public void BvExtractExpr() {
var bv2_8 = new LiteralExpr(Token.NoToken, BigNum.FromInt(2), 8);
var A = new BvExtractExpr(Token.NoToken, bv2_8, 6,0);
var B = d.Visit(A);
// The duplicator should ensure we get new BVExtractExprs
Assert.AreNotSame(A, B);
}
public override Expr VisitBvExtractExpr(BvExtractExpr node)
{
var bvCopy = this.Visit(node.Bitvector) as Expr;
var newNode = Builder.BVEXTRACT(bvCopy, node.End, node.Start);
Debug.Assert(bvCopy != null);
Debug.Assert(newNode != null);
return(newNode);
}
public void BvExtractExpr()
{
var bv2_8 = new LiteralExpr(Token.NoToken, BigNum.FromInt(2), 8);
var A = new BvExtractExpr(Token.NoToken, bv2_8, 6, 0);
var B = d.Visit(A);
// The duplicator should ensure we get new BVExtractExprs
Assert.AreNotSame(A, B);
}
public static Expr GetChild(this BvExtractExpr e, int number)
{
if (number == 0)
{
return(e.Bitvector);
}
throw new InvalidOperationException("BvExtract only has one child");
}
public static void SetChild(this BvExtractExpr e, int number, Expr NewChild)
{
if (number == 0)
{
e.Bitvector = NewChild;
return;
}
throw new InvalidOperationException("BvExtract only has one child");
}
////////////////////////////////////////////////////////////////////////////////////
//TODO: Old semantics - go to arguments?
private Term makeExpression(BvExtractExpr bee, bool old)
{
ExpressionList arguments = new ExpressionList();
arguments.append(makeExpression(bee.Bitvector, old));
//TODO: maybe no expression?
arguments.append(new Boogie.BoogieFunctionApplication(bee, new Logic.Boogie.BoogieFunction(new BoogieIntegerConstant(bee.Start)), new ExpressionList()));
arguments.append(new Boogie.BoogieFunctionApplication(bee, new Logic.Boogie.BoogieFunction(new BoogieIntegerConstant(bee.End)), new ExpressionList()));
return(new Slicer.Programs.Terms.Boogie.BoogieFunctionApplication(bee, new Logic.Boogie.BoogieFunction(new BoogieBitVectorExtractor(bee)), arguments));
}
public static BoogieBitVectorExtractorFunction make(BvExtractExpr bee)
{
Debug.Assert(bee != null);
Debug.Assert(bee.Bitvector.Type.IsBv);
int w = (bee.Bitvector.Type as BvType).Bits;
Debug.Assert(w >= 0);
Debug.Assert(bee.End <= w);
Debug.Assert(bee.Start >= w);
return(new BoogieBitVectorExtractorFunction(bee, w, bee.Start, bee.End));
}
////////////////////////////////////////////////////////////////////////////////////
private Expression makeExpression(BvExtractExpr bee, bool old)
{
var arguments = new ExpressionList(new Expression[3]
{
makeExpression(bee.Bitvector, old),
new BasicLiteralExpression(
IntegerValue.make(new BigInteger(bee.Start))),
new BasicLiteralExpression(
IntegerValue.make(new BigInteger(bee.End)))
});
return(new BoogieFunctionApplicationExpression(bee, BoogieBitVectorExtractorFunction.make(bee), arguments));
}
public void SimpleBVExtract()
{
var variable = new GlobalVariable(Token.NoToken, new TypedIdent(Token.NoToken, "foo", Microsoft.Boogie.Type.GetBvType(8)));
var id = new IdentifierExpr(Token.NoToken, variable);
var extract = new BvExtractExpr(Token.NoToken, id, 5, 0); // 4-bits
var id2 = new IdentifierExpr(Token.NoToken, variable);
var extract2 = new BvExtractExpr(Token.NoToken, id2, 5, 0);
Assert.AreNotSame(extract, extract2);
Assert.IsTrue(extract.Equals(extract2));
Assert.AreEqual(extract.GetHashCode(), extract2.GetHashCode()); // If the .Equals() is true then hash codes must be the same
}
private BoogieBitVectorExtractorFunction(BvExtractExpr bee, int w, int from, int to)
: base(
"BV[]",//bee.FunctionSymbol.ToString(),
BitVectorType.makeBitVectorType(to - from),
new IType[1]
{
BitVectorType.makeBitVectorType(w)
}
)
{
boogieExpression = bee;
this.w = w;
this.from = from;
this.to = to;
typeArguments = TypeTuple.make();
}
public Expr VisitBvExtractExpr(BvExtractExpr e)
{
// SMTLIBv2 semantics
// ((_ extract i j) (_ BitVec m) (_ BitVec n))
// - extraction of bits i down to j from a bitvector of size m to yield a
// new bitvector of size n, where n = i - j + 1
// Boogie semantics
// ABitVector[<end>:<start>]
// This operation selects bits starting at <start> to <end> but not including <end>
Debug.Assert((e.End - 1) >= (e.Start), "Wrong extract bits for BvExtractExpr");
TW.Write("((_ extract " + (e.End - 1) + " " + e.Start + ")");
PushIndent();
PrintSeperator();
PrintExpr(e.Bitvector);
PopIndent();
PrintSeperator();
TW.Write(")");
return(e);
}
public static Expr substituteForIdentifierExpr(Expr original, IdentifierExpr id, Expr replacement)
{
if (original is IdentifierExpr)
{
return(((original as IdentifierExpr).Name.Equals(id.Name)) ? replacement : original);
}
else if (original is LiteralExpr)
{
return(original);
}
else if (original is BvExtractExpr)
{
BvExtractExpr tmp = (original as BvExtractExpr);
return(new BvExtractExpr(Token.NoToken, substituteForIdentifierExpr(tmp.Bitvector, id, replacement), tmp.End, tmp.Start));
}
else if (original is BvConcatExpr)
{
BvConcatExpr tmp = (original as BvConcatExpr);
return(new BvConcatExpr(Token.NoToken,
substituteForIdentifierExpr(tmp.E0, id, replacement),
substituteForIdentifierExpr(tmp.E1, id, replacement)));
}
else if (original is NAryExpr)
{
NAryExpr tmp = (original as NAryExpr);
List <Expr> new_args = new List <Expr>();
foreach (Expr e in tmp.Args)
{
new_args.Add(substituteForIdentifierExpr(e, id, replacement));
}
return(new NAryExpr(Token.NoToken, tmp.Fun, new_args));
}
Utils.Assert(false, "should not get here: " + original);
return(original);
}
public void CachedHashCodeBvExtractExpr()
{
var literalBv = new LiteralExpr(Token.NoToken, Microsoft.Basetypes.BigNum.FromInt(0), 4, /*immutable=*/true);
var bvExtract = new BvExtractExpr(Token.NoToken, literalBv, 3, 0, /*immutable=*/true);
Assert.AreEqual(bvExtract.ComputeHashCode(), bvExtract.GetHashCode());
}
public void ProtectedBvExtract()
{
var bv = new LiteralExpr(Token.NoToken, Microsoft.Basetypes.BigNum.FromInt(0), 32, /*immutable=*/true);
var extract = new BvExtractExpr(Token.NoToken, bv, 32, 0, /*immutable=*/true);
Assert.IsTrue(extract.Immutable);
extract.Bitvector = bv; // Should throw
}
public override Expr VisitBvExtractExpr(BvExtractExpr node)
{
return(base.VisitBvExtractExpr((BvExtractExpr)node.Clone()));
}
public void CachedHashCodeBvExtractExpr()
{
var literalBv = new LiteralExpr(Token.NoToken, Microsoft.Basetypes.BigNum.FromInt(0), 4, /*immutable=*/true);
var bvExtract = new BvExtractExpr(Token.NoToken, literalBv, 3, 0, /*immutable=*/true);
Assert.AreEqual(bvExtract.ComputeHashCode(), bvExtract.GetHashCode());
}
public virtual Expr VisitBvExtractExpr(BvExtractExpr node) {
Contract.Requires(node != null);
Contract.Ensures(Contract.Result<Expr>() != null);
node.Bitvector = this.VisitExpr(node.Bitvector);
return node;
}
public override Expr VisitBvExtractExpr(BvExtractExpr node)
{
Contract.Ensures(Contract.Result<Expr>() == node);
this.VisitExpr(node.Bitvector);
return node;
}
public override Expr VisitBvExtractExpr(BvExtractExpr node) {
// don't recurse on subexpression
return node;
}
void ArrayExpression(out Expr/*!*/ e) {
Contract.Ensures(Contract.ValueAtReturn(out e) != null); IToken/*!*/ x;
Expr/*!*/ index0 = dummyExpr; Expr/*!*/ e1;
bool store; bool bvExtract;
List<Expr>/*!*/ allArgs = dummyExprSeq;
AtomExpression(out e);
while (la.kind == 18) {
Get();
x = t; allArgs = new List<Expr> ();
allArgs.Add(e);
store = false; bvExtract = false;
if (StartOf(15)) {
if (StartOf(9)) {
Expression(out index0);
if (index0 is BvBounds)
bvExtract = true;
else
allArgs.Add(index0);
while (la.kind == 13) {
Get();
Expression(out e1);
if (bvExtract || e1 is BvBounds)
this.SemErr("bitvectors only have one dimension");
allArgs.Add(e1);
}
if (la.kind == 51) {
Get();
Expression(out e1);
if (bvExtract || e1 is BvBounds)
this.SemErr("assignment to bitvectors is not possible");
allArgs.Add(e1); store = true;
}
} else {
Get();
Expression(out e1);
allArgs.Add(e1); store = true;
}
}
Expect(19);
if (store)
e = new NAryExpr(x, new MapStore(x, allArgs.Count - 2), allArgs);
else if (bvExtract)
e = new BvExtractExpr(x, e,
((BvBounds)index0).Upper.ToIntSafe,
((BvBounds)index0).Lower.ToIntSafe);
else
e = new NAryExpr(x, new MapSelect(x, allArgs.Count - 1), allArgs);
}
}
public override Expr VisitBvExtractExpr(BvExtractExpr node)
{
Contract.Ensures(Contract.Result <Expr>() != null);
return(base.VisitBvExtractExpr((BvExtractExpr)node.Clone()));
}
public override Expr VisitBvExtractExpr(BvExtractExpr node)
{
throw new NotImplementedException();
}
public static StrideForm ComputeStrideForm(Variable v, Expr e, GPUVerifier verifier, HashSet <Variable> modSet)
{
if (e is LiteralExpr)
{
return(new StrideForm(StrideFormKind.Constant, e));
}
var ie = e as IdentifierExpr;
if (ie != null)
{
if (ie.Decl is Constant)
{
return(new StrideForm(StrideFormKind.Constant, e));
}
else if (ie.Decl == v)
{
return(new StrideForm(StrideFormKind.Identity, e));
}
else if (!modSet.Contains(ie.Decl))
{
return(new StrideForm(StrideFormKind.Constant, e));
}
}
var ee = e as BvExtractExpr;
if (ee != null)
{
var subsf = ComputeStrideForm(v, ee.Bitvector, verifier, modSet);
if (subsf.Op != null)
{
var newOp = new BvExtractExpr(Token.NoToken, subsf.Op, ee.End, ee.Start);
newOp.Type = e.Type;
return(new StrideForm(subsf.Kind, newOp));
}
else
{
return(subsf);
}
}
Expr subExpr;
if (verifier.IntRep.IsSext(e, out subExpr))
{
var subsf = ComputeStrideForm(v, subExpr, verifier, modSet);
if (subsf.Op != null)
{
var newOp = verifier.IntRep.MakeSext(subsf.Op, e.Type);
newOp.Type = e.Type;
return(new StrideForm(subsf.Kind, newOp));
}
else
{
return(subsf);
}
}
Expr lhs, rhs;
if (verifier.IntRep.IsAdd(e, out lhs, out rhs))
{
var lhssf = ComputeStrideForm(v, lhs, verifier, modSet);
var rhssf = ComputeStrideForm(v, rhs, verifier, modSet);
if (lhssf.Kind == StrideFormKind.Constant && rhssf.Kind == StrideFormKind.Constant)
{
return(new StrideForm(StrideFormKind.Constant, e));
}
else if (lhssf.Kind == StrideFormKind.Constant && rhssf.Kind == StrideFormKind.Identity)
{
return(new StrideForm(StrideFormKind.Product, lhs));
}
else if (lhssf.Kind == StrideFormKind.Identity && rhssf.Kind == StrideFormKind.Constant)
{
return(new StrideForm(StrideFormKind.Product, rhs));
}
else if (lhssf.Kind == StrideFormKind.Constant && rhssf.Kind == StrideFormKind.Product)
{
return(new StrideForm(StrideFormKind.Product, verifier.IntRep.MakeAdd(lhs, rhssf.Op)));
}
else if (lhssf.Kind == StrideFormKind.Product && rhssf.Kind == StrideFormKind.Constant)
{
return(new StrideForm(StrideFormKind.Product, verifier.IntRep.MakeAdd(lhssf.Op, rhs)));
}
else
{
return(new StrideForm(StrideFormKind.Bottom));
}
}
var ne = e as NAryExpr;
if (ne != null)
{
foreach (Expr op in ne.Args)
{
if (ComputeStrideForm(v, op, verifier, modSet).Kind != StrideFormKind.Constant)
{
return(new StrideForm(StrideFormKind.Bottom));
}
}
return(new StrideForm(StrideFormKind.Constant, e));
}
return(new StrideForm(StrideFormKind.Bottom));
}
public override Expr VisitBvExtractExpr(BvExtractExpr node)
{
problematicNode = node;
return(node);
}
public override Expr VisitBvExtractExpr(BvExtractExpr node) {
Contract.Ensures(Contract.Result<Expr>() != null);
return base.VisitBvExtractExpr((BvExtractExpr) node.Clone());
}
// BvExtractExpr
public static int GetNumberOfChildren(this BvExtractExpr e)
{
return(1);
}
public override List <Cmd> VisitCmdSeq(List <Cmd> cmdSeq)
{
List <Cmd> newCmdSeq = new List <Cmd>();
foreach (Cmd c in cmdSeq)
{
//Do special stuff for those whose BAP modeling is broken
if (c is AssertCmd) //call and return instructions are marked with attributes
{
AssertCmd ac = c as AssertCmd;
string attribute_cmdtype = QKeyValue.FindStringAttribute(ac.Attributes, "SlashVerifyCommandType");
if (attribute_cmdtype != null && attribute_cmdtype.Equals("btc_rax_1d"))
{
//BAP has a bug with this. Model it explicitly ourselves.
//CF := RAX[30:29];
newCmdSeq.Add(new AssignCmd(Token.NoToken,
new List <AssignLhs>()
{
new SimpleAssignLhs(Token.NoToken, new IdentifierExpr(Token.NoToken, this.CF))
},
new List <Expr>()
{
new BvExtractExpr(Token.NoToken, new IdentifierExpr(Token.NoToken, this.RAX), 30, 29)
}
));
//RAX := RAX[64:30] ++ NOT(RAX[30:29]) ++ RAX[29:0];
Expr e1 = new BvExtractExpr(Token.NoToken, new IdentifierExpr(Token.NoToken, this.RAX), 64, 30);
Expr e2 = new NAryExpr(Token.NoToken, new FunctionCall(this.not_1),
new List <Expr>()
{
new BvExtractExpr(Token.NoToken, new IdentifierExpr(Token.NoToken, this.RAX), 30, 29)
});
Expr e3 = new BvExtractExpr(Token.NoToken, new IdentifierExpr(Token.NoToken, this.RAX), 29, 0);
newCmdSeq.Add(new AssignCmd(Token.NoToken,
new List <AssignLhs>()
{
new SimpleAssignLhs(Token.NoToken, new IdentifierExpr(Token.NoToken, this.RAX))
},
new List <Expr>()
{
new BvConcatExpr(Token.NoToken, new BvConcatExpr(Token.NoToken, e1, e2), e3)
}
));
}
else if (attribute_cmdtype != null && attribute_cmdtype.Equals("rep_stosb"))
{
//BAP does not model this either. Model rep stosb as sequence: mem := repstosb(mem, rcx, rdi, al); rdi := rdi + rcx; rcx := 0;
//forall i. rdi <= i < rdi + rcx ==> new_mem[i] == al;
newCmdSeq.Add(new AssignCmd(Token.NoToken,
new List <AssignLhs>()
{
new SimpleAssignLhs(Token.NoToken, new IdentifierExpr(Token.NoToken, this.mem))
},
new List <Expr>()
{
new NAryExpr(Token.NoToken, new FunctionCall(rep_stosb), new List <Expr>()
{
new IdentifierExpr(Token.NoToken, this.mem),
new IdentifierExpr(Token.NoToken, this.RCX),
new IdentifierExpr(Token.NoToken, this.RDI),
new BvExtractExpr(Token.NoToken, new IdentifierExpr(Token.NoToken, this.RAX), 8, 0)
})
}
));
//RDI := RDI + RCX;
newCmdSeq.Add(new AssignCmd(Token.NoToken, new List <AssignLhs>()
{
new SimpleAssignLhs(Token.NoToken, new IdentifierExpr(Token.NoToken, this.RDI))
},
new List <Expr>()
{
new NAryExpr(Token.NoToken, new FunctionCall(this.plus_64), new List <Expr>()
{
new IdentifierExpr(Token.NoToken, this.RDI), new IdentifierExpr(Token.NoToken, this.RCX)
})
}
));
//RCX := 0;
newCmdSeq.Add(new AssignCmd(Token.NoToken, new List <AssignLhs>()
{
new SimpleAssignLhs(Token.NoToken, new IdentifierExpr(Token.NoToken, this.RCX))
},
new List <Expr>()
{
new LiteralExpr(Token.NoToken, BigNum.ZERO, 64)
}));
}
}
//The assert gets placed prior to the original command
newCmdSeq.Add(c);
}
return(base.VisitCmdSeq(newCmdSeq));
}
public static Node CreateFromExpr(Expr expr)
{
if (expr is NAryExpr)
{
NAryExpr nary = expr as NAryExpr;
if (nary.Fun is IfThenElse)
{
Node one = CreateFromExpr(nary.Args[0]);
Node two = CreateFromExpr(nary.Args[1]);
Node three = CreateFromExpr(nary.Args[2]);
Node parent = new TernaryNode(nary.Fun.FunctionName, one, two, three);
one.parent = parent;
two.parent = parent;
three.parent = parent;
return(parent);
}
else if (nary.Fun is BinaryOperator)
{
Node one = CreateFromExpr(nary.Args[0]);
Node two = CreateFromExpr(nary.Args[1]);
Node parent = new BinaryNode(nary.Fun.FunctionName, one, two);
one.parent = parent;
two.parent = parent;
return(parent);
}
else if (nary.Fun is UnaryOperator)
{
Node one = CreateFromExpr(nary.Args[0]);
UnaryNode parent = new UnaryNode(nary.Fun.FunctionName, one);
one.parent = parent;
return(parent);
}
else if (nary.Fun is FunctionCall)
{
FunctionCall call = nary.Fun as FunctionCall;
if (nary.Args.Count == 1)
{
Node one = CreateFromExpr(nary.Args[0]);
UnaryNode parent = new UnaryNode(nary.Fun.FunctionName, one);
one.parent = parent;
return(parent);
}
else if (nary.Args.Count == 2)
{
Node one = CreateFromExpr(nary.Args[0]);
Node two = CreateFromExpr(nary.Args[1]);
Node parent = new BinaryNode(call.FunctionName, one, two);
one.parent = parent;
two.parent = parent;
return(parent);
}
else
{
Print.ExitMessage("Unhandled number of arguments in Boogie function call with function: " + nary.Fun.FunctionName);
}
}
else if (nary.Fun is MapSelect)
{
List <Expr> indices = new List <Expr>();
while (true)
{
NAryExpr nary2 = nary.Args[0] as NAryExpr;
Print.ConditionalExitMessage(nary.Args.Count == 2, "Map select has more than two arguments");
indices.Insert(0, nary.Args[1]);
if (nary2 == null)
{
break;
}
else
{
nary = nary2;
}
}
IdentifierExpr identifier = nary.Args[0] as IdentifierExpr;
Node parent = new MapSymbolNode(identifier.Name);
foreach (Expr index in indices)
{
Node child = CreateFromExpr(index);
parent.Children.Add(child);
child.parent = parent;
}
return(parent);
}
else
{
Print.ExitMessage("Unhandled Nary expression: " + nary.Fun.GetType().ToString());
}
}
else if (expr is IdentifierExpr)
{
IdentifierExpr identifier = expr as IdentifierExpr;
return(new ScalarSymbolNode(identifier.Name, identifier.Type));
}
else if (expr is LiteralExpr)
{
LiteralExpr literal = expr as LiteralExpr;
if (literal.Val is BvConst)
{
BvConst bv = (BvConst)literal.Val;
return(new LiteralNode(new BitVector(bv)));
}
else if (literal.Val is BigNum)
{
BigNum num = (BigNum)literal.Val;
return(new LiteralNode(new BitVector(num.ToInt)));
}
else if (literal.Val is bool)
{
bool boolean = (bool)literal.Val;
if (boolean)
{
return(new LiteralNode(BitVector.True));
}
else
{
return(new LiteralNode(BitVector.False));
}
}
else
{
Print.ExitMessage("Unhandled literal expression: " + literal.ToString());
}
}
else if (expr is BvExtractExpr)
{
BvExtractExpr bvExtract = expr as BvExtractExpr;
Node child = CreateFromExpr(bvExtract.Bitvector);
Node parent = new BVExtractNode(child, bvExtract.End, bvExtract.Start);
child.parent = parent;
return(parent);
}
else if (expr is BvConcatExpr)
{
BvConcatExpr bvConcat = expr as BvConcatExpr;
Node one = CreateFromExpr(bvConcat.E0);
Node two = CreateFromExpr(bvConcat.E1);
Node parent = new BVConcatenationNode(one, two);
one.parent = parent;
two.parent = parent;
return(parent);
}
else if (expr is ForallExpr)
{
ForallExpr forall = expr as ForallExpr;
Node one = CreateFromExpr(forall._Body);
Node parent = new ForAllNode(one);
one.parent = parent;
return(parent);
}
Print.ExitMessage("Unhandled expression tree: " + expr.ToString() + " " + expr.Type.ToString());
return(null);
}
public void SimpleBVExtract() {
var variable = new GlobalVariable(Token.NoToken, new TypedIdent(Token.NoToken, "foo", Microsoft.Boogie.Type.GetBvType(8)));
var id = new IdentifierExpr(Token.NoToken, variable);
var extract = new BvExtractExpr(Token.NoToken, id, 5, 0); // 4-bits
var id2 = new IdentifierExpr(Token.NoToken, variable);
var extract2 = new BvExtractExpr(Token.NoToken, id2, 5, 0);
Assert.AreNotSame(extract, extract2);
Assert.IsTrue(extract.Equals(extract2));
Assert.AreEqual(extract.GetHashCode(), extract2.GetHashCode()); // If the .Equals() is true then hash codes must be the same
}
