API tools faq
paste
Advertisement
Beatgodes

Untitled

Beatgodes
Apr 19th, 2013
76
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 9.45 KB | None | 0 0
raw download clone embed print report
  1. (* ---------------------------------------------------------- *)
  2. (* --- Post-condition (file string.h, line 65) in 'strlen' --- *)
  3. (* ---------------------------------------------------------- *)
  4. theory VCstrlen_post
  5.  
  6. use import bool.Bool
  7. use import int.Int
  8. use import int.ComputerDivision
  9. use import real.RealInfix
  10. use import qed.Arith
  11. use import map.Map
  12. use import memory.Memory
  13. use import cint.Cint
  14. use import Axiomatic.Axiomatic
  15. use import A_Length.A_Length
  16.  
  17. goal WP "expl:Post-condition (file string.h, line 65) in 'strlen'":
  18. forall i_1 i_0 : int.
  19. forall malloc_0 : map int int.
  20. forall mchar_0 : map addr int.
  21. forall s_0 ss_0 : addr.
  22. let x_0 = ss_0.offset in
  23. let x_1 = s_0.offset in
  24. let x_2 = 8 * x_1 in
  25. let x_3 = s_0.base in
  26. let x_4 = 8 * x_0 in
  27. (0 = mchar_0[ss_0]) ->
  28. ((linked malloc_0)) ->
  29. ((sconst mchar_0)) ->
  30. ((addr_le s_0 ss_0)) ->
  31. ((valid_rd malloc_0 ss_0 1)) ->
  32. ((is_sint32 (((-8) * x_0) + x_2))) ->
  33. (exists i_2 : int. (p_Length_of_str_is mchar_0 malloc_0 s_0 i_2)) ->
  34. ((is_sint8 mchar_0[{ s_0 with offset = i_1 + x_1 }])) ->
  35. ((is_sint8 mchar_0[{ s_0 with offset = i_0 + x_1 }])) ->
  36. ((addr_le ss_0 ({ s_0 with offset = x_1 + ((l_Length mchar_0 s_0)) }))) ->
  37. (forall i_2 : int. (0 <= i_2) -> ((i_2 + x_4) < x_2) ->
  38. (0 <> mchar_0[{ s_0 with offset = i_2 + x_1 }])) ->
  39. (exists i_2 : int. ((p_Length_of_str_is mchar_0 malloc_0 s_0 i_2)) /\
  40. (x_2 = (i_2 + x_4)))
  41.  
  42. end
  43.  
  44. (* ---------------------------------------------------------- *)
  45. (* --- Preservation of Invariant (file strlen.c, line 9) --- *)
  46. (* ---------------------------------------------------------- *)
  47. theory VCstrlen_loop_inv_preserved
  48.  
  49. use import bool.Bool
  50. use import int.Int
  51. use import int.ComputerDivision
  52. use import real.RealInfix
  53. use import qed.Arith
  54. use import map.Map
  55. use import memory.Memory
  56. use import Axiomatic.Axiomatic
  57. use import cint.Cint
  58. use import A_Length.A_Length
  59.  
  60. goal WP "expl:Preservation of Invariant (file strlen.c, line 9)":
  61. forall i_2 i_1 i_0 : int.
  62. forall malloc_0 : map int int.
  63. forall mchar_0 : map addr int.
  64. forall s_0 ss_0 : addr.
  65. let x_0 = s_0.base in
  66. let x_1 = s_0.offset in
  67. let a_0 = { s_0 with offset = x_1 + ((l_Length mchar_0 s_0)) } in
  68. let x_2 = ss_0.offset in
  69. let a_1 = { ss_0 with offset = 1 + x_2 } in
  70. (0 <> mchar_0[ss_0]) ->
  71. ((linked malloc_0)) ->
  72. ((sconst mchar_0)) ->
  73. ((addr_le s_0 ss_0)) ->
  74. ((valid_rd malloc_0 ss_0 1)) ->
  75. (exists i_3 : int. (p_Length_of_str_is mchar_0 malloc_0 s_0 i_3)) ->
  76. ((is_sint8 mchar_0[{ s_0 with offset = i_2 + x_1 }])) ->
  77. ((is_sint8 mchar_0[{ s_0 with offset = i_1 + x_1 }])) ->
  78. ((is_sint8 mchar_0[{ s_0 with offset = i_0 + x_1 }])) ->
  79. ((addr_le ss_0 a_0)) ->
  80. (forall i_3 : int. (0 <= i_3) -> ((i_3 + (8 * x_2)) < (8 * x_1)) ->
  81. (0 <> mchar_0[{ s_0 with offset = i_3 + x_1 }])) ->
  82. (((addr_le s_0 a_1)) /\ ((addr_le a_1 a_0)))
  83.  
  84. end
  85.  
  86. (* ---------------------------------------------------------- *)
  87. (* --- Establishment of Invariant (file strlen.c, line 9) --- *)
  88. (* ---------------------------------------------------------- *)
  89. theory VCstrlen_loop_inv_established
  90.  
  91. use import bool.Bool
  92. use import int.Int
  93. use import int.ComputerDivision
  94. use import real.RealInfix
  95. use import qed.Arith
  96. use import map.Map
  97. use import memory.Memory
  98. use import Axiomatic.Axiomatic
  99. use import cint.Cint
  100. use import A_Length.A_Length
  101.  
  102. goal WP "expl:Establishment of Invariant (file strlen.c, line 9)":
  103. forall i_1 i_0 : int.
  104. forall malloc_0 : map int int.
  105. forall mchar_0 : map addr int.
  106. forall s_0 : addr.
  107. let x_0 = s_0.base in
  108. let x_1 = s_0.offset in
  109. ((linked malloc_0)) ->
  110. ((sconst mchar_0)) ->
  111. (exists i_2 : int. (p_Length_of_str_is mchar_0 malloc_0 s_0 i_2)) ->
  112. ((is_sint8 mchar_0[{ s_0 with offset = i_1 + x_1 }])) ->
  113. ((is_sint8 mchar_0[{ s_0 with offset = i_0 + x_1 }])) ->
  114. (((addr_le s_0 s_0)) /\
  115. ((addr_le s_0 ({ s_0 with offset = x_1 + ((l_Length mchar_0 s_0)) }))))
  116.  
  117. end
  118.  
  119. (* ---------------------------------------------------------- *)
  120. (* --- Preservation of Invariant (file strlen.c, line 10) --- *)
  121. (* ---------------------------------------------------------- *)
  122. theory VCstrlen_loop_inv_2_preserved
  123.  
  124. use import bool.Bool
  125. use import int.Int
  126. use import int.ComputerDivision
  127. use import real.RealInfix
  128. use import qed.Arith
  129. use import map.Map
  130. use import memory.Memory
  131. use import Axiomatic.Axiomatic
  132. use import cint.Cint
  133. use import A_Length.A_Length
  134.  
  135. goal WP "expl:Preservation of Invariant (file strlen.c, line 10)":
  136. forall i_2 i_1 i_0 : int.
  137. forall malloc_0 : map int int.
  138. forall mchar_0 : map addr int.
  139. forall s_0 ss_0 : addr.
  140. let x_0 = 8 * (ss_0.offset) in
  141. let x_1 = s_0.offset in
  142. let x_2 = 8 * x_1 in
  143. let x_3 = s_0.base in
  144. let x_4 = mchar_0[{ s_0 with offset = i_2 + x_1 }] in
  145. (0 <= i_2) ->
  146. (0 <> mchar_0[ss_0]) ->
  147. ((linked malloc_0)) ->
  148. ((sconst mchar_0)) ->
  149. ((addr_le s_0 ss_0)) ->
  150. ((valid_rd malloc_0 ss_0 1)) ->
  151. ((9 + i_2 + x_0) <= x_2) ->
  152. (exists i_3 : int. (p_Length_of_str_is mchar_0 malloc_0 s_0 i_3)) ->
  153. ((is_sint8 x_4)) ->
  154. ((is_sint8 mchar_0[{ s_0 with offset = i_1 + x_1 }])) ->
  155. ((is_sint8 mchar_0[{ s_0 with offset = i_0 + x_1 }])) ->
  156. ((addr_le ss_0 ({ s_0 with offset = x_1 + ((l_Length mchar_0 s_0)) }))) ->
  157. (forall i_3 : int. (0 <= i_3) -> ((i_3 + x_0) < x_2) ->
  158. (0 <> mchar_0[{ s_0 with offset = i_3 + x_1 }])) ->
  159. (0 <> x_4)
  160.  
  161. end
  162.  
  163. (* ---------------------------------------------------------- *)
  164. (* --- Assertion 'rte,mem_access' (file strlen.c, line 14) --- *)
  165. (* ---------------------------------------------------------- *)
  166. theory VCstrlen_assert_rte_mem_access
  167.  
  168. use import bool.Bool
  169. use import int.Int
  170. use import int.ComputerDivision
  171. use import real.RealInfix
  172. use import qed.Arith
  173. use import map.Map
  174. use import memory.Memory
  175. use import Axiomatic.Axiomatic
  176. use import cint.Cint
  177. use import A_Length.A_Length
  178.  
  179. goal WP "expl:Assertion 'rte,mem_access' (file strlen.c, line 14)":
  180. forall i_1 i_0 : int.
  181. forall malloc_0 : map int int.
  182. forall mchar_0 : map addr int.
  183. forall s_0 ss_0 : addr.
  184. let x_0 = s_0.base in
  185. let x_1 = s_0.offset in
  186. ((linked malloc_0)) ->
  187. ((sconst mchar_0)) ->
  188. ((addr_le s_0 ss_0)) ->
  189. (exists i_2 : int. (p_Length_of_str_is mchar_0 malloc_0 s_0 i_2)) ->
  190. ((is_sint8 mchar_0[{ s_0 with offset = i_1 + x_1 }])) ->
  191. ((is_sint8 mchar_0[{ s_0 with offset = i_0 + x_1 }])) ->
  192. ((addr_le ss_0 ({ s_0 with offset = x_1 + ((l_Length mchar_0 s_0)) }))) ->
  193. (forall i_2 : int. (0 <= i_2) ->
  194. ((i_2 + (8 * (ss_0.offset))) < (8 * x_1)) ->
  195. (0 <> mchar_0[{ s_0 with offset = i_2 + x_1 }])) ->
  196. ((valid_rd malloc_0 ss_0 1))
  197.  
  198. end
  199.  
  200. (* ---------------------------------------------------------- *)
  201. (* --- Decreasing of Loop variant at loop (file strlen.c, line 14) --- *)
  202. (* ---------------------------------------------------------- *)
  203. theory VCstrlen_loop_term_decrease
  204.  
  205. use import bool.Bool
  206. use import int.Int
  207. use import int.ComputerDivision
  208. use import real.RealInfix
  209. use import qed.Arith
  210. use import map.Map
  211. use import memory.Memory
  212. use import Axiomatic.Axiomatic
  213. use import cint.Cint
  214. use import A_Length.A_Length
  215.  
  216. goal WP "expl:Decreasing of Loop variant at loop (file strlen.c, line 14)":
  217. forall i_2 i_1 i_0 : int.
  218. forall malloc_0 : map int int.
  219. forall mchar_0 : map addr int.
  220. forall s_0 ss_0 : addr.
  221. let x_0 = s_0.base in
  222. let x_1 = s_0.offset in
  223. (0 = mchar_0[ss_0]) \/
  224. (not((linked malloc_0))) \/
  225. (not((sconst mchar_0))) \/
  226. (not((addr_le s_0 ss_0))) \/
  227. (not((valid_rd malloc_0 ss_0 1))) \/
  228. (not(exists i_3 : int. (p_Length_of_str_is mchar_0 malloc_0 s_0 i_3))) \/
  229. (not((is_sint8 mchar_0[{ s_0 with offset = i_2 + x_1 }]))) \/
  230. (not((is_sint8 mchar_0[{ s_0 with offset = i_1 + x_1 }]))) \/
  231. (not((is_sint8 mchar_0[{ s_0 with offset = i_0 + x_1 }]))) \/
  232. (not((addr_le ss_0 ({ s_0 with offset = x_1 + ((l_Length mchar_0 s_0)) })))) \/
  233. (not(forall i_3 : int. (0 <= i_3) ->
  234. ((i_3 + (8 * (ss_0.offset))) < (8 * x_1)) ->
  235. (0 <> mchar_0[{ s_0 with offset = i_3 + x_1 }])))
  236.  
  237. end
  238.  
  239. (* ---------------------------------------------------------- *)
  240. (* --- Positivity of Loop variant at loop (file strlen.c, line 14) --- *)
  241. (* ---------------------------------------------------------- *)
  242. theory VCstrlen_loop_term_positive
  243.  
  244. use import bool.Bool
  245. use import int.Int
  246. use import int.ComputerDivision
  247. use import real.RealInfix
  248. use import qed.Arith
  249. use import map.Map
  250. use import memory.Memory
  251. use import Axiomatic.Axiomatic
  252. use import cint.Cint
  253. use import A_Length.A_Length
  254.  
  255. goal WP "expl:Positivity of Loop variant at loop (file strlen.c, line 14)":
  256. forall i_2 i_1 i_0 : int.
  257. forall malloc_0 : map int int.
  258. forall mchar_0 : map addr int.
  259. forall s_1 s_0 ss_0 : addr.
  260. let x_0 = s_0.base in
  261. let x_1 = s_0.offset in
  262. let x_2 = (l_Length mchar_0 s_0) in
  263. let x_3 = 8 * (ss_0.offset) in
  264. let x_4 = 8 * x_1 in
  265. (0 <> mchar_0[ss_0]) ->
  266. ((linked malloc_0)) ->
  267. ((sconst mchar_0)) ->
  268. ((addr_le s_0 ss_0)) ->
  269. ((valid_rd malloc_0 ss_0 1)) ->
  270. (exists i_3 : int. (p_Length_of_str_is mchar_0 malloc_0 s_0 i_3)) ->
  271. ((is_sint8 mchar_0[{ s_1 with offset = i_2 + (s_1.offset) }])) ->
  272. ((is_sint8 mchar_0[{ s_0 with offset = i_1 + x_1 }])) ->
  273. ((is_sint8 mchar_0[{ s_0 with offset = i_0 + x_1 }])) ->
  274. ((addr_le ss_0 ({ s_0 with offset = x_1 + x_2 }))) ->
  275. (forall i_3 : int. (0 <= i_3) -> ((i_3 + x_3) < x_4) ->
  276. (0 <> mchar_0[{ s_0 with offset = i_3 + x_1 }])) ->
  277. (x_4 <= (x_3 + x_2))
  278.  
  279. end
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!