inline int getopt(int argc, char * const argv[],
const char *optstring)
{
__CPROVER_HIDE:;
unsigned result_index;
__CPROVER_assume(result_index<argc);
#ifdef __CPROVER_STRING_ABSTRACTION
__CPROVER_assert(__CPROVER_is_zero_string(optstring),
"getopt zero-termination of 3rd argument");
#endif
optarg = argv[result_index];
}
inline size_t strlen(const char *s)
{
__CPROVER_HIDE:;
#ifdef __CPROVER_STRING_ABSTRACTION
__CPROVER_assert(__CPROVER_is_zero_string(s), "strlen zero-termination");
return __CPROVER_zero_string_length(s);
#else
__CPROVER_size_t len=0;
while(s[len]!=0) len++;
return len;
#endif
}
int main(void) {
unsigned int x = 0;
unsigned int y = 1;
while (x < 6) {
x++;
y *= 2;
}
__CPROVER_assert(x == 6, "A");
return 0;
}
inline int strcasecmp(const char *s1, const char *s2)
{
__CPROVER_HIDE:;
#if !defined(__linux__) || defined(__GLIBC__)
if(s1!=0 && s1==s2) return 0;
#else
// musl guarantees non-null of s1
if(s1==s2) return 0;
#endif
#ifdef __CPROVER_STRING_ABSTRACTION
int retval;
__CPROVER_assert(__CPROVER_is_zero_string(s1), "strcasecmp zero-termination of 1st argument");
__CPROVER_assert(__CPROVER_is_zero_string(s2), "strcasecmp zero-termination of 2nd argument");
if(__CPROVER_zero_string_length(s1) != __CPROVER_zero_string_length(s2)) __CPROVER_assume(retval!=0);
return retval;
#else
__CPROVER_size_t i=0;
unsigned char ch1, ch2;
do
{
ch1=s1[i];
ch2=s2[i];
if(ch1>='A' && ch1<='Z') ch1+=('a'-'A');
if(ch2>='A' && ch2<='Z') ch2+=('a'-'A');
if(ch1==ch2)
{
}
else if(ch1<ch2)
return -1;
else
return 1;
i++;
}
while(ch1!=0 && ch2!=0);
return 0;
#endif
}
int main(void)
{
opcode_t PROGRAM[PROGRAMSIZE];// = { 208, 202, 100, 101, 207, 208, 208, 204, 122 };
// Initialize the program nondeterministically.
init_program_cbmc(PROGRAM, PROGRAMSIZE);
bool all_ok = true;
for (Unsigned all_inputs = 0; all_inputs < 8; ++all_inputs)
{
bool in1 = (all_inputs & 4) != 0;
bool in2 = (all_inputs & 2) != 0;
bool in3 = (all_inputs & 1) != 0;
bool out1_desired = (in1 & in2) | (in1 & in3) | (in2 & in3);
bool out2_desired = in1 ^ in2 ^ in3;
// initialize stack; run the program; and fetch result.
bool STACK[STACKSIZE];
for (Unsigned i = 0; i < STACKSIZE; ++i)
{
STACK[i] = false;
}
Unsigned STACKPTR = 0;
STACK[STACKPTR++] = in1;
STACK[STACKPTR++] = in2;
STACK[STACKPTR++] = in3;
run_program(STACK, &STACKPTR, PROGRAM, PROGRAMSIZE);
bool out1 = STACK[STACKPTR - 2];
bool out2 = STACK[STACKPTR - 1];
bool ok = ((out1 == out1_desired) & (out2 == out2_desired));
//printf("all_inputs %u --> %d\n", all_inputs, ok);
if (!ok)
{
all_ok = false;
}
}
//printf("all_ok: %d\n", all_ok);
__CPROVER_assert(!all_ok, "found a program that works in all cases.");
return 0;
}
int main(void) {
unsigned int x;
while (x < 10) {
x++;
}
__CPROVER_assert(x == 10, "A");
return 0;
}
int main()
{
int *p;
p = malloc(sizeof(int));
unsigned int r = p;
if (r != 0)
*p = 1;
if (p != 0)
__CPROVER_assert (*p == 1, "malloc");
return 0;
}
int main(void) {
unsigned int x = 0;
//unsigned short N;
unsigned int N;
N %= 0xFFFF;
while (x < N) {
x += 2;
}
__CPROVER_assert(!(x % 2), "A");
return 0;
}
int main(void)
{
__CPROVER_synthesis_private_arg_forall_x=nondet_int();
__CPROVER_synthesis_root();
__CPROVER_assert(
__CPROVER_synthesis_ignore_D_x0
&& (!(__CPROVER_synthesis_ignore_D_x && __CPROVER_synthesis_ignore_G_x)
|| __CPROVER_synthesis_ignore_D_x_prime)
&& (!(__CPROVER_synthesis_ignore_D_x
&& !__CPROVER_synthesis_ignore_G_x)
|| !__CPROVER_synthesis_ignore_A_x), "");
return 0;
}
int main() {
__CPROVER_ASYNC_0:
P0(0);
__CPROVER_ASYNC_1:
P1(0);
__CPROVER_ASYNC_2:
P2(0);
__CPROVER_assume(__unbuffered_cnt==3);
fence();
// EXPECT:exists
__CPROVER_assert(!(z==2 && __unbuffered_p1_r1==1 && __unbuffered_p1_r3==0), "Program was expected to be safe for PPC, model checker should have said NO.\nThis likely is a bug in the tool chain.");
return 0;
}
void testA()
{
char arrayA1[100], arrayA2[100];
_Bool cmp;
int index;
cmp=__CPROVER_array_equal(arrayA1, arrayA2);
__CPROVER_assume(index>=0 && index<100);
__CPROVER_assume(cmp);
__CPROVER_assert(arrayA1[index]==arrayA2[index], "testA arrays are equal");
}
inline FILE *fopen(const char *filename, const char *mode)
{
__CPROVER_HIDE:;
(void)*filename;
(void)*mode;
#ifdef __CPROVER_STRING_ABSTRACTION
__CPROVER_assert(__CPROVER_is_zero_string(filename), "fopen zero-termination of 1st argument");
__CPROVER_assert(__CPROVER_is_zero_string(mode), "fopen zero-termination of 2nd argument");
#endif
FILE *fopen_result;
_Bool fopen_error;
fopen_result=fopen_error?NULL:malloc(sizeof(FILE));
#ifdef __CPROVER_CUSTOM_BITVECTOR_ANALYSIS
__CPROVER_set_must(fopen_result, "open");
__CPROVER_cleanup(fopen_result, fclose_cleanup);
#endif
return fopen_result;
}
inline long ftell(FILE *stream)
{
__CPROVER_HIDE:;
int return_value;
(void)*stream;
#ifdef __CPROVER_CUSTOM_BITVECTOR_ANALYSIS
__CPROVER_assert(__CPROVER_get_must(stream, "open"),
"ftell file must be open");
#endif
return return_value;
}
int main()
{
int x;
int y;
while(y > 0 && x<1000003)
{
x=x+y;
}
__CPROVER_assert(y<=0 || (y<0 && x>=1000003), "A");
return 0;
}
inline int fclose(FILE *stream)
{
__CPROVER_HIDE:;
#ifdef __CPROVER_CUSTOM_BITVECTOR_ANALYSIS
__CPROVER_assert(__CPROVER_get_must(stream, "open"),
"fclose file must be open");
__CPROVER_clear_must(stream, "open");
__CPROVER_set_must(stream, "closed");
#endif
int return_value;
free(stream);
return return_value;
}
inline char *strcpy(char *dst, const char *src)
{
__CPROVER_HIDE:;
#ifdef __CPROVER_STRING_ABSTRACTION
__CPROVER_assert(__CPROVER_is_zero_string(src), "strcpy zero-termination of 2nd argument");
__CPROVER_assert(__CPROVER_buffer_size(dst)>__CPROVER_zero_string_length(src), "strcpy buffer overflow");
dst[__CPROVER_zero_string_length(src)]=0;
__CPROVER_is_zero_string(dst)=1;
__CPROVER_zero_string_length(dst)=__CPROVER_zero_string_length(src);
#else
__CPROVER_size_t i=0;
char ch;
do
{
ch=src[i];
dst[i]=ch;
i++;
}
while(ch!=(char)0);
#endif
return dst;
}
inline int pthread_rwlock_destroy(pthread_rwlock_t *lock)
{
__CPROVER_HIDE:;
__CPROVER_assert(*((signed char *)lock)==0,
"rwlock held upon destroy");
*((signed char *)lock)=-1;
#ifdef __CPROVER_CUSTOM_BITVECTOR_ANALYSIS
__CPROVER_set_must(lock, "rwlock_destroyed");
#endif
return 0;
}
inline int pthread_cancel(pthread_t thread)
{
__CPROVER_HIDE:;
(void)thread;
#ifdef __CPROVER_CUSTOM_BITVECTOR_ANALYSIS
__CPROVER_assert(__CPROVER_get_must(&thread, "pthread-id"),
"pthread_cancel must be given valid thread ID");
#endif
int result;
return result;
}
int main()
{
int a[4], b[4];
int x,y,z;
__CPROVER_assume(1<=y && y<=3);
__CPROVER_assume(0<=z && z<=2);
b[y] = x;
b[z] = x;
for(unsigned i = 0;i<4;i++) {
a[i] = b[i];
}
__CPROVER_assert(a[y]==a[z], "a[y]==a[z]");
}
inline int fpurge(FILE *stream)
{
// just return nondet
__CPROVER_HIDE:;
int return_value;
(void)*stream;
#ifdef __CPROVER_CUSTOM_BITVECTOR_ANALYSIS
__CPROVER_assert(__CPROVER_get_must(stream, "open"),
"fpurge file must be open");
#endif
return return_value;
}
void *__builtin___memmove_chk(void *dest, const void *src, size_t n, __CPROVER_size_t size)
{
__CPROVER_HIDE:;
#ifdef __CPROVER_STRING_ABSTRACTION
__CPROVER_assert(__CPROVER_buffer_size(src)>=n, "memmove buffer overflow");
__CPROVER_assert(__CPROVER_buffer_size(dest)==size, "builtin object size");
// dst = src (with overlap allowed)
if(__CPROVER_is_zero_string(src) &&
n > __CPROVER_zero_string_length(src))
{
__CPROVER_is_zero_string(src)=1;
__CPROVER_zero_string_length(dest)=__CPROVER_zero_string_length(src);
}
else
__CPROVER_is_zero_string(dest)=0;
#else
(void)size;
char src_n[n];
__CPROVER_array_copy(src_n, (char*)src);
__CPROVER_array_replace((char*)dest, src_n);
#endif
return dest;
}
void *__builtin___memcpy_chk(void *dst, const void *src, __CPROVER_size_t n, __CPROVER_size_t size)
{
__CPROVER_HIDE:
#ifdef __CPROVER_STRING_ABSTRACTION
__CPROVER_assert(__CPROVER_buffer_size(src)>=n, "memcpy buffer overflow");
__CPROVER_assert(__CPROVER_buffer_size(dst)>=n, "memcpy buffer overflow");
__CPROVER_assert(__CPROVER_buffer_size(dst)==s, "builtin object size");
// for(size_t i=0; i<n ; i++) dst[i]=src[i];
if(__CPROVER_is_zero_string(src) &&
n > __CPROVER_zero_string_length(src))
{
__CPROVER_is_zero_string(dst)=1;
__CPROVER_zero_string_length(dst)=__CPROVER_zero_string_length(src);
}
else if(!(__CPROVER_is_zero_string(dst) &&
n <= __CPROVER_zero_string_length(dst)))
__CPROVER_is_zero_string(dst)=0;
#else
(void)size;
for(__CPROVER_size_t i=0; i<n ; i++) ((char *)dst)[i]=((const char *)src)[i];
#endif
return dst;
}
int main(void) {
unsigned int x = 0;
while (x < 0x0fffffff) {
if (x < 0xfff0) {
x++;
} else {
x += 2;
}
}
__CPROVER_assert(!(x % 2), "A");
return 0;
}
inline int getw(FILE *stream)
{
__CPROVER_HIDE:;
int return_value;
(void)*stream;
#ifdef __CPROVER_CUSTOM_BITVECTOR_ANALYSIS
__CPROVER_assert(__CPROVER_get_must(stream, "open"),
"getw file must be open");
#endif
// it's any int, no restriction
return return_value;
}
inline FILE *fdopen(int handle, const char *mode)
{
__CPROVER_HIDE:;
(void)handle;
(void)*mode;
#ifdef __CPROVER_STRING_ABSTRACTION
__CPROVER_assert(__CPROVER_is_zero_string(mode),
"fdopen zero-termination of 2nd argument");
#endif
FILE *f=malloc(sizeof(FILE));
return f;
}
inline int pthread_mutex_unlock(pthread_mutex_t *mutex)
{
__CPROVER_HIDE:;
// the fence must be before the unlock
__CPROVER_fence("WWfence", "RRfence", "RWfence", "WRfence",
"WWcumul", "RRcumul", "RWcumul", "WRcumul");
__CPROVER_atomic_begin();
__CPROVER_assert(*((__CPROVER_mutex_t *)mutex)==1,
"must hold lock upon unlock");
*((__CPROVER_mutex_t *)mutex)=0;
__CPROVER_atomic_end();
return 0; // we never fail
}
inline int fgetc(FILE *stream)
{
__CPROVER_HIDE:;
int return_value;
(void)*stream;
// it's a byte or EOF (-1)
__CPROVER_assume(return_value>=-1 && return_value<=255);
#ifdef __CPROVER_CUSTOM_BITVECTOR_ANALYSIS
__CPROVER_assert(__CPROVER_get_must(stream, "open"),
"fgetc file must be open");
#endif
return return_value;
}
inline int getc(FILE *stream)
{
__CPROVER_HIDE:;
int return_value;
(void)*stream;
#ifdef __CPROVER_CUSTOM_BITVECTOR_ANALYSIS
__CPROVER_assert(__CPROVER_get_must(stream, "open"),
"getc file must be open");
#endif
// It's a byte or EOF, which we fix to -1.
__CPROVER_assume(return_value>=-1 && return_value<=255);
return return_value;
}
void perror(const char *s)
{
__CPROVER_HIDE:;
if(s!=0)
{
#ifdef __CPROVER_STRING_ABSTRACTION
__CPROVER_assert(__CPROVER_is_zero_string(s), "perror zero-termination");
#endif
// should go to stderr
if(s[0]!=0)
printf("%s: ", s);
}
// TODO: print errno error
}
inline int fseek(FILE *stream, long offset, int whence)
{
__CPROVER_HIDE:;
int return_value;
(void)*stream;
(void)offset;
(void)whence;
#ifdef __CPROVER_CUSTOM_BITVECTOR_ANALYSIS
__CPROVER_assert(__CPROVER_get_must(stream, "open"),
"fseek file must be open");
#endif
return return_value;
}