diff --git a/examples/simplified_http_parse_basic/example.spec b/examples/simplified_http_parse_basic/example.spec index d37f22d15..bd505ed0d 100644 --- a/examples/simplified_http_parse_basic/example.spec +++ b/examples/simplified_http_parse_basic/example.spec @@ -8,11 +8,11 @@ DIRECT functions: gamma_load64, gamma_load8, memory_load8_le, bvult64, bvule64, Subroutine: #free - Requires DIRECT: "gamma_load8(Gamma_mem, bvadd64(R0, 0bv64)) == true"; - Requires DIRECT: "gamma_load8(Gamma_mem, bvadd64(R0, 1bv64)) == true"; - Requires DIRECT: "gamma_load8(Gamma_mem, bvadd64(R0, 2bv64)) == true"; - Requires DIRECT: "gamma_load8(Gamma_mem, bvadd64(R0, 3bv64)) == true"; -Ensures DIRECT: "Gamma_R0 == true" + Requires DIRECT: "gamma_load8(Gamma_mem, bvadd64(R0, 0bv64)) == true" + Requires DIRECT: "gamma_load8(Gamma_mem, bvadd64(R0, 1bv64)) == true" + Requires DIRECT: "gamma_load8(Gamma_mem, bvadd64(R0, 2bv64)) == true" + Requires DIRECT: "gamma_load8(Gamma_mem, bvadd64(R0, 3bv64)) == true" + Ensures DIRECT: "Gamma_R0 == true" Subroutine: main diff --git a/src/main/scala/boogie/BCmd.scala b/src/main/scala/boogie/BCmd.scala index d586b01e9..4c48fe30a 100644 --- a/src/main/scala/boogie/BCmd.scala +++ b/src/main/scala/boogie/BCmd.scala @@ -39,7 +39,7 @@ case class BAssume(body: BExpr, comment: Option[String] = None) extends BCmd { override def globals: Set[BVar] = body.globals } -case class ProcedureCall(name: String, lhss: Seq[BVar], params: Seq[BExpr], comment: Option[String] = None) extends BCmd { +case class BProcedureCall(name: String, lhss: Seq[BVar], params: Seq[BExpr], comment: Option[String] = None) extends BCmd { override def toString: String = { if (lhss.isEmpty) { s"call $name();" diff --git a/src/main/scala/boogie/BProgram.scala b/src/main/scala/boogie/BProgram.scala index bdee70e32..98312ff32 100644 --- a/src/main/scala/boogie/BProgram.scala +++ b/src/main/scala/boogie/BProgram.scala @@ -18,7 +18,7 @@ case class BProcedure( requiresDirect: List[String], freeEnsures: List[BExpr], freeRequires: List[BExpr], - modifies: Seq[BVar], + modifies: Set[BVar], body: List[BCmdOrBlock] ) extends BDeclaration with Ordered[BProcedure] { @@ -32,7 +32,7 @@ case class BProcedure( } val semicolon = if body.nonEmpty then "" else ";" val modifiesStr = if (modifies.nonEmpty) { - List(s" modifies ${modifies.mkString(", ")};") + List(s" modifies ${modifies.toSeq.sorted.mkString(", ")};") } else { List() } diff --git a/src/main/scala/translating/IRToBoogie.scala b/src/main/scala/translating/IRToBoogie.scala index 57b3e1f75..bc6d6addb 100644 --- a/src/main/scala/translating/IRToBoogie.scala +++ b/src/main/scala/translating/IRToBoogie.scala @@ -52,7 +52,7 @@ class IRToBoogie(var program: Program, var spec: Specification) { List(), List(), List(), - Seq(mem, Gamma_mem), + Set(mem, Gamma_mem), guaranteesReflexive.map(g => BAssert(g)) ) @@ -64,7 +64,7 @@ class IRToBoogie(var program: Program, var spec: Specification) { val functionsUsed3 = functionsUsed2.flatMap(p => p.functionOps).map(p => functionOpToDefinition(p)) val functionsUsed = (functionsUsed2 ++ functionsUsed3).toList.sorted - val declarations = globalDecls ++ globalConsts ++ functionsUsed ++ rgProcs ++ procedures + val declarations = globalDecls ++ globalConsts ++ functionsUsed ++ pushUpModifiesFixedPoint(rgProcs ++ procedures) BProgram(declarations) } @@ -82,9 +82,9 @@ class IRToBoogie(var program: Program, var spec: Specification) { } else { reliesUsed } - val relyProc = BProcedure("rely", List(), List(), relyEnsures, List(), List(), List(), readOnlyMemory, List(), Seq(mem, Gamma_mem), List()) - val relyTransitive = BProcedure("rely_transitive", List(), List(), reliesUsed, List(), List(), List(), List(), List(), Seq(mem, Gamma_mem), List(ProcedureCall("rely", List(), List()), ProcedureCall("rely", List(), List()))) - val relyReflexive = BProcedure("rely_reflexive", List(), List(), List(), List(), List(), List(), List(), List(), Seq(), reliesReflexive.map(r => BAssert(r))) + val relyProc = BProcedure("rely", List(), List(), relyEnsures, List(), List(), List(), readOnlyMemory, List(), Set(mem, Gamma_mem), List()) + val relyTransitive = BProcedure("rely_transitive", List(), List(), reliesUsed, List(), List(), List(), List(), List(), Set(mem, Gamma_mem), List(BProcedureCall("rely", List(), List()), BProcedureCall("rely", List(), List()))) + val relyReflexive = BProcedure("rely_reflexive", List(), List(), List(), List(), List(), List(), List(), List(), Set(), reliesReflexive.map(r => BAssert(r))) List(relyProc, relyTransitive, relyReflexive) } @@ -217,14 +217,48 @@ class IRToBoogie(var program: Program, var spec: Specification) { } } + def pushUpModifiesFixedPoint(procedures: List[BProcedure]): List[BProcedure] = { + pushUpModifies(procedures) match { + case (true, proc) => pushUpModifiesFixedPoint(proc) + case (false, proc) => proc + } + } + + def pushUpModifies(procedures: List[BProcedure]): (Boolean, List[BProcedure]) = { + var changed = false + + val procs: List[BProcedure] = procedures.map( + procedure => { + val cmds: List[BCmd] = procedure.body.flatten { + case b: BBlock => b.body + case c: BCmd => Seq(c) + } + + val modifies: Set[BVar] = procedure.modifies ++ cmds.collect{ case x: BProcedureCall => procedures.find(_.name == x.name)} + .flatten.flatMap(_.modifies) + + if (procedure.modifies != procedure.modifies) + changed = true + + procedure.copy(modifies = modifies) + } + ) + (changed, procs) + } + + def translateProcedure(p: Procedure, readOnlyMemory: List[BExpr]): BProcedure = { val body = p.blocks.map(b => translateBlock(b)) - // TODO don't hardcode Seq(mem, Gamma_mem) but this is necessary to work with adding rely() calls for now - val modifies: Seq[BVar] = {Seq(mem, Gamma_mem) ++ p.modifies + + val callsRely: Boolean = body.flatten(_.body).exists(_ match + case BProcedureCall("rely", lhs, params, comment) => true + case _ => false) + + val modifies: Seq[BVar] = p.modifies.toSeq .flatMap { case m: Memory => Seq(m.toBoogie, m.toGamma) case r: Register => Seq(r.toBoogie, r.toGamma) - }}.distinct.sorted + }.distinct.sorted val modifiedPreserve = modifies.collect { case m: BVar if modifiedCheck.contains(m) => m } val modifiedPreserveEnsures: List[BExpr] = modifiedPreserve.map(m => BinaryBExpr(BoolEQ, m, Old(m))).toList @@ -253,7 +287,7 @@ class IRToBoogie(var program: Program, var spec: Specification) { procRequiresDirect, freeEnsures, freeRequires, - modifies, + modifies.toSet, body.toList ) } @@ -278,7 +312,7 @@ class IRToBoogie(var program: Program, var spec: Specification) { def translate(j: Jump): List[BCmd] = j match { case d: DirectCall => - val call = List(ProcedureCall(d.target.name, List(), List())) + val call = List(BProcedureCall(d.target.name, List(), List())) val returnTarget = d.returnTarget match { case Some(r) => List(GoToCmd(r.label)) case None => List(Comment("no return target"), BAssume(FalseBLiteral)) @@ -331,7 +365,7 @@ class IRToBoogie(var program: Program, var spec: Specification) { if (lhs == stack) { List(store) } else { - val rely = ProcedureCall("rely", List(), List()) + val rely = BProcedureCall("rely", List(), List()) val gammaValueCheck = BAssert(BinaryBExpr(BoolIMPLIES, L(lhs, rhs.index), m.rhs.value.toGamma)) val oldAssigns = guaranteeOldVars.map(g => AssignCmd(g.toOldVar, BMemoryLoad(lhs, g.toAddrVar, Endian.LittleEndian, g.size))) @@ -365,7 +399,7 @@ class IRToBoogie(var program: Program, var spec: Specification) { List(assign) } else { val memories = loads.map(m => m.memory).toSeq.sorted - List(ProcedureCall("rely", Seq(), Seq()), assign) + List(BProcedureCall("rely", Seq(), Seq()), assign) } case a: Assert => val body = a.body.toBoogie diff --git a/src/test/correct/arrays_simple/clang/arrays_simple.expected b/src/test/correct/arrays_simple/clang/arrays_simple.expected index d68e19c30..b326ff7ab 100644 --- a/src/test/correct/arrays_simple/clang/arrays_simple.expected +++ b/src/test/correct/arrays_simple/clang/arrays_simple.expected @@ -33,7 +33,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1872bv64) == 1bv8); @@ -74,7 +74,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -85,10 +85,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() - modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_mem, Gamma_stack, R0, R31, R8, mem, stack; + modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_stack, R0, R31, R8, stack; free requires (memory_load8_le(mem, 69664bv64) == 0bv8); free requires (memory_load8_le(mem, 69665bv64) == 0bv8); free requires (memory_load8_le(mem, 69666bv64) == 0bv8); diff --git a/src/test/correct/arrays_simple/clang_O2/arrays_simple.expected b/src/test/correct/arrays_simple/clang_O2/arrays_simple.expected index 3cb1f1f82..1e9764f80 100644 --- a/src/test/correct/arrays_simple/clang_O2/arrays_simple.expected +++ b/src/test/correct/arrays_simple/clang_O2/arrays_simple.expected @@ -9,7 +9,7 @@ function memory_load8_le(memory: [bv64]bv8, index: bv64) returns (bv8) { } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1840bv64) == 1bv8); @@ -50,7 +50,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -61,10 +61,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() - modifies Gamma_R0, Gamma_mem, R0, mem; + modifies Gamma_R0, R0; free requires (memory_load8_le(mem, 69664bv64) == 0bv8); free requires (memory_load8_le(mem, 69665bv64) == 0bv8); free requires (memory_load8_le(mem, 69666bv64) == 0bv8); diff --git a/src/test/correct/arrays_simple/clang_no_plt_no_pic/arrays_simple.expected b/src/test/correct/arrays_simple/clang_no_plt_no_pic/arrays_simple.expected index d68e19c30..b326ff7ab 100644 --- a/src/test/correct/arrays_simple/clang_no_plt_no_pic/arrays_simple.expected +++ b/src/test/correct/arrays_simple/clang_no_plt_no_pic/arrays_simple.expected @@ -33,7 +33,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1872bv64) == 1bv8); @@ -74,7 +74,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -85,10 +85,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() - modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_mem, Gamma_stack, R0, R31, R8, mem, stack; + modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_stack, R0, R31, R8, stack; free requires (memory_load8_le(mem, 69664bv64) == 0bv8); free requires (memory_load8_le(mem, 69665bv64) == 0bv8); free requires (memory_load8_le(mem, 69666bv64) == 0bv8); diff --git a/src/test/correct/arrays_simple/clang_pic/arrays_simple.expected b/src/test/correct/arrays_simple/clang_pic/arrays_simple.expected index d68e19c30..b326ff7ab 100644 --- a/src/test/correct/arrays_simple/clang_pic/arrays_simple.expected +++ b/src/test/correct/arrays_simple/clang_pic/arrays_simple.expected @@ -33,7 +33,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1872bv64) == 1bv8); @@ -74,7 +74,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -85,10 +85,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() - modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_mem, Gamma_stack, R0, R31, R8, mem, stack; + modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_stack, R0, R31, R8, stack; free requires (memory_load8_le(mem, 69664bv64) == 0bv8); free requires (memory_load8_le(mem, 69665bv64) == 0bv8); free requires (memory_load8_le(mem, 69666bv64) == 0bv8); diff --git a/src/test/correct/arrays_simple/gcc_O2/arrays_simple.expected b/src/test/correct/arrays_simple/gcc_O2/arrays_simple.expected index b0da0005c..ab48890b6 100644 --- a/src/test/correct/arrays_simple/gcc_O2/arrays_simple.expected +++ b/src/test/correct/arrays_simple/gcc_O2/arrays_simple.expected @@ -9,7 +9,7 @@ function memory_load8_le(memory: [bv64]bv8, index: bv64) returns (bv8) { } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1896bv64) == 1bv8); @@ -50,7 +50,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -61,10 +61,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() - modifies Gamma_R0, Gamma_mem, R0, mem; + modifies Gamma_R0, R0; free requires (memory_load8_le(mem, 69632bv64) == 0bv8); free requires (memory_load8_le(mem, 69633bv64) == 0bv8); free requires (memory_load8_le(mem, 69634bv64) == 0bv8); diff --git a/src/test/correct/basic_arrays_read/clang/basic_arrays_read.expected b/src/test/correct/basic_arrays_read/clang/basic_arrays_read.expected index 676253fa8..f523388ae 100644 --- a/src/test/correct/basic_arrays_read/clang/basic_arrays_read.expected +++ b/src/test/correct/basic_arrays_read/clang/basic_arrays_read.expected @@ -37,7 +37,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (old(memory_load32_le(mem, bvadd64($arr_addr, 0bv64))) == memory_load32_le(mem, bvadd64($arr_addr, 0bv64))); free ensures (memory_load8_le(mem, 1860bv64) == 1bv8); @@ -78,7 +78,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (old(memory_load32_le(mem, bvadd64($arr_addr, 0bv64))) == memory_load32_le(mem, bvadd64($arr_addr, 0bv64))); { call rely(); @@ -91,7 +91,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert true; } diff --git a/src/test/correct/basic_arrays_read/clang_O2/basic_arrays_read.expected b/src/test/correct/basic_arrays_read/clang_O2/basic_arrays_read.expected index 6f933dd1e..3fc4ae2e9 100644 --- a/src/test/correct/basic_arrays_read/clang_O2/basic_arrays_read.expected +++ b/src/test/correct/basic_arrays_read/clang_O2/basic_arrays_read.expected @@ -28,7 +28,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (old(memory_load32_le(mem, bvadd64($arr_addr, 0bv64))) == memory_load32_le(mem, bvadd64($arr_addr, 0bv64))); free ensures (memory_load8_le(mem, 1848bv64) == 1bv8); @@ -69,7 +69,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (old(memory_load32_le(mem, bvadd64($arr_addr, 0bv64))) == memory_load32_le(mem, bvadd64($arr_addr, 0bv64))); { call rely(); @@ -82,7 +82,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert true; } diff --git a/src/test/correct/basic_arrays_read/clang_no_plt_no_pic/basic_arrays_read.expected b/src/test/correct/basic_arrays_read/clang_no_plt_no_pic/basic_arrays_read.expected index 676253fa8..f523388ae 100644 --- a/src/test/correct/basic_arrays_read/clang_no_plt_no_pic/basic_arrays_read.expected +++ b/src/test/correct/basic_arrays_read/clang_no_plt_no_pic/basic_arrays_read.expected @@ -37,7 +37,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (old(memory_load32_le(mem, bvadd64($arr_addr, 0bv64))) == memory_load32_le(mem, bvadd64($arr_addr, 0bv64))); free ensures (memory_load8_le(mem, 1860bv64) == 1bv8); @@ -78,7 +78,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (old(memory_load32_le(mem, bvadd64($arr_addr, 0bv64))) == memory_load32_le(mem, bvadd64($arr_addr, 0bv64))); { call rely(); @@ -91,7 +91,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert true; } diff --git a/src/test/correct/basic_arrays_read/clang_pic/basic_arrays_read.expected b/src/test/correct/basic_arrays_read/clang_pic/basic_arrays_read.expected index 4f9ed022c..bcd1f7a82 100644 --- a/src/test/correct/basic_arrays_read/clang_pic/basic_arrays_read.expected +++ b/src/test/correct/basic_arrays_read/clang_pic/basic_arrays_read.expected @@ -45,7 +45,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (old(memory_load32_le(mem, bvadd64($arr_addr, 0bv64))) == memory_load32_le(mem, bvadd64($arr_addr, 0bv64))); free ensures (memory_load8_le(mem, 1928bv64) == 1bv8); @@ -94,7 +94,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69599bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (old(memory_load32_le(mem, bvadd64($arr_addr, 0bv64))) == memory_load32_le(mem, bvadd64($arr_addr, 0bv64))); { call rely(); @@ -107,7 +107,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert true; } diff --git a/src/test/correct/basic_arrays_read/gcc/basic_arrays_read.expected b/src/test/correct/basic_arrays_read/gcc/basic_arrays_read.expected index 9dbe5a254..d8e31fe22 100644 --- a/src/test/correct/basic_arrays_read/gcc/basic_arrays_read.expected +++ b/src/test/correct/basic_arrays_read/gcc/basic_arrays_read.expected @@ -31,7 +31,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (old(memory_load32_le(mem, bvadd64($arr_addr, 0bv64))) == memory_load32_le(mem, bvadd64($arr_addr, 0bv64))); free ensures (memory_load8_le(mem, 1860bv64) == 1bv8); @@ -72,7 +72,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (old(memory_load32_le(mem, bvadd64($arr_addr, 0bv64))) == memory_load32_le(mem, bvadd64($arr_addr, 0bv64))); { call rely(); @@ -85,7 +85,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert true; } diff --git a/src/test/correct/basic_arrays_read/gcc_O2/basic_arrays_read.expected b/src/test/correct/basic_arrays_read/gcc_O2/basic_arrays_read.expected index 6f3ed3f96..6667be099 100644 --- a/src/test/correct/basic_arrays_read/gcc_O2/basic_arrays_read.expected +++ b/src/test/correct/basic_arrays_read/gcc_O2/basic_arrays_read.expected @@ -28,7 +28,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (old(memory_load32_le(mem, bvadd64($arr_addr, 0bv64))) == memory_load32_le(mem, bvadd64($arr_addr, 0bv64))); free ensures (memory_load8_le(mem, 1896bv64) == 1bv8); @@ -69,7 +69,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (old(memory_load32_le(mem, bvadd64($arr_addr, 0bv64))) == memory_load32_le(mem, bvadd64($arr_addr, 0bv64))); { call rely(); @@ -82,7 +82,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert true; } diff --git a/src/test/correct/basic_arrays_read/gcc_no_plt_no_pic/basic_arrays_read.expected b/src/test/correct/basic_arrays_read/gcc_no_plt_no_pic/basic_arrays_read.expected index 9dbe5a254..d8e31fe22 100644 --- a/src/test/correct/basic_arrays_read/gcc_no_plt_no_pic/basic_arrays_read.expected +++ b/src/test/correct/basic_arrays_read/gcc_no_plt_no_pic/basic_arrays_read.expected @@ -31,7 +31,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (old(memory_load32_le(mem, bvadd64($arr_addr, 0bv64))) == memory_load32_le(mem, bvadd64($arr_addr, 0bv64))); free ensures (memory_load8_le(mem, 1860bv64) == 1bv8); @@ -72,7 +72,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (old(memory_load32_le(mem, bvadd64($arr_addr, 0bv64))) == memory_load32_le(mem, bvadd64($arr_addr, 0bv64))); { call rely(); @@ -85,7 +85,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert true; } diff --git a/src/test/correct/basic_arrays_read/gcc_pic/basic_arrays_read.expected b/src/test/correct/basic_arrays_read/gcc_pic/basic_arrays_read.expected index b7b056567..c12d5f8d6 100644 --- a/src/test/correct/basic_arrays_read/gcc_pic/basic_arrays_read.expected +++ b/src/test/correct/basic_arrays_read/gcc_pic/basic_arrays_read.expected @@ -39,7 +39,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (old(memory_load32_le(mem, bvadd64($arr_addr, 0bv64))) == memory_load32_le(mem, bvadd64($arr_addr, 0bv64))); free ensures (memory_load8_le(mem, 1924bv64) == 1bv8); @@ -88,7 +88,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69015bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (old(memory_load32_le(mem, bvadd64($arr_addr, 0bv64))) == memory_load32_le(mem, bvadd64($arr_addr, 0bv64))); { call rely(); @@ -101,7 +101,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert true; } diff --git a/src/test/correct/basic_arrays_write/clang/basic_arrays_write.expected b/src/test/correct/basic_arrays_write/clang/basic_arrays_write.expected index 453ae581b..3e572c0c8 100644 --- a/src/test/correct/basic_arrays_write/clang/basic_arrays_write.expected +++ b/src/test/correct/basic_arrays_write/clang/basic_arrays_write.expected @@ -39,7 +39,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures true; free ensures (memory_load8_le(mem, 1868bv64) == 1bv8); @@ -80,7 +80,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures true; { call rely(); @@ -93,7 +93,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert (memory_load32_le(mem, bvadd64($arr_addr, 0bv64)) == memory_load32_le(mem, bvadd64($arr_addr, 0bv64))); } diff --git a/src/test/correct/basic_arrays_write/clang_O2/basic_arrays_write.expected b/src/test/correct/basic_arrays_write/clang_O2/basic_arrays_write.expected index 8324859bd..1715c0443 100644 --- a/src/test/correct/basic_arrays_write/clang_O2/basic_arrays_write.expected +++ b/src/test/correct/basic_arrays_write/clang_O2/basic_arrays_write.expected @@ -31,7 +31,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures true; free ensures (memory_load8_le(mem, 1852bv64) == 1bv8); @@ -72,7 +72,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures true; { call rely(); @@ -85,7 +85,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert (memory_load32_le(mem, bvadd64($arr_addr, 0bv64)) == memory_load32_le(mem, bvadd64($arr_addr, 0bv64))); } diff --git a/src/test/correct/basic_arrays_write/clang_no_plt_no_pic/basic_arrays_write.expected b/src/test/correct/basic_arrays_write/clang_no_plt_no_pic/basic_arrays_write.expected index 453ae581b..3e572c0c8 100644 --- a/src/test/correct/basic_arrays_write/clang_no_plt_no_pic/basic_arrays_write.expected +++ b/src/test/correct/basic_arrays_write/clang_no_plt_no_pic/basic_arrays_write.expected @@ -39,7 +39,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures true; free ensures (memory_load8_le(mem, 1868bv64) == 1bv8); @@ -80,7 +80,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures true; { call rely(); @@ -93,7 +93,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert (memory_load32_le(mem, bvadd64($arr_addr, 0bv64)) == memory_load32_le(mem, bvadd64($arr_addr, 0bv64))); } diff --git a/src/test/correct/basic_arrays_write/clang_pic/basic_arrays_write.expected b/src/test/correct/basic_arrays_write/clang_pic/basic_arrays_write.expected index 63f611b83..b3f87be66 100644 --- a/src/test/correct/basic_arrays_write/clang_pic/basic_arrays_write.expected +++ b/src/test/correct/basic_arrays_write/clang_pic/basic_arrays_write.expected @@ -47,7 +47,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures true; free ensures (memory_load8_le(mem, 1932bv64) == 1bv8); @@ -96,7 +96,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69599bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures true; { call rely(); @@ -109,7 +109,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert (memory_load32_le(mem, bvadd64($arr_addr, 0bv64)) == memory_load32_le(mem, bvadd64($arr_addr, 0bv64))); } diff --git a/src/test/correct/basic_arrays_write/gcc/basic_arrays_write.expected b/src/test/correct/basic_arrays_write/gcc/basic_arrays_write.expected index a019ed6d0..92f0905a8 100644 --- a/src/test/correct/basic_arrays_write/gcc/basic_arrays_write.expected +++ b/src/test/correct/basic_arrays_write/gcc/basic_arrays_write.expected @@ -37,7 +37,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures true; free ensures (memory_load8_le(mem, 1868bv64) == 1bv8); @@ -78,7 +78,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures true; { call rely(); @@ -91,7 +91,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert (memory_load32_le(mem, bvadd64($arr_addr, 0bv64)) == memory_load32_le(mem, bvadd64($arr_addr, 0bv64))); } diff --git a/src/test/correct/basic_arrays_write/gcc_O2/basic_arrays_write.expected b/src/test/correct/basic_arrays_write/gcc_O2/basic_arrays_write.expected index 37ffc4865..d623aa766 100644 --- a/src/test/correct/basic_arrays_write/gcc_O2/basic_arrays_write.expected +++ b/src/test/correct/basic_arrays_write/gcc_O2/basic_arrays_write.expected @@ -31,7 +31,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures true; free ensures (memory_load8_le(mem, 1896bv64) == 1bv8); @@ -72,7 +72,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures true; { call rely(); @@ -85,7 +85,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert (memory_load32_le(mem, bvadd64($arr_addr, 0bv64)) == memory_load32_le(mem, bvadd64($arr_addr, 0bv64))); } diff --git a/src/test/correct/basic_arrays_write/gcc_no_plt_no_pic/basic_arrays_write.expected b/src/test/correct/basic_arrays_write/gcc_no_plt_no_pic/basic_arrays_write.expected index a019ed6d0..92f0905a8 100644 --- a/src/test/correct/basic_arrays_write/gcc_no_plt_no_pic/basic_arrays_write.expected +++ b/src/test/correct/basic_arrays_write/gcc_no_plt_no_pic/basic_arrays_write.expected @@ -37,7 +37,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures true; free ensures (memory_load8_le(mem, 1868bv64) == 1bv8); @@ -78,7 +78,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures true; { call rely(); @@ -91,7 +91,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert (memory_load32_le(mem, bvadd64($arr_addr, 0bv64)) == memory_load32_le(mem, bvadd64($arr_addr, 0bv64))); } diff --git a/src/test/correct/basic_arrays_write/gcc_pic/basic_arrays_write.expected b/src/test/correct/basic_arrays_write/gcc_pic/basic_arrays_write.expected index 48f57d0ab..646f49745 100644 --- a/src/test/correct/basic_arrays_write/gcc_pic/basic_arrays_write.expected +++ b/src/test/correct/basic_arrays_write/gcc_pic/basic_arrays_write.expected @@ -45,7 +45,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures true; free ensures (memory_load8_le(mem, 1932bv64) == 1bv8); @@ -94,7 +94,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69015bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures true; { call rely(); @@ -107,7 +107,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert (memory_load32_le(mem, bvadd64($arr_addr, 0bv64)) == memory_load32_le(mem, bvadd64($arr_addr, 0bv64))); } diff --git a/src/test/correct/basic_assign_assign/clang/basic_assign_assign.expected b/src/test/correct/basic_assign_assign/clang/basic_assign_assign.expected index 864b64f94..a64e855b7 100644 --- a/src/test/correct/basic_assign_assign/clang/basic_assign_assign.expected +++ b/src/test/correct/basic_assign_assign/clang/basic_assign_assign.expected @@ -30,7 +30,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (((memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))) || (memory_load32_le(mem, $x_addr) == 1bv32)) || (memory_load32_le(mem, $x_addr) == 6bv32)); free ensures (memory_load8_le(mem, 1852bv64) == 1bv8); @@ -71,7 +71,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (((memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))) || (memory_load32_le(mem, $x_addr) == 1bv32)) || (memory_load32_le(mem, $x_addr) == 6bv32)); { call rely(); @@ -84,7 +84,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert ((memory_load32_le(mem, $x_addr) == memory_load32_le(mem, $x_addr)) || (memory_load32_le(mem, $x_addr) == 5bv32)); } diff --git a/src/test/correct/basic_assign_assign/clang_O2/basic_assign_assign.expected b/src/test/correct/basic_assign_assign/clang_O2/basic_assign_assign.expected index 1b090d60a..ce931bc4a 100644 --- a/src/test/correct/basic_assign_assign/clang_O2/basic_assign_assign.expected +++ b/src/test/correct/basic_assign_assign/clang_O2/basic_assign_assign.expected @@ -30,7 +30,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (((memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))) || (memory_load32_le(mem, $x_addr) == 1bv32)) || (memory_load32_le(mem, $x_addr) == 6bv32)); free ensures (memory_load8_le(mem, 1852bv64) == 1bv8); @@ -71,7 +71,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (((memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))) || (memory_load32_le(mem, $x_addr) == 1bv32)) || (memory_load32_le(mem, $x_addr) == 6bv32)); { call rely(); @@ -84,7 +84,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert ((memory_load32_le(mem, $x_addr) == memory_load32_le(mem, $x_addr)) || (memory_load32_le(mem, $x_addr) == 5bv32)); } diff --git a/src/test/correct/basic_assign_assign/clang_no_plt_no_pic/basic_assign_assign.expected b/src/test/correct/basic_assign_assign/clang_no_plt_no_pic/basic_assign_assign.expected index 864b64f94..a64e855b7 100644 --- a/src/test/correct/basic_assign_assign/clang_no_plt_no_pic/basic_assign_assign.expected +++ b/src/test/correct/basic_assign_assign/clang_no_plt_no_pic/basic_assign_assign.expected @@ -30,7 +30,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (((memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))) || (memory_load32_le(mem, $x_addr) == 1bv32)) || (memory_load32_le(mem, $x_addr) == 6bv32)); free ensures (memory_load8_le(mem, 1852bv64) == 1bv8); @@ -71,7 +71,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (((memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))) || (memory_load32_le(mem, $x_addr) == 1bv32)) || (memory_load32_le(mem, $x_addr) == 6bv32)); { call rely(); @@ -84,7 +84,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert ((memory_load32_le(mem, $x_addr) == memory_load32_le(mem, $x_addr)) || (memory_load32_le(mem, $x_addr) == 5bv32)); } diff --git a/src/test/correct/basic_assign_assign/clang_pic/basic_assign_assign.expected b/src/test/correct/basic_assign_assign/clang_pic/basic_assign_assign.expected index 359fabdd5..cee149132 100644 --- a/src/test/correct/basic_assign_assign/clang_pic/basic_assign_assign.expected +++ b/src/test/correct/basic_assign_assign/clang_pic/basic_assign_assign.expected @@ -38,7 +38,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (((memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))) || (memory_load32_le(mem, $x_addr) == 1bv32)) || (memory_load32_le(mem, $x_addr) == 6bv32)); free ensures (memory_load8_le(mem, 1920bv64) == 1bv8); @@ -87,7 +87,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69599bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (((memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))) || (memory_load32_le(mem, $x_addr) == 1bv32)) || (memory_load32_le(mem, $x_addr) == 6bv32)); { call rely(); @@ -100,7 +100,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert ((memory_load32_le(mem, $x_addr) == memory_load32_le(mem, $x_addr)) || (memory_load32_le(mem, $x_addr) == 5bv32)); } diff --git a/src/test/correct/basic_assign_assign/gcc/basic_assign_assign.expected b/src/test/correct/basic_assign_assign/gcc/basic_assign_assign.expected index 5a7f4b0d7..08e4296f3 100644 --- a/src/test/correct/basic_assign_assign/gcc/basic_assign_assign.expected +++ b/src/test/correct/basic_assign_assign/gcc/basic_assign_assign.expected @@ -28,7 +28,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (((memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))) || (memory_load32_le(mem, $x_addr) == 1bv32)) || (memory_load32_le(mem, $x_addr) == 6bv32)); free ensures (memory_load8_le(mem, 1856bv64) == 1bv8); @@ -69,7 +69,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (((memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))) || (memory_load32_le(mem, $x_addr) == 1bv32)) || (memory_load32_le(mem, $x_addr) == 6bv32)); { call rely(); @@ -82,7 +82,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert ((memory_load32_le(mem, $x_addr) == memory_load32_le(mem, $x_addr)) || (memory_load32_le(mem, $x_addr) == 5bv32)); } diff --git a/src/test/correct/basic_assign_assign/gcc_O2/basic_assign_assign.expected b/src/test/correct/basic_assign_assign/gcc_O2/basic_assign_assign.expected index 0512e9b2f..cc8b3eeb2 100644 --- a/src/test/correct/basic_assign_assign/gcc_O2/basic_assign_assign.expected +++ b/src/test/correct/basic_assign_assign/gcc_O2/basic_assign_assign.expected @@ -30,7 +30,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (((memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))) || (memory_load32_le(mem, $x_addr) == 1bv32)) || (memory_load32_le(mem, $x_addr) == 6bv32)); free ensures (memory_load8_le(mem, 1896bv64) == 1bv8); @@ -71,7 +71,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (((memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))) || (memory_load32_le(mem, $x_addr) == 1bv32)) || (memory_load32_le(mem, $x_addr) == 6bv32)); { call rely(); @@ -84,7 +84,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert ((memory_load32_le(mem, $x_addr) == memory_load32_le(mem, $x_addr)) || (memory_load32_le(mem, $x_addr) == 5bv32)); } diff --git a/src/test/correct/basic_assign_assign/gcc_no_plt_no_pic/basic_assign_assign.expected b/src/test/correct/basic_assign_assign/gcc_no_plt_no_pic/basic_assign_assign.expected index 5a7f4b0d7..08e4296f3 100644 --- a/src/test/correct/basic_assign_assign/gcc_no_plt_no_pic/basic_assign_assign.expected +++ b/src/test/correct/basic_assign_assign/gcc_no_plt_no_pic/basic_assign_assign.expected @@ -28,7 +28,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (((memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))) || (memory_load32_le(mem, $x_addr) == 1bv32)) || (memory_load32_le(mem, $x_addr) == 6bv32)); free ensures (memory_load8_le(mem, 1856bv64) == 1bv8); @@ -69,7 +69,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (((memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))) || (memory_load32_le(mem, $x_addr) == 1bv32)) || (memory_load32_le(mem, $x_addr) == 6bv32)); { call rely(); @@ -82,7 +82,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert ((memory_load32_le(mem, $x_addr) == memory_load32_le(mem, $x_addr)) || (memory_load32_le(mem, $x_addr) == 5bv32)); } diff --git a/src/test/correct/basic_assign_assign/gcc_pic/basic_assign_assign.expected b/src/test/correct/basic_assign_assign/gcc_pic/basic_assign_assign.expected index ab8544eef..85246be43 100644 --- a/src/test/correct/basic_assign_assign/gcc_pic/basic_assign_assign.expected +++ b/src/test/correct/basic_assign_assign/gcc_pic/basic_assign_assign.expected @@ -36,7 +36,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (((memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))) || (memory_load32_le(mem, $x_addr) == 1bv32)) || (memory_load32_le(mem, $x_addr) == 6bv32)); free ensures (memory_load8_le(mem, 1920bv64) == 1bv8); @@ -85,7 +85,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69015bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (((memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))) || (memory_load32_le(mem, $x_addr) == 1bv32)) || (memory_load32_le(mem, $x_addr) == 6bv32)); { call rely(); @@ -98,7 +98,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert ((memory_load32_le(mem, $x_addr) == memory_load32_le(mem, $x_addr)) || (memory_load32_le(mem, $x_addr) == 5bv32)); } diff --git a/src/test/correct/basic_assign_increment/clang/basic_assign_increment.expected b/src/test/correct/basic_assign_increment/clang/basic_assign_increment.expected index d27e2d7c2..36312a51e 100644 --- a/src/test/correct/basic_assign_increment/clang/basic_assign_increment.expected +++ b/src/test/correct/basic_assign_increment/clang/basic_assign_increment.expected @@ -36,7 +36,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures ((memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))) || (memory_load32_le(mem, $x_addr) == 5bv32)); free ensures (memory_load8_le(mem, 1856bv64) == 1bv8); @@ -77,7 +77,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures ((memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))) || (memory_load32_le(mem, $x_addr) == 5bv32)); { call rely(); @@ -90,7 +90,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert (((memory_load32_le(mem, $x_addr) == memory_load32_le(mem, $x_addr)) || (memory_load32_le(mem, $x_addr) == 1bv32)) || (memory_load32_le(mem, $x_addr) == 6bv32)); } diff --git a/src/test/correct/basic_assign_increment/clang_O2/basic_assign_increment.expected b/src/test/correct/basic_assign_increment/clang_O2/basic_assign_increment.expected index 200989f81..86b1b096d 100644 --- a/src/test/correct/basic_assign_increment/clang_O2/basic_assign_increment.expected +++ b/src/test/correct/basic_assign_increment/clang_O2/basic_assign_increment.expected @@ -36,7 +36,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures ((memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))) || (memory_load32_le(mem, $x_addr) == 5bv32)); free ensures (memory_load8_le(mem, 1856bv64) == 1bv8); @@ -77,7 +77,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures ((memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))) || (memory_load32_le(mem, $x_addr) == 5bv32)); { call rely(); @@ -90,7 +90,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert (((memory_load32_le(mem, $x_addr) == memory_load32_le(mem, $x_addr)) || (memory_load32_le(mem, $x_addr) == 1bv32)) || (memory_load32_le(mem, $x_addr) == 6bv32)); } diff --git a/src/test/correct/basic_assign_increment/clang_no_plt_no_pic/basic_assign_increment.expected b/src/test/correct/basic_assign_increment/clang_no_plt_no_pic/basic_assign_increment.expected index d27e2d7c2..36312a51e 100644 --- a/src/test/correct/basic_assign_increment/clang_no_plt_no_pic/basic_assign_increment.expected +++ b/src/test/correct/basic_assign_increment/clang_no_plt_no_pic/basic_assign_increment.expected @@ -36,7 +36,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures ((memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))) || (memory_load32_le(mem, $x_addr) == 5bv32)); free ensures (memory_load8_le(mem, 1856bv64) == 1bv8); @@ -77,7 +77,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures ((memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))) || (memory_load32_le(mem, $x_addr) == 5bv32)); { call rely(); @@ -90,7 +90,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert (((memory_load32_le(mem, $x_addr) == memory_load32_le(mem, $x_addr)) || (memory_load32_le(mem, $x_addr) == 1bv32)) || (memory_load32_le(mem, $x_addr) == 6bv32)); } diff --git a/src/test/correct/basic_assign_increment/clang_pic/basic_assign_increment.expected b/src/test/correct/basic_assign_increment/clang_pic/basic_assign_increment.expected index 735fc67ba..4cd66a8c8 100644 --- a/src/test/correct/basic_assign_increment/clang_pic/basic_assign_increment.expected +++ b/src/test/correct/basic_assign_increment/clang_pic/basic_assign_increment.expected @@ -44,7 +44,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures ((memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))) || (memory_load32_le(mem, $x_addr) == 5bv32)); free ensures (memory_load8_le(mem, 1924bv64) == 1bv8); @@ -93,7 +93,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69599bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures ((memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))) || (memory_load32_le(mem, $x_addr) == 5bv32)); { call rely(); @@ -106,7 +106,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert (((memory_load32_le(mem, $x_addr) == memory_load32_le(mem, $x_addr)) || (memory_load32_le(mem, $x_addr) == 1bv32)) || (memory_load32_le(mem, $x_addr) == 6bv32)); } diff --git a/src/test/correct/basic_assign_increment/gcc/basic_assign_increment.expected b/src/test/correct/basic_assign_increment/gcc/basic_assign_increment.expected index b8089ab63..3d153e01b 100644 --- a/src/test/correct/basic_assign_increment/gcc/basic_assign_increment.expected +++ b/src/test/correct/basic_assign_increment/gcc/basic_assign_increment.expected @@ -34,7 +34,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures ((memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))) || (memory_load32_le(mem, $x_addr) == 5bv32)); free ensures (memory_load8_le(mem, 1868bv64) == 1bv8); @@ -75,7 +75,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures ((memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))) || (memory_load32_le(mem, $x_addr) == 5bv32)); { call rely(); @@ -88,7 +88,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert (((memory_load32_le(mem, $x_addr) == memory_load32_le(mem, $x_addr)) || (memory_load32_le(mem, $x_addr) == 1bv32)) || (memory_load32_le(mem, $x_addr) == 6bv32)); } diff --git a/src/test/correct/basic_assign_increment/gcc_O2/basic_assign_increment.expected b/src/test/correct/basic_assign_increment/gcc_O2/basic_assign_increment.expected index 6ef0280af..9c5f79584 100644 --- a/src/test/correct/basic_assign_increment/gcc_O2/basic_assign_increment.expected +++ b/src/test/correct/basic_assign_increment/gcc_O2/basic_assign_increment.expected @@ -36,7 +36,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures ((memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))) || (memory_load32_le(mem, $x_addr) == 5bv32)); free ensures (memory_load8_le(mem, 1896bv64) == 1bv8); @@ -77,7 +77,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures ((memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))) || (memory_load32_le(mem, $x_addr) == 5bv32)); { call rely(); @@ -90,7 +90,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert (((memory_load32_le(mem, $x_addr) == memory_load32_le(mem, $x_addr)) || (memory_load32_le(mem, $x_addr) == 1bv32)) || (memory_load32_le(mem, $x_addr) == 6bv32)); } diff --git a/src/test/correct/basic_assign_increment/gcc_no_plt_no_pic/basic_assign_increment.expected b/src/test/correct/basic_assign_increment/gcc_no_plt_no_pic/basic_assign_increment.expected index b8089ab63..3d153e01b 100644 --- a/src/test/correct/basic_assign_increment/gcc_no_plt_no_pic/basic_assign_increment.expected +++ b/src/test/correct/basic_assign_increment/gcc_no_plt_no_pic/basic_assign_increment.expected @@ -34,7 +34,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures ((memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))) || (memory_load32_le(mem, $x_addr) == 5bv32)); free ensures (memory_load8_le(mem, 1868bv64) == 1bv8); @@ -75,7 +75,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures ((memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))) || (memory_load32_le(mem, $x_addr) == 5bv32)); { call rely(); @@ -88,7 +88,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert (((memory_load32_le(mem, $x_addr) == memory_load32_le(mem, $x_addr)) || (memory_load32_le(mem, $x_addr) == 1bv32)) || (memory_load32_le(mem, $x_addr) == 6bv32)); } diff --git a/src/test/correct/basic_assign_increment/gcc_pic/basic_assign_increment.expected b/src/test/correct/basic_assign_increment/gcc_pic/basic_assign_increment.expected index 9c952933b..bcb6297df 100644 --- a/src/test/correct/basic_assign_increment/gcc_pic/basic_assign_increment.expected +++ b/src/test/correct/basic_assign_increment/gcc_pic/basic_assign_increment.expected @@ -42,7 +42,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures ((memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))) || (memory_load32_le(mem, $x_addr) == 5bv32)); free ensures (memory_load8_le(mem, 1932bv64) == 1bv8); @@ -91,7 +91,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69015bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures ((memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))) || (memory_load32_le(mem, $x_addr) == 5bv32)); { call rely(); @@ -104,7 +104,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert (((memory_load32_le(mem, $x_addr) == memory_load32_le(mem, $x_addr)) || (memory_load32_le(mem, $x_addr) == 1bv32)) || (memory_load32_le(mem, $x_addr) == 6bv32)); } diff --git a/src/test/correct/basic_function_call_caller/clang/basic_function_call_caller.expected b/src/test/correct/basic_function_call_caller/clang/basic_function_call_caller.expected index df1f0646c..60a7c6f30 100644 --- a/src/test/correct/basic_function_call_caller/clang/basic_function_call_caller.expected +++ b/src/test/correct/basic_function_call_caller/clang/basic_function_call_caller.expected @@ -61,7 +61,7 @@ function memory_store64_le(memory: [bv64]bv8, index: bv64, value: bv64) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))); ensures (memory_load32_le(mem, $y_addr) == old(memory_load32_le(mem, $y_addr))); @@ -103,7 +103,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))); ensures (memory_load32_le(mem, $y_addr) == old(memory_load32_le(mem, $y_addr))); { @@ -118,7 +118,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert ((memory_load32_le(mem, $x_addr) == 0bv32) ==> (memory_load32_le(mem, $x_addr) == 0bv32)); assert (gamma_load32(Gamma_mem, $y_addr) ==> ((memory_load32_le(mem, $x_addr) == 0bv32) || gamma_load32(Gamma_mem, $y_addr))); @@ -265,7 +265,7 @@ procedure main() } procedure zero() - modifies Gamma_R0, Gamma_mem, R0, mem; + modifies Gamma_R0, R0; free requires (memory_load8_le(mem, 1896bv64) == 1bv8); free requires (memory_load8_le(mem, 1897bv64) == 0bv8); free requires (memory_load8_le(mem, 1898bv64) == 2bv8); diff --git a/src/test/correct/basic_function_call_caller/clang_O2/basic_function_call_caller.expected b/src/test/correct/basic_function_call_caller/clang_O2/basic_function_call_caller.expected index b58888874..8f23c33b3 100644 --- a/src/test/correct/basic_function_call_caller/clang_O2/basic_function_call_caller.expected +++ b/src/test/correct/basic_function_call_caller/clang_O2/basic_function_call_caller.expected @@ -39,7 +39,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))); ensures (memory_load32_le(mem, $y_addr) == old(memory_load32_le(mem, $y_addr))); @@ -81,7 +81,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))); ensures (memory_load32_le(mem, $y_addr) == old(memory_load32_le(mem, $y_addr))); { @@ -96,7 +96,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert ((memory_load32_le(mem, $x_addr) == 0bv32) ==> (memory_load32_le(mem, $x_addr) == 0bv32)); assert (gamma_load32(Gamma_mem, $y_addr) ==> ((memory_load32_le(mem, $x_addr) == 0bv32) || gamma_load32(Gamma_mem, $y_addr))); diff --git a/src/test/correct/basic_function_call_caller/clang_no_plt_no_pic/basic_function_call_caller.expected b/src/test/correct/basic_function_call_caller/clang_no_plt_no_pic/basic_function_call_caller.expected index aea739d96..2da604ae7 100644 --- a/src/test/correct/basic_function_call_caller/clang_no_plt_no_pic/basic_function_call_caller.expected +++ b/src/test/correct/basic_function_call_caller/clang_no_plt_no_pic/basic_function_call_caller.expected @@ -61,7 +61,7 @@ function memory_store64_le(memory: [bv64]bv8, index: bv64, value: bv64) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))); ensures (memory_load32_le(mem, $y_addr) == old(memory_load32_le(mem, $y_addr))); @@ -103,7 +103,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))); ensures (memory_load32_le(mem, $y_addr) == old(memory_load32_le(mem, $y_addr))); { @@ -118,7 +118,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert ((memory_load32_le(mem, $x_addr) == 0bv32) ==> (memory_load32_le(mem, $x_addr) == 0bv32)); assert (gamma_load32(Gamma_mem, $y_addr) ==> ((memory_load32_le(mem, $x_addr) == 0bv32) || gamma_load32(Gamma_mem, $y_addr))); @@ -265,7 +265,7 @@ procedure main() } procedure zero() - modifies Gamma_R0, Gamma_mem, R0, mem; + modifies Gamma_R0, R0; free requires (memory_load8_le(mem, 1896bv64) == 1bv8); free requires (memory_load8_le(mem, 1897bv64) == 0bv8); free requires (memory_load8_le(mem, 1898bv64) == 2bv8); diff --git a/src/test/correct/basic_function_call_caller/clang_pic/basic_function_call_caller.expected b/src/test/correct/basic_function_call_caller/clang_pic/basic_function_call_caller.expected index febce81a4..85ae403cc 100644 --- a/src/test/correct/basic_function_call_caller/clang_pic/basic_function_call_caller.expected +++ b/src/test/correct/basic_function_call_caller/clang_pic/basic_function_call_caller.expected @@ -61,7 +61,7 @@ function memory_store64_le(memory: [bv64]bv8, index: bv64, value: bv64) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))); ensures (memory_load32_le(mem, $y_addr) == old(memory_load32_le(mem, $y_addr))); @@ -119,7 +119,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69063bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))); ensures (memory_load32_le(mem, $y_addr) == old(memory_load32_le(mem, $y_addr))); { @@ -134,7 +134,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert ((memory_load32_le(mem, $x_addr) == 0bv32) ==> (memory_load32_le(mem, $x_addr) == 0bv32)); assert (gamma_load32(Gamma_mem, $y_addr) ==> ((memory_load32_le(mem, $x_addr) == 0bv32) || gamma_load32(Gamma_mem, $y_addr))); @@ -317,7 +317,7 @@ procedure main() } procedure zero() - modifies Gamma_R0, Gamma_mem, R0, mem; + modifies Gamma_R0, R0; free requires (memory_load8_le(mem, 1968bv64) == 1bv8); free requires (memory_load8_le(mem, 1969bv64) == 0bv8); free requires (memory_load8_le(mem, 1970bv64) == 2bv8); diff --git a/src/test/correct/basic_function_call_caller/gcc/basic_function_call_caller.expected b/src/test/correct/basic_function_call_caller/gcc/basic_function_call_caller.expected index 0718c40e4..a129dc430 100644 --- a/src/test/correct/basic_function_call_caller/gcc/basic_function_call_caller.expected +++ b/src/test/correct/basic_function_call_caller/gcc/basic_function_call_caller.expected @@ -59,7 +59,7 @@ function memory_store64_le(memory: [bv64]bv8, index: bv64, value: bv64) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))); ensures (memory_load32_le(mem, $y_addr) == old(memory_load32_le(mem, $y_addr))); @@ -101,7 +101,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))); ensures (memory_load32_le(mem, $y_addr) == old(memory_load32_le(mem, $y_addr))); { @@ -116,7 +116,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert ((memory_load32_le(mem, $x_addr) == 0bv32) ==> (memory_load32_le(mem, $x_addr) == 0bv32)); assert (gamma_load32(Gamma_mem, $y_addr) ==> ((memory_load32_le(mem, $x_addr) == 0bv32) || gamma_load32(Gamma_mem, $y_addr))); @@ -263,7 +263,7 @@ procedure main() } procedure zero() - modifies Gamma_R0, Gamma_mem, R0, mem; + modifies Gamma_R0, R0; free requires (memory_load8_le(mem, 1900bv64) == 1bv8); free requires (memory_load8_le(mem, 1901bv64) == 0bv8); free requires (memory_load8_le(mem, 1902bv64) == 2bv8); diff --git a/src/test/correct/basic_function_call_caller/gcc_O2/basic_function_call_caller.expected b/src/test/correct/basic_function_call_caller/gcc_O2/basic_function_call_caller.expected index f9825e48a..338a6d32c 100644 --- a/src/test/correct/basic_function_call_caller/gcc_O2/basic_function_call_caller.expected +++ b/src/test/correct/basic_function_call_caller/gcc_O2/basic_function_call_caller.expected @@ -39,7 +39,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))); ensures (memory_load32_le(mem, $y_addr) == old(memory_load32_le(mem, $y_addr))); @@ -81,7 +81,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))); ensures (memory_load32_le(mem, $y_addr) == old(memory_load32_le(mem, $y_addr))); { @@ -96,7 +96,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert ((memory_load32_le(mem, $x_addr) == 0bv32) ==> (memory_load32_le(mem, $x_addr) == 0bv32)); assert (gamma_load32(Gamma_mem, $y_addr) ==> ((memory_load32_le(mem, $x_addr) == 0bv32) || gamma_load32(Gamma_mem, $y_addr))); diff --git a/src/test/correct/basic_function_call_caller/gcc_no_plt_no_pic/basic_function_call_caller.expected b/src/test/correct/basic_function_call_caller/gcc_no_plt_no_pic/basic_function_call_caller.expected index 605314e6f..86bac1f17 100644 --- a/src/test/correct/basic_function_call_caller/gcc_no_plt_no_pic/basic_function_call_caller.expected +++ b/src/test/correct/basic_function_call_caller/gcc_no_plt_no_pic/basic_function_call_caller.expected @@ -59,7 +59,7 @@ function memory_store64_le(memory: [bv64]bv8, index: bv64, value: bv64) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))); ensures (memory_load32_le(mem, $y_addr) == old(memory_load32_le(mem, $y_addr))); @@ -101,7 +101,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))); ensures (memory_load32_le(mem, $y_addr) == old(memory_load32_le(mem, $y_addr))); { @@ -116,7 +116,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert ((memory_load32_le(mem, $x_addr) == 0bv32) ==> (memory_load32_le(mem, $x_addr) == 0bv32)); assert (gamma_load32(Gamma_mem, $y_addr) ==> ((memory_load32_le(mem, $x_addr) == 0bv32) || gamma_load32(Gamma_mem, $y_addr))); @@ -263,7 +263,7 @@ procedure main() } procedure zero() - modifies Gamma_R0, Gamma_mem, R0, mem; + modifies Gamma_R0, R0; free requires (memory_load8_le(mem, 1900bv64) == 1bv8); free requires (memory_load8_le(mem, 1901bv64) == 0bv8); free requires (memory_load8_le(mem, 1902bv64) == 2bv8); diff --git a/src/test/correct/basic_function_call_caller/gcc_pic/basic_function_call_caller.expected b/src/test/correct/basic_function_call_caller/gcc_pic/basic_function_call_caller.expected index f7b8cc67f..062aa71c0 100644 --- a/src/test/correct/basic_function_call_caller/gcc_pic/basic_function_call_caller.expected +++ b/src/test/correct/basic_function_call_caller/gcc_pic/basic_function_call_caller.expected @@ -59,7 +59,7 @@ function memory_store64_le(memory: [bv64]bv8, index: bv64, value: bv64) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))); ensures (memory_load32_le(mem, $y_addr) == old(memory_load32_le(mem, $y_addr))); @@ -117,7 +117,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69007bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))); ensures (memory_load32_le(mem, $y_addr) == old(memory_load32_le(mem, $y_addr))); { @@ -132,7 +132,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert ((memory_load32_le(mem, $x_addr) == 0bv32) ==> (memory_load32_le(mem, $x_addr) == 0bv32)); assert (gamma_load32(Gamma_mem, $y_addr) ==> ((memory_load32_le(mem, $x_addr) == 0bv32) || gamma_load32(Gamma_mem, $y_addr))); @@ -313,7 +313,7 @@ procedure main() } procedure zero() - modifies Gamma_R0, Gamma_mem, R0, mem; + modifies Gamma_R0, R0; free requires (memory_load8_le(mem, 1964bv64) == 1bv8); free requires (memory_load8_le(mem, 1965bv64) == 0bv8); free requires (memory_load8_le(mem, 1966bv64) == 2bv8); diff --git a/src/test/correct/basic_function_call_reader/clang/basic_function_call_reader.expected b/src/test/correct/basic_function_call_reader/clang/basic_function_call_reader.expected index 19c6fab4c..23ab29004 100644 --- a/src/test/correct/basic_function_call_reader/clang/basic_function_call_reader.expected +++ b/src/test/correct/basic_function_call_reader/clang/basic_function_call_reader.expected @@ -47,7 +47,7 @@ function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 1"} zero_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures ((old(memory_load32_le(mem, $x_addr)) == 0bv32) ==> (memory_load32_le(mem, $x_addr) == 0bv32)); ensures (old(gamma_load32(Gamma_mem, $y_addr)) ==> ((memory_load32_le(mem, $x_addr) == 0bv32) || gamma_load32(Gamma_mem, $y_addr))); @@ -89,7 +89,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures ((old(memory_load32_le(mem, $x_addr)) == 0bv32) ==> (memory_load32_le(mem, $x_addr) == 0bv32)); ensures (old(gamma_load32(Gamma_mem, $y_addr)) ==> ((memory_load32_le(mem, $x_addr) == 0bv32) || gamma_load32(Gamma_mem, $y_addr))); { @@ -104,7 +104,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert (memory_load32_le(mem, $x_addr) == memory_load32_le(mem, $x_addr)); assert (memory_load32_le(mem, $y_addr) == memory_load32_le(mem, $y_addr)); diff --git a/src/test/correct/basic_function_call_reader/clang_O2/basic_function_call_reader.expected b/src/test/correct/basic_function_call_reader/clang_O2/basic_function_call_reader.expected index 0b1f022a0..7987ac443 100644 --- a/src/test/correct/basic_function_call_reader/clang_O2/basic_function_call_reader.expected +++ b/src/test/correct/basic_function_call_reader/clang_O2/basic_function_call_reader.expected @@ -37,7 +37,7 @@ function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 1"} zero_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures ((old(memory_load32_le(mem, $x_addr)) == 0bv32) ==> (memory_load32_le(mem, $x_addr) == 0bv32)); ensures (old(gamma_load32(Gamma_mem, $y_addr)) ==> ((memory_load32_le(mem, $x_addr) == 0bv32) || gamma_load32(Gamma_mem, $y_addr))); @@ -79,7 +79,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures ((old(memory_load32_le(mem, $x_addr)) == 0bv32) ==> (memory_load32_le(mem, $x_addr) == 0bv32)); ensures (old(gamma_load32(Gamma_mem, $y_addr)) ==> ((memory_load32_le(mem, $x_addr) == 0bv32) || gamma_load32(Gamma_mem, $y_addr))); { @@ -94,7 +94,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert (memory_load32_le(mem, $x_addr) == memory_load32_le(mem, $x_addr)); assert (memory_load32_le(mem, $y_addr) == memory_load32_le(mem, $y_addr)); diff --git a/src/test/correct/basic_function_call_reader/clang_no_plt_no_pic/basic_function_call_reader.expected b/src/test/correct/basic_function_call_reader/clang_no_plt_no_pic/basic_function_call_reader.expected index 3a0fa24fb..66a7c15e5 100644 --- a/src/test/correct/basic_function_call_reader/clang_no_plt_no_pic/basic_function_call_reader.expected +++ b/src/test/correct/basic_function_call_reader/clang_no_plt_no_pic/basic_function_call_reader.expected @@ -47,7 +47,7 @@ function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 1"} zero_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures ((old(memory_load32_le(mem, $x_addr)) == 0bv32) ==> (memory_load32_le(mem, $x_addr) == 0bv32)); ensures (old(gamma_load32(Gamma_mem, $y_addr)) ==> ((memory_load32_le(mem, $x_addr) == 0bv32) || gamma_load32(Gamma_mem, $y_addr))); @@ -89,7 +89,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures ((old(memory_load32_le(mem, $x_addr)) == 0bv32) ==> (memory_load32_le(mem, $x_addr) == 0bv32)); ensures (old(gamma_load32(Gamma_mem, $y_addr)) ==> ((memory_load32_le(mem, $x_addr) == 0bv32) || gamma_load32(Gamma_mem, $y_addr))); { @@ -104,7 +104,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert (memory_load32_le(mem, $x_addr) == memory_load32_le(mem, $x_addr)); assert (memory_load32_le(mem, $y_addr) == memory_load32_le(mem, $y_addr)); diff --git a/src/test/correct/basic_function_call_reader/clang_pic/basic_function_call_reader.expected b/src/test/correct/basic_function_call_reader/clang_pic/basic_function_call_reader.expected index 8d730a2bf..f0f9dd71e 100644 --- a/src/test/correct/basic_function_call_reader/clang_pic/basic_function_call_reader.expected +++ b/src/test/correct/basic_function_call_reader/clang_pic/basic_function_call_reader.expected @@ -55,7 +55,7 @@ function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 1"} zero_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures ((old(memory_load32_le(mem, $x_addr)) == 0bv32) ==> (memory_load32_le(mem, $x_addr) == 0bv32)); ensures (old(gamma_load32(Gamma_mem, $y_addr)) ==> ((memory_load32_le(mem, $x_addr) == 0bv32) || gamma_load32(Gamma_mem, $y_addr))); @@ -113,7 +113,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69063bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures ((old(memory_load32_le(mem, $x_addr)) == 0bv32) ==> (memory_load32_le(mem, $x_addr) == 0bv32)); ensures (old(gamma_load32(Gamma_mem, $y_addr)) ==> ((memory_load32_le(mem, $x_addr) == 0bv32) || gamma_load32(Gamma_mem, $y_addr))); { @@ -128,7 +128,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert (memory_load32_le(mem, $x_addr) == memory_load32_le(mem, $x_addr)); assert (memory_load32_le(mem, $y_addr) == memory_load32_le(mem, $y_addr)); diff --git a/src/test/correct/basic_function_call_reader/gcc/basic_function_call_reader.expected b/src/test/correct/basic_function_call_reader/gcc/basic_function_call_reader.expected index f5f58b76c..6082bfc1b 100644 --- a/src/test/correct/basic_function_call_reader/gcc/basic_function_call_reader.expected +++ b/src/test/correct/basic_function_call_reader/gcc/basic_function_call_reader.expected @@ -45,7 +45,7 @@ function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 1"} zero_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures ((old(memory_load32_le(mem, $x_addr)) == 0bv32) ==> (memory_load32_le(mem, $x_addr) == 0bv32)); ensures (old(gamma_load32(Gamma_mem, $y_addr)) ==> ((memory_load32_le(mem, $x_addr) == 0bv32) || gamma_load32(Gamma_mem, $y_addr))); @@ -87,7 +87,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures ((old(memory_load32_le(mem, $x_addr)) == 0bv32) ==> (memory_load32_le(mem, $x_addr) == 0bv32)); ensures (old(gamma_load32(Gamma_mem, $y_addr)) ==> ((memory_load32_le(mem, $x_addr) == 0bv32) || gamma_load32(Gamma_mem, $y_addr))); { @@ -102,7 +102,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert (memory_load32_le(mem, $x_addr) == memory_load32_le(mem, $x_addr)); assert (memory_load32_le(mem, $y_addr) == memory_load32_le(mem, $y_addr)); diff --git a/src/test/correct/basic_function_call_reader/gcc_O2/basic_function_call_reader.expected b/src/test/correct/basic_function_call_reader/gcc_O2/basic_function_call_reader.expected index 6a5066435..5d09ae024 100644 --- a/src/test/correct/basic_function_call_reader/gcc_O2/basic_function_call_reader.expected +++ b/src/test/correct/basic_function_call_reader/gcc_O2/basic_function_call_reader.expected @@ -28,7 +28,7 @@ function memory_load8_le(memory: [bv64]bv8, index: bv64) returns (bv8) { function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures ((old(memory_load32_le(mem, $x_addr)) == 0bv32) ==> (memory_load32_le(mem, $x_addr) == 0bv32)); ensures (old(gamma_load32(Gamma_mem, $y_addr)) ==> ((memory_load32_le(mem, $x_addr) == 0bv32) || gamma_load32(Gamma_mem, $y_addr))); @@ -70,7 +70,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures ((old(memory_load32_le(mem, $x_addr)) == 0bv32) ==> (memory_load32_le(mem, $x_addr) == 0bv32)); ensures (old(gamma_load32(Gamma_mem, $y_addr)) ==> ((memory_load32_le(mem, $x_addr) == 0bv32) || gamma_load32(Gamma_mem, $y_addr))); { @@ -85,7 +85,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert (memory_load32_le(mem, $x_addr) == memory_load32_le(mem, $x_addr)); assert (memory_load32_le(mem, $y_addr) == memory_load32_le(mem, $y_addr)); diff --git a/src/test/correct/basic_function_call_reader/gcc_no_plt_no_pic/basic_function_call_reader.expected b/src/test/correct/basic_function_call_reader/gcc_no_plt_no_pic/basic_function_call_reader.expected index 2bc4bf0d8..1fb48bb01 100644 --- a/src/test/correct/basic_function_call_reader/gcc_no_plt_no_pic/basic_function_call_reader.expected +++ b/src/test/correct/basic_function_call_reader/gcc_no_plt_no_pic/basic_function_call_reader.expected @@ -45,7 +45,7 @@ function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 1"} zero_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures ((old(memory_load32_le(mem, $x_addr)) == 0bv32) ==> (memory_load32_le(mem, $x_addr) == 0bv32)); ensures (old(gamma_load32(Gamma_mem, $y_addr)) ==> ((memory_load32_le(mem, $x_addr) == 0bv32) || gamma_load32(Gamma_mem, $y_addr))); @@ -87,7 +87,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures ((old(memory_load32_le(mem, $x_addr)) == 0bv32) ==> (memory_load32_le(mem, $x_addr) == 0bv32)); ensures (old(gamma_load32(Gamma_mem, $y_addr)) ==> ((memory_load32_le(mem, $x_addr) == 0bv32) || gamma_load32(Gamma_mem, $y_addr))); { @@ -102,7 +102,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert (memory_load32_le(mem, $x_addr) == memory_load32_le(mem, $x_addr)); assert (memory_load32_le(mem, $y_addr) == memory_load32_le(mem, $y_addr)); diff --git a/src/test/correct/basic_function_call_reader/gcc_pic/basic_function_call_reader.expected b/src/test/correct/basic_function_call_reader/gcc_pic/basic_function_call_reader.expected index 124960f5a..581270f2d 100644 --- a/src/test/correct/basic_function_call_reader/gcc_pic/basic_function_call_reader.expected +++ b/src/test/correct/basic_function_call_reader/gcc_pic/basic_function_call_reader.expected @@ -53,7 +53,7 @@ function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 1"} zero_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures ((old(memory_load32_le(mem, $x_addr)) == 0bv32) ==> (memory_load32_le(mem, $x_addr) == 0bv32)); ensures (old(gamma_load32(Gamma_mem, $y_addr)) ==> ((memory_load32_le(mem, $x_addr) == 0bv32) || gamma_load32(Gamma_mem, $y_addr))); @@ -111,7 +111,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69007bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures ((old(memory_load32_le(mem, $x_addr)) == 0bv32) ==> (memory_load32_le(mem, $x_addr) == 0bv32)); ensures (old(gamma_load32(Gamma_mem, $y_addr)) ==> ((memory_load32_le(mem, $x_addr) == 0bv32) || gamma_load32(Gamma_mem, $y_addr))); { @@ -126,7 +126,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert (memory_load32_le(mem, $x_addr) == memory_load32_le(mem, $x_addr)); assert (memory_load32_le(mem, $y_addr) == memory_load32_le(mem, $y_addr)); diff --git a/src/test/correct/basic_lock_read/clang/basic_lock_read.expected b/src/test/correct/basic_lock_read/clang/basic_lock_read.expected index 765d95cd5..48587af8a 100644 --- a/src/test/correct/basic_lock_read/clang/basic_lock_read.expected +++ b/src/test/correct/basic_lock_read/clang/basic_lock_read.expected @@ -47,7 +47,7 @@ function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 1"} zero_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures ((old(memory_load32_le(mem, $z_addr)) == 0bv32) ==> ((memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))) && (memory_load32_le(mem, $z_addr) == old(memory_load32_le(mem, $z_addr))))); free ensures (memory_load8_le(mem, 1900bv64) == 1bv8); @@ -88,7 +88,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures ((old(memory_load32_le(mem, $z_addr)) == 0bv32) ==> ((memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))) && (memory_load32_le(mem, $z_addr) == old(memory_load32_le(mem, $z_addr))))); { call rely(); @@ -101,7 +101,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert (memory_load32_le(mem, $z_addr) == memory_load32_le(mem, $z_addr)); } diff --git a/src/test/correct/basic_lock_read/clang_O2/basic_lock_read.expected b/src/test/correct/basic_lock_read/clang_O2/basic_lock_read.expected index 92c30c651..ec5eb6ff0 100644 --- a/src/test/correct/basic_lock_read/clang_O2/basic_lock_read.expected +++ b/src/test/correct/basic_lock_read/clang_O2/basic_lock_read.expected @@ -36,7 +36,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures ((old(memory_load32_le(mem, $z_addr)) == 0bv32) ==> ((memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))) && (memory_load32_le(mem, $z_addr) == old(memory_load32_le(mem, $z_addr))))); free ensures (memory_load8_le(mem, 1868bv64) == 1bv8); @@ -77,7 +77,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures ((old(memory_load32_le(mem, $z_addr)) == 0bv32) ==> ((memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))) && (memory_load32_le(mem, $z_addr) == old(memory_load32_le(mem, $z_addr))))); { call rely(); @@ -90,7 +90,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert (memory_load32_le(mem, $z_addr) == memory_load32_le(mem, $z_addr)); } diff --git a/src/test/correct/basic_lock_read/clang_no_plt_no_pic/basic_lock_read.expected b/src/test/correct/basic_lock_read/clang_no_plt_no_pic/basic_lock_read.expected index 67375de97..4de731f00 100644 --- a/src/test/correct/basic_lock_read/clang_no_plt_no_pic/basic_lock_read.expected +++ b/src/test/correct/basic_lock_read/clang_no_plt_no_pic/basic_lock_read.expected @@ -47,7 +47,7 @@ function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 1"} zero_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures ((old(memory_load32_le(mem, $z_addr)) == 0bv32) ==> ((memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))) && (memory_load32_le(mem, $z_addr) == old(memory_load32_le(mem, $z_addr))))); free ensures (memory_load8_le(mem, 1900bv64) == 1bv8); @@ -88,7 +88,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures ((old(memory_load32_le(mem, $z_addr)) == 0bv32) ==> ((memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))) && (memory_load32_le(mem, $z_addr) == old(memory_load32_le(mem, $z_addr))))); { call rely(); @@ -101,7 +101,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert (memory_load32_le(mem, $z_addr) == memory_load32_le(mem, $z_addr)); } diff --git a/src/test/correct/basic_lock_read/clang_pic/basic_lock_read.expected b/src/test/correct/basic_lock_read/clang_pic/basic_lock_read.expected index 9f8126af1..9e4cd6a60 100644 --- a/src/test/correct/basic_lock_read/clang_pic/basic_lock_read.expected +++ b/src/test/correct/basic_lock_read/clang_pic/basic_lock_read.expected @@ -55,7 +55,7 @@ function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 1"} zero_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures ((old(memory_load32_le(mem, $z_addr)) == 0bv32) ==> ((memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))) && (memory_load32_le(mem, $z_addr) == old(memory_load32_le(mem, $z_addr))))); free ensures (memory_load8_le(mem, 1972bv64) == 1bv8); @@ -112,7 +112,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69063bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures ((old(memory_load32_le(mem, $z_addr)) == 0bv32) ==> ((memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))) && (memory_load32_le(mem, $z_addr) == old(memory_load32_le(mem, $z_addr))))); { call rely(); @@ -125,7 +125,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert (memory_load32_le(mem, $z_addr) == memory_load32_le(mem, $z_addr)); } diff --git a/src/test/correct/basic_lock_read/gcc/basic_lock_read.expected b/src/test/correct/basic_lock_read/gcc/basic_lock_read.expected index a06e9918e..40b7ea84d 100644 --- a/src/test/correct/basic_lock_read/gcc/basic_lock_read.expected +++ b/src/test/correct/basic_lock_read/gcc/basic_lock_read.expected @@ -45,7 +45,7 @@ function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 1"} zero_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures ((old(memory_load32_le(mem, $z_addr)) == 0bv32) ==> ((memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))) && (memory_load32_le(mem, $z_addr) == old(memory_load32_le(mem, $z_addr))))); free ensures (memory_load8_le(mem, 1900bv64) == 1bv8); @@ -86,7 +86,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures ((old(memory_load32_le(mem, $z_addr)) == 0bv32) ==> ((memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))) && (memory_load32_le(mem, $z_addr) == old(memory_load32_le(mem, $z_addr))))); { call rely(); @@ -99,7 +99,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert (memory_load32_le(mem, $z_addr) == memory_load32_le(mem, $z_addr)); } diff --git a/src/test/correct/basic_lock_read/gcc_O2/basic_lock_read.expected b/src/test/correct/basic_lock_read/gcc_O2/basic_lock_read.expected index 62caa2d06..783f51ff4 100644 --- a/src/test/correct/basic_lock_read/gcc_O2/basic_lock_read.expected +++ b/src/test/correct/basic_lock_read/gcc_O2/basic_lock_read.expected @@ -37,7 +37,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures ((old(memory_load32_le(mem, $z_addr)) == 0bv32) ==> ((memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))) && (memory_load32_le(mem, $z_addr) == old(memory_load32_le(mem, $z_addr))))); free ensures (memory_load8_le(mem, 1896bv64) == 1bv8); @@ -78,7 +78,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures ((old(memory_load32_le(mem, $z_addr)) == 0bv32) ==> ((memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))) && (memory_load32_le(mem, $z_addr) == old(memory_load32_le(mem, $z_addr))))); { call rely(); @@ -91,7 +91,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert (memory_load32_le(mem, $z_addr) == memory_load32_le(mem, $z_addr)); } diff --git a/src/test/correct/basic_lock_read/gcc_no_plt_no_pic/basic_lock_read.expected b/src/test/correct/basic_lock_read/gcc_no_plt_no_pic/basic_lock_read.expected index 3b61f0ac5..c5bb36bf7 100644 --- a/src/test/correct/basic_lock_read/gcc_no_plt_no_pic/basic_lock_read.expected +++ b/src/test/correct/basic_lock_read/gcc_no_plt_no_pic/basic_lock_read.expected @@ -45,7 +45,7 @@ function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 1"} zero_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures ((old(memory_load32_le(mem, $z_addr)) == 0bv32) ==> ((memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))) && (memory_load32_le(mem, $z_addr) == old(memory_load32_le(mem, $z_addr))))); free ensures (memory_load8_le(mem, 1900bv64) == 1bv8); @@ -86,7 +86,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures ((old(memory_load32_le(mem, $z_addr)) == 0bv32) ==> ((memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))) && (memory_load32_le(mem, $z_addr) == old(memory_load32_le(mem, $z_addr))))); { call rely(); @@ -99,7 +99,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert (memory_load32_le(mem, $z_addr) == memory_load32_le(mem, $z_addr)); } diff --git a/src/test/correct/basic_lock_read/gcc_pic/basic_lock_read.expected b/src/test/correct/basic_lock_read/gcc_pic/basic_lock_read.expected index 8012da4c9..d1281a25c 100644 --- a/src/test/correct/basic_lock_read/gcc_pic/basic_lock_read.expected +++ b/src/test/correct/basic_lock_read/gcc_pic/basic_lock_read.expected @@ -53,7 +53,7 @@ function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 1"} zero_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures ((old(memory_load32_le(mem, $z_addr)) == 0bv32) ==> ((memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))) && (memory_load32_le(mem, $z_addr) == old(memory_load32_le(mem, $z_addr))))); free ensures (memory_load8_le(mem, 1964bv64) == 1bv8); @@ -110,7 +110,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69007bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures ((old(memory_load32_le(mem, $z_addr)) == 0bv32) ==> ((memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))) && (memory_load32_le(mem, $z_addr) == old(memory_load32_le(mem, $z_addr))))); { call rely(); @@ -123,7 +123,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert (memory_load32_le(mem, $z_addr) == memory_load32_le(mem, $z_addr)); } diff --git a/src/test/correct/basic_lock_security_read/clang/basic_lock_security_read.expected b/src/test/correct/basic_lock_security_read/clang/basic_lock_security_read.expected index a7338fc8b..054ff067d 100644 --- a/src/test/correct/basic_lock_security_read/clang/basic_lock_security_read.expected +++ b/src/test/correct/basic_lock_security_read/clang/basic_lock_security_read.expected @@ -47,7 +47,7 @@ function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 1"} zero_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures ((old(memory_load32_le(mem, $z_addr)) == 0bv32) ==> ((memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))) && (memory_load32_le(mem, $z_addr) == old(memory_load32_le(mem, $z_addr))))); free ensures (memory_load8_le(mem, 1896bv64) == 1bv8); @@ -88,7 +88,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures ((old(memory_load32_le(mem, $z_addr)) == 0bv32) ==> ((memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))) && (memory_load32_le(mem, $z_addr) == old(memory_load32_le(mem, $z_addr))))); { call rely(); @@ -101,7 +101,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert ((memory_load32_le(mem, $z_addr) == memory_load32_le(mem, $z_addr)) && (memory_load32_le(mem, $x_addr) == memory_load32_le(mem, $x_addr))); } diff --git a/src/test/correct/basic_lock_security_read/clang_O2/basic_lock_security_read.expected b/src/test/correct/basic_lock_security_read/clang_O2/basic_lock_security_read.expected index a2400201d..4b2120254 100644 --- a/src/test/correct/basic_lock_security_read/clang_O2/basic_lock_security_read.expected +++ b/src/test/correct/basic_lock_security_read/clang_O2/basic_lock_security_read.expected @@ -37,7 +37,7 @@ function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 1"} zero_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures ((old(memory_load32_le(mem, $z_addr)) == 0bv32) ==> ((memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))) && (memory_load32_le(mem, $z_addr) == old(memory_load32_le(mem, $z_addr))))); free ensures (memory_load8_le(mem, 1860bv64) == 1bv8); @@ -78,7 +78,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures ((old(memory_load32_le(mem, $z_addr)) == 0bv32) ==> ((memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))) && (memory_load32_le(mem, $z_addr) == old(memory_load32_le(mem, $z_addr))))); { call rely(); @@ -91,7 +91,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert ((memory_load32_le(mem, $z_addr) == memory_load32_le(mem, $z_addr)) && (memory_load32_le(mem, $x_addr) == memory_load32_le(mem, $x_addr))); } diff --git a/src/test/correct/basic_lock_security_read/clang_no_plt_no_pic/basic_lock_security_read.expected b/src/test/correct/basic_lock_security_read/clang_no_plt_no_pic/basic_lock_security_read.expected index b38c558c2..2c9690283 100644 --- a/src/test/correct/basic_lock_security_read/clang_no_plt_no_pic/basic_lock_security_read.expected +++ b/src/test/correct/basic_lock_security_read/clang_no_plt_no_pic/basic_lock_security_read.expected @@ -47,7 +47,7 @@ function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 1"} zero_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures ((old(memory_load32_le(mem, $z_addr)) == 0bv32) ==> ((memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))) && (memory_load32_le(mem, $z_addr) == old(memory_load32_le(mem, $z_addr))))); free ensures (memory_load8_le(mem, 1896bv64) == 1bv8); @@ -88,7 +88,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures ((old(memory_load32_le(mem, $z_addr)) == 0bv32) ==> ((memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))) && (memory_load32_le(mem, $z_addr) == old(memory_load32_le(mem, $z_addr))))); { call rely(); @@ -101,7 +101,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert ((memory_load32_le(mem, $z_addr) == memory_load32_le(mem, $z_addr)) && (memory_load32_le(mem, $x_addr) == memory_load32_le(mem, $x_addr))); } diff --git a/src/test/correct/basic_lock_security_read/clang_pic/basic_lock_security_read.expected b/src/test/correct/basic_lock_security_read/clang_pic/basic_lock_security_read.expected index 857d12267..7f918a986 100644 --- a/src/test/correct/basic_lock_security_read/clang_pic/basic_lock_security_read.expected +++ b/src/test/correct/basic_lock_security_read/clang_pic/basic_lock_security_read.expected @@ -55,7 +55,7 @@ function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 1"} zero_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures ((old(memory_load32_le(mem, $z_addr)) == 0bv32) ==> ((memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))) && (memory_load32_le(mem, $z_addr) == old(memory_load32_le(mem, $z_addr))))); free ensures (memory_load8_le(mem, 1968bv64) == 1bv8); @@ -112,7 +112,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69063bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures ((old(memory_load32_le(mem, $z_addr)) == 0bv32) ==> ((memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))) && (memory_load32_le(mem, $z_addr) == old(memory_load32_le(mem, $z_addr))))); { call rely(); @@ -125,7 +125,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert ((memory_load32_le(mem, $z_addr) == memory_load32_le(mem, $z_addr)) && (memory_load32_le(mem, $x_addr) == memory_load32_le(mem, $x_addr))); } diff --git a/src/test/correct/basic_lock_security_read/gcc/basic_lock_security_read.expected b/src/test/correct/basic_lock_security_read/gcc/basic_lock_security_read.expected index 8875a99d5..6c4e2abf7 100644 --- a/src/test/correct/basic_lock_security_read/gcc/basic_lock_security_read.expected +++ b/src/test/correct/basic_lock_security_read/gcc/basic_lock_security_read.expected @@ -45,7 +45,7 @@ function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 1"} zero_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures ((old(memory_load32_le(mem, $z_addr)) == 0bv32) ==> ((memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))) && (memory_load32_le(mem, $z_addr) == old(memory_load32_le(mem, $z_addr))))); free ensures (memory_load8_le(mem, 1888bv64) == 1bv8); @@ -86,7 +86,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures ((old(memory_load32_le(mem, $z_addr)) == 0bv32) ==> ((memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))) && (memory_load32_le(mem, $z_addr) == old(memory_load32_le(mem, $z_addr))))); { call rely(); @@ -99,7 +99,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert ((memory_load32_le(mem, $z_addr) == memory_load32_le(mem, $z_addr)) && (memory_load32_le(mem, $x_addr) == memory_load32_le(mem, $x_addr))); } diff --git a/src/test/correct/basic_lock_security_read/gcc_O2/basic_lock_security_read.expected b/src/test/correct/basic_lock_security_read/gcc_O2/basic_lock_security_read.expected index 21a6dee9c..c9e168021 100644 --- a/src/test/correct/basic_lock_security_read/gcc_O2/basic_lock_security_read.expected +++ b/src/test/correct/basic_lock_security_read/gcc_O2/basic_lock_security_read.expected @@ -31,7 +31,7 @@ function memory_load8_le(memory: [bv64]bv8, index: bv64) returns (bv8) { function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures ((old(memory_load32_le(mem, $z_addr)) == 0bv32) ==> ((memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))) && (memory_load32_le(mem, $z_addr) == old(memory_load32_le(mem, $z_addr))))); free ensures (memory_load8_le(mem, 1896bv64) == 1bv8); @@ -72,7 +72,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures ((old(memory_load32_le(mem, $z_addr)) == 0bv32) ==> ((memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))) && (memory_load32_le(mem, $z_addr) == old(memory_load32_le(mem, $z_addr))))); { call rely(); @@ -85,7 +85,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert ((memory_load32_le(mem, $z_addr) == memory_load32_le(mem, $z_addr)) && (memory_load32_le(mem, $x_addr) == memory_load32_le(mem, $x_addr))); } diff --git a/src/test/correct/basic_lock_security_read/gcc_no_plt_no_pic/basic_lock_security_read.expected b/src/test/correct/basic_lock_security_read/gcc_no_plt_no_pic/basic_lock_security_read.expected index 61bd9fe64..df22d1f47 100644 --- a/src/test/correct/basic_lock_security_read/gcc_no_plt_no_pic/basic_lock_security_read.expected +++ b/src/test/correct/basic_lock_security_read/gcc_no_plt_no_pic/basic_lock_security_read.expected @@ -45,7 +45,7 @@ function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 1"} zero_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures ((old(memory_load32_le(mem, $z_addr)) == 0bv32) ==> ((memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))) && (memory_load32_le(mem, $z_addr) == old(memory_load32_le(mem, $z_addr))))); free ensures (memory_load8_le(mem, 1888bv64) == 1bv8); @@ -86,7 +86,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures ((old(memory_load32_le(mem, $z_addr)) == 0bv32) ==> ((memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))) && (memory_load32_le(mem, $z_addr) == old(memory_load32_le(mem, $z_addr))))); { call rely(); @@ -99,7 +99,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert ((memory_load32_le(mem, $z_addr) == memory_load32_le(mem, $z_addr)) && (memory_load32_le(mem, $x_addr) == memory_load32_le(mem, $x_addr))); } diff --git a/src/test/correct/basic_lock_security_read/gcc_pic/basic_lock_security_read.expected b/src/test/correct/basic_lock_security_read/gcc_pic/basic_lock_security_read.expected index e01f9509d..15c247916 100644 --- a/src/test/correct/basic_lock_security_read/gcc_pic/basic_lock_security_read.expected +++ b/src/test/correct/basic_lock_security_read/gcc_pic/basic_lock_security_read.expected @@ -53,7 +53,7 @@ function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 1"} zero_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures ((old(memory_load32_le(mem, $z_addr)) == 0bv32) ==> ((memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))) && (memory_load32_le(mem, $z_addr) == old(memory_load32_le(mem, $z_addr))))); free ensures (memory_load8_le(mem, 1952bv64) == 1bv8); @@ -110,7 +110,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69007bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures ((old(memory_load32_le(mem, $z_addr)) == 0bv32) ==> ((memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))) && (memory_load32_le(mem, $z_addr) == old(memory_load32_le(mem, $z_addr))))); { call rely(); @@ -123,7 +123,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert ((memory_load32_le(mem, $z_addr) == memory_load32_le(mem, $z_addr)) && (memory_load32_le(mem, $x_addr) == memory_load32_le(mem, $x_addr))); } diff --git a/src/test/correct/basic_lock_security_write/clang/basic_lock_security_write.expected b/src/test/correct/basic_lock_security_write/clang/basic_lock_security_write.expected index 414feba29..01ba754fc 100644 --- a/src/test/correct/basic_lock_security_write/clang/basic_lock_security_write.expected +++ b/src/test/correct/basic_lock_security_write/clang/basic_lock_security_write.expected @@ -43,7 +43,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures ((memory_load32_le(mem, $z_addr) == old(memory_load32_le(mem, $z_addr))) && (memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr)))); free ensures (memory_load8_le(mem, 1884bv64) == 1bv8); @@ -84,7 +84,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures ((memory_load32_le(mem, $z_addr) == old(memory_load32_le(mem, $z_addr))) && (memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr)))); { call rely(); @@ -97,7 +97,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert ((memory_load32_le(mem, $z_addr) == 0bv32) ==> ((memory_load32_le(mem, $x_addr) == memory_load32_le(mem, $x_addr)) && (memory_load32_le(mem, $z_addr) == memory_load32_le(mem, $z_addr)))); } diff --git a/src/test/correct/basic_lock_security_write/clang_O2/basic_lock_security_write.expected b/src/test/correct/basic_lock_security_write/clang_O2/basic_lock_security_write.expected index e3192cd48..9fa7b521a 100644 --- a/src/test/correct/basic_lock_security_write/clang_O2/basic_lock_security_write.expected +++ b/src/test/correct/basic_lock_security_write/clang_O2/basic_lock_security_write.expected @@ -36,7 +36,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures ((memory_load32_le(mem, $z_addr) == old(memory_load32_le(mem, $z_addr))) && (memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr)))); free ensures (memory_load8_le(mem, 1856bv64) == 1bv8); @@ -77,7 +77,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures ((memory_load32_le(mem, $z_addr) == old(memory_load32_le(mem, $z_addr))) && (memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr)))); { call rely(); @@ -90,7 +90,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert ((memory_load32_le(mem, $z_addr) == 0bv32) ==> ((memory_load32_le(mem, $x_addr) == memory_load32_le(mem, $x_addr)) && (memory_load32_le(mem, $z_addr) == memory_load32_le(mem, $z_addr)))); } diff --git a/src/test/correct/basic_lock_security_write/clang_no_plt_no_pic/basic_lock_security_write.expected b/src/test/correct/basic_lock_security_write/clang_no_plt_no_pic/basic_lock_security_write.expected index 414feba29..01ba754fc 100644 --- a/src/test/correct/basic_lock_security_write/clang_no_plt_no_pic/basic_lock_security_write.expected +++ b/src/test/correct/basic_lock_security_write/clang_no_plt_no_pic/basic_lock_security_write.expected @@ -43,7 +43,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures ((memory_load32_le(mem, $z_addr) == old(memory_load32_le(mem, $z_addr))) && (memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr)))); free ensures (memory_load8_le(mem, 1884bv64) == 1bv8); @@ -84,7 +84,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures ((memory_load32_le(mem, $z_addr) == old(memory_load32_le(mem, $z_addr))) && (memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr)))); { call rely(); @@ -97,7 +97,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert ((memory_load32_le(mem, $z_addr) == 0bv32) ==> ((memory_load32_le(mem, $x_addr) == memory_load32_le(mem, $x_addr)) && (memory_load32_le(mem, $z_addr) == memory_load32_le(mem, $z_addr)))); } diff --git a/src/test/correct/basic_lock_security_write/clang_pic/basic_lock_security_write.expected b/src/test/correct/basic_lock_security_write/clang_pic/basic_lock_security_write.expected index d04e37f69..3e954daf5 100644 --- a/src/test/correct/basic_lock_security_write/clang_pic/basic_lock_security_write.expected +++ b/src/test/correct/basic_lock_security_write/clang_pic/basic_lock_security_write.expected @@ -51,7 +51,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures ((memory_load32_le(mem, $z_addr) == old(memory_load32_le(mem, $z_addr))) && (memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr)))); free ensures (memory_load8_le(mem, 1956bv64) == 1bv8); @@ -108,7 +108,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69063bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures ((memory_load32_le(mem, $z_addr) == old(memory_load32_le(mem, $z_addr))) && (memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr)))); { call rely(); @@ -121,7 +121,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert ((memory_load32_le(mem, $z_addr) == 0bv32) ==> ((memory_load32_le(mem, $x_addr) == memory_load32_le(mem, $x_addr)) && (memory_load32_le(mem, $z_addr) == memory_load32_le(mem, $z_addr)))); } diff --git a/src/test/correct/basic_lock_security_write/gcc/basic_lock_security_write.expected b/src/test/correct/basic_lock_security_write/gcc/basic_lock_security_write.expected index fa2acfbec..7de8b70b1 100644 --- a/src/test/correct/basic_lock_security_write/gcc/basic_lock_security_write.expected +++ b/src/test/correct/basic_lock_security_write/gcc/basic_lock_security_write.expected @@ -39,7 +39,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures ((memory_load32_le(mem, $z_addr) == old(memory_load32_le(mem, $z_addr))) && (memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr)))); free ensures (memory_load8_le(mem, 1908bv64) == 1bv8); @@ -80,7 +80,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures ((memory_load32_le(mem, $z_addr) == old(memory_load32_le(mem, $z_addr))) && (memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr)))); { call rely(); @@ -93,7 +93,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert ((memory_load32_le(mem, $z_addr) == 0bv32) ==> ((memory_load32_le(mem, $x_addr) == memory_load32_le(mem, $x_addr)) && (memory_load32_le(mem, $z_addr) == memory_load32_le(mem, $z_addr)))); } diff --git a/src/test/correct/basic_lock_security_write/gcc_O2/basic_lock_security_write.expected b/src/test/correct/basic_lock_security_write/gcc_O2/basic_lock_security_write.expected index d2c37e412..bd0c54c4c 100644 --- a/src/test/correct/basic_lock_security_write/gcc_O2/basic_lock_security_write.expected +++ b/src/test/correct/basic_lock_security_write/gcc_O2/basic_lock_security_write.expected @@ -36,7 +36,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures ((memory_load32_le(mem, $z_addr) == old(memory_load32_le(mem, $z_addr))) && (memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr)))); free ensures (memory_load8_le(mem, 1896bv64) == 1bv8); @@ -77,7 +77,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures ((memory_load32_le(mem, $z_addr) == old(memory_load32_le(mem, $z_addr))) && (memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr)))); { call rely(); @@ -90,7 +90,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert ((memory_load32_le(mem, $z_addr) == 0bv32) ==> ((memory_load32_le(mem, $x_addr) == memory_load32_le(mem, $x_addr)) && (memory_load32_le(mem, $z_addr) == memory_load32_le(mem, $z_addr)))); } diff --git a/src/test/correct/basic_lock_security_write/gcc_no_plt_no_pic/basic_lock_security_write.expected b/src/test/correct/basic_lock_security_write/gcc_no_plt_no_pic/basic_lock_security_write.expected index fa2acfbec..7de8b70b1 100644 --- a/src/test/correct/basic_lock_security_write/gcc_no_plt_no_pic/basic_lock_security_write.expected +++ b/src/test/correct/basic_lock_security_write/gcc_no_plt_no_pic/basic_lock_security_write.expected @@ -39,7 +39,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures ((memory_load32_le(mem, $z_addr) == old(memory_load32_le(mem, $z_addr))) && (memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr)))); free ensures (memory_load8_le(mem, 1908bv64) == 1bv8); @@ -80,7 +80,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures ((memory_load32_le(mem, $z_addr) == old(memory_load32_le(mem, $z_addr))) && (memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr)))); { call rely(); @@ -93,7 +93,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert ((memory_load32_le(mem, $z_addr) == 0bv32) ==> ((memory_load32_le(mem, $x_addr) == memory_load32_le(mem, $x_addr)) && (memory_load32_le(mem, $z_addr) == memory_load32_le(mem, $z_addr)))); } diff --git a/src/test/correct/basic_lock_security_write/gcc_pic/basic_lock_security_write.expected b/src/test/correct/basic_lock_security_write/gcc_pic/basic_lock_security_write.expected index f9614429a..059e8c88a 100644 --- a/src/test/correct/basic_lock_security_write/gcc_pic/basic_lock_security_write.expected +++ b/src/test/correct/basic_lock_security_write/gcc_pic/basic_lock_security_write.expected @@ -47,7 +47,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures ((memory_load32_le(mem, $z_addr) == old(memory_load32_le(mem, $z_addr))) && (memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr)))); free ensures (memory_load8_le(mem, 1972bv64) == 1bv8); @@ -104,7 +104,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69007bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures ((memory_load32_le(mem, $z_addr) == old(memory_load32_le(mem, $z_addr))) && (memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr)))); { call rely(); @@ -117,7 +117,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert ((memory_load32_le(mem, $z_addr) == 0bv32) ==> ((memory_load32_le(mem, $x_addr) == memory_load32_le(mem, $x_addr)) && (memory_load32_le(mem, $z_addr) == memory_load32_le(mem, $z_addr)))); } diff --git a/src/test/correct/basic_lock_unlock/clang/basic_lock_unlock.expected b/src/test/correct/basic_lock_unlock/clang/basic_lock_unlock.expected index 2be16ee76..aec6e1318 100644 --- a/src/test/correct/basic_lock_unlock/clang/basic_lock_unlock.expected +++ b/src/test/correct/basic_lock_unlock/clang/basic_lock_unlock.expected @@ -32,7 +32,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (memory_load32_le(mem, $z_addr) == old(memory_load32_le(mem, $z_addr))); free ensures (memory_load8_le(mem, 1860bv64) == 1bv8); @@ -73,7 +73,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (memory_load32_le(mem, $z_addr) == old(memory_load32_le(mem, $z_addr))); { call rely(); @@ -86,7 +86,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert ((memory_load32_le(mem, $z_addr) == 0bv32) ==> ((memory_load32_le(mem, $x_addr) == memory_load32_le(mem, $x_addr)) && (memory_load32_le(mem, $z_addr) == memory_load32_le(mem, $z_addr)))); } diff --git a/src/test/correct/basic_lock_unlock/clang_O2/basic_lock_unlock.expected b/src/test/correct/basic_lock_unlock/clang_O2/basic_lock_unlock.expected index 2c876c353..06cb29ce9 100644 --- a/src/test/correct/basic_lock_unlock/clang_O2/basic_lock_unlock.expected +++ b/src/test/correct/basic_lock_unlock/clang_O2/basic_lock_unlock.expected @@ -34,7 +34,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (memory_load32_le(mem, $z_addr) == old(memory_load32_le(mem, $z_addr))); free ensures (memory_load8_le(mem, 1860bv64) == 1bv8); @@ -75,7 +75,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (memory_load32_le(mem, $z_addr) == old(memory_load32_le(mem, $z_addr))); { call rely(); @@ -88,7 +88,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert ((memory_load32_le(mem, $z_addr) == 0bv32) ==> ((memory_load32_le(mem, $x_addr) == memory_load32_le(mem, $x_addr)) && (memory_load32_le(mem, $z_addr) == memory_load32_le(mem, $z_addr)))); } diff --git a/src/test/correct/basic_lock_unlock/clang_no_plt_no_pic/basic_lock_unlock.expected b/src/test/correct/basic_lock_unlock/clang_no_plt_no_pic/basic_lock_unlock.expected index 2be16ee76..aec6e1318 100644 --- a/src/test/correct/basic_lock_unlock/clang_no_plt_no_pic/basic_lock_unlock.expected +++ b/src/test/correct/basic_lock_unlock/clang_no_plt_no_pic/basic_lock_unlock.expected @@ -32,7 +32,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (memory_load32_le(mem, $z_addr) == old(memory_load32_le(mem, $z_addr))); free ensures (memory_load8_le(mem, 1860bv64) == 1bv8); @@ -73,7 +73,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (memory_load32_le(mem, $z_addr) == old(memory_load32_le(mem, $z_addr))); { call rely(); @@ -86,7 +86,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert ((memory_load32_le(mem, $z_addr) == 0bv32) ==> ((memory_load32_le(mem, $x_addr) == memory_load32_le(mem, $x_addr)) && (memory_load32_le(mem, $z_addr) == memory_load32_le(mem, $z_addr)))); } diff --git a/src/test/correct/basic_lock_unlock/clang_pic/basic_lock_unlock.expected b/src/test/correct/basic_lock_unlock/clang_pic/basic_lock_unlock.expected index ebe342770..f065d4569 100644 --- a/src/test/correct/basic_lock_unlock/clang_pic/basic_lock_unlock.expected +++ b/src/test/correct/basic_lock_unlock/clang_pic/basic_lock_unlock.expected @@ -40,7 +40,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (memory_load32_le(mem, $z_addr) == old(memory_load32_le(mem, $z_addr))); free ensures (memory_load8_le(mem, 1932bv64) == 1bv8); @@ -97,7 +97,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69063bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (memory_load32_le(mem, $z_addr) == old(memory_load32_le(mem, $z_addr))); { call rely(); @@ -110,7 +110,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert ((memory_load32_le(mem, $z_addr) == 0bv32) ==> ((memory_load32_le(mem, $x_addr) == memory_load32_le(mem, $x_addr)) && (memory_load32_le(mem, $z_addr) == memory_load32_le(mem, $z_addr)))); } diff --git a/src/test/correct/basic_lock_unlock/gcc/basic_lock_unlock.expected b/src/test/correct/basic_lock_unlock/gcc/basic_lock_unlock.expected index 94a6f5d32..0c3be857c 100644 --- a/src/test/correct/basic_lock_unlock/gcc/basic_lock_unlock.expected +++ b/src/test/correct/basic_lock_unlock/gcc/basic_lock_unlock.expected @@ -30,7 +30,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (memory_load32_le(mem, $z_addr) == old(memory_load32_le(mem, $z_addr))); free ensures (memory_load8_le(mem, 1868bv64) == 1bv8); @@ -71,7 +71,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (memory_load32_le(mem, $z_addr) == old(memory_load32_le(mem, $z_addr))); { call rely(); @@ -84,7 +84,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert ((memory_load32_le(mem, $z_addr) == 0bv32) ==> ((memory_load32_le(mem, $x_addr) == memory_load32_le(mem, $x_addr)) && (memory_load32_le(mem, $z_addr) == memory_load32_le(mem, $z_addr)))); } diff --git a/src/test/correct/basic_lock_unlock/gcc_O2/basic_lock_unlock.expected b/src/test/correct/basic_lock_unlock/gcc_O2/basic_lock_unlock.expected index fc98878f7..1d13517fe 100644 --- a/src/test/correct/basic_lock_unlock/gcc_O2/basic_lock_unlock.expected +++ b/src/test/correct/basic_lock_unlock/gcc_O2/basic_lock_unlock.expected @@ -34,7 +34,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (memory_load32_le(mem, $z_addr) == old(memory_load32_le(mem, $z_addr))); free ensures (memory_load8_le(mem, 1896bv64) == 1bv8); @@ -75,7 +75,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (memory_load32_le(mem, $z_addr) == old(memory_load32_le(mem, $z_addr))); { call rely(); @@ -88,7 +88,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert ((memory_load32_le(mem, $z_addr) == 0bv32) ==> ((memory_load32_le(mem, $x_addr) == memory_load32_le(mem, $x_addr)) && (memory_load32_le(mem, $z_addr) == memory_load32_le(mem, $z_addr)))); } diff --git a/src/test/correct/basic_lock_unlock/gcc_no_plt_no_pic/basic_lock_unlock.expected b/src/test/correct/basic_lock_unlock/gcc_no_plt_no_pic/basic_lock_unlock.expected index 94a6f5d32..0c3be857c 100644 --- a/src/test/correct/basic_lock_unlock/gcc_no_plt_no_pic/basic_lock_unlock.expected +++ b/src/test/correct/basic_lock_unlock/gcc_no_plt_no_pic/basic_lock_unlock.expected @@ -30,7 +30,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (memory_load32_le(mem, $z_addr) == old(memory_load32_le(mem, $z_addr))); free ensures (memory_load8_le(mem, 1868bv64) == 1bv8); @@ -71,7 +71,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (memory_load32_le(mem, $z_addr) == old(memory_load32_le(mem, $z_addr))); { call rely(); @@ -84,7 +84,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert ((memory_load32_le(mem, $z_addr) == 0bv32) ==> ((memory_load32_le(mem, $x_addr) == memory_load32_le(mem, $x_addr)) && (memory_load32_le(mem, $z_addr) == memory_load32_le(mem, $z_addr)))); } diff --git a/src/test/correct/basic_lock_unlock/gcc_pic/basic_lock_unlock.expected b/src/test/correct/basic_lock_unlock/gcc_pic/basic_lock_unlock.expected index bbab338c9..d5fdbac2c 100644 --- a/src/test/correct/basic_lock_unlock/gcc_pic/basic_lock_unlock.expected +++ b/src/test/correct/basic_lock_unlock/gcc_pic/basic_lock_unlock.expected @@ -38,7 +38,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (memory_load32_le(mem, $z_addr) == old(memory_load32_le(mem, $z_addr))); free ensures (memory_load8_le(mem, 1932bv64) == 1bv8); @@ -95,7 +95,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69007bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (memory_load32_le(mem, $z_addr) == old(memory_load32_le(mem, $z_addr))); { call rely(); @@ -108,7 +108,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert ((memory_load32_le(mem, $z_addr) == 0bv32) ==> ((memory_load32_le(mem, $x_addr) == memory_load32_le(mem, $x_addr)) && (memory_load32_le(mem, $z_addr) == memory_load32_le(mem, $z_addr)))); } diff --git a/src/test/correct/basic_loop_assign/clang/basic_loop_assign.expected b/src/test/correct/basic_loop_assign/clang/basic_loop_assign.expected index ca6cccfb2..509e77e86 100644 --- a/src/test/correct/basic_loop_assign/clang/basic_loop_assign.expected +++ b/src/test/correct/basic_loop_assign/clang/basic_loop_assign.expected @@ -32,7 +32,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (((memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))) || (bvsle32(memory_load32_le(mem, $x_addr), 10bv32) && bvslt32(old(memory_load32_le(mem, $x_addr)), 10bv32))) || ((memory_load32_le(mem, $x_addr) == 21bv32) && (old(memory_load32_le(mem, $x_addr)) == 20bv32))); free ensures (memory_load8_le(mem, 1852bv64) == 1bv8); @@ -73,7 +73,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (((memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))) || (bvsle32(memory_load32_le(mem, $x_addr), 10bv32) && bvslt32(old(memory_load32_le(mem, $x_addr)), 10bv32))) || ((memory_load32_le(mem, $x_addr) == 21bv32) && (old(memory_load32_le(mem, $x_addr)) == 20bv32))); { call rely(); @@ -86,7 +86,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert (((memory_load32_le(mem, $x_addr) == memory_load32_le(mem, $x_addr)) || ((memory_load32_le(mem, $x_addr) == 20bv32) && (memory_load32_le(mem, $x_addr) == 0bv32))) || ((memory_load32_le(mem, $x_addr) == 20bv32) && bvsle32(memory_load32_le(mem, $x_addr), 10bv32))); } diff --git a/src/test/correct/basic_loop_assign/clang_O2/basic_loop_assign.expected b/src/test/correct/basic_loop_assign/clang_O2/basic_loop_assign.expected index 41105ba17..1321cd22f 100644 --- a/src/test/correct/basic_loop_assign/clang_O2/basic_loop_assign.expected +++ b/src/test/correct/basic_loop_assign/clang_O2/basic_loop_assign.expected @@ -32,7 +32,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (((memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))) || (bvsle32(memory_load32_le(mem, $x_addr), 10bv32) && bvslt32(old(memory_load32_le(mem, $x_addr)), 10bv32))) || ((memory_load32_le(mem, $x_addr) == 21bv32) && (old(memory_load32_le(mem, $x_addr)) == 20bv32))); free ensures (memory_load8_le(mem, 1852bv64) == 1bv8); @@ -73,7 +73,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (((memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))) || (bvsle32(memory_load32_le(mem, $x_addr), 10bv32) && bvslt32(old(memory_load32_le(mem, $x_addr)), 10bv32))) || ((memory_load32_le(mem, $x_addr) == 21bv32) && (old(memory_load32_le(mem, $x_addr)) == 20bv32))); { call rely(); @@ -86,7 +86,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert (((memory_load32_le(mem, $x_addr) == memory_load32_le(mem, $x_addr)) || ((memory_load32_le(mem, $x_addr) == 20bv32) && (memory_load32_le(mem, $x_addr) == 0bv32))) || ((memory_load32_le(mem, $x_addr) == 20bv32) && bvsle32(memory_load32_le(mem, $x_addr), 10bv32))); } diff --git a/src/test/correct/basic_loop_assign/clang_no_plt_no_pic/basic_loop_assign.expected b/src/test/correct/basic_loop_assign/clang_no_plt_no_pic/basic_loop_assign.expected index ca6cccfb2..509e77e86 100644 --- a/src/test/correct/basic_loop_assign/clang_no_plt_no_pic/basic_loop_assign.expected +++ b/src/test/correct/basic_loop_assign/clang_no_plt_no_pic/basic_loop_assign.expected @@ -32,7 +32,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (((memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))) || (bvsle32(memory_load32_le(mem, $x_addr), 10bv32) && bvslt32(old(memory_load32_le(mem, $x_addr)), 10bv32))) || ((memory_load32_le(mem, $x_addr) == 21bv32) && (old(memory_load32_le(mem, $x_addr)) == 20bv32))); free ensures (memory_load8_le(mem, 1852bv64) == 1bv8); @@ -73,7 +73,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (((memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))) || (bvsle32(memory_load32_le(mem, $x_addr), 10bv32) && bvslt32(old(memory_load32_le(mem, $x_addr)), 10bv32))) || ((memory_load32_le(mem, $x_addr) == 21bv32) && (old(memory_load32_le(mem, $x_addr)) == 20bv32))); { call rely(); @@ -86,7 +86,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert (((memory_load32_le(mem, $x_addr) == memory_load32_le(mem, $x_addr)) || ((memory_load32_le(mem, $x_addr) == 20bv32) && (memory_load32_le(mem, $x_addr) == 0bv32))) || ((memory_load32_le(mem, $x_addr) == 20bv32) && bvsle32(memory_load32_le(mem, $x_addr), 10bv32))); } diff --git a/src/test/correct/basic_loop_assign/clang_pic/basic_loop_assign.expected b/src/test/correct/basic_loop_assign/clang_pic/basic_loop_assign.expected index c0d226a26..d0fa27046 100644 --- a/src/test/correct/basic_loop_assign/clang_pic/basic_loop_assign.expected +++ b/src/test/correct/basic_loop_assign/clang_pic/basic_loop_assign.expected @@ -40,7 +40,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (((memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))) || (bvsle32(memory_load32_le(mem, $x_addr), 10bv32) && bvslt32(old(memory_load32_le(mem, $x_addr)), 10bv32))) || ((memory_load32_le(mem, $x_addr) == 21bv32) && (old(memory_load32_le(mem, $x_addr)) == 20bv32))); free ensures (memory_load8_le(mem, 1920bv64) == 1bv8); @@ -89,7 +89,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69599bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (((memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))) || (bvsle32(memory_load32_le(mem, $x_addr), 10bv32) && bvslt32(old(memory_load32_le(mem, $x_addr)), 10bv32))) || ((memory_load32_le(mem, $x_addr) == 21bv32) && (old(memory_load32_le(mem, $x_addr)) == 20bv32))); { call rely(); @@ -102,7 +102,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert (((memory_load32_le(mem, $x_addr) == memory_load32_le(mem, $x_addr)) || ((memory_load32_le(mem, $x_addr) == 20bv32) && (memory_load32_le(mem, $x_addr) == 0bv32))) || ((memory_load32_le(mem, $x_addr) == 20bv32) && bvsle32(memory_load32_le(mem, $x_addr), 10bv32))); } diff --git a/src/test/correct/basic_loop_assign/gcc/basic_loop_assign.expected b/src/test/correct/basic_loop_assign/gcc/basic_loop_assign.expected index 8986de2de..d2e9ce4b6 100644 --- a/src/test/correct/basic_loop_assign/gcc/basic_loop_assign.expected +++ b/src/test/correct/basic_loop_assign/gcc/basic_loop_assign.expected @@ -30,7 +30,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (((memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))) || (bvsle32(memory_load32_le(mem, $x_addr), 10bv32) && bvslt32(old(memory_load32_le(mem, $x_addr)), 10bv32))) || ((memory_load32_le(mem, $x_addr) == 21bv32) && (old(memory_load32_le(mem, $x_addr)) == 20bv32))); free ensures (memory_load8_le(mem, 1856bv64) == 1bv8); @@ -71,7 +71,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (((memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))) || (bvsle32(memory_load32_le(mem, $x_addr), 10bv32) && bvslt32(old(memory_load32_le(mem, $x_addr)), 10bv32))) || ((memory_load32_le(mem, $x_addr) == 21bv32) && (old(memory_load32_le(mem, $x_addr)) == 20bv32))); { call rely(); @@ -84,7 +84,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert (((memory_load32_le(mem, $x_addr) == memory_load32_le(mem, $x_addr)) || ((memory_load32_le(mem, $x_addr) == 20bv32) && (memory_load32_le(mem, $x_addr) == 0bv32))) || ((memory_load32_le(mem, $x_addr) == 20bv32) && bvsle32(memory_load32_le(mem, $x_addr), 10bv32))); } diff --git a/src/test/correct/basic_loop_assign/gcc_O2/basic_loop_assign.expected b/src/test/correct/basic_loop_assign/gcc_O2/basic_loop_assign.expected index abcae31a3..3b9101b12 100644 --- a/src/test/correct/basic_loop_assign/gcc_O2/basic_loop_assign.expected +++ b/src/test/correct/basic_loop_assign/gcc_O2/basic_loop_assign.expected @@ -32,7 +32,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (((memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))) || (bvsle32(memory_load32_le(mem, $x_addr), 10bv32) && bvslt32(old(memory_load32_le(mem, $x_addr)), 10bv32))) || ((memory_load32_le(mem, $x_addr) == 21bv32) && (old(memory_load32_le(mem, $x_addr)) == 20bv32))); free ensures (memory_load8_le(mem, 1896bv64) == 1bv8); @@ -73,7 +73,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (((memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))) || (bvsle32(memory_load32_le(mem, $x_addr), 10bv32) && bvslt32(old(memory_load32_le(mem, $x_addr)), 10bv32))) || ((memory_load32_le(mem, $x_addr) == 21bv32) && (old(memory_load32_le(mem, $x_addr)) == 20bv32))); { call rely(); @@ -86,7 +86,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert (((memory_load32_le(mem, $x_addr) == memory_load32_le(mem, $x_addr)) || ((memory_load32_le(mem, $x_addr) == 20bv32) && (memory_load32_le(mem, $x_addr) == 0bv32))) || ((memory_load32_le(mem, $x_addr) == 20bv32) && bvsle32(memory_load32_le(mem, $x_addr), 10bv32))); } diff --git a/src/test/correct/basic_loop_assign/gcc_no_plt_no_pic/basic_loop_assign.expected b/src/test/correct/basic_loop_assign/gcc_no_plt_no_pic/basic_loop_assign.expected index 8986de2de..d2e9ce4b6 100644 --- a/src/test/correct/basic_loop_assign/gcc_no_plt_no_pic/basic_loop_assign.expected +++ b/src/test/correct/basic_loop_assign/gcc_no_plt_no_pic/basic_loop_assign.expected @@ -30,7 +30,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (((memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))) || (bvsle32(memory_load32_le(mem, $x_addr), 10bv32) && bvslt32(old(memory_load32_le(mem, $x_addr)), 10bv32))) || ((memory_load32_le(mem, $x_addr) == 21bv32) && (old(memory_load32_le(mem, $x_addr)) == 20bv32))); free ensures (memory_load8_le(mem, 1856bv64) == 1bv8); @@ -71,7 +71,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (((memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))) || (bvsle32(memory_load32_le(mem, $x_addr), 10bv32) && bvslt32(old(memory_load32_le(mem, $x_addr)), 10bv32))) || ((memory_load32_le(mem, $x_addr) == 21bv32) && (old(memory_load32_le(mem, $x_addr)) == 20bv32))); { call rely(); @@ -84,7 +84,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert (((memory_load32_le(mem, $x_addr) == memory_load32_le(mem, $x_addr)) || ((memory_load32_le(mem, $x_addr) == 20bv32) && (memory_load32_le(mem, $x_addr) == 0bv32))) || ((memory_load32_le(mem, $x_addr) == 20bv32) && bvsle32(memory_load32_le(mem, $x_addr), 10bv32))); } diff --git a/src/test/correct/basic_loop_assign/gcc_pic/basic_loop_assign.expected b/src/test/correct/basic_loop_assign/gcc_pic/basic_loop_assign.expected index 1c56f894f..de1c11056 100644 --- a/src/test/correct/basic_loop_assign/gcc_pic/basic_loop_assign.expected +++ b/src/test/correct/basic_loop_assign/gcc_pic/basic_loop_assign.expected @@ -38,7 +38,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (((memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))) || (bvsle32(memory_load32_le(mem, $x_addr), 10bv32) && bvslt32(old(memory_load32_le(mem, $x_addr)), 10bv32))) || ((memory_load32_le(mem, $x_addr) == 21bv32) && (old(memory_load32_le(mem, $x_addr)) == 20bv32))); free ensures (memory_load8_le(mem, 1920bv64) == 1bv8); @@ -87,7 +87,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69015bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (((memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))) || (bvsle32(memory_load32_le(mem, $x_addr), 10bv32) && bvslt32(old(memory_load32_le(mem, $x_addr)), 10bv32))) || ((memory_load32_le(mem, $x_addr) == 21bv32) && (old(memory_load32_le(mem, $x_addr)) == 20bv32))); { call rely(); @@ -100,7 +100,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert (((memory_load32_le(mem, $x_addr) == memory_load32_le(mem, $x_addr)) || ((memory_load32_le(mem, $x_addr) == 20bv32) && (memory_load32_le(mem, $x_addr) == 0bv32))) || ((memory_load32_le(mem, $x_addr) == 20bv32) && bvsle32(memory_load32_le(mem, $x_addr), 10bv32))); } diff --git a/src/test/correct/basic_operation_evaluation/clang/basic_operation_evaluation.expected b/src/test/correct/basic_operation_evaluation/clang/basic_operation_evaluation.expected index 5ed2dabea..68b3adfae 100644 --- a/src/test/correct/basic_operation_evaluation/clang/basic_operation_evaluation.expected +++ b/src/test/correct/basic_operation_evaluation/clang/basic_operation_evaluation.expected @@ -59,7 +59,7 @@ function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 1"} zero_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1952bv64) == 1bv8); @@ -100,7 +100,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -111,10 +111,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() - modifies Gamma_R0, Gamma_R10, Gamma_R31, Gamma_R8, Gamma_R9, Gamma_mem, Gamma_stack, R0, R10, R31, R8, R9, mem, stack; + modifies Gamma_R0, Gamma_R10, Gamma_R31, Gamma_R8, Gamma_R9, Gamma_stack, R0, R10, R31, R8, R9, stack; free requires (memory_load8_le(mem, 69664bv64) == 0bv8); free requires (memory_load8_le(mem, 69665bv64) == 0bv8); free requires (memory_load8_le(mem, 69666bv64) == 0bv8); diff --git a/src/test/correct/basic_operation_evaluation/clang_O2/basic_operation_evaluation.expected b/src/test/correct/basic_operation_evaluation/clang_O2/basic_operation_evaluation.expected index 3cb1f1f82..1e9764f80 100644 --- a/src/test/correct/basic_operation_evaluation/clang_O2/basic_operation_evaluation.expected +++ b/src/test/correct/basic_operation_evaluation/clang_O2/basic_operation_evaluation.expected @@ -9,7 +9,7 @@ function memory_load8_le(memory: [bv64]bv8, index: bv64) returns (bv8) { } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1840bv64) == 1bv8); @@ -50,7 +50,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -61,10 +61,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() - modifies Gamma_R0, Gamma_mem, R0, mem; + modifies Gamma_R0, R0; free requires (memory_load8_le(mem, 69664bv64) == 0bv8); free requires (memory_load8_le(mem, 69665bv64) == 0bv8); free requires (memory_load8_le(mem, 69666bv64) == 0bv8); diff --git a/src/test/correct/basic_operation_evaluation/clang_no_plt_no_pic/basic_operation_evaluation.expected b/src/test/correct/basic_operation_evaluation/clang_no_plt_no_pic/basic_operation_evaluation.expected index c95aa1ff9..30009c38c 100644 --- a/src/test/correct/basic_operation_evaluation/clang_no_plt_no_pic/basic_operation_evaluation.expected +++ b/src/test/correct/basic_operation_evaluation/clang_no_plt_no_pic/basic_operation_evaluation.expected @@ -59,7 +59,7 @@ function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 1"} zero_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1952bv64) == 1bv8); @@ -100,7 +100,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -111,10 +111,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() - modifies Gamma_R0, Gamma_R10, Gamma_R31, Gamma_R8, Gamma_R9, Gamma_mem, Gamma_stack, R0, R10, R31, R8, R9, mem, stack; + modifies Gamma_R0, Gamma_R10, Gamma_R31, Gamma_R8, Gamma_R9, Gamma_stack, R0, R10, R31, R8, R9, stack; free requires (memory_load8_le(mem, 69664bv64) == 0bv8); free requires (memory_load8_le(mem, 69665bv64) == 0bv8); free requires (memory_load8_le(mem, 69666bv64) == 0bv8); diff --git a/src/test/correct/basic_operation_evaluation/clang_pic/basic_operation_evaluation.expected b/src/test/correct/basic_operation_evaluation/clang_pic/basic_operation_evaluation.expected index c95aa1ff9..30009c38c 100644 --- a/src/test/correct/basic_operation_evaluation/clang_pic/basic_operation_evaluation.expected +++ b/src/test/correct/basic_operation_evaluation/clang_pic/basic_operation_evaluation.expected @@ -59,7 +59,7 @@ function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 1"} zero_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1952bv64) == 1bv8); @@ -100,7 +100,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -111,10 +111,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() - modifies Gamma_R0, Gamma_R10, Gamma_R31, Gamma_R8, Gamma_R9, Gamma_mem, Gamma_stack, R0, R10, R31, R8, R9, mem, stack; + modifies Gamma_R0, Gamma_R10, Gamma_R31, Gamma_R8, Gamma_R9, Gamma_stack, R0, R10, R31, R8, R9, stack; free requires (memory_load8_le(mem, 69664bv64) == 0bv8); free requires (memory_load8_le(mem, 69665bv64) == 0bv8); free requires (memory_load8_le(mem, 69666bv64) == 0bv8); diff --git a/src/test/correct/basic_operation_evaluation/gcc/basic_operation_evaluation.expected b/src/test/correct/basic_operation_evaluation/gcc/basic_operation_evaluation.expected index 46274da8b..3d0958349 100644 --- a/src/test/correct/basic_operation_evaluation/gcc/basic_operation_evaluation.expected +++ b/src/test/correct/basic_operation_evaluation/gcc/basic_operation_evaluation.expected @@ -51,7 +51,7 @@ function memory_store64_le(memory: [bv64]bv8, index: bv64, value: bv64) returns function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1948bv64) == 1bv8); @@ -92,7 +92,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -103,10 +103,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() - modifies Gamma_R0, Gamma_R1, Gamma_R2, Gamma_R31, Gamma_mem, Gamma_stack, R0, R1, R2, R31, mem, stack; + modifies Gamma_R0, Gamma_R1, Gamma_R2, Gamma_R31, Gamma_stack, R0, R1, R2, R31, stack; free requires (memory_load8_le(mem, 69632bv64) == 0bv8); free requires (memory_load8_le(mem, 69633bv64) == 0bv8); free requires (memory_load8_le(mem, 69634bv64) == 0bv8); diff --git a/src/test/correct/basic_operation_evaluation/gcc_O2/basic_operation_evaluation.expected b/src/test/correct/basic_operation_evaluation/gcc_O2/basic_operation_evaluation.expected index b0da0005c..ab48890b6 100644 --- a/src/test/correct/basic_operation_evaluation/gcc_O2/basic_operation_evaluation.expected +++ b/src/test/correct/basic_operation_evaluation/gcc_O2/basic_operation_evaluation.expected @@ -9,7 +9,7 @@ function memory_load8_le(memory: [bv64]bv8, index: bv64) returns (bv8) { } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1896bv64) == 1bv8); @@ -50,7 +50,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -61,10 +61,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() - modifies Gamma_R0, Gamma_mem, R0, mem; + modifies Gamma_R0, R0; free requires (memory_load8_le(mem, 69632bv64) == 0bv8); free requires (memory_load8_le(mem, 69633bv64) == 0bv8); free requires (memory_load8_le(mem, 69634bv64) == 0bv8); diff --git a/src/test/correct/basic_operation_evaluation/gcc_no_plt_no_pic/basic_operation_evaluation.expected b/src/test/correct/basic_operation_evaluation/gcc_no_plt_no_pic/basic_operation_evaluation.expected index 9be906521..9612d9db9 100644 --- a/src/test/correct/basic_operation_evaluation/gcc_no_plt_no_pic/basic_operation_evaluation.expected +++ b/src/test/correct/basic_operation_evaluation/gcc_no_plt_no_pic/basic_operation_evaluation.expected @@ -51,7 +51,7 @@ function memory_store64_le(memory: [bv64]bv8, index: bv64, value: bv64) returns function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1948bv64) == 1bv8); @@ -92,7 +92,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -103,10 +103,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() - modifies Gamma_R0, Gamma_R1, Gamma_R2, Gamma_R31, Gamma_mem, Gamma_stack, R0, R1, R2, R31, mem, stack; + modifies Gamma_R0, Gamma_R1, Gamma_R2, Gamma_R31, Gamma_stack, R0, R1, R2, R31, stack; free requires (memory_load8_le(mem, 69632bv64) == 0bv8); free requires (memory_load8_le(mem, 69633bv64) == 0bv8); free requires (memory_load8_le(mem, 69634bv64) == 0bv8); diff --git a/src/test/correct/basic_operation_evaluation/gcc_pic/basic_operation_evaluation.expected b/src/test/correct/basic_operation_evaluation/gcc_pic/basic_operation_evaluation.expected index 9be906521..9612d9db9 100644 --- a/src/test/correct/basic_operation_evaluation/gcc_pic/basic_operation_evaluation.expected +++ b/src/test/correct/basic_operation_evaluation/gcc_pic/basic_operation_evaluation.expected @@ -51,7 +51,7 @@ function memory_store64_le(memory: [bv64]bv8, index: bv64, value: bv64) returns function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1948bv64) == 1bv8); @@ -92,7 +92,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -103,10 +103,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() - modifies Gamma_R0, Gamma_R1, Gamma_R2, Gamma_R31, Gamma_mem, Gamma_stack, R0, R1, R2, R31, mem, stack; + modifies Gamma_R0, Gamma_R1, Gamma_R2, Gamma_R31, Gamma_stack, R0, R1, R2, R31, stack; free requires (memory_load8_le(mem, 69632bv64) == 0bv8); free requires (memory_load8_le(mem, 69633bv64) == 0bv8); free requires (memory_load8_le(mem, 69634bv64) == 0bv8); diff --git a/src/test/correct/basic_sec_policy_read/clang/basic_sec_policy_read.expected b/src/test/correct/basic_sec_policy_read/clang/basic_sec_policy_read.expected index 2b4383f5a..30140b76d 100644 --- a/src/test/correct/basic_sec_policy_read/clang/basic_sec_policy_read.expected +++ b/src/test/correct/basic_sec_policy_read/clang/basic_sec_policy_read.expected @@ -47,7 +47,7 @@ function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 1"} zero_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures ((old(memory_load32_le(mem, $z_addr)) != 0bv32) ==> (memory_load32_le(mem, $z_addr) != 0bv32)); free ensures (memory_load8_le(mem, 1896bv64) == 1bv8); @@ -88,7 +88,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures ((old(memory_load32_le(mem, $z_addr)) != 0bv32) ==> (memory_load32_le(mem, $z_addr) != 0bv32)); { call rely(); @@ -101,7 +101,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert (memory_load32_le(mem, $z_addr) == memory_load32_le(mem, $z_addr)); } diff --git a/src/test/correct/basic_sec_policy_read/clang_O2/basic_sec_policy_read.expected b/src/test/correct/basic_sec_policy_read/clang_O2/basic_sec_policy_read.expected index 79413e520..999923f6d 100644 --- a/src/test/correct/basic_sec_policy_read/clang_O2/basic_sec_policy_read.expected +++ b/src/test/correct/basic_sec_policy_read/clang_O2/basic_sec_policy_read.expected @@ -37,7 +37,7 @@ function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 1"} zero_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures ((old(memory_load32_le(mem, $z_addr)) != 0bv32) ==> (memory_load32_le(mem, $z_addr) != 0bv32)); free ensures (memory_load8_le(mem, 1860bv64) == 1bv8); @@ -78,7 +78,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures ((old(memory_load32_le(mem, $z_addr)) != 0bv32) ==> (memory_load32_le(mem, $z_addr) != 0bv32)); { call rely(); @@ -91,7 +91,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert (memory_load32_le(mem, $z_addr) == memory_load32_le(mem, $z_addr)); } diff --git a/src/test/correct/basic_sec_policy_read/clang_no_plt_no_pic/basic_sec_policy_read.expected b/src/test/correct/basic_sec_policy_read/clang_no_plt_no_pic/basic_sec_policy_read.expected index bed2dba16..5f935e465 100644 --- a/src/test/correct/basic_sec_policy_read/clang_no_plt_no_pic/basic_sec_policy_read.expected +++ b/src/test/correct/basic_sec_policy_read/clang_no_plt_no_pic/basic_sec_policy_read.expected @@ -47,7 +47,7 @@ function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 1"} zero_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures ((old(memory_load32_le(mem, $z_addr)) != 0bv32) ==> (memory_load32_le(mem, $z_addr) != 0bv32)); free ensures (memory_load8_le(mem, 1896bv64) == 1bv8); @@ -88,7 +88,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures ((old(memory_load32_le(mem, $z_addr)) != 0bv32) ==> (memory_load32_le(mem, $z_addr) != 0bv32)); { call rely(); @@ -101,7 +101,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert (memory_load32_le(mem, $z_addr) == memory_load32_le(mem, $z_addr)); } diff --git a/src/test/correct/basic_sec_policy_read/clang_pic/basic_sec_policy_read.expected b/src/test/correct/basic_sec_policy_read/clang_pic/basic_sec_policy_read.expected index cbb9c9a4f..f2d986215 100644 --- a/src/test/correct/basic_sec_policy_read/clang_pic/basic_sec_policy_read.expected +++ b/src/test/correct/basic_sec_policy_read/clang_pic/basic_sec_policy_read.expected @@ -55,7 +55,7 @@ function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 1"} zero_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures ((old(memory_load32_le(mem, $z_addr)) != 0bv32) ==> (memory_load32_le(mem, $z_addr) != 0bv32)); free ensures (memory_load8_le(mem, 1968bv64) == 1bv8); @@ -112,7 +112,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69063bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures ((old(memory_load32_le(mem, $z_addr)) != 0bv32) ==> (memory_load32_le(mem, $z_addr) != 0bv32)); { call rely(); @@ -125,7 +125,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert (memory_load32_le(mem, $z_addr) == memory_load32_le(mem, $z_addr)); } diff --git a/src/test/correct/basic_sec_policy_read/gcc/basic_sec_policy_read.expected b/src/test/correct/basic_sec_policy_read/gcc/basic_sec_policy_read.expected index 74b1a4c1d..6bbc9f13c 100644 --- a/src/test/correct/basic_sec_policy_read/gcc/basic_sec_policy_read.expected +++ b/src/test/correct/basic_sec_policy_read/gcc/basic_sec_policy_read.expected @@ -45,7 +45,7 @@ function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 1"} zero_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures ((old(memory_load32_le(mem, $z_addr)) != 0bv32) ==> (memory_load32_le(mem, $z_addr) != 0bv32)); free ensures (memory_load8_le(mem, 1888bv64) == 1bv8); @@ -86,7 +86,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures ((old(memory_load32_le(mem, $z_addr)) != 0bv32) ==> (memory_load32_le(mem, $z_addr) != 0bv32)); { call rely(); @@ -99,7 +99,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert (memory_load32_le(mem, $z_addr) == memory_load32_le(mem, $z_addr)); } diff --git a/src/test/correct/basic_sec_policy_read/gcc_O2/basic_sec_policy_read.expected b/src/test/correct/basic_sec_policy_read/gcc_O2/basic_sec_policy_read.expected index 231ca25e6..afd185b0e 100644 --- a/src/test/correct/basic_sec_policy_read/gcc_O2/basic_sec_policy_read.expected +++ b/src/test/correct/basic_sec_policy_read/gcc_O2/basic_sec_policy_read.expected @@ -31,7 +31,7 @@ function memory_load8_le(memory: [bv64]bv8, index: bv64) returns (bv8) { function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures ((old(memory_load32_le(mem, $z_addr)) != 0bv32) ==> (memory_load32_le(mem, $z_addr) != 0bv32)); free ensures (memory_load8_le(mem, 1896bv64) == 1bv8); @@ -72,7 +72,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures ((old(memory_load32_le(mem, $z_addr)) != 0bv32) ==> (memory_load32_le(mem, $z_addr) != 0bv32)); { call rely(); @@ -85,7 +85,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert (memory_load32_le(mem, $z_addr) == memory_load32_le(mem, $z_addr)); } diff --git a/src/test/correct/basic_sec_policy_read/gcc_no_plt_no_pic/basic_sec_policy_read.expected b/src/test/correct/basic_sec_policy_read/gcc_no_plt_no_pic/basic_sec_policy_read.expected index d04af870c..9519b3247 100644 --- a/src/test/correct/basic_sec_policy_read/gcc_no_plt_no_pic/basic_sec_policy_read.expected +++ b/src/test/correct/basic_sec_policy_read/gcc_no_plt_no_pic/basic_sec_policy_read.expected @@ -45,7 +45,7 @@ function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 1"} zero_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures ((old(memory_load32_le(mem, $z_addr)) != 0bv32) ==> (memory_load32_le(mem, $z_addr) != 0bv32)); free ensures (memory_load8_le(mem, 1888bv64) == 1bv8); @@ -86,7 +86,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures ((old(memory_load32_le(mem, $z_addr)) != 0bv32) ==> (memory_load32_le(mem, $z_addr) != 0bv32)); { call rely(); @@ -99,7 +99,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert (memory_load32_le(mem, $z_addr) == memory_load32_le(mem, $z_addr)); } diff --git a/src/test/correct/basic_sec_policy_read/gcc_pic/basic_sec_policy_read.expected b/src/test/correct/basic_sec_policy_read/gcc_pic/basic_sec_policy_read.expected index 0703fecc5..cf41554ac 100644 --- a/src/test/correct/basic_sec_policy_read/gcc_pic/basic_sec_policy_read.expected +++ b/src/test/correct/basic_sec_policy_read/gcc_pic/basic_sec_policy_read.expected @@ -53,7 +53,7 @@ function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 1"} zero_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures ((old(memory_load32_le(mem, $z_addr)) != 0bv32) ==> (memory_load32_le(mem, $z_addr) != 0bv32)); free ensures (memory_load8_le(mem, 1952bv64) == 1bv8); @@ -110,7 +110,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69007bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures ((old(memory_load32_le(mem, $z_addr)) != 0bv32) ==> (memory_load32_le(mem, $z_addr) != 0bv32)); { call rely(); @@ -123,7 +123,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert (memory_load32_le(mem, $z_addr) == memory_load32_le(mem, $z_addr)); } diff --git a/src/test/correct/basic_sec_policy_write/clang/basic_sec_policy_write.expected b/src/test/correct/basic_sec_policy_write/clang/basic_sec_policy_write.expected index b9d369429..b76307c3e 100644 --- a/src/test/correct/basic_sec_policy_write/clang/basic_sec_policy_write.expected +++ b/src/test/correct/basic_sec_policy_write/clang/basic_sec_policy_write.expected @@ -43,7 +43,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (old(memory_load32_le(mem, $z_addr)) == memory_load32_le(mem, $z_addr)); free ensures (memory_load8_le(mem, 1888bv64) == 1bv8); @@ -84,7 +84,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (old(memory_load32_le(mem, $z_addr)) == memory_load32_le(mem, $z_addr)); { call rely(); @@ -97,7 +97,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert ((memory_load32_le(mem, $z_addr) != 0bv32) ==> (memory_load32_le(mem, $z_addr) != 0bv32)); } diff --git a/src/test/correct/basic_sec_policy_write/clang_O2/basic_sec_policy_write.expected b/src/test/correct/basic_sec_policy_write/clang_O2/basic_sec_policy_write.expected index f04c7f387..e11ed4e91 100644 --- a/src/test/correct/basic_sec_policy_write/clang_O2/basic_sec_policy_write.expected +++ b/src/test/correct/basic_sec_policy_write/clang_O2/basic_sec_policy_write.expected @@ -38,7 +38,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (old(memory_load32_le(mem, $z_addr)) == memory_load32_le(mem, $z_addr)); free ensures (memory_load8_le(mem, 1860bv64) == 1bv8); @@ -79,7 +79,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (old(memory_load32_le(mem, $z_addr)) == memory_load32_le(mem, $z_addr)); { call rely(); @@ -92,7 +92,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert ((memory_load32_le(mem, $z_addr) != 0bv32) ==> (memory_load32_le(mem, $z_addr) != 0bv32)); } diff --git a/src/test/correct/basic_sec_policy_write/clang_no_plt_no_pic/basic_sec_policy_write.expected b/src/test/correct/basic_sec_policy_write/clang_no_plt_no_pic/basic_sec_policy_write.expected index b9d369429..b76307c3e 100644 --- a/src/test/correct/basic_sec_policy_write/clang_no_plt_no_pic/basic_sec_policy_write.expected +++ b/src/test/correct/basic_sec_policy_write/clang_no_plt_no_pic/basic_sec_policy_write.expected @@ -43,7 +43,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (old(memory_load32_le(mem, $z_addr)) == memory_load32_le(mem, $z_addr)); free ensures (memory_load8_le(mem, 1888bv64) == 1bv8); @@ -84,7 +84,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (old(memory_load32_le(mem, $z_addr)) == memory_load32_le(mem, $z_addr)); { call rely(); @@ -97,7 +97,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert ((memory_load32_le(mem, $z_addr) != 0bv32) ==> (memory_load32_le(mem, $z_addr) != 0bv32)); } diff --git a/src/test/correct/basic_sec_policy_write/clang_pic/basic_sec_policy_write.expected b/src/test/correct/basic_sec_policy_write/clang_pic/basic_sec_policy_write.expected index 048921fea..e890cce75 100644 --- a/src/test/correct/basic_sec_policy_write/clang_pic/basic_sec_policy_write.expected +++ b/src/test/correct/basic_sec_policy_write/clang_pic/basic_sec_policy_write.expected @@ -51,7 +51,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (old(memory_load32_le(mem, $z_addr)) == memory_load32_le(mem, $z_addr)); free ensures (memory_load8_le(mem, 1960bv64) == 1bv8); @@ -108,7 +108,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69063bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (old(memory_load32_le(mem, $z_addr)) == memory_load32_le(mem, $z_addr)); { call rely(); @@ -121,7 +121,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert ((memory_load32_le(mem, $z_addr) != 0bv32) ==> (memory_load32_le(mem, $z_addr) != 0bv32)); } diff --git a/src/test/correct/basic_sec_policy_write/gcc/basic_sec_policy_write.expected b/src/test/correct/basic_sec_policy_write/gcc/basic_sec_policy_write.expected index a5cc3fa11..66696d8c5 100644 --- a/src/test/correct/basic_sec_policy_write/gcc/basic_sec_policy_write.expected +++ b/src/test/correct/basic_sec_policy_write/gcc/basic_sec_policy_write.expected @@ -39,7 +39,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (old(memory_load32_le(mem, $z_addr)) == memory_load32_le(mem, $z_addr)); free ensures (memory_load8_le(mem, 1912bv64) == 1bv8); @@ -80,7 +80,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (old(memory_load32_le(mem, $z_addr)) == memory_load32_le(mem, $z_addr)); { call rely(); @@ -93,7 +93,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert ((memory_load32_le(mem, $z_addr) != 0bv32) ==> (memory_load32_le(mem, $z_addr) != 0bv32)); } diff --git a/src/test/correct/basic_sec_policy_write/gcc_O2/basic_sec_policy_write.expected b/src/test/correct/basic_sec_policy_write/gcc_O2/basic_sec_policy_write.expected index 0462ef30e..10df92113 100644 --- a/src/test/correct/basic_sec_policy_write/gcc_O2/basic_sec_policy_write.expected +++ b/src/test/correct/basic_sec_policy_write/gcc_O2/basic_sec_policy_write.expected @@ -38,7 +38,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (old(memory_load32_le(mem, $z_addr)) == memory_load32_le(mem, $z_addr)); free ensures (memory_load8_le(mem, 1896bv64) == 1bv8); @@ -79,7 +79,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (old(memory_load32_le(mem, $z_addr)) == memory_load32_le(mem, $z_addr)); { call rely(); @@ -92,7 +92,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert ((memory_load32_le(mem, $z_addr) != 0bv32) ==> (memory_load32_le(mem, $z_addr) != 0bv32)); } diff --git a/src/test/correct/basic_sec_policy_write/gcc_no_plt_no_pic/basic_sec_policy_write.expected b/src/test/correct/basic_sec_policy_write/gcc_no_plt_no_pic/basic_sec_policy_write.expected index a5cc3fa11..66696d8c5 100644 --- a/src/test/correct/basic_sec_policy_write/gcc_no_plt_no_pic/basic_sec_policy_write.expected +++ b/src/test/correct/basic_sec_policy_write/gcc_no_plt_no_pic/basic_sec_policy_write.expected @@ -39,7 +39,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (old(memory_load32_le(mem, $z_addr)) == memory_load32_le(mem, $z_addr)); free ensures (memory_load8_le(mem, 1912bv64) == 1bv8); @@ -80,7 +80,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (old(memory_load32_le(mem, $z_addr)) == memory_load32_le(mem, $z_addr)); { call rely(); @@ -93,7 +93,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert ((memory_load32_le(mem, $z_addr) != 0bv32) ==> (memory_load32_le(mem, $z_addr) != 0bv32)); } diff --git a/src/test/correct/basic_sec_policy_write/gcc_pic/basic_sec_policy_write.expected b/src/test/correct/basic_sec_policy_write/gcc_pic/basic_sec_policy_write.expected index c83c238f5..09c819a7c 100644 --- a/src/test/correct/basic_sec_policy_write/gcc_pic/basic_sec_policy_write.expected +++ b/src/test/correct/basic_sec_policy_write/gcc_pic/basic_sec_policy_write.expected @@ -47,7 +47,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (old(memory_load32_le(mem, $z_addr)) == memory_load32_le(mem, $z_addr)); free ensures (memory_load8_le(mem, 1976bv64) == 1bv8); @@ -104,7 +104,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69007bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (old(memory_load32_le(mem, $z_addr)) == memory_load32_le(mem, $z_addr)); { call rely(); @@ -117,7 +117,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert ((memory_load32_le(mem, $z_addr) != 0bv32) ==> (memory_load32_le(mem, $z_addr) != 0bv32)); } diff --git a/src/test/correct/basicassign_gamma0/clang/basicassign_gamma0.expected b/src/test/correct/basicassign_gamma0/clang/basicassign_gamma0.expected index 697103ff8..baee5b809 100644 --- a/src/test/correct/basicassign_gamma0/clang/basicassign_gamma0.expected +++ b/src/test/correct/basicassign_gamma0/clang/basicassign_gamma0.expected @@ -37,7 +37,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (memory_load32_le(mem, $secret_addr) == old(memory_load32_le(mem, $secret_addr))); free ensures (memory_load8_le(mem, 1856bv64) == 1bv8); @@ -78,7 +78,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (memory_load32_le(mem, $secret_addr) == old(memory_load32_le(mem, $secret_addr))); { call rely(); @@ -91,7 +91,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() modifies Gamma_R0, Gamma_R8, Gamma_R9, Gamma_mem, R0, R8, R9, mem; diff --git a/src/test/correct/basicassign_gamma0/clang_O2/basicassign_gamma0.expected b/src/test/correct/basicassign_gamma0/clang_O2/basicassign_gamma0.expected index f051ead12..6d0a174ca 100644 --- a/src/test/correct/basicassign_gamma0/clang_O2/basicassign_gamma0.expected +++ b/src/test/correct/basicassign_gamma0/clang_O2/basicassign_gamma0.expected @@ -37,7 +37,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (memory_load32_le(mem, $secret_addr) == old(memory_load32_le(mem, $secret_addr))); free ensures (memory_load8_le(mem, 1856bv64) == 1bv8); @@ -78,7 +78,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (memory_load32_le(mem, $secret_addr) == old(memory_load32_le(mem, $secret_addr))); { call rely(); @@ -91,7 +91,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() modifies Gamma_R0, Gamma_R8, Gamma_R9, Gamma_mem, R0, R8, R9, mem; diff --git a/src/test/correct/basicassign_gamma0/clang_no_plt_no_pic/basicassign_gamma0.expected b/src/test/correct/basicassign_gamma0/clang_no_plt_no_pic/basicassign_gamma0.expected index 697103ff8..baee5b809 100644 --- a/src/test/correct/basicassign_gamma0/clang_no_plt_no_pic/basicassign_gamma0.expected +++ b/src/test/correct/basicassign_gamma0/clang_no_plt_no_pic/basicassign_gamma0.expected @@ -37,7 +37,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (memory_load32_le(mem, $secret_addr) == old(memory_load32_le(mem, $secret_addr))); free ensures (memory_load8_le(mem, 1856bv64) == 1bv8); @@ -78,7 +78,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (memory_load32_le(mem, $secret_addr) == old(memory_load32_le(mem, $secret_addr))); { call rely(); @@ -91,7 +91,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() modifies Gamma_R0, Gamma_R8, Gamma_R9, Gamma_mem, R0, R8, R9, mem; diff --git a/src/test/correct/basicassign_gamma0/clang_pic/basicassign_gamma0.expected b/src/test/correct/basicassign_gamma0/clang_pic/basicassign_gamma0.expected index fc0f4564a..491b1c61f 100644 --- a/src/test/correct/basicassign_gamma0/clang_pic/basicassign_gamma0.expected +++ b/src/test/correct/basicassign_gamma0/clang_pic/basicassign_gamma0.expected @@ -45,7 +45,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (memory_load32_le(mem, $secret_addr) == old(memory_load32_le(mem, $secret_addr))); free ensures (memory_load8_le(mem, 1928bv64) == 1bv8); @@ -102,7 +102,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69063bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (memory_load32_le(mem, $secret_addr) == old(memory_load32_le(mem, $secret_addr))); { call rely(); @@ -115,7 +115,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() modifies Gamma_R0, Gamma_R8, Gamma_R9, Gamma_mem, R0, R8, R9, mem; diff --git a/src/test/correct/basicassign_gamma0/gcc/basicassign_gamma0.expected b/src/test/correct/basicassign_gamma0/gcc/basicassign_gamma0.expected index 4034f8366..fe708ccc7 100644 --- a/src/test/correct/basicassign_gamma0/gcc/basicassign_gamma0.expected +++ b/src/test/correct/basicassign_gamma0/gcc/basicassign_gamma0.expected @@ -35,7 +35,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (memory_load32_le(mem, $secret_addr) == old(memory_load32_le(mem, $secret_addr))); free ensures (memory_load8_le(mem, 1864bv64) == 1bv8); @@ -76,7 +76,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (memory_load32_le(mem, $secret_addr) == old(memory_load32_le(mem, $secret_addr))); { call rely(); @@ -89,7 +89,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() modifies Gamma_R0, Gamma_R1, Gamma_mem, R0, R1, mem; diff --git a/src/test/correct/basicassign_gamma0/gcc_O2/basicassign_gamma0.expected b/src/test/correct/basicassign_gamma0/gcc_O2/basicassign_gamma0.expected index a33b33470..d6b06580d 100644 --- a/src/test/correct/basicassign_gamma0/gcc_O2/basicassign_gamma0.expected +++ b/src/test/correct/basicassign_gamma0/gcc_O2/basicassign_gamma0.expected @@ -37,7 +37,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (memory_load32_le(mem, $secret_addr) == old(memory_load32_le(mem, $secret_addr))); free ensures (memory_load8_le(mem, 1896bv64) == 1bv8); @@ -78,7 +78,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (memory_load32_le(mem, $secret_addr) == old(memory_load32_le(mem, $secret_addr))); { call rely(); @@ -91,7 +91,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() modifies Gamma_R0, Gamma_R1, Gamma_R2, Gamma_mem, R0, R1, R2, mem; diff --git a/src/test/correct/basicassign_gamma0/gcc_no_plt_no_pic/basicassign_gamma0.expected b/src/test/correct/basicassign_gamma0/gcc_no_plt_no_pic/basicassign_gamma0.expected index 4034f8366..fe708ccc7 100644 --- a/src/test/correct/basicassign_gamma0/gcc_no_plt_no_pic/basicassign_gamma0.expected +++ b/src/test/correct/basicassign_gamma0/gcc_no_plt_no_pic/basicassign_gamma0.expected @@ -35,7 +35,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (memory_load32_le(mem, $secret_addr) == old(memory_load32_le(mem, $secret_addr))); free ensures (memory_load8_le(mem, 1864bv64) == 1bv8); @@ -76,7 +76,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (memory_load32_le(mem, $secret_addr) == old(memory_load32_le(mem, $secret_addr))); { call rely(); @@ -89,7 +89,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() modifies Gamma_R0, Gamma_R1, Gamma_mem, R0, R1, mem; diff --git a/src/test/correct/basicassign_gamma0/gcc_pic/basicassign_gamma0.expected b/src/test/correct/basicassign_gamma0/gcc_pic/basicassign_gamma0.expected index 21ad39067..705b6a46c 100644 --- a/src/test/correct/basicassign_gamma0/gcc_pic/basicassign_gamma0.expected +++ b/src/test/correct/basicassign_gamma0/gcc_pic/basicassign_gamma0.expected @@ -43,7 +43,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (memory_load32_le(mem, $secret_addr) == old(memory_load32_le(mem, $secret_addr))); free ensures (memory_load8_le(mem, 1928bv64) == 1bv8); @@ -100,7 +100,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69007bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (memory_load32_le(mem, $secret_addr) == old(memory_load32_le(mem, $secret_addr))); { call rely(); @@ -113,7 +113,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() modifies Gamma_R0, Gamma_R1, Gamma_mem, R0, R1, mem; diff --git a/src/test/correct/basicfree/clang/basicfree.expected b/src/test/correct/basicfree/clang/basicfree.expected index f51e06629..12202cbfb 100644 --- a/src/test/correct/basicfree/clang/basicfree.expected +++ b/src/test/correct/basicfree/clang/basicfree.expected @@ -54,7 +54,7 @@ function memory_store64_le(memory: [bv64]bv8, index: bv64, value: bv64) returns } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 2080bv64) == 1bv8); @@ -95,7 +95,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69695bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -106,10 +106,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure #free(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2080bv64) == 1bv8); free requires (memory_load8_le(mem, 2081bv64) == 0bv8); free requires (memory_load8_le(mem, 2082bv64) == 2bv8); @@ -312,7 +312,7 @@ procedure main() } procedure malloc(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2080bv64) == 1bv8); free requires (memory_load8_le(mem, 2081bv64) == 0bv8); free requires (memory_load8_le(mem, 2082bv64) == 2bv8); diff --git a/src/test/correct/basicfree/clang_O2/basicfree.expected b/src/test/correct/basicfree/clang_O2/basicfree.expected index 35d0f1718..8637d2c74 100644 --- a/src/test/correct/basicfree/clang_O2/basicfree.expected +++ b/src/test/correct/basicfree/clang_O2/basicfree.expected @@ -7,7 +7,7 @@ function memory_load8_le(memory: [bv64]bv8, index: bv64) returns (bv8) { } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1836bv64) == 1bv8); @@ -48,7 +48,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -59,10 +59,9 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() - modifies Gamma_mem, mem; free requires (memory_load8_le(mem, 69664bv64) == 0bv8); free requires (memory_load8_le(mem, 69665bv64) == 0bv8); free requires (memory_load8_le(mem, 69666bv64) == 0bv8); diff --git a/src/test/correct/basicfree/clang_no_plt_no_pic/basicfree.expected b/src/test/correct/basicfree/clang_no_plt_no_pic/basicfree.expected index 3aa46f1fa..f78216dd1 100644 --- a/src/test/correct/basicfree/clang_no_plt_no_pic/basicfree.expected +++ b/src/test/correct/basicfree/clang_no_plt_no_pic/basicfree.expected @@ -54,7 +54,7 @@ function memory_store64_le(memory: [bv64]bv8, index: bv64, value: bv64) returns } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 2080bv64) == 1bv8); @@ -95,7 +95,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69695bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -106,10 +106,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure #free(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2080bv64) == 1bv8); free requires (memory_load8_le(mem, 2081bv64) == 0bv8); free requires (memory_load8_le(mem, 2082bv64) == 2bv8); @@ -312,7 +312,7 @@ procedure main() } procedure malloc(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2080bv64) == 1bv8); free requires (memory_load8_le(mem, 2081bv64) == 0bv8); free requires (memory_load8_le(mem, 2082bv64) == 2bv8); diff --git a/src/test/correct/basicfree/clang_pic/basicfree.expected b/src/test/correct/basicfree/clang_pic/basicfree.expected index 3aa46f1fa..f78216dd1 100644 --- a/src/test/correct/basicfree/clang_pic/basicfree.expected +++ b/src/test/correct/basicfree/clang_pic/basicfree.expected @@ -54,7 +54,7 @@ function memory_store64_le(memory: [bv64]bv8, index: bv64, value: bv64) returns } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 2080bv64) == 1bv8); @@ -95,7 +95,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69695bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -106,10 +106,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure #free(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2080bv64) == 1bv8); free requires (memory_load8_le(mem, 2081bv64) == 0bv8); free requires (memory_load8_le(mem, 2082bv64) == 2bv8); @@ -312,7 +312,7 @@ procedure main() } procedure malloc(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2080bv64) == 1bv8); free requires (memory_load8_le(mem, 2081bv64) == 0bv8); free requires (memory_load8_le(mem, 2082bv64) == 2bv8); diff --git a/src/test/correct/basicfree/gcc/basicfree.expected b/src/test/correct/basicfree/gcc/basicfree.expected index 7f843f0ae..200f0b0ab 100644 --- a/src/test/correct/basicfree/gcc/basicfree.expected +++ b/src/test/correct/basicfree/gcc/basicfree.expected @@ -52,7 +52,7 @@ function memory_store64_le(memory: [bv64]bv8, index: bv64, value: bv64) returns } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 2076bv64) == 1bv8); @@ -93,7 +93,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -104,10 +104,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure #free(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2076bv64) == 1bv8); free requires (memory_load8_le(mem, 2077bv64) == 0bv8); free requires (memory_load8_le(mem, 2078bv64) == 2bv8); @@ -307,7 +307,7 @@ procedure main() } procedure malloc(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2076bv64) == 1bv8); free requires (memory_load8_le(mem, 2077bv64) == 0bv8); free requires (memory_load8_le(mem, 2078bv64) == 2bv8); diff --git a/src/test/correct/basicfree/gcc_O2/basicfree.expected b/src/test/correct/basicfree/gcc_O2/basicfree.expected index c28005b50..a86190f67 100644 --- a/src/test/correct/basicfree/gcc_O2/basicfree.expected +++ b/src/test/correct/basicfree/gcc_O2/basicfree.expected @@ -7,7 +7,7 @@ function memory_load8_le(memory: [bv64]bv8, index: bv64) returns (bv8) { } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1896bv64) == 1bv8); @@ -48,7 +48,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -59,10 +59,9 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() - modifies Gamma_mem, mem; free requires (memory_load8_le(mem, 69632bv64) == 0bv8); free requires (memory_load8_le(mem, 69633bv64) == 0bv8); free requires (memory_load8_le(mem, 69634bv64) == 0bv8); diff --git a/src/test/correct/basicfree/gcc_no_plt_no_pic/basicfree.expected b/src/test/correct/basicfree/gcc_no_plt_no_pic/basicfree.expected index 8aab6bf37..d248004cb 100644 --- a/src/test/correct/basicfree/gcc_no_plt_no_pic/basicfree.expected +++ b/src/test/correct/basicfree/gcc_no_plt_no_pic/basicfree.expected @@ -52,7 +52,7 @@ function memory_store64_le(memory: [bv64]bv8, index: bv64, value: bv64) returns } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 2076bv64) == 1bv8); @@ -93,7 +93,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -104,10 +104,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure #free(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2076bv64) == 1bv8); free requires (memory_load8_le(mem, 2077bv64) == 0bv8); free requires (memory_load8_le(mem, 2078bv64) == 2bv8); @@ -307,7 +307,7 @@ procedure main() } procedure malloc(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2076bv64) == 1bv8); free requires (memory_load8_le(mem, 2077bv64) == 0bv8); free requires (memory_load8_le(mem, 2078bv64) == 2bv8); diff --git a/src/test/correct/basicfree/gcc_pic/basicfree.expected b/src/test/correct/basicfree/gcc_pic/basicfree.expected index 8aab6bf37..d248004cb 100644 --- a/src/test/correct/basicfree/gcc_pic/basicfree.expected +++ b/src/test/correct/basicfree/gcc_pic/basicfree.expected @@ -52,7 +52,7 @@ function memory_store64_le(memory: [bv64]bv8, index: bv64, value: bv64) returns } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 2076bv64) == 1bv8); @@ -93,7 +93,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -104,10 +104,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure #free(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2076bv64) == 1bv8); free requires (memory_load8_le(mem, 2077bv64) == 0bv8); free requires (memory_load8_le(mem, 2078bv64) == 2bv8); @@ -307,7 +307,7 @@ procedure main() } procedure malloc(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2076bv64) == 1bv8); free requires (memory_load8_le(mem, 2077bv64) == 0bv8); free requires (memory_load8_le(mem, 2078bv64) == 2bv8); diff --git a/src/test/correct/cjump/clang/cjump.expected b/src/test/correct/cjump/clang/cjump.expected index 23e5bed87..a17542801 100644 --- a/src/test/correct/cjump/clang/cjump.expected +++ b/src/test/correct/cjump/clang/cjump.expected @@ -49,7 +49,7 @@ function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 1"} zero_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1916bv64) == 1bv8); @@ -90,7 +90,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -101,7 +101,7 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_R9, Gamma_mem, Gamma_stack, R0, R31, R8, R9, mem, stack; diff --git a/src/test/correct/cjump/clang_O2/cjump.expected b/src/test/correct/cjump/clang_O2/cjump.expected index 54f5bda73..170c6ac8d 100644 --- a/src/test/correct/cjump/clang_O2/cjump.expected +++ b/src/test/correct/cjump/clang_O2/cjump.expected @@ -36,7 +36,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1864bv64) == 1bv8); @@ -77,7 +77,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -88,7 +88,7 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() modifies Gamma_R0, Gamma_R10, Gamma_R11, Gamma_R8, Gamma_R9, Gamma_mem, R0, R10, R11, R8, R9, mem; diff --git a/src/test/correct/cjump/clang_no_plt_no_pic/cjump.expected b/src/test/correct/cjump/clang_no_plt_no_pic/cjump.expected index 638ace2d9..f0d4e8e44 100644 --- a/src/test/correct/cjump/clang_no_plt_no_pic/cjump.expected +++ b/src/test/correct/cjump/clang_no_plt_no_pic/cjump.expected @@ -49,7 +49,7 @@ function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 1"} zero_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1916bv64) == 1bv8); @@ -90,7 +90,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -101,7 +101,7 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_R9, Gamma_mem, Gamma_stack, R0, R31, R8, R9, mem, stack; diff --git a/src/test/correct/cjump/clang_pic/cjump.expected b/src/test/correct/cjump/clang_pic/cjump.expected index 063941cfc..f7afa4a8a 100644 --- a/src/test/correct/cjump/clang_pic/cjump.expected +++ b/src/test/correct/cjump/clang_pic/cjump.expected @@ -57,7 +57,7 @@ function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 1"} zero_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1992bv64) == 1bv8); @@ -114,7 +114,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69063bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -125,7 +125,7 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_R9, Gamma_mem, Gamma_stack, R0, R31, R8, R9, mem, stack; diff --git a/src/test/correct/cjump/gcc/cjump.expected b/src/test/correct/cjump/gcc/cjump.expected index 1563dba23..3cade154e 100644 --- a/src/test/correct/cjump/gcc/cjump.expected +++ b/src/test/correct/cjump/gcc/cjump.expected @@ -43,7 +43,7 @@ function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 1"} zero_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1912bv64) == 1bv8); @@ -84,7 +84,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -95,7 +95,7 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() modifies Gamma_R0, Gamma_R1, Gamma_mem, R0, R1, mem; diff --git a/src/test/correct/cjump/gcc_O2/cjump.expected b/src/test/correct/cjump/gcc_O2/cjump.expected index 97109c2f0..5fb2db688 100644 --- a/src/test/correct/cjump/gcc_O2/cjump.expected +++ b/src/test/correct/cjump/gcc_O2/cjump.expected @@ -34,7 +34,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1896bv64) == 1bv8); @@ -75,7 +75,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -86,7 +86,7 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() modifies Gamma_R0, Gamma_R1, Gamma_R2, Gamma_R3, Gamma_mem, R0, R1, R2, R3, mem; diff --git a/src/test/correct/cjump/gcc_no_plt_no_pic/cjump.expected b/src/test/correct/cjump/gcc_no_plt_no_pic/cjump.expected index f99bcb88d..9cb62b9bb 100644 --- a/src/test/correct/cjump/gcc_no_plt_no_pic/cjump.expected +++ b/src/test/correct/cjump/gcc_no_plt_no_pic/cjump.expected @@ -43,7 +43,7 @@ function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 1"} zero_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1912bv64) == 1bv8); @@ -84,7 +84,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -95,7 +95,7 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() modifies Gamma_R0, Gamma_R1, Gamma_mem, R0, R1, mem; diff --git a/src/test/correct/cjump/gcc_pic/cjump.expected b/src/test/correct/cjump/gcc_pic/cjump.expected index 58ff7dc20..54c34667c 100644 --- a/src/test/correct/cjump/gcc_pic/cjump.expected +++ b/src/test/correct/cjump/gcc_pic/cjump.expected @@ -51,7 +51,7 @@ function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 1"} zero_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1976bv64) == 1bv8); @@ -108,7 +108,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69007bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -119,7 +119,7 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() modifies Gamma_R0, Gamma_R1, Gamma_mem, R0, R1, mem; diff --git a/src/test/correct/function/clang/function.expected b/src/test/correct/function/clang/function.expected index 42442a817..c61514f51 100644 --- a/src/test/correct/function/clang/function.expected +++ b/src/test/correct/function/clang/function.expected @@ -56,7 +56,7 @@ function memory_store64_le(memory: [bv64]bv8, index: bv64, value: bv64) returns } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1884bv64) == 1bv8); @@ -97,7 +97,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -108,10 +108,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure get_two() - modifies Gamma_R0, Gamma_mem, R0, mem; + modifies Gamma_R0, R0; free requires (memory_load8_le(mem, 1884bv64) == 1bv8); free requires (memory_load8_le(mem, 1885bv64) == 0bv8); free requires (memory_load8_le(mem, 1886bv64) == 2bv8); diff --git a/src/test/correct/function/clang_O2/function.expected b/src/test/correct/function/clang_O2/function.expected index 6da2259d6..9303fc01f 100644 --- a/src/test/correct/function/clang_O2/function.expected +++ b/src/test/correct/function/clang_O2/function.expected @@ -36,7 +36,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1872bv64) == 1bv8); @@ -77,7 +77,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -88,7 +88,7 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() modifies Gamma_R0, Gamma_R10, Gamma_R11, Gamma_R8, Gamma_R9, Gamma_mem, R0, R10, R11, R8, R9, mem; diff --git a/src/test/correct/function/clang_no_plt_no_pic/function.expected b/src/test/correct/function/clang_no_plt_no_pic/function.expected index 42442a817..c61514f51 100644 --- a/src/test/correct/function/clang_no_plt_no_pic/function.expected +++ b/src/test/correct/function/clang_no_plt_no_pic/function.expected @@ -56,7 +56,7 @@ function memory_store64_le(memory: [bv64]bv8, index: bv64, value: bv64) returns } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1884bv64) == 1bv8); @@ -97,7 +97,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -108,10 +108,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure get_two() - modifies Gamma_R0, Gamma_mem, R0, mem; + modifies Gamma_R0, R0; free requires (memory_load8_le(mem, 1884bv64) == 1bv8); free requires (memory_load8_le(mem, 1885bv64) == 0bv8); free requires (memory_load8_le(mem, 1886bv64) == 2bv8); diff --git a/src/test/correct/function/clang_pic/function.expected b/src/test/correct/function/clang_pic/function.expected index 7be08dea2..bcd55e2bb 100644 --- a/src/test/correct/function/clang_pic/function.expected +++ b/src/test/correct/function/clang_pic/function.expected @@ -56,7 +56,7 @@ function memory_store64_le(memory: [bv64]bv8, index: bv64, value: bv64) returns } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1956bv64) == 1bv8); @@ -113,7 +113,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69063bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -124,10 +124,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure get_two() - modifies Gamma_R0, Gamma_mem, R0, mem; + modifies Gamma_R0, R0; free requires (memory_load8_le(mem, 1956bv64) == 1bv8); free requires (memory_load8_le(mem, 1957bv64) == 0bv8); free requires (memory_load8_le(mem, 1958bv64) == 2bv8); diff --git a/src/test/correct/function/gcc/function.expected b/src/test/correct/function/gcc/function.expected index 58e3ebf73..a475b42d0 100644 --- a/src/test/correct/function/gcc/function.expected +++ b/src/test/correct/function/gcc/function.expected @@ -55,7 +55,7 @@ function memory_store64_le(memory: [bv64]bv8, index: bv64, value: bv64) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1896bv64) == 1bv8); @@ -96,7 +96,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -107,10 +107,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure get_two() - modifies Gamma_R0, Gamma_mem, R0, mem; + modifies Gamma_R0, R0; free requires (memory_load8_le(mem, 1896bv64) == 1bv8); free requires (memory_load8_le(mem, 1897bv64) == 0bv8); free requires (memory_load8_le(mem, 1898bv64) == 2bv8); diff --git a/src/test/correct/function/gcc_O2/function.expected b/src/test/correct/function/gcc_O2/function.expected index 4c49c2352..0131820aa 100644 --- a/src/test/correct/function/gcc_O2/function.expected +++ b/src/test/correct/function/gcc_O2/function.expected @@ -34,7 +34,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1916bv64) == 1bv8); @@ -75,7 +75,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -86,7 +86,7 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() modifies Gamma_R0, Gamma_R1, Gamma_R2, Gamma_R3, Gamma_mem, R0, R1, R2, R3, mem; diff --git a/src/test/correct/function/gcc_no_plt_no_pic/function.expected b/src/test/correct/function/gcc_no_plt_no_pic/function.expected index 58e3ebf73..a475b42d0 100644 --- a/src/test/correct/function/gcc_no_plt_no_pic/function.expected +++ b/src/test/correct/function/gcc_no_plt_no_pic/function.expected @@ -55,7 +55,7 @@ function memory_store64_le(memory: [bv64]bv8, index: bv64, value: bv64) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1896bv64) == 1bv8); @@ -96,7 +96,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -107,10 +107,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure get_two() - modifies Gamma_R0, Gamma_mem, R0, mem; + modifies Gamma_R0, R0; free requires (memory_load8_le(mem, 1896bv64) == 1bv8); free requires (memory_load8_le(mem, 1897bv64) == 0bv8); free requires (memory_load8_le(mem, 1898bv64) == 2bv8); diff --git a/src/test/correct/function/gcc_pic/function.expected b/src/test/correct/function/gcc_pic/function.expected index 6400d0bcc..20ca626e6 100644 --- a/src/test/correct/function/gcc_pic/function.expected +++ b/src/test/correct/function/gcc_pic/function.expected @@ -55,7 +55,7 @@ function memory_store64_le(memory: [bv64]bv8, index: bv64, value: bv64) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1960bv64) == 1bv8); @@ -112,7 +112,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69007bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -123,10 +123,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure get_two() - modifies Gamma_R0, Gamma_mem, R0, mem; + modifies Gamma_R0, R0; free requires (memory_load8_le(mem, 1960bv64) == 1bv8); free requires (memory_load8_le(mem, 1961bv64) == 0bv8); free requires (memory_load8_le(mem, 1962bv64) == 2bv8); diff --git a/src/test/correct/function1/clang/function1.expected b/src/test/correct/function1/clang/function1.expected index 10a73406a..209b36c74 100644 --- a/src/test/correct/function1/clang/function1.expected +++ b/src/test/correct/function1/clang/function1.expected @@ -86,7 +86,7 @@ function {:bvbuiltin "sign_extend 32"} sign_extend32_32(bv32) returns (bv64); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); function {:bvbuiltin "zero_extend 56"} zero_extend56_8(bv8) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 2024bv64) == 1bv8); @@ -131,7 +131,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69687bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -142,10 +142,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure get_two() - modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_R9, Gamma_mem, Gamma_stack, R0, R31, R8, R9, mem, stack; + modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_R9, Gamma_stack, R0, R31, R8, R9, stack; free requires (memory_load8_le(mem, 2024bv64) == 1bv8); free requires (memory_load8_le(mem, 2025bv64) == 0bv8); free requires (memory_load8_le(mem, 2026bv64) == 2bv8); @@ -389,7 +389,7 @@ procedure main() } procedure printf(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2024bv64) == 1bv8); free requires (memory_load8_le(mem, 2025bv64) == 0bv8); free requires (memory_load8_le(mem, 2026bv64) == 2bv8); diff --git a/src/test/correct/function1/clang_O2/function1.expected b/src/test/correct/function1/clang_O2/function1.expected index b75d1c75a..b5fb16057 100644 --- a/src/test/correct/function1/clang_O2/function1.expected +++ b/src/test/correct/function1/clang_O2/function1.expected @@ -65,7 +65,7 @@ function memory_store64_le(memory: [bv64]bv8, index: bv64, value: bv64) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1976bv64) == 1bv8); @@ -110,7 +110,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69687bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -121,7 +121,7 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() modifies Gamma_R0, Gamma_R1, Gamma_R10, Gamma_R11, Gamma_R16, Gamma_R17, Gamma_R29, Gamma_R30, Gamma_R31, Gamma_R8, Gamma_R9, Gamma_mem, Gamma_stack, R0, R1, R10, R11, R16, R17, R29, R30, R31, R8, R9, mem, stack; @@ -261,7 +261,7 @@ procedure main() } procedure printf(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 1976bv64) == 1bv8); free requires (memory_load8_le(mem, 1977bv64) == 0bv8); free requires (memory_load8_le(mem, 1978bv64) == 2bv8); diff --git a/src/test/correct/function1/clang_no_plt_no_pic/function1.expected b/src/test/correct/function1/clang_no_plt_no_pic/function1.expected index 7c5c01d10..a2b338593 100644 --- a/src/test/correct/function1/clang_no_plt_no_pic/function1.expected +++ b/src/test/correct/function1/clang_no_plt_no_pic/function1.expected @@ -86,7 +86,7 @@ function {:bvbuiltin "sign_extend 32"} sign_extend32_32(bv32) returns (bv64); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); function {:bvbuiltin "zero_extend 56"} zero_extend56_8(bv8) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 2024bv64) == 1bv8); @@ -131,7 +131,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69687bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -142,10 +142,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure get_two() - modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_R9, Gamma_mem, Gamma_stack, R0, R31, R8, R9, mem, stack; + modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_R9, Gamma_stack, R0, R31, R8, R9, stack; free requires (memory_load8_le(mem, 2024bv64) == 1bv8); free requires (memory_load8_le(mem, 2025bv64) == 0bv8); free requires (memory_load8_le(mem, 2026bv64) == 2bv8); @@ -389,7 +389,7 @@ procedure main() } procedure printf(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2024bv64) == 1bv8); free requires (memory_load8_le(mem, 2025bv64) == 0bv8); free requires (memory_load8_le(mem, 2026bv64) == 2bv8); diff --git a/src/test/correct/function1/clang_pic/function1.expected b/src/test/correct/function1/clang_pic/function1.expected index 0b6653c2e..e0f10770f 100644 --- a/src/test/correct/function1/clang_pic/function1.expected +++ b/src/test/correct/function1/clang_pic/function1.expected @@ -86,7 +86,7 @@ function {:bvbuiltin "sign_extend 32"} sign_extend32_32(bv32) returns (bv64); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); function {:bvbuiltin "zero_extend 56"} zero_extend56_8(bv8) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 2096bv64) == 1bv8); @@ -147,7 +147,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69591bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -158,10 +158,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure get_two() - modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_R9, Gamma_mem, Gamma_stack, R0, R31, R8, R9, mem, stack; + modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_R9, Gamma_stack, R0, R31, R8, R9, stack; free requires (memory_load8_le(mem, 2096bv64) == 1bv8); free requires (memory_load8_le(mem, 2097bv64) == 0bv8); free requires (memory_load8_le(mem, 2098bv64) == 2bv8); @@ -473,7 +473,7 @@ procedure main() } procedure printf(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2096bv64) == 1bv8); free requires (memory_load8_le(mem, 2097bv64) == 0bv8); free requires (memory_load8_le(mem, 2098bv64) == 2bv8); diff --git a/src/test/correct/function1/gcc/function1.expected b/src/test/correct/function1/gcc/function1.expected index d7004b3b6..2e0921299 100644 --- a/src/test/correct/function1/gcc/function1.expected +++ b/src/test/correct/function1/gcc/function1.expected @@ -81,7 +81,7 @@ function memory_store8_le(memory: [bv64]bv8, index: bv64, value: bv8) returns ([ function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); function {:bvbuiltin "zero_extend 56"} zero_extend56_8(bv8) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 2048bv64) == 1bv8); @@ -130,7 +130,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -141,10 +141,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure get_two() - modifies Gamma_R0, Gamma_R1, Gamma_R31, Gamma_mem, Gamma_stack, R0, R1, R31, mem, stack; + modifies Gamma_R0, Gamma_R1, Gamma_R31, Gamma_stack, R0, R1, R31, stack; free requires (memory_load8_le(mem, 2048bv64) == 1bv8); free requires (memory_load8_le(mem, 2049bv64) == 0bv8); free requires (memory_load8_le(mem, 2050bv64) == 2bv8); @@ -410,7 +410,7 @@ procedure main() } procedure printf(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2048bv64) == 1bv8); free requires (memory_load8_le(mem, 2049bv64) == 0bv8); free requires (memory_load8_le(mem, 2050bv64) == 2bv8); diff --git a/src/test/correct/function1/gcc_O2/function1.expected b/src/test/correct/function1/gcc_O2/function1.expected index 547bb26b9..b201a791e 100644 --- a/src/test/correct/function1/gcc_O2/function1.expected +++ b/src/test/correct/function1/gcc_O2/function1.expected @@ -61,7 +61,7 @@ function memory_store64_le(memory: [bv64]bv8, index: bv64, value: bv64) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 2048bv64) == 1bv8); @@ -110,7 +110,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -121,10 +121,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure __printf_chk(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2048bv64) == 1bv8); free requires (memory_load8_le(mem, 2049bv64) == 0bv8); free requires (memory_load8_le(mem, 2050bv64) == 2bv8); diff --git a/src/test/correct/function1/gcc_no_plt_no_pic/function1.expected b/src/test/correct/function1/gcc_no_plt_no_pic/function1.expected index 1324c6b06..75b3a0aad 100644 --- a/src/test/correct/function1/gcc_no_plt_no_pic/function1.expected +++ b/src/test/correct/function1/gcc_no_plt_no_pic/function1.expected @@ -81,7 +81,7 @@ function memory_store8_le(memory: [bv64]bv8, index: bv64, value: bv8) returns ([ function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); function {:bvbuiltin "zero_extend 56"} zero_extend56_8(bv8) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 2048bv64) == 1bv8); @@ -130,7 +130,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -141,10 +141,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure get_two() - modifies Gamma_R0, Gamma_R1, Gamma_R31, Gamma_mem, Gamma_stack, R0, R1, R31, mem, stack; + modifies Gamma_R0, Gamma_R1, Gamma_R31, Gamma_stack, R0, R1, R31, stack; free requires (memory_load8_le(mem, 2048bv64) == 1bv8); free requires (memory_load8_le(mem, 2049bv64) == 0bv8); free requires (memory_load8_le(mem, 2050bv64) == 2bv8); @@ -410,7 +410,7 @@ procedure main() } procedure printf(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2048bv64) == 1bv8); free requires (memory_load8_le(mem, 2049bv64) == 0bv8); free requires (memory_load8_le(mem, 2050bv64) == 2bv8); diff --git a/src/test/correct/function1/gcc_pic/function1.expected b/src/test/correct/function1/gcc_pic/function1.expected index f591f752b..b33c27c06 100644 --- a/src/test/correct/function1/gcc_pic/function1.expected +++ b/src/test/correct/function1/gcc_pic/function1.expected @@ -81,7 +81,7 @@ function memory_store8_le(memory: [bv64]bv8, index: bv64, value: bv8) returns ([ function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); function {:bvbuiltin "zero_extend 56"} zero_extend56_8(bv8) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 2112bv64) == 1bv8); @@ -146,7 +146,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 68999bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -157,10 +157,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure get_two() - modifies Gamma_R0, Gamma_R1, Gamma_R31, Gamma_mem, Gamma_stack, R0, R1, R31, mem, stack; + modifies Gamma_R0, Gamma_R1, Gamma_R31, Gamma_stack, R0, R1, R31, stack; free requires (memory_load8_le(mem, 2112bv64) == 1bv8); free requires (memory_load8_le(mem, 2113bv64) == 0bv8); free requires (memory_load8_le(mem, 2114bv64) == 2bv8); @@ -493,7 +493,7 @@ procedure main() } procedure printf(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2112bv64) == 1bv8); free requires (memory_load8_le(mem, 2113bv64) == 0bv8); free requires (memory_load8_le(mem, 2114bv64) == 2bv8); diff --git a/src/test/correct/functions_with_params/clang/functions_with_params.expected b/src/test/correct/functions_with_params/clang/functions_with_params.expected index 85c6759ba..6fdd643ea 100644 --- a/src/test/correct/functions_with_params/clang/functions_with_params.expected +++ b/src/test/correct/functions_with_params/clang/functions_with_params.expected @@ -54,7 +54,7 @@ function memory_store64_le(memory: [bv64]bv8, index: bv64, value: bv64) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1912bv64) == 1bv8); @@ -95,7 +95,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -106,10 +106,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() - modifies Gamma_R0, Gamma_R29, Gamma_R30, Gamma_R31, Gamma_R8, Gamma_mem, Gamma_stack, R0, R29, R30, R31, R8, mem, stack; + modifies Gamma_R0, Gamma_R29, Gamma_R30, Gamma_R31, Gamma_R8, Gamma_stack, R0, R29, R30, R31, R8, stack; free requires (memory_load8_le(mem, 69664bv64) == 0bv8); free requires (memory_load8_le(mem, 69665bv64) == 0bv8); free requires (memory_load8_le(mem, 69666bv64) == 0bv8); @@ -232,7 +232,7 @@ procedure main() } procedure plus_one() - modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_mem, Gamma_stack, R0, R31, R8, mem, stack; + modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_stack, R0, R31, R8, stack; free requires (memory_load8_le(mem, 1912bv64) == 1bv8); free requires (memory_load8_le(mem, 1913bv64) == 0bv8); free requires (memory_load8_le(mem, 1914bv64) == 2bv8); diff --git a/src/test/correct/functions_with_params/clang_O2/functions_with_params.expected b/src/test/correct/functions_with_params/clang_O2/functions_with_params.expected index d3454a765..fd922f548 100644 --- a/src/test/correct/functions_with_params/clang_O2/functions_with_params.expected +++ b/src/test/correct/functions_with_params/clang_O2/functions_with_params.expected @@ -9,7 +9,7 @@ function memory_load8_le(memory: [bv64]bv8, index: bv64) returns (bv8) { } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1848bv64) == 1bv8); @@ -50,7 +50,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -61,10 +61,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() - modifies Gamma_R0, Gamma_mem, R0, mem; + modifies Gamma_R0, R0; free requires (memory_load8_le(mem, 69664bv64) == 0bv8); free requires (memory_load8_le(mem, 69665bv64) == 0bv8); free requires (memory_load8_le(mem, 69666bv64) == 0bv8); diff --git a/src/test/correct/functions_with_params/clang_no_plt_no_pic/functions_with_params.expected b/src/test/correct/functions_with_params/clang_no_plt_no_pic/functions_with_params.expected index 50cfbc3f5..f17db6c35 100644 --- a/src/test/correct/functions_with_params/clang_no_plt_no_pic/functions_with_params.expected +++ b/src/test/correct/functions_with_params/clang_no_plt_no_pic/functions_with_params.expected @@ -54,7 +54,7 @@ function memory_store64_le(memory: [bv64]bv8, index: bv64, value: bv64) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1912bv64) == 1bv8); @@ -95,7 +95,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -106,10 +106,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() - modifies Gamma_R0, Gamma_R29, Gamma_R30, Gamma_R31, Gamma_R8, Gamma_mem, Gamma_stack, R0, R29, R30, R31, R8, mem, stack; + modifies Gamma_R0, Gamma_R29, Gamma_R30, Gamma_R31, Gamma_R8, Gamma_stack, R0, R29, R30, R31, R8, stack; free requires (memory_load8_le(mem, 69664bv64) == 0bv8); free requires (memory_load8_le(mem, 69665bv64) == 0bv8); free requires (memory_load8_le(mem, 69666bv64) == 0bv8); @@ -232,7 +232,7 @@ procedure main() } procedure plus_one() - modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_mem, Gamma_stack, R0, R31, R8, mem, stack; + modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_stack, R0, R31, R8, stack; free requires (memory_load8_le(mem, 1912bv64) == 1bv8); free requires (memory_load8_le(mem, 1913bv64) == 0bv8); free requires (memory_load8_le(mem, 1914bv64) == 2bv8); diff --git a/src/test/correct/functions_with_params/clang_pic/functions_with_params.expected b/src/test/correct/functions_with_params/clang_pic/functions_with_params.expected index 50cfbc3f5..f17db6c35 100644 --- a/src/test/correct/functions_with_params/clang_pic/functions_with_params.expected +++ b/src/test/correct/functions_with_params/clang_pic/functions_with_params.expected @@ -54,7 +54,7 @@ function memory_store64_le(memory: [bv64]bv8, index: bv64, value: bv64) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1912bv64) == 1bv8); @@ -95,7 +95,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -106,10 +106,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() - modifies Gamma_R0, Gamma_R29, Gamma_R30, Gamma_R31, Gamma_R8, Gamma_mem, Gamma_stack, R0, R29, R30, R31, R8, mem, stack; + modifies Gamma_R0, Gamma_R29, Gamma_R30, Gamma_R31, Gamma_R8, Gamma_stack, R0, R29, R30, R31, R8, stack; free requires (memory_load8_le(mem, 69664bv64) == 0bv8); free requires (memory_load8_le(mem, 69665bv64) == 0bv8); free requires (memory_load8_le(mem, 69666bv64) == 0bv8); @@ -232,7 +232,7 @@ procedure main() } procedure plus_one() - modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_mem, Gamma_stack, R0, R31, R8, mem, stack; + modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_stack, R0, R31, R8, stack; free requires (memory_load8_le(mem, 1912bv64) == 1bv8); free requires (memory_load8_le(mem, 1913bv64) == 0bv8); free requires (memory_load8_le(mem, 1914bv64) == 2bv8); diff --git a/src/test/correct/functions_with_params/gcc/functions_with_params.expected b/src/test/correct/functions_with_params/gcc/functions_with_params.expected index 270b59faf..be5bbf199 100644 --- a/src/test/correct/functions_with_params/gcc/functions_with_params.expected +++ b/src/test/correct/functions_with_params/gcc/functions_with_params.expected @@ -52,7 +52,7 @@ function memory_store64_le(memory: [bv64]bv8, index: bv64, value: bv64) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1904bv64) == 1bv8); @@ -93,7 +93,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -104,10 +104,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() - modifies Gamma_R0, Gamma_R29, Gamma_R30, Gamma_R31, Gamma_mem, Gamma_stack, R0, R29, R30, R31, mem, stack; + modifies Gamma_R0, Gamma_R29, Gamma_R30, Gamma_R31, Gamma_stack, R0, R29, R30, R31, stack; free requires (memory_load8_le(mem, 69632bv64) == 0bv8); free requires (memory_load8_le(mem, 69633bv64) == 0bv8); free requires (memory_load8_le(mem, 69634bv64) == 0bv8); @@ -227,7 +227,7 @@ procedure main() } procedure plus_one() - modifies Gamma_R0, Gamma_R31, Gamma_mem, Gamma_stack, R0, R31, mem, stack; + modifies Gamma_R0, Gamma_R31, Gamma_stack, R0, R31, stack; free requires (memory_load8_le(mem, 1904bv64) == 1bv8); free requires (memory_load8_le(mem, 1905bv64) == 0bv8); free requires (memory_load8_le(mem, 1906bv64) == 2bv8); diff --git a/src/test/correct/functions_with_params/gcc_O2/functions_with_params.expected b/src/test/correct/functions_with_params/gcc_O2/functions_with_params.expected index 2a3a162c9..81f3e344b 100644 --- a/src/test/correct/functions_with_params/gcc_O2/functions_with_params.expected +++ b/src/test/correct/functions_with_params/gcc_O2/functions_with_params.expected @@ -9,7 +9,7 @@ function memory_load8_le(memory: [bv64]bv8, index: bv64) returns (bv8) { } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1916bv64) == 1bv8); @@ -50,7 +50,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -61,10 +61,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() - modifies Gamma_R0, Gamma_mem, R0, mem; + modifies Gamma_R0, R0; free requires (memory_load8_le(mem, 69632bv64) == 0bv8); free requires (memory_load8_le(mem, 69633bv64) == 0bv8); free requires (memory_load8_le(mem, 69634bv64) == 0bv8); diff --git a/src/test/correct/functions_with_params/gcc_no_plt_no_pic/functions_with_params.expected b/src/test/correct/functions_with_params/gcc_no_plt_no_pic/functions_with_params.expected index 75ed68f0d..72cfd1a2e 100644 --- a/src/test/correct/functions_with_params/gcc_no_plt_no_pic/functions_with_params.expected +++ b/src/test/correct/functions_with_params/gcc_no_plt_no_pic/functions_with_params.expected @@ -52,7 +52,7 @@ function memory_store64_le(memory: [bv64]bv8, index: bv64, value: bv64) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1904bv64) == 1bv8); @@ -93,7 +93,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -104,10 +104,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() - modifies Gamma_R0, Gamma_R29, Gamma_R30, Gamma_R31, Gamma_mem, Gamma_stack, R0, R29, R30, R31, mem, stack; + modifies Gamma_R0, Gamma_R29, Gamma_R30, Gamma_R31, Gamma_stack, R0, R29, R30, R31, stack; free requires (memory_load8_le(mem, 69632bv64) == 0bv8); free requires (memory_load8_le(mem, 69633bv64) == 0bv8); free requires (memory_load8_le(mem, 69634bv64) == 0bv8); @@ -227,7 +227,7 @@ procedure main() } procedure plus_one() - modifies Gamma_R0, Gamma_R31, Gamma_mem, Gamma_stack, R0, R31, mem, stack; + modifies Gamma_R0, Gamma_R31, Gamma_stack, R0, R31, stack; free requires (memory_load8_le(mem, 1904bv64) == 1bv8); free requires (memory_load8_le(mem, 1905bv64) == 0bv8); free requires (memory_load8_le(mem, 1906bv64) == 2bv8); diff --git a/src/test/correct/functions_with_params/gcc_pic/functions_with_params.expected b/src/test/correct/functions_with_params/gcc_pic/functions_with_params.expected index 75ed68f0d..72cfd1a2e 100644 --- a/src/test/correct/functions_with_params/gcc_pic/functions_with_params.expected +++ b/src/test/correct/functions_with_params/gcc_pic/functions_with_params.expected @@ -52,7 +52,7 @@ function memory_store64_le(memory: [bv64]bv8, index: bv64, value: bv64) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1904bv64) == 1bv8); @@ -93,7 +93,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -104,10 +104,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() - modifies Gamma_R0, Gamma_R29, Gamma_R30, Gamma_R31, Gamma_mem, Gamma_stack, R0, R29, R30, R31, mem, stack; + modifies Gamma_R0, Gamma_R29, Gamma_R30, Gamma_R31, Gamma_stack, R0, R29, R30, R31, stack; free requires (memory_load8_le(mem, 69632bv64) == 0bv8); free requires (memory_load8_le(mem, 69633bv64) == 0bv8); free requires (memory_load8_le(mem, 69634bv64) == 0bv8); @@ -227,7 +227,7 @@ procedure main() } procedure plus_one() - modifies Gamma_R0, Gamma_R31, Gamma_mem, Gamma_stack, R0, R31, mem, stack; + modifies Gamma_R0, Gamma_R31, Gamma_stack, R0, R31, stack; free requires (memory_load8_le(mem, 1904bv64) == 1bv8); free requires (memory_load8_le(mem, 1905bv64) == 0bv8); free requires (memory_load8_le(mem, 1906bv64) == 2bv8); diff --git a/src/test/correct/ifbranches/clang/ifbranches.expected b/src/test/correct/ifbranches/clang/ifbranches.expected index 5baa04bbe..9e3d4da3f 100644 --- a/src/test/correct/ifbranches/clang/ifbranches.expected +++ b/src/test/correct/ifbranches/clang/ifbranches.expected @@ -49,7 +49,7 @@ function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 1"} zero_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1920bv64) == 1bv8); @@ -90,7 +90,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -101,10 +101,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() - modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_mem, Gamma_stack, R0, R31, R8, mem, stack; + modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_stack, R0, R31, R8, stack; requires (Gamma_R0 == true); free requires (memory_load8_le(mem, 69664bv64) == 0bv8); free requires (memory_load8_le(mem, 69665bv64) == 0bv8); diff --git a/src/test/correct/ifbranches/clang_O2/ifbranches.expected b/src/test/correct/ifbranches/clang_O2/ifbranches.expected index 5c2ed1fcf..4a3d010fb 100644 --- a/src/test/correct/ifbranches/clang_O2/ifbranches.expected +++ b/src/test/correct/ifbranches/clang_O2/ifbranches.expected @@ -18,7 +18,7 @@ function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 1"} zero_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1848bv64) == 1bv8); @@ -59,7 +59,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -70,10 +70,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() - modifies Gamma_R0, Gamma_R8, Gamma_mem, R0, R8, mem; + modifies Gamma_R0, Gamma_R8, R0, R8; requires (Gamma_R0 == true); free requires (memory_load8_le(mem, 69664bv64) == 0bv8); free requires (memory_load8_le(mem, 69665bv64) == 0bv8); diff --git a/src/test/correct/ifbranches/clang_no_plt_no_pic/ifbranches.expected b/src/test/correct/ifbranches/clang_no_plt_no_pic/ifbranches.expected index a55fb67d6..76136db7d 100644 --- a/src/test/correct/ifbranches/clang_no_plt_no_pic/ifbranches.expected +++ b/src/test/correct/ifbranches/clang_no_plt_no_pic/ifbranches.expected @@ -49,7 +49,7 @@ function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 1"} zero_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1920bv64) == 1bv8); @@ -90,7 +90,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -101,10 +101,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() - modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_mem, Gamma_stack, R0, R31, R8, mem, stack; + modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_stack, R0, R31, R8, stack; requires (Gamma_R0 == true); free requires (memory_load8_le(mem, 69664bv64) == 0bv8); free requires (memory_load8_le(mem, 69665bv64) == 0bv8); diff --git a/src/test/correct/ifbranches/clang_pic/ifbranches.expected b/src/test/correct/ifbranches/clang_pic/ifbranches.expected index a55fb67d6..76136db7d 100644 --- a/src/test/correct/ifbranches/clang_pic/ifbranches.expected +++ b/src/test/correct/ifbranches/clang_pic/ifbranches.expected @@ -49,7 +49,7 @@ function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 1"} zero_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1920bv64) == 1bv8); @@ -90,7 +90,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -101,10 +101,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() - modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_mem, Gamma_stack, R0, R31, R8, mem, stack; + modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_stack, R0, R31, R8, stack; requires (Gamma_R0 == true); free requires (memory_load8_le(mem, 69664bv64) == 0bv8); free requires (memory_load8_le(mem, 69665bv64) == 0bv8); diff --git a/src/test/correct/ifbranches/gcc/ifbranches.expected b/src/test/correct/ifbranches/gcc/ifbranches.expected index 58a782b52..956bbeeb6 100644 --- a/src/test/correct/ifbranches/gcc/ifbranches.expected +++ b/src/test/correct/ifbranches/gcc/ifbranches.expected @@ -47,7 +47,7 @@ function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 1"} zero_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1904bv64) == 1bv8); @@ -88,7 +88,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -99,10 +99,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() - modifies Gamma_R0, Gamma_R31, Gamma_mem, Gamma_stack, R0, R31, mem, stack; + modifies Gamma_R0, Gamma_R31, Gamma_stack, R0, R31, stack; requires (Gamma_R0 == true); free requires (memory_load8_le(mem, 69632bv64) == 0bv8); free requires (memory_load8_le(mem, 69633bv64) == 0bv8); diff --git a/src/test/correct/ifbranches/gcc_O2/ifbranches.expected b/src/test/correct/ifbranches/gcc_O2/ifbranches.expected index d8a4e4298..f90c20326 100644 --- a/src/test/correct/ifbranches/gcc_O2/ifbranches.expected +++ b/src/test/correct/ifbranches/gcc_O2/ifbranches.expected @@ -16,7 +16,7 @@ function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 1"} zero_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1896bv64) == 1bv8); @@ -57,7 +57,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -68,10 +68,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() - modifies Gamma_R0, Gamma_mem, R0, mem; + modifies Gamma_R0, R0; requires (Gamma_R0 == true); free requires (memory_load8_le(mem, 69632bv64) == 0bv8); free requires (memory_load8_le(mem, 69633bv64) == 0bv8); diff --git a/src/test/correct/ifbranches/gcc_no_plt_no_pic/ifbranches.expected b/src/test/correct/ifbranches/gcc_no_plt_no_pic/ifbranches.expected index dbb6c84b2..6dde1f98e 100644 --- a/src/test/correct/ifbranches/gcc_no_plt_no_pic/ifbranches.expected +++ b/src/test/correct/ifbranches/gcc_no_plt_no_pic/ifbranches.expected @@ -47,7 +47,7 @@ function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 1"} zero_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1904bv64) == 1bv8); @@ -88,7 +88,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -99,10 +99,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() - modifies Gamma_R0, Gamma_R31, Gamma_mem, Gamma_stack, R0, R31, mem, stack; + modifies Gamma_R0, Gamma_R31, Gamma_stack, R0, R31, stack; requires (Gamma_R0 == true); free requires (memory_load8_le(mem, 69632bv64) == 0bv8); free requires (memory_load8_le(mem, 69633bv64) == 0bv8); diff --git a/src/test/correct/ifbranches/gcc_pic/ifbranches.expected b/src/test/correct/ifbranches/gcc_pic/ifbranches.expected index dbb6c84b2..6dde1f98e 100644 --- a/src/test/correct/ifbranches/gcc_pic/ifbranches.expected +++ b/src/test/correct/ifbranches/gcc_pic/ifbranches.expected @@ -47,7 +47,7 @@ function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 1"} zero_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1904bv64) == 1bv8); @@ -88,7 +88,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -99,10 +99,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() - modifies Gamma_R0, Gamma_R31, Gamma_mem, Gamma_stack, R0, R31, mem, stack; + modifies Gamma_R0, Gamma_R31, Gamma_stack, R0, R31, stack; requires (Gamma_R0 == true); free requires (memory_load8_le(mem, 69632bv64) == 0bv8); free requires (memory_load8_le(mem, 69633bv64) == 0bv8); diff --git a/src/test/correct/ifglobal/clang/ifglobal.expected b/src/test/correct/ifglobal/clang/ifglobal.expected index 19eae9e24..c96637259 100644 --- a/src/test/correct/ifglobal/clang/ifglobal.expected +++ b/src/test/correct/ifglobal/clang/ifglobal.expected @@ -47,7 +47,7 @@ function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 1"} zero_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1892bv64) == 1bv8); @@ -88,7 +88,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -99,7 +99,7 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_R9, Gamma_mem, Gamma_stack, R0, R31, R8, R9, mem, stack; diff --git a/src/test/correct/ifglobal/clang_O2/ifglobal.expected b/src/test/correct/ifglobal/clang_O2/ifglobal.expected index 6525e4ff3..70f0c3d41 100644 --- a/src/test/correct/ifglobal/clang_O2/ifglobal.expected +++ b/src/test/correct/ifglobal/clang_O2/ifglobal.expected @@ -36,7 +36,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1868bv64) == 1bv8); @@ -77,7 +77,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -88,7 +88,7 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() modifies Gamma_R0, Gamma_R8, Gamma_R9, Gamma_mem, R0, R8, R9, mem; diff --git a/src/test/correct/ifglobal/clang_no_plt_no_pic/ifglobal.expected b/src/test/correct/ifglobal/clang_no_plt_no_pic/ifglobal.expected index ba70a9215..ecd732cd7 100644 --- a/src/test/correct/ifglobal/clang_no_plt_no_pic/ifglobal.expected +++ b/src/test/correct/ifglobal/clang_no_plt_no_pic/ifglobal.expected @@ -47,7 +47,7 @@ function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 1"} zero_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1892bv64) == 1bv8); @@ -88,7 +88,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -99,7 +99,7 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_R9, Gamma_mem, Gamma_stack, R0, R31, R8, R9, mem, stack; diff --git a/src/test/correct/ifglobal/clang_pic/ifglobal.expected b/src/test/correct/ifglobal/clang_pic/ifglobal.expected index 5e99e18c0..327f31f41 100644 --- a/src/test/correct/ifglobal/clang_pic/ifglobal.expected +++ b/src/test/correct/ifglobal/clang_pic/ifglobal.expected @@ -55,7 +55,7 @@ function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 1"} zero_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1964bv64) == 1bv8); @@ -104,7 +104,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69599bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -115,7 +115,7 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_R9, Gamma_mem, Gamma_stack, R0, R31, R8, R9, mem, stack; diff --git a/src/test/correct/ifglobal/gcc/ifglobal.expected b/src/test/correct/ifglobal/gcc/ifglobal.expected index 0a538a95d..fa3fd522b 100644 --- a/src/test/correct/ifglobal/gcc/ifglobal.expected +++ b/src/test/correct/ifglobal/gcc/ifglobal.expected @@ -41,7 +41,7 @@ function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 1"} zero_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1876bv64) == 1bv8); @@ -82,7 +82,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -93,7 +93,7 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() modifies Gamma_R0, Gamma_R1, Gamma_mem, R0, R1, mem; diff --git a/src/test/correct/ifglobal/gcc_O2/ifglobal.expected b/src/test/correct/ifglobal/gcc_O2/ifglobal.expected index d4599baf8..2b5fc6a39 100644 --- a/src/test/correct/ifglobal/gcc_O2/ifglobal.expected +++ b/src/test/correct/ifglobal/gcc_O2/ifglobal.expected @@ -35,7 +35,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1896bv64) == 1bv8); @@ -76,7 +76,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -87,7 +87,7 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() modifies Gamma_R0, Gamma_R1, Gamma_mem, R0, R1, mem; diff --git a/src/test/correct/ifglobal/gcc_no_plt_no_pic/ifglobal.expected b/src/test/correct/ifglobal/gcc_no_plt_no_pic/ifglobal.expected index cd0339c4e..b74831af7 100644 --- a/src/test/correct/ifglobal/gcc_no_plt_no_pic/ifglobal.expected +++ b/src/test/correct/ifglobal/gcc_no_plt_no_pic/ifglobal.expected @@ -41,7 +41,7 @@ function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 1"} zero_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1876bv64) == 1bv8); @@ -82,7 +82,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -93,7 +93,7 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() modifies Gamma_R0, Gamma_R1, Gamma_mem, R0, R1, mem; diff --git a/src/test/correct/ifglobal/gcc_pic/ifglobal.expected b/src/test/correct/ifglobal/gcc_pic/ifglobal.expected index 8cffd61d0..8e6c99707 100644 --- a/src/test/correct/ifglobal/gcc_pic/ifglobal.expected +++ b/src/test/correct/ifglobal/gcc_pic/ifglobal.expected @@ -49,7 +49,7 @@ function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 1"} zero_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1940bv64) == 1bv8); @@ -98,7 +98,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69015bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -109,7 +109,7 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() modifies Gamma_R0, Gamma_R1, Gamma_mem, R0, R1, mem; diff --git a/src/test/correct/indirect_call/clang_O2/indirect_call.expected b/src/test/correct/indirect_call/clang_O2/indirect_call.expected index 71d768da7..526771429 100644 --- a/src/test/correct/indirect_call/clang_O2/indirect_call.expected +++ b/src/test/correct/indirect_call/clang_O2/indirect_call.expected @@ -38,7 +38,7 @@ function memory_store64_le(memory: [bv64]bv8, index: bv64, value: bv64) returns } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1952bv64) == 1bv8); @@ -121,7 +121,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69687bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -132,10 +132,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() - modifies Gamma_R0, Gamma_R16, Gamma_R17, Gamma_R29, Gamma_R30, Gamma_R31, Gamma_mem, Gamma_stack, R0, R16, R17, R29, R30, R31, mem, stack; + modifies Gamma_R0, Gamma_R16, Gamma_R17, Gamma_R29, Gamma_R30, Gamma_R31, Gamma_stack, R0, R16, R17, R29, R30, R31, stack; free requires (memory_load8_le(mem, 69672bv64) == 0bv8); free requires (memory_load8_le(mem, 69673bv64) == 0bv8); free requires (memory_load8_le(mem, 69674bv64) == 0bv8); @@ -341,7 +341,7 @@ procedure main() } procedure puts(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 1952bv64) == 1bv8); free requires (memory_load8_le(mem, 1953bv64) == 0bv8); free requires (memory_load8_le(mem, 1954bv64) == 2bv8); diff --git a/src/test/correct/indirect_call/gcc_O2/indirect_call.expected b/src/test/correct/indirect_call/gcc_O2/indirect_call.expected index f2a32070b..46742d3c1 100644 --- a/src/test/correct/indirect_call/gcc_O2/indirect_call.expected +++ b/src/test/correct/indirect_call/gcc_O2/indirect_call.expected @@ -38,7 +38,7 @@ function memory_store64_le(memory: [bv64]bv8, index: bv64, value: bv64) returns } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1984bv64) == 1bv8); @@ -127,7 +127,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -138,10 +138,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure greet() - modifies Gamma_R0, Gamma_R16, Gamma_R17, Gamma_mem, R0, R16, R17, mem; + modifies Gamma_R0, Gamma_R16, Gamma_R17, R0, R16, R17; free requires (memory_load8_le(mem, 1984bv64) == 1bv8); free requires (memory_load8_le(mem, 1985bv64) == 0bv8); free requires (memory_load8_le(mem, 1986bv64) == 2bv8); @@ -320,7 +320,7 @@ procedure greet() } procedure main() - modifies Gamma_R0, Gamma_R16, Gamma_R17, Gamma_R29, Gamma_R30, Gamma_R31, Gamma_mem, Gamma_stack, R0, R16, R17, R29, R30, R31, mem, stack; + modifies Gamma_R0, Gamma_R16, Gamma_R17, Gamma_R29, Gamma_R30, Gamma_R31, Gamma_stack, R0, R16, R17, R29, R30, R31, stack; free requires (memory_load8_le(mem, 69632bv64) == 0bv8); free requires (memory_load8_le(mem, 69633bv64) == 0bv8); free requires (memory_load8_le(mem, 69634bv64) == 0bv8); @@ -536,7 +536,7 @@ procedure main() } procedure puts(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 1984bv64) == 1bv8); free requires (memory_load8_le(mem, 1985bv64) == 0bv8); free requires (memory_load8_le(mem, 1986bv64) == 2bv8); diff --git a/src/test/correct/initialisation/clang/initialisation.expected b/src/test/correct/initialisation/clang/initialisation.expected index 182c73c85..a129d4d89 100644 --- a/src/test/correct/initialisation/clang/initialisation.expected +++ b/src/test/correct/initialisation/clang/initialisation.expected @@ -81,7 +81,7 @@ function {:bvbuiltin "zero_extend 1"} zero_extend1_64(bv64) returns (bv65); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); function {:bvbuiltin "zero_extend 56"} zero_extend56_8(bv8) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1912bv64) == 1bv8); @@ -122,7 +122,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -133,7 +133,7 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() modifies Gamma_R0, Gamma_R10, Gamma_R11, Gamma_R8, Gamma_R9, Gamma_mem, R0, R10, R11, R8, R9, mem; diff --git a/src/test/correct/initialisation/clang_O2/initialisation.expected b/src/test/correct/initialisation/clang_O2/initialisation.expected index 14406c454..adf848ee9 100644 --- a/src/test/correct/initialisation/clang_O2/initialisation.expected +++ b/src/test/correct/initialisation/clang_O2/initialisation.expected @@ -83,7 +83,7 @@ function memory_store8_le(memory: [bv64]bv8, index: bv64, value: bv8) returns ([ function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); function {:bvbuiltin "zero_extend 56"} zero_extend56_8(bv8) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1908bv64) == 1bv8); @@ -124,7 +124,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -135,7 +135,7 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() modifies Gamma_R0, Gamma_R10, Gamma_R11, Gamma_R12, Gamma_R13, Gamma_R14, Gamma_R15, Gamma_R8, Gamma_R9, Gamma_mem, R0, R10, R11, R12, R13, R14, R15, R8, R9, mem; diff --git a/src/test/correct/initialisation/clang_no_plt_no_pic/initialisation.expected b/src/test/correct/initialisation/clang_no_plt_no_pic/initialisation.expected index 182c73c85..a129d4d89 100644 --- a/src/test/correct/initialisation/clang_no_plt_no_pic/initialisation.expected +++ b/src/test/correct/initialisation/clang_no_plt_no_pic/initialisation.expected @@ -81,7 +81,7 @@ function {:bvbuiltin "zero_extend 1"} zero_extend1_64(bv64) returns (bv65); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); function {:bvbuiltin "zero_extend 56"} zero_extend56_8(bv8) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1912bv64) == 1bv8); @@ -122,7 +122,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -133,7 +133,7 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() modifies Gamma_R0, Gamma_R10, Gamma_R11, Gamma_R8, Gamma_R9, Gamma_mem, R0, R10, R11, R8, R9, mem; diff --git a/src/test/correct/initialisation/clang_pic/initialisation.expected b/src/test/correct/initialisation/clang_pic/initialisation.expected index edef780c3..02ec4561d 100644 --- a/src/test/correct/initialisation/clang_pic/initialisation.expected +++ b/src/test/correct/initialisation/clang_pic/initialisation.expected @@ -79,7 +79,7 @@ function {:bvbuiltin "zero_extend 1"} zero_extend1_64(bv64) returns (bv65); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); function {:bvbuiltin "zero_extend 56"} zero_extend56_8(bv8) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 2048bv64) == 1bv8); @@ -152,7 +152,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69567bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -163,7 +163,7 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() modifies Gamma_R0, Gamma_R10, Gamma_R8, Gamma_R9, Gamma_mem, R0, R10, R8, R9, mem; diff --git a/src/test/correct/initialisation/gcc/initialisation.expected b/src/test/correct/initialisation/gcc/initialisation.expected index 6d74c9b96..e6ae1203b 100644 --- a/src/test/correct/initialisation/gcc/initialisation.expected +++ b/src/test/correct/initialisation/gcc/initialisation.expected @@ -69,7 +69,7 @@ function memory_store8_le(memory: [bv64]bv8, index: bv64, value: bv8) returns ([ function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); function {:bvbuiltin "zero_extend 56"} zero_extend56_8(bv8) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1956bv64) == 1bv8); @@ -110,7 +110,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -121,7 +121,7 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() modifies Gamma_R0, Gamma_R1, Gamma_mem, R0, R1, mem; diff --git a/src/test/correct/initialisation/gcc_O2/initialisation.expected b/src/test/correct/initialisation/gcc_O2/initialisation.expected index efbe908d1..5902dc0d3 100644 --- a/src/test/correct/initialisation/gcc_O2/initialisation.expected +++ b/src/test/correct/initialisation/gcc_O2/initialisation.expected @@ -79,7 +79,7 @@ function memory_store8_le(memory: [bv64]bv8, index: bv64, value: bv8) returns ([ function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); function {:bvbuiltin "zero_extend 56"} zero_extend56_8(bv8) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1896bv64) == 1bv8); @@ -120,7 +120,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -131,7 +131,7 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() modifies Gamma_R0, Gamma_R1, Gamma_R2, Gamma_R3, Gamma_R4, Gamma_R5, Gamma_R6, Gamma_mem, R0, R1, R2, R3, R4, R5, R6, mem; diff --git a/src/test/correct/initialisation/gcc_no_plt_no_pic/initialisation.expected b/src/test/correct/initialisation/gcc_no_plt_no_pic/initialisation.expected index 6d74c9b96..e6ae1203b 100644 --- a/src/test/correct/initialisation/gcc_no_plt_no_pic/initialisation.expected +++ b/src/test/correct/initialisation/gcc_no_plt_no_pic/initialisation.expected @@ -69,7 +69,7 @@ function memory_store8_le(memory: [bv64]bv8, index: bv64, value: bv8) returns ([ function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); function {:bvbuiltin "zero_extend 56"} zero_extend56_8(bv8) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1956bv64) == 1bv8); @@ -110,7 +110,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -121,7 +121,7 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() modifies Gamma_R0, Gamma_R1, Gamma_mem, R0, R1, mem; diff --git a/src/test/correct/initialisation/gcc_pic/initialisation.expected b/src/test/correct/initialisation/gcc_pic/initialisation.expected index dac3b35c3..fdef9652e 100644 --- a/src/test/correct/initialisation/gcc_pic/initialisation.expected +++ b/src/test/correct/initialisation/gcc_pic/initialisation.expected @@ -69,7 +69,7 @@ function memory_store8_le(memory: [bv64]bv8, index: bv64, value: bv8) returns ([ function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); function {:bvbuiltin "zero_extend 56"} zero_extend56_8(bv8) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 2084bv64) == 1bv8); @@ -142,7 +142,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 68999bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -153,7 +153,7 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() modifies Gamma_R0, Gamma_R1, Gamma_mem, R0, R1, mem; diff --git a/src/test/correct/jumptable/clang_O2/jumptable.expected b/src/test/correct/jumptable/clang_O2/jumptable.expected index 481d8d802..508a59310 100644 --- a/src/test/correct/jumptable/clang_O2/jumptable.expected +++ b/src/test/correct/jumptable/clang_O2/jumptable.expected @@ -38,7 +38,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1916bv64) == 1bv8); @@ -79,7 +79,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -90,7 +90,7 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() modifies Gamma_R0, Gamma_R8, Gamma_R9, Gamma_mem, R0, R8, R9, mem; diff --git a/src/test/correct/jumptable/gcc_O2/jumptable.expected b/src/test/correct/jumptable/gcc_O2/jumptable.expected index 72e466907..5db7e4907 100644 --- a/src/test/correct/jumptable/gcc_O2/jumptable.expected +++ b/src/test/correct/jumptable/gcc_O2/jumptable.expected @@ -60,7 +60,7 @@ function memory_store64_le(memory: [bv64]bv8, index: bv64, value: bv64) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1976bv64) == 1bv8); @@ -101,7 +101,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -112,7 +112,7 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure add_six() modifies Gamma_R0, Gamma_R1, Gamma_mem, R0, R1, mem; diff --git a/src/test/correct/jumptable3/gcc/jumptable3.expected b/src/test/correct/jumptable3/gcc/jumptable3.expected index 8a8a9edd4..b8e5b1154 100644 --- a/src/test/correct/jumptable3/gcc/jumptable3.expected +++ b/src/test/correct/jumptable3/gcc/jumptable3.expected @@ -64,7 +64,7 @@ function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 1"} zero_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 2356bv64) == 1bv8); @@ -105,7 +105,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -116,7 +116,7 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure add_six() modifies Gamma_R0, Gamma_R1, Gamma_mem, R0, R1, mem; diff --git a/src/test/correct/jumptable3/gcc_O2/jumptable3.expected b/src/test/correct/jumptable3/gcc_O2/jumptable3.expected index 0d7026197..bf0bc5c31 100644 --- a/src/test/correct/jumptable3/gcc_O2/jumptable3.expected +++ b/src/test/correct/jumptable3/gcc_O2/jumptable3.expected @@ -40,7 +40,7 @@ function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 1"} zero_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 2232bv64) == 1bv8); @@ -81,7 +81,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -92,7 +92,7 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() modifies Gamma_R0, Gamma_R1, Gamma_mem, R0, R1, mem; diff --git a/src/test/correct/jumptable3/gcc_no_plt_no_pic/jumptable3.expected b/src/test/correct/jumptable3/gcc_no_plt_no_pic/jumptable3.expected index 8316ba06d..a6cb75ea3 100644 --- a/src/test/correct/jumptable3/gcc_no_plt_no_pic/jumptable3.expected +++ b/src/test/correct/jumptable3/gcc_no_plt_no_pic/jumptable3.expected @@ -64,7 +64,7 @@ function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 1"} zero_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 2356bv64) == 1bv8); @@ -105,7 +105,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -116,7 +116,7 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure add_six() modifies Gamma_R0, Gamma_R1, Gamma_mem, R0, R1, mem; diff --git a/src/test/correct/jumptable3/gcc_pic/jumptable3.expected b/src/test/correct/jumptable3/gcc_pic/jumptable3.expected index 7238d2ab3..848f8d9ad 100644 --- a/src/test/correct/jumptable3/gcc_pic/jumptable3.expected +++ b/src/test/correct/jumptable3/gcc_pic/jumptable3.expected @@ -64,7 +64,7 @@ function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 1"} zero_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 2420bv64) == 1bv8); @@ -113,7 +113,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69015bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -124,7 +124,7 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure add_six() modifies Gamma_R0, Gamma_R1, Gamma_mem, R0, R1, mem; diff --git a/src/test/correct/malloc_with_local/clang/malloc_with_local.expected b/src/test/correct/malloc_with_local/clang/malloc_with_local.expected index f5155a44b..152aff0da 100644 --- a/src/test/correct/malloc_with_local/clang/malloc_with_local.expected +++ b/src/test/correct/malloc_with_local/clang/malloc_with_local.expected @@ -78,7 +78,7 @@ function memory_store8_le(memory: [bv64]bv8, index: bv64, value: bv8) returns ([ function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); function {:bvbuiltin "zero_extend 56"} zero_extend56_8(bv8) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 2256bv64) == 1bv8); @@ -179,7 +179,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69703bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -190,10 +190,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure #free(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2256bv64) == 1bv8); free requires (memory_load8_le(mem, 2257bv64) == 0bv8); free requires (memory_load8_le(mem, 2258bv64) == 2bv8); @@ -683,7 +683,7 @@ procedure main() } procedure malloc(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2256bv64) == 1bv8); free requires (memory_load8_le(mem, 2257bv64) == 0bv8); free requires (memory_load8_le(mem, 2258bv64) == 2bv8); @@ -878,7 +878,7 @@ procedure malloc(); free ensures (memory_load8_le(mem, 69703bv64) == 0bv8); procedure printf(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2256bv64) == 1bv8); free requires (memory_load8_le(mem, 2257bv64) == 0bv8); free requires (memory_load8_le(mem, 2258bv64) == 2bv8); diff --git a/src/test/correct/malloc_with_local/clang_O2/malloc_with_local.expected b/src/test/correct/malloc_with_local/clang_O2/malloc_with_local.expected index 1254f4747..6ecb21b64 100644 --- a/src/test/correct/malloc_with_local/clang_O2/malloc_with_local.expected +++ b/src/test/correct/malloc_with_local/clang_O2/malloc_with_local.expected @@ -40,7 +40,7 @@ function memory_store64_le(memory: [bv64]bv8, index: bv64, value: bv64) returns } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1964bv64) == 1bv8); @@ -141,7 +141,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69687bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -152,10 +152,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() - modifies Gamma_R0, Gamma_R1, Gamma_R16, Gamma_R17, Gamma_R29, Gamma_R30, Gamma_R31, Gamma_mem, Gamma_stack, R0, R1, R16, R17, R29, R30, R31, mem, stack; + modifies Gamma_R0, Gamma_R1, Gamma_R16, Gamma_R17, Gamma_R29, Gamma_R30, Gamma_R31, Gamma_stack, R0, R1, R16, R17, R29, R30, R31, stack; free requires (memory_load8_le(mem, 69672bv64) == 0bv8); free requires (memory_load8_le(mem, 69673bv64) == 0bv8); free requires (memory_load8_le(mem, 69674bv64) == 0bv8); @@ -406,7 +406,7 @@ procedure main() } procedure printf(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 1964bv64) == 1bv8); free requires (memory_load8_le(mem, 1965bv64) == 0bv8); free requires (memory_load8_le(mem, 1966bv64) == 2bv8); diff --git a/src/test/correct/malloc_with_local/clang_no_plt_no_pic/malloc_with_local.expected b/src/test/correct/malloc_with_local/clang_no_plt_no_pic/malloc_with_local.expected index bf29d7870..cd0687851 100644 --- a/src/test/correct/malloc_with_local/clang_no_plt_no_pic/malloc_with_local.expected +++ b/src/test/correct/malloc_with_local/clang_no_plt_no_pic/malloc_with_local.expected @@ -78,7 +78,7 @@ function memory_store8_le(memory: [bv64]bv8, index: bv64, value: bv8) returns ([ function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); function {:bvbuiltin "zero_extend 56"} zero_extend56_8(bv8) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 2256bv64) == 1bv8); @@ -179,7 +179,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69703bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -190,10 +190,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure #free(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2256bv64) == 1bv8); free requires (memory_load8_le(mem, 2257bv64) == 0bv8); free requires (memory_load8_le(mem, 2258bv64) == 2bv8); @@ -683,7 +683,7 @@ procedure main() } procedure malloc(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2256bv64) == 1bv8); free requires (memory_load8_le(mem, 2257bv64) == 0bv8); free requires (memory_load8_le(mem, 2258bv64) == 2bv8); @@ -878,7 +878,7 @@ procedure malloc(); free ensures (memory_load8_le(mem, 69703bv64) == 0bv8); procedure printf(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2256bv64) == 1bv8); free requires (memory_load8_le(mem, 2257bv64) == 0bv8); free requires (memory_load8_le(mem, 2258bv64) == 2bv8); diff --git a/src/test/correct/malloc_with_local/clang_pic/malloc_with_local.expected b/src/test/correct/malloc_with_local/clang_pic/malloc_with_local.expected index bf29d7870..cd0687851 100644 --- a/src/test/correct/malloc_with_local/clang_pic/malloc_with_local.expected +++ b/src/test/correct/malloc_with_local/clang_pic/malloc_with_local.expected @@ -78,7 +78,7 @@ function memory_store8_le(memory: [bv64]bv8, index: bv64, value: bv8) returns ([ function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); function {:bvbuiltin "zero_extend 56"} zero_extend56_8(bv8) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 2256bv64) == 1bv8); @@ -179,7 +179,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69703bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -190,10 +190,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure #free(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2256bv64) == 1bv8); free requires (memory_load8_le(mem, 2257bv64) == 0bv8); free requires (memory_load8_le(mem, 2258bv64) == 2bv8); @@ -683,7 +683,7 @@ procedure main() } procedure malloc(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2256bv64) == 1bv8); free requires (memory_load8_le(mem, 2257bv64) == 0bv8); free requires (memory_load8_le(mem, 2258bv64) == 2bv8); @@ -878,7 +878,7 @@ procedure malloc(); free ensures (memory_load8_le(mem, 69703bv64) == 0bv8); procedure printf(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2256bv64) == 1bv8); free requires (memory_load8_le(mem, 2257bv64) == 0bv8); free requires (memory_load8_le(mem, 2258bv64) == 2bv8); diff --git a/src/test/correct/malloc_with_local/gcc/malloc_with_local.expected b/src/test/correct/malloc_with_local/gcc/malloc_with_local.expected index ef68c1ca6..746e71b97 100644 --- a/src/test/correct/malloc_with_local/gcc/malloc_with_local.expected +++ b/src/test/correct/malloc_with_local/gcc/malloc_with_local.expected @@ -74,7 +74,7 @@ function memory_store8_le(memory: [bv64]bv8, index: bv64, value: bv8) returns ([ function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); function {:bvbuiltin "zero_extend 56"} zero_extend56_8(bv8) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 2248bv64) == 1bv8); @@ -186,7 +186,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -197,10 +197,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure #free(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2248bv64) == 1bv8); free requires (memory_load8_le(mem, 2249bv64) == 0bv8); free requires (memory_load8_le(mem, 2250bv64) == 2bv8); @@ -730,7 +730,7 @@ procedure main() } procedure malloc(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2248bv64) == 1bv8); free requires (memory_load8_le(mem, 2249bv64) == 0bv8); free requires (memory_load8_le(mem, 2250bv64) == 2bv8); @@ -947,7 +947,7 @@ procedure malloc(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure printf(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2248bv64) == 1bv8); free requires (memory_load8_le(mem, 2249bv64) == 0bv8); free requires (memory_load8_le(mem, 2250bv64) == 2bv8); diff --git a/src/test/correct/malloc_with_local/gcc_O2/malloc_with_local.expected b/src/test/correct/malloc_with_local/gcc_O2/malloc_with_local.expected index b5304161b..0226bf176 100644 --- a/src/test/correct/malloc_with_local/gcc_O2/malloc_with_local.expected +++ b/src/test/correct/malloc_with_local/gcc_O2/malloc_with_local.expected @@ -42,7 +42,7 @@ function memory_store64_le(memory: [bv64]bv8, index: bv64, value: bv64) returns } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 2088bv64) == 1bv8); @@ -154,7 +154,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -165,10 +165,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure __printf_chk(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2088bv64) == 1bv8); free requires (memory_load8_le(mem, 2089bv64) == 0bv8); free requires (memory_load8_le(mem, 2090bv64) == 2bv8); @@ -385,7 +385,7 @@ procedure __printf_chk(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure main() - modifies Gamma_R0, Gamma_R1, Gamma_R16, Gamma_R17, Gamma_R2, Gamma_R29, Gamma_R30, Gamma_R31, Gamma_mem, Gamma_stack, R0, R1, R16, R17, R2, R29, R30, R31, mem, stack; + modifies Gamma_R0, Gamma_R1, Gamma_R16, Gamma_R17, Gamma_R2, Gamma_R29, Gamma_R30, Gamma_R31, Gamma_stack, R0, R1, R16, R17, R2, R29, R30, R31, stack; free requires (memory_load8_le(mem, 69632bv64) == 0bv8); free requires (memory_load8_le(mem, 69633bv64) == 0bv8); free requires (memory_load8_le(mem, 69634bv64) == 0bv8); diff --git a/src/test/correct/malloc_with_local/gcc_no_plt_no_pic/malloc_with_local.expected b/src/test/correct/malloc_with_local/gcc_no_plt_no_pic/malloc_with_local.expected index 6fa2bab93..3a6f53042 100644 --- a/src/test/correct/malloc_with_local/gcc_no_plt_no_pic/malloc_with_local.expected +++ b/src/test/correct/malloc_with_local/gcc_no_plt_no_pic/malloc_with_local.expected @@ -74,7 +74,7 @@ function memory_store8_le(memory: [bv64]bv8, index: bv64, value: bv8) returns ([ function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); function {:bvbuiltin "zero_extend 56"} zero_extend56_8(bv8) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 2248bv64) == 1bv8); @@ -186,7 +186,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -197,10 +197,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure #free(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2248bv64) == 1bv8); free requires (memory_load8_le(mem, 2249bv64) == 0bv8); free requires (memory_load8_le(mem, 2250bv64) == 2bv8); @@ -730,7 +730,7 @@ procedure main() } procedure malloc(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2248bv64) == 1bv8); free requires (memory_load8_le(mem, 2249bv64) == 0bv8); free requires (memory_load8_le(mem, 2250bv64) == 2bv8); @@ -947,7 +947,7 @@ procedure malloc(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure printf(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2248bv64) == 1bv8); free requires (memory_load8_le(mem, 2249bv64) == 0bv8); free requires (memory_load8_le(mem, 2250bv64) == 2bv8); diff --git a/src/test/correct/malloc_with_local/gcc_pic/malloc_with_local.expected b/src/test/correct/malloc_with_local/gcc_pic/malloc_with_local.expected index 6fa2bab93..3a6f53042 100644 --- a/src/test/correct/malloc_with_local/gcc_pic/malloc_with_local.expected +++ b/src/test/correct/malloc_with_local/gcc_pic/malloc_with_local.expected @@ -74,7 +74,7 @@ function memory_store8_le(memory: [bv64]bv8, index: bv64, value: bv8) returns ([ function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); function {:bvbuiltin "zero_extend 56"} zero_extend56_8(bv8) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 2248bv64) == 1bv8); @@ -186,7 +186,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -197,10 +197,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure #free(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2248bv64) == 1bv8); free requires (memory_load8_le(mem, 2249bv64) == 0bv8); free requires (memory_load8_le(mem, 2250bv64) == 2bv8); @@ -730,7 +730,7 @@ procedure main() } procedure malloc(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2248bv64) == 1bv8); free requires (memory_load8_le(mem, 2249bv64) == 0bv8); free requires (memory_load8_le(mem, 2250bv64) == 2bv8); @@ -947,7 +947,7 @@ procedure malloc(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure printf(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2248bv64) == 1bv8); free requires (memory_load8_le(mem, 2249bv64) == 0bv8); free requires (memory_load8_le(mem, 2250bv64) == 2bv8); diff --git a/src/test/correct/malloc_with_local2/clang/malloc_with_local2.expected b/src/test/correct/malloc_with_local2/clang/malloc_with_local2.expected index 12c402393..3f1de863a 100644 --- a/src/test/correct/malloc_with_local2/clang/malloc_with_local2.expected +++ b/src/test/correct/malloc_with_local2/clang/malloc_with_local2.expected @@ -78,7 +78,7 @@ function memory_store8_le(memory: [bv64]bv8, index: bv64, value: bv8) returns ([ function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); function {:bvbuiltin "zero_extend 56"} zero_extend56_8(bv8) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 2292bv64) == 1bv8); @@ -179,7 +179,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69703bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -190,10 +190,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure #free(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2292bv64) == 1bv8); free requires (memory_load8_le(mem, 2293bv64) == 0bv8); free requires (memory_load8_le(mem, 2294bv64) == 2bv8); @@ -695,7 +695,7 @@ procedure main() } procedure malloc(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2292bv64) == 1bv8); free requires (memory_load8_le(mem, 2293bv64) == 0bv8); free requires (memory_load8_le(mem, 2294bv64) == 2bv8); @@ -890,7 +890,7 @@ procedure malloc(); free ensures (memory_load8_le(mem, 69703bv64) == 0bv8); procedure printf(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2292bv64) == 1bv8); free requires (memory_load8_le(mem, 2293bv64) == 0bv8); free requires (memory_load8_le(mem, 2294bv64) == 2bv8); diff --git a/src/test/correct/malloc_with_local2/clang_O2/malloc_with_local2.expected b/src/test/correct/malloc_with_local2/clang_O2/malloc_with_local2.expected index 1254f4747..6ecb21b64 100644 --- a/src/test/correct/malloc_with_local2/clang_O2/malloc_with_local2.expected +++ b/src/test/correct/malloc_with_local2/clang_O2/malloc_with_local2.expected @@ -40,7 +40,7 @@ function memory_store64_le(memory: [bv64]bv8, index: bv64, value: bv64) returns } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1964bv64) == 1bv8); @@ -141,7 +141,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69687bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -152,10 +152,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() - modifies Gamma_R0, Gamma_R1, Gamma_R16, Gamma_R17, Gamma_R29, Gamma_R30, Gamma_R31, Gamma_mem, Gamma_stack, R0, R1, R16, R17, R29, R30, R31, mem, stack; + modifies Gamma_R0, Gamma_R1, Gamma_R16, Gamma_R17, Gamma_R29, Gamma_R30, Gamma_R31, Gamma_stack, R0, R1, R16, R17, R29, R30, R31, stack; free requires (memory_load8_le(mem, 69672bv64) == 0bv8); free requires (memory_load8_le(mem, 69673bv64) == 0bv8); free requires (memory_load8_le(mem, 69674bv64) == 0bv8); @@ -406,7 +406,7 @@ procedure main() } procedure printf(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 1964bv64) == 1bv8); free requires (memory_load8_le(mem, 1965bv64) == 0bv8); free requires (memory_load8_le(mem, 1966bv64) == 2bv8); diff --git a/src/test/correct/malloc_with_local2/clang_no_plt_no_pic/malloc_with_local2.expected b/src/test/correct/malloc_with_local2/clang_no_plt_no_pic/malloc_with_local2.expected index 6430a31cc..4552108bd 100644 --- a/src/test/correct/malloc_with_local2/clang_no_plt_no_pic/malloc_with_local2.expected +++ b/src/test/correct/malloc_with_local2/clang_no_plt_no_pic/malloc_with_local2.expected @@ -78,7 +78,7 @@ function memory_store8_le(memory: [bv64]bv8, index: bv64, value: bv8) returns ([ function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); function {:bvbuiltin "zero_extend 56"} zero_extend56_8(bv8) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 2292bv64) == 1bv8); @@ -179,7 +179,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69703bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -190,10 +190,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure #free(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2292bv64) == 1bv8); free requires (memory_load8_le(mem, 2293bv64) == 0bv8); free requires (memory_load8_le(mem, 2294bv64) == 2bv8); @@ -695,7 +695,7 @@ procedure main() } procedure malloc(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2292bv64) == 1bv8); free requires (memory_load8_le(mem, 2293bv64) == 0bv8); free requires (memory_load8_le(mem, 2294bv64) == 2bv8); @@ -890,7 +890,7 @@ procedure malloc(); free ensures (memory_load8_le(mem, 69703bv64) == 0bv8); procedure printf(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2292bv64) == 1bv8); free requires (memory_load8_le(mem, 2293bv64) == 0bv8); free requires (memory_load8_le(mem, 2294bv64) == 2bv8); diff --git a/src/test/correct/malloc_with_local2/clang_pic/malloc_with_local2.expected b/src/test/correct/malloc_with_local2/clang_pic/malloc_with_local2.expected index 6430a31cc..4552108bd 100644 --- a/src/test/correct/malloc_with_local2/clang_pic/malloc_with_local2.expected +++ b/src/test/correct/malloc_with_local2/clang_pic/malloc_with_local2.expected @@ -78,7 +78,7 @@ function memory_store8_le(memory: [bv64]bv8, index: bv64, value: bv8) returns ([ function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); function {:bvbuiltin "zero_extend 56"} zero_extend56_8(bv8) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 2292bv64) == 1bv8); @@ -179,7 +179,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69703bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -190,10 +190,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure #free(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2292bv64) == 1bv8); free requires (memory_load8_le(mem, 2293bv64) == 0bv8); free requires (memory_load8_le(mem, 2294bv64) == 2bv8); @@ -695,7 +695,7 @@ procedure main() } procedure malloc(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2292bv64) == 1bv8); free requires (memory_load8_le(mem, 2293bv64) == 0bv8); free requires (memory_load8_le(mem, 2294bv64) == 2bv8); @@ -890,7 +890,7 @@ procedure malloc(); free ensures (memory_load8_le(mem, 69703bv64) == 0bv8); procedure printf(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2292bv64) == 1bv8); free requires (memory_load8_le(mem, 2293bv64) == 0bv8); free requires (memory_load8_le(mem, 2294bv64) == 2bv8); diff --git a/src/test/correct/malloc_with_local2/gcc/malloc_with_local2.expected b/src/test/correct/malloc_with_local2/gcc/malloc_with_local2.expected index 30845a01c..2b193e1e8 100644 --- a/src/test/correct/malloc_with_local2/gcc/malloc_with_local2.expected +++ b/src/test/correct/malloc_with_local2/gcc/malloc_with_local2.expected @@ -74,7 +74,7 @@ function memory_store8_le(memory: [bv64]bv8, index: bv64, value: bv8) returns ([ function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); function {:bvbuiltin "zero_extend 56"} zero_extend56_8(bv8) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 2272bv64) == 1bv8); @@ -186,7 +186,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -197,10 +197,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure #free(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2272bv64) == 1bv8); free requires (memory_load8_le(mem, 2273bv64) == 0bv8); free requires (memory_load8_le(mem, 2274bv64) == 2bv8); @@ -740,7 +740,7 @@ procedure main() } procedure malloc(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2272bv64) == 1bv8); free requires (memory_load8_le(mem, 2273bv64) == 0bv8); free requires (memory_load8_le(mem, 2274bv64) == 2bv8); @@ -957,7 +957,7 @@ procedure malloc(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure printf(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2272bv64) == 1bv8); free requires (memory_load8_le(mem, 2273bv64) == 0bv8); free requires (memory_load8_le(mem, 2274bv64) == 2bv8); diff --git a/src/test/correct/malloc_with_local2/gcc_O2/malloc_with_local2.expected b/src/test/correct/malloc_with_local2/gcc_O2/malloc_with_local2.expected index b5304161b..0226bf176 100644 --- a/src/test/correct/malloc_with_local2/gcc_O2/malloc_with_local2.expected +++ b/src/test/correct/malloc_with_local2/gcc_O2/malloc_with_local2.expected @@ -42,7 +42,7 @@ function memory_store64_le(memory: [bv64]bv8, index: bv64, value: bv64) returns } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 2088bv64) == 1bv8); @@ -154,7 +154,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -165,10 +165,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure __printf_chk(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2088bv64) == 1bv8); free requires (memory_load8_le(mem, 2089bv64) == 0bv8); free requires (memory_load8_le(mem, 2090bv64) == 2bv8); @@ -385,7 +385,7 @@ procedure __printf_chk(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure main() - modifies Gamma_R0, Gamma_R1, Gamma_R16, Gamma_R17, Gamma_R2, Gamma_R29, Gamma_R30, Gamma_R31, Gamma_mem, Gamma_stack, R0, R1, R16, R17, R2, R29, R30, R31, mem, stack; + modifies Gamma_R0, Gamma_R1, Gamma_R16, Gamma_R17, Gamma_R2, Gamma_R29, Gamma_R30, Gamma_R31, Gamma_stack, R0, R1, R16, R17, R2, R29, R30, R31, stack; free requires (memory_load8_le(mem, 69632bv64) == 0bv8); free requires (memory_load8_le(mem, 69633bv64) == 0bv8); free requires (memory_load8_le(mem, 69634bv64) == 0bv8); diff --git a/src/test/correct/malloc_with_local2/gcc_no_plt_no_pic/malloc_with_local2.expected b/src/test/correct/malloc_with_local2/gcc_no_plt_no_pic/malloc_with_local2.expected index 9ed117f26..def33f328 100644 --- a/src/test/correct/malloc_with_local2/gcc_no_plt_no_pic/malloc_with_local2.expected +++ b/src/test/correct/malloc_with_local2/gcc_no_plt_no_pic/malloc_with_local2.expected @@ -74,7 +74,7 @@ function memory_store8_le(memory: [bv64]bv8, index: bv64, value: bv8) returns ([ function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); function {:bvbuiltin "zero_extend 56"} zero_extend56_8(bv8) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 2272bv64) == 1bv8); @@ -186,7 +186,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -197,10 +197,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure #free(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2272bv64) == 1bv8); free requires (memory_load8_le(mem, 2273bv64) == 0bv8); free requires (memory_load8_le(mem, 2274bv64) == 2bv8); @@ -740,7 +740,7 @@ procedure main() } procedure malloc(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2272bv64) == 1bv8); free requires (memory_load8_le(mem, 2273bv64) == 0bv8); free requires (memory_load8_le(mem, 2274bv64) == 2bv8); @@ -957,7 +957,7 @@ procedure malloc(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure printf(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2272bv64) == 1bv8); free requires (memory_load8_le(mem, 2273bv64) == 0bv8); free requires (memory_load8_le(mem, 2274bv64) == 2bv8); diff --git a/src/test/correct/malloc_with_local2/gcc_pic/malloc_with_local2.expected b/src/test/correct/malloc_with_local2/gcc_pic/malloc_with_local2.expected index 9ed117f26..def33f328 100644 --- a/src/test/correct/malloc_with_local2/gcc_pic/malloc_with_local2.expected +++ b/src/test/correct/malloc_with_local2/gcc_pic/malloc_with_local2.expected @@ -74,7 +74,7 @@ function memory_store8_le(memory: [bv64]bv8, index: bv64, value: bv8) returns ([ function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); function {:bvbuiltin "zero_extend 56"} zero_extend56_8(bv8) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 2272bv64) == 1bv8); @@ -186,7 +186,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -197,10 +197,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure #free(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2272bv64) == 1bv8); free requires (memory_load8_le(mem, 2273bv64) == 0bv8); free requires (memory_load8_le(mem, 2274bv64) == 2bv8); @@ -740,7 +740,7 @@ procedure main() } procedure malloc(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2272bv64) == 1bv8); free requires (memory_load8_le(mem, 2273bv64) == 0bv8); free requires (memory_load8_le(mem, 2274bv64) == 2bv8); @@ -957,7 +957,7 @@ procedure malloc(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure printf(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2272bv64) == 1bv8); free requires (memory_load8_le(mem, 2273bv64) == 0bv8); free requires (memory_load8_le(mem, 2274bv64) == 2bv8); diff --git a/src/test/correct/malloc_with_local3/clang/malloc_with_local3.expected b/src/test/correct/malloc_with_local3/clang/malloc_with_local3.expected index a1a69b476..60ac9d4d2 100644 --- a/src/test/correct/malloc_with_local3/clang/malloc_with_local3.expected +++ b/src/test/correct/malloc_with_local3/clang/malloc_with_local3.expected @@ -79,7 +79,7 @@ function memory_store8_le(memory: [bv64]bv8, index: bv64, value: bv8) returns ([ function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); function {:bvbuiltin "zero_extend 56"} zero_extend56_8(bv8) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 2344bv64) == 1bv8); @@ -186,7 +186,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69703bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -197,10 +197,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure #free(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2344bv64) == 1bv8); free requires (memory_load8_le(mem, 2345bv64) == 0bv8); free requires (memory_load8_le(mem, 2346bv64) == 2bv8); @@ -722,7 +722,7 @@ procedure main() } procedure malloc(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2344bv64) == 1bv8); free requires (memory_load8_le(mem, 2345bv64) == 0bv8); free requires (memory_load8_le(mem, 2346bv64) == 2bv8); @@ -1174,7 +1174,7 @@ procedure printCharValue() } procedure printf(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2344bv64) == 1bv8); free requires (memory_load8_le(mem, 2345bv64) == 0bv8); free requires (memory_load8_le(mem, 2346bv64) == 2bv8); diff --git a/src/test/correct/malloc_with_local3/clang_O2/malloc_with_local3.expected b/src/test/correct/malloc_with_local3/clang_O2/malloc_with_local3.expected index 89691d744..fcdb3676c 100644 --- a/src/test/correct/malloc_with_local3/clang_O2/malloc_with_local3.expected +++ b/src/test/correct/malloc_with_local3/clang_O2/malloc_with_local3.expected @@ -40,7 +40,7 @@ function memory_store64_le(memory: [bv64]bv8, index: bv64, value: bv64) returns } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1996bv64) == 1bv8); @@ -147,7 +147,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69687bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -158,10 +158,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() - modifies Gamma_R0, Gamma_R1, Gamma_R16, Gamma_R17, Gamma_R29, Gamma_R30, Gamma_R31, Gamma_mem, Gamma_stack, R0, R1, R16, R17, R29, R30, R31, mem, stack; + modifies Gamma_R0, Gamma_R1, Gamma_R16, Gamma_R17, Gamma_R29, Gamma_R30, Gamma_R31, Gamma_stack, R0, R1, R16, R17, R29, R30, R31, stack; free requires (memory_load8_le(mem, 69672bv64) == 0bv8); free requires (memory_load8_le(mem, 69673bv64) == 0bv8); free requires (memory_load8_le(mem, 69674bv64) == 0bv8); @@ -424,7 +424,7 @@ procedure main() } procedure printf(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 1996bv64) == 1bv8); free requires (memory_load8_le(mem, 1997bv64) == 0bv8); free requires (memory_load8_le(mem, 1998bv64) == 2bv8); diff --git a/src/test/correct/malloc_with_local3/clang_no_plt_no_pic/malloc_with_local3.expected b/src/test/correct/malloc_with_local3/clang_no_plt_no_pic/malloc_with_local3.expected index eeaa12eb2..c837ae5b3 100644 --- a/src/test/correct/malloc_with_local3/clang_no_plt_no_pic/malloc_with_local3.expected +++ b/src/test/correct/malloc_with_local3/clang_no_plt_no_pic/malloc_with_local3.expected @@ -79,7 +79,7 @@ function memory_store8_le(memory: [bv64]bv8, index: bv64, value: bv8) returns ([ function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); function {:bvbuiltin "zero_extend 56"} zero_extend56_8(bv8) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 2344bv64) == 1bv8); @@ -186,7 +186,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69703bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -197,10 +197,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure #free(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2344bv64) == 1bv8); free requires (memory_load8_le(mem, 2345bv64) == 0bv8); free requires (memory_load8_le(mem, 2346bv64) == 2bv8); @@ -722,7 +722,7 @@ procedure main() } procedure malloc(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2344bv64) == 1bv8); free requires (memory_load8_le(mem, 2345bv64) == 0bv8); free requires (memory_load8_le(mem, 2346bv64) == 2bv8); @@ -1174,7 +1174,7 @@ procedure printCharValue() } procedure printf(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2344bv64) == 1bv8); free requires (memory_load8_le(mem, 2345bv64) == 0bv8); free requires (memory_load8_le(mem, 2346bv64) == 2bv8); diff --git a/src/test/correct/malloc_with_local3/clang_pic/malloc_with_local3.expected b/src/test/correct/malloc_with_local3/clang_pic/malloc_with_local3.expected index eeaa12eb2..c837ae5b3 100644 --- a/src/test/correct/malloc_with_local3/clang_pic/malloc_with_local3.expected +++ b/src/test/correct/malloc_with_local3/clang_pic/malloc_with_local3.expected @@ -79,7 +79,7 @@ function memory_store8_le(memory: [bv64]bv8, index: bv64, value: bv8) returns ([ function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); function {:bvbuiltin "zero_extend 56"} zero_extend56_8(bv8) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 2344bv64) == 1bv8); @@ -186,7 +186,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69703bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -197,10 +197,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure #free(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2344bv64) == 1bv8); free requires (memory_load8_le(mem, 2345bv64) == 0bv8); free requires (memory_load8_le(mem, 2346bv64) == 2bv8); @@ -722,7 +722,7 @@ procedure main() } procedure malloc(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2344bv64) == 1bv8); free requires (memory_load8_le(mem, 2345bv64) == 0bv8); free requires (memory_load8_le(mem, 2346bv64) == 2bv8); @@ -1174,7 +1174,7 @@ procedure printCharValue() } procedure printf(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2344bv64) == 1bv8); free requires (memory_load8_le(mem, 2345bv64) == 0bv8); free requires (memory_load8_le(mem, 2346bv64) == 2bv8); diff --git a/src/test/correct/malloc_with_local3/gcc/malloc_with_local3.expected b/src/test/correct/malloc_with_local3/gcc/malloc_with_local3.expected index b78aa891b..c96cea995 100644 --- a/src/test/correct/malloc_with_local3/gcc/malloc_with_local3.expected +++ b/src/test/correct/malloc_with_local3/gcc/malloc_with_local3.expected @@ -75,7 +75,7 @@ function memory_store8_le(memory: [bv64]bv8, index: bv64, value: bv8) returns ([ function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); function {:bvbuiltin "zero_extend 56"} zero_extend56_8(bv8) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 2328bv64) == 1bv8); @@ -191,7 +191,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -202,10 +202,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure #free(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2328bv64) == 1bv8); free requires (memory_load8_le(mem, 2329bv64) == 0bv8); free requires (memory_load8_le(mem, 2330bv64) == 2bv8); @@ -756,7 +756,7 @@ procedure main() } procedure malloc(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2328bv64) == 1bv8); free requires (memory_load8_le(mem, 2329bv64) == 0bv8); free requires (memory_load8_le(mem, 2330bv64) == 2bv8); @@ -1244,7 +1244,7 @@ procedure printCharValue() } procedure printf(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2328bv64) == 1bv8); free requires (memory_load8_le(mem, 2329bv64) == 0bv8); free requires (memory_load8_le(mem, 2330bv64) == 2bv8); diff --git a/src/test/correct/malloc_with_local3/gcc_O2/malloc_with_local3.expected b/src/test/correct/malloc_with_local3/gcc_O2/malloc_with_local3.expected index 99efcc28a..590d1c18b 100644 --- a/src/test/correct/malloc_with_local3/gcc_O2/malloc_with_local3.expected +++ b/src/test/correct/malloc_with_local3/gcc_O2/malloc_with_local3.expected @@ -65,7 +65,7 @@ function memory_store8_le(memory: [bv64]bv8, index: bv64, value: bv8) returns ([ function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); function {:bvbuiltin "zero_extend 56"} zero_extend56_8(bv8) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 2264bv64) == 1bv8); @@ -177,7 +177,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -188,10 +188,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure __printf_chk(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2264bv64) == 1bv8); free requires (memory_load8_le(mem, 2265bv64) == 0bv8); free requires (memory_load8_le(mem, 2266bv64) == 2bv8); @@ -408,7 +408,7 @@ procedure __printf_chk(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure #free(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2264bv64) == 1bv8); free requires (memory_load8_le(mem, 2265bv64) == 0bv8); free requires (memory_load8_le(mem, 2266bv64) == 2bv8); @@ -916,7 +916,7 @@ procedure main() } procedure malloc(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2264bv64) == 1bv8); free requires (memory_load8_le(mem, 2265bv64) == 0bv8); free requires (memory_load8_le(mem, 2266bv64) == 2bv8); diff --git a/src/test/correct/malloc_with_local3/gcc_no_plt_no_pic/malloc_with_local3.expected b/src/test/correct/malloc_with_local3/gcc_no_plt_no_pic/malloc_with_local3.expected index 8d8001f9c..743895881 100644 --- a/src/test/correct/malloc_with_local3/gcc_no_plt_no_pic/malloc_with_local3.expected +++ b/src/test/correct/malloc_with_local3/gcc_no_plt_no_pic/malloc_with_local3.expected @@ -75,7 +75,7 @@ function memory_store8_le(memory: [bv64]bv8, index: bv64, value: bv8) returns ([ function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); function {:bvbuiltin "zero_extend 56"} zero_extend56_8(bv8) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 2328bv64) == 1bv8); @@ -191,7 +191,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -202,10 +202,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure #free(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2328bv64) == 1bv8); free requires (memory_load8_le(mem, 2329bv64) == 0bv8); free requires (memory_load8_le(mem, 2330bv64) == 2bv8); @@ -756,7 +756,7 @@ procedure main() } procedure malloc(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2328bv64) == 1bv8); free requires (memory_load8_le(mem, 2329bv64) == 0bv8); free requires (memory_load8_le(mem, 2330bv64) == 2bv8); @@ -1244,7 +1244,7 @@ procedure printCharValue() } procedure printf(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2328bv64) == 1bv8); free requires (memory_load8_le(mem, 2329bv64) == 0bv8); free requires (memory_load8_le(mem, 2330bv64) == 2bv8); diff --git a/src/test/correct/malloc_with_local3/gcc_pic/malloc_with_local3.expected b/src/test/correct/malloc_with_local3/gcc_pic/malloc_with_local3.expected index 8d8001f9c..743895881 100644 --- a/src/test/correct/malloc_with_local3/gcc_pic/malloc_with_local3.expected +++ b/src/test/correct/malloc_with_local3/gcc_pic/malloc_with_local3.expected @@ -75,7 +75,7 @@ function memory_store8_le(memory: [bv64]bv8, index: bv64, value: bv8) returns ([ function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); function {:bvbuiltin "zero_extend 56"} zero_extend56_8(bv8) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 2328bv64) == 1bv8); @@ -191,7 +191,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -202,10 +202,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure #free(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2328bv64) == 1bv8); free requires (memory_load8_le(mem, 2329bv64) == 0bv8); free requires (memory_load8_le(mem, 2330bv64) == 2bv8); @@ -756,7 +756,7 @@ procedure main() } procedure malloc(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2328bv64) == 1bv8); free requires (memory_load8_le(mem, 2329bv64) == 0bv8); free requires (memory_load8_le(mem, 2330bv64) == 2bv8); @@ -1244,7 +1244,7 @@ procedure printCharValue() } procedure printf(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2328bv64) == 1bv8); free requires (memory_load8_le(mem, 2329bv64) == 0bv8); free requires (memory_load8_le(mem, 2330bv64) == 2bv8); diff --git a/src/test/correct/multi_malloc/clang/multi_malloc.expected b/src/test/correct/multi_malloc/clang/multi_malloc.expected index 92919c85a..5967285b6 100644 --- a/src/test/correct/multi_malloc/clang/multi_malloc.expected +++ b/src/test/correct/multi_malloc/clang/multi_malloc.expected @@ -78,7 +78,7 @@ function memory_store8_le(memory: [bv64]bv8, index: bv64, value: bv8) returns ([ function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); function {:bvbuiltin "zero_extend 56"} zero_extend56_8(bv8) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 2232bv64) == 1bv8); @@ -152,7 +152,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69703bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -163,10 +163,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure #free(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2232bv64) == 1bv8); free requires (memory_load8_le(mem, 2233bv64) == 0bv8); free requires (memory_load8_le(mem, 2234bv64) == 2bv8); @@ -539,7 +539,7 @@ procedure main() } procedure malloc(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2232bv64) == 1bv8); free requires (memory_load8_le(mem, 2233bv64) == 0bv8); free requires (memory_load8_le(mem, 2234bv64) == 2bv8); @@ -680,7 +680,7 @@ procedure malloc(); free ensures (memory_load8_le(mem, 69703bv64) == 0bv8); procedure printf(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2232bv64) == 1bv8); free requires (memory_load8_le(mem, 2233bv64) == 0bv8); free requires (memory_load8_le(mem, 2234bv64) == 2bv8); diff --git a/src/test/correct/multi_malloc/clang_O2/multi_malloc.expected b/src/test/correct/multi_malloc/clang_O2/multi_malloc.expected index 53a09e414..0b5e39a9b 100644 --- a/src/test/correct/multi_malloc/clang_O2/multi_malloc.expected +++ b/src/test/correct/multi_malloc/clang_O2/multi_malloc.expected @@ -40,7 +40,7 @@ function memory_store64_le(memory: [bv64]bv8, index: bv64, value: bv64) returns } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1948bv64) == 1bv8); @@ -114,7 +114,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69687bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -125,10 +125,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() - modifies Gamma_R0, Gamma_R1, Gamma_R16, Gamma_R17, Gamma_R29, Gamma_R30, Gamma_R31, Gamma_mem, Gamma_stack, R0, R1, R16, R17, R29, R30, R31, mem, stack; + modifies Gamma_R0, Gamma_R1, Gamma_R16, Gamma_R17, Gamma_R29, Gamma_R30, Gamma_R31, Gamma_stack, R0, R1, R16, R17, R29, R30, R31, stack; free requires (memory_load8_le(mem, 69672bv64) == 0bv8); free requires (memory_load8_le(mem, 69673bv64) == 0bv8); free requires (memory_load8_le(mem, 69674bv64) == 0bv8); @@ -318,7 +318,7 @@ procedure main() } procedure printf(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 1948bv64) == 1bv8); free requires (memory_load8_le(mem, 1949bv64) == 0bv8); free requires (memory_load8_le(mem, 1950bv64) == 2bv8); diff --git a/src/test/correct/multi_malloc/clang_no_plt_no_pic/multi_malloc.expected b/src/test/correct/multi_malloc/clang_no_plt_no_pic/multi_malloc.expected index c99233fb7..7b6181dcc 100644 --- a/src/test/correct/multi_malloc/clang_no_plt_no_pic/multi_malloc.expected +++ b/src/test/correct/multi_malloc/clang_no_plt_no_pic/multi_malloc.expected @@ -78,7 +78,7 @@ function memory_store8_le(memory: [bv64]bv8, index: bv64, value: bv8) returns ([ function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); function {:bvbuiltin "zero_extend 56"} zero_extend56_8(bv8) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 2232bv64) == 1bv8); @@ -152,7 +152,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69703bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -163,10 +163,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure #free(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2232bv64) == 1bv8); free requires (memory_load8_le(mem, 2233bv64) == 0bv8); free requires (memory_load8_le(mem, 2234bv64) == 2bv8); @@ -539,7 +539,7 @@ procedure main() } procedure malloc(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2232bv64) == 1bv8); free requires (memory_load8_le(mem, 2233bv64) == 0bv8); free requires (memory_load8_le(mem, 2234bv64) == 2bv8); @@ -680,7 +680,7 @@ procedure malloc(); free ensures (memory_load8_le(mem, 69703bv64) == 0bv8); procedure printf(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2232bv64) == 1bv8); free requires (memory_load8_le(mem, 2233bv64) == 0bv8); free requires (memory_load8_le(mem, 2234bv64) == 2bv8); diff --git a/src/test/correct/multi_malloc/clang_pic/multi_malloc.expected b/src/test/correct/multi_malloc/clang_pic/multi_malloc.expected index c99233fb7..7b6181dcc 100644 --- a/src/test/correct/multi_malloc/clang_pic/multi_malloc.expected +++ b/src/test/correct/multi_malloc/clang_pic/multi_malloc.expected @@ -78,7 +78,7 @@ function memory_store8_le(memory: [bv64]bv8, index: bv64, value: bv8) returns ([ function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); function {:bvbuiltin "zero_extend 56"} zero_extend56_8(bv8) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 2232bv64) == 1bv8); @@ -152,7 +152,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69703bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -163,10 +163,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure #free(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2232bv64) == 1bv8); free requires (memory_load8_le(mem, 2233bv64) == 0bv8); free requires (memory_load8_le(mem, 2234bv64) == 2bv8); @@ -539,7 +539,7 @@ procedure main() } procedure malloc(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2232bv64) == 1bv8); free requires (memory_load8_le(mem, 2233bv64) == 0bv8); free requires (memory_load8_le(mem, 2234bv64) == 2bv8); @@ -680,7 +680,7 @@ procedure malloc(); free ensures (memory_load8_le(mem, 69703bv64) == 0bv8); procedure printf(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2232bv64) == 1bv8); free requires (memory_load8_le(mem, 2233bv64) == 0bv8); free requires (memory_load8_le(mem, 2234bv64) == 2bv8); diff --git a/src/test/correct/multi_malloc/gcc/multi_malloc.expected b/src/test/correct/multi_malloc/gcc/multi_malloc.expected index dfea4ccb3..e50dfecd9 100644 --- a/src/test/correct/multi_malloc/gcc/multi_malloc.expected +++ b/src/test/correct/multi_malloc/gcc/multi_malloc.expected @@ -74,7 +74,7 @@ function memory_store8_le(memory: [bv64]bv8, index: bv64, value: bv8) returns ([ function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); function {:bvbuiltin "zero_extend 56"} zero_extend56_8(bv8) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 2224bv64) == 1bv8); @@ -159,7 +159,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -170,10 +170,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure #free(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2224bv64) == 1bv8); free requires (memory_load8_le(mem, 2225bv64) == 0bv8); free requires (memory_load8_le(mem, 2226bv64) == 2bv8); @@ -586,7 +586,7 @@ procedure main() } procedure malloc(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2224bv64) == 1bv8); free requires (memory_load8_le(mem, 2225bv64) == 0bv8); free requires (memory_load8_le(mem, 2226bv64) == 2bv8); @@ -749,7 +749,7 @@ procedure malloc(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure printf(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2224bv64) == 1bv8); free requires (memory_load8_le(mem, 2225bv64) == 0bv8); free requires (memory_load8_le(mem, 2226bv64) == 2bv8); diff --git a/src/test/correct/multi_malloc/gcc_O2/multi_malloc.expected b/src/test/correct/multi_malloc/gcc_O2/multi_malloc.expected index 34ae44da3..ddca94216 100644 --- a/src/test/correct/multi_malloc/gcc_O2/multi_malloc.expected +++ b/src/test/correct/multi_malloc/gcc_O2/multi_malloc.expected @@ -42,7 +42,7 @@ function memory_store64_le(memory: [bv64]bv8, index: bv64, value: bv64) returns } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 2024bv64) == 1bv8); @@ -127,7 +127,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -138,10 +138,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure __printf_chk(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2024bv64) == 1bv8); free requires (memory_load8_le(mem, 2025bv64) == 0bv8); free requires (memory_load8_le(mem, 2026bv64) == 2bv8); @@ -304,7 +304,7 @@ procedure __printf_chk(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure main() - modifies Gamma_R0, Gamma_R1, Gamma_R16, Gamma_R17, Gamma_R2, Gamma_R29, Gamma_R30, Gamma_R31, Gamma_mem, Gamma_stack, R0, R1, R16, R17, R2, R29, R30, R31, mem, stack; + modifies Gamma_R0, Gamma_R1, Gamma_R16, Gamma_R17, Gamma_R2, Gamma_R29, Gamma_R30, Gamma_R31, Gamma_stack, R0, R1, R16, R17, R2, R29, R30, R31, stack; free requires (memory_load8_le(mem, 69632bv64) == 0bv8); free requires (memory_load8_le(mem, 69633bv64) == 0bv8); free requires (memory_load8_le(mem, 69634bv64) == 0bv8); diff --git a/src/test/correct/multi_malloc/gcc_no_plt_no_pic/multi_malloc.expected b/src/test/correct/multi_malloc/gcc_no_plt_no_pic/multi_malloc.expected index 079058d6a..fbdc65c40 100644 --- a/src/test/correct/multi_malloc/gcc_no_plt_no_pic/multi_malloc.expected +++ b/src/test/correct/multi_malloc/gcc_no_plt_no_pic/multi_malloc.expected @@ -74,7 +74,7 @@ function memory_store8_le(memory: [bv64]bv8, index: bv64, value: bv8) returns ([ function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); function {:bvbuiltin "zero_extend 56"} zero_extend56_8(bv8) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 2224bv64) == 1bv8); @@ -159,7 +159,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -170,10 +170,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure #free(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2224bv64) == 1bv8); free requires (memory_load8_le(mem, 2225bv64) == 0bv8); free requires (memory_load8_le(mem, 2226bv64) == 2bv8); @@ -586,7 +586,7 @@ procedure main() } procedure malloc(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2224bv64) == 1bv8); free requires (memory_load8_le(mem, 2225bv64) == 0bv8); free requires (memory_load8_le(mem, 2226bv64) == 2bv8); @@ -749,7 +749,7 @@ procedure malloc(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure printf(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2224bv64) == 1bv8); free requires (memory_load8_le(mem, 2225bv64) == 0bv8); free requires (memory_load8_le(mem, 2226bv64) == 2bv8); diff --git a/src/test/correct/multi_malloc/gcc_pic/multi_malloc.expected b/src/test/correct/multi_malloc/gcc_pic/multi_malloc.expected index 079058d6a..fbdc65c40 100644 --- a/src/test/correct/multi_malloc/gcc_pic/multi_malloc.expected +++ b/src/test/correct/multi_malloc/gcc_pic/multi_malloc.expected @@ -74,7 +74,7 @@ function memory_store8_le(memory: [bv64]bv8, index: bv64, value: bv8) returns ([ function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); function {:bvbuiltin "zero_extend 56"} zero_extend56_8(bv8) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 2224bv64) == 1bv8); @@ -159,7 +159,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -170,10 +170,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure #free(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2224bv64) == 1bv8); free requires (memory_load8_le(mem, 2225bv64) == 0bv8); free requires (memory_load8_le(mem, 2226bv64) == 2bv8); @@ -586,7 +586,7 @@ procedure main() } procedure malloc(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2224bv64) == 1bv8); free requires (memory_load8_le(mem, 2225bv64) == 0bv8); free requires (memory_load8_le(mem, 2226bv64) == 2bv8); @@ -749,7 +749,7 @@ procedure malloc(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure printf(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 2224bv64) == 1bv8); free requires (memory_load8_le(mem, 2225bv64) == 0bv8); free requires (memory_load8_le(mem, 2226bv64) == 2bv8); diff --git a/src/test/correct/nestedif/clang/nestedif.expected b/src/test/correct/nestedif/clang/nestedif.expected index c9e0d3036..a37da1c4d 100644 --- a/src/test/correct/nestedif/clang/nestedif.expected +++ b/src/test/correct/nestedif/clang/nestedif.expected @@ -41,7 +41,7 @@ function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 1"} zero_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1968bv64) == 1bv8); @@ -82,7 +82,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -93,10 +93,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() - modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_mem, Gamma_stack, R0, R31, R8, mem, stack; + modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_stack, R0, R31, R8, stack; free requires (memory_load8_le(mem, 69664bv64) == 0bv8); free requires (memory_load8_le(mem, 69665bv64) == 0bv8); free requires (memory_load8_le(mem, 69666bv64) == 0bv8); diff --git a/src/test/correct/nestedif/clang_O2/nestedif.expected b/src/test/correct/nestedif/clang_O2/nestedif.expected index 3cb1f1f82..1e9764f80 100644 --- a/src/test/correct/nestedif/clang_O2/nestedif.expected +++ b/src/test/correct/nestedif/clang_O2/nestedif.expected @@ -9,7 +9,7 @@ function memory_load8_le(memory: [bv64]bv8, index: bv64) returns (bv8) { } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1840bv64) == 1bv8); @@ -50,7 +50,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -61,10 +61,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() - modifies Gamma_R0, Gamma_mem, R0, mem; + modifies Gamma_R0, R0; free requires (memory_load8_le(mem, 69664bv64) == 0bv8); free requires (memory_load8_le(mem, 69665bv64) == 0bv8); free requires (memory_load8_le(mem, 69666bv64) == 0bv8); diff --git a/src/test/correct/nestedif/clang_no_plt_no_pic/nestedif.expected b/src/test/correct/nestedif/clang_no_plt_no_pic/nestedif.expected index 264aff4f3..c3575bfb5 100644 --- a/src/test/correct/nestedif/clang_no_plt_no_pic/nestedif.expected +++ b/src/test/correct/nestedif/clang_no_plt_no_pic/nestedif.expected @@ -41,7 +41,7 @@ function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 1"} zero_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1968bv64) == 1bv8); @@ -82,7 +82,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -93,10 +93,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() - modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_mem, Gamma_stack, R0, R31, R8, mem, stack; + modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_stack, R0, R31, R8, stack; free requires (memory_load8_le(mem, 69664bv64) == 0bv8); free requires (memory_load8_le(mem, 69665bv64) == 0bv8); free requires (memory_load8_le(mem, 69666bv64) == 0bv8); diff --git a/src/test/correct/nestedif/clang_pic/nestedif.expected b/src/test/correct/nestedif/clang_pic/nestedif.expected index 264aff4f3..c3575bfb5 100644 --- a/src/test/correct/nestedif/clang_pic/nestedif.expected +++ b/src/test/correct/nestedif/clang_pic/nestedif.expected @@ -41,7 +41,7 @@ function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 1"} zero_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1968bv64) == 1bv8); @@ -82,7 +82,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -93,10 +93,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() - modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_mem, Gamma_stack, R0, R31, R8, mem, stack; + modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_stack, R0, R31, R8, stack; free requires (memory_load8_le(mem, 69664bv64) == 0bv8); free requires (memory_load8_le(mem, 69665bv64) == 0bv8); free requires (memory_load8_le(mem, 69666bv64) == 0bv8); diff --git a/src/test/correct/nestedif/gcc/nestedif.expected b/src/test/correct/nestedif/gcc/nestedif.expected index 261cd8b07..be46c82f4 100644 --- a/src/test/correct/nestedif/gcc/nestedif.expected +++ b/src/test/correct/nestedif/gcc/nestedif.expected @@ -39,7 +39,7 @@ function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 1"} zero_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1928bv64) == 1bv8); @@ -80,7 +80,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -91,10 +91,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() - modifies Gamma_R0, Gamma_R31, Gamma_mem, Gamma_stack, R0, R31, mem, stack; + modifies Gamma_R0, Gamma_R31, Gamma_stack, R0, R31, stack; free requires (memory_load8_le(mem, 69632bv64) == 0bv8); free requires (memory_load8_le(mem, 69633bv64) == 0bv8); free requires (memory_load8_le(mem, 69634bv64) == 0bv8); diff --git a/src/test/correct/nestedif/gcc_O2/nestedif.expected b/src/test/correct/nestedif/gcc_O2/nestedif.expected index b0da0005c..ab48890b6 100644 --- a/src/test/correct/nestedif/gcc_O2/nestedif.expected +++ b/src/test/correct/nestedif/gcc_O2/nestedif.expected @@ -9,7 +9,7 @@ function memory_load8_le(memory: [bv64]bv8, index: bv64) returns (bv8) { } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1896bv64) == 1bv8); @@ -50,7 +50,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -61,10 +61,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() - modifies Gamma_R0, Gamma_mem, R0, mem; + modifies Gamma_R0, R0; free requires (memory_load8_le(mem, 69632bv64) == 0bv8); free requires (memory_load8_le(mem, 69633bv64) == 0bv8); free requires (memory_load8_le(mem, 69634bv64) == 0bv8); diff --git a/src/test/correct/nestedif/gcc_no_plt_no_pic/nestedif.expected b/src/test/correct/nestedif/gcc_no_plt_no_pic/nestedif.expected index df917e5ba..55e5d1a3e 100644 --- a/src/test/correct/nestedif/gcc_no_plt_no_pic/nestedif.expected +++ b/src/test/correct/nestedif/gcc_no_plt_no_pic/nestedif.expected @@ -39,7 +39,7 @@ function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 1"} zero_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1928bv64) == 1bv8); @@ -80,7 +80,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -91,10 +91,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() - modifies Gamma_R0, Gamma_R31, Gamma_mem, Gamma_stack, R0, R31, mem, stack; + modifies Gamma_R0, Gamma_R31, Gamma_stack, R0, R31, stack; free requires (memory_load8_le(mem, 69632bv64) == 0bv8); free requires (memory_load8_le(mem, 69633bv64) == 0bv8); free requires (memory_load8_le(mem, 69634bv64) == 0bv8); diff --git a/src/test/correct/nestedif/gcc_pic/nestedif.expected b/src/test/correct/nestedif/gcc_pic/nestedif.expected index df917e5ba..55e5d1a3e 100644 --- a/src/test/correct/nestedif/gcc_pic/nestedif.expected +++ b/src/test/correct/nestedif/gcc_pic/nestedif.expected @@ -39,7 +39,7 @@ function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 1"} zero_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1928bv64) == 1bv8); @@ -80,7 +80,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -91,10 +91,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() - modifies Gamma_R0, Gamma_R31, Gamma_mem, Gamma_stack, R0, R31, mem, stack; + modifies Gamma_R0, Gamma_R31, Gamma_stack, R0, R31, stack; free requires (memory_load8_le(mem, 69632bv64) == 0bv8); free requires (memory_load8_le(mem, 69633bv64) == 0bv8); free requires (memory_load8_le(mem, 69634bv64) == 0bv8); diff --git a/src/test/correct/no_interference_update_x/clang/no_interference_update_x.expected b/src/test/correct/no_interference_update_x/clang/no_interference_update_x.expected index 197526123..a8845dbc3 100644 --- a/src/test/correct/no_interference_update_x/clang/no_interference_update_x.expected +++ b/src/test/correct/no_interference_update_x/clang/no_interference_update_x.expected @@ -32,7 +32,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))); free ensures (memory_load8_le(mem, 1852bv64) == 1bv8); @@ -73,7 +73,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))); { call rely(); @@ -86,7 +86,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert (memory_load32_le(mem, $y_addr) == memory_load32_le(mem, $y_addr)); } diff --git a/src/test/correct/no_interference_update_x/clang_O2/no_interference_update_x.expected b/src/test/correct/no_interference_update_x/clang_O2/no_interference_update_x.expected index 1067e7c7c..70b301f71 100644 --- a/src/test/correct/no_interference_update_x/clang_O2/no_interference_update_x.expected +++ b/src/test/correct/no_interference_update_x/clang_O2/no_interference_update_x.expected @@ -32,7 +32,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))); free ensures (memory_load8_le(mem, 1852bv64) == 1bv8); @@ -73,7 +73,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))); { call rely(); @@ -86,7 +86,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert (memory_load32_le(mem, $y_addr) == memory_load32_le(mem, $y_addr)); } diff --git a/src/test/correct/no_interference_update_x/clang_no_plt_no_pic/no_interference_update_x.expected b/src/test/correct/no_interference_update_x/clang_no_plt_no_pic/no_interference_update_x.expected index 197526123..a8845dbc3 100644 --- a/src/test/correct/no_interference_update_x/clang_no_plt_no_pic/no_interference_update_x.expected +++ b/src/test/correct/no_interference_update_x/clang_no_plt_no_pic/no_interference_update_x.expected @@ -32,7 +32,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))); free ensures (memory_load8_le(mem, 1852bv64) == 1bv8); @@ -73,7 +73,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))); { call rely(); @@ -86,7 +86,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert (memory_load32_le(mem, $y_addr) == memory_load32_le(mem, $y_addr)); } diff --git a/src/test/correct/no_interference_update_x/clang_pic/no_interference_update_x.expected b/src/test/correct/no_interference_update_x/clang_pic/no_interference_update_x.expected index 077bcdfd0..f6cc2c2b8 100644 --- a/src/test/correct/no_interference_update_x/clang_pic/no_interference_update_x.expected +++ b/src/test/correct/no_interference_update_x/clang_pic/no_interference_update_x.expected @@ -40,7 +40,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))); free ensures (memory_load8_le(mem, 1920bv64) == 1bv8); @@ -89,7 +89,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69599bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))); { call rely(); @@ -102,7 +102,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert (memory_load32_le(mem, $y_addr) == memory_load32_le(mem, $y_addr)); } diff --git a/src/test/correct/no_interference_update_x/gcc/no_interference_update_x.expected b/src/test/correct/no_interference_update_x/gcc/no_interference_update_x.expected index 5e13c4c9a..861d5ce98 100644 --- a/src/test/correct/no_interference_update_x/gcc/no_interference_update_x.expected +++ b/src/test/correct/no_interference_update_x/gcc/no_interference_update_x.expected @@ -30,7 +30,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))); free ensures (memory_load8_le(mem, 1856bv64) == 1bv8); @@ -71,7 +71,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))); { call rely(); @@ -84,7 +84,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert (memory_load32_le(mem, $y_addr) == memory_load32_le(mem, $y_addr)); } diff --git a/src/test/correct/no_interference_update_x/gcc_O2/no_interference_update_x.expected b/src/test/correct/no_interference_update_x/gcc_O2/no_interference_update_x.expected index c744a1767..4e1467783 100644 --- a/src/test/correct/no_interference_update_x/gcc_O2/no_interference_update_x.expected +++ b/src/test/correct/no_interference_update_x/gcc_O2/no_interference_update_x.expected @@ -32,7 +32,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))); free ensures (memory_load8_le(mem, 1896bv64) == 1bv8); @@ -73,7 +73,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))); { call rely(); @@ -86,7 +86,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert (memory_load32_le(mem, $y_addr) == memory_load32_le(mem, $y_addr)); } diff --git a/src/test/correct/no_interference_update_x/gcc_no_plt_no_pic/no_interference_update_x.expected b/src/test/correct/no_interference_update_x/gcc_no_plt_no_pic/no_interference_update_x.expected index 5e13c4c9a..861d5ce98 100644 --- a/src/test/correct/no_interference_update_x/gcc_no_plt_no_pic/no_interference_update_x.expected +++ b/src/test/correct/no_interference_update_x/gcc_no_plt_no_pic/no_interference_update_x.expected @@ -30,7 +30,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))); free ensures (memory_load8_le(mem, 1856bv64) == 1bv8); @@ -71,7 +71,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))); { call rely(); @@ -84,7 +84,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert (memory_load32_le(mem, $y_addr) == memory_load32_le(mem, $y_addr)); } diff --git a/src/test/correct/no_interference_update_x/gcc_pic/no_interference_update_x.expected b/src/test/correct/no_interference_update_x/gcc_pic/no_interference_update_x.expected index 2fdb39a09..c9909b307 100644 --- a/src/test/correct/no_interference_update_x/gcc_pic/no_interference_update_x.expected +++ b/src/test/correct/no_interference_update_x/gcc_pic/no_interference_update_x.expected @@ -38,7 +38,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))); free ensures (memory_load8_le(mem, 1920bv64) == 1bv8); @@ -87,7 +87,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69015bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))); { call rely(); @@ -100,7 +100,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert (memory_load32_le(mem, $y_addr) == memory_load32_le(mem, $y_addr)); } diff --git a/src/test/correct/no_interference_update_y/clang/no_interference_update_y.expected b/src/test/correct/no_interference_update_y/clang/no_interference_update_y.expected index e70efe2dd..c8c4f47bc 100644 --- a/src/test/correct/no_interference_update_y/clang/no_interference_update_y.expected +++ b/src/test/correct/no_interference_update_y/clang/no_interference_update_y.expected @@ -32,7 +32,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (memory_load32_le(mem, $y_addr) == old(memory_load32_le(mem, $y_addr))); free ensures (memory_load8_le(mem, 1852bv64) == 1bv8); @@ -73,7 +73,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (memory_load32_le(mem, $y_addr) == old(memory_load32_le(mem, $y_addr))); { call rely(); @@ -86,7 +86,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert (memory_load32_le(mem, $x_addr) == memory_load32_le(mem, $x_addr)); } diff --git a/src/test/correct/no_interference_update_y/clang_O2/no_interference_update_y.expected b/src/test/correct/no_interference_update_y/clang_O2/no_interference_update_y.expected index 23d8afb4c..1f7087a27 100644 --- a/src/test/correct/no_interference_update_y/clang_O2/no_interference_update_y.expected +++ b/src/test/correct/no_interference_update_y/clang_O2/no_interference_update_y.expected @@ -32,7 +32,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (memory_load32_le(mem, $y_addr) == old(memory_load32_le(mem, $y_addr))); free ensures (memory_load8_le(mem, 1852bv64) == 1bv8); @@ -73,7 +73,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (memory_load32_le(mem, $y_addr) == old(memory_load32_le(mem, $y_addr))); { call rely(); @@ -86,7 +86,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert (memory_load32_le(mem, $x_addr) == memory_load32_le(mem, $x_addr)); } diff --git a/src/test/correct/no_interference_update_y/clang_no_plt_no_pic/no_interference_update_y.expected b/src/test/correct/no_interference_update_y/clang_no_plt_no_pic/no_interference_update_y.expected index e70efe2dd..c8c4f47bc 100644 --- a/src/test/correct/no_interference_update_y/clang_no_plt_no_pic/no_interference_update_y.expected +++ b/src/test/correct/no_interference_update_y/clang_no_plt_no_pic/no_interference_update_y.expected @@ -32,7 +32,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (memory_load32_le(mem, $y_addr) == old(memory_load32_le(mem, $y_addr))); free ensures (memory_load8_le(mem, 1852bv64) == 1bv8); @@ -73,7 +73,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (memory_load32_le(mem, $y_addr) == old(memory_load32_le(mem, $y_addr))); { call rely(); @@ -86,7 +86,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert (memory_load32_le(mem, $x_addr) == memory_load32_le(mem, $x_addr)); } diff --git a/src/test/correct/no_interference_update_y/clang_pic/no_interference_update_y.expected b/src/test/correct/no_interference_update_y/clang_pic/no_interference_update_y.expected index 8ac64c814..0aafc34d3 100644 --- a/src/test/correct/no_interference_update_y/clang_pic/no_interference_update_y.expected +++ b/src/test/correct/no_interference_update_y/clang_pic/no_interference_update_y.expected @@ -40,7 +40,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (memory_load32_le(mem, $y_addr) == old(memory_load32_le(mem, $y_addr))); free ensures (memory_load8_le(mem, 1920bv64) == 1bv8); @@ -89,7 +89,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69599bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (memory_load32_le(mem, $y_addr) == old(memory_load32_le(mem, $y_addr))); { call rely(); @@ -102,7 +102,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert (memory_load32_le(mem, $x_addr) == memory_load32_le(mem, $x_addr)); } diff --git a/src/test/correct/no_interference_update_y/gcc/no_interference_update_y.expected b/src/test/correct/no_interference_update_y/gcc/no_interference_update_y.expected index f65368b48..7ea617f8d 100644 --- a/src/test/correct/no_interference_update_y/gcc/no_interference_update_y.expected +++ b/src/test/correct/no_interference_update_y/gcc/no_interference_update_y.expected @@ -30,7 +30,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (memory_load32_le(mem, $y_addr) == old(memory_load32_le(mem, $y_addr))); free ensures (memory_load8_le(mem, 1856bv64) == 1bv8); @@ -71,7 +71,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (memory_load32_le(mem, $y_addr) == old(memory_load32_le(mem, $y_addr))); { call rely(); @@ -84,7 +84,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert (memory_load32_le(mem, $x_addr) == memory_load32_le(mem, $x_addr)); } diff --git a/src/test/correct/no_interference_update_y/gcc_O2/no_interference_update_y.expected b/src/test/correct/no_interference_update_y/gcc_O2/no_interference_update_y.expected index 92b64b744..25986a697 100644 --- a/src/test/correct/no_interference_update_y/gcc_O2/no_interference_update_y.expected +++ b/src/test/correct/no_interference_update_y/gcc_O2/no_interference_update_y.expected @@ -32,7 +32,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (memory_load32_le(mem, $y_addr) == old(memory_load32_le(mem, $y_addr))); free ensures (memory_load8_le(mem, 1896bv64) == 1bv8); @@ -73,7 +73,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (memory_load32_le(mem, $y_addr) == old(memory_load32_le(mem, $y_addr))); { call rely(); @@ -86,7 +86,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert (memory_load32_le(mem, $x_addr) == memory_load32_le(mem, $x_addr)); } diff --git a/src/test/correct/no_interference_update_y/gcc_no_plt_no_pic/no_interference_update_y.expected b/src/test/correct/no_interference_update_y/gcc_no_plt_no_pic/no_interference_update_y.expected index f65368b48..7ea617f8d 100644 --- a/src/test/correct/no_interference_update_y/gcc_no_plt_no_pic/no_interference_update_y.expected +++ b/src/test/correct/no_interference_update_y/gcc_no_plt_no_pic/no_interference_update_y.expected @@ -30,7 +30,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (memory_load32_le(mem, $y_addr) == old(memory_load32_le(mem, $y_addr))); free ensures (memory_load8_le(mem, 1856bv64) == 1bv8); @@ -71,7 +71,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (memory_load32_le(mem, $y_addr) == old(memory_load32_le(mem, $y_addr))); { call rely(); @@ -84,7 +84,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert (memory_load32_le(mem, $x_addr) == memory_load32_le(mem, $x_addr)); } diff --git a/src/test/correct/no_interference_update_y/gcc_pic/no_interference_update_y.expected b/src/test/correct/no_interference_update_y/gcc_pic/no_interference_update_y.expected index d69387b95..40c5f15c7 100644 --- a/src/test/correct/no_interference_update_y/gcc_pic/no_interference_update_y.expected +++ b/src/test/correct/no_interference_update_y/gcc_pic/no_interference_update_y.expected @@ -38,7 +38,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (memory_load32_le(mem, $y_addr) == old(memory_load32_le(mem, $y_addr))); free ensures (memory_load8_le(mem, 1920bv64) == 1bv8); @@ -87,7 +87,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69015bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (memory_load32_le(mem, $y_addr) == old(memory_load32_le(mem, $y_addr))); { call rely(); @@ -100,7 +100,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert (memory_load32_le(mem, $x_addr) == memory_load32_le(mem, $x_addr)); } diff --git a/src/test/correct/secret_write/clang/secret_write.expected b/src/test/correct/secret_write/clang/secret_write.expected index ffeaa4ccc..429086b06 100644 --- a/src/test/correct/secret_write/clang/secret_write.expected +++ b/src/test/correct/secret_write/clang/secret_write.expected @@ -44,7 +44,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (memory_load32_le(mem, $z_addr) == old(memory_load32_le(mem, $z_addr))); ensures (old(gamma_load32(Gamma_mem, $x_addr)) ==> gamma_load32(Gamma_mem, $x_addr)); @@ -86,7 +86,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (memory_load32_le(mem, $z_addr) == old(memory_load32_le(mem, $z_addr))); ensures (old(gamma_load32(Gamma_mem, $x_addr)) ==> gamma_load32(Gamma_mem, $x_addr)); { @@ -101,7 +101,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert bvsge32(memory_load32_le(mem, $z_addr), memory_load32_le(mem, $z_addr)); } diff --git a/src/test/correct/secret_write/clang_O2/secret_write.expected b/src/test/correct/secret_write/clang_O2/secret_write.expected index 11b216945..4d3b532df 100644 --- a/src/test/correct/secret_write/clang_O2/secret_write.expected +++ b/src/test/correct/secret_write/clang_O2/secret_write.expected @@ -42,7 +42,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (memory_load32_le(mem, $z_addr) == old(memory_load32_le(mem, $z_addr))); ensures (old(gamma_load32(Gamma_mem, $x_addr)) ==> gamma_load32(Gamma_mem, $x_addr)); @@ -84,7 +84,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (memory_load32_le(mem, $z_addr) == old(memory_load32_le(mem, $z_addr))); ensures (old(gamma_load32(Gamma_mem, $x_addr)) ==> gamma_load32(Gamma_mem, $x_addr)); { @@ -99,7 +99,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert bvsge32(memory_load32_le(mem, $z_addr), memory_load32_le(mem, $z_addr)); } diff --git a/src/test/correct/secret_write/clang_no_plt_no_pic/secret_write.expected b/src/test/correct/secret_write/clang_no_plt_no_pic/secret_write.expected index ffeaa4ccc..429086b06 100644 --- a/src/test/correct/secret_write/clang_no_plt_no_pic/secret_write.expected +++ b/src/test/correct/secret_write/clang_no_plt_no_pic/secret_write.expected @@ -44,7 +44,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (memory_load32_le(mem, $z_addr) == old(memory_load32_le(mem, $z_addr))); ensures (old(gamma_load32(Gamma_mem, $x_addr)) ==> gamma_load32(Gamma_mem, $x_addr)); @@ -86,7 +86,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (memory_load32_le(mem, $z_addr) == old(memory_load32_le(mem, $z_addr))); ensures (old(gamma_load32(Gamma_mem, $x_addr)) ==> gamma_load32(Gamma_mem, $x_addr)); { @@ -101,7 +101,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert bvsge32(memory_load32_le(mem, $z_addr), memory_load32_le(mem, $z_addr)); } diff --git a/src/test/correct/secret_write/clang_pic/secret_write.expected b/src/test/correct/secret_write/clang_pic/secret_write.expected index 8d2a3e7d4..5d1a5fc2d 100644 --- a/src/test/correct/secret_write/clang_pic/secret_write.expected +++ b/src/test/correct/secret_write/clang_pic/secret_write.expected @@ -52,7 +52,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (memory_load32_le(mem, $z_addr) == old(memory_load32_le(mem, $z_addr))); ensures (old(gamma_load32(Gamma_mem, $x_addr)) ==> gamma_load32(Gamma_mem, $x_addr)); @@ -118,7 +118,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69567bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (memory_load32_le(mem, $z_addr) == old(memory_load32_le(mem, $z_addr))); ensures (old(gamma_load32(Gamma_mem, $x_addr)) ==> gamma_load32(Gamma_mem, $x_addr)); { @@ -133,7 +133,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert bvsge32(memory_load32_le(mem, $z_addr), memory_load32_le(mem, $z_addr)); } diff --git a/src/test/correct/secret_write/gcc/secret_write.expected b/src/test/correct/secret_write/gcc/secret_write.expected index 40f96c04b..162db427a 100644 --- a/src/test/correct/secret_write/gcc/secret_write.expected +++ b/src/test/correct/secret_write/gcc/secret_write.expected @@ -40,7 +40,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (memory_load32_le(mem, $z_addr) == old(memory_load32_le(mem, $z_addr))); ensures (old(gamma_load32(Gamma_mem, $x_addr)) ==> gamma_load32(Gamma_mem, $x_addr)); @@ -82,7 +82,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (memory_load32_le(mem, $z_addr) == old(memory_load32_le(mem, $z_addr))); ensures (old(gamma_load32(Gamma_mem, $x_addr)) ==> gamma_load32(Gamma_mem, $x_addr)); { @@ -97,7 +97,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert bvsge32(memory_load32_le(mem, $z_addr), memory_load32_le(mem, $z_addr)); } diff --git a/src/test/correct/secret_write/gcc_O2/secret_write.expected b/src/test/correct/secret_write/gcc_O2/secret_write.expected index 4076b7b9f..4e97fe80d 100644 --- a/src/test/correct/secret_write/gcc_O2/secret_write.expected +++ b/src/test/correct/secret_write/gcc_O2/secret_write.expected @@ -42,7 +42,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (memory_load32_le(mem, $z_addr) == old(memory_load32_le(mem, $z_addr))); ensures (old(gamma_load32(Gamma_mem, $x_addr)) ==> gamma_load32(Gamma_mem, $x_addr)); @@ -84,7 +84,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (memory_load32_le(mem, $z_addr) == old(memory_load32_le(mem, $z_addr))); ensures (old(gamma_load32(Gamma_mem, $x_addr)) ==> gamma_load32(Gamma_mem, $x_addr)); { @@ -99,7 +99,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert bvsge32(memory_load32_le(mem, $z_addr), memory_load32_le(mem, $z_addr)); } diff --git a/src/test/correct/secret_write/gcc_no_plt_no_pic/secret_write.expected b/src/test/correct/secret_write/gcc_no_plt_no_pic/secret_write.expected index 40f96c04b..162db427a 100644 --- a/src/test/correct/secret_write/gcc_no_plt_no_pic/secret_write.expected +++ b/src/test/correct/secret_write/gcc_no_plt_no_pic/secret_write.expected @@ -40,7 +40,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (memory_load32_le(mem, $z_addr) == old(memory_load32_le(mem, $z_addr))); ensures (old(gamma_load32(Gamma_mem, $x_addr)) ==> gamma_load32(Gamma_mem, $x_addr)); @@ -82,7 +82,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (memory_load32_le(mem, $z_addr) == old(memory_load32_le(mem, $z_addr))); ensures (old(gamma_load32(Gamma_mem, $x_addr)) ==> gamma_load32(Gamma_mem, $x_addr)); { @@ -97,7 +97,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert bvsge32(memory_load32_le(mem, $z_addr), memory_load32_le(mem, $z_addr)); } diff --git a/src/test/correct/secret_write/gcc_pic/secret_write.expected b/src/test/correct/secret_write/gcc_pic/secret_write.expected index 783607864..332031ef7 100644 --- a/src/test/correct/secret_write/gcc_pic/secret_write.expected +++ b/src/test/correct/secret_write/gcc_pic/secret_write.expected @@ -48,7 +48,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (memory_load32_le(mem, $z_addr) == old(memory_load32_le(mem, $z_addr))); ensures (old(gamma_load32(Gamma_mem, $x_addr)) ==> gamma_load32(Gamma_mem, $x_addr)); @@ -114,7 +114,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 68999bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (memory_load32_le(mem, $z_addr) == old(memory_load32_le(mem, $z_addr))); ensures (old(gamma_load32(Gamma_mem, $x_addr)) ==> gamma_load32(Gamma_mem, $x_addr)); { @@ -129,7 +129,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert bvsge32(memory_load32_le(mem, $z_addr), memory_load32_le(mem, $z_addr)); } diff --git a/src/test/correct/simple_jump/clang/simple_jump.expected b/src/test/correct/simple_jump/clang/simple_jump.expected index 1a4fb4140..d410505a4 100644 --- a/src/test/correct/simple_jump/clang/simple_jump.expected +++ b/src/test/correct/simple_jump/clang/simple_jump.expected @@ -41,7 +41,7 @@ function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 1"} zero_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1892bv64) == 1bv8); @@ -82,7 +82,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -93,10 +93,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() - modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_mem, Gamma_stack, R0, R31, R8, mem, stack; + modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_stack, R0, R31, R8, stack; free requires (memory_load8_le(mem, 69664bv64) == 0bv8); free requires (memory_load8_le(mem, 69665bv64) == 0bv8); free requires (memory_load8_le(mem, 69666bv64) == 0bv8); diff --git a/src/test/correct/simple_jump/clang_O2/simple_jump.expected b/src/test/correct/simple_jump/clang_O2/simple_jump.expected index 3cb1f1f82..1e9764f80 100644 --- a/src/test/correct/simple_jump/clang_O2/simple_jump.expected +++ b/src/test/correct/simple_jump/clang_O2/simple_jump.expected @@ -9,7 +9,7 @@ function memory_load8_le(memory: [bv64]bv8, index: bv64) returns (bv8) { } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1840bv64) == 1bv8); @@ -50,7 +50,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -61,10 +61,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() - modifies Gamma_R0, Gamma_mem, R0, mem; + modifies Gamma_R0, R0; free requires (memory_load8_le(mem, 69664bv64) == 0bv8); free requires (memory_load8_le(mem, 69665bv64) == 0bv8); free requires (memory_load8_le(mem, 69666bv64) == 0bv8); diff --git a/src/test/correct/simple_jump/clang_no_plt_no_pic/simple_jump.expected b/src/test/correct/simple_jump/clang_no_plt_no_pic/simple_jump.expected index 874c303a4..21593dc1c 100644 --- a/src/test/correct/simple_jump/clang_no_plt_no_pic/simple_jump.expected +++ b/src/test/correct/simple_jump/clang_no_plt_no_pic/simple_jump.expected @@ -41,7 +41,7 @@ function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 1"} zero_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1892bv64) == 1bv8); @@ -82,7 +82,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -93,10 +93,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() - modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_mem, Gamma_stack, R0, R31, R8, mem, stack; + modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_stack, R0, R31, R8, stack; free requires (memory_load8_le(mem, 69664bv64) == 0bv8); free requires (memory_load8_le(mem, 69665bv64) == 0bv8); free requires (memory_load8_le(mem, 69666bv64) == 0bv8); diff --git a/src/test/correct/simple_jump/clang_pic/simple_jump.expected b/src/test/correct/simple_jump/clang_pic/simple_jump.expected index 874c303a4..21593dc1c 100644 --- a/src/test/correct/simple_jump/clang_pic/simple_jump.expected +++ b/src/test/correct/simple_jump/clang_pic/simple_jump.expected @@ -41,7 +41,7 @@ function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 1"} zero_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1892bv64) == 1bv8); @@ -82,7 +82,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -93,10 +93,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() - modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_mem, Gamma_stack, R0, R31, R8, mem, stack; + modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_stack, R0, R31, R8, stack; free requires (memory_load8_le(mem, 69664bv64) == 0bv8); free requires (memory_load8_le(mem, 69665bv64) == 0bv8); free requires (memory_load8_le(mem, 69666bv64) == 0bv8); diff --git a/src/test/correct/simple_jump/gcc/simple_jump.expected b/src/test/correct/simple_jump/gcc/simple_jump.expected index 682162359..207f613d1 100644 --- a/src/test/correct/simple_jump/gcc/simple_jump.expected +++ b/src/test/correct/simple_jump/gcc/simple_jump.expected @@ -39,7 +39,7 @@ function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 1"} zero_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1876bv64) == 1bv8); @@ -80,7 +80,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -91,10 +91,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() - modifies Gamma_R0, Gamma_R31, Gamma_mem, Gamma_stack, R0, R31, mem, stack; + modifies Gamma_R0, Gamma_R31, Gamma_stack, R0, R31, stack; free requires (memory_load8_le(mem, 69632bv64) == 0bv8); free requires (memory_load8_le(mem, 69633bv64) == 0bv8); free requires (memory_load8_le(mem, 69634bv64) == 0bv8); diff --git a/src/test/correct/simple_jump/gcc_O2/simple_jump.expected b/src/test/correct/simple_jump/gcc_O2/simple_jump.expected index b0da0005c..ab48890b6 100644 --- a/src/test/correct/simple_jump/gcc_O2/simple_jump.expected +++ b/src/test/correct/simple_jump/gcc_O2/simple_jump.expected @@ -9,7 +9,7 @@ function memory_load8_le(memory: [bv64]bv8, index: bv64) returns (bv8) { } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1896bv64) == 1bv8); @@ -50,7 +50,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -61,10 +61,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() - modifies Gamma_R0, Gamma_mem, R0, mem; + modifies Gamma_R0, R0; free requires (memory_load8_le(mem, 69632bv64) == 0bv8); free requires (memory_load8_le(mem, 69633bv64) == 0bv8); free requires (memory_load8_le(mem, 69634bv64) == 0bv8); diff --git a/src/test/correct/simple_jump/gcc_no_plt_no_pic/simple_jump.expected b/src/test/correct/simple_jump/gcc_no_plt_no_pic/simple_jump.expected index 1863cb752..a401fed9f 100644 --- a/src/test/correct/simple_jump/gcc_no_plt_no_pic/simple_jump.expected +++ b/src/test/correct/simple_jump/gcc_no_plt_no_pic/simple_jump.expected @@ -39,7 +39,7 @@ function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 1"} zero_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1876bv64) == 1bv8); @@ -80,7 +80,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -91,10 +91,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() - modifies Gamma_R0, Gamma_R31, Gamma_mem, Gamma_stack, R0, R31, mem, stack; + modifies Gamma_R0, Gamma_R31, Gamma_stack, R0, R31, stack; free requires (memory_load8_le(mem, 69632bv64) == 0bv8); free requires (memory_load8_le(mem, 69633bv64) == 0bv8); free requires (memory_load8_le(mem, 69634bv64) == 0bv8); diff --git a/src/test/correct/simple_jump/gcc_pic/simple_jump.expected b/src/test/correct/simple_jump/gcc_pic/simple_jump.expected index 1863cb752..a401fed9f 100644 --- a/src/test/correct/simple_jump/gcc_pic/simple_jump.expected +++ b/src/test/correct/simple_jump/gcc_pic/simple_jump.expected @@ -39,7 +39,7 @@ function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 1"} zero_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1876bv64) == 1bv8); @@ -80,7 +80,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -91,10 +91,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() - modifies Gamma_R0, Gamma_R31, Gamma_mem, Gamma_stack, R0, R31, mem, stack; + modifies Gamma_R0, Gamma_R31, Gamma_stack, R0, R31, stack; free requires (memory_load8_le(mem, 69632bv64) == 0bv8); free requires (memory_load8_le(mem, 69633bv64) == 0bv8); free requires (memory_load8_le(mem, 69634bv64) == 0bv8); diff --git a/src/test/correct/switch/clang/switch.expected b/src/test/correct/switch/clang/switch.expected index 91ed3d0ab..1ddf91658 100644 --- a/src/test/correct/switch/clang/switch.expected +++ b/src/test/correct/switch/clang/switch.expected @@ -39,7 +39,7 @@ function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 1"} zero_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1936bv64) == 1bv8); @@ -80,7 +80,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -91,10 +91,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() - modifies Gamma_R31, Gamma_R8, Gamma_mem, Gamma_stack, R31, R8, mem, stack; + modifies Gamma_R31, Gamma_R8, Gamma_stack, R31, R8, stack; free requires (memory_load8_le(mem, 69664bv64) == 0bv8); free requires (memory_load8_le(mem, 69665bv64) == 0bv8); free requires (memory_load8_le(mem, 69666bv64) == 0bv8); diff --git a/src/test/correct/switch/clang_O2/switch.expected b/src/test/correct/switch/clang_O2/switch.expected index 35d0f1718..8637d2c74 100644 --- a/src/test/correct/switch/clang_O2/switch.expected +++ b/src/test/correct/switch/clang_O2/switch.expected @@ -7,7 +7,7 @@ function memory_load8_le(memory: [bv64]bv8, index: bv64) returns (bv8) { } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1836bv64) == 1bv8); @@ -48,7 +48,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -59,10 +59,9 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() - modifies Gamma_mem, mem; free requires (memory_load8_le(mem, 69664bv64) == 0bv8); free requires (memory_load8_le(mem, 69665bv64) == 0bv8); free requires (memory_load8_le(mem, 69666bv64) == 0bv8); diff --git a/src/test/correct/switch/clang_no_plt_no_pic/switch.expected b/src/test/correct/switch/clang_no_plt_no_pic/switch.expected index 8db8c1bf2..71d069297 100644 --- a/src/test/correct/switch/clang_no_plt_no_pic/switch.expected +++ b/src/test/correct/switch/clang_no_plt_no_pic/switch.expected @@ -39,7 +39,7 @@ function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 1"} zero_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1936bv64) == 1bv8); @@ -80,7 +80,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -91,10 +91,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() - modifies Gamma_R31, Gamma_R8, Gamma_mem, Gamma_stack, R31, R8, mem, stack; + modifies Gamma_R31, Gamma_R8, Gamma_stack, R31, R8, stack; free requires (memory_load8_le(mem, 69664bv64) == 0bv8); free requires (memory_load8_le(mem, 69665bv64) == 0bv8); free requires (memory_load8_le(mem, 69666bv64) == 0bv8); diff --git a/src/test/correct/switch/clang_pic/switch.expected b/src/test/correct/switch/clang_pic/switch.expected index 8db8c1bf2..71d069297 100644 --- a/src/test/correct/switch/clang_pic/switch.expected +++ b/src/test/correct/switch/clang_pic/switch.expected @@ -39,7 +39,7 @@ function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 1"} zero_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1936bv64) == 1bv8); @@ -80,7 +80,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -91,10 +91,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() - modifies Gamma_R31, Gamma_R8, Gamma_mem, Gamma_stack, R31, R8, mem, stack; + modifies Gamma_R31, Gamma_R8, Gamma_stack, R31, R8, stack; free requires (memory_load8_le(mem, 69664bv64) == 0bv8); free requires (memory_load8_le(mem, 69665bv64) == 0bv8); free requires (memory_load8_le(mem, 69666bv64) == 0bv8); diff --git a/src/test/correct/switch/gcc/switch.expected b/src/test/correct/switch/gcc/switch.expected index 38a8ff96e..4953b28c9 100644 --- a/src/test/correct/switch/gcc/switch.expected +++ b/src/test/correct/switch/gcc/switch.expected @@ -39,7 +39,7 @@ function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 1"} zero_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1916bv64) == 1bv8); @@ -80,7 +80,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -91,10 +91,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() - modifies Gamma_R0, Gamma_R31, Gamma_mem, Gamma_stack, R0, R31, mem, stack; + modifies Gamma_R0, Gamma_R31, Gamma_stack, R0, R31, stack; free requires (memory_load8_le(mem, 69632bv64) == 0bv8); free requires (memory_load8_le(mem, 69633bv64) == 0bv8); free requires (memory_load8_le(mem, 69634bv64) == 0bv8); diff --git a/src/test/correct/switch/gcc_O2/switch.expected b/src/test/correct/switch/gcc_O2/switch.expected index c28005b50..a86190f67 100644 --- a/src/test/correct/switch/gcc_O2/switch.expected +++ b/src/test/correct/switch/gcc_O2/switch.expected @@ -7,7 +7,7 @@ function memory_load8_le(memory: [bv64]bv8, index: bv64) returns (bv8) { } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1896bv64) == 1bv8); @@ -48,7 +48,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -59,10 +59,9 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() - modifies Gamma_mem, mem; free requires (memory_load8_le(mem, 69632bv64) == 0bv8); free requires (memory_load8_le(mem, 69633bv64) == 0bv8); free requires (memory_load8_le(mem, 69634bv64) == 0bv8); diff --git a/src/test/correct/switch/gcc_no_plt_no_pic/switch.expected b/src/test/correct/switch/gcc_no_plt_no_pic/switch.expected index efdca998a..c648c415f 100644 --- a/src/test/correct/switch/gcc_no_plt_no_pic/switch.expected +++ b/src/test/correct/switch/gcc_no_plt_no_pic/switch.expected @@ -39,7 +39,7 @@ function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 1"} zero_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1916bv64) == 1bv8); @@ -80,7 +80,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -91,10 +91,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() - modifies Gamma_R0, Gamma_R31, Gamma_mem, Gamma_stack, R0, R31, mem, stack; + modifies Gamma_R0, Gamma_R31, Gamma_stack, R0, R31, stack; free requires (memory_load8_le(mem, 69632bv64) == 0bv8); free requires (memory_load8_le(mem, 69633bv64) == 0bv8); free requires (memory_load8_le(mem, 69634bv64) == 0bv8); diff --git a/src/test/correct/switch/gcc_pic/switch.expected b/src/test/correct/switch/gcc_pic/switch.expected index efdca998a..c648c415f 100644 --- a/src/test/correct/switch/gcc_pic/switch.expected +++ b/src/test/correct/switch/gcc_pic/switch.expected @@ -39,7 +39,7 @@ function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 1"} zero_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1916bv64) == 1bv8); @@ -80,7 +80,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -91,10 +91,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() - modifies Gamma_R0, Gamma_R31, Gamma_mem, Gamma_stack, R0, R31, mem, stack; + modifies Gamma_R0, Gamma_R31, Gamma_stack, R0, R31, stack; free requires (memory_load8_le(mem, 69632bv64) == 0bv8); free requires (memory_load8_le(mem, 69633bv64) == 0bv8); free requires (memory_load8_le(mem, 69634bv64) == 0bv8); diff --git a/src/test/correct/switch2/clang_O2/switch2.expected b/src/test/correct/switch2/clang_O2/switch2.expected index 0a77cb44b..bdb8ef7ef 100644 --- a/src/test/correct/switch2/clang_O2/switch2.expected +++ b/src/test/correct/switch2/clang_O2/switch2.expected @@ -6,7 +6,7 @@ function memory_load8_le(memory: [bv64]bv8, index: bv64) returns (bv8) { } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1844bv64) == 1bv8); @@ -47,7 +47,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -58,10 +58,9 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() - modifies Gamma_mem, mem; requires (Gamma_R0 == true); free requires (memory_load8_le(mem, 69664bv64) == 0bv8); free requires (memory_load8_le(mem, 69665bv64) == 0bv8); diff --git a/src/test/correct/switch2/gcc/switch2.expected b/src/test/correct/switch2/gcc/switch2.expected index 1bdd0b8dc..afd6b963a 100644 --- a/src/test/correct/switch2/gcc/switch2.expected +++ b/src/test/correct/switch2/gcc/switch2.expected @@ -60,7 +60,7 @@ function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 1"} zero_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 2032bv64) == 1bv8); @@ -101,7 +101,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -112,10 +112,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() - modifies Gamma_R0, Gamma_R29, Gamma_R30, Gamma_R31, Gamma_mem, Gamma_stack, R0, R29, R30, R31, mem, stack; + modifies Gamma_R0, Gamma_R29, Gamma_R30, Gamma_R31, Gamma_stack, R0, R29, R30, R31, stack; requires (Gamma_R0 == true); free requires (memory_load8_le(mem, 69632bv64) == 0bv8); free requires (memory_load8_le(mem, 69633bv64) == 0bv8); @@ -377,7 +377,7 @@ procedure main() } procedure r() - modifies Gamma_R0, Gamma_mem, R0, mem; + modifies Gamma_R0, R0; free requires (memory_load8_le(mem, 2032bv64) == 1bv8); free requires (memory_load8_le(mem, 2033bv64) == 0bv8); free requires (memory_load8_le(mem, 2034bv64) == 2bv8); diff --git a/src/test/correct/switch2/gcc_O2/switch2.expected b/src/test/correct/switch2/gcc_O2/switch2.expected index 15992ce2b..1ab56febd 100644 --- a/src/test/correct/switch2/gcc_O2/switch2.expected +++ b/src/test/correct/switch2/gcc_O2/switch2.expected @@ -6,7 +6,7 @@ function memory_load8_le(memory: [bv64]bv8, index: bv64) returns (bv8) { } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1916bv64) == 1bv8); @@ -47,7 +47,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -58,10 +58,9 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() - modifies Gamma_mem, mem; requires (Gamma_R0 == true); free requires (memory_load8_le(mem, 69632bv64) == 0bv8); free requires (memory_load8_le(mem, 69633bv64) == 0bv8); diff --git a/src/test/correct/switch2/gcc_no_plt_no_pic/switch2.expected b/src/test/correct/switch2/gcc_no_plt_no_pic/switch2.expected index af27d2702..34fe6e456 100644 --- a/src/test/correct/switch2/gcc_no_plt_no_pic/switch2.expected +++ b/src/test/correct/switch2/gcc_no_plt_no_pic/switch2.expected @@ -60,7 +60,7 @@ function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 1"} zero_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 2032bv64) == 1bv8); @@ -101,7 +101,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -112,10 +112,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() - modifies Gamma_R0, Gamma_R29, Gamma_R30, Gamma_R31, Gamma_mem, Gamma_stack, R0, R29, R30, R31, mem, stack; + modifies Gamma_R0, Gamma_R29, Gamma_R30, Gamma_R31, Gamma_stack, R0, R29, R30, R31, stack; requires (Gamma_R0 == true); free requires (memory_load8_le(mem, 69632bv64) == 0bv8); free requires (memory_load8_le(mem, 69633bv64) == 0bv8); @@ -377,7 +377,7 @@ procedure main() } procedure r() - modifies Gamma_R0, Gamma_mem, R0, mem; + modifies Gamma_R0, R0; free requires (memory_load8_le(mem, 2032bv64) == 1bv8); free requires (memory_load8_le(mem, 2033bv64) == 0bv8); free requires (memory_load8_le(mem, 2034bv64) == 2bv8); diff --git a/src/test/correct/switch2/gcc_pic/switch2.expected b/src/test/correct/switch2/gcc_pic/switch2.expected index af27d2702..34fe6e456 100644 --- a/src/test/correct/switch2/gcc_pic/switch2.expected +++ b/src/test/correct/switch2/gcc_pic/switch2.expected @@ -60,7 +60,7 @@ function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 1"} zero_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 2032bv64) == 1bv8); @@ -101,7 +101,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -112,10 +112,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() - modifies Gamma_R0, Gamma_R29, Gamma_R30, Gamma_R31, Gamma_mem, Gamma_stack, R0, R29, R30, R31, mem, stack; + modifies Gamma_R0, Gamma_R29, Gamma_R30, Gamma_R31, Gamma_stack, R0, R29, R30, R31, stack; requires (Gamma_R0 == true); free requires (memory_load8_le(mem, 69632bv64) == 0bv8); free requires (memory_load8_le(mem, 69633bv64) == 0bv8); @@ -377,7 +377,7 @@ procedure main() } procedure r() - modifies Gamma_R0, Gamma_mem, R0, mem; + modifies Gamma_R0, R0; free requires (memory_load8_le(mem, 2032bv64) == 1bv8); free requires (memory_load8_le(mem, 2033bv64) == 0bv8); free requires (memory_load8_le(mem, 2034bv64) == 2bv8); diff --git a/src/test/correct/syscall/clang/syscall.expected b/src/test/correct/syscall/clang/syscall.expected index 2a11bf043..de88ed4c3 100644 --- a/src/test/correct/syscall/clang/syscall.expected +++ b/src/test/correct/syscall/clang/syscall.expected @@ -57,7 +57,7 @@ function memory_store64_le(memory: [bv64]bv8, index: bv64, value: bv64) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1944bv64) == 1bv8); @@ -98,7 +98,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69687bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -109,10 +109,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure fork(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 1944bv64) == 1bv8); free requires (memory_load8_le(mem, 1945bv64) == 0bv8); free requires (memory_load8_le(mem, 1946bv64) == 2bv8); @@ -187,7 +187,7 @@ procedure fork(); free ensures (memory_load8_le(mem, 69687bv64) == 0bv8); procedure main() - modifies Gamma_R0, Gamma_R16, Gamma_R17, Gamma_R29, Gamma_R30, Gamma_R31, Gamma_mem, Gamma_stack, R0, R16, R17, R29, R30, R31, mem, stack; + modifies Gamma_R0, Gamma_R16, Gamma_R17, Gamma_R29, Gamma_R30, Gamma_R31, Gamma_stack, R0, R16, R17, R29, R30, R31, stack; free requires (memory_load8_le(mem, 69672bv64) == 0bv8); free requires (memory_load8_le(mem, 69673bv64) == 0bv8); free requires (memory_load8_le(mem, 69674bv64) == 0bv8); diff --git a/src/test/correct/syscall/clang_no_plt_no_pic/syscall.expected b/src/test/correct/syscall/clang_no_plt_no_pic/syscall.expected index ff58e39b8..dc9bcaa16 100644 --- a/src/test/correct/syscall/clang_no_plt_no_pic/syscall.expected +++ b/src/test/correct/syscall/clang_no_plt_no_pic/syscall.expected @@ -57,7 +57,7 @@ function memory_store64_le(memory: [bv64]bv8, index: bv64, value: bv64) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1944bv64) == 1bv8); @@ -98,7 +98,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69687bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -109,10 +109,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure fork(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 1944bv64) == 1bv8); free requires (memory_load8_le(mem, 1945bv64) == 0bv8); free requires (memory_load8_le(mem, 1946bv64) == 2bv8); @@ -187,7 +187,7 @@ procedure fork(); free ensures (memory_load8_le(mem, 69687bv64) == 0bv8); procedure main() - modifies Gamma_R0, Gamma_R16, Gamma_R17, Gamma_R29, Gamma_R30, Gamma_R31, Gamma_mem, Gamma_stack, R0, R16, R17, R29, R30, R31, mem, stack; + modifies Gamma_R0, Gamma_R16, Gamma_R17, Gamma_R29, Gamma_R30, Gamma_R31, Gamma_stack, R0, R16, R17, R29, R30, R31, stack; free requires (memory_load8_le(mem, 69672bv64) == 0bv8); free requires (memory_load8_le(mem, 69673bv64) == 0bv8); free requires (memory_load8_le(mem, 69674bv64) == 0bv8); diff --git a/src/test/correct/syscall/clang_pic/syscall.expected b/src/test/correct/syscall/clang_pic/syscall.expected index ff58e39b8..dc9bcaa16 100644 --- a/src/test/correct/syscall/clang_pic/syscall.expected +++ b/src/test/correct/syscall/clang_pic/syscall.expected @@ -57,7 +57,7 @@ function memory_store64_le(memory: [bv64]bv8, index: bv64, value: bv64) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1944bv64) == 1bv8); @@ -98,7 +98,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69687bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -109,10 +109,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure fork(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 1944bv64) == 1bv8); free requires (memory_load8_le(mem, 1945bv64) == 0bv8); free requires (memory_load8_le(mem, 1946bv64) == 2bv8); @@ -187,7 +187,7 @@ procedure fork(); free ensures (memory_load8_le(mem, 69687bv64) == 0bv8); procedure main() - modifies Gamma_R0, Gamma_R16, Gamma_R17, Gamma_R29, Gamma_R30, Gamma_R31, Gamma_mem, Gamma_stack, R0, R16, R17, R29, R30, R31, mem, stack; + modifies Gamma_R0, Gamma_R16, Gamma_R17, Gamma_R29, Gamma_R30, Gamma_R31, Gamma_stack, R0, R16, R17, R29, R30, R31, stack; free requires (memory_load8_le(mem, 69672bv64) == 0bv8); free requires (memory_load8_le(mem, 69673bv64) == 0bv8); free requires (memory_load8_le(mem, 69674bv64) == 0bv8); diff --git a/src/test/correct/syscall/gcc/syscall.expected b/src/test/correct/syscall/gcc/syscall.expected index 17e58a73f..f12cfc259 100644 --- a/src/test/correct/syscall/gcc/syscall.expected +++ b/src/test/correct/syscall/gcc/syscall.expected @@ -57,7 +57,7 @@ function memory_store64_le(memory: [bv64]bv8, index: bv64, value: bv64) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1932bv64) == 1bv8); @@ -98,7 +98,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -109,10 +109,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure fork(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 1932bv64) == 1bv8); free requires (memory_load8_le(mem, 1933bv64) == 0bv8); free requires (memory_load8_le(mem, 1934bv64) == 2bv8); @@ -187,7 +187,7 @@ procedure fork(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure main() - modifies Gamma_R0, Gamma_R16, Gamma_R17, Gamma_R29, Gamma_R30, Gamma_R31, Gamma_mem, Gamma_stack, R0, R16, R17, R29, R30, R31, mem, stack; + modifies Gamma_R0, Gamma_R16, Gamma_R17, Gamma_R29, Gamma_R30, Gamma_R31, Gamma_stack, R0, R16, R17, R29, R30, R31, stack; free requires (memory_load8_le(mem, 69632bv64) == 0bv8); free requires (memory_load8_le(mem, 69633bv64) == 0bv8); free requires (memory_load8_le(mem, 69634bv64) == 0bv8); diff --git a/src/test/correct/syscall/gcc_O2/syscall.expected b/src/test/correct/syscall/gcc_O2/syscall.expected index 85c45bf80..04b6a3257 100644 --- a/src/test/correct/syscall/gcc_O2/syscall.expected +++ b/src/test/correct/syscall/gcc_O2/syscall.expected @@ -11,7 +11,7 @@ function memory_load8_le(memory: [bv64]bv8, index: bv64) returns (bv8) { } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1960bv64) == 1bv8); @@ -52,7 +52,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -63,10 +63,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure fork(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 69632bv64) == 0bv8); free requires (memory_load8_le(mem, 69633bv64) == 0bv8); free requires (memory_load8_le(mem, 69634bv64) == 0bv8); diff --git a/src/test/correct/syscall/gcc_no_plt_no_pic/syscall.expected b/src/test/correct/syscall/gcc_no_plt_no_pic/syscall.expected index cdd9a9d82..7052244b3 100644 --- a/src/test/correct/syscall/gcc_no_plt_no_pic/syscall.expected +++ b/src/test/correct/syscall/gcc_no_plt_no_pic/syscall.expected @@ -57,7 +57,7 @@ function memory_store64_le(memory: [bv64]bv8, index: bv64, value: bv64) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1932bv64) == 1bv8); @@ -98,7 +98,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -109,10 +109,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure fork(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 1932bv64) == 1bv8); free requires (memory_load8_le(mem, 1933bv64) == 0bv8); free requires (memory_load8_le(mem, 1934bv64) == 2bv8); @@ -187,7 +187,7 @@ procedure fork(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure main() - modifies Gamma_R0, Gamma_R16, Gamma_R17, Gamma_R29, Gamma_R30, Gamma_R31, Gamma_mem, Gamma_stack, R0, R16, R17, R29, R30, R31, mem, stack; + modifies Gamma_R0, Gamma_R16, Gamma_R17, Gamma_R29, Gamma_R30, Gamma_R31, Gamma_stack, R0, R16, R17, R29, R30, R31, stack; free requires (memory_load8_le(mem, 69632bv64) == 0bv8); free requires (memory_load8_le(mem, 69633bv64) == 0bv8); free requires (memory_load8_le(mem, 69634bv64) == 0bv8); diff --git a/src/test/correct/syscall/gcc_pic/syscall.expected b/src/test/correct/syscall/gcc_pic/syscall.expected index cdd9a9d82..7052244b3 100644 --- a/src/test/correct/syscall/gcc_pic/syscall.expected +++ b/src/test/correct/syscall/gcc_pic/syscall.expected @@ -57,7 +57,7 @@ function memory_store64_le(memory: [bv64]bv8, index: bv64, value: bv64) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1932bv64) == 1bv8); @@ -98,7 +98,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -109,10 +109,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure fork(); - modifies Gamma_R16, Gamma_R17, Gamma_mem, R16, R17, mem; + modifies Gamma_R16, Gamma_R17, R16, R17; free requires (memory_load8_le(mem, 1932bv64) == 1bv8); free requires (memory_load8_le(mem, 1933bv64) == 0bv8); free requires (memory_load8_le(mem, 1934bv64) == 2bv8); @@ -187,7 +187,7 @@ procedure fork(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure main() - modifies Gamma_R0, Gamma_R16, Gamma_R17, Gamma_R29, Gamma_R30, Gamma_R31, Gamma_mem, Gamma_stack, R0, R16, R17, R29, R30, R31, mem, stack; + modifies Gamma_R0, Gamma_R16, Gamma_R17, Gamma_R29, Gamma_R30, Gamma_R31, Gamma_stack, R0, R16, R17, R29, R30, R31, stack; free requires (memory_load8_le(mem, 69632bv64) == 0bv8); free requires (memory_load8_le(mem, 69633bv64) == 0bv8); free requires (memory_load8_le(mem, 69634bv64) == 0bv8); diff --git a/src/test/correct/using_gamma_conditional/clang/using_gamma_conditional.expected b/src/test/correct/using_gamma_conditional/clang/using_gamma_conditional.expected index 5b008c24d..f4d0f8017 100644 --- a/src/test/correct/using_gamma_conditional/clang/using_gamma_conditional.expected +++ b/src/test/correct/using_gamma_conditional/clang/using_gamma_conditional.expected @@ -47,7 +47,7 @@ function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 1"} zero_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (old(gamma_load32(Gamma_mem, $x_addr)) ==> gamma_load32(Gamma_mem, $x_addr)); free ensures (memory_load8_le(mem, 1896bv64) == 1bv8); @@ -88,7 +88,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (old(gamma_load32(Gamma_mem, $x_addr)) ==> gamma_load32(Gamma_mem, $x_addr)); { call rely(); @@ -101,7 +101,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert ((memory_load32_le(mem, $x_addr) == memory_load32_le(mem, $x_addr)) && (memory_load32_le(mem, $z_addr) == memory_load32_le(mem, $z_addr))); } diff --git a/src/test/correct/using_gamma_conditional/clang_O2/using_gamma_conditional.expected b/src/test/correct/using_gamma_conditional/clang_O2/using_gamma_conditional.expected index f568c866d..f162af5da 100644 --- a/src/test/correct/using_gamma_conditional/clang_O2/using_gamma_conditional.expected +++ b/src/test/correct/using_gamma_conditional/clang_O2/using_gamma_conditional.expected @@ -35,7 +35,7 @@ function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 1"} zero_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (old(gamma_load32(Gamma_mem, $x_addr)) ==> gamma_load32(Gamma_mem, $x_addr)); free ensures (memory_load8_le(mem, 1852bv64) == 1bv8); @@ -76,7 +76,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (old(gamma_load32(Gamma_mem, $x_addr)) ==> gamma_load32(Gamma_mem, $x_addr)); { call rely(); @@ -89,7 +89,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert ((memory_load32_le(mem, $x_addr) == memory_load32_le(mem, $x_addr)) && (memory_load32_le(mem, $z_addr) == memory_load32_le(mem, $z_addr))); } diff --git a/src/test/correct/using_gamma_conditional/clang_no_plt_no_pic/using_gamma_conditional.expected b/src/test/correct/using_gamma_conditional/clang_no_plt_no_pic/using_gamma_conditional.expected index eb69439f6..0bb52e57a 100644 --- a/src/test/correct/using_gamma_conditional/clang_no_plt_no_pic/using_gamma_conditional.expected +++ b/src/test/correct/using_gamma_conditional/clang_no_plt_no_pic/using_gamma_conditional.expected @@ -47,7 +47,7 @@ function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 1"} zero_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (old(gamma_load32(Gamma_mem, $x_addr)) ==> gamma_load32(Gamma_mem, $x_addr)); free ensures (memory_load8_le(mem, 1896bv64) == 1bv8); @@ -88,7 +88,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (old(gamma_load32(Gamma_mem, $x_addr)) ==> gamma_load32(Gamma_mem, $x_addr)); { call rely(); @@ -101,7 +101,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert ((memory_load32_le(mem, $x_addr) == memory_load32_le(mem, $x_addr)) && (memory_load32_le(mem, $z_addr) == memory_load32_le(mem, $z_addr))); } diff --git a/src/test/correct/using_gamma_conditional/clang_pic/using_gamma_conditional.expected b/src/test/correct/using_gamma_conditional/clang_pic/using_gamma_conditional.expected index 74bfcd658..c741aa67b 100644 --- a/src/test/correct/using_gamma_conditional/clang_pic/using_gamma_conditional.expected +++ b/src/test/correct/using_gamma_conditional/clang_pic/using_gamma_conditional.expected @@ -55,7 +55,7 @@ function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 1"} zero_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (old(gamma_load32(Gamma_mem, $x_addr)) ==> gamma_load32(Gamma_mem, $x_addr)); free ensures (memory_load8_le(mem, 1964bv64) == 1bv8); @@ -104,7 +104,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69599bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (old(gamma_load32(Gamma_mem, $x_addr)) ==> gamma_load32(Gamma_mem, $x_addr)); { call rely(); @@ -117,7 +117,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert ((memory_load32_le(mem, $x_addr) == memory_load32_le(mem, $x_addr)) && (memory_load32_le(mem, $z_addr) == memory_load32_le(mem, $z_addr))); } diff --git a/src/test/correct/using_gamma_conditional/gcc/using_gamma_conditional.expected b/src/test/correct/using_gamma_conditional/gcc/using_gamma_conditional.expected index 0de09a0ea..df1a346eb 100644 --- a/src/test/correct/using_gamma_conditional/gcc/using_gamma_conditional.expected +++ b/src/test/correct/using_gamma_conditional/gcc/using_gamma_conditional.expected @@ -33,7 +33,7 @@ function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 1"} zero_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (old(gamma_load32(Gamma_mem, $x_addr)) ==> gamma_load32(Gamma_mem, $x_addr)); free ensures (memory_load8_le(mem, 1868bv64) == 1bv8); @@ -74,7 +74,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (old(gamma_load32(Gamma_mem, $x_addr)) ==> gamma_load32(Gamma_mem, $x_addr)); { call rely(); @@ -87,7 +87,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert ((memory_load32_le(mem, $x_addr) == memory_load32_le(mem, $x_addr)) && (memory_load32_le(mem, $z_addr) == memory_load32_le(mem, $z_addr))); } diff --git a/src/test/correct/using_gamma_conditional/gcc_O2/using_gamma_conditional.expected b/src/test/correct/using_gamma_conditional/gcc_O2/using_gamma_conditional.expected index bf3bfe473..1991c20a8 100644 --- a/src/test/correct/using_gamma_conditional/gcc_O2/using_gamma_conditional.expected +++ b/src/test/correct/using_gamma_conditional/gcc_O2/using_gamma_conditional.expected @@ -33,7 +33,7 @@ function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 1"} zero_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (old(gamma_load32(Gamma_mem, $x_addr)) ==> gamma_load32(Gamma_mem, $x_addr)); free ensures (memory_load8_le(mem, 1896bv64) == 1bv8); @@ -74,7 +74,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (old(gamma_load32(Gamma_mem, $x_addr)) ==> gamma_load32(Gamma_mem, $x_addr)); { call rely(); @@ -87,7 +87,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert ((memory_load32_le(mem, $x_addr) == memory_load32_le(mem, $x_addr)) && (memory_load32_le(mem, $z_addr) == memory_load32_le(mem, $z_addr))); } diff --git a/src/test/correct/using_gamma_conditional/gcc_no_plt_no_pic/using_gamma_conditional.expected b/src/test/correct/using_gamma_conditional/gcc_no_plt_no_pic/using_gamma_conditional.expected index b46f514be..8d6ed7a5a 100644 --- a/src/test/correct/using_gamma_conditional/gcc_no_plt_no_pic/using_gamma_conditional.expected +++ b/src/test/correct/using_gamma_conditional/gcc_no_plt_no_pic/using_gamma_conditional.expected @@ -33,7 +33,7 @@ function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 1"} zero_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (old(gamma_load32(Gamma_mem, $x_addr)) ==> gamma_load32(Gamma_mem, $x_addr)); free ensures (memory_load8_le(mem, 1868bv64) == 1bv8); @@ -74,7 +74,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (old(gamma_load32(Gamma_mem, $x_addr)) ==> gamma_load32(Gamma_mem, $x_addr)); { call rely(); @@ -87,7 +87,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert ((memory_load32_le(mem, $x_addr) == memory_load32_le(mem, $x_addr)) && (memory_load32_le(mem, $z_addr) == memory_load32_le(mem, $z_addr))); } diff --git a/src/test/correct/using_gamma_conditional/gcc_pic/using_gamma_conditional.expected b/src/test/correct/using_gamma_conditional/gcc_pic/using_gamma_conditional.expected index 8e7c0654a..cf6db78d2 100644 --- a/src/test/correct/using_gamma_conditional/gcc_pic/using_gamma_conditional.expected +++ b/src/test/correct/using_gamma_conditional/gcc_pic/using_gamma_conditional.expected @@ -41,7 +41,7 @@ function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 1"} zero_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (old(gamma_load32(Gamma_mem, $x_addr)) ==> gamma_load32(Gamma_mem, $x_addr)); free ensures (memory_load8_le(mem, 1932bv64) == 1bv8); @@ -90,7 +90,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69015bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (old(gamma_load32(Gamma_mem, $x_addr)) ==> gamma_load32(Gamma_mem, $x_addr)); { call rely(); @@ -103,7 +103,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert ((memory_load32_le(mem, $x_addr) == memory_load32_le(mem, $x_addr)) && (memory_load32_le(mem, $z_addr) == memory_load32_le(mem, $z_addr))); } diff --git a/src/test/correct/using_gamma_write_z/clang/using_gamma_write_z.expected b/src/test/correct/using_gamma_write_z/clang/using_gamma_write_z.expected index ac3f77620..9a38996b7 100644 --- a/src/test/correct/using_gamma_write_z/clang/using_gamma_write_z.expected +++ b/src/test/correct/using_gamma_write_z/clang/using_gamma_write_z.expected @@ -36,7 +36,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures ((old(memory_load32_le(mem, $x_addr)) == memory_load32_le(mem, $x_addr)) && (old(memory_load32_le(mem, $z_addr)) == memory_load32_le(mem, $z_addr))); free ensures (memory_load8_le(mem, 1852bv64) == 1bv8); @@ -77,7 +77,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures ((old(memory_load32_le(mem, $x_addr)) == memory_load32_le(mem, $x_addr)) && (old(memory_load32_le(mem, $z_addr)) == memory_load32_le(mem, $z_addr))); { call rely(); @@ -90,7 +90,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert (gamma_load32(Gamma_mem, $x_addr) ==> gamma_load32(Gamma_mem, $x_addr)); } diff --git a/src/test/correct/using_gamma_write_z/clang_O2/using_gamma_write_z.expected b/src/test/correct/using_gamma_write_z/clang_O2/using_gamma_write_z.expected index 952c8d950..fddf32d04 100644 --- a/src/test/correct/using_gamma_write_z/clang_O2/using_gamma_write_z.expected +++ b/src/test/correct/using_gamma_write_z/clang_O2/using_gamma_write_z.expected @@ -36,7 +36,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures ((old(memory_load32_le(mem, $x_addr)) == memory_load32_le(mem, $x_addr)) && (old(memory_load32_le(mem, $z_addr)) == memory_load32_le(mem, $z_addr))); free ensures (memory_load8_le(mem, 1852bv64) == 1bv8); @@ -77,7 +77,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures ((old(memory_load32_le(mem, $x_addr)) == memory_load32_le(mem, $x_addr)) && (old(memory_load32_le(mem, $z_addr)) == memory_load32_le(mem, $z_addr))); { call rely(); @@ -90,7 +90,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert (gamma_load32(Gamma_mem, $x_addr) ==> gamma_load32(Gamma_mem, $x_addr)); } diff --git a/src/test/correct/using_gamma_write_z/clang_no_plt_no_pic/using_gamma_write_z.expected b/src/test/correct/using_gamma_write_z/clang_no_plt_no_pic/using_gamma_write_z.expected index ac3f77620..9a38996b7 100644 --- a/src/test/correct/using_gamma_write_z/clang_no_plt_no_pic/using_gamma_write_z.expected +++ b/src/test/correct/using_gamma_write_z/clang_no_plt_no_pic/using_gamma_write_z.expected @@ -36,7 +36,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures ((old(memory_load32_le(mem, $x_addr)) == memory_load32_le(mem, $x_addr)) && (old(memory_load32_le(mem, $z_addr)) == memory_load32_le(mem, $z_addr))); free ensures (memory_load8_le(mem, 1852bv64) == 1bv8); @@ -77,7 +77,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures ((old(memory_load32_le(mem, $x_addr)) == memory_load32_le(mem, $x_addr)) && (old(memory_load32_le(mem, $z_addr)) == memory_load32_le(mem, $z_addr))); { call rely(); @@ -90,7 +90,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert (gamma_load32(Gamma_mem, $x_addr) ==> gamma_load32(Gamma_mem, $x_addr)); } diff --git a/src/test/correct/using_gamma_write_z/clang_pic/using_gamma_write_z.expected b/src/test/correct/using_gamma_write_z/clang_pic/using_gamma_write_z.expected index 53d4cd76a..bf7fd1eb8 100644 --- a/src/test/correct/using_gamma_write_z/clang_pic/using_gamma_write_z.expected +++ b/src/test/correct/using_gamma_write_z/clang_pic/using_gamma_write_z.expected @@ -44,7 +44,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures ((old(memory_load32_le(mem, $x_addr)) == memory_load32_le(mem, $x_addr)) && (old(memory_load32_le(mem, $z_addr)) == memory_load32_le(mem, $z_addr))); free ensures (memory_load8_le(mem, 1920bv64) == 1bv8); @@ -93,7 +93,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69599bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures ((old(memory_load32_le(mem, $x_addr)) == memory_load32_le(mem, $x_addr)) && (old(memory_load32_le(mem, $z_addr)) == memory_load32_le(mem, $z_addr))); { call rely(); @@ -106,7 +106,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert (gamma_load32(Gamma_mem, $x_addr) ==> gamma_load32(Gamma_mem, $x_addr)); } diff --git a/src/test/correct/using_gamma_write_z/gcc/using_gamma_write_z.expected b/src/test/correct/using_gamma_write_z/gcc/using_gamma_write_z.expected index e354303ef..d16cac0c0 100644 --- a/src/test/correct/using_gamma_write_z/gcc/using_gamma_write_z.expected +++ b/src/test/correct/using_gamma_write_z/gcc/using_gamma_write_z.expected @@ -34,7 +34,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures ((old(memory_load32_le(mem, $x_addr)) == memory_load32_le(mem, $x_addr)) && (old(memory_load32_le(mem, $z_addr)) == memory_load32_le(mem, $z_addr))); free ensures (memory_load8_le(mem, 1856bv64) == 1bv8); @@ -75,7 +75,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures ((old(memory_load32_le(mem, $x_addr)) == memory_load32_le(mem, $x_addr)) && (old(memory_load32_le(mem, $z_addr)) == memory_load32_le(mem, $z_addr))); { call rely(); @@ -88,7 +88,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert (gamma_load32(Gamma_mem, $x_addr) ==> gamma_load32(Gamma_mem, $x_addr)); } diff --git a/src/test/correct/using_gamma_write_z/gcc_O2/using_gamma_write_z.expected b/src/test/correct/using_gamma_write_z/gcc_O2/using_gamma_write_z.expected index 2fcf4f75e..c261dfc76 100644 --- a/src/test/correct/using_gamma_write_z/gcc_O2/using_gamma_write_z.expected +++ b/src/test/correct/using_gamma_write_z/gcc_O2/using_gamma_write_z.expected @@ -36,7 +36,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures ((old(memory_load32_le(mem, $x_addr)) == memory_load32_le(mem, $x_addr)) && (old(memory_load32_le(mem, $z_addr)) == memory_load32_le(mem, $z_addr))); free ensures (memory_load8_le(mem, 1896bv64) == 1bv8); @@ -77,7 +77,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures ((old(memory_load32_le(mem, $x_addr)) == memory_load32_le(mem, $x_addr)) && (old(memory_load32_le(mem, $z_addr)) == memory_load32_le(mem, $z_addr))); { call rely(); @@ -90,7 +90,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert (gamma_load32(Gamma_mem, $x_addr) ==> gamma_load32(Gamma_mem, $x_addr)); } diff --git a/src/test/correct/using_gamma_write_z/gcc_no_plt_no_pic/using_gamma_write_z.expected b/src/test/correct/using_gamma_write_z/gcc_no_plt_no_pic/using_gamma_write_z.expected index e354303ef..d16cac0c0 100644 --- a/src/test/correct/using_gamma_write_z/gcc_no_plt_no_pic/using_gamma_write_z.expected +++ b/src/test/correct/using_gamma_write_z/gcc_no_plt_no_pic/using_gamma_write_z.expected @@ -34,7 +34,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures ((old(memory_load32_le(mem, $x_addr)) == memory_load32_le(mem, $x_addr)) && (old(memory_load32_le(mem, $z_addr)) == memory_load32_le(mem, $z_addr))); free ensures (memory_load8_le(mem, 1856bv64) == 1bv8); @@ -75,7 +75,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures ((old(memory_load32_le(mem, $x_addr)) == memory_load32_le(mem, $x_addr)) && (old(memory_load32_le(mem, $z_addr)) == memory_load32_le(mem, $z_addr))); { call rely(); @@ -88,7 +88,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert (gamma_load32(Gamma_mem, $x_addr) ==> gamma_load32(Gamma_mem, $x_addr)); } diff --git a/src/test/correct/using_gamma_write_z/gcc_pic/using_gamma_write_z.expected b/src/test/correct/using_gamma_write_z/gcc_pic/using_gamma_write_z.expected index b2a387c52..0346aadea 100644 --- a/src/test/correct/using_gamma_write_z/gcc_pic/using_gamma_write_z.expected +++ b/src/test/correct/using_gamma_write_z/gcc_pic/using_gamma_write_z.expected @@ -42,7 +42,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures ((old(memory_load32_le(mem, $x_addr)) == memory_load32_le(mem, $x_addr)) && (old(memory_load32_le(mem, $z_addr)) == memory_load32_le(mem, $z_addr))); free ensures (memory_load8_le(mem, 1920bv64) == 1bv8); @@ -91,7 +91,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69015bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures ((old(memory_load32_le(mem, $x_addr)) == memory_load32_le(mem, $x_addr)) && (old(memory_load32_le(mem, $z_addr)) == memory_load32_le(mem, $z_addr))); { call rely(); @@ -104,7 +104,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; { assert (gamma_load32(Gamma_mem, $x_addr) ==> gamma_load32(Gamma_mem, $x_addr)); } diff --git a/src/test/incorrect/basicassign/clang/basicassign.expected b/src/test/incorrect/basicassign/clang/basicassign.expected index 364d91362..3898c9ef8 100644 --- a/src/test/incorrect/basicassign/clang/basicassign.expected +++ b/src/test/incorrect/basicassign/clang/basicassign.expected @@ -43,7 +43,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))); free ensures (memory_load8_le(mem, 1888bv64) == 1bv8); @@ -84,7 +84,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))); { call rely(); @@ -97,7 +97,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() modifies Gamma_R0, Gamma_R10, Gamma_R11, Gamma_R8, Gamma_R9, Gamma_mem, R0, R10, R11, R8, R9, mem; diff --git a/src/test/incorrect/basicassign/clang_O2/basicassign.expected b/src/test/incorrect/basicassign/clang_O2/basicassign.expected index bb4eb3d9a..bb9e905d2 100644 --- a/src/test/incorrect/basicassign/clang_O2/basicassign.expected +++ b/src/test/incorrect/basicassign/clang_O2/basicassign.expected @@ -41,7 +41,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))); free ensures (memory_load8_le(mem, 1864bv64) == 1bv8); @@ -82,7 +82,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))); { call rely(); @@ -95,7 +95,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() modifies Gamma_R0, Gamma_R10, Gamma_R8, Gamma_R9, Gamma_mem, R0, R10, R8, R9, mem; diff --git a/src/test/incorrect/basicassign/clang_no_plt_no_pic/basicassign.expected b/src/test/incorrect/basicassign/clang_no_plt_no_pic/basicassign.expected index 364d91362..3898c9ef8 100644 --- a/src/test/incorrect/basicassign/clang_no_plt_no_pic/basicassign.expected +++ b/src/test/incorrect/basicassign/clang_no_plt_no_pic/basicassign.expected @@ -43,7 +43,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))); free ensures (memory_load8_le(mem, 1888bv64) == 1bv8); @@ -84,7 +84,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))); { call rely(); @@ -97,7 +97,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() modifies Gamma_R0, Gamma_R10, Gamma_R11, Gamma_R8, Gamma_R9, Gamma_mem, R0, R10, R11, R8, R9, mem; diff --git a/src/test/incorrect/basicassign/clang_pic/basicassign.expected b/src/test/incorrect/basicassign/clang_pic/basicassign.expected index 71a0e858c..5a362163e 100644 --- a/src/test/incorrect/basicassign/clang_pic/basicassign.expected +++ b/src/test/incorrect/basicassign/clang_pic/basicassign.expected @@ -51,7 +51,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))); free ensures (memory_load8_le(mem, 1964bv64) == 1bv8); @@ -116,7 +116,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69567bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))); { call rely(); @@ -129,7 +129,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() modifies Gamma_R0, Gamma_R10, Gamma_R11, Gamma_R8, Gamma_R9, Gamma_mem, R0, R10, R11, R8, R9, mem; diff --git a/src/test/incorrect/basicassign/gcc/basicassign.expected b/src/test/incorrect/basicassign/gcc/basicassign.expected index de871ba48..b184d930c 100644 --- a/src/test/incorrect/basicassign/gcc/basicassign.expected +++ b/src/test/incorrect/basicassign/gcc/basicassign.expected @@ -37,7 +37,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))); free ensures (memory_load8_le(mem, 1948bv64) == 1bv8); @@ -78,7 +78,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))); { call rely(); @@ -91,7 +91,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() modifies Gamma_R0, Gamma_R1, Gamma_mem, R0, R1, mem; diff --git a/src/test/incorrect/basicassign/gcc_O2/basicassign.expected b/src/test/incorrect/basicassign/gcc_O2/basicassign.expected index 28d12c1b4..d19045adc 100644 --- a/src/test/incorrect/basicassign/gcc_O2/basicassign.expected +++ b/src/test/incorrect/basicassign/gcc_O2/basicassign.expected @@ -39,7 +39,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))); free ensures (memory_load8_le(mem, 1896bv64) == 1bv8); @@ -80,7 +80,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))); { call rely(); @@ -93,7 +93,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() modifies Gamma_R0, Gamma_R1, Gamma_R2, Gamma_mem, R0, R1, R2, mem; diff --git a/src/test/incorrect/basicassign/gcc_no_plt_no_pic/basicassign.expected b/src/test/incorrect/basicassign/gcc_no_plt_no_pic/basicassign.expected index de871ba48..b184d930c 100644 --- a/src/test/incorrect/basicassign/gcc_no_plt_no_pic/basicassign.expected +++ b/src/test/incorrect/basicassign/gcc_no_plt_no_pic/basicassign.expected @@ -37,7 +37,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))); free ensures (memory_load8_le(mem, 1948bv64) == 1bv8); @@ -78,7 +78,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))); { call rely(); @@ -91,7 +91,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() modifies Gamma_R0, Gamma_R1, Gamma_mem, R0, R1, mem; diff --git a/src/test/incorrect/basicassign/gcc_pic/basicassign.expected b/src/test/incorrect/basicassign/gcc_pic/basicassign.expected index 79bb40b05..16ae5f224 100644 --- a/src/test/incorrect/basicassign/gcc_pic/basicassign.expected +++ b/src/test/incorrect/basicassign/gcc_pic/basicassign.expected @@ -45,7 +45,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (forall i: bv64 :: (((mem[i] == old(mem[i])) ==> (Gamma_mem[i] == old(Gamma_mem[i]))))); ensures (memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))); free ensures (memory_load8_le(mem, 2012bv64) == 1bv8); @@ -110,7 +110,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 68999bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (memory_load32_le(mem, $x_addr) == old(memory_load32_le(mem, $x_addr))); { call rely(); @@ -123,7 +123,7 @@ procedure rely_reflexive() } procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() modifies Gamma_R0, Gamma_R1, Gamma_mem, R0, R1, mem; diff --git a/src/test/incorrect/basicassign1/clang/basicassign1.expected b/src/test/incorrect/basicassign1/clang/basicassign1.expected index e058eecde..49af47157 100644 --- a/src/test/incorrect/basicassign1/clang/basicassign1.expected +++ b/src/test/incorrect/basicassign1/clang/basicassign1.expected @@ -41,7 +41,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1892bv64) == 1bv8); @@ -82,7 +82,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -93,7 +93,7 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() modifies Gamma_R0, Gamma_R10, Gamma_R31, Gamma_R8, Gamma_R9, Gamma_mem, Gamma_stack, R0, R10, R31, R8, R9, mem, stack; diff --git a/src/test/incorrect/basicassign1/clang_O2/basicassign1.expected b/src/test/incorrect/basicassign1/clang_O2/basicassign1.expected index f6932bd3a..246156a06 100644 --- a/src/test/incorrect/basicassign1/clang_O2/basicassign1.expected +++ b/src/test/incorrect/basicassign1/clang_O2/basicassign1.expected @@ -35,7 +35,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1856bv64) == 1bv8); @@ -76,7 +76,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -87,7 +87,7 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() modifies Gamma_R0, Gamma_R8, Gamma_R9, Gamma_mem, R0, R8, R9, mem; diff --git a/src/test/incorrect/basicassign1/clang_no_plt_no_pic/basicassign1.expected b/src/test/incorrect/basicassign1/clang_no_plt_no_pic/basicassign1.expected index e058eecde..49af47157 100644 --- a/src/test/incorrect/basicassign1/clang_no_plt_no_pic/basicassign1.expected +++ b/src/test/incorrect/basicassign1/clang_no_plt_no_pic/basicassign1.expected @@ -41,7 +41,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1892bv64) == 1bv8); @@ -82,7 +82,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -93,7 +93,7 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() modifies Gamma_R0, Gamma_R10, Gamma_R31, Gamma_R8, Gamma_R9, Gamma_mem, Gamma_stack, R0, R10, R31, R8, R9, mem, stack; diff --git a/src/test/incorrect/basicassign1/clang_pic/basicassign1.expected b/src/test/incorrect/basicassign1/clang_pic/basicassign1.expected index 92354b2e4..2e0678777 100644 --- a/src/test/incorrect/basicassign1/clang_pic/basicassign1.expected +++ b/src/test/incorrect/basicassign1/clang_pic/basicassign1.expected @@ -49,7 +49,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1964bv64) == 1bv8); @@ -106,7 +106,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69063bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -117,7 +117,7 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() modifies Gamma_R0, Gamma_R10, Gamma_R31, Gamma_R8, Gamma_R9, Gamma_mem, Gamma_stack, R0, R10, R31, R8, R9, mem, stack; diff --git a/src/test/incorrect/basicassign1/gcc/basicassign1.expected b/src/test/incorrect/basicassign1/gcc/basicassign1.expected index 968f93829..aeb65fedd 100644 --- a/src/test/incorrect/basicassign1/gcc/basicassign1.expected +++ b/src/test/incorrect/basicassign1/gcc/basicassign1.expected @@ -37,7 +37,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1916bv64) == 1bv8); @@ -78,7 +78,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -89,7 +89,7 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() modifies Gamma_R0, Gamma_R1, Gamma_R31, Gamma_mem, Gamma_stack, R0, R1, R31, mem, stack; diff --git a/src/test/incorrect/basicassign1/gcc_O2/basicassign1.expected b/src/test/incorrect/basicassign1/gcc_O2/basicassign1.expected index a8413ff7c..d3391fd0a 100644 --- a/src/test/incorrect/basicassign1/gcc_O2/basicassign1.expected +++ b/src/test/incorrect/basicassign1/gcc_O2/basicassign1.expected @@ -35,7 +35,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1896bv64) == 1bv8); @@ -76,7 +76,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -87,7 +87,7 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() modifies Gamma_R0, Gamma_R1, Gamma_R2, Gamma_mem, R0, R1, R2, mem; diff --git a/src/test/incorrect/basicassign1/gcc_no_plt_no_pic/basicassign1.expected b/src/test/incorrect/basicassign1/gcc_no_plt_no_pic/basicassign1.expected index 968f93829..aeb65fedd 100644 --- a/src/test/incorrect/basicassign1/gcc_no_plt_no_pic/basicassign1.expected +++ b/src/test/incorrect/basicassign1/gcc_no_plt_no_pic/basicassign1.expected @@ -37,7 +37,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1916bv64) == 1bv8); @@ -78,7 +78,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -89,7 +89,7 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() modifies Gamma_R0, Gamma_R1, Gamma_R31, Gamma_mem, Gamma_stack, R0, R1, R31, mem, stack; diff --git a/src/test/incorrect/basicassign1/gcc_pic/basicassign1.expected b/src/test/incorrect/basicassign1/gcc_pic/basicassign1.expected index 415a1ddd8..d39d48df5 100644 --- a/src/test/incorrect/basicassign1/gcc_pic/basicassign1.expected +++ b/src/test/incorrect/basicassign1/gcc_pic/basicassign1.expected @@ -45,7 +45,7 @@ function memory_store32_le(memory: [bv64]bv8, index: bv64, value: bv32) returns function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1980bv64) == 1bv8); @@ -102,7 +102,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69007bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -113,7 +113,7 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() modifies Gamma_R0, Gamma_R1, Gamma_R31, Gamma_mem, Gamma_stack, R0, R1, R31, mem, stack; diff --git a/src/test/incorrect/basicassign2/clang/basicassign2.expected b/src/test/incorrect/basicassign2/clang/basicassign2.expected index 76f4c4e01..eac88ceeb 100644 --- a/src/test/incorrect/basicassign2/clang/basicassign2.expected +++ b/src/test/incorrect/basicassign2/clang/basicassign2.expected @@ -42,7 +42,7 @@ function memory_store64_le(memory: [bv64]bv8, index: bv64, value: bv64) returns } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1892bv64) == 1bv8); @@ -83,7 +83,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -94,7 +94,7 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() modifies Gamma_R0, Gamma_R10, Gamma_R31, Gamma_R8, Gamma_R9, Gamma_mem, Gamma_stack, R0, R10, R31, R8, R9, mem, stack; diff --git a/src/test/incorrect/basicassign2/clang_O2/basicassign2.expected b/src/test/incorrect/basicassign2/clang_O2/basicassign2.expected index 44a60d5f4..8cc16eaf9 100644 --- a/src/test/incorrect/basicassign2/clang_O2/basicassign2.expected +++ b/src/test/incorrect/basicassign2/clang_O2/basicassign2.expected @@ -36,7 +36,7 @@ function memory_store64_le(memory: [bv64]bv8, index: bv64, value: bv64) returns } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1856bv64) == 1bv8); @@ -77,7 +77,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -88,7 +88,7 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() modifies Gamma_R0, Gamma_R8, Gamma_R9, Gamma_mem, R0, R8, R9, mem; diff --git a/src/test/incorrect/basicassign2/clang_no_plt_no_pic/basicassign2.expected b/src/test/incorrect/basicassign2/clang_no_plt_no_pic/basicassign2.expected index 76f4c4e01..eac88ceeb 100644 --- a/src/test/incorrect/basicassign2/clang_no_plt_no_pic/basicassign2.expected +++ b/src/test/incorrect/basicassign2/clang_no_plt_no_pic/basicassign2.expected @@ -42,7 +42,7 @@ function memory_store64_le(memory: [bv64]bv8, index: bv64, value: bv64) returns } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1892bv64) == 1bv8); @@ -83,7 +83,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -94,7 +94,7 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() modifies Gamma_R0, Gamma_R10, Gamma_R31, Gamma_R8, Gamma_R9, Gamma_mem, Gamma_stack, R0, R10, R31, R8, R9, mem, stack; diff --git a/src/test/incorrect/basicassign2/clang_pic/basicassign2.expected b/src/test/incorrect/basicassign2/clang_pic/basicassign2.expected index d329a8861..1b5fddca4 100644 --- a/src/test/incorrect/basicassign2/clang_pic/basicassign2.expected +++ b/src/test/incorrect/basicassign2/clang_pic/basicassign2.expected @@ -42,7 +42,7 @@ function memory_store64_le(memory: [bv64]bv8, index: bv64, value: bv64) returns } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1964bv64) == 1bv8); @@ -99,7 +99,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69063bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -110,7 +110,7 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() modifies Gamma_R0, Gamma_R10, Gamma_R31, Gamma_R8, Gamma_R9, Gamma_mem, Gamma_stack, R0, R10, R31, R8, R9, mem, stack; diff --git a/src/test/incorrect/basicassign2/gcc/basicassign2.expected b/src/test/incorrect/basicassign2/gcc/basicassign2.expected index 2e369d6f3..1800cc14a 100644 --- a/src/test/incorrect/basicassign2/gcc/basicassign2.expected +++ b/src/test/incorrect/basicassign2/gcc/basicassign2.expected @@ -38,7 +38,7 @@ function memory_store64_le(memory: [bv64]bv8, index: bv64, value: bv64) returns } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1916bv64) == 1bv8); @@ -79,7 +79,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -90,7 +90,7 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() modifies Gamma_R0, Gamma_R1, Gamma_R31, Gamma_mem, Gamma_stack, R0, R1, R31, mem, stack; diff --git a/src/test/incorrect/basicassign2/gcc_O2/basicassign2.expected b/src/test/incorrect/basicassign2/gcc_O2/basicassign2.expected index 94d7f8efb..9162add37 100644 --- a/src/test/incorrect/basicassign2/gcc_O2/basicassign2.expected +++ b/src/test/incorrect/basicassign2/gcc_O2/basicassign2.expected @@ -36,7 +36,7 @@ function memory_store64_le(memory: [bv64]bv8, index: bv64, value: bv64) returns } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1896bv64) == 1bv8); @@ -77,7 +77,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -88,7 +88,7 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() modifies Gamma_R0, Gamma_R1, Gamma_R2, Gamma_mem, R0, R1, R2, mem; diff --git a/src/test/incorrect/basicassign2/gcc_no_plt_no_pic/basicassign2.expected b/src/test/incorrect/basicassign2/gcc_no_plt_no_pic/basicassign2.expected index 2e369d6f3..1800cc14a 100644 --- a/src/test/incorrect/basicassign2/gcc_no_plt_no_pic/basicassign2.expected +++ b/src/test/incorrect/basicassign2/gcc_no_plt_no_pic/basicassign2.expected @@ -38,7 +38,7 @@ function memory_store64_le(memory: [bv64]bv8, index: bv64, value: bv64) returns } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1916bv64) == 1bv8); @@ -79,7 +79,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -90,7 +90,7 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() modifies Gamma_R0, Gamma_R1, Gamma_R31, Gamma_mem, Gamma_stack, R0, R1, R31, mem, stack; diff --git a/src/test/incorrect/basicassign2/gcc_pic/basicassign2.expected b/src/test/incorrect/basicassign2/gcc_pic/basicassign2.expected index b6fa1d3cf..d0af0ffe0 100644 --- a/src/test/incorrect/basicassign2/gcc_pic/basicassign2.expected +++ b/src/test/incorrect/basicassign2/gcc_pic/basicassign2.expected @@ -38,7 +38,7 @@ function memory_store64_le(memory: [bv64]bv8, index: bv64, value: bv64) returns } procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1980bv64) == 1bv8); @@ -95,7 +95,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69007bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -106,7 +106,7 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() modifies Gamma_R0, Gamma_R1, Gamma_R31, Gamma_mem, Gamma_stack, R0, R1, R31, mem, stack; diff --git a/src/test/incorrect/basicassign3/clang/basicassign3.expected b/src/test/incorrect/basicassign3/clang/basicassign3.expected index 9e5c80aaf..3fe3c6e69 100644 --- a/src/test/incorrect/basicassign3/clang/basicassign3.expected +++ b/src/test/incorrect/basicassign3/clang/basicassign3.expected @@ -39,7 +39,7 @@ function memory_store8_le(memory: [bv64]bv8, index: bv64, value: bv8) returns ([ function {:bvbuiltin "zero_extend 56"} zero_extend56_8(bv8) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1892bv64) == 1bv8); @@ -80,7 +80,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -91,7 +91,7 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() modifies Gamma_R0, Gamma_R10, Gamma_R31, Gamma_R8, Gamma_R9, Gamma_mem, Gamma_stack, R0, R10, R31, R8, R9, mem, stack; diff --git a/src/test/incorrect/basicassign3/clang_O2/basicassign3.expected b/src/test/incorrect/basicassign3/clang_O2/basicassign3.expected index 5617d7ab5..0374fa6a8 100644 --- a/src/test/incorrect/basicassign3/clang_O2/basicassign3.expected +++ b/src/test/incorrect/basicassign3/clang_O2/basicassign3.expected @@ -33,7 +33,7 @@ function memory_store8_le(memory: [bv64]bv8, index: bv64, value: bv8) returns ([ function {:bvbuiltin "zero_extend 56"} zero_extend56_8(bv8) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1856bv64) == 1bv8); @@ -74,7 +74,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -85,7 +85,7 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() modifies Gamma_R0, Gamma_R8, Gamma_R9, Gamma_mem, R0, R8, R9, mem; diff --git a/src/test/incorrect/basicassign3/clang_no_plt_no_pic/basicassign3.expected b/src/test/incorrect/basicassign3/clang_no_plt_no_pic/basicassign3.expected index 9e5c80aaf..3fe3c6e69 100644 --- a/src/test/incorrect/basicassign3/clang_no_plt_no_pic/basicassign3.expected +++ b/src/test/incorrect/basicassign3/clang_no_plt_no_pic/basicassign3.expected @@ -39,7 +39,7 @@ function memory_store8_le(memory: [bv64]bv8, index: bv64, value: bv8) returns ([ function {:bvbuiltin "zero_extend 56"} zero_extend56_8(bv8) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1892bv64) == 1bv8); @@ -80,7 +80,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -91,7 +91,7 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() modifies Gamma_R0, Gamma_R10, Gamma_R31, Gamma_R8, Gamma_R9, Gamma_mem, Gamma_stack, R0, R10, R31, R8, R9, mem, stack; diff --git a/src/test/incorrect/basicassign3/clang_pic/basicassign3.expected b/src/test/incorrect/basicassign3/clang_pic/basicassign3.expected index de54ab94d..44c4be020 100644 --- a/src/test/incorrect/basicassign3/clang_pic/basicassign3.expected +++ b/src/test/incorrect/basicassign3/clang_pic/basicassign3.expected @@ -47,7 +47,7 @@ function memory_store8_le(memory: [bv64]bv8, index: bv64, value: bv8) returns ([ function {:bvbuiltin "zero_extend 56"} zero_extend56_8(bv8) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1964bv64) == 1bv8); @@ -104,7 +104,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69063bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -115,7 +115,7 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() modifies Gamma_R0, Gamma_R10, Gamma_R31, Gamma_R8, Gamma_R9, Gamma_mem, Gamma_stack, R0, R10, R31, R8, R9, mem, stack; diff --git a/src/test/incorrect/basicassign3/gcc/basicassign3.expected b/src/test/incorrect/basicassign3/gcc/basicassign3.expected index 51060f697..2f888eea0 100644 --- a/src/test/incorrect/basicassign3/gcc/basicassign3.expected +++ b/src/test/incorrect/basicassign3/gcc/basicassign3.expected @@ -35,7 +35,7 @@ function memory_store8_le(memory: [bv64]bv8, index: bv64, value: bv8) returns ([ function {:bvbuiltin "zero_extend 56"} zero_extend56_8(bv8) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1916bv64) == 1bv8); @@ -76,7 +76,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -87,7 +87,7 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() modifies Gamma_R0, Gamma_R1, Gamma_R31, Gamma_mem, Gamma_stack, R0, R1, R31, mem, stack; diff --git a/src/test/incorrect/basicassign3/gcc_O2/basicassign3.expected b/src/test/incorrect/basicassign3/gcc_O2/basicassign3.expected index 917aaeb7b..0aca8c217 100644 --- a/src/test/incorrect/basicassign3/gcc_O2/basicassign3.expected +++ b/src/test/incorrect/basicassign3/gcc_O2/basicassign3.expected @@ -33,7 +33,7 @@ function memory_store8_le(memory: [bv64]bv8, index: bv64, value: bv8) returns ([ function {:bvbuiltin "zero_extend 56"} zero_extend56_8(bv8) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1896bv64) == 1bv8); @@ -74,7 +74,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -85,7 +85,7 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() modifies Gamma_R0, Gamma_R1, Gamma_R2, Gamma_mem, R0, R1, R2, mem; diff --git a/src/test/incorrect/basicassign3/gcc_no_plt_no_pic/basicassign3.expected b/src/test/incorrect/basicassign3/gcc_no_plt_no_pic/basicassign3.expected index 51060f697..2f888eea0 100644 --- a/src/test/incorrect/basicassign3/gcc_no_plt_no_pic/basicassign3.expected +++ b/src/test/incorrect/basicassign3/gcc_no_plt_no_pic/basicassign3.expected @@ -35,7 +35,7 @@ function memory_store8_le(memory: [bv64]bv8, index: bv64, value: bv8) returns ([ function {:bvbuiltin "zero_extend 56"} zero_extend56_8(bv8) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1916bv64) == 1bv8); @@ -76,7 +76,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -87,7 +87,7 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() modifies Gamma_R0, Gamma_R1, Gamma_R31, Gamma_mem, Gamma_stack, R0, R1, R31, mem, stack; diff --git a/src/test/incorrect/basicassign3/gcc_pic/basicassign3.expected b/src/test/incorrect/basicassign3/gcc_pic/basicassign3.expected index 815565357..bfac2a917 100644 --- a/src/test/incorrect/basicassign3/gcc_pic/basicassign3.expected +++ b/src/test/incorrect/basicassign3/gcc_pic/basicassign3.expected @@ -43,7 +43,7 @@ function memory_store8_le(memory: [bv64]bv8, index: bv64, value: bv8) returns ([ function {:bvbuiltin "zero_extend 56"} zero_extend56_8(bv8) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1980bv64) == 1bv8); @@ -100,7 +100,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69007bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -111,7 +111,7 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() modifies Gamma_R0, Gamma_R1, Gamma_R31, Gamma_mem, Gamma_stack, R0, R1, R31, mem, stack; diff --git a/src/test/incorrect/iflocal/clang/iflocal.expected b/src/test/incorrect/iflocal/clang/iflocal.expected index 23580caf2..14a976418 100644 --- a/src/test/incorrect/iflocal/clang/iflocal.expected +++ b/src/test/incorrect/iflocal/clang/iflocal.expected @@ -39,7 +39,7 @@ function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 1"} zero_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1896bv64) == 1bv8); @@ -80,7 +80,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -91,10 +91,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() - modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_mem, Gamma_stack, R0, R31, R8, mem, stack; + modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_stack, R0, R31, R8, stack; free requires (memory_load8_le(mem, 69664bv64) == 0bv8); free requires (memory_load8_le(mem, 69665bv64) == 0bv8); free requires (memory_load8_le(mem, 69666bv64) == 0bv8); diff --git a/src/test/incorrect/iflocal/clang_no_plt_no_pic/iflocal.expected b/src/test/incorrect/iflocal/clang_no_plt_no_pic/iflocal.expected index 194eeebc4..c1ec5bd48 100644 --- a/src/test/incorrect/iflocal/clang_no_plt_no_pic/iflocal.expected +++ b/src/test/incorrect/iflocal/clang_no_plt_no_pic/iflocal.expected @@ -39,7 +39,7 @@ function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 1"} zero_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1896bv64) == 1bv8); @@ -80,7 +80,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -91,10 +91,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() - modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_mem, Gamma_stack, R0, R31, R8, mem, stack; + modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_stack, R0, R31, R8, stack; free requires (memory_load8_le(mem, 69664bv64) == 0bv8); free requires (memory_load8_le(mem, 69665bv64) == 0bv8); free requires (memory_load8_le(mem, 69666bv64) == 0bv8); diff --git a/src/test/incorrect/iflocal/clang_pic/iflocal.expected b/src/test/incorrect/iflocal/clang_pic/iflocal.expected index 194eeebc4..c1ec5bd48 100644 --- a/src/test/incorrect/iflocal/clang_pic/iflocal.expected +++ b/src/test/incorrect/iflocal/clang_pic/iflocal.expected @@ -39,7 +39,7 @@ function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 1"} zero_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1896bv64) == 1bv8); @@ -80,7 +80,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -91,10 +91,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() - modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_mem, Gamma_stack, R0, R31, R8, mem, stack; + modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_stack, R0, R31, R8, stack; free requires (memory_load8_le(mem, 69664bv64) == 0bv8); free requires (memory_load8_le(mem, 69665bv64) == 0bv8); free requires (memory_load8_le(mem, 69666bv64) == 0bv8); diff --git a/src/test/incorrect/iflocal/gcc/iflocal.expected b/src/test/incorrect/iflocal/gcc/iflocal.expected index 3d5087cd9..6571a03cf 100644 --- a/src/test/incorrect/iflocal/gcc/iflocal.expected +++ b/src/test/incorrect/iflocal/gcc/iflocal.expected @@ -37,7 +37,7 @@ function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 1"} zero_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1880bv64) == 1bv8); @@ -78,7 +78,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -89,10 +89,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() - modifies Gamma_R0, Gamma_R31, Gamma_mem, Gamma_stack, R0, R31, mem, stack; + modifies Gamma_R0, Gamma_R31, Gamma_stack, R0, R31, stack; free requires (memory_load8_le(mem, 69632bv64) == 0bv8); free requires (memory_load8_le(mem, 69633bv64) == 0bv8); free requires (memory_load8_le(mem, 69634bv64) == 0bv8); diff --git a/src/test/incorrect/iflocal/gcc_no_plt_no_pic/iflocal.expected b/src/test/incorrect/iflocal/gcc_no_plt_no_pic/iflocal.expected index d93ec63df..66efa5b8d 100644 --- a/src/test/incorrect/iflocal/gcc_no_plt_no_pic/iflocal.expected +++ b/src/test/incorrect/iflocal/gcc_no_plt_no_pic/iflocal.expected @@ -37,7 +37,7 @@ function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 1"} zero_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1880bv64) == 1bv8); @@ -78,7 +78,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -89,10 +89,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() - modifies Gamma_R0, Gamma_R31, Gamma_mem, Gamma_stack, R0, R31, mem, stack; + modifies Gamma_R0, Gamma_R31, Gamma_stack, R0, R31, stack; free requires (memory_load8_le(mem, 69632bv64) == 0bv8); free requires (memory_load8_le(mem, 69633bv64) == 0bv8); free requires (memory_load8_le(mem, 69634bv64) == 0bv8); diff --git a/src/test/incorrect/iflocal/gcc_pic/iflocal.expected b/src/test/incorrect/iflocal/gcc_pic/iflocal.expected index d93ec63df..66efa5b8d 100644 --- a/src/test/incorrect/iflocal/gcc_pic/iflocal.expected +++ b/src/test/incorrect/iflocal/gcc_pic/iflocal.expected @@ -37,7 +37,7 @@ function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 1"} zero_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1880bv64) == 1bv8); @@ -78,7 +78,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -89,10 +89,10 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() - modifies Gamma_R0, Gamma_R31, Gamma_mem, Gamma_stack, R0, R31, mem, stack; + modifies Gamma_R0, Gamma_R31, Gamma_stack, R0, R31, stack; free requires (memory_load8_le(mem, 69632bv64) == 0bv8); free requires (memory_load8_le(mem, 69633bv64) == 0bv8); free requires (memory_load8_le(mem, 69634bv64) == 0bv8); diff --git a/src/test/incorrect/nestedifglobal/clang/nestedifglobal.expected b/src/test/incorrect/nestedifglobal/clang/nestedifglobal.expected index 1e3138373..971a31859 100644 --- a/src/test/incorrect/nestedifglobal/clang/nestedifglobal.expected +++ b/src/test/incorrect/nestedifglobal/clang/nestedifglobal.expected @@ -45,7 +45,7 @@ function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 1"} zero_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1976bv64) == 1bv8); @@ -86,7 +86,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -97,7 +97,7 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_R9, Gamma_mem, Gamma_stack, R0, R31, R8, R9, mem, stack; diff --git a/src/test/incorrect/nestedifglobal/clang_no_plt_no_pic/nestedifglobal.expected b/src/test/incorrect/nestedifglobal/clang_no_plt_no_pic/nestedifglobal.expected index 1d90826e6..42fc63d91 100644 --- a/src/test/incorrect/nestedifglobal/clang_no_plt_no_pic/nestedifglobal.expected +++ b/src/test/incorrect/nestedifglobal/clang_no_plt_no_pic/nestedifglobal.expected @@ -45,7 +45,7 @@ function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 1"} zero_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1976bv64) == 1bv8); @@ -86,7 +86,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69679bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -97,7 +97,7 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_R9, Gamma_mem, Gamma_stack, R0, R31, R8, R9, mem, stack; diff --git a/src/test/incorrect/nestedifglobal/clang_pic/nestedifglobal.expected b/src/test/incorrect/nestedifglobal/clang_pic/nestedifglobal.expected index 95208c354..b789075b8 100644 --- a/src/test/incorrect/nestedifglobal/clang_pic/nestedifglobal.expected +++ b/src/test/incorrect/nestedifglobal/clang_pic/nestedifglobal.expected @@ -61,7 +61,7 @@ function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 1"} zero_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 2052bv64) == 1bv8); @@ -118,7 +118,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69063bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -129,7 +129,7 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() modifies Gamma_R0, Gamma_R31, Gamma_R8, Gamma_R9, Gamma_mem, Gamma_stack, R0, R31, R8, R9, mem, stack; diff --git a/src/test/incorrect/nestedifglobal/gcc/nestedifglobal.expected b/src/test/incorrect/nestedifglobal/gcc/nestedifglobal.expected index 73633adc5..843c7dc3c 100644 --- a/src/test/incorrect/nestedifglobal/gcc/nestedifglobal.expected +++ b/src/test/incorrect/nestedifglobal/gcc/nestedifglobal.expected @@ -43,7 +43,7 @@ function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 1"} zero_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1956bv64) == 1bv8); @@ -84,7 +84,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -95,7 +95,7 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() modifies Gamma_R0, Gamma_R1, Gamma_R31, Gamma_mem, Gamma_stack, R0, R1, R31, mem, stack; diff --git a/src/test/incorrect/nestedifglobal/gcc_no_plt_no_pic/nestedifglobal.expected b/src/test/incorrect/nestedifglobal/gcc_no_plt_no_pic/nestedifglobal.expected index ffa0fd1f4..4e681cfe8 100644 --- a/src/test/incorrect/nestedifglobal/gcc_no_plt_no_pic/nestedifglobal.expected +++ b/src/test/incorrect/nestedifglobal/gcc_no_plt_no_pic/nestedifglobal.expected @@ -43,7 +43,7 @@ function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 1"} zero_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 1956bv64) == 1bv8); @@ -84,7 +84,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69647bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -95,7 +95,7 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() modifies Gamma_R0, Gamma_R1, Gamma_R31, Gamma_mem, Gamma_stack, R0, R1, R31, mem, stack; diff --git a/src/test/incorrect/nestedifglobal/gcc_pic/nestedifglobal.expected b/src/test/incorrect/nestedifglobal/gcc_pic/nestedifglobal.expected index ef4771ea1..11d772e99 100644 --- a/src/test/incorrect/nestedifglobal/gcc_pic/nestedifglobal.expected +++ b/src/test/incorrect/nestedifglobal/gcc_pic/nestedifglobal.expected @@ -51,7 +51,7 @@ function {:bvbuiltin "sign_extend 1"} sign_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 1"} zero_extend1_32(bv32) returns (bv33); function {:bvbuiltin "zero_extend 32"} zero_extend32_32(bv32) returns (bv64); procedure rely(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); free ensures (memory_load8_le(mem, 2020bv64) == 1bv8); @@ -108,7 +108,7 @@ procedure rely(); free ensures (memory_load8_le(mem, 69007bv64) == 0bv8); procedure rely_transitive() - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; ensures (mem == old(mem)); ensures (Gamma_mem == old(Gamma_mem)); { @@ -119,7 +119,7 @@ procedure rely_transitive() procedure rely_reflexive(); procedure guarantee_reflexive(); - modifies mem, Gamma_mem; + modifies Gamma_mem, mem; procedure main() modifies Gamma_R0, Gamma_R1, Gamma_R31, Gamma_mem, Gamma_stack, R0, R1, R31, mem, stack;