diff --git a/.Makefile.lint b/.Makefile.lint
index 0fffac31e24ee1c965b48ae26c1f899d18068c78..6e0882bf1a1d2ba676649676b13ac90e70dd4f2d 100644
--- a/.Makefile.lint
+++ b/.Makefile.lint
@@ -10,7 +10,6 @@ ML_LINT_KO+=src/kernel_internals/runtime/messages.ml
ML_LINT_KO+=src/kernel_internals/runtime/messages.mli
ML_LINT_KO+=src/kernel_internals/runtime/special_hooks.ml
ML_LINT_KO+=src/kernel_internals/typing/allocates.ml
-ML_LINT_KO+=src/kernel_internals/typing/asm_contracts.ml
ML_LINT_KO+=src/kernel_internals/typing/frontc.mli
ML_LINT_KO+=src/kernel_internals/typing/infer_annotations.ml
ML_LINT_KO+=src/kernel_internals/typing/mergecil.mli
@@ -83,8 +82,6 @@ ML_LINT_KO+=src/kernel_services/ast_queries/file.mli
ML_LINT_KO+=src/kernel_services/ast_queries/logic_const.mli
ML_LINT_KO+=src/kernel_services/ast_transformations/clone.ml
ML_LINT_KO+=src/kernel_services/ast_transformations/clone.mli
-ML_LINT_KO+=src/kernel_services/ast_transformations/filter.ml
-ML_LINT_KO+=src/kernel_services/ast_transformations/filter.mli
ML_LINT_KO+=src/kernel_services/cmdline_parameters/cmdline.ml
ML_LINT_KO+=src/kernel_services/cmdline_parameters/cmdline.mli
ML_LINT_KO+=src/kernel_services/cmdline_parameters/parameter_category.ml
@@ -146,8 +143,6 @@ ML_LINT_KO+=src/libraries/utils/command.ml
ML_LINT_KO+=src/libraries/utils/command.mli
ML_LINT_KO+=src/libraries/utils/escape.mli
ML_LINT_KO+=src/libraries/utils/filepath.ml
-ML_LINT_KO+=src/libraries/utils/floating_point.ml
-ML_LINT_KO+=src/libraries/utils/floating_point.mli
ML_LINT_KO+=src/libraries/utils/hook.ml
ML_LINT_KO+=src/libraries/utils/hook.mli
ML_LINT_KO+=src/libraries/utils/hptmap.ml
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 4574184317f1fda2f69a2546368a9d5df11c9630..5fc98723cd96385bccd26cb9c1bbad01063241bb 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -7,7 +7,7 @@ stages:
variables:
CURRENT: $CI_COMMIT_REF_NAME
- DEFAULT: "master"
+ DEFAULT: "stable/scandium"
FRAMA_CI_OPT: "--override frama-c:$CI_COMMIT_REF_NAME,$CI_COMMIT_SHA"
OCAML: "4_08"
diff --git a/Changelog b/Changelog
index 13432e2d6da782f01e6dfdc9e1f1f59a372e9def..ea9cfbe042ecac5cfcf78ee33a1294ef6834aa2f 100644
--- a/Changelog
+++ b/Changelog
@@ -17,10 +17,36 @@
Open Source Release <next-release>
##################################
-- Kernel [2020/02/20] Add option -cpp-extra-args-per-file
+-* Doc [2020/05/07] Fixes internal refs in generated pdfs (fixes #2505)
+-* Kernel [2020/05/04] Accept UCN-encoded unicode char in ACSL (fixes #@849)
+o Kernel [2020/04/27] Plug-ins specific dirs now use Filepath instead of
+ mere strings.
+- Eva [2020/04/10] Fixes the Memexec cache on functions with logical
+ annotations about variables unused in the C body of the function.
+- Eva [2020/04/06] New option -eva-domains-function to enable domains
+ only on given functions. Argument <d:f> enables the domain [d]
+ on function [f], while <d:f+> also enables it on all functions
+ called from [f]. <d:f-> disables [d] from function [f].
+- Eva [2020/04/03] New experimental builtins for dynamic allocation
+ Frama_C_*alloc_imprecise: faster convergence, but very imprecise.
+- Kernel [2020/04/01] Report user errors when keys are not bound to a
+ value for command-line options that require pairs of key:value
+ as arguments. Such keys were silently ignored.
+*! Kernel [2020/03/30] Reject labels at end of blocks.
+- RTE [2020/03/30] Emits alarm on invalid pointers when option is on
+- Eva [2020/03/30] Emits alarm on invalid pointers when option is on
+- Kernel [2020/03/30] New option -warn-invalid-pointer (disabled by
+ default) to warn on invalid pointer arithmetics resulting in a
+ pointer that does not point to an object or one past an object.
+- RTE [2020/03/27] Emits alarm on pointer downcast when option is on
+- Eva [2020/03/27] Emits alarm on pointer downcast when option is on
+- Kernel [2020/03/27] New option -warn-pointer-downcast (activated by
+ default), to warn when a conversion between pointer and integer
+ might provoke a loss of precision.
+- Kernel [2020/03/20] Add option -cpp-extra-args-per-file
-* Kernel [2020/03/18] Fixes #@823 (-load-module/-load-script now accept
spaces in filename)
--* Kernel [2020/03/18] Fixes #@818 (term generated for downcast alarms)
+-* Kernel [2020/03/18] Fixes #@818 (term generated for downcast alarms)
- Eva [2020/03/17] Supports the ACSL extended quantifiers \min and \max.
- Eva [2020/03/17] deprecate options -eva-*-domain in favor of
-eva-domains
diff --git a/Makefile b/Makefile
index d7fe1a2f38616798562f994590c2e91f76801dcd..17e1df72b14666417a70dd255a35c21dfc7f8a95 100644
--- a/Makefile
+++ b/Makefile
@@ -258,6 +258,7 @@ DISTRIB_FILES:=\
share/analysis-scripts/cmd-dep.sh \
share/analysis-scripts/concat-csv.sh \
share/analysis-scripts/clone.sh \
+ share/analysis-scripts/creduce.sh \
$(wildcard share/analysis-scripts/examples/*) \
share/analysis-scripts/fc_stubs.c \
share/analysis-scripts/find_fun.py \
@@ -318,7 +319,7 @@ DISTRIB_TESTS=$(shell git ls-files \
tests \
src/plugins/aorai/tests \
src/plugins/report/tests \
- src/plugins/wp/tests)
+ src/plugins/wp/tests | $(SED) 's/ /@/g')
# files that are needed to compile API documentation of external plugins
@@ -860,7 +861,7 @@ endif
# General rules for ordering files within PLUGIN_CMO:
# - try to keep the legacy Value before Eva
-PLUGIN_CMO:= partitioning/split_strategy value_parameters \
+PLUGIN_CMO:= partitioning/split_strategy domains/domain_mode value_parameters \
utils/value_perf utils/eva_annotations \
utils/value_util utils/red_statuses \
utils/mark_noresults \
@@ -1412,8 +1413,13 @@ acsl_tests: byte
$(PRINT_EXEC) acsl_tests
find doc/speclang -name \*.c -exec ./bin/toplevel.byte$(EXE) {} \; > /dev/null
-LONELY_TESTS_ML_FILES:=\
- $(sort $(shell find $(TEST_DIRS_AS_PLUGIN:%=tests/%) -not -path '*/\.*' -name '*.ml'))
+LONELY_TESTS_DIR:=$(wildcard $(TEST_DIRS_AS_PLUGIN:%=tests/%))
+ifeq ($(strip $(LONELY_TESTS_DIR)),)
+ LONELY_TESTS_ML_FILES:=
+else
+ LONELY_TESTS_ML_FILES:=\
+ $(sort $(shell find $(TEST_DIRS_AS_PLUGIN:%=tests/%) -not -path '*/\.*' -name '*.ml'))
+endif
$(foreach file,$(LONELY_TESTS_ML_FILES),\
$(eval $(file:%.ml=%.cmo): BFLAGS+=-I $(dir $(file))))
$(foreach file,$(LONELY_TESTS_ML_FILES),\
@@ -1699,6 +1705,7 @@ check-devguide: $(CHECK_CODE) $(DOC_DEPEND) $(DOC_DIR)/kernel-doc.ocamldoc
# Note: the find command below is *very* ugly, but it should be POSIX-compliant.
ALL_ML_FILES:=$(shell find src -name '*.ml' -print -o -name '*.mli' -print -o -path '*/tests' -prune '!' -name '*')
+ALL_ML_FILES+=ptests/ptests.ml
MANUAL_ML_FILES:=$(filter-out $(GENERATED) $(PLUGIN_GENERATED_LIST), $(ALL_ML_FILES))
# Allow control of files to be linted/fixed by external sources
@@ -1932,6 +1939,7 @@ install:: install-lib-$(OCAMLBEST)
share/analysis-scripts/cmd-dep.sh \
share/analysis-scripts/concat-csv.sh \
share/analysis-scripts/clone.sh \
+ share/analysis-scripts/creduce.sh \
share/analysis-scripts/fc_stubs.c \
share/analysis-scripts/find_fun.py \
share/analysis-scripts/flamegraph.pl \
@@ -2430,7 +2438,7 @@ endif
@#although it seems to segfault in 4.0 (but not in 4.1)
$(RM) file_list_to_archive.tmp
@$(foreach file,$(DISTRIB_FILES) $(DISTRIB_TESTS),\
- echo $(file) >> file_list_to_archive.tmp$(NEWLINE))
+ echo $(file) | $(SED) 's/@/ /g' >> file_list_to_archive.tmp$(NEWLINE))
$(TAR) -cf - --files-from file_list_to_archive.tmp | $(TAR) -C $(CLIENT_DIR) -xf -
$(RM) file_list_to_archive.tmp
$(PRINT_MAKING) files
diff --git a/bin/frama-c.debug b/bin/frama-c.debug
index 89d9b58a60320637d298fbc80b9714ea19afb702..39667bbb3b51dce581215eab1876f0450075fe6c 100755
--- a/bin/frama-c.debug
+++ b/bin/frama-c.debug
@@ -24,12 +24,29 @@
. $(dirname $0)/local_export.sh
+if ! command -v ocamlc > /dev/null; then
+ echo "ocamlc not found" && exit 1;
+fi
+if ! command -v ocamldebug > /dev/null; then
+ echo "ocamldebug not found" && exit 1;
+fi
+
+OCAML_VERSION=$(ocamlc -version)
+case $OCAML_VERSION in
+4.05*|4.06*|4.07*) DYNLINK='load_printer "dynlink.cma"';;
+4.08*)
+ echo "impossible to load dynlink in ocamldebug for version $OCAML_VERSION";
+ echo "pretty-printers will not be loaded";
+ if test ! -e .ocamldebug; then GEN_OCAMLDEBUG=yes; touch .ocamldebug; fi;;
+*) DYNLINK=;;
+esac
+
if test ! -e .ocamldebug; then
GEN_OCAMLDEBUG=yes;
cat <<EOF > .ocamldebug;
load_printer "str.cma"
load_printer "zarith.cma"
-load_printer "dynlink.cma"
+$DYNLINK
load_printer "extlib.cmo"
load_printer "filepath.cmo"
load_printer "integer.cmo"
@@ -161,10 +178,11 @@ install_printer Cabs_debug.pp_attrs
install_printer Cabs_debug.pp_file
EOF
else
-GEN_OCAMLDEBUG=no;
+GEN_OCAMLDEBUG=${GEN_OCAMLDEBUG:-no};
fi
ocamldebug -I $(ocamlfind query zarith) -I $(ocamlfind query ocamlgraph) \
+ -I $(ocamlfind query compiler-libs) \
-I $FRAMAC_LIB $BINDIR/toplevel.byte "$@"
if test "$GEN_OCAMLDEBUG" = "yes"; then
diff --git a/doc/developer/advance.tex b/doc/developer/advance.tex
index 3aa40e5f9d34bb05d5296d13e370fb42bda538de..459e80d888a46cb31fd9c2fbb05cf238377adce0 100644
--- a/doc/developer/advance.tex
+++ b/doc/developer/advance.tex
@@ -612,6 +612,18 @@ A specific target \texttt{\$(PLUGIN\_NAME)\_TESTS} will specifically run the tes
of the plugin. One can add new tests as dependencies of this target.
The default tests are run by the target \texttt{\$(PLUGIN\_NAME)\_DEFAULT\_TESTS}.
+Additionally, when running \texttt{make tests} or
+\texttt{make \$(PLUGIN\_NAME)\_TESTS}
+it is possible to pass options to \texttt{ptests.opt} through the
+\texttt{PTESTS\_OPTS} variable.
+
+\begin{example}
+The following command will update the oracles of all tests of the Aoraï plug-in:
+\begin{shell}
+\$ make PTESTS_OPTS=-update Aorai_TESTS
+\end{shell}
+\end{example}
+
\texttt{ptests.opt} runs tests belonging to a sub-directory
of directory \texttt{tests}\codeidx{tests} that is specified in
\ptests configuration file. This configuration file,
@@ -709,37 +721,36 @@ There is exactly one directive by line. The different directives (\emph{i.e.}
possibilities for \texttt{CONFIG\_OPTION}) are detailed in
Section~\ref{ptests:directives}.
-\begin{important}
-Note that some specific configurations require dynamic linking, which
-is not available on all platforms for native code. {\tt ptests} takes
-care of reverting to bytecode when it detects that the {\tt OPT},
-{\tt EXECNOW}, or \texttt{EXEC} options of a test require dynamic linking. This
-occurs currently in the following cases:
-\begin{itemize}
-\item {\tt OPT} contains the option {\tt -load-script}
-\item {\tt OPT} contains the option {\tt -load-module}
-\item {\tt EXECNOW} and \texttt{EXEC} use {\tt make} to create a {\tt .cmxs}
-\end{itemize}
-\end{important}
-
\begin{important}
\textbf{Concurrency issues:}
tests using compiled modules ({\tt -load-script} or {\tt -load-module}) may
lead to concurrency issues when the same module is used in different test
files, or in different test cases within the same file. One way to avoid
- issues is to serialize tests via \texttt{EXECNOW} directives, e.g. by using
- \texttt{make} to compile a \texttt{.cmxs} from the \texttt{.ml} file, and
- then loading the \texttt{.cmxs} in the test cases, as in the example below.
+ issues is to serialize tests via \texttt{MODULE} directives, which will
+ take care of the compilation and of adding the corresponding
+ \texttt{-load-module} option to further \texttt{OPT} and
+ \texttt{STDOPT} directives:
\begin{listing-nonumber}
- EXECNOW: make -s @PTEST_DIR@/@PTEST_NAME@.cmxs
- STDOPT: #"-load-module @PTEST_DIR@/@PTEST_NAME.cmxs" ...
- STDOPT: #"-load-module @PTEST_DIR@/@PTEST_NAME.cmxs" ...
+ MODULE: @PTEST_DIR@/@PTEST_NAME@.cmxs
+ STDOPT: +"-opt1" ...
+ STDOPT: #"-opt2" ...
\end{listing-nonumber}
In addition, if the same script {\tt tests/suite/script.ml}
- is shared by several test files, the {\tt EXECNOW} directive should be put
- into {\tt tests/suite/test\_config}.
+ is shared by several test files in {\tt tests/suite},
+ it is necessary to compile the script once
+ when entering the directory hosting the suite. The {\tt MODULE} directive is
+ not well suited for that, and it is thus needed to resort to an {\tt EXECNOW}
+ directive in {\tt tests/suite/test\_config}:
+
+ \begin{listing-nonumber}
+ EXECNOW: make -s @PTEST_DIR@/common_module.cmxs
+ \end{listing-nonumber}
+
+ It is then necessary to explicitly use
+ {\tt -load-module @PTEST\_DIR@/common\_module.cmxs} in the appropriate
+ {\tt OPT} and {\tt STDOPT} directives.
\end{important}
@@ -832,9 +843,11 @@ Figure~\ref{fig:ptests-options} details the options of \ptests.
& \texttt{-byte} & Use bytecode toplevel & no \\
& \texttt{-opt} & Use native toplevel & yes \\
& \texttt{-gui} & Use GUI instead of console-based toplevel & no \\
-\hline \multirow{4}{16mm}{\centering{Behavior}}
+\hline \multirow{5}{16mm}{\centering{Behavior}}
& \texttt{-run} & Delete current results; run tests and examine results & yes
\\
+& \texttt{-dry-run} & Print commands, but do not execute them & no
+\\
& \texttt{-examine} & Only examine current results; do not run tests & no \\
& \texttt{-show} & Run tests and show results, but do not examine
them; implies \texttt{-byte} &
diff --git a/doc/developer/architecture.tex b/doc/developer/architecture.tex
index 0d01872a0df55208285caa53556e82c823c2e33c..6d9f6b197d1fb8ff86f151b43f508a32fb25c6b1 100644
--- a/doc/developer/architecture.tex
+++ b/doc/developer/architecture.tex
@@ -203,13 +203,6 @@ only possible one to define mutually dependent plug-ins while the third one
(through module \texttt{Db}) is now fully deprecated even if most of the older
\framac plug-ins are still defined this way.
-Plug-ins are usually dynamically linked when \framac is booting, even if some
-older \framac plug-ins are still statically linked. However it is still possible
-to statically link a dynamic plug-in if wanted or required. In particular,
-\ocaml does not support dynamic linking on some hardware
-architecture~\cite{caml}: in this case, you have to statically link all
-plug-ins.
-
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\section{Libraries}\label{archi:libraries}
diff --git a/doc/developer/examples/syntactic_check.ml b/doc/developer/examples/syntactic_check.ml
index 7fd91ded1698f4992a7e1becfab874ac8e948a83..74c141bde198eb34d54e978d903d87f3237b3746 100644
--- a/doc/developer/examples/syntactic_check.ml
+++ b/doc/developer/examples/syntactic_check.ml
@@ -31,7 +31,7 @@ class non_zero_divisor prj = object (self)
(* A division is an expression: we override the vexpr method *)
method! vexpr e = match e.enode with
| BinOp((Div|Mod), _, denom, _) ->
- let logic_denom = Logic_utils.expr_to_term ~cast:true denom in
+ let logic_denom = Logic_utils.expr_to_term ~coerce:false denom in
let assertion = Logic_const.prel (Rneq, logic_denom, Cil.lzero ()) in
(* At this point, we have built the assertion we want to insert. It remains
to attach it to the correct statement. The cil visitor maintains the
@@ -43,7 +43,7 @@ class non_zero_divisor prj = object (self)
| Kglobal -> assert false
| Kstmt s -> s
in
- let kf = Extlib.the self#current_kf in
+ let kf = Extlib.the self#current_kf in
(* The above statement and function are related to the original project. We
need to attach the new assertion to the corresponding statement and
function of the new project. Cil provides functions to convert a
diff --git a/doc/frama-c-book.cls b/doc/frama-c-book.cls
index 4e8120ed7891b011719bf7cac4759e85a8b888a2..5cd0cc0e7df22fc2ffaaca2923abbf0e6a3c3266 100644
--- a/doc/frama-c-book.cls
+++ b/doc/frama-c-book.cls
@@ -34,7 +34,6 @@ prefix=framacbook@,
\RequirePackage{lmodern}
\RequirePackage[T1]{fontenc}
\RequirePackage[utf8]{inputenc}
-\RequirePackage[pdftex,pdfstartview=FitH]{hyperref}
\RequirePackage{amssymb}
\RequirePackage{xcolor}
\RequirePackage[pdftex]{graphicx}
@@ -45,6 +44,7 @@ prefix=framacbook@,
\RequirePackage{fancyhdr}
\RequirePackage{titlesec}
\RequirePackage{upquote}
+\RequirePackage[pdftex,pdfstartview=FitH]{hyperref}
\ifusecc\RequirePackage{doclicense}\else\fi
% --------------------------------------------------------------------------
% --- Page Layout ---
diff --git a/doc/release/branch.tex b/doc/release/branch.tex
index a7c25e31dc274a72661c7e1a310ed39bf4b10ae1..ac7bb4a8631545f8acb89a793c44e592c74f0686 100644
--- a/doc/release/branch.tex
+++ b/doc/release/branch.tex
@@ -32,7 +32,7 @@ opam pin add frama-ci-tools git@git.frama-c.com:frama-c/Frama-CI.git
\item Run the command
\begin{shell}
frama-ci-create-branch --token=\$TOKEN \
---new-branch=stable/release --default-branch
+--name=stable/release --default-branch
\end{shell}
This command creates a branch \texttt{stable/release} for frama-c and for
each plugin tested by the CI — and configures the CI to use these branches
diff --git a/doc/rte/rte.tex b/doc/rte/rte.tex
index 260b1e10663f2fa95a2e86e59ce0a5e7d5c10834..228c049928b7299a356944ebcf38e546b939b0ae 100644
--- a/doc/rte/rte.tex
+++ b/doc/rte/rte.tex
@@ -805,6 +805,9 @@ signed overflows \\
\lstinline|-warn-signed-downcast| & boolean (false) & Generate annotations for
signed integer downcast \\
\hline
+\lstinline|-warn-pointer-downcast| & boolean (true) & Generate annotations for
+downcast of pointer values \\
+\hline
\lstinline|-warn-left-shift-negative| & boolean (true) & Generate annotations for
left shift on negative values \\
\hline
@@ -814,9 +817,12 @@ right shift on negative values \\
\lstinline|-warn-invalid-bool| & boolean (true) & Generate annotations for
\lstinline|_Bool| trap representations \\
\hline
-\lstinline|-warn-special-float| & string: \lstinline|non-finite|, (\lstinline|nan|) or \lstinline|none| & generate annotations when
+\lstinline|-warn-special-float| & string: (\lstinline|non-finite|), \lstinline|nan| or \lstinline|none| & generate annotations when
special floats are produced: infinite floats or NaN (by default), only on NaN or never. \\
\hline
+\lstinline|-warn-invalid-pointer| & boolean (false) & Generate annotations for
+invalid pointer arithmetic \\
+\hline
\end{tabular}
\caption{\framac kernel options, impacting \rte{}} \label{kernel}
\end{center}
diff --git a/doc/userman/gitlab-bug-report.png b/doc/userman/gitlab-bug-report.png
new file mode 100644
index 0000000000000000000000000000000000000000..1a5e0d9baeab646e9de16382061072b6224b2566
Binary files /dev/null and b/doc/userman/gitlab-bug-report.png differ
diff --git a/doc/userman/gitlab-login.png b/doc/userman/gitlab-login.png
new file mode 100644
index 0000000000000000000000000000000000000000..3fa9c4ec6f130ed30c10bc70756807dcc10dbb32
Binary files /dev/null and b/doc/userman/gitlab-login.png differ
diff --git a/doc/userman/source-preparation.graphml b/doc/userman/source-preparation.graphml
new file mode 100644
index 0000000000000000000000000000000000000000..a62a5c58f6c94c3a898442da64501e1cac0489b3
--- /dev/null
+++ b/doc/userman/source-preparation.graphml
@@ -0,0 +1,780 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<graphml xmlns="http://graphml.graphdrawing.org/xmlns" xmlns:java="http://www.yworks.com/xml/yfiles-common/1.0/java" xmlns:sys="http://www.yworks.com/xml/yfiles-common/markup/primitives/2.0" xmlns:x="http://www.yworks.com/xml/yfiles-common/markup/2.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:y="http://www.yworks.com/xml/graphml" xmlns:yed="http://www.yworks.com/xml/yed/3" xsi:schemaLocation="http://graphml.graphdrawing.org/xmlns http://www.yworks.com/xml/schema/graphml/1.1/ygraphml.xsd">
+ <!--Created by yEd 3.19-->
+ <key attr.name="Description" attr.type="string" for="graph" id="d0"/>
+ <key for="port" id="d1" yfiles.type="portgraphics"/>
+ <key for="port" id="d2" yfiles.type="portgeometry"/>
+ <key for="port" id="d3" yfiles.type="portuserdata"/>
+ <key attr.name="url" attr.type="string" for="node" id="d4"/>
+ <key attr.name="description" attr.type="string" for="node" id="d5"/>
+ <key for="node" id="d6" yfiles.type="nodegraphics"/>
+ <key for="graphml" id="d7" yfiles.type="resources"/>
+ <key attr.name="url" attr.type="string" for="edge" id="d8"/>
+ <key attr.name="description" attr.type="string" for="edge" id="d9"/>
+ <key for="edge" id="d10" yfiles.type="edgegraphics"/>
+ <graph edgedefault="directed" id="G">
+ <data key="d0"/>
+ <node id="n0">
+ <data key="d6">
+ <y:ShapeNode>
+ <y:Geometry height="233.5" width="1144.0" x="167.625" y="608.3519359999999"/>
+ <y:Fill hasColor="false" transparent="false"/>
+ <y:BorderStyle color="#FF9900" raised="false" type="line" width="3.0"/>
+ <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Noto Sans" fontSize="20" fontStyle="bold" hasBackgroundColor="false" hasLineColor="false" height="31.239974975585938" horizontalTextPosition="center" iconTextGap="4" modelName="eight_pos" modelPosition="s" textColor="#FF9900" verticalTextPosition="bottom" visible="true" width="113.41987609863281" x="515.2900619506836" y="237.5">frama-c *.c</y:NodeLabel>
+ <y:Shape type="roundrectangle"/>
+ </y:ShapeNode>
+ </data>
+ </node>
+ <node id="n1">
+ <data key="d6">
+ <y:ShapeNode>
+ <y:Geometry height="247.75" width="393.75" x="180.125" y="601.3519359999999"/>
+ <y:Fill hasColor="false" transparent="false"/>
+ <y:BorderStyle color="#3366FF" raised="false" type="dashed" width="2.0"/>
+ <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Noto Sans" fontSize="20" fontStyle="italic" hasBackgroundColor="false" hasLineColor="false" height="31.239974975585938" horizontalTextPosition="center" iconTextGap="4" modelName="eight_pos" modelPosition="s" textColor="#3366FF" verticalTextPosition="bottom" visible="true" width="269.4997863769531" x="62.12510681152344" y="251.75">delegated to a C preprocessor</y:NodeLabel>
+ <y:Shape type="roundrectangle"/>
+ </y:ShapeNode>
+ </data>
+ </node>
+ <node id="n2">
+ <data key="d6">
+ <y:ShapeNode>
+ <y:Geometry height="233.5" width="1144.0" x="167.625" y="344.8519359999999"/>
+ <y:Fill hasColor="false" transparent="false"/>
+ <y:BorderStyle color="#3366FF" raised="false" type="line" width="3.0"/>
+ <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Noto Sans" fontSize="20" fontStyle="bold" hasBackgroundColor="false" hasLineColor="false" height="31.239974975585938" horizontalTextPosition="center" iconTextGap="4" modelName="eight_pos" modelPosition="n" textColor="#3366FF" verticalTextPosition="bottom" visible="true" width="69.2999267578125" x="537.3500366210938" y="-35.23997497558594">gcc *.c</y:NodeLabel>
+ <y:Shape type="roundrectangle"/>
+ </y:ShapeNode>
+ </data>
+ </node>
+ <node id="n3">
+ <data key="d6">
+ <y:ShapeNode>
+ <y:Geometry height="73.0" width="113.0" x="191.0" y="367.0"/>
+ <y:Fill color="#C0C0C0" transparent="false"/>
+ <y:BorderStyle hasColor="false" raised="false" type="line" width="1.0"/>
+ <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Noto Sans" fontSize="20" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="31.239974975585938" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="93.57991027832031" x="9.710044860839844" y="20.88001251220703">source1.c<y:LabelModel>
+ <y:SmartNodeLabelModel distance="4.0"/>
+ </y:LabelModel>
+ <y:ModelParameter>
+ <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
+ </y:ModelParameter>
+ </y:NodeLabel>
+ <y:Shape type="rectangle"/>
+ </y:ShapeNode>
+ </data>
+ </node>
+ <node id="n4">
+ <data key="d6">
+ <y:ShapeNode>
+ <y:Geometry height="73.0" width="113.0" x="504.0" y="367.0"/>
+ <y:Fill color="#C0C0C0" transparent="false"/>
+ <y:BorderStyle hasColor="false" raised="false" type="line" width="1.0"/>
+ <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Noto Sans" fontSize="20" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="31.239974975585938" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="89.13990783691406" x="11.930046081542969" y="20.88001251220703">source1.i<y:LabelModel>
+ <y:SmartNodeLabelModel distance="4.0"/>
+ </y:LabelModel>
+ <y:ModelParameter>
+ <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
+ </y:ModelParameter>
+ </y:NodeLabel>
+ <y:Shape type="rectangle"/>
+ </y:ShapeNode>
+ </data>
+ </node>
+ <node id="n5">
+ <data key="d6">
+ <y:ShapeNode>
+ <y:Geometry height="73.0" width="113.0" x="783.75" y="367.0"/>
+ <y:Fill color="#C0C0C0" transparent="false"/>
+ <y:BorderStyle hasColor="false" raised="false" type="line" width="1.0"/>
+ <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Noto Sans" fontSize="20" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="58.479949951171875" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="64.5399169921875" x="24.23004150390625" y="7.2600250244140625">partial
+AST<y:LabelModel>
+ <y:SmartNodeLabelModel distance="4.0"/>
+ </y:LabelModel>
+ <y:ModelParameter>
+ <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
+ </y:ModelParameter>
+ </y:NodeLabel>
+ <y:Shape type="rectangle"/>
+ </y:ShapeNode>
+ </data>
+ </node>
+ <node id="n6">
+ <data key="d6">
+ <y:ShapeNode>
+ <y:Geometry height="73.0" width="113.0" x="978.75" y="485.0"/>
+ <y:Fill color="#C0C0C0" transparent="false"/>
+ <y:BorderStyle hasColor="false" raised="false" type="line" width="1.0"/>
+ <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Noto Sans" fontSize="20" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="31.239974975585938" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="96.07991027832031" x="8.460044860839844" y="20.88001251220703">source2.o<y:LabelModel>
+ <y:SmartNodeLabelModel distance="4.0"/>
+ </y:LabelModel>
+ <y:ModelParameter>
+ <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
+ </y:ModelParameter>
+ </y:NodeLabel>
+ <y:Shape type="rectangle"/>
+ </y:ShapeNode>
+ </data>
+ </node>
+ <node id="n7">
+ <data key="d6">
+ <y:ShapeNode>
+ <y:Geometry height="73.0" width="113.0" x="1162.75" y="425.0"/>
+ <y:Fill color="#C0C0C0" transparent="false"/>
+ <y:BorderStyle hasColor="false" raised="false" type="line" width="1.0"/>
+ <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Noto Sans" fontSize="20" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="31.239974975585938" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="106.27986145019531" x="3.3600692749023438" y="20.88001251220703">executable<y:LabelModel>
+ <y:SmartNodeLabelModel distance="4.0"/>
+ </y:LabelModel>
+ <y:ModelParameter>
+ <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
+ </y:ModelParameter>
+ </y:NodeLabel>
+ <y:Shape type="rectangle"/>
+ </y:ShapeNode>
+ </data>
+ </node>
+ <node id="n8">
+ <data key="d6">
+ <y:ShapeNode>
+ <y:Geometry height="73.0" width="113.0" x="191.0" y="485.0"/>
+ <y:Fill color="#C0C0C0" transparent="false"/>
+ <y:BorderStyle hasColor="false" raised="false" type="line" width="1.0"/>
+ <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Noto Sans" fontSize="20" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="31.239974975585938" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="93.57991027832031" x="9.710044860839844" y="20.88001251220703">source2.c<y:LabelModel>
+ <y:SmartNodeLabelModel distance="4.0"/>
+ </y:LabelModel>
+ <y:ModelParameter>
+ <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
+ </y:ModelParameter>
+ </y:NodeLabel>
+ <y:Shape type="rectangle"/>
+ </y:ShapeNode>
+ </data>
+ </node>
+ <node id="n9">
+ <data key="d6">
+ <y:ShapeNode>
+ <y:Geometry height="73.0" width="113.0" x="504.0" y="485.0"/>
+ <y:Fill color="#C0C0C0" transparent="false"/>
+ <y:BorderStyle hasColor="false" raised="false" type="line" width="1.0"/>
+ <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Noto Sans" fontSize="20" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="31.239974975585938" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="89.13990783691406" x="11.930046081542969" y="20.88001251220703">source2.i<y:LabelModel>
+ <y:SmartNodeLabelModel distance="4.0"/>
+ </y:LabelModel>
+ <y:ModelParameter>
+ <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
+ </y:ModelParameter>
+ </y:NodeLabel>
+ <y:Shape type="rectangle"/>
+ </y:ShapeNode>
+ </data>
+ </node>
+ <node id="n10">
+ <data key="d6">
+ <y:ShapeNode>
+ <y:Geometry height="73.0" width="113.0" x="783.75" y="485.0"/>
+ <y:Fill color="#C0C0C0" transparent="false"/>
+ <y:BorderStyle hasColor="false" raised="false" type="line" width="1.0"/>
+ <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Noto Sans" fontSize="20" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="58.479949951171875" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="64.5399169921875" x="24.23004150390625" y="7.2600250244140625">partial
+AST<y:LabelModel>
+ <y:SmartNodeLabelModel distance="4.0"/>
+ </y:LabelModel>
+ <y:ModelParameter>
+ <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
+ </y:ModelParameter>
+ </y:NodeLabel>
+ <y:Shape type="rectangle"/>
+ </y:ShapeNode>
+ </data>
+ </node>
+ <node id="n11">
+ <data key="d6">
+ <y:ShapeNode>
+ <y:Geometry height="73.0" width="113.0" x="191.0" y="630.5"/>
+ <y:Fill color="#C0C0C0" transparent="false"/>
+ <y:BorderStyle hasColor="false" raised="false" type="line" width="1.0"/>
+ <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Noto Sans" fontSize="20" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="58.479949951171875" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="97.35992431640625" x="7.820037841796875" y="7.2600250244140625">source1.c
+(C + ACSL)<y:LabelModel>
+ <y:SmartNodeLabelModel distance="4.0"/>
+ </y:LabelModel>
+ <y:ModelParameter>
+ <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
+ </y:ModelParameter>
+ </y:NodeLabel>
+ <y:Shape type="rectangle"/>
+ </y:ShapeNode>
+ </data>
+ </node>
+ <node id="n12">
+ <data key="d6">
+ <y:ShapeNode>
+ <y:Geometry height="73.0" width="113.0" x="451.0" y="630.5"/>
+ <y:Fill color="#C0C0C0" transparent="false"/>
+ <y:BorderStyle hasColor="false" raised="false" type="line" width="1.0"/>
+ <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Noto Sans" fontSize="20" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="58.479949951171875" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="98.73989868164062" x="7.1300506591796875" y="7.2600250244140625">source1.ci
+(see ¹)<y:LabelModel>
+ <y:SmartNodeLabelModel distance="4.0"/>
+ </y:LabelModel>
+ <y:ModelParameter>
+ <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
+ </y:ModelParameter>
+ </y:NodeLabel>
+ <y:Shape type="rectangle"/>
+ </y:ShapeNode>
+ </data>
+ </node>
+ <node id="n13">
+ <data key="d6">
+ <y:ShapeNode>
+ <y:Geometry height="73.0" width="86.0" x="905.5" y="630.5"/>
+ <y:Fill color="#C0C0C0" transparent="false"/>
+ <y:BorderStyle hasColor="false" raised="false" type="line" width="1.0"/>
+ <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Noto Sans" fontSize="20" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="58.479949951171875" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="64.5399169921875" x="10.73004150390625" y="7.2600250244140625">partial
+AST<y:LabelModel>
+ <y:SmartNodeLabelModel distance="4.0"/>
+ </y:LabelModel>
+ <y:ModelParameter>
+ <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
+ </y:ModelParameter>
+ </y:NodeLabel>
+ <y:Shape type="rectangle"/>
+ </y:ShapeNode>
+ </data>
+ </node>
+ <node id="n14">
+ <data key="d6">
+ <y:ShapeNode>
+ <y:Geometry height="73.0" width="66.0" x="1012.625" y="688.5"/>
+ <y:Fill color="#C0C0C0" transparent="false"/>
+ <y:BorderStyle hasColor="false" raised="false" type="line" width="1.0"/>
+ <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Noto Sans" fontSize="20" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="31.239974975585938" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="38.879974365234375" x="13.560012817382812" y="20.88001251220703">AST<y:LabelModel>
+ <y:SmartNodeLabelModel distance="4.0"/>
+ </y:LabelModel>
+ <y:ModelParameter>
+ <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
+ </y:ModelParameter>
+ </y:NodeLabel>
+ <y:Shape type="rectangle"/>
+ </y:ShapeNode>
+ </data>
+ </node>
+ <node id="n15">
+ <data key="d6">
+ <y:ShapeNode>
+ <y:Geometry height="73.0" width="113.0" x="1185.75" y="688.5"/>
+ <y:Fill color="#C0C0C0" transparent="false"/>
+ <y:BorderStyle hasColor="false" raised="false" type="line" width="1.0"/>
+ <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Noto Sans" fontSize="20" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="58.479949951171875" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="97.23988342285156" x="7.880058288574219" y="7.2600250244140625">analyses /
+ GUI<y:LabelModel>
+ <y:SmartNodeLabelModel distance="4.0"/>
+ </y:LabelModel>
+ <y:ModelParameter>
+ <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
+ </y:ModelParameter>
+ </y:NodeLabel>
+ <y:Shape type="rectangle"/>
+ </y:ShapeNode>
+ </data>
+ </node>
+ <node id="n16">
+ <data key="d6">
+ <y:ShapeNode>
+ <y:Geometry height="73.0" width="113.0" x="191.0" y="748.5"/>
+ <y:Fill color="#C0C0C0" transparent="false"/>
+ <y:BorderStyle hasColor="false" raised="false" type="line" width="1.0"/>
+ <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Noto Sans" fontSize="20" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="58.479949951171875" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="97.35992431640625" x="7.820037841796875" y="7.2600250244140625">source2.c
+(C + ACSL)<y:LabelModel>
+ <y:SmartNodeLabelModel distance="4.0"/>
+ </y:LabelModel>
+ <y:ModelParameter>
+ <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
+ </y:ModelParameter>
+ </y:NodeLabel>
+ <y:Shape type="rectangle"/>
+ </y:ShapeNode>
+ </data>
+ </node>
+ <node id="n17">
+ <data key="d6">
+ <y:ShapeNode>
+ <y:Geometry height="73.0" width="113.0" x="451.0" y="748.5"/>
+ <y:Fill color="#C0C0C0" transparent="false"/>
+ <y:BorderStyle hasColor="false" raised="false" type="line" width="1.0"/>
+ <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Noto Sans" fontSize="20" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="58.479949951171875" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="98.73989868164062" x="7.1300506591796875" y="7.2600250244140625">source2.ci
+(see ¹)<y:LabelModel>
+ <y:SmartNodeLabelModel distance="4.0"/>
+ </y:LabelModel>
+ <y:ModelParameter>
+ <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
+ </y:ModelParameter>
+ </y:NodeLabel>
+ <y:Shape type="rectangle"/>
+ </y:ShapeNode>
+ </data>
+ </node>
+ <node id="n18">
+ <data key="d6">
+ <y:ShapeNode>
+ <y:Geometry height="73.0" width="86.0" x="905.5" y="748.5"/>
+ <y:Fill color="#C0C0C0" transparent="false"/>
+ <y:BorderStyle hasColor="false" raised="false" type="line" width="1.0"/>
+ <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Noto Sans" fontSize="20" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="58.479949951171875" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="64.5399169921875" x="10.73004150390625" y="7.2600250244140625">partial
+AST<y:LabelModel>
+ <y:SmartNodeLabelModel distance="4.0"/>
+ </y:LabelModel>
+ <y:ModelParameter>
+ <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
+ </y:ModelParameter>
+ </y:NodeLabel>
+ <y:Shape type="rectangle"/>
+ </y:ShapeNode>
+ </data>
+ </node>
+ <node id="n19">
+ <data key="d6">
+ <y:ShapeNode>
+ <y:Geometry height="42.0" width="146.0" x="845.5" y="704.0"/>
+ <y:Fill hasColor="false" transparent="false"/>
+ <y:BorderStyle hasColor="false" raised="false" type="line" width="1.0"/>
+ <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Noto Sans" fontSize="16" fontStyle="italic" hasBackgroundColor="false" hasLineColor="false" height="25.792043685913086" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="110.9442138671875" x="17.52789306640625" y="8.103978157043457">merging phase<y:LabelModel>
+ <y:SmartNodeLabelModel distance="4.0"/>
+ </y:LabelModel>
+ <y:ModelParameter>
+ <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
+ </y:ModelParameter>
+ </y:NodeLabel>
+ <y:Shape type="rectangle"/>
+ </y:ShapeNode>
+ </data>
+ </node>
+ <node id="n20">
+ <data key="d6">
+ <y:ShapeNode>
+ <y:Geometry height="73.0" width="113.0" x="978.75" y="367.0"/>
+ <y:Fill color="#C0C0C0" transparent="false"/>
+ <y:BorderStyle hasColor="false" raised="false" type="line" width="1.0"/>
+ <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Noto Sans" fontSize="20" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="31.239974975585938" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="96.07991027832031" x="8.460044860839844" y="20.88001251220703">source1.o<y:LabelModel>
+ <y:SmartNodeLabelModel distance="4.0"/>
+ </y:LabelModel>
+ <y:ModelParameter>
+ <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
+ </y:ModelParameter>
+ </y:NodeLabel>
+ <y:Shape type="rectangle"/>
+ </y:ShapeNode>
+ </data>
+ </node>
+ <node id="n21">
+ <data key="d6">
+ <y:ShapeNode>
+ <y:Geometry height="73.0" width="113.0" x="716.0" y="630.5"/>
+ <y:Fill color="#C0C0C0" transparent="false"/>
+ <y:BorderStyle hasColor="false" raised="false" type="line" width="1.0"/>
+ <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Noto Sans" fontSize="20" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="58.479949951171875" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="89.13990783691406" x="11.930046081542969" y="7.2600250244140625">source1.i
+(see ²)<y:LabelModel>
+ <y:SmartNodeLabelModel distance="4.0"/>
+ </y:LabelModel>
+ <y:ModelParameter>
+ <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
+ </y:ModelParameter>
+ </y:NodeLabel>
+ <y:Shape type="rectangle"/>
+ </y:ShapeNode>
+ </data>
+ </node>
+ <node id="n22">
+ <data key="d6">
+ <y:ShapeNode>
+ <y:Geometry height="36.0" width="393.75" x="292.125" y="919.248064"/>
+ <y:Fill hasColor="false" transparent="false"/>
+ <y:BorderStyle hasColor="false" raised="false" type="line" width="1.0"/>
+ <y:NodeLabel alignment="left" autoSizePolicy="content" fontFamily="Noto Sans" fontSize="20" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="31.239974975585938" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="400.55950927734375" x="-3.404754638671875" y="2.3800125122070312"> ¹ preprocessed C + un-preprocessed ACSL<y:LabelModel>
+ <y:SmartNodeLabelModel distance="4.0"/>
+ </y:LabelModel>
+ <y:ModelParameter>
+ <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
+ </y:ModelParameter>
+ </y:NodeLabel>
+ <y:Shape type="rectangle"/>
+ </y:ShapeNode>
+ </data>
+ </node>
+ <node id="n23">
+ <data key="d6">
+ <y:ShapeNode>
+ <y:Geometry height="73.0" width="113.0" x="716.0" y="748.5"/>
+ <y:Fill color="#C0C0C0" transparent="false"/>
+ <y:BorderStyle hasColor="false" raised="false" type="line" width="1.0"/>
+ <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Noto Sans" fontSize="20" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="58.479949951171875" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="89.13990783691406" x="11.930046081542969" y="7.2600250244140625">source2.i
+(see ²)<y:LabelModel>
+ <y:SmartNodeLabelModel distance="4.0"/>
+ </y:LabelModel>
+ <y:ModelParameter>
+ <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
+ </y:ModelParameter>
+ </y:NodeLabel>
+ <y:Shape type="rectangle"/>
+ </y:ShapeNode>
+ </data>
+ </node>
+ <node id="n24">
+ <data key="d6">
+ <y:ShapeNode>
+ <y:Geometry height="3.599999999999909" width="522.0" x="228.0" y="896.75"/>
+ <y:Fill color="#C0C0C0" transparent="false"/>
+ <y:BorderStyle hasColor="false" raised="false" type="line" width="1.0"/>
+ <y:NodeLabel alignment="center" autoSizePolicy="content" backgroundColor="#FFFFFF" fontFamily="Noto Sans" fontSize="20" fontStyle="bolditalic" hasLineColor="false" height="31.239974975585938" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#808080" verticalTextPosition="bottom" visible="true" width="105.11988830566406" x="227.35598505070777" y="-13.819987487793014">section 5.2<y:LabelModel>
+ <y:SmartNodeLabelModel distance="4.0"/>
+ </y:LabelModel>
+ <y:ModelParameter>
+ <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.03623741226731758" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
+ </y:ModelParameter>
+ </y:NodeLabel>
+ <y:Shape type="rectangle"/>
+ </y:ShapeNode>
+ </data>
+ </node>
+ <node id="n25">
+ <data key="d6">
+ <y:ShapeNode>
+ <y:Geometry height="3.599999999999909" width="245.25" x="783.75" y="896.75"/>
+ <y:Fill color="#C0C0C0" transparent="false"/>
+ <y:BorderStyle hasColor="false" raised="false" type="line" width="1.0"/>
+ <y:NodeLabel alignment="center" autoSizePolicy="content" backgroundColor="#FFFFFF" fontFamily="Noto Sans" fontSize="20" fontStyle="bolditalic" hasLineColor="false" height="31.239974975585938" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#808080" verticalTextPosition="bottom" visible="true" width="105.11988830566406" x="78.95228120572756" y="-13.819987487793014">section 5.3<y:LabelModel>
+ <y:SmartNodeLabelModel distance="4.0"/>
+ </y:LabelModel>
+ <y:ModelParameter>
+ <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.03623741226731758" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
+ </y:ModelParameter>
+ </y:NodeLabel>
+ <y:Shape type="rectangle"/>
+ </y:ShapeNode>
+ </data>
+ </node>
+ <node id="n26">
+ <data key="d6">
+ <y:ShapeNode>
+ <y:Geometry height="3.599999999999909" width="199.79999999999995" x="1062.5499999999997" y="896.75"/>
+ <y:Fill color="#C0C0C0" transparent="false"/>
+ <y:BorderStyle hasColor="false" raised="false" type="line" width="1.0"/>
+ <y:NodeLabel alignment="center" autoSizePolicy="content" backgroundColor="#FFFFFF" fontFamily="Noto Sans" fontSize="20" fontStyle="bolditalic" hasLineColor="false" height="31.239974975585938" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#808080" verticalTextPosition="bottom" visible="true" width="105.11988830566406" x="54.5802908181779" y="-13.819987487793014">section 5.4<y:LabelModel>
+ <y:SmartNodeLabelModel distance="4.0"/>
+ </y:LabelModel>
+ <y:ModelParameter>
+ <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.03623741226731758" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
+ </y:ModelParameter>
+ </y:NodeLabel>
+ <y:Shape type="rectangle"/>
+ </y:ShapeNode>
+ </data>
+ </node>
+ <node id="n27">
+ <data key="d6">
+ <y:ShapeNode>
+ <y:Geometry height="36.0" width="393.75" x="783.75" y="919.248064"/>
+ <y:Fill hasColor="false" transparent="false"/>
+ <y:BorderStyle hasColor="false" raised="false" type="line" width="1.0"/>
+ <y:NodeLabel alignment="left" autoSizePolicy="content" fontFamily="Noto Sans" fontSize="20" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="31.239974975585938" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="364.19964599609375" x="4.0" y="2.3800125122070312">² preprocessed C + preprocessed ACSL<y:LabelModel>
+ <y:SmartNodeLabelModel distance="4.0"/>
+ </y:LabelModel>
+ <y:ModelParameter>
+ <y:SmartNodeLabelModelParameter labelRatioX="-0.5" labelRatioY="0.0" nodeRatioX="-0.5" nodeRatioY="0.0" offsetX="4.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
+ </y:ModelParameter>
+ </y:NodeLabel>
+ <y:Shape type="rectangle"/>
+ </y:ShapeNode>
+ </data>
+ </node>
+ <edge id="e0" source="n3" target="n4">
+ <data key="d10">
+ <y:PolyLineEdge>
+ <y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0"/>
+ <y:LineStyle color="#000000" type="line" width="1.0"/>
+ <y:Arrows source="none" target="standard"/>
+ <y:EdgeLabel alignment="center" backgroundColor="#FFFFFF" configuration="AutoFlippingLabel" distance="2.0" fontFamily="Noto Sans" fontSize="20" fontStyle="plain" hasLineColor="false" height="58.479949951171875" horizontalTextPosition="center" iconTextGap="4" modelName="custom" preferredPlacement="anywhere" ratio="0.5" textColor="#000000" verticalTextPosition="bottom" visible="true" width="138.35984802246094" x="30.82007598876953" y="-29.239974975585938">preprocessing
+(-E)<y:LabelModel>
+ <y:SmartEdgeLabelModel autoRotationEnabled="false" defaultAngle="0.0" defaultDistance="10.0"/>
+ </y:LabelModel>
+ <y:ModelParameter>
+ <y:SmartEdgeLabelModelParameter angle="0.0" distance="30.0" distanceToCenter="true" position="center" ratio="0.5" segment="0"/>
+ </y:ModelParameter>
+ <y:PreferredPlacementDescriptor angle="0.0" angleOffsetOnRightSide="0" angleReference="absolute" angleRotationOnRightSide="co" distance="-1.0" frozen="true" placement="anywhere" side="anywhere" sideReference="relative_to_edge_flow"/>
+ </y:EdgeLabel>
+ <y:BendStyle smoothed="false"/>
+ </y:PolyLineEdge>
+ </data>
+ </edge>
+ <edge id="e1" source="n4" target="n5">
+ <data key="d10">
+ <y:PolyLineEdge>
+ <y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0"/>
+ <y:LineStyle color="#000000" type="line" width="1.0"/>
+ <y:Arrows source="none" target="standard"/>
+ <y:EdgeLabel alignment="center" backgroundColor="#FFFFFF" configuration="AutoFlippingLabel" distance="2.0" fontFamily="Noto Sans" fontSize="20" fontStyle="plain" hasLineColor="false" height="58.479949951171875" horizontalTextPosition="center" iconTextGap="4" modelName="custom" preferredPlacement="anywhere" ratio="0.5" textColor="#000000" verticalTextPosition="bottom" visible="true" width="136.73985290527344" x="15.005073547363281" y="-29.239974975585938">parsing
+(-fsyntax-only)<y:LabelModel>
+ <y:SmartEdgeLabelModel autoRotationEnabled="false" defaultAngle="0.0" defaultDistance="10.0"/>
+ </y:LabelModel>
+ <y:ModelParameter>
+ <y:SmartEdgeLabelModelParameter angle="0.0" distance="30.0" distanceToCenter="true" position="center" ratio="0.5" segment="0"/>
+ </y:ModelParameter>
+ <y:PreferredPlacementDescriptor angle="0.0" angleOffsetOnRightSide="0" angleReference="absolute" angleRotationOnRightSide="co" distance="-1.0" frozen="true" placement="anywhere" side="anywhere" sideReference="relative_to_edge_flow"/>
+ </y:EdgeLabel>
+ <y:BendStyle smoothed="false"/>
+ </y:PolyLineEdge>
+ </data>
+ </edge>
+ <edge id="e2" source="n20" target="n7">
+ <data key="d10">
+ <y:PolyLineEdge>
+ <y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0"/>
+ <y:LineStyle color="#000000" type="line" width="1.0"/>
+ <y:Arrows source="none" target="standard"/>
+ <y:EdgeLabel alignment="center" backgroundColor="#FFFFFF" configuration="AutoFlippingLabel" distance="2.0" fontFamily="Noto Sans" fontSize="20" fontStyle="plain" hasLineColor="false" height="31.239974975585938" horizontalTextPosition="center" iconTextGap="4" modelName="custom" preferredPlacement="anywhere" ratio="0.5" textColor="#000000" verticalTextPosition="bottom" visible="true" width="37.359954833984375" x="16.820022583007812" y="27.025368115416654">link<y:LabelModel>
+ <y:SmartEdgeLabelModel autoRotationEnabled="false" defaultAngle="0.0" defaultDistance="10.0"/>
+ </y:LabelModel>
+ <y:ModelParameter>
+ <y:SmartEdgeLabelModelParameter angle="0.0" distance="30.0" distanceToCenter="true" position="right" ratio="0.5" segment="0"/>
+ </y:ModelParameter>
+ <y:PreferredPlacementDescriptor angle="0.0" angleOffsetOnRightSide="0" angleReference="absolute" angleRotationOnRightSide="co" distance="-1.0" frozen="true" placement="anywhere" side="anywhere" sideReference="relative_to_edge_flow"/>
+ </y:EdgeLabel>
+ <y:BendStyle smoothed="false"/>
+ </y:PolyLineEdge>
+ </data>
+ </edge>
+ <edge id="e3" source="n5" target="n20">
+ <data key="d10">
+ <y:PolyLineEdge>
+ <y:Path sx="0.0" sy="0.0" tx="9.25" ty="0.0"/>
+ <y:LineStyle color="#000000" type="line" width="1.0"/>
+ <y:Arrows source="none" target="standard"/>
+ <y:EdgeLabel alignment="center" configuration="AutoFlippingLabel" distance="2.0" fontFamily="Noto Sans" fontSize="20" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" hasText="false" height="4.0" horizontalTextPosition="center" iconTextGap="4" modelName="custom" preferredPlacement="anywhere" ratio="0.5" textColor="#000000" verticalTextPosition="bottom" visible="true" width="4.0" x="39.0" y="-2.0">
+ <y:LabelModel>
+ <y:SmartEdgeLabelModel autoRotationEnabled="false" defaultAngle="0.0" defaultDistance="10.0"/>
+ </y:LabelModel>
+ <y:ModelParameter>
+ <y:SmartEdgeLabelModelParameter angle="0.0" distance="30.0" distanceToCenter="true" position="center" ratio="0.5" segment="0"/>
+ </y:ModelParameter>
+ <y:PreferredPlacementDescriptor angle="0.0" angleOffsetOnRightSide="0" angleReference="absolute" angleRotationOnRightSide="co" distance="-1.0" frozen="true" placement="anywhere" side="anywhere" sideReference="relative_to_edge_flow"/>
+ </y:EdgeLabel>
+ <y:BendStyle smoothed="false"/>
+ </y:PolyLineEdge>
+ </data>
+ </edge>
+ <edge id="e4" source="n8" target="n9">
+ <data key="d10">
+ <y:PolyLineEdge>
+ <y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0"/>
+ <y:LineStyle color="#000000" type="line" width="1.0"/>
+ <y:Arrows source="none" target="standard"/>
+ <y:EdgeLabel alignment="center" backgroundColor="#FFFFFF" configuration="AutoFlippingLabel" distance="2.0" fontFamily="Noto Sans" fontSize="20" fontStyle="plain" hasLineColor="false" height="58.479949951171875" horizontalTextPosition="center" iconTextGap="4" modelName="custom" preferredPlacement="anywhere" ratio="0.5" textColor="#000000" verticalTextPosition="bottom" visible="true" width="138.35984802246094" x="30.82007598876953" y="-29.239974975585938">preprocessing
+(-E)<y:LabelModel>
+ <y:SmartEdgeLabelModel autoRotationEnabled="false" defaultAngle="0.0" defaultDistance="10.0"/>
+ </y:LabelModel>
+ <y:ModelParameter>
+ <y:SmartEdgeLabelModelParameter angle="0.0" distance="30.0" distanceToCenter="true" position="center" ratio="0.5" segment="0"/>
+ </y:ModelParameter>
+ <y:PreferredPlacementDescriptor angle="0.0" angleOffsetOnRightSide="0" angleReference="absolute" angleRotationOnRightSide="co" distance="-1.0" frozen="true" placement="anywhere" side="anywhere" sideReference="relative_to_edge_flow"/>
+ </y:EdgeLabel>
+ <y:BendStyle smoothed="false"/>
+ </y:PolyLineEdge>
+ </data>
+ </edge>
+ <edge id="e5" source="n9" target="n10">
+ <data key="d10">
+ <y:PolyLineEdge>
+ <y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0"/>
+ <y:LineStyle color="#000000" type="line" width="1.0"/>
+ <y:Arrows source="none" target="standard"/>
+ <y:EdgeLabel alignment="center" backgroundColor="#FFFFFF" configuration="AutoFlippingLabel" distance="2.0" fontFamily="Noto Sans" fontSize="20" fontStyle="plain" hasLineColor="false" height="58.479949951171875" horizontalTextPosition="center" iconTextGap="4" modelName="custom" preferredPlacement="anywhere" ratio="0.5" textColor="#000000" verticalTextPosition="bottom" visible="true" width="136.73985290527344" x="15.005073547363281" y="-29.239974975585938">parsing
+(-fsyntax-only)<y:LabelModel>
+ <y:SmartEdgeLabelModel autoRotationEnabled="false" defaultAngle="0.0" defaultDistance="10.0"/>
+ </y:LabelModel>
+ <y:ModelParameter>
+ <y:SmartEdgeLabelModelParameter angle="0.0" distance="30.0" distanceToCenter="true" position="center" ratio="0.5" segment="0"/>
+ </y:ModelParameter>
+ <y:PreferredPlacementDescriptor angle="0.0" angleOffsetOnRightSide="0" angleReference="absolute" angleRotationOnRightSide="co" distance="-1.0" frozen="true" placement="anywhere" side="anywhere" sideReference="relative_to_edge_flow"/>
+ </y:EdgeLabel>
+ <y:BendStyle smoothed="false"/>
+ </y:PolyLineEdge>
+ </data>
+ </edge>
+ <edge id="e6" source="n10" target="n6">
+ <data key="d10">
+ <y:PolyLineEdge>
+ <y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0"/>
+ <y:LineStyle color="#000000" type="line" width="1.0"/>
+ <y:Arrows source="none" target="standard"/>
+ <y:BendStyle smoothed="false"/>
+ </y:PolyLineEdge>
+ </data>
+ </edge>
+ <edge id="e7" source="n11" target="n12">
+ <data key="d10">
+ <y:PolyLineEdge>
+ <y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0"/>
+ <y:LineStyle color="#000000" type="line" width="1.0"/>
+ <y:Arrows source="none" target="standard"/>
+ <y:EdgeLabel alignment="center" backgroundColor="#FFFFFF" configuration="AutoFlippingLabel" distance="2.0" fontFamily="Noto Sans" fontSize="16" fontStyle="plain" hasLineColor="false" height="47.58408737182617" horizontalTextPosition="center" iconTextGap="4" modelName="custom" preferredPlacement="anywhere" ratio="0.5" textColor="#000000" verticalTextPosition="bottom" visible="true" width="111.48825073242188" x="17.755874633789062" y="-23.792043685913086">C
+preprocessing<y:LabelModel>
+ <y:SmartEdgeLabelModel autoRotationEnabled="false" defaultAngle="0.0" defaultDistance="10.0"/>
+ </y:LabelModel>
+ <y:ModelParameter>
+ <y:SmartEdgeLabelModelParameter angle="0.0" distance="30.0" distanceToCenter="true" position="center" ratio="0.5" segment="0"/>
+ </y:ModelParameter>
+ <y:PreferredPlacementDescriptor angle="0.0" angleOffsetOnRightSide="0" angleReference="absolute" angleRotationOnRightSide="co" distance="-1.0" frozen="true" placement="anywhere" side="anywhere" sideReference="relative_to_edge_flow"/>
+ </y:EdgeLabel>
+ <y:BendStyle smoothed="false"/>
+ </y:PolyLineEdge>
+ </data>
+ </edge>
+ <edge id="e8" source="n12" target="n21">
+ <data key="d10">
+ <y:PolyLineEdge>
+ <y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0"/>
+ <y:LineStyle color="#000000" type="line" width="1.0"/>
+ <y:Arrows source="none" target="standard"/>
+ <y:EdgeLabel alignment="center" backgroundColor="#FFFFFF" configuration="AutoFlippingLabel" distance="2.0" fontFamily="Noto Sans" fontSize="16" fontStyle="plain" hasLineColor="false" height="47.58408737182617" horizontalTextPosition="center" iconTextGap="4" modelName="custom" preferredPlacement="anywhere" ratio="0.5" textColor="#000000" verticalTextPosition="bottom" visible="true" width="111.48825073242188" x="20.255874633789062" y="-23.792043685913086">ACSL
+preprocessing<y:LabelModel>
+ <y:SmartEdgeLabelModel autoRotationEnabled="false" defaultAngle="0.0" defaultDistance="10.0"/>
+ </y:LabelModel>
+ <y:ModelParameter>
+ <y:SmartEdgeLabelModelParameter angle="0.0" distance="30.0" distanceToCenter="true" position="center" ratio="0.5" segment="0"/>
+ </y:ModelParameter>
+ <y:PreferredPlacementDescriptor angle="0.0" angleOffsetOnRightSide="0" angleReference="absolute" angleRotationOnRightSide="co" distance="-1.0" frozen="true" placement="anywhere" side="anywhere" sideReference="relative_to_edge_flow"/>
+ </y:EdgeLabel>
+ <y:BendStyle smoothed="false"/>
+ </y:PolyLineEdge>
+ </data>
+ </edge>
+ <edge id="e9" source="n14" target="n15">
+ <data key="d10">
+ <y:PolyLineEdge>
+ <y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0"/>
+ <y:LineStyle color="#000000" type="line" width="1.0"/>
+ <y:Arrows source="none" target="standard"/>
+ <y:EdgeLabel alignment="center" configuration="AutoFlippingLabel" distance="2.0" fontFamily="Noto Sans" fontSize="16" fontStyle="italic" hasBackgroundColor="false" hasLineColor="false" height="47.58408737182617" horizontalTextPosition="center" iconTextGap="4" modelName="custom" preferredPlacement="anywhere" ratio="0.5" textColor="#000000" verticalTextPosition="bottom" visible="true" width="103.9041748046875" x="1.61041259765625" y="-23.792043685913086">normalization
+phase<y:LabelModel>
+ <y:SmartEdgeLabelModel autoRotationEnabled="false" defaultAngle="0.0" defaultDistance="10.0"/>
+ </y:LabelModel>
+ <y:ModelParameter>
+ <y:SmartEdgeLabelModelParameter angle="0.0" distance="30.0" distanceToCenter="true" position="center" ratio="0.0" segment="0"/>
+ </y:ModelParameter>
+ <y:PreferredPlacementDescriptor angle="0.0" angleOffsetOnRightSide="0" angleReference="absolute" angleRotationOnRightSide="co" distance="-1.0" frozen="true" placement="anywhere" side="anywhere" sideReference="relative_to_edge_flow"/>
+ </y:EdgeLabel>
+ <y:BendStyle smoothed="false"/>
+ </y:PolyLineEdge>
+ </data>
+ </edge>
+ <edge id="e10" source="n13" target="n14">
+ <data key="d10">
+ <y:PolyLineEdge>
+ <y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0"/>
+ <y:LineStyle color="#000000" type="line" width="1.0"/>
+ <y:Arrows source="none" target="standard"/>
+ <y:EdgeLabel alignment="center" configuration="AutoFlippingLabel" distance="2.0" fontFamily="Noto Sans" fontSize="20" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" hasText="false" height="4.0" horizontalTextPosition="center" iconTextGap="4" modelName="custom" preferredPlacement="anywhere" ratio="0.5" textColor="#000000" verticalTextPosition="bottom" visible="true" width="4.0" x="8.5625" y="4.3076203295929645">
+ <y:LabelModel>
+ <y:SmartEdgeLabelModel autoRotationEnabled="false" defaultAngle="0.0" defaultDistance="10.0"/>
+ </y:LabelModel>
+ <y:ModelParameter>
+ <y:SmartEdgeLabelModelParameter angle="0.0" distance="30.0" distanceToCenter="true" position="center" ratio="0.5" segment="0"/>
+ </y:ModelParameter>
+ <y:PreferredPlacementDescriptor angle="0.0" angleOffsetOnRightSide="0" angleReference="absolute" angleRotationOnRightSide="co" distance="-1.0" frozen="true" placement="anywhere" side="anywhere" sideReference="relative_to_edge_flow"/>
+ </y:EdgeLabel>
+ <y:BendStyle smoothed="false"/>
+ </y:PolyLineEdge>
+ </data>
+ </edge>
+ <edge id="e11" source="n16" target="n17">
+ <data key="d10">
+ <y:PolyLineEdge>
+ <y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0"/>
+ <y:LineStyle color="#000000" type="line" width="1.0"/>
+ <y:Arrows source="none" target="standard"/>
+ <y:EdgeLabel alignment="center" backgroundColor="#FFFFFF" configuration="AutoFlippingLabel" distance="2.0" fontFamily="Noto Sans" fontSize="16" fontStyle="plain" hasLineColor="false" height="47.58408737182617" horizontalTextPosition="center" iconTextGap="4" modelName="custom" preferredPlacement="anywhere" ratio="0.5" textColor="#000000" verticalTextPosition="bottom" visible="true" width="111.48825073242188" x="17.755874633789062" y="-23.792043685913086">C
+preprocessing<y:LabelModel>
+ <y:SmartEdgeLabelModel autoRotationEnabled="false" defaultAngle="0.0" defaultDistance="10.0"/>
+ </y:LabelModel>
+ <y:ModelParameter>
+ <y:SmartEdgeLabelModelParameter angle="0.0" distance="30.0" distanceToCenter="true" position="center" ratio="0.5" segment="0"/>
+ </y:ModelParameter>
+ <y:PreferredPlacementDescriptor angle="0.0" angleOffsetOnRightSide="0" angleReference="absolute" angleRotationOnRightSide="co" distance="-1.0" frozen="true" placement="anywhere" side="anywhere" sideReference="relative_to_edge_flow"/>
+ </y:EdgeLabel>
+ <y:BendStyle smoothed="false"/>
+ </y:PolyLineEdge>
+ </data>
+ </edge>
+ <edge id="e12" source="n17" target="n23">
+ <data key="d10">
+ <y:PolyLineEdge>
+ <y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0"/>
+ <y:LineStyle color="#000000" type="line" width="1.0"/>
+ <y:Arrows source="none" target="standard"/>
+ <y:EdgeLabel alignment="center" backgroundColor="#FFFFFF" configuration="AutoFlippingLabel" distance="2.0" fontFamily="Noto Sans" fontSize="16" fontStyle="plain" hasLineColor="false" height="47.58408737182617" horizontalTextPosition="center" iconTextGap="4" modelName="custom" preferredPlacement="anywhere" ratio="0.5" textColor="#000000" verticalTextPosition="bottom" visible="true" width="111.48825073242188" x="20.255874633789062" y="-23.792043685913086">ACSL
+preprocessing<y:LabelModel>
+ <y:SmartEdgeLabelModel autoRotationEnabled="false" defaultAngle="0.0" defaultDistance="10.0"/>
+ </y:LabelModel>
+ <y:ModelParameter>
+ <y:SmartEdgeLabelModelParameter angle="0.0" distance="30.0" distanceToCenter="true" position="center" ratio="0.5" segment="0"/>
+ </y:ModelParameter>
+ <y:PreferredPlacementDescriptor angle="0.0" angleOffsetOnRightSide="0" angleReference="absolute" angleRotationOnRightSide="co" distance="-1.0" frozen="true" placement="anywhere" side="anywhere" sideReference="relative_to_edge_flow"/>
+ </y:EdgeLabel>
+ <y:BendStyle smoothed="false"/>
+ </y:PolyLineEdge>
+ </data>
+ </edge>
+ <edge id="e13" source="n18" target="n14">
+ <data key="d10">
+ <y:PolyLineEdge>
+ <y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0"/>
+ <y:LineStyle color="#000000" type="line" width="1.0"/>
+ <y:Arrows source="none" target="standard"/>
+ <y:BendStyle smoothed="false"/>
+ </y:PolyLineEdge>
+ </data>
+ </edge>
+ <edge id="e14" source="n6" target="n7">
+ <data key="d10">
+ <y:PolyLineEdge>
+ <y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0"/>
+ <y:LineStyle color="#000000" type="line" width="1.0"/>
+ <y:Arrows source="none" target="standard"/>
+ <y:EdgeLabel alignment="center" configuration="AutoFlippingLabel" distance="2.0" fontFamily="Noto Sans" fontSize="20" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" hasText="false" height="4.0" horizontalTextPosition="center" iconTextGap="4" modelName="custom" preferredPlacement="anywhere" ratio="0.5" textColor="#000000" underlinedText="true" verticalTextPosition="bottom" visible="true" width="4.0" x="33.5" y="-13.576080322265625">
+ <y:LabelModel>
+ <y:SmartEdgeLabelModel autoRotationEnabled="false" defaultAngle="0.0" defaultDistance="10.0"/>
+ </y:LabelModel>
+ <y:ModelParameter>
+ <y:SmartEdgeLabelModelParameter angle="0.0" distance="30.0" distanceToCenter="true" position="center" ratio="0.5" segment="0"/>
+ </y:ModelParameter>
+ <y:PreferredPlacementDescriptor angle="0.0" angleOffsetOnRightSide="0" angleReference="absolute" angleRotationOnRightSide="co" distance="-1.0" frozen="true" placement="anywhere" side="anywhere" sideReference="relative_to_edge_flow"/>
+ </y:EdgeLabel>
+ <y:BendStyle smoothed="false"/>
+ </y:PolyLineEdge>
+ </data>
+ </edge>
+ <edge id="e15" source="n21" target="n13">
+ <data key="d10">
+ <y:PolyLineEdge>
+ <y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0"/>
+ <y:LineStyle color="#000000" type="line" width="1.0"/>
+ <y:Arrows source="none" target="standard"/>
+ <y:EdgeLabel alignment="center" configuration="AutoFlippingLabel" distance="2.0" fontFamily="Noto Sans" fontSize="16" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="25.792043685913086" horizontalTextPosition="center" iconTextGap="4" modelName="two_pos" modelPosition="head" preferredPlacement="anywhere" ratio="0.5" textColor="#000000" verticalTextPosition="bottom" visible="true" width="60.944122314453125" x="7.7779388427734375" y="-27.792043685913086">parsing<y:PreferredPlacementDescriptor angle="0.0" angleOffsetOnRightSide="0" angleReference="absolute" angleRotationOnRightSide="co" distance="-1.0" frozen="true" placement="anywhere" side="anywhere" sideReference="relative_to_edge_flow"/>
+ </y:EdgeLabel>
+ <y:BendStyle smoothed="false"/>
+ </y:PolyLineEdge>
+ </data>
+ </edge>
+ <edge id="e16" source="n23" target="n18">
+ <data key="d10">
+ <y:PolyLineEdge>
+ <y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0"/>
+ <y:LineStyle color="#000000" type="line" width="1.0"/>
+ <y:Arrows source="none" target="standard"/>
+ <y:EdgeLabel alignment="center" configuration="AutoFlippingLabel" distance="2.0" fontFamily="Noto Sans" fontSize="16" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="25.792043685913086" horizontalTextPosition="center" iconTextGap="4" modelName="two_pos" modelPosition="head" preferredPlacement="anywhere" ratio="0.5" textColor="#000000" verticalTextPosition="bottom" visible="true" width="60.944122314453125" x="7.7779388427734375" y="-27.792043685913086">parsing<y:PreferredPlacementDescriptor angle="0.0" angleOffsetOnRightSide="0" angleReference="absolute" angleRotationOnRightSide="co" distance="-1.0" frozen="true" placement="anywhere" side="anywhere" sideReference="relative_to_edge_flow"/>
+ </y:EdgeLabel>
+ <y:BendStyle smoothed="false"/>
+ </y:PolyLineEdge>
+ </data>
+ </edge>
+ </graph>
+ <data key="d7">
+ <y:Resources/>
+ </data>
+</graphml>
diff --git a/doc/userman/source-preparation.pdf b/doc/userman/source-preparation.pdf
new file mode 100644
index 0000000000000000000000000000000000000000..eb623d94e7b1d7762d41335b5a9a4f5a88b95434
Binary files /dev/null and b/doc/userman/source-preparation.pdf differ
diff --git a/doc/userman/user-analysis.tex b/doc/userman/user-analysis.tex
index d82d08717a8db34d15bfc3a9859f8b71cf5e3243..926fc9eecd7aba7b21d073d120f60b8fa075ed65 100644
--- a/doc/userman/user-analysis.tex
+++ b/doc/userman/user-analysis.tex
@@ -152,6 +152,23 @@ With \texttt{-safe-arrays}, the two accesses to \lstinline|v| are considered
invalid. (Accessing \lstinline|v.b[-2]| or \lstinline|v.b[3]| remains incorrect,
regardless of the value of the option.)
+\item \optiondef{-}{warn-invalid-pointer} may be used to check that the code
+ does not perform illegal pointer arithmetics, creating pointers that do not
+ point inside an object or one past an object.
+ This option is disabled by default, allowing the creation of such invalid
+ pointers without alarm — but the dereferencing of an invalid pointer
+ \emph{always} generates an alarm.
+
+ For instance, no error is detected by default in the following example, as
+ the dereferencing is correct. However, if option
+ \texttt{-warn-invalid-pointer} is enabled, an error is detected at line 4.
+ \begin{ccode}
+ int x;
+ int *p = &x;
+ p++; // valid
+ p++; // undefined behavior
+ *(p-2) = 1;
+ \end{ccode}
\item \optiondef{-}{unspecified-access} may be used to check when the
evaluation of an expression depends on the order in which its sub-expressions
@@ -179,6 +196,16 @@ Here, the \texttt{x} might be incremented by \texttt{g} before or after the
call to \texttt{f}, but since the two write accesses occur in different
functions, \texttt{-unspecified-access} does not detect that.
+\item \optiondef{-}{warn-pointer-downcast} may be used to check that the code
+ does not downcast a pointer to an integer type. This option is set by default.
+ In the following example, analyzers report by default an error on the third
+ line. Disabling the option removes this verification.
+ \begin{ccode}
+ int x;
+ uintptr_t addr = &x;
+ int a = &x;
+ \end{ccode}
+
\item \optiondef{-}{warn-signed-downcast} may be used to check that the analyzed
code does not downcast an integer to a signed integer type. This option is
\emph{not} set by default. Without it, the analyzers do not perform such a
diff --git a/doc/userman/user-changes.tex b/doc/userman/user-changes.tex
index 75f767128b9a43f7c8fcb74845682e116f525124..262793fefb00e8968e01dcd6d1ca49469bea9ede 100644
--- a/doc/userman/user-changes.tex
+++ b/doc/userman/user-changes.tex
@@ -8,6 +8,8 @@ release. First we list changes of the last release.
\begin{itemize}
\item \textbf{Preparing the Sources:} added option
\texttt{-cpp-extra-args-per-file}.
+\item \textbf{Customizing Analyzers:} added options
+ \texttt{-warn-invalid-pointer} and \texttt{-warn-pointer-downcast}
\end{itemize}
\section*{20.0 (Calcium)}
diff --git a/doc/userman/user-errors.tex b/doc/userman/user-errors.tex
index 6174a79f7e4b5fad1d275c78d8c9af3b30aeb4fc..68370154cf42e040694f26fbc32e6de65c5163d1 100644
--- a/doc/userman/user-errors.tex
+++ b/doc/userman/user-errors.tex
@@ -1,94 +1,52 @@
\chapter{Reporting Errors}
\label{user-errors}
-If \FramaC crashes or behaves abnormally, you are invited to report a bug \via
-the \FramaC Bugs Tracking System (BTS) located at
-\url{http://bts.frama-c.com}.
+If \FramaC crashes or behaves abnormally, you are invited to report an issue
+\via the \FramaC Gitlab repository, located at \url{https://git.frama-c.com}.
+The {\em New Issue} page (\url{https://git.frama-c.com/pub/frama-c/issues/new})
+allows creating a new report, but you will need an account.
\begin{important}
-Opening a BTS account is required for such a task.
+ Unless you have an account provided by the \FramaC team, you need to sign in
+ using a Github account, as shown in Figure~\ref{fig:gitlab-login}.
\end{important}
-Bug reports can be marked as public or private.
-Public bug reports can be read by anyone and are indexed by search
-engines. Private bug reports are only shown to \FramaC developers.
-
-Reporting a new issue opens a webpage similar to the one shown in
-Figure~\ref{fig:bts}.
\begin{figure}[htbp]
\begin{center}
-\includegraphics[width=\textwidth]{bts.pdf}
+\includegraphics[width=\textwidth]{gitlab-login.png}
\end{center}
-\caption{The BTS Bugs Reporting Page}
-\label{fig:bts}
+\caption{The \FramaC Gitlab login page. Note that no direct account creation
+ is possible; you need to sign in via Github unless the \FramaC team
+ provided you an account.}
+\label{fig:gitlab-login}
\end{figure}
-This page also has a link to an advanced bugs reporting page that allows you to
-write a more detailed report. The different fields of these forms shall be
-filled \emph{in English}\footnote{French is also a possible language choice for private entries.}
-as precisely as possible, in order for the maintenance team to understand and
-track the problem down easily.
-
-Below are some recommendations for this purpose\footnote{You can also have a
- look at the associated \FramaC wiki:
- \url{http://bts.frama-c.com/dokuwiki/doku.php?id=mantis:frama-c:start}.}:
-
-\begin{description}
-
-\item[Category:] select as appropriate.
-
-\item[Reproducibility:] select as appropriate.
-
-\item[Severity:] select the level of severity. Levels are shown in increasing
- order of severity.
-
-\item[Profile or Platform, OS and OS Version:] enter your hardware and OS
- characteristics.
-
-\item[Product Version and Product Build] this can be obtained with the
- command \texttt{frama-c -version}\optionidx{-}{version}, see
- Section~\ref{sec:version}.
-
-\item[Summary:] give a brief one line description of the nature of your bug.
-\item[Description:] first, explain the \textit{actual behavior}, that is what
- you actually observe on your system. Then, describe your \textit{expected
- behavior} of \FramaC, that is the results you expect instead. A ``bug'' is
- sometimes due to a misunderstanding of the tool's behaviour or a
- misunderstanding of its results, so providing both behaviors is an essential
- part of the report. Please do clearly separate both parts in the description.
+When creating a new issue, choose the \texttt{bug\_report} template next to
+{\em Title}, then enter the title and fill the template.
-\item[Steps to reproduce:] provide everything necessary for a maintainer to
- reproduce the bug: input files, commands used, sequence of actions, \etc. If
- the bug appears through the \FramaC GUI, it may be useful to attach the
- generated journal (see Section~\ref{sec:journal}). Beware that this journal
- \textbf{does not} replace nor contain the input files, that must be added to
- the bug report too (see below).
+Bug reports can be marked as public or confidential.
+Public bug reports can be read by anyone and may be indexed by search
+engines. Confidential bug reports are only shown to \FramaC developers.
-\item[Additional Information:] any extra information that might help the
- maintainer.
-
-\item[Industrial:] set it to \texttt{true} if you have a maintenance contract
- with the \FramaC development team.
-
-\item[Upload File:] click on the \texttt{Browse} button to select a file for
- uploading. Typically, this is an archive that contains all files necessary
- for reproducing your problem. It can include \C source files, shell scripts
- to run \FramaC with your options and environment, a \FramaC journal,
- \etc. Please check the size of the archive in order to keep it manageable:
- leave out any object code or executable files that can be easily rebuilt
- automatically (by a shell script for instance).
-
-\item[View Status:] set it to \texttt{private} if your bug should not be
- visible by others users. Only yourself and the \FramaC developers will be
- able to see your bug report.
-
-\item[Report Stay:] tick if this report shall remain open for further
- additions.
+Reporting a new issue opens a webpage similar to the one shown in
+Figure~\ref{fig:gitlab-bug-report}.
+\begin{figure}[htbp]
+\begin{center}
+\includegraphics[width=\textwidth]{gitlab-bug-report.png}
+\end{center}
+\caption{The Gitlab new issue page, with the \texttt{bug\_report} template.
+ The checkbox at the bottom enables marking the issue as private, so that
+ only \FramaC developers can see it.}
+\label{fig:gitlab-bug-report}
+\end{figure}
-\end{description}
+Please fill the template as precisely as possible,
+\emph{in English}\footnote{French is also a possible language choice for
+ private entries.}, which helps the \FramaC team more quickly understand,
+reproduce and respond to the issue. The form uses Markdown syntax and you can
+attach source files and screenshots to the issue.
-After submitting the report you will be notified by e-mail about its progress
-and enter interactive mode on the BTS if necessary.
+Replies and updates concerning your issue are sent by e-mail by Gitlab.
%% Local Variables:
%% compile-command: "make"
diff --git a/doc/userman/user-intro.tex b/doc/userman/user-intro.tex
index 9dc8991c3699e8d30fcbe5abf5c66500c4ad14df..c0245ee59776c667f985a621b36bb22e388150fe 100644
--- a/doc/userman/user-intro.tex
+++ b/doc/userman/user-intro.tex
@@ -53,6 +53,6 @@ The remainder of this manual is organized in several chapters.
the platform.
\item[Chapter~\ref{user-gui}] gives a detailed description of the graphical
user interface of \FramaC.
-\item[Chapter~\ref{user-errors}] explains how to report errors \via the
- \FramaC's Bug Tracking System.
+\item[Chapter~\ref{user-errors}] explains how to report errors \via \FramaC's
+ public Gitlab repository.
\end{description}
diff --git a/doc/userman/user-sources.tex b/doc/userman/user-sources.tex
index 7ac40af185fa98101df258afe003a9b2d3badb83..ee189cbe97c2d80eb4e448417b23946573c27fa7 100644
--- a/doc/userman/user-sources.tex
+++ b/doc/userman/user-sources.tex
@@ -4,6 +4,31 @@ ojson\chapter{Preparing the Sources}
This chapter explains how to specify the source files that form the
basis of an analysis project, and describes options that influence parsing.
+\section{Overview of source processing in \FramaC}\label{sec:overview}
+
+For small projects and tests, processing the sources in \FramaC is as simple
+as running \texttt{frama-c *.c}. For more complex projects, however,
+some problems may arise when using this command, and the user must be aware
+of the several steps involved in \FramaC source processing to fix them.
+
+The diagram in Figure~\ref{fig:source-preparation} presents an overview
+of the steps described in this chapter. For comparison purposes, we add
+the equivalent process performed by a compiler such as GCC.
+
+\begin{figure}[htbp]
+ \begin{center}
+ \includegraphics[width=\textwidth]{source-preparation.pdf}
+ \caption{Overview of source preparation steps: as performed by GCC
+ (top) and as performed by \FramaC (bottom).}
+ \label{fig:source-preparation}
+ \end{center}
+\end{figure}
+
+The following sections describe various options related to the steps shown
+in the figure. Note that some plug-ins, such as \textsf{Variadic}
+(described in chapter~\ref{user-variadic}), perform further AST
+transformations before most analyses are run.
+
\section{Pre-processing the Source Files}\label{sec:preprocessing}
The list of files to analyze must be provided on the command line, or
diff --git a/doc/value/examples/alarms/pointer_arith.c b/doc/value/examples/alarms/pointer_arith.c
new file mode 100644
index 0000000000000000000000000000000000000000..2f66edd726d773f051d666f75e3d0994b882f3b4
--- /dev/null
+++ b/doc/value/examples/alarms/pointer_arith.c
@@ -0,0 +1,5 @@
+void main () {
+ int x, *p = &x;
+ p++;
+ p++;
+}
diff --git a/doc/value/examples/alarms/pointer_conversion.c b/doc/value/examples/alarms/pointer_conversion.c
new file mode 100644
index 0000000000000000000000000000000000000000..599a1f8645ca656e01b33bfa3237445c790647b0
--- /dev/null
+++ b/doc/value/examples/alarms/pointer_conversion.c
@@ -0,0 +1,7 @@
+#include <stdint.h>
+void main () {
+ char c;
+ uintptr_t a = &c;
+ char *p = (char *) (a + 1);
+ char *q = (char *) (a + 2);
+}
diff --git a/doc/value/main.tex b/doc/value/main.tex
index 6a79827826a2eec15b5f907e931fe61de45fa91c..96d66840582568d5262abe620678ac86a58c9c23 100644
--- a/doc/value/main.tex
+++ b/doc/value/main.tex
@@ -31,6 +31,7 @@
\newcommand{\framacversion}%
{\input{../../VERSION} (\input{../../VERSION_CODENAME}\unskip)}
+\newcommand{\isoc}{\textsf{C99}}
\newcommand{\Eva}{\textsf{Eva}}
@@ -630,7 +631,7 @@ no run-time error could happen when running the program.
The alarm means that \Eva{} could not prove that the value \verb|ks[i]|
accessed in \verb|skein_block.c:69| was definitely initialized before being
read. Reading an initialized value is an undefined behavior according to the
-ISO C99 standard (and can even lead to security vulnerabilities).
+\isoc{} standard (and can even lead to security vulnerabilities).
As is often the case, this alarm is related to the approximation introduced
in \verb|skein_block.c:56|, which is the loop responsible for initializing
@@ -1460,6 +1461,58 @@ to the attitude described in \ref{norme_pratique}. An option
to warn about these lines could happen if there was demand for
this feature.
+\subsubsection{Invalid pointer arithmetic}
+
+By default, \Eva{} does \emph{not} emit alarms on invalid pointer arithmetic:
+alarms are only emitted when an invalid pointer is dereferenced or wrongly used
+in a comparison, not at the creation of such pointers.
+
+However, if the \lstinline|-warn-invalid-pointer| option is enabled,
+\Eva{} emits an alarm when an operation may create a pointer that does
+not point inside an object or one past an object,
+even if this pointer is not used afterward.
+
+This may happen on:
+\begin{itemize}
+\item addition (or subtraction) of an integer from a pointer, when the analysis
+ is unable to prove that the resulting pointer points inside, or one past,
+ the same object pointed to by the initial pointer.
+ In this case, the emitted alarm reports a possible undefined behavior.
+\item conversion of an integer into a pointer. Except for the constant~0,
+ such a conversion is always an implementation-defined behavior
+ according to the \isoc{} standard. However, a footnote also explains that
+ conversion between pointers and integers is ``\emph{intended to
+ be consistent with the addressing structure of the execution environment}''.
+ This is why Eva also also authorizes conversion of integers:
+ \begin{itemize}
+ \item in the range of valid absolute addresses
+ (according to \texttt{absolute-valid-range})
+ \item computed from the address of an object \lstinline|o| such that the
+ resulting pointer points inside or one past the object \lstinline|o|.
+ \end{itemize}
+ In all other cases, an alarm is emitted, which reports the possible
+ implementation-defined behavior mentioned above.
+\end{itemize}
+
+In the example below, the first increment of the pointer \lstinline|p| is valid,
+although the resulting pointer should not be dereferenced. The second increment
+leads to an invalid alarm when option \lstinline|-warn-invalid-pointer| is on.
+\listinginput{1}{examples/alarms/pointer_arith.c}
+\begin{logs}
+ [eva:alarm] pointer_arith.c:4: Warning:
+ invalid pointer creation. assert \object_pointer(p + 1);
+\end{logs}
+
+In the same way, in the example below, the first conversion at line~5
+does not generate an alarm, but the second conversion leads to an invalid alarm
+with option \lstinline|-warn-invalid-pointer|.
+
+\listinginput{1}{examples/alarms/pointer_conversion.c}
+\begin{logs}
+ [eva:alarm] pointer_arith.c:6: Warning:
+ invalid pointer creation. assert \object_pointer((char *)(a + 2));
+\end{logs}
+
\subsubsection{Division by zero}
When dividing by an expression that the analysis
@@ -1494,7 +1547,7 @@ simpler than this one. Do not be surprised by them.
Another arithmetic alarm is the alarm emitted for logical
shift operations on integers where the second operand may be
larger than the size in bits of the first operand's type.
-Such an operation is left undefined by the ISO/IEC 9899:1999 standard, and
+Such an operation is left undefined by the \isoc{} standard, and
indeed, processors are often built in a way that such an
operation does not produce the \lstinline|0| or \lstinline|-1|
result that could have been expected. Here is an example
@@ -1506,7 +1559,7 @@ shift.c:4: ... invalid RHS operand for shift. assert 0 <= c < 32;
\Eva{} also detects shifts on negative integers.
Left-shifting a negative integer is an undefined behavior according to the
-ISO C99 standard, and leads to an alarm by default.
+\isoc{} standard, and leads to an alarm by default.
These alarms can be disabled by using the option
\lstinline|-no-warn-left-shift-negative|.
Right-shifting a negative integer is an implementation-defined operation,
@@ -1525,7 +1578,7 @@ By default, \Eva{} emits alarms for --- and reduces the
sets of possible results of --- signed arithmetic computations where
the possibility of an overflow exists. Indeed,
such overflows have an undefined behavior according to
-paragraph 6.5.5 of the ISO/IEC 9899:1999 standard.
+paragraph 6.5.5 of the \isoc{} standard.
%
If useful, it is also possible to assume that signed integers overflow
according to a 2's complement representation. The option
@@ -1536,10 +1589,16 @@ as potentially overflowing. This warning can also be disabled by option
By default, no alarm is emitted for arithmetic operations on unsigned integers
for which an overflow may happen, since such operations have
-defined semantics according to the ISO/IEC 9899:1999 standard.
+defined semantics according to the \isoc{} standard.
If one wishes to signal and prevent such unsigned overflows,
option \verb+-warn-unsigned-overflow+ can be used.
+By default, Eva emits alarms for downcasts of pointer values to (signed
+or unsigned) integer types. Such downcasts are indeed undefined behavior
+according to section 6.3.2.3, §6 of the \isoc{} standard.
+However, option \lstinline|-no-warn-pointer-downcast| can be used to disable
+these alarms.
+
Finally, by default, no alarm is emitted for downcasts to signed or unsigned
integers. In the signed case, the least significant bits
of the original value are used, and are interpreted according
@@ -1628,13 +1687,25 @@ uninitialized.c:13: ... accessing left-value that contains escaping addresses.
assert !\dangling(&p);
\end{logs}
-By default, \Eva{} does not emit an alarm for a copy from memory
-to memory when the copied values include dangling addresses or uninitialized
-contents. This behavior is safe because \Eva{} warns later, as soon
-as an unsafe value is used in a computation --either directly or
-after having been copied from another location.
-The copy operations for which alarms are not emitted are assignments
-from lvalues to lvalues (\lstinline|lv1 = lv2;|), passing lvalues
+By default, \Eva{} emits an alarm as soon as a value that may be uninitialized
+or a dangling address is read, even if this value is not used in any computation.
+
+However, it may be normal for some fields in a struct or union to contain
+such dangerous contents in some cases.
+Thus, \Eva{} \emph{never} emits an alarm for a copy from memory to memory
+of a struct or an union containing dangling addresses or uninitialized contents.
+This behavior is safe because \Eva{} warns later, as soon as an unsafe value is
+used in a computation --either directly or after having been copied from another
+location.
+
+This relaxed behavior on structs and unions can be extended to scalar variables
+with the option \lstinline|-eva-warn-copy-indeterminate|.
+Specifying \lstinline|-eva-warn-copy-indeterminate=-f| on the command-line
+will cause the analyzer to not emit alarms on copy operations occurring in
+function \lstinline|f|. The syntax \lstinline|-@all| can also be used to
+activate this behavior for all functions.
+In this mode, the copy operations for which alarms are not emitted are
+assignments from lvalues to lvalues (\lstinline|lv1 = lv2;|), passing lvalues
as arguments to functions (\lstinline|f(lv1);|), and returning
lvalues (\lstinline|return lv1;|). An exception is made
for lvalues passed as arguments to library functions: in this case,
@@ -1642,22 +1713,11 @@ because the function's code is missing, there is no chance to catch
the undefined access later; the analyzer emits an alarm at the point
of the call.
-The behavior documented above was implemented to avoid spurious warnings where
-the copied lvalues are structs or unions. In some cases, it may be normal
-for some fields in a struct or union to contain such dangerous contents.
-
-Option \lstinline|-eva-warn-copy-indeterminate| can be used to obtain a
-more aggressive behavior on scalar variables. Specifying \lstinline|-eva-warn-copy-indeterminate f|
-on the command-line will cause the analyzer to also emit an alarm on
-all dangerous copy operations occurring in function \lstinline|f|, as long as
-the copied lvalues are not structs or unions. The syntax \lstinline|@all|
-can also be used to activate this behavior for all functions.
-
\subsubsection{Trap representations of \_Bool values}
By default, \Eva{} emits an alarm whenever a trap representation might be read
from an lvalue of type \texttt{\_Bool}.
-According to the ISO/IEC 9899:1999 standard, the \texttt{\_Bool} type contains
+According to the \isoc{} standard, the \texttt{\_Bool} type contains
the values 0 and 1, but any other value might be a trap representation, that is,
an object representation that does not represent a valid value of the type.
Trap representations can be created through unions or pointer casts.
@@ -1809,7 +1869,7 @@ compiler, if we may ask such a rhetorical
question, is right? They all are, because the program is undefined.
When function \lstinline|copy()| is called from \lstinline|main()|,
the assignment \lstinline|*p = *q;| breaks
-C99's 6.5.16.1:3 rule. This rule states that
+\isoc{}'s 6.5.16.1:3 rule. This rule states that
in an assignment from lvalue to lvalue,
the left and right lvalues must overlap either exactly or not at all.
@@ -2115,7 +2175,7 @@ limited form, but imprecisions may accumulate quickly
\Eva{} does not check all the properties that could be
expected of it\footnote{There are 245 unspecified or undefined
- behaviors in Annex J of the ISO C99 standard.}. Support for each of
+ behaviors in Annex J of the \isoc{} standard.}. Support for each of
these missing features could arrive if the need was expressed. Below
are some of the existing limitations.
@@ -3844,7 +3904,7 @@ with large arrays and matrices, it is worth considering its usage.
\label{sec:eva}
-Starting from \FramaC Silicon, new analysis \emph{domains} are
+This section presents the analysis \emph{domains}
available to improve the precision on specific code constructs.
They can (and probably should) be enabled at the beginning of the analysis.
Their only downside is that they increase the analysis time.
@@ -3853,7 +3913,21 @@ These analysis domains are enabled by the option \texttt{-eva-domains}, followed
by a list of domain names. A list of the available domains, and a short
description of each one, can be displayed with \texttt{-eva-domains help}.
-\emph{Restrictions:}
+Domains can also be enabled for specific functions through option
+\texttt{-eva-domains-function}:
+\begin{itemize}
+\item \texttt{-eva-domains-function d1:f,d1:g,d2:h} enables the domain
+ \texttt{d1} on functions \lstinline+f+ and \lstinline+g+, and the domain
+ \texttt{d2} on function \lstinline+h+.
+\item \texttt{-eva-domains-function d:f+} enables the domain
+ \texttt{d} on function \lstinline+f+ and on any function called
+ from \lstinline+f+.
+\item \texttt{-eva-domains-function d:f-} disables the domain
+ \texttt{d} on function \lstinline+f+ and on any function called
+ from \lstinline+f+.
+\end{itemize}
+
+These analysis domains currently have some restrictions:
\begin{itemize}
\item adding a new domain may interact with the \lstinline+slevel+ partitioning
in unpredictable ways, and new alarms may sometimes appear;
diff --git a/headers/header_spec.txt b/headers/header_spec.txt
index dfdb833077bb0f6fe13cd38d9348d5067d5bafa9..593ff2ec4babcbe9806706009b5cb7f2621e32a4 100644
--- a/headers/header_spec.txt
+++ b/headers/header_spec.txt
@@ -114,6 +114,7 @@ ptests/ptests.ml: CEA_LGPL
share/_frama-c: CEA_LGPL
share/analysis-scripts/benchmark_database.py: .ignore
share/analysis-scripts/clone.sh: .ignore
+share/analysis-scripts/creduce.sh: CEA_LGPL
share/analysis-scripts/fc_stubs.c: .ignore
share/analysis-scripts/frama-c.mk: CEA_LGPL
share/analysis-scripts/frama_c_results.py: .ignore
@@ -944,6 +945,8 @@ src/plugins/occurrence/register_gui.ml: CEA_LGPL_OR_PROPRIETARY
src/plugins/occurrence/register_gui.mli: CEA_LGPL_OR_PROPRIETARY
src/plugins/instantiate/basic_blocks.ml: CEA_LGPL_OR_PROPRIETARY
src/plugins/instantiate/basic_blocks.mli: CEA_LGPL_OR_PROPRIETARY
+src/plugins/instantiate/global_context.ml: CEA_LGPL_OR_PROPRIETARY
+src/plugins/instantiate/global_context.mli: CEA_LGPL_OR_PROPRIETARY
src/plugins/instantiate/Instantiate.mli: CEA_LGPL_OR_PROPRIETARY
src/plugins/instantiate/instantiator_builder.ml: CEA_LGPL_OR_PROPRIETARY
src/plugins/instantiate/instantiator_builder.mli: CEA_LGPL_OR_PROPRIETARY
@@ -957,6 +960,8 @@ src/plugins/instantiate/stdlib/free.ml: CEA_LGPL_OR_PROPRIETARY
src/plugins/instantiate/stdlib/free.mli: CEA_LGPL_OR_PROPRIETARY
src/plugins/instantiate/stdlib/malloc.ml: CEA_LGPL_OR_PROPRIETARY
src/plugins/instantiate/stdlib/malloc.mli: CEA_LGPL_OR_PROPRIETARY
+src/plugins/instantiate/string/mem_utils.ml: CEA_LGPL_OR_PROPRIETARY
+src/plugins/instantiate/string/mem_utils.mli: CEA_LGPL_OR_PROPRIETARY
src/plugins/instantiate/string/memcmp.ml: CEA_LGPL_OR_PROPRIETARY
src/plugins/instantiate/string/memcmp.mli: CEA_LGPL_OR_PROPRIETARY
src/plugins/instantiate/string/memcpy.ml: CEA_LGPL_OR_PROPRIETARY
@@ -1223,6 +1228,8 @@ src/plugins/value/domains/cvalue/locals_scoping.ml: CEA_LGPL_OR_PROPRIETARY
src/plugins/value/domains/cvalue/locals_scoping.mli: CEA_LGPL_OR_PROPRIETARY
src/plugins/value/domains/cvalue/warn.ml: CEA_LGPL_OR_PROPRIETARY
src/plugins/value/domains/cvalue/warn.mli: CEA_LGPL_OR_PROPRIETARY
+src/plugins/value/domains/domain_mode.ml: CEA_LGPL_OR_PROPRIETARY
+src/plugins/value/domains/domain_mode.mli: CEA_LGPL_OR_PROPRIETARY
src/plugins/value/domains/domain_builder.ml: CEA_LGPL_OR_PROPRIETARY
src/plugins/value/domains/domain_builder.mli: CEA_LGPL_OR_PROPRIETARY
src/plugins/value/domains/domain_lift.ml: CEA_LGPL_OR_PROPRIETARY
@@ -1768,6 +1775,8 @@ src/plugins/wp/wpContext.ml: CEA_WP
src/plugins/wp/wpContext.mli: CEA_WP
src/plugins/wp/wpPropId.ml: CEA_WP
src/plugins/wp/wpPropId.mli: CEA_WP
+src/plugins/wp/wpReached.ml: CEA_WP
+src/plugins/wp/wpReached.mli: CEA_WP
src/plugins/wp/wpReport.ml: CEA_WP
src/plugins/wp/wpReport.mli: CEA_WP
src/plugins/wp/wpRTE.ml: CEA_WP
diff --git a/man/frama-c.1 b/man/frama-c.1
index 706d54135e1785b604e998aaccc3522b72559ceb..0fa77b175c62a1cc67debb77d2c4654444e360fd 100644
--- a/man/frama-c.1
+++ b/man/frama-c.1
@@ -25,7 +25,7 @@
.\" using pandoc 2.0 or newer. To modify this file, edit the Markdown file
.\" and run `make man/frama-c.1`.
-.TH FRAMA-C 1 2020-03-05
+.TH FRAMA-C 1 2020-04-02
.SH NAME
.PP
frama\-c[.byte] \- a static analyzer for C programs
@@ -737,6 +737,12 @@ parser:decimal\-float=once\f[] (and variants) instead.
.RS
.RE
.TP
+.B [\-no]\-warn\-invalid\-pointer
+generate alarms for invalid pointer arithmetic.
+Defaults to no.
+.RS
+.RE
+.TP
.B [\-no]\-warn\-left\-shift\-negative
generate alarms for signed left shifts on negative values.
Defaults to yes.
@@ -749,6 +755,13 @@ Defaults to no.
.RS
.RE
.TP
+.B [\-no]\-warn\-pointer\-downcast
+generates alarms when the downcast of a pointer may exceed the
+destination range.
+Defaults to yes.
+.RS
+.RE
+.TP
.B [\-no]\-warn\-signed\-downcast
generates alarms when signed downcasts may exceed the destination range.
Defaults to no.
diff --git a/man/frama-c.1.header b/man/frama-c.1.header
index ce56197c3e948b460514eedb2979d4a8b162ebe7..235124894053d3e0cceaa86f8793860a090af0d0 100644
--- a/man/frama-c.1.header
+++ b/man/frama-c.1.header
@@ -25,4 +25,4 @@
.\" using pandoc 2.0 or newer. To modify this file, edit the Markdown file
.\" and run `make man/frama-c.1`.
-.TH FRAMA-C 1 2020-03-05
+.TH FRAMA-C 1 2020-04-02
diff --git a/man/frama-c.1.md b/man/frama-c.1.md
index c5835e67eb2679f7bd0c620019070b21d54f4761..319c04fc20a3670566a429c73c2393888942264f 100644
--- a/man/frama-c.1.md
+++ b/man/frama-c.1.md
@@ -450,12 +450,19 @@ the case (this is the default).
**Deprecated**: use **-kernel-warn-key parser:decimal-float=once**
(and variants) instead.
+[-no]-warn-invalid-pointer
+: generate alarms for invalid pointer arithmetic. Defaults to no.
+
[-no]-warn-left-shift-negative
: generate alarms for signed left shifts on negative values. Defaults to yes.
[-no]-warn-right-shift-negative
: generate alarms for signed right shifts on negative values. Defaults to no.
+[-no]-warn-pointer-downcast
+: generates alarms when the downcast of a pointer may exceed the destination
+range. Defaults to yes.
+
[-no]-warn-signed-downcast
: generates alarms when signed downcasts may exceed the destination range.
Defaults to no.
diff --git a/ptests/ptests.ml b/ptests/ptests.ml
index 4db22c91fe23f353fbf34785921f6e5c8cf6a9f9..aa521c40b1790c1ce291811288a016fcc26ae1cc 100644
--- a/ptests/ptests.ml
+++ b/ptests/ptests.ml
@@ -90,21 +90,21 @@ let default_env = ref []
let add_default_env x y = default_env:=(x,y)::!default_env
let add_env var value =
- add_default_env var value;
- Unix.putenv var value
+ add_default_env var value;
+ Unix.putenv var value
let print_default_env fmt =
match !default_env with
- [] -> ()
- | l ->
- Format.fprintf fmt "@[Env:@\n";
- List.iter (fun (x,y) -> Format.fprintf fmt "%s = \"%s\"@\n" x y) l;
- Format.fprintf fmt "@]"
+ [] -> ()
+ | l ->
+ Format.fprintf fmt "@[Env:@\n";
+ List.iter (fun (x,y) -> Format.fprintf fmt "%s = \"%s\"@\n" x y) l;
+ Format.fprintf fmt "@]"
let default_env var value =
try
let v = Unix.getenv var in
- add_default_env (var ^ " (set from outside)") v
+ add_default_env (var ^ " (set from outside)") v
with Not_found -> add_env var value
(** the name of the directory-wide configuration file*)
@@ -147,7 +147,7 @@ let output_unix_error (exn : exn) =
let message = Unix.error_message error in
if arg = "" then
Format.eprintf "%s@." message
- else
+ else
Format.eprintf "%s: %s@." arg message
| _ -> assert false
@@ -163,7 +163,7 @@ let unlink ?(silent = true) file =
Unix.unlink file
with
| Unix_error _ when silent -> ()
- | Unix_error (ENOENT,_,_) -> () (* Ignore "Not such file or directory" *)
+ | Unix_error (ENOENT,_,_) -> () (* Ignore "No such file or directory" *)
| Unix_error _ as e -> output_unix_error e
let is_file_empty_or_nonexisting filename =
@@ -251,10 +251,10 @@ let () =
let example_msg =
Format.sprintf
"@.@[<v 0>\
- A test suite can be the name of a directory in ./tests or \
- the path to a file.@ @ \
- @[<v 1>\
- Some variables can be used in test command:@ \
+ A test suite can be the name of a directory in ./tests or \
+ the path to a file.@ @ \
+ @[<v 1>\
+ Some variables can be used in test command:@ \
@@PTEST_CONFIG@@ \
# test configuration suffix@ \
@@PTEST_FILE@@ \
@@ -265,8 +265,8 @@ let example_msg =
# basename of the test file@ \
@@PTEST_NUMBER@@ \
# test command number@] @ \
- @[<v 1>\
- Examples:@ \
+ @[<v 1>\
+ Examples:@ \
ptests@ \
ptests -diff \"echo diff\" -examine \
# see again the list of tests that failed@ \
@@ -285,70 +285,70 @@ let umsg = "Usage: ptests [options] [names of test suites]";;
let rec argspec =
[
- "-examine", Arg.Unit (fun () -> behavior := Examine) ,
- " Examine the logs that are different from oracles.";
- "-gui", Arg.Unit (fun () ->
- behavior := Gui;
- n := 1; (* Disable parallelism to see which GUI is launched *)
- ) ,
- " Start the tests in Frama-C's gui.";
- "-update", Arg.Unit (fun () -> behavior := Update) ,
- " Take the current logs as oracles.";
- "-show", Arg.Unit (fun () -> behavior := Show) ,
- " Show the results of the tests.";
- "-run", Arg.Unit (fun () -> behavior := Run) ,
- " (default) Delete logs, run tests, then examine logs different from \
- oracles.";
- "-v", Arg.Unit (fun () -> incr verbosity),
- " Increase verbosity (up to twice)" ;
- "-dry-run", Arg.Unit (fun () -> dry_run := true),
- " Do not run commands (use with -v to print all commands which would be run)" ;
- "-diff", Arg.String (fun s -> do_diffs := s;
- if !use_diff_as_cmp then do_cmp := s),
- "<command> Use command for diffs" ;
- "-cmp", Arg.String (fun s -> do_cmp:=s),
- "<command> Use command for comparison";
- "-make", Arg.String (fun s -> do_make := s;),
- "<command> Use command instead of make";
- "-use-diff-as-cmp",
- Arg.Unit (fun () -> use_diff_as_cmp:=true; do_cmp:=!do_diffs),
- " Use the diff command for performing comparisons";
- "-j", Arg.Int
- (fun i -> if i>=0
- then n := i
- else ( lock_printf "Option -j requires nonnegative argument@.";
- exit (-1))),
- "<n> Use nonnegative integer n for level of parallelism" ;
- "-byte", Arg.Set use_byte,
- " Use bytecode toplevel";
- "-opt", Arg.Clear use_byte,
- " Use native toplevel (default)";
- "-config", Arg.Set_string special_config,
- " <name> Use special configuration and oracles";
- "-add-options", Arg.Set_string additional_options,
- "<options> Add additional options to be passed to the toplevels \
- that will be launched. <options> are added after standard test options";
- "-add-options-pre", Arg.Set_string additional_options_pre,
- "<options> Add additional options to be passed to the toplevels \
- that will be launched. <options> are added before standard test options.";
- "-add-options-post", Arg.Set_string additional_options,
- "Synonym of -add-options";
- "-exclude", Arg.String exclude,
- "<name> Exclude a test or a suite from the run";
- "-xunit", Arg.Set xunit,
- " Create a xUnit file named xunit.xml collecting results";
- "-error-code", Arg.Set do_error_code,
- " Exit with error code 1 if tests failed (useful for scripts";
-]
+ "-examine", Arg.Unit (fun () -> behavior := Examine) ,
+ " Examine the logs that are different from oracles.";
+ "-gui", Arg.Unit (fun () ->
+ behavior := Gui;
+ n := 1; (* Disable parallelism to see which GUI is launched *)
+ ) ,
+ " Start the tests in Frama-C's gui.";
+ "-update", Arg.Unit (fun () -> behavior := Update) ,
+ " Take the current logs as oracles.";
+ "-show", Arg.Unit (fun () -> behavior := Show) ,
+ " Show the results of the tests.";
+ "-run", Arg.Unit (fun () -> behavior := Run) ,
+ " (default) Delete logs, run tests, then examine logs different from \
+ oracles.";
+ "-v", Arg.Unit (fun () -> incr verbosity),
+ " Increase verbosity (up to twice)" ;
+ "-dry-run", Arg.Unit (fun () -> dry_run := true),
+ " Do not run commands (use with -v to print all commands which would be run)" ;
+ "-diff", Arg.String (fun s -> do_diffs := s;
+ if !use_diff_as_cmp then do_cmp := s),
+ "<command> Use command for diffs" ;
+ "-cmp", Arg.String (fun s -> do_cmp:=s),
+ "<command> Use command for comparison";
+ "-make", Arg.String (fun s -> do_make := s;),
+ "<command> Use command instead of make";
+ "-use-diff-as-cmp",
+ Arg.Unit (fun () -> use_diff_as_cmp:=true; do_cmp:=!do_diffs),
+ " Use the diff command for performing comparisons";
+ "-j", Arg.Int
+ (fun i -> if i>=0
+ then n := i
+ else ( lock_printf "Option -j requires nonnegative argument@.";
+ exit (-1))),
+ "<n> Use nonnegative integer n for level of parallelism" ;
+ "-byte", Arg.Set use_byte,
+ " Use bytecode toplevel";
+ "-opt", Arg.Clear use_byte,
+ " Use native toplevel (default)";
+ "-config", Arg.Set_string special_config,
+ " <name> Use special configuration and oracles";
+ "-add-options", Arg.Set_string additional_options,
+ "<options> Add additional options to be passed to the toplevels \
+ that will be launched. <options> are added after standard test options";
+ "-add-options-pre", Arg.Set_string additional_options_pre,
+ "<options> Add additional options to be passed to the toplevels \
+ that will be launched. <options> are added before standard test options.";
+ "-add-options-post", Arg.Set_string additional_options,
+ "Synonym of -add-options";
+ "-exclude", Arg.String exclude,
+ "<name> Exclude a test or a suite from the run";
+ "-xunit", Arg.Set xunit,
+ " Create a xUnit file named xunit.xml collecting results";
+ "-error-code", Arg.Set do_error_code,
+ " Exit with error code 1 if tests failed (useful for scripts)";
+ ]
and help_msg () = Arg.usage (Arg.align argspec) umsg;;
let () =
Arg.parse
((Arg.align
(List.sort
- (fun (optname1, _, _) (optname2, _, _) ->
- compare optname1 optname2
- ) argspec)
+ (fun (optname1, _, _) (optname2, _, _) ->
+ compare optname1 optname2
+ ) argspec)
) @ ["", Arg.Unit (fun () -> ()), example_msg;])
make_test_suite umsg
;;
@@ -360,19 +360,19 @@ let fail s =
(** split the filename into before including "tests" dir and after including "tests" dir
NOTA: both part contains "tests" (one as suffix the other as prefix).
- *)
+*)
let rec get_upper_test_dir initial dir =
let tests = Filename.dirname dir in
if tests = dir then
- (* root directory *)
+ (* root directory *)
(fail (Printf.sprintf "Can't find a tests directory below %s" initial))
else
let base = Filename.basename dir in
- if base = "tests" then
- dir, "tests"
- else
- let tests, suffix = get_upper_test_dir initial tests in
- tests, Filename.concat suffix base
+ if base = "tests" then
+ dir, "tests"
+ else
+ let tests, suffix = get_upper_test_dir initial tests in
+ tests, Filename.concat suffix base
let rec get_test_path = function
| [] ->
@@ -497,19 +497,19 @@ end = struct
end
type execnow =
- {
- ex_cmd: string; (** command to launch *)
- ex_log: string list; (** log files *)
- ex_bin: string list; (** bin files *)
- ex_dir: SubDir.t; (** directory of test suite *)
- ex_once: bool; (** true iff the command has to be executed only once
- per config file (otherwise it is executed for
- every file of the test suite) *)
- ex_done: bool ref; (** has the command been already fully executed.
- Shared between all copies of this EXECNOW. Do
- NOT use a mutable field here, as execnows
- are duplicated using OCaml 'with' syntax. *)
- }
+ {
+ ex_cmd: string; (** command to launch *)
+ ex_log: string list; (** log files *)
+ ex_bin: string list; (** bin files *)
+ ex_dir: SubDir.t; (** directory of test suite *)
+ ex_once: bool; (** true iff the command has to be executed only once
+ per config file (otherwise it is executed for
+ every file of the test suite) *)
+ ex_done: bool ref; (** has the command been already fully executed.
+ Shared between all copies of this EXECNOW. Do
+ NOT use a mutable field here, as execnows
+ are duplicated using OCaml 'with' syntax. *)
+ }
module Macros =
@@ -585,22 +585,22 @@ end
(** configuration of a directory/test. *)
type config =
- {
- dc_test_regexp: string; (** regexp of test files. *)
- dc_execnow : execnow list; (** command to be launched before
- the toplevel(s)
- *)
- dc_macros: Macros.t; (** existing macros. *)
- dc_default_toplevel : string;
- (** full path of the default toplevel. *)
- dc_filter : string option; (** optional filter to apply to
- standard output *)
- dc_toplevels : (string * string * string list * Macros.t) list;
- (** toplevel full path, options to launch the toplevel on, and list
- of output files to monitor beyond stdout and stderr. *)
- dc_dont_run : bool;
- dc_default_log: string list;
- }
+ {
+ dc_test_regexp: string; (** regexp of test files. *)
+ dc_execnow : execnow list; (** command to be launched before
+ the toplevel(s)
+ *)
+ dc_macros: Macros.t; (** existing macros. *)
+ dc_default_toplevel : string;
+ (** full path of the default toplevel. *)
+ dc_filter : string option; (** optional filter to apply to
+ standard output *)
+ dc_toplevels : (string * string * string list * Macros.t) list;
+ (** toplevel full path, options to launch the toplevel on, and list
+ of output files to monitor beyond stdout and stderr. *)
+ dc_dont_run : bool;
+ dc_default_log: string list;
+ }
let default_macros () =
let l = [
@@ -651,20 +651,20 @@ let scan_execnow ~once dir (s:string) =
try
Scanf.sscanf s.ex_cmd "%_[ ]LOG%_[ ]%[-A-Za-z0-9_',+=:.\\@@]%_[ ]%s@\n"
(fun name cmd ->
- aux { s with ex_cmd = cmd; ex_log = name :: s.ex_log })
+ aux { s with ex_cmd = cmd; ex_log = name :: s.ex_log })
with Scanf.Scan_failure _ ->
- try
- Scanf.sscanf s.ex_cmd "%_[ ]BIN%_[ ]%[A-Za-z0-9_.\\-@@]%_[ ]%s@\n"
- (fun name cmd ->
- aux { s with ex_cmd = cmd; ex_bin = name :: s.ex_bin })
- with Scanf.Scan_failure _ ->
- try
- Scanf.sscanf s.ex_cmd "%_[ ]make%_[ ]%s@\n"
- (fun cmd ->
- let s = aux ({ s with ex_cmd = cmd; }) in
- { s with ex_cmd = !do_make^" "^cmd; } )
- with Scanf.Scan_failure _ ->
- s
+ try
+ Scanf.sscanf s.ex_cmd "%_[ ]BIN%_[ ]%[A-Za-z0-9_.\\-@@]%_[ ]%s@\n"
+ (fun name cmd ->
+ aux { s with ex_cmd = cmd; ex_bin = name :: s.ex_bin })
+ with Scanf.Scan_failure _ ->
+ try
+ Scanf.sscanf s.ex_cmd "%_[ ]make%_[ ]%s@\n"
+ (fun cmd ->
+ let s = aux ({ s with ex_cmd = cmd; }) in
+ { s with ex_cmd = !do_make^" "^cmd; } )
+ with Scanf.Scan_failure _ ->
+ s
in
aux
{ ex_cmd = s;
@@ -684,18 +684,18 @@ let make_custom_opts =
fun stdopts s ->
let rec aux opts s =
try
- Scanf.sscanf s "%_[ ]%1[+#\\-]%_[ ]%S%_[ ]%s@\n"
+ Scanf.sscanf s "%_[ ]%1[+#\\-]%_[ ]%S%_[ ]%s@\n"
(fun c opt rem ->
- match c with
- | "+" -> aux (opt :: opts) rem
- | "#" -> aux (opts @ [ opt ]) rem
- | "-" -> aux (List.filter (fun x -> x <> opt) opts) rem
- | _ -> assert false (* format of scanned string disallow it *))
+ match c with
+ | "+" -> aux (opt :: opts) rem
+ | "#" -> aux (opts @ [ opt ]) rem
+ | "-" -> aux (List.filter (fun x -> x <> opt) opts) rem
+ | _ -> assert false (* format of scanned string disallow it *))
with
| Scanf.Scan_failure _ ->
- if s <> "" then
- lock_eprintf "unknown STDOPT configuration string: %s\n%!" s;
- opts
+ if s <> "" then
+ lock_eprintf "unknown STDOPT configuration string: %s\n%!" s;
+ opts
| End_of_file -> opts
in
(* NB: current settings does not allow to remove a multiple-argument
@@ -718,7 +718,7 @@ let config_macro _dir s current =
Mutex.lock str_mutex;
if Str.string_match regex s 0 then begin
let name = Str.matched_group 1 s in
- let def =
+ let def =
try Str.matched_group 3 s with Not_found -> (* empty text *) ""
in
Mutex.unlock str_mutex;
@@ -740,16 +740,16 @@ let config_module dir s current =
let config_options =
[ "CMD",
- (fun _ s current ->
+ (fun _ s current ->
{ current with dc_default_toplevel = s});
"OPT",
(fun _ s current ->
let t = current.dc_default_toplevel, s, current.dc_default_log, current.dc_macros in
{ current with
-(* dc_default_toplevel = !current_default_toplevel;*)
- dc_default_log = !current_default_log;
- dc_toplevels = t :: current.dc_toplevels });
+ (* dc_default_toplevel = !current_default_toplevel;*)
+ dc_default_log = !current_default_log;
+ dc_toplevels = t :: current.dc_toplevels });
"STDOPT",
(fun _ s current ->
@@ -783,7 +783,7 @@ let config_options =
"MODULE", config_module;
"LOG",
(fun _ s current ->
- { current with dc_default_log = s :: current.dc_default_log })
+ { current with dc_default_log = s :: current.dc_default_log })
]
@@ -798,10 +798,10 @@ let scan_options dir scan_buffer default =
try
Scanf.sscanf s "%[ *]%[A-Za-z0-9]: %s@\n"
(fun _ name opt ->
- try
- r := (List.assoc name config_options) dir opt !r
- with Not_found ->
- lock_eprintf "@[unknown configuration option: %s@\n%!@]" name)
+ try
+ r := (List.assoc name config_options) dir opt !r
+ with Not_found ->
+ lock_eprintf "@[unknown configuration option: %s@\n%!@]" name)
with Scanf.Scan_failure _ ->
if str_string_match end_comment s 0
then raise End_of_file
@@ -814,9 +814,9 @@ let scan_options dir scan_buffer default =
assert false
with
End_of_file ->
- (match !r.dc_toplevels with
- | [] -> { !r with dc_toplevels = default.dc_toplevels }
- | l -> { !r with dc_toplevels = List.rev l })
+ (match !r.dc_toplevels with
+ | [] -> { !r with dc_toplevels = default.dc_toplevels }
+ | l -> { !r with dc_toplevels = List.rev l })
let split_config = Str.regexp ",[ ]*"
@@ -827,52 +827,52 @@ let scan_test_file default dir f =
(Unix.lstat f).Unix.st_kind = Unix.S_REG
with Unix.Unix_error _ | Sys_error _ -> false
in
- if exists_as_file then begin
- let scan_buffer = Scanf.Scanning.open_in f in
- let rec scan_config () =
- (* space in format string matches any number of whitespace *)
- Scanf.bscanf scan_buffer " /* %s@\n"
- (fun names ->
- let is_current_config name =
- name = "run.config*" ||
- name = "run.config" && !special_config = "" ||
- name = "run.config_" ^ !special_config
- in
- let configs = Str.split split_config (String.trim names) in
- if List.exists is_current_config configs then
- (* Found options for current config! *)
- scan_options dir scan_buffer default
- else (* config name does not match: eat config and continue.
- But only if the comment is still opened by the end of
- the line...
- *)
- (if not (str_string_match end_comment names 0) then
- ignore (scan_options dir scan_buffer default);
- scan_config ()))
- in
- try
- let options = scan_config () in
- Scanf.Scanning.close_in scan_buffer;
- options
- with End_of_file | Scanf.Scan_failure _ ->
- Scanf.Scanning.close_in scan_buffer;
- default
- end else
- (* if the file has disappeared, don't try to run it... *)
- { default with dc_dont_run = true }
+ if exists_as_file then begin
+ let scan_buffer = Scanf.Scanning.open_in f in
+ let rec scan_config () =
+ (* space in format string matches any number of whitespace *)
+ Scanf.bscanf scan_buffer " /* %s@\n"
+ (fun names ->
+ let is_current_config name =
+ name = "run.config*" ||
+ name = "run.config" && !special_config = "" ||
+ name = "run.config_" ^ !special_config
+ in
+ let configs = Str.split split_config (String.trim names) in
+ if List.exists is_current_config configs then
+ (* Found options for current config! *)
+ scan_options dir scan_buffer default
+ else (* config name does not match: eat config and continue.
+ But only if the comment is still opened by the end of
+ the line...
+ *)
+ (if not (str_string_match end_comment names 0) then
+ ignore (scan_options dir scan_buffer default);
+ scan_config ()))
+ in
+ try
+ let options = scan_config () in
+ Scanf.Scanning.close_in scan_buffer;
+ options
+ with End_of_file | Scanf.Scan_failure _ ->
+ Scanf.Scanning.close_in scan_buffer;
+ default
+ end else
+ (* if the file has disappeared, don't try to run it... *)
+ { default with dc_dont_run = true }
type toplevel_command =
- { macros: Macros.t;
- mutable log_files: string list;
- file : string ;
- nb_files : int ;
- options : string ;
- toplevel: string ;
- filter : string option ;
- directory : SubDir.t ;
- n : int;
- execnow:bool
- }
+ { macros: Macros.t;
+ mutable log_files: string list;
+ file : string ;
+ nb_files : int ;
+ options : string ;
+ toplevel: string ;
+ filter : string option ;
+ directory : SubDir.t ;
+ n : int;
+ execnow:bool
+ }
type command =
| Toplevel of toplevel_command
@@ -890,24 +890,24 @@ type cmps =
| Cmp_Log of SubDir.t (** directory *) * string (** file *)
type shared =
- { lock : Mutex.t ;
- mutable building_target : bool ;
- target_queue : command Queue.t ;
- commands_empty : Condition.t ;
- work_available : Condition.t ;
- diff_available : Condition.t ;
- mutable commands : command Queue.t ; (* file, options, number *)
- cmps : cmps Queue.t ;
- (* command that has finished its execution *)
- diffs : diff Queue.t ;
- (* cmp that showed some difference *)
- mutable commands_finished : bool ;
- mutable cmp_finished : bool ;
- mutable summary_time : float ;
- mutable summary_run : int ;
- mutable summary_ok : int ;
- mutable summary_log : int;
- }
+ { lock : Mutex.t ;
+ mutable building_target : bool ;
+ target_queue : command Queue.t ;
+ commands_empty : Condition.t ;
+ work_available : Condition.t ;
+ diff_available : Condition.t ;
+ mutable commands : command Queue.t ; (* file, options, number *)
+ cmps : cmps Queue.t ;
+ (* command that has finished its execution *)
+ diffs : diff Queue.t ;
+ (* cmp that showed some difference *)
+ mutable commands_finished : bool ;
+ mutable cmp_finished : bool ;
+ mutable summary_time : float ;
+ mutable summary_run : int ;
+ mutable summary_ok : int ;
+ mutable summary_log : int;
+ }
let shared =
{ lock = Mutex.create () ;
@@ -940,8 +940,8 @@ let name_without_extension command =
(Filename.chop_extension command.file)
with
Invalid_argument _ ->
- fail ("this test file does not have any extension: " ^
- command.file)
+ fail ("this test file does not have any extension: " ^
+ command.file)
let gen_prefix gen_file cmd =
let prefix = gen_file cmd.directory (name_without_extension cmd) in
@@ -1044,39 +1044,39 @@ let command_string command =
let stderr = match command.filter with
None -> errlog
| Some _ ->
- let stderr =
- Filename.temp_file (Filename.basename log_prefix) ".err.log"
- in
- at_exit (fun () -> unlink stderr);
- stderr
+ let stderr =
+ Filename.temp_file (Filename.basename log_prefix) ".err.log"
+ in
+ at_exit (fun () -> unlink stderr);
+ stderr
in
let filter = match command.filter with
| None -> None
| Some filter ->
- let len = String.length filter in
- let rec split_filter i =
- if i < len && filter.[i] = ' ' then split_filter (i+1)
- else
- try
- let idx = String.index_from filter i ' ' in
- String.sub filter i idx,
- String.sub filter idx (len - idx)
- with Not_found ->
- String.sub filter i (len - i), ""
- in
- let exec_name, params = split_filter 0 in
- let exec_name =
- if Sys.file_exists exec_name || not (Filename.is_relative exec_name)
- then exec_name
- else
- match find_in_path exec_name with
- | Some full_exec_name -> full_exec_name
- | None ->
- Filename.concat
- (Filename.dirname (Filename.dirname log_prefix))
- (Filename.basename exec_name)
- in
- Some (exec_name ^ params)
+ let len = String.length filter in
+ let rec split_filter i =
+ if i < len && filter.[i] = ' ' then split_filter (i+1)
+ else
+ try
+ let idx = String.index_from filter i ' ' in
+ String.sub filter i idx,
+ String.sub filter idx (len - idx)
+ with Not_found ->
+ String.sub filter i (len - i), ""
+ in
+ let exec_name, params = split_filter 0 in
+ let exec_name =
+ if Sys.file_exists exec_name || not (Filename.is_relative exec_name)
+ then exec_name
+ else
+ match find_in_path exec_name with
+ | Some full_exec_name -> full_exec_name
+ | None ->
+ Filename.concat
+ (Filename.dirname (Filename.dirname log_prefix))
+ (Filename.basename exec_name)
+ in
+ Some (exec_name ^ params)
in
let command_string = basic_command_string command in
let command_string =
@@ -1091,12 +1091,12 @@ let command_string command =
let command_string = match filter with
| None -> command_string
| Some filter ->
- Printf.sprintf "%s && %s < %s >%s && rm -f %s"
- command_string
- filter
- (Filename.sanitize stderr)
- (Filename.sanitize errlog)
- (Filename.sanitize stderr)
+ Printf.sprintf "%s && %s < %s >%s && rm -f %s"
+ command_string
+ filter
+ (Filename.sanitize stderr)
+ (Filename.sanitize errlog)
+ (Filename.sanitize stderr)
in
command_string
@@ -1111,17 +1111,17 @@ let update_toplevel_command command =
mv (log_prefix ^ ".res.log") (oracle_prefix ^ ".res.oracle");
(* Is there an error log ? *)
begin try
- let log = log_prefix ^ ".err.log"
- and oracle = oracle_prefix ^ ".err.oracle"
- in
- if is_file_empty_or_nonexisting log then
- (* No, remove the error oracle *)
- unlink ~silent:false oracle
- else
- (* Yes, update the error oracle*)
- mv log oracle
- with (* Possible error in [is_file_empty] *)
- Unix.Unix_error _ -> ()
+ let log = log_prefix ^ ".err.log"
+ and oracle = oracle_prefix ^ ".err.oracle"
+ in
+ if is_file_empty_or_nonexisting log then
+ (* No, remove the error oracle *)
+ unlink ~silent:false oracle
+ else
+ (* Yes, update the error oracle*)
+ mv log oracle
+ with (* Possible error in [is_file_empty] *)
+ Unix.Unix_error _ -> ()
end;
let macros = get_macros command in
let log_files = List.map (Macros.expand macros) command.log_files
@@ -1131,8 +1131,8 @@ let update_toplevel_command command =
let rec update_command = function
Toplevel cmd -> update_toplevel_command cmd
| Target (execnow,cmds) ->
- List.iter (update_log_files execnow.ex_dir) execnow.ex_log;
- Queue.iter update_command cmds
+ List.iter (update_log_files execnow.ex_dir) execnow.ex_log;
+ Queue.iter update_command cmds
let remove_execnow_results execnow =
List.iter
@@ -1141,13 +1141,13 @@ let remove_execnow_results execnow =
module Make_Report(M:sig type t end)=struct
module H=Hashtbl.Make
- (struct
- type t = toplevel_command
- let project cmd = (cmd.directory,cmd.file,cmd.n)
- let compare c1 c2 = compare (project c1) (project c2)
- let equal c1 c2 = (project c1)=(project c2)
- let hash c = Hashtbl.hash (project c)
- end)
+ (struct
+ type t = toplevel_command
+ let project cmd = (cmd.directory,cmd.file,cmd.n)
+ let compare c1 c2 = compare (project c1) (project c2)
+ let equal c1 c2 = (project c1)=(project c2)
+ let hash c = Hashtbl.hash (project c)
+ end)
let tbl = H.create 774
let m = Mutex.create ()
let record cmd (v:M.t) =
@@ -1166,7 +1166,7 @@ module Make_Report(M:sig type t end)=struct
end
module Report_run=Make_Report(struct type t=int*float
(* At some point will contain the running time*)
-end)
+ end)
let report_run cmp r = Report_run.record cmp r
module Report_cmp=Make_Report(struct type t=int*int end)
@@ -1174,12 +1174,12 @@ let report_cmp = Report_cmp.record
let pretty_report fmt =
Report_run.iter
(fun test (_run_result,time_result) ->
- Format.fprintf fmt
- "<testcase classname=%S name=%S time=\"%f\">%s</testcase>@."
- (Filename.basename (SubDir.get test.directory)) test.file time_result
- (let res,err = Report_cmp.find test in
- Report_cmp.remove test;
- (if res=0 && err=0 then "" else
+ Format.fprintf fmt
+ "<testcase classname=%S name=%S time=\"%f\">%s</testcase>@."
+ (Filename.basename (SubDir.get test.directory)) test.file time_result
+ (let res,err = Report_cmp.find test in
+ Report_cmp.remove test;
+ (if res=0 && err=0 then "" else
Format.sprintf "<failure type=\"Regression\">%s</failure>"
(if res=1 then "Stdout oracle difference"
else if res=2 then "Stdout System Error (missing oracle?)"
@@ -1189,10 +1189,10 @@ let pretty_report fmt =
(* Test that were compared but not runned *)
Report_cmp.iter
(fun test (res,err) ->
- Format.fprintf fmt
- "<testcase classname=%S name=%S>%s</testcase>@."
- (Filename.basename (SubDir.get test.directory)) test.file
- (if res=0 && err=0 then "" else
+ Format.fprintf fmt
+ "<testcase classname=%S name=%S>%s</testcase>@."
+ (Filename.basename (SubDir.get test.directory)) test.file
+ (if res=0 && err=0 then "" else
Format.sprintf "<failure type=\"Regression\">%s</failure>"
(if res=1 then "Stdout oracle difference"
else if res=2 then "Stdout System Error (missing oracle?)"
@@ -1205,8 +1205,8 @@ let xunit_report () =
let fmt = Format.formatter_of_out_channel out in
Format.fprintf fmt
"<?xml version=\"1.0\" encoding=\"UTF-8\" ?>\
- @\n<testsuite errors=\"0\" failures=\"%d\" name=\"%s\" tests=\"%d\" time=\"%f\" timestamp=\"%f\">\
- @\n%t</testsuite>@."
+ @\n<testsuite errors=\"0\" failures=\"%d\" name=\"%s\" tests=\"%d\" time=\"%f\" timestamp=\"%f\">\
+ @\n%t</testsuite>@."
(shared.summary_log-shared.summary_ok)
"Frama-C"
shared.summary_log
@@ -1220,112 +1220,112 @@ let xunit_report () =
let do_command command =
match command with
| Toplevel command ->
- (* Update : copy the logs. Do not enqueue any cmp
- Run | Show: launch the command, then enqueue the cmp
- Gui: launch the command in the gui
- Examine : just enqueue the cmp *)
- if !behavior = Update
- then update_toplevel_command command
+ (* Update : copy the logs. Do not enqueue any cmp
+ Run | Show: launch the command, then enqueue the cmp
+ Gui: launch the command in the gui
+ Examine : just enqueue the cmp *)
+ if !behavior = Update
+ then update_toplevel_command command
+ else begin
+ (* Run, Show, Gui or Examine *)
+ if !behavior = Gui then begin
+ (* basic_command_string does not redirect the outputs, and does
+ not overwrite the result files *)
+ let basic_command_string = basic_command_string command in
+ lock_printf "%% launch %s@." basic_command_string ;
+ ignore (launch basic_command_string)
+ end
else begin
- (* Run, Show, Gui or Examine *)
- if !behavior = Gui then begin
- (* basic_command_string does not redirect the outputs, and does
- not overwrite the result files *)
- let basic_command_string = basic_command_string command in
- lock_printf "%% launch %s@." basic_command_string ;
- ignore (launch basic_command_string)
- end
- else begin
- (* command string also replaces macros in logfiles names, which
- is useful for Examine as well. *)
- let command_string = command_string command in
- if !behavior <> Examine
- then begin
- if !verbosity >= 1
- then lock_printf "%% launch %s@." command_string ;
- let launch_result = launch command_string in
- let time = 0. (* Individual time is difficult to compute correctly
- for now, and currently unused *) in
- report_run command (launch_result, time)
- end;
- lock ();
- shared.summary_run <- succ shared.summary_run ;
- Queue.push (Cmp_Toplevel command) shared.cmps;
+ (* command string also replaces macros in logfiles names, which
+ is useful for Examine as well. *)
+ let command_string = command_string command in
+ if !behavior <> Examine
+ then begin
+ if !verbosity >= 1
+ then lock_printf "%% launch %s@." command_string ;
+ let launch_result = launch command_string in
+ let time = 0. (* Individual time is difficult to compute correctly
+ for now, and currently unused *) in
+ report_run command (launch_result, time)
+ end;
+ lock ();
+ shared.summary_run <- succ shared.summary_run ;
+ Queue.push (Cmp_Toplevel command) shared.cmps;
+ List.iter
+ (fun f -> Queue.push (Cmp_Log (command.directory, f)) shared.cmps)
+ command.log_files;
+ unlock ()
+ end
+ end
+ | Target (execnow, cmds) ->
+ let continue res =
+ lock();
+ shared.summary_log <- succ shared.summary_log;
+ if res = 0
+ then begin
+ shared.summary_ok <- succ shared.summary_ok;
+ Queue.transfer shared.commands cmds;
+ shared.commands <- cmds;
+ shared.building_target <- false;
+ Condition.broadcast shared.work_available;
+ if !behavior = Examine || !behavior = Run
+ then begin
List.iter
- (fun f -> Queue.push (Cmp_Log (command.directory, f)) shared.cmps)
- command.log_files;
- unlock ()
+ (fun f -> Queue.push (Cmp_Log(execnow.ex_dir, f)) shared.cmps)
+ execnow.ex_log
end
end
- | Target (execnow, cmds) ->
- let continue res =
- lock();
- shared.summary_log <- succ shared.summary_log;
- if res = 0
- then begin
- shared.summary_ok <- succ shared.summary_ok;
- Queue.transfer shared.commands cmds;
- shared.commands <- cmds;
- shared.building_target <- false;
- Condition.broadcast shared.work_available;
- if !behavior = Examine || !behavior = Run
- then begin
- List.iter
- (fun f -> Queue.push (Cmp_Log(execnow.ex_dir, f)) shared.cmps)
- execnow.ex_log
- end
- end
- else begin
- let rec treat_cmd = function
- Toplevel cmd ->
- shared.summary_run <- shared.summary_run + 1;
- let log_prefix = log_prefix cmd in
- unlink (log_prefix ^ ".res.log ")
- | Target (execnow,cmds) ->
- shared.summary_run <- succ shared.summary_run;
- remove_execnow_results execnow;
- Queue.iter treat_cmd cmds
- in
- Queue.iter treat_cmd cmds;
- Queue.push (Target_error execnow) shared.diffs;
- shared.building_target <- false;
- Condition.signal shared.diff_available
- end;
- unlock()
- in
+ else begin
+ let rec treat_cmd = function
+ Toplevel cmd ->
+ shared.summary_run <- shared.summary_run + 1;
+ let log_prefix = log_prefix cmd in
+ unlink (log_prefix ^ ".res.log ")
+ | Target (execnow,cmds) ->
+ shared.summary_run <- succ shared.summary_run;
+ remove_execnow_results execnow;
+ Queue.iter treat_cmd cmds
+ in
+ Queue.iter treat_cmd cmds;
+ Queue.push (Target_error execnow) shared.diffs;
+ shared.building_target <- false;
+ Condition.signal shared.diff_available
+ end;
+ unlock()
+ in
- if !behavior = Update then begin
- update_command command;
- lock ();
- shared.building_target <- false;
- Condition.signal shared.work_available;
- unlock ();
- end else
- begin
- if !behavior <> Examine && not (!(execnow.ex_done) && execnow.ex_once)
- then begin
- remove_execnow_results execnow;
- let cmd =
- if !use_byte then
- execnow_opt_to_byte execnow.ex_cmd
- else
- execnow.ex_cmd
- in
- if !verbosity >= 1 then begin
- lock_printf "%% launch %s@." cmd;
- end;
- let r = launch cmd in
- (* mark as already executed. For EXECNOW in test_config files,
- other instances (for example another test of the same
- directory), won't relaunch the command. For EXECNOW in
- stand-alone tests, there is only one copy of the EXECNOW
- anyway *)
- execnow.ex_done := true;
- continue r
- end
+ if !behavior = Update then begin
+ update_command command;
+ lock ();
+ shared.building_target <- false;
+ Condition.signal shared.work_available;
+ unlock ();
+ end else
+ begin
+ if !behavior <> Examine && not (!(execnow.ex_done) && execnow.ex_once)
+ then begin
+ remove_execnow_results execnow;
+ let cmd =
+ if !use_byte then
+ execnow_opt_to_byte execnow.ex_cmd
else
- continue 0
+ execnow.ex_cmd
+ in
+ if !verbosity >= 1 then begin
+ lock_printf "%% launch %s@." cmd;
+ end;
+ let r = launch cmd in
+ (* mark as already executed. For EXECNOW in test_config files,
+ other instances (for example another test of the same
+ directory), won't relaunch the command. For EXECNOW in
+ stand-alone tests, there is only one copy of the EXECNOW
+ anyway *)
+ execnow.ex_done := true;
+ continue r
end
+ else
+ continue 0
+ end
let log_ext = function Res -> ".res" | Err -> ".err"
@@ -1363,6 +1363,8 @@ let check_file_is_empty_or_nonexisting diff ~log_file =
0
else begin
lock();
+ (* signal that there's a problem. *)
+ shared.summary_log <- shared.summary_log + 1;
Queue.push diff shared.diffs;
Condition.signal shared.diff_available;
unlock();
@@ -1412,13 +1414,13 @@ let compare_one_log_file dir file =
let do_cmp = function
| Cmp_Toplevel cmp ->
- let log_prefix = log_prefix cmp in
- let oracle_prefix = oracle_prefix cmp in
- let res = compare_one_file cmp log_prefix oracle_prefix Res in
- let err = compare_one_file cmp log_prefix oracle_prefix Err in
- report_cmp cmp (res,err)
+ let log_prefix = log_prefix cmp in
+ let oracle_prefix = oracle_prefix cmp in
+ let res = compare_one_file cmp log_prefix oracle_prefix Res in
+ let err = compare_one_file cmp log_prefix oracle_prefix Err in
+ report_cmp cmp (res,err)
| Cmp_Log(dir, f) ->
- ignore (compare_one_log_file dir f)
+ ignore (compare_one_log_file dir f)
let worker_thread () =
while true do
@@ -1430,65 +1432,78 @@ let worker_thread () =
unlock () ;
do_cmp cmp
with Queue.Empty ->
- try
- let rec real_command () =
- let command =
- try
- if shared.building_target then raise Queue.Empty;
- Queue.pop shared.target_queue
- with Queue.Empty ->
- Queue.pop shared.commands
- in
- match command with
- Target _ ->
- if shared.building_target
- then begin
- Queue.push command shared.target_queue;
- real_command()
- end
- else begin
- shared.building_target <- true;
- command
- end
- | _ -> command
+ try
+ let rec real_command () =
+ let command =
+ try
+ if shared.building_target then raise Queue.Empty;
+ Queue.pop shared.target_queue
+ with Queue.Empty ->
+ Queue.pop shared.commands
in
- let command = real_command() in
- unlock () ;
- do_command command
- with Queue.Empty ->
- if shared.commands_finished
- && Queue.is_empty shared.target_queue
- && not shared.building_target
- (* a target being built would mean work can still appear *)
+ match command with
+ Target _ ->
+ if shared.building_target
+ then begin
+ Queue.push command shared.target_queue;
+ real_command()
+ end
+ else begin
+ shared.building_target <- true;
+ command
+ end
+ | _ -> command
+ in
+ let command = real_command() in
+ unlock () ;
+ do_command command
+ with Queue.Empty ->
+ if shared.commands_finished
+ && Queue.is_empty shared.target_queue
+ && not shared.building_target
+ (* a target being built would mean work can still appear *)
- then (unlock () ; Thread.exit ());
+ then (unlock () ; Thread.exit ());
- Condition.signal shared.commands_empty;
- (* we still have the lock at this point *)
+ Condition.signal shared.commands_empty;
+ (* we still have the lock at this point *)
- Condition.wait shared.work_available shared.lock;
- (* this atomically releases the lock and suspends
- the thread on the condition work_available *)
+ Condition.wait shared.work_available shared.lock;
+ (* this atomically releases the lock and suspends
+ the thread on the condition work_available *)
- unlock ();
+ unlock ();
done
+let diff_check_exist old_file new_file =
+ if Sys.file_exists old_file then begin
+ if Sys.file_exists new_file then begin
+ !do_diffs ^ " " ^ old_file ^ " " ^ new_file
+ end else begin
+ "echo \"+++ " ^ new_file ^ " does not exist. Showing " ^
+ old_file ^ "\";" ^ " cat " ^ old_file
+ end
+ end else begin
+ "echo \"--- " ^ old_file ^ " does not exist. Showing " ^
+ new_file ^ "\";" ^ " cat " ^ new_file
+ end
+
let do_diff = function
- | Command_error (diff, kind) ->
- let log_prefix = log_prefix diff in
- let log_ext = log_ext kind in
- let log_file = Filename.sanitize (log_prefix ^ log_ext ^ ".log") in
- let command_string = command_string diff in
- lock_printf "%tCommand:@\n%s@." print_default_env command_string;
- if !behavior = Show
- then ignore (launch ("cat " ^ log_file))
- else
- let oracle_prefix = oracle_prefix diff in
- let oracle_file =
- Filename.sanitize (oracle_prefix ^ log_ext ^ ".oracle")
- in
- let diff_string = !do_diffs ^ " " ^ oracle_file ^ " " ^ log_file in
- ignore (launch diff_string)
+ | Command_error (diff, kind) ->
+ let log_prefix = log_prefix diff in
+ let log_ext = log_ext kind in
+ let log_file = Filename.sanitize (log_prefix ^ log_ext ^ ".log") in
+ let command_string = command_string diff in
+ lock_printf "%tCommand:@\n%s@." print_default_env command_string;
+ if !behavior = Show
+ then ignore (launch ("cat " ^ log_file))
+ else
+ let oracle_prefix = oracle_prefix diff in
+ let oracle_file =
+ Filename.sanitize (oracle_prefix ^ log_ext ^ ".oracle")
+ in
+ let diff_string = diff_check_exist oracle_file log_file in
+ ignore (launch diff_string)
| Target_error execnow ->
lock_printf "Custom command failed: %s@\n" execnow.ex_cmd;
let print_redirected out redir_str =
@@ -1505,21 +1520,18 @@ let do_diff = function
print_redirected "stdout" "[^2]> ?\\([-a-zA-Z0-9_/.]+\\)";
print_redirected "stderr" "2> ?\\([-a-zA-Z0-9_/.]+\\)";
| Log_error(dir, file) ->
- let result_file =
- Filename.sanitize (SubDir.make_result_file dir file)
+ let result_file =
+ Filename.sanitize (SubDir.make_result_file dir file)
+ in
+ lock_printf "Log of %s:@." result_file;
+ if !behavior = Show
+ then ignore (launch ("cat " ^ result_file))
+ else
+ let oracle_file =
+ Filename.sanitize (SubDir.make_oracle_file dir file)
in
- lock_printf "Log of %s:@." result_file;
- if !behavior = Show
- then ignore (launch ("cat " ^ result_file))
- else
- let oracle_file =
- Filename.sanitize (SubDir.make_oracle_file dir file)
- in
- let diff_string =
- !do_diffs ^ " " ^ oracle_file ^ " " ^ result_file
- in
- ignore (launch diff_string)
-
+ let diff_string = diff_check_exist oracle_file result_file in
+ ignore (launch diff_string)
let diff_thread () =
lock () ;
@@ -1556,6 +1568,13 @@ let default_config () =
end
else default_config ()
+(* if we have some references to directories in the default config, they
+ need to be adapted to the actual test directory. *)
+let update_dir_ref dir config =
+ let update_execnow e = { e with ex_dir = dir } in
+ let dc_execnow = List.map update_execnow config.dc_execnow in
+ { config with dc_execnow }
+
let () =
(* enqueue the test files *)
let default_suites () =
@@ -1576,11 +1595,11 @@ let () =
) [] l
in
let interpret_as_file suite =
- try
- let ext = Filename.chop_extension suite in
- ext <> ""
- with Invalid_argument _ -> false
- in
+ try
+ let ext = Filename.chop_extension suite in
+ ext <> ""
+ with Invalid_argument _ -> false
+ in
let exclude_suite, exclude_file =
List.fold_left
(fun (suite,test) x ->
@@ -1590,7 +1609,7 @@ let () =
List.iter
(fun suite ->
if !verbosity >= 2 then lock_printf "%% producer now treating test %s\n%!" suite;
- (* the "suite" may be a directory or a single file *)
+ (* the "suite" may be a directory or a single file *)
let interpret_as_file = interpret_as_file suite in
let directory =
SubDir.create (if interpret_as_file
@@ -1600,13 +1619,15 @@ let () =
suite)
in
let config = SubDir.make_file directory dir_config_file in
+ let default = default_config () in
+ let default = update_dir_ref directory default in
let dir_config =
if Sys.file_exists config
then begin
let scan_buffer = Scanf.Scanning.from_file config in
- scan_options directory scan_buffer (default_config ())
+ scan_options directory scan_buffer default
end
- else default_config ()
+ else default
in
if interpret_as_file
then begin
@@ -1620,11 +1641,11 @@ let () =
let file = dir_files.(i) in
assert (Filename.is_relative file);
if test_pattern dir_config file &&
- (not (List.mem (SubDir.make_file directory file) exclude_file))
+ (not (List.mem (SubDir.make_file directory file) exclude_file))
then Queue.push (file, directory, dir_config) files;
done
end
- end)
+ end)
suites
let dispatcher () =
@@ -1651,18 +1672,18 @@ let dispatcher () =
}
in
let mk_cmd s =
- {
- file = file;
- nb_files = nb_files;
- log_files = [];
- options = "";
- toplevel = s;
- n = !e;
- directory = directory;
- filter = config.dc_filter;
- macros = config.dc_macros;
- execnow = true;
- }
+ {
+ file = file;
+ nb_files = nb_files;
+ log_files = [];
+ options = "";
+ toplevel = s;
+ n = !e;
+ directory = directory;
+ filter = config.dc_filter;
+ macros = config.dc_macros;
+ execnow = true;
+ }
in
let process_macros_cmd s = basic_command_string (mk_cmd s) in
let macros = get_macros (mk_cmd "/bin/true") in
@@ -1690,21 +1711,21 @@ let dispatcher () =
then begin
(match config.dc_execnow with
| hd :: tl ->
- let subworkqueue = Queue.create () in
- List.iter (treat_option subworkqueue) config.dc_toplevels;
- let target =
- List.fold_left
- (fun current_target execnow ->
- let subworkqueue = Queue.create () in
- Queue.add current_target subworkqueue;
- Target(make_execnow_cmd execnow,subworkqueue))
- (Target(make_execnow_cmd hd,subworkqueue)) tl
- in
- Queue.push target shared.commands
+ let subworkqueue = Queue.create () in
+ List.iter (treat_option subworkqueue) config.dc_toplevels;
+ let target =
+ List.fold_left
+ (fun current_target execnow ->
+ let subworkqueue = Queue.create () in
+ Queue.add current_target subworkqueue;
+ Target(make_execnow_cmd execnow,subworkqueue))
+ (Target(make_execnow_cmd hd,subworkqueue)) tl
+ in
+ Queue.push target shared.commands
| [] ->
- List.iter
- (treat_option shared.commands)
- config.dc_toplevels);
+ List.iter
+ (treat_option shared.commands)
+ config.dc_toplevels);
Condition.broadcast shared.work_available;
end;
unlock () ;
@@ -1715,7 +1736,7 @@ let dispatcher () =
let () =
let worker_ids = Array.init !n
- (fun _ -> Thread.create worker_thread ())
+ (fun _ -> Thread.create worker_thread ())
in
let diff_id = Thread.create diff_thread () in
@@ -1724,12 +1745,12 @@ let () =
then
lock_printf "%% Dispatch finished, waiting for workers to complete@.";
ignore (Thread.create
- (fun () ->
- while true do
- Condition.broadcast shared.work_available;
- Thread.delay 0.5;
- done)
- ());
+ (fun () ->
+ while true do
+ Condition.broadcast shared.work_available;
+ Thread.delay 0.5;
+ done)
+ ());
Array.iter Thread.join worker_ids;
if !behavior = Run
@@ -1739,12 +1760,12 @@ let () =
shared.cmp_finished <- true;
unlock();
ignore (Thread.create
- (fun () ->
- while true do
- Condition.broadcast shared.diff_available;
- Thread.delay 0.5;
- done)
- ());
+ (fun () ->
+ while true do
+ Condition.broadcast shared.diff_available;
+ Thread.delay 0.5;
+ done)
+ ());
Thread.join diff_id;
if !behavior = Run
then
@@ -1752,7 +1773,7 @@ let () =
shared.summary_run shared.summary_ok shared.summary_log
((Unix.times()).Unix.tms_cutime -. shared.summary_time);
xunit_report ();
- let error_code =
+ let error_code =
if !do_error_code && shared.summary_log <> shared.summary_ok
then 1
else 0
diff --git a/share/Makefile.plugin.template b/share/Makefile.plugin.template
index 3745c5ab7acb843c72533a20589df5a812676e7c..b3c44fc76012d5d0595477c86c5075ad53b0da5d 100644
--- a/share/Makefile.plugin.template
+++ b/share/Makefile.plugin.template
@@ -899,7 +899,7 @@ $(@PLUGIN_NAME@_DIR)/@PLUGIN_NAME@_DEP_REDO $(@PLUGIN_NAME@_DIR)/.depend: \
$(@PLUGIN_NAME@_ML_SRC) \
$(@PLUGIN_NAME@_MLI) \
$(@PLUGIN_NAME@_GUI_MLI)) \
- $(foreach d,$(@PLUGIN_NAME@_TESTS_LIB_DIR),\
+ $(foreach d,$(wildcard $(@PLUGIN_NAME@_TESTS_LIB_DIR)),\
-I $d $d*.ml $d*.mli) \
> $(@PLUGIN_NAME@_DIR)/.depend
$(CHMOD_RO) $(@PLUGIN_NAME@_DIR)/.depend
diff --git a/share/analysis-scripts/creduce.sh b/share/analysis-scripts/creduce.sh
new file mode 100755
index 0000000000000000000000000000000000000000..009cebf8a7c429cf0fdca7f98e869da48ecf5780
--- /dev/null
+++ b/share/analysis-scripts/creduce.sh
@@ -0,0 +1,165 @@
+#!/bin/bash -e
+##########################################################################
+# #
+# This file is part of Frama-C. #
+# #
+# Copyright (C) 2007-2020 #
+# CEA (Commissariat à l'énergie atomique et aux énergies #
+# alternatives) #
+# #
+# you can redistribute it and/or modify it under the terms of the GNU #
+# Lesser General Public License as published by the Free Software #
+# Foundation, version 2.1. #
+# #
+# It is distributed in the hope that it will be useful, #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
+# GNU Lesser General Public License for more details. #
+# #
+# See the GNU Lesser General Public License version 2.1 #
+# for more details (enclosed in the file licenses/LGPLv2.1). #
+# #
+##########################################################################
+
+# Script to run C-Reduce (https://embed.cs.utah.edu/creduce) when debugging
+# Frama-C crashes with a 'fatal' error, which produces a stack trace and
+# a message "Please report".
+
+### Requirements
+#
+# - C-Reduce installed in the PATH, or its path given in the
+# environment variable CREDUCE;
+#
+# - GCC, or the path to a compiler with compatible options given in the
+# environment variable CC;
+#
+# - Frama-C installed in the PATH, or its path given in the environment
+# variable FRAMAC;
+#
+# - a source file + a command line which causes Frama-C to crash with
+# a 'fatal' error (producing a stack trace).
+
+### How it works
+#
+# creduce.sh <file.c> <command line options>
+#
+# This script creates a temporary directory named 'creducing'.
+# It copies <file.c> inside it, then runs creduce.
+# creduce runs "frama-c <command line options>" on the copied file,
+# modifying it to make it smaller while still crashing.
+#
+# When done, copy the reduced file and erase directoy 'creducing'.
+
+if [ $# -lt 1 ]; then
+ echo "usage: $0 file.c [Frama-C options that cause a crash]"
+ exit 1
+fi
+
+file="$1"
+base=$(basename "$file")
+shift
+options="$@"
+dir_for_reduction="creducing"
+
+if [ -z "$CREDUCE" ]; then
+ CREDUCE="creduce"
+fi
+
+if ! command -v "$CREDUCE" 2>&1 >/dev/null; then
+ echo "creduce not found, put it in PATH or in environment variable CREDUCE."
+ exit 1
+fi
+
+if [[ ! -f "$file" ]]; then
+ echo "Source file not found (must be first argument): $file"
+ exit 1
+fi
+
+if [[ $(dirname "$file") -eq "$dir_for_reduction" ]]; then
+ echo "error: cannot reduce a file inside the directory used for reduction,"
+ echo " $dir_for_reduction"
+ exit 1
+fi
+
+if [[ ! "$options" =~ no-autoload-plugins ]]; then
+ echo "********************************************************************"
+ echo "Hint: consider using -no-autoload-plugins -load-module [modules]"
+ echo " for faster reduction"
+ echo "********************************************************************"
+fi
+
+if [[ "$base" =~ \.c$ ]]; then
+ echo "********************************************************************"
+ echo "Hint: consider passing a preprocessed (.i) file if possible,"
+ echo " otherwise #includes may prevent further reduction"
+ echo "********************************************************************"
+fi
+
+mkdir -p "$dir_for_reduction"
+
+if [ -z "$FRAMAC" ]; then
+ SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )"
+ FRAMAC=$(realpath "$SCRIPT_DIR/../../bin/frama-c")
+ echo "[info] FRAMAC not set, using binary at: $FRAMAC"
+else
+ echo "[info] using FRAMAC: $FRAMAC"
+fi
+
+if [ -z "$FRAMAC_SHARE" ]; then
+ FRAMAC_SHARE="$("$FRAMAC" -print-share-path)"
+fi
+
+if [ -z "$CC" ]; then
+ CC=gcc
+ CFLAGS+="-fsyntax-only -I\"$FRAMAC_SHARE\"/libc -D__FC_MACHDEP_X86_32 -m32"
+fi
+
+echo "[info] checking syntactic validity with: $CC $CFLAGS"
+
+cp "$file" "$dir_for_reduction"
+cd "$dir_for_reduction"
+
+cat <<EOF > script_for_creduce.sh
+#!/bin/bash -e
+
+# This script is given to creduce to reduce a Frama-C crashing test case
+# (where "crashing" means a 'fatal' exception, with stack trace).
+
+set +e
+$CC $CFLAGS "$base"
+if [ \$? -ne 0 ]; then
+ exit 1
+fi
+"$FRAMAC" "$base" $options
+retcode=\$?
+# see cmdline.ml for the different exit codes returned by Frama-C
+if [ \$retcode -eq 125 -o \$retcode -eq 4 ]; then
+ exit 0
+else
+ exit 1
+fi
+set -e
+
+EOF
+
+chmod u+x script_for_creduce.sh
+
+trap "{ echo \"Creduce interrupted!\"; echo \"\"; echo \"(partially) reduced file: $dir_for_reduction/$base\"; exit 0; }" SIGINT
+
+echo "File being reduced: $dir_for_reduction/$base (press Ctrl+C to stop at any time)"
+
+set +e
+./script_for_creduce.sh 2>&1 >/tmp/script_for_creduce.out
+if [ $? -ne 0 ]; then
+ echo "error: script did not produce a Frama-C 'fatal' crash."
+ echo " check the options given to Frama-C to ensure they make Frama-C crash."
+ echo ""
+ echo "Script output:"
+ cat /tmp/script_for_creduce.out
+ exit 1
+fi
+set -e
+
+"$CREDUCE" script_for_creduce.sh "$base"
+
+echo "Finished reducing file: $dir_for_reduction/$base"
diff --git a/share/analysis-scripts/fc_stubs.c b/share/analysis-scripts/fc_stubs.c
index ca1ed39a3ba9e6bf25975698f1f058fd08548dc6..fad866f2160ba5533c8658794a520c2bf0880962 100644
--- a/share/analysis-scripts/fc_stubs.c
+++ b/share/analysis-scripts/fc_stubs.c
@@ -12,7 +12,7 @@ static volatile int nondet;
int eva_main() {
int argc = Frama_C_interval(0, 5);
char argv0[256], argv1[256], argv2[256], argv3[256], argv4[256];
- char *argv[5] = {argv0, argv1, argv2, argv3, argv4};
+ char *argv[6] = {argv0, argv1, argv2, argv3, argv4, 0};
//@ loop unroll 5;
for (int i = 0; i < 5; i++) {
Frama_C_make_unknown(argv[i], 255);
diff --git a/share/analysis-scripts/frama-c.mk b/share/analysis-scripts/frama-c.mk
index bdd84071a7d6c19710148e91161bcb06acc07e72..db18e0999fe2219969fc0f5e3ea63180f45e9955 100644
--- a/share/analysis-scripts/frama-c.mk
+++ b/share/analysis-scripts/frama-c.mk
@@ -124,7 +124,7 @@ export LIBOVERLAY_SCROLLBAR=0
.PHONY: clean
clean::
- $(RM) -r *.parse *.eva *.loop
+ $(RM) -r *.parse *.eva
clean-backups:
find . -regextype posix-extended \
@@ -219,14 +219,6 @@ SHELL := /bin/bash
%.gui: %
$(FRAMAC_GUI) $(FCGUIFLAGS) -load $^/framac.sav &
-# Run loop bound analysis plug-in and store result in *.loop
-%.loop: %
- @
- {
- $(FRAMAC) $(FCFLAGS) -load $^/framac.sav -loop -loop-no-branches |
- sed -e '1,/Add this to your command line:/d'
- } > $@
-
# Produce and open an SVG + HTML from raw flamegraph data produced by Eva
%/flamegraph: %/flamegraph.html
@
diff --git a/share/autocomplete_frama-c b/share/autocomplete_frama-c
index 4ddb075dae72610948da687b1db75983d105dfd3..423c17506bf553560fc19a589a1132391a277883 100644
--- a/share/autocomplete_frama-c
+++ b/share/autocomplete_frama-c
@@ -31,6 +31,9 @@
# If you want to enable Frama-C completion only for your account, append
# this file to ~/.bash_completion.
#
+# For a less verbose completion for options with comma-separated values,
+# put "set show-all-if-ambiguous on" in your "~/.inputrc".
+#
# Assuming frama-c is in your PATH,
# you can also put the following line into your .bashrc:
#
@@ -38,39 +41,109 @@
#
# -----------------------------------------------------------------------------
+# Remove the colon from the list of completion word break characters
+COMP_WORDBREAKS=${COMP_WORDBREAKS//:}
+
_frama-c ()
{
local cur
local basic_options
local sub_options
+ local advance_options
COMPREPLY=() # Array variable storing the possible completions.
local sub_comp_line="${COMP_LINE[@]:0:(${COMP_POINT})}"
local sub_comp_set=( $sub_comp_line )
- if [[ ${sub_comp_line: -1} == ' ' ]] ; then
+ compopt +o default
+
+ if [[ ${sub_comp_line: -1} == ' ' ]]
+ then
cur=""
else
cur="${sub_comp_set[@]: -1}"
fi
- # Generate the completion matches and load them into $COMPREPLY array.
- case "$cur" in
- -*-*)
- sub_option="$(frama-c -autocomplete | grep -E -o " $cur[^*]+" |sort |uniq)";
- COMPREPLY=( $( compgen -W "${sub_option}" -- $cur ) );;
-
- -*)
- basic_options="$(frama-c -autocomplete | grep -E -o " \-[^-]+-?" |sort |uniq)"
- COMPREPLY=( $( compgen -W "${basic_options}" -- $cur ) );;
- esac
+
+ # Generate the completion matches for -wp-msg-key and load them into $COMPREPLY array.
+ # Generate the completion matches for -kernel-msg-key and load them into $COMPREPLY array.
+ if [[ "${COMP_WORDS[COMP_CWORD -1]}" == "-wp-msg-key" ]] || [[ "${COMP_WORDS[COMP_CWORD -1]}" == "-kernel-msg-key" ]]
+ then
+ # https://github.com/scop/bash-completion/issues/240
+ local prefix=; [[ $cur == *,* ]] && prefix="${cur%,*},"
+ advance_options="$(frama-c ${COMP_WORDS[COMP_CWORD -1]} help | grep -E -o " [^*]+" |sort |uniq)"
+
+ # Solution from: https://github.com/scop/bash-completion/commit/021058b38ad7279c33ffbaa36d73041d607385ba
+ # But, if show-all-if-ambiguous is set to off completion for options with comma-separated values loses its prefix:
+ # https://github.com/scop/bash-completion/issues/240.
+ # So we have two ways for completion, depending on the value of show-all-if-ambiguous
+ local ambigous="$(bind -v | grep show-all-if-ambiguous)"
+ ambigous="${ambigous##* }"
+ if [[ "$ambigous" == "on" ]]
+ then
+ COMPREPLY=( $( compgen -W "${advance_options}" -- "${cur##*,}" ) )
+ [[ ${#COMPREPLY[@]} -eq 1 ]] && COMPREPLY=( ${COMPREPLY/#/$prefix} )
+ else
+ COMPREPLY=( $( compgen -P "$prefix" -W "${advance_options}" -- "${cur##*,}" ) )
+ fi
+
+
+ # Generate the completion matches for -wp-prover and load them into $COMPREPLY array.
+ elif [[ "${COMP_WORDS[COMP_CWORD -1]}" == "-wp-prover" ]]
+ then
+ local prefix=; [[ $cur == *,* ]] && prefix="${cur%,*},"
+ advance_options="$(frama-c -wp-detect | grep -E -o " \[.*" | grep -E -o "[^][|]*")"
+ advance_options+=" none script tip native:alt-ergo native:coq native:coqide"
+ local ambigous="$(bind -v | grep show-all-if-ambiguous)"
+ ambigous="${ambigous##* }"
+ if [[ "$ambigous" == "on" ]]
+ then
+ COMPREPLY=( $( compgen -W "${advance_options}" -- "${cur##*,}" ) )
+ [[ ${#COMPREPLY[@]} -eq 1 ]] && COMPREPLY=( ${COMPREPLY/#/$prefix} )
+ else
+ COMPREPLY=( $( compgen -P "$prefix" -W "${advance_options}" -- "${cur##*,}" ) )
+ fi
+
+
+ # Generate the completion matches for -kernel-warn-key and load them into $COMPREPLY array.
+ elif [[ "${COMP_WORDS[COMP_CWORD -1]}" == "-kernel-warn-key" ]]
+ then
+ local prefix=; [[ $cur == *,* ]] && prefix="${cur%,*},"
+ advance_options="$(frama-c -kernel-warn-key help | grep -E -o " [^*]+[^:] ")"
+
+ local ambigous="$(bind -v | grep show-all-if-ambiguous)"
+ ambigous="${ambigous##* }"
+ if [[ "$ambigous" == "on" ]]
+ then
+ COMPREPLY=( $( compgen -W "${advance_options}" -- "${cur##*,}" ) )
+ [[ ${#COMPREPLY[@]} -eq 1 ]] && COMPREPLY=( ${COMPREPLY/#/$prefix} )
+ else
+ COMPREPLY=( $( compgen -P "$prefix" -W "${advance_options}" -- "${cur##*,}" ) )
+ fi
+
+
+ # Generate the completion matches for -* and load them into $COMPREPLY array.
+ else
+ case "$cur" in
+ -*-*)
+ sub_option="$(frama-c -autocomplete | grep -E -o " $cur[^*]+" |sort |uniq)";
+ COMPREPLY=( $( compgen -W "${sub_option}" -- $cur ) );;
+
+ -*)
+ basic_options="$(frama-c -autocomplete | grep -E -o " \-[^-]+-?" |sort |uniq)"
+ COMPREPLY=( $( compgen -W "${basic_options}" -- $cur ) );;
+ *)
+ compopt -o default
+ COMPREPLY=();;
+ esac
+ fi
return 0
}
-complete -o nospace -f -F _frama-c filename frama-c
-complete -o nospace -f -F _frama-c filename frama-c-gui
+complete -o nospace -F _frama-c frama-c
+complete -o nospace -F _frama-c frama-c-gui
# Local Variables:
# mode: sh
diff --git a/share/compliance/nonstandard_identifiers.json b/share/compliance/nonstandard_identifiers.json
index e25a2fe06e230379f10095260c8b73a26db27fba..34dc8300e44e4631e1a59479c4aa42e3b0b378ab 100644
--- a/share/compliance/nonstandard_identifiers.json
+++ b/share/compliance/nonstandard_identifiers.json
@@ -5,6 +5,7 @@
{"ident":"facilitynames", "header":"syslog.h"},
{"ident":"getresgid", "header":"unistd.h"},
{"ident":"getresuid", "header":"unistd.h"},
+ {"ident":"makedev", "header":"sys/types.h"},
{"ident":"option", "header":"getopt.h"},
{"ident":"prioritynames", "header":"syslog.h"},
{"ident":"setresgid", "header":"unistd.h"},
diff --git a/share/libc/__fc_gcc_builtins.h b/share/libc/__fc_gcc_builtins.h
index df845fa24bd02f32bb687b907bf774776ff084f2..aef4f536c808adcd12ea9bfdbc82d645e3d81418 100644
--- a/share/libc/__fc_gcc_builtins.h
+++ b/share/libc/__fc_gcc_builtins.h
@@ -26,6 +26,7 @@
#ifndef __FC_GCC_BUILTINS
#define __FC_GCC_BUILTINS
#include "features.h"
+#include "__fc_machdep.h"
__PUSH_FC_STDLIB
@@ -193,6 +194,66 @@ _Bool __builtin_umull_overflow (unsigned long a, unsigned long b, unsigned long
*/
_Bool __builtin_umulll_overflow (unsigned long long a, unsigned long long b, unsigned long long *res);
+/*@
+ requires x_nonzero: x != 0;
+ assigns \result \from indirect:x;
+ ensures result_is_bit_count: 0 <= \result < __CHAR_BIT * sizeof(x);
+ */
+int __builtin_clz (unsigned int x);
+
+/*@
+ requires x_nonzero: x != 0;
+ assigns \result \from indirect:x;
+ ensures result_is_bit_count: 0 <= \result < __CHAR_BIT * sizeof(x);
+ */
+int __builtin_clzl (unsigned long x);
+
+/*@
+ requires x_nonzero: x != 0;
+ assigns \result \from indirect:x;
+ ensures result_is_bit_count: 0 <= \result < __CHAR_BIT * sizeof(x);
+ */
+int __builtin_clzll (unsigned long long x);
+
+/*@
+ requires x_nonzero: x != 0;
+ assigns \result \from indirect:x;
+ ensures result_is_bit_count: 0 <= \result < __CHAR_BIT * sizeof(x);
+ */
+int __builtin_ctz (unsigned int x);
+
+/*@
+ requires x_nonzero: x != 0;
+ assigns \result \from indirect:x;
+ ensures result_is_bit_count: 0 <= \result < __CHAR_BIT * sizeof(x);
+ */
+int __builtin_ctzl (unsigned long x);
+
+/*@
+ requires x_nonzero: x != 0;
+ assigns \result \from indirect:x;
+ ensures result_is_bit_count: 0 <= \result < __CHAR_BIT * sizeof(x);
+ */
+int __builtin_ctzll (unsigned long long x);
+
+/*@
+ assigns \result \from indirect:x;
+ ensures result_is_bit_count: 0 <= \result <= __CHAR_BIT * sizeof(x);
+ */
+int __builtin_popcount (unsigned int x);
+
+/*@
+ assigns \result \from indirect:x;
+ ensures result_is_bit_count: 0 <= \result <= __CHAR_BIT * sizeof(x);
+ */
+int __builtin_popcountl (unsigned long x);
+
+/*@
+ assigns \result \from indirect:x;
+ ensures result_is_bit_count: 0 <= \result <= __CHAR_BIT * sizeof(x);
+ */
+int __builtin_popcountll (unsigned long long x);
+
__END_DECLS
__POP_FC_STDLIB
diff --git a/share/libc/__fc_machdep.h b/share/libc/__fc_machdep.h
index 6411df164b8ce1a9ac78aa3eabb30942dcf41e0e..39a8c7b78a436263450fdc5f9e7ffa35ccdfcdf7 100644
--- a/share/libc/__fc_machdep.h
+++ b/share/libc/__fc_machdep.h
@@ -26,9 +26,6 @@
#if defined(__FC_MACHDEP_X86_32) || defined(__FC_MACHDEP_GCC_X86_32)
#define __FC_FORCE_INCLUDE_MACHDEP__
#include "__fc_machdep_linux_shared.h"
-#ifdef __FC_MACHDEP_GCC_X86_32
-#include "__fc_gcc_builtins.h"
-#endif
#undef __FC_FORCE_INCLUDE_MACHDEP__
#define __FC_BYTE_ORDER __LITTLE_ENDIAN
/* Required */
@@ -112,14 +109,15 @@
#define __FC_WINT_MIN 0
#define __FC_WINT_MAX __FC_UINT_MAX
+#ifdef __FC_MACHDEP_GCC_X86_32
+#include "__fc_gcc_builtins.h"
+#endif
+
// End of X86_32 || GCC_X86_32
#else
#if defined(__FC_MACHDEP_X86_64) || defined(__FC_MACHDEP_GCC_X86_64)
#define __FC_FORCE_INCLUDE_MACHDEP__
#include "__fc_machdep_linux_shared.h"
-#ifdef __FC_MACHDEP_GCC_X86_64
-#include "__fc_gcc_builtins.h"
-#endif
#undef __FC_FORCE_INCLUDE_MACHDEP__
#define __FC_BYTE_ORDER __LITTLE_ENDIAN
/* Required */
@@ -212,14 +210,15 @@
#define __FC_WINT_MIN 0
#define __FC_WINT_MAX __FC_UINT_MAX
+#ifdef __FC_MACHDEP_GCC_X86_64
+#include "__fc_gcc_builtins.h"
+#endif
+
// End of X86_64 || GCC_X86_64
#else
#if defined(__FC_MACHDEP_X86_16) || defined(__FC_MACHDEP_GCC_X86_16)
#define __FC_FORCE_INCLUDE_MACHDEP__
#include "__fc_machdep_linux_shared.h"
-#ifdef __FC_MACHDEP_GCC_X86_16
-#include "__fc_gcc_builtins.h"
-#endif
#undef __FC_FORCE_INCLUDE_MACHDEP__
#define __FC_BYTE_ORDER __LITTLE_ENDIAN
/* Required */
@@ -315,6 +314,10 @@
#define __FC_WINT_MIN 0
#define __FC_WINT_MAX __FC_ULONG_MAX
+#ifdef __FC_MACHDEP_GCC_X86_16
+#include "__fc_gcc_builtins.h"
+#endif
+
// End of X86_16 || GCC_X86_16
#else
#ifdef __FC_MACHDEP_PPC_32
diff --git a/share/libc/math.h b/share/libc/math.h
index 6ae90331c2e87b965357c3ab315858a8558aae2b..ff2ef56a2db3aacb58d304f6e818caae62869885 100644
--- a/share/libc/math.h
+++ b/share/libc/math.h
@@ -61,6 +61,9 @@ typedef double double_t;
#define FP_SUBNORMAL 3
#define FP_NORMAL 4
+#define FP_ILOGB0 __FC_INT_MIN
+#define FP_ILOGBNAN __FC_INT_MIN
+
#include "float.h" // for DBL_MIN and FLT_MIN
/*@
diff --git a/share/libc/netinet/in.h b/share/libc/netinet/in.h
index e63125c56782773020ffb3920bc72c4b7a2ac62c..6eb54f02eb08689f98c9de89298b8ca1535510dc 100644
--- a/share/libc/netinet/in.h
+++ b/share/libc/netinet/in.h
@@ -25,7 +25,7 @@
#ifndef __FC_NETINET_IN
#define __FC_NETINET_IN
-#include "features.h"
+#include "../features.h"
__PUSH_FC_STDLIB
#include "../__fc_inet.h"
__POP_FC_STDLIB
diff --git a/share/libc/signal.h b/share/libc/signal.h
index 3cd1853ea45b0c18e2ea0e6be0253b3c95b2ac27..063ba74ba581184005d570549e26d07323a2652c 100644
--- a/share/libc/signal.h
+++ b/share/libc/signal.h
@@ -46,9 +46,13 @@ typedef void (*__fc_sighandler_t) (int);
/* for BSD 4.4 */
typedef __fc_sighandler_t sig_t;
-#define SIG_DFL ((__fc_sighandler_t)0) /* default signal handling */
-#define SIG_IGN ((__fc_sighandler_t)1) /* ignore signal */
-#define SIG_ERR ((__fc_sighandler_t)-1) /* error return from signal */
+extern void __fc_sig_dfl(int);
+extern void __fc_sig_ign(int);
+extern void __fc_sig_err(int);
+
+#define SIG_DFL (&__fc_sig_dfl) /* default signal handling */
+#define SIG_IGN (&__fc_sig_ign) /* ignore signal */
+#define SIG_ERR (&__fc_sig_err) /* error return from signal */
#define SIG_BLOCK 0
#define SIG_UNBLOCK 1
diff --git a/share/libc/stdio.h b/share/libc/stdio.h
index c0dd5448ba970ca14aab0610446843e68f6ac74c..c3fa3488a7606152378172963360f8b0c1b467dd 100644
--- a/share/libc/stdio.h
+++ b/share/libc/stdio.h
@@ -389,6 +389,15 @@ extern int fgetpos(FILE * restrict stream,
*/
extern int fseek(FILE *stream, long int offset, int whence);
+/*@
+ requires valid_stream: \valid(stream);
+ requires whence_enum: whence == SEEK_SET || whence == SEEK_CUR || whence == SEEK_END;
+ assigns *stream \from *stream, indirect:offset, indirect:whence;
+ assigns \result, __fc_errno \from indirect:*stream, indirect:offset,
+ indirect:whence;
+*/
+extern int fseeko(FILE *stream, off_t offset, int whence);
+
/*@
requires valid_stream: \valid(stream);
requires valid_pos: \valid_read(pos);
@@ -397,7 +406,7 @@ extern int fseek(FILE *stream, long int offset, int whence);
*/
extern int fsetpos(FILE *stream, const fpos_t *pos);
-/*@
+/*@ // missing: assigns errno: EBADF, EOVERFLOW, ESPIPE
requires valid_stream: \valid(stream);
assigns \result, __fc_errno \from indirect:*stream ;
ensures success_or_error:
@@ -405,6 +414,14 @@ extern int fsetpos(FILE *stream, const fpos_t *pos);
*/
extern long int ftell(FILE *stream);
+/*@ // missing: assigns errno: EBADF, EOVERFLOW, ESPIPE
+ requires valid_stream: \valid(stream);
+ assigns \result, __fc_errno \from indirect:*stream ;
+ ensures success_or_error:
+ \result == -1 || (\result >= 0 && __fc_errno == \old(__fc_errno));
+*/
+extern off_t ftello(FILE *stream);
+
/*@
requires valid_stream: \valid(stream);
assigns *stream \from \nothing;
diff --git a/share/libc/string.h b/share/libc/string.h
index 097225f94e8c7e8362a918687c52e5d49aea9609..a2b62c15e8dfef158d4d47585d835bcbc8606236 100644
--- a/share/libc/string.h
+++ b/share/libc/string.h
@@ -155,7 +155,7 @@ extern int strncmp (const char *s1, const char *s2, size_t n);
extern int strcoll (const char *s1, const char *s2);
/*@ requires valid_string_s: valid_read_string(s);
- @ assigns \result \from s, s[0..],c;
+ @ assigns \result \from s, indirect:s[0..strlen(s)], indirect:c;
@ behavior found:
@ assumes char_found: strchr(s,c);
@ ensures result_char: *\result == (char)c;
@@ -172,6 +172,12 @@ extern int strcoll (const char *s1, const char *s2);
@*/
extern char *strchr(const char *s, int c);
+/*@ requires valid_string_s: valid_read_string(s);
+ @ assigns \result \from s, indirect:s[0..strlen(s)], indirect:c;
+ @ ensures result_same_base: \subset(\result, s+(0..strlen(s)));
+ @*/
+extern char *strchrnul(const char *s, int c);
+
/*@ requires valid_string_s: valid_read_string(s);
@ assigns \result \from s, s[0..],c;
@ behavior found:
diff --git a/share/libc/sys/socket.h b/share/libc/sys/socket.h
index bc155eeb8e795caced45889391d7ee5f04daf9d1..4a6e6c21f4f0c90c4f9038e42b47340ad1a7ab38 100644
--- a/share/libc/sys/socket.h
+++ b/share/libc/sys/socket.h
@@ -46,7 +46,7 @@ struct sockaddr_storage {
sa_family_t ss_family;
};
-#include "sys/uio.h"
+#include "./uio.h"
struct cmsghdr {
socklen_t cmsg_len;
diff --git a/share/libc/sys/stat.h b/share/libc/sys/stat.h
index f54dcb99bb33e5a07ad6c5d7adfa5fb0a62dba1d..8dc437102d8d8fb9f980b1b4f7c643caae28aff4 100644
--- a/share/libc/sys/stat.h
+++ b/share/libc/sys/stat.h
@@ -32,25 +32,58 @@ __BEGIN_DECLS
extern int chmod(const char *, mode_t);
extern int fchmod(int, mode_t);
extern int fstat(int, struct stat *);
-extern int lstat(const char *, struct stat *);
+
+/*@ // missing: may assign to errno: EACCES, ELOOP, ENAMETOOLONG,
+ // ENOENT, ENOMEM, ENOTDIR, EOVERFLOW,
+ // EINVAL
+ // missing: assigns \result, *buf \from 'filesystem'
+ requires valid_path: valid_read_string(path);
+ requires valid_buf: \valid(buf);
+ assigns \result, *buf \from indirect:path, indirect:path[0..strlen(path)];
+ ensures result_ok_or_error: \result == 0 || \result == -1;
+*/
+extern int lstat(const char *path, struct stat *buf);
/*@ // missing: may assign to errno: EACCES, EEXIST, ELOOP, EMLINK,
// ENAMETOOLONG, ENOENT, ENOSPC,
// ENOTDIR, EROFS
// missing: assigns \result \from 'filesystem'
- requires valid_string_path: valid_read_string(path);
- assigns \result \from indirect:path, indirect:path[0..], indirect:mode;
+ requires valid_path: valid_read_string(path);
+ assigns \result \from indirect:path, indirect:path[0..strlen(path)],
+ indirect:mode;
ensures result_ok_or_error: \result == 0 || \result == -1;
*/
extern int mkdir(const char *path, mode_t mode);
-extern int mkfifo(const char *, mode_t);
-extern int mknod(const char *, mode_t, dev_t);
+/*@ // missing: may assign to errno: EACCES, EEXIST, ELOOP, ENAMETOOLONG,
+ // ENOENT, ENOTDIR, ENOSPC, EROFS
+ // missing: assigns \result \from 'filesystem'
+ // missing: assigns 'filesystem' \from indirect:path,
+ // indirect:path[0..strlen(path)], mode;
+ requires valid_path: valid_read_string(path);
+ assigns \result \from indirect:path, indirect:path[0..strlen(path)],
+ indirect:mode;
+ ensures result_ok_or_error: \result == 0 || \result == -1;
+*/
+extern int mkfifo(const char *path, mode_t mode);
+
+/*@ // missing: may assign to errno: EACCES, EEXIST, EINVAL, EIO, ELOOP,
+ // ENAMETOOLONG, ENOENT, ENOTDIR, ENOSPC,
+ // EPERM, EROFS
+ // missing: assigns \result \from 'filesystem'
+ // missing: assigns 'filesystem' \from indirect:path,
+ // indirect:path[0..strlen(path)], mode, dev;
+ requires valid_path: valid_read_string(path);
+ assigns \result \from indirect:path, indirect:path[0..strlen(path)],
+ indirect:mode, indirect:dev;
+ ensures result_ok_or_error: \result == 0 || \result == -1;
+*/
+extern int mknod(const char *path, mode_t mode, dev_t dev);
/*@ //missing: assigns \from 'filesystem'
requires valid_pathname: valid_read_string(pathname);
requires valid_buf: \valid(buf);
- assigns \result, *buf \from pathname[0..];
+ assigns \result, *buf \from pathname[0..strlen(pathname)];
ensures result_ok_or_error: \result == 0 || \result == -1;
ensures init_on_success:initialization:buf:
\result == 0 ==> \initialized(buf);
diff --git a/share/libc/sys/types.h b/share/libc/sys/types.h
index 16cf512ac59754a12192675e518eb84ef2bb8cbf..41ba9673a06b625d828b3cbfbe577b66579571ec 100644
--- a/share/libc/sys/types.h
+++ b/share/libc/sys/types.h
@@ -49,6 +49,10 @@ typedef unsigned long u_long;
typedef unsigned int u_int;
typedef unsigned short u_short;
typedef unsigned char u_char;
+
+// Note: makedev (non-POSIX) is usually a macro; in case of problems,
+// consider redefining this.
+/*@ assigns \result \from maj, min; */
extern dev_t makedev(int maj, int min);
#define __u_char_defined
#endif
diff --git a/src/kernel_internals/parsing/cparser.mly b/src/kernel_internals/parsing/cparser.mly
index 666053a2830b8b449ef19dc859732f997842f7bc..6f2547db91ff1ebf4e193024ad1158e06428e887 100644
--- a/src/kernel_internals/parsing/cparser.mly
+++ b/src/kernel_internals/parsing/cparser.mly
@@ -226,11 +226,6 @@ let trd3 (_, _, result) = result
let fourth4 (_,_,_,result) = result
-(*
- transform: __builtin_offsetof(type, member)
- into : (size_t) (&(type * ) 0)->member
- *)
-
let sizeofType () =
let findSpecifier name =
let convert_one_specifier s =
@@ -253,6 +248,11 @@ let sizeofType () =
findSpecifier Cil.theMachine.Cil.theMachine.Cil_types.size_t
+(*
+ transform: offsetof(type, member)
+ into : (size_t) (&(type * ) 0)->member
+ *)
+
let transformOffsetOf (speclist, dtype) member =
let mk_expr e = { expr_loc = member.expr_loc; expr_node = e } in
let rec addPointer = function
@@ -280,7 +280,7 @@ let transformOffsetOf (speclist, dtype) member =
| INDEX (base, index) ->
INDEX (replaceBase base, index)
| _ ->
- Errorloc.parse_error "malformed offset expression in __builtin_offsetof"
+ Errorloc.parse_error "malformed offset expression in offsetof macro"
in { e with expr_node = node }
in
let memberExpr = replaceBase member in
@@ -566,7 +566,14 @@ postfix_expression: /*(* 6.5.2 *)*/
{ expr_loc = loc2; expr_node = TYPE_SIZEOF(b2,d2)}],[]))
}
| BUILTIN_OFFSETOF LPAREN type_name COMMA offsetof_member_designator RPAREN
- { transformOffsetOf $3 $5 }
+ {
+ let loc_f = Cil_datatype.Location.of_lexing_loc (Parsing.rhs_start_pos 1, Parsing.rhs_end_pos 1) in
+ let arg = transformOffsetOf $3 $5 in
+ let builtin = { expr_loc = loc_f;
+ expr_node = VARIABLE "__builtin_offsetof" }
+ in
+ make_expr (CALL (builtin, [ arg ], []))
+ }
| postfix_expression DOT id_or_typename { make_expr (MEMBEROF ($1, $3))}
| postfix_expression ARROW id_or_typename { make_expr (MEMBEROFPTR ($1, $3)) }
| postfix_expression PLUS_PLUS { make_expr (UNARY (POSINCR, $1)) }
@@ -875,10 +882,6 @@ block_element_list:
| annot_list_opt statement block_element_list
{ $1 @ $2 @ $3 }
| annot_list_opt pragma block_element_list { $1 @ $3 }
-/*(* GCC accepts a label at the end of a block *)*/
-| annot_list_opt id_or_typename_as_id COLON
- { let loc = Cil_datatype.Location.of_lexing_loc (Parsing.rhs_start_pos 2, Parsing.rhs_end_pos 3) in
- $1 @ no_ghost [LABEL ($2, no_ghost_stmt (NOP loc), loc)] }
;
annot_list_opt:
@@ -920,7 +923,9 @@ else_part:
%prec ghost_else_no_else /* To force the non ghost else to be attached to the current if */
| LGHOST_ELSE annotated_statement RGHOST ELSE annotated_statement
{
- Format.eprintf "Warning: %a: Invalid ghost else ignored@." Cil_datatype.Location.pretty $1 ;
+ let loc = Cil_datatype.Location.of_lexing_loc (Parsing.symbol_start_pos (), Parsing.symbol_end_pos ()) in
+ Kernel.warning ~wkey:Kernel.wkey_ghost_bad_use ~source:(fst loc)
+ "Invalid ghost else ignored@." ;
in_block $5
}
diff --git a/src/kernel_internals/parsing/logic_lexer.mll b/src/kernel_internals/parsing/logic_lexer.mll
index eb9fe4321f830b2fdbd8cff5674454582dc2c5c5..ca329de4aef0f70a65206da351f27f04d235e13c 100644
--- a/src/kernel_internals/parsing/logic_lexer.mll
+++ b/src/kernel_internals/parsing/logic_lexer.mll
@@ -71,6 +71,37 @@
fun s -> try Hashtbl.find h s
with Not_found -> IDENTIFIER s
+ let all_digits s =
+ let is_digit =
+ function
+ | '0'..'9' | 'a'..'f' | 'A'..'F' -> ()
+ | _ -> raise Exit
+ in
+ try String.iter is_digit s; true with Exit -> false
+
+ let is_ucn s =
+ if String.length s <= 2 || s.[0] <> '\\' then false else begin
+ match s.[1] with
+ | 'U' -> String.length s = 10 && all_digits (String.sub s 2 8)
+ | 'u' -> String.length s = 6 && all_digits (String.sub s 2 4)
+ | _ -> false
+ end
+
+ let int_of_digit chr =
+ match chr with
+ | '0'..'9' -> (Char.code chr) - (Char.code '0')
+ | 'a'..'f' -> (Char.code chr) - (Char.code 'a') + 10
+ | 'A'..'F' -> (Char.code chr) - (Char.code 'A') + 10
+ | _ -> assert false
+
+ (* assumes is_ucn s *)
+ let unicode_char s =
+ let code = ref 0 in
+ let add_digit c = code := 16 * !code + int_of_digit c in
+ String.iter add_digit (String.sub s 2 (String.length s - 2));
+ let c = Utf8_logic.from_unichar !code in
+ find_utf8 c
+
let identifier, is_acsl_keyword =
let all_kw = Hashtbl.create 37 in
let c_kw = Hashtbl.create 37 in
@@ -232,6 +263,7 @@
"\\typeof", TYPEOF;
"\\unallocated", UNALLOCATED;
"\\union", BSUNION;
+ "\\object_pointer", OBJECT_POINTER;
"\\valid", VALID;
"\\valid_read", VALID_READ;
"\\valid_index", VALID_INDEX;
@@ -241,18 +273,11 @@
];
fun lexbuf ->
let s = lexeme lexbuf in
- try Hashtbl.find h s with Not_found ->
- if Logic_env.typename_status s then TYPENAME s
- else
- IDENTIFIER s
-
-
- let int_of_digit chr =
- match chr with
- '0'..'9' -> (Char.code chr) - (Char.code '0')
- | 'a'..'f' -> (Char.code chr) - (Char.code 'a') + 10
- | 'A'..'F' -> (Char.code chr) - (Char.code 'A') + 10
- | _ -> assert false
+ if is_ucn s then unicode_char s else begin
+ try Hashtbl.find h s with Not_found ->
+ if Logic_env.typename_status s then TYPENAME s
+ else IDENTIFIER s
+ end
(* Update lexer buffer. *)
let update_line_loc lexbuf line =
diff --git a/src/kernel_internals/parsing/logic_parser.mly b/src/kernel_internals/parsing/logic_parser.mly
index b19f7e478bd77f9e680841b0e5403008695b9a50..cc86b0d9c1da06ba1beb012a70be1036e51dfff4 100644
--- a/src/kernel_internals/parsing/logic_parser.mly
+++ b/src/kernel_internals/parsing/logic_parser.mly
@@ -243,7 +243,8 @@
%token INT INTEGER REAL BOOLEAN BOOL FLOAT LT GT LE GE EQ NE COMMA ARROW EQUAL
%token FORALL EXISTS IFF IMPLIES AND OR NOT SEPARATED
%token TRUE FALSE OLD AT RESULT
-%token BLOCK_LENGTH BASE_ADDR OFFSET VALID VALID_READ VALID_INDEX VALID_RANGE VALID_FUNCTION
+%token BLOCK_LENGTH BASE_ADDR OFFSET VALID VALID_READ VALID_INDEX VALID_RANGE
+%token OBJECT_POINTER VALID_FUNCTION
%token ALLOCATION STATIC REGISTER AUTOMATIC DYNAMIC UNALLOCATED
%token ALLOCABLE FREEABLE FRESH
%token DOLLAR QUESTION MINUS PLUS STAR AMP SLASH PERCENT LSQUARE RSQUARE EOF
@@ -456,6 +457,7 @@ lexpr_inner:
| NOT lexpr_inner { info (PLnot $2) }
| TRUE { info PLtrue }
| FALSE { info PLfalse }
+| OBJECT_POINTER opt_label_1 LPAR lexpr RPAR { info (PLobject_pointer ($2,$4)) }
| VALID opt_label_1 LPAR lexpr RPAR { info (PLvalid ($2,$4)) }
| VALID_READ opt_label_1 LPAR lexpr RPAR { info (PLvalid_read ($2,$4)) }
| VALID_FUNCTION LPAR lexpr RPAR { info (PLvalid_function $3) }
@@ -720,9 +722,12 @@ cv:
;
type_spec_cv:
- type_spec { $1 }
+ type_spec cv_after { $2 $1 }
| cv type_spec_cv { LTattribute ($2, $1) }
-| type_spec_cv cv { LTattribute ($1, $2) }
+
+cv_after:
+ /* empty */ { fun t -> t }
+| cv cv_after { fun t -> $2 (LTattribute (t,$1)) }
cast_logic_type:
| type_spec_cv abs_spec_cv_option { $2 $1 }
@@ -1932,6 +1937,7 @@ bs_keyword:
| TYPEOF { () }
| BSUNION { () }
| UNALLOCATED { () }
+| OBJECT_POINTER { () }
| VALID { () }
| VALID_INDEX { () }
| VALID_RANGE { () }
diff --git a/src/kernel_internals/typing/asm_contracts.ml b/src/kernel_internals/typing/asm_contracts.ml
index 45ea1252e59071429ba0eb614cef30c7c1351b8e..d87771d648f135516e46dbb69a3eb2c97856afb8 100644
--- a/src/kernel_internals/typing/asm_contracts.ml
+++ b/src/kernel_internals/typing/asm_contracts.ml
@@ -33,24 +33,24 @@ let emitter =
let find_out_lval l =
let treat_one_lval (output, input) (_,constr, lv) =
- let tlv = Logic_utils.lval_to_term_lval ~cast:false lv in
+ let tlv = Logic_utils.lval_to_term_lval lv in
match constr with
- | "" -> tlv :: output, input
- | _ ->
- (* '+' indicates that the lval is used both as input and as output.
- GNU syntax allows it only at the beginning of the constraint, but
- actual implementation is more liberal and emits only a warning.
- *)
- if String.contains constr '+' then begin
- if constr.[0] <> '+' then
- Kernel.warning
- "output constraint '+' is not at the beginning in output operand";
- tlv::output,
- (* avoid sharing ids *)
- Visitor.visitFramacTermLval
- (new Visitor.frama_c_refresh(Project.current())) tlv
- :: input
- end else tlv::output, input
+ | "" -> tlv :: output, input
+ | _ ->
+ (* '+' indicates that the lval is used both as input and as output.
+ GNU syntax allows it only at the beginning of the constraint, but
+ actual implementation is more liberal and emits only a warning.
+ *)
+ if String.contains constr '+' then begin
+ if constr.[0] <> '+' then
+ Kernel.warning
+ "output constraint '+' is not at the beginning in output operand";
+ tlv::output,
+ (* avoid sharing ids *)
+ Visitor.visitFramacTermLval
+ (new Visitor.frama_c_refresh(Project.current())) tlv
+ :: input
+ end else tlv::output, input
in
let output, input =
List.fold_left treat_one_lval ([],[]) l
@@ -63,7 +63,7 @@ let extract_term_lval acc (_,_,e) =
object
inherit Visitor.frama_c_inplace
method! vlval lv =
- res := Logic_utils.lval_to_term_lval ~cast:false lv :: !res;
+ res := Logic_utils.lval_to_term_lval lv :: !res;
Cil.SkipChildren
end
in
@@ -112,123 +112,123 @@ let extract_mem_terms ~loc l =
List.rev (List.fold_left (extract_mem_term ~loc) [] l)
class visit_assembly =
-object(self)
- inherit Visitor.frama_c_inplace
+ object(self)
+ inherit Visitor.frama_c_inplace
- method! vinst i =
- let stmt = Extlib.the self#current_stmt in
- let kf = Extlib.the self#current_kf in
- match i with
+ method! vinst i =
+ let stmt = Extlib.the self#current_stmt in
+ let kf = Extlib.the self#current_kf in
+ match i with
| Asm(_, _, Some { asm_outputs; asm_inputs; asm_clobbers }, loc) ->
- let lv_out, lv_from = find_out_lval asm_outputs in
- let lv_from = lv_from @ find_input_lval asm_inputs in
- let mem_output = extract_mem_terms ~loc lv_from in
- let lv_out = lv_out @ mem_output in
- let lv_from = lv_from @ mem_output in
- let lv_from =
- List.filter
- (fun lv ->
- not (Logic_utils.isLogicArrayType (Cil.typeOfTermLval lv)))
- lv_from
+ let lv_out, lv_from = find_out_lval asm_outputs in
+ let lv_from = lv_from @ find_input_lval asm_inputs in
+ let mem_output = extract_mem_terms ~loc lv_from in
+ let lv_out = lv_out @ mem_output in
+ let lv_from = lv_from @ mem_output in
+ let lv_from =
+ List.filter
+ (fun lv ->
+ not (Logic_utils.isLogicArrayType (Cil.typeOfTermLval lv)))
+ lv_from
+ in
+ (* the only interesting information for clobbers is the
+ presence of the "memory" keyword, which indicates that
+ memory may have been accessed (read or write) outside of
+ the locations explicitly referred to as output or
+ input. We can't do much more than emitting a warning and
+ considering that nothing is touched beyond normally
+ specified outputs and inputs. *)
+ let mem_clobbered = List.mem "memory" asm_clobbers in
+ if mem_clobbered then begin
+ let source = fst (Cil_datatype.Instr.loc i) in
+ let once = true in
+ Kernel.warning
+ ~once ~source
+ "Clobber list contains \"memory\" argument. Assuming no \
+ side effects beyond those mentioned in operands."
+ end;
+ let to_id_term lv =
+ Logic_const.new_identified_term
+ (Logic_const.term ~loc (TLval lv) (Cil.typeOfTermLval lv))
+ in
+ let to_id_from lv =
+ let typ = Cil.typeOfTermLval lv in
+ let base_term = Logic_const.term ~loc (TLval lv) typ in
+ let term =
+ if Logic_utils.isLogicPointerType typ ||
+ Logic_utils.isLogicArrayType typ
+ then { base_term with term_name = ["indirect"] }
+ else base_term
in
- (* the only interesting information for clobbers is the
- presence of the "memory" keyword, which indicates that
- memory may have been accessed (read or write) outside of
- the locations explicitly referred to as output or
- input. We can't do much more than emitting a warning and
- considering that nothing is touched beyond normally
- specified outputs and inputs. *)
- let mem_clobbered = List.mem "memory" asm_clobbers in
- if mem_clobbered then begin
- let source = fst (Cil_datatype.Instr.loc i) in
- let once = true in
- Kernel.warning
- ~once ~source
- "Clobber list contains \"memory\" argument. Assuming no \
- side effects beyond those mentioned in operands."
- end;
- let to_id_term lv =
- Logic_const.new_identified_term
- (Logic_const.term ~loc (TLval lv) (Cil.typeOfTermLval lv))
- in
- let to_id_from lv =
- let typ = Cil.typeOfTermLval lv in
- let base_term = Logic_const.term ~loc (TLval lv) typ in
- let term =
- if Logic_utils.isLogicPointerType typ ||
- Logic_utils.isLogicArrayType typ
- then { base_term with term_name = ["indirect"] }
- else base_term
- in
- Logic_const.new_identified_term term
- in
- let assigns () =
- Writes
- (List.map
- (fun x -> (to_id_term x, From (List.map to_id_from lv_from)))
- lv_out)
- in
- let filter ca =
- match ca.annot_content with
- (* search for a statement contract that applies to all cases. *)
- | AStmtSpec ([],_) -> true
- | _ -> false
- in
- let contracts = Annotations.code_annot ~filter stmt in
- (match contracts with
- | [] ->
- let assigns = assigns () in
- let bhv = Cil.mk_behavior ~assigns () in
- let spec = Cil.empty_funspec () in
- spec.spec_behavior <- [ bhv ];
- let ca =
- Logic_const.new_code_annotation (AStmtSpec ([],spec))
- in
- Annotations.add_code_annot emitter ~kf stmt ca;
- if not mem_clobbered && Kernel.AsmContractsAutoValidate.get()
- then begin
- let active = [] in
- let ip_assigns =
- Property.ip_assigns_of_behavior kf (Kstmt stmt) ~active bhv in
- let ip_from =
- Property.ip_from_of_behavior kf (Kstmt stmt) ~active bhv in
- List.iter
- Property_status.(
- fun x -> emit emitter ~hyps:[] x True)
- (Extlib.list_of_opt ip_assigns @ ip_from)
- end
- | [ { annot_content = AStmtSpec ([], spec) } ] ->
- (* Already existing contracts. Just add assigns clause for
- behaviors that do not already have one. *)
+ Logic_const.new_identified_term term
+ in
+ let assigns () =
+ Writes
+ (List.map
+ (fun x -> (to_id_term x, From (List.map to_id_from lv_from)))
+ lv_out)
+ in
+ let filter ca =
+ match ca.annot_content with
+ (* search for a statement contract that applies to all cases. *)
+ | AStmtSpec ([],_) -> true
+ | _ -> false
+ in
+ let contracts = Annotations.code_annot ~filter stmt in
+ (match contracts with
+ | [] ->
+ let assigns = assigns () in
+ let bhv = Cil.mk_behavior ~assigns () in
+ let spec = Cil.empty_funspec () in
+ spec.spec_behavior <- [ bhv ];
+ let ca =
+ Logic_const.new_code_annotation (AStmtSpec ([],spec))
+ in
+ Annotations.add_code_annot emitter ~kf stmt ca;
+ if not mem_clobbered && Kernel.AsmContractsAutoValidate.get()
+ then begin
+ let active = [] in
+ let ip_assigns =
+ Property.ip_assigns_of_behavior kf (Kstmt stmt) ~active bhv in
+ let ip_from =
+ Property.ip_from_of_behavior kf (Kstmt stmt) ~active bhv in
List.iter
- (fun bhv ->
- match bhv.b_assigns with
- | WritesAny ->
- let behavior = bhv.b_name in
- let assigns = assigns () in
- let keep_empty = false in
- Annotations.add_assigns
- ~keep_empty emitter kf ~stmt ~behavior assigns;
- | Writes _ -> ())
- spec.spec_behavior
- | _ ->
- Kernel.fatal "Several contracts found for the same statement %a"
- Printer.pp_stmt stmt
- );
- Cil.SkipChildren
+ Property_status.(
+ fun x -> emit emitter ~hyps:[] x True)
+ (Extlib.list_of_opt ip_assigns @ ip_from)
+ end
+ | [ { annot_content = AStmtSpec ([], spec) } ] ->
+ (* Already existing contracts. Just add assigns clause for
+ behaviors that do not already have one. *)
+ List.iter
+ (fun bhv ->
+ match bhv.b_assigns with
+ | WritesAny ->
+ let behavior = bhv.b_name in
+ let assigns = assigns () in
+ let keep_empty = false in
+ Annotations.add_assigns
+ ~keep_empty emitter kf ~stmt ~behavior assigns;
+ | Writes _ -> ())
+ spec.spec_behavior
+ | _ ->
+ Kernel.fatal "Several contracts found for the same statement %a"
+ Printer.pp_stmt stmt
+ );
+ Cil.SkipChildren
| Asm(_,_,None,_) ->
Kernel.feedback
~dkey:Kernel.dkey_asm_contracts "Ignoring basic assembly instruction";
Cil.SkipChildren
| _ -> Cil.SkipChildren
-end
+ end
let transform file =
if Kernel.AsmContractsGenerate.get() then
Visitor.visitFramacFileSameGlobals (new visit_assembly) file
let () =
- File.add_code_transformation_after_cleanup
+ File.add_code_transformation_after_cleanup
~deps:[(module Kernel.AsmContractsGenerate);
(module Kernel.AsmContractsAutoValidate) ]
category
diff --git a/src/kernel_internals/typing/cabs2cil.ml b/src/kernel_internals/typing/cabs2cil.ml
index 48b894205eecc0bf98e06c87e05c3a1cc0c6913a..de0e67072492daa5af65815d4cff643da90a7455 100644
--- a/src/kernel_internals/typing/cabs2cil.ml
+++ b/src/kernel_internals/typing/cabs2cil.ml
@@ -1349,15 +1349,19 @@ let makeCastT ~(e: exp) ~(oldt: typ) ~(newt: typ) =
let makeCast ~(e: exp) ~(newt: typ) =
makeCastT e (typeOf e) newt
-(* A cast that is used for conditional expressions. Pointers are Ok.
- Abort if invalid *)
-let checkBool (ot : typ) (_ : exp) =
- match unrollType ot with
+let is_scalar_type t =
+ match unrollType t with
| TInt _
| TPtr _
| TEnum _
- | TFloat _ -> ()
- | _ -> Kernel.fatal ~current:true "castToBool %a" Cil_printer.pp_typ ot
+ | TFloat _ -> true
+ | _ -> false
+
+(* A cast that is used for conditional expressions. Pointers are Ok.
+ Abort if invalid *)
+let checkBool (ot : typ) (_ : exp) =
+ if not (is_scalar_type ot) then
+ Kernel.fatal ~current:true "castToBool %a" Cil_printer.pp_typ ot
(* Evaluate constants to CTrue (non-zero) or CFalse (zero) *)
let rec isConstTrueFalse c: [ `CTrue | `CFalse ] =
@@ -1585,7 +1589,9 @@ struct
end else SkipChildren
end
in
- let cleanup_var vi = vi.vtype <- Cil.visitCilType cleanup_types vi.vtype in
+ let cleanup_var vi =
+ Cil.update_var_type vi (Cil.visitCilType cleanup_types vi.vtype)
+ in
List.iter cleanup_var c.locals;
!currentFunctionFDEC.slocals <- !currentFunctionFDEC.slocals @ !vars;
let vars = !vars @ c.locals in
@@ -2100,82 +2106,89 @@ struct
Cil_printer.pp_stmt s l;
with Found -> ()
- class cleanUnspecified = object(self)
- inherit nopCilVisitor
- val unspecified_stack = Stack.create ()
-
- val mutable replace_table = []
-
- (* we start in a deterministic block. *)
- initializer Stack.push false unspecified_stack
-
- method private push: 'a.bool->'a->'a visitAction =
- fun flag x ->
- Stack.push flag unspecified_stack;
- ChangeDoChildrenPost
- (x,fun x -> ignore(Stack.pop unspecified_stack); x)
-
-
- method! vblock b =
- b.bstmts <-
- List.rev
- (List.fold_left(
- fun res s ->
- match s.skind with
- | Block b when
- (not (Stack.top unspecified_stack)) &&
- b.battrs = [] && b.blocals = [] &&
- s.labels = []
- -> List.rev_append b.bstmts res
- | _ -> s ::res)
- [] b.bstmts);
- DoChildren
-
- method! vstmt s =
- let ghost = s.ghost in
- let change_label_stmt s s' =
- List.iter
- (function
- | Label (x,_,_) -> H.replace labelStmt x s'
- | Case _ | Default _ -> replace_table <- (s, s') :: replace_table
- ) s.labels;
- s'.labels <- s.labels @ s'.labels
- in
- match s.skind with
- | UnspecifiedSequence [s',_,_,_,_] ->
- change_label_stmt s s';
- ChangeDoChildrenPost(s', fun x -> x)
- | UnspecifiedSequence [] ->
- let s' = mkEmptyStmt ~ghost ~valid_sid ~loc:(cabslu "_useq") () in
- change_label_stmt s s';
- ChangeTo s';
- | UnspecifiedSequence _ -> self#push true s
- | Block { battrs = []; blocals = []; bstmts = [s']} ->
- change_label_stmt s s';
- ChangeDoChildrenPost (s', fun x -> x)
- | Block _ | If _ | Loop _
- | TryFinally _ | TryExcept _ | Throw _ | TryCatch _ ->
- self#push false s
- | Switch _ ->
- let change_cases stmt =
- match stmt.skind with
- | Switch(e,body,cases,loc) ->
- let newcases =
- List.map
- (fun s ->
- try List.assq s replace_table
- with Not_found -> s)
- cases
- in
- stmt.skind <- Switch(e,body,newcases,loc);
- ignore (Stack.pop unspecified_stack);
- stmt
- | _ -> assert false
- in Stack.push false unspecified_stack;
- ChangeDoChildrenPost(s,change_cases)
- | Instr _ | Return _ | Goto _ | Break _
- | Continue _ -> DoChildren
- end
+ class cleanUnspecified =
+ let is_annot_next_stmt = function
+ | [] -> false
+ | { skind = Instr (Code_annot (c,_)) } :: _ ->
+ Logic_utils.is_annot_next_stmt c
+ | _ -> false
+ in
+ object(self)
+ inherit nopCilVisitor
+ val unspecified_stack = Stack.create ()
+
+ val mutable replace_table = []
+
+ (* we start in a deterministic block. *)
+ initializer Stack.push false unspecified_stack
+
+ method private push: 'a.bool->'a->'a visitAction =
+ fun flag x ->
+ Stack.push flag unspecified_stack;
+ ChangeDoChildrenPost
+ (x,fun x -> ignore(Stack.pop unspecified_stack); x)
+
+
+ method! vblock b =
+ b.bstmts <-
+ List.rev
+ (List.fold_left(
+ fun res s ->
+ match s.skind with
+ | Block b when
+ (not (Stack.top unspecified_stack)) &&
+ b.battrs = [] && b.blocals = [] &&
+ s.labels = [] && not (is_annot_next_stmt res)
+ -> List.rev_append b.bstmts res
+ | _ -> s ::res)
+ [] b.bstmts);
+ DoChildren
+
+ method! vstmt s =
+ let ghost = s.ghost in
+ let change_label_stmt s s' =
+ List.iter
+ (function
+ | Label (x,_,_) -> H.replace labelStmt x s'
+ | Case _ | Default _ -> replace_table <- (s, s') :: replace_table
+ ) s.labels;
+ s'.labels <- s.labels @ s'.labels
+ in
+ match s.skind with
+ | UnspecifiedSequence [s',_,_,_,_] ->
+ change_label_stmt s s';
+ ChangeDoChildrenPost(s', fun x -> x)
+ | UnspecifiedSequence [] ->
+ let s' = mkEmptyStmt ~ghost ~valid_sid ~loc:(cabslu "_useq") () in
+ change_label_stmt s s';
+ ChangeTo s';
+ | UnspecifiedSequence _ -> self#push true s
+ | Block { battrs = []; blocals = []; bstmts = [s']} ->
+ change_label_stmt s s';
+ ChangeDoChildrenPost (s', fun x -> x)
+ | Block _ | If _ | Loop _
+ | TryFinally _ | TryExcept _ | Throw _ | TryCatch _ ->
+ self#push false s
+ | Switch _ ->
+ let change_cases stmt =
+ match stmt.skind with
+ | Switch(e,body,cases,loc) ->
+ let newcases =
+ List.map
+ (fun s ->
+ try List.assq s replace_table
+ with Not_found -> s)
+ cases
+ in
+ stmt.skind <- Switch(e,body,newcases,loc);
+ ignore (Stack.pop unspecified_stack);
+ stmt
+ | _ -> assert false
+ in Stack.push false unspecified_stack;
+ ChangeDoChildrenPost(s,change_cases)
+ | Instr _ | Return _ | Goto _ | Break _
+ | Continue _ -> DoChildren
+ end
let mkFunctionBody ~ghost (c: chunk) : block =
if c.cases <> [] then
@@ -2829,7 +2842,7 @@ let rec castTo ?context ?(fromsource=false)
match ot', nt' with
| TNamed _, _
| _, TNamed _ -> Kernel.fatal ~current:true "unrollType failed in castTo"
- | _, TInt(IBool,_) ->
+ | t, TInt(IBool,_) when is_scalar_type t ->
if is_boolean_result e then result
else
nt,
@@ -4325,7 +4338,7 @@ let fixFormalsType formals =
end
in
let treat_one_formal v =
- v.vtype <- Cil.visitCilType vis v.vtype;
+ Cil.update_var_type v (Cil.visitCilType vis v.vtype);
Hashtbl.add table v.vname v;
in
List.iter treat_one_formal formals
@@ -7019,6 +7032,30 @@ and doExp local_env
Kernel.warning ~current:true
"Invalid call to builtin_constant_p")
end
+ | "__builtin_offsetof" ->
+ begin
+ match !pargs with
+ | [{ enode = CastE (_, {enode = AddrOf (host, offset)}) } as e] ->
+ begin
+ piscall := false;
+ prestype := Cil.theMachine.Cil.typeOfSizeOf;
+ let typ = Cil.typeOfLhost host in
+ try
+ let start, _width = Cil.bitsOffset typ offset in
+ if start mod 8 <> 0 then
+ Kernel.error ~current:true "Using offset of bitfield";
+ let kind = Cil.theMachine.kindOfSizeOf in
+ pres := Cil.kinteger ~loc:e.eloc kind (start / 8);
+ with SizeOfError _ ->
+ pres := e;
+ Kernel.error ~once:true ~current:true
+ "Unable to compute offset %a in type %a"
+ Cil_datatype.Offset.pretty offset
+ Cil_datatype.Typ.pretty typ;
+ end
+ | _ ->
+ Kernel.abort ~current:true "Invalid call to builtin_offsetof"
+ end
| "__builtin_types_compatible_p" ->
begin
(* Constant-fold the argument and see if it is a constant *)
@@ -8825,9 +8862,9 @@ and createLocal ghost ((_, sto, _, _) as specs)
(se0 +++ (
let castloc = CurrentLoc.get () in
let talloca_size =
- let telt_size = Logic_utils.expr_to_term ~cast:false elt_size in
- let tlen = Logic_utils.expr_to_term ~cast:false len in
- Logic_const.term (TBinOp (Mult,telt_size,tlen)) telt_size.term_type
+ let size = Logic_utils.expr_to_term ~coerce:true elt_size in
+ let tlen = Logic_utils.expr_to_term ~coerce:true len in
+ Logic_const.term (TBinOp (Mult,size,tlen)) Linteger
in
let pos_size =
let zero = Logic_const.tinteger ~loc:castloc 0 in
diff --git a/src/kernel_internals/typing/logic_builtin.ml b/src/kernel_internals/typing/logic_builtin.ml
index 02d4a73809ef420d1086071a9ec7a73b68321e04..961fc5b3aacdbcb9e60074a996e1238af8389697 100644
--- a/src/kernel_internals/typing/logic_builtin.ml
+++ b/src/kernel_internals/typing/logic_builtin.ml
@@ -293,6 +293,18 @@ let init =
(*"\\round_quad", [],
["m", rounding_mode; "x", Lreal], long_double_type;*)
+ "\\neg_float",[],["x",float_type], float_type;
+ "\\add_float",[],["x",float_type;"y",float_type], float_type;
+ "\\sub_float",[],["x",float_type;"y",float_type], float_type;
+ "\\mul_float",[],["x",float_type;"y",float_type], float_type;
+ "\\div_float",[],["x",float_type;"y",float_type], float_type;
+
+ "\\neg_double",[],["x",double_type], double_type;
+ "\\add_double",[],["x",double_type;"y",double_type], double_type;
+ "\\sub_double",[],["x",double_type;"y",double_type], double_type;
+ "\\mul_double",[],["x",double_type;"y",double_type], double_type;
+ "\\div_double",[],["x",double_type;"y",double_type], double_type;
+
"\\min", [], ["s", set_of_integer], Linteger;
"\\max", [], ["s", set_of_integer], Linteger;
diff --git a/src/kernel_internals/typing/mergecil.ml b/src/kernel_internals/typing/mergecil.ml
index d8b6f8868179ff641e14b26f401c59ff928a1dfe..f1a939b213fea3855fc5daace5581dae11cbe600 100644
--- a/src/kernel_internals/typing/mergecil.ml
+++ b/src/kernel_internals/typing/mergecil.ml
@@ -1733,7 +1733,7 @@ let oneFilePass1 (f:file) : unit =
"%s@\nOld declaration is unused, silently removing it"
msg;
ignore_vi oldvi;
- vi.vtype <- update_type_repr vi.vtype;
+ Cil.update_var_type vi (update_type_repr vi.vtype);
H.replace vEnv vi.vname vinode;
vinode.nrep <- vinode;
oldvinode.nrep <- vinode;
diff --git a/src/kernel_services/abstract_interp/base.ml b/src/kernel_services/abstract_interp/base.ml
index e0ff1e5026836beae6139b6829dc88cfc2a77f78..226eefc98e5cefef8ab31e32f53547054abacb74 100644
--- a/src/kernel_services/abstract_interp/base.ml
+++ b/src/kernel_services/abstract_interp/base.ml
@@ -306,7 +306,14 @@ let offset_for_validity ~bitfield access base =
let valid_offset ?(bitfield=true) access base =
if for_writing access && is_read_only base
then Ival.bottom
- else offset_for_validity ~bitfield access base
+ else
+ let offset = offset_for_validity ~bitfield access base in
+ (* When -absolute-valid-range is enabled, the Null base has a Known validity
+ that does not include 0. In this case, adds 0 as possible offset for a
+ pointer without memory access. *)
+ if access = No_access && is_null base
+ then Ival.(join zero offset)
+ else offset
let offset_is_in_validity access base ival =
let is_valid_for_bounds min_bound max_bound =
@@ -327,7 +334,8 @@ let offset_is_in_validity access base ival =
let is_valid_offset access base offset =
Ival.is_bottom offset
|| not (for_writing access && (is_read_only base))
- && offset_is_in_validity access base offset
+ && (offset_is_in_validity access base offset
+ || access = No_access && is_null base && Ival.(equal zero offset))
let is_function base =
match base with
diff --git a/src/kernel_services/analysis/exn_flow.ml b/src/kernel_services/analysis/exn_flow.ml
index ca932fad3b227fb3d5e737cb2a127dbee1478fa9..a75151352f640348731a343532d6cfa4da1a5646 100644
--- a/src/kernel_services/analysis/exn_flow.ml
+++ b/src/kernel_services/analysis/exn_flow.ml
@@ -603,10 +603,13 @@ object(self)
(match v with
| Catch_all -> b
| Catch_exn (v,[]) ->
- v.vtype <- purify v.vtype; update_locals v b;assign_catched_obj v b; b
+ Cil.update_var_type v (purify v.vtype);
+ update_locals v b;
+ assign_catched_obj v b; b
| Catch_exn(v,aux) ->
let add_one_aux stmts (v,b) =
- v.vtype <- purify v.vtype; update_locals v b;
+ Cil.update_var_type v (purify v.vtype);
+ update_locals v b;
assign_catched_obj v b;
add_unreachable_block b :: stmts
in
@@ -615,7 +618,7 @@ object(self)
List.fold_left add_one_aux [Cil.mkStmt (Block b)] aux
in
let main_block = Cil.mkBlock aux_blocks in
- v.vtype <- purify v.vtype;
+ Cil.update_var_type v (purify v.vtype);
update_locals v main_block;
main_block)
in
diff --git a/src/kernel_services/analysis/logic_interp.ml b/src/kernel_services/analysis/logic_interp.ml
index 427467329aaa3554457c9b8da2b33502abc7b176..ca8044ead8db1d5b6bb9cfb3459f5aca44692aa4 100644
--- a/src/kernel_services/analysis/logic_interp.ml
+++ b/src/kernel_services/analysis/logic_interp.ml
@@ -200,7 +200,7 @@ let rec logic_type_to_typ = function
| Ctype typ -> typ
| Linteger -> TInt(ILongLong,[]) (*TODO: to have an unlimited integer type
in the logic interpretation*)
- | Lreal -> TFloat(FLongDouble,[]) (* TODO: handle reals, not floats... *)
+ | Lreal -> TFloat(FDouble,[]) (* TODO: handle reals, not floats... *)
| Ltype({lt_name = name},[]) when name = Utf8_logic.boolean ->
TInt(ILongLong,[])
| Ltype({lt_name = "set"},[t]) -> logic_type_to_typ t
@@ -800,7 +800,7 @@ to function contracts."
taken into account by the functions [from_...] below *)
DoChildren
- | Pvalid_function _ ->
+ | Pobject_pointer _ | Pvalid_function _ ->
DoChildren
| Papp _ | Pallocable _ | Pfreeable _ | Pfresh _
diff --git a/src/kernel_services/ast_data/alarms.ml b/src/kernel_services/ast_data/alarms.ml
index ae9503e76ad6f3103eb254f1c1ef9ada04b085c8..a0845e815040b754587d15eca7cf150ba0911b25 100644
--- a/src/kernel_services/ast_data/alarms.ml
+++ b/src/kernel_services/ast_data/alarms.ml
@@ -23,7 +23,8 @@
open Cil_types
open Cil_datatype
-type overflow_kind = Signed | Unsigned | Signed_downcast | Unsigned_downcast
+type overflow_kind =
+ Signed | Unsigned | Signed_downcast | Unsigned_downcast | Pointer_downcast
type access_kind = For_reading | For_writing
type bound_kind = Lower_bound | Upper_bound
@@ -32,6 +33,7 @@ let string_of_overflow_kind = function
| Unsigned -> "unsigned_overflow"
| Signed_downcast -> "signed_downcast"
| Unsigned_downcast -> "unsigned_downcast"
+ | Pointer_downcast -> "pointer_downcast"
type alarm =
| Division_by_zero of exp
@@ -39,6 +41,7 @@ type alarm =
| Index_out_of_bound of
exp (* index *)
* exp option (* None = lower bound is zero; Some up = upper bound *)
+ | Invalid_pointer of exp
| Invalid_shift of exp * int option (* strict upper bound, if any *)
| Pointer_comparison of
exp option (* [None] when implicit comparison to 0 *)
@@ -65,7 +68,7 @@ type alarm =
(* If you add one constructor to this type, make sure to add a dummy value
in the 'reprs' value below, and increase 'nb_alarms' *)
-let nb_alarm_constructors = 17
+let nb_alarm_constructors = 18
module D =
Datatype.Make_with_collections
@@ -80,6 +83,7 @@ module D =
[ Division_by_zero e;
Memory_access (lv, For_reading);
Index_out_of_bound (e, None);
+ Invalid_pointer e;
Invalid_shift (e, None);
Pointer_comparison (None, e);
Differing_blocks (e, e);
@@ -100,20 +104,21 @@ module D =
| Division_by_zero _ -> 0
| Memory_access _ -> 1
| Index_out_of_bound _ -> 2
- | Invalid_shift _ -> 3
- | Pointer_comparison _ -> 4
- | Overflow _ -> 5
- | Not_separated _ -> 6
- | Overlap _ -> 7
- | Uninitialized _ -> 8
- | Is_nan_or_infinite _ -> 9
- | Is_nan _ -> 10
- | Float_to_int _ -> 11
- | Differing_blocks _ -> 12
- | Dangling _ -> 13
- | Function_pointer _ -> 14
- | Uninitialized_union _ -> 15
- | Invalid_bool _ -> 16
+ | Invalid_pointer _ -> 3
+ | Invalid_shift _ -> 4
+ | Pointer_comparison _ -> 5
+ | Overflow _ -> 6
+ | Not_separated _ -> 7
+ | Overlap _ -> 8
+ | Uninitialized _ -> 9
+ | Is_nan_or_infinite _ -> 10
+ | Is_nan _ -> 11
+ | Float_to_int _ -> 12
+ | Differing_blocks _ -> 13
+ | Dangling _ -> 14
+ | Function_pointer _ -> 15
+ | Uninitialized_union _ -> 16
+ | Invalid_bool _ -> 17
let () = (* Lightweight checks *)
for i = 0 to nb_alarm_constructors - 1 do
@@ -134,6 +139,7 @@ module D =
| Index_out_of_bound(e11, e12), Index_out_of_bound(e21, e22) ->
let n = Exp.compare e11 e21 in
if n = 0 then Extlib.opt_compare Exp.compare e12 e22 else n
+ | Invalid_pointer e1, Invalid_pointer e2 -> Exp.compare e1 e2
| Invalid_shift(e1, n1), Invalid_shift(e2, n2) ->
let n = Exp.compare e1 e2 in
if n = 0 then Extlib.opt_compare Datatype.Int.compare n1 n2 else n
@@ -185,7 +191,8 @@ module D =
else Extlib.opt_compare (Extlib.list_compare Exp.compare) l1 l2
| Invalid_bool lv1, Invalid_bool lv2 -> Lval.compare lv1 lv2
| _, (Division_by_zero _ | Memory_access _ |
- Index_out_of_bound _ | Invalid_shift _ | Pointer_comparison _ |
+ Index_out_of_bound _ | Invalid_pointer _ |
+ Invalid_shift _ | Pointer_comparison _ |
Overflow _ | Not_separated _ | Overlap _ | Uninitialized _ |
Dangling _ | Is_nan_or_infinite _ | Is_nan _ | Float_to_int _ |
Differing_blocks _ | Function_pointer _ |
@@ -209,6 +216,7 @@ module D =
(nb a,
Exp.hash e1,
match e2 with None -> 0 | Some e -> 17 + Exp.hash e)
+ | Invalid_pointer e -> Hashtbl.hash (nb a, Exp.hash e)
| Invalid_shift(e, n) -> Hashtbl.hash (nb a, Exp.hash e, n)
| Pointer_comparison(e1, e2) ->
Hashtbl.hash
@@ -253,6 +261,8 @@ module D =
(match e2 with None -> ">=" | Some _ -> "<")
Printer.pp_exp
(match e2 with None -> Cil.zero e1.eloc | Some e -> e)
+ | Invalid_pointer e ->
+ Format.fprintf fmt "Invalid_pointer(@[%a@])" Exp.pretty e
| Invalid_shift(e, n) ->
Format.fprintf fmt "Invalid_shift(@[%a@]@ %s)"
Printer.pp_exp e
@@ -391,6 +401,7 @@ let get_name = function
| Division_by_zero _ -> "division_by_zero"
| Memory_access _ -> "mem_access"
| Index_out_of_bound _ -> "index_bound"
+ | Invalid_pointer _ -> "pointer_value"
| Invalid_shift _ -> "shift"
| Pointer_comparison _ -> "ptr_comparison"
| Differing_blocks _ -> "differing_blocks"
@@ -414,6 +425,7 @@ let get_description = function
| Division_by_zero _ -> "Integer division by zero"
| Memory_access _ -> "Invalid pointer dereferencing"
| Index_out_of_bound _ -> "Array access out of bounds"
+ | Invalid_pointer _ -> "Invalid pointer computation"
| Invalid_shift _ -> "Invalid shift"
| Pointer_comparison _ -> "Invalid pointer comparison"
| Differing_blocks _ -> "Operation on pointers within different blocks"
@@ -439,21 +451,21 @@ let overflowed_expr_to_term ~loc e =
let loc = best_loc ~loc e.eloc in
match e.enode with
| UnOp(op, e, ty) ->
- let t = Logic_utils.expr_to_term ~cast:true e in
- let ty = Logic_utils.typ_to_logic_type ty in
- Logic_const.term ~loc (TUnOp(op, t)) ty
+ let t = Logic_utils.expr_to_term ~coerce:true e in
+ let lty = Logic_utils.coerce_type ty in
+ Logic_const.term ~loc (TUnOp(op, t)) lty
| BinOp(op, e1, e2, ty) ->
- let t1 = Logic_utils.expr_to_term ~cast:true e1 in
- let t2 = Logic_utils.expr_to_term ~cast:true e2 in
- let ty = Logic_utils.typ_to_logic_type ty in
- Logic_const.term ~loc (TBinOp(op, t1, t2)) ty
- | _ -> Logic_utils.expr_to_term ~cast:true e
+ let t1 = Logic_utils.expr_to_term ~coerce:true e1 in
+ let t2 = Logic_utils.expr_to_term ~coerce:true e2 in
+ let lty = Logic_utils.coerce_type ty in
+ Logic_const.term ~loc (TBinOp(op, t1, t2)) lty
+ | _ -> Logic_utils.expr_to_term ~coerce:true e
(* Creates \is_finite((fkind)e) or \is_nan((fkind)e) according to
[predicate]. *)
let create_special_float_predicate ~loc e fkind predicate =
let loc = best_loc ~loc e.eloc in
- let t = Logic_utils.expr_to_term ~cast:true e in
+ let t = Logic_utils.expr_to_term e in
let typ = match fkind with
| FFloat -> Cil.floatType
| FDouble -> Cil.doubleType
@@ -478,7 +490,7 @@ let create_predicate ?(loc=Location.unknown) alarm =
| Division_by_zero e ->
(* e != 0 *)
let loc = best_loc ~loc e.eloc in
- let t = Logic_utils.expr_to_term ~cast:true e in
+ let t = Logic_utils.expr_to_term ~coerce:true e in
Logic_const.prel ~loc (Rneq, t, Cil.lzero ())
| Memory_access(lv, read) ->
@@ -488,28 +500,36 @@ let create_predicate ?(loc=Location.unknown) alarm =
| For_writing -> Logic_const.pvalid
in
let e = Cil.mkAddrOrStartOf ~loc lv in
- let t = Logic_utils.expr_to_term ~cast:true e in
+ let t = Logic_utils.expr_to_term e in
valid ~loc (Logic_const.here_label, t)
| Index_out_of_bound(e1, e2) ->
(* 0 <= e1 < e2, left part if None, right part if Some e *)
let loc = best_loc ~loc e1.eloc in
- let t1 = Logic_utils.expr_to_term ~cast:true e1 in
+ let t1 = Logic_utils.expr_to_term ~coerce:true e1 in
(match e2 with
- | None -> Logic_const.prel ~loc (Rle, Cil.lzero (), t1)
+ | None ->
+ Logic_const.prel ~loc (Rle, Cil.lzero (), t1)
| Some e2 ->
- let t2 = Logic_utils.expr_to_term ~cast:true e2 in
+ let t2 = Logic_utils.expr_to_term ~coerce:true e2 in
Logic_const.prel ~loc (Rlt, t1, t2))
+ | Invalid_pointer e ->
+ let loc = best_loc ~loc e.eloc in
+ let t = Logic_utils.expr_to_term e in
+ if Cil.isFunPtrType (Cil.typeOf e)
+ then Logic_const.pvalid_function ~loc t
+ else Logic_const.pobject_pointer ~loc (Logic_const.here_label, t)
+
| Invalid_shift(e, n) ->
(* 0 <= e < n *)
let loc = best_loc ~loc e.eloc in
- let t = Logic_utils.expr_to_term ~cast:true e in
+ let t = Logic_utils.expr_to_term ~coerce:true e in
let low_cmp = Logic_const.prel ~loc (Rle, Cil.lzero (), t) in
(match n with
| None -> low_cmp
| Some n ->
- let tn = Logic_const.tint ~loc (Integer.of_int n) in
+ let tn = Logic_const.tinteger ~loc n in
let up_cmp = Logic_const.prel ~loc (Rlt, t, tn) in
Logic_const.pand ~loc (low_cmp, up_cmp))
@@ -525,21 +545,21 @@ let create_predicate ?(loc=Location.unknown) alarm =
let zero = Cil.lzero () in
Logic_const.term (TCastE (typ, zero)) (Ctype typ)
end
- | Some e -> Logic_utils.expr_to_term ~cast:true e
+ | Some e -> Logic_utils.expr_to_term e
in
- let t2 = Logic_utils.expr_to_term ~cast:true e2 in
+ let t2 = Logic_utils.expr_to_term e2 in
Logic_utils.pointer_comparable ~loc t1 t2
| Differing_blocks(e1, e2) ->
(* \base_addr(e1) == \base_addr(e2) *)
let loc = best_loc ~loc e1.eloc in
- let t1 = Logic_utils.expr_to_term ~cast:true e1 in
+ let t1 = Logic_utils.expr_to_term e1 in
let here = Logic_const.here_label in
let typ = Ctype Cil.charPtrType in
let t1 =
Logic_const.term ~loc:(best_loc loc e1.eloc) (Tbase_addr(here, t1)) typ
in
- let t2 = Logic_utils.expr_to_term ~cast:true e2 in
+ let t2 = Logic_utils.expr_to_term e2 in
let t2 =
Logic_const.term ~loc:(best_loc loc e2.eloc) (Tbase_addr(here, t2)) typ
in
@@ -549,8 +569,11 @@ let create_predicate ?(loc=Location.unknown) alarm =
(* n <= e or e <= n according to bound *)
let loc = best_loc ~loc e.eloc in
let t = match kind with
+ | Pointer_downcast ->
+ let t = Logic_utils.expr_to_term e in
+ Logic_const.tcast ~loc t Cil.theMachine.upointType
| Signed_downcast | Unsigned_downcast ->
- Logic_utils.expr_to_term ~cast:true e
+ Logic_utils.expr_to_term ~coerce:true e
| _ ->
(* For overflows, the computation must be done on mathematical types,
else the value is necessarily in bounds. *)
@@ -558,7 +581,9 @@ let create_predicate ?(loc=Location.unknown) alarm =
in
let tn = Logic_const.tint ~loc n in
Logic_const.prel ~loc
- (match bound with Lower_bound -> Rle, tn, t | Upper_bound -> Rle, t, tn)
+ (match bound with
+ | Lower_bound -> Rle, tn, t
+ | Upper_bound -> Rle, t, tn)
| Float_to_int(e, n, bound) ->
(* n < e or e < n according to bound *)
@@ -566,27 +591,31 @@ let create_predicate ?(loc=Location.unknown) alarm =
let te = overflowed_expr_to_term ~loc e in
let t = Logic_const.tlogic_coerce ~loc te Lreal in
let n =
- (match bound with Lower_bound -> Integer.sub | Upper_bound -> Integer.add)
+ (match bound with
+ | Lower_bound -> Integer.sub
+ | Upper_bound -> Integer.add)
n Integer.one
in
let tn = Logic_const.tlogic_coerce ~loc (Logic_const.tint ~loc n) Lreal in
Logic_const.prel ~loc
- (match bound with Lower_bound -> Rlt, tn, t | Upper_bound -> Rlt, t, tn)
+ (match bound with
+ | Lower_bound -> Rlt, tn, t
+ | Upper_bound -> Rlt, t, tn)
| Not_separated(lv1, lv2) ->
(* \separated(lv1, lv2) *)
let e1 = Cil.mkAddrOf ~loc lv1 in
- let t1 = Logic_utils.expr_to_term ~cast:true e1 in
+ let t1 = Logic_utils.expr_to_term e1 in
let e2 = Cil.mkAddrOf ~loc lv2 in
- let t2 = Logic_utils.expr_to_term ~cast:true e2 in
+ let t2 = Logic_utils.expr_to_term e2 in
Logic_const.pseparated ~loc [ t1; t2 ]
| Overlap(lv1, lv2) ->
(* (lv1 == lv2) || \separated(lv1, lv2) *)
let e1 = Cil.mkAddrOf ~loc lv1 in
- let t1 = Logic_utils.expr_to_term ~cast:true e1 in
+ let t1 = Logic_utils.expr_to_term e1 in
let e2 = Cil.mkAddrOf ~loc lv2 in
- let t2 = Logic_utils.expr_to_term ~cast:true e2 in
+ let t2 = Logic_utils.expr_to_term e2 in
let eq = Logic_const.prel ~loc (Req, t1, t2) in
let sep = Logic_const.pseparated ~loc [ t1; t2 ] in
Logic_const.por ~loc (eq, sep)
@@ -594,13 +623,13 @@ let create_predicate ?(loc=Location.unknown) alarm =
| Uninitialized lv ->
(* \initialized(lv) *)
let e = Cil.mkAddrOrStartOf ~loc lv in
- let t = Logic_utils.expr_to_term ~cast:false e in
+ let t = Logic_utils.expr_to_term e in
Logic_const.pinitialized ~loc (Logic_const.here_label, t)
| Dangling lv ->
(* !\dangling(lv) *)
let e = Cil.mkAddrOrStartOf ~loc lv in
- let t = Logic_utils.expr_to_term ~cast:false e in
+ let t = Logic_utils.expr_to_term e in
Logic_const.(pnot ~loc (pdangling ~loc (Logic_const.here_label, t)))
| Is_nan_or_infinite (e, fkind) ->
@@ -626,14 +655,14 @@ let create_predicate ?(loc=Location.unknown) alarm =
that has unexpected type %a (unrolled as %a)"
Printer.pp_exp e Printer.pp_typ t Printer.pp_typ t'
in
- let t = Logic_utils.expr_to_term ~cast:true e in
+ let t = Logic_utils.expr_to_term e in
Logic_const.(pvalid_function ~loc t)
| Uninitialized_union llv ->
(* \initialized(lv_1) || ... || \initialized(lv_n) *)
let make_lval_predicate lv =
let e = Cil.mkAddrOrStartOf ~loc lv in
- let t = Logic_utils.expr_to_term ~cast:false e in
+ let t = Logic_utils.expr_to_term e in
Logic_const.pinitialized ~loc (Logic_const.here_label, t)
in
List.fold_left (fun acc lv ->
@@ -644,7 +673,7 @@ let create_predicate ?(loc=Location.unknown) alarm =
| Invalid_bool lv ->
let e = Cil.new_exp ~loc (Lval lv) in
- let t = Logic_utils.expr_to_term ~cast:false e in
+ let t = Logic_utils.expr_to_term ~coerce:true e in
let zero = Logic_const.prel ~loc (Req, t, Cil.lzero ()) in
let one = Logic_const.prel ~loc (Req, t, Cil.lone ()) in
Logic_const.por ~loc (zero, one)
diff --git a/src/kernel_services/ast_data/alarms.mli b/src/kernel_services/ast_data/alarms.mli
index c301b2e797c6de7ed2675f805bfb997c7edecf29..bdbc4f9fa4d013e463bde896f16e9c81ea8ca1b2 100644
--- a/src/kernel_services/ast_data/alarms.mli
+++ b/src/kernel_services/ast_data/alarms.mli
@@ -25,9 +25,10 @@
open Cil_types
-(** Only signed overflows int are really RTEs. The other kinds may be
- meaningful nevertheless. *)
-type overflow_kind = Signed | Unsigned | Signed_downcast | Unsigned_downcast
+(** Only signed overflows and pointer downcasts are really RTEs.
+ The other kinds may be meaningful nevertheless. *)
+type overflow_kind =
+ Signed | Unsigned | Signed_downcast | Unsigned_downcast | Pointer_downcast
type access_kind = For_reading | For_writing
type bound_kind = Lower_bound | Upper_bound
@@ -39,6 +40,7 @@ type alarm =
| Index_out_of_bound of
exp (** index *)
* exp option (** None = lower bound is zero; Some up = upper bound *)
+ | Invalid_pointer of exp
| Invalid_shift of exp * int option (** strict upper bound, if any *)
| Pointer_comparison of
exp option (** [None] when implicit comparison to NULL pointer *)
diff --git a/src/kernel_services/ast_data/cil_types.mli b/src/kernel_services/ast_data/cil_types.mli
index 49d3a0fecd3cf710b0bb07a85c27eb5c2ef59877..9ad9fdb7a7684514813a0b79fee5116fcd7ab814 100644
--- a/src/kernel_services/ast_data/cil_types.mli
+++ b/src/kernel_services/ast_data/cil_types.mli
@@ -360,9 +360,9 @@ and compinfo = {
of a comp (along with the struct or union) *)
mutable ckey: int;
- (** A unique integer. This is assigned by {!Cil.mkCompInfo} using a global
+ (** A unique integer. This is assigned by {!Cil_const.mkCompInfo} using a global
variable in the Cil module. Thus two identical structs in two different
- files might have different keys. Use {!Cil.copyCompInfo} to copy
+ files might have different keys. Use {!Cil_const.copyCompInfo} to copy
structures so that a new key is assigned. *)
mutable cfields: fieldinfo list;
@@ -540,7 +540,9 @@ and varinfo = {
(** the original name of the variable. Need not be unique. *)
mutable vtype: typ;
- (** The declared type of the variable. *)
+ (** The declared type of the variable. For modifications of the field,
+ {!Cil.update_var_type} helps in synchronizing the type of the C
+ variable and the one of the associated logic variable. *)
mutable vattr: attributes;
(** A list of attributes associated with the variable.*)
@@ -1569,6 +1571,8 @@ and predicate_node =
| Pexists of quantifiers * predicate (** existential quantification. *)
| Pat of predicate * logic_label
(** predicate refers to a particular program point. *)
+ | Pobject_pointer of logic_label * term
+ (** the given locations can be pointed to. *)
| Pvalid_read of logic_label * term (** the given locations are valid for reading. *)
| Pvalid of logic_label * term (** the given locations are valid. *)
| Pvalid_function of term
diff --git a/src/kernel_services/ast_data/statuses_by_call.ml b/src/kernel_services/ast_data/statuses_by_call.ml
index d5deb1ab1080d98665b68da7e4abbb9d5e9be657..2487ade6c495aebf89aeec1b7caa4891017410ce 100644
--- a/src/kernel_services/ast_data/statuses_by_call.ml
+++ b/src/kernel_services/ast_data/statuses_by_call.ml
@@ -160,7 +160,7 @@ let rec associate acc ~formals ~concretes =
| [], _ -> acc
| _, [] -> raise Non_Transposable
| formal :: formals, concrete :: concretes ->
- let term = Logic_utils.expr_to_term ~cast:true concrete in
+ let term = Logic_utils.expr_to_term concrete in
associate ((formal, term) :: acc) ~formals ~concretes
let transpose_pred_at_callsite ~formals ~concretes pred =
diff --git a/src/kernel_services/ast_printing/cil_printer.ml b/src/kernel_services/ast_printing/cil_printer.ml
index f1b5ab00c66af69aa7d722dccca1787ab8e07fed..fbfc904dc2a8963412e321eaa01982d36048325e 100644
--- a/src/kernel_services/ast_printing/cil_printer.ml
+++ b/src/kernel_services/ast_printing/cil_printer.ml
@@ -54,6 +54,20 @@ module Extensions = struct
end
let set_extension_handler = Extensions.set_handler
+(* for specific builtin functions that act as placeholder for C macros.
+ For each name f below, pretty-printer will replace f and &f with the
+ corresponding name. Be sure to keep the list in sync with share/libc.
+*)
+let rename_builtins = Datatype.String.Hashtbl.create 17
+
+let () =
+ List.iter (fun (x,y) -> Datatype.String.Hashtbl.add rename_builtins x y)
+ [
+ "__fc_sig_dfl", "SIG_DFL";
+ "__fc_sig_ign", "SIG_IGN";
+ "__fc_sig_err", "SIG_ERR";
+ ]
+
(* Deprecated functions *)
let set_deprecated_extension_handler = Extensions.set_deprecated_handler
@@ -231,6 +245,7 @@ module Precedence = struct
| Pfreeable _
| Pvalid _
| Pvalid_read _
+ | Pobject_pointer _
| Pvalid_function _
| Pinitialized _
| Pdangling _
@@ -641,7 +656,15 @@ class cil_printer () = object (self)
| CEnum {einame = s} -> self#varname fmt s
(*** VARIABLES ***)
- method varname fmt v = pp_print_string fmt v
+ method varname fmt v =
+ let v =
+ if not state.print_cil_as_is &&
+ Datatype.String.Hashtbl.mem rename_builtins v
+ then
+ Datatype.String.Hashtbl.find rename_builtins v
+ else v
+ in
+ pp_print_string fmt v
(* variable use *)
method varinfo fmt v =
@@ -762,6 +785,9 @@ class cil_printer () = object (self)
Neither cookie nor keyword for you. *)
| AlignOf t -> fprintf fmt "__alignof__(%a)" (self#typ None) t
| AlignOfE e -> fprintf fmt "__alignof__(%a)" self#exp_non_decay e
+ | AddrOf ((Var v, NoOffset))
+ when Datatype.String.Hashtbl.mem rename_builtins v.vname ->
+ self#varinfo fmt v
| AddrOf lv -> fprintf fmt "& %a" (self#lval_prec Precedence.addrOfLevel) lv
| StartOf(lv) ->
if state.print_cil_as_is || non_decay then
@@ -1046,6 +1072,23 @@ class cil_printer () = object (self)
"__builtin_types_compatible_p: cabs2cil should have added sizeof to \
the arguments."
+ | Call(dest, {enode = Lval (Var vi, NoOffset)}, [ arg ], (l, _))
+ when vi.vname = "__builtin_offsetof"
+ && not state.print_cil_as_is ->
+ begin
+ match arg.enode with
+ | CastE (_, { enode = AddrOf (host, offset) }) ->
+ (* Print the destination *)
+ Extlib.may (fprintf fmt "%a = " self#lval) dest;
+ (* Now the call itself *)
+ fprintf fmt "%a(%a, %a)%s"
+ self#varname "offsetof"
+ (self#typ None) (Cil.typeOfLhost host)
+ self#offset offset
+ instr_terminator
+ | _ -> Kernel.fatal ~source:l "__builtin_offsetof: invalid argument."
+ end
+
| Call(dest,e,args,_) -> pp_call dest e fmt args
| Asm(attrs, tmpls, ext_asm, l) ->
@@ -1180,6 +1223,9 @@ class cil_printer () = object (self)
method annotated_stmt (next: stmt) fmt (s: stmt) =
pp_open_hvbox fmt 0;
+ if Kernel.is_debug_key_enabled Kernel.dkey_print_sid then begin
+ Format.fprintf fmt "/* sid:%d */@\n" s.sid;
+ end;
(* print the statement. *)
if Cil.is_skip s.skind && not s.ghost && s.sattr = [] then begin
if verbose || s.labels <> [] then begin
@@ -2386,7 +2432,14 @@ class cil_printer () = object (self)
| TBinOp (op,l,r) ->
fprintf fmt "@[%a@ %a@ %a@]" term l self#term_binop op term r
| TCastE (ty,e) ->
- fprintf fmt "(%a)%a" (self#typ None) ty term e
+ begin match ty, t.term_node with
+ | TFloat(fk,_) , TConst(LReal r as cst) when
+ not Kernel.(is_debug_key_enabled dkey_print_logic_coercions) &&
+ Floating_point.has_suffix fk r.r_literal ->
+ self#logic_constant fmt cst
+ | _ ->
+ fprintf fmt "(%a)%a" (self#typ None) ty term e
+ end
| TAddrOf lv ->
fprintf fmt "&%a" (self#term_lval_prec Precedence.addrOfLevel) lv
| TStartOf lv -> fprintf fmt "(%a)%a"
@@ -2724,6 +2777,10 @@ class cil_printer () = object (self)
fprintf fmt "@[%a%a(@[%a@])@]"
self#pp_acsl_keyword "\\valid_read"
self#labels [l] self#term p
+ | Pobject_pointer (l,p) ->
+ fprintf fmt "@[%a%a(@[%a@])@]"
+ self#pp_acsl_keyword "\\object_pointer"
+ self#labels [l] self#term p
| Pvalid_function p ->
fprintf fmt "@[%a(@[%a@])@]"
self#pp_acsl_keyword "\\valid_function"
diff --git a/src/kernel_services/ast_printing/cil_types_debug.ml b/src/kernel_services/ast_printing/cil_types_debug.ml
index c059f8110e4fc104336981b6bc0ffd4f4a933eb8..0b4be0a9ac93ec2a8d93fb8a07047eaf2ff7a62e 100644
--- a/src/kernel_services/ast_printing/cil_types_debug.ml
+++ b/src/kernel_services/ast_printing/cil_types_debug.ml
@@ -859,6 +859,8 @@ and pp_predicate_node fmt = function
Format.fprintf fmt "Pexists(%a,%a)" pp_quantifiers quantifiers pp_predicate predicate
| Pat(predicate,logic_label) ->
Format.fprintf fmt "Pat(%a,%a)" pp_predicate predicate pp_logic_label logic_label
+ | Pobject_pointer(logic_label,term) ->
+ Format.fprintf fmt "Pobject_pointer(%a,%a)" pp_logic_label logic_label pp_term term
| Pvalid_read(logic_label,term) ->
Format.fprintf fmt "Pvalid_read(%a,%a)" pp_logic_label logic_label pp_term term
| Pvalid(logic_label,term) ->
diff --git a/src/kernel_services/ast_printing/logic_print.ml b/src/kernel_services/ast_printing/logic_print.ml
index 998b809f10ec17a8aa0a2aaaebbf8c4a97e95a62..fca0da4953174ea419fd0fe96a21a520e7a80f18 100644
--- a/src/kernel_services/ast_printing/logic_print.ml
+++ b/src/kernel_services/ast_printing/logic_print.ml
@@ -129,7 +129,7 @@ let getParenthLevel e =
| PLapp _ | PLold _ | PLat _
| PLoffset _ | PLbase_addr _ | PLblock_length _
| PLupdate _ | PLinitField _ | PLinitIndex _
- | PLvalid _ | PLvalid_read _ | PLvalid_function _
+ | PLvalid _ | PLvalid_read _ | PLobject_pointer _ | PLvalid_function _
| PLinitialized _ | PLdangling _
| PLallocable _ | PLfreeable _ | PLfresh _
| PLseparated _ | PLunion _ | PLinter _ -> 10
@@ -249,8 +249,12 @@ and print_lexpr_level n fmt e =
| PLexists(q,e) ->
fprintf fmt "@[\\exists@ @[%a@];@ %a@]"
print_quantifiers q print_lexpr e
- | PLvalid (l,e) -> fprintf fmt "\\valid%a(@;@[%a@]@;)" print_label_1 l print_lexpr_plain e
- | PLvalid_read (l,e) -> fprintf fmt "\\valid_read%a(@;@[%a@]@;)" print_label_1 l print_lexpr_plain e
+ | PLvalid (l,e) ->
+ fprintf fmt "\\valid%a(@;@[%a@]@;)" print_label_1 l print_lexpr_plain e
+ | PLvalid_read (l,e) ->
+ fprintf fmt "\\valid_read%a(@;@[%a@]@;)" print_label_1 l print_lexpr_plain e
+ | PLobject_pointer (l,e) ->
+ fprintf fmt "\\object_pointer%a(@;@[%a@]@;)" print_label_1 l print_lexpr_plain e
| PLvalid_function e ->
fprintf fmt "\\valid_function(@;@[%a@]@;)" print_lexpr_plain e
| PLinitialized (l,e) ->
diff --git a/src/kernel_services/ast_queries/cil.ml b/src/kernel_services/ast_queries/cil.ml
index 572e350a44a50bffba9a3b6e407e6c3027cefc39..544e912ca692472f847d2aa060ffd96c604f2c19 100644
--- a/src/kernel_services/ast_queries/cil.ml
+++ b/src/kernel_services/ast_queries/cil.ml
@@ -644,6 +644,14 @@ and enforceGhostBlockCoherence ?(force_ghost=false) block =
let force_ghost = force_ghost || is_ghost_else block in
List.iter (enforceGhostStmtCoherence ~force_ghost) block.bstmts
+(* makes sure that the type of a C variable and the type of its associated
+ logic variable -if any- stay synchronized. See bts 1538 *)
+let update_var_type v t =
+ v.vtype <- if v.vghost then typeAddGhost t else t;
+ match v.vlogic_var_assoc with
+ | None -> ()
+ | Some lv -> lv.lv_type <- Ctype t
+
(* Make a varinfo. Used mostly as a helper function below *)
let makeVarinfo
?(source=true) ?(temp=false) ?(referenced=false) ?(ghost=false) ?(loc=Location.unknown)
@@ -728,10 +736,10 @@ let setFormals (f: fundec) (forms: varinfo list) =
assert (getFormalsDecl f.svar == f.sformals);
match unrollType f.svar.vtype with
TFun(rt, _, isva, fa) ->
- f.svar.vtype <-
- TFun(rt,
- Some (List.map (fun a -> (a.vname, a.vtype, a.vattr)) forms),
- isva, fa)
+ update_var_type f.svar
+ (TFun(rt,
+ Some (List.map (fun a -> (a.vname, a.vtype, a.vattr)) forms),
+ isva, fa));
| _ ->
Kernel.fatal "Set formals. %s does not have function type" f.svar.vname
@@ -1868,6 +1876,10 @@ and childrenPredicateNode vis p =
let s' = visitCilLogicLabel vis s in
let t' = vTerm t in
if t' != t || s != s' then Pvalid_read (s',t') else p
+ | Pobject_pointer (s,t) ->
+ let s' = visitCilLogicLabel vis s in
+ let t' = vTerm t in
+ if t' != t || s != s' then Pobject_pointer (s',t') else p
| Pvalid_function t ->
let t' = vTerm t in
if t' != t then Pvalid_function t' else p
@@ -2645,9 +2657,10 @@ and childrenVarDecl (vis : cilVisitor) (v : varinfo) : varinfo =
let o = Visitor_behavior.Get_orig.logic_var vis#behavior lv in
visitCilLogicVarDecl vis o
in
- v.vtype <- visitCilType vis v.vtype;
+ let typ = visitCilType vis v.vtype in
v.vattr <- visitCilAttributes vis v.vattr;
v.vlogic_var_assoc <- optMapNoCopy visit_orig_var_assoc v.vlogic_var_assoc;
+ update_var_type v typ;
v
and visitCilVarUse vis v =
@@ -3059,6 +3072,17 @@ let intKindForValue i (unsigned: bool) =
else if fitsInInt ILongLong i then ILongLong
else raise Not_representable
+(* True is an double constant is finite for a kind *)
+let isFiniteFloat fk v =
+ Floating_point.isfinite @@
+ match fk with
+ | FFloat -> Floating_point.round_to_single_precision_float v
+ | _ -> v
+
+
+let isExactFloat fk r =
+ r.r_upper = r.r_lower && isFiniteFloat fk r.r_nearest
+
(* Construct an integer constant with possible truncation if the kind is not
specified *)
let kinteger64 ~loc ?repr ?kind i =
@@ -3606,7 +3630,7 @@ let getReturnType t =
let setReturnTypeVI (v: varinfo) (t: typ) =
match unrollType v.vtype with
| TFun (_, args, va, a) ->
- v.vtype <- TFun (t, args, va, a)
+ update_var_type v (TFun (t, args, va, a));
| _ -> Kernel.fatal "setReturnType: not a function type"
let setReturnType (f:fundec) (t:typ) =
@@ -3627,7 +3651,7 @@ let typeOf_array_elem t =
let no_op_coerce typ t =
match typ with
- | Lreal -> true
+ | Lreal -> isLogicArithmeticType t.term_type
| Linteger -> isLogicIntegralType t.term_type
| Ltype _ when Logic_const.is_boolean_type typ ->
isLogicPureBooleanType t.term_type
@@ -4505,19 +4529,6 @@ and constFold (machdep: bool) (e: exp) : exp =
| AlignOfE _ | AlignOf _ | SizeOfStr _ | SizeOfE _ | SizeOf _ ->
e (* Depends on machdep. Do not evaluate in this case*)
- (* Special case to handle the C macro 'offsetof' *)
- | CastE(it,
- { enode = AddrOf (Mem ({enode = CastE(TPtr(bt, _), z)}), off)})
- when machdep && isZero z -> begin
- try
- let start, _width = bitsOffset bt off in
- if start mod 8 <> 0 then
- Kernel.error ~current:true "Using offset of bitfield" ;
- constFold machdep
- (new_exp ~loc (CastE(it, (integer ~loc (start / 8)))))
- with SizeOfError _ -> e
- end
-
| CastE (t, e) -> begin
Kernel.debug ~dkey "ConstFold CAST to %a@." !pp_typ_ref t ;
let e = constFold machdep e in
@@ -4983,13 +4994,7 @@ let initGccBuiltins () : unit =
add "coshf" floatType [ floatType ] false;
add "coshl" longDoubleType [ longDoubleType ] false;
- add "clz" intType [ uintType ] false;
- add "clzl" intType [ ulongType ] false;
- add "clzll" intType [ ulongLongType ] false;
add "constant_p" intType [ intType ] false;
- add "ctz" intType [ uintType ] false;
- add "ctzl" intType [ ulongType ] false;
- add "ctzll" intType [ ulongLongType ] false;
add "exp" doubleType [ doubleType ] false;
add "expf" floatType [ floatType ] false;
@@ -5060,10 +5065,6 @@ let initGccBuiltins () : unit =
add "parityl" intType [ ulongType ] false;
add "parityll" intType [ ulongLongType ] false;
- add "popcount" intType [ uintType ] false;
- add "popcountl" intType [ ulongType ] false;
- add "popcountll" intType [ ulongLongType ] false;
-
add "powi" doubleType [ doubleType; intType ] false;
add "powif" floatType [ floatType; intType ] false;
add "powil" longDoubleType [ longDoubleType; intType ] false;
@@ -5208,13 +5209,20 @@ let initVABuiltins () =
let initMsvcBuiltins () : unit =
(** Take a number of wide string literals *)
Builtin_functions.add "__annotation" (voidType, [ ], true)
-;;
+
+let init_common_builtins () =
+ add_builtin
+ "offsetof"
+ theMachine.typeOfSizeOf
+ [ theMachine.typeOfSizeOf ]
+ false
let init_builtins () =
if not (TheMachine.is_computed ()) then
Kernel.fatal ~current:true "You must call initCIL before init_builtins" ;
if Builtin_functions.length () <> 0 then
Kernel.fatal ~current:true "Cil builtins already initialized." ;
+ init_common_builtins ();
if msvcMode () then
initMsvcBuiltins ()
else begin
@@ -5385,12 +5393,11 @@ let setFunctionType (f: fundec) (t: typ) =
if List.length f.sformals <> List.length args then
Kernel.fatal ~current:true "setFunctionType: number of arguments differs from the number of formals" ;
(* Change the function type. *)
- f.svar.vtype <- t;
+ update_var_type f.svar t;
(* Change the sformals and we know that indirectly we'll change the
* function type *)
List.iter2
- (fun (_an,at,aa) f ->
- f.vtype <- at; f.vattr <- aa)
+ (fun (_an,at,aa) f -> update_var_type f at; f.vattr <- aa)
args f.sformals
| _ -> Kernel.fatal ~current:true "setFunctionType: not a function type"
@@ -5404,7 +5411,7 @@ let setFunctionTypeMakeFormals (f: fundec) (t: typ) =
Kernel.fatal ~current:true "setFunctionTypMakeFormals called on function %s with some formals already"
f.svar.vname ;
(* Change the function type. *)
- f.svar.vtype <- t;
+ update_var_type f.svar t;
f.sformals <-
List.map (fun (n,t,_a) -> makeLocal ~formal:true f n t) args;
setFunctionType f t
@@ -6507,14 +6514,6 @@ let is_modifiable_lval lv =
| _ -> (not (isConstType t)
|| is_mutable_or_initialized lv) && isCompleteType t
-(* makes sure that the type of a C variable and the type of its associated
- logic variable -if any- stay synchronized. See bts 1538 *)
-let update_var_type v t =
- v.vtype <- if v.vghost then typeAddGhost t else t;
- match v.vlogic_var_assoc with
- | None -> ()
- | Some lv -> lv.lv_type <- Ctype t
-
(** Uniquefy the variable names *)
let uniqueVarNames (f: file) : unit =
(* Setup the alpha conversion table for globals *)
@@ -6945,7 +6944,7 @@ and free_vars_predicate bound_vars p = match p.pred_content with
Logic_var.Set.union (free_vars_term bound_vars t) acc)
Logic_var.Set.empty tl
| Pallocable (_,t) | Pfreeable (_,t)
- | Pvalid (_,t) | Pvalid_read (_,t) | Pvalid_function t
+ | Pvalid (_,t) | Pvalid_read (_,t) | Pobject_pointer (_, t) | Pvalid_function t
| Pinitialized (_,t) | Pdangling (_,t) ->
free_vars_term bound_vars t
| Pseparated seps ->
diff --git a/src/kernel_services/ast_queries/cil.mli b/src/kernel_services/ast_queries/cil.mli
index c372bb6514cbf4c28bddf8fd90896f0cfe3ea916..b3c39a06f89a8f23c6fc991a3fb449799192a548 100644
--- a/src/kernel_services/ast_queries/cil.mli
+++ b/src/kernel_services/ast_queries/cil.mli
@@ -2136,6 +2136,12 @@ val max_unsigned_number: int -> Integer.t
(** True if the integer fits within the kind's range *)
val fitsInInt: ikind -> Integer.t -> bool
+(** True if the float is finite for the kind's range *)
+val isFiniteFloat: fkind -> float -> bool
+
+(** True if the real constant is an exact float for the given type *)
+val isExactFloat: fkind -> logic_real -> bool
+
exception Not_representable
(** raised by {!intKindForValue}. *)
diff --git a/src/kernel_services/ast_queries/cil_datatype.ml b/src/kernel_services/ast_queries/cil_datatype.ml
index 95ca68ae35624037993cf44cc6ceec390dde3ce4..c9f743a32f6e55252fbed085583b467a45c07492 100644
--- a/src/kernel_services/ast_queries/cil_datatype.ml
+++ b/src/kernel_services/ast_queries/cil_datatype.ml
@@ -386,12 +386,11 @@ let index_typ = function
| TEnum _ -> 8
| TBuiltin_va_list _ -> 9
-let constfoldtoint = ref (fun _ -> failwith "constfoldtoint not yet defined")
-let punrollType =
- ref (fun _ -> failwith "punrollType not yet defined")
+let constfoldtoint = Extlib.mk_fun "constfoldtoint"
+let punrollType = Extlib.mk_fun "punrollType"
+let punrollLogicType = Extlib.mk_fun "punrollLogicType"
let drop_non_logic_attributes = ref (fun a -> a)
-let compare_exp_struct_eq =
- ref (fun _ -> failwith "compare_exp_struct_eq not yet defined")
+let compare_exp_struct_eq = Extlib.mk_fun "compare_exp_struct_eq"
type type_compare_config =
{ by_name : bool;
@@ -1320,17 +1319,15 @@ let rec compare_logic_type config v1 v2 =
| Ltype _ -> 4
| Larrow _ -> 5
in
+ let v1 = if config.unroll then !punrollLogicType v1 else v1 in
+ let v2 = if config.unroll then !punrollLogicType v2 else v2 in
let k1 = rank v1 in
let k2 = rank v2 in
- if k1 <> k2 then k1-k2
+ if k1 <> k2 then
+ k1-k2
else
match v1,v2 with
| Ctype t1 , Ctype t2 -> compare_type config t1 t2
- | Ltype ({lt_def = Some (LTsyn t1)},ts1),
- Ltype ({lt_def = Some (LTsyn t2)},ts2) when config.unroll ->
- let c = compare_logic_type config t1 t2 in
- if c <> 0 then c
- else compare_list (compare_logic_type config) ts1 ts2
| Ltype(a,ts1), Ltype(b,ts2) ->
let c = Logic_type_info.compare a b in
if c <> 0 then c
diff --git a/src/kernel_services/ast_queries/cil_datatype.mli b/src/kernel_services/ast_queries/cil_datatype.mli
index f1cf95ac20963f9d3ac071ca535292e309375c5d..52f914d8ebe394785d5d998afbe9cf7e640a7e0b 100644
--- a/src/kernel_services/ast_queries/cil_datatype.mli
+++ b/src/kernel_services/ast_queries/cil_datatype.mli
@@ -310,11 +310,11 @@ module Lexpr: S with type t = Logic_ptree.lexpr
(** {2 Internal API} *)
(* ****************************************************************************)
-(* Forward declarations from Cil *)
+(* Forward declarations from Cil et al. *)
val drop_non_logic_attributes : (attributes -> attributes) ref
val constfoldtoint : (exp -> Integer.t option) ref
val punrollType: (typ -> typ) ref
-
+val punrollLogicType: (logic_type -> logic_type) ref
val clear_caches: unit -> unit
(**/**)
diff --git a/src/kernel_services/ast_queries/file.ml b/src/kernel_services/ast_queries/file.ml
index 49e7e958ce5a96351fbfc9e40334e2f6a7d70fdd..a1635dcd9dfa7ffa5f361137529f12c97e9eabb2 100644
--- a/src/kernel_services/ast_queries/file.ml
+++ b/src/kernel_services/ast_queries/file.ml
@@ -730,28 +730,6 @@ let synchronize_source_annot has_new_stmt kf =
| Some block, Some stmt_father when block == stmt_father -> true
| _, _ -> false
in
- let is_annot_next annot =
- match annot.annot_content with
- | AStmtSpec _ | APragma (Slice_pragma SPstmt | Impact_pragma IPstmt)
- -> true
- | AExtended(_,is_loop,{ext_name}) ->
- let warn_not_a_code_annot () =
- Kernel.(
- warning ~wkey:wkey_acsl_extension
- "%s is not a code annotation extension" name)
- in
- (match Logic_env.extension_category ext_name with
- | exception Not_found -> warn_not_a_code_annot () ; false
- | Ext_code_annot (Ext_here | Ext_next_loop)-> false
- | Ext_code_annot Ext_next_stmt-> true
- | Ext_code_annot Ext_next_both-> not is_loop
- | Ext_contract | Ext_global -> warn_not_a_code_annot () ; false)
- | AAssert _ | AInvariant _ | AVariant _
- | AAssigns _ | AAllocation _
- | APragma (Slice_pragma (SPctrl | SPexpr _))
- | APragma (Impact_pragma (IPexpr _))
- | APragma (Loop_pragma _) -> false
- in
let synchronize_user_annot a = add_annotation kf st a in
let synchronize_previous_user_annots () =
if !user_annots_for_next_stmt <> [] then begin
@@ -759,7 +737,7 @@ let synchronize_source_annot has_new_stmt kf =
let my_annots = !user_annots_for_next_stmt in
let post_action st =
let treat_annot (has_annot,st) (st_ann, annot) =
- if is_annot_next annot then begin
+ if Logic_utils.is_annot_next_stmt annot then begin
if has_annot || st.labels <> [] || st_ann.labels <> []
then begin
st_ann.skind <- (Block (Cil.mkBlockNonScoping [st]));
@@ -822,7 +800,7 @@ let synchronize_source_annot has_new_stmt kf =
(* Code annotation isn't considered as a real stmt.
So, previous annotations should be relative to the next stmt.
Only this [annot] may be synchronised to that stmt *)
- if is_annot_next annot then
+ if Logic_utils.is_annot_next_stmt annot then
(* Annotation relative to the effect of next statement *)
add_user_annot_for_next_stmt st annot
else
diff --git a/src/kernel_services/ast_queries/logic_const.ml b/src/kernel_services/ast_queries/logic_const.ml
index 8da10c3cf6910de2ce69ffa4b223bd79679c70ca..8ee64b0b36651d60f18a87251d73e9db53d5a161 100644
--- a/src/kernel_services/ast_queries/logic_const.ml
+++ b/src/kernel_services/ast_queries/logic_const.ml
@@ -305,6 +305,9 @@ let tat ?(loc=Cil_datatype.Location.unknown) (t,label) =
let told ?(loc=Cil_datatype.Location.unknown) t = tat ~loc (t,old_label)
+let tcast ?(loc=Cil_datatype.Location.unknown) t ct =
+ term ~loc (TCastE (ct, t)) (Ctype ct)
+
let tlogic_coerce ?(loc=Cil_datatype.Location.unknown) t lt =
term ~loc (TLogic_coerce (lt, t)) lt
@@ -422,6 +425,7 @@ let pallocable ?(loc=Cil_datatype.Location.unknown) (l,p) = unamed ~loc (Palloca
let pfreeable ?(loc=Cil_datatype.Location.unknown) (l,p) = unamed ~loc (Pfreeable (l,p))
let pvalid ?(loc=Cil_datatype.Location.unknown) (l,p) = unamed ~loc (Pvalid (l,p))
let pvalid_read ?(loc=Cil_datatype.Location.unknown) (l,p) = unamed ~loc (Pvalid_read (l,p))
+let pobject_pointer ?(loc=Cil_datatype.Location.unknown) (l,p) = unamed ~loc (Pobject_pointer (l,p))
let pvalid_function ?(loc=Cil_datatype.Location.unknown) p = unamed ~loc (Pvalid_function p)
(* the index should be an integer or a range of integers *)
diff --git a/src/kernel_services/ast_queries/logic_const.mli b/src/kernel_services/ast_queries/logic_const.mli
index c3be4194f94c20ce9dafc1719ca405b9397f19ca..51759d05c132490f56e7b7a7644677cc944c9fac 100644
--- a/src/kernel_services/ast_queries/logic_const.mli
+++ b/src/kernel_services/ast_queries/logic_const.mli
@@ -170,6 +170,9 @@ val pvalid_read: ?loc:location -> logic_label * term -> predicate
(** \valid *)
val pvalid: ?loc:location -> logic_label * term -> predicate
+(** \object_pointer *)
+val pobject_pointer: ?loc:location -> logic_label * term -> predicate
+
(** \valid_function *)
val pvalid_function: ?loc:location -> term -> predicate
@@ -321,6 +324,9 @@ val tvar: ?loc:Location.t -> logic_var -> term
(** \result *)
val tresult: ?loc:Location.t -> typ -> term
+(** cast to the given C type *)
+val tcast: ?loc:Location.t -> term -> typ -> term
+
(** coercion to the given logic type *)
val tlogic_coerce: ?loc:Location.t -> term -> logic_type -> term
diff --git a/src/kernel_services/ast_queries/logic_typing.ml b/src/kernel_services/ast_queries/logic_typing.ml
index 9cab004b334e452e6f82d6ec6a4785fb998c179a..d0298228e25e382a6a140398d4a14ec0fd524f7b 100644
--- a/src/kernel_services/ast_queries/logic_typing.ml
+++ b/src/kernel_services/ast_queries/logic_typing.ml
@@ -801,7 +801,7 @@ struct
let attrs = Cil.filter_qualifier_attributes attrs in
let field = C.find_comp_field comp f in
let typ = Cil.typeOffset ty field in
- Logic_utils.offset_to_term_offset ~cast:false field,
+ Logic_utils.offset_to_term_offset field,
Ctype (Cil.typeAddAttributes attrs typ)
with Not_found -> C.error loc "cannot find field %s" f)
| _ ->
@@ -1049,7 +1049,8 @@ struct
| Pimplies(p1,p2) | Piff(p1,p2) -> needs_at_pred p1 || needs_at_pred p2
| Pnot p | Plet (_,p) | Pforall(_,p) | Pexists(_,p) -> needs_at_pred p
| Pif(t,p1,p2) -> needs_at t || needs_at_pred p1 || needs_at_pred p2
- | Pvalid (_,t) | Pvalid_read (_,t) | Pvalid_function t
+ | Pvalid (_,t) | Pvalid_read (_,t)
+ | Pobject_pointer (_,t) | Pvalid_function t
| Pinitialized (_,t) | Pdangling (_, t)
| Pallocable(_,t) | Pfreeable(_,t)-> needs_at t
| Pfresh (_,_,t,n) -> (needs_at t) && (needs_at n)
@@ -2536,8 +2537,9 @@ struct
TConst c, Linteger
| _ -> assert false
end
- | PLconstant (FloatConstant str) ->
- TConst (Logic_utils.string_to_float_lconstant str), Lreal
+ | PLconstant (FloatConstant s) ->
+ let t = Logic_utils.parse_float ~loc s in
+ t.term_node , t.term_type
| PLconstant (StringConstant s) ->
TConst (LStr (unescape s)), Ctype Cil.charPtrType
| PLconstant (WStringConstant s) ->
@@ -3003,7 +3005,7 @@ struct
let t2,ty2 = type_num_term_option ctxt env t2 in
(Trange(t1,t2),
Ltype(ctxt.find_logic_type "set", [arithmetic_conversion ty1 ty2]))
- | PLvalid _ | PLvalid_read _ | PLvalid_function _
+ | PLvalid _ | PLvalid_read _ | PLobject_pointer _ | PLvalid_function _
| PLfresh _ | PLallocable _ | PLfreeable _
| PLinitialized _ | PLdangling _ | PLexists _ | PLforall _
| PLimplies _ | PLiff _
@@ -3357,6 +3359,8 @@ struct
predicate_label_ptr ~check_non_void:true pvalid_read l t
| PLvalid (l,t) ->
predicate_label_ptr ~check_non_void:true pvalid l t
+ | PLobject_pointer (l,t) ->
+ predicate_label_ptr ~check_non_void:false pobject_pointer l t
| PLvalid_function t ->
let t = term env t in
if isLogicPointer t then begin
diff --git a/src/kernel_services/ast_queries/logic_utils.ml b/src/kernel_services/ast_queries/logic_utils.ml
index bbc4329de6ad25ea69a96dc56cc6e162e7178296..242feb6c6a054e09f4016d0168be57a3e4a9c38f 100644
--- a/src/kernel_services/ast_queries/logic_utils.ml
+++ b/src/kernel_services/ast_queries/logic_utils.ml
@@ -123,11 +123,11 @@ let plain_array_to_ptr ty =
let array_to_ptr = plain_or_set plain_array_to_ptr
-let typ_to_logic_type e_typ =
- let ty = Cil.unrollType e_typ in
+let coerce_type typ =
+ let ty = Cil.unrollType typ in
if Cil.isIntegralType ty then Linteger
else if Cil.isFloatingType ty then Lreal
- else Ctype e_typ
+ else Ctype typ
let predicate_of_identified_predicate ip = ip.ip_content
@@ -221,58 +221,52 @@ let mk_logic_pointer_or_StartOf t =
Kernel.fatal ~source:(fst t.term_loc)
"%a is neither a pointer nor a C array" Cil_printer.pp_term t
-let need_logic_cast oldt newt =
- not (Cil_datatype.Logic_type.equal (Ctype oldt) (Ctype newt))
+let equal_ltype = Cil_datatype.Logic_type.equal
(* Does the same kind of optimization than [Cil.mkCastT] for [Ctype]. *)
-let mk_cast ?(loc=Cil_datatype.Location.unknown) ?(force=false) newt t =
- let mk_cast t = (* to new type [newt] *)
- let typ = Cil.type_remove_attributes_for_logic_type newt
- in term ~loc (TCastE (typ, t)) (Ctype typ)
- in
- let rec aux1 typ t =
- match typ with
- | Ctype oldt ->
- if not (need_logic_cast oldt newt) && not force then t
- else begin
- match Cil.unrollType newt, t.term_node with
- | TPtr _, TCastE (_, t') ->
- let rec aux2 = function
- | Ctype typ' ->
- (match unrollType typ', t'.term_node with
- | (TPtr _ as typ''), _ ->
- (* Old cast can be removed...*)
- if need_logic_cast newt typ'' then mk_cast t'
- else (* In fact, both casts can be removed. *) t'
- | _, TConst (Integer (i,_)) when Integer.is_zero i -> mk_cast t'
- | _ -> mk_cast t
- )
- | Ltype (tdef,_) as ty when is_unrollable_ltdef tdef ->
- aux2 (unroll_ltdef ty)
- | _ -> mk_cast t
- in aux2 t'.term_type
- | _ -> (* Do not remove old cast because they are conversions !!! *)
- mk_cast t
- end
- | Ltype (tdef,_) as ty when is_unrollable_ltdef tdef ->
- aux1 (unroll_ltdef ty) t
- | Linteger | Lreal ->
- (match t.term_node with
- | TLogic_coerce (_,t') -> aux1 t'.term_type t'
- | _ -> mk_cast t)
- | _ -> mk_cast t
- in aux1 t.term_type t
+let mk_cast ?loc ?(force=false) newt t =
+ let newt = Cil.type_remove_attributes_for_logic_type newt in
+ if equal_ltype (Ctype newt) t.term_type then t else
+ let rec unroll_cast e = match e.term_node with
+ | TCastE(oldt,e)
+ when (Cil.isPointerType newt && Cil.isPointerType oldt)
+ || equal_ltype (Ctype oldt) (Ctype newt)
+ -> unroll_cast e
+ | TLogic_coerce(Linteger,e)
+ when Cil.isArithmeticOrPointerType newt
+ -> unroll_cast e
+ | TLogic_coerce(Lreal,e)
+ when Cil.isFloatingType newt
+ -> unroll_cast e
+ | _ -> e
+ in
+ let tres = if force then t else unroll_cast t in
+ let loc = match loc with None -> t.term_loc | Some loc -> loc in
+ Logic_const.term ~loc (TCastE (newt, tres)) (Ctype newt)
+
+
+(* -------------------------------------------------------------------------- *)
+(* --- Constant Conversions --- *)
+(* -------------------------------------------------------------------------- *)
let real_of_float s f =
{ r_literal = s ; r_nearest = f ; r_upper = f ; r_lower = f }
+let real_of_parsed s p =
+ let open Floating_point in
+ {
+ r_literal = s ; r_nearest = p.f_nearest ;
+ r_upper = p.f_upper ;
+ r_lower = p.f_lower ;
+ }
+
let constant_to_lconstant c = match c with
| CInt64(i,_,s) -> Integer (i,s)
| CStr s -> LStr s
| CWStr s -> LWStr s
| CChr s -> LChr s
- | CReal (f,_,Some s) -> LReal (real_of_float s f)
| CEnum e -> LEnum e
+ | CReal (f,_,Some s) -> LReal (real_of_float s f)
| CReal (f,fkind,None) ->
let s = match fkind with
| FFloat -> Format.sprintf "%.8ef" f
@@ -288,49 +282,75 @@ let lconstant_to_constant c = match c with
| LReal r -> CReal (r.r_nearest,FDouble,Some r.r_literal)
| LEnum e -> CEnum e
-
-let string_to_float_lconstant string =
- let f = snd (Floating_point.parse string) in
+let parse_float ?loc literal =
+ let fk,v = Floating_point.parse literal in
(* If the string has suffix 'F' or 'D', then it represents a single or double
constant and the nearest parsed float is exact. Otherwise, use the upper
and lower float computed by [parse]. *)
- let l = String.length string - 1 in
- let last = Char.uppercase_ascii string.[l] in
- let exact = last = 'F' || last = 'D' in
- if exact
- then LReal (real_of_float string f.Floating_point.f_nearest)
- else
- let open Floating_point in
- LReal { r_nearest = f.f_nearest; r_upper = f.f_upper; r_lower = f.f_lower;
- r_literal = string }
-
-let numeric_coerce ltyp t =
- let coerce t =
- Logic_const.term ~loc:t.term_loc (TLogic_coerce(ltyp, t)) ltyp
+ let is_flt =
+ let len = String.length literal in
+ let last = Char.uppercase_ascii literal.[len-1] in
+ last = 'F' || last = 'D'
in
+ let creal =
+ if is_flt
+ then real_of_float literal v.Floating_point.f_nearest
+ else real_of_parsed literal v in
+ let vreal = Logic_const.term ?loc (TConst(LReal creal)) Lreal in
+ if is_flt then
+ let ty = TFloat(fk,[]) in
+ Logic_const.term ?loc (TCastE(ty,vreal)) (Ctype ty)
+ else vreal
+
+let mk_coerce ltyp t =
+ Logic_const.term ~loc:t.term_loc (TLogic_coerce(ltyp, t)) ltyp
+
+let rec numeric_coerce ltyp t =
let oldt = unroll_type t.term_type in
- if Cil_datatype.Logic_type.equal oldt ltyp then t
- else match t.term_node with
- | TLogic_coerce(t,e) when Cil.no_op_coerce t e -> coerce e
- | TConst(Integer(i,_)) ->
- (match oldt, ltyp with
- | Ctype (TInt(ikind,_)), Linteger when Cil.fitsInInt ikind i ->
- { t with term_type = Linteger }
- | _ -> coerce t)
- | TCastE(typ, ({ term_node = TConst(Integer(i,_))} as t')) ->
- (match unrollType typ with
- | TInt (ikind,_) when Cil.fitsInInt ikind i ->
- (match unroll_type t'.term_type with
- | Linteger -> t'
- | Ctype (TInt (ikind,_)) when Cil.fitsInInt ikind i ->
- { t' with term_type = Linteger }
- | _ -> coerce t')
- | _ -> coerce t)
- | _ -> coerce t
+ match t.term_node with
+ | TLogic_coerce(lt,e) when Cil.no_op_coerce lt e ->
+ (* coercion hidden by the printer, but still present *)
+ numeric_coerce ltyp e
+ | TConst(LEnum _) | TConst(Integer _) when ltyp = Linteger
+ -> { t with term_type = Linteger }
+ | TConst(LReal _ ) when ltyp = Lreal ->
+ { t with term_type = Lreal }
+ | TCastE(ty,e) ->
+ begin match ltyp, Cil.unrollType ty, e.term_node with
+ | Linteger, TInt(ik,_), TConst(Integer(v,_))
+ when Cil.fitsInInt ik v -> { e with term_type = Linteger }
+ | Lreal, TFloat(fk,_), TConst(LReal r)
+ when Cil.isExactFloat fk r -> { e with term_type = Lreal }
+ | Linteger, TInt(ik,_), TConst(LEnum { eival }) ->
+ ( match Cil.constFoldToInt eival with
+ | Some i when Cil.fitsInInt ik i -> { e with term_type = Linteger }
+ | _ -> mk_coerce ltyp t )
+ | _ -> mk_coerce ltyp t
+ end
+ | Trange(a,b) ->
+ let ra = numeric_bound ltyp a in
+ let rb = numeric_bound ltyp b in
+ { t with term_node = Trange(ra,rb) ;
+ term_type = Logic_const.make_set_type ltyp }
+ | Tunion ts ->
+ { t with term_node = Tunion (List.map (numeric_coerce ltyp) ts) ;
+ term_type = Logic_const.make_set_type ltyp }
+ | Tinter ts ->
+ { t with term_node = Tinter (List.map (numeric_coerce ltyp) ts) ;
+ term_type = Logic_const.make_set_type ltyp }
+ | Tcomprehension(t,qs,cond) ->
+ { t with term_node = Tcomprehension (numeric_coerce ltyp t,qs,cond) ;
+ term_type = Logic_const.make_set_type ltyp }
+ | _ ->
+ if Cil_datatype.Logic_type.equal oldt ltyp then t
+ else mk_coerce ltyp t
+
+and numeric_bound ltyp = function
+ | None -> None
+ | Some a -> Some (numeric_coerce ltyp a)
(* Don't forget to keep is_zero_comparable
- and scalar_term_to_predicate in sync.
-*)
+ and scalar_term_to_predicate in sync. *)
let is_zero_comparable t =
match unroll_type t.term_type with
@@ -343,24 +363,27 @@ let is_zero_comparable t =
let scalar_term_conversion conversion t =
let loc = t.term_loc in
- let arith_conversion () = conversion ~loc false t (Cil.lzero ~loc ()) in
- let ptr_conversion () =
- conversion ~loc false t (Logic_const.term ~loc Tnull t.term_type)
- in
+ let int_conversion t =
+ conversion ~loc false t (Cil.lzero ~loc ()) in
+ let real_conversion ?ltyp t =
+ conversion ~loc false t (Logic_const.treal_zero ~loc ?ltyp ()) in
+ let ptr_conversion t =
+ conversion ~loc false t (Logic_const.term ~loc Tnull t.term_type) in
+ let bool_conversion t =
+ let ctrue = Logic_env.Logic_ctor_info.find "\\true" in
+ conversion ~loc true t (term ~loc (TDataCons(ctrue,[])) boolean_type) in
match unroll_type t.term_type with
- | Ctype (TInt _) -> arith_conversion ()
- | Ctype (TFloat _) ->
- conversion ~loc false t (Logic_const.treal_zero ~loc ~ltyp:t.term_type ())
- | Ctype (TPtr _) -> ptr_conversion ()
- | Ctype (TArray _) -> ptr_conversion ()
+ | Ctype (TInt _) -> int_conversion t
+ | Ctype (TFloat _) as ltyp -> real_conversion ~ltyp t
+ | Ctype (TPtr _) -> ptr_conversion t
+ | Ctype (TArray _) -> ptr_conversion t
(* Could be transformed to \true: an array is never \null *)
- | Ctype (TFun _) -> ptr_conversion ()
+ | Ctype (TFun _) -> ptr_conversion t
(* decay as pointer *)
- | Linteger -> arith_conversion ()
- | Lreal -> conversion ~loc false t (Logic_const.treal_zero ~loc ())
+ | Linteger -> int_conversion t
+ | Lreal -> real_conversion t
| Ltype ({lt_name = name},[]) when name = Utf8_logic.boolean ->
- let ctrue = Logic_env.Logic_ctor_info.find "\\true" in
- conversion ~loc true t (term ~loc (TDataCons(ctrue,[])) boolean_type)
+ bool_conversion t
| Ltype _ | Lvar _ | Larrow _
| Ctype (TVoid _ | TNamed _ | TComp _ | TEnum _ | TBuiltin_va_list _)
-> Kernel.fatal
@@ -379,131 +402,178 @@ let scalar_term_to_boolean =
in
scalar_term_conversion conversion
-let rec expr_to_term ~cast e =
- let e_typ = unrollType (Cil.typeOf e) in
+(* -------------------------------------------------------------------------- *)
+(* --- Expr Conversion --- *)
+(* -------------------------------------------------------------------------- *)
+
+let is_boolean_binop op =
+ let open Cil_types in
+ match op with
+ | Lt | Gt | Le | Ge | Eq | Ne | LAnd | LOr -> true
+ | PlusA | PlusPI | IndexPI | MinusA | MinusPI | MinusPP
+ | Mult | Div | Mod | Shiftlt | Shiftrt | BAnd | BXor | BOr -> false
+
+let float_builtin prefix fkind =
+ let name = match fkind with
+ | FFloat -> Printf.sprintf "\\%s_float" prefix
+ | FDouble -> Printf.sprintf "\\%s_double" prefix
+ | FLongDouble -> Kernel.not_yet_implemented "Builtins for long double type"
+ in match Logic_env.find_all_logic_functions name with
+ | [ lf ] -> Some lf
+ | _ -> Kernel.fatal "Missing or ambiguous builtin %S" name
+
+let get_float_binop op typ =
+ match Cil.unrollType typ, op with
+ | TFloat(fkind,_) , PlusA -> float_builtin "add" fkind
+ | TFloat(fkind,_) , MinusA -> float_builtin "sub" fkind
+ | TFloat(fkind,_) , Mult -> float_builtin "mul" fkind
+ | TFloat(fkind,_) , Div -> float_builtin "div" fkind
+ | _ -> None
+
+let get_float_unop op typ =
+ match Cil.unrollType typ, op with
+ | TFloat(fkind,_) , Neg -> float_builtin "neg" fkind
+ | _ -> None
+
+let rec expr_to_term ?(coerce=false) e =
let loc = e.eloc in
- let result = match e.enode with
- | Const c -> TConst (constant_to_lconstant c)
- | SizeOf t -> TSizeOf t
- | SizeOfE e -> TSizeOfE (expr_to_term ~cast e)
- | SizeOfStr s -> TSizeOfStr s
- | StartOf lv -> TStartOf (lval_to_term_lval ~cast lv)
- | AddrOf lv -> TAddrOf (lval_to_term_lval ~cast lv)
- | CastE (ty,e) -> (mk_cast (unrollType ty) (expr_to_term ~cast e)).term_node
- | BinOp (op, l, r, _) ->
- let l' = expr_to_term_coerce ~cast l in
- let r' = expr_to_term_coerce ~cast r in
- (* type of the conversion of e in the logic. Beware that boolean
- operators have boolean type. *)
- let tcast =
- match op, cast with
- | ( Cil_types.Lt | Cil_types.Gt | Cil_types.Le | Cil_types.Ge
- | Cil_types.Eq | Cil_types.Ne| Cil_types.LAnd | Cil_types.LOr),
- _ -> Some Logic_const.boolean_type
- | _, true -> Some (typ_to_logic_type e_typ)
- | _, false -> None
- in
- let tnode = TBinOp (op,l',r') in
- (* if [cast], we add a cast. Otherwise, when [op] is an operator
- returning a boolean, we need to cast the whole expression as an
- integral type, because (1) the recursive subcalls expect an
- integer/float/pointer here, and (2) there is no implicit conversion
- Boolean -> integer. *)
- begin match tcast with
- | Some lt -> (mk_cast e_typ (Logic_const.term tnode lt)).term_node
- | None -> tnode
+ let typ = Cil.typeOf e in
+ let ctyp = Ctype typ in
+ let node,ltyp =
+ match e.enode with
+ | Const c -> TConst (constant_to_lconstant c) , coerce_type typ
+ | StartOf lv -> TStartOf (lval_to_term_lval lv) , ctyp
+ | AddrOf lv -> TAddrOf (lval_to_term_lval lv) , ctyp
+ | BinOp (op, a, b, _) ->
+ if is_boolean_binop op then
+ let tc = expr_to_boolean e in
+ Tif( tc , Cil.lone ~loc () , Cil.lzero ~loc () ),
+ Linteger
+ else begin match get_float_binop op typ with
+ | Some phi ->
+ let va = expr_to_term a in
+ let vb = expr_to_term b in
+ Tapp(phi,[],[va;vb]) , ctyp
+ | None ->
+ let va = expr_to_term ~coerce:true a in
+ let vb = expr_to_term ~coerce:true b in
+ TBinOp(op,va,vb) , coerce_type typ
end
- | UnOp (op, u, _) ->
- let u' = expr_to_term_coerce ~cast u in
- let u' =
- match op with
- | Cil_types.LNot ->
- (match u'.term_node with
- | TCastE(_, t) when is_boolean_type t.term_type -> t
- | _ when is_boolean_type u'.term_type -> u'
- | _ when is_zero_comparable u' ->
- scalar_term_to_boolean u'
- | _ ->
- Kernel.fatal
- "expr_to_term: unexpected argument of ! operator %a, \
- converted to %a"
- Cil_printer.pp_exp u Cil_printer.pp_term u')
- | _ -> u'
- in
- (* See comments for binop case above. *)
- let tcast = match op, cast with
- | Cil_types.LNot, _ -> Some Logic_const.boolean_type
- | _, true -> Some (typ_to_logic_type e_typ)
- | _, false -> None
- in
- let tnode = TUnOp (op, u') in
- begin match tcast with
- | Some lt -> (mk_cast e_typ (Logic_const.term tnode lt)).term_node
- | None -> tnode
+ | UnOp (LNot, c, _) ->
+ let tc = expr_to_boolean c in
+ Tif( tc , Cil.lzero ~loc () , Cil.lone ~loc () ),
+ Linteger
+ | UnOp(op, a, _) ->
+ begin match get_float_unop op typ with
+ | Some phi ->
+ let va = expr_to_term ~coerce:true a in
+ Tapp(phi,[],[va]) , ctyp
+ | None ->
+ let va = expr_to_term ~coerce:true a in
+ TUnOp(op,va) , coerce_type typ
end
- | AlignOfE e -> TAlignOfE (expr_to_term ~cast e)
- | AlignOf typ -> TAlignOf typ
- | Lval lv -> TLval (lval_to_term_lval ~cast lv)
- | Info (e,_) -> (expr_to_term ~cast e).term_node
+ | SizeOf t -> TSizeOf t, ctyp
+ | SizeOfE e -> TSizeOf (Cil.typeOf e), ctyp
+ | SizeOfStr s -> TSizeOfStr s, ctyp
+ | AlignOf typ -> TAlignOf typ, ctyp
+ | AlignOfE e -> TAlignOf (Cil.typeOf e), ctyp
+ | Lval lv -> TLval (lval_to_term_lval lv), ctyp
+ | CastE (ty,e) ->
+ let coerce = Cil.isIntegralType (Cil.typeOf e) in
+ let t = mk_cast ~loc ty (expr_to_term ~coerce e) in
+ t.term_node , t.term_type
+ | Info (e,_) ->
+ let t = expr_to_term ~coerce e in
+ t.term_node , t.term_type
in
- let tres = Logic_const.term ~loc result (Ctype e_typ) in
- if cast then tres
- else
- match e.enode with
- (* all immediate values keep their C type by default, and are only lifted
- to integer/real if needed. *)
- | Const _ | Lval _ | CastE _ -> tres
- | _ -> numeric_coerce (typ_to_logic_type e_typ) tres
-
-and expr_to_term_coerce ~cast e =
- let t = expr_to_term ~cast e in
- match Logic_const.unroll_ltdef t.term_type with
- | Ctype typ when Cil.isIntegralType typ || Cil.isFloatingType typ ->
- let ltyp = typ_to_logic_type typ in
- numeric_coerce ltyp t
- | _ -> t
-
-and lval_to_term_lval ~cast (host,offset) =
- host_to_term_host ~cast host, offset_to_term_offset ~cast offset
-
-and host_to_term_host ~cast = function
+ let v = mk_cast ~loc typ @@ Logic_const.term ~loc node ltyp in
+ if coerce then
+ match Cil.unrollType typ with
+ | TInt _ -> numeric_coerce Linteger v
+ | TFloat _ -> numeric_coerce Lreal v
+ | _ -> v
+ else v
+
+and lval_to_term_lval (host,offset) =
+ host_to_term_lhost host, offset_to_term_offset offset
+
+and host_to_term_lhost = function
| Var s -> TVar (Cil.cvar_to_lvar s)
- | Mem e -> TMem (expr_to_term ~cast e) (*no need of numeric coercion - pointer *)
+ | Mem e -> TMem (expr_to_term e)
-and offset_to_term_offset ~cast:cast = function
+and offset_to_term_offset = function
| NoOffset -> TNoOffset
+ | Field (fi,off) ->
+ TField(fi,offset_to_term_offset off)
| Index (e,off) ->
- TIndex (expr_to_term_coerce ~cast e,offset_to_term_offset ~cast off)
- | Field (fi,off) -> TField(fi,offset_to_term_offset ~cast off)
+ TIndex (expr_to_term ~coerce:true e,offset_to_term_offset off)
-and expr_to_predicate ~cast e =
+and expr_to_boolean e =
let open Cil_types in
+ let tbool n = Logic_const.term n Logic_const.boolean_type in
match e.enode with
- | BinOp ((Lt | Gt | Le | Ge | Eq | Ne as op), l, r, _) ->
- let tl = expr_to_term ~cast l in
- let tr = expr_to_term ~cast r in
- let rel = match op with
- | Lt -> Rlt | Gt -> Rgt | Le -> Rle | Ge -> Rge | Eq -> Req | Ne -> Rneq
- | _ -> assert false
- in
- let pred = Prel (rel, tl, tr) in
- Logic_const.new_predicate (Logic_const.unamed ~loc:e.eloc pred)
+ | UnOp(BNot, a,_) ->
+ tbool @@ TUnOp(BNot, expr_to_boolean a)
+ | BinOp((BAnd|BOr) as op,a,b,_) ->
+ let va = expr_to_boolean a in
+ let vb = expr_to_boolean b in
+ tbool @@ TBinOp(op,va,vb)
+ | BinOp(op, a, b, _) when is_boolean_binop op ->
+ let va = expr_to_term ~coerce:true a in
+ let vb = expr_to_term ~coerce:true b in
+ tbool @@ TBinOp(op,va,vb)
+ | _ ->
+ let t = expr_to_term ~coerce:true e in
+ if is_zero_comparable t then
+ scalar_term_to_boolean t
+ else
+ Kernel.fatal
+ "Cannot convert into predicate the C expression %a"
+ Cil_printer.pp_exp e
+
+and expr_to_predicate e =
+ let open Cil_types in
+ let unamed = Logic_const.unamed ~loc:e.eloc in
+ let prel r a b =
+ let va = expr_to_term ~coerce:true a in
+ let vb = expr_to_term ~coerce:true b in
+ unamed @@ Prel(r,va,vb)
+ in match e.enode with
+ | BinOp(Lt, a, b, _) -> prel Rlt a b
+ | BinOp(Le, a, b, _) -> prel Rle a b
+ | BinOp(Gt, a, b, _) -> prel Rgt a b
+ | BinOp(Ge, a, b, _) -> prel Rge a b
+ | BinOp(Eq, a, b, _) -> prel Req a b
+ | BinOp(Ne, a, b, _) -> prel Rneq a b
+ | BinOp(BAnd, a, b, _) ->
+ unamed @@ Pand(expr_to_predicate a,expr_to_predicate b)
+ | BinOp(BOr, a, b, _) ->
+ unamed @@ Por(expr_to_predicate a,expr_to_predicate b)
+ | UnOp(BNot, a, _) ->
+ unamed @@ Pnot(expr_to_predicate a)
| _ ->
- let t = expr_to_term ~cast e in
+ let t = expr_to_term ~coerce:true e in
if is_zero_comparable t then
- Logic_const.new_predicate (scalar_term_to_predicate t)
+ scalar_term_to_predicate t
else
Kernel.fatal
"Cannot convert into predicate the C expression %a"
Cil_printer.pp_exp e
+and expr_to_ipredicate e =
+ Logic_const.new_predicate (expr_to_predicate e)
+
+(* ************************************************************************* *)
+(** {1 Various utilities} *)
+(* ************************************************************************* *)
+
let array_with_range arr size =
let loc = arr.eloc in
let arr = Cil.stripCasts arr in
let typ_arr = typeOf arr in
let no_cast = isAnyCharPtrType typ_arr || isAnyCharArrayType typ_arr in
- let char_ptr = typ_to_logic_type Cil.charPtrType in
- let arr = expr_to_term ~cast:true arr in
+ let char_ptr = Ctype Cil.charPtrType in
+ let arr = expr_to_term arr in
let arr =
if no_cast then arr
else mk_cast ~loc Cil.charPtrType arr
@@ -521,10 +591,6 @@ let remove_logic_coerce t =
| TLogic_coerce(_,t) -> t
| _ -> t
-(* ************************************************************************* *)
-(** {1 Various utilities} *)
-(* ************************************************************************* *)
-
let rec remove_term_offset o =
match o with
TNoOffset -> TNoOffset, TNoOffset
@@ -573,6 +639,27 @@ let is_trivially_true p =
Ptrue -> true
| _ -> false
+let is_annot_next_stmt c =
+ match c.annot_content with
+ | AStmtSpec _ | APragma (Slice_pragma SPstmt | Impact_pragma IPstmt) -> true
+ | AExtended(_,is_loop,{ext_name}) ->
+ let warn_not_a_code_annot () =
+ Kernel.(
+ warning ~wkey:wkey_acsl_extension
+ "%s is not a code annotation extension" ext_name)
+ in
+ (match Logic_env.extension_category ext_name with
+ | exception Not_found -> warn_not_a_code_annot () ; false
+ | Ext_code_annot (Ext_here | Ext_next_loop)-> false
+ | Ext_code_annot Ext_next_stmt-> true
+ | Ext_code_annot Ext_next_both-> not is_loop
+ | Ext_contract | Ext_global -> warn_not_a_code_annot () ; false)
+ | AAssert _ | AInvariant _ | AVariant _
+ | AAssigns _ | AAllocation _
+ | APragma (Slice_pragma (SPctrl | SPexpr _))
+ | APragma (Impact_pragma (IPexpr _))
+ | APragma (Loop_pragma _) -> false
+
let rec add_attribute_glob_annot a g =
match g with
| Dfun_or_pred ({ l_var_info },_) | Dinvariant({ l_var_info }, _)
@@ -914,6 +1001,7 @@ and is_same_predicate_node p1 p2 =
| Pfreeable (l1,t1), Pfreeable (l2,t2)
| Pvalid (l1,t1), Pvalid (l2,t2)
| Pvalid_read (l1,t1), Pvalid_read (l2,t2)
+ | Pobject_pointer (l1,t1), Pobject_pointer (l2,t2)
| Pinitialized (l1,t1), Pinitialized (l2,t2) ->
is_same_logic_label l1 l2 && is_same_term t1 t2
| Pvalid_function t1, Pvalid_function t2 ->
@@ -928,7 +1016,7 @@ and is_same_predicate_node p1 p2 =
with Invalid_argument _ -> false)
| (Pfalse | Ptrue | Papp _ | Prel _ | Pand _ | Por _ | Pimplies _
| Piff _ | Pnot _ | Pif _ | Plet _ | Pforall _ | Pexists _
- | Pat _ | Pvalid _ | Pvalid_read _ | Pvalid_function _
+ | Pat _ | Pvalid _ | Pvalid_read _ | Pobject_pointer _ | Pvalid_function _
| Pinitialized _ | Pdangling _
| Pfresh _ | Pallocable _ | Pfreeable _ | Pxor _ | Pseparated _
), _ -> false
@@ -1267,6 +1355,7 @@ and is_same_lexpr l1 l2 =
| PLfreeable (l1,e1), PLfreeable (l2,e2)
| PLvalid (l1,e1), PLvalid (l2,e2)
| PLvalid_read (l1,e1), PLvalid_read (l2,e2)
+ | PLobject_pointer (l1,e1), PLobject_pointer (l2,e2)
| PLbase_addr (l1,e1), PLbase_addr (l2,e2)
| PLoffset (l1,e1), PLoffset (l2,e2)
| PLblock_length (l1,e1), PLblock_length (l2,e2)
@@ -1295,7 +1384,8 @@ and is_same_lexpr l1 l2 =
| PLupdate _ | PLinitIndex _ | PLtype _ | PLfalse
| PLtrue | PLinitField _ | PLrel _ | PLand _ | PLor _ | PLxor _
| PLimplies _ | PLiff _ | PLnot _ | PLif _ | PLforall _
- | PLexists _ | PLvalid _ | PLvalid_read _ | PLvalid_function _
+ | PLexists _ | PLvalid _ | PLvalid_read _
+ | PLobject_pointer _ | PLvalid_function _
| PLfreeable _ | PLallocable _
| PLinitialized _ | PLdangling _ | PLseparated _ | PLfresh _ | PLnamed _
| PLcomprehension _ | PLunion _ | PLinter _
@@ -1502,6 +1592,8 @@ and hash_predicate (acc,depth,tot) p =
hash_predicate (acc + 173 + hash_label l, depth - 1, tot - 1) p
| Pvalid_read (l, t) ->
hash_term (acc + 187 + hash_label l, depth - 1, tot - 1) t
+ | Pobject_pointer (l, t) ->
+ hash_term (acc + 181 + hash_label l, depth - 1, tot - 1) t
| Pvalid (l, t) ->
hash_term (acc + 193 + hash_label l, depth - 1, tot - 1) t
| Pvalid_function t -> hash_term (acc + 203, depth - 1, tot - 1) t
@@ -1802,6 +1894,7 @@ and compare_predicate_node p1 p2 =
| Pfreeable (l1,t1), Pfreeable (l2,t2)
| Pvalid (l1,t1), Pvalid (l2,t2)
| Pvalid_read (l1,t1), Pvalid_read (l2,t2)
+ | Pobject_pointer (l1,t1), Pobject_pointer (l2,t2)
| Pinitialized (l1,t1), Pinitialized (l2,t2)
| Pdangling (l1,t1), Pdangling (l2,t2) ->
let res = compare_logic_label l1 l2 in
@@ -1814,6 +1907,8 @@ and compare_predicate_node p1 p2 =
| _, Pvalid _ -> -1
| Pvalid_read _, _ -> 1
| _, Pvalid_read _ -> -1
+ | Pobject_pointer _, _ -> 1
+ | _, Pobject_pointer _ -> -1
| Pinitialized _, _ -> 1
| _, Pinitialized _ -> -1
| Pdangling _, _ -> 1
@@ -2563,6 +2658,8 @@ class simplify_const_lval global_find_init = object (self)
| _ -> Cil.DoChildren
end
+let () = Cil_datatype.punrollLogicType := unroll_type
+
(* ************************************************************************** *)
(** {1 Deprecated} *)
let instantiate = Logic_const.instantiate
diff --git a/src/kernel_services/ast_queries/logic_utils.mli b/src/kernel_services/ast_queries/logic_utils.mli
index c19683aac4bb6be426d7fe3beea43e068a201b81..c147282eea5371d8178b2db61c985ce64e3da945 100644
--- a/src/kernel_services/ast_queries/logic_utils.mli
+++ b/src/kernel_services/ast_queries/logic_utils.mli
@@ -29,7 +29,7 @@ open Cil_types
(** exception raised when a parsed logic expression is
syntactically not well-formed. *)
-exception Not_well_formed of Cil_types.location * string
+exception Not_well_formed of location * string
(** basic utilities for logic terms and predicates. See also {! Logic_const}
to build terms and predicates.
@@ -85,8 +85,10 @@ val logicCType : logic_type -> typ
(** transforms an array into pointer. *)
val array_to_ptr : logic_type -> logic_type
-(** C type to logic type, with implicit conversion for arithmetic types. *)
-val typ_to_logic_type : typ -> logic_type
+(** C type to logic type, with implicit conversion for arithmetic types.
+ @since Frama-C+dev
+*)
+val coerce_type : typ -> logic_type
(** {2 Predicates} *)
@@ -109,7 +111,7 @@ val mk_logic_StartOf : term -> term
(** creates an AddrOf from a TLval. The given logic type is the
type of the lval.
@since Neon-20140301 *)
-val mk_logic_AddrOf: ?loc:Cil_types.location -> term_lval -> logic_type -> term
+val mk_logic_AddrOf: ?loc:location -> term_lval -> logic_type -> term
(** [true] if the term is a pointer. *)
val isLogicPointer : term -> bool
@@ -122,9 +124,7 @@ val mk_logic_pointer_or_StartOf : term -> term
be inserted. Otherwise (which is the default), [mk_cast typ t] will return
[t] if it is already of type [typ]
- @modify Aluminium-20160501 added [force] optional argument
-
-*)
+ @modify Aluminium-20160501 added [force] optional argument *)
val mk_cast: ?loc:location -> ?force:bool -> typ -> term -> term
@@ -141,7 +141,12 @@ val remove_logic_coerce: term -> term
in [t]. In particular, [numeric_coerce (int)cst Linteger], where [cst]
fits in int will be directly [cst], without any coercion.
+ Also coerce recursively the sub-terms of t-set expressions
+ (range, union, inter and comprehension) and lift the associated
+ set type.
+
@since Magnesium-20151001
+ @modify Frama-C+dev
*)
val numeric_coerce: logic_type -> term -> term
@@ -157,41 +162,77 @@ val pointer_comparable: ?loc:location -> term -> term -> predicate
(** \pointer_comparable
@since Fluorine-20130401 *)
-(** {3 Conversion from exp to term}*)
-(** translates a C expression into an "equivalent" logical term.
- [cast] specifies how C arithmetic operators are translated.
- When [cast] is [true], the translation returns a logic [term] having the
- same semantics of the C [expr] by introducing casts (i.e. the C expr [a+b]
- can be translated as [(char)(((char)a)+(char)b)] to preserve the modulo
- feature of the C addition).
- Otherwise, no such casts are introduced and the C arithmetic operators are
- translated into perfect mathematical operators (i.e. a floating point
- addition is translated into an addition of [real] numbers).
- @plugin development guide *)
-val expr_to_term : cast:bool -> exp -> term
-(** same as {!expr_to_term}, except that if the new term has an arithmetic
- type, it is automatically coerced into real (or integer for integral types).
+(** {2 Conversion from exp to term} *)
- @since Magnesium-20151001
+val expr_to_term : ?coerce:bool -> exp -> term
+(** Returns a logic term that has exactly the same semantics as the
+ original C-expression. The type of the resulting term is determined
+ by the [~coerce] flag as follows:
+ - when [~coerce:false] is given (the default) the term has the same
+ c-type as the original expression.
+ - when [~coerce:true] is given, if the original expression has an int or
+ float type, then the returned term is coerced into the integer or real
+ logic type, respectively.
+
+ Remark: when the original expression is a comparison, it is evaluated as
+ an [int] or an [integer] depending on the [~coerce] flag.
+ To obtain a boolean or predicate, use [expr_to_boolean] or
+ [expr_to_predicate] instead.
+
+ @modify Frama-C+dev
*)
-val expr_to_term_coerce: cast:bool -> exp -> term
-val is_zero_comparable: term -> bool
-(** [true] if the given term has a type for which a comparison to 0 exists
- (i.e. scalar C types, logic integers and reals).
+val expr_to_predicate: exp -> predicate
+(** Returns a predicate semantically equivalent to the condition
+ of the original C-expression.
+ This is different from [expr_to_term e |> scalar_term_to_predicate]
+ since C-relations are translated into logic ones.
+
+ @raise Fatal error if the expression is not a comparison and cannot be
+ compared to zero.
@since Sulfur-20171101
+ @modify Frama-C+dev
*)
-val expr_to_predicate: cast:bool -> exp -> identified_predicate
-(** same as {expr_to_term}, but the result is a predicate. Expressions starting
- with relational operators ([==], [<=], etc) are translated directly.
- Otherwise, the result of [expr_to_predicate e] is the predicate
- [e <> 0].
+val expr_to_ipredicate: exp -> identified_predicate
+(** Returns a predicate semantically equivalent to the condition
+ of the original C-expression.
+
+ Identical to [expr_to_predicate e |> Logic_const.new_predicate].
+
+ @raise Fatal error if the expression is not a comparison and cannot be
+ compared to zero.
+ @since Sulfur-20171101
+ @modify Frama-C+dev
+*)
+
+val expr_to_boolean: exp -> term
+(** Returns a boolean term semantically equivalent to the condition
+ of the original C-expression.
+
+ This is different from [expr_to_term e |> scalar_term_to_predicate]
+ since C-relations are translated into logic ones.
@raise Fatal error if the expression is not a comparison and cannot be
compared to zero.
@since Sulfur-20171101
+ @modify Frama-C+dev
+*)
+
+val is_zero_comparable: term -> bool
+(** [true] if the given term has a type for which a comparison to 0 exists
+ (i.e. scalar C types, logic integers and reals).
+
+ @since Sulfur-20171101
+*)
+
+val scalar_term_to_boolean: term -> term
+(** Compare the given term with the constant 0 (of the appropriate type)
+ to return the result of the comparison [e <> 0] as a boolean term.
+
+ @raise Fatal error if the argument cannot be compared to 0
+ @since Frama-C+dev
*)
val scalar_term_to_predicate: term -> predicate
@@ -202,19 +243,25 @@ val scalar_term_to_predicate: term -> predicate
@since Sulfur-20171101
*)
-val lval_to_term_lval : cast:bool -> lval -> term_lval
-val host_to_term_host : cast:bool -> lhost -> term_lhost
-val offset_to_term_offset :
- cast:bool -> offset -> term_offset
+val lval_to_term_lval : lval -> term_lval
+val host_to_term_lhost : lhost -> term_lhost
+val offset_to_term_offset : offset -> term_offset
val constant_to_lconstant: constant -> logic_constant
val lconstant_to_constant: logic_constant-> constant
-(** Parse the given string as a float logic constant, taking into account
- the fact that the constant may not be exactly representable. This
- function should only be called on strings that have been recognized
- by the parser as valid floats *)
-val string_to_float_lconstant: string -> logic_constant
+(** Parse the given string as a float or real logic constant.
+
+ The parsed literal is always kept as it is in the resulting term.
+ The returned term is either a real constant or
+ real constant casted into a C-float type.
+
+ Unsuffixed literals are considered as real numbers.
+ Literals suffixed by [f|d|l] or [F|D|L] are considered
+ as float constants of the associated kind. *)
+val parse_float : ?loc:location -> string -> term
+
+(** {2 Various Utilities} *)
(** [remove_term_offset o] returns [o] without its last offset and
this last offset. *)
@@ -240,8 +287,6 @@ val is_result : term -> bool
val lhost_c_type : term_lhost -> typ
-(** {2 Predicates} *)
-
(** [true] if the predicate is Ptrue.
@since Nitrogen-20111001 *)
val is_trivially_true: predicate -> bool
@@ -250,6 +295,15 @@ val is_trivially_true: predicate -> bool
@since Nitrogen-20111001 *)
val is_trivially_false: predicate -> bool
+(** {2 Code annotations} *)
+
+(** Does the annotation apply to the next statement (e.g. a statement
+ contract). Also false for loop-related annotations.
+
+ @since Frama-C+dev
+*)
+val is_annot_next_stmt: code_annotation -> bool
+
(** {2 Global annotations} *)
(** add an attribute to a global annotation
@@ -362,7 +416,7 @@ val concat_allocation: allocation -> allocation -> allocation
val merge_allocation : allocation -> allocation -> allocation
val merge_behaviors :
- ?oldloc:Cil_types.location -> silent:bool -> funbehavior list -> funbehavior list -> funbehavior list
+ ?oldloc:location -> silent:bool -> funbehavior list -> funbehavior list -> funbehavior list
(** [merge_funspec ?oldloc oldspec newspec] merges [newspec] into [oldspec].
If the funspec belongs to a kernel function, do not forget to call
@@ -370,7 +424,7 @@ val merge_behaviors :
@modify 20.0-Calcium add optional parameter [oldloc].
*)
val merge_funspec :
- ?oldloc:Cil_types.location -> ?silent_about_merging_behav:bool ->
+ ?oldloc:location -> ?silent_about_merging_behav:bool ->
funspec -> funspec -> unit
(** Reset the given funspec to empty.
diff --git a/src/kernel_services/ast_transformations/filter.ml b/src/kernel_services/ast_transformations/filter.ml
index f3fe41bffc04fa6babd8b1ae1f333103ff93b641..caff6cef46efa2b4fe32181dfc5868163ff6509d 100644
--- a/src/kernel_services/ast_transformations/filter.ml
+++ b/src/kernel_services/ast_transformations/filter.ml
@@ -91,9 +91,9 @@ end = struct
with Not_found ->
let fundec =
match kf.fundec with
- | Definition(f,l) -> Definition ( { f with svar = v },l)
- | Declaration(_,_,arg,l) ->
- Declaration(Cil.empty_funspec(),v,arg,l)
+ | Definition(f,l) -> Definition ( { f with svar = v },l)
+ | Declaration(_,_,arg,l) ->
+ Declaration(Cil.empty_funspec(),v,arg,l)
in
let kf = { fundec = fundec; spec = Cil.empty_funspec() } in
Cil_datatype.Varinfo.Hashtbl.add tbl v kf; kf
@@ -101,13 +101,13 @@ end = struct
let rec can_skip keep_stmts stmt =
stmt.labels = [] &&
match stmt.skind with
- | Instr (Skip _) ->
- debug "@[Statement %d: can%s skip@]@." stmt.sid
- (if Stmt.Set.mem stmt keep_stmts then "'t" else "");
- not (Stmt.Set.mem stmt keep_stmts)
- | Block b -> is_empty_block keep_stmts b
- | UnspecifiedSequence seq -> is_empty_unspecified_sequence keep_stmts seq
- | _ -> false
+ | Instr (Skip _) ->
+ debug "@[Statement %d: can%s skip@]@." stmt.sid
+ (if Stmt.Set.mem stmt keep_stmts then "'t" else "");
+ not (Stmt.Set.mem stmt keep_stmts)
+ | Block b -> is_empty_block keep_stmts b
+ | UnspecifiedSequence seq -> is_empty_unspecified_sequence keep_stmts seq
+ | _ -> false
and is_empty_block keep_stmts block =
List.for_all (can_skip keep_stmts) block.bstmts
@@ -117,44 +117,44 @@ end = struct
let rec mk_new_block keep_stmts s blk loc =
(* vblock has already cleaned up the statements (removed skip, etc...),
- * but now the block can still be empty or include only one statement. *)
+ * but now the block can still be empty or include only one statement. *)
match blk.bstmts with
- | [] | _ when is_empty_block keep_stmts blk ->
- (* don't care about local variables since the block is empty. *)
- mk_new_stmt s (mk_skip loc)
- | { labels = [] } as s1 :: [] ->
- (* one statement only, and no label *)
- begin
- match s1.skind with
- | Block b ->
- (* drop blk, but keep local declarations. *)
- b.blocals <- b.blocals @ blk.blocals;
- mk_new_block keep_stmts s b loc
- | UnspecifiedSequence seq when blk.blocals = [] ->
- mk_new_unspecified_sequence keep_stmts s seq loc
- | _ when blk.blocals = [] -> mk_new_stmt s s1.skind
- | _ -> mk_new_stmt s (Block blk)
- end
- | _ -> mk_new_stmt s (Block blk)
+ | [] | _ when is_empty_block keep_stmts blk ->
+ (* don't care about local variables since the block is empty. *)
+ mk_new_stmt s (mk_skip loc)
+ | { labels = [] } as s1 :: [] ->
+ (* one statement only, and no label *)
+ begin
+ match s1.skind with
+ | Block b ->
+ (* drop blk, but keep local declarations. *)
+ b.blocals <- b.blocals @ blk.blocals;
+ mk_new_block keep_stmts s b loc
+ | UnspecifiedSequence seq when blk.blocals = [] ->
+ mk_new_unspecified_sequence keep_stmts s seq loc
+ | _ when blk.blocals = [] -> mk_new_stmt s s1.skind
+ | _ -> mk_new_stmt s (Block blk)
+ end
+ | _ -> mk_new_stmt s (Block blk)
(* same as above, but for unspecified sequences. *)
and mk_new_unspecified_sequence keep_stmts s seq loc =
(* vblock has already cleaned up the statements (removed skip, etc...),
* but now the block can still be empty or include only one statement. *)
match seq with
- | [] -> mk_new_stmt s (mk_skip loc)
- | _ when is_empty_unspecified_sequence keep_stmts seq ->
- mk_new_stmt s (mk_skip loc)
- | [stmt,_,_,_,_] -> (* one statement only *)
- begin
- if stmt.labels <> [] then s.labels <- s.labels @ stmt.labels;
- match stmt.skind with
- | UnspecifiedSequence seq ->
- mk_new_unspecified_sequence keep_stmts s seq loc
- | Block b -> mk_new_block keep_stmts s b loc
- | _ -> mk_new_stmt s stmt.skind
- end
- | _ -> mk_new_stmt s (UnspecifiedSequence seq)
+ | [] -> mk_new_stmt s (mk_skip loc)
+ | _ when is_empty_unspecified_sequence keep_stmts seq ->
+ mk_new_stmt s (mk_skip loc)
+ | [stmt,_,_,_,_] -> (* one statement only *)
+ begin
+ if stmt.labels <> [] then s.labels <- s.labels @ stmt.labels;
+ match stmt.skind with
+ | UnspecifiedSequence seq ->
+ mk_new_unspecified_sequence keep_stmts s seq loc
+ | Block b -> mk_new_block keep_stmts s b loc
+ | _ -> mk_new_stmt s stmt.skind
+ end
+ | _ -> mk_new_stmt s (UnspecifiedSequence seq)
let add_label_if_needed mk_label finfo s =
let rec pickLabel = function
@@ -162,141 +162,141 @@ end = struct
| Label _ as lab :: _ when Info.label_visible finfo s lab -> Some lab
| _ :: rest -> pickLabel rest
in match pickLabel s.labels with
- | Some _ -> None
- | None ->
- let label = mk_label (Cil_datatype.Stmt.loc s) in
- debug "add label to sid:%d : %a" s.sid Printer.pp_label label;
- s.labels <- label::s.labels;
- Some label
-
- let rm_break_cont ?(cont=true) ?(break=true) mk_label finfo blk =
+ | Some _ -> None
+ | None ->
+ let label = mk_label (Cil_datatype.Stmt.loc s) in
+ debug "add label to sid:%d : %a" s.sid Printer.pp_label label;
+ s.labels <- label::s.labels;
+ Some label
+
+ let rm_break_cont ?(cont=true) ?(break=true) mk_label finfo blk =
let change loc s =
let dest = match s.succs with dest::_ -> dest | [] -> assert false in
let new_l = add_label_if_needed mk_label finfo dest in
- mk_new_stmt s (Goto (ref dest, loc));
- debug "changed break/continue into @[%a@]@."
- Printer.pp_stmt s;
- new_l
+ mk_new_stmt s (Goto (ref dest, loc));
+ debug "changed break/continue into @[%a@]@."
+ Printer.pp_stmt s;
+ new_l
in
let rec rm_aux cont break s =
match s.skind with
- | Break loc when break && Info.inst_visible finfo s ->
- let _ = change loc s in ()
- | Continue loc when cont && Info.inst_visible finfo s ->
- let _ = change loc s in ()
- | Instr _ | Return _ | Break _ | Continue _ | Goto _ | Throw _ -> ()
- | If (_, bthen, belse, _) ->
- List.iter (rm_aux cont break) bthen.bstmts;
- List.iter (rm_aux cont break) belse.bstmts;
- | Block blk ->
- List.iter (rm_aux cont break) blk.bstmts
- | UnspecifiedSequence seq ->
- let blk = Cil.block_from_unspecified_sequence seq in
- List.iter (rm_aux cont break) blk.bstmts
- | Loop _ -> (* don't go inside : break and continue change meaning*)
- ()
- | Switch (_, blk, _, _) ->
- (* if change [continue] do it, but stop changing [break] *)
- if cont then
- let break = false in List.iter (rm_aux cont break) blk.bstmts
- | TryFinally _ | TryExcept _ | TryCatch _ -> (* TODO ? *) ()
+ | Break loc when break && Info.inst_visible finfo s ->
+ let _ = change loc s in ()
+ | Continue loc when cont && Info.inst_visible finfo s ->
+ let _ = change loc s in ()
+ | Instr _ | Return _ | Break _ | Continue _ | Goto _ | Throw _ -> ()
+ | If (_, bthen, belse, _) ->
+ List.iter (rm_aux cont break) bthen.bstmts;
+ List.iter (rm_aux cont break) belse.bstmts;
+ | Block blk ->
+ List.iter (rm_aux cont break) blk.bstmts
+ | UnspecifiedSequence seq ->
+ let blk = Cil.block_from_unspecified_sequence seq in
+ List.iter (rm_aux cont break) blk.bstmts
+ | Loop _ -> (* don't go inside : break and continue change meaning*)
+ ()
+ | Switch (_, blk, _, _) ->
+ (* if change [continue] do it, but stop changing [break] *)
+ if cont then
+ let break = false in List.iter (rm_aux cont break) blk.bstmts
+ | TryFinally _ | TryExcept _ | TryCatch _ -> (* TODO ? *) ()
in List.iter (rm_aux cont break) blk.bstmts
(** filter [params] according to [ff] input visibility.
- * Can be used to slice both the parameters, the call arguments,
- * and the param types.
- * Notice that this is just a filtering of the list.
- * It doesn't do any transformation of any kind on the element,
- * so at the end they are shared with the original list.
- * *)
+ * Can be used to slice both the parameters, the call arguments,
+ * and the param types.
+ * Notice that this is just a filtering of the list.
+ * It doesn't do any transformation of any kind on the element,
+ * so at the end they are shared with the original list.
+ * *)
let filter_params finfo params =
let do_param (n, new_params) var =
let new_params =
if not (Info.param_visible finfo n) then new_params
else new_params @ [var]
in
- (n+1, new_params)
+ (n+1, new_params)
in let _, new_params = List.fold_left do_param (1, []) params in
- new_params
+ new_params
let ff_var (fun_vars: t) kf finfo =
let fct_var = Kernel_function.get_vi kf in
let name = Info.fct_name fct_var finfo in
- try
- let ff_var = Hashtbl.find fun_vars name in
- debug "[ff_var] Use fct var %s:%d@." ff_var.vname ff_var.vid;
- ff_var
- with Not_found ->
- let ff_var = Cil.copyVarinfo fct_var name in
- if not (Info.result_visible kf finfo) then
- Cil.setReturnTypeVI ff_var Cil.voidType;
- (* Notice that we don't have to filter the parameter types here :
- * they will be update by [Cil.setFormals] later on. *)
- debug "[ff_var] Mem fct var %s:%d@."
- ff_var.vname ff_var.vid;
- Hashtbl.add fun_vars name ff_var;
- ff_var
+ try
+ let ff_var = Hashtbl.find fun_vars name in
+ debug "[ff_var] Use fct var %s:%d@." ff_var.vname ff_var.vid;
+ ff_var
+ with Not_found ->
+ let ff_var = Cil.copyVarinfo fct_var name in
+ if not (Info.result_visible kf finfo) then
+ Cil.setReturnTypeVI ff_var Cil.voidType;
+ (* Notice that we don't have to filter the parameter types here :
+ * they will be update by [Cil.setFormals] later on. *)
+ debug "[ff_var] Mem fct var %s:%d@."
+ ff_var.vname ff_var.vid;
+ Hashtbl.add fun_vars name ff_var;
+ ff_var
let optim_if fct keep_stmts s_orig s cond_opt bthen belse loc =
let empty_then = is_empty_block keep_stmts bthen in
let empty_else = is_empty_block keep_stmts belse in
debug "[optim_if] @[sid:%d (orig:%d)@ \
- with %s cond, %s empty then, %s empty else@]@."
+ with %s cond, %s empty then, %s empty else@]@."
s.sid s_orig.sid
(if cond_opt = None then "no" else "")
(if empty_then then "" else "not")
(if empty_else then "" else "not");
match cond_opt with
- | Some cond ->
- if empty_then && empty_else then mk_new_stmt s (mk_skip loc)
- else (* cond visible and something in blocks : keep if *)
- mk_new_stmt s (If (cond, bthen, belse, loc))
+ | Some cond ->
+ if empty_then && empty_else then mk_new_stmt s (mk_skip loc)
+ else (* cond visible and something in blocks : keep if *)
+ mk_new_stmt s (If (cond, bthen, belse, loc))
| None -> (* no cond *)
- let go_then, go_else = Info.cond_edge_visible fct s_orig in
- debug
- "[condition_truth_value] can go in then = %b - can go in else =%b@."
- go_then go_else;
- match go_then, empty_then, go_else, empty_else with
- | _, true, _, true -> (* both blocks empty -> skip *)
- mk_new_stmt s (mk_skip loc)
- | true, false, false, true ->
- (* else empty and always go to then -> block then *)
- mk_new_block keep_stmts s bthen loc
- | false, true, true, false ->
- (* then empty and always go to else -> block else *)
- mk_new_block keep_stmts s belse loc
- | false, false, true, _ ->
- (* always goes in the 'else' branch,
- * but the then branch is not empty : *)
- mk_new_stmt s (If (Cil.zero ~loc, bthen, belse, loc))
- | true, false, false, false ->
- (* always goes in the 'then' branch,
- * but the else branch is not empty :
- *)
- mk_new_stmt s (If (Cil.one ~loc, bthen, belse, loc))
- | true, true, false, false ->
- (* always goes in the 'then' empty branch,
- * but the else branch is not empty :
- * build (if (0) belse else empty.
- *)
- mk_new_stmt s (If (Cil.zero ~loc, belse, bthen, loc))
- | true, false, true, false
- | false, false, false, false ->
- (* if both go_then and go_else are true:
- * can go in both branch but don't depend on cond ?
- * probably unreachable IF with reachable blocks by goto.
- * if both go_else and go_else are false:
- * never goes in any branch ?
- * both branch visible -> dummy condition *)
- mk_new_stmt s (If (Cil.one ~loc, bthen, belse, loc))
- | true, _, true, true
- | false, _, false, true ->
- (* can go in both or no branch (see above) : empty else *)
- mk_new_block keep_stmts s bthen loc
- | true, true, true, _
- | false, true, false, _ ->
- (* can go in both or no branch (see above) : empty then *)
- mk_new_block keep_stmts s belse loc
+ let go_then, go_else = Info.cond_edge_visible fct s_orig in
+ debug
+ "[condition_truth_value] can go in then = %b - can go in else =%b@."
+ go_then go_else;
+ match go_then, empty_then, go_else, empty_else with
+ | _, true, _, true -> (* both blocks empty -> skip *)
+ mk_new_stmt s (mk_skip loc)
+ | true, false, false, true ->
+ (* else empty and always go to then -> block then *)
+ mk_new_block keep_stmts s bthen loc
+ | false, true, true, false ->
+ (* then empty and always go to else -> block else *)
+ mk_new_block keep_stmts s belse loc
+ | false, false, true, _ ->
+ (* always goes in the 'else' branch,
+ * but the then branch is not empty : *)
+ mk_new_stmt s (If (Cil.zero ~loc, bthen, belse, loc))
+ | true, false, false, false ->
+ (* always goes in the 'then' branch,
+ * but the else branch is not empty :
+ *)
+ mk_new_stmt s (If (Cil.one ~loc, bthen, belse, loc))
+ | true, true, false, false ->
+ (* always goes in the 'then' empty branch,
+ * but the else branch is not empty :
+ * build (if (0) belse else empty.
+ *)
+ mk_new_stmt s (If (Cil.zero ~loc, belse, bthen, loc))
+ | true, false, true, false
+ | false, false, false, false ->
+ (* if both go_then and go_else are true:
+ * can go in both branch but don't depend on cond ?
+ * probably unreachable IF with reachable blocks by goto.
+ * if both go_else and go_else are false:
+ * never goes in any branch ?
+ * both branch visible -> dummy condition *)
+ mk_new_stmt s (If (Cil.one ~loc, bthen, belse, loc))
+ | true, _, true, true
+ | false, _, false, true ->
+ (* can go in both or no branch (see above) : empty else *)
+ mk_new_block keep_stmts s bthen loc
+ | true, true, true, _
+ | false, true, false, _ ->
+ (* can go in both or no branch (see above) : empty then *)
+ mk_new_block keep_stmts s belse loc
let visible_lval vars_visible lval =
let visitor = object
@@ -318,13 +318,13 @@ end = struct
in List.fold_right build l []
(** This visitor is to be used to filter a function.
- * It does a deep copy of the source function without the invisible elements.
- * It also change the function declaration and filter the function calls.
- *
- * Many ideas come from [Cil.copyFunctionVisitor] but we were not able to
- * directly inherit from it since some processing would not have worked in our
- * context (like the [sid] computation for instance).
- * *)
+ * It does a deep copy of the source function without the invisible elements.
+ * It also change the function declaration and filter the function calls.
+ *
+ * Many ideas come from [Cil.copyFunctionVisitor] but we were not able to
+ * directly inherit from it since some processing would not have worked in our
+ * context (like the [sid] computation for instance).
+ * *)
class filter_visitor pinfo prj = object(self)
inherit Visitor.generic_frama_c_visitor (Visitor_behavior.copy prj)
@@ -340,19 +340,19 @@ end = struct
val lab_num = ref 0;
val lab_prefix = "break_cont"
- method private fresh_label loc =
+ method private fresh_label loc =
incr lab_num;
let lname = Printf.sprintf "%s_%d" lab_prefix !lab_num in
Label (lname, loc, false)
method private is_our_label label = match label with
- | Label (lname, _, false) ->
- let ok =
- try
- let prefix = String.sub lname 0 (String.length lab_prefix) in
- prefix = lab_prefix
- with Invalid_argument _ -> false
- in ok
- | _ -> false
+ | Label (lname, _, false) ->
+ let ok =
+ try
+ let prefix = String.sub lname 0 (String.length lab_prefix) in
+ prefix = lab_prefix
+ with Invalid_argument _ -> false
+ in ok
+ | _ -> false
method private get_finfo () = Extlib.the fi
@@ -366,7 +366,7 @@ end = struct
if v.vglob
then
try let v' = (Hashtbl.find fun_vars v.vname) in
- Cil.ChangeTo v'
+ Cil.ChangeTo v'
with Not_found ->
Cil.SkipChildren
else Cil.SkipChildren (*copy has already been done by default visitor*)
@@ -394,17 +394,17 @@ end = struct
let formals = filter_params (self#get_finfo ()) formals in
List.map
(fun v ->
- Varinfo.Hashtbl.add local_visible v ();
- let v' = Cil.copyVarinfo v v.vname in
- Visitor_behavior.Set.varinfo self#behavior v v';
- Visitor_behavior.Set_orig.varinfo self#behavior v' v;
- (match v.vlogic_var_assoc, v'.vlogic_var_assoc with
- None, None -> ()
- | Some lv, Some lv' ->
- Visitor_behavior.Set.logic_var self#behavior lv lv';
- Visitor_behavior.Set_orig.logic_var self#behavior lv' lv
- | _ -> assert false (* copy should be faithful *));
- v')
+ Varinfo.Hashtbl.add local_visible v ();
+ let v' = Cil.copyVarinfo v v.vname in
+ Visitor_behavior.Set.varinfo self#behavior v v';
+ Visitor_behavior.Set_orig.varinfo self#behavior v' v;
+ (match v.vlogic_var_assoc, v'.vlogic_var_assoc with
+ None, None -> ()
+ | Some lv, Some lv' ->
+ Visitor_behavior.Set.logic_var self#behavior lv lv';
+ Visitor_behavior.Set_orig.logic_var self#behavior lv' lv
+ | _ -> assert false (* copy should be faithful *));
+ v')
formals
method private filter_locals locals =
@@ -421,15 +421,15 @@ end = struct
Visitor_behavior.Set.varinfo self#behavior var var';
Visitor_behavior.Set_orig.varinfo self#behavior var' var;
(match var.vlogic_var_assoc, var'.vlogic_var_assoc with
- None, None -> ()
- | Some lv, Some lv' ->
- Visitor_behavior.Set.logic_var self#behavior lv lv';
- Visitor_behavior.Set_orig.logic_var self#behavior lv' lv
- | _ -> assert false (* copy should be faithful *));
+ None, None -> ()
+ | Some lv, Some lv' ->
+ Visitor_behavior.Set.logic_var self#behavior lv lv';
+ Visitor_behavior.Set_orig.logic_var self#behavior lv' lv
+ | _ -> assert false (* copy should be faithful *));
var' :: (filter locals)
end else filter locals
in let new_locals = filter locals in
- new_locals
+ new_locals
method! vcode_annot v =
Extlib.may Cil.CurrentLoc.set (Cil_datatype.Code_annotation.loc v);
@@ -495,18 +495,18 @@ end = struct
(* This optim must be performed after the sliced annotations have
been put in the new table. Hence, we must put the action into
the queue.
- *)
+ *)
Queue.add
(fun () ->
- b'.bstmts <-
- List.filter
- (fun st ->
- not (Cil.is_skip st.skind)
- || st.labels <> []
- || Annotations.has_code_annot st
- (*|| ((*Format.eprintf "Skipping %d@.@." st.sid;*) false)*)
- )
- b'.bstmts)
+ b'.bstmts <-
+ List.filter
+ (fun st ->
+ not (Cil.is_skip st.skind)
+ || st.labels <> []
+ || Annotations.has_code_annot st
+ (*|| ((*Format.eprintf "Skipping %d@.@." st.sid;*) false)*)
+ )
+ b'.bstmts)
self#get_filling_actions;
b'
in
@@ -526,7 +526,7 @@ end = struct
Visitor_behavior.Set.stmt self#behavior orig s;
Visitor_behavior.Set_orig.stmt self#behavior s orig;
if keep then self#add_stmt_keep s;
- debug "@[finalize sid:%d->sid:%d@]@\n@." old s.sid
+ debug "@[finalize sid:%d->sid:%d@]@\n@." old s.sid
method private process_invisible_stmt s =
let finfo = self#get_finfo () in
@@ -537,37 +537,37 @@ end = struct
self#change_sid s;
s.skind <- oldskind;
(match s.skind with
- | If (_,bthen,belse,loc) ->
- let bthen = Cil.visitCilBlock (self:>Cil.cilVisitor) bthen in
- let belse = Cil.visitCilBlock (self:>Cil.cilVisitor) belse in
- let s_orig = Visitor_behavior.Get_orig.stmt self#behavior s in
- optim_if finfo keep_stmts s_orig s None bthen belse loc
- | Switch (_exp, body, _, loc) ->
- (* the switch is invisible : it can be translated into a block. *)
- rm_break_cont ~cont:false (self#fresh_label) finfo body;
- let block = Cil.visitCilBlock (self:>Cil.cilVisitor) body in
- (mk_new_block keep_stmts s block loc)
- | Loop (_, body, loc, _lcont, _lbreak) ->
- rm_break_cont (self#fresh_label) finfo body;
- let bloop = Cil.visitCilBlock (self:>Cil.cilVisitor) body in
- mk_new_block keep_stmts s bloop loc
- | Block _ | UnspecifiedSequence _ ->
- assert false (* a block is always visible *)
- | TryFinally _ | TryExcept _ -> assert false (*TODO*)
- | Return (_,l) -> mk_new_stmt s (Return (None,l))
- | Instr (Local_init (v, _, _)) ->
- (* The initialization of the variable is useless (e.g. because it is
- overwritten before being read). Just treat it as uninitialized.
- Note that if the variable itself is invisible, we don't have
- anything to do: it will not appear at all in the function.
- *)
- if Info.loc_var_visible (self#get_finfo()) v then begin
- let v' = Visitor_behavior.Get.varinfo self#behavior v in
- v'.vdefined <- false;
- end;
- mk_new_stmt s (mk_stmt_skip s)
- | _ -> mk_new_stmt s (mk_stmt_skip s));
- debug "@[<hov 10>[process_invisible_stmt] gives sid:%d@ @[%a@]@]@."
+ | If (_,bthen,belse,loc) ->
+ let bthen = Cil.visitCilBlock (self:>Cil.cilVisitor) bthen in
+ let belse = Cil.visitCilBlock (self:>Cil.cilVisitor) belse in
+ let s_orig = Visitor_behavior.Get_orig.stmt self#behavior s in
+ optim_if finfo keep_stmts s_orig s None bthen belse loc
+ | Switch (_exp, body, _, loc) ->
+ (* the switch is invisible : it can be translated into a block. *)
+ rm_break_cont ~cont:false (self#fresh_label) finfo body;
+ let block = Cil.visitCilBlock (self:>Cil.cilVisitor) body in
+ (mk_new_block keep_stmts s block loc)
+ | Loop (_, body, loc, _lcont, _lbreak) ->
+ rm_break_cont (self#fresh_label) finfo body;
+ let bloop = Cil.visitCilBlock (self:>Cil.cilVisitor) body in
+ mk_new_block keep_stmts s bloop loc
+ | Block _ | UnspecifiedSequence _ ->
+ assert false (* a block is always visible *)
+ | TryFinally _ | TryExcept _ -> assert false (*TODO*)
+ | Return (_,l) -> mk_new_stmt s (Return (None,l))
+ | Instr (Local_init (v, _, _)) ->
+ (* The initialization of the variable is useless (e.g. because it is
+ overwritten before being read). Just treat it as uninitialized.
+ Note that if the variable itself is invisible, we don't have
+ anything to do: it will not appear at all in the function.
+ *)
+ if Info.loc_var_visible (self#get_finfo()) v then begin
+ let v' = Visitor_behavior.Get.varinfo self#behavior v in
+ v'.vdefined <- false;
+ end;
+ mk_new_stmt s (mk_stmt_skip s)
+ | _ -> mk_new_stmt s (mk_stmt_skip s));
+ debug "@[<hov 10>[process_invisible_stmt] gives sid:%d@ @[%a@]@]@."
s.sid Printer.pp_stmt s;
s
in
@@ -579,10 +579,10 @@ end = struct
we must remove the local static attr indicating that they in fact
come from a block:
- if the block in which they are in scope disappears completely,
- or if the enclosing function itself disappears
- (making the variable a good candidate to be removed altogether)
+ or if the enclosing function itself disappears
+ (making the variable a good candidate to be removed altogether)
- or if we make multiple copies of the enclosing functions (otherwise,
- we would have multiple syntactic scope for the same variable).
+ we would have multiple syntactic scope for the same variable).
*)
method private remove_local_static_attr v =
let new_v = Visitor_behavior.Get.varinfo self#behavior v in
@@ -592,74 +592,74 @@ end = struct
debug "[process_visible_stmt] does sid:%d@." s.sid;
let finfo = self#get_finfo () in
(match s.skind with
- | Instr (Call (lval, f, args, loc)) ->
- let new_call = self#process_call false s lval f args loc in
- mk_new_stmt s new_call
- | Instr (Local_init(v, ConsInit(f, args, kind), loc)) ->
- let new_call =
- Cil.treat_constructor_as_func
- (self#process_call true s) v f args kind loc
- in
- (match new_call with
- | Instr(Call _) ->
- (* initialization's result was found to be useless. *)
- v.vdefined <- false
- | _ -> ());
- mk_new_stmt s new_call
- | _ -> () (* copy the statement before modifying it *)
- (* mk_new_stmt s [] s.skind *)
+ | Instr (Call (lval, f, args, loc)) ->
+ let new_call = self#process_call false s lval f args loc in
+ mk_new_stmt s new_call
+ | Instr (Local_init(v, ConsInit(f, args, kind), loc)) ->
+ let new_call =
+ Cil.treat_constructor_as_func
+ (self#process_call true s) v f args kind loc
+ in
+ (match new_call with
+ | Instr(Call _) ->
+ (* initialization's result was found to be useless. *)
+ v.vdefined <- false
+ | _ -> ());
+ mk_new_stmt s new_call
+ | _ -> () (* copy the statement before modifying it *)
+ (* mk_new_stmt s [] s.skind *)
);
let do_after s' =
self#change_sid s';
(match s'.skind with
- | If (cond,bthen,belse,loc) ->
- let s_orig = Visitor_behavior.Get_orig.stmt self#behavior s' in
- optim_if finfo keep_stmts s_orig s' (Some cond) bthen belse loc
- | Switch (e,b,c,l) ->
- let c' = List.filter (not $ (can_skip keep_stmts)) c in
- s'.skind <- Switch(e,b,c',l)
- | Block b ->
- let loc = Stmt.loc s' in
- (* must be performed after the optimisation
- of the block itself (see comment in vblock) *)
- Queue.add
- (fun () ->
- if b.bstmts = [] && b.battrs = [] then begin
- List.iter self#remove_local_static_attr b.bstatics;
- s'.skind <- (Instr (Skip loc))
- end)
- self#get_filling_actions
- | UnspecifiedSequence _ ->
- let loc = Stmt.loc s' in
- let visible_stmt =
- let info = self#get_finfo () in
- (fun s -> Info.inst_visible info !s)
- in
- Queue.add
- (fun () ->
- match s'.skind with
- | UnspecifiedSequence l ->
- let res =
- List.filter (fun (s,_,_,_,_) -> not (is_skip s.skind)) l
- in
- let res =
- List.map
- (fun (s,m,w,r,c) ->
- (s,
- List.filter (visible_lval local_visible) m,
- List.filter (visible_lval local_visible) w,
- List.filter (visible_lval local_visible) r,
- List.filter visible_stmt c
+ | If (cond,bthen,belse,loc) ->
+ let s_orig = Visitor_behavior.Get_orig.stmt self#behavior s' in
+ optim_if finfo keep_stmts s_orig s' (Some cond) bthen belse loc
+ | Switch (e,b,c,l) ->
+ let c' = List.filter (not $ (can_skip keep_stmts)) c in
+ s'.skind <- Switch(e,b,c',l)
+ | Block b ->
+ let loc = Stmt.loc s' in
+ (* must be performed after the optimisation
+ of the block itself (see comment in vblock) *)
+ Queue.add
+ (fun () ->
+ if b.bstmts = [] && b.battrs = [] then begin
+ List.iter self#remove_local_static_attr b.bstatics;
+ s'.skind <- (Instr (Skip loc))
+ end)
+ self#get_filling_actions
+ | UnspecifiedSequence _ ->
+ let loc = Stmt.loc s' in
+ let visible_stmt =
+ let info = self#get_finfo () in
+ (fun s -> Info.inst_visible info !s)
+ in
+ Queue.add
+ (fun () ->
+ match s'.skind with
+ | UnspecifiedSequence l ->
+ let res =
+ List.filter (fun (s,_,_,_,_) -> not (is_skip s.skind)) l
+ in
+ let res =
+ List.map
+ (fun (s,m,w,r,c) ->
+ (s,
+ List.filter (visible_lval local_visible) m,
+ List.filter (visible_lval local_visible) w,
+ List.filter (visible_lval local_visible) r,
+ List.filter visible_stmt c
+ )
)
- )
- res
- in
- (match res with
- [] -> s'.skind <- (Instr (Skip loc))
- | _ -> s'.skind <- UnspecifiedSequence res)
- | _ -> ())
- self#get_filling_actions
- | _ -> ());
+ res
+ in
+ (match res with
+ [] -> s'.skind <- (Instr (Skip loc))
+ | _ -> s'.skind <- UnspecifiedSequence res)
+ | _ -> ())
+ self#get_filling_actions
+ | _ -> ());
debug "@[<hov 10>[process_visible_stmt] gives sid:%d@ @[%a@]@]@."
s'.sid Printer.pp_stmt s';
s'
@@ -672,7 +672,7 @@ end = struct
| [] -> []
| l :: labs ->
let keep = Info.label_visible finfo s l || self#is_our_label l in
- debug "[filter_labels] %svisible %a@."
+ debug "[filter_labels] %svisible %a@."
(if keep then "" else "in") Printer.pp_label l;
if keep then l::(filter_labels labs) else filter_labels labs
in
@@ -708,7 +708,7 @@ end = struct
keep_stmts <- Stmt.Set.empty;
Varinfo.Hashtbl.clear local_visible;
Varinfo.Hashtbl.add spec_table f.svar
- (visitCilFunspec (self:>Cil.cilVisitor)
+ (visitCilFunspec (self:>Cil.cilVisitor)
(Annotations.funspec ~populate:false (Extlib.the self#current_kf)));
SkipChildren
@@ -740,29 +740,29 @@ end = struct
let ensure_visible (_,p) = Info.fun_postcond_visible finfo p.ip_content in
b.b_post_cond <-
filter_list ensure_visible (fun (k,p) -> k,self#visit_pred p)
- b.b_post_cond;
+ b.b_post_cond;
let allocates_visible a = Info.fun_allocates_visible finfo a in
let frees_visible a = Info.fun_frees_visible finfo a in
(match b.b_allocation with
- FreeAllocAny -> ()
- | FreeAlloc(f,a) ->
- try
- let frees = filter_list frees_visible self#visit_identified_term f in
- let allocates = filter_list allocates_visible self#visit_identified_term a in
- b.b_allocation <- FreeAlloc (frees, allocates)
- with Info.EraseAllocation -> b.b_allocation <- FreeAllocAny
+ FreeAllocAny -> ()
+ | FreeAlloc(f,a) ->
+ try
+ let frees = filter_list frees_visible self#visit_identified_term f in
+ let allocates = filter_list allocates_visible self#visit_identified_term a in
+ b.b_allocation <- FreeAlloc (frees, allocates)
+ with Info.EraseAllocation -> b.b_allocation <- FreeAllocAny
);
let from_visible a = Info.fun_assign_visible finfo a in
let from_visit a = visitCilFrom (self:>Cil.cilVisitor) a in
(match b.b_assigns with
- WritesAny -> ()
- | Writes l ->
- try
- let assigns = filter_list from_visible from_visit l in
- b.b_assigns <- Writes assigns
- with Info.EraseAssigns -> b.b_assigns <- WritesAny
+ WritesAny -> ()
+ | Writes l ->
+ try
+ let assigns = filter_list from_visible from_visit l in
+ b.b_assigns <- Writes assigns
+ with Info.EraseAssigns -> b.b_assigns <- WritesAny
);
SkipChildren (* see the warning on [SkipChildren] in [vspec] ! *)
@@ -779,7 +779,7 @@ end = struct
| Some (t,n) -> if Info.fun_variant_visible finfo t
then Some (visitCilTerm (self:>Cil.cilVisitor) t, n)
else None
- in
+ in
spec.spec_variant <- new_variant ;
let new_term = match spec.spec_terminates with
@@ -797,78 +797,77 @@ end = struct
has been visited above.
we need to put links to the appropriate copies of
variables (both pure C and logical ones)
- *)
+ *)
- method private build_proto finfo loc =
+ method private build_proto is_first finfo loc =
let kf = Extlib.the self#current_kf in
fi <- Some finfo;
let new_var = ff_var fun_vars kf finfo in
(* we're building a prototype. *)
if not (Varinfo.Hashtbl.mem fi_table new_var) then begin
- new_var.vdefined <- false;
- let new_kf = make_new_kf my_kf kf new_var in
- Varinfo.Hashtbl.add fi_table new_var finfo;
- debug "@[[build_cil_proto] -> %s@\n@]@." new_var.vname;
- let action =
- let (rt,args,va,attrs) = Cil.splitFunctionType new_var.vtype in
- (match args with
- | None -> ()
- | Some args ->
- let old_formals = Kernel_function.get_formals kf in
- let old_formals = filter_params finfo old_formals in
- let args = filter_params finfo args in
- let mytype = TFun(rt,Some args,va,attrs) in
- let new_formals = List.map makeFormalsVarDecl args in
- self#add_formals_bindings new_var new_formals;
- new_var.vtype <- mytype;
- List.iter2
- (fun x y ->
- Visitor_behavior.Set.varinfo self#behavior x y;
- Visitor_behavior.Set_orig.varinfo self#behavior y x;
- match x.vlogic_var_assoc with
- None -> ();
- | Some lv ->
- let lv' = Cil.cvar_to_lvar y in
- Visitor_behavior.Set.logic_var self#behavior lv lv';
- Visitor_behavior.Set_orig.logic_var self#behavior lv' lv)
- old_formals
- new_formals;
- (* adds the new parameters to the formals decl table *)
- Queue.add
- (fun () -> Cil.unsafeSetFormalsDecl new_var new_formals)
- self#get_filling_actions);
- let res =
- Cil.visitCilFunspec (self :> Cil.cilVisitor)
- (Annotations.funspec ~populate:false kf)
+ new_var.vdefined <- false;
+ let new_kf = make_new_kf my_kf kf new_var in
+ Varinfo.Hashtbl.add fi_table new_var finfo;
+ debug "@[[build_cil_proto] -> %s@\n@]@." new_var.vname;
+ let action =
+ let (rt,args,va,attrs) = Cil.splitFunctionType new_var.vtype in
+ (match args with
+ | None -> ()
+ | Some args ->
+ let old_formals = Kernel_function.get_formals kf in
+ let old_formals = filter_params finfo old_formals in
+ let args = filter_params finfo args in
+ let mytype = TFun(rt,Some args,va,attrs) in
+ let new_formals = List.map makeFormalsVarDecl args in
+ self#add_formals_bindings new_var new_formals;
+ Cil.update_var_type new_var mytype;
+ List.iter2
+ (fun x y ->
+ Visitor_behavior.Set.varinfo self#behavior x y;
+ Visitor_behavior.Set_orig.varinfo self#behavior y x;
+ match x.vlogic_var_assoc with
+ None -> ();
+ | Some lv ->
+ let lv' = Cil.cvar_to_lvar y in
+ Visitor_behavior.Set.logic_var self#behavior lv lv';
+ Visitor_behavior.Set_orig.logic_var self#behavior lv' lv)
+ old_formals
+ new_formals;
+ (* adds the new parameters to the formals decl table *)
+ Queue.add
+ (fun () -> Cil.unsafeSetFormalsDecl new_var new_formals)
+ self#get_filling_actions);
+ let res =
+ Cil.visitCilFunspec (self :> Cil.cilVisitor)
+ (Annotations.funspec ~populate:false kf)
+ in
+ let action () =
+ (* Replace the funspec copied by the default visitor, as
+ varinfo of formals would not be taken into account correctly
+ otherwise: everything would be mapped to the last set of
+ formals... *)
+ Queue.add
+ (fun () ->
+ new_kf.spec <- res;
+ Annotations.register_funspec ~force:true new_kf)
+ self#get_filling_actions
+ in
+ action
in
- let action () =
- (* Replace the funspec copied by the default visitor, as
- varinfo of formals would not be taken into account correctly
- otherwise: everything would be mapped to the last set of
- formals... *)
- Queue.add
- (fun () ->
- new_kf.spec <- res;
- Annotations.register_funspec ~force:true new_kf)
- self#get_filling_actions
- in
- action
- in
- let orig_var = Ast_info.Function.get_vi kf.fundec in
- (* The first copy is also the default one for varinfo that are not handled
- by ff_var but directly by the visitor *)
- if (Visitor_behavior.Get.varinfo self#behavior orig_var) == orig_var then
- Visitor_behavior.Set.varinfo self#behavior orig_var new_var;
- (* Set the new_var as an already known one, coming from the vi associated
- to the current kf.
- *)
- Visitor_behavior.Set.varinfo self#behavior new_var new_var;
- Visitor_behavior.Set_orig.varinfo self#behavior new_var orig_var;
- Visitor_behavior.Set.kernel_function self#behavior kf new_kf;
- Visitor_behavior.Set_orig.kernel_function self#behavior new_kf kf;
- Queue.add
- (fun () -> Globals.Functions.register new_kf) self#get_filling_actions;
- GFunDecl (Cil.empty_funspec(), new_var, loc), action
+ let orig_var = Ast_info.Function.get_vi kf.fundec in
+ (* The first copy is also the default one for varinfo
+ that are not handled by ff_var but directly by the visitor *)
+ if is_first then
+ Visitor_behavior.Set.varinfo self#behavior orig_var new_var;
+ (* Set the new_var as an already known one,
+ coming from the vi associated to the current kf. *)
+ Visitor_behavior.Set.varinfo self#behavior new_var new_var;
+ Visitor_behavior.Set_orig.varinfo self#behavior new_var orig_var;
+ Visitor_behavior.Set.kernel_function self#behavior kf new_kf;
+ Visitor_behavior.Set_orig.kernel_function self#behavior new_kf kf;
+ Queue.add
+ (fun () -> Globals.Functions.register new_kf) self#get_filling_actions;
+ GFunDecl (Cil.empty_funspec(), new_var, loc), action
end else begin
let old_finfo = Varinfo.Hashtbl.find fi_table new_var in
if not (finfo = old_finfo) then
@@ -885,8 +884,15 @@ end = struct
debug "@[[compute_fct_prototypes] for %a (x%d)@\n@]@."
Kernel_function.pretty (Extlib.the self#current_kf)
(List.length finfo_list);
- let build_cil_proto finfo = self#build_proto finfo loc
- in List.map build_cil_proto finfo_list
+ let build_cil_proto is_first finfo =
+ self#build_proto is_first finfo loc
+ in
+ match finfo_list with
+ | [] -> []
+ | hd :: tl ->
+ let hd = build_cil_proto true hd in
+ let tl = List.map (build_cil_proto false) tl in
+ hd :: tl
method private compute_fct_definitions f loc =
let fvar = f.Cil_types.svar in
@@ -894,9 +900,9 @@ end = struct
let finfo_list = Info.fct_info pinfo kf in
debug "@[[compute_fct_definitions] for %a (x%d)@\n@]@."
Kernel_function.pretty kf (List.length finfo_list);
- let do_f finfo =
+ let do_f is_first finfo =
if not (Info.body_visible finfo) then
- self#build_proto finfo loc
+ self#build_proto is_first finfo loc
else begin
let new_fct_var = ff_var fun_vars kf finfo in
new_fct_var.vdefined <- true;
@@ -917,25 +923,30 @@ end = struct
let action () =
Queue.add
(fun () ->
- new_kf.spec <- Varinfo.Hashtbl.find spec_table new_fct_var;
- Annotations.register_funspec ~force:true new_kf)
+ new_kf.spec <- Varinfo.Hashtbl.find spec_table new_fct_var;
+ Annotations.register_funspec ~force:true new_kf)
self#get_filling_actions
in let f = Kernel_function.get_definition new_kf in
(* [JS 2009/03/23] do not call self#vfunc in the assertion;
otherwise does not work whenever frama-c is compiled with
-no-assert *)
- let res = self#vfunc f in
- assert (res = SkipChildren);
+ let res = self#vfunc f in
+ assert (res = SkipChildren);
(* if this ever changes, we must do some work. *)
- GFun (f,loc), action
+ GFun (f,loc), action
end
in
(match List.filter Info.body_visible finfo_list with
- | [ _ ] -> ()
- | [] | _ :: _ :: _ ->
- let vars = static_from_kf kf in
- List.iter self#remove_local_static_attr vars);
- List.map do_f finfo_list
+ | [ _ ] -> ()
+ | [] | _ :: _ :: _ ->
+ let vars = static_from_kf kf in
+ List.iter self#remove_local_static_attr vars);
+ match finfo_list with
+ | [] -> []
+ | hd :: tl ->
+ let hd = do_f true hd in
+ let tl = List.map (do_f false) tl in
+ hd :: tl
method! vglob_aux g =
let post action g =
diff --git a/src/kernel_services/ast_transformations/filter.mli b/src/kernel_services/ast_transformations/filter.mli
index dc0616c892ecbcb7496e127abfb02f593280fb9b..e41f394b6ead0e27c25cc3211698a586dc6e17ff 100644
--- a/src/kernel_services/ast_transformations/filter.mli
+++ b/src/kernel_services/ast_transformations/filter.mli
@@ -33,13 +33,13 @@ module type RemoveInfo = sig
(** exception that fun_assign_visible should raise to indicate that
the corresponding assigns clause should be erased entirely
- *)
+ *)
exception EraseAssigns
- (** exception that fun_frees_visible or fun_allocates_visible should
- raise to indicate that the corresponding allocation clause should
+ (** exception that fun_frees_visible or fun_allocates_visible should
+ raise to indicate that the corresponding allocation clause should
be erased entirely
- *)
+ *)
exception EraseAllocation
(** some type for the whole project information *)
@@ -49,22 +49,22 @@ module type RemoveInfo = sig
type fct
(** This function will be called for each function of the source program.
- * A new function will be created for each element of the returned list.
+ * A new function will be created for each element of the returned list.
*)
val fct_info : proj -> kernel_function -> fct list
(** useful when we want to have several functions in the result for one
- * source function. If it is not the case, you can return [varinfo.vname].
- * It is the responsibility of the user to given different names to different
- * function. *)
+ * source function. If it is not the case, you can return [varinfo.vname].
+ * It is the responsibility of the user to given different names to different
+ * function. *)
val fct_name : varinfo -> fct -> string
(** tells if the n-th formal parameter is visible. *)
val param_visible : fct -> int -> bool
(** tells if the body of a function definition is visible.
- * True is most cases, but can be defined to be false when we want to export
- * only the declaration of a function instead of its definition *)
+ * True is most cases, but can be defined to be false when we want to export
+ * only the declaration of a function instead of its definition *)
val body_visible : fct -> bool
(** tells if the local variable is visible. *)
@@ -87,35 +87,35 @@ module type RemoveInfo = sig
val fun_allocates_visible : fct -> identified_term -> bool
val fun_assign_visible : fct -> from -> bool
- (** true if the assigned value (first component of the from) is visible
- @raise EraseAssigns to indicate that the corresponding assigns clause
- should be erased entirely (i.e. assigns everything. If it were to
- just return false to all elements, this would result in assigns \nothing
- *)
+ (** true if the assigned value (first component of the from) is visible
+ @raise EraseAssigns to indicate that the corresponding assigns clause
+ should be erased entirely (i.e. assigns everything. If it were to
+ just return false to all elements, this would result in assigns \nothing
+ *)
val fun_deps_visible : fct -> identified_term -> bool
- (** true if the corresponding functional dependency is visible. *)
+ (** true if the corresponding functional dependency is visible. *)
(** [called_info] will be called only if the call statement is visible.
- * If it returns [None], the source call will be visible,
- * else it will use the returned [fct] to know if the return value and the
- * arguments are visible.
- * The input [fct] parameter is the one of the caller function.
- * *)
+ * If it returns [None], the source call will be visible,
+ * else it will use the returned [fct] to know if the return value and the
+ * arguments are visible.
+ * The input [fct] parameter is the one of the caller function.
+ * *)
val called_info : proj * fct -> stmt ->
- (kernel_function * fct) option
+ (kernel_function * fct) option
(** tells if the lvalue of the call has to be visible *)
val res_call_visible : fct -> stmt -> bool
(** tells if the function returns something or if the result is [void].
- * Notice that if this function returns [true] the function will have the same
- * return type than the original function. So, if it was already [void], it
- * makes no difference if this function returns true or false.
- *
- * - For a defined function, this should give the same result than
- * [inst_visible fct_info (Kernel_function.find_return kf)].
- * - [res_call_visible] must return [false]
- * if [result_visible] returns false on the called function.
+ * Notice that if this function returns [true] the function will have the same
+ * return type than the original function. So, if it was already [void], it
+ * makes no difference if this function returns true or false.
+ *
+ * - For a defined function, this should give the same result than
+ * [inst_visible fct_info (Kernel_function.find_return kf)].
+ * - [res_call_visible] must return [false]
+ * if [result_visible] returns false on the called function.
*)
val result_visible : kernel_function -> fct -> bool
@@ -128,7 +128,7 @@ module type RemoveInfo = sig
end
(** Given a module that match the module type described above,
-* [F.build_cil_file] initializes a new project containing the slices
+ * [F.build_cil_file] initializes a new project containing the slices
*)
module F (Info : RemoveInfo) : sig
diff --git a/src/kernel_services/ast_transformations/inline.ml b/src/kernel_services/ast_transformations/inline.ml
index 5cdbfc0f1e2ce52638d2a875594fc5b184183d98..36adae8427fe37790298e9a576b3e4847eaba0a6 100644
--- a/src/kernel_services/ast_transformations/inline.ml
+++ b/src/kernel_services/ast_transformations/inline.ml
@@ -96,7 +96,7 @@ let inline_call loc caller callee return args =
method! vterm_lval (host,offset) =
match host, return with
| TResult _, Some lv ->
- let tlv = Logic_utils.lval_to_term_lval ~cast:false lv in
+ let tlv = Logic_utils.lval_to_term_lval lv in
let offset = Visitor.visitFramacTermOffset self offset in
Cil.ChangeToPost
(Logic_const.addTermOffsetLval offset tlv, Extlib.id)
@@ -248,7 +248,8 @@ let inliner functions_to_inline = object (self)
(* Inlining will prevent r to be syntactically seen as initialized
or const: *)
r.vdefined <- false;
- r.vtype <- Cil.typeRemoveAttributes ["const"] r.vtype;
+ Cil.update_var_type
+ r (Cil.typeRemoveAttributes ["const"] r.vtype);
false, None, (Cil.mkAddrOf loc (Cil.var r)) :: args
| Some _, _ ->
Kernel.fatal "Attempt to initialize an inexistent varinfo"
diff --git a/src/kernel_services/cmdline_parameters/parameter_builder.ml b/src/kernel_services/cmdline_parameters/parameter_builder.ml
index 74ab79bec5a85eca6ed379d42c920b271409b659..3d6cefa192d4fa5f37a279ff9591af2a2ee5f606 100644
--- a/src/kernel_services/cmdline_parameters/parameter_builder.ml
+++ b/src/kernel_services/cmdline_parameters/parameter_builder.ml
@@ -1577,31 +1577,37 @@ struct
Text in the value returned by full_split *)
assert false
in
+ let apply_to_previous_pairing k f =
+ let keys = k_of_singleton_string k in
+ let key = ref None in
+ let prev =
+ try
+ K.Set.iter
+ (fun k ->
+ key := Some k;
+ (* choose any previous value, whatever it is:
+ don't know which clear semantics one would like *)
+ try raise (Found (!find_ref k)) with Not_found -> ())
+ keys;
+ None
+ with Found v ->
+ Some v
+ in
+ match !key with
+ | None -> K.Set.empty, []
+ | Some key -> keys, f ~key ~prev
+ in
+ let get_pairing k v l =
+ apply_to_previous_pairing k (parse_values k [] v l)
+ in
fun s ->
let (keys, values) =
- let get_pairing k v l =
- let keys = k_of_singleton_string k in
- let key = ref None in
- let prev =
- try
- K.Set.iter
- (fun k ->
- key := Some k;
- (* choose any previous value, whatever it is:
- don't know which clear semantics one would like *)
- try raise (Found (!find_ref k)) with Not_found -> ())
- keys;
- None
- with Found v ->
- Some v
- in
- match !key with
- | None -> K.Set.empty, []
- | Some key -> keys, parse_values ~key k ~prev [] v l
- in
match Str.full_split r s with
| [] -> cannot_build ("cannot interpret '" ^ s ^ "'")
- | [Str.Text t] -> k_of_singleton_string t, []
+ | [Str.Text t] ->
+ apply_to_previous_pairing t
+ (fun ~key ~prev ->
+ remove_none_and_rev [of_val ~key t ~prev None])
| Str.Delim d :: l ->
let (f,s) = split_delim d in
get_pairing f s l
diff --git a/src/kernel_services/cmdline_parameters/parameter_sig.mli b/src/kernel_services/cmdline_parameters/parameter_sig.mli
index 060ea5842489ddacd0c62b317e5f6ad4852c9880..9ab4f1cca7e940a4f2b0cc4ca127f70c19a78f68 100644
--- a/src/kernel_services/cmdline_parameters/parameter_sig.mli
+++ b/src/kernel_services/cmdline_parameters/parameter_sig.mli
@@ -295,33 +295,38 @@ module type Filepath = S with type t = Filepath.Normalized.t
(** signature for searching files in a specific directory. *)
module type Specific_dir = sig
- exception No_dir
+ val set: Filepath.Normalized.t -> unit
+ (** Sets the plugin <specific-dir> directory (without creating it). *)
- val force_dir: bool
- (** For functions below: if [force_dir] is true: if [error] is [false], then
- creates the directory if it does not exist (or raises No_dir if the
- directory cannot be created). Otherwise ([force_dir =
- false]), raise No_dir if [error] is [false].
- @since Neon-20140301 *)
-
- val dir: ?error:bool -> unit -> Filepath.Normalized.t
- (** [dir ~error ()] returns the specific directory name, if
- any. Otherwise, Frama-C halts on an user error if [error] or if the
- behavior depends on [force_dir]. Default of [error] is [true].
- @raise No_dir if there is no share directory for this plug-in and [not
- error] and [not force_dir]. *)
-
- val file: ?error:bool -> string -> Filepath.Normalized.t
- (** [file basename] returns the complete filename of a file stored in [dir
- ()]. If there is no such directory, Frama-C halts on an user error if
- [error] or if the behavior depends on [force_dir]. Default of [error] is
- [true].
- @raise No_dir if there is no share directory for this plug-in and [not
- error] and [not force_dir]. *)
-
- module Dir_name: Filepath
- (** Option [-<short-name>-<specific-dir>]. *)
+ val get: unit -> Filepath.Normalized.t
+ (** @return the plugin <specific-dir> directory (without creating it). *)
+ val is_set: unit -> bool
+ (** @return whether the plugin <specific-dir> has been set. *)
+
+ val get_dir:
+ ?mode:[`Normalize_only | `Create_path | `Must_exist ] ->
+ string ->
+ Filepath.Normalized.t
+ (** [get_dir ?mode p] returns a (local) path [p], i.e. relative to the plugin
+ <specific-dir> directory, of a sub-directory of the plugin <specific-dir>
+ directory.
+ @param mode determines how to handle the resulting path:
+ + [Normalize_only] just normalizes the resulting path (default).
+ + [Create_path] creates the resulting path, if does not exist.
+ + [Must_exist] aborts if the resulting path does not exist. *)
+
+ val get_file:
+ ?mode:[`Normalize_only | `Create_path | `Must_exist ] ->
+ string ->
+ Filepath.Normalized.t
+ (** [get_file ?mode p] returns a (local) path [p], i.e. relative to the
+ plugin <specific-dir> directory, of a file in the plugin <specific-dir>
+ directory.
+ @param mode determines how to handle the resulting path:
+ + [Normalize_only] just normalizes the resulting path (default).
+ + [Create_path] creates the dirname of resulting path, if does not exist.
+ + [Must_exist] aborts if the resulting path does not exist. *)
end
(* ************************************************************************** *)
diff --git a/src/kernel_services/parsetree/logic_ptree.mli b/src/kernel_services/parsetree/logic_ptree.mli
index 30364e00fa181dc989a779455f5a49f82e3d2077..adde2634144cb07084ca310b5ea944ea7ed119c8 100644
--- a/src/kernel_services/parsetree/logic_ptree.mli
+++ b/src/kernel_services/parsetree/logic_ptree.mli
@@ -132,6 +132,7 @@ and lexpr_node =
expression. *)
| PLvalid of string option * lexpr (** pointer is valid. *)
| PLvalid_read of string option * lexpr (** pointer is valid for reading. *)
+ | PLobject_pointer of string option * lexpr (** object pointer can be created. *)
| PLvalid_function of lexpr (** function pointer is compatible with pointed type. *)
| PLallocable of string option * lexpr (** pointer is valid for malloc. *)
| PLfreeable of string option * lexpr (** pointer is valid for free. *)
diff --git a/src/kernel_services/plugin_entry_points/db.ml b/src/kernel_services/plugin_entry_points/db.ml
index e5ea4748e6b3950a654a49ab29c868d7d79db2c9..9d0a42e6ebda2f54c326da5882d51ae0154901ce 100644
--- a/src/kernel_services/plugin_entry_points/db.ml
+++ b/src/kernel_services/plugin_entry_points/db.ml
@@ -1018,8 +1018,10 @@ module RteGen = struct
let get_pointerCall_status = mk_fun "RteGen.get_pointerCall_status"
let get_unsignedOv_status = mk_fun "RteGen.get_unsignedOv_status"
let get_unsignedDownCast_status = mk_fun "RteGen.get_unsignedDownCast_status"
+ let get_pointer_downcast_status = mk_fun "RteGen.get_pointer_downcast_status"
let get_float_to_int_status = mk_fun "RteGen.get_float_to_int_status"
let get_finite_float_status = mk_fun "RteGen.get_finite_float_status"
+ let get_pointer_value_status = mk_fun "RteGen.get_pointer_value_status"
let get_bool_value_status = mk_fun "RteGen.get_bool_value_status"
end
diff --git a/src/kernel_services/plugin_entry_points/db.mli b/src/kernel_services/plugin_entry_points/db.mli
index 565c20806a04f78a636ff9dca8a062f9e6af3b87..43b89f26ecf759389eb744dbe06b00e7a871b97f 100644
--- a/src/kernel_services/plugin_entry_points/db.mli
+++ b/src/kernel_services/plugin_entry_points/db.mli
@@ -900,8 +900,10 @@ module RteGen : sig
val get_signed_downCast_status : (unit -> status_accessor) ref
val get_unsignedOv_status : (unit -> status_accessor) ref
val get_unsignedDownCast_status : (unit -> status_accessor) ref
+ val get_pointer_downcast_status : (unit -> status_accessor) ref
val get_float_to_int_status : (unit -> status_accessor) ref
val get_finite_float_status : (unit -> status_accessor) ref
+ val get_pointer_value_status : (unit -> status_accessor) ref
val get_bool_value_status : (unit -> status_accessor) ref
end
diff --git a/src/kernel_services/plugin_entry_points/journal.ml b/src/kernel_services/plugin_entry_points/journal.ml
index 52a50fb59f9411d409163dca940bdaaca5d2a8ae..9294d088ba416ff36858c5a21e8ca47ee4ffc9a8 100644
--- a/src/kernel_services/plugin_entry_points/journal.ml
+++ b/src/kernel_services/plugin_entry_points/journal.ml
@@ -113,9 +113,11 @@ let now () = Unix.localtime (Unix.time ())
let default_filename = "frama_c_journal.ml"
let filename = ref default_filename
let get_session_file = ref (fun _ -> assert false)
-let get_name () =
+let get_name () =
let f = !filename in
- if f == default_filename then !get_session_file f else f
+ if f == default_filename
+ then !get_session_file f
+ else Datatype.Filepath.of_string f
let set_name s = filename := s
@@ -136,11 +138,12 @@ let print_header fmt =
"(* Run the user commands *)@;@[<hv 2>let run () =@;@[<hv 0>"
let print_trailer fmt =
+ let name = Format.asprintf "%a" Datatype.Filepath.pretty (get_name ()) in
Format.fprintf fmt "@[(* Main *)@]@\n";
Format.fprintf fmt "@[<hv 2>let main () =@;";
Format.fprintf fmt
"@[<hv 0>@[<hv 2>Journal.keep_file@;\"%s\";@]@;"
- (get_name ());
+ name;
Format.fprintf fmt "try run ()@;";
Format.fprintf fmt "@[<v>with@;@[<hv 2>| Unreachable ->@ ";
Format.fprintf fmt
@@ -155,7 +158,7 @@ let print_trailer fmt =
Format.fprintf fmt "@[(* Registering *)@]@\n";
Format.fprintf fmt
"@[<hv 2>let main : unit -> unit =@;@[<hv 2>Dynamic.register@;~plugin:%S@;\"main\"@;"
- (String.capitalize_ascii (Filename.basename (get_name ())));
+ (String.capitalize_ascii (Filename.basename name));
Format.fprintf fmt
"@[<hv 2>(Datatype.func@;Datatype.unit@;Datatype.unit)@]@;";
Format.fprintf fmt "~journalize:false@;main@]@]@\n@\n";
@@ -173,7 +176,7 @@ let keep_file s = preserved_files := s :: !preserved_files
let get_filename =
let cpt = ref 0 in
let rec get_filename first =
- let name = get_name () in
+ let name = Format.asprintf "%a" Datatype.Filepath.pretty (get_name ()) in
if (not first && Sys.file_exists name) || List.mem name !preserved_files
then begin
incr cpt;
diff --git a/src/kernel_services/plugin_entry_points/journal.mli b/src/kernel_services/plugin_entry_points/journal.mli
index 33573824a5cf99e7ec2bdc783c4137723cd81a3a..82d2b8d6529890d0d9baa8a23ece895a8fdee601 100644
--- a/src/kernel_services/plugin_entry_points/journal.mli
+++ b/src/kernel_services/plugin_entry_points/journal.mli
@@ -83,7 +83,7 @@ end
(** {2 Journal management} *)
(* ****************************************************************************)
-val get_name: unit -> string
+val get_name: unit -> Datatype.Filepath.t
(** @return the filename which the journal will be written into. *)
val set_name: string -> unit
@@ -110,7 +110,7 @@ val keep_file: string -> unit
(** This function has not to be used explicitly. Only offers functions
retrieving when running a journal file. *)
-val get_session_file: (string -> string) ref
+val get_session_file: (string -> Datatype.Filepath.t) ref
(*
Local Variables:
diff --git a/src/kernel_services/plugin_entry_points/kernel.ml b/src/kernel_services/plugin_entry_points/kernel.ml
index 4dca12b991c27963dddde65a1dce642c4c9e3016..41bde48cfc510df064794f528fca305d8401fee9 100644
--- a/src/kernel_services/plugin_entry_points/kernel.ml
+++ b/src/kernel_services/plugin_entry_points/kernel.ml
@@ -837,9 +837,9 @@ module Journal = struct
let default =
let dir =
(* duplicate code from Plugin.Session *)
- if Session.Dir_name.is_set ()
+ if Session.is_set ()
then
- (Session.Dir_name.get () :> string)
+ (Session.get () :> string)
else
try Sys.getenv "FRAMAC_SESSION"
with Not_found -> "./.frama-c"
@@ -1440,6 +1440,17 @@ module UnsignedDowncast =
destination range"
end)
+(* Pointer downcasts are undefined behaviors. *)
+let () = Parameter_customize.set_group analysis_options
+let () = Parameter_customize.do_not_reset_on_copy ()
+module PointerDowncast =
+ True
+ (struct
+ let module_name = "PointerDowncast"
+ let option_name = "-warn-pointer-downcast"
+ let help = "generate alarms when a pointer is converted into an integer \
+ but may not be in the range of the destination type."
+ end)
(* Not finite floats are ok, but might not always be a behavior the programmer
wants. *)
@@ -1468,6 +1479,15 @@ module InvalidBool =
_Bool lvalues."
end)
+let () = Parameter_customize.set_group analysis_options
+let () = Parameter_customize.do_not_reset_on_copy ()
+module InvalidPointer =
+ False
+ (struct
+ let module_name = "InvalidPointer"
+ let option_name = "-warn-invalid-pointer"
+ let help = "generate alarms when invalid pointers are created."
+ end)
(* ************************************************************************* *)
(** {2 Sequencing options} *)
diff --git a/src/kernel_services/plugin_entry_points/kernel.mli b/src/kernel_services/plugin_entry_points/kernel.mli
index 87ffd853c1c5593cfb4b3ae4153ea6f521e000f2..b641349af400fa143333b0491f449b498b1b5b0a 100644
--- a/src/kernel_services/plugin_entry_points/kernel.mli
+++ b/src/kernel_services/plugin_entry_points/kernel.mli
@@ -540,12 +540,18 @@ module SignedDowncast: Parameter_sig.Bool
module UnsignedDowncast: Parameter_sig.Bool
(** Behavior of option "-warn-unsigned-downcast" *)
+module PointerDowncast: Parameter_sig.Bool
+(** Behavior of option "-warn-pointer-downcast" *)
+
module SpecialFloat: Parameter_sig.String
(** Behavior of option "-warn-special-float" *)
module InvalidBool: Parameter_sig.Bool
(** Behavior of option "-warn-invalid-bool" *)
+module InvalidPointer: Parameter_sig.Bool
+(** Behavior of option "-warn-invalid-pointer" *)
+
module AbsoluteValidRange: Parameter_sig.String
(** Behavior of option "-absolute-valid-range" *)
diff --git a/src/kernel_services/plugin_entry_points/plugin.ml b/src/kernel_services/plugin_entry_points/plugin.ml
index 667d8aeef6ee4b8acc24dc3a74e37ea632197395..40e1c3b169904a21ea2f915e39222f25c8ce7b56 100644
--- a/src/kernel_services/plugin_entry_points/plugin.ml
+++ b/src/kernel_services/plugin_entry_points/plugin.ml
@@ -299,13 +299,11 @@ struct
(D: sig
val dirs: unit -> string list
val visible_ref: bool
- val force_dir: bool
end)
=
struct
let is_visible = D.visible_ref
- let force_dir = D.force_dir
let is_kernel = is_kernel () (* the side effect must be applied right now *)
let () =
@@ -323,65 +321,111 @@ struct
let file_kind = ""
end)
- exception No_dir
-
let mk_dir d =
try
Extlib.mkdir ~parents:true d 0o755;
L.warning "creating %s directory `%s'" O.option_name d;
d
with Unix.Unix_error _ ->
- L.warning "cannot create %s directory `%s'" O.option_name d;
- raise No_dir
-
- let rec get_and_check_dirs error = function
- | [] ->
- raise No_dir
- | d::l ->
- if (try Sys.is_directory d with Sys_error _ -> false) then d
- else
- get_and_check_dirs error l
-
- let get_and_check_dirs ?(error=true) = function
- | [] ->
- if error then
- L.abort "no %s directories to look into" O.option_name
- else
- raise No_dir
- | (first::_) as l ->
- try
- get_and_check_dirs error l
- with
- | No_dir when error ->
- L.abort "no %s directory for plug-in `%s' among %a"
- O.option_name
- P.name
- Pretty_utils.(pp_list ~sep:",@ " Format.pp_print_string) l
- | No_dir when force_dir ->
- (* create the parent, if it does not exist *)
- let p = Filename.dirname first in
- if not (try Sys.is_directory p with Sys_error _ -> false) then
- ignore (mk_dir p);
- mk_dir first
-
- let dir ?error () =
- (* get the specified dir if any *)
- let d = if is_visible then (Dir_name.get () :> string) else empty_string in
- let dirs =
- if d = empty_string
+ L.abort "cannot create %s directory `%s'" O.option_name d
+
+ let set filepath = Dir_name.set filepath
+ let get () = Dir_name.get ()
+ let is_set () = Dir_name.is_set ()
+
+ let base_dirs () =
+ (* Get the specified dir if any. *)
+ let plugin_base_dir =
+ if is_visible
+ then Dir_name.get ()
+ else Datatype.Filepath.dummy
+ in
+ if not (plugin_base_dir = Datatype.Filepath.dummy)
+ then [plugin_base_dir]
+ else begin
+ (* No specified dir: look for the default ones.
+ At least one default value must be in place. *)
+ let dirs = D.dirs () in
+ assert (dirs <> []);
+ if is_kernel
then
- (* no specified dir: look for the default one. *)
- if is_kernel
- then D.dirs ()
- else List.map (fun x -> x ^ "/" ^ plugin_subpath) (D.dirs ())
+ List.map Datatype.Filepath.of_string dirs
else
- [d]
- in
- Datatype.Filepath.of_string (get_and_check_dirs ?error dirs)
+ List.map
+ (fun x -> Datatype.Filepath.of_string (x ^ "/" ^ plugin_subpath))
+ dirs
+ end
- let file ?error f =
- let dir = dir ?error () in
- Datatype.Filepath.concat dir ("/" ^ f)
+ let get_dir ?(mode=`Normalize_only) s =
+ match mode with
+ | `Must_exist ->
+ begin
+ let dir =
+ let exception Found of Datatype.Filepath.t in
+ try
+ List.fold_left
+ (fun dummy d ->
+ let name = Datatype.Filepath.concat d ("/" ^ s) in
+ if Sys.file_exists (name :> string)
+ then raise (Found name)
+ else dummy)
+ None
+ (base_dirs ())
+ with Found d ->
+ Some d
+ in
+ match dir with
+ | None ->
+ L.abort "no directory %s exist in %s directories" s O.option_name
+ | Some d -> d
+ end
+ | _ ->
+ begin
+ (* In presence of more than one base directory, consider the first to
+ form the resulting [filepath]. *)
+ let filepath =
+ match base_dirs () with
+ | [] -> assert false
+ | d :: _ -> Datatype.Filepath.concat d ("/" ^ s)
+ in
+ match mode with
+ | `Must_exist ->
+ (* Already taken care of. *)
+ assert false
+ | `Normalize_only ->
+ filepath
+ | `Create_path ->
+ begin
+ (try
+ if not (Sys.is_directory (filepath :> string))
+ then
+ (* [filepath] already exists, and it is a file. *)
+ L.abort
+ "cannot create directory as file %a already exists"
+ Datatype.Filepath.pretty filepath
+ with Sys_error _ ->
+ (* [filepath] does not exist: create the directory path. *)
+ ignore (mk_dir (filepath :> string)));
+ filepath
+ end
+ end
+
+ let get_file ?(mode=`Normalize_only) s =
+ let s_dirname = Filename.dirname s in
+ let base_dir = get_dir ~mode s_dirname in
+ let s_basename = Filename.basename s in
+ let filepath = Datatype.Filepath.concat base_dir ("/" ^ s_basename) in
+ match mode with
+ | `Must_exist ->
+ if Sys.file_exists (filepath :> string)
+ then filepath
+ else L.abort "no file %s exist in %s directories" s O.option_name
+ | `Normalize_only ->
+ filepath
+ | `Create_path ->
+ (* No need to create anything here, as the path of sub-directories has
+ been already created by [get_dir] for computing [base_dir]. *)
+ filepath
end
@@ -396,7 +440,6 @@ struct
(struct
let dirs () = Fc_config.datadirs
let visible_ref = !share_visible_ref
- let force_dir = false
end)
module Session =
@@ -413,15 +456,12 @@ struct
try Sys.getenv "FRAMAC_SESSION"
with Not_found -> "./.frama-c"]
let visible_ref = !session_visible_ref
- let force_dir = true
end)
let () =
if is_kernel ()
then
Journal.get_session_file :=
- (fun s ->
- let f = Session.file ~error:false s in
- Format.asprintf "%a" Datatype.Filepath.pretty f)
+ (fun s -> Session.get_file ~mode:`Create_path s)
module Config =
Make_specific_dir
@@ -449,7 +489,6 @@ struct
d ^ if vis then "/frama-c" else "/.frama-c"
]
let visible_ref = !config_visible_ref
- let force_dir = true
end)
let help = add_group "Getting Information"
diff --git a/src/libraries/utils/dotgraph.ml b/src/libraries/utils/dotgraph.ml
index a3520a869dfc3596652dd13ae8c9c8a392db93de..f162ef75c89ce637b4c50ced8f208c3fba98a07a 100644
--- a/src/libraries/utils/dotgraph.ml
+++ b/src/libraries/utils/dotgraph.ml
@@ -154,7 +154,7 @@ let println dot msg =
Format.kfprintf (fun fmt -> Format.pp_print_newline fmt ()) dot.fmt msg
let push dot f = Queue.push f dot.queue
-let pop_all dot =
+let run dot =
while not (Queue.is_empty dot.queue) do
(Queue.pop dot.queue) ()
done
@@ -342,6 +342,7 @@ struct
let node = Printf.sprintf "%s%03d" prefix k in
index := M.add a node !index ; !once a node ; node
+ let add a = ignore (get a)
let node dot a attr = node dot (get a) attr
let inode dot a attr = inode dot ~id:(get a) attr
@@ -353,9 +354,8 @@ struct
let prefix p = prefix := Some p
- let once f = once := f
- let push dot f = once (fun a n -> push dot (fun () -> f a n))
- let clear () = index := M.empty ; kid := 0 ; once skip
+ let define dot f = once := fun a n -> push dot (fun () -> f a n)
+ let clear () = index := M.empty ; kid := 0 ; once := skip
end
(* -------------------------------------------------------------------------- *)
diff --git a/src/libraries/utils/dotgraph.mli b/src/libraries/utils/dotgraph.mli
index 6cd0fb8bd64c0bdb365c6ee2f7d327c251075d31..12d7faeb84ebe9fe594f593779144cc7beac009a 100644
--- a/src/libraries/utils/dotgraph.mli
+++ b/src/libraries/utils/dotgraph.mli
@@ -40,18 +40,15 @@
begin
let dot = G.open_dot ~name:"mygraph" () in
(* For each generated node, declare it and link to its children. *)
- N.push dot
- (fun a ->
- let na = N.inode dot a in
+ N.define dot
+ (fun a na ->
try
List.iter
- (fun b -> G.link dot na (N.get b))
+ (fun b -> G.edge dot na (N.get b) [])
(M.find a graph)
with Not_found -> ()) ;
- (* Starts by emitting roots *)
- List.iter
- (fun r -> ignore (N.get r))
- roots ;
+ (* Starts by emitting some roots, or all nodes *)
+ List.iter N.add roots ;
(* Proceeds to the traversal *)
G.pop_all dot ;
(* You may then complete your graph
@@ -214,6 +211,7 @@ end
module Node(M : Map) :
sig
type t = M.key
+ val add : t -> unit
val get : t -> node
val node : dot -> t -> attr list -> unit
val inode : dot -> t -> attr list -> node
@@ -221,22 +219,12 @@ sig
val irecord : dot -> t -> ?rounded:bool -> ?attr:attr list -> record -> node
val clear : unit -> unit
- (** Executes the callback {i once} for all created nodes.
- Any previously registered callback by [once] or [push] is replaced
- by the new one.
-
- {b Warning:} the callback is executed as soon as [get] is called
- for the first time, possibly interfering with your current output
- on a [dot] buffer. To insert additional Dot material with a callback,
- use [push] instead.
- *)
- val once : (t -> node -> unit) -> unit
-
- (** Pushes the callback {i once} for all created nodes.
- You must call [pop_call] at some point to flush them.
- Any previsously registred callback by [once] or [push] is replaced
+ (** Pushes the callback which will be executed {i once}
+ for all created nodes.
+ You must call [run dot] at some point to flush them.
+ Any previsously registred callback is replaced
by the new one. *)
- val push : dot -> (t -> node -> unit) -> unit
+ val define : dot -> (t -> node -> unit) -> unit
(** Set node prefix.
Otherwize, some default one is created for each functor application. *)
@@ -247,7 +235,7 @@ end
val push : dot -> (unit -> unit) -> unit
(** Flushes all pending continuations. *)
-val pop_all : dot -> unit
+val run : dot -> unit
(** {1 Decorator} *)
diff --git a/src/libraries/utils/floating_point.ml b/src/libraries/utils/floating_point.ml
index 1b4d343a4de8e0c948bb89f997546fad3dd86318..13227afdd5da5ff1abadabed250a4c13aff26dd2 100644
--- a/src/libraries/utils/floating_point.ml
+++ b/src/libraries/utils/floating_point.ml
@@ -41,10 +41,10 @@ external set_rounding_mode: c_rounding_mode -> unit = "set_rounding_mode" "noall
[@@@ warning "+3"]
-external round_to_single_precision_float: float -> float = "round_to_float"
-external sys_single_precision_of_string: string -> float =
- "single_precision_of_string"
-(* TODO two functions above: declare "float",
+external round_to_single_precision_float: float -> float = "round_to_float"
+external sys_single_precision_of_string: string -> float =
+ "single_precision_of_string"
+(* TODO two functions above: declare "float",
must have separate version for bytecode, see OCaml manual *)
let max_single_precision_float = Int32.float_of_bits 0x7f7fffffl
@@ -56,16 +56,16 @@ type parsed_float = {
f_upper : float ;
}
-let inf ~man_size ~max_exp =
+let inf ~man_size ~max_exp =
let biggest_not_inf = ldexp (2.0 -. ldexp 1.0 (~- man_size)) max_exp in
- {
+ {
f_lower = biggest_not_inf ;
f_nearest = infinity ;
f_upper = infinity ;
}
(* [s = num * 2^exp / den] hold *)
-let make_float ~num ~den ~exp ~man_size ~min_exp ~max_exp =
+let make_float ~num ~den ~exp ~man_size ~min_exp ~max_exp =
assert (Integer.gt num Integer.zero);
assert (Integer.gt den Integer.zero);
(*
@@ -78,7 +78,7 @@ let make_float ~num ~den ~exp ~man_size ~min_exp ~max_exp =
let den = ref den in
let exp = ref exp in
- while
+ while
Integer.ge num (Integer.shift_left !den ssize_bi)
|| !exp < min_exp
do
@@ -88,7 +88,7 @@ let make_float ~num ~den ~exp ~man_size ~min_exp ~max_exp =
let den = !den in
let shifted_den = Integer.shift_left den size_bi in
let num = ref num in
- while
+ while
Integer.lt !num shifted_den && !exp > min_exp
do
num := Integer.shift_left !num Integer.one;
@@ -96,7 +96,7 @@ let make_float ~num ~den ~exp ~man_size ~min_exp ~max_exp =
done;
let num = !num in
let exp = !exp in
-(*
+(*
Format.printf "make_float2: num den exp:@\n%a@\n@\n%a@\n@\n%d@."
Datatype.Integer.pretty num Datatype.Integer.pretty den exp;
*)
@@ -107,9 +107,9 @@ let make_float ~num ~den ~exp ~man_size ~min_exp ~max_exp =
Integer.shift_left rem Integer.one
in
let man = Integer.to_int64 man in
-(* Format.printf "pre-round: num den man rem:@\n%a@\n@\n%a@\n@\n%Ld@\n@\n%a@."
- Datatype.Integer.pretty num Datatype.Integer.pretty den
- man Datatype.Integer.pretty rem; *)
+ (* Format.printf "pre-round: num den man rem:@\n%a@\n@\n%a@\n@\n%Ld@\n@\n%a@."
+ Datatype.Integer.pretty num Datatype.Integer.pretty den
+ man Datatype.Integer.pretty rem; *)
let lowb = ldexp (Int64.to_float man) exp in
if Integer.is_zero rem2 then {
f_lower = lowb ;
@@ -118,16 +118,16 @@ let make_float ~num ~den ~exp ~man_size ~min_exp ~max_exp =
} else
let upb = ldexp (Int64.to_float (Int64.succ man)) exp in
if Integer.lt rem2 den ||
- (Integer.equal rem2 den && (Int64.logand man Int64.one) = 0L)
+ (Integer.equal rem2 den && (Int64.logand man Int64.one) = 0L)
then {
- f_lower = lowb ;
- f_nearest = lowb ;
- f_upper = upb ;
+ f_lower = lowb ;
+ f_nearest = lowb ;
+ f_upper = upb ;
}
else {
- f_lower = lowb ;
- f_nearest = upb ;
- f_upper = upb ;
+ f_lower = lowb ;
+ f_nearest = upb ;
+ f_upper = upb ;
}
let reg_exp = "[eE][+]?\\(-?[0-9]+\\)"
@@ -154,66 +154,66 @@ let parse_float ~man_size ~min_exp ~max_exp s =
with Failure _ ->
(* Format.printf "Error in exponent: %s@." s; *)
if s.[0] = '-'
- then raise (Shortcut {
- f_lower = 0.0 ;
- f_nearest = 0.0 ;
- f_upper = ldexp 1.0 (min_exp - man_size) ;
- })
+ then raise (Shortcut {
+ f_lower = 0.0 ;
+ f_nearest = 0.0 ;
+ f_upper = ldexp 1.0 (min_exp - man_size) ;
+ })
else raise (Shortcut (inf ~man_size ~max_exp))
in
- try
- (* At the end of the function, [s = num * 2^exp / den] *)
- let num, den, exp =
- if Str.string_match numdotfracexp s 0
- then
- let n = Str.matched_group 1 s in
- let frac = Str.matched_group 2 s in
- let len_frac = String.length frac in
- let num = Integer.of_string (n ^ frac) in
- let den = Integer.power_int_positive_int 5 len_frac in
- if Integer.is_zero num then raise (Shortcut zero);
- let exp10 = match_exp 3
- in
- if exp10 >= 0
- then
- Integer.mul num (Integer.power_int_positive_int 5 exp10),
- den,
- exp10 - len_frac
- else
- num,
- Integer.mul den (Integer.power_int_positive_int 5 (~- exp10)),
- exp10 - len_frac
- else if Str.string_match numdotfrac s 0
- then
- let n = Str.matched_group 1 s in
- let frac = Str.matched_group 2 s in
- let len_frac = String.length frac in
- Integer.of_string (n ^ frac),
- Integer.power_int_positive_int 5 len_frac,
- ~- len_frac
- else if Str.string_match numexp s 0
- then
- let n = Str.matched_group 1 s in
- let num = Integer.of_string n in
- if Integer.is_zero num then raise (Shortcut zero);
- let exp10 = match_exp 2 in
- if exp10 >= 0
- then
- Integer.mul num (Integer.power_int_positive_int 5 exp10),
- Integer.one,
- exp10
- else
- num,
- (Integer.power_int_positive_int 5 (~- exp10)),
- exp10
- else (Format.printf "Could not parse floating point number %S@." s;
- assert false)
- in
- if Integer.is_zero num
- then zero
- else
- make_float ~num ~den ~exp ~man_size ~min_exp ~max_exp
- with Shortcut r -> r
+ try
+ (* At the end of the function, [s = num * 2^exp / den] *)
+ let num, den, exp =
+ if Str.string_match numdotfracexp s 0
+ then
+ let n = Str.matched_group 1 s in
+ let frac = Str.matched_group 2 s in
+ let len_frac = String.length frac in
+ let num = Integer.of_string (n ^ frac) in
+ let den = Integer.power_int_positive_int 5 len_frac in
+ if Integer.is_zero num then raise (Shortcut zero);
+ let exp10 = match_exp 3
+ in
+ if exp10 >= 0
+ then
+ Integer.mul num (Integer.power_int_positive_int 5 exp10),
+ den,
+ exp10 - len_frac
+ else
+ num,
+ Integer.mul den (Integer.power_int_positive_int 5 (~- exp10)),
+ exp10 - len_frac
+ else if Str.string_match numdotfrac s 0
+ then
+ let n = Str.matched_group 1 s in
+ let frac = Str.matched_group 2 s in
+ let len_frac = String.length frac in
+ Integer.of_string (n ^ frac),
+ Integer.power_int_positive_int 5 len_frac,
+ ~- len_frac
+ else if Str.string_match numexp s 0
+ then
+ let n = Str.matched_group 1 s in
+ let num = Integer.of_string n in
+ if Integer.is_zero num then raise (Shortcut zero);
+ let exp10 = match_exp 2 in
+ if exp10 >= 0
+ then
+ Integer.mul num (Integer.power_int_positive_int 5 exp10),
+ Integer.one,
+ exp10
+ else
+ num,
+ (Integer.power_int_positive_int 5 (~- exp10)),
+ exp10
+ else (Format.printf "Could not parse floating point number %S@." s;
+ assert false)
+ in
+ if Integer.is_zero num
+ then zero
+ else
+ make_float ~num ~den ~exp ~man_size ~min_exp ~max_exp
+ with Shortcut r -> r
let is_hex s =
let l = String.length s in
@@ -224,7 +224,7 @@ let opp_parse_float f =
let rec single_precision_of_string s =
if s.[0] = '-' then
- opp_parse_float (single_precision_of_string (String.sub s 1 (String.length s - 1)))
+ opp_parse_float (single_precision_of_string (String.sub s 1 (String.length s - 1)))
else if is_hex s
then
try
@@ -236,11 +236,11 @@ let rec single_precision_of_string s =
parse_float ~man_size:23 ~min_exp:(-126) ~max_exp:127 s
(* May raise Failure("float_of_string"). *)
-let rec double_precision_of_string s =
+let rec double_precision_of_string s =
if s.[0] = '-' then
opp_parse_float (double_precision_of_string (String.sub s 1 (String.length s - 1)))
else if is_hex s
- then
+ then
let f = float_of_string s in
{ f_lower = f ; f_nearest = f ; f_upper = f }
else (* decimal *)
@@ -274,6 +274,14 @@ let parse string =
Kernel.fatal ~current:true
"Unexpected error parsing floating-point constant: %s." string
+let has_suffix fk lit =
+ let s = match fk with
+ | Cil_types.FFloat -> 'F'
+ | Cil_types.FDouble -> 'D'
+ | Cil_types.FLongDouble -> 'L' in
+ let ln = String.length lit in
+ ln > 0 && Char.uppercase_ascii lit.[ln-1] = s
+
let pretty_normal ~use_hex fmt f =
let double_norm = Int64.shift_left 1L 52 in
let double_mask = Int64.pred double_norm in
@@ -285,62 +293,62 @@ let pretty_normal ~use_hex fmt f =
let s = if s then "-" else "" in
if exp = 2047
then begin
- if man = 0L
- then
- Format.fprintf fmt "%sinf" s
- else
- Format.fprintf fmt "NaN"
- end
+ if man = 0L
+ then
+ Format.fprintf fmt "%sinf" s
+ else
+ Format.fprintf fmt "NaN"
+ end
else
- let firstdigit, exp =
- if exp <> 0
- then 1, (exp - 1023)
- else 0, if f = 0. then 0 else -1022
- in
- if not use_hex
- then begin
+ let firstdigit, exp =
+ if exp <> 0
+ then 1, (exp - 1023)
+ else 0, if f = 0. then 0 else -1022
+ in
+ if not use_hex
+ then begin
let firstdigit, man, exp =
- if 0 < exp && exp <= 12
- then begin
- Int64.to_int
- (Int64.shift_right_logical
- (Int64.logor man double_norm)
- (52 - exp)),
- Int64.logand (Int64.shift_left man exp) double_mask,
- 0
- end
- else firstdigit, man, exp
+ if 0 < exp && exp <= 12
+ then begin
+ Int64.to_int
+ (Int64.shift_right_logical
+ (Int64.logor man double_norm)
+ (52 - exp)),
+ Int64.logand (Int64.shift_left man exp) double_mask,
+ 0
+ end
+ else firstdigit, man, exp
in
let d =
- Int64.float_of_bits
- (Int64.logor 0x3ff0000000000000L man)
+ Int64.float_of_bits
+ (Int64.logor 0x3ff0000000000000L man)
in
let d, re =
- if d >= 1.5
- then d -. 1.5, 5000000000000000L
- else d -. 1.0, 0L
+ if d >= 1.5
+ then d -. 1.5, 5000000000000000L
+ else d -. 1.0, 0L
in
let d = d *. 1e16 in
let decdigits = Int64.add re (Int64.of_float d) in
if exp = 0 || (firstdigit = 0 && decdigits = 0L && exp = -1022)
then
- Format.fprintf fmt "%s%d.%016Ld"
- s
- firstdigit
- decdigits
+ Format.fprintf fmt "%s%d.%016Ld"
+ s
+ firstdigit
+ decdigits
else
- Format.fprintf fmt "%s%d.%016Ld*2^%d"
- s
- firstdigit
- decdigits
- exp
+ Format.fprintf fmt "%s%d.%016Ld*2^%d"
+ s
+ firstdigit
+ decdigits
+ exp
end
- else
- Format.fprintf fmt "%s0x%d.%013Lxp%d"
- s
- firstdigit
- man
- exp
+ else
+ Format.fprintf fmt "%s0x%d.%013Lxp%d"
+ s
+ firstdigit
+ man
+ exp
let pretty fmt f =
let use_hex = Kernel.FloatHex.get() in
@@ -354,15 +362,15 @@ let pretty fmt f =
then
pretty_normal ~use_hex fmt f
else begin
- let r = Format.sprintf "%.*g" 12 f in
- if (String.contains r '.' || String.contains r 'e' ||
- String.contains r 'E')
- || (match classify_float f with
- | FP_normal | FP_subnormal | FP_zero -> false
- | FP_infinite | FP_nan -> true)
- then Format.pp_print_string fmt r
- else Format.fprintf fmt "%s." r
- end
+ let r = Format.sprintf "%.*g" 12 f in
+ if (String.contains r '.' || String.contains r 'e' ||
+ String.contains r 'E')
+ || (match classify_float f with
+ | FP_normal | FP_subnormal | FP_zero -> false
+ | FP_infinite | FP_nan -> true)
+ then Format.pp_print_string fmt r
+ else Format.fprintf fmt "%s." r
+ end
type sign = Neg | Pos
@@ -373,12 +381,12 @@ exception Float_Non_representable_as_Int64 of sign
raise Float_Non_representable_as_Int64. This is the most reasonable as
a floating-point number may represent an exponentially large integer. *)
let truncate_to_integer =
- let min_64_float = -9.22337203685477581e+18
- (* Int64.to_float (-0x8000000000000000L) *)
+ let min_64_float = -9.22337203685477581e+18
+ (* Int64.to_float (-0x8000000000000000L) *)
in
- let max_64_float = 9.22337203685477478e+18
-(* let open Int64 in
- float_of_bits (pred (bits_of_float (to_float max_int))) *)
+ let max_64_float = 9.22337203685477478e+18
+ (* let open Int64 in
+ float_of_bits (pred (bits_of_float (to_float max_int))) *)
in
fun x ->
let max_64_float = Extlib.id max_64_float in
@@ -388,10 +396,10 @@ let truncate_to_integer =
then raise (Float_Non_representable_as_Int64 Pos);
if x <= max_64_float then
Integer.of_int64 (Int64.of_float x)
- else
- Integer.add
- (Integer.of_int64 (Int64.of_float (x +. min_64_float)))
- (Integer.two_power_of_int 63)
+ else
+ Integer.add
+ (Integer.of_int64 (Int64.of_float (x +. min_64_float)))
+ (Integer.two_power_of_int 63)
let bits_of_max_double =
Integer.of_int64 (Int64.bits_of_float max_float)
diff --git a/src/libraries/utils/floating_point.mli b/src/libraries/utils/floating_point.mli
index 27a4bbbe39e94fe81019c1dd91c0fffdfe8108e8..11190c51425225feeae0faece5c12928f0090c90 100644
--- a/src/libraries/utils/floating_point.mli
+++ b/src/libraries/utils/floating_point.mli
@@ -30,8 +30,8 @@ val string_of_c_rounding_mode : c_rounding_mode -> string
external set_round_downward : unit -> unit = "set_round_downward" [@@noalloc]
external set_round_upward : unit -> unit = "set_round_upward" [@@noalloc]
-external set_round_nearest_even : unit -> unit =
- "set_round_nearest_even" [@@noalloc]
+external set_round_nearest_even : unit -> unit =
+ "set_round_nearest_even" [@@noalloc]
external set_round_toward_zero : unit -> unit =
"set_round_toward_zero" [@@noalloc]
external get_rounding_mode: unit -> c_rounding_mode =
@@ -49,8 +49,8 @@ val neg_min_denormal: float
val min_single_precision_denormal: float
val neg_min_single_precision_denormal: float
-external sys_single_precision_of_string: string -> float =
- "single_precision_of_string"
+external sys_single_precision_of_string: string -> float =
+ "single_precision_of_string"
(** If [s] is parsed as [(n, l, u)], then [n] is the nearest approximation of
@@ -69,6 +69,10 @@ type parsed_float = {
with no suffix are parsed as double. *)
val parse: string -> Cil_types.fkind * parsed_float
+(** Checks if the (uppercased) string ends with an explicit [F|D|L]
+ suffix corresponding to the given float kind. *)
+val has_suffix: Cil_types.fkind -> string -> bool
+
val pretty_normal : use_hex : bool -> Format.formatter -> float -> unit
val pretty : Format.formatter -> float -> unit
diff --git a/src/libraries/utils/rich_text.ml b/src/libraries/utils/rich_text.ml
index 4d114a414e4d8e84707b3c6db57f889fafd85db8..fe8a162367f926b1ed7563a60e3c3e6b9a13184b 100644
--- a/src/libraries/utils/rich_text.ml
+++ b/src/libraries/utils/rich_text.ml
@@ -152,12 +152,10 @@ let truncate_text buffer size =
let n_right = size - n_left - 5 in
if p > 0 then
Buffer.blit buffer.content p (Buffer.to_bytes buffer.content) 0 n_left;
- Buffer.add_substring buffer.content "[...]" n_left 5 ;
- Buffer.blit
- buffer.content (q-n_right+1)
- (Buffer.to_bytes buffer.content) (n_left + 5)
- n_right ;
- Buffer.truncate buffer.content size ;
+ let buf_right = Buffer.sub buffer.content (q-n_right+1) n_right in
+ Buffer.truncate buffer.content n_left;
+ Buffer.add_string buffer.content "[...]";
+ Buffer.add_string buffer.content buf_right;
end
end
diff --git a/src/libraries/utils/utf8_logic.mli b/src/libraries/utils/utf8_logic.mli
index 2a3cd4d3d9c5e417eeb3562d8cff688add9c774e..449e20476bd3f55a53b09dd0cf143395d1ce5fad 100644
--- a/src/libraries/utils/utf8_logic.mli
+++ b/src/libraries/utils/utf8_logic.mli
@@ -24,6 +24,9 @@
(** UTF-8 string for logic symbols. *)
+(** given an unicode code point, returns the corresponding utf-8 encoding. *)
+val from_unichar: int -> string
+
val forall : string
val exists : string
val eq : string
diff --git a/src/plugins/aorai/aorai_dataflow.ml b/src/plugins/aorai/aorai_dataflow.ml
index e869e3dd345b390b1adb58a48de5e25640ec7918..554af1f3639ad3531632e0f8dfec0de3e106852b 100644
--- a/src/plugins/aorai/aorai_dataflow.ml
+++ b/src/plugins/aorai/aorai_dataflow.ml
@@ -449,7 +449,7 @@ module Computer(I: Init) = struct
"too few arguments in call to %a" Printer.pp_varinfo f
| p::prms, a::args ->
let lv = Logic_const.tvar (Cil.cvar_to_lvar p) in
- let la = Logic_utils.expr_to_term ~cast:false a in
+ let la = Logic_utils.expr_to_term a in
let value =
Cil_datatype.Term.Map.add
la (Fixed 0) Cil_datatype.Term.Map.empty
diff --git a/src/plugins/aorai/aorai_utils.ml b/src/plugins/aorai/aorai_utils.ml
index ff3c2f3a3fe3dc68bc2950443cd8239b67c67f37..c4fb25191c1f4b7f166ad3666763e6eff90a1aa1 100644
--- a/src/plugins/aorai/aorai_utils.ml
+++ b/src/plugins/aorai/aorai_utils.ml
@@ -138,7 +138,7 @@ let isCrossableAtInit tr func =
let rec aux t =
match t.term_node with
| TConst (LEnum ei) ->
- aux (Logic_utils.expr_to_term ~cast:false ei.eival)
+ aux (Logic_utils.expr_to_term ei.eival)
| TLval lv ->
(match aux_lv lv with
| Some t -> t
@@ -241,7 +241,7 @@ let isCrossableAtInit tr func =
and aux_init off initinfo =
match off, initinfo with
| TNoOffset, SingleInit e ->
- Some (aux (Logic_utils.expr_to_term ~cast:false e))
+ Some (aux (Logic_utils.expr_to_term e))
| TIndex(t,oth), CompoundInit (ct,initl) ->
(match (aux t).term_node with
| TConst(Integer(i1,_)) ->
@@ -653,7 +653,7 @@ let one_term () = Cil.lconstant Integer.one
(** Returns a term representing the variable associated to the given varinfo *)
let mk_term_from_vi vi =
Logic_const.term
- (TLval((Logic_utils.lval_to_term_lval ~cast:true (Cil.var vi))))
+ (TLval((Logic_utils.lval_to_term_lval (Cil.var vi))))
(Ctype Cil.intType)
(** Given an lval term 'host' and an integer value 'off', it returns a lval term host[off]. *)
@@ -681,8 +681,7 @@ let mk_offseted_array_states_as_enum host off =
(Ctype Cil.intType)
(** Returns a lval term associated to the curState generated variable. *)
-let host_state_term() =
- lval_to_term_lval ~cast:true (state_lval())
+let host_state_term() = lval_to_term_lval (state_lval())
(*
(** Returns a lval term associated to the curStateOld generated variable. *)
let host_stateOld_term () =
diff --git a/src/plugins/aorai/aorai_visitors.ml b/src/plugins/aorai/aorai_visitors.ml
index f7ad17a93863b45e27e6cea9e98eb0da3b421ec1..004941db6742cd482c8910fc0e7a1d3f3d0f197a 100644
--- a/src/plugins/aorai/aorai_visitors.ml
+++ b/src/plugins/aorai/aorai_visitors.ml
@@ -125,7 +125,7 @@ class visit_adding_code_for_synchronisation =
- what about varargs?
*)
let (rettype,args,varargs,_) = Cil.splitFunctionTypeVI vi_pre in
- vi_pre.vtype <- TFun(Cil.voidType, args, varargs,[]);
+ Cil.update_var_type vi_pre (TFun(Cil.voidType, args, varargs,[]));
vi_pre.vattr <- [];
(* in particular get rid of __no_return if set in vi*)
diff --git a/src/plugins/aorai/data_for_aorai.ml b/src/plugins/aorai/data_for_aorai.ml
index 75999fabf9b8be5f91d9ad19b06ce43e34311214..1bcaa67755f6727b12a02562f4759ac52095f220 100644
--- a/src/plugins/aorai/data_for_aorai.ml
+++ b/src/plugins/aorai/data_for_aorai.ml
@@ -694,8 +694,7 @@ let type_expr env ?tr ?current e =
let e = Cil.parseIntLogic ~loc s in
env, e, cond
| PCst (Logic_ptree.FloatConstant str) ->
- let c = Logic_utils.string_to_float_lconstant str in
- env, Logic_const.term (TConst c) Lreal, cond
+ env, Logic_utils.parse_float ~loc str, cond
| PCst (Logic_ptree.StringConstant s) ->
let t =
Logic_const.term
diff --git a/src/plugins/aorai/tests/aorai/oracle/formals.res.oracle b/src/plugins/aorai/tests/aorai/oracle/formals.res.oracle
index 2e24eb7f8a7502ffb36cad5f670b90fc673a2b01..b850086cbe94dbafa142e58f40a017022d73a22c 100644
--- a/src/plugins/aorai/tests/aorai/oracle/formals.res.oracle
+++ b/src/plugins/aorai/tests/aorai/oracle/formals.res.oracle
@@ -581,24 +581,26 @@ int g(int y)
ensures
\at(aorai_CurStates ≡ init,Pre) ∧
aorai_CurStates ≡ aorai_reject ⇒
- aorai_x_0 ≡ \at(1,Pre) + 0 ∨ aorai_x_0 ≡ \at(aorai_x_0,Pre) + 0;
+ aorai_x_0 ≡ \at(aorai_x_0,Pre) + 0 ∨
+ aorai_x_0 ≡ \at((int)1,Pre) + 0;
ensures
\at(aorai_CurStates ≡ init,Pre) ∧
aorai_CurStates ≡ aorai_reject ⇒
- aorai_y ≡ \at(2,Pre) + 0 ∨ aorai_y ≡ \at(aorai_y,Pre) + 0;
+ aorai_y ≡ \at(aorai_y,Pre) + 0 ∨ aorai_y ≡ \at((int)2,Pre) + 0;
ensures
\at(aorai_CurStates ≡ init,Pre) ∧
aorai_CurStates ≡ aorai_reject ⇒
- aorai_x ≡ \at(1,Pre) + 0 ∨ aorai_x ≡ \at(aorai_x,Pre) + 0;
+ aorai_x ≡ \at(aorai_x,Pre) + 0 ∨ aorai_x ≡ \at((int)1,Pre) + 0;
ensures
\at(aorai_CurStates ≡ init,Pre) ∧ aorai_CurStates ≡ OK ⇒
- aorai_x_0 ≡ \at(1,Pre) + 0 ∨ aorai_x_0 ≡ \at(aorai_x_0,Pre) + 0;
+ aorai_x_0 ≡ \at(aorai_x_0,Pre) + 0 ∨
+ aorai_x_0 ≡ \at((int)1,Pre) + 0;
ensures
\at(aorai_CurStates ≡ init,Pre) ∧ aorai_CurStates ≡ OK ⇒
- aorai_y ≡ \at(2,Pre) + 0 ∨ aorai_y ≡ \at(aorai_y,Pre) + 0;
+ aorai_y ≡ \at(aorai_y,Pre) + 0 ∨ aorai_y ≡ \at((int)2,Pre) + 0;
ensures
\at(aorai_CurStates ≡ init,Pre) ∧ aorai_CurStates ≡ OK ⇒
- aorai_x ≡ \at(1,Pre) + 0 ∨ aorai_x ≡ \at(aorai_x,Pre) + 0;
+ aorai_x ≡ \at(aorai_x,Pre) + 0 ∨ aorai_x ≡ \at((int)1,Pre) + 0;
*/
int main(void)
{
diff --git a/src/plugins/aorai/tests/aorai/oracle/other.res.oracle b/src/plugins/aorai/tests/aorai/oracle/other.res.oracle
index 91b4e2cc2ad540571330772e709520258a653f9b..480cdbac3e337e91a9a7e27ca0dee315fdfe892b 100644
--- a/src/plugins/aorai/tests/aorai/oracle/other.res.oracle
+++ b/src/plugins/aorai/tests/aorai/oracle/other.res.oracle
@@ -525,7 +525,12 @@ void g(void)
behavior buch_state_last_out:
ensures 0 ≡ last;
+ behavior buch_state_step1_in:
+ assumes 1 ≡ init ∧ x ≡ 3;
+ ensures 1 ≡ step1;
+
behavior buch_state_step1_out:
+ assumes 0 ≡ init ∨ ¬(x ≡ 3);
ensures 0 ≡ step1;
@/
void main_pre_func(void)
@@ -538,7 +543,9 @@ void g(void)
init_tmp = init;
last_tmp = last;
step1_tmp = step1;
- step1_tmp = 0;
+ if (init == 1)
+ if (x == 3) step1_tmp = 1; else step1_tmp = 0;
+ else step1_tmp = 0;
last_tmp = 0;
if (init == 1)
if (x != 3) init_tmp = 1; else init_tmp = 0;
@@ -644,7 +651,6 @@ void g(void)
*/
/*@ requires 1 ≡ init ∧ 0 ≡ last ∧ 0 ≡ step1;
- requires 1 ≡ init ⇒ x ≢ 3;
behavior aorai_acceptance:
ensures 1 ≡ last;
diff --git a/src/plugins/e-acsl/doc/Changelog b/src/plugins/e-acsl/doc/Changelog
index 5c3fedbea06163aeee9666481f76a5801d276d6c..1eeeb2ac090f234f3b50fa4f15899cbe7089b7c9 100644
--- a/src/plugins/e-acsl/doc/Changelog
+++ b/src/plugins/e-acsl/doc/Changelog
@@ -21,7 +21,7 @@
-* E-ACSL [2020/03/24] Fix automatic deactivation of plug-in Variadic when
E-ACSL is directly called from Frama-C without using
- e-acsl-gcc.sh.
+ e-acsl-gcc.sh.
- E-ACSL [2020/03/10] Call E-ACSL's free functions for globals in a
separate function at the end of main.
- E-ACSL [2020/03/10] Call `__e_acsl_memory_init` only if the memory
diff --git a/src/plugins/e-acsl/doc/doxygen/doxygen.cfg.in b/src/plugins/e-acsl/doc/doxygen/doxygen.cfg.in
index 5d8a49c0b4e4c89582bfc092b04b6981d3bc8171..ff2a3f4d7eb0d33f30739f3f0ff17c53661ec7fc 100644
--- a/src/plugins/e-acsl/doc/doxygen/doxygen.cfg.in
+++ b/src/plugins/e-acsl/doc/doxygen/doxygen.cfg.in
@@ -423,7 +423,7 @@ WARN_FORMAT =
# and error messages should be written. If left blank the output is written
# to stderr.
-WARN_LOGFILE = @abs_top_srcdir@/doc/doxygen/warn.log
+WARN_LOGFILE = @abs_top_builddir@/doc/doxygen/warn.log
#---------------------------------------------------------------------------
# configuration options related to the input files
@@ -434,9 +434,10 @@ WARN_LOGFILE = @abs_top_srcdir@/doc/doxygen/warn.log
# directories like "/usr/src/myproject". Separate the files or directories
# with spaces.
-INPUT = @abs_top_srcdir@/share/e-acsl \
- @abs_top_srcdir@/share/e-acsl/segment_model \
- @abs_top_srcdir@/share/e-acsl/bittree_model
+INPUT = @abs_top_srcdir@/src/plugins/e-acsl/share/e-acsl \
+ @abs_top_srcdir@/src/plugins/e-acsl/share/e-acsl/segment_model \
+ @abs_top_srcdir@/src/plugins/e-acsl/share/e-acsl/bittree_model \
+ @abs_top_srcdir@/src/plugins/e-acsl/share/e-acsl/instrumentation_model
# If the value of the INPUT tag contains directories, you can use the
# FILE_PATTERNS tag to specify one or more wildcard pattern (like *.cpp
diff --git a/src/plugins/e-acsl/doc/refman/Makefile b/src/plugins/e-acsl/doc/refman/Makefile
index 3462abe5fba4c6afc3d5849146a89cdaa57b3037..282220d94f03967cea283f992fcbc0bc2415dd26 100644
--- a/src/plugins/e-acsl/doc/refman/Makefile
+++ b/src/plugins/e-acsl/doc/refman/Makefile
@@ -15,7 +15,7 @@ DEPS_MODERN=macros_modern.tex eacslversion.tex biblio.bib \
assertions_modern.bnf loops_modern.bnf st_contracts_modern.bnf \
logic_modern.bnf data_invariants_modern.bnf model_modern.bnf \
ghost_modern.bnf generalinvariants_modern.bnf iterator_modern.bnf \
- bsearch.c bsearch2.c link.c
+ abrupt_modern.bnf bsearch.c bsearch2.c link.c
##############
# Main rules #
diff --git a/src/plugins/e-acsl/doc/refman/abrupt.tex b/src/plugins/e-acsl/doc/refman/abrupt.tex
new file mode 100644
index 0000000000000000000000000000000000000000..5fe8ef4e9163b548cb9c423a5827345c7f19ac52
--- /dev/null
+++ b/src/plugins/e-acsl/doc/refman/abrupt.tex
@@ -0,0 +1,15 @@
+\begin{syntax}
+ { abrupt-clause } ::= { exits-clause }
+ \
+ { exits-clause } ::= { "exits" pred ";" }
+ \
+ { abrupt-clause-stmt } ::= { breaks-clause } | { continues-clause } | { returns-clause }
+ \
+ { breaks-clause } ::= { "breaks" pred ";" }
+ \
+ { continues-clause } ::= { "continues" pred ";" }
+ \
+ { returns-clause } ::= { "returns" pred ";" }
+ \
+ { term } ::= { "\exit_status" }
+ \end{syntax}
diff --git a/src/plugins/e-acsl/doc/refman/changes_modern.tex b/src/plugins/e-acsl/doc/refman/changes_modern.tex
index ee30a79f7e0de4a4d9ae5f160c63fc98200dc495..70b99aa30c0b39a58eab38576cfd513ba65b3d60 100644
--- a/src/plugins/e-acsl/doc/refman/changes_modern.tex
+++ b/src/plugins/e-acsl/doc/refman/changes_modern.tex
@@ -61,7 +61,7 @@
\item \changeinsection{typing}{no user-defined types}
\item \changeinsection{builtinconstructs}{no more implementation issue for
\lstinline|\\old|}
-\item \changeinsection{at}{more restrictive scoping rule for label references
+\item \changeinsection{at}{more restrictive scoping rule for label references
in \lstinline|\\at|}
\end{itemize}
@@ -84,7 +84,7 @@ in \lstinline|\\at|}
\item \changeinsection{expressions}{remove laziness of operator
\lstinline|<==>|}
\item \changeinsection{expressions}{restrict guarded quantifications to integer}
-\item \changeinsection{expressions}{add iterator quantifications}
+\item \changeinsection{expressions}{add iterator quantifications}
\item \changeinsection{expressions}{extend unguarded quantifications to char}
\item \changeinsection{locations}{extend syntax of set comprehensions}
\item \changeinsection{loop_annot}{simplify explanations for loop invariants and
@@ -128,6 +128,11 @@ in \lstinline|\\at|}
\begin{itemize}
\item \changeinsection{reals}{support of rational numbers and operations}
+\item \changeinsection{fn-behavior}{remove abrupt clauses from the list of
+ exceptions}
+\item \changeinsection{statement_contract}{remove abrupt clauses from the list
+ of exceptions}
+\item \changeinsection{abrupt}{add grammar for abrupt termination}
\end{itemize}
\subsection*{Version Potassium-19}
diff --git a/src/plugins/e-acsl/doc/refman/fn_behavior.tex b/src/plugins/e-acsl/doc/refman/fn_behavior.tex
index 4cd97341aa542521fb64da755d74617ab20726a5..cf6a3ebb9814ededf4a8f31d03341f3c099b2692 100644
--- a/src/plugins/e-acsl/doc/refman/fn_behavior.tex
+++ b/src/plugins/e-acsl/doc/refman/fn_behavior.tex
@@ -1,6 +1,6 @@
\begin{syntax}
- [ function-contract ] ::= requires-clause*;
- { decreases-clause? } simple-clause*;
+ [ function-contract ] ::= requires-clause*
+ { decreases-clause? } simple-clause*
named-behavior* { completeness-clause* }
\
requires-clause ::= "requires" pred ";"
@@ -8,6 +8,7 @@
{ decreases-clause } ::= { "decreases" term ("for" id)? ";" }
\
[ simple-clause ] ::= { assigns-clause } | ensures-clause
+ | { allocation-clause} | { abrupt-clause }
\
{ assigns-clause } ::= { "assigns" locations ";" }
\
diff --git a/src/plugins/e-acsl/doc/refman/intro_modern.tex b/src/plugins/e-acsl/doc/refman/intro_modern.tex
index a3bcb11f398a544313ab5e90be3d9d61bfa4df6a..472b6cf40aaf229da2188f61a019941ba0d30cc3 100644
--- a/src/plugins/e-acsl/doc/refman/intro_modern.tex
+++ b/src/plugins/e-acsl/doc/refman/intro_modern.tex
@@ -43,7 +43,7 @@ currently implemented into the \framac's \eacsl plug-in.
\begin{center}
\begin{tabular}{|l|l|}
\hline
- typing
+ typing
& mathematical reals \\
\hline
terms
@@ -52,7 +52,7 @@ currently implemented into the \framac's \eacsl plug-in.
& let binding \\
& t-sets \\
\hline
- predicates
+ predicates
& exclusive or operator \\ % \lstinline|^^|
& let bindings \\
& quantifications over non-integer types \\
@@ -60,7 +60,7 @@ currently implemented into the \framac's \eacsl plug-in.
& \lstinline|\\specified|
\\
\hline
- annotations
+ annotations
& behavior-specific annotations \\
& loop assigns \\
& loop variants \\
@@ -69,6 +69,7 @@ currently implemented into the \framac's \eacsl plug-in.
\hline
behavior clauses
& assigns \\
+ & allocates \\
& decreases \\
& abrupt termination \\
& complete and disjoint behaviors
diff --git a/src/plugins/e-acsl/doc/refman/main.tex b/src/plugins/e-acsl/doc/refman/main.tex
index 88c2665b3138eb4593be41a543f86a070172ef12..8f53a75d66c09289d3f26f63fdef97dec50f452f 100644
--- a/src/plugins/e-acsl/doc/refman/main.tex
+++ b/src/plugins/e-acsl/doc/refman/main.tex
@@ -82,6 +82,7 @@ Patrick Baudin,
Bernard Botella,
Lo\"ic Correnson,
Pascal Cuoq,
+Basile Desloges,
Johannes Kanig,
Fonenantsoa Maurica,
David Mentr\'e,
diff --git a/src/plugins/e-acsl/doc/refman/speclang_modern.tex b/src/plugins/e-acsl/doc/refman/speclang_modern.tex
index c1482c0d65cbb0df19eccf95a887d310ac7a5f22..7c5b0e5a8fff1aeb7ff354be600d3398cf379045 100644
--- a/src/plugins/e-acsl/doc/refman/speclang_modern.tex
+++ b/src/plugins/e-acsl/doc/refman/speclang_modern.tex
@@ -196,7 +196,7 @@ one is valid:
\item \lstinline|\exists integer x, 1 <= x <= 0 && -1 <= 1/x <= 1|
\end{itemize}
In particular, the second one is invalid since the quantification is in fact an
-enumeration over a finite number of elements, it amounts to
+enumeration over a finite number of elements, it amounts to
\lstinline|1/-1 > 0 && 1/0 > 0 && 1/1 > 0|. The first atomic proposition is
invalid, so the rest of the conjunction (and in particular 1/0) is not
evaluated. The fourth one is invalid since it is an existential quantification
@@ -294,13 +294,12 @@ It is not possible to define logic types introduced by the specification writer
\label{sec:fn-behavior}
\index{function contract}\index{contract}
-\except{no \lstinline|terminates| and \lstinline|abrupt| clauses}
+\except{no \lstinline|terminates|}
Figure~\ref{fig:gram:contracts} shows grammar of function
contracts. This is a simplified version of \acsl one without
-\lstinline|terminates| and \lstinline|abrupt|
-clauses. Section~\ref{sec:termination} (resp.~\ref{sec:abrupt}) explains why
-\eacsl has no \lstinline|terminates| (resp. \lstinline|abrupt|) clause.
+\lstinline|terminates| clauses. Section~\ref{sec:termination} explains why
+\eacsl has no \lstinline|terminates| clause.
\begin{figure}[htbp]
\begin{cadre}
@@ -370,7 +369,7 @@ members easily identifiable.
\begin{notimplementedenv}
\begin{example}\label{ex:tset}
-The set \lstinlineµ{ x | integer x; 0 <= x <= 9 || 20 <= x <= 29 }µ denotes the
+The set \lstinlineµ{ x | integer x; 0 <= x <= 9 || 20 <= x <= 29 }µ denotes the
set of all integers between 0 and 9 and between 20 and 29.
\end{example}
\end{notimplementedenv}
@@ -422,7 +421,7 @@ Figure~\ref{fig:gram:assertions} summarizes grammar for assertions.
\except{loop invariants lose their inductive nature}
Figure~\ref{fig:gram:loops} shows grammar for loop annotations. There is no
-syntactic difference with \acsl.
+syntactic difference with \acsl.
\begin{figure}[htbp]
\begin{cadre}
\input{loops_modern.bnf}
@@ -453,7 +452,7 @@ In \eacsl, the same loop invariant $I$ is valid if and only if:
\begin{itemize}
\item $I$ holds before entering the loop; and
\item if execution of the loop body in that state ends normally at the end of
- the body or with a "continue" statement, $I$ is true in the resulting state.
+ the body or with a "continue" statement, $I$ is true in the resulting state.
\end{itemize}
Thus the only difference with \acsl is that \eacsl does not assume that the
@@ -543,11 +542,9 @@ definition of its upper bound.
\label{sec:statement_contract}
\index{statement contract}\index{contract}
-\except{no \lstinline|abrupt| clauses}
+\nodiff
-Figure~\ref{fig:gram:contracts} shows grammar of statement contracts. Like
-function contracts, this is a simplified version of \acsl with no
-\lstinline|abrupt| clauses. All other constructs are unchanged.
+Figure~\ref{fig:gram:stcontracts} shows grammar of statement contracts.
\begin{figure}[htbp]
\begin{cadre}
@@ -706,7 +703,7 @@ predicates which are related to memory location.
\nodiff
\difficultswhy{\lstinline|\\base\_addr|,
- \lstinline|\\block\_length|, \lstinline|\\valid|,
+ \lstinline|\\block\_length|, \lstinline|\\valid|,
\lstinline|\\valid_read| and
\lstinline|\\offset|}{the implementation of a memory model}
@@ -723,9 +720,7 @@ predicates which are related to memory location.
\subsection{Allocation and deallocation}
\difficultswhy{All these constructs}{the implementation of a memory model}
\label{sec:alloc-dealloc}
-
-\mywarning{this section is still almost experimental in \acsl. Thus it might still
-evolve in the future.}
+\nodiff
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
@@ -753,8 +748,21 @@ Figure~\ref{fig:gram:list} shows the notations for built-in lists.
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\section{Abrupt termination}\label{sec:abrupt}
-\absentexperimental
+\section{\notimplemented{Abrupt termination}}
+\label{sec:abrupt}
+\index{abrupt termination}
+
+\nodiff
+
+Figure~\ref{fig:gram:abrupt} shows grammar of abrupt termination.
+
+\begin{figure}[htbp]
+ \begin{cadre}
+ \input{abrupt_modern.bnf}
+ \end{cadre}
+ \caption{Grammar of contracts about abrupt terminations}
+ \label{fig:gram:abrupt}
+\end{figure}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
diff --git a/src/plugins/e-acsl/doc/refman/st_contracts.tex b/src/plugins/e-acsl/doc/refman/st_contracts.tex
index 498e9a73899ed7fd58fe49dfa210018d10d93964..8aefcbe9f322ac060e59ba1f56a97766fcff513f 100644
--- a/src/plugins/e-acsl/doc/refman/st_contracts.tex
+++ b/src/plugins/e-acsl/doc/refman/st_contracts.tex
@@ -2,9 +2,11 @@
statement ::= "/*@" statement-contract "*/" statement
\
[ statement-contract ] ::= {("for" id ("," id)* ":")?} requires-clause* ;
- simple-clause* named-behavior-stmt* ;
+ simple-clause-stmt* named-behavior-stmt* ;
completeness-clause*
\
+ simple-clause-stmt ::= simple-clause | { abrupt-clause-stmt }
+ \
named-behavior-stmt ::= "behavior" id ":" behavior-body-stmt
\
behavior-body-stmt ::= assumes-clause* ;
diff --git a/src/plugins/e-acsl/src/analyses/mmodel_analysis.ml b/src/plugins/e-acsl/src/analyses/mmodel_analysis.ml
index 36e0eab772110d3428c89c680e387ca5058b62b8..3b655683995066f05739e1669e5e359c33ed4ddd 100644
--- a/src/plugins/e-acsl/src/analyses/mmodel_analysis.ml
+++ b/src/plugins/e-acsl/src/analyses/mmodel_analysis.ml
@@ -359,7 +359,8 @@ module rec Transfer
let register_object kf state_ref = object
inherit Visitor.frama_c_inplace
method !vpredicate_node = function
- | Pvalid(_, t) | Pvalid_read(_, t) | Pvalid_function t
+ | Pvalid(_, t) | Pvalid_read(_, t)
+ | Pobject_pointer(_, t) | Pvalid_function t
| Pinitialized(_, t) | Pfreeable(_, t) ->
(* Options.feedback "REGISTER %a" Cil.d_term t;*)
state_ref := register_term kf !state_ref t;
diff --git a/src/plugins/e-acsl/src/analyses/typing.ml b/src/plugins/e-acsl/src/analyses/typing.ml
index 91904e682a942c36581cfb89f4b3401d385c524f..075d6bfa4a714d0da483b492d5c9d7b83d86f6c0 100644
--- a/src/plugins/e-acsl/src/analyses/typing.ml
+++ b/src/plugins/e-acsl/src/analyses/typing.ml
@@ -676,6 +676,7 @@ let rec type_predicate p =
| Pallocable(_, t)
| Pvalid(_, t)
| Pvalid_read(_, t)
+ | Pobject_pointer(_,t)
| Pvalid_function t ->
ignore (type_term ~use_gmp_opt:false ~ctx:Nan t);
c_int
diff --git a/src/plugins/e-acsl/src/code_generator/injector.ml b/src/plugins/e-acsl/src/code_generator/injector.ml
index 40d9c3ea1a23bc99a9903513eaed31061c4a4ac6..58f3b018d525da5cea25fead897c3ca9e1a7a35a 100644
--- a/src/plugins/e-acsl/src/code_generator/injector.ml
+++ b/src/plugins/e-acsl/src/code_generator/injector.ml
@@ -584,7 +584,7 @@ let inject_in_fundec main fundec =
(* convert ghost variables *)
vi.vghost <- false;
let unghost_local vi =
- vi.vtype <- Cil.typeRemoveAttributesDeep ["ghost"] vi.vtype ;
+ Cil.update_var_type vi (Cil.typeRemoveAttributesDeep ["ghost"] vi.vtype);
vi.vghost <- false
in
List.iter unghost_local fundec.slocals;
@@ -621,12 +621,12 @@ let unghost_vi vi =
(* do not convert extern ghost variables, because they can't be linked,
see bts #1392 *)
if vi.vstorage <> Extern then vi.vghost <- false;
- vi.vtype <- Cil.typeRemoveAttributesDeep ["ghost"] vi.vtype ;
+ Cil.update_var_type vi (Cil.typeRemoveAttributesDeep ["ghost"] vi.vtype);
match Cil.unrollType vi.vtype with
| TFun(res, Some l, va, attr) ->
(* unghostify function's parameters *)
let retype (n, t, a) = n, t, Cil.dropAttribute Cil.frama_c_ghost_formal a in
- vi.vtype <- TFun(res, Some (List.map retype l), va, attr)
+ Cil.update_var_type vi (TFun(res, Some (List.map retype l), va, attr))
| _ ->
()
diff --git a/src/plugins/e-acsl/src/code_generator/translate.ml b/src/plugins/e-acsl/src/code_generator/translate.ml
index e3d5580ba81fbc0c585be56ad3ecfe12e29ca38a..6a77b6530dfb5e6fd13a9a96e9878c3b5d48c6c9 100644
--- a/src/plugins/e-acsl/src/code_generator/translate.ml
+++ b/src/plugins/e-acsl/src/code_generator/translate.ml
@@ -708,6 +708,7 @@ and named_predicate_content_to_exp ?name kf env p =
e, env
| Pseparated _ -> not_yet env "\\separated"
| Pdangling _ -> not_yet env "\\dangling"
+ | Pobject_pointer _ -> not_yet env "\\object_pointer"
| Pvalid_function _ -> not_yet env "\\valid_function"
| Prel(rel, t1, t2) ->
let ity = Typing.get_integer_op_of_predicate p in
diff --git a/src/plugins/e-acsl/src/libraries/misc.ml b/src/plugins/e-acsl/src/libraries/misc.ml
index 285438e7d87be09f19608712a09634902f61c0af..0f4d38ef3fb6f37bd2ab33dd37c1f0d1ff021063 100644
--- a/src/plugins/e-acsl/src/libraries/misc.ml
+++ b/src/plugins/e-acsl/src/libraries/misc.ml
@@ -30,7 +30,7 @@ open Cil_datatype
let library_files () =
List.map
- (fun d -> Options.Share.file ~error:true d)
+ (fun d -> Options.Share.get_file ~mode:`Must_exist d)
[ "e_acsl_gmp_api.h";
"e_acsl.h" ]
diff --git a/src/plugins/e-acsl/src/main.ml b/src/plugins/e-acsl/src/main.ml
index c8027aa8d6f690b468b5aae66a1e98e8e957fdfc..a7f26523d4c08bd8b4028b8522d8f3073ecb857c 100644
--- a/src/plugins/e-acsl/src/main.ml
+++ b/src/plugins/e-acsl/src/main.ml
@@ -38,7 +38,7 @@ let extended_ast_project: extended_project ref = ref To_be_extended
let unmemoized_extend_ast () =
let extend () =
- let share = Options.Share.dir ~error:true () in
+ let share = Options.Share.get_dir ~mode:`Must_exist "." in
Options.feedback ~level:3 "setting kernel options for E-ACSL.";
Kernel.CppExtraArgs.add
(Format.asprintf " -DE_ACSL_MACHDEP=%s -I%a/memory_model"
diff --git a/src/plugins/e-acsl/tests/arith/oracle_ci/at_on-purely-logic-variables.res.oracle b/src/plugins/e-acsl/tests/arith/oracle_ci/at_on-purely-logic-variables.res.oracle
index 0b02e09b98b4a40aafb0895b7524d3459d38496c..ceb8eed7a93e5cd46801202607b737a163b9b95f 100644
--- a/src/plugins/e-acsl/tests/arith/oracle_ci/at_on-purely-logic-variables.res.oracle
+++ b/src/plugins/e-acsl/tests/arith/oracle_ci/at_on-purely-logic-variables.res.oracle
@@ -13,7 +13,7 @@
assertion got status unknown.
[eva:alarm] tests/arith/at_on-purely-logic-variables.c:29: Warning:
accessing uninitialized left-value.
- assert \initialized(__gen_e_acsl_at_2 + (__gen_e_acsl_j - 2));
+ assert \initialized(__gen_e_acsl_at_2 + (int)(__gen_e_acsl_j - 2));
[eva:alarm] tests/arith/at_on-purely-logic-variables.c:29: Warning:
function __e_acsl_assert: precondition got status unknown.
[eva:alarm] tests/arith/at_on-purely-logic-variables.c:29: Warning:
@@ -24,7 +24,8 @@
accessing uninitialized left-value.
assert
\initialized(__gen_e_acsl_at_3 +
- ((__gen_e_acsl_u - 9) * 11 + ((__gen_e_acsl_v - -5) - 1)));
+ (int)((int)((int)(__gen_e_acsl_u - 9) * 11) +
+ (int)((int)(__gen_e_acsl_v - -5) - 1)));
[eva:alarm] tests/arith/at_on-purely-logic-variables.c:34: Warning:
function __e_acsl_assert: precondition got status unknown.
[eva:alarm] tests/arith/at_on-purely-logic-variables.c:31: Warning:
@@ -33,7 +34,8 @@
assertion got status unknown.
[eva:alarm] tests/arith/at_on-purely-logic-variables.c:41: Warning:
accessing uninitialized left-value.
- assert \initialized(__gen_e_acsl_at_5 + ((__gen_e_acsl_k_3 - -9) - 1));
+ assert
+ \initialized(__gen_e_acsl_at_5 + (int)((int)(__gen_e_acsl_k_3 - -9) - 1));
[eva:alarm] tests/arith/at_on-purely-logic-variables.c:41: Warning:
function __e_acsl_assert: precondition got status unknown.
[eva:alarm] tests/arith/at_on-purely-logic-variables.c:41: Warning:
@@ -44,17 +46,19 @@
accessing uninitialized left-value.
assert
\initialized(__gen_e_acsl_at_6 +
- ((__gen_e_acsl_u_3 - 9) * 32 + ((__gen_e_acsl_v_3 - -5) - 1)));
+ (int)((int)((int)(__gen_e_acsl_u_3 - 9) * 32) +
+ (int)((int)(__gen_e_acsl_v_3 - -5) - 1)));
[eva:alarm] tests/arith/at_on-purely-logic-variables.c:45: Warning:
function __e_acsl_assert: precondition got status unknown.
[eva:alarm] tests/arith/at_on-purely-logic-variables.c:43: Warning:
assertion got status unknown.
[eva:alarm] tests/arith/at_on-purely-logic-variables.c:7: Warning:
accessing uninitialized left-value.
- assert \initialized(__gen_e_acsl_at + ((__gen_e_acsl_n - 1) - 1));
+ assert \initialized(__gen_e_acsl_at + (int)((int)(__gen_e_acsl_n - 1) - 1));
[eva:alarm] tests/arith/at_on-purely-logic-variables.c:7: Warning:
accessing uninitialized left-value.
- assert \initialized(__gen_e_acsl_at_2 + ((__gen_e_acsl_n - 1) - 1));
+ assert
+ \initialized(__gen_e_acsl_at_2 + (int)((int)(__gen_e_acsl_n - 1) - 1));
[eva:alarm] tests/arith/at_on-purely-logic-variables.c:7: Warning:
function __e_acsl_assert: precondition got status unknown.
[eva:alarm] tests/arith/at_on-purely-logic-variables.c:7: Warning:
@@ -63,7 +67,7 @@
function __gen_e_acsl_f: postcondition got status unknown.
[eva:alarm] tests/arith/at_on-purely-logic-variables.c:16: Warning:
accessing uninitialized left-value.
- assert \initialized(__gen_e_acsl_at + (__gen_e_acsl_w - 3));
+ assert \initialized(__gen_e_acsl_at + (int)(__gen_e_acsl_w - 3));
[eva:alarm] tests/arith/at_on-purely-logic-variables.c:16: Warning:
function __e_acsl_assert: precondition got status unknown.
[eva:alarm] tests/arith/at_on-purely-logic-variables.c:16: Warning:
@@ -74,9 +78,9 @@
accessing uninitialized left-value.
assert
\initialized(__gen_e_acsl_at_7 +
- ((__gen_e_acsl_u_5 - 10) * 300 +
- (((__gen_e_acsl_v_5 - -10) - 1) * 100 +
- ((__gen_e_acsl_w - 100) - 1))));
+ (int)((int)((int)(__gen_e_acsl_u_5 - 10) * 300) +
+ (int)((int)((int)((int)(__gen_e_acsl_v_5 - -10) - 1) * 100)
+ + (int)((int)(__gen_e_acsl_w - 100) - 1))));
[eva:alarm] tests/arith/at_on-purely-logic-variables.c:54: Warning:
assertion got status unknown.
[eva:alarm] tests/arith/at_on-purely-logic-variables.c:63: Warning:
diff --git a/src/plugins/e-acsl/tests/arith/oracle_ci/gen_at_on-purely-logic-variables.c b/src/plugins/e-acsl/tests/arith/oracle_ci/gen_at_on-purely-logic-variables.c
index 007bc6daa68fc06d4f1f28ab9f26eb013b76aefb..17dee7105453488b730f112a3de0e6c604b8eeae 100644
--- a/src/plugins/e-acsl/tests/arith/oracle_ci/gen_at_on-purely-logic-variables.c
+++ b/src/plugins/e-acsl/tests/arith/oracle_ci/gen_at_on-purely-logic-variables.c
@@ -56,7 +56,7 @@ void g(void)
"tests/arith/at_on-purely-logic-variables.c",16);
/*@ assert
Eva: initialization:
- \initialized(__gen_e_acsl_at + (__gen_e_acsl_w - 3));
+ \initialized(__gen_e_acsl_at + (int)(__gen_e_acsl_w - 3));
*/
if (! *(__gen_e_acsl_at + (__gen_e_acsl_w - 3))) ;
else {
@@ -240,7 +240,7 @@ int main(void)
"tests/arith/at_on-purely-logic-variables.c",29);
/*@ assert
Eva: initialization:
- \initialized(__gen_e_acsl_at_2 + (__gen_e_acsl_j - 2));
+ \initialized(__gen_e_acsl_at_2 + (int)(__gen_e_acsl_j - 2));
*/
if (! *(__gen_e_acsl_at_2 + (__gen_e_acsl_j - 2))) ;
else {
@@ -289,8 +289,8 @@ int main(void)
/*@ assert
Eva: initialization:
\initialized(__gen_e_acsl_at_3 +
- ((__gen_e_acsl_u - 9) * 11 +
- ((__gen_e_acsl_v - -5) - 1)));
+ (int)((int)((int)(__gen_e_acsl_u - 9) * 11) +
+ (int)((int)(__gen_e_acsl_v - -5) - 1)));
*/
if (*(__gen_e_acsl_at_3 + ((__gen_e_acsl_u - 9) * 11 + ((
__gen_e_acsl_v - -5) - 1))))
@@ -374,7 +374,8 @@ int main(void)
"tests/arith/at_on-purely-logic-variables.c",41);
/*@ assert
Eva: initialization:
- \initialized(__gen_e_acsl_at_5 + ((__gen_e_acsl_k_3 - -9) - 1));
+ \initialized(__gen_e_acsl_at_5 +
+ (int)((int)(__gen_e_acsl_k_3 - -9) - 1));
*/
if (! (*(__gen_e_acsl_at_5 + ((__gen_e_acsl_k_3 - -9) - 1)) == 0L))
;
@@ -427,8 +428,9 @@ int main(void)
/*@ assert
Eva: initialization:
\initialized(__gen_e_acsl_at_6 +
- ((__gen_e_acsl_u_3 - 9) * 32 +
- ((__gen_e_acsl_v_3 - -5) - 1)));
+ (int)((int)((int)(__gen_e_acsl_u_3 - 9) * 32)
+ +
+ (int)((int)(__gen_e_acsl_v_3 - -5) - 1)));
*/
if (*(__gen_e_acsl_at_6 + ((__gen_e_acsl_u_3 - 9) * 32 + (
(__gen_e_acsl_v_3 - -5) - 1))))
@@ -514,9 +516,17 @@ int main(void)
/*@ assert
Eva: initialization:
\initialized(__gen_e_acsl_at_7 +
- ((__gen_e_acsl_u_5 - 10) * 300 +
- (((__gen_e_acsl_v_5 - -10) - 1) * 100 +
- ((__gen_e_acsl_w - 100) - 1))));
+ (int)((int)((int)(__gen_e_acsl_u_5 - 10) *
+ 300)
+ +
+ (int)((int)((int)((int)(__gen_e_acsl_v_5
+ - -10)
+ - 1)
+ * 100)
+ +
+ (int)((int)(__gen_e_acsl_w -
+ 100)
+ - 1))));
*/
if (! *(__gen_e_acsl_at_7 + ((__gen_e_acsl_u_5 - 10) * 300 + (
((__gen_e_acsl_v_5 - -10) - 1) * 100 + (
@@ -650,7 +660,8 @@ void __gen_e_acsl_f(int *t)
"tests/arith/at_on-purely-logic-variables.c",7);
/*@ assert
Eva: initialization:
- \initialized(__gen_e_acsl_at + ((__gen_e_acsl_n - 1) - 1));
+ \initialized(__gen_e_acsl_at +
+ (int)((int)(__gen_e_acsl_n - 1) - 1));
*/
if (*(__gen_e_acsl_at + ((__gen_e_acsl_n - 1) - 1))) {
int __gen_e_acsl_valid_read_2;
@@ -665,7 +676,8 @@ void __gen_e_acsl_f(int *t)
"tests/arith/at_on-purely-logic-variables.c",7);
/*@ assert
Eva: initialization:
- \initialized(__gen_e_acsl_at_2 + ((__gen_e_acsl_n - 1) - 1));
+ \initialized(__gen_e_acsl_at_2 +
+ (int)((int)(__gen_e_acsl_n - 1) - 1));
*/
__gen_e_acsl_and = *(__gen_e_acsl_at_2 + ((__gen_e_acsl_n - 1) - 1));
}
diff --git a/src/plugins/e-acsl/tests/arith/oracle_ci/gen_functions.c b/src/plugins/e-acsl/tests/arith/oracle_ci/gen_functions.c
index f8431536df11c96f3b9ef987ed96d87d51eba02a..8a80b25247831cfca43226478f5dced6e8568b54 100644
--- a/src/plugins/e-acsl/tests/arith/oracle_ci/gen_functions.c
+++ b/src/plugins/e-acsl/tests/arith/oracle_ci/gen_functions.c
@@ -232,12 +232,6 @@ void __gen_e_acsl_k(int x)
return;
}
-long __gen_e_acsl_t2(mystruct m)
-{
- long __retres = m.k + (long)m.l;
- return __retres;
-}
-
int __gen_e_acsl_p2(int x, int y)
{
int __retres = x + (long)y > 0L;
@@ -384,4 +378,10 @@ int __gen_e_acsl_p1(int x, int y)
return __retres;
}
+long __gen_e_acsl_t2(mystruct m)
+{
+ long __retres = m.k + (long)m.l;
+ return __retres;
+}
+
diff --git a/src/plugins/e-acsl/tests/arith/oracle_ci/gen_functions_rec.c b/src/plugins/e-acsl/tests/arith/oracle_ci/gen_functions_rec.c
index 6b5f403f5a2f68d0bc58eed95b7ebd913c9c41cc..d7e6ba9cda321e94b0312fcf67ef5007ba3a8486 100644
--- a/src/plugins/e-acsl/tests/arith/oracle_ci/gen_functions_rec.c
+++ b/src/plugins/e-acsl/tests/arith/oracle_ci/gen_functions_rec.c
@@ -105,72 +105,6 @@ int main(void)
return __retres;
}
-int __gen_e_acsl_f2(int n)
-{
- int __gen_e_acsl_if_4;
- if (n < 0) __gen_e_acsl_if_4 = 1;
- else {
- int __gen_e_acsl_f2_9;
- int __gen_e_acsl_f2_11;
- int __gen_e_acsl_f2_13;
- __gen_e_acsl_f2_9 = __gen_e_acsl_f2_2(n - 1L);
- __gen_e_acsl_f2_11 = __gen_e_acsl_f2_2(n - 2L);
- __gen_e_acsl_f2_13 = __gen_e_acsl_f2_2(n - 3L);
- __e_acsl_assert(__gen_e_acsl_f2_13 != 0,"RTE","f2",
- "division_by_zero: __gen_e_acsl_f2_13 != 0",
- "tests/arith/functions_rec.c",10);
- /*@ assert Eva: division_by_zero: __gen_e_acsl_f2_13 ≢ 0; */
- /*@ assert
- Eva: signed_overflow:
- -2147483648 ≤ __gen_e_acsl_f2_9 * __gen_e_acsl_f2_11;
- */
- /*@ assert
- Eva: signed_overflow:
- __gen_e_acsl_f2_9 * __gen_e_acsl_f2_11 ≤ 2147483647;
- */
- /*@ assert
- Eva: signed_overflow:
- (int)(__gen_e_acsl_f2_9 * __gen_e_acsl_f2_11) / __gen_e_acsl_f2_13
- ≤ 2147483647;
- */
- __gen_e_acsl_if_4 = (__gen_e_acsl_f2_9 * __gen_e_acsl_f2_11) / __gen_e_acsl_f2_13;
- }
- return __gen_e_acsl_if_4;
-}
-
-int __gen_e_acsl_f2_2(long n)
-{
- int __gen_e_acsl_if_3;
- if (n < 0L) __gen_e_acsl_if_3 = 1;
- else {
- int __gen_e_acsl_f2_4;
- int __gen_e_acsl_f2_6;
- int __gen_e_acsl_f2_8;
- __gen_e_acsl_f2_4 = __gen_e_acsl_f2_2(n - 1L);
- __gen_e_acsl_f2_6 = __gen_e_acsl_f2_2(n - 2L);
- __gen_e_acsl_f2_8 = __gen_e_acsl_f2_2(n - 3L);
- __e_acsl_assert(__gen_e_acsl_f2_8 != 0,"RTE","f2_2",
- "division_by_zero: __gen_e_acsl_f2_8 != 0",
- "tests/arith/functions_rec.c",10);
- /*@ assert Eva: division_by_zero: __gen_e_acsl_f2_8 ≢ 0; */
- /*@ assert
- Eva: signed_overflow:
- -2147483648 ≤ __gen_e_acsl_f2_4 * __gen_e_acsl_f2_6;
- */
- /*@ assert
- Eva: signed_overflow:
- __gen_e_acsl_f2_4 * __gen_e_acsl_f2_6 ≤ 2147483647;
- */
- /*@ assert
- Eva: signed_overflow:
- (int)(__gen_e_acsl_f2_4 * __gen_e_acsl_f2_6) / __gen_e_acsl_f2_8
- ≤ 2147483647;
- */
- __gen_e_acsl_if_3 = (__gen_e_acsl_f2_4 * __gen_e_acsl_f2_6) / __gen_e_acsl_f2_8;
- }
- return __gen_e_acsl_if_3;
-}
-
int __gen_e_acsl_g(int n)
{
int __retres = 0;
@@ -317,4 +251,70 @@ void __gen_e_acsl_f1_2(__e_acsl_mpz_t *__retres_arg, long n)
return;
}
+int __gen_e_acsl_f2(int n)
+{
+ int __gen_e_acsl_if_4;
+ if (n < 0) __gen_e_acsl_if_4 = 1;
+ else {
+ int __gen_e_acsl_f2_9;
+ int __gen_e_acsl_f2_11;
+ int __gen_e_acsl_f2_13;
+ __gen_e_acsl_f2_9 = __gen_e_acsl_f2_2(n - 1L);
+ __gen_e_acsl_f2_11 = __gen_e_acsl_f2_2(n - 2L);
+ __gen_e_acsl_f2_13 = __gen_e_acsl_f2_2(n - 3L);
+ __e_acsl_assert(__gen_e_acsl_f2_13 != 0,"RTE","f2",
+ "division_by_zero: __gen_e_acsl_f2_13 != 0",
+ "tests/arith/functions_rec.c",10);
+ /*@ assert Eva: division_by_zero: __gen_e_acsl_f2_13 ≢ 0; */
+ /*@ assert
+ Eva: signed_overflow:
+ -2147483648 ≤ __gen_e_acsl_f2_9 * __gen_e_acsl_f2_11;
+ */
+ /*@ assert
+ Eva: signed_overflow:
+ __gen_e_acsl_f2_9 * __gen_e_acsl_f2_11 ≤ 2147483647;
+ */
+ /*@ assert
+ Eva: signed_overflow:
+ (int)(__gen_e_acsl_f2_9 * __gen_e_acsl_f2_11) / __gen_e_acsl_f2_13
+ ≤ 2147483647;
+ */
+ __gen_e_acsl_if_4 = (__gen_e_acsl_f2_9 * __gen_e_acsl_f2_11) / __gen_e_acsl_f2_13;
+ }
+ return __gen_e_acsl_if_4;
+}
+
+int __gen_e_acsl_f2_2(long n)
+{
+ int __gen_e_acsl_if_3;
+ if (n < 0L) __gen_e_acsl_if_3 = 1;
+ else {
+ int __gen_e_acsl_f2_4;
+ int __gen_e_acsl_f2_6;
+ int __gen_e_acsl_f2_8;
+ __gen_e_acsl_f2_4 = __gen_e_acsl_f2_2(n - 1L);
+ __gen_e_acsl_f2_6 = __gen_e_acsl_f2_2(n - 2L);
+ __gen_e_acsl_f2_8 = __gen_e_acsl_f2_2(n - 3L);
+ __e_acsl_assert(__gen_e_acsl_f2_8 != 0,"RTE","f2_2",
+ "division_by_zero: __gen_e_acsl_f2_8 != 0",
+ "tests/arith/functions_rec.c",10);
+ /*@ assert Eva: division_by_zero: __gen_e_acsl_f2_8 ≢ 0; */
+ /*@ assert
+ Eva: signed_overflow:
+ -2147483648 ≤ __gen_e_acsl_f2_4 * __gen_e_acsl_f2_6;
+ */
+ /*@ assert
+ Eva: signed_overflow:
+ __gen_e_acsl_f2_4 * __gen_e_acsl_f2_6 ≤ 2147483647;
+ */
+ /*@ assert
+ Eva: signed_overflow:
+ (int)(__gen_e_acsl_f2_4 * __gen_e_acsl_f2_6) / __gen_e_acsl_f2_8
+ ≤ 2147483647;
+ */
+ __gen_e_acsl_if_3 = (__gen_e_acsl_f2_4 * __gen_e_acsl_f2_6) / __gen_e_acsl_f2_8;
+ }
+ return __gen_e_acsl_if_3;
+}
+
diff --git a/src/plugins/e-acsl/tests/arith/oracle_ci/gen_rationals.c b/src/plugins/e-acsl/tests/arith/oracle_ci/gen_rationals.c
index bd22a341b9b2fb5c25072ebb4b661bfbbac0f19f..7943b9907d694f73cfb478d604c04ca8a7ded3e2 100644
--- a/src/plugins/e-acsl/tests/arith/oracle_ci/gen_rationals.c
+++ b/src/plugins/e-acsl/tests/arith/oracle_ci/gen_rationals.c
@@ -57,9 +57,9 @@ int main(void)
__gmpq_clear(__gen_e_acsl__4);
}
/*@ assert 0.1 ≡ 0.1; */ ;
- __e_acsl_assert(1,"Assertion","main","(double)1.0 == 1.0",
+ __e_acsl_assert(1,"Assertion","main","1.0 == 1.0",
"tests/arith/rationals.c",14);
- /*@ assert (double)1.0 ≡ 1.0; */ ;
+ /*@ assert 1.0 ≡ 1.0; */ ;
{
__e_acsl_mpq_t __gen_e_acsl__5;
double __gen_e_acsl__6;
diff --git a/src/plugins/e-acsl/tests/examples/oracle_ci/gen_functions_contiki.c b/src/plugins/e-acsl/tests/examples/oracle_ci/gen_functions_contiki.c
index 259afb2e7cf7aff685e3f821c94a0a230968a678..47e55d3fc12d7dc4c433a4048dc6a87d3fe16138 100644
--- a/src/plugins/e-acsl/tests/examples/oracle_ci/gen_functions_contiki.c
+++ b/src/plugins/e-acsl/tests/examples/oracle_ci/gen_functions_contiki.c
@@ -8,7 +8,7 @@ struct list {
/*@
logic ℤ length_aux{L}(struct list *l, ℤ n) =
\at(n < 0? -1:
- (l ≡ (struct list *)((void *)0)? n:
+ (l ≡ (struct list *)0? n:
(n < 2147483647? length_aux(l->next, n + 1): -1)),
L);
*/
diff --git a/src/plugins/e-acsl/tests/gmp-only/oracle_ci/gen_functions.c b/src/plugins/e-acsl/tests/gmp-only/oracle_ci/gen_functions.c
index 25a8fe984219cdd86055a1fc7173d91303cc1530..91010d0c7a4cd82b480d4e6cbf53122b5e49ce5b 100644
--- a/src/plugins/e-acsl/tests/gmp-only/oracle_ci/gen_functions.c
+++ b/src/plugins/e-acsl/tests/gmp-only/oracle_ci/gen_functions.c
@@ -277,25 +277,6 @@ void __gen_e_acsl_k(int x)
return;
}
-void __gen_e_acsl_t2(__e_acsl_mpz_t *__retres_arg, mystruct m)
-{
- __e_acsl_mpz_t __gen_e_acsl__10;
- __e_acsl_mpz_t __gen_e_acsl__11;
- __e_acsl_mpz_t __gen_e_acsl_add_7;
- __gmpz_init_set_si(__gen_e_acsl__10,(long)m.k);
- __gmpz_init_set_si(__gen_e_acsl__11,(long)m.l);
- __gmpz_init(__gen_e_acsl_add_7);
- __gmpz_add(__gen_e_acsl_add_7,
- (__e_acsl_mpz_struct const *)(__gen_e_acsl__10),
- (__e_acsl_mpz_struct const *)(__gen_e_acsl__11));
- __gmpz_init_set(*__retres_arg,
- (__e_acsl_mpz_struct const *)(__gen_e_acsl_add_7));
- __gmpz_clear(__gen_e_acsl__10);
- __gmpz_clear(__gen_e_acsl__11);
- __gmpz_clear(__gen_e_acsl_add_7);
- return;
-}
-
int __gen_e_acsl_p2(int x, int y)
{
__e_acsl_mpz_t __gen_e_acsl_x_2;
@@ -477,4 +458,23 @@ int __gen_e_acsl_p1(int x, int y)
return __retres;
}
+void __gen_e_acsl_t2(__e_acsl_mpz_t *__retres_arg, mystruct m)
+{
+ __e_acsl_mpz_t __gen_e_acsl__10;
+ __e_acsl_mpz_t __gen_e_acsl__11;
+ __e_acsl_mpz_t __gen_e_acsl_add_7;
+ __gmpz_init_set_si(__gen_e_acsl__10,(long)m.k);
+ __gmpz_init_set_si(__gen_e_acsl__11,(long)m.l);
+ __gmpz_init(__gen_e_acsl_add_7);
+ __gmpz_add(__gen_e_acsl_add_7,
+ (__e_acsl_mpz_struct const *)(__gen_e_acsl__10),
+ (__e_acsl_mpz_struct const *)(__gen_e_acsl__11));
+ __gmpz_init_set(*__retres_arg,
+ (__e_acsl_mpz_struct const *)(__gen_e_acsl_add_7));
+ __gmpz_clear(__gen_e_acsl__10);
+ __gmpz_clear(__gen_e_acsl__11);
+ __gmpz_clear(__gen_e_acsl_add_7);
+ return;
+}
+
diff --git a/src/plugins/e-acsl/tests/memory/oracle_ci/gen_memsize.c b/src/plugins/e-acsl/tests/memory/oracle_ci/gen_memsize.c
index a7e98e9b92928f184ef61762e98d62f6f344b6f4..60fc5642381eca2bf0accc0e9093530f27e8f3c0 100644
--- a/src/plugins/e-acsl/tests/memory/oracle_ci/gen_memsize.c
+++ b/src/plugins/e-acsl/tests/memory/oracle_ci/gen_memsize.c
@@ -57,25 +57,25 @@ int main(int argc, char **argv)
"__e_acsl_heap_allocation_size == 16",
"tests/memory/memsize.c",50);
/*@ assert __e_acsl_heap_allocation_size ≡ 16; */ ;
- __e_acsl_assert(b == (char *)0,"Assertion","main",
- "b == (char *)((void *)0)","tests/memory/memsize.c",51);
- /*@ assert b ≡ (char *)((void *)0); */ ;
+ __e_acsl_assert(b == (char *)0,"Assertion","main","b == (char *)0",
+ "tests/memory/memsize.c",51);
+ /*@ assert b ≡ (char *)0; */ ;
b = (char *)calloc(18446744073709551615UL,18446744073709551615UL);
__e_acsl_assert(__e_acsl_heap_allocation_size == 16UL,"Assertion","main",
"__e_acsl_heap_allocation_size == 16",
"tests/memory/memsize.c",55);
/*@ assert __e_acsl_heap_allocation_size ≡ 16; */ ;
- __e_acsl_assert(b == (char *)0,"Assertion","main",
- "b == (char *)((void *)0)","tests/memory/memsize.c",56);
- /*@ assert b ≡ (char *)((void *)0); */ ;
+ __e_acsl_assert(b == (char *)0,"Assertion","main","b == (char *)0",
+ "tests/memory/memsize.c",56);
+ /*@ assert b ≡ (char *)0; */ ;
b = (char *)malloc(18446744073709551615UL);
__e_acsl_assert(__e_acsl_heap_allocation_size == 16UL,"Assertion","main",
"__e_acsl_heap_allocation_size == 16",
"tests/memory/memsize.c",60);
/*@ assert __e_acsl_heap_allocation_size ≡ 16; */ ;
- __e_acsl_assert(b == (char *)0,"Assertion","main",
- "b == (char *)((void *)0)","tests/memory/memsize.c",61);
- /*@ assert b ≡ (char *)((void *)0); */ ;
+ __e_acsl_assert(b == (char *)0,"Assertion","main","b == (char *)0",
+ "tests/memory/memsize.c",61);
+ /*@ assert b ≡ (char *)0; */ ;
__retres = 0;
__e_acsl_memory_clean();
return __retres;
diff --git a/src/plugins/gui/gtk_helper.ml b/src/plugins/gui/gtk_helper.ml
index 298d75d184f3a4716f4ba7573be412659061ef06..a3b75c3b14278c6dd6716074e7875c2f0885daf7 100644
--- a/src/plugins/gui/gtk_helper.ml
+++ b/src/plugins/gui/gtk_helper.ml
@@ -47,8 +47,7 @@ let framac_logo, framac_icon =
module Configuration = struct
include Cilconfig
let configuration_file () =
- try (Gui_parameters.Config.file ~error:false "frama-c-gui.config")
- with Gui_parameters.Config.No_dir -> Datatype.Filepath.dummy
+ Gui_parameters.Config.get_file ~mode:`Create_path "frama-c-gui.config"
let load () = loadConfiguration (configuration_file ())
let save () = saveConfiguration (configuration_file ())
let reset () = Extlib.safe_remove (configuration_file () :> string);
diff --git a/src/plugins/impact/options.ml b/src/plugins/impact/options.ml
index 4f83735746019f37fb8f5cee26aea93db2ef7dce..57be52bd1a5c35955cb6f7e24d9a7c48904f922c 100644
--- a/src/plugins/impact/options.ml
+++ b/src/plugins/impact/options.ml
@@ -24,7 +24,7 @@ include Plugin.Register
(struct
let name = "impact"
let shortname = "impact"
- let help = "impact analysis (experimental)"
+ let help = "impact analysis"
end)
module Pragma =
diff --git a/src/plugins/inout/operational_inputs.ml b/src/plugins/inout/operational_inputs.ml
index a40b5c3b43dc8946dbba5ff7f66557e482085c8e..777c7ce0892b7a680201d7920f83d8fca3b58014 100644
--- a/src/plugins/inout/operational_inputs.ml
+++ b/src/plugins/inout/operational_inputs.ml
@@ -31,6 +31,9 @@ open Locations
type t = Inout_type.t = {
over_inputs: Locations.Zone.t;
over_inputs_if_termination: Locations.Zone.t;
+ over_logic_inputs: Locations.Zone.t;
+ (* [over_logic_inputs] is used internally by Eva to make memexec consider also
+ the logic inputs of the function. Computed in [transfer_annotations]. *)
under_outputs_if_termination: Locations.Zone.t;
over_outputs: Locations.Zone.t;
over_outputs_if_termination: Locations.Zone.t;
@@ -39,6 +42,7 @@ type t = Inout_type.t = {
let top = {
over_inputs = Zone.top;
over_inputs_if_termination = Zone.top;
+ over_logic_inputs = Zone.top;
under_outputs_if_termination = Zone.bottom;
over_outputs = Zone.top;
over_outputs_if_termination = Zone.top;
@@ -79,9 +83,9 @@ let join c1 c2 = {
}
let is_included c1 c2 =
- Zone.is_included c1.over_inputs_d c2.over_inputs_d &&
+ Zone.is_included c1.over_inputs_d c2.over_inputs_d &&
Zone.is_included c2.under_outputs_d c1.under_outputs_d &&
- Zone.is_included c1.over_outputs_d c2.over_outputs_d
+ Zone.is_included c1.over_outputs_d c2.over_outputs_d
let join_and_is_included smaller larger =
let join = join smaller larger in
@@ -178,6 +182,7 @@ let eval_assigns kf state assigns =
let init = { bottom with under_outputs_d = Zone.bottom } in
let r = List.fold_left treat_one_zone init l in {
over_inputs = r.over_inputs_d;
+ over_logic_inputs = r.over_inputs_d;
over_inputs_if_termination = r.over_inputs_d;
under_outputs_if_termination = r.under_outputs_d;
over_outputs = r.over_outputs_d;
@@ -209,7 +214,7 @@ module Internals =
module CallsiteHash = Value_types.Callsite.Hashtbl
-(* Results of an an entire call, represented by a pair (stmt, kernel_function]).
+(* Results of an an entire call, represented by a pair (stmt, kernel_function).
This table is filled by the [-inout-callwise] option, or for functions for
which only the specification is used. *)
module CallwiseResults =
@@ -226,6 +231,7 @@ module CallwiseResults =
module Computer(Fenv:Dataflows.FUNCTION_ENV)(X:sig
val _version: string (* Debug: Callwise or functionwise *)
val _kf: kernel_function (* Debug: Function being analyzed *)
+ val kf_pre_state: Db.Value.state (* Memory pre-state of the function. *)
val stmt_state: stmt -> Db.Value.state (* Memory state at the given stmt *)
val at_call: stmt -> kernel_function -> Inout_type.t (* Results of the
analysis for the given call. Must not contain locals or formals *)
@@ -239,11 +245,16 @@ end) = struct
all partial results. *)
let non_terminating_inputs = ref Zone.bottom
let non_terminating_outputs = ref Zone.bottom
+ let non_terminating_logic_inputs = ref Zone.bottom
let store_non_terminating_inputs inputs =
non_terminating_inputs := Zone.join !non_terminating_inputs inputs;
;;
+ let store_non_terminating_logic_inputs logic_inputs =
+ non_terminating_logic_inputs :=
+ Zone.join !non_terminating_logic_inputs logic_inputs
+
let store_non_terminating_outputs outputs =
non_terminating_outputs := Zone.join !non_terminating_outputs outputs;
;;
@@ -355,6 +366,40 @@ end) = struct
| Some lv -> add_out ~for_writing state lv Zone.bottom result)
in result
+ (* Propagate all zones in predicates for the given statement, only in the case
+ of assertions and loop-invariants. For the time being, we do not treat
+ terminating and non-terminating points of the function differently. *)
+ let transfer_annotations stmt =
+ Annotations.iter_code_annot
+ (fun _ ca ->
+ match ca.annot_content with
+ | AAssert (_, _, p)
+ | AInvariant (_, true, p) ->
+ begin
+ let env =
+ Eva.Eval_terms.env_annot
+ ~pre:X.kf_pre_state
+ ~here:(X.stmt_state stmt)
+ ()
+ in
+ match Eva.Eval_terms.predicate_deps env p with
+ | None ->
+ (* To be sound, we should perform a join with the top zone here.
+ We do nothing instead because the latter behavior would
+ directly disable memexec. *)
+ ()
+ | Some logic_deps ->
+ let p_zone =
+ Cil_datatype.Logic_label.Map.fold
+ (fun _ -> Zone.join)
+ logic_deps
+ Zone.bottom
+ in
+ store_non_terminating_logic_inputs p_zone
+ end
+ | _ -> ())
+ stmt
+
(* Transfer function on instructions. *)
let transfer_instr stmt (i: instr) (data: t) =
match i with
@@ -436,12 +481,12 @@ end) = struct
-> map_on_all_succs data
;;
- (* Note: Not sure this adds anything to the precision (or
- efficiency) once we have tested the guards. The difference does
- not show up in the tests. *)
let transfer_stmt s data =
if Db.Value.is_reachable (X.stmt_state s)
- then transfer_stmt s data
+ then begin
+ transfer_annotations s;
+ transfer_stmt s data
+ end
else []
;;
@@ -454,6 +499,7 @@ end) = struct
over_outputs_if_termination = res_if_termination.over_outputs_d;
over_inputs =
Zone.join !non_terminating_inputs res_if_termination.over_inputs_d;
+ over_logic_inputs = !non_terminating_logic_inputs;
over_outputs =
Zone.join !non_terminating_outputs res_if_termination.over_outputs_d;
}
@@ -572,6 +618,7 @@ module Callwise = struct
let inout = {
over_inputs_if_termination = in_;
over_inputs = in_;
+ over_logic_inputs = Zone.bottom;
over_outputs_if_termination = out_ ;
over_outputs = out_;
under_outputs_if_termination = sure_out;
@@ -620,13 +667,25 @@ module Callwise = struct
call_inout_stack := [];
CallwiseResults.mark_as_computed ()
- let compute_call_from_value_states kf states =
+ let compute_call_from_value_states kf call_stack states =
let module Fenv = (val Dataflows.function_env kf: Dataflows.FUNCTION_ENV) in
let module Computer = Computer(Fenv)(
struct
let _version = "callwise"
let _kf = kf
+ (* Returns the [kf] pre-state with respect to the single [call_stack]. *)
+ let kf_pre_state =
+ match Db.Value.get_initial_state_callstack kf with
+ | None ->
+ Cvalue.Model.bottom
+ | Some cs ->
+ begin
+ match Value_types.Callstack.Hashtbl.find_opt cs call_stack with
+ | None -> Cvalue.Model.bottom
+ | Some state -> state
+ end
+
let stmt_state stmt =
try Cil_datatype.Stmt.Hashtbl.find states stmt
with Not_found -> Cvalue.Model.bottom
@@ -656,13 +715,13 @@ module Callwise = struct
let inout = match value_res with
| Value_types.Normal (states, _after_states)
| Value_types.NormalStore ((states, _after_states), _) ->
- let kf = fst (List.hd call_stack) in
+ let kf, _ = List.hd call_stack in
let inout =
try
if !Db.Value.no_results (Kernel_function.get_definition kf) then
top
else
- compute_call_from_value_states kf (Lazy.force states)
+ compute_call_from_value_states kf call_stack (Lazy.force states)
with Kernel_function.No_Definition -> top
in
(match value_res with
@@ -702,6 +761,7 @@ module FunctionWise = struct
let module Computer = Computer(Fenv)(struct
let _version = "functionwise"
let _kf = kf
+ let kf_pre_state = Db.Value.get_initial_state kf
let stmt_state s = Db.Value.get_stmt_state s
let at_call stmt kf = get_external_aux ~stmt kf
end) in
diff --git a/src/plugins/instantiate/Instantiate.mli b/src/plugins/instantiate/Instantiate.mli
index 061723344f1df682af0b1900e95324f0cc451b5e..4444dd5d95bae406b65c2def46efcd16145479da 100644
--- a/src/plugins/instantiate/Instantiate.mli
+++ b/src/plugins/instantiate/Instantiate.mli
@@ -41,19 +41,20 @@ module Instantiator_builder: sig
(** Name of the implemented instantiator function *)
val function_name: string
- (** [well_typed_call ret args] must return true if and only if the
+ (** [well_typed_call ret fct args] must return true if and only if the
corresponding call is well typed in the sens that the generator can
produce a function override for the corresponding return value and
parameters, according to their types and/or values.
*)
- val well_typed_call: lval option -> exp list -> bool
+ val well_typed_call: lval option -> varinfo -> exp list -> bool
- (** [key_from_call ret args] must return an identifier for the corresponding
- call. [key_from_call ret1 args1] and [key_from_call ret2 args2] must equal
- if and only if the same override function can be used for both call. Any
- call for which [well_typed_call] returns true must be able to give a key.
+ (** [key_from_call ret fct args] must return an identifier for the
+ corresponding call. [key_from_call ret1 fct1 args1] and
+ [key_from_call ret2 fct2 args2] must equal if and only if the same
+ override function can be used for both call. Any call for which
+ [well_typed_call] returns true must be able to give a key.
*)
- val key_from_call: lval option -> exp list -> override_key
+ val key_from_call: lval option -> varinfo -> exp list -> override_key
(** [retype_args key args] must returns a new argument list compatible with
the function identified by [override_key]. [args] is the list of arguments
@@ -99,3 +100,13 @@ module Transform: sig
*)
val register: (module Instantiator_builder.Generator_sig) -> unit
end
+
+module Global_context:sig
+ (** [get_variable name f] searches for an existing variable [name]. If this
+ variable does not exists, it is created using [f].
+
+ The obtained varinfo does not need to be registered, nor [f] needs to
+ perform the registration, it will be done by the transformation.
+ *)
+ val get_variable: string -> (unit -> varinfo) -> varinfo
+end
diff --git a/src/plugins/instantiate/Makefile.in b/src/plugins/instantiate/Makefile.in
index d316b8c7c15c26f85da43d2099680ac6d968b801..8635d3bace9d9077ef18361548a18fc660a56aa2 100644
--- a/src/plugins/instantiate/Makefile.in
+++ b/src/plugins/instantiate/Makefile.in
@@ -30,6 +30,7 @@ FRAMAC_LIBDIR :=$(shell frama-c-config -print-libpath)
endif
SRC_STRING:= \
+ mem_utils \
memcmp \
memcpy \
memmove \
@@ -55,14 +56,16 @@ PLUGIN_EXTRA_DIRS:=\
stdlib
PLUGIN_CMI :=
PLUGIN_CMO := \
- basic_blocks options instantiator_builder transform register \
+ options basic_blocks \
+ global_context instantiator_builder \
+ transform register \
$(SRC_STRING) \
$(SRC_STDLIB)
PLUGIN_DISTRIBUTED := $(PLUGIN_ENABLE)
PLUGIN_DISTRIB_EXTERNAL:= Makefile.in configure.ac configure
#PLUGIN_NO_DEFAULT_TEST := no
-PLUGIN_TESTS_DIRS := string stdlib options api
+PLUGIN_TESTS_DIRS := string stdlib options api plugin
################
# Generic part #
diff --git a/src/plugins/instantiate/basic_blocks.ml b/src/plugins/instantiate/basic_blocks.ml
index c525eb2cd2b72e1beb49cf07e646bfcdd73504c4..744917afbad2aef97acbe6cf1e75c29ba33873a0 100644
--- a/src/plugins/instantiate/basic_blocks.ml
+++ b/src/plugins/instantiate/basic_blocks.ml
@@ -73,7 +73,8 @@ let rec string_of_typ_aux = function
| TComp (ci, _, _) -> "un_" ^ ci.cname
| TArray (t, Some e, _, _) ->
"arr" ^ (string_of_exp e) ^ "_" ^ string_of_typ t
- | _ -> assert false
+ | t ->
+ Options.fatal "unsupported type %a" Cil_printer.pp_typ t
and string_of_typ t = string_of_typ_aux (Cil.unrollType t)
and string_of_exp e = Format.asprintf "%a" Cil_printer.pp_exp e
@@ -111,9 +112,10 @@ let tplus ?loc t1 t2 =
let tdivide ?loc t1 t2 =
term ?loc (TBinOp(Div, t1, t2)) t1.term_type
-let ttype_of_pointed = function
+let ttype_of_pointed t =
+ match Logic_utils.unroll_type t with
| Ctype(TPtr(t, _)) | Ctype(TArray(t, _, _, _)) -> Ctype t
- | _ -> assert false
+ | _ -> Options.fatal "ttype_of_pointed on a non pointer type"
let tbuffer_range ?loc ptr len =
let last = tminus ?loc len (tinteger ?loc 1) in
@@ -129,7 +131,7 @@ let rec tunref_range ?loc ptr len =
and tunref_range_unfold ?loc lval typ =
match typ with
| Ctype(TArray(typ, Some e, _, _)) ->
- let len = Logic_utils.expr_to_term ~cast:false e in
+ let len = Logic_utils.expr_to_term ~coerce:true e in
let last = tminus ?loc len (tinteger ?loc 1) in
let range = trange ?loc (Some (tinteger ?loc 0), Some last) in
let lval = addTermOffsetLval (TIndex(range, TNoOffset)) lval in
@@ -139,9 +141,9 @@ and tunref_range_unfold ?loc lval typ =
let taccess ?loc ptr offset =
let get_lval = function
| TLval(lval) -> lval
- | _ -> assert false
+ | _ -> Options.fatal "unexpected non-lvalue on call to taccess"
in
- match ptr.term_type with
+ match Logic_utils.unroll_type ptr.term_type with
| Ctype(TPtr(_)) ->
let address = tplus ?loc ptr offset in
let lval = TLval(TMem(address), TNoOffset) in
@@ -150,19 +152,15 @@ let taccess ?loc ptr offset =
let lval = get_lval ptr.term_node in
let lval = addTermOffsetLval (TIndex(offset, TNoOffset)) lval in
term ?loc (TLval lval) (ttype_of_pointed ptr.term_type)
- | _ -> assert false
+ | _ -> Options.fatal "taccess on a non pointer type"
let sizeofpointed = function
| Ctype(TPtr(t, _)) | Ctype(TArray(t, _, _, _)) -> Cil.bytesSizeOf t
- | _ -> assert false
+ | _ -> Options.fatal "size_of_pointed on a non pointer type"
let sizeof = function
| Ctype t -> Cil.bytesSizeOf t
- | _ -> assert false
-
-let unroll_logic_type = function
- | Ctype t -> Ctype (Cil.unrollType t)
- | t -> t
+ | _ -> Options.fatal "sizeof on a non C type"
let tunref_range_bytes_len ?loc ptr bytes_len =
let sizeof = sizeofpointed ptr.term_type in
@@ -218,9 +216,9 @@ and pall_elems_eq ?loc depth t1 t2 len =
let eq = peq_unfold ?loc (depth+1) t1_acc t2_acc in
pforall ?loc ([ind], (pimplies ?loc (bounds, eq)))
and peq_unfold ?loc depth t1 t2 =
- match unroll_logic_type t1.term_type with
+ match Logic_utils.unroll_type t1.term_type with
| Ctype(TArray(_, Some len, _, _)) ->
- let len = Logic_utils.expr_to_term ~cast:false len in
+ let len = Logic_utils.expr_to_term ~coerce:true len in
pall_elems_eq ?loc depth t1 t2 len
| _ -> prel ?loc (Req, t1, t2)
@@ -234,12 +232,14 @@ and pall_elems_pred ?loc depth t1 len pred =
let eq = punfold_pred ?loc depth t1_acc pred in
pforall ?loc ([ind], (pimplies ?loc (bounds, eq)))
and punfold_pred ?loc ?(dyn_len = None) depth t1 pred =
- match unroll_logic_type t1.term_type with
+ match Logic_utils.unroll_type t1.term_type with
| Ctype(TArray(_, opt_len, _, _)) ->
- let len = match opt_len, dyn_len with
- | Some len, None -> Logic_utils.expr_to_term ~cast:false len
+ let len =
+ match opt_len, dyn_len with
+ | Some len, None -> Logic_utils.expr_to_term ~coerce:true len
| _ , Some len -> len
- | None, None -> assert false
+ | None, None ->
+ Options.fatal "Unfolding array: cannot find a length"
in
pall_elems_pred ?loc (depth+1) t1 len pred
| Ctype(TComp(ci, _, _)) ->
@@ -253,9 +253,9 @@ and pall_fields_pred ?loc ?(flex_mem_len=None) depth t1 ci pred =
punfold_pred ?loc ~dyn_len depth term pred
in
let rec eqs_fields = function
+ | [] -> []
| [ x ] -> [ eq flex_mem_len x ]
| x :: l -> let x' = eq None x in x' :: (eqs_fields l)
- | _ -> assert false
in
pands (eqs_fields ci.cfields)
@@ -263,7 +263,7 @@ let punfold_flexible_struct_pred ?loc the_struct bytes_len pred =
let struct_len = tinteger ?loc (sizeof the_struct.term_type) in
let ci = match the_struct.term_type with
| Ctype(TComp(ci, _, _) as t) when Cil.has_flexible_array_member t -> ci
- | _ -> assert false
+ | _ -> Options.fatal "Unfolding flexible on a non flexible structure"
in
let flex_type = Ctype (Extlib.last ci.cfields).ftype in
let flex_len = tminus bytes_len struct_len in
diff --git a/src/plugins/instantiate/global_context.ml b/src/plugins/instantiate/global_context.ml
new file mode 100644
index 0000000000000000000000000000000000000000..9791a78d529581153916776dd28b906b02c35232
--- /dev/null
+++ b/src/plugins/instantiate/global_context.ml
@@ -0,0 +1,90 @@
+(**************************************************************************)
+(* *)
+(* This file is part of Frama-C. *)
+(* *)
+(* Copyright (C) 2007-2020 *)
+(* CEA (Commissariat à l'énergie atomique et aux énergies *)
+(* alternatives) *)
+(* *)
+(* you can redistribute it and/or modify it under the terms of the GNU *)
+(* Lesser General Public License as published by the Free Software *)
+(* Foundation, version 2.1. *)
+(* *)
+(* It is distributed in the hope that it will be useful, *)
+(* but WITHOUT ANY WARRANTY; without even the implied warranty of *)
+(* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *)
+(* GNU Lesser General Public License for more details. *)
+(* *)
+(* See the GNU Lesser General Public License version 2.1 *)
+(* for more details (enclosed in the file licenses/LGPLv2.1). *)
+(* *)
+(**************************************************************************)
+
+module Table = Datatype.String.Hashtbl
+
+let varinfos = Table.create 13
+let logic_functions = Table.create 13
+let axiomatics = Table.create 13
+
+let get_variable name make =
+ if Table.mem varinfos name then Table.find varinfos name
+ else begin
+ try Globals.Vars.find_from_astinfo name VGlobal
+ with Not_found ->
+ let vi = make () in
+ Table.add varinfos name vi ;
+ vi
+ end
+
+let get_logic_function name make =
+ if Table.mem logic_functions name then Table.find logic_functions name
+ else begin
+ match Logic_env.find_all_logic_functions name with
+ | [] ->
+ let li = make () in
+ Table.add logic_functions name li ;
+ Logic_utils.add_logic_function li ;
+ li
+ | [x] -> x
+ | _ :: _ -> Options.not_yet_implemented "Logic function overloading"
+ end
+
+let in_axiomatic_functions = Table.create 13
+
+let get_logic_function_in_axiomatic name make =
+ if Table.mem in_axiomatic_functions name then
+ Table.find in_axiomatic_functions name
+ else begin
+ let make_then_find name =
+ let open Cil_types in
+ let (ax_name, ax_list), functions = make () in
+ List.iter
+ (fun f ->
+ Table.add in_axiomatic_functions f.l_var_info.lv_name f ;
+ Logic_utils.add_logic_function f)
+ functions ;
+ Table.add axiomatics ax_name ax_list ;
+ Table.find in_axiomatic_functions name
+ in
+ try match Logic_env.find_all_logic_functions name with
+ | [] -> make_then_find name
+ | [x] -> x
+ | _ :: _ -> Options.not_yet_implemented "Logic function overloading"
+ with Not_found ->
+ Options.fatal "Failed to build %s" name
+ end
+
+let clear () = Table.clear varinfos
+
+let globals loc =
+ let open Cil_types in
+ let l = [] in
+ let l =
+ Table.fold (fun _ x l -> GVarDecl(x, loc) :: l) varinfos l
+ in
+ let annot x loc = GAnnot(x, loc) in
+ let fun_or_pred x loc = annot (Dfun_or_pred (x, loc)) loc in
+ let axiomatic name list loc = annot(Daxiomatic(name, list, [], loc)) loc in
+ let l = Table.fold (fun _ x l -> fun_or_pred x loc :: l) logic_functions l in
+ let l = Table.fold (fun n x l -> axiomatic n x loc :: l) axiomatics l in
+ l
diff --git a/src/plugins/instantiate/global_context.mli b/src/plugins/instantiate/global_context.mli
new file mode 100644
index 0000000000000000000000000000000000000000..9a1456ff0bb26db8834f8857a883749d52e91b8b
--- /dev/null
+++ b/src/plugins/instantiate/global_context.mli
@@ -0,0 +1,65 @@
+(**************************************************************************)
+(* *)
+(* This file is part of Frama-C. *)
+(* *)
+(* Copyright (C) 2007-2020 *)
+(* CEA (Commissariat à l'énergie atomique et aux énergies *)
+(* alternatives) *)
+(* *)
+(* you can redistribute it and/or modify it under the terms of the GNU *)
+(* Lesser General Public License as published by the Free Software *)
+(* Foundation, version 2.1. *)
+(* *)
+(* It is distributed in the hope that it will be useful, *)
+(* but WITHOUT ANY WARRANTY; without even the implied warranty of *)
+(* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *)
+(* GNU Lesser General Public License for more details. *)
+(* *)
+(* See the GNU Lesser General Public License version 2.1 *)
+(* for more details (enclosed in the file licenses/LGPLv2.1). *)
+(* *)
+(**************************************************************************)
+
+open Cil_types
+
+(** The purpose of this module global definitions when it is needed by
+ instantiation modules.
+*)
+
+(** [get_variable name f] searches for an existing variable [name]. If this
+ variable does not exists, it is created using [f].
+
+ The obtained varinfo does not need to be registered, nor [f] needs to
+ perform the registration, it will be done by the transformation.
+*)
+val get_variable: string -> (unit -> varinfo) -> varinfo
+
+(** [get_logic_function name f] searches for an existing logic function [name].
+ If this function does not exists, it is created using [f]. If the logic
+ function must be part of an axiomatic block **DO NOT** use this function,
+ use [get_logic_function_in_axiomatic].
+
+ Note that function overloading is not supported.
+*)
+val get_logic_function: string -> (unit -> logic_info) -> logic_info
+
+(** [get_logic_function_in_axiomatic name f] searches for an existing logic
+ function [name]. If this function does not exists, an axiomatic definition
+ is created using [f].
+
+ [f] must return:
+ - the axiomatic in a form [name, list of the defintions (incl. functions)]
+ - all functions that are part of the axiomatic definition
+
+ Note that function overloading is not supported.
+*)
+val get_logic_function_in_axiomatic:
+ string ->
+ (unit -> (string * global_annotation list) * logic_info list) ->
+ logic_info
+
+(** Clears internal tables *)
+val clear: unit -> unit
+
+(** Creates a list of global for the elements that have been created *)
+val globals: location -> global list
diff --git a/src/plugins/instantiate/instantiator_builder.ml b/src/plugins/instantiate/instantiator_builder.ml
index df9028d122de56f183632d9571c2f3e3056ec14c..74242ed7bb5f1a50f2fbde264954abda3404141e 100644
--- a/src/plugins/instantiate/instantiator_builder.ml
+++ b/src/plugins/instantiate/instantiator_builder.ml
@@ -28,8 +28,8 @@ module type Generator_sig = sig
type override_key = Hashtbl.key
val function_name: string
- val well_typed_call: lval option -> exp list -> bool
- val key_from_call: lval option -> exp list -> override_key
+ val well_typed_call: lval option -> varinfo -> exp list -> bool
+ val key_from_call: lval option -> varinfo -> exp list -> override_key
val retype_args: override_key -> exp list -> exp list
val args_for_original: override_key -> exp list -> exp list
val generate_prototype: override_key -> (string * typ)
@@ -41,15 +41,14 @@ module type Instantiator = sig
type override_key
val function_name: string
- val well_typed_call: lval option -> exp list -> bool
- val key_from_call: lval option -> exp list -> override_key
+ val well_typed_call: lval option -> varinfo -> exp list -> bool
+ val key_from_call: lval option -> varinfo -> exp list -> override_key
val retype_args: override_key -> exp list -> exp list
val get_override: override_key -> fundec
val get_kfs: unit -> kernel_function list
- val mark_as_computed: ?project:Project.t -> unit -> unit
+ val clear: unit -> unit
end
-
let build_body caller callee args_generator =
let open Extlib in
let loc = Cil_datatype.Location.unknown in
@@ -68,12 +67,13 @@ let build_body caller callee args_generator =
module Make_instantiator (G: Generator_sig) = struct
include G
module Enabled = Options.NewInstantiator (G)
- module Cache = State_builder.Hashtbl (G.Hashtbl) (Cil_datatype.Fundec)
- (struct
- let size = 5
- let dependencies = []
- let name = "Instantiator." ^ G.function_name
- end)
+ module Cache = struct
+ let tbl = G.Hashtbl.create 13
+ let find = G.Hashtbl.find tbl
+ let add = G.Hashtbl.add tbl
+ let fold f = G.Hashtbl.fold f tbl
+ let clear () = G.Hashtbl.clear tbl
+ end
let make_fundec key =
let open Globals.Functions in
@@ -113,5 +113,6 @@ module Make_instantiator (G: Generator_sig) = struct
let get_kfs () =
Cache.fold (fun _ fd l -> Globals.Functions.get fd.svar :: l) []
- let mark_as_computed = Cache.mark_as_computed
+ let clear () =
+ Cache.clear ()
end
diff --git a/src/plugins/instantiate/instantiator_builder.mli b/src/plugins/instantiate/instantiator_builder.mli
index e2432608275499398adeb83d13636fb8ea7f2146..b0eb2f79fcf975b1957079beed9ac29d32c14e6d 100644
--- a/src/plugins/instantiate/instantiator_builder.mli
+++ b/src/plugins/instantiate/instantiator_builder.mli
@@ -40,19 +40,20 @@ module type Generator_sig = sig
(** Name of the implemented function *)
val function_name: string
- (** [well_typed_call ret args] must return true if and only if the
+ (** [well_typed_call ret fct args] must return true if and only if the
corresponding call is well typed in the sens that the generator can
produce a function override for the corresponding return value and
parameters, according to their types and/or values.
*)
- val well_typed_call: lval option -> exp list -> bool
+ val well_typed_call: lval option -> varinfo -> exp list -> bool
- (** [key_from_call ret args] must return an identifier for the corresponding
- call. [key_from_call ret1 args1] and [key_from_call ret2 args2] must equal
- if and only if the same override function can be used for both call. Any
- call for which [well_typed_call] returns true must be able to give a key.
+ (** [key_from_call ret fct args] must return an identifier for the
+ corresponding call. [key_from_call ret1 fct1 args1] and
+ [key_from_call ret2 fct2 args2] must equal if and only if the same
+ override function can be used for both call. Any call for which
+ [well_typed_call] returns true must be able to give a key.
*)
- val key_from_call: lval option -> exp list -> override_key
+ val key_from_call: lval option -> varinfo -> exp list -> override_key
(** [retype_args key args] must returns a new argument list compatible with
the function identified by [override_key]. [args] is the list of arguments
@@ -105,9 +106,9 @@ module type Instantiator = sig
(** Same as [Generator_sig.override_key] *)
val function_name: string
(** Same as [Generator_sig.override_key] *)
- val well_typed_call: lval option -> exp list -> bool
+ val well_typed_call: lval option -> varinfo -> exp list -> bool
(** Same as [Generator_sig.override_key] *)
- val key_from_call: lval option -> exp list -> override_key
+ val key_from_call: lval option -> varinfo -> exp list -> override_key
(** Same as [Generator_sig.override_key] *)
val retype_args: override_key -> exp list -> exp list
@@ -123,10 +124,9 @@ module type Instantiator = sig
*)
val get_kfs: unit -> kernel_function list
- (** [mark_as_computed ?project ()] applies the [mark_as_computed] on the
- internal table.
+ (** [clear ()] clears the internal table of the instantiator.
*)
- val mark_as_computed: ?project:Project.t -> unit -> unit
+ val clear: unit -> unit
end
(** Generates a [Instantiator] from a [Generator_sig] adding all necessary stuff for
diff --git a/src/plugins/instantiate/stdlib/basic_alloc.ml b/src/plugins/instantiate/stdlib/basic_alloc.ml
index 96ab43c06e59c55f07d81a053663d33b760b9a0c..a35a97b53e37d96e97149e0bb851c4db758cac6c 100644
--- a/src/plugins/instantiate/stdlib/basic_alloc.ml
+++ b/src/plugins/instantiate/stdlib/basic_alloc.ml
@@ -25,12 +25,14 @@ open Basic_blocks
open Cil_types
open Extlib
+let unexpected = Options.fatal "Stdlib.Basic_alloc: unexpected: %s"
+
let valid_size ?loc typ size =
let p = match typ with
| TComp (ci, _, _) when Cil.has_flexible_array_member typ ->
let elem = match (last ci.cfields).ftype with
| TArray(t, _ , _, _) -> tinteger ?loc (Cil.bytesSizeOf t)
- | _ -> assert false
+ | _ -> unexpected "non array last field on flexible structure"
in
let base = tinteger ?loc (Cil.bytesSizeOf typ) in
let flex = tminus ?loc size base in
@@ -45,10 +47,56 @@ let valid_size ?loc typ size =
in
new_predicate { p with pred_name = ["correct_size"] }
+let heap_status () =
+ let name = "__fc_heap_status" in
+ let make () =
+ let vi = Cil.makeVarinfo ~ghost:true true false name Cil.intType in
+ vi.vstorage <- Extern ;
+ vi
+ in
+ let vi = Global_context.get_variable name make in
+ Basic_blocks.cvar_to_tvar vi
+
+let make_is_allocable () =
+ let name = "is_allocable" in
+ {
+ l_var_info = Cil_const.make_logic_var_global name (Ctype Cil.voidType) ;
+ l_type = None ;
+ l_tparams = [];
+ l_labels = [FormalLabel("L")];
+ l_profile = [Cil_const.make_logic_var_formal "i" Linteger] ;
+ l_body = LBreads [new_identified_term (heap_status())];
+ }
+
+let make_axiomatic_is_allocable loc () =
+ let is_allocable = make_is_allocable () in
+ let lv_i = Cil_const.make_logic_var_quant "i" Linteger in
+ let t_i = tvar lv_i in
+ let zero = tinteger 0 in
+ let max =
+ tinteger
+ (Integer.to_int
+ (Cil.max_unsigned_number (Cil.bitsSizeOf (size_t ()))))
+ in
+ let label = FormalLabel("L") in
+ let cond = pand (prel (Rlt, t_i, zero), prel (Rgt, t_i, max)) in
+ let app = pnot (papp (is_allocable,[label],[t_i])) in
+ let prop = pforall ([lv_i], pimplies (cond, app)) in
+ let gfun = Dfun_or_pred(is_allocable, loc) in
+ let axiom = Dlemma("never_allocable", true, [label],[],prop,[], loc) in
+ ("dynamic_allocation", [gfun ; axiom]), [is_allocable]
+
+let get_is_allocable loc =
+ Global_context.get_logic_function_in_axiomatic
+ "is_allocable" (make_axiomatic_is_allocable loc)
+
let pis_allocable ?loc size =
- let is_allocable = Logic_env.find_all_logic_functions "is_allocable" in
- let is_allocable = as_singleton is_allocable in
- papp ?loc (is_allocable, [here_label], [size])
+ let loc = match loc with
+ | None -> Cil_datatype.Location.unknown
+ | Some l -> l
+ in
+ let is_allocable = get_is_allocable loc in
+ papp ~loc (is_allocable, [here_label], [size])
let is_allocable ?loc size =
let p = pis_allocable ?loc size in
@@ -58,10 +106,6 @@ let isnt_allocable ?loc size =
let p = pnot ?loc (pis_allocable ?loc size) in
new_predicate { p with pred_name = [ "allocable" ]}
-let heap_status () =
- let heap_status = Globals.Vars.find_from_astinfo "__fc_heap_status" VGlobal in
- Basic_blocks.cvar_to_tvar (heap_status)
-
let assigns_result ?loc typ deps =
let heap_status = new_identified_term (heap_status ()) in
let deps = match deps with
diff --git a/src/plugins/instantiate/stdlib/calloc.ml b/src/plugins/instantiate/stdlib/calloc.ml
index 1ea994392c6c840d0e183a6db74bf9d53e4f2fc3..cebc53197c970139cab11bfd44936719ff4518cb 100644
--- a/src/plugins/instantiate/stdlib/calloc.ml
+++ b/src/plugins/instantiate/stdlib/calloc.ml
@@ -27,13 +27,15 @@ open Logic_const
let function_name = "calloc"
+let unexpected = Options.fatal "Stdlib.Calloc: unexpected: %s"
+
let pset_len_to_zero ?loc alloc_type num size =
let eq_simpl_value ?loc t =
- let value = match t.term_type with
+ let value = match Logic_utils.unroll_type t.term_type with
| Ctype(TPtr(_)) -> term Tnull t.term_type
| Ctype(TFloat(_)) -> treal ?loc 0.
- | Ctype(TInt(_)) -> tinteger ?loc 0
- | _ -> assert false
+ | Ctype(TInt(_) | TEnum (_)) -> tinteger ?loc 0
+ | _ -> unexpected "non atomic type during equality generation"
in
prel ?loc (Req, t, value)
in
@@ -62,9 +64,9 @@ let generate_requires ?loc alloc_type num size =
let pinitialized_len ?loc alloc_type num size =
let result = tresult ?loc (ptr_of alloc_type) in
let initialized ?loc t =
- let t = match t.term_node, t.term_type with
+ let t = match t.term_node, Logic_utils.unroll_type t.term_type with
| TLval (lv), Ctype t -> taddrof ?loc lv (Ctype (ptr_of t))
- | _ -> assert false
+ | _ -> unexpected "non lvalue or non c-type during initialized generation"
in
pinitialized ?loc (here_label, t)
in
@@ -108,7 +110,7 @@ let make_behavior_no_allocation loc alloc_type num size =
let generate_spec alloc_type { svar = vi } loc =
let (cnum, csize) = match Cil.getFormalsDecl vi with
| [ cnum ; csize ] -> cnum, csize
- | _ -> assert false
+ | _ -> unexpected "ill-formed fundec in specification generation"
in
let num = tlogic_coerce ~loc (cvar_to_tvar cnum) Linteger in
let size = tlogic_coerce ~loc (cvar_to_tvar csize) Linteger in
@@ -129,20 +131,21 @@ let generate_prototype alloc_type =
] in
name, (TFun((ptr_of alloc_type), Some params, false, []))
-let well_typed_call ret args =
+let well_typed_call ret _fct args =
match ret, args with
| Some ret, [ _ ; _ ] ->
let t = Cil.typeOfLval ret in
- Cil.isPointerType t && not (Cil.isVoidPtrType t)
+ Cil.isPointerType t && not (Cil.isVoidPtrType t) &&
+ Cil.isCompleteType (Cil.typeOf_pointed t)
| _ -> false
-let key_from_call ret _ =
+let key_from_call ret _fct _ =
match ret with
| Some ret ->
let ret_t = Cil.unrollTypeDeep (Cil.typeOfLval ret) in
let ret_t = Cil.type_remove_qualifier_attributes_deep ret_t in
Cil.typeOf_pointed ret_t
- | None -> assert false
+ | _ -> unexpected "trying to generate a key on an ill-typed call"
let retype_args _typ args = args
let args_for_original _typ args = args
diff --git a/src/plugins/instantiate/stdlib/free.ml b/src/plugins/instantiate/stdlib/free.ml
index 7e00ccdb12e8bb6ab5160d40152dc5876e1ab94d..b1adaae34a331f69f8b9f4110511a726cda44cb9 100644
--- a/src/plugins/instantiate/stdlib/free.ml
+++ b/src/plugins/instantiate/stdlib/free.ml
@@ -25,6 +25,8 @@ open Basic_alloc
open Cil_types
open Logic_const
+let unexpected = Options.fatal "Stdlib.Free: unexpected: %s"
+
let function_name = "free"
let null_pointer ?loc ptr =
@@ -63,7 +65,7 @@ let make_behavior_no_deallocation loc ptr =
let generate_spec _typ { svar = vi } loc =
let ptr = match Cil.getFormalsDecl vi with
| [ ptr ] -> cvar_to_tvar ptr
- | _ -> assert false
+ | _ -> unexpected "ill-formed fundec in specification generation"
in
let requires = generate_requires loc ptr in
let assigns = generate_global_assigns ptr in
@@ -81,21 +83,21 @@ let generate_prototype alloc_t =
] in
name, (TFun(Cil.voidType, Some params, false, []))
-let well_typed_call _ret args =
+let well_typed_call _ret _fct args =
match args with
| [ ptr ] ->
let t = Cil.typeOf (Cil.stripCasts ptr) in
Cil.isPointerType t && not (Cil.isVoidPtrType t)
| _ -> false
-let key_from_call _ret args =
+let key_from_call _ret _fct args =
match args with
| [ ptr ] ->
let ptr = Cil.stripCasts ptr in
let ptr_t = Cil.unrollTypeDeep (Cil.typeOf ptr) in
let ptr_t = Cil.type_remove_qualifier_attributes_deep ptr_t in
Cil.typeOf_pointed ptr_t
- | _ -> assert false
+ | _ -> unexpected "trying to generate a key on an ill-typed call"
let retype_args _typ args = List.map Cil.stripCasts args
let args_for_original _typ args = args
diff --git a/src/plugins/instantiate/stdlib/malloc.ml b/src/plugins/instantiate/stdlib/malloc.ml
index a6debf251e1080313e96210b5a0ecc0404fa29b9..f7b3e9f3b0d3485f7cf7ace2a47d12712b19f0bd 100644
--- a/src/plugins/instantiate/stdlib/malloc.ml
+++ b/src/plugins/instantiate/stdlib/malloc.ml
@@ -27,6 +27,8 @@ open Logic_const
let function_name = "malloc"
+let unexpected = Options.fatal "Stdlib.Malloc: unexpected: %s"
+
let generate_global_assigns loc ptr_type size =
let assigns_result = assigns_result ~loc ptr_type [ size ] in
let assigns_heap = assigns_heap [ size ] in
@@ -49,7 +51,7 @@ let make_behavior_no_allocation loc ptr_type size =
let generate_spec alloc_typ { svar = vi } loc =
let (csize) = match Cil.getFormalsDecl vi with
| [ size ] -> size
- | _ -> assert false
+ | _ -> unexpected "ill-formed fundec in specification generation"
in
let size = tlogic_coerce ~loc (cvar_to_tvar csize) Linteger in
let requires = [ valid_size ~loc alloc_typ size ] in
@@ -68,20 +70,21 @@ let generate_prototype alloc_t =
] in
name, (TFun((ptr_of alloc_t), Some params, false, []))
-let well_typed_call ret args =
+let well_typed_call ret _fct args =
match ret, args with
| Some ret, [ _ ] ->
let t = Cil.typeOfLval ret in
- Cil.isPointerType t && not (Cil.isVoidPtrType t)
+ Cil.isPointerType t && not (Cil.isVoidPtrType t) &&
+ Cil.isCompleteType (Cil.typeOf_pointed t)
| _ -> false
-let key_from_call ret _ =
+let key_from_call ret _fct _ =
match ret with
| Some ret ->
let ret_t = Cil.unrollTypeDeep (Cil.typeOfLval ret) in
let ret_t = Cil.type_remove_qualifier_attributes_deep ret_t in
Cil.typeOf_pointed ret_t
- | None -> assert false
+ | _ -> unexpected "trying to generate a key on an ill-typed call"
let retype_args _typ args = args
let args_for_original _typ args = args
diff --git a/src/plugins/instantiate/string/mem_utils.ml b/src/plugins/instantiate/string/mem_utils.ml
new file mode 100644
index 0000000000000000000000000000000000000000..de076b1e3c029f90e6ab4698b6ffe971b07c369b
--- /dev/null
+++ b/src/plugins/instantiate/string/mem_utils.ml
@@ -0,0 +1,172 @@
+(**************************************************************************)
+(* *)
+(* This file is part of Frama-C. *)
+(* *)
+(* Copyright (C) 2007-2020 *)
+(* CEA (Commissariat à l'énergie atomique et aux énergies *)
+(* alternatives) *)
+(* *)
+(* you can redistribute it and/or modify it under the terms of the GNU *)
+(* Lesser General Public License as published by the Free Software *)
+(* Foundation, version 2.1. *)
+(* *)
+(* It is distributed in the hope that it will be useful, *)
+(* but WITHOUT ANY WARRANTY; without even the implied warranty of *)
+(* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *)
+(* GNU Lesser General Public License for more details. *)
+(* *)
+(* See the GNU Lesser General Public License version 2.1 *)
+(* for more details (enclosed in the file licenses/LGPLv2.1). *)
+(* *)
+(**************************************************************************)
+
+open Basic_blocks
+open Cil_types
+open Logic_const
+
+type kind = CPtr | Ptr | Data of typ
+type action = Strip | Id
+type param = string * kind * action
+type proto = kind * param list
+type 'a spec_gen = location -> typ -> term -> term -> term -> 'a
+
+type pointed_expr_type =
+ | Of_null of typ
+ | Value_of of typ
+ | No_pointed
+
+let exp_type_of_pointed x =
+ let no_cast = Cil.stripCasts x in
+ if not (Cil.isPointerType (Cil.typeOf no_cast)) then
+ match Cil.constFoldToInt x with
+ | Some t when Integer.(equal t (of_int 0)) ->
+ Of_null (Cil.typeOf_pointed (Cil.typeOf x))
+ | _ ->
+ No_pointed
+ else
+ let xt = Cil.unrollTypeDeep (Cil.typeOf no_cast) in
+ let xt = Cil.type_remove_qualifier_attributes_deep xt in
+ Value_of (Cil.typeOf_pointed xt)
+
+let unexpected = Options.fatal "Mem_utils: %s"
+
+let mem2s_typing _ = function
+ | [ dest ; src ; len ] ->
+ (Cil.isIntegralType len) &&
+ (Cil_datatype.Typ.equal dest src) &&
+ (not (Cil.isVoidType dest)) &&
+ (Cil.isCompleteType dest)
+ | _ -> false
+
+let mem2s_spec ~requires ~assigns ~ensures _t { svar = vi } loc =
+ let (cdest, csrc, clen) = match Cil.getFormalsDecl vi with
+ | [ dest ; src ; len ] -> dest, src, len
+ | _ -> unexpected "ill-formed fundec in specification generation"
+ in
+ let t = cdest.vtype in
+ let dest = cvar_to_tvar cdest in
+ let src = cvar_to_tvar csrc in
+ let len = cvar_to_tvar clen in
+ let requires = requires loc t dest src len in
+ let assigns = assigns loc t dest src len in
+ let ensures = ensures loc t dest src len in
+ make_funspec [make_behavior ~requires ~assigns ~ensures ()] ()
+
+let pcopied_len_bytes ?loc p1 p2 bytes_len =
+ plet_len_div_size ?loc p1.term_type bytes_len
+ (punfold_all_elems_eq ?loc p1 p2)
+
+let memcpy_memmove_common_requires loc _ dest src len =
+ List.map new_predicate [
+ { (pcorrect_len_bytes ~loc dest.term_type len)
+ with pred_name = ["aligned_end"] } ;
+ { (pvalid_len_bytes ~loc here_label dest len)
+ with pred_name = ["valid_dest"] } ;
+ { (pvalid_read_len_bytes ~loc here_label src len)
+ with pred_name = ["valid_read_src"] } ;
+ ]
+
+let memcpy_memmove_common_assigns loc t dest src len =
+ let dest_range = new_identified_term (tunref_range_bytes_len ~loc dest len) in
+ let src_range = new_identified_term(tunref_range_bytes_len ~loc src len) in
+ let copy = dest_range, From [src_range] in
+ let result = new_identified_term (tresult t) in
+ let dest = new_identified_term dest in
+ let res = result, From [dest] in
+ Writes [ copy ; res ]
+
+let presult_dest ?loc t dest =
+ prel ?loc (Req, (tresult ?loc t), dest)
+
+let memcpy_memmove_common_ensures name loc t dest src len =
+ List.map (fun p -> Normal, new_predicate p) [
+ { (pcopied_len_bytes ~loc dest src len) with pred_name = [name] } ;
+ { (presult_dest ~loc t dest) with pred_name = ["result"] }
+ ]
+
+module type Function = sig
+ val name: string
+ val prototype: unit -> proto
+ val well_typed: typ option -> typ list -> bool
+end
+
+module Make (F: Function) =
+struct
+ let generate_function_type t =
+ let to_type = function
+ | CPtr -> ptr_of (const_of t)
+ | Ptr -> ptr_of t
+ | Data t -> t
+ in
+ let ret, ps = F.prototype () in
+ let ret = to_type ret in
+ let ps = List.map (fun (name, kind, _) -> name, (to_type kind), []) ps in
+ TFun(ret, Some ps, false, [])
+
+ let generate_prototype t =
+ let ftype = generate_function_type t in
+ let name = F.name ^ "_" ^ (string_of_typ t) in
+ name, ftype
+
+ let well_typed_call lval _fct args =
+ let _, ps = F.prototype () in
+ if List.length args <> List.length ps then false
+ else
+ let extract e = function
+ | _, (CPtr | Ptr), _ -> exp_type_of_pointed e
+ | _, Data _ , _ -> Value_of (Cil.typeOf e)
+ in
+ let lvt = Extlib.opt_map Cil.typeOfLval lval in
+ let pts = List.map2 extract args ps in
+ let is_no_pointed = function No_pointed -> true | _ -> false in
+ let the_typ = function
+ | No_pointed -> assert false
+ | Value_of t | Of_null t -> t
+ in
+ if List.exists is_no_pointed pts then false
+ else F.well_typed lvt (List.map the_typ pts)
+
+ let retype_args _ args =
+ let _, ps = F.prototype () in
+ if List.length args <> List.length ps then
+ unexpected "trying to retype arguments on an ill-typed call"
+ else
+ let retype x = function
+ | _, _, Strip -> Cil.stripCasts x
+ | _, _, Id -> x
+ in
+ List.map2 retype args ps
+
+ let key_from_call _ret _fct args =
+ let _, ps = F.prototype () in
+ match ps, args with
+ | (_, (Ptr|CPtr), _) :: ps, fst :: args
+ when List.(length ps = length args) ->
+ begin match exp_type_of_pointed fst with
+ | Value_of t -> t
+ | _ ->
+ unexpected "Mem_utils: trying to get key on an ill-typed call"
+ end
+ | _ ->
+ unexpected "Mem_utils: trying to get key on an ill-typed call"
+end
diff --git a/src/plugins/instantiate/string/mem_utils.mli b/src/plugins/instantiate/string/mem_utils.mli
new file mode 100644
index 0000000000000000000000000000000000000000..2a580c48732ada81908001ff088e88858048da53
--- /dev/null
+++ b/src/plugins/instantiate/string/mem_utils.mli
@@ -0,0 +1,75 @@
+(**************************************************************************)
+(* *)
+(* This file is part of Frama-C. *)
+(* *)
+(* Copyright (C) 2007-2020 *)
+(* CEA (Commissariat à l'énergie atomique et aux énergies *)
+(* alternatives) *)
+(* *)
+(* you can redistribute it and/or modify it under the terms of the GNU *)
+(* Lesser General Public License as published by the Free Software *)
+(* Foundation, version 2.1. *)
+(* *)
+(* It is distributed in the hope that it will be useful, *)
+(* but WITHOUT ANY WARRANTY; without even the implied warranty of *)
+(* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *)
+(* GNU Lesser General Public License for more details. *)
+(* *)
+(* See the GNU Lesser General Public License version 2.1 *)
+(* for more details (enclosed in the file licenses/LGPLv2.1). *)
+(* *)
+(**************************************************************************)
+
+open Cil_types
+
+type kind = CPtr | Ptr | Data of typ
+type action = Strip | Id
+type param = string * kind * action
+type proto = kind * param list
+
+module type Function = sig
+ val name: string
+
+ val prototype: unit -> proto
+
+ (** receives the type of the lvalue and the types of the arguments received
+ for a call to the function and returns [true] iff they are correct.
+ The received types depend on the [prototype] of the module.
+ - if the kind is [Data t] -> it is the exact type of the expr/lvalue
+ - it the kind is [(C)Ptr] -> it is the pointed type of the expr/lvalue
+ *)
+ val well_typed: typ option -> typ list -> bool
+end
+
+module Make (F: Function) : sig
+ val generate_function_type : typ -> typ
+ val generate_prototype : typ -> string * typ
+ val well_typed_call : lval option -> varinfo -> exp list -> bool
+ val retype_args : typ -> exp list -> exp list
+ val key_from_call : lval option -> varinfo -> exp list -> typ
+end
+
+(** location -> key -> s1 -> s2 -> len -> spec_result *)
+type 'a spec_gen = location -> typ -> term -> term -> term -> 'a
+
+val mem2s_spec:
+ requires: (identified_predicate list) spec_gen ->
+ assigns: assigns spec_gen ->
+ ensures: (termination_kind * identified_predicate) list spec_gen ->
+ typ -> fundec -> location -> funspec
+
+val mem2s_typing: typ option -> typ list -> bool
+
+val memcpy_memmove_common_requires: (identified_predicate list) spec_gen
+
+val memcpy_memmove_common_assigns: assigns spec_gen
+
+val memcpy_memmove_common_ensures:
+ string -> (termination_kind * identified_predicate) list spec_gen
+
+type pointed_expr_type =
+ | Of_null of typ
+ | Value_of of typ
+ | No_pointed
+
+val exp_type_of_pointed: exp -> pointed_expr_type
diff --git a/src/plugins/instantiate/string/memcmp.ml b/src/plugins/instantiate/string/memcmp.ml
index 813ab06065ffd8950c70eee109e2c9f264d69a64..59969c7ddeed41df219bd4ab7f2bd52d29d2e00c 100644
--- a/src/plugins/instantiate/string/memcmp.ml
+++ b/src/plugins/instantiate/string/memcmp.ml
@@ -26,7 +26,7 @@ open Basic_blocks
let function_name = "memcmp"
-let generate_requires loc s1 s2 len =
+let requires loc _ s1 s2 len =
List.map new_predicate [
{ (pcorrect_len_bytes ~loc s1.term_type len)
with pred_name = ["aligned_end"] } ;
@@ -41,7 +41,7 @@ let presult_memcmp ?loc p1 p2 len =
let res = prel ?loc (Req, (tresult ?loc Cil.intType), (tinteger ?loc 0)) in
piff ?loc (res, eq)
-let generate_assigns loc s1 s2 len =
+let assigns loc _ s1 s2 len =
let indirect_range loc s len =
new_identified_term
{ (tunref_range_bytes_len ~loc s len) with term_name = ["indirect"] }
@@ -55,77 +55,37 @@ let generate_assigns loc s1 s2 len =
let presult_memcmp_len_bytes ?loc p1 p2 bytes_len =
plet_len_div_size ?loc p1.term_type bytes_len (presult_memcmp ?loc p1 p2)
-let generate_ensures loc s1 s2 len =
+let ensures loc _ s1 s2 len =
List.map (fun p -> Normal, new_predicate p) [
{ (presult_memcmp_len_bytes ~loc s1 s2 len) with pred_name = [ "equals" ] }
]
-let generate_spec _t { svar = vi } loc =
- let (c_s1, c_s2, clen) = match Cil.getFormalsDecl vi with
- | [ s1 ; s2 ; len ] -> s1, s2, len
- | _ -> assert false
- in
- let s1 = cvar_to_tvar c_s1 in
- let s2 = cvar_to_tvar c_s2 in
- let len = cvar_to_tvar clen in
- let requires = generate_requires loc s1 s2 len in
- let assigns = generate_assigns loc s1 s2 len in
- let ensures = generate_ensures loc s1 s2 len in
- make_funspec [make_behavior ~requires ~assigns ~ensures ()] ()
-
-let generate_function_type t =
- let t = ptr_of (const_of t) in
- let params = [
- ("s1", t, []) ;
- ("s2", t, []) ;
- ("len", size_t (), [])
- ] in
- TFun(Cil.intType, Some params, false, [])
-
-let generate_prototype t =
- let fun_type = generate_function_type t in
- let name = function_name ^ "_" ^ (string_of_typ t) in
- name, fun_type
-
-let type_from_arg x =
- let x = Cil.stripCasts x in
- let xt = Cil.unrollTypeDeep (Cil.typeOf x) in
- let xt = Cil.type_remove_qualifier_attributes_deep xt in
- Cil.typeOf_pointed xt
-
-let well_typed_call _ret = function
- | [ s1 ; s2 ; len ] ->
- (Cil.isIntegralType (Cil.typeOf len)) &&
- (Cil_datatype.Typ.equal (type_from_arg s1) (type_from_arg s2)) &&
- (not (Cil.isVoidType (type_from_arg s1)))
- | _ -> false
-
-let key_from_call _ret = function
- | [ s1 ; _ ; _ ] -> type_from_arg s1
- | _ -> failwith "Call to Memmove.key_from_call on an ill-typed call"
-
-let retype_args override_key = function
- | [ s1 ; s2 ; len ] ->
- let s1 = Cil.stripCasts s1 in
- let s2 = Cil.stripCasts s2 in
- assert (
- Cil_datatype.Typ.equal (type_from_arg s1) override_key &&
- Cil_datatype.Typ.equal (type_from_arg s2) override_key
- ) ;
- [ s1 ; s2 ; len ]
- | _ -> failwith "Call to Memmove.retype_args on an ill-typed call"
-
-let args_for_original _t args = args
+let generate_spec = Mem_utils.mem2s_spec ~requires ~assigns ~ensures
+
+module Function =
+struct
+ open Mem_utils
+ let name = function_name
+ let prototype () =
+ Data Cil.intType,
+ [
+ ("s1" , CPtr,Strip) ;
+ ("s2" , CPtr,Strip) ;
+ ("len", Data (size_t ()) ,Id)
+ ]
+ let well_typed = Mem_utils.mem2s_typing
+end
+module Memcmp_base = Mem_utils.Make(Function)
let () = Transform.register (module struct
module Hashtbl = Cil_datatype.Typ.Hashtbl
type override_key = typ
let function_name = function_name
- let well_typed_call = well_typed_call
- let key_from_call = key_from_call
- let retype_args = retype_args
- let generate_prototype = generate_prototype
+ let well_typed_call = Memcmp_base.well_typed_call
+ let key_from_call = Memcmp_base.key_from_call
+ let retype_args = Memcmp_base.retype_args
+ let generate_prototype = Memcmp_base.generate_prototype
let generate_spec = generate_spec
- let args_for_original = args_for_original
+ let args_for_original _ = Extlib.id
end)
diff --git a/src/plugins/instantiate/string/memcpy.ml b/src/plugins/instantiate/string/memcpy.ml
index 6be6f6664ba02549639d9674ce51f19f7875e8a2..e56778e6a5714e879f090c0421c121d5ea61dcb6 100644
--- a/src/plugins/instantiate/string/memcpy.ml
+++ b/src/plugins/instantiate/string/memcpy.ml
@@ -23,6 +23,7 @@
open Cil_types
open Logic_const
open Basic_blocks
+open Mem_utils
let function_name = "memcpy"
@@ -30,108 +31,40 @@ let pseparated_memcpy_len_bytes ?loc p1 p2 bytes_len =
let generate len = pseparated_memories ?loc p1 len p2 len in
plet_len_div_size ?loc p1.term_type bytes_len generate
-let pcopied_len_bytes ?loc p1 p2 bytes_len =
- plet_len_div_size ?loc p1.term_type bytes_len
- (punfold_all_elems_eq ?loc p1 p2)
-
-let presult_dest ?loc t dest =
- prel ?loc (Req, (tresult ?loc t), dest)
-
-let generate_requires loc dest src len =
- List.map new_predicate [
- { (pcorrect_len_bytes ~loc dest.term_type len)
- with pred_name = ["aligned_end"] } ;
- { (pvalid_len_bytes ~loc here_label dest len)
- with pred_name = ["valid_dest"] } ;
- { (pvalid_read_len_bytes ~loc here_label src len)
- with pred_name = ["valid_read_src"] } ;
- { (pseparated_memcpy_len_bytes ~loc dest src len)
- with pred_name = ["separation"] }
- ]
-
-let generate_assigns loc t dest src len =
- let dest_range = new_identified_term (tunref_range_bytes_len ~loc dest len) in
- let src_range = new_identified_term(tunref_range_bytes_len ~loc src len) in
- let copy = dest_range, From [src_range] in
- let result = new_identified_term (tresult t) in
- let dest = new_identified_term dest in
- let res = result, From [dest] in
- Writes [ copy ; res ]
-
-let generate_ensures loc t dest src len =
- List.map (fun p -> Normal, new_predicate p) [
- { (pcopied_len_bytes ~loc dest src len) with pred_name = [ "copied"] } ;
- { (presult_dest ~loc t dest) with pred_name = [ "result"] }
- ]
-
-let generate_spec _t { svar = vi } loc =
- let (cdest, csrc, clen) = match Cil.getFormalsDecl vi with
- | [ dest ; src ; len ] -> dest, src, len
- | _ -> assert false
+let requires loc t dest src len =
+ let separated = new_predicate
+ { (pseparated_memcpy_len_bytes ~loc dest src len)
+ with pred_name = ["separation"] }
in
- let t = cdest.vtype in
- let dest = cvar_to_tvar cdest in
- let src = cvar_to_tvar csrc in
- let len = cvar_to_tvar clen in
- let requires = generate_requires loc dest src len in
- let assigns = generate_assigns loc t dest src len in
- let ensures = generate_ensures loc t dest src len in
- make_funspec [make_behavior ~requires ~assigns ~ensures ()] ()
-
-let generate_function_type t =
- let dt = ptr_of t in
- let st = ptr_of (const_of t) in
- let params = [
- ("dest", dt, []) ;
- ("src", st, []) ;
- ("len", size_t (), [])
- ] in
- TFun(dt, Some params, false, [])
-
-let generate_prototype t =
- let fun_type = generate_function_type t in
- let name = function_name ^ "_" ^ (string_of_typ t) in
- name, fun_type
-
-let type_from_arg x =
- let x = Cil.stripCasts x in
- let xt = Cil.unrollTypeDeep (Cil.typeOf x) in
- let xt = Cil.type_remove_qualifier_attributes_deep xt in
- Cil.typeOf_pointed xt
-
-let well_typed_call _ret = function
- | [ dest ; src ; len ] ->
- (Cil.isIntegralType (Cil.typeOf len)) &&
- (Cil_datatype.Typ.equal (type_from_arg dest) (type_from_arg src)) &&
- (not (Cil.isVoidType (type_from_arg dest)))
- | _ -> false
-
-let key_from_call _ret = function
- | [ dest ; _ ; _ ] -> type_from_arg dest
- | _ -> failwith "Call to Memcpy.key_from_call on an ill-typed call"
-
-let retype_args override_key = function
- | [ dest ; src ; len ] ->
- let dest = Cil.stripCasts dest in
- let src = Cil.stripCasts src in
- assert (
- Cil_datatype.Typ.equal (type_from_arg dest) override_key &&
- Cil_datatype.Typ.equal (type_from_arg src) override_key
- ) ;
- [ dest ; src ; len ]
- | _ -> failwith "Call to Memcpy.retype_args on an ill-typed call"
-
-let args_for_original _t args = args
+ separated :: (memcpy_memmove_common_requires loc t dest src len)
+
+let assigns = memcpy_memmove_common_assigns
+let ensures = memcpy_memmove_common_ensures "copied"
+let generate_spec = mem2s_spec ~requires ~assigns ~ensures
+
+module Function =
+struct
+ let name = function_name
+ let prototype () =
+ Ptr,
+ [
+ ("dest", Ptr, Strip) ;
+ ("src", CPtr, Strip) ;
+ ("len", Data (size_t()), Id)
+ ]
+ let well_typed = Mem_utils.mem2s_typing
+end
+module Memcpy_base = Mem_utils.Make(Function)
let () = Transform.register (module struct
module Hashtbl = Cil_datatype.Typ.Hashtbl
type override_key = typ
let function_name = function_name
- let well_typed_call = well_typed_call
- let key_from_call = key_from_call
- let retype_args = retype_args
- let generate_prototype = generate_prototype
+ let well_typed_call = Memcpy_base.well_typed_call
+ let key_from_call = Memcpy_base.key_from_call
+ let retype_args = Memcpy_base.retype_args
+ let generate_prototype = Memcpy_base.generate_prototype
let generate_spec = generate_spec
- let args_for_original = args_for_original
+ let args_for_original _ = Extlib.id
end)
diff --git a/src/plugins/instantiate/string/memmove.ml b/src/plugins/instantiate/string/memmove.ml
index 97c3dcb1c577525df2f2caccc210a574cf54a81c..9ce6d75b6bdd8db4598ad0208d393a6cb6ae3059 100644
--- a/src/plugins/instantiate/string/memmove.ml
+++ b/src/plugins/instantiate/string/memmove.ml
@@ -21,111 +21,38 @@
(**************************************************************************)
open Cil_types
-open Logic_const
-open Basic_blocks
+open Mem_utils
let function_name = "memmove"
-let pmoved_len_bytes ?loc dest src bytes_len =
- plet_len_div_size ?loc dest.term_type bytes_len
- (punfold_all_elems_eq ?loc dest src)
-
-let presult_dest ?loc t dest =
- prel ?loc (Req, (tresult ?loc t), dest)
-
-let generate_requires loc dest src len =
- List.map new_predicate [
- { (pcorrect_len_bytes ~loc dest.term_type len)
- with pred_name = ["aligned_end"] } ;
- { (pvalid_len_bytes ~loc here_label dest len)
- with pred_name = ["valid_dest"] } ;
- { (pvalid_read_len_bytes ~loc here_label src len)
- with pred_name = ["valid_read_src"] } ;
- ]
-
-let generate_assigns loc t dest src len =
- let dest_range = new_identified_term (tunref_range_bytes_len ~loc dest len) in
- let src_range = new_identified_term(tunref_range_bytes_len ~loc src len) in
- let copy = dest_range, From [src_range] in
- let result = new_identified_term (tresult t) in
- let dest = new_identified_term dest in
- let res = result, From [dest] in
- Writes [ copy ; res ]
-
-let generate_ensures loc t dest src len =
- List.map (fun p -> Normal, new_predicate p) [
- { (pmoved_len_bytes ~loc dest src len) with pred_name = [ "moved"] } ;
- { (presult_dest ~loc t dest) with pred_name = [ "result"] }
- ]
-
-let generate_spec _t { svar = vi } loc =
- let (cdest, csrc, clen) = match Cil.getFormalsDecl vi with
- | [ dest ; src ; len ] -> dest, src, len
- | _ -> assert false
- in
- let t = cdest.vtype in
- let dest = cvar_to_tvar cdest in
- let src = cvar_to_tvar csrc in
- let len = cvar_to_tvar clen in
- let requires = generate_requires loc dest src len in
- let assigns = generate_assigns loc t dest src len in
- let ensures = generate_ensures loc t dest src len in
- make_funspec [make_behavior ~requires ~assigns ~ensures ()] ()
-
-let generate_function_type t =
- let dt = ptr_of t in
- let st = ptr_of (const_of t) in
- let params = [
- ("dest", dt, []) ;
- ("src", st, []) ;
- ("len", size_t (), [])
- ] in
- TFun(dt, Some params, false, [])
-
-let generate_prototype t =
- let fun_type = generate_function_type t in
- let name = function_name ^ "_" ^ (string_of_typ t) in
- name, fun_type
-
-let type_from_arg x =
- let x = Cil.stripCasts x in
- let xt = Cil.unrollTypeDeep (Cil.typeOf x) in
- let xt = Cil.type_remove_qualifier_attributes_deep xt in
- Cil.typeOf_pointed xt
-
-let well_typed_call _ret = function
- | [ dest ; src ; len ] ->
- (Cil.isIntegralType (Cil.typeOf len)) &&
- (Cil_datatype.Typ.equal (type_from_arg dest) (type_from_arg src)) &&
- (not (Cil.isVoidType (type_from_arg dest)))
- | _ -> false
-
-let key_from_call _ret = function
- | [ dest ; _ ; _ ] -> type_from_arg dest
- | _ -> failwith "Call to Memmove.key_from_call on an ill-typed call"
-
-let retype_args override_key = function
- | [ dest ; src ; len ] ->
- let dest = Cil.stripCasts dest in
- let src = Cil.stripCasts src in
- assert (
- Cil_datatype.Typ.equal (type_from_arg dest) override_key &&
- Cil_datatype.Typ.equal (type_from_arg src) override_key
- ) ;
- [ dest ; src ; len ]
- | _ -> failwith "Call to Memmove.retype_args on an ill-typed call"
-
-let args_for_original _t args = args
+let requires = memcpy_memmove_common_requires
+let assigns = memcpy_memmove_common_assigns
+let ensures = memcpy_memmove_common_ensures "moved"
+let generate_spec = mem2s_spec ~requires ~assigns ~ensures
+
+module Function =
+struct
+ let name = function_name
+ let prototype () =
+ Ptr,
+ [
+ ("dest", Ptr, Strip);
+ ("src" , CPtr, Strip);
+ ("len", Data (Basic_blocks.size_t()), Id)
+ ]
+ let well_typed = Mem_utils.mem2s_typing
+end
+module Memmove_base = Mem_utils.Make(Function)
let () = Transform.register (module struct
module Hashtbl = Cil_datatype.Typ.Hashtbl
type override_key = typ
let function_name = function_name
- let well_typed_call = well_typed_call
- let key_from_call = key_from_call
- let retype_args = retype_args
- let generate_prototype = generate_prototype
+ let well_typed_call = Memmove_base.well_typed_call
+ let key_from_call = Memmove_base.key_from_call
+ let retype_args = Memmove_base.retype_args
+ let generate_prototype = Memmove_base.generate_prototype
let generate_spec = generate_spec
- let args_for_original = args_for_original
+ let args_for_original _ = Extlib.id
end)
diff --git a/src/plugins/instantiate/string/memset.ml b/src/plugins/instantiate/string/memset.ml
index f1935a41528667bcf05f6313dd1e226bf04b5279..1538ba32be03820bce1499f1dc1d25cdc35be6ff 100644
--- a/src/plugins/instantiate/string/memset.ml
+++ b/src/plugins/instantiate/string/memset.ml
@@ -27,6 +27,8 @@ open Basic_blocks
let function_name = "memset"
type key = (typ * int option)
+let unexpected = Options.fatal "String.Memset: unexpected: %s"
+
module With_collection = struct
module OptIntInfo = struct
let module_name = String.capitalize_ascii "Instantiate.Memset.OptInt.Datatype"
@@ -63,11 +65,11 @@ let pset_len_bytes_to_value ?loc ptr value bytes_len =
let pset_len_bytes_to_zero ?loc ptr bytes_len =
let eq_value ?loc t =
- let value = match t.term_type with
+ let value = match Logic_utils.unroll_type t.term_type with
| Ctype(TPtr(_)) -> term Tnull t.term_type
| Ctype(TFloat(_)) -> treal ?loc 0.
- | Ctype(TInt(_)) -> tinteger ?loc 0
- | _ -> assert false
+ | Ctype(TInt(_) | TEnum (_)) -> tinteger ?loc 0
+ | _ -> unexpected "non atomic type during equality generation"
in
prel ?loc (Req, t, value)
in
@@ -82,22 +84,26 @@ let pset_len_bytes_all_bits_to_one ?loc ptr bytes_len =
in
let find_nan_for_type t = List.find (of_type t) nans in
let all_bits_to_one ?loc t =
- match t.term_type with
+ match Logic_utils.unroll_type t.term_type with
| Ctype(TFloat(_)) ->
papp ?loc ((find_nan_for_type t.term_type), [], [t])
| Ctype(TPtr(_)) ->
pnot ?loc (pvalid_read ?loc (here_label, t))
- | Ctype(TInt(kind, _)) | Ctype(TEnum({ ekind = kind }, _)) ->
+ | Ctype((TInt(kind, _) | TEnum({ ekind = kind }, _)) as typ) ->
let is_signed = Cil.isSigned kind in
let bits = Cil.bitsSizeOfInt kind in
- let value = if is_signed then
- Cil.min_signed_number bits
+ let value =
+ if is_signed then
+ let zero = tinteger ?loc 0 in
+ let zero = Logic_utils.mk_cast ?loc typ zero in
+ term (TUnOp(BNot, zero)) t.term_type
else
- Cil.max_unsigned_number bits
+ let value = Cil.max_unsigned_number bits in
+ term ?loc (TConst (Integer (value,None))) Linteger
in
- let value = term ?loc (TConst (Integer (value,None))) Linteger in
prel ?loc (Req, t, value)
- | _ -> assert false
+ | _ ->
+ unexpected "non atomic type during equality generation"
in
plet_len_div_size ?loc ptr.term_type bytes_len
(fun len -> punfold_all_elems_pred ?loc ptr len all_bits_to_one)
@@ -110,7 +116,7 @@ let generate_requires loc ptr value len =
[ { (pcorrect_len_bytes ~loc ptr.term_type len)
with pred_name = ["aligned_end"] } ]
| Some value ->
- let low, up = match value.term_type with
+ let low, up = match Logic_utils.unroll_type value.term_type with
| Ctype(TInt((IChar|ISChar|IUChar) as kind, _)) ->
let bits = bitsSizeOfInt kind in
let plus_one = Integer.add (Integer.of_int 1) in
@@ -121,7 +127,8 @@ let generate_requires loc ptr value len =
in
let integer ?loc i = term ?loc (TConst (Integer (i, None))) Linteger in
(integer ~loc low), (integer ~loc up)
- | _ -> assert false
+ | _ ->
+ unexpected "non atomic type during value bounds generation"
in
[ { (pbounds_incl_excl ~loc low value up)
with pred_name = [ "in_bounds_value" ] } ]
@@ -149,7 +156,8 @@ let generate_ensures e loc t ptr value len =
[ { (pset_len_bytes_to_zero ~loc ptr len) with pred_name } ]
| Some 255, None ->
[ { (pset_len_bytes_all_bits_to_one ~loc ptr len) with pred_name }]
- | _ -> assert false
+ | _ ->
+ unexpected "ill-formed key in ensure generation"
in
List.map (fun p -> Normal, new_predicate p) (content @ [
{ (presult_ptr ~loc t ptr) with pred_name = [ "result"] }
@@ -159,7 +167,7 @@ let generate_spec (_t, e) { svar = vi } loc =
let (cptr, cvalue, clen) = match Cil.getFormalsDecl vi with
| [ ptr ; value ; len ] -> ptr, (Some value), len
| [ ptr ; len ] -> ptr, None, len
- | _ -> assert false
+ | _ -> unexpected "ill-formed fundec in specification generation"
in
let t = cptr.vtype in
let ptr = cvar_to_tvar cptr in
@@ -170,12 +178,6 @@ let generate_spec (_t, e) { svar = vi } loc =
let ensures = generate_ensures e loc t ptr value len in
make_funspec [make_behavior ~requires ~assigns ~ensures ()] ()
-let type_from_arg x =
- let x = Cil.stripCasts x in
- let xt = Cil.unrollTypeDeep (Cil.typeOf x) in
- let xt = Cil.type_remove_qualifier_attributes_deep xt in
- Cil.typeOf_pointed xt
-
let memset_value e =
let ff = Integer.of_int 255 in
match (Cil.constFold false e).enode with
@@ -183,27 +185,37 @@ let memset_value e =
| Const(CInt64(ni, _, _)) when Integer.equal ni ff -> Some 255
| _ -> None
-let is_union_type = function
- | TComp({ cstruct = false }, _, _) -> true
+let rec contains_union_type t =
+ match Cil.unrollType t with
+ | TComp({ cstruct = false }, _, _) ->
+ true
+ | TComp({ cfields = fields }, _, _) ->
+ List.exists contains_union_type (List.map (fun f -> f.ftype) fields)
+ | TArray(t, _, _, _) ->
+ contains_union_type t
| _ -> false
-let well_typed_call _ret = function
- | [ ptr ; _ ; _ ] when any_char_composed_type (type_from_arg ptr) -> true
- | [ ptr ; _ ; _ ] when is_union_type (type_from_arg ptr) -> false
- | [ ptr ; _ ; _ ] when Cil.isVoidType (type_from_arg ptr) -> false
- | [ _ ; value ; _ ] ->
- begin match memset_value value with
- | None -> false
- | Some _ -> true
+let well_typed_call _ret _fct = function
+ | [ ptr ; value ; _ ] ->
+ begin match Mem_utils.exp_type_of_pointed ptr, memset_value value with
+ | (No_pointed | Of_null _) , _ -> false
+ | Value_of t , _ when any_char_composed_type t -> true
+ | Value_of t , _ when contains_union_type t -> false
+ | Value_of t , _ when Cil.isVoidType t -> false
+ | Value_of t , _ when not (Cil.isCompleteType t) -> false
+ | _, None -> false
+ | _, Some _ -> true
end
| _ -> false
-let key_from_call _ret = function
- | [ ptr ; _ ; _ ] when any_char_composed_type (type_from_arg ptr) ->
- (type_from_arg ptr), None
- | [ ptr ; value ; _ ] when not (is_union_type (type_from_arg ptr)) ->
- (type_from_arg ptr), (memset_value value)
- | _ -> failwith "Call to Memset.key_from_call on an ill-typed call"
+let key_from_call _ret _fct = function
+ | [ ptr ; value ; _ ] ->
+ begin match Mem_utils.exp_type_of_pointed ptr, memset_value value with
+ | Value_of t, _ when any_char_composed_type t -> t, None
+ | Value_of t, value when not (contains_union_type t) -> t, value
+ | _ , _ -> unexpected "trying to generate a key on an ill-typed call"
+ end
+ | _ -> unexpected "trying to generate a key on an ill-typed call"
let char_prototype t =
assert (any_char_composed_type t) ;
@@ -226,29 +238,30 @@ let generate_prototype = function
let name = function_name ^ "_" ^ (string_of_typ t) in
let fun_type = char_prototype t in
name, fun_type
- | t, Some x when not (is_union_type t) && (x = 0 || x = 255) ->
+ | t, Some x when not (contains_union_type t) && (x = 0 || x = 255) ->
let ext = if x = 0 then "_0" else if x = 255 then "_FF" else assert false in
let name = function_name ^ "_" ^ (string_of_typ t) ^ ext in
let fun_type = non_char_prototype t in
name, fun_type
| _, _ ->
- failwith "Call to Memset.generate_prototype on an ill-typed call"
+ unexpected "trying to generate a prototype on an ill-typed call"
-let retype_args (t, e) args =
+let retype_args (_t, e) args =
match e, args with
| None, [ ptr ; v ; n ] ->
let ptr = Cil.stripCasts ptr in
- assert (any_char_composed_type (type_from_arg ptr)) ;
- let base_type = base_char_type (type_from_arg ptr) in
+ let base_type = match Mem_utils.exp_type_of_pointed ptr with
+ | Value_of t -> base_char_type t
+ | _ -> unexpected "trying to retype arguments on an ill-typed call"
+ in
let v = Cil.mkCast (Cil.stripCasts v) base_type in
[ ptr ; v ; n ]
| Some fv, [ ptr ; v ; n ] ->
let ptr = Cil.stripCasts ptr in
- assert (Cil_datatype.Typ.equal (type_from_arg ptr) t) ;
assert (match memset_value v with Some x when x = fv -> true | _ -> false) ;
[ ptr ; n ]
| _ ->
- failwith "Call to Memset.retype_args on an ill-typed call"
+ unexpected "trying to retype arguments on an ill-typed call"
let args_for_original (_t , e) args =
match e with
@@ -257,7 +270,8 @@ let args_for_original (_t , e) args =
let loc = Cil_datatype.Location.unknown in
match args with
| [ ptr ; len ] -> [ ptr ; (Cil.integer ~loc n) ; len]
- | _ -> assert false
+ | _ ->
+ unexpected "wrong number of arguments replacing call"
let () = Transform.register (module struct
module Hashtbl = With_collection.Hashtbl
diff --git a/src/plugins/instantiate/tests/api/external_instantiator_registration.ml b/src/plugins/instantiate/tests/api/external_instantiator_registration.ml
index b800bd1efbdd4bd92fe985fab4771f1f001c95cd..aa3c9b5c6a425206aeae937f7d69d88e2f9db39c 100644
--- a/src/plugins/instantiate/tests/api/external_instantiator_registration.ml
+++ b/src/plugins/instantiate/tests/api/external_instantiator_registration.ml
@@ -1,12 +1,12 @@
let function_name = "mine"
-let well_typed_call _ = function
+let well_typed_call _ _ = function
| [ e ] ->
let t = Cil.typeOf(Cil.stripCasts e) in
not (Cil.isVoidPtrType t) && Cil.isPointerType t
| _ -> false
-let key_from_call _ = function
+let key_from_call _ _ = function
| [ e ] ->
let t = Cil.typeOf(Cil.stripCasts e) in
Cil.typeOf_pointed t
diff --git a/src/plugins/instantiate/tests/options/oracle/ignore-functions.res.oracle b/src/plugins/instantiate/tests/options/oracle/ignore-functions.res.oracle
index 8aacf1fa7571bddc9c3fb5e630e1213db9a447bd..b260fc61afd6d08b2f133412781ca83183fc8f50 100644
--- a/src/plugins/instantiate/tests/options/oracle/ignore-functions.res.oracle
+++ b/src/plugins/instantiate/tests/options/oracle/ignore-functions.res.oracle
@@ -11,16 +11,16 @@ void foo(void)
return;
}
-/*@ requires aligned_end: len % 4 ≡ 0;
+/*@ requires
+ separation:
+ \let __fc_len = len / 4;
+ \separated(dest + (0 .. __fc_len - 1), src + (0 .. __fc_len - 1));
+ requires aligned_end: len % 4 ≡ 0;
requires
valid_dest: \let __fc_len = len / 4; \valid(dest + (0 .. __fc_len - 1));
requires
valid_read_src:
\let __fc_len = len / 4; \valid_read(src + (0 .. __fc_len - 1));
- requires
- separation:
- \let __fc_len = len / 4;
- \separated(dest + (0 .. __fc_len - 1), src + (0 .. __fc_len - 1));
ensures
copied:
\let __fc_len = len / 4;
diff --git a/src/plugins/instantiate/tests/options/oracle/only-functions.res.oracle b/src/plugins/instantiate/tests/options/oracle/only-functions.res.oracle
index cc08c601aac8ee1d7015befe833d0946ebe43eb9..d84cec92ebc1968177fac95b8d64c5fa172c3976 100644
--- a/src/plugins/instantiate/tests/options/oracle/only-functions.res.oracle
+++ b/src/plugins/instantiate/tests/options/oracle/only-functions.res.oracle
@@ -3,16 +3,16 @@
#include "stddef.h"
#include "string.h"
#include "strings.h"
-/*@ requires aligned_end: len % 4 ≡ 0;
+/*@ requires
+ separation:
+ \let __fc_len = len / 4;
+ \separated(dest + (0 .. __fc_len - 1), src + (0 .. __fc_len - 1));
+ requires aligned_end: len % 4 ≡ 0;
requires
valid_dest: \let __fc_len = len / 4; \valid(dest + (0 .. __fc_len - 1));
requires
valid_read_src:
\let __fc_len = len / 4; \valid_read(src + (0 .. __fc_len - 1));
- requires
- separation:
- \let __fc_len = len / 4;
- \separated(dest + (0 .. __fc_len - 1), src + (0 .. __fc_len - 1));
ensures
copied:
\let __fc_len = len / 4;
diff --git a/src/plugins/instantiate/tests/plugin/ast_clear.c b/src/plugins/instantiate/tests/plugin/ast_clear.c
new file mode 100644
index 0000000000000000000000000000000000000000..d3dfbb6ad2a2fb83924f23cba30589f680d415e9
--- /dev/null
+++ b/src/plugins/instantiate/tests/plugin/ast_clear.c
@@ -0,0 +1,9 @@
+/* run.config
+ OPT: -instantiate -then -pp-annot
+*/
+
+#include <string.h>
+
+int foo(char* s1, char* s2, size_t len){
+ return memcmp(s1, s2, len) ;
+}
\ No newline at end of file
diff --git a/src/plugins/instantiate/tests/plugin/function_pointers.i b/src/plugins/instantiate/tests/plugin/function_pointers.i
new file mode 100644
index 0000000000000000000000000000000000000000..8f27dd1ab187cf20f3fd5572383a80d7e5be4dd9
--- /dev/null
+++ b/src/plugins/instantiate/tests/plugin/function_pointers.i
@@ -0,0 +1,6 @@
+/* run.config
+ OPT: -instantiate
+*/
+void foo(void (* bar)()){
+ (*bar)();
+}
\ No newline at end of file
diff --git a/src/plugins/instantiate/tests/plugin/needs_global.i b/src/plugins/instantiate/tests/plugin/needs_global.i
new file mode 100644
index 0000000000000000000000000000000000000000..dfd53797477e08a50c44b80b06ea9743a7a73614
--- /dev/null
+++ b/src/plugins/instantiate/tests/plugin/needs_global.i
@@ -0,0 +1,14 @@
+/* run.config
+ OPT: -load-script tests/plugin/needs_globals.ml -instantiate -check -print
+*/
+
+int i ; // needed for already_one specifciation
+void already_one(void* parameter) ;
+
+void needs_new(void* parameter) ;
+
+void foo(void){
+ int *i ;
+ already_one(i);
+ needs_new(i);
+}
diff --git a/src/plugins/instantiate/tests/plugin/needs_globals.ml b/src/plugins/instantiate/tests/plugin/needs_globals.ml
new file mode 100644
index 0000000000000000000000000000000000000000..506da455fdb5b23a60a0d994dc2fcfb0e268c021
--- /dev/null
+++ b/src/plugins/instantiate/tests/plugin/needs_globals.ml
@@ -0,0 +1,80 @@
+let well_typed_call _ _ = function
+ | [ e ] ->
+ let t = Cil.typeOf(Cil.stripCasts e) in
+ not (Cil.isVoidPtrType t) && Cil.isPointerType t
+ | _ -> false
+
+let key_from_call _ _ = function
+ | [ e ] -> Cil.typeOf_pointed (Cil.typeOf(Cil.stripCasts e))
+ | _ -> assert false
+
+let retype_args _ = function
+ | [ e ] -> [ Cil.stripCasts e ]
+ | _ -> assert false
+
+let generate_function_type t =
+ let params = [("x", Cil_types.TPtr(t, []), [])] in
+ Cil_types.TFun(Cil.voidType, Some params, false, [])
+
+let generate_prototype function_name t =
+ let fun_type = generate_function_type t in
+ let name = function_name ^ "_" ^ match t with
+ | Cil_types.TInt(_) -> "int"
+ | _ -> assert false (* nothing else in our test *)
+ in
+ name, fun_type
+
+let generate_spec needed _ _ _ =
+ let open Cil_types in
+ let open Logic_const in
+ let open Instantiate.Global_context in
+ let make () =
+ let vi = Cil.makeVarinfo ~ghost:true true false needed Cil.floatType in
+ vi.vstorage <- Extern ;
+ vi
+ in
+ let vi = get_variable needed make in
+ let t = tvar (Cil.cvar_to_lvar vi) in
+ let assigns =
+ Cil_types.Writes [ Logic_const.new_identified_term t, From [] ]
+ in {
+ spec_behavior = [ {
+ b_name = Cil.default_behavior_name ;
+ b_requires = [] ;
+ b_assumes = [] ;
+ b_post_cond = [] ;
+ b_assigns = assigns ;
+ b_allocation = FreeAllocAny ;
+ b_extended = []
+ } ] ;
+ spec_variant = None ;
+ spec_terminates = None ;
+ spec_complete_behaviors = [] ;
+ spec_disjoint_behaviors = [] ;
+ }
+
+let () = Instantiate.Transform.register (module struct
+ module Hashtbl = Cil_datatype.Typ.Hashtbl
+ type override_key = Hashtbl.key
+
+ let function_name = "already_one"
+ let well_typed_call = well_typed_call
+ let key_from_call = key_from_call
+ let retype_args = retype_args
+ let generate_prototype = generate_prototype function_name
+ let generate_spec = generate_spec "i"
+ let args_for_original _ = Extlib.id
+ end)
+
+let () = Instantiate.Transform.register (module struct
+ module Hashtbl = Cil_datatype.Typ.Hashtbl
+ type override_key = Hashtbl.key
+
+ let function_name = "needs_new"
+ let well_typed_call = well_typed_call
+ let key_from_call = key_from_call
+ let retype_args = retype_args
+ let generate_prototype = generate_prototype function_name
+ let generate_spec = generate_spec "j"
+ let args_for_original _ = Extlib.id
+ end)
diff --git a/src/plugins/instantiate/tests/plugin/oracle/ast_clear.res.oracle b/src/plugins/instantiate/tests/plugin/oracle/ast_clear.res.oracle
new file mode 100644
index 0000000000000000000000000000000000000000..1a8c67bb4f4a92cf3d5a5f39514eb119d0d7c121
--- /dev/null
+++ b/src/plugins/instantiate/tests/plugin/oracle/ast_clear.res.oracle
@@ -0,0 +1,2 @@
+[kernel] Parsing tests/plugin/ast_clear.c (with preprocessing)
+[kernel] Parsing tests/plugin/ast_clear.c (with preprocessing)
diff --git a/src/plugins/instantiate/tests/plugin/oracle/function_pointers.res.oracle b/src/plugins/instantiate/tests/plugin/oracle/function_pointers.res.oracle
new file mode 100644
index 0000000000000000000000000000000000000000..bcf3d3f77fabccbae301b3acbca35d6ddb1a4eeb
--- /dev/null
+++ b/src/plugins/instantiate/tests/plugin/oracle/function_pointers.res.oracle
@@ -0,0 +1 @@
+[kernel] Parsing tests/plugin/function_pointers.i (no preprocessing)
diff --git a/src/plugins/instantiate/tests/plugin/oracle/needs_global.res.oracle b/src/plugins/instantiate/tests/plugin/oracle/needs_global.res.oracle
new file mode 100644
index 0000000000000000000000000000000000000000..0b7e5b4ccb788b009ffd587ae9e1b13389cd66d0
--- /dev/null
+++ b/src/plugins/instantiate/tests/plugin/oracle/needs_global.res.oracle
@@ -0,0 +1,34 @@
+[kernel] Parsing tests/plugin/needs_global.i (no preprocessing)
+/* Generated by Frama-C */
+/*@ ghost extern float j; */
+
+int i;
+void already_one(void *parameter);
+
+void needs_new(void *parameter);
+
+/*@ assigns j;
+ assigns j \from \nothing; */
+void needs_new_int(int *x)
+{
+ needs_new((void *)x);
+ return;
+}
+
+/*@ assigns i;
+ assigns i \from \nothing; */
+void already_one_int(int *x)
+{
+ already_one((void *)x);
+ return;
+}
+
+void foo(void)
+{
+ int *i_0;
+ already_one_int(i_0);
+ needs_new_int(i_0);
+ return;
+}
+
+
diff --git a/src/plugins/instantiate/tests/stdlib/calloc.c b/src/plugins/instantiate/tests/stdlib/calloc.c
index 77be4d292f1d7befca278b4210ea6335c805fed1..d87508ad415bcf21b677949b5429c8b8b376fc97 100644
--- a/src/plugins/instantiate/tests/stdlib/calloc.c
+++ b/src/plugins/instantiate/tests/stdlib/calloc.c
@@ -11,12 +11,16 @@ struct Flex {
int f[] ;
} ;
+enum E { A, B, C };
+
int main(void){
int* pi = calloc(10, sizeof(int)) ;
+ enum E* pe = calloc(10, sizeof(enum E)) ;
float* pf = calloc(10, sizeof(float)) ;
struct X* px = calloc(10, sizeof(struct X)) ;
char* pc = calloc(10, sizeof(char)) ;
int (*pa) [10] = calloc(10, sizeof(int[10])) ;
struct Flex* f = calloc(1, sizeof(struct Flex) + 3 * sizeof(int)) ;
void *v = calloc(10, sizeof(char));
+ struct incomplete* inc = calloc(10, 10);
}
\ No newline at end of file
diff --git a/src/plugins/instantiate/tests/stdlib/free.c b/src/plugins/instantiate/tests/stdlib/free.c
index 40cab4f547cfcf9ab66b7e278c3a0cce9ddd6c00..e61ed8864c1d2657e6dc1f65a0d047735b3a2d6b 100644
--- a/src/plugins/instantiate/tests/stdlib/free.c
+++ b/src/plugins/instantiate/tests/stdlib/free.c
@@ -11,4 +11,7 @@ void baz(int (*x) [10]){
}
void with_void(void * x){
free(x);
+}
+void with_incomplete(struct incomplete* t){
+ free(t);
}
\ No newline at end of file
diff --git a/src/plugins/instantiate/tests/stdlib/malloc.c b/src/plugins/instantiate/tests/stdlib/malloc.c
index 0d5aa4ea04a70e739cf3a4b5e5125baf2b2b1197..00a07820a9ac4377c39826e16538d62e6f8c2322 100644
--- a/src/plugins/instantiate/tests/stdlib/malloc.c
+++ b/src/plugins/instantiate/tests/stdlib/malloc.c
@@ -11,6 +11,8 @@ struct Flex {
int f[] ;
} ;
+struct incomplete ;
+
int main(void){
int* pi = malloc(sizeof(int) * 10) ;
float* pf = malloc(sizeof(float) * 10) ;
@@ -19,4 +21,5 @@ int main(void){
int (*pa) [10] = malloc(sizeof(int[10]) * 10) ;
struct Flex* f = malloc(sizeof(struct Flex) + 3 * sizeof(int)) ;
void *v = malloc(sizeof(char) * 10);
+ struct incomplete* inc = malloc(10);
}
\ No newline at end of file
diff --git a/src/plugins/instantiate/tests/stdlib/no_fc_stdlib.c b/src/plugins/instantiate/tests/stdlib/no_fc_stdlib.c
new file mode 100644
index 0000000000000000000000000000000000000000..21498c2ef2b5ab29516316267bc33c5af6d46bbd
--- /dev/null
+++ b/src/plugins/instantiate/tests/stdlib/no_fc_stdlib.c
@@ -0,0 +1,12 @@
+#include <stddef.h>
+
+void* malloc(size_t s);
+void* calloc(size_t num, size_t size);
+void free(void* ptr);
+
+void foo(void){
+ int * p = malloc(sizeof(int));
+ int * q = calloc(2, sizeof(int));
+ free(p);
+ free(q);
+}
\ No newline at end of file
diff --git a/src/plugins/instantiate/tests/stdlib/oracle/calloc.res.oracle b/src/plugins/instantiate/tests/stdlib/oracle/calloc.res.oracle
index 5fb370ab29a192623a74034cbf0923e31191b163..1670641826813ce9b10d06d60f85849cf9e55a57 100644
--- a/src/plugins/instantiate/tests/stdlib/oracle/calloc.res.oracle
+++ b/src/plugins/instantiate/tests/stdlib/oracle/calloc.res.oracle
@@ -1,5 +1,8 @@
[kernel] Parsing tests/stdlib/calloc.c (with preprocessing)
-[instantiate] tests/stdlib/calloc.c:21: Warning: Ignore call: not well typed
+[instantiate] tests/stdlib/calloc.c:24: Warning:
+ calloc instantiator cannot replace call
+[instantiate] tests/stdlib/calloc.c:25: Warning:
+ calloc instantiator cannot replace call
/* Generated by Frama-C */
#include "stdlib.h"
struct X {
@@ -11,6 +14,12 @@ struct Flex {
char c ;
int f[] ;
};
+enum E {
+ A = 0,
+ B = 1,
+ C = 2
+};
+struct incomplete;
/*@ requires correct_size: 0 ≤ size - 8 ∧ 0 ≡ (size - 8) % 4;
requires only_one: num ≡ 1;
assigns \result, __fc_heap_status;
@@ -214,6 +223,43 @@ float *calloc_float(size_t num, size_t size)
return __retres;
}
+/*@ requires correct_size: 0 ≡ size % 4;
+ assigns \result, __fc_heap_status;
+ assigns \result \from __fc_heap_status, num, size;
+ assigns __fc_heap_status \from __fc_heap_status, num, size;
+ allocates \result;
+
+ behavior allocation:
+ assumes allocable: is_allocable(num * size);
+ ensures fresh_result: \fresh{Old, Here}(\result,num * size);
+ ensures
+ zero_initialization:
+ ∀ ℤ j0; 0 ≤ j0 < num ⇒ *(\result + j0) ≡ 0;
+ ensures
+ initialization:
+ ∀ ℤ j0; 0 ≤ j0 < num ⇒ \initialized(\result + j0);
+ assigns \result, __fc_heap_status;
+ assigns \result \from __fc_heap_status, num, size;
+ assigns __fc_heap_status \from __fc_heap_status, num, size;
+ allocates \result;
+
+ behavior no_allocation:
+ assumes allocable: ¬is_allocable(num * size);
+ ensures null_result: \result ≡ \null;
+ assigns \result;
+ assigns \result \from \nothing;
+ allocates \nothing;
+
+ complete behaviors no_allocation, allocation;
+ disjoint behaviors no_allocation, allocation;
+ */
+enum E *calloc_e_E(size_t num, size_t size)
+{
+ enum E *__retres;
+ __retres = (enum E *)calloc(num,size);
+ return __retres;
+}
+
/*@ requires correct_size: 0 ≡ size % 4;
assigns \result, __fc_heap_status;
assigns \result \from __fc_heap_status, num, size;
@@ -255,6 +301,7 @@ int main(void)
{
int __retres;
int *pi = calloc_int((unsigned int)10,sizeof(int));
+ enum E *pe = calloc_e_E((unsigned int)10,sizeof(enum E));
float *pf = calloc_float((unsigned int)10,sizeof(float));
struct X *px = calloc_st_X((unsigned int)10,sizeof(struct X));
char *pc = calloc_char((unsigned int)10,sizeof(char));
@@ -263,15 +310,13 @@ int main(void)
calloc_st_Flex((unsigned int)1,
sizeof(struct Flex) + (unsigned int)3 * sizeof(int));
void *v = calloc((unsigned int)10,sizeof(char));
+ struct incomplete *inc = calloc((unsigned int)10,(unsigned int)10);
__retres = 0;
return __retres;
}
[kernel] Parsing tests/stdlib/result/calloc.c (with preprocessing)
-[kernel] Parsing tests/stdlib/calloc.c (with preprocessing)
-[kernel] tests/stdlib/calloc.c:14: Warning:
- def'n of func main at tests/stdlib/calloc.c:14 (sum 6403) conflicts with the one at tests/stdlib/result/calloc.c:252 (sum 8177); keeping the one at tests/stdlib/result/calloc.c:252.
/* Generated by Frama-C */
#include "stdlib.h"
struct X {
@@ -283,6 +328,12 @@ struct Flex {
char c ;
int f[] ;
};
+enum E {
+ A = 0,
+ B = 1,
+ C = 2
+};
+struct incomplete;
/*@ requires correct_size: 0 ≤ size - 8 ∧ 0 ≡ (size - 8) % 4;
requires only_one: num ≡ 1;
assigns \result, __fc_heap_status;
@@ -489,6 +540,44 @@ float *calloc_float(size_t num, size_t size)
return __retres;
}
+/*@ requires correct_size: 0 ≡ size % 4;
+ assigns \result, __fc_heap_status;
+ assigns \result \from __fc_heap_status, num, size;
+ assigns __fc_heap_status \from __fc_heap_status, num, size;
+ allocates \result;
+
+ behavior allocation:
+ assumes allocable: is_allocable(num * size);
+ ensures
+ fresh_result: \fresh{Old, Here}(\result,\old(num) * \old(size));
+ ensures
+ zero_initialization:
+ ∀ ℤ j0; 0 ≤ j0 < \old(num) ⇒ *(\result + j0) ≡ 0;
+ ensures
+ initialization:
+ ∀ ℤ j0; 0 ≤ j0 < \old(num) ⇒ \initialized(\result + j0);
+ assigns \result, __fc_heap_status;
+ assigns \result \from __fc_heap_status, num, size;
+ assigns __fc_heap_status \from __fc_heap_status, num, size;
+ allocates \result;
+
+ behavior no_allocation:
+ assumes allocable: ¬is_allocable(num * size);
+ ensures null_result: \result ≡ \null;
+ assigns \result;
+ assigns \result \from \nothing;
+ allocates \nothing;
+
+ complete behaviors no_allocation, allocation;
+ disjoint behaviors no_allocation, allocation;
+ */
+enum E *calloc_e_E(size_t num, size_t size)
+{
+ enum E *__retres;
+ __retres = (enum E *)calloc(num,size);
+ return __retres;
+}
+
/*@ requires correct_size: 0 ≡ size % 4;
assigns \result, __fc_heap_status;
assigns \result \from __fc_heap_status, num, size;
@@ -531,6 +620,7 @@ int main(void)
{
int __retres;
int *pi = calloc_int((unsigned int)10,sizeof(int));
+ enum E *pe = calloc_e_E((unsigned int)10,sizeof(enum E));
float *pf = calloc_float((unsigned int)10,sizeof(float));
struct X *px = calloc_st_X((unsigned int)10,sizeof(struct X));
char *pc = calloc_char((unsigned int)10,sizeof(char));
@@ -539,6 +629,7 @@ int main(void)
calloc_st_Flex((unsigned int)1,
sizeof(struct Flex) + (unsigned int)3 * sizeof(int));
void *v = calloc((unsigned int)10,sizeof(char));
+ struct incomplete *inc = calloc((unsigned int)10,(unsigned int)10);
__retres = 0;
return __retres;
}
diff --git a/src/plugins/instantiate/tests/stdlib/oracle/free.res.oracle b/src/plugins/instantiate/tests/stdlib/oracle/free.res.oracle
index 1e764fcd7c62f75f1a4160cd430d760db327f29a..a0671fe0bc81d0cf757f8660830d2cf9ab1898c8 100644
--- a/src/plugins/instantiate/tests/stdlib/oracle/free.res.oracle
+++ b/src/plugins/instantiate/tests/stdlib/oracle/free.res.oracle
@@ -1,7 +1,9 @@
[kernel] Parsing tests/stdlib/free.c (with preprocessing)
-[instantiate] tests/stdlib/free.c:13: Warning: Ignore call: not well typed
+[instantiate] tests/stdlib/free.c:13: Warning:
+ free instantiator cannot replace call
/* Generated by Frama-C */
#include "stdlib.h"
+struct incomplete;
/*@ requires freeable: ptr ≡ \null ∨ \freeable(ptr);
assigns __fc_heap_status;
assigns __fc_heap_status \from __fc_heap_status, ptr;
@@ -104,19 +106,43 @@ void with_void(void *x)
return;
}
+/*@ requires freeable: ptr ≡ \null ∨ \freeable(ptr);
+ assigns __fc_heap_status;
+ assigns __fc_heap_status \from __fc_heap_status, ptr;
+ frees ptr;
+
+ behavior allocation:
+ assumes ptr ≢ \null;
+ ensures freed: \allocable(ptr);
+ assigns __fc_heap_status;
+ assigns __fc_heap_status \from __fc_heap_status, ptr;
+ frees ptr;
+
+ behavior no_allocation:
+ assumes ptr ≡ \null;
+ assigns \nothing;
+ allocates \nothing;
+
+ complete behaviors no_allocation, allocation;
+ disjoint behaviors no_allocation, allocation;
+ */
+void free_st_incomplete(struct incomplete *ptr)
+{
+ free((void *)ptr);
+ return;
+}
+
+void with_incomplete(struct incomplete *t)
+{
+ free_st_incomplete(t);
+ return;
+}
+
[kernel] Parsing tests/stdlib/result/free.c (with preprocessing)
-[kernel] Parsing tests/stdlib/free.c (with preprocessing)
-[kernel] tests/stdlib/free.c:3: Warning:
- dropping duplicate def'n of func foo at tests/stdlib/free.c:3 in favor of that at tests/stdlib/result/free.c:29
-[kernel] tests/stdlib/free.c:6: Warning:
- dropping duplicate def'n of func bar at tests/stdlib/free.c:6 in favor of that at tests/stdlib/result/free.c:61
-[kernel] tests/stdlib/free.c:9: Warning:
- dropping duplicate def'n of func baz at tests/stdlib/free.c:9 in favor of that at tests/stdlib/result/free.c:93
-[kernel] tests/stdlib/free.c:12: Warning:
- dropping duplicate def'n of func with_void at tests/stdlib/free.c:12 in favor of that at tests/stdlib/result/free.c:99
/* Generated by Frama-C */
#include "stdlib.h"
+struct incomplete;
/*@ requires freeable: ptr ≡ \null ∨ \freeable(ptr);
assigns __fc_heap_status;
assigns __fc_heap_status \from __fc_heap_status, ptr;
@@ -219,4 +245,36 @@ void with_void(void *x)
return;
}
+/*@ requires freeable: ptr ≡ \null ∨ \freeable(ptr);
+ assigns __fc_heap_status;
+ assigns __fc_heap_status \from __fc_heap_status, ptr;
+ frees ptr;
+
+ behavior allocation:
+ assumes ptr ≢ \null;
+ ensures freed: \allocable(\old(ptr));
+ assigns __fc_heap_status;
+ assigns __fc_heap_status \from __fc_heap_status, ptr;
+ frees ptr;
+
+ behavior no_allocation:
+ assumes ptr ≡ \null;
+ assigns \nothing;
+ allocates \nothing;
+
+ complete behaviors no_allocation, allocation;
+ disjoint behaviors no_allocation, allocation;
+ */
+void free_st_incomplete(struct incomplete *ptr)
+{
+ free((void *)ptr);
+ return;
+}
+
+void with_incomplete(struct incomplete *t)
+{
+ free_st_incomplete(t);
+ return;
+}
+
diff --git a/src/plugins/instantiate/tests/stdlib/oracle/malloc.res.oracle b/src/plugins/instantiate/tests/stdlib/oracle/malloc.res.oracle
index feb0c41909dd4a6cb6b7de4c4ec3dac49cd07869..9aff502467ca08d49dc7d2f346e2e05c6894c995 100644
--- a/src/plugins/instantiate/tests/stdlib/oracle/malloc.res.oracle
+++ b/src/plugins/instantiate/tests/stdlib/oracle/malloc.res.oracle
@@ -1,5 +1,8 @@
[kernel] Parsing tests/stdlib/malloc.c (with preprocessing)
-[instantiate] tests/stdlib/malloc.c:21: Warning: Ignore call: not well typed
+[instantiate] tests/stdlib/malloc.c:23: Warning:
+ malloc instantiator cannot replace call
+[instantiate] tests/stdlib/malloc.c:24: Warning:
+ malloc instantiator cannot replace call
/* Generated by Frama-C */
#include "stdlib.h"
struct X {
@@ -11,6 +14,7 @@ struct Flex {
char c ;
int f[] ;
};
+struct incomplete;
/*@ requires correct_size: 0 ≤ size - 8 ∧ 0 ≡ (size - 8) % 4;
assigns \result, __fc_heap_status;
assigns \result \from __fc_heap_status, size;
@@ -208,15 +212,13 @@ int main(void)
struct Flex *f =
malloc_st_Flex(sizeof(struct Flex) + (unsigned int)3 * sizeof(int));
void *v = malloc(sizeof(char) * (unsigned int)10);
+ struct incomplete *inc = malloc((unsigned int)10);
__retres = 0;
return __retres;
}
[kernel] Parsing tests/stdlib/result/malloc.c (with preprocessing)
-[kernel] Parsing tests/stdlib/malloc.c (with preprocessing)
-[kernel] tests/stdlib/malloc.c:14: Warning:
- def'n of func main at tests/stdlib/malloc.c:14 (sum 6403) conflicts with the one at tests/stdlib/result/malloc.c:198 (sum 8177); keeping the one at tests/stdlib/result/malloc.c:198.
/* Generated by Frama-C */
#include "stdlib.h"
struct X {
@@ -228,6 +230,7 @@ struct Flex {
char c ;
int f[] ;
};
+struct incomplete;
/*@ requires correct_size: 0 ≤ size - 8 ∧ 0 ≡ (size - 8) % 4;
assigns \result, __fc_heap_status;
assigns \result \from __fc_heap_status, size;
@@ -425,6 +428,7 @@ int main(void)
struct Flex *f =
malloc_st_Flex(sizeof(struct Flex) + (unsigned int)3 * sizeof(int));
void *v = malloc(sizeof(char) * (unsigned int)10);
+ struct incomplete *inc = malloc((unsigned int)10);
__retres = 0;
return __retres;
}
diff --git a/src/plugins/instantiate/tests/stdlib/oracle/no_fc_stdlib.res.oracle b/src/plugins/instantiate/tests/stdlib/oracle/no_fc_stdlib.res.oracle
new file mode 100644
index 0000000000000000000000000000000000000000..baa036c870fb4e23d59d27155db86156ea9f5bfb
--- /dev/null
+++ b/src/plugins/instantiate/tests/stdlib/oracle/no_fc_stdlib.res.oracle
@@ -0,0 +1,253 @@
+[kernel] Parsing tests/stdlib/no_fc_stdlib.c (with preprocessing)
+/* Generated by Frama-C */
+#include "stddef.h"
+/*@ ghost extern int __fc_heap_status; */
+
+/*@
+axiomatic dynamic_allocation {
+ predicate is_allocable{L}(ℤ i)
+ reads __fc_heap_status;
+
+ axiom never_allocable{L}:
+ ∀ ℤ i; i < 0 ∧ i > 4294967295 ⇒ ¬is_allocable(i);
+
+ }
+
+*/
+void *malloc(size_t s);
+
+void *calloc(size_t num, size_t size);
+
+void free(void *ptr);
+
+/*@ requires freeable: ptr ≡ \null ∨ \freeable(ptr);
+ assigns __fc_heap_status;
+ assigns __fc_heap_status \from __fc_heap_status, ptr;
+ frees ptr;
+
+ behavior allocation:
+ assumes ptr ≢ \null;
+ ensures freed: \allocable(ptr);
+ assigns __fc_heap_status;
+ assigns __fc_heap_status \from __fc_heap_status, ptr;
+ frees ptr;
+
+ behavior no_allocation:
+ assumes ptr ≡ \null;
+ assigns \nothing;
+ allocates \nothing;
+
+ complete behaviors no_allocation, allocation;
+ disjoint behaviors no_allocation, allocation;
+ */
+void free_int(int *ptr)
+{
+ free((void *)ptr);
+ return;
+}
+
+/*@ requires correct_size: 0 ≡ size % 4;
+ assigns \result, __fc_heap_status;
+ assigns \result \from __fc_heap_status, num, size;
+ assigns __fc_heap_status \from __fc_heap_status, num, size;
+ allocates \result;
+
+ behavior allocation:
+ assumes allocable: is_allocable(num * size);
+ ensures fresh_result: \fresh{Old, Here}(\result,num * size);
+ ensures
+ zero_initialization:
+ ∀ ℤ j0; 0 ≤ j0 < num ⇒ *(\result + j0) ≡ 0;
+ ensures
+ initialization:
+ ∀ ℤ j0; 0 ≤ j0 < num ⇒ \initialized(\result + j0);
+ assigns \result, __fc_heap_status;
+ assigns \result \from __fc_heap_status, num, size;
+ assigns __fc_heap_status \from __fc_heap_status, num, size;
+ allocates \result;
+
+ behavior no_allocation:
+ assumes allocable: ¬is_allocable(num * size);
+ ensures null_result: \result ≡ \null;
+ assigns \result;
+ assigns \result \from \nothing;
+ allocates \nothing;
+
+ complete behaviors no_allocation, allocation;
+ disjoint behaviors no_allocation, allocation;
+ */
+int *calloc_int(size_t num, size_t size)
+{
+ int *__retres;
+ __retres = (int *)calloc(num,size);
+ return __retres;
+}
+
+/*@ requires correct_size: 0 ≡ size % 4;
+ assigns \result, __fc_heap_status;
+ assigns \result \from __fc_heap_status, size;
+ assigns __fc_heap_status \from __fc_heap_status, size;
+ allocates \result;
+
+ behavior allocation:
+ assumes allocable: is_allocable(size);
+ ensures fresh_result: \fresh{Old, Here}(\result,size);
+ assigns \result, __fc_heap_status;
+ assigns \result \from __fc_heap_status, size;
+ assigns __fc_heap_status \from __fc_heap_status, size;
+ allocates \result;
+
+ behavior no_allocation:
+ assumes allocable: ¬is_allocable(size);
+ ensures null_result: \result ≡ \null;
+ assigns \result;
+ assigns \result \from \nothing;
+ allocates \nothing;
+
+ complete behaviors no_allocation, allocation;
+ disjoint behaviors no_allocation, allocation;
+ */
+int *malloc_int(size_t size)
+{
+ int *__retres;
+ __retres = (int *)malloc(size);
+ return __retres;
+}
+
+void foo(void)
+{
+ int *p = malloc_int(sizeof(int));
+ int *q = calloc_int((unsigned int)2,sizeof(int));
+ free_int(p);
+ free_int(q);
+ return;
+}
+
+
+[kernel] Parsing tests/stdlib/result/no_fc_stdlib.c (with preprocessing)
+/* Generated by Frama-C */
+#include "stddef.h"
+/*@ ghost extern int __fc_heap_status; */
+
+/*@
+axiomatic dynamic_allocation {
+ predicate is_allocable{L}(ℤ i)
+ reads __fc_heap_status;
+
+ axiom never_allocable{L}:
+ ∀ ℤ i; i < 0 ∧ i > 4294967295 ⇒ ¬is_allocable(i);
+
+ }
+
+*/
+void *malloc(size_t s);
+
+void *calloc(size_t num, size_t size);
+
+void free(void *ptr);
+
+/*@ requires freeable: ptr ≡ \null ∨ \freeable(ptr);
+ assigns __fc_heap_status;
+ assigns __fc_heap_status \from __fc_heap_status, ptr;
+ frees ptr;
+
+ behavior allocation:
+ assumes ptr ≢ \null;
+ ensures freed: \allocable(\old(ptr));
+ assigns __fc_heap_status;
+ assigns __fc_heap_status \from __fc_heap_status, ptr;
+ frees ptr;
+
+ behavior no_allocation:
+ assumes ptr ≡ \null;
+ assigns \nothing;
+ allocates \nothing;
+
+ complete behaviors no_allocation, allocation;
+ disjoint behaviors no_allocation, allocation;
+ */
+void free_int(int *ptr)
+{
+ free((void *)ptr);
+ return;
+}
+
+/*@ requires correct_size: 0 ≡ size % 4;
+ assigns \result, __fc_heap_status;
+ assigns \result \from __fc_heap_status, num, size;
+ assigns __fc_heap_status \from __fc_heap_status, num, size;
+ allocates \result;
+
+ behavior allocation:
+ assumes allocable: is_allocable(num * size);
+ ensures
+ fresh_result: \fresh{Old, Here}(\result,\old(num) * \old(size));
+ ensures
+ zero_initialization:
+ ∀ ℤ j0; 0 ≤ j0 < \old(num) ⇒ *(\result + j0) ≡ 0;
+ ensures
+ initialization:
+ ∀ ℤ j0; 0 ≤ j0 < \old(num) ⇒ \initialized(\result + j0);
+ assigns \result, __fc_heap_status;
+ assigns \result \from __fc_heap_status, num, size;
+ assigns __fc_heap_status \from __fc_heap_status, num, size;
+ allocates \result;
+
+ behavior no_allocation:
+ assumes allocable: ¬is_allocable(num * size);
+ ensures null_result: \result ≡ \null;
+ assigns \result;
+ assigns \result \from \nothing;
+ allocates \nothing;
+
+ complete behaviors no_allocation, allocation;
+ disjoint behaviors no_allocation, allocation;
+ */
+int *calloc_int(size_t num, size_t size)
+{
+ int *__retres;
+ __retres = (int *)calloc(num,size);
+ return __retres;
+}
+
+/*@ requires correct_size: 0 ≡ size % 4;
+ assigns \result, __fc_heap_status;
+ assigns \result \from __fc_heap_status, size;
+ assigns __fc_heap_status \from __fc_heap_status, size;
+ allocates \result;
+
+ behavior allocation:
+ assumes allocable: is_allocable(size);
+ ensures fresh_result: \fresh{Old, Here}(\result,\old(size));
+ assigns \result, __fc_heap_status;
+ assigns \result \from __fc_heap_status, size;
+ assigns __fc_heap_status \from __fc_heap_status, size;
+ allocates \result;
+
+ behavior no_allocation:
+ assumes allocable: ¬is_allocable(size);
+ ensures null_result: \result ≡ \null;
+ assigns \result;
+ assigns \result \from \nothing;
+ allocates \nothing;
+
+ complete behaviors no_allocation, allocation;
+ disjoint behaviors no_allocation, allocation;
+ */
+int *malloc_int(size_t size)
+{
+ int *__retres;
+ __retres = (int *)malloc(size);
+ return __retres;
+}
+
+void foo(void)
+{
+ int *p = malloc_int(sizeof(int));
+ int *q = calloc_int((unsigned int)2,sizeof(int));
+ free_int(p);
+ free_int(q);
+ return;
+}
+
+
diff --git a/src/plugins/instantiate/tests/stdlib/test_config b/src/plugins/instantiate/tests/stdlib/test_config
index dba5b7b5f4a3904ab10ba039dce5bee0734e2101..cc295b086555e3e3854cbe0f8013b3f96f464c7d 100644
--- a/src/plugins/instantiate/tests/stdlib/test_config
+++ b/src/plugins/instantiate/tests/stdlib/test_config
@@ -1 +1 @@
-OPT: @PTEST_FILE@ -instantiate -print -check -then -ocode @PTEST_DIR@/result/@PTEST_NAME@.c -print -then -no-instantiate @PTEST_DIR@/result/@PTEST_NAME@.c @PTEST_FILE@ -ocode="" -print
\ No newline at end of file
+OPT: @PTEST_FILE@ -instantiate -print -check -then -ocode @PTEST_DIR@/result/@PTEST_NAME@.c -print -then -no-instantiate @PTEST_DIR@/result/@PTEST_NAME@.c -ocode="" -print
diff --git a/src/plugins/instantiate/tests/string/memcmp.c b/src/plugins/instantiate/tests/string/memcmp.c
index 004f004f222223440c8a3221832d494ecd8541ce..d8d958e45ed65cd76e23e500c531d6f498ab8c88 100644
--- a/src/plugins/instantiate/tests/string/memcmp.c
+++ b/src/plugins/instantiate/tests/string/memcmp.c
@@ -29,4 +29,16 @@ int nested(int (*s1)[10], int (*s2)[10], int n){
int with_void(void *s1, void *s2, int n){
return memcmp(s1, s2, 10) ;
-}
\ No newline at end of file
+}
+
+struct incomplete ;
+int with_incomplete(struct incomplete* s1, struct incomplete* s2, int n){
+ return memcmp(s1, s2, n);
+}
+
+void with_null_or_int(int p[10]){
+ memcmp(NULL, p, 10 * sizeof(int));
+ memcmp(p, NULL, 10 * sizeof(int));
+ memcmp((int const*)42, p, 10 * sizeof(int));
+ memcmp(p, (int const*)42, 10 * sizeof(int));
+}
diff --git a/src/plugins/instantiate/tests/string/memcpy.c b/src/plugins/instantiate/tests/string/memcpy.c
index 4f245bbbd068b03d854f4dbf7571693be07af82f..fda5fadb75810c7a18c2549b8541046d80c68d79 100644
--- a/src/plugins/instantiate/tests/string/memcpy.c
+++ b/src/plugins/instantiate/tests/string/memcpy.c
@@ -36,3 +36,16 @@ void with_void(void *src, void *dest, int n){
void *res = memcpy(dest, src, n);
memcpy(src, res, n);
}
+
+struct incomplete ;
+void with_incomplete(struct incomplete* src, struct incomplete* dest, int n){
+ struct incomplete* res = memcpy(dest, src, n);
+ memcpy(src, res, n);
+}
+
+void with_null_or_int(int p[10]){
+ memcpy(NULL, p, 10 * sizeof(int));
+ memcpy(p, NULL, 10 * sizeof(int));
+ memcpy((int*)42, p, 10 * sizeof(int));
+ memcpy(p, (int*)42, 10 * sizeof(int));
+}
diff --git a/src/plugins/instantiate/tests/string/memmove.c b/src/plugins/instantiate/tests/string/memmove.c
index 9fca890b0e18cd35a23f399ee9bf2d86262e6e65..72a5e891aeeffcfa3ec18fc5cbf372aa43734916 100644
--- a/src/plugins/instantiate/tests/string/memmove.c
+++ b/src/plugins/instantiate/tests/string/memmove.c
@@ -36,3 +36,16 @@ void with_void(void *src, void *dest, int n){
void *res = memmove(dest, src, n);
memmove(src, res, n);
}
+
+struct incomplete ;
+void with_incomplete(struct incomplete *src, struct incomplete *dest, int n){
+ struct incomplete *res = memmove(dest, src, n);
+ memmove(src, res, n);
+}
+
+void with_null_or_int(int p[10]){
+ memmove(NULL, p, 10 * sizeof(int));
+ memmove(p, NULL, 10 * sizeof(int));
+ memmove((int*)42, p, 10 * sizeof(int));
+ memmove(p, (int*)42, 10 * sizeof(int));
+}
diff --git a/src/plugins/instantiate/tests/string/memset_0.c b/src/plugins/instantiate/tests/string/memset_0.c
index ffd73cad6a70f0b48b2e47fa34756d3a982456b3..bb58f3d9c3af3350257485bb6242ba931f89da4b 100644
--- a/src/plugins/instantiate/tests/string/memset_0.c
+++ b/src/plugins/instantiate/tests/string/memset_0.c
@@ -27,6 +27,12 @@ void integer(int dest[10]){
memset(res, 0, 10 * sizeof(int));
}
+enum E { A, B, C } ;
+void with_enum(enum E dest[10]){
+ enum E * res = memset(dest, 0, 10 * sizeof(enum E));
+ memset(res, 0, 10 * sizeof(enum E));
+}
+
void floats(float dest[10]){
float * res = memset(dest, 0, 10 * sizeof(float));
memset(res, 0, 10 * sizeof(float));
@@ -56,3 +62,8 @@ void with_void(void* dest){
void* res = memset(dest, 0, 10);
memset(res, 0, 10);
}
+
+void with_null_or_int(void){
+ memset(NULL, 0, 10);
+ memset((int*) 42, 0, 10);
+}
diff --git a/src/plugins/instantiate/tests/string/memset_FF.c b/src/plugins/instantiate/tests/string/memset_FF.c
index 17c8260b5165b3f8b6ff0fdfd04a2c5c4eabc653..68f3253fc58737341f77805794f8a567b6d000ed 100644
--- a/src/plugins/instantiate/tests/string/memset_FF.c
+++ b/src/plugins/instantiate/tests/string/memset_FF.c
@@ -27,6 +27,12 @@ void integer(int dest[10]){
memset(res, 0xFF, 10 * sizeof(int));
}
+enum E { A, B, C } ;
+void with_enum(enum E dest[10]){
+ enum E * res = memset(dest, 0xFF, 10 * sizeof(enum E));
+ memset(res, 0xFF, 10 * sizeof(enum E));
+}
+
void unsigned_integer(unsigned dest[10]){
unsigned * res = memset(dest, 0xFF, 10 * sizeof(unsigned));
memset(res, 0xFF, 10 * sizeof(unsigned));
@@ -82,3 +88,8 @@ void with_void(void* dest){
void* res = memset(dest, 0xFF, 10);
memset(res, 0xFF, 10);
}
+
+void with_null_or_int(void){
+ memset(NULL, 0xFF, 10);
+ memset((int*) 42, 0xFF, 10);
+}
diff --git a/src/plugins/instantiate/tests/string/memset_nested_typedef.c b/src/plugins/instantiate/tests/string/memset_nested_typedef.c
new file mode 100644
index 0000000000000000000000000000000000000000..2e01be12e5c6560ef86b35bbcd997ead76b61e00
--- /dev/null
+++ b/src/plugins/instantiate/tests/string/memset_nested_typedef.c
@@ -0,0 +1,9 @@
+#include <string.h>
+
+typedef unsigned t;
+struct X { t s_addr; };
+
+void test() {
+ struct X x;
+ memset(&x, 0, sizeof(x));
+}
diff --git a/src/plugins/instantiate/tests/string/memset_nested_union.c b/src/plugins/instantiate/tests/string/memset_nested_union.c
new file mode 100644
index 0000000000000000000000000000000000000000..ea236b94e159c2eeb62dc5bad8fc822c6b6c28d2
--- /dev/null
+++ b/src/plugins/instantiate/tests/string/memset_nested_union.c
@@ -0,0 +1,11 @@
+#include <string.h>
+
+union U {
+ int x ;
+ unsigned y ;
+};
+struct X { union U u ; };
+void test() {
+ struct X x;
+ memset(&x, 0, sizeof(x));
+}
diff --git a/src/plugins/instantiate/tests/string/memset_value.c b/src/plugins/instantiate/tests/string/memset_value.c
index 25f04a59ff02c4378a30f44a82d1ffa81758f895..ad966713db9b11cef6c1ed3941f92062589730d1 100644
--- a/src/plugins/instantiate/tests/string/memset_value.c
+++ b/src/plugins/instantiate/tests/string/memset_value.c
@@ -27,6 +27,12 @@ void integer(int dest[10], int value){
memset(res, value, 10 * sizeof(int));
}
+enum E { A, B, C } ;
+void with_enum(enum E dest[10], int value){
+ enum E * res = memset(dest, value, 10 * sizeof(enum E));
+ memset(res, value, 10 * sizeof(enum E));
+}
+
void with_named(named dest[10], int value){
named * res = memset(dest, value, 10 * sizeof(named));
memset(res, value, 10 * sizeof(named));
@@ -51,3 +57,13 @@ void with_void(void* dest, int value){
void* res = memset(dest, value, 10);
memset(res, value, 10);
}
+
+void with_incomplete(struct incomplete* dest, int value){
+ struct incomplete * res = memset(dest, value, 10);
+ memset(res, value, 10);
+}
+
+void with_null_or_int(int value){
+ memset(NULL, value, 10);
+ memset((int*) 42, value, 10);
+}
diff --git a/src/plugins/instantiate/tests/string/oracle/memcmp.res.oracle b/src/plugins/instantiate/tests/string/oracle/memcmp.res.oracle
index 9a3d0e6381121a41265d270e492b2b5ffca83dc7..1f82bcd57b000001f672deb6a8e1f9f34dd3f699 100644
--- a/src/plugins/instantiate/tests/string/oracle/memcmp.res.oracle
+++ b/src/plugins/instantiate/tests/string/oracle/memcmp.res.oracle
@@ -1,5 +1,16 @@
[kernel] Parsing tests/string/memcmp.c (with preprocessing)
-[instantiate] tests/string/memcmp.c:31: Warning: Ignore call: not well typed
+[instantiate] tests/string/memcmp.c:31: Warning:
+ memcmp instantiator cannot replace call
+[instantiate] tests/string/memcmp.c:36: Warning:
+ memcmp instantiator cannot replace call
+[instantiate] tests/string/memcmp.c:40: Warning:
+ memcmp instantiator cannot replace call
+[instantiate] tests/string/memcmp.c:41: Warning:
+ memcmp instantiator cannot replace call
+[instantiate] tests/string/memcmp.c:42: Warning:
+ memcmp instantiator cannot replace call
+[instantiate] tests/string/memcmp.c:43: Warning:
+ memcmp instantiator cannot replace call
/* Generated by Frama-C */
#include "stddef.h"
#include "string.h"
@@ -9,6 +20,7 @@ struct X {
int y ;
};
typedef int named;
+struct incomplete;
/*@ requires aligned_end: len % 4 ≡ 0;
requires
valid_read_s1:
@@ -150,21 +162,26 @@ int with_void(void *s1, void *s2, int n)
return tmp;
}
+int with_incomplete(struct incomplete *s1, struct incomplete *s2, int n)
+{
+ int tmp;
+ tmp = memcmp((void const *)s1,(void const *)s2,(unsigned int)n);
+ return tmp;
+}
+
+void with_null_or_int(int * /*[10]*/ p)
+{
+ memcmp((void const *)0,(void const *)p,(unsigned int)10 * sizeof(int));
+ memcmp((void const *)p,(void const *)0,(unsigned int)10 * sizeof(int));
+ memcmp((void const *)((int const *)42),(void const *)p,
+ (unsigned int)10 * sizeof(int));
+ memcmp((void const *)p,(void const *)((int const *)42),
+ (unsigned int)10 * sizeof(int));
+ return;
+}
+
[kernel] Parsing tests/string/result/memcmp.c (with preprocessing)
-[kernel] Parsing tests/string/memcmp.c (with preprocessing)
-[kernel] tests/string/memcmp.c:10: Warning:
- def'n of func integer at tests/string/memcmp.c:10 (sum 1085) conflicts with the one at tests/string/result/memcmp.c:34 (sum 1972); keeping the one at tests/string/result/memcmp.c:34.
-[kernel] tests/string/memcmp.c:14: Warning:
- def'n of func with_named at tests/string/memcmp.c:14 (sum 1085) conflicts with the one at tests/string/result/memcmp.c:41 (sum 1972); keeping the one at tests/string/result/memcmp.c:41.
-[kernel] tests/string/memcmp.c:18: Warning:
- def'n of func structure at tests/string/memcmp.c:18 (sum 1085) conflicts with the one at tests/string/result/memcmp.c:72 (sum 1972); keeping the one at tests/string/result/memcmp.c:72.
-[kernel] tests/string/memcmp.c:22: Warning:
- def'n of func pointers at tests/string/memcmp.c:22 (sum 1085) conflicts with the one at tests/string/result/memcmp.c:103 (sum 1972); keeping the one at tests/string/result/memcmp.c:103.
-[kernel] tests/string/memcmp.c:26: Warning:
- def'n of func nested at tests/string/memcmp.c:26 (sum 1087) conflicts with the one at tests/string/result/memcmp.c:137 (sum 1974); keeping the one at tests/string/result/memcmp.c:137.
-[kernel] tests/string/memcmp.c:30: Warning:
- def'n of func with_void at tests/string/memcmp.c:30 (sum 1087) conflicts with the one at tests/string/result/memcmp.c:144 (sum 1974); keeping the one at tests/string/result/memcmp.c:144.
/* Generated by Frama-C */
#include "stddef.h"
#include "string.h"
@@ -174,6 +191,7 @@ struct X {
int y ;
};
typedef int named;
+struct incomplete;
/*@ requires aligned_end: len % 4 ≡ 0;
requires
valid_read_s1:
@@ -324,4 +342,22 @@ int with_void(void *s1, void *s2, int n)
return tmp;
}
+int with_incomplete(struct incomplete *s1, struct incomplete *s2, int n)
+{
+ int tmp;
+ tmp = memcmp((void const *)s1,(void const *)s2,(unsigned int)n);
+ return tmp;
+}
+
+void with_null_or_int(int *p)
+{
+ memcmp((void const *)0,(void const *)p,(unsigned int)10 * sizeof(int));
+ memcmp((void const *)p,(void const *)0,(unsigned int)10 * sizeof(int));
+ memcmp((void const *)((int const *)42),(void const *)p,
+ (unsigned int)10 * sizeof(int));
+ memcmp((void const *)p,(void const *)((int const *)42),
+ (unsigned int)10 * sizeof(int));
+ return;
+}
+
diff --git a/src/plugins/instantiate/tests/string/oracle/memcpy.res.oracle b/src/plugins/instantiate/tests/string/oracle/memcpy.res.oracle
index 63bd23cf23c207e89a094717492cd87246acb3c0..899dd8afefc6053b12a354ddcec1ba03c5f71842 100644
--- a/src/plugins/instantiate/tests/string/oracle/memcpy.res.oracle
+++ b/src/plugins/instantiate/tests/string/oracle/memcpy.res.oracle
@@ -1,6 +1,20 @@
[kernel] Parsing tests/string/memcpy.c (with preprocessing)
-[instantiate] tests/string/memcpy.c:36: Warning: Ignore call: not well typed
-[instantiate] tests/string/memcpy.c:37: Warning: Ignore call: not well typed
+[instantiate] tests/string/memcpy.c:36: Warning:
+ memcpy instantiator cannot replace call
+[instantiate] tests/string/memcpy.c:37: Warning:
+ memcpy instantiator cannot replace call
+[instantiate] tests/string/memcpy.c:42: Warning:
+ memcpy instantiator cannot replace call
+[instantiate] tests/string/memcpy.c:43: Warning:
+ memcpy instantiator cannot replace call
+[instantiate] tests/string/memcpy.c:47: Warning:
+ memcpy instantiator cannot replace call
+[instantiate] tests/string/memcpy.c:48: Warning:
+ memcpy instantiator cannot replace call
+[instantiate] tests/string/memcpy.c:49: Warning:
+ memcpy instantiator cannot replace call
+[instantiate] tests/string/memcpy.c:50: Warning:
+ memcpy instantiator cannot replace call
/* Generated by Frama-C */
#include "stddef.h"
#include "string.h"
@@ -10,16 +24,17 @@ struct X {
int y ;
};
typedef int named;
-/*@ requires aligned_end: len % 4 ≡ 0;
+struct incomplete;
+/*@ requires
+ separation:
+ \let __fc_len = len / 4;
+ \separated(dest + (0 .. __fc_len - 1), src + (0 .. __fc_len - 1));
+ requires aligned_end: len % 4 ≡ 0;
requires
valid_dest: \let __fc_len = len / 4; \valid(dest + (0 .. __fc_len - 1));
requires
valid_read_src:
\let __fc_len = len / 4; \valid_read(src + (0 .. __fc_len - 1));
- requires
- separation:
- \let __fc_len = len / 4;
- \separated(dest + (0 .. __fc_len - 1), src + (0 .. __fc_len - 1));
ensures
copied:
\let __fc_len = len / 4;
@@ -50,16 +65,16 @@ void with_named(named * /*[10]*/ src, named * /*[10]*/ dest)
return;
}
-/*@ requires aligned_end: len % 8 ≡ 0;
+/*@ requires
+ separation:
+ \let __fc_len = len / 8;
+ \separated(dest + (0 .. __fc_len - 1), src + (0 .. __fc_len - 1));
+ requires aligned_end: len % 8 ≡ 0;
requires
valid_dest: \let __fc_len = len / 8; \valid(dest + (0 .. __fc_len - 1));
requires
valid_read_src:
\let __fc_len = len / 8; \valid_read(src + (0 .. __fc_len - 1));
- requires
- separation:
- \let __fc_len = len / 8;
- \separated(dest + (0 .. __fc_len - 1), src + (0 .. __fc_len - 1));
ensures
copied:
\let __fc_len = len / 8;
@@ -83,16 +98,16 @@ void structure(struct X * /*[10]*/ src, struct X * /*[10]*/ dest)
return;
}
-/*@ requires aligned_end: len % 4 ≡ 0;
+/*@ requires
+ separation:
+ \let __fc_len = len / 4;
+ \separated(dest + (0 .. __fc_len - 1), src + (0 .. __fc_len - 1));
+ requires aligned_end: len % 4 ≡ 0;
requires
valid_dest: \let __fc_len = len / 4; \valid(dest + (0 .. __fc_len - 1));
requires
valid_read_src:
\let __fc_len = len / 4; \valid_read(src + (0 .. __fc_len - 1));
- requires
- separation:
- \let __fc_len = len / 4;
- \separated(dest + (0 .. __fc_len - 1), src + (0 .. __fc_len - 1));
ensures
copied:
\let __fc_len = len / 4;
@@ -116,17 +131,17 @@ void pointers(int ** /*[10]*/ src, int ** /*[10]*/ dest)
return;
}
-/*@ requires aligned_end: len % 40 ≡ 0;
+/*@ requires
+ separation:
+ \let __fc_len = len / 40;
+ \separated(dest + (0 .. __fc_len - 1), src + (0 .. __fc_len - 1));
+ requires aligned_end: len % 40 ≡ 0;
requires
valid_dest:
\let __fc_len = len / 40; \valid(dest + (0 .. __fc_len - 1));
requires
valid_read_src:
\let __fc_len = len / 40; \valid_read(src + (0 .. __fc_len - 1));
- requires
- separation:
- \let __fc_len = len / 40;
- \separated(dest + (0 .. __fc_len - 1), src + (0 .. __fc_len - 1));
ensures
copied:
\let __fc_len = len / 40;
@@ -162,21 +177,25 @@ void with_void(void *src, void *dest, int n)
return;
}
+void with_incomplete(struct incomplete *src, struct incomplete *dest, int n)
+{
+ struct incomplete *res =
+ memcpy((void *)dest,(void const *)src,(unsigned int)n);
+ memcpy((void *)src,(void const *)res,(unsigned int)n);
+ return;
+}
+
+void with_null_or_int(int * /*[10]*/ p)
+{
+ memcpy((void *)0,(void const *)p,(unsigned int)10 * sizeof(int));
+ memcpy((void *)p,(void const *)0,(unsigned int)10 * sizeof(int));
+ memcpy((void *)((int *)42),(void const *)p,(unsigned int)10 * sizeof(int));
+ memcpy((void *)p,(void const *)((int *)42),(unsigned int)10 * sizeof(int));
+ return;
+}
+
[kernel] Parsing tests/string/result/memcpy.c (with preprocessing)
-[kernel] Parsing tests/string/memcpy.c (with preprocessing)
-[kernel] tests/string/memcpy.c:10: Warning:
- dropping duplicate def'n of func integer at tests/string/memcpy.c:10 in favor of that at tests/string/result/memcpy.c:36
-[kernel] tests/string/memcpy.c:15: Warning:
- dropping duplicate def'n of func with_named at tests/string/memcpy.c:15 in favor of that at tests/string/result/memcpy.c:43
-[kernel] tests/string/memcpy.c:20: Warning:
- dropping duplicate def'n of func structure at tests/string/memcpy.c:20 in favor of that at tests/string/result/memcpy.c:76
-[kernel] tests/string/memcpy.c:25: Warning:
- dropping duplicate def'n of func pointers at tests/string/memcpy.c:25 in favor of that at tests/string/result/memcpy.c:109
-[kernel] tests/string/memcpy.c:30: Warning:
- dropping duplicate def'n of func nested at tests/string/memcpy.c:30 in favor of that at tests/string/result/memcpy.c:147
-[kernel] tests/string/memcpy.c:35: Warning:
- dropping duplicate def'n of func with_void at tests/string/memcpy.c:35 in favor of that at tests/string/result/memcpy.c:155
/* Generated by Frama-C */
#include "stddef.h"
#include "string.h"
@@ -186,16 +205,17 @@ struct X {
int y ;
};
typedef int named;
-/*@ requires aligned_end: len % 4 ≡ 0;
+struct incomplete;
+/*@ requires
+ separation:
+ \let __fc_len = len / 4;
+ \separated(dest + (0 .. __fc_len - 1), src + (0 .. __fc_len - 1));
+ requires aligned_end: len % 4 ≡ 0;
requires
valid_dest: \let __fc_len = len / 4; \valid(dest + (0 .. __fc_len - 1));
requires
valid_read_src:
\let __fc_len = len / 4; \valid_read(src + (0 .. __fc_len - 1));
- requires
- separation:
- \let __fc_len = len / 4;
- \separated(dest + (0 .. __fc_len - 1), src + (0 .. __fc_len - 1));
ensures
copied:
\let __fc_len = \old(len) / 4;
@@ -229,16 +249,16 @@ void with_named(named *src, named *dest)
return;
}
-/*@ requires aligned_end: len % 8 ≡ 0;
+/*@ requires
+ separation:
+ \let __fc_len = len / 8;
+ \separated(dest + (0 .. __fc_len - 1), src + (0 .. __fc_len - 1));
+ requires aligned_end: len % 8 ≡ 0;
requires
valid_dest: \let __fc_len = len / 8; \valid(dest + (0 .. __fc_len - 1));
requires
valid_read_src:
\let __fc_len = len / 8; \valid_read(src + (0 .. __fc_len - 1));
- requires
- separation:
- \let __fc_len = len / 8;
- \separated(dest + (0 .. __fc_len - 1), src + (0 .. __fc_len - 1));
ensures
copied:
\let __fc_len = \old(len) / 8;
@@ -265,16 +285,16 @@ void structure(struct X *src, struct X *dest)
return;
}
-/*@ requires aligned_end: len % 4 ≡ 0;
+/*@ requires
+ separation:
+ \let __fc_len = len / 4;
+ \separated(dest + (0 .. __fc_len - 1), src + (0 .. __fc_len - 1));
+ requires aligned_end: len % 4 ≡ 0;
requires
valid_dest: \let __fc_len = len / 4; \valid(dest + (0 .. __fc_len - 1));
requires
valid_read_src:
\let __fc_len = len / 4; \valid_read(src + (0 .. __fc_len - 1));
- requires
- separation:
- \let __fc_len = len / 4;
- \separated(dest + (0 .. __fc_len - 1), src + (0 .. __fc_len - 1));
ensures
copied:
\let __fc_len = \old(len) / 4;
@@ -300,17 +320,17 @@ void pointers(int **src, int **dest)
return;
}
-/*@ requires aligned_end: len % 40 ≡ 0;
+/*@ requires
+ separation:
+ \let __fc_len = len / 40;
+ \separated(dest + (0 .. __fc_len - 1), src + (0 .. __fc_len - 1));
+ requires aligned_end: len % 40 ≡ 0;
requires
valid_dest:
\let __fc_len = len / 40; \valid(dest + (0 .. __fc_len - 1));
requires
valid_read_src:
\let __fc_len = len / 40; \valid_read(src + (0 .. __fc_len - 1));
- requires
- separation:
- \let __fc_len = len / 40;
- \separated(dest + (0 .. __fc_len - 1), src + (0 .. __fc_len - 1));
ensures
copied:
\let __fc_len = \old(len) / 40;
@@ -349,4 +369,21 @@ void with_void(void *src, void *dest, int n)
return;
}
+void with_incomplete(struct incomplete *src, struct incomplete *dest, int n)
+{
+ struct incomplete *res =
+ memcpy((void *)dest,(void const *)src,(unsigned int)n);
+ memcpy((void *)src,(void const *)res,(unsigned int)n);
+ return;
+}
+
+void with_null_or_int(int *p)
+{
+ memcpy((void *)0,(void const *)p,(unsigned int)10 * sizeof(int));
+ memcpy((void *)p,(void const *)0,(unsigned int)10 * sizeof(int));
+ memcpy((void *)((int *)42),(void const *)p,(unsigned int)10 * sizeof(int));
+ memcpy((void *)p,(void const *)((int *)42),(unsigned int)10 * sizeof(int));
+ return;
+}
+
diff --git a/src/plugins/instantiate/tests/string/oracle/memmove.res.oracle b/src/plugins/instantiate/tests/string/oracle/memmove.res.oracle
index 6023a30c6bf1db32b311e1cc205aa6780273e26c..f327581499bdc3f2393d4bd573a08d587761e1df 100644
--- a/src/plugins/instantiate/tests/string/oracle/memmove.res.oracle
+++ b/src/plugins/instantiate/tests/string/oracle/memmove.res.oracle
@@ -1,6 +1,20 @@
[kernel] Parsing tests/string/memmove.c (with preprocessing)
-[instantiate] tests/string/memmove.c:36: Warning: Ignore call: not well typed
-[instantiate] tests/string/memmove.c:37: Warning: Ignore call: not well typed
+[instantiate] tests/string/memmove.c:36: Warning:
+ memmove instantiator cannot replace call
+[instantiate] tests/string/memmove.c:37: Warning:
+ memmove instantiator cannot replace call
+[instantiate] tests/string/memmove.c:42: Warning:
+ memmove instantiator cannot replace call
+[instantiate] tests/string/memmove.c:43: Warning:
+ memmove instantiator cannot replace call
+[instantiate] tests/string/memmove.c:47: Warning:
+ memmove instantiator cannot replace call
+[instantiate] tests/string/memmove.c:48: Warning:
+ memmove instantiator cannot replace call
+[instantiate] tests/string/memmove.c:49: Warning:
+ memmove instantiator cannot replace call
+[instantiate] tests/string/memmove.c:50: Warning:
+ memmove instantiator cannot replace call
/* Generated by Frama-C */
#include "stddef.h"
#include "string.h"
@@ -10,6 +24,7 @@ struct X {
int y ;
};
typedef int named;
+struct incomplete;
/*@ requires aligned_end: len % 4 ≡ 0;
requires
valid_dest: \let __fc_len = len / 4; \valid(dest + (0 .. __fc_len - 1));
@@ -146,21 +161,25 @@ void with_void(void *src, void *dest, int n)
return;
}
+void with_incomplete(struct incomplete *src, struct incomplete *dest, int n)
+{
+ struct incomplete *res =
+ memmove((void *)dest,(void const *)src,(unsigned int)n);
+ memmove((void *)src,(void const *)res,(unsigned int)n);
+ return;
+}
+
+void with_null_or_int(int * /*[10]*/ p)
+{
+ memmove((void *)0,(void const *)p,(unsigned int)10 * sizeof(int));
+ memmove((void *)p,(void const *)0,(unsigned int)10 * sizeof(int));
+ memmove((void *)((int *)42),(void const *)p,(unsigned int)10 * sizeof(int));
+ memmove((void *)p,(void const *)((int *)42),(unsigned int)10 * sizeof(int));
+ return;
+}
+
[kernel] Parsing tests/string/result/memmove.c (with preprocessing)
-[kernel] Parsing tests/string/memmove.c (with preprocessing)
-[kernel] tests/string/memmove.c:10: Warning:
- dropping duplicate def'n of func integer at tests/string/memmove.c:10 in favor of that at tests/string/result/memmove.c:32
-[kernel] tests/string/memmove.c:15: Warning:
- dropping duplicate def'n of func with_named at tests/string/memmove.c:15 in favor of that at tests/string/result/memmove.c:39
-[kernel] tests/string/memmove.c:20: Warning:
- dropping duplicate def'n of func structure at tests/string/memmove.c:20 in favor of that at tests/string/result/memmove.c:68
-[kernel] tests/string/memmove.c:25: Warning:
- dropping duplicate def'n of func pointers at tests/string/memmove.c:25 in favor of that at tests/string/result/memmove.c:97
-[kernel] tests/string/memmove.c:30: Warning:
- dropping duplicate def'n of func nested at tests/string/memmove.c:30 in favor of that at tests/string/result/memmove.c:131
-[kernel] tests/string/memmove.c:35: Warning:
- dropping duplicate def'n of func with_void at tests/string/memmove.c:35 in favor of that at tests/string/result/memmove.c:139
/* Generated by Frama-C */
#include "stddef.h"
#include "string.h"
@@ -170,6 +189,7 @@ struct X {
int y ;
};
typedef int named;
+struct incomplete;
/*@ requires aligned_end: len % 4 ≡ 0;
requires
valid_dest: \let __fc_len = len / 4; \valid(dest + (0 .. __fc_len - 1));
@@ -317,4 +337,21 @@ void with_void(void *src, void *dest, int n)
return;
}
+void with_incomplete(struct incomplete *src, struct incomplete *dest, int n)
+{
+ struct incomplete *res =
+ memmove((void *)dest,(void const *)src,(unsigned int)n);
+ memmove((void *)src,(void const *)res,(unsigned int)n);
+ return;
+}
+
+void with_null_or_int(int *p)
+{
+ memmove((void *)0,(void const *)p,(unsigned int)10 * sizeof(int));
+ memmove((void *)p,(void const *)0,(unsigned int)10 * sizeof(int));
+ memmove((void *)((int *)42),(void const *)p,(unsigned int)10 * sizeof(int));
+ memmove((void *)p,(void const *)((int *)42),(unsigned int)10 * sizeof(int));
+ return;
+}
+
diff --git a/src/plugins/instantiate/tests/string/oracle/memset_0.res.oracle b/src/plugins/instantiate/tests/string/oracle/memset_0.res.oracle
index 8936d80df52ddcdaf70d3aa9dcf6f9a2c97edf53..dae2db7eba374181cfa6fe5705cbcd211dfeaed5 100644
--- a/src/plugins/instantiate/tests/string/oracle/memset_0.res.oracle
+++ b/src/plugins/instantiate/tests/string/oracle/memset_0.res.oracle
@@ -1,6 +1,12 @@
[kernel] Parsing tests/string/memset_0.c (with preprocessing)
-[instantiate] tests/string/memset_0.c:56: Warning: Ignore call: not well typed
-[instantiate] tests/string/memset_0.c:57: Warning: Ignore call: not well typed
+[instantiate] tests/string/memset_0.c:62: Warning:
+ memset instantiator cannot replace call
+[instantiate] tests/string/memset_0.c:63: Warning:
+ memset instantiator cannot replace call
+[instantiate] tests/string/memset_0.c:67: Warning:
+ memset instantiator cannot replace call
+[instantiate] tests/string/memset_0.c:68: Warning:
+ memset instantiator cannot replace call
/* Generated by Frama-C */
#include "stddef.h"
#include "string.h"
@@ -10,6 +16,11 @@ struct X {
int y ;
};
typedef int named;
+enum E {
+ A = 0,
+ B = 1,
+ C = 2
+};
/*@ requires in_bounds_value: -128 ≤ value < 128;
requires valid_dest: \valid(ptr + (0 .. len - 1));
ensures
@@ -111,6 +122,32 @@ void integer(int * /*[10]*/ dest)
return;
}
+/*@ requires aligned_end: len % 4 ≡ 0;
+ requires
+ valid_dest: \let __fc_len = len / 4; \valid(ptr + (0 .. __fc_len - 1));
+ ensures
+ set_content:
+ \let __fc_len = len / 4;
+ ∀ ℤ j0; 0 ≤ j0 < __fc_len ⇒ *(ptr + j0) ≡ 0;
+ ensures result: \result ≡ ptr;
+ assigns *(ptr + (0 .. len / 4 - 1)), \result;
+ assigns *(ptr + (0 .. len / 4 - 1)) \from \nothing;
+ assigns \result \from ptr;
+ */
+enum E *memset_e_E_0(enum E *ptr, size_t len)
+{
+ enum E *__retres;
+ __retres = (enum E *)memset((void *)ptr,0,len);
+ return __retres;
+}
+
+void with_enum(enum E * /*[10]*/ dest)
+{
+ enum E *res = memset_e_E_0(dest,(unsigned int)10 * sizeof(enum E));
+ memset_e_E_0(res,(unsigned int)10 * sizeof(enum E));
+ return;
+}
+
/*@ requires aligned_end: len % 4 ≡ 0;
requires
valid_dest: \let __fc_len = len / 4; \valid(ptr + (0 .. __fc_len - 1));
@@ -233,29 +270,15 @@ void with_void(void *dest)
return;
}
+void with_null_or_int(void)
+{
+ memset((void *)0,0,(unsigned int)10);
+ memset((void *)((int *)42),0,(unsigned int)10);
+ return;
+}
+
[kernel] Parsing tests/string/result/memset_0.c (with preprocessing)
-[kernel] Parsing tests/string/memset_0.c (with preprocessing)
-[kernel] tests/string/memset_0.c:10: Warning:
- dropping duplicate def'n of func chars at tests/string/memset_0.c:10 in favor of that at tests/string/result/memset_0.c:26
-[kernel] tests/string/memset_0.c:15: Warning:
- dropping duplicate def'n of func uchars at tests/string/memset_0.c:15 in favor of that at tests/string/result/memset_0.c:50
-[kernel] tests/string/memset_0.c:20: Warning:
- dropping duplicate def'n of func nested_chars at tests/string/memset_0.c:20 in favor of that at tests/string/result/memset_0.c:78
-[kernel] tests/string/memset_0.c:25: Warning:
- dropping duplicate def'n of func integer at tests/string/memset_0.c:25 in favor of that at tests/string/result/memset_0.c:104
-[kernel] tests/string/memset_0.c:30: Warning:
- dropping duplicate def'n of func floats at tests/string/memset_0.c:30 in favor of that at tests/string/result/memset_0.c:130
-[kernel] tests/string/memset_0.c:35: Warning:
- dropping duplicate def'n of func with_named at tests/string/memset_0.c:35 in favor of that at tests/string/result/memset_0.c:137
-[kernel] tests/string/memset_0.c:40: Warning:
- dropping duplicate def'n of func structure at tests/string/memset_0.c:40 in favor of that at tests/string/result/memset_0.c:164
-[kernel] tests/string/memset_0.c:45: Warning:
- dropping duplicate def'n of func pointers at tests/string/memset_0.c:45 in favor of that at tests/string/result/memset_0.c:190
-[kernel] tests/string/memset_0.c:50: Warning:
- dropping duplicate def'n of func nested at tests/string/memset_0.c:50 in favor of that at tests/string/result/memset_0.c:218
-[kernel] tests/string/memset_0.c:55: Warning:
- dropping duplicate def'n of func with_void at tests/string/memset_0.c:55 in favor of that at tests/string/result/memset_0.c:226
/* Generated by Frama-C */
#include "stddef.h"
#include "string.h"
@@ -265,6 +288,11 @@ struct X {
int y ;
};
typedef int named;
+enum E {
+ A = 0,
+ B = 1,
+ C = 2
+};
/*@ requires in_bounds_value: -128 ≤ value < 128;
requires valid_dest: \valid(ptr + (0 .. len - 1));
ensures
@@ -371,6 +399,32 @@ void integer(int *dest)
return;
}
+/*@ requires aligned_end: len % 4 ≡ 0;
+ requires
+ valid_dest: \let __fc_len = len / 4; \valid(ptr + (0 .. __fc_len - 1));
+ ensures
+ set_content:
+ \let __fc_len = \old(len) / 4;
+ ∀ ℤ j0; 0 ≤ j0 < __fc_len ⇒ *(\old(ptr) + j0) ≡ 0;
+ ensures result: \result ≡ \old(ptr);
+ assigns *(ptr + (0 .. len / 4 - 1)), \result;
+ assigns *(ptr + (0 .. len / 4 - 1)) \from \nothing;
+ assigns \result \from ptr;
+ */
+enum E *memset_e_E_0(enum E *ptr, size_t len)
+{
+ enum E *__retres;
+ __retres = (enum E *)memset((void *)ptr,0,len);
+ return __retres;
+}
+
+void with_enum(enum E *dest)
+{
+ enum E *res = memset_e_E_0(dest,(unsigned int)10 * sizeof(enum E));
+ memset_e_E_0(res,(unsigned int)10 * sizeof(enum E));
+ return;
+}
+
/*@ requires aligned_end: len % 4 ≡ 0;
requires
valid_dest: \let __fc_len = len / 4; \valid(ptr + (0 .. __fc_len - 1));
@@ -494,4 +548,11 @@ void with_void(void *dest)
return;
}
+void with_null_or_int(void)
+{
+ memset((void *)0,0,(unsigned int)10);
+ memset((void *)((int *)42),0,(unsigned int)10);
+ return;
+}
+
diff --git a/src/plugins/instantiate/tests/string/oracle/memset_FF.res.oracle b/src/plugins/instantiate/tests/string/oracle/memset_FF.res.oracle
index c64a99baf967de3fff4386486b4b06d1687f0959..137dd1c21a070c374f27367c3e82beb2b47a79aa 100644
--- a/src/plugins/instantiate/tests/string/oracle/memset_FF.res.oracle
+++ b/src/plugins/instantiate/tests/string/oracle/memset_FF.res.oracle
@@ -1,6 +1,12 @@
[kernel] Parsing tests/string/memset_FF.c (with preprocessing)
-[instantiate] tests/string/memset_FF.c:82: Warning: Ignore call: not well typed
-[instantiate] tests/string/memset_FF.c:83: Warning: Ignore call: not well typed
+[instantiate] tests/string/memset_FF.c:88: Warning:
+ memset instantiator cannot replace call
+[instantiate] tests/string/memset_FF.c:89: Warning:
+ memset instantiator cannot replace call
+[instantiate] tests/string/memset_FF.c:93: Warning:
+ memset instantiator cannot replace call
+[instantiate] tests/string/memset_FF.c:94: Warning:
+ memset instantiator cannot replace call
/* Generated by Frama-C */
#include "stddef.h"
#include "string.h"
@@ -10,6 +16,11 @@ struct X {
int y ;
};
typedef int named;
+enum E {
+ A = 0,
+ B = 1,
+ C = 2
+};
/*@ requires in_bounds_value: -128 ≤ value < 128;
requires valid_dest: \valid(ptr + (0 .. len - 1));
ensures
@@ -92,7 +103,7 @@ void nested_chars(char (* /*[10]*/ dest)[10])
ensures
set_content:
\let __fc_len = len / 4;
- ∀ ℤ j0; 0 ≤ j0 < __fc_len ⇒ *(ptr + j0) ≡ -2147483648;
+ ∀ ℤ j0; 0 ≤ j0 < __fc_len ⇒ *(ptr + j0) ≡ ~((int)0);
ensures result: \result ≡ ptr;
assigns *(ptr + (0 .. len / 4 - 1)), \result;
assigns *(ptr + (0 .. len / 4 - 1)) \from \nothing;
@@ -112,6 +123,32 @@ void integer(int * /*[10]*/ dest)
return;
}
+/*@ requires aligned_end: len % 4 ≡ 0;
+ requires
+ valid_dest: \let __fc_len = len / 4; \valid(ptr + (0 .. __fc_len - 1));
+ ensures
+ set_content:
+ \let __fc_len = len / 4;
+ ∀ ℤ j0; 0 ≤ j0 < __fc_len ⇒ *(ptr + j0) ≡ 4294967295;
+ ensures result: \result ≡ ptr;
+ assigns *(ptr + (0 .. len / 4 - 1)), \result;
+ assigns *(ptr + (0 .. len / 4 - 1)) \from \nothing;
+ assigns \result \from ptr;
+ */
+enum E *memset_e_E_FF(enum E *ptr, size_t len)
+{
+ enum E *__retres;
+ __retres = (enum E *)memset((void *)ptr,255,len);
+ return __retres;
+}
+
+void with_enum(enum E * /*[10]*/ dest)
+{
+ enum E *res = memset_e_E_FF(dest,(unsigned int)10 * sizeof(enum E));
+ memset_e_E_FF(res,(unsigned int)10 * sizeof(enum E));
+ return;
+}
+
/*@ requires aligned_end: len % 4 ≡ 0;
requires
valid_dest: \let __fc_len = len / 4; \valid(ptr + (0 .. __fc_len - 1));
@@ -145,7 +182,7 @@ void unsigned_integer(unsigned int * /*[10]*/ dest)
ensures
set_content:
\let __fc_len = len / 4;
- ∀ ℤ j0; 0 ≤ j0 < __fc_len ⇒ *(ptr + j0) ≡ -2147483648;
+ ∀ ℤ j0; 0 ≤ j0 < __fc_len ⇒ *(ptr + j0) ≡ ~((long)0);
ensures result: \result ≡ ptr;
assigns *(ptr + (0 .. len / 4 - 1)), \result;
assigns *(ptr + (0 .. len / 4 - 1)) \from \nothing;
@@ -198,8 +235,7 @@ void unsigned_long_integer(unsigned long * /*[10]*/ dest)
ensures
set_content:
\let __fc_len = len / 8;
- ∀ ℤ j0;
- 0 ≤ j0 < __fc_len ⇒ *(ptr + j0) ≡ -9223372036854775808;
+ ∀ ℤ j0; 0 ≤ j0 < __fc_len ⇒ *(ptr + j0) ≡ ~((long long)0);
ensures result: \result ≡ ptr;
assigns *(ptr + (0 .. len / 8 - 1)), \result;
assigns *(ptr + (0 .. len / 8 - 1)) \from \nothing;
@@ -289,7 +325,7 @@ void with_named(named * /*[10]*/ dest)
\let __fc_len = len / 8;
∀ ℤ j0;
0 ≤ j0 < __fc_len ⇒
- (ptr + j0)->x ≡ -2147483648 ∧ (ptr + j0)->y ≡ -2147483648;
+ (ptr + j0)->x ≡ ~((int)0) ∧ (ptr + j0)->y ≡ ~((int)0);
ensures result: \result ≡ ptr;
assigns *(ptr + (0 .. len / 8 - 1)), \result;
assigns *(ptr + (0 .. len / 8 - 1)) \from \nothing;
@@ -343,7 +379,7 @@ void pointers(int ** /*[10]*/ dest)
\let __fc_len = len / 40;
∀ ℤ j0;
0 ≤ j0 < __fc_len ⇒
- (∀ ℤ j1; 0 ≤ j1 < 10 ⇒ (*(ptr + j0))[j1] ≡ -2147483648);
+ (∀ ℤ j1; 0 ≤ j1 < 10 ⇒ (*(ptr + j0))[j1] ≡ ~((int)0));
ensures result: \result ≡ ptr;
assigns (*(ptr + (0 .. len / 40 - 1)))[0 .. 10 - 1], \result;
assigns (*(ptr + (0 .. len / 40 - 1)))[0 .. 10 - 1] \from \nothing;
@@ -371,39 +407,15 @@ void with_void(void *dest)
return;
}
+void with_null_or_int(void)
+{
+ memset((void *)0,0xFF,(unsigned int)10);
+ memset((void *)((int *)42),0xFF,(unsigned int)10);
+ return;
+}
+
[kernel] Parsing tests/string/result/memset_FF.c (with preprocessing)
-[kernel] Parsing tests/string/memset_FF.c (with preprocessing)
-[kernel] tests/string/memset_FF.c:10: Warning:
- dropping duplicate def'n of func chars at tests/string/memset_FF.c:10 in favor of that at tests/string/result/memset_FF.c:26
-[kernel] tests/string/memset_FF.c:15: Warning:
- dropping duplicate def'n of func uchars at tests/string/memset_FF.c:15 in favor of that at tests/string/result/memset_FF.c:50
-[kernel] tests/string/memset_FF.c:20: Warning:
- dropping duplicate def'n of func nested_chars at tests/string/memset_FF.c:20 in favor of that at tests/string/result/memset_FF.c:79
-[kernel] tests/string/memset_FF.c:25: Warning:
- dropping duplicate def'n of func integer at tests/string/memset_FF.c:25 in favor of that at tests/string/result/memset_FF.c:105
-[kernel] tests/string/memset_FF.c:30: Warning:
- dropping duplicate def'n of func unsigned_integer at tests/string/memset_FF.c:30 in favor of that at tests/string/result/memset_FF.c:131
-[kernel] tests/string/memset_FF.c:35: Warning:
- dropping duplicate def'n of func long_integer at tests/string/memset_FF.c:35 in favor of that at tests/string/result/memset_FF.c:158
-[kernel] tests/string/memset_FF.c:40: Warning:
- dropping duplicate def'n of func unsigned_long_integer at tests/string/memset_FF.c:40 in favor of that at tests/string/result/memset_FF.c:184
-[kernel] tests/string/memset_FF.c:45: Warning:
- dropping duplicate def'n of func long_long_integer at tests/string/memset_FF.c:45 in favor of that at tests/string/result/memset_FF.c:212
-[kernel] tests/string/memset_FF.c:50: Warning:
- dropping duplicate def'n of func unsigned_long_long_integer at tests/string/memset_FF.c:50 in favor of that at tests/string/result/memset_FF.c:240
-[kernel] tests/string/memset_FF.c:56: Warning:
- dropping duplicate def'n of func floats at tests/string/memset_FF.c:56 in favor of that at tests/string/result/memset_FF.c:267
-[kernel] tests/string/memset_FF.c:61: Warning:
- dropping duplicate def'n of func with_named at tests/string/memset_FF.c:61 in favor of that at tests/string/result/memset_FF.c:274
-[kernel] tests/string/memset_FF.c:66: Warning:
- dropping duplicate def'n of func structure at tests/string/memset_FF.c:66 in favor of that at tests/string/result/memset_FF.c:302
-[kernel] tests/string/memset_FF.c:71: Warning:
- dropping duplicate def'n of func pointers at tests/string/memset_FF.c:71 in favor of that at tests/string/result/memset_FF.c:328
-[kernel] tests/string/memset_FF.c:76: Warning:
- dropping duplicate def'n of func nested at tests/string/memset_FF.c:76 in favor of that at tests/string/result/memset_FF.c:356
-[kernel] tests/string/memset_FF.c:81: Warning:
- dropping duplicate def'n of func with_void at tests/string/memset_FF.c:81 in favor of that at tests/string/result/memset_FF.c:364
/* Generated by Frama-C */
#include "stddef.h"
#include "string.h"
@@ -413,6 +425,11 @@ struct X {
int y ;
};
typedef int named;
+enum E {
+ A = 0,
+ B = 1,
+ C = 2
+};
/*@ requires in_bounds_value: -128 ≤ value < 128;
requires valid_dest: \valid(ptr + (0 .. len - 1));
ensures
@@ -500,7 +517,7 @@ void nested_chars(char (*dest)[10])
ensures
set_content:
\let __fc_len = \old(len) / 4;
- ∀ ℤ j0; 0 ≤ j0 < __fc_len ⇒ *(\old(ptr) + j0) ≡ -2147483648;
+ ∀ ℤ j0; 0 ≤ j0 < __fc_len ⇒ *(\old(ptr) + j0) ≡ ~((int)0);
ensures result: \result ≡ \old(ptr);
assigns *(ptr + (0 .. len / 4 - 1)), \result;
assigns *(ptr + (0 .. len / 4 - 1)) \from \nothing;
@@ -520,6 +537,32 @@ void integer(int *dest)
return;
}
+/*@ requires aligned_end: len % 4 ≡ 0;
+ requires
+ valid_dest: \let __fc_len = len / 4; \valid(ptr + (0 .. __fc_len - 1));
+ ensures
+ set_content:
+ \let __fc_len = \old(len) / 4;
+ ∀ ℤ j0; 0 ≤ j0 < __fc_len ⇒ *(\old(ptr) + j0) ≡ 4294967295;
+ ensures result: \result ≡ \old(ptr);
+ assigns *(ptr + (0 .. len / 4 - 1)), \result;
+ assigns *(ptr + (0 .. len / 4 - 1)) \from \nothing;
+ assigns \result \from ptr;
+ */
+enum E *memset_e_E_FF(enum E *ptr, size_t len)
+{
+ enum E *__retres;
+ __retres = (enum E *)memset((void *)ptr,255,len);
+ return __retres;
+}
+
+void with_enum(enum E *dest)
+{
+ enum E *res = memset_e_E_FF(dest,(unsigned int)10 * sizeof(enum E));
+ memset_e_E_FF(res,(unsigned int)10 * sizeof(enum E));
+ return;
+}
+
/*@ requires aligned_end: len % 4 ≡ 0;
requires
valid_dest: \let __fc_len = len / 4; \valid(ptr + (0 .. __fc_len - 1));
@@ -553,7 +596,7 @@ void unsigned_integer(unsigned int *dest)
ensures
set_content:
\let __fc_len = \old(len) / 4;
- ∀ ℤ j0; 0 ≤ j0 < __fc_len ⇒ *(\old(ptr) + j0) ≡ -2147483648;
+ ∀ ℤ j0; 0 ≤ j0 < __fc_len ⇒ *(\old(ptr) + j0) ≡ ~((long)0);
ensures result: \result ≡ \old(ptr);
assigns *(ptr + (0 .. len / 4 - 1)), \result;
assigns *(ptr + (0 .. len / 4 - 1)) \from \nothing;
@@ -607,7 +650,7 @@ void unsigned_long_integer(unsigned long *dest)
set_content:
\let __fc_len = \old(len) / 8;
∀ ℤ j0;
- 0 ≤ j0 < __fc_len ⇒ *(\old(ptr) + j0) ≡ -9223372036854775808;
+ 0 ≤ j0 < __fc_len ⇒ *(\old(ptr) + j0) ≡ ~((long long)0);
ensures result: \result ≡ \old(ptr);
assigns *(ptr + (0 .. len / 8 - 1)), \result;
assigns *(ptr + (0 .. len / 8 - 1)) \from \nothing;
@@ -697,8 +740,8 @@ void with_named(named *dest)
\let __fc_len = \old(len) / 8;
∀ ℤ j0;
0 ≤ j0 < __fc_len ⇒
- (\old(ptr) + j0)->x ≡ -2147483648 ∧
- (\old(ptr) + j0)->y ≡ -2147483648;
+ (\old(ptr) + j0)->x ≡ ~((int)0) ∧
+ (\old(ptr) + j0)->y ≡ ~((int)0);
ensures result: \result ≡ \old(ptr);
assigns *(ptr + (0 .. len / 8 - 1)), \result;
assigns *(ptr + (0 .. len / 8 - 1)) \from \nothing;
@@ -753,7 +796,7 @@ void pointers(int **dest)
∀ ℤ j0;
0 ≤ j0 < __fc_len ⇒
(∀ ℤ j1;
- 0 ≤ j1 < 10 ⇒ (*(\old(ptr) + j0))[j1] ≡ -2147483648);
+ 0 ≤ j1 < 10 ⇒ (*(\old(ptr) + j0))[j1] ≡ ~((int)0));
ensures result: \result ≡ \old(ptr);
assigns (*(ptr + (0 .. len / 40 - 1)))[0 .. 10 - 1], \result;
assigns (*(ptr + (0 .. len / 40 - 1)))[0 .. 10 - 1] \from \nothing;
@@ -781,4 +824,11 @@ void with_void(void *dest)
return;
}
+void with_null_or_int(void)
+{
+ memset((void *)0,0xFF,(unsigned int)10);
+ memset((void *)((int *)42),0xFF,(unsigned int)10);
+ return;
+}
+
diff --git a/src/plugins/instantiate/tests/string/oracle/memset_nested_typedef.res.oracle b/src/plugins/instantiate/tests/string/oracle/memset_nested_typedef.res.oracle
new file mode 100644
index 0000000000000000000000000000000000000000..c99bbab555ac56acc73b2c2e68315465b5fcd36d
--- /dev/null
+++ b/src/plugins/instantiate/tests/string/oracle/memset_nested_typedef.res.oracle
@@ -0,0 +1,72 @@
+[kernel] Parsing tests/string/memset_nested_typedef.c (with preprocessing)
+/* Generated by Frama-C */
+#include "stddef.h"
+#include "string.h"
+#include "strings.h"
+typedef unsigned int t;
+struct X {
+ t s_addr ;
+};
+/*@ requires aligned_end: len % 4 ≡ 0;
+ requires
+ valid_dest: \let __fc_len = len / 4; \valid(ptr + (0 .. __fc_len - 1));
+ ensures
+ set_content:
+ \let __fc_len = len / 4;
+ ∀ ℤ j0; 0 ≤ j0 < __fc_len ⇒ (ptr + j0)->s_addr ≡ 0;
+ ensures result: \result ≡ ptr;
+ assigns *(ptr + (0 .. len / 4 - 1)), \result;
+ assigns *(ptr + (0 .. len / 4 - 1)) \from \nothing;
+ assigns \result \from ptr;
+ */
+struct X *memset_st_X_0(struct X *ptr, size_t len)
+{
+ struct X *__retres;
+ __retres = (struct X *)memset((void *)ptr,0,len);
+ return __retres;
+}
+
+void test(void)
+{
+ struct X x;
+ memset_st_X_0(& x,sizeof(x));
+ return;
+}
+
+
+[kernel] Parsing tests/string/result/memset_nested_typedef.c (with preprocessing)
+/* Generated by Frama-C */
+#include "stddef.h"
+#include "string.h"
+#include "strings.h"
+typedef unsigned int t;
+struct X {
+ t s_addr ;
+};
+/*@ requires aligned_end: len % 4 ≡ 0;
+ requires
+ valid_dest: \let __fc_len = len / 4; \valid(ptr + (0 .. __fc_len - 1));
+ ensures
+ set_content:
+ \let __fc_len = \old(len) / 4;
+ ∀ ℤ j0; 0 ≤ j0 < __fc_len ⇒ (\old(ptr) + j0)->s_addr ≡ 0;
+ ensures result: \result ≡ \old(ptr);
+ assigns *(ptr + (0 .. len / 4 - 1)), \result;
+ assigns *(ptr + (0 .. len / 4 - 1)) \from \nothing;
+ assigns \result \from ptr;
+ */
+struct X *memset_st_X_0(struct X *ptr, size_t len)
+{
+ struct X *__retres;
+ __retres = (struct X *)memset((void *)ptr,0,len);
+ return __retres;
+}
+
+void test(void)
+{
+ struct X x;
+ memset_st_X_0(& x,sizeof(x));
+ return;
+}
+
+
diff --git a/src/plugins/instantiate/tests/string/oracle/memset_nested_union.res.oracle b/src/plugins/instantiate/tests/string/oracle/memset_nested_union.res.oracle
new file mode 100644
index 0000000000000000000000000000000000000000..7185fe7a66598d4ad182720f927ea6e5f4ed4a8b
--- /dev/null
+++ b/src/plugins/instantiate/tests/string/oracle/memset_nested_union.res.oracle
@@ -0,0 +1,42 @@
+[kernel] Parsing tests/string/memset_nested_union.c (with preprocessing)
+[instantiate] tests/string/memset_nested_union.c:10: Warning:
+ memset instantiator cannot replace call
+/* Generated by Frama-C */
+#include "stddef.h"
+#include "string.h"
+#include "strings.h"
+union U {
+ int x ;
+ unsigned int y ;
+};
+struct X {
+ union U u ;
+};
+void test(void)
+{
+ struct X x;
+ memset((void *)(& x),0,sizeof(x));
+ return;
+}
+
+
+[kernel] Parsing tests/string/result/memset_nested_union.c (with preprocessing)
+/* Generated by Frama-C */
+#include "stddef.h"
+#include "string.h"
+#include "strings.h"
+union U {
+ int x ;
+ unsigned int y ;
+};
+struct X {
+ union U u ;
+};
+void test(void)
+{
+ struct X x;
+ memset((void *)(& x),0,sizeof(x));
+ return;
+}
+
+
diff --git a/src/plugins/instantiate/tests/string/oracle/memset_value.res.oracle b/src/plugins/instantiate/tests/string/oracle/memset_value.res.oracle
index 26ed27864cc376fc2578df1e457c44cec81850ec..5ece8370f6baf098afc773974cb82a40f53df732 100644
--- a/src/plugins/instantiate/tests/string/oracle/memset_value.res.oracle
+++ b/src/plugins/instantiate/tests/string/oracle/memset_value.res.oracle
@@ -1,28 +1,40 @@
[kernel] Parsing tests/string/memset_value.c (with preprocessing)
[instantiate] tests/string/memset_value.c:26: Warning:
- Ignore call: not well typed
+ memset instantiator cannot replace call
[instantiate] tests/string/memset_value.c:27: Warning:
- Ignore call: not well typed
-[instantiate] tests/string/memset_value.c:31: Warning:
- Ignore call: not well typed
+ memset instantiator cannot replace call
[instantiate] tests/string/memset_value.c:32: Warning:
- Ignore call: not well typed
-[instantiate] tests/string/memset_value.c:36: Warning:
- Ignore call: not well typed
+ memset instantiator cannot replace call
+[instantiate] tests/string/memset_value.c:33: Warning:
+ memset instantiator cannot replace call
[instantiate] tests/string/memset_value.c:37: Warning:
- Ignore call: not well typed
-[instantiate] tests/string/memset_value.c:41: Warning:
- Ignore call: not well typed
+ memset instantiator cannot replace call
+[instantiate] tests/string/memset_value.c:38: Warning:
+ memset instantiator cannot replace call
[instantiate] tests/string/memset_value.c:42: Warning:
- Ignore call: not well typed
-[instantiate] tests/string/memset_value.c:46: Warning:
- Ignore call: not well typed
+ memset instantiator cannot replace call
+[instantiate] tests/string/memset_value.c:43: Warning:
+ memset instantiator cannot replace call
[instantiate] tests/string/memset_value.c:47: Warning:
- Ignore call: not well typed
-[instantiate] tests/string/memset_value.c:51: Warning:
- Ignore call: not well typed
+ memset instantiator cannot replace call
+[instantiate] tests/string/memset_value.c:48: Warning:
+ memset instantiator cannot replace call
[instantiate] tests/string/memset_value.c:52: Warning:
- Ignore call: not well typed
+ memset instantiator cannot replace call
+[instantiate] tests/string/memset_value.c:53: Warning:
+ memset instantiator cannot replace call
+[instantiate] tests/string/memset_value.c:57: Warning:
+ memset instantiator cannot replace call
+[instantiate] tests/string/memset_value.c:58: Warning:
+ memset instantiator cannot replace call
+[instantiate] tests/string/memset_value.c:62: Warning:
+ memset instantiator cannot replace call
+[instantiate] tests/string/memset_value.c:63: Warning:
+ memset instantiator cannot replace call
+[instantiate] tests/string/memset_value.c:67: Warning:
+ memset instantiator cannot replace call
+[instantiate] tests/string/memset_value.c:68: Warning:
+ memset instantiator cannot replace call
/* Generated by Frama-C */
#include "stddef.h"
#include "string.h"
@@ -32,6 +44,12 @@ struct X {
int y ;
};
typedef int named;
+enum E {
+ A = 0,
+ B = 1,
+ C = 2
+};
+struct incomplete;
/*@ requires in_bounds_value: -128 ≤ value < 128;
requires valid_dest: \valid(ptr + (0 .. len - 1));
ensures
@@ -114,6 +132,13 @@ void integer(int * /*[10]*/ dest, int value)
return;
}
+void with_enum(enum E * /*[10]*/ dest, int value)
+{
+ enum E *res = memset((void *)dest,value,(unsigned int)10 * sizeof(enum E));
+ memset((void *)res,value,(unsigned int)10 * sizeof(enum E));
+ return;
+}
+
void with_named(named * /*[10]*/ dest, int value)
{
named *res = memset((void *)dest,value,(unsigned int)10 * sizeof(named));
@@ -151,27 +176,22 @@ void with_void(void *dest, int value)
return;
}
+void with_incomplete(struct incomplete *dest, int value)
+{
+ struct incomplete *res = memset((void *)dest,value,(unsigned int)10);
+ memset((void *)res,value,(unsigned int)10);
+ return;
+}
+
+void with_null_or_int(int value)
+{
+ memset((void *)0,value,(unsigned int)10);
+ memset((void *)((int *)42),value,(unsigned int)10);
+ return;
+}
+
[kernel] Parsing tests/string/result/memset_value.c (with preprocessing)
-[kernel] Parsing tests/string/memset_value.c (with preprocessing)
-[kernel] tests/string/memset_value.c:10: Warning:
- dropping duplicate def'n of func chars at tests/string/memset_value.c:10 in favor of that at tests/string/result/memset_value.c:26
-[kernel] tests/string/memset_value.c:15: Warning:
- dropping duplicate def'n of func uchars at tests/string/memset_value.c:15 in favor of that at tests/string/result/memset_value.c:50
-[kernel] tests/string/memset_value.c:20: Warning:
- dropping duplicate def'n of func nested_chars at tests/string/memset_value.c:20 in favor of that at tests/string/result/memset_value.c:78
-[kernel] tests/string/memset_value.c:25: Warning:
- dropping duplicate def'n of func integer at tests/string/memset_value.c:25 in favor of that at tests/string/result/memset_value.c:85
-[kernel] tests/string/memset_value.c:30: Warning:
- dropping duplicate def'n of func with_named at tests/string/memset_value.c:30 in favor of that at tests/string/result/memset_value.c:92
-[kernel] tests/string/memset_value.c:35: Warning:
- dropping duplicate def'n of func structure at tests/string/memset_value.c:35 in favor of that at tests/string/result/memset_value.c:99
-[kernel] tests/string/memset_value.c:40: Warning:
- dropping duplicate def'n of func pointers at tests/string/memset_value.c:40 in favor of that at tests/string/result/memset_value.c:107
-[kernel] tests/string/memset_value.c:45: Warning:
- dropping duplicate def'n of func nested at tests/string/memset_value.c:45 in favor of that at tests/string/result/memset_value.c:114
-[kernel] tests/string/memset_value.c:50: Warning:
- dropping duplicate def'n of func with_void at tests/string/memset_value.c:50 in favor of that at tests/string/result/memset_value.c:122
/* Generated by Frama-C */
#include "stddef.h"
#include "string.h"
@@ -181,6 +201,12 @@ struct X {
int y ;
};
typedef int named;
+enum E {
+ A = 0,
+ B = 1,
+ C = 2
+};
+struct incomplete;
/*@ requires in_bounds_value: -128 ≤ value < 128;
requires valid_dest: \valid(ptr + (0 .. len - 1));
ensures
@@ -268,6 +294,13 @@ void integer(int *dest, int value)
return;
}
+void with_enum(enum E *dest, int value)
+{
+ enum E *res = memset((void *)dest,value,(unsigned int)10 * sizeof(enum E));
+ memset((void *)res,value,(unsigned int)10 * sizeof(enum E));
+ return;
+}
+
void with_named(named *dest, int value)
{
named *res = memset((void *)dest,value,(unsigned int)10 * sizeof(named));
@@ -305,4 +338,18 @@ void with_void(void *dest, int value)
return;
}
+void with_incomplete(struct incomplete *dest, int value)
+{
+ struct incomplete *res = memset((void *)dest,value,(unsigned int)10);
+ memset((void *)res,value,(unsigned int)10);
+ return;
+}
+
+void with_null_or_int(int value)
+{
+ memset((void *)0,value,(unsigned int)10);
+ memset((void *)((int *)42),value,(unsigned int)10);
+ return;
+}
+
diff --git a/src/plugins/instantiate/tests/string/test_config b/src/plugins/instantiate/tests/string/test_config
index dba5b7b5f4a3904ab10ba039dce5bee0734e2101..0bfb957513347953e1c1eb05f79e0722c5fcaa2f 100644
--- a/src/plugins/instantiate/tests/string/test_config
+++ b/src/plugins/instantiate/tests/string/test_config
@@ -1 +1 @@
-OPT: @PTEST_FILE@ -instantiate -print -check -then -ocode @PTEST_DIR@/result/@PTEST_NAME@.c -print -then -no-instantiate @PTEST_DIR@/result/@PTEST_NAME@.c @PTEST_FILE@ -ocode="" -print
\ No newline at end of file
+OPT: @PTEST_FILE@ -instantiate -print -check -then -ocode @PTEST_DIR@/result/@PTEST_NAME@.c -print -then -no-instantiate @PTEST_DIR@/result/@PTEST_NAME@.c -ocode="" -print
\ No newline at end of file
diff --git a/src/plugins/instantiate/transform.ml b/src/plugins/instantiate/transform.ml
index 6324749d9de154de754e55cfb735f76934c1f267..590ee506dbdb151d26053806b4baa26e4f15d373 100644
--- a/src/plugins/instantiate/transform.ml
+++ b/src/plugins/instantiate/transform.ml
@@ -29,12 +29,6 @@ let register (module G: Generator_sig) =
let module Instantiator = Make_instantiator(G) in
Hashtbl.add base G.function_name (module Instantiator)
-let mark_as_computed () =
- let mark_as_computed _ instantiator =
- let module I = (val instantiator: Instantiator) in I.mark_as_computed ()
- in
- Hashtbl.iter mark_as_computed base
-
let get_kfs () =
let get_kfs _ instantiator =
let module I = (val instantiator: Instantiator) in
@@ -43,6 +37,14 @@ let get_kfs () =
in
Hashtbl.fold (fun k v l -> (get_kfs k v) @ l) base []
+let clear () =
+ Global_context.clear () ;
+ let clear _ instantiator =
+ let module I = (val instantiator: Instantiator) in
+ I.clear ()
+ in
+ Hashtbl.iter clear base
+
module VISet = Cil_datatype.Varinfo.Hptset
class transformer = object(self)
@@ -53,9 +55,9 @@ class transformer = object(self)
method! vfile _ =
let post f =
+ f.globals <- (Global_context.globals (Cil.CurrentLoc.get())) @ f.globals ;
Ast.mark_as_changed () ;
Ast.mark_as_grown () ;
- mark_as_computed () ;
f
in
Cil.DoChildrenPost post
@@ -90,21 +92,23 @@ class transformer = object(self)
method private replace_call (lval, fct, args) =
try
let module I = (val (self#find_enabled_instantiator fct): Instantiator) in
- if I.well_typed_call lval args then
- let key = I.key_from_call lval args in
+ if I.well_typed_call lval fct args then
+ let key = I.key_from_call lval fct args in
let fundec = I.get_override key in
let new_args = I.retype_args key args in
Queue.add fundec used_instantiator_last_kf ;
(fundec.svar), new_args
else begin
- Options.warning ~current:true "Ignore call: not well typed" ;
+ Options.warning
+ ~current:true "%s instantiator cannot replace call" fct.vname ;
(fct, args)
end
with
| Not_found -> (fct, args)
method! vinst = function
- | Call(_) | Local_init(_, ConsInit(_, _, Plain_func), _) ->
+ | Call(_, { enode = Lval((Var _), NoOffset)} , _, _)
+ | Local_init(_, ConsInit(_ , _, Plain_func), _) ->
let change = function
| [ Call(r, ({ enode = Lval((Var f), NoOffset) } as e), args, loc) ] ->
let f, args = self#replace_call (r, f, args) in
@@ -125,6 +129,7 @@ let compute_call_preconditions_statuses kf =
let stmt = Kernel_function.find_first_stmt kf in
let _ = Kernel_function.find_all_enclosing_blocks stmt in
match stmt.skind with
+ | Instr (Local_init(_, ConsInit(fct, _, Plain_func), _))
| Instr (Call(_, { enode = Lval ((Var fct), NoOffset) }, _, _)) ->
let called_kf = Globals.Functions.get fct in
Statuses_by_call.setup_all_preconditions_proxies called_kf ;
@@ -132,7 +137,8 @@ let compute_call_preconditions_statuses kf =
~warn_missing:true called_kf stmt
in
List.iter (fun (_, p) -> validate_property p) reqs ;
- | _ -> assert false
+ | _ ->
+ Options.fatal "Transformation: unexpected instruction kind on precondition"
let compute_postconditions_statuses kf =
let posts bhv =
@@ -155,5 +161,7 @@ let compute_statuses_all_kfs () =
List.iter compute_comp_disj_statuses kfs
let transform file =
+ clear () ;
Visitor.visitFramacFile (new transformer) file ;
+ File.reorder_ast () ;
compute_statuses_all_kfs ()
diff --git a/src/plugins/occurrence/register_gui.ml b/src/plugins/occurrence/register_gui.ml
index aafb865f3497f88cab6436031f261d94e62c2a72..d7b8da68dfc8abe36b54c7f5c9b0073c70a51d49 100644
--- a/src/plugins/occurrence/register_gui.ml
+++ b/src/plugins/occurrence/register_gui.ml
@@ -127,7 +127,7 @@ let occurrence_highlighter buffer loc ~start ~stop =
| PTermLval (_,ki,_,term_lval) ->
let same_tlval (_kf, k, l) =
Logic_utils.is_same_tlval
- (Logic_utils.lval_to_term_lval ~cast:true l)
+ (Logic_utils.lval_to_term_lval l)
term_lval
&& Kinstr.equal k ki
in
diff --git a/src/plugins/report/report_parameters.ml b/src/plugins/report/report_parameters.ml
index 5b0cda998d8e92017f9bde8ae8d685638010defa..6d20e0933f3e42525189881eb7432741d0c65df6 100644
--- a/src/plugins/report/report_parameters.ml
+++ b/src/plugins/report/report_parameters.ml
@@ -24,7 +24,7 @@ include Plugin.Register
(struct
let name = "report"
let shortname = "report"
- let help = "Properties Status Report (experimental)"
+ let help = "Properties Status Report"
end)
module Print =
diff --git a/src/plugins/report/tests/report/oracle/csv.csv b/src/plugins/report/tests/report/oracle/csv.csv
index c44a659ed70c59996a52187b9e77c2f1e8253048..4a8fc2e347b0524ed2dd3a46002026834a250e5d 100644
--- a/src/plugins/report/tests/report/oracle/csv.csv
+++ b/src/plugins/report/tests/report/oracle/csv.csv
@@ -1,5 +1,5 @@
directory file line function property kind status property
-FRAMAC_SHARE/libc math.h 522 pow precondition Unknown finite_logic_res: \is_finite(pow(x, y))
+FRAMAC_SHARE/libc math.h 525 pow precondition Unknown finite_logic_res: \is_finite(pow(x, y))
tests/report csv.c 11 main1 signed_overflow Unknown -2147483648 ≤ x * x
tests/report csv.c 11 main1 signed_overflow Unknown x * x ≤ 2147483647
tests/report csv.c 12 main1 index_bound Unknown 0 ≤ x
diff --git a/src/plugins/rte/flags.ml b/src/plugins/rte/flags.ml
index 5a5efb9c60c333de0bf18346135e72ea20f3f04d..fea846e8b1989abd969c2b70363767b2379fd136 100644
--- a/src/plugins/rte/flags.ml
+++ b/src/plugins/rte/flags.ml
@@ -36,9 +36,11 @@ type t = {
unsigned_overflow: bool;
signed_downcast: bool;
unsigned_downcast: bool;
+ pointer_downcast: bool;
float_to_int: bool;
finite_float: bool;
pointer_call: bool;
+ pointer_value: bool;
bool_value: bool;
}
@@ -54,9 +56,11 @@ let all = {
unsigned_overflow = true;
signed_downcast = true;
unsigned_downcast = true;
+ pointer_downcast = true;
float_to_int = true;
finite_float = true;
pointer_call = true;
+ pointer_value = true;
bool_value = true;
}
@@ -72,9 +76,11 @@ let none = {
unsigned_overflow = false;
signed_downcast = false;
unsigned_downcast = false;
+ pointer_downcast = false;
float_to_int = false;
finite_float = false;
pointer_call = false;
+ pointer_value = false;
bool_value = false;
}
@@ -95,9 +101,11 @@ let default
?unsigned_overflow
?signed_downcast
?unsigned_downcast
+ ?pointer_downcast
?float_to_int
?finite_float
?pointer_call
+ ?pointer_value
?bool_value
() =
{
@@ -112,9 +120,11 @@ let default
unsigned_overflow = option Kernel.UnsignedOverflow.get unsigned_overflow ;
signed_downcast = option Kernel.SignedDowncast.get signed_downcast ;
unsigned_downcast = option Kernel.UnsignedDowncast.get unsigned_downcast ;
+ pointer_downcast = option Kernel.PointerDowncast.get pointer_downcast ;
float_to_int = option Options.DoFloatToInt.get float_to_int ;
finite_float = option (fun () -> Kernel.SpecialFloat.get () <> "none") finite_float ;
pointer_call = option Options.DoPointerCall.get pointer_call ;
+ pointer_value = option Kernel.InvalidPointer.get pointer_value;
bool_value = option Kernel.InvalidBool.get bool_value ;
}
diff --git a/src/plugins/rte/flags.mli b/src/plugins/rte/flags.mli
index f90a63a3afa4e02c1b7bb15b94c0a68857ae633a..fc1a7b6f4d7cf274a86954c51a4cf4c900b0e7e5 100644
--- a/src/plugins/rte/flags.mli
+++ b/src/plugins/rte/flags.mli
@@ -38,9 +38,11 @@ type t = {
unsigned_overflow: bool;
signed_downcast: bool;
unsigned_downcast: bool;
+ pointer_downcast: bool;
float_to_int: bool;
finite_float: bool;
pointer_call: bool;
+ pointer_value: bool;
bool_value: bool;
}
@@ -57,9 +59,11 @@ val default :
?unsigned_overflow:bool ->
?signed_downcast:bool ->
?unsigned_downcast:bool ->
+ ?pointer_downcast:bool ->
?float_to_int:bool ->
?finite_float:bool ->
?pointer_call:bool ->
+ ?pointer_value:bool ->
?bool_value:bool ->
unit -> t
diff --git a/src/plugins/rte/generator.ml b/src/plugins/rte/generator.ml
index 67214fae804fe5ab58da7821c3507b3f8aebb3cd..4c84ce9c126543da6535ca91d6b455e1624eb830 100644
--- a/src/plugins/rte/generator.ml
+++ b/src/plugins/rte/generator.ml
@@ -83,6 +83,14 @@ module Mem_access =
let additional_parameters = [ Kernel.SafeArrays.parameter ]
end)
+module Pointer_value =
+ Make
+ (struct
+ let name = "pointer_value"
+ let parameter = Kernel.InvalidPointer.parameter
+ let additional_parameters = []
+ end)
+
module Pointer_call =
Make
(struct
@@ -155,6 +163,14 @@ module Unsigned_downcast =
let additional_parameters = []
end)
+module Pointer_downcast =
+ Make
+ (struct
+ let name = "pointer_downcast"
+ let parameter = Kernel.PointerDowncast.parameter
+ let additional_parameters = []
+ end)
+
module Float_to_int =
Make
(struct
diff --git a/src/plugins/rte/generator.mli b/src/plugins/rte/generator.mli
index 1e1c61ccd3a87124d5ef785ef2ef72e73f23d123..0116b9d7698346c6a8811defdb08ceb55039adb7 100644
--- a/src/plugins/rte/generator.mli
+++ b/src/plugins/rte/generator.mli
@@ -30,6 +30,7 @@ end
module Initialized: S
module Mem_access: S
+module Pointer_value: S
module Pointer_call: S
module Div_mod: S
module Shift: S
@@ -39,6 +40,7 @@ module Signed_overflow: S
module Signed_downcast: S
module Unsigned_overflow: S
module Unsigned_downcast: S
+module Pointer_downcast: S
module Float_to_int: S
module Finite_float: S
module Bool_value: S
diff --git a/src/plugins/rte/options.ml b/src/plugins/rte/options.ml
index d46193ae8e0cac9c12209bd96f17bd456a06d528..e5ad90472cfc4dd5a71691dbb0acc58a811c234d 100644
--- a/src/plugins/rte/options.ml
+++ b/src/plugins/rte/options.ml
@@ -20,8 +20,7 @@
(* *)
(**************************************************************************)
-let help_msg = "generates annotations for runtime error checking and \
- preconditions at call sites"
+let help_msg = "generates annotations for runtime error checking"
include Plugin.Register
(struct
diff --git a/src/plugins/rte/register.ml b/src/plugins/rte/register.ml
index ed9296659abc8dc7463e90a2c1ec372b45cd1c8e..cb4f763b97e52d084b722c3e6422f778ad03e0e7 100644
--- a/src/plugins/rte/register.ml
+++ b/src/plugins/rte/register.ml
@@ -93,8 +93,10 @@ let () =
nojournal_register get_pointerCall_status Pointer_call.accessor;
nojournal_register get_unsignedOv_status Unsigned_overflow.accessor;
nojournal_register get_unsignedDownCast_status Unsigned_downcast.accessor;
+ nojournal_register get_pointer_downcast_status Pointer_downcast.accessor;
nojournal_register get_float_to_int_status Float_to_int.accessor;
nojournal_register get_finite_float_status Finite_float.accessor;
+ nojournal_register get_pointer_value_status Pointer_value.accessor;
nojournal_register get_bool_value_status Bool_value.accessor ;
nojournal_register get_all_status all_statuses;
;;
@@ -110,8 +112,7 @@ let _ =
~journalize:false
Generator.emitter
-(* retrieve list of generated rte annotations (not precond) for
- a given stmt *)
+(* retrieve list of generated rte annotations for a given stmt *)
let _ignore =
Dynamic.register
~comment:"Get the list of annotations previously emitted by RTE for the \
@@ -147,8 +148,7 @@ let _ignore =
Visit.get_annotations_exp
let main () =
- (* reset "rte generated"/"called precond generated" properties for all
- functions *)
+ (* reset "rte generated" properties for all functions *)
if Options.Enabled.get () then begin
Options.feedback ~level:2 "generating annotations";
!Db.RteGen.compute ();
diff --git a/src/plugins/rte/rte.ml b/src/plugins/rte/rte.ml
index ad09f17f5533787fd4579322c2bd0d2d88e1560c..16845eed8d574889527464bbff6a589dcd4c9b0b 100644
--- a/src/plugins/rte/rte.ml
+++ b/src/plugins/rte/rte.ml
@@ -357,88 +357,42 @@ let shift_overflow_assertion ~signed ~remove_trivial ~on_alarm (exp, op, lexp, r
end
else overflow_alarm ()
-(* assertion for downcasting an integer to an unsigned integer type
- without requiring modification of value to reach target domain
- (well-defined behavior though) *)
-let unsigned_downcast_assertion ~remove_trivial ~on_alarm (ty, exp) =
- let e_typ = Cil.unrollType (Cil.typeOf exp) in
- match e_typ with
- | TInt (kind,_) ->
- let szTo = Cil.bitsSizeOfBitfield ty in
- let szFrom = Cil.bitsSizeOf e_typ in
- (if szTo < szFrom || Cil.isSigned kind then
- (* case signed to unsigned:
- requires signed to be >= 0 and also <= max of unsigned size *)
- (* cast unsigned to unsigned:
- ok is same bit size ;
- if target is <, requires <= max target *)
- let max_ty = Cil.max_unsigned_number szTo in
- let alarm ?(invalid=false) bk =
- let b = match bk with
- | Lower_bound -> Integer.zero
- | Upper_bound -> max_ty
- in
- let a = Alarms.Overflow (Alarms.Unsigned_downcast, exp, b, bk) in
- on_alarm ~invalid a;
- in
- let alarms () =
- if Cil.isSigned kind then begin (* signed to unsigned *)
- alarm Upper_bound;
- alarm Lower_bound;
- end else (* unsigned to unsigned; cannot overflow in the negative *)
- alarm Upper_bound;
- in
- if remove_trivial then begin
- match get_expr_val exp with
- | None -> alarms ()
- | Some a64 ->
- if Integer.lt a64 Integer.zero then
- alarm ~invalid:true Lower_bound
- else if Integer.gt a64 max_ty then
- alarm ~invalid:true Upper_bound
- end
- else alarms ())
- | _ -> ()
-
-(* assertion for downcasting an integer to a signed integer type
- which can raise an implementation defined behavior *)
-let signed_downcast_assertion ~remove_trivial ~on_alarm (ty, exp) =
- let e_typ = Cil.unrollType (Cil.typeOf exp) in
- match e_typ with
- | TInt (kind,_) ->
- (let szTo = Cil.bitsSizeOfBitfield ty in
- let szFrom = Cil.bitsSizeOf e_typ in
- if szTo < szFrom || (szTo == szFrom && not (Cil.isSigned kind)) then
- (* downcast: the expression result should fit on szTo bits *)
- let min_ty = Cil.min_signed_number szTo in
- let max_ty = Cil.max_signed_number szTo in
- let alarm ?(invalid=false) bk =
- let b = match bk with
- | Lower_bound -> min_ty
- | Upper_bound -> max_ty
- in
- let a = Alarms.Overflow (Alarms.Signed_downcast, exp, b, bk) in
- on_alarm ~invalid a;
- in
- let alarms () =
- if Cil.isSigned kind then begin
- (* signed to signed *)
- alarm Upper_bound;
- alarm Lower_bound
- end else (* (unsigned to signed; cannot overflow in the negative *)
- alarm Upper_bound
- in
- if remove_trivial then begin
- match get_expr_val exp with
- | None -> alarms ()
- | Some a64 ->
- (if Integer.lt a64 min_ty then
- alarm ~invalid:true Lower_bound
- else if Integer.gt a64 max_ty then
- alarm ~invalid:true Upper_bound)
- end
- else alarms ())
- | _ -> ()
+(* Assertion for downcasts. *)
+let downcast_assertion ~remove_trivial ~on_alarm (dst_type, exp) =
+ let src_type = Cil.typeOf exp in
+ let src_signed = Cil.isSignedInteger src_type in
+ let dst_signed = Cil.isSignedInteger dst_type in
+ let src_size = Cil.bitsSizeOf src_type in
+ let dst_size = Cil.bitsSizeOfBitfield dst_type in
+ if dst_size < src_size || dst_size == src_size && dst_signed <> src_signed
+ then
+ let dst_min, dst_max =
+ if dst_signed
+ then Cil.min_signed_number dst_size, Cil.max_signed_number dst_size
+ else Integer.zero, Cil.max_unsigned_number dst_size
+ in
+ let overflow_kind =
+ if Cil.isPointerType src_type
+ then Alarms.Pointer_downcast
+ else if dst_signed
+ then Alarms.Signed_downcast
+ else Alarms.Unsigned_downcast
+ in
+ let alarm ?(invalid=false) bound bound_kind =
+ let a = Alarms.Overflow (overflow_kind, exp, bound, bound_kind) in
+ on_alarm ~invalid a;
+ in
+ let alarms () =
+ alarm dst_max Upper_bound;
+ (* unsigned values cannot overflow in the negative *)
+ if src_signed then alarm dst_min Lower_bound;
+ in
+ match remove_trivial, get_expr_val exp with
+ | true, Some a64 ->
+ let invalid = true in
+ if Integer.lt a64 dst_min then alarm ~invalid dst_min Lower_bound
+ else if Integer.gt a64 dst_max then alarm ~invalid dst_max Upper_bound
+ | _ -> alarms ()
(* assertion for casting a floating-point value to an integer *)
let float_to_int_assertion ~remove_trivial ~on_alarm (ty, exp) =
@@ -497,6 +451,24 @@ let finite_float_assertion ~remove_trivial:_ ~on_alarm (fkind, exp) =
let pointer_call ~remove_trivial:_ ~on_alarm (e, args) =
on_alarm ~invalid:false (Alarms.Function_pointer (e, Some args))
+let is_safe_pointer_value = function
+ | Lval (Var vi, offset) ->
+ (* Reading a pointer variable must emit an alarm if an invalid pointer value
+ could have been written without previous alarm, through:
+ - an union type, in which case [offset] is not NoOffset;
+ - an untyped write, in which case the address of [vi] is taken. *)
+ not vi.vaddrof && offset = NoOffset
+ | AddrOf (_, NoOffset) | StartOf (_, NoOffset) -> true
+ | CastE (_typ, e) ->
+ (* 0 can always be converted into a NULL pointer. *)
+ let v = get_expr_val e in
+ Extlib.may_map ~dft:false Integer.(equal zero) v
+ | _ -> false
+
+let pointer_value ~remove_trivial ~on_alarm expr =
+ if not (remove_trivial && is_safe_pointer_value expr.enode)
+ then on_alarm ~invalid:false (Alarms.Invalid_pointer expr)
+
let bool_value ~remove_trivial ~on_alarm lv =
match remove_trivial, lv with
| true, (Var vi, NoOffset)
diff --git a/src/plugins/rte/rte.mli b/src/plugins/rte/rte.mli
index 766fa82c8568a3ee0a48717c8664e32fd5f7ac61..c7a292c92cad6f05ceb1b015448c85c4ccbf9e26 100644
--- a/src/plugins/rte/rte.mli
+++ b/src/plugins/rte/rte.mli
@@ -40,11 +40,11 @@ val shift_negative_assertion: exp alarm_gen
val shift_overflow_assertion: signed:bool -> (exp * binop * exp * exp) alarm_gen
val mult_sub_add_assertion: signed:bool -> (exp * binop * exp * exp) alarm_gen
val uminus_assertion: exp alarm_gen
-val signed_downcast_assertion: (typ * exp) alarm_gen
-val unsigned_downcast_assertion: (typ * exp) alarm_gen
+val downcast_assertion: (typ * exp) alarm_gen
val float_to_int_assertion: (typ * exp) alarm_gen
val finite_float_assertion: (fkind * exp) alarm_gen
val pointer_call: (exp * exp list) alarm_gen
+val pointer_value: exp alarm_gen
val bool_value: lval alarm_gen
(*
diff --git a/src/plugins/rte/visit.ml b/src/plugins/rte/visit.ml
index 2592651085e9ff2cdbdfb3c001d3190e7503343a..36c092b8a7ca1adc1f69f5179f552820a8e5644d 100644
--- a/src/plugins/rte/visit.ml
+++ b/src/plugins/rte/visit.ml
@@ -86,6 +86,10 @@ class annot_visitor kf flags on_alarm = object (self)
flags.Flags.unsigned_downcast
&& not (Generator.Unsigned_downcast.is_computed kf)
+ method private do_pointer_downcast () =
+ flags.Flags.pointer_downcast
+ && not (Generator.Pointer_downcast.is_computed kf)
+
method private do_float_to_int () =
flags.Flags.float_to_int && not (Generator.Float_to_int.is_computed kf)
@@ -95,6 +99,9 @@ class annot_visitor kf flags on_alarm = object (self)
method private do_pointer_call () =
flags.Flags.pointer_call && not (Generator.Pointer_call.is_computed kf)
+ method private do_pointer_value () =
+ flags.Flags.pointer_value && not (Generator.Pointer_value.is_computed kf)
+
method private do_bool_value () =
flags.Flags.bool_value && not (Generator.Bool_value.is_computed kf)
@@ -271,6 +278,9 @@ class annot_visitor kf flags on_alarm = object (self)
self#generate_assertion Rte.finite_float_assertion (fkind,exp)
| _ -> ())
+ | BinOp((PlusPI | MinusPI), _, _, _) when self#do_pointer_value () ->
+ self#generate_assertion Rte.pointer_value exp
+
| UnOp(Neg, exp, ty) ->
(* Note: if unary minus on unsigned integer is to be understood as
"subtracting the promoted value from the largest value
@@ -286,6 +296,8 @@ class annot_visitor kf flags on_alarm = object (self)
| Lval lval ->
(match Cil.(unrollType (typeOfLval lval)) with
+ | TPtr _ when self#do_pointer_value () ->
+ self#generate_assertion Rte.pointer_value exp
| TInt (IBool,_) when self#do_bool_value () ->
self#generate_assertion Rte.bool_value lval
| _ -> ());
@@ -307,15 +319,18 @@ class annot_visitor kf flags on_alarm = object (self)
| CastE (ty, e) ->
(match Cil.unrollType ty, Cil.unrollType (Cil.typeOf e) with
(* to , from *)
+ | TInt _, TPtr _ when self#do_pointer_downcast () ->
+ self#generate_assertion Rte.downcast_assertion (ty, e)
+ | TPtr _, TInt _ when self#do_pointer_value () ->
+ self#generate_assertion Rte.pointer_value exp
+
| TInt(kind,_), TInt (_, _) ->
- if Cil.isSigned kind then begin
- if self#do_signed_downcast () then begin
- self#generate_assertion Rte.signed_downcast_assertion (ty, e);
- self#mark_to_skip e;
- end
- end
- else if self#do_unsigned_downcast () then
- self#generate_assertion Rte.unsigned_downcast_assertion (ty, e)
+ let signed = Cil.isSigned kind in
+ if signed && self#do_signed_downcast ()
+ || not signed && self#do_unsigned_downcast ()
+ then self#generate_assertion Rte.downcast_assertion (ty, e);
+ if signed && self#do_signed_downcast ()
+ then self#mark_to_skip e;
| TInt _, TFloat _ ->
if self#do_float_to_int () then
@@ -334,8 +349,9 @@ class annot_visitor kf flags on_alarm = object (self)
| FP_nan ->
self#generate_assertion Rte.finite_float_assertion (fkind,exp)
end
- | StartOf _
- | AddrOf _
+ | StartOf _ | AddrOf _ ->
+ if self#do_pointer_value ()
+ then self#generate_assertion Rte.pointer_value exp
| Info _
| UnOp _
| Const _
@@ -446,6 +462,7 @@ let annotate ?flags kf =
let open Flags in
if comp Initialized.accessor flags.initialized |||
comp Mem_access.accessor flags.mem_access |||
+ comp Pointer_value.accessor flags.pointer_value |||
comp Pointer_call.accessor flags.pointer_call |||
comp Div_mod.accessor flags.div_mod |||
comp Shift.accessor flags.shift |||
@@ -455,6 +472,7 @@ let annotate ?flags kf =
comp Signed_downcast.accessor flags.signed_downcast |||
comp Unsigned_overflow.accessor flags.unsigned_overflow |||
comp Unsigned_downcast.accessor flags.unsigned_downcast |||
+ comp Pointer_downcast.accessor flags.pointer_downcast |||
comp Float_to_int.accessor flags.float_to_int |||
comp Finite_float.accessor flags.finite_float |||
comp Bool_value.accessor flags.bool_value
diff --git a/src/plugins/server/server_parameters.ml b/src/plugins/server/server_parameters.ml
index 85c087ec0a2a790564f83efd1d8c3cc856a92626..be9b5da15c6ad6f271c9bd6cb764422eee3f0cfa 100644
--- a/src/plugins/server/server_parameters.ml
+++ b/src/plugins/server/server_parameters.ml
@@ -28,7 +28,7 @@ module P = Plugin.Register
(struct
let name = "Server"
let shortname = "server"
- let help = "Frama-C Request Server"
+ let help = "Frama-C Request Server (experimental)"
end)
include P
diff --git a/src/plugins/server/tests/batch/oracle/ast_services.out.json b/src/plugins/server/tests/batch/oracle/ast_services.out.json
index 40a40546e0dd93809a46d584a1df5efa783faf27..726bac4cc75f3863d36f06f756c46bc1893de6d9 100644
--- a/src/plugins/server/tests/batch/oracle/ast_services.out.json
+++ b/src/plugins/server/tests/batch/oracle/ast_services.out.json
@@ -4,7 +4,7 @@
"id": "printFunction",
"data": [
"",
- [ "#v19", "void f(void)" ],
+ [ "#v21", "void f(void)" ],
"\n{\n ",
[ "#s7", [ "#k7", "return;" ] ],
"\n}\n",
diff --git a/src/plugins/studia/studia_gui.ml b/src/plugins/studia/studia_gui.ml
index a235a6f490b520aa0db97e6cac358fc885b0e5fc..65638eed8780190662e21de733954378956fda8c 100644
--- a/src/plugins/studia/studia_gui.ml
+++ b/src/plugins/studia/studia_gui.ml
@@ -54,7 +54,7 @@ let get_lval_opt main_ui kf localizable =
match localizable with
| Pretty_source.PLval (Some _kf, (Kstmt _stmt), lv) ->
let lv_txt = Pretty_utils.to_string Printer.pp_lval lv in
- let tlv = Logic_utils.lval_to_term_lval ~cast:false lv in
+ let tlv = Logic_utils.lval_to_term_lval lv in
Some (lv_txt, tlv)
| Pretty_source.PTermLval (Some _kf, (Kstmt _stmt), _, tlv) ->
let tlv_txt = Pretty_utils.to_string Printer.pp_term_lval tlv in
diff --git a/src/plugins/value/Eva.mli b/src/plugins/value/Eva.mli
index 462e5bdab037f40b4661b084d4ba81580f22bdc2..27f069ce7ee7902b858971a397596890cb19b400 100644
--- a/src/plugins/value/Eva.mli
+++ b/src/plugins/value/Eva.mli
@@ -36,3 +36,22 @@ module Value_parameters: sig
(** Returns the list (name, descr) of currently enabled abstract domains. *)
val enabled_domains: unit -> (string * string) list
end
+
+module Eval_terms: sig
+ (** Evaluation environment, built by [env_annot]. *)
+ type eval_env
+
+ (** Dependencies needed to evaluate a term or a predicate. *)
+ type logic_deps = Locations.Zone.t Cil_datatype.Logic_label.Map.t
+
+ type labels_states = Db.Value.state Cil_datatype.Logic_label.Map.t
+
+ val env_annot :
+ ?c_labels:labels_states -> pre:Db.Value.state -> here:Db.Value.state ->
+ unit -> eval_env
+
+ (** [predicate_deps env p] computes the logic dependencies needed to evaluate
+ [p] in the given evaluation environment [env].
+ @return None on either an evaluation error or on unsupported construct. *)
+ val predicate_deps: eval_env -> Cil_types.predicate -> logic_deps option
+end
diff --git a/src/plugins/value/alarmset.ml b/src/plugins/value/alarmset.ml
index fa27012f076cd1e98586412b941bcc6c1c9411b8..21475b79a7a7d523304ec22c16b5d8ed8b76e2d5 100644
--- a/src/plugins/value/alarmset.ml
+++ b/src/plugins/value/alarmset.ml
@@ -309,6 +309,7 @@ let emit_alarm kinstr alarm (status:status) =
| Alarms.Unsigned -> "unsigned overflow"
| Alarms.Signed_downcast -> "signed downcast"
| Alarms.Unsigned_downcast -> "unsigned downcast"
+ | Alarms.Pointer_downcast -> "pointer downcast"
in
register_alarm str
@@ -331,6 +332,9 @@ let emit_alarm kinstr alarm (status:status) =
| Alarms.Index_out_of_bound _ ->
register_alarm "accessing out of bounds index"
+ | Alarms.Invalid_pointer _ ->
+ register_alarm "invalid pointer creation"
+
| Alarms.Differing_blocks _ ->
register_alarm "pointer subtraction"
@@ -366,6 +370,7 @@ let emit_alarm kinstr alarm (status:status) =
let height_alarm = let open Value_util in function
| Alarms.Division_by_zero e
| Alarms.Index_out_of_bound (e,_)
+ | Alarms.Invalid_pointer e
| Alarms.Invalid_shift (e,_)
| Alarms.Overflow (_,e,_,_)
| Alarms.Float_to_int (e,_,_)
@@ -394,7 +399,25 @@ let height_alarm = let open Value_util in function
let cmp a1 a2 =
Datatype.Int.compare (height_alarm (fst a1)) (height_alarm (fst a2))
+let remove_redundant_alarms map =
+ let filter alarm status =
+ match alarm with
+ | Alarms.Invalid_pointer expr ->
+ let lval = Mem expr, NoOffset in
+ let implies alarm s =
+ status = s &&
+ match alarm with
+ | Alarms.Memory_access (lv, _access_kind) ->
+ Cil_datatype.LvalStructEq.equal lv lval
+ | _ -> false
+ in
+ not (M.exists implies map)
+ | _ -> true
+ in
+ M.filter filter map
+
let emit_alarms kinstr map =
+ let map = remove_redundant_alarms map in
let list = M.bindings map in
let sorted_list = List.sort cmp list in
List.iter (fun (alarm, status) -> emit_alarm kinstr alarm status) sorted_list;
@@ -425,6 +448,7 @@ let warn_alarm warn_mode = function
| Alarms.Invalid_shift _
| Alarms.Memory_access _
| Alarms.Index_out_of_bound _
+ | Alarms.Invalid_pointer _
| Alarms.Is_nan_or_infinite _
| Alarms.Is_nan _
| Alarms.Not_separated _
diff --git a/src/plugins/value/domains/abstract_domain.mli b/src/plugins/value/domains/abstract_domain.mli
index df7e17c543eec3539b3d37cca378284a673cbfe8..c6093135e2a977f3e25c1e8ccea6dc94977a6b66 100644
--- a/src/plugins/value/domains/abstract_domain.mli
+++ b/src/plugins/value/domains/abstract_domain.mli
@@ -134,7 +134,8 @@ module type Queries = sig
- a value for the expression, which can be:
– `Bottom if its evaluation is infeasible;
– `Value (v, o) where [v] is an over-approximation of the abstract
- value of the expression [exp], and [o] is the origin of the value. *)
+ value of the expression [exp], and [o] is the origin of the value,
+ which can be None. *)
(** Query function for compound expressions:
[eval oracle t exp] returns the known value of [exp] by the state [t].
@@ -143,14 +144,14 @@ module type Queries = sig
No recursive evaluation should be done by this function. *)
val extract_expr :
(exp -> value evaluated) ->
- state -> exp -> (value * origin) evaluated
+ state -> exp -> (value * origin option) evaluated
(** Query function for lvalues:
[find oracle t lval typ loc] returns the known value stored at
the location [loc] of the left value [lval] of type [typ]. *)
val extract_lval :
(exp -> value evaluated) ->
- state -> lval -> typ -> location -> (value * origin) evaluated
+ state -> lval -> typ -> location -> (value * origin option) evaluated
(** [backward_location state lval typ loc v] reduces the location [loc] of the
lvalue [lval] of type [typ], so that only the locations that may have value
@@ -357,12 +358,13 @@ module type S = sig
(** Logical evaluation. This API is subject to changes. *)
(* TODO: cooperative evaluation of predicates in the engine. *)
- (** [logic_assign from loc_asgn pre state] applies the effect of the
- [assigns ... \from ...] clause [from] to [state]. [pre] is the state
- before the assign clauses, in which the terms of the clause are evaluated.
- [loc_asgn] is the result of the evaluation of the [assigns] part of [from]
- in [pre]. *)
- val logic_assign: logic_assign -> location -> pre:state -> state -> state
+ (** [logic_assign None loc state] removes from [state] all inferred properties
+ that depend on the memory location [loc].
+ If the first argument is not None, it contains the logical clause being
+ interpreted and the pre-state in which the terms of the clause are
+ evaluated. The clause can be an assigns, allocates or frees clause.
+ [loc] is then the memory location concerned by the clause. *)
+ val logic_assign: (logic_assign * state) option -> location -> state -> state
(** Evaluates a [predicate] to a logical status in the current [state].
The [logic_environment] contains the states at some labels and the
diff --git a/src/plugins/value/domains/apron/apron_domain.ml b/src/plugins/value/domains/apron/apron_domain.ml
index 8915d40c396f57aaf97140bb23e241066397d70f..c21820f2b2dfa19d7132a2b9f646c38321d72881 100644
--- a/src/plugins/value/domains/apron/apron_domain.ml
+++ b/src/plugins/value/domains/apron/apron_domain.ml
@@ -360,7 +360,7 @@ module Make (Man : Input) = struct
type state = Man.t Abstract1.t
type value = Main_values.Interval.t
type location = Precise_locs.precise_location
- type origin = unit
+ type origin
let man = Man.manager
let log_category = dkey
@@ -463,7 +463,7 @@ module Make (Man : Input) = struct
let dummy_oracle _ exn = raise exn
let compute state expr typ =
- let top = `Value (None, ()), Alarmset.all in
+ let top = `Value (None, None), Alarmset.all in
if not (is_relevant expr)
then top
else
@@ -476,7 +476,7 @@ module Make (Man : Input) = struct
let value =
if Interval.is_bottom interval
then `Bottom
- else `Value (interval_to_ival interval, ())
+ else `Value (interval_to_ival interval, None)
in
(* TODO: remove alarms if computation does not overflow *)
value, Alarmset.all
@@ -673,7 +673,7 @@ module Make (Man : Input) = struct
let show_expr _valuation _state _fmt _expr = ()
- let logic_assign _assigns location ~pre:_ state = kill_bases location state
+ let logic_assign _assigns location state = kill_bases location state
let evaluate_predicate _ _ _ = Alarmset.Unknown
let reduce_by_predicate _ state _ _ = `Value state
diff --git a/src/plugins/value/domains/cvalue/builtins.ml b/src/plugins/value/domains/cvalue/builtins.ml
index 2558f8efefb71f7428c8f15d781296edcaa0858e..f992d2c0885c3703f754a4e23eb3ca7a1b3bb23d 100644
--- a/src/plugins/value/domains/cvalue/builtins.ml
+++ b/src/plugins/value/domains/cvalue/builtins.ml
@@ -129,10 +129,15 @@ let inconsistent_builtin_typ kf = function
let expected_result, expected_args = typ () in
match Kernel_function.get_type kf with
| TFun (result, args, _, _) ->
+ (* If a builtin expects a void pointer, then accept all pointer types. *)
+ let need_cast typ expected =
+ Cil.need_cast typ expected
+ && not (Cil.isVoidPtrType expected && Cil.isPointerType typ)
+ in
let args = Cil.argsToList args in
- Cil.need_cast result expected_result
+ need_cast result expected_result
|| List.length args <> List.length expected_args
- || List.exists2 (fun (_, t, _) u -> Cil.need_cast t u) args expected_args
+ || List.exists2 (fun (_, t, _) u -> need_cast t u) args expected_args
| _ -> assert false
(* Warns if the builtin [bname] overrides the function definition [kf]. *)
diff --git a/src/plugins/value/domains/cvalue/builtins_malloc.ml b/src/plugins/value/domains/cvalue/builtins_malloc.ml
index 30c6755737c4cc09fb25b6fc8400db7d79415f3d..dee1382281c94136b19e06645315db71d93de60e 100644
--- a/src/plugins/value/domains/cvalue/builtins_malloc.ml
+++ b/src/plugins/value/domains/cvalue/builtins_malloc.ml
@@ -30,6 +30,9 @@ let dkey = Value_parameters.register_category "malloc"
let wkey_weak_alloc = Value_parameters.register_warn_category "malloc:weak"
let () = Value_parameters.set_warn_status wkey_weak_alloc Log.Winactive
+let wkey_imprecise_alloc = Value_parameters.register_warn_category
+ "malloc:imprecise"
+
(** {1 Dynamically allocated bases} *)
module Base_hptmap = Hptmap.Make
@@ -363,12 +366,99 @@ let () =
(alloc_fresh Weak Base.Malloc)
~typ:(fun () -> (Cil.voidPtrType, [Cil.theMachine.Cil.typeOfSizeOf]))
+module Base_with_Size = Datatype.Pair (Base.Base) (Datatype.Integer)
+
+(* Extremely aggressive and imprecise allocation: a single weak base for each
+ region. *)
+module MallocedSingleMalloc =
+ State_builder.Option_ref (Base_with_Size)
+ (struct
+ let name = "Value.Builtins_malloc.MallocedSingleMalloc"
+ let dependencies = [Ast.self]
+ end)
+let () = Ast.add_monotonic_state MallocedSingleMalloc.self
+
+module MallocedSingleVLA =
+ State_builder.Option_ref (Base_with_Size)
+ (struct
+ let name = "Value.Builtins_malloc.MallocedSingleVLA"
+ let dependencies = [Ast.self]
+ end)
+let () = Ast.add_monotonic_state MallocedSingleVLA.self
+
+module MallocedSingleAlloca =
+ State_builder.Option_ref (Base_with_Size)
+ (struct
+ let name = "Value.Builtins_malloc.MallocedSingleAlloca"
+ let dependencies = [Ast.self]
+ end)
+let () = Ast.add_monotonic_state MallocedSingleAlloca.self
+
+let string_of_region = function
+ | Base.Malloc -> "via malloc/calloc/realloc"
+ | Base.VLA -> "related to variable-length arrays"
+ | Base.Alloca -> "via alloca"
+
+(* Only called when the 'weakest base' needs to be allocated. *)
+let alloc_imprecise_weakest_alloc region =
+ let stack = [ fst (Globals.entry_point ()), Kglobal ] in
+ let type_base =
+ TArray (Cil.charType, None, Cil.empty_size_cache (), [])
+ in
+ let var = create_new_var stack "alloc" type_base Weak in
+ Value_parameters.warning ~wkey:wkey_imprecise_alloc ~current:true ~once:true
+ "allocating a single weak variable for ALL dynamic allocations %s: %a"
+ (string_of_region region) Printer.pp_varinfo var;
+ let min_alloc = Int.minus_one in
+ let max_alloc = Bit_utils.max_bit_address () in
+ let variable_v =
+ Base.create_variable_validity ~weak:true ~min_alloc ~max_alloc
+ in
+ let new_base = Base.register_allocated_var var region (Base.Variable variable_v) in
+ register_malloced_base ~stack new_base;
+ new_base, max_alloc
+
+(* used by calloc_abstract *)
+let alloc_imprecise_weakest_abstract region =
+ let memo =
+ match region with
+ | Base.Malloc -> MallocedSingleMalloc.memo
+ | Base.VLA -> MallocedSingleVLA.memo
+ | Base.Alloca -> MallocedSingleAlloca.memo
+ in
+ memo (fun () -> alloc_imprecise_weakest_alloc region)
+
+let alloc_imprecise_weakest_aux region _stack _prefix _sizev state =
+ let new_base, max_alloc = alloc_imprecise_weakest_abstract region in
+ let new_state = add_uninitialized state new_base max_alloc in
+ let ret = V.inject new_base Ival.zero in
+ ret, new_state
+
+let alloc_imprecise_weakest ?returns_null region state actuals =
+ match actuals with
+ | [_, _size, _] ->
+ begin
+ let ret, new_state = alloc_imprecise_weakest_aux region [] "" _size state in
+ let c_values = wrap_fallible_alloc ?returns_null ret state new_state in
+ { Value_types.c_values = c_values ;
+ c_clobbered = Base.SetLattice.bottom;
+ c_cacheable = Value_types.NoCacheCallers;
+ c_from = None;
+ }
+ end
+ | _ -> raise (Builtins.Invalid_nb_of_args 1)
+
+let () = Builtins.register_builtin
+ "Frama_C_malloc_imprecise" (alloc_imprecise_weakest Base.Malloc)
+ ~typ:(fun () -> (Cil.voidPtrType, [Cil.theMachine.Cil.typeOfSizeOf]))
+
+let zero_to_max_bytes () = Ival.inject_range
+ (Some Integer.zero) (Some (Bit_utils.max_byte_size ()))
+
let alloc_size_ok intended_size =
try
let size = Cvalue.V.project_ival intended_size in
- let ok_size =
- Ival.inject_range (Some Integer.zero) (Some (Bit_utils.max_byte_size ()))
- in
+ let ok_size = zero_to_max_bytes () in
if Ival.is_included size ok_size then Alarmset.True
else if Ival.intersects size ok_size then Alarmset.Unknown
else Alarmset.False
@@ -422,7 +512,7 @@ let () =
(* Variables that have been returned by a call to an allocation function
at this callstack. The first allocated variable is at the top of the
stack. Currently, the callstacks are truncated according to
- [-val-malloc-functions]. *)
+ [-eva-alloc-functions]. *)
module MallocedByStack = (* varinfo list Callstack.hashtbl *)
State_builder.Hashtbl(Value_types.Callstack.Hashtbl)
(Datatype.List(Base))
@@ -454,7 +544,7 @@ let update_variable_validity ?(make_weak=false) base sizev =
(* Mutating the type of a varinfo is not exactly a good idea. This is
probably fine here, because the type of a malloced variable is
almost never used. *)
- vi.vtype <- weaken_type vi.vtype;
+ Cil.update_var_type vi (weaken_type vi.vtype);
end;
Base.update_variable_validity variable_v
~weak:make_weak ~min_alloc:min_sure_bits ~max_alloc:max_valid_bits;
@@ -510,10 +600,18 @@ let () = Builtins.register_builtin
~replace:"__fc_vla_alloc" "Frama_C_vla_alloc_by_stack"
(alloc_by_stack Base.VLA ~returns_null:false)
~typ:(fun () -> (Cil.voidPtrType, [Cil.theMachine.Cil.typeOfSizeOf]))
+let () = Builtins.register_builtin
+ "Frama_C_vla_alloc_imprecise"
+ (alloc_imprecise_weakest Base.VLA ~returns_null:false)
+ ~typ:(fun () -> (Cil.voidPtrType, [Cil.theMachine.Cil.typeOfSizeOf]))
let () = Builtins.register_builtin
~replace:"alloca" "Frama_C_alloca"
(alloc_by_stack ~prefix:"alloca" Base.Alloca ~returns_null:false)
~typ:(fun () -> (Cil.voidPtrType, [Cil.theMachine.Cil.typeOfSizeOf]))
+let () = Builtins.register_builtin
+ "Frama_C_alloca_imprecise"
+ (alloc_imprecise_weakest Base.Alloca ~returns_null:false)
+ ~typ:(fun () -> (Cil.voidPtrType, [Cil.theMachine.Cil.typeOfSizeOf]))
(* Equivalent to [alloc_by_stack], but for [calloc]. *)
let calloc_by_stack : Db.Value.builtin = fun state actuals ->
@@ -524,6 +622,18 @@ let () = Builtins.register_builtin
~typ:(fun () -> (Cil.voidPtrType, [Cil.theMachine.Cil.typeOfSizeOf;
Cil.theMachine.Cil.typeOfSizeOf]))
+(* Equivalent to [malloc_imprecise_weakest], but for [calloc]. *)
+let calloc_imprecise_weakest : Db.Value.builtin = fun state actuals ->
+ let calloc_f _stack _prefix _sizev _state =
+ alloc_imprecise_weakest_abstract Base.Malloc
+ in
+ calloc_abstract calloc_f state actuals
+
+let () = Builtins.register_builtin
+ "Frama_C_calloc_imprecise" calloc_imprecise_weakest
+ ~typ:(fun () -> (Cil.voidPtrType, [Cil.theMachine.Cil.typeOfSizeOf;
+ Cil.theMachine.Cil.typeOfSizeOf]))
+
(** {1 Free} *)
(* Change all references to bases into ESCAPINGADDR into the given state,
@@ -819,6 +929,33 @@ let () = Builtins.register_builtin
~typ:(fun () -> (Cil.voidPtrType, [Cil.voidPtrType;
Cil.theMachine.Cil.typeOfSizeOf]))
+let realloc_imprecise_weakest state args = match args with
+ | [ (_,ptr,_); (_,_size,_) ] ->
+ let (bases, card_ok, _null) = resolve_bases_to_free ptr in
+ if card_ok > 0 then
+ let orig_state = state in
+ let ret, state = alloc_imprecise_weakest_aux Base.Malloc [] "" _size state in
+ (* free old bases. *)
+ let state, changed = free_aux state ~strong:false bases in
+ let c_values = wrap_fallible_alloc ret orig_state state in
+ { Value_types.c_values;
+ c_clobbered = Builtins.clobbered_set_from_ret state ret;
+ c_cacheable = Value_types.NoCacheCallers;
+ c_from = Some changed;
+ }
+ else (* Invalid call. *)
+ { Value_types.c_values = [] ;
+ c_clobbered = Base.SetLattice.bottom;
+ c_cacheable = Value_types.NoCacheCallers;
+ c_from = None;
+ }
+ | _ -> raise (Builtins.Invalid_nb_of_args 2)
+
+let () = Builtins.register_builtin
+ "Frama_C_realloc_imprecise" realloc_imprecise_weakest
+ ~typ:(fun () -> (Cil.voidPtrType, [Cil.voidPtrType;
+ Cil.theMachine.Cil.typeOfSizeOf]))
+
(** {1 Leak detection} *)
(* Experimental, not to be released, leak detection built-in. *)
diff --git a/src/plugins/value/domains/cvalue/cvalue_domain.ml b/src/plugins/value/domains/cvalue/cvalue_domain.ml
index 811a00dd6b09360cc96c1b58561035a402d0e79b..5257e966b8729ffd4b3223a17080b80706964655 100644
--- a/src/plugins/value/domains/cvalue/cvalue_domain.ml
+++ b/src/plugins/value/domains/cvalue/cvalue_domain.ml
@@ -38,7 +38,7 @@ module Model = struct
lvalue can be incomparable. The origin is then used to store the value from
the state, to later choose which value to keep. This is done by the update
function in cvalue_transfer. *)
- type origin = value option
+ type origin = value
let extract_expr _ _ _ = `Value (Cvalue.V.top, None), Alarmset.all
@@ -308,15 +308,19 @@ module State = struct
Printer.pp_from assign pp_eval_error e;
Cvalue.V.top
- let logic_assign logic_assign location ~pre:(pre_state, _) (state, sclob) =
+ let logic_assign logic_assign location (state, sclob) =
match logic_assign with
- | Assigns assign ->
+ | None ->
+ let location = Precise_locs.imprecise_location location
+ and value = Cvalue.V.top in
+ Cvalue.Model.add_binding ~exact:false state location value, sclob
+ | Some (Assigns assign, (pre_state, _)) ->
let location = Precise_locs.imprecise_location location in
let env = Eval_terms.env_assigns pre_state in
let value = evaluate_from_clause env assign in
Locals_scoping.remember_if_locals_in_value sclob location value;
Cvalue.Model.add_binding ~exact:false state location value, sclob
- | Frees _ | Allocates _ -> state, sclob
+ | Some ((Frees _ | Allocates _), _) -> state, sclob
(* ------------------------------------------------------------------------ *)
(* Initialization *)
diff --git a/src/plugins/value/domains/cvalue/cvalue_transfer.ml b/src/plugins/value/domains/cvalue/cvalue_transfer.ml
index 540f2ec4bd4927c1b91585eb4ec1a46d1f3b3355..94bb435e1011082f6a365b22399e8612f0b2355b 100644
--- a/src/plugins/value/domains/cvalue/cvalue_transfer.ml
+++ b/src/plugins/value/domains/cvalue/cvalue_transfer.ml
@@ -25,7 +25,7 @@ open Eval
open Cvalue.Model
type value = Main_values.CVal.t
-type origin = value option
+type origin = value
type location = Main_locations.PLoc.location
let unbottomize = function
@@ -71,7 +71,7 @@ let update valuation t =
included in the other). We use some notion of cardinality of
abstract values to choose the best value to keep. *)
match record.origin with
- | Some (Some previous_v) ->
+ | Some previous_v ->
let typ = Cil.typeOfLval lv in
if is_smaller_value typ v previous_v then v else previous_v
| _ -> v
diff --git a/src/plugins/value/domains/cvalue/cvalue_transfer.mli b/src/plugins/value/domains/cvalue/cvalue_transfer.mli
index d9f23bf0ff20793c38529bdb71d38c9895d01c77..b74f2266bebc6c722c9ae1c946c947b47a20e752 100644
--- a/src/plugins/value/domains/cvalue/cvalue_transfer.mli
+++ b/src/plugins/value/domains/cvalue/cvalue_transfer.mli
@@ -23,7 +23,7 @@
(** Transfer functions for the main domain of the Value analysis. *)
type value = Main_values.CVal.t
-type origin = value option
+type origin = value
type location = Main_locations.PLoc.location
include Abstract_domain.Transfer
diff --git a/src/plugins/value/domains/domain_builder.ml b/src/plugins/value/domains/domain_builder.ml
index 83e734a69f51032108eaefc831f4cd2385762b03..af877385426edb598dce3e2d4bcdd901c516bf19 100644
--- a/src/plugins/value/domains/domain_builder.ml
+++ b/src/plugins/value/domains/domain_builder.ml
@@ -20,7 +20,6 @@
(* *)
(**************************************************************************)
-
module type InputDomain = sig
include Abstract_domain.S
val storage: unit -> bool
@@ -65,11 +64,11 @@ module Make_Minimal
type value = Value.t
type location = Location.location
type state = Domain.t
- type origin = unit
+ type origin
let narrow x _y = `Value x
- let top_answer = `Value (Value.top, ()), Alarmset.all
+ let top_answer = `Value (Value.top, None), Alarmset.all
let extract_expr _oracle _state _expr = top_answer
let extract_lval _oracle _state _lval _typ _location = top_answer
let backward_location _state _lval _typ location value = `Value (location, value)
@@ -102,7 +101,7 @@ module Make_Minimal
let lval = Cil.var varinfo in
Domain.initialize_variable lval ~initialized:true Abstract_domain.Top state
- let logic_assign _assigns _location ~pre:_ _state = top
+ let logic_assign _assigns _location _state = top
let evaluate_predicate _ _ _ = Alarmset.Unknown
let reduce_by_predicate _ t _ _ = `Value t
@@ -184,16 +183,19 @@ module Complete_Simple_Cvalue (Domain: Simpler_domains.Simple_Cvalue)
type value = Cvalue.V.t
type location = Precise_locs.precise_location
type state = Domain.t
- type origin = unit
+ type origin
let narrow x _y = `Value x
let extract_expr _oracle state expr =
- let v = Domain.extract_expr state expr >>-: fun v -> v, () in
+ let v = Domain.extract_expr state expr >>-: fun v -> v, None in
v, Alarmset.all
let extract_lval _oracle state lval typ location =
- let v = Domain.extract_lval state lval typ location >>-: fun v -> v, () in
+ let v =
+ Domain.extract_lval state lval typ location >>-: fun v ->
+ v, None
+ in
v, Alarmset.all
let backward_location _state _lval _typ location value =
@@ -236,7 +238,7 @@ module Complete_Simple_Cvalue (Domain: Simpler_domains.Simple_Cvalue)
let lval = Cil.var varinfo in
Domain.initialize_variable lval ~initialized:true Abstract_domain.Top state
- let logic_assign _assigns _location ~pre:_ _state = top
+ let logic_assign _assigns _location _state = top
let evaluate_predicate _ _ _ = Alarmset.Unknown
let reduce_by_predicate _ t _ _ = `Value t
@@ -249,3 +251,350 @@ module Complete_Simple_Cvalue (Domain: Simpler_domains.Simple_Cvalue)
include Complete (D)
end
+
+(* -------------------------------------------------------------------------- *)
+
+module Restrict
+ (Value: Abstract_value.S)
+ (Domain: Abstract.Domain.Internal with type value = Value.t)
+ (Scope: sig val functions: Domain_mode.function_mode list end)
+= struct
+
+ open Domain_mode
+
+ (* Defines the join and the narrow of different modes. *)
+ module Mode = struct
+ include Mode
+
+ let merge f m1 m2 =
+ let merge_perm p1 p2 =
+ { read = f p1.read p2.read;
+ write = f p1.write p2.write; }
+ in
+ { current = merge_perm m1.current m2.current;
+ calls = merge_perm m1.calls m2.calls; }
+
+ let join = merge (&&)
+ let narrow = merge (||)
+ end
+
+ (* Map that binds functions to their analysis mode. *)
+ let functions_map =
+ List.fold_left
+ (fun map (kf, mode) -> Kernel_function.Map.add kf mode map)
+ Kernel_function.Map.empty Scope.functions
+
+ (* This module propagates states of type [(state * mode) option]:
+ - None is propagated as long as no functions from [Scope.functions]
+ are analyzed.
+ - then the current [mode] is propagated alongside the state. Queries and
+ transfer functions are applied accordingly. The current mode is replaced
+ at function calls by [mode.calls]. *)
+
+ module Info = struct let module_name = Domain.name ^ " restricted" end
+ module D = Datatype.Pair_with_collections (Domain) (Mode) (Info)
+
+ module I = struct let module_name = Domain.name ^ " option" end
+ include Datatype.Option_with_collections (D) (I)
+
+ let default = Domain.top, Mode.all
+ let structure: t Abstract.Domain.structure =
+ Abstract.Domain.(Option ((Node (Domain.structure, Void)), default))
+
+ type state = t
+ type value = Domain.value
+ type location = Domain.location
+ type origin = Domain.origin
+
+ let get_state = function
+ | None -> Domain.top
+ | Some (state, _mode) -> state
+
+ (* When the first function from [Scope.functions] is encountered, starts the
+ analysis with the state computed by this function. It is an empty state in
+ which the global variables exist and may have any values. *)
+ let compute_starting_state () =
+ let empty = Domain.empty () in
+ let var_kind = Abstract_domain.Global in
+ let init varinfo _init state =
+ let state = Domain.enter_scope var_kind [varinfo] state in
+ Domain.initialize_variable_using_type var_kind varinfo state
+ in
+ Globals.Vars.fold init empty
+
+ (* Do not recompute each time the starting state. Do not compute the starting
+ state too early either, in case it depends on analysis options. *)
+ let get_starting_state =
+ let starting_state = ref None in
+ fun () ->
+ match !starting_state with
+ | None ->
+ let s = compute_starting_state () in
+ starting_state := Some s;
+ s
+ | Some state -> state
+
+ (* ----- Lattice ---------------------------------------------------------- *)
+
+ let top = None
+
+ let is_included x y =
+ match x, y with
+ | _, None -> true
+ | None, _ -> false
+ | Some (d1, _), Some (d2, _) -> Domain.is_included d1 d2
+
+ let make_join join = fun x y ->
+ match x, y with
+ | None, _ | _, None -> None
+ | Some (d1, m1), Some (d2, m2) -> Some (join d1 d2, Mode.join m1 m2)
+
+ let join = make_join Domain.join
+ let widen kf stmt = make_join (Domain.widen kf stmt)
+
+ let narrow x y =
+ match x, y with
+ | None, s | s, None -> `Value s
+ | Some (d1, s1), Some (d2, s2) ->
+ Domain.narrow d1 d2 >>-: fun s ->
+ Some (s, Mode.narrow s1 s2)
+
+ (* ----- Queries ---------------------------------------------------------- *)
+
+ (* Applies the [query] only if the current mode allows the domain to read.
+ Otherwise, returns [default]. *)
+ let make_query default query = function
+ | None -> default
+ | Some (state, mode) ->
+ if mode.current.read
+ then query state
+ else default
+
+ let default_query = `Value (Value.top, None), Alarmset.all
+
+ let extract_expr oracle state expr =
+ make_query default_query (fun s -> Domain.extract_expr oracle s expr) state
+
+ let extract_lval oracle state lval typ location =
+ make_query
+ default_query
+ (fun s -> Domain.extract_lval oracle s lval typ location)
+ state
+
+ let backward_location state lval typ location value =
+ make_query
+ (`Value (location, value))
+ (fun s -> Domain.backward_location s lval typ location value)
+ state
+
+ let reduce_further state expr value =
+ make_query [] (fun s -> Domain.reduce_further s expr value) state
+
+ (* ----- Transfer functions ----------------------------------------------- *)
+
+ (* Applies the transfer function [f] only if the current mode allows the
+ domain to write. Otherwise, returns the state unchanged. *)
+ let make_transfer f = function
+ | None -> `Value None
+ | Some (state, mode) ->
+ if mode.current.write
+ then f state >>-: fun state -> Some (state, mode)
+ else `Value (Some (state, mode))
+
+ let update valuation = make_transfer (Domain.update valuation)
+ let assume stmt expr positive valuation =
+ make_transfer (Domain.assume stmt expr positive valuation)
+
+ (* Applies the [assign] transfer function according to the current mode.
+ In any case, removes from the state the properties depending on the memory
+ location modified by the assignment. *)
+ let assign kinstr lvalue expr assigned valuation = function
+ | None -> `Value None
+ | Some (state, mode) ->
+ if mode.current.write
+ then
+ Domain.assign kinstr lvalue expr assigned valuation state >>-: fun s ->
+ Some (s, mode)
+ else
+ let state = Domain.logic_assign None lvalue.lloc state in
+ `Value (Some (state, mode))
+
+ (* Starts an analysis at call [call] with state [state]. The domain was not
+ enabled before this call: the concrete arguments may contain variables that
+ have never been introduced into the state, so we should not use them. This
+ function only introduces the formal parameters in the state. *)
+ let start_analysis call state =
+ let formals = List.map (fun argument -> argument.formal) call.arguments in
+ let kind = Abstract_domain.Formal call.kf in
+ let state = Domain.enter_scope kind formals state in
+ let initialize acc v = Domain.initialize_variable_using_type kind v acc in
+ let state = List.fold_left initialize state formals in
+ state
+
+ (* When interpreting a function call:
+ - if the mode of the function called allows the domain to infer properties,
+ use [start_call] and [finalize_call] as normal. If the current mode did
+ not allow the domain to infer properties, use [start_analysis] instead.
+ - otherwise, only propagate the state from the call site to kill the
+ properties that depend on locations written in the called functions. *)
+
+ let start_call stmt call valuation state =
+ (* Starts the call with mode [new_mode]. [previous_mode] is the current mode
+ of the caller. *)
+ let start_call_with_mode ?previous_mode ~new_mode state =
+ if new_mode.current.write
+ then
+ match previous_mode with
+ | Some mode when mode.current.write ->
+ Domain.start_call stmt call valuation state >>-: fun state ->
+ Some (state, new_mode)
+ | _ ->
+ `Value (Some (start_analysis call state, new_mode))
+ else `Value (Some (state, new_mode))
+ in
+ (* If an analysis mode is defined for the called function in [Scope],
+ then this mode becomes the new current mode. Otherwise, use the [calls]
+ field of the previous mode. *)
+ let called_mode = Kernel_function.Map.find_opt call.kf functions_map in
+ match state, called_mode with
+ | Some (state, previous_mode), Some new_mode ->
+ start_call_with_mode ~previous_mode ~new_mode state
+ | Some (state, previous_mode), None ->
+ let new_mode = { previous_mode with current = previous_mode.calls } in
+ start_call_with_mode ~previous_mode ~new_mode state
+ | None, Some new_mode ->
+ start_call_with_mode ~new_mode (get_starting_state ())
+ | None, None ->
+ `Value None
+
+ let finalize_call stmt call ~pre ~post =
+ match pre, post with
+ | None, _ | _, None -> `Value None
+ | Some (pre, pre_mode), Some (post, post_mode) ->
+ if post_mode.current.write
+ then
+ Domain.finalize_call stmt call ~pre ~post >>-: fun state ->
+ Some (state, pre_mode)
+ else
+ `Value (Some (post, pre_mode))
+
+ let show_expr valuation state fmt expr =
+ match state with
+ | None -> ()
+ | Some (state, _mode) -> Domain.show_expr valuation state fmt expr
+
+ (* ----- Logic evalutation ------------------------------------------------ *)
+
+ let logic_assign assign location = function
+ | None -> None
+ | Some (state, mode) ->
+ let assign =
+ Extlib.opt_map (fun (assign, state) -> assign, get_state state) assign
+ in
+ Some (Domain.logic_assign assign location state, mode)
+
+ let lift_env env =
+ let states label = get_state (env.Abstract_domain.states label) in
+ Abstract_domain.{ env with states = states }
+
+ let evaluate_predicate env state predicate =
+ make_query
+ Alarmset.Unknown
+ (fun s -> Domain.evaluate_predicate (lift_env env) s predicate)
+ state
+
+ let reduce_by_predicate env state predicate positive =
+ make_transfer
+ (fun s -> Domain.reduce_by_predicate (lift_env env) s predicate positive)
+ state
+
+ (* ----- Scoping, initialization & loops ---------------------------------- *)
+
+ let lift f = function
+ | None -> None
+ | Some (state, mode) as x ->
+ if mode.current.write
+ then Some (f state, mode)
+ else x
+
+ let enter_scope kind varinfos = lift (Domain.enter_scope kind varinfos)
+ let leave_scope kf varinfos = lift (Domain.leave_scope kf varinfos)
+
+ (* Uses the mode of the 'main' function to start the analysis. *)
+ let empty () =
+ let main_kf = fst (Globals.entry_point ()) in
+ match Kernel_function.Map.find_opt main_kf functions_map with
+ | None -> None
+ | Some mode -> Some (Domain.empty (), mode)
+
+ let initialize_variable lval location ~initialized init_value =
+ lift (Domain.initialize_variable lval location ~initialized init_value)
+ let initialize_variable_using_type init_kind varinfo =
+ lift (Domain.initialize_variable_using_type init_kind varinfo)
+
+ let enter_loop stmt = lift (Domain.enter_loop stmt)
+ let incr_loop_counter stmt = lift (Domain.incr_loop_counter stmt)
+ let leave_loop stmt = lift (Domain.leave_loop stmt)
+
+ (* ----- MemExec ---------------------------------------------------------- *)
+
+ let relate kf bases = function
+ | None -> Base.SetLattice.empty
+ | Some (state, _mode) -> Domain.relate kf bases state
+
+ let filter kf kind bases = function
+ | None -> None
+ | Some (state, mode) -> Some (Domain.filter kf kind bases state, mode)
+
+ let reuse kf bases ~current_input ~previous_output =
+ match current_input, previous_output with
+ | None, _ | _, None -> None
+ | Some (current_input, mode), Some (previous_output, _) ->
+ Some (Domain.reuse kf bases ~current_input ~previous_output, mode)
+
+ let log_category = Domain.log_category
+
+ let post_analysis state =
+ let state = state >>-: get_state in
+ Domain.post_analysis state
+
+ (* ----- Storage ---------------------------------------------------------- *)
+
+ module Store = struct
+
+ let register_global_state state =
+ let state = state >>-: get_state in
+ Domain.Store.register_global_state state
+
+ let lift_register f state = f (get_state state)
+
+ let register_initial_state callstack =
+ lift_register (Domain.Store.register_initial_state callstack)
+ let register_state_before_stmt callstack stmt =
+ lift_register (Domain.Store.register_state_before_stmt callstack stmt)
+ let register_state_after_stmt callstack stmt =
+ lift_register (Domain.Store.register_state_after_stmt callstack stmt)
+
+ let inject state = Some (state, Mode.all)
+
+ let get_global_state () = Domain.Store.get_global_state () >>-: inject
+ let get_initial_state kf = Domain.Store.get_initial_state kf >>-: inject
+ let get_stmt_state ~after stmt =
+ Domain.Store.get_stmt_state ~after stmt >>-: inject
+
+ let inject_table = function
+ | `Top -> `Top
+ | `Bottom -> `Bottom
+ | `Value t ->
+ let module Hashtbl = Value_types.Callstack.Hashtbl in
+ let table = Hashtbl.create (Hashtbl.length t) in
+ Hashtbl.iter (fun key s -> Hashtbl.add table key (inject s)) t;
+ `Value table
+
+ let get_initial_state_by_callstack kf =
+ inject_table (Domain.Store.get_initial_state_by_callstack kf)
+ let get_stmt_state_by_callstack ~after stmt =
+ inject_table (Domain.Store.get_stmt_state_by_callstack ~after stmt)
+
+ end
+end
diff --git a/src/plugins/value/domains/domain_builder.mli b/src/plugins/value/domains/domain_builder.mli
index b604579e939f7d63075e53eaf5e1bc80e1748c30..66613b44d545a3e0ed7fbfe1d6b41e6f93ee8d73 100644
--- a/src/plugins/value/domains/domain_builder.mli
+++ b/src/plugins/value/domains/domain_builder.mli
@@ -55,3 +55,15 @@ module Complete_Simple_Cvalue
: Abstract_domain.Leaf with type value = Cvalue.V.t
and type location = Precise_locs.precise_location
and type state = Domain.t
+
+(* Restricts an abstract domain on specific functions. The domain will only be
+ enabled on the given functions. Moreover, a mode is associated to each of
+ these functions, allowing (or not) the domain to infer or use properties
+ in the current function and in all functions called from it.
+ See {!Domain_mode} for more details. *)
+module Restrict
+ (Value: Abstract_value.S)
+ (Domain: Abstract.Domain.Internal with type value = Value.t)
+ (Scope: sig val functions: Domain_mode.function_mode list end)
+ : Abstract.Domain.Internal with type value = Value.t
+ and type location = Domain.location
diff --git a/src/plugins/value/domains/domain_lift.ml b/src/plugins/value/domains/domain_lift.ml
index 0e8d958ef1dd6fe0dbb2bbc9526d6252af663df3..46331911138dce10ab88edc059e32d695b44c0ac 100644
--- a/src/plugins/value/domains/domain_lift.ml
+++ b/src/plugins/value/domains/domain_lift.ml
@@ -123,8 +123,8 @@ module Make
let show_expr valuation = Domain.show_expr (lift_valuation valuation)
- let logic_assign assigns location ~pre state =
- Domain.logic_assign assigns (Convert.restrict_loc location) ~pre state
+ let logic_assign assigns location state =
+ Domain.logic_assign assigns (Convert.restrict_loc location) state
let evaluate_predicate = Domain.evaluate_predicate
let reduce_by_predicate = Domain.reduce_by_predicate
diff --git a/src/plugins/value/domains/domain_mode.ml b/src/plugins/value/domains/domain_mode.ml
new file mode 100644
index 0000000000000000000000000000000000000000..298f27fc57d885a4b0c438fe24e4388ad983f435
--- /dev/null
+++ b/src/plugins/value/domains/domain_mode.ml
@@ -0,0 +1,98 @@
+(**************************************************************************)
+(* *)
+(* This file is part of Frama-C. *)
+(* *)
+(* Copyright (C) 2007-2020 *)
+(* CEA (Commissariat à l'énergie atomique et aux énergies *)
+(* alternatives) *)
+(* *)
+(* you can redistribute it and/or modify it under the terms of the GNU *)
+(* Lesser General Public License as published by the Free Software *)
+(* Foundation, version 2.1. *)
+(* *)
+(* It is distributed in the hope that it will be useful, *)
+(* but WITHOUT ANY WARRANTY; without even the implied warranty of *)
+(* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *)
+(* GNU Lesser General Public License for more details. *)
+(* *)
+(* See the GNU Lesser General Public License version 2.1 *)
+(* for more details (enclosed in the file licenses/LGPLv2.1). *)
+(* *)
+(**************************************************************************)
+
+type permission = { read: bool; write: bool; }
+type mode = { current: permission; calls: permission; }
+
+type function_mode = Kernel_function.t * mode
+
+module Mode = struct
+ let all_permission = { read = true; write = true; }
+ let no_permission = { read = false; write = false; }
+
+ let default = { current = all_permission; calls = no_permission; }
+ let all = { current = all_permission; calls = all_permission; }
+ let none = { current = no_permission; calls = no_permission; }
+
+ include Datatype.Make_with_collections
+ (struct
+ include Datatype.Serializable_undefined
+ type t = mode
+ let name = "Domain_mode.Mode"
+ let reprs = [ default ]
+ let compare = Transitioning.Stdlib.compare
+ let equal = Datatype.from_compare
+ let hash = Hashtbl.hash
+ end)
+
+ let check str =
+ String.iter
+ (fun c ->
+ if Char.lowercase_ascii c <> 'r' && Char.lowercase_ascii c <> 'w'
+ then raise (Invalid_argument ("invalid mode " ^ str)))
+ str
+
+ let of_string str =
+ check str;
+ let calls =
+ { read = String.contains str 'R';
+ write = String.contains str 'W'; }
+ and current =
+ { read = String.contains str 'r';
+ write = String.contains str 'w'; }
+ in
+ { current; calls; }
+
+ let to_string t =
+ let string_if c b = if b then c else "" in
+ string_if "r" t.current.read ^ string_if "w" t.current.write ^
+ string_if "R" t.calls.read ^ string_if "W" t.calls.write
+end
+
+module Function_Mode = struct
+ include Datatype.Pair (Kernel_function) (Mode)
+ type key = string
+
+ let of_string ~key ~prev:_ str =
+ match str with
+ | None -> raise (Invalid_argument ("no value bound to " ^ key))
+ | Some str ->
+ let get_function str =
+ try Globals.Functions.find_by_name str
+ with Not_found -> raise (Invalid_argument ("no function " ^ str))
+ in
+ match String.split_on_char '-' str with
+ | [ kf; "" ] -> Some (get_function kf, Mode.none)
+ | _ ->
+ match String.split_on_char '+' str with
+ | [ kf ] -> Some (get_function kf, Mode.default)
+ | [ kf; "" ] -> Some (get_function kf, Mode.all)
+ | [ kf; mode ] -> Some (get_function kf, Mode.of_string mode)
+ | _ -> raise (Invalid_argument ("invalid argument " ^ str))
+
+ let to_string ~key:_ = function
+ | None -> None
+ | Some (kf, mode) ->
+ Some (Kernel_function.get_name kf ^ "+" ^ Mode.to_string mode)
+end
+
+include Datatype.List (Function_Mode)
diff --git a/src/plugins/value/domains/domain_mode.mli b/src/plugins/value/domains/domain_mode.mli
new file mode 100644
index 0000000000000000000000000000000000000000..cbb9a07e2c7ef60b0e39379690049951244070b2
--- /dev/null
+++ b/src/plugins/value/domains/domain_mode.mli
@@ -0,0 +1,54 @@
+(**************************************************************************)
+(* *)
+(* This file is part of Frama-C. *)
+(* *)
+(* Copyright (C) 2007-2020 *)
+(* CEA (Commissariat à l'énergie atomique et aux énergies *)
+(* alternatives) *)
+(* *)
+(* you can redistribute it and/or modify it under the terms of the GNU *)
+(* Lesser General Public License as published by the Free Software *)
+(* Foundation, version 2.1. *)
+(* *)
+(* It is distributed in the hope that it will be useful, *)
+(* but WITHOUT ANY WARRANTY; without even the implied warranty of *)
+(* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *)
+(* GNU Lesser General Public License for more details. *)
+(* *)
+(* See the GNU Lesser General Public License version 2.1 *)
+(* for more details (enclosed in the file licenses/LGPLv2.1). *)
+(* *)
+(**************************************************************************)
+
+(** This module defines the mode to restrict an abstract domain on specific
+ functions. *)
+
+(** Permission for an abstract domain to read/write its state.
+ If [write] is true, the domain infers new properties when interpreting
+ assignments, assumptions, and logical assertions. Otherwise, it only
+ propagates already known properties as long as they hold.
+ If [read] is true, the domain uses its inferred properties to improve
+ the evaluation of expressions by extracting information from its state.
+ It can also evaluate logical assertions. *)
+type permission = { read: bool; write: bool; }
+
+(** Mode for the analysis of a function [f]:
+ - [current] is the read/write permission for [f].
+ - [calls] is the read/write permission for all functions called from [f]. *)
+type mode = { current: permission; calls: permission; }
+
+(** Datatype for modes. *)
+module Mode : sig
+ include Datatype.S_with_collections with type t = mode
+ val all: t (** Default mode: all permissions are granted. *)
+end
+
+(** A function associated with an analysis mode. *)
+type function_mode = Kernel_function.t * mode
+
+module Function_Mode:
+ Parameter_sig.Multiple_value_datatype with type key = string
+ and type t = function_mode
+
+(** Analysis mode for a domain. *)
+include Datatype.S with type t = function_mode list
diff --git a/src/plugins/value/domains/domain_product.ml b/src/plugins/value/domains/domain_product.ml
index d73cc44bf4a3293e531a0df0752500116498963a..06574e327e6fed7fb945168a33b07b20372d9f98 100644
--- a/src/plugins/value/domains/domain_product.ml
+++ b/src/plugins/value/domains/domain_product.ml
@@ -37,8 +37,8 @@ module Make
type location = Left.location
type origin = {
- left: reductness * Left.origin;
- right: reductness * Right.origin;
+ left: reductness * Left.origin option;
+ right: reductness * Right.origin option;
}
let () = incr counter
@@ -85,7 +85,7 @@ module Make
else if Value.equal v2 Value.top then Created else Reduced
in
let origin = {left = left, o1; right = right, o2} in
- value, origin
+ value, Some origin
in
value, alarms
@@ -120,7 +120,7 @@ module Make
| Reduced, Some (Created, _) -> Created
| _ as x, _ -> x
in
- let origin = Extlib.opt_map snd origin in
+ let origin = Extlib.may_map snd ~dft:None origin in
{ record with origin; reductness }
let lift_valuation side valuation =
@@ -227,9 +227,14 @@ module Make
print_one_side fmt right_log Right.name Right.pretty right)
- let logic_assign assign location ~pre:(left_pre, right_pre) (left, right) =
- Left.logic_assign assign location ~pre:left_pre left,
- Right.logic_assign assign location ~pre:right_pre right
+ let logic_assign assign location (left, right) =
+ let left_assign, right_assign =
+ match assign with
+ | None -> None, None
+ | Some (assign, (left, right)) -> Some (assign, left), Some (assign, right)
+ in
+ Left.logic_assign left_assign location left,
+ Right.logic_assign right_assign location right
let lift_logic_env f logic_env =
Abstract_domain.{ states = (fun label -> f (logic_env.states label));
diff --git a/src/plugins/value/domains/equality/equality_domain.ml b/src/plugins/value/domains/equality/equality_domain.ml
index b36c5560bf041b5b3faac65731f3daf489acccd5..b04cd0ffa19955c80a0e67c183af5193509399ff 100644
--- a/src/plugins/value/domains/equality/equality_domain.ml
+++ b/src/plugins/value/domains/equality/equality_domain.ml
@@ -189,7 +189,7 @@ module Make
type value = Value.t
type location = Precise_locs.precise_location
- type origin = unit
+ type origin
let reduce_further (equalities, _, _) expr value =
let atom = HCE.of_exp expr in
@@ -232,12 +232,12 @@ module Make
in
let v = Equality.Equality.fold aux_eq equality (`Value Value.top) in
(* Remove the 'origin' information of garbled mixes. *)
- let v = v >>-: fun v -> imprecise_origin v, () in
+ let v = v >>-: fun v -> imprecise_origin v, None in
(* All expressions used by the equality domain have already been evaluated
before during the analysis; alarms about those expressions have already
been emitted. *)
v, Alarmset.none
- | None -> `Value (Value.top, ()), Alarmset.all
+ | None -> `Value (Value.top, None), Alarmset.all
let extract_expr (oracle: exp -> Value.t evaluated) (equalities, _, _) expr =
let expr = Cil.constFold true expr in
@@ -503,7 +503,7 @@ module Make
| Some equality -> Equality.Equality.pretty fmt equality
| None -> ()
- let logic_assign _assigns location ~pre:_ state =
+ let logic_assign _assigns location state =
let loc = Precise_locs.imprecise_location location in
let zone = Locations.(enumerate_valid_bits Write loc) in
kill Hcexprs.Modified zone state
diff --git a/src/plugins/value/domains/gauges/gauges_domain.ml b/src/plugins/value/domains/gauges/gauges_domain.ml
index 75acbedd0d9b10b60c6c028ccbf45435ada87e4a..4c8dec87e1ecf236a920ef4eb38a1134f3a6ceb7 100644
--- a/src/plugins/value/domains/gauges/gauges_domain.ml
+++ b/src/plugins/value/domains/gauges/gauges_domain.ml
@@ -1130,7 +1130,7 @@ module D_Impl : Abstract_domain.S
type value = Cvalue.V.t
type state = G.t
type location = Precise_locs.precise_location
- type origin = unit
+ type origin
include G
@@ -1260,7 +1260,7 @@ module D_Impl : Abstract_domain.S
(* TODO: it would be interesting to return something here, but we
currently need a valuation to perform the translation. *)
let extract_expr _oracle _state _exp =
- `Value (Cvalue.V.top, ()), Alarmset.all
+ `Value (Cvalue.V.top, None), Alarmset.all
let extract_lval _oracle state _lv typ loc =
let v =
@@ -1274,7 +1274,7 @@ module D_Impl : Abstract_domain.S
(* We can probably return an empty set of alarms when the value is known,
but the only possible alarms on lvalues are about indeterminateness,
and it is not clear that we know more than the Cvalue domain. *)
- `Value (v, ()), Alarmset.all
+ `Value (v, None), Alarmset.all
let backward_location _state _lval _typ loc value = `Value (loc, value)
@@ -1296,7 +1296,7 @@ module D_Impl : Abstract_domain.S
let initialize_variable _ _ ~initialized:_ _ state = state
(* Logic *)
- let logic_assign _assigns location ~pre:_ state = kill location state
+ let logic_assign _assigns location state = kill location state
let evaluate_predicate _ _ _ = Alarmset.Unknown
let reduce_by_predicate _ state _ _ = `Value state
diff --git a/src/plugins/value/domains/inout_domain.ml b/src/plugins/value/domains/inout_domain.ml
index 6bdc20363831dce8f2b6671deedfc4a08517db66..5bbf25ba1ff5dc18b3f392d07d6d25b5d35c4fcf 100644
--- a/src/plugins/value/domains/inout_domain.ml
+++ b/src/plugins/value/domains/inout_domain.ml
@@ -213,7 +213,7 @@ module Internal
type state = inout
type value = Cvalue.V.t
type location = Precise_locs.precise_location
- type origin = unit
+ type origin
include (LatticeInout: sig
include Datatype.S_with_collections with type t = state
@@ -261,7 +261,7 @@ module Internal
let initialize_variable_using_type _ _ state = state
(* TODO *)
- let logic_assign _assign _location ~pre:_ _state = top
+ let logic_assign _assign _location _state = top
(* Logic *)
let evaluate_predicate _ _ _ = Alarmset.Unknown
@@ -269,7 +269,7 @@ module Internal
let storage () = true
- let top_query = `Value (Cvalue.V.top, ()), Alarmset.all
+ let top_query = `Value (Cvalue.V.top, None), Alarmset.all
let extract_expr _oracle _state _expr = top_query
let extract_lval _oracle _state _lv _typ _locs = top_query
diff --git a/src/plugins/value/domains/octagons.ml b/src/plugins/value/domains/octagons.ml
index 8ed828c84e0d967960095b7121f6ab5df7e6647a..b1faca4b4d688ab17f84382b814b3b23c4206a6b 100644
--- a/src/plugins/value/domains/octagons.ml
+++ b/src/plugins/value/domains/octagons.ml
@@ -1037,9 +1037,9 @@ module Domain = struct
type value = Cvalue.V.t
type location = Precise_locs.precise_location
- type origin = unit
+ type origin
- let top_value = `Value (Cvalue.V.top, ()), Alarmset.all
+ let top_value = `Value (Cvalue.V.top, None), Alarmset.all
let extract_expr oracle state expr =
let evaluate_expr expr =
@@ -1057,7 +1057,7 @@ module Domain = struct
then top_value
else if Ival.is_bottom ival
then `Bottom, Alarmset.all
- else `Value (Cvalue.V.inject_ival ival, ()), alarms
+ else `Value (Cvalue.V.inject_ival ival, None), alarms
let extract_lval _oracle _t _lval _typ _loc = top_value
@@ -1235,7 +1235,7 @@ module Domain = struct
let show_expr _valuation _state _fmt _expr = ()
- let logic_assign _logic_assign location ~pre:_ state =
+ let logic_assign _logic_assign location state =
let loc = Precise_locs.imprecise_location location in
let zone = Locations.(enumerate_valid_bits Write loc) in
let state = kill zone state in
diff --git a/src/plugins/value/domains/offsm_domain.ml b/src/plugins/value/domains/offsm_domain.ml
index 87c59b2711520b55c106ef6aaedd552b7f7d99d2..cb7c583d9e8aa74a6008cbd9a746de1f3223d8ad 100644
--- a/src/plugins/value/domains/offsm_domain.ml
+++ b/src/plugins/value/domains/offsm_domain.ml
@@ -97,7 +97,7 @@ module Internal : Domain_builder.InputDomain
type value = offsm_or_top
type state = Memory.t
type location = Precise_locs.precise_location
- type origin = unit (* ???? *)
+ type origin
include (Memory: sig
include Datatype.S_with_collections with type t = state
@@ -164,7 +164,7 @@ module Internal : Domain_builder.InputDomain
let show_expr _valuation _state _fmt _expr = ()
let extract_expr _oracle _state _exp =
- `Value (Offsm_value.Offsm.top, ()), Alarmset.all
+ `Value (Offsm_value.Offsm.top, None), Alarmset.all
(* Basic 'find' on a location *)
let find_loc state loc =
@@ -181,7 +181,7 @@ module Internal : Domain_builder.InputDomain
if Cil.typeHasQualifier "volatile" typ ||
not (Cil.isArithmeticOrPointerType typ)
then
- `Value (Top, ())
+ `Value (Top, None)
else
try
let aux_loc loc o =
@@ -189,8 +189,8 @@ module Internal : Domain_builder.InputDomain
Bottom.join Offsm_value.Offsm.join o o'
in
Precise_locs.fold aux_loc locs `Bottom >>-: fun v ->
- v, ()
- with Abstract_interp.Error_Top -> `Value (Top, ())
+ v, None
+ with Abstract_interp.Error_Top -> `Value (Top, None)
in
o, Alarmset.all
@@ -216,7 +216,7 @@ module Internal : Domain_builder.InputDomain
let initialize_variable _ _ ~initialized:_ _ state = state
(* Logic *)
- let logic_assign _assign location ~pre:_ state =
+ let logic_assign _assign location state =
let loc = Precise_locs.imprecise_location location in
kill loc state
diff --git a/src/plugins/value/domains/simple_memory.ml b/src/plugins/value/domains/simple_memory.ml
index 56e9aecdb1276f7318e81e53543763a67ad8d586..f2e84f2c345451919a483d69b896082546acb526 100644
--- a/src/plugins/value/domains/simple_memory.ml
+++ b/src/plugins/value/domains/simple_memory.ml
@@ -187,7 +187,7 @@ module Make_Internal (Info: sig val name: string end) (Value: Value) = struct
type state = t
type value = Value.t
type location = Precise_locs.precise_location
- type origin = unit
+ type origin
let log_category = Value_parameters.register_category ("d-" ^ Info.name)
@@ -198,9 +198,9 @@ module Make_Internal (Info: sig val name: string end) (Value: Value) = struct
evaluation. *)
let extract_lval _oracle state _lv typ loc =
let v = find loc typ state in
- `Value (v, ()), Alarmset.all
+ `Value (v, None), Alarmset.all
- let extract_expr _oracle _state _expr = `Value (Value.top, ()), Alarmset.all
+ let extract_expr _oracle _state _expr = `Value (Value.top, None), Alarmset.all
let backward_location state _lval typ loc _value =
let new_value = find loc typ state in
@@ -300,7 +300,7 @@ module Make_Internal (Info: sig val name: string end) (Value: Value) = struct
let incr_loop_counter _ state = state
let leave_loop _ state = state
- let logic_assign _assign location ~pre:_ state = remove location state
+ let logic_assign _assign location state = remove location state
let evaluate_predicate _ _ _ = Alarmset.Unknown
let reduce_by_predicate _ state _ _ = `Value state
diff --git a/src/plugins/value/domains/symbolic_locs.ml b/src/plugins/value/domains/symbolic_locs.ml
index f7e994cc2546eda24b8da368e0831934869e3a62..9464308a6e2d57bed2ad1a649186983298815d56 100644
--- a/src/plugins/value/domains/symbolic_locs.ml
+++ b/src/plugins/value/domains/symbolic_locs.ml
@@ -466,7 +466,7 @@ module Internal : Domain_builder.InputDomain
type state = Memory.t
type value = V.t
type location = Precise_locs.precise_location
- type origin = unit
+ type origin
include (Memory: sig
include Datatype.S_with_collections with type t = state
@@ -569,7 +569,7 @@ module Internal : Domain_builder.InputDomain
let show_expr _valuation _state _fmt _expr = ()
- let top_query = `Value (V.top, ()), Alarmset.all
+ let top_query = `Value (V.top, None), Alarmset.all
(* For extraction functions, if we have an information about the value,
this means that the key has been evaluated in all the paths that reach
@@ -579,12 +579,12 @@ module Internal : Domain_builder.InputDomain
let extract_expr _oracle state expr =
match Memory.find_expr expr state with
| None -> top_query
- | Some v -> `Value (v, ()), Alarmset.none
+ | Some v -> `Value (v, None), Alarmset.none
let extract_lval _oracle state lv _typ _locs =
match Memory.find_lval lv state with
| None -> top_query
- | Some v -> `Value (v, ()), Alarmset.none
+ | Some v -> `Value (v, None), Alarmset.none
let backward_location _state _lval _typ loc value =
(* Nothing to do. We could check if [[lval]] intersects [value] and
@@ -631,7 +631,7 @@ module Internal : Domain_builder.InputDomain
let initialize_variable _ _ ~initialized:_ _ state = state
(* Logic *)
- let logic_assign _assigns location ~pre:_ state =
+ let logic_assign _assigns location state =
let loc = Precise_locs.imprecise_location location in
Memory.kill loc state
diff --git a/src/plugins/value/domains/traces_domain.ml b/src/plugins/value/domains/traces_domain.ml
index 1761500f38fa86be76428eeb46db791f4099c4ec..c7cb5f5219d7ce702517e27cfac0d85b2b665b05 100644
--- a/src/plugins/value/domains/traces_domain.ml
+++ b/src/plugins/value/domains/traces_domain.ml
@@ -848,7 +848,7 @@ module Internal = struct
type nonrec state = state
type value = Cvalue.V.t
type location = Precise_locs.precise_location
- type origin = unit
+ type origin
include (Traces: sig
include Datatype.S_with_collections with type t = state
@@ -931,7 +931,7 @@ module Internal = struct
Traces.add_trans state (Msg msg)
(* TODO *)
- let logic_assign _assign _location ~pre:_ state =
+ let logic_assign _assign _location state =
Traces.add_trans state (Msg "logic assign")
(* Logic *)
@@ -940,7 +940,7 @@ module Internal = struct
let storage () = true
- let top_query = `Value (Cvalue.V.top, ()), Alarmset.all
+ let top_query = `Value (Cvalue.V.top, None), Alarmset.all
let extract_expr _oracle _state _expr = top_query
let extract_lval _oracle _state _lv _typ _locs = top_query
@@ -1080,10 +1080,12 @@ let rec stmts_of_cfg cfg current var_map locals return_exp acc =
| Assume (_, exp,b) ->
let exp = subst_in_exp var_map exp in
- let predicate = (Logic_utils.expr_to_predicate ~cast:true exp).Cil_types.ip_content in
+ let predicate = Logic_utils.expr_to_predicate exp in
let predicate = if b then predicate else Logic_const.pnot predicate in
- let code_annot = Logic_const.new_code_annotation(Cil_types.AAssert([],Assert,predicate)) in
- let stmt = Cil.mkStmtOneInstr ~valid_sid (Cil_types.Code_annot(code_annot,dummy_loc)) in
+ let code_node = Cil_types.AAssert([],Assert,predicate) in
+ let code_annot = Logic_const.new_code_annotation code_node in
+ let stmt_kind = Cil_types.Code_annot(code_annot,exp.eloc) in
+ let stmt = Cil.mkStmtOneInstr ~valid_sid stmt_kind in
stmts_of_cfg cfg n var_map locals return_exp (stmt::acc)
| EnterScope (_, vs) ->
diff --git a/src/plugins/value/domains/unit_domain.ml b/src/plugins/value/domains/unit_domain.ml
index 00c59d6445cdcc7fc3434a0162222f2d1d0158e1..c12cdfc9f3cfa03bc6b7b3ac6ef2001b96513110 100644
--- a/src/plugins/value/domains/unit_domain.ml
+++ b/src/plugins/value/domains/unit_domain.ml
@@ -52,9 +52,9 @@ module Make
include Static
type value = Value.t
type location = Loc.location
- type origin = unit
+ type origin
- let eval_top = `Value (Value.top, ()), Alarmset.all
+ let eval_top = `Value (Value.top, None), Alarmset.all
let extract_expr _ _ _ = eval_top
let extract_lval _ _ _ _ _ = eval_top
let backward_location _ _ _ loc value = `Value (loc, value)
@@ -67,7 +67,7 @@ module Make
let finalize_call _ _ ~pre:_ ~post:_ = `Value ()
let show_expr _ _ _ _ = ()
- let logic_assign _ _ ~pre:_ _ = ()
+ let logic_assign _ _ _ = ()
let evaluate_predicate _ _ _ = Alarmset.Unknown
let reduce_by_predicate _ _ _ _ = `Value ()
diff --git a/src/plugins/value/engine/abstractions.ml b/src/plugins/value/engine/abstractions.ml
index d393a2061409a669a59d45d703814d192735d35f..9e18ff813ba18eefec37dacf9f20523c10489d50 100644
--- a/src/plugins/value/engine/abstractions.ml
+++ b/src/plugins/value/engine/abstractions.ml
@@ -53,21 +53,26 @@ type flag = Flag: 'v abstraction with_info -> flag
(* --- Config and registration ---------------------------------------------- *)
module Config = struct
- module Flag = struct
- type t = flag
+ module OptMode = Datatype.Option (Domain_mode)
+ module Element = struct
+ type t = flag * Domain_mode.t option
(* Flags are sorted by increasing priority order, and then by name. *)
- let compare (Flag f1) (Flag f2) =
+ let compare (Flag f1, mode1) (Flag f2, mode2) =
let c = Datatype.Int.compare f1.priority f2.priority in
- if c <> 0 then c else Datatype.String.compare f1.name f2.name
+ if c <> 0 then c else
+ let c = Datatype.String.compare f1.name f2.name in
+ if c <> 0 then c else
+ OptMode.compare mode1 mode2
end
- include Set.Make (Flag)
+ include Set.Make (Element)
- type dynamic = Dynamic: (unit -> 'v abstraction) with_info -> dynamic
+ let mem (Flag domain) =
+ exists (fun (Flag flag, _mode) -> flag.name = domain.name)
let abstractions = ref []
- let dynamic_abstractions : dynamic list ref = ref []
+ let dynamic_abstractions = ref []
let register ~name ~descr ?(experimental=false) ?(priority=0) abstraction =
let descr = if experimental then "Experimental. " ^ descr else descr in
@@ -76,28 +81,29 @@ module Config = struct
abstractions := flag :: !abstractions;
flag
- let dynamic_register ~name ~descr ?(experimental=false) ?(priority=0) make =
- let descr = if experimental then "Experimental. " ^ descr else descr in
+ let dynamic_register ~name ~descr make =
Value_parameters.register_domain ~name ~descr;
- let dynamic = Dynamic { name; experimental; priority; abstraction=make; } in
- dynamic_abstractions := dynamic :: !dynamic_abstractions
+ dynamic_abstractions := (name, make) :: !dynamic_abstractions
let configure () =
+ let add_main_mode mode =
+ let main, _ = Globals.entry_point () in
+ (main, Domain_mode.Mode.all) :: mode
+ in
+ let add config (name, make) =
+ let enabled = Value_parameters.Domains.mem name in
+ try
+ let mode = Value_parameters.DomainsFunction.find name in
+ let mode = if enabled then add_main_mode mode else mode in
+ add (make (), Some mode) config
+ with Not_found ->
+ if enabled then add (make (), None) config else config
+ in
let aux config (Flag domain as flag) =
- if Value_parameters.Domains.mem domain.name
- then add flag config
- else config
+ add config (domain.name, (fun () -> flag))
in
let config = List.fold_left aux empty !abstractions in
- let aux config (Dynamic { name; experimental; priority; abstraction; }) =
- if Value_parameters.Domains.mem name
- then
- let abstraction = abstraction () in
- let flag = Flag { name; experimental; priority; abstraction; } in
- add flag config
- else config
- in
- List.fold_left aux config !dynamic_abstractions
+ List.fold_left add config !dynamic_abstractions
(* --- Register default abstractions -------------------------------------- *)
@@ -171,7 +177,7 @@ module Config = struct
(* --- Default and legacy configurations ---------------------------------- *)
let default = configure ()
- let legacy = singleton cvalue
+ let legacy = singleton (cvalue, None)
end
let register = Config.register
@@ -221,17 +227,23 @@ module Internal_Value = struct
let structure = Node (Value.structure, Leaf (key, v))
end)
+ let void_value () =
+ Value_parameters.fatal
+ "Cannot register a value module from a Void structure."
+
let add_value_structure value internal =
let rec aux: type v. (module Internal) -> v structure -> (module Internal) =
fun value -> function
+ | Option (s, _) -> aux value s
| Leaf (key, v) -> add_value_leaf value (V (key, v))
| Node (s1, s2) -> aux (aux value s1) s2
| Unit -> value
+ | Void -> void_value ()
in
aux value internal
let build_values config initial_value =
- let build (Flag flag) acc =
+ let build (Flag flag, _) acc =
match flag.abstraction.values with
| Struct structure -> add_value_structure acc structure
| Single (module V) -> add_value_leaf acc (V (V.key, (module V)))
@@ -258,7 +270,9 @@ module Internal_Value = struct
| Node (s1, s2) ->
let set1 = set s1 and set2 = set s2 in
fun (v1, v2) value -> set1 v1 (set2 v2 value)
+ | Option (s, default) -> fun v -> set s (Extlib.opt_conv default v)
| Unit -> fun () value -> value
+ | Void -> void_value ()
in
set structure
@@ -270,7 +284,9 @@ module Internal_Value = struct
| Node (s1, s2) ->
let get1 = get s1 and get2 = get s2 in
fun v -> get1 v, get2 v
+ | Option (s, _) -> fun v -> Some (get s v)
| Unit -> fun _ -> ()
+ | Void -> void_value ()
in
get structure
@@ -297,7 +313,7 @@ let eq_value:
| Abstract.Value.Leaf (key, _) -> Abstract.Value.eq_type key V.key
| _ -> None
-let add_domain (type v) (abstraction: v abstraction) (module Acc: Acc) =
+let add_domain (type v) mode (abstraction: v abstraction) (module Acc: Acc) =
let domain : (module internal_domain with type value = Acc.Val.t) =
match abstraction.domain with
| Functor make ->
@@ -317,6 +333,19 @@ let add_domain (type v) (abstraction: v abstraction) (module Acc: Acc) =
let module Convert = Internal_Value.Convert (Acc.Val) (Struct) in
(module Domain_lift.Make (Domain) (Convert))
in
+ let domain : (module internal_domain with type value = Acc.Val.t) =
+ match mode with
+ | None -> domain
+ | Some kf_modes ->
+ let module Scope = struct let functions = kf_modes end in
+ let module Domain =
+ Domain_builder.Restrict
+ (Acc.Val)
+ ((val domain))
+ (Scope)
+ in
+ (module Domain)
+ in
let domain : (module internal_domain with type value = Acc.Val.t) =
match Abstract.Domain.(eq_structure Acc.Dom.structure Unit) with
| Some _ -> domain
@@ -337,9 +366,9 @@ let warn_experimental flag =
"The %s domain is experimental." flag.name)
let build_domain config abstract =
- let build (Flag flag) acc =
+ let build (Flag flag, mode) acc =
warn_experimental flag;
- add_domain flag.abstraction acc
+ add_domain mode flag.abstraction acc
in
(* Domains in the [config] are sorted by increasing priority: domains with
higher priority are added last: they will be at the top of the domains
diff --git a/src/plugins/value/engine/abstractions.mli b/src/plugins/value/engine/abstractions.mli
index 0156b516d8ad4b0e39cdad5baaa1986a5547e08b..8c98ee9b149502b409bf94985cf756d302a7b3e0 100644
--- a/src/plugins/value/engine/abstractions.mli
+++ b/src/plugins/value/engine/abstractions.mli
@@ -25,13 +25,14 @@
(** {2 Registration of abstractions.} *)
(** Dynamic registration of the abstractions to be used in an Eva analysis:
- - value abstractions, detailled in the {Abstract_value} signature;
- - location abstractions, detailled in the {Abstract_location} signature;
- - state abstractions, or abstract domains, detailled in {Abstract_domain}.
+ - value abstractions, detailed in the {Abstract_value} signature;
+ - location abstractions, detailed in the {Abstract_location} signature;
+ - state abstractions, or abstract domains, detailed in {Abstract_domain}.
*)
(** Module types of value abstractions: either a single leaf module, or
- a compound of several modules described by a structure. *)
+ a compound of several modules described by a structure. In this last case,
+ the structure must not contain the Void constructor. *)
type 'v value =
| Single of (module Abstract_value.Leaf with type t = 'v)
| Struct of 'v Abstract.Value.structure
@@ -93,8 +94,7 @@ val register:
the last argument when starting an analysis, if the -eva-domains option
has been set to [name]. See function {!register} for more details. *)
val dynamic_register:
- name:string -> descr:string -> ?experimental:bool -> ?priority:int ->
- (unit -> 'v abstraction) -> unit
+ name:string -> descr:string -> (unit -> flag) -> unit
(** Reduced product between two value abstractions, identified by their keys. *)
type ('a, 'b) value_reduced_product =
@@ -137,9 +137,14 @@ val register_hook: ((module S) -> (module S)) -> unit
(** {2 Configuration of an analysis.} *)
(** Configuration defining the abstractions to be used in an analysis.
- A configuration is a set of flags, i.e. a set of enabled abstractions. *)
+ A configuration is a set of flags, i.e. a set of abstract domains. Each flag
+ comes with an optional mode. None is the default mode: the given domain is
+ enabled for the whole analysis. See {!Domain_mode} for more details. *)
module Config : sig
- include Set.S with type elt = flag
+ include Set.S with type elt = flag * Domain_mode.t option
+
+ (** Returns true if the given flag is in the configuration. *)
+ val mem: flag -> t -> bool
(** Flags for the standard domains currently provided in Eva. *)
diff --git a/src/plugins/value/engine/analysis.ml b/src/plugins/value/engine/analysis.ml
index 757510704f68b66455b05f3259038503aba41372..06c72bf50993d410b025682e5ee4f2ab914a45a9 100644
--- a/src/plugins/value/engine/analysis.ml
+++ b/src/plugins/value/engine/analysis.ml
@@ -165,17 +165,8 @@ let force_compute () =
let module Analyzer = (val snd !ref_analyzer) in
Analyzer.compute_from_entry_point ~lib_entry kf
-let set_hook_on_parameter parameter =
- let open Typed_parameter in
- match parameter.accessor with
- | Bool (accessor, _) -> accessor.add_set_hook (fun _ _ -> reset_analyzer ())
- | Int (accessor, _) -> accessor.add_set_hook (fun _ _ -> reset_analyzer ())
- | String (accessor, _) -> accessor.add_set_hook (fun _ _ -> reset_analyzer ())
-
-(* Resets the Analyzer whenever an abstraction parameter or the current project
- is changed. This maintains the analyzer consistent with the Eva parameters. *)
+(* Resets the Analyzer when the current project is changed. *)
let () =
- List.iter set_hook_on_parameter Value_parameters.parameters_abstractions;
Project.register_after_set_current_hook
~user_only:true (fun _ -> reset_analyzer ());
Project.register_after_global_load_hook reset_analyzer
diff --git a/src/plugins/value/engine/evaluation.ml b/src/plugins/value/engine/evaluation.ml
index 43eb4404fe604f3061b01f4241b9ea65c0f87f37..d4d08981adf244d32f5bbd3fb4c3ddbd90740829 100644
--- a/src/plugins/value/engine/evaluation.ml
+++ b/src/plugins/value/engine/evaluation.ml
@@ -258,7 +258,7 @@ let indeterminate_copy lval result alarms =
let reductness = Unreduced in
let v, origin = match result with
| `Bottom -> `Bottom, None
- | `Value (v, origin) -> `Value v, Some origin
+ | `Value (v, origin) -> `Value v, origin
in
let value = { v; initialized; escaping } in
let record = { value; origin; reductness; val_alarms = alarms} in
@@ -477,6 +477,14 @@ module Make
| "non-finite" -> restrict_float ~assume_finite:true expr fk value
| _ -> assert false
+ let assume_pointer expr value =
+ if Kernel.InvalidPointer.get ()
+ then
+ let truth = Value.assume_pointer value in
+ let alarm () = Alarms.Invalid_pointer expr in
+ interpret_truth ~alarm value truth
+ else return value
+
let handle_overflow ~may_overflow expr typ value =
match Eval_typ.classify_as_scalar typ with
| Some (Eval_typ.TSInt range) ->
@@ -489,31 +497,33 @@ module Make
then fst (truncate_integer Alarms.Signed expr range value), Alarmset.none
else handle_integer_overflow expr range value
| Some (Eval_typ.TSFloat fk) -> remove_special_float expr fk value
- | Some (Eval_typ.TSPtr _)
+ | Some (Eval_typ.TSPtr _) -> assume_pointer expr value
| None -> return value
- (* Removes NaN and infinite floats from the value read from a lvalue. *)
- let remove_special_float_lvalue typ lval res =
+ (* Assumes that [res] is a valid result for the lvalue [lval] of type [typ].
+ Removes NaN and infinite floats and trap representations of bool values. *)
+ let assume_valid_value typ lval res =
match typ with
| TFloat (fkind, _) ->
res >>= fun (value, origin) ->
let expr = Value_util.lval_to_exp lval in
remove_special_float expr fkind value >>=: fun new_value ->
new_value, origin
- | _ -> res
-
- (* Removes invalid bool values from a lvalue. *)
- let assume_valid_bool typ lval res =
- if not (Kernel.InvalidBool.get ()) then res else
- match typ with
- | TInt (IBool, _) ->
+ | TInt (IBool, _) ->
+ if Kernel.InvalidBool.get () then
res >>= fun (value, origin) ->
let one = Abstract_value.Int Integer.one in
let truth = Value.assume_bounded Alarms.Upper_bound one value in
let alarm () = Alarms.Invalid_bool lval in
interpret_truth ~alarm value truth >>=: fun new_value ->
new_value, origin
- | _ -> res
+ else res
+ | TPtr _ ->
+ res >>= fun (value, origin) ->
+ let expr = Value_util.lval_to_exp lval in
+ assume_pointer expr value >>=: fun new_value ->
+ new_value, origin
+ | _ -> res
(* Reduce the rhs argument of a shift so that it fits inside [size] bits. *)
let reduce_shift_rhs typ expr value =
@@ -665,7 +675,7 @@ module Make
in
cast_integer Alarms.Signed_downcast expr ~src ~dst value
- let cast_int_to_int expr ~src ~dst value =
+ let cast_int_to_int expr ~ptr ~src ~dst value =
(* Regain some precision in case a transfer function was imprecise.
This should probably be done in the transfer function, though. *)
let value =
@@ -675,16 +685,19 @@ module Make
in
if Eval_typ.range_inclusion src dst
then return value (* Upcast, nothing to check. *)
- else if dst.i_signed then (* Signed downcast. *)
- if Kernel.SignedDowncast.get ()
- then cast_integer Alarms.Signed_downcast expr ~src ~dst value
- else if Value_parameters.WarnSignedConvertedDowncast.get ()
+ else
+ let overflow_kind, warn =
+ if ptr
+ then Alarms.Pointer_downcast, Kernel.PointerDowncast.get
+ else if dst.i_signed
+ then Alarms.Signed_downcast, Kernel.SignedDowncast.get
+ else Alarms.Unsigned_downcast, Kernel.UnsignedDowncast.get
+ in
+ if warn ()
+ then cast_integer overflow_kind expr ~src ~dst value
+ else if dst.i_signed && Value_parameters.WarnSignedConvertedDowncast.get ()
then relaxed_signed_downcast expr ~src ~dst value
else return (Value.rewrap_integer dst value)
- else (* Unsigned downcast. *)
- if Kernel.UnsignedDowncast.get ()
- then cast_integer Alarms.Unsigned_downcast expr ~src ~dst value
- else return (Value.rewrap_integer dst value)
(* Re-export type here *)
type scalar_typ = Eval_typ.scalar_typ =
@@ -728,15 +741,17 @@ module Make
| Some src_type, Some dst_type ->
let value, alarms =
match src_type, dst_type with
- | (TSInt src | TSPtr src), (TSInt dst | TSPtr dst) ->
- cast_int_to_int ~src ~dst expr value
+ | TSPtr src, TSInt dst ->
+ cast_int_to_int ~ptr:true ~src ~dst expr value
+ | TSInt src, (TSInt dst | TSPtr dst) ->
+ cast_int_to_int ~ptr:false ~src ~dst expr value
| TSFloat src, (TSInt dst | TSPtr dst) ->
restrict_float ~reduce:true ~assume_finite:true expr src value >>=
truncate_float src dst expr
| (TSInt _ | TSPtr _), TSFloat _ ->
(* Cannot overflow with 32 bits float. *)
- `Value value, Alarmset.none
- | TSFloat _, TSFloat _ -> `Value value, Alarmset.none
+ return value
+ | TSFloat _, TSFloat _ | TSPtr _, TSPtr _ -> return value
in
value >>- Value.forward_cast ~src_type ~dst_type, alarms
@@ -838,7 +853,6 @@ module Make
in
let reduction =
update_reduction reduction (Value.equal intern_value result)
- and origin = Some origin
and value = define_value result in
(* The proper alarms will be set in the record by forward_eval. *)
{value; origin; reductness; val_alarms = Alarmset.all},
@@ -869,8 +883,10 @@ module Make
| AddrOf v | StartOf v ->
lval_to_loc context ~for_writing:false ~reduction:false v
- >>=: fun (loc, _, _) ->
- Loc.to_value loc, Neither, false
+ >>= fun (loc, _, _) ->
+ let value = Loc.to_value loc in
+ let v = assume_pointer expr value in
+ compute_reduction v false
| UnOp (op, e, typ) ->
root_forward_eval context e >>= fun (v, volatile) ->
@@ -892,6 +908,7 @@ module Make
let v = forward_cast ~dst e value in
let v = match Cil.unrollType dst with
| TFloat (fkind, _) -> v >>= remove_special_float expr fkind
+ | TPtr _ -> v >>= assume_pointer expr
| _ -> v
in
compute_reduction v volatile
@@ -1063,11 +1080,9 @@ module Make
let record, alarms = indeterminate_copy lval v alarms in
`Value (record, Neither, volatile), alarms
else
- let v, alarms = remove_special_float_lvalue typ_lv lval (v, alarms) in
- let v, alarms = assume_valid_bool typ_lv lval (v, alarms) in
+ let v, alarms = assume_valid_value typ_lv lval (v, alarms) in
(v, alarms) >>=: fun (value, origin) ->
let value = define_value value
- and origin = Some origin
and reductness, reduction =
if Alarmset.is_empty alarms then Unreduced, Neither else Reduced, Forward
in
diff --git a/src/plugins/value/engine/mem_exec.ml b/src/plugins/value/engine/mem_exec.ml
index b70a4bc3d015ad01a4e5352643c3195b5d489c56..423bf04634fc106dc9b6031581b6467363fdd28c 100644
--- a/src/plugins/value/engine/mem_exec.ml
+++ b/src/plugins/value/engine/mem_exec.ml
@@ -156,8 +156,12 @@ module Make
| None -> ()
| Some inout ->
try
- let output_bases = bases inout.Inout_type.over_outputs_if_termination
- and input_bases = bases inout.Inout_type.over_inputs in
+ let output_bases = bases inout.Inout_type.over_outputs_if_termination in
+ let input_bases =
+ let input_bases = bases inout.Inout_type.over_inputs in
+ let logic_input_bases = bases inout.Inout_type.over_logic_inputs in
+ Base.Hptset.union input_bases logic_input_bases
+ in
(* There are two strategies to compute the 'inputs' for a memexec
function: either we take all inputs_bases+outputs_bases
(outputs_bases are important because of weak updates), or we
diff --git a/src/plugins/value/engine/transfer_specification.ml b/src/plugins/value/engine/transfer_specification.ml
index d84a01a562d01814e83e121f2c0deb60109e5a05..4521648ffbbe9efce1e5e6a20a06226aba7309fb 100644
--- a/src/plugins/value/engine/transfer_specification.ml
+++ b/src/plugins/value/engine/transfer_specification.ml
@@ -267,7 +267,7 @@ module Make
let env = make_env state in
let assigns_with_locations = evaluate_locations env retres_loc assigns in
let transfer state (logic_assign, location) =
- Domain.logic_assign logic_assign location ~pre state
+ Domain.logic_assign (Some (logic_assign, pre)) location state
in
List.fold_left transfer state assigns_with_locations
diff --git a/src/plugins/value/legacy/eval_terms.ml b/src/plugins/value/legacy/eval_terms.ml
index cb9450bce91d295514451eb251dd97f45eb31443..0be07bebce0b237b56a78dee1c2a3781e4f1ca6e 100644
--- a/src/plugins/value/legacy/eval_terms.ml
+++ b/src/plugins/value/legacy/eval_terms.ml
@@ -720,6 +720,16 @@ let known_logic_funs = [
"\\sign", ACSL;
"\\min", ACSL;
"\\max", ACSL;
+ "\\neg_float",ACSL;
+ "\\add_float",ACSL;
+ "\\sub_float",ACSL;
+ "\\mul_float",ACSL;
+ "\\div_float",ACSL;
+ "\\neg_double",ACSL;
+ "\\add_double",ACSL;
+ "\\sub_double",ACSL;
+ "\\mul_double",ACSL;
+ "\\div_double",ACSL;
]
let known_predicates = [
"\\warning", ACSL;
@@ -1354,11 +1364,13 @@ and eval_known_logic_function ~alarm_mode env li labels args =
eval_logic_charchr builtin
{ env with e_cur = lbl } s.eover c.eover s.ldeps c.ldeps
- | ("atan2" | "atan2f" | "fmod" | "fmodf" | "pow" | "powf"),
+ | ( "atan2" | "atan2f" | "fmod" | "fmodf" | "pow" | "powf"
+ | "\\add_float" | "\\sub_float" | "\\mul_float" | "\\div_float"
+ | "\\add_double" | "\\sub_double" | "\\mul_double" | "\\div_double" ),
_, _, [arg1; arg2] ->
eval_float_builtin_arity2 ~alarm_mode env lvi.lv_name arg1 arg2
- | ("sqrt" | "sqrtf"),_,_, [arg] ->
+ | ( "sqrt" | "sqrtf" | "\\neg_float" | "\\neg_double" ),_,_, [arg] ->
eval_float_builtin_arity1 ~alarm_mode env lvi.lv_name arg
| "\\sign", _, _, [arg] ->
@@ -1410,6 +1422,14 @@ and eval_float_builtin_arity2 ~alarm_mode env name arg1 arg2 =
| "fmodf" -> Fval.fmod Fval.Single
| "pow" -> Fval.pow Fval.Double
| "powf" -> Fval.pow Fval.Single
+ | "\\add_float" -> Fval.add Fval.Single
+ | "\\sub_float" -> Fval.sub Fval.Single
+ | "\\mul_float" -> Fval.mul Fval.Single
+ | "\\div_float" -> Fval.div Fval.Single
+ | "\\add_double" -> Fval.add Fval.Double
+ | "\\sub_double" -> Fval.sub Fval.Double
+ | "\\mul_double" -> Fval.mul Fval.Double
+ | "\\div_double" -> Fval.div Fval.Double
| _ -> assert false
in
let r1 = eval_term ~alarm_mode env arg1 in
@@ -1432,6 +1452,7 @@ and eval_float_builtin_arity1 ~alarm_mode env name arg =
let fcaml = match name with
| "sqrt" -> Fval.sqrt Fval.Double
| "sqrtf" -> Fval.sqrt Fval.Single
+ | "\\neg_float" | "\\neg_double" -> Fval.neg
| _ -> assert false
in
let r = eval_term ~alarm_mode env arg in
@@ -1513,12 +1534,6 @@ let eval_tlval_as_location ~alarm_mode env t =
let s = Eval_typ.sizeof_lval_typ r.etype in
make_loc r.eover s
-let eval_tlval_as_location_with_deps ~alarm_mode env t =
- let r = eval_term_as_lval ~alarm_mode env t in
- let s = Eval_typ.sizeof_lval_typ r.etype in
- (make_loc r.eover s, r.ldeps)
-
-
(* Return a pair of (under-approximating, over-approximating) zones. *)
let eval_tlval_as_zone_under_over ~alarm_mode access env t =
let r = eval_term_as_lval ~alarm_mode env t in
@@ -2143,6 +2158,8 @@ let rec reduce_by_predicate ~alarm_mode env positive p =
reduce_by_valid env positive Write tsets
| _,Pvalid_read (_label,tsets) ->
reduce_by_valid env positive Read tsets
+ | _,Pobject_pointer (_label, tsets) ->
+ reduce_by_valid env positive No_access tsets
| _,Pvalid_function _tsets -> env (* TODO *)
@@ -2291,9 +2308,17 @@ and eval_predicate env pred =
ignore (env_state env lbl);
do_eval { env with e_cur = lbl } p
- | Pvalid (_label, tsets) | Pvalid_read (_label, tsets) ->
+ | Pvalid (_, tsets)
+ | Pvalid_read (_, tsets)
+ | Pobject_pointer (_, tsets) ->
(* TODO: see same constructor in reduce_by_predicate *)
- let kind = match p.pred_content with Pvalid_read _ -> Read | _ -> Write in
+ let kind =
+ match p.pred_content with
+ | Pvalid_read _ -> Read
+ | Pvalid _ -> Write
+ | Pobject_pointer _ -> No_access
+ | _ -> assert false
+ in
let typ_pointed = Logic_typing.ctype_of_pointed tsets.term_type in
(* Check if we are trying to write in a const l-value *)
if kind = Write && Value_util.is_const_write_invalid typ_pointed
@@ -2556,11 +2581,19 @@ and eval_predicate env pred =
(* --- Dependencies of predicates --- *)
(* -------------------------------------------------------------------------- *)
-(* Currently unused (and untested *)
+let eval_tsets_deps ~alarm_mode env lbl tsets =
+ let star_tsets = deref_tsets tsets in
+ let r = eval_tlval ~alarm_mode env star_tsets in
+ let size_bits = Eval_typ.sizeof_lval_typ r.etype in
+ let loc = make_loc r.eover size_bits in
+ let zone = enumerate_valid_bits Locations.Read loc in
+ Logic_label.Map.add lbl zone r.ldeps
let predicate_deps env pred =
let alarm_mode = Ignore in
let rec do_eval env p =
+ let term_deps term = (eval_term ~alarm_mode env term).ldeps in
+ let tsets_deps lbl tsets = eval_tsets_deps ~alarm_mode env lbl tsets in
match p.pred_content with
| Ptrue | Pfalse -> empty_logic_deps
@@ -2569,32 +2602,28 @@ let predicate_deps env pred =
join_logic_deps (do_eval env p1) (do_eval env p2)
| Prel (_, t1, t2) ->
- join_logic_deps (eval_term ~alarm_mode env t1).ldeps
- (eval_term ~alarm_mode env t2).ldeps
+ join_logic_deps (term_deps t1) (term_deps t2)
| Pif (c, p1, p2) ->
- join_logic_deps (eval_term ~alarm_mode env c).ldeps
+ join_logic_deps (term_deps c)
(join_logic_deps (do_eval env p1) (do_eval env p2))
| Pat (p, lbl) ->
do_eval { env with e_cur = lbl } p
- | Pvalid (_, tsets) | Pvalid_read (_, tsets) | Pvalid_function tsets->
- (eval_term_as_lval ~alarm_mode env tsets).ldeps
+ | Pvalid (_, tsets) | Pvalid_read (_, tsets)
+ | Pobject_pointer (_, tsets) | Pvalid_function tsets ->
+ term_deps tsets
| Pinitialized (lbl, tsets) | Pdangling (lbl, tsets) ->
- let loc, deploc =
- eval_tlval_as_location_with_deps ~alarm_mode env tsets in
- let zone = enumerate_valid_bits Locations.Read loc in
- Logic_label.Map.add lbl zone deploc
+ tsets_deps lbl tsets
| Pnot p -> do_eval env p
| Pseparated ltsets ->
- let evaled = List.map (eval_term_as_lval ~alarm_mode env) ltsets in
List.fold_left
- (fun acc e -> join_logic_deps acc e.ldeps)
- empty_logic_deps evaled
+ (fun acc tsets -> join_logic_deps acc (tsets_deps lbl_here tsets))
+ empty_logic_deps ltsets
| Pexists (l, p) | Pforall (l, p) ->
let env = bind_logic_vars env l in
@@ -2605,20 +2634,22 @@ let predicate_deps env pred =
| Plet (_v, p) -> do_eval env p (* will this work when when we need [_v]
to evaluate [p] ?.. *)
- | Papp (li, _labels, _args) -> begin
+ | Papp (li, _labels, args) -> begin
if is_known_predicate li.l_var_info then
- assert false (* TODO! Must evaluate the arguments, plus the
- dependencies of the predicate itself. *)
+ List.fold_left
+ (fun acc arg -> join_logic_deps acc (term_deps arg))
+ empty_logic_deps args
else
match Inline.inline_predicate ~inline ~current:env.e_cur p with
- | None -> assert false
+ | None -> unsupported (Format.asprintf "%a" Predicate.pretty p)
| Some p' -> do_eval env p'
end
| Pfresh _ | Pallocable _ | Pfreeable _
- -> assert false
+ -> unsupported (Format.asprintf "%a" Predicate.pretty p)
in
- do_eval env pred
+ try Some (do_eval env pred)
+ with LogicEvalError _ -> None
(* -------------------------------------------------------------------------- *)
diff --git a/src/plugins/value/legacy/eval_terms.mli b/src/plugins/value/legacy/eval_terms.mli
index 548bba93436f5d2b01a9735872428d94da7bab11..4e61b9d1ad3a02b6725a61ad4f11cb49e8e58a70 100644
--- a/src/plugins/value/legacy/eval_terms.mli
+++ b/src/plugins/value/legacy/eval_terms.mli
@@ -110,7 +110,7 @@ val eval_tlval_as_zone :
val eval_predicate :
eval_env -> predicate -> predicate_status
-val predicate_deps: eval_env -> predicate -> logic_deps
+val predicate_deps: eval_env -> predicate -> logic_deps option
val reduce_by_predicate :
eval_env -> bool -> predicate -> eval_env
diff --git a/src/plugins/value/utils/structure.ml b/src/plugins/value/utils/structure.ml
index 1d221ef75907685c1077325fc0fccec131c40994..9722347d7d85b1bbd54e823b3f1a5ec5876c4c27 100644
--- a/src/plugins/value/utils/structure.ml
+++ b/src/plugins/value/utils/structure.ml
@@ -69,8 +69,10 @@ module type Shape = sig
type 'a structure =
| Unit : unit structure
+ | Void : 'a structure
| Leaf : 'a key * 'a data -> 'a structure
| Node : 'a structure * 'b structure -> ('a * 'b) structure
+ | Option : 'a structure * 'a -> 'a option structure
val eq_structure: 'a structure -> 'b structure -> ('a, 'b) eq option
end
@@ -81,8 +83,10 @@ module Shape (Key: Key) (Data: sig type 'a t end) = struct
type 'a structure =
| Unit : unit structure
+ | Void : 'a structure
| Leaf : 'a key * 'a data -> 'a structure
| Node : 'a structure * 'b structure -> ('a * 'b) structure
+ | Option : 'a structure * 'a -> 'a option structure
let rec eq_structure : type a b. a structure -> b structure -> (a, b) eq option
= fun a b ->
@@ -94,6 +98,12 @@ module Shape (Key: Key) (Data: sig type 'a t end) = struct
| Some Eq, Some Eq -> Some Eq
| _, _ -> None
end
+ | Option (s1, _), Option (s2, _) ->
+ begin
+ match eq_structure s1 s2 with
+ | Some Eq -> Some Eq
+ | None -> None
+ end
| Unit, Unit -> Some Eq
| _, _ -> None
end
@@ -130,8 +140,10 @@ module Open
let rec mem : type a. 'v Shape.key -> a structure -> bool = fun key -> function
| Unit -> false
+ | Void -> false
| Leaf (k, _) -> Shape.equal key k
| Node (left, right) -> mem key left || mem key right
+ | Option (s, _) -> mem key s
let mem key = mem key M.structure
@@ -144,11 +156,15 @@ module Open
let rec compute_getters : type a. a structure -> (a getter) KMap.t = function
| Unit -> KMap.empty
+ | Void -> KMap.empty
| Leaf (key, _) -> KMap.singleton key (Get (key, fun (t : a) -> t))
| Node (left, right) ->
let l = compute_getters left and r = compute_getters right in
let l = KMap.map (lift_get fst) l and r = KMap.map (lift_get snd) r in
KMap.union (fun _k a _b -> Some a) l r
+ | Option (s, default) ->
+ let l = compute_getters s in
+ KMap.map (lift_get (Extlib.opt_conv default)) l
let getters = compute_getters M.structure
let get (type a) (key: a Shape.key) : (M.t -> a) option =
@@ -167,12 +183,16 @@ module Open
let rec compute_setters : type a. a structure -> (a setter) KMap.t = function
| Unit -> KMap.empty
+ | Void -> KMap.empty
| Leaf (key, _) -> KMap.singleton key (Set (key, fun v _t -> v))
| Node (left, right) ->
let l = compute_setters left and r = compute_setters right in
let l = KMap.map (lift_set (fun set (l, r) -> set l, r)) l
and r = KMap.map (lift_set (fun set (l, r) -> l, set r)) r in
KMap.union (fun _k a _b -> Some a) l r
+ | Option (s, _) ->
+ let l = compute_setters s in
+ KMap.map (lift_set Extlib.opt_map) l
let setters = compute_setters M.structure
let set (type a) (key: a Shape.key) : (a -> M.t -> M.t) =
diff --git a/src/plugins/value/utils/structure.mli b/src/plugins/value/utils/structure.mli
index 51a5d26d183cad4c857788d2ff791c3246cc4cfd..96555303c0f1139131ae32877f80e65806b3583c 100644
--- a/src/plugins/value/utils/structure.mli
+++ b/src/plugins/value/utils/structure.mli
@@ -62,8 +62,10 @@ module type Shape = sig
Used internally to automatically generate efficient accessors of its nodes. *)
type 'a structure =
| Unit : unit structure
+ | Void : 'a structure
| Leaf : 'a key * 'a data -> 'a structure
| Node : 'a structure * 'b structure -> ('a * 'b) structure
+ | Option : 'a structure * 'a -> 'a option structure
val eq_structure: 'a structure -> 'b structure -> ('a, 'b) eq option
end
diff --git a/src/plugins/value/value_parameters.ml b/src/plugins/value/value_parameters.ml
index 70311f618f178f9f657a7a05ea338807f30a14d1..0677d81616ea2cf154b21d2f196cff39b916a58e 100644
--- a/src/plugins/value/value_parameters.ml
+++ b/src/plugins/value/value_parameters.ml
@@ -182,8 +182,9 @@ let domains_list () =
(fun fmt -> Format.pp_print_text fmt descr)
in
feedback ~level:0
- "List of available domains:@. %a@."
- (Pretty_utils.pp_list ~sep:"@," pp_dom) (List.rev !domains_ref);
+ "List of available domains:@,%a"
+ (Pretty_utils.pp_list ~pre:"@[<v>" ~sep:"@," ~suf:"@]" pp_dom)
+ (List.rev !domains_ref);
raise Cmdline.Exit
(* Registers a new domain. Updates the help message of -eva-domains. *)
@@ -193,12 +194,6 @@ let register_domain ~name ~descr =
Cmdline.replace_option_help
Domains.option_name "eva" domains (domains_help ())
-let enabled_domains () =
- let domains = Domains.get () in
- List.filter
- (fun (name, _) -> Datatype.String.Set.mem name domains)
- !domains_ref
-
(* Checks that a domain has been registered. *)
let check_domain domain =
if domain = "help" || domain = "list"
@@ -213,10 +208,40 @@ let () =
Domains.add_set_hook
(fun _old domains -> Datatype.String.Set.iter check_domain domains)
-(* Set of parameters defining the abstractions used in an Eva analysis. *)
-let parameters_abstractions =
- ref (Typed_parameter.Set.singleton Domains.parameter)
+let () = Parameter_customize.set_group domains
+module DomainsFunction =
+ Make_multiple_map
+ (struct
+ include Datatype.String
+ let of_string str = check_domain str; str
+ let of_singleton_string = no_element_of_string
+ let to_string str = str
+ end)
+ (struct
+ include Domain_mode.Function_Mode
+ let of_string ~key ~prev str =
+ try of_string ~key ~prev str
+ with Invalid_argument msg -> raise (Cannot_build msg)
+ end)
+ (struct
+ let option_name = "-eva-domains-function"
+ let help = "Enables a domain only for the given functions. \
+ <d:f+> enables the domain [d] from function [f] \
+ (the domain is enabled in all functions called from [f]). \
+ <d:f-> disables the domain [d] from function [f]."
+ let arg_name = "d:f"
+ let default = Datatype.String.Map.empty
+ let dependencies = []
+ end)
+let () = add_precision_dep DomainsFunction.parameter
+let enabled_domains () =
+ let domains = Domains.get () in
+ let domains_by_fct = DomainsFunction.get () in
+ List.filter
+ (fun (name, _) -> Datatype.String.Set.mem name domains
+ || Datatype.String.Map.mem name domains_by_fct)
+ !domains_ref
let () = Parameter_customize.set_group domains
module EqualityCall =
@@ -1525,8 +1550,6 @@ let parameters_correctness =
Typed_parameter.Set.elements !parameters_correctness
let parameters_tuning =
Typed_parameter.Set.elements !parameters_tuning
-let parameters_abstractions =
- Typed_parameter.Set.elements !parameters_abstractions
diff --git a/src/plugins/value/value_parameters.mli b/src/plugins/value/value_parameters.mli
index 8c338bbc48c349b742d7af40e1ae39b0e4a580b8..b31c526f8648c46fb06a6677000e518e45f4f94b 100644
--- a/src/plugins/value/value_parameters.mli
+++ b/src/plugins/value/value_parameters.mli
@@ -29,6 +29,9 @@ module OracleDepth: Parameter_sig.Int
module ReductionDepth: Parameter_sig.Int
module Domains: Parameter_sig.String_set
+module DomainsFunction: Parameter_sig.Multiple_map
+ with type key = string
+ and type value = Domain_mode.function_mode
module EqualityCall: Parameter_sig.String
module EqualityCallFunction:
@@ -160,7 +163,6 @@ val configure_precision: unit -> unit
val parameters_correctness: Typed_parameter.t list
val parameters_tuning: Typed_parameter.t list
-val parameters_abstractions: Typed_parameter.t list
(** Debug categories responsible for printing initial and final states of Value.
Enabled by default, but can be disabled via the command-line:
diff --git a/src/plugins/value/values/abstract_value.mli b/src/plugins/value/values/abstract_value.mli
index 378c06407ac8824f2683a91c507acd6eb9a59ded..bd42be08f83a7ba1e603712d610a01bfe4865297 100644
--- a/src/plugins/value/values/abstract_value.mli
+++ b/src/plugins/value/values/abstract_value.mli
@@ -92,6 +92,15 @@ module type S = sig
floating-point values. *)
val assume_not_nan: assume_finite:bool -> fkind -> t -> t truth
+ (** Assumes that the abstract value only represents well-formed pointer values:
+ pointers either to an element of an array object or one past the last
+ element of an array object. (A pointer to an object that is not an element
+ of an array is viewed as a pointer to the first element of an array of
+ length one with the type of the object as its element type.)
+ The NULL pointer is always a valid pointer value. Function pointers are
+ also considered as valid pointer values for now. *)
+ val assume_pointer: t -> t truth
+
(* [assume_comparable cmp v1 v2] assumes that the integer or pointer values
[v1] and [v2] are comparable for [cmp]. Integers are always comparable.
If one value is a pointer, then both values should be pointers, and:
diff --git a/src/plugins/value/values/cvalue_forward.ml b/src/plugins/value/values/cvalue_forward.ml
index ad45ab9ddb82a3401e4b49807eb891aefcc2e9c9..6822e5f5a5c0218144b3776f9d489431f8c63b9e 100644
--- a/src/plugins/value/values/cvalue_forward.ml
+++ b/src/plugins/value/values/cvalue_forward.ml
@@ -220,6 +220,35 @@ let assume_not_nan ~assume_finite fkind v =
let res = Bottom.non_bottom (backward_propagate kind res) in
`Unknown (V.inject_float res)
+let nearly_valid_bits = function
+ | Base.Empty
+ | Base.Invalid -> Integer.zero, Integer.zero
+ | Base.Known (min, max) | Base.Unknown (min, _, max) -> min, Integer.succ max
+ | Base.Variable variable -> Integer.zero, Integer.succ variable.Base.max_alloc
+
+let nearly_valid_offset base =
+ let min, max = nearly_valid_bits base in
+ let to_byte bound = Some (Integer.e_div bound (Bit_utils.sizeofchar ())) in
+ Ival.inject_range (to_byte min) (to_byte max)
+
+let assume_pointer loc =
+ let aux base ival (acc_v, acc_ok) =
+ let validity = Base.validity base in
+ let nearly_valid_ival = nearly_valid_offset validity in
+ let new_ival = Ival.narrow ival nearly_valid_ival in
+ let ival, ok =
+ if Base.is_null base && Ival.contains_zero ival
+ then Ival.(join zero new_ival), acc_ok && Ival.is_zero ival
+ else new_ival, acc_ok && Ival.equal ival new_ival
+ in
+ Locations.Location_Bytes.add base ival acc_v, ok
+ in
+ try
+ let loc, ok = Cvalue.V.(fold_topset_ok aux loc (bottom, true)) in
+ if Cvalue.V.is_bottom loc then `False
+ else if ok then `True else `Unknown loc
+ with Abstract_interp.Error_Top -> `Unknown loc
+
(* --------------------------------------------------------------------------
Integer overflow
-------------------------------------------------------------------------- *)
diff --git a/src/plugins/value/values/cvalue_forward.mli b/src/plugins/value/values/cvalue_forward.mli
index 77b587c28e4ab060e78f25b509f4c9147cd5ed78..07fb2ef75915314f21d06964eaecb79275586f9a 100644
--- a/src/plugins/value/values/cvalue_forward.mli
+++ b/src/plugins/value/values/cvalue_forward.mli
@@ -31,6 +31,7 @@ val are_comparable: Abstract_interp.Comp.t -> V.t -> V.t -> bool
val assume_non_zero: V.t -> V.t truth
val assume_bounded: bound_kind -> bound -> V.t -> V.t truth
val assume_not_nan: assume_finite:bool -> fkind -> V.t -> V.t truth
+val assume_pointer: V.t -> V.t truth
val assume_comparable: pointer_comparison -> V.t -> V.t -> (V.t * V.t) truth
val forward_binop_int: typ: typ -> V.t -> binop -> V.t -> V.t
diff --git a/src/plugins/value/values/main_values.ml b/src/plugins/value/values/main_values.ml
index ebd8d3b0989f20f0823c5a3f7d1d39ba2ee204b3..9218b0a03a3487a1a5db9ebe2458e0f0685c7c63 100644
--- a/src/plugins/value/values/main_values.ml
+++ b/src/plugins/value/values/main_values.ml
@@ -46,6 +46,7 @@ module CVal = struct
let assume_non_zero = Cvalue_forward.assume_non_zero
let assume_bounded = Cvalue_forward.assume_bounded
let assume_not_nan = Cvalue_forward.assume_not_nan
+ let assume_pointer = Cvalue_forward.assume_pointer
let assume_comparable = Cvalue_forward.assume_comparable
let constant exp = function
@@ -165,6 +166,7 @@ module Interval = struct
let assume_non_zero v = `Unknown v
let assume_bounded _ _ v = `Unknown v
let assume_not_nan ~assume_finite:_ _ v = `Unknown v
+ let assume_pointer v = `Unknown v
let assume_comparable _ v1 v2 = `Unknown (v1, v2)
let constant _ _ = top
diff --git a/src/plugins/value/values/numerors/numerors_value.ml b/src/plugins/value/values/numerors/numerors_value.ml
index da6a115444b5f7ae2e53d052a4e279a68ec1898d..443a2dd4434c76dadcaf3a6cf0f9b5131db5be81 100644
--- a/src/plugins/value/values/numerors/numerors_value.ml
+++ b/src/plugins/value/values/numerors/numerors_value.ml
@@ -312,6 +312,7 @@ let backward_binop ~input_type:_ ~resulting_type:_ op ~left ~right ~result =
let assume_non_zero v = `Unknown v
let assume_bounded _kind _bound v = `Unknown v
let assume_not_nan ~assume_finite:_ _fkind v = `Unknown v
+let assume_pointer v = `Unknown v
let assume_comparable _cmp v1 v2 = `Unknown (v1, v2)
let rewrap_integer _ _ = top
diff --git a/src/plugins/value/values/offsm_value.ml b/src/plugins/value/values/offsm_value.ml
index 672025219b711c59baca3137ee4f3f38190af6f1..d6d7995ae35610386a32b37fe3a7bf6b3c5c6740 100644
--- a/src/plugins/value/values/offsm_value.ml
+++ b/src/plugins/value/values/offsm_value.ml
@@ -423,6 +423,7 @@ module Offsm : Abstract_value.Leaf with type t = offsm_or_top = struct
let assume_non_zero v = `Unknown v
let assume_bounded _ _ v = `Unknown v
let assume_not_nan ~assume_finite:_ _ v = `Unknown v
+ let assume_pointer v = `Unknown v
let assume_comparable _ v1 v2 = `Unknown (v1, v2)
let constant e _c =
diff --git a/src/plugins/value/values/sign_value.ml b/src/plugins/value/values/sign_value.ml
index 58f961a324df016d91c2ad5360353f5fdcba03d3..74c45a2c26862947e8909f5d0997dbf695722b5a 100644
--- a/src/plugins/value/values/sign_value.ml
+++ b/src/plugins/value/values/sign_value.ml
@@ -120,6 +120,7 @@ let assume_non_zero v =
let assume_bounded _ _ v = `Unknown v
let assume_not_nan ~assume_finite:_ _ v = `Unknown v
+let assume_pointer v = `Unknown v
let assume_comparable _ v1 v2 = `Unknown (v1, v2)
(** {2 Forward transfer functions} *)
diff --git a/src/plugins/value/values/value_product.ml b/src/plugins/value/values/value_product.ml
index 5b612953614ba7ba8dfd9fbbeefe6462af8b8de3..99d6ff34751be79fb0497c2969ab6b8a4ecf1963 100644
--- a/src/plugins/value/values/value_product.ml
+++ b/src/plugins/value/values/value_product.ml
@@ -81,6 +81,11 @@ module Make
and right_truth = Right.assume_not_nan ~assume_finite fkind right in
narrow_truth (left, left_truth) (right, right_truth)
+ let assume_pointer (left, right) =
+ let left_truth = Left.assume_pointer left
+ and right_truth = Right.assume_pointer right in
+ narrow_truth (left, left_truth) (right, right_truth)
+
let assume_comparable op (l1, r1) (l2, r2) =
let left_truth = Left.assume_comparable op l1 l2
and right_truth = Right.assume_comparable op r1 r2 in
diff --git a/src/plugins/value_types/inout_type.ml b/src/plugins/value_types/inout_type.ml
index 164e6693fad1ea4fa7b1e493987021c5202167a5..3d51f3fc5e659bdea41eb99ddf39b3913ec06df5 100644
--- a/src/plugins/value_types/inout_type.ml
+++ b/src/plugins/value_types/inout_type.ml
@@ -23,6 +23,7 @@
type t = {
over_inputs: Locations.Zone.t;
over_inputs_if_termination: Locations.Zone.t;
+ over_logic_inputs: Locations.Zone.t;
under_outputs_if_termination: Locations.Zone.t;
over_outputs: Locations.Zone.t;
over_outputs_if_termination: Locations.Zone.t;
@@ -68,13 +69,14 @@ include
let structural_descr =
let z = Locations.Zone.packed_descr in
- Structural_descr.t_record [| z; z; z; z; z |]
+ Structural_descr.t_record [| z; z; z; z; z; z |]
let reprs =
List.map
(fun z ->
{ over_inputs_if_termination = z;
under_outputs_if_termination = z;
over_inputs = z;
+ over_logic_inputs = z;
over_outputs = z;
over_outputs_if_termination = z;
}) Locations.Zone.reprs
@@ -85,22 +87,35 @@ include
over_inputs = c;
over_outputs = d;
over_outputs_if_termination = e;
+ over_logic_inputs = f;
} =
- Zone.hash a + 17 * Zone.hash b + 587 * Zone.hash c + 1077 * Zone.hash d + 13119 * Zone.hash e
+ Zone.hash a +
+ 17 * Zone.hash b +
+ 587 * Zone.hash c +
+ 1077 * Zone.hash d +
+ 13119 * Zone.hash e +
+ 15823 * Zone.hash f
let equal
{ over_inputs_if_termination = a;
under_outputs_if_termination = b;
over_inputs = c;
over_outputs = d;
over_outputs_if_termination = e;
+ over_logic_inputs = f;
}
{ over_inputs_if_termination = a';
under_outputs_if_termination = b';
over_inputs = c';
over_outputs = d';
over_outputs_if_termination = e';
+ over_logic_inputs = f';
} =
- Zone.equal a a' && Zone.equal b b' && Zone.equal c c' && Zone.equal d d' && Zone.equal e e'
+ Zone.equal a a'
+ && Zone.equal b b'
+ && Zone.equal c c'
+ && Zone.equal d d'
+ && Zone.equal e e'
+ && Zone.equal f f'
let mem_project = Datatype.never_any_project
end)
: Datatype.S with type t := t)
@@ -109,6 +124,7 @@ let map f v = {
over_inputs_if_termination = f v.over_inputs_if_termination;
under_outputs_if_termination = f v.under_outputs_if_termination;
over_inputs = f v.over_inputs;
+ over_logic_inputs = f v.over_logic_inputs;
over_outputs = f v.over_outputs;
over_outputs_if_termination = f v.over_outputs_if_termination;
}
@@ -116,6 +132,7 @@ let map f v = {
let bottom = {
over_inputs = Zone.bottom;
over_inputs_if_termination = Zone.bottom;
+ over_logic_inputs = Zone.bottom;
under_outputs_if_termination = Zone.top;
over_outputs = Zone.bottom;
over_outputs_if_termination = Zone.bottom;
@@ -125,6 +142,7 @@ let join c1 c2 = {
over_inputs = Zone.join c1.over_inputs c2.over_inputs;
over_inputs_if_termination =
Zone.join c1.over_inputs_if_termination c2.over_inputs_if_termination;
+ over_logic_inputs = Zone.join c1.over_logic_inputs c2.over_logic_inputs;
over_outputs = Zone.join c1.over_outputs c2.over_outputs;
over_outputs_if_termination =
Zone.join c1.over_outputs_if_termination c2.over_outputs_if_termination;
diff --git a/src/plugins/value_types/inout_type.mli b/src/plugins/value_types/inout_type.mli
index e9c828607a109f362b45f18acd7be0cef34ba0c7..70cdd0134e692ec93f52d50d86f710c203f194b2 100644
--- a/src/plugins/value_types/inout_type.mli
+++ b/src/plugins/value_types/inout_type.mli
@@ -23,6 +23,7 @@
type t = {
over_inputs: Locations.Zone.t;
over_inputs_if_termination: Locations.Zone.t;
+ over_logic_inputs: Locations.Zone.t;
under_outputs_if_termination: Locations.Zone.t;
over_outputs: Locations.Zone.t;
over_outputs_if_termination: Locations.Zone.t;
diff --git a/src/plugins/variadic/tests/erroneous/oracle/printf.res.oracle b/src/plugins/variadic/tests/erroneous/oracle/printf.res.oracle
index ebb217fac029c7ecff4322210ffa55295ce48b7d..bf32832912efc4f3b07515090655826e888ce94c 100644
--- a/src/plugins/variadic/tests/erroneous/oracle/printf.res.oracle
+++ b/src/plugins/variadic/tests/erroneous/oracle/printf.res.oracle
@@ -12,7 +12,7 @@
Declaration of variadic function sprintf.
[variadic] FRAMAC_SHARE/libc/stdio.h:217:
Declaration of variadic function sscanf.
-[variadic] FRAMAC_SHARE/libc/stdio.h:521:
+[variadic] FRAMAC_SHARE/libc/stdio.h:538:
Declaration of variadic function dprintf.
[variadic] tests/erroneous/printf.c:8: Warning: Multiple usage of flag '-'.
[variadic] tests/erroneous/printf.c:8: Warning:
diff --git a/src/plugins/variadic/tests/known/oracle/printf.res.oracle b/src/plugins/variadic/tests/known/oracle/printf.res.oracle
index 83d6f21822edc4f5972f9e493f12f9c4aac08a1d..d7102dda0aa118a8915a12b3801847c657c4016e 100644
--- a/src/plugins/variadic/tests/known/oracle/printf.res.oracle
+++ b/src/plugins/variadic/tests/known/oracle/printf.res.oracle
@@ -24,7 +24,7 @@
Declaration of variadic function sprintf.
[variadic] FRAMAC_SHARE/libc/stdio.h:217:
Declaration of variadic function sscanf.
-[variadic] FRAMAC_SHARE/libc/stdio.h:521:
+[variadic] FRAMAC_SHARE/libc/stdio.h:538:
Declaration of variadic function dprintf.
[variadic] tests/known/printf.c:37:
Translating call to printf to a call to the specialized version printf_va_1.
@@ -164,6 +164,7 @@
#include "stdlib.h"
#include "string.h"
#include "strings.h"
+#include "sys/types.h"
#include "time.h"
#include "wchar.h"
/*@ requires valid_read_string(format);
diff --git a/src/plugins/variadic/tests/known/oracle/printf_garbled_mix.res.oracle b/src/plugins/variadic/tests/known/oracle/printf_garbled_mix.res.oracle
index ec9df06d3ed29feb21b4fef6d0321d049ac1d8aa..e75911730236bc2264e15e690bbe63de68d9e92b 100644
--- a/src/plugins/variadic/tests/known/oracle/printf_garbled_mix.res.oracle
+++ b/src/plugins/variadic/tests/known/oracle/printf_garbled_mix.res.oracle
@@ -12,7 +12,7 @@
Declaration of variadic function sprintf.
[variadic] FRAMAC_SHARE/libc/stdio.h:217:
Declaration of variadic function sscanf.
-[variadic] FRAMAC_SHARE/libc/stdio.h:521:
+[variadic] FRAMAC_SHARE/libc/stdio.h:538:
Declaration of variadic function dprintf.
[variadic] tests/known/printf_garbled_mix.c:8:
Variadic builtin Frama_C_show_each_nb_printed left untransformed.
@@ -25,6 +25,8 @@
Assigning imprecise value to b.
The imprecision originates from Arithmetic
{tests/known/printf_garbled_mix.c:6}
+[eva:alarm] tests/known/printf_garbled_mix.c:7: Warning:
+ pointer downcast. assert (unsigned int)b ≤ 2147483647;
[eva] using specification for function printf_va_1
[eva] tests/known/printf_garbled_mix.c:8:
Frama_C_show_each_nb_printed: [-2147483648..2147483647]
@@ -67,6 +69,7 @@ void main(void)
{
int a[2] = {1, 2};
int *b = (int *)((unsigned int)(a) * (unsigned int)2);
+ /*@ assert Eva: pointer_downcast: (unsigned int)b ≤ 2147483647; */
int nb_printed = printf_va_1("%d",(int)b);
Frama_C_show_each_nb_printed(nb_printed);
b = (int *)0;
diff --git a/src/plugins/variadic/tests/known/oracle/printf_wrong_arity.res.oracle b/src/plugins/variadic/tests/known/oracle/printf_wrong_arity.res.oracle
index f04220bcfaad7d57eea618f3fd406d3c3bf88e24..4ee27be46611b179b94c9eca126c0a3aed8a46e3 100644
--- a/src/plugins/variadic/tests/known/oracle/printf_wrong_arity.res.oracle
+++ b/src/plugins/variadic/tests/known/oracle/printf_wrong_arity.res.oracle
@@ -12,7 +12,7 @@
Declaration of variadic function sprintf.
[variadic] FRAMAC_SHARE/libc/stdio.h:217:
Declaration of variadic function sscanf.
-[variadic] FRAMAC_SHARE/libc/stdio.h:521:
+[variadic] FRAMAC_SHARE/libc/stdio.h:538:
Declaration of variadic function dprintf.
[variadic] tests/known/printf_wrong_arity.c:8:
Translating call to printf to a call to the specialized version printf_va_1.
@@ -44,6 +44,7 @@
#include "stdio.c"
#include "stdio.h"
#include "stdlib.h"
+#include "sys/types.h"
/*@ requires valid_read_string(format);
assigns \result, __fc_stdout->__fc_FILE_data;
assigns \result
diff --git a/src/plugins/variadic/tests/known/oracle/printf_wrong_pointers.res.oracle b/src/plugins/variadic/tests/known/oracle/printf_wrong_pointers.res.oracle
index 48af02448ee3c902d99e1bbda933bbb555bba0aa..2c72bbbab0497dc928525540fbe32d744e90c774 100644
--- a/src/plugins/variadic/tests/known/oracle/printf_wrong_pointers.res.oracle
+++ b/src/plugins/variadic/tests/known/oracle/printf_wrong_pointers.res.oracle
@@ -12,7 +12,7 @@
Declaration of variadic function sprintf.
[variadic] FRAMAC_SHARE/libc/stdio.h:217:
Declaration of variadic function sscanf.
-[variadic] FRAMAC_SHARE/libc/stdio.h:521:
+[variadic] FRAMAC_SHARE/libc/stdio.h:538:
Declaration of variadic function dprintf.
[variadic] tests/known/printf_wrong_pointers.c:14:
Translating call to printf to a call to the specialized version printf_va_1.
diff --git a/src/plugins/variadic/tests/known/oracle/printf_wrong_types.res.oracle b/src/plugins/variadic/tests/known/oracle/printf_wrong_types.res.oracle
index b720645e9345e20e4a5ecb05b2d3e6d7bd35b43f..5d41306e7d7770b2f2debc89711360675aa0bdc1 100644
--- a/src/plugins/variadic/tests/known/oracle/printf_wrong_types.res.oracle
+++ b/src/plugins/variadic/tests/known/oracle/printf_wrong_types.res.oracle
@@ -12,7 +12,7 @@
Declaration of variadic function sprintf.
[variadic] FRAMAC_SHARE/libc/stdio.h:217:
Declaration of variadic function sscanf.
-[variadic] FRAMAC_SHARE/libc/stdio.h:521:
+[variadic] FRAMAC_SHARE/libc/stdio.h:538:
Declaration of variadic function dprintf.
[variadic] tests/known/printf_wrong_types.c:18:
Translating call to printf to a call to the specialized version printf_va_1.
@@ -424,7 +424,7 @@ int main(void)
Declaration of variadic function sprintf.
[variadic] FRAMAC_SHARE/libc/stdio.h:217:
Declaration of variadic function sscanf.
-[variadic] FRAMAC_SHARE/libc/stdio.h:521:
+[variadic] FRAMAC_SHARE/libc/stdio.h:538:
Declaration of variadic function dprintf.
[variadic] tests/known/printf_wrong_types.c:18:
Translating call to printf to a call to the specialized version printf_va_1.
diff --git a/src/plugins/variadic/tests/known/oracle/scanf.res.oracle b/src/plugins/variadic/tests/known/oracle/scanf.res.oracle
index cd8ae9652f370cfb52d0d3cde3e03835ed894acf..bf4a9d81548e13066cc07874387d684d28e89997 100644
--- a/src/plugins/variadic/tests/known/oracle/scanf.res.oracle
+++ b/src/plugins/variadic/tests/known/oracle/scanf.res.oracle
@@ -12,7 +12,7 @@
Declaration of variadic function sprintf.
[variadic] FRAMAC_SHARE/libc/stdio.h:217:
Declaration of variadic function sscanf.
-[variadic] FRAMAC_SHARE/libc/stdio.h:521:
+[variadic] FRAMAC_SHARE/libc/stdio.h:538:
Declaration of variadic function dprintf.
[variadic] tests/known/scanf.c:7:
Translating call to scanf to a call to the specialized version scanf_va_1.
diff --git a/src/plugins/variadic/tests/known/oracle/scanf_loop.res.oracle b/src/plugins/variadic/tests/known/oracle/scanf_loop.res.oracle
index db959e60948ec7b6831aea0217bbe8f926e20e25..e563ba2f274de6ca32bf4384ba1c876d0d3fed51 100644
--- a/src/plugins/variadic/tests/known/oracle/scanf_loop.res.oracle
+++ b/src/plugins/variadic/tests/known/oracle/scanf_loop.res.oracle
@@ -12,7 +12,7 @@
Declaration of variadic function sprintf.
[variadic] FRAMAC_SHARE/libc/stdio.h:217:
Declaration of variadic function sscanf.
-[variadic] FRAMAC_SHARE/libc/stdio.h:521:
+[variadic] FRAMAC_SHARE/libc/stdio.h:538:
Declaration of variadic function dprintf.
[variadic] tests/known/scanf_loop.c:6:
Translating call to scanf to a call to the specialized version scanf_va_1.
diff --git a/src/plugins/variadic/tests/known/oracle/scanf_wrong.res.oracle b/src/plugins/variadic/tests/known/oracle/scanf_wrong.res.oracle
index b468aea8acafdcac55a9e2c8f2df1e0152df8ea3..704b3de7532cbbe3b74de18a9b261d8fb1990a4b 100644
--- a/src/plugins/variadic/tests/known/oracle/scanf_wrong.res.oracle
+++ b/src/plugins/variadic/tests/known/oracle/scanf_wrong.res.oracle
@@ -12,7 +12,7 @@
Declaration of variadic function sprintf.
[variadic] FRAMAC_SHARE/libc/stdio.h:217:
Declaration of variadic function sscanf.
-[variadic] FRAMAC_SHARE/libc/stdio.h:521:
+[variadic] FRAMAC_SHARE/libc/stdio.h:538:
Declaration of variadic function dprintf.
[variadic] tests/known/scanf_wrong.c:8:
Translating call to scanf to a call to the specialized version scanf_va_1.
diff --git a/src/plugins/variadic/tests/known/oracle/snprintf.res.oracle b/src/plugins/variadic/tests/known/oracle/snprintf.res.oracle
index 2b2dd3e7684dc91bc32669a14ae8cb0c8bfb8435..cecc5cc54317c70556a4191b957dfffa35b3ab2b 100644
--- a/src/plugins/variadic/tests/known/oracle/snprintf.res.oracle
+++ b/src/plugins/variadic/tests/known/oracle/snprintf.res.oracle
@@ -12,7 +12,7 @@
Declaration of variadic function sprintf.
[variadic] FRAMAC_SHARE/libc/stdio.h:217:
Declaration of variadic function sscanf.
-[variadic] FRAMAC_SHARE/libc/stdio.h:521:
+[variadic] FRAMAC_SHARE/libc/stdio.h:538:
Declaration of variadic function dprintf.
[variadic] tests/known/snprintf.c:12:
Translating call to snprintf to a call to the specialized version snprintf_va_1.
diff --git a/src/plugins/variadic/tests/known/oracle/stdio_print.res.oracle b/src/plugins/variadic/tests/known/oracle/stdio_print.res.oracle
index 0cacefc0330324049f21defc8287bd88133d15c7..cc3c40be6d63726412cc1680892eec9481895efa 100644
--- a/src/plugins/variadic/tests/known/oracle/stdio_print.res.oracle
+++ b/src/plugins/variadic/tests/known/oracle/stdio_print.res.oracle
@@ -12,7 +12,7 @@
Declaration of variadic function sprintf.
[variadic] FRAMAC_SHARE/libc/stdio.h:217:
Declaration of variadic function sscanf.
-[variadic] FRAMAC_SHARE/libc/stdio.h:521:
+[variadic] FRAMAC_SHARE/libc/stdio.h:538:
Declaration of variadic function dprintf.
[variadic] tests/known/stdio_print.c:9: Warning:
Call to function fprintf with non-static format argument:
diff --git a/src/plugins/variadic/tests/known/oracle/stdio_scan.res.oracle b/src/plugins/variadic/tests/known/oracle/stdio_scan.res.oracle
index 671f5bf3f3583974376171a38a07521abc4f5cca..f157c9d36bf492d0950438e324ebd2081d5bfa52 100644
--- a/src/plugins/variadic/tests/known/oracle/stdio_scan.res.oracle
+++ b/src/plugins/variadic/tests/known/oracle/stdio_scan.res.oracle
@@ -12,7 +12,7 @@
Declaration of variadic function sprintf.
[variadic] FRAMAC_SHARE/libc/stdio.h:217:
Declaration of variadic function sscanf.
-[variadic] FRAMAC_SHARE/libc/stdio.h:521:
+[variadic] FRAMAC_SHARE/libc/stdio.h:538:
Declaration of variadic function dprintf.
[variadic] tests/known/stdio_scan.c:10: Warning:
Call to function fscanf with non-static format argument:
diff --git a/src/plugins/variadic/tests/known/oracle/swprintf.res.oracle b/src/plugins/variadic/tests/known/oracle/swprintf.res.oracle
index 79025ff0d26ed6ef5e13f3c3ab32bf758d978cae..585983473b2a34fb414ff248ba31750429cd90cf 100644
--- a/src/plugins/variadic/tests/known/oracle/swprintf.res.oracle
+++ b/src/plugins/variadic/tests/known/oracle/swprintf.res.oracle
@@ -24,7 +24,7 @@
Declaration of variadic function sprintf.
[variadic] FRAMAC_SHARE/libc/stdio.h:217:
Declaration of variadic function sscanf.
-[variadic] FRAMAC_SHARE/libc/stdio.h:521:
+[variadic] FRAMAC_SHARE/libc/stdio.h:538:
Declaration of variadic function dprintf.
[variadic] tests/known/swprintf.c:12:
Translating call to swprintf to a call to the specialized version swprintf_va_1.
diff --git a/src/plugins/variadic/tests/known/oracle/wchar.res.oracle b/src/plugins/variadic/tests/known/oracle/wchar.res.oracle
index 0e93065e23f4b5b463c55d01b9ba31a7d3e0f759..b85bb1c1d0672bd3a723c7e2b659c56ed8f769c0 100644
--- a/src/plugins/variadic/tests/known/oracle/wchar.res.oracle
+++ b/src/plugins/variadic/tests/known/oracle/wchar.res.oracle
@@ -24,7 +24,7 @@
Declaration of variadic function sprintf.
[variadic] FRAMAC_SHARE/libc/stdio.h:217:
Declaration of variadic function sscanf.
-[variadic] FRAMAC_SHARE/libc/stdio.h:521:
+[variadic] FRAMAC_SHARE/libc/stdio.h:538:
Declaration of variadic function dprintf.
[variadic] tests/known/wchar.c:11:
Translating call to wprintf to a call to the specialized version wprintf_va_1.
diff --git a/src/plugins/wp/Cfloat.ml b/src/plugins/wp/Cfloat.ml
index 39c437ff77f71ad07bd77057f2652d8c9e10f289..64e1cfd7065d4bd0a9de71a2afe0eb99abc6de41 100644
--- a/src/plugins/wp/Cfloat.ml
+++ b/src/plugins/wp/Cfloat.ml
@@ -91,6 +91,7 @@ type op =
| NE
| NEG
| ADD
+ | SUB
| MUL
| DIV
| REAL
@@ -105,6 +106,7 @@ let op_name = function
| NE -> "ne"
| NEG -> "neg"
| ADD -> "add"
+ | SUB -> "sub"
| MUL -> "mul"
| DIV -> "div"
| REAL -> "of"
@@ -275,6 +277,7 @@ let compute_float op ulp xs =
match op , xs with
| NEG , [ x ] -> qmake ulp (Q.neg (exact x))
| ADD , [ x ; y ] -> qmake ulp (Q.add (exact x) (exact y))
+ | SUB , [ x ; y ] -> qmake ulp (Q.sub (exact x) (exact y))
| MUL , [ x ; y ] -> qmake ulp (Q.mul (exact x) (exact y))
| DIV , [ x ; y ] ->
let res = match Q.div (exact x) (exact y) with
@@ -293,6 +296,7 @@ let compute_real op xs =
match op , xs with
| NEG , [ x ] -> F.e_opp x
| ADD , [ x ; y ] -> F.e_add x y
+ | SUB , [ x ; y ] -> F.e_sub x y
| MUL , [ x ; y ] -> F.e_mul x y
| DIV , [ x ; y ] -> F.e_div x y
| (ROUND|REAL) , [ x ] -> x
@@ -350,36 +354,51 @@ let flt_le ft = Compute.get (Context.get model, ft, LE) |> fst
let flt_lt ft = Compute.get (Context.get model, ft, LT) |> fst
let flt_neg ft = Compute.get (Context.get model, ft, NEG) |> fst
let flt_add ft = Compute.get (Context.get model, ft, ADD) |> fst
+let flt_sub ft = Compute.get (Context.get model, ft, SUB) |> fst
let flt_mul ft = Compute.get (Context.get model, ft, MUL) |> fst
let flt_div ft = Compute.get (Context.get model, ft, DIV) |> fst
let flt_of_real ft = Compute.get (Context.get model, ft, ROUND) |> fst
let real_of_flt ft = Compute.get (Context.get model, ft, REAL) |> fst
-
(* -------------------------------------------------------------------------- *)
(* --- Builtins --- *)
(* -------------------------------------------------------------------------- *)
-let make_hack ?(converse=false) ft op xs =
+let builtin kind ft op xs =
let phi, impl = Compute.get ((Context.get model), ft, op) in
- let xs = (if converse then List.rev xs else xs) in
- try impl xs with Not_found -> F.e_fun ~result:Logic.Bool phi xs
-
-let register_builtin ft =
+ let xs = (if kind=`ReV then List.rev xs else xs) in
+ try impl xs with Not_found ->
+ let result = match kind with
+ | `Binop | `Unop -> ftau ft
+ | `Rel | `ReV -> Logic.Bool
+ in F.e_fun ~result phi xs
+
+let register_builtins ft =
begin
let suffix = float_name ft in
- LogicBuiltins.hack ("\\eq_" ^ suffix) (make_hack ft EQ) ;
- LogicBuiltins.hack ("\\ne_" ^ suffix) (make_hack ft NE) ;
- LogicBuiltins.hack ("\\lt_" ^ suffix) (make_hack ~converse:false ft LT) ;
- LogicBuiltins.hack ("\\gt_" ^ suffix) (make_hack ~converse:true ft LT) ;
- LogicBuiltins.hack ("\\le_" ^ suffix) (make_hack ~converse:false ft LE) ;
- LogicBuiltins.hack ("\\ge_" ^ suffix) (make_hack ~converse:true ft LE)
+ let register (prefix,kind,op) =
+ LogicBuiltins.hack
+ (Printf.sprintf "\\%s_%s" prefix suffix)
+ (builtin kind ft op)
+ in List.iter register [
+ "eq",`Rel,EQ ;
+ "ne",`Rel,NE ;
+ "lt",`Rel,LT ;
+ "gt",`ReV,LT ;
+ "le",`Rel,LE ;
+ "ge",`ReV,LE ;
+ "neg",`Unop,NEG ;
+ "add",`Binop,ADD ;
+ "sub",`Binop,SUB ;
+ "mul",`Binop,MUL ;
+ "div",`Binop,DIV ;
+ ] ;
end
let () = Context.register
begin fun () ->
- register_builtin Float32 ;
- register_builtin Float64 ;
+ register_builtins Float32 ;
+ register_builtins Float64 ;
end
(* -------------------------------------------------------------------------- *)
@@ -435,16 +454,14 @@ let fcmp rop fop f x y =
| Float -> p_call (fop f) [x;y]
let fadd = fbinop e_add flt_add
+let fsub = fbinop e_sub flt_sub
let fmul = fbinop e_mul flt_mul
let fdiv = fbinop e_div flt_div
-
let fopp f x =
match Context.get model with
| Real -> e_opp x
| Float -> e_fun ~result:(ftau f) (flt_neg f) [x]
-let fsub f x y = fadd f x (fopp f y)
-
let flt = fcmp p_lt flt_lt
let fle = fcmp p_leq flt_le
let feq = fcmp p_equal flt_eq
diff --git a/src/plugins/wp/Cfloat.mli b/src/plugins/wp/Cfloat.mli
index 344ddbc093e210b08c1b87114f4252cd21da307d..c685e9139ea638eadb6cf2a49ddc946c0033e8f1 100644
--- a/src/plugins/wp/Cfloat.mli
+++ b/src/plugins/wp/Cfloat.mli
@@ -50,6 +50,7 @@ type op =
| NE
| NEG
| ADD
+ | SUB
| MUL
| DIV
| REAL
diff --git a/src/plugins/wp/Changelog b/src/plugins/wp/Changelog
index cc5e3751d471203b02f5355def021fe551ad6d23..8e42d3b2e3f604b8871d8b11ebcd4961744b2af8 100644
--- a/src/plugins/wp/Changelog
+++ b/src/plugins/wp/Changelog
@@ -20,23 +20,33 @@
# <Prover>: prover
###############################################################################
-- WP [2020/02/21] Why3 prover version fallback
-- WP [2020/02/21] Why3 prover full-names use ':' instead of ','
--* WP [2020/02/20] Fixes handling of LoopCurrent in loop invariants
-- WP [2020/02/10] Specify cache mode with FRAMAC_WP_CACHE=<mode> (-wp-cache-env)
-- WP [2020/02/10] Update scripts with FRAMAC_WP_SCRIPT=update and -wp-prover script
-- WP [2020/02/10] Move frame conditions to Type section for better filtering
-- WP [2020/02/10] Extended frame conditions to pointers inside compound
-- WP [2020/02/10] Extended frame conditions with global C-types
-- WP [2019/17/04] Control splitting with -wp-max-split <n>
-- WP [2019/12/04] Added option -wp-run-all-provers
-- WP [2019/01/29] Emit a warning when no goal is generated
-- Wp [2019/06/04] Checks for inconsistent requires (-wp-smoke-tests)
-- TIP [2018/04/03] Create session directory only on demand
-- TIP [2018/03/19] Specification of JSON script format
-- Wp [2018/03/18] Additional lemma about remainder (mod)
-- TIP [2018/03/18] Refactor structure of session directory (remove models)
-- Wp [2018/02/18] Additional lemmas about logical shift compositions
+ - WP [2020/04/10] Full support for Why3 IEEE float library
+ - WP [2020/04/10] Removed option -wp-check
+ - WP [2020/04/09] Added smoke tests for dead call (-wp-smoke-dead-call)
+ - WP [2020/03/23] Added smoke tests for dead code (-wp-smoke-dead-code)
+ - WP [2020/03/23] Added smoke tests for dead loop (-wp-smoke-dead-loop)
+ - WP [2020/03/26] Added support for invalid-pointer predicate
+ - WP [2020/03/04] Fixed scope problem on block outgoing edge
+ - WP [2020/02/21] Why3 prover version fallback
+ - WP [2020/02/21] Why3 prover full-names use ':' instead of ','
+ - WP [2020/02/20] Fixes handling of LoopCurrent in loop invariants
+ - WP [2020/02/10] Specify cache mode with FRAMAC_WP_CACHE=<mode> (-wp-cache-env)
+ - WP [2020/02/10] Update scripts with FRAMAC_WP_SCRIPT=update and -wp-prover script
+ - WP [2020/02/10] Move frame conditions to Type section for better filtering
+ - WP [2020/02/10] Extended frame conditions to pointers inside compound
+ - WP [2020/02/10] Extended frame conditions with global C-types
+ - WP [2019/17/04] Control splitting with -wp-max-split <n>
+ - WP [2019/12/19] Fix drivers in different projects
+ - WP [2019/12/04] Added option -wp-run-all-provers
+ - WP [2019/06/04] Checks for inconsistent requires (-wp-smoke-tests)
+ - WP [2019/01/29] Emit a warning when no goal is generated
+ - WP [2018/04/17] Limit the number of splits (see -wp-max-split)
+ - TIP [2018/04/03] Create session directory only on demand
+ - TIP [2018/03/19] Specification of JSON script format
+ - WP [2018/03/18] Additional lemma about remainder (mod)
+ - TIP [2018/03/18] Refactor structure of session directory (remove models)
+ - TIP [2018/02/20] Extends bitwise tactics to dis-equalities
+ - WP [2018/02/18] Additional lemmas about logical shift compositions
##########################
Plugin WP 20.0 (Calcium)
diff --git a/src/plugins/wp/Cvalues.ml b/src/plugins/wp/Cvalues.ml
index 5440affcb5d31cf7d238311735a5f186f1839ed3..10fa328fa1b04733eab6a7ac6e678916d7d6f580 100644
--- a/src/plugins/wp/Cvalues.ml
+++ b/src/plugins/wp/Cvalues.ml
@@ -357,6 +357,11 @@ let plain lt e =
type 'a printer = Format.formatter -> 'a -> unit
+let pp_acs fmt = function
+ | RW -> Format.pp_print_string fmt "RW"
+ | RD -> Format.pp_print_string fmt "RD"
+ | OBJ -> Format.pp_print_string fmt "OBJ"
+
let pp_bound fmt = function None -> () | Some p -> F.pp_term fmt p
let pp_value pp fmt = function
diff --git a/src/plugins/wp/Cvalues.mli b/src/plugins/wp/Cvalues.mli
index 1393505ab5a48eb53a9b50d6c79d8310084bc914..f98a7923cb5d657b5d91845c2ba86787864ea5d2 100644
--- a/src/plugins/wp/Cvalues.mli
+++ b/src/plugins/wp/Cvalues.mli
@@ -35,6 +35,7 @@ val equation : Sigs.equation -> pred
type 'a printer = Format.formatter -> 'a -> unit
+val pp_acs : acs printer
val pp_bound : term option printer
val pp_value : 'a printer -> 'a value printer
val pp_logic : 'a printer -> 'a logic printer
diff --git a/src/plugins/wp/GuiList.ml b/src/plugins/wp/GuiList.ml
index 2187eebd8fb069c96669ee8221314ea47178297b..17d2f761fce3d0b0203071e2d2d0ba99fc66f515 100644
--- a/src/plugins/wp/GuiList.ml
+++ b/src/plugins/wp/GuiList.ml
@@ -52,7 +52,7 @@ let render_prover_result p =
let icn_running = icn_stock "gtk-execute" in
let open VCS in
let icon_of_verdict = function
- | Checked | NoResult -> icn_none
+ | NoResult -> icn_none
| Valid -> icn_valid
| Invalid -> icn_invalid
| Unknown -> icn_unknown
diff --git a/src/plugins/wp/GuiProver.ml b/src/plugins/wp/GuiProver.ml
index c74179056de2168a65eeb510ea8f241ef86fc42b..eec80f957002a65c8570297a0f659c8f5e52fac7 100644
--- a/src/plugins/wp/GuiProver.ml
+++ b/src/plugins/wp/GuiProver.ml
@@ -125,7 +125,7 @@ class prover ~(console:Wtext.text) ~prover =
self#set_status `EXECUTE ;
self#set_action ~tooltip:"Interrrupt Prover" ~icon:`STOP ~callback () ;
Pretty_utils.ksfprintf self#set_label "%a (...)" VCS.pp_prover prover ;
- | VCS.Valid | VCS.Checked ->
+ | VCS.Valid ->
let callback () = self#run wpo in
self#set_status ok_status ;
self#set_action ~tooltip:"Run Prover" ~icon:`MEDIA_PLAY ~callback () ;
diff --git a/src/plugins/wp/LogicSemantics.ml b/src/plugins/wp/LogicSemantics.ml
index d513d5172bab625d546e835a6ded6be9867d9cde..b15809c85bbac7dcbec5579d9e967a96fb5452de 100644
--- a/src/plugins/wp/LogicSemantics.ml
+++ b/src/plugins/wp/LogicSemantics.ml
@@ -871,6 +871,7 @@ struct
| Pvalid(label,t) -> valid env RW label t
| Pvalid_read(label,t) -> valid env RD label t
+ | Pobject_pointer(label,t) -> valid env OBJ label t
| Pvalid_function _t ->
Warning.error
@@ -1026,7 +1027,7 @@ struct
(* -------------------------------------------------------------------------- *)
let assigned_of_lval env ~unfold (lv : Cil_types.lval) =
- assignable_lval env ~unfold (Logic_utils.lval_to_term_lval ~cast:false lv)
+ assignable_lval env ~unfold (Logic_utils.lval_to_term_lval lv)
let assigned_of_froms env ~unfold froms =
List.concat
diff --git a/src/plugins/wp/Makefile.in b/src/plugins/wp/Makefile.in
index 3d55dac46a5898c30486d59caa3756a590d3cc82..0ac7d9c9d910cca77c76793fe9e7f92a3a165048 100644
--- a/src/plugins/wp/Makefile.in
+++ b/src/plugins/wp/Makefile.in
@@ -81,7 +81,7 @@ PLUGIN_CMO:= \
Sigma MemLoader \
MemEmpty MemZeroAlias MemVar \
MemMemory MemTyped MemRegion \
- wpStrategy wpRTE wpAnnot \
+ wpReached wpStrategy wpRTE wpAnnot \
CfgCompiler StmtSemantics \
VCS script proof wpo wpReport \
Footprint Tactical Strategy \
diff --git a/src/plugins/wp/MemMemory.ml b/src/plugins/wp/MemMemory.ml
index 4551f143c0d1e04e3bb6944ca7883337049cdd8c..8352296e1dfac1e7b5f8bf0e821acbff5bf57b71 100644
--- a/src/plugins/wp/MemMemory.ml
+++ b/src/plugins/wp/MemMemory.ml
@@ -62,6 +62,7 @@ let l_havoc = Qed.Engine.{
let p_valid_rd = Lang.extern_fp ~library "valid_rd"
let p_valid_rw = Lang.extern_fp ~library "valid_rw"
+let p_valid_obj = Lang.extern_fp ~library "valid_obj"
let p_invalid = Lang.extern_fp ~library "invalid"
let p_separated = Lang.extern_fp ~library "separated"
let p_included = Lang.extern_fp ~library "included"
diff --git a/src/plugins/wp/MemMemory.mli b/src/plugins/wp/MemMemory.mli
index 0a92156a9edb3a68b774a04df672bdff5c2b77b7..ab60842d69a102ba5ca86d660489622abbf81a30 100644
--- a/src/plugins/wp/MemMemory.mli
+++ b/src/plugins/wp/MemMemory.mli
@@ -62,6 +62,7 @@ val p_separated : lfun
val p_included : lfun
val p_valid_rd : lfun
val p_valid_rw : lfun
+val p_valid_obj : lfun
val p_invalid : lfun
val p_eqmem : lfun
diff --git a/src/plugins/wp/MemTyped.ml b/src/plugins/wp/MemTyped.ml
index 9dce8f268df56171aaa688768305b79ec2c69704..e1317a92d9400d83c597a36d0e216ab934cb86a1 100644
--- a/src/plugins/wp/MemTyped.ml
+++ b/src/plugins/wp/MemTyped.ml
@@ -954,7 +954,11 @@ let loc_diff obj p q =
(* -------------------------------------------------------------------------- *)
let s_valid sigma acs p n =
- let p_valid = match acs with RW -> p_valid_rw | RD -> p_valid_rd in
+ let p_valid = match acs with
+ | RW -> p_valid_rw
+ | RD -> p_valid_rd
+ | OBJ -> p_valid_obj
+ in
p_call p_valid [Sigma.value sigma T_alloc;p;n]
let s_invalid sigma p n =
diff --git a/src/plugins/wp/MemVar.ml b/src/plugins/wp/MemVar.ml
index ca7a5873b1da01aaf6304d7851029faf6cab04ab..fd09f824c2c909084efb61b68f5abcd6ab51956e 100644
--- a/src/plugins/wp/MemVar.ml
+++ b/src/plugins/wp/MemVar.ml
@@ -739,6 +739,9 @@ struct
let fits_inside cond a b n =
p_leq e_zero a :: p_lt b (e_int n) :: cond
+ let fits_off_by_one cond a b n =
+ p_leq e_zero a :: p_leq b (e_int n) :: cond
+
let stay_outside cond a b n =
p_lt b e_zero :: p_leq (e_int n) a :: cond
@@ -754,6 +757,13 @@ struct
| Some( _ , None ) -> unsized_array ()
| None -> raise ShiftMismatch
+ (* Append conditions for and array offset (te,k) to fits in obj *)
+ let array_check fitting cond te k obj =
+ match Ctypes.get_array obj with
+ | Some( e , Some n ) when Ctypes.equal e te -> fitting cond k k n
+ | Some( _ , None ) -> unsized_array ()
+ | _ -> block_check fitting cond (obj,1) (te,k,k)
+
(* Append conditions for [offset] to fits [object], provided [a<=b]. *)
let rec offset_fits cond obj offset =
match offset with
@@ -761,14 +771,8 @@ struct
| Field fd :: ofs ->
offset_fits cond (Ctypes.object_of fd.ftype) ofs
| Shift(te,k) :: ofs ->
- match Ctypes.get_array obj with
- | Some( e , Some n ) when Ctypes.equal e te ->
- let cond = p_leq e_zero k :: p_lt k (e_int n) :: cond in
- offset_fits cond e ofs
- | Some( _ , None ) -> unsized_array ()
- | _ ->
- let cond = block_check fits_inside cond (obj,1) (te,k,k) in
- offset_fits cond te ofs
+ let cond = array_check fits_inside cond te k obj in
+ offset_fits cond te ofs
(* Append conditions to [cond] for [range=(elt,a,b)], starting at [offset],
consisting of [a..b] elements with type [elt] to fits inside the block,
@@ -796,19 +800,39 @@ struct
(* --- Validity --- *)
(* -------------------------------------------------------------------------- *)
- let valid_offset obj ofs =
- F.p_conj (offset_fits [] obj ofs)
-
- let valid_range obj ofs range =
- F.p_conj (range_check fits_inside [] (obj,1) ofs range)
+ let rec last_field_shift acs obj ofs =
+ match acs , obj , ofs with
+ | OBJ , _ , [Shift(te,k)] -> Some(te,k,obj)
+ | OBJ , C_comp c , (Field fd :: ofs) ->
+ begin
+ match List.rev c.cfields with
+ | fd0::_ when Fieldinfo.equal fd fd0 ->
+ last_field_shift acs (Ctypes.object_of fd.ftype) ofs
+ | _ -> None
+ end
+ | _ -> None
+
+ let valid_offset acs obj ofs =
+ match last_field_shift acs obj ofs with
+ | Some(te,k,obj) ->
+ F.p_conj (array_check fits_off_by_one [] te k obj)
+ | None ->
+ F.p_conj (offset_fits [] obj ofs)
+
+ let valid_range acs obj ofs range =
+ match last_field_shift acs obj ofs with
+ | Some _ ->
+ F.p_conj (range_check fits_off_by_one [] (obj,1) ofs range)
+ | _ ->
+ F.p_conj (range_check fits_inside [] (obj,1) ofs range)
(* varinfo *)
let valid_base sigma acs mem x =
if x.vglob then
- if acs = RW && Cil.typeHasQualifier "const" x.vtype
- then p_false
- else p_true
+ match acs with
+ | RW -> if Cil.typeHasQualifier "const" x.vtype then p_false else p_true
+ | RD | OBJ -> p_true
else
match mem with
| CVAL | HEAP -> p_bool (ALLOC.value sigma.alloc x)
@@ -819,12 +843,12 @@ struct
let valid_offset_path sigma acs mem x ofs =
p_and
(valid_base sigma acs mem x)
- (valid_offset (vobject mem x) ofs)
+ (valid_offset acs (vobject mem x) ofs)
let valid_range_path sigma acs mem x ofs rg =
p_and
(valid_base sigma acs mem x)
- (valid_range (vobject mem x) ofs rg)
+ (valid_range acs (vobject mem x) ofs rg)
(* in-model validation *)
diff --git a/src/plugins/wp/ProofScript.ml b/src/plugins/wp/ProofScript.ml
index a7b3155076a91558a47d2f88fba993dedbfe003b..73c77b5b71d37ffa4fbb17639893672e2e17a7e6 100644
--- a/src/plugins/wp/ProofScript.ml
+++ b/src/plugins/wp/ProofScript.ml
@@ -316,7 +316,7 @@ let tactic_of_json js =
(* -------------------------------------------------------------------------- *)
let json_of_verdict = function
- | VCS.NoResult | VCS.Checked | VCS.Computing _ -> `String "none"
+ | VCS.NoResult | VCS.Computing _ -> `String "none"
| VCS.Valid -> `String "valid"
| VCS.Unknown -> `String "unknown"
| VCS.Timeout -> `String "timeout"
diff --git a/src/plugins/wp/ProofSession.ml b/src/plugins/wp/ProofSession.ml
index 9545120970c27c80baf0b83d1a3402b7aab98bae..05e69ee8fa429acacd8f148a514344fe93374df2 100644
--- a/src/plugins/wp/ProofSession.ml
+++ b/src/plugins/wp/ProofSession.ml
@@ -29,7 +29,8 @@ type script =
let files : (string,script) Hashtbl.t = Hashtbl.create 32
-let jsonfile = Printf.sprintf "%s/%s.json"
+let jsonfile (dir:Datatype.Filepath.t) =
+ Format.sprintf "%s/%s.json" (dir :> string)
let filename ~force wpo =
let dscript = Wp_parameters.get_session_dir ~force "script" in
diff --git a/src/plugins/wp/ProverCoq.ml b/src/plugins/wp/ProverCoq.ml
index 2313a5ba1117fd4cacfcbd59a0e10aa9ebf63f78..4e864a4579f58e4501e81622308ad3af028ebc9b 100644
--- a/src/plugins/wp/ProverCoq.ml
+++ b/src/plugins/wp/ProverCoq.ml
@@ -34,7 +34,7 @@ let dkey = Wp_parameters.register_category "prover"
let cluster_file c =
let dir = WpContext.directory () in
let base = cluster_id c in
- Printf.sprintf "%s/%s.v" dir base
+ Printf.sprintf "%s/%s.v" (dir :> string) base
(* -------------------------------------------------------------------------- *)
(* --- External Coq Libraries --- *)
@@ -314,8 +314,8 @@ and assemble_coqlib coqcc c =
begin
let tgtdir = Wp_parameters.get_output_dir "coqwp" in
let source = Printf.sprintf "%s/%s" c.c_source c.c_file in
- let target = Printf.sprintf "%s/%s" tgtdir c.c_file in
- let dir = Printf.sprintf "%s/%s" tgtdir c.c_path in
+ let target = Printf.sprintf "%s/%s" (tgtdir :> string) c.c_file in
+ let dir = Printf.sprintf "%s/%s" (tgtdir :> string) c.c_path in
if need_recompile ~source ~target then
begin
Wp_parameters.make_output_dir dir ;
@@ -333,7 +333,7 @@ let assemble_goal ~pid axioms prop =
let title = Pretty_utils.to_string WpPropId.pretty pid in
let model = WpContext.directory () in
let id = WpPropId.get_propid pid in
- let file = Printf.sprintf "%s/%s.coq" model id in
+ let file = Printf.sprintf "%s/%s.coq" (model :> string) id in
let goal = cluster ~id ~title () in
let deps = Command.print_file file
begin fun fmt ->
@@ -359,7 +359,7 @@ let assemble_goal ~pid axioms prop =
end in
let coqcc = { marked = Marked.empty ; includes = [] ; sources = [] } in
List.iter (assemble coqcc) deps ;
- let includes = (model , "") :: List.rev coqcc.includes in
+ let includes = ((model :> string) , "") :: List.rev coqcc.includes in
let sources = List.rev coqcc.sources in
includes , sources , file
@@ -435,10 +435,9 @@ class runcoq includes source =
self#timeout (coq_timeout ()) ;
Task.call
(fun () ->
- if not (Wp_parameters.Check.get ()) then
- let name = Filename.basename source in
- Wp_parameters.feedback ~ontty:`Transient
- "[Coq] Compiling '%s'." name) ()
+ let name = Filename.basename source in
+ Wp_parameters.feedback ~ontty:`Transient
+ "[Coq] Compiling '%s'." name) ()
>>= self#run ~logout ~logerr
>>= fun r ->
if r = 127 then Task.failed "Command '%s' not found" cmd
@@ -523,13 +522,6 @@ type coq_wpo = {
cw_includes : included list ; (* -R ... ... *)
}
-let make_check w =
- Command.print_file w.cw_script
- begin fun fmt ->
- Command.pp_from_file fmt w.cw_goal ;
- Format.fprintf fmt "Proof.@\nAdmitted.@\n@." ;
- end
-
let make_script w script closing =
Command.print_file w.cw_script
begin fun fmt ->
@@ -541,10 +533,6 @@ let try_script w script closing =
make_script w script closing ;
(new runcoq w.cw_includes w.cw_script)#check
-let check_script w =
- make_check w ;
- (new runcoq w.cw_includes w.cw_script)#check
-
let rec try_hints w = function
| [] -> Task.return false
| (kind,script,closing) :: hints ->
@@ -618,8 +606,6 @@ let prove_session ~mode w =
end
>>= Task.call (fun r -> if r then VCS.valid else VCS.unknown)
-exception Admitted_not_proved
-
let gen_session w =
begin
make_script w " ...\n" "Qed." ;
@@ -627,19 +613,9 @@ let gen_session w =
Task.return VCS.no_result
end
-let check_session w =
- compile_headers w.cw_includes false w.cw_headers >>=
- (fun () -> check_script w) >>> function
- | Task.Result true -> Task.return VCS.checked
- | Task.Failed e -> Task.raised e
- | Task.Canceled | Task.Timeout _ | Task.Result false ->
- Task.raised Admitted_not_proved
-
let prove_session ~mode w =
if Wp_parameters.Generate.get () then
gen_session w
- else if Wp_parameters.Check.get () then
- check_session w
else
prove_session ~mode w
diff --git a/src/plugins/wp/ProverErgo.ml b/src/plugins/wp/ProverErgo.ml
index 8aa0d51c86a9951765ec593afe0680df58c14916..e18c2ffc06e29089fe8f6f19333c1e323a57868b 100644
--- a/src/plugins/wp/ProverErgo.ml
+++ b/src/plugins/wp/ProverErgo.ml
@@ -72,7 +72,7 @@ let rec locate_error files file line =
let cluster_file c =
let dir = WpContext.directory () in
let base = cluster_id c in
- Printf.sprintf "%s/%s.ergo" dir base
+ Format.sprintf "%s/%s.ergo" (dir :> string) base
(* -------------------------------------------------------------------------- *)
(* --- Exporting Formulae to Alt-Ergo --- *)
@@ -165,7 +165,7 @@ class visitor fmt c =
let df = D_file f in
if not (List.mem df deps) then deps <- df :: deps
- method add_shared f = self#add_dfile ((Wp_parameters.Share.file ~error:true f) :> string)
+ method add_shared f = self#add_dfile ((Wp_parameters.Share.get_file ~mode:`Must_exist f) :> string)
method add_library f = self#add_dfile f
method on_cluster c = deps <- (D_cluster c) :: deps
@@ -396,37 +396,21 @@ class altergo ~config ~pid ~gui ~file ~lines ~logout ~logerr =
VCS.result
~time:(if gui then 0.0 else timer)
~steps verdict
- with
- | Not_found when Wp_parameters.Check.get () ->
- if r = 0 then VCS.checked
- else
- begin
- if Wp_parameters.verbose_atleast 1 then begin
- ProverTask.pp_file ~message:"Alt-Ergo (stdout)" ~file:logout ;
- ProverTask.pp_file ~message:"Alt-Ergo (stderr)" ~file:logerr ;
- end;
- VCS.failed "Alt-Ergo type-checking failed."
- end
- | Not_found ->
- begin
- if Wp_parameters.verbose_atleast 1 then begin
- ProverTask.pp_file ~message:"Alt-Ergo (stdout)" ~file:logout ;
- ProverTask.pp_file ~message:"Alt-Ergo (stderr)" ~file:logerr ;
- end;
- if r = 0 then VCS.failed "Unexpected Alt-Ergo output"
- else VCS.kfailed "Alt-Ergo exits with status [%d]." r
- end
+ with Not_found ->
+ begin
+ if Wp_parameters.verbose_atleast 1 then begin
+ ProverTask.pp_file ~message:"Alt-Ergo (stdout)" ~file:logout ;
+ ProverTask.pp_file ~message:"Alt-Ergo (stderr)" ~file:logerr ;
+ end;
+ if r = 0 then VCS.failed "Unexpected Alt-Ergo output"
+ else VCS.kfailed "Alt-Ergo exits with status [%d]." r
+ end
method prove =
files <- lines ;
if gui then ergo#set_command (Wp_parameters.AltGrErgo.get ()) ;
- if Wp_parameters.Check.get () then
- ergo#add ["-type-only"]
- else
- begin
- ergo#add_parameter ~name:"-proof" Wp_parameters.ProofTrace.get ;
- ergo#add_parameter ~name:"-model" Wp_parameters.ProofTrace.get ;
- end ;
+ ergo#add_parameter ~name:"-proof" Wp_parameters.ProofTrace.get ;
+ ergo#add_parameter ~name:"-model" Wp_parameters.ProofTrace.get ;
let flags = List.filter
(fun p -> p <> "qlet")
(Wp_parameters.AltErgoFlags.get ()) in
diff --git a/src/plugins/wp/ProverTask.ml b/src/plugins/wp/ProverTask.ml
index ff94ff83913efe8501a727709571dc8976991043..c1c45be5d62bba655bacdcc1b17665ad4c7ca5ad 100644
--- a/src/plugins/wp/ProverTask.ml
+++ b/src/plugins/wp/ProverTask.ml
@@ -28,7 +28,6 @@ open Task
let dkey_prover = Wp_parameters.register_category "prover"
-
(* -------------------------------------------------------------------------- *)
(* --- Export Printer --- *)
(* -------------------------------------------------------------------------- *)
@@ -315,7 +314,8 @@ let schedule task =
Task.spawn server (Task.thread task)
let silent _ = ()
-let spawn ?(monitor=silent) ?pool (jobs : ('a * bool Task.task) list) =
+let spawn ?(monitor=silent) ?pool ~all
+ (jobs : ('a * bool Task.task) list) =
if jobs <> [] then
begin
let step = ref 0 in
@@ -323,7 +323,7 @@ let spawn ?(monitor=silent) ?pool (jobs : ('a * bool Task.task) list) =
let canceled = ref false in
let callback a r =
if r then
- begin if not !canceled && not (Wp_parameters.RunAllProvers.get()) then
+ begin if not all && not !canceled then
begin
canceled := true ;
monitor (Some a) ;
diff --git a/src/plugins/wp/ProverTask.mli b/src/plugins/wp/ProverTask.mli
index a585b37e0d507af82f3fc5e76777a628efe023a3..4f0bc09934e924175358840fe95a8bc3cb697930 100644
--- a/src/plugins/wp/ProverTask.mli
+++ b/src/plugins/wp/ProverTask.mli
@@ -85,8 +85,10 @@ val schedule : 'a Task.task -> unit
val spawn :
?monitor:('a option -> unit) ->
?pool:Task.pool ->
+ all:bool ->
('a * bool Task.task) list -> unit
+
(** Spawn all the tasks over the server and retain the first 'validated' one.
The callback [monitor] is called with [Some] at first success, and [None]
- if none succeed.
- An option [pool] task can be passed to register the associated threads. *)
+ if none succeed. An option [pool] task can be passed to register
+ the associated threads. *)
diff --git a/src/plugins/wp/ProverWhy3.ml b/src/plugins/wp/ProverWhy3.ml
index bb567fd2468eadfa72deaf0bcbf30ec0810af4f0..343f4a4affd0f6039e445ee74960ec5c7f284c78 100644
--- a/src/plugins/wp/ProverWhy3.ml
+++ b/src/plugins/wp/ProverWhy3.ml
@@ -50,8 +50,8 @@ let get_why3_env = Env.memoize
let config = Why3Provers.config () in
let main = Why3.Whyconf.get_main config in
let ld =
- (WpContext.directory ())::
- ((Wp_parameters.Share.file "why3") :> string)::
+ (WpContext.directory () :> string)::
+ ((Wp_parameters.Share.get_dir ~mode:`Must_exist "why3") :> string)::
(Why3.Whyconf.loadpath main) in
Why3.Env.create_env ld
end
@@ -772,11 +772,11 @@ class visitor (ctx:context) c =
let copy_file source =
if not (Datatype.Filepath.equal
(Datatype.Filepath.of_string (Filename.dirname source))
- (Wp_parameters.Share.dir ()))
+ (Wp_parameters.Share.get_dir "."))
then
let tgtdir = WpContext.directory () in
let why3src = Filename.basename source in
- let target = Printf.sprintf "%s/%s" tgtdir why3src in
+ let target = Printf.sprintf "%s/%s" (tgtdir :> string) why3src in
Command.copy source target
in
let iter_file opt =
@@ -1224,6 +1224,7 @@ let mark_cache ~mode hash =
let cleanup_cache ~mode =
if mode = Cleanup && (!hits > 0 || !miss > 0) then
let dir = Wp_parameters.get_session_dir ~force:false "cache" in
+ let dir = (dir :> string) in
try
if Sys.file_exists dir && Sys.is_directory dir then
Array.iter
@@ -1324,7 +1325,7 @@ let steps_seized steps steplimit =
let promote ~timeout ~steplimit (res : VCS.result) =
match res.verdict with
- | VCS.NoResult | VCS.Computing _ | VCS.Checked -> VCS.no_result
+ | VCS.NoResult | VCS.Computing _ -> VCS.no_result
| VCS.Failed -> res
| VCS.Invalid | VCS.Valid | VCS.Unknown ->
if not (steps_fits res.prover_steps steplimit) then
@@ -1347,6 +1348,7 @@ let get_cache_result ~mode hash =
| NoCache | Rebuild -> VCS.no_result
| Update | Cleanup | Replay | Offline ->
let dir = Wp_parameters.get_session_dir ~force:false "cache" in
+ let dir = (dir :> string) in
if not (Sys.file_exists dir && Sys.is_directory dir) then
VCS.no_result
else
@@ -1368,11 +1370,11 @@ let set_cache_result ~mode hash prover result =
| Rebuild | Update | Cleanup ->
let dir = Wp_parameters.get_session_dir ~force:true "cache" in
let hash = Lazy.force hash in
- let file = Printf.sprintf "%s/%s.json" dir hash in
+ let file = Format.sprintf "%s/%s.json" (dir :> string) hash in
try
mark_cache ~mode hash ;
ProofScript.json_of_result (VCS.Why3 prover) result
- |> Json.save_file file
+ |> Json.save_file (file :> string)
with err ->
Wp_parameters.warning ~current:false ~once:true
"can not update cache (%s)" (Printexc.to_string err)
@@ -1390,9 +1392,6 @@ let build_proof_task ?timeout ?steplimit ~prover wpo () =
(* Always generate common task *)
let context = Wpo.get_context wpo in
let task = WpContext.on_context context task_of_wpo wpo in
- if Wp_parameters.Check.get ()
- then Task.return VCS.checked (* Why3 tasks are type-checked *)
- else
if Wp_parameters.Generate.get ()
then Task.return VCS.no_result (* Only generate *)
else
diff --git a/src/plugins/wp/RefUsage.ml b/src/plugins/wp/RefUsage.ml
index 1841ce516fbf2b39c668bc9b45845a86eadefe35..642686f82636b7213cdff0c9538c43e0c5696971 100644
--- a/src/plugins/wp/RefUsage.ml
+++ b/src/plugins/wp/RefUsage.ml
@@ -535,7 +535,8 @@ and pred (env:ctx) p : value = match p.pred_content with
(* No escape *)
| Pinitialized(_, t) | Pdangling(_,t)
| Pallocable(_, t) | Pfreeable(_, t)
- | Pvalid(_,t) | Pvalid_read (_,t) | Pvalid_function t ->
+ | Pvalid(_,t) | Pvalid_read (_,t)
+ | Pobject_pointer (_,t) | Pvalid_function t ->
unescape ((term env) t)
| Pseparated ts ->
E.fcup (fun t -> unescape ((term env) t)) ts
diff --git a/src/plugins/wp/RegionAccess.ml b/src/plugins/wp/RegionAccess.ml
index 642f9c3fd9ba218a4dfca7a1715bdb5f9b6c11a9..4f87b246b7ffffc2baf728bcb7136919ce7bf22b 100644
--- a/src/plugins/wp/RegionAccess.ml
+++ b/src/plugins/wp/RegionAccess.ml
@@ -369,7 +369,7 @@ and cc_pred (map:map) (p:predicate) =
| Pforall(_,p) | Pexists(_,p) -> cc_pred map p
| Pseparated ts -> List.iter (cc_term map) ts
- | Pvalid(_,t) | Pvalid_read(_,t) | Pvalid_function t
+ | Pvalid(_,t) | Pvalid_read(_,t) | Pobject_pointer(_,t) | Pvalid_function t
| Pinitialized(_,t) | Pdangling(_,t) | Pallocable(_,t)
| Pfreeable(_,t) -> cc_term map t
| Pfresh(_,_,ptr,n) -> cc_term map ptr ; cc_term map n
diff --git a/src/plugins/wp/RegionDump.ml b/src/plugins/wp/RegionDump.ml
index da852ab007a1f886e46839a23636fc07a0a282ac..0a476427ebd5dbb79d3f42eded70068ffe7fb203 100644
--- a/src/plugins/wp/RegionDump.ml
+++ b/src/plugins/wp/RegionDump.ml
@@ -261,10 +261,10 @@ let dotgraph dot map =
G.node_default dot node_default ;
G.edge_default dot edge_default ;
R.clear () ;
- R.push dot (dotregion dot map) ;
+ R.define dot (dotregion dot map) ;
Region.iter_vars map (dotvar dot) ;
Region.iter_strings map (dotstr dot) ;
- G.pop_all dot ;
+ G.run dot ;
if Wp.has_dkey rid_key then Region.iter map (dotrid dot) ;
Region.iter_names map (dotlabel dot) ;
if Region.has_return map then
@@ -276,14 +276,16 @@ let dotgraph dot map =
else
dotlabel dot "Fusion (Self)" r
) ;
- G.pop_all dot ;
+ G.run dot ;
end
let dump ~dir kf map =
if Wp.has_dkey dot_key || Wp.has_dkey pdf_key then
begin
let name = Kf.get_name kf in
- let file = Printf.sprintf "%s/%s.dot" dir name in
+ let file =
+ Format.asprintf "%a/%s.dot" Datatype.Filepath.pretty dir name
+ in
let dot = Dotgraph.open_dot ~attr:[`LR] ~name ~file () in
dotgraph dot map ;
Dotgraph.close dot ;
diff --git a/src/plugins/wp/RegionDump.mli b/src/plugins/wp/RegionDump.mli
index fc77043cb8df91d571c4bbd4818d0fb09d1620a7..d332b9cb40c10db3fd15d61ad8b05a2772c8412d 100644
--- a/src/plugins/wp/RegionDump.mli
+++ b/src/plugins/wp/RegionDump.mli
@@ -23,4 +23,4 @@
(* Dump region graphs to dir according to -wp options.
By default, does nothing. *)
-val dump : dir:string -> Kernel_function.t -> Region.map -> unit
+val dump : dir:Datatype.Filepath.t -> Kernel_function.t -> Region.map -> unit
diff --git a/src/plugins/wp/Sigs.ml b/src/plugins/wp/Sigs.ml
index c296519519c19dde92d3518973691fa2a7bf858c..72d1972ac59d46b817f11284ffa445c843d75af7 100644
--- a/src/plugins/wp/Sigs.ml
+++ b/src/plugins/wp/Sigs.ml
@@ -46,6 +46,7 @@ type equation =
type acs =
| RW (** Read-Write Access *)
| RD (** Read-Only Access *)
+ | OBJ (** Valid Object Pointer *)
(** Abstract location or concrete value *)
type 'a value =
diff --git a/src/plugins/wp/Splitter.ml b/src/plugins/wp/Splitter.ml
index fff59f0cda6e83c32bff69632c7ff751b9a1ec4d..b5930b40748cf9752bc470ee58ebb5c1eb70baf0 100644
--- a/src/plugins/wp/Splitter.ml
+++ b/src/plugins/wp/Splitter.ml
@@ -28,7 +28,6 @@ open Cil_types
open Cil_datatype
type tag =
- | MARK of stmt
| THEN of stmt
| ELSE of stmt
| CALL of stmt * kernel_function
@@ -37,7 +36,6 @@ type tag =
| ASSERT of identified_predicate * int * int (* part *)
let pretty fmt = function
- | MARK _ -> Format.fprintf fmt "Stmt"
| THEN _ -> Format.fprintf fmt "Then"
| ELSE _ -> Format.fprintf fmt "Else"
| CASE(_,[]) -> Format.fprintf fmt "Case(s)"
@@ -51,15 +49,12 @@ let pretty fmt = function
| ASSERT(_,k,n) -> Format.fprintf fmt "Disjunction (%d/%d)" k n
let loc = function
- | THEN s | ELSE s | MARK s | CASE(s,_) | CALL(s,_) | DEFAULT s -> Stmt.loc s
+ | THEN s | ELSE s | CASE(s,_) | CALL(s,_) | DEFAULT s -> Stmt.loc s
| ASSERT(p,_,_) -> p.ip_content.pred_loc
let compare p q =
if p == q then 0 else
match p,q with
- | MARK s , MARK t -> Stmt.compare s t
- | MARK _ , _ -> (-1)
- | _ , MARK _ -> 1
| THEN s , THEN t -> Stmt.compare s t
| THEN _ , _ -> (-1)
| _ , THEN _ -> 1
@@ -129,7 +124,6 @@ let switch_cases stmt ks = CASE(stmt,ks)
let switch_default stmt = DEFAULT stmt
let if_then stmt = THEN stmt
let if_else stmt = ELSE stmt
-let mark stmt = MARK stmt
let call stmt kf = CALL(stmt,kf)
(* -------------------------------------------------------------------------- *)
@@ -178,6 +172,7 @@ let group tag merge m =
let length = List.length
let empty = []
let singleton e = [[],e]
+let unmark merge m = [[] , merge (List.map snd m)]
let union merge m1 m2 = M.union (fun _ -> merge) m1 m2
let rec merge ~left ~both ~right m1 m2 =
diff --git a/src/plugins/wp/Splitter.mli b/src/plugins/wp/Splitter.mli
index 655230e3f58e7d266a88ebd8d198fc1aebe71534..6604b2fcd7dbcd087197fbe7c0ef0286be40c153 100644
--- a/src/plugins/wp/Splitter.mli
+++ b/src/plugins/wp/Splitter.mli
@@ -23,7 +23,6 @@
open Cil_types
type tag =
- | MARK of stmt
| THEN of stmt
| ELSE of stmt
| CALL of stmt * kernel_function
@@ -34,7 +33,6 @@ type tag =
val loc : tag -> location
val pretty : Format.formatter -> tag -> unit
-val mark : stmt -> tag
val if_then : stmt -> tag
val if_else : stmt -> tag
val switch_cases : stmt -> int64 list -> tag
@@ -56,6 +54,7 @@ val merge :
'a t -> 'b t -> 'c t
val merge_all : ('a list -> 'a) -> 'a t list -> 'a t
+val unmark : ('a list -> 'a) -> 'a t -> 'a t (** erase all tags *)
val length : 'a t -> int
diff --git a/src/plugins/wp/VCS.ml b/src/plugins/wp/VCS.ml
index fe94b79d5a03808c15a8e3972687be0c695026e5..e028e51a8f02bf49b2043cd3ab587a277b6745f4 100644
--- a/src/plugins/wp/VCS.ml
+++ b/src/plugins/wp/VCS.ml
@@ -194,7 +194,6 @@ type verdict =
| Timeout
| Stepout
| Computing of (unit -> unit) (* kill function *)
- | Checked
| Valid
| Failed
@@ -209,19 +208,18 @@ type result = {
}
let is_verdict r = match r.verdict with
- | Valid | Checked | Unknown | Invalid | Timeout | Stepout | Failed -> true
+ | Valid | Unknown | Invalid | Timeout | Stepout | Failed -> true
| NoResult | Computing _ -> false
let is_valid = function { verdict = Valid } -> true | _ -> false
let is_computing = function { verdict=Computing _ } -> true | _ -> false
-let verdict ~smoke r =
- if smoke then
- match r.verdict with
- | (Failed | NoResult | Checked | Computing _) as r -> r
- | Valid -> Invalid
- | Invalid | Unknown | Timeout | Stepout -> Valid
- else r.verdict
+let smoked = function
+ | (Failed | NoResult | Computing _) as r -> r
+ | Valid -> Invalid
+ | Invalid | Unknown | Timeout | Stepout -> Valid
+
+let verdict ~smoke r = if smoke then smoked r.verdict else r.verdict
let is_proved ~smoke r = (verdict ~smoke r = Valid)
@@ -276,7 +274,6 @@ let result ?(cached=false) ?(solver=0.0) ?(time=0.0) ?(steps=0) verdict =
let no_result = result NoResult
let valid = result Valid
-let checked = result Checked
let invalid = result Invalid
let unknown = result Unknown
let timeout t = result ~time:(float t) Timeout
@@ -317,7 +314,6 @@ let pp_res ~extended fmt r =
match r.verdict with
| NoResult -> Format.pp_print_string fmt (if extended then "No Result" else "-")
| Computing _ -> Format.pp_print_string fmt "Computing"
- | Checked -> Format.fprintf fmt "Typechecked"
| Invalid -> Format.pp_print_string fmt "Invalid"
| Valid when Wp_parameters.has_dkey dkey_success_only ->
Format.pp_print_string fmt "Valid"
@@ -340,7 +336,6 @@ let compare p q =
| Timeout | Stepout -> 3
| Valid -> 4
| Invalid -> 5
- | Checked -> 6
in
let r = rank q.verdict - rank p.verdict in
if r <> 0 then r else
diff --git a/src/plugins/wp/VCS.mli b/src/plugins/wp/VCS.mli
index dae1064fb0193d38be30c6ea79a6703160110a66..370fb5be0d5e5337704506f1c4d3730c12724e7f 100644
--- a/src/plugins/wp/VCS.mli
+++ b/src/plugins/wp/VCS.mli
@@ -80,7 +80,6 @@ type verdict =
| Timeout
| Stepout
| Computing of (unit -> unit) (* kill function *)
- | Checked
| Valid
| Failed
@@ -96,7 +95,6 @@ type result = {
val no_result : result
val valid : result
-val checked : result
val invalid : result
val unknown : result
val stepout : int -> result
@@ -114,6 +112,7 @@ val is_valid: result -> bool
val is_computing: result -> bool
val is_proved: smoke:bool -> result -> bool
+val smoked : verdict -> verdict
val verdict: smoke:bool -> result -> verdict
val configure : result -> config
diff --git a/src/plugins/wp/calculus.ml b/src/plugins/wp/calculus.ml
index 1ff49f9195b739542bc8dd696a200dcc43d16cba..b380551db5cb297379d100977a108ff8731e173a 100644
--- a/src/plugins/wp/calculus.ml
+++ b/src/plugins/wp/calculus.ml
@@ -420,6 +420,9 @@ module Cfg (W : Mcfg.S) = struct
| Some _ -> obj
| None -> assert false
+ let add_call_post wenv annots kf obj =
+ List.fold_left (add_goal wenv) obj (WpStrategy.get_call_post annots kf)
+
let wp_call_kf wenv cenv stmt lval kf args precond ~p_post ~p_exit =
let call_asgn = WpStrategy.get_call_asgn cenv.post_annots (Some kf) in
let assigns = match call_asgn with
@@ -428,6 +431,8 @@ module Cfg (W : Mcfg.S) = struct
| WpPropId.AssignsAny _ -> WritesAny
| WpPropId.NoAssignsInfo -> assert false (* see above *)
in
+ let p_post = add_call_post wenv cenv.post_annots kf p_post in
+ let p_exit = add_call_post wenv cenv.exit_annots kf p_exit in
let pre_hyp, pre_goals = WpStrategy.get_call_pre cenv.pre_annots kf in
let obj = W.call wenv stmt lval kf args
~pre:(pre_hyp)
@@ -494,8 +499,9 @@ module Cfg (W : Mcfg.S) = struct
| Mcfg.SC_Function_frame -> "function frame"
| Mcfg.SC_Function_out -> "function out" )
(Pretty_utils.pp_list ~sep:", " Printer.pp_varinfo) vars;
- W.scope wenv vars scope obj
-
+ match scope with
+ | Mcfg.(SC_Block_in | SC_Block_out) when vars = [] -> obj
+ | _ -> W.scope wenv vars scope obj
(** @return the WP stored for edge [e]. Compute it if it is not already
* there and store it. Also handle the Acut annotations. *)
@@ -564,13 +570,14 @@ module Cfg (W : Mcfg.S) = struct
| Cil2cfg.VblkIn (Cil2cfg.Bfct, b) ->
let obj = get_only_succ env cfg v in
let obj = wp_scope wenv b.blocals Mcfg.SC_Block_in obj in
- wp_scope wenv formals Mcfg.SC_Function_frame obj
- | Cil2cfg.VblkIn (_, b) ->
- let obj = get_only_succ env cfg v in
- wp_scope wenv b.blocals Mcfg.SC_Block_in obj
- | Cil2cfg.VblkOut (_, _b) ->
+ let obj = wp_scope wenv formals Mcfg.SC_Function_frame obj in
+ obj
+ | Cil2cfg.VblkOut (Cil2cfg.Bfct, b) ->
let obj = get_only_succ env cfg v in
- obj (* cf. blocks_closed_by_edge below *)
+ let obj = wp_scope wenv b.blocals Mcfg.SC_Block_out obj in
+ obj
+ | Cil2cfg.VblkOut _ | Cil2cfg.VblkIn _ ->
+ get_only_succ env cfg v
| Cil2cfg.Vstmt s ->
let obj = get_only_succ env cfg v in
wp_stmt wenv s obj
@@ -605,11 +612,10 @@ module Cfg (W : Mcfg.S) = struct
wp_scope wenv formals Mcfg.SC_Function_after_POST obj
*)
in
- let res =
- let blks = Cil2cfg.blocks_closed_by_edge cfg e in
- let free_locals res b = wp_scope wenv b.blocals Mcfg.SC_Block_out res in
- List.fold_left free_locals res blks
- in
+ let Cil2cfg.{ b_closed ; b_opened } = Cil2cfg.block_scope_for_edge cfg e in
+ let do_block sc res b = wp_scope wenv b.blocals sc res in
+ let res = List.fold_left (do_block Mcfg.SC_Block_in) res b_opened in
+ let res = List.fold_left (do_block Mcfg.SC_Block_out) res b_closed in
debug "[compute_edge] before %a done@." Cil2cfg.pp_node v;
Cil.CurrentLoc.set old_loc;
res
diff --git a/src/plugins/wp/cfgDump.ml b/src/plugins/wp/cfgDump.ml
index b09e210f1b63df1fe4b9aa8d7a18ba0cedd16a9b..90c0924ba5d8ce03e4f3a8febd9bfaad56e256bc 100644
--- a/src/plugins/wp/cfgDump.ml
+++ b/src/plugins/wp/cfgDump.ml
@@ -40,7 +40,7 @@ struct
| None -> Kernel_function.get_name kf
| Some bname -> Kernel_function.get_name kf ^ "_" ^ bname
in
- let file = Filename.concat (Wp_parameters.get_output ()) name in
+ let file = Filename.concat (Wp_parameters.get_output () :> string) name in
Wp_parameters.feedback "CFG %a -> %s@." Kernel_function.pretty kf name ;
let fout = open_out (file ^ ".dot") in
fc := Some (fout,file) ;
diff --git a/src/plugins/wp/cfgWP.ml b/src/plugins/wp/cfgWP.ml
index 6085b6bff43ab58269378549851b8fb24d3f704f..6108632979a7df27f72538793ef5881df0f49d37 100644
--- a/src/plugins/wp/cfgWP.ml
+++ b/src/plugins/wp/cfgWP.ml
@@ -76,6 +76,9 @@ struct
let equal g1 g2 = (compare g1 g2 = 0)
let prop_id = function Gprop p | Gposteffect p | Geffect(p,_,_) -> p
let source = function Gprop _ | Gposteffect _ -> None | Geffect(_,s,e) -> Some(s,e)
+ let is_smoke_test = function
+ | Gprop p -> WpPropId.is_smoke_test p
+ | Gposteffect _ | Geffect _ -> false
let pretty fmt = function
| Gprop p -> WpPropId.pretty fmt p
| Geffect(p,s,FromCode) -> Format.fprintf fmt "%a at sid:%d" WpPropId.pretty p s.sid
@@ -344,7 +347,13 @@ struct
let targets = List.fold_left
(fun goals vcs -> Gset.union goals (Gmap.domain vcs))
Gset.empty cases in
- let goal g vcs = try Gmap.find g vcs with Not_found -> Splitter.empty in
+ let goal g vcs =
+ try
+ let vcs = Gmap.find g vcs in
+ if TARGET.is_smoke_test g
+ then Splitter.unmark merge_vcs vcs
+ else vcs
+ with Not_found -> Splitter.empty in
Gset.mapping
(fun g -> Splitter.merge_all merge_vcs (List.map (goal g) cases))
targets
@@ -749,9 +758,9 @@ struct
let condition ~descr ?stmt ?warn pa h vc =
passify_vc pa (assume_vc ?stmt ?warn ~descr h vc)
- let mark m = function
+ let mark ?(smoke=false) m = function
| None -> Splitter.empty
- | Some s -> Splitter.group m merge_vcs s
+ | Some s -> if smoke then s else Splitter.group m merge_vcs s
let random () =
let v = Lang.freshvar ~basename:"cond" Logic.Bool in
@@ -781,12 +790,15 @@ struct
let vcs =
if dosplit then
let cneg = p_not cond in
- let vcs1 = gmap (condition pa1 ~stmt ~warn ~descr:"Then" [cond]) wp1.vcs in
- let vcs2 = gmap (condition pa2 ~stmt ~warn ~descr:"Else" [cneg]) wp2.vcs in
+ let vcs1 =
+ gmap (condition pa1 ~stmt ~warn ~descr:"Then" [cond]) wp1.vcs in
+ let vcs2 =
+ gmap (condition pa2 ~stmt ~warn ~descr:"Else" [cneg]) wp2.vcs in
Gmap.merge
- (fun _g w1 w2 ->
- let s1 = mark (Splitter.if_then stmt) w1 in
- let s2 = mark (Splitter.if_else stmt) w2 in
+ (fun g w1 w2 ->
+ let smoke = TARGET.is_smoke_test g in
+ let s1 = mark ~smoke (Splitter.if_then stmt) w1 in
+ let s2 = mark ~smoke (Splitter.if_else stmt) w2 in
Some (Splitter.union (merge_vc) s1 s2)
) vcs1 vcs2
else
@@ -1342,7 +1354,7 @@ struct
else
Bag.concat trivial_wpo provers_wpo
in
- WpAnnot.split
+ WpPropId.split_bag
begin fun po_pid wpo ->
let po_sid = WpPropId.get_propid po_pid in
let po_leg = WpPropId.get_legacy po_pid in
diff --git a/src/plugins/wp/cil2cfg.ml b/src/plugins/wp/cil2cfg.ml
index b995b8212a44f2290f514d3b0d74e75509ff11b7..0afef00829bce0f5af4c9d58aedf3ddf44de2861 100644
--- a/src/plugins/wp/cil2cfg.ml
+++ b/src/plugins/wp/cil2cfg.ml
@@ -626,36 +626,38 @@ let get_post_label cfg v =
| None -> None
| Some s -> Some (Clabels.stmt s)
-let blocks_closed_by_edge cfg e =
+type block_scope = { b_opened : block list ; b_closed : block list }
+
+let no_scope = { b_opened = [] ; b_closed = [] }
+
+let block_scope s s' =
+ try
+ {
+ b_opened = Kernel_function.blocks_opened_by_edge s s' ;
+ b_closed = Kernel_function.blocks_closed_by_edge s s' ;
+ }
+ with Not_found | Invalid_argument _ ->
+ debug "[blocks_closed_by_edge] not found sid:%d -> sid:%d@." s.sid s'.sid;
+ no_scope
+
+let block_scope_for_edge cfg e =
debug "[blocks_closed_by_edge] for %a...@." pp_edge e;
let v_before = edge_src e in
- let blocks = match node_type v_before with
- | Vstmt s | Vtest (true, s, _) | Vloop (_, s) | Vswitch (s,_) ->
- ignore (Ast.get ()); (* Since CIL Cfg computation is required and
- Ast.get () have to do this well. *)
- begin match s.succs with
- | [s'] -> (try Kernel_function.blocks_closed_by_edge s s'
- with Not_found as e -> debug "[blocks_closed_by_edge] not found sid:%d -> sid:%d@."
- s.sid s'.sid;
- raise e)
- | [] | _ :: _ ->
- let s' = get_edge_next_stmt cfg e in
- match s' with
- | None -> []
- | Some s' ->
- debug
- "[blocks_closed_by_edge] found sid:%d -> sid:%d@."
- s.sid s'.sid;
- try Kernel_function.blocks_closed_by_edge s s'
- with Invalid_argument _ -> []
- end
- | _ -> (* TODO ? *) []
- in
- let v_after = edge_dst e in
- let blocks = match node_type v_after with
- | VblkOut (Bfct, b) -> b::blocks
- | _ -> blocks
- in blocks
+ match node_type v_before with
+ | Vstmt s | Vtest (true, s, _) | Vloop (_, s) | Vswitch (s,_) ->
+ begin match s.succs with
+ | [s'] -> block_scope s s'
+ | [] | _ :: _ ->
+ let s' = get_edge_next_stmt cfg e in
+ match s' with
+ | None -> no_scope
+ | Some s' -> block_scope s s'
+ end
+ | VblkIn(Bstmt _,b) -> { b_opened=[b] ; b_closed=[] }
+ | Vcall _
+ | VblkIn _ | VblkOut _ | Vtest(false,_,_)
+ | VfctIn | VfctOut | Vstart | Vend | Vexit | Vloop2 _ ->
+ no_scope
let has_exit cfg =
try
diff --git a/src/plugins/wp/cil2cfg.mli b/src/plugins/wp/cil2cfg.mli
index f0c16fe47c0b8bc779d8a83e55ee3d080aa0c9b0..5df3e524af058178dea5bb714a87eb04ca8cf994 100644
--- a/src/plugins/wp/cil2cfg.mli
+++ b/src/plugins/wp/cil2cfg.mli
@@ -107,7 +107,9 @@ val get_switch_edges : t -> node -> (exp list * edge) list * edge
but gives the edge to VcallOut first and the edge to Vexit second. *)
val get_call_out_edges : t -> node -> edge * edge
-val blocks_closed_by_edge : t -> edge -> block list
+type block_scope = { b_opened : block list ; b_closed : block list }
+
+val block_scope_for_edge : t -> edge -> block_scope
val is_back_edge : edge -> bool
diff --git a/src/plugins/wp/doc/manual/wp_plugin.tex b/src/plugins/wp/doc/manual/wp_plugin.tex
index 1b78a494694c5dd6fe66d5752cb4510353c8cd74..403ea107b96337b5c46d3afccdb86b38b8d04426 100644
--- a/src/plugins/wp/doc/manual/wp_plugin.tex
+++ b/src/plugins/wp/doc/manual/wp_plugin.tex
@@ -916,27 +916,30 @@ weakest precondition calculus.
\subsection{Smoke Tests}
During modular deductive verification, inconsistencies in function requirements
-can be difficult to detect untill you actually call it.
+can be difficult to detect until you actually call it.
Although, such inconsistencies make its post-conditions provable, while its pre-conditions
would never be provable.
The \textsf{WP} plug-in can generate smoke-tests to detect such inconsistencies.
Basically, it consists in checking if \verb+\false+ is provable under the requirements
-or assumptions of a behavior, or under the invariants of a loop.
+or assumptions of a behaviour, or under the invariants of a loop. Also, a simple reachability
+analysis is performed to track dead-code statements and calls that neither terminates nor exits.
This is best-effort verification : if at least one prover succeed in proving \verb+\false+,
-an inconsistency is detected. Otherwized, the test is not conclusive, and you can never be sure
-that your annotations are free of inconsistencies.
+an inconsistency is detected. Otherwise, the test is not conclusive, and you can never be sure
+that the ACSL annotations are free of inconsistencies.
In case any smoke-test fails, a ``\textit{False if reachable}'' status is put on the
-inconsistent requirements, or on the loop with inconsistent invariants, and finally,
-\textsf{WP} generates a user error.
+inconsistent requirements, or on the loop with inconsistent invariants, and
+\textsf{WP} generates a user warning.
\begin{description}
-\item[\tt -wp-(no)-smoke-tests] generates checks to detect inconsistent
- annotations.
+\item[\tt -wp-(no)-smoke-tests] generates checks to detect inconsistencies.
\item[\tt -wp-(no)-smoke-timeout] timeout to be used for trying to prove \verb+\false+
on smoke-tests (default is \verb+2+ seconds).
+\item[\tt -wp-no-smoke-dead-code] exclude smoke tests for dead code.
+\item[\tt -wp-no-smoke-dead-loop] exclude smoke tests for inconsistent loop invariants.
+\item[\tt -wp-no-smoke-dead-call] exclude smoke tests for non-terminating calls.
\end{description}
When reporting prover results for smoke-tests, the \textsf{WP} displays
@@ -1078,7 +1081,7 @@ Suppose you have the following configuration:
\end{logs}
Then, to use (for instance) \textsf{CVC4 1.6},
-you can use \verb+-wp-prover cvc4+ or \verb+-wp-prover CVC4:1.6+
+you can use \verb+-wp-prover cvc4+ or \verb+-wp-prover CVC4:1.6+.
Similarly, if you want to use \textsf{Z3 4.6.0} without bitvectors, you can use \verb+-wp-prover z3-nobv+.
Finally, since \textsf{Why-3} also provides the alias
\verb+altergo+ for this prover, \verb+-wp-prover altergo+ will also run it \emph{via} \textsf{Why-3}.
diff --git a/src/plugins/wp/driver.mll b/src/plugins/wp/driver.mll
index d541988a96627f9bc479832c2b7ecf9422b6a758..06fc29c30ff8ddb988ac2bc9297ddab8563caa34 100644
--- a/src/plugins/wp/driver.mll
+++ b/src/plugins/wp/driver.mll
@@ -501,8 +501,8 @@ and bal = parse
let descr = String.concat "," drvs in
let includes =
let directories =
- try [(Wp_parameters.Share.dir ~error:false () :> string)]
- with Wp_parameters.Share.No_dir -> [] in
+ [(Wp_parameters.Share.get_dir ~mode:`Must_exist "." :> string)]
+ in
if Wp_parameters.has_dkey dkey then
Wp_parameters.debug ~dkey "Included directories:%t"
(fun fmt ->
@@ -519,8 +519,8 @@ and bal = parse
then Filepath.normalize file
else LogicBuiltins.find_lib file)
drivers in
- let default = Wp_parameters.Share.file ~error:true "wp.driver" in
- let feedback = Wp_parameters.Share.Dir_name.is_set () in
+ let default = Wp_parameters.Share.get_file ~mode:`Must_exist "wp.driver" in
+ let feedback = Wp_parameters.Share.is_set () in
let ontty = if feedback then `Message else `Transient in
load_file ~ontty (default :> string);
List.iter load_file drivers
diff --git a/src/plugins/wp/prover.ml b/src/plugins/wp/prover.ml
index 59e5e5497e988ef267c4b24d1047d6dac4ea5204..78092c65d91230a40272035b3714575a84da6e1a 100644
--- a/src/plugins/wp/prover.ml
+++ b/src/plugins/wp/prover.ml
@@ -97,27 +97,28 @@ let prove wpo ?config ?mode ?start ?progress ?result prover =
let spawn wpo ~delayed
?config ?start ?progress ?result ?success ?pool provers =
if provers<>[] then
- let do_monitor on_success wpo = function
- | None -> on_success wpo None
- | Some prover ->
- let r = Wpo.get_result wpo VCS.Qed in
- let prover =
- if VCS.( r.verdict == Valid ) then VCS.Qed else prover in
- on_success wpo (Some prover)
- in
let monitor = match success with
| None -> None
- | Some on_success -> Some (do_monitor on_success wpo)
- in
+ | Some on_success ->
+ Some
+ begin function
+ | None -> on_success wpo None
+ | Some prover ->
+ let r = Wpo.get_result wpo VCS.Qed in
+ let prover =
+ if VCS.( r.verdict == Valid ) then VCS.Qed else prover in
+ on_success wpo (Some prover)
+ end in
let process (mode,prover) =
prove wpo ?config ~mode ?start ?progress ?result prover in
- let canceled =
- match success with None -> None | Some f -> Some (fun _ -> f wpo None) in
- ProverTask.spawn ?monitor ?pool
- (List.map (fun mp -> snd mp ,
- if delayed then Task.later ?canceled process mp
- else process mp)
- provers)
+ let all = Wp_parameters.RunAllProvers.get() in
+ ProverTask.spawn ?monitor ?pool ~all
+ (List.map
+ (fun mp ->
+ let prover = snd mp in
+ let task = if delayed then Task.later process mp else process mp in
+ prover , task
+ ) provers)
else
let process = simplify ?start ?result wpo in
let thread = Task.thread process in
diff --git a/src/plugins/wp/register.ml b/src/plugins/wp/register.ml
index 509dbcb3e7b582fa822dc615dc4d4cf3802d41c0..b6c45ae76c0d113fd33ed5378b7a1e197ae4280c 100644
--- a/src/plugins/wp/register.ml
+++ b/src/plugins/wp/register.ml
@@ -351,7 +351,7 @@ let do_wpo_stat goal prover res =
let smoke = Wpo.is_smoke_test goal in
let verdict = VCS.verdict ~smoke res in
match verdict with
- | Checked | NoResult | Computing _ | Unknown ->
+ | NoResult | Computing _ | Unknown ->
s.unknown <- succ s.unknown
| Stepout | Timeout ->
s.interrupted <- succ s.interrupted
@@ -369,21 +369,17 @@ let do_wpo_stat goal prover res =
let do_wpo_result goal prover res =
if VCS.is_verdict res then
begin
- if Wp_parameters.Check.get () then
- begin
- let open VCS in
- let ontty = if res.verdict = Checked then `Feedback else `Message in
- Wp_parameters.feedback ~ontty
- "[%a] Goal %s : %a"
- VCS.pp_prover prover (Wpo.get_gid goal)
- VCS.pp_result res ;
- end ;
if prover = VCS.Qed then do_progress goal "Qed" ;
do_wpo_stat goal prover res ;
end
+let results g =
+ List.filter
+ (fun (_,r) -> VCS.is_verdict r)
+ (Wpo.get_results g)
+
let do_wpo_failed goal =
- match Wpo.get_results goal with
+ match results goal with
| [p,r] ->
Wp_parameters.result "[%a] Goal %s : %a%a"
VCS.pp_prover p (Wpo.get_gid goal)
@@ -399,45 +395,45 @@ let do_wpo_failed goal =
) pres ;
end
-let do_wpo_smoke goal =
- let results = Wpo.get_results goal in
- let verdicts = List.filter (fun (_,r) -> VCS.is_verdict r) results in
- let proved,unproved = List.partition (fun (_,r) -> VCS.is_valid r) verdicts in
- let pp_provers fmt = function
- | [] -> ()
- | (p,_)::prs ->
- VCS.pp_prover fmt p ;
- List.iter (fun (p,_) -> Format.fprintf fmt ", %a" VCS.pp_prover p) prs
- in
- if proved <> [] then
- let loc = Property.location (Wpo.get_target goal) in
- Wp_parameters.warning ~wkey:wkey_smoke ~source:(fst loc)
- "Smoke-test %s : Failed (%a)"
- (Wpo.get_gid goal) pp_provers proved
- else
- if unproved <> [] then
- Wp_parameters.feedback ~ontty:`Silent
- "Smoke-test %s : Passed (%a)"
- (Wpo.get_gid goal) pp_provers unproved
- else
- let loc = Property.location (Wpo.get_target goal) in
- Wp_parameters.warning ~source:(fst loc)
- "Smoke-test %s : Non-conclusive (no-result)"
- (Wpo.get_gid goal)
+let do_wpo_smoke status goal =
+ Wp_parameters.result "[%s] Smoke-test %s%t"
+ (match status with
+ | `Failed -> "Failed"
+ | `Passed -> "Passed"
+ | `Unknown -> "Partial")
+ (Wpo.get_gid goal)
+ begin fun fmt ->
+ pp_warnings fmt goal ;
+ List.iter
+ (fun (p,r) ->
+ Format.fprintf fmt "@\n%8s: @[<hv>%a@]"
+ (VCS.title_of_prover p)
+ VCS.pp_result r
+ ) (results goal) ;
+ end
let do_wpo_success goal s =
- if not (Wp_parameters.Check.get ()) then
- if Wp_parameters.Generate.get () then
- match s with
- | None -> ()
- | Some prover ->
+ if Wp_parameters.Generate.get () then
+ match s with
+ | None -> ()
+ | Some prover ->
+ Wp_parameters.feedback ~ontty:`Silent
+ "[%a] Goal %s : Valid" VCS.pp_prover prover (Wpo.get_gid goal)
+ else
+ if Wpo.is_smoke_test goal then
+ begin match s with
+ | None ->
Wp_parameters.feedback ~ontty:`Silent
- "[%a] Goal %s : Valid" VCS.pp_prover prover (Wpo.get_gid goal)
- else
- if Wpo.is_smoke_test goal then
- do_wpo_smoke goal
- else
- match s with
+ "[Passed] Smoke-test %s" (Wpo.get_gid goal)
+ | Some _ ->
+ let status,target = Wpo.get_proof goal in
+ do_wpo_smoke status goal ;
+ if status = `Failed then
+ let source = fst (Property.location target) in
+ Wp_parameters.warning ~source "Failed smoke-test"
+ end
+ else
+ begin match s with
| None -> do_wpo_failed goal
| Some (VCS.Tactical as script) ->
Wp_parameters.feedback ~ontty:`Silent
@@ -449,6 +445,7 @@ let do_wpo_success goal s =
"[%a] Goal %s : %a"
VCS.pp_prover prover (Wpo.get_gid goal)
VCS.pp_result result
+ end
let do_report_time fmt s =
begin
@@ -560,7 +557,7 @@ let spawn_wp_proofs_iter ~mode iter_on_goals =
if mode.tactical || mode.provers<>[] then
begin
let server = ProverTask.server () in
- ignore (Wp_parameters.Share.dir ()); (* To prevent further errors *)
+ ignore (Wp_parameters.Share.get_dir "."); (* To prevent further errors *)
iter_on_goals
(fun goal ->
if mode.tactical
diff --git a/src/plugins/wp/share/why3/frama_c_wp/cfloat.mlw b/src/plugins/wp/share/why3/frama_c_wp/cfloat.mlw
index aaedd4489efc3d61a0113eca8f6e2a3265efe616..3f1bc5eb1b79440418007e44bed89924f9feb01a 100644
--- a/src/plugins/wp/share/why3/frama_c_wp/cfloat.mlw
+++ b/src/plugins/wp/share/why3/frama_c_wp/cfloat.mlw
@@ -76,6 +76,19 @@ theory Cfloat
axiom to_f64_minus_infinity: forall x. x <. -. F64.max_real -> is_negative_infinite_f64 (to_f64 x)
axiom to_f64_plus_infinity: forall x. x >. F64.max_real -> is_positive_infinite_f64 (to_f64 x)
+ (* Note: This is OK as we have in Why3 ieee_float:
+
+ axiom Round_idempotent :
+ forall m1 m2:mode, x:real. round m1 (round m2 x) = round m2 x
+
+ So we can round RNE (to_f32/64 behavior) after any rounding.
+ *)
+ function round_float (m: Rounding.mode) (r: real) : f32 =
+ to_f32 (F32.round m r)
+
+ function round_double (m: Rounding.mode) (r: real) : f64 =
+ to_f64 (F64.round m r)
+
(* Take care of +0/-0 *)
axiom is_zero_to_f32_zero: F32.is_zero (to_f32 0.0)
axiom is_zero_to_f64_zero: F64.is_zero (to_f64 0.0)
@@ -132,10 +145,15 @@ theory Cfloat
function add_f32 (x:f32) (y:f32) : f32 = F32.(.+) x y
function add_f64 (x:f64) (y:f64) : f64 = F64.(.+) x y
+ (* Substraction *)
+
+ function sub_f32 (x:f32) (y:f32) : f32 = F32.(.-) x y
+ function sub_f64 (x:f64) (y:f64) : f64 = F64.(.-) x y
+
(* Multiplication *)
- function mul_f32 (x:f32) (y:f32) : f32 = F32.(.-) x y
- function mul_f64 (x:f64) (y:f64) : f64 = F64.(.-) x y
+ function mul_f32 (x:f32) (y:f32) : f32 = F32.(.*) x y
+ function mul_f64 (x:f64) (y:f64) : f64 = F64.(.*) x y
(* Division *)
diff --git a/src/plugins/wp/share/why3/frama_c_wp/memory.mlw b/src/plugins/wp/share/why3/frama_c_wp/memory.mlw
index 1dd6a2d7234f66e1da8e5ac9beddca71a342954b..912a953c52361b8f1fef5a3fcead37e0a9ceec3d 100644
--- a/src/plugins/wp/share/why3/frama_c_wp/memory.mlw
+++ b/src/plugins/wp/share/why3/frama_c_wp/memory.mlw
@@ -75,6 +75,10 @@ theory Memory
predicate valid_rd (m : map int int) (p:addr) (n:int) =
n > 0 -> ( 0 <> p.base /\ 0 <= p.offset /\ p.offset + n <= m[p.base] )
+ predicate valid_obj (m : map int int) (p:addr) (n:int) =
+ n > 0 -> ( p = null \/
+ ( 0 <> p.base /\ 0 <= p.offset /\ p.offset + n <= 1 + m[p.base] ))
+
predicate invalid (m : map int int) (p:addr) (n:int) =
n > 0 -> ( m[p.base] <= p.offset \/ p.offset + n <= 0 )
@@ -170,4 +174,4 @@ theory Memory
axiom addr_of_null :
int_of_addr null = 0
-end
\ No newline at end of file
+end
diff --git a/src/plugins/wp/share/wp.driver b/src/plugins/wp/share/wp.driver
index a45458db4a8e2e45fad08bb5e3f95c4aa16a51fd..2fb2f16fed142915eca73e2608c793101ca59cf3 100644
--- a/src/plugins/wp/share/wp.driver
+++ b/src/plugins/wp/share/wp.driver
@@ -96,12 +96,12 @@ coq.file += "coqwp:real/Abs.v";
coq.file += "coqwp/Cfloat.v";
why3.import += "frama_c_wp.cfloat.Cfloat";
altergo.file += "ergo/Cfloat.mlw";
-type "rounding_mode" = "rounding_mode";
-ctor "\\Up"() = "Up";
-ctor "\\Down"() = "Down";
-ctor "\\ToZero"() = "ToZero";
-ctor "\\NearestAway"() = "NearestTiesToAway";
-ctor "\\NearestEven"() = "NearestTiesToEven";
+type "rounding_mode" = "Rounding.mode";
+ctor "\\Up"() = "Rounding.RTP";
+ctor "\\Down"() = "Rounding.RTN";
+ctor "\\ToZero"() = "Rounding.RTZ";
+ctor "\\NearestAway"() = "Rounding.RNA";
+ctor "\\NearestEven"() = "Rounding.RNE";
predicate "\\is_finite"(float32) = "is_finite_f32";
predicate "\\is_finite"(float64) = "is_finite_f64";
predicate "\\is_NaN"(float32) = "is_NaN_f32";
@@ -112,8 +112,8 @@ predicate "\\is_plus_infinity"(float32) = "is_positive_infinite_f32";
predicate "\\is_plus_infinity"(float64) = "is_positive_infinite_f64";
predicate "\\is_minus_infinity"(float32) = "is_negative_infinite_f32";
predicate "\\is_minus_infinity"(float64) = "is_negative_infinite_f64";
-logic bool "\\round_float"(rounding_mode,real) = "round_float";
-logic bool "\\round_double"(rounding_mode,real) = "round_double";
+logic float32 "\\round_float"(rounding_mode,real) = "round_float";
+logic float64 "\\round_double"(rounding_mode,real) = "round_double";
library vset:
type set = "set";
diff --git a/src/plugins/wp/tests/wp/oracle_qualif/sharing.0.session/cache/08a266d8ed47524ea462446955f56846.json b/src/plugins/wp/tests/wp/oracle_qualif/sharing.0.session/cache/08a266d8ed47524ea462446955f56846.json
new file mode 100644
index 0000000000000000000000000000000000000000..d8b699812c7ed6fea1568f5c264f01ef3199ace0
--- /dev/null
+++ b/src/plugins/wp/tests/wp/oracle_qualif/sharing.0.session/cache/08a266d8ed47524ea462446955f56846.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.1839,
+ "steps": 35 }
diff --git a/src/plugins/wp/tests/wp_acsl/invalid_pointer.c b/src/plugins/wp/tests/wp_acsl/invalid_pointer.c
new file mode 100644
index 0000000000000000000000000000000000000000..14e08fdd4b9061d204f19f7699b5b58dea6492e8
--- /dev/null
+++ b/src/plugins/wp/tests/wp_acsl/invalid_pointer.c
@@ -0,0 +1,57 @@
+/* Tests for \object_pointer() */
+
+void memvar(void)
+{
+ int x;
+ //@check M1: !\object_pointer(&x-1);
+ //@check P0: \object_pointer(&x);
+ //@check P1: \object_pointer(&x+1);
+ //@check P2: !\object_pointer(&x+2);
+}
+
+void pointer(void)
+{
+ int x;
+ int *p = &x ;
+ *p = 1 ;
+ //@check M1: !\object_pointer(p-1);
+ //@check P0: \object_pointer(p);
+ //@check P1: \object_pointer(p+1);
+ //@check P2: !\object_pointer(p+2);
+ //@check NULL: \object_pointer(\null);
+}
+
+void array(void)
+{
+ int k;
+ int a[25];
+ int *q = &a[k];
+ //@check ARR: (0 <= k <= 25) <==> \object_pointer(q);
+}
+
+struct S {
+ int f ;
+ int g ;
+};
+
+struct A {
+ int m[10];
+};
+
+void compound(void)
+{
+ struct S u ;
+ //@check M1: !\object_pointer(&u-1);
+ //@check P0: \object_pointer(&u);
+ //@check P1: \object_pointer(&u+1);
+ //@check P2: !\object_pointer(&u+2);
+ struct S s ;
+ struct S *p = &s ;
+ //@check F: \object_pointer(&(p->f));
+ //@check G: \object_pointer(&(p->g));
+ //@check F2: \object_pointer(&(p->f)+2);
+ //@check G2: !\object_pointer(&(p->g)+2);
+ int k ;
+ struct A a ;
+ //@check AM: (0 <= k <= 10) <==> \object_pointer(&a.m[k]);
+}
diff --git a/src/plugins/wp/tests/wp_acsl/oracle/funvar_inv.1.res.oracle b/src/plugins/wp/tests/wp_acsl/oracle/funvar_inv.1.res.oracle
index 8fbdbbc6383ff32cb5d6e757bc80ad4f6130c45f..1e8b67744c38ef7bd61f9b0ed242afdea349b035 100644
--- a/src/plugins/wp/tests/wp_acsl/oracle/funvar_inv.1.res.oracle
+++ b/src/plugins/wp/tests/wp_acsl/oracle/funvar_inv.1.res.oracle
@@ -8,24 +8,24 @@
------------------------------------------------------------
Goal Post-condition 'P_startof' in 'f':
-Let a = global(G_G_18).
+Let a = global(G_G_20).
Let a_1 = shift_sint32(a, 0).
Assume {
Type: is_sint32(v) /\ is_sint32(Mint_0[shift_sint32(a, 1)]).
(* Goal *)
When: Mint_0[a_1] = 0.
(* Initializer *)
- Init: Mint_0[global(L_i_25)] = 0.
+ Init: Mint_0[global(L_i_27)] = 0.
If v <= 3
Then { (* Else *) Have: Mint_0[f] = 0. Have: shift_sint32(a, v) = f. }
- Else { Have: global(L_i_25) = f. }
+ Else { Have: global(L_i_27) = f. }
}
Prove: a_1 = f.
------------------------------------------------------------
Goal Post-condition 'P_addr' in 'f':
-Let a = global(G_G_18).
+Let a = global(G_G_20).
Let x = Mint_0[shift_sint32(a, 0)].
Let a_1 = shift_sint32(a, 1).
Assume {
@@ -33,10 +33,10 @@ Assume {
(* Goal *)
When: (x != 0) /\ (Mint_0[a_1] = 0).
(* Initializer *)
- Init: Mint_0[global(L_i_25)] = 0.
+ Init: Mint_0[global(L_i_27)] = 0.
If v <= 3
Then { (* Else *) Have: Mint_0[f] = 0. Have: shift_sint32(a, v) = f. }
- Else { Have: global(L_i_25) = f. }
+ Else { Have: global(L_i_27) = f. }
}
Prove: a_1 = f.
@@ -51,25 +51,25 @@ Prove: true.
------------------------------------------------------------
Goal Post-condition 'P_startof_shift' in 'f2':
-Let a = global(G_G_18).
+Let a = global(G_G_20).
Let a_1 = shift_sint32(a, 0).
Assume {
Type: is_sint32(v) /\ is_sint32(Mint_0[shift_sint32(a, 1)]).
(* Goal *)
When: Mint_0[a_1] = 0.
(* Initializer *)
- Init: Mint_0[global(L_i_30)] = 0.
+ Init: Mint_0[global(L_i_32)] = 0.
If v <= 3
Then { (* Else *) Have: Mint_0[f2_0] = 0. Have: shift_sint32(a, v) = f2_0.
}
- Else { Have: global(L_i_30) = f2_0. }
+ Else { Have: global(L_i_32) = f2_0. }
}
Prove: a_1 = f2_0.
------------------------------------------------------------
Goal Post-condition 'P_addr_shift' in 'f2':
-Let a = global(G_G_18).
+Let a = global(G_G_20).
Let x = Mint_0[shift_sint32(a, 0)].
Let a_1 = shift_sint32(a, 1).
Assume {
@@ -77,11 +77,11 @@ Assume {
(* Goal *)
When: (x != 0) /\ (Mint_0[a_1] = 0).
(* Initializer *)
- Init: Mint_0[global(L_i_30)] = 0.
+ Init: Mint_0[global(L_i_32)] = 0.
If v <= 3
Then { (* Else *) Have: Mint_0[f2_0] = 0. Have: shift_sint32(a, v) = f2_0.
}
- Else { Have: global(L_i_30) = f2_0. }
+ Else { Have: global(L_i_32) = f2_0. }
}
Prove: a_1 = f2_0.
@@ -96,24 +96,24 @@ Prove: true.
------------------------------------------------------------
Goal Post-condition 'P_addr_startof_shift' in 'g':
-Let a = global(G_G_18).
+Let a = global(G_G_20).
Let a_1 = shift_sint32(a, 0).
Assume {
Type: is_sint32(v) /\ is_sint32(Mint_0[shift_sint32(a, 1)]).
(* Goal *)
When: Mint_0[a_1] = 0.
(* Initializer *)
- Init: Mint_0[global(L_i_35)] = 0.
+ Init: Mint_0[global(L_i_37)] = 0.
If v <= 3
Then { (* Else *) Have: Mint_0[g] = 0. Have: shift_sint32(a, v) = g. }
- Else { Have: global(L_i_35) = g. }
+ Else { Have: global(L_i_37) = g. }
}
Prove: a_1 = g.
------------------------------------------------------------
Goal Post-condition 'P_addr_addr_shift' in 'g':
-Let a = global(G_G_18).
+Let a = global(G_G_20).
Let x = Mint_0[shift_sint32(a, 0)].
Let a_1 = shift_sint32(a, 1).
Assume {
@@ -121,10 +121,10 @@ Assume {
(* Goal *)
When: (x != 0) /\ (Mint_0[a_1] = 0).
(* Initializer *)
- Init: Mint_0[global(L_i_35)] = 0.
+ Init: Mint_0[global(L_i_37)] = 0.
If v <= 3
Then { (* Else *) Have: Mint_0[g] = 0. Have: shift_sint32(a, v) = g. }
- Else { Have: global(L_i_35) = g. }
+ Else { Have: global(L_i_37) = g. }
}
Prove: a_1 = g.
diff --git a/src/plugins/wp/tests/wp_acsl/oracle/init_value_mem.0.res.oracle b/src/plugins/wp/tests/wp_acsl/oracle/init_value_mem.0.res.oracle
index 3092db73a21a854f4be7baac8cf74ab2c0e0a960..2e42b9e3cb6a8630994a1fb4c7b1a47a9d35b696 100644
--- a/src/plugins/wp/tests/wp_acsl/oracle/init_value_mem.0.res.oracle
+++ b/src/plugins/wp/tests/wp_acsl/oracle/init_value_mem.0.res.oracle
@@ -8,7 +8,7 @@
------------------------------------------------------------
Goal Post-condition 'P' in 'main':
-Let a = global(G_v_18).
+Let a = global(G_v_20).
Let a_1 = Load_S1_St(a, Mint_0).
Assume {
Type: IsS1_St(w) /\ IsS1_St(a_1).
@@ -26,7 +26,7 @@ Prove: EqS1_St(a_1, w).
------------------------------------------------------------
Goal Post-condition 'Q' in 'main':
-Let a = global(G_v_18).
+Let a = global(G_v_20).
Let a_1 = Load_S1_St(a, Mint_0).
Assume {
Type: IsS1_St(w) /\ IsS1_St(a_1).
diff --git a/src/plugins/wp/tests/wp_acsl/oracle/invalid_pointer.res.oracle b/src/plugins/wp/tests/wp_acsl/oracle/invalid_pointer.res.oracle
new file mode 100644
index 0000000000000000000000000000000000000000..f1bb59e94b46d298d0042efddae2e4398c206640
--- /dev/null
+++ b/src/plugins/wp/tests/wp_acsl/oracle/invalid_pointer.res.oracle
@@ -0,0 +1,126 @@
+# frama-c -wp [...]
+[kernel] Parsing tests/wp_acsl/invalid_pointer.c (with preprocessing)
+[wp] Running WP plugin...
+[wp] Loading driver 'share/wp.driver'
+[wp] Warning: Missing RTE guards
+[wp] tests/wp_acsl/invalid_pointer.c:21: Warning: void object
+------------------------------------------------------------
+ Function array
+------------------------------------------------------------
+
+Goal Check 'ARR' (file tests/wp_acsl/invalid_pointer.c, line 29):
+Assume { Type: is_sint32(k). (* Heap *) Type: linked(Malloc_0). }
+Prove: ((0 <= k) /\ (k <= 25)) <->
+ valid_obj(Malloc_0[L_a_32 <- 25], shift_sint32(global(L_a_32), k), 1).
+
+------------------------------------------------------------
+------------------------------------------------------------
+ Function compound
+------------------------------------------------------------
+
+Goal Check 'M1' (file tests/wp_acsl/invalid_pointer.c, line 44):
+Prove: true.
+
+------------------------------------------------------------
+
+Goal Check 'P0' (file tests/wp_acsl/invalid_pointer.c, line 45):
+Prove: true.
+
+------------------------------------------------------------
+
+Goal Check 'P1' (file tests/wp_acsl/invalid_pointer.c, line 46):
+Prove: true.
+
+------------------------------------------------------------
+
+Goal Check 'P2' (file tests/wp_acsl/invalid_pointer.c, line 47):
+Prove: true.
+
+------------------------------------------------------------
+
+Goal Check 'F' (file tests/wp_acsl/invalid_pointer.c, line 50):
+Assume { (* Heap *) Type: linked(Malloc_0). }
+Prove: valid_obj(Malloc_0[L_s_37 <- 2], shiftfield_F1_S_f(global(L_s_37)), 1).
+
+------------------------------------------------------------
+
+Goal Check 'G' (file tests/wp_acsl/invalid_pointer.c, line 51):
+Assume { (* Heap *) Type: linked(Malloc_0). }
+Prove: valid_obj(Malloc_0[L_s_37 <- 2], shiftfield_F1_S_g(global(L_s_37)), 1).
+
+------------------------------------------------------------
+
+Goal Check 'F2' (file tests/wp_acsl/invalid_pointer.c, line 52):
+Assume { (* Heap *) Type: linked(Malloc_0). }
+Prove: valid_obj(Malloc_0[L_s_37 <- 2],
+ shift_sint32(shiftfield_F1_S_f(global(L_s_37)), 2), 1).
+
+------------------------------------------------------------
+
+Goal Check 'G2' (file tests/wp_acsl/invalid_pointer.c, line 53):
+Assume { (* Heap *) Type: linked(Malloc_0). }
+Prove: !valid_obj(Malloc_0[L_s_37 <- 2],
+ shift_sint32(shiftfield_F1_S_g(global(L_s_37)), 2), 1).
+
+------------------------------------------------------------
+
+Goal Check 'AM' (file tests/wp_acsl/invalid_pointer.c, line 56):
+Prove: true.
+
+------------------------------------------------------------
+------------------------------------------------------------
+ Function memvar
+------------------------------------------------------------
+
+Goal Check 'M1' (file tests/wp_acsl/invalid_pointer.c, line 6):
+Prove: true.
+
+------------------------------------------------------------
+
+Goal Check 'P0' (file tests/wp_acsl/invalid_pointer.c, line 7):
+Prove: true.
+
+------------------------------------------------------------
+
+Goal Check 'P1' (file tests/wp_acsl/invalid_pointer.c, line 8):
+Prove: true.
+
+------------------------------------------------------------
+
+Goal Check 'P2' (file tests/wp_acsl/invalid_pointer.c, line 9):
+Prove: true.
+
+------------------------------------------------------------
+------------------------------------------------------------
+ Function pointer
+------------------------------------------------------------
+
+Goal Check 'M1' (file tests/wp_acsl/invalid_pointer.c, line 17):
+Assume { (* Heap *) Type: linked(Malloc_0). }
+Prove: !valid_obj(Malloc_0[L_x_27 <- 1], shift_sint32(global(L_x_27), -1), 1).
+
+------------------------------------------------------------
+
+Goal Check 'P0' (file tests/wp_acsl/invalid_pointer.c, line 18):
+Assume { (* Heap *) Type: linked(Malloc_0). }
+Prove: valid_obj(Malloc_0[L_x_27 <- 1], global(L_x_27), 1).
+
+------------------------------------------------------------
+
+Goal Check 'P1' (file tests/wp_acsl/invalid_pointer.c, line 19):
+Assume { (* Heap *) Type: linked(Malloc_0). }
+Prove: valid_obj(Malloc_0[L_x_27 <- 1], shift_sint32(global(L_x_27), 1), 1).
+
+------------------------------------------------------------
+
+Goal Check 'P2' (file tests/wp_acsl/invalid_pointer.c, line 20):
+Assume { (* Heap *) Type: linked(Malloc_0). }
+Prove: !valid_obj(Malloc_0[L_x_27 <- 1], shift_sint32(global(L_x_27), 2), 1).
+
+------------------------------------------------------------
+
+Goal Check 'NULL' (file tests/wp_acsl/invalid_pointer.c, line 21):
+Assume { (* Heap *) Type: linked(Malloc_0). }
+Prove: valid_obj(Malloc_0[L_x_27 <- 1], null, 1).
+
+------------------------------------------------------------
diff --git a/src/plugins/wp/tests/wp_acsl/oracle/logic.res.oracle b/src/plugins/wp/tests/wp_acsl/oracle/logic.res.oracle
index 0f0ac33fa3fd589a6f0cf6100e2478c02e64343b..e519f55833a656ae85bc1acda6610c6ee0f85398 100644
--- a/src/plugins/wp/tests/wp_acsl/oracle/logic.res.oracle
+++ b/src/plugins/wp/tests/wp_acsl/oracle/logic.res.oracle
@@ -39,7 +39,7 @@
------------------------------------------------------------
Goal Post-condition (file tests/wp_acsl/logic.i, line 21) in 'h':
-Let a = global(G_t_27).
+Let a = global(G_t_29).
Let m = Array1_S1(shift___anonstruct_Point_1(a, 0), 3, Mint_0).
Let m_1 = Array1_S1(a, 3, Mint_0).
Assume { Type: IsArray1S1(m_1) /\ IsArray1S1(m). (* Call 'f' *) Have: P_P(m).
@@ -67,11 +67,11 @@ Prove: true.
------------------------------------------------------------
Goal Pre-condition 'qed_ok' in 'main':
-Let a = global(G_tr_33).
+Let a = global(G_tr_35).
Let a_1 = shift___anonstruct_Point_1(a, 2).
Let a_2 = shift___anonstruct_Point_1(a, 1).
Let a_3 = shift___anonstruct_Point_1(a, 0).
-Let a_4 = shiftfield_F4_bytes(global(G_buint_39)).
+Let a_4 = shiftfield_F4_bytes(global(G_buint_41)).
Let m = Array1_S1(a, 3, Mint_0).
Assume {
Type: IsArray1S1(m) /\ IsArray1S1(Array1_S1(a_3, 3, Mint_0)).
@@ -101,11 +101,11 @@ Prove: P_P(m).
------------------------------------------------------------
Goal Pre-condition 'qed_ok' in 'main':
-Let a = global(G_tr_33).
+Let a = global(G_tr_35).
Let a_1 = shift___anonstruct_Point_1(a, 2).
Let a_2 = shift___anonstruct_Point_1(a, 1).
Let a_3 = shift___anonstruct_Point_1(a, 0).
-Let a_4 = shiftfield_F4_bytes(global(G_buint_39)).
+Let a_4 = shiftfield_F4_bytes(global(G_buint_41)).
Let m = Array1_S1(a, 3, Mint_0).
Assume {
Type: IsArray1S1(m) /\ IsArray1S1(Array1_S1(a_3, 3, Mint_0)).
@@ -135,11 +135,11 @@ Prove: P_P(m).
------------------------------------------------------------
Goal Pre-condition 'qed_ok' in 'main':
-Let a = global(G_tr_33).
+Let a = global(G_tr_35).
Let a_1 = shift___anonstruct_Point_1(a, 2).
Let a_2 = shift___anonstruct_Point_1(a, 1).
Let a_3 = shift___anonstruct_Point_1(a, 0).
-Let a_4 = shiftfield_F4_bytes(global(G_buint_39)).
+Let a_4 = shiftfield_F4_bytes(global(G_buint_41)).
Let m = Array1_S1(a_3, 3, Mint_0).
Assume {
Type: IsArray1S1(Array1_S1(a, 3, Mint_0)) /\ IsArray1S1(m).
@@ -220,11 +220,11 @@ Goal Pre-condition 'qed_ok' in 'main':
tests/wp_acsl/logic.i:55: warning from wp:
- Warning: Hide sub-term definition
Reason: Logic cast to struct (Buint) from (unsigned int) not implemented yet
-Let a = global(G_tr_33).
+Let a = global(G_tr_35).
Let a_1 = shift___anonstruct_Point_1(a, 2).
Let a_2 = shift___anonstruct_Point_1(a, 1).
Let a_3 = shift___anonstruct_Point_1(a, 0).
-Let a_4 = global(G_buint_39).
+Let a_4 = global(G_buint_41).
Let a_5 = shiftfield_F4_bytes(a_4).
Let a_6 = Load_S4(a_4, Mint_0).
Assume {
diff --git a/src/plugins/wp/tests/wp_acsl/oracle/pointer.res.oracle b/src/plugins/wp/tests/wp_acsl/oracle/pointer.res.oracle
index 8724a747b0ae66acca4323b77f9c07aace15d781..1737e32302ff4c5e5d4697e084868bd3665b1c7c 100644
--- a/src/plugins/wp/tests/wp_acsl/oracle/pointer.res.oracle
+++ b/src/plugins/wp/tests/wp_acsl/oracle/pointer.res.oracle
@@ -26,7 +26,7 @@ Assume {
(* Goal *)
When: q.offset < p.offset.
(* Pre-condition *)
- Have: p.base = G_t_19.
+ Have: p.base = G_t_21.
}
Prove: addr_lt(q, p).
@@ -37,7 +37,7 @@ Assume {
(* Goal *)
When: i_1 <= i.
(* Pre-condition *)
- Have: p.base = G_t_19.
+ Have: p.base = G_t_21.
}
Prove: i <= i_1.
@@ -116,8 +116,8 @@ Goal Post-condition 'qed_ok,Lt' in 'mixed_array_pointer':
tests/wp_acsl/pointer.i:45: warning from Reference Variable Model:
- Warning: Hide sub-term definition
Reason: Uncomparable locations p_0 and mem:t.(0)
-Assume { (* Goal *) When: 0 < w. (* Pre-condition *) Have: p.base = G_t_19. }
-Prove: addr_lt(shift_sint32(global(G_t_19), 0), p).
+Assume { (* Goal *) When: 0 < w. (* Pre-condition *) Have: p.base = G_t_21. }
+Prove: addr_lt(shift_sint32(global(G_t_21), 0), p).
------------------------------------------------------------
@@ -125,9 +125,9 @@ Goal Post-condition 'qed_ok,Le' in 'mixed_array_pointer':
tests/wp_acsl/pointer.i:46: warning from Reference Variable Model:
- Warning: Hide sub-term definition
Reason: Uncomparable locations p_0 and mem:t.(0)
-Assume { (* Goal *) When: 0 <= w. (* Pre-condition *) Have: p.base = G_t_19.
+Assume { (* Goal *) When: 0 <= w. (* Pre-condition *) Have: p.base = G_t_21.
}
-Prove: addr_le(shift_sint32(global(G_t_19), 0), p).
+Prove: addr_le(shift_sint32(global(G_t_21), 0), p).
------------------------------------------------------------
@@ -135,8 +135,8 @@ Goal Post-condition 'qed_ok,Eq' in 'mixed_array_pointer':
tests/wp_acsl/pointer.i:47: warning from Reference Variable Model:
- Warning: Hide sub-term definition
Reason: Uncomparable locations p_0 and mem:t.(0)
-Assume { (* Pre-condition *) Have: p.base = G_t_19. }
-Prove: shift_sint32(global(G_t_19), 0) = p.
+Assume { (* Pre-condition *) Have: p.base = G_t_21. }
+Prove: shift_sint32(global(G_t_21), 0) = p.
------------------------------------------------------------
@@ -144,9 +144,9 @@ Goal Post-condition 'qed_ok,Ne' in 'mixed_array_pointer':
tests/wp_acsl/pointer.i:48: warning from Reference Variable Model:
- Warning: Hide sub-term definition
Reason: Uncomparable locations p_0 and mem:t.(0)
-Assume { (* Goal *) When: w != 0. (* Pre-condition *) Have: p.base = G_t_19.
+Assume { (* Goal *) When: w != 0. (* Pre-condition *) Have: p.base = G_t_21.
}
-Prove: shift_sint32(global(G_t_19), 0) != p.
+Prove: shift_sint32(global(G_t_21), 0) != p.
------------------------------------------------------------
@@ -154,9 +154,9 @@ Goal Post-condition 'qed_ko,Le_oracle_ko' in 'mixed_array_pointer':
tests/wp_acsl/pointer.i:49: warning from Reference Variable Model:
- Warning: Hide sub-term definition
Reason: Uncomparable locations p_0 and mem:t.(0)
-Assume { (* Goal *) When: 0 <= w. (* Pre-condition *) Have: p.base = G_t_19.
+Assume { (* Goal *) When: 0 <= w. (* Pre-condition *) Have: p.base = G_t_21.
}
-Prove: addr_lt(shift_sint32(global(G_t_19), 0), p).
+Prove: addr_lt(shift_sint32(global(G_t_21), 0), p).
------------------------------------------------------------
@@ -164,8 +164,8 @@ Goal Post-condition 'qed_ko,Lt_oracle_ko' in 'mixed_array_pointer':
tests/wp_acsl/pointer.i:50: warning from Reference Variable Model:
- Warning: Hide sub-term definition
Reason: Uncomparable locations p_0 and mem:t.(0)
-Assume { (* Goal *) When: 0 < w. (* Pre-condition *) Have: p.base = G_t_19. }
-Prove: addr_le(p, shift_sint32(global(G_t_19), 0)).
+Assume { (* Goal *) When: 0 < w. (* Pre-condition *) Have: p.base = G_t_21. }
+Prove: addr_le(p, shift_sint32(global(G_t_21), 0)).
------------------------------------------------------------
------------------------------------------------------------
diff --git a/src/plugins/wp/tests/wp_acsl/oracle/post_result.res.oracle b/src/plugins/wp/tests/wp_acsl/oracle/post_result.res.oracle
index 503527e1a7e831015a48ebcbc9cd4d4ad14a527b..0f84cd85b5cd7a46cd0967aa751957bce8f12f13 100644
--- a/src/plugins/wp/tests/wp_acsl/oracle/post_result.res.oracle
+++ b/src/plugins/wp/tests/wp_acsl/oracle/post_result.res.oracle
@@ -16,7 +16,7 @@ Prove: true.
------------------------------------------------------------
Goal Assertion 'KO' (file tests/wp_acsl/post_result.i, line 22):
-Let a = shift_sint32(global(G_a_18), 1).
+Let a = shift_sint32(global(G_a_20), 1).
Let x = Mint_0[a].
Let x_1 = Mint_undef_0[a].
Assume { Type: is_sint32(x) /\ is_sint32(x_1). }
diff --git a/src/plugins/wp/tests/wp_acsl/oracle_qualif/assigns_path.0.session/cache/9c4dd961e0443b101eb51979ae15b5c1.json b/src/plugins/wp/tests/wp_acsl/oracle_qualif/assigns_path.0.session/cache/9c4dd961e0443b101eb51979ae15b5c1.json
new file mode 100644
index 0000000000000000000000000000000000000000..4e76c1ef91e368d82fd926d9012c9a31888d22b2
--- /dev/null
+++ b/src/plugins/wp/tests/wp_acsl/oracle_qualif/assigns_path.0.session/cache/9c4dd961e0443b101eb51979ae15b5c1.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.029,
+ "steps": 23 }
diff --git a/src/plugins/wp/tests/wp_acsl/oracle_qualif/assigns_path.0.session/cache/a789e11c15e566b594c893a9d69b77b8.json b/src/plugins/wp/tests/wp_acsl/oracle_qualif/assigns_path.0.session/cache/a789e11c15e566b594c893a9d69b77b8.json
new file mode 100644
index 0000000000000000000000000000000000000000..8b36b323c7b8ffa61c4f1ceb61a077cdfe79248b
--- /dev/null
+++ b/src/plugins/wp/tests/wp_acsl/oracle_qualif/assigns_path.0.session/cache/a789e11c15e566b594c893a9d69b77b8.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0272,
+ "steps": 20 }
diff --git a/src/plugins/wp/tests/wp_acsl/oracle_qualif/assigns_path.0.session/cache/f95876c31865b8f2909e450d06c08e6c.json b/src/plugins/wp/tests/wp_acsl/oracle_qualif/assigns_path.0.session/cache/f95876c31865b8f2909e450d06c08e6c.json
new file mode 100644
index 0000000000000000000000000000000000000000..2bfea8fade799d08c5099a9fedc858d1ab7ff603
--- /dev/null
+++ b/src/plugins/wp/tests/wp_acsl/oracle_qualif/assigns_path.0.session/cache/f95876c31865b8f2909e450d06c08e6c.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0215,
+ "steps": 17 }
diff --git a/src/plugins/wp/tests/wp_acsl/oracle_qualif/axioms.0.session/cache/6044af008ca0e2c7fcccdd5236af32af.json b/src/plugins/wp/tests/wp_acsl/oracle_qualif/axioms.0.session/cache/6044af008ca0e2c7fcccdd5236af32af.json
new file mode 100644
index 0000000000000000000000000000000000000000..961e26140b15047241dce76185338fdcd5e3dbc4
--- /dev/null
+++ b/src/plugins/wp/tests/wp_acsl/oracle_qualif/axioms.0.session/cache/6044af008ca0e2c7fcccdd5236af32af.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0521,
+ "steps": 70 }
diff --git a/src/plugins/wp/tests/wp_acsl/oracle_qualif/axioms.0.session/cache/6094e7c19eba3f50fb8b90f9528226e9.json b/src/plugins/wp/tests/wp_acsl/oracle_qualif/axioms.0.session/cache/6094e7c19eba3f50fb8b90f9528226e9.json
new file mode 100644
index 0000000000000000000000000000000000000000..773071bdef85b56c4cae064e5450c509eab43b6e
--- /dev/null
+++ b/src/plugins/wp/tests/wp_acsl/oracle_qualif/axioms.0.session/cache/6094e7c19eba3f50fb8b90f9528226e9.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0214,
+ "steps": 14 }
diff --git a/src/plugins/wp/tests/wp_acsl/oracle_qualif/axioms.0.session/cache/78b4274586b7b6ac948dbd0f36d4c1e3.json b/src/plugins/wp/tests/wp_acsl/oracle_qualif/axioms.0.session/cache/78b4274586b7b6ac948dbd0f36d4c1e3.json
new file mode 100644
index 0000000000000000000000000000000000000000..b8e36e2803fcc35bf7625695f4ebcfc62989c064
--- /dev/null
+++ b/src/plugins/wp/tests/wp_acsl/oracle_qualif/axioms.0.session/cache/78b4274586b7b6ac948dbd0f36d4c1e3.json
@@ -0,0 +1 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "timeout", "time": 10. }
diff --git a/src/plugins/wp/tests/wp_acsl/oracle_qualif/axioms.0.session/cache/a7988461f3fa13ce0532e386a9323033.json b/src/plugins/wp/tests/wp_acsl/oracle_qualif/axioms.0.session/cache/a7988461f3fa13ce0532e386a9323033.json
new file mode 100644
index 0000000000000000000000000000000000000000..761b1f8728a772d7add3d5f0ba8b757f210270d1
--- /dev/null
+++ b/src/plugins/wp/tests/wp_acsl/oracle_qualif/axioms.0.session/cache/a7988461f3fa13ce0532e386a9323033.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0339,
+ "steps": 32 }
diff --git a/src/plugins/wp/tests/wp_acsl/oracle_qualif/axioms.0.session/cache/dbf4a65cfc0e20fdc41c28df5f546971.json b/src/plugins/wp/tests/wp_acsl/oracle_qualif/axioms.0.session/cache/dbf4a65cfc0e20fdc41c28df5f546971.json
new file mode 100644
index 0000000000000000000000000000000000000000..19a36219937c6dbe2758f2ce2f68db7578596fb7
--- /dev/null
+++ b/src/plugins/wp/tests/wp_acsl/oracle_qualif/axioms.0.session/cache/dbf4a65cfc0e20fdc41c28df5f546971.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0233,
+ "steps": 19 }
diff --git a/src/plugins/wp/tests/wp_acsl/oracle_qualif/axioms.0.session/cache/f4ca48ef31089fb2cf5facb451a37704.json b/src/plugins/wp/tests/wp_acsl/oracle_qualif/axioms.0.session/cache/f4ca48ef31089fb2cf5facb451a37704.json
new file mode 100644
index 0000000000000000000000000000000000000000..d8f7dc139f2844a67e981b57bb454d6d1a7052b7
--- /dev/null
+++ b/src/plugins/wp/tests/wp_acsl/oracle_qualif/axioms.0.session/cache/f4ca48ef31089fb2cf5facb451a37704.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0382,
+ "steps": 45 }
diff --git a/src/plugins/wp/tests/wp_acsl/oracle_qualif/axioms.0.session/cache/fa725e97995b55101c0cf42a29c0f813.json b/src/plugins/wp/tests/wp_acsl/oracle_qualif/axioms.0.session/cache/fa725e97995b55101c0cf42a29c0f813.json
new file mode 100644
index 0000000000000000000000000000000000000000..b8e36e2803fcc35bf7625695f4ebcfc62989c064
--- /dev/null
+++ b/src/plugins/wp/tests/wp_acsl/oracle_qualif/axioms.0.session/cache/fa725e97995b55101c0cf42a29c0f813.json
@@ -0,0 +1 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "timeout", "time": 10. }
diff --git a/src/plugins/wp/tests/wp_acsl/oracle_qualif/base_offset.0.session/cache/a36ac87b7682612f29171f0561dcd7f5.json b/src/plugins/wp/tests/wp_acsl/oracle_qualif/base_offset.0.session/cache/a36ac87b7682612f29171f0561dcd7f5.json
new file mode 100644
index 0000000000000000000000000000000000000000..56c395504289168c539ec44e6877a919ac85adc8
--- /dev/null
+++ b/src/plugins/wp/tests/wp_acsl/oracle_qualif/base_offset.0.session/cache/a36ac87b7682612f29171f0561dcd7f5.json
@@ -0,0 +1 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "unknown" }
diff --git a/src/plugins/wp/tests/wp_acsl/oracle_qualif/classify_float.0.session/cache/0a905fe4d67333c2edc713c01cc378f7.json b/src/plugins/wp/tests/wp_acsl/oracle_qualif/classify_float.0.session/cache/0a905fe4d67333c2edc713c01cc378f7.json
new file mode 100644
index 0000000000000000000000000000000000000000..1012157e6788aee12f30cf83f452661163f3af02
--- /dev/null
+++ b/src/plugins/wp/tests/wp_acsl/oracle_qualif/classify_float.0.session/cache/0a905fe4d67333c2edc713c01cc378f7.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0667,
+ "steps": 88 }
diff --git a/src/plugins/wp/tests/wp_acsl/oracle_qualif/classify_float.0.session/cache/e415e5ac31242f42e0ec3f9659d65967.json b/src/plugins/wp/tests/wp_acsl/oracle_qualif/classify_float.0.session/cache/e415e5ac31242f42e0ec3f9659d65967.json
new file mode 100644
index 0000000000000000000000000000000000000000..c0fd738d21ad066ea47fdcf4151f5eeb6809d04c
--- /dev/null
+++ b/src/plugins/wp/tests/wp_acsl/oracle_qualif/classify_float.0.session/cache/e415e5ac31242f42e0ec3f9659d65967.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0687,
+ "steps": 86 }
diff --git a/src/plugins/wp/tests/wp_acsl/oracle_qualif/classify_float.0.session/cache/f23d47414c80f975ea6a853ebf08af80.json b/src/plugins/wp/tests/wp_acsl/oracle_qualif/classify_float.0.session/cache/f23d47414c80f975ea6a853ebf08af80.json
new file mode 100644
index 0000000000000000000000000000000000000000..71049b4947d21355d55792179e71ab436bd92702
--- /dev/null
+++ b/src/plugins/wp/tests/wp_acsl/oracle_qualif/classify_float.0.session/cache/f23d47414c80f975ea6a853ebf08af80.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0968,
+ "steps": 88 }
diff --git a/src/plugins/wp/tests/wp_acsl/oracle_qualif/equal.0.session/cache/37ca01b8d9af3adaa85337898f17bbcf.json b/src/plugins/wp/tests/wp_acsl/oracle_qualif/equal.0.session/cache/37ca01b8d9af3adaa85337898f17bbcf.json
new file mode 100644
index 0000000000000000000000000000000000000000..a094a26e88380f7b03b0c746349e078887b6e9c6
--- /dev/null
+++ b/src/plugins/wp/tests/wp_acsl/oracle_qualif/equal.0.session/cache/37ca01b8d9af3adaa85337898f17bbcf.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0107,
+ "steps": 9 }
diff --git a/src/plugins/wp/tests/wp_acsl/oracle_qualif/equal.0.session/cache/e693f887cbaf3748fcba8d0e78496a04.json b/src/plugins/wp/tests/wp_acsl/oracle_qualif/equal.0.session/cache/e693f887cbaf3748fcba8d0e78496a04.json
new file mode 100644
index 0000000000000000000000000000000000000000..058ecb53439905574acfa8db0073b9d444066093
--- /dev/null
+++ b/src/plugins/wp/tests/wp_acsl/oracle_qualif/equal.0.session/cache/e693f887cbaf3748fcba8d0e78496a04.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0194,
+ "steps": 12 }
diff --git a/src/plugins/wp/tests/wp_acsl/oracle_qualif/equal.0.session/cache/fb71b4e14680e40fdfe23d5a71f51776.json b/src/plugins/wp/tests/wp_acsl/oracle_qualif/equal.0.session/cache/fb71b4e14680e40fdfe23d5a71f51776.json
new file mode 100644
index 0000000000000000000000000000000000000000..d80f0329219a17007226bfb8f628c6c8bd4709b2
--- /dev/null
+++ b/src/plugins/wp/tests/wp_acsl/oracle_qualif/equal.0.session/cache/fb71b4e14680e40fdfe23d5a71f51776.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0238,
+ "steps": 26 }
diff --git a/src/plugins/wp/tests/wp_acsl/oracle_qualif/float_compare.0.session/cache/0d2abb971445d7e4694380d263060055.json b/src/plugins/wp/tests/wp_acsl/oracle_qualif/float_compare.0.session/cache/0d2abb971445d7e4694380d263060055.json
new file mode 100644
index 0000000000000000000000000000000000000000..7777628a60eed74c5923ccdac52949f256ff2298
--- /dev/null
+++ b/src/plugins/wp/tests/wp_acsl/oracle_qualif/float_compare.0.session/cache/0d2abb971445d7e4694380d263060055.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0928,
+ "steps": 112 }
diff --git a/src/plugins/wp/tests/wp_acsl/oracle_qualif/float_compare.0.session/cache/1932508452358e4ae474447d8950a0af.json b/src/plugins/wp/tests/wp_acsl/oracle_qualif/float_compare.0.session/cache/1932508452358e4ae474447d8950a0af.json
new file mode 100644
index 0000000000000000000000000000000000000000..b69cf97ec3f09fe2b60e67d718fa922e4563bfa4
--- /dev/null
+++ b/src/plugins/wp/tests/wp_acsl/oracle_qualif/float_compare.0.session/cache/1932508452358e4ae474447d8950a0af.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0692,
+ "steps": 106 }
diff --git a/src/plugins/wp/tests/wp_acsl/oracle_qualif/float_compare.0.session/cache/4529c9de8c01d20f9fbbf88ecaf071c5.json b/src/plugins/wp/tests/wp_acsl/oracle_qualif/float_compare.0.session/cache/4529c9de8c01d20f9fbbf88ecaf071c5.json
new file mode 100644
index 0000000000000000000000000000000000000000..2c9d4fbaef7133ba1db3d37ae99e429566ff5ddd
--- /dev/null
+++ b/src/plugins/wp/tests/wp_acsl/oracle_qualif/float_compare.0.session/cache/4529c9de8c01d20f9fbbf88ecaf071c5.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0903,
+ "steps": 135 }
diff --git a/src/plugins/wp/tests/wp_acsl/oracle_qualif/float_compare.0.session/cache/61d6a3a8bbf8eb3941c06207e0edcf6a.json b/src/plugins/wp/tests/wp_acsl/oracle_qualif/float_compare.0.session/cache/61d6a3a8bbf8eb3941c06207e0edcf6a.json
new file mode 100644
index 0000000000000000000000000000000000000000..0d8a494a81bac92dbb3fc05eaf5e3ed96061869f
--- /dev/null
+++ b/src/plugins/wp/tests/wp_acsl/oracle_qualif/float_compare.0.session/cache/61d6a3a8bbf8eb3941c06207e0edcf6a.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0674,
+ "steps": 102 }
diff --git a/src/plugins/wp/tests/wp_acsl/oracle_qualif/float_compare.0.session/cache/62d262414e3d2e705480be1fdf742280.json b/src/plugins/wp/tests/wp_acsl/oracle_qualif/float_compare.0.session/cache/62d262414e3d2e705480be1fdf742280.json
new file mode 100644
index 0000000000000000000000000000000000000000..21e102ff29d34b7111b2960f96f63f06de14558c
--- /dev/null
+++ b/src/plugins/wp/tests/wp_acsl/oracle_qualif/float_compare.0.session/cache/62d262414e3d2e705480be1fdf742280.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0795,
+ "steps": 107 }
diff --git a/src/plugins/wp/tests/wp_acsl/oracle_qualif/float_compare.0.session/cache/7d7abc4aed08f6d397d86a95f08df503.json b/src/plugins/wp/tests/wp_acsl/oracle_qualif/float_compare.0.session/cache/7d7abc4aed08f6d397d86a95f08df503.json
new file mode 100644
index 0000000000000000000000000000000000000000..dcd1645373b85f42f7df9e5ef7e2658a5544d18f
--- /dev/null
+++ b/src/plugins/wp/tests/wp_acsl/oracle_qualif/float_compare.0.session/cache/7d7abc4aed08f6d397d86a95f08df503.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0708,
+ "steps": 112 }
diff --git a/src/plugins/wp/tests/wp_acsl/oracle_qualif/float_compare.0.session/cache/7e1f0d1b2e2f4fcb6f82eead533aaf21.json b/src/plugins/wp/tests/wp_acsl/oracle_qualif/float_compare.0.session/cache/7e1f0d1b2e2f4fcb6f82eead533aaf21.json
new file mode 100644
index 0000000000000000000000000000000000000000..b3453fe01b1f205e9d7bb4a7f44ca1f51850b850
--- /dev/null
+++ b/src/plugins/wp/tests/wp_acsl/oracle_qualif/float_compare.0.session/cache/7e1f0d1b2e2f4fcb6f82eead533aaf21.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0746,
+ "steps": 126 }
diff --git a/src/plugins/wp/tests/wp_acsl/oracle_qualif/float_compare.0.session/cache/879774fa75e5c6e3931a522784aef644.json b/src/plugins/wp/tests/wp_acsl/oracle_qualif/float_compare.0.session/cache/879774fa75e5c6e3931a522784aef644.json
new file mode 100644
index 0000000000000000000000000000000000000000..56295647c82d5a3c2aadf36e2edf3520664fb10a
--- /dev/null
+++ b/src/plugins/wp/tests/wp_acsl/oracle_qualif/float_compare.0.session/cache/879774fa75e5c6e3931a522784aef644.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0628,
+ "steps": 107 }
diff --git a/src/plugins/wp/tests/wp_acsl/oracle_qualif/float_compare.0.session/cache/888ea152c7a0297037a8c6283858d6e4.json b/src/plugins/wp/tests/wp_acsl/oracle_qualif/float_compare.0.session/cache/888ea152c7a0297037a8c6283858d6e4.json
new file mode 100644
index 0000000000000000000000000000000000000000..9208ba629538b803389ce045c84dc35505b2fcd0
--- /dev/null
+++ b/src/plugins/wp/tests/wp_acsl/oracle_qualif/float_compare.0.session/cache/888ea152c7a0297037a8c6283858d6e4.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0852,
+ "steps": 121 }
diff --git a/src/plugins/wp/tests/wp_acsl/oracle_qualif/float_compare.0.session/cache/bbcaecdc16ceacd6d70aa7a3ad1466aa.json b/src/plugins/wp/tests/wp_acsl/oracle_qualif/float_compare.0.session/cache/bbcaecdc16ceacd6d70aa7a3ad1466aa.json
new file mode 100644
index 0000000000000000000000000000000000000000..3627d770916b73a2ec2c2bd1bf74e2eb4632363d
--- /dev/null
+++ b/src/plugins/wp/tests/wp_acsl/oracle_qualif/float_compare.0.session/cache/bbcaecdc16ceacd6d70aa7a3ad1466aa.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0756,
+ "steps": 112 }
diff --git a/src/plugins/wp/tests/wp_acsl/oracle_qualif/float_compare.0.session/cache/d3dbfa3988959e87318bcf002f3c4e47.json b/src/plugins/wp/tests/wp_acsl/oracle_qualif/float_compare.0.session/cache/d3dbfa3988959e87318bcf002f3c4e47.json
new file mode 100644
index 0000000000000000000000000000000000000000..c2cec72f35af2454d19826246e34605db8b750c3
--- /dev/null
+++ b/src/plugins/wp/tests/wp_acsl/oracle_qualif/float_compare.0.session/cache/d3dbfa3988959e87318bcf002f3c4e47.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0697,
+ "steps": 87 }
diff --git a/src/plugins/wp/tests/wp_acsl/oracle_qualif/float_compare.0.session/cache/d8bb8e21e04ed3c720d63f31187ee652.json b/src/plugins/wp/tests/wp_acsl/oracle_qualif/float_compare.0.session/cache/d8bb8e21e04ed3c720d63f31187ee652.json
new file mode 100644
index 0000000000000000000000000000000000000000..0d7696170934639440728af64e30cc91172e3217
--- /dev/null
+++ b/src/plugins/wp/tests/wp_acsl/oracle_qualif/float_compare.0.session/cache/d8bb8e21e04ed3c720d63f31187ee652.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0598,
+ "steps": 112 }
diff --git a/src/plugins/wp/tests/wp_acsl/oracle_qualif/float_compare.0.session/cache/ece5499b76e2b762927d44b60311d491.json b/src/plugins/wp/tests/wp_acsl/oracle_qualif/float_compare.0.session/cache/ece5499b76e2b762927d44b60311d491.json
new file mode 100644
index 0000000000000000000000000000000000000000..fd4e3bdb3562c3140fc13a0d14bd5a7c54de5ea4
--- /dev/null
+++ b/src/plugins/wp/tests/wp_acsl/oracle_qualif/float_compare.0.session/cache/ece5499b76e2b762927d44b60311d491.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0968,
+ "steps": 108 }
diff --git a/src/plugins/wp/tests/wp_acsl/oracle_qualif/float_compare.0.session/cache/f983884d24497fe1e604b085bc61d42d.json b/src/plugins/wp/tests/wp_acsl/oracle_qualif/float_compare.0.session/cache/f983884d24497fe1e604b085bc61d42d.json
new file mode 100644
index 0000000000000000000000000000000000000000..15a4c57a35f487f9506ae3ef5891ada99b11229e
--- /dev/null
+++ b/src/plugins/wp/tests/wp_acsl/oracle_qualif/float_compare.0.session/cache/f983884d24497fe1e604b085bc61d42d.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0838,
+ "steps": 102 }
diff --git a/src/plugins/wp/tests/wp_acsl/oracle_qualif/float_const.0.session/cache/3eda240a1618c4e2129a56faa362aa41.json b/src/plugins/wp/tests/wp_acsl/oracle_qualif/float_const.0.session/cache/3eda240a1618c4e2129a56faa362aa41.json
new file mode 100644
index 0000000000000000000000000000000000000000..d5d7d432022b5e35f4e0727d02202f87560a34e4
--- /dev/null
+++ b/src/plugins/wp/tests/wp_acsl/oracle_qualif/float_const.0.session/cache/3eda240a1618c4e2129a56faa362aa41.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.2541,
+ "steps": 332 }
diff --git a/src/plugins/wp/tests/wp_acsl/oracle_qualif/float_const.0.session/cache/566431057d4fc34ebe07842f87363104.json b/src/plugins/wp/tests/wp_acsl/oracle_qualif/float_const.0.session/cache/566431057d4fc34ebe07842f87363104.json
new file mode 100644
index 0000000000000000000000000000000000000000..36b03c530bbe418c384803c5e96c39218b74e1fe
--- /dev/null
+++ b/src/plugins/wp/tests/wp_acsl/oracle_qualif/float_const.0.session/cache/566431057d4fc34ebe07842f87363104.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.3224,
+ "steps": 596 }
diff --git a/src/plugins/wp/tests/wp_acsl/oracle_qualif/float_const.0.session/cache/90bad8d1a177f25e5355b292480850a8.json b/src/plugins/wp/tests/wp_acsl/oracle_qualif/float_const.0.session/cache/90bad8d1a177f25e5355b292480850a8.json
new file mode 100644
index 0000000000000000000000000000000000000000..30a38a89671d213a008c0f28e1e562dfebafddf1
--- /dev/null
+++ b/src/plugins/wp/tests/wp_acsl/oracle_qualif/float_const.0.session/cache/90bad8d1a177f25e5355b292480850a8.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.2141,
+ "steps": 332 }
diff --git a/src/plugins/wp/tests/wp_acsl/oracle_qualif/float_const.0.session/cache/d9555471b99fab97496429da35c60b85.json b/src/plugins/wp/tests/wp_acsl/oracle_qualif/float_const.0.session/cache/d9555471b99fab97496429da35c60b85.json
new file mode 100644
index 0000000000000000000000000000000000000000..ef32c000dcacaaad84fa3df26e9fdfc568960e27
--- /dev/null
+++ b/src/plugins/wp/tests/wp_acsl/oracle_qualif/float_const.0.session/cache/d9555471b99fab97496429da35c60b85.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.1543,
+ "steps": 332 }
diff --git a/src/plugins/wp/tests/wp_acsl/oracle_qualif/float_const.0.session/cache/ed750337872ba241506bb6b5482d452a.json b/src/plugins/wp/tests/wp_acsl/oracle_qualif/float_const.0.session/cache/ed750337872ba241506bb6b5482d452a.json
new file mode 100644
index 0000000000000000000000000000000000000000..ef720689733838a669441267ae148ef4b3103a6a
--- /dev/null
+++ b/src/plugins/wp/tests/wp_acsl/oracle_qualif/float_const.0.session/cache/ed750337872ba241506bb6b5482d452a.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.2051,
+ "steps": 332 }
diff --git a/src/plugins/wp/tests/wp_acsl/oracle_qualif/float_const.0.session/cache/f61afc24017b7e4fa237b53dacd04d71.json b/src/plugins/wp/tests/wp_acsl/oracle_qualif/float_const.0.session/cache/f61afc24017b7e4fa237b53dacd04d71.json
new file mode 100644
index 0000000000000000000000000000000000000000..835d8ef735bd9b398e8efaa05bc61d5cb1219c25
--- /dev/null
+++ b/src/plugins/wp/tests/wp_acsl/oracle_qualif/float_const.0.session/cache/f61afc24017b7e4fa237b53dacd04d71.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.5975,
+ "steps": 1145 }
diff --git a/src/plugins/wp/tests/wp_acsl/oracle_qualif/float_const.0.session/cache/fe3b18624cd214c20103e2ccebb30e28.json b/src/plugins/wp/tests/wp_acsl/oracle_qualif/float_const.0.session/cache/fe3b18624cd214c20103e2ccebb30e28.json
new file mode 100644
index 0000000000000000000000000000000000000000..1969b87896b146fa576749ef7cfe3b6a71816032
--- /dev/null
+++ b/src/plugins/wp/tests/wp_acsl/oracle_qualif/float_const.0.session/cache/fe3b18624cd214c20103e2ccebb30e28.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.3359,
+ "steps": 596 }
diff --git a/src/plugins/wp/tests/wp_acsl/oracle_qualif/float_const.0.session/cache/fed99e0d6926411c893b99634bf52d5c.json b/src/plugins/wp/tests/wp_acsl/oracle_qualif/float_const.0.session/cache/fed99e0d6926411c893b99634bf52d5c.json
new file mode 100644
index 0000000000000000000000000000000000000000..d7c10d8e73602efb5ea06c74fab75190c4ff0d5b
--- /dev/null
+++ b/src/plugins/wp/tests/wp_acsl/oracle_qualif/float_const.0.session/cache/fed99e0d6926411c893b99634bf52d5c.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.8856,
+ "steps": 1460 }
diff --git a/src/plugins/wp/tests/wp_acsl/oracle_qualif/init_value_mem.0.session/cache/f9448d0b7eb7302bfe3607804bc64e21.json b/src/plugins/wp/tests/wp_acsl/oracle_qualif/init_value_mem.0.session/cache/f9448d0b7eb7302bfe3607804bc64e21.json
new file mode 100644
index 0000000000000000000000000000000000000000..3b3b5db51bc1dd3d5313ad7b16657443d0bba316
--- /dev/null
+++ b/src/plugins/wp/tests/wp_acsl/oracle_qualif/init_value_mem.0.session/cache/f9448d0b7eb7302bfe3607804bc64e21.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0307,
+ "steps": 35 }
diff --git a/src/plugins/wp/tests/wp_acsl/oracle_qualif/invalid_pointer.0.session/cache/546d68cf73aa7d1be7397f0dba7ab57b.json b/src/plugins/wp/tests/wp_acsl/oracle_qualif/invalid_pointer.0.session/cache/546d68cf73aa7d1be7397f0dba7ab57b.json
new file mode 100644
index 0000000000000000000000000000000000000000..d824319ad4ad22a46757d91018cf5a68fc23e00f
--- /dev/null
+++ b/src/plugins/wp/tests/wp_acsl/oracle_qualif/invalid_pointer.0.session/cache/546d68cf73aa7d1be7397f0dba7ab57b.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0104,
+ "steps": 15 }
diff --git a/src/plugins/wp/tests/wp_acsl/oracle_qualif/invalid_pointer.0.session/cache/6135a695451f38570cc5e98d983b3fc5.json b/src/plugins/wp/tests/wp_acsl/oracle_qualif/invalid_pointer.0.session/cache/6135a695451f38570cc5e98d983b3fc5.json
new file mode 100644
index 0000000000000000000000000000000000000000..73bc5ac39eb7c96b55b0fc5ad096389816010c9e
--- /dev/null
+++ b/src/plugins/wp/tests/wp_acsl/oracle_qualif/invalid_pointer.0.session/cache/6135a695451f38570cc5e98d983b3fc5.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0128,
+ "steps": 10 }
diff --git a/src/plugins/wp/tests/wp_acsl/oracle_qualif/invalid_pointer.0.session/cache/82fda005a00dfb2bafda2e7a61e31a0e.json b/src/plugins/wp/tests/wp_acsl/oracle_qualif/invalid_pointer.0.session/cache/82fda005a00dfb2bafda2e7a61e31a0e.json
new file mode 100644
index 0000000000000000000000000000000000000000..c84d43dcd686f6fce0fb7e339c64fef178805708
--- /dev/null
+++ b/src/plugins/wp/tests/wp_acsl/oracle_qualif/invalid_pointer.0.session/cache/82fda005a00dfb2bafda2e7a61e31a0e.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0105,
+ "steps": 15 }
diff --git a/src/plugins/wp/tests/wp_acsl/oracle_qualif/invalid_pointer.0.session/cache/a09f29e9995f66e54188484d0f6a022c.json b/src/plugins/wp/tests/wp_acsl/oracle_qualif/invalid_pointer.0.session/cache/a09f29e9995f66e54188484d0f6a022c.json
new file mode 100644
index 0000000000000000000000000000000000000000..518bcc1fe1c38a5dee6ee6f3660ac7b6177deaf5
--- /dev/null
+++ b/src/plugins/wp/tests/wp_acsl/oracle_qualif/invalid_pointer.0.session/cache/a09f29e9995f66e54188484d0f6a022c.json
@@ -0,0 +1 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.01, "steps": 14 }
diff --git a/src/plugins/wp/tests/wp_acsl/oracle_qualif/invalid_pointer.0.session/cache/a1789ac93bbdd1b61d2668d397e828b5.json b/src/plugins/wp/tests/wp_acsl/oracle_qualif/invalid_pointer.0.session/cache/a1789ac93bbdd1b61d2668d397e828b5.json
new file mode 100644
index 0000000000000000000000000000000000000000..bcc741b8f326f28cb37bd3b139bc1ca5cce32f4b
--- /dev/null
+++ b/src/plugins/wp/tests/wp_acsl/oracle_qualif/invalid_pointer.0.session/cache/a1789ac93bbdd1b61d2668d397e828b5.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0087,
+ "steps": 8 }
diff --git a/src/plugins/wp/tests/wp_acsl/oracle_qualif/invalid_pointer.0.session/cache/a66c1f9591316a451c831ed9aa33375a.json b/src/plugins/wp/tests/wp_acsl/oracle_qualif/invalid_pointer.0.session/cache/a66c1f9591316a451c831ed9aa33375a.json
new file mode 100644
index 0000000000000000000000000000000000000000..41a0ec6c82063b9ccb0ed747ad2bb9fa3e1dc091
--- /dev/null
+++ b/src/plugins/wp/tests/wp_acsl/oracle_qualif/invalid_pointer.0.session/cache/a66c1f9591316a451c831ed9aa33375a.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0099,
+ "steps": 10 }
diff --git a/src/plugins/wp/tests/wp_acsl/oracle_qualif/invalid_pointer.0.session/cache/bff665fbed54b18d00114b87eaddf2d7.json b/src/plugins/wp/tests/wp_acsl/oracle_qualif/invalid_pointer.0.session/cache/bff665fbed54b18d00114b87eaddf2d7.json
new file mode 100644
index 0000000000000000000000000000000000000000..46a81b1550229c7211af35d36f932ca6671ccd23
--- /dev/null
+++ b/src/plugins/wp/tests/wp_acsl/oracle_qualif/invalid_pointer.0.session/cache/bff665fbed54b18d00114b87eaddf2d7.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0149,
+ "steps": 22 }
diff --git a/src/plugins/wp/tests/wp_acsl/oracle_qualif/invalid_pointer.0.session/cache/e73bf6bee511f053358c2e0d3561a7e1.json b/src/plugins/wp/tests/wp_acsl/oracle_qualif/invalid_pointer.0.session/cache/e73bf6bee511f053358c2e0d3561a7e1.json
new file mode 100644
index 0000000000000000000000000000000000000000..d4e438038a9c53e3f3a69f85606d474e2924b985
--- /dev/null
+++ b/src/plugins/wp/tests/wp_acsl/oracle_qualif/invalid_pointer.0.session/cache/e73bf6bee511f053358c2e0d3561a7e1.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0116,
+ "steps": 15 }
diff --git a/src/plugins/wp/tests/wp_acsl/oracle_qualif/invalid_pointer.0.session/cache/edc73eb8a8cf742d31cbce5dfed79215.json b/src/plugins/wp/tests/wp_acsl/oracle_qualif/invalid_pointer.0.session/cache/edc73eb8a8cf742d31cbce5dfed79215.json
new file mode 100644
index 0000000000000000000000000000000000000000..5a8ea347aa4ffe9098294ec81942688f852a5171
--- /dev/null
+++ b/src/plugins/wp/tests/wp_acsl/oracle_qualif/invalid_pointer.0.session/cache/edc73eb8a8cf742d31cbce5dfed79215.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0106,
+ "steps": 16 }
diff --git a/src/plugins/wp/tests/wp_acsl/oracle_qualif/invalid_pointer.0.session/cache/f957b00472bc5ec2c8193749f227c435.json b/src/plugins/wp/tests/wp_acsl/oracle_qualif/invalid_pointer.0.session/cache/f957b00472bc5ec2c8193749f227c435.json
new file mode 100644
index 0000000000000000000000000000000000000000..1731ee7379687e621f7b9ba0258a69da092e430a
--- /dev/null
+++ b/src/plugins/wp/tests/wp_acsl/oracle_qualif/invalid_pointer.0.session/cache/f957b00472bc5ec2c8193749f227c435.json
@@ -0,0 +1 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.01, "steps": 11 }
diff --git a/src/plugins/wp/tests/wp_acsl/oracle_qualif/invalid_pointer.res.oracle b/src/plugins/wp/tests/wp_acsl/oracle_qualif/invalid_pointer.res.oracle
new file mode 100644
index 0000000000000000000000000000000000000000..600fdf9a79bf6be04ab2a6f2959a82199c5e350f
--- /dev/null
+++ b/src/plugins/wp/tests/wp_acsl/oracle_qualif/invalid_pointer.res.oracle
@@ -0,0 +1,36 @@
+# frama-c -wp [...]
+[kernel] Parsing tests/wp_acsl/invalid_pointer.c (with preprocessing)
+[wp] Running WP plugin...
+[wp] Loading driver 'share/wp.driver'
+[wp] Warning: Missing RTE guards
+[wp] tests/wp_acsl/invalid_pointer.c:21: Warning: void object
+[wp] 19 goals scheduled
+[wp] [Alt-Ergo] Goal typed_array_check_ARR : Valid
+[wp] [Qed] Goal typed_compound_check_M1 : Valid
+[wp] [Qed] Goal typed_compound_check_P0 : Valid
+[wp] [Qed] Goal typed_compound_check_P1 : Valid
+[wp] [Qed] Goal typed_compound_check_P2 : Valid
+[wp] [Alt-Ergo] Goal typed_compound_check_F : Valid
+[wp] [Alt-Ergo] Goal typed_compound_check_G : Valid
+[wp] [Alt-Ergo] Goal typed_compound_check_F2 : Valid
+[wp] [Alt-Ergo] Goal typed_compound_check_G2 : Valid
+[wp] [Qed] Goal typed_compound_check_AM : Valid
+[wp] [Qed] Goal typed_memvar_check_M1 : Valid
+[wp] [Qed] Goal typed_memvar_check_P0 : Valid
+[wp] [Qed] Goal typed_memvar_check_P1 : Valid
+[wp] [Qed] Goal typed_memvar_check_P2 : Valid
+[wp] [Alt-Ergo] Goal typed_pointer_check_M1 : Valid
+[wp] [Alt-Ergo] Goal typed_pointer_check_P0 : Valid
+[wp] [Alt-Ergo] Goal typed_pointer_check_P1 : Valid
+[wp] [Alt-Ergo] Goal typed_pointer_check_P2 : Valid
+[wp] [Alt-Ergo] Goal typed_pointer_check_NULL : Valid
+[wp] Proved goals: 19 / 19
+ Qed: 9
+ Alt-Ergo: 10
+------------------------------------------------------------
+ Functions WP Alt-Ergo Total Success
+ memvar 4 - 4 100%
+ pointer - 5 5 100%
+ array - 1 1 100%
+ compound 5 4 9 100%
+------------------------------------------------------------
diff --git a/src/plugins/wp/tests/wp_acsl/oracle_qualif/logic.0.session/cache/3c6e8a313ea22d4bc1727ce213fa7a32.json b/src/plugins/wp/tests/wp_acsl/oracle_qualif/logic.0.session/cache/3c6e8a313ea22d4bc1727ce213fa7a32.json
new file mode 100644
index 0000000000000000000000000000000000000000..43afa6298c655fa57d10a7b891cc261abadb2b73
--- /dev/null
+++ b/src/plugins/wp/tests/wp_acsl/oracle_qualif/logic.0.session/cache/3c6e8a313ea22d4bc1727ce213fa7a32.json
@@ -0,0 +1 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "stepout", "steps": 50 }
diff --git a/src/plugins/wp/tests/wp_acsl/oracle_qualif/logic.0.session/cache/8ab45c40e1e4b7574dc56ff9ab462b9e.json b/src/plugins/wp/tests/wp_acsl/oracle_qualif/logic.0.session/cache/8ab45c40e1e4b7574dc56ff9ab462b9e.json
new file mode 100644
index 0000000000000000000000000000000000000000..43afa6298c655fa57d10a7b891cc261abadb2b73
--- /dev/null
+++ b/src/plugins/wp/tests/wp_acsl/oracle_qualif/logic.0.session/cache/8ab45c40e1e4b7574dc56ff9ab462b9e.json
@@ -0,0 +1 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "stepout", "steps": 50 }
diff --git a/src/plugins/wp/tests/wp_acsl/oracle_qualif/logic.0.session/cache/b2dccb583e60d479c0d381f01ce67a42.json b/src/plugins/wp/tests/wp_acsl/oracle_qualif/logic.0.session/cache/b2dccb583e60d479c0d381f01ce67a42.json
new file mode 100644
index 0000000000000000000000000000000000000000..3db4264b0a43fbd67ccdaffa18f2126b0dcc9b54
--- /dev/null
+++ b/src/plugins/wp/tests/wp_acsl/oracle_qualif/logic.0.session/cache/b2dccb583e60d479c0d381f01ce67a42.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0226,
+ "steps": 29 }
diff --git a/src/plugins/wp/tests/wp_acsl/oracle_qualif/logic.0.session/cache/de909dc4b72d103e8cf9096883ab48c9.json b/src/plugins/wp/tests/wp_acsl/oracle_qualif/logic.0.session/cache/de909dc4b72d103e8cf9096883ab48c9.json
new file mode 100644
index 0000000000000000000000000000000000000000..43afa6298c655fa57d10a7b891cc261abadb2b73
--- /dev/null
+++ b/src/plugins/wp/tests/wp_acsl/oracle_qualif/logic.0.session/cache/de909dc4b72d103e8cf9096883ab48c9.json
@@ -0,0 +1 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "stepout", "steps": 50 }
diff --git a/src/plugins/wp/tests/wp_acsl/oracle_qualif/looplabels.0.session/cache/087830674d518a84a70572bcc511f73c.json b/src/plugins/wp/tests/wp_acsl/oracle_qualif/looplabels.0.session/cache/087830674d518a84a70572bcc511f73c.json
new file mode 100644
index 0000000000000000000000000000000000000000..9fb781146d9dac5e2e849528507ecad941ec58fd
--- /dev/null
+++ b/src/plugins/wp/tests/wp_acsl/oracle_qualif/looplabels.0.session/cache/087830674d518a84a70572bcc511f73c.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.4058,
+ "steps": 360 }
diff --git a/src/plugins/wp/tests/wp_acsl/oracle_qualif/looplabels.0.session/cache/18a9a7122ae19461824b858ac602249a.json b/src/plugins/wp/tests/wp_acsl/oracle_qualif/looplabels.0.session/cache/18a9a7122ae19461824b858ac602249a.json
new file mode 100644
index 0000000000000000000000000000000000000000..fc0ca24b6c09a749ffb8200cc47579c7c1a49377
--- /dev/null
+++ b/src/plugins/wp/tests/wp_acsl/oracle_qualif/looplabels.0.session/cache/18a9a7122ae19461824b858ac602249a.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0127,
+ "steps": 22 }
diff --git a/src/plugins/wp/tests/wp_acsl/oracle_qualif/looplabels.0.session/cache/3fa100d08d6ab289efe6867d26dd6261.json b/src/plugins/wp/tests/wp_acsl/oracle_qualif/looplabels.0.session/cache/3fa100d08d6ab289efe6867d26dd6261.json
new file mode 100644
index 0000000000000000000000000000000000000000..771d264f00320945683bbf7c23daaafe1503c1e8
--- /dev/null
+++ b/src/plugins/wp/tests/wp_acsl/oracle_qualif/looplabels.0.session/cache/3fa100d08d6ab289efe6867d26dd6261.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0182,
+ "steps": 17 }
diff --git a/src/plugins/wp/tests/wp_acsl/oracle_qualif/looplabels.0.session/cache/bd55350a94ac10760699d752bc1585d3.json b/src/plugins/wp/tests/wp_acsl/oracle_qualif/looplabels.0.session/cache/bd55350a94ac10760699d752bc1585d3.json
new file mode 100644
index 0000000000000000000000000000000000000000..f70efdf335ba71d666d3bfaaa9d77670542de994
--- /dev/null
+++ b/src/plugins/wp/tests/wp_acsl/oracle_qualif/looplabels.0.session/cache/bd55350a94ac10760699d752bc1585d3.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0485,
+ "steps": 75 }
diff --git a/src/plugins/wp/tests/wp_acsl/oracle_qualif/looplabels.0.session/cache/f42d568fbe3428bab8f1402c8db924d3.json b/src/plugins/wp/tests/wp_acsl/oracle_qualif/looplabels.0.session/cache/f42d568fbe3428bab8f1402c8db924d3.json
new file mode 100644
index 0000000000000000000000000000000000000000..d194a9f8c58969fe5b5a11adcda23a334502103c
--- /dev/null
+++ b/src/plugins/wp/tests/wp_acsl/oracle_qualif/looplabels.0.session/cache/f42d568fbe3428bab8f1402c8db924d3.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0144,
+ "steps": 21 }
diff --git a/src/plugins/wp/tests/wp_acsl/oracle_qualif/null.0.session/cache/2112ab864e0651e150b5554b140c0721.json b/src/plugins/wp/tests/wp_acsl/oracle_qualif/null.0.session/cache/2112ab864e0651e150b5554b140c0721.json
new file mode 100644
index 0000000000000000000000000000000000000000..a7219b30ce1c3d829503929ae7a374b96c49cbf2
--- /dev/null
+++ b/src/plugins/wp/tests/wp_acsl/oracle_qualif/null.0.session/cache/2112ab864e0651e150b5554b140c0721.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0174,
+ "steps": 6 }
diff --git a/src/plugins/wp/tests/wp_acsl/oracle_qualif/null.0.session/cache/aad81927bc4771f96d0db10c87c31bf1.json b/src/plugins/wp/tests/wp_acsl/oracle_qualif/null.0.session/cache/aad81927bc4771f96d0db10c87c31bf1.json
new file mode 100644
index 0000000000000000000000000000000000000000..81b56ce9f888022eabb4ac7bc6fd416ea3a5f020
--- /dev/null
+++ b/src/plugins/wp/tests/wp_acsl/oracle_qualif/null.0.session/cache/aad81927bc4771f96d0db10c87c31bf1.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0124,
+ "steps": 6 }
diff --git a/src/plugins/wp/tests/wp_acsl/oracle_qualif/pointer.0.session/cache/47b74acd14f46caf2bab31cb3340e856.json b/src/plugins/wp/tests/wp_acsl/oracle_qualif/pointer.0.session/cache/47b74acd14f46caf2bab31cb3340e856.json
new file mode 100644
index 0000000000000000000000000000000000000000..56c395504289168c539ec44e6877a919ac85adc8
--- /dev/null
+++ b/src/plugins/wp/tests/wp_acsl/oracle_qualif/pointer.0.session/cache/47b74acd14f46caf2bab31cb3340e856.json
@@ -0,0 +1 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "unknown" }
diff --git a/src/plugins/wp/tests/wp_acsl/oracle_qualif/pointer.0.session/cache/5bafa9923e7396335d9ee20e2716d4fc.json b/src/plugins/wp/tests/wp_acsl/oracle_qualif/pointer.0.session/cache/5bafa9923e7396335d9ee20e2716d4fc.json
new file mode 100644
index 0000000000000000000000000000000000000000..56c395504289168c539ec44e6877a919ac85adc8
--- /dev/null
+++ b/src/plugins/wp/tests/wp_acsl/oracle_qualif/pointer.0.session/cache/5bafa9923e7396335d9ee20e2716d4fc.json
@@ -0,0 +1 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "unknown" }
diff --git a/src/plugins/wp/tests/wp_acsl/oracle_qualif/pointer.0.session/cache/df9f51a2a33abbdc1e33b3e88575ee88.json b/src/plugins/wp/tests/wp_acsl/oracle_qualif/pointer.0.session/cache/df9f51a2a33abbdc1e33b3e88575ee88.json
new file mode 100644
index 0000000000000000000000000000000000000000..56c395504289168c539ec44e6877a919ac85adc8
--- /dev/null
+++ b/src/plugins/wp/tests/wp_acsl/oracle_qualif/pointer.0.session/cache/df9f51a2a33abbdc1e33b3e88575ee88.json
@@ -0,0 +1 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "unknown" }
diff --git a/src/plugins/wp/tests/wp_acsl/oracle_qualif/pointer.0.session/cache/e6079b75bc05ca97140090d4e0b21c18.json b/src/plugins/wp/tests/wp_acsl/oracle_qualif/pointer.0.session/cache/e6079b75bc05ca97140090d4e0b21c18.json
new file mode 100644
index 0000000000000000000000000000000000000000..56c395504289168c539ec44e6877a919ac85adc8
--- /dev/null
+++ b/src/plugins/wp/tests/wp_acsl/oracle_qualif/pointer.0.session/cache/e6079b75bc05ca97140090d4e0b21c18.json
@@ -0,0 +1 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "unknown" }
diff --git a/src/plugins/wp/tests/wp_acsl/oracle_qualif/pointer.1.session/cache/47b74acd14f46caf2bab31cb3340e856.json b/src/plugins/wp/tests/wp_acsl/oracle_qualif/pointer.1.session/cache/47b74acd14f46caf2bab31cb3340e856.json
new file mode 100644
index 0000000000000000000000000000000000000000..56c395504289168c539ec44e6877a919ac85adc8
--- /dev/null
+++ b/src/plugins/wp/tests/wp_acsl/oracle_qualif/pointer.1.session/cache/47b74acd14f46caf2bab31cb3340e856.json
@@ -0,0 +1 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "unknown" }
diff --git a/src/plugins/wp/tests/wp_acsl/oracle_qualif/pointer.1.session/cache/5bafa9923e7396335d9ee20e2716d4fc.json b/src/plugins/wp/tests/wp_acsl/oracle_qualif/pointer.1.session/cache/5bafa9923e7396335d9ee20e2716d4fc.json
new file mode 100644
index 0000000000000000000000000000000000000000..56c395504289168c539ec44e6877a919ac85adc8
--- /dev/null
+++ b/src/plugins/wp/tests/wp_acsl/oracle_qualif/pointer.1.session/cache/5bafa9923e7396335d9ee20e2716d4fc.json
@@ -0,0 +1 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "unknown" }
diff --git a/src/plugins/wp/tests/wp_acsl/oracle_qualif/pointer.1.session/cache/df9f51a2a33abbdc1e33b3e88575ee88.json b/src/plugins/wp/tests/wp_acsl/oracle_qualif/pointer.1.session/cache/df9f51a2a33abbdc1e33b3e88575ee88.json
new file mode 100644
index 0000000000000000000000000000000000000000..56c395504289168c539ec44e6877a919ac85adc8
--- /dev/null
+++ b/src/plugins/wp/tests/wp_acsl/oracle_qualif/pointer.1.session/cache/df9f51a2a33abbdc1e33b3e88575ee88.json
@@ -0,0 +1 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "unknown" }
diff --git a/src/plugins/wp/tests/wp_acsl/oracle_qualif/pointer.1.session/cache/e6079b75bc05ca97140090d4e0b21c18.json b/src/plugins/wp/tests/wp_acsl/oracle_qualif/pointer.1.session/cache/e6079b75bc05ca97140090d4e0b21c18.json
new file mode 100644
index 0000000000000000000000000000000000000000..56c395504289168c539ec44e6877a919ac85adc8
--- /dev/null
+++ b/src/plugins/wp/tests/wp_acsl/oracle_qualif/pointer.1.session/cache/e6079b75bc05ca97140090d4e0b21c18.json
@@ -0,0 +1 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "unknown" }
diff --git a/src/plugins/wp/tests/wp_acsl/oracle_qualif/post_result.0.session/cache/aeba54fcd5bc6c917c8d92eb80efed6d.json b/src/plugins/wp/tests/wp_acsl/oracle_qualif/post_result.0.session/cache/aeba54fcd5bc6c917c8d92eb80efed6d.json
new file mode 100644
index 0000000000000000000000000000000000000000..43afa6298c655fa57d10a7b891cc261abadb2b73
--- /dev/null
+++ b/src/plugins/wp/tests/wp_acsl/oracle_qualif/post_result.0.session/cache/aeba54fcd5bc6c917c8d92eb80efed6d.json
@@ -0,0 +1 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "stepout", "steps": 50 }
diff --git a/src/plugins/wp/tests/wp_acsl/oracle_qualif/reads.0.session/cache/0cbdd126867b26cc1e3fc3a5b279bb0d.json b/src/plugins/wp/tests/wp_acsl/oracle_qualif/reads.0.session/cache/0cbdd126867b26cc1e3fc3a5b279bb0d.json
new file mode 100644
index 0000000000000000000000000000000000000000..74b5e4e71dd51edaa2ed491eedc7405c662c052e
--- /dev/null
+++ b/src/plugins/wp/tests/wp_acsl/oracle_qualif/reads.0.session/cache/0cbdd126867b26cc1e3fc3a5b279bb0d.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0178,
+ "steps": 15 }
diff --git a/src/plugins/wp/tests/wp_acsl/oracle_qualif/reads.0.session/cache/cd6211b4ab473cbfa4d355d0a774ef99.json b/src/plugins/wp/tests/wp_acsl/oracle_qualif/reads.0.session/cache/cd6211b4ab473cbfa4d355d0a774ef99.json
new file mode 100644
index 0000000000000000000000000000000000000000..ecb3dacb954f4ed2915d088ba972756b5da8dbc0
--- /dev/null
+++ b/src/plugins/wp/tests/wp_acsl/oracle_qualif/reads.0.session/cache/cd6211b4ab473cbfa4d355d0a774ef99.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0216,
+ "steps": 21 }
diff --git a/src/plugins/wp/tests/wp_acsl/oracle_qualif/simpl_is_type.0.session/cache/07b7a43b195fb4f33dd51c9d6bd273d4.json b/src/plugins/wp/tests/wp_acsl/oracle_qualif/simpl_is_type.0.session/cache/07b7a43b195fb4f33dd51c9d6bd273d4.json
new file mode 100644
index 0000000000000000000000000000000000000000..739bdf84a3a9c0554dd013abc4170314554e3978
--- /dev/null
+++ b/src/plugins/wp/tests/wp_acsl/oracle_qualif/simpl_is_type.0.session/cache/07b7a43b195fb4f33dd51c9d6bd273d4.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0179,
+ "steps": 19 }
diff --git a/src/plugins/wp/tests/wp_acsl/oracle_qualif/simpl_is_type.0.session/cache/22ae78621c875b3d3cafc538d7eb7ff4.json b/src/plugins/wp/tests/wp_acsl/oracle_qualif/simpl_is_type.0.session/cache/22ae78621c875b3d3cafc538d7eb7ff4.json
new file mode 100644
index 0000000000000000000000000000000000000000..5eb0206d8671fd51b54c12adf5495aded1e61832
--- /dev/null
+++ b/src/plugins/wp/tests/wp_acsl/oracle_qualif/simpl_is_type.0.session/cache/22ae78621c875b3d3cafc538d7eb7ff4.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0192,
+ "steps": 16 }
diff --git a/src/plugins/wp/tests/wp_acsl/oracle_qualif/simpl_is_type.0.session/cache/2be784ca088c5e1a38cbb9ef0222a259.json b/src/plugins/wp/tests/wp_acsl/oracle_qualif/simpl_is_type.0.session/cache/2be784ca088c5e1a38cbb9ef0222a259.json
new file mode 100644
index 0000000000000000000000000000000000000000..5dd92818c000919382e2b6e0ba293d13d641c33e
--- /dev/null
+++ b/src/plugins/wp/tests/wp_acsl/oracle_qualif/simpl_is_type.0.session/cache/2be784ca088c5e1a38cbb9ef0222a259.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0299,
+ "steps": 31 }
diff --git a/src/plugins/wp/tests/wp_acsl/oracle_qualif/simpl_is_type.0.session/cache/54f4913abf23075ad98087f17fc620ee.json b/src/plugins/wp/tests/wp_acsl/oracle_qualif/simpl_is_type.0.session/cache/54f4913abf23075ad98087f17fc620ee.json
new file mode 100644
index 0000000000000000000000000000000000000000..952c3b9c4e376901cb9cc22c3ea7febf2a4d2a71
--- /dev/null
+++ b/src/plugins/wp/tests/wp_acsl/oracle_qualif/simpl_is_type.0.session/cache/54f4913abf23075ad98087f17fc620ee.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0283,
+ "steps": 29 }
diff --git a/src/plugins/wp/tests/wp_acsl/oracle_qualif/simpl_is_type.0.session/cache/72b24ef7daf0640c07d9fffa1961d184.json b/src/plugins/wp/tests/wp_acsl/oracle_qualif/simpl_is_type.0.session/cache/72b24ef7daf0640c07d9fffa1961d184.json
new file mode 100644
index 0000000000000000000000000000000000000000..4c66f3753df70313fc436ce036230a460ccdef3b
--- /dev/null
+++ b/src/plugins/wp/tests/wp_acsl/oracle_qualif/simpl_is_type.0.session/cache/72b24ef7daf0640c07d9fffa1961d184.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0279,
+ "steps": 45 }
diff --git a/src/plugins/wp/tests/wp_acsl/oracle_qualif/simpl_is_type.0.session/cache/8445d12d440f5e77ee1f7f848cc15b68.json b/src/plugins/wp/tests/wp_acsl/oracle_qualif/simpl_is_type.0.session/cache/8445d12d440f5e77ee1f7f848cc15b68.json
new file mode 100644
index 0000000000000000000000000000000000000000..8fc02eb42f00fe3c97ff0b4a3991d8f66d5c6d03
--- /dev/null
+++ b/src/plugins/wp/tests/wp_acsl/oracle_qualif/simpl_is_type.0.session/cache/8445d12d440f5e77ee1f7f848cc15b68.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0285,
+ "steps": 21 }
diff --git a/src/plugins/wp/tests/wp_acsl/oracle_qualif/simpl_is_type.0.session/cache/8fb3eea396680aa56e7f96b68ebc2245.json b/src/plugins/wp/tests/wp_acsl/oracle_qualif/simpl_is_type.0.session/cache/8fb3eea396680aa56e7f96b68ebc2245.json
new file mode 100644
index 0000000000000000000000000000000000000000..1a29e64322711351638d2a0561a618b43d318fed
--- /dev/null
+++ b/src/plugins/wp/tests/wp_acsl/oracle_qualif/simpl_is_type.0.session/cache/8fb3eea396680aa56e7f96b68ebc2245.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0323,
+ "steps": 43 }
diff --git a/src/plugins/wp/tests/wp_acsl/oracle_qualif/simpl_is_type.0.session/cache/b583dc30d2074490b3fe0ec73cde2dba.json b/src/plugins/wp/tests/wp_acsl/oracle_qualif/simpl_is_type.0.session/cache/b583dc30d2074490b3fe0ec73cde2dba.json
new file mode 100644
index 0000000000000000000000000000000000000000..5c6852eb4e43cdd773b1f7393b89986daf729888
--- /dev/null
+++ b/src/plugins/wp/tests/wp_acsl/oracle_qualif/simpl_is_type.0.session/cache/b583dc30d2074490b3fe0ec73cde2dba.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0198,
+ "steps": 16 }
diff --git a/src/plugins/wp/tests/wp_acsl/oracle_qualif/simpl_is_type.0.session/cache/ea5ad50dafc3e3b81b14b672b31faf00.json b/src/plugins/wp/tests/wp_acsl/oracle_qualif/simpl_is_type.0.session/cache/ea5ad50dafc3e3b81b14b672b31faf00.json
new file mode 100644
index 0000000000000000000000000000000000000000..e61c0f80470c3ab7efb8be3f075a6f9c0c0a77cb
--- /dev/null
+++ b/src/plugins/wp/tests/wp_acsl/oracle_qualif/simpl_is_type.0.session/cache/ea5ad50dafc3e3b81b14b672b31faf00.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.037,
+ "steps": 63 }
diff --git a/src/plugins/wp/tests/wp_bts/issue_837.c b/src/plugins/wp/tests/wp_bts/issue_837.c
new file mode 100644
index 0000000000000000000000000000000000000000..c266ff9973679b4fdf1b44c133f30128062d11e4
--- /dev/null
+++ b/src/plugins/wp/tests/wp_bts/issue_837.c
@@ -0,0 +1,15 @@
+#define TEST(x) ( x ? 1 : 0 )
+
+//@ assigns \nothing;
+void foo(int a, int b)
+{
+ if (a && TEST(b)) ; else if (TEST(b))
+ {} // BUG: the assigns is not proved by WP
+}
+
+//@ assigns \nothing;
+void bar(int a, int b)
+{
+ if (a && TEST(b)) ; else if (TEST(b))
+ ; // OK: the assigns is correctly proved by WP
+}
diff --git a/src/plugins/wp/tests/wp_bts/oracle/bts0843.res.oracle b/src/plugins/wp/tests/wp_bts/oracle/bts0843.res.oracle
index 127e971b35add046ba4db4dafe3a260d1c433b22..27c968f5192f71b0734cbd8e66470d94fe130421 100644
--- a/src/plugins/wp/tests/wp_bts/oracle/bts0843.res.oracle
+++ b/src/plugins/wp/tests/wp_bts/oracle/bts0843.res.oracle
@@ -18,7 +18,7 @@ Prove: true.
Goal Assigns (file tests/wp_bts/bts0843.i, line 14) in 'g3':
Call Effect at line 16
-Let a = Mptr_0[global(G_p_18)].
+Let a = Mptr_0[global(G_p_20)].
Let a_1 = shiftfield_F1_a(a).
Assume {
(* Heap *)
@@ -34,7 +34,7 @@ Prove: a_1 = shiftfield_F1_a(Mptr_0[L_p_ref]).
Goal Assigns (file tests/wp_bts/bts0843.i, line 14) in 'g3':
Call Effect at line 16
-Let a = Mptr_0[global(G_p_18)].
+Let a = Mptr_0[global(G_p_20)].
Let a_1 = shiftfield_F1_a(a).
Assume {
(* Heap *)
diff --git a/src/plugins/wp/tests/wp_bts/oracle/bts986.res.oracle b/src/plugins/wp/tests/wp_bts/oracle/bts986.res.oracle
index ce79600349b168bb90ce646baaf14ee145b4c160..f0a8fc075ef2b1ef704531b09a173e69cbcce599 100644
--- a/src/plugins/wp/tests/wp_bts/oracle/bts986.res.oracle
+++ b/src/plugins/wp/tests/wp_bts/oracle/bts986.res.oracle
@@ -9,6 +9,6 @@
Goal Assertion 'A' (file tests/wp_bts/bts986.i, line 12):
Assume { (* Heap *) Type: linked(Malloc_0). }
-Prove: !valid_rw(Malloc_0[L_x_21 <- 0], global(L_x_21), 1).
+Prove: !valid_rw(Malloc_0[L_x_23 <- 0], global(L_x_23), 1).
------------------------------------------------------------
diff --git a/src/plugins/wp/tests/wp_bts/oracle/bts_1382.res.oracle b/src/plugins/wp/tests/wp_bts/oracle/bts_1382.res.oracle
index 06a8ba6dc041b09818665d0e65aca73f07c6420e..07498d37853ed0b526e39db6fbf78d2dfa216971 100644
--- a/src/plugins/wp/tests/wp_bts/oracle/bts_1382.res.oracle
+++ b/src/plugins/wp/tests/wp_bts/oracle/bts_1382.res.oracle
@@ -41,7 +41,7 @@ Assume {
(* Then *)
Have: i <= 99.
}
-Prove: global(G_dest_43) = w.
+Prove: global(G_dest_45) = w.
------------------------------------------------------------
@@ -66,6 +66,6 @@ Assume {
(* Then *)
Have: i <= 99.
}
-Prove: included(a, 4, global(G_dest_43), 1).
+Prove: included(a, 4, global(G_dest_45), 1).
------------------------------------------------------------
diff --git a/src/plugins/wp/tests/wp_bts/oracle/bts_1828.0.res.oracle b/src/plugins/wp/tests/wp_bts/oracle/bts_1828.0.res.oracle
index 811b400b32bc42483ba075d5d271e1ee91c6a369..0054a9afc534ef9dabc91f05cfd5c7473c1f35d4 100644
--- a/src/plugins/wp/tests/wp_bts/oracle/bts_1828.0.res.oracle
+++ b/src/plugins/wp/tests/wp_bts/oracle/bts_1828.0.res.oracle
@@ -63,7 +63,7 @@ Assume {
(* Pre-condition *)
Have: valid_rw(Malloc_0, one_0, 1).
}
-Prove: global(L_two_22) != one_0.
+Prove: global(L_two_24) != one_0.
------------------------------------------------------------
[wp] Warning: Memory model hypotheses for function 'global_frame':
diff --git a/src/plugins/wp/tests/wp_bts/oracle/bts_1828.1.res.oracle b/src/plugins/wp/tests/wp_bts/oracle/bts_1828.1.res.oracle
index 665539648c83408618818e7ae9ad2cd96419cb03..3949d8d5a746ef39ce761d4744be2896bfa2b93e 100644
--- a/src/plugins/wp/tests/wp_bts/oracle/bts_1828.1.res.oracle
+++ b/src/plugins/wp/tests/wp_bts/oracle/bts_1828.1.res.oracle
@@ -42,7 +42,7 @@ Assume {
(* Pre-condition *)
Have: valid_rw(Malloc_0, one_0, 1).
}
-Prove: global(L_two_22) != one_0.
+Prove: global(L_two_24) != one_0.
------------------------------------------------------------
[wp] Warning: Memory model hypotheses for function 'global_frame':
diff --git a/src/plugins/wp/tests/wp_bts/oracle/issue_715_b.res.oracle b/src/plugins/wp/tests/wp_bts/oracle/issue_715_b.res.oracle
index 433297728cb35999429def26a678c5e5e7a996b2..06b261910a55579c8431e60213bf9906b379709c 100644
--- a/src/plugins/wp/tests/wp_bts/oracle/issue_715_b.res.oracle
+++ b/src/plugins/wp/tests/wp_bts/oracle/issue_715_b.res.oracle
@@ -12,7 +12,7 @@
Goal Instance of 'Pre-condition (file tests/wp_bts/issue_715_b.i, line 4) in 'dummy'' in 'foo' at call 'dummy' (file tests/wp_bts/issue_715_b.i, line 11)
:
Assume { (* Heap *) Type: linked(Malloc_0). }
-Prove: P_isValid(Malloc_0[L_p_28 <- 1], shift_sint32(global(L_p_28), 0)).
+Prove: P_isValid(Malloc_0[L_p_30 <- 1], shift_sint32(global(L_p_30), 0)).
------------------------------------------------------------
diff --git a/src/plugins/wp/tests/wp_bts/oracle/issue_837.res.oracle b/src/plugins/wp/tests/wp_bts/oracle/issue_837.res.oracle
new file mode 100644
index 0000000000000000000000000000000000000000..d1e95f07802a37aca4d1c87ef2585aad84f75219
--- /dev/null
+++ b/src/plugins/wp/tests/wp_bts/oracle/issue_837.res.oracle
@@ -0,0 +1,65 @@
+# frama-c -wp [...]
+[kernel] Parsing tests/wp_bts/issue_837.c (with preprocessing)
+[wp] Running WP plugin...
+[wp] Loading driver 'share/wp.driver'
+[wp] Warning: Missing RTE guards
+------------------------------------------------------------
+ Function bar
+------------------------------------------------------------
+
+Goal Assigns nothing in 'bar' (1/5):
+Effect at line 13
+Prove: true.
+
+------------------------------------------------------------
+
+Goal Assigns nothing in 'bar' (2/5):
+Effect at line 13
+Prove: true.
+
+------------------------------------------------------------
+
+Goal Assigns nothing in 'bar' (3/5):
+Effect at line 13
+Prove: true.
+
+------------------------------------------------------------
+
+Goal Assigns nothing in 'bar' (4/5):
+Effect at line 13
+Prove: true.
+
+------------------------------------------------------------
+
+Goal Assigns nothing in 'bar' (5/5):
+Effect at line 13
+Prove: true.
+
+------------------------------------------------------------
+------------------------------------------------------------
+ Function foo
+------------------------------------------------------------
+
+Goal Assigns nothing in 'foo' (1/4):
+Effect at line 6
+Prove: true.
+
+------------------------------------------------------------
+
+Goal Assigns nothing in 'foo' (2/4):
+Effect at line 6
+Prove: true.
+
+------------------------------------------------------------
+
+Goal Assigns nothing in 'foo' (3/4):
+Effect at line 6
+Prove: true.
+
+------------------------------------------------------------
+
+Goal Assigns nothing in 'foo' (4/4):
+Effect at line 6
+Prove: true.
+
+------------------------------------------------------------
diff --git a/src/plugins/wp/tests/wp_bts/oracle_qualif/bts779.0.session/cache/39afa23189acb8a1b45f730656f3293d.json b/src/plugins/wp/tests/wp_bts/oracle_qualif/bts779.0.session/cache/39afa23189acb8a1b45f730656f3293d.json
new file mode 100644
index 0000000000000000000000000000000000000000..b8e36e2803fcc35bf7625695f4ebcfc62989c064
--- /dev/null
+++ b/src/plugins/wp/tests/wp_bts/oracle_qualif/bts779.0.session/cache/39afa23189acb8a1b45f730656f3293d.json
@@ -0,0 +1 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "timeout", "time": 10. }
diff --git a/src/plugins/wp/tests/wp_bts/oracle_qualif/bts779.0.session/cache/b020d8fbac2c1f5a2bb5eff45748c8a2.json b/src/plugins/wp/tests/wp_bts/oracle_qualif/bts779.0.session/cache/b020d8fbac2c1f5a2bb5eff45748c8a2.json
new file mode 100644
index 0000000000000000000000000000000000000000..4d64930cd12785012fb93f074e8d13c75e6f9771
--- /dev/null
+++ b/src/plugins/wp/tests/wp_bts/oracle_qualif/bts779.0.session/cache/b020d8fbac2c1f5a2bb5eff45748c8a2.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0235,
+ "steps": 16 }
diff --git a/src/plugins/wp/tests/wp_bts/oracle_qualif/bts986.0.session/cache/d9121cbf1bf929d8a33ed73cdc206552.json b/src/plugins/wp/tests/wp_bts/oracle_qualif/bts986.0.session/cache/d9121cbf1bf929d8a33ed73cdc206552.json
new file mode 100644
index 0000000000000000000000000000000000000000..c7b6459aaa6dcbdeb3d837fad21bf114f5a21de3
--- /dev/null
+++ b/src/plugins/wp/tests/wp_bts/oracle_qualif/bts986.0.session/cache/d9121cbf1bf929d8a33ed73cdc206552.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0185,
+ "steps": 14 }
diff --git a/src/plugins/wp/tests/wp_bts/oracle_qualif/bts_1360.0.session/cache/baf52c3966dd21bbba0c7a9c81245af2.json b/src/plugins/wp/tests/wp_bts/oracle_qualif/bts_1360.0.session/cache/baf52c3966dd21bbba0c7a9c81245af2.json
new file mode 100644
index 0000000000000000000000000000000000000000..b8e36e2803fcc35bf7625695f4ebcfc62989c064
--- /dev/null
+++ b/src/plugins/wp/tests/wp_bts/oracle_qualif/bts_1360.0.session/cache/baf52c3966dd21bbba0c7a9c81245af2.json
@@ -0,0 +1 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "timeout", "time": 10. }
diff --git a/src/plugins/wp/tests/wp_bts/oracle_qualif/bts_1360.0.session/cache/e832de44187e0b48e1388bf9d9475713.json b/src/plugins/wp/tests/wp_bts/oracle_qualif/bts_1360.0.session/cache/e832de44187e0b48e1388bf9d9475713.json
new file mode 100644
index 0000000000000000000000000000000000000000..333dc80e3be999c4a93721cd696f2735fe1ee429
--- /dev/null
+++ b/src/plugins/wp/tests/wp_bts/oracle_qualif/bts_1360.0.session/cache/e832de44187e0b48e1388bf9d9475713.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0183,
+ "steps": 19 }
diff --git a/src/plugins/wp/tests/wp_bts/oracle_qualif/bts_1601.0.session/cache/75f6139d28d2176c962de1fda927c848.json b/src/plugins/wp/tests/wp_bts/oracle_qualif/bts_1601.0.session/cache/75f6139d28d2176c962de1fda927c848.json
new file mode 100644
index 0000000000000000000000000000000000000000..52114a906feccb504b64df055e1256bb0f0254cf
--- /dev/null
+++ b/src/plugins/wp/tests/wp_bts/oracle_qualif/bts_1601.0.session/cache/75f6139d28d2176c962de1fda927c848.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.2655,
+ "steps": 429 }
diff --git a/src/plugins/wp/tests/wp_bts/oracle_qualif/bts_1828.0.session/cache/420e102e36b2fd0c60d608072d4bbb2b.json b/src/plugins/wp/tests/wp_bts/oracle_qualif/bts_1828.0.session/cache/420e102e36b2fd0c60d608072d4bbb2b.json
new file mode 100644
index 0000000000000000000000000000000000000000..56c395504289168c539ec44e6877a919ac85adc8
--- /dev/null
+++ b/src/plugins/wp/tests/wp_bts/oracle_qualif/bts_1828.0.session/cache/420e102e36b2fd0c60d608072d4bbb2b.json
@@ -0,0 +1 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "unknown" }
diff --git a/src/plugins/wp/tests/wp_bts/oracle_qualif/bts_1828.0.session/cache/e875e59da9e2107108c67c5c5e48fac1.json b/src/plugins/wp/tests/wp_bts/oracle_qualif/bts_1828.0.session/cache/e875e59da9e2107108c67c5c5e48fac1.json
new file mode 100644
index 0000000000000000000000000000000000000000..28e4a902e10ee255692a2d261e06064bda794306
--- /dev/null
+++ b/src/plugins/wp/tests/wp_bts/oracle_qualif/bts_1828.0.session/cache/e875e59da9e2107108c67c5c5e48fac1.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0128,
+ "steps": 6 }
diff --git a/src/plugins/wp/tests/wp_bts/oracle_qualif/bts_1828.0.session/cache/ffed0f9e761b9b65d16681ee125d45de.json b/src/plugins/wp/tests/wp_bts/oracle_qualif/bts_1828.0.session/cache/ffed0f9e761b9b65d16681ee125d45de.json
new file mode 100644
index 0000000000000000000000000000000000000000..b8e36e2803fcc35bf7625695f4ebcfc62989c064
--- /dev/null
+++ b/src/plugins/wp/tests/wp_bts/oracle_qualif/bts_1828.0.session/cache/ffed0f9e761b9b65d16681ee125d45de.json
@@ -0,0 +1 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "timeout", "time": 10. }
diff --git a/src/plugins/wp/tests/wp_bts/oracle_qualif/bts_1828.1.session/cache/e875e59da9e2107108c67c5c5e48fac1.json b/src/plugins/wp/tests/wp_bts/oracle_qualif/bts_1828.1.session/cache/e875e59da9e2107108c67c5c5e48fac1.json
new file mode 100644
index 0000000000000000000000000000000000000000..bfb9931ec6c275b906e28bb769948d8efebda736
--- /dev/null
+++ b/src/plugins/wp/tests/wp_bts/oracle_qualif/bts_1828.1.session/cache/e875e59da9e2107108c67c5c5e48fac1.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0157,
+ "steps": 6 }
diff --git a/src/plugins/wp/tests/wp_bts/oracle_qualif/issue-364.0.session/cache/2065ac6b91a5b85360f219bf4cb61e6f.json b/src/plugins/wp/tests/wp_bts/oracle_qualif/issue-364.0.session/cache/2065ac6b91a5b85360f219bf4cb61e6f.json
new file mode 100644
index 0000000000000000000000000000000000000000..009fab52dfce5890a0108adc8e1aef0c1927f268
--- /dev/null
+++ b/src/plugins/wp/tests/wp_bts/oracle_qualif/issue-364.0.session/cache/2065ac6b91a5b85360f219bf4cb61e6f.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0291,
+ "steps": 30 }
diff --git a/src/plugins/wp/tests/wp_bts/oracle_qualif/issue-364.0.session/cache/834bd396ea03675670f1d7506bf20204.json b/src/plugins/wp/tests/wp_bts/oracle_qualif/issue-364.0.session/cache/834bd396ea03675670f1d7506bf20204.json
new file mode 100644
index 0000000000000000000000000000000000000000..10aedde33da28f46f257dc20563da0533b65f7de
--- /dev/null
+++ b/src/plugins/wp/tests/wp_bts/oracle_qualif/issue-364.0.session/cache/834bd396ea03675670f1d7506bf20204.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0233,
+ "steps": 22 }
diff --git a/src/plugins/wp/tests/wp_bts/oracle_qualif/issue_494.0.session/cache/23393517d8e9a6945aaf5f8c70de67fd.json b/src/plugins/wp/tests/wp_bts/oracle_qualif/issue_494.0.session/cache/23393517d8e9a6945aaf5f8c70de67fd.json
new file mode 100644
index 0000000000000000000000000000000000000000..1bd7d90332a79765b6b8971cfd9274de138b4c85
--- /dev/null
+++ b/src/plugins/wp/tests/wp_bts/oracle_qualif/issue_494.0.session/cache/23393517d8e9a6945aaf5f8c70de67fd.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0206,
+ "steps": 12 }
diff --git a/src/plugins/wp/tests/wp_bts/oracle_qualif/issue_508.0.session/cache/1025ed1b7e69c8126064452d7cfa2035.json b/src/plugins/wp/tests/wp_bts/oracle_qualif/issue_508.0.session/cache/1025ed1b7e69c8126064452d7cfa2035.json
new file mode 100644
index 0000000000000000000000000000000000000000..21d07dfcce65edb5e41a52b705ce26ab6f21301e
--- /dev/null
+++ b/src/plugins/wp/tests/wp_bts/oracle_qualif/issue_508.0.session/cache/1025ed1b7e69c8126064452d7cfa2035.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0425,
+ "steps": 58 }
diff --git a/src/plugins/wp/tests/wp_bts/oracle_qualif/issue_715_b.0.session/cache/9bd0456062678ca3e8613d336cf8a543.json b/src/plugins/wp/tests/wp_bts/oracle_qualif/issue_715_b.0.session/cache/9bd0456062678ca3e8613d336cf8a543.json
new file mode 100644
index 0000000000000000000000000000000000000000..67ddfe4ca314196ad4e5e4f68bd1c98722afdc02
--- /dev/null
+++ b/src/plugins/wp/tests/wp_bts/oracle_qualif/issue_715_b.0.session/cache/9bd0456062678ca3e8613d336cf8a543.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0149,
+ "steps": 13 }
diff --git a/src/plugins/wp/tests/wp_bts/oracle_qualif/issue_751.0.session/cache/b02c74702da73481b452499d0feb4af7.json b/src/plugins/wp/tests/wp_bts/oracle_qualif/issue_751.0.session/cache/b02c74702da73481b452499d0feb4af7.json
new file mode 100644
index 0000000000000000000000000000000000000000..058bb4ba86229aa9ebebf17df3d86029802fa81f
--- /dev/null
+++ b/src/plugins/wp/tests/wp_bts/oracle_qualif/issue_751.0.session/cache/b02c74702da73481b452499d0feb4af7.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0635,
+ "steps": 47 }
diff --git a/src/plugins/wp/tests/wp_bts/oracle_qualif/issue_837.res.oracle b/src/plugins/wp/tests/wp_bts/oracle_qualif/issue_837.res.oracle
new file mode 100644
index 0000000000000000000000000000000000000000..1e55e4e4da4d50a375b1d5045388b3b665121725
--- /dev/null
+++ b/src/plugins/wp/tests/wp_bts/oracle_qualif/issue_837.res.oracle
@@ -0,0 +1,22 @@
+# frama-c -wp [...]
+[kernel] Parsing tests/wp_bts/issue_837.c (with preprocessing)
+[wp] Running WP plugin...
+[wp] Loading driver 'share/wp.driver'
+[wp] Warning: Missing RTE guards
+[wp] 9 goals scheduled
+[wp] [Qed] Goal typed_bar_assigns_part1 : Valid
+[wp] [Qed] Goal typed_bar_assigns_part2 : Valid
+[wp] [Qed] Goal typed_bar_assigns_part3 : Valid
+[wp] [Qed] Goal typed_bar_assigns_part4 : Valid
+[wp] [Qed] Goal typed_bar_assigns_part5 : Valid
+[wp] [Qed] Goal typed_foo_assigns_part1 : Valid
+[wp] [Qed] Goal typed_foo_assigns_part2 : Valid
+[wp] [Qed] Goal typed_foo_assigns_part3 : Valid
+[wp] [Qed] Goal typed_foo_assigns_part4 : Valid
+[wp] Proved goals: 9 / 9
+ Qed: 9
+------------------------------------------------------------
+ Functions WP Alt-Ergo Total Success
+ foo 4 - 4 100%
+ bar 5 - 5 100%
+------------------------------------------------------------
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/find.0.session/cache/10e70a38e2154839eaae1f1af07fdefc.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/find.0.session/cache/10e70a38e2154839eaae1f1af07fdefc.json
new file mode 100644
index 0000000000000000000000000000000000000000..f670c9122fdcf1438597762e7f6cb86a30b357e0
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/find.0.session/cache/10e70a38e2154839eaae1f1af07fdefc.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.034,
+ "steps": 58 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/find.0.session/cache/135f708793f6fbdc42f4f9d1d1a915c3.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/find.0.session/cache/135f708793f6fbdc42f4f9d1d1a915c3.json
new file mode 100644
index 0000000000000000000000000000000000000000..434184afe96e6f0938523cda99a3896b729bde51
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/find.0.session/cache/135f708793f6fbdc42f4f9d1d1a915c3.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0394,
+ "steps": 79 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/find.0.session/cache/196d356f0ee751ff8133066d78d7929c.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/find.0.session/cache/196d356f0ee751ff8133066d78d7929c.json
new file mode 100644
index 0000000000000000000000000000000000000000..c709a343f426344b4c0eb076634594100fdb8568
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/find.0.session/cache/196d356f0ee751ff8133066d78d7929c.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0427,
+ "steps": 106 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/find.0.session/cache/19d9f4b1d3439b94533a38f9eb1a9457.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/find.0.session/cache/19d9f4b1d3439b94533a38f9eb1a9457.json
new file mode 100644
index 0000000000000000000000000000000000000000..a94f32a073474b7c136733d6ac5bf17470115d02
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/find.0.session/cache/19d9f4b1d3439b94533a38f9eb1a9457.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0128,
+ "steps": 14 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/find.0.session/cache/1a1c741b4fc7ec6915e77dfd6219af40.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/find.0.session/cache/1a1c741b4fc7ec6915e77dfd6219af40.json
new file mode 100644
index 0000000000000000000000000000000000000000..b21eb75775a3e5ee456cf52bbb36d94e9396346a
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/find.0.session/cache/1a1c741b4fc7ec6915e77dfd6219af40.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0278,
+ "steps": 61 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/find.0.session/cache/1cdcca3d343f4d3666de43999a2859ca.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/find.0.session/cache/1cdcca3d343f4d3666de43999a2859ca.json
new file mode 100644
index 0000000000000000000000000000000000000000..3ac53c81763ce02ccec763e8b453e5c27597fa77
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/find.0.session/cache/1cdcca3d343f4d3666de43999a2859ca.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0754,
+ "steps": 120 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/find.0.session/cache/1eca7fb782936ff88f49a91e6dcd344c.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/find.0.session/cache/1eca7fb782936ff88f49a91e6dcd344c.json
new file mode 100644
index 0000000000000000000000000000000000000000..7a31f06fb91032ef284aaefdb6c34db6111dcb54
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/find.0.session/cache/1eca7fb782936ff88f49a91e6dcd344c.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0205,
+ "steps": 22 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/find.0.session/cache/1f176d5e2b1db0d6e22c16c743220569.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/find.0.session/cache/1f176d5e2b1db0d6e22c16c743220569.json
new file mode 100644
index 0000000000000000000000000000000000000000..61f2a1a0e1522ba78a8bf54d1fd3f0500c3e2b95
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/find.0.session/cache/1f176d5e2b1db0d6e22c16c743220569.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0206,
+ "steps": 17 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/find.0.session/cache/2a7b0348cb3cbb4fcbfad39cfd486e74.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/find.0.session/cache/2a7b0348cb3cbb4fcbfad39cfd486e74.json
new file mode 100644
index 0000000000000000000000000000000000000000..bffd6443d67a5c072467ed9d95a1cc58a4e1a5c2
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/find.0.session/cache/2a7b0348cb3cbb4fcbfad39cfd486e74.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.1732,
+ "steps": 221 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/find.0.session/cache/3505ecb809a014f95037869b0e9856e2.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/find.0.session/cache/3505ecb809a014f95037869b0e9856e2.json
new file mode 100644
index 0000000000000000000000000000000000000000..9d250f0216df61069b16bc47f8e796ba6528d566
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/find.0.session/cache/3505ecb809a014f95037869b0e9856e2.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0168,
+ "steps": 14 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/find.0.session/cache/3c7a12cba6964122ac5a406e963e0bac.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/find.0.session/cache/3c7a12cba6964122ac5a406e963e0bac.json
new file mode 100644
index 0000000000000000000000000000000000000000..dd7fbf5566cb2ade0402d1db7518ab1fda6e0013
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/find.0.session/cache/3c7a12cba6964122ac5a406e963e0bac.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.018,
+ "steps": 13 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/find.0.session/cache/42a0fc36bd9559b12c9d5c9ca7e6e427.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/find.0.session/cache/42a0fc36bd9559b12c9d5c9ca7e6e427.json
new file mode 100644
index 0000000000000000000000000000000000000000..0421126b2db7b312af2683f895ca735045c38d94
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/find.0.session/cache/42a0fc36bd9559b12c9d5c9ca7e6e427.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0142,
+ "steps": 22 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/find.0.session/cache/493aed7b8f27b8c3737d5175c5888710.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/find.0.session/cache/493aed7b8f27b8c3737d5175c5888710.json
new file mode 100644
index 0000000000000000000000000000000000000000..08288b910b93ca14d4ea93adc06f584b4c036664
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/find.0.session/cache/493aed7b8f27b8c3737d5175c5888710.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0307,
+ "steps": 69 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/find.0.session/cache/5610a35160a9c2fa66735e0a84235057.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/find.0.session/cache/5610a35160a9c2fa66735e0a84235057.json
new file mode 100644
index 0000000000000000000000000000000000000000..c506aea2841776c8106ac31133f04fd10bea05ce
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/find.0.session/cache/5610a35160a9c2fa66735e0a84235057.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.032,
+ "steps": 47 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/find.0.session/cache/5b41f41e7e6bfe1b5f2a7e510adfcc40.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/find.0.session/cache/5b41f41e7e6bfe1b5f2a7e510adfcc40.json
new file mode 100644
index 0000000000000000000000000000000000000000..c7468e8581e0d96d31a021c24f24d321aa0ce6fa
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/find.0.session/cache/5b41f41e7e6bfe1b5f2a7e510adfcc40.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0158,
+ "steps": 21 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/find.0.session/cache/68bff29417d8a9a908b65a5cdcb559a8.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/find.0.session/cache/68bff29417d8a9a908b65a5cdcb559a8.json
new file mode 100644
index 0000000000000000000000000000000000000000..cc532b9dabc5207f5a905bfc2add3b53a01056ee
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/find.0.session/cache/68bff29417d8a9a908b65a5cdcb559a8.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0157,
+ "steps": 12 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/find.0.session/cache/72222d01b03c631765b96be604890d30.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/find.0.session/cache/72222d01b03c631765b96be604890d30.json
new file mode 100644
index 0000000000000000000000000000000000000000..9595cc22cc678fcd1946fb961df76cc26ddbdf51
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/find.0.session/cache/72222d01b03c631765b96be604890d30.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0147,
+ "steps": 13 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/find.0.session/cache/7c34d2375d6a48a8a2126c8574daacfd.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/find.0.session/cache/7c34d2375d6a48a8a2126c8574daacfd.json
new file mode 100644
index 0000000000000000000000000000000000000000..a07c54a1e673927c282de9017e989a4d2584932f
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/find.0.session/cache/7c34d2375d6a48a8a2126c8574daacfd.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0242,
+ "steps": 32 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/find.0.session/cache/7dd61d8b30a0d3a1046e8cd99ddf1261.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/find.0.session/cache/7dd61d8b30a0d3a1046e8cd99ddf1261.json
new file mode 100644
index 0000000000000000000000000000000000000000..c3d1c994791222e797f6f902a15cf5d89507f2cd
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/find.0.session/cache/7dd61d8b30a0d3a1046e8cd99ddf1261.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0184,
+ "steps": 25 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/find.0.session/cache/84634dd1a45d865c6efeca0f4ab49056.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/find.0.session/cache/84634dd1a45d865c6efeca0f4ab49056.json
new file mode 100644
index 0000000000000000000000000000000000000000..419d06ca5df5f339dcef07d569cd1e18ccd65b22
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/find.0.session/cache/84634dd1a45d865c6efeca0f4ab49056.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0209,
+ "steps": 41 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/find.0.session/cache/8496a6c0c66a6097c0cc03d173f00c85.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/find.0.session/cache/8496a6c0c66a6097c0cc03d173f00c85.json
new file mode 100644
index 0000000000000000000000000000000000000000..a7353a8dcfb231dc8f114444e9f33e0f1750c8d7
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/find.0.session/cache/8496a6c0c66a6097c0cc03d173f00c85.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0268,
+ "steps": 45 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/find.0.session/cache/91c9d1dc4216af4315c0cc5b197aa492.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/find.0.session/cache/91c9d1dc4216af4315c0cc5b197aa492.json
new file mode 100644
index 0000000000000000000000000000000000000000..f8b172ef52a98dde5611caf964b052829defd236
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/find.0.session/cache/91c9d1dc4216af4315c0cc5b197aa492.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0185,
+ "steps": 30 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/find.0.session/cache/a37053af97bb1db4be167ff7423d4db8.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/find.0.session/cache/a37053af97bb1db4be167ff7423d4db8.json
new file mode 100644
index 0000000000000000000000000000000000000000..595f9b1d615df19f7901eb0977bdc3dec4ed9c84
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/find.0.session/cache/a37053af97bb1db4be167ff7423d4db8.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0178,
+ "steps": 29 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/find.0.session/cache/a97aa29b9f62010d94b1cbab03e4674f.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/find.0.session/cache/a97aa29b9f62010d94b1cbab03e4674f.json
new file mode 100644
index 0000000000000000000000000000000000000000..640fdc7ce097e6123b29c8c6af59cd63bcd8c0ad
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/find.0.session/cache/a97aa29b9f62010d94b1cbab03e4674f.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0178,
+ "steps": 20 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/find.0.session/cache/b3f4583c783aed5095d5f9366f0c583b.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/find.0.session/cache/b3f4583c783aed5095d5f9366f0c583b.json
new file mode 100644
index 0000000000000000000000000000000000000000..46ffc81e4b2ad877a69f4fd5a8db859d20affd6d
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/find.0.session/cache/b3f4583c783aed5095d5f9366f0c583b.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.1054,
+ "steps": 177 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/find.0.session/cache/bf04376f6c833a40b4eef1681e1b30f1.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/find.0.session/cache/bf04376f6c833a40b4eef1681e1b30f1.json
new file mode 100644
index 0000000000000000000000000000000000000000..2e660c334b0a9e321a21a0c82a75d0311020b245
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/find.0.session/cache/bf04376f6c833a40b4eef1681e1b30f1.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0282,
+ "steps": 29 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/find.0.session/cache/e1499a3b76fe2f4b3db4526b4115ff49.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/find.0.session/cache/e1499a3b76fe2f4b3db4526b4115ff49.json
new file mode 100644
index 0000000000000000000000000000000000000000..ae1766bb2922dd768444b654ba722070d8bc9490
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/find.0.session/cache/e1499a3b76fe2f4b3db4526b4115ff49.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0248,
+ "steps": 36 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/find.0.session/cache/f6df7d034c012e8f2ce7865d478879d5.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/find.0.session/cache/f6df7d034c012e8f2ce7865d478879d5.json
new file mode 100644
index 0000000000000000000000000000000000000000..5932bc52077f1449d4788bff69761efd8ed7db2a
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/find.0.session/cache/f6df7d034c012e8f2ce7865d478879d5.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0417,
+ "steps": 54 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo1_solved.0.session/cache/09bf4ce202d8fe39b4526829cb133533.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo1_solved.0.session/cache/09bf4ce202d8fe39b4526829cb133533.json
new file mode 100644
index 0000000000000000000000000000000000000000..a67ba7fad7ee6a05753c188035d79b5e51d0cf52
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo1_solved.0.session/cache/09bf4ce202d8fe39b4526829cb133533.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0133,
+ "steps": 13 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo1_solved.0.session/cache/12c217a27c7139d5f30742273bb085d0.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo1_solved.0.session/cache/12c217a27c7139d5f30742273bb085d0.json
new file mode 100644
index 0000000000000000000000000000000000000000..ff73660513cb21386e0f2267872e8188e1fb001f
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo1_solved.0.session/cache/12c217a27c7139d5f30742273bb085d0.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.028,
+ "steps": 51 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo1_solved.0.session/cache/14128ab2ffe87237e86d3203305033e7.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo1_solved.0.session/cache/14128ab2ffe87237e86d3203305033e7.json
new file mode 100644
index 0000000000000000000000000000000000000000..9db7a92407f15c9fe8f6ff2910db03d8ab902ec4
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo1_solved.0.session/cache/14128ab2ffe87237e86d3203305033e7.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0294,
+ "steps": 47 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo1_solved.0.session/cache/1b66f8317c14095c081f7afd5b594741.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo1_solved.0.session/cache/1b66f8317c14095c081f7afd5b594741.json
new file mode 100644
index 0000000000000000000000000000000000000000..596e6221f9dc6b70af3e54556559091791ff822f
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo1_solved.0.session/cache/1b66f8317c14095c081f7afd5b594741.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0732,
+ "steps": 163 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo1_solved.0.session/cache/40b6423d8ddcdc8d72f113ee27b56d23.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo1_solved.0.session/cache/40b6423d8ddcdc8d72f113ee27b56d23.json
new file mode 100644
index 0000000000000000000000000000000000000000..97af8d5b0907e3024937aa9e513b8bad3134dad4
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo1_solved.0.session/cache/40b6423d8ddcdc8d72f113ee27b56d23.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0219,
+ "steps": 31 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo1_solved.0.session/cache/415e18fe08911875e6c12f7bad3309c4.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo1_solved.0.session/cache/415e18fe08911875e6c12f7bad3309c4.json
new file mode 100644
index 0000000000000000000000000000000000000000..bc10b59a3109fc09420271a78f04509b38df5b62
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo1_solved.0.session/cache/415e18fe08911875e6c12f7bad3309c4.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0139,
+ "steps": 25 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo1_solved.0.session/cache/7622228a2ace3b4ea6973fb817034fe1.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo1_solved.0.session/cache/7622228a2ace3b4ea6973fb817034fe1.json
new file mode 100644
index 0000000000000000000000000000000000000000..f4cb006c2a14842ba430953b52f9a14cafd66573
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo1_solved.0.session/cache/7622228a2ace3b4ea6973fb817034fe1.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0208,
+ "steps": 36 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo1_solved.0.session/cache/7841f539527a85329546eb99578ee528.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo1_solved.0.session/cache/7841f539527a85329546eb99578ee528.json
new file mode 100644
index 0000000000000000000000000000000000000000..2a52a12e55284dd94a7e576ccbf7cba4e4b5bdf1
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo1_solved.0.session/cache/7841f539527a85329546eb99578ee528.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0361,
+ "steps": 51 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo1_solved.0.session/cache/f546de791b323fbc7cd8207ceb72043b.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo1_solved.0.session/cache/f546de791b323fbc7cd8207ceb72043b.json
new file mode 100644
index 0000000000000000000000000000000000000000..e0bdb82d1bf14706135301be06bca6902e4ce63f
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo1_solved.0.session/cache/f546de791b323fbc7cd8207ceb72043b.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0148,
+ "steps": 20 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo2_solved.0.session/cache/0446f6215cc2b5ece0a84642b8a23227.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo2_solved.0.session/cache/0446f6215cc2b5ece0a84642b8a23227.json
new file mode 100644
index 0000000000000000000000000000000000000000..b98ccd2f781766be5904bbac14ab71448ffe63f1
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo2_solved.0.session/cache/0446f6215cc2b5ece0a84642b8a23227.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0211,
+ "steps": 31 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo2_solved.0.session/cache/1ae181b24023bef5693b9686ebcfebc5.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo2_solved.0.session/cache/1ae181b24023bef5693b9686ebcfebc5.json
new file mode 100644
index 0000000000000000000000000000000000000000..713c9c9d04f48047a1a4353fe853858811e6db95
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo2_solved.0.session/cache/1ae181b24023bef5693b9686ebcfebc5.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0965,
+ "steps": 88 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo2_solved.0.session/cache/264a621e237c98dca54cad8896fc45f1.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo2_solved.0.session/cache/264a621e237c98dca54cad8896fc45f1.json
new file mode 100644
index 0000000000000000000000000000000000000000..306d62ba68abcce094af22342eda6040c5b5c767
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo2_solved.0.session/cache/264a621e237c98dca54cad8896fc45f1.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0245,
+ "steps": 41 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo2_solved.0.session/cache/3ce33a0a8dd65193f55247eca68d0add.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo2_solved.0.session/cache/3ce33a0a8dd65193f55247eca68d0add.json
new file mode 100644
index 0000000000000000000000000000000000000000..c3d0ba8cd90d5530ea795a9dd1955477ac654b7a
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo2_solved.0.session/cache/3ce33a0a8dd65193f55247eca68d0add.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0268,
+ "steps": 14 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo2_solved.0.session/cache/5ffb302fc24b5d55cfba13e1b133442e.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo2_solved.0.session/cache/5ffb302fc24b5d55cfba13e1b133442e.json
new file mode 100644
index 0000000000000000000000000000000000000000..6657051d53bd097d7aea9aeb89bddbea15b71d4f
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo2_solved.0.session/cache/5ffb302fc24b5d55cfba13e1b133442e.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0308,
+ "steps": 52 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo2_solved.0.session/cache/646c4849b1b86e71a02ed6b4e22a5e5a.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo2_solved.0.session/cache/646c4849b1b86e71a02ed6b4e22a5e5a.json
new file mode 100644
index 0000000000000000000000000000000000000000..6d32ee5d78919d036ee96d6c4c5cd4146aa84a80
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo2_solved.0.session/cache/646c4849b1b86e71a02ed6b4e22a5e5a.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0233,
+ "steps": 17 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo2_solved.0.session/cache/8328e1c16a7f7be1c88cb684053fd185.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo2_solved.0.session/cache/8328e1c16a7f7be1c88cb684053fd185.json
new file mode 100644
index 0000000000000000000000000000000000000000..aa7bae01e6e9f98a9d70a595b5635100f67e3bf4
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo2_solved.0.session/cache/8328e1c16a7f7be1c88cb684053fd185.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0398,
+ "steps": 61 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo2_solved.0.session/cache/839040132fbcfc4d3618a0fd1ed7c357.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo2_solved.0.session/cache/839040132fbcfc4d3618a0fd1ed7c357.json
new file mode 100644
index 0000000000000000000000000000000000000000..81f56ee0213761e92cc1201ecdb30cb6d27630b8
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo2_solved.0.session/cache/839040132fbcfc4d3618a0fd1ed7c357.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0365,
+ "steps": 32 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo2_solved.0.session/cache/93059dee8bcf5e3a31af3752b3b47c07.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo2_solved.0.session/cache/93059dee8bcf5e3a31af3752b3b47c07.json
new file mode 100644
index 0000000000000000000000000000000000000000..f89608473a012c14a40082c0402567b605d96cff
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo2_solved.0.session/cache/93059dee8bcf5e3a31af3752b3b47c07.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0374,
+ "steps": 46 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo2_solved.0.session/cache/944a7d63361ee9d7e563e26d0a674bee.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo2_solved.0.session/cache/944a7d63361ee9d7e563e26d0a674bee.json
new file mode 100644
index 0000000000000000000000000000000000000000..7aa6d00f113c192fb3646214b1531c6915968841
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo2_solved.0.session/cache/944a7d63361ee9d7e563e26d0a674bee.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.2937,
+ "steps": 531 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo2_solved.0.session/cache/a6b4cc7471adb5a2d0e53268d885e407.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo2_solved.0.session/cache/a6b4cc7471adb5a2d0e53268d885e407.json
new file mode 100644
index 0000000000000000000000000000000000000000..2e7c9d72195e6e35d78af82baaa11e7f434cde15
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo2_solved.0.session/cache/a6b4cc7471adb5a2d0e53268d885e407.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0144,
+ "steps": 16 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo2_solved.0.session/cache/d0e0a407fb1103313547ae958851d341.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo2_solved.0.session/cache/d0e0a407fb1103313547ae958851d341.json
new file mode 100644
index 0000000000000000000000000000000000000000..19bd1f9111198095ab52f19497bb28450bad78dc
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo2_solved.0.session/cache/d0e0a407fb1103313547ae958851d341.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.028,
+ "steps": 47 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo2_solved.0.session/cache/f2fc829e259a63aa018c8f5cf2ad51c0.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo2_solved.0.session/cache/f2fc829e259a63aa018c8f5cf2ad51c0.json
new file mode 100644
index 0000000000000000000000000000000000000000..710cf5b30a18ada54a403ecb044571b3bc19867c
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo2_solved.0.session/cache/f2fc829e259a63aa018c8f5cf2ad51c0.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0638,
+ "steps": 140 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.0.session/cache/0126fde627766c5e80152d3092ba2aee.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.0.session/cache/0126fde627766c5e80152d3092ba2aee.json
new file mode 100644
index 0000000000000000000000000000000000000000..ddd6f5521cd15d059d382b31f35a738c47c9a6e0
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.0.session/cache/0126fde627766c5e80152d3092ba2aee.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0347,
+ "steps": 110 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.0.session/cache/0818d1c09010d257ad8c6815571d99c3.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.0.session/cache/0818d1c09010d257ad8c6815571d99c3.json
new file mode 100644
index 0000000000000000000000000000000000000000..c5d54835903314c4f8c4a5b2c6584f127182d6d2
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.0.session/cache/0818d1c09010d257ad8c6815571d99c3.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0799,
+ "steps": 183 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.0.session/cache/102640ec6d1d7a8943086db5f48bebc0.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.0.session/cache/102640ec6d1d7a8943086db5f48bebc0.json
new file mode 100644
index 0000000000000000000000000000000000000000..ca98c49b0002db9f5ea41990387d3bd37326bdf8
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.0.session/cache/102640ec6d1d7a8943086db5f48bebc0.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 1.0526,
+ "steps": 587 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.0.session/cache/1241313db0937a5391841138a16626ef.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.0.session/cache/1241313db0937a5391841138a16626ef.json
new file mode 100644
index 0000000000000000000000000000000000000000..ce1e185b09e6628d5f441adb030baa59d3baae70
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.0.session/cache/1241313db0937a5391841138a16626ef.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.7961,
+ "steps": 443 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.0.session/cache/1722ca0d2e1d91ed7b209013be7aea8f.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.0.session/cache/1722ca0d2e1d91ed7b209013be7aea8f.json
new file mode 100644
index 0000000000000000000000000000000000000000..0badff24098dca1fbd6b12b6d1f4ce01ca74fe6b
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.0.session/cache/1722ca0d2e1d91ed7b209013be7aea8f.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0472,
+ "steps": 119 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.0.session/cache/4b25798e4a62bf641694ca833c687e01.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.0.session/cache/4b25798e4a62bf641694ca833c687e01.json
new file mode 100644
index 0000000000000000000000000000000000000000..00c336fba5515d05bc58934dc2eb0103216bfbd1
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.0.session/cache/4b25798e4a62bf641694ca833c687e01.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.5583,
+ "steps": 327 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.0.session/cache/51a0fccaa9c5a1f25e08d0458ea80328.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.0.session/cache/51a0fccaa9c5a1f25e08d0458ea80328.json
new file mode 100644
index 0000000000000000000000000000000000000000..90802945ba047ecb1d7a4d28735803436ee08cf7
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.0.session/cache/51a0fccaa9c5a1f25e08d0458ea80328.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0776,
+ "steps": 121 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.0.session/cache/55e7e2a928f55171c0e6181cae34c889.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.0.session/cache/55e7e2a928f55171c0e6181cae34c889.json
new file mode 100644
index 0000000000000000000000000000000000000000..a6a2d85616e0160e757cc7a577234227750a9450
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.0.session/cache/55e7e2a928f55171c0e6181cae34c889.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 1.1315,
+ "steps": 480 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.0.session/cache/5c661be4ce7386b877644ffa77d309d7.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.0.session/cache/5c661be4ce7386b877644ffa77d309d7.json
new file mode 100644
index 0000000000000000000000000000000000000000..8dfec9e3cb78efc229bfe59e274f1562293c5ed0
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.0.session/cache/5c661be4ce7386b877644ffa77d309d7.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0187,
+ "steps": 34 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.0.session/cache/61afefe4a097e7a7c785f3f4711f0081.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.0.session/cache/61afefe4a097e7a7c785f3f4711f0081.json
new file mode 100644
index 0000000000000000000000000000000000000000..4fdaf6b766aa0e63015405ed5af8dca5c23c32f6
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.0.session/cache/61afefe4a097e7a7c785f3f4711f0081.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0425,
+ "steps": 88 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.0.session/cache/682f9aad475f771ccd7cdc3bf7f9c96a.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.0.session/cache/682f9aad475f771ccd7cdc3bf7f9c96a.json
new file mode 100644
index 0000000000000000000000000000000000000000..919a3cc373fb952cb4e1d9e4d7384868fb1ea65b
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.0.session/cache/682f9aad475f771ccd7cdc3bf7f9c96a.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0347,
+ "steps": 100 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.0.session/cache/6ae4f6e0ab89bc7fc2e2cf55211c6247.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.0.session/cache/6ae4f6e0ab89bc7fc2e2cf55211c6247.json
new file mode 100644
index 0000000000000000000000000000000000000000..d6f70c831e6c03c4c940c2e13b458d906112ae7d
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.0.session/cache/6ae4f6e0ab89bc7fc2e2cf55211c6247.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0173,
+ "steps": 25 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.0.session/cache/6f4fec2bff531d88deff253886a30de4.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.0.session/cache/6f4fec2bff531d88deff253886a30de4.json
new file mode 100644
index 0000000000000000000000000000000000000000..0b26814ab8a9fceec6d1b5b2e4f43b9876ce646a
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.0.session/cache/6f4fec2bff531d88deff253886a30de4.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0731,
+ "steps": 148 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.0.session/cache/94cad0bd9e2c593f0562adbf518c46e5.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.0.session/cache/94cad0bd9e2c593f0562adbf518c46e5.json
new file mode 100644
index 0000000000000000000000000000000000000000..047c8691baa6c948f4b06d64d6b08bdc2f49eb03
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.0.session/cache/94cad0bd9e2c593f0562adbf518c46e5.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.045,
+ "steps": 122 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.0.session/cache/a3d422cc76ed132eeee720e81a464390.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.0.session/cache/a3d422cc76ed132eeee720e81a464390.json
new file mode 100644
index 0000000000000000000000000000000000000000..b1ca0306ed4416ff8f9609e67eba206c122f1260
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.0.session/cache/a3d422cc76ed132eeee720e81a464390.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0233,
+ "steps": 36 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.0.session/cache/b1283c4ee81ea5f47112cda8ecef4271.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.0.session/cache/b1283c4ee81ea5f47112cda8ecef4271.json
new file mode 100644
index 0000000000000000000000000000000000000000..b8d0a2bbb7222eafd77a1222f0b85a025aaee277
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.0.session/cache/b1283c4ee81ea5f47112cda8ecef4271.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0486,
+ "steps": 119 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.0.session/cache/c20b5a7aa139ba61a8805faf4dae831d.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.0.session/cache/c20b5a7aa139ba61a8805faf4dae831d.json
new file mode 100644
index 0000000000000000000000000000000000000000..2d7d172993fc6ab51d8278cf69a1160260d29317
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.0.session/cache/c20b5a7aa139ba61a8805faf4dae831d.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0177,
+ "steps": 21 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.0.session/cache/c849712dfd490b5807a8ff59bc39dc34.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.0.session/cache/c849712dfd490b5807a8ff59bc39dc34.json
new file mode 100644
index 0000000000000000000000000000000000000000..836c1303de92f52ee9d2c40470944cbc17d6e271
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.0.session/cache/c849712dfd490b5807a8ff59bc39dc34.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 1.028,
+ "steps": 312 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.0.session/cache/d3420889a7d9c7949b2d1f7715ad1591.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.0.session/cache/d3420889a7d9c7949b2d1f7715ad1591.json
new file mode 100644
index 0000000000000000000000000000000000000000..a0c4e1cc3d47e8a435e0aafb856bf063cd9ffa06
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.0.session/cache/d3420889a7d9c7949b2d1f7715ad1591.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0139,
+ "steps": 22 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.0.session/cache/d3ecbb7211cf7ee8fa1710e0d6276a98.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.0.session/cache/d3ecbb7211cf7ee8fa1710e0d6276a98.json
new file mode 100644
index 0000000000000000000000000000000000000000..007b424c28b2da4cdb8c18aa6f61eefc6b748572
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.0.session/cache/d3ecbb7211cf7ee8fa1710e0d6276a98.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.2094,
+ "steps": 245 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.0.session/cache/e7910d533bc9cd3f26f0a2db15a2628f.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.0.session/cache/e7910d533bc9cd3f26f0a2db15a2628f.json
new file mode 100644
index 0000000000000000000000000000000000000000..9f75f9268d0b85c078303628678391f56158576a
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.0.session/cache/e7910d533bc9cd3f26f0a2db15a2628f.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0535,
+ "steps": 153 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.v2.0.session/cache/1da20b026e23dace33f59b4fe30cf704.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.v2.0.session/cache/1da20b026e23dace33f59b4fe30cf704.json
new file mode 100644
index 0000000000000000000000000000000000000000..ef20f30e9c45f1217f1f4e4d6bd04e8b03e1d951
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.v2.0.session/cache/1da20b026e23dace33f59b4fe30cf704.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.168,
+ "steps": 248 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.v2.0.session/cache/26477daefc637e3827acaa7cf7867619.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.v2.0.session/cache/26477daefc637e3827acaa7cf7867619.json
new file mode 100644
index 0000000000000000000000000000000000000000..ad9932dd701ab07f8bd733bd41ada87a6cbf97d6
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.v2.0.session/cache/26477daefc637e3827acaa7cf7867619.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0305,
+ "steps": 45 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.v2.0.session/cache/2e634a920437c83054eec1a07f763cd9.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.v2.0.session/cache/2e634a920437c83054eec1a07f763cd9.json
new file mode 100644
index 0000000000000000000000000000000000000000..d7d80c5f3a233fc463fcc324bb4402a91b180e61
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.v2.0.session/cache/2e634a920437c83054eec1a07f763cd9.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0228,
+ "steps": 41 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.v2.0.session/cache/386154e29073d9acf9fbbc284ccff087.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.v2.0.session/cache/386154e29073d9acf9fbbc284ccff087.json
new file mode 100644
index 0000000000000000000000000000000000000000..9b5c6ea23de506a303c6cda2c6726b4fd95ec924
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.v2.0.session/cache/386154e29073d9acf9fbbc284ccff087.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0604,
+ "steps": 68 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.v2.0.session/cache/3be45a6c1d0da2f96f8c1e424a7ab67a.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.v2.0.session/cache/3be45a6c1d0da2f96f8c1e424a7ab67a.json
new file mode 100644
index 0000000000000000000000000000000000000000..3f874576dfd7612dd9dbc98179172807d9316bc6
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.v2.0.session/cache/3be45a6c1d0da2f96f8c1e424a7ab67a.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0787,
+ "steps": 160 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.v2.0.session/cache/3f218707b6712edd9bd1d69daa728c14.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.v2.0.session/cache/3f218707b6712edd9bd1d69daa728c14.json
new file mode 100644
index 0000000000000000000000000000000000000000..44223ecdd6d6cce75fdfa791b4995d88157bc47d
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.v2.0.session/cache/3f218707b6712edd9bd1d69daa728c14.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.1211,
+ "steps": 263 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.v2.0.session/cache/4dab6dd8ae580689cfd0d1ba4875ec2d.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.v2.0.session/cache/4dab6dd8ae580689cfd0d1ba4875ec2d.json
new file mode 100644
index 0000000000000000000000000000000000000000..469ddd3aca279a4414764f94f9d0117e2a88df8f
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.v2.0.session/cache/4dab6dd8ae580689cfd0d1ba4875ec2d.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0314,
+ "steps": 70 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.v2.0.session/cache/4dd3ca5f4c88877a589aae7858e95d76.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.v2.0.session/cache/4dd3ca5f4c88877a589aae7858e95d76.json
new file mode 100644
index 0000000000000000000000000000000000000000..7f5128346efa515e87281f58e67f9d76eaf0dd4e
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.v2.0.session/cache/4dd3ca5f4c88877a589aae7858e95d76.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0888,
+ "steps": 101 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.v2.0.session/cache/5502d8c13d4b19675da7ec1d6fde0e81.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.v2.0.session/cache/5502d8c13d4b19675da7ec1d6fde0e81.json
new file mode 100644
index 0000000000000000000000000000000000000000..bfbc9fdd6d304e93b4fb68f34ea524d4d9cebac2
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.v2.0.session/cache/5502d8c13d4b19675da7ec1d6fde0e81.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0265,
+ "steps": 29 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.v2.0.session/cache/57a1707949cda96266d7a170ab0db4ed.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.v2.0.session/cache/57a1707949cda96266d7a170ab0db4ed.json
new file mode 100644
index 0000000000000000000000000000000000000000..7adcc594c863877b3f55d8845bcc45f2bfef13f0
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.v2.0.session/cache/57a1707949cda96266d7a170ab0db4ed.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0323,
+ "steps": 48 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.v2.0.session/cache/597c3ce8a628b364884f7aae153eb0f7.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.v2.0.session/cache/597c3ce8a628b364884f7aae153eb0f7.json
new file mode 100644
index 0000000000000000000000000000000000000000..cc01a769e36668294179e89c0be50e18a90921d1
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.v2.0.session/cache/597c3ce8a628b364884f7aae153eb0f7.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.1069,
+ "steps": 182 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.v2.0.session/cache/69aed695592a136372272f0976cb7cb0.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.v2.0.session/cache/69aed695592a136372272f0976cb7cb0.json
new file mode 100644
index 0000000000000000000000000000000000000000..53b4dd8bc9c5653e006dd1282b4358923f5177a0
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.v2.0.session/cache/69aed695592a136372272f0976cb7cb0.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0249,
+ "steps": 30 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.v2.0.session/cache/6d31b5b9261d0201d9d5d613d393fca5.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.v2.0.session/cache/6d31b5b9261d0201d9d5d613d393fca5.json
new file mode 100644
index 0000000000000000000000000000000000000000..00a668d1f993394c94e92cd78a73936b59eac9eb
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.v2.0.session/cache/6d31b5b9261d0201d9d5d613d393fca5.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0345,
+ "steps": 70 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.v2.0.session/cache/70261faccb832e91f3b93fc06ab58117.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.v2.0.session/cache/70261faccb832e91f3b93fc06ab58117.json
new file mode 100644
index 0000000000000000000000000000000000000000..2e3092ce8d666f487738162ca9d4f361a7948ecd
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.v2.0.session/cache/70261faccb832e91f3b93fc06ab58117.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0309,
+ "steps": 39 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.v2.0.session/cache/76671ff5da324cf7df7b1795b2b206e2.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.v2.0.session/cache/76671ff5da324cf7df7b1795b2b206e2.json
new file mode 100644
index 0000000000000000000000000000000000000000..36a40ac37b525242fbaab6579e9188b1ee3890c8
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.v2.0.session/cache/76671ff5da324cf7df7b1795b2b206e2.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0195,
+ "steps": 30 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.v2.0.session/cache/82652d462ec64309a7df17f1c5d545e1.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.v2.0.session/cache/82652d462ec64309a7df17f1c5d545e1.json
new file mode 100644
index 0000000000000000000000000000000000000000..218ae2ed9320163571ca3fc842539d2e3b56dc42
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.v2.0.session/cache/82652d462ec64309a7df17f1c5d545e1.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0279,
+ "steps": 38 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.v2.0.session/cache/a7fffe44ad3c1effe6026e43591942ce.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.v2.0.session/cache/a7fffe44ad3c1effe6026e43591942ce.json
new file mode 100644
index 0000000000000000000000000000000000000000..16191d44cd9da246d14aefd3ccf849bd093f19a9
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.v2.0.session/cache/a7fffe44ad3c1effe6026e43591942ce.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0276,
+ "steps": 39 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.v2.0.session/cache/a8a8445ca94c28d23a1a736558e69c8c.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.v2.0.session/cache/a8a8445ca94c28d23a1a736558e69c8c.json
new file mode 100644
index 0000000000000000000000000000000000000000..306e6ae307f6876e8e54b023abc3da551eaa425b
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.v2.0.session/cache/a8a8445ca94c28d23a1a736558e69c8c.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0373,
+ "steps": 60 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.v2.0.session/cache/b5e466768f27e36ace65e700da4c6762.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.v2.0.session/cache/b5e466768f27e36ace65e700da4c6762.json
new file mode 100644
index 0000000000000000000000000000000000000000..2b8186ff356e246b93cd3767c5955fe0aebc0b22
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.v2.0.session/cache/b5e466768f27e36ace65e700da4c6762.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0507,
+ "steps": 54 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.v2.0.session/cache/b6b84b8aa7e49ae4e58e874d380e52ec.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.v2.0.session/cache/b6b84b8aa7e49ae4e58e874d380e52ec.json
new file mode 100644
index 0000000000000000000000000000000000000000..bfb1979b47d2da37957f9d91fdf41339c0360ba2
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.v2.0.session/cache/b6b84b8aa7e49ae4e58e874d380e52ec.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0346,
+ "steps": 42 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.v2.0.session/cache/c0517fb8e7353916d3a8af59a55cfe96.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.v2.0.session/cache/c0517fb8e7353916d3a8af59a55cfe96.json
new file mode 100644
index 0000000000000000000000000000000000000000..784f0d606277685eff26b808d786f121f842a415
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.v2.0.session/cache/c0517fb8e7353916d3a8af59a55cfe96.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.022,
+ "steps": 40 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.v2.0.session/cache/f3c1620b867b46248a65cace35447c1f.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.v2.0.session/cache/f3c1620b867b46248a65cace35447c1f.json
new file mode 100644
index 0000000000000000000000000000000000000000..d2040ad1c530a781728119879b391b87d488f12a
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.v2.0.session/cache/f3c1620b867b46248a65cace35447c1f.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0705,
+ "steps": 96 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.v2.0.session/cache/f7589a89ccb1575e24730fc330fcf0d0.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.v2.0.session/cache/f7589a89ccb1575e24730fc330fcf0d0.json
new file mode 100644
index 0000000000000000000000000000000000000000..634c1bf1abcdf48c71cbceae6a8263eb24648434
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.old.v2.0.session/cache/f7589a89ccb1575e24730fc330fcf0d0.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.1556,
+ "steps": 151 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.simplified.0.session/cache/0d38200a674100ddfe7feec44eb47f95.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.simplified.0.session/cache/0d38200a674100ddfe7feec44eb47f95.json
new file mode 100644
index 0000000000000000000000000000000000000000..eb0bd989f352a502156347424504c305d29e0bcc
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.simplified.0.session/cache/0d38200a674100ddfe7feec44eb47f95.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0211,
+ "steps": 50 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.simplified.0.session/cache/146ba3796f4ee4106a5e8667bd7c3f50.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.simplified.0.session/cache/146ba3796f4ee4106a5e8667bd7c3f50.json
new file mode 100644
index 0000000000000000000000000000000000000000..53ae21925eeb19c9ada60cda630262cd5af1d25f
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.simplified.0.session/cache/146ba3796f4ee4106a5e8667bd7c3f50.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0281,
+ "steps": 59 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.simplified.0.session/cache/1c7541e16fa613b0a976bfc393da96ed.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.simplified.0.session/cache/1c7541e16fa613b0a976bfc393da96ed.json
new file mode 100644
index 0000000000000000000000000000000000000000..323a991058c50ba57bf2313cc2792b121e57245c
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.simplified.0.session/cache/1c7541e16fa613b0a976bfc393da96ed.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0162,
+ "steps": 25 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.simplified.0.session/cache/1d98ee567fabc1936f14d72a0a2a19e6.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.simplified.0.session/cache/1d98ee567fabc1936f14d72a0a2a19e6.json
new file mode 100644
index 0000000000000000000000000000000000000000..93f8f903e6d982ec5912d75defd31c841bf750db
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.simplified.0.session/cache/1d98ee567fabc1936f14d72a0a2a19e6.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.053,
+ "steps": 62 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.simplified.0.session/cache/20c6bfbc4023e7a48004f3a7eb2ad3e5.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.simplified.0.session/cache/20c6bfbc4023e7a48004f3a7eb2ad3e5.json
new file mode 100644
index 0000000000000000000000000000000000000000..28d63ba046f6717b211de2424aeadce9a39b0299
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.simplified.0.session/cache/20c6bfbc4023e7a48004f3a7eb2ad3e5.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0139,
+ "steps": 17 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.simplified.0.session/cache/34b5e8da6fcfd4368079c11b0279db8f.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.simplified.0.session/cache/34b5e8da6fcfd4368079c11b0279db8f.json
new file mode 100644
index 0000000000000000000000000000000000000000..68290fa0b6c53b2b610dfd69cd15c8677d1c33ce
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.simplified.0.session/cache/34b5e8da6fcfd4368079c11b0279db8f.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0169,
+ "steps": 22 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.simplified.0.session/cache/45db19c6faa1857dc87eb5a34ce27371.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.simplified.0.session/cache/45db19c6faa1857dc87eb5a34ce27371.json
new file mode 100644
index 0000000000000000000000000000000000000000..f57c130beecf41774f9a72bec823889222c471a4
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.simplified.0.session/cache/45db19c6faa1857dc87eb5a34ce27371.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.2493,
+ "steps": 154 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.simplified.0.session/cache/56a7807ae39f0ecb4e627be901632939.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.simplified.0.session/cache/56a7807ae39f0ecb4e627be901632939.json
new file mode 100644
index 0000000000000000000000000000000000000000..6269a67dc5953ba979d1c49d172c7821e80c75af
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.simplified.0.session/cache/56a7807ae39f0ecb4e627be901632939.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0229,
+ "steps": 50 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.simplified.0.session/cache/90300cb727c65d761a7f041a9b946827.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.simplified.0.session/cache/90300cb727c65d761a7f041a9b946827.json
new file mode 100644
index 0000000000000000000000000000000000000000..f23c95c2d4137329ab5c0f5d4c1c16c16a233d82
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.simplified.0.session/cache/90300cb727c65d761a7f041a9b946827.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0289,
+ "steps": 46 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.simplified.0.session/cache/93fc40b2b5154a19653646b42b6c2df6.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.simplified.0.session/cache/93fc40b2b5154a19653646b42b6c2df6.json
new file mode 100644
index 0000000000000000000000000000000000000000..61108d07ace4f68792157609445f6d43ce059b28
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.simplified.0.session/cache/93fc40b2b5154a19653646b42b6c2df6.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0264,
+ "steps": 48 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.simplified.0.session/cache/951e03065266dffb0914d1775c1ad10c.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.simplified.0.session/cache/951e03065266dffb0914d1775c1ad10c.json
new file mode 100644
index 0000000000000000000000000000000000000000..7535763b8ffea172a1ffa40f0e743c69a8e63430
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.simplified.0.session/cache/951e03065266dffb0914d1775c1ad10c.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.047,
+ "steps": 72 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.simplified.0.session/cache/b4b46240c49a9f0ef2530dea215e1919.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.simplified.0.session/cache/b4b46240c49a9f0ef2530dea215e1919.json
new file mode 100644
index 0000000000000000000000000000000000000000..1e28fc1923167d6ea00592b73391309b5596bafa
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.simplified.0.session/cache/b4b46240c49a9f0ef2530dea215e1919.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0179,
+ "steps": 28 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.simplified.0.session/cache/c5d6eefd823963da7ca16544bc3f3912.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.simplified.0.session/cache/c5d6eefd823963da7ca16544bc3f3912.json
new file mode 100644
index 0000000000000000000000000000000000000000..561c62c230868e668a7923a8b5e5516a161842f5
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.simplified.0.session/cache/c5d6eefd823963da7ca16544bc3f3912.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.059,
+ "steps": 101 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.simplified.0.session/cache/f17c3d079b701186ae67cf3c2a6a0277.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.simplified.0.session/cache/f17c3d079b701186ae67cf3c2a6a0277.json
new file mode 100644
index 0000000000000000000000000000000000000000..88ebb6ea24edd437802e8bebdd16bc6266024a34
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.simplified.0.session/cache/f17c3d079b701186ae67cf3c2a6a0277.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0142,
+ "steps": 18 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.simplified.0.session/cache/fb2a96c00753836cd4d75f4c8ebfd06f.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.simplified.0.session/cache/fb2a96c00753836cd4d75f4c8ebfd06f.json
new file mode 100644
index 0000000000000000000000000000000000000000..b5f957796954da2c855258b41180de529d37f952
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_exo3_solved.simplified.0.session/cache/fb2a96c00753836cd4d75f4c8ebfd06f.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0287,
+ "steps": 18 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/059ee2fae3aa0fd30ca23f0159275ef3.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/059ee2fae3aa0fd30ca23f0159275ef3.json
new file mode 100644
index 0000000000000000000000000000000000000000..abad964a13dd6e43604df5ff372c7b2037ba0680
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/059ee2fae3aa0fd30ca23f0159275ef3.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0808,
+ "steps": 133 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/07832109afbac0e38eb5d87932066e08.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/07832109afbac0e38eb5d87932066e08.json
new file mode 100644
index 0000000000000000000000000000000000000000..8fd9260cd313bdfed3b8ccd295e53b19680cdd60
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/07832109afbac0e38eb5d87932066e08.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0335,
+ "steps": 61 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/088564331bfc8b3af317aacddb4ccbea.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/088564331bfc8b3af317aacddb4ccbea.json
new file mode 100644
index 0000000000000000000000000000000000000000..ecc07528b26cbd52eb223001ae88fa623b9cb67c
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/088564331bfc8b3af317aacddb4ccbea.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0352,
+ "steps": 74 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/08e74ef80a419837ad146845c97f173b.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/08e74ef80a419837ad146845c97f173b.json
new file mode 100644
index 0000000000000000000000000000000000000000..86d0f447754673a9b728b3689c23f680d69d0ccf
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/08e74ef80a419837ad146845c97f173b.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0184,
+ "steps": 29 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/0c31169754f2628df2aefb14cc504990.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/0c31169754f2628df2aefb14cc504990.json
new file mode 100644
index 0000000000000000000000000000000000000000..910a47496bd5038632ea1951ba1edb676c86a89d
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/0c31169754f2628df2aefb14cc504990.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 2.1291,
+ "steps": 873 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/0ec7f155931ed9e99efae24fd0898491.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/0ec7f155931ed9e99efae24fd0898491.json
new file mode 100644
index 0000000000000000000000000000000000000000..f33936f03dbcc869a97881e0bd22c75c1941addc
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/0ec7f155931ed9e99efae24fd0898491.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0338,
+ "steps": 65 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/0f76081bfd4cb878c7ac624b1e0677ec.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/0f76081bfd4cb878c7ac624b1e0677ec.json
new file mode 100644
index 0000000000000000000000000000000000000000..1c62f16177a8dc7db8caa59a65f5904c10b19c3f
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/0f76081bfd4cb878c7ac624b1e0677ec.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.071,
+ "steps": 95 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/113dabb6f94d8c3225236c434a5d13a7.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/113dabb6f94d8c3225236c434a5d13a7.json
new file mode 100644
index 0000000000000000000000000000000000000000..047e6f1e53ca50caaa4e9e4c1cc4ecff0218af68
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/113dabb6f94d8c3225236c434a5d13a7.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0299,
+ "steps": 65 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/178e24799cae3dcec5f3257226b96a20.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/178e24799cae3dcec5f3257226b96a20.json
new file mode 100644
index 0000000000000000000000000000000000000000..94f3bb9c909688ee9f80555d8c365bd9b11df2b7
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/178e24799cae3dcec5f3257226b96a20.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0181,
+ "steps": 22 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/1b75b91371009810dc97ffa389bb5531.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/1b75b91371009810dc97ffa389bb5531.json
new file mode 100644
index 0000000000000000000000000000000000000000..7d3e23193e9924b3c0f5a6bfebe01bca90436300
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/1b75b91371009810dc97ffa389bb5531.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.368,
+ "steps": 210 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/1da5cd2893da7c1322294978850c6fd3.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/1da5cd2893da7c1322294978850c6fd3.json
new file mode 100644
index 0000000000000000000000000000000000000000..feb98b34cfea48cf2681ab1c4525739652d1bb45
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/1da5cd2893da7c1322294978850c6fd3.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0322,
+ "steps": 42 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/1f482c6de3c7a19cda334e37d01fe177.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/1f482c6de3c7a19cda334e37d01fe177.json
new file mode 100644
index 0000000000000000000000000000000000000000..821f69edf5ebb3a1861fe3b1bb68953e0097ab91
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/1f482c6de3c7a19cda334e37d01fe177.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0357,
+ "steps": 38 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/2d2277efecc9ac0135f43533fb7fd64e.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/2d2277efecc9ac0135f43533fb7fd64e.json
new file mode 100644
index 0000000000000000000000000000000000000000..0abc71957e0fdfa55695469a05276e423947a05a
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/2d2277efecc9ac0135f43533fb7fd64e.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0196,
+ "steps": 33 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/2d5464d4e8192a657d37126dca5910da.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/2d5464d4e8192a657d37126dca5910da.json
new file mode 100644
index 0000000000000000000000000000000000000000..f750557db773fb71671669d577dded5d3e97b7a8
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/2d5464d4e8192a657d37126dca5910da.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0153,
+ "steps": 23 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/2ddd3e6ac842e9117c49c9ddaf740411.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/2ddd3e6ac842e9117c49c9ddaf740411.json
new file mode 100644
index 0000000000000000000000000000000000000000..5fe9a6223c0dfb57660fb3b54a8954077c5c6c84
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/2ddd3e6ac842e9117c49c9ddaf740411.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.066,
+ "steps": 64 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/2e3c2cb35cef3cb6057febf0bdf10744.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/2e3c2cb35cef3cb6057febf0bdf10744.json
new file mode 100644
index 0000000000000000000000000000000000000000..7af695f6e6d2129cc82337bf04ff14ddbd9838ac
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/2e3c2cb35cef3cb6057febf0bdf10744.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0813,
+ "steps": 98 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/37377966b3e186a9febaac6df135d3e9.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/37377966b3e186a9febaac6df135d3e9.json
new file mode 100644
index 0000000000000000000000000000000000000000..60cff8a3d9c8c2f8dab50531f7934e8dcf90d332
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/37377966b3e186a9febaac6df135d3e9.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0247,
+ "steps": 47 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/45124138476e1855a6f35cf90a0f7385.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/45124138476e1855a6f35cf90a0f7385.json
new file mode 100644
index 0000000000000000000000000000000000000000..d25205285c9ce2b89352daf104b5e68474f50846
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/45124138476e1855a6f35cf90a0f7385.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.016,
+ "steps": 18 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/50c141eec33504c5c1bed095ab2c1934.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/50c141eec33504c5c1bed095ab2c1934.json
new file mode 100644
index 0000000000000000000000000000000000000000..62c1a250c0cccc64572d291981af226941826018
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/50c141eec33504c5c1bed095ab2c1934.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0858,
+ "steps": 108 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/5aa93b7609826cef11995c6f79edc54c.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/5aa93b7609826cef11995c6f79edc54c.json
new file mode 100644
index 0000000000000000000000000000000000000000..388f04a8c5601ca2a7e10cef9cffd7ee83c8559a
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/5aa93b7609826cef11995c6f79edc54c.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.136,
+ "steps": 194 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/634fb439c79d4b2df9278efe8f97f1a2.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/634fb439c79d4b2df9278efe8f97f1a2.json
new file mode 100644
index 0000000000000000000000000000000000000000..e8126a586a450aa787844c990d85961804ee07dd
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/634fb439c79d4b2df9278efe8f97f1a2.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.032,
+ "steps": 61 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/6356a66f92291eedbf596c86247cdf40.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/6356a66f92291eedbf596c86247cdf40.json
new file mode 100644
index 0000000000000000000000000000000000000000..ba1ebe012e8a3560bf86d60fa132ddae7f719bc0
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/6356a66f92291eedbf596c86247cdf40.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.1091,
+ "steps": 133 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/66d43256948fe0b03dc360a4a2654dfb.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/66d43256948fe0b03dc360a4a2654dfb.json
new file mode 100644
index 0000000000000000000000000000000000000000..351c69260b1a0a7c21ffba208aa0e24a7b4e8f6d
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/66d43256948fe0b03dc360a4a2654dfb.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0402,
+ "steps": 64 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/69483893c71ff4f7f440dddd3e21f386.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/69483893c71ff4f7f440dddd3e21f386.json
new file mode 100644
index 0000000000000000000000000000000000000000..06cb64cc77d55028c1bcceb748fb8873b1fbf515
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/69483893c71ff4f7f440dddd3e21f386.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0414,
+ "steps": 54 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/6c00a117f0e575dde2c838780b6a2b5f.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/6c00a117f0e575dde2c838780b6a2b5f.json
new file mode 100644
index 0000000000000000000000000000000000000000..c5eca6b702fc3bdd52f380b9803b12ed6204860e
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/6c00a117f0e575dde2c838780b6a2b5f.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.1224,
+ "steps": 119 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/6f907d24a6c6d51475fbbba7851998d4.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/6f907d24a6c6d51475fbbba7851998d4.json
new file mode 100644
index 0000000000000000000000000000000000000000..7be3368806520ce4a938bc264ffcea08460affd4
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/6f907d24a6c6d51475fbbba7851998d4.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0219,
+ "steps": 39 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/737d7d224b95933e11e8630b0d5e1e67.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/737d7d224b95933e11e8630b0d5e1e67.json
new file mode 100644
index 0000000000000000000000000000000000000000..20bead46ea2d5b67f1f5ca8b00b8a97e51642b94
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/737d7d224b95933e11e8630b0d5e1e67.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0213,
+ "steps": 25 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/744202b8726995ad41adcfd26dbd3977.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/744202b8726995ad41adcfd26dbd3977.json
new file mode 100644
index 0000000000000000000000000000000000000000..8f687e1b1979a3a9cf0a79f0ac18a0ca444a1355
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/744202b8726995ad41adcfd26dbd3977.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.2803,
+ "steps": 249 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/784037581ab4f838952f762dd078ccd2.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/784037581ab4f838952f762dd078ccd2.json
new file mode 100644
index 0000000000000000000000000000000000000000..27dc53199be4576ff3c7db387925400503f105a2
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/784037581ab4f838952f762dd078ccd2.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0313,
+ "steps": 32 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/7b20ca91596a368e107ee308c5abb683.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/7b20ca91596a368e107ee308c5abb683.json
new file mode 100644
index 0000000000000000000000000000000000000000..0b1a8cfc07b0171ed97cf744391ea936ccb99ad3
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/7b20ca91596a368e107ee308c5abb683.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0201,
+ "steps": 18 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/7e28eb621b6c70199ef921ecc2b766f9.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/7e28eb621b6c70199ef921ecc2b766f9.json
new file mode 100644
index 0000000000000000000000000000000000000000..a49224f442c2c2e2161ea9e009f8eba268d4e63d
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/7e28eb621b6c70199ef921ecc2b766f9.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 1.4606,
+ "steps": 586 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/82d303e4f3b78e54f806a99c19a64876.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/82d303e4f3b78e54f806a99c19a64876.json
new file mode 100644
index 0000000000000000000000000000000000000000..794b083a3bf51284e34a510d28aead2af4a74864
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/82d303e4f3b78e54f806a99c19a64876.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0544,
+ "steps": 72 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/8421490fd39132bfdfa1fa54817bc682.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/8421490fd39132bfdfa1fa54817bc682.json
new file mode 100644
index 0000000000000000000000000000000000000000..cd12ff0b274f6abaed9666a95f4fffb654ab7278
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/8421490fd39132bfdfa1fa54817bc682.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.012,
+ "steps": 20 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/85c2351bf7a38814cb9a0a47ea6c2ea7.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/85c2351bf7a38814cb9a0a47ea6c2ea7.json
new file mode 100644
index 0000000000000000000000000000000000000000..3c284e70820c995ec5edb7e197c2ca8d33d9b628
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/85c2351bf7a38814cb9a0a47ea6c2ea7.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0241,
+ "steps": 18 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/865e884b2f3e33610e0aa609d35c6f09.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/865e884b2f3e33610e0aa609d35c6f09.json
new file mode 100644
index 0000000000000000000000000000000000000000..9d8d6a00fe0da5e050fb38a5915942da5bc56c33
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/865e884b2f3e33610e0aa609d35c6f09.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0564,
+ "steps": 111 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/88bebb3c661a1f33578350b8200b7c25.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/88bebb3c661a1f33578350b8200b7c25.json
new file mode 100644
index 0000000000000000000000000000000000000000..ea55d0f710c4fae34c44fc86e46e5aa5efacafff
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/88bebb3c661a1f33578350b8200b7c25.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0614,
+ "steps": 76 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/8a7b631f75a3073c3262178ccfedd3e7.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/8a7b631f75a3073c3262178ccfedd3e7.json
new file mode 100644
index 0000000000000000000000000000000000000000..1ec8ceeac6bf2386593d43a45685ab389b6e2777
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/8a7b631f75a3073c3262178ccfedd3e7.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.1267,
+ "steps": 167 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/8aafa7388f31a7314c199713ca0ae084.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/8aafa7388f31a7314c199713ca0ae084.json
new file mode 100644
index 0000000000000000000000000000000000000000..74c7c88edbfca4e44f32992c977d8913359d857d
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/8aafa7388f31a7314c199713ca0ae084.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0628,
+ "steps": 76 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/8e942fe174bf1f62bb36a5abab4deb26.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/8e942fe174bf1f62bb36a5abab4deb26.json
new file mode 100644
index 0000000000000000000000000000000000000000..b6b6c98618e61e9e14c652313c907d8a6fbf00d0
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/8e942fe174bf1f62bb36a5abab4deb26.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0752,
+ "steps": 121 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/92d2d156fb93ee5c5f2d3f2faa4c4275.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/92d2d156fb93ee5c5f2d3f2faa4c4275.json
new file mode 100644
index 0000000000000000000000000000000000000000..36db404c7bab8e3ee41476c4c5aa24ea60992bbf
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/92d2d156fb93ee5c5f2d3f2faa4c4275.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0209,
+ "steps": 18 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/9c97f1cddb0b9fcf61a6d1caddc3e897.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/9c97f1cddb0b9fcf61a6d1caddc3e897.json
new file mode 100644
index 0000000000000000000000000000000000000000..3dc3966fd359442d63db1fe94095a4cb169a97ed
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/9c97f1cddb0b9fcf61a6d1caddc3e897.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0256,
+ "steps": 41 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/9cab00be1ec378b961d688830f12c8b5.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/9cab00be1ec378b961d688830f12c8b5.json
new file mode 100644
index 0000000000000000000000000000000000000000..378f04a195d6b55343e6e76998070f28f2158364
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/9cab00be1ec378b961d688830f12c8b5.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0337,
+ "steps": 74 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/a2374beb942675808f3c1588a5f13a68.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/a2374beb942675808f3c1588a5f13a68.json
new file mode 100644
index 0000000000000000000000000000000000000000..f649ab657544d26466257290c10de97690865352
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/a2374beb942675808f3c1588a5f13a68.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.1312,
+ "steps": 138 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/ae94fd34b628e3925ec2951d2ed0d153.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/ae94fd34b628e3925ec2951d2ed0d153.json
new file mode 100644
index 0000000000000000000000000000000000000000..26dbe45bbc68373f9a4fca03f148a7d7565e981f
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/ae94fd34b628e3925ec2951d2ed0d153.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0864,
+ "steps": 92 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/b0969ad7ecf31664172fda8b609f8917.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/b0969ad7ecf31664172fda8b609f8917.json
new file mode 100644
index 0000000000000000000000000000000000000000..de3e41e11eaef60972476ae6f37b4e7c16ea628f
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/b0969ad7ecf31664172fda8b609f8917.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0655,
+ "steps": 87 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/b57d3798758c77258d386ffb51fb4324.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/b57d3798758c77258d386ffb51fb4324.json
new file mode 100644
index 0000000000000000000000000000000000000000..bb2b182b1ef117cb810ab148a34e396ed12d63d8
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/b57d3798758c77258d386ffb51fb4324.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.1634,
+ "steps": 222 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/bd76bf896c68ddef8cbba6f20100fac8.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/bd76bf896c68ddef8cbba6f20100fac8.json
new file mode 100644
index 0000000000000000000000000000000000000000..fe03fc572cade5d47a45284ea777e0d5f7cbf599
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/bd76bf896c68ddef8cbba6f20100fac8.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0596,
+ "steps": 81 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/be1d9ed1ba49360aaa18b8d4b577c56f.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/be1d9ed1ba49360aaa18b8d4b577c56f.json
new file mode 100644
index 0000000000000000000000000000000000000000..5df1900efa459e5fd3ec19bad8597d33beb42d3a
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/be1d9ed1ba49360aaa18b8d4b577c56f.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0426,
+ "steps": 63 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/c57fbc674ee49672402990996b38e761.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/c57fbc674ee49672402990996b38e761.json
new file mode 100644
index 0000000000000000000000000000000000000000..7e3ac4e98d53cc6435282b388e47be1e1b21b4b9
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/c57fbc674ee49672402990996b38e761.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0527,
+ "steps": 95 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/ca5e36cff267d97e2595ae3f8187bcdd.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/ca5e36cff267d97e2595ae3f8187bcdd.json
new file mode 100644
index 0000000000000000000000000000000000000000..80b3bf0de709a2821ba08397e3386ab3bc2098d4
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/ca5e36cff267d97e2595ae3f8187bcdd.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.1654,
+ "steps": 178 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/cd48e56312a247d0852ac3ca63754265.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/cd48e56312a247d0852ac3ca63754265.json
new file mode 100644
index 0000000000000000000000000000000000000000..33d7094aac6396305fee9f872c8dc0f23482ab1f
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/cd48e56312a247d0852ac3ca63754265.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0398,
+ "steps": 56 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/d39b5b1c24cd1c7d131652c2ca1dd878.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/d39b5b1c24cd1c7d131652c2ca1dd878.json
new file mode 100644
index 0000000000000000000000000000000000000000..838225c281765fedb38254c952e0616fad6f6c05
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/d39b5b1c24cd1c7d131652c2ca1dd878.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.069,
+ "steps": 80 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/d4b82b17f751426ee45e116de56f70bb.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/d4b82b17f751426ee45e116de56f70bb.json
new file mode 100644
index 0000000000000000000000000000000000000000..8fa7c83ab770555f957d49f1d50691a6e5327674
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/d4b82b17f751426ee45e116de56f70bb.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.4659,
+ "steps": 240 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/d51e6faa5980c6069ff809306e33fe61.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/d51e6faa5980c6069ff809306e33fe61.json
new file mode 100644
index 0000000000000000000000000000000000000000..e1894df8c631efb2e0f911402519388e95d604a1
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/d51e6faa5980c6069ff809306e33fe61.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0157,
+ "steps": 17 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/e8bad62a574dfb263cbb0424c1f994cc.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/e8bad62a574dfb263cbb0424c1f994cc.json
new file mode 100644
index 0000000000000000000000000000000000000000..6d7da0d9f4ad16b508406132c7b722e593f391ed
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/e8bad62a574dfb263cbb0424c1f994cc.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0941,
+ "steps": 95 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/e997b52aca1d60592f0c918574d95bca.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/e997b52aca1d60592f0c918574d95bca.json
new file mode 100644
index 0000000000000000000000000000000000000000..5dbf762bfea3e1fb66b0ff003912b2017abeab88
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/e997b52aca1d60592f0c918574d95bca.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0828,
+ "steps": 95 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/eec066c7871c347d05d218448003bb42.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/eec066c7871c347d05d218448003bb42.json
new file mode 100644
index 0000000000000000000000000000000000000000..9fdc6170589530a9e3080ddda90ec1f7e79d939b
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/eec066c7871c347d05d218448003bb42.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.3033,
+ "steps": 267 }
diff --git a/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/fa144aad657dae3418db4f22e288c17e.json b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/fa144aad657dae3418db4f22e288c17e.json
new file mode 100644
index 0000000000000000000000000000000000000000..de86aca27e192893e621e96c962053ca98df5465
--- /dev/null
+++ b/src/plugins/wp/tests/wp_gallery/oracle_qualif/frama_c_hashtbl_solved.0.session/cache/fa144aad657dae3418db4f22e288c17e.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0501,
+ "steps": 90 }
diff --git a/src/plugins/wp/tests/wp_hoare/oracle/logicarr.res.oracle b/src/plugins/wp/tests/wp_hoare/oracle/logicarr.res.oracle
index 5e73be63b7df4b15b4f78d60e115f956d60f302d..bfb7581b49d7b30852c5599e9368a5d64eb0a6e1 100644
--- a/src/plugins/wp/tests/wp_hoare/oracle/logicarr.res.oracle
+++ b/src/plugins/wp/tests/wp_hoare/oracle/logicarr.res.oracle
@@ -8,7 +8,7 @@
------------------------------------------------------------
Goal Post-condition 'PTR' in 'job':
-Let a = global(G_arr_33).
+Let a = global(G_arr_35).
Let a_1 = shift_sint32(a, i).
Let x = Mint_0[a_1].
Let a_2 = shift_sint32(a, j).
@@ -25,7 +25,7 @@ Prove: P_p_pointer(m, Mint_0, shift_sint32(a, 0), i, j).
------------------------------------------------------------
Goal Post-condition 'ARR' in 'job':
-Let a = global(G_arr_33).
+Let a = global(G_arr_35).
Let m = Array1_int(a, 10, Mint_0).
Let a_1 = shift_sint32(a, i).
Let x = Mint_0[a_1].
@@ -43,7 +43,7 @@ Prove: P_p_arrays(m, i, m_1, j).
------------------------------------------------------------
Goal Post-condition 'DUM' in 'job':
-Let a = global(G_arr_33).
+Let a = global(G_arr_35).
Let a_1 = shift_sint32(a, i).
Let x = Mint_0[a_1].
Let a_2 = shift_sint32(a, j).
diff --git a/src/plugins/wp/tests/wp_hoare/oracle/logicref_simple.res.oracle b/src/plugins/wp/tests/wp_hoare/oracle/logicref_simple.res.oracle
index cb5bbabf891a31381f3ece52b3ff9434bc0b88d8..e789d39c37d259a3fc4e6803904857355ab6ce39 100644
--- a/src/plugins/wp/tests/wp_hoare/oracle/logicref_simple.res.oracle
+++ b/src/plugins/wp/tests/wp_hoare/oracle/logicref_simple.res.oracle
@@ -39,7 +39,7 @@ Prove: true.
------------------------------------------------------------
Goal Post-condition (file tests/wp_hoare/logicref_simple.i, line 19) in 'fsimple_array':
-Let a = global(G_t_33).
+Let a = global(G_t_35).
Let x = Mint_0[shift_sint32(a, 3)].
Assume {
Type: is_sint32(x) /\ is_sint32(1 + x).
diff --git a/src/plugins/wp/tests/wp_hoare/oracle_qualif/byref.0.session/cache/56b7eefc17044e0ff95c99434cf88399.json b/src/plugins/wp/tests/wp_hoare/oracle_qualif/byref.0.session/cache/56b7eefc17044e0ff95c99434cf88399.json
new file mode 100644
index 0000000000000000000000000000000000000000..56c395504289168c539ec44e6877a919ac85adc8
--- /dev/null
+++ b/src/plugins/wp/tests/wp_hoare/oracle_qualif/byref.0.session/cache/56b7eefc17044e0ff95c99434cf88399.json
@@ -0,0 +1 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "unknown" }
diff --git a/src/plugins/wp/tests/wp_hoare/oracle_qualif/logicarr.0.session/cache/852210deac5464ecf4c672c0f6c67fb7.json b/src/plugins/wp/tests/wp_hoare/oracle_qualif/logicarr.0.session/cache/852210deac5464ecf4c672c0f6c67fb7.json
new file mode 100644
index 0000000000000000000000000000000000000000..d18663535614364cd23cc4366374bcc116827407
--- /dev/null
+++ b/src/plugins/wp/tests/wp_hoare/oracle_qualif/logicarr.0.session/cache/852210deac5464ecf4c672c0f6c67fb7.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0276,
+ "steps": 28 }
diff --git a/src/plugins/wp/tests/wp_hoare/oracle_qualif/logicarr.0.session/cache/aa862239bf067f3148dc841ef36e7c1a.json b/src/plugins/wp/tests/wp_hoare/oracle_qualif/logicarr.0.session/cache/aa862239bf067f3148dc841ef36e7c1a.json
new file mode 100644
index 0000000000000000000000000000000000000000..5a2c7477c08bb24d9b0c6c03675e887dedecde15
--- /dev/null
+++ b/src/plugins/wp/tests/wp_hoare/oracle_qualif/logicarr.0.session/cache/aa862239bf067f3148dc841ef36e7c1a.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0307,
+ "steps": 27 }
diff --git a/src/plugins/wp/tests/wp_hoare/oracle_qualif/logicarr.0.session/cache/d85b1504de7e92963b9c333e4ba02d6f.json b/src/plugins/wp/tests/wp_hoare/oracle_qualif/logicarr.0.session/cache/d85b1504de7e92963b9c333e4ba02d6f.json
new file mode 100644
index 0000000000000000000000000000000000000000..d0150246ac21803b3aec1ee7b6f969c3a3272952
--- /dev/null
+++ b/src/plugins/wp/tests/wp_hoare/oracle_qualif/logicarr.0.session/cache/d85b1504de7e92963b9c333e4ba02d6f.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0342,
+ "steps": 28 }
diff --git a/src/plugins/wp/tests/wp_hoare/oracle_qualif/logicref.0.session/cache/6dd7fce5505a14bc287568321ce0111b.json b/src/plugins/wp/tests/wp_hoare/oracle_qualif/logicref.0.session/cache/6dd7fce5505a14bc287568321ce0111b.json
new file mode 100644
index 0000000000000000000000000000000000000000..5526663a21d70ba18c444222040ab39a46c8f43d
--- /dev/null
+++ b/src/plugins/wp/tests/wp_hoare/oracle_qualif/logicref.0.session/cache/6dd7fce5505a14bc287568321ce0111b.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0299,
+ "steps": 70 }
diff --git a/src/plugins/wp/tests/wp_hoare/oracle_qualif/logicref_simple.0.session/cache/2eb20108bba00807202ca8ddffbe9321.json b/src/plugins/wp/tests/wp_hoare/oracle_qualif/logicref_simple.0.session/cache/2eb20108bba00807202ca8ddffbe9321.json
new file mode 100644
index 0000000000000000000000000000000000000000..7bffe208ef42a51d2c4d05223fe00cb970981796
--- /dev/null
+++ b/src/plugins/wp/tests/wp_hoare/oracle_qualif/logicref_simple.0.session/cache/2eb20108bba00807202ca8ddffbe9321.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0137,
+ "steps": 13 }
diff --git a/src/plugins/wp/tests/wp_hoare/oracle_qualif/logicref_simple.0.session/cache/84e7fceb770bfa7d815f522cfce14408.json b/src/plugins/wp/tests/wp_hoare/oracle_qualif/logicref_simple.0.session/cache/84e7fceb770bfa7d815f522cfce14408.json
new file mode 100644
index 0000000000000000000000000000000000000000..e08281f17c2162795fe491864e7c33f0f060fb0c
--- /dev/null
+++ b/src/plugins/wp/tests/wp_hoare/oracle_qualif/logicref_simple.0.session/cache/84e7fceb770bfa7d815f522cfce14408.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0188,
+ "steps": 15 }
diff --git a/src/plugins/wp/tests/wp_hoare/oracle_qualif/logicref_simple.0.session/cache/8773bd69d274eceb0acf3767f4ae9575.json b/src/plugins/wp/tests/wp_hoare/oracle_qualif/logicref_simple.0.session/cache/8773bd69d274eceb0acf3767f4ae9575.json
new file mode 100644
index 0000000000000000000000000000000000000000..355d38749c20e2f44b7ff68de6c45aacf2767998
--- /dev/null
+++ b/src/plugins/wp/tests/wp_hoare/oracle_qualif/logicref_simple.0.session/cache/8773bd69d274eceb0acf3767f4ae9575.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.022,
+ "steps": 16 }
diff --git a/src/plugins/wp/tests/wp_hoare/oracle_qualif/logicref_simple.0.session/cache/8d2421a35a8365649870fd7b2f8a1222.json b/src/plugins/wp/tests/wp_hoare/oracle_qualif/logicref_simple.0.session/cache/8d2421a35a8365649870fd7b2f8a1222.json
new file mode 100644
index 0000000000000000000000000000000000000000..ece64db1cc4352caeff01ffa56676a842cc4a8ab
--- /dev/null
+++ b/src/plugins/wp/tests/wp_hoare/oracle_qualif/logicref_simple.0.session/cache/8d2421a35a8365649870fd7b2f8a1222.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0167,
+ "steps": 9 }
diff --git a/src/plugins/wp/tests/wp_hoare/oracle_qualif/reference_and_struct.0.session/cache/a514c4e0dbce3a19cb575797578db2ee.json b/src/plugins/wp/tests/wp_hoare/oracle_qualif/reference_and_struct.0.session/cache/a514c4e0dbce3a19cb575797578db2ee.json
new file mode 100644
index 0000000000000000000000000000000000000000..e25fe48e954c0abea116eba9c6a1e4350edf3ce2
--- /dev/null
+++ b/src/plugins/wp/tests/wp_hoare/oracle_qualif/reference_and_struct.0.session/cache/a514c4e0dbce3a19cb575797578db2ee.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0152,
+ "steps": 18 }
diff --git a/src/plugins/wp/tests/wp_hoare/oracle_qualif/reference_array.0.session/cache/1055ecf60b0251e2ce8a583866b59b5d.json b/src/plugins/wp/tests/wp_hoare/oracle_qualif/reference_array.0.session/cache/1055ecf60b0251e2ce8a583866b59b5d.json
new file mode 100644
index 0000000000000000000000000000000000000000..61cf1fe705114036e2b696c8622e2aceadeddadc
--- /dev/null
+++ b/src/plugins/wp/tests/wp_hoare/oracle_qualif/reference_array.0.session/cache/1055ecf60b0251e2ce8a583866b59b5d.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0197,
+ "steps": 18 }
diff --git a/src/plugins/wp/tests/wp_hoare/oracle_qualif/reference_array.0.session/cache/3ad89ca7d6079981ace01e3d25910e63.json b/src/plugins/wp/tests/wp_hoare/oracle_qualif/reference_array.0.session/cache/3ad89ca7d6079981ace01e3d25910e63.json
new file mode 100644
index 0000000000000000000000000000000000000000..3d545f3673f98515fc84cb6a39c5fff24253b5e3
--- /dev/null
+++ b/src/plugins/wp/tests/wp_hoare/oracle_qualif/reference_array.0.session/cache/3ad89ca7d6079981ace01e3d25910e63.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0143,
+ "steps": 18 }
diff --git a/src/plugins/wp/tests/wp_hoare/oracle_qualif/reference_array.0.session/cache/5518bc5769e51a2ec423d55457d4323c.json b/src/plugins/wp/tests/wp_hoare/oracle_qualif/reference_array.0.session/cache/5518bc5769e51a2ec423d55457d4323c.json
new file mode 100644
index 0000000000000000000000000000000000000000..e2e340a604d4b3629c34943e773d90ab34264260
--- /dev/null
+++ b/src/plugins/wp/tests/wp_hoare/oracle_qualif/reference_array.0.session/cache/5518bc5769e51a2ec423d55457d4323c.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0152,
+ "steps": 23 }
diff --git a/src/plugins/wp/tests/wp_hoare/oracle_qualif/refguards.0.session/cache/5c4bdf85b0130c246990c9addb9d2556.json b/src/plugins/wp/tests/wp_hoare/oracle_qualif/refguards.0.session/cache/5c4bdf85b0130c246990c9addb9d2556.json
new file mode 100644
index 0000000000000000000000000000000000000000..465fcfae9d04cd9cdb5e1a1d480c69fe72a2d4a5
--- /dev/null
+++ b/src/plugins/wp/tests/wp_hoare/oracle_qualif/refguards.0.session/cache/5c4bdf85b0130c246990c9addb9d2556.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0144,
+ "steps": 14 }
diff --git a/src/plugins/wp/tests/wp_hoare/oracle_qualif/refguards.0.session/cache/aeb63d64f83c4e31d79d7e8e869de07e.json b/src/plugins/wp/tests/wp_hoare/oracle_qualif/refguards.0.session/cache/aeb63d64f83c4e31d79d7e8e869de07e.json
new file mode 100644
index 0000000000000000000000000000000000000000..56c395504289168c539ec44e6877a919ac85adc8
--- /dev/null
+++ b/src/plugins/wp/tests/wp_hoare/oracle_qualif/refguards.0.session/cache/aeb63d64f83c4e31d79d7e8e869de07e.json
@@ -0,0 +1 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "unknown" }
diff --git a/src/plugins/wp/tests/wp_manual/oracle_qualif/manual.0.session/cache/1aa29de269f2b73adeae713ac86acec7.json b/src/plugins/wp/tests/wp_manual/oracle_qualif/manual.0.session/cache/1aa29de269f2b73adeae713ac86acec7.json
new file mode 100644
index 0000000000000000000000000000000000000000..6962611545323f7fcaf1590d0a601d6d9a21749a
--- /dev/null
+++ b/src/plugins/wp/tests/wp_manual/oracle_qualif/manual.0.session/cache/1aa29de269f2b73adeae713ac86acec7.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0115,
+ "steps": 14 }
diff --git a/src/plugins/wp/tests/wp_manual/oracle_qualif/manual.1.session/cache/762ba8fbb24bdd2a875e3ac97bcdb1a0.json b/src/plugins/wp/tests/wp_manual/oracle_qualif/manual.1.session/cache/762ba8fbb24bdd2a875e3ac97bcdb1a0.json
new file mode 100644
index 0000000000000000000000000000000000000000..a2ea9f8b8deea59abe370b3e8a51a933f2922ceb
--- /dev/null
+++ b/src/plugins/wp/tests/wp_manual/oracle_qualif/manual.1.session/cache/762ba8fbb24bdd2a875e3ac97bcdb1a0.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0117,
+ "steps": 20 }
diff --git a/src/plugins/wp/tests/wp_manual/oracle_qualif/manual.1.session/cache/b280eb527d15c1796693db544778a327.json b/src/plugins/wp/tests/wp_manual/oracle_qualif/manual.1.session/cache/b280eb527d15c1796693db544778a327.json
new file mode 100644
index 0000000000000000000000000000000000000000..828728f174df3b19fb44581c18930dd7fa8b06f4
--- /dev/null
+++ b/src/plugins/wp/tests/wp_manual/oracle_qualif/manual.1.session/cache/b280eb527d15c1796693db544778a327.json
@@ -0,0 +1 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.01, "steps": 18 }
diff --git a/src/plugins/wp/tests/wp_manual/oracle_qualif/manual.1.session/cache/f55cc495403a5870a0396a5e15c05b4d.json b/src/plugins/wp/tests/wp_manual/oracle_qualif/manual.1.session/cache/f55cc495403a5870a0396a5e15c05b4d.json
new file mode 100644
index 0000000000000000000000000000000000000000..c05514686476cf221474edb1592c17db6c0ef714
--- /dev/null
+++ b/src/plugins/wp/tests/wp_manual/oracle_qualif/manual.1.session/cache/f55cc495403a5870a0396a5e15c05b4d.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0132,
+ "steps": 19 }
diff --git a/src/plugins/wp/tests/wp_manual/oracle_qualif/manual.2.session/cache/762ba8fbb24bdd2a875e3ac97bcdb1a0.json b/src/plugins/wp/tests/wp_manual/oracle_qualif/manual.2.session/cache/762ba8fbb24bdd2a875e3ac97bcdb1a0.json
new file mode 100644
index 0000000000000000000000000000000000000000..bdb57771153b4a6aa778482fd4dce961b4b7cf5b
--- /dev/null
+++ b/src/plugins/wp/tests/wp_manual/oracle_qualif/manual.2.session/cache/762ba8fbb24bdd2a875e3ac97bcdb1a0.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0167,
+ "steps": 20 }
diff --git a/src/plugins/wp/tests/wp_manual/oracle_qualif/manual.2.session/cache/b280eb527d15c1796693db544778a327.json b/src/plugins/wp/tests/wp_manual/oracle_qualif/manual.2.session/cache/b280eb527d15c1796693db544778a327.json
new file mode 100644
index 0000000000000000000000000000000000000000..c6167acad6c68565f201d380b635027bb5f9cf0c
--- /dev/null
+++ b/src/plugins/wp/tests/wp_manual/oracle_qualif/manual.2.session/cache/b280eb527d15c1796693db544778a327.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0124,
+ "steps": 18 }
diff --git a/src/plugins/wp/tests/wp_manual/oracle_qualif/manual.2.session/cache/f55cc495403a5870a0396a5e15c05b4d.json b/src/plugins/wp/tests/wp_manual/oracle_qualif/manual.2.session/cache/f55cc495403a5870a0396a5e15c05b4d.json
new file mode 100644
index 0000000000000000000000000000000000000000..fdc442c3a92be496b8c880b384cc7029348a3226
--- /dev/null
+++ b/src/plugins/wp/tests/wp_manual/oracle_qualif/manual.2.session/cache/f55cc495403a5870a0396a5e15c05b4d.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0116,
+ "steps": 19 }
diff --git a/src/plugins/wp/tests/wp_plugin/bit_test.c b/src/plugins/wp/tests/wp_plugin/bit_test.c
index b0b19bf9b8c72db53bc2885dc90e402987c6cb08..96f24adfa142c51f5be4046ccd5abddc23671f08 100644
--- a/src/plugins/wp/tests/wp_plugin/bit_test.c
+++ b/src/plugins/wp/tests/wp_plugin/bit_test.c
@@ -3,7 +3,7 @@
*/
/* run.config_qualif
- OPT: -wp-driver tests/wp_plugin/bit_test.driver -wp-prover why3:alt-ergo -wp-check
+ OPT: -wp-driver tests/wp_plugin/bit_test.driver -wp-prover why3:alt-ergo
*/
/*@
diff --git a/src/plugins/wp/tests/wp_plugin/doomed_call.i b/src/plugins/wp/tests/wp_plugin/doomed_call.i
new file mode 100644
index 0000000000000000000000000000000000000000..a084798044a2b9ec099179a379e7cc8421a26232
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/doomed_call.i
@@ -0,0 +1,122 @@
+/* run.config
+ DONTRUN:
+ */
+
+/* run.config_qualif
+ OPT:
+ OPT: -wp-smoke-tests
+ OPT: -wp-smoke-tests -wp-split
+*/
+
+/* -------------------------------------------------------------------------- */
+// --- All functions shall be proved without smoke tests
+// --- All functions « ok » shall pass the smoke tests
+// --- All functions « ko » shall reveal dead code
+/* -------------------------------------------------------------------------- */
+
+/*@
+ ensures \false ;
+ exits \false ;
+ assigns \nothing ;
+ */
+void call_ko(void);
+
+/*@
+ ensures \true ;
+ exits \false ;
+ assigns \nothing ;
+ */
+void call_post_ok(void);
+
+/*@
+ ensures \false ;
+ exits \true ;
+ assigns \nothing ;
+ */
+void call_exit_ok(void);
+
+int E ;
+
+/*@
+ ensures E ;
+ exits E ;
+ assigns \nothing ;
+ */
+void call_ko_global(void);
+
+/*@ ensures p ; exits !p ; */
+void f1_ok(int p)
+{
+ if (!p)
+ call_exit_ok();
+ E++;
+}
+
+/*@ ensures p ; exits !p ; */
+void f2_ok(int p)
+{
+ if (p)
+ call_post_ok();
+ else
+ call_exit_ok();
+ E++;
+}
+
+/*@ ensures E == \old(E)+1 ; */
+void f3_ko(void)
+{
+ call_ko();
+ E++;
+}
+
+/*@ ensures \false ; */
+void f3_ok(void)
+{
+ call_exit_ok();
+}
+
+/*@ ensures E ; */
+void f4_ok(void)
+{
+ E=1;
+ call_ko_global();
+}
+
+/*@ ensures !E ; */
+void f4_ko(void)
+{
+ E=0;
+ call_ko_global();
+}
+
+/*@
+ ensures E == \old(E)+1 ;
+ assigns \nothing ;
+ */
+void call_wrong(void);
+
+/*@
+ ensures E == \old(E)+1 ;
+ assigns E ;
+ */
+void call_effect(void);
+
+/*@
+ ensures E == \old(E)+3 ;
+*/
+void f5_ok(void)
+{
+ call_effect();
+ call_effect();
+ call_effect();
+}
+
+/*@
+ ensures E == \old(E)+3 ;
+*/
+void f5_ko(void)
+{
+ call_effect();
+ call_wrong();
+ call_effect();
+}
diff --git a/src/plugins/wp/tests/wp_plugin/doomed_dead.i b/src/plugins/wp/tests/wp_plugin/doomed_dead.i
new file mode 100644
index 0000000000000000000000000000000000000000..5cba4b4ae13d297cf591afaa08431a1c45694e41
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/doomed_dead.i
@@ -0,0 +1,96 @@
+/* run.config
+ DONTRUN:
+ */
+
+/* run.config_qualif
+ OPT: -wp-smoke-tests
+ OPT: -wp-smoke-tests -wp-split
+*/
+
+//@ assigns \nothing ;
+int f1_ok(int x)
+{
+ int r ;
+ if (x) r++;
+ if (x) r++;
+ return r;
+}
+
+/*@
+ ensures \false ;
+ exits \true ;
+ assigns \nothing ;
+*/
+void exit(void);
+
+/*@
+ assigns \nothing ;
+*/
+void call(void);
+
+//@ assigns \nothing ;
+int f2_ok(int x)
+{
+ int r ;
+ if (x) { exit(); }
+ r++;
+ return r;
+}
+
+//@ assigns \nothing ;
+int f2_ko(int x)
+{
+ int r ;
+ if (x) { exit(); r++; }
+ return r;
+}
+
+//@ assigns \nothing ;
+int f3_ok(int x)
+{
+ int r ;
+ if (x) { call(); r++; }
+ return r;
+}
+
+//@ assigns \nothing ;
+int f4_ok(int x)
+{
+ int r ;
+ if (x) {
+ exit();
+ //@ assert \false ;
+ r++;
+ } else {
+ r++;
+ }
+ return r;
+}
+
+//@ assigns \nothing ;
+int f5_ok(int op,int a)
+{
+ switch(op) {
+ case 1:
+ case 2:
+ return a+1;
+ case 3:
+ return a-1;
+ default:
+ return a;
+ }
+}
+
+//@ assigns \nothing ;
+int f5_ko(int op,int a)
+{
+ if (op == 1) return 0;
+ switch(op) {
+ case 1:
+ return a+1;
+ case 2:
+ return a-1;
+ default:
+ return a;
+ }
+}
diff --git a/src/plugins/wp/tests/wp_plugin/float_driver.i b/src/plugins/wp/tests/wp_plugin/float_driver.i
new file mode 100644
index 0000000000000000000000000000000000000000..da87cc93b3693ebfeb808388eec1d2a9fb17654f
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/float_driver.i
@@ -0,0 +1,39 @@
+/* run.config
+ OPT:-wp -wp-gen -wp-prover why3 -wp-msg-key="print-generated"
+*/
+/* run.config_qualif
+ DONTRUN:
+*/
+
+/*@
+ ensures DBL_RNE: \eq_double(\result,\round_double(\NearestEven, x));
+ ensures DBL_RNA: \eq_double(\result,\round_double(\NearestAway, x));
+ ensures DBL_RTZ: \eq_double(\result,\round_double(\ToZero, x));
+ ensures DBL_RTP: \eq_double(\result,\round_double(\Up, x));
+ ensures DBL_RTN: \eq_double(\result,\round_double(\Down, x));
+ ensures DBL_FIN: \is_finite(\result);
+ ensures DBL_INF: \is_infinite(\result);
+ ensures DBL_NAN: \is_NaN(\result);
+ ensures DBL_PINF: \is_plus_infinity(\result);
+ ensures DBL_MINF: \is_minus_infinity(\result);
+*/
+double for_double(double x) {
+ return x+1.0;
+}
+
+/*@
+ ensures FLT_RNE: \eq_float(\result,\round_float(\NearestEven, x));
+ ensures FLT_RNA: \eq_float(\result,\round_float(\NearestAway, x));
+ ensures FLT_RTZ: \eq_float(\result,\round_float(\ToZero, x));
+ ensures FLT_RTP: \eq_float(\result,\round_float(\Up, x));
+ ensures FLT_RTN: \eq_float(\result,\round_float(\Down, x));
+ ensures FLT_FIN: \is_finite(\result);
+ ensures FLT_INF: \is_infinite(\result);
+ ensures FLT_NAN: \is_NaN(\result);
+ ensures FLT_PINF: \is_plus_infinity(\result);
+ ensures FLT_MINF: \is_minus_infinity(\result);
+*/
+float for_float(float x) {
+ return x+1.0f;
+}
+
diff --git a/src/plugins/wp/tests/wp_plugin/model.i b/src/plugins/wp/tests/wp_plugin/model.i
index 4b57d2f03e09e31030018d51fd55a39abec3216b..81b49ed20d473590181d159b37f404a4564e5395 100644
--- a/src/plugins/wp/tests/wp_plugin/model.i
+++ b/src/plugins/wp/tests/wp_plugin/model.i
@@ -4,7 +4,7 @@
*/
/* run.config_qualif
- OPT: -wp-msg-key print-generated -wp-model Typed -wp-check -then -wp -wp-model Typed+ref -wp-check
+ OPT: -wp-msg-key print-generated -wp-model Typed -then -wp -wp-model Typed+ref
*/
//@ predicate P(integer a);
diff --git a/src/plugins/wp/tests/wp_plugin/oracle/doomed.1.res.oracle b/src/plugins/wp/tests/wp_plugin/oracle/doomed.1.res.oracle
index c8ab85eccdbc7f840a36b3fbf2deb68d90795bb9..96ea7f28a84972eb67c04bc99bf2ed7e3ceb34c4 100644
--- a/src/plugins/wp/tests/wp_plugin/oracle/doomed.1.res.oracle
+++ b/src/plugins/wp/tests/wp_plugin/oracle/doomed.1.res.oracle
@@ -7,7 +7,7 @@
Function bar
------------------------------------------------------------
-Goal Smoke_default_requires in 'bar':
+Goal Wp_smoke_default_requires in 'bar':
Assume { Type: is_sint32(x). (* Pre-condition *) Have: 0 < x. }
Prove: false.
@@ -21,7 +21,7 @@ Prove: true.
Function buzz
------------------------------------------------------------
-Goal Smoke_default_requires in 'buzz':
+Goal Wp_smoke_default_requires in 'buzz':
Prove: true.
------------------------------------------------------------
@@ -34,7 +34,7 @@ Prove: true.
Function foo
------------------------------------------------------------
-Goal Smoke_default_requires in 'foo':
+Goal Wp_smoke_default_requires in 'foo':
Assume {
Type: is_sint32(x).
(* Pre-condition *)
@@ -51,7 +51,7 @@ Prove: false.
Function foo with behavior A
------------------------------------------------------------
-Goal Smoke_A_requires in 'foo':
+Goal Wp_smoke_A_requires in 'foo':
Prove: true.
------------------------------------------------------------
@@ -59,7 +59,7 @@ Prove: true.
Function foo with behavior B
------------------------------------------------------------
-Goal Smoke_B_requires in 'foo':
+Goal Wp_smoke_B_requires in 'foo':
Assume {
Type: is_sint32(x).
(* Pre-condition *)
diff --git a/src/plugins/wp/tests/wp_plugin/oracle/doomed_axioms.res.oracle b/src/plugins/wp/tests/wp_plugin/oracle/doomed_axioms.res.oracle
index 01bfc26467c48618d00373b5b5ab26ad1ea8bdca..66b4587a6b7f562ec25be5fd70a303a9af3a5cfb 100644
--- a/src/plugins/wp/tests/wp_plugin/oracle/doomed_axioms.res.oracle
+++ b/src/plugins/wp/tests/wp_plugin/oracle/doomed_axioms.res.oracle
@@ -7,7 +7,7 @@
Function foo
------------------------------------------------------------
-Goal Smoke_loop_invariant in 'foo' at loop (file tests/wp_plugin/doomed_axioms.i, line 29):
+Goal Wp_smoke_dead_loop in 'foo' at loop (file tests/wp_plugin/doomed_axioms.i, line 29):
Assume {
Type: is_sint32(n).
(* Invariant 'C' *)
@@ -21,6 +21,38 @@ Prove: false.
------------------------------------------------------------
+Goal Wp_smoke_dead_code in 'foo' at instruction (file tests/wp_plugin/doomed_axioms.i, line 30):
+Assume {
+ Type: is_sint32(n) /\ is_sint32(x).
+ (* Invariant 'C' *)
+ Have: P_R(n).
+ (* Invariant 'B' *)
+ Have: P_Q(n).
+ (* Invariant 'A' *)
+ Have: P_P(n).
+ (* Then *)
+ Have: 0 < x.
+}
+Prove: false.
+
+------------------------------------------------------------
+
+Goal Wp_smoke_dead_code in 'foo' at return (file tests/wp_plugin/doomed_axioms.i, line 32):
+Assume {
+ Type: is_sint32(n) /\ is_sint32(x).
+ (* Invariant 'C' *)
+ Have: P_R(n).
+ (* Invariant 'B' *)
+ Have: P_Q(n).
+ (* Invariant 'A' *)
+ Have: P_P(n).
+ (* Else *)
+ Have: x <= 0.
+}
+Prove: false.
+
+------------------------------------------------------------
+
Goal Preservation of Invariant 'A' (file tests/wp_plugin/doomed_axioms.i, line 24):
Let x_1 = 1 + n.
Assume {
diff --git a/src/plugins/wp/tests/wp_plugin/oracle/doomed_loop.res.oracle b/src/plugins/wp/tests/wp_plugin/oracle/doomed_loop.res.oracle
index 1eb7464b45e92019f3da245eacc0b0ae0f587632..665deb24842bdf01369c31d978870e1f34cbfdf4 100644
--- a/src/plugins/wp/tests/wp_plugin/oracle/doomed_loop.res.oracle
+++ b/src/plugins/wp/tests/wp_plugin/oracle/doomed_loop.res.oracle
@@ -7,7 +7,17 @@
Function foo
------------------------------------------------------------
-Goal Smoke_loop_invariant in 'foo' at loop (file tests/wp_plugin/doomed_loop.i, line 22):
+Goal Wp_smoke_dead_loop in 'foo' at loop (file tests/wp_plugin/doomed_loop.i, line 22):
+Prove: true.
+
+------------------------------------------------------------
+
+Goal Wp_smoke_dead_code in 'foo' at instruction (file tests/wp_plugin/doomed_loop.i, line 23):
+Prove: true.
+
+------------------------------------------------------------
+
+Goal Wp_smoke_dead_code in 'foo' at return (file tests/wp_plugin/doomed_loop.i, line 25):
Prove: true.
------------------------------------------------------------
diff --git a/src/plugins/wp/tests/wp_plugin/oracle/doomed_unroll.res.oracle b/src/plugins/wp/tests/wp_plugin/oracle/doomed_unroll.res.oracle
index 3f7c7566dcfb0a1866791cfdbebc281e8c2699ba..169321402876d20386d7dd09216dd79310308dda 100644
--- a/src/plugins/wp/tests/wp_plugin/oracle/doomed_unroll.res.oracle
+++ b/src/plugins/wp/tests/wp_plugin/oracle/doomed_unroll.res.oracle
@@ -9,6 +9,21 @@
Function foo
------------------------------------------------------------
+Goal Wp_smoke_dead_code in 'foo' at instruction (file tests/wp_plugin/doomed_unroll.i, line 15):
+Prove: false.
+
+------------------------------------------------------------
+
+Goal Wp_smoke_dead_code in 'foo' at instruction (file tests/wp_plugin/doomed_unroll.i, line 15):
+Prove: false.
+
+------------------------------------------------------------
+
+Goal Wp_smoke_dead_code in 'foo' at instruction (file tests/wp_plugin/doomed_unroll.i, line 15):
+Prove: false.
+
+------------------------------------------------------------
+
Goal Preservation of Invariant (generated):
Prove: true.
diff --git a/src/plugins/wp/tests/wp_plugin/oracle/dynamic.res.oracle b/src/plugins/wp/tests/wp_plugin/oracle/dynamic.res.oracle
index 3caefec4a3e23f1ba1c48ddb04c7f69c6cc2f51f..f61e601b4d210a4a8afbea9a51402de2d1d963f1 100644
--- a/src/plugins/wp/tests/wp_plugin/oracle/dynamic.res.oracle
+++ b/src/plugins/wp/tests/wp_plugin/oracle/dynamic.res.oracle
@@ -77,8 +77,8 @@ Prove: true.
Goal Call point f1 f2 in 'call' at instruction (file tests/wp_plugin/dynamic.i, line 30):
Let a = Mptr_0[shiftfield_F1_S_f(closure_0)].
-Let a_1 = global(G_f2_28).
-Let a_2 = global(G_f1_20).
+Let a_1 = global(G_f2_30).
+Let a_2 = global(G_f1_22).
Let x = Mint_0[shiftfield_F1_S_param(closure_0)].
Assume {
Type: is_sint32(x).
@@ -115,7 +115,7 @@ Assume {
Have: abs_int(x) <= 5.
(* Instance of 'f1' *)
(* Call point f1 f2 *)
- Have: Mptr_0[shiftfield_F1_S_f(closure_0)] = global(G_f1_20).
+ Have: Mptr_0[shiftfield_F1_S_f(closure_0)] = global(G_f1_22).
}
Prove: ((-10) <= x) /\ (x <= 10).
@@ -137,7 +137,7 @@ Assume {
(* Goal *)
When: Mptr_0[shiftfield_F1_S_f(p)] = global(0).
(* Else *)
- Have: G_g_46 = 0.
+ Have: G_g_48 = 0.
}
Prove: X = 1.
@@ -165,7 +165,7 @@ Prove: true.
Goal Call point h1 in 'missing_context' at instruction (file tests/wp_plugin/dynamic.i, line 87):
Assume { (* Heap *) Type: region(p.base) <= 0. }
-Prove: global(G_h1_59) = p.
+Prove: global(G_h1_61) = p.
------------------------------------------------------------
diff --git a/src/plugins/wp/tests/wp_plugin/oracle/flash.0.res.oracle b/src/plugins/wp/tests/wp_plugin/oracle/flash.0.res.oracle
index db2c070f9c272093ac5f6e002c583a1257a29bba..818a355e2d15663d3e04db5fc8769c4944a19d84 100644
--- a/src/plugins/wp/tests/wp_plugin/oracle/flash.0.res.oracle
+++ b/src/plugins/wp/tests/wp_plugin/oracle/flash.0.res.oracle
@@ -14,9 +14,9 @@ Prove: true.
Goal Post-condition 'A_reads' in 'job':
Let x = 1 + OBSERVER_time_0.
-Let a = global(G_a_62).
+Let a = global(G_a_64).
Let a_1 = C_RdAt_int(a).
-Let a_2 = global(G_b_63).
+Let a_2 = global(G_b_65).
Let a_3 = C_RdAt_int(a_2).
Let a_4 = C_WrAt_int(a_2).
Let a_5 = L_RD_update(L_INDEX_init, a).
@@ -58,9 +58,9 @@ Prove: L_RD_access(a_7, a) = 2.
Goal Post-condition 'B_reads' in 'job':
Let x = 1 + OBSERVER_time_0.
-Let a = global(G_a_62).
+Let a = global(G_a_64).
Let a_1 = C_RdAt_int(a).
-Let a_2 = global(G_b_63).
+Let a_2 = global(G_b_65).
Let a_3 = C_RdAt_int(a_2).
Let a_4 = C_WrAt_int(a_2).
Let a_5 = L_RD_update(L_INDEX_init, a).
@@ -102,9 +102,9 @@ Prove: L_RD_access(a_7, a_2) = 1.
Goal Post-condition 'B_writes' in 'job':
Let x = 1 + OBSERVER_time_0.
-Let a = global(G_a_62).
+Let a = global(G_a_64).
Let a_1 = C_RdAt_int(a).
-Let a_2 = global(G_b_63).
+Let a_2 = global(G_b_65).
Let a_3 = C_RdAt_int(a_2).
Let a_4 = C_WrAt_int(a_2).
Let a_5 = L_RD_update(L_INDEX_init, a).
@@ -146,9 +146,9 @@ Prove: L_WR_access(a_7, a_2) = 1.
Goal Post-condition 'ReadValues' in 'job':
Let x = 1 + OBSERVER_time_0.
-Let a = global(G_a_62).
+Let a = global(G_a_64).
Let a_1 = C_RdAt_int(a).
-Let a_2 = global(G_b_63).
+Let a_2 = global(G_b_65).
Let a_3 = C_RdAt_int(a_2).
Let a_4 = C_WrAt_int(a_2).
Let a_5 = L_RD_update(L_INDEX_init, a).
@@ -191,9 +191,9 @@ Prove: (x_6 + L_RD_value(a_2, L_RD_access(a_5, a_2))
Goal Post-condition 'WriteValues' in 'job':
Let x = 1 + OBSERVER_time_0.
-Let a = global(G_a_62).
+Let a = global(G_a_64).
Let a_1 = C_RdAt_int(a).
-Let a_2 = global(G_b_63).
+Let a_2 = global(G_b_65).
Let a_3 = C_RdAt_int(a_2).
Let a_4 = C_WrAt_int(a_2).
Let a_5 = L_RD_update(L_INDEX_init, a).
diff --git a/src/plugins/wp/tests/wp_plugin/oracle/flash.1.res.oracle b/src/plugins/wp/tests/wp_plugin/oracle/flash.1.res.oracle
index ed8294e3ee5f853d6a6e156a292bfdf0f91efe21..312f0897fc58e194cdbbefd4148c717786b6cf1c 100644
--- a/src/plugins/wp/tests/wp_plugin/oracle/flash.1.res.oracle
+++ b/src/plugins/wp/tests/wp_plugin/oracle/flash.1.res.oracle
@@ -16,9 +16,9 @@ Prove: true.
Goal Post-condition 'A_reads' in 'job':
Let x = 1 + OBSERVER_time_0.
-Let a = global(G_a_62).
+Let a = global(G_a_64).
Let a_1 = C_RdAt_int(a).
-Let a_2 = global(G_b_63).
+Let a_2 = global(G_b_65).
Let a_3 = C_RdAt_int(a_2).
Let a_4 = C_WrAt_int(a_2).
Let a_5 = ((const(0))[(a) <- (const(0))[a]+1]).
@@ -59,9 +59,9 @@ Prove: (a_7)[a] = 2.
Goal Post-condition 'B_reads' in 'job':
Let x = 1 + OBSERVER_time_0.
-Let a = global(G_a_62).
+Let a = global(G_a_64).
Let a_1 = C_RdAt_int(a).
-Let a_2 = global(G_b_63).
+Let a_2 = global(G_b_65).
Let a_3 = C_RdAt_int(a_2).
Let a_4 = C_WrAt_int(a_2).
Let a_5 = ((const(0))[(a) <- (const(0))[a]+1]).
@@ -102,9 +102,9 @@ Prove: (a_7)[a_2] = 1.
Goal Post-condition 'B_writes' in 'job':
Let x = 1 + OBSERVER_time_0.
-Let a = global(G_a_62).
+Let a = global(G_a_64).
Let a_1 = C_RdAt_int(a).
-Let a_2 = global(G_b_63).
+Let a_2 = global(G_b_65).
Let a_3 = C_RdAt_int(a_2).
Let a_4 = C_WrAt_int(a_2).
Let a_5 = ((const(0))[(a) <- (const(0))[a]+1]).
@@ -145,9 +145,9 @@ Prove: (a_7)[a_2] = 1.
Goal Post-condition 'ReadValues' in 'job':
Let x = 1 + OBSERVER_time_0.
-Let a = global(G_a_62).
+Let a = global(G_a_64).
Let a_1 = C_RdAt_int(a).
-Let a_2 = global(G_b_63).
+Let a_2 = global(G_b_65).
Let a_3 = C_RdAt_int(a_2).
Let a_4 = C_WrAt_int(a_2).
Let a_5 = ((const(0))[(a) <- (const(0))[a]+1]).
@@ -188,9 +188,9 @@ Prove: (x_6 + L_RD_value(a_2, (a_5)[a_2]) + L_RD_value(a, (a_6)[a]))
Goal Post-condition 'WriteValues' in 'job':
Let x = 1 + OBSERVER_time_0.
-Let a = global(G_a_62).
+Let a = global(G_a_64).
Let a_1 = C_RdAt_int(a).
-Let a_2 = global(G_b_63).
+Let a_2 = global(G_b_65).
Let a_3 = C_RdAt_int(a_2).
Let a_4 = C_WrAt_int(a_2).
Let a_5 = ((const(0))[(a) <- (const(0))[a]+1]).
diff --git a/src/plugins/wp/tests/wp_plugin/oracle/float_driver.res.oracle b/src/plugins/wp/tests/wp_plugin/oracle/float_driver.res.oracle
new file mode 100644
index 0000000000000000000000000000000000000000..a009941107964a0ccc1ad2a87153709a0fe5fba2
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle/float_driver.res.oracle
@@ -0,0 +1,708 @@
+# frama-c -wp [...]
+[kernel] Parsing tests/wp_plugin/float_driver.i (no preprocessing)
+[wp] Running WP plugin...
+[wp] Loading driver 'share/wp.driver'
+[wp] Warning: Missing RTE guards
+[wp] 20 goals scheduled
+[wp:print-generated]
+ theory WP
+ (* use why3.BuiltIn.BuiltIn *)
+
+ (* use bool.Bool *)
+
+ (* use int.Int *)
+
+ (* use int.ComputerDivision *)
+
+ (* use real.RealInfix *)
+
+ (* use frama_c_wp.qed.Qed *)
+
+ (* use map.Map *)
+
+ (* use real.Abs *)
+
+ (* use frama_c_wp.cmath.Cmath *)
+
+ (* use real.Square *)
+
+ (* use frama_c_wp.cmath.Square1 *)
+
+ (* use frama_c_wp.cfloat.Cfloat *)
+
+ goal wp_goal :
+ forall f:t.
+ eq_f64 (add_f64 f (0x1.0000000000000p0:t)) (round_double RTP (of_f64 f))
+ end
+[wp:print-generated]
+ theory WP1
+ (* use why3.BuiltIn.BuiltIn *)
+
+ (* use bool.Bool *)
+
+ (* use int.Int *)
+
+ (* use int.ComputerDivision *)
+
+ (* use real.RealInfix *)
+
+ (* use frama_c_wp.qed.Qed *)
+
+ (* use map.Map *)
+
+ (* use real.Abs *)
+
+ (* use frama_c_wp.cmath.Cmath *)
+
+ (* use real.Square *)
+
+ (* use frama_c_wp.cmath.Square1 *)
+
+ (* use frama_c_wp.cfloat.Cfloat *)
+
+ goal wp_goal :
+ forall f:t.
+ eq_f64 (add_f64 f (0x1.0000000000000p0:t)) (round_double RTZ (of_f64 f))
+ end
+[wp:print-generated]
+ theory WP2
+ (* use why3.BuiltIn.BuiltIn *)
+
+ (* use bool.Bool *)
+
+ (* use int.Int *)
+
+ (* use int.ComputerDivision *)
+
+ (* use real.RealInfix *)
+
+ (* use frama_c_wp.qed.Qed *)
+
+ (* use map.Map *)
+
+ (* use real.Abs *)
+
+ (* use frama_c_wp.cmath.Cmath *)
+
+ (* use real.Square *)
+
+ (* use frama_c_wp.cmath.Square1 *)
+
+ (* use frama_c_wp.cfloat.Cfloat *)
+
+ goal wp_goal :
+ forall f:t.
+ eq_f64 (add_f64 f (0x1.0000000000000p0:t)) (round_double RNA (of_f64 f))
+ end
+[wp:print-generated]
+ theory WP3
+ (* use why3.BuiltIn.BuiltIn *)
+
+ (* use bool.Bool *)
+
+ (* use int.Int *)
+
+ (* use int.ComputerDivision *)
+
+ (* use real.RealInfix *)
+
+ (* use frama_c_wp.qed.Qed *)
+
+ (* use map.Map *)
+
+ (* use real.Abs *)
+
+ (* use frama_c_wp.cmath.Cmath *)
+
+ (* use real.Square *)
+
+ (* use frama_c_wp.cmath.Square1 *)
+
+ (* use frama_c_wp.cfloat.Cfloat *)
+
+ goal wp_goal :
+ forall f:t.
+ eq_f64 (add_f64 f (0x1.0000000000000p0:t)) (round_double RNE (of_f64 f))
+ end
+[wp:print-generated]
+ theory WP4
+ (* use why3.BuiltIn.BuiltIn *)
+
+ (* use bool.Bool *)
+
+ (* use int.Int *)
+
+ (* use int.ComputerDivision *)
+
+ (* use real.RealInfix *)
+
+ (* use frama_c_wp.qed.Qed *)
+
+ (* use map.Map *)
+
+ (* use real.Abs *)
+
+ (* use frama_c_wp.cmath.Cmath *)
+
+ (* use real.Square *)
+
+ (* use frama_c_wp.cmath.Square1 *)
+
+ (* use frama_c_wp.cfloat.Cfloat *)
+
+ goal wp_goal : forall f:t. is_NaN_f64 (add_f64 f (0x1.0000000000000p0:t))
+ end
+[wp:print-generated]
+ theory WP5
+ (* use why3.BuiltIn.BuiltIn *)
+
+ (* use bool.Bool *)
+
+ (* use int.Int *)
+
+ (* use int.ComputerDivision *)
+
+ (* use real.RealInfix *)
+
+ (* use frama_c_wp.qed.Qed *)
+
+ (* use map.Map *)
+
+ (* use real.Abs *)
+
+ (* use frama_c_wp.cmath.Cmath *)
+
+ (* use real.Square *)
+
+ (* use frama_c_wp.cmath.Square1 *)
+
+ (* use frama_c_wp.cfloat.Cfloat *)
+
+ goal wp_goal :
+ forall f:t. is_infinite_f64 (add_f64 f (0x1.0000000000000p0:t))
+ end
+[wp:print-generated]
+ theory WP6
+ (* use why3.BuiltIn.BuiltIn *)
+
+ (* use bool.Bool *)
+
+ (* use int.Int *)
+
+ (* use int.ComputerDivision *)
+
+ (* use real.RealInfix *)
+
+ (* use frama_c_wp.qed.Qed *)
+
+ (* use map.Map *)
+
+ (* use real.Abs *)
+
+ (* use frama_c_wp.cmath.Cmath *)
+
+ (* use real.Square *)
+
+ (* use frama_c_wp.cmath.Square1 *)
+
+ (* use frama_c_wp.cfloat.Cfloat *)
+
+ goal wp_goal :
+ forall f:t. is_finite_f64 (add_f64 f (0x1.0000000000000p0:t))
+ end
+[wp:print-generated]
+ theory WP7
+ (* use why3.BuiltIn.BuiltIn *)
+
+ (* use bool.Bool *)
+
+ (* use int.Int *)
+
+ (* use int.ComputerDivision *)
+
+ (* use real.RealInfix *)
+
+ (* use frama_c_wp.qed.Qed *)
+
+ (* use map.Map *)
+
+ (* use real.Abs *)
+
+ (* use frama_c_wp.cmath.Cmath *)
+
+ (* use real.Square *)
+
+ (* use frama_c_wp.cmath.Square1 *)
+
+ (* use frama_c_wp.cfloat.Cfloat *)
+
+ goal wp_goal :
+ forall f:t.
+ eq_f64 (add_f64 f (0x1.0000000000000p0:t)) (round_double RTN (of_f64 f))
+ end
+[wp:print-generated]
+ theory WP8
+ (* use why3.BuiltIn.BuiltIn *)
+
+ (* use bool.Bool1 *)
+
+ (* use int.Int1 *)
+
+ (* use int.ComputerDivision1 *)
+
+ (* use real.RealInfix1 *)
+
+ (* use frama_c_wp.qed.Qed1 *)
+
+ (* use map.Map1 *)
+
+ (* use real.Abs1 *)
+
+ (* use frama_c_wp.cmath.Cmath1 *)
+
+ (* use real.Square2 *)
+
+ (* use frama_c_wp.cmath.Square3 *)
+
+ (* use frama_c_wp.cfloat.Cfloat1 *)
+
+ goal wp_goal :
+ forall f:t1.
+ eq_f32 (add_f32 f (0x1.0000000000000p0:t1))
+ (round_float RNA1 (of_f32 f))
+ end
+[wp:print-generated]
+ theory WP9
+ (* use why3.BuiltIn.BuiltIn *)
+
+ (* use bool.Bool1 *)
+
+ (* use int.Int1 *)
+
+ (* use int.ComputerDivision1 *)
+
+ (* use real.RealInfix1 *)
+
+ (* use frama_c_wp.qed.Qed1 *)
+
+ (* use map.Map1 *)
+
+ (* use real.Abs1 *)
+
+ (* use frama_c_wp.cmath.Cmath1 *)
+
+ (* use real.Square2 *)
+
+ (* use frama_c_wp.cmath.Square3 *)
+
+ (* use frama_c_wp.cfloat.Cfloat1 *)
+
+ goal wp_goal :
+ forall f:t1.
+ eq_f32 (add_f32 f (0x1.0000000000000p0:t1))
+ (round_float RNE1 (of_f32 f))
+ end
+[wp:print-generated]
+ theory WP10
+ (* use why3.BuiltIn.BuiltIn *)
+
+ (* use bool.Bool *)
+
+ (* use int.Int *)
+
+ (* use int.ComputerDivision *)
+
+ (* use real.RealInfix *)
+
+ (* use frama_c_wp.qed.Qed *)
+
+ (* use map.Map *)
+
+ (* use real.Abs *)
+
+ (* use frama_c_wp.cmath.Cmath *)
+
+ (* use real.Square *)
+
+ (* use frama_c_wp.cmath.Square1 *)
+
+ (* use frama_c_wp.cfloat.Cfloat *)
+
+ goal wp_goal :
+ forall f:t. is_negative_infinite_f64 (add_f64 f (0x1.0000000000000p0:t))
+ end
+[wp:print-generated]
+ theory WP11
+ (* use why3.BuiltIn.BuiltIn *)
+
+ (* use bool.Bool *)
+
+ (* use int.Int *)
+
+ (* use int.ComputerDivision *)
+
+ (* use real.RealInfix *)
+
+ (* use frama_c_wp.qed.Qed *)
+
+ (* use map.Map *)
+
+ (* use real.Abs *)
+
+ (* use frama_c_wp.cmath.Cmath *)
+
+ (* use real.Square *)
+
+ (* use frama_c_wp.cmath.Square1 *)
+
+ (* use frama_c_wp.cfloat.Cfloat *)
+
+ goal wp_goal :
+ forall f:t. is_positive_infinite_f64 (add_f64 f (0x1.0000000000000p0:t))
+ end
+[wp:print-generated]
+ theory WP12
+ (* use why3.BuiltIn.BuiltIn *)
+
+ (* use bool.Bool1 *)
+
+ (* use int.Int1 *)
+
+ (* use int.ComputerDivision1 *)
+
+ (* use real.RealInfix1 *)
+
+ (* use frama_c_wp.qed.Qed1 *)
+
+ (* use map.Map1 *)
+
+ (* use real.Abs1 *)
+
+ (* use frama_c_wp.cmath.Cmath1 *)
+
+ (* use real.Square2 *)
+
+ (* use frama_c_wp.cmath.Square3 *)
+
+ (* use frama_c_wp.cfloat.Cfloat1 *)
+
+ goal wp_goal :
+ forall f:t1. is_finite_f32 (add_f32 f (0x1.0000000000000p0:t1))
+ end
+[wp:print-generated]
+ theory WP13
+ (* use why3.BuiltIn.BuiltIn *)
+
+ (* use bool.Bool1 *)
+
+ (* use int.Int1 *)
+
+ (* use int.ComputerDivision1 *)
+
+ (* use real.RealInfix1 *)
+
+ (* use frama_c_wp.qed.Qed1 *)
+
+ (* use map.Map1 *)
+
+ (* use real.Abs1 *)
+
+ (* use frama_c_wp.cmath.Cmath1 *)
+
+ (* use real.Square2 *)
+
+ (* use frama_c_wp.cmath.Square3 *)
+
+ (* use frama_c_wp.cfloat.Cfloat1 *)
+
+ goal wp_goal :
+ forall f:t1.
+ eq_f32 (add_f32 f (0x1.0000000000000p0:t1))
+ (round_float RTN1 (of_f32 f))
+ end
+[wp:print-generated]
+ theory WP14
+ (* use why3.BuiltIn.BuiltIn *)
+
+ (* use bool.Bool1 *)
+
+ (* use int.Int1 *)
+
+ (* use int.ComputerDivision1 *)
+
+ (* use real.RealInfix1 *)
+
+ (* use frama_c_wp.qed.Qed1 *)
+
+ (* use map.Map1 *)
+
+ (* use real.Abs1 *)
+
+ (* use frama_c_wp.cmath.Cmath1 *)
+
+ (* use real.Square2 *)
+
+ (* use frama_c_wp.cmath.Square3 *)
+
+ (* use frama_c_wp.cfloat.Cfloat1 *)
+
+ goal wp_goal :
+ forall f:t1.
+ eq_f32 (add_f32 f (0x1.0000000000000p0:t1))
+ (round_float RTP1 (of_f32 f))
+ end
+[wp:print-generated]
+ theory WP15
+ (* use why3.BuiltIn.BuiltIn *)
+
+ (* use bool.Bool1 *)
+
+ (* use int.Int1 *)
+
+ (* use int.ComputerDivision1 *)
+
+ (* use real.RealInfix1 *)
+
+ (* use frama_c_wp.qed.Qed1 *)
+
+ (* use map.Map1 *)
+
+ (* use real.Abs1 *)
+
+ (* use frama_c_wp.cmath.Cmath1 *)
+
+ (* use real.Square2 *)
+
+ (* use frama_c_wp.cmath.Square3 *)
+
+ (* use frama_c_wp.cfloat.Cfloat1 *)
+
+ goal wp_goal :
+ forall f:t1.
+ eq_f32 (add_f32 f (0x1.0000000000000p0:t1))
+ (round_float RTZ1 (of_f32 f))
+ end
+[wp:print-generated]
+ theory WP16
+ (* use why3.BuiltIn.BuiltIn *)
+
+ (* use bool.Bool1 *)
+
+ (* use int.Int1 *)
+
+ (* use int.ComputerDivision1 *)
+
+ (* use real.RealInfix1 *)
+
+ (* use frama_c_wp.qed.Qed1 *)
+
+ (* use map.Map1 *)
+
+ (* use real.Abs1 *)
+
+ (* use frama_c_wp.cmath.Cmath1 *)
+
+ (* use real.Square2 *)
+
+ (* use frama_c_wp.cmath.Square3 *)
+
+ (* use frama_c_wp.cfloat.Cfloat1 *)
+
+ goal wp_goal :
+ forall f:t1.
+ is_negative_infinite_f32 (add_f32 f (0x1.0000000000000p0:t1))
+ end
+[wp:print-generated]
+ theory WP17
+ (* use why3.BuiltIn.BuiltIn *)
+
+ (* use bool.Bool1 *)
+
+ (* use int.Int1 *)
+
+ (* use int.ComputerDivision1 *)
+
+ (* use real.RealInfix1 *)
+
+ (* use frama_c_wp.qed.Qed1 *)
+
+ (* use map.Map1 *)
+
+ (* use real.Abs1 *)
+
+ (* use frama_c_wp.cmath.Cmath1 *)
+
+ (* use real.Square2 *)
+
+ (* use frama_c_wp.cmath.Square3 *)
+
+ (* use frama_c_wp.cfloat.Cfloat1 *)
+
+ goal wp_goal :
+ forall f:t1.
+ is_positive_infinite_f32 (add_f32 f (0x1.0000000000000p0:t1))
+ end
+[wp:print-generated]
+ theory WP18
+ (* use why3.BuiltIn.BuiltIn *)
+
+ (* use bool.Bool1 *)
+
+ (* use int.Int1 *)
+
+ (* use int.ComputerDivision1 *)
+
+ (* use real.RealInfix1 *)
+
+ (* use frama_c_wp.qed.Qed1 *)
+
+ (* use map.Map1 *)
+
+ (* use real.Abs1 *)
+
+ (* use frama_c_wp.cmath.Cmath1 *)
+
+ (* use real.Square2 *)
+
+ (* use frama_c_wp.cmath.Square3 *)
+
+ (* use frama_c_wp.cfloat.Cfloat1 *)
+
+ goal wp_goal : forall f:t1. is_NaN_f32 (add_f32 f (0x1.0000000000000p0:t1))
+ end
+[wp:print-generated]
+ theory WP19
+ (* use why3.BuiltIn.BuiltIn *)
+
+ (* use bool.Bool1 *)
+
+ (* use int.Int1 *)
+
+ (* use int.ComputerDivision1 *)
+
+ (* use real.RealInfix1 *)
+
+ (* use frama_c_wp.qed.Qed1 *)
+
+ (* use map.Map1 *)
+
+ (* use real.Abs1 *)
+
+ (* use frama_c_wp.cmath.Cmath1 *)
+
+ (* use real.Square2 *)
+
+ (* use frama_c_wp.cmath.Square3 *)
+
+ (* use frama_c_wp.cfloat.Cfloat1 *)
+
+ goal wp_goal :
+ forall f:t1. is_infinite_f32 (add_f32 f (0x1.0000000000000p0:t1))
+ end
+[wp] 20 goals generated
+------------------------------------------------------------
+ Function for_double
+------------------------------------------------------------
+
+Goal Post-condition 'DBL_RNE' in 'for_double':
+Prove: eq_f64(add_f64(x, to_f64(1.0)), round_double(Rounding.RNE, of_f64(x))).
+
+------------------------------------------------------------
+
+Goal Post-condition 'DBL_RNA' in 'for_double':
+Prove: eq_f64(add_f64(x, to_f64(1.0)), round_double(Rounding.RNA, of_f64(x))).
+
+------------------------------------------------------------
+
+Goal Post-condition 'DBL_RTZ' in 'for_double':
+Prove: eq_f64(add_f64(x, to_f64(1.0)), round_double(Rounding.RTZ, of_f64(x))).
+
+------------------------------------------------------------
+
+Goal Post-condition 'DBL_RTP' in 'for_double':
+Prove: eq_f64(add_f64(x, to_f64(1.0)), round_double(Rounding.RTP, of_f64(x))).
+
+------------------------------------------------------------
+
+Goal Post-condition 'DBL_RTN' in 'for_double':
+Prove: eq_f64(add_f64(x, to_f64(1.0)), round_double(Rounding.RTN, of_f64(x))).
+
+------------------------------------------------------------
+
+Goal Post-condition 'DBL_FIN' in 'for_double':
+Prove: is_finite_f64(add_f64(x, to_f64(1.0))).
+
+------------------------------------------------------------
+
+Goal Post-condition 'DBL_INF' in 'for_double':
+Prove: is_infinite_f64(add_f64(x, to_f64(1.0))).
+
+------------------------------------------------------------
+
+Goal Post-condition 'DBL_NAN' in 'for_double':
+Prove: is_NaN_f64(add_f64(x, to_f64(1.0))).
+
+------------------------------------------------------------
+
+Goal Post-condition 'DBL_PINF' in 'for_double':
+Prove: is_positive_infinite_f64(add_f64(x, to_f64(1.0))).
+
+------------------------------------------------------------
+
+Goal Post-condition 'DBL_MINF' in 'for_double':
+Prove: is_negative_infinite_f64(add_f64(x, to_f64(1.0))).
+
+------------------------------------------------------------
+------------------------------------------------------------
+ Function for_float
+------------------------------------------------------------
+
+Goal Post-condition 'FLT_RNE' in 'for_float':
+Prove: eq_f32(add_f32(x, to_f32(1.0)), round_float(Rounding.RNE, of_f32(x))).
+
+------------------------------------------------------------
+
+Goal Post-condition 'FLT_RNA' in 'for_float':
+Prove: eq_f32(add_f32(x, to_f32(1.0)), round_float(Rounding.RNA, of_f32(x))).
+
+------------------------------------------------------------
+
+Goal Post-condition 'FLT_RTZ' in 'for_float':
+Prove: eq_f32(add_f32(x, to_f32(1.0)), round_float(Rounding.RTZ, of_f32(x))).
+
+------------------------------------------------------------
+
+Goal Post-condition 'FLT_RTP' in 'for_float':
+Prove: eq_f32(add_f32(x, to_f32(1.0)), round_float(Rounding.RTP, of_f32(x))).
+
+------------------------------------------------------------
+
+Goal Post-condition 'FLT_RTN' in 'for_float':
+Prove: eq_f32(add_f32(x, to_f32(1.0)), round_float(Rounding.RTN, of_f32(x))).
+
+------------------------------------------------------------
+
+Goal Post-condition 'FLT_FIN' in 'for_float':
+Prove: is_finite_f32(add_f32(x, to_f32(1.0))).
+
+------------------------------------------------------------
+
+Goal Post-condition 'FLT_INF' in 'for_float':
+Prove: is_infinite_f32(add_f32(x, to_f32(1.0))).
+
+------------------------------------------------------------
+
+Goal Post-condition 'FLT_NAN' in 'for_float':
+Prove: is_NaN_f32(add_f32(x, to_f32(1.0))).
+
+------------------------------------------------------------
+
+Goal Post-condition 'FLT_PINF' in 'for_float':
+Prove: is_positive_infinite_f32(add_f32(x, to_f32(1.0))).
+
+------------------------------------------------------------
+
+Goal Post-condition 'FLT_MINF' in 'for_float':
+Prove: is_negative_infinite_f32(add_f32(x, to_f32(1.0))).
+
+------------------------------------------------------------
diff --git a/src/plugins/wp/tests/wp_plugin/oracle/float_real.1.res.oracle b/src/plugins/wp/tests/wp_plugin/oracle/float_real.1.res.oracle
index bd279cccc874f2274d8dfb05d4b76eb7d82e8dac..4249f034461a465c794b76fe03bd9cf26e1fa735 100644
--- a/src/plugins/wp/tests/wp_plugin/oracle/float_real.1.res.oracle
+++ b/src/plugins/wp/tests/wp_plugin/oracle/float_real.1.res.oracle
@@ -13,11 +13,11 @@
Goal Post-condition (file tests/wp_plugin/float_real.i, line 14) in 'dequal':
Assume {
Type: is_sint32(dequal_0).
- If lt_f64(add_f64(x, neg_f64(y)),
+ If lt_f64(sub_f64(x, y),
to_f64((5902958103587057.0/590295810358705651712)))
Then {
If lt_f64(to_f64((-5902958103587057.0/590295810358705651712)),
- add_f64(x, neg_f64(y)))
+ sub_f64(x, y))
Then { (* Return *) Have: dequal_0 = 1. }
Else { (* Return *) Have: dequal_0 = 0. }
}
diff --git a/src/plugins/wp/tests/wp_plugin/oracle/frame.res.oracle b/src/plugins/wp/tests/wp_plugin/oracle/frame.res.oracle
index a4a77a805e6fe07bec1f37c60b9ef7a1ae3d79bd..3ef9251b463a17273f447723b675e76ea8aaf660 100644
--- a/src/plugins/wp/tests/wp_plugin/oracle/frame.res.oracle
+++ b/src/plugins/wp/tests/wp_plugin/oracle/frame.res.oracle
@@ -8,7 +8,7 @@
------------------------------------------------------------
Goal Post-condition 'KO' in 'alias':
-Let a = global(P_r_39).
+Let a = global(P_r_41).
Let x = Mint_1[a].
Let x_1 = Mint_0[a].
Assume { Type: is_sint32(x) /\ is_sint32(x_1). }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle/init_const_guard.res.oracle b/src/plugins/wp/tests/wp_plugin/oracle/init_const_guard.res.oracle
index a055c763f2292c7d99c9163ff12edbc76a483055..3fcaa7780cb793ba02ac972a510be04169f3473f 100644
--- a/src/plugins/wp/tests/wp_plugin/oracle/init_const_guard.res.oracle
+++ b/src/plugins/wp/tests/wp_plugin/oracle/init_const_guard.res.oracle
@@ -14,7 +14,7 @@ Prove: true.
Goal Post-condition 'Pointed_Valid' in 'f':
Assume { (* Heap *) Type: linked(Malloc_0). }
-Prove: valid_rw(Malloc_0, global(G_x_18), 1).
+Prove: valid_rw(Malloc_0, global(G_x_20), 1).
------------------------------------------------------------
@@ -38,12 +38,12 @@ Prove: true.
Goal Assertion 'Read' (file tests/wp_plugin/init_const_guard.i, line 31):
Assume { (* Heap *) Type: linked(Malloc_0). }
-Prove: valid_rd(Malloc_0, global(G_x_18), 1).
+Prove: valid_rd(Malloc_0, global(G_x_20), 1).
------------------------------------------------------------
Goal Assertion 'Guard_against_Const' (file tests/wp_plugin/init_const_guard.i, line 32):
-Let a = global(G_x_18).
+Let a = global(G_x_20).
Assume {
(* Heap *)
Type: linked(Malloc_0).
diff --git a/src/plugins/wp/tests/wp_plugin/oracle/initarr.res.oracle b/src/plugins/wp/tests/wp_plugin/oracle/initarr.res.oracle
index 59ec8e297714d56d1c5de2f18c2c9956bcb192e1..402be8d8ac5c7095d9994c3ce980543ce67da025 100644
--- a/src/plugins/wp/tests/wp_plugin/oracle/initarr.res.oracle
+++ b/src/plugins/wp/tests/wp_plugin/oracle/initarr.res.oracle
@@ -18,17 +18,17 @@ Assume {
Type: forall i_1 : Z. let a_4 = A[i_1] in (region(a_4.F1_f.base) <= 0) /\
(region(a_4.F1_g.base) <= 0).
(* Initializer *)
- Init: (a_2.F1_f) = global(G_a_18).
+ Init: (a_2.F1_f) = global(G_a_20).
(* Initializer *)
- Init: (a_2.F1_g) = global(G_b_19).
+ Init: (a_2.F1_g) = global(G_b_21).
(* Initializer *)
- Init: (a_1.F1_f) = global(G_c_20).
+ Init: (a_1.F1_f) = global(G_c_22).
(* Initializer *)
- Init: (a_1.F1_g) = global(G_d_21).
+ Init: (a_1.F1_g) = global(G_d_23).
(* Initializer *)
- Init: (a.F1_f) = global(G_e_22).
+ Init: (a.F1_f) = global(G_e_24).
(* Initializer *)
- Init: (a.F1_g) = global(G_f_23).
+ Init: (a.F1_g) = global(G_f_25).
(* Pre-condition *)
Have: (0 <= i) /\ (i <= 2).
}
@@ -37,9 +37,9 @@ Prove: (a_3.F1_g) != (a_3.F1_f).
------------------------------------------------------------
Goal Post-condition 'ALT' in 'job':
-Let a = global(G_e_22).
-Let a_1 = global(G_c_20).
-Let a_2 = global(G_a_18).
+Let a = global(G_e_24).
+Let a_1 = global(G_c_22).
+Let a_2 = global(G_a_20).
Let a_3 = A[i].F1_f.
Assume {
Type: is_sint32(i).
diff --git a/src/plugins/wp/tests/wp_plugin/oracle/overassign.res.oracle b/src/plugins/wp/tests/wp_plugin/oracle/overassign.res.oracle
index 67cb9a837b5f4ccacc3c14f893bc374f998a6475..53a71fb06d789fc89eead348b6d1ede7a9979791 100644
--- a/src/plugins/wp/tests/wp_plugin/oracle/overassign.res.oracle
+++ b/src/plugins/wp/tests/wp_plugin/oracle/overassign.res.oracle
@@ -40,14 +40,14 @@ Prove: true.
Goal Assigns nothing in 'f3_ok':
Call Effect at line 20
Assume { (* Heap *) Type: linked(Malloc_0). }
-Prove: invalid(Malloc_0, shift_sint32(global(G_A_30), 20), 10).
+Prove: invalid(Malloc_0, shift_sint32(global(G_A_32), 20), 10).
------------------------------------------------------------
Goal Assigns nothing in 'f3_ok':
Call Effect at line 20
Assume { (* Heap *) Type: linked(Malloc_0). }
-Prove: invalid(Malloc_0, shift_sint32(global(G_A_30), 20), 10).
+Prove: invalid(Malloc_0, shift_sint32(global(G_A_32), 20), 10).
------------------------------------------------------------
------------------------------------------------------------
@@ -57,14 +57,14 @@ Prove: invalid(Malloc_0, shift_sint32(global(G_A_30), 20), 10).
Goal Assigns nothing in 'f4_ok':
Call Effect at line 23
Assume { (* Heap *) Type: linked(Malloc_0). }
-Prove: invalid(Malloc_0, shift_sint32(global(G_A_30), -10), 10).
+Prove: invalid(Malloc_0, shift_sint32(global(G_A_32), -10), 10).
------------------------------------------------------------
Goal Assigns nothing in 'f4_ok':
Call Effect at line 23
Assume { (* Heap *) Type: linked(Malloc_0). }
-Prove: invalid(Malloc_0, shift_sint32(global(G_A_30), -10), 10).
+Prove: invalid(Malloc_0, shift_sint32(global(G_A_32), -10), 10).
------------------------------------------------------------
------------------------------------------------------------
@@ -74,14 +74,14 @@ Prove: invalid(Malloc_0, shift_sint32(global(G_A_30), -10), 10).
Goal Assigns nothing in 'f5_ko':
Call Effect at line 26
Assume { (* Heap *) Type: linked(Malloc_0). }
-Prove: invalid(Malloc_0, shift_sint32(global(G_A_30), 15), 10).
+Prove: invalid(Malloc_0, shift_sint32(global(G_A_32), 15), 10).
------------------------------------------------------------
Goal Assigns nothing in 'f5_ko':
Call Effect at line 26
Assume { (* Heap *) Type: linked(Malloc_0). }
-Prove: invalid(Malloc_0, shift_sint32(global(G_A_30), 15), 10).
+Prove: invalid(Malloc_0, shift_sint32(global(G_A_32), 15), 10).
------------------------------------------------------------
------------------------------------------------------------
@@ -91,13 +91,13 @@ Prove: invalid(Malloc_0, shift_sint32(global(G_A_30), 15), 10).
Goal Assigns nothing in 'f6_ko':
Call Effect at line 29
Assume { (* Heap *) Type: linked(Malloc_0). }
-Prove: invalid(Malloc_0, shift_sint32(global(G_A_30), -5), 10).
+Prove: invalid(Malloc_0, shift_sint32(global(G_A_32), -5), 10).
------------------------------------------------------------
Goal Assigns nothing in 'f6_ko':
Call Effect at line 29
Assume { (* Heap *) Type: linked(Malloc_0). }
-Prove: invalid(Malloc_0, shift_sint32(global(G_A_30), -5), 10).
+Prove: invalid(Malloc_0, shift_sint32(global(G_A_32), -5), 10).
------------------------------------------------------------
diff --git a/src/plugins/wp/tests/wp_plugin/oracle/subset_fopen.res.oracle b/src/plugins/wp/tests/wp_plugin/oracle/subset_fopen.res.oracle
index eec7909c06154fa357a353f9fb52f211d1a5e68a..d18122a712f8e78a6502ae1f5bcb0f239208985d 100644
--- a/src/plugins/wp/tests/wp_plugin/oracle/subset_fopen.res.oracle
+++ b/src/plugins/wp/tests/wp_plugin/oracle/subset_fopen.res.oracle
@@ -38,7 +38,7 @@ Assume {
(* Assertion 'Ok_A' *)
Have: (0 <= i) /\ (i <= 9).
(* Call 'fopen' *)
- Have: included(p, 2, shift___fc_FILE(global(G___fc_fopen_19), 0), 1024).
+ Have: included(p, 2, shift___fc_FILE(global(G___fc_fopen_21), 0), 1024).
}
Prove: valid_rw(Malloc_0, p, 2).
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/bit_test.0.session/cache/af2254c1fa0216f2c678366bdede3b13.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/bit_test.0.session/cache/af2254c1fa0216f2c678366bdede3b13.json
new file mode 100644
index 0000000000000000000000000000000000000000..b8e36e2803fcc35bf7625695f4ebcfc62989c064
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/bit_test.0.session/cache/af2254c1fa0216f2c678366bdede3b13.json
@@ -0,0 +1 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "timeout", "time": 10. }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/bit_test.0.session/cache/fa59bf961c2e5397658a695e7a6d70d7.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/bit_test.0.session/cache/fa59bf961c2e5397658a695e7a6d70d7.json
new file mode 100644
index 0000000000000000000000000000000000000000..b8e36e2803fcc35bf7625695f4ebcfc62989c064
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/bit_test.0.session/cache/fa59bf961c2e5397658a695e7a6d70d7.json
@@ -0,0 +1 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "timeout", "time": 10. }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/bit_test.res.oracle b/src/plugins/wp/tests/wp_plugin/oracle_qualif/bit_test.res.oracle
index 6ee9e8566582a39abf57d083d4198404b1643284..f6a082b42cc33bbd5b6ac2c421762b4aea213966 100644
--- a/src/plugins/wp/tests/wp_plugin/oracle_qualif/bit_test.res.oracle
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/bit_test.res.oracle
@@ -4,9 +4,9 @@
[wp] Loading driver 'share/wp.driver'
[wp] Warning: Missing RTE guards
[wp] 3 goals scheduled
-[wp] [Alt-Ergo] Goal typed_bit_test_check1_ensures_ko : Typechecked
-[wp] [Alt-Ergo] Goal typed_bit_test_check2_ensures_ko : Typechecked
-[wp] [Alt-Ergo] Goal typed_bit_test_check3_ensures_ko : Typechecked
+[wp] [Alt-Ergo] Goal typed_bit_test_check1_ensures_ko : Unsuccess
+[wp] [Alt-Ergo] Goal typed_bit_test_check2_ensures_ko : Unsuccess
+[wp] [Alt-Ergo] Goal typed_bit_test_check3_ensures_ko : Unsuccess
[wp] Proved goals: 0 / 3
Alt-Ergo: 0 (unsuccess: 3)
------------------------------------------------------------
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/copy.0.session/cache/05e5c5311bfe8997e3278f3e5c22829a.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/copy.0.session/cache/05e5c5311bfe8997e3278f3e5c22829a.json
new file mode 100644
index 0000000000000000000000000000000000000000..b12df409cd02a38ebcc5d090bfe05689a34f5666
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/copy.0.session/cache/05e5c5311bfe8997e3278f3e5c22829a.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0231,
+ "steps": 18 }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/copy.0.session/cache/074cb03898e8ed122caa93327a7b7a77.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/copy.0.session/cache/074cb03898e8ed122caa93327a7b7a77.json
new file mode 100644
index 0000000000000000000000000000000000000000..503c92e06743585bb5bbc15f268348868d81dc1e
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/copy.0.session/cache/074cb03898e8ed122caa93327a7b7a77.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0455,
+ "steps": 56 }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/copy.0.session/cache/58369c7fb3048b416fdd3fc5458c5b83.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/copy.0.session/cache/58369c7fb3048b416fdd3fc5458c5b83.json
new file mode 100644
index 0000000000000000000000000000000000000000..b63790bdbacd1d8551fda6da870f9b8fd3dea2ea
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/copy.0.session/cache/58369c7fb3048b416fdd3fc5458c5b83.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0211,
+ "steps": 23 }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/copy.0.session/cache/65e3ef4a8586c488db122d88f499b0d9.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/copy.0.session/cache/65e3ef4a8586c488db122d88f499b0d9.json
new file mode 100644
index 0000000000000000000000000000000000000000..47e2078ec7c1785feb6f122094764be00be66762
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/copy.0.session/cache/65e3ef4a8586c488db122d88f499b0d9.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.138,
+ "steps": 148 }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/copy.0.session/cache/9df2b33683d9824243472af4e8d5c5f7.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/copy.0.session/cache/9df2b33683d9824243472af4e8d5c5f7.json
new file mode 100644
index 0000000000000000000000000000000000000000..40dcd1d8b0d4fa477b87e0d293b287661d47b1a7
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/copy.0.session/cache/9df2b33683d9824243472af4e8d5c5f7.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0358,
+ "steps": 34 }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/copy.0.session/cache/d52a4f7a87fca3c71ec617296f285903.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/copy.0.session/cache/d52a4f7a87fca3c71ec617296f285903.json
new file mode 100644
index 0000000000000000000000000000000000000000..61edacfd56a9b8daf5ea1232776142ebbbf92e88
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/copy.0.session/cache/d52a4f7a87fca3c71ec617296f285903.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0271,
+ "steps": 22 }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed.res.oracle b/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed.res.oracle
index fd6fc26aa120ff63af2caaa7dbc980887ba1cb48..a3d176c2b04ee980b4bf2cd926d98d1028fec38a 100644
--- a/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed.res.oracle
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed.res.oracle
@@ -4,15 +4,17 @@
[wp] Loading driver 'share/wp.driver'
[wp] Warning: Missing RTE guards
[wp] 7 goals scheduled
-[wp] Smoke-test typed_bar_smoke_default_requires : Passed (Alt-Ergo)
+[wp] [Passed] Smoke-test typed_bar_wp_smoke_default_requires
[wp] [Qed] Goal typed_bar_ensures : Valid
-[wp:smoke] tests/wp_plugin/doomed.i:41: Warning:
- Smoke-test typed_buzz_smoke_default_requires : Failed (Qed)
+[wp] [Failed] Smoke-test typed_buzz_wp_smoke_default_requires
+ Qed: Valid
+[wp] tests/wp_plugin/doomed.i:41: Warning: Failed smoke-test
[wp] [Qed] Goal typed_buzz_ensures : Valid
-[wp] Smoke-test typed_foo_smoke_default_requires : Passed (Alt-Ergo)
-[wp:smoke] tests/wp_plugin/doomed.i:27: Warning:
- Smoke-test typed_foo_smoke_A_requires : Failed (Qed)
-[wp] Smoke-test typed_foo_smoke_B_requires : Passed (Alt-Ergo)
+[wp] [Passed] Smoke-test typed_foo_wp_smoke_default_requires
+[wp] [Failed] Smoke-test typed_foo_wp_smoke_A_requires
+ Qed: Valid
+[wp] tests/wp_plugin/doomed.i:27: Warning: Failed smoke-test
+[wp] [Passed] Smoke-test typed_foo_wp_smoke_B_requires
[wp] Proved goals: 5 / 7
Qed: 2 (failed: 2)
Alt-Ergo: 3
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_axioms.0.session/cache/3c09d952f228b980bfc7351233bea851.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_axioms.0.session/cache/3c09d952f228b980bfc7351233bea851.json
new file mode 100644
index 0000000000000000000000000000000000000000..e94485320686ef2607db1065d1b3e030a9c22948
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_axioms.0.session/cache/3c09d952f228b980bfc7351233bea851.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0072,
+ "steps": 15 }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_axioms.0.session/cache/82f897485c8c7f2dea5812a6e02dc9bc.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_axioms.0.session/cache/82f897485c8c7f2dea5812a6e02dc9bc.json
new file mode 100644
index 0000000000000000000000000000000000000000..9910b14f695f9372139925ff885e064159b456c2
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_axioms.0.session/cache/82f897485c8c7f2dea5812a6e02dc9bc.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0074,
+ "steps": 15 }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_axioms.res.oracle b/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_axioms.res.oracle
index d6996bf2feae602fa1f7aff9f24ae17a21546a3f..f11a3888e1dc6f587beb931fa8677fb11eb4758d 100644
--- a/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_axioms.res.oracle
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_axioms.res.oracle
@@ -3,9 +3,16 @@
[wp] Running WP plugin...
[wp] Loading driver 'share/wp.driver'
[wp] Warning: Missing RTE guards
-[wp] 8 goals scheduled
-[wp:smoke] tests/wp_plugin/doomed_axioms.i:29: Warning:
- Smoke-test typed_foo_smoke_loop_invariant_s2 : Failed (Alt-Ergo)
+[wp] 10 goals scheduled
+[wp] [Failed] Smoke-test typed_foo_wp_smoke_dead_loop_s2
+ Alt-Ergo: Valid
+[wp] tests/wp_plugin/doomed_axioms.i:29: Warning: Failed smoke-test
+[wp] [Failed] Smoke-test typed_foo_wp_smoke_dead_code_s7
+ Alt-Ergo: Valid
+[wp] tests/wp_plugin/doomed_axioms.i:30: Warning: Failed smoke-test
+[wp] [Failed] Smoke-test typed_foo_wp_smoke_dead_code_s9
+ Alt-Ergo: Valid
+[wp] tests/wp_plugin/doomed_axioms.i:32: Warning: Failed smoke-test
[wp] [Alt-Ergo] Goal typed_foo_loop_invariant_A_preserved : Valid
[wp] [Alt-Ergo] Goal typed_foo_loop_invariant_A_established : Valid
[wp] [Alt-Ergo] Goal typed_foo_loop_invariant_B_preserved : Valid
@@ -13,10 +20,10 @@
[wp] [Alt-Ergo] Goal typed_foo_loop_invariant_C_preserved : Valid
[wp] [Alt-Ergo] Goal typed_foo_loop_invariant_C_established : Valid
[wp] [Qed] Goal typed_foo_loop_assigns : Valid
-[wp] Proved goals: 7 / 8
+[wp] Proved goals: 7 / 10
Qed: 1
- Alt-Ergo: 6 (failed: 1)
+ Alt-Ergo: 6 (failed: 3)
------------------------------------------------------------
Functions WP Alt-Ergo Total Success
- foo 1 6 8 87.5%
+ foo 1 6 10 70.0%
------------------------------------------------------------
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_call.0.res.oracle b/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_call.0.res.oracle
new file mode 100644
index 0000000000000000000000000000000000000000..31663282840a94f1fb070f1b7ab275f6390fd1cd
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_call.0.res.oracle
@@ -0,0 +1,29 @@
+# frama-c -wp [...]
+[kernel] Parsing tests/wp_plugin/doomed_call.i (no preprocessing)
+[wp] Running WP plugin...
+[wp] Loading driver 'share/wp.driver'
+[wp] Warning: Missing RTE guards
+[wp] 10 goals scheduled
+[wp] [Qed] Goal typed_f1_ok_ensures : Valid
+[wp] [Qed] Goal typed_f1_ok_exits : Valid
+[wp] [Qed] Goal typed_f2_ok_ensures : Valid
+[wp] [Qed] Goal typed_f2_ok_exits : Valid
+[wp] [Qed] Goal typed_f3_ko_ensures : Valid
+[wp] [Qed] Goal typed_f3_ok_ensures : Valid
+[wp] [Qed] Goal typed_f4_ko_ensures : Valid
+[wp] [Qed] Goal typed_f4_ok_ensures : Valid
+[wp] [Qed] Goal typed_f5_ko_ensures : Valid
+[wp] [Qed] Goal typed_f5_ok_ensures : Valid
+[wp] Proved goals: 10 / 10
+ Qed: 10
+------------------------------------------------------------
+ Functions WP Alt-Ergo Total Success
+ f1_ok 2 - 2 100%
+ f2_ok 2 - 2 100%
+ f3_ko 1 - 1 100%
+ f3_ok 1 - 1 100%
+ f4_ok 1 - 1 100%
+ f4_ko 1 - 1 100%
+ f5_ok 1 - 1 100%
+ f5_ko 1 - 1 100%
+------------------------------------------------------------
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_call.1.res.oracle b/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_call.1.res.oracle
new file mode 100644
index 0000000000000000000000000000000000000000..3d349ae889761bc345e1e830e832772d04c61ccd
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_call.1.res.oracle
@@ -0,0 +1,63 @@
+# frama-c -wp [...]
+[kernel] Parsing tests/wp_plugin/doomed_call.i (no preprocessing)
+[wp] Running WP plugin...
+[wp] Loading driver 'share/wp.driver'
+[wp] Warning: Missing RTE guards
+[wp] 33 goals scheduled
+[wp] [Passed] Smoke-test typed_call_exit_ok_wp_smoke_dead_call_s2
+[wp] [Passed] Smoke-test typed_f1_ok_wp_smoke_dead_code_s2
+[wp] [Passed] Smoke-test typed_f1_ok_wp_smoke_dead_code_s4
+[wp] [Qed] Goal typed_f1_ok_ensures : Valid
+[wp] [Qed] Goal typed_f1_ok_exits : Valid
+[wp] [Passed] Smoke-test typed_call_post_ok_wp_smoke_dead_call_s9
+[wp] [Passed] Smoke-test typed_call_exit_ok_wp_smoke_dead_call_s10
+[wp] [Passed] Smoke-test typed_f2_ok_wp_smoke_dead_code_s9
+[wp] [Passed] Smoke-test typed_f2_ok_wp_smoke_dead_code_s10
+[wp] [Passed] Smoke-test typed_f2_ok_wp_smoke_dead_code_s11
+[wp] [Qed] Goal typed_f2_ok_ensures : Valid
+[wp] [Qed] Goal typed_f2_ok_exits : Valid
+[wp] [Failed] Smoke-test typed_call_ko_wp_smoke_dead_call_s14
+ Qed: Valid
+[wp] tests/wp_plugin/doomed_call.i:68: Warning: Failed smoke-test
+[wp] [Failed] Smoke-test typed_f3_ko_wp_smoke_dead_code_s15
+ Qed: Valid
+[wp] tests/wp_plugin/doomed_call.i:69: Warning: Failed smoke-test
+[wp] [Qed] Goal typed_f3_ko_ensures : Valid
+[wp] [Passed] Smoke-test typed_call_exit_ok_wp_smoke_dead_call_s18
+[wp] [Qed] Goal typed_f3_ok_ensures : Valid
+[wp] [Failed] Smoke-test typed_call_ko_global_wp_smoke_dead_call_s26
+ Qed: Valid
+[wp] tests/wp_plugin/doomed_call.i:89: Warning: Failed smoke-test
+[wp] [Qed] Goal typed_f4_ko_ensures : Valid
+[wp] [Passed] Smoke-test typed_call_ko_global_wp_smoke_dead_call_s22
+[wp] [Qed] Goal typed_f4_ok_ensures : Valid
+[wp] [Passed] Smoke-test typed_call_wrong_wp_smoke_dead_call_s35
+[wp] [Passed] Smoke-test typed_call_effect_wp_smoke_dead_call_s34
+[wp] [Failed] Smoke-test typed_call_effect_wp_smoke_dead_call_s36
+ Qed: Valid
+[wp] tests/wp_plugin/doomed_call.i:121: Warning: Failed smoke-test
+[wp] [Passed] Smoke-test typed_f5_ko_wp_smoke_dead_code_s35
+[wp] [Failed] Smoke-test typed_f5_ko_wp_smoke_dead_code_s36
+ Qed: Valid
+[wp] tests/wp_plugin/doomed_call.i:121: Warning: Failed smoke-test
+[wp] [Qed] Goal typed_f5_ko_ensures : Valid
+[wp] [Passed] Smoke-test typed_call_effect_wp_smoke_dead_call_s29
+[wp] [Passed] Smoke-test typed_call_effect_wp_smoke_dead_call_s30
+[wp] [Passed] Smoke-test typed_call_effect_wp_smoke_dead_call_s31
+[wp] [Passed] Smoke-test typed_f5_ok_wp_smoke_dead_code_s30
+[wp] [Passed] Smoke-test typed_f5_ok_wp_smoke_dead_code_s31
+[wp] [Qed] Goal typed_f5_ok_ensures : Valid
+[wp] Proved goals: 28 / 33
+ Qed: 10 (failed: 5)
+ Alt-Ergo: 18
+------------------------------------------------------------
+ Functions WP Alt-Ergo Total Success
+ f1_ok 2 3 5 100%
+ f2_ok 2 5 7 100%
+ f3_ko 1 - 3 33.3%
+ f3_ok 1 1 2 100%
+ f4_ok 1 1 2 100%
+ f4_ko 1 - 2 50.0%
+ f5_ok 1 5 6 100%
+ f5_ko 1 3 6 66.7%
+------------------------------------------------------------
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_call.1.session/cache/1eca675b58cd4c1bd275d6c731157e8d.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_call.1.session/cache/1eca675b58cd4c1bd275d6c731157e8d.json
new file mode 100644
index 0000000000000000000000000000000000000000..e66c1e560c3e3beea6fbac4ca1152d028c150355
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_call.1.session/cache/1eca675b58cd4c1bd275d6c731157e8d.json
@@ -0,0 +1 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "timeout", "time": 2. }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_call.1.session/cache/2e52caad3f8b8552be7c703a245947cf.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_call.1.session/cache/2e52caad3f8b8552be7c703a245947cf.json
new file mode 100644
index 0000000000000000000000000000000000000000..56c395504289168c539ec44e6877a919ac85adc8
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_call.1.session/cache/2e52caad3f8b8552be7c703a245947cf.json
@@ -0,0 +1 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "unknown" }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_call.1.session/cache/434cbeb147419d3a67a7ba9f259979b4.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_call.1.session/cache/434cbeb147419d3a67a7ba9f259979b4.json
new file mode 100644
index 0000000000000000000000000000000000000000..e66c1e560c3e3beea6fbac4ca1152d028c150355
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_call.1.session/cache/434cbeb147419d3a67a7ba9f259979b4.json
@@ -0,0 +1 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "timeout", "time": 2. }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_call.1.session/cache/a67555f65c0eeddae65ea767feee094b.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_call.1.session/cache/a67555f65c0eeddae65ea767feee094b.json
new file mode 100644
index 0000000000000000000000000000000000000000..e66c1e560c3e3beea6fbac4ca1152d028c150355
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_call.1.session/cache/a67555f65c0eeddae65ea767feee094b.json
@@ -0,0 +1 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "timeout", "time": 2. }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_call.1.session/cache/d24d77f4cbf6a953898fc10a000e82ec.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_call.1.session/cache/d24d77f4cbf6a953898fc10a000e82ec.json
new file mode 100644
index 0000000000000000000000000000000000000000..e66c1e560c3e3beea6fbac4ca1152d028c150355
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_call.1.session/cache/d24d77f4cbf6a953898fc10a000e82ec.json
@@ -0,0 +1 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "timeout", "time": 2. }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_call.2.res.oracle b/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_call.2.res.oracle
new file mode 100644
index 0000000000000000000000000000000000000000..51c6311db51f101a18e4018c350aa16d9998e2de
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_call.2.res.oracle
@@ -0,0 +1,66 @@
+# frama-c -wp -wp-split [...]
+[kernel] Parsing tests/wp_plugin/doomed_call.i (no preprocessing)
+[wp] Running WP plugin...
+[wp] Loading driver 'share/wp.driver'
+[wp] Warning: Missing RTE guards
+[wp] 36 goals scheduled
+[wp] [Passed] Smoke-test typed_call_exit_ok_wp_smoke_dead_call_s2
+[wp] [Passed] Smoke-test typed_f1_ok_wp_smoke_dead_code_s2
+[wp] [Passed] Smoke-test typed_f1_ok_wp_smoke_dead_code_s4
+[wp] [Qed] Goal typed_f1_ok_ensures_part1 : Valid
+[wp] [Qed] Goal typed_f1_ok_ensures_part2 : Valid
+[wp] [Qed] Goal typed_f1_ok_exits : Valid
+[wp] [Passed] Smoke-test typed_call_post_ok_wp_smoke_dead_call_s9
+[wp] [Passed] Smoke-test typed_call_exit_ok_wp_smoke_dead_call_s10
+[wp] [Passed] Smoke-test typed_f2_ok_wp_smoke_dead_code_s9
+[wp] [Passed] Smoke-test typed_f2_ok_wp_smoke_dead_code_s10
+[wp] [Passed] Smoke-test typed_f2_ok_wp_smoke_dead_code_s11
+[wp] [Qed] Goal typed_f2_ok_ensures_part1 : Valid
+[wp] [Qed] Goal typed_f2_ok_ensures_part2 : Valid
+[wp] [Qed] Goal typed_f2_ok_exits_part1 : Valid
+[wp] [Qed] Goal typed_f2_ok_exits_part2 : Valid
+[wp] [Failed] Smoke-test typed_call_ko_wp_smoke_dead_call_s14
+ Qed: Valid
+[wp] tests/wp_plugin/doomed_call.i:68: Warning: Failed smoke-test
+[wp] [Failed] Smoke-test typed_f3_ko_wp_smoke_dead_code_s15
+ Qed: Valid
+[wp] tests/wp_plugin/doomed_call.i:69: Warning: Failed smoke-test
+[wp] [Qed] Goal typed_f3_ko_ensures : Valid
+[wp] [Passed] Smoke-test typed_call_exit_ok_wp_smoke_dead_call_s18
+[wp] [Qed] Goal typed_f3_ok_ensures : Valid
+[wp] [Failed] Smoke-test typed_call_ko_global_wp_smoke_dead_call_s26
+ Qed: Valid
+[wp] tests/wp_plugin/doomed_call.i:89: Warning: Failed smoke-test
+[wp] [Qed] Goal typed_f4_ko_ensures : Valid
+[wp] [Passed] Smoke-test typed_call_ko_global_wp_smoke_dead_call_s22
+[wp] [Qed] Goal typed_f4_ok_ensures : Valid
+[wp] [Passed] Smoke-test typed_call_wrong_wp_smoke_dead_call_s35
+[wp] [Passed] Smoke-test typed_call_effect_wp_smoke_dead_call_s34
+[wp] [Failed] Smoke-test typed_call_effect_wp_smoke_dead_call_s36
+ Qed: Valid
+[wp] tests/wp_plugin/doomed_call.i:121: Warning: Failed smoke-test
+[wp] [Passed] Smoke-test typed_f5_ko_wp_smoke_dead_code_s35
+[wp] [Failed] Smoke-test typed_f5_ko_wp_smoke_dead_code_s36
+ Qed: Valid
+[wp] tests/wp_plugin/doomed_call.i:121: Warning: Failed smoke-test
+[wp] [Qed] Goal typed_f5_ko_ensures : Valid
+[wp] [Passed] Smoke-test typed_call_effect_wp_smoke_dead_call_s29
+[wp] [Passed] Smoke-test typed_call_effect_wp_smoke_dead_call_s30
+[wp] [Passed] Smoke-test typed_call_effect_wp_smoke_dead_call_s31
+[wp] [Passed] Smoke-test typed_f5_ok_wp_smoke_dead_code_s30
+[wp] [Passed] Smoke-test typed_f5_ok_wp_smoke_dead_code_s31
+[wp] [Qed] Goal typed_f5_ok_ensures : Valid
+[wp] Proved goals: 31 / 36
+ Qed: 13 (failed: 5)
+ Alt-Ergo: 18
+------------------------------------------------------------
+ Functions WP Alt-Ergo Total Success
+ f1_ok 3 3 6 100%
+ f2_ok 4 5 9 100%
+ f3_ko 1 - 3 33.3%
+ f3_ok 1 1 2 100%
+ f4_ok 1 1 2 100%
+ f4_ko 1 - 2 50.0%
+ f5_ok 1 5 6 100%
+ f5_ko 1 3 6 66.7%
+------------------------------------------------------------
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_call.2.session/cache/1eca675b58cd4c1bd275d6c731157e8d.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_call.2.session/cache/1eca675b58cd4c1bd275d6c731157e8d.json
new file mode 100644
index 0000000000000000000000000000000000000000..e66c1e560c3e3beea6fbac4ca1152d028c150355
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_call.2.session/cache/1eca675b58cd4c1bd275d6c731157e8d.json
@@ -0,0 +1 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "timeout", "time": 2. }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_call.2.session/cache/2e52caad3f8b8552be7c703a245947cf.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_call.2.session/cache/2e52caad3f8b8552be7c703a245947cf.json
new file mode 100644
index 0000000000000000000000000000000000000000..56c395504289168c539ec44e6877a919ac85adc8
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_call.2.session/cache/2e52caad3f8b8552be7c703a245947cf.json
@@ -0,0 +1 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "unknown" }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_call.2.session/cache/434cbeb147419d3a67a7ba9f259979b4.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_call.2.session/cache/434cbeb147419d3a67a7ba9f259979b4.json
new file mode 100644
index 0000000000000000000000000000000000000000..e66c1e560c3e3beea6fbac4ca1152d028c150355
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_call.2.session/cache/434cbeb147419d3a67a7ba9f259979b4.json
@@ -0,0 +1 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "timeout", "time": 2. }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_call.2.session/cache/a67555f65c0eeddae65ea767feee094b.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_call.2.session/cache/a67555f65c0eeddae65ea767feee094b.json
new file mode 100644
index 0000000000000000000000000000000000000000..e66c1e560c3e3beea6fbac4ca1152d028c150355
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_call.2.session/cache/a67555f65c0eeddae65ea767feee094b.json
@@ -0,0 +1 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "timeout", "time": 2. }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_call.2.session/cache/d24d77f4cbf6a953898fc10a000e82ec.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_call.2.session/cache/d24d77f4cbf6a953898fc10a000e82ec.json
new file mode 100644
index 0000000000000000000000000000000000000000..e66c1e560c3e3beea6fbac4ca1152d028c150355
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_call.2.session/cache/d24d77f4cbf6a953898fc10a000e82ec.json
@@ -0,0 +1 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "timeout", "time": 2. }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_dead.0.res.oracle b/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_dead.0.res.oracle
new file mode 100644
index 0000000000000000000000000000000000000000..0b7ac571bbb5104117da2b1a5abd17b46c31fc15
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_dead.0.res.oracle
@@ -0,0 +1,69 @@
+# frama-c -wp [...]
+[kernel] Parsing tests/wp_plugin/doomed_dead.i (no preprocessing)
+[wp] Running WP plugin...
+[wp] Loading driver 'share/wp.driver'
+[wp] Warning: Missing RTE guards
+[wp] 46 goals scheduled
+[wp] [Passed] Smoke-test typed_f1_ok_wp_smoke_dead_code_s3
+[wp] [Passed] Smoke-test typed_f1_ok_wp_smoke_dead_code_s7
+[wp] [Passed] Smoke-test typed_f1_ok_wp_smoke_dead_code_s10
+[wp] [Qed] Goal typed_f1_ok_assigns_part1 : Valid
+[wp] [Qed] Goal typed_f1_ok_assigns_part2 : Valid
+[wp] [Passed] Smoke-test typed_exit_wp_smoke_dead_call_s22
+[wp] [Passed] Smoke-test typed_f2_ko_wp_smoke_dead_code_s22
+[wp] [Failed] Smoke-test typed_f2_ko_wp_smoke_dead_code_s23
+ Qed: Valid
+[wp] tests/wp_plugin/doomed_dead.i:44: Warning: Failed smoke-test
+[wp] [Passed] Smoke-test typed_f2_ko_wp_smoke_dead_code_s26
+[wp] [Qed] Goal typed_f2_ko_assigns_exit : Valid
+[wp] [Qed] Goal typed_f2_ko_assigns_normal_part1 : Valid
+[wp] [Qed] Goal typed_f2_ko_assigns_normal_part2 : Valid
+[wp] [Passed] Smoke-test typed_exit_wp_smoke_dead_call_s14
+[wp] [Passed] Smoke-test typed_f2_ok_wp_smoke_dead_code_s14
+[wp] [Passed] Smoke-test typed_f2_ok_wp_smoke_dead_code_s16
+[wp] [Qed] Goal typed_f2_ok_assigns_exit : Valid
+[wp] [Qed] Goal typed_f2_ok_assigns_normal_part1 : Valid
+[wp] [Qed] Goal typed_f2_ok_assigns_normal_part2 : Valid
+[wp] [Passed] Smoke-test typed_call_wp_smoke_dead_call_s30
+[wp] [Passed] Smoke-test typed_f3_ok_wp_smoke_dead_code_s30
+[wp] [Passed] Smoke-test typed_f3_ok_wp_smoke_dead_code_s31
+[wp] [Passed] Smoke-test typed_f3_ok_wp_smoke_dead_code_s34
+[wp] [Qed] Goal typed_f3_ok_assigns_exit : Valid
+[wp] [Qed] Goal typed_f3_ok_assigns_normal_part1 : Valid
+[wp] [Qed] Goal typed_f3_ok_assigns_normal_part2 : Valid
+[wp] [Passed] Smoke-test typed_exit_wp_smoke_dead_call_s38
+[wp] [Passed] Smoke-test typed_f4_ok_wp_smoke_dead_code_s41
+[wp] [Qed] Goal typed_f4_ok_assert : Valid
+[wp] [Qed] Goal typed_f4_ok_assigns_exit : Valid
+[wp] [Qed] Goal typed_f4_ok_assigns_normal_part1 : Valid
+[wp] [Qed] Goal typed_f4_ok_assigns_normal_part2 : Valid
+[wp] [Qed] Goal typed_f4_ok_assigns_normal_part3 : Valid
+[wp] [Passed] Smoke-test typed_f5_ko_wp_smoke_dead_code_s56
+[wp] [Failed] Smoke-test typed_f5_ko_wp_smoke_dead_code_s61
+ Qed: Valid
+[wp] tests/wp_plugin/doomed_dead.i:90: Warning: Failed smoke-test
+[wp] [Passed] Smoke-test typed_f5_ko_wp_smoke_dead_code_s63
+[wp] [Passed] Smoke-test typed_f5_ko_wp_smoke_dead_code_s65
+[wp] [Qed] Goal typed_f5_ko_assigns_part1 : Valid
+[wp] [Qed] Goal typed_f5_ko_assigns_part2 : Valid
+[wp] [Qed] Goal typed_f5_ko_assigns_part3 : Valid
+[wp] [Qed] Goal typed_f5_ko_assigns_part4 : Valid
+[wp] [Passed] Smoke-test typed_f5_ok_wp_smoke_dead_code_s48
+[wp] [Passed] Smoke-test typed_f5_ok_wp_smoke_dead_code_s50
+[wp] [Passed] Smoke-test typed_f5_ok_wp_smoke_dead_code_s52
+[wp] [Qed] Goal typed_f5_ok_assigns_part1 : Valid
+[wp] [Qed] Goal typed_f5_ok_assigns_part2 : Valid
+[wp] [Qed] Goal typed_f5_ok_assigns_part3 : Valid
+[wp] Proved goals: 44 / 46
+ Qed: 23 (failed: 2)
+ Alt-Ergo: 21
+------------------------------------------------------------
+ Functions WP Alt-Ergo Total Success
+ f1_ok 2 3 5 100%
+ f2_ok 3 3 6 100%
+ f2_ko 3 3 7 85.7%
+ f3_ok 3 4 7 100%
+ f4_ok 5 2 7 100%
+ f5_ok 3 3 6 100%
+ f5_ko 4 3 8 87.5%
+------------------------------------------------------------
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_dead.0.session/cache/2c0433881c3e7c204fbd933fae94ed2a.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_dead.0.session/cache/2c0433881c3e7c204fbd933fae94ed2a.json
new file mode 100644
index 0000000000000000000000000000000000000000..e66c1e560c3e3beea6fbac4ca1152d028c150355
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_dead.0.session/cache/2c0433881c3e7c204fbd933fae94ed2a.json
@@ -0,0 +1 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "timeout", "time": 2. }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_dead.0.session/cache/2e52caad3f8b8552be7c703a245947cf.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_dead.0.session/cache/2e52caad3f8b8552be7c703a245947cf.json
new file mode 100644
index 0000000000000000000000000000000000000000..56c395504289168c539ec44e6877a919ac85adc8
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_dead.0.session/cache/2e52caad3f8b8552be7c703a245947cf.json
@@ -0,0 +1 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "unknown" }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_dead.0.session/cache/434cbeb147419d3a67a7ba9f259979b4.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_dead.0.session/cache/434cbeb147419d3a67a7ba9f259979b4.json
new file mode 100644
index 0000000000000000000000000000000000000000..e66c1e560c3e3beea6fbac4ca1152d028c150355
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_dead.0.session/cache/434cbeb147419d3a67a7ba9f259979b4.json
@@ -0,0 +1 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "timeout", "time": 2. }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_dead.0.session/cache/6de0af457f7b1f3d82b27400e43a68aa.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_dead.0.session/cache/6de0af457f7b1f3d82b27400e43a68aa.json
new file mode 100644
index 0000000000000000000000000000000000000000..e66c1e560c3e3beea6fbac4ca1152d028c150355
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_dead.0.session/cache/6de0af457f7b1f3d82b27400e43a68aa.json
@@ -0,0 +1 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "timeout", "time": 2. }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_dead.0.session/cache/e8b77cbcc3a78b598f47a9de28727817.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_dead.0.session/cache/e8b77cbcc3a78b598f47a9de28727817.json
new file mode 100644
index 0000000000000000000000000000000000000000..e66c1e560c3e3beea6fbac4ca1152d028c150355
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_dead.0.session/cache/e8b77cbcc3a78b598f47a9de28727817.json
@@ -0,0 +1 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "timeout", "time": 2. }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_dead.1.res.oracle b/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_dead.1.res.oracle
new file mode 100644
index 0000000000000000000000000000000000000000..b5c0258a177a6fd3979a13a3bd589bf4671bb599
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_dead.1.res.oracle
@@ -0,0 +1,71 @@
+# frama-c -wp -wp-split [...]
+[kernel] Parsing tests/wp_plugin/doomed_dead.i (no preprocessing)
+[wp] Running WP plugin...
+[wp] Loading driver 'share/wp.driver'
+[wp] Warning: Missing RTE guards
+[wp] 48 goals scheduled
+[wp] [Passed] Smoke-test typed_f1_ok_wp_smoke_dead_code_s3
+[wp] [Passed] Smoke-test typed_f1_ok_wp_smoke_dead_code_s7
+[wp] [Passed] Smoke-test typed_f1_ok_wp_smoke_dead_code_s10
+[wp] [Qed] Goal typed_f1_ok_assigns_part1 : Valid
+[wp] [Qed] Goal typed_f1_ok_assigns_part2 : Valid
+[wp] [Qed] Goal typed_f1_ok_assigns_part3 : Valid
+[wp] [Passed] Smoke-test typed_exit_wp_smoke_dead_call_s22
+[wp] [Passed] Smoke-test typed_f2_ko_wp_smoke_dead_code_s22
+[wp] [Failed] Smoke-test typed_f2_ko_wp_smoke_dead_code_s23
+ Qed: Valid
+[wp] tests/wp_plugin/doomed_dead.i:44: Warning: Failed smoke-test
+[wp] [Passed] Smoke-test typed_f2_ko_wp_smoke_dead_code_s26
+[wp] [Qed] Goal typed_f2_ko_assigns_exit : Valid
+[wp] [Qed] Goal typed_f2_ko_assigns_normal_part1 : Valid
+[wp] [Qed] Goal typed_f2_ko_assigns_normal_part2 : Valid
+[wp] [Passed] Smoke-test typed_exit_wp_smoke_dead_call_s14
+[wp] [Passed] Smoke-test typed_f2_ok_wp_smoke_dead_code_s14
+[wp] [Passed] Smoke-test typed_f2_ok_wp_smoke_dead_code_s16
+[wp] [Qed] Goal typed_f2_ok_assigns_exit : Valid
+[wp] [Qed] Goal typed_f2_ok_assigns_normal_part1 : Valid
+[wp] [Qed] Goal typed_f2_ok_assigns_normal_part2 : Valid
+[wp] [Qed] Goal typed_f2_ok_assigns_normal_part3 : Valid
+[wp] [Passed] Smoke-test typed_call_wp_smoke_dead_call_s30
+[wp] [Passed] Smoke-test typed_f3_ok_wp_smoke_dead_code_s30
+[wp] [Passed] Smoke-test typed_f3_ok_wp_smoke_dead_code_s31
+[wp] [Passed] Smoke-test typed_f3_ok_wp_smoke_dead_code_s34
+[wp] [Qed] Goal typed_f3_ok_assigns_exit : Valid
+[wp] [Qed] Goal typed_f3_ok_assigns_normal_part1 : Valid
+[wp] [Qed] Goal typed_f3_ok_assigns_normal_part2 : Valid
+[wp] [Passed] Smoke-test typed_exit_wp_smoke_dead_call_s38
+[wp] [Passed] Smoke-test typed_f4_ok_wp_smoke_dead_code_s41
+[wp] [Qed] Goal typed_f4_ok_assert : Valid
+[wp] [Qed] Goal typed_f4_ok_assigns_exit : Valid
+[wp] [Qed] Goal typed_f4_ok_assigns_normal_part1 : Valid
+[wp] [Qed] Goal typed_f4_ok_assigns_normal_part2 : Valid
+[wp] [Qed] Goal typed_f4_ok_assigns_normal_part3 : Valid
+[wp] [Passed] Smoke-test typed_f5_ko_wp_smoke_dead_code_s56
+[wp] [Failed] Smoke-test typed_f5_ko_wp_smoke_dead_code_s61
+ Qed: Valid
+[wp] tests/wp_plugin/doomed_dead.i:90: Warning: Failed smoke-test
+[wp] [Passed] Smoke-test typed_f5_ko_wp_smoke_dead_code_s63
+[wp] [Passed] Smoke-test typed_f5_ko_wp_smoke_dead_code_s65
+[wp] [Qed] Goal typed_f5_ko_assigns_part1 : Valid
+[wp] [Qed] Goal typed_f5_ko_assigns_part2 : Valid
+[wp] [Qed] Goal typed_f5_ko_assigns_part3 : Valid
+[wp] [Qed] Goal typed_f5_ko_assigns_part4 : Valid
+[wp] [Passed] Smoke-test typed_f5_ok_wp_smoke_dead_code_s48
+[wp] [Passed] Smoke-test typed_f5_ok_wp_smoke_dead_code_s50
+[wp] [Passed] Smoke-test typed_f5_ok_wp_smoke_dead_code_s52
+[wp] [Qed] Goal typed_f5_ok_assigns_part1 : Valid
+[wp] [Qed] Goal typed_f5_ok_assigns_part2 : Valid
+[wp] [Qed] Goal typed_f5_ok_assigns_part3 : Valid
+[wp] Proved goals: 46 / 48
+ Qed: 25 (failed: 2)
+ Alt-Ergo: 21
+------------------------------------------------------------
+ Functions WP Alt-Ergo Total Success
+ f1_ok 3 3 6 100%
+ f2_ok 4 3 7 100%
+ f2_ko 3 3 7 85.7%
+ f3_ok 3 4 7 100%
+ f4_ok 5 2 7 100%
+ f5_ok 3 3 6 100%
+ f5_ko 4 3 8 87.5%
+------------------------------------------------------------
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_dead.1.session/cache/0eff509260291b913afca26f97217593.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_dead.1.session/cache/0eff509260291b913afca26f97217593.json
new file mode 100644
index 0000000000000000000000000000000000000000..e66c1e560c3e3beea6fbac4ca1152d028c150355
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_dead.1.session/cache/0eff509260291b913afca26f97217593.json
@@ -0,0 +1 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "timeout", "time": 2. }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_dead.1.session/cache/2c0433881c3e7c204fbd933fae94ed2a.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_dead.1.session/cache/2c0433881c3e7c204fbd933fae94ed2a.json
new file mode 100644
index 0000000000000000000000000000000000000000..e66c1e560c3e3beea6fbac4ca1152d028c150355
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_dead.1.session/cache/2c0433881c3e7c204fbd933fae94ed2a.json
@@ -0,0 +1 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "timeout", "time": 2. }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_dead.1.session/cache/2e52caad3f8b8552be7c703a245947cf.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_dead.1.session/cache/2e52caad3f8b8552be7c703a245947cf.json
new file mode 100644
index 0000000000000000000000000000000000000000..56c395504289168c539ec44e6877a919ac85adc8
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_dead.1.session/cache/2e52caad3f8b8552be7c703a245947cf.json
@@ -0,0 +1 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "unknown" }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_dead.1.session/cache/434cbeb147419d3a67a7ba9f259979b4.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_dead.1.session/cache/434cbeb147419d3a67a7ba9f259979b4.json
new file mode 100644
index 0000000000000000000000000000000000000000..e66c1e560c3e3beea6fbac4ca1152d028c150355
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_dead.1.session/cache/434cbeb147419d3a67a7ba9f259979b4.json
@@ -0,0 +1 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "timeout", "time": 2. }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_dead.1.session/cache/6de0af457f7b1f3d82b27400e43a68aa.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_dead.1.session/cache/6de0af457f7b1f3d82b27400e43a68aa.json
new file mode 100644
index 0000000000000000000000000000000000000000..e66c1e560c3e3beea6fbac4ca1152d028c150355
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_dead.1.session/cache/6de0af457f7b1f3d82b27400e43a68aa.json
@@ -0,0 +1 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "timeout", "time": 2. }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_dead.1.session/cache/e8b77cbcc3a78b598f47a9de28727817.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_dead.1.session/cache/e8b77cbcc3a78b598f47a9de28727817.json
new file mode 100644
index 0000000000000000000000000000000000000000..e66c1e560c3e3beea6fbac4ca1152d028c150355
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_dead.1.session/cache/e8b77cbcc3a78b598f47a9de28727817.json
@@ -0,0 +1 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "timeout", "time": 2. }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_loop.res.oracle b/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_loop.res.oracle
index 50df612e79a7cf9df452cf5d96eaf33526f5b71a..c1ea877c9baf297a06bc5012eb462963ac2e0561 100644
--- a/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_loop.res.oracle
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_loop.res.oracle
@@ -3,18 +3,25 @@
[wp] Running WP plugin...
[wp] Loading driver 'share/wp.driver'
[wp] Warning: Missing RTE guards
-[wp] 6 goals scheduled
-[wp:smoke] tests/wp_plugin/doomed_loop.i:22: Warning:
- Smoke-test typed_foo_smoke_loop_invariant_s2 : Failed (Qed)
+[wp] 8 goals scheduled
+[wp] [Failed] Smoke-test typed_foo_wp_smoke_dead_loop_s2
+ Qed: Valid
+[wp] tests/wp_plugin/doomed_loop.i:22: Warning: Failed smoke-test
+[wp] [Failed] Smoke-test typed_foo_wp_smoke_dead_code_s7
+ Qed: Valid
+[wp] tests/wp_plugin/doomed_loop.i:23: Warning: Failed smoke-test
+[wp] [Failed] Smoke-test typed_foo_wp_smoke_dead_code_s9
+ Qed: Valid
+[wp] tests/wp_plugin/doomed_loop.i:25: Warning: Failed smoke-test
[wp] [Qed] Goal typed_foo_loop_invariant_A_preserved : Valid
[wp] [Alt-Ergo] Goal typed_foo_loop_invariant_A_established : Unsuccess
[wp] [Qed] Goal typed_foo_loop_invariant_B_preserved : Valid
[wp] [Alt-Ergo] Goal typed_foo_loop_invariant_B_established : Unsuccess
[wp] [Qed] Goal typed_foo_loop_assigns : Valid
-[wp] Proved goals: 3 / 6
- Qed: 3 (failed: 1)
+[wp] Proved goals: 3 / 8
+ Qed: 3 (failed: 3)
Alt-Ergo: 0 (unsuccess: 2)
------------------------------------------------------------
Functions WP Alt-Ergo Total Success
- foo 3 - 6 50.0%
+ foo 3 - 8 37.5%
------------------------------------------------------------
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_report_ko.0.session/cache/3c09d952f228b980bfc7351233bea851.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_report_ko.0.session/cache/3c09d952f228b980bfc7351233bea851.json
new file mode 100644
index 0000000000000000000000000000000000000000..9f3147e2a689dd899704e125bd70432ca39c6c2e
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_report_ko.0.session/cache/3c09d952f228b980bfc7351233bea851.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0109,
+ "steps": 15 }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_report_ko.0.session/cache/82f897485c8c7f2dea5812a6e02dc9bc.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_report_ko.0.session/cache/82f897485c8c7f2dea5812a6e02dc9bc.json
new file mode 100644
index 0000000000000000000000000000000000000000..d4e438038a9c53e3f3a69f85606d474e2924b985
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_report_ko.0.session/cache/82f897485c8c7f2dea5812a6e02dc9bc.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0116,
+ "steps": 15 }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_report_ko.res.oracle b/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_report_ko.res.oracle
index 912b133c975304d9a59f793a230439da2d2a18cb..9daa85dfb61bef09c36d23fdc45a15e24df9dfb8 100644
--- a/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_report_ko.res.oracle
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_report_ko.res.oracle
@@ -3,9 +3,16 @@
[wp] Running WP plugin...
[wp] Loading driver 'share/wp.driver'
[wp] Warning: Missing RTE guards
-[wp] 8 goals scheduled
-[wp:smoke] tests/wp_plugin/doomed_report_ko.i:29: Warning:
- Smoke-test typed_foo_smoke_loop_invariant_s2 : Failed (Alt-Ergo)
+[wp] 10 goals scheduled
+[wp] [Failed] Smoke-test typed_foo_wp_smoke_dead_loop_s2
+ Alt-Ergo: Valid
+[wp] tests/wp_plugin/doomed_report_ko.i:29: Warning: Failed smoke-test
+[wp] [Failed] Smoke-test typed_foo_wp_smoke_dead_code_s7
+ Alt-Ergo: Valid
+[wp] tests/wp_plugin/doomed_report_ko.i:29: Warning: Failed smoke-test
+[wp] [Failed] Smoke-test typed_foo_wp_smoke_dead_code_s9
+ Alt-Ergo: Valid
+[wp] tests/wp_plugin/doomed_report_ko.i:30: Warning: Failed smoke-test
[wp] [Alt-Ergo] Goal typed_foo_loop_invariant_A_preserved : Valid
[wp] [Alt-Ergo] Goal typed_foo_loop_invariant_A_established : Valid
[wp] [Alt-Ergo] Goal typed_foo_loop_invariant_B_preserved : Valid
@@ -13,22 +20,24 @@
[wp] [Alt-Ergo] Goal typed_foo_loop_invariant_C_preserved : Valid
[wp] [Alt-Ergo] Goal typed_foo_loop_invariant_C_established : Valid
[wp] [Qed] Goal typed_foo_loop_assigns : Valid
-[wp] Proved goals: 7 / 8
+[wp] Proved goals: 7 / 10
Qed: 1
- Alt-Ergo: 6 (failed: 1)
+ Alt-Ergo: 6 (failed: 3)
------------------------------------------------------------
Functions WP Alt-Ergo Total Success
- foo 1 6 8 87.5%
+ foo 1 6 10 70.0%
------------------------------------------------------------
Qed Ergo Failed
foo_loop_assigns 1 - -
foo_loop_invariant_A - 2 -
foo_loop_invariant_B - 2 -
foo_loop_invariant_C - 2 -
- foo_smoke_loop_invariant_s2 - - 1
+ foo_wp_smoke_dead_code_s7 - - 1
+ foo_wp_smoke_dead_code_s9 - - 1
+ foo_wp_smoke_dead_loop_s2 - - 1
-------------------------------------------------------------
-Success: 80.0%
- Total : 5 properties
+Success: 57.1%
+ Total : 7 properties
Valid : 4
- Failed : 1
+ Failed : 3
-------------------------------------------------------------
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_report_ok.0.session/cache/62a7cbaba5d3871e1ed28541c6fe7028.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_report_ok.0.session/cache/62a7cbaba5d3871e1ed28541c6fe7028.json
new file mode 100644
index 0000000000000000000000000000000000000000..e66c1e560c3e3beea6fbac4ca1152d028c150355
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_report_ok.0.session/cache/62a7cbaba5d3871e1ed28541c6fe7028.json
@@ -0,0 +1 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "timeout", "time": 2. }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_report_ok.0.session/cache/75e1dbec55b6df45c46dfa1e74531a0c.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_report_ok.0.session/cache/75e1dbec55b6df45c46dfa1e74531a0c.json
new file mode 100644
index 0000000000000000000000000000000000000000..e66c1e560c3e3beea6fbac4ca1152d028c150355
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_report_ok.0.session/cache/75e1dbec55b6df45c46dfa1e74531a0c.json
@@ -0,0 +1 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "timeout", "time": 2. }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_report_ok.res.oracle b/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_report_ok.res.oracle
index adbb20e71eacad281f53bcf7bf0dc402fee6a737..2b80ca79ba3e82219a7e914e785dea7f3c5e3610 100644
--- a/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_report_ok.res.oracle
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_report_ok.res.oracle
@@ -3,8 +3,10 @@
[wp] Running WP plugin...
[wp] Loading driver 'share/wp.driver'
[wp] Warning: Missing RTE guards
-[wp] 8 goals scheduled
-[wp] Smoke-test typed_foo_smoke_loop_invariant_s2 : Passed (Alt-Ergo)
+[wp] 10 goals scheduled
+[wp] [Passed] Smoke-test typed_foo_wp_smoke_dead_loop_s2
+[wp] [Passed] Smoke-test typed_foo_wp_smoke_dead_code_s7
+[wp] [Passed] Smoke-test typed_foo_wp_smoke_dead_code_s9
[wp] [Alt-Ergo] Goal typed_foo_loop_invariant_A_preserved : Valid
[wp] [Alt-Ergo] Goal typed_foo_loop_invariant_A_established : Valid
[wp] [Alt-Ergo] Goal typed_foo_loop_invariant_B_preserved : Valid
@@ -12,22 +14,24 @@
[wp] [Alt-Ergo] Goal typed_foo_loop_invariant_C_preserved : Valid
[wp] [Alt-Ergo] Goal typed_foo_loop_invariant_C_established : Valid
[wp] [Qed] Goal typed_foo_loop_assigns : Valid
-[wp] Proved goals: 8 / 8
+[wp] Proved goals: 10 / 10
Qed: 1
- Alt-Ergo: 7
+ Alt-Ergo: 9
------------------------------------------------------------
Functions WP Alt-Ergo Total Success
- foo 1 7 8 100%
+ foo 1 9 10 100%
------------------------------------------------------------
Qed Ergo Failed
foo_loop_assigns 1 - -
foo_loop_invariant_A - 2 -
foo_loop_invariant_B - 2 -
foo_loop_invariant_C - 2 -
- foo_smoke_loop_invariant_s2 - 1 -
+ foo_wp_smoke_dead_code_s7 - 1 -
+ foo_wp_smoke_dead_code_s9 - 1 -
+ foo_wp_smoke_dead_loop_s2 - 1 -
-------------------------------------------------------------
Success: 100%
- Total : 5 properties
- Valid : 5
+ Total : 7 properties
+ Valid : 7
Failed : -
-------------------------------------------------------------
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_unroll.0.session/cache/2e52caad3f8b8552be7c703a245947cf.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_unroll.0.session/cache/2e52caad3f8b8552be7c703a245947cf.json
new file mode 100644
index 0000000000000000000000000000000000000000..56c395504289168c539ec44e6877a919ac85adc8
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_unroll.0.session/cache/2e52caad3f8b8552be7c703a245947cf.json
@@ -0,0 +1 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "unknown" }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_unroll.res.oracle b/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_unroll.res.oracle
index 236bb768af819213e23ca5e4811ad31fc14adf13..bcd42d15cb2eeff852f0551d2c583c32f4569787 100644
--- a/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_unroll.res.oracle
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/doomed_unroll.res.oracle
@@ -5,12 +5,16 @@
[wp] Warning: Missing RTE guards
[wp] tests/wp_plugin/doomed_unroll.i:15: Warning:
Missing assigns clause (assigns 'everything' instead)
-[wp] 2 goals scheduled
+[wp] 5 goals scheduled
+[wp] [Passed] Smoke-test typed_foo_wp_smoke_dead_code_s27
+[wp] [Passed] Smoke-test typed_foo_wp_smoke_dead_code_s31
+[wp] [Passed] Smoke-test typed_foo_wp_smoke_dead_code_s35
[wp] [Qed] Goal typed_foo_loop_invariant_preserved : Valid
[wp] [Qed] Goal typed_foo_loop_invariant_established : Valid
-[wp] Proved goals: 2 / 2
- Qed: 2
+[wp] Proved goals: 5 / 5
+ Qed: 2
+ Alt-Ergo: 3
------------------------------------------------------------
Functions WP Alt-Ergo Total Success
- foo 2 - 2 100%
+ foo 2 3 5 100%
------------------------------------------------------------
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/dynamic.0.session/cache/7c61992a1e5557d753841a5f66eef4ae.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/dynamic.0.session/cache/7c61992a1e5557d753841a5f66eef4ae.json
new file mode 100644
index 0000000000000000000000000000000000000000..2d98e0d913af705fdfc792e42de1b6000ef6a647
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/dynamic.0.session/cache/7c61992a1e5557d753841a5f66eef4ae.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0208,
+ "steps": 9 }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/dynamic.0.session/cache/dd5c27a7c1200d3431d2c30bf2899942.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/dynamic.0.session/cache/dd5c27a7c1200d3431d2c30bf2899942.json
new file mode 100644
index 0000000000000000000000000000000000000000..578c8dca137ce953ee6a536217ec2dc0b46e97f8
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/dynamic.0.session/cache/dd5c27a7c1200d3431d2c30bf2899942.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0243,
+ "steps": 15 }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/dynamic.0.session/cache/e2e624a33e02433818d9a93dc4b967fb.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/dynamic.0.session/cache/e2e624a33e02433818d9a93dc4b967fb.json
new file mode 100644
index 0000000000000000000000000000000000000000..56c395504289168c539ec44e6877a919ac85adc8
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/dynamic.0.session/cache/e2e624a33e02433818d9a93dc4b967fb.json
@@ -0,0 +1 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "unknown" }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/dynamic.0.session/cache/f8e79502a4545e9f174c055480b11bad.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/dynamic.0.session/cache/f8e79502a4545e9f174c055480b11bad.json
new file mode 100644
index 0000000000000000000000000000000000000000..442ae3034e442b80f8b6dafe142976f91d2463f1
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/dynamic.0.session/cache/f8e79502a4545e9f174c055480b11bad.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0328,
+ "steps": 47 }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/f.dot b/src/plugins/wp/tests/wp_plugin/oracle_qualif/f.dot
index 9b4f1de3952bd66b028d1df4dd8ce7f4c147085a..077cfed3a2e1434664df16c14606fadf8d9e4e0c 100644
--- a/src/plugins/wp/tests/wp_plugin/oracle_qualif/f.dot
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/f.dot
@@ -2,89 +2,73 @@ digraph f {
rankdir = TB ;
node [ style = filled, shape = box ] ;
N000 [ color = red, shape = circle, label = "*" ] ;
- N074 [ color=red , label="Prove f_ensures" ] ;
- N074 -> N000 [ style=dotted ] ;
- N075 [ color=red , label="Prove f_ensures_2" ] ;
- N075 -> N074 [ style=dotted ] ;
- N076 [ label="" , shape=circle ] ;
+ N056 [ color=red , label="Prove f_ensures" ] ;
+ N056 -> N000 [ style=dotted ] ;
+ N057 [ color=red , label="Prove f_ensures_2" ] ;
+ N057 -> N056 [ style=dotted ] ;
+ N058 [ label="" , shape=circle ] ;
+ N058 -> N057 ;
+ N058 -> N056 ;
+ N059 [ color=lightblue , label="F-out { a b }" ] ;
+ N059 -> N058 ;
+ N060 [ label="Label wp:post" ] ;
+ N060 -> N059 ;
+ N061 [ color=lightblue , label="B-out { __retres }" ] ;
+ N061 -> N060 ;
+ N062 [ color=orange , label="Return __retres" ] ;
+ N062 -> N061 ;
+ N063 [ label="Label wp:sid27 (Stmt s27)" ] ;
+ N063 -> N062 ;
+ N064 [ label="Label wp:sid26 (Stmt s26)" ] ;
+ N064 -> N063 ;
+ N065 [ color=green , label="Assume f_assert" ] ;
+ N065 -> N064 ;
+ N066 [ color=red , label="Prove f_assert" ] ;
+ N066 -> N065 [ style=dotted ] ;
+ N067 [ label="" , shape=circle ] ;
+ N067 -> N066 ;
+ N067 -> N065 ;
+ N068 [ label="Label wp:sid25 (Stmt s25)" ] ;
+ N068 -> N067 ;
+ N069 [ color=orange , label="__retres := a + b" ] ;
+ N069 -> N068 ;
+ N070 [ label="Label wp:sid6 (Stmt s6)" ] ;
+ N070 -> N069 ;
+ N071 [ label="Label wp:sid24 (Stmt s24)" ] ;
+ N071 -> N070 ;
+ N072 [ color=orange , label="Return __retres" ] ;
+ N072 -> N061 ;
+ N073 [ label="Label wp:sid27 (Stmt s27)" ] ;
+ N073 -> N072 ;
+ N074 [ color=orange , label="__retres := -1" ] ;
+ N074 -> N073 ;
+ N075 [ label="Label wp:sid8 (Stmt s8)" ] ;
+ N075 -> N074 ;
+ N076 [ color=green , label="Assume f_ensures_3" ] ;
N076 -> N075 ;
- N076 -> N074 ;
- N077 [ color=lightblue , label="F-out { a b }" ] ;
+ N077 [ color=orange , label="Havoc f_assigns:
+assigns __retres;" ] ;
N077 -> N076 ;
- N078 [ label="Label wp:post" ] ;
- N078 -> N077 ;
- N079 [ color=lightblue , label="B-out { __retres }" ] ;
+ N078 [ color=cyan , label="If a > 0" ] ;
+ N078 -> N071 ;
+ N078 -> N000 [ style=dotted ];
+ N079 [ label="Label wp:sid4 (Stmt s4)" ] ;
N079 -> N078 ;
- N080 [ color=orange , label="Return __retres" ] ;
+ N080 [ label="" , shape=circle ] ;
+ N080 -> N077 ;
N080 -> N079 ;
- N081 [ color=lightblue , label="B-out { }" ] ;
+ N081 [ label="Label wp:sid2 (Stmt s2)" ] ;
N081 -> N080 ;
- N082 [ color=lightblue , label="B-out { }" ] ;
+ N082 [ color=lightblue , label="B-in { __retres }" ] ;
N082 -> N081 ;
- N083 [ color=lightblue , label="B-out { }" ] ;
+ N083 [ color=lightblue , label="F-frame { a b }" ] ;
N083 -> N082 ;
- N084 [ label="Label wp:sid27 (Stmt s27)" ] ;
+ N084 [ label="Label wp:pre" ] ;
N084 -> N083 ;
- N085 [ label="Label wp:sid26 (Stmt s26)" ] ;
+ N085 [ color=lightblue , label="F-in { a b }" ] ;
N085 -> N084 ;
- N086 [ color=green , label="Assume f_assert" ] ;
+ N086 [ color=lightblue , label="Global { }" ] ;
N086 -> N085 ;
- N087 [ color=red , label="Prove f_assert" ] ;
- N087 -> N086 [ style=dotted ] ;
- N088 [ label="" , shape=circle ] ;
- N088 -> N087 ;
- N088 -> N086 ;
- N089 [ label="Label wp:sid25 (Stmt s25)" ] ;
- N089 -> N088 ;
- N090 [ color=orange , label="__retres := a + b" ] ;
- N090 -> N089 ;
- N091 [ label="Label wp:sid6 (Stmt s6)" ] ;
- N091 -> N090 ;
- N092 [ color=lightblue , label="B-in { }" ] ;
- N092 -> N091 ;
- N093 [ label="Label wp:sid24 (Stmt s24)" ] ;
- N093 -> N092 ;
- N094 [ color=lightblue , label="B-in { }" ] ;
- N094 -> N093 ;
- N095 [ color=orange , label="Return __retres" ] ;
- N095 -> N079 ;
- N096 [ label="Label wp:sid27 (Stmt s27)" ] ;
- N096 -> N095 ;
- N097 [ color=orange , label="__retres := -1" ] ;
- N097 -> N096 ;
- N098 [ label="Label wp:sid8 (Stmt s8)" ] ;
- N098 -> N097 ;
- N099 [ color=green , label="Assume f_ensures_3" ] ;
- N099 -> N098 ;
- N100 [ color=orange , label="Havoc f_assigns:
-assigns __retres;" ] ;
- N100 -> N099 ;
- N101 [ color=lightblue , label="B-in { }" ] ;
- N101 -> N000 [ style=dotted ];
- N102 [ color=lightblue , label="B-out { }" ] ;
- N102 -> N101 ;
- N103 [ color=cyan , label="If a > 0" ] ;
- N103 -> N094 ;
- N103 -> N102 ;
- N104 [ label="Label wp:sid4 (Stmt s4)" ] ;
- N104 -> N103 ;
- N105 [ color=lightblue , label="B-in { }" ] ;
- N105 -> N104 ;
- N106 [ label="" , shape=circle ] ;
- N106 -> N100 ;
- N106 -> N105 ;
- N107 [ label="Label wp:sid2 (Stmt s2)" ] ;
- N107 -> N106 ;
- N108 [ color=lightblue , label="B-in { __retres }" ] ;
- N108 -> N107 ;
- N109 [ color=lightblue , label="F-frame { a b }" ] ;
- N109 -> N108 ;
- N110 [ label="Label wp:pre" ] ;
- N110 -> N109 ;
- N111 [ color=lightblue , label="F-in { a b }" ] ;
- N111 -> N110 ;
- N112 [ color=lightblue , label="Global { }" ] ;
- N112 -> N111 ;
- N113 [ color=cyan , label="Function f" ] ;
- N113 -> N112 ;
+ N087 [ color=cyan , label="Function f" ] ;
+ N087 -> N086 ;
}
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/f_default_for_stmt_2.dot b/src/plugins/wp/tests/wp_plugin/oracle_qualif/f_default_for_stmt_2.dot
index e5347d619f1af81ecddd15d1235eea49dbb1e2b1..be3a8a3a5db7557308b6a855e36ed03b49a2a6ea 100644
--- a/src/plugins/wp/tests/wp_plugin/oracle_qualif/f_default_for_stmt_2.dot
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/f_default_for_stmt_2.dot
@@ -2,80 +2,64 @@ digraph f {
rankdir = TB ;
node [ style = filled, shape = box ] ;
N000 [ color = red, shape = circle, label = "*" ] ;
- N114 [ color=lightblue , label="F-out { a b }" ] ;
- N114 -> N000 [ style=dotted ];
- N115 [ label="Label wp:post" ] ;
+ N088 [ color=lightblue , label="F-out { a b }" ] ;
+ N088 -> N000 [ style=dotted ];
+ N089 [ label="Label wp:post" ] ;
+ N089 -> N088 ;
+ N090 [ color=lightblue , label="B-out { __retres }" ] ;
+ N090 -> N089 ;
+ N091 [ color=orange , label="Return __retres" ] ;
+ N091 -> N090 ;
+ N092 [ label="Label wp:sid27 (Stmt s27)" ] ;
+ N092 -> N091 ;
+ N093 [ label="Label wp:sid26 (Stmt s26)" ] ;
+ N093 -> N092 ;
+ N094 [ color=green , label="Assume f_assert" ] ;
+ N094 -> N093 ;
+ N095 [ label="Label wp:sid25 (Stmt s25)" ] ;
+ N095 -> N094 ;
+ N096 [ color=orange , label="__retres := a + b" ] ;
+ N096 -> N095 ;
+ N097 [ label="Label wp:sid6 (Stmt s6)" ] ;
+ N097 -> N096 ;
+ N098 [ label="Label wp:sid24 (Stmt s24)" ] ;
+ N098 -> N097 ;
+ N099 [ color=orange , label="Return __retres" ] ;
+ N099 -> N090 ;
+ N100 [ label="Label wp:sid27 (Stmt s27)" ] ;
+ N100 -> N099 ;
+ N101 [ color=orange , label="__retres := -1" ] ;
+ N101 -> N100 ;
+ N102 [ label="Label wp:sid8 (Stmt s8)" ] ;
+ N102 -> N101 ;
+ N103 [ color=green , label="Assume f_ensures_3" ] ;
+ N103 -> N102 ;
+ N104 [ color=red , label="Assigns f_assigns" ] ;
+ N105 [ label="" , shape=circle ] ;
+ N105 -> N104 ;
+ N105 -> N103 ;
+ N106 [ color=red , label="Prove f_ensures_3" ] ;
+ N106 -> N105 [ style=dotted ] ;
+ N107 [ label="" , shape=circle ] ;
+ N107 -> N106 ;
+ N107 -> N105 ;
+ N108 [ color=cyan , label="If a > 0" ] ;
+ N108 -> N098 ;
+ N108 -> N107 ;
+ N109 [ label="Label wp:sid4 (Stmt s4)" ] ;
+ N109 -> N108 ;
+ N110 [ label="Label wp:sid2 (Stmt s2)" ] ;
+ N110 -> N109 ;
+ N111 [ color=lightblue , label="B-in { __retres }" ] ;
+ N111 -> N110 ;
+ N112 [ color=lightblue , label="F-frame { a b }" ] ;
+ N112 -> N111 ;
+ N113 [ label="Label wp:pre" ] ;
+ N113 -> N112 ;
+ N114 [ color=lightblue , label="F-in { a b }" ] ;
+ N114 -> N113 ;
+ N115 [ color=lightblue , label="Global { }" ] ;
N115 -> N114 ;
- N116 [ color=lightblue , label="B-out { __retres }" ] ;
+ N116 [ color=cyan , label="Function f" ] ;
N116 -> N115 ;
- N117 [ color=orange , label="Return __retres" ] ;
- N117 -> N116 ;
- N118 [ color=lightblue , label="B-out { }" ] ;
- N118 -> N117 ;
- N119 [ color=lightblue , label="B-out { }" ] ;
- N119 -> N118 ;
- N120 [ color=lightblue , label="B-out { }" ] ;
- N120 -> N119 ;
- N121 [ label="Label wp:sid27 (Stmt s27)" ] ;
- N121 -> N120 ;
- N122 [ label="Label wp:sid26 (Stmt s26)" ] ;
- N122 -> N121 ;
- N123 [ color=green , label="Assume f_assert" ] ;
- N123 -> N122 ;
- N124 [ label="Label wp:sid25 (Stmt s25)" ] ;
- N124 -> N123 ;
- N125 [ color=orange , label="__retres := a + b" ] ;
- N125 -> N124 ;
- N126 [ label="Label wp:sid6 (Stmt s6)" ] ;
- N126 -> N125 ;
- N127 [ color=lightblue , label="B-in { }" ] ;
- N127 -> N126 ;
- N128 [ label="Label wp:sid24 (Stmt s24)" ] ;
- N128 -> N127 ;
- N129 [ color=lightblue , label="B-in { }" ] ;
- N129 -> N128 ;
- N130 [ color=orange , label="Return __retres" ] ;
- N130 -> N116 ;
- N131 [ label="Label wp:sid27 (Stmt s27)" ] ;
- N131 -> N130 ;
- N132 [ color=orange , label="__retres := -1" ] ;
- N132 -> N131 ;
- N133 [ label="Label wp:sid8 (Stmt s8)" ] ;
- N133 -> N132 ;
- N134 [ color=green , label="Assume f_ensures_3" ] ;
- N134 -> N133 ;
- N135 [ color=red , label="Assigns f_assigns" ] ;
- N136 [ label="" , shape=circle ] ;
- N136 -> N135 ;
- N136 -> N134 ;
- N137 [ color=red , label="Prove f_ensures_3" ] ;
- N137 -> N136 [ style=dotted ] ;
- N138 [ label="" , shape=circle ] ;
- N138 -> N137 ;
- N138 -> N136 ;
- N139 [ color=lightblue , label="B-in { }" ] ;
- N139 -> N138 ;
- N140 [ color=lightblue , label="B-out { }" ] ;
- N140 -> N139 ;
- N141 [ color=cyan , label="If a > 0" ] ;
- N141 -> N129 ;
- N141 -> N140 ;
- N142 [ label="Label wp:sid4 (Stmt s4)" ] ;
- N142 -> N141 ;
- N143 [ color=lightblue , label="B-in { }" ] ;
- N143 -> N142 ;
- N144 [ label="Label wp:sid2 (Stmt s2)" ] ;
- N144 -> N143 ;
- N145 [ color=lightblue , label="B-in { __retres }" ] ;
- N145 -> N144 ;
- N146 [ color=lightblue , label="F-frame { a b }" ] ;
- N146 -> N145 ;
- N147 [ label="Label wp:pre" ] ;
- N147 -> N146 ;
- N148 [ color=lightblue , label="F-in { a b }" ] ;
- N148 -> N147 ;
- N149 [ color=lightblue , label="Global { }" ] ;
- N149 -> N148 ;
- N150 [ color=cyan , label="Function f" ] ;
- N150 -> N149 ;
}
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/flash.0.session/cache/62c8c83348d53abd331942b7638c0e65.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/flash.0.session/cache/62c8c83348d53abd331942b7638c0e65.json
new file mode 100644
index 0000000000000000000000000000000000000000..e4c3de15c1aebc842360540b0be4a3a50bb7a72c
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/flash.0.session/cache/62c8c83348d53abd331942b7638c0e65.json
@@ -0,0 +1 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "timeout", "time": 1. }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/flash.0.session/cache/ad24c8fdc842200098097f4c5b243a1b.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/flash.0.session/cache/ad24c8fdc842200098097f4c5b243a1b.json
new file mode 100644
index 0000000000000000000000000000000000000000..e4c3de15c1aebc842360540b0be4a3a50bb7a72c
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/flash.0.session/cache/ad24c8fdc842200098097f4c5b243a1b.json
@@ -0,0 +1 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "timeout", "time": 1. }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/flash.0.session/cache/d57a0b96fe98d0e1d1578d06300ae6af.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/flash.0.session/cache/d57a0b96fe98d0e1d1578d06300ae6af.json
new file mode 100644
index 0000000000000000000000000000000000000000..e4c3de15c1aebc842360540b0be4a3a50bb7a72c
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/flash.0.session/cache/d57a0b96fe98d0e1d1578d06300ae6af.json
@@ -0,0 +1 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "timeout", "time": 1. }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/flash.0.session/cache/e98f4a09d201fc4ff4b2c17441acaa8d.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/flash.0.session/cache/e98f4a09d201fc4ff4b2c17441acaa8d.json
new file mode 100644
index 0000000000000000000000000000000000000000..e4c3de15c1aebc842360540b0be4a3a50bb7a72c
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/flash.0.session/cache/e98f4a09d201fc4ff4b2c17441acaa8d.json
@@ -0,0 +1 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "timeout", "time": 1. }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/flash.0.session/cache/fb1ff75dc8c936a96751f5ffdde36e50.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/flash.0.session/cache/fb1ff75dc8c936a96751f5ffdde36e50.json
new file mode 100644
index 0000000000000000000000000000000000000000..e4c3de15c1aebc842360540b0be4a3a50bb7a72c
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/flash.0.session/cache/fb1ff75dc8c936a96751f5ffdde36e50.json
@@ -0,0 +1 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "timeout", "time": 1. }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/flash.1.session/cache/354efda647c2b52e3acf13bee479341a.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/flash.1.session/cache/354efda647c2b52e3acf13bee479341a.json
new file mode 100644
index 0000000000000000000000000000000000000000..614749b24dece18d278c66aeb4b3028d8f98b8e8
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/flash.1.session/cache/354efda647c2b52e3acf13bee479341a.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.036,
+ "steps": 37 }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/flash.1.session/cache/5a90230e76db08ca4977aaefa5af6afc.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/flash.1.session/cache/5a90230e76db08ca4977aaefa5af6afc.json
new file mode 100644
index 0000000000000000000000000000000000000000..64ee4bae05a3d6aa9cc4e6752639eeffdeaf5329
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/flash.1.session/cache/5a90230e76db08ca4977aaefa5af6afc.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0396,
+ "steps": 39 }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/flash.1.session/cache/687c6ba705dc05a8d976db9c98dbc1b7.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/flash.1.session/cache/687c6ba705dc05a8d976db9c98dbc1b7.json
new file mode 100644
index 0000000000000000000000000000000000000000..ba6b58882b3ce8def81d7621a4032037145c23fb
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/flash.1.session/cache/687c6ba705dc05a8d976db9c98dbc1b7.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0335,
+ "steps": 34 }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/flash.1.session/cache/6d33d3e9e0c138689b7b7b81af41c61b.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/flash.1.session/cache/6d33d3e9e0c138689b7b7b81af41c61b.json
new file mode 100644
index 0000000000000000000000000000000000000000..e83db7513ec2a941b8e6610df6ca0e8d55d611e5
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/flash.1.session/cache/6d33d3e9e0c138689b7b7b81af41c61b.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.028,
+ "steps": 34 }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/flash.1.session/cache/d1203dcf4cb1b7eb56cc98aaeee8d670.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/flash.1.session/cache/d1203dcf4cb1b7eb56cc98aaeee8d670.json
new file mode 100644
index 0000000000000000000000000000000000000000..a2ca9a1e0582b60f08246338d843adad6f29c590
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/flash.1.session/cache/d1203dcf4cb1b7eb56cc98aaeee8d670.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0347,
+ "steps": 34 }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/float_format.2.session/cache/7c52f41beefbdb46d7a18dde9bbf2bf8.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/float_format.2.session/cache/7c52f41beefbdb46d7a18dde9bbf2bf8.json
new file mode 100644
index 0000000000000000000000000000000000000000..43afa6298c655fa57d10a7b891cc261abadb2b73
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/float_format.2.session/cache/7c52f41beefbdb46d7a18dde9bbf2bf8.json
@@ -0,0 +1 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "stepout", "steps": 50 }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/float_real.1.session/cache/6c499bc384463731f06e46d71bc8ca72.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/float_real.1.session/cache/6c499bc384463731f06e46d71bc8ca72.json
new file mode 100644
index 0000000000000000000000000000000000000000..b8e36e2803fcc35bf7625695f4ebcfc62989c064
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/float_real.1.session/cache/6c499bc384463731f06e46d71bc8ca72.json
@@ -0,0 +1 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "timeout", "time": 10. }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/float_real.1.session/cache/d8be6e9b6d537a313b4ec0e4a4a74e3a.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/float_real.1.session/cache/d8be6e9b6d537a313b4ec0e4a4a74e3a.json
new file mode 100644
index 0000000000000000000000000000000000000000..b8e36e2803fcc35bf7625695f4ebcfc62989c064
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/float_real.1.session/cache/d8be6e9b6d537a313b4ec0e4a4a74e3a.json
@@ -0,0 +1 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "timeout", "time": 10. }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/frame.0.session/cache/b475650b9898e2e1a3a99a196f007c1d.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/frame.0.session/cache/b475650b9898e2e1a3a99a196f007c1d.json
new file mode 100644
index 0000000000000000000000000000000000000000..b8e36e2803fcc35bf7625695f4ebcfc62989c064
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/frame.0.session/cache/b475650b9898e2e1a3a99a196f007c1d.json
@@ -0,0 +1 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "timeout", "time": 10. }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/frame.0.session/cache/c226acb64e8c66b0e8ce990e608b7583.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/frame.0.session/cache/c226acb64e8c66b0e8ce990e608b7583.json
new file mode 100644
index 0000000000000000000000000000000000000000..b8e36e2803fcc35bf7625695f4ebcfc62989c064
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/frame.0.session/cache/c226acb64e8c66b0e8ce990e608b7583.json
@@ -0,0 +1 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "timeout", "time": 10. }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/g.dot b/src/plugins/wp/tests/wp_plugin/oracle_qualif/g.dot
index 5cdbeab832713294f78f544c2edaf44cee84135c..4fffdb8fb16edd8f2e3eb57b430c493b7f3da9f4 100644
--- a/src/plugins/wp/tests/wp_plugin/oracle_qualif/g.dot
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/g.dot
@@ -2,55 +2,47 @@ digraph g {
rankdir = TB ;
node [ style = filled, shape = box ] ;
N000 [ color = red, shape = circle, label = "*" ] ;
- N049 [ color=red , label="Prove g_ensures_2" ] ;
- N049 -> N000 [ style=dotted ] ;
- N050 [ color=lightblue , label="F-out { a b }" ] ;
+ N035 [ color=red , label="Prove g_ensures_2" ] ;
+ N035 -> N000 [ style=dotted ] ;
+ N036 [ color=lightblue , label="F-out { a b }" ] ;
+ N036 -> N035 ;
+ N037 [ label="Label wp:post" ] ;
+ N037 -> N036 ;
+ N038 [ color=lightblue , label="B-out { __retres }" ] ;
+ N038 -> N037 ;
+ N039 [ color=orange , label="Return __retres" ] ;
+ N039 -> N038 ;
+ N040 [ label="Label wp:sid32 (Stmt s32)" ] ;
+ N040 -> N039 ;
+ N041 [ label="Label wp:sid31 (Stmt s31)" ] ;
+ N041 -> N040 ;
+ N042 [ color=green , label="Assume g_assert" ] ;
+ N042 -> N041 ;
+ N043 [ color=red , label="Prove g_assert" ] ;
+ N043 -> N042 [ style=dotted ] ;
+ N044 [ label="" , shape=circle ] ;
+ N044 -> N043 ;
+ N044 -> N042 ;
+ N045 [ label="Label wp:sid30 (Stmt s30)" ] ;
+ N045 -> N044 ;
+ N046 [ color=orange , label="__retres := a + b" ] ;
+ N046 -> N045 ;
+ N047 [ label="Label wp:sid13 (Stmt s13)" ] ;
+ N047 -> N046 ;
+ N048 [ label="Label wp:sid29 (Stmt s29)" ] ;
+ N048 -> N047 ;
+ N049 [ label="Label wp:sid11 (Stmt s11)" ] ;
+ N049 -> N048 ;
+ N050 [ color=lightblue , label="B-in { __retres }" ] ;
N050 -> N049 ;
- N051 [ label="Label wp:post" ] ;
+ N051 [ color=lightblue , label="F-frame { a b }" ] ;
N051 -> N050 ;
- N052 [ color=lightblue , label="B-out { __retres }" ] ;
+ N052 [ label="Label wp:pre" ] ;
N052 -> N051 ;
- N053 [ color=orange , label="Return __retres" ] ;
+ N053 [ color=lightblue , label="F-in { a b }" ] ;
N053 -> N052 ;
- N054 [ color=lightblue , label="B-out { }" ] ;
+ N054 [ color=lightblue , label="Global { }" ] ;
N054 -> N053 ;
- N055 [ color=lightblue , label="B-out { }" ] ;
+ N055 [ color=cyan , label="Function g" ] ;
N055 -> N054 ;
- N056 [ label="Label wp:sid32 (Stmt s32)" ] ;
- N056 -> N055 ;
- N057 [ label="Label wp:sid31 (Stmt s31)" ] ;
- N057 -> N056 ;
- N058 [ color=green , label="Assume g_assert" ] ;
- N058 -> N057 ;
- N059 [ color=red , label="Prove g_assert" ] ;
- N059 -> N058 [ style=dotted ] ;
- N060 [ label="" , shape=circle ] ;
- N060 -> N059 ;
- N060 -> N058 ;
- N061 [ label="Label wp:sid30 (Stmt s30)" ] ;
- N061 -> N060 ;
- N062 [ color=orange , label="__retres := a + b" ] ;
- N062 -> N061 ;
- N063 [ label="Label wp:sid13 (Stmt s13)" ] ;
- N063 -> N062 ;
- N064 [ color=lightblue , label="B-in { }" ] ;
- N064 -> N063 ;
- N065 [ label="Label wp:sid29 (Stmt s29)" ] ;
- N065 -> N064 ;
- N066 [ color=lightblue , label="B-in { }" ] ;
- N066 -> N065 ;
- N067 [ label="Label wp:sid11 (Stmt s11)" ] ;
- N067 -> N066 ;
- N068 [ color=lightblue , label="B-in { __retres }" ] ;
- N068 -> N067 ;
- N069 [ color=lightblue , label="F-frame { a b }" ] ;
- N069 -> N068 ;
- N070 [ label="Label wp:pre" ] ;
- N070 -> N069 ;
- N071 [ color=lightblue , label="F-in { a b }" ] ;
- N071 -> N070 ;
- N072 [ color=lightblue , label="Global { }" ] ;
- N072 -> N071 ;
- N073 [ color=cyan , label="Function g" ] ;
- N073 -> N072 ;
}
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/init_const_guard.0.session/cache/22137e3a0e8bb8e5c6f558c96a8b0584.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/init_const_guard.0.session/cache/22137e3a0e8bb8e5c6f558c96a8b0584.json
new file mode 100644
index 0000000000000000000000000000000000000000..56c395504289168c539ec44e6877a919ac85adc8
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/init_const_guard.0.session/cache/22137e3a0e8bb8e5c6f558c96a8b0584.json
@@ -0,0 +1 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "unknown" }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/init_const_guard.0.session/cache/3aa6fff5b9a5f4e04964329dadd25933.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/init_const_guard.0.session/cache/3aa6fff5b9a5f4e04964329dadd25933.json
new file mode 100644
index 0000000000000000000000000000000000000000..78b3148f130d5013055be4b90faf7458cbe545b6
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/init_const_guard.0.session/cache/3aa6fff5b9a5f4e04964329dadd25933.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0249,
+ "steps": 20 }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/init_const_guard.0.session/cache/eb1a359dc7730155217ac94756d7dffa.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/init_const_guard.0.session/cache/eb1a359dc7730155217ac94756d7dffa.json
new file mode 100644
index 0000000000000000000000000000000000000000..a0460faedf5120ce4edf09a5ac44b21ae90511a7
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/init_const_guard.0.session/cache/eb1a359dc7730155217ac94756d7dffa.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0234,
+ "steps": 18 }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/initarr.0.session/cache/25c9ec98fb41e974a3fac1a61d027acc.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/initarr.0.session/cache/25c9ec98fb41e974a3fac1a61d027acc.json
new file mode 100644
index 0000000000000000000000000000000000000000..e691467203251304b9951c3424468881cf91297e
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/initarr.0.session/cache/25c9ec98fb41e974a3fac1a61d027acc.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0222,
+ "steps": 23 }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/initarr.0.session/cache/42ee58e19309bd5df73821e3cfd04518.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/initarr.0.session/cache/42ee58e19309bd5df73821e3cfd04518.json
new file mode 100644
index 0000000000000000000000000000000000000000..f7715aa6cf05a5ff7451e54e4362f8e1f4e0a6e8
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/initarr.0.session/cache/42ee58e19309bd5df73821e3cfd04518.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0243,
+ "steps": 34 }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/loop.0.session/cache/185d1270b8988dc69c4d7d49e40360fe.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/loop.0.session/cache/185d1270b8988dc69c4d7d49e40360fe.json
new file mode 100644
index 0000000000000000000000000000000000000000..abc7eea4d61d894a6308f81da06f8628dd93b8a9
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/loop.0.session/cache/185d1270b8988dc69c4d7d49e40360fe.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0329,
+ "steps": 32 }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/loop.0.session/cache/6094e7c19eba3f50fb8b90f9528226e9.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/loop.0.session/cache/6094e7c19eba3f50fb8b90f9528226e9.json
new file mode 100644
index 0000000000000000000000000000000000000000..2a15d2aa73c22d2758cc08f4a91eea01cd8ff7db
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/loop.0.session/cache/6094e7c19eba3f50fb8b90f9528226e9.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0224,
+ "steps": 14 }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/loop.0.session/cache/67237129e97d7ae8d5ff4b62d632af5c.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/loop.0.session/cache/67237129e97d7ae8d5ff4b62d632af5c.json
new file mode 100644
index 0000000000000000000000000000000000000000..a218d6a773374c1a60d0d8c713a039474d45e101
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/loop.0.session/cache/67237129e97d7ae8d5ff4b62d632af5c.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0241,
+ "steps": 19 }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/loop.0.session/cache/d9a9c67c0ce931a0559a5db9f619abd9.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/loop.0.session/cache/d9a9c67c0ce931a0559a5db9f619abd9.json
new file mode 100644
index 0000000000000000000000000000000000000000..bdc8b60cd9e91c077007448b6056dc12affd60ca
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/loop.0.session/cache/d9a9c67c0ce931a0559a5db9f619abd9.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0252,
+ "steps": 29 }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/loop.0.session/cache/ed73ec0948ff5ae6b53fce8a8adada7a.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/loop.0.session/cache/ed73ec0948ff5ae6b53fce8a8adada7a.json
new file mode 100644
index 0000000000000000000000000000000000000000..b28afb6928344eae147e9fe69693fe1fcf7ebb9d
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/loop.0.session/cache/ed73ec0948ff5ae6b53fce8a8adada7a.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.057,
+ "steps": 70 }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/loop.0.session/cache/fa725e97995b55101c0cf42a29c0f813.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/loop.0.session/cache/fa725e97995b55101c0cf42a29c0f813.json
new file mode 100644
index 0000000000000000000000000000000000000000..b8e36e2803fcc35bf7625695f4ebcfc62989c064
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/loop.0.session/cache/fa725e97995b55101c0cf42a29c0f813.json
@@ -0,0 +1 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "timeout", "time": 10. }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/model.0.session/cache/438d25bfabd351c105105d10af4c170a.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/model.0.session/cache/438d25bfabd351c105105d10af4c170a.json
new file mode 100644
index 0000000000000000000000000000000000000000..b8e36e2803fcc35bf7625695f4ebcfc62989c064
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/model.0.session/cache/438d25bfabd351c105105d10af4c170a.json
@@ -0,0 +1 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "timeout", "time": 10. }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/model.res.oracle b/src/plugins/wp/tests/wp_plugin/oracle_qualif/model.res.oracle
index 43185ba1c3656c14646138ccf74ce2429e2ce6c6..45defe11c252e1fdb22342768b34b459e48ce881 100644
--- a/src/plugins/wp/tests/wp_plugin/oracle_qualif/model.res.oracle
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/model.res.oracle
@@ -77,7 +77,7 @@ end
let x = get t (shift_sint32 a i) in
region (base a) <= 0 -> is_sint32 i -> is_sint32 x -> P_P x
end
-[wp] [Alt-Ergo] Goal typed_f_ensures : Typechecked
+[wp] [Alt-Ergo] Goal typed_f_ensures : Unsuccess
[wp] Proved goals: 0 / 1
Alt-Ergo: 0 (unsuccess: 1)
------------------------------------------------------------
@@ -115,7 +115,7 @@ end
let x = get t (shift_sint32 a i) in
region (base a) <= 0 -> is_sint32 i -> is_sint32 x -> P_P x
end
-[wp] [Alt-Ergo] Goal typed_f_ensures : Typechecked
+[wp] [Alt-Ergo] Goal typed_f_ensures : Unsuccess
---------------------------------------------
--- Context 'typed_ref_f' Cluster 'Compound'
---------------------------------------------
@@ -187,7 +187,7 @@ end
let x = get1 t (shift_sint321 a i) in
region1 (base1 a) <=' 0 -> is_sint321 i -> is_sint321 x -> P_P1 x
end
-[wp] [Alt-Ergo] Goal typed_ref_f_ensures : Typechecked
+[wp] [Alt-Ergo] Goal typed_ref_f_ensures : Unsuccess
[wp] Proved goals: 0 / 2
Alt-Ergo: 0 (unsuccess: 2)
------------------------------------------------------------
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/overassign.0.session/cache/32e4d5d1ffef8a7dbb1fe8c7d536f845.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/overassign.0.session/cache/32e4d5d1ffef8a7dbb1fe8c7d536f845.json
new file mode 100644
index 0000000000000000000000000000000000000000..56c395504289168c539ec44e6877a919ac85adc8
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/overassign.0.session/cache/32e4d5d1ffef8a7dbb1fe8c7d536f845.json
@@ -0,0 +1 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "unknown" }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/overassign.0.session/cache/3e0d119a220c45bb16b0d7612fae4738.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/overassign.0.session/cache/3e0d119a220c45bb16b0d7612fae4738.json
new file mode 100644
index 0000000000000000000000000000000000000000..e0bdb82d1bf14706135301be06bca6902e4ce63f
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/overassign.0.session/cache/3e0d119a220c45bb16b0d7612fae4738.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0148,
+ "steps": 20 }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/overassign.0.session/cache/725d46c74277558f772438a95d5ffa30.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/overassign.0.session/cache/725d46c74277558f772438a95d5ffa30.json
new file mode 100644
index 0000000000000000000000000000000000000000..7f1fb800312d1d7e41cfdcbbf2d7ec2932d27357
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/overassign.0.session/cache/725d46c74277558f772438a95d5ffa30.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0173,
+ "steps": 14 }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/overassign.0.session/cache/fff4cb231748d3746212595b0892b5f9.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/overassign.0.session/cache/fff4cb231748d3746212595b0892b5f9.json
new file mode 100644
index 0000000000000000000000000000000000000000..56c395504289168c539ec44e6877a919ac85adc8
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/overassign.0.session/cache/fff4cb231748d3746212595b0892b5f9.json
@@ -0,0 +1 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "unknown" }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/prenex.0.session/cache/46c7ee5a8694d5a20e47282f25e34be5.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/prenex.0.session/cache/46c7ee5a8694d5a20e47282f25e34be5.json
new file mode 100644
index 0000000000000000000000000000000000000000..88d6bbc43ebd709d4202bade9a362c3b9f4c3d31
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/prenex.0.session/cache/46c7ee5a8694d5a20e47282f25e34be5.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0232,
+ "steps": 26 }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/prenex.0.session/cache/8051f3e6d0df90db81f77cee4ad63859.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/prenex.0.session/cache/8051f3e6d0df90db81f77cee4ad63859.json
new file mode 100644
index 0000000000000000000000000000000000000000..35313c1650848d10bcd6e3cbb786b9a11560a662
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/prenex.0.session/cache/8051f3e6d0df90db81f77cee4ad63859.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.1419,
+ "steps": 220 }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/prenex.0.session/cache/8091b9c0849f4d1a46e4879e5348fdb0.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/prenex.0.session/cache/8091b9c0849f4d1a46e4879e5348fdb0.json
new file mode 100644
index 0000000000000000000000000000000000000000..648156830dee2e769ea941f45df2d379253b99e8
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/prenex.0.session/cache/8091b9c0849f4d1a46e4879e5348fdb0.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0235,
+ "steps": 23 }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/prenex.0.session/cache/8b223534ba1fa0aa7e4ef5bd8ff12d15.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/prenex.0.session/cache/8b223534ba1fa0aa7e4ef5bd8ff12d15.json
new file mode 100644
index 0000000000000000000000000000000000000000..01d1bbaf245a11192fcbba979c6ce045610cb85c
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/prenex.0.session/cache/8b223534ba1fa0aa7e4ef5bd8ff12d15.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0207,
+ "steps": 30 }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/prenex.0.session/cache/9e537d84dc915243e941b46128dbd193.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/prenex.0.session/cache/9e537d84dc915243e941b46128dbd193.json
new file mode 100644
index 0000000000000000000000000000000000000000..a791f9b3da3c7388fb33c2afd5f13fa5870bd28a
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/prenex.0.session/cache/9e537d84dc915243e941b46128dbd193.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0272,
+ "steps": 31 }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/rte.0.session/cache/23ff27cd5de1ace498e0001fd798be43.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/rte.0.session/cache/23ff27cd5de1ace498e0001fd798be43.json
new file mode 100644
index 0000000000000000000000000000000000000000..56c395504289168c539ec44e6877a919ac85adc8
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/rte.0.session/cache/23ff27cd5de1ace498e0001fd798be43.json
@@ -0,0 +1 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "unknown" }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/rte.0.session/cache/3de2cb0c1d0276cbaa7600ff25e6f29a.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/rte.0.session/cache/3de2cb0c1d0276cbaa7600ff25e6f29a.json
new file mode 100644
index 0000000000000000000000000000000000000000..b8e36e2803fcc35bf7625695f4ebcfc62989c064
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/rte.0.session/cache/3de2cb0c1d0276cbaa7600ff25e6f29a.json
@@ -0,0 +1 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "timeout", "time": 10. }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/rte.0.session/cache/56b7eefc17044e0ff95c99434cf88399.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/rte.0.session/cache/56b7eefc17044e0ff95c99434cf88399.json
new file mode 100644
index 0000000000000000000000000000000000000000..56c395504289168c539ec44e6877a919ac85adc8
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/rte.0.session/cache/56b7eefc17044e0ff95c99434cf88399.json
@@ -0,0 +1 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "unknown" }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/rte.0.session/cache/f978123c614da8cddf33e186f24f3e67.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/rte.0.session/cache/f978123c614da8cddf33e186f24f3e67.json
new file mode 100644
index 0000000000000000000000000000000000000000..b8e36e2803fcc35bf7625695f4ebcfc62989c064
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/rte.0.session/cache/f978123c614da8cddf33e186f24f3e67.json
@@ -0,0 +1 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "timeout", "time": 10. }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/string_c.0.session/cache/33446f0a42119240b0b63f1a2c0bc6ff.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/string_c.0.session/cache/33446f0a42119240b0b63f1a2c0bc6ff.json
new file mode 100644
index 0000000000000000000000000000000000000000..06348a9946e16ec135f420754508e28f7720e9c2
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/string_c.0.session/cache/33446f0a42119240b0b63f1a2c0bc6ff.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0277,
+ "steps": 58 }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/string_c.0.session/cache/3480784fd33fa9f4cae3b169a359cc57.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/string_c.0.session/cache/3480784fd33fa9f4cae3b169a359cc57.json
new file mode 100644
index 0000000000000000000000000000000000000000..cb61223699dd2b547ebce6d8619f9214360e7340
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/string_c.0.session/cache/3480784fd33fa9f4cae3b169a359cc57.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.5984,
+ "steps": 832 }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/string_c.0.session/cache/4bc35b1105da43dc265e953cbf96035d.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/string_c.0.session/cache/4bc35b1105da43dc265e953cbf96035d.json
new file mode 100644
index 0000000000000000000000000000000000000000..c1bbf657537e09c18ad43fa01cbe0aa49bb69d60
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/string_c.0.session/cache/4bc35b1105da43dc265e953cbf96035d.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0457,
+ "steps": 66 }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/string_c.0.session/cache/607e1a10e4ccbf9b5505703cb2087df7.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/string_c.0.session/cache/607e1a10e4ccbf9b5505703cb2087df7.json
new file mode 100644
index 0000000000000000000000000000000000000000..1d238a400f6e71b9885bf0ad4c26a8f9a4e83924
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/string_c.0.session/cache/607e1a10e4ccbf9b5505703cb2087df7.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0426,
+ "steps": 66 }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/string_c.0.session/cache/7d870ce9aa419a3893c0d18e3e2904f5.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/string_c.0.session/cache/7d870ce9aa419a3893c0d18e3e2904f5.json
new file mode 100644
index 0000000000000000000000000000000000000000..d7cd92c3ffc4ddefa88068a1c7eae7b2dc517cd8
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/string_c.0.session/cache/7d870ce9aa419a3893c0d18e3e2904f5.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.4749,
+ "steps": 517 }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/string_c.0.session/cache/7d91bcc945d933f5af6e1e468ae4ecf4.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/string_c.0.session/cache/7d91bcc945d933f5af6e1e468ae4ecf4.json
new file mode 100644
index 0000000000000000000000000000000000000000..16ce60eb7e17c2bfdb65b588323d177ab3ec8907
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/string_c.0.session/cache/7d91bcc945d933f5af6e1e468ae4ecf4.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0303,
+ "steps": 44 }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/string_c.0.session/cache/8101aefca2eee2b8fb6cc34749c9891f.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/string_c.0.session/cache/8101aefca2eee2b8fb6cc34749c9891f.json
new file mode 100644
index 0000000000000000000000000000000000000000..5a6d2bfd341531618fc89bc0692c4ab9f7cee620
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/string_c.0.session/cache/8101aefca2eee2b8fb6cc34749c9891f.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0272,
+ "steps": 33 }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/string_c.0.session/cache/9628de01f82e8d57abe1ca40a3145921.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/string_c.0.session/cache/9628de01f82e8d57abe1ca40a3145921.json
new file mode 100644
index 0000000000000000000000000000000000000000..b053163ec5a5014d93cb24fd54e3a8dcdb78a8df
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/string_c.0.session/cache/9628de01f82e8d57abe1ca40a3145921.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.9878,
+ "steps": 1149 }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/string_c.0.session/cache/98d61fd3dc609926e2d9ed8d866b0ca3.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/string_c.0.session/cache/98d61fd3dc609926e2d9ed8d866b0ca3.json
new file mode 100644
index 0000000000000000000000000000000000000000..4d015d8e273c5214887a53fa597590ff9455c027
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/string_c.0.session/cache/98d61fd3dc609926e2d9ed8d866b0ca3.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0616,
+ "steps": 92 }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/string_c.0.session/cache/ace2089a7d9190f715a07093a9276e98.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/string_c.0.session/cache/ace2089a7d9190f715a07093a9276e98.json
new file mode 100644
index 0000000000000000000000000000000000000000..b8fe15435665f9569f67a2c2a0577fa7c8f8e6cd
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/string_c.0.session/cache/ace2089a7d9190f715a07093a9276e98.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0347,
+ "steps": 57 }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/string_c.0.session/cache/bfef8898939d13a4a34f0035d4718cf6.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/string_c.0.session/cache/bfef8898939d13a4a34f0035d4718cf6.json
new file mode 100644
index 0000000000000000000000000000000000000000..6f6550964d90b7bd6a2741b552e781bbeebed60e
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/string_c.0.session/cache/bfef8898939d13a4a34f0035d4718cf6.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.1302,
+ "steps": 240 }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/string_c.0.session/cache/c78ab4c23e92b597edada513514da04c.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/string_c.0.session/cache/c78ab4c23e92b597edada513514da04c.json
new file mode 100644
index 0000000000000000000000000000000000000000..f49bee313040c0e41f90741dbcc0f2e733ca91ec
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/string_c.0.session/cache/c78ab4c23e92b597edada513514da04c.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.7427,
+ "steps": 792 }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/string_c.0.session/cache/ca73637f01f2f91a0068347eeb9ec94c.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/string_c.0.session/cache/ca73637f01f2f91a0068347eeb9ec94c.json
new file mode 100644
index 0000000000000000000000000000000000000000..dcf968b29b058e406fd07d7bb8f66e4037ef9f54
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/string_c.0.session/cache/ca73637f01f2f91a0068347eeb9ec94c.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.6097,
+ "steps": 695 }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/string_c.0.session/cache/cf51ece0b093233bb0adb1181e349246.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/string_c.0.session/cache/cf51ece0b093233bb0adb1181e349246.json
new file mode 100644
index 0000000000000000000000000000000000000000..a8812b126064482afc4e4e3e379e80016311adc0
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/string_c.0.session/cache/cf51ece0b093233bb0adb1181e349246.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0945,
+ "steps": 149 }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/string_c.0.session/cache/d46d0acf6fd632f8f6119d14bca4ce6a.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/string_c.0.session/cache/d46d0acf6fd632f8f6119d14bca4ce6a.json
new file mode 100644
index 0000000000000000000000000000000000000000..21c5f0a83cfd4f2502b5cce696a46d94a86ec405
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/string_c.0.session/cache/d46d0acf6fd632f8f6119d14bca4ce6a.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0488,
+ "steps": 72 }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/string_c.0.session/cache/d765de4fb3d29a70866cbf36f4fab698.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/string_c.0.session/cache/d765de4fb3d29a70866cbf36f4fab698.json
new file mode 100644
index 0000000000000000000000000000000000000000..475abbd06648709259f6e62684e3ff96929f2998
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/string_c.0.session/cache/d765de4fb3d29a70866cbf36f4fab698.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.1021,
+ "steps": 173 }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/string_c.0.session/cache/e76eb6cb77a00f788ce64e76f562810b.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/string_c.0.session/cache/e76eb6cb77a00f788ce64e76f562810b.json
new file mode 100644
index 0000000000000000000000000000000000000000..88e58a674400876283e78a6c079e6dd3fa5cc7f6
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/string_c.0.session/cache/e76eb6cb77a00f788ce64e76f562810b.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0365,
+ "steps": 65 }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/string_c.0.session/cache/ebb2a53efc61a99e868bcaeccdedd60d.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/string_c.0.session/cache/ebb2a53efc61a99e868bcaeccdedd60d.json
new file mode 100644
index 0000000000000000000000000000000000000000..af49967762745eae931f8eda72ba7e3842254bf4
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/string_c.0.session/cache/ebb2a53efc61a99e868bcaeccdedd60d.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.3147,
+ "steps": 322 }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/string_c.0.session/cache/ef5c696900a376aef83fb21941139a3c.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/string_c.0.session/cache/ef5c696900a376aef83fb21941139a3c.json
new file mode 100644
index 0000000000000000000000000000000000000000..258a750a1372abd970e557034abb6e5d067296d9
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/string_c.0.session/cache/ef5c696900a376aef83fb21941139a3c.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.4215,
+ "steps": 584 }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/string_c.0.session/cache/efd16d0abd5a1c7656466cad2eff1a82.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/string_c.0.session/cache/efd16d0abd5a1c7656466cad2eff1a82.json
new file mode 100644
index 0000000000000000000000000000000000000000..bbeed980902c687e14567c597e4a8a723450ea13
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/string_c.0.session/cache/efd16d0abd5a1c7656466cad2eff1a82.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0213,
+ "steps": 23 }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/string_c.0.session/cache/f24b0ea52a766197c49733f5567e5290.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/string_c.0.session/cache/f24b0ea52a766197c49733f5567e5290.json
new file mode 100644
index 0000000000000000000000000000000000000000..95b03ae2293bcfabe34d17727f89cf12b1d000a8
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/string_c.0.session/cache/f24b0ea52a766197c49733f5567e5290.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0435,
+ "steps": 66 }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/struct_hack.0.session/cache/3c2808a40bb021dbc99953e3c5324934.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/struct_hack.0.session/cache/3c2808a40bb021dbc99953e3c5324934.json
new file mode 100644
index 0000000000000000000000000000000000000000..cf7912a9edae0376cc3e9cf9104bdde42b476b8a
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/struct_hack.0.session/cache/3c2808a40bb021dbc99953e3c5324934.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0259,
+ "steps": 23 }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/struct_hack.0.session/cache/49a728ea0e221f941984978faa18dc8b.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/struct_hack.0.session/cache/49a728ea0e221f941984978faa18dc8b.json
new file mode 100644
index 0000000000000000000000000000000000000000..51a6f9dd086fcea4b7fdbe817053e29f7a9eba1c
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/struct_hack.0.session/cache/49a728ea0e221f941984978faa18dc8b.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0281,
+ "steps": 25 }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/subset.0.session/cache/f11323e3ba20fea4dc00b0c0a4e8c75a.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/subset.0.session/cache/f11323e3ba20fea4dc00b0c0a4e8c75a.json
new file mode 100644
index 0000000000000000000000000000000000000000..1804a45ab8149b1b157190f57129c37f584babec
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/subset.0.session/cache/f11323e3ba20fea4dc00b0c0a4e8c75a.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0489,
+ "steps": 118 }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/subset_fopen.0.session/cache/bbd1bf207aff73a0add5c310a10d82fc.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/subset_fopen.0.session/cache/bbd1bf207aff73a0add5c310a10d82fc.json
new file mode 100644
index 0000000000000000000000000000000000000000..ebdb398fc69e984fb69a30b26007c0fc83c53854
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/subset_fopen.0.session/cache/bbd1bf207aff73a0add5c310a10d82fc.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0658,
+ "steps": 99 }
diff --git a/src/plugins/wp/tests/wp_plugin/oracle_qualif/unsafe-arrays.0.session/cache/d3af917ba88b4651ecd99c4782829b8d.json b/src/plugins/wp/tests/wp_plugin/oracle_qualif/unsafe-arrays.0.session/cache/d3af917ba88b4651ecd99c4782829b8d.json
new file mode 100644
index 0000000000000000000000000000000000000000..22aacdd802585882c204275955c1290761522df7
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/oracle_qualif/unsafe-arrays.0.session/cache/d3af917ba88b4651ecd99c4782829b8d.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0241,
+ "steps": 17 }
diff --git a/src/plugins/wp/tests/wp_plugin/rte.i b/src/plugins/wp/tests/wp_plugin/rte.i
index 1b63b3768c83f5e7f9f053f2bf203a2a879e0851..65e8988e572951b8de7ff768207b7c4e88fdfa86 100644
--- a/src/plugins/wp/tests/wp_plugin/rte.i
+++ b/src/plugins/wp/tests/wp_plugin/rte.i
@@ -1,5 +1,5 @@
/* run.config
- CMD: @frama-c@ -wp -wp-prover none -wp-check -wp-share ./share -wp-msg-key shell -wp-msg-key rte
+ CMD: @frama-c@ -wp -wp-prover none -wp-share ./share -wp-msg-key shell -wp-msg-key rte
OPT: -wp-rte -no-warn-invalid-bool -then -print -no-unicode
OPT: -wp-rte -no-warn-signed-overflow -then -print -no-unicode
OPT: -wp-rte -warn-unsigned-overflow -then -print -no-unicode
diff --git a/src/plugins/wp/tests/wp_plugin/unroll/wp/scripts/unrolled_loop_ensures_zero.json b/src/plugins/wp/tests/wp_plugin/unroll/wp/scripts/unrolled_loop_ensures_zero.json
new file mode 100644
index 0000000000000000000000000000000000000000..1c97c0efd6fc200100d43ffe2b726792238d7235
--- /dev/null
+++ b/src/plugins/wp/tests/wp_plugin/unroll/wp/scripts/unrolled_loop_ensures_zero.json
@@ -0,0 +1,54 @@
+[ { "header": "Definition", "tactic": "Wp.unfold", "params": {},
+ "select": { "select": "clause-goal",
+ "target": "(P_zeroed\n Mint_37[(shift_uint32 t_2 0)->0][(shift_uint32 t_2 1)->0]\n [(shift_uint32 t_2 2)->0][(shift_uint32 t_2 3)->0][(shift_uint32 t_2 4)\n ->0][(shift_uint32 t_2 5)->0][(shift_uint32 t_2 6)->0]\n [(shift_uint32 t_2 7)->0][(shift_uint32 t_2 8)->0][(shift_uint32 t_2 9)\n ->0][(shift_uint32 t_2 10)->0][(shift_uint32 t_2 11)->0]\n [(shift_uint32 t_2 12)->0][(shift_uint32 t_2 13)->0]\n [(shift_uint32 t_2 14)->0][(shift_uint32 t_2 15)->0] t_2 0 15)",
+ "pattern": "P_zeroed[=]$t015[=]shift_uint320" },
+ "children": { "Unfold 'P_zeroed'": [ { "header": "Range",
+ "tactic": "Wp.range",
+ "params": { "inf": 0, "sup": 15 },
+ "select": { "select": "inside-goal",
+ "occur": 0,
+ "target": "i_0",
+ "pattern": "$i" },
+ "children": { "Lower 0": [ { "prover": "qed",
+ "verdict": "valid" } ],
+ "Value 0": [ { "prover": "qed",
+ "verdict": "valid" } ],
+ "Value 1": [ { "prover": "qed",
+ "verdict": "valid" } ],
+ "Value 2": [ { "prover": "qed",
+ "verdict": "valid" } ],
+ "Value 3": [ { "prover": "qed",
+ "verdict": "valid" } ],
+ "Value 4": [ { "prover": "qed",
+ "verdict": "valid" } ],
+ "Value 5": [ { "prover": "qed",
+ "verdict": "valid" } ],
+ "Value 6": [ { "prover": "qed",
+ "verdict": "valid" } ],
+ "Value 7": [ { "prover": "qed",
+ "verdict": "valid" } ],
+ "Value 8": [ { "prover": "qed",
+ "verdict": "valid" } ],
+ "Value 9": [ { "prover": "qed",
+ "verdict": "valid" } ],
+ "Value 10":
+ [ { "prover": "qed",
+ "verdict": "valid" } ],
+ "Value 11":
+ [ { "prover": "qed",
+ "verdict": "valid" } ],
+ "Value 12":
+ [ { "prover": "qed",
+ "verdict": "valid" } ],
+ "Value 13":
+ [ { "prover": "qed",
+ "verdict": "valid" } ],
+ "Value 14":
+ [ { "prover": "qed",
+ "verdict": "valid" } ],
+ "Value 15":
+ [ { "prover": "qed",
+ "verdict": "valid" } ],
+ "Upper 15":
+ [ { "prover": "qed",
+ "verdict": "valid" } ] } } ] } } ]
diff --git a/src/plugins/wp/tests/wp_store/oracle/struct.res.oracle b/src/plugins/wp/tests/wp_store/oracle/struct.res.oracle
index 730ef7717db6e243613f7cd2925302afa9ce7e3e..5b15a883bf957c1ab05e2a58869516dac0766312 100644
--- a/src/plugins/wp/tests/wp_store/oracle/struct.res.oracle
+++ b/src/plugins/wp/tests/wp_store/oracle/struct.res.oracle
@@ -43,7 +43,7 @@ Prove: true.
------------------------------------------------------------
Goal Post-condition 'P,qed_ok' in 'main':
-Let a = global(G_v_28).
+Let a = global(G_v_30).
Let a_1 = Load_S2_St(a, Mint_0).
Assume {
Type: IsS2_St(w) /\ IsS2_St(a_1).
@@ -61,7 +61,7 @@ Prove: EqS2_St(a_1, w).
------------------------------------------------------------
Goal Post-condition 'Q,qed_ok' in 'main':
-Let a = global(G_v_28).
+Let a = global(G_v_30).
Let a_1 = Load_S2_St(a, Mint_0).
Assume {
Type: IsS2_St(w) /\ IsS2_St(a_1).
diff --git a/src/plugins/wp/tests/wp_store/oracle_qualif/nonaliasing.0.session/cache/8824303ce7307ea0a6607b5ed4deb0ae.json b/src/plugins/wp/tests/wp_store/oracle_qualif/nonaliasing.0.session/cache/8824303ce7307ea0a6607b5ed4deb0ae.json
new file mode 100644
index 0000000000000000000000000000000000000000..aa30f1021ac2d1141b12b5dc4633b873e9f4f55d
--- /dev/null
+++ b/src/plugins/wp/tests/wp_store/oracle_qualif/nonaliasing.0.session/cache/8824303ce7307ea0a6607b5ed4deb0ae.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0161,
+ "steps": 23 }
diff --git a/src/plugins/wp/tests/wp_store/oracle_qualif/nonaliasing.0.session/cache/974d21e0e97775d1697fc217acf09aae.json b/src/plugins/wp/tests/wp_store/oracle_qualif/nonaliasing.0.session/cache/974d21e0e97775d1697fc217acf09aae.json
new file mode 100644
index 0000000000000000000000000000000000000000..1806ea7577943f2fee86ab6d8b815965c32d807b
--- /dev/null
+++ b/src/plugins/wp/tests/wp_store/oracle_qualif/nonaliasing.0.session/cache/974d21e0e97775d1697fc217acf09aae.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0167,
+ "steps": 23 }
diff --git a/src/plugins/wp/tests/wp_store/oracle_qualif/nonaliasing.1.session/cache/054ac21eccbda5823e3b61d57b70fa6e.json b/src/plugins/wp/tests/wp_store/oracle_qualif/nonaliasing.1.session/cache/054ac21eccbda5823e3b61d57b70fa6e.json
new file mode 100644
index 0000000000000000000000000000000000000000..43afa6298c655fa57d10a7b891cc261abadb2b73
--- /dev/null
+++ b/src/plugins/wp/tests/wp_store/oracle_qualif/nonaliasing.1.session/cache/054ac21eccbda5823e3b61d57b70fa6e.json
@@ -0,0 +1 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "stepout", "steps": 50 }
diff --git a/src/plugins/wp/tests/wp_store/oracle_qualif/nonaliasing.1.session/cache/6f3bf79ad4f2c16243f68e50736057b2.json b/src/plugins/wp/tests/wp_store/oracle_qualif/nonaliasing.1.session/cache/6f3bf79ad4f2c16243f68e50736057b2.json
new file mode 100644
index 0000000000000000000000000000000000000000..43afa6298c655fa57d10a7b891cc261abadb2b73
--- /dev/null
+++ b/src/plugins/wp/tests/wp_store/oracle_qualif/nonaliasing.1.session/cache/6f3bf79ad4f2c16243f68e50736057b2.json
@@ -0,0 +1 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "stepout", "steps": 50 }
diff --git a/src/plugins/wp/tests/wp_store/oracle_qualif/struct.0.session/cache/94a853062337d3984c131f4b925cf498.json b/src/plugins/wp/tests/wp_store/oracle_qualif/struct.0.session/cache/94a853062337d3984c131f4b925cf498.json
new file mode 100644
index 0000000000000000000000000000000000000000..4fe43bc2d137aeee6183a499a26c4e8f2c965b67
--- /dev/null
+++ b/src/plugins/wp/tests/wp_store/oracle_qualif/struct.0.session/cache/94a853062337d3984c131f4b925cf498.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0315,
+ "steps": 35 }
diff --git a/src/plugins/wp/tests/wp_store/oracle_qualif/struct.0.session/cache/ca8f374f313f9efd2a66850f6ce238ac.json b/src/plugins/wp/tests/wp_store/oracle_qualif/struct.0.session/cache/ca8f374f313f9efd2a66850f6ce238ac.json
new file mode 100644
index 0000000000000000000000000000000000000000..e1eeffe9a6f3bdd1e2705e9dbd02ca1181d7a606
--- /dev/null
+++ b/src/plugins/wp/tests/wp_store/oracle_qualif/struct.0.session/cache/ca8f374f313f9efd2a66850f6ce238ac.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0144,
+ "steps": 17 }
diff --git a/src/plugins/wp/tests/wp_typed/oracle/array_initialized.0.res.oracle b/src/plugins/wp/tests/wp_typed/oracle/array_initialized.0.res.oracle
index dcd5344752014d5444dde03e9b4973b8f3b0d669..b461930a19aa459d0662ae84c9cd12d3f9b39050 100644
--- a/src/plugins/wp/tests/wp_typed/oracle/array_initialized.0.res.oracle
+++ b/src/plugins/wp/tests/wp_typed/oracle/array_initialized.0.res.oracle
@@ -259,7 +259,7 @@ Assume {
When: (0 <= i) /\ (i <= 499).
(* Initializer *)
Init: forall i_1 : Z. ((0 <= i_1) -> ((i_1 <= 499) ->
- (p[i_1] = global(G_p0_28)))).
+ (p[i_1] = global(G_p0_30)))).
}
Prove: valid_rw(Malloc_0, p[i], 1).
diff --git a/src/plugins/wp/tests/wp_typed/oracle/array_initialized.1.res.oracle b/src/plugins/wp/tests/wp_typed/oracle/array_initialized.1.res.oracle
index 2831cde85ee67dc7f3d59f4577692c870e6a9355..a4351662142b509704e9b463ffa67a88ac831c3c 100644
--- a/src/plugins/wp/tests/wp_typed/oracle/array_initialized.1.res.oracle
+++ b/src/plugins/wp/tests/wp_typed/oracle/array_initialized.1.res.oracle
@@ -10,7 +10,7 @@
------------------------------------------------------------
Goal Assertion (file tests/wp_typed/array_initialized.c, line 71):
-Let a = global(K_g_18).
+Let a = global(K_g_20).
Assume {
(* Goal *)
When: (0 <= i) /\ (i <= 499).
@@ -26,8 +26,8 @@ Prove: Mint_0[shift_sint32(a, i)] = 0.
------------------------------------------------------------
Goal Assertion (file tests/wp_typed/array_initialized.c, line 185):
-Let a = global(K_h1_24).
-Let a_1 = global(K_h2_25).
+Let a = global(K_h1_26).
+Let a_1 = global(K_h2_27).
Assume {
(* Goal *)
When: (0 <= i) /\ (i <= 499).
@@ -254,7 +254,7 @@ Prove: true.
------------------------------------------------------------
Goal Assertion (file tests/wp_typed/array_initialized.c, line 283):
-Let a = global(K_p_32).
+Let a = global(K_p_34).
Assume {
(* Heap *)
Type: framed(Mptr_0) /\ linked(Malloc_0).
@@ -262,7 +262,7 @@ Assume {
When: (0 <= i) /\ (i <= 499).
(* Initializer *)
Init: forall i_1 : Z. ((0 <= i_1) -> ((i_1 <= 499) ->
- (Mptr_0[shift_PTR(a, i_1)] = global(G_p0_31)))).
+ (Mptr_0[shift_PTR(a, i_1)] = global(G_p0_33)))).
}
Prove: valid_rw(Malloc_0, Mptr_0[shift_PTR(a, i)], 1).
diff --git a/src/plugins/wp/tests/wp_typed/oracle/frame.0.res.oracle b/src/plugins/wp/tests/wp_typed/oracle/frame.0.res.oracle
index 2407c64b95d2599fa97f2c4b9650afeceecb1bb0..1e91b9fe01bb8adc7ee48b04cd3545dfdf445224 100644
--- a/src/plugins/wp/tests/wp_typed/oracle/frame.0.res.oracle
+++ b/src/plugins/wp/tests/wp_typed/oracle/frame.0.res.oracle
@@ -16,13 +16,13 @@ Assume {
(* Pre-condition *)
Have: (0 <= k) /\ (k <= 19).
}
-Prove: (comp_0[k].F1_ptr) != global(L_m_26).
+Prove: (comp_0[k].F1_ptr) != global(L_m_28).
------------------------------------------------------------
Goal Assertion 'RES' (file tests/wp_typed/frame.i, line 11):
Let a = comp_0[k].F1_ptr.
-Let a_1 = global(L_m_26).
+Let a_1 = global(L_m_28).
Let x = Mint_0[a <- 4][a_1].
Assume {
Type: is_sint32(k) /\ is_sint32(x).
diff --git a/src/plugins/wp/tests/wp_typed/oracle/frame.1.res.oracle b/src/plugins/wp/tests/wp_typed/oracle/frame.1.res.oracle
index bb4a852b80b9307dfe5ee595220e1c6093edbb31..3cc68cc1beffef594728925049e0ea006134bb47 100644
--- a/src/plugins/wp/tests/wp_typed/oracle/frame.1.res.oracle
+++ b/src/plugins/wp/tests/wp_typed/oracle/frame.1.res.oracle
@@ -16,13 +16,13 @@ Assume {
(* Pre-condition *)
Have: (0 <= k) /\ (k <= 19).
}
-Prove: (comp_0[k].F1_ptr) != global(L_m_26).
+Prove: (comp_0[k].F1_ptr) != global(L_m_28).
------------------------------------------------------------
Goal Assertion 'RES' (file tests/wp_typed/frame.i, line 11):
Let a = comp_0[k].F1_ptr.
-Let a_1 = global(L_m_26).
+Let a_1 = global(L_m_28).
Let x = Mint_0[a <- 4][a_1].
Assume {
Type: is_sint32(k) /\ is_sint32(x).
diff --git a/src/plugins/wp/tests/wp_typed/oracle/unit_alloc.0.res.oracle b/src/plugins/wp/tests/wp_typed/oracle/unit_alloc.0.res.oracle
index 190fb6be9db7e84a1b4fcfda7b2aab957feafbfd..dc5985c4828c9882061431a06104de87c484cfd6 100644
--- a/src/plugins/wp/tests/wp_typed/oracle/unit_alloc.0.res.oracle
+++ b/src/plugins/wp/tests/wp_typed/oracle/unit_alloc.0.res.oracle
@@ -26,7 +26,7 @@ Prove: true.
Goal Post-condition (file tests/wp_typed/unit_alloc.i, line 33) in 'h':
Assume { (* Heap *) Type: linked(Malloc_0). }
-Prove: !valid_rw(Malloc_0[P_x_38 <- 0], global(P_x_38), 1).
+Prove: !valid_rw(Malloc_0[P_x_40 <- 0], global(P_x_40), 1).
------------------------------------------------------------
------------------------------------------------------------
@@ -40,7 +40,7 @@ Prove: true.
Goal Assertion (file tests/wp_typed/unit_alloc.i, line 21):
Assume { (* Heap *) Type: linked(Malloc_0). }
-Prove: valid_rw(Malloc_0[L_y_23 <- 1], global(L_y_23), 1).
+Prove: valid_rw(Malloc_0[L_y_25 <- 1], global(L_y_25), 1).
------------------------------------------------------------
@@ -50,13 +50,13 @@ Prove: true.
------------------------------------------------------------
Goal Assertion (file tests/wp_typed/unit_alloc.i, line 24):
-Let a = global(L_y_23).
+Let a = global(L_y_25).
Assume {
(* Heap *)
Type: linked(Malloc_0).
(* Assertion *)
- Have: valid_rw(Malloc_0[L_y_23 <- 1], a, 1).
+ Have: valid_rw(Malloc_0[L_y_25 <- 1], a, 1).
}
-Prove: !valid_rw(Malloc_0[L_y_23 <- 0], a, 1).
+Prove: !valid_rw(Malloc_0[L_y_25 <- 0], a, 1).
------------------------------------------------------------
diff --git a/src/plugins/wp/tests/wp_typed/oracle/unit_alloc.1.res.oracle b/src/plugins/wp/tests/wp_typed/oracle/unit_alloc.1.res.oracle
index 38f2578d64361bff7d17819b0051134275a54545..3716b8fceb32bf2565e3b264e65a2550bc1cc8f0 100644
--- a/src/plugins/wp/tests/wp_typed/oracle/unit_alloc.1.res.oracle
+++ b/src/plugins/wp/tests/wp_typed/oracle/unit_alloc.1.res.oracle
@@ -26,7 +26,7 @@ Prove: true.
Goal Post-condition (file tests/wp_typed/unit_alloc.i, line 33) in 'h':
Assume { (* Heap *) Type: linked(Malloc_0). }
-Prove: !valid_rw(Malloc_0[P_x_38 <- 0], global(P_x_38), 1).
+Prove: !valid_rw(Malloc_0[P_x_40 <- 0], global(P_x_40), 1).
------------------------------------------------------------
------------------------------------------------------------
@@ -40,7 +40,7 @@ Prove: true.
Goal Assertion (file tests/wp_typed/unit_alloc.i, line 21):
Assume { (* Heap *) Type: linked(Malloc_0). }
-Prove: valid_rw(Malloc_0[L_y_23 <- 1], global(L_y_23), 1).
+Prove: valid_rw(Malloc_0[L_y_25 <- 1], global(L_y_25), 1).
------------------------------------------------------------
@@ -50,13 +50,13 @@ Prove: true.
------------------------------------------------------------
Goal Assertion (file tests/wp_typed/unit_alloc.i, line 24):
-Let a = global(L_y_23).
+Let a = global(L_y_25).
Assume {
(* Heap *)
Type: linked(Malloc_0).
(* Assertion *)
- Have: valid_rw(Malloc_0[L_y_23 <- 1], a, 1).
+ Have: valid_rw(Malloc_0[L_y_25 <- 1], a, 1).
}
-Prove: !valid_rw(Malloc_0[L_y_23 <- 0], a, 1).
+Prove: !valid_rw(Malloc_0[L_y_25 <- 0], a, 1).
------------------------------------------------------------
diff --git a/src/plugins/wp/tests/wp_typed/oracle/unit_local.0.res.oracle b/src/plugins/wp/tests/wp_typed/oracle/unit_local.0.res.oracle
index dfa5e2f13d2f78c2ff084841501e5c70e8709f3f..e81bad545d076c6fb587da7846856a050e5be47d 100644
--- a/src/plugins/wp/tests/wp_typed/oracle/unit_local.0.res.oracle
+++ b/src/plugins/wp/tests/wp_typed/oracle/unit_local.0.res.oracle
@@ -25,6 +25,6 @@ Prove: true.
Goal Assigns nothing in 'foo' (2/2):
Effect at line 19
Assume { (* Heap *) Type: linked(Malloc_0). }
-Prove: invalid(Malloc_0, global(L_a_21), 1).
+Prove: invalid(Malloc_0, global(L_a_23), 1).
------------------------------------------------------------
diff --git a/src/plugins/wp/tests/wp_typed/oracle/unit_local.1.res.oracle b/src/plugins/wp/tests/wp_typed/oracle/unit_local.1.res.oracle
index 106ea82cce505befa0216508c64323c48ab8f370..ca652b49c38ec3d95c0e7c50b854e457574442ae 100644
--- a/src/plugins/wp/tests/wp_typed/oracle/unit_local.1.res.oracle
+++ b/src/plugins/wp/tests/wp_typed/oracle/unit_local.1.res.oracle
@@ -10,7 +10,7 @@
Goal Assigns nothing in 'bar':
Effect at line 28
Assume { (* Heap *) Type: linked(Malloc_0). }
-Prove: invalid(Malloc_0, global(L_a_26), 1).
+Prove: invalid(Malloc_0, global(L_a_28), 1).
------------------------------------------------------------
------------------------------------------------------------
@@ -20,13 +20,13 @@ Prove: invalid(Malloc_0, global(L_a_26), 1).
Goal Assigns nothing in 'foo' (1/2):
Effect at line 18
Assume { (* Heap *) Type: linked(Malloc_0). }
-Prove: invalid(Malloc_0, global(L_pa_22), 1).
+Prove: invalid(Malloc_0, global(L_pa_24), 1).
------------------------------------------------------------
Goal Assigns nothing in 'foo' (2/2):
Effect at line 19
Assume { (* Heap *) Type: linked(Malloc_0). }
-Prove: invalid(Malloc_0, global(L_a_21), 1).
+Prove: invalid(Malloc_0, global(L_a_23), 1).
------------------------------------------------------------
diff --git a/src/plugins/wp/tests/wp_typed/oracle/user_init.0.res.oracle b/src/plugins/wp/tests/wp_typed/oracle/user_init.0.res.oracle
index 361403d8aa29de64eda5957972cccf0bc48cc33a..999fd9b742431831e08595ee7463dfe6d0469cd4 100644
--- a/src/plugins/wp/tests/wp_typed/oracle/user_init.0.res.oracle
+++ b/src/plugins/wp/tests/wp_typed/oracle/user_init.0.res.oracle
@@ -232,7 +232,7 @@ Prove: true.
------------------------------------------------------------
Goal Post-condition (file tests/wp_typed/user_init.i, line 127) in 'init_t2_bis_v1':
-Let a = global(G_t2_50).
+Let a = global(G_t2_52).
Assume {
Type: is_uint32(i_2) /\ is_sint32(v).
(* Goal *)
@@ -262,7 +262,7 @@ Prove: true.
------------------------------------------------------------
Goal Preservation of Invariant 'Partial' (file tests/wp_typed/user_init.i, line 136):
-Let a = global(G_t2_50).
+Let a = global(G_t2_52).
Let a_1 = shift_A20_sint32(a, i).
Let a_2 = shift_sint32(a_1, 0).
Let a_3 = havoc(Mint_undef_0, Mint_0, a_2, 20).
@@ -298,7 +298,7 @@ Prove: true.
------------------------------------------------------------
Goal Preservation of Invariant 'Range' (file tests/wp_typed/user_init.i, line 135):
-Let a = global(G_t2_50).
+Let a = global(G_t2_52).
Let a_1 = shift_A20_sint32(a, i).
Assume {
Type: is_uint32(i) /\ is_sint32(v).
@@ -342,7 +342,7 @@ Prove: true.
Goal Loop assigns 'lack,Zone' (2/3):
Effect at line 139
-Let a = global(G_t2_50).
+Let a = global(G_t2_52).
Let a_1 = shift_A20_sint32(a, i_2).
Assume {
Type: is_uint32(i_2) /\ is_sint32(v).
@@ -376,7 +376,7 @@ Prove: exists i_8,i_7 : Z. (i_8 <= i) /\ (i_7 <= i_1) /\ (0 <= i_8) /\
Goal Loop assigns 'lack,Zone' (3/3):
Call Effect at line 140
-Let a = global(G_t2_50).
+Let a = global(G_t2_52).
Let a_1 = shift_A20_sint32(a, i).
Assume {
Type: is_uint32(i) /\ is_sint32(v).
@@ -425,7 +425,7 @@ Assume {
Have: forall a : addr.
((forall i_5,i_4 : Z. ((0 <= i_5) -> ((0 <= i_4) -> ((i_5 <= 9) ->
((i_4 <= 19) ->
- (shift_sint32(shift_A20_sint32(global(G_t2_50), i_5), i_4) != a)))))) ->
+ (shift_sint32(shift_A20_sint32(global(G_t2_52), i_5), i_4) != a)))))) ->
(Mint_0[a] = Mint_1[a])).
}
Prove: exists i_5,i_4 : Z. (i_5 <= i) /\ (i_4 <= i_1) /\ (0 <= i_5) /\
@@ -460,7 +460,7 @@ Assume {
Have: forall a : addr.
((forall i_5,i_4 : Z. ((0 <= i_5) -> ((0 <= i_4) -> ((i_5 <= 9) ->
((i_4 <= 19) ->
- (shift_sint32(shift_A20_sint32(global(G_t2_50), i_5), i_4) != a)))))) ->
+ (shift_sint32(shift_A20_sint32(global(G_t2_52), i_5), i_4) != a)))))) ->
(Mint_0[a] = Mint_1[a])).
}
Prove: exists i_5,i_4 : Z. (i_5 <= i) /\ (i_4 <= i_1) /\ (0 <= i_5) /\
@@ -469,7 +469,7 @@ Prove: exists i_5,i_4 : Z. (i_5 <= i) /\ (i_4 <= i_1) /\ (0 <= i_5) /\
------------------------------------------------------------
Goal Decreasing of Loop variant at loop (file tests/wp_typed/user_init.i, line 139):
-Let a = global(G_t2_50).
+Let a = global(G_t2_52).
Let a_1 = shift_A20_sint32(a, i).
Assume {
Type: is_uint32(i) /\ is_sint32(v).
@@ -517,7 +517,7 @@ Prove: true.
------------------------------------------------------------
Goal Post-condition (file tests/wp_typed/user_init.i, line 145) in 'init_t2_bis_v2':
-Let a = global(G_t2_50).
+Let a = global(G_t2_52).
Assume {
Type: is_uint32(i_2) /\ is_sint32(v).
(* Goal *)
@@ -546,7 +546,7 @@ Prove: true.
------------------------------------------------------------
Goal Preservation of Invariant 'Partial' (file tests/wp_typed/user_init.i, line 154):
-Let a = global(G_t2_50).
+Let a = global(G_t2_52).
Let a_1 = shift_A20_sint32(a, i).
Let a_2 = shift_sint32(a_1, 0).
Let a_3 = havoc(Mint_undef_0, Mint_0, a_2, 20).
@@ -581,7 +581,7 @@ Prove: true.
------------------------------------------------------------
Goal Preservation of Invariant 'Range' (file tests/wp_typed/user_init.i, line 153):
-Let a = global(G_t2_50).
+Let a = global(G_t2_52).
Let a_1 = shift_A20_sint32(a, i).
Assume {
Type: is_uint32(i) /\ is_sint32(v).
@@ -624,7 +624,7 @@ Prove: true.
Goal Loop assigns 'tactic,Zone' (2/3):
Effect at line 157
-Let a = global(G_t2_50).
+Let a = global(G_t2_52).
Let a_1 = shift_A20_sint32(a, i_2).
Assume {
Type: is_uint32(i_2) /\ is_sint32(v).
@@ -656,7 +656,7 @@ Prove: exists i_7,i_6 : Z. (i_7 <= i) /\ (i_6 <= i_1) /\ (0 <= i_7) /\
Goal Loop assigns 'tactic,Zone' (3/3):
Call Effect at line 158
-Let a = global(G_t2_50).
+Let a = global(G_t2_52).
Let a_1 = shift_A20_sint32(a, i).
Assume {
Type: is_uint32(i) /\ is_sint32(v).
@@ -701,7 +701,7 @@ Assume {
(* Loop assigns 'tactic,Zone' *)
Have: forall a : addr.
((forall i_5,i_4 : Z. ((0 <= i_5) -> ((i_5 <= 9) ->
- (shift_sint32(shift_A20_sint32(global(G_t2_50), i_5), i_4) != a)))) ->
+ (shift_sint32(shift_A20_sint32(global(G_t2_52), i_5), i_4) != a)))) ->
(Mint_0[a] = Mint_1[a])).
}
Prove: exists i_5,i_4 : Z. (i_5 <= i) /\ (i_4 <= i_1) /\ (0 <= i_5) /\
@@ -733,7 +733,7 @@ Assume {
(* Loop assigns 'tactic,Zone' *)
Have: forall a : addr.
((forall i_5,i_4 : Z. ((0 <= i_5) -> ((i_5 <= 9) ->
- (shift_sint32(shift_A20_sint32(global(G_t2_50), i_5), i_4) != a)))) ->
+ (shift_sint32(shift_A20_sint32(global(G_t2_52), i_5), i_4) != a)))) ->
(Mint_0[a] = Mint_1[a])).
}
Prove: exists i_5,i_4 : Z. (i_5 <= i) /\ (i_4 <= i_1) /\ (0 <= i_5) /\
@@ -742,7 +742,7 @@ Prove: exists i_5,i_4 : Z. (i_5 <= i) /\ (i_4 <= i_1) /\ (0 <= i_5) /\
------------------------------------------------------------
Goal Decreasing of Loop variant at loop (file tests/wp_typed/user_init.i, line 157):
-Let a = global(G_t2_50).
+Let a = global(G_t2_52).
Let a_1 = shift_A20_sint32(a, i).
Assume {
Type: is_uint32(i) /\ is_sint32(v).
diff --git a/src/plugins/wp/tests/wp_typed/oracle/user_init.1.res.oracle b/src/plugins/wp/tests/wp_typed/oracle/user_init.1.res.oracle
index 0247f47de979fad1f0090fbb71164402c76940b2..e6996907f9367101bc6353be0b7ae906cb568ba9 100644
--- a/src/plugins/wp/tests/wp_typed/oracle/user_init.1.res.oracle
+++ b/src/plugins/wp/tests/wp_typed/oracle/user_init.1.res.oracle
@@ -232,7 +232,7 @@ Prove: true.
------------------------------------------------------------
Goal Post-condition (file tests/wp_typed/user_init.i, line 127) in 'init_t2_bis_v1':
-Let a = global(G_t2_50).
+Let a = global(G_t2_52).
Assume {
Type: is_uint32(i_2) /\ is_sint32(v).
(* Goal *)
@@ -262,7 +262,7 @@ Prove: true.
------------------------------------------------------------
Goal Preservation of Invariant 'Partial' (file tests/wp_typed/user_init.i, line 136):
-Let a = global(G_t2_50).
+Let a = global(G_t2_52).
Let a_1 = shift_A20_sint32(a, i).
Let a_2 = shift_sint32(a_1, 0).
Let a_3 = havoc(Mint_undef_0, Mint_0, a_2, 20).
@@ -298,7 +298,7 @@ Prove: true.
------------------------------------------------------------
Goal Preservation of Invariant 'Range' (file tests/wp_typed/user_init.i, line 135):
-Let a = global(G_t2_50).
+Let a = global(G_t2_52).
Let a_1 = shift_A20_sint32(a, i).
Assume {
Type: is_uint32(i) /\ is_sint32(v).
@@ -342,7 +342,7 @@ Prove: true.
Goal Loop assigns 'lack,Zone' (2/3):
Effect at line 139
-Let a = global(G_t2_50).
+Let a = global(G_t2_52).
Let a_1 = shift_A20_sint32(a, i_2).
Assume {
Type: is_uint32(i_2) /\ is_sint32(v).
@@ -376,7 +376,7 @@ Prove: exists i_8,i_7 : Z. (i_8 <= i) /\ (i_7 <= i_1) /\ (0 <= i_8) /\
Goal Loop assigns 'lack,Zone' (3/3):
Call Effect at line 140
-Let a = global(G_t2_50).
+Let a = global(G_t2_52).
Let a_1 = shift_A20_sint32(a, i).
Assume {
Type: is_uint32(i) /\ is_sint32(v).
@@ -425,7 +425,7 @@ Assume {
Have: forall a : addr.
((forall i_5,i_4 : Z. ((0 <= i_5) -> ((0 <= i_4) -> ((i_5 <= 9) ->
((i_4 <= 19) ->
- (shift_sint32(shift_A20_sint32(global(G_t2_50), i_5), i_4) != a)))))) ->
+ (shift_sint32(shift_A20_sint32(global(G_t2_52), i_5), i_4) != a)))))) ->
(Mint_0[a] = Mint_1[a])).
}
Prove: exists i_5,i_4 : Z. (i_5 <= i) /\ (i_4 <= i_1) /\ (0 <= i_5) /\
@@ -460,7 +460,7 @@ Assume {
Have: forall a : addr.
((forall i_5,i_4 : Z. ((0 <= i_5) -> ((0 <= i_4) -> ((i_5 <= 9) ->
((i_4 <= 19) ->
- (shift_sint32(shift_A20_sint32(global(G_t2_50), i_5), i_4) != a)))))) ->
+ (shift_sint32(shift_A20_sint32(global(G_t2_52), i_5), i_4) != a)))))) ->
(Mint_0[a] = Mint_1[a])).
}
Prove: exists i_5,i_4 : Z. (i_5 <= i) /\ (i_4 <= i_1) /\ (0 <= i_5) /\
@@ -469,7 +469,7 @@ Prove: exists i_5,i_4 : Z. (i_5 <= i) /\ (i_4 <= i_1) /\ (0 <= i_5) /\
------------------------------------------------------------
Goal Decreasing of Loop variant at loop (file tests/wp_typed/user_init.i, line 139):
-Let a = global(G_t2_50).
+Let a = global(G_t2_52).
Let a_1 = shift_A20_sint32(a, i).
Assume {
Type: is_uint32(i) /\ is_sint32(v).
@@ -517,7 +517,7 @@ Prove: true.
------------------------------------------------------------
Goal Post-condition (file tests/wp_typed/user_init.i, line 145) in 'init_t2_bis_v2':
-Let a = global(G_t2_50).
+Let a = global(G_t2_52).
Assume {
Type: is_uint32(i_2) /\ is_sint32(v).
(* Goal *)
@@ -546,7 +546,7 @@ Prove: true.
------------------------------------------------------------
Goal Preservation of Invariant 'Partial' (file tests/wp_typed/user_init.i, line 154):
-Let a = global(G_t2_50).
+Let a = global(G_t2_52).
Let a_1 = shift_A20_sint32(a, i).
Let a_2 = shift_sint32(a_1, 0).
Let a_3 = havoc(Mint_undef_0, Mint_0, a_2, 20).
@@ -581,7 +581,7 @@ Prove: true.
------------------------------------------------------------
Goal Preservation of Invariant 'Range' (file tests/wp_typed/user_init.i, line 153):
-Let a = global(G_t2_50).
+Let a = global(G_t2_52).
Let a_1 = shift_A20_sint32(a, i).
Assume {
Type: is_uint32(i) /\ is_sint32(v).
@@ -624,7 +624,7 @@ Prove: true.
Goal Loop assigns 'tactic,Zone' (2/3):
Effect at line 157
-Let a = global(G_t2_50).
+Let a = global(G_t2_52).
Let a_1 = shift_A20_sint32(a, i_2).
Assume {
Type: is_uint32(i_2) /\ is_sint32(v).
@@ -656,7 +656,7 @@ Prove: exists i_7,i_6 : Z. (i_7 <= i) /\ (i_6 <= i_1) /\ (0 <= i_7) /\
Goal Loop assigns 'tactic,Zone' (3/3):
Call Effect at line 158
-Let a = global(G_t2_50).
+Let a = global(G_t2_52).
Let a_1 = shift_A20_sint32(a, i).
Assume {
Type: is_uint32(i) /\ is_sint32(v).
@@ -701,7 +701,7 @@ Assume {
(* Loop assigns 'tactic,Zone' *)
Have: forall a : addr.
((forall i_5,i_4 : Z. ((0 <= i_5) -> ((i_5 <= 9) ->
- (shift_sint32(shift_A20_sint32(global(G_t2_50), i_5), i_4) != a)))) ->
+ (shift_sint32(shift_A20_sint32(global(G_t2_52), i_5), i_4) != a)))) ->
(Mint_0[a] = Mint_1[a])).
}
Prove: exists i_5,i_4 : Z. (i_5 <= i) /\ (i_4 <= i_1) /\ (0 <= i_5) /\
@@ -733,7 +733,7 @@ Assume {
(* Loop assigns 'tactic,Zone' *)
Have: forall a : addr.
((forall i_5,i_4 : Z. ((0 <= i_5) -> ((i_5 <= 9) ->
- (shift_sint32(shift_A20_sint32(global(G_t2_50), i_5), i_4) != a)))) ->
+ (shift_sint32(shift_A20_sint32(global(G_t2_52), i_5), i_4) != a)))) ->
(Mint_0[a] = Mint_1[a])).
}
Prove: exists i_5,i_4 : Z. (i_5 <= i) /\ (i_4 <= i_1) /\ (0 <= i_5) /\
@@ -742,7 +742,7 @@ Prove: exists i_5,i_4 : Z. (i_5 <= i) /\ (i_4 <= i_1) /\ (0 <= i_5) /\
------------------------------------------------------------
Goal Decreasing of Loop variant at loop (file tests/wp_typed/user_init.i, line 157):
-Let a = global(G_t2_50).
+Let a = global(G_t2_52).
Let a_1 = shift_A20_sint32(a, i).
Assume {
Type: is_uint32(i) /\ is_sint32(v).
diff --git a/src/plugins/wp/tests/wp_typed/oracle_qualif/array_initialized.0.session/cache/54640927ace915eaf531f7d99162bff2.json b/src/plugins/wp/tests/wp_typed/oracle_qualif/array_initialized.0.session/cache/54640927ace915eaf531f7d99162bff2.json
new file mode 100644
index 0000000000000000000000000000000000000000..d4c420642acac99a40d237b884d65100ada3bb25
--- /dev/null
+++ b/src/plugins/wp/tests/wp_typed/oracle_qualif/array_initialized.0.session/cache/54640927ace915eaf531f7d99162bff2.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0297,
+ "steps": 44 }
diff --git a/src/plugins/wp/tests/wp_typed/oracle_qualif/array_initialized.0.session/cache/cbef7a2678ffbb62f89898239a2300cf.json b/src/plugins/wp/tests/wp_typed/oracle_qualif/array_initialized.0.session/cache/cbef7a2678ffbb62f89898239a2300cf.json
new file mode 100644
index 0000000000000000000000000000000000000000..567235ebb3021f449ef2188334d4d6610105759c
--- /dev/null
+++ b/src/plugins/wp/tests/wp_typed/oracle_qualif/array_initialized.0.session/cache/cbef7a2678ffbb62f89898239a2300cf.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0242,
+ "steps": 18 }
diff --git a/src/plugins/wp/tests/wp_typed/oracle_qualif/array_initialized.1.session/cache/aa1fad5015602138db9f12fbfce39c6a.json b/src/plugins/wp/tests/wp_typed/oracle_qualif/array_initialized.1.session/cache/aa1fad5015602138db9f12fbfce39c6a.json
new file mode 100644
index 0000000000000000000000000000000000000000..c9c887f8a27cf80093cc4d2956f5ad5006546747
--- /dev/null
+++ b/src/plugins/wp/tests/wp_typed/oracle_qualif/array_initialized.1.session/cache/aa1fad5015602138db9f12fbfce39c6a.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0329,
+ "steps": 48 }
diff --git a/src/plugins/wp/tests/wp_typed/oracle_qualif/array_initialized.1.session/cache/c0a758625fc5806b2d004ce066f809f1.json b/src/plugins/wp/tests/wp_typed/oracle_qualif/array_initialized.1.session/cache/c0a758625fc5806b2d004ce066f809f1.json
new file mode 100644
index 0000000000000000000000000000000000000000..bb482c14edad2df090d9c986b78a588b701c9953
--- /dev/null
+++ b/src/plugins/wp/tests/wp_typed/oracle_qualif/array_initialized.1.session/cache/c0a758625fc5806b2d004ce066f809f1.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0591,
+ "steps": 115 }
diff --git a/src/plugins/wp/tests/wp_typed/oracle_qualif/array_initialized.1.session/cache/cbef7a2678ffbb62f89898239a2300cf.json b/src/plugins/wp/tests/wp_typed/oracle_qualif/array_initialized.1.session/cache/cbef7a2678ffbb62f89898239a2300cf.json
new file mode 100644
index 0000000000000000000000000000000000000000..567235ebb3021f449ef2188334d4d6610105759c
--- /dev/null
+++ b/src/plugins/wp/tests/wp_typed/oracle_qualif/array_initialized.1.session/cache/cbef7a2678ffbb62f89898239a2300cf.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0242,
+ "steps": 18 }
diff --git a/src/plugins/wp/tests/wp_typed/oracle_qualif/array_initialized.1.session/cache/edcf65b50fa78c78cddb184cdd54ed56.json b/src/plugins/wp/tests/wp_typed/oracle_qualif/array_initialized.1.session/cache/edcf65b50fa78c78cddb184cdd54ed56.json
new file mode 100644
index 0000000000000000000000000000000000000000..8d4acf025ff6faf6b8e42004ff0e35b7c6921d0e
--- /dev/null
+++ b/src/plugins/wp/tests/wp_typed/oracle_qualif/array_initialized.1.session/cache/edcf65b50fa78c78cddb184cdd54ed56.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0131,
+ "steps": 12 }
diff --git a/src/plugins/wp/tests/wp_typed/oracle_qualif/cast_fits.0.session/cache/275f36697bf837a8e650d76b262a2972.json b/src/plugins/wp/tests/wp_typed/oracle_qualif/cast_fits.0.session/cache/275f36697bf837a8e650d76b262a2972.json
new file mode 100644
index 0000000000000000000000000000000000000000..b8e36e2803fcc35bf7625695f4ebcfc62989c064
--- /dev/null
+++ b/src/plugins/wp/tests/wp_typed/oracle_qualif/cast_fits.0.session/cache/275f36697bf837a8e650d76b262a2972.json
@@ -0,0 +1 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "timeout", "time": 10. }
diff --git a/src/plugins/wp/tests/wp_typed/oracle_qualif/cast_fits.0.session/cache/2d49dd2aa47e49570e397cc771e23a05.json b/src/plugins/wp/tests/wp_typed/oracle_qualif/cast_fits.0.session/cache/2d49dd2aa47e49570e397cc771e23a05.json
new file mode 100644
index 0000000000000000000000000000000000000000..3b4f2564d06dab1ef993a9a6cb17eaae2e174e57
--- /dev/null
+++ b/src/plugins/wp/tests/wp_typed/oracle_qualif/cast_fits.0.session/cache/2d49dd2aa47e49570e397cc771e23a05.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0208,
+ "steps": 23 }
diff --git a/src/plugins/wp/tests/wp_typed/oracle_qualif/cast_fits.0.session/cache/47de988037a45f7d6177eadd7d8a885f.json b/src/plugins/wp/tests/wp_typed/oracle_qualif/cast_fits.0.session/cache/47de988037a45f7d6177eadd7d8a885f.json
new file mode 100644
index 0000000000000000000000000000000000000000..89dcd109b795bf49d80b4ae1217159969c5d3c15
--- /dev/null
+++ b/src/plugins/wp/tests/wp_typed/oracle_qualif/cast_fits.0.session/cache/47de988037a45f7d6177eadd7d8a885f.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0212,
+ "steps": 12 }
diff --git a/src/plugins/wp/tests/wp_typed/oracle_qualif/cast_fits.0.session/cache/69c6adb0d354ab9716344b82e02e28da.json b/src/plugins/wp/tests/wp_typed/oracle_qualif/cast_fits.0.session/cache/69c6adb0d354ab9716344b82e02e28da.json
new file mode 100644
index 0000000000000000000000000000000000000000..806ce6a597c36621b3e95733f7406bdba8ee633e
--- /dev/null
+++ b/src/plugins/wp/tests/wp_typed/oracle_qualif/cast_fits.0.session/cache/69c6adb0d354ab9716344b82e02e28da.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0229,
+ "steps": 12 }
diff --git a/src/plugins/wp/tests/wp_typed/oracle_qualif/cast_fits.0.session/cache/aab17c8e0ce454a4c0284ffae858edf6.json b/src/plugins/wp/tests/wp_typed/oracle_qualif/cast_fits.0.session/cache/aab17c8e0ce454a4c0284ffae858edf6.json
new file mode 100644
index 0000000000000000000000000000000000000000..b8e36e2803fcc35bf7625695f4ebcfc62989c064
--- /dev/null
+++ b/src/plugins/wp/tests/wp_typed/oracle_qualif/cast_fits.0.session/cache/aab17c8e0ce454a4c0284ffae858edf6.json
@@ -0,0 +1 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "timeout", "time": 10. }
diff --git a/src/plugins/wp/tests/wp_typed/oracle_qualif/cast_fits.0.session/cache/bbe62e3cff4dcf2d16418512a09cc682.json b/src/plugins/wp/tests/wp_typed/oracle_qualif/cast_fits.0.session/cache/bbe62e3cff4dcf2d16418512a09cc682.json
new file mode 100644
index 0000000000000000000000000000000000000000..b8e36e2803fcc35bf7625695f4ebcfc62989c064
--- /dev/null
+++ b/src/plugins/wp/tests/wp_typed/oracle_qualif/cast_fits.0.session/cache/bbe62e3cff4dcf2d16418512a09cc682.json
@@ -0,0 +1 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "timeout", "time": 10. }
diff --git a/src/plugins/wp/tests/wp_typed/oracle_qualif/cast_fits.0.session/cache/cfd3a385e095a454ca4b030e22ce34d3.json b/src/plugins/wp/tests/wp_typed/oracle_qualif/cast_fits.0.session/cache/cfd3a385e095a454ca4b030e22ce34d3.json
new file mode 100644
index 0000000000000000000000000000000000000000..87262401f1a2d51b53e3452b80ee11c80938dc0c
--- /dev/null
+++ b/src/plugins/wp/tests/wp_typed/oracle_qualif/cast_fits.0.session/cache/cfd3a385e095a454ca4b030e22ce34d3.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0226,
+ "steps": 14 }
diff --git a/src/plugins/wp/tests/wp_typed/oracle_qualif/frame.0.session/cache/1c8e1bc5a936e2c520c323bce7927b1f.json b/src/plugins/wp/tests/wp_typed/oracle_qualif/frame.0.session/cache/1c8e1bc5a936e2c520c323bce7927b1f.json
new file mode 100644
index 0000000000000000000000000000000000000000..305d3e4e43849f4122bc8ae48cf053153112db10
--- /dev/null
+++ b/src/plugins/wp/tests/wp_typed/oracle_qualif/frame.0.session/cache/1c8e1bc5a936e2c520c323bce7927b1f.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0149,
+ "steps": 17 }
diff --git a/src/plugins/wp/tests/wp_typed/oracle_qualif/frame.0.session/cache/2de2447a32b00f58b6bf40b3b90caf3a.json b/src/plugins/wp/tests/wp_typed/oracle_qualif/frame.0.session/cache/2de2447a32b00f58b6bf40b3b90caf3a.json
new file mode 100644
index 0000000000000000000000000000000000000000..1e1d9aacca38104a1c39e2e4319b95bc09bb0173
--- /dev/null
+++ b/src/plugins/wp/tests/wp_typed/oracle_qualif/frame.0.session/cache/2de2447a32b00f58b6bf40b3b90caf3a.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0141,
+ "steps": 16 }
diff --git a/src/plugins/wp/tests/wp_typed/oracle_qualif/shift_lemma.0.session/cache/02a5967e29d215a319e5d52aeea6ee2b.json b/src/plugins/wp/tests/wp_typed/oracle_qualif/shift_lemma.0.session/cache/02a5967e29d215a319e5d52aeea6ee2b.json
new file mode 100644
index 0000000000000000000000000000000000000000..5da140c7b3042f342fd2898e59285133bd7e532f
--- /dev/null
+++ b/src/plugins/wp/tests/wp_typed/oracle_qualif/shift_lemma.0.session/cache/02a5967e29d215a319e5d52aeea6ee2b.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0209,
+ "steps": 13 }
diff --git a/src/plugins/wp/tests/wp_typed/oracle_qualif/shift_lemma.0.session/cache/578bba9c847de51c178d0337644fd81e.json b/src/plugins/wp/tests/wp_typed/oracle_qualif/shift_lemma.0.session/cache/578bba9c847de51c178d0337644fd81e.json
new file mode 100644
index 0000000000000000000000000000000000000000..b772d858a8002baf5a804cb8adf92aee9098600a
--- /dev/null
+++ b/src/plugins/wp/tests/wp_typed/oracle_qualif/shift_lemma.0.session/cache/578bba9c847de51c178d0337644fd81e.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0225,
+ "steps": 22 }
diff --git a/src/plugins/wp/tests/wp_typed/oracle_qualif/shift_lemma.0.session/cache/7882f8daf0f62dd319b068a984bce5ae.json b/src/plugins/wp/tests/wp_typed/oracle_qualif/shift_lemma.0.session/cache/7882f8daf0f62dd319b068a984bce5ae.json
new file mode 100644
index 0000000000000000000000000000000000000000..73b69fce80dc41f51e3d9adf6ec30db7acdc2a3b
--- /dev/null
+++ b/src/plugins/wp/tests/wp_typed/oracle_qualif/shift_lemma.0.session/cache/7882f8daf0f62dd319b068a984bce5ae.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0137,
+ "steps": 15 }
diff --git a/src/plugins/wp/tests/wp_typed/oracle_qualif/unit_alloc.0.session/cache/51f562f110aa57a99fb537f2987e09da.json b/src/plugins/wp/tests/wp_typed/oracle_qualif/unit_alloc.0.session/cache/51f562f110aa57a99fb537f2987e09da.json
new file mode 100644
index 0000000000000000000000000000000000000000..a5b1fd54b259375cc81cf1384d5bfc53664f7c99
--- /dev/null
+++ b/src/plugins/wp/tests/wp_typed/oracle_qualif/unit_alloc.0.session/cache/51f562f110aa57a99fb537f2987e09da.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0193,
+ "steps": 14 }
diff --git a/src/plugins/wp/tests/wp_typed/oracle_qualif/unit_alloc.0.session/cache/9ec67e1127d3b8a1f5e26915449443c8.json b/src/plugins/wp/tests/wp_typed/oracle_qualif/unit_alloc.0.session/cache/9ec67e1127d3b8a1f5e26915449443c8.json
new file mode 100644
index 0000000000000000000000000000000000000000..f9a2eaa926418675e5ea9f5f45d649327baa6675
--- /dev/null
+++ b/src/plugins/wp/tests/wp_typed/oracle_qualif/unit_alloc.0.session/cache/9ec67e1127d3b8a1f5e26915449443c8.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0234,
+ "steps": 20 }
diff --git a/src/plugins/wp/tests/wp_typed/oracle_qualif/unit_alloc.0.session/cache/caf3de3711d3f3c15ff182a47b1a66e9.json b/src/plugins/wp/tests/wp_typed/oracle_qualif/unit_alloc.0.session/cache/caf3de3711d3f3c15ff182a47b1a66e9.json
new file mode 100644
index 0000000000000000000000000000000000000000..c8b2450bb5c907e6162ac9cb1a23579c963bfa9d
--- /dev/null
+++ b/src/plugins/wp/tests/wp_typed/oracle_qualif/unit_alloc.0.session/cache/caf3de3711d3f3c15ff182a47b1a66e9.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0118,
+ "steps": 12 }
diff --git a/src/plugins/wp/tests/wp_typed/oracle_qualif/unit_alloc.1.session/cache/51f562f110aa57a99fb537f2987e09da.json b/src/plugins/wp/tests/wp_typed/oracle_qualif/unit_alloc.1.session/cache/51f562f110aa57a99fb537f2987e09da.json
new file mode 100644
index 0000000000000000000000000000000000000000..2a625a90949537ae37f1891d0a7dca77e5eaee73
--- /dev/null
+++ b/src/plugins/wp/tests/wp_typed/oracle_qualif/unit_alloc.1.session/cache/51f562f110aa57a99fb537f2987e09da.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0194,
+ "steps": 14 }
diff --git a/src/plugins/wp/tests/wp_typed/oracle_qualif/unit_alloc.1.session/cache/9ec67e1127d3b8a1f5e26915449443c8.json b/src/plugins/wp/tests/wp_typed/oracle_qualif/unit_alloc.1.session/cache/9ec67e1127d3b8a1f5e26915449443c8.json
new file mode 100644
index 0000000000000000000000000000000000000000..1922024e1b437b9367d8585bc39aefe2e094ad35
--- /dev/null
+++ b/src/plugins/wp/tests/wp_typed/oracle_qualif/unit_alloc.1.session/cache/9ec67e1127d3b8a1f5e26915449443c8.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0233,
+ "steps": 20 }
diff --git a/src/plugins/wp/tests/wp_typed/oracle_qualif/unit_alloc.1.session/cache/caf3de3711d3f3c15ff182a47b1a66e9.json b/src/plugins/wp/tests/wp_typed/oracle_qualif/unit_alloc.1.session/cache/caf3de3711d3f3c15ff182a47b1a66e9.json
new file mode 100644
index 0000000000000000000000000000000000000000..72ce61cd3a6b7afd106c54b4ffc39f332befa2d6
--- /dev/null
+++ b/src/plugins/wp/tests/wp_typed/oracle_qualif/unit_alloc.1.session/cache/caf3de3711d3f3c15ff182a47b1a66e9.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0187,
+ "steps": 12 }
diff --git a/src/plugins/wp/tests/wp_typed/oracle_qualif/unit_cast.0.session/cache/5725debb61cac997c8aec1f3b0b2205f.json b/src/plugins/wp/tests/wp_typed/oracle_qualif/unit_cast.0.session/cache/5725debb61cac997c8aec1f3b0b2205f.json
new file mode 100644
index 0000000000000000000000000000000000000000..8201b07825675832ffc7fb3736a1a4c1f5daddfe
--- /dev/null
+++ b/src/plugins/wp/tests/wp_typed/oracle_qualif/unit_cast.0.session/cache/5725debb61cac997c8aec1f3b0b2205f.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.019,
+ "steps": 15 }
diff --git a/src/plugins/wp/tests/wp_typed/oracle_qualif/unit_hard.0.session/cache/bb2b7123541670aa64836bfff3d66a26.json b/src/plugins/wp/tests/wp_typed/oracle_qualif/unit_hard.0.session/cache/bb2b7123541670aa64836bfff3d66a26.json
new file mode 100644
index 0000000000000000000000000000000000000000..56c395504289168c539ec44e6877a919ac85adc8
--- /dev/null
+++ b/src/plugins/wp/tests/wp_typed/oracle_qualif/unit_hard.0.session/cache/bb2b7123541670aa64836bfff3d66a26.json
@@ -0,0 +1 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "unknown" }
diff --git a/src/plugins/wp/tests/wp_typed/oracle_qualif/unit_labels.0.session/cache/48610aa4f300718739c914fc0b7c1f64.json b/src/plugins/wp/tests/wp_typed/oracle_qualif/unit_labels.0.session/cache/48610aa4f300718739c914fc0b7c1f64.json
new file mode 100644
index 0000000000000000000000000000000000000000..868b9b1d766702088d2f58a624f07689ce33704f
--- /dev/null
+++ b/src/plugins/wp/tests/wp_typed/oracle_qualif/unit_labels.0.session/cache/48610aa4f300718739c914fc0b7c1f64.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0227,
+ "steps": 20 }
diff --git a/src/plugins/wp/tests/wp_typed/oracle_qualif/unit_labels.0.session/cache/cc6ee1d50b7c0fd64c3271bbc98f9c13.json b/src/plugins/wp/tests/wp_typed/oracle_qualif/unit_labels.0.session/cache/cc6ee1d50b7c0fd64c3271bbc98f9c13.json
new file mode 100644
index 0000000000000000000000000000000000000000..e528693802b80011cfb82ae3887040c21c02fc5d
--- /dev/null
+++ b/src/plugins/wp/tests/wp_typed/oracle_qualif/unit_labels.0.session/cache/cc6ee1d50b7c0fd64c3271bbc98f9c13.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0217,
+ "steps": 18 }
diff --git a/src/plugins/wp/tests/wp_typed/oracle_qualif/unit_labels.0.session/cache/ff456f15865e6d8f50db8ac0e7f19ea4.json b/src/plugins/wp/tests/wp_typed/oracle_qualif/unit_labels.0.session/cache/ff456f15865e6d8f50db8ac0e7f19ea4.json
new file mode 100644
index 0000000000000000000000000000000000000000..147a8ae5a0e20dcfa8c96b5339f3b70f0e955d2e
--- /dev/null
+++ b/src/plugins/wp/tests/wp_typed/oracle_qualif/unit_labels.0.session/cache/ff456f15865e6d8f50db8ac0e7f19ea4.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0221,
+ "steps": 18 }
diff --git a/src/plugins/wp/tests/wp_typed/oracle_qualif/unit_local.0.session/cache/5be9158693acc77d4d2e554e52149918.json b/src/plugins/wp/tests/wp_typed/oracle_qualif/unit_local.0.session/cache/5be9158693acc77d4d2e554e52149918.json
new file mode 100644
index 0000000000000000000000000000000000000000..b4eff8a25e7f98225f3c5a14eb4ce551b0c71adb
--- /dev/null
+++ b/src/plugins/wp/tests/wp_typed/oracle_qualif/unit_local.0.session/cache/5be9158693acc77d4d2e554e52149918.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0148,
+ "steps": 21 }
diff --git a/src/plugins/wp/tests/wp_typed/oracle_qualif/unit_local.1.session/cache/974fb23dac4868107d647875f95df135.json b/src/plugins/wp/tests/wp_typed/oracle_qualif/unit_local.1.session/cache/974fb23dac4868107d647875f95df135.json
new file mode 100644
index 0000000000000000000000000000000000000000..611114f233fb1c7cbfb277787d224e5350e348ab
--- /dev/null
+++ b/src/plugins/wp/tests/wp_typed/oracle_qualif/unit_local.1.session/cache/974fb23dac4868107d647875f95df135.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.013,
+ "steps": 21 }
diff --git a/src/plugins/wp/tests/wp_typed/oracle_qualif/unit_local.1.session/cache/c16ea120b56be33a00dc52be23af6d68.json b/src/plugins/wp/tests/wp_typed/oracle_qualif/unit_local.1.session/cache/c16ea120b56be33a00dc52be23af6d68.json
new file mode 100644
index 0000000000000000000000000000000000000000..3f1905262a0a474621a73a6ccc213340ca3a2227
--- /dev/null
+++ b/src/plugins/wp/tests/wp_typed/oracle_qualif/unit_local.1.session/cache/c16ea120b56be33a00dc52be23af6d68.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0123,
+ "steps": 22 }
diff --git a/src/plugins/wp/tests/wp_typed/oracle_qualif/unit_local.1.session/cache/ff88885f0f8ec902940c70c9b19e68bf.json b/src/plugins/wp/tests/wp_typed/oracle_qualif/unit_local.1.session/cache/ff88885f0f8ec902940c70c9b19e68bf.json
new file mode 100644
index 0000000000000000000000000000000000000000..a0c4e1cc3d47e8a435e0aafb856bf063cd9ffa06
--- /dev/null
+++ b/src/plugins/wp/tests/wp_typed/oracle_qualif/unit_local.1.session/cache/ff88885f0f8ec902940c70c9b19e68bf.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0139,
+ "steps": 22 }
diff --git a/src/plugins/wp/tests/wp_typed/oracle_qualif/unit_loopscope.0.session/cache/420e102e36b2fd0c60d608072d4bbb2b.json b/src/plugins/wp/tests/wp_typed/oracle_qualif/unit_loopscope.0.session/cache/420e102e36b2fd0c60d608072d4bbb2b.json
new file mode 100644
index 0000000000000000000000000000000000000000..56c395504289168c539ec44e6877a919ac85adc8
--- /dev/null
+++ b/src/plugins/wp/tests/wp_typed/oracle_qualif/unit_loopscope.0.session/cache/420e102e36b2fd0c60d608072d4bbb2b.json
@@ -0,0 +1 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "unknown" }
diff --git a/src/plugins/wp/tests/wp_typed/oracle_qualif/unit_string.0.session/cache/06be40162d4388f79dad2e8636a6cc2a.json b/src/plugins/wp/tests/wp_typed/oracle_qualif/unit_string.0.session/cache/06be40162d4388f79dad2e8636a6cc2a.json
new file mode 100644
index 0000000000000000000000000000000000000000..84cd684136b52c6c1a8a1e01690bd76359b82d7f
--- /dev/null
+++ b/src/plugins/wp/tests/wp_typed/oracle_qualif/unit_string.0.session/cache/06be40162d4388f79dad2e8636a6cc2a.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0214,
+ "steps": 28 }
diff --git a/src/plugins/wp/tests/wp_typed/oracle_qualif/unit_string.0.session/cache/51299c47004a944cc0cab6fafc4a3bd8.json b/src/plugins/wp/tests/wp_typed/oracle_qualif/unit_string.0.session/cache/51299c47004a944cc0cab6fafc4a3bd8.json
new file mode 100644
index 0000000000000000000000000000000000000000..263347c369e79b2c507fc3fad238feb23d86ec67
--- /dev/null
+++ b/src/plugins/wp/tests/wp_typed/oracle_qualif/unit_string.0.session/cache/51299c47004a944cc0cab6fafc4a3bd8.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.018,
+ "steps": 46 }
diff --git a/src/plugins/wp/tests/wp_typed/oracle_qualif/unit_string.0.session/cache/5dd650e35271706f2ad3881dca995525.json b/src/plugins/wp/tests/wp_typed/oracle_qualif/unit_string.0.session/cache/5dd650e35271706f2ad3881dca995525.json
new file mode 100644
index 0000000000000000000000000000000000000000..70b326a7dc96bf6e91f1ebfa9512099e4c785458
--- /dev/null
+++ b/src/plugins/wp/tests/wp_typed/oracle_qualif/unit_string.0.session/cache/5dd650e35271706f2ad3881dca995525.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0362,
+ "steps": 62 }
diff --git a/src/plugins/wp/tests/wp_typed/oracle_qualif/unit_string.0.session/cache/6e89f99f7bc6430de780b6cbd010c8b5.json b/src/plugins/wp/tests/wp_typed/oracle_qualif/unit_string.0.session/cache/6e89f99f7bc6430de780b6cbd010c8b5.json
new file mode 100644
index 0000000000000000000000000000000000000000..ade4366dfe89a9886128030955438f5873006c09
--- /dev/null
+++ b/src/plugins/wp/tests/wp_typed/oracle_qualif/unit_string.0.session/cache/6e89f99f7bc6430de780b6cbd010c8b5.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0297,
+ "steps": 59 }
diff --git a/src/plugins/wp/tests/wp_typed/oracle_qualif/unit_string.0.session/cache/91c84d4131059c3f2bbbe3b3f414e1fe.json b/src/plugins/wp/tests/wp_typed/oracle_qualif/unit_string.0.session/cache/91c84d4131059c3f2bbbe3b3f414e1fe.json
new file mode 100644
index 0000000000000000000000000000000000000000..3d45a52778ffb0730bb8835ba33b83793b649966
--- /dev/null
+++ b/src/plugins/wp/tests/wp_typed/oracle_qualif/unit_string.0.session/cache/91c84d4131059c3f2bbbe3b3f414e1fe.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0392,
+ "steps": 70 }
diff --git a/src/plugins/wp/tests/wp_typed/oracle_qualif/unit_string.0.session/cache/f9cff23cc8636428a30178fe3fcc8a69.json b/src/plugins/wp/tests/wp_typed/oracle_qualif/unit_string.0.session/cache/f9cff23cc8636428a30178fe3fcc8a69.json
new file mode 100644
index 0000000000000000000000000000000000000000..4e431bc033fe24dc88a43c66ae29301207d6bc52
--- /dev/null
+++ b/src/plugins/wp/tests/wp_typed/oracle_qualif/unit_string.0.session/cache/f9cff23cc8636428a30178fe3fcc8a69.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0395,
+ "steps": 62 }
diff --git a/src/plugins/wp/tests/wp_typed/oracle_qualif/user_init.0.session/cache/02acba90a5e2994128860c40fb9f2ba4.json b/src/plugins/wp/tests/wp_typed/oracle_qualif/user_init.0.session/cache/02acba90a5e2994128860c40fb9f2ba4.json
new file mode 100644
index 0000000000000000000000000000000000000000..c3521884803c85d5fb2e814378fd2e7ae74ad2f3
--- /dev/null
+++ b/src/plugins/wp/tests/wp_typed/oracle_qualif/user_init.0.session/cache/02acba90a5e2994128860c40fb9f2ba4.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.1924,
+ "steps": 195 }
diff --git a/src/plugins/wp/tests/wp_typed/oracle_qualif/user_init.0.session/cache/0b0769d38a9d9517197365e24d9ff7aa.json b/src/plugins/wp/tests/wp_typed/oracle_qualif/user_init.0.session/cache/0b0769d38a9d9517197365e24d9ff7aa.json
new file mode 100644
index 0000000000000000000000000000000000000000..679a691bc8fa0661ba578e46dcee4ad6697137e5
--- /dev/null
+++ b/src/plugins/wp/tests/wp_typed/oracle_qualif/user_init.0.session/cache/0b0769d38a9d9517197365e24d9ff7aa.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0257,
+ "steps": 35 }
diff --git a/src/plugins/wp/tests/wp_typed/oracle_qualif/user_init.0.session/cache/3c1410111850a62a3c903e678e48aa06.json b/src/plugins/wp/tests/wp_typed/oracle_qualif/user_init.0.session/cache/3c1410111850a62a3c903e678e48aa06.json
new file mode 100644
index 0000000000000000000000000000000000000000..c5a5571ecbf15b9e8c92e8b00b2e33fa9ee045a0
--- /dev/null
+++ b/src/plugins/wp/tests/wp_typed/oracle_qualif/user_init.0.session/cache/3c1410111850a62a3c903e678e48aa06.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.018,
+ "steps": 15 }
diff --git a/src/plugins/wp/tests/wp_typed/oracle_qualif/user_init.0.session/cache/3e77a926f2555c5bf515bd79563fc136.json b/src/plugins/wp/tests/wp_typed/oracle_qualif/user_init.0.session/cache/3e77a926f2555c5bf515bd79563fc136.json
new file mode 100644
index 0000000000000000000000000000000000000000..bc98bdf0e0a9825dc82df17653799989f17f90b0
--- /dev/null
+++ b/src/plugins/wp/tests/wp_typed/oracle_qualif/user_init.0.session/cache/3e77a926f2555c5bf515bd79563fc136.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0238,
+ "steps": 15 }
diff --git a/src/plugins/wp/tests/wp_typed/oracle_qualif/user_init.0.session/cache/437695130334113727cc1e91e1310860.json b/src/plugins/wp/tests/wp_typed/oracle_qualif/user_init.0.session/cache/437695130334113727cc1e91e1310860.json
new file mode 100644
index 0000000000000000000000000000000000000000..552a83b23411974fe85fbc0454676b45ff788733
--- /dev/null
+++ b/src/plugins/wp/tests/wp_typed/oracle_qualif/user_init.0.session/cache/437695130334113727cc1e91e1310860.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0238,
+ "steps": 22 }
diff --git a/src/plugins/wp/tests/wp_typed/oracle_qualif/user_init.0.session/cache/5702189f244cf06f51fa911ec3cfc217.json b/src/plugins/wp/tests/wp_typed/oracle_qualif/user_init.0.session/cache/5702189f244cf06f51fa911ec3cfc217.json
new file mode 100644
index 0000000000000000000000000000000000000000..9ee69d6b1cd3000baa01f55ae91e4a5210d1175b
--- /dev/null
+++ b/src/plugins/wp/tests/wp_typed/oracle_qualif/user_init.0.session/cache/5702189f244cf06f51fa911ec3cfc217.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0262,
+ "steps": 22 }
diff --git a/src/plugins/wp/tests/wp_typed/oracle_qualif/user_init.0.session/cache/886d5e0abccf7e670b416c38f907864c.json b/src/plugins/wp/tests/wp_typed/oracle_qualif/user_init.0.session/cache/886d5e0abccf7e670b416c38f907864c.json
new file mode 100644
index 0000000000000000000000000000000000000000..d52901c3db2567c6f05148adafbb14e7fe809ef5
--- /dev/null
+++ b/src/plugins/wp/tests/wp_typed/oracle_qualif/user_init.0.session/cache/886d5e0abccf7e670b416c38f907864c.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0251,
+ "steps": 15 }
diff --git a/src/plugins/wp/tests/wp_typed/oracle_qualif/user_init.0.session/cache/a2e4a1bc7074fcc778279e99ec19077d.json b/src/plugins/wp/tests/wp_typed/oracle_qualif/user_init.0.session/cache/a2e4a1bc7074fcc778279e99ec19077d.json
new file mode 100644
index 0000000000000000000000000000000000000000..c1e2b94f3c21f43b612722b72e21cf5be5f86f5d
--- /dev/null
+++ b/src/plugins/wp/tests/wp_typed/oracle_qualif/user_init.0.session/cache/a2e4a1bc7074fcc778279e99ec19077d.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0241,
+ "steps": 15 }
diff --git a/src/plugins/wp/tests/wp_typed/oracle_qualif/user_init.0.session/cache/aea9a4d6d52524ca1bda06c25330d453.json b/src/plugins/wp/tests/wp_typed/oracle_qualif/user_init.0.session/cache/aea9a4d6d52524ca1bda06c25330d453.json
new file mode 100644
index 0000000000000000000000000000000000000000..a43e3baf95106ecc1e3af8cb2ac44502df428853
--- /dev/null
+++ b/src/plugins/wp/tests/wp_typed/oracle_qualif/user_init.0.session/cache/aea9a4d6d52524ca1bda06c25330d453.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0196,
+ "steps": 28 }
diff --git a/src/plugins/wp/tests/wp_typed/oracle_qualif/user_init.0.session/cache/b526cd5eaf63d35c962f8df3f2312ce8.json b/src/plugins/wp/tests/wp_typed/oracle_qualif/user_init.0.session/cache/b526cd5eaf63d35c962f8df3f2312ce8.json
new file mode 100644
index 0000000000000000000000000000000000000000..c0e98b11ddbfe27c0d066fb45243828c0c168275
--- /dev/null
+++ b/src/plugins/wp/tests/wp_typed/oracle_qualif/user_init.0.session/cache/b526cd5eaf63d35c962f8df3f2312ce8.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0386,
+ "steps": 56 }
diff --git a/src/plugins/wp/tests/wp_typed/oracle_qualif/user_init.0.session/cache/b5efd7507bdfb8fc86984707ac9c09d0.json b/src/plugins/wp/tests/wp_typed/oracle_qualif/user_init.0.session/cache/b5efd7507bdfb8fc86984707ac9c09d0.json
new file mode 100644
index 0000000000000000000000000000000000000000..9e434d4de04db7ab3ce31255250a6ed006b0b38e
--- /dev/null
+++ b/src/plugins/wp/tests/wp_typed/oracle_qualif/user_init.0.session/cache/b5efd7507bdfb8fc86984707ac9c09d0.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0111,
+ "steps": 18 }
diff --git a/src/plugins/wp/tests/wp_typed/oracle_qualif/user_init.0.session/cache/ea5f20db4ed84d856d7641ef17d0e541.json b/src/plugins/wp/tests/wp_typed/oracle_qualif/user_init.0.session/cache/ea5f20db4ed84d856d7641ef17d0e541.json
new file mode 100644
index 0000000000000000000000000000000000000000..79ccdcedb0bb075874e3a1e855d98bcf53b392f2
--- /dev/null
+++ b/src/plugins/wp/tests/wp_typed/oracle_qualif/user_init.0.session/cache/ea5f20db4ed84d856d7641ef17d0e541.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.215,
+ "steps": 193 }
diff --git a/src/plugins/wp/tests/wp_typed/oracle_qualif/user_init.1.session/cache/0afa9c7ed5285e03fb1e7ec3d0e1bcad.json b/src/plugins/wp/tests/wp_typed/oracle_qualif/user_init.1.session/cache/0afa9c7ed5285e03fb1e7ec3d0e1bcad.json
new file mode 100644
index 0000000000000000000000000000000000000000..ce60e79f356315f5e08f37623a4c715fef2d07e7
--- /dev/null
+++ b/src/plugins/wp/tests/wp_typed/oracle_qualif/user_init.1.session/cache/0afa9c7ed5285e03fb1e7ec3d0e1bcad.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0257,
+ "steps": 16 }
diff --git a/src/plugins/wp/tests/wp_typed/oracle_qualif/user_init.1.session/cache/2bf63647c8b8679f671cda4e96dd02c8.json b/src/plugins/wp/tests/wp_typed/oracle_qualif/user_init.1.session/cache/2bf63647c8b8679f671cda4e96dd02c8.json
new file mode 100644
index 0000000000000000000000000000000000000000..972b4fc44f409b4b78f5ab3b1e81c194faacb983
--- /dev/null
+++ b/src/plugins/wp/tests/wp_typed/oracle_qualif/user_init.1.session/cache/2bf63647c8b8679f671cda4e96dd02c8.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0205,
+ "steps": 16 }
diff --git a/src/plugins/wp/tests/wp_typed/oracle_qualif/user_init.1.session/cache/4e990ccecbce16ae7813bf76856ed44b.json b/src/plugins/wp/tests/wp_typed/oracle_qualif/user_init.1.session/cache/4e990ccecbce16ae7813bf76856ed44b.json
new file mode 100644
index 0000000000000000000000000000000000000000..b8e36e2803fcc35bf7625695f4ebcfc62989c064
--- /dev/null
+++ b/src/plugins/wp/tests/wp_typed/oracle_qualif/user_init.1.session/cache/4e990ccecbce16ae7813bf76856ed44b.json
@@ -0,0 +1 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "timeout", "time": 10. }
diff --git a/src/plugins/wp/tests/wp_typed/oracle_qualif/user_init.1.session/cache/58c3647be66cbcb1d4b1f050100571a3.json b/src/plugins/wp/tests/wp_typed/oracle_qualif/user_init.1.session/cache/58c3647be66cbcb1d4b1f050100571a3.json
new file mode 100644
index 0000000000000000000000000000000000000000..69e420d2117de781cfcbd09dfc59178710740bf8
--- /dev/null
+++ b/src/plugins/wp/tests/wp_typed/oracle_qualif/user_init.1.session/cache/58c3647be66cbcb1d4b1f050100571a3.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0241,
+ "steps": 28 }
diff --git a/src/plugins/wp/tests/wp_typed/oracle_qualif/user_init.1.session/cache/6bdf496e41182821957a01191acc6df3.json b/src/plugins/wp/tests/wp_typed/oracle_qualif/user_init.1.session/cache/6bdf496e41182821957a01191acc6df3.json
new file mode 100644
index 0000000000000000000000000000000000000000..b8e36e2803fcc35bf7625695f4ebcfc62989c064
--- /dev/null
+++ b/src/plugins/wp/tests/wp_typed/oracle_qualif/user_init.1.session/cache/6bdf496e41182821957a01191acc6df3.json
@@ -0,0 +1 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "timeout", "time": 10. }
diff --git a/src/plugins/wp/tests/wp_typed/oracle_qualif/user_init.1.session/cache/93a87d49aa052b4a3426069f903e97d8.json b/src/plugins/wp/tests/wp_typed/oracle_qualif/user_init.1.session/cache/93a87d49aa052b4a3426069f903e97d8.json
new file mode 100644
index 0000000000000000000000000000000000000000..56c395504289168c539ec44e6877a919ac85adc8
--- /dev/null
+++ b/src/plugins/wp/tests/wp_typed/oracle_qualif/user_init.1.session/cache/93a87d49aa052b4a3426069f903e97d8.json
@@ -0,0 +1 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "unknown" }
diff --git a/src/plugins/wp/tests/wp_typed/oracle_qualif/user_init.1.session/cache/a278c3684532efda2a8b0aa0b8328228.json b/src/plugins/wp/tests/wp_typed/oracle_qualif/user_init.1.session/cache/a278c3684532efda2a8b0aa0b8328228.json
new file mode 100644
index 0000000000000000000000000000000000000000..238e0b85b7f00b34d415b570e470ed3fd74a16f0
--- /dev/null
+++ b/src/plugins/wp/tests/wp_typed/oracle_qualif/user_init.1.session/cache/a278c3684532efda2a8b0aa0b8328228.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0153,
+ "steps": 22 }
diff --git a/src/plugins/wp/tests/wp_typed/oracle_qualif/user_init.1.session/cache/c40097d18aabd35cf73be24de441cda4.json b/src/plugins/wp/tests/wp_typed/oracle_qualif/user_init.1.session/cache/c40097d18aabd35cf73be24de441cda4.json
new file mode 100644
index 0000000000000000000000000000000000000000..4d64ab92a78fd4b463748680a55ed3865822ba9e
--- /dev/null
+++ b/src/plugins/wp/tests/wp_typed/oracle_qualif/user_init.1.session/cache/c40097d18aabd35cf73be24de441cda4.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.017,
+ "steps": 22 }
diff --git a/src/plugins/wp/tests/wp_typed/oracle_qualif/user_init.1.session/cache/dbc2fcfa6ad5e92e7256df7e47ac4dfd.json b/src/plugins/wp/tests/wp_typed/oracle_qualif/user_init.1.session/cache/dbc2fcfa6ad5e92e7256df7e47ac4dfd.json
new file mode 100644
index 0000000000000000000000000000000000000000..c8b2450bb5c907e6162ac9cb1a23579c963bfa9d
--- /dev/null
+++ b/src/plugins/wp/tests/wp_typed/oracle_qualif/user_init.1.session/cache/dbc2fcfa6ad5e92e7256df7e47ac4dfd.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0118,
+ "steps": 12 }
diff --git a/src/plugins/wp/tests/wp_typed/oracle_qualif/user_init.2.session/cache/5bfecd798741a31e1a9b75b1e76b6fb9.json b/src/plugins/wp/tests/wp_typed/oracle_qualif/user_init.2.session/cache/5bfecd798741a31e1a9b75b1e76b6fb9.json
new file mode 100644
index 0000000000000000000000000000000000000000..8f6e537c77cd7655d0e31a1698d5360b3589a970
--- /dev/null
+++ b/src/plugins/wp/tests/wp_typed/oracle_qualif/user_init.2.session/cache/5bfecd798741a31e1a9b75b1e76b6fb9.json
@@ -0,0 +1 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "stepout", "steps": 300 }
diff --git a/src/plugins/wp/tests/wp_typed/oracle_qualif/user_init.2.session/cache/874512731d488beab568aeedc8d4b813.json b/src/plugins/wp/tests/wp_typed/oracle_qualif/user_init.2.session/cache/874512731d488beab568aeedc8d4b813.json
new file mode 100644
index 0000000000000000000000000000000000000000..8f6e537c77cd7655d0e31a1698d5360b3589a970
--- /dev/null
+++ b/src/plugins/wp/tests/wp_typed/oracle_qualif/user_init.2.session/cache/874512731d488beab568aeedc8d4b813.json
@@ -0,0 +1 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "stepout", "steps": 300 }
diff --git a/src/plugins/wp/tests/wp_typed/oracle_qualif/user_init.2.session/cache/a857d63f4fb5a4a658f9459397c355f7.json b/src/plugins/wp/tests/wp_typed/oracle_qualif/user_init.2.session/cache/a857d63f4fb5a4a658f9459397c355f7.json
new file mode 100644
index 0000000000000000000000000000000000000000..56c395504289168c539ec44e6877a919ac85adc8
--- /dev/null
+++ b/src/plugins/wp/tests/wp_typed/oracle_qualif/user_init.2.session/cache/a857d63f4fb5a4a658f9459397c355f7.json
@@ -0,0 +1 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "unknown" }
diff --git a/src/plugins/wp/tests/wp_typed/oracle_qualif/user_string.0.session/cache/0278cb04c10669bda8546d6aa4b5b1a2.json b/src/plugins/wp/tests/wp_typed/oracle_qualif/user_string.0.session/cache/0278cb04c10669bda8546d6aa4b5b1a2.json
new file mode 100644
index 0000000000000000000000000000000000000000..8801ce13041433dd8c20cd779105a61287e950af
--- /dev/null
+++ b/src/plugins/wp/tests/wp_typed/oracle_qualif/user_string.0.session/cache/0278cb04c10669bda8546d6aa4b5b1a2.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0203,
+ "steps": 49 }
diff --git a/src/plugins/wp/tests/wp_typed/oracle_qualif/user_string.0.session/cache/06a0f4a9e1bbdbde32bdf1f677d91181.json b/src/plugins/wp/tests/wp_typed/oracle_qualif/user_string.0.session/cache/06a0f4a9e1bbdbde32bdf1f677d91181.json
new file mode 100644
index 0000000000000000000000000000000000000000..369c94f975ec114b575245beec8563f31db437a4
--- /dev/null
+++ b/src/plugins/wp/tests/wp_typed/oracle_qualif/user_string.0.session/cache/06a0f4a9e1bbdbde32bdf1f677d91181.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0433,
+ "steps": 58 }
diff --git a/src/plugins/wp/tests/wp_typed/oracle_qualif/user_string.0.session/cache/0ee2f3e078b2e5a06190ddebe6f3da08.json b/src/plugins/wp/tests/wp_typed/oracle_qualif/user_string.0.session/cache/0ee2f3e078b2e5a06190ddebe6f3da08.json
new file mode 100644
index 0000000000000000000000000000000000000000..ff5f35d52a1b6f9760a707ce230f8802c1898c6e
--- /dev/null
+++ b/src/plugins/wp/tests/wp_typed/oracle_qualif/user_string.0.session/cache/0ee2f3e078b2e5a06190ddebe6f3da08.json
@@ -0,0 +1 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.02, "steps": 34 }
diff --git a/src/plugins/wp/tests/wp_typed/oracle_qualif/user_string.0.session/cache/38d0f75717aeccc5685668c23c4874e6.json b/src/plugins/wp/tests/wp_typed/oracle_qualif/user_string.0.session/cache/38d0f75717aeccc5685668c23c4874e6.json
new file mode 100644
index 0000000000000000000000000000000000000000..737e617d44958f9272c2097085b81512220192f4
--- /dev/null
+++ b/src/plugins/wp/tests/wp_typed/oracle_qualif/user_string.0.session/cache/38d0f75717aeccc5685668c23c4874e6.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0518,
+ "steps": 128 }
diff --git a/src/plugins/wp/tests/wp_typed/oracle_qualif/user_string.0.session/cache/6b7331507db6c1572280eb515546680a.json b/src/plugins/wp/tests/wp_typed/oracle_qualif/user_string.0.session/cache/6b7331507db6c1572280eb515546680a.json
new file mode 100644
index 0000000000000000000000000000000000000000..8a3d1b64bd6391dd7dfc6b2e5f2c47fabd052f22
--- /dev/null
+++ b/src/plugins/wp/tests/wp_typed/oracle_qualif/user_string.0.session/cache/6b7331507db6c1572280eb515546680a.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0297,
+ "steps": 46 }
diff --git a/src/plugins/wp/tests/wp_typed/oracle_qualif/user_swap.0.session/cache/44f847d26840ea2582d2f6cd48a9bbf2.json b/src/plugins/wp/tests/wp_typed/oracle_qualif/user_swap.0.session/cache/44f847d26840ea2582d2f6cd48a9bbf2.json
new file mode 100644
index 0000000000000000000000000000000000000000..a636bab232a4fdd55c9aa362e4e4523d7a7455b7
--- /dev/null
+++ b/src/plugins/wp/tests/wp_typed/oracle_qualif/user_swap.0.session/cache/44f847d26840ea2582d2f6cd48a9bbf2.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0147,
+ "steps": 17 }
diff --git a/src/plugins/wp/tests/wp_usage/oracle/caveat.1.res.oracle b/src/plugins/wp/tests/wp_usage/oracle/caveat.1.res.oracle
index 4d2f07be6ab7dd7b776d2f3b1c1b47455aa5ca58..bf3ddd5799774b1ac136def68852e3a87dd4d78e 100644
--- a/src/plugins/wp/tests/wp_usage/oracle/caveat.1.res.oracle
+++ b/src/plugins/wp/tests/wp_usage/oracle/caveat.1.res.oracle
@@ -54,7 +54,7 @@ Prove: true.
------------------------------------------------------------
Goal Post-condition 'KO' in 'observer':
-Let a = global(G_a_43).
+Let a = global(G_a_45).
Let x = Mint_0[shiftfield_F1_S_f(a)].
Let x_1 = Mint_0[shiftfield_F1_S_g(a)].
Let x_2 = 1 + x.
diff --git a/src/plugins/wp/tests/wp_usage/oracle/caveat2.res.oracle b/src/plugins/wp/tests/wp_usage/oracle/caveat2.res.oracle
index 0ff6c92ce1fb28dd61d9e4c8aab799364c422e9d..e1c317646d5c3668adc48bea4aed56cf81a2b64c 100644
--- a/src/plugins/wp/tests/wp_usage/oracle/caveat2.res.oracle
+++ b/src/plugins/wp/tests/wp_usage/oracle/caveat2.res.oracle
@@ -14,7 +14,7 @@ Prove: true.
------------------------------------------------------------
Goal Post-condition 'A' in 'job':
-Let a = global(G_b_24).
+Let a = global(G_b_26).
Assume {
Type: is_sint32(i_1) /\ is_sint32(n).
(* Goal *)
@@ -40,7 +40,7 @@ Assume {
Have: (0 <= n) /\ (n <= 3).
(* Invariant *)
Have: forall i_1 : Z. ((0 <= i_1) -> ((i_1 < i) ->
- (Mint_0[shift_sint32(global(G_b_24), i_1)] = v[i_1]))).
+ (Mint_0[shift_sint32(global(G_b_26), i_1)] = v[i_1]))).
(* Invariant *)
Have: (0 <= i) /\ (i <= n).
(* Then *)
@@ -59,7 +59,7 @@ Goal Preservation of Invariant (file tests/wp_usage/caveat2.i, line 22):
tests/wp_usage/caveat2.i:22: warning from Typed Model:
- Warning: No allocation size for variable 'b'
Reason: Undefined array-size (sint32[])
-Let a = global(G_b_24).
+Let a = global(G_b_26).
Assume {
Type: is_sint32(i) /\ is_sint32(n) /\ is_sint32(1 + i).
(* Goal *)
diff --git a/src/plugins/wp/tests/wp_usage/oracle/caveat_range.res.oracle b/src/plugins/wp/tests/wp_usage/oracle/caveat_range.res.oracle
index 6fb072eec839fe3bce857b2ef590079e4957fef6..514fab0cd9fcf83dc2cd37d5a5ff18e1057c975c 100644
--- a/src/plugins/wp/tests/wp_usage/oracle/caveat_range.res.oracle
+++ b/src/plugins/wp/tests/wp_usage/oracle/caveat_range.res.oracle
@@ -8,7 +8,7 @@
------------------------------------------------------------
Goal Post-condition (file tests/wp_usage/caveat_range.i, line 12) in 'reset':
-Let a = global(G_p_20).
+Let a = global(G_p_22).
Let a_1 = havoc(Mint_undef_0, Mint_0, shift_S(a, 0), 20).
Assume {
Type: is_sint32(i_1).
@@ -30,7 +30,7 @@ Prove: a_1[shiftfield_F1_S_f(shift_S(a, i))] = 1.
------------------------------------------------------------
Goal Post-condition (file tests/wp_usage/caveat_range.i, line 13) in 'reset':
-Let a = global(G_p_20).
+Let a = global(G_p_22).
Let a_1 = havoc(Mint_undef_0, Mint_0, shift_S(a, 0), 20).
Assume {
Type: is_sint32(i_1).
@@ -52,7 +52,7 @@ Prove: a_1[shiftfield_F1_S_g(shift_S(a, i))] = 2.
------------------------------------------------------------
Goal Preservation of Invariant (file tests/wp_usage/caveat_range.i, line 19):
-Let a = global(G_p_20).
+Let a = global(G_p_22).
Let a_1 = havoc(Mint_undef_0, Mint_0, shift_S(a, 0), 20).
Assume {
Type: is_sint32(i) /\ is_sint32(1 + i).
@@ -77,7 +77,7 @@ Prove: true.
------------------------------------------------------------
Goal Preservation of Invariant (file tests/wp_usage/caveat_range.i, line 20):
-Let a = global(G_p_20).
+Let a = global(G_p_22).
Let a_1 = havoc(Mint_undef_0, Mint_0, shift_S(a, 0), 20).
Assume {
Type: is_sint32(i) /\ is_sint32(1 + i).
@@ -105,7 +105,7 @@ Prove: true.
------------------------------------------------------------
Goal Preservation of Invariant (file tests/wp_usage/caveat_range.i, line 21):
-Let a = global(G_p_20).
+Let a = global(G_p_22).
Let a_1 = havoc(Mint_undef_0, Mint_0, shift_S(a, 0), 20).
Let a_2 = shift_S(a, i).
Assume {
diff --git a/src/plugins/wp/tests/wp_usage/oracle/global.0.res.oracle b/src/plugins/wp/tests/wp_usage/oracle/global.0.res.oracle
index 036b86a3fb4e67100d7de501b7c0be3a0fcfb48e..4535eb5a1311ead4b8eddb9afb7875566b7fb828 100644
--- a/src/plugins/wp/tests/wp_usage/oracle/global.0.res.oracle
+++ b/src/plugins/wp/tests/wp_usage/oracle/global.0.res.oracle
@@ -8,14 +8,14 @@
------------------------------------------------------------
Goal Assertion 'no_address_taken' (file tests/wp_usage/global.c, line 17):
-Let a = Mptr_0[global(P_a_21)].
+Let a = Mptr_0[global(P_a_23)].
Assume {
(* Heap *)
Type: framed(Mptr_0) /\ linked(Malloc_0).
(* Pre-condition *)
Have: valid_rw(Malloc_0, a, 1).
}
-Prove: a != global(G_GLOBAL_18).
+Prove: a != global(G_GLOBAL_20).
------------------------------------------------------------
------------------------------------------------------------
@@ -25,6 +25,6 @@ Prove: a != global(G_GLOBAL_18).
Goal Instance of 'Pre-condition (file tests/wp_usage/global.c, line 14) in 'foo'' in 'main' at call 'foo' (file tests/wp_usage/global.c, line 21)
:
Assume { (* Heap *) Type: linked(Malloc_0). }
-Prove: valid_rw(Malloc_0[L___retres_24 <- 1], global(G_GLOBAL_18), 1).
+Prove: valid_rw(Malloc_0[L___retres_26 <- 1], global(G_GLOBAL_20), 1).
------------------------------------------------------------
diff --git a/src/plugins/wp/tests/wp_usage/oracle/issue-189-bis.0.res.oracle b/src/plugins/wp/tests/wp_usage/oracle/issue-189-bis.0.res.oracle
index 5b1f0e248c44869629709fe8e179158d8e9906ae..c089fb5d1fb06deefe5d4e7ab48e56ea4e0cd0ed 100644
--- a/src/plugins/wp/tests/wp_usage/oracle/issue-189-bis.0.res.oracle
+++ b/src/plugins/wp/tests/wp_usage/oracle/issue-189-bis.0.res.oracle
@@ -8,8 +8,8 @@
------------------------------------------------------------
Goal Post-condition 'memcpy' in 'memcpy_alias_vars':
-Let a = Mptr_0[global(P_src_22)].
-Let a_1 = Mptr_0[global(P_dst_23)].
+Let a = Mptr_0[global(P_src_24)].
+Let a_1 = Mptr_0[global(P_dst_25)].
Let a_2 = shift_uint8(a_1, 0).
Let a_3 = havoc(Mint_undef_0, Mint_0, a_2, len_0).
Let a_4 = shift_uint8(a, 0).
@@ -39,8 +39,8 @@ Prove: a_3[shift_uint8(a_1, i)] = Mint_0[shift_uint8(a, i)].
------------------------------------------------------------
Goal Post-condition 'unmodified' in 'memcpy_alias_vars':
-Let a = Mptr_0[global(P_src_22)].
-Let a_1 = Mptr_0[global(P_dst_23)].
+Let a = Mptr_0[global(P_src_24)].
+Let a_1 = Mptr_0[global(P_dst_25)].
Let a_2 = shift_uint8(a_1, 0).
Let a_3 = havoc(Mint_undef_0, Mint_0, a_2, len_0).
Let a_4 = shift_uint8(a, 0).
@@ -71,8 +71,8 @@ Prove: a_3[a_5] = Mint_0[a_5].
------------------------------------------------------------
Goal Preservation of Invariant 'cpy' (file tests/wp_usage/issue-189-bis.i, line 27):
-Let a = Mptr_0[global(P_src_22)].
-Let a_1 = Mptr_0[global(P_dst_23)].
+Let a = Mptr_0[global(P_src_24)].
+Let a_1 = Mptr_0[global(P_dst_25)].
Let a_2 = shift_uint8(a_1, 0).
Let a_3 = havoc(Mint_undef_0, Mint_0, a_2, len_0).
Let a_4 = shift_uint8(a, 0).
@@ -118,8 +118,8 @@ Prove: true.
------------------------------------------------------------
Goal Preservation of Invariant 'len' (file tests/wp_usage/issue-189-bis.i, line 23):
-Let a = Mptr_0[global(P_src_22)].
-Let a_1 = Mptr_0[global(P_dst_23)].
+Let a = Mptr_0[global(P_src_24)].
+Let a_1 = Mptr_0[global(P_dst_25)].
Let a_2 = shift_uint8(a_1, 0).
Let a_3 = havoc(Mint_undef_0, Mint_0, a_2, len_1).
Let a_4 = shift_uint8(a, 0).
@@ -180,9 +180,9 @@ Prove: true.
Goal Loop assigns (file tests/wp_usage/issue-189-bis.i, line 26) (4/4):
Effect at line 32
-Let a = global(P_src_22).
+Let a = global(P_src_24).
Let a_1 = Mptr_0[a].
-Let a_2 = global(P_dst_23).
+Let a_2 = global(P_dst_25).
Let a_3 = Mptr_0[a_2].
Let a_4 = shift_uint8(a_3, 0).
Let a_5 = havoc(Mint_undef_0, Mint_0, a_4, len_0).
@@ -192,7 +192,7 @@ Assume {
(* Heap *)
Type: framed(Mptr_0) /\ linked(Malloc_0).
(* Goal *)
- When: !invalid(Malloc_0[P_src_22 <- 1][P_dst_23 <- 1], v, 1).
+ When: !invalid(Malloc_0[P_src_24 <- 1][P_dst_25 <- 1], v, 1).
(* Pre-condition *)
Have: valid_rd(Malloc_0, a_6, len_0) /\ valid_rw(Malloc_0, a_4, len_0) /\
separated(a_4, len_0, a_6, len_0).
@@ -222,8 +222,8 @@ Prove: true.
------------------------------------------------------------
Goal Post-condition 'memcpy,ok' in 'memcpy_context_vars':
-Let a = Mptr_0[global(P_src_45)].
-Let a_1 = Mptr_0[global(P_dst_46)].
+Let a = Mptr_0[global(P_src_47)].
+Let a_1 = Mptr_0[global(P_dst_48)].
Let a_2 = shift_uint8(a_1, 0).
Let a_3 = havoc(Mint_undef_0, Mint_0, a_2, len_0).
Let a_4 = shift_uint8(a, 0).
@@ -253,8 +253,8 @@ Prove: a_3[shift_uint8(a_1, i)] = Mint_0[shift_uint8(a, i)].
------------------------------------------------------------
Goal Post-condition 'unmodified,ok' in 'memcpy_context_vars':
-Let a = Mptr_0[global(P_src_45)].
-Let a_1 = Mptr_0[global(P_dst_46)].
+Let a = Mptr_0[global(P_src_47)].
+Let a_1 = Mptr_0[global(P_dst_48)].
Let a_2 = shift_uint8(a_1, 0).
Let a_3 = havoc(Mint_undef_0, Mint_0, a_2, len_0).
Let a_4 = shift_uint8(a, 0).
@@ -285,8 +285,8 @@ Prove: a_3[a_5] = Mint_0[a_5].
------------------------------------------------------------
Goal Preservation of Invariant 'ok,cpy' (file tests/wp_usage/issue-189-bis.i, line 55):
-Let a = Mptr_0[global(P_src_45)].
-Let a_1 = Mptr_0[global(P_dst_46)].
+Let a = Mptr_0[global(P_src_47)].
+Let a_1 = Mptr_0[global(P_dst_48)].
Let a_2 = shift_uint8(a_1, 0).
Let a_3 = havoc(Mint_undef_0, Mint_0, a_2, len_0).
Let a_4 = shift_uint8(a, 0).
@@ -332,8 +332,8 @@ Prove: true.
------------------------------------------------------------
Goal Preservation of Invariant 'ok,len' (file tests/wp_usage/issue-189-bis.i, line 51):
-Let a = Mptr_0[global(P_src_45)].
-Let a_1 = Mptr_0[global(P_dst_46)].
+Let a = Mptr_0[global(P_src_47)].
+Let a_1 = Mptr_0[global(P_dst_48)].
Let a_2 = shift_uint8(a_1, 0).
Let a_3 = havoc(Mint_undef_0, Mint_0, a_2, len_1).
Let a_4 = shift_uint8(a, 0).
@@ -394,8 +394,8 @@ Prove: true.
Goal Loop assigns (file tests/wp_usage/issue-189-bis.i, line 54) (4/4):
Effect at line 60
-Let a = Mptr_0[global(P_src_45)].
-Let a_1 = Mptr_0[global(P_dst_46)].
+Let a = Mptr_0[global(P_src_47)].
+Let a_1 = Mptr_0[global(P_dst_48)].
Let a_2 = shift_uint8(a_1, 0).
Let a_3 = havoc(Mint_undef_0, Mint_0, a_2, len_0).
Let a_4 = shift_uint8(a, 0).
@@ -404,7 +404,7 @@ Assume {
(* Heap *)
Type: framed(Mptr_0) /\ linked(Malloc_0).
(* Goal *)
- When: !invalid(Malloc_0[P_src_45 <- 1][P_dst_46 <- 1], tmp_0, 1).
+ When: !invalid(Malloc_0[P_src_47 <- 1][P_dst_48 <- 1], tmp_0, 1).
(* Pre-condition *)
Have: valid_rd(Malloc_0, a_4, len_0) /\ valid_rw(Malloc_0, a_2, len_0) /\
separated(a_2, len_0, a_4, len_0).
diff --git a/src/plugins/wp/tests/wp_usage/oracle/issue-189-bis.1.res.oracle b/src/plugins/wp/tests/wp_usage/oracle/issue-189-bis.1.res.oracle
index ded08a1708fb7464d71427a7c2dfa2f0fef5237e..f3a2767ec5c1975e6ce6eb91bc438810cf292e40 100644
--- a/src/plugins/wp/tests/wp_usage/oracle/issue-189-bis.1.res.oracle
+++ b/src/plugins/wp/tests/wp_usage/oracle/issue-189-bis.1.res.oracle
@@ -5,8 +5,8 @@
[wp] Warning: Missing RTE guards
Goal Post-condition 'memcpy,ok' in 'memcpy_context_vars':
-Let a = global(G_src_45).
-Let a_1 = global(G_dst_46).
+Let a = global(G_src_47).
+Let a_1 = global(G_dst_48).
Let a_2 = havoc(Mint_undef_0, Mint_0, shift_uint8(a_1, 0), len_0).
Assume {
Type: is_sint32(len_0) /\ is_sint32(len_1).
@@ -36,8 +36,8 @@ Prove: true.
------------------------------------------------------------
Goal Preservation of Invariant 'ok,cpy' (file tests/wp_usage/issue-189-bis.i, line 55):
-Let a = global(G_src_45).
-Let a_1 = global(G_dst_46).
+Let a = global(G_src_47).
+Let a_1 = global(G_dst_48).
Let a_2 = havoc(Mint_undef_0, Mint_0, shift_uint8(a_1, 0), len_0).
Let a_3 = a_2[dst2_0 <- a_2[src2_0]].
Assume {
@@ -78,8 +78,8 @@ Prove: true.
------------------------------------------------------------
Goal Preservation of Invariant 'ok,len' (file tests/wp_usage/issue-189-bis.i, line 51):
-Let a = global(G_src_45).
-Let a_1 = global(G_dst_46).
+Let a = global(G_src_47).
+Let a_1 = global(G_dst_48).
Assume {
Type: is_sint32(len_1) /\ is_sint32(len_0) /\ is_sint32(len_0 - 1).
(* Pre-condition *)
@@ -135,8 +135,8 @@ Prove: true.
Goal Loop assigns (file tests/wp_usage/issue-189-bis.i, line 54) (4/4):
Effect at line 60
-Let a = global(G_src_45).
-Let a_1 = global(G_dst_46).
+Let a = global(G_src_47).
+Let a_1 = global(G_dst_48).
Let a_2 = shift_uint8(a_1, 0).
Assume {
Type: is_sint32(len_0) /\ is_sint32(len_1).
diff --git a/src/plugins/wp/tests/wp_usage/oracle_qualif/caveat2.0.session/cache/1618850a88ad1dcc80a2d9a980d52dc8.json b/src/plugins/wp/tests/wp_usage/oracle_qualif/caveat2.0.session/cache/1618850a88ad1dcc80a2d9a980d52dc8.json
new file mode 100644
index 0000000000000000000000000000000000000000..29119310daae08b70f1f9dd2db1c188bed80704c
--- /dev/null
+++ b/src/plugins/wp/tests/wp_usage/oracle_qualif/caveat2.0.session/cache/1618850a88ad1dcc80a2d9a980d52dc8.json
@@ -0,0 +1 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.02, "steps": 17 }
diff --git a/src/plugins/wp/tests/wp_usage/oracle_qualif/caveat2.0.session/cache/94d26158a717c5e2cda72d3c71c02776.json b/src/plugins/wp/tests/wp_usage/oracle_qualif/caveat2.0.session/cache/94d26158a717c5e2cda72d3c71c02776.json
new file mode 100644
index 0000000000000000000000000000000000000000..cfad4d1f51726e3be8eea29039f24dd08f7e237c
--- /dev/null
+++ b/src/plugins/wp/tests/wp_usage/oracle_qualif/caveat2.0.session/cache/94d26158a717c5e2cda72d3c71c02776.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0167,
+ "steps": 21 }
diff --git a/src/plugins/wp/tests/wp_usage/oracle_qualif/caveat2.0.session/cache/bd7bc3c6aa2a16dd8cc830c3c57c3faa.json b/src/plugins/wp/tests/wp_usage/oracle_qualif/caveat2.0.session/cache/bd7bc3c6aa2a16dd8cc830c3c57c3faa.json
new file mode 100644
index 0000000000000000000000000000000000000000..eca1c5e5d9ef74f79443ddf20dd361b01e9c213f
--- /dev/null
+++ b/src/plugins/wp/tests/wp_usage/oracle_qualif/caveat2.0.session/cache/bd7bc3c6aa2a16dd8cc830c3c57c3faa.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0186,
+ "steps": 24 }
diff --git a/src/plugins/wp/tests/wp_usage/oracle_qualif/caveat_range.0.session/cache/2b92804b7fb7ffdca664af595a966537.json b/src/plugins/wp/tests/wp_usage/oracle_qualif/caveat_range.0.session/cache/2b92804b7fb7ffdca664af595a966537.json
new file mode 100644
index 0000000000000000000000000000000000000000..920cab99f7dbb704e355a9431cb1a9539a579d36
--- /dev/null
+++ b/src/plugins/wp/tests/wp_usage/oracle_qualif/caveat_range.0.session/cache/2b92804b7fb7ffdca664af595a966537.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0247,
+ "steps": 20 }
diff --git a/src/plugins/wp/tests/wp_usage/oracle_qualif/caveat_range.0.session/cache/41978d7b0067a89104bd5f2bbd577a3a.json b/src/plugins/wp/tests/wp_usage/oracle_qualif/caveat_range.0.session/cache/41978d7b0067a89104bd5f2bbd577a3a.json
new file mode 100644
index 0000000000000000000000000000000000000000..640fdc7ce097e6123b29c8c6af59cd63bcd8c0ad
--- /dev/null
+++ b/src/plugins/wp/tests/wp_usage/oracle_qualif/caveat_range.0.session/cache/41978d7b0067a89104bd5f2bbd577a3a.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0178,
+ "steps": 20 }
diff --git a/src/plugins/wp/tests/wp_usage/oracle_qualif/caveat_range.0.session/cache/458df2d4dbfc5fe724b9f06bbff664ab.json b/src/plugins/wp/tests/wp_usage/oracle_qualif/caveat_range.0.session/cache/458df2d4dbfc5fe724b9f06bbff664ab.json
new file mode 100644
index 0000000000000000000000000000000000000000..a696be0d759575d9e65e0c91e3c14c0ee33b5d02
--- /dev/null
+++ b/src/plugins/wp/tests/wp_usage/oracle_qualif/caveat_range.0.session/cache/458df2d4dbfc5fe724b9f06bbff664ab.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0346,
+ "steps": 48 }
diff --git a/src/plugins/wp/tests/wp_usage/oracle_qualif/caveat_range.0.session/cache/4794c66d9a48e1f6e50a71af3e78f625.json b/src/plugins/wp/tests/wp_usage/oracle_qualif/caveat_range.0.session/cache/4794c66d9a48e1f6e50a71af3e78f625.json
new file mode 100644
index 0000000000000000000000000000000000000000..92db41d24967f007de6bf5089e5bf212690dc4f2
--- /dev/null
+++ b/src/plugins/wp/tests/wp_usage/oracle_qualif/caveat_range.0.session/cache/4794c66d9a48e1f6e50a71af3e78f625.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0134,
+ "steps": 14 }
diff --git a/src/plugins/wp/tests/wp_usage/oracle_qualif/caveat_range.0.session/cache/d47c18406856fd185a8c849853d341e2.json b/src/plugins/wp/tests/wp_usage/oracle_qualif/caveat_range.0.session/cache/d47c18406856fd185a8c849853d341e2.json
new file mode 100644
index 0000000000000000000000000000000000000000..93ddc0ff27e96a91bba07205ba335ba39f76901d
--- /dev/null
+++ b/src/plugins/wp/tests/wp_usage/oracle_qualif/caveat_range.0.session/cache/d47c18406856fd185a8c849853d341e2.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0191,
+ "steps": 28 }
diff --git a/src/plugins/wp/tests/wp_usage/oracle_qualif/issue-189-bis.0.session/cache/0d7ed916922dfd3cd88f04aa053382de.json b/src/plugins/wp/tests/wp_usage/oracle_qualif/issue-189-bis.0.session/cache/0d7ed916922dfd3cd88f04aa053382de.json
new file mode 100644
index 0000000000000000000000000000000000000000..9a20cc2eb8ae0bc786bae72c0560ad4b3ff28814
--- /dev/null
+++ b/src/plugins/wp/tests/wp_usage/oracle_qualif/issue-189-bis.0.session/cache/0d7ed916922dfd3cd88f04aa053382de.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0801,
+ "steps": 104 }
diff --git a/src/plugins/wp/tests/wp_usage/oracle_qualif/issue-189-bis.0.session/cache/1d2723c4a683647c25bef5fe4d0cf9d8.json b/src/plugins/wp/tests/wp_usage/oracle_qualif/issue-189-bis.0.session/cache/1d2723c4a683647c25bef5fe4d0cf9d8.json
new file mode 100644
index 0000000000000000000000000000000000000000..dae850748a41a57153167c1032b3958a4b11cd14
--- /dev/null
+++ b/src/plugins/wp/tests/wp_usage/oracle_qualif/issue-189-bis.0.session/cache/1d2723c4a683647c25bef5fe4d0cf9d8.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0188,
+ "steps": 22 }
diff --git a/src/plugins/wp/tests/wp_usage/oracle_qualif/issue-189-bis.0.session/cache/24c6daff7425605b2807df8b79073aeb.json b/src/plugins/wp/tests/wp_usage/oracle_qualif/issue-189-bis.0.session/cache/24c6daff7425605b2807df8b79073aeb.json
new file mode 100644
index 0000000000000000000000000000000000000000..516ea73427d741cf94bc0710e8d5e1d1e7d009e6
--- /dev/null
+++ b/src/plugins/wp/tests/wp_usage/oracle_qualif/issue-189-bis.0.session/cache/24c6daff7425605b2807df8b79073aeb.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 1.0037,
+ "steps": 1031 }
diff --git a/src/plugins/wp/tests/wp_usage/oracle_qualif/issue-189-bis.0.session/cache/5760024d3d12da3af8d584a2e1a2b6c0.json b/src/plugins/wp/tests/wp_usage/oracle_qualif/issue-189-bis.0.session/cache/5760024d3d12da3af8d584a2e1a2b6c0.json
new file mode 100644
index 0000000000000000000000000000000000000000..2522ba884d5e211ccc30a8880981f840515985a0
--- /dev/null
+++ b/src/plugins/wp/tests/wp_usage/oracle_qualif/issue-189-bis.0.session/cache/5760024d3d12da3af8d584a2e1a2b6c0.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0135,
+ "steps": 22 }
diff --git a/src/plugins/wp/tests/wp_usage/oracle_qualif/issue-189-bis.0.session/cache/60b70c5aacda3dc7239684d5c8a9143e.json b/src/plugins/wp/tests/wp_usage/oracle_qualif/issue-189-bis.0.session/cache/60b70c5aacda3dc7239684d5c8a9143e.json
new file mode 100644
index 0000000000000000000000000000000000000000..7397f05d461c07fe0b10b03f958bee54cede7c3a
--- /dev/null
+++ b/src/plugins/wp/tests/wp_usage/oracle_qualif/issue-189-bis.0.session/cache/60b70c5aacda3dc7239684d5c8a9143e.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.1052,
+ "steps": 173 }
diff --git a/src/plugins/wp/tests/wp_usage/oracle_qualif/issue-189-bis.0.session/cache/72809963e95fe64166cd5b945b5d46cb.json b/src/plugins/wp/tests/wp_usage/oracle_qualif/issue-189-bis.0.session/cache/72809963e95fe64166cd5b945b5d46cb.json
new file mode 100644
index 0000000000000000000000000000000000000000..7dfbab66f2864b9dd4c1c1c3acb53f31bd09ae30
--- /dev/null
+++ b/src/plugins/wp/tests/wp_usage/oracle_qualif/issue-189-bis.0.session/cache/72809963e95fe64166cd5b945b5d46cb.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.1356,
+ "steps": 173 }
diff --git a/src/plugins/wp/tests/wp_usage/oracle_qualif/issue-189-bis.0.session/cache/9f2521dbb8d31c6d01c228e4aa27ff19.json b/src/plugins/wp/tests/wp_usage/oracle_qualif/issue-189-bis.0.session/cache/9f2521dbb8d31c6d01c228e4aa27ff19.json
new file mode 100644
index 0000000000000000000000000000000000000000..cb38646d40b782428f54b04c1aecf7598e202274
--- /dev/null
+++ b/src/plugins/wp/tests/wp_usage/oracle_qualif/issue-189-bis.0.session/cache/9f2521dbb8d31c6d01c228e4aa27ff19.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0782,
+ "steps": 97 }
diff --git a/src/plugins/wp/tests/wp_usage/oracle_qualif/issue-189-bis.0.session/cache/b3b8f8b3c5dcdfa1b0a26f1f950a56fa.json b/src/plugins/wp/tests/wp_usage/oracle_qualif/issue-189-bis.0.session/cache/b3b8f8b3c5dcdfa1b0a26f1f950a56fa.json
new file mode 100644
index 0000000000000000000000000000000000000000..de8dfd200fd60fe23bfa312a93d2a5da17a73980
--- /dev/null
+++ b/src/plugins/wp/tests/wp_usage/oracle_qualif/issue-189-bis.0.session/cache/b3b8f8b3c5dcdfa1b0a26f1f950a56fa.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0674,
+ "steps": 95 }
diff --git a/src/plugins/wp/tests/wp_usage/oracle_qualif/issue-189-bis.0.session/cache/d05062d51da49ab4e2231ed6e5b4617d.json b/src/plugins/wp/tests/wp_usage/oracle_qualif/issue-189-bis.0.session/cache/d05062d51da49ab4e2231ed6e5b4617d.json
new file mode 100644
index 0000000000000000000000000000000000000000..0e65686ded9dfe399e351841d64367b93498721f
--- /dev/null
+++ b/src/plugins/wp/tests/wp_usage/oracle_qualif/issue-189-bis.0.session/cache/d05062d51da49ab4e2231ed6e5b4617d.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0912,
+ "steps": 104 }
diff --git a/src/plugins/wp/tests/wp_usage/oracle_qualif/issue-189-bis.0.session/cache/d40dc9c872cb867b53026c481dc3559b.json b/src/plugins/wp/tests/wp_usage/oracle_qualif/issue-189-bis.0.session/cache/d40dc9c872cb867b53026c481dc3559b.json
new file mode 100644
index 0000000000000000000000000000000000000000..a5f9b0076eca23e3ee62ee23e6fa98c70c12d16b
--- /dev/null
+++ b/src/plugins/wp/tests/wp_usage/oracle_qualif/issue-189-bis.0.session/cache/d40dc9c872cb867b53026c481dc3559b.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 1.1785,
+ "steps": 1031 }
diff --git a/src/plugins/wp/tests/wp_usage/oracle_qualif/issue-189-bis.1.session/cache/4253c6f687ba6a60e8db3e685e84df59.json b/src/plugins/wp/tests/wp_usage/oracle_qualif/issue-189-bis.1.session/cache/4253c6f687ba6a60e8db3e685e84df59.json
new file mode 100644
index 0000000000000000000000000000000000000000..f7443c49dd73aede14daba78ab4bbac9eb57a653
--- /dev/null
+++ b/src/plugins/wp/tests/wp_usage/oracle_qualif/issue-189-bis.1.session/cache/4253c6f687ba6a60e8db3e685e84df59.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0207,
+ "steps": 18 }
diff --git a/src/plugins/wp/tests/wp_usage/oracle_qualif/issue-189-bis.1.session/cache/450fdb9fdd1ea7a682081dbc0af6e709.json b/src/plugins/wp/tests/wp_usage/oracle_qualif/issue-189-bis.1.session/cache/450fdb9fdd1ea7a682081dbc0af6e709.json
new file mode 100644
index 0000000000000000000000000000000000000000..fbe4ed9b34afb1f51feac64de4be3997f984809d
--- /dev/null
+++ b/src/plugins/wp/tests/wp_usage/oracle_qualif/issue-189-bis.1.session/cache/450fdb9fdd1ea7a682081dbc0af6e709.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0644,
+ "steps": 63 }
diff --git a/src/plugins/wp/tests/wp_usage/oracle_qualif/issue-189-bis.1.session/cache/688d69c32aabc5063535d39e5dc1b063.json b/src/plugins/wp/tests/wp_usage/oracle_qualif/issue-189-bis.1.session/cache/688d69c32aabc5063535d39e5dc1b063.json
new file mode 100644
index 0000000000000000000000000000000000000000..3b7df3605baa235bda53547a3456a65af0e66681
--- /dev/null
+++ b/src/plugins/wp/tests/wp_usage/oracle_qualif/issue-189-bis.1.session/cache/688d69c32aabc5063535d39e5dc1b063.json
@@ -0,0 +1,2 @@
+{ "prover": "Alt-Ergo:2.0.0", "verdict": "valid", "time": 0.0145,
+ "steps": 18 }
diff --git a/src/plugins/wp/wpAnnot.ml b/src/plugins/wp/wpAnnot.ml
index 7af507939a13488a69cb9ea4870408ccd789e943..b7b5698f643fdcafecc7251c539a7beec9b5ca2d 100644
--- a/src/plugins/wp/wpAnnot.ml
+++ b/src/plugins/wp/wpAnnot.ml
@@ -105,6 +105,7 @@ let set_unreachable pid =
type proof = {
target : Property.t ;
proved : proofpart array ;
+ mutable invalid : bool ;
mutable dependencies : Property.Set.t ;
} and proofpart =
| Noproof
@@ -112,27 +113,29 @@ type proof = {
| Parts of Bitvector.t
let target p = p.target
-let dependencies p = Property.Set.elements (Property.Set.remove p.target p.dependencies)
+let dependencies p =
+ Property.Set.elements (Property.Set.remove p.target p.dependencies)
-let create_proof p =
- let n = WpPropId.subproofs p in
+let create_proof ip =
+ let n = WpPropId.subproofs ip in
{
- target = WpPropId.property_of_id p ;
+ target = WpPropId.property_of_id ip ;
proved = Array.make n Noproof ;
dependencies = Property.Set.empty ;
+ invalid = false ;
}
-let add_proof pf p hs =
+let add_proof pf ip hs =
begin
- if not (Property.equal (WpPropId.property_of_id p) pf.target)
+ if not (Property.equal (WpPropId.property_of_id ip) pf.target)
then Wp_parameters.fatal "Partial proof inconsistency" ;
List.iter
(fun iph ->
if not (WpPropId.is_requires iph) then
pf.dependencies <- Property.Set.add iph pf.dependencies
) hs ;
- let k = WpPropId.subproof_idx p in
- match WpPropId.parts_of_id p with
+ let k = WpPropId.subproof_idx ip in
+ match WpPropId.parts_of_id ip with
| None -> pf.proved.(k) <- Complete
| Some(p,n) ->
match pf.proved.(k) with
@@ -148,12 +151,23 @@ let add_proof pf p hs =
then pf.proved.(k) <- Complete
end
+let add_invalid_proof pf = pf.invalid <- true
+
let is_composed pf =
Array.length pf.proved > 1
let is_proved pf =
- try Array.iter (fun r -> if r<>Complete then raise Exit) pf.proved ; true
- with Exit -> false
+ Array.for_all (function Complete -> true | _ -> false) pf.proved
+
+let is_invalid pf =
+ pf.invalid && not (is_proved pf)
+
+let status pf =
+ try
+ Array.iter (function Complete -> raise Exit | _ -> ()) pf.proved ;
+ `Proved
+ with Exit ->
+ if pf.invalid then `Invalid else `Partial
(* -------------------------------------------------------------------------- *)
(* --- PID for Functions --- *)
@@ -185,22 +199,6 @@ let preconditions_at_call s = function
let get_called_preconditions_at kf stmt =
List.map snd (call_preconditions kf stmt)
-(* -------------------------------------------------------------------------- *)
-(* --- Prop Splitter --- *)
-(* -------------------------------------------------------------------------- *)
-
-(* prop-id splitter *)
-
-let split job pid goals =
- let n = Bag.length goals in
- if n <= 1 then Bag.iter (job pid) goals else
- let k = ref 0 in
- Bag.iter
- (fun g ->
- let pid_k = WpPropId.mk_part pid (!k,n) in
- incr k ; job pid_k g)
- goals
-
(*----------------------------------------------------------------------------*)
(* Strategy and annotations *)
(*----------------------------------------------------------------------------*)
@@ -247,6 +245,7 @@ module HdefAnnotBhv = Cil2cfg.HE (struct type t = (stmt * int) end)
type strategy_info = {
kf : Kernel_function.t;
cfg : Cil2cfg.t;
+ reached : WpReached.reached option ;
cur_bhv : asked_bhv;
asked_bhvs : asked_bhv list;
asked_prop : asked_prop;
@@ -374,6 +373,8 @@ let kind_to_select config kind id = match kind with
| WpStrategy.AcallPre(goal,fct) ->
let goal = goal && goal_to_select config id in
Some (WpStrategy.AcallPre(goal,fct))
+ | WpStrategy.AcallPost _ ->
+ if goal_to_select config id then Some kind else None
| WpStrategy.Ahyp | WpStrategy.AcallHyp _ -> Some kind
let add_prop_loop_inv ~established config acc kind s ca p =
@@ -759,6 +760,15 @@ let add_called_post called_kf termination_kind acc =
in
List.fold_left add_behav acc spec.spec_behavior
+let add_call_checks config s kf posts exits =
+ if cur_fct_default_bhv config
+ && Wp_parameters.SmokeTests.get ()
+ && Wp_parameters.SmokeDeadcode.get ()
+ then
+ WpStrategy.add_prop_dead_call kf s posts exits
+ else
+ posts , exits
+
let add_call_annots config s kf l_post (before,(posts,exits)) =
let spec = Annotations.funspec kf in
let before = add_called_pre config kf s spec before in
@@ -766,7 +776,7 @@ let add_call_annots config s kf l_post (before,(posts,exits)) =
let posts = WpStrategy.add_call_assigns_hyp posts config.kf s
~called_kf:kf l_post (Some spec) in
let exits = add_called_post kf Exits exits in
- before , ( posts , exits )
+ before , add_call_checks config s kf posts exits
let get_call_annots config v s fct =
let l_post = Cil2cfg.get_post_label config.cfg v in
@@ -793,24 +803,6 @@ let get_call_annots config v s fct =
(*----------------------------------------------------------------------------*)
-let is_unrolled_completely spec =
- match spec.term_node with
- | TConst (LStr "completely") -> true
- | _ -> false
-
-let is_unrolled_loop stmt =
- let exception Unrolled in
- try
- Annotations.iter_code_annot (fun _emitter ca ->
- match ca.annot_content with
- | APragma (Loop_pragma (Unroll_specs [ spec ; _ ]))
- when is_unrolled_completely spec ->
- raise Unrolled ;
- | _ -> ()
- ) stmt ;
- false
- with Unrolled -> true
-
let add_variant_annot config s ca var_exp loop_entry loop_back =
let (vpos_id, vpos), (vdecr_id, vdecr) =
WpStrategy.mk_variant_properties config.kf s ca var_exp
@@ -901,9 +893,11 @@ let get_loop_annots config vloop s =
| _ -> acc (* see get_stmt_annots *)
in
let loop_core =
- if Wp_parameters.SmokeTests.get () && cur_fct_default_bhv config
- && not (is_unrolled_loop s)
- then WpStrategy.add_prop_loop_smoke WpStrategy.empty_acc config.kf s
+ if cur_fct_default_bhv config
+ && Wp_parameters.SmokeTests.get ()
+ && Wp_parameters.SmokeDeadloop.get ()
+ && not (WpReached.is_dead_code s)
+ then WpStrategy.add_prop_dead_loop WpStrategy.empty_acc config.kf s
else WpStrategy.empty_acc in
let (h_assigns, g_assigns), loop_entry , loop_back , loop_core =
Annotations.fold_code_annot do_annot s
@@ -917,6 +911,16 @@ let get_loop_annots config vloop s =
WpStrategy.add_loop_assigns_hyp loop_core config.kf s h_assigns
in (loop_entry , loop_back , loop_core)
+let add_stmt_deadcode_smoke config acc s =
+ if cur_fct_default_bhv config
+ then
+ match config.reached with
+ | Some r when WpReached.smoking r s ->
+ WpStrategy.add_prop_dead_code acc config.kf s
+ | _ -> acc
+ else
+ acc
+
let get_stmt_annots config v s =
let do_annot _ a ((b_acc, (a_acc, e_acc)) as acc) =
match a.annot_content with
@@ -965,7 +969,8 @@ let get_stmt_annots config v s =
add_stmt_spec_annots config v s b_list spec acc
| AExtended _ -> acc
in
- let before_acc = WpStrategy.empty_acc in
+ let before_acc =
+ add_stmt_deadcode_smoke config WpStrategy.empty_acc s in
let after_acc = WpStrategy.empty_acc in
let exits_acc = WpStrategy.empty_acc in
let acc = before_acc, (after_acc, exits_acc) in
@@ -1338,16 +1343,21 @@ let build_configs assigns kf model behaviors ki property =
"[get_strategies] select stmt %d properties@." s.sid
in
let cfg = get_cfg kf model in
+ let reached =
+ if Wp_parameters.SmokeTests.get ()
+ && Wp_parameters.SmokeDeadcode.get ()
+ then Some (WpReached.reached kf)
+ else None in
let def_annot_bhv, bhvs = find_behaviors kf cfg ki behaviors in
if bhvs <> [] then debug "[get_strategies] %d behaviors" (List.length bhvs);
- let mk_bhv_config bhv = { kf = kf;
- cfg = cfg;
- cur_bhv = bhv;
- asked_prop = property;
- asked_bhvs = bhvs;
- assigns_filter = assigns;
- def_annots_info = def_annot_bhv }
- in List.map mk_bhv_config bhvs
+ let mk_bhv_config bhv = {
+ kf; reached; cfg;
+ cur_bhv = bhv;
+ asked_prop = property;
+ asked_bhvs = bhvs;
+ assigns_filter = assigns;
+ def_annots_info = def_annot_bhv;
+ } in List.map mk_bhv_config bhvs
let get_strategies assigns kf model behaviors ki property =
let configs = build_configs assigns kf model behaviors ki property in
diff --git a/src/plugins/wp/wpAnnot.mli b/src/plugins/wp/wpAnnot.mli
index 229061167c1dcb88875e8291c14a06ab6ef89b3c..b08aa379c686030edbaabe947a8671f18428f2f4 100644
--- a/src/plugins/wp/wpAnnot.mli
+++ b/src/plugins/wp/wpAnnot.mli
@@ -28,10 +28,6 @@ open Cil_types
(*----------------------------------------------------------------------------*)
-(** splits a prop_id goals into prop_id parts for each sub-goals *)
-val split : ( WpPropId.prop_id -> 'a -> unit ) -> WpPropId.prop_id ->
- 'a Bag.t -> unit
-
(** A proof accumulator for a set of related prop_id *)
type proof
@@ -41,12 +37,20 @@ val create_proof : WpPropId.prop_id -> proof
val add_proof : proof -> WpPropId.prop_id -> Property.t list -> unit
(** accumulate in the proof the partial proof for this prop_id *)
+val add_invalid_proof : proof -> unit
+(** add an invalid proof result ; can not revert a complete proof *)
+
val is_composed : proof -> bool
(** whether a proof needs several lemma to be complete *)
val is_proved : proof -> bool
(** whether all partial proofs have been accumulated or not *)
+val is_invalid : proof -> bool
+(** whether an invalid proof result has been registered or not *)
+
+val status : proof -> [ `Proved | `Invalid | `Partial ]
+
val target : proof -> Property.t
val dependencies : proof -> Property.t list
diff --git a/src/plugins/wp/wpContext.mli b/src/plugins/wp/wpContext.mli
index 356eeaf759cb88e701e51c39a7e6215266df67ff..7693815595f66aa61dc739c8059173b0a812c50f 100644
--- a/src/plugins/wp/wpContext.mli
+++ b/src/plugins/wp/wpContext.mli
@@ -84,7 +84,8 @@ val get_model : unit -> model
val get_scope : unit -> scope
val get_context : unit -> context
-val directory : unit -> string (** Current model in ["-wp-out"] directory *)
+val directory : unit -> Datatype.Filepath.t
+(** Current model in ["-wp-out"] directory *)
module type Entries =
sig
diff --git a/src/plugins/wp/wpPropId.ml b/src/plugins/wp/wpPropId.ml
index b4cd7d5dd535660b4db92b0f06f01db599e9d916..9821c657890900dac6b7ba825e5dc6c5f025f2d1 100644
--- a/src/plugins/wp/wpPropId.ml
+++ b/src/plugins/wp/wpPropId.ml
@@ -185,7 +185,7 @@ let mk_smoke kf ~id ?(doomed=[]) ?unreachable () =
| Some stmt -> Property.OLStmt(kf,stmt)
in {
p_kind = PKSmoke;
- p_prop = Property.ip_other ("smoke_" ^id) oloc ;
+ p_prop = Property.ip_other ("wp_smoke_" ^id) oloc ;
p_doomed = doomed ;
p_unreachable = oloc ;
p_part = None ;
@@ -957,9 +957,13 @@ let pp_axiom_info fmt (id,thm) =
(* --- Prop Splitter --- *)
(* -------------------------------------------------------------------------- *)
+(* -------------------------------------------------------------------------- *)
+(* --- Prop Splitter --- *)
+(* -------------------------------------------------------------------------- *)
+
(* prop-id splitter *)
-let _split job pid goals =
+let split_bag job pid goals =
let n = Bag.length goals in
if n <= 1 then Bag.iter (job pid) goals else
let k = ref 0 in
@@ -969,6 +973,15 @@ let _split job pid goals =
incr k ; job pid_k g)
goals
+let split_map f pid gs =
+ let n = List.length gs in
+ if n <= 1 then List.map (f pid) gs else
+ let k = ref 0 in
+ List.map (fun g ->
+ let pid_k = mk_part pid (!k,n) in
+ incr k ; f pid_k g
+ ) gs
+
(*----------------------------------------------------------------------------*)
(** About proofs *)
(*----------------------------------------------------------------------------*)
diff --git a/src/plugins/wp/wpPropId.mli b/src/plugins/wp/wpPropId.mli
index 67e720d71c383a89727a1bcacec9acae63053db7..c0020de8a10f437c2e9dabf26dd57814e7e60cfc 100644
--- a/src/plugins/wp/wpPropId.mli
+++ b/src/plugins/wp/wpPropId.mli
@@ -250,6 +250,9 @@ val pp_pred_info : Format.formatter -> pred_info -> unit
(*----------------------------------------------------------------------------*)
+val split_bag : (prop_id -> 'a -> unit) -> prop_id -> 'a Bag.t -> unit
+val split_map : (prop_id -> 'a -> 'b) -> prop_id -> 'a list -> 'b list
+
(** [mk_part pid (k, n)] build the identification for the [k/n] part of [pid].*)
val mk_part : prop_id -> (int * int) -> prop_id
diff --git a/src/plugins/wp/wpReached.ml b/src/plugins/wp/wpReached.ml
new file mode 100644
index 0000000000000000000000000000000000000000..98acfad8ecbdd9dcf19e600ffe29b1efa795a5b6
--- /dev/null
+++ b/src/plugins/wp/wpReached.ml
@@ -0,0 +1,299 @@
+(**************************************************************************)
+(* *)
+(* This file is part of WP plug-in of Frama-C. *)
+(* *)
+(* Copyright (C) 2007-2020 *)
+(* CEA (Commissariat a l'energie atomique et aux energies *)
+(* alternatives) *)
+(* *)
+(* you can redistribute it and/or modify it under the terms of the GNU *)
+(* Lesser General Public License as published by the Free Software *)
+(* Foundation, version 2.1. *)
+(* *)
+(* It is distributed in the hope that it will be useful, *)
+(* but WITHOUT ANY WARRANTY; without even the implied warranty of *)
+(* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *)
+(* GNU Lesser General Public License for more details. *)
+(* *)
+(* See the GNU Lesser General Public License version 2.1 *)
+(* for more details (enclosed in the file licenses/LGPLv2.1). *)
+(* *)
+(**************************************************************************)
+
+open Cil_types
+open Cil_datatype
+
+(* -------------------------------------------------------------------------- *)
+(* --- Compute Reachability for Smoke Tests --- *)
+(* -------------------------------------------------------------------------- *)
+
+type flow =
+ | F_goto (* single successor for node *)
+ | F_effect (* single successor with must-be-reach effect *)
+ | F_call (* multiple successors with must-be-reach effect *)
+ | F_branch (* branching node *)
+ | F_return (* return node *)
+ | F_entry (* function or loop entry node *)
+ | F_dead (* truly dead code *)
+
+type node = {
+ id : int ;
+ mutable flow : flow ;
+ mutable prev : node list ;
+ mutable reached : bool option ;
+}
+
+let kid = ref 0
+
+let node () =
+ incr kid ;
+ { id = !kid ; prev = [] ; reached = None ; flow = F_goto }
+
+(* -------------------------------------------------------------------------- *)
+(* --- Unrolled Loop --- *)
+(* -------------------------------------------------------------------------- *)
+
+let is_unrolled_completely spec =
+ match spec.term_node with
+ | TConst (LStr "completely") -> true
+ | _ -> false
+
+let rec is_predicate cond p =
+ match p.pred_content with
+ | Pfalse -> not cond
+ | Ptrue -> cond
+ | Pnot p -> is_predicate (not cond) p
+ | Pforall(_,p) | Pexists(_,p) | Plet(_,p) -> is_predicate cond p
+ | Pif(_,p,q) -> is_predicate cond p && is_predicate cond q
+ | Pat(p,_) -> is_predicate cond p
+ | Pand(p,q) ->
+ if cond
+ then is_predicate true p && is_predicate true q
+ else is_predicate false p || is_predicate false q
+ | Por(p,q) ->
+ if cond
+ then is_predicate true p && is_predicate true q
+ else is_predicate false p && is_predicate false q
+ | Pimplies(p,q) ->
+ if cond
+ then is_predicate false p || is_predicate true q
+ else is_predicate true p && is_predicate false q
+ | _ -> false
+
+let is_dead_annot ca =
+ match ca.annot_content with
+ | APragma (Loop_pragma (Unroll_specs [ spec ; _ ])) ->
+ false && is_unrolled_completely spec
+ | AAssert([],Assert,p) -> is_predicate false p
+ | AInvariant([],_,p) -> is_predicate false p
+ | _ -> false
+
+let is_dead_code stmt =
+ let exception Deadcode in
+ try
+ Annotations.iter_code_annot (fun _emitter ca ->
+ if is_dead_annot ca then raise Deadcode
+ ) stmt ;
+ false
+ with Deadcode -> true
+
+(* -------------------------------------------------------------------------- *)
+(* --- Compute CFG --- *)
+(* -------------------------------------------------------------------------- *)
+
+type reached = node Stmt.Map.t
+type cfg = reached ref
+
+let of_stmt cfg s =
+ try Stmt.Map.find s !cfg with Not_found ->
+ let n = node () in
+ cfg := Stmt.Map.add s n !cfg ; n
+
+let goto a b =
+ b.prev <- a :: b.prev ;
+ if b.flow = F_dead then F_dead else F_goto
+
+let flow i f =
+ if f = F_dead then F_dead else
+ match i with
+ | Asm _ | Set _ -> F_effect
+ | Call _ -> F_call
+ | Local_init _ | Skip _ | Code_annot _ -> F_goto
+
+let merge a b = match a,b with
+ | F_dead , F_dead -> F_dead
+ | _ -> F_branch
+
+type env = {
+ cfg: cfg ;
+ break: node ;
+ continue: node ;
+}
+
+let rec stmt env s b =
+ let a = of_stmt env.cfg s in
+ if is_dead_code s then
+ a.flow <- F_dead
+ else
+ a.flow <- skind env a b s.skind ;
+ a
+
+and skind env a b = function
+ | Instr i -> flow i (goto a b)
+ | Return (None,_) -> F_goto
+ | Return (Some _,_) -> F_return
+ | Goto (lbl,_) -> goto a (of_stmt env.cfg !lbl)
+ | Break _ -> goto a env.break
+ | Continue _ -> goto a env.continue
+ | If(_,bthen,belse,_) ->
+ let ft = goto a (block env bthen b) in
+ let fe = goto a (block env belse b) in
+ merge ft fe
+ | Switch(_,body,cases,_) ->
+ ignore (block { env with break = b } body b) ;
+ List.fold_left
+ (fun f s -> merge f (goto a (of_stmt env.cfg s)))
+ F_dead cases
+ | Loop(_,body,_,_,_) ->
+ let continue = node () in
+ let lenv = { env with continue ; break = b } in
+ let flow = goto a (block lenv body continue) in
+ if flow = F_dead then F_dead else F_entry
+ | Block body ->
+ goto a (block env body b)
+ | UnspecifiedSequence s ->
+ let body = Cil.block_from_unspecified_sequence s in
+ goto a (block env body b)
+ | Throw _ | TryCatch _ | TryFinally _ | TryExcept _ ->
+ Wp_parameters.not_yet_implemented "try-catch blocks"
+
+and block env blk b = sequence env blk.bstmts b
+and sequence env seq b = match seq with
+ | [] -> b
+ | s :: seq -> stmt env s (sequence env seq b)
+
+(* -------------------------------------------------------------------------- *)
+(* --- Compute Reachability --- *)
+(* -------------------------------------------------------------------------- *)
+
+let rec reached node =
+ match node.reached with
+ | Some r -> r
+ | None ->
+ node.reached <- Some true ; (* cut loops *)
+ let r = List.for_all reached_after node.prev in
+ node.reached <- Some r ; r
+
+and reached_after node =
+ match node.flow with
+ | F_goto -> reached node
+ | F_effect | F_entry | F_dead -> true
+ | F_return | F_branch | F_call -> false
+
+let smoking_node n =
+ match n.flow with
+ | F_effect | F_call | F_return -> not (reached n)
+ | F_goto | F_branch | F_entry | F_dead -> false
+
+(* returns true if the stmt requires a reachability smoke test *)
+let smoking nodes stmt =
+ try Stmt.Map.find stmt nodes |> smoking_node
+ with Not_found -> false
+
+let compute kf =
+ try
+ let f = Kernel_function.get_definition kf in
+ let cfg = ref Stmt.Map.empty in
+ let returned = node () in
+ let continue = node () in
+ let break = node () in
+ let entry = node () in
+ let body = block { cfg ; break ; continue } f.sbody returned in
+ let _ = goto entry body in
+ entry.flow <- F_entry ; !cfg
+ with Kernel_function.No_Definition ->
+ Stmt.Map.empty
+
+(* ---------------------------------------------------------------------- *)
+(* --- Dump for debugging --- *)
+(* ---------------------------------------------------------------------- *)
+
+module G = Dotgraph
+module Nmap = Map.Make(struct type t = node let compare a b = a.id - b.id end)
+module N = Dotgraph.Node(Nmap)
+
+let dump ~dir kf reached =
+ let name = Kernel_function.get_name kf in
+ let file = Format.asprintf "%a/%s.dot" Datatype.Filepath.pretty dir name in
+ let dot = G.open_dot ~file ~name () in
+ N.define dot
+ (fun a na ->
+ let attr =
+ if smoking_node a
+ then [`Filled;`Fillcolor "orange"]
+ else
+ match a.flow with
+ | F_entry | F_effect | F_return | F_call ->
+ [`Filled;`Fillcolor "green"]
+ | F_dead -> [`Filled;`Fillcolor "red"]
+ | F_branch | F_goto -> []
+ in G.node dot na attr ;
+ List.iter
+ (fun b ->
+ let attr = match b.flow with
+ | F_call | F_branch | F_return | F_dead -> [`Dotted;`ArrowForward]
+ | F_effect | F_entry | F_goto -> [`ArrowForward]
+ in G.edge dot (N.get b) na attr)
+ a.prev
+ ) ;
+ Stmt.Map.iter
+ (fun s n ->
+ let label =
+ let module Pu = Pretty_utils in
+ let module Pr = Printer in
+ match s.skind with
+ | Instr _ | Return _ | Break _ | Continue _ | Goto _ ->
+ Pu.to_string Pr.pp_stmt s
+ | If(e,_,_,_) -> Pu.sfprintf "@[<hov 2>if (%a)@]" Pr.pp_exp e
+ | Switch(e,_,_,_) -> Pu.sfprintf "@[<hov 2>switch (%a)@]" Pr.pp_exp e
+ | Loop _ -> Printf.sprintf "Loop s%d" s.sid
+ | Block _ -> Printf.sprintf "Block s%d" s.sid
+ | UnspecifiedSequence _ -> Printf.sprintf "Seq. s%d" s.sid
+ | Throw _ | TryExcept _ | TryCatch _ | TryFinally _ ->
+ Printf.sprintf "Exn. s%d" s.sid
+ in G.node dot (N.get n) [`Box;`Label label])
+ reached ;
+ G.run dot ;
+ G.close dot ;
+ let out = G.layout dot in
+ Wp_parameters.result "Reached Graph: %s" out
+
+(* ---------------------------------------------------------------------- *)
+(* --- Projectified Analysis Result --- *)
+(* ---------------------------------------------------------------------- *)
+
+module FRmap = Kernel_function.Make_Table
+ (Datatype.Make
+ (struct
+ type t = reached
+ include Datatype.Serializable_undefined
+ let reprs = [Stmt.Map.empty]
+ let name = "WpReachable.reached"
+ end))
+ (struct
+ let name = "WpReachable.compute"
+ let dependencies = [Ast.self]
+ let size = 17
+ end)
+
+let dkey = Wp_parameters.register_category "reached"
+
+let reached = FRmap.memo
+ begin fun kf ->
+ let r = compute kf in
+ (if Wp_parameters.has_dkey dkey then
+ let dir = Wp_parameters.get_session_dir ~force:true "reach" in
+ dump ~dir kf r ) ; r
+ end
+
+(* -------------------------------------------------------------------------- *)
diff --git a/src/plugins/wp/wpReached.mli b/src/plugins/wp/wpReached.mli
new file mode 100644
index 0000000000000000000000000000000000000000..2f7bc0283bc0c5cc24c0cdd7d6984cf1c3d40c95
--- /dev/null
+++ b/src/plugins/wp/wpReached.mli
@@ -0,0 +1,52 @@
+(**************************************************************************)
+(* *)
+(* This file is part of WP plug-in of Frama-C. *)
+(* *)
+(* Copyright (C) 2007-2020 *)
+(* CEA (Commissariat a l'energie atomique et aux energies *)
+(* alternatives) *)
+(* *)
+(* you can redistribute it and/or modify it under the terms of the GNU *)
+(* Lesser General Public License as published by the Free Software *)
+(* Foundation, version 2.1. *)
+(* *)
+(* It is distributed in the hope that it will be useful, *)
+(* but WITHOUT ANY WARRANTY; without even the implied warranty of *)
+(* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *)
+(* GNU Lesser General Public License for more details. *)
+(* *)
+(* See the GNU Lesser General Public License version 2.1 *)
+(* for more details (enclosed in the file licenses/LGPLv2.1). *)
+(* *)
+(**************************************************************************)
+
+(* -------------------------------------------------------------------------- *)
+(** Reachability for Smoke Tests *)
+(* -------------------------------------------------------------------------- *)
+
+open Cil_types
+
+type reached
+(** control flow graph dedicated to smoke tests *)
+
+val is_predicate : bool -> predicate -> bool
+(** If returns [true] the predicate has always the given boolean value. *)
+
+val is_dead_annot : code_annotation -> bool
+(** False assertions and loop invariant.
+ Hence, also includes completely unrolled loop. *)
+
+val is_dead_code : stmt -> bool
+(** Checks whether the stmt has a dead-code annotation. *)
+
+val reached : Kernel_function.t -> reached
+(** memoized reached cfg for function *)
+
+val smoking : reached -> Cil_types.stmt -> bool
+(** Returns whether a stmt need a smoke tests to avoid being unreachable.
+ This is restricted to assignments, returns and calls not dominated
+ another smoking statement. *)
+
+val dump : dir:Datatype.Filepath.t -> Kernel_function.t -> reached -> unit
+
+(* -------------------------------------------------------------------------- *)
diff --git a/src/plugins/wp/wpReport.ml b/src/plugins/wp/wpReport.ml
index 25c34d2e6d9be2bcfa413599fd4a322589762f1a..be5b8151c1363541716bd1ebf093eb147be42926 100644
--- a/src/plugins/wp/wpReport.ml
+++ b/src/plugins/wp/wpReport.ml
@@ -90,12 +90,15 @@ let rank n =
type res = VALID | UNSUCCESS | INCONCLUSIVE | NORESULT
-let result ~smoke (r:VCS.result) =
- match VCS.verdict ~smoke r with
- | VCS.NoResult | VCS.Checked | VCS.Computing _ -> NORESULT
- | VCS.Failed -> INCONCLUSIVE
- | VCS.Invalid | VCS.Unknown | VCS.Timeout | VCS.Stepout -> UNSUCCESS
- | VCS.Valid -> VALID
+let result ~status ~smoke (r:VCS.result) =
+ match status with
+ | `Passed when smoke -> VALID
+ | _ ->
+ match VCS.verdict ~smoke r with
+ | VCS.NoResult | VCS.Computing _ -> NORESULT
+ | VCS.Failed -> INCONCLUSIVE
+ | VCS.Invalid | VCS.Unknown | VCS.Timeout | VCS.Stepout -> UNSUCCESS
+ | VCS.Valid -> VALID
let best_result a b = match a,b with
| NORESULT,c | c,NORESULT -> c
@@ -204,14 +207,14 @@ let get_prover fs prover =
let s = stats () in
Hashtbl.add fs.prover prover s ; s
-let add_results (plist:pstats list) (wpo:Wpo.t) =
- let ok = ref NORESULT in
+let add_results ~status (plist:pstats list) (wpo:Wpo.t) =
+ let res = ref NORESULT in
let tm = ref 0.0 in
let sm = ref 0 in
+ let smoke = Wpo.is_smoke_test wpo in
List.iter
(fun (p,r) ->
- let smoke = Wpo.is_smoke_test wpo in
- let re = result ~smoke r in
+ let re = result ~status ~smoke r in
let st = Wpo.get_steps r in
let tc = Wpo.get_time r in
let ts = r.VCS.solver_time in
@@ -225,11 +228,11 @@ let add_results (plist:pstats list) (wpo:Wpo.t) =
(fun fs -> add_qedstat ts (get_prover fs VCS.Qed))
plist ;
end ;
- ok := best_result !ok re ;
+ res := best_result !res re ;
if tc > !tm then tm := tc ;
if st > !sm then sm := st ;
) (Wpo.get_results wpo) ;
- List.iter (fun fs -> add_stat !ok !sm !tm fs.main) plist
+ List.iter (fun fs -> add_stat !res !sm !tm fs.main) plist
(* -------------------------------------------------------------------------- *)
(* --- Stats by Section --- *)
@@ -366,9 +369,10 @@ let add_goal (gs:fcstat) wpo =
| Wpo.Function(kf,_) -> Fun kf
in
let ds : dstats = get_section gs section in
- let (ok,prop) = Wpo.get_proof wpo in
+ let status,prop = Wpo.get_proof wpo in
let ps : pstats = get_property ds prop in
- add_results [gs.global ; ds.dstats ; ps] wpo ;
+ add_results status [gs.global ; ds.dstats ; ps] wpo ;
+ let ok = (status = `Passed) in
add_cover gs.gcoverage ok prop ;
add_cover ds.dcoverage ok prop ;
end
diff --git a/src/plugins/wp/wpStrategy.ml b/src/plugins/wp/wpStrategy.ml
index c5ba6351d777cd82fe044168a168f2679c53791c..ee31dab55e746eef3b68c77901182615c54cffce 100644
--- a/src/plugins/wp/wpStrategy.ml
+++ b/src/plugins/wp/wpStrategy.ml
@@ -48,6 +48,9 @@ type annot_kind =
| AcallPre of bool * kernel_function
(* annotation is a called function precondition :
to be considered as hyp, and goal if bool=true *)
+ | AcallPost of kernel_function
+ (* annotation is a called function post check :
+ to be considered as goal only *)
(* -------------------------------------------------------------------------- *)
(* --- Annotations for one program point. --- *)
@@ -66,6 +69,7 @@ type annots = {
p_cut : (bool * WpPropId.pred_info) list;
call_hyp : WpPropId.pred_info list ForCall.t; (* post and pre *)
call_pre : (bool * WpPropId.pred_info) list ForCall.t; (* goal only *)
+ call_post : WpPropId.pred_info list ForCall.t; (* post goals only (not hyp) *)
call_asgn : WpPropId.assigns_full_info ForCall.t;
a_goal : WpPropId.assigns_full_info;
a_hyp : WpPropId.assigns_full_info;
@@ -82,6 +86,7 @@ let empty_acc =
call_hyp = ForCall.empty;
call_pre = ForCall.empty;
call_asgn = ForCall.empty;
+ call_post = ForCall.empty;
a_goal = WpPropId.empty_assigns_info;
a_hyp = WpPropId.empty_assigns_info;
a_call = WpPropId.empty_assigns_info;
@@ -112,7 +117,7 @@ let add_prop acc kind id p =
| None -> l
| Some p -> (goal, p)::l
in
- let add_hyp_call fct calls =
+ let add_for_call fct calls =
let l = try ForCall.find fct calls with Not_found -> [] in
ForCall.add fct (add_hyp l) calls in
let add_both_call fct goal calls =
@@ -129,9 +134,11 @@ let add_prop acc kind id p =
| AcutB goal ->
goal, { info with p_cut = add_both goal info.p_cut }
| AcallHyp fct ->
- false, { info with call_hyp = add_hyp_call fct info.call_hyp }
+ false, { info with call_hyp = add_for_call fct info.call_hyp }
| AcallPre (goal,fct) ->
goal, { info with call_pre = add_both_call fct goal info.call_pre }
+ | AcallPost fct ->
+ true, { info with call_post = add_for_call fct info.call_post }
in let acc = { acc with info = info } in
if goal then { acc with has_prop_goal = true} else acc
@@ -260,10 +267,17 @@ let add_prop_fct_smoke acc kf bhv =
let doomed = Property.ip_requires_of_behavior kf Kglobal bhv in
add_smoke acc kf ~id ~doomed ()
-let add_prop_loop_smoke acc kf stmt =
- if not (Wp_parameters.Split.get()) then
- add_smoke acc kf ~id:"loop_invariant" ~unreachable:stmt ()
- else acc
+let add_prop_dead_loop acc kf stmt =
+ add_smoke acc kf ~id:"dead_loop" ~unreachable:stmt ()
+
+let add_prop_dead_code acc kf stmt =
+ add_smoke acc kf ~id:"dead_code" ~unreachable:stmt ()
+
+let add_prop_dead_call kf stmt acc_posts acc_exits =
+ let id = WpPropId.mk_smoke kf ~id:"dead_call" ~unreachable:stmt () in
+ let kind = AcallPost kf in
+ let pred = Some Logic_const.pfalse in
+ add_prop acc_posts kind id pred , add_prop acc_exits kind id pred
(* -------------------------------------------------------------------------- *)
@@ -435,6 +449,10 @@ let get_call_pre annots fct =
try filter_both (ForCall.find fct annots.info.call_pre)
with Not_found -> [],[]
+let get_call_post annots fct =
+ try ForCall.find fct annots.info.call_post
+ with Not_found -> []
+
let get_call_asgn annots = function
| None -> annots.info.a_call
| Some fct ->
@@ -498,6 +516,7 @@ let merge_acc acc1 acc2 =
p_cut = acc1.p_cut @ acc2.p_cut;
call_hyp = merge_calls (@) acc1.call_hyp acc2.call_hyp;
call_pre = merge_calls (@) acc1.call_pre acc2.call_pre;
+ call_post = merge_calls (@) acc1.call_post acc2.call_post;
call_asgn = merge_calls WpPropId.merge_assign_info acc1.call_asgn acc2.call_asgn;
a_goal = WpPropId.merge_assign_info acc1.a_goal acc2.a_goal;
a_hyp = WpPropId.merge_assign_info acc1.a_hyp acc2.a_hyp;
diff --git a/src/plugins/wp/wpStrategy.mli b/src/plugins/wp/wpStrategy.mli
index fa236285eb95fdfd7b51bd690425f074b321e580..9177f1fe53676af44dc9d2ed1345dd6cbc64234d 100644
--- a/src/plugins/wp/wpStrategy.mli
+++ b/src/plugins/wp/wpStrategy.mli
@@ -58,6 +58,9 @@ type annot_kind =
| AcallPre of bool * kernel_function
(** annotation is a called function precondition :
to be considered as hyp, and goal if bool=true *)
+ | AcallPost of kernel_function
+ (** annotation is a called function post check :
+ to be considered as goal only (no hyp) *)
(** {3 Adding properties (predicates)} *)
@@ -87,8 +90,15 @@ val add_prop_fct_bhv_pre : t_annots -> annot_kind ->
(** Add Smoke Test behavior *)
val add_prop_fct_smoke : t_annots -> kernel_function -> funbehavior -> t_annots
-(** Add Smoke Test behavior for loop *)
-val add_prop_loop_smoke : t_annots -> kernel_function -> stmt -> t_annots
+(** Add Smoke Test for loop *)
+val add_prop_dead_loop : t_annots -> kernel_function -> stmt -> t_annots
+
+(** Add Smoke Test for possibly dead code *)
+val add_prop_dead_code : t_annots -> kernel_function -> stmt -> t_annots
+
+(** Add Smoke Test for possibly dead call : (posts,exits) *)
+val add_prop_dead_call : kernel_function -> stmt -> t_annots -> t_annots ->
+ t_annots * t_annots
val add_prop_fct_post : t_annots -> annot_kind ->
kernel_function -> funbehavior -> termination_kind -> identified_predicate
@@ -182,6 +192,9 @@ val get_call_hyp : t_annots -> kernel_function -> WpPropId.pred_info list
* (similar to [get_both_hyp_goals]). *)
val get_call_pre : t_annots -> kernel_function -> WpPropId.pred_info list * WpPropId.pred_info list
+(** Post-checks of a called function to be considered as goal only *)
+val get_call_post : t_annots -> kernel_function -> WpPropId.pred_info list
+
val get_call_asgn : t_annots -> kernel_function option -> WpPropId.assigns_full_info
diff --git a/src/plugins/wp/wp_parameters.ml b/src/plugins/wp/wp_parameters.ml
index 219694d2e8f0dc6aa4ca8ac2f483363d67b3e970..8755b87107f3042d4e09bbe381fffafe685a2ae7 100644
--- a/src/plugins/wp/wp_parameters.ml
+++ b/src/plugins/wp/wp_parameters.ml
@@ -374,6 +374,27 @@ module SmokeTests =
let help = "Smoke-tests : look for inconsistent contracts (best effort)"
end)
+let () = Parameter_customize.set_group wp_strategy
+module SmokeDeadcode =
+ True(struct
+ let option_name = "-wp-smoke-dead-code"
+ let help = "When generating smoke tests, look for unreachable code"
+ end)
+
+let () = Parameter_customize.set_group wp_strategy
+module SmokeDeadcall =
+ True(struct
+ let option_name = "-wp-smoke-dead-call"
+ let help = "When generating smoke tests, look for non-terminating calls"
+ end)
+
+let () = Parameter_customize.set_group wp_strategy
+module SmokeDeadloop =
+ True(struct
+ let option_name = "-wp-smoke-dead-loop"
+ let help = "When generating smoke tests, look for inconsistent loop invairants"
+ end)
+
let () = Parameter_customize.set_group wp_strategy
module Split =
False(struct
@@ -992,16 +1013,6 @@ module OutputDir =
Defaults to some temporary directory."
end)
-let () = Parameter_customize.set_group wp_po
-let () = Parameter_customize.do_not_save ()
-module Check =
- Action(struct
- let option_name = "-wp-check"
- let help =
- "Check the syntax and type of the produced file, instead of proving."
- end)
-let () = on_reset Print.clear
-
(* -------------------------------------------------------------------------- *)
(* --- Overflows --- *)
(* -------------------------------------------------------------------------- *)
@@ -1083,8 +1094,8 @@ let base_output () =
make_output_dir dir ; dir in
base_output := Some output;
Fc_Filepath.add_symbolic_dir "WPOUT" output ;
- output
- | Some output -> output
+ Datatype.Filepath.of_string output
+ | Some output -> Datatype.Filepath.of_string output
let get_output () =
let base = base_output () in
@@ -1092,13 +1103,13 @@ let get_output () =
let name = Project.get_unique_name project in
if name = "default" then base
else
- let dir = base ^ "/" ^ name in
- make_output_dir dir ; dir
+ let dir = Datatype.Filepath.concat base ("/" ^ name) in
+ make_output_dir (dir :> string) ; dir
let get_output_dir d =
let base = get_output () in
- let path = Printf.sprintf "%s/%s" base d in
- make_output_dir path ; path
+ let path = Datatype.Filepath.concat base ("/" ^ d) in
+ make_output_dir (path :> string) ; path
(* -------------------------------------------------------------------------- *)
(* --- Session dir --- *)
@@ -1107,22 +1118,22 @@ let get_output_dir d =
let default = Sys.getcwd () ^ "/.frama-c"
let has_session () =
- Session.Dir_name.is_set () ||
+ Session.is_set () ||
( Sys.file_exists default && Sys.is_directory default )
let get_session ~force () =
if force then
- Session.dir ~error:false ()
+ Session.get_dir "."
else
- if Session.Dir_name.is_set () then
- Session.Dir_name.get ()
+ if Session.is_set () then
+ Session.get ()
else
- Session.dir ~error:false ()
+ Session.get_dir "."
let get_session_dir ~force d =
let base = get_session ~force () in
- let path = Format.asprintf "%a/%s" Datatype.Filepath.pp_abs base d in
- if force then make_output_dir path ; path
+ let path = Datatype.Filepath.concat base ("/" ^ d) in
+ if force then make_output_dir (path :> string) ; path
(* -------------------------------------------------------------------------- *)
(* --- Print Generated --- *)
diff --git a/src/plugins/wp/wp_parameters.mli b/src/plugins/wp/wp_parameters.mli
index af829e5f8a25afdb231df07af0bf601ccca86593..fd0df0a2628df88f611165a8413c9b9dc33e2b5d 100644
--- a/src/plugins/wp/wp_parameters.mli
+++ b/src/plugins/wp/wp_parameters.mli
@@ -146,17 +146,19 @@ module Report: Parameter_sig.String_list
module ReportJson: Parameter_sig.String
module ReportName: Parameter_sig.String
module MemoryContext: Parameter_sig.Bool
-module Check: Parameter_sig.Bool
module SmokeTests: Parameter_sig.Bool
+module SmokeDeadloop: Parameter_sig.Bool
+module SmokeDeadcode: Parameter_sig.Bool
+module SmokeDeadcall: Parameter_sig.Bool
(** {2 Getters} *)
val has_out : unit -> bool
val has_session : unit -> bool
val get_session : force:bool -> unit -> Datatype.Filepath.t
-val get_session_dir : force:bool -> string -> string
-val get_output : unit -> string
-val get_output_dir : string -> string
+val get_session_dir : force:bool -> string -> Datatype.Filepath.t
+val get_output : unit -> Datatype.Filepath.t
+val get_output_dir : string -> Datatype.Filepath.t
val make_output_dir : string -> unit
val get_overflows : unit -> bool
diff --git a/src/plugins/wp/wpo.ml b/src/plugins/wp/wpo.ml
index b28f9e6b297c2bfafc4bc15c8194033a70ce8422..21f7f3a9fa1b25a40763c3172b6f9f529ac61746 100644
--- a/src/plugins/wp/wpo.ml
+++ b/src/plugins/wp/wpo.ml
@@ -88,7 +88,7 @@ struct
let mid = Wp_parameters.get_output_dir (WpContext.MODEL.id model) in
let buffer = Buffer.create 80 in
let fmt = Format.formatter_of_buffer buffer in
- Format.fprintf fmt "%s/%s" mid id ;
+ Format.fprintf fmt "%s/%s" (mid :> string) id ;
(match prover with None -> () | Some p ->
Format.fprintf fmt "_%s" (filename_for_prover p)) ;
(match suffix with None -> () | Some s ->
@@ -143,14 +143,14 @@ struct
let cache_log ~pid ~model ~prover ~result =
(*TODO: put a cache here *)
let dir = Wp_parameters.get_output () in
- let file = Printf.sprintf "%s/log.txt" dir in
+ let file = Printf.sprintf "%s/log.txt" (dir :> string) in
Command.print_file file (pretty ~pid ~model ~prover ~result) ;
file
let cache_descr pretty =
(*TODO: put a cache here *)
let dir = Wp_parameters.get_output () in
- let file = Printf.sprintf "%s/goal.txt" dir in
+ let file = Printf.sprintf "%s/goal.txt" (dir :> string) in
Command.print_file file (fun fmt -> pretty fmt) ; file
end
@@ -691,65 +691,49 @@ let warnings = function
let get_time = function { prover_time=t } -> t
let get_steps= function { prover_steps=n } -> n
let get_target g = WpPropId.property_of_id g.po_pid
+
let get_proof g =
let system = SYSTEM.get () in
let target = get_target g in
let status =
try
let proof = Hproof.find system.proofs (proof g target) in
- WpAnnot.is_proved proof
- with Not_found -> false
+ if is_smoke_test g then
+ if WpAnnot.is_proved proof then `Failed else
+ if WpAnnot.is_invalid proof then `Passed else
+ `Unknown
+ else
+ if WpAnnot.is_proved proof then `Passed else `Unknown
+ with Not_found -> `Unknown
in status , target
-let doomed_unreachable emitter pid =
+let set_invalid emitter tgt =
+ Property_status.emit emitter ~hyps:[] tgt Property_status.False_if_reachable
+
+let set_doomed emitter pid =
+ List.iter (set_invalid emitter) (WpPropId.doomed_if_valid pid) ;
match WpPropId.unreachable_if_valid pid with
| Property.OLStmt(kf,stmt) ->
- let pred_loc = Stmt.loc stmt in
- let pred_name = [ "Wp" ; "SmokeTest" ] in
- let pf = { Logic_const.pfalse with pred_loc ; pred_name } in
- let ca = Logic_const.new_code_annotation (AAssert ([],Assert,pf)) in
- Annotations.add_code_annot emitter ~kf stmt ca ;
- Property.ip_of_code_annot kf stmt ca
- | Property.OLGlob _ | Property.OLContract _ -> []
-
-let update_property_status g r =
- let system = SYSTEM.get () in
- try
- let pi = proof g (WpPropId.property_of_id g.po_pid) in
- let proof =
- try Hproof.find system.proofs pi
- with Not_found ->
- let proof = WpAnnot.create_proof g.po_pid in
- Hproof.add system.proofs pi proof ; proof
- in
- let emitter = WpContext.get_emitter g.po_model in
- let smoke = is_smoke_test g in
- let status =
- match VCS.verdict ~smoke r with
- | Valid ->
- WpAnnot.add_proof proof g.po_pid (get_depend g) ;
- if WpAnnot.is_proved proof then Property_status.True
- else Property_status.Dont_know
- | Invalid when smoke ->
- let status = Property_status.False_if_reachable in
- List.iter
- (fun tgt -> Property_status.emit emitter ~hyps:[] tgt status)
- (WpPropId.doomed_if_valid g.po_pid) ;
- let status = Property_status.True in
- List.iter
- (fun tgt -> Property_status.emit emitter ~hyps:[] tgt status)
- (doomed_unreachable emitter g.po_pid) ;
- Property_status.False_if_reachable
- | _ ->
- if WpAnnot.is_proved proof then Property_status.True
- else Property_status.Dont_know
- in
- let target = WpAnnot.target proof in
- let depends = WpAnnot.dependencies proof in
- Property_status.emit emitter ~hyps:depends target status ;
- with err ->
- Wp_parameters.failure "Update-status failed (%s)" (Printexc.to_string err) ;
- raise err
+ let ca =
+ let filter = WpReached.is_dead_annot in
+ match Annotations.code_annot ~emitter ~filter stmt with
+ | ca::_ -> ca
+ | [] ->
+ let pred_loc = Stmt.loc stmt in
+ let pred_name = [ "Wp" ; "SmokeTest" ] in
+ let pf = { Logic_const.pfalse with pred_loc ; pred_name } in
+ let ca = Logic_const.new_code_annotation (AAssert ([],Assert,pf)) in
+ Annotations.add_code_annot emitter ~kf stmt ca ; ca
+ in
+ List.iter (set_invalid emitter) (Property.ip_of_code_annot kf stmt ca)
+ | Property.OLGlob _ | Property.OLContract _ -> ()
+
+let find_proof system g =
+ let pi = proof g (WpPropId.property_of_id g.po_pid) in
+ try Hproof.find system.proofs pi
+ with Not_found ->
+ let proof = WpAnnot.create_proof g.po_pid in
+ Hproof.add system.proofs pi proof ; proof
let clear_results g =
let system = SYSTEM.get () in
@@ -769,9 +753,34 @@ let set_result g p r =
in
Results.replace rs p r ;
if not (WpPropId.is_check g.po_pid) &&
- not (WpPropId.is_tactic g.po_pid)
+ not (WpPropId.is_tactic g.po_pid) &&
+ VCS.is_verdict r
then
- update_property_status g r ;
+ let smoke = is_smoke_test g in
+ let proof = find_proof system g in
+ let emitter = WpContext.get_emitter g.po_model in
+ let target = WpAnnot.target proof in
+ let unproved = not (WpAnnot.is_proved proof) in
+ if VCS.is_valid r then
+ WpAnnot.add_proof proof g.po_pid (get_depend g)
+ else if smoke then
+ WpAnnot.add_invalid_proof proof ;
+ let proved = WpAnnot.is_proved proof in
+ let status =
+ if smoke then
+ if proved
+ then Property_status.False_if_reachable (* All goals SAT *)
+ else if WpAnnot.is_invalid proof
+ then Property_status.True (* Some goal is UNSAT *)
+ else Property_status.Dont_know (* Not finished yet *)
+ else
+ if proved
+ then Property_status.True
+ else Property_status.Dont_know
+ in
+ let hyps = if smoke then [] else WpAnnot.dependencies proof in
+ Property_status.emit emitter ~hyps target status ;
+ if smoke && unproved && proved then set_doomed emitter g.po_pid ;
end
let has_verdict g p =
@@ -803,9 +812,10 @@ let reduce g =
let resolve g =
let valid = reduce g in
if valid then
- ( let solver = qed_time g in
- set_result g VCS.Qed (VCS.result ~solver VCS.Valid) ) ;
- valid
+ let result = VCS.result ~solver:(qed_time g) VCS.Valid in
+ ignore (set_result g VCS.Qed result) ;
+ true
+ else false
let compute g =
let ctxt = get_context g in
diff --git a/src/plugins/wp/wpo.mli b/src/plugins/wp/wpo.mli
index 979ce9c5ce77e74d29663ca01a33aaf4ff76e162..4c1981c0fa00a92b0237d4eb63fd4af5556cd6fc 100644
--- a/src/plugins/wp/wpo.mli
+++ b/src/plugins/wp/wpo.mli
@@ -155,7 +155,7 @@ val compute : t -> Definitions.axioms option * Conditions.sequent
val has_verdict : t -> prover -> bool
val get_result : t -> prover -> result
val get_results : t -> (prover * result) list
-val get_proof : t -> bool * Property.t
+val get_proof : t -> [`Passed|`Failed|`Unknown] * Property.t
val get_target : t -> Property.t
val is_trivial : t -> bool (** do not tries simplification, do not check prover results *)
val is_proved : t -> bool (** do not tries simplification, check prover results *)
diff --git a/tests/builtins/calloc.c b/tests/builtins/calloc.c
index 648a4b4af03809048ffa6542498385caab9ecdbc..391526efc854f48c1a227508470978787b60aa80 100644
--- a/tests/builtins/calloc.c
+++ b/tests/builtins/calloc.c
@@ -4,8 +4,8 @@
STDOPT: #"-eva-no-builtins-auto -eva-alloc-returns-null -eva-builtin calloc:Frama_C_calloc_by_stack"
STDOPT: #"-eva-no-builtins-auto -eva-no-alloc-returns-null -eva-builtin calloc:Frama_C_calloc_fresh"
STDOPT: #"-eva-no-builtins-auto -eva-no-alloc-returns-null -eva-builtin calloc:Frama_C_calloc_by_stack"
+ STDOPT: #"-eva-no-builtins-auto -eva-no-alloc-returns-null -eva-builtin calloc:Frama_C_calloc_imprecise"
*/
-
#include <stdlib.h>
#include <stdint.h>
diff --git a/tests/builtins/malloc.c b/tests/builtins/malloc.c
index c62203fa9ddc252a00f91fa13647a74520e169bf..af2dbc58d5b2eff3d0a49890a02bf98bbfc295c7 100644
--- a/tests/builtins/malloc.c
+++ b/tests/builtins/malloc.c
@@ -4,7 +4,7 @@
#include <stddef.h>
void *Frama_C_malloc_by_stack(size_t i);
void *Frama_C_malloc_fresh(size_t i);
-
+void *Frama_C_malloc_imprecise(size_t i);
void main(int c) {
int x;
int *s;
@@ -30,5 +30,10 @@ void main(int c) {
*r = 1;
*(r+2) = 3;
+ int *mw = Frama_C_malloc_imprecise(42);
+ *mw = 1;
+ int *mw2 = Frama_C_malloc_imprecise(42);
+ *mw2 = 2;
+
// *s = 1;
}
diff --git a/tests/builtins/oracle/Longinit_sequencer.res.oracle b/tests/builtins/oracle/Longinit_sequencer.res.oracle
index 2a0c3fd82a978552927c8aed7b96e5f48b92d07a..7593544dbd939e453a2870b1e76c873fc147295a 100644
--- a/tests/builtins/oracle/Longinit_sequencer.res.oracle
+++ b/tests/builtins/oracle/Longinit_sequencer.res.oracle
@@ -2,17 +2,14 @@
[kernel] Parsing tests/builtins/long_init.c (with preprocessing)
[eva] Analyzing a complete application starting at main
[eva] Computing initial state
-[eva] tests/builtins/long_init.c:34:
- Assigning imprecise value to garbled_mix.
- The imprecision originates from Arithmetic {tests/builtins/long_init.c:34}
+[eva:alarm] tests/builtins/long_init.c:34: Warning:
+ pointer downcast. assert (unsigned int)"abc" ≤ 127;
[eva] Initial state computed
[eva:initial-state] Values of globals at initialization
nondet ∈ [--..--]
a1[0..9] ∈ {0}
stuff ∈ {0}
- garbled_mix ∈
- {{ garbled mix of &{"abc"}
- (origin: Arithmetic {tests/builtins/long_init.c:34}) }}
+ garbled_mix ∈ {{ "abc" }}
s ∈ {{ "abc" }}
pr ∈ {0}
pr2 ∈ {0}
@@ -73,6 +70,8 @@
[eva] tests/builtins/long_init.c:73:
Call to builtin Frama_C_malloc_fresh for function malloc
[eva] tests/builtins/long_init.c:73: allocating variable __malloc_init_inner_l73
+[eva:alarm] tests/builtins/long_init.c:74: Warning:
+ pointer downcast. assert (unsigned int)alloc1 ≤ 2147483647;
[eva] tests/builtins/long_init.c:75:
Call to builtin Frama_C_malloc_fresh for function malloc
[eva] tests/builtins/long_init.c:75: allocating variable __malloc_init_inner_l75
@@ -130,9 +129,7 @@
.d[7] ∈ {21.875}
.d[8] ∈ {25.}
.d[9] ∈ {28.125}
- garbled_mix ∈
- {{ garbled mix of &{"abc"}
- (origin: Arithmetic {tests/builtins/long_init.c:34}) }}
+ garbled_mix ∈ {{ "abc" }}
s ∈ {{ "abc" }}
pr ∈ ESCAPINGADDR
pr2 ∈ ESCAPINGADDR
@@ -170,6 +167,8 @@
[eva] tests/builtins/long_init.c:104: allocating variable __malloc_main_l104
[eva] Recording results for main
[eva] done for function main
+[eva] tests/builtins/long_init.c:34:
+ cannot evaluate ACSL term, unsupported ACSL construct: constant strings
[eva] Saving globals state after call to function: init_inner
Values at end of function dmin:
__retres ∈ [93.9166666667 .. 110.791666667]
@@ -297,17 +296,14 @@ Values at end of function main:
__retres ∈ {0}[kernel] Parsing tests/builtins/long_init2.c (with preprocessing)
[eva] Analyzing a complete application starting at main
[eva] Computing initial state
-[eva] tests/builtins/long_init2.c:34:
- Assigning imprecise value to garbled_mix.
- The imprecision originates from Arithmetic {tests/builtins/long_init2.c:34}
+[eva:alarm] tests/builtins/long_init2.c:34: Warning:
+ pointer downcast. assert (unsigned int)"abc" ≤ 127;
[eva] Initial state computed
[eva:initial-state] Values of globals at initialization
nondet ∈ [--..--]
a1[0..9] ∈ {0}
stuff ∈ {0}
- garbled_mix ∈
- {{ garbled mix of &{"abc"}
- (origin: Arithmetic {tests/builtins/long_init2.c:34}) }}
+ garbled_mix ∈ {{ "abc" }}
s ∈ {{ "abc" }}
another_global ∈ {42}
pr ∈ {0}
@@ -325,7 +321,6 @@ Values at end of function main:
Call to builtin Frama_C_load_state for function init_inner
[eva] Skipping call to init_inner, loading globals state from file:
tests/builtins/result/Longinit_sequencer.sav
-[eva] Warning: importing garbled mix, locations may have changed
[eva] Warning: variable `r' is not global, possibly an escaping value; ignoring
[eva] Warning: variable `r2' is not global, possibly an escaping value; ignoring
[eva] Warning: variable `r2' is not global, possibly an escaping value; ignoring
@@ -371,9 +366,7 @@ Values at end of function main:
.d[7] ∈ {21.875}
.d[8] ∈ {25.}
.d[9] ∈ {28.125}
- garbled_mix ∈
- {{ garbled mix of &{"abc"}
- (origin: Arithmetic {tests/builtins/long_init.c:34}) }}
+ garbled_mix ∈ {{ "abc" }}
s ∈ {{ "abc" }}
another_global ∈ {42}
pr ∈ ESCAPINGADDR
@@ -446,6 +439,8 @@ Values at end of function main:
[eva] tests/builtins/long_init2.c:104: allocating variable __malloc_main_l104
[eva] Recording results for main
[eva] done for function main
+[eva] tests/builtins/long_init2.c:34:
+ cannot evaluate ACSL term, unsupported ACSL construct: constant strings
[eva] Saving globals state after call to function: init_outer
@@ -539,17 +534,14 @@ Values at end of function main:
__retres ∈ {0}[kernel] Parsing tests/builtins/long_init3.c (with preprocessing)
[eva] Analyzing a complete application starting at main
[eva] Computing initial state
-[eva] tests/builtins/long_init3.c:34:
- Assigning imprecise value to garbled_mix.
- The imprecision originates from Arithmetic {tests/builtins/long_init3.c:34}
+[eva:alarm] tests/builtins/long_init3.c:34: Warning:
+ pointer downcast. assert (unsigned int)"abc" ≤ 127;
[eva] Initial state computed
[eva:initial-state] Values of globals at initialization
nondet ∈ [--..--]
a1[0..9] ∈ {0}
stuff ∈ {0}
- garbled_mix ∈
- {{ garbled mix of &{"abc"}
- (origin: Arithmetic {tests/builtins/long_init3.c:34}) }}
+ garbled_mix ∈ {{ "abc" }}
s ∈ {{ "abc" }}
another_global ∈ {42}
yet_another_global ∈ {43}
@@ -566,7 +558,6 @@ Values at end of function main:
Call to builtin Frama_C_load_state for function init_outer
[eva] Skipping call to init_outer, loading globals state from file:
tests/builtins/result/Longinit_sequencer.sav
-[eva] Warning: importing garbled mix, locations may have changed
[eva] Warning: found new global variable `yet_another_global'
[eva] tests/builtins/long_init3.c:92:
Frama_C_dump_each:
@@ -607,9 +598,7 @@ Values at end of function main:
.d[7] ∈ {21.875}
.d[8] ∈ {25.}
.d[9] ∈ {28.125}
- garbled_mix ∈
- {{ garbled mix of &{"abc"}
- (origin: Arithmetic {tests/builtins/long_init.c:34}) }}
+ garbled_mix ∈ {{ "abc" }}
s ∈ {{ "abc" }}
another_global ∈ {42}
yet_another_global ∈ {43}
@@ -683,6 +672,8 @@ Values at end of function main:
[eva] tests/builtins/long_init3.c:104: allocating variable __malloc_main_l104
[eva] Recording results for main
[eva] done for function main
+[eva] tests/builtins/long_init3.c:34:
+ cannot evaluate ACSL term, unsupported ACSL construct: constant strings
Values at end of function dmin:
diff --git a/tests/builtins/oracle/alloc.0.res.oracle b/tests/builtins/oracle/alloc.0.res.oracle
index 257776baaff09cd5091b410914f02fdfcbe6fadc..b124e2220d17a6d8a85d3bb9dc74b91e716d5a75 100644
--- a/tests/builtins/oracle/alloc.0.res.oracle
+++ b/tests/builtins/oracle/alloc.0.res.oracle
@@ -34,6 +34,8 @@
all target addresses were invalid. This path is assumed to be dead.
[eva] tests/builtins/alloc.c:25: Call to builtin Frama_C_malloc_fresh
[eva] tests/builtins/alloc.c:25: allocating variable __malloc_main_l25
+[eva:alarm] tests/builtins/alloc.c:26: Warning:
+ pointer downcast. assert (unsigned int)q ≤ 2147483647;
[eva:alarm] tests/builtins/alloc.c:26: Warning:
signed overflow. assert -2147483648 ≤ -((int)q);
[eva:alarm] tests/builtins/alloc.c:26: Warning:
diff --git a/tests/builtins/oracle/alloc.1.res.oracle b/tests/builtins/oracle/alloc.1.res.oracle
index b4990cc4a79455a5bf971a573423df33d4f1d5fb..48c4356d116b6568051f121123841c9f5b03d047 100644
--- a/tests/builtins/oracle/alloc.1.res.oracle
+++ b/tests/builtins/oracle/alloc.1.res.oracle
@@ -15,6 +15,8 @@
ch ∈ {44}
[eva] tests/builtins/alloc.c:50: Call to builtin Frama_C_malloc_fresh
[eva] tests/builtins/alloc.c:50: allocating variable __malloc_main_abs_l50
+[eva:alarm] tests/builtins/alloc.c:51: Warning:
+ pointer downcast. assert (unsigned int)q ≤ 2147483647;
[eva:alarm] tests/builtins/alloc.c:51: Warning:
signed overflow. assert -2147483648 ≤ -((int)q);
[eva:alarm] tests/builtins/alloc.c:51: Warning:
@@ -24,6 +26,8 @@
The imprecision originates from Arithmetic {tests/builtins/alloc.c:51}
[eva:alarm] tests/builtins/alloc.c:54: Warning:
out of bounds write. assert \valid(r);
+[eva:alarm] tests/builtins/alloc.c:54: Warning:
+ pointer downcast. assert (unsigned int)r ≤ 2147483647;
[eva:alarm] tests/builtins/alloc.c:56: Warning:
signed overflow. assert -2147483648 ≤ *q + 1;
[eva:alarm] tests/builtins/alloc.c:56: Warning:
diff --git a/tests/builtins/oracle/alloc_weak.res.oracle b/tests/builtins/oracle/alloc_weak.res.oracle
index 5a584e372684c98e4aa9b566bf7ddcda96c4ca45..7705984008d4c08d656c18cda171bb1d1adb99e5 100644
--- a/tests/builtins/oracle/alloc_weak.res.oracle
+++ b/tests/builtins/oracle/alloc_weak.res.oracle
@@ -41,6 +41,10 @@
Called from tests/builtins/alloc_weak.c:73.
[eva] tests/builtins/alloc_weak.c:37: Call to builtin malloc
[eva] tests/builtins/alloc_weak.c:37: allocating variable __malloc_main2_l37
+[eva:alarm] tests/builtins/alloc_weak.c:37: Warning:
+ pointer downcast.
+ assert (unsigned int)tmp ≤ 2147483647;
+ (tmp from malloc(sizeof(int)))
[eva] tests/builtins/alloc_weak.c:40:
Trace partitioning superposing up to 100 states
[eva] tests/builtins/alloc_weak.c:40:
diff --git a/tests/builtins/oracle/calloc.5.res.oracle b/tests/builtins/oracle/calloc.5.res.oracle
new file mode 100644
index 0000000000000000000000000000000000000000..679c1f964b2efcdc39a9b52a8af80ba2a8d09bd6
--- /dev/null
+++ b/tests/builtins/oracle/calloc.5.res.oracle
@@ -0,0 +1,57 @@
+[kernel] Parsing tests/builtins/calloc.c (with preprocessing)
+[eva] Analyzing a complete application starting at main
+[eva] Computing initial state
+[eva] Initial state computed
+[eva:initial-state] Values of globals at initialization
+ nondet ∈ [--..--]
+[eva] tests/builtins/calloc.c:14:
+ Call to builtin Frama_C_calloc_imprecise for function calloc
+[eva:malloc:imprecise] tests/builtins/calloc.c:14: Warning:
+ allocating a single weak variable for ALL dynamic allocations via malloc/calloc/realloc: __alloc_w_main
+[eva] tests/builtins/calloc.c:17:
+ Call to builtin Frama_C_calloc_imprecise for function calloc
+[eva] tests/builtins/calloc.c:20:
+ Call to builtin Frama_C_calloc_imprecise for function calloc
+[eva] tests/builtins/calloc.c:23:
+ Call to builtin Frama_C_calloc_imprecise for function calloc
+[eva:alarm] tests/builtins/calloc.c:26: Warning: assertion got status unknown.
+[eva:alarm] tests/builtins/calloc.c:27: Warning: assertion got status unknown.
+[eva] tests/builtins/calloc.c:30:
+ Call to builtin Frama_C_calloc_imprecise for function calloc
+[eva:alarm] tests/builtins/calloc.c:33: Warning: assertion got status unknown.
+[eva:alarm] tests/builtins/calloc.c:34: Warning: assertion got status unknown.
+[eva:alarm] tests/builtins/calloc.c:35: Warning: assertion got status unknown.
+[eva] tests/builtins/calloc.c:38:
+ Call to builtin Frama_C_calloc_imprecise for function calloc
+[eva] tests/builtins/calloc.c:38: Warning:
+ calloc out of bounds: assert(nmemb * size <= SIZE_MAX)
+[eva] tests/builtins/calloc.c:40: assertion got status valid.
+[eva] Recording results for main
+[eva] done for function main
+[eva] ====== VALUES COMPUTED ======
+[eva:final-states] Values at end of function main:
+ __fc_heap_status ∈ [--..--]
+ p1 ∈ {{ &__alloc_w_main[0] }}
+ p2 ∈ {{ &__alloc_w_main[0] }}
+ p3 ∈ {{ &__alloc_w_main[0] }}
+ p4 ∈ {{ &__alloc_w_main[0] }}
+ p5 ∈ {{ (int *)&__alloc_w_main }}
+ p9001 ∈ {0}
+ __retres ∈ {0}
+[from] Computing for function main
+[from] Computing for function calloc <-main
+[from] Done for function calloc
+[from] Done for function main
+[from] ====== DEPENDENCIES COMPUTED ======
+ These dependencies hold at termination for the executions that terminate:
+[from] Function calloc:
+ __fc_heap_status FROM __fc_heap_status; nmemb; size (and SELF)
+ \result FROM __fc_heap_status; nmemb; size
+[from] Function main:
+ __fc_heap_status FROM __fc_heap_status (and SELF)
+ \result FROM __fc_heap_status
+[from] ====== END OF DEPENDENCIES ======
+[inout] Out (internal) for function main:
+ __fc_heap_status; p1; p2; p3; p4; p5; p9001; __retres
+[inout] Inputs for function main:
+ __fc_heap_status; nondet
diff --git a/tests/builtins/oracle/imprecise-malloc-free.res.oracle b/tests/builtins/oracle/imprecise-malloc-free.res.oracle
index 82e150fd29421edf85c87ee0fc822d57ea050e75..4d7ac635f76867055ff5101b207043750e18500c 100644
--- a/tests/builtins/oracle/imprecise-malloc-free.res.oracle
+++ b/tests/builtins/oracle/imprecise-malloc-free.res.oracle
@@ -4,6 +4,10 @@
[eva] Initial state computed
[eva:initial-state] Values of globals at initialization
i ∈ [--..--]
+[eva:alarm] tests/builtins/imprecise-malloc-free.c:12: Warning:
+ pointer downcast. assert (unsigned int)(&size1 + i) ≤ 2147483647;
+[eva:alarm] tests/builtins/imprecise-malloc-free.c:13: Warning:
+ pointer downcast. assert (unsigned int)(&size2) ≤ 2147483647;
[eva:alarm] tests/builtins/imprecise-malloc-free.c:13: Warning:
signed overflow. assert -2147483648 ≤ i + (int)((int)(&size2) >> 1);
[eva:alarm] tests/builtins/imprecise-malloc-free.c:13: Warning:
@@ -12,6 +16,8 @@
Assigning imprecise value to size2.
The imprecision originates from Arithmetic
{tests/builtins/imprecise-malloc-free.c:13}
+[eva:alarm] tests/builtins/imprecise-malloc-free.c:14: Warning:
+ pointer downcast. assert (unsigned int)(&i) ≤ 2147483647;
[eva] tests/builtins/imprecise-malloc-free.c:14: Call to builtin malloc
[eva] tests/builtins/imprecise-malloc-free.c:14:
allocating variable __malloc_main_l14
@@ -30,15 +36,25 @@
(origin: Arithmetic {tests/builtins/imprecise-malloc-free.c:19}) }}
[eva:alarm] tests/builtins/imprecise-malloc-free.c:21: Warning:
out of bounds write. assert \valid(p);
+[eva:alarm] tests/builtins/imprecise-malloc-free.c:21: Warning:
+ pointer downcast. assert (unsigned int)(p + 1) ≤ 2147483647;
[eva:alarm] tests/builtins/imprecise-malloc-free.c:22: Warning:
out of bounds write. assert \valid(q);
+[eva:alarm] tests/builtins/imprecise-malloc-free.c:22: Warning:
+ pointer downcast. assert (unsigned int)(q + 2) ≤ 2147483647;
[eva:alarm] tests/builtins/imprecise-malloc-free.c:23: Warning:
out of bounds write. assert \valid(r);
+[eva:alarm] tests/builtins/imprecise-malloc-free.c:23: Warning:
+ pointer downcast. assert (unsigned int)(r + 3) ≤ 2147483647;
+[eva:alarm] tests/builtins/imprecise-malloc-free.c:25: Warning:
+ pointer downcast. assert (unsigned int)p ≤ 2147483647;
[eva] tests/builtins/imprecise-malloc-free.c:25: Call to builtin free
[eva:alarm] tests/builtins/imprecise-malloc-free.c:25: Warning:
function free: precondition 'freeable' got status unknown.
[eva:malloc] tests/builtins/imprecise-malloc-free.c:25:
weak free on bases: {__malloc_main_l14}
+[eva:alarm] tests/builtins/imprecise-malloc-free.c:26: Warning:
+ pointer downcast. assert (unsigned int)r ≤ 2147483647;
[eva] tests/builtins/imprecise-malloc-free.c:26: Call to builtin free
[eva:alarm] tests/builtins/imprecise-malloc-free.c:26: Warning:
function free: precondition 'freeable' got status unknown.
diff --git a/tests/builtins/oracle/imprecise.res.oracle b/tests/builtins/oracle/imprecise.res.oracle
index 35235461d13ed2ecd8659d12fcde6992bb47ce76..f93b938207e84054d6ecd4daf5c6a9740816884a 100644
--- a/tests/builtins/oracle/imprecise.res.oracle
+++ b/tests/builtins/oracle/imprecise.res.oracle
@@ -48,6 +48,8 @@
[eva] Done for function invalid_assigns_imprecise
[eva] computing for function write_garbled <- main.
Called from tests/builtins/imprecise.c:145.
+[eva:alarm] tests/builtins/imprecise.c:19: Warning:
+ pointer downcast. assert (unsigned int)(&k) ≤ 2147483647;
[eva] tests/builtins/imprecise.c:19:
Assigning imprecise value to p.
The imprecision originates from Arithmetic {tests/builtins/imprecise.c:19}
@@ -78,6 +80,8 @@
s1.[bits 0 to ..] ∈ {0} or UNINITIALIZED
s2.[bits 0 to ..] ∈ {0} or UNINITIALIZED
==END OF DUMP==
+[eva:alarm] tests/builtins/imprecise.c:22: Warning:
+ pointer downcast. assert (unsigned int)p ≤ 2147483647;
[eva] Recording results for write_garbled
[from] Computing for function write_garbled
[from] Done for function write_garbled
@@ -105,6 +109,8 @@
cannot evaluate ACSL term, unsupported ACSL construct: logic function memset
[eva:alarm] tests/builtins/imprecise.c:53: Warning:
out of bounds write. assert \valid(p2);
+[eva:alarm] tests/builtins/imprecise.c:53: Warning:
+ pointer downcast. assert (unsigned int)(&addr) ≤ 2147483647;
[eva:alarm] tests/builtins/imprecise.c:56: Warning:
out of bounds write. assert \valid(p4);
[eva:alarm] tests/builtins/imprecise.c:58: Warning:
@@ -117,9 +123,8 @@
[eva] Done for function abstract_structs
[eva] computing for function cast_address <- main.
Called from tests/builtins/imprecise.c:147.
-[eva] tests/builtins/imprecise.c:66:
- Assigning imprecise value to c1.
- The imprecision originates from Arithmetic {tests/builtins/imprecise.c:66}
+[eva:alarm] tests/builtins/imprecise.c:66: Warning:
+ pointer downcast. assert (unsigned int)p ≤ 127;
[eva:alarm] tests/builtins/imprecise.c:68: Warning:
signed overflow. assert -2147483648 ≤ (int)*((char *)(&p)) + 0;
[eva:alarm] tests/builtins/imprecise.c:68: Warning:
@@ -276,9 +281,7 @@
[eva] ====== VALUES COMPUTED ======
[eva:final-states] Values at end of function cast_address:
p ∈ {{ &x }}
- c1 ∈
- {{ garbled mix of &{x}
- (origin: Arithmetic {tests/builtins/imprecise.c:66}) }}
+ c1 ∈ {{ (char)&x }}
c2# ∈ {{ (? *)&x }}%32, bits 0 to 7
c3 ∈
{{ garbled mix of &{x}
@@ -621,6 +624,8 @@
[eva] Done for function invalid_assigns_imprecise
[eva] computing for function write_garbled <- main.
Called from tests/builtins/imprecise.c:145.
+[eva:alarm] tests/builtins/imprecise.c:19: Warning:
+ pointer downcast. assert (unsigned int)(&k) ≤ 2147483647;
[eva:alarm] tests/builtins/imprecise.c:20: Warning:
out of bounds write. assert \valid(p);
[eva] tests/builtins/imprecise.c:21:
@@ -657,6 +662,8 @@
S_0_S_p_gm_null[0..1] ∈ [--..--]
S_1_S_p_gm_null[0..1] ∈ [--..--]
==END OF DUMP==
+[eva:alarm] tests/builtins/imprecise.c:22: Warning:
+ pointer downcast. assert (unsigned int)p ≤ 2147483647;
[eva] Recording results for write_garbled
[from] Computing for function write_garbled
[from] Done for function write_garbled
@@ -678,6 +685,8 @@
[eva] tests/builtins/imprecise.c:51: Call to builtin memset
[eva:alarm] tests/builtins/imprecise.c:53: Warning:
out of bounds write. assert \valid(p2);
+[eva:alarm] tests/builtins/imprecise.c:53: Warning:
+ pointer downcast. assert (unsigned int)(&addr) ≤ 2147483647;
[eva:alarm] tests/builtins/imprecise.c:56: Warning:
out of bounds write. assert \valid(p4);
[eva:alarm] tests/builtins/imprecise.c:58: Warning:
@@ -690,6 +699,8 @@
[eva] Done for function abstract_structs
[eva] computing for function cast_address <- main.
Called from tests/builtins/imprecise.c:147.
+[eva:alarm] tests/builtins/imprecise.c:66: Warning:
+ pointer downcast. assert (unsigned int)p ≤ 127;
[eva:alarm] tests/builtins/imprecise.c:68: Warning:
signed overflow. assert -2147483648 ≤ (int)*((char *)(&p)) + 0;
[eva:alarm] tests/builtins/imprecise.c:68: Warning:
@@ -826,9 +837,7 @@
[eva] ====== VALUES COMPUTED ======
[eva:final-states] Values at end of function cast_address:
p ∈ {{ &x }}
- c1 ∈
- {{ garbled mix of &{x}
- (origin: Arithmetic {tests/builtins/imprecise.c:66}) }}
+ c1 ∈ {{ (char)&x }}
c2# ∈ {{ (? *)&x }}%32, bits 0 to 7
c3 ∈
{{ garbled mix of &{x}
diff --git a/tests/builtins/oracle/malloc.res.oracle b/tests/builtins/oracle/malloc.res.oracle
index ba9de96ef129ce0b44f01becf1eab69d204e5abb..6bfbf908188b5a5853ee19749c30e75bcd07d56f 100644
--- a/tests/builtins/oracle/malloc.res.oracle
+++ b/tests/builtins/oracle/malloc.res.oracle
@@ -3,6 +3,8 @@
Neither code nor specification for function Frama_C_malloc_fresh, generating default assigns from the prototype
[kernel:annot:missing-spec] tests/builtins/malloc.c:8: Warning:
Neither code nor specification for function Frama_C_malloc_by_stack, generating default assigns from the prototype
+[kernel:annot:missing-spec] tests/builtins/malloc.c:8: Warning:
+ Neither code nor specification for function Frama_C_malloc_imprecise, generating default assigns from the prototype
[eva] Analyzing a complete application starting at main
[eva] Computing initial state
[eva] Initial state computed
@@ -32,6 +34,16 @@
Frama_C_show_each: {{ &__malloc_main_l20 + {8} }}
[eva] tests/builtins/malloc.c:27:
Frama_C_show_each: {{ &__malloc_main_l20 + {8} }}
+[eva] tests/builtins/malloc.c:33: Call to builtin Frama_C_malloc_imprecise
+[eva:malloc:imprecise] tests/builtins/malloc.c:33: Warning:
+ allocating a single weak variable for ALL dynamic allocations via malloc/calloc/realloc: __alloc_w_main
+[eva] tests/builtins/malloc.c:33: Call to builtin Frama_C_malloc_imprecise
+[eva:alarm] tests/builtins/malloc.c:34: Warning:
+ out of bounds write. assert \valid(mw);
+[eva] tests/builtins/malloc.c:35: Call to builtin Frama_C_malloc_imprecise
+[eva] tests/builtins/malloc.c:35: Call to builtin Frama_C_malloc_imprecise
+[eva:alarm] tests/builtins/malloc.c:36: Warning:
+ out of bounds write. assert \valid(mw2);
[eva] Recording results for main
[eva] done for function main
[eva] ====== VALUES COMPUTED ======
@@ -41,6 +53,8 @@
p ∈ {{ (int *)&__malloc_main_l19 }}
q ∈ {{ &__malloc_main_l20[0] }}
r ∈ {{ &__malloc_main_l21[0] ; &__malloc_main_l21_0[0] }}
+ mw ∈ {{ (int *)&__alloc_w_main }}
+ mw2 ∈ {{ (int *)&__alloc_w_main }}
__malloc_main_l19[bits 0 to 31] ∈ {1}
[4..7] ∈ UNINITIALIZED
[bits 64 to 95] ∈ {3}
@@ -58,3 +72,5 @@
[1] ∈ UNINITIALIZED
[2] ∈ {3}
[3..24] ∈ UNINITIALIZED
+ __alloc_w_main[bits 0 to 31] ∈ {1; 2} or UNINITIALIZED
+ [4..4294967295] ∈ UNINITIALIZED
diff --git a/tests/builtins/oracle/memchr.res.oracle b/tests/builtins/oracle/memchr.res.oracle
index 228d7406ba2bb1a8b76ab084431e8a9005743923..4fbe20f941e39805a6270ea36816a8f5df791524 100644
--- a/tests/builtins/oracle/memchr.res.oracle
+++ b/tests/builtins/oracle/memchr.res.oracle
@@ -477,6 +477,8 @@
[eva] Done for function memchr_bitfields2
[eva] computing for function memchr_escaping <- main.
Called from tests/builtins/memchr.c:662.
+[eva:alarm] tests/builtins/memchr.c:264: Warning:
+ pointer downcast. assert (unsigned int)(&x) ≤ 2147483647;
[eva:locals-escaping] tests/builtins/memchr.c:264: Warning:
locals {x} escaping the scope of a block of memchr_escaping through s
[eva] tests/builtins/memchr.c:267: Call to builtin memchr
diff --git a/tests/builtins/oracle/memcpy.res.oracle b/tests/builtins/oracle/memcpy.res.oracle
index 8e73401933cf18244067ab5c84f7b50c269d724f..dd7e4c0161be1efb85073436c242f28b540cb3b0 100644
--- a/tests/builtins/oracle/memcpy.res.oracle
+++ b/tests/builtins/oracle/memcpy.res.oracle
@@ -128,6 +128,8 @@
function memcpy: precondition 'valid_src' got status valid.
[eva] tests/builtins/memcpy.c:85:
function memcpy: precondition 'separation' got status valid.
+[eva:alarm] tests/builtins/memcpy.c:87: Warning:
+ pointer downcast. assert (unsigned int)((struct t1 *)t) ≤ 2147483647;
[eva] tests/builtins/memcpy.c:87: Call to builtin memcpy
[eva] tests/builtins/memcpy.c:87:
function memcpy: precondition 'valid_dest' got status valid.
@@ -135,6 +137,8 @@
function memcpy: precondition 'valid_src' got status unknown.
[eva] tests/builtins/memcpy.c:87:
function memcpy: precondition 'separation' got status valid.
+[eva:alarm] tests/builtins/memcpy.c:89: Warning:
+ pointer downcast. assert (unsigned int)(&v4) ≤ 2147483647;
[eva] tests/builtins/memcpy.c:89: Call to builtin memcpy
[eva:alarm] tests/builtins/memcpy.c:89: Warning:
function memcpy: precondition 'valid_dest' got status unknown.
@@ -145,6 +149,10 @@
[kernel] tests/builtins/memcpy.c:89:
writing somewhere in {NULL; v4} because of Arithmetic
{tests/builtins/memcpy.c:89}.
+[eva:alarm] tests/builtins/memcpy.c:90: Warning:
+ pointer downcast. assert (unsigned int)((struct t1 *)t) ≤ 2147483647;
+[eva:alarm] tests/builtins/memcpy.c:91: Warning:
+ pointer downcast. assert (unsigned int)(&v5) ≤ 2147483647;
[eva] tests/builtins/memcpy.c:91: Call to builtin memcpy
[eva:alarm] tests/builtins/memcpy.c:91: Warning:
function memcpy: precondition 'valid_dest' got status unknown.
@@ -452,6 +460,7 @@
[from] Non-terminating function main_all (no dependencies)
[from] Done for function main_all
[eva] done for function main_all
+[scope:rm_asserts] removing 1 assertion(s)
[eva] ====== VALUES COMPUTED ======
[eva:final-states] Values at end of function init:
src[0] ∈ {1}
@@ -1309,6 +1318,19 @@
[ Valid ] Behavior 'not_found'
by Frama-C kernel.
+--------------------------------------------------------------------------------
+--- Properties of Function 'strchrnul'
+--------------------------------------------------------------------------------
+
+[ Extern ] Post-condition 'result_same_base'
+ Unverifiable but considered Valid.
+[ Extern ] Assigns nothing
+ Unverifiable but considered Valid.
+[ Extern ] Froms (file share/libc/string.h, line 176)
+ Unverifiable but considered Valid.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
--------------------------------------------------------------------------------
--- Properties of Function 'strrchr'
--------------------------------------------------------------------------------
@@ -1325,7 +1347,7 @@
Unverifiable but considered Valid.
[ Extern ] Assigns nothing
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/string.h, line 176)
+[ Extern ] Froms (file share/libc/string.h, line 182)
Unverifiable but considered Valid.
[ Valid ] Behavior 'default'
by Frama-C kernel.
@@ -1344,7 +1366,7 @@
Unverifiable but considered Valid.
[ Extern ] Assigns nothing
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/string.h, line 193)
+[ Extern ] Froms (file share/libc/string.h, line 199)
Unverifiable but considered Valid.
[ Valid ] Default behavior
by Frama-C kernel.
@@ -1355,11 +1377,11 @@
[ Extern ] Post-condition 'result_bounded'
Unverifiable but considered Valid.
-[ Extern ] Assigns (file share/libc/string.h, line 200)
+[ Extern ] Assigns (file share/libc/string.h, line 206)
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/string.h, line 200)
+[ Extern ] Froms (file share/libc/string.h, line 206)
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/string.h, line 201)
+[ Extern ] Froms (file share/libc/string.h, line 207)
Unverifiable but considered Valid.
[ Valid ] Default behavior
by Frama-C kernel.
@@ -1372,7 +1394,7 @@
Unverifiable but considered Valid.
[ Extern ] Assigns nothing
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/string.h, line 208)
+[ Extern ] Froms (file share/libc/string.h, line 214)
Unverifiable but considered Valid.
[ Valid ] Default behavior
by Frama-C kernel.
@@ -1385,7 +1407,7 @@
Unverifiable but considered Valid.
[ Extern ] Assigns nothing
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/string.h, line 216)
+[ Extern ] Froms (file share/libc/string.h, line 222)
Unverifiable but considered Valid.
[ Valid ] Default behavior
by Frama-C kernel.
@@ -1398,7 +1420,7 @@
Unverifiable but considered Valid.
[ Extern ] Assigns nothing
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/string.h, line 227)
+[ Extern ] Froms (file share/libc/string.h, line 233)
Unverifiable but considered Valid.
[ Valid ] Default behavior
by Frama-C kernel.
@@ -1415,31 +1437,31 @@
Unverifiable but considered Valid.
[ Extern ] Post-condition for 'resume_str' 'ptr_subset'
Unverifiable but considered Valid.
-[ Extern ] Assigns (file share/libc/string.h, line 240)
+[ Extern ] Assigns (file share/libc/string.h, line 246)
Unverifiable but considered Valid.
-[ Extern ] Assigns for 'new_str' (file share/libc/string.h, line 255)
+[ Extern ] Assigns for 'new_str' (file share/libc/string.h, line 261)
Unverifiable but considered Valid.
-[ Extern ] Assigns for 'resume_str' (file share/libc/string.h, line 263)
+[ Extern ] Assigns for 'resume_str' (file share/libc/string.h, line 269)
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/string.h, line 240)
+[ Extern ] Froms (file share/libc/string.h, line 246)
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/string.h, line 242)
+[ Extern ] Froms (file share/libc/string.h, line 248)
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/string.h, line 244)
+[ Extern ] Froms (file share/libc/string.h, line 250)
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/string.h, line 246)
+[ Extern ] Froms (file share/libc/string.h, line 252)
Unverifiable but considered Valid.
-[ Extern ] Froms for 'new_str' (file share/libc/string.h, line 255)
+[ Extern ] Froms for 'new_str' (file share/libc/string.h, line 261)
Unverifiable but considered Valid.
-[ Extern ] Froms for 'new_str' (file share/libc/string.h, line 256)
+[ Extern ] Froms for 'new_str' (file share/libc/string.h, line 262)
Unverifiable but considered Valid.
-[ Extern ] Froms for 'new_str' (file share/libc/string.h, line 257)
+[ Extern ] Froms for 'new_str' (file share/libc/string.h, line 263)
Unverifiable but considered Valid.
-[ Extern ] Froms for 'resume_str' (file share/libc/string.h, line 263)
+[ Extern ] Froms for 'resume_str' (file share/libc/string.h, line 269)
Unverifiable but considered Valid.
-[ Extern ] Froms for 'resume_str' (file share/libc/string.h, line 266)
+[ Extern ] Froms for 'resume_str' (file share/libc/string.h, line 272)
Unverifiable but considered Valid.
-[ Extern ] Froms for 'resume_str' (file share/libc/string.h, line 269)
+[ Extern ] Froms for 'resume_str' (file share/libc/string.h, line 275)
Unverifiable but considered Valid.
[ Valid ] Default behavior
by Frama-C kernel.
@@ -1462,31 +1484,31 @@
Unverifiable but considered Valid.
[ Extern ] Post-condition for 'resume_str' 'saveptr_subset'
Unverifiable but considered Valid.
-[ Extern ] Assigns (file share/libc/string.h, line 282)
+[ Extern ] Assigns (file share/libc/string.h, line 288)
Unverifiable but considered Valid.
-[ Extern ] Assigns for 'new_str' (file share/libc/string.h, line 297)
+[ Extern ] Assigns for 'new_str' (file share/libc/string.h, line 303)
Unverifiable but considered Valid.
-[ Extern ] Assigns for 'resume_str' (file share/libc/string.h, line 307)
+[ Extern ] Assigns for 'resume_str' (file share/libc/string.h, line 313)
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/string.h, line 282)
+[ Extern ] Froms (file share/libc/string.h, line 288)
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/string.h, line 284)
+[ Extern ] Froms (file share/libc/string.h, line 290)
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/string.h, line 286)
+[ Extern ] Froms (file share/libc/string.h, line 292)
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/string.h, line 288)
+[ Extern ] Froms (file share/libc/string.h, line 294)
Unverifiable but considered Valid.
-[ Extern ] Froms for 'new_str' (file share/libc/string.h, line 297)
+[ Extern ] Froms for 'new_str' (file share/libc/string.h, line 303)
Unverifiable but considered Valid.
-[ Extern ] Froms for 'new_str' (file share/libc/string.h, line 298)
+[ Extern ] Froms for 'new_str' (file share/libc/string.h, line 304)
Unverifiable but considered Valid.
-[ Extern ] Froms for 'new_str' (file share/libc/string.h, line 299)
+[ Extern ] Froms for 'new_str' (file share/libc/string.h, line 305)
Unverifiable but considered Valid.
-[ Extern ] Froms for 'resume_str' (file share/libc/string.h, line 307)
+[ Extern ] Froms for 'resume_str' (file share/libc/string.h, line 313)
Unverifiable but considered Valid.
-[ Extern ] Froms for 'resume_str' (file share/libc/string.h, line 310)
+[ Extern ] Froms for 'resume_str' (file share/libc/string.h, line 316)
Unverifiable but considered Valid.
-[ Extern ] Froms for 'resume_str' (file share/libc/string.h, line 313)
+[ Extern ] Froms for 'resume_str' (file share/libc/string.h, line 319)
Unverifiable but considered Valid.
[ Valid ] Default behavior
by Frama-C kernel.
@@ -1499,11 +1521,11 @@
--- Properties of Function 'strsep'
--------------------------------------------------------------------------------
-[ Extern ] Assigns (file share/libc/string.h, line 325)
+[ Extern ] Assigns (file share/libc/string.h, line 331)
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/string.h, line 325)
+[ Extern ] Froms (file share/libc/string.h, line 331)
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/string.h, line 326)
+[ Extern ] Froms (file share/libc/string.h, line 332)
Unverifiable but considered Valid.
[ Valid ] Default behavior
by Frama-C kernel.
@@ -1520,7 +1542,7 @@
Unverifiable but considered Valid.
[ Extern ] Assigns nothing
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/string.h, line 336)
+[ Extern ] Froms (file share/libc/string.h, line 342)
Unverifiable but considered Valid.
[ Valid ] Default behavior
by Frama-C kernel.
@@ -1533,11 +1555,11 @@
Unverifiable but considered Valid.
[ Extern ] Post-condition 'result_ptr'
Unverifiable but considered Valid.
-[ Extern ] Assigns (file share/libc/string.h, line 349)
+[ Extern ] Assigns (file share/libc/string.h, line 355)
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/string.h, line 349)
+[ Extern ] Froms (file share/libc/string.h, line 355)
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/string.h, line 350)
+[ Extern ] Froms (file share/libc/string.h, line 356)
Unverifiable but considered Valid.
[ Valid ] Default behavior
by Frama-C kernel.
@@ -1554,11 +1576,11 @@
Unverifiable but considered Valid.
[ Extern ] Post-condition for 'partial' 'equal_prefix'
Unverifiable but considered Valid.
-[ Extern ] Assigns (file share/libc/string.h, line 361)
+[ Extern ] Assigns (file share/libc/string.h, line 367)
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/string.h, line 361)
+[ Extern ] Froms (file share/libc/string.h, line 367)
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/string.h, line 362)
+[ Extern ] Froms (file share/libc/string.h, line 368)
Unverifiable but considered Valid.
[ Valid ] Behavior 'complete'
by Frama-C kernel.
@@ -1575,11 +1597,11 @@
Unverifiable but considered Valid.
[ Extern ] Post-condition 'bounded_result'
Unverifiable but considered Valid.
-[ Extern ] Assigns (file share/libc/string.h, line 382)
+[ Extern ] Assigns (file share/libc/string.h, line 388)
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/string.h, line 382)
+[ Extern ] Froms (file share/libc/string.h, line 388)
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/string.h, line 383)
+[ Extern ] Froms (file share/libc/string.h, line 389)
Unverifiable but considered Valid.
[ Valid ] Default behavior
by Frama-C kernel.
@@ -1592,11 +1614,11 @@
Unverifiable but considered Valid.
[ Extern ] Post-condition 'points_to_end'
Unverifiable but considered Valid.
-[ Extern ] Assigns (file share/libc/string.h, line 394)
+[ Extern ] Assigns (file share/libc/string.h, line 400)
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/string.h, line 394)
+[ Extern ] Froms (file share/libc/string.h, line 400)
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/string.h, line 395)
+[ Extern ] Froms (file share/libc/string.h, line 401)
Unverifiable but considered Valid.
[ Valid ] Default behavior
by Frama-C kernel.
@@ -1613,11 +1635,11 @@
Unverifiable but considered Valid.
[ Extern ] Post-condition 'result_ptr'
Unverifiable but considered Valid.
-[ Extern ] Assigns (file share/libc/string.h, line 405)
+[ Extern ] Assigns (file share/libc/string.h, line 411)
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/string.h, line 405)
+[ Extern ] Froms (file share/libc/string.h, line 411)
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/string.h, line 408)
+[ Extern ] Froms (file share/libc/string.h, line 414)
Unverifiable but considered Valid.
[ Valid ] Default behavior
by Frama-C kernel.
@@ -1632,23 +1654,23 @@
Unverifiable but considered Valid.
[ Extern ] Post-condition for 'partial' 'sum_of_bounded_lengths'
Unverifiable but considered Valid.
-[ Extern ] Assigns for 'complete' (file share/libc/string.h, line 425)
+[ Extern ] Assigns for 'complete' (file share/libc/string.h, line 431)
Unverifiable but considered Valid.
-[ Extern ] Assigns (file share/libc/string.h, line 419)
+[ Extern ] Assigns (file share/libc/string.h, line 425)
Unverifiable but considered Valid.
-[ Extern ] Assigns for 'partial' (file share/libc/string.h, line 433)
+[ Extern ] Assigns for 'partial' (file share/libc/string.h, line 439)
Unverifiable but considered Valid.
-[ Extern ] Froms for 'complete' (file share/libc/string.h, line 425)
+[ Extern ] Froms for 'complete' (file share/libc/string.h, line 431)
Unverifiable but considered Valid.
-[ Extern ] Froms for 'complete' (file share/libc/string.h, line 427)
+[ Extern ] Froms for 'complete' (file share/libc/string.h, line 433)
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/string.h, line 419)
+[ Extern ] Froms (file share/libc/string.h, line 425)
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/string.h, line 420)
+[ Extern ] Froms (file share/libc/string.h, line 426)
Unverifiable but considered Valid.
-[ Extern ] Froms for 'partial' (file share/libc/string.h, line 433)
+[ Extern ] Froms for 'partial' (file share/libc/string.h, line 439)
Unverifiable but considered Valid.
-[ Extern ] Froms for 'partial' (file share/libc/string.h, line 435)
+[ Extern ] Froms for 'partial' (file share/libc/string.h, line 441)
Unverifiable but considered Valid.
[ Valid ] Behavior 'complete'
by Frama-C kernel.
@@ -1663,11 +1685,11 @@
[ Extern ] Post-condition 'bounded_result'
Unverifiable but considered Valid.
-[ Extern ] Assigns (file share/libc/string.h, line 445)
+[ Extern ] Assigns (file share/libc/string.h, line 451)
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/string.h, line 445)
+[ Extern ] Froms (file share/libc/string.h, line 451)
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/string.h, line 446)
+[ Extern ] Froms (file share/libc/string.h, line 452)
Unverifiable but considered Valid.
[ Valid ] Default behavior
by Frama-C kernel.
@@ -1676,11 +1698,11 @@
--- Properties of Function 'strxfrm'
--------------------------------------------------------------------------------
-[ Extern ] Assigns (file share/libc/string.h, line 454)
+[ Extern ] Assigns (file share/libc/string.h, line 460)
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/string.h, line 454)
+[ Extern ] Froms (file share/libc/string.h, line 460)
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/string.h, line 455)
+[ Extern ] Froms (file share/libc/string.h, line 461)
Unverifiable but considered Valid.
[ Valid ] Default behavior
by Frama-C kernel.
@@ -1695,19 +1717,19 @@
Unverifiable but considered Valid.
[ Extern ] Post-condition for 'no_allocation' 'result_null'
Unverifiable but considered Valid.
-[ Extern ] Assigns for 'allocation' (file share/libc/string.h, line 467)
+[ Extern ] Assigns for 'allocation' (file share/libc/string.h, line 473)
Unverifiable but considered Valid.
[ Extern ] Assigns nothing
Unverifiable but considered Valid.
[ Extern ] Assigns for 'no_allocation' nothing
Unverifiable but considered Valid.
-[ Extern ] Froms for 'allocation' (file share/libc/string.h, line 467)
+[ Extern ] Froms for 'allocation' (file share/libc/string.h, line 473)
Unverifiable but considered Valid.
-[ Extern ] Froms for 'allocation' (file share/libc/string.h, line 468)
+[ Extern ] Froms for 'allocation' (file share/libc/string.h, line 474)
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/string.h, line 464)
+[ Extern ] Froms (file share/libc/string.h, line 470)
Unverifiable but considered Valid.
-[ Extern ] Froms for 'no_allocation' (file share/libc/string.h, line 474)
+[ Extern ] Froms for 'no_allocation' (file share/libc/string.h, line 480)
Unverifiable but considered Valid.
[ Valid ] Behavior 'allocation'
by Frama-C kernel.
@@ -1715,7 +1737,7 @@
by Frama-C kernel.
[ Valid ] Behavior 'no_allocation'
by Frama-C kernel.
-[ Extern ] Frees/Allocates nothing/(file share/libc/string.h, line 463)
+[ Extern ] Frees/Allocates nothing/(file share/libc/string.h, line 469)
Unverifiable but considered Valid.
[ Extern ] Frees/Allocates for 'no_allocation' nothing/nothing
Unverifiable but considered Valid.
@@ -1730,19 +1752,19 @@
Unverifiable but considered Valid.
[ Extern ] Post-condition for 'no_allocation' 'result_null'
Unverifiable but considered Valid.
-[ Extern ] Assigns for 'allocation' (file share/libc/string.h, line 486)
+[ Extern ] Assigns for 'allocation' (file share/libc/string.h, line 492)
Unverifiable but considered Valid.
[ Extern ] Assigns nothing
Unverifiable but considered Valid.
[ Extern ] Assigns for 'no_allocation' nothing
Unverifiable but considered Valid.
-[ Extern ] Froms for 'allocation' (file share/libc/string.h, line 486)
+[ Extern ] Froms for 'allocation' (file share/libc/string.h, line 492)
Unverifiable but considered Valid.
-[ Extern ] Froms for 'allocation' (file share/libc/string.h, line 487)
+[ Extern ] Froms for 'allocation' (file share/libc/string.h, line 493)
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/string.h, line 482)
+[ Extern ] Froms (file share/libc/string.h, line 488)
Unverifiable but considered Valid.
-[ Extern ] Froms for 'no_allocation' (file share/libc/string.h, line 496)
+[ Extern ] Froms for 'no_allocation' (file share/libc/string.h, line 502)
Unverifiable but considered Valid.
[ Valid ] Behavior 'allocation'
by Frama-C kernel.
@@ -1750,7 +1772,7 @@
by Frama-C kernel.
[ Valid ] Behavior 'no_allocation'
by Frama-C kernel.
-[ Extern ] Frees/Allocates nothing/(file share/libc/string.h, line 481)
+[ Extern ] Frees/Allocates nothing/(file share/libc/string.h, line 487)
Unverifiable but considered Valid.
[ Extern ] Frees/Allocates for 'no_allocation' nothing/nothing
Unverifiable but considered Valid.
@@ -1767,7 +1789,7 @@
Unverifiable but considered Valid.
[ Extern ] Assigns nothing
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/string.h, line 512)
+[ Extern ] Froms (file share/libc/string.h, line 518)
Unverifiable but considered Valid.
[ Valid ] Default behavior
by Frama-C kernel.
@@ -1871,6 +1893,15 @@
tried with Eva.
[ - ] Assertion (file tests/builtins/memcpy.c, line 152)
tried with Eva.
+[ - ] Assertion 'Eva,pointer_downcast' (file tests/builtins/memcpy.c, line 87)
+ tried with Eva.
+[ - ] Assertion 'Eva,pointer_downcast' (file tests/builtins/memcpy.c, line 89)
+ tried with Eva.
+[ Partial ] Assertion 'Eva,pointer_downcast' (file tests/builtins/memcpy.c, line 90)
+ By RedundantAlarms, with pending:
+ - Assertion 'Eva,pointer_downcast' (file tests/builtins/memcpy.c, line 87)
+[ - ] Assertion 'Eva,pointer_downcast' (file tests/builtins/memcpy.c, line 91)
+ tried with Eva.
[ Valid ] Instance of 'Pre-condition 'valid_dest'' at call 'memcpy' (file tests/builtins/memcpy.c, line 68)
by Eva.
@@ -2220,9 +2251,10 @@
--------------------------------------------------------------------------------
--- Status Report Summary
--------------------------------------------------------------------------------
- 162 Completely validated
- 239 Considered valid
- 29 To be validated
+ 163 Completely validated
+ 1 Locally validated
+ 242 Considered valid
+ 32 To be validated
4 Alarms emitted
- 434 Total
+ 442 Total
--------------------------------------------------------------------------------
diff --git a/tests/builtins/oracle/memset.res.oracle b/tests/builtins/oracle/memset.res.oracle
index c53d0987526cc622b257198546a75defbd30cf08..e2c146788658bd30ae5e489e1134b1800830daf9 100644
--- a/tests/builtins/oracle/memset.res.oracle
+++ b/tests/builtins/oracle/memset.res.oracle
@@ -25,6 +25,8 @@
function memset: precondition 'valid_s' got status valid.
[eva] share/libc/string.h:118:
cannot evaluate ACSL term, unsupported ACSL construct: logic function memset
+[eva:alarm] tests/builtins/memset.c:34: Warning:
+ pointer downcast. assert (unsigned int)((int *)t2) ≤ 2147483647;
[eva] tests/builtins/memset.c:34: Call to builtin memset
[eva:alarm] tests/builtins/memset.c:34: Warning:
function memset: precondition 'valid_s' got status unknown.
@@ -42,6 +44,8 @@
[eva] tests/builtins/memset.c:38: Call to builtin memset
[eva:alarm] tests/builtins/memset.c:38: Warning:
function memset: precondition 'valid_s' got status invalid.
+[eva:alarm] tests/builtins/memset.c:41: Warning:
+ pointer downcast. assert (unsigned int)((int *)t1) ≤ 2147483647;
[eva] tests/builtins/memset.c:41: Call to builtin memset
[eva] tests/builtins/memset.c:41:
function memset: precondition 'valid_s' got status valid.
diff --git a/tests/builtins/oracle/realloc_imprecise.res.oracle b/tests/builtins/oracle/realloc_imprecise.res.oracle
new file mode 100644
index 0000000000000000000000000000000000000000..346a55355c0f64cf362f127e98845f8691bee8b6
--- /dev/null
+++ b/tests/builtins/oracle/realloc_imprecise.res.oracle
@@ -0,0 +1,65 @@
+[kernel] Parsing tests/builtins/realloc_imprecise.c (with preprocessing)
+[eva] Analyzing a complete application starting at main
+[eva] Computing initial state
+[eva] Initial state computed
+[eva:initial-state] Values of globals at initialization
+ v ∈ [--..--]
+[eva] tests/builtins/realloc_imprecise.c:10:
+ Call to builtin Frama_C_malloc_imprecise for function malloc
+[eva:malloc:imprecise] tests/builtins/realloc_imprecise.c:10: Warning:
+ allocating a single weak variable for ALL dynamic allocations via malloc/calloc/realloc: __alloc_w_main
+[eva:alarm] tests/builtins/realloc_imprecise.c:11: Warning:
+ out of bounds write. assert \valid(p);
+[eva] tests/builtins/realloc_imprecise.c:13:
+ Call to builtin Frama_C_realloc_imprecise for function realloc
+[eva] tests/builtins/realloc_imprecise.c:13:
+ function realloc: precondition 'freeable' got status valid.
+[eva:malloc] tests/builtins/realloc_imprecise.c:13:
+ weak free on bases: {__alloc_w_main}
+[eva] tests/builtins/realloc_imprecise.c:15:
+ Call to builtin Frama_C_realloc_imprecise for function realloc
+[eva] tests/builtins/realloc_imprecise.c:15:
+ function realloc: precondition 'freeable' got status valid.
+[eva:malloc] tests/builtins/realloc_imprecise.c:15:
+ weak free on bases: {__alloc_w_main}
+[eva] tests/builtins/realloc_imprecise.c:16: Call to builtin free
+[eva] tests/builtins/realloc_imprecise.c:16:
+ function free: precondition 'freeable' got status valid.
+[eva:malloc] tests/builtins/realloc_imprecise.c:16:
+ weak free on bases: {__alloc_w_main}
+[eva] Recording results for main
+[eva] done for function main
+[eva] ====== VALUES COMPUTED ======
+[eva:final-states] Values at end of function main:
+ __fc_heap_status ∈ [--..--]
+ p ∈ {{ (int *)&__alloc_w_main }} or ESCAPINGADDR
+ pp ∈ {{ (int *)&__alloc_w_main }} or ESCAPINGADDR
+ q ∈ {{ (int *)&__alloc_w_main }} or ESCAPINGADDR
+ __alloc_w_main[bits 0 to 31] ∈ {17} or UNINITIALIZED
+ [4..4294967295] ∈ UNINITIALIZED
+[from] Computing for function main
+[from] Computing for function malloc <-main
+[from] Done for function malloc
+[from] Computing for function realloc <-main
+[from] Done for function realloc
+[from] Computing for function free <-main
+[from] Done for function free
+[from] Done for function main
+[from] ====== DEPENDENCIES COMPUTED ======
+ These dependencies hold at termination for the executions that terminate:
+[from] Function free:
+ __fc_heap_status FROM __fc_heap_status (and SELF)
+[from] Function malloc:
+ __fc_heap_status FROM __fc_heap_status; size (and SELF)
+ \result FROM __fc_heap_status; size
+[from] Function realloc:
+ __fc_heap_status FROM __fc_heap_status (and SELF)
+ \result FROM __fc_heap_status; ptr; size
+[from] Function main:
+ __fc_heap_status FROM __fc_heap_status; v (and SELF)
+ __alloc_w_main[0..3] FROM __fc_heap_status (and SELF)
+[from] ====== END OF DEPENDENCIES ======
+[inout] Out (internal) for function main:
+ __fc_heap_status; p; pp; q; r; __alloc_w_main[0..3]
+[inout] Inputs for function main:
+ __fc_heap_status; v
diff --git a/tests/builtins/oracle/strchr.res.oracle b/tests/builtins/oracle/strchr.res.oracle
index 8a69adef2398b5bbf8d7160b7d1a3e684b8d0e90..21fd920919affc8afd1710f3d43042b975c924b3 100644
--- a/tests/builtins/oracle/strchr.res.oracle
+++ b/tests/builtins/oracle/strchr.res.oracle
@@ -316,6 +316,8 @@
[eva] Done for function strchr_bitfields2
[eva] computing for function strchr_escaping <- main.
Called from tests/builtins/strchr.c:556.
+[eva:alarm] tests/builtins/strchr.c:258: Warning:
+ pointer downcast. assert (unsigned int)(&x) ≤ 2147483647;
[eva:locals-escaping] tests/builtins/strchr.c:258: Warning:
locals {x} escaping the scope of a block of strchr_escaping through s
[eva] tests/builtins/strchr.c:261: Call to builtin strchr
@@ -669,9 +671,13 @@
[eva] Done for function strchr_invalid
[eva] computing for function strchr_garbled_mix_in_char <- main.
Called from tests/builtins/strchr.c:562.
+[eva:alarm] tests/builtins/strchr.c:541: Warning:
+ pointer downcast. assert (unsigned int)(&x) ≤ 2147483647;
[eva] tests/builtins/strchr.c:541:
Assigning imprecise value to garbled.
The imprecision originates from Arithmetic {tests/builtins/strchr.c:541}
+[eva:alarm] tests/builtins/strchr.c:542: Warning:
+ pointer downcast. assert (unsigned int)garbled ≤ 2147483647;
[eva] tests/builtins/strchr.c:542: Call to builtin strchr
[eva:alarm] tests/builtins/strchr.c:542: Warning:
function strchr: precondition 'valid_string_s' got status invalid.
diff --git a/tests/builtins/oracle/strlen.res.oracle b/tests/builtins/oracle/strlen.res.oracle
index 7d20e2bba7eacaab18db9c9debc5ceeb2f032fbe..dcc09a3de5d1cf947b9d8f050733884324be3c76 100644
--- a/tests/builtins/oracle/strlen.res.oracle
+++ b/tests/builtins/oracle/strlen.res.oracle
@@ -261,6 +261,8 @@
[eva] Done for function bitfields2
[eva] computing for function escaping <- main.
Called from tests/builtins/strlen.c:342.
+[eva:alarm] tests/builtins/strlen.c:222: Warning:
+ pointer downcast. assert (unsigned int)(&x) ≤ 2147483647;
[eva:locals-escaping] tests/builtins/strlen.c:222: Warning:
locals {x} escaping the scope of a block of escaping through s
[eva] tests/builtins/strlen.c:225: Call to builtin strlen
diff --git a/tests/builtins/oracle/strnlen2.res.oracle b/tests/builtins/oracle/strnlen2.res.oracle
index 903c30f5d3a4cffb4f6aae6f5439d141e2fed5a3..392940b6cb6e3312cb5941f61892dfa13cb007c0 100644
--- a/tests/builtins/oracle/strnlen2.res.oracle
+++ b/tests/builtins/oracle/strnlen2.res.oracle
@@ -261,6 +261,8 @@
[eva] Done for function bitfields2
[eva] computing for function escaping <- main.
Called from tests/builtins/strnlen2.c:522.
+[eva:alarm] tests/builtins/strnlen2.c:196: Warning:
+ pointer downcast. assert (unsigned int)(&x) ≤ 2147483647;
[eva:locals-escaping] tests/builtins/strnlen2.c:196: Warning:
locals {x} escaping the scope of a block of escaping through s
[eva] tests/builtins/strnlen2.c:199: Call to builtin strnlen
diff --git a/tests/builtins/oracle/wcslen.res.oracle b/tests/builtins/oracle/wcslen.res.oracle
index f5a97cc85744af051d76551bd0250596ac7f074f..784bf02c5cf4f24b9aa67db81b8cf442ed7c0e06 100644
--- a/tests/builtins/oracle/wcslen.res.oracle
+++ b/tests/builtins/oracle/wcslen.res.oracle
@@ -261,6 +261,14 @@
[eva] Done for function bitfields2
[eva] computing for function escaping <- main.
Called from tests/builtins/wcslen.c:347.
+[eva:alarm] tests/builtins/wcslen.c:222: Warning:
+ pointer downcast. assert (unsigned int)(&x) ≤ 2147483647;
+[eva:alarm] tests/builtins/wcslen.c:222: Warning:
+ pointer downcast. assert (unsigned int)(&x) ≤ 2147483647;
+[eva:alarm] tests/builtins/wcslen.c:222: Warning:
+ pointer downcast. assert (unsigned int)(&x) ≤ 2147483647;
+[eva:alarm] tests/builtins/wcslen.c:222: Warning:
+ pointer downcast. assert (unsigned int)(&x) ≤ 2147483647;
[eva:locals-escaping] tests/builtins/wcslen.c:222: Warning:
locals {x} escaping the scope of a block of escaping through s
[eva] tests/builtins/wcslen.c:225: Call to builtin wcslen
@@ -358,6 +366,7 @@
[eva] Done for function negative_offsets
[eva] Recording results for main
[eva] done for function main
+[scope:rm_asserts] removing 3 assertion(s)
[eva] ====== VALUES COMPUTED ======
[eva:final-states] Values at end of function init_array_nondet:
from ∈ {-1}
diff --git a/tests/builtins/realloc_imprecise.c b/tests/builtins/realloc_imprecise.c
new file mode 100644
index 0000000000000000000000000000000000000000..bd9e002b64b2fc82554c3578f90877ee93a1fa45
--- /dev/null
+++ b/tests/builtins/realloc_imprecise.c
@@ -0,0 +1,18 @@
+/* run.config*
+ STDOPT: +"-eva-builtin malloc:Frama_C_malloc_imprecise,realloc:Frama_C_realloc_imprecise"
+*/
+
+#include <stdlib.h>
+
+volatile int v;
+
+void main() {
+ int *p = malloc(sizeof(int));
+ *p = 17;
+ int *pp = p;
+ int *q = realloc(p, 2 * sizeof(int));
+ if (v) {
+ int *r = realloc(q, sizeof(int));
+ free(r);
+ }
+}
diff --git a/tests/cil/Change_formals.ml b/tests/cil/Change_formals.ml
index 218b1e4fe20738de2d78f263d42923f624863e3f..c311efe0728a4444f2451e7db30ddba4ee6c96e9 100644
--- a/tests/cil/Change_formals.ml
+++ b/tests/cil/Change_formals.ml
@@ -40,7 +40,7 @@ class transform prj = object(_self)
typ, Some (vtype @ [ "ok", Cil.intType, [] ]),
varity, attr)
in
- vi.vtype <- new_fun_typ;
+ Cil.update_var_type vi new_fun_typ;
Project.on
prj
(fun () -> Cil.setFormalsDecl vi new_fun_typ;) ();
diff --git a/tests/cil/ghost_cfg.c b/tests/cil/ghost_cfg.c
index c65e13840a6b613def9b85585b6a25b8e05c076b..15c916efa382d7875e227e39535ef8d6b8201d4d 100644
--- a/tests/cil/ghost_cfg.c
+++ b/tests/cil/ghost_cfg.c
@@ -89,7 +89,7 @@ int ghost_goto_ghost(){
//@ ghost goto X ; // reaches return without executing "x = 2"
x = 2;
- //@ ghost X:
+ //@ ghost X:;
return 0;
}
@@ -154,7 +154,7 @@ int main(){
int x = 4 ;
- //@ ghost X:
+ //@ ghost X:;
x = 2 ;
}
diff --git a/tests/float/oracle/alarms.0.res.oracle b/tests/float/oracle/alarms.0.res.oracle
index 9cc4fd7b226e6f9d01374c4a2e35ca0abb4daf25..27b0de1e56c15f5a8d1abf36a81c6fa15903de14 100644
--- a/tests/float/oracle/alarms.0.res.oracle
+++ b/tests/float/oracle/alarms.0.res.oracle
@@ -71,17 +71,21 @@
[eva] computing for function main2 <- main.
Called from tests/float/alarms.i:71.
[eva:alarm] tests/float/alarms.i:38: Warning:
- non-finite double value. assert \is_finite((double)(1. / 0.));
+ non-finite double value.
+ assert \is_finite(\div_double((double)1., (double)0.));
[eva:alarm] tests/float/alarms.i:39: Warning:
- non-finite double value. assert \is_finite((double)(0. / 0.));
+ non-finite double value.
+ assert \is_finite(\div_double((double)0., (double)0.));
[eva] tests/float/alarms.i:41: assertion got status valid.
[eva] tests/float/alarms.i:42: assertion got status valid.
[eva] tests/float/alarms.i:43: assertion got status valid.
[eva] tests/float/alarms.i:44: assertion got status valid.
[eva:alarm] tests/float/alarms.i:46: Warning:
- non-finite double value. assert \is_finite((double)(1. / 0.));
+ non-finite double value.
+ assert \is_finite(\div_double((double)1., (double)0.));
[eva:alarm] tests/float/alarms.i:50: Warning:
- non-finite double value. assert \is_finite((double)(0. / 0.));
+ non-finite double value.
+ assert \is_finite(\div_double((double)0., (double)0.));
[eva] Recording results for main2
[eva] Done for function main2
[eva] computing for function main3 <- main.
diff --git a/tests/float/oracle/alarms.1.res.oracle b/tests/float/oracle/alarms.1.res.oracle
index 6fe539d768879d442082f6ce346e5b3180b05dcb..0aa572dcab50325f861c33dfaf8bb25391255d73 100644
--- a/tests/float/oracle/alarms.1.res.oracle
+++ b/tests/float/oracle/alarms.1.res.oracle
@@ -71,14 +71,14 @@
[eva] computing for function main2 <- main.
Called from tests/float/alarms.i:71.
[eva:alarm] tests/float/alarms.i:39: Warning:
- NaN double value. assert ¬\is_NaN((double)(0. / 0.));
+ NaN double value. assert ¬\is_NaN(\div_double((double)0., (double)0.));
[eva] tests/float/alarms.i:41: assertion got status valid.
[eva] tests/float/alarms.i:42: assertion got status valid.
[eva] tests/float/alarms.i:43: assertion got status valid.
[eva] tests/float/alarms.i:44: assertion got status valid.
[eva] tests/float/alarms.i:47: assertion got status valid.
[eva:alarm] tests/float/alarms.i:50: Warning:
- NaN double value. assert ¬\is_NaN((double)(0. / 0.));
+ NaN double value. assert ¬\is_NaN(\div_double((double)0., (double)0.));
[eva] Recording results for main2
[eva] Done for function main2
[eva] computing for function main3 <- main.
diff --git a/tests/float/oracle/builtins.res.oracle b/tests/float/oracle/builtins.res.oracle
index 0bfa3b88df28af5763d4da2e18e3a395ffb58887..66f30707d3259e2969df47d8e280f469eb3f74b4 100644
--- a/tests/float/oracle/builtins.res.oracle
+++ b/tests/float/oracle/builtins.res.oracle
@@ -134,6 +134,8 @@
function exp: precondition 'finite_arg' got status valid.
[eva] tests/float/builtins.c:104:
function exp: precondition 'finite_domain' got status valid.
+[eva:alarm] tests/float/builtins.c:107: Warning:
+ pointer downcast. assert (unsigned int)(&d) ≤ 2147483647;
[eva:alarm] tests/float/builtins.c:107: Warning:
non-finite double value. assert \is_finite((double)((int)(&d)));
[eva] tests/float/builtins.c:107: Call to builtin log
diff --git a/tests/float/oracle/const1.res.oracle b/tests/float/oracle/const1.res.oracle
index 638364e24627ee9b5d7d0801c6943a7deef32246..a88cc5055cf3dfb3a54b5ebaeb7be3a190c8416c 100644
--- a/tests/float/oracle/const1.res.oracle
+++ b/tests/float/oracle/const1.res.oracle
@@ -5,7 +5,7 @@
[eva] Analyzing a complete application starting at main
[eva] Computing initial state
[eva:alarm] tests/float/const1.i:1: Warning:
- non-finite float value. assert \is_finite(1e40f);
+ non-finite float value. assert \is_finite((float)1e40f);
[eva] tests/float/const1.i:1: Warning:
evaluation of initializer '(unsigned long long)1e40f' failed
[eva] Initial state computed
diff --git a/tests/float/oracle/const2.res.oracle b/tests/float/oracle/const2.res.oracle
index e13374c9a69087e2f5b5eff971800610a94ce188..cbf8617870807c9608359bb8ee92ea09c49c562b 100644
--- a/tests/float/oracle/const2.res.oracle
+++ b/tests/float/oracle/const2.res.oracle
@@ -5,7 +5,7 @@
[eva] Analyzing a complete application starting at main
[eva] Computing initial state
[eva:alarm] tests/float/const2.i:2: Warning:
- non-finite float value. assert \is_finite(1e40f);
+ non-finite float value. assert \is_finite((float)1e40f);
[eva] tests/float/const2.i:2: Warning: evaluation of initializer '1e40f' failed
[eva] Initial state computed
[eva:initial-state] Values of globals at initialization
diff --git a/tests/float/oracle/const4.0.res.oracle b/tests/float/oracle/const4.0.res.oracle
index fc3b0e788b83ec9cef38524e8ef6c8d2c18b7d70..7c1da402c214766126e2154048502a9670f28337 100644
--- a/tests/float/oracle/const4.0.res.oracle
+++ b/tests/float/oracle/const4.0.res.oracle
@@ -6,7 +6,7 @@
[eva] Analyzing a complete application starting at main
[eva] Computing initial state
[eva:alarm] tests/float/const4.i:7: Warning:
- non-finite float value. assert \is_finite(3.405e38f);
+ non-finite float value. assert \is_finite((float)3.405e38f);
[eva] tests/float/const4.i:7: Warning:
evaluation of initializer '(double)3.405e38f' failed
[eva] Initial state computed
diff --git a/tests/float/oracle/const4.1.res.oracle b/tests/float/oracle/const4.1.res.oracle
index 5005f2e7aa3a9f83fbe7f95abebf0de23fce17ae..7f1381022516acfaa8fa4bc0e640684d198fd245 100644
--- a/tests/float/oracle/const4.1.res.oracle
+++ b/tests/float/oracle/const4.1.res.oracle
@@ -6,7 +6,7 @@
[eva] Analyzing a complete application starting at main
[eva] Computing initial state
[eva:alarm] tests/float/const4.i:7: Warning:
- non-finite float value. assert \is_finite(3.405e38f);
+ non-finite float value. assert \is_finite((float)3.405e38f);
[eva] Initial state computed
[eva:initial-state] Values of globals at initialization
f1 ∈ [3.39999995214e+38 .. 3.40000015497e+38]
diff --git a/tests/float/oracle/cte_overflow.res.oracle b/tests/float/oracle/cte_overflow.res.oracle
index c0a3a0173b1e8461e25b19cec61e96b8eef45052..0aea223139cefa7745d90fe73a8131275a75f10c 100644
--- a/tests/float/oracle/cte_overflow.res.oracle
+++ b/tests/float/oracle/cte_overflow.res.oracle
@@ -13,9 +13,9 @@
[eva:initial-state] Values of globals at initialization
v ∈ [--..--]
[eva:alarm] tests/float/cte_overflow.i:12: Warning:
- non-finite double value. assert \is_finite(1e500);
+ non-finite double value. assert \is_finite((double)1e500);
[eva:alarm] tests/float/cte_overflow.i:17: Warning:
- non-finite float value. assert \is_finite(1e80f);
+ non-finite float value. assert \is_finite((float)1e80f);
[eva] Recording results for main
[eva] done for function main
[eva] tests/float/cte_overflow.i:12:
diff --git a/tests/float/oracle/dr_infinity.res.oracle b/tests/float/oracle/dr_infinity.res.oracle
index 1a2c304b3a2ed57f309868e5ace5067283845272..04bd0c13b12f6668575bba0d156fc44b92520016 100644
--- a/tests/float/oracle/dr_infinity.res.oracle
+++ b/tests/float/oracle/dr_infinity.res.oracle
@@ -22,28 +22,33 @@
v ∈ [--..--]
[eva] tests/float/dr_infinity.i:9: Frama_C_show_each: {0x1.fffffe0000000p127}
[eva:alarm] tests/float/dr_infinity.i:11: Warning:
- non-finite float value. assert \is_finite((float)3.402823567797366e+38);
+ non-finite float value.
+ assert \is_finite((float)((double)3.402823567797366e+38));
[eva:alarm] tests/float/dr_infinity.i:16: Warning:
- non-finite float value. assert \is_finite((float)(x * x));
+ non-finite float value. assert \is_finite(\mul_float(x, x));
[eva:alarm] tests/float/dr_infinity.i:21: Warning:
- non-finite double value. assert \is_finite((double)(d * (double)10));
+ non-finite double value. assert \is_finite(\mul_double(d, (double)10));
[eva:alarm] tests/float/dr_infinity.i:26: Warning:
- non-finite double value. assert \is_finite((double)((double)2 / d));
+ non-finite double value. assert \is_finite(\div_double((double)2, d));
[eva:alarm] tests/float/dr_infinity.i:31: Warning:
- non-finite double value. assert \is_finite((double)(d / 0.01));
+ non-finite double value. assert \is_finite(\div_double(d, (double)0.01));
[eva:alarm] tests/float/dr_infinity.i:36: Warning:
non-finite float value.
- assert \is_finite((float)((double)((double)x / 0.001)));
+ assert \is_finite((float)\div_double((double)x, (double)0.001));
[eva:alarm] tests/float/dr_infinity.i:41: Warning:
- non-finite double value. assert \is_finite((double)(d / 0.));
+ non-finite double value. assert \is_finite(\div_double(d, (double)0.));
[eva] Recording results for main
[eva] done for function main
[eva] tests/float/dr_infinity.i:11:
assertion 'Eva,is_nan_or_infinite' got final status invalid.
[eva] tests/float/dr_infinity.i:16:
assertion 'Eva,is_nan_or_infinite' got final status invalid.
+[eva] tests/float/dr_infinity.i:21:
+ assertion 'Eva,is_nan_or_infinite' got final status invalid.
[eva] tests/float/dr_infinity.i:26:
assertion 'Eva,is_nan_or_infinite' got final status invalid.
+[eva] tests/float/dr_infinity.i:31:
+ assertion 'Eva,is_nan_or_infinite' got final status invalid.
[eva] tests/float/dr_infinity.i:36:
assertion 'Eva,is_nan_or_infinite' got final status invalid.
[eva] tests/float/dr_infinity.i:41:
diff --git a/tests/float/oracle/logic.0.res.oracle b/tests/float/oracle/logic.0.res.oracle
index a78dc74e8eaac554d264eb78a2b28fffc8e7de2c..2f18d3f38e7ca97d1ac9afb26c914f3f1a72783a 100644
--- a/tests/float/oracle/logic.0.res.oracle
+++ b/tests/float/oracle/logic.0.res.oracle
@@ -59,7 +59,8 @@
[eva:alarm] tests/float/logic.i:42: Warning: check got status invalid.
[eva:alarm] tests/float/logic.i:43: Warning: check got status invalid.
[eva:alarm] tests/float/logic.i:45: Warning:
- non-finite double value. assert \is_finite((double)(1. / 0.));
+ non-finite double value.
+ assert \is_finite(\div_double((double)1., (double)0.));
[eva:alarm] tests/float/logic.i:64: Warning: check got status unknown.
[eva:alarm] tests/float/logic.i:65: Warning: check got status unknown.
[eva:alarm] tests/float/logic.i:66: Warning: check got status unknown.
@@ -314,7 +315,8 @@
[eva] Recording results for test_comparison_reduction
[eva] Done for function test_comparison_reduction
[eva:alarm] tests/float/logic.i:133: Warning:
- non-finite double value. assert \is_finite((double)(1. / 0.));
+ non-finite double value.
+ assert \is_finite(\div_double((double)1., (double)0.));
[eva] Recording results for test_builtin_comparisons
[eva] Done for function test_builtin_comparisons
[eva] computing for function test_is_finite <- main.
diff --git a/tests/float/oracle/nonlin.0.res.oracle b/tests/float/oracle/nonlin.0.res.oracle
index 648a1ae9af5f33b985dcd3411249ebe3e07a77c4..b3c87ee207887a60ae61edd6f4c1cd84e13ffc73 100644
--- a/tests/float/oracle/nonlin.0.res.oracle
+++ b/tests/float/oracle/nonlin.0.res.oracle
@@ -171,10 +171,10 @@
[eva] Done for function Frama_C_float_interval
[eva:alarm] tests/float/nonlin.c:63: Warning:
accessing out of bounds index.
- assert 0 ≤ (int)((double)((double)(i * i) + 2.0));
+ assert 0 ≤ (int)\add_double(\mul_double(i, i), (double)2.0);
[eva:alarm] tests/float/nonlin.c:63: Warning:
accessing out of bounds index.
- assert (int)((double)((double)(i * i) + 2.0)) < 10;
+ assert (int)\add_double(\mul_double(i, i), (double)2.0) < 10;
[eva] computing for function access_bits <- other <- main.
Called from tests/float/nonlin.c:69.
[eva] Recording results for access_bits
@@ -195,8 +195,9 @@
[eva:alarm] tests/float/nonlin.c:77: Warning:
non-finite double value.
assert
- \is_finite((double)((double)1 /
- (double)((double)((double)ff * (double)ff) + 0.000000001)));
+ \is_finite(\div_double((double)1,
+ \add_double(\mul_double((double)ff, (double)ff),
+ (double)0.000000001)));
[eva] Recording results for split_alarm
[eva] Done for function split_alarm
[eva] computing for function norm <- main.
@@ -220,16 +221,20 @@
function Frama_C_float_interval: precondition 'order' got status valid.
[eva] Done for function Frama_C_float_interval
[eva:alarm] tests/float/nonlin.c:92: Warning:
- non-finite float value. assert \is_finite((float)(v1 * v1));
+ non-finite float value. assert \is_finite(\mul_float(v1, v1));
[eva:alarm] tests/float/nonlin.c:92: Warning:
- non-finite float value. assert \is_finite((float)(v2 * v2));
+ non-finite float value. assert \is_finite(\mul_float(v2, v2));
[eva:alarm] tests/float/nonlin.c:92: Warning:
non-finite float value.
- assert \is_finite((float)((float)(v1 * v1) + (float)(v2 * v2)));
+ assert \is_finite(\add_float(\mul_float(v1, v1), \mul_float(v2, v2)));
[eva] Recording results for norm
[eva] Done for function norm
[eva] computing for function garbled <- main.
Called from tests/float/nonlin.c:148.
+[eva:alarm] tests/float/nonlin.c:98: Warning:
+ pointer downcast. assert (unsigned int)(&x_0) ≤ 2147483647;
+[eva:alarm] tests/float/nonlin.c:98: Warning:
+ pointer downcast. assert (unsigned int)(&x_0 + (int)(&x_0)) ≤ 2147483647;
[eva:alarm] tests/float/nonlin.c:98: Warning:
non-finite float value.
assert \is_finite((float)((int)(&x_0 + (int)(&x_0))));
@@ -239,7 +244,7 @@
[eva:alarm] tests/float/nonlin.c:99: Warning:
non-finite float value. assert \is_finite(a_0);
[eva:alarm] tests/float/nonlin.c:99: Warning:
- non-finite float value. assert \is_finite((float)(a_0 + a_0));
+ non-finite float value. assert \is_finite(\add_float(a_0, a_0));
[eva] tests/float/nonlin.c:99:
Assigning imprecise value to f.
The imprecision originates from Arithmetic
@@ -256,7 +261,8 @@
[eva] Done for function Frama_C_float_interval
[eva:alarm] tests/float/nonlin.c:113: Warning:
non-finite float value.
- assert \is_finite((float)(f1 / (float)((float)((float)(f + f) - f) - f1)));
+ assert
+ \is_finite(\div_float(f1, \sub_float(\sub_float(\add_float(f, f), f), f1)));
[eva] Recording results for around_zeros
[eva] Done for function around_zeros
[eva] computing for function subdivide_strategy <- main.
@@ -272,7 +278,7 @@
non-finite double value. assert \is_finite(nondet);
[eva:alarm] tests/float/nonlin.c:135: Warning:
non-finite double value.
- assert \is_finite((double)((double)(x_0 - d_0) * (double)(x_0 - d_0)));
+ assert \is_finite(\mul_double(\sub_double(x_0, d_0), \sub_double(x_0, d_0)));
[eva] computing for function Frama_C_float_interval <- subdivide_strategy <- main.
Called from tests/float/nonlin.c:136.
[eva] tests/float/nonlin.c:136:
diff --git a/tests/float/oracle/nonlin.1.res.oracle b/tests/float/oracle/nonlin.1.res.oracle
index 3ddef66ef496f7061b9f8444af849b2b4bd1bafb..6116e8b7c3b2828b99b91740ccf3ea2d0374e39e 100644
--- a/tests/float/oracle/nonlin.1.res.oracle
+++ b/tests/float/oracle/nonlin.1.res.oracle
@@ -177,7 +177,7 @@
[eva:nonlin] tests/float/nonlin.c:63: subdividing on i
[eva:alarm] tests/float/nonlin.c:63: Warning:
accessing out of bounds index.
- assert (int)((double)((double)(i * i) + 2.0)) < 10;
+ assert (int)\add_double(\mul_double(i, i), (double)2.0) < 10;
[eva:nonlin] tests/float/nonlin.c:64: non-linear 's - s', lv 's'
[eva:nonlin] tests/float/nonlin.c:64: subdividing on s
[eva:nonlin] tests/float/nonlin.c:65: non-linear 's - s', lv 's'
@@ -243,16 +243,20 @@
[eva:nonlin] tests/float/nonlin.c:92: subdividing on v1
[eva:nonlin] tests/float/nonlin.c:92: subdividing on v2
[eva:alarm] tests/float/nonlin.c:92: Warning:
- non-finite float value. assert \is_finite((float)(v1 * v1));
+ non-finite float value. assert \is_finite(\mul_float(v1, v1));
[eva:alarm] tests/float/nonlin.c:92: Warning:
- non-finite float value. assert \is_finite((float)(v2 * v2));
+ non-finite float value. assert \is_finite(\mul_float(v2, v2));
[eva:alarm] tests/float/nonlin.c:92: Warning:
non-finite float value.
- assert \is_finite((float)((float)(v1 * v1) + (float)(v2 * v2)));
+ assert \is_finite(\add_float(\mul_float(v1, v1), \mul_float(v2, v2)));
[eva] Recording results for norm
[eva] Done for function norm
[eva] computing for function garbled <- main.
Called from tests/float/nonlin.c:148.
+[eva:alarm] tests/float/nonlin.c:98: Warning:
+ pointer downcast. assert (unsigned int)(&x_0) ≤ 2147483647;
+[eva:alarm] tests/float/nonlin.c:98: Warning:
+ pointer downcast. assert (unsigned int)(&x_0 + (int)(&x_0)) ≤ 2147483647;
[eva:alarm] tests/float/nonlin.c:98: Warning:
non-finite float value.
assert \is_finite((float)((int)(&x_0 + (int)(&x_0))));
@@ -262,7 +266,7 @@
[eva:alarm] tests/float/nonlin.c:99: Warning:
non-finite float value. assert \is_finite(a_0);
[eva:alarm] tests/float/nonlin.c:99: Warning:
- non-finite float value. assert \is_finite((float)(a_0 + a_0));
+ non-finite float value. assert \is_finite(\add_float(a_0, a_0));
[eva] tests/float/nonlin.c:99:
Assigning imprecise value to f.
The imprecision originates from Arithmetic
@@ -283,7 +287,8 @@
[eva:nonlin] tests/float/nonlin.c:113: subdividing on f
[eva:alarm] tests/float/nonlin.c:113: Warning:
non-finite float value.
- assert \is_finite((float)(f1 / (float)((float)((float)(f + f) - f) - f1)));
+ assert
+ \is_finite(\div_float(f1, \sub_float(\sub_float(\add_float(f, f), f), f1)));
[eva] Recording results for around_zeros
[eva] Done for function around_zeros
[eva] computing for function subdivide_strategy <- main.
@@ -304,7 +309,7 @@
[eva:nonlin] tests/float/nonlin.c:135: subdividing on x_0
[eva:alarm] tests/float/nonlin.c:135: Warning:
non-finite double value.
- assert \is_finite((double)((double)(x_0 - d_0) * (double)(x_0 - d_0)));
+ assert \is_finite(\mul_double(\sub_double(x_0, d_0), \sub_double(x_0, d_0)));
[eva] computing for function Frama_C_float_interval <- subdivide_strategy <- main.
Called from tests/float/nonlin.c:136.
[eva] tests/float/nonlin.c:136:
diff --git a/tests/float/oracle/nonlin.2.res.oracle b/tests/float/oracle/nonlin.2.res.oracle
index ba81c19d44c306730614d89d500ccdb7fde507a5..15dfbc52f71215bca7c9d87879422e69575dc601 100644
--- a/tests/float/oracle/nonlin.2.res.oracle
+++ b/tests/float/oracle/nonlin.2.res.oracle
@@ -177,7 +177,7 @@
[eva:nonlin] tests/float/nonlin.c:63: subdividing on i
[eva:alarm] tests/float/nonlin.c:63: Warning:
accessing out of bounds index.
- assert (int)((double)((double)(i * i) + 2.0)) < 10;
+ assert (int)\add_double(\mul_double(i, i), (double)2.0) < 10;
[eva:nonlin] tests/float/nonlin.c:64: non-linear 's - s', lv 's'
[eva:nonlin] tests/float/nonlin.c:64: subdividing on s
[eva:nonlin] tests/float/nonlin.c:65: non-linear 's - s', lv 's'
@@ -240,6 +240,10 @@
[eva] Done for function norm
[eva] computing for function garbled <- main.
Called from tests/float/nonlin.c:148.
+[eva:alarm] tests/float/nonlin.c:98: Warning:
+ pointer downcast. assert (unsigned int)(&x_0) ≤ 2147483647;
+[eva:alarm] tests/float/nonlin.c:98: Warning:
+ pointer downcast. assert (unsigned int)(&x_0 + (int)(&x_0)) ≤ 2147483647;
[eva] tests/float/nonlin.c:98:
Assigning imprecise value to a_0.
The imprecision originates from Arithmetic {tests/float/nonlin.c:98}
diff --git a/tests/float/oracle/nonlin.3.res.oracle b/tests/float/oracle/nonlin.3.res.oracle
index c3e1e9cdb8b72a6f1a433932db7cf78cbfcc82bc..b5f30cd1f748e45b9ab0972fcc731c6dfbc1ae9f 100644
--- a/tests/float/oracle/nonlin.3.res.oracle
+++ b/tests/float/oracle/nonlin.3.res.oracle
@@ -171,10 +171,10 @@
[eva] Done for function Frama_C_float_interval
[eva:alarm] tests/float/nonlin.c:63: Warning:
accessing out of bounds index.
- assert 0 ≤ (int)((double)((double)((float)(i * i)) + 2.0));
+ assert 0 ≤ (int)\add_double((double)\mul_float(i, i), (double)2.0);
[eva:alarm] tests/float/nonlin.c:63: Warning:
accessing out of bounds index.
- assert (int)((double)((double)((float)(i * i)) + 2.0)) < 10;
+ assert (int)\add_double((double)\mul_float(i, i), (double)2.0) < 10;
[eva] computing for function access_bits <- other <- main.
Called from tests/float/nonlin.c:69.
[eva] Recording results for access_bits
@@ -195,8 +195,9 @@
[eva:alarm] tests/float/nonlin.c:77: Warning:
non-finite double value.
assert
- \is_finite((double)((double)1 /
- (double)((double)((double)ff * (double)ff) + 0.000000001)));
+ \is_finite(\div_double((double)1,
+ \add_double(\mul_double((double)ff, (double)ff),
+ (double)0.000000001)));
[eva] Recording results for split_alarm
[eva] Done for function split_alarm
[eva] computing for function norm <- main.
@@ -220,16 +221,20 @@
function Frama_C_float_interval: precondition 'order' got status valid.
[eva] Done for function Frama_C_float_interval
[eva:alarm] tests/float/nonlin.c:92: Warning:
- non-finite float value. assert \is_finite((float)(v1 * v1));
+ non-finite float value. assert \is_finite(\mul_float(v1, v1));
[eva:alarm] tests/float/nonlin.c:92: Warning:
- non-finite float value. assert \is_finite((float)(v2 * v2));
+ non-finite float value. assert \is_finite(\mul_float(v2, v2));
[eva:alarm] tests/float/nonlin.c:92: Warning:
non-finite float value.
- assert \is_finite((float)((float)(v1 * v1) + (float)(v2 * v2)));
+ assert \is_finite(\add_float(\mul_float(v1, v1), \mul_float(v2, v2)));
[eva] Recording results for norm
[eva] Done for function norm
[eva] computing for function garbled <- main.
Called from tests/float/nonlin.c:148.
+[eva:alarm] tests/float/nonlin.c:98: Warning:
+ pointer downcast. assert (unsigned int)(&x_0) ≤ 2147483647;
+[eva:alarm] tests/float/nonlin.c:98: Warning:
+ pointer downcast. assert (unsigned int)(&x_0 + (int)(&x_0)) ≤ 2147483647;
[eva:alarm] tests/float/nonlin.c:98: Warning:
non-finite float value.
assert \is_finite((float)((int)(&x_0 + (int)(&x_0))));
@@ -239,7 +244,7 @@
[eva:alarm] tests/float/nonlin.c:99: Warning:
non-finite float value. assert \is_finite(a_0);
[eva:alarm] tests/float/nonlin.c:99: Warning:
- non-finite float value. assert \is_finite((float)(a_0 + a_0));
+ non-finite float value. assert \is_finite(\add_float(a_0, a_0));
[eva] tests/float/nonlin.c:99:
Assigning imprecise value to f.
The imprecision originates from Arithmetic
@@ -256,7 +261,8 @@
[eva] Done for function Frama_C_float_interval
[eva:alarm] tests/float/nonlin.c:113: Warning:
non-finite float value.
- assert \is_finite((float)(f1 / (float)((float)((float)(f + f) - f) - f1)));
+ assert
+ \is_finite(\div_float(f1, \sub_float(\sub_float(\add_float(f, f), f), f1)));
[eva] Recording results for around_zeros
[eva] Done for function around_zeros
[eva] computing for function subdivide_strategy <- main.
@@ -272,7 +278,7 @@
non-finite float value. assert \is_finite(nondet);
[eva:alarm] tests/float/nonlin.c:135: Warning:
non-finite float value.
- assert \is_finite((float)((float)(x_0 - d_0) * (float)(x_0 - d_0)));
+ assert \is_finite(\mul_float(\sub_float(x_0, d_0), \sub_float(x_0, d_0)));
[eva] computing for function Frama_C_float_interval <- subdivide_strategy <- main.
Called from tests/float/nonlin.c:136.
[eva] tests/float/nonlin.c:136:
diff --git a/tests/float/oracle/nonlin.4.res.oracle b/tests/float/oracle/nonlin.4.res.oracle
index 2f06c2710cf66d8592b8fdae363e0a41589b4481..52f4a2d9697a022028a265fc38b4728b6b54fe02 100644
--- a/tests/float/oracle/nonlin.4.res.oracle
+++ b/tests/float/oracle/nonlin.4.res.oracle
@@ -177,7 +177,7 @@
[eva:nonlin] tests/float/nonlin.c:63: subdividing on i
[eva:alarm] tests/float/nonlin.c:63: Warning:
accessing out of bounds index.
- assert (int)((double)((double)((float)(i * i)) + 2.0)) < 10;
+ assert (int)\add_double((double)\mul_float(i, i), (double)2.0) < 10;
[eva:nonlin] tests/float/nonlin.c:64: non-linear 's - s', lv 's'
[eva:nonlin] tests/float/nonlin.c:64: subdividing on s
[eva:nonlin] tests/float/nonlin.c:65: non-linear 's - s', lv 's'
@@ -243,16 +243,20 @@
[eva:nonlin] tests/float/nonlin.c:92: subdividing on v1
[eva:nonlin] tests/float/nonlin.c:92: subdividing on v2
[eva:alarm] tests/float/nonlin.c:92: Warning:
- non-finite float value. assert \is_finite((float)(v1 * v1));
+ non-finite float value. assert \is_finite(\mul_float(v1, v1));
[eva:alarm] tests/float/nonlin.c:92: Warning:
- non-finite float value. assert \is_finite((float)(v2 * v2));
+ non-finite float value. assert \is_finite(\mul_float(v2, v2));
[eva:alarm] tests/float/nonlin.c:92: Warning:
non-finite float value.
- assert \is_finite((float)((float)(v1 * v1) + (float)(v2 * v2)));
+ assert \is_finite(\add_float(\mul_float(v1, v1), \mul_float(v2, v2)));
[eva] Recording results for norm
[eva] Done for function norm
[eva] computing for function garbled <- main.
Called from tests/float/nonlin.c:148.
+[eva:alarm] tests/float/nonlin.c:98: Warning:
+ pointer downcast. assert (unsigned int)(&x_0) ≤ 2147483647;
+[eva:alarm] tests/float/nonlin.c:98: Warning:
+ pointer downcast. assert (unsigned int)(&x_0 + (int)(&x_0)) ≤ 2147483647;
[eva:alarm] tests/float/nonlin.c:98: Warning:
non-finite float value.
assert \is_finite((float)((int)(&x_0 + (int)(&x_0))));
@@ -262,7 +266,7 @@
[eva:alarm] tests/float/nonlin.c:99: Warning:
non-finite float value. assert \is_finite(a_0);
[eva:alarm] tests/float/nonlin.c:99: Warning:
- non-finite float value. assert \is_finite((float)(a_0 + a_0));
+ non-finite float value. assert \is_finite(\add_float(a_0, a_0));
[eva] tests/float/nonlin.c:99:
Assigning imprecise value to f.
The imprecision originates from Arithmetic
@@ -283,7 +287,8 @@
[eva:nonlin] tests/float/nonlin.c:113: subdividing on f
[eva:alarm] tests/float/nonlin.c:113: Warning:
non-finite float value.
- assert \is_finite((float)(f1 / (float)((float)((float)(f + f) - f) - f1)));
+ assert
+ \is_finite(\div_float(f1, \sub_float(\sub_float(\add_float(f, f), f), f1)));
[eva] Recording results for around_zeros
[eva] Done for function around_zeros
[eva] computing for function subdivide_strategy <- main.
@@ -304,7 +309,7 @@
[eva:nonlin] tests/float/nonlin.c:135: subdividing on x_0
[eva:alarm] tests/float/nonlin.c:135: Warning:
non-finite float value.
- assert \is_finite((float)((float)(x_0 - d_0) * (float)(x_0 - d_0)));
+ assert \is_finite(\mul_float(\sub_float(x_0, d_0), \sub_float(x_0, d_0)));
[eva] computing for function Frama_C_float_interval <- subdivide_strategy <- main.
Called from tests/float/nonlin.c:136.
[eva] tests/float/nonlin.c:136:
diff --git a/tests/float/oracle/nonlin.5.res.oracle b/tests/float/oracle/nonlin.5.res.oracle
index a26018dc5a7b1e8f6e79c7f951bc2d4b1e746db0..04154d9e75bb6b6f7948187198acac640d1bc51e 100644
--- a/tests/float/oracle/nonlin.5.res.oracle
+++ b/tests/float/oracle/nonlin.5.res.oracle
@@ -177,7 +177,7 @@
[eva:nonlin] tests/float/nonlin.c:63: subdividing on i
[eva:alarm] tests/float/nonlin.c:63: Warning:
accessing out of bounds index.
- assert (int)((double)((double)((float)(i * i)) + 2.0)) < 10;
+ assert (int)\add_double((double)\mul_float(i, i), (double)2.0) < 10;
[eva:nonlin] tests/float/nonlin.c:64: non-linear 's - s', lv 's'
[eva:nonlin] tests/float/nonlin.c:64: subdividing on s
[eva:nonlin] tests/float/nonlin.c:65: non-linear 's - s', lv 's'
@@ -240,6 +240,10 @@
[eva] Done for function norm
[eva] computing for function garbled <- main.
Called from tests/float/nonlin.c:148.
+[eva:alarm] tests/float/nonlin.c:98: Warning:
+ pointer downcast. assert (unsigned int)(&x_0) ≤ 2147483647;
+[eva:alarm] tests/float/nonlin.c:98: Warning:
+ pointer downcast. assert (unsigned int)(&x_0 + (int)(&x_0)) ≤ 2147483647;
[eva] tests/float/nonlin.c:98:
Assigning imprecise value to a_0.
The imprecision originates from Arithmetic {tests/float/nonlin.c:98}
diff --git a/tests/float/oracle/parse.res.oracle b/tests/float/oracle/parse.res.oracle
index 99068d34513acf3f0265fbf6ecada78cb40eacbb..3d54be548a3179ceb69f05ad3f2b3d3711af3f2b 100644
--- a/tests/float/oracle/parse.res.oracle
+++ b/tests/float/oracle/parse.res.oracle
@@ -14,11 +14,12 @@
[eva] tests/float/parse.i:26:
Frama_C_show_each: {0x1.83a99c3ec7eb0p893}, {{ "reached" }}
[eva:alarm] tests/float/parse.i:30: Warning:
- non-finite double value. assert \is_finite(0.0000001E9999999999999999999);
+ non-finite double value.
+ assert \is_finite((double)0.0000001E9999999999999999999);
[eva] tests/float/parse.i:36: Warning:
cannot parse floating-point constant, returning imprecise result
[eva:alarm] tests/float/parse.i:36: Warning:
- non-finite long double value. assert \is_finite(0x1p32767L);
+ non-finite long double value. assert \is_finite((long double)0x1p32767L);
[eva:alarm] tests/float/parse.i:37: Warning:
non-finite long double value. assert \is_finite(l);
[eva:alarm] tests/float/parse.i:37: Warning:
diff --git a/tests/float/oracle/widen.0.res.oracle b/tests/float/oracle/widen.0.res.oracle
index 218c0d29cca4f218650f5d82f241cdaf3e39f402..4c881d40cfff401e4548d83ed32e6598436c1849 100644
--- a/tests/float/oracle/widen.0.res.oracle
+++ b/tests/float/oracle/widen.0.res.oracle
@@ -8,7 +8,7 @@
Called from tests/float/widen.c:50.
[eva] tests/float/widen.c:13: starting to merge loop iterations
[eva:alarm] tests/float/widen.c:14: Warning:
- non-finite double value. assert \is_finite((double)(max * 2.));
+ non-finite double value. assert \is_finite(\mul_double(max, (double)2.));
[eva] tests/float/widen.c:16: starting to merge loop iterations
[eva] tests/float/widen.c:24:
Frama_C_show_each_double_inf: [1. .. 1.79769313486e+308]
diff --git a/tests/idct/oracle/ieee_1180_1990.res.oracle b/tests/idct/oracle/ieee_1180_1990.res.oracle
index 9cd3bd3d041d28f969185ef6d728ca3a37f273f3..6019d52b6974e590ed64929f0443da77b325f790 100644
--- a/tests/idct/oracle/ieee_1180_1990.res.oracle
+++ b/tests/idct/oracle/ieee_1180_1990.res.oracle
@@ -1938,14 +1938,39 @@
default behavior
by Frama-C kernel.
+--------------------------------------------------------------------------------
+--- Properties of Function 'fseeko'
+--------------------------------------------------------------------------------
+
+[ Extern ] Assigns (file share/libc/stdio.h, line 395)
+ assigns *stream, \result, __fc_errno;
+ Unverifiable but considered Valid.
+[ Extern ] Froms (file share/libc/stdio.h, line 395)
+ assigns *stream
+ \from *stream, (indirect: offset), (indirect: whence);
+ Unverifiable but considered Valid.
+[ Extern ] Froms (file share/libc/stdio.h, line 396)
+ assigns \result
+ \from (indirect: *stream), (indirect: offset),
+ (indirect: whence);
+ Unverifiable but considered Valid.
+[ Extern ] Froms (file share/libc/stdio.h, line 396)
+ assigns __fc_errno
+ \from (indirect: *stream), (indirect: offset),
+ (indirect: whence);
+ Unverifiable but considered Valid.
+[ Valid ] Default behavior
+ default behavior
+ by Frama-C kernel.
+
--------------------------------------------------------------------------------
--- Properties of Function 'fsetpos'
--------------------------------------------------------------------------------
-[ Extern ] Assigns (file share/libc/stdio.h, line 396)
+[ Extern ] Assigns (file share/libc/stdio.h, line 405)
assigns *stream;
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/stdio.h, line 396)
+[ Extern ] Froms (file share/libc/stdio.h, line 405)
assigns *stream \from *pos;
Unverifiable but considered Valid.
[ Valid ] Default behavior
@@ -1962,13 +1987,36 @@
\result ≡ -1 ∨
(\result ≥ 0 ∧ __fc_errno ≡ \old(__fc_errno))
Unverifiable but considered Valid.
-[ Extern ] Assigns (file share/libc/stdio.h, line 402)
+[ Extern ] Assigns (file share/libc/stdio.h, line 411)
assigns \result, __fc_errno;
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/stdio.h, line 402)
+[ Extern ] Froms (file share/libc/stdio.h, line 411)
assigns \result \from (indirect: *stream);
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/stdio.h, line 402)
+[ Extern ] Froms (file share/libc/stdio.h, line 411)
+ assigns __fc_errno \from (indirect: *stream);
+ Unverifiable but considered Valid.
+[ Valid ] Default behavior
+ default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'ftello'
+--------------------------------------------------------------------------------
+
+[ Extern ] Post-condition 'success_or_error'
+ ensures
+ success_or_error:
+ \result ≡ -1 ∨
+ (\result ≥ 0 ∧ __fc_errno ≡ \old(__fc_errno))
+ Unverifiable but considered Valid.
+[ Extern ] Assigns (file share/libc/stdio.h, line 419)
+ assigns \result, __fc_errno;
+ Unverifiable but considered Valid.
+[ Extern ] Froms (file share/libc/stdio.h, line 419)
+ assigns \result \from (indirect: *stream);
+ Unverifiable but considered Valid.
+[ Extern ] Froms (file share/libc/stdio.h, line 419)
assigns __fc_errno \from (indirect: *stream);
Unverifiable but considered Valid.
[ Valid ] Default behavior
@@ -1979,10 +2027,10 @@
--- Properties of Function 'rewind'
--------------------------------------------------------------------------------
-[ Extern ] Assigns (file share/libc/stdio.h, line 410)
+[ Extern ] Assigns (file share/libc/stdio.h, line 427)
assigns *stream;
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/stdio.h, line 410)
+[ Extern ] Froms (file share/libc/stdio.h, line 427)
assigns *stream \from \nothing;
Unverifiable but considered Valid.
[ Valid ] Default behavior
@@ -1993,10 +2041,10 @@
--- Properties of Function 'clearerr'
--------------------------------------------------------------------------------
-[ Extern ] Assigns (file share/libc/stdio.h, line 416)
+[ Extern ] Assigns (file share/libc/stdio.h, line 433)
assigns *stream;
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/stdio.h, line 416)
+[ Extern ] Froms (file share/libc/stdio.h, line 433)
assigns *stream \from \nothing;
Unverifiable but considered Valid.
[ Valid ] Default behavior
@@ -2010,7 +2058,7 @@
[ Extern ] Assigns nothing
assigns \nothing;
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/stdio.h, line 422)
+[ Extern ] Froms (file share/libc/stdio.h, line 439)
assigns \result \from (indirect: *stream);
Unverifiable but considered Valid.
[ Valid ] Default behavior
@@ -2024,7 +2072,7 @@
[ Extern ] Assigns nothing
assigns \nothing;
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/stdio.h, line 428)
+[ Extern ] Froms (file share/libc/stdio.h, line 445)
assigns \result \from (indirect: *stream);
Unverifiable but considered Valid.
[ Valid ] Default behavior
@@ -2035,10 +2083,10 @@
--- Properties of Function 'flockfile'
--------------------------------------------------------------------------------
-[ Extern ] Assigns (file share/libc/stdio.h, line 434)
+[ Extern ] Assigns (file share/libc/stdio.h, line 451)
assigns *stream;
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/stdio.h, line 434)
+[ Extern ] Froms (file share/libc/stdio.h, line 451)
assigns *stream \from \nothing;
Unverifiable but considered Valid.
[ Valid ] Default behavior
@@ -2049,10 +2097,10 @@
--- Properties of Function 'funlockfile'
--------------------------------------------------------------------------------
-[ Extern ] Assigns (file share/libc/stdio.h, line 440)
+[ Extern ] Assigns (file share/libc/stdio.h, line 457)
assigns *stream;
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/stdio.h, line 440)
+[ Extern ] Froms (file share/libc/stdio.h, line 457)
assigns *stream \from \nothing;
Unverifiable but considered Valid.
[ Valid ] Default behavior
@@ -2063,13 +2111,13 @@
--- Properties of Function 'ftrylockfile'
--------------------------------------------------------------------------------
-[ Extern ] Assigns (file share/libc/stdio.h, line 446)
+[ Extern ] Assigns (file share/libc/stdio.h, line 463)
assigns \result, *stream;
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/stdio.h, line 446)
+[ Extern ] Froms (file share/libc/stdio.h, line 463)
assigns \result \from \nothing;
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/stdio.h, line 446)
+[ Extern ] Froms (file share/libc/stdio.h, line 463)
assigns *stream \from \nothing;
Unverifiable but considered Valid.
[ Valid ] Default behavior
@@ -2083,7 +2131,7 @@
[ Extern ] Assigns nothing
assigns \nothing;
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/stdio.h, line 452)
+[ Extern ] Froms (file share/libc/stdio.h, line 469)
assigns \result \from (indirect: *stream);
Unverifiable but considered Valid.
[ Valid ] Default behavior
@@ -2094,10 +2142,10 @@
--- Properties of Function 'perror'
--------------------------------------------------------------------------------
-[ Extern ] Assigns (file share/libc/stdio.h, line 458)
+[ Extern ] Assigns (file share/libc/stdio.h, line 475)
assigns __fc_stdout;
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/stdio.h, line 458)
+[ Extern ] Froms (file share/libc/stdio.h, line 475)
assigns __fc_stdout
\from __fc_errno, *(s + (0 .. strlen{Old}(s)));
Unverifiable but considered Valid.
@@ -2109,13 +2157,13 @@
--- Properties of Function 'getc_unlocked'
--------------------------------------------------------------------------------
-[ Extern ] Assigns (file share/libc/stdio.h, line 464)
+[ Extern ] Assigns (file share/libc/stdio.h, line 481)
assigns \result, *stream;
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/stdio.h, line 464)
+[ Extern ] Froms (file share/libc/stdio.h, line 481)
assigns \result \from *stream;
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/stdio.h, line 464)
+[ Extern ] Froms (file share/libc/stdio.h, line 481)
assigns *stream \from *stream;
Unverifiable but considered Valid.
[ Valid ] Default behavior
@@ -2129,7 +2177,7 @@
[ Extern ] Assigns nothing
assigns \nothing;
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/stdio.h, line 469)
+[ Extern ] Froms (file share/libc/stdio.h, line 486)
assigns \result \from *__fc_stdin;
Unverifiable but considered Valid.
[ Valid ] Default behavior
@@ -2140,13 +2188,13 @@
--- Properties of Function 'putc_unlocked'
--------------------------------------------------------------------------------
-[ Extern ] Assigns (file share/libc/stdio.h, line 475)
+[ Extern ] Assigns (file share/libc/stdio.h, line 492)
assigns *stream, \result;
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/stdio.h, line 475)
+[ Extern ] Froms (file share/libc/stdio.h, line 492)
assigns *stream \from c;
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/stdio.h, line 476)
+[ Extern ] Froms (file share/libc/stdio.h, line 493)
assigns \result \from (indirect: *stream);
Unverifiable but considered Valid.
[ Valid ] Default behavior
@@ -2157,13 +2205,13 @@
--- Properties of Function 'putchar_unlocked'
--------------------------------------------------------------------------------
-[ Extern ] Assigns (file share/libc/stdio.h, line 481)
+[ Extern ] Assigns (file share/libc/stdio.h, line 498)
assigns *__fc_stdout, \result;
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/stdio.h, line 481)
+[ Extern ] Froms (file share/libc/stdio.h, line 498)
assigns *__fc_stdout \from c;
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/stdio.h, line 482)
+[ Extern ] Froms (file share/libc/stdio.h, line 499)
assigns \result \from (indirect: *__fc_stdout);
Unverifiable but considered Valid.
[ Valid ] Default behavior
@@ -2174,10 +2222,10 @@
--- Properties of Function 'clearerr_unlocked'
--------------------------------------------------------------------------------
-[ Extern ] Assigns (file share/libc/stdio.h, line 488)
+[ Extern ] Assigns (file share/libc/stdio.h, line 505)
assigns *stream;
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/stdio.h, line 488)
+[ Extern ] Froms (file share/libc/stdio.h, line 505)
assigns *stream \from \nothing;
Unverifiable but considered Valid.
[ Valid ] Default behavior
@@ -2191,7 +2239,7 @@
[ Extern ] Assigns nothing
assigns \nothing;
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/stdio.h, line 494)
+[ Extern ] Froms (file share/libc/stdio.h, line 511)
assigns \result \from (indirect: *stream);
Unverifiable but considered Valid.
[ Valid ] Default behavior
@@ -2205,7 +2253,7 @@
[ Extern ] Assigns nothing
assigns \nothing;
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/stdio.h, line 500)
+[ Extern ] Froms (file share/libc/stdio.h, line 517)
assigns \result \from (indirect: *stream);
Unverifiable but considered Valid.
[ Valid ] Default behavior
@@ -2219,7 +2267,7 @@
[ Extern ] Assigns nothing
assigns \nothing;
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/stdio.h, line 506)
+[ Extern ] Froms (file share/libc/stdio.h, line 523)
assigns \result \from (indirect: *stream);
Unverifiable but considered Valid.
[ Valid ] Default behavior
@@ -2237,14 +2285,14 @@
(\subset(\result, &__fc_fopen[0 .. 16 - 1]) ∧
is_open_pipe(\result))
Unverifiable but considered Valid.
-[ Extern ] Assigns (file share/libc/stdio.h, line 533)
+[ Extern ] Assigns (file share/libc/stdio.h, line 550)
assigns \result, __fc_fopen[0 ..];
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/stdio.h, line 533)
+[ Extern ] Froms (file share/libc/stdio.h, line 550)
assigns \result
\from (indirect: *command), (indirect: *type), __fc_p_fopen;
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/stdio.h, line 535)
+[ Extern ] Froms (file share/libc/stdio.h, line 552)
assigns __fc_fopen[0 ..]
\from (indirect: *command), (indirect: *type), __fc_fopen[0 ..];
Unverifiable but considered Valid.
@@ -2262,7 +2310,7 @@
[ Extern ] Assigns nothing
assigns \nothing;
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/stdio.h, line 547)
+[ Extern ] Froms (file share/libc/stdio.h, line 564)
assigns \result \from (indirect: *stream);
Unverifiable but considered Valid.
[ Valid ] Default behavior
@@ -2291,7 +2339,7 @@
[ Extern ] Assigns nothing
assigns \nothing;
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/math.h, line 67)
+[ Extern ] Froms (file share/libc/math.h, line 70)
assigns \result \from x;
Unverifiable but considered Valid.
[ Valid ] Default behavior
@@ -2335,7 +2383,7 @@
[ Extern ] Assigns nothing
assigns \nothing;
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/math.h, line 91)
+[ Extern ] Froms (file share/libc/math.h, line 94)
assigns \result \from x;
Unverifiable but considered Valid.
[ Valid ] Default behavior
@@ -2367,28 +2415,28 @@
[ Extern ] Post-condition for 'domain_error' 'errno_set'
ensures errno_set: __fc_errno ≡ 1
Unverifiable but considered Valid.
-[ Extern ] Assigns (file share/libc/math.h, line 128)
+[ Extern ] Assigns (file share/libc/math.h, line 131)
assigns __fc_errno, \result;
Unverifiable but considered Valid.
-[ Extern ] Assigns for 'domain_error' (file share/libc/math.h, line 135)
+[ Extern ] Assigns for 'domain_error' (file share/libc/math.h, line 138)
assigns __fc_errno, \result;
Unverifiable but considered Valid.
[ Extern ] Assigns for 'normal' nothing
assigns \nothing;
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/math.h, line 128)
+[ Extern ] Froms (file share/libc/math.h, line 131)
assigns __fc_errno \from x;
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/math.h, line 128)
+[ Extern ] Froms (file share/libc/math.h, line 131)
assigns \result \from x;
Unverifiable but considered Valid.
-[ Extern ] Froms for 'domain_error' (file share/libc/math.h, line 135)
+[ Extern ] Froms for 'domain_error' (file share/libc/math.h, line 138)
assigns __fc_errno \from x;
Unverifiable but considered Valid.
-[ Extern ] Froms for 'domain_error' (file share/libc/math.h, line 135)
+[ Extern ] Froms for 'domain_error' (file share/libc/math.h, line 138)
assigns \result \from x;
Unverifiable but considered Valid.
-[ Extern ] Froms for 'normal' (file share/libc/math.h, line 131)
+[ Extern ] Froms for 'normal' (file share/libc/math.h, line 134)
assigns \result \from x;
Unverifiable but considered Valid.
[ Valid ] Default behavior
@@ -2411,28 +2459,28 @@
[ Extern ] Post-condition for 'domain_error' 'errno_set'
ensures errno_set: __fc_errno ≡ 1
Unverifiable but considered Valid.
-[ Extern ] Assigns (file share/libc/math.h, line 142)
+[ Extern ] Assigns (file share/libc/math.h, line 145)
assigns __fc_errno, \result;
Unverifiable but considered Valid.
-[ Extern ] Assigns for 'domain_error' (file share/libc/math.h, line 149)
+[ Extern ] Assigns for 'domain_error' (file share/libc/math.h, line 152)
assigns __fc_errno, \result;
Unverifiable but considered Valid.
[ Extern ] Assigns for 'normal' nothing
assigns \nothing;
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/math.h, line 142)
+[ Extern ] Froms (file share/libc/math.h, line 145)
assigns __fc_errno \from x;
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/math.h, line 142)
+[ Extern ] Froms (file share/libc/math.h, line 145)
assigns \result \from x;
Unverifiable but considered Valid.
-[ Extern ] Froms for 'domain_error' (file share/libc/math.h, line 149)
+[ Extern ] Froms for 'domain_error' (file share/libc/math.h, line 152)
assigns __fc_errno \from x;
Unverifiable but considered Valid.
-[ Extern ] Froms for 'domain_error' (file share/libc/math.h, line 149)
+[ Extern ] Froms for 'domain_error' (file share/libc/math.h, line 152)
assigns \result \from x;
Unverifiable but considered Valid.
-[ Extern ] Froms for 'normal' (file share/libc/math.h, line 145)
+[ Extern ] Froms for 'normal' (file share/libc/math.h, line 148)
assigns \result \from x;
Unverifiable but considered Valid.
[ Valid ] Default behavior
@@ -2455,28 +2503,28 @@
[ Extern ] Post-condition for 'domain_error' 'errno_set'
ensures errno_set: __fc_errno ≡ 1
Unverifiable but considered Valid.
-[ Extern ] Assigns (file share/libc/math.h, line 156)
+[ Extern ] Assigns (file share/libc/math.h, line 159)
assigns __fc_errno, \result;
Unverifiable but considered Valid.
-[ Extern ] Assigns for 'domain_error' (file share/libc/math.h, line 163)
+[ Extern ] Assigns for 'domain_error' (file share/libc/math.h, line 166)
assigns __fc_errno, \result;
Unverifiable but considered Valid.
[ Extern ] Assigns for 'normal' nothing
assigns \nothing;
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/math.h, line 156)
+[ Extern ] Froms (file share/libc/math.h, line 159)
assigns __fc_errno \from x;
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/math.h, line 156)
+[ Extern ] Froms (file share/libc/math.h, line 159)
assigns \result \from x;
Unverifiable but considered Valid.
-[ Extern ] Froms for 'domain_error' (file share/libc/math.h, line 163)
+[ Extern ] Froms for 'domain_error' (file share/libc/math.h, line 166)
assigns __fc_errno \from x;
Unverifiable but considered Valid.
-[ Extern ] Froms for 'domain_error' (file share/libc/math.h, line 163)
+[ Extern ] Froms for 'domain_error' (file share/libc/math.h, line 166)
assigns \result \from x;
Unverifiable but considered Valid.
-[ Extern ] Froms for 'normal' (file share/libc/math.h, line 159)
+[ Extern ] Froms for 'normal' (file share/libc/math.h, line 162)
assigns \result \from x;
Unverifiable but considered Valid.
[ Valid ] Default behavior
@@ -2499,28 +2547,28 @@
[ Extern ] Post-condition for 'domain_error' 'errno_set'
ensures errno_set: __fc_errno ≡ 1
Unverifiable but considered Valid.
-[ Extern ] Assigns (file share/libc/math.h, line 170)
+[ Extern ] Assigns (file share/libc/math.h, line 173)
assigns __fc_errno, \result;
Unverifiable but considered Valid.
-[ Extern ] Assigns for 'domain_error' (file share/libc/math.h, line 177)
+[ Extern ] Assigns for 'domain_error' (file share/libc/math.h, line 180)
assigns __fc_errno, \result;
Unverifiable but considered Valid.
[ Extern ] Assigns for 'normal' nothing
assigns \nothing;
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/math.h, line 170)
+[ Extern ] Froms (file share/libc/math.h, line 173)
assigns __fc_errno \from x;
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/math.h, line 170)
+[ Extern ] Froms (file share/libc/math.h, line 173)
assigns \result \from x;
Unverifiable but considered Valid.
-[ Extern ] Froms for 'domain_error' (file share/libc/math.h, line 177)
+[ Extern ] Froms for 'domain_error' (file share/libc/math.h, line 180)
assigns __fc_errno \from x;
Unverifiable but considered Valid.
-[ Extern ] Froms for 'domain_error' (file share/libc/math.h, line 177)
+[ Extern ] Froms for 'domain_error' (file share/libc/math.h, line 180)
assigns \result \from x;
Unverifiable but considered Valid.
-[ Extern ] Froms for 'normal' (file share/libc/math.h, line 173)
+[ Extern ] Froms for 'normal' (file share/libc/math.h, line 176)
assigns \result \from x;
Unverifiable but considered Valid.
[ Valid ] Default behavior
@@ -2543,28 +2591,28 @@
[ Extern ] Post-condition for 'domain_error' 'errno_set'
ensures errno_set: __fc_errno ≡ 1
Unverifiable but considered Valid.
-[ Extern ] Assigns (file share/libc/math.h, line 184)
+[ Extern ] Assigns (file share/libc/math.h, line 187)
assigns __fc_errno, \result;
Unverifiable but considered Valid.
-[ Extern ] Assigns for 'domain_error' (file share/libc/math.h, line 191)
+[ Extern ] Assigns for 'domain_error' (file share/libc/math.h, line 194)
assigns __fc_errno, \result;
Unverifiable but considered Valid.
[ Extern ] Assigns for 'normal' nothing
assigns \nothing;
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/math.h, line 184)
+[ Extern ] Froms (file share/libc/math.h, line 187)
assigns __fc_errno \from x;
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/math.h, line 184)
+[ Extern ] Froms (file share/libc/math.h, line 187)
assigns \result \from x;
Unverifiable but considered Valid.
-[ Extern ] Froms for 'domain_error' (file share/libc/math.h, line 191)
+[ Extern ] Froms for 'domain_error' (file share/libc/math.h, line 194)
assigns __fc_errno \from x;
Unverifiable but considered Valid.
-[ Extern ] Froms for 'domain_error' (file share/libc/math.h, line 191)
+[ Extern ] Froms for 'domain_error' (file share/libc/math.h, line 194)
assigns \result \from x;
Unverifiable but considered Valid.
-[ Extern ] Froms for 'normal' (file share/libc/math.h, line 187)
+[ Extern ] Froms for 'normal' (file share/libc/math.h, line 190)
assigns \result \from x;
Unverifiable but considered Valid.
[ Valid ] Default behavior
@@ -2587,28 +2635,28 @@
[ Extern ] Post-condition for 'domain_error' 'errno_set'
ensures errno_set: __fc_errno ≡ 1
Unverifiable but considered Valid.
-[ Extern ] Assigns (file share/libc/math.h, line 198)
+[ Extern ] Assigns (file share/libc/math.h, line 201)
assigns __fc_errno, \result;
Unverifiable but considered Valid.
-[ Extern ] Assigns for 'domain_error' (file share/libc/math.h, line 205)
+[ Extern ] Assigns for 'domain_error' (file share/libc/math.h, line 208)
assigns __fc_errno, \result;
Unverifiable but considered Valid.
[ Extern ] Assigns for 'normal' nothing
assigns \nothing;
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/math.h, line 198)
+[ Extern ] Froms (file share/libc/math.h, line 201)
assigns __fc_errno \from x;
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/math.h, line 198)
+[ Extern ] Froms (file share/libc/math.h, line 201)
assigns \result \from x;
Unverifiable but considered Valid.
-[ Extern ] Froms for 'domain_error' (file share/libc/math.h, line 205)
+[ Extern ] Froms for 'domain_error' (file share/libc/math.h, line 208)
assigns __fc_errno \from x;
Unverifiable but considered Valid.
-[ Extern ] Froms for 'domain_error' (file share/libc/math.h, line 205)
+[ Extern ] Froms for 'domain_error' (file share/libc/math.h, line 208)
assigns \result \from x;
Unverifiable but considered Valid.
-[ Extern ] Froms for 'normal' (file share/libc/math.h, line 201)
+[ Extern ] Froms for 'normal' (file share/libc/math.h, line 204)
assigns \result \from x;
Unverifiable but considered Valid.
[ Valid ] Default behavior
@@ -2634,7 +2682,7 @@
[ Extern ] Assigns nothing
assigns \nothing;
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/math.h, line 212)
+[ Extern ] Froms (file share/libc/math.h, line 215)
assigns \result \from x;
Unverifiable but considered Valid.
[ Valid ] Default behavior
@@ -2654,7 +2702,7 @@
[ Extern ] Assigns nothing
assigns \nothing;
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/math.h, line 219)
+[ Extern ] Froms (file share/libc/math.h, line 222)
assigns \result \from x;
Unverifiable but considered Valid.
[ Valid ] Default behavior
@@ -2674,7 +2722,7 @@
[ Extern ] Assigns nothing
assigns \nothing;
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/math.h, line 226)
+[ Extern ] Froms (file share/libc/math.h, line 229)
assigns \result \from x;
Unverifiable but considered Valid.
[ Valid ] Default behavior
@@ -2691,7 +2739,7 @@
[ Extern ] Assigns nothing
assigns \nothing;
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/math.h, line 234)
+[ Extern ] Froms (file share/libc/math.h, line 237)
assigns \result \from x, y;
Unverifiable but considered Valid.
[ Valid ] Default behavior
@@ -2708,7 +2756,7 @@
[ Extern ] Assigns nothing
assigns \nothing;
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/math.h, line 241)
+[ Extern ] Froms (file share/libc/math.h, line 244)
assigns \result \from x, y;
Unverifiable but considered Valid.
[ Valid ] Default behavior
@@ -2731,7 +2779,7 @@
[ Extern ] Assigns nothing
assigns \nothing;
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/math.h, line 249)
+[ Extern ] Froms (file share/libc/math.h, line 252)
assigns \result \from x;
Unverifiable but considered Valid.
[ Valid ] Default behavior
@@ -2751,7 +2799,7 @@
[ Extern ] Assigns nothing
assigns \nothing;
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/math.h, line 256)
+[ Extern ] Froms (file share/libc/math.h, line 259)
assigns \result \from x;
Unverifiable but considered Valid.
[ Valid ] Default behavior
@@ -2771,7 +2819,7 @@
[ Extern ] Assigns nothing
assigns \nothing;
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/math.h, line 263)
+[ Extern ] Froms (file share/libc/math.h, line 266)
assigns \result \from x;
Unverifiable but considered Valid.
[ Valid ] Default behavior
@@ -2791,7 +2839,7 @@
[ Extern ] Assigns nothing
assigns \nothing;
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/math.h, line 270)
+[ Extern ] Froms (file share/libc/math.h, line 273)
assigns \result \from x;
Unverifiable but considered Valid.
[ Valid ] Default behavior
@@ -2811,7 +2859,7 @@
[ Extern ] Assigns nothing
assigns \nothing;
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/math.h, line 277)
+[ Extern ] Froms (file share/libc/math.h, line 280)
assigns \result \from x;
Unverifiable but considered Valid.
[ Valid ] Default behavior
@@ -2831,7 +2879,7 @@
[ Extern ] Assigns nothing
assigns \nothing;
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/math.h, line 284)
+[ Extern ] Froms (file share/libc/math.h, line 287)
assigns \result \from x;
Unverifiable but considered Valid.
[ Valid ] Default behavior
@@ -2851,10 +2899,10 @@
[ Extern ] Post-condition for 'domain_error' 'errno_set'
ensures errno_set: __fc_errno ≡ 1
Unverifiable but considered Valid.
-[ Extern ] Assigns (file share/libc/math.h, line 295)
+[ Extern ] Assigns (file share/libc/math.h, line 298)
assigns __fc_errno, \result;
Unverifiable but considered Valid.
-[ Extern ] Assigns for 'domain_error' (file share/libc/math.h, line 306)
+[ Extern ] Assigns for 'domain_error' (file share/libc/math.h, line 309)
assigns __fc_errno, \result;
Unverifiable but considered Valid.
[ Extern ] Assigns for 'infinite' nothing
@@ -2863,22 +2911,22 @@
[ Extern ] Assigns for 'normal' nothing
assigns \nothing;
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/math.h, line 295)
+[ Extern ] Froms (file share/libc/math.h, line 298)
assigns __fc_errno \from x;
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/math.h, line 295)
+[ Extern ] Froms (file share/libc/math.h, line 298)
assigns \result \from x;
Unverifiable but considered Valid.
-[ Extern ] Froms for 'domain_error' (file share/libc/math.h, line 306)
+[ Extern ] Froms for 'domain_error' (file share/libc/math.h, line 309)
assigns __fc_errno \from x;
Unverifiable but considered Valid.
-[ Extern ] Froms for 'domain_error' (file share/libc/math.h, line 306)
+[ Extern ] Froms for 'domain_error' (file share/libc/math.h, line 309)
assigns \result \from x;
Unverifiable but considered Valid.
-[ Extern ] Froms for 'infinite' (file share/libc/math.h, line 302)
+[ Extern ] Froms for 'infinite' (file share/libc/math.h, line 305)
assigns \result \from x;
Unverifiable but considered Valid.
-[ Extern ] Froms for 'normal' (file share/libc/math.h, line 298)
+[ Extern ] Froms for 'normal' (file share/libc/math.h, line 301)
assigns \result \from x;
Unverifiable but considered Valid.
[ Valid ] Default behavior
@@ -2907,10 +2955,10 @@
[ Extern ] Post-condition for 'domain_error' 'errno_set'
ensures errno_set: __fc_errno ≡ 1
Unverifiable but considered Valid.
-[ Extern ] Assigns (file share/libc/math.h, line 313)
+[ Extern ] Assigns (file share/libc/math.h, line 316)
assigns __fc_errno, \result;
Unverifiable but considered Valid.
-[ Extern ] Assigns for 'domain_error' (file share/libc/math.h, line 324)
+[ Extern ] Assigns for 'domain_error' (file share/libc/math.h, line 327)
assigns __fc_errno, \result;
Unverifiable but considered Valid.
[ Extern ] Assigns for 'infinite' nothing
@@ -2919,22 +2967,22 @@
[ Extern ] Assigns for 'normal' nothing
assigns \nothing;
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/math.h, line 313)
+[ Extern ] Froms (file share/libc/math.h, line 316)
assigns __fc_errno \from x;
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/math.h, line 313)
+[ Extern ] Froms (file share/libc/math.h, line 316)
assigns \result \from x;
Unverifiable but considered Valid.
-[ Extern ] Froms for 'domain_error' (file share/libc/math.h, line 324)
+[ Extern ] Froms for 'domain_error' (file share/libc/math.h, line 327)
assigns __fc_errno \from x;
Unverifiable but considered Valid.
-[ Extern ] Froms for 'domain_error' (file share/libc/math.h, line 324)
+[ Extern ] Froms for 'domain_error' (file share/libc/math.h, line 327)
assigns \result \from x;
Unverifiable but considered Valid.
-[ Extern ] Froms for 'infinite' (file share/libc/math.h, line 320)
+[ Extern ] Froms for 'infinite' (file share/libc/math.h, line 323)
assigns \result \from x;
Unverifiable but considered Valid.
-[ Extern ] Froms for 'normal' (file share/libc/math.h, line 316)
+[ Extern ] Froms for 'normal' (file share/libc/math.h, line 319)
assigns \result \from x;
Unverifiable but considered Valid.
[ Valid ] Default behavior
@@ -2963,10 +3011,10 @@
[ Extern ] Post-condition for 'domain_error' 'errno_set'
ensures errno_set: __fc_errno ≡ 1
Unverifiable but considered Valid.
-[ Extern ] Assigns (file share/libc/math.h, line 331)
+[ Extern ] Assigns (file share/libc/math.h, line 334)
assigns __fc_errno, \result;
Unverifiable but considered Valid.
-[ Extern ] Assigns for 'domain_error' (file share/libc/math.h, line 342)
+[ Extern ] Assigns for 'domain_error' (file share/libc/math.h, line 345)
assigns __fc_errno, \result;
Unverifiable but considered Valid.
[ Extern ] Assigns for 'infinite' nothing
@@ -2975,22 +3023,22 @@
[ Extern ] Assigns for 'normal' nothing
assigns \nothing;
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/math.h, line 331)
+[ Extern ] Froms (file share/libc/math.h, line 334)
assigns __fc_errno \from x;
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/math.h, line 331)
+[ Extern ] Froms (file share/libc/math.h, line 334)
assigns \result \from x;
Unverifiable but considered Valid.
-[ Extern ] Froms for 'domain_error' (file share/libc/math.h, line 342)
+[ Extern ] Froms for 'domain_error' (file share/libc/math.h, line 345)
assigns __fc_errno \from x;
Unverifiable but considered Valid.
-[ Extern ] Froms for 'domain_error' (file share/libc/math.h, line 342)
+[ Extern ] Froms for 'domain_error' (file share/libc/math.h, line 345)
assigns \result \from x;
Unverifiable but considered Valid.
-[ Extern ] Froms for 'infinite' (file share/libc/math.h, line 338)
+[ Extern ] Froms for 'infinite' (file share/libc/math.h, line 341)
assigns \result \from x;
Unverifiable but considered Valid.
-[ Extern ] Froms for 'normal' (file share/libc/math.h, line 334)
+[ Extern ] Froms for 'normal' (file share/libc/math.h, line 337)
assigns \result \from x;
Unverifiable but considered Valid.
[ Valid ] Default behavior
@@ -3019,7 +3067,7 @@
[ Extern ] Assigns nothing
assigns \nothing;
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/math.h, line 370)
+[ Extern ] Froms (file share/libc/math.h, line 373)
assigns \result \from x;
Unverifiable but considered Valid.
[ Valid ] Default behavior
@@ -3039,7 +3087,7 @@
[ Extern ] Assigns nothing
assigns \nothing;
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/math.h, line 378)
+[ Extern ] Froms (file share/libc/math.h, line 381)
assigns \result \from x;
Unverifiable but considered Valid.
[ Valid ] Default behavior
@@ -3056,7 +3104,7 @@
[ Extern ] Assigns nothing
assigns \nothing;
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/math.h, line 408)
+[ Extern ] Froms (file share/libc/math.h, line 411)
assigns \result \from x;
Unverifiable but considered Valid.
[ Valid ] Default behavior
@@ -3073,7 +3121,7 @@
[ Extern ] Assigns nothing
assigns \nothing;
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/math.h, line 415)
+[ Extern ] Froms (file share/libc/math.h, line 418)
assigns \result \from x;
Unverifiable but considered Valid.
[ Valid ] Default behavior
@@ -3090,7 +3138,7 @@
[ Extern ] Assigns nothing
assigns \nothing;
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/math.h, line 422)
+[ Extern ] Froms (file share/libc/math.h, line 425)
assigns \result \from x;
Unverifiable but considered Valid.
[ Valid ] Default behavior
@@ -3107,7 +3155,7 @@
[ Extern ] Assigns nothing
assigns \nothing;
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/math.h, line 429)
+[ Extern ] Froms (file share/libc/math.h, line 432)
assigns \result \from x;
Unverifiable but considered Valid.
[ Valid ] Default behavior
@@ -3124,7 +3172,7 @@
[ Extern ] Assigns nothing
assigns \nothing;
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/math.h, line 436)
+[ Extern ] Froms (file share/libc/math.h, line 439)
assigns \result \from x;
Unverifiable but considered Valid.
[ Valid ] Default behavior
@@ -3141,7 +3189,7 @@
[ Extern ] Assigns nothing
assigns \nothing;
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/math.h, line 443)
+[ Extern ] Froms (file share/libc/math.h, line 446)
assigns \result \from x;
Unverifiable but considered Valid.
[ Valid ] Default behavior
@@ -3158,7 +3206,7 @@
[ Extern ] Assigns nothing
assigns \nothing;
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/math.h, line 454)
+[ Extern ] Froms (file share/libc/math.h, line 457)
assigns \result \from x;
Unverifiable but considered Valid.
[ Valid ] Default behavior
@@ -3175,7 +3223,7 @@
[ Extern ] Assigns nothing
assigns \nothing;
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/math.h, line 461)
+[ Extern ] Froms (file share/libc/math.h, line 464)
assigns \result \from x;
Unverifiable but considered Valid.
[ Valid ] Default behavior
@@ -3192,7 +3240,7 @@
[ Extern ] Assigns nothing
assigns \nothing;
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/math.h, line 468)
+[ Extern ] Froms (file share/libc/math.h, line 471)
assigns \result \from x;
Unverifiable but considered Valid.
[ Valid ] Default behavior
@@ -3217,7 +3265,7 @@
[ Extern ] Assigns nothing
assigns \nothing;
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/math.h, line 494)
+[ Extern ] Froms (file share/libc/math.h, line 497)
assigns \result \from x;
Unverifiable but considered Valid.
[ Valid ] Default behavior
@@ -3242,7 +3290,7 @@
[ Extern ] Assigns nothing
assigns \nothing;
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/math.h, line 502)
+[ Extern ] Froms (file share/libc/math.h, line 505)
assigns \result \from x;
Unverifiable but considered Valid.
[ Valid ] Default behavior
@@ -3267,7 +3315,7 @@
[ Extern ] Assigns nothing
assigns \nothing;
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/math.h, line 510)
+[ Extern ] Froms (file share/libc/math.h, line 513)
assigns \result \from x;
Unverifiable but considered Valid.
[ Valid ] Default behavior
@@ -3284,7 +3332,7 @@
[ Extern ] Assigns nothing
assigns \nothing;
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/math.h, line 523)
+[ Extern ] Froms (file share/libc/math.h, line 526)
assigns \result \from x, y;
Unverifiable but considered Valid.
[ Valid ] Default behavior
@@ -3301,7 +3349,7 @@
[ Extern ] Assigns nothing
assigns \nothing;
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/math.h, line 530)
+[ Extern ] Froms (file share/libc/math.h, line 533)
assigns \result \from x, y;
Unverifiable but considered Valid.
[ Valid ] Default behavior
@@ -3330,7 +3378,7 @@
[ Extern ] Assigns nothing
assigns \nothing;
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/math.h, line 539)
+[ Extern ] Froms (file share/libc/math.h, line 542)
assigns \result \from x;
Unverifiable but considered Valid.
[ Valid ] Default behavior
@@ -3353,7 +3401,7 @@
[ Extern ] Assigns nothing
assigns \nothing;
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/math.h, line 548)
+[ Extern ] Froms (file share/libc/math.h, line 551)
assigns \result \from x;
Unverifiable but considered Valid.
[ Valid ] Default behavior
@@ -3373,7 +3421,7 @@
[ Extern ] Assigns nothing
assigns \nothing;
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/math.h, line 557)
+[ Extern ] Froms (file share/libc/math.h, line 560)
assigns \result \from x;
Unverifiable but considered Valid.
[ Valid ] Default behavior
@@ -3390,7 +3438,7 @@
[ Extern ] Assigns nothing
assigns \nothing;
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/math.h, line 580)
+[ Extern ] Froms (file share/libc/math.h, line 583)
assigns \result \from x;
Unverifiable but considered Valid.
[ Valid ] Default behavior
@@ -3407,7 +3455,7 @@
[ Extern ] Assigns nothing
assigns \nothing;
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/math.h, line 586)
+[ Extern ] Froms (file share/libc/math.h, line 589)
assigns \result \from x;
Unverifiable but considered Valid.
[ Valid ] Default behavior
@@ -3424,7 +3472,7 @@
[ Extern ] Assigns nothing
assigns \nothing;
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/math.h, line 593)
+[ Extern ] Froms (file share/libc/math.h, line 596)
assigns \result \from x;
Unverifiable but considered Valid.
[ Valid ] Default behavior
@@ -3441,7 +3489,7 @@
[ Extern ] Assigns nothing
assigns \nothing;
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/math.h, line 599)
+[ Extern ] Froms (file share/libc/math.h, line 602)
assigns \result \from x;
Unverifiable but considered Valid.
[ Valid ] Default behavior
@@ -3458,7 +3506,7 @@
[ Extern ] Assigns nothing
assigns \nothing;
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/math.h, line 605)
+[ Extern ] Froms (file share/libc/math.h, line 608)
assigns \result \from x;
Unverifiable but considered Valid.
[ Valid ] Default behavior
@@ -3475,7 +3523,7 @@
[ Extern ] Assigns nothing
assigns \nothing;
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/math.h, line 611)
+[ Extern ] Froms (file share/libc/math.h, line 614)
assigns \result \from x;
Unverifiable but considered Valid.
[ Valid ] Default behavior
@@ -3492,7 +3540,7 @@
[ Extern ] Assigns nothing
assigns \nothing;
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/math.h, line 633)
+[ Extern ] Froms (file share/libc/math.h, line 636)
assigns \result \from x;
Unverifiable but considered Valid.
[ Valid ] Default behavior
@@ -3509,7 +3557,7 @@
[ Extern ] Assigns nothing
assigns \nothing;
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/math.h, line 639)
+[ Extern ] Froms (file share/libc/math.h, line 642)
assigns \result \from x;
Unverifiable but considered Valid.
[ Valid ] Default behavior
@@ -3526,7 +3574,7 @@
[ Extern ] Assigns nothing
assigns \nothing;
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/math.h, line 645)
+[ Extern ] Froms (file share/libc/math.h, line 648)
assigns \result \from x;
Unverifiable but considered Valid.
[ Valid ] Default behavior
@@ -3543,7 +3591,7 @@
[ Extern ] Assigns nothing
assigns \nothing;
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/math.h, line 659)
+[ Extern ] Froms (file share/libc/math.h, line 662)
assigns \result \from x;
Unverifiable but considered Valid.
[ Valid ] Default behavior
@@ -3560,7 +3608,7 @@
[ Extern ] Assigns nothing
assigns \nothing;
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/math.h, line 665)
+[ Extern ] Froms (file share/libc/math.h, line 668)
assigns \result \from x;
Unverifiable but considered Valid.
[ Valid ] Default behavior
@@ -3577,7 +3625,7 @@
[ Extern ] Assigns nothing
assigns \nothing;
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/math.h, line 671)
+[ Extern ] Froms (file share/libc/math.h, line 674)
assigns \result \from x;
Unverifiable but considered Valid.
[ Valid ] Default behavior
@@ -3594,7 +3642,7 @@
[ Extern ] Assigns nothing
assigns \nothing;
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/math.h, line 678)
+[ Extern ] Froms (file share/libc/math.h, line 681)
assigns \result \from x, y;
Unverifiable but considered Valid.
[ Valid ] Default behavior
@@ -3611,7 +3659,7 @@
[ Extern ] Assigns nothing
assigns \nothing;
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/math.h, line 685)
+[ Extern ] Froms (file share/libc/math.h, line 688)
assigns \result \from x, y;
Unverifiable but considered Valid.
[ Valid ] Default behavior
@@ -3628,7 +3676,7 @@
[ Extern ] Assigns nothing
assigns \nothing;
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/math.h, line 706)
+[ Extern ] Froms (file share/libc/math.h, line 709)
assigns \result \from (indirect: *(tagp + (0 ..)));
Unverifiable but considered Valid.
[ Valid ] Default behavior
@@ -3645,7 +3693,7 @@
[ Extern ] Assigns nothing
assigns \nothing;
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/math.h, line 713)
+[ Extern ] Froms (file share/libc/math.h, line 716)
assigns \result \from (indirect: *(tagp + (0 ..)));
Unverifiable but considered Valid.
[ Valid ] Default behavior
@@ -3662,7 +3710,7 @@
[ Extern ] Assigns nothing
assigns \nothing;
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/math.h, line 720)
+[ Extern ] Froms (file share/libc/math.h, line 723)
assigns \result \from (indirect: *(tagp + (0 ..)));
Unverifiable but considered Valid.
[ Valid ] Default behavior
@@ -3679,7 +3727,7 @@
[ Extern ] Assigns nothing
assigns \nothing;
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/math.h, line 768)
+[ Extern ] Froms (file share/libc/math.h, line 771)
assigns \result \from \nothing;
Unverifiable but considered Valid.
[ Valid ] Default behavior
@@ -3696,7 +3744,7 @@
[ Extern ] Assigns nothing
assigns \nothing;
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/math.h, line 774)
+[ Extern ] Froms (file share/libc/math.h, line 777)
assigns \result \from \nothing;
Unverifiable but considered Valid.
[ Valid ] Default behavior
@@ -4058,9 +4106,9 @@
--------------------------------------------------------------------------------
--- Status Report Summary
--------------------------------------------------------------------------------
- 179 Completely validated
+ 181 Completely validated
16 Locally validated
- 486 Considered valid
+ 494 Considered valid
56 To be validated
- 737 Total
+ 747 Total
--------------------------------------------------------------------------------
diff --git a/tests/libc/math_h.c b/tests/libc/math_h.c
index 06901268917023b9fc57f8a3872708c8836455ef..95ded2bf103805d967ffae4a1525e5a4bc828ae6 100644
--- a/tests/libc/math_h.c
+++ b/tests/libc/math_h.c
@@ -1,5 +1,7 @@
+/* run.config
+ STDOPT: #"-warn-special-float none" #"-cpp-extra-args=\"-DNONFINITE\""
+*/
#include <math.h>
-
const double pi = 3.14159265358979323846264338327950288;
const double half_pi = 1.57079632679489661923132169163975144;
const double e = 2.718281828459045090795598298427648842334747314453125;
@@ -17,6 +19,14 @@ const double minus_zero = -0.0;
const double one = 1.0;
const double minus_one = -1.0;
const double large = 1e38;
+#ifdef NONFINITE
+const double huge_val = HUGE_VAL;
+const float huge_valf = HUGE_VALF;
+const long double huge_vall = HUGE_VALL;
+#endif
+const float infinity = INFINITY;
+const double fp_ilogb0 = FP_ILOGB0;
+const double fp_ilogbnan = FP_ILOGBNAN;
#define TEST_VAL(type,f,c) type f##_##c = f(c)
diff --git a/tests/libc/more_gcc_builtins.c b/tests/libc/more_gcc_builtins.c
index 835f64e8cc80a61eacd93ae770e9db917b75881f..d3d023ac786338c8701dd77e2a3baaefbc959b03 100644
--- a/tests/libc/more_gcc_builtins.c
+++ b/tests/libc/more_gcc_builtins.c
@@ -2,7 +2,7 @@
STDOPT: #"-machdep gcc_x86_32"
*/
-
+volatile int v;
#include <limits.h>
int main() {
@@ -42,5 +42,32 @@ int main() {
r = __builtin_smulll_overflow(-1, LLONG_MIN, &llres);
//@ assert llres == (long long)(-1 * LLONG_MIN);
//@ assert r == 1;
+ if (v) {
+ __builtin_clz(0);
+ //@ assert unreachable:\false;
+ }
+ res = __builtin_clz(1);
+ //@ assert 0 <= res < CHAR_BIT * sizeof(int);
+ res = __builtin_clzl(ULONG_MAX);
+ //@ assert 0 <= res < CHAR_BIT * sizeof(long);
+ res = __builtin_clzll(ULLONG_MAX);
+ //@ assert 0 <= res < CHAR_BIT * sizeof(long long);
+ if (v) {
+ __builtin_ctz(0);
+ //@ assert unreachable:\false;
+ }
+ res = __builtin_ctz(42);
+ //@ assert 0 <= res < CHAR_BIT * sizeof(int);
+ res = __builtin_ctzl(1234567);
+ //@ assert 0 <= res < CHAR_BIT * sizeof(long);
+ res = __builtin_ctzll(1);
+ //@ assert 0 <= res < CHAR_BIT * sizeof(long long);
+
+ res = __builtin_popcount(0);
+ //@ assert 0 <= res <= CHAR_BIT * sizeof(int);
+ res = __builtin_popcountl(ULONG_MAX);
+ //@ assert 0 <= res <= CHAR_BIT * sizeof(long);
+ res = __builtin_popcountll(ULLONG_MAX);
+ //@ assert 0 <= res <= CHAR_BIT * sizeof(long long);
return 0;
}
diff --git a/tests/libc/oracle/coverage.res.oracle b/tests/libc/oracle/coverage.res.oracle
index 420792611b3362b3a757d44b3f9aaed2938edbb8..f0696a6f2d10b1655035a8924f10f4055b0c0180 100644
--- a/tests/libc/oracle/coverage.res.oracle
+++ b/tests/libc/oracle/coverage.res.oracle
@@ -28,7 +28,7 @@
main: 4 stmts out of 4 (100.0%)
[metrics] Eva coverage statistics
=======================
- Syntactically reachable functions = 2 (out of 112)
+ Syntactically reachable functions = 2 (out of 113)
Semantically reached functions = 2
Coverage estimation = 100.0%
[metrics] Statements analyzed by Eva
diff --git a/tests/libc/oracle/fc_libc.0.res.oracle b/tests/libc/oracle/fc_libc.0.res.oracle
index 4576d6a15ca9cc6943355fe7b5202f4cd0ce2680..fefd9fce133ac0e463ea535e54a79caec09fc2af 100644
--- a/tests/libc/oracle/fc_libc.0.res.oracle
+++ b/tests/libc/oracle/fc_libc.0.res.oracle
@@ -40,7 +40,7 @@
unsetenv (0 call); wcscat (0 call); wcscpy (0 call); wcslen (2 calls);
wcsncat (0 call); wcsncpy (0 call); wmemcpy (0 call); wmemset (0 call);
- Undefined functions (390)
+ Undefined functions (406)
=========================
FD_CLR (0 call); FD_ISSET (0 call); FD_SET (0 call); FD_ZERO (0 call);
Frama_C_int_interval (0 call); Frama_C_long_interval (0 call);
@@ -51,18 +51,21 @@
Frama_C_unsigned_long_interval (0 call);
Frama_C_unsigned_long_long_interval (0 call);
Frama_C_unsigned_short_interval (0 call); _Exit (0 call);
- __builtin_abort (1 call); __builtin_sadd_overflow (0 call);
- __builtin_saddl_overflow (0 call); __builtin_saddll_overflow (0 call);
- __builtin_smul_overflow (0 call); __builtin_smull_overflow (0 call);
- __builtin_smulll_overflow (0 call); __builtin_ssub_overflow (0 call);
- __builtin_ssubl_overflow (0 call); __builtin_ssubll_overflow (0 call);
- __builtin_uadd_overflow (0 call); __builtin_uaddl_overflow (0 call);
- __builtin_uaddll_overflow (0 call); __builtin_umul_overflow (0 call);
- __builtin_umull_overflow (0 call); __builtin_umulll_overflow (0 call);
- __builtin_usub_overflow (0 call); __builtin_usubl_overflow (0 call);
- __builtin_usubll_overflow (0 call); __fc_fpclassify (0 call);
- __fc_fpclassifyf (0 call); __fc_infinity (0 call); __fc_nan (0 call);
- __va_fcntl_flock (0 call); __va_fcntl_int (0 call);
+ __builtin_abort (1 call); __builtin_clz (0 call); __builtin_clzl (0 call);
+ __builtin_clzll (0 call); __builtin_ctz (0 call); __builtin_ctzl (0 call);
+ __builtin_ctzll (0 call); __builtin_popcount (0 call);
+ __builtin_popcountl (0 call); __builtin_popcountll (0 call);
+ __builtin_sadd_overflow (0 call); __builtin_saddl_overflow (0 call);
+ __builtin_saddll_overflow (0 call); __builtin_smul_overflow (0 call);
+ __builtin_smull_overflow (0 call); __builtin_smulll_overflow (0 call);
+ __builtin_ssub_overflow (0 call); __builtin_ssubl_overflow (0 call);
+ __builtin_ssubll_overflow (0 call); __builtin_uadd_overflow (0 call);
+ __builtin_uaddl_overflow (0 call); __builtin_uaddll_overflow (0 call);
+ __builtin_umul_overflow (0 call); __builtin_umull_overflow (0 call);
+ __builtin_umulll_overflow (0 call); __builtin_usub_overflow (0 call);
+ __builtin_usubl_overflow (0 call); __builtin_usubll_overflow (0 call);
+ __fc_fpclassify (0 call); __fc_fpclassifyf (0 call); __fc_infinity (0 call);
+ __fc_nan (0 call); __va_fcntl_flock (0 call); __va_fcntl_int (0 call);
__va_fcntl_void (0 call); __va_ioctl_int (0 call); __va_ioctl_ptr (0 call);
__va_ioctl_void (0 call); __va_open_mode_t (0 call);
__va_open_void (0 call); __va_openat_mode_t (0 call);
@@ -91,9 +94,9 @@
flockfile (0 call); floor (0 call); floorf (0 call); floorl (0 call);
fmod (0 call); fmodf (0 call); fopen (0 call); fork (0 call);
fputc (0 call); fputs (0 call); fread (0 call); free (1 call);
- freeaddrinfo (0 call); freopen (0 call); fseek (0 call); fsetpos (0 call);
- ftell (0 call); ftrylockfile (0 call); funlockfile (0 call);
- fwrite (0 call); gai_strerror (0 call); getc (0 call);
+ freeaddrinfo (0 call); freopen (0 call); fseek (0 call); fseeko (0 call);
+ fsetpos (0 call); ftell (0 call); ftello (0 call); ftrylockfile (0 call);
+ funlockfile (0 call); fwrite (0 call); gai_strerror (0 call); getc (0 call);
getc_unlocked (0 call); getchar (0 call); getchar_unlocked (0 call);
getcwd (0 call); getegid (0 call); geteuid (0 call); getgid (0 call);
gethostname (0 call); getitimer (0 call); getopt (0 call);
@@ -111,8 +114,9 @@
localtime (0 call); log (0 call); log10 (0 call); log10f (0 call);
log10l (0 call); log2 (0 call); log2f (0 call); log2l (0 call);
logf (0 call); logl (0 call); longjmp (0 call); lrand48 (0 call);
- lseek (0 call); malloc (7 calls); mblen (0 call); mbstowcs (0 call);
- mbtowc (0 call); mkdir (0 call); mkstemp (0 call); mktime (0 call);
+ lseek (0 call); lstat (0 call); makedev (0 call); malloc (7 calls);
+ mblen (0 call); mbstowcs (0 call); mbtowc (0 call); mkdir (0 call);
+ mkfifo (0 call); mknod (0 call); mkstemp (0 call); mktime (0 call);
mrand48 (0 call); nan (0 call); nanf (0 call); nanl (0 call);
nanosleep (0 call); nrand48 (0 call); ntohl (0 call); ntohs (0 call);
open (0 call); openat (0 call); opendir (0 call); openlog (0 call);
@@ -141,23 +145,23 @@
sinf (0 call); sinl (0 call); socket (0 call); socketpair (0 call);
sqrt (0 call); sqrtf (0 call); sqrtl (0 call); srand (0 call);
srand48 (0 call); srandom (0 call); stat (0 call); stpcpy (0 call);
- strcasestr (0 call); strcoll (0 call); strcspn (0 call); strftime (0 call);
- strlcat (0 call); strlcpy (0 call); strncasecmp (0 call); strpbrk (0 call);
- strsep (0 call); strspn (0 call); strtod (0 call); strtof (0 call);
- strtoimax (0 call); strtok (0 call); strtok_r (0 call); strtol (0 call);
- strtold (0 call); strtoll (0 call); strtoul (0 call); strtoull (0 call);
- strxfrm (0 call); sync (0 call); sysconf (0 call); syslog (0 call);
- system (0 call); tcflush (0 call); tcgetattr (0 call); tcsetattr (0 call);
- time (0 call); times (0 call); tmpfile (0 call); tmpnam (0 call);
- trunc (0 call); truncf (0 call); truncl (0 call); ttyname (0 call);
- tzset (0 call); umask (0 call); ungetc (0 call); unlink (0 call);
- usleep (0 call); utimes (0 call); vfprintf (0 call); vfscanf (0 call);
- vprintf (0 call); vscanf (0 call); vsnprintf (0 call); vsprintf (0 call);
- vsyslog (0 call); wait (0 call); waitpid (0 call); wcschr (0 call);
- wcscmp (0 call); wcscspn (0 call); wcslcat (0 call); wcslcpy (0 call);
- wcsncmp (0 call); wcspbrk (0 call); wcsrchr (0 call); wcsspn (0 call);
- wcsstr (0 call); wcstombs (0 call); wctomb (0 call); wmemchr (0 call);
- wmemcmp (0 call); wmemmove (0 call); write (0 call);
+ strcasestr (0 call); strchrnul (0 call); strcoll (0 call); strcspn (0 call);
+ strftime (0 call); strlcat (0 call); strlcpy (0 call); strncasecmp (0 call);
+ strpbrk (0 call); strsep (0 call); strspn (0 call); strtod (0 call);
+ strtof (0 call); strtoimax (0 call); strtok (0 call); strtok_r (0 call);
+ strtol (0 call); strtold (0 call); strtoll (0 call); strtoul (0 call);
+ strtoull (0 call); strxfrm (0 call); sync (0 call); sysconf (0 call);
+ syslog (0 call); system (0 call); tcflush (0 call); tcgetattr (0 call);
+ tcsetattr (0 call); time (0 call); times (0 call); tmpfile (0 call);
+ tmpnam (0 call); trunc (0 call); truncf (0 call); truncl (0 call);
+ ttyname (0 call); tzset (0 call); umask (0 call); ungetc (0 call);
+ unlink (0 call); usleep (0 call); utimes (0 call); vfprintf (0 call);
+ vfscanf (0 call); vprintf (0 call); vscanf (0 call); vsnprintf (0 call);
+ vsprintf (0 call); vsyslog (0 call); wait (0 call); waitpid (0 call);
+ wcschr (0 call); wcscmp (0 call); wcscspn (0 call); wcslcat (0 call);
+ wcslcpy (0 call); wcsncmp (0 call); wcspbrk (0 call); wcsrchr (0 call);
+ wcsspn (0 call); wcsstr (0 call); wcstombs (0 call); wctomb (0 call);
+ wmemchr (0 call); wmemcmp (0 call); wmemmove (0 call); write (0 call);
'Extern' global variables (16)
==============================
@@ -180,7 +184,7 @@
Goto = 89
Assignment = 438
Exit point = 82
- Function = 472
+ Function = 488
Function call = 89
Pointer dereferencing = 158
Cyclomatic complexity = 286
diff --git a/tests/libc/oracle/fc_libc.1.res.oracle b/tests/libc/oracle/fc_libc.1.res.oracle
index 705dcf5c78ca7dac8390b734fb4b5276c36e83bd..f940ecca0a0a3bd89df54454c6c97cbe5cbfa77a 100644
--- a/tests/libc/oracle/fc_libc.1.res.oracle
+++ b/tests/libc/oracle/fc_libc.1.res.oracle
@@ -3999,6 +3999,15 @@ extern int strcoll(char const *s1, char const *s2);
char *strchr(char const *s, int c);
+/*@ requires valid_string_s: valid_read_string(s);
+ ensures
+ result_same_base: \subset(\result, \old(s) + (0 .. strlen(\old(s))));
+ assigns \result;
+ assigns \result
+ \from s, (indirect: *(s + (0 .. strlen{Old}(s)))), (indirect: c);
+ */
+extern char *strchrnul(char const *s, int c);
+
char *strrchr(char const *s, int c);
/*@ requires valid_string_s: valid_read_string(s);
@@ -4802,6 +4811,17 @@ extern int fgetpos(FILE * __restrict stream, fpos_t * __restrict pos);
*/
extern int fseek(FILE *stream, long offset, int whence);
+/*@ requires valid_stream: \valid(stream);
+ requires whence_enum: whence ≡ 0 ∨ whence ≡ 1 ∨ whence ≡ 2;
+ assigns *stream, \result, __fc_errno;
+ assigns *stream \from *stream, (indirect: offset), (indirect: whence);
+ assigns \result
+ \from (indirect: *stream), (indirect: offset), (indirect: whence);
+ assigns __fc_errno
+ \from (indirect: *stream), (indirect: offset), (indirect: whence);
+ */
+extern int fseeko(FILE *stream, off_t offset, int whence);
+
/*@ requires valid_stream: \valid(stream);
requires valid_pos: \valid_read(pos);
requires initialization: pos: \initialized(pos);
@@ -4821,6 +4841,17 @@ extern int fsetpos(FILE *stream, fpos_t const *pos);
*/
extern long ftell(FILE *stream);
+/*@ requires valid_stream: \valid(stream);
+ ensures
+ success_or_error:
+ \result ≡ -1 ∨
+ (\result ≥ 0 ∧ __fc_errno ≡ \old(__fc_errno));
+ assigns \result, __fc_errno;
+ assigns \result \from (indirect: *stream);
+ assigns __fc_errno \from (indirect: *stream);
+ */
+extern off_t ftello(FILE *stream);
+
/*@ requires valid_stream: \valid(stream);
assigns *stream;
assigns *stream \from \nothing;
@@ -4954,6 +4985,10 @@ extern int pclose(FILE *stream);
ssize_t getline(char **lineptr, size_t *n, FILE *stream);
+/*@ assigns \result;
+ assigns \result \from maj, min; */
+extern dev_t makedev(int maj, int min);
+
FILE __fc_initial_stdout =
{.__fc_FILE_id = (unsigned int)1, .__fc_FILE_data = 0U};
FILE *__fc_stdout = & __fc_initial_stdout;
@@ -5915,7 +5950,8 @@ char *strncpy(char *dest, char const *src, size_t n)
/*@ requires valid_string_s: valid_read_string(s);
assigns \result;
- assigns \result \from s, *(s + (0 ..)), c;
+ assigns \result
+ \from s, (indirect: *(s + (0 .. strlen{Old}(s)))), (indirect: c);
behavior found:
assumes char_found: strchr(s, c) ≡ \true;
@@ -7202,6 +7238,66 @@ _Bool __builtin_umull_overflow(unsigned long a, unsigned long b,
_Bool __builtin_umulll_overflow(unsigned long long a, unsigned long long b,
unsigned long long *res);
+/*@ requires x_nonzero: x ≢ 0;
+ ensures result_is_bit_count: 0 ≤ \result < 8 * sizeof(\old(x));
+ assigns \result;
+ assigns \result \from (indirect: x);
+ */
+int __builtin_clz(unsigned int x);
+
+/*@ requires x_nonzero: x ≢ 0;
+ ensures result_is_bit_count: 0 ≤ \result < 8 * sizeof(\old(x));
+ assigns \result;
+ assigns \result \from (indirect: x);
+ */
+int __builtin_clzl(unsigned long x);
+
+/*@ requires x_nonzero: x ≢ 0;
+ ensures result_is_bit_count: 0 ≤ \result < 8 * sizeof(\old(x));
+ assigns \result;
+ assigns \result \from (indirect: x);
+ */
+int __builtin_clzll(unsigned long long x);
+
+/*@ requires x_nonzero: x ≢ 0;
+ ensures result_is_bit_count: 0 ≤ \result < 8 * sizeof(\old(x));
+ assigns \result;
+ assigns \result \from (indirect: x);
+ */
+int __builtin_ctz(unsigned int x);
+
+/*@ requires x_nonzero: x ≢ 0;
+ ensures result_is_bit_count: 0 ≤ \result < 8 * sizeof(\old(x));
+ assigns \result;
+ assigns \result \from (indirect: x);
+ */
+int __builtin_ctzl(unsigned long x);
+
+/*@ requires x_nonzero: x ≢ 0;
+ ensures result_is_bit_count: 0 ≤ \result < 8 * sizeof(\old(x));
+ assigns \result;
+ assigns \result \from (indirect: x);
+ */
+int __builtin_ctzll(unsigned long long x);
+
+/*@ ensures result_is_bit_count: 0 ≤ \result ≤ 8 * sizeof(\old(x));
+ assigns \result;
+ assigns \result \from (indirect: x);
+ */
+int __builtin_popcount(unsigned int x);
+
+/*@ ensures result_is_bit_count: 0 ≤ \result ≤ 8 * sizeof(\old(x));
+ assigns \result;
+ assigns \result \from (indirect: x);
+ */
+int __builtin_popcountl(unsigned long x);
+
+/*@ ensures result_is_bit_count: 0 ≤ \result ≤ 8 * sizeof(\old(x));
+ assigns \result;
+ assigns \result \from (indirect: x);
+ */
+int __builtin_popcountll(unsigned long long x);
+
/*@ requires valid_filename: valid_read_string(filename);
assigns \result;
assigns \result \from (indirect: *(filename + (0 ..))), (indirect: mode);
@@ -7531,14 +7627,44 @@ extern int setitimer(int which,
extern int select(int nfds, fd_set *readfds, fd_set *writefds,
fd_set *errorfds, struct timeval *timeout);
-/*@ requires valid_string_path: valid_read_string(path);
+/*@ requires valid_path: valid_read_string(path);
+ requires valid_buf: \valid(buf);
+ ensures result_ok_or_error: \result ≡ 0 ∨ \result ≡ -1;
+ assigns \result, *buf;
+ assigns \result
+ \from (indirect: path), (indirect: *(path + (0 .. strlen{Old}(path))));
+ assigns *buf
+ \from (indirect: path), (indirect: *(path + (0 .. strlen{Old}(path))));
+ */
+extern int lstat(char const *path, struct stat *buf);
+
+/*@ requires valid_path: valid_read_string(path);
ensures result_ok_or_error: \result ≡ 0 ∨ \result ≡ -1;
assigns \result;
assigns \result
- \from (indirect: path), (indirect: *(path + (0 ..))), (indirect: mode);
+ \from (indirect: path), (indirect: *(path + (0 .. strlen{Old}(path)))),
+ (indirect: mode);
*/
extern int mkdir(char const *path, mode_t mode);
+/*@ requires valid_path: valid_read_string(path);
+ ensures result_ok_or_error: \result ≡ 0 ∨ \result ≡ -1;
+ assigns \result;
+ assigns \result
+ \from (indirect: path), (indirect: *(path + (0 .. strlen{Old}(path)))),
+ (indirect: mode);
+ */
+extern int mkfifo(char const *path, mode_t mode);
+
+/*@ requires valid_path: valid_read_string(path);
+ ensures result_ok_or_error: \result ≡ 0 ∨ \result ≡ -1;
+ assigns \result;
+ assigns \result
+ \from (indirect: path), (indirect: *(path + (0 .. strlen{Old}(path)))),
+ (indirect: mode), (indirect: dev);
+ */
+extern int mknod(char const *path, mode_t mode, dev_t dev);
+
/*@ requires valid_pathname: valid_read_string(pathname);
requires valid_buf: \valid(buf);
ensures result_ok_or_error: \result ≡ 0 ∨ \result ≡ -1;
@@ -7546,8 +7672,8 @@ extern int mkdir(char const *path, mode_t mode);
init_on_success: initialization: buf:
\result ≡ 0 ⇒ \initialized(\old(buf));
assigns \result, *buf;
- assigns \result \from *(pathname + (0 ..));
- assigns *buf \from *(pathname + (0 ..));
+ assigns \result \from *(pathname + (0 .. strlen{Old}(pathname)));
+ assigns *buf \from *(pathname + (0 .. strlen{Old}(pathname)));
*/
extern int stat(char const *pathname, struct stat *buf);
diff --git a/tests/libc/oracle/math_h.res.oracle b/tests/libc/oracle/math_h.res.oracle
index 3e49cb57de38e81d730fc90e4c4e8b1155f152ec..cf2aaaa418c7a222f1075e5c20d0b5d874d4c60a 100644
--- a/tests/libc/oracle/math_h.res.oracle
+++ b/tests/libc/oracle/math_h.res.oracle
@@ -1,5 +1,5 @@
[kernel] Parsing tests/libc/math_h.c (with preprocessing)
-[kernel:parser:decimal-float] tests/libc/math_h.c:3: Warning:
+[kernel:parser:decimal-float] tests/libc/math_h.c:5: Warning:
Floating-point constant 3.14159265358979323846264338327950288 is not represented exactly. Will use 0x1.921fb54442d18p1.
(warn-once: no further messages from category 'parser:decimal-float' will be emitted)
[eva] Analyzing a complete application starting at main
@@ -23,292 +23,286 @@
one ∈ {1.}
minus_one ∈ {-1.}
large ∈ {1e+38}
+ huge_val ∈ {inf}
+ huge_valf ∈ {inf}
+ huge_vall ∈ {inf}
+ infinity ∈ {inf}
+ fp_ilogb0 ∈ {-2147483648.}
+ fp_ilogbnan ∈ {-2147483648.}
[eva] computing for function atan <- main.
- Called from tests/libc/math_h.c:35.
+ Called from tests/libc/math_h.c:45.
[eva] using specification for function atan
-[eva] tests/libc/math_h.c:35:
+[eva] tests/libc/math_h.c:45:
function atan: precondition 'finite_arg' got status valid.
[eva] Done for function atan
[eva] computing for function atan <- main.
- Called from tests/libc/math_h.c:35.
-[eva] tests/libc/math_h.c:35:
+ Called from tests/libc/math_h.c:45.
+[eva] tests/libc/math_h.c:45:
function atan: precondition 'finite_arg' got status valid.
[eva] Done for function atan
[eva] computing for function atan <- main.
- Called from tests/libc/math_h.c:35.
-[eva] tests/libc/math_h.c:35:
+ Called from tests/libc/math_h.c:45.
+[eva] tests/libc/math_h.c:45:
function atan: precondition 'finite_arg' got status valid.
[eva] Done for function atan
[eva] computing for function atan <- main.
- Called from tests/libc/math_h.c:35.
-[eva] tests/libc/math_h.c:35:
+ Called from tests/libc/math_h.c:45.
+[eva] tests/libc/math_h.c:45:
function atan: precondition 'finite_arg' got status valid.
[eva] Done for function atan
[eva] computing for function atan <- main.
- Called from tests/libc/math_h.c:35.
-[eva] tests/libc/math_h.c:35:
+ Called from tests/libc/math_h.c:45.
+[eva] tests/libc/math_h.c:45:
function atan: precondition 'finite_arg' got status valid.
[eva] Done for function atan
[eva] computing for function atan <- main.
- Called from tests/libc/math_h.c:35.
-[eva] tests/libc/math_h.c:35:
+ Called from tests/libc/math_h.c:45.
+[eva] tests/libc/math_h.c:45:
function atan: precondition 'finite_arg' got status valid.
[eva] Done for function atan
[eva] computing for function atan <- main.
- Called from tests/libc/math_h.c:35.
-[eva] tests/libc/math_h.c:35:
+ Called from tests/libc/math_h.c:45.
+[eva] tests/libc/math_h.c:45:
function atan: precondition 'finite_arg' got status valid.
[eva] Done for function atan
[eva] computing for function atan <- main.
- Called from tests/libc/math_h.c:35.
-[eva] tests/libc/math_h.c:35:
+ Called from tests/libc/math_h.c:45.
+[eva] tests/libc/math_h.c:45:
function atan: precondition 'finite_arg' got status valid.
[eva] Done for function atan
-[eva:alarm] tests/libc/math_h.c:35: Warning:
- non-finite double value. assert \is_finite(top);
[eva] computing for function atan <- main.
- Called from tests/libc/math_h.c:35.
-[eva] tests/libc/math_h.c:35:
- function atan: precondition 'finite_arg' got status valid.
+ Called from tests/libc/math_h.c:45.
+[eva:alarm] tests/libc/math_h.c:45: Warning:
+ function atan: precondition 'finite_arg' got status unknown.
[eva] Done for function atan
[eva] computing for function atanf <- main.
- Called from tests/libc/math_h.c:36.
+ Called from tests/libc/math_h.c:46.
[eva] using specification for function atanf
-[eva] tests/libc/math_h.c:36:
+[eva] tests/libc/math_h.c:46:
function atanf: precondition 'finite_arg' got status valid.
[eva] Done for function atanf
[eva] computing for function atanf <- main.
- Called from tests/libc/math_h.c:36.
-[eva] tests/libc/math_h.c:36:
+ Called from tests/libc/math_h.c:46.
+[eva] tests/libc/math_h.c:46:
function atanf: precondition 'finite_arg' got status valid.
[eva] Done for function atanf
[eva] computing for function atanf <- main.
- Called from tests/libc/math_h.c:36.
-[eva] tests/libc/math_h.c:36:
+ Called from tests/libc/math_h.c:46.
+[eva] tests/libc/math_h.c:46:
function atanf: precondition 'finite_arg' got status valid.
[eva] Done for function atanf
[eva] computing for function atanf <- main.
- Called from tests/libc/math_h.c:36.
-[eva] tests/libc/math_h.c:36:
+ Called from tests/libc/math_h.c:46.
+[eva] tests/libc/math_h.c:46:
function atanf: precondition 'finite_arg' got status valid.
[eva] Done for function atanf
[eva] computing for function atanf <- main.
- Called from tests/libc/math_h.c:36.
-[eva] tests/libc/math_h.c:36:
+ Called from tests/libc/math_h.c:46.
+[eva] tests/libc/math_h.c:46:
function atanf: precondition 'finite_arg' got status valid.
[eva] Done for function atanf
[eva] computing for function atanf <- main.
- Called from tests/libc/math_h.c:36.
-[eva] tests/libc/math_h.c:36:
+ Called from tests/libc/math_h.c:46.
+[eva] tests/libc/math_h.c:46:
function atanf: precondition 'finite_arg' got status valid.
[eva] Done for function atanf
[eva] computing for function atanf <- main.
- Called from tests/libc/math_h.c:36.
-[eva] tests/libc/math_h.c:36:
+ Called from tests/libc/math_h.c:46.
+[eva] tests/libc/math_h.c:46:
function atanf: precondition 'finite_arg' got status valid.
[eva] Done for function atanf
[eva] computing for function atanf <- main.
- Called from tests/libc/math_h.c:36.
-[eva] tests/libc/math_h.c:36:
+ Called from tests/libc/math_h.c:46.
+[eva] tests/libc/math_h.c:46:
function atanf: precondition 'finite_arg' got status valid.
[eva] Done for function atanf
-[eva:alarm] tests/libc/math_h.c:36: Warning:
- non-finite float value. assert \is_finite(f_top);
[eva] computing for function atanf <- main.
- Called from tests/libc/math_h.c:36.
-[eva] tests/libc/math_h.c:36:
- function atanf: precondition 'finite_arg' got status valid.
+ Called from tests/libc/math_h.c:46.
+[eva:alarm] tests/libc/math_h.c:46: Warning:
+ function atanf: precondition 'finite_arg' got status unknown.
[eva] Done for function atanf
[eva] computing for function atanl <- main.
- Called from tests/libc/math_h.c:37.
+ Called from tests/libc/math_h.c:47.
[eva] using specification for function atanl
-[eva] tests/libc/math_h.c:37:
+[eva] tests/libc/math_h.c:47:
function atanl: precondition 'finite_arg' got status valid.
[eva] Done for function atanl
[eva] computing for function atanl <- main.
- Called from tests/libc/math_h.c:37.
-[eva] tests/libc/math_h.c:37:
+ Called from tests/libc/math_h.c:47.
+[eva] tests/libc/math_h.c:47:
function atanl: precondition 'finite_arg' got status valid.
[eva] Done for function atanl
[eva] computing for function atanl <- main.
- Called from tests/libc/math_h.c:37.
-[eva] tests/libc/math_h.c:37:
+ Called from tests/libc/math_h.c:47.
+[eva] tests/libc/math_h.c:47:
function atanl: precondition 'finite_arg' got status valid.
[eva] Done for function atanl
[eva] computing for function atanl <- main.
- Called from tests/libc/math_h.c:37.
-[eva] tests/libc/math_h.c:37:
+ Called from tests/libc/math_h.c:47.
+[eva] tests/libc/math_h.c:47:
function atanl: precondition 'finite_arg' got status valid.
[eva] Done for function atanl
[eva] computing for function atanl <- main.
- Called from tests/libc/math_h.c:37.
-[eva] tests/libc/math_h.c:37:
+ Called from tests/libc/math_h.c:47.
+[eva] tests/libc/math_h.c:47:
function atanl: precondition 'finite_arg' got status valid.
[eva] Done for function atanl
[eva] computing for function atanl <- main.
- Called from tests/libc/math_h.c:37.
-[eva] tests/libc/math_h.c:37:
+ Called from tests/libc/math_h.c:47.
+[eva] tests/libc/math_h.c:47:
function atanl: precondition 'finite_arg' got status valid.
[eva] Done for function atanl
[eva] computing for function atanl <- main.
- Called from tests/libc/math_h.c:37.
-[eva] tests/libc/math_h.c:37:
+ Called from tests/libc/math_h.c:47.
+[eva] tests/libc/math_h.c:47:
function atanl: precondition 'finite_arg' got status valid.
[eva] Done for function atanl
[eva] computing for function atanl <- main.
- Called from tests/libc/math_h.c:37.
-[eva] tests/libc/math_h.c:37:
+ Called from tests/libc/math_h.c:47.
+[eva] tests/libc/math_h.c:47:
function atanl: precondition 'finite_arg' got status valid.
[eva] Done for function atanl
-[eva:alarm] tests/libc/math_h.c:37: Warning:
- non-finite long double value. assert \is_finite(ld_top);
[eva] computing for function atanl <- main.
- Called from tests/libc/math_h.c:37.
-[eva:alarm] tests/libc/math_h.c:37: Warning:
+ Called from tests/libc/math_h.c:47.
+[eva:alarm] tests/libc/math_h.c:47: Warning:
function atanl: precondition 'finite_arg' got status unknown.
[eva] Done for function atanl
[eva] computing for function fabs <- main.
- Called from tests/libc/math_h.c:38.
+ Called from tests/libc/math_h.c:48.
[eva] using specification for function fabs
-[eva] tests/libc/math_h.c:38:
+[eva] tests/libc/math_h.c:48:
function fabs: precondition 'finite_arg' got status valid.
[eva] Done for function fabs
[eva] computing for function fabs <- main.
- Called from tests/libc/math_h.c:38.
-[eva] tests/libc/math_h.c:38:
+ Called from tests/libc/math_h.c:48.
+[eva] tests/libc/math_h.c:48:
function fabs: precondition 'finite_arg' got status valid.
[eva] Done for function fabs
[eva] computing for function fabs <- main.
- Called from tests/libc/math_h.c:38.
-[eva] tests/libc/math_h.c:38:
+ Called from tests/libc/math_h.c:48.
+[eva] tests/libc/math_h.c:48:
function fabs: precondition 'finite_arg' got status valid.
[eva] Done for function fabs
[eva] computing for function fabs <- main.
- Called from tests/libc/math_h.c:38.
-[eva] tests/libc/math_h.c:38:
+ Called from tests/libc/math_h.c:48.
+[eva] tests/libc/math_h.c:48:
function fabs: precondition 'finite_arg' got status valid.
[eva] Done for function fabs
[eva] computing for function fabs <- main.
- Called from tests/libc/math_h.c:38.
-[eva] tests/libc/math_h.c:38:
+ Called from tests/libc/math_h.c:48.
+[eva] tests/libc/math_h.c:48:
function fabs: precondition 'finite_arg' got status valid.
[eva] Done for function fabs
[eva] computing for function fabs <- main.
- Called from tests/libc/math_h.c:38.
-[eva] tests/libc/math_h.c:38:
+ Called from tests/libc/math_h.c:48.
+[eva] tests/libc/math_h.c:48:
function fabs: precondition 'finite_arg' got status valid.
[eva] Done for function fabs
[eva] computing for function fabs <- main.
- Called from tests/libc/math_h.c:38.
-[eva] tests/libc/math_h.c:38:
+ Called from tests/libc/math_h.c:48.
+[eva] tests/libc/math_h.c:48:
function fabs: precondition 'finite_arg' got status valid.
[eva] Done for function fabs
[eva] computing for function fabs <- main.
- Called from tests/libc/math_h.c:38.
-[eva] tests/libc/math_h.c:38:
+ Called from tests/libc/math_h.c:48.
+[eva] tests/libc/math_h.c:48:
function fabs: precondition 'finite_arg' got status valid.
[eva] Done for function fabs
-[eva:alarm] tests/libc/math_h.c:38: Warning:
- non-finite double value. assert \is_finite(top);
[eva] computing for function fabs <- main.
- Called from tests/libc/math_h.c:38.
-[eva] tests/libc/math_h.c:38:
- function fabs: precondition 'finite_arg' got status valid.
+ Called from tests/libc/math_h.c:48.
+[eva:alarm] tests/libc/math_h.c:48: Warning:
+ function fabs: precondition 'finite_arg' got status unknown.
[eva] Done for function fabs
[eva] computing for function fabsf <- main.
- Called from tests/libc/math_h.c:39.
+ Called from tests/libc/math_h.c:49.
[eva] using specification for function fabsf
-[eva] tests/libc/math_h.c:39:
+[eva] tests/libc/math_h.c:49:
function fabsf: precondition 'finite_arg' got status valid.
[eva] Done for function fabsf
[eva] computing for function fabsf <- main.
- Called from tests/libc/math_h.c:39.
-[eva] tests/libc/math_h.c:39:
+ Called from tests/libc/math_h.c:49.
+[eva] tests/libc/math_h.c:49:
function fabsf: precondition 'finite_arg' got status valid.
[eva] Done for function fabsf
[eva] computing for function fabsf <- main.
- Called from tests/libc/math_h.c:39.
-[eva] tests/libc/math_h.c:39:
+ Called from tests/libc/math_h.c:49.
+[eva] tests/libc/math_h.c:49:
function fabsf: precondition 'finite_arg' got status valid.
[eva] Done for function fabsf
[eva] computing for function fabsf <- main.
- Called from tests/libc/math_h.c:39.
-[eva] tests/libc/math_h.c:39:
+ Called from tests/libc/math_h.c:49.
+[eva] tests/libc/math_h.c:49:
function fabsf: precondition 'finite_arg' got status valid.
[eva] Done for function fabsf
[eva] computing for function fabsf <- main.
- Called from tests/libc/math_h.c:39.
-[eva] tests/libc/math_h.c:39:
+ Called from tests/libc/math_h.c:49.
+[eva] tests/libc/math_h.c:49:
function fabsf: precondition 'finite_arg' got status valid.
[eva] Done for function fabsf
[eva] computing for function fabsf <- main.
- Called from tests/libc/math_h.c:39.
-[eva] tests/libc/math_h.c:39:
+ Called from tests/libc/math_h.c:49.
+[eva] tests/libc/math_h.c:49:
function fabsf: precondition 'finite_arg' got status valid.
[eva] Done for function fabsf
[eva] computing for function fabsf <- main.
- Called from tests/libc/math_h.c:39.
-[eva] tests/libc/math_h.c:39:
+ Called from tests/libc/math_h.c:49.
+[eva] tests/libc/math_h.c:49:
function fabsf: precondition 'finite_arg' got status valid.
[eva] Done for function fabsf
[eva] computing for function fabsf <- main.
- Called from tests/libc/math_h.c:39.
-[eva] tests/libc/math_h.c:39:
+ Called from tests/libc/math_h.c:49.
+[eva] tests/libc/math_h.c:49:
function fabsf: precondition 'finite_arg' got status valid.
[eva] Done for function fabsf
-[eva:alarm] tests/libc/math_h.c:39: Warning:
- non-finite float value. assert \is_finite(f_top);
[eva] computing for function fabsf <- main.
- Called from tests/libc/math_h.c:39.
-[eva] tests/libc/math_h.c:39:
- function fabsf: precondition 'finite_arg' got status valid.
+ Called from tests/libc/math_h.c:49.
+[eva:alarm] tests/libc/math_h.c:49: Warning:
+ function fabsf: precondition 'finite_arg' got status unknown.
[eva] Done for function fabsf
[eva] computing for function fabsl <- main.
- Called from tests/libc/math_h.c:40.
+ Called from tests/libc/math_h.c:50.
[eva] using specification for function fabsl
-[eva] tests/libc/math_h.c:40:
+[eva] tests/libc/math_h.c:50:
function fabsl: precondition 'finite_arg' got status valid.
[eva] Done for function fabsl
[eva] computing for function fabsl <- main.
- Called from tests/libc/math_h.c:40.
-[eva] tests/libc/math_h.c:40:
+ Called from tests/libc/math_h.c:50.
+[eva] tests/libc/math_h.c:50:
function fabsl: precondition 'finite_arg' got status valid.
[eva] Done for function fabsl
[eva] computing for function fabsl <- main.
- Called from tests/libc/math_h.c:40.
-[eva] tests/libc/math_h.c:40:
+ Called from tests/libc/math_h.c:50.
+[eva] tests/libc/math_h.c:50:
function fabsl: precondition 'finite_arg' got status valid.
[eva] Done for function fabsl
[eva] computing for function fabsl <- main.
- Called from tests/libc/math_h.c:40.
-[eva] tests/libc/math_h.c:40:
+ Called from tests/libc/math_h.c:50.
+[eva] tests/libc/math_h.c:50:
function fabsl: precondition 'finite_arg' got status valid.
[eva] Done for function fabsl
[eva] computing for function fabsl <- main.
- Called from tests/libc/math_h.c:40.
-[eva] tests/libc/math_h.c:40:
+ Called from tests/libc/math_h.c:50.
+[eva] tests/libc/math_h.c:50:
function fabsl: precondition 'finite_arg' got status valid.
[eva] Done for function fabsl
[eva] computing for function fabsl <- main.
- Called from tests/libc/math_h.c:40.
-[eva] tests/libc/math_h.c:40:
+ Called from tests/libc/math_h.c:50.
+[eva] tests/libc/math_h.c:50:
function fabsl: precondition 'finite_arg' got status valid.
[eva] Done for function fabsl
[eva] computing for function fabsl <- main.
- Called from tests/libc/math_h.c:40.
-[eva] tests/libc/math_h.c:40:
+ Called from tests/libc/math_h.c:50.
+[eva] tests/libc/math_h.c:50:
function fabsl: precondition 'finite_arg' got status valid.
[eva] Done for function fabsl
[eva] computing for function fabsl <- main.
- Called from tests/libc/math_h.c:40.
-[eva] tests/libc/math_h.c:40:
+ Called from tests/libc/math_h.c:50.
+[eva] tests/libc/math_h.c:50:
function fabsl: precondition 'finite_arg' got status valid.
[eva] Done for function fabsl
-[eva:alarm] tests/libc/math_h.c:40: Warning:
- non-finite long double value. assert \is_finite(ld_top);
[eva] computing for function fabsl <- main.
- Called from tests/libc/math_h.c:40.
-[eva:alarm] tests/libc/math_h.c:40: Warning:
+ Called from tests/libc/math_h.c:50.
+[eva:alarm] tests/libc/math_h.c:50: Warning:
function fabsl: precondition 'finite_arg' got status unknown.
[eva] Done for function fabsl
[eva] Recording results for main
diff --git a/tests/libc/oracle/more_gcc_builtins.res.oracle b/tests/libc/oracle/more_gcc_builtins.res.oracle
index 0ad30701226b8bdd8f77ce8a05a61da4d36caca3..91b6a0d432d63d1e7c29f12e19155a1da1251880 100644
--- a/tests/libc/oracle/more_gcc_builtins.res.oracle
+++ b/tests/libc/oracle/more_gcc_builtins.res.oracle
@@ -3,7 +3,7 @@
[eva] Computing initial state
[eva] Initial state computed
[eva:initial-state] Values of globals at initialization
-
+ v ∈ [--..--]
[eva] computing for function __builtin_sadd_overflow <- main.
Called from tests/libc/more_gcc_builtins.c:10.
[eva] using specification for function __builtin_sadd_overflow
@@ -82,11 +82,78 @@
[eva] Done for function __builtin_smulll_overflow
[eva] tests/libc/more_gcc_builtins.c:43: assertion got status valid.
[eva] tests/libc/more_gcc_builtins.c:44: assertion got status valid.
+[eva] computing for function __builtin_clz <- main.
+ Called from tests/libc/more_gcc_builtins.c:46.
+[eva] using specification for function __builtin_clz
+[eva:alarm] tests/libc/more_gcc_builtins.c:46: Warning:
+ function __builtin_clz: precondition 'x_nonzero' got status invalid.
+[eva] Done for function __builtin_clz
+[eva] computing for function __builtin_clz <- main.
+ Called from tests/libc/more_gcc_builtins.c:49.
+[eva] tests/libc/more_gcc_builtins.c:49:
+ function __builtin_clz: precondition 'x_nonzero' got status valid.
+[eva] Done for function __builtin_clz
+[eva] tests/libc/more_gcc_builtins.c:50: assertion got status valid.
+[eva] computing for function __builtin_clzl <- main.
+ Called from tests/libc/more_gcc_builtins.c:51.
+[eva] using specification for function __builtin_clzl
+[eva] tests/libc/more_gcc_builtins.c:51:
+ function __builtin_clzl: precondition 'x_nonzero' got status valid.
+[eva] Done for function __builtin_clzl
+[eva] tests/libc/more_gcc_builtins.c:52: assertion got status valid.
+[eva] computing for function __builtin_clzll <- main.
+ Called from tests/libc/more_gcc_builtins.c:53.
+[eva] using specification for function __builtin_clzll
+[eva] tests/libc/more_gcc_builtins.c:53:
+ function __builtin_clzll: precondition 'x_nonzero' got status valid.
+[eva] Done for function __builtin_clzll
+[eva] tests/libc/more_gcc_builtins.c:54: assertion got status valid.
+[eva] computing for function __builtin_ctz <- main.
+ Called from tests/libc/more_gcc_builtins.c:56.
+[eva] using specification for function __builtin_ctz
+[eva:alarm] tests/libc/more_gcc_builtins.c:56: Warning:
+ function __builtin_ctz: precondition 'x_nonzero' got status invalid.
+[eva] Done for function __builtin_ctz
+[eva] computing for function __builtin_ctz <- main.
+ Called from tests/libc/more_gcc_builtins.c:59.
+[eva] tests/libc/more_gcc_builtins.c:59:
+ function __builtin_ctz: precondition 'x_nonzero' got status valid.
+[eva] Done for function __builtin_ctz
+[eva] tests/libc/more_gcc_builtins.c:60: assertion got status valid.
+[eva] computing for function __builtin_ctzl <- main.
+ Called from tests/libc/more_gcc_builtins.c:61.
+[eva] using specification for function __builtin_ctzl
+[eva] tests/libc/more_gcc_builtins.c:61:
+ function __builtin_ctzl: precondition 'x_nonzero' got status valid.
+[eva] Done for function __builtin_ctzl
+[eva] tests/libc/more_gcc_builtins.c:62: assertion got status valid.
+[eva] computing for function __builtin_ctzll <- main.
+ Called from tests/libc/more_gcc_builtins.c:63.
+[eva] using specification for function __builtin_ctzll
+[eva] tests/libc/more_gcc_builtins.c:63:
+ function __builtin_ctzll: precondition 'x_nonzero' got status valid.
+[eva] Done for function __builtin_ctzll
+[eva] tests/libc/more_gcc_builtins.c:64: assertion got status valid.
+[eva] computing for function __builtin_popcount <- main.
+ Called from tests/libc/more_gcc_builtins.c:66.
+[eva] using specification for function __builtin_popcount
+[eva] Done for function __builtin_popcount
+[eva] tests/libc/more_gcc_builtins.c:67: assertion got status valid.
+[eva] computing for function __builtin_popcountl <- main.
+ Called from tests/libc/more_gcc_builtins.c:68.
+[eva] using specification for function __builtin_popcountl
+[eva] Done for function __builtin_popcountl
+[eva] tests/libc/more_gcc_builtins.c:69: assertion got status valid.
+[eva] computing for function __builtin_popcountll <- main.
+ Called from tests/libc/more_gcc_builtins.c:70.
+[eva] using specification for function __builtin_popcountll
+[eva] Done for function __builtin_popcountll
+[eva] tests/libc/more_gcc_builtins.c:71: assertion got status valid.
[eva] Recording results for main
[eva] done for function main
[eva] ====== VALUES COMPUTED ======
[eva:final-states] Values at end of function main:
- res ∈ {-2147483607}
+ res ∈ [0..64]
r ∈ {1}
lres ∈ {2147483647}
llres ∈ {-9223372036854775808}
diff --git a/tests/libc/oracle/netdb_c.res.oracle b/tests/libc/oracle/netdb_c.res.oracle
index 7245bc0aa8f2903a460e474cf1ab66f61ba3d344..d3a9ddf8739d7d2f6c2fd17824835df5ae36eff3 100644
--- a/tests/libc/oracle/netdb_c.res.oracle
+++ b/tests/libc/oracle/netdb_c.res.oracle
@@ -21,6 +21,7 @@
\return(memmove) == 0 (auto)
\return(memset) == 0 (auto)
\return(strchr) == 0 (auto)
+ \return(strchrnul) == 0 (auto)
\return(strrchr) == 0 (auto)
\return(strpbrk) == 0 (auto)
\return(strstr) == 0 (auto)
@@ -248,7 +249,7 @@
function strncpy: precondition 'room_nstring' got status valid.
[eva] share/libc/netdb.c:147:
function strncpy: precondition 'separation' got status valid.
-[eva] share/libc/string.h:367:
+[eva] share/libc/string.h:373:
cannot evaluate ACSL term, unsupported ACSL construct: logic function strcmp
[eva] Done for function strncpy
[eva] Recording results for gethostbyname
diff --git a/tests/libc/oracle/signal_h.res.oracle b/tests/libc/oracle/signal_h.res.oracle
index 9d071e5884c3e373da23a02893036f0d8bbbaee3..2b9a206e15cb5859893318f65f3b4cf19a8f200b 100644
--- a/tests/libc/oracle/signal_h.res.oracle
+++ b/tests/libc/oracle/signal_h.res.oracle
@@ -126,7 +126,7 @@
function sigaction: precondition 'valid_read_act_or_null' got status valid.
[eva] tests/libc/signal_h.c:48:
function sigaction: precondition 'separation,separated_acts' got status valid.
-[eva] share/libc/signal.h:212:
+[eva] share/libc/signal.h:216:
cannot evaluate ACSL term, unsupported ACSL construct: logic coercion struct sigaction -> set<struct sigaction>
[eva] Done for function sigaction
[eva] computing for function sigaction <- main.
diff --git a/tests/libc/oracle/stdio_h.res.oracle b/tests/libc/oracle/stdio_h.res.oracle
index 8262aa6c408e46edf0fd8bb728cb16edf61af046..e839ecd549f19392a27f066d520d13234acee068 100644
--- a/tests/libc/oracle/stdio_h.res.oracle
+++ b/tests/libc/oracle/stdio_h.res.oracle
@@ -51,47 +51,67 @@
[eva] tests/libc/stdio_h.c:25:
function fseek: precondition 'whence_enum' got status valid.
[eva] Done for function fseek
-[eva] computing for function fclose <- main.
+[eva] computing for function fseeko <- main.
Called from tests/libc/stdio_h.c:26.
-[eva] using specification for function fclose
+[eva] using specification for function fseeko
+[eva] tests/libc/stdio_h.c:26:
+ function fseeko: precondition 'valid_stream' got status valid.
[eva] tests/libc/stdio_h.c:26:
+ function fseeko: precondition 'whence_enum' got status valid.
+[eva] Done for function fseeko
+[eva] computing for function ftell <- main.
+ Called from tests/libc/stdio_h.c:27.
+[eva] using specification for function ftell
+[eva] tests/libc/stdio_h.c:27:
+ function ftell: precondition 'valid_stream' got status valid.
+[eva] Done for function ftell
+[eva] computing for function ftello <- main.
+ Called from tests/libc/stdio_h.c:28.
+[eva] using specification for function ftello
+[eva] tests/libc/stdio_h.c:28:
+ function ftello: precondition 'valid_stream' got status valid.
+[eva] Done for function ftello
+[eva] computing for function fclose <- main.
+ Called from tests/libc/stdio_h.c:29.
+[eva] using specification for function fclose
+[eva] tests/libc/stdio_h.c:29:
function fclose: precondition 'valid_stream' got status valid.
[eva] Done for function fclose
[eva] computing for function freopen <- main.
- Called from tests/libc/stdio_h.c:28.
+ Called from tests/libc/stdio_h.c:31.
[eva] using specification for function freopen
-[eva] tests/libc/stdio_h.c:28:
+[eva] tests/libc/stdio_h.c:31:
function freopen: precondition 'valid_filename' got status valid.
-[eva] tests/libc/stdio_h.c:28:
+[eva] tests/libc/stdio_h.c:31:
function freopen: precondition 'valid_mode' got status valid.
-[eva:alarm] tests/libc/stdio_h.c:28: Warning:
+[eva:alarm] tests/libc/stdio_h.c:31: Warning:
function freopen: precondition 'valid_stream' got status unknown.
[eva] Done for function freopen
[eva] computing for function printf_va_1 <- main.
- Called from tests/libc/stdio_h.c:30.
+ Called from tests/libc/stdio_h.c:33.
[eva] using specification for function printf_va_1
-[eva] tests/libc/stdio_h.c:30:
+[eva] tests/libc/stdio_h.c:33:
function printf_va_1: precondition got status valid.
[eva] Done for function printf_va_1
[eva] computing for function fclose <- main.
- Called from tests/libc/stdio_h.c:31.
-[eva] tests/libc/stdio_h.c:31:
+ Called from tests/libc/stdio_h.c:34.
+[eva] tests/libc/stdio_h.c:34:
function fclose: precondition 'valid_stream' got status valid.
[eva] Done for function fclose
[eva] computing for function fgets <- main.
- Called from tests/libc/stdio_h.c:34.
+ Called from tests/libc/stdio_h.c:37.
[eva] using specification for function fgets
-[eva] tests/libc/stdio_h.c:34:
+[eva] tests/libc/stdio_h.c:37:
function fgets: precondition 'valid_stream' got status valid.
-[eva] tests/libc/stdio_h.c:34:
+[eva] tests/libc/stdio_h.c:37:
function fgets: precondition 'room_s' got status valid.
[eva] Done for function fgets
-[eva:alarm] tests/libc/stdio_h.c:36: Warning: check got status unknown.
+[eva:alarm] tests/libc/stdio_h.c:39: Warning: check got status unknown.
[eva] computing for function fgets <- main.
- Called from tests/libc/stdio_h.c:38.
-[eva] tests/libc/stdio_h.c:38:
+ Called from tests/libc/stdio_h.c:41.
+[eva] tests/libc/stdio_h.c:41:
function fgets: precondition 'valid_stream' got status valid.
-[eva:alarm] tests/libc/stdio_h.c:38: Warning:
+[eva:alarm] tests/libc/stdio_h.c:41: Warning:
function fgets: precondition 'room_s' got status invalid.
[eva] Done for function fgets
[eva] Recording results for main
@@ -104,6 +124,8 @@
f ∈ {{ NULL ; &__fc_fopen + [0..120],0%8 }}
r ∈ [--..--]
tmp_2 ∈ {{ NULL ; &__fc_fopen + [0..120],0%8 }}
+ told ∈ [-1..2147483647]
+ toldo ∈ [-1..2147483647]
redirected ∈ {{ NULL ; &__fc_fopen + [0..120],0%8 }}
fgets_buf0[0] ∈ [--..--] or UNINITIALIZED
fgets_res ∈ {{ NULL ; &fgets_buf0[0] }}
diff --git a/tests/libc/oracle/stdlib_c_env.res.oracle b/tests/libc/oracle/stdlib_c_env.res.oracle
index 5322b2985d4f9b618cd28c574c20c7a7be2d59ee..fc9107a81028a0d522e0ae1ecb02cfdafa64c96b 100644
--- a/tests/libc/oracle/stdlib_c_env.res.oracle
+++ b/tests/libc/oracle/stdlib_c_env.res.oracle
@@ -105,7 +105,7 @@
function strcpy: precondition 'room_string' got status valid.
[eva] tests/libc/stdlib_c_env.c:15:
function strcpy: precondition 'separation' got status valid.
-[eva] share/libc/string.h:351:
+[eva] share/libc/string.h:357:
cannot evaluate ACSL term, unsupported ACSL construct: logic function strcmp
[eva] Done for function strcpy
[eva] computing for function getenv <- main.
diff --git a/tests/libc/oracle/string_c.res.oracle b/tests/libc/oracle/string_c.res.oracle
index 65a4843c64b25ecbd27dea44c00ffaad3ff58e08..033c83c6b476d861790f1c98a4074809e81bc6e2 100644
--- a/tests/libc/oracle/string_c.res.oracle
+++ b/tests/libc/oracle/string_c.res.oracle
@@ -494,13 +494,13 @@
function strlen: precondition 'valid_string_s' got status valid.
[eva] Recording results for strlen
[eva] Done for function strlen
-[eva] share/libc/string.h:407:
+[eva] share/libc/string.h:413:
function strcat: postcondition 'sum_of_lengths' got status valid.
-[eva] share/libc/string.h:410:
+[eva] share/libc/string.h:416:
function strcat: postcondition 'initialization,dest' got status valid.
-[eva] share/libc/string.h:411:
+[eva] share/libc/string.h:417:
function strcat: postcondition 'dest_null_terminated' got status valid.
-[eva] share/libc/string.h:412:
+[eva] share/libc/string.h:418:
function strcat: postcondition 'result_ptr' got status valid.
[eva] Recording results for strcat
[eva] Done for function strcat
@@ -559,11 +559,11 @@
function strcpy: precondition 'room_string' got status valid.
[eva] tests/libc/string_c.c:142:
function strcpy: precondition 'separation' got status valid.
-[eva] share/libc/string.h:351:
+[eva] share/libc/string.h:357:
cannot evaluate ACSL term, unsupported ACSL construct: logic function strcmp
-[eva:alarm] share/libc/string.h:351: Warning:
+[eva:alarm] share/libc/string.h:357: Warning:
function strcpy: postcondition 'equal_contents' got status unknown.
-[eva] share/libc/string.h:352:
+[eva] share/libc/string.h:358:
function strcpy: postcondition 'result_ptr' got status valid.
[eva] Recording results for strcpy
[eva] Done for function strcpy
@@ -603,13 +603,13 @@
function strncpy: precondition 'room_nstring' got status valid.
[eva] tests/libc/string_c.c:154:
function strncpy: precondition 'separation' got status valid.
-[eva] share/libc/string.h:363:
+[eva] share/libc/string.h:369:
function strncpy: postcondition 'result_ptr' got status valid.
-[eva] share/libc/string.h:364:
+[eva] share/libc/string.h:370:
function strncpy: postcondition 'initialization' got status valid.
-[eva] share/libc/string.h:367:
+[eva] share/libc/string.h:373:
cannot evaluate ACSL term, unsupported ACSL construct: logic function strcmp
-[eva:alarm] share/libc/string.h:367: Warning:
+[eva:alarm] share/libc/string.h:373: Warning:
function strncpy, behavior complete: postcondition 'equal_after_copy' got status unknown.
[eva] Recording results for strncpy
[eva] Done for function strncpy
@@ -623,9 +623,9 @@
function strncpy: precondition 'room_nstring' got status valid.
[eva] tests/libc/string_c.c:157:
function strncpy: precondition 'separation' got status valid.
-[eva] share/libc/string.h:370:
+[eva] share/libc/string.h:376:
cannot evaluate ACSL term, unsupported ACSL construct: logic function memcmp
-[eva:alarm] share/libc/string.h:370: Warning:
+[eva:alarm] share/libc/string.h:376: Warning:
function strncpy, behavior partial: postcondition 'equal_prefix' got status unknown.
[eva] Recording results for strncpy
[eva] Done for function strncpy
@@ -712,13 +712,13 @@
function strlen: precondition 'valid_string_s' got status valid.
[eva] Recording results for strlen
[eva] Done for function strlen
-[eva] share/libc/string.h:179:
+[eva] share/libc/string.h:185:
function strrchr, behavior found: postcondition 'result_char' got status valid.
-[eva] share/libc/string.h:180:
+[eva] share/libc/string.h:186:
function strrchr, behavior found: postcondition 'result_same_base' got status valid.
-[eva] share/libc/string.h:181:
- function strrchr, behavior found: postcondition 'result_valid_string' got status valid.
[eva] share/libc/string.h:187:
+ function strrchr, behavior found: postcondition 'result_valid_string' got status valid.
+[eva] share/libc/string.h:193:
function strrchr, behavior default: postcondition 'result_null_or_same_base' got status valid.
[eva] Recording results for strrchr
[eva] Done for function strrchr
@@ -728,7 +728,7 @@
[eva] tests/libc/string_c.c:216:
function strrchr: precondition 'valid_string_s' got status valid.
[eva] share/libc/string.c:237: Reusing old results for call to strlen
-[eva] share/libc/string.h:184:
+[eva] share/libc/string.h:190:
function strrchr, behavior not_found: postcondition 'result_null' got status valid.
[eva] Recording results for strrchr
[eva] Done for function strrchr
@@ -883,9 +883,9 @@
function strstr: precondition 'valid_string_haystack' got status valid.
[eva] tests/libc/string_c.c:261:
function strstr: precondition 'valid_string_needle' got status valid.
-[eva] share/libc/string.h:221:
+[eva] share/libc/string.h:227:
cannot evaluate ACSL term, unsupported ACSL construct: logic function memcmp
-[eva:alarm] share/libc/string.h:219: Warning:
+[eva:alarm] share/libc/string.h:225: Warning:
function strstr: postcondition 'result_null_or_in_haystack' got status unknown.
[eva] Recording results for strstr
[eva] Done for function strstr
@@ -905,7 +905,7 @@
function strstr: precondition 'valid_string_haystack' got status valid.
[eva] tests/libc/string_c.c:265:
function strstr: precondition 'valid_string_needle' got status valid.
-[eva] share/libc/string.h:219:
+[eva] share/libc/string.h:225:
function strstr: postcondition 'result_null_or_in_haystack' got status valid.
[eva] Recording results for strstr
[eva] Done for function strstr
diff --git a/tests/libc/oracle/string_c_generic.res.oracle b/tests/libc/oracle/string_c_generic.res.oracle
index 41ee7f4cbff2f2b095c96af0332fb3ca82e2c204..d2f546a60acf81596b0b9778e9f97cfd59ddedba 100644
--- a/tests/libc/oracle/string_c_generic.res.oracle
+++ b/tests/libc/oracle/string_c_generic.res.oracle
@@ -12,11 +12,11 @@
function strcpy: precondition 'room_string' got status valid.
[eva] tests/libc/string_c_generic.c:56:
function strcpy: precondition 'separation' got status valid.
-[eva] share/libc/string.h:351:
+[eva] share/libc/string.h:357:
cannot evaluate ACSL term, unsupported ACSL construct: logic function strcmp
-[eva:alarm] share/libc/string.h:351: Warning:
+[eva:alarm] share/libc/string.h:357: Warning:
function strcpy: postcondition 'equal_contents' got status unknown.
-[eva] share/libc/string.h:352:
+[eva] share/libc/string.h:358:
function strcpy: postcondition 'result_ptr' got status valid.
[eva] Recording results for strcpy
[eva] Done for function strcpy
@@ -161,13 +161,13 @@
[eva] tests/libc/string_c_generic.c:73:
function strncpy: precondition 'separation' got status valid.
[eva] share/libc/string.c:220: starting to merge loop iterations
-[eva] share/libc/string.h:363:
+[eva] share/libc/string.h:369:
function strncpy: postcondition 'result_ptr' got status valid.
-[eva] share/libc/string.h:364:
+[eva] share/libc/string.h:370:
function strncpy: postcondition 'initialization' got status valid.
-[eva] share/libc/string.h:367:
+[eva] share/libc/string.h:373:
cannot evaluate ACSL term, unsupported ACSL construct: logic function strcmp
-[eva:alarm] share/libc/string.h:367: Warning:
+[eva:alarm] share/libc/string.h:373: Warning:
function strncpy, behavior complete: postcondition 'equal_after_copy' got status unknown.
[eva] Recording results for strncpy
[eva] Done for function strncpy
@@ -199,9 +199,9 @@
function strncpy: precondition 'room_nstring' got status valid.
[eva] tests/libc/string_c_generic.c:78:
function strncpy: precondition 'separation' got status valid.
-[eva] share/libc/string.h:370:
+[eva] share/libc/string.h:376:
cannot evaluate ACSL term, unsupported ACSL construct: logic function memcmp
-[eva:alarm] share/libc/string.h:370: Warning:
+[eva:alarm] share/libc/string.h:376: Warning:
function strncpy, behavior partial: postcondition 'equal_prefix' got status unknown.
[eva] Recording results for strncpy
[eva] Done for function strncpy
@@ -252,9 +252,9 @@
function strlen: postcondition 'acsl_c_equiv' got status valid.
[eva] Recording results for strlen
[eva] Done for function strlen
-[eva] share/libc/string.h:421:
+[eva] share/libc/string.h:427:
function strncat: postcondition 'result_ptr' got status valid.
-[eva] share/libc/string.h:436:
+[eva] share/libc/string.h:442:
function strncat, behavior partial: postcondition 'sum_of_bounded_lengths' got status valid.
[eva] Recording results for strncat
[eva] Done for function strncat
@@ -312,13 +312,13 @@
function strlen: precondition 'valid_string_s' got status valid.
[eva] Recording results for strlen
[eva] Done for function strlen
-[eva] share/libc/string.h:179:
+[eva] share/libc/string.h:185:
function strrchr, behavior found: postcondition 'result_char' got status valid.
-[eva] share/libc/string.h:180:
+[eva] share/libc/string.h:186:
function strrchr, behavior found: postcondition 'result_same_base' got status valid.
-[eva] share/libc/string.h:181:
- function strrchr, behavior found: postcondition 'result_valid_string' got status valid.
[eva] share/libc/string.h:187:
+ function strrchr, behavior found: postcondition 'result_valid_string' got status valid.
+[eva] share/libc/string.h:193:
function strrchr, behavior default: postcondition 'result_null_or_same_base' got status valid.
[eva] Recording results for strrchr
[eva] Done for function strrchr
@@ -328,7 +328,7 @@
function strrchr: precondition 'valid_string_s' got status valid.
[eva] share/libc/string.c:237: Reusing old results for call to strlen
[eva] share/libc/string.c:237: starting to merge loop iterations
-[eva] share/libc/string.h:184:
+[eva] share/libc/string.h:190:
function strrchr, behavior not_found: postcondition 'result_null' got status valid.
[eva] Recording results for strrchr
[eva] Done for function strrchr
diff --git a/tests/libc/oracle/string_c_strstr.res.oracle b/tests/libc/oracle/string_c_strstr.res.oracle
index 6009523b88343d2be3364eb0953243acb941f53a..ab662fa08022158d2b0489c22f11ea04a4190141 100644
--- a/tests/libc/oracle/string_c_strstr.res.oracle
+++ b/tests/libc/oracle/string_c_strstr.res.oracle
@@ -10,7 +10,7 @@
function strstr: precondition 'valid_string_haystack' got status valid.
[eva] tests/libc/string_c_strstr.c:52:
function strstr: precondition 'valid_string_needle' got status valid.
-[eva] share/libc/string.h:219:
+[eva] share/libc/string.h:225:
function strstr: postcondition 'result_null_or_in_haystack' got status valid.
[eva] Recording results for strstr
[eva] Done for function strstr
@@ -101,9 +101,9 @@
function strstr: precondition 'valid_string_haystack' got status valid.
[eva] tests/libc/string_c_strstr.c:64:
function strstr: precondition 'valid_string_needle' got status valid.
-[eva] share/libc/string.h:221:
+[eva] share/libc/string.h:227:
cannot evaluate ACSL term, unsupported ACSL construct: logic function memcmp
-[eva:alarm] share/libc/string.h:219: Warning:
+[eva:alarm] share/libc/string.h:225: Warning:
function strstr: postcondition 'result_null_or_in_haystack' got status unknown.
[eva] Recording results for strstr
[eva] Done for function strstr
diff --git a/tests/libc/oracle/string_h.res.oracle b/tests/libc/oracle/string_h.res.oracle
index 89300398e63a10d546dfe9bf14577b28a251225e..5e1e94a0719c6c96067d3788889d10788b9d8c45 100644
--- a/tests/libc/oracle/string_h.res.oracle
+++ b/tests/libc/oracle/string_h.res.oracle
@@ -51,7 +51,7 @@
function strstr: precondition 'valid_string_haystack' got status valid.
[eva] tests/libc/string_h.c:24:
function strstr: precondition 'valid_string_needle' got status valid.
-[eva] share/libc/string.h:221:
+[eva] share/libc/string.h:227:
cannot evaluate ACSL term, unsupported ACSL construct: logic function memcmp
[eva] Done for function strstr
[eva:alarm] tests/libc/string_h.c:25: Warning: assertion got status unknown.
@@ -330,6 +330,23 @@
[eva] Done for function strlcpy
[eva] Recording results for test_strlcpy
[eva] Done for function test_strlcpy
+[eva] tests/libc/string_h.c:154: Call to builtin strchr
+[eva] tests/libc/string_h.c:154:
+ function strchr: precondition 'valid_string_s' got status valid.
+[eva] computing for function strchrnul <- main.
+ Called from tests/libc/string_h.c:155.
+[eva] using specification for function strchrnul
+[eva] tests/libc/string_h.c:155:
+ function strchrnul: precondition 'valid_string_s' got status valid.
+[eva] Done for function strchrnul
+[eva] tests/libc/string_h.c:157: Call to builtin strchr
+[eva] tests/libc/string_h.c:157:
+ function strchr: precondition 'valid_string_s' got status valid.
+[eva] computing for function strchrnul <- main.
+ Called from tests/libc/string_h.c:158.
+[eva] tests/libc/string_h.c:158:
+ function strchrnul: precondition 'valid_string_s' got status valid.
+[eva] Done for function strchrnul
[eva] Recording results for main
[eva] done for function main
[eva] ====== VALUES COMPUTED ======
@@ -395,4 +412,10 @@
a ∈ [--..--]
b ∈ [--..--]
strsig ∈ {{ &__fc_strsignal[0] }}
+ c ∈ {{ "haystack" }}
+ d ∈ {97; 110}
+ chr1 ∈ {{ "haystack" + {2; 7} }}
+ nul1 ∈ {{ "haystack" + [0..8] }}
+ chr2 ∈ {{ NULL ; "haystack" + {1} }}
+ nul2 ∈ {{ "haystack" + [0..8] }}
__retres ∈ {0}
diff --git a/tests/libc/oracle/sys_stat_h.res.oracle b/tests/libc/oracle/sys_stat_h.res.oracle
index 713de92c6efc168526bf6c923a8928eb4bf3cd5b..1fded86b56ee81732017e37f72c1c21bc9da19c2 100644
--- a/tests/libc/oracle/sys_stat_h.res.oracle
+++ b/tests/libc/oracle/sys_stat_h.res.oracle
@@ -28,12 +28,12 @@
Called from tests/libc/sys_stat_h.c:17.
[eva] using specification for function mkdir
[eva] tests/libc/sys_stat_h.c:17:
- function mkdir: precondition 'valid_string_path' got status valid.
+ function mkdir: precondition 'valid_path' got status valid.
[eva] Done for function mkdir
[eva] computing for function mkdir <- main.
Called from tests/libc/sys_stat_h.c:20.
[eva:alarm] tests/libc/sys_stat_h.c:20: Warning:
- function mkdir: precondition 'valid_string_path' got status invalid.
+ function mkdir: precondition 'valid_path' got status invalid.
[eva] Done for function mkdir
[eva] computing for function mkdir <- main.
Called from tests/libc/sys_stat_h.c:20.
@@ -45,6 +45,32 @@
[eva] computing for function umask <- main.
Called from tests/libc/sys_stat_h.c:22.
[eva] Done for function umask
+[eva] computing for function lstat <- main.
+ Called from tests/libc/sys_stat_h.c:23.
+[eva] using specification for function lstat
+[eva] tests/libc/sys_stat_h.c:23:
+ function lstat: precondition 'valid_path' got status valid.
+[eva] tests/libc/sys_stat_h.c:23:
+ function lstat: precondition 'valid_buf' got status valid.
+[eva] Done for function lstat
+[eva] computing for function lstat <- main.
+ Called from tests/libc/sys_stat_h.c:23.
+[eva] Done for function lstat
+[eva] computing for function mkfifo <- main.
+ Called from tests/libc/sys_stat_h.c:24.
+[eva] using specification for function mkfifo
+[eva] tests/libc/sys_stat_h.c:24:
+ function mkfifo: precondition 'valid_path' got status valid.
+[eva] Done for function mkfifo
+[eva] computing for function mknod <- main.
+ Called from tests/libc/sys_stat_h.c:25.
+[eva] using specification for function mknod
+[eva] tests/libc/sys_stat_h.c:25:
+ function mknod: precondition 'valid_path' got status valid.
+[eva] Done for function mknod
+[eva] computing for function mknod <- main.
+ Called from tests/libc/sys_stat_h.c:25.
+[eva] Done for function mknod
[eva] Recording results for main
[eva] done for function main
[eva] ====== VALUES COMPUTED ======
@@ -55,4 +81,7 @@
r ∈ {-1; 0}
r_mkdir ∈ {-1; 0}
old_mask ∈ [--..--]
+ r2 ∈ {-1; 0}
+ r3 ∈ {-1; 0}
+ r4 ∈ {-1; 0}
__retres ∈ {-1; 0; 1; 2; 3}
diff --git a/tests/libc/oracle/sys_types.res.oracle b/tests/libc/oracle/sys_types.res.oracle
new file mode 100644
index 0000000000000000000000000000000000000000..68e4552bf4e1b2c0f7f78dce5ed2bb41e76d34d1
--- /dev/null
+++ b/tests/libc/oracle/sys_types.res.oracle
@@ -0,0 +1,16 @@
+[kernel] Parsing tests/libc/sys_types.c (with preprocessing)
+[eva] Analyzing a complete application starting at main
+[eva] Computing initial state
+[eva] Initial state computed
+[eva:initial-state] Values of globals at initialization
+
+[eva] computing for function makedev <- main.
+ Called from tests/libc/sys_types.c:4.
+[eva] using specification for function makedev
+[eva] Done for function makedev
+[eva] Recording results for main
+[eva] done for function main
+[eva] ====== VALUES COMPUTED ======
+[eva:final-states] Values at end of function main:
+ dev ∈ [--..--]
+ __retres ∈ {0}
diff --git a/tests/libc/stdio_h.c b/tests/libc/stdio_h.c
index a1d6f3fa161b6d6edc7ac04fd41056285eea2f00..1150500b6cb4d2c6c8c8464c279d2ae685777a79 100644
--- a/tests/libc/stdio_h.c
+++ b/tests/libc/stdio_h.c
@@ -23,6 +23,9 @@ int main() {
FILE *tmp = tmpfile();
if (!tmp) return 2;
fseek(tmp, 0L, SEEK_SET);
+ fseeko(tmp, 0, SEEK_SET);
+ long told = ftell(tmp);
+ off_t toldo = ftello(tmp);
fclose(tmp);
FILE *redirected = freopen("/tmp/mytmp.txt", "w+", stdout);
diff --git a/tests/libc/string_h.c b/tests/libc/string_h.c
index 0b264a615662d7fe36471bf30fbcea0f87dd90d7..cf18b8e546389f5c93439f6b462502c9af391485 100644
--- a/tests/libc/string_h.c
+++ b/tests/libc/string_h.c
@@ -149,5 +149,12 @@ int main(int argc, char **argv)
//@ assert valid_read_string(strsig);
test_strncpy();
test_strlcpy();
+ char *c = "haystack";
+ char d = nondet ? 'y' : 'k';
+ char *chr1 = strchr(c, d);
+ char *nul1 = strchrnul(c, d);
+ d = nondet ? 'a' : 'n';
+ char *chr2 = strchr(c, d);
+ char *nul2 = strchrnul(c, d);
return 0;
}
diff --git a/tests/libc/sys_stat_h.c b/tests/libc/sys_stat_h.c
index 464a9e8e00efad77fee812554cec6ec7f58e63d0..65ddbfc889097a4af94054d53d6bdac3dc8a428c 100644
--- a/tests/libc/sys_stat_h.c
+++ b/tests/libc/sys_stat_h.c
@@ -20,5 +20,8 @@ int main() {
mkdir(non_terminated, 0422);
}
mode_t old_mask = umask(0644);
+ int r2 = lstat("/tmp/bla", &st);
+ int r3 = mkfifo("/tmp/fifo", 0644);
+ int r4 = mknod("/tmp/fifo2", 0644, 42);
return 0;
}
diff --git a/tests/libc/sys_types.c b/tests/libc/sys_types.c
new file mode 100644
index 0000000000000000000000000000000000000000..50a3e33fef8e250370a8bde9ce15d5197a55ac42
--- /dev/null
+++ b/tests/libc/sys_types.c
@@ -0,0 +1,6 @@
+#include <sys/types.h>
+
+int main() {
+ dev_t dev = makedev(1, 42);
+ return 0;
+}
diff --git a/tests/metrics/oracle/libc.1.res.oracle b/tests/metrics/oracle/libc.1.res.oracle
index 24cfd8d35b1ec774597df2d92db5dcd32f240b4b..b00598fd71aca4eccd755a531118a5da73a0c72a 100644
--- a/tests/metrics/oracle/libc.1.res.oracle
+++ b/tests/metrics/oracle/libc.1.res.oracle
@@ -4,7 +4,7 @@
bar (1 call); f (0 call); foo (1 call); g (address taken) (0 call);
getopt (1 call); main (0 call);
- Undefined functions (120)
+ Undefined functions (122)
=========================
_exit (0 call); access (0 call); chdir (0 call); chown (0 call);
chroot (0 call); clearerr (0 call); clearerr_unlocked (0 call);
@@ -15,20 +15,20 @@
fflush (0 call); fgetc (0 call); fgetpos (0 call); fgets (0 call);
fileno (0 call); fileno_unlocked (0 call); flockfile (0 call);
fopen (0 call); fork (0 call); fputc (0 call); fputs (0 call);
- fread (0 call); freopen (0 call); fseek (0 call); fsetpos (0 call);
- ftell (0 call); ftrylockfile (0 call); funlockfile (0 call);
- fwrite (0 call); getc (0 call); getc_unlocked (0 call); getchar (1 call);
- getchar_unlocked (0 call); getcwd (0 call); getegid (0 call);
- geteuid (0 call); getgid (0 call); gethostname (0 call);
- getopt_long (0 call); getopt_long_only (0 call); getpgid (0 call);
- getpgrp (0 call); getpid (0 call); getppid (0 call); getresgid (0 call);
- getresuid (0 call); gets (0 call); getsid (0 call); getuid (0 call);
- isalnum (0 call); isalpha (1 call); isascii (0 call); isatty (0 call);
- isblank (1 call); iscntrl (0 call); isdigit (0 call); isgraph (0 call);
- islower (0 call); isprint (0 call); ispunct (0 call); isspace (0 call);
- isupper (0 call); isxdigit (0 call); lseek (0 call); pathconf (0 call);
- pclose (0 call); perror (0 call); pipe (0 call); popen (0 call);
- putc (0 call); putc_unlocked (0 call); putchar (0 call);
+ fread (0 call); freopen (0 call); fseek (0 call); fseeko (0 call);
+ fsetpos (0 call); ftell (0 call); ftello (0 call); ftrylockfile (0 call);
+ funlockfile (0 call); fwrite (0 call); getc (0 call);
+ getc_unlocked (0 call); getchar (1 call); getchar_unlocked (0 call);
+ getcwd (0 call); getegid (0 call); geteuid (0 call); getgid (0 call);
+ gethostname (0 call); getopt_long (0 call); getopt_long_only (0 call);
+ getpgid (0 call); getpgrp (0 call); getpid (0 call); getppid (0 call);
+ getresgid (0 call); getresuid (0 call); gets (0 call); getsid (0 call);
+ getuid (0 call); isalnum (0 call); isalpha (1 call); isascii (0 call);
+ isatty (0 call); isblank (1 call); iscntrl (0 call); isdigit (0 call);
+ isgraph (0 call); islower (0 call); isprint (0 call); ispunct (0 call);
+ isspace (0 call); isupper (0 call); isxdigit (0 call); lseek (0 call);
+ pathconf (0 call); pclose (0 call); perror (0 call); pipe (0 call);
+ popen (0 call); putc (0 call); putc_unlocked (0 call); putchar (0 call);
putchar_unlocked (0 call); puts (0 call); read (0 call); remove (0 call);
rename (0 call); rewind (0 call); setbuf (0 call); setegid (0 call);
seteuid (0 call); setgid (0 call); sethostname (0 call); setpgid (0 call);
@@ -59,7 +59,7 @@
Goto = 0
Assignment = 8
Exit point = 6
- Function = 126
+ Function = 128
Function call = 7
Pointer dereferencing = 1
Cyclomatic complexity = 6
@@ -87,7 +87,7 @@
----------------------------------------------------------------------------
[metrics] Eva coverage statistics
=======================
- Syntactically reachable functions = 7 (out of 126)
+ Syntactically reachable functions = 7 (out of 128)
Semantically reached functions = 7
Coverage estimation = 100.0%
[metrics] References to non-analyzed functions
diff --git a/tests/misc/oracle/widen_hints_float.res.oracle b/tests/misc/oracle/widen_hints_float.res.oracle
index 45e531fdbc470f765c870b2955bad55c59c4f6e8..9fad6f26134fdf5db05974bf00879b0771336e0e 100644
--- a/tests/misc/oracle/widen_hints_float.res.oracle
+++ b/tests/misc/oracle/widen_hints_float.res.oracle
@@ -37,7 +37,8 @@
[eva:alarm] tests/misc/widen_hints_float.c:34: Warning:
non-finite double value.
assert
- \is_finite((double)((double)(f3 - (double)64) * (double)(f3 - (double)64)));
+ \is_finite(\mul_double(\sub_double(f3, (double)64),
+ \sub_double(f3, (double)64)));
[eva] Recording results for parabola
[eva] Done for function parabola
[eva] computing for function trigo <- main.
diff --git a/tests/rte/oracle/addsub_typedef.res.oracle b/tests/rte/oracle/addsub_typedef.res.oracle
index adf710ee1acf5ddc82ee2dc8b5d8929dd5784866..8e0232c30bab6c46aa1f8853d6f891a4bda2baa9 100644
--- a/tests/rte/oracle/addsub_typedef.res.oracle
+++ b/tests/rte/oracle/addsub_typedef.res.oracle
@@ -41,7 +41,8 @@ int main(void)
/*@ assert rte: signed_overflow: -2147483648 ≤ (int)(-0x7ffffffc) - y; */
z = -0x7ffffffc - y;
/*@ assert rte: signed_overflow: -2147483647 ≤ x; */
- /*@ assert rte: signed_overflow: -2147483648 ≤ (int)(-x) - 0x7ffffffc; */
+ /*@ assert rte: signed_overflow: -2147483648 ≤ (tint)(-x) - 0x7ffffffc;
+ */
z = - x - 0x7ffffffc;
/*@ assert rte: signed_overflow: 0x7ffffffc + y ≤ 2147483647; */
z = 0x7ffffffc + y;
diff --git a/tests/rte/oracle/addsub_unsigned.1.res.oracle b/tests/rte/oracle/addsub_unsigned.1.res.oracle
index b30ebf8b1ab7fc6c883c202859c8e06dd13657cf..1a6a8a945930b511bcb9ea1b7b90de32c9d0fb77 100644
--- a/tests/rte/oracle/addsub_unsigned.1.res.oracle
+++ b/tests/rte/oracle/addsub_unsigned.1.res.oracle
@@ -19,7 +19,7 @@ int main(void)
uy = 0x80000000U + 0x80000000U;
/*@ assert rte: unsigned_overflow: 2U * 0x80000000U ≤ 4294967295; */
uy = 2U * 0x80000000U;
- /*@ assert rte: unsigned_overflow: ux + (unsigned int)2 ≤ 4294967295; */
+ /*@ assert rte: unsigned_overflow: ux + 2 ≤ 4294967295; */
uz = ux + (unsigned int)2;
__retres = 0;
return __retres;
diff --git a/tests/rte/oracle/addsub_unsigned_typedef.1.res.oracle b/tests/rte/oracle/addsub_unsigned_typedef.1.res.oracle
index 98f2482e3cc09f06427c2684a918ac6760cede61..3c0fc49fce384954abdbf613aafe4722b1df764b 100644
--- a/tests/rte/oracle/addsub_unsigned_typedef.1.res.oracle
+++ b/tests/rte/oracle/addsub_unsigned_typedef.1.res.oracle
@@ -20,7 +20,7 @@ int main(void)
uy = 0x80000000U + 0x80000000U;
/*@ assert rte: unsigned_overflow: 2U * 0x80000000U ≤ 4294967295; */
uy = 2U * 0x80000000U;
- /*@ assert rte: unsigned_overflow: ux + (unsigned int)2 ≤ 4294967295; */
+ /*@ assert rte: unsigned_overflow: ux + 2 ≤ 4294967295; */
uz = ux + (uint)2;
__retres = 0;
return __retres;
diff --git a/tests/rte/oracle/castoncall.0.res.oracle b/tests/rte/oracle/castoncall.0.res.oracle
index 430827699b37879782d59e6e4e9c4193b0079fc3..5bee127b54a1cdc4bc55cc45abba81fd07275144 100644
--- a/tests/rte/oracle/castoncall.0.res.oracle
+++ b/tests/rte/oracle/castoncall.0.res.oracle
@@ -16,6 +16,8 @@ void *nondet_ptr(void *a, void *b)
{
void *__retres;
int tmp;
+ /*@ assert rte: pointer_downcast: (unsigned int)a ≤ 2147483647; */
+ /*@ assert rte: pointer_downcast: (unsigned int)b ≤ 2147483647; */
tmp = nondet((int)a,(int)b);
__retres = (void *)tmp;
return __retres;
diff --git a/tests/rte/oracle/castoncall.1.res.oracle b/tests/rte/oracle/castoncall.1.res.oracle
index 430827699b37879782d59e6e4e9c4193b0079fc3..5bee127b54a1cdc4bc55cc45abba81fd07275144 100644
--- a/tests/rte/oracle/castoncall.1.res.oracle
+++ b/tests/rte/oracle/castoncall.1.res.oracle
@@ -16,6 +16,8 @@ void *nondet_ptr(void *a, void *b)
{
void *__retres;
int tmp;
+ /*@ assert rte: pointer_downcast: (unsigned int)a ≤ 2147483647; */
+ /*@ assert rte: pointer_downcast: (unsigned int)b ≤ 2147483647; */
tmp = nondet((int)a,(int)b);
__retres = (void *)tmp;
return __retres;
diff --git a/tests/rte/oracle/divmod_typedef.res.oracle b/tests/rte/oracle/divmod_typedef.res.oracle
index 51b06e5796e1d2d9b536684513fdde9e05346750..a965ff5054db7b38756b6c5523d7268fbb119e62 100644
--- a/tests/rte/oracle/divmod_typedef.res.oracle
+++ b/tests/rte/oracle/divmod_typedef.res.oracle
@@ -65,7 +65,7 @@ int main(void)
uz = (unsigned int)((int)(0x80000000 / 0xffffffff));
/*@ assert rte: signed_overflow: -2147483648 ≤ x + y; */
/*@ assert rte: signed_overflow: x + y ≤ 2147483647; */
- /*@ assert rte: division_by_zero: (int)(x + y) ≢ 0; */
+ /*@ assert rte: division_by_zero: (tint)(x + y) ≢ 0; */
z = 1 / (x + y);
/*@ assert rte: signed_overflow: x / (int)(-1) ≤ 2147483647; */
z = x / -1;
diff --git a/tests/rte/oracle/finite_float.res.oracle b/tests/rte/oracle/finite_float.res.oracle
index 3e0ca8cba95bf4e72e96ea68cadaac3b6d34d378..5adab0a6237db04160e6a06b2ea1e1b7184e6c74 100644
--- a/tests/rte/oracle/finite_float.res.oracle
+++ b/tests/rte/oracle/finite_float.res.oracle
@@ -5,12 +5,12 @@
#include "math.h"
void main(void)
{
- /*@ assert rte: is_nan_or_infinite: \is_finite(0x1p10000); */
+ /*@ assert rte: is_nan_or_infinite: \is_finite((double)0x1p10000); */
double d = 0x1p10000;
d = 0.;
- /*@ assert rte: is_nan_or_infinite: \is_finite((double)(d / d)); */
+ /*@ assert rte: is_nan_or_infinite: \is_finite(\div_double(d, d)); */
/*@ assert
- rte: is_nan_or_infinite: \is_finite((double)((double)(d / d) + d));
+ rte: is_nan_or_infinite: \is_finite(\add_double(\div_double(d, d), d));
*/
double e = d / d + d;
return;
diff --git a/tests/rte/oracle/twofunc.res.oracle b/tests/rte/oracle/twofunc.res.oracle
index 58f6280ce2a0652e9d51261289831067a286bf40..834e89b4e6941e3bb468d33795f53da68909b733 100644
--- a/tests/rte/oracle/twofunc.res.oracle
+++ b/tests/rte/oracle/twofunc.res.oracle
@@ -133,6 +133,7 @@ int main(void)
[kernel] - bool_value = true
[kernel] - finite_float = true
[kernel] - float_to_int = true
+[kernel] - pointer_downcast = true
[kernel] - unsigned_downcast = false
[kernel] - unsigned_overflow = false
[kernel] - downcast = true
@@ -142,12 +143,14 @@ int main(void)
[kernel] - shift_value_out_of_bounds = true
[kernel] - division_by_zero = true
[kernel] - pointer_call = true
+[kernel] - pointer_value = false
[kernel] - mem_access = true
[kernel] - initialized = false
[kernel] kf = main
[kernel] - bool_value = true
[kernel] - finite_float = true
[kernel] - float_to_int = true
+[kernel] - pointer_downcast = true
[kernel] - unsigned_downcast = false
[kernel] - unsigned_overflow = false
[kernel] - downcast = true
@@ -157,6 +160,7 @@ int main(void)
[kernel] - shift_value_out_of_bounds = true
[kernel] - division_by_zero = true
[kernel] - pointer_call = true
+[kernel] - pointer_value = false
[kernel] - mem_access = true
[kernel] - initialized = false
[kernel] ================================
@@ -225,6 +229,7 @@ int main(void)
[kernel] - bool_value = true
[kernel] - finite_float = true
[kernel] - float_to_int = true
+[kernel] - pointer_downcast = true
[kernel] - unsigned_downcast = false
[kernel] - unsigned_overflow = false
[kernel] - downcast = true
@@ -234,12 +239,14 @@ int main(void)
[kernel] - shift_value_out_of_bounds = true
[kernel] - division_by_zero = true
[kernel] - pointer_call = true
+[kernel] - pointer_value = false
[kernel] - mem_access = true
[kernel] - initialized = false
[kernel] kf = main
[kernel] - bool_value = true
[kernel] - finite_float = true
[kernel] - float_to_int = true
+[kernel] - pointer_downcast = true
[kernel] - unsigned_downcast = false
[kernel] - unsigned_overflow = false
[kernel] - downcast = true
@@ -249,6 +256,7 @@ int main(void)
[kernel] - shift_value_out_of_bounds = true
[kernel] - division_by_zero = true
[kernel] - pointer_call = true
+[kernel] - pointer_value = false
[kernel] - mem_access = true
[kernel] - initialized = false
[kernel] ================================
diff --git a/tests/rte/oracle/value_rte.res.oracle b/tests/rte/oracle/value_rte.res.oracle
index 2cf4947a7f1281fb2a53427ea27d2d494282ebd9..1fa05cbf8c666c7af1c93b0cf4bf6425cceeffa2 100644
--- a/tests/rte/oracle/value_rte.res.oracle
+++ b/tests/rte/oracle/value_rte.res.oracle
@@ -603,13 +603,28 @@
by Frama-C kernel.
--------------------------------------------------------------------------------
---- Properties of Function 'fsetpos'
+--- Properties of Function 'fseeko'
--------------------------------------------------------------------------------
-[ Extern ] Assigns (file share/libc/stdio.h, line 396)
+[ Extern ] Assigns (file share/libc/stdio.h, line 395)
+ Unverifiable but considered Valid.
+[ Extern ] Froms (file share/libc/stdio.h, line 395)
Unverifiable but considered Valid.
[ Extern ] Froms (file share/libc/stdio.h, line 396)
Unverifiable but considered Valid.
+[ Extern ] Froms (file share/libc/stdio.h, line 396)
+ Unverifiable but considered Valid.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'fsetpos'
+--------------------------------------------------------------------------------
+
+[ Extern ] Assigns (file share/libc/stdio.h, line 405)
+ Unverifiable but considered Valid.
+[ Extern ] Froms (file share/libc/stdio.h, line 405)
+ Unverifiable but considered Valid.
[ Valid ] Default behavior
by Frama-C kernel.
@@ -619,11 +634,26 @@
[ Extern ] Post-condition 'success_or_error'
Unverifiable but considered Valid.
-[ Extern ] Assigns (file share/libc/stdio.h, line 402)
+[ Extern ] Assigns (file share/libc/stdio.h, line 411)
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/stdio.h, line 402)
+[ Extern ] Froms (file share/libc/stdio.h, line 411)
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/stdio.h, line 402)
+[ Extern ] Froms (file share/libc/stdio.h, line 411)
+ Unverifiable but considered Valid.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'ftello'
+--------------------------------------------------------------------------------
+
+[ Extern ] Post-condition 'success_or_error'
+ Unverifiable but considered Valid.
+[ Extern ] Assigns (file share/libc/stdio.h, line 419)
+ Unverifiable but considered Valid.
+[ Extern ] Froms (file share/libc/stdio.h, line 419)
+ Unverifiable but considered Valid.
+[ Extern ] Froms (file share/libc/stdio.h, line 419)
Unverifiable but considered Valid.
[ Valid ] Default behavior
by Frama-C kernel.
@@ -632,9 +662,9 @@
--- Properties of Function 'rewind'
--------------------------------------------------------------------------------
-[ Extern ] Assigns (file share/libc/stdio.h, line 410)
+[ Extern ] Assigns (file share/libc/stdio.h, line 427)
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/stdio.h, line 410)
+[ Extern ] Froms (file share/libc/stdio.h, line 427)
Unverifiable but considered Valid.
[ Valid ] Default behavior
by Frama-C kernel.
@@ -643,9 +673,9 @@
--- Properties of Function 'clearerr'
--------------------------------------------------------------------------------
-[ Extern ] Assigns (file share/libc/stdio.h, line 416)
+[ Extern ] Assigns (file share/libc/stdio.h, line 433)
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/stdio.h, line 416)
+[ Extern ] Froms (file share/libc/stdio.h, line 433)
Unverifiable but considered Valid.
[ Valid ] Default behavior
by Frama-C kernel.
@@ -656,7 +686,7 @@
[ Extern ] Assigns nothing
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/stdio.h, line 422)
+[ Extern ] Froms (file share/libc/stdio.h, line 439)
Unverifiable but considered Valid.
[ Valid ] Default behavior
by Frama-C kernel.
@@ -667,7 +697,7 @@
[ Extern ] Assigns nothing
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/stdio.h, line 428)
+[ Extern ] Froms (file share/libc/stdio.h, line 445)
Unverifiable but considered Valid.
[ Valid ] Default behavior
by Frama-C kernel.
@@ -676,9 +706,9 @@
--- Properties of Function 'flockfile'
--------------------------------------------------------------------------------
-[ Extern ] Assigns (file share/libc/stdio.h, line 434)
+[ Extern ] Assigns (file share/libc/stdio.h, line 451)
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/stdio.h, line 434)
+[ Extern ] Froms (file share/libc/stdio.h, line 451)
Unverifiable but considered Valid.
[ Valid ] Default behavior
by Frama-C kernel.
@@ -687,9 +717,9 @@
--- Properties of Function 'funlockfile'
--------------------------------------------------------------------------------
-[ Extern ] Assigns (file share/libc/stdio.h, line 440)
+[ Extern ] Assigns (file share/libc/stdio.h, line 457)
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/stdio.h, line 440)
+[ Extern ] Froms (file share/libc/stdio.h, line 457)
Unverifiable but considered Valid.
[ Valid ] Default behavior
by Frama-C kernel.
@@ -698,11 +728,11 @@
--- Properties of Function 'ftrylockfile'
--------------------------------------------------------------------------------
-[ Extern ] Assigns (file share/libc/stdio.h, line 446)
+[ Extern ] Assigns (file share/libc/stdio.h, line 463)
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/stdio.h, line 446)
+[ Extern ] Froms (file share/libc/stdio.h, line 463)
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/stdio.h, line 446)
+[ Extern ] Froms (file share/libc/stdio.h, line 463)
Unverifiable but considered Valid.
[ Valid ] Default behavior
by Frama-C kernel.
@@ -713,7 +743,7 @@
[ Extern ] Assigns nothing
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/stdio.h, line 452)
+[ Extern ] Froms (file share/libc/stdio.h, line 469)
Unverifiable but considered Valid.
[ Valid ] Default behavior
by Frama-C kernel.
@@ -722,9 +752,9 @@
--- Properties of Function 'perror'
--------------------------------------------------------------------------------
-[ Extern ] Assigns (file share/libc/stdio.h, line 458)
+[ Extern ] Assigns (file share/libc/stdio.h, line 475)
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/stdio.h, line 458)
+[ Extern ] Froms (file share/libc/stdio.h, line 475)
Unverifiable but considered Valid.
[ Valid ] Default behavior
by Frama-C kernel.
@@ -733,11 +763,11 @@
--- Properties of Function 'getc_unlocked'
--------------------------------------------------------------------------------
-[ Extern ] Assigns (file share/libc/stdio.h, line 464)
+[ Extern ] Assigns (file share/libc/stdio.h, line 481)
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/stdio.h, line 464)
+[ Extern ] Froms (file share/libc/stdio.h, line 481)
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/stdio.h, line 464)
+[ Extern ] Froms (file share/libc/stdio.h, line 481)
Unverifiable but considered Valid.
[ Valid ] Default behavior
by Frama-C kernel.
@@ -748,7 +778,7 @@
[ Extern ] Assigns nothing
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/stdio.h, line 469)
+[ Extern ] Froms (file share/libc/stdio.h, line 486)
Unverifiable but considered Valid.
[ Valid ] Default behavior
by Frama-C kernel.
@@ -757,11 +787,11 @@
--- Properties of Function 'putc_unlocked'
--------------------------------------------------------------------------------
-[ Extern ] Assigns (file share/libc/stdio.h, line 475)
+[ Extern ] Assigns (file share/libc/stdio.h, line 492)
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/stdio.h, line 475)
+[ Extern ] Froms (file share/libc/stdio.h, line 492)
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/stdio.h, line 476)
+[ Extern ] Froms (file share/libc/stdio.h, line 493)
Unverifiable but considered Valid.
[ Valid ] Default behavior
by Frama-C kernel.
@@ -770,11 +800,11 @@
--- Properties of Function 'putchar_unlocked'
--------------------------------------------------------------------------------
-[ Extern ] Assigns (file share/libc/stdio.h, line 481)
+[ Extern ] Assigns (file share/libc/stdio.h, line 498)
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/stdio.h, line 481)
+[ Extern ] Froms (file share/libc/stdio.h, line 498)
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/stdio.h, line 482)
+[ Extern ] Froms (file share/libc/stdio.h, line 499)
Unverifiable but considered Valid.
[ Valid ] Default behavior
by Frama-C kernel.
@@ -783,9 +813,9 @@
--- Properties of Function 'clearerr_unlocked'
--------------------------------------------------------------------------------
-[ Extern ] Assigns (file share/libc/stdio.h, line 488)
+[ Extern ] Assigns (file share/libc/stdio.h, line 505)
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/stdio.h, line 488)
+[ Extern ] Froms (file share/libc/stdio.h, line 505)
Unverifiable but considered Valid.
[ Valid ] Default behavior
by Frama-C kernel.
@@ -796,7 +826,7 @@
[ Extern ] Assigns nothing
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/stdio.h, line 494)
+[ Extern ] Froms (file share/libc/stdio.h, line 511)
Unverifiable but considered Valid.
[ Valid ] Default behavior
by Frama-C kernel.
@@ -807,7 +837,7 @@
[ Extern ] Assigns nothing
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/stdio.h, line 500)
+[ Extern ] Froms (file share/libc/stdio.h, line 517)
Unverifiable but considered Valid.
[ Valid ] Default behavior
by Frama-C kernel.
@@ -818,7 +848,7 @@
[ Extern ] Assigns nothing
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/stdio.h, line 506)
+[ Extern ] Froms (file share/libc/stdio.h, line 523)
Unverifiable but considered Valid.
[ Valid ] Default behavior
by Frama-C kernel.
@@ -829,11 +859,11 @@
[ Extern ] Post-condition 'result_error_or_valid_open_pipe'
Unverifiable but considered Valid.
-[ Extern ] Assigns (file share/libc/stdio.h, line 533)
+[ Extern ] Assigns (file share/libc/stdio.h, line 550)
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/stdio.h, line 533)
+[ Extern ] Froms (file share/libc/stdio.h, line 550)
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/stdio.h, line 535)
+[ Extern ] Froms (file share/libc/stdio.h, line 552)
Unverifiable but considered Valid.
[ Valid ] Default behavior
by Frama-C kernel.
@@ -846,7 +876,7 @@
Unverifiable but considered Valid.
[ Extern ] Assigns nothing
Unverifiable but considered Valid.
-[ Extern ] Froms (file share/libc/stdio.h, line 547)
+[ Extern ] Froms (file share/libc/stdio.h, line 564)
Unverifiable but considered Valid.
[ Valid ] Default behavior
by Frama-C kernel.
@@ -865,8 +895,8 @@
--------------------------------------------------------------------------------
--- Status Report Summary
--------------------------------------------------------------------------------
- 72 Completely validated
- 198 Considered valid
+ 74 Completely validated
+ 206 Considered valid
1 To be validated
- 271 Total
+ 281 Total
--------------------------------------------------------------------------------
diff --git a/tests/rte_manual/oracle/unsigned.1.res.oracle b/tests/rte_manual/oracle/unsigned.1.res.oracle
index ed1ad94cf29fa2456a9d34125464d34e62674c21..37e1f70016c7bb12f5c0104bc73d1d76ee3ec89a 100644
--- a/tests/rte_manual/oracle/unsigned.1.res.oracle
+++ b/tests/rte_manual/oracle/unsigned.1.res.oracle
@@ -8,8 +8,8 @@ unsigned int f(unsigned int a, unsigned int b)
unsigned int z;
/*@ assert rte: unsigned_overflow: a << 3 ≤ 4294967295; */
x = a << 3;
- /*@ assert rte: unsigned_overflow: 0 ≤ b * (unsigned int)2; */
- /*@ assert rte: unsigned_overflow: b * (unsigned int)2 ≤ 4294967295; */
+ /*@ assert rte: unsigned_overflow: 0 ≤ b * 2; */
+ /*@ assert rte: unsigned_overflow: b * 2 ≤ 4294967295; */
y = b * (unsigned int)2;
/*@ assert rte: unsigned_overflow: 0 ≤ x - y; */
/*@ assert rte: unsigned_overflow: x - y ≤ 4294967295; */
diff --git a/tests/slicing/function_lvar.i b/tests/slicing/function_lvar.i
new file mode 100644
index 0000000000000000000000000000000000000000..05cc5c69a2033223a3a35a16e22ba0b9b2558b4f
--- /dev/null
+++ b/tests/slicing/function_lvar.i
@@ -0,0 +1,10 @@
+/* run.config*
+OPT: -slice-pragma main -then-last -print
+*/
+int g(int x) { return x; }
+
+int main() {
+ /*@ assert &g == &g; */
+ /*@ slice pragma stmt; */
+ g(0);
+}
diff --git a/tests/slicing/oracle/function_lvar.res.oracle b/tests/slicing/oracle/function_lvar.res.oracle
new file mode 100644
index 0000000000000000000000000000000000000000..667a53c29a9dadfe352bca9c7caf5212f03e305d
--- /dev/null
+++ b/tests/slicing/oracle/function_lvar.res.oracle
@@ -0,0 +1,57 @@
+[kernel] Parsing tests/slicing/function_lvar.i (no preprocessing)
+[slicing] slicing requests in progress...
+[eva] Analyzing a complete application starting at main
+[eva] Computing initial state
+[eva] Initial state computed
+[eva:initial-state] Values of globals at initialization
+
+[eva] done for function main
+[eva:summary] ====== ANALYSIS SUMMARY ======
+ ----------------------------------------------------------------------------
+ 2 functions analyzed (out of 2): 100% coverage.
+ In these functions, 5 statements reached (out of 5): 100% coverage.
+ ----------------------------------------------------------------------------
+ No errors or warnings raised during the analysis.
+ ----------------------------------------------------------------------------
+ 0 alarms generated by the analysis.
+ ----------------------------------------------------------------------------
+ Evaluation of the logical properties reached by the analysis:
+ Assertions 1 valid 0 unknown 0 invalid 1 total
+ Preconditions 0 valid 0 unknown 0 invalid 0 total
+ 100% of the logical properties reached have been proven.
+ ----------------------------------------------------------------------------
+[slicing] initializing slicing ...
+[slicing] interpreting slicing requests from the command line...
+[pdg] computing for function main
+[from] Computing for function g
+[from] Done for function g
+[pdg] done for function main
+[slicing] applying all slicing requests...
+[slicing] applying 0 actions...
+[slicing] applying all slicing requests...
+[slicing] applying 1 actions...
+[slicing] applying actions: 1/1...
+[pdg] computing for function g
+[pdg] done for function g
+[slicing] exporting project to 'Slicing export'...
+[slicing] applying all slicing requests...
+[slicing] applying 0 actions...
+[sparecode] remove unused global declarations from project 'Slicing export tmp'
+[sparecode] removed unused global declarations in new project 'Slicing export'
+/* Generated by Frama-C */
+int g(int x);
+
+void g_slice_1(void)
+{
+ return;
+}
+
+void main(void)
+{
+ /*@ assert &g ≡ &g; */ ;
+ /*@ slice pragma stmt; */
+ g_slice_1();
+ return;
+}
+
+
diff --git a/tests/slicing/oracle/keep_annot.2.res.oracle b/tests/slicing/oracle/keep_annot.2.res.oracle
index 0cbe4ace479b127e913f7bae2e141a61ec2855a9..f8ab7b83c160852293a27331eccd5df9c7b1b488 100644
--- a/tests/slicing/oracle/keep_annot.2.res.oracle
+++ b/tests/slicing/oracle/keep_annot.2.res.oracle
@@ -14,8 +14,9 @@
[eva:alarm] tests/slicing/keep_annot.i:41: Warning:
non-finite float value.
assert
- \is_finite((float)((double)((double)u -
- (double)((double)*(dabs + (int)(ii + 1)) * 2.0))));
+ \is_finite((float)\sub_double((double)u,
+ \mul_double((double)*(dabs + (int)(ii + 1)),
+ (double)2.0)));
[eva:alarm] tests/slicing/keep_annot.i:42: Warning:
assertion got status unknown.
[eva] Recording results for L
diff --git a/tests/slicing/oracle/keep_annot.3.res.oracle b/tests/slicing/oracle/keep_annot.3.res.oracle
index 52b2ca08307d14ae8fb79ba46492e0f554d748e8..77fc3eb76de0f7f2760cc54384439a1626e6f421 100644
--- a/tests/slicing/oracle/keep_annot.3.res.oracle
+++ b/tests/slicing/oracle/keep_annot.3.res.oracle
@@ -14,8 +14,9 @@
[eva:alarm] tests/slicing/keep_annot.i:41: Warning:
non-finite float value.
assert
- \is_finite((float)((double)((double)u -
- (double)((double)*(dabs + (int)(ii + 1)) * 2.0))));
+ \is_finite((float)\sub_double((double)u,
+ \mul_double((double)*(dabs + (int)(ii + 1)),
+ (double)2.0)));
[eva:alarm] tests/slicing/keep_annot.i:42: Warning:
assertion got status unknown.
[eva] Recording results for L
diff --git a/tests/slicing/oracle/slice_no_body.res.oracle b/tests/slicing/oracle/slice_no_body.res.oracle
index 2960de9c498aacd917cb2454c4e52994569f0ced..dcba3c11fcc1a7d1050389ca74ec54aa489549e7 100644
--- a/tests/slicing/oracle/slice_no_body.res.oracle
+++ b/tests/slicing/oracle/slice_no_body.res.oracle
@@ -102,7 +102,6 @@ Print slice = h_slice_1:
/**/int h(void)
{
- /* <[---], [---]> */ int __retres;
/* invisible call */ /* <[---], [---]> */
/* <[---], [---]> */ int a = f(1);
/* invisible call */ /* <[---], [---]> */
@@ -117,9 +116,7 @@ Print slice = h_slice_1:
G = g(c);
}
/* <[---], [---]> */
- __retres = (int)(& g);
- /* <[---], [---]> */
- return __retres;
+ return G;
}
Slicing project worklist [default] =
@@ -223,7 +220,6 @@ Print slice = h_slice_1: (InCtrl: <[---], [ S ]>)
/**/int h(void)
{
- /* <[---], [---]> */ int __retres;
/* sig call:
(InCtrl: <[---], [ S ]>)
(In1: <[---], [ S ]>)
@@ -262,9 +258,7 @@ Print slice = h_slice_1: (InCtrl: <[---], [ S ]>)
G = g(c);
}
/* <[---], [---]> */
- __retres = (int)(& g);
- /* <[---], [---]> */
- return __retres;
+ return G;
}
Slicing project worklist [default] =
diff --git a/tests/slicing/oracle/unravel-variance.0.res.oracle b/tests/slicing/oracle/unravel-variance.0.res.oracle
index b91a1fe5bed87339e51dd7fffbe8c5305aeb23dc..0538b7db677b80251e23c6750e0bacd1b39c0227 100644
--- a/tests/slicing/oracle/unravel-variance.0.res.oracle
+++ b/tests/slicing/oracle/unravel-variance.0.res.oracle
@@ -21,20 +21,20 @@
[eva:alarm] tests/slicing/unravel-variance.i:35: Warning:
non-finite float value. assert \is_finite(x[i]);
[eva:alarm] tests/slicing/unravel-variance.i:36: Warning:
- non-finite float value. assert \is_finite((float)(x[i] * x[i]));
+ non-finite float value. assert \is_finite(\mul_float(x[i], x[i]));
[eva] tests/slicing/unravel-variance.i:32: starting to merge loop iterations
[eva] computing for function scanf <- main.
Called from tests/slicing/unravel-variance.i:34.
[eva] Done for function scanf
[eva:alarm] tests/slicing/unravel-variance.i:35: Warning:
- non-finite float value. assert \is_finite((float)(t1 + x[i]));
+ non-finite float value. assert \is_finite(\add_float(t1, x[i]));
[eva:alarm] tests/slicing/unravel-variance.i:36: Warning:
accessing uninitialized left-value. assert \initialized(&x[i]);
[eva:alarm] tests/slicing/unravel-variance.i:36: Warning:
non-finite float value. assert \is_finite(x[i]);
[eva:alarm] tests/slicing/unravel-variance.i:36: Warning:
non-finite float value.
- assert \is_finite((float)(ssq + (float)(x[i] * x[i])));
+ assert \is_finite(\add_float(ssq, \mul_float(x[i], x[i])));
[eva] computing for function scanf <- main.
Called from tests/slicing/unravel-variance.i:34.
[eva] Done for function scanf
@@ -47,69 +47,75 @@
[eva:alarm] tests/slicing/unravel-variance.i:35: Warning:
accessing out of bounds index. assert i < 1024;
[eva:alarm] tests/slicing/unravel-variance.i:38: Warning:
- non-finite float value. assert \is_finite((float)(t1 / (float)n));
+ non-finite float value. assert \is_finite(\div_float(t1, (float)n));
[eva:alarm] tests/slicing/unravel-variance.i:39: Warning:
- non-finite float value. assert \is_finite((float)((float)n * avg));
+ non-finite float value. assert \is_finite(\mul_float((float)n, avg));
[eva:alarm] tests/slicing/unravel-variance.i:39: Warning:
signed overflow. assert -2147483648 ≤ n - 1;
[eva:alarm] tests/slicing/unravel-variance.i:39: Warning:
non-finite float value.
- assert \is_finite((float)((float)((float)n * avg) * avg));
+ assert \is_finite(\mul_float(\mul_float((float)n, avg), avg));
[eva:alarm] tests/slicing/unravel-variance.i:39: Warning:
non-finite float value.
- assert \is_finite((float)(ssq - (float)((float)((float)n * avg) * avg)));
+ assert
+ \is_finite(\sub_float(ssq, \mul_float(\mul_float((float)n, avg), avg)));
[eva:alarm] tests/slicing/unravel-variance.i:39: Warning:
non-finite float value.
assert
- \is_finite((float)((float)(ssq - (float)((float)((float)n * avg) * avg)) /
- (float)((int)(n - 1))));
+ \is_finite(\div_float(\sub_float(ssq,
+ \mul_float(\mul_float((float)n, avg), avg)),
+ (float)((int)(n - 1))));
[eva:alarm] tests/slicing/unravel-variance.i:40: Warning:
- non-finite float value. assert \is_finite((float)(t1 * avg));
+ non-finite float value. assert \is_finite(\mul_float(t1, avg));
[eva:alarm] tests/slicing/unravel-variance.i:40: Warning:
- non-finite float value. assert \is_finite((float)(ssq - (float)(t1 * avg)));
+ non-finite float value.
+ assert \is_finite(\sub_float(ssq, \mul_float(t1, avg)));
[eva:alarm] tests/slicing/unravel-variance.i:40: Warning:
non-finite float value.
assert
- \is_finite((float)((float)(ssq - (float)(t1 * avg)) / (float)((int)(n - 1))));
+ \is_finite(\div_float(\sub_float(ssq, \mul_float(t1, avg)),
+ (float)((int)(n - 1))));
[eva:alarm] tests/slicing/unravel-variance.i:41: Warning:
- non-finite float value. assert \is_finite((float)(t1 * t1));
+ non-finite float value. assert \is_finite(\mul_float(t1, t1));
[eva:alarm] tests/slicing/unravel-variance.i:41: Warning:
non-finite float value.
- assert \is_finite((float)((float)(t1 * t1) / (float)n));
+ assert \is_finite(\div_float(\mul_float(t1, t1), (float)n));
[eva:alarm] tests/slicing/unravel-variance.i:42: Warning:
- non-finite float value. assert \is_finite((float)(ssq - t1));
+ non-finite float value. assert \is_finite(\sub_float(ssq, t1));
[eva:alarm] tests/slicing/unravel-variance.i:42: Warning:
non-finite float value.
- assert \is_finite((float)((float)(ssq - t1) / (float)((int)(n - 1))));
+ assert \is_finite(\div_float(\sub_float(ssq, t1), (float)((int)(n - 1))));
[eva:alarm] tests/slicing/unravel-variance.i:46: Warning:
accessing uninitialized left-value. assert \initialized(&x[i]);
[eva:alarm] tests/slicing/unravel-variance.i:46: Warning:
non-finite float value. assert \is_finite(x[i]);
[eva:alarm] tests/slicing/unravel-variance.i:46: Warning:
- non-finite float value. assert \is_finite((float)(x[i] - avg));
+ non-finite float value. assert \is_finite(\sub_float(x[i], avg));
[eva:alarm] tests/slicing/unravel-variance.i:48: Warning:
- non-finite float value. assert \is_finite((float)(dev * dev));
+ non-finite float value. assert \is_finite(\mul_float(dev, dev));
[eva] tests/slicing/unravel-variance.i:44: starting to merge loop iterations
[eva:alarm] tests/slicing/unravel-variance.i:47: Warning:
- non-finite float value. assert \is_finite((float)(t2 + dev));
+ non-finite float value. assert \is_finite(\add_float(t2, dev));
[eva:alarm] tests/slicing/unravel-variance.i:48: Warning:
- non-finite float value. assert \is_finite((float)(t1 + (float)(dev * dev)));
+ non-finite float value.
+ assert \is_finite(\add_float(t1, \mul_float(dev, dev)));
[eva:alarm] tests/slicing/unravel-variance.i:50: Warning:
- non-finite float value. assert \is_finite((float)(t2 * t2));
+ non-finite float value. assert \is_finite(\mul_float(t2, t2));
[eva:alarm] tests/slicing/unravel-variance.i:50: Warning:
non-finite float value.
- assert \is_finite((float)((float)(t2 * t2) / (float)n));
+ assert \is_finite(\div_float(\mul_float(t2, t2), (float)n));
[eva:alarm] tests/slicing/unravel-variance.i:50: Warning:
non-finite float value.
- assert \is_finite((float)(t1 - (float)((float)(t2 * t2) / (float)n)));
+ assert \is_finite(\sub_float(t1, \div_float(\mul_float(t2, t2), (float)n)));
[eva:alarm] tests/slicing/unravel-variance.i:50: Warning:
non-finite float value.
assert
- \is_finite((float)((float)(t1 - (float)((float)(t2 * t2) / (float)n)) /
- (float)((int)(n - 1))));
+ \is_finite(\div_float(\sub_float(t1,
+ \div_float(\mul_float(t2, t2), (float)n)),
+ (float)((int)(n - 1))));
[eva:alarm] tests/slicing/unravel-variance.i:51: Warning:
non-finite float value.
- assert \is_finite((float)(t1 / (float)((int)(n - 1))));
+ assert \is_finite(\div_float(t1, (float)((int)(n - 1))));
[eva:alarm] tests/slicing/unravel-variance.i:52: Warning:
overflow in conversion from floating-point to integer.
assert -2147483649 < var2;
diff --git a/tests/slicing/oracle/unravel-variance.1.res.oracle b/tests/slicing/oracle/unravel-variance.1.res.oracle
index 1b7ede21df7a647fe79953593bdfa679ba0d0830..fa17384ccb6a919e4e5571fffb3c5e297a251580 100644
--- a/tests/slicing/oracle/unravel-variance.1.res.oracle
+++ b/tests/slicing/oracle/unravel-variance.1.res.oracle
@@ -21,20 +21,20 @@
[eva:alarm] tests/slicing/unravel-variance.i:35: Warning:
non-finite float value. assert \is_finite(x[i]);
[eva:alarm] tests/slicing/unravel-variance.i:36: Warning:
- non-finite float value. assert \is_finite((float)(x[i] * x[i]));
+ non-finite float value. assert \is_finite(\mul_float(x[i], x[i]));
[eva] tests/slicing/unravel-variance.i:32: starting to merge loop iterations
[eva] computing for function scanf <- main.
Called from tests/slicing/unravel-variance.i:34.
[eva] Done for function scanf
[eva:alarm] tests/slicing/unravel-variance.i:35: Warning:
- non-finite float value. assert \is_finite((float)(t1 + x[i]));
+ non-finite float value. assert \is_finite(\add_float(t1, x[i]));
[eva:alarm] tests/slicing/unravel-variance.i:36: Warning:
accessing uninitialized left-value. assert \initialized(&x[i]);
[eva:alarm] tests/slicing/unravel-variance.i:36: Warning:
non-finite float value. assert \is_finite(x[i]);
[eva:alarm] tests/slicing/unravel-variance.i:36: Warning:
non-finite float value.
- assert \is_finite((float)(ssq + (float)(x[i] * x[i])));
+ assert \is_finite(\add_float(ssq, \mul_float(x[i], x[i])));
[eva] computing for function scanf <- main.
Called from tests/slicing/unravel-variance.i:34.
[eva] Done for function scanf
@@ -47,69 +47,75 @@
[eva:alarm] tests/slicing/unravel-variance.i:35: Warning:
accessing out of bounds index. assert i < 1024;
[eva:alarm] tests/slicing/unravel-variance.i:38: Warning:
- non-finite float value. assert \is_finite((float)(t1 / (float)n));
+ non-finite float value. assert \is_finite(\div_float(t1, (float)n));
[eva:alarm] tests/slicing/unravel-variance.i:39: Warning:
- non-finite float value. assert \is_finite((float)((float)n * avg));
+ non-finite float value. assert \is_finite(\mul_float((float)n, avg));
[eva:alarm] tests/slicing/unravel-variance.i:39: Warning:
signed overflow. assert -2147483648 ≤ n - 1;
[eva:alarm] tests/slicing/unravel-variance.i:39: Warning:
non-finite float value.
- assert \is_finite((float)((float)((float)n * avg) * avg));
+ assert \is_finite(\mul_float(\mul_float((float)n, avg), avg));
[eva:alarm] tests/slicing/unravel-variance.i:39: Warning:
non-finite float value.
- assert \is_finite((float)(ssq - (float)((float)((float)n * avg) * avg)));
+ assert
+ \is_finite(\sub_float(ssq, \mul_float(\mul_float((float)n, avg), avg)));
[eva:alarm] tests/slicing/unravel-variance.i:39: Warning:
non-finite float value.
assert
- \is_finite((float)((float)(ssq - (float)((float)((float)n * avg) * avg)) /
- (float)((int)(n - 1))));
+ \is_finite(\div_float(\sub_float(ssq,
+ \mul_float(\mul_float((float)n, avg), avg)),
+ (float)((int)(n - 1))));
[eva:alarm] tests/slicing/unravel-variance.i:40: Warning:
- non-finite float value. assert \is_finite((float)(t1 * avg));
+ non-finite float value. assert \is_finite(\mul_float(t1, avg));
[eva:alarm] tests/slicing/unravel-variance.i:40: Warning:
- non-finite float value. assert \is_finite((float)(ssq - (float)(t1 * avg)));
+ non-finite float value.
+ assert \is_finite(\sub_float(ssq, \mul_float(t1, avg)));
[eva:alarm] tests/slicing/unravel-variance.i:40: Warning:
non-finite float value.
assert
- \is_finite((float)((float)(ssq - (float)(t1 * avg)) / (float)((int)(n - 1))));
+ \is_finite(\div_float(\sub_float(ssq, \mul_float(t1, avg)),
+ (float)((int)(n - 1))));
[eva:alarm] tests/slicing/unravel-variance.i:41: Warning:
- non-finite float value. assert \is_finite((float)(t1 * t1));
+ non-finite float value. assert \is_finite(\mul_float(t1, t1));
[eva:alarm] tests/slicing/unravel-variance.i:41: Warning:
non-finite float value.
- assert \is_finite((float)((float)(t1 * t1) / (float)n));
+ assert \is_finite(\div_float(\mul_float(t1, t1), (float)n));
[eva:alarm] tests/slicing/unravel-variance.i:42: Warning:
- non-finite float value. assert \is_finite((float)(ssq - t1));
+ non-finite float value. assert \is_finite(\sub_float(ssq, t1));
[eva:alarm] tests/slicing/unravel-variance.i:42: Warning:
non-finite float value.
- assert \is_finite((float)((float)(ssq - t1) / (float)((int)(n - 1))));
+ assert \is_finite(\div_float(\sub_float(ssq, t1), (float)((int)(n - 1))));
[eva:alarm] tests/slicing/unravel-variance.i:46: Warning:
accessing uninitialized left-value. assert \initialized(&x[i]);
[eva:alarm] tests/slicing/unravel-variance.i:46: Warning:
non-finite float value. assert \is_finite(x[i]);
[eva:alarm] tests/slicing/unravel-variance.i:46: Warning:
- non-finite float value. assert \is_finite((float)(x[i] - avg));
+ non-finite float value. assert \is_finite(\sub_float(x[i], avg));
[eva:alarm] tests/slicing/unravel-variance.i:48: Warning:
- non-finite float value. assert \is_finite((float)(dev * dev));
+ non-finite float value. assert \is_finite(\mul_float(dev, dev));
[eva] tests/slicing/unravel-variance.i:44: starting to merge loop iterations
[eva:alarm] tests/slicing/unravel-variance.i:47: Warning:
- non-finite float value. assert \is_finite((float)(t2 + dev));
+ non-finite float value. assert \is_finite(\add_float(t2, dev));
[eva:alarm] tests/slicing/unravel-variance.i:48: Warning:
- non-finite float value. assert \is_finite((float)(t1 + (float)(dev * dev)));
+ non-finite float value.
+ assert \is_finite(\add_float(t1, \mul_float(dev, dev)));
[eva:alarm] tests/slicing/unravel-variance.i:50: Warning:
- non-finite float value. assert \is_finite((float)(t2 * t2));
+ non-finite float value. assert \is_finite(\mul_float(t2, t2));
[eva:alarm] tests/slicing/unravel-variance.i:50: Warning:
non-finite float value.
- assert \is_finite((float)((float)(t2 * t2) / (float)n));
+ assert \is_finite(\div_float(\mul_float(t2, t2), (float)n));
[eva:alarm] tests/slicing/unravel-variance.i:50: Warning:
non-finite float value.
- assert \is_finite((float)(t1 - (float)((float)(t2 * t2) / (float)n)));
+ assert \is_finite(\sub_float(t1, \div_float(\mul_float(t2, t2), (float)n)));
[eva:alarm] tests/slicing/unravel-variance.i:50: Warning:
non-finite float value.
assert
- \is_finite((float)((float)(t1 - (float)((float)(t2 * t2) / (float)n)) /
- (float)((int)(n - 1))));
+ \is_finite(\div_float(\sub_float(t1,
+ \div_float(\mul_float(t2, t2), (float)n)),
+ (float)((int)(n - 1))));
[eva:alarm] tests/slicing/unravel-variance.i:51: Warning:
non-finite float value.
- assert \is_finite((float)(t1 / (float)((int)(n - 1))));
+ assert \is_finite(\div_float(t1, (float)((int)(n - 1))));
[eva:alarm] tests/slicing/unravel-variance.i:52: Warning:
overflow in conversion from floating-point to integer.
assert -2147483649 < var2;
diff --git a/tests/slicing/oracle/unravel-variance.2.res.oracle b/tests/slicing/oracle/unravel-variance.2.res.oracle
index 344a7d901f6b110bd383305f098efdad9eb9d5c0..48bf86249b3ce934353728416cb2f02dc2613341 100644
--- a/tests/slicing/oracle/unravel-variance.2.res.oracle
+++ b/tests/slicing/oracle/unravel-variance.2.res.oracle
@@ -21,20 +21,20 @@
[eva:alarm] tests/slicing/unravel-variance.i:35: Warning:
non-finite float value. assert \is_finite(x[i]);
[eva:alarm] tests/slicing/unravel-variance.i:36: Warning:
- non-finite float value. assert \is_finite((float)(x[i] * x[i]));
+ non-finite float value. assert \is_finite(\mul_float(x[i], x[i]));
[eva] tests/slicing/unravel-variance.i:32: starting to merge loop iterations
[eva] computing for function scanf <- main.
Called from tests/slicing/unravel-variance.i:34.
[eva] Done for function scanf
[eva:alarm] tests/slicing/unravel-variance.i:35: Warning:
- non-finite float value. assert \is_finite((float)(t1 + x[i]));
+ non-finite float value. assert \is_finite(\add_float(t1, x[i]));
[eva:alarm] tests/slicing/unravel-variance.i:36: Warning:
accessing uninitialized left-value. assert \initialized(&x[i]);
[eva:alarm] tests/slicing/unravel-variance.i:36: Warning:
non-finite float value. assert \is_finite(x[i]);
[eva:alarm] tests/slicing/unravel-variance.i:36: Warning:
non-finite float value.
- assert \is_finite((float)(ssq + (float)(x[i] * x[i])));
+ assert \is_finite(\add_float(ssq, \mul_float(x[i], x[i])));
[eva] computing for function scanf <- main.
Called from tests/slicing/unravel-variance.i:34.
[eva] Done for function scanf
@@ -47,69 +47,75 @@
[eva:alarm] tests/slicing/unravel-variance.i:35: Warning:
accessing out of bounds index. assert i < 1024;
[eva:alarm] tests/slicing/unravel-variance.i:38: Warning:
- non-finite float value. assert \is_finite((float)(t1 / (float)n));
+ non-finite float value. assert \is_finite(\div_float(t1, (float)n));
[eva:alarm] tests/slicing/unravel-variance.i:39: Warning:
- non-finite float value. assert \is_finite((float)((float)n * avg));
+ non-finite float value. assert \is_finite(\mul_float((float)n, avg));
[eva:alarm] tests/slicing/unravel-variance.i:39: Warning:
signed overflow. assert -2147483648 ≤ n - 1;
[eva:alarm] tests/slicing/unravel-variance.i:39: Warning:
non-finite float value.
- assert \is_finite((float)((float)((float)n * avg) * avg));
+ assert \is_finite(\mul_float(\mul_float((float)n, avg), avg));
[eva:alarm] tests/slicing/unravel-variance.i:39: Warning:
non-finite float value.
- assert \is_finite((float)(ssq - (float)((float)((float)n * avg) * avg)));
+ assert
+ \is_finite(\sub_float(ssq, \mul_float(\mul_float((float)n, avg), avg)));
[eva:alarm] tests/slicing/unravel-variance.i:39: Warning:
non-finite float value.
assert
- \is_finite((float)((float)(ssq - (float)((float)((float)n * avg) * avg)) /
- (float)((int)(n - 1))));
+ \is_finite(\div_float(\sub_float(ssq,
+ \mul_float(\mul_float((float)n, avg), avg)),
+ (float)((int)(n - 1))));
[eva:alarm] tests/slicing/unravel-variance.i:40: Warning:
- non-finite float value. assert \is_finite((float)(t1 * avg));
+ non-finite float value. assert \is_finite(\mul_float(t1, avg));
[eva:alarm] tests/slicing/unravel-variance.i:40: Warning:
- non-finite float value. assert \is_finite((float)(ssq - (float)(t1 * avg)));
+ non-finite float value.
+ assert \is_finite(\sub_float(ssq, \mul_float(t1, avg)));
[eva:alarm] tests/slicing/unravel-variance.i:40: Warning:
non-finite float value.
assert
- \is_finite((float)((float)(ssq - (float)(t1 * avg)) / (float)((int)(n - 1))));
+ \is_finite(\div_float(\sub_float(ssq, \mul_float(t1, avg)),
+ (float)((int)(n - 1))));
[eva:alarm] tests/slicing/unravel-variance.i:41: Warning:
- non-finite float value. assert \is_finite((float)(t1 * t1));
+ non-finite float value. assert \is_finite(\mul_float(t1, t1));
[eva:alarm] tests/slicing/unravel-variance.i:41: Warning:
non-finite float value.
- assert \is_finite((float)((float)(t1 * t1) / (float)n));
+ assert \is_finite(\div_float(\mul_float(t1, t1), (float)n));
[eva:alarm] tests/slicing/unravel-variance.i:42: Warning:
- non-finite float value. assert \is_finite((float)(ssq - t1));
+ non-finite float value. assert \is_finite(\sub_float(ssq, t1));
[eva:alarm] tests/slicing/unravel-variance.i:42: Warning:
non-finite float value.
- assert \is_finite((float)((float)(ssq - t1) / (float)((int)(n - 1))));
+ assert \is_finite(\div_float(\sub_float(ssq, t1), (float)((int)(n - 1))));
[eva:alarm] tests/slicing/unravel-variance.i:46: Warning:
accessing uninitialized left-value. assert \initialized(&x[i]);
[eva:alarm] tests/slicing/unravel-variance.i:46: Warning:
non-finite float value. assert \is_finite(x[i]);
[eva:alarm] tests/slicing/unravel-variance.i:46: Warning:
- non-finite float value. assert \is_finite((float)(x[i] - avg));
+ non-finite float value. assert \is_finite(\sub_float(x[i], avg));
[eva:alarm] tests/slicing/unravel-variance.i:48: Warning:
- non-finite float value. assert \is_finite((float)(dev * dev));
+ non-finite float value. assert \is_finite(\mul_float(dev, dev));
[eva] tests/slicing/unravel-variance.i:44: starting to merge loop iterations
[eva:alarm] tests/slicing/unravel-variance.i:47: Warning:
- non-finite float value. assert \is_finite((float)(t2 + dev));
+ non-finite float value. assert \is_finite(\add_float(t2, dev));
[eva:alarm] tests/slicing/unravel-variance.i:48: Warning:
- non-finite float value. assert \is_finite((float)(t1 + (float)(dev * dev)));
+ non-finite float value.
+ assert \is_finite(\add_float(t1, \mul_float(dev, dev)));
[eva:alarm] tests/slicing/unravel-variance.i:50: Warning:
- non-finite float value. assert \is_finite((float)(t2 * t2));
+ non-finite float value. assert \is_finite(\mul_float(t2, t2));
[eva:alarm] tests/slicing/unravel-variance.i:50: Warning:
non-finite float value.
- assert \is_finite((float)((float)(t2 * t2) / (float)n));
+ assert \is_finite(\div_float(\mul_float(t2, t2), (float)n));
[eva:alarm] tests/slicing/unravel-variance.i:50: Warning:
non-finite float value.
- assert \is_finite((float)(t1 - (float)((float)(t2 * t2) / (float)n)));
+ assert \is_finite(\sub_float(t1, \div_float(\mul_float(t2, t2), (float)n)));
[eva:alarm] tests/slicing/unravel-variance.i:50: Warning:
non-finite float value.
assert
- \is_finite((float)((float)(t1 - (float)((float)(t2 * t2) / (float)n)) /
- (float)((int)(n - 1))));
+ \is_finite(\div_float(\sub_float(t1,
+ \div_float(\mul_float(t2, t2), (float)n)),
+ (float)((int)(n - 1))));
[eva:alarm] tests/slicing/unravel-variance.i:51: Warning:
non-finite float value.
- assert \is_finite((float)(t1 / (float)((int)(n - 1))));
+ assert \is_finite(\div_float(t1, (float)((int)(n - 1))));
[eva:alarm] tests/slicing/unravel-variance.i:52: Warning:
overflow in conversion from floating-point to integer.
assert -2147483649 < var2;
diff --git a/tests/slicing/oracle/unravel-variance.3.res.oracle b/tests/slicing/oracle/unravel-variance.3.res.oracle
index 75bbcf89bca26210963c035183b657e335b465d0..6f444dfaef6f22c6e07971d1e6293c933dcbf944 100644
--- a/tests/slicing/oracle/unravel-variance.3.res.oracle
+++ b/tests/slicing/oracle/unravel-variance.3.res.oracle
@@ -21,20 +21,20 @@
[eva:alarm] tests/slicing/unravel-variance.i:35: Warning:
non-finite float value. assert \is_finite(x[i]);
[eva:alarm] tests/slicing/unravel-variance.i:36: Warning:
- non-finite float value. assert \is_finite((float)(x[i] * x[i]));
+ non-finite float value. assert \is_finite(\mul_float(x[i], x[i]));
[eva] tests/slicing/unravel-variance.i:32: starting to merge loop iterations
[eva] computing for function scanf <- main.
Called from tests/slicing/unravel-variance.i:34.
[eva] Done for function scanf
[eva:alarm] tests/slicing/unravel-variance.i:35: Warning:
- non-finite float value. assert \is_finite((float)(t1 + x[i]));
+ non-finite float value. assert \is_finite(\add_float(t1, x[i]));
[eva:alarm] tests/slicing/unravel-variance.i:36: Warning:
accessing uninitialized left-value. assert \initialized(&x[i]);
[eva:alarm] tests/slicing/unravel-variance.i:36: Warning:
non-finite float value. assert \is_finite(x[i]);
[eva:alarm] tests/slicing/unravel-variance.i:36: Warning:
non-finite float value.
- assert \is_finite((float)(ssq + (float)(x[i] * x[i])));
+ assert \is_finite(\add_float(ssq, \mul_float(x[i], x[i])));
[eva] computing for function scanf <- main.
Called from tests/slicing/unravel-variance.i:34.
[eva] Done for function scanf
@@ -47,69 +47,75 @@
[eva:alarm] tests/slicing/unravel-variance.i:35: Warning:
accessing out of bounds index. assert i < 1024;
[eva:alarm] tests/slicing/unravel-variance.i:38: Warning:
- non-finite float value. assert \is_finite((float)(t1 / (float)n));
+ non-finite float value. assert \is_finite(\div_float(t1, (float)n));
[eva:alarm] tests/slicing/unravel-variance.i:39: Warning:
- non-finite float value. assert \is_finite((float)((float)n * avg));
+ non-finite float value. assert \is_finite(\mul_float((float)n, avg));
[eva:alarm] tests/slicing/unravel-variance.i:39: Warning:
signed overflow. assert -2147483648 ≤ n - 1;
[eva:alarm] tests/slicing/unravel-variance.i:39: Warning:
non-finite float value.
- assert \is_finite((float)((float)((float)n * avg) * avg));
+ assert \is_finite(\mul_float(\mul_float((float)n, avg), avg));
[eva:alarm] tests/slicing/unravel-variance.i:39: Warning:
non-finite float value.
- assert \is_finite((float)(ssq - (float)((float)((float)n * avg) * avg)));
+ assert
+ \is_finite(\sub_float(ssq, \mul_float(\mul_float((float)n, avg), avg)));
[eva:alarm] tests/slicing/unravel-variance.i:39: Warning:
non-finite float value.
assert
- \is_finite((float)((float)(ssq - (float)((float)((float)n * avg) * avg)) /
- (float)((int)(n - 1))));
+ \is_finite(\div_float(\sub_float(ssq,
+ \mul_float(\mul_float((float)n, avg), avg)),
+ (float)((int)(n - 1))));
[eva:alarm] tests/slicing/unravel-variance.i:40: Warning:
- non-finite float value. assert \is_finite((float)(t1 * avg));
+ non-finite float value. assert \is_finite(\mul_float(t1, avg));
[eva:alarm] tests/slicing/unravel-variance.i:40: Warning:
- non-finite float value. assert \is_finite((float)(ssq - (float)(t1 * avg)));
+ non-finite float value.
+ assert \is_finite(\sub_float(ssq, \mul_float(t1, avg)));
[eva:alarm] tests/slicing/unravel-variance.i:40: Warning:
non-finite float value.
assert
- \is_finite((float)((float)(ssq - (float)(t1 * avg)) / (float)((int)(n - 1))));
+ \is_finite(\div_float(\sub_float(ssq, \mul_float(t1, avg)),
+ (float)((int)(n - 1))));
[eva:alarm] tests/slicing/unravel-variance.i:41: Warning:
- non-finite float value. assert \is_finite((float)(t1 * t1));
+ non-finite float value. assert \is_finite(\mul_float(t1, t1));
[eva:alarm] tests/slicing/unravel-variance.i:41: Warning:
non-finite float value.
- assert \is_finite((float)((float)(t1 * t1) / (float)n));
+ assert \is_finite(\div_float(\mul_float(t1, t1), (float)n));
[eva:alarm] tests/slicing/unravel-variance.i:42: Warning:
- non-finite float value. assert \is_finite((float)(ssq - t1));
+ non-finite float value. assert \is_finite(\sub_float(ssq, t1));
[eva:alarm] tests/slicing/unravel-variance.i:42: Warning:
non-finite float value.
- assert \is_finite((float)((float)(ssq - t1) / (float)((int)(n - 1))));
+ assert \is_finite(\div_float(\sub_float(ssq, t1), (float)((int)(n - 1))));
[eva:alarm] tests/slicing/unravel-variance.i:46: Warning:
accessing uninitialized left-value. assert \initialized(&x[i]);
[eva:alarm] tests/slicing/unravel-variance.i:46: Warning:
non-finite float value. assert \is_finite(x[i]);
[eva:alarm] tests/slicing/unravel-variance.i:46: Warning:
- non-finite float value. assert \is_finite((float)(x[i] - avg));
+ non-finite float value. assert \is_finite(\sub_float(x[i], avg));
[eva:alarm] tests/slicing/unravel-variance.i:48: Warning:
- non-finite float value. assert \is_finite((float)(dev * dev));
+ non-finite float value. assert \is_finite(\mul_float(dev, dev));
[eva] tests/slicing/unravel-variance.i:44: starting to merge loop iterations
[eva:alarm] tests/slicing/unravel-variance.i:47: Warning:
- non-finite float value. assert \is_finite((float)(t2 + dev));
+ non-finite float value. assert \is_finite(\add_float(t2, dev));
[eva:alarm] tests/slicing/unravel-variance.i:48: Warning:
- non-finite float value. assert \is_finite((float)(t1 + (float)(dev * dev)));
+ non-finite float value.
+ assert \is_finite(\add_float(t1, \mul_float(dev, dev)));
[eva:alarm] tests/slicing/unravel-variance.i:50: Warning:
- non-finite float value. assert \is_finite((float)(t2 * t2));
+ non-finite float value. assert \is_finite(\mul_float(t2, t2));
[eva:alarm] tests/slicing/unravel-variance.i:50: Warning:
non-finite float value.
- assert \is_finite((float)((float)(t2 * t2) / (float)n));
+ assert \is_finite(\div_float(\mul_float(t2, t2), (float)n));
[eva:alarm] tests/slicing/unravel-variance.i:50: Warning:
non-finite float value.
- assert \is_finite((float)(t1 - (float)((float)(t2 * t2) / (float)n)));
+ assert \is_finite(\sub_float(t1, \div_float(\mul_float(t2, t2), (float)n)));
[eva:alarm] tests/slicing/unravel-variance.i:50: Warning:
non-finite float value.
assert
- \is_finite((float)((float)(t1 - (float)((float)(t2 * t2) / (float)n)) /
- (float)((int)(n - 1))));
+ \is_finite(\div_float(\sub_float(t1,
+ \div_float(\mul_float(t2, t2), (float)n)),
+ (float)((int)(n - 1))));
[eva:alarm] tests/slicing/unravel-variance.i:51: Warning:
non-finite float value.
- assert \is_finite((float)(t1 / (float)((int)(n - 1))));
+ assert \is_finite(\div_float(t1, (float)((int)(n - 1))));
[eva:alarm] tests/slicing/unravel-variance.i:52: Warning:
overflow in conversion from floating-point to integer.
assert -2147483649 < var2;
diff --git a/tests/slicing/oracle/unravel-variance.4.res.oracle b/tests/slicing/oracle/unravel-variance.4.res.oracle
index f651a4d6a3b199273e49d1c59403270dbb63e24a..ac6ef9b1483d3fe1ee4b72ce634390b98f67253f 100644
--- a/tests/slicing/oracle/unravel-variance.4.res.oracle
+++ b/tests/slicing/oracle/unravel-variance.4.res.oracle
@@ -21,20 +21,20 @@
[eva:alarm] tests/slicing/unravel-variance.i:35: Warning:
non-finite float value. assert \is_finite(x[i]);
[eva:alarm] tests/slicing/unravel-variance.i:36: Warning:
- non-finite float value. assert \is_finite((float)(x[i] * x[i]));
+ non-finite float value. assert \is_finite(\mul_float(x[i], x[i]));
[eva] tests/slicing/unravel-variance.i:32: starting to merge loop iterations
[eva] computing for function scanf <- main.
Called from tests/slicing/unravel-variance.i:34.
[eva] Done for function scanf
[eva:alarm] tests/slicing/unravel-variance.i:35: Warning:
- non-finite float value. assert \is_finite((float)(t1 + x[i]));
+ non-finite float value. assert \is_finite(\add_float(t1, x[i]));
[eva:alarm] tests/slicing/unravel-variance.i:36: Warning:
accessing uninitialized left-value. assert \initialized(&x[i]);
[eva:alarm] tests/slicing/unravel-variance.i:36: Warning:
non-finite float value. assert \is_finite(x[i]);
[eva:alarm] tests/slicing/unravel-variance.i:36: Warning:
non-finite float value.
- assert \is_finite((float)(ssq + (float)(x[i] * x[i])));
+ assert \is_finite(\add_float(ssq, \mul_float(x[i], x[i])));
[eva] computing for function scanf <- main.
Called from tests/slicing/unravel-variance.i:34.
[eva] Done for function scanf
@@ -47,69 +47,75 @@
[eva:alarm] tests/slicing/unravel-variance.i:35: Warning:
accessing out of bounds index. assert i < 1024;
[eva:alarm] tests/slicing/unravel-variance.i:38: Warning:
- non-finite float value. assert \is_finite((float)(t1 / (float)n));
+ non-finite float value. assert \is_finite(\div_float(t1, (float)n));
[eva:alarm] tests/slicing/unravel-variance.i:39: Warning:
- non-finite float value. assert \is_finite((float)((float)n * avg));
+ non-finite float value. assert \is_finite(\mul_float((float)n, avg));
[eva:alarm] tests/slicing/unravel-variance.i:39: Warning:
signed overflow. assert -2147483648 ≤ n - 1;
[eva:alarm] tests/slicing/unravel-variance.i:39: Warning:
non-finite float value.
- assert \is_finite((float)((float)((float)n * avg) * avg));
+ assert \is_finite(\mul_float(\mul_float((float)n, avg), avg));
[eva:alarm] tests/slicing/unravel-variance.i:39: Warning:
non-finite float value.
- assert \is_finite((float)(ssq - (float)((float)((float)n * avg) * avg)));
+ assert
+ \is_finite(\sub_float(ssq, \mul_float(\mul_float((float)n, avg), avg)));
[eva:alarm] tests/slicing/unravel-variance.i:39: Warning:
non-finite float value.
assert
- \is_finite((float)((float)(ssq - (float)((float)((float)n * avg) * avg)) /
- (float)((int)(n - 1))));
+ \is_finite(\div_float(\sub_float(ssq,
+ \mul_float(\mul_float((float)n, avg), avg)),
+ (float)((int)(n - 1))));
[eva:alarm] tests/slicing/unravel-variance.i:40: Warning:
- non-finite float value. assert \is_finite((float)(t1 * avg));
+ non-finite float value. assert \is_finite(\mul_float(t1, avg));
[eva:alarm] tests/slicing/unravel-variance.i:40: Warning:
- non-finite float value. assert \is_finite((float)(ssq - (float)(t1 * avg)));
+ non-finite float value.
+ assert \is_finite(\sub_float(ssq, \mul_float(t1, avg)));
[eva:alarm] tests/slicing/unravel-variance.i:40: Warning:
non-finite float value.
assert
- \is_finite((float)((float)(ssq - (float)(t1 * avg)) / (float)((int)(n - 1))));
+ \is_finite(\div_float(\sub_float(ssq, \mul_float(t1, avg)),
+ (float)((int)(n - 1))));
[eva:alarm] tests/slicing/unravel-variance.i:41: Warning:
- non-finite float value. assert \is_finite((float)(t1 * t1));
+ non-finite float value. assert \is_finite(\mul_float(t1, t1));
[eva:alarm] tests/slicing/unravel-variance.i:41: Warning:
non-finite float value.
- assert \is_finite((float)((float)(t1 * t1) / (float)n));
+ assert \is_finite(\div_float(\mul_float(t1, t1), (float)n));
[eva:alarm] tests/slicing/unravel-variance.i:42: Warning:
- non-finite float value. assert \is_finite((float)(ssq - t1));
+ non-finite float value. assert \is_finite(\sub_float(ssq, t1));
[eva:alarm] tests/slicing/unravel-variance.i:42: Warning:
non-finite float value.
- assert \is_finite((float)((float)(ssq - t1) / (float)((int)(n - 1))));
+ assert \is_finite(\div_float(\sub_float(ssq, t1), (float)((int)(n - 1))));
[eva:alarm] tests/slicing/unravel-variance.i:46: Warning:
accessing uninitialized left-value. assert \initialized(&x[i]);
[eva:alarm] tests/slicing/unravel-variance.i:46: Warning:
non-finite float value. assert \is_finite(x[i]);
[eva:alarm] tests/slicing/unravel-variance.i:46: Warning:
- non-finite float value. assert \is_finite((float)(x[i] - avg));
+ non-finite float value. assert \is_finite(\sub_float(x[i], avg));
[eva:alarm] tests/slicing/unravel-variance.i:48: Warning:
- non-finite float value. assert \is_finite((float)(dev * dev));
+ non-finite float value. assert \is_finite(\mul_float(dev, dev));
[eva] tests/slicing/unravel-variance.i:44: starting to merge loop iterations
[eva:alarm] tests/slicing/unravel-variance.i:47: Warning:
- non-finite float value. assert \is_finite((float)(t2 + dev));
+ non-finite float value. assert \is_finite(\add_float(t2, dev));
[eva:alarm] tests/slicing/unravel-variance.i:48: Warning:
- non-finite float value. assert \is_finite((float)(t1 + (float)(dev * dev)));
+ non-finite float value.
+ assert \is_finite(\add_float(t1, \mul_float(dev, dev)));
[eva:alarm] tests/slicing/unravel-variance.i:50: Warning:
- non-finite float value. assert \is_finite((float)(t2 * t2));
+ non-finite float value. assert \is_finite(\mul_float(t2, t2));
[eva:alarm] tests/slicing/unravel-variance.i:50: Warning:
non-finite float value.
- assert \is_finite((float)((float)(t2 * t2) / (float)n));
+ assert \is_finite(\div_float(\mul_float(t2, t2), (float)n));
[eva:alarm] tests/slicing/unravel-variance.i:50: Warning:
non-finite float value.
- assert \is_finite((float)(t1 - (float)((float)(t2 * t2) / (float)n)));
+ assert \is_finite(\sub_float(t1, \div_float(\mul_float(t2, t2), (float)n)));
[eva:alarm] tests/slicing/unravel-variance.i:50: Warning:
non-finite float value.
assert
- \is_finite((float)((float)(t1 - (float)((float)(t2 * t2) / (float)n)) /
- (float)((int)(n - 1))));
+ \is_finite(\div_float(\sub_float(t1,
+ \div_float(\mul_float(t2, t2), (float)n)),
+ (float)((int)(n - 1))));
[eva:alarm] tests/slicing/unravel-variance.i:51: Warning:
non-finite float value.
- assert \is_finite((float)(t1 / (float)((int)(n - 1))));
+ assert \is_finite(\div_float(t1, (float)((int)(n - 1))));
[eva:alarm] tests/slicing/unravel-variance.i:52: Warning:
overflow in conversion from floating-point to integer.
assert -2147483649 < var2;
diff --git a/tests/slicing/slice_no_body.i b/tests/slicing/slice_no_body.i
index 8e97f4c920a7f4f6972d25a7be69257b90dd1adf..e2be30cc3c617fc32f374986687e8bfa8d4d8f79 100644
--- a/tests/slicing/slice_no_body.i
+++ b/tests/slicing/slice_no_body.i
@@ -24,5 +24,5 @@ int h (void) {
G = f (4);
if (G > 0)
G = g (c);
- return (int)g;
+ return G;
}
diff --git a/tests/spec/expr_to_term.i b/tests/spec/expr_to_term.i
index 5320e071398288731edd84d484de97ffc5cf4677..e0e887144169aea4640bb1f008beabd15bfba32b 100644
--- a/tests/spec/expr_to_term.i
+++ b/tests/spec/expr_to_term.i
@@ -2,14 +2,19 @@
MODULE: @PTEST_DIR@/@PTEST_NAME@.cmxs
OPT: -print
*/
+
+
+// This predicate is modified by expr_to_term.ml plugin to compare
+// the assigned l-value or condition at provided stmt id with the logical term
+
+/*@ predicate int_eq(int logical, int from_stmt_id) = logical == from_stmt_id; */
+
int x[10];
struct S { int y; int z; } s;
int t;
-/*@ predicate int_eq(int logical, int from_c) = logical == from_c; */
-
/*@ ensures int_eq(*(int*)((unsigned)0x1 + 0x2),(int)0); */
int f() {
@@ -29,7 +34,12 @@ int main() {
t = 4;
}
-/*@ ensures int_eq((int)!t,(int)5); */
+/*@ ensures int_eq((int)(t!=0 ? 0 : 1),(int)5); */
int g() {
if (!t) return 2; else return 3;
}
+
+/*@ ensures int_eq((int)(t<5 ? 1 : 0),(int)6); */
+int h() {
+ if (t<5) return 2; else return 3;
+}
diff --git a/tests/spec/expr_to_term.ml b/tests/spec/expr_to_term.ml
index 17478ac46f188ed3bd618d92ccdab4ea2d51c863..b6ce6b3ab15e0fab3b0e5eb4f46909816c7b4d8d 100644
--- a/tests/spec/expr_to_term.ml
+++ b/tests/spec/expr_to_term.ml
@@ -2,7 +2,7 @@ open Cil_types
let emitter = Emitter.(create "Test" [Funspec] ~correctness:[] ~tuning:[])
-let check_expr_term check fct s e =
+let check_expr_term check fct s post =
let exp =
match s.skind with
| Instr (Set (lv,_,loc)) -> Cil.new_exp ~loc (Lval lv)
@@ -10,12 +10,11 @@ let check_expr_term check fct s e =
| _ -> Kernel.fatal "Unexpected statement %a" Printer.pp_stmt s
in
let term =
- match e with
+ match post with
| (_, { ip_content = { pred_content = Papp(_,_,[l;_]) } }) -> l
- | _ -> Kernel.fatal "Unexpected ensures %a" Printer.pp_post_cond e
+ | _ -> Kernel.fatal "Unexpected ensures %a" Printer.pp_post_cond post
in
- let term' = Logic_utils.expr_to_term ~cast:false exp in
- let term' = Logic_utils.mk_cast Cil.intType term' in
+ let term' = Logic_utils.expr_to_term ~coerce:false exp in
if check && not (Cil_datatype.Term.equal term term') then
Kernel.fatal
"translation of C expression %a is %a, inconsistent with logic term %a"
@@ -29,7 +28,7 @@ let treat_fct check fct =
let stmts = (Kernel_function.get_definition fct).sbody.bstmts in
let stmts =
List.filter
- (function
+ (function
{ skind = Instr (Set (lv,_,_)) } ->
(match lv with (Var v,_) -> v.vglob | _ -> true)
| { skind = If _ } -> true
@@ -41,7 +40,7 @@ let treat_fct check fct =
(* A bit fragile, but should do the trick as long as the test itself does
not get too complicated (regarding the C code at least). *)
if not (List.length stmts = List.length ensures) then
- Kernel.fatal
+ Kernel.fatal
"Stmts:@\n%a@\nPreds:@\n%a@\n"
(Pretty_utils.pp_list ~sep:"@\n@\n" Printer.pp_stmt) stmts
(Pretty_utils.pp_list ~sep:"@\n@\n" Printer.pp_post_cond) ensures;
@@ -52,9 +51,12 @@ let compute () =
let main = Globals.Functions.find_by_name "main" in
let f = Globals.Functions.find_by_name "f" in
let g = Globals.Functions.find_by_name "g" in
- treat_fct true main;
- treat_fct false f;
- treat_fct true g
-
+ let h = Globals.Functions.find_by_name "h" in
+ begin
+ treat_fct true main;
+ treat_fct false f;
+ treat_fct true g;
+ treat_fct true h;
+ end
let () = Db.Main.extend compute
diff --git a/tests/spec/oracle/cast_enum_bts1546.0.res.oracle b/tests/spec/oracle/cast_enum_bts1546.0.res.oracle
index 859426aa635fc488beca0b51816d51a6201d5d15..8a5f937eecdd7fa43e78b21ef4a70b88991fc0d0 100644
--- a/tests/spec/oracle/cast_enum_bts1546.0.res.oracle
+++ b/tests/spec/oracle/cast_enum_bts1546.0.res.oracle
@@ -39,7 +39,7 @@ enum e f(enum e x)
return __retres;
}
-/*@ ensures P: \result ≡ (unsigned int)E0; */
+/*@ ensures P: \result ≡ E0; */
enum e g(enum e x)
{
enum e __retres;
diff --git a/tests/spec/oracle/expr_to_term.res.oracle b/tests/spec/oracle/expr_to_term.res.oracle
index a378207a1b9cec63fef9d84d30052cc663076a14..fcb612aeeffb7d9c85f1f1ab6724eb0bb42c00e0 100644
--- a/tests/spec/oracle/expr_to_term.res.oracle
+++ b/tests/spec/oracle/expr_to_term.res.oracle
@@ -4,12 +4,14 @@ struct S {
int y ;
int z ;
};
+/*@
+predicate int_eq(int logical, int from_stmt_id) = logical ≡ from_stmt_id;
+ */
int x[10];
struct S s;
int t;
-/*@ predicate int_eq(int logical, int from_c) = logical ≡ from_c;
- */
-/*@ ensures int_eq(*((int *)(0x1 + 0x2)), *((int *)(0x1 + 0x2)));
+/*@ ensures
+ int_eq(*((int *)(0x1 + 0x2)), *((int *)((unsigned int)(0x1 + 0x2))));
ensures int_eq(*((int *)(0x1 + 0x2)), (int)0);
*/
int f(void)
@@ -40,8 +42,8 @@ int main(void)
return __retres;
}
-/*@ ensures int_eq((int)(!(t ≢ 0)), (int)(!(t ≢ 0)));
- ensures int_eq((int)(!(t ≢ 0)), (int)5);
+/*@ ensures int_eq((int)(t ≢ 0? 0: 1), (int)(t ≢ 0? 0: 1));
+ ensures int_eq((int)(t ≢ 0? 0: 1), (int)5);
*/
int g(void)
{
@@ -57,4 +59,21 @@ int g(void)
return_label: return __retres;
}
+/*@ ensures int_eq((int)(t < 5? 1: 0), (int)(t < 5? 1: 0));
+ ensures int_eq((int)(t < 5? 1: 0), (int)6);
+ */
+int h(void)
+{
+ int __retres;
+ if (t < 5) {
+ __retres = 2;
+ goto return_label;
+ }
+ else {
+ __retres = 3;
+ goto return_label;
+ }
+ return_label: return __retres;
+}
+
diff --git a/tests/spec/oracle/null_ptr.res.oracle b/tests/spec/oracle/null_ptr.res.oracle
index 5412691e03a9c6d7725e8c152d128c7d7cfe42d4..c33037bd34a749312d9fff4efaf9cc42e3659b39 100644
--- a/tests/spec/oracle/null_ptr.res.oracle
+++ b/tests/spec/oracle/null_ptr.res.oracle
@@ -10,12 +10,12 @@
*/
/*@ predicate eq(char *x, char *y) = x ≡ y;
*/
-/*@ predicate my_null(char *x) = x ≡ (char *)((void *)0);
+/*@ predicate my_null(char *x) = x ≡ (char *)0;
*/
void f(char *x)
{
x = (char *)0;
- /*@ assert x ≡ (char *)((void *)0); */ ;
+ /*@ assert x ≡ (char *)0; */ ;
/*@ assert my_null(x); */ ;
/*@ assert null(x); */ ;
/*@ assert eq(x, (char *)0); */ ;
diff --git a/tests/spec/oracle/stmt_contract.res.oracle b/tests/spec/oracle/stmt_contract.res.oracle
index c60dcabab0aa59db45c8a43697c0d0aead29f3cd..f8723d8fb48dadda23c29a64c262bb2c9915ada3 100644
--- a/tests/spec/oracle/stmt_contract.res.oracle
+++ b/tests/spec/oracle/stmt_contract.res.oracle
@@ -38,6 +38,8 @@ int main(int c)
/*@ requires before_label: \true; */
label: /*@ requires after_label: \true; */
y = 8;
+ /*@ ensures x ≡ 0 ∨ x ≡ 7; */
+ if (c >= 3) x = 0; else x = 7;
/*@ requires x ≡ 7; */
/*@ ensures x ≡ 7; */
{
diff --git a/tests/spec/oracle/ucn.res.oracle b/tests/spec/oracle/ucn.res.oracle
new file mode 100644
index 0000000000000000000000000000000000000000..ed305c2491101f797a51cc278584ad4f6537fdd5
--- /dev/null
+++ b/tests/spec/oracle/ucn.res.oracle
@@ -0,0 +1,5 @@
+[kernel] Parsing tests/spec/ucn.c (with preprocessing)
+/* Generated by Frama-C */
+/*@ lemma test_ucn: ∀ 𔹠b; b ≡ \true ⇔ b ≡ \true;
+ */
+
diff --git a/tests/spec/stmt_contract.i b/tests/spec/stmt_contract.i
index ccac6381fcc02c19553470c0a2f3fafa1d5e2116..80e9690322af910e19338869db6b290668f14b7b 100644
--- a/tests/spec/stmt_contract.i
+++ b/tests/spec/stmt_contract.i
@@ -32,6 +32,9 @@ int main(int c) {
//@ requires after_label: \true;
y=8;
+ /*@ ensures x == 0 || x == 7; */
+ x = (c >= 3) ? 0 : 7;
+
/*@ requires x == 7; */
/*@ ensures x == 7; */
return 0;
diff --git a/tests/spec/ucn.c b/tests/spec/ucn.c
new file mode 100644
index 0000000000000000000000000000000000000000..a57ceaed8d635c98ad9ce465cd77375b496de559
--- /dev/null
+++ b/tests/spec/ucn.c
@@ -0,0 +1 @@
+/*@ lemma test_ucn: \U00002200 \U0001D539 b; b \u21D4 \u00AC \U000000AC b; */
diff --git a/tests/syntax/ast_init.ml b/tests/syntax/ast_init.ml
index b0520cc04b97cac07a59159c9c944fd6722c539a..f0e57935a236f696af9949647edb7ec78d06fb81 100644
--- a/tests/syntax/ast_init.ml
+++ b/tests/syntax/ast_init.ml
@@ -8,6 +8,7 @@ let apply _ =
(fun b -> b.bstmts <-
Cil.mkStmtOneInstr (Skip (Cil_datatype.Stmt.loc s)) :: b.bstmts)
l;
+ File.must_recompute_cfg (Kernel_function.get_definition f) ;
Ast.mark_as_grown ()
let () = Ast.apply_after_computed apply
diff --git a/tests/syntax/cpp-command.c b/tests/syntax/cpp-command.c
index 45fd238338830505dfb51f5e815426113210c637..41512d12b91061aab693700eb907c7e937b17b62 100644
--- a/tests/syntax/cpp-command.c
+++ b/tests/syntax/cpp-command.c
@@ -1,5 +1,5 @@
/* run.config*
- FILTER: sed 's|/tmp/[^ ]*\.i|/tmp/FILE.i|g'
+ FILTER: sed 's:/\(tmp\|var\)/[^ ]*\.i:/tmp/FILE.i:g'
OPT: -no-autoload-plugins -cpp-frama-c-compliant -cpp-command "echo [\$(basename '%1') \$(basename '%1') \$(basename '%i') \$(basename '%input')] ['%2' '%2' '%o' '%output'] ['%args']"
OPT: -no-autoload-plugins -cpp-frama-c-compliant -cpp-command "echo %%1 = \$(basename '%1') %%2 = '%2' %%args = '%args'"
OPT: -no-autoload-plugins -cpp-frama-c-compliant -cpp-command "printf \"%s\" \"using \\% has no effect : \$(basename \"\%input\")\""
diff --git a/tests/syntax/ghost_else_bad.c b/tests/syntax/ghost_else_bad.c
index 8f6bf609bffa284e52b5d0c3a89622b3d47c568a..00a3bc684d11d361b7351f74376970613f06e2c3 100644
--- a/tests/syntax/ghost_else_bad.c
+++ b/tests/syntax/ghost_else_bad.c
@@ -1,6 +1,6 @@
/* run.config
OPT: -no-autoload-plugins -cpp-extra-args="-DERROR_LOC_WITH_COMMENTS"
- OPT: -no-autoload-plugins -cpp-extra-args="-DALREADY_HAS_ELSE" -print
+ OPT: -no-autoload-plugins -cpp-extra-args="-DALREADY_HAS_ELSE" -print -kernel-warn-key ghost:bad-use=feedback
OPT: -no-autoload-plugins -cpp-extra-args="-DBAD_ANNOT_POSITION"
*/
@@ -22,7 +22,7 @@ void if_ghost_else_block_comments_then_error(int x, int y) {
#endif
-#ifdef ALREADY_HAS_ELSE
+#ifdef ALREADY_HAS_ELSE
// Must warn that the ghost else cannot appear since there is already a else
// Thus the ghost else is ignored and the resulting code does not comprise it
diff --git a/tests/syntax/ghost_lexing.i b/tests/syntax/ghost_lexing.i
index b2a74f89f75ed392eb6f41baf27124a69d4d40e0..03dc066c147e411ec30fa5f0bc87f7aa3c5c4696 100644
--- a/tests/syntax/ghost_lexing.i
+++ b/tests/syntax/ghost_lexing.i
@@ -16,7 +16,7 @@ void test2(int x) {
}
void f() {
- /*@ ghost L: */ G++;
+ /*@ ghost L:; */ G++;
/*@ assert \at(G,L) + 1 == G; */
L1: /*@ ghost H=G; */ G++;
if (G < 30) goto L1;
diff --git a/tests/syntax/oracle/assembly_gmp.1.res.oracle b/tests/syntax/oracle/assembly_gmp.1.res.oracle
index 63a12b1b07bab4c049fb972e2f853cc2330cf8dd..70ffc4d780c3a76abd0e4e060e91dec0c49f39e2 100644
--- a/tests/syntax/oracle/assembly_gmp.1.res.oracle
+++ b/tests/syntax/oracle/assembly_gmp.1.res.oracle
@@ -38,9 +38,9 @@ mp_limb_t mpn_mod_1_1p(mp_srcptr ap, mp_size_t n, mp_limb_t b,
p0 = (long)(__m0 * __m1);
}
/*@ assigns r2, r1, r0;
- assigns r2 \from r0, p1, *(ap + (n - 3)), p0;
- assigns r1 \from r0, p1, *(ap + (n - 3)), p0;
- assigns r0 \from r0, p1, *(ap + (n - 3)), p0;
+ assigns r2 \from r0, p1, *(ap + (unsigned long)(n - 3)), p0;
+ assigns r1 \from r0, p1, *(ap + (unsigned long)(n - 3)), p0;
+ assigns r0 \from r0, p1, *(ap + (unsigned long)(n - 3)), p0;
*/
__asm__ (
"add\t%6, %q2\n\t"
diff --git a/tests/syntax/oracle/assembly_gmp.2.res.oracle b/tests/syntax/oracle/assembly_gmp.2.res.oracle
index 2684a9a66550dfd450d38cd9166036597ebdab3b..d3e9aca3737cce222093576d7e70a7e44cf4d481 100644
--- a/tests/syntax/oracle/assembly_gmp.2.res.oracle
+++ b/tests/syntax/oracle/assembly_gmp.2.res.oracle
@@ -38,9 +38,9 @@ mp_limb_t mpn_mod_1_1p(mp_srcptr ap, mp_size_t n, mp_limb_t b,
p0 = (long)(__m0 * __m1);
}
/*@ assigns r2, r1, r0;
- assigns r2 \from r0, p1, *(ap + (n - 3)), p0;
- assigns r1 \from r0, p1, *(ap + (n - 3)), p0;
- assigns r0 \from r0, p1, *(ap + (n - 3)), p0;
+ assigns r2 \from r0, p1, *(ap + (unsigned int)(n - 3)), p0;
+ assigns r1 \from r0, p1, *(ap + (unsigned int)(n - 3)), p0;
+ assigns r0 \from r0, p1, *(ap + (unsigned int)(n - 3)), p0;
*/
__asm__ (
"add%I6c\t%2, %5, %6\n\t"
diff --git a/tests/syntax/oracle/bts1553_2.res.oracle b/tests/syntax/oracle/bts1553_2.res.oracle
index 139289f56d49d5f30fb1bc1cb54e0c9281787197..9293259fe565811c4e9f7f6dedc355b38faa4288 100644
--- a/tests/syntax/oracle/bts1553_2.res.oracle
+++ b/tests/syntax/oracle/bts1553_2.res.oracle
@@ -7,6 +7,8 @@
};
/* compiler builtin:
__builtin_va_list __builtin_next_arg(void); */
+ /* compiler builtin:
+ unsigned int __builtin_offsetof(unsigned int); */
/* compiler builtin:
void __builtin_stdarg_start(__builtin_va_list); */
/* compiler builtin:
@@ -40,6 +42,8 @@
};
/* compiler builtin:
__builtin_va_list __builtin_next_arg(void); */
+ /* compiler builtin:
+ unsigned int __builtin_offsetof(unsigned int); */
/* compiler builtin:
void __builtin_stdarg_start(__builtin_va_list); */
/* compiler builtin:
diff --git a/tests/syntax/oracle/check_builtin_bts1440.res.oracle b/tests/syntax/oracle/check_builtin_bts1440.res.oracle
index 2641ac4bf8833e108581d5ed79954df3fc10622f..091c7d8002d8a53274789b3887edaaec956ffbe2 100644
--- a/tests/syntax/oracle/check_builtin_bts1440.res.oracle
+++ b/tests/syntax/oracle/check_builtin_bts1440.res.oracle
@@ -81,12 +81,6 @@
long double __builtin_ceill(long double);
- int __builtin_clz(unsigned int);
-
- int __builtin_clzl(unsigned long);
-
- int __builtin_clzll(unsigned long long);
-
int __builtin_constant_p(int);
double __builtin_cos(double);
@@ -101,12 +95,6 @@
long double __builtin_cosl(long double);
- int __builtin_ctz(unsigned int);
-
- int __builtin_ctzl(unsigned long);
-
- int __builtin_ctzll(unsigned long long);
-
double __builtin_exp(double);
long __builtin_expect(long, long);
@@ -209,18 +197,14 @@
unsigned int __builtin_object_size(void *, int);
+ unsigned int __builtin_offsetof(unsigned int);
+
int __builtin_parity(unsigned int);
int __builtin_parityl(unsigned long);
int __builtin_parityll(unsigned long long);
- int __builtin_popcount(unsigned int);
-
- int __builtin_popcountl(unsigned long);
-
- int __builtin_popcountll(unsigned long long);
-
double __builtin_powi(double, int);
float __builtin_powif(float, int);
diff --git a/tests/syntax/oracle/get_astinfo_bts1136.res.oracle b/tests/syntax/oracle/get_astinfo_bts1136.res.oracle
index 6366ae5e8ee9b4b79e1ce7de9a6dc6e2d8a70370..cffcd6e4b73cd1290264656bf7e80aefd76fe204 100644
--- a/tests/syntax/oracle/get_astinfo_bts1136.res.oracle
+++ b/tests/syntax/oracle/get_astinfo_bts1136.res.oracle
@@ -1,13 +1,13 @@
[kernel] Parsing tests/syntax/get_astinfo_bts1136.i (no preprocessing)
-found variable vid:20 formal in f
-found variable vid:23 formal in g
-found variable vid:26 formal in h
-found variable vid:28 formal in i
-found variable vid:30 formal in j
-found variable vid:32 formal in k
-[do_v] vid:26 formal in h
-[do_v] vid:23 formal in g
-[do_v] vid:20 formal in f
-[do_v] vid:32 local in k
-[do_v] vid:30 local in j
-[do_v] vid:28 local in i
+found variable vid:22 formal in f
+found variable vid:25 formal in g
+found variable vid:28 formal in h
+found variable vid:30 formal in i
+found variable vid:32 formal in j
+found variable vid:34 formal in k
+[do_v] vid:28 formal in h
+[do_v] vid:25 formal in g
+[do_v] vid:22 formal in f
+[do_v] vid:34 local in k
+[do_v] vid:32 local in j
+[do_v] vid:30 local in i
diff --git a/tests/syntax/oracle/ghost_else_bad.1.err.oracle b/tests/syntax/oracle/ghost_else_bad.1.err.oracle
deleted file mode 100644
index b7f5dc572a00637862d9948bffdcdd1ccea254e5..0000000000000000000000000000000000000000
--- a/tests/syntax/oracle/ghost_else_bad.1.err.oracle
+++ /dev/null
@@ -1 +0,0 @@
-Warning: tests/syntax/ghost_else_bad.c:32: Invalid ghost else ignored
diff --git a/tests/syntax/oracle/ghost_else_bad.1.res.oracle b/tests/syntax/oracle/ghost_else_bad.1.res.oracle
index fae04332c746c2c521444309dc8b41a64d49c683..80c7b0204ac8630cb51a3316562da42c2e59c626 100644
--- a/tests/syntax/oracle/ghost_else_bad.1.res.oracle
+++ b/tests/syntax/oracle/ghost_else_bad.1.res.oracle
@@ -1,4 +1,6 @@
[kernel] Parsing tests/syntax/ghost_else_bad.c (with preprocessing)
+[kernel:ghost:bad-use] tests/syntax/ghost_else_bad.c:32:
+ Invalid ghost else ignored
/* Generated by Frama-C */
void if_ghost_else_block_bad(int x, int y)
{
diff --git a/tests/syntax/oracle/offsetof.res.oracle b/tests/syntax/oracle/offsetof.res.oracle
index ac9886f97c2ae844c60f2ab7e83ba27da8464b48..17beec4a6970464828771ccbaac05634f2b99284 100644
--- a/tests/syntax/oracle/offsetof.res.oracle
+++ b/tests/syntax/oracle/offsetof.res.oracle
@@ -1,13 +1,10 @@
[kernel] Parsing tests/syntax/offsetof.c (with preprocessing)
/* Generated by Frama-C */
#include "stddef.h"
-struct c {
- char ca ;
-};
void main(void)
{
size_t S;
- S = (unsigned int)(& ((struct c *)0)->ca);
+ S = 0U;
return;
}
diff --git a/tests/syntax/oracle/reorder.res.oracle b/tests/syntax/oracle/reorder.res.oracle
index 44b5d5c8aa5f0c844cdca1359850b5a5d45d20b7..446708bfa1ce0a04272dfc3ceb4dca721cb7b986 100644
--- a/tests/syntax/oracle/reorder.res.oracle
+++ b/tests/syntax/oracle/reorder.res.oracle
@@ -30,10 +30,10 @@ void g(void);
/*@ logic ℤ l= 1;
*/
int x;
-/*@ logic ℤ j= l;
- */
/*@ logic ℤ k= l;
*/
+/*@ logic ℤ j= l;
+ */
/*@ logic ℤ i= j + k;
*/
/*@ ensures i ≡ i; */
diff --git a/tests/syntax/oracle/signal.res.oracle b/tests/syntax/oracle/signal.res.oracle
new file mode 100644
index 0000000000000000000000000000000000000000..7f9d11fa241fd4ccaf515e7ece89f228c654d252
--- /dev/null
+++ b/tests/syntax/oracle/signal.res.oracle
@@ -0,0 +1,12 @@
+[kernel] Parsing tests/syntax/signal.c (with preprocessing)
+/* Generated by Frama-C */
+#include "signal.h"
+void f(void)
+{
+ signal(10,SIG_IGN);
+ signal(12,SIG_ERR);
+ signal(31,SIG_DFL);
+ return;
+}
+
+
diff --git a/tests/syntax/oracle/static_formals_1.res.oracle b/tests/syntax/oracle/static_formals_1.res.oracle
index 33d75e1e69f2608ecd23ae500afad522912fb7ac..94353adf96ce8cb00b16e417c838e314206f2554 100644
--- a/tests/syntax/oracle/static_formals_1.res.oracle
+++ b/tests/syntax/oracle/static_formals_1.res.oracle
@@ -1,24 +1,24 @@
[kernel] Parsing tests/syntax/static_formals_1.c (with preprocessing)
[kernel] Parsing tests/syntax/static_formals_2.c (with preprocessing)
/* Generated by Frama-C */
-/*@ requires /* vid:23, lvid:23 */x < 10; */
-static int /* vid:54 */f(int /* vid:23, lvid:23 */x);
+/*@ requires /* vid:25, lvid:25 */x < 10; */
+static int /* vid:58 */f(int /* vid:25, lvid:25 */x);
-int /* vid:28 */g(void)
+int /* vid:30 */g(void)
{
- int /* vid:29 */tmp;
- /* vid:29 */tmp = /* vid:54 */f(4);
- return /* vid:29 */tmp;
+ int /* vid:31 */tmp;
+ /* vid:31 */tmp = /* vid:58 */f(4);
+ return /* vid:31 */tmp;
}
-/*@ requires /* vid:49, lvid:49 */x < 10; */
-static int /* vid:55 */f_0(int /* vid:49, lvid:49 */x);
+/*@ requires /* vid:53, lvid:53 */x < 10; */
+static int /* vid:59 */f_0(int /* vid:53, lvid:53 */x);
-int /* vid:52 */h(void)
+int /* vid:56 */h(void)
{
- int /* vid:53 */tmp;
- /* vid:53 */tmp = /* vid:55 */f_0(6);
- return /* vid:53 */tmp;
+ int /* vid:57 */tmp;
+ /* vid:57 */tmp = /* vid:59 */f_0(6);
+ return /* vid:57 */tmp;
}
diff --git a/tests/syntax/oracle/syntactic_hook.res.oracle b/tests/syntax/oracle/syntactic_hook.res.oracle
index f91bf389edacd90454102c87b50ef336951d9660..4d15d03a3ad3423d6b318c306cfbdfe997c2aee2 100644
--- a/tests/syntax/oracle/syntactic_hook.res.oracle
+++ b/tests/syntax/oracle/syntactic_hook.res.oracle
@@ -1,22 +1,22 @@
[kernel] Parsing tests/syntax/syntactic_hook.i (no preprocessing)
[kernel] tests/syntax/syntactic_hook.i:5:
- New global node introducing identifier f(20)
+ New global node introducing identifier f(22)
[kernel] First occurrence of f
[kernel] tests/syntax/syntactic_hook.i:7:
- New global node introducing identifier k(23)
+ New global node introducing identifier k(25)
[kernel] First occurrence of k
[kernel] tests/syntax/syntactic_hook.i:9:
- New global node introducing identifier k(23)
+ New global node introducing identifier k(25)
[kernel] New occurrence of existing identifier k
[kernel] tests/syntax/syntactic_hook.i:11:
- New global node introducing identifier main(29)
+ New global node introducing identifier main(31)
[kernel] First occurrence of main
[kernel] tests/syntax/syntactic_hook.i:13:
- New global node introducing identifier t(33)
+ New global node introducing identifier t(35)
[kernel] First occurrence of t
[kernel] tests/syntax/syntactic_hook.i:13: Warning:
[SH]: definition of local function t
-[kernel] :0: New global node introducing identifier g(35)
+[kernel] :0: New global node introducing identifier g(37)
[kernel] First occurrence of g
[kernel:typing:implicit-function-declaration] tests/syntax/syntactic_hook.i:17: Warning:
Calling undeclared function g. Old style K&R code?
diff --git a/tests/syntax/oracle/undeclared_local_bts1113.res.oracle b/tests/syntax/oracle/undeclared_local_bts1113.res.oracle
index 809576ab5a896f46826575c7a6cba00ccf7a8bff..97b551d63eb90d30964fb8910c53a61c73f989fd 100644
--- a/tests/syntax/oracle/undeclared_local_bts1113.res.oracle
+++ b/tests/syntax/oracle/undeclared_local_bts1113.res.oracle
@@ -16,19 +16,25 @@ void funk(int rounds)
int i;
unsigned int __lengthof_k_long_long_size;
int k_positive_size[4 - 2];
- /*@ assert alloca_bounds: 0 < sizeof(int) * (2 * rounds) ≤ 4294967295; */
+ /*@
+ assert alloca_bounds: 0 < sizeof(int) * (int)(2 * rounds) ≤ 4294967295;
+ */
;
__lengthof_k = (unsigned int)(2 * rounds);
int *k = __fc_vla_alloc(sizeof(int) * __lengthof_k);
/*@
assert
- alloca_bounds: 0 < sizeof(int) * (unsigned int)(2 * rounds) ≤ 4294967295;
+ alloca_bounds:
+ 0 < sizeof(int) * (unsigned int)((int)(2 * rounds)) ≤ 4294967295;
*/
;
__lengthof_kk = (unsigned int)(2 * rounds);
int *kk = __fc_vla_alloc(sizeof(int) * __lengthof_kk);
long long j = (long long)(rounds * rounds);
- /*@ assert alloca_bounds: 0 < sizeof(int) * (j * 2) ≤ 4294967295; */ ;
+ /*@
+ assert alloca_bounds: 0 < sizeof(int) * (long long)(j * 2) ≤ 4294967295;
+ */
+ ;
__lengthof_k_long_long_size = (unsigned int)(j * (long long)2);
int *k_long_long_size =
__fc_vla_alloc(sizeof(int) * __lengthof_k_long_long_size);
diff --git a/tests/syntax/oracle/vla_strlen.res.oracle b/tests/syntax/oracle/vla_strlen.res.oracle
index 49dc5fb0597065d6ebcc3a9412b46b1a04719d72..0fe38231c89af62740bef5c9bca1ab60a670c39d 100644
--- a/tests/syntax/oracle/vla_strlen.res.oracle
+++ b/tests/syntax/oracle/vla_strlen.res.oracle
@@ -17,7 +17,11 @@ void f(char *s)
unsigned int __lengthof_t;
size_t tmp;
tmp = strlen((char const *)s);
- /*@ assert alloca_bounds: 0 < sizeof(char) * (tmp + 1) ≤ 4294967295; */ ;
+ /*@
+ assert
+ alloca_bounds: 0 < sizeof(char) * (unsigned int)(tmp + 1) ≤ 4294967295;
+ */
+ ;
__lengthof_t = tmp + (size_t)1;
char *t = __fc_vla_alloc(sizeof(char) * __lengthof_t);
char *p = t;
diff --git a/tests/syntax/oracle/wrong-assignment.res.oracle b/tests/syntax/oracle/wrong-assignment.res.oracle
new file mode 100644
index 0000000000000000000000000000000000000000..aba1a2ecee9a40e229449d6158e269eae7c2061f
--- /dev/null
+++ b/tests/syntax/oracle/wrong-assignment.res.oracle
@@ -0,0 +1,4 @@
+[kernel] Parsing tests/syntax/wrong-assignment.i (no preprocessing)
+[kernel] tests/syntax/wrong-assignment.i:7: Failure: castTo ebool -> _Bool
+[kernel] User Error: stopping on file "tests/syntax/wrong-assignment.i" that has errors.
+[kernel] Frama-C aborted: invalid user input.
diff --git a/tests/syntax/oracle/wrong_label.res.oracle b/tests/syntax/oracle/wrong_label.res.oracle
new file mode 100644
index 0000000000000000000000000000000000000000..b95ec14c2063a28ceb6331afc1d8f28408e29c3e
--- /dev/null
+++ b/tests/syntax/oracle/wrong_label.res.oracle
@@ -0,0 +1,10 @@
+[kernel] Parsing tests/syntax/wrong_label.i (no preprocessing)
+[kernel] tests/syntax/wrong_label.i:6:
+ syntax error:
+ Location: line 6, between columns 3 and 8, before or at token: }
+ 4
+ 5 void main() {
+ 6 {_LOR:} // KO: labels can't be at the end of a block.
+ ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+ 7 }
+[kernel] Frama-C aborted: invalid user input.
diff --git a/tests/syntax/signal.c b/tests/syntax/signal.c
new file mode 100644
index 0000000000000000000000000000000000000000..31221db005b87e67cf3ff52492ddfc6d079feb1f
--- /dev/null
+++ b/tests/syntax/signal.c
@@ -0,0 +1,7 @@
+#include <signal.h>
+
+void f() {
+ signal (SIGUSR1, SIG_IGN);
+ signal (SIGUSR2, SIG_ERR);
+ signal (SIGUNUSED, SIG_DFL);
+}
diff --git a/tests/syntax/unroll_labels.i b/tests/syntax/unroll_labels.i
index 4807505a70050da90d949df89003324420c7c7ff..4ccad645f15c61425fcf07b5c25f80d4d7bc3108 100644
--- a/tests/syntax/unroll_labels.i
+++ b/tests/syntax/unroll_labels.i
@@ -62,7 +62,7 @@ void main2 () {
i += 1;
goto foo;
i += 1;
- foo:
+ foo:;
}
}
}
@@ -76,7 +76,7 @@ void main2_done () {
i += 1;
goto foo;
i += 1;
- foo:
+ foo:;
}
}
}
@@ -99,7 +99,7 @@ void main3 (int c) {
foo:
i += 1;
}
- up:
+ up:;
}
}
diff --git a/tests/syntax/wrong-assignment.i b/tests/syntax/wrong-assignment.i
new file mode 100644
index 0000000000000000000000000000000000000000..da2a59b86aef70d1ce5cf3732635f24f7f810883
--- /dev/null
+++ b/tests/syntax/wrong-assignment.i
@@ -0,0 +1,8 @@
+typedef struct { _Bool a; } ebool;
+
+ebool b, c;
+
+void d() {
+ // this assignment should be rejected
+ c.a = b;
+}
diff --git a/tests/syntax/wrong_label.i b/tests/syntax/wrong_label.i
new file mode 100644
index 0000000000000000000000000000000000000000..90e1020b409d79ace1a1904892f8cba0dee9e883
--- /dev/null
+++ b/tests/syntax/wrong_label.i
@@ -0,0 +1,7 @@
+void f() {
+ /*@ assert \true; */
+}
+
+void main() {
+ {_LOR:} // KO: labels can't be at the end of a block.
+}
diff --git a/tests/value/domains_function.c b/tests/value/domains_function.c
new file mode 100644
index 0000000000000000000000000000000000000000..e81f3e8c8dca745264423d081f29bb7c163c5dbf
--- /dev/null
+++ b/tests/value/domains_function.c
@@ -0,0 +1,123 @@
+/* run.config*
+ STDOPT: #"-eva-domains-function symbolic-locations:infer+w,symbolic-locations:use+r,symbolic-locations:test_propagation-,symbolic-locations:enabled,symbolic-locations:disabled-,symbolic-locations:recursively_enabled+"
+*/
+
+#include <__fc_builtin.h>
+
+/* Tests the -eva-domains-function option that enables a domain for the given
+ functions. This test uses the symbolic locations domain to store the value
+ of the location t[i] where [i] is imprecise, from an assignment of t[i]
+ to a read of t[i].
+ If the domain is not enabled, the value of t[i] remains imprecise because
+ [i] is imprecise. If the domain is enabled, the value of the first assignemnt
+ is stored until the read. If the assignment and the read are in different
+ functions, the domain should also be enabled in all functions in between. */
+
+volatile int undet;
+int i, result, t[10];
+
+/* No interaction with the known properties about t[i]. */
+void nothing () {
+ int tmp = t[i] - t[0];
+}
+
+/* Modify the value of t[i]. */
+void kill () {
+ t[0] = undet;
+}
+
+/* The domain has write access on this function: it infers the value of t[i]. */
+void infer () {
+ t[i] = 42;
+}
+
+/* The domain has no write access on this function. */
+void no_infer () {
+ t[i] = 42;
+}
+
+/* The domain has read access on this function: it can use the value of t[i]. */
+void use () {
+ result = t[i];
+}
+
+/* The domain has no read access on this function. */
+void no_use () {
+ result = t[i];
+}
+
+/* Test the propagation of information about t[i] from function [infer]
+ to function [use]. All other combinations of functions should not be
+ precise. */
+void test_propagation () {
+ infer ();
+ no_use ();
+ Frama_C_show_each_top(result);
+ nothing ();
+ use ();
+ Frama_C_show_each_singleton(result);
+ kill ();
+ use ();
+ Frama_C_show_each_top(result);
+ no_infer ();
+ use ();
+ Frama_C_show_each_top(result);
+}
+
+/* The domain is enabled on this function. */
+void enabled () {
+ t[i] = 0;
+ result = t[i];
+}
+
+/* The domain is not enabled on this function. */
+void not_enabled () {
+ t[i] = 1;
+ result = t[i];
+ Frama_C_show_each_top(result);
+}
+
+/* The domain is disabled on this function. */
+void disabled () {
+ t[i] = 2;
+ result = t[i];
+ Frama_C_show_each_top(result);
+}
+
+/* Precise result only after [enabled], since it is the only function
+ where the domain is enabled. */
+void test () {
+ t[i] = 3;
+ result = t[i];
+ Frama_C_show_each_top(result);
+ enabled ();
+ Frama_C_show_each_singleton(result);
+ not_enabled ();
+ Frama_C_show_each_top(result);
+ disabled ();
+ Frama_C_show_each_top(result);
+}
+
+/* The domain is recursively enabled in this function and all functions called
+ from it: the results should be precise, except after [disabled] where the
+ domain is specifically disabled.*/
+void recursively_enabled () {
+ t[i] = 4;
+ result = t[i];
+ Frama_C_show_each_singleton(result);
+ enabled ();
+ Frama_C_show_each_singleton(result);
+ not_enabled ();
+ Frama_C_show_each_singleton(result);
+ disabled ();
+ Frama_C_show_each_top(result);
+}
+
+void main () {
+ for (int j = 0; j < 10; j++)
+ t[j] = undet;
+ i = Frama_C_interval(0,9);
+ test ();
+ recursively_enabled ();
+ test_propagation ();
+}
diff --git a/tests/value/downcast.i b/tests/value/downcast.i
index e979236ea122b6149c761eb12b5af28192441efa..6c01c21fd74573af61c929d6257ffaa1f1526bfc 100644
--- a/tests/value/downcast.i
+++ b/tests/value/downcast.i
@@ -1,5 +1,9 @@
/* run.config*
- STDOPT: +"-load-module report -report -warn-signed-downcast -lib-entry -print -then -no-warn-signed-downcast -warn-unsigned-downcast -then -no-warn-unsigned-downcast -eva-warn-signed-converted-downcast -then -main main5_wrap_signed -slevel 2 -no-print"
+ STDOPT: +"-lib-entry -no-warn-signed-downcast -no-warn-unsigned-downcast -warn-pointer-downcast -eva-slevel-function main5_wrap_signed:2"
+ STDOPT: +"-lib-entry -warn-signed-downcast -no-warn-unsigned-downcast -warn-pointer-downcast"
+ STDOPT: +"-lib-entry -no-warn-signed-downcast -warn-unsigned-downcast -warn-pointer-downcast"
+ STDOPT: +"-lib-entry -no-warn-signed-downcast -no-warn-unsigned-downcast -warn-pointer-downcast -eva-warn-signed-converted-downcast"
+ STDOPT: +"-lib-entry -no-warn-signed-downcast -no-warn-unsigned-downcast -no-warn-pointer-downcast"
*/
signed char sx,sy,sz;
diff --git a/tests/value/invalid_pointer.c b/tests/value/invalid_pointer.c
new file mode 100644
index 0000000000000000000000000000000000000000..09d7babf80b362a87d2dbe5971abb916271f240a
--- /dev/null
+++ b/tests/value/invalid_pointer.c
@@ -0,0 +1,183 @@
+/* run.config*
+ STDOPT: +"-warn-invalid-pointer -absolute-valid-range=10-30"
+ STDOPT: +"-no-warn-invalid-pointer -absolute-valid-range=10-30"
+*/
+
+#include <__fc_builtin.h>
+#include <stdint.h>
+#include <signal.h>
+
+/* Tests the emission of \object_pointer alarms when -warn-invalid-pointer
+ is enabled. The second run should emit no alarm. */
+
+volatile int undet;
+
+/* Simple pointer computations. */
+void pointer_computation () {
+ int x;
+ int *p = &x;
+ if (undet)
+ p--; // Red alarm.
+ p++; // No alarm.
+ if (undet)
+ p++; // Red alarm.
+ int i = undet;
+ p += i; // Unknown alarm. [i] should be reduced to {-1, 0}.
+ int j = undet;
+ p -= j; // Unknown alarm. [j] should be reduced to {-1, 0, 1}.
+ p --; // Unknown alarm. [p] should be exactly {&x}.
+ int array[25];
+ int *q = undet ? &x : &array[0];
+ int offset1 = Frama_C_interval(0, 10);
+ q += offset1; // Unknown alarm. [offset1] should not be reduced.
+ int offset2 = Frama_C_interval(0, 50);
+ q += offset2; // Unknown alarm. [offset2] should be reduced to [0..25].
+ q += 0; // No alarm.
+}
+
+/* Increment or decrement pointers in loops. */
+void pointer_in_loops () {
+ int t[128];
+ int *p = &t[0];
+ /*@ loop unroll 128; */
+ for (int i = 0; i < 128; i++) {
+ *p = i;
+ p++; // No alarm.
+ }
+ if (undet) {
+ int *q = &t[127];
+ /*@ loop unroll 128; */
+ for (int i = 0; i < 128; i++) {
+ *q = i;
+ q--; // Alarm in the last iteration: q points to t[-1].
+ }
+ Frama_C_show_each_bottom(q); // Should not be reached.
+ }
+}
+
+/* Conversion integer -> pointer. */
+void int_conversion () {
+ int x, *p;
+ p = (int *)0; // NULL pointer: always ok.
+ p = (int *) 20; // Inside -absolute-valid-range: no alarms.
+ if (undet) {
+ p = (int *) 42; // Outside -absolute-valid-range: red alarm.
+ }
+ x = Frama_C_interval(15, 25);
+ p = (int *) x; // Inside -absolute-valid-range: no alarms.
+ x = Frama_C_interval(100, 500);
+ if (undet) {
+ p = (int *) x; // Outside -absolute-valid-range: red alarm.
+ }
+ x = Frama_C_interval(15, 100);
+ p = (int *) x; // Unknown alarm. [x] should be reduced to [15..31].
+ p = (int *) undet; // Unknown alarm. [p] should be have value in [0..31].
+}
+
+void addrof () {
+ int a[10], *p;
+ p = &(a[0]);
+ p = &(a[10]);
+ if (undet)
+ p = &(a[11]); // Invalid alarm
+ if (undet)
+ p = &(a[-1]); // Invalid alarm
+ int offset = undet;
+ p = &(a[offset]); /* Unknown alarm. [offset] should be reduced to [0..10]. */
+}
+
+typedef union {
+ uintptr_t integer;
+ int *pointer;
+} ptr_union;
+
+/* Creates invalid pointers through an union. */
+void union_pointer () {
+ int *p;
+ ptr_union u;
+ u.integer = 0;
+ p = u.pointer; // No alarm.
+ if (undet) {
+ u.integer = 42;
+ p = u.pointer; // Red alarm.
+ }
+ u.integer = undet;
+ p = u.pointer; // Unknown alarm. [u.integer] should be reduced to [0..31].
+}
+
+/* Creates invalid pointers through untyped writes. */
+void write_pointer () {
+ int x;
+ int *p = 0;
+ *((uintptr_t *) &p) = &x;
+ int *q = p; // No alarm.
+ *((uintptr_t *) &p) = (uintptr_t)p + undet;
+ q = p; // Unknown alarm.
+ *((uintptr_t *) &p) = 42;
+ if (undet) {
+ q = p; // Red alarm.
+ }
+}
+
+/* Tests the evaluation of the logical predicate \object_pointer when
+ -warn-invalid-pointer is disabled. */
+void object_pointer_predicate () {
+ int x, array[64];
+ int *p = &x;
+ /*@ assert \object_pointer(p); */
+ if (undet) {
+ p--;
+ /*@ assert \object_pointer(p); */
+ }
+ p++;
+ /*@ assert \object_pointer(p); */
+ if (undet) {
+ p++;
+ /*@ assert \object_pointer(p); */
+ }
+ p += undet;
+ /*@ assert \object_pointer(p); */
+ /*@ assert \object_pointer(p); */
+ Frama_C_show_each_object_pointer(p);
+ p = (int *)((uintptr_t)&x + undet);
+ /*@ assert \object_pointer(p); */
+ /*@ assert \object_pointer(p); */
+ Frama_C_show_each_object_pointer_char(p);
+ int i = Frama_C_interval(0, 20);
+ p = undet ? &x : &array[i];
+ /*@ assert \object_pointer(p); */
+ p += i;
+ /*@ assert \object_pointer(p); */
+ p += undet;
+ /*@ assert \object_pointer(p); */
+ Frama_C_show_each_object_pointer_array(p);
+ p = (int *) 0;
+ /*@ assert \object_pointer(p); */
+ if (undet)
+ p = (int *) 20;
+ /*@ assert \object_pointer(p); */
+ if (undet)
+ p = (int *) 50;
+ /*@ assert \object_pointer(p); */
+ p = (int *) undet;
+ /*@ assert \object_pointer(p); */
+ if (undet) {
+ p = (int *) 100;
+ /*@ assert \object_pointer(p); */
+ }
+}
+
+
+void main () {
+ pointer_computation ();
+ pointer_in_loops ();
+ int_conversion ();
+ addrof ();
+ union_pointer ();
+ write_pointer ();
+ object_pointer_predicate ();
+ // should not emit an alarm
+ signal (SIGUSR1, SIG_IGN);
+ signal (SIGUSR2, SIG_ERR);
+ signal (SIGUNUSED, SIG_DFL);
+}
diff --git a/tests/value/loop_array.i b/tests/value/loop_array.i
index 9a279023fb65135b0907c6b0b0fbfd10e1ca3cb1..5d644af2bb682ddbfae9659eb35fc5f6e00b38e2 100644
--- a/tests/value/loop_array.i
+++ b/tests/value/loop_array.i
@@ -19,5 +19,5 @@ void main () {
if (i == 400)
goto l_end_loop;
}
- l_end_loop:
+ l_end_loop:;
}
diff --git a/tests/value/loop_join.i b/tests/value/loop_join.i
index 2abaeb65fcccff5c539622d0d9c12c7e5d30b087..19bcb4fc323b60b14d555336a8235f0124170db8 100644
--- a/tests/value/loop_join.i
+++ b/tests/value/loop_join.i
@@ -12,5 +12,5 @@ void main () {
if (i == 400)
goto l_end_loop;
}
- l_end_loop:
+ l_end_loop:;
}
diff --git a/tests/value/memexec.c b/tests/value/memexec.c
index 092a4180c8d9bd12273d3f94530dbd05ff74581a..36b1a450f3bf5c18f1fd93e513a762d7d41802e8 100644
--- a/tests/value/memexec.c
+++ b/tests/value/memexec.c
@@ -2,7 +2,7 @@
STDOPT: #" -no-eva -rte-select fbug -rte -then -eva"
*/
-int x1, y1, z1; volatile int c;
+int x1, y1, z1, z2; volatile int c, nondet;
void f11() {
x1 = 1;
@@ -111,7 +111,7 @@ void f5() {
g_f5_2 = c;
arg = c;
f5_aux(arg);
- Frama_C_show_each_f5(arg, g_f5_1, g_f5_2); // Cache, but reduce g_f5_* and arg after the call. Currently does not work for g_f5_1, because dependencies are not taken into account
+ Frama_C_show_each_f5(arg, g_f5_1, g_f5_2); // Cache, but reduce g_f5_* and arg after the call.
}
struct two_fields { int x; int y; } two_fields;
@@ -150,6 +150,41 @@ void f8() {
f8_1(&x);
}
+void f9_1() {
+ /*@ assert z2 == 0; */
+}
+
+void f9_2() {
+ /*@ assert \valid(p); */
+}
+
+void f9_3() {
+ /*@ assert \initialized(p); */
+}
+
+void f9_4() {
+ /*@ assert \at(z2, Pre) > 0; */
+}
+
+void f9() {
+ z2 = 1;
+ if (nondet) f9_1(); // Non terminating.
+ z2 = 0;
+ f9_1(); // This call must be terminating.
+ int x;
+ p = 0;
+ if (nondet) f9_2(); // Non terminating.
+ p = &x;
+ f9_2(); // This call must be terminating.
+ if (nondet) f9_3(); // Non terminating.
+ x = 1;
+ f9_3(); // This call must be terminating.
+ z2 = 0;
+ if (nondet) f9_4(); // Non terminating.
+ z2 = 1;
+ f9_4(); // This call must be terminating.
+}
+
void main () {
f1 ();
f2 ();
@@ -160,4 +195,5 @@ void main () {
f6();
f7();
f8();
+ f9();
}
diff --git a/tests/value/numerors/oracle/numerors.res.oracle b/tests/value/numerors/oracle/numerors.res.oracle
index 96be7457bfd14f6f6707c210dea5bd6fd6bdb68a..6dc3b08df0fc2ca71334cb216a60933a004fa328 100644
--- a/tests/value/numerors/oracle/numerors.res.oracle
+++ b/tests/value/numerors/oracle/numerors.res.oracle
@@ -1,10 +1,10 @@
-[eva:experimental] Warning: The numerors domain is experimental.
[kernel] Parsing tests/value/numerors/numerors.c (with preprocessing)
[kernel:parser:decimal-float] tests/value/numerors/numerors.c:24: Warning:
Floating-point constant 0.69314718056 is not represented exactly. Will use 0x1.62e42fefa3bdcp-1.
(warn-once: no further messages from category 'parser:decimal-float' will be emitted)
[kernel:typing:implicit-function-declaration] tests/value/numerors/numerors.c:246: Warning:
Calling undeclared function DPRINTFrama_C_domain_show_each_ex10. Old style K&R code?
+[eva:experimental] Warning: The numerors domain is experimental.
[eva] Analyzing a complete application starting at main
[eva] Computing initial state
[eva] Initial state computed
@@ -298,7 +298,7 @@
In these functions, 257 statements reached (out of 257): 100% coverage.
----------------------------------------------------------------------------
Some errors and warnings have been raised during the analysis:
- by the Eva analyzer: 0 errors 0 warnings
+ by the Eva analyzer: 0 errors 1 warning
by the Frama-C kernel: 0 errors 3 warnings
----------------------------------------------------------------------------
0 alarms generated by the analysis.
diff --git a/tests/value/oracle/CruiseControl.res.oracle b/tests/value/oracle/CruiseControl.res.oracle
index f7ec6058482ccd412e0d0ba211c2ec94993c08a5..42ea97e36d2fe6087189c3437ab4719b952c7a8d 100644
--- a/tests/value/oracle/CruiseControl.res.oracle
+++ b/tests/value/oracle/CruiseControl.res.oracle
@@ -37,17 +37,19 @@
Called from tests/value/CruiseControl.c:242.
[eva:alarm] tests/value/CruiseControl.c:172: Warning:
non-finite float value.
- assert \is_finite((float)(_C_->_L1_CruiseControl - _C_->_L2_CruiseControl));
+ assert
+ \is_finite(\sub_float(_C_->_L1_CruiseControl, _C_->_L2_CruiseControl));
[eva:alarm] tests/value/CruiseControl.c:175: Warning:
non-finite float value.
- assert \is_finite((float)(_C_->_L3_CruiseControl * _C_->_L6_CruiseControl));
+ assert
+ \is_finite(\mul_float(_C_->_L3_CruiseControl, _C_->_L6_CruiseControl));
[eva:alarm] tests/value/CruiseControl.c:194: Warning:
non-finite float value.
assert
- \is_finite((float)(_C_->_L16_CruiseControl + _C_->_L18_CruiseControl));
+ \is_finite(\add_float(_C_->_L16_CruiseControl, _C_->_L18_CruiseControl));
[eva:alarm] tests/value/CruiseControl.c:199: Warning:
non-finite float value.
- assert \is_finite((float)(_C_->ProportionnalAction + _C_->IntegralAction));
+ assert \is_finite(\add_float(_C_->ProportionnalAction, _C_->IntegralAction));
[eva] computing for function SaturateThrottle <- ThrottleRegulation <-
ThrottleCmd <- CruiseControl.
Called from tests/value/CruiseControl.c:202.
diff --git a/tests/value/oracle/addition.res.oracle b/tests/value/oracle/addition.res.oracle
index f601e53058bff5ba8712b59c7b0ce069bfa7a1b4..1fe41a6755acb70d209f28f6fe3f44444cfd61d9 100644
--- a/tests/value/oracle/addition.res.oracle
+++ b/tests/value/oracle/addition.res.oracle
@@ -59,27 +59,56 @@
[eva] tests/value/addition.i:34:
Assigning imprecise value to p1.
The imprecision originates from Arithmetic {tests/value/addition.i:34}
+[eva:alarm] tests/value/addition.i:36: Warning:
+ pointer downcast. assert (unsigned int)(&p1) ≤ 2147483647;
[eva] tests/value/addition.i:36:
Assigning imprecise value to p2.
The imprecision originates from Arithmetic {tests/value/addition.i:36}
+[eva:alarm] tests/value/addition.i:38: Warning:
+ pointer downcast. assert (unsigned int)(&p1) ≤ 127;
+[eva:alarm] tests/value/addition.i:38: Warning:
+ pointer downcast. assert (unsigned int)(&t[(char)(&p1)]) ≤ 2147483647;
[eva] tests/value/addition.i:38:
Assigning imprecise value to p3.
The imprecision originates from Arithmetic {tests/value/addition.i:38}
+[eva:alarm] tests/value/addition.i:40: Warning:
+ pointer downcast. assert (unsigned int)(&p1) ≤ 127;
+[eva:alarm] tests/value/addition.i:40: Warning:
+ pointer downcast. assert (unsigned int)(&tt[(char)(&p1)].a) ≤ 2147483647;
[eva] tests/value/addition.i:40:
Assigning imprecise value to p4.
The imprecision originates from Arithmetic {tests/value/addition.i:40}
+[eva:alarm] tests/value/addition.i:42: Warning:
+ pointer downcast. assert (unsigned int)(&p1) ≤ 127;
+[eva:alarm] tests/value/addition.i:42: Warning:
+ pointer downcast. assert (unsigned int)(&p2) ≤ 127;
+[eva:alarm] tests/value/addition.i:42: Warning:
+ pointer downcast.
+ assert (unsigned int)(&ttt[(char)(&p1)][(char)(&p2)]) ≤ 2147483647;
[eva] tests/value/addition.i:42:
Assigning imprecise value to p5.
The imprecision originates from Arithmetic {tests/value/addition.i:42}
+[eva:alarm] tests/value/addition.i:44: Warning:
+ pointer downcast. assert (unsigned int)(&p1) ≤ 127;
+[eva:alarm] tests/value/addition.i:44: Warning:
+ pointer downcast.
+ assert (unsigned int)(&ttt[(char)(&p1)][u2]) ≤ 2147483647;
[eva] tests/value/addition.i:44:
Assigning imprecise value to p6.
The imprecision originates from Arithmetic {tests/value/addition.i:44}
+[eva:alarm] tests/value/addition.i:46: Warning:
+ pointer downcast. assert (unsigned int)(&p2) ≤ 127;
+[eva:alarm] tests/value/addition.i:46: Warning:
+ pointer downcast.
+ assert (unsigned int)(&ttt[u2][(char)(&p2)]) ≤ 2147483647;
[eva] tests/value/addition.i:46:
Assigning imprecise value to p7.
The imprecision originates from Arithmetic {tests/value/addition.i:46}
[eva:alarm] tests/value/addition.i:48: Warning:
pointer comparison.
assert \pointer_comparable((void *)(&p1 + 1), (void *)(&p2));
+[eva:alarm] tests/value/addition.i:50: Warning:
+ pointer downcast. assert (unsigned int)(&p1) ≤ 2147483647;
[eva:alarm] tests/value/addition.i:50: Warning:
signed overflow. assert -2147483648 ≤ (int)(&p1) / 2;
[eva:alarm] tests/value/addition.i:50: Warning:
@@ -87,9 +116,15 @@
[eva] tests/value/addition.i:50:
Assigning imprecise value to p9.
The imprecision originates from Arithmetic {tests/value/addition.i:50}
+[eva:alarm] tests/value/addition.i:52: Warning:
+ pointer downcast. assert (unsigned int)(&p1) ≤ 2147483647;
[eva] tests/value/addition.i:52:
Assigning imprecise value to p10.
The imprecision originates from Arithmetic {tests/value/addition.i:52}
+[eva:alarm] tests/value/addition.i:56: Warning:
+ pointer downcast. assert (unsigned int)(&p1) ≤ 2147483647;
+[eva:alarm] tests/value/addition.i:56: Warning:
+ pointer downcast. assert (unsigned int)(&p2) ≤ 2147483647;
[eva] tests/value/addition.i:56:
Assigning imprecise value to p12.
The imprecision originates from Arithmetic {tests/value/addition.i:56}
@@ -130,7 +165,7 @@
{{ garbled mix of &{p1} (origin: Arithmetic {tests/value/addition.i:56}) }}
{{ garbled mix of &{p1} (origin: Misaligned {tests/value/addition.i:59}) }}
{{ garbled mix of &{p1} (origin: Misaligned {tests/value/addition.i:61}) }}
-[scope:rm_asserts] removing 2 assertion(s)
+[scope:rm_asserts] removing 9 assertion(s)
[eva] ====== VALUES COMPUTED ======
[eva:final-states] Values at end of function main:
t[0] ∈ {0}
@@ -323,13 +358,48 @@
signed overflow. assert -2147483648 ≤ &p2 - &p3;
[eva:alarm] tests/value/addition.i:34: Warning:
signed overflow. assert &p2 - &p3 ≤ 2147483647;
+[eva:alarm] tests/value/addition.i:36: Warning:
+ pointer downcast. assert (unsigned int)(&p1) ≤ 2147483647;
+[eva:alarm] tests/value/addition.i:38: Warning:
+ pointer downcast. assert (unsigned int)(&p1) ≤ 127;
+[eva:alarm] tests/value/addition.i:38: Warning:
+ pointer downcast. assert (unsigned int)(&t[(char)(&p1)]) ≤ 2147483647;
+[eva:alarm] tests/value/addition.i:40: Warning:
+ pointer downcast. assert (unsigned int)(&p1) ≤ 127;
+[eva:alarm] tests/value/addition.i:40: Warning:
+ pointer downcast. assert (unsigned int)(&tt[(char)(&p1)].a) ≤ 2147483647;
+[eva:alarm] tests/value/addition.i:42: Warning:
+ pointer downcast. assert (unsigned int)(&p1) ≤ 127;
+[eva:alarm] tests/value/addition.i:42: Warning:
+ pointer downcast. assert (unsigned int)(&p2) ≤ 127;
+[eva:alarm] tests/value/addition.i:42: Warning:
+ pointer downcast.
+ assert (unsigned int)(&ttt[(char)(&p1)][(char)(&p2)]) ≤ 2147483647;
+[eva:alarm] tests/value/addition.i:44: Warning:
+ pointer downcast. assert (unsigned int)(&p1) ≤ 127;
+[eva:alarm] tests/value/addition.i:44: Warning:
+ pointer downcast.
+ assert (unsigned int)(&ttt[(char)(&p1)][u2]) ≤ 2147483647;
+[eva:alarm] tests/value/addition.i:46: Warning:
+ pointer downcast. assert (unsigned int)(&p2) ≤ 127;
+[eva:alarm] tests/value/addition.i:46: Warning:
+ pointer downcast.
+ assert (unsigned int)(&ttt[u2][(char)(&p2)]) ≤ 2147483647;
[eva:alarm] tests/value/addition.i:48: Warning:
pointer comparison.
assert \pointer_comparable((void *)(&p1 + 1), (void *)(&p2));
+[eva:alarm] tests/value/addition.i:50: Warning:
+ pointer downcast. assert (unsigned int)(&p1) ≤ 2147483647;
[eva:alarm] tests/value/addition.i:50: Warning:
signed overflow. assert -2147483648 ≤ (int)(&p1) / 2;
[eva:alarm] tests/value/addition.i:50: Warning:
signed overflow. assert (int)(&p1) / 2 ≤ 2147483647;
+[eva:alarm] tests/value/addition.i:52: Warning:
+ pointer downcast. assert (unsigned int)(&p1) ≤ 2147483647;
+[eva:alarm] tests/value/addition.i:56: Warning:
+ pointer downcast. assert (unsigned int)(&p1) ≤ 2147483647;
+[eva:alarm] tests/value/addition.i:56: Warning:
+ pointer downcast. assert (unsigned int)(&p2) ≤ 2147483647;
[eva:alarm] tests/value/addition.i:59: Warning:
signed overflow. assert -2147483648 ≤ (int)*((char *)(&q1)) + 2;
[eva:alarm] tests/value/addition.i:59: Warning:
@@ -360,7 +430,7 @@
{{ garbled mix of &{p1} (origin: Arithmetic {tests/value/addition.i:56}) }}
{{ garbled mix of &{p1} (origin: Misaligned {tests/value/addition.i:59}) }}
{{ garbled mix of &{p1} (origin: Misaligned {tests/value/addition.i:61}) }}
-[scope:rm_asserts] removing 2 assertion(s)
+[scope:rm_asserts] removing 9 assertion(s)
[eva] ====== VALUES COMPUTED ======
[eva:final-states] Values at end of function main:
t[0] ∈ {0}
diff --git a/tests/value/oracle/align_char_array.res.oracle b/tests/value/oracle/align_char_array.res.oracle
index 82c0a105954556053c32fb592300ec24255c11b1..3383a7f5af11c33a0b49deb33113bdbf7543ac0f 100644
--- a/tests/value/oracle/align_char_array.res.oracle
+++ b/tests/value/oracle/align_char_array.res.oracle
@@ -15,25 +15,41 @@
overlapread2 ∈ {0}
overlapread3 ∈ {0}
overlapread4 ∈ {0}
+[eva:alarm] tests/value/align_char_array.c:21: Warning:
+ pointer downcast. assert (unsigned int)(&S.a) ≤ 2147483647;
+[eva:alarm] tests/value/align_char_array.c:21: Warning:
+ pointer downcast. assert (unsigned int)(&S.c) ≤ 2147483647;
+[eva:alarm] tests/value/align_char_array.c:23: Warning:
+ pointer downcast. assert (unsigned int)(&t[2][2]) ≤ 2147483647;
+[eva:alarm] tests/value/align_char_array.c:23: Warning:
+ pointer downcast. assert (unsigned int)(&t[0][0]) ≤ 2147483647;
+[eva:alarm] tests/value/align_char_array.c:25: Warning:
+ pointer downcast. assert (unsigned int)((char (*)[10])t) ≤ 2147483647;
[eva:alarm] tests/value/align_char_array.c:25: Warning:
signed overflow. assert -2147483648 ≤ (int)((char (*)[10])t) + 3;
[eva:alarm] tests/value/align_char_array.c:25: Warning:
signed overflow. assert (int)((char (*)[10])t) + 3 ≤ 2147483647;
+[eva:alarm] tests/value/align_char_array.c:26: Warning:
+ pointer downcast. assert (unsigned int)((char (*)[10])t) ≤ 2147483647;
[eva:alarm] tests/value/align_char_array.c:26: Warning:
signed overflow. assert -2147483648 ≤ (int)((char (*)[10])t) + 3;
[eva:alarm] tests/value/align_char_array.c:26: Warning:
signed overflow. assert (int)((char (*)[10])t) + 3 ≤ 2147483647;
+[eva:alarm] tests/value/align_char_array.c:27: Warning:
+ pointer downcast. assert (unsigned int)((char (*)[10])t) ≤ 2147483647;
[eva:alarm] tests/value/align_char_array.c:27: Warning:
signed overflow. assert -2147483648 ≤ (int)((char (*)[10])t) + 2;
[eva:alarm] tests/value/align_char_array.c:27: Warning:
signed overflow. assert (int)((char (*)[10])t) + 2 ≤ 2147483647;
+[eva:alarm] tests/value/align_char_array.c:28: Warning:
+ pointer downcast. assert (unsigned int)((char (*)[10])t) ≤ 2147483647;
[eva:alarm] tests/value/align_char_array.c:28: Warning:
signed overflow. assert -2147483648 ≤ (int)((char (*)[10])t) + 2;
[eva:alarm] tests/value/align_char_array.c:28: Warning:
signed overflow. assert (int)((char (*)[10])t) + 2 ≤ 2147483647;
[eva] Recording results for main
[eva] done for function main
-[scope:rm_asserts] removing 4 assertion(s)
+[scope:rm_asserts] removing 7 assertion(s)
[eva] ====== VALUES COMPUTED ======
[eva:final-states] Values at end of function main:
d1 ∈ {1}
diff --git a/tests/value/oracle/arith_pointer.res.oracle b/tests/value/oracle/arith_pointer.res.oracle
index 3ec14d1a31c7604387924f3f8ca5d8de5a3c1bad..a09c922b6d3924e3f74da13fa331a48dc6afe907 100644
--- a/tests/value/oracle/arith_pointer.res.oracle
+++ b/tests/value/oracle/arith_pointer.res.oracle
@@ -22,6 +22,8 @@
[eva:alarm] tests/value/arith_pointer.c:51: Warning:
pointer subtraction. assert \base_addr(p2) ≡ \base_addr(p2);
[eva] tests/value/arith_pointer.c:52: Frama_C_show_each: {0}
+[eva:alarm] tests/value/arith_pointer.c:54: Warning:
+ pointer downcast. assert (unsigned int)(&x) ≤ 2147483647;
[eva] tests/value/arith_pointer.c:54:
Assigning imprecise value to p1.
The imprecision originates from Arithmetic {tests/value/arith_pointer.c:54}
@@ -148,6 +150,8 @@
Frama_C_show_each:
{{ garbled mix of &{x; y}
(origin: Arithmetic {tests/value/arith_pointer.c:51}) }}
+[eva:alarm] tests/value/arith_pointer.c:54: Warning:
+ pointer downcast. assert (unsigned int)(&x) ≤ 2147483647;
[eva:alarm] tests/value/arith_pointer.c:56: Warning:
signed overflow. assert -2147483648 ≤ p2 - p1;
[eva:alarm] tests/value/arith_pointer.c:56: Warning:
diff --git a/tests/value/oracle/array_ptr.res.oracle b/tests/value/oracle/array_ptr.res.oracle
index 76ce304e41df77b747b0ad233ff3d1dc8d01b778..8599de4e4af9da144bcf4e997d7be8c9348c5b49 100644
--- a/tests/value/oracle/array_ptr.res.oracle
+++ b/tests/value/oracle/array_ptr.res.oracle
@@ -6,6 +6,8 @@
G ∈ {1}
l[0] ∈ {1}
[1..19] ∈ {0}
+[eva:alarm] tests/value/array_ptr.i:14: Warning:
+ pointer downcast. assert (unsigned int)(&l) ≤ 2147483647;
[eva] computing for function f <- main.
Called from tests/value/array_ptr.i:15.
[eva] Recording results for f
diff --git a/tests/value/oracle/assigns.res.oracle b/tests/value/oracle/assigns.res.oracle
index 0edee1de714cdb4506cf8068125b5fb063ed94e1..4cfd1aeca7a34e5f4825e3efdf9dade3a7e01e54 100644
--- a/tests/value/oracle/assigns.res.oracle
+++ b/tests/value/oracle/assigns.res.oracle
@@ -44,6 +44,8 @@
[eva] computing for function f <- main1 <- main.
Called from tests/value/assigns.i:49.
[eva] Done for function f
+[eva:alarm] tests/value/assigns.i:51: Warning:
+ pointer downcast. assert (unsigned int)(&T) ≤ 2147483647;
[eva:alarm] tests/value/assigns.i:51: Warning:
signed overflow. assert -2147483648 ≤ 2 * (int)(&T);
[eva:alarm] tests/value/assigns.i:51: Warning:
@@ -52,6 +54,8 @@
Called from tests/value/assigns.i:51.
[eva] using specification for function g
[eva] Done for function g
+[eva:alarm] tests/value/assigns.i:52: Warning:
+ pointer downcast. assert (unsigned int)(&t3) ≤ 2147483647;
[eva:alarm] tests/value/assigns.i:52: Warning:
signed overflow. assert -2147483648 ≤ 2 * (int)(&t3);
[eva:alarm] tests/value/assigns.i:52: Warning:
@@ -931,9 +935,11 @@ void main1(void)
i ++;
}
}
+ /*@ assert Eva: pointer_downcast: (unsigned int)(&T) ≤ 2147483647; */
/*@ assert Eva: signed_overflow: -2147483648 ≤ 2 * (int)(&T); */
/*@ assert Eva: signed_overflow: 2 * (int)(&T) ≤ 2147483647; */
g(2 * (int)(& T));
+ /*@ assert Eva: pointer_downcast: (unsigned int)(&t3) ≤ 2147483647; */
/*@ assert Eva: signed_overflow: -2147483648 ≤ 2 * (int)(&t3); */
/*@ assert Eva: signed_overflow: 2 * (int)(&t3) ≤ 2147483647; */
h((int *)(2 * (int)(& t3)));
diff --git a/tests/value/oracle/bitfield.res.oracle b/tests/value/oracle/bitfield.res.oracle
index 05b0967b0520a71f78f122b82d7b572800408561..0ae5f0394606e216870ff0d5c5f4fe947f103d98 100644
--- a/tests/value/oracle/bitfield.res.oracle
+++ b/tests/value/oracle/bitfield.res.oracle
@@ -28,9 +28,13 @@
Called from tests/value/bitfield.i:164.
[eva] tests/value/bitfield.i:113: Frama_C_show_each: {1}
[eva] tests/value/bitfield.i:117: Frama_C_show_each: {3}
+[eva:alarm] tests/value/bitfield.i:123: Warning:
+ pointer downcast. assert (unsigned int)(&v) ≤ 2147483647;
[eva] tests/value/bitfield.i:123:
Assigning imprecise value to v.c.
The imprecision originates from Arithmetic {tests/value/bitfield.i:123}
+[eva:alarm] tests/value/bitfield.i:124: Warning:
+ pointer downcast. assert (unsigned int)(&v + 1) ≤ 2147483647;
[eva:alarm] tests/value/bitfield.i:125: Warning:
signed overflow. assert -2147483648 ≤ (int)v.d + 1;
[eva:alarm] tests/value/bitfield.i:125: Warning:
@@ -77,6 +81,8 @@
signed overflow. assert -2147483648 ≤ foo + foo;
[eva:alarm] tests/value/bitfield.i:129: Warning:
signed overflow. assert foo + foo ≤ 2147483647;
+[eva:alarm] tests/value/bitfield.i:130: Warning:
+ pointer downcast. assert (unsigned int)(&v + 1) ≤ 2147483647;
[eva] tests/value/bitfield.i:130:
Assigning imprecise value to h.c.
The imprecision originates from Arithmetic {tests/value/bitfield.i:130}
@@ -207,6 +213,7 @@
[eva] done for function main
[eva] tests/value/bitfield.i:102:
assertion 'Eva,initialization' got final status invalid.
+[scope:rm_asserts] removing 1 assertion(s)
[eva] ====== VALUES COMPUTED ======
[eva:final-states] Values at end of function char_short:
S.c ∈ {1}
@@ -550,7 +557,9 @@ void main_old(void)
else Frama_C_show_each(3);
VV = (unsigned int)h.a;
h.a = (unsigned int __attribute__((__FRAMA_C_BITFIELD_SIZE__(2))))VV;
+ /*@ assert Eva: pointer_downcast: (unsigned int)(&v) ≤ 2147483647; */
v.c = (int __attribute__((__FRAMA_C_BITFIELD_SIZE__(22))))((int)(& v));
+ /*@ assert Eva: pointer_downcast: (unsigned int)(&v + 1) ≤ 2147483647; */
v.d = (int __attribute__((__FRAMA_C_BITFIELD_SIZE__(32))))((int)(& v + 1));
/*@ assert Eva: signed_overflow: -2147483648 ≤ (int)v.d + 1; */
/*@ assert Eva: signed_overflow: (int)v.d + 1 ≤ 2147483647; */
@@ -561,6 +570,7 @@ void main_old(void)
/*@ assert Eva: signed_overflow: -2147483648 ≤ foo + foo; */
/*@ assert Eva: signed_overflow: foo + foo ≤ 2147483647; */
h.b = (int __attribute__((__FRAMA_C_BITFIELD_SIZE__(4))))(((foo + foo) + (int)h.a) + (int)h.b);
+ /*@ assert Eva: pointer_downcast: (unsigned int)(&v + 1) ≤ 2147483647; */
h.c = (int __attribute__((__FRAMA_C_BITFIELD_SIZE__(22))))((int)(& v + 1));
k8.b = (int __attribute__((__FRAMA_C_BITFIELD_SIZE__(4))))8;
tmp = return_8();
diff --git a/tests/value/oracle/bitwise_pointer.res.oracle b/tests/value/oracle/bitwise_pointer.res.oracle
index c1a1f86bba18a08385a94aab5c3509196a363c36..878fa04174a2301232dcc5fab79671c8cfad0fe8 100644
--- a/tests/value/oracle/bitwise_pointer.res.oracle
+++ b/tests/value/oracle/bitwise_pointer.res.oracle
@@ -29,11 +29,15 @@
[10..99] ∈ {0}
p1 ∈ {0}
x1 ∈ {0}
+[eva:alarm] tests/value/bitwise_pointer.i:18: Warning:
+ pointer downcast. assert (unsigned int)(&t[7]) ≤ 2147483647;
[eva] tests/value/bitwise_pointer.i:18:
Assigning imprecise value to p.
The imprecision originates from Arithmetic {tests/value/bitwise_pointer.i:18}
[eva:alarm] tests/value/bitwise_pointer.i:19: Warning:
out of bounds write. assert \valid(p);
+[eva:alarm] tests/value/bitwise_pointer.i:22: Warning:
+ pointer downcast. assert (unsigned int)(&t1[mask]) ≤ 2147483647;
[eva] tests/value/bitwise_pointer.i:22:
Assigning imprecise value to p1.
The imprecision originates from Arithmetic {tests/value/bitwise_pointer.i:22}
diff --git a/tests/value/oracle/bts1306.res.oracle b/tests/value/oracle/bts1306.res.oracle
index cae97e181bce3b4cd4ec6d54740d1865ca77e109..f0036f751b5313034ee6be275ecd516dc6b0d154 100644
--- a/tests/value/oracle/bts1306.res.oracle
+++ b/tests/value/oracle/bts1306.res.oracle
@@ -7,7 +7,7 @@
[eva] computing for function g <- main.
Called from tests/value/bts1306.i:9.
[eva:alarm] tests/value/bts1306.i:5: Warning:
- non-finite double value. assert \is_finite((double)(x * x));
+ non-finite double value. assert \is_finite(\mul_double(x, x));
[eva] Recording results for g
[eva] Done for function g
[eva] Recording results for main
@@ -20,7 +20,7 @@
/* Generated by Frama-C */
void g(double x)
{
- /*@ assert Eva: is_nan_or_infinite: \is_finite((double)(x * x)); */
+ /*@ assert Eva: is_nan_or_infinite: \is_finite(\mul_double(x, x)); */
double y = x * x;
return;
}
@@ -42,7 +42,7 @@ int main(double x)
[eva] computing for function g <- main.
Called from tests/value/bts1306.i:9.
[eva:alarm] tests/value/bts1306.i:5: Warning:
- non-finite double value. assert \is_finite((double)(x * x));
+ non-finite double value. assert \is_finite(\mul_double(x, x));
[eva] Recording results for g
[eva] Done for function g
[eva] Recording results for main
@@ -55,7 +55,7 @@ int main(double x)
/* Generated by Frama-C */
void g(double x)
{
- /*@ assert Eva: is_nan_or_infinite: \is_finite((double)(x * x)); */
+ /*@ assert Eva: is_nan_or_infinite: \is_finite(\mul_double(x, x)); */
double y = x * x;
return;
}
diff --git a/tests/value/oracle/call.res.oracle b/tests/value/oracle/call.res.oracle
index bd70d1673837431b24118da8e0c2e213dbcc1357..144373249549a7098517489dc881ab42cdfcef3f 100644
--- a/tests/value/oracle/call.res.oracle
+++ b/tests/value/oracle/call.res.oracle
@@ -10,6 +10,8 @@
x ∈ {0}
[eva:alarm] tests/value/call.i:19: Warning:
out of bounds read. assert \valid_read(v + 1);
+[eva:alarm] tests/value/call.i:19: Warning:
+ pointer downcast. assert (unsigned int)*(v + 1) ≤ 2147483647;
[eva] computing for function leaf_fun_int <- main.
Called from tests/value/call.i:19.
[kernel:annot:missing-spec] tests/value/call.i:19: Warning:
diff --git a/tests/value/oracle/cmp_ptr.0.res.oracle b/tests/value/oracle/cmp_ptr.0.res.oracle
index b3a90b9fbe13a88ea88e78cc4d5f921cb937e06c..47a1035cc56d34fcfaad83bf7bfc5cd2f7b50b2d 100644
--- a/tests/value/oracle/cmp_ptr.0.res.oracle
+++ b/tests/value/oracle/cmp_ptr.0.res.oracle
@@ -45,12 +45,18 @@
invalid pointer comparison: invalid pointer(s)
[eva:alarm] tests/value/cmp_ptr.i:22: Warning:
pointer comparison. assert \pointer_comparable((void *)0, (void *)(&y + 2));
+[eva:alarm] tests/value/cmp_ptr.i:23: Warning:
+ pointer downcast. assert (unsigned int)(&y + 2) ≤ 2147483647;
[eva:pointer-comparison] tests/value/cmp_ptr.i:24:
invalid pointer comparison: invalid pointer(s)
[eva:alarm] tests/value/cmp_ptr.i:24: Warning:
non-finite float value. assert \is_finite(ff);
[eva:pointer-comparison] tests/value/cmp_ptr.i:28:
invalid pointer comparison: invalid pointer(s)
+[eva:alarm] tests/value/cmp_ptr.i:28: Warning:
+ pointer downcast.
+ assert (unsigned int)tmp_0 ≤ 2147483647;
+ (tmp_0 from u?& f:& g)
[eva:alarm] tests/value/cmp_ptr.i:28: Warning:
signed overflow.
assert -2147483648 ≤ 1 + (int)tmp_0;
diff --git a/tests/value/oracle/cmp_ptr.1.res.oracle b/tests/value/oracle/cmp_ptr.1.res.oracle
index 36b9efb6f4798d3be4013f0f8d40bed54d1f7905..182c5433339e484a9db1a6187096ab716cc325a0 100644
--- a/tests/value/oracle/cmp_ptr.1.res.oracle
+++ b/tests/value/oracle/cmp_ptr.1.res.oracle
@@ -59,12 +59,18 @@
evaluating condition to {0; 1} instead of {0} because of UPCPA
[eva:alarm] tests/value/cmp_ptr.i:22: Warning:
pointer comparison. assert \pointer_comparable((void *)0, (void *)(&y + 2));
+[eva:alarm] tests/value/cmp_ptr.i:23: Warning:
+ pointer downcast. assert (unsigned int)(&y + 2) ≤ 2147483647;
[eva:pointer-comparison] tests/value/cmp_ptr.i:24:
invalid pointer comparison: invalid pointer(s)
[eva:alarm] tests/value/cmp_ptr.i:24: Warning:
non-finite float value. assert \is_finite(ff);
[eva:pointer-comparison] tests/value/cmp_ptr.i:28:
invalid pointer comparison: invalid pointer(s)
+[eva:alarm] tests/value/cmp_ptr.i:28: Warning:
+ pointer downcast.
+ assert (unsigned int)tmp_0 ≤ 2147483647;
+ (tmp_0 from u?& f:& g)
[eva:alarm] tests/value/cmp_ptr.i:28: Warning:
signed overflow.
assert -2147483648 ≤ 1 + (int)tmp_0;
diff --git a/tests/value/oracle/const.res.oracle b/tests/value/oracle/const.res.oracle
index 857b44485fb8b2726177f21bf24a680cbbb9ff97..5836c004bf9e267db3186acd7fb6a78a3b5b7c3c 100644
--- a/tests/value/oracle/const.res.oracle
+++ b/tests/value/oracle/const.res.oracle
@@ -141,6 +141,8 @@
[eva] done for function main
[eva] tests/value/const.i:21:
assertion 'Eva,mem_access' got final status invalid.
+[eva] tests/value/const.i:26:
+ assertion 'Eva,mem_access' got final status invalid.
[eva] ====== VALUES COMPUTED ======
[eva:final-states] Values at end of function aux_ret_const:
__retres ∈ {1}
diff --git a/tests/value/oracle/context_free.res.oracle b/tests/value/oracle/context_free.res.oracle
index b244fecc83c99a27e3be9deb7ff2499573145e64..f1220992e0b2fe33b682cd14e1d308846df0d14a 100644
--- a/tests/value/oracle/context_free.res.oracle
+++ b/tests/value/oracle/context_free.res.oracle
@@ -101,10 +101,8 @@
The imprecision originates from Well
[eva:alarm] tests/value/context_free.i:61: Warning:
out of bounds write. assert \valid(pvoid);
-[eva] tests/value/context_free.i:61:
- Assigning imprecise value to *pvoid
- (pointing to S_qvoid with offsets [0..34359738360],0%8).
- The imprecision originates from Arithmetic {tests/value/context_free.i:61}
+[eva:alarm] tests/value/context_free.i:61: Warning:
+ pointer downcast. assert (unsigned int)(&pvoid) ≤ 127;
[eva:alarm] tests/value/context_free.i:62: Warning:
pointer to function with incompatible type. assert \valid_function(g);
[eva] Recording results for f
diff --git a/tests/value/oracle/conversion.res.oracle b/tests/value/oracle/conversion.res.oracle
index d9ed842d845c0b9c251ded319a56058f991f54bb..954fdab07b419cf2a12ec881c37860546384ec36 100644
--- a/tests/value/oracle/conversion.res.oracle
+++ b/tests/value/oracle/conversion.res.oracle
@@ -57,6 +57,8 @@
f ∈ [3. .. 5.]
l ∈ UNINITIALIZED
==END OF DUMP==
+[eva:alarm] tests/value/conversion.i:38: Warning:
+ pointer downcast. assert (unsigned int)(&x) ≤ 2147483647;
[eva] tests/value/conversion.i:40:
Frama_C_dump_each:
# Cvalue domain:
@@ -161,6 +163,8 @@
f ∈ [3. .. 5.]
l ∈ UNINITIALIZED
==END OF DUMP==
+[eva:alarm] tests/value/conversion.i:38: Warning:
+ pointer downcast. assert (unsigned int)(&x) ≤ 2147483647;
[eva:alarm] tests/value/conversion.i:39: Warning:
non-finite float value. assert \is_finite(*((float *)(&x)));
[eva] tests/value/conversion.i:39:
diff --git a/tests/value/oracle/degeneration2.res.oracle b/tests/value/oracle/degeneration2.res.oracle
index feb99e8fb7164d2b46d6f4e6802813eb4265ca6b..8ba6db66b554ace332d5b2673b0ce0b2a7fcec7d 100644
--- a/tests/value/oracle/degeneration2.res.oracle
+++ b/tests/value/oracle/degeneration2.res.oracle
@@ -6,6 +6,8 @@
v ∈ [--..--]
[eva:alarm] tests/value/degeneration2.i:14: Warning:
accessing uninitialized left-value. assert \initialized(&A);
+[eva:alarm] tests/value/degeneration2.i:14: Warning:
+ pointer downcast. assert (unsigned int)A ≤ 2147483647;
[eva:alarm] tests/value/degeneration2.i:14: Warning:
signed overflow. assert -2147483648 ≤ -((int)A);
[eva:alarm] tests/value/degeneration2.i:14: Warning:
diff --git a/tests/value/oracle/deps_addr.res.oracle b/tests/value/oracle/deps_addr.res.oracle
index 093935ed64325e2002c3ba5be0483f9edff1ea14..59f4ac5f0f9e552e08318ac54231d9674780213f 100644
--- a/tests/value/oracle/deps_addr.res.oracle
+++ b/tests/value/oracle/deps_addr.res.oracle
@@ -6,6 +6,8 @@
t ∈ {0}
a ∈ {0}
tt[0..4][0..4] ∈ {0}
+[eva:alarm] tests/value/deps_addr.i:6: Warning:
+ pointer downcast. assert (unsigned int)(&a) ≤ 2147483647;
[eva:alarm] tests/value/deps_addr.i:6: Warning:
out of bounds read. assert \valid_read(t + (int)(&a));
[eva] Recording results for main
diff --git a/tests/value/oracle/deps_mixed.res.oracle b/tests/value/oracle/deps_mixed.res.oracle
index b33c688ba947bc3efb73d0909b92254a462308c1..6631dfe4e46d5233ea557de069df72f64f96bec0 100644
--- a/tests/value/oracle/deps_mixed.res.oracle
+++ b/tests/value/oracle/deps_mixed.res.oracle
@@ -12,6 +12,8 @@
v ∈ [--..--]
t[0] ∈ {{ &f }}
[1] ∈ {{ &g }}
+[eva:alarm] tests/value/deps_mixed.i:20: Warning:
+ pointer downcast. assert (unsigned int)q ≤ 2147483647;
[eva:alarm] tests/value/deps_mixed.i:20: Warning:
out of bounds read. assert \valid_read(p + (int)q);
[eva:alarm] tests/value/deps_mixed.i:22: Warning:
@@ -26,6 +28,10 @@
Called from tests/value/deps_mixed.i:22.
[eva] Recording results for f
[eva] Done for function f
+[eva:alarm] tests/value/deps_mixed.i:24: Warning:
+ pointer downcast. assert (unsigned int)q ≤ 2147483647;
+[eva:alarm] tests/value/deps_mixed.i:24: Warning:
+ pointer downcast. assert (unsigned int)(p + (int)q) ≤ 2147483647;
[eva] tests/value/deps_mixed.i:24:
Assigning imprecise value to __retres.
The imprecision originates from Arithmetic {tests/value/deps_mixed.i:24}
diff --git a/tests/value/oracle/descending.res.oracle b/tests/value/oracle/descending.res.oracle
index 3b11d3495c607a8fe2f9068f6ac1faa87a5d17f6..7e67df6441b64d7719631c3bc6a09fc8caf77f81 100644
--- a/tests/value/oracle/descending.res.oracle
+++ b/tests/value/oracle/descending.res.oracle
@@ -14,7 +14,7 @@
[eva:alarm] tests/value/descending.i:13: Warning:
accessing out of bounds index. assert (int)(i - 1) < 10;
[eva:alarm] tests/value/descending.i:13: Warning:
- accessing uninitialized left-value. assert \initialized(&A[i - 1]);
+ accessing uninitialized left-value. assert \initialized(&A[(int)(i - 1)]);
[eva] Recording results for test1
[eva] Done for function test1
[eva] computing for function test2 <- main.
diff --git a/tests/value/oracle/div.0.res.oracle b/tests/value/oracle/div.0.res.oracle
index b0c33659a01a67ad2e5e1db4f15e05217dc9dc2b..2f95483430ee68b9fb2aee65ffad1ccfd202931a 100644
--- a/tests/value/oracle/div.0.res.oracle
+++ b/tests/value/oracle/div.0.res.oracle
@@ -35,6 +35,8 @@
signed overflow. assert X + 1 ≤ 2147483647;
[eva:alarm] tests/value/div.i:32: Warning: division by zero. assert Z2 ≢ 0;
[eva:alarm] tests/value/div.i:33: Warning: division by zero. assert Z2 ≢ 0;
+[eva:alarm] tests/value/div.i:33: Warning:
+ pointer downcast. assert (unsigned int)(&Z2) ≤ 2147483647;
[eva:alarm] tests/value/div.i:33: Warning:
signed overflow. assert -2147483648 ≤ (int)(&Z2) / Z2;
[eva:alarm] tests/value/div.i:33: Warning:
@@ -42,6 +44,8 @@
[eva] tests/value/div.i:33:
Assigning imprecise value to b.
The imprecision originates from Arithmetic {tests/value/div.i:33}
+[eva:alarm] tests/value/div.i:34: Warning:
+ pointer downcast. assert (unsigned int)(&X + 2) ≤ 2147483647;
[eva:alarm] tests/value/div.i:34: Warning:
division by zero. assert (int)(&X + 2) ≢ 0;
[eva:alarm] tests/value/div.i:34: Warning:
@@ -51,6 +55,8 @@
[eva] tests/value/div.i:34:
Assigning imprecise value to d2.
The imprecision originates from Arithmetic {tests/value/div.i:34}
+[eva:alarm] tests/value/div.i:35: Warning:
+ pointer downcast. assert (unsigned int)(&X + 1) ≤ 2147483647;
[eva:alarm] tests/value/div.i:35: Warning:
signed overflow. assert -2147483648 ≤ 100 / (int)(&X + 1);
[eva:alarm] tests/value/div.i:35: Warning:
@@ -58,6 +64,8 @@
[eva] tests/value/div.i:35:
Assigning imprecise value to d1.
The imprecision originates from Arithmetic {tests/value/div.i:35}
+[eva:alarm] tests/value/div.i:36: Warning:
+ pointer downcast. assert (unsigned int)(&X) ≤ 2147483647;
[eva:alarm] tests/value/div.i:36: Warning:
signed overflow. assert -2147483648 ≤ 100 / (int)(&X);
[eva:alarm] tests/value/div.i:36: Warning:
@@ -65,6 +73,8 @@
[eva] tests/value/div.i:36:
Assigning imprecise value to d0.
The imprecision originates from Arithmetic {tests/value/div.i:36}
+[eva:alarm] tests/value/div.i:37: Warning:
+ pointer downcast. assert (unsigned int)(&X) ≤ 2147483647;
[eva:alarm] tests/value/div.i:37: Warning:
signed overflow. assert -2147483648 ≤ -((int)(&X));
[eva:alarm] tests/value/div.i:37: Warning:
@@ -74,7 +84,7 @@
The imprecision originates from Arithmetic {tests/value/div.i:37}
[eva] Recording results for main
[eva] done for function main
-[scope:rm_asserts] removing 1 assertion(s)
+[scope:rm_asserts] removing 2 assertion(s)
[eva] ====== VALUES COMPUTED ======
[eva:final-states] Values at end of function main:
X ∈ [--..--]
diff --git a/tests/value/oracle/div.1.res.oracle b/tests/value/oracle/div.1.res.oracle
index e333aa05c132dd16c43aa7b148d98c22a25f8000..bb2cbef17535dbdbf3cef47f6757b5ac4894ff6c 100644
--- a/tests/value/oracle/div.1.res.oracle
+++ b/tests/value/oracle/div.1.res.oracle
@@ -50,11 +50,15 @@
[eva:alarm] tests/value/div.i:32: Warning:
assertion 'rte,division_by_zero' got status unknown.
[eva:alarm] tests/value/div.i:32: Warning: division by zero. assert Z2 ≢ 0;
+[eva:alarm] tests/value/div.i:33: Warning:
+ assertion 'rte,pointer_downcast' got status unknown.
[eva:alarm] tests/value/div.i:33: Warning:
assertion 'rte,division_by_zero' got status unknown.
[eva:alarm] tests/value/div.i:33: Warning:
assertion 'rte,signed_overflow' got status unknown.
[eva:alarm] tests/value/div.i:33: Warning: division by zero. assert Z2 ≢ 0;
+[eva:alarm] tests/value/div.i:33: Warning:
+ pointer downcast. assert (unsigned int)(&Z2) ≤ 2147483647;
[eva:alarm] tests/value/div.i:33: Warning:
signed overflow. assert -2147483648 ≤ (int)(&Z2) / Z2;
[eva:alarm] tests/value/div.i:33: Warning:
@@ -62,8 +66,12 @@
[eva] tests/value/div.i:33:
Assigning imprecise value to b.
The imprecision originates from Arithmetic {tests/value/div.i:33}
+[eva:alarm] tests/value/div.i:34: Warning:
+ assertion 'rte,pointer_downcast' got status unknown.
[eva:alarm] tests/value/div.i:34: Warning:
assertion 'rte,division_by_zero' got status unknown.
+[eva:alarm] tests/value/div.i:34: Warning:
+ pointer downcast. assert (unsigned int)(&X + 2) ≤ 2147483647;
[eva:alarm] tests/value/div.i:34: Warning:
division by zero. assert (int)(&X + 2) ≢ 0;
[eva:alarm] tests/value/div.i:34: Warning:
@@ -73,7 +81,11 @@
[eva] tests/value/div.i:34:
Assigning imprecise value to d2.
The imprecision originates from Arithmetic {tests/value/div.i:34}
+[eva:alarm] tests/value/div.i:35: Warning:
+ assertion 'rte,pointer_downcast' got status unknown.
[eva] tests/value/div.i:35: assertion 'rte,division_by_zero' got status valid.
+[eva:alarm] tests/value/div.i:35: Warning:
+ pointer downcast. assert (unsigned int)(&X + 1) ≤ 2147483647;
[eva:alarm] tests/value/div.i:35: Warning:
signed overflow. assert -2147483648 ≤ 100 / (int)(&X + 1);
[eva:alarm] tests/value/div.i:35: Warning:
@@ -81,7 +93,11 @@
[eva] tests/value/div.i:35:
Assigning imprecise value to d1.
The imprecision originates from Arithmetic {tests/value/div.i:35}
+[eva:alarm] tests/value/div.i:36: Warning:
+ assertion 'rte,pointer_downcast' got status unknown.
[eva] tests/value/div.i:36: assertion 'rte,division_by_zero' got status valid.
+[eva:alarm] tests/value/div.i:36: Warning:
+ pointer downcast. assert (unsigned int)(&X) ≤ 2147483647;
[eva:alarm] tests/value/div.i:36: Warning:
signed overflow. assert -2147483648 ≤ 100 / (int)(&X);
[eva:alarm] tests/value/div.i:36: Warning:
@@ -89,8 +105,12 @@
[eva] tests/value/div.i:36:
Assigning imprecise value to d0.
The imprecision originates from Arithmetic {tests/value/div.i:36}
+[eva:alarm] tests/value/div.i:37: Warning:
+ assertion 'rte,pointer_downcast' got status unknown.
[eva:alarm] tests/value/div.i:37: Warning:
assertion 'rte,signed_overflow' got status unknown.
+[eva:alarm] tests/value/div.i:37: Warning:
+ pointer downcast. assert (unsigned int)(&X) ≤ 2147483647;
[eva:alarm] tests/value/div.i:37: Warning:
signed overflow. assert -2147483648 ≤ -((int)(&X));
[eva:alarm] tests/value/div.i:37: Warning:
@@ -110,7 +130,7 @@
assertion 'rte,division_by_zero' got final status valid.
[eva] tests/value/div.i:36:
assertion 'rte,division_by_zero' got final status valid.
-[scope:rm_asserts] removing 1 assertion(s)
+[scope:rm_asserts] removing 2 assertion(s)
[eva] ====== VALUES COMPUTED ======
[eva:final-states] Values at end of function main:
X ∈ [--..--]
diff --git a/tests/value/oracle/domains_function.res.oracle b/tests/value/oracle/domains_function.res.oracle
new file mode 100644
index 0000000000000000000000000000000000000000..51ded1eb5fd5e3357568dc1f23ce53933d9e762c
--- /dev/null
+++ b/tests/value/oracle/domains_function.res.oracle
@@ -0,0 +1,272 @@
+[kernel] Parsing tests/value/domains_function.c (with preprocessing)
+[eva] Analyzing a complete application starting at main
+[eva] Computing initial state
+[eva] Initial state computed
+[eva:initial-state] Values of globals at initialization
+ undet ∈ [--..--]
+ i ∈ {0}
+ result ∈ {0}
+ t[0..9] ∈ {0}
+[eva] tests/value/domains_function.c:117: starting to merge loop iterations
+[eva] computing for function Frama_C_interval <- main.
+ Called from tests/value/domains_function.c:119.
+[eva] using specification for function Frama_C_interval
+[eva] tests/value/domains_function.c:119:
+ function Frama_C_interval: precondition 'order' got status valid.
+[eva] Done for function Frama_C_interval
+[eva] computing for function test <- main.
+ Called from tests/value/domains_function.c:120.
+[eva] tests/value/domains_function.c:92:
+ Frama_C_show_each_top: [-2147483648..2147483647]
+[eva] computing for function enabled <- test <- main.
+ Called from tests/value/domains_function.c:93.
+[eva] Recording results for enabled
+[eva] Done for function enabled
+[eva] tests/value/domains_function.c:94: Frama_C_show_each_singleton: {0}
+[eva] computing for function not_enabled <- test <- main.
+ Called from tests/value/domains_function.c:95.
+[eva] tests/value/domains_function.c:77:
+ Frama_C_show_each_top: [-2147483648..2147483647]
+[eva] Recording results for not_enabled
+[eva] Done for function not_enabled
+[eva] tests/value/domains_function.c:96:
+ Frama_C_show_each_top: [-2147483648..2147483647]
+[eva] computing for function disabled <- test <- main.
+ Called from tests/value/domains_function.c:97.
+[eva] tests/value/domains_function.c:84:
+ Frama_C_show_each_top: [-2147483648..2147483647]
+[eva] Recording results for disabled
+[eva] Done for function disabled
+[eva] tests/value/domains_function.c:98:
+ Frama_C_show_each_top: [-2147483648..2147483647]
+[eva] Recording results for test
+[eva] Done for function test
+[eva] computing for function recursively_enabled <- main.
+ Called from tests/value/domains_function.c:121.
+[eva] tests/value/domains_function.c:107: Frama_C_show_each_singleton: {4}
+[eva] computing for function enabled <- recursively_enabled <- main.
+ Called from tests/value/domains_function.c:108.
+[eva] Recording results for enabled
+[eva] Done for function enabled
+[eva] tests/value/domains_function.c:109: Frama_C_show_each_singleton: {0}
+[eva] computing for function not_enabled <- recursively_enabled <- main.
+ Called from tests/value/domains_function.c:110.
+[eva] tests/value/domains_function.c:77: Frama_C_show_each_top: {1}
+[eva] Recording results for not_enabled
+[eva] Done for function not_enabled
+[eva] tests/value/domains_function.c:111: Frama_C_show_each_singleton: {1}
+[eva] computing for function disabled <- recursively_enabled <- main.
+ Called from tests/value/domains_function.c:112.
+[eva] tests/value/domains_function.c:84:
+ Frama_C_show_each_top: [-2147483648..2147483647]
+[eva] Recording results for disabled
+[eva] Done for function disabled
+[eva] tests/value/domains_function.c:113:
+ Frama_C_show_each_top: [-2147483648..2147483647]
+[eva] Recording results for recursively_enabled
+[eva] Done for function recursively_enabled
+[eva] computing for function test_propagation <- main.
+ Called from tests/value/domains_function.c:122.
+[eva] computing for function infer <- test_propagation <- main.
+ Called from tests/value/domains_function.c:53.
+[eva] Recording results for infer
+[eva] Done for function infer
+[eva] computing for function no_use <- test_propagation <- main.
+ Called from tests/value/domains_function.c:54.
+[eva] Recording results for no_use
+[eva] Done for function no_use
+[eva] tests/value/domains_function.c:55:
+ Frama_C_show_each_top: [-2147483648..2147483647]
+[eva] computing for function nothing <- test_propagation <- main.
+ Called from tests/value/domains_function.c:56.
+[eva:alarm] tests/value/domains_function.c:21: Warning:
+ signed overflow. assert -2147483648 ≤ t[i] - t[0];
+[eva:alarm] tests/value/domains_function.c:21: Warning:
+ signed overflow. assert t[i] - t[0] ≤ 2147483647;
+[eva] Recording results for nothing
+[eva] Done for function nothing
+[eva] computing for function use <- test_propagation <- main.
+ Called from tests/value/domains_function.c:57.
+[eva] Recording results for use
+[eva] Done for function use
+[eva] tests/value/domains_function.c:58: Frama_C_show_each_singleton: {42}
+[eva] computing for function kill <- test_propagation <- main.
+ Called from tests/value/domains_function.c:59.
+[eva] Recording results for kill
+[eva] Done for function kill
+[eva] computing for function use <- test_propagation <- main.
+ Called from tests/value/domains_function.c:60.
+[eva] Recording results for use
+[eva] Done for function use
+[eva] tests/value/domains_function.c:61:
+ Frama_C_show_each_top: [-2147483648..2147483647]
+[eva] computing for function no_infer <- test_propagation <- main.
+ Called from tests/value/domains_function.c:62.
+[eva] Recording results for no_infer
+[eva] Done for function no_infer
+[eva] tests/value/domains_function.c:63: Reusing old results for call to use
+[eva] tests/value/domains_function.c:64:
+ Frama_C_show_each_top: [-2147483648..2147483647]
+[eva] Recording results for test_propagation
+[eva] Done for function test_propagation
+[eva] Recording results for main
+[eva] done for function main
+[eva] ====== VALUES COMPUTED ======
+[eva:final-states] Values at end of function disabled:
+ result ∈ [--..--]
+ t[0..9] ∈ [--..--]
+[eva:final-states] Values at end of function enabled:
+ result ∈ {0}
+ t[0..9] ∈ [--..--]
+[eva:final-states] Values at end of function infer:
+ t[0..9] ∈ [--..--]
+[eva:final-states] Values at end of function kill:
+ t[0..9] ∈ [--..--]
+[eva:final-states] Values at end of function no_infer:
+ t[0..9] ∈ [--..--]
+[eva:final-states] Values at end of function no_use:
+ result ∈ [--..--]
+[eva:final-states] Values at end of function not_enabled:
+ result ∈ [--..--]
+ t[0..9] ∈ [--..--]
+[eva:final-states] Values at end of function nothing:
+ tmp ∈ [--..--]
+[eva:final-states] Values at end of function recursively_enabled:
+ result ∈ [--..--]
+ t[0..9] ∈ [--..--]
+[eva:final-states] Values at end of function test:
+ result ∈ [--..--]
+ t[0..9] ∈ [--..--]
+[eva:final-states] Values at end of function use:
+ result ∈ [--..--]
+[eva:final-states] Values at end of function test_propagation:
+ result ∈ [--..--]
+ t[0..9] ∈ [--..--]
+[eva:final-states] Values at end of function main:
+ Frama_C_entropy_source ∈ [--..--]
+ i ∈ [0..9]
+ result ∈ [--..--]
+ t[0..9] ∈ [--..--]
+[from] Computing for function disabled
+[from] Done for function disabled
+[from] Computing for function enabled
+[from] Done for function enabled
+[from] Computing for function infer
+[from] Done for function infer
+[from] Computing for function kill
+[from] Done for function kill
+[from] Computing for function no_infer
+[from] Done for function no_infer
+[from] Computing for function no_use
+[from] Done for function no_use
+[from] Computing for function not_enabled
+[from] Done for function not_enabled
+[from] Computing for function nothing
+[from] Done for function nothing
+[from] Computing for function recursively_enabled
+[from] Done for function recursively_enabled
+[from] Computing for function test
+[from] Done for function test
+[from] Computing for function use
+[from] Done for function use
+[from] Computing for function test_propagation
+[from] Done for function test_propagation
+[from] Computing for function main
+[from] Computing for function Frama_C_interval <-main
+[from] Done for function Frama_C_interval
+[from] Done for function main
+[from] ====== DEPENDENCIES COMPUTED ======
+ These dependencies hold at termination for the executions that terminate:
+[from] Function Frama_C_interval:
+ Frama_C_entropy_source FROM Frama_C_entropy_source (and SELF)
+ \result FROM Frama_C_entropy_source; min; max
+[from] Function disabled:
+ result FROM i; t[0..9]
+ t[0..9] FROM i (and SELF)
+[from] Function enabled:
+ result FROM i; t[0..9]
+ t[0..9] FROM i (and SELF)
+[from] Function infer:
+ t[0..9] FROM i (and SELF)
+[from] Function kill:
+ t[0] FROM undet
+[from] Function no_infer:
+ t[0..9] FROM i (and SELF)
+[from] Function no_use:
+ result FROM i; t[0..9]
+[from] Function not_enabled:
+ result FROM i; t[0..9]
+ t[0..9] FROM i (and SELF)
+[from] Function nothing:
+ NO EFFECTS
+[from] Function recursively_enabled:
+ result FROM i; t[0..9]
+ t[0..9] FROM i (and SELF)
+[from] Function test:
+ result FROM i; t[0..9]
+ t[0..9] FROM i (and SELF)
+[from] Function use:
+ result FROM i; t[0..9]
+[from] Function test_propagation:
+ result FROM undet; i; t[1..9]
+ t[0] FROM undet; i
+ [1..9] FROM i (and SELF)
+[from] Function main:
+ Frama_C_entropy_source FROM Frama_C_entropy_source (and SELF)
+ i FROM Frama_C_entropy_source
+ result FROM Frama_C_entropy_source; undet; t[1..9]
+ t[0] FROM Frama_C_entropy_source; undet
+ [1..9] FROM Frama_C_entropy_source; undet (and SELF)
+[from] ====== END OF DEPENDENCIES ======
+[inout] Out (internal) for function disabled:
+ result; t[0..9]
+[inout] Inputs for function disabled:
+ i; result; t[0..9]
+[inout] Out (internal) for function enabled:
+ result; t[0..9]
+[inout] Inputs for function enabled:
+ i; t[0..9]
+[inout] Out (internal) for function infer:
+ t[0..9]
+[inout] Inputs for function infer:
+ i
+[inout] Out (internal) for function kill:
+ t[0]
+[inout] Inputs for function kill:
+ undet
+[inout] Out (internal) for function no_infer:
+ t[0..9]
+[inout] Inputs for function no_infer:
+ i
+[inout] Out (internal) for function no_use:
+ result
+[inout] Inputs for function no_use:
+ i; t[0..9]
+[inout] Out (internal) for function not_enabled:
+ result; t[0..9]
+[inout] Inputs for function not_enabled:
+ i; result; t[0..9]
+[inout] Out (internal) for function nothing:
+ tmp
+[inout] Inputs for function nothing:
+ i; t[0..9]
+[inout] Out (internal) for function recursively_enabled:
+ result; t[0..9]
+[inout] Inputs for function recursively_enabled:
+ i; result; t[0..9]
+[inout] Out (internal) for function test:
+ result; t[0..9]
+[inout] Inputs for function test:
+ i; result; t[0..9]
+[inout] Out (internal) for function use:
+ result
+[inout] Inputs for function use:
+ i; t[0..9]
+[inout] Out (internal) for function test_propagation:
+ result; t[0..9]
+[inout] Inputs for function test_propagation:
+ undet; i; result; t[0..9]
+[inout] Out (internal) for function main:
+ Frama_C_entropy_source; i; result; t[0..9]; j
+[inout] Inputs for function main:
+ Frama_C_entropy_source; undet; i; result; t[0..9]
diff --git a/tests/value/oracle/downcast.0.res.oracle b/tests/value/oracle/downcast.0.res.oracle
new file mode 100644
index 0000000000000000000000000000000000000000..3bcfeedcaf1a4fcf05706f41e611665214e4e489
--- /dev/null
+++ b/tests/value/oracle/downcast.0.res.oracle
@@ -0,0 +1,231 @@
+[kernel] Parsing tests/value/downcast.i (no preprocessing)
+[eva] Analyzing an incomplete application starting at main
+[eva] Computing initial state
+[eva] Initial state computed
+[eva:initial-state] Values of globals at initialization
+ sx ∈ [--..--]
+ sy ∈ [--..--]
+ sz ∈ [--..--]
+ uc ∈ [--..--]
+ x ∈ [--..--]
+ ux ∈ [--..--]
+ uy ∈ [--..--]
+ uz ∈ [--..--]
+ s ∈ [--..--]
+ v ∈ [--..--]
+[eva] computing for function main1 <- main.
+ Called from tests/value/downcast.i:156.
+[eva] Recording results for main1
+[eva] Done for function main1
+[eva] computing for function main2_bitfield <- main.
+ Called from tests/value/downcast.i:157.
+[eva] Recording results for main2_bitfield
+[eva] Done for function main2_bitfield
+[eva] computing for function main3_reduction <- main.
+ Called from tests/value/downcast.i:158.
+[eva] Recording results for main3_reduction
+[eva] Done for function main3_reduction
+[eva] computing for function main4_pointer <- main.
+ Called from tests/value/downcast.i:159.
+[eva:alarm] tests/value/downcast.i:54: Warning:
+ signed overflow. assert -9223372036854775808 ≤ p + 100;
+[eva:alarm] tests/value/downcast.i:54: Warning:
+ signed overflow. assert p + 100 ≤ 9223372036854775807;
+[eva] Recording results for main4_pointer
+[eva] Done for function main4_pointer
+[eva] computing for function main5_wrap_signed <- main.
+ Called from tests/value/downcast.i:160.
+[eva:alarm] tests/value/downcast.i:62: Warning:
+ assertion 'ASSUME' got status unknown.
+[eva] tests/value/downcast.i:63: assertion got status valid.
+[eva] tests/value/downcast.i:67:
+ Frama_C_show_each:
+ [2147483503..2147483647],
+ [2147483648..2147483792],
+ [-2147483648..-2147483504]
+[eva] tests/value/downcast.i:67:
+ Frama_C_show_each:
+ [100000..2147483502], [100145..2147483647], [100145..2147483647]
+[eva] tests/value/downcast.i:68: assertion got status valid.
+[eva] Recording results for main5_wrap_signed
+[eva] Done for function main5_wrap_signed
+[eva] computing for function main6_val_warn_converted_signed <- main.
+ Called from tests/value/downcast.i:161.
+[eva:alarm] tests/value/downcast.i:95: Warning:
+ pointer downcast. assert (unsigned int)p ≤ 2147483647;
+[eva:alarm] tests/value/downcast.i:96: Warning:
+ pointer downcast. assert (unsigned int)p ≤ 32767;
+[eva:alarm] tests/value/downcast.i:97: Warning:
+ pointer downcast. assert (unsigned int)p ≤ 65535;
+[eva] Recording results for main6_val_warn_converted_signed
+[eva] Done for function main6_val_warn_converted_signed
+[eva] computing for function main7_signed_upcast <- main.
+ Called from tests/value/downcast.i:162.
+[eva] Recording results for main7_signed_upcast
+[eva] Done for function main7_signed_upcast
+[eva] computing for function main8_bitfields <- main.
+ Called from tests/value/downcast.i:163.
+[eva] Recording results for main8_bitfields
+[eva] Done for function main8_bitfields
+[eva] computing for function main9_bitfield <- main.
+ Called from tests/value/downcast.i:164.
+[eva] tests/value/downcast.i:138: assertion got status valid.
+[eva] Recording results for main9_bitfield
+[eva] Done for function main9_bitfield
+[eva] computing for function main10_loop <- main.
+ Called from tests/value/downcast.i:165.
+[eva] tests/value/downcast.i:149: starting to merge loop iterations
+[eva] Recording results for main10_loop
+[eva] Done for function main10_loop
+[eva] Recording results for main
+[eva] done for function main
+[eva] ====== VALUES COMPUTED ======
+[eva:final-states] Values at end of function main1:
+ sz ∈ [--..--]
+ uc ∈ [--..--]
+ x ∈ [--..--]
+ ux ∈ [--..--]
+ s ∈ [--..--]
+[eva:final-states] Values at end of function main10_loop:
+ c ∈ [--..--] or UNINITIALIZED
+ bf.b ∈ [--..--] or UNINITIALIZED
+ .[bits 10 to 31] ∈ UNINITIALIZED
+ k ∈ {10}
+[eva:final-states] Values at end of function main2_bitfield:
+ i ∈ {117}
+ j ∈ {254}
+ ss.i ∈ {-11} or UNINITIALIZED
+ .j ∈ {30} or UNINITIALIZED
+ .[bits 10 to 31] ∈ UNINITIALIZED
+[eva:final-states] Values at end of function main3_reduction:
+ x_0 ∈ [--..--]
+ c ∈ [--..--]
+ y ∈ [--..--]
+ d ∈ [--..--]
+[eva:final-states] Values at end of function main4_pointer:
+ p ∈ {{ &x_0 + {100} }}
+ q ∈ {{ &x_0 + {100} }}
+ r ∈ {{ &x_0 + {100} }}
+[eva:final-states] Values at end of function main5_wrap_signed:
+ x_0 ∈ [100000..2147483647]
+ y ∈ [100145..2147483792]
+ z ∈ [--..--]
+[eva:final-states] Values at end of function main6_val_warn_converted_signed:
+
+[eva:final-states] Values at end of function main7_signed_upcast:
+ c ∈ {240}
+ i ∈ {240}
+[eva:final-states] Values at end of function main8_bitfields:
+ S.i1 ∈ {65}
+ .i2 ∈ {-1; 1} or UNINITIALIZED
+ .[bits 24 to 31] ∈ UNINITIALIZED
+ c ∈ {-1; 1; 65} or UNINITIALIZED
+[eva:final-states] Values at end of function main9_bitfield:
+ bf.a ∈ {1648}
+ .[bits 11 to 31] ∈ UNINITIALIZED
+ c ∈ {112} or UNINITIALIZED
+[eva:final-states] Values at end of function main:
+ sz ∈ [--..--]
+ uc ∈ [--..--]
+ x ∈ [--..--]
+ ux ∈ [--..--]
+ s ∈ [--..--]
+[from] Computing for function main1
+[from] Done for function main1
+[from] Computing for function main10_loop
+[from] Done for function main10_loop
+[from] Computing for function main2_bitfield
+[from] Done for function main2_bitfield
+[from] Computing for function main3_reduction
+[from] Done for function main3_reduction
+[from] Computing for function main4_pointer
+[from] Done for function main4_pointer
+[from] Computing for function main5_wrap_signed
+[from] Done for function main5_wrap_signed
+[from] Computing for function main6_val_warn_converted_signed
+[from] Done for function main6_val_warn_converted_signed
+[from] Computing for function main7_signed_upcast
+[from] Done for function main7_signed_upcast
+[from] Computing for function main8_bitfields
+[from] Done for function main8_bitfields
+[from] Computing for function main9_bitfield
+[from] Done for function main9_bitfield
+[from] Computing for function main
+[from] Done for function main
+[from] ====== DEPENDENCIES COMPUTED ======
+ These dependencies hold at termination for the executions that terminate:
+[from] Function main1:
+ sz FROM sx; sy
+ uc FROM x
+ x FROM uy; uz
+ ux FROM uy; uz
+ s FROM uy; uz
+[from] Function main10_loop:
+ NO EFFECTS
+[from] Function main2_bitfield:
+ NO EFFECTS
+[from] Function main3_reduction:
+ NO EFFECTS
+[from] Function main4_pointer:
+ NO EFFECTS
+[from] Function main5_wrap_signed:
+ NO EFFECTS
+[from] Function main6_val_warn_converted_signed:
+ NO EFFECTS
+[from] Function main7_signed_upcast:
+ NO EFFECTS
+[from] Function main8_bitfields:
+ NO EFFECTS
+[from] Function main9_bitfield:
+ NO EFFECTS
+[from] Function main:
+ sz FROM sx; sy
+ uc FROM x
+ x FROM uy; uz
+ ux FROM uy; uz
+ s FROM uy; uz
+[from] ====== END OF DEPENDENCIES ======
+[inout] Out (internal) for function main1:
+ sz; uc; x; ux; s
+[inout] Inputs for function main1:
+ sx; sy; x; uy; uz
+[inout] Out (internal) for function main10_loop:
+ c; bf.b; k
+[inout] Inputs for function main10_loop:
+ v
+[inout] Out (internal) for function main2_bitfield:
+ i; j; ss{.i; .j}
+[inout] Inputs for function main2_bitfield:
+ v
+[inout] Out (internal) for function main3_reduction:
+ x_0; c; y; d
+[inout] Inputs for function main3_reduction:
+ v
+[inout] Out (internal) for function main4_pointer:
+ p; q; r
+[inout] Inputs for function main4_pointer:
+ \nothing
+[inout] Out (internal) for function main5_wrap_signed:
+ x_0; y; z
+[inout] Inputs for function main5_wrap_signed:
+ v
+[inout] Out (internal) for function main6_val_warn_converted_signed:
+ s_0; u; e; b; e_0; b_0; e_1; b_1; p; x_0; y; z
+[inout] Inputs for function main6_val_warn_converted_signed:
+ v
+[inout] Out (internal) for function main7_signed_upcast:
+ c; i
+[inout] Inputs for function main7_signed_upcast:
+ \nothing
+[inout] Out (internal) for function main8_bitfields:
+ S{.i1; .i2}; c
+[inout] Inputs for function main8_bitfields:
+ v
+[inout] Out (internal) for function main9_bitfield:
+ bf.a; signed_a; c
+[inout] Inputs for function main9_bitfield:
+ v
+[inout] Out (internal) for function main:
+ sz; uc; x; ux; s
+[inout] Inputs for function main:
+ sx; sy; x; uy; uz; v
diff --git a/tests/value/oracle/downcast.1.res.oracle b/tests/value/oracle/downcast.1.res.oracle
new file mode 100644
index 0000000000000000000000000000000000000000..80b62a21f498dfb27b00b455bd4709bb5043756c
--- /dev/null
+++ b/tests/value/oracle/downcast.1.res.oracle
@@ -0,0 +1,286 @@
+[kernel] Parsing tests/value/downcast.i (no preprocessing)
+[eva] Analyzing an incomplete application starting at main
+[eva] Computing initial state
+[eva] Initial state computed
+[eva:initial-state] Values of globals at initialization
+ sx ∈ [--..--]
+ sy ∈ [--..--]
+ sz ∈ [--..--]
+ uc ∈ [--..--]
+ x ∈ [--..--]
+ ux ∈ [--..--]
+ uy ∈ [--..--]
+ uz ∈ [--..--]
+ s ∈ [--..--]
+ v ∈ [--..--]
+[eva] computing for function main1 <- main.
+ Called from tests/value/downcast.i:156.
+[eva:alarm] tests/value/downcast.i:23: Warning:
+ signed downcast. assert -128 ≤ (int)((int)sx + (int)sy);
+[eva:alarm] tests/value/downcast.i:23: Warning:
+ signed downcast. assert (int)((int)sx + (int)sy) ≤ 127;
+[eva:alarm] tests/value/downcast.i:26: Warning:
+ signed downcast. assert (unsigned int)(uy + uz) ≤ 2147483647;
+[eva] Recording results for main1
+[eva] Done for function main1
+[eva] computing for function main2_bitfield <- main.
+ Called from tests/value/downcast.i:157.
+[eva:alarm] tests/value/downcast.i:36: Warning:
+ signed downcast. assert i ≤ 15;
+[eva] Recording results for main2_bitfield
+[eva] Done for function main2_bitfield
+[eva] computing for function main3_reduction <- main.
+ Called from tests/value/downcast.i:158.
+[eva:alarm] tests/value/downcast.i:42: Warning:
+ signed downcast. assert -128 ≤ x_0;
+[eva:alarm] tests/value/downcast.i:42: Warning:
+ signed downcast. assert x_0 ≤ 127;
+[eva] Recording results for main3_reduction
+[eva] Done for function main3_reduction
+[eva] computing for function main4_pointer <- main.
+ Called from tests/value/downcast.i:159.
+[eva:alarm] tests/value/downcast.i:54: Warning:
+ signed overflow. assert -9223372036854775808 ≤ p + 100;
+[eva:alarm] tests/value/downcast.i:54: Warning:
+ signed overflow. assert p + 100 ≤ 9223372036854775807;
+[eva:alarm] tests/value/downcast.i:56: Warning:
+ signed downcast. assert -2147483648 ≤ p;
+[eva:alarm] tests/value/downcast.i:56: Warning:
+ signed downcast. assert p ≤ 2147483647;
+[eva] Recording results for main4_pointer
+[eva] Done for function main4_pointer
+[eva] computing for function main5_wrap_signed <- main.
+ Called from tests/value/downcast.i:160.
+[eva:alarm] tests/value/downcast.i:62: Warning:
+ assertion 'ASSUME' got status unknown.
+[eva] tests/value/downcast.i:63: assertion got status valid.
+[eva:alarm] tests/value/downcast.i:66: Warning:
+ signed downcast. assert y ≤ 2147483647;
+[eva] tests/value/downcast.i:67:
+ Frama_C_show_each:
+ [100000..2147483647], [100145..2147483647], [100145..2147483647]
+[eva] tests/value/downcast.i:68: assertion got status valid.
+[eva] Recording results for main5_wrap_signed
+[eva] Done for function main5_wrap_signed
+[eva] computing for function main6_val_warn_converted_signed <- main.
+ Called from tests/value/downcast.i:161.
+[eva:alarm] tests/value/downcast.i:75: Warning:
+ signed downcast. assert 65300u ≤ 32767;
+[eva:alarm] tests/value/downcast.i:86: Warning:
+ signed downcast. assert e_0 ≤ 32767;
+[eva:alarm] tests/value/downcast.i:91: Warning:
+ signed downcast. assert e_1 ≤ 32767;
+[eva:alarm] tests/value/downcast.i:95: Warning:
+ pointer downcast. assert (unsigned int)p ≤ 2147483647;
+[eva:alarm] tests/value/downcast.i:96: Warning:
+ pointer downcast. assert (unsigned int)p ≤ 32767;
+[eva:alarm] tests/value/downcast.i:97: Warning:
+ pointer downcast. assert (unsigned int)p ≤ 65535;
+[eva] Recording results for main6_val_warn_converted_signed
+[eva] Done for function main6_val_warn_converted_signed
+[eva] computing for function main7_signed_upcast <- main.
+ Called from tests/value/downcast.i:162.
+[eva] Recording results for main7_signed_upcast
+[eva] Done for function main7_signed_upcast
+[eva] computing for function main8_bitfields <- main.
+ Called from tests/value/downcast.i:163.
+[eva:alarm] tests/value/downcast.i:118: Warning:
+ signed downcast. assert S.i1 ≤ 31;
+[eva:alarm] tests/value/downcast.i:119: Warning:
+ signed downcast. assert S.i1 ≤ 127;
+[eva:alarm] tests/value/downcast.i:123: Warning:
+ signed downcast. assert S.i1 ≤ 31;
+[eva:alarm] tests/value/downcast.i:124: Warning:
+ signed downcast. assert S.i1 ≤ 127;
+[eva:alarm] tests/value/downcast.i:128: Warning:
+ signed downcast. assert S.i1 ≤ 31;
+[eva] Recording results for main8_bitfields
+[eva] Done for function main8_bitfields
+[eva] computing for function main9_bitfield <- main.
+ Called from tests/value/downcast.i:164.
+[eva:alarm] tests/value/downcast.i:137: Warning:
+ signed downcast. assert bf.a ≤ 1023;
+[eva:alarm] tests/value/downcast.i:141: Warning:
+ signed downcast. assert bf.a ≤ 127;
+[eva] Recording results for main9_bitfield
+[eva] Done for function main9_bitfield
+[eva] computing for function main10_loop <- main.
+ Called from tests/value/downcast.i:165.
+[eva:alarm] tests/value/downcast.i:151: Warning:
+ signed downcast. assert bf.b ≤ 127;
+[eva] tests/value/downcast.i:149: starting to merge loop iterations
+[eva] Recording results for main10_loop
+[eva] Done for function main10_loop
+[eva] Recording results for main
+[eva] done for function main
+[eva] tests/value/downcast.i:36:
+ assertion 'Eva,signed_downcast' got final status invalid.
+[eva] tests/value/downcast.i:75:
+ assertion 'Eva,signed_downcast' got final status invalid.
+[eva] tests/value/downcast.i:86:
+ assertion 'Eva,signed_downcast' got final status invalid.
+[eva] tests/value/downcast.i:91:
+ assertion 'Eva,signed_downcast' got final status invalid.
+[eva] tests/value/downcast.i:118:
+ assertion 'Eva,signed_downcast' got final status invalid.
+[eva] tests/value/downcast.i:119:
+ assertion 'Eva,signed_downcast' got final status invalid.
+[eva] tests/value/downcast.i:123:
+ assertion 'Eva,signed_downcast' got final status invalid.
+[eva] tests/value/downcast.i:124:
+ assertion 'Eva,signed_downcast' got final status invalid.
+[eva] tests/value/downcast.i:128:
+ assertion 'Eva,signed_downcast' got final status invalid.
+[eva] tests/value/downcast.i:137:
+ assertion 'Eva,signed_downcast' got final status invalid.
+[eva] tests/value/downcast.i:141:
+ assertion 'Eva,signed_downcast' got final status invalid.
+[eva] ====== VALUES COMPUTED ======
+[eva:final-states] Values at end of function main1:
+ sz ∈ [--..--]
+ uc ∈ [--..--]
+ x ∈ [0..2147483647]
+ ux ∈ [--..--]
+ s ∈ [--..--]
+[eva:final-states] Values at end of function main10_loop:
+ c ∈ [0..127] or UNINITIALIZED
+ bf.b ∈ [--..--] or UNINITIALIZED
+ .[bits 10 to 31] ∈ UNINITIALIZED
+ k ∈ {10}
+[eva:final-states] Values at end of function main2_bitfield:
+ i ∈ {117}
+ j ∈ {254}
+ ss.i ∈ UNINITIALIZED
+ .j ∈ {30} or UNINITIALIZED
+ .[bits 10 to 31] ∈ UNINITIALIZED
+[eva:final-states] Values at end of function main3_reduction:
+ x_0 ∈ [-128..127]
+ c ∈ [--..--]
+ y ∈ [--..--]
+ d ∈ [--..--]
+[eva:final-states] Values at end of function main4_pointer:
+ p ∈ {{ &x_0 + {100} }}
+ q ∈ {{ &x_0 + {100} }}
+ r ∈ {{ &x_0 + {100} }}
+[eva:final-states] Values at end of function main5_wrap_signed:
+ x_0 ∈ [100000..2147483647]
+ y ∈ [100145..2147483647]
+ z ∈ [100145..2147483647]
+[eva:final-states] Values at end of function main6_val_warn_converted_signed:
+
+[eva:final-states] Values at end of function main7_signed_upcast:
+ c ∈ {240}
+ i ∈ {240}
+[eva:final-states] Values at end of function main8_bitfields:
+ S.i1 ∈ {65}
+ {.i2; .[bits 24 to 31]} ∈ UNINITIALIZED
+ c ∈ {65} or UNINITIALIZED
+[eva:final-states] Values at end of function main9_bitfield:
+ bf.a ∈ {1648}
+ .[bits 11 to 31] ∈ UNINITIALIZED
+ c ∈ UNINITIALIZED
+[eva:final-states] Values at end of function main:
+ sz ∈ [--..--]
+ uc ∈ [--..--]
+ x ∈ [0..2147483647]
+ ux ∈ [--..--]
+ s ∈ [--..--]
+[from] Computing for function main1
+[from] Done for function main1
+[from] Computing for function main10_loop
+[from] Done for function main10_loop
+[from] Computing for function main2_bitfield
+[from] Done for function main2_bitfield
+[from] Computing for function main3_reduction
+[from] Done for function main3_reduction
+[from] Computing for function main4_pointer
+[from] Done for function main4_pointer
+[from] Computing for function main5_wrap_signed
+[from] Done for function main5_wrap_signed
+[from] Computing for function main6_val_warn_converted_signed
+[from] Done for function main6_val_warn_converted_signed
+[from] Computing for function main7_signed_upcast
+[from] Done for function main7_signed_upcast
+[from] Computing for function main8_bitfields
+[from] Done for function main8_bitfields
+[from] Computing for function main9_bitfield
+[from] Done for function main9_bitfield
+[from] Computing for function main
+[from] Done for function main
+[from] ====== DEPENDENCIES COMPUTED ======
+ These dependencies hold at termination for the executions that terminate:
+[from] Function main1:
+ sz FROM sx; sy
+ uc FROM x
+ x FROM uy; uz
+ ux FROM uy; uz
+ s FROM uy; uz
+[from] Function main10_loop:
+ NO EFFECTS
+[from] Function main2_bitfield:
+ NO EFFECTS
+[from] Function main3_reduction:
+ NO EFFECTS
+[from] Function main4_pointer:
+ NO EFFECTS
+[from] Function main5_wrap_signed:
+ NO EFFECTS
+[from] Function main6_val_warn_converted_signed:
+ NO EFFECTS
+[from] Function main7_signed_upcast:
+ NO EFFECTS
+[from] Function main8_bitfields:
+ NO EFFECTS
+[from] Function main9_bitfield:
+ NO EFFECTS
+[from] Function main:
+ sz FROM sx; sy
+ uc FROM x
+ x FROM uy; uz
+ ux FROM uy; uz
+ s FROM uy; uz
+[from] ====== END OF DEPENDENCIES ======
+[inout] Out (internal) for function main1:
+ sz; uc; x; ux; s
+[inout] Inputs for function main1:
+ sx; sy; x; uy; uz
+[inout] Out (internal) for function main10_loop:
+ c; bf.b; k
+[inout] Inputs for function main10_loop:
+ v
+[inout] Out (internal) for function main2_bitfield:
+ i; j; ss{.i; .j}
+[inout] Inputs for function main2_bitfield:
+ v
+[inout] Out (internal) for function main3_reduction:
+ x_0; c; y; d
+[inout] Inputs for function main3_reduction:
+ v
+[inout] Out (internal) for function main4_pointer:
+ p; q; r
+[inout] Inputs for function main4_pointer:
+ \nothing
+[inout] Out (internal) for function main5_wrap_signed:
+ x_0; y; z
+[inout] Inputs for function main5_wrap_signed:
+ v
+[inout] Out (internal) for function main6_val_warn_converted_signed:
+ s_0; u; e; b; e_0; b_0; e_1; b_1; p; x_0; y; z
+[inout] Inputs for function main6_val_warn_converted_signed:
+ v
+[inout] Out (internal) for function main7_signed_upcast:
+ c; i
+[inout] Inputs for function main7_signed_upcast:
+ \nothing
+[inout] Out (internal) for function main8_bitfields:
+ S{.i1; .i2}; c
+[inout] Inputs for function main8_bitfields:
+ v
+[inout] Out (internal) for function main9_bitfield:
+ bf.a; signed_a; c
+[inout] Inputs for function main9_bitfield:
+ v
+[inout] Out (internal) for function main:
+ sz; uc; x; ux; s
+[inout] Inputs for function main:
+ sx; sy; x; uy; uz; v
diff --git a/tests/value/oracle/downcast.2.res.oracle b/tests/value/oracle/downcast.2.res.oracle
new file mode 100644
index 0000000000000000000000000000000000000000..ce711f9fe6aa4528c8f1a9e7f06cdfac216fd10a
--- /dev/null
+++ b/tests/value/oracle/downcast.2.res.oracle
@@ -0,0 +1,257 @@
+[kernel] Parsing tests/value/downcast.i (no preprocessing)
+[eva] Analyzing an incomplete application starting at main
+[eva] Computing initial state
+[eva] Initial state computed
+[eva:initial-state] Values of globals at initialization
+ sx ∈ [--..--]
+ sy ∈ [--..--]
+ sz ∈ [--..--]
+ uc ∈ [--..--]
+ x ∈ [--..--]
+ ux ∈ [--..--]
+ uy ∈ [--..--]
+ uz ∈ [--..--]
+ s ∈ [--..--]
+ v ∈ [--..--]
+[eva] computing for function main1 <- main.
+ Called from tests/value/downcast.i:156.
+[eva:alarm] tests/value/downcast.i:24: Warning:
+ unsigned downcast. assert 0 ≤ (int)((int)sx + (int)sy);
+[eva:alarm] tests/value/downcast.i:25: Warning:
+ unsigned downcast. assert 0 ≤ x;
+[eva:alarm] tests/value/downcast.i:25: Warning:
+ unsigned downcast. assert x ≤ 255;
+[eva:alarm] tests/value/downcast.i:28: Warning:
+ unsigned downcast. assert (unsigned int)(uy + uz) ≤ 65535;
+[eva] Recording results for main1
+[eva] Done for function main1
+[eva] computing for function main2_bitfield <- main.
+ Called from tests/value/downcast.i:157.
+[eva:alarm] tests/value/downcast.i:37: Warning:
+ unsigned downcast. assert j ≤ 31;
+[eva] Recording results for main2_bitfield
+[eva] Done for function main2_bitfield
+[eva] computing for function main3_reduction <- main.
+ Called from tests/value/downcast.i:158.
+[eva:alarm] tests/value/downcast.i:44: Warning:
+ unsigned downcast. assert 0 ≤ v;
+[eva:alarm] tests/value/downcast.i:45: Warning:
+ unsigned downcast. assert y ≤ 255;
+[eva] Recording results for main3_reduction
+[eva] Done for function main3_reduction
+[eva] computing for function main4_pointer <- main.
+ Called from tests/value/downcast.i:159.
+[eva:alarm] tests/value/downcast.i:54: Warning:
+ signed overflow. assert -9223372036854775808 ≤ p + 100;
+[eva:alarm] tests/value/downcast.i:54: Warning:
+ signed overflow. assert p + 100 ≤ 9223372036854775807;
+[eva:alarm] tests/value/downcast.i:55: Warning:
+ unsigned downcast. assert 0 ≤ p;
+[eva:alarm] tests/value/downcast.i:55: Warning:
+ unsigned downcast. assert p ≤ 4294967295;
+[eva] Recording results for main4_pointer
+[eva] Done for function main4_pointer
+[eva] computing for function main5_wrap_signed <- main.
+ Called from tests/value/downcast.i:160.
+[eva:alarm] tests/value/downcast.i:62: Warning:
+ assertion 'ASSUME' got status unknown.
+[eva] tests/value/downcast.i:63: assertion got status valid.
+[eva] tests/value/downcast.i:67:
+ Frama_C_show_each:
+ [100000..2147483647], [100145..2147483792], [-2147483648..2147483647]
+[eva:alarm] tests/value/downcast.i:68: Warning: assertion got status unknown.
+[eva] Recording results for main5_wrap_signed
+[eva] Done for function main5_wrap_signed
+[eva] computing for function main6_val_warn_converted_signed <- main.
+ Called from tests/value/downcast.i:161.
+[eva:alarm] tests/value/downcast.i:85: Warning:
+ unsigned downcast. assert 0 ≤ (int)(-12);
+[eva:alarm] tests/value/downcast.i:90: Warning:
+ unsigned downcast. assert 0 ≤ (int)(-64000);
+[eva:alarm] tests/value/downcast.i:95: Warning:
+ pointer downcast. assert (unsigned int)p ≤ 2147483647;
+[eva:alarm] tests/value/downcast.i:96: Warning:
+ pointer downcast. assert (unsigned int)p ≤ 32767;
+[eva:alarm] tests/value/downcast.i:97: Warning:
+ pointer downcast. assert (unsigned int)p ≤ 65535;
+[eva] Recording results for main6_val_warn_converted_signed
+[eva] Done for function main6_val_warn_converted_signed
+[eva] computing for function main7_signed_upcast <- main.
+ Called from tests/value/downcast.i:162.
+[eva] Recording results for main7_signed_upcast
+[eva] Done for function main7_signed_upcast
+[eva] computing for function main8_bitfields <- main.
+ Called from tests/value/downcast.i:163.
+[eva] Recording results for main8_bitfields
+[eva] Done for function main8_bitfields
+[eva] computing for function main9_bitfield <- main.
+ Called from tests/value/downcast.i:164.
+[eva] tests/value/downcast.i:138: assertion got status valid.
+[eva] Recording results for main9_bitfield
+[eva] Done for function main9_bitfield
+[eva] computing for function main10_loop <- main.
+ Called from tests/value/downcast.i:165.
+[eva:alarm] tests/value/downcast.i:150: Warning:
+ unsigned downcast. assert 0 ≤ v;
+[eva:alarm] tests/value/downcast.i:150: Warning:
+ unsigned downcast. assert v ≤ 1023;
+[eva] tests/value/downcast.i:149: starting to merge loop iterations
+[eva] Recording results for main10_loop
+[eva] Done for function main10_loop
+[eva] Recording results for main
+[eva] done for function main
+[eva] tests/value/downcast.i:37:
+ assertion 'Eva,unsigned_downcast' got final status invalid.
+[eva] tests/value/downcast.i:85:
+ assertion 'Eva,unsigned_downcast' got final status invalid.
+[eva] tests/value/downcast.i:90:
+ assertion 'Eva,unsigned_downcast' got final status invalid.
+[eva] ====== VALUES COMPUTED ======
+[eva:final-states] Values at end of function main1:
+ sz ∈ [--..--]
+ uc ∈ [--..--]
+ x ∈ [--..--]
+ ux ∈ [--..--]
+ s ∈ [--..--]
+[eva:final-states] Values at end of function main10_loop:
+ c ∈ [--..--] or UNINITIALIZED
+ bf.b ∈ [--..--] or UNINITIALIZED
+ .[bits 10 to 31] ∈ UNINITIALIZED
+ k ∈ {10}
+[eva:final-states] Values at end of function main2_bitfield:
+ i ∈ {117}
+ j ∈ {254}
+ ss.i ∈ {-11} or UNINITIALIZED
+ {.j; .[bits 10 to 31]} ∈ UNINITIALIZED
+[eva:final-states] Values at end of function main3_reduction:
+ x_0 ∈ [--..--]
+ c ∈ [--..--]
+ y ∈ [0..255]
+ d ∈ [--..--]
+[eva:final-states] Values at end of function main4_pointer:
+ p ∈ {{ &x_0 + {100} }}
+ q ∈ {{ &x_0 + {100} }}
+ r ∈ {{ &x_0 + {100} }}
+[eva:final-states] Values at end of function main5_wrap_signed:
+ x_0 ∈ [100000..2147483647]
+ y ∈ [100145..2147483792]
+ z ∈ [--..--]
+[eva:final-states] Values at end of function main6_val_warn_converted_signed:
+
+[eva:final-states] Values at end of function main7_signed_upcast:
+ c ∈ {240}
+ i ∈ {240}
+[eva:final-states] Values at end of function main8_bitfields:
+ S.i1 ∈ {65}
+ .i2 ∈ {-1; 1} or UNINITIALIZED
+ .[bits 24 to 31] ∈ UNINITIALIZED
+ c ∈ {-1; 1; 65} or UNINITIALIZED
+[eva:final-states] Values at end of function main9_bitfield:
+ bf.a ∈ {1648}
+ .[bits 11 to 31] ∈ UNINITIALIZED
+ c ∈ {112} or UNINITIALIZED
+[eva:final-states] Values at end of function main:
+ sz ∈ [--..--]
+ uc ∈ [--..--]
+ x ∈ [--..--]
+ ux ∈ [--..--]
+ s ∈ [--..--]
+[from] Computing for function main1
+[from] Done for function main1
+[from] Computing for function main10_loop
+[from] Done for function main10_loop
+[from] Computing for function main2_bitfield
+[from] Done for function main2_bitfield
+[from] Computing for function main3_reduction
+[from] Done for function main3_reduction
+[from] Computing for function main4_pointer
+[from] Done for function main4_pointer
+[from] Computing for function main5_wrap_signed
+[from] Done for function main5_wrap_signed
+[from] Computing for function main6_val_warn_converted_signed
+[from] Done for function main6_val_warn_converted_signed
+[from] Computing for function main7_signed_upcast
+[from] Done for function main7_signed_upcast
+[from] Computing for function main8_bitfields
+[from] Done for function main8_bitfields
+[from] Computing for function main9_bitfield
+[from] Done for function main9_bitfield
+[from] Computing for function main
+[from] Done for function main
+[from] ====== DEPENDENCIES COMPUTED ======
+ These dependencies hold at termination for the executions that terminate:
+[from] Function main1:
+ sz FROM sx; sy
+ uc FROM x
+ x FROM uy; uz
+ ux FROM uy; uz
+ s FROM uy; uz
+[from] Function main10_loop:
+ NO EFFECTS
+[from] Function main2_bitfield:
+ NO EFFECTS
+[from] Function main3_reduction:
+ NO EFFECTS
+[from] Function main4_pointer:
+ NO EFFECTS
+[from] Function main5_wrap_signed:
+ NO EFFECTS
+[from] Function main6_val_warn_converted_signed:
+ NO EFFECTS
+[from] Function main7_signed_upcast:
+ NO EFFECTS
+[from] Function main8_bitfields:
+ NO EFFECTS
+[from] Function main9_bitfield:
+ NO EFFECTS
+[from] Function main:
+ sz FROM sx; sy
+ uc FROM x
+ x FROM uy; uz
+ ux FROM uy; uz
+ s FROM uy; uz
+[from] ====== END OF DEPENDENCIES ======
+[inout] Out (internal) for function main1:
+ sz; uc; x; ux; s
+[inout] Inputs for function main1:
+ sx; sy; x; uy; uz
+[inout] Out (internal) for function main10_loop:
+ c; bf.b; k
+[inout] Inputs for function main10_loop:
+ v
+[inout] Out (internal) for function main2_bitfield:
+ i; j; ss{.i; .j}
+[inout] Inputs for function main2_bitfield:
+ v
+[inout] Out (internal) for function main3_reduction:
+ x_0; c; y; d
+[inout] Inputs for function main3_reduction:
+ v
+[inout] Out (internal) for function main4_pointer:
+ p; q; r
+[inout] Inputs for function main4_pointer:
+ \nothing
+[inout] Out (internal) for function main5_wrap_signed:
+ x_0; y; z
+[inout] Inputs for function main5_wrap_signed:
+ v
+[inout] Out (internal) for function main6_val_warn_converted_signed:
+ s_0; u; e; b; e_0; e_1; p; x_0; y; z
+[inout] Inputs for function main6_val_warn_converted_signed:
+ v
+[inout] Out (internal) for function main7_signed_upcast:
+ c; i
+[inout] Inputs for function main7_signed_upcast:
+ \nothing
+[inout] Out (internal) for function main8_bitfields:
+ S{.i1; .i2}; c
+[inout] Inputs for function main8_bitfields:
+ v
+[inout] Out (internal) for function main9_bitfield:
+ bf.a; signed_a; c
+[inout] Inputs for function main9_bitfield:
+ v
+[inout] Out (internal) for function main:
+ sz; uc; x; ux; s
+[inout] Inputs for function main:
+ sx; sy; x; uy; uz; v
diff --git a/tests/value/oracle/downcast.3.res.oracle b/tests/value/oracle/downcast.3.res.oracle
new file mode 100644
index 0000000000000000000000000000000000000000..8d2a9ee99b2b0162311fae95e37a7c09cc0ef24d
--- /dev/null
+++ b/tests/value/oracle/downcast.3.res.oracle
@@ -0,0 +1,270 @@
+[kernel] Parsing tests/value/downcast.i (no preprocessing)
+[eva] Analyzing an incomplete application starting at main
+[eva] Computing initial state
+[eva] Initial state computed
+[eva:initial-state] Values of globals at initialization
+ sx ∈ [--..--]
+ sy ∈ [--..--]
+ sz ∈ [--..--]
+ uc ∈ [--..--]
+ x ∈ [--..--]
+ ux ∈ [--..--]
+ uy ∈ [--..--]
+ uz ∈ [--..--]
+ s ∈ [--..--]
+ v ∈ [--..--]
+[eva] computing for function main1 <- main.
+ Called from tests/value/downcast.i:156.
+[eva:alarm] tests/value/downcast.i:23: Warning:
+ signed downcast. assert -128 ≤ (int)((int)sx + (int)sy);
+[eva:alarm] tests/value/downcast.i:23: Warning:
+ signed downcast. assert (int)((int)sx + (int)sy) ≤ 127;
+[eva] Recording results for main1
+[eva] Done for function main1
+[eva] computing for function main2_bitfield <- main.
+ Called from tests/value/downcast.i:157.
+[eva:alarm] tests/value/downcast.i:36: Warning:
+ signed downcast. assert i ≤ 15;
+[eva] Recording results for main2_bitfield
+[eva] Done for function main2_bitfield
+[eva] computing for function main3_reduction <- main.
+ Called from tests/value/downcast.i:158.
+[eva:alarm] tests/value/downcast.i:42: Warning:
+ signed downcast. assert -128 ≤ x_0;
+[eva:alarm] tests/value/downcast.i:42: Warning:
+ signed downcast. assert x_0 ≤ 127;
+[eva] Recording results for main3_reduction
+[eva] Done for function main3_reduction
+[eva] computing for function main4_pointer <- main.
+ Called from tests/value/downcast.i:159.
+[eva:alarm] tests/value/downcast.i:54: Warning:
+ signed overflow. assert -9223372036854775808 ≤ p + 100;
+[eva:alarm] tests/value/downcast.i:54: Warning:
+ signed overflow. assert p + 100 ≤ 9223372036854775807;
+[eva:alarm] tests/value/downcast.i:56: Warning:
+ signed downcast. assert -2147483648 ≤ p;
+[eva:alarm] tests/value/downcast.i:56: Warning:
+ signed downcast. assert p ≤ 2147483647;
+[eva] Recording results for main4_pointer
+[eva] Done for function main4_pointer
+[eva] computing for function main5_wrap_signed <- main.
+ Called from tests/value/downcast.i:160.
+[eva:alarm] tests/value/downcast.i:62: Warning:
+ assertion 'ASSUME' got status unknown.
+[eva] tests/value/downcast.i:63: assertion got status valid.
+[eva] tests/value/downcast.i:67:
+ Frama_C_show_each:
+ [100000..2147483647], [100145..2147483792], [-2147483648..2147483647]
+[eva:alarm] tests/value/downcast.i:68: Warning: assertion got status unknown.
+[eva] Recording results for main5_wrap_signed
+[eva] Done for function main5_wrap_signed
+[eva] computing for function main6_val_warn_converted_signed <- main.
+ Called from tests/value/downcast.i:161.
+[eva:alarm] tests/value/downcast.i:75: Warning:
+ signed downcast. assert 65300u ≤ 32767;
+[eva:alarm] tests/value/downcast.i:91: Warning:
+ signed downcast. assert -32768 ≤ (int)e_1;
+[eva:alarm] tests/value/downcast.i:95: Warning:
+ pointer downcast. assert (unsigned int)p ≤ 2147483647;
+[eva:alarm] tests/value/downcast.i:96: Warning:
+ pointer downcast. assert (unsigned int)p ≤ 32767;
+[eva:alarm] tests/value/downcast.i:97: Warning:
+ pointer downcast. assert (unsigned int)p ≤ 65535;
+[eva] Recording results for main6_val_warn_converted_signed
+[eva] Done for function main6_val_warn_converted_signed
+[eva] computing for function main7_signed_upcast <- main.
+ Called from tests/value/downcast.i:162.
+[eva] Recording results for main7_signed_upcast
+[eva] Done for function main7_signed_upcast
+[eva] computing for function main8_bitfields <- main.
+ Called from tests/value/downcast.i:163.
+[eva:alarm] tests/value/downcast.i:123: Warning:
+ signed downcast. assert (int)S.i1 ≤ 31;
+[eva:alarm] tests/value/downcast.i:124: Warning:
+ signed downcast. assert (int)S.i1 ≤ 127;
+[eva:alarm] tests/value/downcast.i:128: Warning:
+ signed downcast. assert (int)S.i1 ≤ 31;
+[eva] Recording results for main8_bitfields
+[eva] Done for function main8_bitfields
+[eva] computing for function main9_bitfield <- main.
+ Called from tests/value/downcast.i:164.
+[eva] tests/value/downcast.i:138: assertion got status valid.
+[eva:alarm] tests/value/downcast.i:141: Warning:
+ signed downcast. assert -128 ≤ (int)bf.a;
+[eva] Recording results for main9_bitfield
+[eva] Done for function main9_bitfield
+[eva] computing for function main10_loop <- main.
+ Called from tests/value/downcast.i:165.
+[eva:alarm] tests/value/downcast.i:151: Warning:
+ signed downcast. assert -128 ≤ (int)bf.b;
+[eva:alarm] tests/value/downcast.i:151: Warning:
+ signed downcast. assert (int)bf.b ≤ 127;
+[eva] tests/value/downcast.i:149: starting to merge loop iterations
+[eva] Recording results for main10_loop
+[eva] Done for function main10_loop
+[eva] Recording results for main
+[eva] done for function main
+[eva] tests/value/downcast.i:36:
+ assertion 'Eva,signed_downcast' got final status invalid.
+[eva] tests/value/downcast.i:75:
+ assertion 'Eva,signed_downcast' got final status invalid.
+[eva] tests/value/downcast.i:91:
+ assertion 'Eva,signed_downcast' got final status invalid.
+[eva] tests/value/downcast.i:123:
+ assertion 'Eva,signed_downcast' got final status invalid.
+[eva] tests/value/downcast.i:124:
+ assertion 'Eva,signed_downcast' got final status invalid.
+[eva] tests/value/downcast.i:128:
+ assertion 'Eva,signed_downcast' got final status invalid.
+[eva] tests/value/downcast.i:141:
+ assertion 'Eva,signed_downcast' got final status invalid.
+[eva] ====== VALUES COMPUTED ======
+[eva:final-states] Values at end of function main1:
+ sz ∈ [--..--]
+ uc ∈ [--..--]
+ x ∈ [--..--]
+ ux ∈ [--..--]
+ s ∈ [--..--]
+[eva:final-states] Values at end of function main10_loop:
+ c ∈ [--..--] or UNINITIALIZED
+ bf.b ∈ [--..--] or UNINITIALIZED
+ .[bits 10 to 31] ∈ UNINITIALIZED
+ k ∈ {10}
+[eva:final-states] Values at end of function main2_bitfield:
+ i ∈ {117}
+ j ∈ {254}
+ ss.i ∈ UNINITIALIZED
+ .j ∈ {30} or UNINITIALIZED
+ .[bits 10 to 31] ∈ UNINITIALIZED
+[eva:final-states] Values at end of function main3_reduction:
+ x_0 ∈ [-128..127]
+ c ∈ [--..--]
+ y ∈ [--..--]
+ d ∈ [--..--]
+[eva:final-states] Values at end of function main4_pointer:
+ p ∈ {{ &x_0 + {100} }}
+ q ∈ {{ &x_0 + {100} }}
+ r ∈ {{ &x_0 + {100} }}
+[eva:final-states] Values at end of function main5_wrap_signed:
+ x_0 ∈ [100000..2147483647]
+ y ∈ [100145..2147483792]
+ z ∈ [--..--]
+[eva:final-states] Values at end of function main6_val_warn_converted_signed:
+
+[eva:final-states] Values at end of function main7_signed_upcast:
+ c ∈ {240}
+ i ∈ {240}
+[eva:final-states] Values at end of function main8_bitfields:
+ S.i1 ∈ {65}
+ .i2 ∈ {-1} or UNINITIALIZED
+ .[bits 24 to 31] ∈ UNINITIALIZED
+ c ∈ {-1; 65} or UNINITIALIZED
+[eva:final-states] Values at end of function main9_bitfield:
+ bf.a ∈ {1648}
+ .[bits 11 to 31] ∈ UNINITIALIZED
+ c ∈ UNINITIALIZED
+[eva:final-states] Values at end of function main:
+ sz ∈ [--..--]
+ uc ∈ [--..--]
+ x ∈ [--..--]
+ ux ∈ [--..--]
+ s ∈ [--..--]
+[from] Computing for function main1
+[from] Done for function main1
+[from] Computing for function main10_loop
+[from] Done for function main10_loop
+[from] Computing for function main2_bitfield
+[from] Done for function main2_bitfield
+[from] Computing for function main3_reduction
+[from] Done for function main3_reduction
+[from] Computing for function main4_pointer
+[from] Done for function main4_pointer
+[from] Computing for function main5_wrap_signed
+[from] Done for function main5_wrap_signed
+[from] Computing for function main6_val_warn_converted_signed
+[from] Done for function main6_val_warn_converted_signed
+[from] Computing for function main7_signed_upcast
+[from] Done for function main7_signed_upcast
+[from] Computing for function main8_bitfields
+[from] Done for function main8_bitfields
+[from] Computing for function main9_bitfield
+[from] Done for function main9_bitfield
+[from] Computing for function main
+[from] Done for function main
+[from] ====== DEPENDENCIES COMPUTED ======
+ These dependencies hold at termination for the executions that terminate:
+[from] Function main1:
+ sz FROM sx; sy
+ uc FROM x
+ x FROM uy; uz
+ ux FROM uy; uz
+ s FROM uy; uz
+[from] Function main10_loop:
+ NO EFFECTS
+[from] Function main2_bitfield:
+ NO EFFECTS
+[from] Function main3_reduction:
+ NO EFFECTS
+[from] Function main4_pointer:
+ NO EFFECTS
+[from] Function main5_wrap_signed:
+ NO EFFECTS
+[from] Function main6_val_warn_converted_signed:
+ NO EFFECTS
+[from] Function main7_signed_upcast:
+ NO EFFECTS
+[from] Function main8_bitfields:
+ NO EFFECTS
+[from] Function main9_bitfield:
+ NO EFFECTS
+[from] Function main:
+ sz FROM sx; sy
+ uc FROM x
+ x FROM uy; uz
+ ux FROM uy; uz
+ s FROM uy; uz
+[from] ====== END OF DEPENDENCIES ======
+[inout] Out (internal) for function main1:
+ sz; uc; x; ux; s
+[inout] Inputs for function main1:
+ sx; sy; x; uy; uz
+[inout] Out (internal) for function main10_loop:
+ c; bf.b; k
+[inout] Inputs for function main10_loop:
+ v
+[inout] Out (internal) for function main2_bitfield:
+ i; j; ss{.i; .j}
+[inout] Inputs for function main2_bitfield:
+ v
+[inout] Out (internal) for function main3_reduction:
+ x_0; c; y; d
+[inout] Inputs for function main3_reduction:
+ v
+[inout] Out (internal) for function main4_pointer:
+ p; q; r
+[inout] Inputs for function main4_pointer:
+ \nothing
+[inout] Out (internal) for function main5_wrap_signed:
+ x_0; y; z
+[inout] Inputs for function main5_wrap_signed:
+ v
+[inout] Out (internal) for function main6_val_warn_converted_signed:
+ s_0; u; e; b; e_0; b_0; e_1; b_1; p; x_0; y; z
+[inout] Inputs for function main6_val_warn_converted_signed:
+ v
+[inout] Out (internal) for function main7_signed_upcast:
+ c; i
+[inout] Inputs for function main7_signed_upcast:
+ \nothing
+[inout] Out (internal) for function main8_bitfields:
+ S{.i1; .i2}; c
+[inout] Inputs for function main8_bitfields:
+ v
+[inout] Out (internal) for function main9_bitfield:
+ bf.a; signed_a; c
+[inout] Inputs for function main9_bitfield:
+ v
+[inout] Out (internal) for function main:
+ sz; uc; x; ux; s
+[inout] Inputs for function main:
+ sx; sy; x; uy; uz; v
diff --git a/tests/value/oracle/downcast.4.res.oracle b/tests/value/oracle/downcast.4.res.oracle
new file mode 100644
index 0000000000000000000000000000000000000000..b2070c3d348f6208a80e688e7ae51a13d6f69a70
--- /dev/null
+++ b/tests/value/oracle/downcast.4.res.oracle
@@ -0,0 +1,226 @@
+[kernel] Parsing tests/value/downcast.i (no preprocessing)
+[eva] Analyzing an incomplete application starting at main
+[eva] Computing initial state
+[eva] Initial state computed
+[eva:initial-state] Values of globals at initialization
+ sx ∈ [--..--]
+ sy ∈ [--..--]
+ sz ∈ [--..--]
+ uc ∈ [--..--]
+ x ∈ [--..--]
+ ux ∈ [--..--]
+ uy ∈ [--..--]
+ uz ∈ [--..--]
+ s ∈ [--..--]
+ v ∈ [--..--]
+[eva] computing for function main1 <- main.
+ Called from tests/value/downcast.i:156.
+[eva] Recording results for main1
+[eva] Done for function main1
+[eva] computing for function main2_bitfield <- main.
+ Called from tests/value/downcast.i:157.
+[eva] Recording results for main2_bitfield
+[eva] Done for function main2_bitfield
+[eva] computing for function main3_reduction <- main.
+ Called from tests/value/downcast.i:158.
+[eva] Recording results for main3_reduction
+[eva] Done for function main3_reduction
+[eva] computing for function main4_pointer <- main.
+ Called from tests/value/downcast.i:159.
+[eva:alarm] tests/value/downcast.i:54: Warning:
+ signed overflow. assert -9223372036854775808 ≤ p + 100;
+[eva:alarm] tests/value/downcast.i:54: Warning:
+ signed overflow. assert p + 100 ≤ 9223372036854775807;
+[eva] Recording results for main4_pointer
+[eva] Done for function main4_pointer
+[eva] computing for function main5_wrap_signed <- main.
+ Called from tests/value/downcast.i:160.
+[eva:alarm] tests/value/downcast.i:62: Warning:
+ assertion 'ASSUME' got status unknown.
+[eva] tests/value/downcast.i:63: assertion got status valid.
+[eva] tests/value/downcast.i:67:
+ Frama_C_show_each:
+ [100000..2147483647], [100145..2147483792], [-2147483648..2147483647]
+[eva:alarm] tests/value/downcast.i:68: Warning: assertion got status unknown.
+[eva] Recording results for main5_wrap_signed
+[eva] Done for function main5_wrap_signed
+[eva] computing for function main6_val_warn_converted_signed <- main.
+ Called from tests/value/downcast.i:161.
+[eva] tests/value/downcast.i:96:
+ Assigning imprecise value to y.
+ The imprecision originates from Arithmetic {tests/value/downcast.i:96}
+[eva] tests/value/downcast.i:97:
+ Assigning imprecise value to z.
+ The imprecision originates from Arithmetic {tests/value/downcast.i:97}
+[eva] Recording results for main6_val_warn_converted_signed
+[eva] Done for function main6_val_warn_converted_signed
+[eva] computing for function main7_signed_upcast <- main.
+ Called from tests/value/downcast.i:162.
+[eva] Recording results for main7_signed_upcast
+[eva] Done for function main7_signed_upcast
+[eva] computing for function main8_bitfields <- main.
+ Called from tests/value/downcast.i:163.
+[eva] Recording results for main8_bitfields
+[eva] Done for function main8_bitfields
+[eva] computing for function main9_bitfield <- main.
+ Called from tests/value/downcast.i:164.
+[eva] tests/value/downcast.i:138: assertion got status valid.
+[eva] Recording results for main9_bitfield
+[eva] Done for function main9_bitfield
+[eva] computing for function main10_loop <- main.
+ Called from tests/value/downcast.i:165.
+[eva] tests/value/downcast.i:149: starting to merge loop iterations
+[eva] Recording results for main10_loop
+[eva] Done for function main10_loop
+[eva] Recording results for main
+[eva] done for function main
+[eva] ====== VALUES COMPUTED ======
+[eva:final-states] Values at end of function main1:
+ sz ∈ [--..--]
+ uc ∈ [--..--]
+ x ∈ [--..--]
+ ux ∈ [--..--]
+ s ∈ [--..--]
+[eva:final-states] Values at end of function main10_loop:
+ c ∈ [--..--] or UNINITIALIZED
+ bf.b ∈ [--..--] or UNINITIALIZED
+ .[bits 10 to 31] ∈ UNINITIALIZED
+ k ∈ {10}
+[eva:final-states] Values at end of function main2_bitfield:
+ i ∈ {117}
+ j ∈ {254}
+ ss.i ∈ {-11} or UNINITIALIZED
+ .j ∈ {30} or UNINITIALIZED
+ .[bits 10 to 31] ∈ UNINITIALIZED
+[eva:final-states] Values at end of function main3_reduction:
+ x_0 ∈ [--..--]
+ c ∈ [--..--]
+ y ∈ [--..--]
+ d ∈ [--..--]
+[eva:final-states] Values at end of function main4_pointer:
+ p ∈ {{ &x_0 + {100} }}
+ q ∈ {{ &x_0 + {100} }}
+ r ∈ {{ &x_0 + {100} }}
+[eva:final-states] Values at end of function main5_wrap_signed:
+ x_0 ∈ [100000..2147483647]
+ y ∈ [100145..2147483792]
+ z ∈ [--..--]
+[eva:final-states] Values at end of function main6_val_warn_converted_signed:
+
+[eva:final-states] Values at end of function main7_signed_upcast:
+ c ∈ {240}
+ i ∈ {240}
+[eva:final-states] Values at end of function main8_bitfields:
+ S.i1 ∈ {65}
+ .i2 ∈ {-1; 1} or UNINITIALIZED
+ .[bits 24 to 31] ∈ UNINITIALIZED
+ c ∈ {-1; 1; 65} or UNINITIALIZED
+[eva:final-states] Values at end of function main9_bitfield:
+ bf.a ∈ {1648}
+ .[bits 11 to 31] ∈ UNINITIALIZED
+ c ∈ {112} or UNINITIALIZED
+[eva:final-states] Values at end of function main:
+ sz ∈ [--..--]
+ uc ∈ [--..--]
+ x ∈ [--..--]
+ ux ∈ [--..--]
+ s ∈ [--..--]
+[from] Computing for function main1
+[from] Done for function main1
+[from] Computing for function main10_loop
+[from] Done for function main10_loop
+[from] Computing for function main2_bitfield
+[from] Done for function main2_bitfield
+[from] Computing for function main3_reduction
+[from] Done for function main3_reduction
+[from] Computing for function main4_pointer
+[from] Done for function main4_pointer
+[from] Computing for function main5_wrap_signed
+[from] Done for function main5_wrap_signed
+[from] Computing for function main6_val_warn_converted_signed
+[from] Done for function main6_val_warn_converted_signed
+[from] Computing for function main7_signed_upcast
+[from] Done for function main7_signed_upcast
+[from] Computing for function main8_bitfields
+[from] Done for function main8_bitfields
+[from] Computing for function main9_bitfield
+[from] Done for function main9_bitfield
+[from] Computing for function main
+[from] Done for function main
+[from] ====== DEPENDENCIES COMPUTED ======
+ These dependencies hold at termination for the executions that terminate:
+[from] Function main1:
+ sz FROM sx; sy
+ uc FROM x
+ x FROM uy; uz
+ ux FROM uy; uz
+ s FROM uy; uz
+[from] Function main10_loop:
+ NO EFFECTS
+[from] Function main2_bitfield:
+ NO EFFECTS
+[from] Function main3_reduction:
+ NO EFFECTS
+[from] Function main4_pointer:
+ NO EFFECTS
+[from] Function main5_wrap_signed:
+ NO EFFECTS
+[from] Function main6_val_warn_converted_signed:
+ NO EFFECTS
+[from] Function main7_signed_upcast:
+ NO EFFECTS
+[from] Function main8_bitfields:
+ NO EFFECTS
+[from] Function main9_bitfield:
+ NO EFFECTS
+[from] Function main:
+ sz FROM sx; sy
+ uc FROM x
+ x FROM uy; uz
+ ux FROM uy; uz
+ s FROM uy; uz
+[from] ====== END OF DEPENDENCIES ======
+[inout] Out (internal) for function main1:
+ sz; uc; x; ux; s
+[inout] Inputs for function main1:
+ sx; sy; x; uy; uz
+[inout] Out (internal) for function main10_loop:
+ c; bf.b; k
+[inout] Inputs for function main10_loop:
+ v
+[inout] Out (internal) for function main2_bitfield:
+ i; j; ss{.i; .j}
+[inout] Inputs for function main2_bitfield:
+ v
+[inout] Out (internal) for function main3_reduction:
+ x_0; c; y; d
+[inout] Inputs for function main3_reduction:
+ v
+[inout] Out (internal) for function main4_pointer:
+ p; q; r
+[inout] Inputs for function main4_pointer:
+ \nothing
+[inout] Out (internal) for function main5_wrap_signed:
+ x_0; y; z
+[inout] Inputs for function main5_wrap_signed:
+ v
+[inout] Out (internal) for function main6_val_warn_converted_signed:
+ s_0; u; e; b; e_0; b_0; e_1; b_1; p; x_0; y; z
+[inout] Inputs for function main6_val_warn_converted_signed:
+ v
+[inout] Out (internal) for function main7_signed_upcast:
+ c; i
+[inout] Inputs for function main7_signed_upcast:
+ \nothing
+[inout] Out (internal) for function main8_bitfields:
+ S{.i1; .i2}; c
+[inout] Inputs for function main8_bitfields:
+ v
+[inout] Out (internal) for function main9_bitfield:
+ bf.a; signed_a; c
+[inout] Inputs for function main9_bitfield:
+ v
+[inout] Out (internal) for function main:
+ sz; uc; x; ux; s
+[inout] Inputs for function main:
+ sx; sy; x; uy; uz; v
diff --git a/tests/value/oracle/downcast.res.oracle b/tests/value/oracle/downcast.res.oracle
deleted file mode 100644
index 18b563a5f18a5c227a7f0f3e1f69a537e4b39aad..0000000000000000000000000000000000000000
--- a/tests/value/oracle/downcast.res.oracle
+++ /dev/null
@@ -1,1812 +0,0 @@
-[kernel] Parsing tests/value/downcast.i (no preprocessing)
-[eva] Analyzing an incomplete application starting at main
-[eva] Computing initial state
-[eva] Initial state computed
-[eva:initial-state] Values of globals at initialization
- sx ∈ [--..--]
- sy ∈ [--..--]
- sz ∈ [--..--]
- uc ∈ [--..--]
- x ∈ [--..--]
- ux ∈ [--..--]
- uy ∈ [--..--]
- uz ∈ [--..--]
- s ∈ [--..--]
- v ∈ [--..--]
-[eva] computing for function main1 <- main.
- Called from tests/value/downcast.i:152.
-[eva:alarm] tests/value/downcast.i:19: Warning:
- signed downcast. assert -128 ≤ (int)((int)sx + (int)sy);
-[eva:alarm] tests/value/downcast.i:19: Warning:
- signed downcast. assert (int)((int)sx + (int)sy) ≤ 127;
-[eva:alarm] tests/value/downcast.i:22: Warning:
- signed downcast. assert (unsigned int)(uy + uz) ≤ 2147483647;
-[eva] Recording results for main1
-[eva] Done for function main1
-[eva] computing for function main2_bitfield <- main.
- Called from tests/value/downcast.i:153.
-[eva:alarm] tests/value/downcast.i:32: Warning:
- signed downcast. assert i ≤ 15;
-[eva] Recording results for main2_bitfield
-[eva] Done for function main2_bitfield
-[eva] computing for function main3_reduction <- main.
- Called from tests/value/downcast.i:154.
-[eva:alarm] tests/value/downcast.i:38: Warning:
- signed downcast. assert -128 ≤ x_0;
-[eva:alarm] tests/value/downcast.i:38: Warning:
- signed downcast. assert x_0 ≤ 127;
-[eva] Recording results for main3_reduction
-[eva] Done for function main3_reduction
-[eva] computing for function main4_pointer <- main.
- Called from tests/value/downcast.i:155.
-[eva:alarm] tests/value/downcast.i:50: Warning:
- signed overflow. assert -9223372036854775808 ≤ p + (long long)100;
-[eva:alarm] tests/value/downcast.i:50: Warning:
- signed overflow. assert p + (long long)100 ≤ 9223372036854775807;
-[eva:alarm] tests/value/downcast.i:52: Warning:
- signed downcast. assert -2147483648 ≤ p;
-[eva:alarm] tests/value/downcast.i:52: Warning:
- signed downcast. assert p ≤ 2147483647;
-[eva] Recording results for main4_pointer
-[eva] Done for function main4_pointer
-[eva] computing for function main5_wrap_signed <- main.
- Called from tests/value/downcast.i:156.
-[eva:alarm] tests/value/downcast.i:58: Warning:
- assertion 'ASSUME' got status unknown.
-[eva] tests/value/downcast.i:59: assertion got status valid.
-[eva:alarm] tests/value/downcast.i:62: Warning:
- signed downcast. assert y ≤ 2147483647;
-[eva] tests/value/downcast.i:63:
- Frama_C_show_each:
- [100000..2147483647], [100145..2147483647], [100145..2147483647]
-[eva] tests/value/downcast.i:64: assertion got status valid.
-[eva] Recording results for main5_wrap_signed
-[eva] Done for function main5_wrap_signed
-[eva] computing for function main6_val_warn_converted_signed <- main.
- Called from tests/value/downcast.i:157.
-[eva:alarm] tests/value/downcast.i:71: Warning:
- signed downcast. assert 65300u ≤ 32767;
-[eva:alarm] tests/value/downcast.i:82: Warning:
- signed downcast. assert e_0 ≤ 32767;
-[eva:alarm] tests/value/downcast.i:87: Warning:
- signed downcast. assert e_1 ≤ 32767;
-[eva:alarm] tests/value/downcast.i:91: Warning:
- signed downcast. assert p ≤ 2147483647;
-[eva:alarm] tests/value/downcast.i:92: Warning:
- signed downcast. assert p ≤ 32767;
-[eva] tests/value/downcast.i:93:
- Assigning imprecise value to z.
- The imprecision originates from Arithmetic {tests/value/downcast.i:93}
-[eva] Recording results for main6_val_warn_converted_signed
-[eva] Done for function main6_val_warn_converted_signed
-[eva] computing for function main7_signed_upcast <- main.
- Called from tests/value/downcast.i:158.
-[eva] Recording results for main7_signed_upcast
-[eva] Done for function main7_signed_upcast
-[eva] computing for function main8_bitfields <- main.
- Called from tests/value/downcast.i:159.
-[eva:alarm] tests/value/downcast.i:114: Warning:
- signed downcast. assert S.i1 ≤ 31;
-[eva:alarm] tests/value/downcast.i:115: Warning:
- signed downcast. assert S.i1 ≤ 127;
-[eva:alarm] tests/value/downcast.i:119: Warning:
- signed downcast. assert S.i1 ≤ 31;
-[eva:alarm] tests/value/downcast.i:120: Warning:
- signed downcast. assert S.i1 ≤ 127;
-[eva:alarm] tests/value/downcast.i:124: Warning:
- signed downcast. assert S.i1 ≤ 31;
-[eva] Recording results for main8_bitfields
-[eva] Done for function main8_bitfields
-[eva] computing for function main9_bitfield <- main.
- Called from tests/value/downcast.i:160.
-[eva:alarm] tests/value/downcast.i:133: Warning:
- signed downcast. assert bf.a ≤ 1023;
-[eva:alarm] tests/value/downcast.i:137: Warning:
- signed downcast. assert bf.a ≤ 127;
-[eva] Recording results for main9_bitfield
-[eva] Done for function main9_bitfield
-[eva] computing for function main10_loop <- main.
- Called from tests/value/downcast.i:161.
-[eva:alarm] tests/value/downcast.i:147: Warning:
- signed downcast. assert bf.b ≤ 127;
-[eva] tests/value/downcast.i:145: starting to merge loop iterations
-[eva] Recording results for main10_loop
-[eva] Done for function main10_loop
-[eva] Recording results for main
-[eva] done for function main
-[eva] tests/value/downcast.i:32:
- assertion 'Eva,signed_downcast' got final status invalid.
-[eva] tests/value/downcast.i:71:
- assertion 'Eva,signed_downcast' got final status invalid.
-[eva] tests/value/downcast.i:82:
- assertion 'Eva,signed_downcast' got final status invalid.
-[eva] tests/value/downcast.i:87:
- assertion 'Eva,signed_downcast' got final status invalid.
-[eva] tests/value/downcast.i:114:
- assertion 'Eva,signed_downcast' got final status invalid.
-[eva] tests/value/downcast.i:115:
- assertion 'Eva,signed_downcast' got final status invalid.
-[eva] tests/value/downcast.i:119:
- assertion 'Eva,signed_downcast' got final status invalid.
-[eva] tests/value/downcast.i:120:
- assertion 'Eva,signed_downcast' got final status invalid.
-[eva] tests/value/downcast.i:124:
- assertion 'Eva,signed_downcast' got final status invalid.
-[eva] tests/value/downcast.i:133:
- assertion 'Eva,signed_downcast' got final status invalid.
-[eva] tests/value/downcast.i:137:
- assertion 'Eva,signed_downcast' got final status invalid.
-[eva] ====== VALUES COMPUTED ======
-[eva:final-states] Values at end of function main1:
- sz ∈ [--..--]
- uc ∈ [--..--]
- x ∈ [0..2147483647]
- ux ∈ [--..--]
- s ∈ [--..--]
-[eva:final-states] Values at end of function main10_loop:
- c ∈ [0..127] or UNINITIALIZED
- bf.b ∈ [--..--] or UNINITIALIZED
- .[bits 10 to 31] ∈ UNINITIALIZED
- k ∈ {10}
-[eva:final-states] Values at end of function main2_bitfield:
- i ∈ {117}
- j ∈ {254}
- ss.i ∈ UNINITIALIZED
- .j ∈ {30} or UNINITIALIZED
- .[bits 10 to 31] ∈ UNINITIALIZED
-[eva:final-states] Values at end of function main3_reduction:
- x_0 ∈ [-128..127]
- c ∈ [--..--]
- y ∈ [--..--]
- d ∈ [--..--]
-[eva:final-states] Values at end of function main4_pointer:
- p ∈ {{ &x_0 + {100} }}
- q ∈ {{ &x_0 + {100} }}
- r ∈ {{ &x_0 + {100} }}
-[eva:final-states] Values at end of function main5_wrap_signed:
- x_0 ∈ [100000..2147483647]
- y ∈ [100145..2147483647]
- z ∈ [100145..2147483647]
-[eva:final-states] Values at end of function main6_val_warn_converted_signed:
-
-[eva:final-states] Values at end of function main7_signed_upcast:
- c ∈ {240}
- i ∈ {240}
-[eva:final-states] Values at end of function main8_bitfields:
- S.i1 ∈ {65}
- {.i2; .[bits 24 to 31]} ∈ UNINITIALIZED
- c ∈ {65} or UNINITIALIZED
-[eva:final-states] Values at end of function main9_bitfield:
- bf.a ∈ {1648}
- .[bits 11 to 31] ∈ UNINITIALIZED
- c ∈ UNINITIALIZED
-[eva:final-states] Values at end of function main:
- sz ∈ [--..--]
- uc ∈ [--..--]
- x ∈ [0..2147483647]
- ux ∈ [--..--]
- s ∈ [--..--]
-[from] Computing for function main1
-[from] Done for function main1
-[from] Computing for function main10_loop
-[from] Done for function main10_loop
-[from] Computing for function main2_bitfield
-[from] Done for function main2_bitfield
-[from] Computing for function main3_reduction
-[from] Done for function main3_reduction
-[from] Computing for function main4_pointer
-[from] Done for function main4_pointer
-[from] Computing for function main5_wrap_signed
-[from] Done for function main5_wrap_signed
-[from] Computing for function main6_val_warn_converted_signed
-[from] Done for function main6_val_warn_converted_signed
-[from] Computing for function main7_signed_upcast
-[from] Done for function main7_signed_upcast
-[from] Computing for function main8_bitfields
-[from] Done for function main8_bitfields
-[from] Computing for function main9_bitfield
-[from] Done for function main9_bitfield
-[from] Computing for function main
-[from] Done for function main
-[from] ====== DEPENDENCIES COMPUTED ======
- These dependencies hold at termination for the executions that terminate:
-[from] Function main1:
- sz FROM sx; sy
- uc FROM x
- x FROM uy; uz
- ux FROM uy; uz
- s FROM uy; uz
-[from] Function main10_loop:
- NO EFFECTS
-[from] Function main2_bitfield:
- NO EFFECTS
-[from] Function main3_reduction:
- NO EFFECTS
-[from] Function main4_pointer:
- NO EFFECTS
-[from] Function main5_wrap_signed:
- NO EFFECTS
-[from] Function main6_val_warn_converted_signed:
- NO EFFECTS
-[from] Function main7_signed_upcast:
- NO EFFECTS
-[from] Function main8_bitfields:
- NO EFFECTS
-[from] Function main9_bitfield:
- NO EFFECTS
-[from] Function main:
- sz FROM sx; sy
- uc FROM x
- x FROM uy; uz
- ux FROM uy; uz
- s FROM uy; uz
-[from] ====== END OF DEPENDENCIES ======
-[inout] Out (internal) for function main1:
- sz; uc; x; ux; s
-[inout] Inputs for function main1:
- sx; sy; x; uy; uz
-[inout] Out (internal) for function main10_loop:
- c; bf.b; k
-[inout] Inputs for function main10_loop:
- v
-[inout] Out (internal) for function main2_bitfield:
- i; j; ss{.i; .j}
-[inout] Inputs for function main2_bitfield:
- v
-[inout] Out (internal) for function main3_reduction:
- x_0; c; y; d
-[inout] Inputs for function main3_reduction:
- v
-[inout] Out (internal) for function main4_pointer:
- p; q; r
-[inout] Inputs for function main4_pointer:
- \nothing
-[inout] Out (internal) for function main5_wrap_signed:
- x_0; y; z
-[inout] Inputs for function main5_wrap_signed:
- v
-[inout] Out (internal) for function main6_val_warn_converted_signed:
- s_0; u; e; b; e_0; b_0; e_1; b_1; p; x_0; y; z
-[inout] Inputs for function main6_val_warn_converted_signed:
- v
-[inout] Out (internal) for function main7_signed_upcast:
- c; i
-[inout] Inputs for function main7_signed_upcast:
- \nothing
-[inout] Out (internal) for function main8_bitfields:
- S{.i1; .i2}; c
-[inout] Inputs for function main8_bitfields:
- v
-[inout] Out (internal) for function main9_bitfield:
- bf.a; signed_a; c
-[inout] Inputs for function main9_bitfield:
- v
-[inout] Out (internal) for function main:
- sz; uc; x; ux; s
-[inout] Inputs for function main:
- sx; sy; x; uy; uz; v
-[report] Computing properties status...
-
---------------------------------------------------------------------------------
---- Properties of Function 'main1'
---------------------------------------------------------------------------------
-
-[ - ] Assertion 'Eva,signed_downcast' (file tests/value/downcast.i, line 19)
- tried with Eva.
-[ - ] Assertion 'Eva,signed_downcast' (file tests/value/downcast.i, line 19)
- tried with Eva.
-[ - ] Assertion 'Eva,signed_downcast' (file tests/value/downcast.i, line 22)
- tried with Eva.
-
---------------------------------------------------------------------------------
---- Properties of Function 'main2_bitfield'
---------------------------------------------------------------------------------
-
-[ Alarm ] Assertion 'Eva,signed_downcast' (file tests/value/downcast.i, line 32)
- By Eva, with pending:
- - Unreachable instruction (file tests/value/downcast.i, line 32)
-
---------------------------------------------------------------------------------
---- Properties of Function 'main3_reduction'
---------------------------------------------------------------------------------
-
-[ - ] Assertion 'Eva,signed_downcast' (file tests/value/downcast.i, line 38)
- tried with Eva.
-[ - ] Assertion 'Eva,signed_downcast' (file tests/value/downcast.i, line 38)
- tried with Eva.
-
---------------------------------------------------------------------------------
---- Properties of Function 'main4_pointer'
---------------------------------------------------------------------------------
-
-[ - ] Assertion 'Eva,signed_overflow' (file tests/value/downcast.i, line 50)
- tried with Eva.
-[ - ] Assertion 'Eva,signed_overflow' (file tests/value/downcast.i, line 50)
- tried with Eva.
-[ - ] Assertion 'Eva,signed_downcast' (file tests/value/downcast.i, line 52)
- tried with Eva.
-[ - ] Assertion 'Eva,signed_downcast' (file tests/value/downcast.i, line 52)
- tried with Eva.
-
---------------------------------------------------------------------------------
---- Properties of Function 'main5_wrap_signed'
---------------------------------------------------------------------------------
-
-[ - ] Assertion 'ASSUME' (file tests/value/downcast.i, line 58)
- tried with Eva.
-[ Valid ] Assertion (file tests/value/downcast.i, line 59)
- by Eva.
-[ Valid ] Assertion (file tests/value/downcast.i, line 64)
- by Eva.
-[ - ] Assertion 'Eva,signed_downcast' (file tests/value/downcast.i, line 62)
- tried with Eva.
-
---------------------------------------------------------------------------------
---- Properties of Function 'main6_val_warn_converted_signed'
---------------------------------------------------------------------------------
-
-[ Alarm ] Assertion 'Eva,signed_downcast' (file tests/value/downcast.i, line 71)
- By Eva, with pending:
- - Unreachable initialization of 's_0' (file tests/value/downcast.i, line 71)
-[ Alarm ] Assertion 'Eva,signed_downcast' (file tests/value/downcast.i, line 82)
- By Eva, with pending:
- - Unreachable initialization of 'b_0' (file tests/value/downcast.i, line 82)
-[ Alarm ] Assertion 'Eva,signed_downcast' (file tests/value/downcast.i, line 87)
- By Eva, with pending:
- - Unreachable initialization of 'b_1' (file tests/value/downcast.i, line 87)
-[ - ] Assertion 'Eva,signed_downcast' (file tests/value/downcast.i, line 91)
- tried with Eva.
-[ - ] Assertion 'Eva,signed_downcast' (file tests/value/downcast.i, line 92)
- tried with Eva.
-
---------------------------------------------------------------------------------
---- Properties of Function 'main8_bitfields'
---------------------------------------------------------------------------------
-
-[ Alarm ] Assertion 'Eva,signed_downcast' (file tests/value/downcast.i, line 114)
- By Eva, with pending:
- - Unreachable instruction (file tests/value/downcast.i, line 114)
-[ Alarm ] Assertion 'Eva,signed_downcast' (file tests/value/downcast.i, line 115)
- By Eva, with pending:
- - Unreachable instruction (file tests/value/downcast.i, line 115)
-[ Alarm ] Assertion 'Eva,signed_downcast' (file tests/value/downcast.i, line 119)
- By Eva, with pending:
- - Unreachable instruction (file tests/value/downcast.i, line 119)
-[ Alarm ] Assertion 'Eva,signed_downcast' (file tests/value/downcast.i, line 120)
- By Eva, with pending:
- - Unreachable instruction (file tests/value/downcast.i, line 120)
-[ Alarm ] Assertion 'Eva,signed_downcast' (file tests/value/downcast.i, line 124)
- By Eva, with pending:
- - Unreachable instruction (file tests/value/downcast.i, line 124)
-
---------------------------------------------------------------------------------
---- Properties of Function 'main9_bitfield'
---------------------------------------------------------------------------------
-
-[ Dead ] Assertion (file tests/value/downcast.i, line 134)
- Locally valid, but unreachable.
- By Eva because:
- - Unreachable program point (file tests/value/downcast.i, line 134)
-[ Alarm ] Assertion 'Eva,signed_downcast' (file tests/value/downcast.i, line 133)
- By Eva, with pending:
- - Unreachable initialization of 'signed_a' (file tests/value/downcast.i, line 133)
-[ Alarm ] Assertion 'Eva,signed_downcast' (file tests/value/downcast.i, line 137)
- By Eva, with pending:
- - Unreachable instruction (file tests/value/downcast.i, line 137)
-[Unreachable] Unreachable program point (file tests/value/downcast.i, line 134)
- by Eva.
-
---------------------------------------------------------------------------------
---- Properties of Function 'main10_loop'
---------------------------------------------------------------------------------
-
-[ - ] Assertion 'Eva,signed_downcast' (file tests/value/downcast.i, line 147)
- tried with Eva.
-
---------------------------------------------------------------------------------
---- Status Report Summary
---------------------------------------------------------------------------------
- 2 Completely validated
- 14 To be validated
- 11 Alarms emitted
- 1 Dead property
- 1 Unreachable
- 29 Total
---------------------------------------------------------------------------------
-/* Generated by Frama-C */
-struct s {
- int i : 5 ;
- unsigned int j : 5 ;
-};
-struct bitf {
- unsigned int i1 : 18 ;
- int i2 : 6 ;
-};
-struct __anonstruct_bf_1 {
- unsigned int a : 11 ;
-};
-struct __anonstruct_bf_2 {
- unsigned int b : 10 ;
-};
-signed char sx;
-signed char sy;
-signed char sz;
-unsigned char uc;
-int x;
-unsigned int ux;
-unsigned int uy;
-unsigned int uz;
-unsigned short s;
-int volatile v;
-void main1(void)
-{
- /*@ assert Eva: signed_downcast: -128 ≤ (int)((int)sx + (int)sy); */
- /*@ assert Eva: signed_downcast: (int)((int)sx + (int)sy) ≤ 127; */
- sz = (signed char)((int)sx + (int)sy);
- uc = (unsigned char)((int)sx + (int)sy);
- uc = (unsigned char)x;
- /*@ assert Eva: signed_downcast: (unsigned int)(uy + uz) ≤ 2147483647; */
- x = (int)(uy + uz);
- ux = uy + uz;
- s = (unsigned short)(uy + uz);
- return;
-}
-
-void main2_bitfield(void)
-{
- struct s ss;
- int i = 117;
- unsigned int j = (unsigned int)254;
- if (v)
- /*@ assert Eva: signed_downcast: i ≤ 15; */
- ss.i = (int)i;
- if (v) ss.j = (unsigned int)j;
- return;
-}
-
-void main3_reduction(void)
-{
- int x_0 = v;
- /*@ assert Eva: signed_downcast: -128 ≤ x_0; */
- /*@ assert Eva: signed_downcast: x_0 ≤ 127; */
- char c = (char)x_0;
- unsigned int y = (unsigned int)v;
- unsigned char d = (unsigned char)y;
- return;
-}
-
-void main4_pointer(void)
-{
- int x_0;
- long long p = (long long)(& x_0);
- /*@ assert
- Eva: signed_overflow: -9223372036854775808 ≤ p + (long long)100;
- */
- /*@ assert
- Eva: signed_overflow: p + (long long)100 ≤ 9223372036854775807;
- */
- p += (long long)100;
- unsigned int q = (unsigned int)p;
- /*@ assert Eva: signed_downcast: -2147483648 ≤ p; */
- /*@ assert Eva: signed_downcast: p ≤ 2147483647; */
- int r = (int)p;
- return;
-}
-
-/*@ assigns \result;
- assigns \result \from \nothing; */
-extern int ( /* missing proto */ Frama_C_show_each)();
-
-void main5_wrap_signed(void)
-{
- int x_0 = v;
- /*@ assert ASSUME: x_0 ≥ 100000; */ ;
- /*@ assert x_0 > 0x7FFFFFFF - 145 ∨ x_0 ≤ 0x7FFFFFFF - 145; */ ;
- unsigned int y = (unsigned int)x_0;
- y += (unsigned int)145;
- /*@ assert Eva: signed_downcast: y ≤ 2147483647; */
- int z = (int)y;
- Frama_C_show_each(x_0,y,z);
- /*@ assert z ≥ 100000 + 145 ∨ z ≤ (int)(0x7FFFFFFF + 145); */ ;
- return;
-}
-
-void main6_val_warn_converted_signed(void)
-{
- if (v) {
- /*@ assert Eva: signed_downcast: 65300u ≤ 32767; */
- short s_0 = (short)65300u;
- }
- if (v) {
- unsigned short u = (unsigned short)65300u;
- }
- if (v) {
- unsigned long e = (unsigned long)17;
- short b = (short)e;
- }
- if (v) {
- unsigned long e_0 = (unsigned long)(-12);
- /*@ assert Eva: signed_downcast: e_0 ≤ 32767; */
- short b_0 = (short)e_0;
- }
- if (v) {
- unsigned int e_1 = (unsigned int)(-64000);
- /*@ assert Eva: signed_downcast: e_1 ≤ 32767; */
- short b_1 = (short)e_1;
- }
- if (v) {
- int *p = (int *)(& v);
- /*@ assert Eva: signed_downcast: p ≤ 2147483647; */
- int x_0 = (int)p;
- /*@ assert Eva: signed_downcast: p ≤ 32767; */
- short y = (short)p;
- unsigned short z = (unsigned short)p;
- }
- return;
-}
-
-void main7_signed_upcast(void)
-{
- unsigned char c = (unsigned char)240;
- int i = (int)c;
- return;
-}
-
-void main8_bitfields(void)
-{
- struct bitf S;
- signed char c;
- S.i1 = (unsigned int)0x3FFFF;
- if (v)
- /*@ assert Eva: signed_downcast: S.i1 ≤ 31; */
- S.i2 = (int)S.i1;
- if (v)
- /*@ assert Eva: signed_downcast: S.i1 ≤ 127; */
- c = (signed char)S.i1;
- S.i1 = (unsigned int)257u;
- if (v)
- /*@ assert Eva: signed_downcast: S.i1 ≤ 31; */
- S.i2 = (int)S.i1;
- if (v)
- /*@ assert Eva: signed_downcast: S.i1 ≤ 127; */
- c = (signed char)S.i1;
- S.i1 = (unsigned int)65u;
- if (v)
- /*@ assert Eva: signed_downcast: S.i1 ≤ 31; */
- S.i2 = (int)S.i1;
- if (v) c = (signed char)S.i1;
- return;
-}
-
-void main9_bitfield(void)
-{
- struct __anonstruct_bf_1 bf;
- signed char c;
- bf.a = (unsigned int)1648;
- if (v) {
- /*@ assert Eva: signed_downcast: bf.a ≤ 1023; */
- int signed_a = (int)((int)bf.a);
- /*@ assert signed_a ≡ -400; */ ;
- }
- if (v)
- /*@ assert Eva: signed_downcast: bf.a ≤ 127; */
- c = (signed char)bf.a;
- return;
-}
-
-void main10_loop(void)
-{
- signed char c;
- struct __anonstruct_bf_2 bf;
- int k = 0;
- while (k < 10) {
- bf.b = (unsigned int)v;
- if (v)
- /*@ assert Eva: signed_downcast: bf.b ≤ 127; */
- c = (signed char)bf.b;
- k ++;
- }
- return;
-}
-
-void main(void)
-{
- main1();
- main2_bitfield();
- main3_reduction();
- main4_pointer();
- main5_wrap_signed();
- main6_val_warn_converted_signed();
- main7_signed_upcast();
- main8_bitfields();
- main9_bitfield();
- main10_loop();
- return;
-}
-
-
-[eva] Analyzing an incomplete application starting at main
-[eva] Computing initial state
-[eva] Initial state computed
-[eva:initial-state] Values of globals at initialization
- sx ∈ [--..--]
- sy ∈ [--..--]
- sz ∈ [--..--]
- uc ∈ [--..--]
- x ∈ [--..--]
- ux ∈ [--..--]
- uy ∈ [--..--]
- uz ∈ [--..--]
- s ∈ [--..--]
- v ∈ [--..--]
-[eva] computing for function main1 <- main.
- Called from tests/value/downcast.i:152.
-[eva:alarm] tests/value/downcast.i:20: Warning:
- unsigned downcast. assert 0 ≤ (int)((int)sx + (int)sy);
-[eva:alarm] tests/value/downcast.i:21: Warning:
- unsigned downcast. assert 0 ≤ x;
-[eva:alarm] tests/value/downcast.i:21: Warning:
- unsigned downcast. assert x ≤ 255;
-[eva:alarm] tests/value/downcast.i:24: Warning:
- unsigned downcast. assert (unsigned int)(uy + uz) ≤ 65535;
-[eva] Recording results for main1
-[eva] Done for function main1
-[eva] computing for function main2_bitfield <- main.
- Called from tests/value/downcast.i:153.
-[eva:alarm] tests/value/downcast.i:33: Warning:
- unsigned downcast. assert j ≤ 31;
-[eva] Recording results for main2_bitfield
-[eva] Done for function main2_bitfield
-[eva] computing for function main3_reduction <- main.
- Called from tests/value/downcast.i:154.
-[eva:alarm] tests/value/downcast.i:40: Warning:
- unsigned downcast. assert 0 ≤ v;
-[eva:alarm] tests/value/downcast.i:41: Warning:
- unsigned downcast. assert y ≤ 255;
-[eva] Recording results for main3_reduction
-[eva] Done for function main3_reduction
-[eva] computing for function main4_pointer <- main.
- Called from tests/value/downcast.i:155.
-[eva:alarm] tests/value/downcast.i:50: Warning:
- signed overflow. assert -9223372036854775808 ≤ p + (long long)100;
-[eva:alarm] tests/value/downcast.i:50: Warning:
- signed overflow. assert p + (long long)100 ≤ 9223372036854775807;
-[eva:alarm] tests/value/downcast.i:51: Warning:
- unsigned downcast. assert 0 ≤ p;
-[eva:alarm] tests/value/downcast.i:51: Warning:
- unsigned downcast. assert p ≤ 4294967295;
-[eva] Recording results for main4_pointer
-[eva] Done for function main4_pointer
-[eva] computing for function main5_wrap_signed <- main.
- Called from tests/value/downcast.i:156.
-[eva] tests/value/downcast.i:63:
- Frama_C_show_each:
- [100000..2147483647], [100145..2147483792], [-2147483648..2147483647]
-[eva:alarm] tests/value/downcast.i:64: Warning: assertion got status unknown.
-[eva] Recording results for main5_wrap_signed
-[eva] Done for function main5_wrap_signed
-[eva] computing for function main6_val_warn_converted_signed <- main.
- Called from tests/value/downcast.i:157.
-[eva:alarm] tests/value/downcast.i:81: Warning:
- unsigned downcast. assert 0 ≤ (int)(-12);
-[eva:alarm] tests/value/downcast.i:86: Warning:
- unsigned downcast. assert 0 ≤ (int)(-64000);
-[eva] tests/value/downcast.i:92:
- Assigning imprecise value to y.
- The imprecision originates from Arithmetic {tests/value/downcast.i:92}
-[eva:alarm] tests/value/downcast.i:93: Warning:
- unsigned downcast. assert p ≤ 65535;
-[eva] Recording results for main6_val_warn_converted_signed
-[eva] Done for function main6_val_warn_converted_signed
-[eva] computing for function main7_signed_upcast <- main.
- Called from tests/value/downcast.i:158.
-[eva] Recording results for main7_signed_upcast
-[eva] Done for function main7_signed_upcast
-[eva] computing for function main8_bitfields <- main.
- Called from tests/value/downcast.i:159.
-[eva] Recording results for main8_bitfields
-[eva] Done for function main8_bitfields
-[eva] computing for function main9_bitfield <- main.
- Called from tests/value/downcast.i:160.
-[eva] tests/value/downcast.i:134: assertion got status valid.
-[eva] Recording results for main9_bitfield
-[eva] Done for function main9_bitfield
-[eva] computing for function main10_loop <- main.
- Called from tests/value/downcast.i:161.
-[eva:alarm] tests/value/downcast.i:146: Warning:
- unsigned downcast. assert 0 ≤ v;
-[eva:alarm] tests/value/downcast.i:146: Warning:
- unsigned downcast. assert v ≤ 1023;
-[eva] Recording results for main10_loop
-[eva] Done for function main10_loop
-[eva] Recording results for main
-[eva] done for function main
-[eva] tests/value/downcast.i:33:
- assertion 'Eva,unsigned_downcast' got final status invalid.
-[eva] tests/value/downcast.i:81:
- assertion 'Eva,unsigned_downcast' got final status invalid.
-[eva] tests/value/downcast.i:86:
- assertion 'Eva,unsigned_downcast' got final status invalid.
-[eva] ====== VALUES COMPUTED ======
-[eva:final-states] Values at end of function main1:
- sz ∈ [--..--]
- uc ∈ [--..--]
- x ∈ [--..--]
- ux ∈ [--..--]
- s ∈ [--..--]
-[eva:final-states] Values at end of function main10_loop:
- c ∈ [--..--] or UNINITIALIZED
- bf.b ∈ [--..--] or UNINITIALIZED
- .[bits 10 to 31] ∈ UNINITIALIZED
- k ∈ {10}
-[eva:final-states] Values at end of function main2_bitfield:
- i ∈ {117}
- j ∈ {254}
- ss.i ∈ {-11} or UNINITIALIZED
- {.j; .[bits 10 to 31]} ∈ UNINITIALIZED
-[eva:final-states] Values at end of function main3_reduction:
- x_0 ∈ [--..--]
- c ∈ [--..--]
- y ∈ [0..255]
- d ∈ [--..--]
-[eva:final-states] Values at end of function main4_pointer:
- p ∈ {{ &x_0 + {100} }}
- q ∈ {{ &x_0 + {100} }}
- r ∈ {{ &x_0 + {100} }}
-[eva:final-states] Values at end of function main5_wrap_signed:
- x_0 ∈ [100000..2147483647]
- y ∈ [100145..2147483792]
- z ∈ [--..--]
-[eva:final-states] Values at end of function main6_val_warn_converted_signed:
-
-[eva:final-states] Values at end of function main7_signed_upcast:
- c ∈ {240}
- i ∈ {240}
-[eva:final-states] Values at end of function main8_bitfields:
- S.i1 ∈ {65}
- .i2 ∈ {-1; 1} or UNINITIALIZED
- .[bits 24 to 31] ∈ UNINITIALIZED
- c ∈ {-1; 1; 65} or UNINITIALIZED
-[eva:final-states] Values at end of function main9_bitfield:
- bf.a ∈ {1648}
- .[bits 11 to 31] ∈ UNINITIALIZED
- c ∈ {112} or UNINITIALIZED
-[eva:final-states] Values at end of function main:
- sz ∈ [--..--]
- uc ∈ [--..--]
- x ∈ [--..--]
- ux ∈ [--..--]
- s ∈ [--..--]
-[from] Computing for function main1
-[from] Done for function main1
-[from] Computing for function main10_loop
-[from] Done for function main10_loop
-[from] Computing for function main2_bitfield
-[from] Done for function main2_bitfield
-[from] Computing for function main3_reduction
-[from] Done for function main3_reduction
-[from] Computing for function main4_pointer
-[from] Done for function main4_pointer
-[from] Computing for function main5_wrap_signed
-[from] Done for function main5_wrap_signed
-[from] Computing for function main6_val_warn_converted_signed
-[from] Done for function main6_val_warn_converted_signed
-[from] Computing for function main7_signed_upcast
-[from] Done for function main7_signed_upcast
-[from] Computing for function main8_bitfields
-[from] Done for function main8_bitfields
-[from] Computing for function main9_bitfield
-[from] Done for function main9_bitfield
-[from] Computing for function main
-[from] Done for function main
-[from] ====== DEPENDENCIES COMPUTED ======
- These dependencies hold at termination for the executions that terminate:
-[from] Function main1:
- sz FROM sx; sy
- uc FROM x
- x FROM uy; uz
- ux FROM uy; uz
- s FROM uy; uz
-[from] Function main10_loop:
- NO EFFECTS
-[from] Function main2_bitfield:
- NO EFFECTS
-[from] Function main3_reduction:
- NO EFFECTS
-[from] Function main4_pointer:
- NO EFFECTS
-[from] Function main5_wrap_signed:
- NO EFFECTS
-[from] Function main6_val_warn_converted_signed:
- NO EFFECTS
-[from] Function main7_signed_upcast:
- NO EFFECTS
-[from] Function main8_bitfields:
- NO EFFECTS
-[from] Function main9_bitfield:
- NO EFFECTS
-[from] Function main:
- sz FROM sx; sy
- uc FROM x
- x FROM uy; uz
- ux FROM uy; uz
- s FROM uy; uz
-[from] ====== END OF DEPENDENCIES ======
-[inout] Out (internal) for function main1:
- sz; uc; x; ux; s
-[inout] Inputs for function main1:
- sx; sy; x; uy; uz
-[inout] Out (internal) for function main10_loop:
- c; bf.b; k
-[inout] Inputs for function main10_loop:
- v
-[inout] Out (internal) for function main2_bitfield:
- i; j; ss{.i; .j}
-[inout] Inputs for function main2_bitfield:
- v
-[inout] Out (internal) for function main3_reduction:
- x_0; c; y; d
-[inout] Inputs for function main3_reduction:
- v
-[inout] Out (internal) for function main4_pointer:
- p; q; r
-[inout] Inputs for function main4_pointer:
- \nothing
-[inout] Out (internal) for function main5_wrap_signed:
- x_0; y; z
-[inout] Inputs for function main5_wrap_signed:
- v
-[inout] Out (internal) for function main6_val_warn_converted_signed:
- s_0; u; e; b; e_0; e_1; p; x_0; y; z
-[inout] Inputs for function main6_val_warn_converted_signed:
- v
-[inout] Out (internal) for function main7_signed_upcast:
- c; i
-[inout] Inputs for function main7_signed_upcast:
- \nothing
-[inout] Out (internal) for function main8_bitfields:
- S{.i1; .i2}; c
-[inout] Inputs for function main8_bitfields:
- v
-[inout] Out (internal) for function main9_bitfield:
- bf.a; signed_a; c
-[inout] Inputs for function main9_bitfield:
- v
-[inout] Out (internal) for function main:
- sz; uc; x; ux; s
-[inout] Inputs for function main:
- sx; sy; x; uy; uz; v
-[report] Computing properties status...
-
---------------------------------------------------------------------------------
---- Properties of Function 'main1'
---------------------------------------------------------------------------------
-
-[ - ] Assertion 'Eva,unsigned_downcast' (file tests/value/downcast.i, line 20)
- tried with Eva.
-[ - ] Assertion 'Eva,unsigned_downcast' (file tests/value/downcast.i, line 21)
- tried with Eva.
-[ - ] Assertion 'Eva,unsigned_downcast' (file tests/value/downcast.i, line 21)
- tried with Eva.
-[ - ] Assertion 'Eva,unsigned_downcast' (file tests/value/downcast.i, line 24)
- tried with Eva.
-
---------------------------------------------------------------------------------
---- Properties of Function 'main2_bitfield'
---------------------------------------------------------------------------------
-
-[ Alarm ] Assertion 'Eva,unsigned_downcast' (file tests/value/downcast.i, line 33)
- By Eva, with pending:
- - Unreachable instruction (file tests/value/downcast.i, line 33)
-
---------------------------------------------------------------------------------
---- Properties of Function 'main3_reduction'
---------------------------------------------------------------------------------
-
-[ - ] Assertion 'Eva,unsigned_downcast' (file tests/value/downcast.i, line 40)
- tried with Eva.
-[ - ] Assertion 'Eva,unsigned_downcast' (file tests/value/downcast.i, line 41)
- tried with Eva.
-
---------------------------------------------------------------------------------
---- Properties of Function 'main4_pointer'
---------------------------------------------------------------------------------
-
-[ - ] Assertion 'Eva,signed_overflow' (file tests/value/downcast.i, line 50)
- tried with Eva.
-[ - ] Assertion 'Eva,signed_overflow' (file tests/value/downcast.i, line 50)
- tried with Eva.
-[ - ] Assertion 'Eva,unsigned_downcast' (file tests/value/downcast.i, line 51)
- tried with Eva.
-[ - ] Assertion 'Eva,unsigned_downcast' (file tests/value/downcast.i, line 51)
- tried with Eva.
-
---------------------------------------------------------------------------------
---- Properties of Function 'main5_wrap_signed'
---------------------------------------------------------------------------------
-
-[ - ] Assertion 'ASSUME' (file tests/value/downcast.i, line 58)
- tried with Eva.
-[ Valid ] Assertion (file tests/value/downcast.i, line 59)
- by Eva.
-[ - ] Assertion (file tests/value/downcast.i, line 64)
- tried with Eva.
-
---------------------------------------------------------------------------------
---- Properties of Function 'main6_val_warn_converted_signed'
---------------------------------------------------------------------------------
-
-[ Alarm ] Assertion 'Eva,unsigned_downcast' (file tests/value/downcast.i, line 81)
- By Eva, with pending:
- - Unreachable initialization of 'e_0' (file tests/value/downcast.i, line 81)
-[ Alarm ] Assertion 'Eva,unsigned_downcast' (file tests/value/downcast.i, line 86)
- By Eva, with pending:
- - Unreachable initialization of 'e_1' (file tests/value/downcast.i, line 86)
-[ - ] Assertion 'Eva,unsigned_downcast' (file tests/value/downcast.i, line 93)
- tried with Eva.
-
---------------------------------------------------------------------------------
---- Properties of Function 'main9_bitfield'
---------------------------------------------------------------------------------
-
-[ Valid ] Assertion (file tests/value/downcast.i, line 134)
- by Eva.
-
---------------------------------------------------------------------------------
---- Properties of Function 'main10_loop'
---------------------------------------------------------------------------------
-
-[ - ] Assertion 'Eva,unsigned_downcast' (file tests/value/downcast.i, line 146)
- tried with Eva.
-[ - ] Assertion 'Eva,unsigned_downcast' (file tests/value/downcast.i, line 146)
- tried with Eva.
-
---------------------------------------------------------------------------------
---- Status Report Summary
---------------------------------------------------------------------------------
- 2 Completely validated
- 15 To be validated
- 3 Alarms emitted
- 20 Total
---------------------------------------------------------------------------------
-/* Generated by Frama-C */
-struct s {
- int i : 5 ;
- unsigned int j : 5 ;
-};
-struct bitf {
- unsigned int i1 : 18 ;
- int i2 : 6 ;
-};
-struct __anonstruct_bf_1 {
- unsigned int a : 11 ;
-};
-struct __anonstruct_bf_2 {
- unsigned int b : 10 ;
-};
-signed char sx;
-signed char sy;
-signed char sz;
-unsigned char uc;
-int x;
-unsigned int ux;
-unsigned int uy;
-unsigned int uz;
-unsigned short s;
-int volatile v;
-void main1(void)
-{
- sz = (signed char)((int)sx + (int)sy);
- /*@ assert Eva: unsigned_downcast: 0 ≤ (int)((int)sx + (int)sy); */
- uc = (unsigned char)((int)sx + (int)sy);
- /*@ assert Eva: unsigned_downcast: 0 ≤ x; */
- /*@ assert Eva: unsigned_downcast: x ≤ 255; */
- uc = (unsigned char)x;
- x = (int)(uy + uz);
- ux = uy + uz;
- /*@ assert Eva: unsigned_downcast: (unsigned int)(uy + uz) ≤ 65535; */
- s = (unsigned short)(uy + uz);
- return;
-}
-
-void main2_bitfield(void)
-{
- struct s ss;
- int i = 117;
- unsigned int j = (unsigned int)254;
- if (v)
- ss.i = (int)i;
- if (v)
- /*@ assert Eva: unsigned_downcast: j ≤ 31; */
- ss.j = (unsigned int)j;
- return;
-}
-
-void main3_reduction(void)
-{
- int x_0 = v;
- char c = (char)x_0;
- /*@ assert Eva: unsigned_downcast: 0 ≤ v; */
- unsigned int y = (unsigned int)v;
- /*@ assert Eva: unsigned_downcast: y ≤ 255; */
- unsigned char d = (unsigned char)y;
- return;
-}
-
-void main4_pointer(void)
-{
- int x_0;
- long long p = (long long)(& x_0);
- /*@ assert
- Eva: signed_overflow: -9223372036854775808 ≤ p + (long long)100;
- */
- /*@ assert
- Eva: signed_overflow: p + (long long)100 ≤ 9223372036854775807;
- */
- p += (long long)100;
- /*@ assert Eva: unsigned_downcast: 0 ≤ p; */
- /*@ assert Eva: unsigned_downcast: p ≤ 4294967295; */
- unsigned int q = (unsigned int)p;
- int r = (int)p;
- return;
-}
-
-/*@ assigns \result;
- assigns \result \from \nothing; */
-extern int ( /* missing proto */ Frama_C_show_each)();
-
-void main5_wrap_signed(void)
-{
- int x_0 = v;
- /*@ assert ASSUME: x_0 ≥ 100000; */ ;
- /*@ assert x_0 > 0x7FFFFFFF - 145 ∨ x_0 ≤ 0x7FFFFFFF - 145; */ ;
- unsigned int y = (unsigned int)x_0;
- y += (unsigned int)145;
- int z = (int)y;
- Frama_C_show_each(x_0,y,z);
- /*@ assert z ≥ 100000 + 145 ∨ z ≤ (int)(0x7FFFFFFF + 145); */ ;
- return;
-}
-
-void main6_val_warn_converted_signed(void)
-{
- if (v) {
- short s_0 = (short)65300u;
- }
- if (v) {
- unsigned short u = (unsigned short)65300u;
- }
- if (v) {
- unsigned long e = (unsigned long)17;
- short b = (short)e;
- }
- if (v) {
- /*@ assert Eva: unsigned_downcast: 0 ≤ (int)(-12); */
- unsigned long e_0 = (unsigned long)(-12);
- short b_0 = (short)e_0;
- }
- if (v) {
- /*@ assert Eva: unsigned_downcast: 0 ≤ (int)(-64000); */
- unsigned int e_1 = (unsigned int)(-64000);
- short b_1 = (short)e_1;
- }
- if (v) {
- int *p = (int *)(& v);
- int x_0 = (int)p;
- short y = (short)p;
- /*@ assert Eva: unsigned_downcast: p ≤ 65535; */
- unsigned short z = (unsigned short)p;
- }
- return;
-}
-
-void main7_signed_upcast(void)
-{
- unsigned char c = (unsigned char)240;
- int i = (int)c;
- return;
-}
-
-void main8_bitfields(void)
-{
- struct bitf S;
- signed char c;
- S.i1 = (unsigned int)0x3FFFF;
- if (v)
- S.i2 = (int)S.i1;
- if (v)
- c = (signed char)S.i1;
- S.i1 = (unsigned int)257u;
- if (v)
- S.i2 = (int)S.i1;
- if (v)
- c = (signed char)S.i1;
- S.i1 = (unsigned int)65u;
- if (v)
- S.i2 = (int)S.i1;
- if (v) c = (signed char)S.i1;
- return;
-}
-
-void main9_bitfield(void)
-{
- struct __anonstruct_bf_1 bf;
- signed char c;
- bf.a = (unsigned int)1648;
- if (v) {
- int signed_a = (int)((int)bf.a);
- /*@ assert signed_a ≡ -400; */ ;
- }
- if (v)
- c = (signed char)bf.a;
- return;
-}
-
-void main10_loop(void)
-{
- signed char c;
- struct __anonstruct_bf_2 bf;
- int k = 0;
- while (k < 10) {
- /*@ assert Eva: unsigned_downcast: 0 ≤ v; */
- /*@ assert Eva: unsigned_downcast: v ≤ 1023; */
- bf.b = (unsigned int)v;
- if (v)
- c = (signed char)bf.b;
- k ++;
- }
- return;
-}
-
-void main(void)
-{
- main1();
- main2_bitfield();
- main3_reduction();
- main4_pointer();
- main5_wrap_signed();
- main6_val_warn_converted_signed();
- main7_signed_upcast();
- main8_bitfields();
- main9_bitfield();
- main10_loop();
- return;
-}
-
-
-[eva] Analyzing an incomplete application starting at main
-[eva] Computing initial state
-[eva] Initial state computed
-[eva:initial-state] Values of globals at initialization
- sx ∈ [--..--]
- sy ∈ [--..--]
- sz ∈ [--..--]
- uc ∈ [--..--]
- x ∈ [--..--]
- ux ∈ [--..--]
- uy ∈ [--..--]
- uz ∈ [--..--]
- s ∈ [--..--]
- v ∈ [--..--]
-[eva] computing for function main1 <- main.
- Called from tests/value/downcast.i:152.
-[eva:alarm] tests/value/downcast.i:19: Warning:
- signed downcast. assert -128 ≤ (int)((int)sx + (int)sy);
-[eva:alarm] tests/value/downcast.i:19: Warning:
- signed downcast. assert (int)((int)sx + (int)sy) ≤ 127;
-[eva] Recording results for main1
-[eva] Done for function main1
-[eva] computing for function main2_bitfield <- main.
- Called from tests/value/downcast.i:153.
-[eva:alarm] tests/value/downcast.i:32: Warning:
- signed downcast. assert i ≤ 15;
-[eva] Recording results for main2_bitfield
-[eva] Done for function main2_bitfield
-[eva] computing for function main3_reduction <- main.
- Called from tests/value/downcast.i:154.
-[eva:alarm] tests/value/downcast.i:38: Warning:
- signed downcast. assert -128 ≤ x_0;
-[eva:alarm] tests/value/downcast.i:38: Warning:
- signed downcast. assert x_0 ≤ 127;
-[eva] Recording results for main3_reduction
-[eva] Done for function main3_reduction
-[eva] computing for function main4_pointer <- main.
- Called from tests/value/downcast.i:155.
-[eva:alarm] tests/value/downcast.i:50: Warning:
- signed overflow. assert -9223372036854775808 ≤ p + (long long)100;
-[eva:alarm] tests/value/downcast.i:50: Warning:
- signed overflow. assert p + (long long)100 ≤ 9223372036854775807;
-[eva:alarm] tests/value/downcast.i:52: Warning:
- signed downcast. assert -2147483648 ≤ p;
-[eva:alarm] tests/value/downcast.i:52: Warning:
- signed downcast. assert p ≤ 2147483647;
-[eva] Recording results for main4_pointer
-[eva] Done for function main4_pointer
-[eva] computing for function main5_wrap_signed <- main.
- Called from tests/value/downcast.i:156.
-[eva] tests/value/downcast.i:63:
- Frama_C_show_each:
- [100000..2147483647], [100145..2147483792], [-2147483648..2147483647]
-[eva] Recording results for main5_wrap_signed
-[eva] Done for function main5_wrap_signed
-[eva] computing for function main6_val_warn_converted_signed <- main.
- Called from tests/value/downcast.i:157.
-[eva:alarm] tests/value/downcast.i:71: Warning:
- signed downcast. assert (int)65300u ≤ 32767;
-[eva:alarm] tests/value/downcast.i:87: Warning:
- signed downcast. assert -32768 ≤ (int)e_1;
-[eva:alarm] tests/value/downcast.i:92: Warning:
- signed downcast. assert -32768 ≤ (int)p;
-[eva:alarm] tests/value/downcast.i:92: Warning:
- signed downcast. assert (int)p ≤ 32767;
-[eva] Recording results for main6_val_warn_converted_signed
-[eva] Done for function main6_val_warn_converted_signed
-[eva] computing for function main7_signed_upcast <- main.
- Called from tests/value/downcast.i:158.
-[eva] Recording results for main7_signed_upcast
-[eva] Done for function main7_signed_upcast
-[eva] computing for function main8_bitfields <- main.
- Called from tests/value/downcast.i:159.
-[eva:alarm] tests/value/downcast.i:119: Warning:
- signed downcast. assert (int)S.i1 ≤ 31;
-[eva:alarm] tests/value/downcast.i:120: Warning:
- signed downcast. assert (int)S.i1 ≤ 127;
-[eva:alarm] tests/value/downcast.i:124: Warning:
- signed downcast. assert (int)S.i1 ≤ 31;
-[eva] Recording results for main8_bitfields
-[eva] Done for function main8_bitfields
-[eva] computing for function main9_bitfield <- main.
- Called from tests/value/downcast.i:160.
-[eva:alarm] tests/value/downcast.i:137: Warning:
- signed downcast. assert -128 ≤ (int)bf.a;
-[eva] Recording results for main9_bitfield
-[eva] Done for function main9_bitfield
-[eva] computing for function main10_loop <- main.
- Called from tests/value/downcast.i:161.
-[eva:alarm] tests/value/downcast.i:147: Warning:
- signed downcast. assert -128 ≤ (int)bf.b;
-[eva:alarm] tests/value/downcast.i:147: Warning:
- signed downcast. assert (int)bf.b ≤ 127;
-[eva] Recording results for main10_loop
-[eva] Done for function main10_loop
-[eva] Recording results for main
-[eva] done for function main
-[eva] ====== VALUES COMPUTED ======
-[eva:final-states] Values at end of function main1:
- sz ∈ [--..--]
- uc ∈ [--..--]
- x ∈ [--..--]
- ux ∈ [--..--]
- s ∈ [--..--]
-[eva:final-states] Values at end of function main10_loop:
- c ∈ [--..--] or UNINITIALIZED
- bf.b ∈ [--..--] or UNINITIALIZED
- .[bits 10 to 31] ∈ UNINITIALIZED
- k ∈ {10}
-[eva:final-states] Values at end of function main2_bitfield:
- i ∈ {117}
- j ∈ {254}
- ss.i ∈ UNINITIALIZED
- .j ∈ {30} or UNINITIALIZED
- .[bits 10 to 31] ∈ UNINITIALIZED
-[eva:final-states] Values at end of function main3_reduction:
- x_0 ∈ [-128..127]
- c ∈ [--..--]
- y ∈ [--..--]
- d ∈ [--..--]
-[eva:final-states] Values at end of function main4_pointer:
- p ∈ {{ &x_0 + {100} }}
- q ∈ {{ &x_0 + {100} }}
- r ∈ {{ &x_0 + {100} }}
-[eva:final-states] Values at end of function main5_wrap_signed:
- x_0 ∈ [100000..2147483647]
- y ∈ [100145..2147483792]
- z ∈ [--..--]
-[eva:final-states] Values at end of function main6_val_warn_converted_signed:
-
-[eva:final-states] Values at end of function main7_signed_upcast:
- c ∈ {240}
- i ∈ {240}
-[eva:final-states] Values at end of function main8_bitfields:
- S.i1 ∈ {65}
- .i2 ∈ {-1} or UNINITIALIZED
- .[bits 24 to 31] ∈ UNINITIALIZED
- c ∈ {-1; 65} or UNINITIALIZED
-[eva:final-states] Values at end of function main9_bitfield:
- bf.a ∈ {1648}
- .[bits 11 to 31] ∈ UNINITIALIZED
- c ∈ UNINITIALIZED
-[eva:final-states] Values at end of function main:
- sz ∈ [--..--]
- uc ∈ [--..--]
- x ∈ [--..--]
- ux ∈ [--..--]
- s ∈ [--..--]
-[from] Computing for function main1
-[from] Done for function main1
-[from] Computing for function main10_loop
-[from] Done for function main10_loop
-[from] Computing for function main2_bitfield
-[from] Done for function main2_bitfield
-[from] Computing for function main3_reduction
-[from] Done for function main3_reduction
-[from] Computing for function main4_pointer
-[from] Done for function main4_pointer
-[from] Computing for function main5_wrap_signed
-[from] Done for function main5_wrap_signed
-[from] Computing for function main6_val_warn_converted_signed
-[from] Done for function main6_val_warn_converted_signed
-[from] Computing for function main7_signed_upcast
-[from] Done for function main7_signed_upcast
-[from] Computing for function main8_bitfields
-[from] Done for function main8_bitfields
-[from] Computing for function main9_bitfield
-[from] Done for function main9_bitfield
-[from] Computing for function main
-[from] Done for function main
-[from] ====== DEPENDENCIES COMPUTED ======
- These dependencies hold at termination for the executions that terminate:
-[from] Function main1:
- sz FROM sx; sy
- uc FROM x
- x FROM uy; uz
- ux FROM uy; uz
- s FROM uy; uz
-[from] Function main10_loop:
- NO EFFECTS
-[from] Function main2_bitfield:
- NO EFFECTS
-[from] Function main3_reduction:
- NO EFFECTS
-[from] Function main4_pointer:
- NO EFFECTS
-[from] Function main5_wrap_signed:
- NO EFFECTS
-[from] Function main6_val_warn_converted_signed:
- NO EFFECTS
-[from] Function main7_signed_upcast:
- NO EFFECTS
-[from] Function main8_bitfields:
- NO EFFECTS
-[from] Function main9_bitfield:
- NO EFFECTS
-[from] Function main:
- sz FROM sx; sy
- uc FROM x
- x FROM uy; uz
- ux FROM uy; uz
- s FROM uy; uz
-[from] ====== END OF DEPENDENCIES ======
-[inout] Out (internal) for function main1:
- sz; uc; x; ux; s
-[inout] Inputs for function main1:
- sx; sy; x; uy; uz
-[inout] Out (internal) for function main10_loop:
- c; bf.b; k
-[inout] Inputs for function main10_loop:
- v
-[inout] Out (internal) for function main2_bitfield:
- i; j; ss{.i; .j}
-[inout] Inputs for function main2_bitfield:
- v
-[inout] Out (internal) for function main3_reduction:
- x_0; c; y; d
-[inout] Inputs for function main3_reduction:
- v
-[inout] Out (internal) for function main4_pointer:
- p; q; r
-[inout] Inputs for function main4_pointer:
- \nothing
-[inout] Out (internal) for function main5_wrap_signed:
- x_0; y; z
-[inout] Inputs for function main5_wrap_signed:
- v
-[inout] Out (internal) for function main6_val_warn_converted_signed:
- s_0; u; e; b; e_0; b_0; e_1; b_1; p; x_0; y; z
-[inout] Inputs for function main6_val_warn_converted_signed:
- v
-[inout] Out (internal) for function main7_signed_upcast:
- c; i
-[inout] Inputs for function main7_signed_upcast:
- \nothing
-[inout] Out (internal) for function main8_bitfields:
- S{.i1; .i2}; c
-[inout] Inputs for function main8_bitfields:
- v
-[inout] Out (internal) for function main9_bitfield:
- bf.a; signed_a; c
-[inout] Inputs for function main9_bitfield:
- v
-[inout] Out (internal) for function main:
- sz; uc; x; ux; s
-[inout] Inputs for function main:
- sx; sy; x; uy; uz; v
-[report] Computing properties status...
-
---------------------------------------------------------------------------------
---- Properties of Function 'main1'
---------------------------------------------------------------------------------
-
-[ - ] Assertion 'Eva,signed_downcast' (file tests/value/downcast.i, line 19)
- tried with Eva.
-[ - ] Assertion 'Eva,signed_downcast' (file tests/value/downcast.i, line 19)
- tried with Eva.
-
---------------------------------------------------------------------------------
---- Properties of Function 'main2_bitfield'
---------------------------------------------------------------------------------
-
-[ Alarm ] Assertion 'Eva,signed_downcast' (file tests/value/downcast.i, line 32)
- By Eva, with pending:
- - Unreachable instruction (file tests/value/downcast.i, line 32)
-
---------------------------------------------------------------------------------
---- Properties of Function 'main3_reduction'
---------------------------------------------------------------------------------
-
-[ - ] Assertion 'Eva,signed_downcast' (file tests/value/downcast.i, line 38)
- tried with Eva.
-[ - ] Assertion 'Eva,signed_downcast' (file tests/value/downcast.i, line 38)
- tried with Eva.
-
---------------------------------------------------------------------------------
---- Properties of Function 'main4_pointer'
---------------------------------------------------------------------------------
-
-[ - ] Assertion 'Eva,signed_overflow' (file tests/value/downcast.i, line 50)
- tried with Eva.
-[ - ] Assertion 'Eva,signed_overflow' (file tests/value/downcast.i, line 50)
- tried with Eva.
-[ - ] Assertion 'Eva,signed_downcast' (file tests/value/downcast.i, line 52)
- tried with Eva.
-[ - ] Assertion 'Eva,signed_downcast' (file tests/value/downcast.i, line 52)
- tried with Eva.
-
---------------------------------------------------------------------------------
---- Properties of Function 'main5_wrap_signed'
---------------------------------------------------------------------------------
-
-[ - ] Assertion 'ASSUME' (file tests/value/downcast.i, line 58)
- tried with Eva.
-[ Valid ] Assertion (file tests/value/downcast.i, line 59)
- by Eva.
-[ - ] Assertion (file tests/value/downcast.i, line 64)
- tried with Eva.
-
---------------------------------------------------------------------------------
---- Properties of Function 'main6_val_warn_converted_signed'
---------------------------------------------------------------------------------
-
-[ Alarm ] Assertion 'Eva,signed_downcast' (file tests/value/downcast.i, line 71)
- By Eva, with pending:
- - Unreachable initialization of 's_0' (file tests/value/downcast.i, line 71)
-[ Alarm ] Assertion 'Eva,signed_downcast' (file tests/value/downcast.i, line 87)
- By Eva, with pending:
- - Unreachable initialization of 'b_1' (file tests/value/downcast.i, line 87)
-[ - ] Assertion 'Eva,signed_downcast' (file tests/value/downcast.i, line 92)
- tried with Eva.
-[ - ] Assertion 'Eva,signed_downcast' (file tests/value/downcast.i, line 92)
- tried with Eva.
-
---------------------------------------------------------------------------------
---- Properties of Function 'main8_bitfields'
---------------------------------------------------------------------------------
-
-[ Alarm ] Assertion 'Eva,signed_downcast' (file tests/value/downcast.i, line 119)
- By Eva, with pending:
- - Unreachable instruction (file tests/value/downcast.i, line 119)
-[ Alarm ] Assertion 'Eva,signed_downcast' (file tests/value/downcast.i, line 120)
- By Eva, with pending:
- - Unreachable instruction (file tests/value/downcast.i, line 120)
-[ Alarm ] Assertion 'Eva,signed_downcast' (file tests/value/downcast.i, line 124)
- By Eva, with pending:
- - Unreachable instruction (file tests/value/downcast.i, line 124)
-
---------------------------------------------------------------------------------
---- Properties of Function 'main9_bitfield'
---------------------------------------------------------------------------------
-
-[ Valid ] Assertion (file tests/value/downcast.i, line 134)
- by Eva.
-[ Alarm ] Assertion 'Eva,signed_downcast' (file tests/value/downcast.i, line 137)
- By Eva, with pending:
- - Unreachable instruction (file tests/value/downcast.i, line 137)
-
---------------------------------------------------------------------------------
---- Properties of Function 'main10_loop'
---------------------------------------------------------------------------------
-
-[ - ] Assertion 'Eva,signed_downcast' (file tests/value/downcast.i, line 147)
- tried with Eva.
-[ - ] Assertion 'Eva,signed_downcast' (file tests/value/downcast.i, line 147)
- tried with Eva.
-
---------------------------------------------------------------------------------
---- Status Report Summary
---------------------------------------------------------------------------------
- 2 Completely validated
- 14 To be validated
- 7 Alarms emitted
- 23 Total
---------------------------------------------------------------------------------
-/* Generated by Frama-C */
-struct s {
- int i : 5 ;
- unsigned int j : 5 ;
-};
-struct bitf {
- unsigned int i1 : 18 ;
- int i2 : 6 ;
-};
-struct __anonstruct_bf_1 {
- unsigned int a : 11 ;
-};
-struct __anonstruct_bf_2 {
- unsigned int b : 10 ;
-};
-signed char sx;
-signed char sy;
-signed char sz;
-unsigned char uc;
-int x;
-unsigned int ux;
-unsigned int uy;
-unsigned int uz;
-unsigned short s;
-int volatile v;
-void main1(void)
-{
- /*@ assert Eva: signed_downcast: -128 ≤ (int)((int)sx + (int)sy); */
- /*@ assert Eva: signed_downcast: (int)((int)sx + (int)sy) ≤ 127; */
- sz = (signed char)((int)sx + (int)sy);
- uc = (unsigned char)((int)sx + (int)sy);
- uc = (unsigned char)x;
- x = (int)(uy + uz);
- ux = uy + uz;
- s = (unsigned short)(uy + uz);
- return;
-}
-
-void main2_bitfield(void)
-{
- struct s ss;
- int i = 117;
- unsigned int j = (unsigned int)254;
- if (v)
- /*@ assert Eva: signed_downcast: i ≤ 15; */
- ss.i = (int)i;
- if (v)
- ss.j = (unsigned int)j;
- return;
-}
-
-void main3_reduction(void)
-{
- int x_0 = v;
- /*@ assert Eva: signed_downcast: -128 ≤ x_0; */
- /*@ assert Eva: signed_downcast: x_0 ≤ 127; */
- char c = (char)x_0;
- unsigned int y = (unsigned int)v;
- unsigned char d = (unsigned char)y;
- return;
-}
-
-void main4_pointer(void)
-{
- int x_0;
- long long p = (long long)(& x_0);
- /*@ assert
- Eva: signed_overflow: -9223372036854775808 ≤ p + (long long)100;
- */
- /*@ assert
- Eva: signed_overflow: p + (long long)100 ≤ 9223372036854775807;
- */
- p += (long long)100;
- unsigned int q = (unsigned int)p;
- /*@ assert Eva: signed_downcast: -2147483648 ≤ p; */
- /*@ assert Eva: signed_downcast: p ≤ 2147483647; */
- int r = (int)p;
- return;
-}
-
-/*@ assigns \result;
- assigns \result \from \nothing; */
-extern int ( /* missing proto */ Frama_C_show_each)();
-
-void main5_wrap_signed(void)
-{
- int x_0 = v;
- /*@ assert ASSUME: x_0 ≥ 100000; */ ;
- /*@ assert x_0 > 0x7FFFFFFF - 145 ∨ x_0 ≤ 0x7FFFFFFF - 145; */ ;
- unsigned int y = (unsigned int)x_0;
- y += (unsigned int)145;
- int z = (int)y;
- Frama_C_show_each(x_0,y,z);
- /*@ assert z ≥ 100000 + 145 ∨ z ≤ (int)(0x7FFFFFFF + 145); */ ;
- return;
-}
-
-void main6_val_warn_converted_signed(void)
-{
- if (v) {
- /*@ assert Eva: signed_downcast: (int)65300u ≤ 32767; */
- short s_0 = (short)65300u;
- }
- if (v) {
- unsigned short u = (unsigned short)65300u;
- }
- if (v) {
- unsigned long e = (unsigned long)17;
- short b = (short)e;
- }
- if (v) {
- unsigned long e_0 = (unsigned long)(-12);
- short b_0 = (short)e_0;
- }
- if (v) {
- unsigned int e_1 = (unsigned int)(-64000);
- /*@ assert Eva: signed_downcast: -32768 ≤ (int)e_1; */
- short b_1 = (short)e_1;
- }
- if (v) {
- int *p = (int *)(& v);
- int x_0 = (int)p;
- /*@ assert Eva: signed_downcast: -32768 ≤ (int)p; */
- /*@ assert Eva: signed_downcast: (int)p ≤ 32767; */
- short y = (short)p;
- unsigned short z = (unsigned short)p;
- }
- return;
-}
-
-void main7_signed_upcast(void)
-{
- unsigned char c = (unsigned char)240;
- int i = (int)c;
- return;
-}
-
-void main8_bitfields(void)
-{
- struct bitf S;
- signed char c;
- S.i1 = (unsigned int)0x3FFFF;
- if (v)
- S.i2 = (int)S.i1;
- if (v)
- c = (signed char)S.i1;
- S.i1 = (unsigned int)257u;
- if (v)
- /*@ assert Eva: signed_downcast: (int)S.i1 ≤ 31; */
- S.i2 = (int)S.i1;
- if (v)
- /*@ assert Eva: signed_downcast: (int)S.i1 ≤ 127; */
- c = (signed char)S.i1;
- S.i1 = (unsigned int)65u;
- if (v)
- /*@ assert Eva: signed_downcast: (int)S.i1 ≤ 31; */
- S.i2 = (int)S.i1;
- if (v) c = (signed char)S.i1;
- return;
-}
-
-void main9_bitfield(void)
-{
- struct __anonstruct_bf_1 bf;
- signed char c;
- bf.a = (unsigned int)1648;
- if (v) {
- int signed_a = (int)((int)bf.a);
- /*@ assert signed_a ≡ -400; */ ;
- }
- if (v)
- /*@ assert Eva: signed_downcast: -128 ≤ (int)bf.a; */
- c = (signed char)bf.a;
- return;
-}
-
-void main10_loop(void)
-{
- signed char c;
- struct __anonstruct_bf_2 bf;
- int k = 0;
- while (k < 10) {
- bf.b = (unsigned int)v;
- if (v)
- /*@ assert Eva: signed_downcast: -128 ≤ (int)bf.b; */
- /*@ assert Eva: signed_downcast: (int)bf.b ≤ 127; */
- c = (signed char)bf.b;
- k ++;
- }
- return;
-}
-
-void main(void)
-{
- main1();
- main2_bitfield();
- main3_reduction();
- main4_pointer();
- main5_wrap_signed();
- main6_val_warn_converted_signed();
- main7_signed_upcast();
- main8_bitfields();
- main9_bitfield();
- main10_loop();
- return;
-}
-
-
-[eva] Analyzing an incomplete application starting at main5_wrap_signed
-[eva] Computing initial state
-[eva] Initial state computed
-[eva:initial-state] Values of globals at initialization
- sx ∈ [--..--]
- sy ∈ [--..--]
- sz ∈ [--..--]
- uc ∈ [--..--]
- x ∈ [--..--]
- ux ∈ [--..--]
- uy ∈ [--..--]
- uz ∈ [--..--]
- s ∈ [--..--]
- v ∈ [--..--]
-[eva] tests/value/downcast.i:63:
- Frama_C_show_each:
- [2147483503..2147483647],
- [2147483648..2147483792],
- [-2147483648..-2147483504]
-[eva] tests/value/downcast.i:63:
- Frama_C_show_each:
- [100000..2147483502], [100145..2147483647], [100145..2147483647]
-[eva] Recording results for main5_wrap_signed
-[eva] done for function main5_wrap_signed
-[eva] ====== VALUES COMPUTED ======
-[eva:final-states] Values at end of function main5_wrap_signed:
- x_0 ∈ [100000..2147483647]
- y ∈ [100145..2147483792]
- z ∈ [--..--]
-[from] Computing for function main5_wrap_signed
-[from] Done for function main5_wrap_signed
-[from] ====== DEPENDENCIES COMPUTED ======
- These dependencies hold at termination for the executions that terminate:
-[from] Function main5_wrap_signed:
- NO EFFECTS
-[from] ====== END OF DEPENDENCIES ======
-[inout] Out (internal) for function main5_wrap_signed:
- x_0; y; z
-[inout] Inputs for function main5_wrap_signed:
- v
-[report] Computing properties status...
-
---------------------------------------------------------------------------------
---- Properties of Function 'main5_wrap_signed'
---------------------------------------------------------------------------------
-
-[ - ] Assertion 'ASSUME' (file tests/value/downcast.i, line 58)
- tried with Eva (v2).
-[ Valid ] Assertion (file tests/value/downcast.i, line 59)
- by Eva (v2).
-[ Valid ] Assertion (file tests/value/downcast.i, line 64)
- by Eva (v2).
-
---------------------------------------------------------------------------------
---- Properties of Function 'main9_bitfield'
---------------------------------------------------------------------------------
-
-[ Dead ] Assertion (file tests/value/downcast.i, line 134)
- Locally valid, but unreachable.
- By Eva (v2) because:
- - Unreachable program point (file tests/value/downcast.i, line 134)
-[Unreachable] Unreachable program point (file tests/value/downcast.i, line 134)
- by Eva (v2).
-
---------------------------------------------------------------------------------
---- Status Report Summary
---------------------------------------------------------------------------------
- 2 Completely validated
- 1 To be validated
- 1 Dead property
- 1 Unreachable
- 5 Total
---------------------------------------------------------------------------------
diff --git a/tests/value/oracle/eval_separated.res.oracle b/tests/value/oracle/eval_separated.res.oracle
index 0c3fea76b479bd4c8ddadcf89f365a78a7d71c30..ba49fd5aff7ed2c46847101b030c1578ba71f117 100644
--- a/tests/value/oracle/eval_separated.res.oracle
+++ b/tests/value/oracle/eval_separated.res.oracle
@@ -11,6 +11,8 @@
[eva] tests/value/eval_separated.c:6: assertion got status valid.
[eva] tests/value/eval_separated.c:8: assertion got status valid.
[eva] tests/value/eval_separated.c:9: assertion got status valid.
+[eva:alarm] tests/value/eval_separated.c:11: Warning:
+ pointer downcast. assert (unsigned int)(&q) ≤ 2147483647;
[eva:alarm] tests/value/eval_separated.c:11: Warning:
signed overflow. assert -2147483648 ≤ (int)(&q) + (int)(&q);
[eva:alarm] tests/value/eval_separated.c:11: Warning:
@@ -18,6 +20,8 @@
[eva] tests/value/eval_separated.c:11:
Assigning imprecise value to q.
The imprecision originates from Arithmetic {tests/value/eval_separated.c:11}
+[eva:alarm] tests/value/eval_separated.c:12: Warning:
+ pointer downcast. assert (unsigned int)(&r) ≤ 2147483647;
[eva:alarm] tests/value/eval_separated.c:12: Warning:
signed overflow. assert -2147483648 ≤ (int)(&r) + (int)(&r);
[eva:alarm] tests/value/eval_separated.c:12: Warning:
diff --git a/tests/value/oracle/from_call.0.res.oracle b/tests/value/oracle/from_call.0.res.oracle
index 5f8aacfb014ade7377e9998ae79661c5f3f5ce64..90af155562b9b8797ae7bcbd68e0ee6bd42434e9 100644
--- a/tests/value/oracle/from_call.0.res.oracle
+++ b/tests/value/oracle/from_call.0.res.oracle
@@ -1,6 +1,10 @@
[kernel] Parsing tests/value/from_call.i (no preprocessing)
[eva] Analyzing a complete application starting at main
[eva] Computing initial state
+[eva:alarm] tests/value/from_call.i:70: Warning:
+ pointer downcast. assert (unsigned int)(&AA) ≤ 2147483647;
+[eva:alarm] tests/value/from_call.i:71: Warning:
+ pointer downcast. assert (unsigned int)(&AA) ≤ 2147483647;
[eva] Initial state computed
[eva:initial-state] Values of globals at initialization
a ∈ {0}
diff --git a/tests/value/oracle/from_call.1.res.oracle b/tests/value/oracle/from_call.1.res.oracle
index e8c864534dc5e981b7c63292a1f42e4ece799b56..eb4493ddfd3a65d3dfce413d96809353d388e0e9 100644
--- a/tests/value/oracle/from_call.1.res.oracle
+++ b/tests/value/oracle/from_call.1.res.oracle
@@ -1,6 +1,10 @@
[kernel] Parsing tests/value/from_call.i (no preprocessing)
[eva] Analyzing a complete application starting at main
[eva] Computing initial state
+[eva:alarm] tests/value/from_call.i:70: Warning:
+ pointer downcast. assert (unsigned int)(&AA) ≤ 2147483647;
+[eva:alarm] tests/value/from_call.i:71: Warning:
+ pointer downcast. assert (unsigned int)(&AA) ≤ 2147483647;
[eva] Initial state computed
[eva:initial-state] Values of globals at initialization
a ∈ {0}
diff --git a/tests/value/oracle/from_ptr.0.res.oracle b/tests/value/oracle/from_ptr.0.res.oracle
index 46f997dc35f0e830f429145d190dad1388f71ea6..7261a1cb811310c62ae52d2a8bf458e0b25f6de2 100644
--- a/tests/value/oracle/from_ptr.0.res.oracle
+++ b/tests/value/oracle/from_ptr.0.res.oracle
@@ -15,6 +15,10 @@
b ∈ {0}
p[0..9][0..9][0..9] ∈ {0}
q ∈ {0}
+[eva:alarm] tests/value/from_ptr.i:12: Warning:
+ pointer downcast. assert (unsigned int)(&p[11]) ≤ 2147483647;
+[eva:alarm] tests/value/from_ptr.i:13: Warning:
+ pointer downcast. assert (unsigned int)(&p[10]) ≤ 2147483647;
[eva:alarm] tests/value/from_ptr.i:17: Warning:
out of bounds write. assert \valid((int *)i);
[kernel] tests/value/from_ptr.i:17: Warning:
diff --git a/tests/value/oracle/from_ptr.1.res.oracle b/tests/value/oracle/from_ptr.1.res.oracle
index f1dd5f2cc2c5dd152dca8817202c2c84b01dfba5..1cde862a4b6551a10c5c50fbf37f9edddcd36857 100644
--- a/tests/value/oracle/from_ptr.1.res.oracle
+++ b/tests/value/oracle/from_ptr.1.res.oracle
@@ -15,6 +15,10 @@
b ∈ {0}
p[0..9][0..9][0..9] ∈ {0}
q ∈ {0}
+[eva:alarm] tests/value/from_ptr.i:24: Warning:
+ pointer downcast. assert (unsigned int)(&p[1]) ≤ 2147483647;
+[eva:alarm] tests/value/from_ptr.i:25: Warning:
+ pointer downcast. assert (unsigned int)((int (*)[10][10])p) ≤ 2147483647;
[eva] Recording results for main1
[eva] done for function main1
[eva] ====== VALUES COMPUTED ======
diff --git a/tests/value/oracle/fun_ptr.1.res.oracle b/tests/value/oracle/fun_ptr.1.res.oracle
index f8b69ef751a77b9ba0cac41417df312e4b31fc68..3e7b008426e2a3857f1506beccf02faeb6d98f7a 100644
--- a/tests/value/oracle/fun_ptr.1.res.oracle
+++ b/tests/value/oracle/fun_ptr.1.res.oracle
@@ -8,6 +8,10 @@
expected 'short *' but got argument of type 'int *': & x
[eva] Analyzing a complete application starting at main
[eva] Computing initial state
+[eva:alarm] tests/value/fun_ptr.i:21: Warning:
+ pointer downcast. assert (unsigned __int64)(&f) ≤ 9223372036854775807;
+[eva:alarm] tests/value/fun_ptr.i:21: Warning:
+ pointer downcast. assert (unsigned __int64)(&g) ≤ 9223372036854775807;
[eva] Initial state computed
[eva:initial-state] Values of globals at initialization
t[0] ∈ {{ (__int64)&f }}
diff --git a/tests/value/oracle/gauges.res.oracle b/tests/value/oracle/gauges.res.oracle
index fa19ee9d0ef3002d43a7656080239d7a89f6a42b..bf8af26b55f010cf2427c09aeae8f0e9ad55183d 100644
--- a/tests/value/oracle/gauges.res.oracle
+++ b/tests/value/oracle/gauges.res.oracle
@@ -240,6 +240,10 @@
[eva] computing for function main9 <- main.
Called from tests/value/gauges.c:361.
[eva] tests/value/gauges.c:186: starting to merge loop iterations
+[eva:alarm] tests/value/gauges.c:188: Warning:
+ pointer downcast. assert (unsigned int)p ≤ 2147483647;
+[eva:alarm] tests/value/gauges.c:188: Warning:
+ pointer downcast. assert (unsigned int)q ≤ 2147483647;
[eva:alarm] tests/value/gauges.c:188: Warning:
signed overflow. assert -2147483648 ≤ (int)p + (int)q;
[eva:alarm] tests/value/gauges.c:188: Warning:
@@ -273,7 +277,7 @@
signed overflow. assert -2147483648 ≤ numNonZero - 1;
[eva:alarm] tests/value/gauges.c:202: Warning:
non-finite float value.
- assert \is_finite((float)(*p * (float)(*tmp * *tmp_0)));
+ assert \is_finite(\mul_float(*p, \mul_float(*tmp, *tmp_0)));
(tmp from A++, tmp_0 from B++)
[eva] Recording results for main10_aux
[eva] Done for function main10_aux
diff --git a/tests/value/oracle/imprecise_invalid_write.res.oracle b/tests/value/oracle/imprecise_invalid_write.res.oracle
index 3442108db92a4fbc4284112a78b6cbed78012754..338f79ddc5e562248c7d3246b45271cb2c3c3945 100644
--- a/tests/value/oracle/imprecise_invalid_write.res.oracle
+++ b/tests/value/oracle/imprecise_invalid_write.res.oracle
@@ -21,6 +21,8 @@
[eva] Done for function main1
[eva] computing for function main2 <- main.
Called from tests/value/imprecise_invalid_write.i:25.
+[eva:alarm] tests/value/imprecise_invalid_write.i:9: Warning:
+ pointer downcast. assert (unsigned int)(&main1) ≤ 2147483647;
[eva] tests/value/imprecise_invalid_write.i:9:
Assigning imprecise value to p.
The imprecision originates from Arithmetic
@@ -33,6 +35,8 @@
[eva] Done for function main2
[eva] computing for function main3 <- main.
Called from tests/value/imprecise_invalid_write.i:28.
+[eva:alarm] tests/value/imprecise_invalid_write.i:16: Warning:
+ pointer downcast. assert (unsigned int)s ≤ 2147483647;
[eva] tests/value/imprecise_invalid_write.i:16:
Assigning imprecise value to p.
The imprecision originates from Arithmetic
diff --git a/tests/value/oracle/incompatible_states.res.oracle b/tests/value/oracle/incompatible_states.res.oracle
index 9cd3bb24391f4465605fdb1d0b224608334bcc3d..d020cc431768e426b4883194da3f4b86841a0c0a 100644
--- a/tests/value/oracle/incompatible_states.res.oracle
+++ b/tests/value/oracle/incompatible_states.res.oracle
@@ -22,9 +22,11 @@
function Frama_C_interval: precondition 'order' got status valid.
[eva] Done for function Frama_C_interval
[eva:alarm] tests/value/incompatible_states.c:38: Warning:
- accessing uninitialized left-value. assert \initialized(&t[(2 * i) / 2]);
+ accessing uninitialized left-value.
+ assert \initialized(&t[(int)((int)(2 * i) / 2)]);
[eva:alarm] tests/value/incompatible_states.c:41: Warning:
- accessing uninitialized left-value. assert \initialized(&t[(2 * i) / 2]);
+ accessing uninitialized left-value.
+ assert \initialized(&t[(int)((int)(2 * i) / 2)]);
[eva] Recording results for main2
[eva] Done for function main2
[eva] computing for function main3 <- main.
diff --git a/tests/value/oracle/initialized.res.oracle b/tests/value/oracle/initialized.res.oracle
index f3d1c20aa17d60f4f052fe7a489807dd3537ff5f..b57ddb23b52afcfe2fb43e41160db19dd1996f01 100644
--- a/tests/value/oracle/initialized.res.oracle
+++ b/tests/value/oracle/initialized.res.oracle
@@ -66,6 +66,8 @@
[eva] Done for function g1
[eva] computing for function g2 <- main.
Called from tests/value/initialized.c:194.
+[eva:alarm] tests/value/initialized.c:50: Warning:
+ pointer downcast. assert (unsigned int)(&b4) ≤ 2147483647;
[eva:alarm] tests/value/initialized.c:50: Warning:
signed overflow. assert -2147483648 ≤ (int)(&b4) + (int)(&b4);
[eva:alarm] tests/value/initialized.c:50: Warning:
diff --git a/tests/value/oracle/invalid_pointer.0.res.oracle b/tests/value/oracle/invalid_pointer.0.res.oracle
new file mode 100644
index 0000000000000000000000000000000000000000..49074590ec4ff2071112e1ba7cdd78a2ff5f864e
--- /dev/null
+++ b/tests/value/oracle/invalid_pointer.0.res.oracle
@@ -0,0 +1,423 @@
+[kernel] Parsing tests/value/invalid_pointer.c (with preprocessing)
+[kernel:typing:int-conversion] tests/value/invalid_pointer.c:112: Warning:
+ Conversion from a pointer to an integer without an explicit cast
+[eva] Analyzing a complete application starting at main
+[eva] Computing initial state
+[eva] Initial state computed
+[eva:initial-state] Values of globals at initialization
+ NULL[rbits 80 to 247] ∈ [--..--]
+ undet ∈ [--..--]
+[eva] computing for function pointer_computation <- main.
+ Called from tests/value/invalid_pointer.c:172.
+[eva:alarm] tests/value/invalid_pointer.c:20: Warning:
+ invalid pointer creation. assert \object_pointer(p - 1);
+[eva:alarm] tests/value/invalid_pointer.c:23: Warning:
+ invalid pointer creation. assert \object_pointer(p + 1);
+[eva:alarm] tests/value/invalid_pointer.c:25: Warning:
+ invalid pointer creation. assert \object_pointer(p + i);
+[eva:alarm] tests/value/invalid_pointer.c:27: Warning:
+ invalid pointer creation. assert \object_pointer(p - j);
+[eva:alarm] tests/value/invalid_pointer.c:28: Warning:
+ invalid pointer creation. assert \object_pointer(p - 1);
+[eva] computing for function Frama_C_interval <- pointer_computation <- main.
+ Called from tests/value/invalid_pointer.c:31.
+[eva] using specification for function Frama_C_interval
+[eva] tests/value/invalid_pointer.c:31:
+ function Frama_C_interval: precondition 'order' got status valid.
+[eva] Done for function Frama_C_interval
+[eva:alarm] tests/value/invalid_pointer.c:32: Warning:
+ invalid pointer creation. assert \object_pointer(q + offset1);
+[eva] computing for function Frama_C_interval <- pointer_computation <- main.
+ Called from tests/value/invalid_pointer.c:33.
+[eva] tests/value/invalid_pointer.c:33:
+ function Frama_C_interval: precondition 'order' got status valid.
+[eva] Done for function Frama_C_interval
+[eva:alarm] tests/value/invalid_pointer.c:34: Warning:
+ invalid pointer creation. assert \object_pointer(q + offset2);
+[eva] Recording results for pointer_computation
+[eva] Done for function pointer_computation
+[eva] computing for function pointer_in_loops <- main.
+ Called from tests/value/invalid_pointer.c:173.
+[eva] tests/value/invalid_pointer.c:43:
+ Trace partitioning superposing up to 100 states
+[eva:alarm] tests/value/invalid_pointer.c:52: Warning:
+ invalid pointer creation. assert \object_pointer(q - 1);
+[eva] Recording results for pointer_in_loops
+[eva] Done for function pointer_in_loops
+[eva] computing for function int_conversion <- main.
+ Called from tests/value/invalid_pointer.c:174.
+[eva:alarm] tests/value/invalid_pointer.c:64: Warning:
+ invalid pointer creation. assert \object_pointer((int *)42);
+[eva] computing for function Frama_C_interval <- int_conversion <- main.
+ Called from tests/value/invalid_pointer.c:66.
+[eva] tests/value/invalid_pointer.c:66:
+ function Frama_C_interval: precondition 'order' got status valid.
+[eva] Done for function Frama_C_interval
+[eva] computing for function Frama_C_interval <- int_conversion <- main.
+ Called from tests/value/invalid_pointer.c:68.
+[eva] tests/value/invalid_pointer.c:68:
+ function Frama_C_interval: precondition 'order' got status valid.
+[eva] Done for function Frama_C_interval
+[eva:alarm] tests/value/invalid_pointer.c:70: Warning:
+ invalid pointer creation. assert \object_pointer((int *)x);
+[eva] computing for function Frama_C_interval <- int_conversion <- main.
+ Called from tests/value/invalid_pointer.c:72.
+[eva] tests/value/invalid_pointer.c:72:
+ function Frama_C_interval: precondition 'order' got status valid.
+[eva] Done for function Frama_C_interval
+[eva:alarm] tests/value/invalid_pointer.c:73: Warning:
+ invalid pointer creation. assert \object_pointer((int *)x);
+[eva:alarm] tests/value/invalid_pointer.c:74: Warning:
+ invalid pointer creation. assert \object_pointer((int *)undet);
+[eva] Recording results for int_conversion
+[eva] Done for function int_conversion
+[eva] computing for function addrof <- main.
+ Called from tests/value/invalid_pointer.c:175.
+[eva:alarm] tests/value/invalid_pointer.c:82: Warning:
+ invalid pointer creation. assert \object_pointer(&a[11]);
+[eva:alarm] tests/value/invalid_pointer.c:84: Warning:
+ invalid pointer creation. assert \object_pointer(&a[(int)(-1)]);
+[eva:alarm] tests/value/invalid_pointer.c:86: Warning:
+ invalid pointer creation. assert \object_pointer(&a[offset]);
+[eva] Recording results for addrof
+[eva] Done for function addrof
+[eva] computing for function union_pointer <- main.
+ Called from tests/value/invalid_pointer.c:176.
+[eva:alarm] tests/value/invalid_pointer.c:102: Warning:
+ invalid pointer creation. assert \object_pointer(u.pointer);
+[eva:alarm] tests/value/invalid_pointer.c:105: Warning:
+ invalid pointer creation. assert \object_pointer(u.pointer);
+[eva] Recording results for union_pointer
+[eva] Done for function union_pointer
+[eva] computing for function write_pointer <- main.
+ Called from tests/value/invalid_pointer.c:177.
+[eva:alarm] tests/value/invalid_pointer.c:115: Warning:
+ invalid pointer creation. assert \object_pointer(p);
+[eva:alarm] tests/value/invalid_pointer.c:118: Warning:
+ invalid pointer creation. assert \object_pointer(p);
+[eva] Recording results for write_pointer
+[eva] Done for function write_pointer
+[eva] computing for function object_pointer_predicate <- main.
+ Called from tests/value/invalid_pointer.c:178.
+[eva] tests/value/invalid_pointer.c:127: assertion got status valid.
+[eva:alarm] tests/value/invalid_pointer.c:129: Warning:
+ invalid pointer creation. assert \object_pointer(p - 1);
+[eva] tests/value/invalid_pointer.c:133: assertion got status valid.
+[eva:alarm] tests/value/invalid_pointer.c:135: Warning:
+ invalid pointer creation. assert \object_pointer(p + 1);
+[eva:alarm] tests/value/invalid_pointer.c:138: Warning:
+ invalid pointer creation. assert \object_pointer(p + undet);
+[eva] tests/value/invalid_pointer.c:139: assertion got status valid.
+[eva] tests/value/invalid_pointer.c:140: assertion got status valid.
+[eva] tests/value/invalid_pointer.c:141:
+ Frama_C_show_each_object_pointer: {{ &x + {0; 4} }}
+[eva:alarm] tests/value/invalid_pointer.c:142: Warning:
+ invalid pointer creation.
+ assert
+ \object_pointer((int *)((unsigned int)((unsigned int)(&x) +
+ (unsigned int)undet)));
+[eva] tests/value/invalid_pointer.c:143: assertion got status valid.
+[eva] tests/value/invalid_pointer.c:144: assertion got status valid.
+[eva] tests/value/invalid_pointer.c:145:
+ Frama_C_show_each_object_pointer_char: {{ &x + {0; 1; 2; 3; 4} }}
+[eva] computing for function Frama_C_interval <- object_pointer_predicate <- main.
+ Called from tests/value/invalid_pointer.c:146.
+[eva] tests/value/invalid_pointer.c:146:
+ function Frama_C_interval: precondition 'order' got status valid.
+[eva] Done for function Frama_C_interval
+[eva] tests/value/invalid_pointer.c:148: assertion got status valid.
+[eva:alarm] tests/value/invalid_pointer.c:149: Warning:
+ invalid pointer creation. assert \object_pointer(p + i);
+[eva] tests/value/invalid_pointer.c:150: assertion got status valid.
+[eva:alarm] tests/value/invalid_pointer.c:151: Warning:
+ invalid pointer creation. assert \object_pointer(p + undet);
+[eva] tests/value/invalid_pointer.c:152: assertion got status valid.
+[eva] tests/value/invalid_pointer.c:153:
+ Frama_C_show_each_object_pointer_array:
+ {{ &x + {0; 4} ; &array + [0..256],0%4 }}
+[eva] tests/value/invalid_pointer.c:155: assertion got status valid.
+[eva:alarm] tests/value/invalid_pointer.c:158: Warning:
+ assertion got status unknown.
+[eva:alarm] tests/value/invalid_pointer.c:160: Warning:
+ invalid pointer creation. assert \object_pointer((int *)50);
+[eva:alarm] tests/value/invalid_pointer.c:161: Warning:
+ assertion got status unknown.
+[eva:alarm] tests/value/invalid_pointer.c:162: Warning:
+ invalid pointer creation. assert \object_pointer((int *)undet);
+[eva:alarm] tests/value/invalid_pointer.c:163: Warning:
+ assertion got status unknown.
+[eva:alarm] tests/value/invalid_pointer.c:165: Warning:
+ invalid pointer creation. assert \object_pointer((int *)100);
+[eva] Recording results for object_pointer_predicate
+[eva] Done for function object_pointer_predicate
+[eva] computing for function signal <- main.
+ Called from tests/value/invalid_pointer.c:180.
+[eva] using specification for function signal
+[eva] Done for function signal
+[eva] computing for function signal <- main.
+ Called from tests/value/invalid_pointer.c:181.
+[eva] Done for function signal
+[eva] computing for function signal <- main.
+ Called from tests/value/invalid_pointer.c:182.
+[eva] Done for function signal
+[eva] Recording results for main
+[eva] done for function main
+[eva] tests/value/invalid_pointer.c:20:
+ assertion 'Eva,pointer_value' got final status invalid.
+[eva] tests/value/invalid_pointer.c:23:
+ assertion 'Eva,pointer_value' got final status invalid.
+[eva] tests/value/invalid_pointer.c:64:
+ assertion 'Eva,pointer_value' got final status invalid.
+[eva] tests/value/invalid_pointer.c:70:
+ assertion 'Eva,pointer_value' got final status invalid.
+[eva] tests/value/invalid_pointer.c:82:
+ assertion 'Eva,pointer_value' got final status invalid.
+[eva] tests/value/invalid_pointer.c:84:
+ assertion 'Eva,pointer_value' got final status invalid.
+[eva] tests/value/invalid_pointer.c:102:
+ assertion 'Eva,pointer_value' got final status invalid.
+[eva] tests/value/invalid_pointer.c:118:
+ assertion 'Eva,pointer_value' got final status invalid.
+[eva] tests/value/invalid_pointer.c:129:
+ assertion 'Eva,pointer_value' got final status invalid.
+[eva] tests/value/invalid_pointer.c:135:
+ assertion 'Eva,pointer_value' got final status invalid.
+[eva] tests/value/invalid_pointer.c:160:
+ assertion 'Eva,pointer_value' got final status invalid.
+[eva] tests/value/invalid_pointer.c:165:
+ assertion 'Eva,pointer_value' got final status invalid.
+[scope:rm_asserts] removing 2 assertion(s)
+[eva] ====== VALUES COMPUTED ======
+[eva:final-states] Values at end of function addrof:
+ p ∈ {{ &a + [0..40],0%4 }}
+ offset ∈ [--..--]
+[eva:final-states] Values at end of function int_conversion:
+ Frama_C_entropy_source ∈ [--..--]
+ x ∈ [15..31]
+ p ∈ [0..31]
+[eva:final-states] Values at end of function object_pointer_predicate:
+ Frama_C_entropy_source ∈ [--..--]
+ p ∈ [0..31]
+ i ∈ [0..20]
+[eva:final-states] Values at end of function pointer_computation:
+ Frama_C_entropy_source ∈ [--..--]
+ p ∈ {{ &x }}
+ i ∈ {-1; 0}
+ j ∈ {-1; 0; 1}
+ q ∈ {{ &x + {0; 4} ; &array + [0..100],0%4 }}
+ offset1 ∈ [0..10]
+ offset2 ∈ [0..25]
+[eva:final-states] Values at end of function pointer_in_loops:
+ t[0] ∈ {0}
+ [1] ∈ {1}
+ [2] ∈ {2}
+ [3] ∈ {3}
+ [4] ∈ {4}
+ [5] ∈ {5}
+ [6] ∈ {6}
+ [7] ∈ {7}
+ [8] ∈ {8}
+ [9] ∈ {9}
+ [10] ∈ {10}
+ [11] ∈ {11}
+ [12] ∈ {12}
+ [13] ∈ {13}
+ [14] ∈ {14}
+ [15] ∈ {15}
+ [16] ∈ {16}
+ [17] ∈ {17}
+ [18] ∈ {18}
+ [19] ∈ {19}
+ [20] ∈ {20}
+ [21] ∈ {21}
+ [22] ∈ {22}
+ [23] ∈ {23}
+ [24] ∈ {24}
+ [25] ∈ {25}
+ [26] ∈ {26}
+ [27] ∈ {27}
+ [28] ∈ {28}
+ [29] ∈ {29}
+ [30] ∈ {30}
+ [31] ∈ {31}
+ [32] ∈ {32}
+ [33] ∈ {33}
+ [34] ∈ {34}
+ [35] ∈ {35}
+ [36] ∈ {36}
+ [37] ∈ {37}
+ [38] ∈ {38}
+ [39] ∈ {39}
+ [40] ∈ {40}
+ [41] ∈ {41}
+ [42] ∈ {42}
+ [43] ∈ {43}
+ [44] ∈ {44}
+ [45] ∈ {45}
+ [46] ∈ {46}
+ [47] ∈ {47}
+ [48] ∈ {48}
+ [49] ∈ {49}
+ [50] ∈ {50}
+ [51] ∈ {51}
+ [52] ∈ {52}
+ [53] ∈ {53}
+ [54] ∈ {54}
+ [55] ∈ {55}
+ [56] ∈ {56}
+ [57] ∈ {57}
+ [58] ∈ {58}
+ [59] ∈ {59}
+ [60] ∈ {60}
+ [61] ∈ {61}
+ [62] ∈ {62}
+ [63] ∈ {63}
+ [64] ∈ {64}
+ [65] ∈ {65}
+ [66] ∈ {66}
+ [67] ∈ {67}
+ [68] ∈ {68}
+ [69] ∈ {69}
+ [70] ∈ {70}
+ [71] ∈ {71}
+ [72] ∈ {72}
+ [73] ∈ {73}
+ [74] ∈ {74}
+ [75] ∈ {75}
+ [76] ∈ {76}
+ [77] ∈ {77}
+ [78] ∈ {78}
+ [79] ∈ {79}
+ [80] ∈ {80}
+ [81] ∈ {81}
+ [82] ∈ {82}
+ [83] ∈ {83}
+ [84] ∈ {84}
+ [85] ∈ {85}
+ [86] ∈ {86}
+ [87] ∈ {87}
+ [88] ∈ {88}
+ [89] ∈ {89}
+ [90] ∈ {90}
+ [91] ∈ {91}
+ [92] ∈ {92}
+ [93] ∈ {93}
+ [94] ∈ {94}
+ [95] ∈ {95}
+ [96] ∈ {96}
+ [97] ∈ {97}
+ [98] ∈ {98}
+ [99] ∈ {99}
+ [100] ∈ {100}
+ [101] ∈ {101}
+ [102] ∈ {102}
+ [103] ∈ {103}
+ [104] ∈ {104}
+ [105] ∈ {105}
+ [106] ∈ {106}
+ [107] ∈ {107}
+ [108] ∈ {108}
+ [109] ∈ {109}
+ [110] ∈ {110}
+ [111] ∈ {111}
+ [112] ∈ {112}
+ [113] ∈ {113}
+ [114] ∈ {114}
+ [115] ∈ {115}
+ [116] ∈ {116}
+ [117] ∈ {117}
+ [118] ∈ {118}
+ [119] ∈ {119}
+ [120] ∈ {120}
+ [121] ∈ {121}
+ [122] ∈ {122}
+ [123] ∈ {123}
+ [124] ∈ {124}
+ [125] ∈ {125}
+ [126] ∈ {126}
+ [127] ∈ {127}
+ p ∈ {{ &t[128] }}
+[eva:final-states] Values at end of function union_pointer:
+ p ∈ [0..31]
+ u{.integer; .pointer} ∈ [0..31]
+[eva:final-states] Values at end of function write_pointer:
+ p ∈ {42}
+ q ∈ {{ &x + {0; 1; 2; 3; 4} }}
+[eva:final-states] Values at end of function main:
+ Frama_C_entropy_source ∈ [--..--]
+[from] Computing for function addrof
+[from] Done for function addrof
+[from] Computing for function int_conversion
+[from] Computing for function Frama_C_interval <-int_conversion
+[from] Done for function Frama_C_interval
+[from] Done for function int_conversion
+[from] Computing for function object_pointer_predicate
+[from] Done for function object_pointer_predicate
+[from] Computing for function pointer_computation
+[from] Done for function pointer_computation
+[from] Computing for function pointer_in_loops
+[from] Done for function pointer_in_loops
+[from] Computing for function union_pointer
+[from] Done for function union_pointer
+[from] Computing for function write_pointer
+[from] Done for function write_pointer
+[from] Computing for function main
+[from] Computing for function signal <-main
+[from] Done for function signal
+[from] Done for function main
+[from] ====== DEPENDENCIES COMPUTED ======
+ These dependencies hold at termination for the executions that terminate:
+[from] Function Frama_C_interval:
+ Frama_C_entropy_source FROM Frama_C_entropy_source (and SELF)
+ \result FROM Frama_C_entropy_source; min; max
+[from] Function addrof:
+ NO EFFECTS
+[from] Function int_conversion:
+ Frama_C_entropy_source FROM Frama_C_entropy_source (and SELF)
+[from] Function object_pointer_predicate:
+ Frama_C_entropy_source FROM Frama_C_entropy_source (and SELF)
+[from] Function pointer_computation:
+ Frama_C_entropy_source FROM Frama_C_entropy_source (and SELF)
+[from] Function pointer_in_loops:
+ NO EFFECTS
+[from] Function signal:
+ \result FROM ANYTHING(origin:Unknown)
+[from] Function union_pointer:
+ NO EFFECTS
+[from] Function write_pointer:
+ NO EFFECTS
+[from] Function main:
+ Frama_C_entropy_source FROM Frama_C_entropy_source (and SELF)
+[from] ====== END OF DEPENDENCIES ======
+[inout] Out (internal) for function addrof:
+ p; offset
+[inout] Inputs for function addrof:
+ undet
+[inout] Out (internal) for function int_conversion:
+ Frama_C_entropy_source; x; p
+[inout] Inputs for function int_conversion:
+ Frama_C_entropy_source; undet
+[inout] Out (internal) for function object_pointer_predicate:
+ Frama_C_entropy_source; p; i
+[inout] Inputs for function object_pointer_predicate:
+ Frama_C_entropy_source; undet
+[inout] Out (internal) for function pointer_computation:
+ Frama_C_entropy_source; p; i; j; q; tmp; offset1; offset2
+[inout] Inputs for function pointer_computation:
+ Frama_C_entropy_source; undet
+[inout] Out (internal) for function pointer_in_loops:
+ t[0..127]; p; i; q; i_0
+[inout] Inputs for function pointer_in_loops:
+ undet
+[inout] Out (internal) for function union_pointer:
+ p; u
+[inout] Inputs for function union_pointer:
+ undet
+[inout] Out (internal) for function write_pointer:
+ p; q
+[inout] Inputs for function write_pointer:
+ undet
+[inout] Out (internal) for function main:
+ Frama_C_entropy_source
+[inout] Inputs for function main:
+ Frama_C_entropy_source; undet
diff --git a/tests/value/oracle/invalid_pointer.1.res.oracle b/tests/value/oracle/invalid_pointer.1.res.oracle
new file mode 100644
index 0000000000000000000000000000000000000000..132d1bef54df6c456d61b9acf25df882c73a6d48
--- /dev/null
+++ b/tests/value/oracle/invalid_pointer.1.res.oracle
@@ -0,0 +1,351 @@
+[kernel] Parsing tests/value/invalid_pointer.c (with preprocessing)
+[kernel:typing:int-conversion] tests/value/invalid_pointer.c:112: Warning:
+ Conversion from a pointer to an integer without an explicit cast
+[eva] Analyzing a complete application starting at main
+[eva] Computing initial state
+[eva] Initial state computed
+[eva:initial-state] Values of globals at initialization
+ NULL[rbits 80 to 247] ∈ [--..--]
+ undet ∈ [--..--]
+[eva] computing for function pointer_computation <- main.
+ Called from tests/value/invalid_pointer.c:172.
+[eva] computing for function Frama_C_interval <- pointer_computation <- main.
+ Called from tests/value/invalid_pointer.c:31.
+[eva] using specification for function Frama_C_interval
+[eva] tests/value/invalid_pointer.c:31:
+ function Frama_C_interval: precondition 'order' got status valid.
+[eva] Done for function Frama_C_interval
+[eva] computing for function Frama_C_interval <- pointer_computation <- main.
+ Called from tests/value/invalid_pointer.c:33.
+[eva] tests/value/invalid_pointer.c:33:
+ function Frama_C_interval: precondition 'order' got status valid.
+[eva] Done for function Frama_C_interval
+[eva] Recording results for pointer_computation
+[eva] Done for function pointer_computation
+[eva] computing for function pointer_in_loops <- main.
+ Called from tests/value/invalid_pointer.c:173.
+[eva] tests/value/invalid_pointer.c:43:
+ Trace partitioning superposing up to 100 states
+[eva] tests/value/invalid_pointer.c:54:
+ Frama_C_show_each_bottom: {{ &t + {-4} }}
+[eva] Recording results for pointer_in_loops
+[eva] Done for function pointer_in_loops
+[eva] computing for function int_conversion <- main.
+ Called from tests/value/invalid_pointer.c:174.
+[eva] computing for function Frama_C_interval <- int_conversion <- main.
+ Called from tests/value/invalid_pointer.c:66.
+[eva] tests/value/invalid_pointer.c:66:
+ function Frama_C_interval: precondition 'order' got status valid.
+[eva] Done for function Frama_C_interval
+[eva] computing for function Frama_C_interval <- int_conversion <- main.
+ Called from tests/value/invalid_pointer.c:68.
+[eva] tests/value/invalid_pointer.c:68:
+ function Frama_C_interval: precondition 'order' got status valid.
+[eva] Done for function Frama_C_interval
+[eva] computing for function Frama_C_interval <- int_conversion <- main.
+ Called from tests/value/invalid_pointer.c:72.
+[eva] tests/value/invalid_pointer.c:72:
+ function Frama_C_interval: precondition 'order' got status valid.
+[eva] Done for function Frama_C_interval
+[eva] Recording results for int_conversion
+[eva] Done for function int_conversion
+[eva] computing for function addrof <- main.
+ Called from tests/value/invalid_pointer.c:175.
+[eva] Recording results for addrof
+[eva] Done for function addrof
+[eva] computing for function union_pointer <- main.
+ Called from tests/value/invalid_pointer.c:176.
+[eva] Recording results for union_pointer
+[eva] Done for function union_pointer
+[eva] computing for function write_pointer <- main.
+ Called from tests/value/invalid_pointer.c:177.
+[eva] Recording results for write_pointer
+[eva] Done for function write_pointer
+[eva] computing for function object_pointer_predicate <- main.
+ Called from tests/value/invalid_pointer.c:178.
+[eva] tests/value/invalid_pointer.c:127: assertion got status valid.
+[eva:alarm] tests/value/invalid_pointer.c:130: Warning:
+ assertion got status invalid (stopping propagation).
+[eva] tests/value/invalid_pointer.c:133: assertion got status valid.
+[eva:alarm] tests/value/invalid_pointer.c:136: Warning:
+ assertion got status invalid (stopping propagation).
+[eva:alarm] tests/value/invalid_pointer.c:139: Warning:
+ assertion got status unknown.
+[eva] tests/value/invalid_pointer.c:140: assertion got status valid.
+[eva] tests/value/invalid_pointer.c:141:
+ Frama_C_show_each_object_pointer: {{ &x + {0; 4} }}
+[eva:alarm] tests/value/invalid_pointer.c:143: Warning:
+ assertion got status unknown.
+[eva] tests/value/invalid_pointer.c:144: assertion got status valid.
+[eva] tests/value/invalid_pointer.c:145:
+ Frama_C_show_each_object_pointer_char: {{ &x + {0; 1; 2; 3; 4} }}
+[eva] computing for function Frama_C_interval <- object_pointer_predicate <- main.
+ Called from tests/value/invalid_pointer.c:146.
+[eva] tests/value/invalid_pointer.c:146:
+ function Frama_C_interval: precondition 'order' got status valid.
+[eva] Done for function Frama_C_interval
+[eva] tests/value/invalid_pointer.c:148: assertion got status valid.
+[eva:alarm] tests/value/invalid_pointer.c:150: Warning:
+ assertion got status unknown.
+[eva:alarm] tests/value/invalid_pointer.c:152: Warning:
+ assertion got status unknown.
+[eva] tests/value/invalid_pointer.c:153:
+ Frama_C_show_each_object_pointer_array:
+ {{ &x + {0; 4} ; &array + [0..256],0%4 }}
+[eva] tests/value/invalid_pointer.c:155: assertion got status valid.
+[eva:alarm] tests/value/invalid_pointer.c:158: Warning:
+ assertion got status unknown.
+[eva:alarm] tests/value/invalid_pointer.c:161: Warning:
+ assertion got status unknown.
+[eva:alarm] tests/value/invalid_pointer.c:163: Warning:
+ assertion got status unknown.
+[eva:alarm] tests/value/invalid_pointer.c:166: Warning:
+ assertion got status invalid (stopping propagation).
+[eva] Recording results for object_pointer_predicate
+[eva] Done for function object_pointer_predicate
+[eva] computing for function signal <- main.
+ Called from tests/value/invalid_pointer.c:180.
+[eva] using specification for function signal
+[eva] Done for function signal
+[eva] computing for function signal <- main.
+ Called from tests/value/invalid_pointer.c:181.
+[eva] Done for function signal
+[eva] computing for function signal <- main.
+ Called from tests/value/invalid_pointer.c:182.
+[eva] Done for function signal
+[eva] Recording results for main
+[eva] done for function main
+[scope:rm_asserts] removing 2 assertion(s)
+[eva] ====== VALUES COMPUTED ======
+[eva:final-states] Values at end of function addrof:
+ p ∈ {{ &a + [-8589934592..8589934588],0%4 }}
+ offset ∈ [--..--]
+[eva:final-states] Values at end of function int_conversion:
+ Frama_C_entropy_source ∈ [--..--]
+ x ∈ [15..100]
+ p ∈ [--..--]
+[eva:final-states] Values at end of function object_pointer_predicate:
+ Frama_C_entropy_source ∈ [--..--]
+ p ∈ [0..31]
+ i ∈ [0..20]
+[eva:final-states] Values at end of function pointer_computation:
+ Frama_C_entropy_source ∈ [--..--]
+ p ∈ {{ &x + [-17179869184..17179869184],0%4 }}
+ i ∈ [--..--]
+ j ∈ [--..--]
+ q ∈ {{ &x + [0..240],0%4 ; &array + [0..240],0%4 }}
+ offset1 ∈ [0..10]
+ offset2 ∈ [0..50]
+[eva:final-states] Values at end of function pointer_in_loops:
+ t[0] ∈ {0; 127}
+ [1] ∈ {1; 126}
+ [2] ∈ {2; 125}
+ [3] ∈ {3; 124}
+ [4] ∈ {4; 123}
+ [5] ∈ {5; 122}
+ [6] ∈ {6; 121}
+ [7] ∈ {7; 120}
+ [8] ∈ {8; 119}
+ [9] ∈ {9; 118}
+ [10] ∈ {10; 117}
+ [11] ∈ {11; 116}
+ [12] ∈ {12; 115}
+ [13] ∈ {13; 114}
+ [14] ∈ {14; 113}
+ [15] ∈ {15; 112}
+ [16] ∈ {16; 111}
+ [17] ∈ {17; 110}
+ [18] ∈ {18; 109}
+ [19] ∈ {19; 108}
+ [20] ∈ {20; 107}
+ [21] ∈ {21; 106}
+ [22] ∈ {22; 105}
+ [23] ∈ {23; 104}
+ [24] ∈ {24; 103}
+ [25] ∈ {25; 102}
+ [26] ∈ {26; 101}
+ [27] ∈ {27; 100}
+ [28] ∈ {28; 99}
+ [29] ∈ {29; 98}
+ [30] ∈ {30; 97}
+ [31] ∈ {31; 96}
+ [32] ∈ {32; 95}
+ [33] ∈ {33; 94}
+ [34] ∈ {34; 93}
+ [35] ∈ {35; 92}
+ [36] ∈ {36; 91}
+ [37] ∈ {37; 90}
+ [38] ∈ {38; 89}
+ [39] ∈ {39; 88}
+ [40] ∈ {40; 87}
+ [41] ∈ {41; 86}
+ [42] ∈ {42; 85}
+ [43] ∈ {43; 84}
+ [44] ∈ {44; 83}
+ [45] ∈ {45; 82}
+ [46] ∈ {46; 81}
+ [47] ∈ {47; 80}
+ [48] ∈ {48; 79}
+ [49] ∈ {49; 78}
+ [50] ∈ {50; 77}
+ [51] ∈ {51; 76}
+ [52] ∈ {52; 75}
+ [53] ∈ {53; 74}
+ [54] ∈ {54; 73}
+ [55] ∈ {55; 72}
+ [56] ∈ {56; 71}
+ [57] ∈ {57; 70}
+ [58] ∈ {58; 69}
+ [59] ∈ {59; 68}
+ [60] ∈ {60; 67}
+ [61] ∈ {61; 66}
+ [62] ∈ {62; 65}
+ [63..64] ∈ {63; 64}
+ [65] ∈ {62; 65}
+ [66] ∈ {61; 66}
+ [67] ∈ {60; 67}
+ [68] ∈ {59; 68}
+ [69] ∈ {58; 69}
+ [70] ∈ {57; 70}
+ [71] ∈ {56; 71}
+ [72] ∈ {55; 72}
+ [73] ∈ {54; 73}
+ [74] ∈ {53; 74}
+ [75] ∈ {52; 75}
+ [76] ∈ {51; 76}
+ [77] ∈ {50; 77}
+ [78] ∈ {49; 78}
+ [79] ∈ {48; 79}
+ [80] ∈ {47; 80}
+ [81] ∈ {46; 81}
+ [82] ∈ {45; 82}
+ [83] ∈ {44; 83}
+ [84] ∈ {43; 84}
+ [85] ∈ {42; 85}
+ [86] ∈ {41; 86}
+ [87] ∈ {40; 87}
+ [88] ∈ {39; 88}
+ [89] ∈ {38; 89}
+ [90] ∈ {37; 90}
+ [91] ∈ {36; 91}
+ [92] ∈ {35; 92}
+ [93] ∈ {34; 93}
+ [94] ∈ {33; 94}
+ [95] ∈ {32; 95}
+ [96] ∈ {31; 96}
+ [97] ∈ {30; 97}
+ [98] ∈ {29; 98}
+ [99] ∈ {28; 99}
+ [100] ∈ {27; 100}
+ [101] ∈ {26; 101}
+ [102] ∈ {25; 102}
+ [103] ∈ {24; 103}
+ [104] ∈ {23; 104}
+ [105] ∈ {22; 105}
+ [106] ∈ {21; 106}
+ [107] ∈ {20; 107}
+ [108] ∈ {19; 108}
+ [109] ∈ {18; 109}
+ [110] ∈ {17; 110}
+ [111] ∈ {16; 111}
+ [112] ∈ {15; 112}
+ [113] ∈ {14; 113}
+ [114] ∈ {13; 114}
+ [115] ∈ {12; 115}
+ [116] ∈ {11; 116}
+ [117] ∈ {10; 117}
+ [118] ∈ {9; 118}
+ [119] ∈ {8; 119}
+ [120] ∈ {7; 120}
+ [121] ∈ {6; 121}
+ [122] ∈ {5; 122}
+ [123] ∈ {4; 123}
+ [124] ∈ {3; 124}
+ [125] ∈ {2; 125}
+ [126] ∈ {1; 126}
+ [127] ∈ {0; 127}
+ p ∈ {{ &t[128] }}
+[eva:final-states] Values at end of function union_pointer:
+ p ∈ [--..--]
+ u ∈ [--..--]
+[eva:final-states] Values at end of function write_pointer:
+ p ∈ {42}
+ q ∈ {{ NULL + {42} ; &x + [0..4294967295] }}
+[eva:final-states] Values at end of function main:
+ Frama_C_entropy_source ∈ [--..--]
+[from] Computing for function addrof
+[from] Done for function addrof
+[from] Computing for function int_conversion
+[from] Computing for function Frama_C_interval <-int_conversion
+[from] Done for function Frama_C_interval
+[from] Done for function int_conversion
+[from] Computing for function object_pointer_predicate
+[from] Done for function object_pointer_predicate
+[from] Computing for function pointer_computation
+[from] Done for function pointer_computation
+[from] Computing for function pointer_in_loops
+[from] Done for function pointer_in_loops
+[from] Computing for function union_pointer
+[from] Done for function union_pointer
+[from] Computing for function write_pointer
+[from] Done for function write_pointer
+[from] Computing for function main
+[from] Computing for function signal <-main
+[from] Done for function signal
+[from] Done for function main
+[from] ====== DEPENDENCIES COMPUTED ======
+ These dependencies hold at termination for the executions that terminate:
+[from] Function Frama_C_interval:
+ Frama_C_entropy_source FROM Frama_C_entropy_source (and SELF)
+ \result FROM Frama_C_entropy_source; min; max
+[from] Function addrof:
+ NO EFFECTS
+[from] Function int_conversion:
+ Frama_C_entropy_source FROM Frama_C_entropy_source (and SELF)
+[from] Function object_pointer_predicate:
+ Frama_C_entropy_source FROM Frama_C_entropy_source (and SELF)
+[from] Function pointer_computation:
+ Frama_C_entropy_source FROM Frama_C_entropy_source (and SELF)
+[from] Function pointer_in_loops:
+ NO EFFECTS
+[from] Function signal:
+ \result FROM ANYTHING(origin:Unknown)
+[from] Function union_pointer:
+ NO EFFECTS
+[from] Function write_pointer:
+ NO EFFECTS
+[from] Function main:
+ Frama_C_entropy_source FROM Frama_C_entropy_source (and SELF)
+[from] ====== END OF DEPENDENCIES ======
+[inout] Out (internal) for function addrof:
+ p; offset
+[inout] Inputs for function addrof:
+ undet
+[inout] Out (internal) for function int_conversion:
+ Frama_C_entropy_source; x; p
+[inout] Inputs for function int_conversion:
+ Frama_C_entropy_source; undet
+[inout] Out (internal) for function object_pointer_predicate:
+ Frama_C_entropy_source; p; i
+[inout] Inputs for function object_pointer_predicate:
+ Frama_C_entropy_source; undet
+[inout] Out (internal) for function pointer_computation:
+ Frama_C_entropy_source; p; i; j; q; tmp; offset1; offset2
+[inout] Inputs for function pointer_computation:
+ Frama_C_entropy_source; undet
+[inout] Out (internal) for function pointer_in_loops:
+ t[0..127]; p; i; q; i_0
+[inout] Inputs for function pointer_in_loops:
+ undet
+[inout] Out (internal) for function union_pointer:
+ p; u
+[inout] Inputs for function union_pointer:
+ undet
+[inout] Out (internal) for function write_pointer:
+ p; q
+[inout] Inputs for function write_pointer:
+ undet
+[inout] Out (internal) for function main:
+ Frama_C_entropy_source
+[inout] Inputs for function main:
+ Frama_C_entropy_source; undet
diff --git a/tests/value/oracle/join_misaligned.res.oracle b/tests/value/oracle/join_misaligned.res.oracle
index cb31ee65e403a3dd9324e6a25644b6f3c07d6db6..111aa1c6f07269e57c40e05b830f78610e7d81e3 100644
--- a/tests/value/oracle/join_misaligned.res.oracle
+++ b/tests/value/oracle/join_misaligned.res.oracle
@@ -14,6 +14,10 @@
z[0..4] ∈ {255}
a ∈ {0}
va ∈ [--..--]
+[eva:alarm] tests/value/join_misaligned.i:23: Warning:
+ pointer downcast. assert (unsigned int)(&t) ≤ 2147483647;
+[eva:alarm] tests/value/join_misaligned.i:37: Warning:
+ pointer downcast. assert (unsigned int)(&u) ≤ 2147483647;
[eva] Recording results for main
[eva] done for function main
[eva:garbled-mix] Warning:
diff --git a/tests/value/oracle/label.res.oracle b/tests/value/oracle/label.res.oracle
index a7dfd612adb73ce8ff24f9b2a2b76936f9e33e74..a87f0773b6eb65bac1d59beedb2c2d142fd94d48 100644
--- a/tests/value/oracle/label.res.oracle
+++ b/tests/value/oracle/label.res.oracle
@@ -10,6 +10,8 @@
i ∈ {0}
p ∈ {0}
q ∈ {0}
+[eva:alarm] tests/value/label.i:14: Warning:
+ pointer downcast. assert (unsigned int)(&d + 1) ≤ 2147483647;
[eva] tests/value/label.i:18:
Assigning imprecise value to *((char *)(& p) + i)
(pointing to p with offsets {0}).
diff --git a/tests/value/oracle/leaf2.res.oracle b/tests/value/oracle/leaf2.res.oracle
index db427e105c3dc4664fced2891c968210aae2f1e9..96ab8ffd9b41e9562a73dd6afd3f244a6c403e5f 100644
--- a/tests/value/oracle/leaf2.res.oracle
+++ b/tests/value/oracle/leaf2.res.oracle
@@ -6,6 +6,8 @@
G ∈ {0}
H ∈ {0}
I ∈ {0}
+[eva:alarm] tests/value/leaf2.i:6: Warning:
+ pointer downcast. assert (unsigned int)(&I) ≤ 2147483647;
[eva] computing for function f <- main.
Called from tests/value/leaf2.i:6.
[kernel:annot:missing-spec] tests/value/leaf2.i:6: Warning:
diff --git a/tests/value/oracle/library.res.oracle b/tests/value/oracle/library.res.oracle
index abf27f96c2e64aa9abb9a239c22e5330e3b3cdf1..16be4cd6f9d1bd4e952d9eebfe1bfd3987072a4d 100644
--- a/tests/value/oracle/library.res.oracle
+++ b/tests/value/oracle/library.res.oracle
@@ -129,7 +129,7 @@
[eva:alarm] tests/value/library.i:44: Warning:
non-finite float value. assert \is_finite(*pf);
[eva:alarm] tests/value/library.i:44: Warning:
- non-finite float value. assert \is_finite((float)(*pf + *pf));
+ non-finite float value. assert \is_finite(\add_float(*pf, *pf));
[eva] computing for function k <- main.
Called from tests/value/library.i:45.
[eva] using specification for function k
diff --git a/tests/value/oracle/memexec.res.oracle b/tests/value/oracle/memexec.res.oracle
index a27eebd316e8fecb8f2d31c42a25e208d17a468c..0369d95d24a52716ffcfb8d7bf7a0a0230b7d55e 100644
--- a/tests/value/oracle/memexec.res.oracle
+++ b/tests/value/oracle/memexec.res.oracle
@@ -7,7 +7,9 @@
x1 ∈ {0}
y1 ∈ {0}
z1 ∈ {0}
+ z2 ∈ {0}
c ∈ [--..--]
+ nondet ∈ [--..--]
p ∈ {0}
i ∈ {0}
t[0..9] ∈ {0}
@@ -17,7 +19,7 @@
g_f5_2 ∈ {0}
two_fields ∈ {0}
[eva] computing for function f1 <- main.
- Called from tests/value/memexec.c:154.
+ Called from tests/value/memexec.c:189.
[eva] computing for function f11 <- f1 <- main.
Called from tests/value/memexec.c:12.
[eva] Recording results for f11
@@ -31,15 +33,15 @@
[eva] Recording results for f1
[eva] Done for function f1
[eva] computing for function f2 <- main.
- Called from tests/value/memexec.c:155.
+ Called from tests/value/memexec.c:190.
[eva] Recording results for f2
[eva] Done for function f2
[eva] computing for function f3 <- main.
- Called from tests/value/memexec.c:156.
+ Called from tests/value/memexec.c:191.
[eva] Recording results for f3
[eva] Done for function f3
[eva] computing for function bug <- main.
- Called from tests/value/memexec.c:157.
+ Called from tests/value/memexec.c:192.
[eva] computing for function fbug <- bug <- main.
Called from tests/value/memexec.c:40.
[eva:alarm] tests/value/memexec.c:33: Warning:
@@ -53,10 +55,10 @@
[eva] Done for function fbug
[eva] Recording results for bug
[eva] Done for function bug
-[eva:locals-escaping] tests/value/memexec.c:157: Warning:
+[eva:locals-escaping] tests/value/memexec.c:192: Warning:
locals {x} escaping the scope of bug through p
[eva] computing for function f4 <- main.
- Called from tests/value/memexec.c:158.
+ Called from tests/value/memexec.c:193.
[eva] computing for function f4_2 <- f4 <- main.
Called from tests/value/memexec.c:84.
[eva] computing for function f4_11 <- f4_2 <- f4 <- main.
@@ -92,7 +94,7 @@
[eva] Recording results for f4
[eva] Done for function f4
[eva] computing for function f5 <- main.
- Called from tests/value/memexec.c:159.
+ Called from tests/value/memexec.c:194.
[eva] computing for function f5_aux <- f5 <- main.
Called from tests/value/memexec.c:107.
[eva:alarm] tests/value/memexec.c:94: Warning: assertion got status unknown.
@@ -103,12 +105,11 @@
Frama_C_show_each_f5: [9..2147483647], [-2147483648..6], [-2147483648..7]
[eva] tests/value/memexec.c:113: Reusing old results for call to f5_aux
[eva] tests/value/memexec.c:114:
- Frama_C_show_each_f5:
- [9..2147483647], [-2147483648..2147483647], [-2147483648..7]
+ Frama_C_show_each_f5: [9..2147483647], [-2147483648..6], [-2147483648..7]
[eva] Recording results for f5
[eva] Done for function f5
[eva] computing for function f6 <- main.
- Called from tests/value/memexec.c:160.
+ Called from tests/value/memexec.c:195.
[eva] computing for function f6_1 <- f6 <- main.
Called from tests/value/memexec.c:123.
[eva] Recording results for f6_1
@@ -120,7 +121,7 @@
[eva] Recording results for f6
[eva] Done for function f6
[eva] computing for function f7 <- main.
- Called from tests/value/memexec.c:161.
+ Called from tests/value/memexec.c:196.
[eva] computing for function f7_1 <- f7 <- main.
Called from tests/value/memexec.c:136.
[eva] Recording results for f7_1
@@ -129,7 +130,7 @@
[eva] Recording results for f7
[eva] Done for function f7
[eva] computing for function f8 <- main.
- Called from tests/value/memexec.c:162.
+ Called from tests/value/memexec.c:197.
[eva] computing for function f8_1 <- f8 <- main.
Called from tests/value/memexec.c:147.
[eva:alarm] tests/value/memexec.c:141: Warning:
@@ -143,6 +144,56 @@
[eva] tests/value/memexec.c:150: Reusing old results for call to f8_1
[eva] Recording results for f8
[eva] Done for function f8
+[eva] computing for function f9 <- main.
+ Called from tests/value/memexec.c:198.
+[eva] computing for function f9_1 <- f9 <- main.
+ Called from tests/value/memexec.c:171.
+[eva:alarm] tests/value/memexec.c:154: Warning:
+ assertion got status invalid (stopping propagation).
+[eva] Recording results for f9_1
+[eva] Done for function f9_1
+[eva] computing for function f9_1 <- f9 <- main.
+ Called from tests/value/memexec.c:173.
+[eva] tests/value/memexec.c:154: assertion got status valid.
+[eva] Recording results for f9_1
+[eva] Done for function f9_1
+[eva] computing for function f9_2 <- f9 <- main.
+ Called from tests/value/memexec.c:176.
+[eva:alarm] tests/value/memexec.c:158: Warning:
+ assertion got status invalid (stopping propagation).
+[eva] Recording results for f9_2
+[eva] Done for function f9_2
+[eva] computing for function f9_2 <- f9 <- main.
+ Called from tests/value/memexec.c:178.
+[eva] tests/value/memexec.c:158: assertion got status valid.
+[eva] Recording results for f9_2
+[eva] Done for function f9_2
+[eva] computing for function f9_3 <- f9 <- main.
+ Called from tests/value/memexec.c:179.
+[eva:alarm] tests/value/memexec.c:162: Warning:
+ assertion got status invalid (stopping propagation).
+[eva] Recording results for f9_3
+[eva] Done for function f9_3
+[eva] computing for function f9_3 <- f9 <- main.
+ Called from tests/value/memexec.c:181.
+[eva] tests/value/memexec.c:162: assertion got status valid.
+[eva] Recording results for f9_3
+[eva] Done for function f9_3
+[eva] computing for function f9_4 <- f9 <- main.
+ Called from tests/value/memexec.c:183.
+[eva:alarm] tests/value/memexec.c:166: Warning:
+ assertion got status invalid (stopping propagation).
+[eva] Recording results for f9_4
+[eva] Done for function f9_4
+[eva] computing for function f9_4 <- f9 <- main.
+ Called from tests/value/memexec.c:185.
+[eva] tests/value/memexec.c:166: assertion got status valid.
+[eva] Recording results for f9_4
+[eva] Done for function f9_4
+[eva] Recording results for f9
+[eva] Done for function f9
+[eva:locals-escaping] tests/value/memexec.c:198: Warning:
+ locals {x} escaping the scope of f9 through p
[eva] Recording results for main
[eva] done for function main
[eva] ====== VALUES COMPUTED ======
@@ -192,7 +243,7 @@
[eva:final-states] Values at end of function f5_aux:
v ∈ [--..--]
[eva:final-states] Values at end of function f5:
- g_f5_1 ∈ [--..--]
+ g_f5_1 ∈ [-2147483648..6]
g_f5_2 ∈ [-2147483648..7]
arg ∈ [9..2147483647]
[eva:final-states] Values at end of function f6_1:
@@ -209,6 +260,18 @@
q ∈ {0}
[eva:final-states] Values at end of function f8:
x ∈ {1}
+[eva:final-states] Values at end of function f9_1:
+
+[eva:final-states] Values at end of function f9_2:
+
+[eva:final-states] Values at end of function f9_3:
+
+[eva:final-states] Values at end of function f9_4:
+
+[eva:final-states] Values at end of function f9:
+ z2 ∈ {1}
+ p ∈ {{ &x }}
+ x ∈ {1}
[eva:final-states] Values at end of function fbug:
__retres ∈ {1}
[eva:final-states] Values at end of function bug:
@@ -216,6 +279,7 @@
x ∈ {1}
[eva:final-states] Values at end of function main:
x1 ∈ {1}
+ z2 ∈ {1}
p ∈ ESCAPINGADDR
i ∈ {0; 5}
t[0..1] ∈ {0}
@@ -228,7 +292,7 @@
S[0..7] ∈ {0}
[8].i ∈ {0; 6}
[9] ∈ {0}
- g_f5_1 ∈ [--..--]
+ g_f5_1 ∈ [-2147483648..6]
g_f5_2 ∈ [-2147483648..7]
two_fields.x ∈ {1}
.y ∈ {3}
@@ -264,6 +328,16 @@
[from] Done for function f8_1
[from] Computing for function f8
[from] Done for function f8
+[from] Computing for function f9_1
+[from] Done for function f9_1
+[from] Computing for function f9_2
+[from] Done for function f9_2
+[from] Computing for function f9_3
+[from] Done for function f9_3
+[from] Computing for function f9_4
+[from] Done for function f9_4
+[from] Computing for function f9
+[from] Done for function f9
[from] Computing for function fbug
[from] Done for function fbug
[from] Computing for function bug
@@ -311,12 +385,24 @@
NO EFFECTS
[from] Function f8:
NO EFFECTS
+[from] Function f9_1:
+ NO EFFECTS
+[from] Function f9_2:
+ NO EFFECTS
+[from] Function f9_3:
+ NO EFFECTS
+[from] Function f9_4:
+ NO EFFECTS
+[from] Function f9:
+ z2 FROM \nothing
+ p FROM \nothing
[from] Function fbug:
\result FROM p; x
[from] Function bug:
p FROM \nothing
[from] Function main:
x1 FROM \nothing
+ z2 FROM \nothing
p FROM \nothing
i FROM c (and SELF)
t{[2]; [5..6]} FROM c (and SELF)
@@ -390,6 +476,26 @@
x
[inout] Inputs for function f8:
c
+[inout] Out (internal) for function f9_1:
+ \nothing
+[inout] Inputs for function f9_1:
+ \nothing
+[inout] Out (internal) for function f9_2:
+ \nothing
+[inout] Inputs for function f9_2:
+ \nothing
+[inout] Out (internal) for function f9_3:
+ \nothing
+[inout] Inputs for function f9_3:
+ \nothing
+[inout] Out (internal) for function f9_4:
+ \nothing
+[inout] Inputs for function f9_4:
+ \nothing
+[inout] Out (internal) for function f9:
+ z2; p; x
+[inout] Inputs for function f9:
+ nondet
[inout] Out (internal) for function fbug:
__retres
[inout] Inputs for function fbug:
@@ -399,6 +505,6 @@
[inout] Inputs for function bug:
c; p
[inout] Out (internal) for function main:
- x1; p; i; t{[2]; [5..6]}; ps; S[8]; g_f5_1; g_f5_2; two_fields
+ x1; z2; p; i; t{[2]; [5..6]}; ps; S[8]; g_f5_1; g_f5_2; two_fields
[inout] Inputs for function main:
- c; p; i; ps; S[8]; g_f5_1; g_f5_2
+ c; nondet; p; i; ps; S[8]; g_f5_1; g_f5_2
diff --git a/tests/value/oracle/mini_pointrer.res.oracle b/tests/value/oracle/mini_pointrer.res.oracle
index 2c0b41b4d4a63a35f3d6216f247a33171a4028f4..0cc72335a3a945d507756d104f6b9f40ca26ee8f 100644
--- a/tests/value/oracle/mini_pointrer.res.oracle
+++ b/tests/value/oracle/mini_pointrer.res.oracle
@@ -11,6 +11,8 @@
accessing out of bounds index. assert 0 ≤ c1;
[eva:alarm] tests/value/mini_pointrer.i:6: Warning:
accessing out of bounds index. assert c1 < 2;
+[eva:alarm] tests/value/mini_pointrer.i:6: Warning:
+ pointer downcast. assert (unsigned int)(&T[c1]) ≤ 2147483647;
[eva:alarm] tests/value/mini_pointrer.i:8: Warning:
out of bounds read. assert \valid_read(ppp);
[eva:alarm] tests/value/mini_pointrer.i:8: Warning:
diff --git a/tests/value/oracle/nonlin.res.oracle b/tests/value/oracle/nonlin.res.oracle
index de062d28c580191ea1a8cdb6de19c2f0ac49020a..433ce49eaa0ba5fe807e8a83e3c7550bb2c62d67 100644
--- a/tests/value/oracle/nonlin.res.oracle
+++ b/tests/value/oracle/nonlin.res.oracle
@@ -63,6 +63,8 @@
[eva:nonlin] tests/value/nonlin.c:21: subdividing on i
[eva:alarm] tests/value/nonlin.c:21: Warning:
out of bounds read. assert \valid_read((p + i) - i);
+[eva:alarm] tests/value/nonlin.c:23: Warning:
+ pointer downcast. assert (unsigned int)(&x) ≤ 2147483647;
[eva:alarm] tests/value/nonlin.c:24: Warning:
out of bounds read. assert \valid_read((p + i) - i);
[eva] Recording results for subdivide_pointer
diff --git a/tests/value/oracle/not_ct_array_arg.res.oracle b/tests/value/oracle/not_ct_array_arg.res.oracle
index b6c5638c803e6da7d593848c541fb7418e386e7b..8be78fd49c0cde02afd96f8c3a7f7345cee83b0b 100644
--- a/tests/value/oracle/not_ct_array_arg.res.oracle
+++ b/tests/value/oracle/not_ct_array_arg.res.oracle
@@ -24,6 +24,8 @@
==END OF DUMP==
[eva:alarm] tests/value/not_ct_array_arg.i:12: Warning:
out of bounds write. assert \valid(&(*(tb + 9))[100]);
+[eva:alarm] tests/value/not_ct_array_arg.i:12: Warning:
+ pointer downcast. assert (unsigned int)(&tb) ≤ 2147483647;
[eva] tests/value/not_ct_array_arg.i:13:
Frama_C_dump_each:
# Cvalue domain:
diff --git a/tests/value/oracle/offset_top.res.oracle b/tests/value/oracle/offset_top.res.oracle
index bc18f222647e0f0ff249f35ea2d4dbcff8abb73d..8dbc430d5ee96b88e1fdc11243dd643dbfaa6a2b 100644
--- a/tests/value/oracle/offset_top.res.oracle
+++ b/tests/value/oracle/offset_top.res.oracle
@@ -6,6 +6,8 @@
NULL[rbits 0 to 2047] ∈ [--..--]
T ∈ {0}
TAB[0..9] ∈ {0}
+[eva:alarm] tests/value/offset_top.i:10: Warning:
+ pointer downcast. assert (unsigned int)(&TAB[*T]) ≤ 2147483647;
[eva] Recording results for main
[eva] done for function main
[eva] ====== VALUES COMPUTED ======
diff --git a/tests/value/oracle/offsetmap.0.res.oracle b/tests/value/oracle/offsetmap.0.res.oracle
index ed60e2eb7466464a7334f4896599961a48bcb892..572459f644a8f9403d5f4f5cc1231c2b6bf93b2e 100644
--- a/tests/value/oracle/offsetmap.0.res.oracle
+++ b/tests/value/oracle/offsetmap.0.res.oracle
@@ -27,6 +27,8 @@
Called from tests/value/offsetmap.i:75.
[eva] tests/value/offsetmap.i:19: starting to merge loop iterations
[eva] tests/value/offsetmap.i:29: starting to merge loop iterations
+[eva:alarm] tests/value/offsetmap.i:51: Warning:
+ pointer downcast. assert (unsigned int)(&x2) ≤ 2147483647;
[eva] Recording results for f
[eva] Done for function f
[eva] computing for function g <- main.
diff --git a/tests/value/oracle/offsetmap.1.res.oracle b/tests/value/oracle/offsetmap.1.res.oracle
index dbf10008a7f66e55292c0882ccc83a502ca8ca94..d4ac4533187b26fcde94ffc2686f55870879fca3 100644
--- a/tests/value/oracle/offsetmap.1.res.oracle
+++ b/tests/value/oracle/offsetmap.1.res.oracle
@@ -27,6 +27,8 @@
Called from tests/value/offsetmap.i:75.
[eva] tests/value/offsetmap.i:19: starting to merge loop iterations
[eva] tests/value/offsetmap.i:29: starting to merge loop iterations
+[eva:alarm] tests/value/offsetmap.i:51: Warning:
+ pointer downcast. assert (unsigned int)(&x2) ≤ 2147483647;
[eva] Recording results for f
[eva] Done for function f
[eva] computing for function g <- main.
diff --git a/tests/value/oracle/origin.0.res.oracle b/tests/value/oracle/origin.0.res.oracle
index 64ee1af662166a6561d4bf893d8f0730672cde0e..2bdd5becc39c217a92386b0eec24bb4ac9ebdd71 100644
--- a/tests/value/oracle/origin.0.res.oracle
+++ b/tests/value/oracle/origin.0.res.oracle
@@ -54,6 +54,8 @@
S_gpp[0..1] ∈ [--..--]
[eva] computing for function origin_arithmetic_1 <- main.
Called from tests/value/origin.i:94.
+[eva:alarm] tests/value/origin.i:14: Warning:
+ pointer downcast. assert (unsigned int)((int *)ta1) ≤ 2147483647;
[eva:alarm] tests/value/origin.i:14: Warning:
signed overflow. assert -2147483648 ≤ -((int)((int *)ta1));
[eva:alarm] tests/value/origin.i:14: Warning:
@@ -67,6 +69,8 @@
[eva] Done for function origin_arithmetic_1
[eva] computing for function origin_arithmetic_2 <- main.
Called from tests/value/origin.i:95.
+[eva:alarm] tests/value/origin.i:19: Warning:
+ pointer downcast. assert (unsigned int)((int *)ta2) ≤ 2147483647;
[eva:alarm] tests/value/origin.i:19: Warning:
signed overflow. assert -2147483648 ≤ -((int)((int *)ta2));
[eva:alarm] tests/value/origin.i:19: Warning:
@@ -77,6 +81,8 @@
[eva] tests/value/origin.i:20:
Assigning imprecise value to qa2.
The imprecision originates from Arithmetic {tests/value/origin.i:19}
+[eva:alarm] tests/value/origin.i:20: Warning:
+ pointer downcast. assert (unsigned int)((int *)tta2) ≤ 2147483647;
[eva:alarm] tests/value/origin.i:20: Warning:
signed overflow. assert -2147483648 ≤ -((int)((int *)tta2));
[eva:alarm] tests/value/origin.i:20: Warning:
@@ -86,10 +92,14 @@
The imprecision originates from Arithmetic {tests/value/origin.i:20}
[eva:alarm] tests/value/origin.i:21: Warning:
out of bounds write. assert \valid(qa2);
+[eva:alarm] tests/value/origin.i:21: Warning:
+ pointer downcast. assert (unsigned int)(&aa2) ≤ 2147483647;
[eva] Recording results for origin_arithmetic_2
[eva] Done for function origin_arithmetic_2
[eva] computing for function origin_arithmetic_3 <- main.
Called from tests/value/origin.i:96.
+[eva:alarm] tests/value/origin.i:25: Warning:
+ pointer downcast. assert (unsigned int)((int *)ta3) ≤ 2147483647;
[eva:alarm] tests/value/origin.i:25: Warning:
signed overflow. assert -2147483648 ≤ -((int)((int *)ta3));
[eva:alarm] tests/value/origin.i:25: Warning:
@@ -148,6 +158,8 @@
{{ garbled mix of &{a; b} (origin: Misaligned {tests/value/origin.i:54}) }}
[eva:alarm] tests/value/origin.i:56: Warning:
out of bounds write. assert \valid(qm2);
+[eva:alarm] tests/value/origin.i:56: Warning:
+ pointer downcast. assert (unsigned int)(&a) ≤ 2147483647;
[eva] Recording results for origin_misalign_2
[eva] Done for function origin_misalign_2
[eva] computing for function origin_uninitialized_1 <- main.
@@ -166,6 +178,12 @@
[eva] Done for function origin_uninitialized_2
[eva] computing for function local_escape_1 <- main.
Called from tests/value/origin.i:108.
+[eva:alarm] tests/value/origin.i:83: Warning:
+ pointer downcast. assert (unsigned int)(&arg) ≤ 2147483647;
+[eva:alarm] tests/value/origin.i:84: Warning:
+ pointer downcast. assert (unsigned int)(&local1) ≤ 2147483647;
+[eva:alarm] tests/value/origin.i:85: Warning:
+ pointer downcast. assert (unsigned int)(&arg) ≤ 2147483647;
[eva:alarm] tests/value/origin.i:85: Warning:
signed overflow. assert -2147483648 ≤ -((int)(&arg));
[eva:alarm] tests/value/origin.i:85: Warning:
@@ -173,6 +191,10 @@
[eva] tests/value/origin.i:85:
Assigning imprecise value to esc3.
The imprecision originates from Arithmetic {tests/value/origin.i:85}
+[eva:alarm] tests/value/origin.i:87: Warning:
+ pointer downcast. assert (unsigned int)(&local1) ≤ 2147483647;
+[eva:alarm] tests/value/origin.i:88: Warning:
+ pointer downcast. assert (unsigned int)(&esc1) ≤ 2147483647;
[eva] Recording results for local_escape_1
[eva] Done for function local_escape_1
[eva:locals-escaping] tests/value/origin.i:108: Warning:
@@ -187,6 +209,7 @@
[eva] done for function main
[eva] tests/value/origin.i:75:
assertion 'Eva,initialization' got final status invalid.
+[scope:rm_asserts] removing 2 assertion(s)
[eva] ====== VALUES COMPUTED ======
[eva:final-states] Values at end of function local_escape_1:
esc1 ∈ {{ (int)&arg }}
diff --git a/tests/value/oracle/origin.1.res.oracle b/tests/value/oracle/origin.1.res.oracle
index b8a6b3cb99b375317a49b248133106a0f094ed93..0b3195a5397b0126f8eed45040fafff00df4c125 100644
--- a/tests/value/oracle/origin.1.res.oracle
+++ b/tests/value/oracle/origin.1.res.oracle
@@ -64,6 +64,8 @@
[eva] tests/value/origin.i:129:
Assigning imprecise value to r.t[0].
The imprecision originates from Merge {tests/value/origin.i:129}
+[eva:alarm] tests/value/origin.i:130: Warning:
+ pointer downcast. assert (unsigned int)(&x) ≤ 2147483647;
[eva:alarm] tests/value/origin.i:130: Warning:
signed overflow. assert -2147483648 ≤ -((int)(&x));
[eva:alarm] tests/value/origin.i:130: Warning:
diff --git a/tests/value/oracle/period.res.oracle b/tests/value/oracle/period.res.oracle
index 0283e81195e5dfb1886fd792544581c9ba206445..2af9a46bd2a738663bb66bde0768d88bc3967919 100644
--- a/tests/value/oracle/period.res.oracle
+++ b/tests/value/oracle/period.res.oracle
@@ -78,18 +78,25 @@
Gt ∈ {12}
Ht ∈ {1}
==END OF DUMP==
+[eva:alarm] tests/value/period.c:51: Warning:
+ pointer downcast. assert (unsigned int)(&g) ≤ 2147483647;
[eva] tests/value/period.c:51:
Assigning imprecise value to p.
The imprecision originates from Arithmetic {tests/value/period.c:51}
[eva:alarm] tests/value/period.c:52: Warning:
out of bounds write. assert \valid(p);
+[eva:alarm] tests/value/period.c:53: Warning:
+ pointer downcast. assert (unsigned int)(&g) ≤ 2147483647;
[eva] tests/value/period.c:53:
Assigning imprecise value to p.
The imprecision originates from Arithmetic {tests/value/period.c:53}
[eva:alarm] tests/value/period.c:54: Warning:
out of bounds read. assert \valid_read(p);
+[eva:alarm] tests/value/period.c:55: Warning:
+ pointer downcast. assert (unsigned int)(&vg) ≤ 2147483647;
[eva] Recording results for main
[eva] done for function main
+[scope:rm_asserts] removing 1 assertion(s)
[eva] ====== VALUES COMPUTED ======
[eva:final-states] Values at end of function main:
g[0..9] ∈
diff --git a/tests/value/oracle/pointer_comparison.0.res.oracle b/tests/value/oracle/pointer_comparison.0.res.oracle
index c58a323eab8082ad0f725a204de27b2a959e86dc..0202337ff61b091c94af6196bc605e43313ef656 100644
--- a/tests/value/oracle/pointer_comparison.0.res.oracle
+++ b/tests/value/oracle/pointer_comparison.0.res.oracle
@@ -18,6 +18,10 @@
[eva] tests/value/pointer_comparison.c:14: Frama_C_show_each_4: {{ &x + {16} }}
[eva:pointer-comparison] tests/value/pointer_comparison.c:16:
invalid pointer comparison: invalid pointer(s)
+[eva:alarm] tests/value/pointer_comparison.c:16: Warning:
+ pointer downcast. assert (unsigned int)p ≤ 2147483647;
+[eva:alarm] tests/value/pointer_comparison.c:16: Warning:
+ pointer downcast. assert (unsigned int)(&y) ≤ 2147483647;
[eva] tests/value/pointer_comparison.c:16: Frama_C_show_each_5: {{ &x + {16} }}
[eva] tests/value/pointer_comparison.c:17: Frama_C_show_each_5e: {{ &x + {16} }}
[eva:pointer-comparison] tests/value/pointer_comparison.c:18:
@@ -48,8 +52,23 @@
[inout] Inputs for function main:
p
[report] Computing properties status...
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'main'
+--------------------------------------------------------------------------------
+
+[ - ] Assertion 'Eva,pointer_downcast' (file tests/value/pointer_comparison.c, line 16)
+ assert Eva: pointer_downcast: (unsigned int)p ≤ 2147483647;
+ tried with Eva.
+[ - ] Assertion 'Eva,pointer_downcast' (file tests/value/pointer_comparison.c, line 16)
+ assert Eva: pointer_downcast: (unsigned int)(&y) ≤ 2147483647;
+ tried with Eva.
+
+--------------------------------------------------------------------------------
+--- Status Report Summary
--------------------------------------------------------------------------------
---- No status to report
+ 2 To be validated
+ 2 Total
--------------------------------------------------------------------------------
[eva] Analyzing a complete application starting at main
[eva] Computing initial state
@@ -74,6 +93,10 @@
assert \pointer_comparable((void *)tmp_2, (void *)(&y));
(tmp_2 from p++)
[eva] tests/value/pointer_comparison.c:14: Frama_C_show_each_4: {{ &x + {16} }}
+[eva:alarm] tests/value/pointer_comparison.c:16: Warning:
+ pointer downcast. assert (unsigned int)p ≤ 2147483647;
+[eva:alarm] tests/value/pointer_comparison.c:16: Warning:
+ pointer downcast. assert (unsigned int)(&y) ≤ 2147483647;
[eva] tests/value/pointer_comparison.c:16: Frama_C_show_each_5: {{ &x + {16} }}
[eva] tests/value/pointer_comparison.c:17: Frama_C_show_each_5e: {{ &x + {16} }}
[eva:alarm] tests/value/pointer_comparison.c:18: Warning:
@@ -125,6 +148,12 @@
Eva: ptr_comparison:
\pointer_comparable((void *)tmp_2, (void *)(&y));
tried with Eva.
+[ - ] Assertion 'Eva,pointer_downcast' (file tests/value/pointer_comparison.c, line 16)
+ assert Eva: pointer_downcast: (unsigned int)p ≤ 2147483647;
+ tried with Eva.
+[ - ] Assertion 'Eva,pointer_downcast' (file tests/value/pointer_comparison.c, line 16)
+ assert Eva: pointer_downcast: (unsigned int)(&y) ≤ 2147483647;
+ tried with Eva.
[ - ] Assertion 'Eva,ptr_comparison' (file tests/value/pointer_comparison.c, line 18)
assert
Eva: ptr_comparison:
@@ -134,8 +163,8 @@
--------------------------------------------------------------------------------
--- Status Report Summary
--------------------------------------------------------------------------------
- 4 To be validated
- 4 Total
+ 6 To be validated
+ 6 Total
--------------------------------------------------------------------------------
[eva] Analyzing a complete application starting at main
[eva] Computing initial state
@@ -161,7 +190,12 @@
(tmp_2 from p++)
[eva] tests/value/pointer_comparison.c:14: Frama_C_show_each_4: {{ &x + {16} }}
[eva:alarm] tests/value/pointer_comparison.c:16: Warning:
- pointer comparison. assert \pointer_comparable((void *)p, (void *)(&y));
+ pointer downcast. assert (unsigned int)p ≤ 2147483647;
+[eva:alarm] tests/value/pointer_comparison.c:16: Warning:
+ pointer downcast. assert (unsigned int)(&y) ≤ 2147483647;
+[eva:alarm] tests/value/pointer_comparison.c:16: Warning:
+ pointer comparison.
+ assert \pointer_comparable((void *)((int)p), (void *)((int)(&y)));
[eva] tests/value/pointer_comparison.c:16: Frama_C_show_each_5: {{ &x + {16} }}
[eva] tests/value/pointer_comparison.c:17: Frama_C_show_each_5e: {{ &x + {16} }}
[eva:alarm] tests/value/pointer_comparison.c:18: Warning:
@@ -213,9 +247,16 @@
Eva: ptr_comparison:
\pointer_comparable((void *)tmp_2, (void *)(&y));
tried with Eva.
+[ - ] Assertion 'Eva,pointer_downcast' (file tests/value/pointer_comparison.c, line 16)
+ assert Eva: pointer_downcast: (unsigned int)p ≤ 2147483647;
+ tried with Eva.
+[ - ] Assertion 'Eva,pointer_downcast' (file tests/value/pointer_comparison.c, line 16)
+ assert Eva: pointer_downcast: (unsigned int)(&y) ≤ 2147483647;
+ tried with Eva.
[ - ] Assertion 'Eva,ptr_comparison' (file tests/value/pointer_comparison.c, line 16)
assert
- Eva: ptr_comparison: \pointer_comparable((void *)p, (void *)(&y));
+ Eva: ptr_comparison:
+ \pointer_comparable((void *)((int)p), (void *)((int)(&y)));
tried with Eva.
[ - ] Assertion 'Eva,ptr_comparison' (file tests/value/pointer_comparison.c, line 18)
assert
@@ -226,6 +267,6 @@
--------------------------------------------------------------------------------
--- Status Report Summary
--------------------------------------------------------------------------------
- 5 To be validated
- 5 Total
+ 7 To be validated
+ 7 Total
--------------------------------------------------------------------------------
diff --git a/tests/value/oracle/pointer_comparison.1.res.oracle b/tests/value/oracle/pointer_comparison.1.res.oracle
index 890e9690c6c1d14e06b4af1515e5dc193155e4f0..0f48c4ee7e0a0f10c28b128a2b8f6ccc00f590cf 100644
--- a/tests/value/oracle/pointer_comparison.1.res.oracle
+++ b/tests/value/oracle/pointer_comparison.1.res.oracle
@@ -33,6 +33,10 @@
[eva] tests/value/pointer_comparison.c:15: Frama_C_show_each_4e: {{ &x + {16} }}
[eva:pointer-comparison] tests/value/pointer_comparison.c:16:
invalid pointer comparison: invalid pointer(s)
+[eva:alarm] tests/value/pointer_comparison.c:16: Warning:
+ pointer downcast. assert (unsigned int)p ≤ 2147483647;
+[eva:alarm] tests/value/pointer_comparison.c:16: Warning:
+ pointer downcast. assert (unsigned int)(&y) ≤ 2147483647;
[eva] tests/value/pointer_comparison.c:16: Frama_C_show_each_5: {{ &x + {16} }}
[eva] tests/value/pointer_comparison.c:17: Frama_C_show_each_5e: {{ &x + {16} }}
[eva:pointer-comparison] tests/value/pointer_comparison.c:18:
@@ -68,8 +72,23 @@
[inout] Inputs for function main:
p
[report] Computing properties status...
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'main'
+--------------------------------------------------------------------------------
+
+[ - ] Assertion 'Eva,pointer_downcast' (file tests/value/pointer_comparison.c, line 16)
+ assert Eva: pointer_downcast: (unsigned int)p ≤ 2147483647;
+ tried with Eva.
+[ - ] Assertion 'Eva,pointer_downcast' (file tests/value/pointer_comparison.c, line 16)
+ assert Eva: pointer_downcast: (unsigned int)(&y) ≤ 2147483647;
+ tried with Eva.
+
+--------------------------------------------------------------------------------
+--- Status Report Summary
--------------------------------------------------------------------------------
---- No status to report
+ 2 To be validated
+ 2 Total
--------------------------------------------------------------------------------
[eva] Analyzing a complete application starting at main
[eva] Computing initial state
@@ -97,6 +116,10 @@
(tmp_2 from p++)
[eva] tests/value/pointer_comparison.c:14: Frama_C_show_each_4: {{ &x + {16} }}
[eva] tests/value/pointer_comparison.c:15: Frama_C_show_each_4e: {{ &x + {16} }}
+[eva:alarm] tests/value/pointer_comparison.c:16: Warning:
+ pointer downcast. assert (unsigned int)p ≤ 2147483647;
+[eva:alarm] tests/value/pointer_comparison.c:16: Warning:
+ pointer downcast. assert (unsigned int)(&y) ≤ 2147483647;
[eva] tests/value/pointer_comparison.c:16: Frama_C_show_each_5: {{ &x + {16} }}
[eva] tests/value/pointer_comparison.c:17: Frama_C_show_each_5e: {{ &x + {16} }}
[eva:alarm] tests/value/pointer_comparison.c:18: Warning:
@@ -149,6 +172,12 @@
Eva: ptr_comparison:
\pointer_comparable((void *)tmp_2, (void *)(&y));
tried with Eva.
+[ - ] Assertion 'Eva,pointer_downcast' (file tests/value/pointer_comparison.c, line 16)
+ assert Eva: pointer_downcast: (unsigned int)p ≤ 2147483647;
+ tried with Eva.
+[ - ] Assertion 'Eva,pointer_downcast' (file tests/value/pointer_comparison.c, line 16)
+ assert Eva: pointer_downcast: (unsigned int)(&y) ≤ 2147483647;
+ tried with Eva.
[ - ] Assertion 'Eva,ptr_comparison' (file tests/value/pointer_comparison.c, line 18)
assert
Eva: ptr_comparison:
@@ -158,8 +187,8 @@
--------------------------------------------------------------------------------
--- Status Report Summary
--------------------------------------------------------------------------------
- 4 To be validated
- 4 Total
+ 6 To be validated
+ 6 Total
--------------------------------------------------------------------------------
[eva] Analyzing a complete application starting at main
[eva] Computing initial state
@@ -188,7 +217,12 @@
[eva] tests/value/pointer_comparison.c:14: Frama_C_show_each_4: {{ &x + {16} }}
[eva] tests/value/pointer_comparison.c:15: Frama_C_show_each_4e: {{ &x + {16} }}
[eva:alarm] tests/value/pointer_comparison.c:16: Warning:
- pointer comparison. assert \pointer_comparable((void *)p, (void *)(&y));
+ pointer downcast. assert (unsigned int)p ≤ 2147483647;
+[eva:alarm] tests/value/pointer_comparison.c:16: Warning:
+ pointer downcast. assert (unsigned int)(&y) ≤ 2147483647;
+[eva:alarm] tests/value/pointer_comparison.c:16: Warning:
+ pointer comparison.
+ assert \pointer_comparable((void *)((int)p), (void *)((int)(&y)));
[eva] tests/value/pointer_comparison.c:16: Frama_C_show_each_5: {{ &x + {16} }}
[eva] tests/value/pointer_comparison.c:17: Frama_C_show_each_5e: {{ &x + {16} }}
[eva:alarm] tests/value/pointer_comparison.c:18: Warning:
@@ -241,9 +275,16 @@
Eva: ptr_comparison:
\pointer_comparable((void *)tmp_2, (void *)(&y));
tried with Eva.
+[ - ] Assertion 'Eva,pointer_downcast' (file tests/value/pointer_comparison.c, line 16)
+ assert Eva: pointer_downcast: (unsigned int)p ≤ 2147483647;
+ tried with Eva.
+[ - ] Assertion 'Eva,pointer_downcast' (file tests/value/pointer_comparison.c, line 16)
+ assert Eva: pointer_downcast: (unsigned int)(&y) ≤ 2147483647;
+ tried with Eva.
[ - ] Assertion 'Eva,ptr_comparison' (file tests/value/pointer_comparison.c, line 16)
assert
- Eva: ptr_comparison: \pointer_comparable((void *)p, (void *)(&y));
+ Eva: ptr_comparison:
+ \pointer_comparable((void *)((int)p), (void *)((int)(&y)));
tried with Eva.
[ - ] Assertion 'Eva,ptr_comparison' (file tests/value/pointer_comparison.c, line 18)
assert
@@ -254,6 +295,6 @@
--------------------------------------------------------------------------------
--- Status Report Summary
--------------------------------------------------------------------------------
- 5 To be validated
- 5 Total
+ 7 To be validated
+ 7 Total
--------------------------------------------------------------------------------
diff --git a/tests/value/oracle/pointer_int_cast.res.oracle b/tests/value/oracle/pointer_int_cast.res.oracle
index 078dfbbd5bee8472325f2b748799bbafe9459628..cad14cc1bd042de3a5b4ae42904551966dc6a151 100644
--- a/tests/value/oracle/pointer_int_cast.res.oracle
+++ b/tests/value/oracle/pointer_int_cast.res.oracle
@@ -8,6 +8,8 @@
q ∈ {0}
x ∈ {0}
y ∈ {0}
+[eva:alarm] tests/value/pointer_int_cast.i:9: Warning:
+ pointer downcast. assert (unsigned int)(&y) ≤ 2147483647;
[eva] Recording results for g
[eva] done for function g
[eva] ====== VALUES COMPUTED ======
diff --git a/tests/value/oracle/propagate_bottom.res.oracle b/tests/value/oracle/propagate_bottom.res.oracle
index 2b291b99b1160a933b7e4e50c6cbd1bfc4df425f..84b9c0efca5685428362ae64672e2f16403634f0 100644
--- a/tests/value/oracle/propagate_bottom.res.oracle
+++ b/tests/value/oracle/propagate_bottom.res.oracle
@@ -17,17 +17,23 @@
[eva:alarm] tests/value/propagate_bottom.i:20: Warning:
division by zero. assert 0 ≢ 0;
[eva:alarm] tests/value/propagate_bottom.i:25: Warning:
- non-finite double value. assert \is_finite((double)(1. / (double)0));
+ non-finite double value.
+ assert \is_finite(\div_double((double)1., (double)0));
[eva:alarm] tests/value/propagate_bottom.i:28: Warning:
- non-finite double value. assert \is_finite((double)(1. / (double)0));
+ non-finite double value.
+ assert \is_finite(\div_double((double)1., (double)0));
[eva:alarm] tests/value/propagate_bottom.i:31: Warning:
- non-finite double value. assert \is_finite((double)(1. / (double)0));
+ non-finite double value.
+ assert \is_finite(\div_double((double)1., (double)0));
[eva:alarm] tests/value/propagate_bottom.i:34: Warning:
- non-finite double value. assert \is_finite((double)(1. / 0.));
+ non-finite double value.
+ assert \is_finite(\div_double((double)1., (double)0.));
[eva:alarm] tests/value/propagate_bottom.i:37: Warning:
- non-finite double value. assert \is_finite((double)(1. / 0.));
+ non-finite double value.
+ assert \is_finite(\div_double((double)1., (double)0.));
[eva:alarm] tests/value/propagate_bottom.i:40: Warning:
- non-finite double value. assert \is_finite((double)(1. / 0.));
+ non-finite double value.
+ assert \is_finite(\div_double((double)1., (double)0.));
[eva] Recording results for main
[eva] done for function main
[eva] tests/value/propagate_bottom.i:5:
diff --git a/tests/value/oracle/shift.0.res.oracle b/tests/value/oracle/shift.0.res.oracle
index aa83c00acb6fec860002e54317aee5ec41e97e39..b2838250a6d5104942a7d000707c740654d060e8 100644
--- a/tests/value/oracle/shift.0.res.oracle
+++ b/tests/value/oracle/shift.0.res.oracle
@@ -44,6 +44,8 @@
[eva] tests/value/shift.i:52:
Assigning imprecise value to r.
The imprecision originates from Arithmetic {tests/value/shift.i:52}
+[eva:alarm] tests/value/shift.i:53: Warning:
+ pointer downcast. assert (unsigned int)((char *)t) ≤ 2147483647;
[eva:alarm] tests/value/shift.i:53: Warning:
invalid LHS operand for left shift. assert 0 ≤ (long)((char *)t);
[eva:alarm] tests/value/shift.i:53: Warning:
diff --git a/tests/value/oracle/shift.1.res.oracle b/tests/value/oracle/shift.1.res.oracle
index 076532ff7124c6875536b00e1051863ad9d4aa3c..9862244f180a9db29e4f8a675b3763cf0dc72b3d 100644
--- a/tests/value/oracle/shift.1.res.oracle
+++ b/tests/value/oracle/shift.1.res.oracle
@@ -38,6 +38,8 @@
[eva] tests/value/shift.i:52:
Assigning imprecise value to r.
The imprecision originates from Arithmetic {tests/value/shift.i:52}
+[eva:alarm] tests/value/shift.i:53: Warning:
+ pointer downcast. assert (unsigned int)((char *)t) ≤ 2147483647;
[eva:alarm] tests/value/shift.i:53: Warning:
signed overflow. assert -2147483648 ≤ (long)((char *)t) << 8;
[eva:alarm] tests/value/shift.i:53: Warning:
diff --git a/tests/value/oracle/sizeof.res.oracle b/tests/value/oracle/sizeof.res.oracle
index 90ea60d5201575ac44fcbe81c059e02e2632d14d..aa8dc50d410df0a8961e66ac04949f144fedee20 100644
--- a/tests/value/oracle/sizeof.res.oracle
+++ b/tests/value/oracle/sizeof.res.oracle
@@ -18,21 +18,23 @@
[eva] Done for function main1
[eva] computing for function main2 <- main.
Called from tests/value/sizeof.i:41.
+[eva:alarm] tests/value/sizeof.i:32: Warning:
+ pointer downcast. assert (unsigned int)(&s1) ≤ 2147483647;
[eva] tests/value/sizeof.i:32:
Assigning imprecise value to p.
The imprecision originates from Arithmetic {tests/value/sizeof.i:32}
[eva:alarm] tests/value/sizeof.i:33: Warning:
accessing out of bounds index.
- assert (unsigned int)(sizeof(s1.t) - (unsigned int)i) < 10;
+ assert (unsigned int)(sizeof(int [10]) - (unsigned int)i) < 10;
[eva:alarm] tests/value/sizeof.i:33: Warning:
out of bounds write.
- assert \valid(&p->t[(unsigned int)(sizeof(s1.t) - (unsigned int)i)]);
+ assert \valid(&p->t[(unsigned int)(sizeof(int [10]) - (unsigned int)i)]);
[eva:alarm] tests/value/sizeof.i:34: Warning:
accessing out of bounds index.
- assert (unsigned int)(sizeof(s1.t) - (unsigned int)i) < 10;
+ assert (unsigned int)(sizeof(int [10]) - (unsigned int)i) < 10;
[eva:alarm] tests/value/sizeof.i:34: Warning:
out of bounds write.
- assert \valid(&p->t[(unsigned int)(sizeof(s1.t) - (unsigned int)i)]);
+ assert \valid(&p->t[(unsigned int)(sizeof(int [10]) - (unsigned int)i)]);
[eva] Recording results for main2
[eva] Done for function main2
[eva] computing for function f <- main.
@@ -124,21 +126,24 @@ struct s s1;
int volatile i;
void main2(void)
{
+ /*@ assert Eva: pointer_downcast: (unsigned int)(&s1) ≤ 2147483647; */
struct s *p = (& s1 + (int)(& s1)) - (int)(& s1);
/*@ assert
- Eva: index_bound: (unsigned int)(sizeof(s1.t) - (unsigned int)i) < 10;
+ Eva: index_bound:
+ (unsigned int)(sizeof(int [10]) - (unsigned int)i) < 10;
*/
/*@ assert
Eva: mem_access:
- \valid(&p->t[(unsigned int)(sizeof(s1.t) - (unsigned int)i)]);
+ \valid(&p->t[(unsigned int)(sizeof(int [10]) - (unsigned int)i)]);
*/
p->t[sizeof(s1.t) - (unsigned int)i] = 1;
/*@ assert
- Eva: index_bound: (unsigned int)(sizeof(s1.t) - (unsigned int)i) < 10;
+ Eva: index_bound:
+ (unsigned int)(sizeof(int [10]) - (unsigned int)i) < 10;
*/
/*@ assert
Eva: mem_access:
- \valid(&p->t[(unsigned int)(sizeof(s1.t) - (unsigned int)i)]);
+ \valid(&p->t[(unsigned int)(sizeof(int [10]) - (unsigned int)i)]);
*/
p->t[sizeof(s1.t) - (unsigned int)i] = 2;
return;
diff --git a/tests/value/oracle/struct3.res.oracle b/tests/value/oracle/struct3.res.oracle
index 73e5ba0ea066bc75260c87fae0c189e46048166b..4cbcaa45fece740a5d003524f97f4d0e6c3bd565 100644
--- a/tests/value/oracle/struct3.res.oracle
+++ b/tests/value/oracle/struct3.res.oracle
@@ -19,6 +19,10 @@
accessing out of bounds index. assert 10 < 10;
[kernel] tests/value/struct3.i:42: Warning:
all target addresses were invalid. This path is assumed to be dead.
+[eva:alarm] tests/value/struct3.i:46: Warning:
+ pointer downcast. assert (unsigned int)s2.c ≤ 2147483647;
+[eva:alarm] tests/value/struct3.i:46: Warning:
+ pointer downcast. assert (unsigned int)(s2.c + (int)s2.c) ≤ 2147483647;
[eva] tests/value/struct3.i:46:
Assigning imprecise value to s2.a.
The imprecision originates from Arithmetic {tests/value/struct3.i:46}
diff --git a/tests/value/oracle/struct_array.res.oracle b/tests/value/oracle/struct_array.res.oracle
index faf7f29e81bdc46b6f0a80ba6da31a3c64d8b13e..05ac2f16880175bd81d50810e8f58c82ee0a05a7 100644
--- a/tests/value/oracle/struct_array.res.oracle
+++ b/tests/value/oracle/struct_array.res.oracle
@@ -1,6 +1,12 @@
[kernel] Parsing tests/value/struct_array.i (no preprocessing)
[eva] Analyzing a complete application starting at main
[eva] Computing initial state
+[eva:alarm] tests/value/struct_array.i:15: Warning:
+ pointer downcast. assert (unsigned int)(&z1) ≤ 2147483647;
+[eva:alarm] tests/value/struct_array.i:15: Warning:
+ pointer downcast. assert (unsigned int)(&z2) ≤ 2147483647;
+[eva:alarm] tests/value/struct_array.i:15: Warning:
+ pointer downcast. assert (unsigned int)(&z4) ≤ 2147483647;
[eva] Initial state computed
[eva:initial-state] Values of globals at initialization
v ∈ [--..--]
@@ -234,6 +240,12 @@
[19].p; [20].p; [21].p}; s; s1; s2; s3
[eva] Analyzing a complete application starting at main
[eva] Computing initial state
+[eva:alarm] tests/value/struct_array.i:15: Warning:
+ pointer downcast. assert (unsigned int)(&z1) ≤ 2147483647;
+[eva:alarm] tests/value/struct_array.i:15: Warning:
+ pointer downcast. assert (unsigned int)(&z2) ≤ 2147483647;
+[eva:alarm] tests/value/struct_array.i:15: Warning:
+ pointer downcast. assert (unsigned int)(&z4) ≤ 2147483647;
[eva] Initial state computed
[eva:initial-state] Values of globals at initialization
v ∈ [--..--]
diff --git a/tests/value/oracle/struct_incl.res.oracle b/tests/value/oracle/struct_incl.res.oracle
index 7f41406ae8876196443ccfd0f061fe5c14b45722..3eb4f598ee5535e92806764dd7628d0d1bc3307c 100644
--- a/tests/value/oracle/struct_incl.res.oracle
+++ b/tests/value/oracle/struct_incl.res.oracle
@@ -22,6 +22,12 @@
z ∈ {0}
t ∈ {0}
v ∈ [--..--]
+[eva:alarm] tests/value/struct_incl.i:28: Warning:
+ pointer downcast. assert (unsigned int)(&s1.d[9]) ≤ 2147483647;
+[eva:alarm] tests/value/struct_incl.i:29: Warning:
+ pointer downcast. assert (unsigned int)(&s1.d[10]) ≤ 2147483647;
+[eva:alarm] tests/value/struct_incl.i:30: Warning:
+ pointer downcast. assert (unsigned int)(&s1.b) ≤ 2147483647;
[eva:alarm] tests/value/struct_incl.i:48: Warning:
accessing out of bounds index. assert 10 < 10;
[kernel] tests/value/struct_incl.i:48: Warning:
diff --git a/tests/value/oracle/summary.3.res.oracle b/tests/value/oracle/summary.3.res.oracle
index f5bcadc1abb5d0f1908434ef0ff16c53d5cdbe34..8c983fd90a289be87579fd40cfe9efbde6414a90 100644
--- a/tests/value/oracle/summary.3.res.oracle
+++ b/tests/value/oracle/summary.3.res.oracle
@@ -30,7 +30,7 @@
[eva:alarm] tests/value/summary.i:34: Warning:
non-finite double value. assert \is_finite(volatile_d);
[eva:alarm] tests/value/summary.i:35: Warning:
- non-finite double value. assert \is_finite((double)(d - d));
+ non-finite double value. assert \is_finite(\sub_double(d, d));
[eva:alarm] tests/value/summary.i:36: Warning:
overflow in conversion from floating-point to integer.
assert -2147483649 < d;
diff --git a/tests/value/oracle/summary.4.res.oracle b/tests/value/oracle/summary.4.res.oracle
index 80d3ffdb4b19723e3faea13031852ffe5fbcb15e..3e988afe4882c009bbfa39e4f7c73ed77f551148 100644
--- a/tests/value/oracle/summary.4.res.oracle
+++ b/tests/value/oracle/summary.4.res.oracle
@@ -52,7 +52,7 @@
[eva:alarm] tests/value/summary.i:35: Warning:
assertion 'rte,is_nan_or_infinite' got status unknown.
[eva:alarm] tests/value/summary.i:35: Warning:
- non-finite double value. assert \is_finite((double)(d - d));
+ non-finite double value. assert \is_finite(\sub_double(d, d));
[eva:alarm] tests/value/summary.i:36: Warning:
assertion 'rte,float_to_int' got status unknown.
[eva:alarm] tests/value/summary.i:39: Warning:
diff --git a/tests/value/oracle/symbolic_locs.res.oracle b/tests/value/oracle/symbolic_locs.res.oracle
index 154a7b55ae69c0322855b6ec0641415c750dac3c..eb325482dff5626613b033e1a10ed1426e77a835 100644
--- a/tests/value/oracle/symbolic_locs.res.oracle
+++ b/tests/value/oracle/symbolic_locs.res.oracle
@@ -64,6 +64,8 @@
Called from tests/value/symbolic_locs.i:121.
[eva:alarm] tests/value/symbolic_locs.i:51: Warning:
assertion got status unknown.
+[eva:alarm] tests/value/symbolic_locs.i:54: Warning:
+ pointer downcast. assert (unsigned int)(&x) ≤ 2147483647;
[eva] tests/value/symbolic_locs.i:55:
Frama_C_dump_each:
# Cvalue domain:
diff --git a/tests/value/oracle/test_arith.res.oracle b/tests/value/oracle/test_arith.res.oracle
index 8e462c9e595ce5651bccad91d3ee4d434ff1fa56..0eacce08467e7b1726285b701f49cbe4f7613b07 100644
--- a/tests/value/oracle/test_arith.res.oracle
+++ b/tests/value/oracle/test_arith.res.oracle
@@ -17,6 +17,8 @@
G ∈ {0}
[eva:alarm] tests/value/test_arith.c:16: Warning:
signed overflow. assert n + 1 ≤ 2147483647;
+[eva:alarm] tests/value/test_arith.c:18: Warning:
+ pointer downcast. assert (unsigned int)ptr ≤ 2147483647;
[eva:alarm] tests/value/test_arith.c:18: Warning:
signed overflow. assert -2147483648 ≤ (int)ptr + 1;
[eva:alarm] tests/value/test_arith.c:18: Warning:
diff --git a/tests/value/oracle/val6.0.res.oracle b/tests/value/oracle/val6.0.res.oracle
index 4e2b389231689d1033ecb2773969b962487172d1..6f55e39160535d43c76637297a29444fff5d2392 100644
--- a/tests/value/oracle/val6.0.res.oracle
+++ b/tests/value/oracle/val6.0.res.oracle
@@ -9,6 +9,8 @@
b ∈ {0}
y ∈ {0}
x ∈ {0}
+[eva:alarm] tests/value/val6.i:13: Warning:
+ pointer downcast. assert (unsigned int)c ≤ 2147483647;
[eva] Recording results for f
[eva] done for function f
[eva] ====== VALUES COMPUTED ======
diff --git a/tests/value/oracle/volatile.res.oracle b/tests/value/oracle/volatile.res.oracle
index fe1efbbfceb93a5fde01d1a898afddbdc39dd98d..8cfa94fed9df507ba41a46c8921cf3b906e5eb20 100644
--- a/tests/value/oracle/volatile.res.oracle
+++ b/tests/value/oracle/volatile.res.oracle
@@ -90,6 +90,8 @@
[eva] Done for function main1
[eva] computing for function main2 <- main.
Called from tests/value/volatile.c:177.
+[eva:alarm] tests/value/volatile.c:83: Warning:
+ pointer downcast. assert (unsigned int)(&X) ≤ 2147483647;
[eva] Recording results for main2
[eva] Done for function main2
[eva] computing for function main3 <- main.
diff --git a/tests/value/oracle/volatilestruct.res.oracle b/tests/value/oracle/volatilestruct.res.oracle
index ed81eece0db93c42d0a0d23243d2c91ace28ebfa..256e74cfbacfc6a6c2b098a2703e0ef1b94d90ca 100644
--- a/tests/value/oracle/volatilestruct.res.oracle
+++ b/tests/value/oracle/volatilestruct.res.oracle
@@ -7,6 +7,8 @@
s2 ∈ {0}
x ∈ {0}
y ∈ {0}
+[eva:alarm] tests/value/volatilestruct.c:31: Warning:
+ pointer downcast. assert (unsigned int)p->f4.f2 ≤ 2147483647;
[eva:alarm] tests/value/volatilestruct.c:33: Warning:
signed overflow. assert -2147483648 ≤ &x - p->f4.f1;
[eva:alarm] tests/value/volatilestruct.c:33: Warning:
@@ -53,6 +55,8 @@
s2 ∈ {0}
x ∈ {0}
y ∈ {0}
+[eva:alarm] tests/value/volatilestruct.c:31: Warning:
+ pointer downcast. assert (unsigned int)p->f4.f2 ≤ 2147483647;
[eva:signed-overflow] tests/value/volatilestruct.c:33: Warning:
2's complement assumed for overflow
[eva:signed-overflow] tests/value/volatilestruct.c:34: Warning:
diff --git a/tests/value/traces/oracle/test1.res.oracle b/tests/value/traces/oracle/test1.res.oracle
index 3d86f18943019f3f0a467294eb91a6e35ce14333..c89a9da2b49c07a5a9ee5a2c912b00d4e13952a3 100644
--- a/tests/value/traces/oracle/test1.res.oracle
+++ b/tests/value/traces/oracle/test1.res.oracle
@@ -1,5 +1,5 @@
-[eva:experimental] Warning: The traces domain is experimental.
[kernel] Parsing tests/value/traces/test1.c (with preprocessing)
+[eva:experimental] Warning: The traces domain is experimental.
[eva] Analyzing a complete application starting at main
[eva] Computing initial state
[eva] Initial state computed
diff --git a/tests/value/traces/oracle/test2.res.oracle b/tests/value/traces/oracle/test2.res.oracle
index 200e815eb5c348b65cc3bb4411ebf9401052ac21..3e1b821db9efd4784476373cafee29cc104913ef 100644
--- a/tests/value/traces/oracle/test2.res.oracle
+++ b/tests/value/traces/oracle/test2.res.oracle
@@ -1,5 +1,5 @@
-[eva:experimental] Warning: The traces domain is experimental.
[kernel] Parsing tests/value/traces/test2.i (no preprocessing)
+[eva:experimental] Warning: The traces domain is experimental.
[eva] Analyzing a complete application starting at main
[eva] Computing initial state
[eva] Initial state computed
diff --git a/tests/value/traces/oracle/test3.res.oracle b/tests/value/traces/oracle/test3.res.oracle
index 1557613f54517aa6adcf22b46a8b6f617191eff7..bff1a57599b827a894c7723e22904c20bee9cebe 100644
--- a/tests/value/traces/oracle/test3.res.oracle
+++ b/tests/value/traces/oracle/test3.res.oracle
@@ -1,5 +1,5 @@
-[eva:experimental] Warning: The traces domain is experimental.
[kernel] Parsing tests/value/traces/test3.i (no preprocessing)
+[eva:experimental] Warning: The traces domain is experimental.
[eva] Analyzing a complete application starting at main
[eva] Computing initial state
[eva] Initial state computed
diff --git a/tests/value/traces/oracle/test4.res.oracle b/tests/value/traces/oracle/test4.res.oracle
index ffd3f1dd1ce713fc3f9efc6ac926cd892952e725..45691fa981c5087f70854e4529ec6764fc659d45 100644
--- a/tests/value/traces/oracle/test4.res.oracle
+++ b/tests/value/traces/oracle/test4.res.oracle
@@ -1,5 +1,5 @@
-[eva:experimental] Warning: The traces domain is experimental.
[kernel] Parsing tests/value/traces/test4.i (no preprocessing)
+[eva:experimental] Warning: The traces domain is experimental.
[eva] Analyzing a complete application starting at main
[eva] Computing initial state
[eva] Initial state computed
diff --git a/tests/value/traces/oracle/test5.res.oracle b/tests/value/traces/oracle/test5.res.oracle
index 0715058c74b454795f3d2ddd083afeb84b532d2f..739104c81f0f670a1edc22ac9d26de27c823251e 100644
--- a/tests/value/traces/oracle/test5.res.oracle
+++ b/tests/value/traces/oracle/test5.res.oracle
@@ -1,7 +1,7 @@
-[eva:experimental] Warning: The traces domain is experimental.
[kernel] Parsing tests/value/traces/test5.i (no preprocessing)
[kernel:typing:implicit-function-declaration] tests/value/traces/test5.i:21: Warning:
Calling undeclared function my_switch. Old style K&R code?
+[eva:experimental] Warning: The traces domain is experimental.
[eva] Analyzing a complete application starting at main
[eva] Computing initial state
[eva] Initial state computed