diff --git a/include/klee/ADT/KTest.h b/include/klee/ADT/KTest.h index 66c68c3417..d4c08d640d 100644 --- a/include/klee/ADT/KTest.h +++ b/include/klee/ADT/KTest.h @@ -46,6 +46,7 @@ struct KTest { unsigned numObjects; KTestObject *objects; + unsigned uninitCoeff; }; /* returns the current .ktest file format version */ diff --git a/include/klee/ADT/Ref.h b/include/klee/ADT/Ref.h index 008580cc7e..eb082c2065 100644 --- a/include/klee/ADT/Ref.h +++ b/include/klee/ADT/Ref.h @@ -215,6 +215,19 @@ template class ref { bool operator!=(const ref &rhs) const { return !equals(rhs); } }; +template class OptionalRefEq { +public: + bool operator()(const ref &lhs, const ref &rhs) { + if (lhs.isNull() && rhs.isNull()) { + return true; + } + if (lhs.isNull() || rhs.isNull()) { + return false; + } + return lhs.get()->equals(*rhs.get()); + } +}; + template inline llvm::raw_ostream &operator<<(llvm::raw_ostream &os, const ref &e) { os << *e; diff --git a/include/klee/ADT/SparseStorage.h b/include/klee/ADT/SparseStorage.h index 84170600da..307f8b671e 100644 --- a/include/klee/ADT/SparseStorage.h +++ b/include/klee/ADT/SparseStorage.h @@ -3,67 +3,56 @@ #include #include +#include #include #include +#include #include +namespace llvm { +class raw_ostream; +}; + namespace klee { -template class SparseStorage { +enum class Density { + Sparse, + Dense, +}; + +template > +class SparseStorage { private: - size_t capacity; - std::map internalStorage; + std::unordered_map internalStorage; ValueType defaultValue; + Eq eq; bool contains(size_t key) const { return internalStorage.count(key) != 0; } public: - struct Iterator { - using iterator_category = std::input_iterator_tag; - using difference_type = std::ptrdiff_t; - using value_type = ValueType; - using pointer = ValueType *; - using reference = ValueType &; - - private: - size_t idx; - const SparseStorage *owner; - - public: - Iterator(size_t idx, const SparseStorage *owner) : idx(idx), owner(owner) {} - - value_type operator*() const { return owner->load(idx); } - - Iterator &operator++() { - ++idx; - return *this; - } - - Iterator operator++(int) { - Iterator snap = *this; - ++(*this); - return snap; + SparseStorage(const ValueType &defaultValue = ValueType()) + : defaultValue(defaultValue) {} + + SparseStorage(const std::unordered_map &internalStorage, + const ValueType &defaultValue) + : defaultValue(defaultValue) { + for (auto &[index, value] : internalStorage) { + store(index, value); } - - bool operator==(const Iterator &other) const { return idx == other.idx; } - - bool operator!=(const Iterator &other) const { return !(*this == other); } - }; - - SparseStorage(size_t capacity = 0, - const ValueType &defaultValue = ValueType()) - : capacity(capacity), defaultValue(defaultValue) {} + } SparseStorage(const std::vector &values, const ValueType &defaultValue = ValueType()) - : capacity(values.capacity()), defaultValue(defaultValue) { - for (size_t idx = 0; idx < values.capacity(); ++idx) { - internalStorage[idx] = values[idx]; + : defaultValue(defaultValue) { + for (size_t idx = 0; idx < values.size(); ++idx) { + store(idx, values[idx]); } } void store(size_t idx, const ValueType &value) { - if (idx < capacity) { + if (eq(value, defaultValue)) { + internalStorage.erase(idx); + } else { internalStorage[idx] = value; } } @@ -77,32 +66,19 @@ template class SparseStorage { } ValueType load(size_t idx) const { - assert(idx < capacity && idx >= 0); return contains(idx) ? internalStorage.at(idx) : defaultValue; } - size_t size() const { return capacity; } - - void resize(size_t newCapacity) { - assert(newCapacity >= 0); - // Free to extend - if (newCapacity >= capacity) { - capacity = newCapacity; - return; - } - - // Truncate unnessecary elements - auto iterOnNewSize = internalStorage.lower_bound(newCapacity); - while (iterOnNewSize != internalStorage.end()) { - iterOnNewSize = internalStorage.erase(iterOnNewSize); + size_t sizeOfSetRange() const { + size_t sizeOfRange = 0; + for (auto i : internalStorage) { + sizeOfRange = std::max(i.first, sizeOfRange); } - - capacity = newCapacity; + return sizeOfRange; } bool operator==(const SparseStorage &another) const { - return size() == another.size() && defaultValue == another.defaultValue && - internalStorage == another.internalStorage; + return defaultValue == another.defaultValue && compare(another) == 0; } bool operator!=(const SparseStorage &another) const { @@ -110,22 +86,61 @@ template class SparseStorage { } bool operator<(const SparseStorage &another) const { - return internalStorage < another.internalStorage; + return compare(another) == -1; } bool operator>(const SparseStorage &another) const { - return internalStorage > another.internalStorage; + return compare(another) == 1; + } + + int compare(const SparseStorage &other) const { + auto ordered = calculateOrderedStorage(); + auto otherOrdered = other.calculateOrderedStorage(); + + if (ordered == otherOrdered) { + return 0; + } else { + return ordered < otherOrdered ? -1 : 1; + } + } + + std::map calculateOrderedStorage() const { + std::map ordered; + for (const auto &i : internalStorage) { + ordered.insert(i); + } + return ordered; + } + + std::vector getFirstNIndexes(size_t n) const { + std::vector vectorized(n); + for (size_t i = 0; i < n; i++) { + vectorized[i] = load(i); + } + return vectorized; + } + + const std::unordered_map &storage() const { + return internalStorage; + }; + + const ValueType &defaultV() const { return defaultValue; }; + + void reset() { internalStorage.clear(); } + + void reset(ValueType newDefault) { + defaultValue = newDefault; + internalStorage.clear(); } - Iterator begin() const { return Iterator(0, this); } - Iterator end() const { return Iterator(size(), this); } + void print(llvm::raw_ostream &os, Density) const; }; template SparseStorage sparseBytesFromValue(const U &value) { const unsigned char *valueUnsignedCharIterator = reinterpret_cast(&value); - SparseStorage result(sizeof(value)); + SparseStorage result; result.store(0, valueUnsignedCharIterator, valueUnsignedCharIterator + sizeof(value)); return result; diff --git a/include/klee/Expr/ArrayCache.h b/include/klee/Expr/ArrayCache.h index b46a1caab1..735b3d257b 100644 --- a/include/klee/Expr/ArrayCache.h +++ b/include/klee/Expr/ArrayCache.h @@ -61,10 +61,9 @@ class ArrayCache { klee::EquivArrayCmpFn> ArrayHashSet; ArrayHashSet cachedSymbolicArrays; - typedef std::vector ArrayPtrVec; - ArrayPtrVec concreteArrays; - unsigned getNextID() const; + // Number of arrays of each source allocated + std::unordered_map allocatedCount; }; } // namespace klee diff --git a/include/klee/Expr/Assignment.h b/include/klee/Expr/Assignment.h index 61376ff940..f72bb581b7 100644 --- a/include/klee/Expr/Assignment.h +++ b/include/klee/Expr/Assignment.h @@ -95,8 +95,10 @@ class AssignmentEvaluator : public ExprEvaluator { inline ref Assignment::evaluate(const Array *array, unsigned index, bool allowFreeValues) const { assert(array); + auto sizeExpr = evaluate(array->size); bindings_ty::iterator it = bindings.find(array); - if (it != bindings.end() && index < it->second.size()) { + if (it != bindings.end() && isa(sizeExpr) && + index < cast(sizeExpr)->getZExtValue()) { return ConstantExpr::alloc(it->second.load(index), array->getRange()); } else { if (allowFreeValues) { diff --git a/include/klee/Expr/Expr.h b/include/klee/Expr/Expr.h index ab6826e25d..a7e839a5d3 100644 --- a/include/klee/Expr/Expr.h +++ b/include/klee/Expr/Expr.h @@ -412,7 +412,7 @@ struct Expr::CreateArg { // Comparison operators inline bool operator==(const Expr &lhs, const Expr &rhs) { - return lhs.compare(rhs) == 0; + return lhs.equals(rhs); } inline bool operator<(const Expr &lhs, const Expr &rhs) { @@ -629,10 +629,7 @@ class Array { public: bool isSymbolicArray() const { return !isConstantArray(); } - bool isConstantArray() const { - return isa(source) || - isa(source); - } + bool isConstantArray() const { return isa(source); } const std::string getName() const { return source->toString(); } const std::string getIdentifier() const { diff --git a/include/klee/Expr/Parser/Lexer.h b/include/klee/Expr/Parser/Lexer.h index 8b3fe53a30..dc4c111adc 100644 --- a/include/klee/Expr/Parser/Lexer.h +++ b/include/klee/Expr/Parser/Lexer.h @@ -32,6 +32,8 @@ struct Token { KWFalse, ///< 'false' KWQuery, ///< 'query' KWPath, ///< 'path' + KWDefault, ///< 'default' + KWNull, ///< 'null' KWReserved, ///< fp[0-9]+([.].*)?, i[0-9]+ KWSymbolic, ///< 'symbolic' KWTrue, ///< 'true' diff --git a/include/klee/Expr/SourceBuilder.h b/include/klee/Expr/SourceBuilder.h index 7b57e2f8c9..1747fab458 100644 --- a/include/klee/Expr/SourceBuilder.h +++ b/include/klee/Expr/SourceBuilder.h @@ -2,6 +2,7 @@ #define KLEE_SOURCEBUILDER_H #include "klee/ADT/Ref.h" +#include "klee/ADT/SparseStorage.h" #include "klee/Expr/SymbolicSource.h" #include "klee/Module/KModule.h" @@ -12,10 +13,13 @@ class SourceBuilder { SourceBuilder() = delete; static ref - constant(const std::vector> &constantValues); - static ref symbolicSizeConstant(unsigned defaultValue); - static ref symbolicSizeConstantAddress(unsigned defaultValue, - unsigned version); + constant(SparseStorage> constantValues); + + static ref uninitialized(unsigned version, + const KInstruction *allocSite); + static ref + symbolicSizeConstantAddress(unsigned version, const KInstruction *allocSite, + ref size); static ref makeSymbolic(const std::string &name, unsigned version); static ref lazyInitializationAddress(ref pointer); diff --git a/include/klee/Expr/SymbolicSource.h b/include/klee/Expr/SymbolicSource.h index be65580f7b..ded381bb00 100644 --- a/include/klee/Expr/SymbolicSource.h +++ b/include/klee/Expr/SymbolicSource.h @@ -3,11 +3,14 @@ #include "klee/ADT/Ref.h" +#include "klee/ADT/SparseStorage.h" #include "klee/Support/CompilerWarning.h" + DISABLE_WARNING_PUSH DISABLE_WARNING_DEPRECATED_DECLARATIONS #include "llvm/ADT/StringExtras.h" #include "llvm/IR/Argument.h" +#include "llvm/IR/GlobalVariable.h" #include "llvm/IR/Instruction.h" DISABLE_WARNING_POP @@ -21,6 +24,7 @@ class Array; class Expr; class ConstantExpr; class KModule; +struct KInstruction; class SymbolicSource { protected: @@ -33,7 +37,7 @@ class SymbolicSource { enum Kind { Constant = 3, - SymbolicSizeConstant, + Uninitialied, SymbolicSizeConstantAddress, MakeSymbolic, LazyInitializationContent, @@ -63,24 +67,26 @@ class SymbolicSource { class ConstantSource : public SymbolicSource { public: - /// constantValues - The constant initial values for this array, or empty for - /// a symbolic array. If non-empty, this size of this array is equivalent to - /// the array size. - const std::vector> constantValues; + const SparseStorage> constantValues; + + ConstantSource(SparseStorage> _constantValues) + : constantValues(std::move(_constantValues)) { + assert(constantValues.defaultV() && "Constant must be constant!"); + } - ConstantSource(const std::vector> &_constantValues) - : constantValues(_constantValues){}; Kind getKind() const override { return Kind::Constant; } - virtual std::string getName() const override { return "constant"; } - uint64_t size() const { return constantValues.size(); } + + std::string getName() const override { return "constant"; } static bool classof(const SymbolicSource *S) { return S->getKind() == Kind::Constant; } + static bool classof(const ConstantSource *) { return true; } - virtual unsigned computeHash() override; - virtual int internalCompare(const SymbolicSource &b) const override { + unsigned computeHash() override; + + int internalCompare(const SymbolicSource &b) const override { if (getKind() != b.getKind()) { return getKind() < b.getKind() ? -1 : 1; } @@ -92,43 +98,38 @@ class ConstantSource : public SymbolicSource { } }; -class SymbolicSizeConstantSource : public SymbolicSource { +class UninitializedSource : public SymbolicSource { public: - const unsigned defaultValue; - SymbolicSizeConstantSource(unsigned _defaultValue) - : defaultValue(_defaultValue) {} + const unsigned version; + const KInstruction *allocSite; - Kind getKind() const override { return Kind::SymbolicSizeConstant; } - virtual std::string getName() const override { - return "symbolicSizeConstant"; - } + UninitializedSource(unsigned version, const KInstruction *allocSite) + : version(version), allocSite(allocSite) {} + + Kind getKind() const override { return Kind::Uninitialied; } + + std::string getName() const override { return "uninitialized"; } static bool classof(const SymbolicSource *S) { - return S->getKind() == Kind::SymbolicSizeConstant; + return S->getKind() == Kind::Uninitialied; } - static bool classof(const SymbolicSizeConstantSource *) { return true; } - virtual unsigned computeHash() override; + static bool classof(const UninitializedSource *) { return true; } - virtual int internalCompare(const SymbolicSource &b) const override { - if (getKind() != b.getKind()) { - return getKind() < b.getKind() ? -1 : 1; - } - const SymbolicSizeConstantSource &ssb = - static_cast(b); - if (defaultValue != ssb.defaultValue) { - return defaultValue < ssb.defaultValue ? -1 : 1; - } - return 0; - } + unsigned computeHash() override; + + int internalCompare(const SymbolicSource &b) const override; }; class SymbolicSizeConstantAddressSource : public SymbolicSource { public: - const unsigned defaultValue; const unsigned version; - SymbolicSizeConstantAddressSource(unsigned _defaultValue, unsigned _version) - : defaultValue(_defaultValue), version(_version) {} + const KInstruction *allocSite; + ref size; + SymbolicSizeConstantAddressSource(unsigned _version, + const KInstruction *_allocSite, + ref _size) + : version(_version), allocSite(_allocSite), size(_size) {} Kind getKind() const override { return Kind::SymbolicSizeConstantAddress; } virtual std::string getName() const override { @@ -144,20 +145,7 @@ class SymbolicSizeConstantAddressSource : public SymbolicSource { virtual unsigned computeHash() override; - virtual int internalCompare(const SymbolicSource &b) const override { - if (getKind() != b.getKind()) { - return getKind() < b.getKind() ? -1 : 1; - } - const SymbolicSizeConstantAddressSource &ssb = - static_cast(b); - if (defaultValue != ssb.defaultValue) { - return defaultValue < ssb.defaultValue ? -1 : 1; - } - if (version != ssb.version) { - return version < ssb.version ? -1 : 1; - } - return 0; - } + virtual int internalCompare(const SymbolicSource &b) const override; }; class MakeSymbolicSource : public SymbolicSource { diff --git a/include/klee/Module/KInstruction.h b/include/klee/Module/KInstruction.h index 5c64de152c..a4ee2c9c44 100644 --- a/include/klee/Module/KInstruction.h +++ b/include/klee/Module/KInstruction.h @@ -13,7 +13,7 @@ #include "KModule.h" #include "klee/Config/Version.h" #include "klee/Support/CompilerWarning.h" - +#include "llvm/IR/Argument.h" DISABLE_WARNING_PUSH DISABLE_WARNING_DEPRECATED_DECLARATIONS #include "llvm/Support/DataTypes.h" @@ -31,10 +31,41 @@ namespace klee { class Executor; class KModule; struct KBlock; +struct KFunction; + +static const unsigned MAGIC_HASH_CONSTANT = 39; /// KInstruction - Intermediate instruction representation used /// during execution. struct KInstruction { + + struct Index { + unsigned long instID; + unsigned long blockID; + unsigned long funcID; + + bool operator==(const Index &other) const { + return std::tie(instID, blockID, funcID) == + std::tie(other.instID, other.blockID, other.funcID); + } + + bool operator<(const Index &other) const { + return std::tie(instID, blockID, funcID) < + std::tie(other.instID, other.blockID, other.funcID); + } + + unsigned hash() const { + unsigned res = instID; + res = res * MAGIC_HASH_CONSTANT + blockID; + res = res * MAGIC_HASH_CONSTANT + funcID; + return res; + } + + void print(llvm::raw_ostream &os) const { + os << "[" << instID << ", " << blockID << ", " << funcID << "]"; + } + }; + llvm::Instruction *inst; /// Value numbers for each operand. -1 is an invalid value, @@ -65,21 +96,31 @@ struct KInstruction { KInstruction() = delete; explicit KInstruction(const KInstruction &ki) = delete; virtual ~KInstruction(); + std::string getSourceLocation() const; [[nodiscard]] size_t getLine() const; [[nodiscard]] size_t getColumn() const; [[nodiscard]] std::string getSourceFilepath() const; + Index getID() const; [[nodiscard]] std::string getSourceLocationString() const; [[nodiscard]] std::string toString() const; + bool operator==(const KInstruction &other) const { + return getID() == other.getID(); + } [[nodiscard]] inline KBlock *getKBlock() const { return parent; } [[nodiscard]] inline KFunction *getKFunction() const { return getKBlock()->parent; } + bool operator<(const KInstruction &other) const { + return getID() < other.getID(); + } [[nodiscard]] inline KModule *getKModule() const { return getKFunction()->parent; } + + unsigned hash() const { return getID().hash(); } }; struct KGEPInstruction : KInstruction { diff --git a/include/klee/Module/KModule.h b/include/klee/Module/KModule.h index 50949908b6..83cef2cce5 100644 --- a/include/klee/Module/KModule.h +++ b/include/klee/Module/KModule.h @@ -296,7 +296,7 @@ class KModule { /// expected by KLEE's Executor hold. void checkModule(); - KBlock *getKBlock(llvm::BasicBlock *bb); + KBlock *getKBlock(const llvm::BasicBlock *bb); bool inMainModule(const llvm::Function &f); diff --git a/include/klee/Solver/SolverUtil.h b/include/klee/Solver/SolverUtil.h index bb66e7a179..d68d3ea77e 100644 --- a/include/klee/Solver/SolverUtil.h +++ b/include/klee/Solver/SolverUtil.h @@ -254,11 +254,7 @@ class InvalidResponse : public SolverResponse { if (result.bindings.count(object)) { values.push_back(result.bindings.at(object)); } else { - ref constantSize = - dyn_cast(result.evaluate(object->size)); - assert(constantSize); - values.push_back( - SparseStorage(constantSize->getZExtValue(), 0)); + values.push_back(SparseStorage(0)); } } return true; diff --git a/include/klee/Support/PrintContext.h b/include/klee/Support/PrintContext.h index e397367683..5196b9a35f 100644 --- a/include/klee/Support/PrintContext.h +++ b/include/klee/Support/PrintContext.h @@ -72,6 +72,8 @@ class PrintContext { return *this; } + llvm::raw_ostream &getStream() { return os; } + /// Pop the top off the indent stack /// \return The PrintContext object so the method is chainable PrintContext &popIndent() { diff --git a/lib/ADT/CMakeLists.txt b/lib/ADT/CMakeLists.txt new file mode 100644 index 0000000000..4afa541dd6 --- /dev/null +++ b/lib/ADT/CMakeLists.txt @@ -0,0 +1,16 @@ +#===------------------------------------------------------------------------===# +# +# The KLEE Symbolic Virtual Machine +# +# This file is distributed under the University of Illinois Open Source +# License. See LICENSE.TXT for details. +# +#===------------------------------------------------------------------------===# +add_library(kleeADT + SparseStorage.cpp +) + +llvm_config(kleeADT "${USE_LLVM_SHARED}" support) +target_include_directories(kleeADT PRIVATE ${KLEE_INCLUDE_DIRS} ${LLVM_INCLUDE_DIRS}) +target_compile_options(kleeADT PRIVATE ${KLEE_COMPONENT_CXX_FLAGS}) +target_compile_definitions(kleeADT PRIVATE ${KLEE_COMPONENT_CXX_DEFINES}) diff --git a/lib/ADT/SparseStorage.cpp b/lib/ADT/SparseStorage.cpp new file mode 100644 index 0000000000..dc24e7d993 --- /dev/null +++ b/lib/ADT/SparseStorage.cpp @@ -0,0 +1,86 @@ +#include "klee/ADT/SparseStorage.h" +#include "klee/Expr/Expr.h" + +#include "llvm/ADT/StringExtras.h" +#include "llvm/Support/raw_ostream.h" + +namespace klee { + +template <> +void SparseStorage::print(llvm::raw_ostream &os, + Density d) const { + if (d == Density::Sparse) { + // "Sparse representation" + os << "{"; + bool firstPrinted = false; + auto ordered = calculateOrderedStorage(); + for (const auto &element : ordered) { + if (firstPrinted) { + os << ", "; + } + os << element.first << ": " << element.second; + firstPrinted = true; + } + os << "} default: "; + } else { + // "Dense representation" + os << "["; + bool firstPrinted = false; + for (size_t i = 0; i < sizeOfSetRange(); i++) { + if (firstPrinted) { + os << ", "; + } + os << llvm::utostr(load(i)); + firstPrinted = true; + } + os << "] default: "; + } + os << defaultValue; +} + +template <> +void SparseStorage>::print(llvm::raw_ostream &os, + Density d) const { + if (d == Density::Sparse) { + // "Sparse representation" + os << "{"; + bool firstPrinted = false; + auto ordered = calculateOrderedStorage(); + for (const auto &element : ordered) { + if (firstPrinted) { + os << ", "; + } + os << element.first << ": "; + if (element.second) { + os << element.second; + } else { + os << "null"; + } + firstPrinted = true; + } + os << "} default: "; + } else { + // "Dense representation" + os << "["; + bool firstPrinted = false; + for (size_t i = 0; i < sizeOfSetRange(); i++) { + if (firstPrinted) { + os << ", "; + } + auto expr = load(i); + if (expr) { + os << expr; + } else { + os << "null"; + } + firstPrinted = true; + } + os << "] default: "; + } + if (defaultValue) { + os << defaultValue; + } else { + os << "null"; + } +} +} // namespace klee diff --git a/lib/CMakeLists.txt b/lib/CMakeLists.txt index 8a0749324a..cc0279a12e 100644 --- a/lib/CMakeLists.txt +++ b/lib/CMakeLists.txt @@ -6,6 +6,7 @@ # License. See LICENSE.TXT for details. # #===------------------------------------------------------------------------===# +add_subdirectory(ADT) add_subdirectory(Basic) add_subdirectory(Support) add_subdirectory(Expr) diff --git a/lib/Core/AddressSpace.cpp b/lib/Core/AddressSpace.cpp index 1d33e574fc..553b588bd3 100644 --- a/lib/Core/AddressSpace.cpp +++ b/lib/Core/AddressSpace.cpp @@ -364,30 +364,36 @@ bool AddressSpace::resolve(ExecutionState &state, TimingSolver *solver, // transparently avoid screwing up symbolics (if the byte is symbolic // then its concrete cache byte isn't being used) but is just a hack. -void AddressSpace::copyOutConcretes() { +void AddressSpace::copyOutConcretes(const Assignment &assignment) { for (const auto &object : objects) { auto &mo = object.first; auto &os = object.second; - if (!mo->isUserSpecified && !os->readOnly && os->size != 0) { - copyOutConcrete(mo, os.get()); + if (!mo->isUserSpecified && !os->readOnly && mo->size != 0) { + copyOutConcrete(mo, os.get(), assignment); } } } void AddressSpace::copyOutConcrete(const MemoryObject *mo, - const ObjectState *os) const { + const ObjectState *os, + const Assignment &assignment) const { auto address = reinterpret_cast(mo->address); - std::memcpy(address, os->concreteStore, mo->size); + std::vector concreteStore(mo->size); + for (size_t i = 0; i < mo->size; i++) { + auto byte = assignment.evaluate(os->read8(i), false); + concreteStore[i] = cast(byte)->getZExtValue(8); + } + std::memcpy(address, concreteStore.data(), mo->size); } -bool AddressSpace::copyInConcretes() { +bool AddressSpace::copyInConcretes(const Assignment &assignment) { for (auto &obj : objects) { const MemoryObject *mo = obj.first; if (!mo->isUserSpecified) { const auto &os = obj.second; - if (!copyInConcrete(mo, os.get(), mo->address)) + if (!copyInConcrete(mo, os.get(), mo->address, assignment)) return false; } } @@ -396,14 +402,22 @@ bool AddressSpace::copyInConcretes() { } bool AddressSpace::copyInConcrete(const MemoryObject *mo, const ObjectState *os, - uint64_t src_address) { + uint64_t src_address, + const Assignment &assignment) { auto address = reinterpret_cast(src_address); - if (memcmp(address, os->concreteStore, mo->size) != 0) { + std::vector concreteStore(mo->size); + for (size_t i = 0; i < mo->size; i++) { + auto byte = assignment.evaluate(os->read8(i), false); + concreteStore[i] = cast(byte)->getZExtValue(8); + } + if (memcmp(address, concreteStore.data(), mo->size) != 0) { if (os->readOnly) { return false; } else { ObjectState *wos = getWriteable(mo, os); - memcpy(wos->concreteStore, address, mo->size); + for (size_t i = 0; i < mo->size; i++) { + wos->write(i, ConstantExpr::create(address[i], Expr::Int8)); + } } } return true; diff --git a/lib/Core/AddressSpace.h b/lib/Core/AddressSpace.h index 0acd1c1208..11d2de8130 100644 --- a/lib/Core/AddressSpace.h +++ b/lib/Core/AddressSpace.h @@ -13,6 +13,7 @@ #include "Memory.h" #include "klee/ADT/ImmutableMap.h" +#include "klee/Expr/Assignment.h" #include "klee/Expr/Expr.h" #include "klee/System/Time.h" @@ -137,9 +138,10 @@ class AddressSpace { /// actual system memory location they were allocated at. /// Returns the (hypothetical) number of pages needed provided each written /// object occupies (at least) a single page. - void copyOutConcretes(); + void copyOutConcretes(const Assignment &assignment); - void copyOutConcrete(const MemoryObject *mo, const ObjectState *os) const; + void copyOutConcrete(const MemoryObject *mo, const ObjectState *os, + const Assignment &assignment) const; /// \brief Obtain an ObjectState suitable for writing. /// @@ -161,7 +163,7 @@ class AddressSpace { /// /// \retval true The copy succeeded. /// \retval false The copy failed because a read-only object was modified. - bool copyInConcretes(); + bool copyInConcretes(const Assignment &assignment); /// Updates the memory object with the raw memory from the address /// @@ -170,7 +172,7 @@ class AddressSpace { /// @param src_address the address to copy from /// @return bool copyInConcrete(const MemoryObject *mo, const ObjectState *os, - uint64_t src_address); + uint64_t src_address, const Assignment &assignment); }; } // namespace klee diff --git a/lib/Core/Executor.cpp b/lib/Core/Executor.cpp index 0705439d90..bb2dc37e62 100644 --- a/lib/Core/Executor.cpp +++ b/lib/Core/Executor.cpp @@ -32,6 +32,7 @@ #include "TimingSolver.h" #include "TypeManager.h" #include "UserSearcher.h" +#include "klee/ADT/SparseStorage.h" #include "klee/Core/Context.h" #include "klee/ADT/KTest.h" @@ -254,6 +255,13 @@ cl::opt DelayCoverOnTheFly( "(default=10000)"), cl::cat(TestGenCat)); +cl::opt UninitMemoryTestMultiplier( + "uninit-memory-test-multiplier", cl::init(6), + cl::desc("Generate additional number of duplicate tests due to " + "irreproducibility of uninitialized memory " + "(default=6)"), + cl::cat(TestGenCat)); + /* Constraint solving options */ cl::opt MaxSymArraySize( @@ -743,10 +751,9 @@ void Executor::allocateGlobalObjects(ExecutionState &state) { true, nullptr, 8); errnoObj->isFixed = true; - // TODO: unused variable - ObjectState *os = bindObjectInState( - state, errnoObj, typeSystemManager->getWrappedType(pointerErrnoAddr), - false); + bindObjectInState(state, errnoObj, + typeSystemManager->getWrappedType(pointerErrnoAddr), + false); errno_addr = reinterpret_cast(errnoObj->address); } else { errno_addr = getErrnoLocation(state); @@ -899,7 +906,8 @@ void Executor::initializeGlobalObjects(ExecutionState &state) { for (const GlobalVariable &v : m->globals()) { MemoryObject *mo = globalObjects.find(&v)->second; ObjectState *os = bindObjectInState( - state, mo, typeSystemManager->getWrappedType(v.getType()), false); + state, mo, typeSystemManager->getWrappedType(v.getType()), false, + nullptr); if (v.isDeclaration() && mo->size) { // Program already running -> object already initialized. @@ -933,11 +941,9 @@ void Executor::initializeGlobalObjects(ExecutionState &state) { if (v.isConstant()) { os->setReadOnly(true); // initialise constant memory that may be used with external calls - state.addressSpace.copyOutConcrete(mo, os); + state.addressSpace.copyOutConcrete(mo, os, {}); } } - } else { - os->initializeToRandom(); } } } @@ -2338,7 +2344,7 @@ void Executor::executeCall(ExecutionState &state, KInstruction *ki, Function *f, const ObjectState *osarg = state.addressSpace.findObject(idObject).second; assert(osarg); - for (unsigned i = 0; i < osarg->size; i++) + for (unsigned i = 0; i < osarg->getObject()->size; i++) os->write(offsets[k] + i, osarg->read8(i)); } if (ati != f->arg_end()) { @@ -4863,19 +4869,7 @@ void Executor::callExternalFunction(ExecutionState &state, KInstruction *target, assert(success && "FIXME: Unhandled solver failure"); (void)success; ce->toMemory(&args[wordIndex]); - IDType result; addConstraint(state, EqExpr::create(ce, *ai)); - // Checking to see if the argument is a pointer to something - llvm::Type *argumentType = nullptr; - if (ati != functionType->param_end()) { - argumentType = const_cast(*ati); - } - if (ce->getWidth() == Context::get().getPointerWidth() && - state.addressSpace.resolveOne( - ce, typeSystemManager->getWrappedType(argumentType), result)) { - state.addressSpace.findObject(result).second->flushToConcreteStore( - solver.get(), state); - } wordIndex += (ce->getWidth() + 63) / 64; } else { ref arg = toUnique(state, *ai); @@ -4900,7 +4894,12 @@ void Executor::callExternalFunction(ExecutionState &state, KInstruction *target, } // Prepare external memory for invoking the function - state.addressSpace.copyOutConcretes(); + auto arrays = state.constraints.cs().gatherArrays(); + std::vector> values; + solver->getInitialValues(state.constraints.cs(), arrays, values, + state.queryMetaData); + Assignment assignment(arrays, values); + state.addressSpace.copyOutConcretes(assignment); #ifndef WINDOWS // Update external errno state with local state value IDType idResult; @@ -4972,7 +4971,7 @@ void Executor::callExternalFunction(ExecutionState &state, KInstruction *target, return; } - if (!state.addressSpace.copyInConcretes()) { + if (!state.addressSpace.copyInConcretes(assignment)) { terminateStateOnExecError(state, "external modified read-only object", StateTerminationType::External); return; @@ -4982,7 +4981,7 @@ void Executor::callExternalFunction(ExecutionState &state, KInstruction *target, // Update errno memory object with the errno value from the call int error = externalDispatcher->getLastErrno(); state.addressSpace.copyInConcrete(result.first, result.second, - (uint64_t)&error); + (uint64_t)&error, assignment); #endif Type *resultType = target->inst->getType(); @@ -5061,6 +5060,7 @@ void Executor::executeAlloc(ExecutionState &state, ref size, bool isLocal, KInstruction *target, KType *type, bool zeroMemory, const ObjectState *reallocFrom, size_t allocationAlignment, bool checkOutOfMemory) { + static unsigned allocations = 0; const llvm::Value *allocSite = state.prevPC->inst; if (allocationAlignment == 0) { allocationAlignment = getAllocationAlignment(allocSite); @@ -5102,12 +5102,15 @@ void Executor::executeAlloc(ExecutionState &state, ref size, bool isLocal, if (!mo) { bindLocal(target, state, Expr::createPointer(0)); } else { - ObjectState *os = bindObjectInState(state, mo, type, isLocal); + ref source = nullptr; if (zeroMemory) { - os->initializeToZero(); + source = SourceBuilder::constant( + SparseStorage(ConstantExpr::create(0, Expr::Int8))); } else { - os->initializeToRandom(); + source = SourceBuilder::uninitialized(allocations++, target); } + auto array = makeArray(size, source); + ObjectState *os = bindObjectInState(state, mo, type, isLocal, array); ref address = mo->getBaseExpr(); if (checkOutOfMemory) { @@ -5121,10 +5124,7 @@ void Executor::executeAlloc(ExecutionState &state, ref size, bool isLocal, bindLocal(target, state, address); if (reallocFrom) { - unsigned count = std::min(reallocFrom->size, os->size); - for (unsigned i = 0; i < count; i++) { - os->write(i, reallocFrom->read8(i)); - } + os->write(reallocFrom); state.removePointerResolutions(reallocFrom->getObject()); state.addressSpace.unbindObject(reallocFrom->getObject()); } @@ -5420,13 +5420,18 @@ MemoryObject *Executor::allocate(ExecutionState &state, ref size, Expr::Width pointerWidthInBits = Context::get().getPointerWidth(); /* Create symbol for array */ + KInstruction *ki = nullptr; + if (!lazyInitializationSource) { + auto inst = cast(allocSite); + ki = kmodule->getKBlock(inst->getParent())->parent->instructionMap[inst]; + } const Array *addressArray = makeArray( Expr::createPointer(pointerWidthInBits / CHAR_BIT), lazyInitializationSource ? SourceBuilder::lazyInitializationAddress(lazyInitializationSource) : SourceBuilder::symbolicSizeConstantAddress( - 0, updateNameVersion(state, "const_arr"))); + updateNameVersion(state, "const_arr"), ki, size)); ref addressExpr = Expr::createTempRead(addressArray, pointerWidthInBits); @@ -6405,19 +6410,21 @@ void Executor::updateStateWithSymcretes(ExecutionState &state, continue; } - ObjectPair oldOp = state.addressSpace.findObject(newMO->id); - ref oldMO(oldOp.first); - ref oldOS(oldOp.second); - if (!oldOS) { + ObjectPair op = state.addressSpace.findObject(newMO->id); + + if (!op.second) { continue; } + /* Create a new ObjectState with the new size and new owning memory * object. */ - /* Order of operations critical here. */ - state.addressSpace.unbindObject(oldMO.get()); - state.addressSpace.bindObject(newMO, new ObjectState(newMO, *oldOS.get())); + auto wos = new ObjectState( + *(state.addressSpace.getWriteable(op.first, op.second))); + wos->swapObjectHack(newMO); + state.addressSpace.unbindObject(op.first); + state.addressSpace.bindObject(newMO, wos); } } @@ -6446,8 +6453,8 @@ void Executor::executeMakeSymbolic(ExecutionState &state, ObjectState *os = bindObjectInState(state, mo, type, isLocal, array); if (AlignSymbolicPointers) { - if (ref alignmentRestrictions = - type->getContentRestrictions(os->read(0, os->size * CHAR_BIT))) { + if (ref alignmentRestrictions = type->getContentRestrictions( + os->read(0, os->getObject()->size * CHAR_BIT))) { addConstraint(state, alignmentRestrictions); } } @@ -6466,7 +6473,7 @@ void Executor::executeMakeSymbolic(ExecutionState &state, if (!obj) { if (ZeroSeedExtension) { si.assignment.bindings.replace( - {array, SparseStorage(mo->size, 0)}); + {array, SparseStorage(0)}); } else if (!AllowSeedExtension) { terminateStateOnUserError(state, "ran out of inputs during seeding"); @@ -6491,12 +6498,8 @@ void Executor::executeMakeSymbolic(ExecutionState &state, si.assignment.bindings.end()) { values = si.assignment.bindings.at(array); } - values.resize(std::min(mo->size, obj->numBytes)); values.store(0, obj->bytes, obj->bytes + std::min(obj->numBytes, mo->size)); - if (ZeroSeedExtension) { - values.resize(mo->size); - } si.assignment.bindings.replace({array, values}); } } @@ -7107,6 +7110,15 @@ bool isReproducible(const klee::Symbolic &symb) { return !bad; } +bool isUninitialized(const klee::Array *array) { + bool bad = isa(array->source); + if (bad) + klee_warning_once(array->source.get(), + "A uninitialized array %s reaches a test", + array->getIdentifier().c_str()); + return bad; +} + bool Executor::getSymbolicSolution(const ExecutionState &state, KTest &res) { solver->setTimeout(coreSolverTimeout); @@ -7143,6 +7155,13 @@ bool Executor::getSymbolicSolution(const ExecutionState &state, KTest &res) { } } + std::vector allObjects; + findSymbolicObjects(state.constraints.cs().cs().begin(), + state.constraints.cs().cs().end(), allObjects); + std::vector uninitObjects; + std::copy_if(allObjects.begin(), allObjects.end(), + std::back_inserter(uninitObjects), isUninitialized); + std::vector symbolics; std::copy_if(state.symbolics.begin(), state.symbolics.end(), std::back_inserter(symbolics), isReproducible); @@ -7154,6 +7173,7 @@ bool Executor::getSymbolicSolution(const ExecutionState &state, KTest &res) { } bool success = solver->getInitialValues(extendedConstraints.cs(), objects, values, state.queryMetaData); + Assignment assignment(objects, values); solver->setTimeout(time::Span()); if (!success) { klee_warning("unable to compute initial values (invalid constraints?)!"); @@ -7164,20 +7184,24 @@ bool Executor::getSymbolicSolution(const ExecutionState &state, KTest &res) { res.numObjects = symbolics.size(); res.objects = new KTestObject[res.numObjects]; + res.uninitCoeff = uninitObjects.size() * UninitMemoryTestMultiplier; { size_t i = 0; + // Remove mo->size, evaluate size expr in array for (auto &symbolic : symbolics) { auto mo = symbolic.memoryObject; KTestObject *o = &res.objects[i]; o->name = const_cast(mo->name.c_str()); o->address = mo->address; - o->numBytes = values[i].size(); + o->numBytes = mo->size; o->bytes = new unsigned char[o->numBytes]; - std::copy(values[i].begin(), values[i].end(), o->bytes); + for (size_t j = 0; j < mo->size; j++) { + o->bytes[j] = values[i].load(j); + } o->numPointers = 0; o->pointers = nullptr; - ++i; + i++; } } diff --git a/lib/Core/Executor.h b/lib/Core/Executor.h index a7e0df7160..5a4f8bc554 100644 --- a/lib/Core/Executor.h +++ b/lib/Core/Executor.h @@ -287,7 +287,7 @@ class Executor : public Interpreter { ObjectState *bindObjectInState(ExecutionState &state, const MemoryObject *mo, KType *dynamicType, bool IsAlloca, - const Array *array = 0); + const Array *array = nullptr); /// Resolve a pointer to the memory objects it could point to the /// start of, forking execution when necessary and generating errors diff --git a/lib/Core/Memory.cpp b/lib/Core/Memory.cpp index f85ea95b3b..dd8496baba 100644 --- a/lib/Core/Memory.cpp +++ b/lib/Core/Memory.cpp @@ -39,14 +39,6 @@ DISABLE_WARNING_POP using namespace llvm; using namespace klee; -namespace { -cl::opt - UseConstantArrays("use-constant-arrays", - cl::desc("Use constant arrays instead of updates when " - "possible (default=true)\n"), - cl::init(true), cl::cat(SolvingCat)); -} - /***/ IDType MemoryObject::counter = 1; @@ -81,99 +73,21 @@ void MemoryObject::getAllocInfo(std::string &result) const { /***/ -ObjectState::ObjectState(const MemoryObject *mo, KType *dt) - : copyOnWriteOwner(0), object(mo), concreteStore(new uint8_t[mo->size]), - concreteMask(nullptr), knownSymbolics(nullptr), unflushedMask(nullptr), - updates(nullptr, nullptr), lastUpdate(nullptr), dynamicType(dt), - size(mo->size), readOnly(false) { - if (!UseConstantArrays) { - static unsigned id = 0; - const Array *array = getArrayCache()->CreateArray( - mo->getSizeExpr(), SourceBuilder::makeSymbolic("tmp_arr", ++id)); - updates = UpdateList(array, 0); - } - memset(concreteStore, 0, size); -} - ObjectState::ObjectState(const MemoryObject *mo, const Array *array, KType *dt) - : copyOnWriteOwner(0), object(mo), concreteStore(new uint8_t[mo->size]), - concreteMask(nullptr), knownSymbolics(nullptr), unflushedMask(nullptr), - updates(array, nullptr), lastUpdate(nullptr), dynamicType(dt), - size(mo->size), readOnly(false) { - makeSymbolic(); - memset(concreteStore, 0, size); -} + : copyOnWriteOwner(0), object(mo), knownSymbolics(nullptr), + unflushedMask(false), updates(array, nullptr), lastUpdate(nullptr), + size(array->size), dynamicType(dt), readOnly(false) {} -ObjectState::ObjectState(const ObjectState &os) - : copyOnWriteOwner(0), object(os.object), - concreteStore(new uint8_t[os.size]), - concreteMask(os.concreteMask ? new BitArray(*os.concreteMask, os.size) - : nullptr), - knownSymbolics(nullptr), - unflushedMask(os.unflushedMask ? new BitArray(*os.unflushedMask, os.size) - : nullptr), - updates(os.updates), wasZeroInitialized(os.wasZeroInitialized), - lastUpdate(os.lastUpdate), dynamicType(os.dynamicType), size(os.size), - readOnly(os.readOnly) { - if (os.knownSymbolics) { - knownSymbolics = new ref[size]; - for (unsigned i = 0; i < size; i++) - knownSymbolics[i] = os.knownSymbolics[i]; - } - - memcpy(concreteStore, os.concreteStore, size * sizeof(*concreteStore)); -} - -ObjectState::ObjectState(const MemoryObject *mo, const ObjectState &os) - : copyOnWriteOwner(0), object(mo), concreteStore(new uint8_t[mo->size]), - concreteMask(os.concreteMask ? new BitArray(*os.concreteMask, mo->size) - : nullptr), - knownSymbolics(nullptr), - unflushedMask(os.unflushedMask ? new BitArray(*os.unflushedMask, mo->size) - : nullptr), - updates(os.updates), wasZeroInitialized(os.wasZeroInitialized), - lastUpdate(os.lastUpdate), dynamicType(os.getDynamicType()), - size(mo->size), readOnly(os.readOnly) { - /* This constructor should be used when we extend or truncate the memory - for MemoryObject and want to leave content from previous ObjectState. Maybe - it is good to make it a method, not a constructor. */ - unsigned copyingRange = std::min(size, os.size); - - if (os.knownSymbolics) { - knownSymbolics = new ref[size]; - for (unsigned i = 0; i < copyingRange; ++i) { - knownSymbolics[i] = os.knownSymbolics[i]; - } - } - - if (updates.root && - (isa_and_nonnull(updates.root->source) || - isa_and_nonnull( - updates.root->source))) { - /* As now we cannot make only a part of object symbolic, - we will mark all remain bytes as symbolic. */ - for (unsigned i = copyingRange; i < size; ++i) { - markByteSymbolic(i); - setKnownSymbolic(i, 0); - markByteFlushed(i); - } - } - - memcpy(concreteStore, os.concreteStore, - copyingRange * sizeof(*concreteStore)); - // FIXME: 0xAB is a magical number here... Move to constant. - memset(reinterpret_cast(concreteStore) + - copyingRange * sizeof(*concreteStore), - os.wasZeroInitialized ? 0 : 0xAB, - (size - copyingRange) * sizeof(*concreteStore)); -} +ObjectState::ObjectState(const MemoryObject *mo, KType *dt) + : copyOnWriteOwner(0), object(mo), knownSymbolics(nullptr), + unflushedMask(false), updates(nullptr, nullptr), lastUpdate(nullptr), + size(mo->getSizeExpr()), dynamicType(dt), readOnly(false) {} -ObjectState::~ObjectState() { - delete concreteMask; - delete unflushedMask; - delete[] knownSymbolics; - delete[] concreteStore; -} +ObjectState::ObjectState(const ObjectState &os) + : copyOnWriteOwner(0), object(os.object), knownSymbolics(os.knownSymbolics), + unflushedMask(os.unflushedMask), updates(os.updates), + lastUpdate(os.lastUpdate), size(os.size), dynamicType(os.dynamicType), + readOnly(os.readOnly) {} ArrayCache *ObjectState::getArrayCache() const { assert(object && "object was NULL"); @@ -184,248 +98,66 @@ ArrayCache *ObjectState::getArrayCache() const { const UpdateList &ObjectState::getUpdates() const { // Constant arrays are created lazily. - if (!updates.root) { - // Collect the list of writes, with the oldest writes first. - - // FIXME: We should be able to do this more efficiently, we just need to be - // careful to get the interaction with the cache right. In particular we - // should avoid creating UpdateNode instances we never use. - unsigned NumWrites = updates.head ? updates.head->getSize() : 0; - std::vector, ref>> Writes(NumWrites); - const auto *un = updates.head.get(); - for (unsigned i = NumWrites; i != 0; un = un->next.get()) { - --i; - Writes[i] = std::make_pair(un->index, un->value); - } - - /* For objects of symbolic size we will leave last constant - sizes for every index and create constant array (in terms of - Z3 solver) filled with zeros. This part is required for reads - from unitialzed memory. */ - std::vector> Contents(size); - - // Initialize to zeros. - for (unsigned i = 0, e = size; i != e; ++i) - Contents[i] = ConstantExpr::create(0, Expr::Int8); - - // Pull off as many concrete writes as we can. - unsigned Begin = 0, End = Writes.size(); - for (; Begin != End; ++Begin) { - // Push concrete writes into the constant array. - ConstantExpr *Index = dyn_cast(Writes[Begin].first); - if (!Index) - break; - - ConstantExpr *Value = dyn_cast(Writes[Begin].second); - if (!Value) - break; - - Contents[Index->getZExtValue()] = Value; - } - static unsigned id = 0; - std::string arrayName = "const_arr" + llvm::utostr(++id); - const Array *array = nullptr; - - if (object->hasSymbolicSize()) { - /* Extend updates with last written non-zero constant values. - ConstantValues must be empty in constant array. */ - array = getArrayCache()->CreateArray( - object->getSizeExpr(), SourceBuilder::symbolicSizeConstant(0)); - updates = UpdateList(array, 0); - for (unsigned idx = 0; idx < size; ++idx) { - if (!Contents[idx]->getZExtValue()) { - updates.extend(ConstantExpr::create(idx, Expr::Int32), Contents[idx]); + if (auto sizeExpr = dyn_cast(size)) { + auto size = sizeExpr->getZExtValue(); + if (knownSymbolics.storage().size() == size) { + SparseStorage> values( + ConstantExpr::create(0, Expr::Int8)); + UpdateList symbolicUpdates = UpdateList(nullptr, nullptr); + for (unsigned i = 0; i < size; i++) { + auto value = knownSymbolics.load(i); + assert(value); + if (isa(value)) { + values.store(i, cast(value)); + } else { + symbolicUpdates.extend(ConstantExpr::create(i, Expr::Int32), value); } } - } else { - array = getArrayCache()->CreateArray(object->getSizeExpr(), - SourceBuilder::constant(Contents)); - updates = UpdateList(array, 0); - } - - // Apply the remaining (non-constant) writes. - for (; Begin != End; ++Begin) - updates.extend(Writes[Begin].first, Writes[Begin].second); - } - - return updates; -} - -void ObjectState::flushToConcreteStore(TimingSolver *solver, - const ExecutionState &state) const { - for (unsigned i = 0; i < size; i++) { - if (isByteKnownSymbolic(i)) { - ref ce; - bool success = solver->getValue(state.constraints.cs(), read8(i), ce, - state.queryMetaData); - if (!success) - klee_warning("Solver timed out when getting a value for external call, " - "byte %p+%u will have random value", - (void *)object->address, i); - else - ce->toMemory(concreteStore + i); + auto array = getArrayCache()->CreateArray( + sizeExpr, SourceBuilder::constant(values)); + updates = UpdateList(array, symbolicUpdates.head); + knownSymbolics.reset(); + unflushedMask.reset(); } } -} - -void ObjectState::makeConcrete() { - delete concreteMask; - delete unflushedMask; - delete[] knownSymbolics; - concreteMask = nullptr; - unflushedMask = nullptr; - knownSymbolics = nullptr; -} - -void ObjectState::makeSymbolic() { - assert(!updates.head && - "XXX makeSymbolic of objects with symbolic values is unsupported"); - // XXX simplify this, can just delete various arrays I guess - for (unsigned i = 0; i < size; i++) { - markByteSymbolic(i); - setKnownSymbolic(i, 0); - markByteFlushed(i); - } -} -void ObjectState::initializeToZero() { - makeConcrete(); - wasZeroInitialized = true; - memset(concreteStore, 0, size); -} - -void ObjectState::initializeToRandom() { - makeConcrete(); - wasZeroInitialized = false; - memset(concreteStore, 0xAB, size); -} - -/* -Cache Invariants --- -isByteKnownSymbolic(i) => !isByteConcrete(i) -isByteConcrete(i) => !isByteKnownSymbolic(i) -isByteUnflushed(i) => (isByteConcrete(i) || isByteKnownSymbolic(i)) - */ - -void ObjectState::fastRangeCheckOffset(ref offset, unsigned *base_r, - unsigned *size_r) const { - *base_r = 0; - *size_r = size; -} - -void ObjectState::flushRangeForRead(unsigned rangeBase, - unsigned rangeSize) const { - if (!unflushedMask) - unflushedMask = new BitArray(size, true); - - for (unsigned offset = rangeBase; offset < rangeBase + rangeSize; offset++) { - if (isByteUnflushed(offset)) { - if (isByteConcrete(offset)) { - updates.extend(ConstantExpr::create(offset, Expr::Int32), - ConstantExpr::create(concreteStore[offset], Expr::Int8)); - } else { - assert(isByteKnownSymbolic(offset) && - "invalid bit set in unflushedMask"); - updates.extend(ConstantExpr::create(offset, Expr::Int32), - knownSymbolics[offset]); - } - - unflushedMask->unset(offset); - } - } -} - -void ObjectState::flushRangeForWrite(unsigned rangeBase, unsigned rangeSize) { - if (!unflushedMask) - unflushedMask = new BitArray(size, true); - - for (unsigned offset = rangeBase; offset < rangeBase + rangeSize; offset++) { - if (isByteUnflushed(offset)) { - if (isByteConcrete(offset)) { - updates.extend(ConstantExpr::create(offset, Expr::Int32), - ConstantExpr::create(concreteStore[offset], Expr::Int8)); - markByteSymbolic(offset); - } else { - assert(isByteKnownSymbolic(offset) && - "invalid bit set in unflushedMask"); - updates.extend(ConstantExpr::create(offset, Expr::Int32), - knownSymbolics[offset]); - setKnownSymbolic(offset, 0); - } - - unflushedMask->unset(offset); - } else { - // flushed bytes that are written over still need - // to be marked out - if (isByteConcrete(offset)) { - markByteSymbolic(offset); - } else if (isByteKnownSymbolic(offset)) { - setKnownSymbolic(offset, 0); - } - } + if (!updates.root) { + SparseStorage> values( + ConstantExpr::create(0, Expr::Int8)); + auto array = + getArrayCache()->CreateArray(size, SourceBuilder::constant(values)); + updates = UpdateList(array, updates.head); } -} - -bool ObjectState::isByteConcrete(unsigned offset) const { - return !concreteMask || concreteMask->get(offset); -} -bool ObjectState::isByteUnflushed(unsigned offset) const { - return !unflushedMask || unflushedMask->get(offset); -} - -bool ObjectState::isByteKnownSymbolic(unsigned offset) const { - return knownSymbolics && knownSymbolics[offset].get(); -} - -void ObjectState::markByteConcrete(unsigned offset) { - if (concreteMask) - concreteMask->set(offset); -} + assert(updates.root); -void ObjectState::markByteSymbolic(unsigned offset) { - if (!concreteMask) - concreteMask = new BitArray(size, true); - concreteMask->unset(offset); -} - -void ObjectState::markByteUnflushed(unsigned offset) { - if (unflushedMask) - unflushedMask->set(offset); + return updates; } -void ObjectState::markByteFlushed(unsigned offset) { - if (!unflushedMask) { - unflushedMask = new BitArray(size, false); - } else { - unflushedMask->unset(offset); +void ObjectState::flushForRead() const { + for (const auto &unflushed : unflushedMask.storage()) { + auto offset = unflushed.first; + assert(knownSymbolics.load(offset)); + updates.extend(ConstantExpr::create(offset, Expr::Int32), + knownSymbolics.load(offset)); } + unflushedMask.reset(false); } -void ObjectState::setKnownSymbolic(unsigned offset, - Expr *value /* can be null */) { - if (knownSymbolics) { - knownSymbolics[offset] = value; - } else { - if (value) { - knownSymbolics = new ref[size]; - knownSymbolics[offset] = value; - } - } +void ObjectState::flushForWrite() { + flushForRead(); + // The write is symbolic offset and might overwrite any byte + knownSymbolics.reset(nullptr); } /***/ ref ObjectState::read8(unsigned offset) const { - if (isByteConcrete(offset)) { - return ConstantExpr::create(concreteStore[offset], Expr::Int8); - } else if (isByteKnownSymbolic(offset)) { - return knownSymbolics[offset]; + if (auto byte = knownSymbolics.load(offset)) { + return byte; } else { - assert(!isByteUnflushed(offset) && "unflushed byte without cache value"); - + assert(!unflushedMask.load(offset) && "unflushed byte without cache value"); return ReadExpr::create(getUpdates(), ConstantExpr::create(offset, Expr::Int32)); } @@ -434,11 +166,9 @@ ref ObjectState::read8(unsigned offset) const { ref ObjectState::read8(ref offset) const { assert(!isa(offset) && "constant offset passed to symbolic read8"); - unsigned base, size; - fastRangeCheckOffset(offset, &base, &size); - flushRangeForRead(base, size); + flushForRead(); - if (size > 4096) { + if (object && object->size > 4096) { std::string allocInfo; object->getAllocInfo(allocInfo); klee_warning_once( @@ -446,19 +176,22 @@ ref ObjectState::read8(ref offset) const { "Symbolic memory access will send the following array of %d bytes to " "the constraint solver -- large symbolic arrays may cause significant " "performance issues: %s", - size, allocInfo.c_str()); + object->size, allocInfo.c_str()); } return ReadExpr::create(getUpdates(), ZExtExpr::create(offset, Expr::Int32)); } void ObjectState::write8(unsigned offset, uint8_t value) { - // assert(read_only == false && "writing to read-only object!"); - concreteStore[offset] = value; - setKnownSymbolic(offset, 0); - - markByteConcrete(offset); - markByteUnflushed(offset); + auto byte = knownSymbolics.load(offset); + if (byte) { + auto ce = dyn_cast(byte); + if (ce && ce->getZExtValue(8) == value) { + return; + } + } + knownSymbolics.store(offset, ConstantExpr::create(value, Expr::Int8)); + unflushedMask.store(offset, true); } void ObjectState::write8(unsigned offset, ref value) { @@ -466,21 +199,21 @@ void ObjectState::write8(unsigned offset, ref value) { if (ConstantExpr *CE = dyn_cast(value)) { write8(offset, (uint8_t)CE->getZExtValue(8)); } else { - setKnownSymbolic(offset, value.get()); - - markByteSymbolic(offset); - markByteUnflushed(offset); + auto byte = knownSymbolics.load(offset); + if (byte && byte == value) { + return; + } + knownSymbolics.store(offset, value); + unflushedMask.store(offset, true); } } void ObjectState::write8(ref offset, ref value) { assert(!isa(offset) && "constant offset passed to symbolic write8"); - unsigned base, size; - fastRangeCheckOffset(offset, &base, &size); - flushRangeForWrite(base, size); + flushForWrite(); - if (size > 4096) { + if (object && object->size > 4096) { std::string allocInfo; object->getAllocInfo(allocInfo); klee_warning_once( @@ -488,12 +221,19 @@ void ObjectState::write8(ref offset, ref value) { "Symbolic memory access will send the following array of %d bytes to " "the constraint solver -- large symbolic arrays may cause significant " "performance issues: %s", - size, allocInfo.c_str()); + object->size, allocInfo.c_str()); } updates.extend(ZExtExpr::create(offset, Expr::Int32), value); } +void ObjectState::write(ref os) { + knownSymbolics = os->knownSymbolics; + unflushedMask = os->unflushedMask; + updates = UpdateList(updates.root, os->updates.head); + lastUpdate = os->lastUpdate; +} + /***/ ref ObjectState::read(ref offset, Expr::Width width) const { @@ -642,14 +382,13 @@ void ObjectState::print() const { llvm::errs() << "-- ObjectState --\n"; llvm::errs() << "\tMemoryObject ID: " << object->id << "\n"; llvm::errs() << "\tRoot Object: " << updates.root << "\n"; - llvm::errs() << "\tSize: " << size << "\n"; + llvm::errs() << "\tSize: " << object->size << "\n"; llvm::errs() << "\tBytes:\n"; - for (unsigned i = 0; i < size; i++) { + for (unsigned i = 0; i < object->size; i++) { llvm::errs() << "\t\t[" << i << "]" - << " concrete? " << isByteConcrete(i) << " known-sym? " - << isByteKnownSymbolic(i) << " unflushed? " - << isByteUnflushed(i) << " = "; + << " known? " << !knownSymbolics.load(i).isNull() + << " unflushed? " << unflushedMask.load(i) << " = "; ref e = read8(i); llvm::errs() << e << "\n"; } diff --git a/lib/Core/Memory.h b/lib/Core/Memory.h index 503faca93a..7b072ddcf1 100644 --- a/lib/Core/Memory.h +++ b/lib/Core/Memory.h @@ -12,6 +12,8 @@ #include "MemoryManager.h" #include "TimingSolver.h" +#include "klee/ADT/Ref.h" +#include "klee/ADT/SparseStorage.h" #include "klee/Core/Context.h" #include "klee/Expr/Assignment.h" @@ -209,57 +211,42 @@ class ObjectState { ref object; - /// @brief Holds all known concrete bytes - uint8_t *concreteStore; - - /// @brief concreteMask[byte] is set if byte is known to be concrete - BitArray *concreteMask; - - /// knownSymbolics[byte] holds the symbolic expression for byte, - /// if byte is known to be symbolic - ref *knownSymbolics; + /// knownSymbolics[byte] holds the expression for byte, + /// if byte is known + mutable SparseStorage, OptionalRefEq> knownSymbolics; /// unflushedMask[byte] is set if byte is unflushed /// mutable because may need flushed during read of const - mutable BitArray *unflushedMask; + mutable SparseStorage unflushedMask; // mutable because we may need flush during read of const mutable UpdateList updates; - bool wasZeroInitialized = true; - ref lastUpdate; + ref size; + KType *dynamicType; public: - unsigned size; - bool readOnly; public: - /// Create a new object state for the given memory object with concrete - /// contents. The initial contents are undefined, it is the callers - /// responsibility to initialize the object contents appropriately. + /// Create a new object state for the given memory + // For objects in memory + ObjectState(const MemoryObject *mo, const Array *array, KType *dt); ObjectState(const MemoryObject *mo, KType *dt); - /// Create a new object state for the given memory object with symbolic - /// contents. - ObjectState(const MemoryObject *mo, const Array *array, KType *dt); - ObjectState(const MemoryObject *mo, const ObjectState &os); + // For symbolic objects not in memory (hack) ObjectState(const ObjectState &os); - ~ObjectState(); + ~ObjectState() = default; const MemoryObject *getObject() const { return object.get(); } void setReadOnly(bool ro) { readOnly = ro; } - /// Make contents all concrete and zero - void initializeToZero(); - - /// Make contents all concrete and random - void initializeToRandom(); + void swapObjectHack(MemoryObject *mo) { object = mo; } ref read(ref offset, Expr::Width width) const; ref read(unsigned offset, Expr::Width width) const; @@ -267,6 +254,7 @@ class ObjectState { void write(unsigned offset, ref value); void write(ref offset, ref value); + void write(ref os); void write8(unsigned offset, uint8_t value); void write16(unsigned offset, uint16_t value); @@ -274,13 +262,6 @@ class ObjectState { void write64(unsigned offset, uint64_t value); void print() const; - /* - Looks at all the symbolic bytes of this object, gets a value for them - from the solver and puts them in the concreteStore. - */ - void flushToConcreteStore(TimingSolver *solver, - const ExecutionState &state) const; - bool isAccessableFrom(KType *) const; KType *getDynamicType() const; @@ -290,31 +271,12 @@ class ObjectState { void makeConcrete(); - void makeSymbolic(); - ref read8(ref offset) const; void write8(unsigned offset, ref value); void write8(ref offset, ref value); - void fastRangeCheckOffset(ref offset, unsigned *base_r, - unsigned *size_r) const; - void flushRangeForRead(unsigned rangeBase, unsigned rangeSize) const; - void flushRangeForWrite(unsigned rangeBase, unsigned rangeSize); - - /// isByteConcrete ==> !isByteKnownSymbolic - bool isByteConcrete(unsigned offset) const; - - /// isByteKnownSymbolic ==> !isByteConcrete - bool isByteKnownSymbolic(unsigned offset) const; - - /// isByteUnflushed(i) => (isByteConcrete(i) || isByteKnownSymbolic(i)) - bool isByteUnflushed(unsigned offset) const; - - void markByteConcrete(unsigned offset); - void markByteSymbolic(unsigned offset); - void markByteFlushed(unsigned offset); - void markByteUnflushed(unsigned offset); - void setKnownSymbolic(unsigned offset, Expr *value); + void flushForRead() const; + void flushForWrite(); ArrayCache *getArrayCache() const; }; diff --git a/lib/Expr/ArrayCache.cpp b/lib/Expr/ArrayCache.cpp index afea585300..3962278f6c 100644 --- a/lib/Expr/ArrayCache.cpp +++ b/lib/Expr/ArrayCache.cpp @@ -11,41 +11,25 @@ ArrayCache::~ArrayCache() { ai != e; ++ai) { delete *ai; } - for (ArrayPtrVec::iterator ai = concreteArrays.begin(), - e = concreteArrays.end(); - ai != e; ++ai) { - delete *ai; - } } const Array *ArrayCache::CreateArray(ref _size, ref _source, Expr::Width _domain, Expr::Width _range) { - const Array *array = new Array(_size, _source, _domain, _range, getNextID()); - if (array->isSymbolicArray()) { - std::pair success = - cachedSymbolicArrays.insert(array); - if (success.second) { - // Cache miss - return array; - } - // Cache hit - delete array; - array = *(success.first); - assert(array->isSymbolicArray() && - "Cached symbolic array is no longer symbolic"); - return array; - } else { - // Treat every constant array as distinct so we never cache them - assert(array->isConstantArray()); - concreteArrays.push_back(array); // For deletion later + auto id = allocatedCount[_source->getKind()]; + const Array *array = new Array(_size, _source, _domain, _range, id); + std::pair success = + cachedSymbolicArrays.insert(array); + if (success.second) { + // Cache miss + allocatedCount[_source->getKind()]++; return array; } -} - -unsigned ArrayCache::getNextID() const { - return cachedSymbolicArrays.size() + concreteArrays.size(); + // Cache hit + delete array; + array = *(success.first); + return array; } } // namespace klee diff --git a/lib/Expr/ArrayExprOptimizer.cpp b/lib/Expr/ArrayExprOptimizer.cpp index d67bd3ddbd..205685fdd6 100644 --- a/lib/Expr/ArrayExprOptimizer.cpp +++ b/lib/Expr/ArrayExprOptimizer.cpp @@ -198,6 +198,7 @@ bool ExprOptimizer::computeIndexes(array2idx_ty &arrays, const ref &e, // For each constant array found for (auto &element : arrays) { const Array *arr = element.first; + auto arraySize = cast(arr->size)->getZExtValue(); assert(arr->isConstantArray() && "Array is not concrete"); assert(element.second.size() == 1 && "Multiple indexes on the same array"); @@ -224,8 +225,7 @@ bool ExprOptimizer::computeIndexes(array2idx_ty &arrays, const ref &e, // For each concrete value 'i' stored in the array if (ref constantSource = cast(arr->source)) { - for (size_t aIdx = 0; aIdx < constantSource->constantValues.size(); - aIdx += width) { + for (size_t aIdx = 0; aIdx < arraySize; aIdx += width) { auto *a = new Assignment(); std::vector objects; std::vector> values; @@ -302,7 +302,8 @@ ref ExprOptimizer::getSelectOptExpr( std::vector> arrayConstValues; if (ref constantSource = dyn_cast(read->updates.root->source)) { - arrayConstValues = constantSource->constantValues; + arrayConstValues = + constantSource->constantValues.getFirstNIndexes(size); } for (auto it = us.rbegin(); it != us.rend(); it++) { const UpdateNode *un = *it; @@ -377,7 +378,8 @@ ref ExprOptimizer::getSelectOptExpr( std::vector> arrayConstValues; if (ref constantSource = dyn_cast(read->updates.root->source)) { - arrayConstValues = constantSource->constantValues; + arrayConstValues = + constantSource->constantValues.getFirstNIndexes(size); } if (arrayConstValues.size() < size) { // We need to "force" initialization of the values diff --git a/lib/Expr/Assignment.cpp b/lib/Expr/Assignment.cpp index 1cc7a76e1c..860f1a0a50 100644 --- a/lib/Expr/Assignment.cpp +++ b/lib/Expr/Assignment.cpp @@ -22,10 +22,13 @@ void Assignment::dump() const { } for (bindings_ty::iterator i = bindings.begin(), e = bindings.end(); i != e; ++i) { - llvm::errs() << (*i).first->getName() << "\n["; - for (int j = 0, k = (*i).second.size(); j < k; ++j) - llvm::errs() << (int)(*i).second.load(j) << ","; - llvm::errs() << "]\n"; + llvm::errs() << (*i).first->getName() << "\n"; + Density d = + ((*i).second.storage().size() * 2 < (*i).second.sizeOfSetRange()) + ? Density::Sparse + : Density::Dense; + (*i).second.print(llvm::errs(), d); + llvm::errs() << "\n"; } } diff --git a/lib/Expr/CMakeLists.txt b/lib/Expr/CMakeLists.txt index 758a4ca743..03137ef820 100644 --- a/lib/Expr/CMakeLists.txt +++ b/lib/Expr/CMakeLists.txt @@ -32,6 +32,10 @@ add_library(kleaverExpr Updates.cpp ) +target_link_libraries(kleaverExpr PRIVATE + kleeADT +) + llvm_config(kleaverExpr "${USE_LLVM_SHARED}" support) target_include_directories(kleaverExpr PRIVATE ${KLEE_INCLUDE_DIRS} ${LLVM_INCLUDE_DIRS}) target_compile_options(kleaverExpr PRIVATE ${KLEE_COMPONENT_CXX_FLAGS}) diff --git a/lib/Expr/Expr.cpp b/lib/Expr/Expr.cpp index ccf6eab730..086074f884 100644 --- a/lib/Expr/Expr.cpp +++ b/lib/Expr/Expr.cpp @@ -1465,22 +1465,7 @@ Array::Array(ref _size, ref _source, Expr::Width _domain, Expr::Width _range, unsigned _id) : size(_size), source(_source), domain(_domain), range(_range), id(_id) { ref constantSize = dyn_cast(size); - assert( - (!isa(_source) || - cast(_source)->size() == constantSize->getZExtValue()) && - "Invalid size for constant array!"); computeHash(); -#ifndef NDEBUG - if (isa(_source)) { - for (const ref * - it = cast(_source)->constantValues.data(), - *end = cast(_source)->constantValues.data() + - cast(_source)->constantValues.size(); - it != end; ++it) - assert((*it)->getWidth() == getRange() && - "Invalid initial constant value!"); - } -#endif // NDEBUG std::set allArrays = _source->getRelatedArrays(); std::vector sizeArrays; @@ -1529,6 +1514,22 @@ ref ReadExpr::create(const UpdateList &ul, ref index) { } } + // So that we return weird stuff like reads from consts that should have + // simplified to constant exprs if we read beyond size boundary. + if (auto source = dyn_cast(ul.root->source)) { + if (auto arraySizeExpr = dyn_cast(ul.root->size)) { + if (auto indexExpr = dyn_cast(index)) { + auto arraySize = arraySizeExpr->getZExtValue(); + auto concreteIndex = indexExpr->getZExtValue(); + if (concreteIndex >= arraySize) { + return ReadExpr::alloc(ul, index); + } + } + } else { + return ReadExpr::alloc(ul, index); + } + } + if (isa(ul.root->source) && !updateListHasSymbolicWrites) { // No updates with symbolic index to a constant array have been found if (ConstantExpr *CE = dyn_cast(index)) { @@ -1536,9 +1537,8 @@ ref ReadExpr::create(const UpdateList &ul, ref index) { ref constantSource = cast(ul.root->source); uint64_t concreteIndex = CE->getZExtValue(); - uint64_t size = constantSource->constantValues.size(); - if (concreteIndex < size) { - return constantSource->constantValues[concreteIndex]; + if (auto value = constantSource->constantValues.load(concreteIndex)) { + return value; } } } @@ -2251,12 +2251,14 @@ static ref TryConstArrayOpt(const ref &cl, ReadExpr *rd) { // for now, just assume standard "flushing" of a concrete array, // where the concrete array has one update for each index, in order + auto arraySize = dyn_cast(rd->updates.root->size); + assert(arraySize); + auto size = arraySize->getZExtValue(); ref res = ConstantExpr::alloc(0, Expr::Bool); if (ref constantSource = dyn_cast(rd->updates.root->source)) { - for (unsigned i = 0, e = constantSource->constantValues.size(); i != e; - ++i) { - if (cl == constantSource->constantValues[i]) { + for (unsigned i = 0, e = size; i != e; ++i) { + if (cl == constantSource->constantValues.load(i)) { // Arbitrary maximum on the size of disjunction. if (++numMatches > 100) return EqExpr_create(cl, rd); diff --git a/lib/Expr/ExprEvaluator.cpp b/lib/Expr/ExprEvaluator.cpp index bcadb59156..418640769a 100644 --- a/lib/Expr/ExprEvaluator.cpp +++ b/lib/Expr/ExprEvaluator.cpp @@ -32,15 +32,10 @@ ExprVisitor::Action ExprEvaluator::evalRead(const UpdateList &ul, if (ref constantSource = dyn_cast(ul.root->source)) { - if (index < constantSource->constantValues.size()) { - return Action::changeTo(constantSource->constantValues[index]); + if (auto value = constantSource->constantValues.load(index)) { + return Action::changeTo(value); } } - if (ref symbolicSizeConstantSource = - dyn_cast(ul.root->source)) { - return Action::changeTo(ConstantExpr::create( - symbolicSizeConstantSource->defaultValue, ul.root->getRange())); - } return Action::changeTo(getInitialValue(*ul.root, index)); } diff --git a/lib/Expr/ExprPPrinter.cpp b/lib/Expr/ExprPPrinter.cpp index 165b438025..46d4a1072b 100644 --- a/lib/Expr/ExprPPrinter.cpp +++ b/lib/Expr/ExprPPrinter.cpp @@ -385,19 +385,16 @@ class PPrinter : public ExprPPrinter { void printSource(ref source, PrintContext &PC) { PC << "("; PC << source->getName() << " "; + if (auto s = dyn_cast(source)) { - PC << " ["; - for (unsigned i = 0; i < s->constantValues.size(); i++) { - PC << s->constantValues[i]; - if (i != s->constantValues.size() - 1) { - PC << " "; - } - } - PC << "]"; - } else if (auto s = dyn_cast(source)) { - PC << s->defaultValue; + s->constantValues.print(PC.getStream(), Density::Sparse); } else if (auto s = dyn_cast(source)) { - PC << s->defaultValue << " " << s->version; + PC << s->version << " "; + s->allocSite->getID().print(PC.getStream()); + PC << " " << s->size; + } else if (auto s = dyn_cast(source)) { + PC << s->version << " "; + s->allocSite->getID().print(PC.getStream()); } else if (auto s = dyn_cast(source)) { PC << s->name << " " << s->version; } else if (auto s = dyn_cast(source)) { diff --git a/lib/Expr/ExprSMTLIBPrinter.cpp b/lib/Expr/ExprSMTLIBPrinter.cpp index e1a9b9aa89..ea0315ce4e 100644 --- a/lib/Expr/ExprSMTLIBPrinter.cpp +++ b/lib/Expr/ExprSMTLIBPrinter.cpp @@ -557,7 +557,11 @@ namespace { struct ArrayPtrsByName { bool operator()(const Array *a1, const Array *a2) const { - return a1->id < a2->id; + if (a1->source->getKind() != a2->source->getKind()) { + return a1->source->getKind() < a2->source->getKind(); + } else { + return a1->id < a2->id; + } } }; @@ -613,14 +617,8 @@ void ExprSMTLIBPrinter::printArrayDeclarations() { << " " << array->getDomain() << ") )"; printSeperator(); - if (ref symbolicSizeConstantSource = - dyn_cast(array->source)) { - printConstant(ConstantExpr::create( - symbolicSizeConstantSource->defaultValue, array->getRange())); - } else if (ref constantSource = - cast(array->source)) { - printConstant(constantSource->constantValues[byteIndex]); - } + auto source = dyn_cast(array->source); + printConstant(source->constantValues.load(byteIndex)); p->popIndent(); printSeperator(); diff --git a/lib/Expr/IndependentSet.cpp b/lib/Expr/IndependentSet.cpp index 3acca539c9..feb3d26583 100644 --- a/lib/Expr/IndependentSet.cpp +++ b/lib/Expr/IndependentSet.cpp @@ -90,8 +90,6 @@ void IndependentConstraintSet::addValuesToAssignment( for (unsigned i = 0; i < objects.size(); i++) { if (assign.bindings.count(objects[i])) { SparseStorage value = assign.bindings.at(objects[i]); - assert(value.size() == values[i].size() && - "we're talking about the same array here"); DenseSet ds = (elements.find(objects[i]))->second; for (std::set::iterator it2 = ds.begin(); it2 != ds.end(); it2++) { diff --git a/lib/Expr/Lexer.cpp b/lib/Expr/Lexer.cpp index 9be58ae5ce..acbb29b9dc 100644 --- a/lib/Expr/Lexer.cpp +++ b/lib/Expr/Lexer.cpp @@ -54,6 +54,10 @@ const char *Token::getKindName() const { return "KWQuery"; case KWPath: return "KWPath"; + case KWDefault: + return "KWDefault"; + case KWNull: + return "KWNull"; case KWReserved: return "KWReserved"; case KWSymbolic: @@ -180,6 +184,8 @@ Token &Lexer::SetIdentifierTokenKind(Token &Result) { return SetTokenKind(Result, Token::KWTrue); if (memcmp("path", Result.start, 4) == 0) return SetTokenKind(Result, Token::KWPath); + if (memcmp("null", Result.start, 4) == 0) + return SetTokenKind(Result, Token::KWNull); break; case 5: @@ -199,6 +205,8 @@ Token &Lexer::SetIdentifierTokenKind(Token &Result) { case 7: if (memcmp("declare", Result.start, 7) == 0) return SetTokenKind(Result, Token::KWReserved); + if (memcmp("default", Result.start, 7) == 0) + return SetTokenKind(Result, Token::KWDefault); break; case 8: diff --git a/lib/Expr/Parser.cpp b/lib/Expr/Parser.cpp index b072cec826..19b72f7321 100644 --- a/lib/Expr/Parser.cpp +++ b/lib/Expr/Parser.cpp @@ -322,7 +322,6 @@ class ParserImpl : public Parser { SourceResult ParseSource(); SourceResult ParseConstantSource(); - SourceResult ParseSymbolicSizeConstantSource(); SourceResult ParseSymbolicSizeConstantAddressSource(); SourceResult ParseMakeSymbolicSource(); SourceResult ParseLazyInitializationContentSource(); @@ -483,8 +482,6 @@ SourceResult ParserImpl::ParseSource() { SourceResult source; if (type == "constant") { source = ParseConstantSource(); - } else if (type == "symbolicSizeConstant") { - source = ParseSymbolicSizeConstantSource(); } else if (type == "symbolicSizeConstantAddress") { source = ParseSymbolicSizeConstantAddressSource(); } else if (type == "makeSymbolic") { @@ -509,39 +506,69 @@ SourceResult ParserImpl::ParseSource() { } SourceResult ParserImpl::ParseConstantSource() { - std::vector> Values; - ConsumeLSquare(); - while (Tok.kind != Token::RSquare) { - if (Tok.kind == Token::EndOfFile) { - Error("unexpected end of file."); - assert(0); + std::unordered_map> storage; + ref defaultValue = nullptr; + + if (Tok.kind == Token::LSquare) { + ConsumeLSquare(); + unsigned index = 0; + while (Tok.kind != Token::RSquare) { + if (Tok.kind == Token::EndOfFile) { + Error("unexpected end of file."); + assert(0); + } + ExprResult Res = ParseNumber(8).get(); // Should be Range Type + storage.insert({index, cast(Res.get())}); + if (Tok.kind == Token::Comma) { + ConsumeExpectedToken(Token::Comma); + } + index++; } - - ExprResult Res = ParseNumber(8); // Should be Range Type - if (Res.isValid()) - Values.push_back(cast(Res.get())); + ConsumeRSquare(); + } else if (Tok.kind == Token::LBrace) { + ConsumeExpectedToken(Token::LBrace); + while (Tok.kind != Token::RBrace) { + if (Tok.kind == Token::EndOfFile) { + Error("unexpected end of file."); + assert(0); + } + ExprResult Index = ParseNumber(64).get(); + ConsumeExpectedToken(Token::Colon); + ExprResult Res = ParseNumber(8).get(); // Should be Range Type + storage.insert({cast(Index.get())->getZExtValue(), + cast(Res.get())}); + if (Tok.kind == Token::Comma) { + ConsumeExpectedToken(Token::Comma); + } + } + ConsumeExpectedToken(Token::RBrace); + } else { + assert(0 && "Parsing error"); } - ConsumeRSquare(); - return SourceBuilder::constant(Values); -} -SourceResult ParserImpl::ParseSymbolicSizeConstantSource() { - auto valueExpr = ParseNumber(64).get(); - if (auto ce = dyn_cast(valueExpr)) { - return SourceBuilder::symbolicSizeConstant(ce->getZExtValue()); + ConsumeExpectedToken(Token::KWDefault); + ConsumeExpectedToken(Token::Colon); + + if (Tok.kind != Token::KWNull) { + ExprResult DV = ParseNumber(8).get(); // Should be Range Type + defaultValue = cast(DV.get()); } else { - assert(0); + ConsumeExpectedToken(Token::KWNull); } + + SparseStorage> Values(storage, defaultValue); + return SourceBuilder::constant(Values); } SourceResult ParserImpl::ParseSymbolicSizeConstantAddressSource() { - auto valueExpr = ParseNumber(64).get(); - auto versionExpr = ParseNumber(64).get(); - auto value = dyn_cast(valueExpr); - auto version = dyn_cast(versionExpr); - assert(value && version); - return SourceBuilder::symbolicSizeConstantAddress(value->getZExtValue(), - version->getZExtValue()); + assert(0 && "unimplemented"); + // auto valueExpr = ParseNumber(64).get(); + // auto versionExpr = ParseNumber(64).get(); + // auto value = dyn_cast(valueExpr); + // auto version = dyn_cast(versionExpr); + // assert(value && version); + // return SourceBuilder::symbolicSizeConstantAddress(value->getZExtValue(), + // version->getZExtValue()); } SourceResult ParserImpl::ParseMakeSymbolicSource() { diff --git a/lib/Expr/SourceBuilder.cpp b/lib/Expr/SourceBuilder.cpp index a667a19ba2..2a3a09908d 100644 --- a/lib/Expr/SourceBuilder.cpp +++ b/lib/Expr/SourceBuilder.cpp @@ -1,4 +1,5 @@ #include "klee/Expr/SourceBuilder.h" +#include "klee/ADT/SparseStorage.h" #include "klee/Expr/Expr.h" #include "klee/Expr/SymbolicSource.h" #include "klee/Module/KModule.h" @@ -6,23 +7,23 @@ using namespace klee; ref -SourceBuilder::constant(const std::vector> &constantValues) { +SourceBuilder::constant(SparseStorage> constantValues) { ref r(new ConstantSource(constantValues)); r->computeHash(); return r; } -ref SourceBuilder::symbolicSizeConstant(unsigned defaultValue) { - ref r(new SymbolicSizeConstantSource(defaultValue)); +ref +SourceBuilder::uninitialized(unsigned version, const KInstruction *allocSite) { + ref r(new UninitializedSource(version, allocSite)); r->computeHash(); return r; } -ref -SourceBuilder::symbolicSizeConstantAddress(unsigned defaultValue, - unsigned version) { +ref SourceBuilder::symbolicSizeConstantAddress( + unsigned version, const KInstruction *allocSite, ref size) { ref r( - new SymbolicSizeConstantAddressSource(defaultValue, version)); + new SymbolicSizeConstantAddressSource(version, allocSite, size)); r->computeHash(); return r; } @@ -86,4 +87,4 @@ ref SourceBuilder::irreproducible(const std::string &name) { ref r(new IrreproducibleSource(name + llvm::utostr(++id))); r->computeHash(); return r; -} \ No newline at end of file +} diff --git a/lib/Expr/SymbolicSource.cpp b/lib/Expr/SymbolicSource.cpp index 9d8d3b6e58..1f78147c2b 100644 --- a/lib/Expr/SymbolicSource.cpp +++ b/lib/Expr/SymbolicSource.cpp @@ -46,27 +46,74 @@ std::set LazyInitializationSource::getRelatedArrays() const { } unsigned ConstantSource::computeHash() { - unsigned res = 0; - for (unsigned i = 0, e = constantValues.size(); i != e; ++i) { - res = - (res * SymbolicSource::MAGIC_HASH_CONSTANT) + constantValues[i]->hash(); + auto defaultV = constantValues.defaultV(); + auto ordered = constantValues.calculateOrderedStorage(); + + unsigned res = (getKind() * SymbolicSource::MAGIC_HASH_CONSTANT) + + (defaultV ? defaultV->hash() : 0); + + for (auto kv : ordered) { + res = (res * SymbolicSource::MAGIC_HASH_CONSTANT) + kv.first; + res = (res * SymbolicSource::MAGIC_HASH_CONSTANT) + kv.second->hash(); } - res = (res * SymbolicSource::MAGIC_HASH_CONSTANT) + getKind(); + hashValue = res; return hashValue; } -unsigned SymbolicSizeConstantSource::computeHash() { - unsigned res = - (getKind() * SymbolicSource::MAGIC_HASH_CONSTANT) + defaultValue; +unsigned UninitializedSource::computeHash() { + unsigned res = getKind(); + res = res * SymbolicSource::MAGIC_HASH_CONSTANT + version; + res = res * SymbolicSource::MAGIC_HASH_CONSTANT + allocSite->hash(); hashValue = res; return hashValue; } +int UninitializedSource::internalCompare(const SymbolicSource &b) const { + if (getKind() != b.getKind()) { + return getKind() < b.getKind() ? -1 : 1; + } + const UninitializedSource &ub = static_cast(b); + + if (version != ub.version) { + return version < ub.version ? -1 : 1; + } + + if (allocSite != ub.allocSite) { + return allocSite->getGlobalIndex() < ub.allocSite->getGlobalIndex() ? -1 + : 1; + } + + return 0; +} + +int SymbolicSizeConstantAddressSource::internalCompare( + const SymbolicSource &b) const { + if (getKind() != b.getKind()) { + return getKind() < b.getKind() ? -1 : 1; + } + const SymbolicSizeConstantAddressSource &ub = + static_cast(b); + + if (version != ub.version) { + return version < ub.version ? -1 : 1; + } + if (size != ub.size) { + return size < ub.size ? -1 : 1; + } + if (allocSite != ub.allocSite) { + return allocSite->getGlobalIndex() < ub.allocSite->getGlobalIndex() ? -1 + : 1; + } + + return 0; +} + unsigned SymbolicSizeConstantAddressSource::computeHash() { - unsigned res = - (getKind() * SymbolicSource::MAGIC_HASH_CONSTANT) + defaultValue; - res = (res * SymbolicSource::MAGIC_HASH_CONSTANT) + version; + unsigned res = getKind(); + res = res * MAGIC_HASH_CONSTANT + version; + res = res * MAGIC_HASH_CONSTANT + allocSite->hash(); + res = res * MAGIC_HASH_CONSTANT + size->hash(); hashValue = res; return hashValue; } @@ -117,21 +164,14 @@ int InstructionSource::internalCompare(const SymbolicSource &b) const { } assert(km == ib.km); auto function = allocSite.getParent()->getParent(); - auto bFunction = ib.allocSite.getParent()->getParent(); - if (km->getFunctionId(function) != km->getFunctionId(bFunction)) { - return km->getFunctionId(function) < km->getFunctionId(bFunction) ? -1 : 1; - } auto kf = km->functionMap.at(function); - auto block = allocSite.getParent(); - auto bBlock = ib.allocSite.getParent(); - if (kf->blockMap[block]->getId() != kf->blockMap[bBlock]->getId()) { - return kf->blockMap[block]->getId() < kf->blockMap[bBlock]->getId() ? -1 - : 1; - } - if (kf->instructionMap[&allocSite]->getIndex() != - kf->instructionMap[&ib.allocSite]->getIndex()) { - return kf->instructionMap[&allocSite]->getIndex() < - kf->instructionMap[&ib.allocSite]->getIndex() + auto bfunction = ib.allocSite.getParent()->getParent(); + auto bkf = km->functionMap.at(bfunction); + + if (kf->instructionMap[&allocSite]->getGlobalIndex() != + bkf->instructionMap[&ib.allocSite]->getGlobalIndex()) { + return kf->instructionMap[&allocSite]->getGlobalIndex() < + bkf->instructionMap[&ib.allocSite]->getGlobalIndex() ? -1 : 1; } diff --git a/lib/Module/KInstruction.cpp b/lib/Module/KInstruction.cpp index b5c33fe41d..09497d344c 100644 --- a/lib/Module/KInstruction.cpp +++ b/lib/Module/KInstruction.cpp @@ -115,3 +115,7 @@ unsigned KInstruction::getDest() const { return parent->parent->getNumArgs() + getIndex() + (parent->instructions - parent->parent->instructions); } + +KInstruction::Index KInstruction::getID() const { + return {getGlobalIndex(), parent->getId(), parent->parent->id}; +} diff --git a/lib/Module/KModule.cpp b/lib/Module/KModule.cpp index 946fd2f087..3f5c83ea84 100644 --- a/lib/Module/KModule.cpp +++ b/lib/Module/KModule.cpp @@ -482,7 +482,7 @@ void KModule::checkModule() { } } -KBlock *KModule::getKBlock(llvm::BasicBlock *bb) { +KBlock *KModule::getKBlock(const llvm::BasicBlock *bb) { return functionMap[bb->getParent()]->blockMap[bb]; } diff --git a/lib/Solver/CexCachingSolver.cpp b/lib/Solver/CexCachingSolver.cpp index 98a9f58149..20d35f8bd6 100644 --- a/lib/Solver/CexCachingSolver.cpp +++ b/lib/Solver/CexCachingSolver.cpp @@ -425,8 +425,7 @@ bool CexCachingSolver::computeInitialValues( cast(a)->evaluate(os->size); assert(arrayConstantSize && "Array of symbolic size had not receive value for size!"); - values[i] = - SparseStorage(arrayConstantSize->getZExtValue(), 0); + values[i] = SparseStorage(0); } else { values[i] = it->second; } diff --git a/lib/Solver/FastCexSolver.cpp b/lib/Solver/FastCexSolver.cpp index 3276b3d1be..f4c1b377aa 100644 --- a/lib/Solver/FastCexSolver.cpp +++ b/lib/Solver/FastCexSolver.cpp @@ -389,13 +389,9 @@ class CexRangeEvaluator : public ExprRangeEvaluator { if (array.isConstantArray() && index.isFixed()) { if (ref constantSource = dyn_cast(array.source)) { - if (index.min() < constantSource->constantValues.size()) { - return ValueRange( - constantSource->constantValues[index.min()]->getZExtValue(8)); + if (auto value = constantSource->constantValues.load(index.min())) { + return ValueRange(value->getZExtValue(8)); } - } else if (ref symbolicSizeConstantSource = - dyn_cast(array.source)) { - return ValueRange(symbolicSizeConstantSource->defaultValue); } } return ValueRange(0, 255); @@ -896,10 +892,11 @@ class CexData { if (ref constantSource = dyn_cast(array->source)) { // Verify the range. - propagateExactValues(constantSource->constantValues[index.min()], + if (!isa(array->size)) { + assert(0 && "Unimplemented"); + } + propagateExactValues(constantSource->constantValues.load(index.min()), range); - } else if (isa(array->source)) { - assert(0 && "not implemented"); } else { CexValueData cvd = cod.getExactValues(index.min()); if (range.min() > cvd.min()) { @@ -1195,7 +1192,6 @@ bool FastCexSolver::computeInitialValues( dyn_cast(cd.evaluatePossible(array->size)); assert(arrayConstantSize && "Array of symbolic size had not receive value for size!"); - data.resize(arrayConstantSize->getZExtValue()); for (unsigned i = 0; i < arrayConstantSize->getZExtValue(); i++) { ref read = ReadExpr::create( diff --git a/lib/Solver/MetaSMTBuilder.h b/lib/Solver/MetaSMTBuilder.h index b2418b8f91..6944402788 100644 --- a/lib/Solver/MetaSMTBuilder.h +++ b/lib/Solver/MetaSMTBuilder.h @@ -216,10 +216,11 @@ MetaSMTBuilder::getInitialArray(const Array *root) { bool hashed = _arr_hash.lookupArrayExpr(root, array_expr); if (!hashed) { - if (isa(root->source)) { - llvm::report_fatal_error("MetaSMT does not support constant arrays or " - "quantifiers to instantiate " - "constant array of symbolic size!"); + if (ref constantSource = + dyn_cast(root->source)) { + if (!isa(root->size)) { + assert(0 && "MetaSMT does not support symsize constant arrays"); + } } array_expr = @@ -227,14 +228,14 @@ MetaSMTBuilder::getInitialArray(const Array *root) { if (ref constantSource = dyn_cast(root->source)) { - uint64_t constantSize = cast(root->size)->getZExtValue(); - for (unsigned i = 0, e = constantSize; i != e; ++i) { + auto constantSize = cast(root->size)->getZExtValue(); + for (unsigned i = 0; i < constantSize; ++i) { typename SolverContext::result_type tmp = evaluate( _solver, metaSMT::logic::Array::store( array_expr, construct(ConstantExpr::alloc(i, root->getDomain()), 0), - construct(constantSource->constantValues[i], 0))); + construct(constantSource->constantValues.load(i), 0))); array_expr = tmp; } } @@ -705,6 +706,33 @@ MetaSMTBuilder::constructActual(ref e, int *width_out) { ReadExpr *re = cast(e); assert(re && re->updates.root); *width_out = re->updates.root->getRange(); + + if (auto constantSource = + dyn_cast(re->updates.root->source)) { + if (!isa(re->updates.root->size)) { + ref selectExpr = constantSource->constantValues.defaultV(); + for (const auto &[index, value] : + constantSource->constantValues.storage()) { + selectExpr = SelectExpr::create( + EqExpr::create(re->index, ConstantExpr::create( + index, re->index->getWidth())), + value, selectExpr); + } + std::vector update_nodes; + auto un = re->updates.head.get(); + for (; un; un = un->next.get()) { + update_nodes.push_back(un); + } + + for (auto it = update_nodes.rbegin(); it != update_nodes.rend(); ++it) { + selectExpr = + SelectExpr::create(EqExpr::create(re->index, (*it)->index), + (*it)->value, selectExpr); + } + return construct(selectExpr, width_out); + } + } + // FixMe call method of Array res = evaluate(_solver, metaSMT::logic::Array::select( getArrayForUpdate(re->updates.root, diff --git a/lib/Solver/MetaSMTSolver.cpp b/lib/Solver/MetaSMTSolver.cpp index f162013864..55ba6a4b4a 100644 --- a/lib/Solver/MetaSMTSolver.cpp +++ b/lib/Solver/MetaSMTSolver.cpp @@ -261,14 +261,7 @@ SolverImpl::SolverRunStatus MetaSMTSolverImpl::runAndGetCex( typename SolverContext::result_type array_exp = _builder->getInitialArray(array); - size_t constantSize = 0; - if (ref sizeExpr = dyn_cast(array->size)) { - constantSize = sizeExpr->getZExtValue(); - } else { - constantSize = - read_value(_meta_solver, _builder->construct(array->size)); - } - SparseStorage data(constantSize, 0); + SparseStorage data(0); for (unsigned offset : readOffsets.at(array)) { typename SolverContext::result_type elem_exp = evaluate( @@ -415,7 +408,6 @@ MetaSMTSolverImpl::runAndGetCexForked( values = std::vector>(objects.size()); for (unsigned i = 0; i < objects.size(); ++i) { SparseStorage &data = values[i]; - data.resize(shared_memory_sizes_ptr[i]); data.store(0, pos, pos + shared_memory_sizes_ptr[i]); pos += shared_memory_sizes_ptr[i]; } diff --git a/lib/Solver/STPBuilder.cpp b/lib/Solver/STPBuilder.cpp index 3ee8fbe2b7..b766111ed7 100644 --- a/lib/Solver/STPBuilder.cpp +++ b/lib/Solver/STPBuilder.cpp @@ -426,6 +426,14 @@ ExprHandle STPBuilder::constructSDivByConstant(ExprHandle expr_n, ::VCExpr STPBuilder::getInitialArray(const Array *root) { assert(root); + + if (ref constantSource = + dyn_cast(root->source)) { + if (!isa(root->size)) { + assert(0 && "STP does not support symsize constant arrays"); + } + } + ::VCExpr array_expr; bool hashed = _arr_hash.lookupArrayExpr(root, array_expr); @@ -433,13 +441,7 @@ ::VCExpr STPBuilder::getInitialArray(const Array *root) { // STP uniques arrays by name, so we make sure the name is unique by // using the size of the array hash as a counter. std::string unique_id = llvm::utostr(_arr_hash._array_hash.size()); - std::string unique_name = root->getName() + unique_id; - - if (isa(root->source)) { - llvm::report_fatal_error( - "STP does not support constant arrays or quantifiers to instantiate " - "constant array of symbolic size!"); - } + std::string unique_name = root->getIdentifier() + unique_id; array_expr = buildArray(unique_name.c_str(), root->getDomain(), root->getRange()); @@ -450,13 +452,13 @@ ::VCExpr STPBuilder::getInitialArray(const Array *root) { // using assertions, which is much faster, but we need to fix the caching // to work correctly in that case. + auto constSize = cast(root->size)->getZExtValue(); // TODO: usage of `constantValues.size()` seems unconvinient. - for (unsigned i = 0, e = constantSource->constantValues.size(); i != e; - ++i) { + for (unsigned i = 0; i < constSize; i++) { ::VCExpr prev = array_expr; array_expr = vc_writeExpr( vc, prev, construct(ConstantExpr::alloc(i, root->getDomain()), 0), - construct(constantSource->constantValues[i], 0)); + construct(constantSource->constantValues.load(i), 0)); vc_DeleteExpr(prev); } } @@ -568,6 +570,33 @@ ExprHandle STPBuilder::constructActual(ref e, int *width_out) { ReadExpr *re = cast(e); assert(re && re->updates.root); *width_out = re->updates.root->getRange(); + + if (auto constantSource = + dyn_cast(re->updates.root->source)) { + if (!isa(re->updates.root->size)) { + ref selectExpr = constantSource->constantValues.defaultV(); + for (const auto &[index, value] : + constantSource->constantValues.storage()) { + selectExpr = SelectExpr::create( + EqExpr::create(re->index, ConstantExpr::create( + index, re->index->getWidth())), + value, selectExpr); + } + std::vector update_nodes; + auto un = re->updates.head.get(); + for (; un; un = un->next.get()) { + update_nodes.push_back(un); + } + + for (auto it = update_nodes.rbegin(); it != update_nodes.rend(); ++it) { + selectExpr = + SelectExpr::create(EqExpr::create(re->index, (*it)->index), + (*it)->value, selectExpr); + } + return construct(selectExpr, width_out); + } + } + return vc_readExpr( vc, getArrayForUpdate(re->updates.root, re->updates.head.get()), construct(re->index, 0)); diff --git a/lib/Solver/STPSolver.cpp b/lib/Solver/STPSolver.cpp index 5927a90038..86679cc898 100644 --- a/lib/Solver/STPSolver.cpp +++ b/lib/Solver/STPSolver.cpp @@ -392,7 +392,7 @@ runAndGetCexForked(::VC vc, STPBuilder *builder, ::VCExpr q, values.reserve(objects.size()); for (unsigned idx = 0; idx < objects.size(); ++idx) { uint64_t objectSize = shared_memory_object_sizes[idx]; - values.emplace_back(objectSize, 0); + values.emplace_back(0); values.back().store(0, pos, pos + objectSize); pos += objectSize; } diff --git a/lib/Solver/Z3Builder.cpp b/lib/Solver/Z3Builder.cpp index e80feae88c..c26d8fb372 100644 --- a/lib/Solver/Z3Builder.cpp +++ b/lib/Solver/Z3Builder.cpp @@ -252,35 +252,47 @@ Z3ASTHandle Z3Builder::getInitialArray(const Array *root) { // using the size of the array hash as a counter. std::string unique_id = llvm::utostr(_arr_hash._array_hash.size()); std::string unique_name = root->getIdentifier() + unique_id; - if (ref symbolicSizeConstantSource = - dyn_cast(root->source)) { + + auto source = dyn_cast(root->source); + auto value = (source ? source->constantValues.defaultV() : nullptr); + if (source) { + assert(value); + } + + if (source && !isa(root->size)) { array_expr = buildConstantArray(unique_name.c_str(), root->getDomain(), - root->getRange(), - symbolicSizeConstantSource->defaultValue); + root->getRange(), value->getZExtValue(8)); } else { array_expr = buildArray(unique_name.c_str(), root->getDomain(), root->getRange()); } - if (root->isConstantArray() && constant_array_assertions.count(root) == 0) { - std::vector array_assertions; - if (ref constantSource = - dyn_cast(root->source)) { - for (unsigned i = 0, e = constantSource->constantValues.size(); i != e; - ++i) { + if (source) { + if (auto constSize = dyn_cast(root->size)) { + std::vector array_assertions; + for (size_t i = 0; i < constSize->getZExtValue(); i++) { + auto value = source->constantValues.load(i); // construct(= (select i root) root->value[i]) to be asserted in // Z3Solver.cpp int width_out; - Z3ASTHandle array_value = - construct(constantSource->constantValues[i], &width_out); + Z3ASTHandle array_value = construct(value, &width_out); assert(width_out == (int)root->getRange() && "Value doesn't match root range"); array_assertions.push_back( eqExpr(readExpr(array_expr, bvConst32(root->getDomain(), i)), array_value)); } + constant_array_assertions[root] = std::move(array_assertions); + } else { + for (auto [index, value] : source->constantValues.storage()) { + int width_out; + Z3ASTHandle array_value = construct(value, &width_out); + assert(width_out == (int)root->getRange() && + "Value doesn't match root range"); + array_expr = writeExpr( + array_expr, bvConst32(root->getDomain(), index), array_value); + } } - constant_array_assertions[root] = std::move(array_assertions); } _arr_hash.hashArrayExpr(root, array_expr); diff --git a/lib/Solver/Z3Solver.cpp b/lib/Solver/Z3Solver.cpp index d5f2232a6e..a485ebe83e 100644 --- a/lib/Solver/Z3Solver.cpp +++ b/lib/Solver/Z3Solver.cpp @@ -551,8 +551,8 @@ bool Z3SolverImpl::internalRunSolver( } for (auto constant_array : constant_arrays_in_query.results) { - assert(builder->constant_array_assertions.count(constant_array) == 1 && - "Constant array found in query, but not handled by Z3Builder"); + // assert(builder->constant_array_assertions.count(constant_array) == 1 && + // "Constant array found in query, but not handled by Z3Builder"); if (all_constant_arrays_in_query.count(constant_array)) continue; all_constant_arrays_in_query.insert(constant_array); @@ -701,7 +701,6 @@ SolverImpl::SolverRunStatus Z3SolverImpl::handleSolverResponse( Z3_get_numeral_uint64(builder->ctx, arraySizeExpr, &arraySize); assert(success && "Failed to get size"); - data.resize(arraySize); if (env.usedArrayBytes.count(array)) { std::unordered_set offsetValues; for (const ref &offsetExpr : env.usedArrayBytes.at(array)) { @@ -853,7 +852,8 @@ class Z3NonIncSolverImpl final : public Z3SolverImpl { auto arrays = query.gatherArrays(); bool forceTactic = true; for (auto array : arrays) { - if (isa(array->source)) { + if (isa(array->source) && + !isa(array->size)) { forceTactic = false; break; } diff --git a/test/Expr/Evaluate.kquery b/test/Expr/Evaluate.kquery index e6b0d1e1a4..b2fc41d746 100644 --- a/test/Expr/Evaluate.kquery +++ b/test/Expr/Evaluate.kquery @@ -17,7 +17,7 @@ arr12 : (array (w64 8) (makeSymbolic arr1 0)) # RUN: grep "Query 2: VALID" %t.log # Query 2 -constant0 : (array (w64 4) (constant [ 1 2 3 5 ])) +constant0 : (array (w64 4) (constant [1, 2, 3, 5] default: 0)) (query [] (Eq (Add w8 (Read w8 0 constant0) (Read w8 3 constant0)) 6)) diff --git a/test/Expr/print-smt-let.kquery b/test/Expr/print-smt-let.kquery index 871e6e4f29..974112a37c 100644 --- a/test/Expr/print-smt-let.kquery +++ b/test/Expr/print-smt-let.kquery @@ -1069,7 +1069,7 @@ makeSymbolic0 : (array (w64 4) (makeSymbolic unnamed_1 0)) [makeSymbolic0]) # Query 72 -- Type: InitialValues, Instructions: 30 -constant2 : (array (w64 4) (constant [121 101 115 0])) +constant2 : (array (w64 4) (constant [121, 101, 115, 0] default: 0)) makeSymbolic1 : (array (w64 4) (makeSymbolic unnamed 0)) makeSymbolic0 : (array (w64 4) (makeSymbolic unnamed_1 0)) (query [(Eq false @@ -1105,7 +1105,7 @@ makeSymbolic0 : (array (w64 4) (makeSymbolic unnamed_1 0)) # Query 74 -- Type: InitialValues, Instructions: 37 makeSymbolic1 : (array (w64 4) (makeSymbolic unnamed 0)) makeSymbolic0 : (array (w64 4) (makeSymbolic unnamed_1 0)) -constant2 : (array (w64 4) (constant [171 171 171 171])) +constant2 : (array (w64 4) (constant [171, 171, 171, 171] default: 0)) (query [(Eq false (Ult N0:(Mul w64 4 (SExt w64 (ReadLSB w32 0 makeSymbolic0))) @@ -1128,7 +1128,7 @@ constant2 : (array (w64 4) (constant [171 171 171 171])) # Query 75 -- Type: InitialValues, Instructions: 40 makeSymbolic1 : (array (w64 4) (makeSymbolic unnamed 0)) makeSymbolic0 : (array (w64 4) (makeSymbolic unnamed_1 0)) -constant2 : (array (w64 16) (constant [12 0 0 0 13 0 0 0 14 0 0 0 15 0 0 0])) +constant2 : (array (w64 16) (constant {0: 12, 4: 13, 8: 14, 12: 15} default: 0)) (query [(Ult N0:(Mul w64 4 (SExt w64 (ReadLSB w32 0 makeSymbolic0))) 13)] @@ -1141,7 +1141,7 @@ constant2 : (array (w64 16) (constant [12 0 0 0 13 0 0 0 14 0 0 0 15 0 0 0])) # Query 76 -- Type: InitialValues, Instructions: 50 makeSymbolic1 : (array (w64 4) (makeSymbolic unnamed 0)) makeSymbolic0 : (array (w64 4) (makeSymbolic unnamed_1 0)) -constant2 : (array (w64 4) (constant [171 171 171 171])) +constant2 : (array (w64 4) (constant [171, 171, 171, 171] default: 0)) (query [(Eq false (Ult N0:(Mul w64 4 (SExt w64 (ReadLSB w32 0 makeSymbolic0))) @@ -1160,7 +1160,7 @@ constant2 : (array (w64 4) (constant [171 171 171 171])) # Query 77 -- Type: InitialValues, Instructions: 51 makeSymbolic1 : (array (w64 4) (makeSymbolic unnamed 0)) makeSymbolic0 : (array (w64 4) (makeSymbolic unnamed_1 0)) -constant2 : (array (w64 16) (constant [12 0 0 0 13 0 0 0 14 0 0 0 15 0 0 0])) +constant2 : (array (w64 16) (constant {0: 12, 4: 13, 8: 14, 12: 15} default: 0)) (query [(Eq false (Ult N0:(Mul w64 4 (SExt w64 (ReadLSB w32 0 makeSymbolic0))) diff --git a/test/Expr/print-smt-let.smt2.good b/test/Expr/print-smt-let.smt2.good index d0ce68b168..05ea45d94e 100644 --- a/test/Expr/print-smt-let.smt2.good +++ b/test/Expr/print-smt-let.smt2.good @@ -859,19 +859,19 @@ ;SMTLIBv2 Query 72 (set-option :produce-models true) (set-logic QF_AUFBV ) +(declare-fun constant0 () (Array (_ BitVec 32) (_ BitVec 8) ) ) (declare-fun makeSymbolic0 () (Array (_ BitVec 32) (_ BitVec 8) ) ) -(declare-fun constant1 () (Array (_ BitVec 32) (_ BitVec 8) ) ) -(declare-fun makeSymbolic2 () (Array (_ BitVec 32) (_ BitVec 8) ) ) -(assert (= (select constant1 (_ bv0 32) ) (_ bv121 8) ) ) -(assert (= (select constant1 (_ bv1 32) ) (_ bv101 8) ) ) -(assert (= (select constant1 (_ bv2 32) ) (_ bv115 8) ) ) -(assert (= (select constant1 (_ bv3 32) ) (_ bv0 8) ) ) -(assert (let ( (?B1 (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) ) (let ( (?B2 (bvadd (_ bv31312 64) ?B1 ) ) ) (let ( (?B3 ((_ extract 31 0) ?B2 ) ) ) (and (and (not (= false (= (concat (select makeSymbolic2 (_ bv3 32) ) (concat (select makeSymbolic2 (_ bv2 32) ) (concat (select makeSymbolic2 (_ bv1 32) ) (select makeSymbolic2 (_ bv0 32) ) ) ) ) (concat (select constant1 (bvadd (_ bv3 32) ?B3 ) ) (concat (select constant1 (bvadd (_ bv2 32) ?B3 ) ) (concat (select constant1 (bvadd (_ bv1 32) ?B3 ) ) (select constant1 ?B3 ) ) ) ) ) ) ) (= false (bvult ?B1 (_ bv13 64) ) ) ) (bvult ?B2 (_ bv1 64) ) ) ) ) ) ) +(declare-fun makeSymbolic1 () (Array (_ BitVec 32) (_ BitVec 8) ) ) +(assert (= (select constant0 (_ bv0 32) ) (_ bv121 8) ) ) +(assert (= (select constant0 (_ bv1 32) ) (_ bv101 8) ) ) +(assert (= (select constant0 (_ bv2 32) ) (_ bv115 8) ) ) +(assert (= (select constant0 (_ bv3 32) ) (_ bv0 8) ) ) +(assert (let ( (?B1 (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) ) (let ( (?B2 (bvadd (_ bv31312 64) ?B1 ) ) ) (let ( (?B3 ((_ extract 31 0) ?B2 ) ) ) (and (and (not (= false (= (concat (select makeSymbolic1 (_ bv3 32) ) (concat (select makeSymbolic1 (_ bv2 32) ) (concat (select makeSymbolic1 (_ bv1 32) ) (select makeSymbolic1 (_ bv0 32) ) ) ) ) (concat (select constant0 (bvadd (_ bv3 32) ?B3 ) ) (concat (select constant0 (bvadd (_ bv2 32) ?B3 ) ) (concat (select constant0 (bvadd (_ bv1 32) ?B3 ) ) (select constant0 ?B3 ) ) ) ) ) ) ) (= false (bvult ?B1 (_ bv13 64) ) ) ) (bvult ?B2 (_ bv1 64) ) ) ) ) ) ) (check-sat) -(get-value ( (select makeSymbolic2 (_ bv0 32) ) ) ) -(get-value ( (select makeSymbolic2 (_ bv1 32) ) ) ) -(get-value ( (select makeSymbolic2 (_ bv2 32) ) ) ) -(get-value ( (select makeSymbolic2 (_ bv3 32) ) ) ) +(get-value ( (select makeSymbolic1 (_ bv0 32) ) ) ) +(get-value ( (select makeSymbolic1 (_ bv1 32) ) ) ) +(get-value ( (select makeSymbolic1 (_ bv2 32) ) ) ) +(get-value ( (select makeSymbolic1 (_ bv3 32) ) ) ) (get-value ( (select makeSymbolic0 (_ bv0 32) ) ) ) (get-value ( (select makeSymbolic0 (_ bv1 32) ) ) ) (get-value ( (select makeSymbolic0 (_ bv2 32) ) ) ) @@ -882,69 +882,69 @@ (set-option :produce-models true) (set-logic QF_AUFBV ) (declare-fun makeSymbolic0 () (Array (_ BitVec 32) (_ BitVec 8) ) ) -(declare-fun makeSymbolic2 () (Array (_ BitVec 32) (_ BitVec 8) ) ) -(assert (let ( (?B1 (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) ) (let ( (?B2 (bvadd (_ bv18446744073709533360 64) ?B1 ) ) ) (let ( (?B3 ((_ extract 31 0) ?B2 ) ) ) (and (and (and (and (and (not (= (concat (select makeSymbolic2 (_ bv3 32) ) (concat (select makeSymbolic2 (_ bv2 32) ) (concat (select makeSymbolic2 (_ bv1 32) ) (select makeSymbolic2 (_ bv0 32) ) ) ) ) (concat (select makeSymbolic2 (bvadd (_ bv3 32) ?B3 ) ) (concat (select makeSymbolic2 (bvadd (_ bv2 32) ?B3 ) ) (concat (select makeSymbolic2 (bvadd (_ bv1 32) ?B3 ) ) (select makeSymbolic2 ?B3 ) ) ) ) ) ) (= false (bvult (bvadd (_ bv31760 64) ?B1 ) (_ bv13 64) ) ) ) (= false (bvult (bvadd (_ bv31312 64) ?B1 ) (_ bv1 64) ) ) ) (= false (bvult ?B1 (_ bv13 64) ) ) ) (= false (bvult (bvadd (_ bv111120 64) ?B1 ) (_ bv1 64) ) ) ) (bvult ?B2 (_ bv1 64) ) ) ) ) ) ) +(declare-fun makeSymbolic1 () (Array (_ BitVec 32) (_ BitVec 8) ) ) +(assert (let ( (?B1 (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) ) (let ( (?B2 (bvadd (_ bv18446744073709533360 64) ?B1 ) ) ) (let ( (?B3 ((_ extract 31 0) ?B2 ) ) ) (and (and (and (and (and (not (= (concat (select makeSymbolic1 (_ bv3 32) ) (concat (select makeSymbolic1 (_ bv2 32) ) (concat (select makeSymbolic1 (_ bv1 32) ) (select makeSymbolic1 (_ bv0 32) ) ) ) ) (concat (select makeSymbolic1 (bvadd (_ bv3 32) ?B3 ) ) (concat (select makeSymbolic1 (bvadd (_ bv2 32) ?B3 ) ) (concat (select makeSymbolic1 (bvadd (_ bv1 32) ?B3 ) ) (select makeSymbolic1 ?B3 ) ) ) ) ) ) (= false (bvult (bvadd (_ bv31760 64) ?B1 ) (_ bv13 64) ) ) ) (= false (bvult (bvadd (_ bv31312 64) ?B1 ) (_ bv1 64) ) ) ) (= false (bvult ?B1 (_ bv13 64) ) ) ) (= false (bvult (bvadd (_ bv111120 64) ?B1 ) (_ bv1 64) ) ) ) (bvult ?B2 (_ bv1 64) ) ) ) ) ) ) (check-sat) (get-value ( (select makeSymbolic0 (_ bv0 32) ) ) ) (get-value ( (select makeSymbolic0 (_ bv1 32) ) ) ) (get-value ( (select makeSymbolic0 (_ bv2 32) ) ) ) (get-value ( (select makeSymbolic0 (_ bv3 32) ) ) ) -(get-value ( (select makeSymbolic2 (_ bv0 32) ) ) ) -(get-value ( (select makeSymbolic2 (_ bv1 32) ) ) ) -(get-value ( (select makeSymbolic2 (_ bv2 32) ) ) ) -(get-value ( (select makeSymbolic2 (_ bv3 32) ) ) ) +(get-value ( (select makeSymbolic1 (_ bv0 32) ) ) ) +(get-value ( (select makeSymbolic1 (_ bv1 32) ) ) ) +(get-value ( (select makeSymbolic1 (_ bv2 32) ) ) ) +(get-value ( (select makeSymbolic1 (_ bv3 32) ) ) ) (exit) ;SMTLIBv2 Query 74 (set-option :produce-models true) (set-logic QF_AUFBV ) +(declare-fun constant1 () (Array (_ BitVec 32) (_ BitVec 8) ) ) (declare-fun makeSymbolic0 () (Array (_ BitVec 32) (_ BitVec 8) ) ) -(declare-fun makeSymbolic2 () (Array (_ BitVec 32) (_ BitVec 8) ) ) -(declare-fun constant3 () (Array (_ BitVec 32) (_ BitVec 8) ) ) -(assert (= (select constant3 (_ bv0 32) ) (_ bv171 8) ) ) -(assert (= (select constant3 (_ bv1 32) ) (_ bv171 8) ) ) -(assert (= (select constant3 (_ bv2 32) ) (_ bv171 8) ) ) -(assert (= (select constant3 (_ bv3 32) ) (_ bv171 8) ) ) -(assert (let ( (?B1 (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) ) (let ( (?B2 (bvadd (_ bv18446744073709533328 64) ?B1 ) ) ) (let ( (?B3 ((_ extract 31 0) ?B2 ) ) ) (and (and (and (and (and (and (not (= false (= (concat (select makeSymbolic2 (_ bv3 32) ) (concat (select makeSymbolic2 (_ bv2 32) ) (concat (select makeSymbolic2 (_ bv1 32) ) (select makeSymbolic2 (_ bv0 32) ) ) ) ) (concat (select constant3 (bvadd (_ bv3 32) ?B3 ) ) (concat (select constant3 (bvadd (_ bv2 32) ?B3 ) ) (concat (select constant3 (bvadd (_ bv1 32) ?B3 ) ) (select constant3 ?B3 ) ) ) ) ) ) ) (= false (bvult (bvadd (_ bv31760 64) ?B1 ) (_ bv13 64) ) ) ) (= false (bvult (bvadd (_ bv31312 64) ?B1 ) (_ bv1 64) ) ) ) (= false (bvult ?B1 (_ bv13 64) ) ) ) (= false (bvult (bvadd (_ bv18446744073709533360 64) ?B1 ) (_ bv1 64) ) ) ) (= false (bvult (bvadd (_ bv111120 64) ?B1 ) (_ bv1 64) ) ) ) (bvult ?B2 (_ bv1 64) ) ) ) ) ) ) +(declare-fun makeSymbolic1 () (Array (_ BitVec 32) (_ BitVec 8) ) ) +(assert (= (select constant1 (_ bv0 32) ) (_ bv171 8) ) ) +(assert (= (select constant1 (_ bv1 32) ) (_ bv171 8) ) ) +(assert (= (select constant1 (_ bv2 32) ) (_ bv171 8) ) ) +(assert (= (select constant1 (_ bv3 32) ) (_ bv171 8) ) ) +(assert (let ( (?B1 (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) ) (let ( (?B2 (bvadd (_ bv18446744073709533328 64) ?B1 ) ) ) (let ( (?B3 ((_ extract 31 0) ?B2 ) ) ) (and (and (and (and (and (and (not (= false (= (concat (select makeSymbolic1 (_ bv3 32) ) (concat (select makeSymbolic1 (_ bv2 32) ) (concat (select makeSymbolic1 (_ bv1 32) ) (select makeSymbolic1 (_ bv0 32) ) ) ) ) (concat (select constant1 (bvadd (_ bv3 32) ?B3 ) ) (concat (select constant1 (bvadd (_ bv2 32) ?B3 ) ) (concat (select constant1 (bvadd (_ bv1 32) ?B3 ) ) (select constant1 ?B3 ) ) ) ) ) ) ) (= false (bvult (bvadd (_ bv31760 64) ?B1 ) (_ bv13 64) ) ) ) (= false (bvult (bvadd (_ bv31312 64) ?B1 ) (_ bv1 64) ) ) ) (= false (bvult ?B1 (_ bv13 64) ) ) ) (= false (bvult (bvadd (_ bv18446744073709533360 64) ?B1 ) (_ bv1 64) ) ) ) (= false (bvult (bvadd (_ bv111120 64) ?B1 ) (_ bv1 64) ) ) ) (bvult ?B2 (_ bv1 64) ) ) ) ) ) ) (check-sat) (get-value ( (select makeSymbolic0 (_ bv0 32) ) ) ) (get-value ( (select makeSymbolic0 (_ bv1 32) ) ) ) (get-value ( (select makeSymbolic0 (_ bv2 32) ) ) ) (get-value ( (select makeSymbolic0 (_ bv3 32) ) ) ) -(get-value ( (select makeSymbolic2 (_ bv0 32) ) ) ) -(get-value ( (select makeSymbolic2 (_ bv1 32) ) ) ) -(get-value ( (select makeSymbolic2 (_ bv2 32) ) ) ) -(get-value ( (select makeSymbolic2 (_ bv3 32) ) ) ) +(get-value ( (select makeSymbolic1 (_ bv0 32) ) ) ) +(get-value ( (select makeSymbolic1 (_ bv1 32) ) ) ) +(get-value ( (select makeSymbolic1 (_ bv2 32) ) ) ) +(get-value ( (select makeSymbolic1 (_ bv3 32) ) ) ) (exit) ;SMTLIBv2 Query 75 (set-option :produce-models true) (set-logic QF_AUFBV ) +(declare-fun constant2 () (Array (_ BitVec 32) (_ BitVec 8) ) ) (declare-fun makeSymbolic0 () (Array (_ BitVec 32) (_ BitVec 8) ) ) -(declare-fun makeSymbolic2 () (Array (_ BitVec 32) (_ BitVec 8) ) ) -(declare-fun constant4 () (Array (_ BitVec 32) (_ BitVec 8) ) ) -(assert (= (select constant4 (_ bv0 32) ) (_ bv12 8) ) ) -(assert (= (select constant4 (_ bv1 32) ) (_ bv0 8) ) ) -(assert (= (select constant4 (_ bv2 32) ) (_ bv0 8) ) ) -(assert (= (select constant4 (_ bv3 32) ) (_ bv0 8) ) ) -(assert (= (select constant4 (_ bv4 32) ) (_ bv13 8) ) ) -(assert (= (select constant4 (_ bv5 32) ) (_ bv0 8) ) ) -(assert (= (select constant4 (_ bv6 32) ) (_ bv0 8) ) ) -(assert (= (select constant4 (_ bv7 32) ) (_ bv0 8) ) ) -(assert (= (select constant4 (_ bv8 32) ) (_ bv14 8) ) ) -(assert (= (select constant4 (_ bv9 32) ) (_ bv0 8) ) ) -(assert (= (select constant4 (_ bv10 32) ) (_ bv0 8) ) ) -(assert (= (select constant4 (_ bv11 32) ) (_ bv0 8) ) ) -(assert (= (select constant4 (_ bv12 32) ) (_ bv15 8) ) ) -(assert (= (select constant4 (_ bv13 32) ) (_ bv0 8) ) ) -(assert (= (select constant4 (_ bv14 32) ) (_ bv0 8) ) ) -(assert (= (select constant4 (_ bv15 32) ) (_ bv0 8) ) ) -(assert (let ( (?B1 (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) ) (let ( (?B2 ((_ extract 31 0) ?B1 ) ) ) (and (not (= false (= (concat (select makeSymbolic2 (_ bv3 32) ) (concat (select makeSymbolic2 (_ bv2 32) ) (concat (select makeSymbolic2 (_ bv1 32) ) (select makeSymbolic2 (_ bv0 32) ) ) ) ) (concat (select constant4 (bvadd (_ bv3 32) ?B2 ) ) (concat (select constant4 (bvadd (_ bv2 32) ?B2 ) ) (concat (select constant4 (bvadd (_ bv1 32) ?B2 ) ) (select constant4 ?B2 ) ) ) ) ) ) ) (bvult ?B1 (_ bv13 64) ) ) ) ) ) +(declare-fun makeSymbolic1 () (Array (_ BitVec 32) (_ BitVec 8) ) ) +(assert (= (select constant2 (_ bv0 32) ) (_ bv12 8) ) ) +(assert (= (select constant2 (_ bv1 32) ) (_ bv0 8) ) ) +(assert (= (select constant2 (_ bv2 32) ) (_ bv0 8) ) ) +(assert (= (select constant2 (_ bv3 32) ) (_ bv0 8) ) ) +(assert (= (select constant2 (_ bv4 32) ) (_ bv13 8) ) ) +(assert (= (select constant2 (_ bv5 32) ) (_ bv0 8) ) ) +(assert (= (select constant2 (_ bv6 32) ) (_ bv0 8) ) ) +(assert (= (select constant2 (_ bv7 32) ) (_ bv0 8) ) ) +(assert (= (select constant2 (_ bv8 32) ) (_ bv14 8) ) ) +(assert (= (select constant2 (_ bv9 32) ) (_ bv0 8) ) ) +(assert (= (select constant2 (_ bv10 32) ) (_ bv0 8) ) ) +(assert (= (select constant2 (_ bv11 32) ) (_ bv0 8) ) ) +(assert (= (select constant2 (_ bv12 32) ) (_ bv15 8) ) ) +(assert (= (select constant2 (_ bv13 32) ) (_ bv0 8) ) ) +(assert (= (select constant2 (_ bv14 32) ) (_ bv0 8) ) ) +(assert (= (select constant2 (_ bv15 32) ) (_ bv0 8) ) ) +(assert (let ( (?B1 (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) ) (let ( (?B2 ((_ extract 31 0) ?B1 ) ) ) (and (not (= false (= (concat (select makeSymbolic1 (_ bv3 32) ) (concat (select makeSymbolic1 (_ bv2 32) ) (concat (select makeSymbolic1 (_ bv1 32) ) (select makeSymbolic1 (_ bv0 32) ) ) ) ) (concat (select constant2 (bvadd (_ bv3 32) ?B2 ) ) (concat (select constant2 (bvadd (_ bv2 32) ?B2 ) ) (concat (select constant2 (bvadd (_ bv1 32) ?B2 ) ) (select constant2 ?B2 ) ) ) ) ) ) ) (bvult ?B1 (_ bv13 64) ) ) ) ) ) (check-sat) -(get-value ( (select makeSymbolic2 (_ bv0 32) ) ) ) -(get-value ( (select makeSymbolic2 (_ bv1 32) ) ) ) -(get-value ( (select makeSymbolic2 (_ bv2 32) ) ) ) -(get-value ( (select makeSymbolic2 (_ bv3 32) ) ) ) +(get-value ( (select makeSymbolic1 (_ bv0 32) ) ) ) +(get-value ( (select makeSymbolic1 (_ bv1 32) ) ) ) +(get-value ( (select makeSymbolic1 (_ bv2 32) ) ) ) +(get-value ( (select makeSymbolic1 (_ bv3 32) ) ) ) (get-value ( (select makeSymbolic0 (_ bv0 32) ) ) ) (get-value ( (select makeSymbolic0 (_ bv1 32) ) ) ) (get-value ( (select makeSymbolic0 (_ bv2 32) ) ) ) @@ -954,53 +954,53 @@ ;SMTLIBv2 Query 76 (set-option :produce-models true) (set-logic QF_AUFBV ) +(declare-fun constant1 () (Array (_ BitVec 32) (_ BitVec 8) ) ) (declare-fun makeSymbolic0 () (Array (_ BitVec 32) (_ BitVec 8) ) ) -(declare-fun makeSymbolic2 () (Array (_ BitVec 32) (_ BitVec 8) ) ) -(declare-fun constant5 () (Array (_ BitVec 32) (_ BitVec 8) ) ) -(assert (= (select constant5 (_ bv0 32) ) (_ bv171 8) ) ) -(assert (= (select constant5 (_ bv1 32) ) (_ bv171 8) ) ) -(assert (= (select constant5 (_ bv2 32) ) (_ bv171 8) ) ) -(assert (= (select constant5 (_ bv3 32) ) (_ bv171 8) ) ) -(assert (let ( (?B1 (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) ) (let ( (?B2 (bvadd (_ bv111120 64) ?B1 ) ) ) (let ( (?B3 ((_ extract 31 0) ?B2 ) ) ) (and (and (and (and (not (= false (= (concat (select makeSymbolic2 (_ bv3 32) ) (concat (select makeSymbolic2 (_ bv2 32) ) (concat (select makeSymbolic2 (_ bv1 32) ) (select makeSymbolic2 (_ bv0 32) ) ) ) ) (concat (select constant5 (bvadd (_ bv3 32) ?B3 ) ) (concat (select constant5 (bvadd (_ bv2 32) ?B3 ) ) (concat (select constant5 (bvadd (_ bv1 32) ?B3 ) ) (select constant5 ?B3 ) ) ) ) ) ) ) (= false (bvult (bvadd (_ bv31760 64) ?B1 ) (_ bv13 64) ) ) ) (= false (bvult (bvadd (_ bv31312 64) ?B1 ) (_ bv1 64) ) ) ) (= false (bvult ?B1 (_ bv13 64) ) ) ) (bvult ?B2 (_ bv1 64) ) ) ) ) ) ) +(declare-fun makeSymbolic1 () (Array (_ BitVec 32) (_ BitVec 8) ) ) +(assert (= (select constant1 (_ bv0 32) ) (_ bv171 8) ) ) +(assert (= (select constant1 (_ bv1 32) ) (_ bv171 8) ) ) +(assert (= (select constant1 (_ bv2 32) ) (_ bv171 8) ) ) +(assert (= (select constant1 (_ bv3 32) ) (_ bv171 8) ) ) +(assert (let ( (?B1 (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) ) (let ( (?B2 (bvadd (_ bv111120 64) ?B1 ) ) ) (let ( (?B3 ((_ extract 31 0) ?B2 ) ) ) (and (and (and (and (not (= false (= (concat (select makeSymbolic1 (_ bv3 32) ) (concat (select makeSymbolic1 (_ bv2 32) ) (concat (select makeSymbolic1 (_ bv1 32) ) (select makeSymbolic1 (_ bv0 32) ) ) ) ) (concat (select constant1 (bvadd (_ bv3 32) ?B3 ) ) (concat (select constant1 (bvadd (_ bv2 32) ?B3 ) ) (concat (select constant1 (bvadd (_ bv1 32) ?B3 ) ) (select constant1 ?B3 ) ) ) ) ) ) ) (= false (bvult (bvadd (_ bv31760 64) ?B1 ) (_ bv13 64) ) ) ) (= false (bvult (bvadd (_ bv31312 64) ?B1 ) (_ bv1 64) ) ) ) (= false (bvult ?B1 (_ bv13 64) ) ) ) (bvult ?B2 (_ bv1 64) ) ) ) ) ) ) (check-sat) (get-value ( (select makeSymbolic0 (_ bv0 32) ) ) ) (get-value ( (select makeSymbolic0 (_ bv1 32) ) ) ) (get-value ( (select makeSymbolic0 (_ bv2 32) ) ) ) (get-value ( (select makeSymbolic0 (_ bv3 32) ) ) ) -(get-value ( (select makeSymbolic2 (_ bv0 32) ) ) ) -(get-value ( (select makeSymbolic2 (_ bv1 32) ) ) ) -(get-value ( (select makeSymbolic2 (_ bv2 32) ) ) ) -(get-value ( (select makeSymbolic2 (_ bv3 32) ) ) ) +(get-value ( (select makeSymbolic1 (_ bv0 32) ) ) ) +(get-value ( (select makeSymbolic1 (_ bv1 32) ) ) ) +(get-value ( (select makeSymbolic1 (_ bv2 32) ) ) ) +(get-value ( (select makeSymbolic1 (_ bv3 32) ) ) ) (exit) ;SMTLIBv2 Query 77 (set-option :produce-models true) (set-logic QF_AUFBV ) +(declare-fun constant2 () (Array (_ BitVec 32) (_ BitVec 8) ) ) (declare-fun makeSymbolic0 () (Array (_ BitVec 32) (_ BitVec 8) ) ) -(declare-fun makeSymbolic2 () (Array (_ BitVec 32) (_ BitVec 8) ) ) -(declare-fun constant6 () (Array (_ BitVec 32) (_ BitVec 8) ) ) -(assert (= (select constant6 (_ bv0 32) ) (_ bv12 8) ) ) -(assert (= (select constant6 (_ bv1 32) ) (_ bv0 8) ) ) -(assert (= (select constant6 (_ bv2 32) ) (_ bv0 8) ) ) -(assert (= (select constant6 (_ bv3 32) ) (_ bv0 8) ) ) -(assert (= (select constant6 (_ bv4 32) ) (_ bv13 8) ) ) -(assert (= (select constant6 (_ bv5 32) ) (_ bv0 8) ) ) -(assert (= (select constant6 (_ bv6 32) ) (_ bv0 8) ) ) -(assert (= (select constant6 (_ bv7 32) ) (_ bv0 8) ) ) -(assert (= (select constant6 (_ bv8 32) ) (_ bv14 8) ) ) -(assert (= (select constant6 (_ bv9 32) ) (_ bv0 8) ) ) -(assert (= (select constant6 (_ bv10 32) ) (_ bv0 8) ) ) -(assert (= (select constant6 (_ bv11 32) ) (_ bv0 8) ) ) -(assert (= (select constant6 (_ bv12 32) ) (_ bv15 8) ) ) -(assert (= (select constant6 (_ bv13 32) ) (_ bv0 8) ) ) -(assert (= (select constant6 (_ bv14 32) ) (_ bv0 8) ) ) -(assert (= (select constant6 (_ bv15 32) ) (_ bv0 8) ) ) -(assert (let ( (?B1 (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) ) (let ( (?B2 (bvadd (_ bv31760 64) ?B1 ) ) ) (let ( (?B3 ((_ extract 31 0) ?B2 ) ) ) (and (and (and (not (= false (= (concat (select makeSymbolic2 (_ bv3 32) ) (concat (select makeSymbolic2 (_ bv2 32) ) (concat (select makeSymbolic2 (_ bv1 32) ) (select makeSymbolic2 (_ bv0 32) ) ) ) ) (concat (select constant6 (bvadd (_ bv3 32) ?B3 ) ) (concat (select constant6 (bvadd (_ bv2 32) ?B3 ) ) (concat (select constant6 (bvadd (_ bv1 32) ?B3 ) ) (select constant6 ?B3 ) ) ) ) ) ) ) (= false (bvult (bvadd (_ bv31312 64) ?B1 ) (_ bv1 64) ) ) ) (= false (bvult ?B1 (_ bv13 64) ) ) ) (bvult ?B2 (_ bv13 64) ) ) ) ) ) ) +(declare-fun makeSymbolic1 () (Array (_ BitVec 32) (_ BitVec 8) ) ) +(assert (= (select constant2 (_ bv0 32) ) (_ bv12 8) ) ) +(assert (= (select constant2 (_ bv1 32) ) (_ bv0 8) ) ) +(assert (= (select constant2 (_ bv2 32) ) (_ bv0 8) ) ) +(assert (= (select constant2 (_ bv3 32) ) (_ bv0 8) ) ) +(assert (= (select constant2 (_ bv4 32) ) (_ bv13 8) ) ) +(assert (= (select constant2 (_ bv5 32) ) (_ bv0 8) ) ) +(assert (= (select constant2 (_ bv6 32) ) (_ bv0 8) ) ) +(assert (= (select constant2 (_ bv7 32) ) (_ bv0 8) ) ) +(assert (= (select constant2 (_ bv8 32) ) (_ bv14 8) ) ) +(assert (= (select constant2 (_ bv9 32) ) (_ bv0 8) ) ) +(assert (= (select constant2 (_ bv10 32) ) (_ bv0 8) ) ) +(assert (= (select constant2 (_ bv11 32) ) (_ bv0 8) ) ) +(assert (= (select constant2 (_ bv12 32) ) (_ bv15 8) ) ) +(assert (= (select constant2 (_ bv13 32) ) (_ bv0 8) ) ) +(assert (= (select constant2 (_ bv14 32) ) (_ bv0 8) ) ) +(assert (= (select constant2 (_ bv15 32) ) (_ bv0 8) ) ) +(assert (let ( (?B1 (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) ) (let ( (?B2 (bvadd (_ bv31760 64) ?B1 ) ) ) (let ( (?B3 ((_ extract 31 0) ?B2 ) ) ) (and (and (and (not (= false (= (concat (select makeSymbolic1 (_ bv3 32) ) (concat (select makeSymbolic1 (_ bv2 32) ) (concat (select makeSymbolic1 (_ bv1 32) ) (select makeSymbolic1 (_ bv0 32) ) ) ) ) (concat (select constant2 (bvadd (_ bv3 32) ?B3 ) ) (concat (select constant2 (bvadd (_ bv2 32) ?B3 ) ) (concat (select constant2 (bvadd (_ bv1 32) ?B3 ) ) (select constant2 ?B3 ) ) ) ) ) ) ) (= false (bvult (bvadd (_ bv31312 64) ?B1 ) (_ bv1 64) ) ) ) (= false (bvult ?B1 (_ bv13 64) ) ) ) (bvult ?B2 (_ bv13 64) ) ) ) ) ) ) (check-sat) -(get-value ( (select makeSymbolic2 (_ bv0 32) ) ) ) -(get-value ( (select makeSymbolic2 (_ bv1 32) ) ) ) -(get-value ( (select makeSymbolic2 (_ bv2 32) ) ) ) -(get-value ( (select makeSymbolic2 (_ bv3 32) ) ) ) +(get-value ( (select makeSymbolic1 (_ bv0 32) ) ) ) +(get-value ( (select makeSymbolic1 (_ bv1 32) ) ) ) +(get-value ( (select makeSymbolic1 (_ bv2 32) ) ) ) +(get-value ( (select makeSymbolic1 (_ bv3 32) ) ) ) (get-value ( (select makeSymbolic0 (_ bv0 32) ) ) ) (get-value ( (select makeSymbolic0 (_ bv1 32) ) ) ) (get-value ( (select makeSymbolic0 (_ bv2 32) ) ) ) @@ -1011,15 +1011,15 @@ (set-option :produce-models true) (set-logic QF_AUFBV ) (declare-fun makeSymbolic0 () (Array (_ BitVec 32) (_ BitVec 8) ) ) -(declare-fun makeSymbolic2 () (Array (_ BitVec 32) (_ BitVec 8) ) ) -(assert (let ( (?B1 (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) ) (let ( (?B2 (bvadd (_ bv18446744073709532800 64) ?B1 ) ) ) (let ( (?B3 ((_ extract 31 0) ?B2 ) ) ) (and (and (and (and (and (and (and (not (= false (= (concat (select makeSymbolic2 (_ bv3 32) ) (concat (select makeSymbolic2 (_ bv2 32) ) (concat (select makeSymbolic2 (_ bv1 32) ) (select makeSymbolic2 (_ bv0 32) ) ) ) ) (concat (select makeSymbolic0 (bvadd (_ bv3 32) ?B3 ) ) (concat (select makeSymbolic0 (bvadd (_ bv2 32) ?B3 ) ) (concat (select makeSymbolic0 (bvadd (_ bv1 32) ?B3 ) ) (select makeSymbolic0 ?B3 ) ) ) ) ) ) ) (= false (bvult (bvadd (_ bv31760 64) ?B1 ) (_ bv13 64) ) ) ) (= false (bvult (bvadd (_ bv31312 64) ?B1 ) (_ bv1 64) ) ) ) (= false (bvult ?B1 (_ bv13 64) ) ) ) (= false (bvult (bvadd (_ bv18446744073709533360 64) ?B1 ) (_ bv1 64) ) ) ) (= false (bvult (bvadd (_ bv18446744073709533328 64) ?B1 ) (_ bv1 64) ) ) ) (= false (bvult (bvadd (_ bv111120 64) ?B1 ) (_ bv1 64) ) ) ) (bvult ?B2 (_ bv1 64) ) ) ) ) ) ) +(declare-fun makeSymbolic1 () (Array (_ BitVec 32) (_ BitVec 8) ) ) +(assert (let ( (?B1 (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) ) (let ( (?B2 (bvadd (_ bv18446744073709532800 64) ?B1 ) ) ) (let ( (?B3 ((_ extract 31 0) ?B2 ) ) ) (and (and (and (and (and (and (and (not (= false (= (concat (select makeSymbolic1 (_ bv3 32) ) (concat (select makeSymbolic1 (_ bv2 32) ) (concat (select makeSymbolic1 (_ bv1 32) ) (select makeSymbolic1 (_ bv0 32) ) ) ) ) (concat (select makeSymbolic0 (bvadd (_ bv3 32) ?B3 ) ) (concat (select makeSymbolic0 (bvadd (_ bv2 32) ?B3 ) ) (concat (select makeSymbolic0 (bvadd (_ bv1 32) ?B3 ) ) (select makeSymbolic0 ?B3 ) ) ) ) ) ) ) (= false (bvult (bvadd (_ bv31760 64) ?B1 ) (_ bv13 64) ) ) ) (= false (bvult (bvadd (_ bv31312 64) ?B1 ) (_ bv1 64) ) ) ) (= false (bvult ?B1 (_ bv13 64) ) ) ) (= false (bvult (bvadd (_ bv18446744073709533360 64) ?B1 ) (_ bv1 64) ) ) ) (= false (bvult (bvadd (_ bv18446744073709533328 64) ?B1 ) (_ bv1 64) ) ) ) (= false (bvult (bvadd (_ bv111120 64) ?B1 ) (_ bv1 64) ) ) ) (bvult ?B2 (_ bv1 64) ) ) ) ) ) ) (check-sat) (get-value ( (select makeSymbolic0 (_ bv0 32) ) ) ) (get-value ( (select makeSymbolic0 (_ bv1 32) ) ) ) (get-value ( (select makeSymbolic0 (_ bv2 32) ) ) ) (get-value ( (select makeSymbolic0 (_ bv3 32) ) ) ) -(get-value ( (select makeSymbolic2 (_ bv0 32) ) ) ) -(get-value ( (select makeSymbolic2 (_ bv1 32) ) ) ) -(get-value ( (select makeSymbolic2 (_ bv2 32) ) ) ) -(get-value ( (select makeSymbolic2 (_ bv3 32) ) ) ) +(get-value ( (select makeSymbolic1 (_ bv0 32) ) ) ) +(get-value ( (select makeSymbolic1 (_ bv1 32) ) ) ) +(get-value ( (select makeSymbolic1 (_ bv2 32) ) ) ) +(get-value ( (select makeSymbolic1 (_ bv3 32) ) ) ) (exit) diff --git a/test/Expr/print-smt-named.kquery b/test/Expr/print-smt-named.kquery index 5e0112b2b7..78bbbd4ef1 100644 --- a/test/Expr/print-smt-named.kquery +++ b/test/Expr/print-smt-named.kquery @@ -1068,7 +1068,7 @@ makeSymbolic0 : (array (w64 4) (makeSymbolic unnamed_1 0)) [makeSymbolic0]) # Query 72 -- Type: InitialValues, Instructions: 30 -constant2 : (array (w64 4) (constant [121 101 115 0])) +constant2 : (array (w64 4) (constant [121, 101, 115, 0] default: 0)) makeSymbolic1 : (array (w64 4) (makeSymbolic unnamed 0)) makeSymbolic0 : (array (w64 4) (makeSymbolic unnamed_1 0)) (query [(Eq false @@ -1104,7 +1104,7 @@ makeSymbolic0 : (array (w64 4) (makeSymbolic unnamed_1 0)) # Query 74 -- Type: InitialValues, Instructions: 37 makeSymbolic1 : (array (w64 4) (makeSymbolic unnamed 0)) makeSymbolic0 : (array (w64 4) (makeSymbolic unnamed_1 0)) -constant2 : (array (w64 4) (constant [171 171 171 171])) +constant2 : (array (w64 4) (constant [171, 171, 171, 171] default: 0)) (query [(Eq false (Ult N0:(Mul w64 4 (SExt w64 (ReadLSB w32 0 makeSymbolic0))) @@ -1127,7 +1127,7 @@ constant2 : (array (w64 4) (constant [171 171 171 171])) # Query 75 -- Type: InitialValues, Instructions: 40 makeSymbolic1 : (array (w64 4) (makeSymbolic unnamed 0)) makeSymbolic0 : (array (w64 4) (makeSymbolic unnamed_1 0)) -constant2 : (array (w64 16) (constant [12 0 0 0 13 0 0 0 14 0 0 0 15 0 0 0])) +constant2 : (array (w64 16) (constant {0: 12, 4: 13, 8: 14, 12: 15} default: 0)) (query [(Ult N0:(Mul w64 4 (SExt w64 (ReadLSB w32 0 makeSymbolic0))) 13)] @@ -1140,7 +1140,7 @@ constant2 : (array (w64 16) (constant [12 0 0 0 13 0 0 0 14 0 0 0 15 0 0 0])) # Query 76 -- Type: InitialValues, Instructions: 50 makeSymbolic1 : (array (w64 4) (makeSymbolic unnamed 0)) makeSymbolic0 : (array (w64 4) (makeSymbolic unnamed_1 0)) -constant2 : (array (w64 4) (constant [171 171 171 171])) +constant2 : (array (w64 4) (constant [171, 171, 171, 171] default: 0)) (query [(Eq false (Ult N0:(Mul w64 4 (SExt w64 (ReadLSB w32 0 makeSymbolic0))) @@ -1159,7 +1159,7 @@ constant2 : (array (w64 4) (constant [171 171 171 171])) # Query 77 -- Type: InitialValues, Instructions: 51 makeSymbolic1 : (array (w64 4) (makeSymbolic unnamed 0)) makeSymbolic0 : (array (w64 4) (makeSymbolic unnamed_1 0)) -constant2 : (array (w64 16) (constant [12 0 0 0 13 0 0 0 14 0 0 0 15 0 0 0])) +constant2 : (array (w64 16) (constant {0: 12, 4: 13, 8: 14, 12: 15} default: 0)) (query [(Eq false (Ult N0:(Mul w64 4 (SExt w64 (ReadLSB w32 0 makeSymbolic0))) diff --git a/test/Expr/print-smt-named.smt2.good b/test/Expr/print-smt-named.smt2.good index 455fbc0dfd..fd7e2061ee 100644 --- a/test/Expr/print-smt-named.smt2.good +++ b/test/Expr/print-smt-named.smt2.good @@ -859,19 +859,19 @@ ;SMTLIBv2 Query 72 (set-option :produce-models true) (set-logic QF_AUFBV ) +(declare-fun constant0 () (Array (_ BitVec 32) (_ BitVec 8) ) ) (declare-fun makeSymbolic0 () (Array (_ BitVec 32) (_ BitVec 8) ) ) -(declare-fun constant1 () (Array (_ BitVec 32) (_ BitVec 8) ) ) -(declare-fun makeSymbolic2 () (Array (_ BitVec 32) (_ BitVec 8) ) ) -(assert (= (select constant1 (_ bv0 32) ) (_ bv121 8) ) ) -(assert (= (select constant1 (_ bv1 32) ) (_ bv101 8) ) ) -(assert (= (select constant1 (_ bv2 32) ) (_ bv115 8) ) ) -(assert (= (select constant1 (_ bv3 32) ) (_ bv0 8) ) ) -(assert (and (and (not (= false (= (concat (select makeSymbolic2 (_ bv3 32) ) (concat (select makeSymbolic2 (_ bv2 32) ) (concat (select makeSymbolic2 (_ bv1 32) ) (select makeSymbolic2 (_ bv0 32) ) ) ) ) (concat (select constant1 (bvadd (_ bv3 32) (! ((_ extract 31 0) (! (bvadd (_ bv31312 64) (! (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) :named ?B1) ) :named ?B2) ) :named ?B3) ) ) (concat (select constant1 (bvadd (_ bv2 32) ?B3 ) ) (concat (select constant1 (bvadd (_ bv1 32) ?B3 ) ) (select constant1 ?B3 ) ) ) ) ) ) ) (= false (bvult ?B1 (_ bv13 64) ) ) ) (bvult ?B2 (_ bv1 64) ) ) ) +(declare-fun makeSymbolic1 () (Array (_ BitVec 32) (_ BitVec 8) ) ) +(assert (= (select constant0 (_ bv0 32) ) (_ bv121 8) ) ) +(assert (= (select constant0 (_ bv1 32) ) (_ bv101 8) ) ) +(assert (= (select constant0 (_ bv2 32) ) (_ bv115 8) ) ) +(assert (= (select constant0 (_ bv3 32) ) (_ bv0 8) ) ) +(assert (and (and (not (= false (= (concat (select makeSymbolic1 (_ bv3 32) ) (concat (select makeSymbolic1 (_ bv2 32) ) (concat (select makeSymbolic1 (_ bv1 32) ) (select makeSymbolic1 (_ bv0 32) ) ) ) ) (concat (select constant0 (bvadd (_ bv3 32) (! ((_ extract 31 0) (! (bvadd (_ bv31312 64) (! (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) :named ?B1) ) :named ?B2) ) :named ?B3) ) ) (concat (select constant0 (bvadd (_ bv2 32) ?B3 ) ) (concat (select constant0 (bvadd (_ bv1 32) ?B3 ) ) (select constant0 ?B3 ) ) ) ) ) ) ) (= false (bvult ?B1 (_ bv13 64) ) ) ) (bvult ?B2 (_ bv1 64) ) ) ) (check-sat) -(get-value ( (select makeSymbolic2 (_ bv0 32) ) ) ) -(get-value ( (select makeSymbolic2 (_ bv1 32) ) ) ) -(get-value ( (select makeSymbolic2 (_ bv2 32) ) ) ) -(get-value ( (select makeSymbolic2 (_ bv3 32) ) ) ) +(get-value ( (select makeSymbolic1 (_ bv0 32) ) ) ) +(get-value ( (select makeSymbolic1 (_ bv1 32) ) ) ) +(get-value ( (select makeSymbolic1 (_ bv2 32) ) ) ) +(get-value ( (select makeSymbolic1 (_ bv3 32) ) ) ) (get-value ( (select makeSymbolic0 (_ bv0 32) ) ) ) (get-value ( (select makeSymbolic0 (_ bv1 32) ) ) ) (get-value ( (select makeSymbolic0 (_ bv2 32) ) ) ) @@ -882,69 +882,69 @@ (set-option :produce-models true) (set-logic QF_AUFBV ) (declare-fun makeSymbolic0 () (Array (_ BitVec 32) (_ BitVec 8) ) ) -(declare-fun makeSymbolic2 () (Array (_ BitVec 32) (_ BitVec 8) ) ) -(assert (and (and (and (and (and (not (= (concat (select makeSymbolic2 (_ bv3 32) ) (concat (select makeSymbolic2 (_ bv2 32) ) (concat (select makeSymbolic2 (_ bv1 32) ) (select makeSymbolic2 (_ bv0 32) ) ) ) ) (concat (select makeSymbolic2 (bvadd (_ bv3 32) (! ((_ extract 31 0) (! (bvadd (_ bv18446744073709533360 64) (! (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) :named ?B1) ) :named ?B2) ) :named ?B3) ) ) (concat (select makeSymbolic2 (bvadd (_ bv2 32) ?B3 ) ) (concat (select makeSymbolic2 (bvadd (_ bv1 32) ?B3 ) ) (select makeSymbolic2 ?B3 ) ) ) ) ) ) (= false (bvult (bvadd (_ bv31760 64) ?B1 ) (_ bv13 64) ) ) ) (= false (bvult (bvadd (_ bv31312 64) ?B1 ) (_ bv1 64) ) ) ) (= false (bvult ?B1 (_ bv13 64) ) ) ) (= false (bvult (bvadd (_ bv111120 64) ?B1 ) (_ bv1 64) ) ) ) (bvult ?B2 (_ bv1 64) ) ) ) +(declare-fun makeSymbolic1 () (Array (_ BitVec 32) (_ BitVec 8) ) ) +(assert (and (and (and (and (and (not (= (concat (select makeSymbolic1 (_ bv3 32) ) (concat (select makeSymbolic1 (_ bv2 32) ) (concat (select makeSymbolic1 (_ bv1 32) ) (select makeSymbolic1 (_ bv0 32) ) ) ) ) (concat (select makeSymbolic1 (bvadd (_ bv3 32) (! ((_ extract 31 0) (! (bvadd (_ bv18446744073709533360 64) (! (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) :named ?B1) ) :named ?B2) ) :named ?B3) ) ) (concat (select makeSymbolic1 (bvadd (_ bv2 32) ?B3 ) ) (concat (select makeSymbolic1 (bvadd (_ bv1 32) ?B3 ) ) (select makeSymbolic1 ?B3 ) ) ) ) ) ) (= false (bvult (bvadd (_ bv31760 64) ?B1 ) (_ bv13 64) ) ) ) (= false (bvult (bvadd (_ bv31312 64) ?B1 ) (_ bv1 64) ) ) ) (= false (bvult ?B1 (_ bv13 64) ) ) ) (= false (bvult (bvadd (_ bv111120 64) ?B1 ) (_ bv1 64) ) ) ) (bvult ?B2 (_ bv1 64) ) ) ) (check-sat) (get-value ( (select makeSymbolic0 (_ bv0 32) ) ) ) (get-value ( (select makeSymbolic0 (_ bv1 32) ) ) ) (get-value ( (select makeSymbolic0 (_ bv2 32) ) ) ) (get-value ( (select makeSymbolic0 (_ bv3 32) ) ) ) -(get-value ( (select makeSymbolic2 (_ bv0 32) ) ) ) -(get-value ( (select makeSymbolic2 (_ bv1 32) ) ) ) -(get-value ( (select makeSymbolic2 (_ bv2 32) ) ) ) -(get-value ( (select makeSymbolic2 (_ bv3 32) ) ) ) +(get-value ( (select makeSymbolic1 (_ bv0 32) ) ) ) +(get-value ( (select makeSymbolic1 (_ bv1 32) ) ) ) +(get-value ( (select makeSymbolic1 (_ bv2 32) ) ) ) +(get-value ( (select makeSymbolic1 (_ bv3 32) ) ) ) (exit) ;SMTLIBv2 Query 74 (set-option :produce-models true) (set-logic QF_AUFBV ) +(declare-fun constant1 () (Array (_ BitVec 32) (_ BitVec 8) ) ) (declare-fun makeSymbolic0 () (Array (_ BitVec 32) (_ BitVec 8) ) ) -(declare-fun makeSymbolic2 () (Array (_ BitVec 32) (_ BitVec 8) ) ) -(declare-fun constant3 () (Array (_ BitVec 32) (_ BitVec 8) ) ) -(assert (= (select constant3 (_ bv0 32) ) (_ bv171 8) ) ) -(assert (= (select constant3 (_ bv1 32) ) (_ bv171 8) ) ) -(assert (= (select constant3 (_ bv2 32) ) (_ bv171 8) ) ) -(assert (= (select constant3 (_ bv3 32) ) (_ bv171 8) ) ) -(assert (and (and (and (and (and (and (not (= false (= (concat (select makeSymbolic2 (_ bv3 32) ) (concat (select makeSymbolic2 (_ bv2 32) ) (concat (select makeSymbolic2 (_ bv1 32) ) (select makeSymbolic2 (_ bv0 32) ) ) ) ) (concat (select constant3 (bvadd (_ bv3 32) (! ((_ extract 31 0) (! (bvadd (_ bv18446744073709533328 64) (! (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) :named ?B1) ) :named ?B2) ) :named ?B3) ) ) (concat (select constant3 (bvadd (_ bv2 32) ?B3 ) ) (concat (select constant3 (bvadd (_ bv1 32) ?B3 ) ) (select constant3 ?B3 ) ) ) ) ) ) ) (= false (bvult (bvadd (_ bv31760 64) ?B1 ) (_ bv13 64) ) ) ) (= false (bvult (bvadd (_ bv31312 64) ?B1 ) (_ bv1 64) ) ) ) (= false (bvult ?B1 (_ bv13 64) ) ) ) (= false (bvult (bvadd (_ bv18446744073709533360 64) ?B1 ) (_ bv1 64) ) ) ) (= false (bvult (bvadd (_ bv111120 64) ?B1 ) (_ bv1 64) ) ) ) (bvult ?B2 (_ bv1 64) ) ) ) +(declare-fun makeSymbolic1 () (Array (_ BitVec 32) (_ BitVec 8) ) ) +(assert (= (select constant1 (_ bv0 32) ) (_ bv171 8) ) ) +(assert (= (select constant1 (_ bv1 32) ) (_ bv171 8) ) ) +(assert (= (select constant1 (_ bv2 32) ) (_ bv171 8) ) ) +(assert (= (select constant1 (_ bv3 32) ) (_ bv171 8) ) ) +(assert (and (and (and (and (and (and (not (= false (= (concat (select makeSymbolic1 (_ bv3 32) ) (concat (select makeSymbolic1 (_ bv2 32) ) (concat (select makeSymbolic1 (_ bv1 32) ) (select makeSymbolic1 (_ bv0 32) ) ) ) ) (concat (select constant1 (bvadd (_ bv3 32) (! ((_ extract 31 0) (! (bvadd (_ bv18446744073709533328 64) (! (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) :named ?B1) ) :named ?B2) ) :named ?B3) ) ) (concat (select constant1 (bvadd (_ bv2 32) ?B3 ) ) (concat (select constant1 (bvadd (_ bv1 32) ?B3 ) ) (select constant1 ?B3 ) ) ) ) ) ) ) (= false (bvult (bvadd (_ bv31760 64) ?B1 ) (_ bv13 64) ) ) ) (= false (bvult (bvadd (_ bv31312 64) ?B1 ) (_ bv1 64) ) ) ) (= false (bvult ?B1 (_ bv13 64) ) ) ) (= false (bvult (bvadd (_ bv18446744073709533360 64) ?B1 ) (_ bv1 64) ) ) ) (= false (bvult (bvadd (_ bv111120 64) ?B1 ) (_ bv1 64) ) ) ) (bvult ?B2 (_ bv1 64) ) ) ) (check-sat) (get-value ( (select makeSymbolic0 (_ bv0 32) ) ) ) (get-value ( (select makeSymbolic0 (_ bv1 32) ) ) ) (get-value ( (select makeSymbolic0 (_ bv2 32) ) ) ) (get-value ( (select makeSymbolic0 (_ bv3 32) ) ) ) -(get-value ( (select makeSymbolic2 (_ bv0 32) ) ) ) -(get-value ( (select makeSymbolic2 (_ bv1 32) ) ) ) -(get-value ( (select makeSymbolic2 (_ bv2 32) ) ) ) -(get-value ( (select makeSymbolic2 (_ bv3 32) ) ) ) +(get-value ( (select makeSymbolic1 (_ bv0 32) ) ) ) +(get-value ( (select makeSymbolic1 (_ bv1 32) ) ) ) +(get-value ( (select makeSymbolic1 (_ bv2 32) ) ) ) +(get-value ( (select makeSymbolic1 (_ bv3 32) ) ) ) (exit) ;SMTLIBv2 Query 75 (set-option :produce-models true) (set-logic QF_AUFBV ) +(declare-fun constant2 () (Array (_ BitVec 32) (_ BitVec 8) ) ) (declare-fun makeSymbolic0 () (Array (_ BitVec 32) (_ BitVec 8) ) ) -(declare-fun makeSymbolic2 () (Array (_ BitVec 32) (_ BitVec 8) ) ) -(declare-fun constant4 () (Array (_ BitVec 32) (_ BitVec 8) ) ) -(assert (= (select constant4 (_ bv0 32) ) (_ bv12 8) ) ) -(assert (= (select constant4 (_ bv1 32) ) (_ bv0 8) ) ) -(assert (= (select constant4 (_ bv2 32) ) (_ bv0 8) ) ) -(assert (= (select constant4 (_ bv3 32) ) (_ bv0 8) ) ) -(assert (= (select constant4 (_ bv4 32) ) (_ bv13 8) ) ) -(assert (= (select constant4 (_ bv5 32) ) (_ bv0 8) ) ) -(assert (= (select constant4 (_ bv6 32) ) (_ bv0 8) ) ) -(assert (= (select constant4 (_ bv7 32) ) (_ bv0 8) ) ) -(assert (= (select constant4 (_ bv8 32) ) (_ bv14 8) ) ) -(assert (= (select constant4 (_ bv9 32) ) (_ bv0 8) ) ) -(assert (= (select constant4 (_ bv10 32) ) (_ bv0 8) ) ) -(assert (= (select constant4 (_ bv11 32) ) (_ bv0 8) ) ) -(assert (= (select constant4 (_ bv12 32) ) (_ bv15 8) ) ) -(assert (= (select constant4 (_ bv13 32) ) (_ bv0 8) ) ) -(assert (= (select constant4 (_ bv14 32) ) (_ bv0 8) ) ) -(assert (= (select constant4 (_ bv15 32) ) (_ bv0 8) ) ) -(assert (and (not (= false (= (concat (select makeSymbolic2 (_ bv3 32) ) (concat (select makeSymbolic2 (_ bv2 32) ) (concat (select makeSymbolic2 (_ bv1 32) ) (select makeSymbolic2 (_ bv0 32) ) ) ) ) (concat (select constant4 (bvadd (_ bv3 32) (! ((_ extract 31 0) (! (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) :named ?B1) ) :named ?B2) ) ) (concat (select constant4 (bvadd (_ bv2 32) ?B2 ) ) (concat (select constant4 (bvadd (_ bv1 32) ?B2 ) ) (select constant4 ?B2 ) ) ) ) ) ) ) (bvult ?B1 (_ bv13 64) ) ) ) +(declare-fun makeSymbolic1 () (Array (_ BitVec 32) (_ BitVec 8) ) ) +(assert (= (select constant2 (_ bv0 32) ) (_ bv12 8) ) ) +(assert (= (select constant2 (_ bv1 32) ) (_ bv0 8) ) ) +(assert (= (select constant2 (_ bv2 32) ) (_ bv0 8) ) ) +(assert (= (select constant2 (_ bv3 32) ) (_ bv0 8) ) ) +(assert (= (select constant2 (_ bv4 32) ) (_ bv13 8) ) ) +(assert (= (select constant2 (_ bv5 32) ) (_ bv0 8) ) ) +(assert (= (select constant2 (_ bv6 32) ) (_ bv0 8) ) ) +(assert (= (select constant2 (_ bv7 32) ) (_ bv0 8) ) ) +(assert (= (select constant2 (_ bv8 32) ) (_ bv14 8) ) ) +(assert (= (select constant2 (_ bv9 32) ) (_ bv0 8) ) ) +(assert (= (select constant2 (_ bv10 32) ) (_ bv0 8) ) ) +(assert (= (select constant2 (_ bv11 32) ) (_ bv0 8) ) ) +(assert (= (select constant2 (_ bv12 32) ) (_ bv15 8) ) ) +(assert (= (select constant2 (_ bv13 32) ) (_ bv0 8) ) ) +(assert (= (select constant2 (_ bv14 32) ) (_ bv0 8) ) ) +(assert (= (select constant2 (_ bv15 32) ) (_ bv0 8) ) ) +(assert (and (not (= false (= (concat (select makeSymbolic1 (_ bv3 32) ) (concat (select makeSymbolic1 (_ bv2 32) ) (concat (select makeSymbolic1 (_ bv1 32) ) (select makeSymbolic1 (_ bv0 32) ) ) ) ) (concat (select constant2 (bvadd (_ bv3 32) (! ((_ extract 31 0) (! (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) :named ?B1) ) :named ?B2) ) ) (concat (select constant2 (bvadd (_ bv2 32) ?B2 ) ) (concat (select constant2 (bvadd (_ bv1 32) ?B2 ) ) (select constant2 ?B2 ) ) ) ) ) ) ) (bvult ?B1 (_ bv13 64) ) ) ) (check-sat) -(get-value ( (select makeSymbolic2 (_ bv0 32) ) ) ) -(get-value ( (select makeSymbolic2 (_ bv1 32) ) ) ) -(get-value ( (select makeSymbolic2 (_ bv2 32) ) ) ) -(get-value ( (select makeSymbolic2 (_ bv3 32) ) ) ) +(get-value ( (select makeSymbolic1 (_ bv0 32) ) ) ) +(get-value ( (select makeSymbolic1 (_ bv1 32) ) ) ) +(get-value ( (select makeSymbolic1 (_ bv2 32) ) ) ) +(get-value ( (select makeSymbolic1 (_ bv3 32) ) ) ) (get-value ( (select makeSymbolic0 (_ bv0 32) ) ) ) (get-value ( (select makeSymbolic0 (_ bv1 32) ) ) ) (get-value ( (select makeSymbolic0 (_ bv2 32) ) ) ) @@ -954,53 +954,53 @@ ;SMTLIBv2 Query 76 (set-option :produce-models true) (set-logic QF_AUFBV ) +(declare-fun constant1 () (Array (_ BitVec 32) (_ BitVec 8) ) ) (declare-fun makeSymbolic0 () (Array (_ BitVec 32) (_ BitVec 8) ) ) -(declare-fun makeSymbolic2 () (Array (_ BitVec 32) (_ BitVec 8) ) ) -(declare-fun constant5 () (Array (_ BitVec 32) (_ BitVec 8) ) ) -(assert (= (select constant5 (_ bv0 32) ) (_ bv171 8) ) ) -(assert (= (select constant5 (_ bv1 32) ) (_ bv171 8) ) ) -(assert (= (select constant5 (_ bv2 32) ) (_ bv171 8) ) ) -(assert (= (select constant5 (_ bv3 32) ) (_ bv171 8) ) ) -(assert (and (and (and (and (not (= false (= (concat (select makeSymbolic2 (_ bv3 32) ) (concat (select makeSymbolic2 (_ bv2 32) ) (concat (select makeSymbolic2 (_ bv1 32) ) (select makeSymbolic2 (_ bv0 32) ) ) ) ) (concat (select constant5 (bvadd (_ bv3 32) (! ((_ extract 31 0) (! (bvadd (_ bv111120 64) (! (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) :named ?B1) ) :named ?B2) ) :named ?B3) ) ) (concat (select constant5 (bvadd (_ bv2 32) ?B3 ) ) (concat (select constant5 (bvadd (_ bv1 32) ?B3 ) ) (select constant5 ?B3 ) ) ) ) ) ) ) (= false (bvult (bvadd (_ bv31760 64) ?B1 ) (_ bv13 64) ) ) ) (= false (bvult (bvadd (_ bv31312 64) ?B1 ) (_ bv1 64) ) ) ) (= false (bvult ?B1 (_ bv13 64) ) ) ) (bvult ?B2 (_ bv1 64) ) ) ) +(declare-fun makeSymbolic1 () (Array (_ BitVec 32) (_ BitVec 8) ) ) +(assert (= (select constant1 (_ bv0 32) ) (_ bv171 8) ) ) +(assert (= (select constant1 (_ bv1 32) ) (_ bv171 8) ) ) +(assert (= (select constant1 (_ bv2 32) ) (_ bv171 8) ) ) +(assert (= (select constant1 (_ bv3 32) ) (_ bv171 8) ) ) +(assert (and (and (and (and (not (= false (= (concat (select makeSymbolic1 (_ bv3 32) ) (concat (select makeSymbolic1 (_ bv2 32) ) (concat (select makeSymbolic1 (_ bv1 32) ) (select makeSymbolic1 (_ bv0 32) ) ) ) ) (concat (select constant1 (bvadd (_ bv3 32) (! ((_ extract 31 0) (! (bvadd (_ bv111120 64) (! (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) :named ?B1) ) :named ?B2) ) :named ?B3) ) ) (concat (select constant1 (bvadd (_ bv2 32) ?B3 ) ) (concat (select constant1 (bvadd (_ bv1 32) ?B3 ) ) (select constant1 ?B3 ) ) ) ) ) ) ) (= false (bvult (bvadd (_ bv31760 64) ?B1 ) (_ bv13 64) ) ) ) (= false (bvult (bvadd (_ bv31312 64) ?B1 ) (_ bv1 64) ) ) ) (= false (bvult ?B1 (_ bv13 64) ) ) ) (bvult ?B2 (_ bv1 64) ) ) ) (check-sat) (get-value ( (select makeSymbolic0 (_ bv0 32) ) ) ) (get-value ( (select makeSymbolic0 (_ bv1 32) ) ) ) (get-value ( (select makeSymbolic0 (_ bv2 32) ) ) ) (get-value ( (select makeSymbolic0 (_ bv3 32) ) ) ) -(get-value ( (select makeSymbolic2 (_ bv0 32) ) ) ) -(get-value ( (select makeSymbolic2 (_ bv1 32) ) ) ) -(get-value ( (select makeSymbolic2 (_ bv2 32) ) ) ) -(get-value ( (select makeSymbolic2 (_ bv3 32) ) ) ) +(get-value ( (select makeSymbolic1 (_ bv0 32) ) ) ) +(get-value ( (select makeSymbolic1 (_ bv1 32) ) ) ) +(get-value ( (select makeSymbolic1 (_ bv2 32) ) ) ) +(get-value ( (select makeSymbolic1 (_ bv3 32) ) ) ) (exit) ;SMTLIBv2 Query 77 (set-option :produce-models true) (set-logic QF_AUFBV ) +(declare-fun constant2 () (Array (_ BitVec 32) (_ BitVec 8) ) ) (declare-fun makeSymbolic0 () (Array (_ BitVec 32) (_ BitVec 8) ) ) -(declare-fun makeSymbolic2 () (Array (_ BitVec 32) (_ BitVec 8) ) ) -(declare-fun constant6 () (Array (_ BitVec 32) (_ BitVec 8) ) ) -(assert (= (select constant6 (_ bv0 32) ) (_ bv12 8) ) ) -(assert (= (select constant6 (_ bv1 32) ) (_ bv0 8) ) ) -(assert (= (select constant6 (_ bv2 32) ) (_ bv0 8) ) ) -(assert (= (select constant6 (_ bv3 32) ) (_ bv0 8) ) ) -(assert (= (select constant6 (_ bv4 32) ) (_ bv13 8) ) ) -(assert (= (select constant6 (_ bv5 32) ) (_ bv0 8) ) ) -(assert (= (select constant6 (_ bv6 32) ) (_ bv0 8) ) ) -(assert (= (select constant6 (_ bv7 32) ) (_ bv0 8) ) ) -(assert (= (select constant6 (_ bv8 32) ) (_ bv14 8) ) ) -(assert (= (select constant6 (_ bv9 32) ) (_ bv0 8) ) ) -(assert (= (select constant6 (_ bv10 32) ) (_ bv0 8) ) ) -(assert (= (select constant6 (_ bv11 32) ) (_ bv0 8) ) ) -(assert (= (select constant6 (_ bv12 32) ) (_ bv15 8) ) ) -(assert (= (select constant6 (_ bv13 32) ) (_ bv0 8) ) ) -(assert (= (select constant6 (_ bv14 32) ) (_ bv0 8) ) ) -(assert (= (select constant6 (_ bv15 32) ) (_ bv0 8) ) ) -(assert (and (and (and (not (= false (= (concat (select makeSymbolic2 (_ bv3 32) ) (concat (select makeSymbolic2 (_ bv2 32) ) (concat (select makeSymbolic2 (_ bv1 32) ) (select makeSymbolic2 (_ bv0 32) ) ) ) ) (concat (select constant6 (bvadd (_ bv3 32) (! ((_ extract 31 0) (! (bvadd (_ bv31760 64) (! (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) :named ?B1) ) :named ?B2) ) :named ?B3) ) ) (concat (select constant6 (bvadd (_ bv2 32) ?B3 ) ) (concat (select constant6 (bvadd (_ bv1 32) ?B3 ) ) (select constant6 ?B3 ) ) ) ) ) ) ) (= false (bvult (bvadd (_ bv31312 64) ?B1 ) (_ bv1 64) ) ) ) (= false (bvult ?B1 (_ bv13 64) ) ) ) (bvult ?B2 (_ bv13 64) ) ) ) +(declare-fun makeSymbolic1 () (Array (_ BitVec 32) (_ BitVec 8) ) ) +(assert (= (select constant2 (_ bv0 32) ) (_ bv12 8) ) ) +(assert (= (select constant2 (_ bv1 32) ) (_ bv0 8) ) ) +(assert (= (select constant2 (_ bv2 32) ) (_ bv0 8) ) ) +(assert (= (select constant2 (_ bv3 32) ) (_ bv0 8) ) ) +(assert (= (select constant2 (_ bv4 32) ) (_ bv13 8) ) ) +(assert (= (select constant2 (_ bv5 32) ) (_ bv0 8) ) ) +(assert (= (select constant2 (_ bv6 32) ) (_ bv0 8) ) ) +(assert (= (select constant2 (_ bv7 32) ) (_ bv0 8) ) ) +(assert (= (select constant2 (_ bv8 32) ) (_ bv14 8) ) ) +(assert (= (select constant2 (_ bv9 32) ) (_ bv0 8) ) ) +(assert (= (select constant2 (_ bv10 32) ) (_ bv0 8) ) ) +(assert (= (select constant2 (_ bv11 32) ) (_ bv0 8) ) ) +(assert (= (select constant2 (_ bv12 32) ) (_ bv15 8) ) ) +(assert (= (select constant2 (_ bv13 32) ) (_ bv0 8) ) ) +(assert (= (select constant2 (_ bv14 32) ) (_ bv0 8) ) ) +(assert (= (select constant2 (_ bv15 32) ) (_ bv0 8) ) ) +(assert (and (and (and (not (= false (= (concat (select makeSymbolic1 (_ bv3 32) ) (concat (select makeSymbolic1 (_ bv2 32) ) (concat (select makeSymbolic1 (_ bv1 32) ) (select makeSymbolic1 (_ bv0 32) ) ) ) ) (concat (select constant2 (bvadd (_ bv3 32) (! ((_ extract 31 0) (! (bvadd (_ bv31760 64) (! (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) :named ?B1) ) :named ?B2) ) :named ?B3) ) ) (concat (select constant2 (bvadd (_ bv2 32) ?B3 ) ) (concat (select constant2 (bvadd (_ bv1 32) ?B3 ) ) (select constant2 ?B3 ) ) ) ) ) ) ) (= false (bvult (bvadd (_ bv31312 64) ?B1 ) (_ bv1 64) ) ) ) (= false (bvult ?B1 (_ bv13 64) ) ) ) (bvult ?B2 (_ bv13 64) ) ) ) (check-sat) -(get-value ( (select makeSymbolic2 (_ bv0 32) ) ) ) -(get-value ( (select makeSymbolic2 (_ bv1 32) ) ) ) -(get-value ( (select makeSymbolic2 (_ bv2 32) ) ) ) -(get-value ( (select makeSymbolic2 (_ bv3 32) ) ) ) +(get-value ( (select makeSymbolic1 (_ bv0 32) ) ) ) +(get-value ( (select makeSymbolic1 (_ bv1 32) ) ) ) +(get-value ( (select makeSymbolic1 (_ bv2 32) ) ) ) +(get-value ( (select makeSymbolic1 (_ bv3 32) ) ) ) (get-value ( (select makeSymbolic0 (_ bv0 32) ) ) ) (get-value ( (select makeSymbolic0 (_ bv1 32) ) ) ) (get-value ( (select makeSymbolic0 (_ bv2 32) ) ) ) @@ -1011,15 +1011,15 @@ (set-option :produce-models true) (set-logic QF_AUFBV ) (declare-fun makeSymbolic0 () (Array (_ BitVec 32) (_ BitVec 8) ) ) -(declare-fun makeSymbolic2 () (Array (_ BitVec 32) (_ BitVec 8) ) ) -(assert (and (and (and (and (and (and (and (not (= false (= (concat (select makeSymbolic2 (_ bv3 32) ) (concat (select makeSymbolic2 (_ bv2 32) ) (concat (select makeSymbolic2 (_ bv1 32) ) (select makeSymbolic2 (_ bv0 32) ) ) ) ) (concat (select makeSymbolic0 (bvadd (_ bv3 32) (! ((_ extract 31 0) (! (bvadd (_ bv18446744073709532800 64) (! (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) :named ?B1) ) :named ?B2) ) :named ?B3) ) ) (concat (select makeSymbolic0 (bvadd (_ bv2 32) ?B3 ) ) (concat (select makeSymbolic0 (bvadd (_ bv1 32) ?B3 ) ) (select makeSymbolic0 ?B3 ) ) ) ) ) ) ) (= false (bvult (bvadd (_ bv31760 64) ?B1 ) (_ bv13 64) ) ) ) (= false (bvult (bvadd (_ bv31312 64) ?B1 ) (_ bv1 64) ) ) ) (= false (bvult ?B1 (_ bv13 64) ) ) ) (= false (bvult (bvadd (_ bv18446744073709533360 64) ?B1 ) (_ bv1 64) ) ) ) (= false (bvult (bvadd (_ bv18446744073709533328 64) ?B1 ) (_ bv1 64) ) ) ) (= false (bvult (bvadd (_ bv111120 64) ?B1 ) (_ bv1 64) ) ) ) (bvult ?B2 (_ bv1 64) ) ) ) +(declare-fun makeSymbolic1 () (Array (_ BitVec 32) (_ BitVec 8) ) ) +(assert (and (and (and (and (and (and (and (not (= false (= (concat (select makeSymbolic1 (_ bv3 32) ) (concat (select makeSymbolic1 (_ bv2 32) ) (concat (select makeSymbolic1 (_ bv1 32) ) (select makeSymbolic1 (_ bv0 32) ) ) ) ) (concat (select makeSymbolic0 (bvadd (_ bv3 32) (! ((_ extract 31 0) (! (bvadd (_ bv18446744073709532800 64) (! (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) :named ?B1) ) :named ?B2) ) :named ?B3) ) ) (concat (select makeSymbolic0 (bvadd (_ bv2 32) ?B3 ) ) (concat (select makeSymbolic0 (bvadd (_ bv1 32) ?B3 ) ) (select makeSymbolic0 ?B3 ) ) ) ) ) ) ) (= false (bvult (bvadd (_ bv31760 64) ?B1 ) (_ bv13 64) ) ) ) (= false (bvult (bvadd (_ bv31312 64) ?B1 ) (_ bv1 64) ) ) ) (= false (bvult ?B1 (_ bv13 64) ) ) ) (= false (bvult (bvadd (_ bv18446744073709533360 64) ?B1 ) (_ bv1 64) ) ) ) (= false (bvult (bvadd (_ bv18446744073709533328 64) ?B1 ) (_ bv1 64) ) ) ) (= false (bvult (bvadd (_ bv111120 64) ?B1 ) (_ bv1 64) ) ) ) (bvult ?B2 (_ bv1 64) ) ) ) (check-sat) (get-value ( (select makeSymbolic0 (_ bv0 32) ) ) ) (get-value ( (select makeSymbolic0 (_ bv1 32) ) ) ) (get-value ( (select makeSymbolic0 (_ bv2 32) ) ) ) (get-value ( (select makeSymbolic0 (_ bv3 32) ) ) ) -(get-value ( (select makeSymbolic2 (_ bv0 32) ) ) ) -(get-value ( (select makeSymbolic2 (_ bv1 32) ) ) ) -(get-value ( (select makeSymbolic2 (_ bv2 32) ) ) ) -(get-value ( (select makeSymbolic2 (_ bv3 32) ) ) ) +(get-value ( (select makeSymbolic1 (_ bv0 32) ) ) ) +(get-value ( (select makeSymbolic1 (_ bv1 32) ) ) ) +(get-value ( (select makeSymbolic1 (_ bv2 32) ) ) ) +(get-value ( (select makeSymbolic1 (_ bv3 32) ) ) ) (exit) diff --git a/test/Expr/print-smt-none.kquery b/test/Expr/print-smt-none.kquery index 90c0bce0e7..9b002c3862 100644 --- a/test/Expr/print-smt-none.kquery +++ b/test/Expr/print-smt-none.kquery @@ -1068,7 +1068,7 @@ makeSymbolic0 : (array (w64 4) (makeSymbolic unnamed_1 0)) [makeSymbolic0]) # Query 72 -- Type: InitialValues, Instructions: 30 -constant2 : (array (w64 4) (constant [121 101 115 0])) +constant2 : (array (w64 4) (constant [121, 101, 115, 0] default: 0)) makeSymbolic1 : (array (w64 4) (makeSymbolic unnamed 0)) makeSymbolic0 : (array (w64 4) (makeSymbolic unnamed_1 0)) (query [(Eq false @@ -1104,7 +1104,7 @@ makeSymbolic0 : (array (w64 4) (makeSymbolic unnamed_1 0)) # Query 74 -- Type: InitialValues, Instructions: 37 makeSymbolic1 : (array (w64 4) (makeSymbolic unnamed 0)) makeSymbolic0 : (array (w64 4) (makeSymbolic unnamed_1 0)) -constant2 : (array (w64 4) (constant [171 171 171 171])) +constant2 : (array (w64 4) (constant [171, 171, 171, 171] default: 0)) (query [(Eq false (Ult N0:(Mul w64 4 (SExt w64 (ReadLSB w32 0 makeSymbolic0))) @@ -1127,7 +1127,7 @@ constant2 : (array (w64 4) (constant [171 171 171 171])) # Query 75 -- Type: InitialValues, Instructions: 40 makeSymbolic1 : (array (w64 4) (makeSymbolic unnamed 0)) makeSymbolic0 : (array (w64 4) (makeSymbolic unnamed_1 0)) -constant2 : (array (w64 16) (constant [12 0 0 0 13 0 0 0 14 0 0 0 15 0 0 0])) +constant2 : (array (w64 16) (constant {0: 12, 4: 13, 8: 14, 12: 15} default: 0)) (query [(Ult N0:(Mul w64 4 (SExt w64 (ReadLSB w32 0 makeSymbolic0))) 13)] @@ -1140,7 +1140,7 @@ constant2 : (array (w64 16) (constant [12 0 0 0 13 0 0 0 14 0 0 0 15 0 0 0])) # Query 76 -- Type: InitialValues, Instructions: 50 makeSymbolic1 : (array (w64 4) (makeSymbolic unnamed 0)) makeSymbolic0 : (array (w64 4) (makeSymbolic unnamed_1 0)) -constant2 : (array (w64 4) (constant [171 171 171 171])) +constant2 : (array (w64 4) (constant [171, 171, 171, 171] default: 0)) (query [(Eq false (Ult N0:(Mul w64 4 (SExt w64 (ReadLSB w32 0 makeSymbolic0))) @@ -1159,7 +1159,7 @@ constant2 : (array (w64 4) (constant [171 171 171 171])) # Query 77 -- Type: InitialValues, Instructions: 51 makeSymbolic1 : (array (w64 4) (makeSymbolic unnamed 0)) makeSymbolic0 : (array (w64 4) (makeSymbolic unnamed_1 0)) -constant2 : (array (w64 16) (constant [12 0 0 0 13 0 0 0 14 0 0 0 15 0 0 0])) +constant2 : (array (w64 16) (constant {0: 12, 4: 13, 8: 14, 12: 15} default: 0)) (query [(Eq false (Ult N0:(Mul w64 4 (SExt w64 (ReadLSB w32 0 makeSymbolic0))) diff --git a/test/Expr/print-smt-none.smt2.good b/test/Expr/print-smt-none.smt2.good index 3a4d2e0ce6..1fe23264f3 100644 --- a/test/Expr/print-smt-none.smt2.good +++ b/test/Expr/print-smt-none.smt2.good @@ -859,19 +859,19 @@ ;SMTLIBv2 Query 72 (set-option :produce-models true) (set-logic QF_AUFBV ) +(declare-fun constant0 () (Array (_ BitVec 32) (_ BitVec 8) ) ) (declare-fun makeSymbolic0 () (Array (_ BitVec 32) (_ BitVec 8) ) ) -(declare-fun constant1 () (Array (_ BitVec 32) (_ BitVec 8) ) ) -(declare-fun makeSymbolic2 () (Array (_ BitVec 32) (_ BitVec 8) ) ) -(assert (= (select constant1 (_ bv0 32) ) (_ bv121 8) ) ) -(assert (= (select constant1 (_ bv1 32) ) (_ bv101 8) ) ) -(assert (= (select constant1 (_ bv2 32) ) (_ bv115 8) ) ) -(assert (= (select constant1 (_ bv3 32) ) (_ bv0 8) ) ) -(assert (and (and (not (= false (= (concat (select makeSymbolic2 (_ bv3 32) ) (concat (select makeSymbolic2 (_ bv2 32) ) (concat (select makeSymbolic2 (_ bv1 32) ) (select makeSymbolic2 (_ bv0 32) ) ) ) ) (concat (select constant1 (bvadd (_ bv3 32) ((_ extract 31 0) (bvadd (_ bv31312 64) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) ) ) ) (concat (select constant1 (bvadd (_ bv2 32) ((_ extract 31 0) (bvadd (_ bv31312 64) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) ) ) ) (concat (select constant1 (bvadd (_ bv1 32) ((_ extract 31 0) (bvadd (_ bv31312 64) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) ) ) ) (select constant1 ((_ extract 31 0) (bvadd (_ bv31312 64) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) (= false (bvult (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) (_ bv13 64) ) ) ) (bvult (bvadd (_ bv31312 64) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) (_ bv1 64) ) ) ) +(declare-fun makeSymbolic1 () (Array (_ BitVec 32) (_ BitVec 8) ) ) +(assert (= (select constant0 (_ bv0 32) ) (_ bv121 8) ) ) +(assert (= (select constant0 (_ bv1 32) ) (_ bv101 8) ) ) +(assert (= (select constant0 (_ bv2 32) ) (_ bv115 8) ) ) +(assert (= (select constant0 (_ bv3 32) ) (_ bv0 8) ) ) +(assert (and (and (not (= false (= (concat (select makeSymbolic1 (_ bv3 32) ) (concat (select makeSymbolic1 (_ bv2 32) ) (concat (select makeSymbolic1 (_ bv1 32) ) (select makeSymbolic1 (_ bv0 32) ) ) ) ) (concat (select constant0 (bvadd (_ bv3 32) ((_ extract 31 0) (bvadd (_ bv31312 64) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) ) ) ) (concat (select constant0 (bvadd (_ bv2 32) ((_ extract 31 0) (bvadd (_ bv31312 64) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) ) ) ) (concat (select constant0 (bvadd (_ bv1 32) ((_ extract 31 0) (bvadd (_ bv31312 64) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) ) ) ) (select constant0 ((_ extract 31 0) (bvadd (_ bv31312 64) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) (= false (bvult (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) (_ bv13 64) ) ) ) (bvult (bvadd (_ bv31312 64) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) (_ bv1 64) ) ) ) (check-sat) -(get-value ( (select makeSymbolic2 (_ bv0 32) ) ) ) -(get-value ( (select makeSymbolic2 (_ bv1 32) ) ) ) -(get-value ( (select makeSymbolic2 (_ bv2 32) ) ) ) -(get-value ( (select makeSymbolic2 (_ bv3 32) ) ) ) +(get-value ( (select makeSymbolic1 (_ bv0 32) ) ) ) +(get-value ( (select makeSymbolic1 (_ bv1 32) ) ) ) +(get-value ( (select makeSymbolic1 (_ bv2 32) ) ) ) +(get-value ( (select makeSymbolic1 (_ bv3 32) ) ) ) (get-value ( (select makeSymbolic0 (_ bv0 32) ) ) ) (get-value ( (select makeSymbolic0 (_ bv1 32) ) ) ) (get-value ( (select makeSymbolic0 (_ bv2 32) ) ) ) @@ -882,69 +882,69 @@ (set-option :produce-models true) (set-logic QF_AUFBV ) (declare-fun makeSymbolic0 () (Array (_ BitVec 32) (_ BitVec 8) ) ) -(declare-fun makeSymbolic2 () (Array (_ BitVec 32) (_ BitVec 8) ) ) -(assert (and (and (and (and (and (not (= (concat (select makeSymbolic2 (_ bv3 32) ) (concat (select makeSymbolic2 (_ bv2 32) ) (concat (select makeSymbolic2 (_ bv1 32) ) (select makeSymbolic2 (_ bv0 32) ) ) ) ) (concat (select makeSymbolic2 (bvadd (_ bv3 32) ((_ extract 31 0) (bvadd (_ bv18446744073709533360 64) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) ) ) ) (concat (select makeSymbolic2 (bvadd (_ bv2 32) ((_ extract 31 0) (bvadd (_ bv18446744073709533360 64) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) ) ) ) (concat (select makeSymbolic2 (bvadd (_ bv1 32) ((_ extract 31 0) (bvadd (_ bv18446744073709533360 64) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) ) ) ) (select makeSymbolic2 ((_ extract 31 0) (bvadd (_ bv18446744073709533360 64) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) ) ) ) ) ) ) ) (= false (bvult (bvadd (_ bv31760 64) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) (_ bv13 64) ) ) ) (= false (bvult (bvadd (_ bv31312 64) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) (_ bv1 64) ) ) ) (= false (bvult (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) (_ bv13 64) ) ) ) (= false (bvult (bvadd (_ bv111120 64) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) (_ bv1 64) ) ) ) (bvult (bvadd (_ bv18446744073709533360 64) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) (_ bv1 64) ) ) ) +(declare-fun makeSymbolic1 () (Array (_ BitVec 32) (_ BitVec 8) ) ) +(assert (and (and (and (and (and (not (= (concat (select makeSymbolic1 (_ bv3 32) ) (concat (select makeSymbolic1 (_ bv2 32) ) (concat (select makeSymbolic1 (_ bv1 32) ) (select makeSymbolic1 (_ bv0 32) ) ) ) ) (concat (select makeSymbolic1 (bvadd (_ bv3 32) ((_ extract 31 0) (bvadd (_ bv18446744073709533360 64) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) ) ) ) (concat (select makeSymbolic1 (bvadd (_ bv2 32) ((_ extract 31 0) (bvadd (_ bv18446744073709533360 64) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) ) ) ) (concat (select makeSymbolic1 (bvadd (_ bv1 32) ((_ extract 31 0) (bvadd (_ bv18446744073709533360 64) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) ) ) ) (select makeSymbolic1 ((_ extract 31 0) (bvadd (_ bv18446744073709533360 64) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) ) ) ) ) ) ) ) (= false (bvult (bvadd (_ bv31760 64) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) (_ bv13 64) ) ) ) (= false (bvult (bvadd (_ bv31312 64) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) (_ bv1 64) ) ) ) (= false (bvult (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) (_ bv13 64) ) ) ) (= false (bvult (bvadd (_ bv111120 64) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) (_ bv1 64) ) ) ) (bvult (bvadd (_ bv18446744073709533360 64) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) (_ bv1 64) ) ) ) (check-sat) (get-value ( (select makeSymbolic0 (_ bv0 32) ) ) ) (get-value ( (select makeSymbolic0 (_ bv1 32) ) ) ) (get-value ( (select makeSymbolic0 (_ bv2 32) ) ) ) (get-value ( (select makeSymbolic0 (_ bv3 32) ) ) ) -(get-value ( (select makeSymbolic2 (_ bv0 32) ) ) ) -(get-value ( (select makeSymbolic2 (_ bv1 32) ) ) ) -(get-value ( (select makeSymbolic2 (_ bv2 32) ) ) ) -(get-value ( (select makeSymbolic2 (_ bv3 32) ) ) ) +(get-value ( (select makeSymbolic1 (_ bv0 32) ) ) ) +(get-value ( (select makeSymbolic1 (_ bv1 32) ) ) ) +(get-value ( (select makeSymbolic1 (_ bv2 32) ) ) ) +(get-value ( (select makeSymbolic1 (_ bv3 32) ) ) ) (exit) ;SMTLIBv2 Query 74 (set-option :produce-models true) (set-logic QF_AUFBV ) +(declare-fun constant1 () (Array (_ BitVec 32) (_ BitVec 8) ) ) (declare-fun makeSymbolic0 () (Array (_ BitVec 32) (_ BitVec 8) ) ) -(declare-fun makeSymbolic2 () (Array (_ BitVec 32) (_ BitVec 8) ) ) -(declare-fun constant3 () (Array (_ BitVec 32) (_ BitVec 8) ) ) -(assert (= (select constant3 (_ bv0 32) ) (_ bv171 8) ) ) -(assert (= (select constant3 (_ bv1 32) ) (_ bv171 8) ) ) -(assert (= (select constant3 (_ bv2 32) ) (_ bv171 8) ) ) -(assert (= (select constant3 (_ bv3 32) ) (_ bv171 8) ) ) -(assert (and (and (and (and (and (and (not (= false (= (concat (select makeSymbolic2 (_ bv3 32) ) (concat (select makeSymbolic2 (_ bv2 32) ) (concat (select makeSymbolic2 (_ bv1 32) ) (select makeSymbolic2 (_ bv0 32) ) ) ) ) (concat (select constant3 (bvadd (_ bv3 32) ((_ extract 31 0) (bvadd (_ bv18446744073709533328 64) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) ) ) ) (concat (select constant3 (bvadd (_ bv2 32) ((_ extract 31 0) (bvadd (_ bv18446744073709533328 64) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) ) ) ) (concat (select constant3 (bvadd (_ bv1 32) ((_ extract 31 0) (bvadd (_ bv18446744073709533328 64) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) ) ) ) (select constant3 ((_ extract 31 0) (bvadd (_ bv18446744073709533328 64) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) (= false (bvult (bvadd (_ bv31760 64) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) (_ bv13 64) ) ) ) (= false (bvult (bvadd (_ bv31312 64) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) (_ bv1 64) ) ) ) (= false (bvult (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) (_ bv13 64) ) ) ) (= false (bvult (bvadd (_ bv18446744073709533360 64) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) (_ bv1 64) ) ) ) (= false (bvult (bvadd (_ bv111120 64) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) (_ bv1 64) ) ) ) (bvult (bvadd (_ bv18446744073709533328 64) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) (_ bv1 64) ) ) ) +(declare-fun makeSymbolic1 () (Array (_ BitVec 32) (_ BitVec 8) ) ) +(assert (= (select constant1 (_ bv0 32) ) (_ bv171 8) ) ) +(assert (= (select constant1 (_ bv1 32) ) (_ bv171 8) ) ) +(assert (= (select constant1 (_ bv2 32) ) (_ bv171 8) ) ) +(assert (= (select constant1 (_ bv3 32) ) (_ bv171 8) ) ) +(assert (and (and (and (and (and (and (not (= false (= (concat (select makeSymbolic1 (_ bv3 32) ) (concat (select makeSymbolic1 (_ bv2 32) ) (concat (select makeSymbolic1 (_ bv1 32) ) (select makeSymbolic1 (_ bv0 32) ) ) ) ) (concat (select constant1 (bvadd (_ bv3 32) ((_ extract 31 0) (bvadd (_ bv18446744073709533328 64) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) ) ) ) (concat (select constant1 (bvadd (_ bv2 32) ((_ extract 31 0) (bvadd (_ bv18446744073709533328 64) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) ) ) ) (concat (select constant1 (bvadd (_ bv1 32) ((_ extract 31 0) (bvadd (_ bv18446744073709533328 64) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) ) ) ) (select constant1 ((_ extract 31 0) (bvadd (_ bv18446744073709533328 64) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) (= false (bvult (bvadd (_ bv31760 64) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) (_ bv13 64) ) ) ) (= false (bvult (bvadd (_ bv31312 64) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) (_ bv1 64) ) ) ) (= false (bvult (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) (_ bv13 64) ) ) ) (= false (bvult (bvadd (_ bv18446744073709533360 64) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) (_ bv1 64) ) ) ) (= false (bvult (bvadd (_ bv111120 64) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) (_ bv1 64) ) ) ) (bvult (bvadd (_ bv18446744073709533328 64) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) (_ bv1 64) ) ) ) (check-sat) (get-value ( (select makeSymbolic0 (_ bv0 32) ) ) ) (get-value ( (select makeSymbolic0 (_ bv1 32) ) ) ) (get-value ( (select makeSymbolic0 (_ bv2 32) ) ) ) (get-value ( (select makeSymbolic0 (_ bv3 32) ) ) ) -(get-value ( (select makeSymbolic2 (_ bv0 32) ) ) ) -(get-value ( (select makeSymbolic2 (_ bv1 32) ) ) ) -(get-value ( (select makeSymbolic2 (_ bv2 32) ) ) ) -(get-value ( (select makeSymbolic2 (_ bv3 32) ) ) ) +(get-value ( (select makeSymbolic1 (_ bv0 32) ) ) ) +(get-value ( (select makeSymbolic1 (_ bv1 32) ) ) ) +(get-value ( (select makeSymbolic1 (_ bv2 32) ) ) ) +(get-value ( (select makeSymbolic1 (_ bv3 32) ) ) ) (exit) ;SMTLIBv2 Query 75 (set-option :produce-models true) (set-logic QF_AUFBV ) +(declare-fun constant2 () (Array (_ BitVec 32) (_ BitVec 8) ) ) (declare-fun makeSymbolic0 () (Array (_ BitVec 32) (_ BitVec 8) ) ) -(declare-fun makeSymbolic2 () (Array (_ BitVec 32) (_ BitVec 8) ) ) -(declare-fun constant4 () (Array (_ BitVec 32) (_ BitVec 8) ) ) -(assert (= (select constant4 (_ bv0 32) ) (_ bv12 8) ) ) -(assert (= (select constant4 (_ bv1 32) ) (_ bv0 8) ) ) -(assert (= (select constant4 (_ bv2 32) ) (_ bv0 8) ) ) -(assert (= (select constant4 (_ bv3 32) ) (_ bv0 8) ) ) -(assert (= (select constant4 (_ bv4 32) ) (_ bv13 8) ) ) -(assert (= (select constant4 (_ bv5 32) ) (_ bv0 8) ) ) -(assert (= (select constant4 (_ bv6 32) ) (_ bv0 8) ) ) -(assert (= (select constant4 (_ bv7 32) ) (_ bv0 8) ) ) -(assert (= (select constant4 (_ bv8 32) ) (_ bv14 8) ) ) -(assert (= (select constant4 (_ bv9 32) ) (_ bv0 8) ) ) -(assert (= (select constant4 (_ bv10 32) ) (_ bv0 8) ) ) -(assert (= (select constant4 (_ bv11 32) ) (_ bv0 8) ) ) -(assert (= (select constant4 (_ bv12 32) ) (_ bv15 8) ) ) -(assert (= (select constant4 (_ bv13 32) ) (_ bv0 8) ) ) -(assert (= (select constant4 (_ bv14 32) ) (_ bv0 8) ) ) -(assert (= (select constant4 (_ bv15 32) ) (_ bv0 8) ) ) -(assert (and (not (= false (= (concat (select makeSymbolic2 (_ bv3 32) ) (concat (select makeSymbolic2 (_ bv2 32) ) (concat (select makeSymbolic2 (_ bv1 32) ) (select makeSymbolic2 (_ bv0 32) ) ) ) ) (concat (select constant4 (bvadd (_ bv3 32) ((_ extract 31 0) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) ) ) (concat (select constant4 (bvadd (_ bv2 32) ((_ extract 31 0) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) ) ) (concat (select constant4 (bvadd (_ bv1 32) ((_ extract 31 0) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) ) ) (select constant4 ((_ extract 31 0) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) ) ) ) ) ) ) ) (bvult (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) (_ bv13 64) ) ) ) +(declare-fun makeSymbolic1 () (Array (_ BitVec 32) (_ BitVec 8) ) ) +(assert (= (select constant2 (_ bv0 32) ) (_ bv12 8) ) ) +(assert (= (select constant2 (_ bv1 32) ) (_ bv0 8) ) ) +(assert (= (select constant2 (_ bv2 32) ) (_ bv0 8) ) ) +(assert (= (select constant2 (_ bv3 32) ) (_ bv0 8) ) ) +(assert (= (select constant2 (_ bv4 32) ) (_ bv13 8) ) ) +(assert (= (select constant2 (_ bv5 32) ) (_ bv0 8) ) ) +(assert (= (select constant2 (_ bv6 32) ) (_ bv0 8) ) ) +(assert (= (select constant2 (_ bv7 32) ) (_ bv0 8) ) ) +(assert (= (select constant2 (_ bv8 32) ) (_ bv14 8) ) ) +(assert (= (select constant2 (_ bv9 32) ) (_ bv0 8) ) ) +(assert (= (select constant2 (_ bv10 32) ) (_ bv0 8) ) ) +(assert (= (select constant2 (_ bv11 32) ) (_ bv0 8) ) ) +(assert (= (select constant2 (_ bv12 32) ) (_ bv15 8) ) ) +(assert (= (select constant2 (_ bv13 32) ) (_ bv0 8) ) ) +(assert (= (select constant2 (_ bv14 32) ) (_ bv0 8) ) ) +(assert (= (select constant2 (_ bv15 32) ) (_ bv0 8) ) ) +(assert (and (not (= false (= (concat (select makeSymbolic1 (_ bv3 32) ) (concat (select makeSymbolic1 (_ bv2 32) ) (concat (select makeSymbolic1 (_ bv1 32) ) (select makeSymbolic1 (_ bv0 32) ) ) ) ) (concat (select constant2 (bvadd (_ bv3 32) ((_ extract 31 0) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) ) ) (concat (select constant2 (bvadd (_ bv2 32) ((_ extract 31 0) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) ) ) (concat (select constant2 (bvadd (_ bv1 32) ((_ extract 31 0) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) ) ) (select constant2 ((_ extract 31 0) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) ) ) ) ) ) ) ) (bvult (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) (_ bv13 64) ) ) ) (check-sat) -(get-value ( (select makeSymbolic2 (_ bv0 32) ) ) ) -(get-value ( (select makeSymbolic2 (_ bv1 32) ) ) ) -(get-value ( (select makeSymbolic2 (_ bv2 32) ) ) ) -(get-value ( (select makeSymbolic2 (_ bv3 32) ) ) ) +(get-value ( (select makeSymbolic1 (_ bv0 32) ) ) ) +(get-value ( (select makeSymbolic1 (_ bv1 32) ) ) ) +(get-value ( (select makeSymbolic1 (_ bv2 32) ) ) ) +(get-value ( (select makeSymbolic1 (_ bv3 32) ) ) ) (get-value ( (select makeSymbolic0 (_ bv0 32) ) ) ) (get-value ( (select makeSymbolic0 (_ bv1 32) ) ) ) (get-value ( (select makeSymbolic0 (_ bv2 32) ) ) ) @@ -954,53 +954,53 @@ ;SMTLIBv2 Query 76 (set-option :produce-models true) (set-logic QF_AUFBV ) +(declare-fun constant1 () (Array (_ BitVec 32) (_ BitVec 8) ) ) (declare-fun makeSymbolic0 () (Array (_ BitVec 32) (_ BitVec 8) ) ) -(declare-fun makeSymbolic2 () (Array (_ BitVec 32) (_ BitVec 8) ) ) -(declare-fun constant5 () (Array (_ BitVec 32) (_ BitVec 8) ) ) -(assert (= (select constant5 (_ bv0 32) ) (_ bv171 8) ) ) -(assert (= (select constant5 (_ bv1 32) ) (_ bv171 8) ) ) -(assert (= (select constant5 (_ bv2 32) ) (_ bv171 8) ) ) -(assert (= (select constant5 (_ bv3 32) ) (_ bv171 8) ) ) -(assert (and (and (and (and (not (= false (= (concat (select makeSymbolic2 (_ bv3 32) ) (concat (select makeSymbolic2 (_ bv2 32) ) (concat (select makeSymbolic2 (_ bv1 32) ) (select makeSymbolic2 (_ bv0 32) ) ) ) ) (concat (select constant5 (bvadd (_ bv3 32) ((_ extract 31 0) (bvadd (_ bv111120 64) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) ) ) ) (concat (select constant5 (bvadd (_ bv2 32) ((_ extract 31 0) (bvadd (_ bv111120 64) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) ) ) ) (concat (select constant5 (bvadd (_ bv1 32) ((_ extract 31 0) (bvadd (_ bv111120 64) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) ) ) ) (select constant5 ((_ extract 31 0) (bvadd (_ bv111120 64) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) (= false (bvult (bvadd (_ bv31760 64) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) (_ bv13 64) ) ) ) (= false (bvult (bvadd (_ bv31312 64) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) (_ bv1 64) ) ) ) (= false (bvult (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) (_ bv13 64) ) ) ) (bvult (bvadd (_ bv111120 64) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) (_ bv1 64) ) ) ) +(declare-fun makeSymbolic1 () (Array (_ BitVec 32) (_ BitVec 8) ) ) +(assert (= (select constant1 (_ bv0 32) ) (_ bv171 8) ) ) +(assert (= (select constant1 (_ bv1 32) ) (_ bv171 8) ) ) +(assert (= (select constant1 (_ bv2 32) ) (_ bv171 8) ) ) +(assert (= (select constant1 (_ bv3 32) ) (_ bv171 8) ) ) +(assert (and (and (and (and (not (= false (= (concat (select makeSymbolic1 (_ bv3 32) ) (concat (select makeSymbolic1 (_ bv2 32) ) (concat (select makeSymbolic1 (_ bv1 32) ) (select makeSymbolic1 (_ bv0 32) ) ) ) ) (concat (select constant1 (bvadd (_ bv3 32) ((_ extract 31 0) (bvadd (_ bv111120 64) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) ) ) ) (concat (select constant1 (bvadd (_ bv2 32) ((_ extract 31 0) (bvadd (_ bv111120 64) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) ) ) ) (concat (select constant1 (bvadd (_ bv1 32) ((_ extract 31 0) (bvadd (_ bv111120 64) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) ) ) ) (select constant1 ((_ extract 31 0) (bvadd (_ bv111120 64) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) (= false (bvult (bvadd (_ bv31760 64) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) (_ bv13 64) ) ) ) (= false (bvult (bvadd (_ bv31312 64) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) (_ bv1 64) ) ) ) (= false (bvult (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) (_ bv13 64) ) ) ) (bvult (bvadd (_ bv111120 64) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) (_ bv1 64) ) ) ) (check-sat) (get-value ( (select makeSymbolic0 (_ bv0 32) ) ) ) (get-value ( (select makeSymbolic0 (_ bv1 32) ) ) ) (get-value ( (select makeSymbolic0 (_ bv2 32) ) ) ) (get-value ( (select makeSymbolic0 (_ bv3 32) ) ) ) -(get-value ( (select makeSymbolic2 (_ bv0 32) ) ) ) -(get-value ( (select makeSymbolic2 (_ bv1 32) ) ) ) -(get-value ( (select makeSymbolic2 (_ bv2 32) ) ) ) -(get-value ( (select makeSymbolic2 (_ bv3 32) ) ) ) +(get-value ( (select makeSymbolic1 (_ bv0 32) ) ) ) +(get-value ( (select makeSymbolic1 (_ bv1 32) ) ) ) +(get-value ( (select makeSymbolic1 (_ bv2 32) ) ) ) +(get-value ( (select makeSymbolic1 (_ bv3 32) ) ) ) (exit) ;SMTLIBv2 Query 77 (set-option :produce-models true) (set-logic QF_AUFBV ) +(declare-fun constant2 () (Array (_ BitVec 32) (_ BitVec 8) ) ) (declare-fun makeSymbolic0 () (Array (_ BitVec 32) (_ BitVec 8) ) ) -(declare-fun makeSymbolic2 () (Array (_ BitVec 32) (_ BitVec 8) ) ) -(declare-fun constant6 () (Array (_ BitVec 32) (_ BitVec 8) ) ) -(assert (= (select constant6 (_ bv0 32) ) (_ bv12 8) ) ) -(assert (= (select constant6 (_ bv1 32) ) (_ bv0 8) ) ) -(assert (= (select constant6 (_ bv2 32) ) (_ bv0 8) ) ) -(assert (= (select constant6 (_ bv3 32) ) (_ bv0 8) ) ) -(assert (= (select constant6 (_ bv4 32) ) (_ bv13 8) ) ) -(assert (= (select constant6 (_ bv5 32) ) (_ bv0 8) ) ) -(assert (= (select constant6 (_ bv6 32) ) (_ bv0 8) ) ) -(assert (= (select constant6 (_ bv7 32) ) (_ bv0 8) ) ) -(assert (= (select constant6 (_ bv8 32) ) (_ bv14 8) ) ) -(assert (= (select constant6 (_ bv9 32) ) (_ bv0 8) ) ) -(assert (= (select constant6 (_ bv10 32) ) (_ bv0 8) ) ) -(assert (= (select constant6 (_ bv11 32) ) (_ bv0 8) ) ) -(assert (= (select constant6 (_ bv12 32) ) (_ bv15 8) ) ) -(assert (= (select constant6 (_ bv13 32) ) (_ bv0 8) ) ) -(assert (= (select constant6 (_ bv14 32) ) (_ bv0 8) ) ) -(assert (= (select constant6 (_ bv15 32) ) (_ bv0 8) ) ) -(assert (and (and (and (not (= false (= (concat (select makeSymbolic2 (_ bv3 32) ) (concat (select makeSymbolic2 (_ bv2 32) ) (concat (select makeSymbolic2 (_ bv1 32) ) (select makeSymbolic2 (_ bv0 32) ) ) ) ) (concat (select constant6 (bvadd (_ bv3 32) ((_ extract 31 0) (bvadd (_ bv31760 64) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) ) ) ) (concat (select constant6 (bvadd (_ bv2 32) ((_ extract 31 0) (bvadd (_ bv31760 64) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) ) ) ) (concat (select constant6 (bvadd (_ bv1 32) ((_ extract 31 0) (bvadd (_ bv31760 64) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) ) ) ) (select constant6 ((_ extract 31 0) (bvadd (_ bv31760 64) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) (= false (bvult (bvadd (_ bv31312 64) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) (_ bv1 64) ) ) ) (= false (bvult (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) (_ bv13 64) ) ) ) (bvult (bvadd (_ bv31760 64) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) (_ bv13 64) ) ) ) +(declare-fun makeSymbolic1 () (Array (_ BitVec 32) (_ BitVec 8) ) ) +(assert (= (select constant2 (_ bv0 32) ) (_ bv12 8) ) ) +(assert (= (select constant2 (_ bv1 32) ) (_ bv0 8) ) ) +(assert (= (select constant2 (_ bv2 32) ) (_ bv0 8) ) ) +(assert (= (select constant2 (_ bv3 32) ) (_ bv0 8) ) ) +(assert (= (select constant2 (_ bv4 32) ) (_ bv13 8) ) ) +(assert (= (select constant2 (_ bv5 32) ) (_ bv0 8) ) ) +(assert (= (select constant2 (_ bv6 32) ) (_ bv0 8) ) ) +(assert (= (select constant2 (_ bv7 32) ) (_ bv0 8) ) ) +(assert (= (select constant2 (_ bv8 32) ) (_ bv14 8) ) ) +(assert (= (select constant2 (_ bv9 32) ) (_ bv0 8) ) ) +(assert (= (select constant2 (_ bv10 32) ) (_ bv0 8) ) ) +(assert (= (select constant2 (_ bv11 32) ) (_ bv0 8) ) ) +(assert (= (select constant2 (_ bv12 32) ) (_ bv15 8) ) ) +(assert (= (select constant2 (_ bv13 32) ) (_ bv0 8) ) ) +(assert (= (select constant2 (_ bv14 32) ) (_ bv0 8) ) ) +(assert (= (select constant2 (_ bv15 32) ) (_ bv0 8) ) ) +(assert (and (and (and (not (= false (= (concat (select makeSymbolic1 (_ bv3 32) ) (concat (select makeSymbolic1 (_ bv2 32) ) (concat (select makeSymbolic1 (_ bv1 32) ) (select makeSymbolic1 (_ bv0 32) ) ) ) ) (concat (select constant2 (bvadd (_ bv3 32) ((_ extract 31 0) (bvadd (_ bv31760 64) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) ) ) ) (concat (select constant2 (bvadd (_ bv2 32) ((_ extract 31 0) (bvadd (_ bv31760 64) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) ) ) ) (concat (select constant2 (bvadd (_ bv1 32) ((_ extract 31 0) (bvadd (_ bv31760 64) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) ) ) ) (select constant2 ((_ extract 31 0) (bvadd (_ bv31760 64) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) (= false (bvult (bvadd (_ bv31312 64) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) (_ bv1 64) ) ) ) (= false (bvult (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) (_ bv13 64) ) ) ) (bvult (bvadd (_ bv31760 64) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) (_ bv13 64) ) ) ) (check-sat) -(get-value ( (select makeSymbolic2 (_ bv0 32) ) ) ) -(get-value ( (select makeSymbolic2 (_ bv1 32) ) ) ) -(get-value ( (select makeSymbolic2 (_ bv2 32) ) ) ) -(get-value ( (select makeSymbolic2 (_ bv3 32) ) ) ) +(get-value ( (select makeSymbolic1 (_ bv0 32) ) ) ) +(get-value ( (select makeSymbolic1 (_ bv1 32) ) ) ) +(get-value ( (select makeSymbolic1 (_ bv2 32) ) ) ) +(get-value ( (select makeSymbolic1 (_ bv3 32) ) ) ) (get-value ( (select makeSymbolic0 (_ bv0 32) ) ) ) (get-value ( (select makeSymbolic0 (_ bv1 32) ) ) ) (get-value ( (select makeSymbolic0 (_ bv2 32) ) ) ) @@ -1011,15 +1011,15 @@ (set-option :produce-models true) (set-logic QF_AUFBV ) (declare-fun makeSymbolic0 () (Array (_ BitVec 32) (_ BitVec 8) ) ) -(declare-fun makeSymbolic2 () (Array (_ BitVec 32) (_ BitVec 8) ) ) -(assert (and (and (and (and (and (and (and (not (= false (= (concat (select makeSymbolic2 (_ bv3 32) ) (concat (select makeSymbolic2 (_ bv2 32) ) (concat (select makeSymbolic2 (_ bv1 32) ) (select makeSymbolic2 (_ bv0 32) ) ) ) ) (concat (select makeSymbolic0 (bvadd (_ bv3 32) ((_ extract 31 0) (bvadd (_ bv18446744073709532800 64) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) ) ) ) (concat (select makeSymbolic0 (bvadd (_ bv2 32) ((_ extract 31 0) (bvadd (_ bv18446744073709532800 64) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) ) ) ) (concat (select makeSymbolic0 (bvadd (_ bv1 32) ((_ extract 31 0) (bvadd (_ bv18446744073709532800 64) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) ) ) ) (select makeSymbolic0 ((_ extract 31 0) (bvadd (_ bv18446744073709532800 64) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) (= false (bvult (bvadd (_ bv31760 64) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) (_ bv13 64) ) ) ) (= false (bvult (bvadd (_ bv31312 64) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) (_ bv1 64) ) ) ) (= false (bvult (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) (_ bv13 64) ) ) ) (= false (bvult (bvadd (_ bv18446744073709533360 64) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) (_ bv1 64) ) ) ) (= false (bvult (bvadd (_ bv18446744073709533328 64) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) (_ bv1 64) ) ) ) (= false (bvult (bvadd (_ bv111120 64) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) (_ bv1 64) ) ) ) (bvult (bvadd (_ bv18446744073709532800 64) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) (_ bv1 64) ) ) ) +(declare-fun makeSymbolic1 () (Array (_ BitVec 32) (_ BitVec 8) ) ) +(assert (and (and (and (and (and (and (and (not (= false (= (concat (select makeSymbolic1 (_ bv3 32) ) (concat (select makeSymbolic1 (_ bv2 32) ) (concat (select makeSymbolic1 (_ bv1 32) ) (select makeSymbolic1 (_ bv0 32) ) ) ) ) (concat (select makeSymbolic0 (bvadd (_ bv3 32) ((_ extract 31 0) (bvadd (_ bv18446744073709532800 64) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) ) ) ) (concat (select makeSymbolic0 (bvadd (_ bv2 32) ((_ extract 31 0) (bvadd (_ bv18446744073709532800 64) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) ) ) ) (concat (select makeSymbolic0 (bvadd (_ bv1 32) ((_ extract 31 0) (bvadd (_ bv18446744073709532800 64) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) ) ) ) (select makeSymbolic0 ((_ extract 31 0) (bvadd (_ bv18446744073709532800 64) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) (= false (bvult (bvadd (_ bv31760 64) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) (_ bv13 64) ) ) ) (= false (bvult (bvadd (_ bv31312 64) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) (_ bv1 64) ) ) ) (= false (bvult (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) (_ bv13 64) ) ) ) (= false (bvult (bvadd (_ bv18446744073709533360 64) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) (_ bv1 64) ) ) ) (= false (bvult (bvadd (_ bv18446744073709533328 64) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) (_ bv1 64) ) ) ) (= false (bvult (bvadd (_ bv111120 64) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) (_ bv1 64) ) ) ) (bvult (bvadd (_ bv18446744073709532800 64) (bvmul (_ bv4 64) ((_ sign_extend 32) (concat (select makeSymbolic0 (_ bv3 32) ) (concat (select makeSymbolic0 (_ bv2 32) ) (concat (select makeSymbolic0 (_ bv1 32) ) (select makeSymbolic0 (_ bv0 32) ) ) ) ) ) ) ) (_ bv1 64) ) ) ) (check-sat) (get-value ( (select makeSymbolic0 (_ bv0 32) ) ) ) (get-value ( (select makeSymbolic0 (_ bv1 32) ) ) ) (get-value ( (select makeSymbolic0 (_ bv2 32) ) ) ) (get-value ( (select makeSymbolic0 (_ bv3 32) ) ) ) -(get-value ( (select makeSymbolic2 (_ bv0 32) ) ) ) -(get-value ( (select makeSymbolic2 (_ bv1 32) ) ) ) -(get-value ( (select makeSymbolic2 (_ bv2 32) ) ) ) -(get-value ( (select makeSymbolic2 (_ bv3 32) ) ) ) +(get-value ( (select makeSymbolic1 (_ bv0 32) ) ) ) +(get-value ( (select makeSymbolic1 (_ bv1 32) ) ) ) +(get-value ( (select makeSymbolic1 (_ bv2 32) ) ) ) +(get-value ( (select makeSymbolic1 (_ bv3 32) ) ) ) (exit) diff --git a/test/Feature/MemoryLimit.c b/test/Feature/MemoryLimit.c index 330b2547ea..a24a16993e 100644 --- a/test/Feature/MemoryLimit.c +++ b/test/Feature/MemoryLimit.c @@ -44,7 +44,7 @@ int main() { malloc_failed |= (p == 0); // Ensure we hit the periodic check // Use the pointer to be not optimized out by the compiler - for (j = 0; j < 10000; j++) + for (j = 0; j < 100; j++) x += (long)p; } #endif diff --git a/test/Feature/SymbolicSizes/FirstAndLastElements.c b/test/Feature/SymbolicSizes/FirstAndLastElements.c index da74d0569b..10ba4c5784 100644 --- a/test/Feature/SymbolicSizes/FirstAndLastElements.c +++ b/test/Feature/SymbolicSizes/FirstAndLastElements.c @@ -1,7 +1,6 @@ -// REQUIRES: z3 // RUN: %clang %s -g -emit-llvm %O0opt -c -o %t1.bc // RUN: rm -rf %t.klee-out -// RUN: %klee --output-dir=%t.klee-out --solver-backend=z3 --check-out-of-memory --use-sym-size-alloc --use-merged-pointer-dereference=true %t1.bc 2>&1 | FileCheck %s +// RUN: %klee --output-dir=%t.klee-out --check-out-of-memory --use-sym-size-alloc --use-merged-pointer-dereference=true %t1.bc 2>&1 | FileCheck %s #include "klee/klee.h" #include diff --git a/test/Feature/SymbolicSizes/ImplicitArrayExtension.c b/test/Feature/SymbolicSizes/ImplicitArrayExtension.c index 604d137360..273334c84f 100644 --- a/test/Feature/SymbolicSizes/ImplicitArrayExtension.c +++ b/test/Feature/SymbolicSizes/ImplicitArrayExtension.c @@ -1,7 +1,6 @@ -// REQUIRES: z3 // RUN: %clang %s -g -emit-llvm %O0opt -c -o %t1.bc // RUN: rm -rf %t.klee-out -// RUN: %klee --output-dir=%t.klee-out --check-out-of-memory --use-sym-size-alloc --solver-backend=z3 %t1.bc 2>&1 | FileCheck %s +// RUN: %klee --output-dir=%t.klee-out --check-out-of-memory --use-sym-size-alloc %t1.bc 2>&1 | FileCheck %s #include "klee/klee.h" #include diff --git a/test/Feature/SymbolicSizes/ImplicitSizeConcretization.c b/test/Feature/SymbolicSizes/ImplicitSizeConcretization.c index 0ca567204c..6b4e09d0ee 100644 --- a/test/Feature/SymbolicSizes/ImplicitSizeConcretization.c +++ b/test/Feature/SymbolicSizes/ImplicitSizeConcretization.c @@ -1,4 +1,3 @@ -// REQUIRES: z3 // RUN: %clang %s -g -emit-llvm %O0opt -c -o %t1.bc // RUN: rm -rf %t.klee-out // RUN: %klee --output-dir=%t.klee-out --check-out-of-memory --use-sym-size-alloc --use-merged-pointer-dereference=true %t1.bc 2>&1 | FileCheck %s diff --git a/test/Feature/SymbolicSizes/IntArray.c b/test/Feature/SymbolicSizes/IntArray.c index e820df0a04..ddad754c44 100644 --- a/test/Feature/SymbolicSizes/IntArray.c +++ b/test/Feature/SymbolicSizes/IntArray.c @@ -1,7 +1,7 @@ -// REQUIRES: z3 +// REQUIRES: not-metasmt // RUN: %clang %s -g -emit-llvm %O0opt -c -o %t1.bc // RUN: rm -rf %t.klee-out -// RUN: %klee --output-dir=%t.klee-out --solver-backend=z3 --use-sym-size-alloc --use-sym-size-li --min-number-elements-li=1 --skip-not-lazy-initialized %t1.bc 2>&1 | FileCheck %s +// RUN: %klee --output-dir=%t.klee-out --use-sym-size-alloc --use-sym-size-li --min-number-elements-li=1 --skip-not-lazy-initialized %t1.bc 2>&1 | FileCheck %s #include "klee/klee.h" #include diff --git a/test/Feature/SymbolicSizes/LazyInstantiationOfSymbolicSize.c b/test/Feature/SymbolicSizes/LazyInstantiationOfSymbolicSize.c index 51ad20892e..be244f9ae0 100644 --- a/test/Feature/SymbolicSizes/LazyInstantiationOfSymbolicSize.c +++ b/test/Feature/SymbolicSizes/LazyInstantiationOfSymbolicSize.c @@ -1,7 +1,6 @@ -// REQUIRES: z3 // RUN: %clang %s -g -emit-llvm %O0opt -c -o %t1.bc // RUN: rm -rf %t.klee-out -// RUN: %klee --output-dir=%t.klee-out --solver-backend=z3 --use-sym-size-alloc --use-sym-size-li --min-number-elements-li=1 --skip-not-lazy-initialized %t1.bc 2>&1 | FileCheck %s +// RUN: %klee --output-dir=%t.klee-out --use-sym-size-alloc --use-sym-size-li --min-number-elements-li=1 --skip-not-lazy-initialized %t1.bc 2>&1 | FileCheck %s #include "klee/klee.h" #include diff --git a/test/Feature/SymbolicSizes/LowerOutOfBound.c b/test/Feature/SymbolicSizes/LowerOutOfBound.c index 0a97e5c63a..41064df671 100644 --- a/test/Feature/SymbolicSizes/LowerOutOfBound.c +++ b/test/Feature/SymbolicSizes/LowerOutOfBound.c @@ -1,7 +1,6 @@ -// REQUIRES: z3 // RUN: %clang %s -g -emit-llvm %O0opt -c -o %t1.bc // RUN: rm -rf %t.klee-out -// RUN: %klee --output-dir=%t.klee-out --solver-backend=z3 --use-sym-size-alloc %t1.bc 2>&1 | FileCheck %s +// RUN: %klee --output-dir=%t.klee-out --use-sym-size-alloc %t1.bc 2>&1 | FileCheck %s #include "klee/klee.h" #include diff --git a/test/Feature/SymbolicSizes/MinimizeSize.c b/test/Feature/SymbolicSizes/MinimizeSize.c index 5da9f65c0f..c767ff6a97 100644 --- a/test/Feature/SymbolicSizes/MinimizeSize.c +++ b/test/Feature/SymbolicSizes/MinimizeSize.c @@ -1,7 +1,6 @@ -// REQUIRES: z3 // RUN: %clang %s -g -emit-llvm %O0opt -c -o %t1.bc // RUN: rm -rf %t.klee-out -// RUN: %klee --output-dir=%t.klee-out --check-out-of-memory --solver-backend=z3 --use-sym-size-alloc --use-merged-pointer-dereference=true %t1.bc 2>&1 | FileCheck %s +// RUN: %klee --output-dir=%t.klee-out --check-out-of-memory --use-sym-size-alloc --use-merged-pointer-dereference=true %t1.bc 2>&1 | FileCheck %s #include "klee/klee.h" #include diff --git a/test/Feature/SymbolicSizes/MultipleAllocations.c b/test/Feature/SymbolicSizes/MultipleAllocations.c index 4ef3193a47..d953192616 100644 --- a/test/Feature/SymbolicSizes/MultipleAllocations.c +++ b/test/Feature/SymbolicSizes/MultipleAllocations.c @@ -1,7 +1,6 @@ -// REQUIRES: z3 // RUN: %clang %s -g -emit-llvm %O0opt -c -o %t1.bc // RUN: rm -rf %t.klee-out -// RUN: %klee --output-dir=%t.klee-out --check-out-of-memory --use-sym-size-alloc --solver-backend=z3 %t1.bc 2>&1 | FileCheck %s +// RUN: %klee --output-dir=%t.klee-out --check-out-of-memory --use-sym-size-alloc %t1.bc 2>&1 | FileCheck %s #include "klee/klee.h" #include diff --git a/test/Feature/SymbolicSizes/NegativeIndexArray.c b/test/Feature/SymbolicSizes/NegativeIndexArray.c index 2d4e0a6368..6f5f7e904e 100644 --- a/test/Feature/SymbolicSizes/NegativeIndexArray.c +++ b/test/Feature/SymbolicSizes/NegativeIndexArray.c @@ -1,7 +1,6 @@ -// REQUIRES: z3 // RUN: %clang %s -g -emit-llvm %O0opt -c -o %t1.bc // RUN: rm -rf %t.klee-out -// RUN: %klee --output-dir=%t.klee-out --solver-backend=z3 --check-out-of-memory --use-sym-size-alloc --use-merged-pointer-dereference=true %t1.bc 2>&1 | FileCheck %s +// RUN: %klee --output-dir=%t.klee-out --check-out-of-memory --use-sym-size-alloc --use-merged-pointer-dereference=true %t1.bc 2>&1 | FileCheck %s #include "klee/klee.h" #include "stdlib.h" diff --git a/test/Feature/SymbolicSizes/NegativeSize.c b/test/Feature/SymbolicSizes/NegativeSize.c index 72c0b9c4c7..c7f59e8b49 100644 --- a/test/Feature/SymbolicSizes/NegativeSize.c +++ b/test/Feature/SymbolicSizes/NegativeSize.c @@ -1,7 +1,6 @@ -// REQUIRES: z3 // RUN: %clang %s -g -emit-llvm %O0opt -c -o %t1.bc // RUN: rm -rf %t.klee-out -// RUN: %klee --output-dir=%t.klee-out --check-out-of-memory --use-sym-size-alloc --solver-backend=z3 %t1.bc 2>&1 | FileCheck %s +// RUN: %klee --output-dir=%t.klee-out --check-out-of-memory --use-sym-size-alloc %t1.bc 2>&1 | FileCheck %s #include "klee/klee.h" #include @@ -22,7 +21,7 @@ int main() { s1[1] = 10; // n == -2 // CHECK: NegativeSize.c:[[@LINE+1]]: memory error: out of bound pointer s2[2] = 20; // m == 3 - // CHECK: NegativeSize.c:[[@LINE+1]]: ASSERTION FAIL: 0 + // CHECK: NegativeSize.c:[[@LINE+1]]: ASSERTION FAIL assert(0); } } diff --git a/test/Feature/SymbolicSizes/RecomputeModelTwoArrays.c b/test/Feature/SymbolicSizes/RecomputeModelTwoArrays.c index 7d3bab5940..885cc518dc 100644 --- a/test/Feature/SymbolicSizes/RecomputeModelTwoArrays.c +++ b/test/Feature/SymbolicSizes/RecomputeModelTwoArrays.c @@ -1,7 +1,6 @@ -// REQUIRES: z3 // RUN: %clang %s -g -emit-llvm %O0opt -c -o %t1.bc // RUN: rm -rf %t.klee-out -// RUN: %klee --output-dir=%t.klee-out --check-out-of-memory --use-sym-size-alloc --solver-backend=z3 --use-merged-pointer-dereference=true %t1.bc 2>&1 | FileCheck %s +// RUN: %klee --output-dir=%t.klee-out --check-out-of-memory --use-sym-size-alloc --use-merged-pointer-dereference=true %t1.bc 2>&1 | FileCheck %s #include "klee/klee.h" #include diff --git a/test/Feature/SymbolicSizes/SegmentComparator.c b/test/Feature/SymbolicSizes/SegmentComparator.c index 3a7f16db76..614610b76a 100644 --- a/test/Feature/SymbolicSizes/SegmentComparator.c +++ b/test/Feature/SymbolicSizes/SegmentComparator.c @@ -1,7 +1,6 @@ -// REQUIRES: z3 // RUN: %clang %s -g -emit-llvm %O0opt -c -o %t1.bc // RUN: rm -rf %t.klee-out -// RUN: %klee --output-dir=%t.klee-out --solver-backend=z3 --use-sym-size-alloc --skip-not-lazy-initialized %t1.bc 2>&1 | FileCheck %s +// RUN: %klee --output-dir=%t.klee-out --use-sym-size-alloc --skip-not-lazy-initialized %t1.bc 2>&1 | FileCheck %s #include "klee/klee.h" #include diff --git a/test/Feature/SymbolicSizes/SymbolicArrayOnStack.c b/test/Feature/SymbolicSizes/SymbolicArrayOnStack.c index acf086a65f..daa6bec34f 100644 --- a/test/Feature/SymbolicSizes/SymbolicArrayOnStack.c +++ b/test/Feature/SymbolicSizes/SymbolicArrayOnStack.c @@ -1,7 +1,6 @@ -// REQUIRES: z3 // RUN: %clang %s -emit-llvm %O0opt -c -g -o %t.bc // RUN: rm -rf %t.klee-out -// RUN: %klee --output-dir=%t.klee-out --check-out-of-memory --solver-backend=z3 --use-sym-size-alloc --use-merged-pointer-dereference=true %t.bc 2>&1 | FileCheck %s +// RUN: %klee --output-dir=%t.klee-out --check-out-of-memory --use-sym-size-alloc --use-merged-pointer-dereference=true %t.bc 2>&1 | FileCheck %s #include "klee/klee.h" diff --git a/test/Feature/SymbolicSizes/SymbolicArrayOnStackWithSkipSymbolics.c b/test/Feature/SymbolicSizes/SymbolicArrayOnStackWithSkipSymbolics.c index dbb2331aac..725dc56785 100644 --- a/test/Feature/SymbolicSizes/SymbolicArrayOnStackWithSkipSymbolics.c +++ b/test/Feature/SymbolicSizes/SymbolicArrayOnStackWithSkipSymbolics.c @@ -1,7 +1,6 @@ -// REQUIRES: z3 // RUN: %clang %s -emit-llvm %O0opt -c -g -o %t.bc // RUN: rm -rf %t.klee-out -// RUN: %klee --output-dir=%t.klee-out --solver-backend=z3 --check-out-of-memory --use-sym-size-alloc --skip-not-symbolic-objects --use-merged-pointer-dereference=true %t.bc 2>&1 | FileCheck %s +// RUN: %klee --output-dir=%t.klee-out --check-out-of-memory --use-sym-size-alloc --skip-not-symbolic-objects --use-merged-pointer-dereference=true %t.bc 2>&1 | FileCheck %s #include "klee/klee.h" diff --git a/test/Feature/SymbolicSizes/UninitializedMemory.c b/test/Feature/SymbolicSizes/UninitializedMemory.c new file mode 100644 index 0000000000..f0501d3893 --- /dev/null +++ b/test/Feature/SymbolicSizes/UninitializedMemory.c @@ -0,0 +1,24 @@ +// RUN: %clang %s -emit-llvm %O0opt -c -g -o %t.bc +// RUN: rm -rf %t.klee-out +// RUN: %klee --output-dir=%t.klee-out --use-sym-size-alloc --skip-not-symbolic-objects --use-merged-pointer-dereference=true %t.bc 2>&1 | FileCheck %s +#include "klee/klee.h" + +#include +#include +#include + +int main() { + int n; + klee_make_symbolic(&n, sizeof(n), "n"); + + char *s = (char *)malloc(n); + s[2] = 10; + if (s[0] == 0) { + printf("1) 0\n"); + } else { + printf("1) not 0\n"); + } + + // CHECK-DAG: 1) 0 + // CHECK-DAG: 1) not 0 +} diff --git a/test/Feature/SymbolicSizes/VoidStar.c b/test/Feature/SymbolicSizes/VoidStar.c index 48924f7b69..8770065d7a 100644 --- a/test/Feature/SymbolicSizes/VoidStar.c +++ b/test/Feature/SymbolicSizes/VoidStar.c @@ -1,7 +1,6 @@ -// REQUIRES: z3 // RUN: %clang %s -g -emit-llvm %O0opt -c -o %t1.bc // RUN: rm -rf %t.klee-out -// RUN: %klee --output-dir=%t.klee-out --solver-backend=z3 --check-out-of-memory --use-sym-size-alloc --skip-not-lazy-initialized --use-merged-pointer-dereference=true %t1.bc 2>&1 | FileCheck %s +// RUN: %klee --output-dir=%t.klee-out --check-out-of-memory --use-sym-size-alloc --skip-not-lazy-initialized --use-merged-pointer-dereference=true %t1.bc 2>&1 | FileCheck %s #include "klee/klee.h" #include diff --git a/test/Feature/TwoUninitializedRegions.c b/test/Feature/TwoUninitializedRegions.c new file mode 100644 index 0000000000..a772e4d549 --- /dev/null +++ b/test/Feature/TwoUninitializedRegions.c @@ -0,0 +1,23 @@ +// RUN: %clang %s -emit-llvm %O0opt -c -g -o %t.bc +// RUN: rm -rf %t.klee-out +// RUN: %klee --output-dir=%t.klee-out %t.bc 2>&1 | FileCheck %s + +#include "klee/klee.h" + +#include +#include +#include + +int main() { + char arr1[3]; + char arr2[3]; + + if (arr1[0] == arr2[0]) { + printf("1) equal\n"); + } else { + printf("1) not equal\n"); + } + + // CHECK-DAG: 1) equal + // CHECK-DAG: 1) not equal +} diff --git a/test/Feature/UninitializedConstantMemory.c b/test/Feature/UninitializedConstantMemory.c new file mode 100644 index 0000000000..ee8eb5cc92 --- /dev/null +++ b/test/Feature/UninitializedConstantMemory.c @@ -0,0 +1,29 @@ +// RUN: %clang %s -emit-llvm %O0opt -c -g -o %t.bc +// RUN: rm -rf %t.klee-out +// RUN: %klee --output-dir=%t.klee-out %t.bc 2>&1 | FileCheck %s +#include "klee/klee.h" + +#include +#include +#include + +int main() { + char arr[3]; + + if (arr[0] == 0) { + printf("1) 0\n"); + } else { + printf("1) not 0\n"); + } + + char *zero_arr = (char *)calloc(3, sizeof(char)); + if (zero_arr[1] == 0) { + return 0; + } else { + // CHECK-NOT: ASSERTION FAIL + assert(0); + } + + // CHECK-DAG: 1) 0 + // CHECK-DAG: 1) not 0 +} diff --git a/test/Solver/2016-04-12-array-parsing-bug.kquery b/test/Solver/2016-04-12-array-parsing-bug.kquery index 044144ba6a..2fe11893e5 100644 --- a/test/Solver/2016-04-12-array-parsing-bug.kquery +++ b/test/Solver/2016-04-12-array-parsing-bug.kquery @@ -5,8 +5,8 @@ makeSymbolic0 : (array (w64 8) (makeSymbolic A_data 0)) makeSymbolic1 : (array (w64 144) (makeSymbolic A_data_stat 0)) makeSymbolic2 : (array (w64 3) (makeSymbolic arg0 0)) makeSymbolic3 : (array (w64 3) (makeSymbolic arg1 0)) -constant4 : (array (w64 768) (constant [0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 2 0 2 0 2 0 2 0 2 0 2 0 2 0 2 0 2 0 3 32 2 32 2 32 2 32 2 32 2 0 2 0 2 0 2 0 2 0 2 0 2 0 2 0 2 0 2 0 2 0 2 0 2 0 2 0 2 0 2 0 2 0 2 0 1 96 4 192 4 192 4 192 4 192 4 192 4 192 4 192 4 192 4 192 4 192 4 192 4 192 4 192 4 192 4 192 8 216 8 216 8 216 8 216 8 216 8 216 8 216 8 216 8 216 8 216 4 192 4 192 4 192 4 192 4 192 4 192 4 192 8 213 8 213 8 213 8 213 8 213 8 213 8 197 8 197 8 197 8 197 8 197 8 197 8 197 8 197 8 197 8 197 8 197 8 197 8 197 8 197 8 197 8 197 8 197 8 197 8 197 8 197 4 192 4 192 4 192 4 192 4 192 4 192 8 214 8 214 8 214 8 214 8 214 8 214 8 198 8 198 8 198 8 198 8 198 8 198 8 198 8 198 8 198 8 198 8 198 8 198 8 198 8 198 8 198 8 198 8 198 8 198 8 198 8 198 4 192 4 192 4 192 4 192 2 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0])) -constant5 : (array (w64 277) (constant [0 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 24 2 2 25 2 2 2 2 2 2 2 2 2 2 23 2 2 2 2 2 22 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21])) +constant4 : (array (w64 768) (constant [0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 2 0 2 0 2 0 2 0 2 0 2 0 2 0 2 0 2 0 3 32 2 32 2 32 2 32 2 32 2 0 2 0 2 0 2 0 2 0 2 0 2 0 2 0 2 0 2 0 2 0 2 0 2 0 2 0 2 0 2 0 2 0 2 0 1 96 4 192 4 192 4 192 4 192 4 192 4 192 4 192 4 192 4 192 4 192 4 192 4 192 4 192 4 192 4 192 8 216 8 216 8 216 8 216 8 216 8 216 8 216 8 216 8 216 8 216 4 192 4 192 4 192 4 192 4 192 4 192 4 192 8 213 8 213 8 213 8 213 8 213 8 213 8 197 8 197 8 197 8 197 8 197 8 197 8 197 8 197 8 197 8 197 8 197 8 197 8 197 8 197 8 197 8 197 8 197 8 197 8 197 8 197 4 192 4 192 4 192 4 192 4 192 4 192 8 214 8 214 8 214 8 214 8 214 8 214 8 198 8 198 8 198 8 198 8 198 8 198 8 198 8 198 8 198 8 198 8 198 8 198 8 198 8 198 8 198 8 198 8 198 8 198 8 198 8 198 4 192 4 192 4 192 4 192 2 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0] default: 0)) +constant5 : (array (w64 277) (constant [0 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 24 2 2 25 2 2 2 2 2 2 2 2 2 2 23 2 2 2 2 2 22 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21] default: 0)) makeSymbolic6 : (array (w64 4) (makeSymbolic model_version 0)) makeSymbolic7 : (array (w64 4) (makeSymbolic n_args 0)) makeSymbolic8 : (array (w64 4) (makeSymbolic n_args_1 0)) diff --git a/test/Solver/Z3ConstantArray.c b/test/Solver/Z3ConstantArray.c index e0452e3106..419c67d124 100644 --- a/test/Solver/Z3ConstantArray.c +++ b/test/Solver/Z3ConstantArray.c @@ -9,14 +9,14 @@ #include "klee/klee.h" int main(int argc, char **argv) { - // CHECK-DAG: (assert (= (select constant11 #x00000000) #x67)) - // CHECK-DAG: (assert (= (select constant11 #x00000001) #x79)) - // CHECK-DAG: (assert (= (select constant11 #x00000002) #x7a)) - // CHECK-DAG: (assert (= (select constant11 #x00000003) #x00)) - // TEST-CASE-DAG: (assert (= (select constant1 (_ bv0 32) ) (_ bv103 8) ) ) - // TEST-CASE-DAG: (assert (= (select constant1 (_ bv1 32) ) (_ bv121 8) ) ) - // TEST-CASE-DAG: (assert (= (select constant1 (_ bv2 32) ) (_ bv122 8) ) ) - // TEST-CASE-DAG: (assert (= (select constant1 (_ bv3 32) ) (_ bv0 8) ) ) + // CHECK-DAG: (assert (= (select constant01 #x00000000) #x67)) + // CHECK-DAG: (assert (= (select constant01 #x00000001) #x79)) + // CHECK-DAG: (assert (= (select constant01 #x00000002) #x7a)) + // CHECK-DAG: (assert (= (select constant01 #x00000003) #x00)) + // TEST-CASE-DAG: (assert (= (select constant0 (_ bv0 32) ) (_ bv103 8) ) ) + // TEST-CASE-DAG: (assert (= (select constant0 (_ bv1 32) ) (_ bv121 8) ) ) + // TEST-CASE-DAG: (assert (= (select constant0 (_ bv2 32) ) (_ bv122 8) ) ) + // TEST-CASE-DAG: (assert (= (select constant0 (_ bv3 32) ) (_ bv0 8) ) ) char c[4] = {'g', 'y', 'z', '\0'}; unsigned i; klee_make_symbolic(&i, sizeof i, "i"); diff --git a/test/Solver/Z3LargeConstantArray.kquery b/test/Solver/Z3LargeConstantArray.kquery index d3ccf51e4a..898edd9e22 100644 --- a/test/Solver/Z3LargeConstantArray.kquery +++ b/test/Solver/Z3LargeConstantArray.kquery @@ -1,7 +1,7 @@ # REQUIRES: z3 # RUN: %kleaver --solver-backend=z3 -max-solver-time=20 -debug-z3-dump-queries=%t.smt2 %s &> /dev/null # RUN: grep '(assert (= (select constant0' %t.smt2 -c | grep 3770 -constant0 : (array (w64 3770) (constant [32 0 0 0 192 193 124 5 0 0 0 0 64 242 107 41 0 0 0 0 48 235 107 41 0 0 0 0 0 0 0 0 0 0 0 0 144 0 0 0 14 0 0 0 0 0 0 0 10 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 144 33 0 0 65 42 0 0 5 0 0 0 0 0 0 0 7 136 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 4 0 0 0 0 0 0 0 0 0 0 0 0 0 0 16 146 162 90 0 0 0 0 55 110 115 21 0 0 0 0 83 146 162 90 0 0 0 0 55 110 115 21 0 0 0 0 75 204 147 90 0 0 0 0 55 110 115 21 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 121 0 0 0 100 101 102 105 110 101 40 96 98 39 44 32 96 117 39 41 10 100 101 102 105 110 101 40 96 104 39 44 32 96 108 39 41 10 100 101 102 105 110 101 40 96 105 39 44 32 96 107 39 41 10 100 101 102 105 110 101 40 96 121 39 44 32 96 107 39 41 10 100 101 102 105 110 101 40 96 65 39 44 32 96 108 39 41 10 100 101 102 105 110 101 40 96 110 39 44 32 50 41 10 100 101 102 105 110 101 40 96 80 39 44 32 50 41 10 0 10 0 10 0 10 128 2 0 0 3 0 0 0 0 0 0 0 200 67 198 4 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 255 255 255 255 255 255 255 252 255 255 255 255 255 255 255 248 255 255 255 255 255 255 255 252 255 255 255 255 255 255 255 248 255 255 255 255 255 255 255 252 255 255 255 255 255 255 255 248 255 255 255 255 255 255 255 252 255 255 255 255 255 255 255 248 255 255 255 255 255 255 255 252 255 255 255 255 255 255 255 248 255 255 255 255 255 255 255 252 255 255 255 255 255 255 255 248 255 255 255 255 255 255 255 252 255 255 255 255 255 255 255 248 255 255 255 255 255 255 255 252 255 255 255 255 255 255 255 248 255 255 255 255 255 255 255 252 255 255 255 255 255 255 255 248 255 255 255 255 255 255 255 252 255 255 255 255 255 255 255 248 255 255 255 255 255 255 255 252 255 255 255 255 255 255 255 248 255 255 255 255 255 255 255 252 255 255 255 255 255 255 255 248 255 255 255 255 255 255 255 252 255 255 255 255 255 255 255 248 255 255 255 255 255 255 255 252 255 255 255 255 255 255 255 248 255 255 255 255 255 255 255 252 255 255 255 255 255 255 255 248 255 255 255 255 255 255 255 252 255 255 255 255 255 255 255 0 0 0 0 0 0 0 0 249 77 23 3 0 0 0 0 160 42 129 41 0 0 0 0 252 255 255 255 255 255 255 255 0 0 0 0 255 255 255 255 252 255 255 255 255 255 255 255 0 0 0 0 0 0 0 0 252 255 255 255 255 255 255 255 0 0 0 0 0 0 0 0 252 255 255 255 255 255 255 255 0 0 0 0 0 0 0 0 252 255 255 255 255 255 255 255 64 13 129 41 0 0 0 0 56 217 22 3 0 0 0 0 96 168 132 41 0 0 0 0 255 255 255 255 255 255 255 255 33 4 0 0 0 0 0 0 48 24 129 41 0 0 0 0 80 43 125 41 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 248 255 255 255 255 255 255 255 176 23 129 41 0 0 0 0 252 255 255 255 255 255 255 255 16 14 129 41 0 0 0 0 252 255 255 255 255 255 255 255 32 227 132 41 0 0 0 0 252 255 255 255 255 255 255 255 208 251 132 41 0 0 0 0 252 255 255 255 255 255 255 255 144 16 129 41 0 0 0 0 252 255 255 255 255 255 255 255 192 3 133 41 0 0 0 0 252 255 255 255 255 255 255 255 96 3 133 41 0 0 0 0 252 255 255 255 255 255 255 255 176 26 124 41 0 0 0 0 252 255 255 255 255 255 255 255 16 27 124 41 0 0 0 0 252 255 255 255 255 255 255 255 16 51 124 41 0 0 0 0 252 255 255 255 255 255 255 255 48 59 129 41 0 0 0 0 252 255 255 255 255 255 255 255 0 68 0 0 0 105 110 116 101 114 110 97 108 32 101 114 114 111 114 32 100 101 116 101 99 116 101 100 59 32 112 108 101 97 115 101 32 114 101 112 111 114 116 32 116 104 105 115 32 98 117 103 32 116 111 32 60 98 117 103 45 109 52 64 103 110 117 46 111 114 103 62 0 19 0 0 0 83 101 103 109 101 110 116 97 116 105 111 110 32 102 97 117 108 116 0 8 0 0 0 65 98 111 114 116 101 100 0 20 0 0 0 73 108 108 101 103 97 108 32 105 110 115 116 114 117 99 116 105 111 110 0 25 0 0 0 70 108 111 97 116 105 110 103 32 112 111 105 110 116 32 101 120 99 101 112 116 105 111 110 0 10 0 0 0 66 117 115 32 101 114 114 111 114 0 2 0 0 0 96 0 2 0 0 0 39 0 2 0 0 0 35 0 2 0 0 0 10 0 40 0 0 0 32 136 117 41 0 0 0 0 24 107 198 4 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 40 1 0 0 20 25 100 59 116 43 0 0 2 27 100 59 116 43 0 0 223 24 100 59 116 43 0 0 0 0 0 0 0 0 0 0 189 22 100 59 116 43 0 0 181 25 100 59 116 43 0 0 140 30 100 59 116 43 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 58 24 100 59 116 43 0 0 228 29 100 59 116 43 0 0 242 22 100 59 116 43 0 0 5 24 100 59 116 43 0 0 0 0 0 0 0 0 0 0 1 29 100 59 116 43 0 0 167 24 100 59 116 43 0 0 148 23 100 59 116 43 0 0 134 22 100 59 116 43 0 0 114 27 100 59 116 43 0 0 219 21 100 59 116 43 0 0 96 23 100 59 116 43 0 0 0 0 0 0 0 0 0 0 236 25 100 59 116 43 0 0 0 0 0 0 0 0 0 0 60 29 100 59 116 43 0 0 126 25 100 59 116 43 0 0 37 26 100 59 116 43 0 0 0 0 0 0 0 0 0 0 28 30 100 59 116 43 0 0 41 23 100 59 116 43 0 0 116 29 100 59 116 43 0 0 81 22 100 59 116 43 0 0 148 26 100 59 116 43 0 0 0 0 0 0 0 0 0 0 224 27 100 59 116 43 0 0 74 25 100 59 116 43 0 0 84 30 100 59 116 43 0 0 40 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 7 22 100 59 116 43 0 0 2 0 0 0 0 48 0 0 248 158 196 4 0 0 0 0 10 0 0 0 99 104 97 110 103 101 99 111 109 0 40 0 0 0 204 23 100 59 116 43 0 0 0 0 128 48 0 0 0 0 65 22 100 59 116 43 0 0 2 0 0 0 170 133 41 0 248 160 196 4 0 0 0 0 12 0 0 0 99 104 97 110 103 101 113 117 111 116 101 0 40 0 0 0 172 29 100 59 116 43 0 0 8 0 0 0 0 0 0 0 125 22 100 59 116 43 0 0 2 0 0 0 0 0 0 38 200 163 196 4 0 0 0 0 5 0 0 0 100 101 99 114 0 40 0 0 0 0 0 0 0 0 0 0 0 12 0 80 120 0 0 0 0 178 22 100 59 116 43 0 0 2 0 0 0 0 0 0 0 152 166 196 4 0 0 0 0 7 0 0 0 100 101 102 105 110 101 0 40 0 0 0 25 28 100 59 116 43 0 0 8 0 0 0 0 0 0 0 233 22 100 59 116 43 0 0 2 0 0 0 17 148 64 0 88 170 196 4 0 0 0 0 5 0 0 0 100 101 102 110 0 40 0 0 0 112 24 100 59 116 43 0 0 0 0 0 0 0 0 0 0 30 23 100 59 116 43 0 0 2 0 0 0 160 0 32 7 56 172 196 4 0 0 0 0 7 0 0 0 100 105 118 101 114 116 0 40 0 0 0 81 28 100 59 116 43 0 0 0 0 0 0 0 0 0 0 85 23 100 59 116 43 0 0 2 0 0 0 0 0 0 48 40 173 196 4 0 0 0 0 7 0 0 0 100 105 118 110 117 109 0 40 0 0 0 93 26 100 59 116 43 0 0 0 154 4 0 0 0 0 0 140 23 100 59 116 43 0 0 2 0 0 0 0 0 0 0 24 174 196 4 0 0 0 0 4 0 0 0 100 110 108 0 40 0 0 0 59 27 100 59 116 43 0 0 0 121 34 0 0 0 0 0 192 23 100 59 116 43 0 0 2 0 0 0 160 176 133 41 8 175 196 4 0 0 0 0 8 0 0 0 100 117 109 112 100 101 102 0 40 0 0 0 138 28 100 59 116 43 0 0 8 0 0 0 0 0 0 0 248 23 100 59 116 43 0 0 2 0 0 0 0 0 0 0 24 236 197 4 0 0 0 0 9 0 0 0 101 114 114 112 114 105 110 116 0 40 0 0 0 0 0 0 0 0 0 0 0 8 0 0 64 0 0 0 0 49 24 100 59 116 43 0 0 2 0 0 0 1 0 0 0 24 242 197 4 0 0 0 0 5 0 0 0 101 118 97 108 0 40 0 0 0 0 0 0 0 0 0 0 0 8 41 0 0 0 0 0 0 102 24 100 59 116 43 0 0 2 0 0 0 0 0 73 1 152 243 197 4 0 0 0 0 6 0 0 0 105 102 100 101 102 0 40 0 0 0 0 0 0 0 0 0 0 0 8 0 0 0 0 0 0 0 156 24 100 59 116 43 0 0 2 0 0 0 0 0 0 0 88 244 197 4 0 0 0 0 7 0 0 0 105 102 101 108 115 101 0 40 0 0 0 0 0 0 0 0 0 0 0 8 203 0 0 0 0 0 0 211 24 100 59 116 43 0 0 2 0 0 0 0 0 0 0 24 245 197 4 0 0 0 0 8 0 0 0 105 110 99 108 117 100 101 0 40 0 0 0 0 0 0 0 0 0 0 0 8 0 0 0 0 0 0 0 11 25 100 59 116 43 0 0 2 0 0 0 0 0 0 0 152 246 197 4 0 0 0 0 5 0 0 0 105 110 99 114 0 40 0 0 0 195 28 100 59 116 43 0 0 8 0 0 0 0 0 0 0 64 25 100 59 116 43 0 0 2 0 0 0 96 176 133 41 88 247 197 4 0 0 0 0 6 0 0 0 105 110 100 101 120 0 40 0 0 0 204 26 100 59 116 43 0 0 8 0 0 0 0 0 0 0 118 25 100 59 116 43 0 0 2 0 0 0 0 0 0 0 152 249 197 4 0 0 0 0 4 0 0 0 108 101 110 0 40 0 0 0 0 0 0 0 0 0 0 0 0 52 33 0 0 0 0 0 170 25 100 59 116 43 0 0 2 0 0 0 9 63 116 43 88 250 197 4 0 0 0 0 7 0 0 0 109 52 101 120 105 116 0 40 0 0 0 0 0 0 0 0 0 0 0 8 0 0 176 0 0 0 0 225 25 100 59 116 43 0 0 2 0 0 0 0 0 0 0 72 251 197 4 0 0 0 0 7 0 0 0 109 52 119 114 97 112 0 40 0 0 0 169 27 100 59 116 43 0 0 8 0 0 0 0 0 0 0 24 26 100 59 116 43 0 0 2 0 0 0 20 0 0 30 88 118 196 4 0 0 0 0 9 0 0 0 109 97 107 101 116 101 109 112 0 40 0 0 0 0 0 0 0 0 0 0 0 8 0 0 176 0 0 0 0 81 26 100 59 116 43 0 0 2 0 0 0 8 0 0 0 40 121 196 4 0 0 0 0 8 0 0 0 109 107 115 116 101 109 112 0 40 0 0 0 0 0 0 0 0 0 0 0 8 0 0 0 0 0 0 0 137 26 100 59 116 43 0 0 2 0 0 0 0 0 0 0 168 7 198 4 0 0 0 0 7 0 0 0 112 111 112 100 101 102 0 40 0 0 0 0 0 0 0 0 0 0 0 12 0 0 64 0 0 0 0 192 26 100 59 116 43 0 0 2 0 0 0 192 122 127 41 152 8 198 4 0 0 0 0 8 0 0 0 112 117 115 104 100 101 102 0 40 0 0 0 0 0 0 0 0 0 0 0 8 0 0 0 0 0 0 0 248 26 100 59 116 43 0 0 2 0 0 0 0 0 0 0 120 10 198 4 0 0 0 0 6 0 0 0 115 104 105 102 116 0 40 0 0 0 0 0 0 0 0 0 0 0 8 0 0 0 0 0 0 0 46 27 100 59 116 43 0 0 2 0 0 0 0 0 52 0 104 11 198 4 0 0 0 0 9 0 0 0 115 105 110 99 108 117 100 101 0 40 0 0 0 0 0 0 0 0 0 0 0 8 0 0 0 0 0 0 0 103 27 100 59 116 43 0 0 2 0 0 0 0 0 0 0 88 12 198 4 0 0 0 0 7 0 0 0 115 117 98 115 116 114 0 40 0 0 0 0 0 0 0 0 0 0 0 8 0 0 0 0 0 0 0 158 27 100 59 116 43 0 0 2 0 0 0 0 0 64 11 72 13 198 4 0 0 0 0 7 0 0 0 115 121 115 99 109 100 0 40 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 213 27 100 59 116 43 0 0 2 0 0 0 0 0 0 48 56 14 198 4 0 0 0 0 7 0 0 0 115 121 115 118 97 108 0 40 0 0 0 0 0 0 0 0 0 0 0 0 0 0 64 0 0 0 0 12 28 100 59 116 43 0 0 2 0 0 0 0 0 0 0 40 15 198 4 0 0 0 0 9 0 0 0 116 114 97 99 101 111 102 102 0 40 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 69 28 100 59 116 43 0 0 2 0 0 0 0 0 0 0 8 234 197 4 0 0 0 0 8 0 0 0 116 114 97 99 101 111 110 0 40 0 0 0 0 0 0 0 0 0 0 0 8 0 0 0 0 0 0 0 125 28 100 59 116 43 0 0 2 0 0 0 0 0 0 192 248 234 197 4 0 0 0 0 9 0 0 0 116 114 97 110 115 108 105 116 0 40 0 0 0 0 0 0 0 0 0 0 0 8 41 0 0 0 0 0 0 182 28 100 59 116 43 0 0 2 0 0 0 0 0 0 0 200 22 198 4 0 0 0 0 9 0 0 0 117 110 100 101 102 105 110 101 0 40 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 239 28 100 59 116 43 0 0 2 0 0 0 0 112 8 0 184 23 198 4 0 0 0 0 9 0 0 0 117 110 100 105 118 101 114 116 0 1 0 0 0 0 40 0 0 0 0 0 0 0 0 0 0 0 0 99 8 0 0 0 0 0 45 29 100 59 116 43 0 0 1 0 0 0 0 0 0 224 252 28 100 59 116 43 0 0 5 0 0 0 117 110 105 120 0 2 0 0 0 117 0 40 0 0 0 0 0 0 0 0 0 0 0 0 255 95 52 0 0 0 0 104 29 100 59 116 43 0 0 1 0 0 0 240 43 134 41 54 29 100 59 116 43 0 0 2 0 0 0 98 0 2 0 0 0 108 0 40 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 160 29 100 59 116 43 0 0 1 0 0 0 87 0 0 0 110 29 100 59 116 43 0 0 2 0 0 0 104 0 2 0 0 0 107 0 40 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 216 29 100 59 116 43 0 0 1 0 0 0 3 24 0 128 166 29 100 59 116 43 0 0 2 0 0 0 105 0 2 0 0 0 107 0 40 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 16 30 100 59 116 43 0 0 1 0 0 0 64 236 0 0 222 29 100 59 116 43 0 0 2 0 0 0 121 0 2 0 0 0 108 0 40 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 72 30 100 59 116 43 0 0 1 0 0 0 48 0 0 0 22 30 100 59 116 43 0 0 2 0 0 0 65 0 2 0 0 0 50 0 40 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 128 30 100 59 116 43 0 0 1 0 0 0 48 120 134 41 78 30 100 59 116 43 0 0 2 0 0 0 110 0 2 0 0 0 50 0 40 0 0 0 21 22 100 59 116 43 0 0 0 0 0 0 0 0 0 0 184 30 100 59 116 43 0 0 1 0 0 0 0 0 0 0 134 30 100 59 116 43 0 0 2 0 0 0 80 0])) +constant0 : (array (w64 3770) (constant [32 0 0 0 192 193 124 5 0 0 0 0 64 242 107 41 0 0 0 0 48 235 107 41 0 0 0 0 0 0 0 0 0 0 0 0 144 0 0 0 14 0 0 0 0 0 0 0 10 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 144 33 0 0 65 42 0 0 5 0 0 0 0 0 0 0 7 136 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 4 0 0 0 0 0 0 0 0 0 0 0 0 0 0 16 146 162 90 0 0 0 0 55 110 115 21 0 0 0 0 83 146 162 90 0 0 0 0 55 110 115 21 0 0 0 0 75 204 147 90 0 0 0 0 55 110 115 21 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 121 0 0 0 100 101 102 105 110 101 40 96 98 39 44 32 96 117 39 41 10 100 101 102 105 110 101 40 96 104 39 44 32 96 108 39 41 10 100 101 102 105 110 101 40 96 105 39 44 32 96 107 39 41 10 100 101 102 105 110 101 40 96 121 39 44 32 96 107 39 41 10 100 101 102 105 110 101 40 96 65 39 44 32 96 108 39 41 10 100 101 102 105 110 101 40 96 110 39 44 32 50 41 10 100 101 102 105 110 101 40 96 80 39 44 32 50 41 10 0 10 0 10 0 10 128 2 0 0 3 0 0 0 0 0 0 0 200 67 198 4 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 255 255 255 255 255 255 255 252 255 255 255 255 255 255 255 248 255 255 255 255 255 255 255 252 255 255 255 255 255 255 255 248 255 255 255 255 255 255 255 252 255 255 255 255 255 255 255 248 255 255 255 255 255 255 255 252 255 255 255 255 255 255 255 248 255 255 255 255 255 255 255 252 255 255 255 255 255 255 255 248 255 255 255 255 255 255 255 252 255 255 255 255 255 255 255 248 255 255 255 255 255 255 255 252 255 255 255 255 255 255 255 248 255 255 255 255 255 255 255 252 255 255 255 255 255 255 255 248 255 255 255 255 255 255 255 252 255 255 255 255 255 255 255 248 255 255 255 255 255 255 255 252 255 255 255 255 255 255 255 248 255 255 255 255 255 255 255 252 255 255 255 255 255 255 255 248 255 255 255 255 255 255 255 252 255 255 255 255 255 255 255 248 255 255 255 255 255 255 255 252 255 255 255 255 255 255 255 248 255 255 255 255 255 255 255 252 255 255 255 255 255 255 255 248 255 255 255 255 255 255 255 252 255 255 255 255 255 255 255 248 255 255 255 255 255 255 255 252 255 255 255 255 255 255 255 0 0 0 0 0 0 0 0 249 77 23 3 0 0 0 0 160 42 129 41 0 0 0 0 252 255 255 255 255 255 255 255 0 0 0 0 255 255 255 255 252 255 255 255 255 255 255 255 0 0 0 0 0 0 0 0 252 255 255 255 255 255 255 255 0 0 0 0 0 0 0 0 252 255 255 255 255 255 255 255 0 0 0 0 0 0 0 0 252 255 255 255 255 255 255 255 64 13 129 41 0 0 0 0 56 217 22 3 0 0 0 0 96 168 132 41 0 0 0 0 255 255 255 255 255 255 255 255 33 4 0 0 0 0 0 0 48 24 129 41 0 0 0 0 80 43 125 41 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 248 255 255 255 255 255 255 255 176 23 129 41 0 0 0 0 252 255 255 255 255 255 255 255 16 14 129 41 0 0 0 0 252 255 255 255 255 255 255 255 32 227 132 41 0 0 0 0 252 255 255 255 255 255 255 255 208 251 132 41 0 0 0 0 252 255 255 255 255 255 255 255 144 16 129 41 0 0 0 0 252 255 255 255 255 255 255 255 192 3 133 41 0 0 0 0 252 255 255 255 255 255 255 255 96 3 133 41 0 0 0 0 252 255 255 255 255 255 255 255 176 26 124 41 0 0 0 0 252 255 255 255 255 255 255 255 16 27 124 41 0 0 0 0 252 255 255 255 255 255 255 255 16 51 124 41 0 0 0 0 252 255 255 255 255 255 255 255 48 59 129 41 0 0 0 0 252 255 255 255 255 255 255 255 0 68 0 0 0 105 110 116 101 114 110 97 108 32 101 114 114 111 114 32 100 101 116 101 99 116 101 100 59 32 112 108 101 97 115 101 32 114 101 112 111 114 116 32 116 104 105 115 32 98 117 103 32 116 111 32 60 98 117 103 45 109 52 64 103 110 117 46 111 114 103 62 0 19 0 0 0 83 101 103 109 101 110 116 97 116 105 111 110 32 102 97 117 108 116 0 8 0 0 0 65 98 111 114 116 101 100 0 20 0 0 0 73 108 108 101 103 97 108 32 105 110 115 116 114 117 99 116 105 111 110 0 25 0 0 0 70 108 111 97 116 105 110 103 32 112 111 105 110 116 32 101 120 99 101 112 116 105 111 110 0 10 0 0 0 66 117 115 32 101 114 114 111 114 0 2 0 0 0 96 0 2 0 0 0 39 0 2 0 0 0 35 0 2 0 0 0 10 0 40 0 0 0 32 136 117 41 0 0 0 0 24 107 198 4 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 40 1 0 0 20 25 100 59 116 43 0 0 2 27 100 59 116 43 0 0 223 24 100 59 116 43 0 0 0 0 0 0 0 0 0 0 189 22 100 59 116 43 0 0 181 25 100 59 116 43 0 0 140 30 100 59 116 43 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 58 24 100 59 116 43 0 0 228 29 100 59 116 43 0 0 242 22 100 59 116 43 0 0 5 24 100 59 116 43 0 0 0 0 0 0 0 0 0 0 1 29 100 59 116 43 0 0 167 24 100 59 116 43 0 0 148 23 100 59 116 43 0 0 134 22 100 59 116 43 0 0 114 27 100 59 116 43 0 0 219 21 100 59 116 43 0 0 96 23 100 59 116 43 0 0 0 0 0 0 0 0 0 0 236 25 100 59 116 43 0 0 0 0 0 0 0 0 0 0 60 29 100 59 116 43 0 0 126 25 100 59 116 43 0 0 37 26 100 59 116 43 0 0 0 0 0 0 0 0 0 0 28 30 100 59 116 43 0 0 41 23 100 59 116 43 0 0 116 29 100 59 116 43 0 0 81 22 100 59 116 43 0 0 148 26 100 59 116 43 0 0 0 0 0 0 0 0 0 0 224 27 100 59 116 43 0 0 74 25 100 59 116 43 0 0 84 30 100 59 116 43 0 0 40 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 7 22 100 59 116 43 0 0 2 0 0 0 0 48 0 0 248 158 196 4 0 0 0 0 10 0 0 0 99 104 97 110 103 101 99 111 109 0 40 0 0 0 204 23 100 59 116 43 0 0 0 0 128 48 0 0 0 0 65 22 100 59 116 43 0 0 2 0 0 0 170 133 41 0 248 160 196 4 0 0 0 0 12 0 0 0 99 104 97 110 103 101 113 117 111 116 101 0 40 0 0 0 172 29 100 59 116 43 0 0 8 0 0 0 0 0 0 0 125 22 100 59 116 43 0 0 2 0 0 0 0 0 0 38 200 163 196 4 0 0 0 0 5 0 0 0 100 101 99 114 0 40 0 0 0 0 0 0 0 0 0 0 0 12 0 80 120 0 0 0 0 178 22 100 59 116 43 0 0 2 0 0 0 0 0 0 0 152 166 196 4 0 0 0 0 7 0 0 0 100 101 102 105 110 101 0 40 0 0 0 25 28 100 59 116 43 0 0 8 0 0 0 0 0 0 0 233 22 100 59 116 43 0 0 2 0 0 0 17 148 64 0 88 170 196 4 0 0 0 0 5 0 0 0 100 101 102 110 0 40 0 0 0 112 24 100 59 116 43 0 0 0 0 0 0 0 0 0 0 30 23 100 59 116 43 0 0 2 0 0 0 160 0 32 7 56 172 196 4 0 0 0 0 7 0 0 0 100 105 118 101 114 116 0 40 0 0 0 81 28 100 59 116 43 0 0 0 0 0 0 0 0 0 0 85 23 100 59 116 43 0 0 2 0 0 0 0 0 0 48 40 173 196 4 0 0 0 0 7 0 0 0 100 105 118 110 117 109 0 40 0 0 0 93 26 100 59 116 43 0 0 0 154 4 0 0 0 0 0 140 23 100 59 116 43 0 0 2 0 0 0 0 0 0 0 24 174 196 4 0 0 0 0 4 0 0 0 100 110 108 0 40 0 0 0 59 27 100 59 116 43 0 0 0 121 34 0 0 0 0 0 192 23 100 59 116 43 0 0 2 0 0 0 160 176 133 41 8 175 196 4 0 0 0 0 8 0 0 0 100 117 109 112 100 101 102 0 40 0 0 0 138 28 100 59 116 43 0 0 8 0 0 0 0 0 0 0 248 23 100 59 116 43 0 0 2 0 0 0 0 0 0 0 24 236 197 4 0 0 0 0 9 0 0 0 101 114 114 112 114 105 110 116 0 40 0 0 0 0 0 0 0 0 0 0 0 8 0 0 64 0 0 0 0 49 24 100 59 116 43 0 0 2 0 0 0 1 0 0 0 24 242 197 4 0 0 0 0 5 0 0 0 101 118 97 108 0 40 0 0 0 0 0 0 0 0 0 0 0 8 41 0 0 0 0 0 0 102 24 100 59 116 43 0 0 2 0 0 0 0 0 73 1 152 243 197 4 0 0 0 0 6 0 0 0 105 102 100 101 102 0 40 0 0 0 0 0 0 0 0 0 0 0 8 0 0 0 0 0 0 0 156 24 100 59 116 43 0 0 2 0 0 0 0 0 0 0 88 244 197 4 0 0 0 0 7 0 0 0 105 102 101 108 115 101 0 40 0 0 0 0 0 0 0 0 0 0 0 8 203 0 0 0 0 0 0 211 24 100 59 116 43 0 0 2 0 0 0 0 0 0 0 24 245 197 4 0 0 0 0 8 0 0 0 105 110 99 108 117 100 101 0 40 0 0 0 0 0 0 0 0 0 0 0 8 0 0 0 0 0 0 0 11 25 100 59 116 43 0 0 2 0 0 0 0 0 0 0 152 246 197 4 0 0 0 0 5 0 0 0 105 110 99 114 0 40 0 0 0 195 28 100 59 116 43 0 0 8 0 0 0 0 0 0 0 64 25 100 59 116 43 0 0 2 0 0 0 96 176 133 41 88 247 197 4 0 0 0 0 6 0 0 0 105 110 100 101 120 0 40 0 0 0 204 26 100 59 116 43 0 0 8 0 0 0 0 0 0 0 118 25 100 59 116 43 0 0 2 0 0 0 0 0 0 0 152 249 197 4 0 0 0 0 4 0 0 0 108 101 110 0 40 0 0 0 0 0 0 0 0 0 0 0 0 52 33 0 0 0 0 0 170 25 100 59 116 43 0 0 2 0 0 0 9 63 116 43 88 250 197 4 0 0 0 0 7 0 0 0 109 52 101 120 105 116 0 40 0 0 0 0 0 0 0 0 0 0 0 8 0 0 176 0 0 0 0 225 25 100 59 116 43 0 0 2 0 0 0 0 0 0 0 72 251 197 4 0 0 0 0 7 0 0 0 109 52 119 114 97 112 0 40 0 0 0 169 27 100 59 116 43 0 0 8 0 0 0 0 0 0 0 24 26 100 59 116 43 0 0 2 0 0 0 20 0 0 30 88 118 196 4 0 0 0 0 9 0 0 0 109 97 107 101 116 101 109 112 0 40 0 0 0 0 0 0 0 0 0 0 0 8 0 0 176 0 0 0 0 81 26 100 59 116 43 0 0 2 0 0 0 8 0 0 0 40 121 196 4 0 0 0 0 8 0 0 0 109 107 115 116 101 109 112 0 40 0 0 0 0 0 0 0 0 0 0 0 8 0 0 0 0 0 0 0 137 26 100 59 116 43 0 0 2 0 0 0 0 0 0 0 168 7 198 4 0 0 0 0 7 0 0 0 112 111 112 100 101 102 0 40 0 0 0 0 0 0 0 0 0 0 0 12 0 0 64 0 0 0 0 192 26 100 59 116 43 0 0 2 0 0 0 192 122 127 41 152 8 198 4 0 0 0 0 8 0 0 0 112 117 115 104 100 101 102 0 40 0 0 0 0 0 0 0 0 0 0 0 8 0 0 0 0 0 0 0 248 26 100 59 116 43 0 0 2 0 0 0 0 0 0 0 120 10 198 4 0 0 0 0 6 0 0 0 115 104 105 102 116 0 40 0 0 0 0 0 0 0 0 0 0 0 8 0 0 0 0 0 0 0 46 27 100 59 116 43 0 0 2 0 0 0 0 0 52 0 104 11 198 4 0 0 0 0 9 0 0 0 115 105 110 99 108 117 100 101 0 40 0 0 0 0 0 0 0 0 0 0 0 8 0 0 0 0 0 0 0 103 27 100 59 116 43 0 0 2 0 0 0 0 0 0 0 88 12 198 4 0 0 0 0 7 0 0 0 115 117 98 115 116 114 0 40 0 0 0 0 0 0 0 0 0 0 0 8 0 0 0 0 0 0 0 158 27 100 59 116 43 0 0 2 0 0 0 0 0 64 11 72 13 198 4 0 0 0 0 7 0 0 0 115 121 115 99 109 100 0 40 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 213 27 100 59 116 43 0 0 2 0 0 0 0 0 0 48 56 14 198 4 0 0 0 0 7 0 0 0 115 121 115 118 97 108 0 40 0 0 0 0 0 0 0 0 0 0 0 0 0 0 64 0 0 0 0 12 28 100 59 116 43 0 0 2 0 0 0 0 0 0 0 40 15 198 4 0 0 0 0 9 0 0 0 116 114 97 99 101 111 102 102 0 40 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 69 28 100 59 116 43 0 0 2 0 0 0 0 0 0 0 8 234 197 4 0 0 0 0 8 0 0 0 116 114 97 99 101 111 110 0 40 0 0 0 0 0 0 0 0 0 0 0 8 0 0 0 0 0 0 0 125 28 100 59 116 43 0 0 2 0 0 0 0 0 0 192 248 234 197 4 0 0 0 0 9 0 0 0 116 114 97 110 115 108 105 116 0 40 0 0 0 0 0 0 0 0 0 0 0 8 41 0 0 0 0 0 0 182 28 100 59 116 43 0 0 2 0 0 0 0 0 0 0 200 22 198 4 0 0 0 0 9 0 0 0 117 110 100 101 102 105 110 101 0 40 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 239 28 100 59 116 43 0 0 2 0 0 0 0 112 8 0 184 23 198 4 0 0 0 0 9 0 0 0 117 110 100 105 118 101 114 116 0 1 0 0 0 0 40 0 0 0 0 0 0 0 0 0 0 0 0 99 8 0 0 0 0 0 45 29 100 59 116 43 0 0 1 0 0 0 0 0 0 224 252 28 100 59 116 43 0 0 5 0 0 0 117 110 105 120 0 2 0 0 0 117 0 40 0 0 0 0 0 0 0 0 0 0 0 0 255 95 52 0 0 0 0 104 29 100 59 116 43 0 0 1 0 0 0 240 43 134 41 54 29 100 59 116 43 0 0 2 0 0 0 98 0 2 0 0 0 108 0 40 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 160 29 100 59 116 43 0 0 1 0 0 0 87 0 0 0 110 29 100 59 116 43 0 0 2 0 0 0 104 0 2 0 0 0 107 0 40 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 216 29 100 59 116 43 0 0 1 0 0 0 3 24 0 128 166 29 100 59 116 43 0 0 2 0 0 0 105 0 2 0 0 0 107 0 40 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 16 30 100 59 116 43 0 0 1 0 0 0 64 236 0 0 222 29 100 59 116 43 0 0 2 0 0 0 121 0 2 0 0 0 108 0 40 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 72 30 100 59 116 43 0 0 1 0 0 0 48 0 0 0 22 30 100 59 116 43 0 0 2 0 0 0 65 0 2 0 0 0 50 0 40 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 128 30 100 59 116 43 0 0 1 0 0 0 48 120 134 41 78 30 100 59 116 43 0 0 2 0 0 0 110 0 2 0 0 0 50 0 40 0 0 0 21 22 100 59 116 43 0 0 0 0 0 0 0 0 0 0 184 30 100 59 116 43 0 0 1 0 0 0 0 0 0 0 134 30 100 59 116 43 0 0 2 0 0 0 80 0] default: 0)) makeSymbolic1 : (array (w64 121) (makeSymbolic stdin 0)) diff --git a/test/lit.cfg b/test/lit.cfg index 75978e47b7..8c01d8fc36 100644 --- a/test/lit.cfg +++ b/test/lit.cfg @@ -198,6 +198,10 @@ if config.enable_z3: config.available_features.add('z3') else: config.available_features.add('not-z3') +if config.enable_metasmt: + config.available_features.add('metasmt') +else: + config.available_features.add('not-metasmt') # Zlib config.available_features.add('zlib' if config.enable_zlib else 'not-zlib') diff --git a/test/lit.site.cfg.in b/test/lit.site.cfg.in index 15bc4a20a5..0712644706 100644 --- a/test/lit.site.cfg.in +++ b/test/lit.site.cfg.in @@ -51,6 +51,7 @@ config.enable_eh_cxx = True if @SUPPORT_KLEE_EH_CXX@ == 1 else False config.have_selinux = True if @HAVE_SELINUX@ == 1 else False config.enable_stp = True if @ENABLE_STP@ == 1 else False config.enable_z3 = True if @ENABLE_Z3@ == 1 else False +config.enable_metasmt = True if @ENABLE_METASMT@ == 1 else False config.enable_zlib = True if @HAVE_ZLIB_H@ == 1 else False config.have_asan = True if @IS_ASAN_BUILD@ == 1 else False config.have_ubsan = True if @IS_UBSAN_BUILD@ == 1 else False diff --git a/test/regression/2023-08-28-invalid-pointer-dereference.c b/test/regression/2023-08-28-invalid-pointer-dereference.c new file mode 100644 index 0000000000..cdd8388e71 --- /dev/null +++ b/test/regression/2023-08-28-invalid-pointer-dereference.c @@ -0,0 +1,22 @@ +// RUN: %clang %s -g -emit-llvm %O0opt -c -o %t.bc +// RUN: rm -rf %t.klee-out +// RUN: %klee --use-sym-size-alloc --output-dir=%t.klee-out %t.bc 2>&1 | FileCheck %s + +#pragma clang attribute push(__attribute__((optnone)), apply_to = function) + +int main() { + int length1 = klee_int("len"); + int length2 = klee_int("len"); + if (length1 < 1) { + length1 = 1; + } + if (length2 < 1) { + length2 = 1; + } + char *nondetString1 = (char *)__builtin_alloca(length1 * sizeof(char)); + char *nondetString2 = (char *)__builtin_alloca(length2 * sizeof(char)); + nondetString1[length1 - 1] = '\0'; + // CHECK-NOT: memory error: out of bound pointer + nondetString2[length2 - 1] = '\0'; +} +#pragma clang attribute pop diff --git a/test/regression/2023-10-13-kbfiltr.i.cil-2.c b/test/regression/2023-10-13-kbfiltr.i.cil-2.c new file mode 100644 index 0000000000..8a3d658124 --- /dev/null +++ b/test/regression/2023-10-13-kbfiltr.i.cil-2.c @@ -0,0 +1,3649 @@ +// REQUIRES: geq-llvm-14.0 +// RUN: %clang -Wno-everything %s -emit-llvm %O0opt -g -c -o %t1.bc +// RUN: rm -rf %t.klee-out +// RUN: %klee --output-dir=%t.klee-out --optimize=true --mock-all-externals --external-calls=all --use-forked-solver=false --max-memory=6008 --skip-not-lazy-initialized --istats-write-interval=90s --use-sym-size-alloc=true --cex-cache-validity-cores --symbolic-allocation-threshold=8192 --write-kqueries --write-xml-tests --only-output-states-covering-new=true --dump-states-on-halt=true --emit-all-errors=true --search=bfs %t1.bc + +// RUN: test -f %t.klee-out/test000023_1.xml +#include "klee-test-comp.c" + +extern void abort(void); +extern void __assert_fail(const char *, const char *, unsigned int, const char *) __attribute__((__nothrow__, __leaf__)) __attribute__((__noreturn__)); +void reach_error() { __assert_fail("0", "kbfiltr.i.cil-2.c", 3, "reach_error"); } + +extern char __VERIFIER_nondet_char(void); +extern int __VERIFIER_nondet_int(void); +extern long __VERIFIER_nondet_long(void); +extern unsigned long __VERIFIER_nondet_ulong(void); +extern void abort(void); +void assume_abort_if_not(int cond) { + if (!cond) { + abort(); + } +} +/* Generated by CIL v. 1.3.6 */ +/* print_CIL_Input is true */ + +#pragma pack(push, 8) +#pragma pack(pop) +typedef unsigned short wchar_t; +typedef unsigned long ULONG_PTR; +typedef unsigned long *PULONG_PTR; +typedef ULONG_PTR SIZE_T; +typedef void *PVOID; +typedef char CHAR; +typedef short SHORT; +typedef long LONG; +typedef wchar_t WCHAR; +typedef WCHAR *PWSTR; +typedef WCHAR const *PCWSTR; +typedef CHAR *PCHAR; +typedef LONG *PLONG; +typedef unsigned char UCHAR; +typedef unsigned short USHORT; +typedef unsigned long ULONG; +typedef UCHAR *PUCHAR; +typedef ULONG *PULONG; +typedef void *HANDLE; +typedef HANDLE *PHANDLE; +typedef char CCHAR; +typedef short CSHORT; +typedef ULONG LCID; +typedef LONG NTSTATUS; +typedef long long LONGLONG; +struct __anonstruct____missing_field_name_1 { + ULONG LowPart; + LONG HighPart; +}; +struct __anonstruct_u_2 { + ULONG LowPart; + LONG HighPart; +}; +union _LARGE_INTEGER { + struct __anonstruct____missing_field_name_1 __annonCompField1; + struct __anonstruct_u_2 u; + LONGLONG QuadPart; +}; +typedef union _LARGE_INTEGER LARGE_INTEGER; +typedef LARGE_INTEGER *PLARGE_INTEGER; +struct _LUID { + ULONG LowPart; + LONG HighPart; +}; +typedef struct _LUID LUID; +typedef LARGE_INTEGER PHYSICAL_ADDRESS; +enum _EVENT_TYPE { + NotificationEvent = 0, + SynchronizationEvent = 1 +}; +typedef enum _EVENT_TYPE EVENT_TYPE; +typedef char const *PCSZ; +struct _STRING { + USHORT Length; + USHORT MaximumLength; + PCHAR Buffer; +}; +typedef struct _STRING STRING; +typedef STRING *PSTRING; +typedef PSTRING PANSI_STRING; +struct _UNICODE_STRING { + USHORT Length; + USHORT MaximumLength; + PWSTR Buffer; +}; +typedef struct _UNICODE_STRING UNICODE_STRING; +typedef UNICODE_STRING *PUNICODE_STRING; +typedef UCHAR BOOLEAN; +typedef BOOLEAN *PBOOLEAN; +struct _LIST_ENTRY { + struct _LIST_ENTRY *Flink; + struct _LIST_ENTRY *Blink; +}; +typedef struct _LIST_ENTRY LIST_ENTRY; +typedef struct _LIST_ENTRY *PLIST_ENTRY; +struct _OBJECT_ATTRIBUTES { + ULONG Length; + HANDLE RootDirectory; + PUNICODE_STRING ObjectName; + ULONG Attributes; + PVOID SecurityDescriptor; + PVOID SecurityQualityOfService; +}; +typedef struct _OBJECT_ATTRIBUTES OBJECT_ATTRIBUTES; +typedef OBJECT_ATTRIBUTES *POBJECT_ATTRIBUTES; +struct _GUID { + unsigned long Data1; + unsigned short Data2; + unsigned short Data3; + unsigned char Data4[8]; +}; +typedef struct _GUID GUID; +typedef unsigned int size_t; +typedef UCHAR KIRQL; +struct _KTHREAD; +typedef struct _KTHREAD *PKTHREAD; +struct _ETHREAD; +typedef struct _ETHREAD *PETHREAD; +struct _EPROCESS; +typedef struct _EPROCESS *PEPROCESS; +struct _IO_TIMER; +typedef struct _IO_TIMER *PIO_TIMER; +struct _OBJECT_TYPE; +typedef struct _OBJECT_TYPE *POBJECT_TYPE; +typedef CCHAR KPROCESSOR_MODE; +struct _KAPC; +struct _KAPC; +typedef void (*PKNORMAL_ROUTINE)(PVOID NormalContext, PVOID SystemArgument1, PVOID SystemArgument2); +struct _KAPC { + CSHORT Type; + CSHORT Size; + ULONG Spare0; + struct _KTHREAD *Thread; + LIST_ENTRY ApcListEntry; + void (*KernelRoutine)(struct _KAPC *Apc, PKNORMAL_ROUTINE *NormalRoutine, PVOID *NormalContext, + PVOID *SystemArgument1, PVOID *SystemArgument2); + void (*RundownRoutine)(struct _KAPC *Apc); + void (*NormalRoutine)(PVOID NormalContext, PVOID SystemArgument1, PVOID SystemArgument2); + PVOID NormalContext; + PVOID SystemArgument1; + PVOID SystemArgument2; + CCHAR ApcStateIndex; + KPROCESSOR_MODE ApcMode; + BOOLEAN Inserted; +}; +typedef struct _KAPC KAPC; +struct _KDPC; +struct _KDPC; +struct _KDPC { + CSHORT Type; + UCHAR Number; + UCHAR Importance; + LIST_ENTRY DpcListEntry; + void (*DeferredRoutine)(struct _KDPC *Dpc, PVOID DeferredContext, PVOID SystemArgument1, + PVOID SystemArgument2); + PVOID DeferredContext; + PVOID SystemArgument1; + PVOID SystemArgument2; + PULONG_PTR Lock; +}; +typedef struct _KDPC KDPC; +typedef struct _KDPC *PKDPC; +struct _MDL { + struct _MDL *Next; + CSHORT Size; + CSHORT MdlFlags; + struct _EPROCESS *Process; + PVOID MappedSystemVa; + PVOID StartVa; + ULONG ByteCount; + ULONG ByteOffset; +}; +typedef struct _MDL MDL; +typedef struct _MDL *PMDL; +typedef PVOID PACCESS_TOKEN; +typedef PVOID PSECURITY_DESCRIPTOR; +typedef ULONG ACCESS_MASK; +#pragma pack(push, 4) +struct _LUID_AND_ATTRIBUTES { + LUID Luid; + ULONG Attributes; +}; +typedef struct _LUID_AND_ATTRIBUTES LUID_AND_ATTRIBUTES; +#pragma pack(pop) +struct _PRIVILEGE_SET { + ULONG PrivilegeCount; + ULONG Control; + LUID_AND_ATTRIBUTES Privilege[1]; +}; +typedef struct _PRIVILEGE_SET PRIVILEGE_SET; +enum _SECURITY_IMPERSONATION_LEVEL { + SecurityAnonymous = 0, + SecurityIdentification = 1, + SecurityImpersonation = 2, + SecurityDelegation = 3 +}; +typedef enum _SECURITY_IMPERSONATION_LEVEL SECURITY_IMPERSONATION_LEVEL; +typedef BOOLEAN SECURITY_CONTEXT_TRACKING_MODE; +struct _SECURITY_QUALITY_OF_SERVICE { + ULONG Length; + SECURITY_IMPERSONATION_LEVEL ImpersonationLevel; + SECURITY_CONTEXT_TRACKING_MODE ContextTrackingMode; + BOOLEAN EffectiveOnly; +}; +typedef struct _SECURITY_QUALITY_OF_SERVICE *PSECURITY_QUALITY_OF_SERVICE; +typedef ULONG SECURITY_INFORMATION; +typedef LONG KPRIORITY; +typedef ULONG_PTR KSPIN_LOCK; +typedef KSPIN_LOCK *PKSPIN_LOCK; +struct _RTL_QUERY_REGISTRY_TABLE { + NTSTATUS(*QueryRoutine) + (PWSTR ValueName, ULONG ValueType, + PVOID ValueData, ULONG ValueLength, + PVOID Context, PVOID EntryContext); + ULONG Flags; + PWSTR Name; + PVOID EntryContext; + ULONG DefaultType; + PVOID DefaultData; + ULONG DefaultLength; +}; +typedef struct _RTL_QUERY_REGISTRY_TABLE *PRTL_QUERY_REGISTRY_TABLE; +union __anonunion____missing_field_name_6 { + NTSTATUS Status; + PVOID Pointer; +}; +struct _IO_STATUS_BLOCK { + union __anonunion____missing_field_name_6 __annonCompField4; + ULONG_PTR Information; +}; +typedef struct _IO_STATUS_BLOCK IO_STATUS_BLOCK; +typedef struct _IO_STATUS_BLOCK *PIO_STATUS_BLOCK; +enum _FILE_INFORMATION_CLASS { + FileDirectoryInformation = 1, + FileFullDirectoryInformation = 2, + FileBothDirectoryInformation = 3, + FileBasicInformation = 4, + FileStandardInformation = 5, + FileInternalInformation = 6, + FileEaInformation = 7, + FileAccessInformation = 8, + FileNameInformation = 9, + FileRenameInformation = 10, + FileLinkInformation = 11, + FileNamesInformation = 12, + FileDispositionInformation = 13, + FilePositionInformation = 14, + FileFullEaInformation = 15, + FileModeInformation = 16, + FileAlignmentInformation = 17, + FileAllInformation = 18, + FileAllocationInformation = 19, + FileEndOfFileInformation = 20, + FileAlternateNameInformation = 21, + FileStreamInformation = 22, + FilePipeInformation = 23, + FilePipeLocalInformation = 24, + FilePipeRemoteInformation = 25, + FileMailslotQueryInformation = 26, + FileMailslotSetInformation = 27, + FileCompressionInformation = 28, + FileObjectIdInformation = 29, + FileCompletionInformation = 30, + FileMoveClusterInformation = 31, + FileQuotaInformation = 32, + FileReparsePointInformation = 33, + FileNetworkOpenInformation = 34, + FileAttributeTagInformation = 35, + FileTrackingInformation = 36, + FileMaximumInformation = 37 +}; +typedef enum _FILE_INFORMATION_CLASS FILE_INFORMATION_CLASS; +struct _FILE_BASIC_INFORMATION { + LARGE_INTEGER CreationTime; + LARGE_INTEGER LastAccessTime; + LARGE_INTEGER LastWriteTime; + LARGE_INTEGER ChangeTime; + ULONG FileAttributes; +}; +typedef struct _FILE_BASIC_INFORMATION *PFILE_BASIC_INFORMATION; +struct _FILE_STANDARD_INFORMATION { + LARGE_INTEGER AllocationSize; + LARGE_INTEGER EndOfFile; + ULONG NumberOfLinks; + BOOLEAN DeletePending; + BOOLEAN Directory; +}; +typedef struct _FILE_STANDARD_INFORMATION *PFILE_STANDARD_INFORMATION; +struct _FILE_NETWORK_OPEN_INFORMATION { + LARGE_INTEGER CreationTime; + LARGE_INTEGER LastAccessTime; + LARGE_INTEGER LastWriteTime; + LARGE_INTEGER ChangeTime; + LARGE_INTEGER AllocationSize; + LARGE_INTEGER EndOfFile; + ULONG FileAttributes; +}; +typedef struct _FILE_NETWORK_OPEN_INFORMATION *PFILE_NETWORK_OPEN_INFORMATION; +enum _FSINFOCLASS { + FileFsVolumeInformation = 1, + FileFsLabelInformation = 2, + FileFsSizeInformation = 3, + FileFsDeviceInformation = 4, + FileFsAttributeInformation = 5, + FileFsControlInformation = 6, + FileFsFullSizeInformation = 7, + FileFsObjectIdInformation = 8, + FileFsMaximumInformation = 9 +}; +typedef enum _FSINFOCLASS FS_INFORMATION_CLASS; +enum _INTERFACE_TYPE { + InterfaceTypeUndefined = -1, + Internal = 0, + Isa = 1, + Eisa = 2, + MicroChannel = 3, + TurboChannel = 4, + PCIBus = 5, + VMEBus = 6, + NuBus = 7, + PCMCIABus = 8, + CBus = 9, + MPIBus = 10, + MPSABus = 11, + ProcessorInternal = 12, + InternalPowerBus = 13, + PNPISABus = 14, + PNPBus = 15, + MaximumInterfaceType = 16 +}; +typedef enum _INTERFACE_TYPE INTERFACE_TYPE; +typedef enum _INTERFACE_TYPE *PINTERFACE_TYPE; +struct _IO_ERROR_LOG_PACKET { + UCHAR MajorFunctionCode; + UCHAR RetryCount; + USHORT DumpDataSize; + USHORT NumberOfStrings; + USHORT StringOffset; + USHORT EventCategory; + NTSTATUS ErrorCode; + ULONG UniqueErrorValue; + NTSTATUS FinalStatus; + ULONG SequenceNumber; + ULONG IoControlCode; + LARGE_INTEGER DeviceOffset; + ULONG DumpData[1]; +}; +typedef struct _IO_ERROR_LOG_PACKET IO_ERROR_LOG_PACKET; +struct _KEY_VALUE_FULL_INFORMATION { + ULONG TitleIndex; + ULONG Type; + ULONG DataOffset; + ULONG DataLength; + ULONG NameLength; + WCHAR Name[1]; +}; +typedef struct _KEY_VALUE_FULL_INFORMATION *PKEY_VALUE_FULL_INFORMATION; +struct _CLIENT_ID { + HANDLE UniqueProcess; + HANDLE UniqueThread; +}; +typedef struct _CLIENT_ID CLIENT_ID; +typedef CLIENT_ID *PCLIENT_ID; +enum _SYSTEM_POWER_STATE { + PowerSystemUnspecified = 0, + PowerSystemWorking = 1, + PowerSystemSleeping1 = 2, + PowerSystemSleeping2 = 3, + PowerSystemSleeping3 = 4, + PowerSystemHibernate = 5, + PowerSystemShutdown = 6, + PowerSystemMaximum = 7 +}; +typedef enum _SYSTEM_POWER_STATE SYSTEM_POWER_STATE; +enum __anonenum_POWER_ACTION_11 { + PowerActionNone = 0, + PowerActionReserved = 1, + PowerActionSleep = 2, + PowerActionHibernate = 3, + PowerActionShutdown = 4, + PowerActionShutdownReset = 5, + PowerActionShutdownOff = 6, + PowerActionWarmEject = 7 +}; +typedef enum __anonenum_POWER_ACTION_11 POWER_ACTION; +enum _DEVICE_POWER_STATE { + PowerDeviceUnspecified = 0, + PowerDeviceD0 = 1, + PowerDeviceD1 = 2, + PowerDeviceD2 = 3, + PowerDeviceD3 = 4, + PowerDeviceMaximum = 5 +}; +typedef enum _DEVICE_POWER_STATE DEVICE_POWER_STATE; +union _POWER_STATE { + SYSTEM_POWER_STATE SystemState; + DEVICE_POWER_STATE DeviceState; +}; +typedef union _POWER_STATE POWER_STATE; +enum _POWER_STATE_TYPE { + SystemPowerState = 0, + DevicePowerState = 1 +}; +typedef enum _POWER_STATE_TYPE POWER_STATE_TYPE; +typedef PVOID PASSIGNED_RESOURCE; +#pragma pack(push, 4) +struct __anonstruct_Generic_16 { + PHYSICAL_ADDRESS Start; + ULONG Length; +}; +struct __anonstruct_Port_17 { + PHYSICAL_ADDRESS Start; + ULONG Length; +}; +struct __anonstruct_Interrupt_18 { + ULONG Level; + ULONG Vector; + ULONG Affinity; +}; +struct __anonstruct_Memory_19 { + PHYSICAL_ADDRESS Start; + ULONG Length; +}; +struct __anonstruct_Dma_20 { + ULONG Channel; + ULONG Port; + ULONG Reserved1; +}; +struct __anonstruct_DevicePrivate_21 { + ULONG Data[3]; +}; +struct __anonstruct_BusNumber_22 { + ULONG Start; + ULONG Length; + ULONG Reserved; +}; +struct __anonstruct_DeviceSpecificData_23 { + ULONG DataSize; + ULONG Reserved1; + ULONG Reserved2; +}; +union __anonunion_u_15 { + struct __anonstruct_Generic_16 Generic; + struct __anonstruct_Port_17 Port; + struct __anonstruct_Interrupt_18 Interrupt; + struct __anonstruct_Memory_19 Memory; + struct __anonstruct_Dma_20 Dma; + struct __anonstruct_DevicePrivate_21 DevicePrivate; + struct __anonstruct_BusNumber_22 BusNumber; + struct __anonstruct_DeviceSpecificData_23 DeviceSpecificData; +}; +struct _CM_PARTIAL_RESOURCE_DESCRIPTOR { + UCHAR Type; + UCHAR ShareDisposition; + USHORT Flags; + union __anonunion_u_15 u; +}; +typedef struct _CM_PARTIAL_RESOURCE_DESCRIPTOR CM_PARTIAL_RESOURCE_DESCRIPTOR; +#pragma pack(pop) +struct _CM_PARTIAL_RESOURCE_LIST { + USHORT Version; + USHORT Revision; + ULONG Count; + CM_PARTIAL_RESOURCE_DESCRIPTOR PartialDescriptors[1]; +}; +typedef struct _CM_PARTIAL_RESOURCE_LIST CM_PARTIAL_RESOURCE_LIST; +struct _CM_FULL_RESOURCE_DESCRIPTOR { + INTERFACE_TYPE InterfaceType; + ULONG BusNumber; + CM_PARTIAL_RESOURCE_LIST PartialResourceList; +}; +typedef struct _CM_FULL_RESOURCE_DESCRIPTOR CM_FULL_RESOURCE_DESCRIPTOR; +struct _CM_RESOURCE_LIST { + ULONG Count; + CM_FULL_RESOURCE_DESCRIPTOR List[1]; +}; +typedef struct _CM_RESOURCE_LIST *PCM_RESOURCE_LIST; +#pragma pack(push, 1) +#pragma pack(pop) +struct __anonstruct_Port_25 { + ULONG Length; + ULONG Alignment; + PHYSICAL_ADDRESS MinimumAddress; + PHYSICAL_ADDRESS MaximumAddress; +}; +struct __anonstruct_Memory_26 { + ULONG Length; + ULONG Alignment; + PHYSICAL_ADDRESS MinimumAddress; + PHYSICAL_ADDRESS MaximumAddress; +}; +struct __anonstruct_Interrupt_27 { + ULONG MinimumVector; + ULONG MaximumVector; +}; +struct __anonstruct_Dma_28 { + ULONG MinimumChannel; + ULONG MaximumChannel; +}; +struct __anonstruct_Generic_29 { + ULONG Length; + ULONG Alignment; + PHYSICAL_ADDRESS MinimumAddress; + PHYSICAL_ADDRESS MaximumAddress; +}; +struct __anonstruct_DevicePrivate_30 { + ULONG Data[3]; +}; +struct __anonstruct_BusNumber_31 { + ULONG Length; + ULONG MinBusNumber; + ULONG MaxBusNumber; + ULONG Reserved; +}; +struct __anonstruct_AssignedResource_32 { + PASSIGNED_RESOURCE AssignedResource; +}; +struct __anonstruct_SubAllocateFrom_33 { + UCHAR Type; + UCHAR Reserved[3]; + PASSIGNED_RESOURCE AssignedResource; + PHYSICAL_ADDRESS Transformation; +}; +struct __anonstruct_ConfigData_34 { + ULONG Priority; + ULONG Reserved1; + ULONG Reserved2; +}; +union __anonunion_u_24 { + struct __anonstruct_Port_25 Port; + struct __anonstruct_Memory_26 Memory; + struct __anonstruct_Interrupt_27 Interrupt; + struct __anonstruct_Dma_28 Dma; + struct __anonstruct_Generic_29 Generic; + struct __anonstruct_DevicePrivate_30 DevicePrivate; + struct __anonstruct_BusNumber_31 BusNumber; + struct __anonstruct_AssignedResource_32 AssignedResource; + struct __anonstruct_SubAllocateFrom_33 SubAllocateFrom; + struct __anonstruct_ConfigData_34 ConfigData; +}; +struct _IO_RESOURCE_DESCRIPTOR { + UCHAR Option; + UCHAR Type; + UCHAR ShareDisposition; + UCHAR Spare1; + USHORT Flags; + USHORT Spare2; + union __anonunion_u_24 u; +}; +typedef struct _IO_RESOURCE_DESCRIPTOR IO_RESOURCE_DESCRIPTOR; +struct _IO_RESOURCE_LIST { + USHORT Version; + USHORT Revision; + ULONG Count; + IO_RESOURCE_DESCRIPTOR Descriptors[1]; +}; +typedef struct _IO_RESOURCE_LIST IO_RESOURCE_LIST; +struct _IO_RESOURCE_REQUIREMENTS_LIST { + ULONG ListSize; + INTERFACE_TYPE InterfaceType; + ULONG BusNumber; + ULONG SlotNumber; + ULONG Reserved[3]; + ULONG AlternativeLists; + IO_RESOURCE_LIST List[1]; +}; +typedef struct _IO_RESOURCE_REQUIREMENTS_LIST *PIO_RESOURCE_REQUIREMENTS_LIST; +enum _CONFIGURATION_TYPE { + ArcSystem = 0, + CentralProcessor = 1, + FloatingPointProcessor = 2, + PrimaryIcache = 3, + PrimaryDcache = 4, + SecondaryIcache = 5, + SecondaryDcache = 6, + SecondaryCache = 7, + EisaAdapter = 8, + TcAdapter = 9, + ScsiAdapter = 10, + DtiAdapter = 11, + MultiFunctionAdapter = 12, + DiskController = 13, + TapeController = 14, + CdromController = 15, + WormController = 16, + SerialController = 17, + NetworkController = 18, + DisplayController = 19, + ParallelController = 20, + PointerController = 21, + KeyboardController = 22, + AudioController = 23, + OtherController = 24, + DiskPeripheral = 25, + FloppyDiskPeripheral = 26, + TapePeripheral = 27, + ModemPeripheral = 28, + MonitorPeripheral = 29, + PrinterPeripheral = 30, + PointerPeripheral = 31, + KeyboardPeripheral = 32, + TerminalPeripheral = 33, + OtherPeripheral = 34, + LinePeripheral = 35, + NetworkPeripheral = 36, + SystemMemory = 37, + DockingInformation = 38, + RealModeIrqRoutingTable = 39, + MaximumType = 40 +}; +typedef enum _CONFIGURATION_TYPE CONFIGURATION_TYPE; +typedef enum _CONFIGURATION_TYPE *PCONFIGURATION_TYPE; +enum _KWAIT_REASON { + Executive = 0, + FreePage = 1, + PageIn = 2, + PoolAllocation = 3, + DelayExecution = 4, + Suspended = 5, + UserRequest = 6, + WrExecutive = 7, + WrFreePage = 8, + WrPageIn = 9, + WrPoolAllocation = 10, + WrDelayExecution = 11, + WrSuspended = 12, + WrUserRequest = 13, + WrEventPair = 14, + WrQueue = 15, + WrLpcReceive = 16, + WrLpcReply = 17, + WrVirtualMemory = 18, + WrPageOut = 19, + WrRendezvous = 20, + Spare2 = 21, + Spare3 = 22, + Spare4 = 23, + Spare5 = 24, + Spare6 = 25, + WrKernel = 26, + MaximumWaitReason = 27 +}; +typedef enum _KWAIT_REASON KWAIT_REASON; +struct _DISPATCHER_HEADER { + UCHAR Type; + UCHAR Absolute; + UCHAR Size; + UCHAR Inserted; + LONG SignalState; + LIST_ENTRY WaitListHead; +}; +typedef struct _DISPATCHER_HEADER DISPATCHER_HEADER; +struct _KDEVICE_QUEUE { + CSHORT Type; + CSHORT Size; + LIST_ENTRY DeviceListHead; + KSPIN_LOCK Lock; + BOOLEAN Busy; +}; +typedef struct _KDEVICE_QUEUE KDEVICE_QUEUE; +struct _KDEVICE_QUEUE_ENTRY { + LIST_ENTRY DeviceListEntry; + ULONG SortKey; + BOOLEAN Inserted; +}; +typedef struct _KDEVICE_QUEUE_ENTRY KDEVICE_QUEUE_ENTRY; +struct _KEVENT { + DISPATCHER_HEADER Header; +}; +typedef struct _KEVENT KEVENT; +typedef struct _KEVENT *PKEVENT; +typedef struct _KEVENT *PRKEVENT; +struct _KSEMAPHORE { + DISPATCHER_HEADER Header; + LONG Limit; +}; +typedef struct _KSEMAPHORE *PKSEMAPHORE; +typedef struct _KSEMAPHORE *PRKSEMAPHORE; +enum _MEMORY_CACHING_TYPE { + MmNonCached = 0, + MmCached = 1, + MmWriteCombined = 2, + MmHardwareCoherentCached = 3, + MmNonCachedUnordered = 4, + MmUSWCCached = 5, + MmMaximumCacheType = 6 +}; +typedef enum _MEMORY_CACHING_TYPE MEMORY_CACHING_TYPE; +enum _POOL_TYPE { + NonPagedPool = 0, + PagedPool = 1, + NonPagedPoolMustSucceed = 2, + DontUseThisType = 3, + NonPagedPoolCacheAligned = 4, + PagedPoolCacheAligned = 5, + NonPagedPoolCacheAlignedMustS = 6, + MaxPoolType = 7, + NonPagedPoolSession = 32, + PagedPoolSession = 33, + NonPagedPoolMustSucceedSession = 34, + DontUseThisTypeSession = 35, + NonPagedPoolCacheAlignedSession = 36, + PagedPoolCacheAlignedSession = 37, + NonPagedPoolCacheAlignedMustSSession = 38 +}; +typedef enum _POOL_TYPE POOL_TYPE; +struct _FAST_MUTEX { + LONG Count; + PKTHREAD Owner; + ULONG Contention; + KEVENT Event; + ULONG OldIrql; +}; +typedef struct _FAST_MUTEX *PFAST_MUTEX; +typedef ULONG_PTR ERESOURCE_THREAD; +union __anonunion____missing_field_name_38 { + LONG OwnerCount; + ULONG TableSize; +}; +struct _OWNER_ENTRY { + ERESOURCE_THREAD OwnerThread; + union __anonunion____missing_field_name_38 __annonCompField10; +}; +typedef struct _OWNER_ENTRY OWNER_ENTRY; +typedef struct _OWNER_ENTRY *POWNER_ENTRY; +union __anonunion____missing_field_name_39 { + PVOID Address; + ULONG_PTR CreatorBackTraceIndex; +}; +struct _ERESOURCE { + LIST_ENTRY SystemResourcesList; + POWNER_ENTRY OwnerTable; + SHORT ActiveCount; + USHORT Flag; + PKSEMAPHORE SharedWaiters; + PKEVENT ExclusiveWaiters; + OWNER_ENTRY OwnerThreads[2]; + ULONG ContentionCount; + USHORT NumberOfSharedWaiters; + USHORT NumberOfExclusiveWaiters; + union __anonunion____missing_field_name_39 __annonCompField11; + KSPIN_LOCK SpinLock; +}; +enum _MM_PAGE_PRIORITY { + LowPagePriority = 0, + NormalPagePriority = 16, + HighPagePriority = 32 +}; +typedef enum _MM_PAGE_PRIORITY MM_PAGE_PRIORITY; +struct _DRIVER_OBJECT; +struct _DRIVER_OBJECT; +struct _SECURITY_SUBJECT_CONTEXT { + PACCESS_TOKEN ClientToken; + SECURITY_IMPERSONATION_LEVEL ImpersonationLevel; + PACCESS_TOKEN PrimaryToken; + PVOID ProcessAuditId; +}; +typedef struct _SECURITY_SUBJECT_CONTEXT SECURITY_SUBJECT_CONTEXT; +struct _INITIAL_PRIVILEGE_SET { + ULONG PrivilegeCount; + ULONG Control; + LUID_AND_ATTRIBUTES Privilege[3]; +}; +typedef struct _INITIAL_PRIVILEGE_SET INITIAL_PRIVILEGE_SET; +union __anonunion_Privileges_40 { + INITIAL_PRIVILEGE_SET InitialPrivilegeSet; + PRIVILEGE_SET PrivilegeSet; +}; +struct _ACCESS_STATE { + LUID OperationID; + BOOLEAN SecurityEvaluated; + BOOLEAN GenerateAudit; + BOOLEAN GenerateOnClose; + BOOLEAN PrivilegesAllocated; + ULONG Flags; + ACCESS_MASK RemainingDesiredAccess; + ACCESS_MASK PreviouslyGrantedAccess; + ACCESS_MASK OriginalDesiredAccess; + SECURITY_SUBJECT_CONTEXT SubjectSecurityContext; + PSECURITY_DESCRIPTOR SecurityDescriptor; + PVOID AuxData; + union __anonunion_Privileges_40 Privileges; + BOOLEAN AuditPrivileges; + UNICODE_STRING ObjectName; + UNICODE_STRING ObjectTypeName; +}; +typedef struct _ACCESS_STATE *PACCESS_STATE; +struct _DEVICE_OBJECT; +struct _DEVICE_OBJECT; +struct _DRIVER_OBJECT; +struct _FILE_OBJECT; +struct _FILE_OBJECT; +struct _IRP; +struct _IRP; +struct _SCSI_REQUEST_BLOCK; +struct _SCSI_REQUEST_BLOCK; +typedef NTSTATUS (*PDRIVER_DISPATCH)(struct _DEVICE_OBJECT *DeviceObject, struct _IRP *Irp); +struct _COMPRESSED_DATA_INFO; +struct _FAST_IO_DISPATCH { + ULONG SizeOfFastIoDispatch; + BOOLEAN(*FastIoCheckIfPossible) + (struct _FILE_OBJECT *FileObject, PLARGE_INTEGER FileOffset, + ULONG Length, BOOLEAN Wait, ULONG LockKey, + BOOLEAN CheckForReadOperation, PIO_STATUS_BLOCK IoStatus, + struct _DEVICE_OBJECT *DeviceObject); + BOOLEAN(*FastIoRead) + (struct _FILE_OBJECT *FileObject, PLARGE_INTEGER FileOffset, + ULONG Length, BOOLEAN Wait, ULONG LockKey, PVOID Buffer, + PIO_STATUS_BLOCK IoStatus, struct _DEVICE_OBJECT *DeviceObject); + BOOLEAN(*FastIoWrite) + (struct _FILE_OBJECT *FileObject, PLARGE_INTEGER FileOffset, + ULONG Length, BOOLEAN Wait, ULONG LockKey, PVOID Buffer, + PIO_STATUS_BLOCK IoStatus, struct _DEVICE_OBJECT *DeviceObject); + BOOLEAN(*FastIoQueryBasicInfo) + (struct _FILE_OBJECT *FileObject, BOOLEAN Wait, + PFILE_BASIC_INFORMATION Buffer, PIO_STATUS_BLOCK IoStatus, + struct _DEVICE_OBJECT *DeviceObject); + BOOLEAN(*FastIoQueryStandardInfo) + (struct _FILE_OBJECT *FileObject, BOOLEAN Wait, + PFILE_STANDARD_INFORMATION Buffer, PIO_STATUS_BLOCK IoStatus, + struct _DEVICE_OBJECT *DeviceObject); + BOOLEAN(*FastIoLock) + (struct _FILE_OBJECT *FileObject, PLARGE_INTEGER FileOffset, + PLARGE_INTEGER Length, PEPROCESS ProcessId, ULONG Key, + BOOLEAN FailImmediately, BOOLEAN ExclusiveLock, PIO_STATUS_BLOCK IoStatus, + struct _DEVICE_OBJECT *DeviceObject); + BOOLEAN(*FastIoUnlockSingle) + (struct _FILE_OBJECT *FileObject, PLARGE_INTEGER FileOffset, + PLARGE_INTEGER Length, PEPROCESS ProcessId, ULONG Key, + PIO_STATUS_BLOCK IoStatus, struct _DEVICE_OBJECT *DeviceObject); + BOOLEAN(*FastIoUnlockAll) + (struct _FILE_OBJECT *FileObject, PEPROCESS ProcessId, + PIO_STATUS_BLOCK IoStatus, struct _DEVICE_OBJECT *DeviceObject); + BOOLEAN(*FastIoUnlockAllByKey) + (struct _FILE_OBJECT *FileObject, PVOID ProcessId, + ULONG Key, PIO_STATUS_BLOCK IoStatus, struct _DEVICE_OBJECT *DeviceObject); + BOOLEAN(*FastIoDeviceControl) + (struct _FILE_OBJECT *FileObject, BOOLEAN Wait, + PVOID InputBuffer, ULONG InputBufferLength, PVOID OutputBuffer, + ULONG OutputBufferLength, ULONG IoControlCode, + PIO_STATUS_BLOCK IoStatus, struct _DEVICE_OBJECT *DeviceObject); + void (*AcquireFileForNtCreateSection)(struct _FILE_OBJECT *FileObject); + void (*ReleaseFileForNtCreateSection)(struct _FILE_OBJECT *FileObject); + void (*FastIoDetachDevice)(struct _DEVICE_OBJECT *SourceDevice, struct _DEVICE_OBJECT *TargetDevice); + BOOLEAN(*FastIoQueryNetworkOpenInfo) + (struct _FILE_OBJECT *FileObject, BOOLEAN Wait, + struct _FILE_NETWORK_OPEN_INFORMATION *Buffer, + struct _IO_STATUS_BLOCK *IoStatus, struct _DEVICE_OBJECT *DeviceObject); + NTSTATUS(*AcquireForModWrite) + (struct _FILE_OBJECT *FileObject, PLARGE_INTEGER EndingOffset, + struct _ERESOURCE **ResourceToRelease, struct _DEVICE_OBJECT *DeviceObject); + BOOLEAN(*MdlRead) + (struct _FILE_OBJECT *FileObject, PLARGE_INTEGER FileOffset, + ULONG Length, ULONG LockKey, PMDL *MdlChain, PIO_STATUS_BLOCK IoStatus, + struct _DEVICE_OBJECT *DeviceObject); + BOOLEAN(*MdlReadComplete) + (struct _FILE_OBJECT *FileObject, PMDL MdlChain, struct _DEVICE_OBJECT *DeviceObject); + BOOLEAN(*PrepareMdlWrite) + (struct _FILE_OBJECT *FileObject, PLARGE_INTEGER FileOffset, + ULONG Length, ULONG LockKey, PMDL *MdlChain, PIO_STATUS_BLOCK IoStatus, + struct _DEVICE_OBJECT *DeviceObject); + BOOLEAN(*MdlWriteComplete) + (struct _FILE_OBJECT *FileObject, PLARGE_INTEGER FileOffset, + PMDL MdlChain, struct _DEVICE_OBJECT *DeviceObject); + BOOLEAN(*FastIoReadCompressed) + (struct _FILE_OBJECT *FileObject, PLARGE_INTEGER FileOffset, + ULONG Length, ULONG LockKey, PVOID Buffer, PMDL *MdlChain, + PIO_STATUS_BLOCK IoStatus, struct _COMPRESSED_DATA_INFO *CompressedDataInfo, + ULONG CompressedDataInfoLength, struct _DEVICE_OBJECT *DeviceObject); + BOOLEAN(*FastIoWriteCompressed) + (struct _FILE_OBJECT *FileObject, PLARGE_INTEGER FileOffset, + ULONG Length, ULONG LockKey, PVOID Buffer, + PMDL *MdlChain, PIO_STATUS_BLOCK IoStatus, struct _COMPRESSED_DATA_INFO *CompressedDataInfo, + ULONG CompressedDataInfoLength, struct _DEVICE_OBJECT *DeviceObject); + BOOLEAN(*MdlReadCompleteCompressed) + (struct _FILE_OBJECT *FileObject, PMDL MdlChain, + struct _DEVICE_OBJECT *DeviceObject); + BOOLEAN(*MdlWriteCompleteCompressed) + (struct _FILE_OBJECT *FileObject, PLARGE_INTEGER FileOffset, + PMDL MdlChain, struct _DEVICE_OBJECT *DeviceObject); + BOOLEAN(*FastIoQueryOpen) + (struct _IRP *Irp, PFILE_NETWORK_OPEN_INFORMATION NetworkInformation, + struct _DEVICE_OBJECT *DeviceObject); + NTSTATUS(*ReleaseForModWrite) + (struct _FILE_OBJECT *FileObject, struct _ERESOURCE *ResourceToRelease, + struct _DEVICE_OBJECT *DeviceObject); + NTSTATUS(*AcquireForCcFlush) + (struct _FILE_OBJECT *FileObject, struct _DEVICE_OBJECT *DeviceObject); + NTSTATUS(*ReleaseForCcFlush) + (struct _FILE_OBJECT *FileObject, struct _DEVICE_OBJECT *DeviceObject); +}; +typedef struct _FAST_IO_DISPATCH *PFAST_IO_DISPATCH; +enum _IO_ALLOCATION_ACTION { + KeepObject = 1, + DeallocateObject = 2, + DeallocateObjectKeepRegisters = 3 +}; +typedef enum _IO_ALLOCATION_ACTION IO_ALLOCATION_ACTION; +struct _IO_SECURITY_CONTEXT { + PSECURITY_QUALITY_OF_SERVICE SecurityQos; + PACCESS_STATE AccessState; + ACCESS_MASK DesiredAccess; + ULONG FullCreateOptions; +}; +typedef struct _IO_SECURITY_CONTEXT *PIO_SECURITY_CONTEXT; +struct _VPB { + CSHORT Type; + CSHORT Size; + USHORT Flags; + USHORT VolumeLabelLength; + struct _DEVICE_OBJECT *DeviceObject; + struct _DEVICE_OBJECT *RealDevice; + ULONG SerialNumber; + ULONG ReferenceCount; + WCHAR VolumeLabel[(32U * sizeof(WCHAR)) / sizeof(WCHAR)]; +}; +typedef struct _VPB *PVPB; +struct _WAIT_CONTEXT_BLOCK { + KDEVICE_QUEUE_ENTRY WaitQueueEntry; + IO_ALLOCATION_ACTION(*DeviceRoutine) + (struct _DEVICE_OBJECT *DeviceObject, struct _IRP *Irp, + PVOID MapRegisterBase, PVOID Context); + PVOID DeviceContext; + ULONG NumberOfMapRegisters; + PVOID DeviceObject; + PVOID CurrentIrp; + PKDPC BufferChainingDpc; +}; +typedef struct _WAIT_CONTEXT_BLOCK WAIT_CONTEXT_BLOCK; +union __anonunion_Queue_43 { + LIST_ENTRY ListEntry; + WAIT_CONTEXT_BLOCK Wcb; +}; +struct _DEVOBJ_EXTENSION; +struct _DEVICE_OBJECT { + CSHORT Type; + USHORT Size; + LONG ReferenceCount; + struct _DRIVER_OBJECT *DriverObject; + struct _DEVICE_OBJECT *NextDevice; + struct _DEVICE_OBJECT *AttachedDevice; + struct _IRP *CurrentIrp; + PIO_TIMER Timer; + ULONG Flags; + ULONG Characteristics; + PVPB Vpb; + PVOID DeviceExtension; + ULONG DeviceType; + CCHAR StackSize; + union __anonunion_Queue_43 Queue; + ULONG AlignmentRequirement; + KDEVICE_QUEUE DeviceQueue; + KDPC Dpc; + ULONG ActiveThreadCount; + PSECURITY_DESCRIPTOR SecurityDescriptor; + KEVENT DeviceLock; + USHORT SectorSize; + USHORT Spare1; + struct _DEVOBJ_EXTENSION *DeviceObjectExtension; + PVOID Reserved; +}; +typedef struct _DEVICE_OBJECT DEVICE_OBJECT; +typedef struct _DEVICE_OBJECT *PDEVICE_OBJECT; +struct _DEVOBJ_EXTENSION { + CSHORT Type; + USHORT Size; + PDEVICE_OBJECT DeviceObject; +}; +struct _DRIVER_EXTENSION { + struct _DRIVER_OBJECT *DriverObject; + NTSTATUS(*AddDevice) + (struct _DRIVER_OBJECT *DriverObject, struct _DEVICE_OBJECT *PhysicalDeviceObject); + ULONG Count; + UNICODE_STRING ServiceKeyName; +}; +typedef struct _DRIVER_EXTENSION *PDRIVER_EXTENSION; +struct _DRIVER_OBJECT { + CSHORT Type; + CSHORT Size; + PDEVICE_OBJECT DeviceObject; + ULONG Flags; + PVOID DriverStart; + ULONG DriverSize; + PVOID DriverSection; + PDRIVER_EXTENSION DriverExtension; + UNICODE_STRING DriverName; + PUNICODE_STRING HardwareDatabase; + PFAST_IO_DISPATCH FastIoDispatch; + NTSTATUS(*DriverInit) + (struct _DRIVER_OBJECT *DriverObject, PUNICODE_STRING RegistryPath); + void (*DriverStartIo)(struct _DEVICE_OBJECT *DeviceObject, struct _IRP *Irp); + void (*DriverUnload)(struct _DRIVER_OBJECT *DriverObject); + PDRIVER_DISPATCH MajorFunction[28]; +}; +typedef struct _DRIVER_OBJECT DRIVER_OBJECT; +typedef struct _DRIVER_OBJECT *PDRIVER_OBJECT; +struct _SECTION_OBJECT_POINTERS { + PVOID DataSectionObject; + PVOID SharedCacheMap; + PVOID ImageSectionObject; +}; +typedef struct _SECTION_OBJECT_POINTERS SECTION_OBJECT_POINTERS; +typedef SECTION_OBJECT_POINTERS *PSECTION_OBJECT_POINTERS; +struct _IO_COMPLETION_CONTEXT { + PVOID Port; + PVOID Key; +}; +typedef struct _IO_COMPLETION_CONTEXT *PIO_COMPLETION_CONTEXT; +struct _FILE_OBJECT { + CSHORT Type; + CSHORT Size; + PDEVICE_OBJECT DeviceObject; + PVPB Vpb; + PVOID FsContext; + PVOID FsContext2; + PSECTION_OBJECT_POINTERS SectionObjectPointer; + PVOID PrivateCacheMap; + NTSTATUS FinalStatus; + struct _FILE_OBJECT *RelatedFileObject; + BOOLEAN LockOperation; + BOOLEAN DeletePending; + BOOLEAN ReadAccess; + BOOLEAN WriteAccess; + BOOLEAN DeleteAccess; + BOOLEAN SharedRead; + BOOLEAN SharedWrite; + BOOLEAN SharedDelete; + ULONG Flags; + UNICODE_STRING FileName; + LARGE_INTEGER CurrentByteOffset; + ULONG Waiters; + ULONG Busy; + PVOID LastLock; + KEVENT Lock; + KEVENT Event; + PIO_COMPLETION_CONTEXT CompletionContext; +}; +typedef struct _FILE_OBJECT *PFILE_OBJECT; +union __anonunion_AssociatedIrp_44 { + struct _IRP *MasterIrp; + LONG IrpCount; + PVOID SystemBuffer; +}; +struct __anonstruct_AsynchronousParameters_46 { + void (*UserApcRoutine)(PVOID ApcContext, PIO_STATUS_BLOCK IoStatusBlock, + ULONG Reserved); + PVOID UserApcContext; +}; +union __anonunion_Overlay_45 { + struct __anonstruct_AsynchronousParameters_46 AsynchronousParameters; + LARGE_INTEGER AllocationSize; +}; +struct __anonstruct____missing_field_name_50 { + PVOID DriverContext[4]; +}; +union __anonunion____missing_field_name_49 { + KDEVICE_QUEUE_ENTRY DeviceQueueEntry; + struct __anonstruct____missing_field_name_50 __annonCompField14; +}; +struct _IO_STACK_LOCATION; +union __anonunion____missing_field_name_52 { + struct _IO_STACK_LOCATION *CurrentStackLocation; + ULONG PacketType; +}; +struct __anonstruct____missing_field_name_51 { + LIST_ENTRY ListEntry; + union __anonunion____missing_field_name_52 __annonCompField16; +}; +struct __anonstruct_Overlay_48 { + union __anonunion____missing_field_name_49 __annonCompField15; + PETHREAD Thread; + PCHAR AuxiliaryBuffer; + struct __anonstruct____missing_field_name_51 __annonCompField17; + PFILE_OBJECT OriginalFileObject; +}; +union __anonunion_Tail_47 { + struct __anonstruct_Overlay_48 Overlay; + KAPC Apc; + PVOID CompletionKey; +}; +struct _IRP { + CSHORT Type; + USHORT Size; + PMDL MdlAddress; + ULONG Flags; + union __anonunion_AssociatedIrp_44 AssociatedIrp; + LIST_ENTRY ThreadListEntry; + IO_STATUS_BLOCK IoStatus; + KPROCESSOR_MODE RequestorMode; + BOOLEAN PendingReturned; + CHAR StackCount; + CHAR CurrentLocation; + BOOLEAN Cancel; + KIRQL CancelIrql; + CCHAR ApcEnvironment; + UCHAR AllocationFlags; + PIO_STATUS_BLOCK UserIosb; + PKEVENT UserEvent; + union __anonunion_Overlay_45 Overlay; + void (*CancelRoutine)(struct _DEVICE_OBJECT *DeviceObject, struct _IRP *Irp); + PVOID UserBuffer; + union __anonunion_Tail_47 Tail; +}; +typedef struct _IRP IRP; +typedef struct _IRP *PIRP; +enum _DEVICE_RELATION_TYPE { + BusRelations = 0, + EjectionRelations = 1, + PowerRelations = 2, + RemovalRelations = 3, + TargetDeviceRelation = 4 +}; +typedef enum _DEVICE_RELATION_TYPE DEVICE_RELATION_TYPE; +enum _DEVICE_USAGE_NOTIFICATION_TYPE { + DeviceUsageTypeUndefined = 0, + DeviceUsageTypePaging = 1, + DeviceUsageTypeHibernation = 2, + DeviceUsageTypeDumpFile = 3 +}; +typedef enum _DEVICE_USAGE_NOTIFICATION_TYPE DEVICE_USAGE_NOTIFICATION_TYPE; +struct _INTERFACE { + USHORT Size; + USHORT Version; + PVOID Context; + void (*InterfaceReference)(PVOID Context); + void (*InterfaceDereference)(PVOID Context); +}; +typedef struct _INTERFACE *PINTERFACE; +struct _DEVICE_CAPABILITIES { + USHORT Size; + USHORT Version; + ULONG DeviceD1 : 1; + ULONG DeviceD2 : 1; + ULONG LockSupported : 1; + ULONG EjectSupported : 1; + ULONG Removable : 1; + ULONG DockDevice : 1; + ULONG UniqueID : 1; + ULONG SilentInstall : 1; + ULONG RawDeviceOK : 1; + ULONG SurpriseRemovalOK : 1; + ULONG WakeFromD0 : 1; + ULONG WakeFromD1 : 1; + ULONG WakeFromD2 : 1; + ULONG WakeFromD3 : 1; + ULONG HardwareDisabled : 1; + ULONG NonDynamic : 1; + ULONG WarmEjectSupported : 1; + ULONG Reserved : 15; + ULONG Address; + ULONG UINumber; + DEVICE_POWER_STATE DeviceState[7]; + SYSTEM_POWER_STATE SystemWake; + DEVICE_POWER_STATE DeviceWake; + ULONG D1Latency; + ULONG D2Latency; + ULONG D3Latency; +}; +typedef struct _DEVICE_CAPABILITIES *PDEVICE_CAPABILITIES; +struct _POWER_SEQUENCE { + ULONG SequenceD1; + ULONG SequenceD2; + ULONG SequenceD3; +}; +typedef struct _POWER_SEQUENCE *PPOWER_SEQUENCE; +enum __anonenum_BUS_QUERY_ID_TYPE_53 { + BusQueryDeviceID = 0, + BusQueryHardwareIDs = 1, + BusQueryCompatibleIDs = 2, + BusQueryInstanceID = 3, + BusQueryDeviceSerialNumber = 4 +}; +typedef enum __anonenum_BUS_QUERY_ID_TYPE_53 BUS_QUERY_ID_TYPE; +enum __anonenum_DEVICE_TEXT_TYPE_54 { + DeviceTextDescription = 0, + DeviceTextLocationInformation = 1 +}; +typedef enum __anonenum_DEVICE_TEXT_TYPE_54 DEVICE_TEXT_TYPE; +#pragma pack(push, 4) +struct __anonstruct_Create_56 { + PIO_SECURITY_CONTEXT SecurityContext; + ULONG Options; + USHORT FileAttributes; + USHORT ShareAccess; + ULONG EaLength; +}; +struct __anonstruct_Read_57 { + ULONG Length; + ULONG Key; + LARGE_INTEGER ByteOffset; +}; +struct __anonstruct_Write_58 { + ULONG Length; + ULONG Key; + LARGE_INTEGER ByteOffset; +}; +struct __anonstruct_QueryFile_59 { + ULONG Length; + FILE_INFORMATION_CLASS FileInformationClass; +}; +struct __anonstruct____missing_field_name_62 { + BOOLEAN ReplaceIfExists; + BOOLEAN AdvanceOnly; +}; +union __anonunion____missing_field_name_61 { + struct __anonstruct____missing_field_name_62 __annonCompField18; + ULONG ClusterCount; + HANDLE DeleteHandle; +}; +struct __anonstruct_SetFile_60 { + ULONG Length; + FILE_INFORMATION_CLASS FileInformationClass; + PFILE_OBJECT FileObject; + union __anonunion____missing_field_name_61 __annonCompField19; +}; +struct __anonstruct_QueryVolume_63 { + ULONG Length; + FS_INFORMATION_CLASS FsInformationClass; +}; +struct __anonstruct_DeviceIoControl_64 { + ULONG OutputBufferLength; + ULONG InputBufferLength; + ULONG IoControlCode; + PVOID Type3InputBuffer; +}; +struct __anonstruct_QuerySecurity_65 { + SECURITY_INFORMATION SecurityInformation; + ULONG Length; +}; +struct __anonstruct_SetSecurity_66 { + SECURITY_INFORMATION SecurityInformation; + PSECURITY_DESCRIPTOR SecurityDescriptor; +}; +struct __anonstruct_MountVolume_67 { + PVPB Vpb; + PDEVICE_OBJECT DeviceObject; +}; +struct __anonstruct_VerifyVolume_68 { + PVPB Vpb; + PDEVICE_OBJECT DeviceObject; +}; +struct __anonstruct_Scsi_69 { + struct _SCSI_REQUEST_BLOCK *Srb; +}; +struct __anonstruct_QueryDeviceRelations_70 { + DEVICE_RELATION_TYPE Type; +}; +struct __anonstruct_QueryInterface_71 { + GUID const *InterfaceType; + USHORT Size; + USHORT Version; + PINTERFACE Interface; + PVOID InterfaceSpecificData; +}; +struct __anonstruct_DeviceCapabilities_72 { + PDEVICE_CAPABILITIES Capabilities; +}; +struct __anonstruct_FilterResourceRequirements_73 { + PIO_RESOURCE_REQUIREMENTS_LIST IoResourceRequirementList; +}; +struct __anonstruct_ReadWriteConfig_74 { + ULONG WhichSpace; + PVOID Buffer; + ULONG Offset; + ULONG Length; +}; +struct __anonstruct_SetLock_75 { + BOOLEAN Lock; +}; +struct __anonstruct_QueryId_76 { + BUS_QUERY_ID_TYPE IdType; +}; +struct __anonstruct_QueryDeviceText_77 { + DEVICE_TEXT_TYPE DeviceTextType; + LCID LocaleId; +}; +struct __anonstruct_UsageNotification_78 { + BOOLEAN InPath; + BOOLEAN Reserved[3]; + DEVICE_USAGE_NOTIFICATION_TYPE Type; +}; +struct __anonstruct_WaitWake_79 { + SYSTEM_POWER_STATE PowerState; +}; +struct __anonstruct_PowerSequence_80 { + PPOWER_SEQUENCE PowerSequence; +}; +struct __anonstruct_Power_81 { + ULONG SystemContext; + POWER_STATE_TYPE Type; + POWER_STATE State; + POWER_ACTION ShutdownType; +}; +struct __anonstruct_StartDevice_82 { + PCM_RESOURCE_LIST AllocatedResources; + PCM_RESOURCE_LIST AllocatedResourcesTranslated; +}; +struct __anonstruct_WMI_83 { + ULONG_PTR ProviderId; + PVOID DataPath; + ULONG BufferSize; + PVOID Buffer; +}; +struct __anonstruct_Others_84 { + PVOID Argument1; + PVOID Argument2; + PVOID Argument3; + PVOID Argument4; +}; +union __anonunion_Parameters_55 { + struct __anonstruct_Create_56 Create; + struct __anonstruct_Read_57 Read; + struct __anonstruct_Write_58 Write; + struct __anonstruct_QueryFile_59 QueryFile; + struct __anonstruct_SetFile_60 SetFile; + struct __anonstruct_QueryVolume_63 QueryVolume; + struct __anonstruct_DeviceIoControl_64 DeviceIoControl; + struct __anonstruct_QuerySecurity_65 QuerySecurity; + struct __anonstruct_SetSecurity_66 SetSecurity; + struct __anonstruct_MountVolume_67 MountVolume; + struct __anonstruct_VerifyVolume_68 VerifyVolume; + struct __anonstruct_Scsi_69 Scsi; + struct __anonstruct_QueryDeviceRelations_70 QueryDeviceRelations; + struct __anonstruct_QueryInterface_71 QueryInterface; + struct __anonstruct_DeviceCapabilities_72 DeviceCapabilities; + struct __anonstruct_FilterResourceRequirements_73 FilterResourceRequirements; + struct __anonstruct_ReadWriteConfig_74 ReadWriteConfig; + struct __anonstruct_SetLock_75 SetLock; + struct __anonstruct_QueryId_76 QueryId; + struct __anonstruct_QueryDeviceText_77 QueryDeviceText; + struct __anonstruct_UsageNotification_78 UsageNotification; + struct __anonstruct_WaitWake_79 WaitWake; + struct __anonstruct_PowerSequence_80 PowerSequence; + struct __anonstruct_Power_81 Power; + struct __anonstruct_StartDevice_82 StartDevice; + struct __anonstruct_WMI_83 WMI; + struct __anonstruct_Others_84 Others; +}; +struct _IO_STACK_LOCATION { + UCHAR MajorFunction; + UCHAR MinorFunction; + UCHAR Flags; + UCHAR Control; + union __anonunion_Parameters_55 Parameters; + PDEVICE_OBJECT DeviceObject; + PFILE_OBJECT FileObject; + NTSTATUS(*CompletionRoutine) + (PDEVICE_OBJECT DeviceObject, PIRP Irp, PVOID Context); + PVOID Context; +}; +typedef struct _IO_STACK_LOCATION IO_STACK_LOCATION; +typedef struct _IO_STACK_LOCATION *PIO_STACK_LOCATION; +#pragma pack(pop) +struct _CONFIGURATION_INFORMATION { + ULONG DiskCount; + ULONG FloppyCount; + ULONG CdRomCount; + ULONG TapeCount; + ULONG ScsiPortCount; + ULONG SerialCount; + ULONG ParallelCount; + BOOLEAN AtDiskPrimaryAddressClaimed; + BOOLEAN AtDiskSecondaryAddressClaimed; + ULONG Version; + ULONG MediumChangerCount; +}; +typedef struct _CONFIGURATION_INFORMATION CONFIGURATION_INFORMATION; +typedef struct _CONFIGURATION_INFORMATION *PCONFIGURATION_INFORMATION; +struct _OBJECT_HANDLE_INFORMATION { + ULONG HandleAttributes; + ACCESS_MASK GrantedAccess; +}; +typedef struct _OBJECT_HANDLE_INFORMATION *POBJECT_HANDLE_INFORMATION; +struct _KEYBOARD_INPUT_DATA { + USHORT UnitId; + USHORT MakeCode; + USHORT Flags; + USHORT Reserved; + ULONG ExtraInformation; +}; +typedef struct _KEYBOARD_INPUT_DATA *PKEYBOARD_INPUT_DATA; +struct _CONNECT_DATA { + PDEVICE_OBJECT ClassDeviceObject; + PVOID ClassService; +}; +typedef struct _CONNECT_DATA CONNECT_DATA; +typedef struct _CONNECT_DATA *PCONNECT_DATA; +enum _TRANSMIT_STATE { + Idle = 0, + SendingBytes = 1 +}; +typedef enum _TRANSMIT_STATE TRANSMIT_STATE; +struct _OUTPUT_PACKET { + PUCHAR Bytes; + ULONG CurrentByte; + ULONG ByteCount; + TRANSMIT_STATE State; +}; +typedef struct _OUTPUT_PACKET *POUTPUT_PACKET; +enum _KEYBOARD_SCAN_STATE { + Normal = 0, + GotE0 = 1, + GotE1 = 2 +}; +typedef enum _KEYBOARD_SCAN_STATE *PKEYBOARD_SCAN_STATE; +struct _INTERNAL_I8042_HOOK_KEYBOARD { + PVOID Context; + NTSTATUS(*InitializationRoutine) + (PVOID InitializationContext, PVOID SynchFuncContext, + NTSTATUS (*ReadPort)(PVOID Context, PUCHAR Value, + BOOLEAN WaitForACK), + NTSTATUS (*WritePort)(PVOID Context, + UCHAR Value, + BOOLEAN WaitForACK), + PBOOLEAN TurnTranslationOn); + BOOLEAN(*IsrRoutine) + (PVOID IsrContext, PKEYBOARD_INPUT_DATA CurrentInput, POUTPUT_PACKET CurrentOutput, + UCHAR StatusByte, PUCHAR Byte, PBOOLEAN ContinueProcessing, + PKEYBOARD_SCAN_STATE ScanState); + void (*IsrWritePort)(PVOID Context, UCHAR Value); + void (*QueueKeyboardPacket)(PVOID Context); + PVOID CallContext; +}; +typedef struct _INTERNAL_I8042_HOOK_KEYBOARD INTERNAL_I8042_HOOK_KEYBOARD; +typedef struct _INTERNAL_I8042_HOOK_KEYBOARD *PINTERNAL_I8042_HOOK_KEYBOARD; +struct _DEVICE_EXTENSION { + PDEVICE_OBJECT Self; + PDEVICE_OBJECT PDO; + PDEVICE_OBJECT TopOfStack; + LONG EnableCount; + CONNECT_DATA UpperConnectData; + PVOID UpperContext; + NTSTATUS(*UpperInitializationRoutine) + (PVOID InitializationContext, PVOID SynchFuncContext, + NTSTATUS (*ReadPort)(PVOID Context, PUCHAR Value, + BOOLEAN WaitForACK), + NTSTATUS (*WritePort)(PVOID Context, UCHAR Value, + BOOLEAN WaitForACK), + PBOOLEAN TurnTranslationOn); + BOOLEAN(*UpperIsrHook) + (PVOID IsrContext, PKEYBOARD_INPUT_DATA CurrentInput, + POUTPUT_PACKET CurrentOutput, UCHAR StatusByte, PUCHAR Byte, + PBOOLEAN ContinueProcessing, PKEYBOARD_SCAN_STATE ScanState); + void (*IsrWritePort)(PVOID Context, UCHAR Value); + void (*QueueKeyboardPacket)(PVOID Context); + PVOID CallContext; + DEVICE_POWER_STATE DeviceState; + BOOLEAN Started; + BOOLEAN SurpriseRemoved; + BOOLEAN Removed; +}; +typedef struct _DEVICE_EXTENSION DEVICE_EXTENSION; +typedef struct _DEVICE_EXTENSION *PDEVICE_EXTENSION; +#pragma pack(push, 8) +#pragma pack(pop) +struct _KAPC; +struct _KDPC; +#pragma pack(push, 4) +#pragma pack(pop) +#pragma pack(push, 4) +#pragma pack(pop) +#pragma pack(push, 1) +#pragma pack(pop) +struct _DRIVER_OBJECT; +struct _DEVICE_OBJECT; +struct _DRIVER_OBJECT; +struct _FILE_OBJECT; +struct _IRP; +struct _SCSI_REQUEST_BLOCK; +#pragma pack(push, 4) +#pragma pack(pop) +#pragma warning(push) +#pragma warning(disable : 4035) +#pragma warning(pop) +extern void *memcpy(void *, void const *, size_t); +extern void *memmove(void *, void const *, size_t); +extern void *memset(void *, int, size_t); +#pragma warning(disable : 4103) +#pragma warning(disable : 4103) +NTSTATUS RtlQueryRegistryValues(ULONG RelativeTo, + PCWSTR Path, + PRTL_QUERY_REGISTRY_TABLE QueryTable, + PVOID Context, + PVOID Environment); +NTSTATUS RtlDeleteRegistryValue(ULONG RelativeTo, + PCWSTR Path, + PCWSTR ValueName); +void RtlInitString(PSTRING DestinationString, + PCSZ SourceString); +void RtlInitUnicodeString(PUNICODE_STRING DestinationString, + PCWSTR SourceString); +NTSTATUS RtlAnsiStringToUnicodeString(PUNICODE_STRING DestinationString, + PANSI_STRING SourceString, + BOOLEAN AllocateDestinationString); +void RtlCopyUnicodeString(PUNICODE_STRING DestinationString, + PUNICODE_STRING SourceString); +void RtlFreeUnicodeString(PUNICODE_STRING UnicodeString); +SIZE_T RtlCompareMemory(void const *Source1, + void const *Source2, + SIZE_T Length); +#pragma warning(push) +#pragma warning(disable : 4035) +#pragma warning(pop) +LONG InterlockedIncrement(PLONG Addend) { + return ++(*Addend); +} +LONG InterlockedDecrement(PLONG Addend) { + return --(*Addend); +} +#pragma warning(disable : 4035) +#pragma warning(push) +#pragma warning(disable : 4164) +#pragma function(_enable) +#pragma function(_disable) +#pragma warning(pop) +#pragma warning(disable : 4103) +#pragma warning(disable : 4103) +#pragma warning(disable : 4103) +#pragma warning(disable : 4103) +void KeInitializeEvent(PRKEVENT Event, EVENT_TYPE Type, + BOOLEAN State); +LONG KeSetEvent(PRKEVENT Event, KPRIORITY Increment, + BOOLEAN Wait); +void KeInitializeSemaphore(PRKSEMAPHORE Semaphore, + LONG Count, LONG Limit); +LONG KeReleaseSemaphore(PRKSEMAPHORE Semaphore, KPRIORITY Increment, + LONG Adjustment, BOOLEAN Wait); +NTSTATUS KeDelayExecutionThread(KPROCESSOR_MODE WaitMode, + BOOLEAN Alertable, + PLARGE_INTEGER Interval); +NTSTATUS KeWaitForSingleObject(PVOID Object, KWAIT_REASON WaitReason, + KPROCESSOR_MODE WaitMode, + BOOLEAN Alertable, + PLARGE_INTEGER Timeout); +void KeInitializeSpinLock(PKSPIN_LOCK SpinLock); +void KfReleaseSpinLock(PKSPIN_LOCK SpinLock, + KIRQL NewIrql); +PVOID ExAllocatePoolWithTag(POOL_TYPE PoolType, + SIZE_T NumberOfBytes, + ULONG Tag); +void ExFreePool(PVOID P); +void ExAcquireFastMutex(PFAST_MUTEX FastMutex); +void ExReleaseFastMutex(PFAST_MUTEX FastMutex); +PLIST_ENTRY ExfInterlockedInsertHeadList(PLIST_ENTRY ListHead, + PLIST_ENTRY ListEntry, + PKSPIN_LOCK Lock); +PLIST_ENTRY ExfInterlockedInsertTailList(PLIST_ENTRY ListHead, + PLIST_ENTRY ListEntry, + PKSPIN_LOCK Lock); +PLIST_ENTRY ExfInterlockedRemoveHeadList(PLIST_ENTRY ListHead, + PKSPIN_LOCK Lock); +void MmUnlockPages(PMDL MemoryDescriptorList); +PVOID MmMapLockedPagesSpecifyCache(PMDL MemoryDescriptorList, + KPROCESSOR_MODE AccessMode, + MEMORY_CACHING_TYPE CacheType, + PVOID BaseAddress, + ULONG BugCheckOnFailure, + MM_PAGE_PRIORITY Priority); +PVOID MmAllocateContiguousMemory(SIZE_T NumberOfBytes, + PHYSICAL_ADDRESS HighestAcceptableAddress); +void MmFreeContiguousMemory(PVOID BaseAddress); +void MmResetDriverPaging(PVOID AddressWithinSection); +PVOID MmPageEntireDriver(PVOID AddressWithinSection); +NTSTATUS PsCreateSystemThread(PHANDLE ThreadHandle, + ULONG DesiredAccess, + POBJECT_ATTRIBUTES ObjectAttributes, + HANDLE ProcessHandle, + PCLIENT_ID ClientId, + void (*StartRoutine)(PVOID StartContext), + PVOID StartContext); +NTSTATUS PsTerminateSystemThread(NTSTATUS ExitStatus); +#pragma warning(disable : 4103) +#pragma warning(disable : 4103) +PMDL IoAllocateMdl(PVOID VirtualAddress, ULONG Length, + BOOLEAN SecondaryBuffer, BOOLEAN ChargeQuota, + PIRP Irp); +PDEVICE_OBJECT IoAttachDeviceToDeviceStack(PDEVICE_OBJECT SourceDevice, + PDEVICE_OBJECT TargetDevice); +PIRP IoBuildAsynchronousFsdRequest(ULONG MajorFunction, + PDEVICE_OBJECT DeviceObject, + PVOID Buffer, + ULONG Length, + PLARGE_INTEGER StartingOffset, + PIO_STATUS_BLOCK IoStatusBlock); +PIRP IoBuildDeviceIoControlRequest(ULONG IoControlCode, + PDEVICE_OBJECT DeviceObject, + PVOID InputBuffer, + ULONG InputBufferLength, + PVOID OutputBuffer, + ULONG OutputBufferLength, + BOOLEAN InternalDeviceIoControl, + PKEVENT Event, + PIO_STATUS_BLOCK IoStatusBlock); +NTSTATUS IofCallDriver(PDEVICE_OBJECT DeviceObject, + PIRP Irp); +void IofCompleteRequest(PIRP Irp, + CCHAR PriorityBoost); +NTSTATUS IoCreateDevice(PDRIVER_OBJECT DriverObject, + ULONG DeviceExtensionSize, + PUNICODE_STRING DeviceName, + ULONG DeviceType, ULONG DeviceCharacteristics, + BOOLEAN Exclusive, PDEVICE_OBJECT *DeviceObject); +NTSTATUS IoCreateSymbolicLink(PUNICODE_STRING SymbolicLinkName, + PUNICODE_STRING DeviceName); +void IoDeleteDevice(PDEVICE_OBJECT DeviceObject); +NTSTATUS IoDeleteSymbolicLink(PUNICODE_STRING SymbolicLinkName); +void IoDetachDevice(PDEVICE_OBJECT TargetDevice); +void IoFreeIrp(PIRP Irp); +void IoFreeMdl(PMDL Mdl); +PCONFIGURATION_INFORMATION IoGetConfigurationInformation(void); +NTSTATUS IoQueryDeviceDescription(PINTERFACE_TYPE BusType, + PULONG BusNumber, + PCONFIGURATION_TYPE ControllerType, + PULONG ControllerNumber, + PCONFIGURATION_TYPE PeripheralType, + PULONG PeripheralNumber, + NTSTATUS (*CalloutRoutine)(PVOID Context, + PUNICODE_STRING PathName, + INTERFACE_TYPE BusType, + ULONG BusNumber, + PKEY_VALUE_FULL_INFORMATION *BusInformation, + CONFIGURATION_TYPE ControllerType, + ULONG ControllerNumber, + PKEY_VALUE_FULL_INFORMATION *ControllerInformation, + CONFIGURATION_TYPE PeripheralType, + ULONG PeripheralNumber, + PKEY_VALUE_FULL_INFORMATION *PeripheralInformation), + PVOID Context); +void IoReleaseCancelSpinLock(KIRQL Irql); +void IoSetHardErrorOrVerifyDevice(PIRP Irp, PDEVICE_OBJECT DeviceObject); +NTSTATUS IoRegisterDeviceInterface(PDEVICE_OBJECT PhysicalDeviceObject, + GUID const *InterfaceClassGuid, + PUNICODE_STRING ReferenceString, + PUNICODE_STRING SymbolicLinkName); +NTSTATUS IoSetDeviceInterfaceState(PUNICODE_STRING SymbolicLinkName, + BOOLEAN Enable); +#pragma warning(disable : 4200) +#pragma warning(default : 4200) +NTSTATUS PoCallDriver(PDEVICE_OBJECT DeviceObject, + PIRP Irp); +void PoStartNextPowerIrp(PIRP Irp); +NTSTATUS ObReferenceObjectByHandle(HANDLE Handle, + ACCESS_MASK DesiredAccess, + POBJECT_TYPE ObjectType, + KPROCESSOR_MODE AccessMode, + PVOID *Object, + POBJECT_HANDLE_INFORMATION HandleInformation); +void ObfDereferenceObject(PVOID Object); +NTSTATUS ZwClose(HANDLE Handle); +NTSTATUS KbFilter_AddDevice(PDRIVER_OBJECT Driver, PDEVICE_OBJECT PDO); +NTSTATUS KbFilter_CreateClose(PDEVICE_OBJECT DeviceObject, PIRP Irp); +NTSTATUS KbFilter_DispatchPassThrough(PDEVICE_OBJECT DeviceObject, PIRP Irp); +NTSTATUS KbFilter_InternIoCtl(PDEVICE_OBJECT DeviceObject, PIRP Irp); +NTSTATUS KbFilter_IoCtl(PDEVICE_OBJECT DeviceObject, PIRP Irp) { + if (__VERIFIER_nondet_int()) { + return 0L; + } else if (__VERIFIER_nondet_int()) { + return -1L; + } else { + return 259L; + } +} +NTSTATUS KbFilter_PnP(PDEVICE_OBJECT DeviceObject, PIRP Irp); +NTSTATUS KbFilter_Power(PDEVICE_OBJECT DeviceObject, PIRP Irp); +NTSTATUS KbFilter_InitializationRoutine(PDEVICE_OBJECT DeviceObject, PVOID SynchFuncContext, + NTSTATUS (*ReadPort)(PVOID Context, PUCHAR Value, + BOOLEAN WaitForACK), + NTSTATUS (*WritePort)(PVOID Context, UCHAR Value, + BOOLEAN WaitForACK), + PBOOLEAN TurnTranslationOn); +BOOLEAN KbFilter_IsrHook(PDEVICE_OBJECT DeviceObject, PKEYBOARD_INPUT_DATA CurrentInput, + POUTPUT_PACKET CurrentOutput, UCHAR StatusByte, PUCHAR DataByte, + PBOOLEAN ContinueProcessing, PKEYBOARD_SCAN_STATE ScanState); +void KbFilter_ServiceCallback(PDEVICE_OBJECT DeviceObject, PKEYBOARD_INPUT_DATA InputDataStart, + PKEYBOARD_INPUT_DATA InputDataEnd, PULONG InputDataConsumed); +void KbFilter_Unload(PDRIVER_OBJECT Driver); +NTSTATUS DriverEntry(PDRIVER_OBJECT DriverObject, PUNICODE_STRING RegistryPath); +#pragma alloc_text(INIT, DriverEntry) +#pragma alloc_text(PAGE, KbFilter_AddDevice) +#pragma alloc_text(PAGE, KbFilter_CreateClose) +#pragma alloc_text(PAGE, KbFilter_IoCtl) +#pragma alloc_text(PAGE, KbFilter_InternIoCtl) +#pragma alloc_text(PAGE, KbFilter_Unload) +#pragma alloc_text(PAGE, KbFilter_DispatchPassThrough) +#pragma alloc_text(PAGE, KbFilter_PnP) +#pragma alloc_text(PAGE, KbFilter_Power) +extern void *malloc(size_t); +void errorFn(void) { + + { + ERROR : { + reach_error(); + abort(); + } + } +} +int s; +int UNLOADED; +int NP; +int DC; +int SKIP1; +int SKIP2; +int MPR1; +int MPR3; +int IPC; +int pended; +NTSTATUS(*compFptr) +(PDEVICE_OBJECT DeviceObject, PIRP Irp, PVOID Context); +int compRegistered; +int lowerDriverReturn; +int setEventCalled; +int customIrp; +int myStatus; +void _BLAST_init(void) { + + { + UNLOADED = 0; + NP = 1; + DC = 2; + SKIP1 = 3; + SKIP2 = 4; + MPR1 = 5; + MPR3 = 6; + IPC = 7; + s = UNLOADED; + pended = 0; + compFptr = 0; + compRegistered = 0; + lowerDriverReturn = 0; + setEventCalled = 0; + customIrp = 0; + return; + } +} +NTSTATUS DriverEntry(PDRIVER_OBJECT DriverObject, PUNICODE_STRING RegistryPath) { + ULONG i = __VERIFIER_nondet_long(); + assume_abort_if_not(i < 28); + + { + DriverObject->MajorFunction[i] = &KbFilter_DispatchPassThrough; + DriverObject->MajorFunction[0] = &KbFilter_CreateClose; + DriverObject->MajorFunction[2] = &KbFilter_CreateClose; + DriverObject->MajorFunction[27] = &KbFilter_PnP; + DriverObject->MajorFunction[22] = &KbFilter_Power; + DriverObject->MajorFunction[15] = &KbFilter_InternIoCtl; + DriverObject->DriverUnload = &KbFilter_Unload; + (DriverObject->DriverExtension)->AddDevice = &KbFilter_AddDevice; + return (0L); + } +} +NTSTATUS KbFilter_AddDevice(PDRIVER_OBJECT Driver, PDEVICE_OBJECT PDO) { + PDEVICE_EXTENSION devExt; + PDEVICE_OBJECT device; + NTSTATUS status; + + { + { + status = 0L; + status = IoCreateDevice(Driver, sizeof(DEVICE_EXTENSION), (void *)0, 11, 0, 0, + &device); + } + if (!(status >= 0L)) { + return (status); + } else { + } + { + memset(device->DeviceExtension, 0, sizeof(DEVICE_EXTENSION)); + devExt = (struct _DEVICE_EXTENSION *)device->DeviceExtension; + devExt->TopOfStack = IoAttachDeviceToDeviceStack(device, PDO); + devExt->Self = device; + devExt->PDO = PDO; + devExt->DeviceState = 1; + devExt->SurpriseRemoved = 0; + devExt->Removed = 0; + devExt->Started = 0; + device->Flags |= 8196UL; + device->Flags &= 4294967167UL; + } + return (status); + } +} +NTSTATUS KbFilter_Complete(PDEVICE_OBJECT DeviceObject, PIRP Irp, PVOID Context) { + PKEVENT event; + + { + { + event = (struct _KEVENT *)Context; + KeSetEvent(event, 0, 0); + } + return (-1073741802L); + } +} +NTSTATUS KbFilter_CreateClose(PDEVICE_OBJECT DeviceObject, PIRP Irp) { + PIO_STACK_LOCATION irpStack; + NTSTATUS status; + PDEVICE_EXTENSION devExt; + LONG tmp; + LONG tmp___0; + NTSTATUS tmp___1; + + { + irpStack = Irp->Tail.Overlay.__annonCompField17.__annonCompField16.CurrentStackLocation; + devExt = (struct _DEVICE_EXTENSION *)DeviceObject->DeviceExtension; + status = Irp->IoStatus.__annonCompField4.Status; + status = myStatus; + if (irpStack->MajorFunction == 0) { + goto switch_0_0; + } else { + if (irpStack->MajorFunction == 2) { + goto switch_0_2; + } else { + if (0) { + switch_0_0: /* CIL Label */; + if ((unsigned int)((void *)0) == (unsigned int)devExt->UpperConnectData.ClassService) { + status = -1073741436L; + } else { + { + tmp = InterlockedIncrement(&devExt->EnableCount); + } + if (1L == tmp) { + + } else { + } + } + goto switch_0_break; + switch_0_2 : /* CIL Label */ + { + tmp___0 = InterlockedDecrement(&devExt->EnableCount); + } + if (0L == tmp___0) { + + } else { + } + goto switch_0_break; + } else { + switch_0_break: /* CIL Label */; + } + } + } + { + Irp->IoStatus.__annonCompField4.Status = status; + myStatus = status; + tmp___1 = KbFilter_DispatchPassThrough(DeviceObject, Irp); + } + return (tmp___1); + } +} +NTSTATUS KbFilter_DispatchPassThrough(PDEVICE_OBJECT DeviceObject, PIRP Irp) { + PIO_STACK_LOCATION irpStack; + NTSTATUS tmp; + + { + irpStack = Irp->Tail.Overlay.__annonCompField17.__annonCompField16.CurrentStackLocation; + if (s == NP) { + s = SKIP1; + } else { + { + errorFn(); + } + } + { + Irp->CurrentLocation = (CHAR)((int)Irp->CurrentLocation + 1); + Irp->Tail.Overlay.__annonCompField17.__annonCompField16.CurrentStackLocation += 1; + tmp = IofCallDriver(((struct _DEVICE_EXTENSION *)DeviceObject->DeviceExtension)->TopOfStack, + Irp); + } + return (tmp); + } +} +NTSTATUS KbFilter_InternIoCtl(PDEVICE_OBJECT DeviceObject, PIRP Irp) { + PIO_STACK_LOCATION irpStack; + PDEVICE_EXTENSION devExt; + PINTERNAL_I8042_HOOK_KEYBOARD hookKeyboard; + PCONNECT_DATA connectData; + NTSTATUS status; + NTSTATUS tmp; + + { + status = 0L; + devExt = (struct _DEVICE_EXTENSION *)DeviceObject->DeviceExtension; + Irp->IoStatus.Information = 0; + irpStack = Irp->Tail.Overlay.__annonCompField17.__annonCompField16.CurrentStackLocation; + if (irpStack->Parameters.DeviceIoControl.IoControlCode == (((11 << 16) | (128 << 2)) | 3)) { + goto switch_1_exp_0; + } else { + if (irpStack->Parameters.DeviceIoControl.IoControlCode == (((11 << 16) | (256 << 2)) | 3)) { + goto switch_1_exp_1; + } else { + if (irpStack->Parameters.DeviceIoControl.IoControlCode == (((11 << 16) | (4080 << 2)) | 3)) { + goto switch_1_exp_2; + } else { + if (irpStack->Parameters.DeviceIoControl.IoControlCode == 11 << 16) { + goto switch_1_exp_3; + } else { + if (irpStack->Parameters.DeviceIoControl.IoControlCode == ((11 << 16) | (32 << 2))) { + goto switch_1_exp_4; + } else { + if (irpStack->Parameters.DeviceIoControl.IoControlCode == ((11 << 16) | (16 << 2))) { + goto switch_1_exp_5; + } else { + if (irpStack->Parameters.DeviceIoControl.IoControlCode == ((11 << 16) | (2 << 2))) { + goto switch_1_exp_6; + } else { + if (irpStack->Parameters.DeviceIoControl.IoControlCode == ((11 << 16) | (8 << 2))) { + goto switch_1_exp_7; + } else { + if (irpStack->Parameters.DeviceIoControl.IoControlCode == ((11 << 16) | (1 << 2))) { + goto switch_1_exp_8; + } else { + if (0) { + switch_1_exp_0: /* CIL Label */; + if ((unsigned int)devExt->UpperConnectData.ClassService != (unsigned int)((void *)0)) { + status = -1073741757L; + goto switch_1_break; + } else { + if (irpStack->Parameters.DeviceIoControl.InputBufferLength < (ULONG)sizeof(CONNECT_DATA)) { + status = -1073741811L; + goto switch_1_break; + } else { + } + } + connectData = (struct _CONNECT_DATA *)irpStack->Parameters.DeviceIoControl.Type3InputBuffer; + devExt->UpperConnectData = *connectData; + connectData->ClassDeviceObject = devExt->Self; + connectData->ClassService = &KbFilter_ServiceCallback; + goto switch_1_break; + switch_1_exp_1: /* CIL Label */ + status = -1073741822L; + goto switch_1_break; + switch_1_exp_2: /* CIL Label */; + if (irpStack->Parameters.DeviceIoControl.InputBufferLength < (ULONG)sizeof(INTERNAL_I8042_HOOK_KEYBOARD)) { + status = -1073741811L; + goto switch_1_break; + } else { + } + hookKeyboard = (struct _INTERNAL_I8042_HOOK_KEYBOARD *)irpStack->Parameters.DeviceIoControl.Type3InputBuffer; + devExt->UpperContext = hookKeyboard->Context; + hookKeyboard->Context = (void *)DeviceObject; + if (hookKeyboard->InitializationRoutine) { + devExt->UpperInitializationRoutine = hookKeyboard->InitializationRoutine; + } else { + } + hookKeyboard->InitializationRoutine = (NTSTATUS(*)(PVOID InitializationContext, + PVOID SynchFuncContext, + NTSTATUS(*ReadPort)(PVOID Context, + PUCHAR Value, + BOOLEAN WaitForACK), + NTSTATUS(*WritePort)(PVOID Context, + UCHAR Value, + BOOLEAN WaitForACK), + PBOOLEAN TurnTranslationOn))(&KbFilter_InitializationRoutine); + if (hookKeyboard->IsrRoutine) { + devExt->UpperIsrHook = hookKeyboard->IsrRoutine; + } else { + } + hookKeyboard->IsrRoutine = (BOOLEAN(*)(PVOID IsrContext, PKEYBOARD_INPUT_DATA CurrentInput, + POUTPUT_PACKET CurrentOutput, + UCHAR StatusByte, PUCHAR Byte, + PBOOLEAN ContinueProcessing, + PKEYBOARD_SCAN_STATE ScanState))(&KbFilter_IsrHook); + devExt->IsrWritePort = hookKeyboard->IsrWritePort; + devExt->QueueKeyboardPacket = hookKeyboard->QueueKeyboardPacket; + devExt->CallContext = hookKeyboard->CallContext; + status = 0L; + goto switch_1_break; + switch_1_exp_3: /* CIL Label */; + switch_1_exp_4: /* CIL Label */; + switch_1_exp_5: /* CIL Label */; + switch_1_exp_6: /* CIL Label */; + switch_1_exp_7: /* CIL Label */; + switch_1_exp_8: /* CIL Label */; + goto switch_1_break; + } else { + switch_1_break: /* CIL Label */; + } + } + } + } + } + } + } + } + } + } + if (!(status >= 0L)) { + { + Irp->IoStatus.__annonCompField4.Status = status; + myStatus = status; + IofCompleteRequest(Irp, 0); + } + return (status); + } else { + } + { + tmp = KbFilter_DispatchPassThrough(DeviceObject, Irp); + } + return (tmp); + } +} +NTSTATUS KbFilter_PnP(PDEVICE_OBJECT DeviceObject, PIRP Irp) { + PDEVICE_EXTENSION devExt; + PIO_STACK_LOCATION irpStack; + NTSTATUS status; + KEVENT event; + PIO_STACK_LOCATION irpSp; + PIO_STACK_LOCATION nextIrpSp; + PIO_STACK_LOCATION irpSp___0; + + { + status = 0L; + devExt = (struct _DEVICE_EXTENSION *)DeviceObject->DeviceExtension; + irpStack = Irp->Tail.Overlay.__annonCompField17.__annonCompField16.CurrentStackLocation; + if (irpStack->MinorFunction == 0) { + goto switch_2_0; + } else { + if (irpStack->MinorFunction == 23) { + goto switch_2_23; + } else { + if (irpStack->MinorFunction == 2) { + goto switch_2_2; + } else { + if (irpStack->MinorFunction == 1) { + goto switch_2_1; + } else { + if (irpStack->MinorFunction == 5) { + goto switch_2_5; + } else { + if (irpStack->MinorFunction == 3) { + goto switch_2_3; + } else { + if (irpStack->MinorFunction == 6) { + goto switch_2_6; + } else { + if (irpStack->MinorFunction == 13) { + goto switch_2_13; + } else { + if (irpStack->MinorFunction == 4) { + goto switch_2_4; + } else { + if (irpStack->MinorFunction == 7) { + goto switch_2_7; + } else { + if (irpStack->MinorFunction == 8) { + goto switch_2_8; + } else { + if (irpStack->MinorFunction == 9) { + goto switch_2_9; + } else { + if (irpStack->MinorFunction == 12) { + goto switch_2_12; + } else { + if (irpStack->MinorFunction == 10) { + goto switch_2_10; + } else { + if (irpStack->MinorFunction == 11) { + goto switch_2_11; + } else { + if (irpStack->MinorFunction == 15) { + goto switch_2_15; + } else { + if (irpStack->MinorFunction == 16) { + goto switch_2_16; + } else { + if (irpStack->MinorFunction == 17) { + goto switch_2_17; + } else { + if (irpStack->MinorFunction == 18) { + goto switch_2_18; + } else { + if (irpStack->MinorFunction == 19) { + goto switch_2_19; + } else { + if (irpStack->MinorFunction == 20) { + goto switch_2_20; + } else { + { + goto switch_2_default; + if (0) { + switch_2_0 : /* CIL Label */ + { + irpSp = Irp->Tail.Overlay.__annonCompField17.__annonCompField16.CurrentStackLocation; + nextIrpSp = Irp->Tail.Overlay.__annonCompField17.__annonCompField16.CurrentStackLocation - 1; + memmove(nextIrpSp, irpSp, (long)(&((IO_STACK_LOCATION *)0)->CompletionRoutine)); + nextIrpSp->Control = 0; + /* KeInitializeEvent(& event, 0, 0); */ /* INLINED */ + } + if (s != NP) { + { + errorFn(); + } + } else { + if (compRegistered != 0) { + { + errorFn(); + } + } else { + compRegistered = 1; + compFptr = &KbFilter_Complete; + } + } + { + irpSp___0 = Irp->Tail.Overlay.__annonCompField17.__annonCompField16.CurrentStackLocation - 1; + irpSp___0->CompletionRoutine = &KbFilter_Complete; + irpSp___0->Context = &event; + irpSp___0->Control = 0; + irpSp___0->Control = 64; + irpSp___0->Control = (int)irpSp___0->Control | 128; + irpSp___0->Control = (int)irpSp___0->Control | 32; + status = IofCallDriver(devExt->TopOfStack, + Irp); + } + if (259L == status) { + { + KeWaitForSingleObject(&event, 0, + 0, 0, (void *)0); + } + } else { + } + if (status >= 0L) { + if ((long)myStatus >= 0L) { + devExt->Started = 1; + devExt->Removed = 0; + devExt->SurpriseRemoved = 0; + } else { + } + } else { + } + { + Irp->IoStatus.__annonCompField4.Status = status; + myStatus = status; + Irp->IoStatus.Information = 0; + IofCompleteRequest(Irp, 0); + } + goto switch_2_break; + switch_2_23: /* CIL Label */ + devExt->SurpriseRemoved = 1; + if (s == NP) { + s = SKIP1; + } else { + { + errorFn(); + } + } + { + Irp->CurrentLocation = (CHAR)((int)Irp->CurrentLocation + 1); + Irp->Tail.Overlay.__annonCompField17.__annonCompField16.CurrentStackLocation += 1; + status = IofCallDriver(devExt->TopOfStack, + Irp); + } + goto switch_2_break; + switch_2_2: /* CIL Label */ + devExt->Removed = 1; + if (s == NP) { + s = SKIP1; + } else { + { + errorFn(); + } + } + { + Irp->CurrentLocation = (CHAR)((int)Irp->CurrentLocation + 1); + Irp->Tail.Overlay.__annonCompField17.__annonCompField16.CurrentStackLocation += 1; + IofCallDriver(devExt->TopOfStack, Irp); + /* IoDetachDevice(devExt->TopOfStack); */ /* INLINED */ + /* IoDeleteDevice(DeviceObject); */ /* INLINED */ + status = 0L; + } + goto switch_2_break; + switch_2_1: /* CIL Label */; + switch_2_5: /* CIL Label */; + switch_2_3: /* CIL Label */; + switch_2_6: /* CIL Label */; + switch_2_13: /* CIL Label */; + switch_2_4: /* CIL Label */; + switch_2_7: /* CIL Label */; + switch_2_8: /* CIL Label */; + switch_2_9: /* CIL Label */; + switch_2_12: /* CIL Label */; + switch_2_10: /* CIL Label */; + switch_2_11: /* CIL Label */; + switch_2_15: /* CIL Label */; + switch_2_16: /* CIL Label */; + switch_2_17: /* CIL Label */; + switch_2_18: /* CIL Label */; + switch_2_19: /* CIL Label */; + switch_2_20: /* CIL Label */; + switch_2_default: /* CIL Label */; + if (s == NP) { + s = SKIP1; + } else { + { + errorFn(); + } + } + { + Irp->CurrentLocation = (CHAR)((int)Irp->CurrentLocation + 1); + Irp->Tail.Overlay.__annonCompField17.__annonCompField16.CurrentStackLocation += 1; + status = IofCallDriver(devExt->TopOfStack, + Irp); + } + goto switch_2_break; + } else { + switch_2_break: /* CIL Label */; + } + } + } + } + } + } + } + } + } + } + } + } + } + } + } + } + } + } + } + } + } + } + } + return (status); + } +} +NTSTATUS KbFilter_Power(PDEVICE_OBJECT DeviceObject, PIRP Irp) { + PIO_STACK_LOCATION irpStack; + PDEVICE_EXTENSION devExt; + POWER_STATE powerState; + POWER_STATE_TYPE powerType; + NTSTATUS tmp; + + { + devExt = (struct _DEVICE_EXTENSION *)DeviceObject->DeviceExtension; + irpStack = Irp->Tail.Overlay.__annonCompField17.__annonCompField16.CurrentStackLocation; + powerType = irpStack->Parameters.Power.Type; + powerState = irpStack->Parameters.Power.State; + if (irpStack->MinorFunction == 2) { + goto switch_3_2; + } else { + if (irpStack->MinorFunction == 1) { + goto switch_3_1; + } else { + if (irpStack->MinorFunction == 0) { + goto switch_3_0; + } else { + if (irpStack->MinorFunction == 3) { + goto switch_3_3; + } else { + { + goto switch_3_default; + if (0) { + switch_3_2: /* CIL Label */; + if ((int)powerType == 1) { + devExt->DeviceState = powerState.DeviceState; + } else { + } + switch_3_1: /* CIL Label */; + switch_3_0: /* CIL Label */; + switch_3_3: /* CIL Label */; + switch_3_default: /* CIL Label */; + goto switch_3_break; + } else { + switch_3_break: /* CIL Label */; + } + } + } + } + } + } + { + /* PoStartNextPowerIrp(Irp); */ /* INLINED */ + } + if (s == NP) { + s = SKIP1; + } else { + { + errorFn(); + } + } + { + Irp->CurrentLocation = (CHAR)((int)Irp->CurrentLocation + 1); + Irp->Tail.Overlay.__annonCompField17.__annonCompField16.CurrentStackLocation += 1; + tmp = PoCallDriver(devExt->TopOfStack, Irp); + } + return (tmp); + } +} +NTSTATUS KbFilter_InitializationRoutine(PDEVICE_OBJECT DeviceObject, PVOID SynchFuncContext, + NTSTATUS (*ReadPort)(PVOID Context, PUCHAR Value, + BOOLEAN WaitForACK), + NTSTATUS (*WritePort)(PVOID Context, UCHAR Value, + BOOLEAN WaitForACK), + PBOOLEAN TurnTranslationOn) { + PDEVICE_EXTENSION devExt; + NTSTATUS status; + + { + status = 0L; + devExt = DeviceObject->DeviceExtension; + if (devExt->UpperInitializationRoutine) { + { + status = (*(devExt->UpperInitializationRoutine))(devExt->UpperContext, SynchFuncContext, + ReadPort, WritePort, TurnTranslationOn); + } + if (!(status >= 0L)) { + return (status); + } else { + } + } else { + } + *TurnTranslationOn = 1; + return (status); + } +} +BOOLEAN KbFilter_IsrHook(PDEVICE_OBJECT DeviceObject, PKEYBOARD_INPUT_DATA CurrentInput, + POUTPUT_PACKET CurrentOutput, UCHAR StatusByte, PUCHAR DataByte, + PBOOLEAN ContinueProcessing, PKEYBOARD_SCAN_STATE ScanState) { + PDEVICE_EXTENSION devExt; + BOOLEAN retVal; + + { + retVal = 1; + devExt = DeviceObject->DeviceExtension; + if (devExt->UpperIsrHook) { + { + retVal = (*(devExt->UpperIsrHook))(devExt->UpperContext, CurrentInput, CurrentOutput, + StatusByte, DataByte, ContinueProcessing, ScanState); + } + if (!retVal) { + return (retVal); + } else { + if (!*ContinueProcessing) { + return (retVal); + } else { + } + } + } else { + } + *ContinueProcessing = 1; + return (retVal); + } +} +void KbFilter_ServiceCallback(PDEVICE_OBJECT DeviceObject, PKEYBOARD_INPUT_DATA InputDataStart, + PKEYBOARD_INPUT_DATA InputDataEnd, PULONG InputDataConsumed) { + PDEVICE_EXTENSION devExt; + + { + { + devExt = (struct _DEVICE_EXTENSION *)DeviceObject->DeviceExtension; + (*((void (*)(PVOID NormalContext, PVOID SystemArgument1, PVOID SystemArgument2, + PVOID SystemArgument3))devExt->UpperConnectData.ClassService))(devExt->UpperConnectData.ClassDeviceObject, + InputDataStart, + InputDataEnd, + InputDataConsumed); + } + return; + } +} +void KbFilter_Unload(PDRIVER_OBJECT Driver) { + + { + return; + } +} +#pragma warning(push) +#pragma warning(disable : 4035) +#pragma warning(pop) +#pragma warning(disable : 4103) +#pragma warning(disable : 4103) +#pragma warning(push) +#pragma warning(disable : 4035) +#pragma warning(pop) +#pragma warning(disable : 4035) +#pragma warning(push) +#pragma warning(disable : 4164) +#pragma function(_enable) +#pragma function(_disable) +#pragma warning(pop) +#pragma warning(disable : 4103) +#pragma warning(disable : 4103) +#pragma warning(disable : 4103) +#pragma warning(disable : 4103) +#pragma warning(disable : 4103) +#pragma warning(disable : 4103) +#pragma warning(disable : 4200) +#pragma warning(default : 4200) +IRP *pirp; +void stub_driver_init(void) { + + { + s = NP; + pended = 0; + compFptr = 0; + compRegistered = 0; + lowerDriverReturn = 0; + setEventCalled = 0; + customIrp = 0; + return; + } +} +extern unsigned char __VERIFIER_nondet_uchar(void); +int main(void) { + DRIVER_OBJECT d; + UNICODE_STRING u; + NTSTATUS status; + int we_should_unload = __VERIFIER_nondet_int(); + IRP irp; + int __BLAST_NONDET = __VERIFIER_nondet_int(); + int irp_choice = __VERIFIER_nondet_int(); + DEVICE_EXTENSION devext; + DEVICE_OBJECT devobj; + devobj.DeviceExtension = &devext; + struct _DRIVER_EXTENSION ext; + d.DriverExtension = &ext; + + INTERNAL_I8042_HOOK_KEYBOARD hookkb; + struct _IO_STACK_LOCATION stack[3]; + + stack[0].MajorFunction = __VERIFIER_nondet_uchar(); + stack[1].MajorFunction = __VERIFIER_nondet_uchar(); + stack[2].MajorFunction = __VERIFIER_nondet_uchar(); + stack[0].MinorFunction = __VERIFIER_nondet_uchar(); + stack[1].MinorFunction = __VERIFIER_nondet_uchar(); + stack[2].MinorFunction = __VERIFIER_nondet_uchar(); + + stack[0].Parameters.DeviceIoControl.Type3InputBuffer = &hookkb; + stack[1].Parameters.DeviceIoControl.Type3InputBuffer = &hookkb; + stack[2].Parameters.DeviceIoControl.Type3InputBuffer = &hookkb; + + stack[0].Parameters.DeviceIoControl.InputBufferLength = __VERIFIER_nondet_ulong(); + stack[1].Parameters.DeviceIoControl.InputBufferLength = __VERIFIER_nondet_ulong(); + stack[2].Parameters.DeviceIoControl.InputBufferLength = __VERIFIER_nondet_ulong(); + + stack[0].Parameters.DeviceIoControl.IoControlCode = __VERIFIER_nondet_ulong(); + stack[1].Parameters.DeviceIoControl.IoControlCode = __VERIFIER_nondet_ulong(); + stack[2].Parameters.DeviceIoControl.IoControlCode = __VERIFIER_nondet_ulong(); + + irp.Tail.Overlay.__annonCompField17.__annonCompField16.CurrentStackLocation = &stack[1]; + + { + { + pirp = &irp; + _BLAST_init(); + status = DriverEntry(&d, &u); + } + if (status >= 0L) { + s = NP; + customIrp = 0; + setEventCalled = customIrp; + lowerDriverReturn = setEventCalled; + compRegistered = lowerDriverReturn; + compFptr = compRegistered; + pended = compFptr; + pirp->IoStatus.__annonCompField4.Status = 0L; + myStatus = 0L; + if (irp_choice == 0) { + pirp->IoStatus.__annonCompField4.Status = -1073741637L; + myStatus = -1073741637L; + } else { + } + { + status = KbFilter_AddDevice(&d, &devobj); + stub_driver_init(); + } + if (!(status >= 0L)) { + return (-1); + } else { + } + if (__BLAST_NONDET == 0) { + goto switch_4_0; + } else { + if (__BLAST_NONDET == 1) { + goto switch_4_1; + } else { + if (__BLAST_NONDET == 2) { + goto switch_4_2; + } else { + if (__BLAST_NONDET == 3) { + goto switch_4_3; + } else { + if (__BLAST_NONDET == 4) { + goto switch_4_4; + } else { + if (__BLAST_NONDET == 8) { + goto switch_4_8; + } else { + { + goto switch_4_default; + if (0) { + switch_4_0 : /* CIL Label */ + { + status = KbFilter_CreateClose(&devobj, pirp); + } + goto switch_4_break; + switch_4_1 : /* CIL Label */ + { + status = KbFilter_CreateClose(&devobj, pirp); + } + goto switch_4_break; + switch_4_2 : /* CIL Label */ + { + status = KbFilter_IoCtl(&devobj, pirp); + } + goto switch_4_break; + switch_4_3 : /* CIL Label */ + { + status = KbFilter_PnP(&devobj, pirp); + } + goto switch_4_break; + switch_4_4 : /* CIL Label */ + { + status = KbFilter_Power(&devobj, pirp); + } + goto switch_4_break; + switch_4_8 : /* CIL Label */ + { + status = KbFilter_InternIoCtl(&devobj, pirp); + } + goto switch_4_break; + switch_4_default: /* CIL Label */; + return (-1); + } else { + switch_4_break: /* CIL Label */; + } + } + } + } + } + } + } + } + if (we_should_unload) { + { + /* KbFilter_Unload(& d); */ /* INLINED */ + } + } else { + } + } else { + } + if (pended == 1) { + if (s == NP) { + s = NP; + } else { + goto _L___2; + } + } else { + _L___2: /* CIL Label */ + if (pended == 1) { + if (s == MPR3) { + s = MPR3; + } else { + goto _L___1; + } + } else { + _L___1: /* CIL Label */ + if (s == UNLOADED) { + + } else { + if (status == -1L) { + + } else { + if (s != SKIP2) { + if (s != IPC) { + if (s != DC) { + + } else { + goto _L___0; + } + } else { + goto _L___0; + } + } else { + _L___0: /* CIL Label */ + if (pended == 1) { + if (status != 259L) { + { + errorFn(); + } + } else { + } + } else { + if (s == DC) { + if (status == 259L) { + { + errorFn(); + } + } else { + } + } else { + if (status != (NTSTATUS)lowerDriverReturn) { + + } else { + } + } + } + } + } + } + } + } + return (status); + } +} +char _SLAM_alloc_dummy; +void ExAcquireFastMutex(PFAST_MUTEX FastMutex); +void ExAcquireFastMutex(PFAST_MUTEX FastMutex) { + + { + return; + } +} +void ExReleaseFastMutex(PFAST_MUTEX FastMutex); +void ExReleaseFastMutex(PFAST_MUTEX FastMutex) { + + { + return; + } +} +PVOID ExAllocatePoolWithTag(POOL_TYPE PoolType, + SIZE_T NumberOfBytes, + ULONG Tag); +PVOID ExAllocatePoolWithTag(POOL_TYPE PoolType, SIZE_T NumberOfBytes, + ULONG Tag) { + PVOID x; + char *tmp; + + { + { + tmp = malloc(NumberOfBytes); + x = tmp; + } + return (x); + } +} +void ExFreePool(PVOID P); +void ExFreePool(PVOID P) { + + { + return; + } +} +PLIST_ENTRY ExfInterlockedInsertHeadList(PLIST_ENTRY ListHead, + PLIST_ENTRY ListEntry, + PKSPIN_LOCK Lock); +PLIST_ENTRY ExfInterlockedInsertHeadList(PLIST_ENTRY ListHead, + PLIST_ENTRY ListEntry, + PKSPIN_LOCK Lock) { + + { + return ((void *)0); + } +} +PLIST_ENTRY ExfInterlockedInsertTailList(PLIST_ENTRY ListHead, + PLIST_ENTRY ListEntry, + PKSPIN_LOCK Lock); +PLIST_ENTRY ExfInterlockedInsertTailList(PLIST_ENTRY ListHead, + PLIST_ENTRY ListEntry, + PKSPIN_LOCK Lock) { + + { + return ((void *)0); + } +} +PLIST_ENTRY ExfInterlockedRemoveHeadList(PLIST_ENTRY ListHead, + PKSPIN_LOCK Lock); +PLIST_ENTRY ExfInterlockedRemoveHeadList(PLIST_ENTRY ListHead, + PKSPIN_LOCK Lock) { + + { + return ((void *)0); + } +} +PMDL IoAllocateMdl(PVOID VirtualAddress, ULONG Length, + BOOLEAN SecondaryBuffer, BOOLEAN ChargeQuota, + PIRP Irp); +PMDL IoAllocateMdl(PVOID VirtualAddress, ULONG Length, BOOLEAN SecondaryBuffer, + BOOLEAN ChargeQuota, PIRP Irp) { + int __BLAST_NONDET = __VERIFIER_nondet_int(); + char *tmp; + + { + if (__BLAST_NONDET == 0) { + goto switch_5_0; + } else { + { + goto switch_5_default; + if (0) { + switch_5_0 : /* CIL Label */ + { + tmp = malloc(sizeof(MDL)); + } + return ((void *)tmp); + switch_5_default: /* CIL Label */; + return ((void *)0); + } else { + switch_5_break: /* CIL Label */; + } + } + } + } +} +PDEVICE_OBJECT IoAttachDeviceToDeviceStack(PDEVICE_OBJECT SourceDevice, + PDEVICE_OBJECT TargetDevice); +PDEVICE_OBJECT IoAttachDeviceToDeviceStack(PDEVICE_OBJECT SourceDevice, PDEVICE_OBJECT TargetDevice) { + int __BLAST_NONDET = __VERIFIER_nondet_int(); + + { + if (__BLAST_NONDET == 0) { + goto switch_6_0; + } else { + { + goto switch_6_default; + if (0) { + switch_6_0: /* CIL Label */; + return (TargetDevice); + switch_6_default: /* CIL Label */; + return ((void *)0); + } else { + switch_6_break: /* CIL Label */; + } + } + } + } +} +PIRP IoBuildAsynchronousFsdRequest(ULONG MajorFunction, + PDEVICE_OBJECT DeviceObject, + PVOID Buffer, + ULONG Length, + PLARGE_INTEGER StartingOffset, + PIO_STATUS_BLOCK IoStatusBlock); +PIRP IoBuildAsynchronousFsdRequest(ULONG MajorFunction, PDEVICE_OBJECT DeviceObject, + PVOID Buffer, ULONG Length, PLARGE_INTEGER StartingOffset, + PIO_STATUS_BLOCK IoStatusBlock) { + int __BLAST_NONDET = __VERIFIER_nondet_int(); + char *tmp; + + { + customIrp = 1; + if (__BLAST_NONDET == 0) { + goto switch_7_0; + } else { + { + goto switch_7_default; + if (0) { + switch_7_0 : /* CIL Label */ + { + tmp = malloc(sizeof(IRP)); + } + return ((void *)tmp); + switch_7_default: /* CIL Label */; + return ((void *)0); + } else { + switch_7_break: /* CIL Label */; + } + } + } + } +} +PIRP IoBuildDeviceIoControlRequest(ULONG IoControlCode, + PDEVICE_OBJECT DeviceObject, + PVOID InputBuffer, + ULONG InputBufferLength, + PVOID OutputBuffer, + ULONG OutputBufferLength, + BOOLEAN InternalDeviceIoControl, + PKEVENT Event, + PIO_STATUS_BLOCK IoStatusBlock); +PIRP IoBuildDeviceIoControlRequest(ULONG IoControlCode, PDEVICE_OBJECT DeviceObject, + PVOID InputBuffer, ULONG InputBufferLength, PVOID OutputBuffer, + ULONG OutputBufferLength, BOOLEAN InternalDeviceIoControl, + PKEVENT Event, PIO_STATUS_BLOCK IoStatusBlock) { + int __BLAST_NONDET = __VERIFIER_nondet_int(); + char *tmp; + + { + customIrp = 1; + if (__BLAST_NONDET == 0) { + goto switch_8_0; + } else { + { + goto switch_8_default; + if (0) { + switch_8_0 : /* CIL Label */ + { + tmp = malloc(sizeof(IRP)); + } + return ((void *)tmp); + switch_8_default: /* CIL Label */; + return ((void *)0); + } else { + switch_8_break: /* CIL Label */; + } + } + } + } +} +NTSTATUS IoCreateDevice(PDRIVER_OBJECT DriverObject, + ULONG DeviceExtensionSize, + PUNICODE_STRING DeviceName, + ULONG DeviceType, ULONG DeviceCharacteristics, + BOOLEAN Exclusive, PDEVICE_OBJECT *DeviceObject); +NTSTATUS IoCreateDevice(PDRIVER_OBJECT DriverObject, ULONG DeviceExtensionSize, + PUNICODE_STRING DeviceName, ULONG DeviceType, ULONG DeviceCharacteristics, + BOOLEAN Exclusive, PDEVICE_OBJECT *DeviceObject) { + int __BLAST_NONDET = __VERIFIER_nondet_int(); + char *tmp; + + { + if (__BLAST_NONDET == 0) { + goto switch_9_0; + } else { + { + goto switch_9_default; + if (0) { + switch_9_0 : /* CIL Label */ + { + tmp = malloc(sizeof(DEVICE_OBJECT)); + *DeviceObject = (void *)tmp; + (*DeviceObject)->DeviceExtension = malloc(DeviceExtensionSize); + } + return (0L); + switch_9_default: /* CIL Label */; + return (-1073741823L); + } else { + switch_9_break: /* CIL Label */; + } + } + } + } +} +NTSTATUS IoCreateSymbolicLink(PUNICODE_STRING SymbolicLinkName, + PUNICODE_STRING DeviceName); +NTSTATUS IoCreateSymbolicLink(PUNICODE_STRING SymbolicLinkName, PUNICODE_STRING DeviceName) { + int __BLAST_NONDET = __VERIFIER_nondet_int(); + + { + if (__BLAST_NONDET == 0) { + goto switch_10_0; + } else { + { + goto switch_10_default; + if (0) { + switch_10_0: /* CIL Label */; + return (0L); + switch_10_default: /* CIL Label */; + return (-1073741823L); + } else { + switch_10_break: /* CIL Label */; + } + } + } + } +} +void IoDeleteDevice(PDEVICE_OBJECT DeviceObject); +void IoDeleteDevice(PDEVICE_OBJECT DeviceObject) { + + { + return; + } +} +NTSTATUS IoDeleteSymbolicLink(PUNICODE_STRING SymbolicLinkName); +NTSTATUS IoDeleteSymbolicLink(PUNICODE_STRING SymbolicLinkName) { + int __BLAST_NONDET = __VERIFIER_nondet_int(); + + { + if (__BLAST_NONDET == 0) { + goto switch_11_0; + } else { + { + goto switch_11_default; + if (0) { + switch_11_0: /* CIL Label */; + return (0L); + switch_11_default: /* CIL Label */; + return (-1073741823L); + } else { + switch_11_break: /* CIL Label */; + } + } + } + } +} +void IoDetachDevice(PDEVICE_OBJECT TargetDevice); +void IoDetachDevice(PDEVICE_OBJECT TargetDevice) { + + { + return; + } +} +void IoFreeIrp(PIRP Irp); +void IoFreeIrp(PIRP Irp) { + + { + return; + } +} +void IoFreeMdl(PMDL Mdl); +void IoFreeMdl(PMDL Mdl) { + + { + return; + } +} +PCONFIGURATION_INFORMATION IoGetConfigurationInformation(void); +PCONFIGURATION_INFORMATION IoGetConfigurationInformation(void) { + char *tmp; + + { + { + tmp = malloc(sizeof(CONFIGURATION_INFORMATION)); + } + return ((void *)tmp); + } +} +NTSTATUS IoQueryDeviceDescription(PINTERFACE_TYPE BusType, + PULONG BusNumber, + PCONFIGURATION_TYPE ControllerType, + PULONG ControllerNumber, + PCONFIGURATION_TYPE PeripheralType, + PULONG PeripheralNumber, + NTSTATUS (*CalloutRoutine)(PVOID Context, + PUNICODE_STRING PathName, + INTERFACE_TYPE BusType, + ULONG BusNumber, + PKEY_VALUE_FULL_INFORMATION *BusInformation, + CONFIGURATION_TYPE ControllerType, + ULONG ControllerNumber, + PKEY_VALUE_FULL_INFORMATION *ControllerInformation, + CONFIGURATION_TYPE PeripheralType, + ULONG PeripheralNumber, + PKEY_VALUE_FULL_INFORMATION *PeripheralInformation), + PVOID Context); +NTSTATUS IoQueryDeviceDescription(PINTERFACE_TYPE BusType, PULONG BusNumber, PCONFIGURATION_TYPE ControllerType, + PULONG ControllerNumber, PCONFIGURATION_TYPE PeripheralType, + PULONG PeripheralNumber, NTSTATUS (*CalloutRoutine)(PVOID Context, PUNICODE_STRING PathName, INTERFACE_TYPE BusType, ULONG BusNumber, PKEY_VALUE_FULL_INFORMATION *BusInformation, CONFIGURATION_TYPE ControllerType, ULONG ControllerNumber, PKEY_VALUE_FULL_INFORMATION *ControllerInformation, CONFIGURATION_TYPE PeripheralType, ULONG PeripheralNumber, PKEY_VALUE_FULL_INFORMATION *PeripheralInformation), + PVOID Context) { + int __BLAST_NONDET = __VERIFIER_nondet_int(); + + { + if (__BLAST_NONDET == 0) { + goto switch_12_0; + } else { + { + goto switch_12_default; + if (0) { + switch_12_0: /* CIL Label */; + return (0L); + switch_12_default: /* CIL Label */; + return (-1073741823L); + } else { + switch_12_break: /* CIL Label */; + } + } + } + } +} +NTSTATUS IoRegisterDeviceInterface(PDEVICE_OBJECT PhysicalDeviceObject, + GUID const *InterfaceClassGuid, + PUNICODE_STRING ReferenceString, + PUNICODE_STRING SymbolicLinkName); +NTSTATUS IoRegisterDeviceInterface(PDEVICE_OBJECT PhysicalDeviceObject, + GUID const *InterfaceClassGuid, + PUNICODE_STRING ReferenceString, + PUNICODE_STRING SymbolicLinkName) { + int __BLAST_NONDET = __VERIFIER_nondet_int(); + + { + if (__BLAST_NONDET == 0) { + goto switch_13_0; + } else { + { + goto switch_13_default; + if (0) { + switch_13_0: /* CIL Label */; + return (0L); + switch_13_default: /* CIL Label */; + return (-1073741808L); + } else { + switch_13_break: /* CIL Label */; + } + } + } + } +} +void IoReleaseCancelSpinLock(KIRQL Irql); +void IoReleaseCancelSpinLock(KIRQL Irql) { + + { + return; + } +} +NTSTATUS IoSetDeviceInterfaceState(PUNICODE_STRING SymbolicLinkName, + BOOLEAN Enable); +NTSTATUS IoSetDeviceInterfaceState(PUNICODE_STRING SymbolicLinkName, BOOLEAN Enable) { + int __BLAST_NONDET = __VERIFIER_nondet_int(); + + { + if (__BLAST_NONDET == 0) { + goto switch_14_0; + } else { + { + goto switch_14_default; + if (0) { + switch_14_0: /* CIL Label */; + return (0L); + switch_14_default: /* CIL Label */; + return (-1073741823L); + } else { + switch_14_break: /* CIL Label */; + } + } + } + } +} +void IoSetHardErrorOrVerifyDevice(PIRP Irp, PDEVICE_OBJECT DeviceObject); +void IoSetHardErrorOrVerifyDevice(PIRP Irp, PDEVICE_OBJECT DeviceObject) { + + { + return; + } +} +void stubMoreProcessingRequired(void) { + + { + if (s == NP) { + s = MPR1; + } else { + { + errorFn(); + } + } + return; + } +} +NTSTATUS IofCallDriver(PDEVICE_OBJECT DeviceObject, + PIRP Irp); +NTSTATUS IofCallDriver(PDEVICE_OBJECT DeviceObject, + PIRP Irp) { + int __BLAST_NONDET = __VERIFIER_nondet_int(); + NTSTATUS returnVal2; + int compRetStatus; + PVOID lcontext = 0; + NTSTATUS tmp; + + { + if (compRegistered) { + { + tmp = KbFilter_Complete(DeviceObject, Irp, lcontext); + compRetStatus = tmp; + } + if ((long)compRetStatus == -1073741802L) { + { + stubMoreProcessingRequired(); + } + } else { + } + } else { + } + if (__BLAST_NONDET == 0) { + goto switch_15_0; + } else { + if (__BLAST_NONDET == 1) { + goto switch_15_1; + } else { + { + goto switch_15_default; + if (0) { + switch_15_0: /* CIL Label */ + returnVal2 = 0L; + goto switch_15_break; + switch_15_1: /* CIL Label */ + returnVal2 = -1073741823L; + goto switch_15_break; + switch_15_default: /* CIL Label */ + returnVal2 = 259L; + goto switch_15_break; + } else { + switch_15_break: /* CIL Label */; + } + } + } + } + if (s == NP) { + s = IPC; + lowerDriverReturn = returnVal2; + } else { + if (s == MPR1) { + if (returnVal2 == 259L) { + s = MPR3; + lowerDriverReturn = returnVal2; + } else { + s = NP; + lowerDriverReturn = returnVal2; + } + } else { + if (s == SKIP1) { + s = SKIP2; + lowerDriverReturn = returnVal2; + } else { + { + errorFn(); + } + } + } + } + return (returnVal2); + } +} +void IofCompleteRequest(PIRP Irp, + CCHAR PriorityBoost); +void IofCompleteRequest(PIRP Irp, CCHAR PriorityBoost) { + + { + if (s == NP) { + s = DC; + } else { + { + errorFn(); + } + } + return; + } +} +KIRQL KeAcquireSpinLockRaiseToDpc(PKSPIN_LOCK SpinLock); +KIRQL KeAcquireSpinLockRaiseToDpc(PKSPIN_LOCK SpinLock) { + + { + return ((unsigned char)0); + } +} +NTSTATUS KeDelayExecutionThread(KPROCESSOR_MODE WaitMode, + BOOLEAN Alertable, + PLARGE_INTEGER Interval); +NTSTATUS KeDelayExecutionThread(KPROCESSOR_MODE WaitMode, BOOLEAN Alertable, PLARGE_INTEGER Interval) { + int __BLAST_NONDET = __VERIFIER_nondet_int(); + + { + if (__BLAST_NONDET == 0) { + goto switch_16_0; + } else { + { + goto switch_16_default; + if (0) { + switch_16_0: /* CIL Label */; + return (0L); + switch_16_default: /* CIL Label */; + return (-1073741823L); + } else { + switch_16_break: /* CIL Label */; + } + } + } + } +} +void KeInitializeEvent(PRKEVENT Event, EVENT_TYPE Type, + BOOLEAN State); +void KeInitializeEvent(PRKEVENT Event, EVENT_TYPE Type, BOOLEAN State) { + + { + return; + } +} +void KeInitializeSemaphore(PRKSEMAPHORE Semaphore, + LONG Count, LONG Limit); +void KeInitializeSemaphore(PRKSEMAPHORE Semaphore, LONG Count, LONG Limit) { + + { + return; + } +} +void KeInitializeSpinLock(PKSPIN_LOCK SpinLock); +void KeInitializeSpinLock(PKSPIN_LOCK SpinLock) { + + { + return; + } +} +LONG KeReleaseSemaphore(PRKSEMAPHORE Semaphore, KPRIORITY Increment, + LONG Adjustment, BOOLEAN Wait); +LONG KeReleaseSemaphore(PRKSEMAPHORE Semaphore, KPRIORITY Increment, LONG Adjustment, + BOOLEAN Wait) { + LONG r = __VERIFIER_nondet_long(); + + { + return (r); + } +} +void KfReleaseSpinLock(PKSPIN_LOCK SpinLock, + KIRQL NewIrql); +void KfReleaseSpinLock(PKSPIN_LOCK SpinLock, KIRQL NewIrql) { + + { + return; + } +} +LONG KeSetEvent(PRKEVENT Event, KPRIORITY Increment, + BOOLEAN Wait); +LONG KeSetEvent(PRKEVENT Event, KPRIORITY Increment, BOOLEAN Wait) { + LONG l = __VERIFIER_nondet_long(); + + { + setEventCalled = 1; + return (l); + } +} +NTSTATUS KeWaitForSingleObject(PVOID Object, KWAIT_REASON WaitReason, + KPROCESSOR_MODE WaitMode, + BOOLEAN Alertable, + PLARGE_INTEGER Timeout); +NTSTATUS KeWaitForSingleObject(PVOID Object, KWAIT_REASON WaitReason, KPROCESSOR_MODE WaitMode, + BOOLEAN Alertable, PLARGE_INTEGER Timeout) { + int __BLAST_NONDET = __VERIFIER_nondet_int(); + + { + if (s == MPR3) { + if (setEventCalled == 1) { + s = NP; + setEventCalled = 0; + } else { + goto _L; + } + } else { + _L: /* CIL Label */ + if (customIrp == 1) { + s = NP; + customIrp = 0; + } else { + if (s == MPR3) { + { + errorFn(); + } + } else { + } + } + } + if (__BLAST_NONDET == 0) { + goto switch_17_0; + } else { + { + goto switch_17_default; + if (0) { + switch_17_0: /* CIL Label */; + return (0L); + switch_17_default: /* CIL Label */; + return (-1073741823L); + } else { + switch_17_break: /* CIL Label */; + } + } + } + } +} +PVOID MmAllocateContiguousMemory(SIZE_T NumberOfBytes, + PHYSICAL_ADDRESS HighestAcceptableAddress); +PVOID MmAllocateContiguousMemory(SIZE_T NumberOfBytes, PHYSICAL_ADDRESS HighestAcceptableAddress) { + int __BLAST_NONDET = __VERIFIER_nondet_int(); + char *tmp; + + { + if (__BLAST_NONDET == 0) { + goto switch_18_0; + } else { + if (__BLAST_NONDET == 1) { + goto switch_18_1; + } else { + if (0) { + switch_18_0 : /* CIL Label */ + { + tmp = malloc(NumberOfBytes); + } + return (tmp); + switch_18_1: /* CIL Label */; + return ((void *)0); + } else { + switch_18_break: /* CIL Label */; + } + } + } + return ((void *)0); + } +} +void MmFreeContiguousMemory(PVOID BaseAddress); +void MmFreeContiguousMemory(PVOID BaseAddress) { + + { + return; + } +} +PVOID MmMapLockedPagesSpecifyCache(PMDL MemoryDescriptorList, + KPROCESSOR_MODE AccessMode, + MEMORY_CACHING_TYPE CacheType, + PVOID BaseAddress, + ULONG BugCheckOnFailure, + MM_PAGE_PRIORITY Priority); +PVOID MmMapLockedPagesSpecifyCache(PMDL MemoryDescriptorList, KPROCESSOR_MODE AccessMode, + MEMORY_CACHING_TYPE CacheType, PVOID BaseAddress, + ULONG BugCheckOnFailure, MM_PAGE_PRIORITY Priority) { + + { + return ((void *)0); + } +} +PVOID MmPageEntireDriver(PVOID AddressWithinSection); +PVOID MmPageEntireDriver(PVOID AddressWithinSection) { + + { + return ((void *)0); + } +} +void MmResetDriverPaging(PVOID AddressWithinSection); +void MmResetDriverPaging(PVOID AddressWithinSection) { + + { + return; + } +} +void MmUnlockPages(PMDL MemoryDescriptorList); +void MmUnlockPages(PMDL MemoryDescriptorList) { + + { + return; + } +} +NTSTATUS ObReferenceObjectByHandle(HANDLE Handle, + ACCESS_MASK DesiredAccess, + POBJECT_TYPE ObjectType, + KPROCESSOR_MODE AccessMode, + PVOID *Object, + POBJECT_HANDLE_INFORMATION HandleInformation); +NTSTATUS ObReferenceObjectByHandle(HANDLE Handle, ACCESS_MASK DesiredAccess, POBJECT_TYPE ObjectType, + KPROCESSOR_MODE AccessMode, PVOID *Object, POBJECT_HANDLE_INFORMATION HandleInformation) { + int __BLAST_NONDET = __VERIFIER_nondet_int(); + + { + if (__BLAST_NONDET == 0) { + goto switch_19_0; + } else { + { + goto switch_19_default; + if (0) { + switch_19_0: /* CIL Label */; + return (0L); + switch_19_default: /* CIL Label */; + return (-1073741823L); + } else { + switch_19_break: /* CIL Label */; + } + } + } + } +} +void ObfDereferenceObject(PVOID Object); +void ObfDereferenceObject(PVOID Object) { + + { + return; + } +} +NTSTATUS PoCallDriver(PDEVICE_OBJECT DeviceObject, + PIRP Irp); +NTSTATUS PoCallDriver(PDEVICE_OBJECT DeviceObject, PIRP Irp) { + int __BLAST_NONDET = __VERIFIER_nondet_int(); + int compRetStatus; + NTSTATUS returnVal; + PVOID lcontext = 0; + NTSTATUS tmp; + + { + if (compRegistered) { + { + tmp = KbFilter_Complete(DeviceObject, Irp, lcontext); + compRetStatus = tmp; + } + if ((long)compRetStatus == -1073741802L) { + { + stubMoreProcessingRequired(); + } + } else { + } + } else { + } + if (__BLAST_NONDET == 0) { + goto switch_20_0; + } else { + if (__BLAST_NONDET == 1) { + goto switch_20_1; + } else { + { + goto switch_20_default; + if (0) { + switch_20_0: /* CIL Label */ + returnVal = 0L; + goto switch_20_break; + switch_20_1: /* CIL Label */ + returnVal = -1073741823L; + goto switch_20_break; + switch_20_default: /* CIL Label */ + returnVal = 259L; + goto switch_20_break; + } else { + switch_20_break: /* CIL Label */; + } + } + } + } + if (s == NP) { + s = IPC; + lowerDriverReturn = returnVal; + } else { + if (s == MPR1) { + if (returnVal == 259L) { + s = MPR3; + lowerDriverReturn = returnVal; + } else { + s = NP; + lowerDriverReturn = returnVal; + } + } else { + if (s == SKIP1) { + s = SKIP2; + lowerDriverReturn = returnVal; + } else { + { + errorFn(); + } + } + } + } + return (returnVal); + } +} +void PoStartNextPowerIrp(PIRP Irp); +void PoStartNextPowerIrp(PIRP Irp) { + + { + return; + } +} +NTSTATUS PsCreateSystemThread(PHANDLE ThreadHandle, + ULONG DesiredAccess, + POBJECT_ATTRIBUTES ObjectAttributes, + HANDLE ProcessHandle, + PCLIENT_ID ClientId, + void (*StartRoutine)(PVOID StartContext), + PVOID StartContext); +NTSTATUS PsCreateSystemThread(PHANDLE ThreadHandle, ULONG DesiredAccess, POBJECT_ATTRIBUTES ObjectAttributes, + HANDLE ProcessHandle, PCLIENT_ID ClientId, void (*StartRoutine)(PVOID StartContext), + PVOID StartContext) { + int __BLAST_NONDET = __VERIFIER_nondet_int(); + + { + if (__BLAST_NONDET == 0) { + goto switch_21_0; + } else { + { + goto switch_21_default; + if (0) { + switch_21_0: /* CIL Label */; + return (0L); + switch_21_default: /* CIL Label */; + return (-1073741823L); + } else { + switch_21_break: /* CIL Label */; + } + } + } + } +} +NTSTATUS PsTerminateSystemThread(NTSTATUS ExitStatus); +NTSTATUS PsTerminateSystemThread(NTSTATUS ExitStatus) { + int __BLAST_NONDET = __VERIFIER_nondet_int(); + + { + if (__BLAST_NONDET == 0) { + goto switch_22_0; + } else { + { + goto switch_22_default; + if (0) { + switch_22_0: /* CIL Label */; + return (0L); + switch_22_default: /* CIL Label */; + return (-1073741823L); + } else { + switch_22_break: /* CIL Label */; + } + } + } + } +} +NTSTATUS RtlAnsiStringToUnicodeString(PUNICODE_STRING DestinationString, + PANSI_STRING SourceString, + BOOLEAN AllocateDestinationString); +NTSTATUS RtlAnsiStringToUnicodeString(PUNICODE_STRING DestinationString, + PANSI_STRING SourceString, + BOOLEAN AllocateDestinationString) { + int __BLAST_NONDET = __VERIFIER_nondet_int(); + + { + if (__BLAST_NONDET == 0) { + goto switch_23_0; + } else { + { + goto switch_23_default; + if (0) { + switch_23_0: /* CIL Label */; + return (0L); + switch_23_default: /* CIL Label */; + return (-1073741823L); + } else { + switch_23_break: /* CIL Label */; + } + } + } + } +} +SIZE_T RtlCompareMemory(void const *Source1, + void const *Source2, + SIZE_T Length); +SIZE_T RtlCompareMemory(void const *Source1, void const *Source2, + SIZE_T Length) { + SIZE_T r = __VERIFIER_nondet_long(); + + { + return (r); + } +} +void RtlCopyUnicodeString(PUNICODE_STRING DestinationString, + PUNICODE_STRING SourceString); +void RtlCopyUnicodeString(PUNICODE_STRING DestinationString, + PUNICODE_STRING SourceString) { + + { + return; + } +} +NTSTATUS RtlDeleteRegistryValue(ULONG RelativeTo, + PCWSTR Path, + PCWSTR ValueName); +NTSTATUS RtlDeleteRegistryValue(ULONG RelativeTo, + PCWSTR Path, PCWSTR ValueName) { + int __BLAST_NONDET = __VERIFIER_nondet_int(); + + { + if (__BLAST_NONDET == 0) { + goto switch_24_0; + } else { + { + goto switch_24_default; + if (0) { + switch_24_0: /* CIL Label */; + return (0L); + switch_24_default: /* CIL Label */; + return (-1073741823L); + } else { + switch_24_break: /* CIL Label */; + } + } + } + } +} +void RtlFreeUnicodeString(PUNICODE_STRING UnicodeString); +void RtlFreeUnicodeString(PUNICODE_STRING UnicodeString) { + + { + return; + } +} +void RtlInitString(PSTRING DestinationString, + PCSZ SourceString); +void RtlInitString(PSTRING DestinationString, PCSZ SourceString) { + + { + return; + } +} +void RtlInitUnicodeString(PUNICODE_STRING DestinationString, + PCWSTR SourceString); +void RtlInitUnicodeString(PUNICODE_STRING DestinationString, + PCWSTR SourceString) { + + { + return; + } +} +NTSTATUS RtlQueryRegistryValues(ULONG RelativeTo, + PCWSTR Path, + PRTL_QUERY_REGISTRY_TABLE QueryTable, + PVOID Context, + PVOID Environment); +NTSTATUS RtlQueryRegistryValues(ULONG RelativeTo, + PCWSTR Path, PRTL_QUERY_REGISTRY_TABLE QueryTable, + PVOID Context, PVOID Environment) { + int __BLAST_NONDET = __VERIFIER_nondet_int(); + + { + if (__BLAST_NONDET == 0) { + goto switch_25_0; + } else { + { + goto switch_25_default; + if (0) { + switch_25_0: /* CIL Label */; + return (0L); + switch_25_default: /* CIL Label */; + return (-1073741823L); + } else { + switch_25_break: /* CIL Label */; + } + } + } + } +} +NTSTATUS ZwClose(HANDLE Handle); +NTSTATUS ZwClose(HANDLE Handle) { + int __BLAST_NONDET = __VERIFIER_nondet_int(); + + { + if (__BLAST_NONDET == 0) { + goto switch_26_0; + } else { + { + goto switch_26_default; + if (0) { + switch_26_0: /* CIL Label */; + return (0L); + switch_26_default: /* CIL Label */; + return (-1073741823L); + } else { + switch_26_break: /* CIL Label */; + } + } + } + } +} + +// CHECK: generated tests = 3 diff --git a/test/regression/2023-10-13-uninitialized-memory.c b/test/regression/2023-10-13-uninitialized-memory.c new file mode 100644 index 0000000000..bf13fd0986 --- /dev/null +++ b/test/regression/2023-10-13-uninitialized-memory.c @@ -0,0 +1,21 @@ +// RUN: %clang %s -emit-llvm %O0opt -c -g -o %t.bc +// RUN: rm -rf %t.klee-out +// RUN: %klee --output-dir=%t.klee-out --use-sym-size-alloc --skip-not-symbolic-objects --use-merged-pointer-dereference=true %t.bc 2>&1 | FileCheck %s +#include "klee/klee.h" + +#include +#include +#include + +int main() { + char *s1 = (char *)malloc(1); + char *s2 = (char *)malloc(1); + if (s1[0] == s2[0]) { + printf("1) eq\n"); + } else { + printf("1) not eq\n"); + } + + // CHECK-DAG: 1) eq + // CHECK-DAG: 1) not eq +} diff --git a/tools/klee/main.cpp b/tools/klee/main.cpp index e9bb118371..0e509a9c00 100644 --- a/tools/klee/main.cpp +++ b/tools/klee/main.cpp @@ -408,14 +408,16 @@ class KleeHandler : public InterpreterHandler { void processTestCase(const ExecutionState &state, const char *message, const char *suffix, bool isError = false); - void writeTestCaseXML(bool isError, const KTest &out, unsigned id); + void writeTestCaseXML(bool isError, const KTest &out, unsigned id, + unsigned version = 0); std::string getOutputFilename(const std::string &filename); std::unique_ptr openOutputFile(const std::string &filename); - std::string getTestFilename(const std::string &suffix, unsigned id); - std::unique_ptr openTestFile(const std::string &suffix, - unsigned id); + std::string getTestFilename(const std::string &suffix, unsigned id, + unsigned version = 0); + std::unique_ptr + openTestFile(const std::string &suffix, unsigned id, unsigned version = 0); // load a .path file static void loadPathFile(std::string name, std::vector &buffer); @@ -556,11 +558,14 @@ KleeHandler::openOutputFile(const std::string &filename) { return f; } -std::string KleeHandler::getTestFilename(const std::string &suffix, - unsigned id) { +std::string KleeHandler::getTestFilename(const std::string &suffix, unsigned id, + unsigned version) { std::stringstream filename; - filename << "test" << std::setfill('0') << std::setw(6) << id << '.' - << suffix; + filename << "test" << std::setfill('0') << std::setw(6) << id; + if (version) { + filename << '_' << version; + } + filename << '.' << suffix; return filename.str(); } @@ -569,8 +574,9 @@ SmallString<128> KleeHandler::getOutputDirectory() const { } std::unique_ptr -KleeHandler::openTestFile(const std::string &suffix, unsigned id) { - return openOutputFile(getTestFilename(suffix, id)); +KleeHandler::openTestFile(const std::string &suffix, unsigned id, + unsigned version) { + return openOutputFile(getTestFilename(suffix, id, version)); } /* Outputs all files (.ktest, .kquery, .cov etc.) describing a test case */ @@ -598,12 +604,14 @@ void KleeHandler::processTestCase(const ExecutionState &state, if (WriteKTests) { if (success) { - if (!kTest_toFile( - &ktest, - getOutputFilename(getTestFilename("ktest", id)).c_str())) { - klee_warning("unable to write output test case, losing it"); - } else { - atLeastOneGenerated = true; + for (unsigned i = 0; i < ktest.uninitCoeff + 1; ++i) { + if (!kTest_toFile( + &ktest, + getOutputFilename(getTestFilename("ktest", id, i)).c_str())) { + klee_warning("unable to write output test case, losing it"); + } else { + atLeastOneGenerated = true; + } } if (WriteStates) { @@ -691,8 +699,10 @@ void KleeHandler::processTestCase(const ExecutionState &state, } if (WriteXMLTests) { - writeTestCaseXML(message != nullptr, ktest, id); - atLeastOneGenerated = true; + for (unsigned i = 0; i < ktest.uninitCoeff + 1; ++i) { + writeTestCaseXML(message != nullptr, ktest, id, i); + atLeastOneGenerated = true; + } } if (atLeastOneGenerated) { @@ -723,11 +733,11 @@ void KleeHandler::processTestCase(const ExecutionState &state, } void KleeHandler::writeTestCaseXML(bool isError, const KTest &assignments, - unsigned id) { + unsigned id, unsigned version) { // TODO: This is super specific to test-comp and assumes that the name is the // type information - auto file = openTestFile("xml", id); + auto file = openTestFile("xml", id, version); if (!file) return; diff --git a/unittests/Expr/ArrayExprTest.cpp b/unittests/Expr/ArrayExprTest.cpp index 68b6948612..c2c522007d 100644 --- a/unittests/Expr/ArrayExprTest.cpp +++ b/unittests/Expr/ArrayExprTest.cpp @@ -41,8 +41,8 @@ static ArrayCache ac; TEST(ArrayExprTest, HashCollisions) { klee::OptimizeArray = ALL; - std::vector> constVals(256, - ConstantExpr::create(5, Expr::Int8)); + SparseStorage> constVals( + ConstantExpr::create(5, Expr::Int8)); const Array *array = ac.CreateArray( ConstantExpr::create(256, sizeof(uint64_t) * CHAR_BIT), SourceBuilder::constant(constVals), Expr::Int32, Expr::Int8); diff --git a/unittests/Expr/ExprTest.cpp b/unittests/Expr/ExprTest.cpp index 2a34463d9f..f6d79683e7 100644 --- a/unittests/Expr/ExprTest.cpp +++ b/unittests/Expr/ExprTest.cpp @@ -128,9 +128,10 @@ TEST(ExprTest, ReadExprFoldingBasic) { unsigned size = 5; // Constant array - std::vector> Contents(size); + SparseStorage> Contents( + ConstantExpr::create(0, Expr::Int8)); for (unsigned i = 0; i < size; ++i) - Contents[i] = ConstantExpr::create(i + 1, Expr::Int8); + Contents.store(i, ConstantExpr::create(i + 1, Expr::Int8)); ArrayCache ac; const Array *array = @@ -148,7 +149,7 @@ TEST(ExprTest, ReadExprFoldingBasic) { // Read - should be constant folded to Contents[i] // Check that constant folding worked ConstantExpr *c = static_cast(read.get()); - EXPECT_EQ(Contents[i]->getZExtValue(), c->getZExtValue()); + EXPECT_EQ(Contents.load(i)->getZExtValue(), c->getZExtValue()); } } @@ -156,9 +157,10 @@ TEST(ExprTest, ReadExprFoldingIndexOutOfBound) { unsigned size = 5; // Constant array - std::vector> Contents(size); + SparseStorage> Contents( + ConstantExpr::create(0, Expr::Int8)); for (unsigned i = 0; i < size; ++i) - Contents[i] = ConstantExpr::create(i + 1, Expr::Int8); + Contents.store(i, ConstantExpr::create(i + 1, Expr::Int8)); ArrayCache ac; const Array *array = ac.CreateArray(ConstantExpr::create(size, sizeof(uint64_t) * CHAR_BIT), @@ -178,9 +180,10 @@ TEST(ExprTest, ReadExprFoldingConstantUpdate) { unsigned size = 5; // Constant array - std::vector> Contents(size); + SparseStorage> Contents( + ConstantExpr::create(0, Expr::Int8)); for (unsigned i = 0; i < size; ++i) - Contents[i] = ConstantExpr::create(i + 1, Expr::Int8); + Contents.store(i, ConstantExpr::create(i + 1, Expr::Int8)); ArrayCache ac; const Array *array = @@ -205,9 +208,10 @@ TEST(ExprTest, ReadExprFoldingConstantMultipleUpdate) { unsigned size = 5; // Constant array - std::vector> Contents(size); + SparseStorage> Contents( + ConstantExpr::create(0, Expr::Int8)); for (unsigned i = 0; i < size; ++i) - Contents[i] = ConstantExpr::create(i + 1, Expr::Int8); + Contents.store(i, ConstantExpr::create(i + 1, Expr::Int8)); ArrayCache ac; const Array *array = @@ -234,9 +238,10 @@ TEST(ExprTest, ReadExprFoldingSymbolicValueUpdate) { unsigned size = 5; // Constant array - std::vector> Contents(size); + SparseStorage> Contents( + ConstantExpr::create(0, Expr::Int8)); for (unsigned i = 0; i < size; ++i) - Contents[i] = ConstantExpr::create(i + 1, Expr::Int8); + Contents.store(i, ConstantExpr::create(i + 1, Expr::Int8)); ArrayCache ac; const Array *array = @@ -263,9 +268,10 @@ TEST(ExprTest, ReadExprFoldingSymbolicIndexUpdate) { unsigned size = 5; // Constant array - std::vector> Contents(size); + SparseStorage> Contents( + ConstantExpr::create(0, Expr::Int8)); for (unsigned i = 0; i < size; ++i) - Contents[i] = ConstantExpr::create(i + 1, Expr::Int8); + Contents.store(i, ConstantExpr::create(i + 1, Expr::Int8)); ArrayCache ac; const Array *array = diff --git a/unittests/Solver/Z3SolverTest.cpp b/unittests/Solver/Z3SolverTest.cpp index d10a7b853c..a9a2581d89 100644 --- a/unittests/Solver/Z3SolverTest.cpp +++ b/unittests/Solver/Z3SolverTest.cpp @@ -14,6 +14,7 @@ #include "gtest/gtest.h" +#include "klee/ADT/SparseStorage.h" #include "klee/Expr/ArrayCache.h" #include "klee/Expr/Constraints.h" #include "klee/Expr/Expr.h" @@ -40,14 +41,13 @@ TEST_F(Z3SolverTest, GetConstraintLog) { constraints_ty Constraints; const std::vector ConstantValues{1, 2, 3, 4}; - std::vector> ConstantExpressions; + SparseStorage> ConstantExpressions( + ConstantExpr::create(0, Expr::Int8)); - std::transform( - ConstantValues.begin(), ConstantValues.end(), - std::back_inserter(ConstantExpressions), [](const uint64_t Value) { - ref ConstantExpr(ConstantExpr::alloc(Value, Expr::Int8)); - return ConstantExpr; - }); + for (unsigned i = 0; i < ConstantValues.size(); ++i) { + ConstantExpressions.store( + i, ConstantExpr::alloc(ConstantValues[i], Expr::Int8)); + } const Array *ConstantArray = AC.CreateArray(ConstantExpr::create(4, sizeof(uint64_t) * CHAR_BIT),