Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Heapster array field implications #1459

Merged
merged 54 commits into from
Sep 17, 2021
Merged

Heapster array field implications #1459

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
54 commits
Select commit Hold shift + click to select a range
884b584
fixed the IRT description generation to match the recent change that …
Aug 31, 2021
e98bd33
Merge branch 'heapster-fix-memcpy-bug' into heapster-bugfix-bitvector…
Aug 31, 2021
6387369
Merge branch 'master' into heapster-bugfix-bitvector-irts
Aug 31, 2021
5b5f422
updated xor_swap_rust example to use the Rust type in the SAW script
Sep 1, 2021
7b7709f
added a case to the Rust to Heapster translator to handle function ty…
Sep 1, 2021
c18aec7
whoops, forgot to update the bitcode file for xor_swap_rust
Sep 1, 2021
5bc366a
bugfix in the Rust to Heapster translator: empty return types need to…
Sep 1, 2021
068b735
tweaked the error message for when Rust types do not translate correc…
Sep 1, 2021
f63c326
started adding support for string literals by moving all creation of …
Sep 2, 2021
2720516
added a formatting example in Rust, and started defining the necessar…
Sep 3, 2021
a6aee80
started trying to figure out how Rust stores string literals in its g…
Sep 3, 2021
cd01dab
Merge branch 'master' into heapster-string-literals
Sep 7, 2021
024287e
fixed the prtty-printing for constant values
Sep 7, 2021
917547e
changed TrueEnum::fmt to use the fmt method rather than the write! macro
Sep 7, 2021
389d0d2
whoops, changed the fmt method for TrueEnum back to using the write! …
Sep 7, 2021
f0ed90b
whoops, forgot to add the repr(u64) pragma to the TrueEnum type
Sep 7, 2021
1d6a5d7
added a type-checking command for TrueEnum::fmt
Sep 7, 2021
e987f42
moved some OpenTerm operators from SAWTranslation.hs to OpenTerm.hs
Sep 7, 2021
2752723
added llvmReadBlockOfShape
Sep 8, 2021
92d04e1
more work trying to translate globals
Sep 8, 2021
4f911f7
got string literals translated, but now there is some translation bug...
Sep 8, 2021
64d3006
whoops, translating a shape always yields exactly one term
Sep 8, 2021
01074a9
added helper function exprLLVMTypeBytes
Sep 9, 2021
d2b4a22
added support for Rust slice types
Sep 9, 2021
3941cdb
whoops, combined the two cases for translating shared vs mutable refe…
Sep 9, 2021
2982d1f
updated funPerm3FromArgLayout to handle layouts with existential perm…
Sep 9, 2021
281d602
updated the rust_data example to use string literals
Sep 13, 2021
dbb2b9f
added mapM and mapBVVecM
Sep 14, 2021
9ae8f75
added support for proving array permissions from other array permissi…
Sep 14, 2021
8caa577
added more definitions to the arrays example now that the implication…
Sep 14, 2021
f0e36a1
moved the LLVM globals code to a new file LLVMGlobalConst.hs
Sep 14, 2021
1eb2323
fixed the translation of LLVM array constants to generate SAW core BV…
Sep 14, 2021
9347756
regenerated Coq files for saw-core-coq
Sep 14, 2021
6a62a56
added support for the Crucible BVZext and BVTrunc instructions, and f…
Sep 14, 2021
0b6bf9d
added heapster_init_env_debug and heapster_init_env_from_file_debug c…
Sep 15, 2021
495e958
small tweaks to rust_data.saw to get it to work
Sep 15, 2021
7e94ba7
added another formatting example that we cannot handle yet...
Sep 15, 2021
84639a6
Merge branch 'master' into heapster-string-literals
Sep 15, 2021
b4bcb74
Merge branch 'heapster-string-literals' into heapster-array-impls
Sep 15, 2021
f7e53a9
RecurseFlag to Permissions.hs; added requireNamedPerm
Sep 15, 2021
9823bc0
widening now unfolds defined and recursive permissions
Sep 15, 2021
d91b753
whoops, forgot to insert a bindM into the translation of SImpl_LLVMAr…
Sep 15, 2021
899cf70
removed the old gen_block_perms hints that are no longer used anyway …
Sep 15, 2021
c77c095
Merge branch 'master' into heapster-array-impls
Sep 15, 2021
f213fbd
changed tupleTypeTrans to no longer having the trailing unit type on …
Sep 15, 2021
909d1a1
Merge branch 'master' into heapster-array-impls
Sep 15, 2021
fe25d91
small tweak to the expression type-checker to type-check the bodies o…
Sep 16, 2021
eef2cbf
expanded the translation of Rust slices to allow multiple fields
Sep 16, 2021
60bad84
updated mbox proof script to work with the recent changes, though not…
Sep 16, 2021
13e6b21
started updating the mbox proofs, but I got stuck...
Sep 16, 2021
e327986
moved formatting-related types in the rust_data example to their own …
Sep 16, 2021
0eef2f0
finished updating mbox proofs
Sep 16, 2021
db7a743
updated examples to match the change to the SAW translation
Sep 16, 2021
15b7d19
updated the IRT translation to match the updates to the SAW translation
Sep 16, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
25 changes: 12 additions & 13 deletions heapster-saw/examples/arrays.saw
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,29 +1,28 @@
enable_experimental;
env <- heapster_init_env_from_file "arrays.sawcore" "arrays.bc";

heapster_typecheck_fun env "contains0_rec_" "(len:bv 64).arg0:eq(llvmword(len)), arg1:array(0,<len,*8,[(W,0) |-> exists z:bv 64.eq(llvmword(z))]), arg2:(exists z:bv 64.eq(llvmword(z))) -o arg0:true, arg1:array(0,<len,*8,[(W,0) |-> exists z:bv 64.eq(llvmword(z))]), arg2:true, ret:exists z:(bv 64).eq(llvmword(z))";
heapster_define_perm env "int64" " " "llvmptr 64" "exists x:bv 64.eq(llvmword(x))";
heapster_define_perm env "int8" " " "llvmptr 8" "exists x:bv 8.eq(llvmword(x))";

heapster_define_perm env "int64array" "len:bv 64" "llvmptr 64" "array(0,<len,*8,[(W,0) |-> int64<>])";


heapster_typecheck_fun env "contains0_rec_" "(len:bv 64).arg0:eq(llvmword(len)), arg1:int64array<len>, arg2:int64<> -o arg0:true, arg1:int64array<len>, arg2:true, ret:int64<>";

// the old way using a block entry hint
// heapster_define_perm env "int64" " " "llvmptr 64" "exists x:bv 64.eq(llvmword(x))";
// heapster_block_entry_hint env "contains0" 9 "top0:bv 64, top1:llvmptr 64, top2:llvmptr 64" "frm:llvmframe 64, x0:llvmptr 64, x1:llvmptr 64" "top0:true, top1:array(0,<top0,*1,[(W,0) |-> int64<>]), top2:eq(llvmword(top0)), arg0:ptr((W,0) |-> true), arg1:ptr((W,0) |-> eq(x1)), arg2:ptr((W,0) |-> eq(x0)), arg3:ptr((W,0) |-> int64<>), frm:llvmframe [arg3:8, arg2:8, arg1:8, arg0:8], x0:eq(top2), x1:eq(top1)";
// heapster_typecheck_fun env "contains0" "(len:bv 64).arg0:array(0,<len,*1,[(W,0) |-> int64<>]), arg1:eq(llvmword(len)) -o arg0:array(0,<len,*1,[(W,0) |-> int64<>]), arg1:true, ret:int64<>";

// the new way using a gen perms hint
heapster_gen_block_perms_hint env "contains0" []; // Note that we could give specific block numbers here (e.g. [9]), but giving nothing will just add a hint to every block, which works just fine for this function.
heapster_typecheck_fun env "contains0" "(len:bv 64).arg0:array(0,<len,*8,[(W,0) |-> exists z:bv 64.eq(llvmword(z))]), arg1:eq(llvmword(len)) -o arg0:array(0,<len,*8,[(W,0) |-> exists z:bv 64.eq(llvmword(z))]), arg1:true, ret:exists z:(bv 64).eq(llvmword(z))";
heapster_typecheck_fun env "contains0" "(len:bv 64).arg0:int64array<len>, arg1:eq(llvmword(len)) -o arg0:int64array<len>, arg1:true, ret:int64<>";

// the new way using a gen perms hint
heapster_gen_block_perms_hint env "zero_array" [];
heapster_typecheck_fun env "zero_array" "(len:bv 64).arg0:array(0,<len,*8,[(W,0) |-> exists z:bv 64.eq(llvmword(z))]), arg1:eq(llvmword(len)) -o arg0:array(0,<len,*8,[(W,0) |-> exists z:bv 64.eq(llvmword(z))]), arg1:true, ret:true";
heapster_typecheck_fun env "zero_array" "(len:bv 64).arg0:int64array<len>, arg1:eq(llvmword(len)) -o arg0:int64array<len>, arg1:true, ret:true";

heapster_gen_block_perms_hint env "zero_array_from" [];
heapster_typecheck_fun env "zero_array_from" "(len:bv 64, off:bv 64).arg0:array(0,<len,*8,[(W,0) |-> exists z:bv 64.eq(llvmword(z))]), arg1:eq(llvmword(len)), arg2:eq(llvmword(off)) -o arg0:array(0,<len,*8,[(W,0) |-> exists z:bv 64.eq(llvmword(z))]), arg1:true, ret:true";
heapster_typecheck_fun env "zero_array_from" "(len:bv 64, off:bv 64).arg0:int64array<len>, arg1:eq(llvmword(len)), arg2:eq(llvmword(off)) -o arg0:int64array<len>, arg1:true, ret:true";

heapster_gen_block_perms_hint env "filter_and_sum_pos" [];
heapster_join_point_hint env "filter_and_sum_pos" [];
heapster_typecheck_fun env "filter_and_sum_pos" "(len:bv 64).arg0:array(0,<len,*8,[(W,0) |-> exists z:bv 64.eq(llvmword(z))]), arg1:eq(llvmword(len)) -o arg0:array(0,<len,*8,[(W,0) |-> exists z:bv 64.eq(llvmword(z))]), arg1:true, ret:exists x:bv 64.eq(llvmword(x))";
heapster_typecheck_fun env "filter_and_sum_pos" "(len:bv 64).arg0:int64array<len>, arg1:eq(llvmword(len)) -o arg0:int64array<len>, arg1:true, ret:int64<>";

heapster_gen_block_perms_hint env "sum_2d" [];
heapster_typecheck_fun env "sum_2d" "(l1:bv 64,l2:bv 64).arg0:array(0,<l1,*8,[(W,0) |-> array(0,<l2,*8,[(W,0) |-> exists z:bv 64.eq(llvmword(z))])]), arg1:eq(llvmword(l1)), arg2:eq(llvmword(l2)) -o arg0:array(0,<l1,*8,[(W,0) |-> array(0,<l2,*8,[(W,0) |-> exists z:bv 64.eq(llvmword(z))])]), arg1:true, arg2:true, ret:exists x:bv 64.eq(llvmword(x))";
heapster_typecheck_fun env "sum_2d" "(l1:bv 64,l2:bv 64).arg0:array(0,<l1,*8,[(W,0) |-> array(0,<l2,*8,[(W,0) |-> exists z:bv 64.eq(llvmword(z))])]), arg1:eq(llvmword(l1)), arg2:eq(llvmword(l2)) -o arg0:array(0,<l1,*8,[(W,0) |-> array(0,<l2,*8,[(W,0) |-> exists z:bv 64.eq(llvmword(z))])]), arg1:true, arg2:true, ret:int64<>";

heapster_export_coq env "arrays_gen.v";
6 changes: 3 additions & 3 deletions heapster-saw/examples/clearbufs.sawcore
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,9 +25,9 @@ Mbox_def = Mbox;
(m:Mbox) -> P m;
Mbox__rec P f1 f2 m = Mbox#rec P f1 f2 m; -}

--unfoldMbox : Mbox -> Either #() (Mbox * Vec 64 Bool * BVVec 64 bv64_16 (Vec 64 Bool) * #());
--unfoldMbox : Mbox -> Either #() (Mbox * Vec 64 Bool * BVVec 64 bv64_16 (Vec 64 Bool));
primitive
unfoldMbox : Mbox -> Either #() (Sigma (V64) (\ (len : V64) -> Mbox * BVVec 64 len (Vec 64 Bool) * #()));
unfoldMbox : Mbox -> Either #() (Sigma (V64) (\ (len : V64) -> Mbox * BVVec 64 len (Vec 64 Bool)));

{-unfoldMbox m =
Mbox__rec (\ (_:Mbox) -> Either #() (Mbox * Vec 64 Bool * BVVec 64 bv64_16 (Vec 64 Bool) * #()))
Expand All @@ -38,7 +38,7 @@ unfoldMbox : Mbox -> Either #() (Sigma (V64) (\ (len : V64) -> Mbox * BVVec 64 l
-}

primitive
foldMbox : Either #() (Sigma (V64) (\ (len : V64) -> Mbox * BVVec 64 len (Vec 64 Bool) * #())) -> Mbox;
foldMbox : Either #() (Sigma (V64) (\ (len : V64) -> Mbox * BVVec 64 len (Vec 64 Bool))) -> Mbox;

--(Mbox * Vec 64 Bool * (BVVec 64 bv64_16 (Vec 64 Bool)) * #()) -> Mbox;
{-
Expand Down
18 changes: 9 additions & 9 deletions heapster-saw/examples/iter_linked_list.sawcore
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,20 +27,20 @@ ListF__rec : (a b:sort 0) -> (P : ListF a b -> sort 0) ->
(l:ListF a b) -> P l;
ListF__rec a b P f1 f2 l = ListF#rec a b P f1 f2 l;

unfoldListF : (a b:sort 0) -> ListF a b -> Either b (a * ListF a b * #());
unfoldListF : (a b:sort 0) -> ListF a b -> Either b (a * ListF a b);
unfoldListF a b l =
ListF__rec a b (\ (_:ListF a b) -> Either b (a * ListF a b * #()))
(\ (x:b) -> Left b (a * ListF a b * #()) x)
(\ (x:a) (l:ListF a b) (_:Either b (a * ListF a b * #())) ->
Right b (a * ListF a b * #()) (x, l, ()))
ListF__rec a b (\ (_:ListF a b) -> Either b (a * ListF a b))
(\ (x:b) -> Left b (a * ListF a b) x)
(\ (x:a) (l:ListF a b) (_:Either b (a * ListF a b)) ->
Right b (a * ListF a b) (x, l))
l;

foldListF : (a b:sort 0) -> Either b (a * ListF a b * #()) -> ListF a b;
foldListF : (a b:sort 0) -> Either b (a * ListF a b) -> ListF a b;
foldListF a b =
either b (a * ListF a b * #()) (ListF a b)
either b (a * ListF a b) (ListF a b)
(\ (x : b) -> NilF a b x)
(\ (tup : (a * ListF a b * #())) ->
ConsF a b tup.(1) tup.(2).(1));
(\ (tup : (a * ListF a b)) ->
ConsF a b tup.(1) tup.(2));

getListF : (a b:sort 0) -> ListF a b -> b;
getListF a b =
Expand Down
2 changes: 1 addition & 1 deletion heapster-saw/examples/mbox.saw
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -43,7 +43,7 @@ heapster_define_perm env "boolean" " " "llvmptr 1" "exists x:bv 1.eq(llvmword(x)

heapster_assume_fun env "llvm.objectsize.i64.p0i8" "().empty -o empty" "returnM #() ()";

heapster_assume_fun env "__memcpy_chk" "(len:bv 64).arg0:byte_array<W,len>,arg1:byte_array<W,len>,arg2:eq(llvmword (len)) -o arg0:byte_array<W,len>,arg1:byte_array<W,len>" "\\ (len:Vec 64 Bool) (_ src : BVVec 64 len (Vec 8 Bool)) -> returnM (BVVec 64 len (Vec 8 Bool) * BVVec 64 len (Vec 8 Bool) * #()) (src, src, ())";
heapster_assume_fun env "__memcpy_chk" "(len:bv 64).arg0:byte_array<W,len>,arg1:byte_array<W,len>,arg2:eq(llvmword (len)) -o arg0:byte_array<W,len>,arg1:byte_array<W,len>" "\\ (len:Vec 64 Bool) (_ src : BVVec 64 len (Vec 8 Bool)) -> returnM (BVVec 64 len (Vec 8 Bool) * BVVec 64 len (Vec 8 Bool)) (src, src)";


//------------------------------------------------------------------------------
Expand Down
18 changes: 9 additions & 9 deletions heapster-saw/examples/mbox.sawcore
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -31,20 +31,20 @@ Mbox__rec : (P : Mbox -> sort 0) ->
(m:Mbox) -> P m;
Mbox__rec P f1 f2 m = Mbox#rec P f1 f2 m;

unfoldMbox : Mbox -> Either #() (Vec 64 Bool * Vec 64 Bool * Mbox * BVVec 64 bv64_128 (Vec 8 Bool) * #());
unfoldMbox : Mbox -> Either #() (Vec 64 Bool * Vec 64 Bool * Mbox * BVVec 64 bv64_128 (Vec 8 Bool));
unfoldMbox m =
Mbox__rec (\ (_:Mbox) -> Either #() (Vec 64 Bool * Vec 64 Bool * Mbox * BVVec 64 bv64_128 (Vec 8 Bool) * #()))
(Left #() (Vec 64 Bool * Vec 64 Bool * Mbox * BVVec 64 bv64_128 (Vec 8 Bool) * #()) ())
(\ (strt:Vec 64 Bool) (len:Vec 64 Bool) (m:Mbox) (_:Either #() (Vec 64 Bool * Vec 64 Bool * Mbox * BVVec 64 bv64_128 (Vec 8 Bool) * #())) (d:BVVec 64 bv64_128 (Vec 8 Bool)) ->
Right #() (Vec 64 Bool * Vec 64 Bool * Mbox * BVVec 64 bv64_128 (Vec 8 Bool) * #()) (strt, len, m, d, ()))
Mbox__rec (\ (_:Mbox) -> Either #() (Vec 64 Bool * Vec 64 Bool * Mbox * BVVec 64 bv64_128 (Vec 8 Bool)))
(Left #() (Vec 64 Bool * Vec 64 Bool * Mbox * BVVec 64 bv64_128 (Vec 8 Bool)) ())
(\ (strt:Vec 64 Bool) (len:Vec 64 Bool) (m:Mbox) (_:Either #() (Vec 64 Bool * Vec 64 Bool * Mbox * BVVec 64 bv64_128 (Vec 8 Bool))) (d:BVVec 64 bv64_128 (Vec 8 Bool)) ->
Right #() (Vec 64 Bool * Vec 64 Bool * Mbox * BVVec 64 bv64_128 (Vec 8 Bool)) (strt, len, m, d))
m;

foldMbox : Either #() (Vec 64 Bool * Vec 64 Bool * Mbox * (BVVec 64 bv64_128 (Vec 8 Bool)) * #()) -> Mbox;
foldMbox : Either #() (Vec 64 Bool * Vec 64 Bool * Mbox * BVVec 64 bv64_128 (Vec 8 Bool)) -> Mbox;
foldMbox =
either #() (Vec 64 Bool * Vec 64 Bool * Mbox * (BVVec 64 bv64_128 (Vec 8 Bool)) * #()) Mbox
either #() (Vec 64 Bool * Vec 64 Bool * Mbox * BVVec 64 bv64_128 (Vec 8 Bool)) Mbox
(\ (_:#()) -> Mbox_nil)
(\ (tup : (Vec 64 Bool * Vec 64 Bool * Mbox * (BVVec 64 bv64_128 (Vec 8 Bool)) * #())) ->
Mbox_cons tup.1 tup.2 tup.3 tup.4);
(\ (tup : (Vec 64 Bool * Vec 64 Bool * Mbox * BVVec 64 bv64_128 (Vec 8 Bool))) ->
Mbox_cons tup.1 tup.2 tup.3 tup.(2).(2).(2));

{-
getMbox : (a : sort 0) -> Mbox a -> a;
Expand Down
24 changes: 12 additions & 12 deletions heapster-saw/examples/mbox_proofs.v
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,7 @@ Definition unfoldMbox_nil :
unfoldMbox Mbox_nil = Left _ _ tt :=
reflexivity _.
Definition unfoldMbox_cons strt len m d :
unfoldMbox (Mbox_cons strt len m d) = Right _ _ (strt, (len, (m, (d, tt)))) :=
unfoldMbox (Mbox_cons strt len m d) = Right _ _ (strt, (len, (m, d))) :=
reflexivity _.

Ltac Mbox_destruct m m' := destruct m as [| ?strt ?len m' ?d].
Expand All @@ -40,7 +40,7 @@ Lemma refinesM_either_unfoldMbox_nil_l {C} f g (P : CompM C) :
Proof. eauto. Qed.

Lemma refinesM_either_unfoldMbox_cons_l {C} strt len m d f g (P : CompM C) :
g (strt, (len, (m, (d, tt)))) |= P ->
g (strt, (len, (m, d))) |= P ->
SAWCorePrelude.either _ _ _ f g (unfoldMbox (Mbox_cons strt len m d)) |= P.
Proof. eauto. Qed.

Expand Down Expand Up @@ -196,9 +196,9 @@ Proof.
(* Show Ltac Profile. Reset Ltac Profile. *)
Time Qed.

Definition mbox_detach_spec : Mbox -> Mbox * (Mbox * unit) :=
Mbox__rec _ (Mbox_nil, (Mbox_nil, tt))
(fun strt len next _ d => (next, (Mbox_cons strt len Mbox_nil d, tt))).
Definition mbox_detach_spec : Mbox -> Mbox * Mbox :=
Mbox__rec _ (Mbox_nil, Mbox_nil)
(fun strt len next _ d => (next, (Mbox_cons strt len Mbox_nil d))).

Lemma mbox_detach_spec_ref
: refinesFun mbox_detach (fun x => returnM (mbox_detach_spec x)).
Expand Down Expand Up @@ -234,19 +234,19 @@ Definition mbox_len_spec : Mbox -> bitvector 64 :=
(fun strt len m rec d => bvAdd 64 rec len).

Lemma mbox_len_spec_ref
: refinesFun mbox_len (fun m => returnM (m, (mbox_len_spec m, tt))).
: refinesFun mbox_len (fun m => returnM (m, mbox_len_spec m)).
Proof.
unfold mbox_len, mbox_len__tuple_fun.
prove_refinement_match_letRecM_l.
- exact (fun m1 rec m2 => returnM (transMbox m1 m2, (bvAdd 64 rec (mbox_len_spec m2), tt))).
- exact (fun m1 rec m2 => returnM (transMbox m1 m2, bvAdd 64 rec (mbox_len_spec m2))).
unfold mbox_len_spec.
(* Set Ltac Profiling. *)
time "mbox_len_spec_ref" prove_refinement.
(* Show Ltac Profile. Reset Ltac Profile. *)
(* Most of the remaining cases are taken care of with just bvAdd_id_l and bvAdd_id_r *)
all: try rewrite bvAdd_id_r; try rewrite bvAdd_id_l; try reflexivity.
(* The remaining case just needs a few more rewrites *)
- do 2 f_equal.
- f_equal.
rewrite bvAdd_assoc; f_equal.
rewrite bvAdd_comm; reflexivity.
- cbn; rewrite transMbox_Mbox_nil_r; reflexivity.
Expand Down Expand Up @@ -300,17 +300,17 @@ Definition conjSliceBVVec (strt len : bitvector 64) pf0 pf1 d0 d1 : BVVec 64 bv6
(* Given a `start`, `len`, and `dat` of a single Mbox, return an mbox chain consisting of
a single mbox with `id` 0, the given `start` and `len`, and the given `dat` with the
range 0 to `start` zeroed out. *)
Definition mbox_copy_spec_cons strt len m d : CompM (Mbox * (Mbox * unit)) :=
Definition mbox_copy_spec_cons strt len m d : CompM (Mbox * Mbox) :=
assumingM (isBvslt 64 (intToBv 64 0) strt)
(forallM (fun pf0 : isBvule 64 strt (intToBv 64 128) =>
(forallM (fun pf1 : isBvule 64 len (bvSub 64 (intToBv 64 128) strt) =>
returnM (Mbox_cons strt len m
(conjSliceBVVec strt len pf0 pf1 d d),
(Mbox_cons strt len Mbox_nil
(conjSliceBVVec strt len pf0 pf1 empty_mbox_d d), tt)))))).
(conjSliceBVVec strt len pf0 pf1 empty_mbox_d d))))))).

Definition mbox_copy_spec : Mbox -> CompM (Mbox * (Mbox * unit)) :=
Mbox__rec (fun _ => CompM (Mbox * (Mbox * unit))) (returnM (Mbox_nil, (Mbox_nil, tt)))
Definition mbox_copy_spec : Mbox -> CompM (Mbox * Mbox) :=
Mbox__rec (fun _ => CompM (Mbox * Mbox)) (returnM (Mbox_nil, Mbox_nil))
(fun strt len m _ d => mbox_copy_spec_cons strt len m d).

Lemma mbox_copy_spec_ref : refinesFun mbox_copy mbox_copy_spec.
Expand Down
2 changes: 1 addition & 1 deletion heapster-saw/examples/memcpy.saw
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ env <- heapster_init_env_from_file "memcpy.sawcore" "memcpy.bc";

heapster_define_perm env "int64" " " "llvmptr 64" "exists x:bv 64.eq(llvmword(x))";

heapster_assume_fun env "llvm.memcpy.p0i8.p0i8.i64" "(rw:rwmodality, l1:lifetime, l2:lifetime, sh:llvmshape 64, b:llvmblock 64, len:bv 64).arg0:[l1]memblock(W,0,len,sh), arg1:[l2]memblock(rw,0,len,eqsh(b)), arg2:eq(llvmword(len)) -o arg0:[l1]memblock(W,0,len,eqsh(b)), arg1:[l2]memblock(rw,0,len,eqsh(b))" "\\ (X:sort 0) (len:Vec 64 Bool) (x:X) (_:#()) -> returnM (#() * #() * #()) ((),(),())";
heapster_assume_fun env "llvm.memcpy.p0i8.p0i8.i64" "(rw:rwmodality, l1:lifetime, l2:lifetime, sh:llvmshape 64, b:llvmblock 64, len:bv 64).arg0:[l1]memblock(W,0,len,sh), arg1:[l2]memblock(rw,0,len,eqsh(b)), arg2:eq(llvmword(len)) -o arg0:[l1]memblock(W,0,len,eqsh(b)), arg1:[l2]memblock(rw,0,len,eqsh(b))" "\\ (X:sort 0) (len:Vec 64 Bool) (x:X) (_:#()) -> returnM (#() * #()) ((),())";

heapster_typecheck_fun env "copy_int" "().arg0:int64<> -o ret:int64<>";

Expand Down
Loading