +trait IntrusiveListElement[T <: IntrusiveListElement[T]]: + private[intrusivelist] var next: Option[T] = None + private[intrusivelist] var prev: Option[T] = None + private[intrusivelist] final def insertBefore(elem: T): T = { elem.prev = prev if (prev.isDefined) { prev.get.next = Some(elem) } prev = Some(elem) - elem.next = Some(this) + elem.next = Some(this.asInstanceOf[T]) elem } - private[intrusiveList] final def unitary: Boolean = next.isEmpty && prev.isEmpty + private[intrusivelist] final def unitary: Boolean = next.isEmpty && prev.isEmpty - private[intrusiveList] final def insertAfter(elem: IntrusiveListElement): IntrusiveListElement = { + private[intrusivelist] final def insertAfter(elem: T): T = { if (next.isDefined) { next.get.prev = Some(elem) } elem.next = next next = Some(elem) - elem.prev = Some(this) + elem.prev = Some(this.asInstanceOf[T]) elem } - private[intrusiveList] final def replace(elem: IntrusiveListElement): IntrusiveListElement = { + private[intrusivelist] final def replace(elem: T): T = { insertAfter(elem) remove() elem } - private[intrusiveList] final def remove(): IntrusiveListElement = { + private[intrusivelist] final def remove(): T = { if (next.isDefined) { next.get.prev = prev } @@ -284,7 +283,7 @@ trait IntrusiveListElement: } this.next = None this.prev = None - this + this.asInstanceOf[T] } def succ(): Option[this.type] = { @@ -295,37 +294,37 @@ trait IntrusiveListElement: prev.map(_.asInstanceOf[this.type]) } - private[intrusiveList] final def append(elem: IntrusiveListElement): IntrusiveListElement = { + private[intrusivelist] final def append(elem: T): T = { last().insertAfter(elem) } - private[intrusiveList] final def prepend(elem: IntrusiveListElement): IntrusiveListElement = { + private[intrusivelist] final def prepend(elem: T): T = { first().insertBefore(elem) } - private[intrusiveList] final def getNext: IntrusiveListElement = next.get + private[intrusivelist] final def getNext: T = next.get - private[intrusiveList] final def getPrev: IntrusiveListElement = prev.get + private[intrusivelist] final def getPrev: T = prev.get - private[intrusiveList] final def hasNext: Boolean = next.isDefined - private[intrusiveList] final def hasPrev: Boolean = prev.isDefined + private[intrusivelist] final def hasNext: Boolean = next.isDefined + private[intrusivelist] final def hasPrev: Boolean = prev.isDefined - private[intrusiveList] final def last(): IntrusiveListElement = { + private[intrusivelist] final def last(): T = { next match { case Some(n) => n.last() - case None => this + case None => this.asInstanceOf[T] } } - private[intrusiveList] final def first(): IntrusiveListElement = { + private[intrusivelist] final def first(): T = { prev match { case Some(n) => n.first() - case None => this + case None => this.asInstanceOf[T] } } - private[intrusiveList] final def splice(at: IntrusiveListElement, insertBegin: IntrusiveListElement, - insertEnd: IntrusiveListElement): Unit = { + private[intrusivelist] final def splice(at: T, insertBegin: T, + insertEnd: T): Unit = { assert(insertEnd.last() == insertEnd) assert(insertBegin.last() == insertEnd) assert(insertBegin.first() == insertBegin) @@ -338,11 +337,11 @@ trait IntrusiveListElement: } - private[intrusiveList] final def contains(elem: IntrusiveListElement): Boolean = { + private[intrusivelist] final def contains(elem: T): Boolean = { elem.first() == first() } - private[intrusiveList] final def containsRef(elem: IntrusiveListElement): Boolean = { + private[intrusivelist] final def containsRef(elem: T): Boolean = { elem.first() eq first() } diff --git a/src/main/scala/util/RunUtils.scala b/src/main/scala/util/RunUtils.scala index dace57b3b..83946a12b 100644 --- a/src/main/scala/util/RunUtils.scala +++ b/src/main/scala/util/RunUtils.scala @@ -18,7 +18,7 @@ import org.antlr.v4.runtime.tree.ParseTreeWalker import org.antlr.v4.runtime.{CharStreams, CommonTokenStream} import translating.* import util.Logger -import intrusiveList.IntrusiveList +import intrusivelist.IntrusiveList import analysis.CfgCommandNode import scala.annotation.tailrec diff --git a/src/test/scala/ir/IntrusiveListPublicInterfaceTest.scala b/src/test/scala/ir/IntrusiveListPublicInterfaceTest.scala index 2bd0203d8..49592975e 100644 --- a/src/test/scala/ir/IntrusiveListPublicInterfaceTest.scala +++ b/src/test/scala/ir/IntrusiveListPublicInterfaceTest.scala @@ -1,8 +1,8 @@ package ir import org.scalatest.funsuite.AnyFunSuite -import intrusiveList.{IntrusiveList, IntrusiveListElement} +import intrusivelist.{IntrusiveList, IntrusiveListElement} -case class Elem(val t: Float) extends IntrusiveListElement +case class Elem(val t: Int) extends IntrusiveListElement[Elem] class IntrusiveListPublicInterfaceTest extends AnyFunSuite { diff --git a/src/test/scala/ir/IntrusiveListTest.scala b/src/test/scala/ir/IntrusiveListTest.scala index 7ab980d2c..689ec3bd6 100644 --- a/src/test/scala/ir/IntrusiveListTest.scala +++ b/src/test/scala/ir/IntrusiveListTest.scala @@ -1,14 +1,14 @@ -package intrusiveList +package intrusivelist import org.scalatest.funsuite.AnyFunSuite -case class Elem(val t: Float) extends IntrusiveListElement +case class Elem(val t: Float) extends IntrusiveListElement[Elem] class IntrusiveListElemTest extends AnyFunSuite { test("basic") { val x = IntrusiveList[Elem]() val toInsert = Elem(10) - val f: IntrusiveListElement = x.append(toInsert) + val f: IntrusiveListElement[Elem] = x.append(toInsert) assert(x.size == 1) assert(f.last() == f) assert(f eq toInsert) From 9ccb025d0a193080749c9aade4e454f0d75d0026 Mon Sep 17 00:00:00 2001 From: Alistair Michael Date: Tue, 23 Jan 2024 15:05:09 +1000 Subject: [PATCH 37/42] format --- src/main/scala/ir/IRCursor.scala | 93 +++++++++++++------------ src/main/scala/ir/Program.scala | 60 +--------------- src/main/scala/ir/parent.scala | 60 ++++++++++++++++ src/main/scala/util/IntrusiveList.scala | 79 ++++++++++----------- 4 files changed, 147 insertions(+), 145 deletions(-) create mode 100644 src/main/scala/ir/parent.scala diff --git a/src/main/scala/ir/IRCursor.scala b/src/main/scala/ir/IRCursor.scala index bf549c7dc..93b359dc4 100644 --- a/src/main/scala/ir/IRCursor.scala +++ b/src/main/scala/ir/IRCursor.scala @@ -5,6 +5,9 @@ import cfg_visualiser.{DotArrow, DotGraph, DotInlineArrow, DotInterArrow, DotInt import collection.mutable import scala.annotation.tailrec +/** This file defines functions to get the successor and predecessor of a IR node for control flow. + */ + /* * Defines a position in the IL / CFG; this becomes the lhs of the state map lattice in a static analysis. */ @@ -21,17 +24,20 @@ trait IntraProcIRCursor extends IRWalk[CFGPosition, CFGPosition] { def succ(pos: CFGPosition): Set[CFGPosition] = { pos match { case proc: Procedure => proc.entryBlock.toSet - case b: Block => Set(b.statements.headOption().getOrElse(b.jump)) - case s: Statement => Set(s.parent.statements.nextOption(s).getOrElse(s.parent.jump)) - case j: Jump => j match { - case n: GoTo => n.targets.asInstanceOf[Set[CFGPosition]] - case c: DirectCall => c.returnTarget match - case Some(b) => Set(b) - case None => Set() - case i: IndirectCall => i.returnTarget match + case b: Block => Set(b.statements.headOption().getOrElse(b.jump)) + case s: Statement => Set(s.parent.statements.nextOption(s).getOrElse(s.parent.jump)) + case j: Jump => + j match { + case n: GoTo => n.targets.asInstanceOf[Set[CFGPosition]] + case c: DirectCall => + c.returnTarget match + case Some(b) => Set(b) + case None => Set() + case i: IndirectCall => + i.returnTarget match case Some(block: Block) => Set[CFGPosition](block) - case None => Set() - } + case None => Set() + } } } @@ -43,8 +49,8 @@ trait IntraProcIRCursor extends IRWalk[CFGPosition, CFGPosition] { } else { Set(s.parent) // predecessor blocks } - case j: Jump => if j.parent.statements.isEmpty then Set(j.parent) else Set(j.parent.statements.last) - case b: Block => b.incomingJumps.asInstanceOf[Set[CFGPosition]] + case j: Jump => if j.parent.statements.isEmpty then Set(j.parent) else Set(j.parent.statements.last) + case b: Block => b.incomingJumps.asInstanceOf[Set[CFGPosition]] case proc: Procedure => Set() // intraproc } } @@ -57,8 +63,8 @@ trait IntraProcBlockIRCursor extends IRWalk[CFGPosition, Block] { @tailrec final def succ(pos: CFGPosition): Set[Block] = { pos match { - case b: Block => b.nextBlocks.toSet - case s: Command => succ(s.parent) + case b: Block => b.nextBlocks.toSet + case s: Command => succ(s.parent) case s: Procedure => s.entryBlock.toSet } } @@ -66,46 +72,44 @@ trait IntraProcBlockIRCursor extends IRWalk[CFGPosition, Block] { @tailrec final def pred(pos: CFGPosition): Set[Block] = { pos match { - case b: Block => if b.isEntry then Set.empty else b.incomingJumps.map(_.parent) - case j: Command => pred(j.parent) + case b: Block => if b.isEntry then Set.empty else b.incomingJumps.map(_.parent) + case j: Command => pred(j.parent) case s: Procedure => Set.empty } } } object IntraProcBlockIRCursor extends IntraProcBlockIRCursor - trait InterProcIRCursor extends IRWalk[CFGPosition, CFGPosition] { final def succ(pos: CFGPosition): Set[CFGPosition] = { - pos match - case c: DirectCall => Set(c.target) + pos match + case c: DirectCall => Set(c.target) case c: IndirectCall => Set() - case _ => IntraProcIRCursor.succ(pos) + case _ => IntraProcIRCursor.succ(pos) } final def pred(pos: CFGPosition): Set[CFGPosition] = { - IntraProcIRCursor.pred(pos) ++ (pos match - case c: Procedure => c.incomingCalls().toSet.asInstanceOf[Set[CFGPosition]] - case b: Block => if b.isEntry then Set(b.parent) else b.incomingJumps.asInstanceOf[Set[CFGPosition]] - case _ => Set() - ) - } + IntraProcIRCursor.pred(pos) ++ (pos match + case c: Procedure => c.incomingCalls().toSet.asInstanceOf[Set[CFGPosition]] + case b: Block => if b.isEntry then Set(b.parent) else b.incomingJumps.asInstanceOf[Set[CFGPosition]] + case _ => Set() + ) + } } - trait InterProcBlockIRCursor extends IRWalk[CFGPosition, Block] { final def succ(pos: CFGPosition): Set[Block] = { pos match { case s: DirectCall => s.target.entryBlock.toSet - case _ => IntraProcBlockIRCursor.succ(pos) + case _ => IntraProcBlockIRCursor.succ(pos) } } final def pred(pos: CFGPosition): Set[Block] = { pos match { case b: Block => if b.isEntry then b.parent.incomingCalls().map(_.parent).toSet else b.prevBlocks.toSet - case _ => IntraProcBlockIRCursor.pred(pos) + case _ => IntraProcBlockIRCursor.pred(pos) } } } @@ -121,8 +125,11 @@ object CallGraph extends CallGraph object InterProcBlockIRCursor extends IntraProcBlockIRCursor +/** Computes the reachability transitive closure of the CFGPositions in initial under the successor relation defined by + * walker. + */ def computeDomain[T <: CFGPosition, O <: T](walker: IRWalk[T, O], initial: IterableOnce[O]): mutable.Set[O] = { - val domain : mutable.Set[O] = mutable.Set.from(initial) + val domain: mutable.Set[O] = mutable.Set.from(initial) var sizeBefore = 0 var sizeAfter = domain.size @@ -137,29 +144,30 @@ def computeDomain[T <: CFGPosition, O <: T](walker: IRWalk[T, O], initial: Itera domain } - -def toDot(program: Program, labels: Map[CFGPosition, String] = Map.empty): String= { +def toDot(program: Program, labels: Map[CFGPosition, String] = Map.empty): String = { val domain = computeDomain[CFGPosition, CFGPosition](IntraProcIRCursor, program.procedures) toDot[CFGPosition](domain, IntraProcIRCursor, labels) } -def dotCallGraph(program: Program, labels: Map[CFGPosition, String] = Map.empty): String= { +def dotCallGraph(program: Program, labels: Map[CFGPosition, String] = Map.empty): String = { val domain = computeDomain[Procedure, Procedure](CallGraph, program.procedures) toDot[Procedure](domain, CallGraph, labels) } -def dotBlockGraph(program: Program, labels: Map[CFGPosition, String] = Map.empty): String= { +def dotBlockGraph(program: Program, labels: Map[CFGPosition, String] = Map.empty): String = { val domain = computeDomain[CFGPosition, Block](IntraProcBlockIRCursor, program.procedures.flatMap(_.blocks).toSet) toDot[Block](domain, IntraProcBlockIRCursor, labels) } +def toDot[T <: CFGPosition]( + domain: mutable.Set[T], + iterator: IRWalk[? >: T, ?], + labels: Map[CFGPosition, String] +): String = { -def toDot[T <: CFGPosition](domain: mutable.Set[T], iterator: IRWalk[? >: T, ?], labels: Map[CFGPosition, String]) : String = { - - val visited : mutable.Set[CFGPosition] = mutable.Set.from(domain) + val visited: mutable.Set[CFGPosition] = mutable.Set.from(domain) var labelcounter = 0 - def label(l: Option[String]) = { l match { case Some(s) => s @@ -172,11 +180,10 @@ def toDot[T <: CFGPosition](domain: mutable.Set[T], iterator: IRWalk[? >: T, ?], val dotNodes = mutable.Map[CFGPosition, DotNode]() var dotArrows = mutable.ListBuffer[DotArrow]() - def nodeText(node: CFGPosition): String = { var text = node match { case s: Block => f"[Block] ${s.label}" - case s => s.toString + case s => s.toString } if (labels.contains(node)) { text += "\n" ++ labels(node) @@ -187,13 +194,13 @@ def toDot[T <: CFGPosition](domain: mutable.Set[T], iterator: IRWalk[? >: T, ?], for (node <- domain) { node match case s: Command => dotNodes.addOne(s -> DotNode(label(s.label), nodeText(s))) - case s: Block => dotNodes.addOne(s -> DotNode(label(Some(s.label)), nodeText(s))) - case s => dotNodes.addOne(s -> DotNode(label(Some(s.toString)), nodeText(s))) + case s: Block => dotNodes.addOne(s -> DotNode(label(Some(s.label)), nodeText(s))) + case s => dotNodes.addOne(s -> DotNode(label(Some(s.toString)), nodeText(s))) } for (node <- domain) { node match { - case s : Call => + case s: Call => iterator.succ(s).foreach(n => dotArrows.addOne(DotInterArrow(dotNodes(s), dotNodes(n)))) case s => iterator.succ(s).foreach(n => dotArrows.addOne(DotRegularArrow(dotNodes(s), dotNodes(n)))) diff --git a/src/main/scala/ir/Program.scala b/src/main/scala/ir/Program.scala index a2fec9cc0..e92ba2730 100644 --- a/src/main/scala/ir/Program.scala +++ b/src/main/scala/ir/Program.scala @@ -6,64 +6,6 @@ import boogie.* import analysis.BitVectorEval import intrusivelist.{IntrusiveList, IntrusiveListElement} -trait HasParent[T]: - /* - If a node is reachable from the IL then it *must* have a parent defined. This will only be null until - the object is fully initialised. - - All IL structures must set the parent of the child to itself, when a child is added to itself. - */ - private var _parent: Option[T] = None - def parent: T = _parent.get - - def parent_=(value: T): Unit = setParent(value) - - - /** - * Update any IL control-flow links implied by this relation. - * NOT necessarily idempotent. - * For example; - * - Registering calls with their target procedure - * - Registering jumps with their target block - * - * TODO: consider making abstract to force implementers to consider the linking. - * @param p The new parent - */ - protected[this] def linkParent(p: T): Unit = () - - /** - * Update any IL control-flow links implied by this relation. - * NOT necessarily idempotent. - */ - protected[this] def unlinkParent(): Unit = () - - - /** - * Remove this element's parent and update any IL control-flow links implied by this relation. - * Is idempotent. - */ - final def deParent(): Unit = if _parent.isDefined then { - unlinkParent() - _parent = None - } - - /** - * Set this element's parent and update any IL control-flow links implied by this relation. - * If another parent is already set then it will be de-parented and unlinked from that first. - * Is idempotent. - */ - final def setParent(p: T): Unit = { - _parent match - case Some(existing) if existing == p => () - case None => - _parent = Some(p) - linkParent(p) - case Some(_) => - deParent() - _parent = Some(p) - linkParent(p) - } - class Program(var procedures: ArrayBuffer[Procedure], var mainProcedure: Procedure, var initialMemory: ArrayBuffer[MemorySection], var readOnlyMemory: ArrayBuffer[MemorySection]) extends Iterable[CFGPosition] { @@ -297,7 +239,7 @@ class Procedure private ( block } def removeBlocks(blocks: IterableOnce[Block]): Unit = { - for (elem <- blocks) { + for (elem <- blocks.iterator) { removeBlocks(elem) } } diff --git a/src/main/scala/ir/parent.scala b/src/main/scala/ir/parent.scala new file mode 100644 index 000000000..fe952934a --- /dev/null +++ b/src/main/scala/ir/parent.scala @@ -0,0 +1,60 @@ +package ir + +trait HasParent[T]: + /* + If a node is reachable from the IL then it *must* have a parent defined. This will only be null until + the object is fully initialised. + + All IL structures must set the parent of the child to itself, when a child is added to itself. + */ + private var _parent: Option[T] = None + def parent: T = _parent.get + + def parent_=(value: T): Unit = setParent(value) + + + /** + * Update any IL control-flow links implied by this relation. + * NOT necessarily idempotent. + * For example; + * - Registering calls with their target procedure + * - Registering jumps with their target block + * + * TODO: consider making abstract to force implementers to consider the linking. + * @param p The new parent + */ + protected[this] def linkParent(p: T): Unit = () + + /** + * Update any IL control-flow links implied by this relation. + * NOT necessarily idempotent. + */ + protected[this] def unlinkParent(): Unit = () + + + /** + * Remove this element's parent and update any IL control-flow links implied by this relation. + * Is idempotent. + */ + final def deParent(): Unit = if _parent.isDefined then { + unlinkParent() + _parent = None + } + + /** + * Set this element's parent and update any IL control-flow links implied by this relation. + * If another parent is already set then it will be de-parented and unlinked from that first. + * Is idempotent. + */ + final def setParent(p: T): Unit = { + _parent match + case Some(existing) if existing == p => () + case None => + _parent = Some(p) + linkParent(p) + case Some(_) => + deParent() + _parent = Some(p) + linkParent(p) + } + diff --git a/src/main/scala/util/IntrusiveList.scala b/src/main/scala/util/IntrusiveList.scala index 0ee0e8fd5..f19118cd0 100644 --- a/src/main/scala/util/IntrusiveList.scala +++ b/src/main/scala/util/IntrusiveList.scala @@ -1,37 +1,38 @@ package intrusivelist import scala.collection.mutable - - // TODO: implement IterableOps // So need iterablefactory https://docs.scala-lang.org/overviews/core/custom-collections.html -/** - * A simple intrusive list implementation. - * - * This is a linked list with the links stored as fields within the elements contained in the list, rather - * than boxing the elements in an external list structure. - * - * Therefore this structure can hold any elements that inherit the IntrusiveListElement trait and an intrusive list - * element can only be a member of a single list at a time. - * - * However, this allows us to create an iterator, or simply get the next or previous element from any point in the list, - * as well as insert or remove anywhere in the list without invalidating the iterator. - * - * Insert or remove before or after any element: O(1) - * Create iterator: O(1) - * Find element: O(n) - * - * @param numElems The size of the list - * @param firstElem The first list element if nonempty or none if empty. - * @param lastElem THe last list element if nonempty or none if empty. - * @tparam T - */ -final class IntrusiveList[T <: IntrusiveListElement[T]] private (var numElems: Int, var firstElem: Option[T], - var lastElem: Option[T]) - extends mutable.Iterable[T], mutable.Growable[T]: +/** A simple intrusive list implementation. + * + * This is a linked list with the links stored as fields within the elements contained in the list, rather than boxing + * the elements in an external list structure. + * + * Therefore this structure can hold any elements that inherit the IntrusiveListElement trait and an intrusive list + * element can only be a member of a single list at a time. + * + * However, this allows us to create an iterator, or simply get the next or previous element from any point in the + * list, as well as insert or remove anywhere in the list without invalidating the iterator. + * + * Insert or remove before or after any element: O(1) Create iterator: O(1) Find element: O(n) + * + * @param numElems + * The size of the list + * @param firstElem + * The first list element if nonempty or none if empty. + * @param lastElem + * THe last list element if nonempty or none if empty. + * @tparam T + */ +final class IntrusiveList[T <: IntrusiveListElement[T]] private ( + var numElems: Int, + var firstElem: Option[T], + var lastElem: Option[T] +) extends mutable.Iterable[T], + mutable.Growable[T]: var onInsert: T => Unit = x => () - var onRemove: T => Unit = x => () + var onRemove: T => Unit = x => () // invariant: // numElems == first.length() @@ -62,7 +63,6 @@ final class IntrusiveList[T <: IntrusiveListElement[T]] private (var numElems: I def this() = this(0, None, None) - // Iterable /* @@ -72,7 +72,7 @@ final class IntrusiveList[T <: IntrusiveListElement[T]] private (var numElems: I // TODO: cache? assert(i < size) var elem = firstElem.get - for (c <- 0 until i) { + for (c <- 0 until i) { elem = elem.getNext } elem @@ -91,7 +91,6 @@ final class IntrusiveList[T <: IntrusiveListElement[T]] private (var numElems: I // end Iterable - def iteratorFrom(elem: T): Iterator[T] = { assert(elem.first() == firstElem.get) IntrusiveListIterator(Some(elem)) @@ -105,7 +104,6 @@ final class IntrusiveList[T <: IntrusiveListElement[T]] private (var numElems: I override def headOption(): Option[T] = firstElem - def begin(): T = firstElem.get private def containsRef(elem: T): Boolean = { @@ -140,7 +138,7 @@ final class IntrusiveList[T <: IntrusiveListElement[T]] private (var numElems: I newElem } - def append(newElem : T): T = { + def append(newElem: T): T = { assert(newElem.unitary) assert(!containsRef(newElem)) onInsert(newElem) @@ -181,7 +179,6 @@ final class IntrusiveList[T <: IntrusiveListElement[T]] private (var numElems: I intrusiveListElement.remove() } - def insertAfter(intrusiveListElement: T, newElem: T): T = { assert(size >= 1) assert(containsRef(intrusiveListElement)) @@ -239,7 +236,7 @@ object IntrusiveList { l.addAll(it) l } - def empty[T <: IntrusiveListElement[T]] : IntrusiveList[T] = new IntrusiveList[T]() + def empty[T <: IntrusiveListElement[T]]: IntrusiveList[T] = new IntrusiveList[T]() } trait IntrusiveListElement[T <: IntrusiveListElement[T]]: @@ -257,8 +254,7 @@ trait IntrusiveListElement[T <: IntrusiveListElement[T]]: private[intrusivelist] final def unitary: Boolean = next.isEmpty && prev.isEmpty - - private[intrusivelist] final def insertAfter(elem: T): T = { + private[intrusivelist] final def insertAfter(elem: T): T = { if (next.isDefined) { next.get.prev = Some(elem) } @@ -310,21 +306,20 @@ trait IntrusiveListElement[T <: IntrusiveListElement[T]]: private[intrusivelist] final def hasPrev: Boolean = prev.isDefined private[intrusivelist] final def last(): T = { - next match { + next match { case Some(n) => n.last() - case None => this.asInstanceOf[T] + case None => this.asInstanceOf[T] } } private[intrusivelist] final def first(): T = { prev match { case Some(n) => n.first() - case None => this.asInstanceOf[T] + case None => this.asInstanceOf[T] } } - private[intrusivelist] final def splice(at: T, insertBegin: T, - insertEnd: T): Unit = { + private[intrusivelist] final def splice(at: T, insertBegin: T, insertEnd: T): Unit = { assert(insertEnd.last() == insertEnd) assert(insertBegin.last() == insertEnd) assert(insertBegin.first() == insertBegin) @@ -344,5 +339,3 @@ trait IntrusiveListElement[T <: IntrusiveListElement[T]]: private[intrusivelist] final def containsRef(elem: T): Boolean = { elem.first() eq first() } - - From 45688e63ac6685f105271bca001dd537e72c82df Mon Sep 17 00:00:00 2001 From: Alistair Michael Date: Tue, 23 Jan 2024 15:15:04 +1000 Subject: [PATCH 38/42] cleanup --- .../scala/analysis/BasicIRConstProp.scala | 2 +- src/main/scala/analysis/Cfg.scala | 1 - src/main/scala/ir/IRCursor.scala | 1 - .../scala/ir/{parent.scala => Parent.scala} | 0 src/main/scala/ir/Visitor.scala | 25 ------------------- 5 files changed, 1 insertion(+), 28 deletions(-) rename src/main/scala/ir/{parent.scala => Parent.scala} (100%) diff --git a/src/main/scala/analysis/BasicIRConstProp.scala b/src/main/scala/analysis/BasicIRConstProp.scala index ac6a634bb..06abef535 100644 --- a/src/main/scala/analysis/BasicIRConstProp.scala +++ b/src/main/scala/analysis/BasicIRConstProp.scala @@ -56,7 +56,7 @@ trait ILValueAnalysisMisc: n match case la: LocalAssign => s + (la.lhs -> eval(la.rhs, s)) - //case c: Call => s ++ callerPreservedRegisters.filter(reg => s.keys.exists(_.name == reg)).map(n => Register(n, BitVecType(64)) -> statelattice.sublattice.top).toMap + case c: Call => s ++ callerPreservedRegisters.filter(reg => s.keys.exists(_.name == reg)).map(n => Register(n, BitVecType(64)) -> statelattice.sublattice.top).toMap case _ => s diff --git a/src/main/scala/analysis/Cfg.scala b/src/main/scala/analysis/Cfg.scala index ae6684b69..c5f931572 100644 --- a/src/main/scala/analysis/Cfg.scala +++ b/src/main/scala/analysis/Cfg.scala @@ -611,7 +611,6 @@ class ProgramCfgFactory: cfg.addEdge(jmpNode, noReturn) cfg.addEdge(noReturn, funcExitNode) } - case _ => assert(false, s"unexpected jump encountered, jump: $jmp") } // `jmps.head` match } // `visitJumps` function } // `visitBlocks` function diff --git a/src/main/scala/ir/IRCursor.scala b/src/main/scala/ir/IRCursor.scala index 93b359dc4..94e7cb298 100644 --- a/src/main/scala/ir/IRCursor.scala +++ b/src/main/scala/ir/IRCursor.scala @@ -204,7 +204,6 @@ def toDot[T <: CFGPosition]( iterator.succ(s).foreach(n => dotArrows.addOne(DotInterArrow(dotNodes(s), dotNodes(n)))) case s => iterator.succ(s).foreach(n => dotArrows.addOne(DotRegularArrow(dotNodes(s), dotNodes(n)))) - case _ => () } } diff --git a/src/main/scala/ir/parent.scala b/src/main/scala/ir/Parent.scala similarity index 100% rename from src/main/scala/ir/parent.scala rename to src/main/scala/ir/Parent.scala diff --git a/src/main/scala/ir/Visitor.scala b/src/main/scala/ir/Visitor.scala index fb917121d..bc6be9a52 100644 --- a/src/main/scala/ir/Visitor.scala +++ b/src/main/scala/ir/Visitor.scala @@ -423,31 +423,6 @@ class VariablesWithoutStoresLoads extends ReadOnlyVisitor { } - -class CFGPositionMap[T](val results: mutable.Growable[T], val apply: CFGPosition => Option[T]) extends ReadOnlyVisitor { - //val results: mutable.Map[CFGPosition, T] = mutable.HashMap[CFGPosition, T]() - override def visitJump(node: Jump): Jump = { - apply(node).foreach(results += _) - super.visitJump(node) - } - - override def visitStatement(node: Statement): Statement = { - apply(node).foreach(results += _) - super.visitStatement(node) - } - - override def visitBlock(node: Block): Block = { - apply(node).foreach(results += _) - super.visitBlock(node) - } - - override def visitProcedure(node: Procedure): Procedure = { - apply(node).foreach(results += _) - super.visitProcedure(node) - } -} - - class ConvertToSingleProcedureReturn extends Visitor { override def visitJump(node: Jump): Jump = { From 4158d49328c3a0a231bf60361d6dbdfdf9e6bc78 Mon Sep 17 00:00:00 2001 From: Alistair Michael Date: Tue, 23 Jan 2024 15:21:01 +1000 Subject: [PATCH 39/42] fix explanation --- docs/il-cfg.md | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/docs/il-cfg.md b/docs/il-cfg.md index 004c7d9f6..5d4fcc5b0 100644 --- a/docs/il-cfg.md +++ b/docs/il-cfg.md @@ -21,6 +21,7 @@ The IL has two structural interpretations: 1. Its syntax tree; expressions have sub expressions and so on. - This can be traversed using Visitors + - It can also be traversed down by accessing class fields, and upward using the Parent trait - The traversal order is defined by the order of terms in the language with a depth-first traversal of sub-terms. 2. Its control flow graph; this is part of the language's semantics, and is inferred from the Jump and Call statements. - This is traversed using the control flow iterator, or by constructing the separate Tip-style CFG and traversing that. @@ -33,6 +34,7 @@ We need to derive the predecessor/successor relation on CFG nodes IL . 1. CFG positions are defined as - The entry to a procedure - The single return point from a procedure + - The block and jump statement that return from the procedure - The beginning of a block within a procedure - A statement command within a block - A jump or call command within a block @@ -81,7 +83,8 @@ For an inter-procedural CFG we also have: succ(call, return_block) :- ReturnBlock(return_block, call), Procedure(call) succ(call, targetProcedure) :- Call(call, _, _, targetProcedure) - succ(exit, returnNode) :- ProcedureExit(exit, procedure, call), CallReturn(returnNode, call) + +An inter-procedural solver is expected to keep track of call sites which return statements jump back to. So a sequential application of `succ` might look like From 1f78b30b75bf5bace5e1b2821fd23f0941f8d059 Mon Sep 17 00:00:00 2001 From: Alistair Michael Date: Tue, 23 Jan 2024 15:29:36 +1000 Subject: [PATCH 40/42] fix clearblocks --- src/main/scala/ir/Program.scala | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/src/main/scala/ir/Program.scala b/src/main/scala/ir/Program.scala index e92ba2730..94a9bdd04 100644 --- a/src/main/scala/ir/Program.scala +++ b/src/main/scala/ir/Program.scala @@ -224,7 +224,7 @@ class Procedure private ( * @return an iterator to the new block set */ def replaceBlocks(newBlocks: Iterable[Block]): Unit = { - removeBlocks(_blocks) + clearBlocks() addBlocks(newBlocks) } @@ -245,7 +245,8 @@ class Procedure private ( } def clearBlocks() : Unit = { - removeBlocks(blocks) + // O(n) because we are careful to unlink the parents etc. + removeBlocks(_blocks) } From e9cc6cb23c1a8d4401af2b529f8c8142a4eb36c5 Mon Sep 17 00:00:00 2001 From: Alistair Michael Date: Wed, 24 Jan 2024 16:22:21 +1000 Subject: [PATCH 41/42] cleanup comments --- src/main/scala/ir/Program.scala | 8 ++++++++ src/main/scala/util/RunUtils.scala | 31 +++--------------------------- 2 files changed, 11 insertions(+), 28 deletions(-) diff --git a/src/main/scala/ir/Program.scala b/src/main/scala/ir/Program.scala index 94a9bdd04..600c7361f 100644 --- a/src/main/scala/ir/Program.scala +++ b/src/main/scala/ir/Program.scala @@ -120,6 +120,10 @@ class Program(var procedures: ArrayBuffer[Procedure], var mainProcedure: Procedu initialMemory = initialMemoryNew } + /** + * Iterator in approximate syntactic pre-order of procedures, blocks, and commands. Blocks and procedures are + * not guaranteed to be in any defined order. + */ class ILUnorderedIterator(private val begin: Program) extends Iterator[CFGPosition] { val stack = mutable.Stack[CFGPosition]() stack.addAll(begin.procedures) @@ -142,6 +146,10 @@ class Program(var procedures: ArrayBuffer[Procedure], var mainProcedure: Procedu } + /** + * Get an Iterator in approximate syntactic pre-order of procedures, blocks, and commands. Blocks and procedures are + * not guaranteed to be in any defined order. + */ def iterator: Iterator[CFGPosition] = { ILUnorderedIterator(this) } diff --git a/src/main/scala/util/RunUtils.scala b/src/main/scala/util/RunUtils.scala index 83946a12b..ade5cfdab 100644 --- a/src/main/scala/util/RunUtils.scala +++ b/src/main/scala/util/RunUtils.scala @@ -166,34 +166,9 @@ object RunUtils { val constPropSolver = ConstantPropagationSolver(cfg) val constPropResult = constPropSolver.analyze() - def newSolverTest(): Unit = { - val ilcpsolver = IRSimpleValueAnalysis.Solver(IRProgram) - val newCPResult = ilcpsolver.analyze() - - val newCommandDomain = ilcpsolver.domain.filter(_.isInstanceOf[Command]) - - val newRes = newCPResult.flatMap((x, y) => y.flatMap { - case (_, el) if el == FlatLattice[BitVecLiteral].top || el == FlatLattice[BitVecLiteral].bottom => None - case z => Some(x -> z) - }) - val oldRes = constPropResult.filter((x,y) => x.isInstanceOf[CfgNodeWithData[CFGPosition]]).flatMap((x, y) => y.flatMap { - case (_, el) if el == FlatLattice[BitVecLiteral].top || el == FlatLattice[BitVecLiteral].bottom => None - case z => Some(x.asInstanceOf[CfgNodeWithData[Any]].data -> z) - }) - val both = newRes.toSet.intersect(oldRes.toSet) - val notnew = (newRes.toSet).filter(x => !both.contains(x)).toList.sorted((a, b) => a._2._1.name.compare(b._2._1.name)) - val notOld = (oldRes.toSet).filter(x => !both.contains(x)).toList.sorted((a,b) => a._2._1.name.compare(b._2._1.name)) - // newRes and oldRes should have value equality - - //config.analysisResultsPath.foreach(s => writeToFile(printAnalysisResults(IRProgram, newCPResult), s"${s}_newconstprop$iteration.txt")) - config.analysisResultsPath.foreach(s => writeToFile(toDot(IRProgram), s"program.dot")) - config.analysisResultsPath.foreach(s => writeToFile(toDot(IRProgram, newCPResult.map((k,v) => (k, v.toString))), s"program-constprop.dot")) - - config.analysisResultsPath.foreach(s => writeToFile(printAnalysisResults(IRProgram, newCPResult), s"${s}_new_cpres$iteration.txt")) - config.analysisResultsPath.foreach(s => writeToFile(printAnalysisResults(IRProgram, cfg, constPropResult), s"${s}_old_cpres$iteration.txt")) - - } - newSolverTest() + val ilcpsolver = IRSimpleValueAnalysis.Solver(IRProgram) + val newCPResult = ilcpsolver.analyze() + config.analysisResultsPath.foreach(s => writeToFile(printAnalysisResults(IRProgram, newCPResult), s"${s}_new_ir_constprop$iteration.txt")) config.analysisDotPath.foreach(s => writeToFile(cfg.toDot(Output.labeler(constPropResult, true), Output.dotIder), s"${s}_constprop$iteration.dot")) config.analysisResultsPath.foreach(s => writeToFile(printAnalysisResults(IRProgram, cfg, constPropResult), s"${s}_constprop$iteration.txt")) From 86682d306a5b4c1cfe225c443eda71ba6581e12e Mon Sep 17 00:00:00 2001 From: Alistair Michael Date: Wed, 24 Jan 2024 17:48:04 +1000 Subject: [PATCH 42/42] update expected --- src/test/correct/indirect_call/gcc_O2/indirect_call.expected | 4 +--- .../clang_O2/malloc_memcpy_strlen_memset_free.expected | 3 +++ .../gcc_O2/malloc_memcpy_strlen_memset_free.expected | 3 +++ .../malloc_with_local3/gcc_O2/malloc_with_local3.expected | 4 +--- .../clang_O2/malloc_memcpy_strlen_memset_free.expected | 3 +++ .../gcc_O2/malloc_memcpy_strlen_memset_free.expected | 3 +++ 6 files changed, 14 insertions(+), 6 deletions(-) diff --git a/src/test/correct/indirect_call/gcc_O2/indirect_call.expected b/src/test/correct/indirect_call/gcc_O2/indirect_call.expected index 358e460c4..bd669b91c 100644 --- a/src/test/correct/indirect_call/gcc_O2/indirect_call.expected +++ b/src/test/correct/indirect_call/gcc_O2/indirect_call.expected @@ -236,12 +236,10 @@ implementation greet() R0, Gamma_R0 := 0bv64, true; R0, Gamma_R0 := bvadd64(R0, 1992bv64), Gamma_R0; call puts(); - //no return target - assume false; + assume false; //no return target greet_return: assume {:captureState "greet_return"} true; return; - } procedure main(); diff --git a/src/test/correct/malloc_memcpy_strlen_memset_free/clang_O2/malloc_memcpy_strlen_memset_free.expected b/src/test/correct/malloc_memcpy_strlen_memset_free/clang_O2/malloc_memcpy_strlen_memset_free.expected index 212e558c4..4e71584ab 100644 --- a/src/test/correct/malloc_memcpy_strlen_memset_free/clang_O2/malloc_memcpy_strlen_memset_free.expected +++ b/src/test/correct/malloc_memcpy_strlen_memset_free/clang_O2/malloc_memcpy_strlen_memset_free.expected @@ -273,6 +273,9 @@ implementation main() R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 48bv64), Gamma_R31; + goto main_return; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/malloc_memcpy_strlen_memset_free/gcc_O2/malloc_memcpy_strlen_memset_free.expected b/src/test/correct/malloc_memcpy_strlen_memset_free/gcc_O2/malloc_memcpy_strlen_memset_free.expected index 2181a0d83..6b661768e 100644 --- a/src/test/correct/malloc_memcpy_strlen_memset_free/gcc_O2/malloc_memcpy_strlen_memset_free.expected +++ b/src/test/correct/malloc_memcpy_strlen_memset_free/gcc_O2/malloc_memcpy_strlen_memset_free.expected @@ -273,6 +273,9 @@ implementation main() R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 48bv64), Gamma_R31; + goto main_return; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/correct/malloc_with_local3/gcc_O2/malloc_with_local3.expected b/src/test/correct/malloc_with_local3/gcc_O2/malloc_with_local3.expected index 3add3db5d..9df3b983e 100644 --- a/src/test/correct/malloc_with_local3/gcc_O2/malloc_with_local3.expected +++ b/src/test/correct/malloc_with_local3/gcc_O2/malloc_with_local3.expected @@ -1061,11 +1061,9 @@ implementation printCharValue() mem, Gamma_mem := memory_store8_le(mem, R3, R2[8:0]), gamma_store8(Gamma_mem, R3, Gamma_R2); assume {:captureState "%00000293"} true; call __printf_chk(); - //no return target - assume false; + assume false; //no return target printCharValue_return: assume {:captureState "printCharValue_return"} true; return; - } diff --git a/src/test/incorrect/malloc_memcpy_strlen_memset_free/clang_O2/malloc_memcpy_strlen_memset_free.expected b/src/test/incorrect/malloc_memcpy_strlen_memset_free/clang_O2/malloc_memcpy_strlen_memset_free.expected index 9a6191d97..e2a86f07c 100644 --- a/src/test/incorrect/malloc_memcpy_strlen_memset_free/clang_O2/malloc_memcpy_strlen_memset_free.expected +++ b/src/test/incorrect/malloc_memcpy_strlen_memset_free/clang_O2/malloc_memcpy_strlen_memset_free.expected @@ -289,6 +289,9 @@ implementation main() R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 48bv64), Gamma_R31; + goto main_return; + main_return: + assume {:captureState "main_return"} true; return; } diff --git a/src/test/incorrect/malloc_memcpy_strlen_memset_free/gcc_O2/malloc_memcpy_strlen_memset_free.expected b/src/test/incorrect/malloc_memcpy_strlen_memset_free/gcc_O2/malloc_memcpy_strlen_memset_free.expected index b5e8b4dec..699c5028e 100644 --- a/src/test/incorrect/malloc_memcpy_strlen_memset_free/gcc_O2/malloc_memcpy_strlen_memset_free.expected +++ b/src/test/incorrect/malloc_memcpy_strlen_memset_free/gcc_O2/malloc_memcpy_strlen_memset_free.expected @@ -287,6 +287,9 @@ implementation main() R29, Gamma_R29 := memory_load64_le(stack, R31), gamma_load64(Gamma_stack, R31); R30, Gamma_R30 := memory_load64_le(stack, bvadd64(R31, 8bv64)), gamma_load64(Gamma_stack, bvadd64(R31, 8bv64)); R31, Gamma_R31 := bvadd64(R31, 48bv64), Gamma_R31; + goto main_return; + main_return: + assume {:captureState "main_return"} true; return; }