From dad12da8324838dffa72688ff1629ff1d00a8f00 Mon Sep 17 00:00:00 2001 From: Nat Karmios Date: Thu, 14 Mar 2024 23:42:07 +0000 Subject: [PATCH 1/5] Clean up debugger workspace --- .../{c => compcert-c}/amazon/bugs/mega.c | 0 .../amazon/logic/ByteLogic.gil | 0 .../amazon/logic/EncryptionHeaderLogic.gil | 0 .../amazon/logic/ListLogic.gil | 0 .../amazon/logic/StringStruct.gil | 0 .../amazon/logic/Utf8Logic.gil | 0 .../amazon/logic/hash_table_ax.gil | 0 .../sampleWorkspace/js/DLL.js | 64 - .../sampleWorkspace/js/SLL.gil | 542 ---- .../sampleWorkspace/js/SLL.js | 61 - .../js/amazon/bugs/frozen/AmazonLogic.jsil | 1509 ----------- .../js/amazon/bugs/frozen/ByteLogic.gil | 45 - .../bugs/frozen/EncryptionHeaderLogic.gil | 383 --- .../js/amazon/bugs/frozen/ListLogic.gil | 67 - .../js/amazon/bugs/frozen/Utf8Logic.gil | 26 - .../bugs/frozen/deserialize_factory.gil | 2384 ----------------- .../amazon/bugs/frozen/deserialize_factory.js | 467 ---- .../sampleWorkspace/js/missing_resource.js | 11 - .../{kani/c => kani-c}/wpst/llen.c | 0 .../c => kani-c}/wpst/llen.c.symtab.json | 0 .../{kani/c => kani-c}/wpst/simple_branch.c | 0 .../wpst/simple_branch.c.symtab.gil | 0 .../wpst/simple_branch.c.symtab.json | 0 .../sampleWorkspace/text/test.md | 46 - .../sampleWorkspace/text/test.txt | 47 - .../{wisl_demo => wisl/lab}/dll/auto.wisl | 0 .../{wisl_demo => wisl/lab}/dll/manual.wisl | 0 .../lab}/dll/manual_solutions.wisl | 0 .../{wisl_demo => wisl/lab}/sll/auto.wisl | 0 .../{wisl_demo => wisl/lab}/sll/manual.wisl | 0 .../lab}/sll/manual_solutions.wisl | 0 .../{ => wisl/verify}/SLL_ex_complete.wisl | 0 .../{ => wisl/verify}/list_dispose.gil | 0 .../{ => wisl/verify}/list_dispose.wisl | 0 .../{ => wisl/verify}/list_dispose_bad.gil | 0 .../{ => wisl/verify}/list_dispose_bad.wisl | 0 .../{ => wisl/verify}/list_length_iter.gil | 0 .../{ => wisl/verify}/list_length_iter.wisl | 0 .../{ => wisl/verify}/list_length_rec.gil | 0 .../{ => wisl/verify}/list_length_rec.wisl | 0 .../{ => wisl/verify}/list_length_rec_bad.gil | 0 .../verify}/list_length_rec_bad.wisl | 0 .../{ => wisl}/wpst/llen_wpst.wisl | 0 .../wisl_old/errors/double_free.gil | 40 - .../wisl_old/errors/double_free.wisl | 20 - .../wisl_old/errors/missing_resource.gil | 46 - .../wisl_old/errors/missing_resource.wisl | 20 - .../wisl_old/errors/out_of_bounds.gil | 15 - .../wisl_old/errors/out_of_bounds.wisl | 7 - .../wisl_old/errors/use_after_free.gil | 77 - .../wisl_old/errors/use_after_free.wisl | 39 - .../sampleWorkspace/wisl_old/list_append.gil | 59 - .../sampleWorkspace/wisl_old/list_append.wisl | 35 - .../sampleWorkspace/wisl_old/list_dispose.gil | 113 - .../wisl_old/list_dispose.wisl | 70 - 55 files changed, 6193 deletions(-) rename debugger-vscode-extension/sampleWorkspace/{c => compcert-c}/amazon/bugs/mega.c (100%) rename debugger-vscode-extension/sampleWorkspace/{c => compcert-c}/amazon/logic/ByteLogic.gil (100%) rename debugger-vscode-extension/sampleWorkspace/{c => compcert-c}/amazon/logic/EncryptionHeaderLogic.gil (100%) rename debugger-vscode-extension/sampleWorkspace/{c => compcert-c}/amazon/logic/ListLogic.gil (100%) rename debugger-vscode-extension/sampleWorkspace/{c => compcert-c}/amazon/logic/StringStruct.gil (100%) rename debugger-vscode-extension/sampleWorkspace/{c => compcert-c}/amazon/logic/Utf8Logic.gil (100%) rename debugger-vscode-extension/sampleWorkspace/{c => compcert-c}/amazon/logic/hash_table_ax.gil (100%) delete mode 100644 debugger-vscode-extension/sampleWorkspace/js/DLL.js delete mode 100644 debugger-vscode-extension/sampleWorkspace/js/SLL.gil delete mode 100644 debugger-vscode-extension/sampleWorkspace/js/SLL.js delete mode 100644 debugger-vscode-extension/sampleWorkspace/js/amazon/bugs/frozen/AmazonLogic.jsil delete mode 100644 debugger-vscode-extension/sampleWorkspace/js/amazon/bugs/frozen/ByteLogic.gil delete mode 100644 debugger-vscode-extension/sampleWorkspace/js/amazon/bugs/frozen/EncryptionHeaderLogic.gil delete mode 100644 debugger-vscode-extension/sampleWorkspace/js/amazon/bugs/frozen/ListLogic.gil delete mode 100644 debugger-vscode-extension/sampleWorkspace/js/amazon/bugs/frozen/Utf8Logic.gil delete mode 100644 debugger-vscode-extension/sampleWorkspace/js/amazon/bugs/frozen/deserialize_factory.gil delete mode 100644 debugger-vscode-extension/sampleWorkspace/js/amazon/bugs/frozen/deserialize_factory.js delete mode 100644 debugger-vscode-extension/sampleWorkspace/js/missing_resource.js rename debugger-vscode-extension/sampleWorkspace/{kani/c => kani-c}/wpst/llen.c (100%) rename debugger-vscode-extension/sampleWorkspace/{kani/c => kani-c}/wpst/llen.c.symtab.json (100%) rename debugger-vscode-extension/sampleWorkspace/{kani/c => kani-c}/wpst/simple_branch.c (100%) rename debugger-vscode-extension/sampleWorkspace/{kani/c => kani-c}/wpst/simple_branch.c.symtab.gil (100%) rename debugger-vscode-extension/sampleWorkspace/{kani/c => kani-c}/wpst/simple_branch.c.symtab.json (100%) delete mode 100644 debugger-vscode-extension/sampleWorkspace/text/test.md delete mode 100644 debugger-vscode-extension/sampleWorkspace/text/test.txt rename debugger-vscode-extension/sampleWorkspace/{wisl_demo => wisl/lab}/dll/auto.wisl (100%) rename debugger-vscode-extension/sampleWorkspace/{wisl_demo => wisl/lab}/dll/manual.wisl (100%) rename debugger-vscode-extension/sampleWorkspace/{wisl_demo => wisl/lab}/dll/manual_solutions.wisl (100%) rename debugger-vscode-extension/sampleWorkspace/{wisl_demo => wisl/lab}/sll/auto.wisl (100%) rename debugger-vscode-extension/sampleWorkspace/{wisl_demo => wisl/lab}/sll/manual.wisl (100%) rename debugger-vscode-extension/sampleWorkspace/{wisl_demo => wisl/lab}/sll/manual_solutions.wisl (100%) rename debugger-vscode-extension/sampleWorkspace/{ => wisl/verify}/SLL_ex_complete.wisl (100%) rename debugger-vscode-extension/sampleWorkspace/{ => wisl/verify}/list_dispose.gil (100%) rename debugger-vscode-extension/sampleWorkspace/{ => wisl/verify}/list_dispose.wisl (100%) rename debugger-vscode-extension/sampleWorkspace/{ => wisl/verify}/list_dispose_bad.gil (100%) rename debugger-vscode-extension/sampleWorkspace/{ => wisl/verify}/list_dispose_bad.wisl (100%) rename debugger-vscode-extension/sampleWorkspace/{ => wisl/verify}/list_length_iter.gil (100%) rename debugger-vscode-extension/sampleWorkspace/{ => wisl/verify}/list_length_iter.wisl (100%) rename debugger-vscode-extension/sampleWorkspace/{ => wisl/verify}/list_length_rec.gil (100%) rename debugger-vscode-extension/sampleWorkspace/{ => wisl/verify}/list_length_rec.wisl (100%) rename debugger-vscode-extension/sampleWorkspace/{ => wisl/verify}/list_length_rec_bad.gil (100%) rename debugger-vscode-extension/sampleWorkspace/{ => wisl/verify}/list_length_rec_bad.wisl (100%) rename debugger-vscode-extension/sampleWorkspace/{ => wisl}/wpst/llen_wpst.wisl (100%) delete mode 100644 debugger-vscode-extension/sampleWorkspace/wisl_old/errors/double_free.gil delete mode 100644 debugger-vscode-extension/sampleWorkspace/wisl_old/errors/double_free.wisl delete mode 100644 debugger-vscode-extension/sampleWorkspace/wisl_old/errors/missing_resource.gil delete mode 100644 debugger-vscode-extension/sampleWorkspace/wisl_old/errors/missing_resource.wisl delete mode 100644 debugger-vscode-extension/sampleWorkspace/wisl_old/errors/out_of_bounds.gil delete mode 100644 debugger-vscode-extension/sampleWorkspace/wisl_old/errors/out_of_bounds.wisl delete mode 100644 debugger-vscode-extension/sampleWorkspace/wisl_old/errors/use_after_free.gil delete mode 100644 debugger-vscode-extension/sampleWorkspace/wisl_old/errors/use_after_free.wisl delete mode 100644 debugger-vscode-extension/sampleWorkspace/wisl_old/list_append.gil delete mode 100644 debugger-vscode-extension/sampleWorkspace/wisl_old/list_append.wisl delete mode 100644 debugger-vscode-extension/sampleWorkspace/wisl_old/list_dispose.gil delete mode 100644 debugger-vscode-extension/sampleWorkspace/wisl_old/list_dispose.wisl diff --git a/debugger-vscode-extension/sampleWorkspace/c/amazon/bugs/mega.c b/debugger-vscode-extension/sampleWorkspace/compcert-c/amazon/bugs/mega.c similarity index 100% rename from debugger-vscode-extension/sampleWorkspace/c/amazon/bugs/mega.c rename to debugger-vscode-extension/sampleWorkspace/compcert-c/amazon/bugs/mega.c diff --git a/debugger-vscode-extension/sampleWorkspace/c/amazon/logic/ByteLogic.gil b/debugger-vscode-extension/sampleWorkspace/compcert-c/amazon/logic/ByteLogic.gil similarity index 100% rename from debugger-vscode-extension/sampleWorkspace/c/amazon/logic/ByteLogic.gil rename to debugger-vscode-extension/sampleWorkspace/compcert-c/amazon/logic/ByteLogic.gil diff --git a/debugger-vscode-extension/sampleWorkspace/c/amazon/logic/EncryptionHeaderLogic.gil b/debugger-vscode-extension/sampleWorkspace/compcert-c/amazon/logic/EncryptionHeaderLogic.gil similarity index 100% rename from debugger-vscode-extension/sampleWorkspace/c/amazon/logic/EncryptionHeaderLogic.gil rename to debugger-vscode-extension/sampleWorkspace/compcert-c/amazon/logic/EncryptionHeaderLogic.gil diff --git a/debugger-vscode-extension/sampleWorkspace/c/amazon/logic/ListLogic.gil b/debugger-vscode-extension/sampleWorkspace/compcert-c/amazon/logic/ListLogic.gil similarity index 100% rename from debugger-vscode-extension/sampleWorkspace/c/amazon/logic/ListLogic.gil rename to debugger-vscode-extension/sampleWorkspace/compcert-c/amazon/logic/ListLogic.gil diff --git a/debugger-vscode-extension/sampleWorkspace/c/amazon/logic/StringStruct.gil b/debugger-vscode-extension/sampleWorkspace/compcert-c/amazon/logic/StringStruct.gil similarity index 100% rename from debugger-vscode-extension/sampleWorkspace/c/amazon/logic/StringStruct.gil rename to debugger-vscode-extension/sampleWorkspace/compcert-c/amazon/logic/StringStruct.gil diff --git a/debugger-vscode-extension/sampleWorkspace/c/amazon/logic/Utf8Logic.gil b/debugger-vscode-extension/sampleWorkspace/compcert-c/amazon/logic/Utf8Logic.gil similarity index 100% rename from debugger-vscode-extension/sampleWorkspace/c/amazon/logic/Utf8Logic.gil rename to debugger-vscode-extension/sampleWorkspace/compcert-c/amazon/logic/Utf8Logic.gil diff --git a/debugger-vscode-extension/sampleWorkspace/c/amazon/logic/hash_table_ax.gil b/debugger-vscode-extension/sampleWorkspace/compcert-c/amazon/logic/hash_table_ax.gil similarity index 100% rename from debugger-vscode-extension/sampleWorkspace/c/amazon/logic/hash_table_ax.gil rename to debugger-vscode-extension/sampleWorkspace/compcert-c/amazon/logic/hash_table_ax.gil diff --git a/debugger-vscode-extension/sampleWorkspace/js/DLL.js b/debugger-vscode-extension/sampleWorkspace/js/DLL.js deleted file mode 100644 index 61ecb00c5..000000000 --- a/debugger-vscode-extension/sampleWorkspace/js/DLL.js +++ /dev/null @@ -1,64 +0,0 @@ -"use strict"; - -/* - @pred Node(+x:Obj, val, prev, next) : - JSObject(x) * DataProp(x, "val", val) * DataProp(x, "prev", prev) * DataProp(x, "next", next); - - @pred DLL(+x, alpha:List) : - (x == null) * (alpha == {{ }}), - Node(x, #val, #prev, #next) * DLL(#next, #beta) * (alpha == #val :: #beta); -*/ - -/** - @id listCopy - - @pre GlobalObject() * scope(listCopy: #listCopy) * JSFunctionObject(#listCopy, "listCopy", _, _, _) * - (lst == #lst) * DLL(#lst, #alpha) - - @post GlobalObject() * scope(listCopy: #listCopy) * JSFunctionObject(#listCopy, "listCopy", _, _, _) * - DLL(#lst, #alpha) * DLL(ret, #alpha) -*/ -function listCopy (lst) { - if (lst === null) { - return null - } else { - return { val: lst.val, prev: lst.prev, next : listCopy(lst.next) } - } -} - -/** - @id listConcat - - @pre GlobalObject() * scope(listConcat: #listConcat) * JSFunctionObject(#listConcat, "listConcat", _, _, _) * - (la == #la) * DLL(#la, #alpha) * (lb == #lb) * DLL(#lb, #beta) - - @post GlobalObject() * scope(listConcat: #listConcat) * JSFunctionObject(#listConcat, "listConcat", _, _, _) * - DLL(ret, l+ (#alpha, #beta)) -*/ -function listConcat(la, lb) { - if (la === null) return lb; - if (lb === null) return la; - - if (la.next === null) { la.next = lb; lb.prev = la; return la } - - la.next = listConcat(la.next, lb); - return la -} - -/** - @id listAppend - - @pre GlobalObject() * scope(listConcat: #listConcat) * JSFunctionObject(#listConcat, "listConcat", _, _, _) * - (lst == #lst) * DLL(#lst, #alpha) * (v == #v) - - @post GlobalObject() * scope(listConcat: #listConcat) * JSFunctionObject(#listConcat, "listConcat", _, _, _) * - DLL(ret, l+ (#alpha, {{ #v }} )) -*/ -function listAppend(lst, v) { - var newNode = { val: v, prev : null, next : null }; - if (lst === null) { - return newNode - } else { - return listConcat(lst, newNode) - } -} \ No newline at end of file diff --git a/debugger-vscode-extension/sampleWorkspace/js/SLL.gil b/debugger-vscode-extension/sampleWorkspace/js/SLL.gil deleted file mode 100644 index 717325146..000000000 --- a/debugger-vscode-extension/sampleWorkspace/js/SLL.gil +++ /dev/null @@ -1,542 +0,0 @@ -import "javert_internal_functions.jsil", "javert_logic_macros.jsil", - "ArrayBuffer.jsil", "ArrayLogic.jsil", "DataView.jsil", - "ByteLogic.gil", "Uint8Array.jsil"; - - -@nopath -pred SLL(+x, alpha : List) : (x == null) * (alpha == {{ }}), - Node(x, #val, #next) * SLL(#next, #beta) * - (alpha == l+ ({{ #val }}, #beta)); - - -@nopath -pred Node(+x : Obj, val, next) : JSObject(x) * DataProp(x, "val", val) * - DataProp(x, "next", next); - -@nopath -proc main() { - x_0 := "setupInitialHeap"(); - x__scope := {{ $lg }}; - x__sc_fst := {{ $lg }}; - x__this := $lg; - gvar_aux_0 := $lg; - gvar_aux_1 := "arguments"; - gvar_aux_2 := {{ "d", undefined, true, true, false }}; - gvar_aux_3 := [GetCell](gvar_aux_0, gvar_aux_1); - gvar_aux_4 := [SetCell](l-nth(gvar_aux_3, 0.), l-nth(gvar_aux_3, 1.), - gvar_aux_2); - x__te := "TypeError"(); - x__se := "SyntaxError"(); - x__re := "ReferenceError"(); - x_f_0 := "create_function_object"(x__sc_fst, "listCopy", "listCopy", - {{ "lst" }}); - x_er_0 := l-nth(x__sc_fst, 0.); - gvar_aux_5 := x_er_0; - gvar_aux_6 := "listCopy"; - gvar_aux_7 := {{ "d", x_f_0, true, true, false }}; - gvar_aux_8 := [GetCell](gvar_aux_5, gvar_aux_6); - gvar_aux_9 := [SetCell](l-nth(gvar_aux_8, 0.), l-nth(gvar_aux_8, 1.), - gvar_aux_7); - x_f_1 := "create_function_object"(x__sc_fst, "listConcat", - "listConcat", {{ "la", "lb" }}); - x_er_1 := l-nth(x__sc_fst, 0.); - gvar_aux_10 := x_er_1; - gvar_aux_11 := "listConcat"; - gvar_aux_12 := {{ "d", x_f_1, true, true, false }}; - gvar_aux_13 := [GetCell](gvar_aux_10, gvar_aux_11); - gvar_aux_14 := [SetCell](l-nth(gvar_aux_13, 0.), - l-nth(gvar_aux_13, 1.), gvar_aux_12); - x_f_2 := "create_function_object"(x__sc_fst, "listAppend", - "listAppend", {{ "lst", "v" }}); - x_er_2 := l-nth(x__sc_fst, 0.); - gvar_aux_15 := x_er_2; - gvar_aux_16 := "listAppend"; - gvar_aux_17 := {{ "d", x_f_2, true, true, false }}; - gvar_aux_18 := [GetCell](gvar_aux_15, gvar_aux_16); - gvar_aux_19 := [SetCell](l-nth(gvar_aux_18, 0.), - l-nth(gvar_aux_18, 1.), gvar_aux_17); - x_1_v := "i__getValue"("use strict") with elab; - GPVUnfold("use strict"); - ret := empty; - x_2 := "i__purge"(x__te); - x_2 := "i__purge"(x__se); - x_2 := "i__purge"(x__re); - rlab: return; - elab: ret := x_1_v; - throw -}; - - -@nopath -spec listConcat(x__scope, x__this, la, lb) - [[ GlobalObject() * - ($lg, "listConcat"; {{ "d", #listConcat, true, true, false }}) * - ($lg == l-nth(_lvar_js_0, 0.)) * - (1. == (l-len _lvar_js_0)) * - JSFunctionObject(#listConcat, "listConcat", _lvar_js_0, _lvar_js_1, _lvar_js_2) * - (_lvar_js_0 == {{ $lg }}) * - (la == #la) * - SLL(#la, #alpha) * - (lb == #lb) * - SLL(#lb, #beta) * - (x__scope == {{ $lg }}) * - (x__this == #this) * - (! (x__scope == empty)) * - (! (x__this == empty)) * - (! (la == empty)) * - (! (lb == empty)) * - (! (x__scope == none)) * - (! (x__this == none)) * - (! (la == none)) * - (! (lb == none)) * - ((typeOf x__scope) == List) * - (! ((typeOf x__this) == List)) * - (! ((typeOf la) == List)) * - (! ((typeOf lb) == List)) ]] - [[ GlobalObject() * - ($lg, "listConcat"; {{ "d", #listConcat, true, true, false }}) * - ($lg == l-nth(_lvar_js_3, 0.)) * - (1. == (l-len _lvar_js_3)) * - JSFunctionObject(#listConcat, "listConcat", _lvar_js_3, _lvar_js_4, _lvar_js_5) * - (_lvar_js_3 == {{ $lg }}) * - SLL(ret, l+ (#alpha, #beta)) * - (x__this == #this) * - (x__scope == {{ $lg }}) ]] - normal -proc listConcat(x__scope, x__this, la, lb) { - gvar_aux_20 := [Alloc](empty, null); - x__er_m := l-nth(gvar_aux_20, 0.); - gvar_aux_21 := [Alloc](empty, x__er_m); - x__er := l-nth(gvar_aux_21, 0.); - gvar_aux_22 := x__er_m; - gvar_aux_23 := "@er"; - gvar_aux_24 := true; - gvar_aux_25 := [GetCell](gvar_aux_22, gvar_aux_23); - gvar_aux_26 := [SetCell](l-nth(gvar_aux_25, 0.), - l-nth(gvar_aux_25, 1.), gvar_aux_24); - gvar_aux_27 := x__er; - gvar_aux_28 := "arguments"; - gvar_aux_29 := undefined; - gvar_aux_30 := [GetCell](gvar_aux_27, gvar_aux_28); - gvar_aux_31 := [SetCell](l-nth(gvar_aux_30, 0.), - l-nth(gvar_aux_30, 1.), gvar_aux_29); - gvar_aux_32 := x__er; - gvar_aux_33 := "la"; - gvar_aux_34 := la; - gvar_aux_35 := [GetCell](gvar_aux_32, gvar_aux_33); - gvar_aux_36 := [SetCell](l-nth(gvar_aux_35, 0.), - l-nth(gvar_aux_35, 1.), gvar_aux_34); - gvar_aux_37 := x__er; - gvar_aux_38 := "lb"; - gvar_aux_39 := lb; - gvar_aux_40 := [GetCell](gvar_aux_37, gvar_aux_38); - gvar_aux_41 := [SetCell](l-nth(gvar_aux_40, 0.), - l-nth(gvar_aux_40, 1.), gvar_aux_39); - x__sc_fst := l+ (x__scope, {{ x__er }}); - x__te := "TypeError"(); - x__se := "SyntaxError"(); - x__re := "ReferenceError"(); - x_5 := l-nth(x__sc_fst, 1.); - x_6 := {{ "v", x_5, "la", true }}; - x_6_v := "i__getValue"(x_6) with pre_elab; - GPVUnfold(x_6); - x_7_v := "i__getValue"(null) with pre_elab; - GPVUnfold(null); - x_8 := "i__strictEquality"(x_6_v, x_7_v) with pre_elab; - x_8_v := "i__getValue"(x_8) with pre_elab; - GPVUnfold(x_8); - x_8_b := "i__toBoolean"(x_8_v) with pre_elab; - goto [x_8_b] then_0 else_0; - then_0: x_9 := l-nth(x__sc_fst, 1.); - x_10 := {{ "v", x_9, "lb", true }}; - x_10_v := "i__getValue"(x_10) with pre_elab; - GPVUnfold(x_10); - goto pre_rlab; - goto end_0; - else_0: x_11 := empty; - end_0: PHI(x_12: x_10_v, x_11); - x_13 := l-nth(x__sc_fst, 1.); - x_14 := {{ "v", x_13, "la", true }}; - x_14_v := "i__getValue"(x_14) with pre_elab; - GPVUnfold(x_14); - x_15 := "i__checkObjectCoercible"(x_14_v) with pre_elab; - x_16 := {{ "o", x_14_v, "next", true }}; - x_17 := l-nth(x__sc_fst, 0.); - x_18 := {{ "v", x_17, "listConcat", true }}; - x_18_v := "i__getValue"(x_18) with pre_elab; - GPVUnfold(x_18); - x_19 := l-nth(x__sc_fst, 1.); - x_20 := {{ "v", x_19, "la", true }}; - x_20_v := "i__getValue"(x_20) with pre_elab; - GPVUnfold(x_20); - x_21 := "i__checkObjectCoercible"(x_20_v) with pre_elab; - x_22 := {{ "o", x_20_v, "next", true }}; - x_22_v := "i__getValue"(x_22) with pre_elab; - GPVUnfold(x_22); - x_23 := l-nth(x__sc_fst, 1.); - x_24 := {{ "v", x_23, "lb", true }}; - x_24_v := "i__getValue"(x_24) with pre_elab; - GPVUnfold(x_24); - goto [(not ((typeOf x_18_v) = Obj))] pre_elab next_0; - next_0: gvar_aux_42 := x_18_v; - gvar_aux_43 := [GetMetadata](gvar_aux_42); - goto [(l-nth(gvar_aux_43, 1.) = none)] glab_then_0 glab_else_0; - glab_then_0: fail [ResourceError](gvar_aux_42); - glab_else_0: x_26 := l-nth(gvar_aux_43, 1.); - x_25 := "i__isCallable"(x_18_v); - goto [x_25] lab_0 pre_elab; - lab_0: gvar_aux_44 := x_26; - gvar_aux_45 := "@call"; - gvar_aux_46 := [GetCell](gvar_aux_44, gvar_aux_45); - goto [(l-nth(gvar_aux_46, 2.) = none)] glab_then_1 glab_else_1; - glab_then_1: fail [ResourceError](gvar_aux_44, gvar_aux_45); - glab_else_1: x_body_1 := l-nth(gvar_aux_46, 2.); - else_2: gvar_aux_47 := x_26; - gvar_aux_48 := "@scope"; - gvar_aux_49 := [GetCell](gvar_aux_47, gvar_aux_48); - goto [(l-nth(gvar_aux_49, 2.) = none)] glab_then_2 glab_else_2; - glab_then_2: fail [ResourceError](gvar_aux_47, gvar_aux_48); - glab_else_2: x_fscope_1 := l-nth(gvar_aux_49, 2.); - goto [((typeOf x_18) = List)] then_2 else_3; - then_2: goto [(l-nth(x_18, 0.) = "o")] then_3 else_3; - then_3: x_this_0 := l-nth(x_18, 1.); - goto fi_0; - else_3: x_this_1 := undefined; - fi_0: PHI(x_this_2: x_this_0, x_this_1); - x_35 := x_body_1(x_fscope_1, x_this_2, x_22_v, x_24_v) with pre_elab; - x_35_v := "i__getValue"(x_35) with pre_elab; - GPVUnfold(x_35); - x_37 := "i__checkAssignmentErrors"(x_16) with pre_elab; - x_38 := "i__putValue"(x_16, x_35_v) with pre_elab; - GPVUnfold(x_16); - skip; - x_39 := l-nth(x__sc_fst, 1.); - x_40 := {{ "v", x_39, "la", true }}; - x_40_v := "i__getValue"(x_40) with pre_elab; - GPVUnfold(x_40); - goto pre_rlab; - x_41 := undefined; - pre_rlab: PHI(ret: x_10_v, x_40_v, x_41); - x_42 := "i__purge"(x__te); - x_42 := "i__purge"(x__se); - x_42 := "i__purge"(x__re); - x__scope_f := x__sc_fst; - return; - pre_elab: PHI(ret: x_6_v, x_7_v, x_8, x_8_v, x_8_b, x_10_v, x_14_v, x_15, x_18_v, x_20_v, x_21, x_22_v, x_24_v, x__te, x__te, x_35, x_35_v, x_37, x_38, x_40_v); - x__scope_f := x__sc_fst; - throw -}; - - -@nopath -spec listAppend(x__scope, x__this, lst, v) - [[ GlobalObject() * - ($lg, "listConcat"; {{ "d", #listConcat, true, true, false }}) * - ($lg == l-nth(_lvar_js_7, 0.)) * - (1. == (l-len _lvar_js_7)) * - JSFunctionObject(#listConcat, "listConcat", _lvar_js_7, _lvar_js_8, _lvar_js_9) * - (_lvar_js_7 == {{ $lg }}) * - (lst == #lst) * - SLL(#lst, #alpha) * - (v == #v) * - (x__scope == {{ $lg }}) * - (x__this == #this) * - (! (x__scope == empty)) * - (! (x__this == empty)) * - (! (lst == empty)) * - (! (v == empty)) * - (! (x__scope == none)) * - (! (x__this == none)) * - (! (lst == none)) * - (! (v == none)) * - ((typeOf x__scope) == List) * - (! ((typeOf x__this) == List)) * - (! ((typeOf lst) == List)) * - (! ((typeOf v) == List)) ]] - [[ GlobalObject() * - ($lg, "listConcat"; {{ "d", #listConcat, true, true, false }}) * - ($lg == l-nth(_lvar_js_10, 0.)) * - (1. == (l-len _lvar_js_10)) * - JSFunctionObject(#listConcat, "listConcat", _lvar_js_10, _lvar_js_11, _lvar_js_12) * - (_lvar_js_10 == {{ $lg }}) * - SLL(ret, l+ (#alpha, {{ #v }})) * - (x__this == #this) * - (x__scope == {{ $lg }}) ]] - normal -proc listAppend(x__scope, x__this, lst, v) { - gvar_aux_75 := [Alloc](empty, null); - x__er_m := l-nth(gvar_aux_75, 0.); - gvar_aux_76 := [Alloc](empty, x__er_m); - x__er := l-nth(gvar_aux_76, 0.); - gvar_aux_77 := x__er_m; - gvar_aux_78 := "@er"; - gvar_aux_79 := true; - gvar_aux_80 := [GetCell](gvar_aux_77, gvar_aux_78); - gvar_aux_81 := [SetCell](l-nth(gvar_aux_80, 0.), - l-nth(gvar_aux_80, 1.), gvar_aux_79); - gvar_aux_82 := x__er; - gvar_aux_83 := "newNode"; - gvar_aux_84 := undefined; - gvar_aux_85 := [GetCell](gvar_aux_82, gvar_aux_83); - gvar_aux_86 := [SetCell](l-nth(gvar_aux_85, 0.), - l-nth(gvar_aux_85, 1.), gvar_aux_84); - gvar_aux_87 := x__er; - gvar_aux_88 := "arguments"; - gvar_aux_89 := undefined; - gvar_aux_90 := [GetCell](gvar_aux_87, gvar_aux_88); - gvar_aux_91 := [SetCell](l-nth(gvar_aux_90, 0.), - l-nth(gvar_aux_90, 1.), gvar_aux_89); - gvar_aux_92 := x__er; - gvar_aux_93 := "lst"; - gvar_aux_94 := lst; - gvar_aux_95 := [GetCell](gvar_aux_92, gvar_aux_93); - gvar_aux_96 := [SetCell](l-nth(gvar_aux_95, 0.), - l-nth(gvar_aux_95, 1.), gvar_aux_94); - gvar_aux_97 := x__er; - gvar_aux_98 := "v"; - gvar_aux_99 := v; - gvar_aux_100 := [GetCell](gvar_aux_97, gvar_aux_98); - gvar_aux_101 := [SetCell](l-nth(gvar_aux_100, 0.), - l-nth(gvar_aux_100, 1.), gvar_aux_99); - x__sc_fst := l+ (x__scope, {{ x__er }}); - x__te := "TypeError"(); - x__se := "SyntaxError"(); - x__re := "ReferenceError"(); - x_80 := "create_default_object"($lobj_proto); - x_81 := l-nth(x__sc_fst, 1.); - x_82 := {{ "v", x_81, "v", true }}; - x_82_v := "i__getValue"(x_82) with pre_elab; - GPVUnfold(x_82); - x_desc_2 := {{ "d", x_82_v, true, true, true }}; - x_83 := "defineOwnProperty"(x_80, "val", x_desc_2, true) with pre_elab; - x_84_v := "i__getValue"(null) with pre_elab; - GPVUnfold(null); - x_desc_3 := {{ "d", x_84_v, true, true, true }}; - x_85 := "defineOwnProperty"(x_80, "next", x_desc_3, true) with pre_elab; - x_80_v := "i__getValue"(x_80) with pre_elab; - GPVUnfold(x_80); - x_86 := l-nth(x__sc_fst, 1.); - x_87 := {{ "v", x_86, "newNode", true }}; - x_88 := "i__checkAssignmentErrors"(x_87) with pre_elab; - x_89 := "i__putValue"(x_87, x_80_v) with pre_elab; - GPVUnfold(x_87); - x_90 := empty; - x_91 := l-nth(x__sc_fst, 1.); - x_92 := {{ "v", x_91, "lst", true }}; - x_92_v := "i__getValue"(x_92) with pre_elab; - GPVUnfold(x_92); - x_93_v := "i__getValue"(null) with pre_elab; - GPVUnfold(null); - x_94 := "i__strictEquality"(x_92_v, x_93_v) with pre_elab; - x_94_v := "i__getValue"(x_94) with pre_elab; - GPVUnfold(x_94); - x_94_b := "i__toBoolean"(x_94_v) with pre_elab; - goto [x_94_b] then_11 else_11; - then_11: x_95 := l-nth(x__sc_fst, 1.); - x_96 := {{ "v", x_95, "newNode", true }}; - x_96_v := "i__getValue"(x_96) with pre_elab; - GPVUnfold(x_96); - goto pre_rlab; - goto end_2; - else_11: x_97 := l-nth(x__sc_fst, 0.); - x_98 := {{ "v", x_97, "listConcat", true }}; - x_98_v := "i__getValue"(x_98) with pre_elab; - GPVUnfold(x_98); - x_99 := l-nth(x__sc_fst, 1.); - x_100 := {{ "v", x_99, "lst", true }}; - x_100_v := "i__getValue"(x_100) with pre_elab; - GPVUnfold(x_100); - x_101 := l-nth(x__sc_fst, 1.); - x_102 := {{ "v", x_101, "newNode", true }}; - x_102_v := "i__getValue"(x_102) with pre_elab; - GPVUnfold(x_102); - goto [(not ((typeOf x_98_v) = Obj))] pre_elab next_4; - next_4: gvar_aux_102 := x_98_v; - gvar_aux_103 := [GetMetadata](gvar_aux_102); - goto [(l-nth(gvar_aux_103, 1.) = none)] glab_then_6 glab_else_6; - glab_then_6: fail [ResourceError](gvar_aux_102); - glab_else_6: x_104 := l-nth(gvar_aux_103, 1.); - x_103 := "i__isCallable"(x_98_v); - goto [x_103] lab_4 pre_elab; - lab_4: gvar_aux_104 := x_104; - gvar_aux_105 := "@call"; - gvar_aux_106 := [GetCell](gvar_aux_104, gvar_aux_105); - goto [(l-nth(gvar_aux_106, 2.) = none)] glab_then_7 glab_else_7; - glab_then_7: fail [ResourceError](gvar_aux_104, gvar_aux_105); - glab_else_7: x_body_5 := l-nth(gvar_aux_106, 2.); - else_9: gvar_aux_107 := x_104; - gvar_aux_108 := "@scope"; - gvar_aux_109 := [GetCell](gvar_aux_107, gvar_aux_108); - goto [(l-nth(gvar_aux_109, 2.) = none)] glab_then_8 glab_else_8; - glab_then_8: fail [ResourceError](gvar_aux_107, gvar_aux_108); - glab_else_8: x_fscope_5 := l-nth(gvar_aux_109, 2.); - goto [((typeOf x_98) = List)] then_9 else_10; - then_9: goto [(l-nth(x_98, 0.) = "o")] then_10 else_10; - then_10: x_this_6 := l-nth(x_98, 1.); - goto fi_2; - else_10: x_this_7 := undefined; - fi_2: PHI(x_this_8: x_this_6, x_this_7); - x_113 := x_body_5(x_fscope_5, x_this_8, x_100_v, x_102_v) with pre_elab; - x_113_v := "i__getValue"(x_113) with pre_elab; - GPVUnfold(x_113); - goto pre_rlab; - end_2: PHI(x_115: x_96_v, x_113_v); - goto [(x_115 = empty)] next_6 next_7; - next_6: skip; - next_7: PHI(x_116: x_115, x_90); - x_117 := undefined; - pre_rlab: PHI(ret: x_96_v, x_113_v, x_117); - x_118 := "i__purge"(x__te); - x_118 := "i__purge"(x__se); - x_118 := "i__purge"(x__re); - x__scope_f := x__sc_fst; - return; - pre_elab: PHI(ret: x_82_v, x_83, x_84_v, x_85, x_80_v, x_88, x_89, x_92_v, x_93_v, x_94, x_94_v, x_94_b, x_96_v, x_98_v, x_100_v, x_102_v, x__te, x__te, x_113, x_113_v); - x__scope_f := x__sc_fst; - throw -}; - - -@nopath -spec listCopy(x__scope, x__this, lst) - [[ GlobalObject() * - ($lg, "listCopy"; {{ "d", #listCopy, true, true, false }}) * - ($lg == l-nth(_lvar_js_14, 0.)) * - (1. == (l-len _lvar_js_14)) * - JSFunctionObject(#listCopy, "listCopy", _lvar_js_14, _lvar_js_15, _lvar_js_16) * - (_lvar_js_14 == {{ $lg }}) * - (lst == #lst) * - SLL(#lst, #alpha) * - (x__scope == {{ $lg }}) * - (x__this == #this) * - (! (x__scope == empty)) * - (! (x__this == empty)) * - (! (lst == empty)) * - (! (x__scope == none)) * - (! (x__this == none)) * - (! (lst == none)) * - ((typeOf x__scope) == List) * - (! ((typeOf x__this) == List)) * - (! ((typeOf lst) == List)) ]] - [[ GlobalObject() * - ($lg, "listCopy"; {{ "d", #listCopy, true, true, false }}) * - ($lg == l-nth(_lvar_js_17, 0.)) * - (1. == (l-len _lvar_js_17)) * - JSFunctionObject(#listCopy, "listCopy", _lvar_js_17, _lvar_js_18, _lvar_js_19) * - (_lvar_js_17 == {{ $lg }}) * - SLL(#lst, #alpha) * - SLL(ret, #alpha) * - (x__this == #this) * - (x__scope == {{ $lg }}) ]] - normal -proc listCopy(x__scope, x__this, lst) { - gvar_aux_50 := [Alloc](empty, null); - x__er_m := l-nth(gvar_aux_50, 0.); - gvar_aux_51 := [Alloc](empty, x__er_m); - x__er := l-nth(gvar_aux_51, 0.); - gvar_aux_52 := x__er_m; - gvar_aux_53 := "@er"; - gvar_aux_54 := true; - gvar_aux_55 := [GetCell](gvar_aux_52, gvar_aux_53); - gvar_aux_56 := [SetCell](l-nth(gvar_aux_55, 0.), - l-nth(gvar_aux_55, 1.), gvar_aux_54); - gvar_aux_57 := x__er; - gvar_aux_58 := "arguments"; - gvar_aux_59 := undefined; - gvar_aux_60 := [GetCell](gvar_aux_57, gvar_aux_58); - gvar_aux_61 := [SetCell](l-nth(gvar_aux_60, 0.), - l-nth(gvar_aux_60, 1.), gvar_aux_59); - gvar_aux_62 := x__er; - gvar_aux_63 := "lst"; - gvar_aux_64 := lst; - gvar_aux_65 := [GetCell](gvar_aux_62, gvar_aux_63); - gvar_aux_66 := [SetCell](l-nth(gvar_aux_65, 0.), - l-nth(gvar_aux_65, 1.), gvar_aux_64); - x__sc_fst := l+ (x__scope, {{ x__er }}); - x__te := "TypeError"(); - x__se := "SyntaxError"(); - x__re := "ReferenceError"(); - x_45 := l-nth(x__sc_fst, 1.); - x_46 := {{ "v", x_45, "lst", true }}; - x_46_v := "i__getValue"(x_46) with pre_elab; - GPVUnfold(x_46); - x_47_v := "i__getValue"(null) with pre_elab; - GPVUnfold(null); - x_48 := "i__strictEquality"(x_46_v, x_47_v) with pre_elab; - x_48_v := "i__getValue"(x_48) with pre_elab; - GPVUnfold(x_48); - x_48_b := "i__toBoolean"(x_48_v) with pre_elab; - goto [x_48_b] then_7 else_7; - then_7: x_49_v := "i__getValue"(null) with pre_elab; - GPVUnfold(null); - goto pre_rlab; - goto end_1; - else_7: x_50 := "create_default_object"($lobj_proto); - x_51 := l-nth(x__sc_fst, 1.); - x_52 := {{ "v", x_51, "lst", true }}; - x_52_v := "i__getValue"(x_52) with pre_elab; - GPVUnfold(x_52); - x_53 := "i__checkObjectCoercible"(x_52_v) with pre_elab; - x_54 := {{ "o", x_52_v, "val", true }}; - x_54_v := "i__getValue"(x_54) with pre_elab; - GPVUnfold(x_54); - x_desc_0 := {{ "d", x_54_v, true, true, true }}; - x_55 := "defineOwnProperty"(x_50, "val", x_desc_0, true) with pre_elab; - x_56 := l-nth(x__sc_fst, 0.); - x_57 := {{ "v", x_56, "listCopy", true }}; - x_57_v := "i__getValue"(x_57) with pre_elab; - GPVUnfold(x_57); - x_58 := l-nth(x__sc_fst, 1.); - x_59 := {{ "v", x_58, "lst", true }}; - x_59_v := "i__getValue"(x_59) with pre_elab; - GPVUnfold(x_59); - x_60 := "i__checkObjectCoercible"(x_59_v) with pre_elab; - x_61 := {{ "o", x_59_v, "next", true }}; - x_61_v := "i__getValue"(x_61) with pre_elab; - GPVUnfold(x_61); - goto [(not ((typeOf x_57_v) = Obj))] pre_elab next_2; - next_2: gvar_aux_67 := x_57_v; - gvar_aux_68 := [GetMetadata](gvar_aux_67); - goto [(l-nth(gvar_aux_68, 1.) = none)] glab_then_3 glab_else_3; - glab_then_3: fail [ResourceError](gvar_aux_67); - glab_else_3: x_63 := l-nth(gvar_aux_68, 1.); - x_62 := "i__isCallable"(x_57_v); - goto [x_62] lab_2 pre_elab; - lab_2: gvar_aux_69 := x_63; - gvar_aux_70 := "@call"; - gvar_aux_71 := [GetCell](gvar_aux_69, gvar_aux_70); - goto [(l-nth(gvar_aux_71, 2.) = none)] glab_then_4 glab_else_4; - glab_then_4: fail [ResourceError](gvar_aux_69, gvar_aux_70); - glab_else_4: x_body_3 := l-nth(gvar_aux_71, 2.); - else_5: gvar_aux_72 := x_63; - gvar_aux_73 := "@scope"; - gvar_aux_74 := [GetCell](gvar_aux_72, gvar_aux_73); - goto [(l-nth(gvar_aux_74, 2.) = none)] glab_then_5 glab_else_5; - glab_then_5: fail [ResourceError](gvar_aux_72, gvar_aux_73); - glab_else_5: x_fscope_3 := l-nth(gvar_aux_74, 2.); - goto [((typeOf x_57) = List)] then_5 else_6; - then_5: goto [(l-nth(x_57, 0.) = "o")] then_6 else_6; - then_6: x_this_3 := l-nth(x_57, 1.); - goto fi_1; - else_6: x_this_4 := undefined; - fi_1: PHI(x_this_5: x_this_3, x_this_4); - x_72 := x_body_3(x_fscope_3, x_this_5, x_61_v) with pre_elab; - x_72_v := "i__getValue"(x_72) with pre_elab; - GPVUnfold(x_72); - x_desc_1 := {{ "d", x_72_v, true, true, true }}; - x_74 := "defineOwnProperty"(x_50, "next", x_desc_1, true) with pre_elab; - x_50_v := "i__getValue"(x_50) with pre_elab; - GPVUnfold(x_50); - goto pre_rlab; - end_1: PHI(x_75: x_49_v, x_50_v); - x_76 := undefined; - pre_rlab: PHI(ret: x_49_v, x_50_v, x_76); - x_77 := "i__purge"(x__te); - x_77 := "i__purge"(x__se); - x_77 := "i__purge"(x__re); - x__scope_f := x__sc_fst; - return; - pre_elab: PHI(ret: x_46_v, x_47_v, x_48, x_48_v, x_48_b, x_49_v, x_52_v, x_53, x_54_v, x_55, x_57_v, x_59_v, x_60, x_61_v, x__te, x__te, x_72, x_72_v, x_74, x_50_v); - x__scope_f := x__sc_fst; - throw -}; diff --git a/debugger-vscode-extension/sampleWorkspace/js/SLL.js b/debugger-vscode-extension/sampleWorkspace/js/SLL.js deleted file mode 100644 index dca4bcc9b..000000000 --- a/debugger-vscode-extension/sampleWorkspace/js/SLL.js +++ /dev/null @@ -1,61 +0,0 @@ -"use strict"; - -/* - @pred Node(+x:Obj, val, next) : - JSObject(x) * DataProp(x, "val", val) * DataProp(x, "next", next); - - @pred SLL(+x, alpha:List) : - (x == null) * (alpha == {{ }}), - Node(x, #val, #next) * SLL(#next, #beta) * (alpha == #val :: #beta); -*/ - - -/** - @id listCopy - - @pre GlobalObject() * scope(listCopy: #listCopy) * JSFunctionObject(#listCopy, "listCopy", _, _, _) * - (lst == #lst) * SLL(#lst, #alpha) - - @post GlobalObject() * scope(listCopy: #listCopy) * JSFunctionObject(#listCopy, "listCopy", _, _, _) * - SLL(#lst, #alpha) * SLL(ret, #alpha) -*/ -function listCopy (lst) { - if (lst === null) { - return null - } else { - return { val: lst.val, next : listCopy(lst.next) } - } -} - -/** - @id listConcat - - @pre GlobalObject() * scope(listConcat: #listConcat) * JSFunctionObject(#listConcat, "listConcat", _, _, _) * - (la == #la) * SLL(#la, #alpha) * (lb == #lb) * SLL(#lb, #beta) - - @post GlobalObject() * scope(listConcat: #listConcat) * JSFunctionObject(#listConcat, "listConcat", _, _, _) * - SLL(ret, l+ (#alpha, #beta)) -*/ -function listConcat(la, lb) { - if (la === null) return lb; - la.next = listConcat(la.next, lb); - return la -} - -/** - @id listAppend - - @pre GlobalObject() * scope(listConcat: #listConcat) * JSFunctionObject(#listConcat, "listConcat", _, _, _) * - (lst == #lst) * SLL(#lst, #alpha) * (v == #v) - - @post GlobalObject() * scope(listConcat: #listConcat) * JSFunctionObject(#listConcat, "listConcat", _, _, _) * - SLL(ret, l+ (#alpha, {{ #v }} )) -*/ -function listAppend(lst, v) { - var newNode = { val: v, next : null }; - if (lst === null) { - return newNode - } else { - return listConcat(lst, newNode) - } -} \ No newline at end of file diff --git a/debugger-vscode-extension/sampleWorkspace/js/amazon/bugs/frozen/AmazonLogic.jsil b/debugger-vscode-extension/sampleWorkspace/js/amazon/bugs/frozen/AmazonLogic.jsil deleted file mode 100644 index e8c9b4bd0..000000000 --- a/debugger-vscode-extension/sampleWorkspace/js/amazon/bugs/frozen/AmazonLogic.jsil +++ /dev/null @@ -1,1509 +0,0 @@ -(* The length of an element is not smaller than the length of its first field *) -lemma CElementFirstFieldLength(buffer, readPos, fCount, field, restFields, eLength) -[[ - CElement(#buffer, #readPos, #fCount, l+({{ #field }}, #restFields), #eLength) -]] -[[ - CElement(#buffer, #readPos, #fCount, l+({{ #field }}, #restFields), #eLength) * - (2 + l-len #field <=# #eLength) -]] -[* - unfold CElement(#buffer, #readPos, #fCount, l+({{ #field }}, #restFields), #eLength) -*] - -(* The length of a non-empty complete element is strictly positive *) -lemma CElementNonEmptyPositiveLength(buffer, readPos, fCount, fList, eLength) -[[ - CElement(#buffer, #readPos, #fCount, #fList, #eLength) * (0 <# #fCount) -]] -[[ - CElement(#buffer, #readPos, #fCount, #fList, #eLength) * - (0 <# #eLength) -]] -[* - unfold CElement(#buffer, #readPos, #fCount, #fList, #eLength); - sep_assert (Field(#buffer, #readPos, #field, #fLength)) [bind: #fLength]; - sep_assert (CElement(#buffer, #readPos + #fLength, #fCount - 1, #restFields, #restELength)) [bind: #restELength] -*] - -(* Appending the first field of a given complete element to a complete element on its left *) -lemma AppendFieldCC(buffer, readPos, fCount1, fList1, eLength1, fCount2, field, fList2, eLength2) -[[ - CElement(#buffer, #readPos, #fCount1, #fList1, #eLength1) * - CElement(#buffer, #readPos + #eLength1, #fCount2, l+({{ #field }}, #fList2), #eLength2) * - (#shift == 2 + l-len #field) -]] -[[ - CElement(#buffer, #readPos, #fCount1 + 1, l+ (#fList1, {{ #field }}), #eLength1 + #shift) * - CElement(#buffer, #readPos + #eLength1 + #shift, #fCount2 - 1, #fList2, #eLength2 - #shift) -]] -[* - apply CElementFirstFieldLength(#buffer, #readPos + #eLength1, #fCount2, #field, #fList2, #eLength2); - unfold CElement(#buffer, #readPos, #fCount1, #fList1, #eLength1); - if (0 < #fCount1) then { - sep_assert (#fList1 == l+ ({{ #fl1 }}, #rfl1)) [bind: #fl1, #rfl1]; - sep_assert (CElement(#buffer, 2 + (l-len #fl1) + #readPos, #fCount1 - 1, #rfl1, #reL1)) [bind: #reL1]; - apply AppendFieldCC(#buffer, 2 + (l-len #fl1) + #readPos, #fCount1 - 1, #rfl1, #reL1, #fCount2, #field, #fList2, #eLength2) - } -*] - - - -(* Appending a complete element to the given complete elements from the right *) -lemma CElementsAppend(buffer, readPos, eCount, fCount, eList, esLength, fList, eLength) -[[ - CElements(#buffer, #readPos, #eCount, #fCount, #eList, #esLength) * - CElement(#buffer, #readPos + #esLength, #fCount, #fList, #eLength) -]] -[[ - CElements(#buffer, #readPos, #eCount + 1, #fCount, l+ (#eList, {{ #fList }}), #esLength + #eLength) -]] -[* - apply CElementNonEmptyPositiveLength(#buffer, #readPos + #esLength, #fCount, #fList, #eLength); - unfold CElements(#buffer, #readPos, #eCount, #fCount, #eList, #esLength); - if (0 < #eCount) then { - sep_assert (CElement(#buffer, #readPos, #fCount, #newElementFieldList, #newElementLength)) [bind: #newElementFieldList, #newElementLength]; - sep_assert (CElements(#buffer, (#readPos + #newElementLength), (#eCount - 1), #fCount, #remainingElementsList, #remainingElementsLength)) [bind: #remainingElementsList, #remainingElementsLength]; - apply CElementsAppend(#buffer, (#readPos + #newElementLength), (#eCount - 1), #fCount, #remainingElementsList, #remainingElementsLength, #fList, #eLength) - } - *] - -(* Appending the first field of a given incomplete element to a complete element on its left *) -lemma AppendFieldCI(buffer, readPos, fCount1, fList1, eLength1, fCount2, field, fList2, eLength2) -[[ - CElement(#buffer, #readPos, #fCount1, #fList1, #eLength1) * - IElement(#buffer, #readPos + #eLength1, #fCount2, l+({{ #field }}, #fList2), #eLength2) * - (#shift == 2 + l-len #field) -]] -[[ - CElement(#buffer, #readPos, #fCount1 + 1, l+ (#fList1, {{ #field }}), #eLength1 + #shift) * - IElement(#buffer, #readPos + #eLength1 + #shift, #fCount2 - 1, #fList2, #eLength2 - #shift) -]] -[* - unfold CElement(#buffer, #readPos, #fCount1, #fList1, #eLength1); - if (0 < #fCount1) then { - sep_assert (#fList1 == l+ ({{ #fl1 }}, #rfl1)) [bind: #fl1, #rfl1]; - sep_assert (CElement(#buffer, 2 + (l-len #fl1) + #readPos, #fCount1 - 1, #rfl1, #reL1)) [bind: #reL1]; - apply AppendFieldCI(#buffer, 2 + (l-len #fl1) + #readPos, #fCount1 - 1, #rfl1, #reL1, #fCount2, #field, #fList2, #eLength2) - } -*] - -(* Prepend an entire complete element to an incomplete element following it *) -lemma PrependCElementI(buffer, readPos, fCount1, fList1, eLength1, fCount2, fList2, eLength2) -[[ - CElement(#buffer, #readPos, #fCount1, #fList1, #eLength1) * - IElement(#buffer, #readPos + #eLength1, #fCount2, #fList2, #eLength2) -]] -[[ - IElement(#buffer, #readPos, #fCount1 + #fCount2, l+ (#fList1, #fList2), #eLength1 + #eLength2) -]] -[* - unfold CElement(#buffer, #readPos, #fCount1, #fList1, #eLength1); - if (0 < #fCount1) then { - sep_assert (#fList1 == l+ ({{ #fl1 }}, #rfl1)) [bind: #fl1, #rfl1]; - sep_assert (CElement(#buffer, 2 + (l-len #fl1) + #readPos, #fCount1 - 1, #rfl1, #reL1)) [bind: #reL1]; - apply PrependCElementI(#buffer, 2 + (l-len #fl1) + #readPos, #fCount1 - 1, #rfl1, #reL1, #fCount2, #fList2, #eLength2) - } -*] - -(* An entire complete element sequence can be prepended to a general element sequence *) -lemma PrependCElementsE(definition, buffer, readPos, eCount1, fCount, fList1, esLength1, eCount2, fList2, esLength2) -[[ - CElements(#buffer, #readPos, #eCount1, #fCount, #fList1, #esLength1) * - Elements(#definition, #buffer, #readPos + #esLength1, #eCount2, #fCount, #fList2, #esLength2) -]] -[[ - Elements(#definition, #buffer, #readPos, #eCount1 + #eCount2, #fCount, l+ (#fList1, #fList2), #esLength1 + #esLength2) -]] -[* - unfold CElements(#buffer, #readPos, #eCount1, #fCount, #fList1, #esLength1) - [bind: (#element := #fList) and (#eLength := #eLength) and (#restElements := #restElements) and (#restLength := #restESLength)] ; - if (0 < #eCount1) then { - apply PrependCElementsE(#definition, #buffer, #readPos + #eLength, #eCount1 - 1, #fCount, #restElements, #restESLength, #eCount2, #fList2, #esLength2); - unfold Elements(#definition, #buffer, (#eLength + #readPos), ((-1. + #eCount1) + #eCount2), #fCount, l+ (#restElements, #fList2), (#restESLength + #esLength2)); - if (definition = "Incomplete") then { - fold IElements(#buffer, #readPos, #eCount1 + #eCount2, #fCount, l+ (#fList1, #fList2), #esLength1 + #esLength2) - } - } -*] - -(* Every element of an element sequence has the same number of fields *) -lemma CElementsElementLength(buffer, readPos, eCount, fCount, eList, prefix, element, suffix) -[[ - CElements(#buffer, #readPos, #eCount, #fCount, #eList, #esLength) * - (#eList == l+ (#prefix, {{ #element }}, #suffix)) -]] -[[ - CElements(#buffer, #readPos, #eCount, #fCount, #eList, #esLength) * - (l-len #element == #fCount) -]] -[* - apply DestructList(#prefix); - unfold CElements(#buffer, #readPos, #eCount, #fCount, #eList, #esLength); - if (not (#prefix = {{ }})) then { - sep_assert (CElement(#buffer, #readPos, #fCount, #fList, #elementLength)) [bind: #elementLength]; - sep_assert (#prefix == #head :: #rest) [bind: #head, #rest]; - sep_assert (CElements(#buffer, (#readPos + #elementLength), (#eCount - 1), #fCount, l+ (#rest, {{#element}}, #suffix), #restESLength)) [bind: #restESLength]; - apply CElementsElementLength(#buffer, (#readPos + #elementLength), (#eCount - 1), #fCount, l+ (#rest, {{#element}}, #suffix), #rest, #element, #suffix) - } - *] - -(****************************** - ****************************** - ******* ******* - ******* Encryption ******* - ******* Context ******* - ******* ******* - ****************************** - ******************************) - -(* - The encryption context (EC) are serialised - as a sequence of two-field elements, and is meant - to be the only contents of the provided buffer - - buffer EC - |----------------| -*) - -(* Broken serialised encryption context *) -nounfold pred BRawEncryptionContext(errorMessage:Str, +buffer:List, ECKs:List) : - (* Not enough data provided *) - (2 <# l-len buffer) * - (#rawKC == l-sub (buffer, 0, 2)) * - rawToUInt16(#rawKC, false, #keyCount) * - (0 <# #keyCount) * (ECKs == {{ }}) * - Elements("Incomplete", buffer, 2, #keyCount, 2, #eList, #esLength) * - (errorMessage == "decodeEncryptionContext: Underflow, not enough data."), - - (* Too much data provided *) - (2 <# l-len buffer) * - (#rawKC == l-sub (buffer, 0, 2)) * - rawToUInt16(#rawKC, false, #keyCount) * - (0 <# #keyCount) * - Elements("Complete", buffer, 2, #keyCount, 2, ECKs, #ECKsLength) * - (! (#ECKsLength + 2 == l-len buffer)) * - (errorMessage == "decodeEncryptionContext: Overflow, too much data."), - - (* Duplicated key in context *) - (2 <# l-len buffer) * - (#rawKC == l-sub (buffer, 0, 2)) * - rawToUInt16(#rawKC, false, #keyCount) * - (0 <# #keyCount) * - Elements("Complete", buffer, 2, #keyCount, 2, ECKs, #ECKsLength) * - toUtf8PairMap(ECKs, #utf8ECKs) * FirstProj(ECKs, #ECKeys) * Duplicated({{ }}, #ECKeys) * - (2 + #ECKsLength == l-len buffer) * - (errorMessage == "decodeEncryptionContext: Duplicate encryption context key value."); - -(* General serialised encryption context *) -pred RawEncryptionContext(definition:Str, +buffer:List, ECKs:List, errorMessage:Str) : - (definition == "Complete") * CRawEncryptionContext(buffer, ECKs) * (errorMessage == ""), - (definition == "Broken") * BRawEncryptionContext(errorMessage, buffer, ECKs); - -(* Live decoded encryption context *) -pred LiveDecodedEncryptionContext(+dECObj : Obj, +ECKs : List) : - JSObjWithProto(dECObj, null) * - toUtf8PairMap(ECKs, #utf8ECKs) * - ObjectTable(dECObj, #utf8ECKs); - -(* Decoded encryption context *) -pred DecodedEncryptionContext(+dECObj : Obj, +ECKs : List) : - JSObjGeneral(dECObj, null, "Object", false) * - toUtf8PairMap(ECKs, #utf8ECKs) * - FrozenObjectTable(dECObj, #utf8ECKs); - - -(***************************** - ***************************** - ******* ******* - ******* Encrypted ******* - ******* Data Keys ******* - ******* ******* - ***************************** - *****************************) - - -(***** EDK objects *****) - -(* Prototype of EDK objects *) -pred EDKPrototype () : - JSObjGeneral($l_edk_proto, null, "Object", false) * - empty_fields($l_edk_proto : -{ }-); - -(* EDK objects *) -nounfold pred EncryptedDataKey(+EDK, pId:Str, pInfo:Str, encryptedDataKey:List, rawInfo:List) : - JSObjGeneral(EDK, $l_edk_proto, "Object", false) * - readOnlyProperty(EDK, "providerId", pId) * - readOnlyProperty(EDK, "providerInfo", pInfo) * - readOnlyProperty(EDK, "encryptedDataKey", #aEDK) * - Uint8Array(#aEDK, #abEDK, 0, #viewSizeEDK) * - ArrayBuffer(#abEDK, encryptedDataKey) * - (#viewSizeEDK == l-len encryptedDataKey) * - readOnlyProperty(EDK, "rawInfo", #aRInfo) * - Uint8Array(#aRInfo, #abRInfo, 0, #viewSizeRInfo) * - ArrayBuffer(#abRInfo, rawInfo) * - (#viewSizeRInfo == l-len rawInfo); - -(***** Arrays of deserialised EDKs *****) - -(* Live array of deserialised EDKs *) -pred ArrayOfDEDKsContents(+a:Obj, contents:List, +start:Num) : - (contents == {{ }}) * (contentsLength == 0), - - (#index == num_to_string start) * - DataProp(a, #index, #edk) * - EncryptedDataKey(#edk, #pId, #pInfo, #encryptedDataKey, #rawInfo) * - fromUtf8(#rawId, #pId) * fromUtf8(#pInfo, #rawInfo) * - (#element == {{ #rawId, #rawInfo, #encryptedDataKey }}) * - (contents == #element :: #rest) * - (#rest_start == start + 1) * - ArrayOfDEDKsContents(a, #rest, #rest_start); - -(* Frozen array of deserialised EDKs *) -pred FrozenArrayOfDEDKsContents(+a:Obj, contents:List, +start:Num) : - (contents == {{ }}) * (contentsLength == 0), - - (#index == num_to_string start) * - readOnlyProperty(a, #index, #edk) * - EncryptedDataKey(#edk, #pId, #pInfo, #encryptedDataKey, #rawInfo) * - fromUtf8(#rawId, #pId) * fromUtf8(#pInfo, #rawInfo) * - (#edk == {{ #rawId, #rawInfo, #encryptedDataKey }}) * - (contents == #edk :: #rest_contents) * - (#rest_start == start + 1) * - FrozenArrayOfDEDKsContents(a, #rest_contents, #rest_start); - -(***** Deserialised EDKs *****) - -(* EDKs are first deserialised into a live array *) -pred LiveDeserialisedEncryptedDataKeys (+a:Obj, EDKs:List) : - ArrayStructure(a, l-len EDKs) * - ArrayOfDEDKsContents(a, EDKs, 0); - -(* Deserialised EDKs are ultimately provided as a frozen array *) -pred DeserialisedEncryptedDataKeys (+a:Obj, contents:List) : - FrozenArrayStructure(a, l-len contents) * - FrozenArrayOfDEDKsContents(a, contents, 0); - -(************************************ - ************************************ - ******* ******* - ******* Axiomatic ******* - ******* UTF-8 Conversion ******* - ******* ******* - ************************************ - ************************************) - - -(* toUtf8 is injective *) -lemma toUtf8Injective(rawData1, utf8Data1, rawData2, utf8Data2) -[[ - toUtf8(#rawData1, #utf8Data1) * toUtf8(#rawData2, #utf8Data2) -]] -[[ - (#rawData1 == #rawData2) * (#utf8Data1 == #utf8Data2); - (! (#rawData1 == #rawData2)) * (! (#utf8Data1 == #utf8Data2)) -]] - -(* - fromUtf8(utf8Data, rawData) is an abstract predicate which - denotes that the raw bytes rawData are obtained by converting - the string utf8Data into bytes -*) -abstract pure pred fromUtf8(+utf8Data:Str, rawData:List); - -(* fromUtf8 is injective *) -lemma fromUtf8Injective(utf8Data1, rawData1, utf8Data2, rawData2) -[[ - fromUtf8(#utf8Data1, #rawData1) * fromUtf8(#utf8Data2, #rawData2) -]] -[[ - (#utf8Data1 == #utf8Data2) * (#rawData1 == #rawData2); - (! (#utf8Data1 == #utf8Data2)) * (! (#rawData1 == #rawData2)) -]] - -(* Invertibility of toUtf8 with respect to fromUtf8 *) -lemma toUtf8fromUtf8(rawData) -[[ - toUtf8(#rawData, #utf8Data) -]] -[[ - fromUtf8(#utf8Data, #rawData) -]] - -(* Invertibility of fromUtf8 with respect to toUtf8 *) -lemma fromUtf8toUtf8(utf8Data) -[[ - fromUtf8(#utf8Data, #rawData) -]] -[[ - toUtf8(#rawData, #utf8Data) -]] - -(* UTF-8 Mapping of lists *) -pure pred toUtf8Map(+data : List, utf8Data : List) : - (data == {{ }}) * (utf8Data == {{ }}), - - (data == #fst :: #rest) * - (toUtf8(#fst, #utf8Fst)) * - toUtf8Map(#rest, #utf8Rest) * - (utf8Data == #utf8Fst :: #utf8Rest); - -(* toUtf8PairMap is injective *) -lemma toUtf8MapInjective(rawData1, utf8Data1, rawData2, utf8Data2) -[[ - toUtf8Map(#rawData1, #utf8Data1) * toUtf8Map(#rawData2, #utf8Data2) -]] -[[ - (#rawData1 == #rawData2) * (#utf8Data1 == #utf8Data2); - (! (#rawData1 == #rawData2)) * (! (#utf8Data1 == #utf8Data2)) -]] -[* - unfold toUtf8Map(#rawData1, #utf8Data1); - unfold toUtf8Map(#rawData2, #utf8Data2); - if ((not (#rawData1 = {{ }})) and (not (#rawData2 = {{ }}))) then { - sep_assert ((#rawData1 == #rd1 :: #restd1) * (#rawData2 == #rd2 :: #restd2) * - (#utf8Data1 == #ut1 :: #restu1) * (#utf8Data2 == #ut2 :: #restu2)) - [bind: #rd1, #restd1, #rd2, #restd2, #ut1, #restu1, #ut2, #restu2]; - apply toUtf8Injective(#rd1, #ut1, #rd2, #ut2); - apply toUtf8MapInjective(#restd1, #restu1, #restd2, #restu2) - } - *] - -(* toUtf8PairMap is injective *) -lemma toUtf8PairMapInjective(rawData1, utf8Data1, rawData2, utf8Data2) -[[ - toUtf8PairMap(#rawData1, #utf8Data1) * toUtf8PairMap(#rawData2, #utf8Data2) -]] -[[ - (#rawData1 == #rawData2) * (#utf8Data1 == #utf8Data2); - (! (#rawData1 == #rawData2)) * (! (#utf8Data1 == #utf8Data2)) -]] -[* - unfold toUtf8PairMap(#rawData1, #utf8Data1); - unfold toUtf8PairMap(#rawData2, #utf8Data2); - if ((not (#rawData1 = {{ }})) and (not (#rawData2 = {{ }}))) then { - sep_assert ((#rawData1 == {{ #p1, #v1 }} :: #restd1) * (#rawData2 == {{ #p2, #v2 }} :: #restd2) * - (#utf8Data1 == {{ #up1, #uv1 }} :: #restu1) * (#utf8Data2 == {{ #up2, #uv2 }} :: #restu2)) - [bind: #p1, #v1, #restd1, #p2, #v2, #restd2, #up1, #uv1, #restu1, #up2, #uv2, #restu2]; - apply toUtf8Injective(#p1, #up1, #p2, #up2); - apply toUtf8Injective(#v1, #uv1, #v2, #uv2); - apply toUtf8PairMapInjective(#restd1, #restu1, #restd2, #restu2) - } - *] - -(* Appending a pair to a mapping of lists of pairs *) -lemma toUtf8PairMapAppendPair(data, utf8Data, prop, value) -[[ - toUtf8PairMap(#data, #utf8Data) * - toUtf8(#prop, #utf8Prop) * - toUtf8(#value, #utf8Value) -]] -[[ - toUtf8PairMap(l+ (#data, {{ {{ #prop, #value }} }}), l+ (#utf8Data, {{ {{ #utf8Prop, #utf8Value }} }})) -]] -[* - unfold toUtf8PairMap(#data, #utf8Data); - if (not (#data = {{ }})) then { - sep_assert (#data == l+ ({{{{ #fProp, #fValue }}}}, #restPVPairs)) [bind: #fProp, #fValue, #restPVPairs]; - sep_assert (toUtf8PairMap(#restPVPairs, #restUtf8Data)) [bind: #restUtf8Data]; - apply toUtf8PairMapAppendPair(#restPVPairs, #restUtf8Data, #prop, #value) - } -*] - -(***************************** - ***************************** - ******* ******* - ******* Algorithm ******* - ******* Suites ******* - ******* ******* - ***************************** - *****************************) - -(* The object that holds information about allowed algorithm suites *) -pred AlgorithmSuiteIdentifierObject(o) : - JSObject(o) * - DataProp(o, "20", "ALG_AES128_GCM_IV12_TAG16") * DataProp(o, "ALG_AES128_GCM_IV12_TAG16", 20) * - DataProp(o, "70", "ALG_AES192_GCM_IV12_TAG16") * DataProp(o, "ALG_AES192_GCM_IV12_TAG16", 70) * - empty_fields(o : -{ "20", "70", "ALG_AES128_GCM_IV12_TAG16", "ALG_AES192_GCM_IV12_TAG16" }-); - -(* - The object representing a given algorithm suite. - TODO: This object is more complex than presented here. - *) -pred AlgorithmSuiteObject(+aso: Obj, ivLength: Num, tagLength: Num) : - JSObject(aso) * - readOnlyProperty(aso, "ivLength", ivLength) * - readOnlyProperty(aso, "tagLength", tagLength); - -(*************************** - *************************** - ******* ******* - ******* Message ******* - ******* Header ******* - ******* ******* - *************************** - ***************************) - -(* Broken version and type *) -pred BVersionAndType(+version:Num, +type:Num, errorMessage:Str) : - (version == 65) * (type == 89) * (errorMessage == "Malformed Header: This blob may be base64 encoded."), - (! (version == 1) \/ ! (type == 128)) * (! (version == 65) \/ ! (type == 89)) * (errorMessage == "Malformed Header: Unsupported version and/or type."); - - (******** Serialised ******* - ******** Header *******) - -(* Serialised incomplete header *) -nounfold pred IHeader(+rawHeaderData, part_one, version, type, suiteId, messageId, ECLength, - part_two, ECKs, - part_three, EDKs, contentType, headerIvLength, frameLength, headerLength, headerIv, headerAuthTag) : - (* Not enough data to read first part *) - (l-len rawHeaderData <# 22) * - - (part_one == {{ }}) * (version == 0) * (type == 0) * (suiteId == 0) * (messageId == {{ }}) * (ECLength == 0) * - (part_two == {{ }}) * (ECKs == {{ }}) * - (part_three == {{ }}) * (EDKs == {{ }}) * (contentType == 0) * (headerIvLength == 0) * - (frameLength == 0) * (headerLength == 0) * (headerIv == {{ }}) * (headerAuthTag == {{ }}), - - (* Not enough data to read encryption context *) - (22 <=# l-len rawHeaderData) * - (rawHeaderData == l+ (part_one, part_two)) * - (l-len part_one == 22) * - (part_one == l+ ({{ version, type }}, #rawSuiteId, messageId, #rawContextLength)) * - (l-len #rawSuiteId == 2) * - (l-len messageId == 16) * - (l-len #rawContextLength == 2) * - CVersionAndType(version, type) * - rawToUInt16(#rawSuiteId, false, suiteId) * - CAlgorithmSuite(suiteId, #stringId, headerIvLength, #tagLength) * - rawToUInt16(#rawContextLength, false, ECLength) * - (l-len rawHeaderData <# 22 + ECLength) * - - (ECKs == {{ }}) * - (part_three == {{ }}) * (EDKs == {{ }}) * (contentType == 0) * - (frameLength == 0) * (headerLength == 0) * (headerIv == {{ }}) * (headerAuthTag == {{ }}), - - (* Not enough data to read the encrypted data keys *) - (22 <=# l-len rawHeaderData) * - (rawHeaderData == l+ (part_one, part_two)) * - (l-len part_one == 22) * - (part_one == l+ ({{ version, type }}, #rawSuiteId, messageId, #rawContextLength)) * - (l-len #rawSuiteId == 2) * - (l-len messageId == 16) * - (l-len #rawContextLength == 2) * - CVersionAndType(version, type) * - rawToUInt16(#rawSuiteId, false, suiteId) * - CAlgorithmSuite(suiteId, #stringId, headerIvLength, #tagLength) * - rawToUInt16(#rawContextLength, false, ECLength) * - (22 + ECLength <=# l-len rawHeaderData) * - - (part_two == l+ (#EC, part_three)) * - (l-len #EC == ECLength) * - CRawEncryptionContext(#EC, ECKs) * - - RawEncryptedDataKeys("Incomplete", rawHeaderData, 22 + ECLength, EDKs, _, errorMessage) * - (contentType == 0) * (frameLength == 0) * (headerLength == 0) * (headerIv == {{ }}) * (headerAuthTag == {{ }}), - - (* Not enough data to read the header IV and the authentication tag *) - (22 <=# l-len rawHeaderData) * - (rawHeaderData == l+ (part_one, part_two)) * - (l-len part_one == 22) * - (part_one == l+ ({{ version, type }}, #rawSuiteId, messageId, #rawContextLength)) * - (l-len #rawSuiteId == 2) * - (l-len messageId == 16) * - (l-len #rawContextLength == 2) * - CVersionAndType(version, type) * - rawToUInt16(#rawSuiteId, false, suiteId) * - CAlgorithmSuite(suiteId, #stringId, headerIvLength, #tagLength) * - rawToUInt16(#rawContextLength, false, ECLength) * - (22 + ECLength <=# l-len rawHeaderData) * - - (part_two == l+ (#EC, part_three)) * - (l-len #EC == ECLength) * - CRawEncryptionContext(#EC, ECKs) * - - (part_three == l+ (#edks, {{ contentType }}, {{ 0, 0, 0, 0 }}, {{ headerIvLength }}, #rawFrameLength, #rest)) * - RawEncryptedDataKeys("Complete", rawHeaderData, 22 + ECLength, EDKs, #EDKsLength, _) * - (#EDKsLength == l-len #edks) * - (l-len #rawFrameLength == 4) * - rawToUInt32(#rawFrameLength, false, frameLength) * - (headerLength == 22 + ECLength + #EDKsLength + 1 + 4 + 1 + 4) * - (l-len rawHeaderData <# headerLength + headerIvLength + (#tagLength / 8)) * - - (headerIv == {{ }}) * (headerAuthTag == {{ }}); - -(* Broken serialised header *) -nounfold pred BHeader(+rawHeaderData, part_one, version, type, suiteId, messageId, ECLength, - part_two, ECKs, - part_three, EDKs, contentType, headerIvLength, frameLength, headerLength, headerIv, headerAuthTag, errorMessage) : - (* Incorrect version and/or type *) - (22 <=# l-len rawHeaderData) * - (rawHeaderData == l+ ({{ version, type }}, #rest)) * - BVersionAndType(version, type, errorMessage) * - - (part_one == {{ }}) * - (suiteId == 0) * (messageId == {{ }}) * (ECLength == 0) * - (part_two == {{ }}) * (ECKs == {{ }}) * - (part_three == {{ }}) * (EDKs == {{ }}) * (contentType == 0) * (headerIvLength == 0) * - (frameLength == 0) * (headerLength == 0) * (headerIv == {{ }}) * (headerAuthTag == {{ }}), - - (* Unsupported algorithm suite *) - (22 <=# l-len rawHeaderData) * - (rawHeaderData == l+ ({{ version, type }}, #rawSuiteId, #rest)) * - (l-len #rawSuiteId == 2) * - CVersionAndType(version, type) * - rawToUInt16(#rawSuiteId, false, suiteId) * - BAlgorithmSuite(suiteId, errorMessage) * - - (part_one == {{ }}) * (messageId == {{ }}) * (ECLength == 0) * - (part_two == {{ }}) * (ECKs == {{ }}) * - (part_three == {{ }}) * (EDKs == {{ }}) * (contentType == 0) * (headerIvLength == 0) * - (frameLength == 0) * (headerLength == 0) * (headerIv == {{ }}) * (headerAuthTag == {{ }}), - - (* Broken encryption context *) - (22 <=# l-len rawHeaderData) * - (rawHeaderData == l+ (part_one, part_two)) * - (l-len part_one == 22) * - (part_one == l+ ({{ version, type }}, #rawSuiteId, messageId, #rawContextLength)) * - (l-len #rawSuiteId == 2) * - (l-len messageId == 16) * - (l-len #rawContextLength == 2) * - CVersionAndType(version, type) * - rawToUInt16(#rawSuiteId, false, suiteId) * - CAlgorithmSuite(suiteId, #stringId, headerIvLength, #tagLength) * - rawToUInt16(#rawContextLength, false, ECLength) * - (22 + ECLength <=# l-len rawHeaderData) * - - (part_two == l+ (#EC, part_three)) * - (l-len #EC == ECLength) * - BRawEncryptionContext(errorMessage, #EC, ECKs) * - - (EDKs == {{ }}) * (contentType == 0) * (frameLength == 0) * - (headerLength == 0) * (headerIv == {{ }}) * (headerAuthTag == {{ }}), - - (* Broken encrypted data keys *) - (22 <=# l-len rawHeaderData) * - (rawHeaderData == l+ (part_one, part_two)) * - (l-len part_one == 22) * - (part_one == l+ ({{ version, type }}, #rawSuiteId, messageId, #rawContextLength)) * - (l-len #rawSuiteId == 2) * - (l-len messageId == 16) * - (l-len #rawContextLength == 2) * - CVersionAndType(version, type) * - rawToUInt16(#rawSuiteId, false, suiteId) * - CAlgorithmSuite(suiteId, #stringId, headerIvLength, #tagLength) * - rawToUInt16(#rawContextLength, false, ECLength) * - (22 + ECLength <=# l-len rawHeaderData) * - - (part_two == l+ (#EC, part_three)) * - (l-len #EC == ECLength) * - CRawEncryptionContext(#EC, ECKs) * - RawEncryptedDataKeys("Broken", rawHeaderData, 22 + ECLength, _, _, errorMessage) * - - (EDKs == {{ }}) * (contentType == 0) * (frameLength == 0) * - (headerLength == 0) * (headerIv == {{ }}) * (headerAuthTag == {{ }}), - - (* Incorrect reserved bytes *) - (22 <=# l-len rawHeaderData) * - (rawHeaderData == l+ (part_one, part_two)) * - (l-len part_one == 22) * - (part_one == l+ ({{ version, type }}, #rawSuiteId, messageId, #rawContextLength)) * - (l-len #rawSuiteId == 2) * - (l-len messageId == 16) * - (l-len #rawContextLength == 2) * - CVersionAndType(version, type) * - rawToUInt16(#rawSuiteId, false, suiteId) * - CAlgorithmSuite(suiteId, #stringId, headerIvLength, #tagLength) * - rawToUInt16(#rawContextLength, false, ECLength) * - (22 + ECLength <=# l-len rawHeaderData) * - - (part_two == l+ (#EC, part_three)) * - (l-len #EC == ECLength) * - CRawEncryptionContext(#EC, ECKs) * - (part_three == l+ (#edks, {{ contentType }}, #rawReservedBytes, #rest)) * - RawEncryptedDataKeys("Complete", rawHeaderData, 22 + ECLength, EDKs, #EDKsLength, _) * - (#EDKsLength == l-len #edks) * - (l-len #rawReservedBytes == 4) * - rawToUInt32(#rawReservedBytes, false, #reservedBytes) * - (! (#reservedBytes == 0)) * - (headerLength == 22 + ECLength + #EDKsLength + 1 + 4 + 1 + 4) * - (headerLength + headerIvLength + (#tagLength / 8) <=# l-len rawHeaderData) * - - (errorMessage == "Malformed Header: Reserved bytes not equal to zero.") * - (frameLength == 0) * (headerIv == {{ }}) * (headerAuthTag == {{ }}), - - (* IV length mismatch *) - (22 <=# l-len rawHeaderData) * - (rawHeaderData == l+ (part_one, part_two)) * - (l-len part_one == 22) * - (part_one == l+ ({{ version, type }}, #rawSuiteId, messageId, #rawContextLength)) * - (l-len #rawSuiteId == 2) * - (l-len messageId == 16) * - (l-len #rawContextLength == 2) * - CVersionAndType(version, type) * - rawToUInt16(#rawSuiteId, false, suiteId) * - CAlgorithmSuite(suiteId, #stringId, #ivLength, #tagLength) * - rawToUInt16(#rawContextLength, false, ECLength) * - (22 + ECLength <=# l-len rawHeaderData) * - - (part_two == l+ (#EC, part_three)) * - (l-len #EC == ECLength) * - CRawEncryptionContext(#EC, ECKs) * - (part_three == l+ (#edks, {{ contentType }}, {{ 0, 0, 0, 0 }}, {{ headerIvLength }}, #rest)) * - RawEncryptedDataKeys("Complete", rawHeaderData, 22 + ECLength, EDKs, #EDKsLength, _) * - (#EDKsLength == l-len #edks) * - (headerLength == 22 + ECLength + #EDKsLength + 1 + 4 + 1 + 4) * - (headerLength + #ivLength + (#tagLength / 8) <=# l-len rawHeaderData) * - (! (headerIvLength == #ivLength)) * - - (errorMessage == "Malformed Header: Mismatch between expected and obtained IV length.") * - (frameLength == 0) * (headerIv == {{ }}) * (headerAuthTag == {{ }}); - -(* General serialised header *) -nounfold pred Header(definition, +rawHeaderData, part_one, version, type, suiteId, messageId, ECLength, part_two, ECKs, part_three, EDKs, contentType, headerIvLength, frameLength, headerLength, headerIv, headerAuthTag, errorMessage) : - (* Complete header *) - (definition == "Complete") * - CHeader(rawHeaderData, part_one, version, type, suiteId, messageId, ECLength, part_two, ECKs, part_three, EDKs, contentType, headerIvLength, frameLength, headerLength, headerIv, headerAuthTag) * - (errorMessage == ""), - - (* Incomplete header *) - (definition == "Incomplete") * - IHeader(rawHeaderData, part_one, version, type, suiteId, messageId, ECLength, part_two, ECKs, part_three, EDKs, contentType, headerIvLength, frameLength, headerLength, headerIv, headerAuthTag) * - (errorMessage == ""), - - (* Broken header *) - (definition == "Broken") * - BHeader(rawHeaderData, part_one, version, type, suiteId, messageId, ECLength, part_two, ECKs, part_three, EDKs, contentType, headerIvLength, frameLength, headerLength, headerIv, headerAuthTag, errorMessage); - - (******** Deserialised ******* - ******** Header *******) - -(* Deserialised main part of the message header *) -nounfold pred MessageHeader(+messageHeader, version, type, suiteId, messageId, +ECKs, EDKs, contentType, headerIvLength, frameLength) : - JSObject(messageHeader) * - DataProp(messageHeader, "version", version) * - DataProp(messageHeader, "type", type) * - DataProp(messageHeader, "suiteId", suiteId) * - DataProp(messageHeader, "messageId", #ui8aMessageId) * - Uint8Array(#ui8aMessageId, #abMessageId, 0, 16) * - ArrayBuffer(#abMessageId, messageId) * - DataProp(messageHeader, "encryptionContext", #dECObj) * - DecodedEncryptionContext(#dECObj, ECKs) * - DataProp(messageHeader, "encryptedDataKeys", #dEDKs) * - DeserialisedEncryptedDataKeys(#dEDKs, EDKs) * - DataProp(messageHeader, "contentType", contentType) * - DataProp(messageHeader, "headerIvLength", headerIvLength) * - DataProp(messageHeader, "frameLength", frameLength); - -(* Entire deserialised header *) -nounfold pred HeaderInfo(+headerInfo, version, type, suiteId, messageId, +ECKs, EDKs, contentType, headerIvLength, - frameLength, headerLength, rawHeaderData, headerIv, headerAuthTag) : - JSObject(headerInfo) * - DataProp(headerInfo, "messageHeader", #messageHeader) * - MessageHeader(#messageHeader, version, type, suiteId, messageId, ECKs, EDKs, contentType, headerIvLength, frameLength) * - DataProp(headerInfo, "headerLength", headerLength) * - DataProp(headerInfo, "algorithmSuite", #algoSuiteObject) * - AlgorithmSuiteObject(#algoSuiteObject, headerIvLength, #tagLength) * - DataProp(headerInfo, "rawHeader", #rawHeader) * - Uint8Array(#rawHeader, #rawBuffer, 0, headerLength) * - ArrayBuffer(#rawBuffer, rawHeaderData) * - DataProp(headerInfo, "headerIv", #ui8aHeaderIv) * - Uint8Array(#ui8aHeaderIv, #abHeaderIv, 0, headerIvLength) * - ArrayBuffer(#abHeaderIv, headerIv) * - DataProp(headerInfo, "headerAuthTag", #ui8aHeaderAuthTag) * - Uint8Array(#ui8aHeaderAuthTag, #abHeaderAuthTag, 0, #tagLength / 8) * - ArrayBuffer(#abHeaderAuthTag, headerAuthTag); - -(***************************** - ***************************** - ******* ******* - ******* Integer ******* - ******* Reasoning ******* - ******* ******* - ***************************** - *****************************) - -(* For integers a and b, if a < b, then a + 1 <= b *) -lemma IntegerLtPlusOneLe(a, b) -[[ - (#a <# #b) -]] -[[ - (#a + 1 <=# #b) -]] - -(***************************** - ***************************** - ******* ******* - ******* List ******* - ******* Reasoning ******* - ******* ******* - ***************************** - *****************************) - -(* Destruct on the structure of a list *) -lemma DestructList(lst) -[[ - types(#lst: List) -]] -[[ - (#lst == {{ }}); - (#lst == #hd :: #tl) -]] -(* TODO: PROOF *) - -(***************************************** - ***************************************** - ******* ******* - ******* List first projection ******* - ******* ******* - ***************************************** - *****************************************) - -(* FirstProj is a function *) -lemma FirstProjFunction(lst1, proj1, lst2, proj2) -[[ - FirstProj(#lst1, #proj1) * FirstProj(#lst2, #proj2) * (#lst1 == #lst2) -]] -[[ - (#proj1 == #proj2) -]] -[* - unfold FirstProj(#lst1, #proj1) [bind: (#fst := #fst1) and (#rest := #rest1) and (#fProjRest := #fProjRest1)]; - if (not (#lst1 = {{ }})) then { - unfold FirstProj(#lst2, #proj2) [bind: (#fst := #fst2) and (#rest := #rest2) and (#fProjRest := #fProjRest2)]; - apply FirstProjFunction(#rest1, #fProjRest1, #rest2, #fProjRest2) - } - *] - -(* Adding a pair to a first projection *) -lemma FirstProjAppendPair(lst, fProj, prop, value) -[[ - FirstProj(#lst, #fProj) -]] -[[ - FirstProj(l+ (#lst, {{ {{ #prop, #value }} }}), l+ (#fProj, {{ #prop }})) -]] -[* - unfold FirstProj(#lst, #fProj); - if (not (#lst = {{ }})) then { - sep_assert (#lst == l+ ({{{{ #fProp, #fValue }}}}, #restPVPairs)) [bind: #fProp, #fValue, #restPVPairs]; - sep_assert (FirstProj(#restPVPairs, #restProj)) [bind: #restProj]; - apply FirstProjAppendPair(#restPVPairs, #restProj, #prop, #value) - } -*] - -(* First projection goes through concatenation *) -lemma FirstProjConcatSplit(PVPairs, prefix, suffix) -[[ - (#PVPairs == l+ (#prefix, #suffix)) * FirstProj(#PVPairs, #props) * - FirstProj(#prefix, #preProps) * FirstProj(#suffix, #sufProps) -]] -[[ - (#props == l+ (#preProps, #sufProps)) -]] -[* - apply DestructList(#prefix); - unfold FirstProj(#prefix, #preProps); - if (#prefix = {{ }}) then { - apply FirstProjFunction(#PVPairs, #props, #suffix, #sufProps) - } else { - sep_assert (#prefix == {{ #prop, #value }} :: #restPrefix) [bind: #restPrefix]; - unfold FirstProj(#PVPairs, #props); unfold FirstProj(#prefix, #preProps); - apply FirstProjConcatSplit(l+(#restPrefix, #suffix), #restPrefix, #suffix) - } -*] - -(* Compatibility of first projection and toUtf8 *) -lemma FirstProjToUtf8MapPairCompat(PVPairs) -[[ - FirstProj(#PVPairs, #props) * - toUtf8PairMap(#PVPairs, #utf8PVPairs) * - FirstProj(#utf8PVPairs, #utf8Props) -]] -[[ - toUtf8Map(#props, #utf8Props) -]] -[* - unfold FirstProj(#PVPairs, #props); - unfold toUtf8PairMap(#PVPairs, #utf8PVPairs); - unfold FirstProj(#utf8PVPairs, #utf8Props); - if (not (#PVPairs = {{ }})) then { - sep_assert ((#PVPairs == l+ ({{ {{ _, _}} }}, #restPVPairs))) [bind: #restPVPairs]; - apply FirstProjToUtf8MapPairCompat(#restPVPairs) - } - *] - -(****************************************** - ****************************************** - ******* ******* - ******* List to Set conversion ******* - ******* ******* - ****************************************** - ******************************************) - -(* ListToSet is a function *) -lemma ListToSetFunction(lst1, set1, lst2, set2) -[[ - ListToSet(#lst1, #set1) * ListToSet(#lst2, #set2) * (#lst1 == #lst2) -]] -[[ - (#set1 == #set2) -]] -[* - unfold ListToSet(#lst1, #set1) [bind: (#e := #h1) and (#restLst := #t1) and (#restSet := #restSet1)]; - if (not (#lst1 = {{ }})) then { - unfold ListToSet(#lst2, #set2) [bind: (#e := #h2) and (#restLst := #t2) and (#restSet := #restSet2)]; - apply ListToSetFunction(#t1, #restSet1, #t2, #restSet2) - } - *] - -(* ListToSet concat-union compatibility *) -lemma ListToSetUnion(lst1, lst2) -[[ - ListToSet(#lst1, #set1) * ListToSet(#lst2, #set2) * ListToSet(l+ (#lst1, #lst2), #uset) -]] -[[ - (#uset == -u- (#set1, #set2)) -]] -[* - sep_assert (#x == l+ (#lst1, #lst2)) [bind: #x]; - unfold ListToSet(#lst1, #set1) [bind: (#e := #h1) and (#restLst := #rest1) and (#restSet := #restSet1)]; - if (#lst1 = {{ }}) then { - apply ListToSetFunction(#lst2, #set2, #x, #uset) - } else { - unfold ListToSet(l+ (#lst1, #lst2), #uset); - apply ListToSetUnion(#rest1, #lst2) - } - *] - -(* Any list can be converted to a set *) -lemma ProduceListToSet(lst) -[[ - types(lst: List) -]] -[[ - ListToSet(#lst, #set) -]] -[* - apply DestructList(#lst); - if (not (#lst = {{ }})) then { - sep_assert (#lst == #head :: #rest) [bind: #head, #rest]; - apply ProduceListToSet(#rest) - } - *] - -(* Adding an element in list-to-set conversion *) -lemma ListToSetAddElement(lst, set, element) -[[ - ListToSet(#lst, #set) -]] -[[ - ListToSet(l+ (#lst, {{ #element }}), -u- (#set, -{ #element }-)) -]] -[* - unfold ListToSet(#lst, #element); - if (not (#lst = {{ }})) then { - sep_assert (#lst == l+ ({{ #fProp }}, #restLst)) [bind: #fProp, #restLst]; - sep_assert (ListToSet(#restLst, #restSet)) [bind: #restSet]; - apply ListToSetAddElement(#restLst, #restSet, #element) - } -*] - -(* A head of a list is always in the corresponding set *) -lemma HeadInSet(lst) -[[ - (#lst == #hd :: #tl) * - ListToSet(#lst, #set) -]] -[[ - (#hd --e-- #set) -]] -[* *] - -(* toUtf8 mapping and list membership, positive *) -lemma InListToUtf8(prop, props) -[[ - ListToSet(#props, #propsSet) * - (#prop --e-- #propsSet) * - toUtf8(#prop, #utf8Prop) * - toUtf8Map(#props, #utf8Props) * - ListToSet(#utf8Props, #utf8PropsSet) -]] -[[ - (#utf8Prop --e-- #utf8PropsSet) -]] -[* - unfold ListToSet(#props, #propsSet); - if (not (#props = {{ }})) then { - sep_assert (#props == #fstProp :: #rest) [bind: #rest]; - unfold toUtf8Map(#props, #utf8Props); - sep_assert (toUtf8(#fstProp, #utf8FstProp)) [bind: #utf8FstProp]; - sep_assert (#utf8Props == #utf8FstProp :: #restUtf8) [bind: #restUtf8]; - unfold ListToSet(#utf8Props, #utf8PropsSet); - if (#prop = #fstProp) then { - apply toUtf8Injective(#prop, #utf8Prop, #fstProp, #utf8FstProp) - } else { - apply toUtf8Injective(#prop, #utf8Prop, #fstProp, #utf8FstProp); - apply InListToUtf8(#prop, #rest) - } - } - *] - -(* toUtf8 mapping and list membership, negative *) -lemma NotInListToUtf8(prop, props) -[[ - ListToSet(#props, #propsSet) * - (! (#prop --e-- #propsSet)) * - toUtf8(#prop, #utf8Prop) * - toUtf8Map(#props, #utf8Props) * - ListToSet(#utf8Props, #utf8PropsSet) -]] -[[ - (! (#utf8Prop --e-- #utf8PropsSet)) -]] -[* - unfold ListToSet(#props, #propsSet); - unfold toUtf8Map(#props, #utf8Props); - unfold ListToSet(#utf8Props, #utf8PropsSet); - - if (not (#props = {{ }})) then { - sep_assert (#props == #fstProp :: #rest) [bind: #rest]; - sep_assert (toUtf8(#fstProp, #utf8FstProp)) [bind: #utf8FstProp]; - apply toUtf8Injective(#prop, #utf8Prop, #fstProp, #utf8FstProp); - apply NotInListToUtf8(#prop, #rest) - } - *] - -(******************************** - ******************************** - ******* ******* - ******* Unique lists ******* - ******* ******* - ******************************** - ********************************) - - -(* In a unique list split into a left and a right sublist, - no element from the right is on the left *) -lemma UniqueConcatSplitNotInSuffix(props, prefix, suffix, prop) -[[ - (#props == l+ (#prefix, #suffix)) * Unique(#props) * - ListToSet(#prefix, #setPrefix) * ListToSet(#suffix, #setSuffix) * - (#prop --e-- #setSuffix) -]] -[[ - (! (#prop --e-- #setPrefix)) -]] -[* - apply DestructList(#prefix); - if (not (#prefix = {{ }})) then { - sep_assert (#prefix == #firstProp :: #restPrefix) [bind: #firstProp, #restPrefix]; - unfold Unique(#props); unfold ListToSet(#prefix, #setPrefix); - apply UniqueConcatSplitNotInSuffix(l+ (#restPrefix, #suffix), #restPrefix, #suffix, #prop); - branch(#firstProp == #prop); - if (#firstProp = #prop) then { - apply ListToSetUnion(#restPrefix, #suffix) - } - } else { - unfold ListToSet(#prefix, #setPrefix) - } -*] - -(* Appending an element to a unique list *) -lemma UniqueAppendElement(lst, element) -[[ - Unique(#lst) * ListToSet(#lst, #set) * - (! (#element --e-- #set)) -]] -[[ - Unique(l+ (#lst, {{ #element }})) -]] -[* - unfold Unique(#lst) [bind: (#fst := #fst) and (#rest := #rest) and (#setRest := #setRest1)]; - if (not (#lst = {{ }})) then { - unfold ListToSet(#lst, #set) [bind: (#restSet := #setRest2)]; - apply ListToSetFunction(#rest, #setRest1, #rest, #setRest2); - apply UniqueAppendElement(#rest, #element); - apply ListToSetAddElement(#rest, #setRest2, #element) - } - *] - -(************************************ - ************************************ - ******* ******* - ******* Duplicated lists ******* - ******* ******* - ************************************ - ************************************) - -(* Lists with duplicates *) -pure pred Duplicated(+prefix:List, +suffix:List) : - (* Either the head is duplicated *) - (suffix == #fst :: #rest) * - ListToSet(prefix, #preSet) * - (#fst --e-- #preSet), - - (* Or the duplication is in the tail *) - (suffix == #fst :: #rest) * - ListToSet(prefix, #preSet) * - (! (#fst --e-- #preSet)) * - Duplicated(l+ (prefix, {{ #fst }}), #rest); - -(************************************* - ************************************* - ******* ******* - ******* Objects-as-Tables ******* - ******* ******* - ************************************* - *************************************) - -(* Object properties as a table *) -pred ObjectTableStructure(+l:Obj, +PVPairs:List) : - (* Base case - no properties left *) - (PVPairs == {{ }}), - - (* Recursive case - one property and the rest *) - (PVPairs == {{ #prop, #value }} :: #restPVPairs) * - DataProp(l, #prop, #value) * types(#value : Str) * - ObjectTableStructure(l, #restPVPairs); - -(* Complete Object-as-Table predicate *) -nounfold pred ObjectTable(+l:Obj, +PVPairs:List) : - ObjectTableStructure(l, PVPairs) * - FirstProj(PVPairs, #pList) * - ListToSet(#pList, #pSet) * - empty_fields(l : #pSet); - -(* Object-as-Table absent property *) -lemma ObjectTableAbsentProperty(l, PVPairs, prop) -[[ - ObjectTableStructure(#l, #PVPairs) * - FirstProj(#PVPairs, #pList) * - ListToSet(#pList, #pSet) * - empty_fields(l : #pSet) * - (! (#prop --e-- #pSet)) -]] -[[ - ObjectTableStructure(#l, #PVPairs) * - ((#l, #prop) -> none) * - empty_fields(#l : -u- (#pSet, -{ #prop }-)) -]] -[* *] - -(* Removing a property from a list of prop-value pairs *) -pred RemoveProp(+PVPairs : List, +prop : Str, found : Bool, value : Str, newPairs : List) : - (PVPairs == {{ }}) * (found == false) * (value == "") * (newPairs == {{ }}), - - (PVPairs == {{ prop, value }} :: newPairs) * (found == true), - - (PVPairs == {{ #fstProp, #fstValue }} :: #restPVPairs) * - (! (#fstProp == prop)) * RemoveProp(#restPVPairs, prop, false, value, newPairs) * - (found == false), - - (PVPairs == {{ #fstProp, #fstValue }} :: #restPVPairs) * - (! (#fstProp == prop)) * RemoveProp(#restPVPairs, prop, true, value, #restNewPairs) * - (found == true) * (newPairs == {{ #fstProp, #fstValue }} :: #restNewPairs); - -(* Object-as-Table present property *) -lemma ObjectTablePresentProperty(l, PVPairs, prop) -[[ - ObjectTableStructure(#l, #PVPairs) * - FirstProj(#PVPairs, #pList) * - ListToSet(#pList, #pSet) * - (#prop --e-- #pSet) -]] -[[ - RemoveProp(#PVPairs, #prop, true, #value, #newPairs) * - ObjectTableStructure(#l, #newPairs) * - DataProp(#l, #prop, #value) * types(#value : Str) -]] -[* - unfold ObjectTableStructure(#l, #PVPairs); - if (#PVPairs = {{ }}) then { - unfold FirstProj(#PVPairs, #pList); - unfold ListToSet(#pList, #pSet) - } else { - sep_assert (#PVPairs == l+ ({{{{ #fProp, #fValue }}}}, #restPVPairs)) [bind: #fProp, #fValue, #restPVPairs]; - sep_assert (ObjectTableStructure(#l, #restPVPairs)); - if (not (#fProp = #prop)) then { - unfold FirstProj(#PVPairs, #pList); - unfold ListToSet(#pList, #pSet); - apply ObjectTablePresentProperty(#l, #restPVPairs, #prop) - } - } - *] - -(* Appending property to Object-as-Table structure from the right *) -lemma ObjectTableStructureAppendPVPair(l, PVPairs, prop, value) -[[ - ObjectTableStructure(#l, #PVPairs) * - FirstProj(#PVPairs, #pList) * - ListToSet(#pList, #pSet) * - (! (#prop --e-- #pSet)) * - DataProp(#l, #prop, #value) * types(#value : Str) -]] -[[ - ObjectTableStructure(#l, l+ (#PVPairs, {{ {{ #prop, #value }} }})) -]] -[* - unfold ObjectTableStructure(#l, #PVPairs); - if (not (#PVPairs = {{ }})) then { - sep_assert (#PVPairs == l+ ({{{{ #fProp, #fValue }}}}, #restPVPairs)) [bind: #fProp, #fValue, #restPVPairs]; - sep_assert (ObjectTableStructure(#l, #restPVPairs)); - unfold FirstProj(#PVPairs, #pList); - unfold ListToSet(#pList, #pSet); - apply ObjectTableStructureAppendPVPair(#l, #restPVPairs, #prop, #value); - sep_assert(True) - } - *] - -(* Appending property to Object-as-Table from the right *) -lemma ObjectTableAppendPVPair(l, PVPairs, prop, value) -[[ - ObjectTableStructure(#l, #PVPairs) * - FirstProj(#PVPairs, #pList) * - ListToSet(#pList, #pSet) * - (! (#prop --e-- #pSet)) * - DataProp(#l, #prop, #value) * types(#value : Str) * - empty_fields(l : -u- (#pSet, -{ #prop }-)) -]] -[[ - ObjectTable(#l, l+ (#PVPairs, {{ {{ #prop, #value }} }})) -]] -[* - apply FirstProjAppendPair(#PVPairs, #pList, #prop, #value); - apply ListToSetAddElement(#pList, #pSet, #prop); - apply ObjectTableStructureAppendPVPair(#l, #PVPairs, #prop, #value) - *] - -(* Frozen object properties *) -pred FrozenObjectTableStructure(+l:Obj, +PVPairs:List) : - (* Base case - no properties left *) - (PVPairs == {{ }}), - - (* Recursive case - one property and the rest *) - (PVPairs == {{ #prop, #value }} :: #restPVPairs) * - DataPropConst(l, #prop, #value, true) * - FrozenObjectTableStructure(l, #restPVPairs); - -(* Frozen Object-as-Table predicate *) -nounfold pred FrozenObjectTable(+l:Obj, +PVPairs:List) : - FrozenObjectTableStructure(l, PVPairs) * - FirstProj(PVPairs, #pList) * - ListToSet(#pList, #pSet) * - empty_fields(l : #pSet); - -(****************************** - ****************************** - ******* ******* - ******* Additional ******* - ******* Internal/ ******* - ******* Built-in ******* - ******* Functions ******* - ******* ******* - ****************************** - ******************************) - -(* *** Array.prototype.map *** *) -axiomatic incomplete spec AP_map (xsc, vthis, cfun) -(* Mapping EDKs into the resulting decoded EDK array *) -[[ - (vthis == #vthis) * (cfun == #cfun) * - JSFunctionObject(#cfun, "aux_deserializeEncryptedDataKey", #a_sc, #a_len, #a_proto) * - ArrayOfArraysOfUInt8Arrays(#vthis, #EDKs) -]] -[[ - JSFunctionObject(#cfun, "aux_deserializeEncryptedDataKey", #a_sc, #a_len, #a_proto) * - ArrayOfArraysOfUInt8Arrays(#vthis, #EDKs) * - types(ret : Obj) * LiveDeserialisedEncryptedDataKeys(ret, #EDKs) -]] -normal - -(* *** Object.freeze *** *) -axiomatic spec Object_freeze(xsc, vthis, l) -(* Freezing an array of deserialised EDKs *) - -[[ - (l == #l) * LiveDeserialisedEncryptedDataKeys(#l, #EDKs) -]] -[[ - DeserialisedEncryptedDataKeys(#l, #EDKs) * (ret == #l) -]] -normal; - -(* Freezing an Object-as-Table *) - -[[ - (l == #l) * - JSObjGeneral(#l, #proto, #class, #ext) * - ObjectTable(#l, #PVPairs) -]] -[[ - JSObjGeneral(#l, #proto, #class, false) * - FrozenObjectTable(#l, #PVPairs) -]] -normal - -(* *** Conversion to an integer *** *) -proc i__toInteger (v) { - ret := "i__toNumber" (v) with elab; - ret := num_to_int (ret); - - rlab: return; - elab: throw -}; - -(* *** Conversion to a 32-bit integer *** *) -proc i__toUint32 (v) { - ret := "i__toNumber" (v) with elab; - ret := num_to_uint32 (ret); - - rlab: return; - elab: throw -}; - -(* *** Conversion to an array length *** *) -proc i__toLength (v) { - - ret := "i__toInteger"(v) with elab; - goto [ret <= 0] rlab nzero; - - nzero: goto [ret <= 9007199254740991] min rlab; - min: return; - - - rlab: PHI(ret: 0, 9007199254740991); - return; - - elab: throw -}; - -(* *** Is a string an array index *** *) -proc a__isIdx (s) { - ret := "i__toUint32" (s) with elab; - ret := "i__toString" (ret) with elab; - - goto [ret = s] check ret_f; - - check: ret := not (ret = "4294967295"); - goto rlab; - - ret_f: ret := false; - - rlab: return; - elab: throw -}; - -(* *** Array defineOwnProperty *** *) -proc a__defineOwnProperty (l, prop, desc, thrw) { - - oldLenDesc := "getOwnProperty" (l, "length"); - oldLen := l-nth (oldLenDesc, 1); - ret := "i__toUint32" (oldLen) with elab; - oldLenNum := ret; - - goto [prop = "length"] getall is_idx; - - is_idx: idxp := "a__isIdx" (prop); - goto [idxp] idx norm; - - idx: index := "i__toUint32" (prop); - index := index; - oldLen := oldLen; - ret := l-nth (oldLenDesc, 2); - goto [(not (index < oldLenNum)) and (not (l-nth (oldLenDesc, 2)))] reject idop; - idop: ret := "o__defineOwnProperty" (l, prop, desc, false) with elab; - goto [ret = false] reject ilen; - ilen: goto [not (index < oldLenNum)] setl rlab; - setl: ret := "o__defineOwnProperty" (l, "length", {{ "d", (index + 1), l-nth (oldLenDesc, 2), l-nth (oldLenDesc, 3), l-nth (oldLenDesc, 4) }}, false); - goto rlab; - - norm: ret := "o__defineOwnProperty" (l, prop, desc, thrw) with elab; - goto rlab; - - getall: goto [l-nth (desc, 0) = "d"] ddd odd; - - (* Data *) - ddd: de := l-nth (desc, 3); - dc := l-nth (desc, 4); - dv := l-nth (desc, 1); - dw := l-nth (desc, 2); - dg := empty; - ds := empty; - goto sla; - - odd: goto [l-nth (desc, 0) = "a"] add gdd; - - (* Accessor *) - add: de := l-nth (desc, 3); - dc := l-nth (desc, 4); - dv := empty; - dw := empty; - dg := l-nth (desc, 1); - ds := l-nth (desc, 2); - goto sla; - - (* Generic *) - gdd: de := l-nth (desc, 1); - dc := l-nth (desc, 2); - dv := l-nth (desc, 3); - dw := l-nth (desc, 4); - dg := l-nth (desc, 5); - ds := l-nth (desc, 6); - - sla: goto [dv = empty] slai slb; - - slai: ret := "o__defineOwnProperty" (l, "length", desc, thrw) with elab; - goto rlab; - - slb: ret := "i__toUint32" (dv) with elab; - newLen := ret; - ret := "i__toNumber" (dv) with elab; - goto [not (newLen = ret)] rgerr sle; - - sle: dv := newLen; - goto [not (newLen < oldLenNum)] slfi slg; - - slfi: ret := "o__defineOwnProperty" (l, "length", {{ "g", de, dc, dv, dw, dg, ds }}, thrw) with elab; - goto rlab; - - slg: goto [l-nth (oldLenDesc, 2) = false] reject slh; - - slh: goto [dw = false] sli slh1; - - slh1: newWritable := true; - goto slj; - - sli: newWritable := false; - dw := true; - - slj: ret := "o__defineOwnProperty" (l, "length", {{ "g", de, dc, dv, dw, dg, ds }}, thrw) with elab; - goto [ret = false] tf loop; - - loop: goto [newLen < oldLen] head slm; - head: oldLen := oldLen - 1; - ret := "i__toString" (oldLen) with elab; - ret := "deleteProperty" (l, ret, false) with elab; - goto [ret = false] fix next; - - fix: dv := oldLen + 1; - goto [newWritable = false] setwr defl; - setwr: dw := false; - defl: ret := "o__defineOwnProperty" (l, "length", {{ "g", de, dc, dv, dw, dg, ds }}, thrw) with elab; - goto reject; - - next: goto loop; - - slm: goto [newWritable = false] slmi sln; - - slmi: ret := "o__defineOwnProperty" (l, "length", {{ "g", empty, empty, empty, false, empty, empty }}, false) with elab; - - sln: ret := true; - rlab: return; - - rgerr: ret := "RangeError" (); - goto elab; - - reject: goto [thrw] tt tf; - - tt: ret := "TypeError" (); - elab: throw; - - tf: ret := false; - goto rlab -}; - -(* *** Array constructor *** *) -proc Array_construct (xsc, vthis) { - (* Default array construction *) - array := "create_default_object" ($larr_proto, "Array", true); - [array, "length"] := {{ "d", 0, true, false, true }}; - - (* All runtime arguments *) - arguments := args; - (* Optional arguments (4) *) - opt_args := cdr (cdr arguments); - len := l-len (opt_args); - goto [len = 0] rlab ltest; - ltest: goto [len = 1] arr_a arr_b; - - (* Form 4(a): new Array(len) *) - arr_a: len := l-nth (opt_args, 0); - prop_name := "length"; - prop_num := "0"; - goto [typeOf len = Num] check set; - check: len_32 := "i__toUint32" (len) with elab; - goto [len = len_32] set thrw; - - set: PHI(prop_a: prop_num, prop_name; enum: true, false); - ret_def_a := "a__defineOwnProperty" (array, prop_a, {{ "d", len, true, enum, true }}, true) with elab; - goto rlab; - - (* Form 4(b): new Array([item1 [, item2 [, ...]]] *) - arr_b: start_n := 0; - loop: PHI(n: start_n, next_n); - goto [n < len] head rlab; - head: prop_b := "i__toString" (n) with elab; - prop_val := l-nth (opt_args, n); - ret_def_b := "a__defineOwnProperty" (array, prop_b, {{ "d", prop_val, true, true, true }}, true) with elab; - next_n := n + 1; - goto loop; - - (* Normal return *) - rlab: ret := array; - return; - - (* Error return *) - thrw: range_err := "RangeError" (); - elab: PHI(ret: len_32, ret_def_a, prop, ret_def_b, range_err); - throw -}; - -(* *** Array.prototype.map implementation *** *) -proc AP_map(xsc, vthis, callbackfn) { - arguments := args; - num := l-len (arguments); - - arr_obj := "i__toObject" (vthis) with elab; - get_len := "get" (arr_obj, "length") with elab; - len := "i__toLength" (get_len) with elab; - - is_call := "i__isCallable" (callbackfn); - goto [is_call] cont thrw; - - (* Check if optional thisArg is supplied at runtime *) - cont: undef_t := undefined; - goto [num > 3] def set_t; - def: def_t := l-nth (arguments, 3); - set_t: PHI(t: undef_t, def_t); - - new_arr := "Array_construct" (empty, empty, len) with elab; - - (* Loop start *) - start := 0; - loop: PHI(k: start, next_k); - goto [k < len] next end; - - next: pk := "i__toString" (k) with elab; - kpres := "hasProperty" (arr_obj, pk) with elab; - goto [kpres] tt ff; - - tt: kval := "get" (arr_obj, pk) with elab; - m := metadata(callbackfn); - scp := [m, "@scope"]; - fun := [m, "@call"]; - mapv := fun (scp, t, kval, k, arr_obj) with elab; - ret_def := "a__defineOwnProperty" (new_arr, pk, {{ "d", mapv, true, true, true }}, false) with elab; - - ff: next_k := k + 1; - goto loop; - (* Loop end *) - (* Normal/ return *) - end: ret := new_arr; - return; - - (* Error return *) - thrw: type_err := "TypeError" (); - elab: PHI(ret: arr_obj, get_len, len, new_arr, pk, kpres, kval, mapv, ret_def, type_err); - throw -}; \ No newline at end of file diff --git a/debugger-vscode-extension/sampleWorkspace/js/amazon/bugs/frozen/ByteLogic.gil b/debugger-vscode-extension/sampleWorkspace/js/amazon/bugs/frozen/ByteLogic.gil deleted file mode 100644 index 95a7fbd98..000000000 --- a/debugger-vscode-extension/sampleWorkspace/js/amazon/bugs/frozen/ByteLogic.gil +++ /dev/null @@ -1,45 +0,0 @@ -(**************************************** - **************************************** - ******* ******* - ******* Byte Interpretations ******* - ******* ******* - **************************************** - ****************************************) - -(* Interpretation: one byte as an unsigned 8-bit integer *) -pure pred rawToUInt8(+bytes:List, num:Num) : - (bytes == {{ #b0 }}) * (num == #b0) * - (0 <=# #b0) * (#b0 <# 256); - -(* Interpretation: two bytes as an unsigned 16-bit integer *) -@nopath -pure pred rawToUInt16(+bytes:List, +littleEndian:Bool, num:Num) : - (littleEndian == false) * - (bytes == {{ #b0, #b1 }}) * - (0 <=# #b0) * (#b0 <# 256) * - (0 <=# #b1) * (#b1 <# 256) * - (num == (#b0 * 256) + #b1), - (littleEndian == true) * - (bytes == {{ #b0, #b1 }}) * - (0 <=# #b0) * (#b0 <# 256) * - (0 <=# #b1) * (#b1 <# 256) * - (num == (#b1 * 256) + #b0); - - -(* Interpretation: four bytes as an unsigned 32-bit integer *) -@nopath -pure pred rawToUInt32(+bytes:List, +littleEndian:Bool, num:Num) : - (littleEndian == false) * - (bytes == {{ #b0, #b1, #b2, #b3 }}) * - (0 <=# #b0) * (#b0 <# 256) * - (0 <=# #b1) * (#b1 <# 256) * - (0 <=# #b2) * (#b2 <# 256) * - (0 <=# #b3) * (#b3 <# 256) * - (num == (#b0 * 16777216) + (#b1 * 65536) + (#b2 * 256) + #b3), - (littleEndian == true) * - (bytes == {{ #b0, #b1, #b2, #b3 }}) * - (0 <=# #b0) * (#b0 <# 256) * - (0 <=# #b1) * (#b1 <# 256) * - (0 <=# #b2) * (#b2 <# 256) * - (0 <=# #b3) * (#b3 <# 256) * - (num == (#b3 * 16777216) + (#b2 * 65536) + (#b1 * 256) + #b0); \ No newline at end of file diff --git a/debugger-vscode-extension/sampleWorkspace/js/amazon/bugs/frozen/EncryptionHeaderLogic.gil b/debugger-vscode-extension/sampleWorkspace/js/amazon/bugs/frozen/EncryptionHeaderLogic.gil deleted file mode 100644 index f219f04b5..000000000 --- a/debugger-vscode-extension/sampleWorkspace/js/amazon/bugs/frozen/EncryptionHeaderLogic.gil +++ /dev/null @@ -1,383 +0,0 @@ -(************************* - ************************* - ******* ******* - ******* Field ******* - ******* ******* - ************************* - *************************) - -(* - One header field consists of two bytes that contain the field length, - encoded as a big-endian 16-bit integer, followed by the field contents - - buffer fLength field - ----------------||----|----|---- ... ----||---------------- - readPos -*) -pred Field(+buffer : List, +readPos : Num, field : List, length : Num) : - (0 <=# readPos) * (#rawFL == l-sub(buffer, readPos, 2)) * - rawToUInt16(#rawFL, false, #fLength) * - (field == l-sub(buffer, (readPos + 2), #fLength)) * - (length == (2 + #fLength)) * ((readPos + length) <=# (l-len buffer)); - facts: (2 <=# length); - - -(****************************** - ****************************** - ******* ******* - ******* Incomplete ******* - ******* Element ******* - ******* ******* - ****************************** - ******************************) - -(* - An incomplete element (IElement) is an expected contiguous - sequence of fields, but which exceeds the boundaries of the buffer. - - Either the length of the first field cannot be read: - - buffer end - | | - v v - buffer fLength - ----------------||----|----| - readPos - - Or the first field itself cannot be read: - - buffer end - | - v - buffer fLength field - ----------------||----|----|---- ... ----| - readPos - - Or the first field can be read, but the rest cannot: - - buffer end - | - v - buffer f1 f2 fn - ----------------||------|------| ... |------| - readPos -*) -@nopath -pred IElement(+buffer : List, +readPos : Num, +fCount : Num, fList : List, eLength : Num) : - (* Base case: not enough data to read length of next field *) - (0 <=# readPos) * (0 <# fCount) * (readPos <=# (l-len buffer)) * - ((l-len buffer) <# (readPos + 2)) * (fList == {{ }}) * - (eLength == ((l-len buffer) - readPos)), - - (* Base case: enough data to read length of next field, but not enough data to read next field *) - (0 <=# readPos) * (0 <# fCount) * ((readPos + 2) <=# (l-len buffer)) * - (#rawFL == l-sub(buffer, readPos, 2)) * rawToUInt16(#rawFL, false, #fLength) * - ((l-len buffer) <# ((readPos + 2) + #fLength)) * (fList == {{ }}) * - (eLength == ((l-len buffer) - (readPos + 2))), - - (* Recursive case: enough data to read one field, but not enough data to read the remaining ones *) - (0 <=# readPos) * (1 <# fCount) * Field(buffer, readPos, #field, #fLength) * - (#restFCount == (fCount - 1)) * ((readPos + #fLength) <=# (l-len buffer)) * - IElement(buffer, (readPos + #fLength), #restFCount, #restFList, #restELength) * - (fList == l+ ({{ #field }}, #restFList)) * - (eLength == (#fLength + #restELength)); - - (* - An incomplete element must have a strictly positive number of fields, - non-negative length, and must fit within the buffer - *) - facts: (0 <=# readPos) and (readPos <=# (l-len buffer)) and (0 <# fCount) and (0 <=# eLength); - - -(****************************** - ****************************** - ******* ******* - ******* Incomplete ******* - ******* Elements ******* - ******* ******* - ****************************** - ******************************) - -(* - An incomplete element sequence (IElements) is an expected contiguous - sequence of elements, but which exceeds the boundaries of the buffer. - - Either the first element cannot be read: - - buffer end - | - v - buffer ce1 ... cen - ----------------||-------| ... |-------||---------------- - readPos - - Or the first element can be read, but the rest cannot: - - buffer end - | - v - buffer ce1 ... cen - ----------------||-------| ... |-------||---------------- - readPos -*) -@nopath -pred IElements(+buffer : List, +readPos : Num, +eCount : Num, +fCount : Num, - eList : List, esLength : Num) : - (* Base case: single incomplete element *) - (0 <=# readPos) * (readPos <=# (l-len buffer)) * (0 <# eCount) * (0 <# fCount) * - IElement(buffer, readPos, fCount, #fList, esLength) * (eList == {{ }}), - - (* Recursive case: enough data to read first element, but not enough data to read the remaining ones *) - (0 <=# readPos) * (readPos <=# (l-len buffer)) * (1 <# eCount) * (0 <# fCount) * - CElement(buffer, readPos, fCount, #fList, #eLength) * - (#restECount == (eCount - 1)) * - IElements(buffer, (readPos + #eLength), #restECount, fCount, #restEList, #restESLength) * - (eList == l+ ({{ #fList }}, #restEList)) * (esLength == (#eLength + #restESLength)); - facts: (0 <=# readPos) and (readPos <=# (l-len buffer)) and (0 <# eCount) and (0 <# fCount) and (0 <=# esLength); - - - -(**************************** - **************************** - ******* ******* - ******* Complete ******* - ******* Element ******* - ******* ******* - **************************** - ****************************) - -(* - A complete element (CElement) is a contiguous sequence of fields. - - |------ length ------| - - /--- fList ---\ - buffer f1 ... fn - ----------------||------| ... |------||---------------- - readPos -*) -@nopath -pred CElement(+buffer : List, +readPos : Num, +fCount : Num, element : List, length : Num) : - (0 <=# readPos) * (readPos <=# (l-len buffer)) * - (fCount == 0) * (element == {{ }}) * (length == 0), - (0 <# fCount) * Field(buffer, readPos, #field, #fLength) * - (#restFCount == (fCount - 1)) * - CElement(buffer, (readPos + #fLength), #restFCount, #restFields, #restLength) * - (element == l+ ({{ #field }}, #restFields)) * (length == (#fLength + #restLength)); - (* - A complete element has a non-negative number of fields - and length, and must be correctly positioned within a buffer - *) - facts: (0 <=# readPos) and (0 <=# fCount) and (0 <=# length) and ((readPos + length) <=# (l-len buffer)) and ((l-len element) == fCount); - - -(**************************** - **************************** - ******* ******* - ******* Complete ******* - ******* Elements ******* - ******* ******* - **************************** - ****************************) - -(* - A complete element sequence (CElements) is a contiguous sequence of complete elements. - - |------- length -------| - - /--- elements ---\ - buffer ce1 ... cen - ----------------||-------| ... |-------||---------------- - readPos -*) -pred CElements(+buffer : List, +readPos : Num, +eCount : Num, +fCount : Num, - elements : List, length : Num) : - (0 <=# readPos) * (readPos <=# (l-len buffer)) * (eCount == 0) * - (0 <# fCount) * (elements == {{ }}) * (length == 0), - (0 <=# readPos) * (0 <# eCount) * (0 <# fCount) * (0 <# length) * - CElement(buffer, readPos, fCount, #element, #eLength) * (#restECount == (eCount - 1)) * - CElements(buffer, (readPos + #eLength), #restECount, fCount, #restElements, #restLength) * - (elements == l+ ({{ #element }}, #restElements)) * - (length == (#eLength + #restLength)); - (* - Complete elements must have a non-negative number of - elements with each element having at least one field, - their length must be non-negative, and they must be - correctly positioned within a buffer - *) - facts: (0 <=# readPos) and (0 <=# eCount) and (0 <# fCount) and (0 <=# length) and - ((readPos + length) <=# (l-len buffer)) and (eCount == (l-len elements)); - - -(**************************** - **************************** - ******* ******* - ******* General ******* - ******* Elements ******* - ******* ******* - **************************** - ****************************) - - -(* A general element sequene is either a complete or an incomplete element sequence *) -@nopath -nounfold pred Elements(definition : Str, +buffer : List, +readPos : Num, - +eCount : Num, +fCount : Num, eList : List, - esLength : Num) : - (definition == "Complete") * CElements(buffer, readPos, eCount, fCount, eList, esLength), - (definition == "Incomplete") * IElements(buffer, readPos, eCount, fCount, eList, esLength); - facts: (0 <=# readPos) and (readPos <=# (l-len buffer)) and (0 <=# eCount) and (0 <# fCount) and (0 <=# esLength); - -(***************************** - ***************************** - ******* ******* - ******* Encrypted ******* - ******* Data Keys ******* - ******* ******* - ***************************** - *****************************) - -(* - Encrypted data keys (EKDs) are serialised by first providing the - number of EDKs to follow, and then providing the EDKs themselves - as a sequence of three-field elements - - buffer keyCount EDKs - ----------------||-----|-----|---- ... ----||---------------- - readPos -*) - -(* Complete serialised EDKs *) -@nopath -nounfold pred CRawEncryptedDataKeys(+buffer : List, +readPos : Num, - EDKs : List, EDKsLength : Num) : - (0 <=# readPos) * (readPos <=# (l-len buffer)) * - (#rawEC == l-sub(buffer, readPos, 2)) * - rawToUInt16(#rawEC, false, #keyCount) * (0 <# #keyCount) * - Elements("Complete", buffer, (readPos + 2), #keyCount, 3, EDKs, #EDKsLength) * - (EDKsLength == (#EDKsLength + 2)); - -(* Incomplete serialised EDKs *) -@nopath -nounfold pred IRawEncryptedDataKeys(buffer : List, readPos : Num) : - (* Not enough data to read the number of EDKs *) - (0 <=# readPos) * (readPos <=# (l-len buffer)) * ((l-len buffer) <# (readPos + 2)), - - (* Enough data to read the number of EDKs, but not enough data to read the EDKs *) - (0 <=# readPos) * ((readPos + 2) <=# (l-len buffer)) * (#rawEC == l-sub(buffer, readPos, 2)) * - rawToUInt16(#rawEC, false, #keyCount) * (0 <# #keyCount) * - Elements("Incomplete", buffer, (readPos + 2), #keyCount, 3, #eList, #esLength); - -(* Broken serialised EDKs *) -@nopath -nounfold pred BRawEncryptedDataKeys(errorMessage : Str, +buffer : List, +readPos : Num) : - (* Incorrect starting position *) - ((readPos <# 0) \/ ((l-len buffer) <# readPos)) * - (errorMessage == "deserializeMessageHeader: startPos out of bounds."), - - (* Zero EDKs provided *) - (0 <=# readPos) * ((readPos + 2) <=# (l-len buffer)) * - (#rawEC == l-sub(buffer, readPos, 2)) * rawToUInt16(#rawEC, false, 0) * - (errorMessage == "Malformed Header: No EncryptedDataKey found."); - -(* General serialised EDKs *) -@nopath -nounfold pred RawEncryptedDataKeys(definition : Str, +buffer : List, +readPos : Num, EDKs : List, EDKsLength : Num, errorMessage : Str) : - (definition == "Complete") * (errorMessage == "") * CRawEncryptedDataKeys(buffer, readPos, EDKs, EDKsLength), - (definition == "Incomplete") * IRawEncryptedDataKeys(buffer, readPos) * (EDKs == {{ }}) * (EDKsLength == 0) * (errorMessage == ""), - (definition == "Broken") * BRawEncryptedDataKeys(errorMessage, buffer, readPos) * (EDKs == {{ }}) * (EDKsLength == 0); - - -(****************************** - ****************************** - ******* ******* - ******* Encryption ******* - ******* Context ******* - ******* ******* - ****************************** - ******************************) - -(* - The encryption context (EC) are serialised - as a sequence of two-field elements, and is meant - to be the only contents of the provided buffer - - buffer EC - |----------------| -*) - -(* Complete serialised encryption context *) -@nopath -nounfold pred CRawEncryptionContext(+buffer : List, ECKs : List) : - ((l-len buffer) == 0) * (ECKs == {{ }}), - (#rawKC == l-sub(buffer, 0, 2)) * - rawToUInt16(#rawKC, false, #keyCount) * (0 <# #keyCount) * - Elements("Complete", buffer, 2, #keyCount, 2, ECKs, #ECKsLength) * - toUtf8PairMap(ECKs, #utf8ECKs) * FirstProj(ECKs, #ECKeys) * - Unique(#ECKeys) * ((2 + #ECKsLength) == (l-len buffer)); - - -(**************************** -***************************** -******* ******* -******* Algorithm ******* -******* Suites ******* -******* ******* -***************************** -*****************************) - -(* Correctly formed algorithm suite *) -@nopath -pred CAlgorithmSuite(+numId, stringId, ivLength, tagLength) : - (numId == 20) * (stringId == "ALG_AES128_GCM_IV12_TAG16") * - (ivLength == 12) * (tagLength == 128), - (numId == 70) * (stringId == "ALG_AES192_GCM_IV12_TAG16") * (ivLength == 12) * - (tagLength == 128); - -(* Broken algorithm suite *) -@nopath -pred BAlgorithmSuite(+numId, errorMessage) : - (! (numId == 20)) * (! (numId == 70)) * - (errorMessage == "Malformed Header: Unsupported algorithm suite."); - -(*************************** - *************************** - ******* ******* - ******* Message ******* - ******* Header ******* - ******* ******* - *************************** - ***************************) - -(* The correct version and type *) -@nopath -pred CVersionAndType(version, type) : - (version == 1) * (type == 128); - - -(* Serialised complete header *) -@nopath -nounfold pred CHeader(+rawHeaderData, part_one, version, type, suiteId, - messageId, ECLength, part_two, ECKs, part_three, EDKs, - contentType, headerIvLength, frameLength, headerLength, - headerIv, headerAuthTag) : - (rawHeaderData == l+ (part_one, part_two)) * - ((l-len part_one) == 22) * - (part_one == l+ ({{ version, type }}, #rawSuiteId, messageId, #rawContextLength)) * - ((l-len #rawSuiteId) == 2) * - ((l-len messageId) == 16) * - ((l-len #rawContextLength) == 2) * CVersionAndType(version, type) * - rawToUInt16(#rawSuiteId, false, suiteId) * - CAlgorithmSuite(suiteId, #stringId, headerIvLength, #tagLength) * - rawToUInt16(#rawContextLength, false, ECLength) * - (part_two == l+ (#EC, part_three)) * - ((l-len #EC) == ECLength) * - CRawEncryptionContext(#EC, ECKs) * - (part_three == l+ (#edks, {{ contentType }}, {{ 0, 0, 0, 0 }}, {{ headerIvLength }}, #rawFrameLength, headerIv, headerAuthTag)) * - RawEncryptedDataKeys("Complete", rawHeaderData, (22 + ECLength), EDKs, #EDKsLength, _) * - (#EDKsLength == (l-len #edks)) * ((l-len #rawFrameLength) == 4) * - rawToUInt32(#rawFrameLength, false, frameLength) * - (headerLength == ((((((22 + ECLength) + #EDKsLength) + 1) + 4) + 1) + 4)) * - ((l-len headerIv) == headerIvLength) * - ((l-len headerAuthTag) == (#tagLength / 8)) * - (((headerLength + headerIvLength) + (#tagLength / 8)) <=# (l-len rawHeaderData)); \ No newline at end of file diff --git a/debugger-vscode-extension/sampleWorkspace/js/amazon/bugs/frozen/ListLogic.gil b/debugger-vscode-extension/sampleWorkspace/js/amazon/bugs/frozen/ListLogic.gil deleted file mode 100644 index 168a2e28b..000000000 --- a/debugger-vscode-extension/sampleWorkspace/js/amazon/bugs/frozen/ListLogic.gil +++ /dev/null @@ -1,67 +0,0 @@ -(***************************************** - ***************************************** - ******* ******* - ******* List first projection ******* - ******* ******* - ***************************************** - *****************************************) - -(* First projection of a list of pairs *) -@nopath -pure pred FirstProj(+lst : List, fProj : List) : (lst == {{ }}) * - (fProj == {{ }}), (lst == l+ ({{ {{ #fst, _lvar_js_7 }} }}, #rest)) * - FirstProj(#rest, #fProjRest) * (fProj == l+ ({{ #fst }}, #fProjRest)); - - -(* -lemma FirstProjFunction(lst1, proj1, lst2, proj2) - [[ FirstProj(#lst1, #proj1) * FirstProj(#lst2, #proj2) * (#lst1 == #lst2) ]] - [[ (#proj1 == #proj2) ]] - [* unfold FirstProj(#lst1, #proj1) [bind: (#fst := #fst1) and (#rest := #rest1) and (#fProjRest := #fProjRest1)]; - if ((not (#lst1 = {{ }}))) then { - unfold FirstProj(#lst2, #proj2) [bind: (#fst := #fst2) and (#rest := #rest2) and (#fProjRest := #fProjRest2)]; - apply FirstProjFunction(#rest1, #fProjRest1, #rest2, #fProjRest2) - } - *] - -lemma FirstProjAppendPair(lst, fProj, prop, value) - [[ FirstProj(#lst, #fProj) ]] - [[ FirstProj(l+ (#lst, {{ {{ #prop, #value }} }}), l+ (#fProj, {{ #prop }})) ]] - [* unfold FirstProj(#lst, #fProj) ; - if ((not (#lst = {{ }}))) then { - sep_assert ((#lst == l+ ({{ {{ #fProp, #fValue }} }}, #restPVPairs))) - [bind: #fProp, #fValue, #restPVPairs]; - sep_assert (FirstProj(#restPVPairs, #restProj)) [bind: #restProj]; - apply FirstProjAppendPair(#restPVPairs, #restProj, #prop, #value) - } *] -*) - - -(******************************** - ******************************** - ******* ******* - ******* Unique lists ******* - ******* ******* - ******************************** - ********************************) - -@nopath -pure pred Unique(l : List) : - (l == {{ }}), - (l == l+ ({{ #fst }}, #rest)) * ListToSet(#rest, #setRest) * - (! (#fst --e-- #setRest)) * Unique(#rest); - - -(***************************************** -****************************************** -******* ******* -******* List to Set conversion ******* -******* ******* -****************************************** -******************************************) - -@nopath -pure pred ListToSet(+lst : List, set : Set) : - (lst == {{ }}) * (set == -{ }-), - (lst == l+ ({{ #e }}, #restLst)) * - ListToSet(#restLst, #restSet) * (set == -u- (#restSet, -{ #e }-)); \ No newline at end of file diff --git a/debugger-vscode-extension/sampleWorkspace/js/amazon/bugs/frozen/Utf8Logic.gil b/debugger-vscode-extension/sampleWorkspace/js/amazon/bugs/frozen/Utf8Logic.gil deleted file mode 100644 index 389e89ea4..000000000 --- a/debugger-vscode-extension/sampleWorkspace/js/amazon/bugs/frozen/Utf8Logic.gil +++ /dev/null @@ -1,26 +0,0 @@ -(************************************ - ************************************ - ******* ******* - ******* Axiomatic ******* - ******* UTF-8 Conversion ******* - ******* ******* - ************************************ - ************************************) - - -(* - toUt8(rawData, utf8Data) is an abstract predicate which - denotes that the string utf8Data is obtained by converting - the raw bytes rawData to UTF-8 format -*) -@nopath -abstract pure nounfold pred toUtf8(+rawData : List, utf8Data : Str); - -(* UTF-8 Mapping of lists of pairs *) -@nopath -pure pred toUtf8PairMap(+data : List, utf8Data : List) : (data == {{ }}) * - (utf8Data == {{ }}), - (data == l+ ({{ {{ #prop, #value }} }}, #rest)) * - toUtf8(#prop, #utf8Prop) * toUtf8(#value, #utf8Value) * - toUtf8PairMap(#rest, #utf8Rest) * - (utf8Data == l+ ({{ {{ #utf8Prop, #utf8Value }} }}, #utf8Rest)); \ No newline at end of file diff --git a/debugger-vscode-extension/sampleWorkspace/js/amazon/bugs/frozen/deserialize_factory.gil b/debugger-vscode-extension/sampleWorkspace/js/amazon/bugs/frozen/deserialize_factory.gil deleted file mode 100644 index 2e0628c89..000000000 --- a/debugger-vscode-extension/sampleWorkspace/js/amazon/bugs/frozen/deserialize_factory.gil +++ /dev/null @@ -1,2384 +0,0 @@ -import "javert_internal_functions.jsil", "javert_logic_macros.jsil", - "ArrayBuffer.jsil", "ArrayLogic.jsil", "DataView.jsil", - "ByteLogic.gil", "Uint8Array.jsil"; -import verify "Gillian-JS/Examples/Amazon/bugs/frozen/Utf8Logic.gil", - "Gillian-JS/Examples/Amazon/bugs/frozen/ListLogic.gil", - "Gillian-JS/Examples/Amazon/bugs/frozen/EncryptionHeaderLogic.gil", - "Gillian-JS/Examples/Amazon/bugs/frozen/AmazonLogic.jsil"; - - -@nopath -nounfold pred UniqueOrDuplicated(definition : Str, lst1 : List, lst2 : List, - lst3 : List) : (definition == "Complete") * - Unique(lst1), (definition == "Broken") * Duplicated(lst2, lst3); - - -@nopath -nounfold pred innerLoopInvariantFacts(+definition, +remElsList, +view, - +innerLoopReadPos, +fLeft, +remElList, - +eLength, +remElsLength, +doneElLength, - remElLength) : - (definition == "Complete") * - CElement(view, innerLoopReadPos, fLeft, remElList, remElLength) * - (eLength == (doneElLength + remElLength)), (definition == "Incomplete") * - (remElsList == {{ }}) * - IElement(view, innerLoopReadPos, fLeft, remElList, remElLength) * - (remElsLength == (doneElLength + remElLength)), - (definition == "Incomplete") * (! (remElsList == {{ }})) * - CElement(view, innerLoopReadPos, fLeft, remElList, remElLength) * - (eLength == (doneElLength + remElLength)); - -axiomatic spec EncryptedDataKey(x__scope, x__this, edk) - [[ (edk == #edk) * - JSObject(#edk) * - DataProp(#edk, "providerId", #pId) * - types(#pId : Str) * - DataProp(#edk, "providerInfo", #pInfo) * - types(#pInfo : Str) * - DataProp(#edk, "encryptedDataKey", #aEDK) * - Uint8Array(#aEDK, #abEDK, 0., #viewSizeEDK) * - ArrayBuffer(#abEDK, #encryptedDataKey) * - (#viewSizeEDK == (l-len #encryptedDataKey)) * - DataProp(#edk, "rawInfo", #aRInfo) * - Uint8Array(#aRInfo, #abRInfo, 0., #viewSizeRInfo) * - ArrayBuffer(#abRInfo, #rawInfo) * - (#viewSizeRInfo == (l-len #rawInfo)) * - JSObjWithProto(#this, $l_edk_proto) * - (x__scope == {{ $lg }}) * - (x__this == #this) * - (! (edk == empty)) * - (! (edk == none)) * - (! ((typeOf edk) == List)) ]] - [[ JSObject(#edk) * - DataProp(#edk, "providerId", #pId) * - DataProp(#edk, "providerInfo", #pInfo) * - DataProp(#edk, "encryptedDataKey", #aEDK) * - Uint8Array(#aEDK, #abEDK, 0., #viewSizeEDK) * - ArrayBuffer(#abEDK, #encryptedDataKey) * - DataProp(#edk, "rawInfo", #aRInfo) * - Uint8Array(#aRInfo, #abRInfo, 0., #viewSizeRInfo) * - ArrayBuffer(#abRInfo, #rawInfo) * - EncryptedDataKey(#this, #pId, #pInfo, #encryptedDataKey, #rawInfo) * - (ret == #this) * - (x__this == #this) * - (x__scope == {{ $lg }}) ]] - normal - -axiomatic spec toUtf8(x__scope, x__this, buffer) - [[ (buffer == #buffer) * - Uint8Array(#buffer, #ab, 0., #length) * - ArrayBuffer(#ab, #element) * - (x__scope == {{ $lg }}) * - (x__this == #this) * - (! (buffer == empty)) * - (! (buffer == none)) * - (! ((typeOf buffer) == List)) ]] - [[ Uint8Array(#buffer, #ab, 0., #length) * - ArrayBuffer(#ab, #element) * - toUtf8(#element, ret) * - (x__this == #this) * - (x__scope == {{ $lg }}) ]] - normal -@nopath -spec readElements(x__scope, x__this, elementCount, fieldsPerElement, buffer, readPos) - [[ (elementCount == #eCount) * - (fieldsPerElement == #fCount) * - (buffer == #buffer) * - (readPos == #readPos) * - Uint8Array(#buffer, #ab, #viewOffset, #viewSize) * - ArrayBuffer(#ab, #data) * - (#view == l-sub(#data, #viewOffset, #viewSize)) * - Elements(#definition, #view, #readPos, #eCount, #fCount, #eList, #esLength) * - ($lg, "needs"; {{ "d", #needs, true, true, false }}) * - ($lg == l-nth(#n_sc, 0.)) * - (1. == (l-len #n_sc)) * - JSFunctionObject(#needs, "needs", #n_sc, #n_len, #n_proto) * - (#n_sc == {{ $lg }}) * - JSInternals() * - (x__scope == {{ $lg }}) * - (x__this == #this) * - (! (x__scope == empty)) * - (! (x__this == empty)) * - (! (elementCount == empty)) * - (! (fieldsPerElement == empty)) * - (! (buffer == empty)) * - (! (readPos == empty)) * - (! (x__scope == none)) * - (! (x__this == none)) * - (! (elementCount == none)) * - (! (fieldsPerElement == none)) * - (! (buffer == none)) * - (! (readPos == none)) * - ((typeOf x__scope) == List) * - (! ((typeOf x__this) == List)) * - (! ((typeOf elementCount) == List)) * - (! ((typeOf fieldsPerElement) == List)) * - (! ((typeOf buffer) == List)) * - (! ((typeOf readPos) == List)) ]] - [[ (#definition == "Complete") * - Uint8Array(#buffer, #ab, #viewOffset, #viewSize) * - ArrayBuffer(#ab, #data) * - Elements(#definition, #view, #readPos, #eCount, #fCount, #eList, #esLength) * - ($lg, "needs"; {{ "d", #needs, true, true, false }}) * - ($lg == l-nth(#n_sc, 0.)) * - (1. == (l-len #n_sc)) * - JSFunctionObject(#needs, "needs", #n_sc, #n_len, #n_proto) * - (#n_sc == {{ $lg }}) * - JSInternals() * - JSObject(ret) * - DataProp(ret, "elements", #elements) * - ArrayOfArraysOfUInt8Arrays(#elements, #eList) * - DataProp(ret, "readPos", #ret_readPos) * - (#ret_readPos == (#readPos + #esLength)) * - (x__this == #this) * - (x__scope == {{ $lg }}); - (#definition == "Incomplete") * - Uint8Array(#buffer, #ab, #viewOffset, #viewSize) * - ArrayBuffer(#ab, #data) * - Elements(#definition, #view, #readPos, #eCount, #fCount, #eList, #esLength) * - ($lg, "needs"; {{ "d", #needs, true, true, false }}) * - ($lg == l-nth(#n_sc, 0.)) * - (1. == (l-len #n_sc)) * - JSFunctionObject(#needs, "needs", #n_sc, #n_len, #n_proto) * - (#n_sc == {{ $lg }}) * - JSInternals() * - (ret == false) * - (x__this == #this) * - (x__scope == {{ $lg }}) ]] - normal -proc readElements(x__scope, x__this, elementCount, fieldsPerElement, buffer, readPos) { - gvar_aux_30 := [Alloc](empty, null); - x__er_m := l-nth(gvar_aux_30, 0.); - gvar_aux_31 := [Alloc](empty, x__er_m); - x__er := l-nth(gvar_aux_31, 0.); - gvar_aux_32 := x__er_m; - gvar_aux_33 := "@er"; - gvar_aux_34 := true; - gvar_aux_35 := [GetCell](gvar_aux_32, gvar_aux_33); - gvar_aux_36 := [SetCell](l-nth(gvar_aux_35, 0.), - l-nth(gvar_aux_35, 1.), gvar_aux_34); - gvar_aux_37 := x__er; - gvar_aux_38 := "dataView"; - gvar_aux_39 := undefined; - gvar_aux_40 := [GetCell](gvar_aux_37, gvar_aux_38); - gvar_aux_41 := [SetCell](l-nth(gvar_aux_40, 0.), - l-nth(gvar_aux_40, 1.), gvar_aux_39); - gvar_aux_42 := x__er; - gvar_aux_43 := "element"; - gvar_aux_44 := undefined; - gvar_aux_45 := [GetCell](gvar_aux_42, gvar_aux_43); - gvar_aux_46 := [SetCell](l-nth(gvar_aux_45, 0.), - l-nth(gvar_aux_45, 1.), gvar_aux_44); - gvar_aux_47 := x__er; - gvar_aux_48 := "elements"; - gvar_aux_49 := undefined; - gvar_aux_50 := [GetCell](gvar_aux_47, gvar_aux_48); - gvar_aux_51 := [SetCell](l-nth(gvar_aux_50, 0.), - l-nth(gvar_aux_50, 1.), gvar_aux_49); - gvar_aux_52 := x__er; - gvar_aux_53 := "fieldBinary"; - gvar_aux_54 := undefined; - gvar_aux_55 := [GetCell](gvar_aux_52, gvar_aux_53); - gvar_aux_56 := [SetCell](l-nth(gvar_aux_55, 0.), - l-nth(gvar_aux_55, 1.), gvar_aux_54); - gvar_aux_57 := x__er; - gvar_aux_58 := "fieldCount"; - gvar_aux_59 := undefined; - gvar_aux_60 := [GetCell](gvar_aux_57, gvar_aux_58); - gvar_aux_61 := [SetCell](l-nth(gvar_aux_60, 0.), - l-nth(gvar_aux_60, 1.), gvar_aux_59); - gvar_aux_62 := x__er; - gvar_aux_63 := "length"; - gvar_aux_64 := undefined; - gvar_aux_65 := [GetCell](gvar_aux_62, gvar_aux_63); - gvar_aux_66 := [SetCell](l-nth(gvar_aux_65, 0.), - l-nth(gvar_aux_65, 1.), gvar_aux_64); - gvar_aux_67 := x__er; - gvar_aux_68 := "arguments"; - gvar_aux_69 := undefined; - gvar_aux_70 := [GetCell](gvar_aux_67, gvar_aux_68); - gvar_aux_71 := [SetCell](l-nth(gvar_aux_70, 0.), - l-nth(gvar_aux_70, 1.), gvar_aux_69); - gvar_aux_72 := x__er; - gvar_aux_73 := "elementCount"; - gvar_aux_74 := elementCount; - gvar_aux_75 := [GetCell](gvar_aux_72, gvar_aux_73); - gvar_aux_76 := [SetCell](l-nth(gvar_aux_75, 0.), - l-nth(gvar_aux_75, 1.), gvar_aux_74); - gvar_aux_77 := x__er; - gvar_aux_78 := "fieldsPerElement"; - gvar_aux_79 := fieldsPerElement; - gvar_aux_80 := [GetCell](gvar_aux_77, gvar_aux_78); - gvar_aux_81 := [SetCell](l-nth(gvar_aux_80, 0.), - l-nth(gvar_aux_80, 1.), gvar_aux_79); - gvar_aux_82 := x__er; - gvar_aux_83 := "buffer"; - gvar_aux_84 := buffer; - gvar_aux_85 := [GetCell](gvar_aux_82, gvar_aux_83); - gvar_aux_86 := [SetCell](l-nth(gvar_aux_85, 0.), - l-nth(gvar_aux_85, 1.), gvar_aux_84); - gvar_aux_87 := x__er; - gvar_aux_88 := "readPos"; - gvar_aux_89 := readPos; - gvar_aux_90 := [GetCell](gvar_aux_87, gvar_aux_88); - gvar_aux_91 := [SetCell](l-nth(gvar_aux_90, 0.), - l-nth(gvar_aux_90, 1.), gvar_aux_89); - x__sc_fst := l+ (x__scope, {{ x__er }}); - x__te := "TypeError"(); - x__se := "SyntaxError"(); - x__re := "ReferenceError"(); - x_18 := "hasProperty"($lg, "DataView") with pre_elab; - unfold_all Pi; - goto [x_18] then_0 else_0; - then_0: x_19 := {{ "v", $lg, "DataView", true }}; - goto end_0; - else_0: x_20 := {{ "v", undefined, "DataView", true }}; - end_0: PHI(x_21: x_19, x_20); - x_21_v := "i__getValue"(x_21) with pre_elab; - GPVUnfold(x_21); - x_22 := l-nth(x__sc_fst, 1.); - x_23 := {{ "v", x_22, "buffer", true }}; - x_23_v := "i__getValue"(x_23) with pre_elab; - GPVUnfold(x_23); - x_24 := "i__checkObjectCoercible"(x_23_v) with pre_elab; - x_25 := {{ "o", x_23_v, "buffer", true }}; - x_25_v := "i__getValue"(x_25) with pre_elab; - GPVUnfold(x_25); - x_26 := l-nth(x__sc_fst, 1.); - x_27 := {{ "v", x_26, "buffer", true }}; - x_27_v := "i__getValue"(x_27) with pre_elab; - GPVUnfold(x_27); - x_28 := "i__checkObjectCoercible"(x_27_v) with pre_elab; - x_29 := {{ "o", x_27_v, "byteOffset", true }}; - x_29_v := "i__getValue"(x_29) with pre_elab; - GPVUnfold(x_29); - x_30 := l-nth(x__sc_fst, 1.); - x_31 := {{ "v", x_30, "buffer", true }}; - x_31_v := "i__getValue"(x_31) with pre_elab; - GPVUnfold(x_31); - x_32 := "i__checkObjectCoercible"(x_31_v) with pre_elab; - x_33 := {{ "o", x_31_v, "byteLength", true }}; - x_33_v := "i__getValue"(x_33) with pre_elab; - GPVUnfold(x_33); - goto [(not ((typeOf x_21_v) = Obj))] pre_elab next_4; - next_4: gvar_aux_92 := x_21_v; - gvar_aux_93 := [GetMetadata](gvar_aux_92); - goto [(l-nth(gvar_aux_93, 1.) = none)] glab_then_0 glab_else_0; - glab_then_0: fail [ResourceError](gvar_aux_92); - glab_else_0: x_34 := l-nth(gvar_aux_93, 1.); - gvar_aux_94 := x_34; - gvar_aux_95 := "@construct"; - gvar_aux_96 := [GetCell](gvar_aux_94, gvar_aux_95); - x_35 := (not (l-nth(gvar_aux_96, 2.) = none)); - goto [x_35] then_1 pre_elab; - then_1: x_46 := {{ "o", x_21_v, "prototype", true }}; - x_46_v := "i__getValue"(x_46) with pre_elab; - GPVUnfold(x_46); - goto [((typeOf x_46_v) = Obj)] else_3 then_4; - then_4: x_47 := $lobj_proto; - else_3: PHI(x_48: x_46_v, x_47); - x_this_1 := "create_default_object"(x_48); - gvar_aux_97 := x_34; - gvar_aux_98 := "@construct"; - gvar_aux_99 := [GetCell](gvar_aux_97, gvar_aux_98); - goto [(l-nth(gvar_aux_99, 2.) = none)] glab_then_1 glab_else_1; - glab_then_1: fail [ResourceError](gvar_aux_97, gvar_aux_98); - glab_else_1: x_body_1 := l-nth(gvar_aux_99, 2.); - gvar_aux_100 := x_34; - gvar_aux_101 := "@scope"; - gvar_aux_102 := [GetCell](gvar_aux_100, gvar_aux_101); - goto [(l-nth(gvar_aux_102, 2.) = none)] glab_then_2 glab_else_2; - glab_then_2: fail [ResourceError](gvar_aux_100, gvar_aux_101); - glab_else_2: x_fscope_1 := l-nth(gvar_aux_102, 2.); - x_49 := x_body_1(x_fscope_1, x_this_1, x_25_v, x_29_v, x_33_v) with pre_elab; - goto [((typeOf x_49) = Obj)] next_8 next_7; - next_7: skip; - next_8: PHI(x_50: x_49, x_this_1); - x_50_v := "i__getValue"(x_50) with pre_elab; - GPVUnfold(x_50); - x_52 := l-nth(x__sc_fst, 1.); - x_53 := {{ "v", x_52, "dataView", true }}; - x_54 := "i__checkAssignmentErrors"(x_53) with pre_elab; - x_55 := "i__putValue"(x_53, x_50_v) with pre_elab; - GPVUnfold(x_53); - x_56 := empty; - x_57 := l-nth(x__sc_fst, 0.); - x_58 := {{ "v", x_57, "needs", true }}; - x_58_v := "i__getValue"(x_58) with pre_elab; - GPVUnfold(x_58); - x_59 := l-nth(x__sc_fst, 1.); - x_60 := {{ "v", x_59, "readPos", true }}; - x_60_v := "i__getValue"(x_60) with pre_elab; - GPVUnfold(x_60); - x_61_v := "i__getValue"(0.) with pre_elab; - GPVUnfold(0.); - x_62 := "i__abstractComparison"(x_60_v, x_61_v, true) with pre_elab; - goto [(x_62 = undefined)] lab_1 lab_2; - lab_1: x_63 := true; - lab_2: PHI(x_64: x_62, x_63); - x_65 := (not x_64); - x_65_v := "i__getValue"(x_65) with pre_elab; - GPVUnfold(x_65); - x_65_b := "i__toBoolean"(x_65_v) with pre_elab; - goto [x_65_b] next_9 end_1; - next_9: x_66 := l-nth(x__sc_fst, 1.); - x_67 := {{ "v", x_66, "dataView", true }}; - x_67_v := "i__getValue"(x_67) with pre_elab; - GPVUnfold(x_67); - x_68 := "i__checkObjectCoercible"(x_67_v) with pre_elab; - x_69 := {{ "o", x_67_v, "byteLength", true }}; - x_69_v := "i__getValue"(x_69) with pre_elab; - GPVUnfold(x_69); - x_70 := l-nth(x__sc_fst, 1.); - x_71 := {{ "v", x_70, "readPos", true }}; - x_71_v := "i__getValue"(x_71) with pre_elab; - GPVUnfold(x_71); - x_72 := "i__abstractComparison"(x_69_v, x_71_v, true) with pre_elab; - goto [(x_72 = undefined)] lab_3 lab_4; - lab_3: x_73 := true; - lab_4: PHI(x_74: x_72, x_73); - x_75 := (not x_74); - x_75_v := "i__getValue"(x_75) with pre_elab; - GPVUnfold(x_75); - end_1: PHI(x_76: x_65_v, x_75_v); - x_76_v := "i__getValue"(x_76) with pre_elab; - GPVUnfold(x_76); - x_77_v := "i__getValue"("readPos out of bounds.") with pre_elab; - GPVUnfold("readPos out of bounds."); - goto [(not ((typeOf x_58_v) = Obj))] pre_elab next_10; - next_10: gvar_aux_103 := x_58_v; - gvar_aux_104 := [GetMetadata](gvar_aux_103); - goto [(l-nth(gvar_aux_104, 1.) = none)] glab_then_3 glab_else_3; - glab_then_3: fail [ResourceError](gvar_aux_103); - glab_else_3: x_79 := l-nth(gvar_aux_104, 1.); - x_78 := "i__isCallable"(x_58_v); - goto [x_78] lab_5 pre_elab; - lab_5: gvar_aux_105 := x_79; - gvar_aux_106 := "@call"; - gvar_aux_107 := [GetCell](gvar_aux_105, gvar_aux_106); - goto [(l-nth(gvar_aux_107, 2.) = none)] glab_then_4 glab_else_4; - glab_then_4: fail [ResourceError](gvar_aux_105, gvar_aux_106); - glab_else_4: x_body_3 := l-nth(gvar_aux_107, 2.); - else_5: gvar_aux_108 := x_79; - gvar_aux_109 := "@scope"; - gvar_aux_110 := [GetCell](gvar_aux_108, gvar_aux_109); - goto [(l-nth(gvar_aux_110, 2.) = none)] glab_then_5 glab_else_5; - glab_then_5: fail [ResourceError](gvar_aux_108, gvar_aux_109); - glab_else_5: x_fscope_3 := l-nth(gvar_aux_110, 2.); - goto [((typeOf x_58) = List)] then_6 else_6; - then_6: goto [(l-nth(x_58, 0.) = "o")] then_7 else_6; - then_7: x_this_2 := l-nth(x_58, 1.); - goto fi_0; - else_6: x_this_3 := undefined; - fi_0: PHI(x_this_4: x_this_2, x_this_3); - x_88 := x_body_3(x_fscope_3, x_this_4, x_76_v, x_77_v) with pre_elab; - x_88_v := "i__getValue"(x_88) with pre_elab; - GPVUnfold(x_88); - x_90 := l-nth(x__sc_fst, 0.); - x_91 := {{ "v", x_90, "needs", true }}; - x_91_v := "i__getValue"(x_91) with pre_elab; - GPVUnfold(x_91); - x_92 := l-nth(x__sc_fst, 1.); - x_93 := {{ "v", x_92, "elementCount", true }}; - x_93_v := "i__getValue"(x_93) with pre_elab; - GPVUnfold(x_93); - x_94_v := "i__getValue"(0.) with pre_elab; - GPVUnfold(0.); - x_95 := "i__abstractComparison"(x_93_v, x_94_v, true) with pre_elab; - goto [(x_95 = undefined)] lab_7 lab_8; - lab_7: x_96 := true; - lab_8: PHI(x_97: x_95, x_96); - x_98 := (not x_97); - x_98_v := "i__getValue"(x_98) with pre_elab; - GPVUnfold(x_98); - x_98_b := "i__toBoolean"(x_98_v) with pre_elab; - goto [x_98_b] next_12 end_2; - next_12: x_99 := l-nth(x__sc_fst, 1.); - x_100 := {{ "v", x_99, "fieldsPerElement", true }}; - x_100_v := "i__getValue"(x_100) with pre_elab; - GPVUnfold(x_100); - x_101_v := "i__getValue"(0.) with pre_elab; - GPVUnfold(0.); - x_102 := "i__abstractComparison"(x_100_v, x_101_v, true) with pre_elab; - goto [(x_102 = undefined)] lab_9 lab_10; - lab_9: x_103 := true; - lab_10: PHI(x_104: x_102, x_103); - x_105 := (not x_104); - x_105_v := "i__getValue"(x_105) with pre_elab; - GPVUnfold(x_105); - end_2: PHI(x_106: x_98_v, x_105_v); - x_106_v := "i__getValue"(x_106) with pre_elab; - GPVUnfold(x_106); - x_107_v := "i__getValue"("elementCount and fieldsPerElement must be non-negative.") with pre_elab; - GPVUnfold("elementCount and fieldsPerElement must be non-negative."); - goto [(not ((typeOf x_91_v) = Obj))] pre_elab next_13; - next_13: gvar_aux_111 := x_91_v; - gvar_aux_112 := [GetMetadata](gvar_aux_111); - goto [(l-nth(gvar_aux_112, 1.) = none)] glab_then_6 glab_else_6; - glab_then_6: fail [ResourceError](gvar_aux_111); - glab_else_6: x_109 := l-nth(gvar_aux_112, 1.); - x_108 := "i__isCallable"(x_91_v); - goto [x_108] lab_11 pre_elab; - lab_11: gvar_aux_113 := x_109; - gvar_aux_114 := "@call"; - gvar_aux_115 := [GetCell](gvar_aux_113, gvar_aux_114); - goto [(l-nth(gvar_aux_115, 2.) = none)] glab_then_7 glab_else_7; - glab_then_7: fail [ResourceError](gvar_aux_113, gvar_aux_114); - glab_else_7: x_body_5 := l-nth(gvar_aux_115, 2.); - else_8: gvar_aux_116 := x_109; - gvar_aux_117 := "@scope"; - gvar_aux_118 := [GetCell](gvar_aux_116, gvar_aux_117); - goto [(l-nth(gvar_aux_118, 2.) = none)] glab_then_8 glab_else_8; - glab_then_8: fail [ResourceError](gvar_aux_116, gvar_aux_117); - glab_else_8: x_fscope_5 := l-nth(gvar_aux_118, 2.); - goto [((typeOf x_91) = List)] then_9 else_9; - then_9: goto [(l-nth(x_91, 0.) = "o")] then_10 else_9; - then_10: x_this_5 := l-nth(x_91, 1.); - goto fi_1; - else_9: x_this_6 := undefined; - fi_1: PHI(x_this_7: x_this_5, x_this_6); - x_118 := x_body_5(x_fscope_5, x_this_7, x_106_v, x_107_v) with pre_elab; - x_118_v := "i__getValue"(x_118) with pre_elab; - GPVUnfold(x_118); - x_o_0 := "create_default_object"($larr_proto, "Array"); - gvar_aux_119 := x_o_0; - gvar_aux_120 := "length"; - gvar_aux_121 := {{ "d", 0., true, false, false }}; - gvar_aux_122 := [GetCell](gvar_aux_119, gvar_aux_120); - gvar_aux_123 := [SetCell](l-nth(gvar_aux_122, 0.), - l-nth(gvar_aux_122, 1.), - gvar_aux_121); - x_o_0_v := "i__getValue"(x_o_0) with pre_elab; - GPVUnfold(x_o_0); - x_120 := l-nth(x__sc_fst, 1.); - x_121 := {{ "v", x_120, "elements", true }}; - x_122 := "i__checkAssignmentErrors"(x_121) with pre_elab; - x_123 := "i__putValue"(x_121, x_o_0_v) with pre_elab; - GPVUnfold(x_121); - x_124 := empty; - goto [(x_124 = empty)] next_15 next_16; - next_15: skip; - next_16: PHI(x_125: x_124, x_118_v); - x_302 := empty; - loop_h_0: invariant ((! (l-nth(x__sc_fst, 1.) == $lg)) * - (! (#buffer == none)) * - (l-nth(x__sc_fst, 1.), "buffer"; #buffer) * - Uint8Array(#buffer, #ab, #viewOffset, #viewSize) * - ArrayBuffer(#ab, #data) * - (! (l-nth(x__sc_fst, 1.) == $lg)) * - (! (#dataView == none)) * - (l-nth(x__sc_fst, 1.), "dataView"; #dataView) * - DataView(#dataView, #ab, #viewOffset, #viewSize) * - (! (l-nth(x__sc_fst, 1.) == $lg)) * - (! (#doneEls == none)) * - (l-nth(x__sc_fst, 1.), "elements"; #doneEls) * - (! (l-nth(x__sc_fst, 1.) == $lg)) * - (! (#outerLoopReadPos == none)) * - (l-nth(x__sc_fst, 1.), "readPos"; #outerLoopReadPos) * - (! (l-nth(x__sc_fst, 1.) == $lg)) * - (! (#eLeft == none)) * - (l-nth(x__sc_fst, 1.), "elementCount"; #eLeft) * - (! (l-nth(x__sc_fst, 1.) == $lg)) * - (! (#fCount == none)) * - (l-nth(x__sc_fst, 1.), "fieldsPerElement"; #fCount) * - (! (l-nth(x__sc_fst, 1.) == $lg)) * - (! (_lvar_js_4 == none)) * - (l-nth(x__sc_fst, 1.), "element"; _lvar_js_4) * - (! (l-nth(x__sc_fst, 1.) == $lg)) * - (! (_lvar_js_5 == none)) * - (l-nth(x__sc_fst, 1.), "fieldCount"; _lvar_js_5) * - (! (l-nth(x__sc_fst, 1.) == $lg)) * - (! (_lvar_js_6 == none)) * - (l-nth(x__sc_fst, 1.), "fieldBinary"; _lvar_js_6) * - (! (l-nth(x__sc_fst, 1.) == $lg)) * - (! (_lvar_js_7 == none)) * - (l-nth(x__sc_fst, 1.), "length"; _lvar_js_7) * - JSInternals() * - CElements(#view, #readPos, (#eCount - #eLeft), #fCount, #doneElsList, #doneElsLength) * - Elements(#definition, #view, #outerLoopReadPos, #eLeft, #fCount, #remElsList, #remElsLength) * - (#eList == l+ (#doneElsList, #remElsList)) * - (#esLength == (#doneElsLength + #remElsLength)) * - ((#readPos + #doneElsLength) == #outerLoopReadPos) * - ArrayOfArraysOfUInt8Arrays(#doneEls, #doneElsList) * - (x__sc_fst == {{ $lg, _lvar_js_8 }}) * - (x__this == #this)) [existentials: #doneEls, - #outerLoopReadPos, - #eLeft, - #remElsList, - #remElsLength, - #doneElsList, - #doneElsLength]; - PHI(x_303: x_302, x_305); - x_126 := l-nth(x__sc_fst, 1.); - x_127 := {{ "v", x_126, "elementCount", true }}; - goto [((typeOf x_127) = List)] lab_14 lab_13; - lab_13: goto [((l-nth(x_127, 0.) = "v") and ((l-nth(x_127, 2.) = "eval") or (l-nth(x_127, 2.) = "arguments")))] pre_elab lab_14; - lab_14: x_127_v := "i__getValue"(x_127) with pre_elab; - GPVUnfold(x_127); - x_127_n := "i__toNumber"(x_127_v) with pre_elab; - x_128 := (x_127_n - 1.); - x_129 := "i__putValue"(x_127, x_128) with pre_elab; - GPVUnfold(x_127); - x_127_n_v := "i__getValue"(x_127_n) with pre_elab; - GPVUnfold(x_127_n); - x_127_n_b := "i__toBoolean"(x_127_n_v) with pre_elab; - goto [x_127_n_b] loop_b_0 loop_e_0; - loop_b_0: unfold Elements(#definition, #view, #outerLoopReadPos, - #eLeft, #fCount, #remElsList, #remElsLength) ; - if ((#definition = "Complete")) then { - unfold CElements(#view, #outerLoopReadPos, #eLeft, #fCount, - #remElsList, #remElsLength) [bind: (#element := #fList) and (#eLength := #eLength)] - } else { - unfold IElements(#view, #outerLoopReadPos, #eLeft, #fCount, #remElsList, - #remElsLength) [bind: (#fList := #fList) and (#eLength := #eLength)] - }; - x_o_1 := "create_default_object"($larr_proto, "Array"); - gvar_aux_124 := x_o_1; - gvar_aux_125 := "length"; - gvar_aux_126 := {{ "d", 0., true, false, false }}; - gvar_aux_127 := [GetCell](gvar_aux_124, gvar_aux_125); - gvar_aux_128 := [SetCell](l-nth(gvar_aux_127, 0.), - l-nth(gvar_aux_127, 1.), - gvar_aux_126); - x_o_1_v := "i__getValue"(x_o_1) with pre_elab; - GPVUnfold(x_o_1); - x_130 := l-nth(x__sc_fst, 1.); - x_131 := {{ "v", x_130, "element", true }}; - x_132 := "i__checkAssignmentErrors"(x_131) with pre_elab; - x_133 := "i__putValue"(x_131, x_o_1_v) with pre_elab; - GPVUnfold(x_131); - x_134 := empty; - x_135 := l-nth(x__sc_fst, 1.); - x_136 := {{ "v", x_135, "fieldsPerElement", true }}; - x_136_v := "i__getValue"(x_136) with pre_elab; - GPVUnfold(x_136); - x_137 := l-nth(x__sc_fst, 1.); - x_138 := {{ "v", x_137, "fieldCount", true }}; - x_139 := "i__checkAssignmentErrors"(x_138) with pre_elab; - x_140 := "i__putValue"(x_138, x_136_v) with pre_elab; - GPVUnfold(x_138); - x_141 := empty; - goto [(x_141 = empty)] next_17 next_18; - next_17: skip; - next_18: PHI(x_142: x_141, x_134); - x_277 := empty; - loop_h_1: invariant ((! (l-nth(x__sc_fst, 1.) == $lg)) * - (! (#buffer == none)) * - (l-nth(x__sc_fst, 1.), "buffer"; #buffer) * - Uint8Array(#buffer, #ab, #viewOffset, #viewSize) * - ArrayBuffer(#ab, #data) * - (! (l-nth(x__sc_fst, 1.) == $lg)) * - (! (#dataView == none)) * - (l-nth(x__sc_fst, 1.), "dataView"; #dataView) * - DataView(#dataView, #ab, #viewOffset, #viewSize) * - (! (l-nth(x__sc_fst, 1.) == $lg)) * - (! (#doneEl == none)) * - (l-nth(x__sc_fst, 1.), "element"; #doneEl) * - (! (l-nth(x__sc_fst, 1.) == $lg)) * - (! (#innerLoopReadPos == none)) * - (l-nth(x__sc_fst, 1.), "readPos"; #innerLoopReadPos) * - (! (l-nth(x__sc_fst, 1.) == $lg)) * - (! (#fLeft == none)) * - (l-nth(x__sc_fst, 1.), "fieldCount"; #fLeft) * - (! (l-nth(x__sc_fst, 1.) == $lg)) * - (! (_lvar_js_9 == none)) * - (l-nth(x__sc_fst, 1.), "fieldBinary"; _lvar_js_9) * - (! (l-nth(x__sc_fst, 1.) == $lg)) * - (! (_lvar_js_10 == none)) * - (l-nth(x__sc_fst, 1.), "length"; _lvar_js_10) * - JSInternals() * - CElement(#view, #outerLoopReadPos, (#fCount - #fLeft), #doneElList, #doneElLength) * - (#fList == l+ (#doneElList, #remElList)) * - innerLoopInvariantFacts(#definition, #remElsList, #view, #innerLoopReadPos, #fLeft, #remElList, #eLength, #remElsLength, #doneElLength, #remElLength) * - ((#outerLoopReadPos + #doneElLength) == - #innerLoopReadPos) * - ArrayOfUInt8Arrays(#doneEl, #doneElList, (#fCount - #fLeft)) * - (x__sc_fst == {{ $lg, _lvar_js_11 }}) * - (x__this == #this)) [existentials: #doneEl, - #innerLoopReadPos, - #fLeft, - #remElList, - #remElLength, - #doneElList, - #doneElLength]; - PHI(x_278: x_277, x_280); - x_143 := l-nth(x__sc_fst, 1.); - x_144 := {{ "v", x_143, "fieldCount", true }}; - goto [((typeOf x_144) = List)] lab_16 lab_15; - lab_15: goto [((l-nth(x_144, 0.) = "v") and ((l-nth(x_144, 2.) = "eval") or (l-nth(x_144, 2.) = "arguments")))] pre_elab lab_16; - lab_16: x_144_v := "i__getValue"(x_144) with pre_elab; - GPVUnfold(x_144); - x_144_n := "i__toNumber"(x_144_v) with pre_elab; - x_145 := (x_144_n - 1.); - x_146 := "i__putValue"(x_144, x_145) with pre_elab; - GPVUnfold(x_144); - x_144_n_v := "i__getValue"(x_144_n) with pre_elab; - GPVUnfold(x_144_n); - x_144_n_b := "i__toBoolean"(x_144_n_v) with pre_elab; - goto [x_144_n_b] loop_b_1 loop_e_1; - loop_b_1: unfold innerLoopInvariantFacts(#definition, #remElsList, - #view, #innerLoopReadPos, - #fLeft, #remElList, #eLength, - #remElsLength, #doneElLength, - #remElLength) ; - if ((#definition = "Complete")) then { - unfold CElement(#view, #innerLoopReadPos, #fLeft, - #remElList, #remElLength) - } else { - if ((#remElsList = {{ }})) then { - unfold IElement(#view, #innerLoopReadPos, #fLeft, #remElList, - #remElLength) - } else { - unfold CElement(#view, #innerLoopReadPos, #fLeft, #remElList, - #remElLength) } - }; - x_147 := l-nth(x__sc_fst, 1.); - x_148 := {{ "v", x_147, "readPos", true }}; - x_148_v := "i__getValue"(x_148) with pre_elab; - GPVUnfold(x_148); - x_149_v := "i__getValue"(2.) with pre_elab; - GPVUnfold(2.); - x_148_p := "i__toPrimitive"(x_148_v) with pre_elab; - x_150_p := "i__toPrimitive"(x_149_v) with pre_elab; - goto [(((typeOf x_148_p) = Str) or ((typeOf x_150_p) = Str))] then_11 else_10; - then_11: x_148_s := "i__toStringComputed"(x_148_p) with pre_elab; - x_151_s := "i__toStringComputed"(x_150_p) with pre_elab; - x_152 := (x_148_s ++ x_151_s); - goto fi_2; - else_10: x_148_n := "i__toNumber"(x_148_p) with pre_elab; - x_153_n := "i__toNumber"(x_150_p) with pre_elab; - x_154 := (x_148_n + x_153_n); - fi_2: PHI(x_155: x_152, x_154); - x_155_v := "i__getValue"(x_155) with pre_elab; - GPVUnfold(x_155); - x_156 := l-nth(x__sc_fst, 1.); - x_157 := {{ "v", x_156, "dataView", true }}; - x_157_v := "i__getValue"(x_157) with pre_elab; - GPVUnfold(x_157); - x_158 := "i__checkObjectCoercible"(x_157_v) with pre_elab; - x_159 := {{ "o", x_157_v, "byteLength", true }}; - x_159_v := "i__getValue"(x_159) with pre_elab; - GPVUnfold(x_159); - x_160 := "i__abstractComparison"(x_159_v, x_155_v, false) with pre_elab; - goto [(x_160 = undefined)] lab_17 lab_18; - lab_17: x_161 := false; - lab_18: PHI(x_162: x_160, x_161); - x_162_v := "i__getValue"(x_162) with pre_elab; - GPVUnfold(x_162); - x_162_b := "i__toBoolean"(x_162_v) with pre_elab; - goto [x_162_b] then_12 else_11; - then_12: apply PrependCElementI(#view, #outerLoopReadPos, - (#fCount - #fLeft), #doneElList, - #doneElLength, #fLeft, #remElList, - #remElLength) ; - sep_assert (IElement(#view, #outerLoopReadPos, #fCount, #fList, #remElsLength) * - (x__sc_fst == {{ $lg, _lvar_js_12 }}) * - (x__this == #this)) ; - sep_assert (Elements(#definition, #view, #outerLoopReadPos, #eLeft, #fCount, #remElsList, #remElsLength) * - (x__sc_fst == {{ $lg, _lvar_js_13 }}) * - (x__this == #this)) ; - apply PrependCElementsE(#definition, #view, #readPos, - (#eCount - #eLeft), #fCount, - #doneElsList, #doneElsLength, #eLeft, - #remElsList, #remElsLength) ; - x_163_v := "i__getValue"(false) with pre_elab; - GPVUnfold(false); - goto pre_rlab; - goto end_3; - else_11: x_164 := empty; - end_3: PHI(x_165: x_163_v, x_164); - x_166 := l-nth(x__sc_fst, 1.); - x_167 := {{ "v", x_166, "dataView", true }}; - x_167_v := "i__getValue"(x_167) with pre_elab; - GPVUnfold(x_167); - x_168 := "i__checkObjectCoercible"(x_167_v) with pre_elab; - x_169 := {{ "o", x_167_v, "getUint16", true }}; - x_169_v := "i__getValue"(x_169) with pre_elab; - GPVUnfold(x_169); - x_170 := l-nth(x__sc_fst, 1.); - x_171 := {{ "v", x_170, "readPos", true }}; - x_171_v := "i__getValue"(x_171) with pre_elab; - GPVUnfold(x_171); - x_172_v := "i__getValue"(false) with pre_elab; - GPVUnfold(false); - goto [(not ((typeOf x_169_v) = Obj))] pre_elab next_19; - next_19: gvar_aux_129 := x_169_v; - gvar_aux_130 := [GetMetadata](gvar_aux_129); - goto [(l-nth(gvar_aux_130, 1.) = none)] glab_then_9 glab_else_9; - glab_then_9: fail [ResourceError](gvar_aux_129); - glab_else_9: x_174 := l-nth(gvar_aux_130, 1.); - x_173 := "i__isCallable"(x_169_v); - goto [x_173] lab_19 pre_elab; - lab_19: gvar_aux_131 := x_174; - gvar_aux_132 := "@call"; - gvar_aux_133 := [GetCell](gvar_aux_131, gvar_aux_132); - goto [(l-nth(gvar_aux_133, 2.) = none)] glab_then_10 glab_else_10; - glab_then_10: fail [ResourceError](gvar_aux_131, gvar_aux_132); - glab_else_10: x_body_7 := l-nth(gvar_aux_133, 2.); - else_13: gvar_aux_134 := x_174; - gvar_aux_135 := "@scope"; - gvar_aux_136 := [GetCell](gvar_aux_134, gvar_aux_135); - goto [(l-nth(gvar_aux_136, 2.) = none)] glab_then_11 glab_else_11; - glab_then_11: fail [ResourceError](gvar_aux_134, gvar_aux_135); - glab_else_11: x_fscope_7 := l-nth(gvar_aux_136, 2.); - goto [((typeOf x_169) = List)] then_14 else_14; - then_14: goto [(l-nth(x_169, 0.) = "o")] then_15 else_14; - then_15: x_this_8 := l-nth(x_169, 1.); - goto fi_3; - else_14: x_this_9 := undefined; - fi_3: PHI(x_this_10: x_this_8, x_this_9); - x_183 := x_body_7(x_fscope_7, x_this_10, x_171_v, x_172_v) with pre_elab; - x_183_v := "i__getValue"(x_183) with pre_elab; - GPVUnfold(x_183); - x_185 := l-nth(x__sc_fst, 1.); - x_186 := {{ "v", x_185, "length", true }}; - x_187 := "i__checkAssignmentErrors"(x_186) with pre_elab; - x_188 := "i__putValue"(x_186, x_183_v) with pre_elab; - GPVUnfold(x_186); - x_189 := empty; - goto [(x_189 = empty)] next_21 next_22; - next_21: skip; - next_22: PHI(x_190: x_189, x_165); - x_191 := l-nth(x__sc_fst, 1.); - x_192 := {{ "v", x_191, "readPos", true }}; - x_192_v := "i__getValue"(x_192) with pre_elab; - GPVUnfold(x_192); - x_193_v := "i__getValue"(2.) with pre_elab; - GPVUnfold(2.); - x_192_p := "i__toPrimitive"(x_192_v) with pre_elab; - x_194_p := "i__toPrimitive"(x_193_v) with pre_elab; - goto [(((typeOf x_192_p) = Str) or ((typeOf x_194_p) = Str))] then_16 else_15; - then_16: x_192_s := "i__toStringComputed"(x_192_p) with pre_elab; - x_195_s := "i__toStringComputed"(x_194_p) with pre_elab; - x_196 := (x_192_s ++ x_195_s); - goto fi_4; - else_15: x_192_n := "i__toNumber"(x_192_p) with pre_elab; - x_197_n := "i__toNumber"(x_194_p) with pre_elab; - x_198 := (x_192_n + x_197_n); - fi_4: PHI(x_199: x_196, x_198); - x_200 := "i__checkAssignmentErrors"(x_192) with pre_elab; - x_201 := "i__putValue"(x_192, x_199) with pre_elab; - GPVUnfold(x_192); - x_199_v := "i__getValue"(x_199) with pre_elab; - GPVUnfold(x_199); - x_202 := l-nth(x__sc_fst, 1.); - x_203 := {{ "v", x_202, "readPos", true }}; - x_203_v := "i__getValue"(x_203) with pre_elab; - GPVUnfold(x_203); - x_204 := l-nth(x__sc_fst, 1.); - x_205 := {{ "v", x_204, "length", true }}; - x_205_v := "i__getValue"(x_205) with pre_elab; - GPVUnfold(x_205); - x_203_p := "i__toPrimitive"(x_203_v) with pre_elab; - x_205_p := "i__toPrimitive"(x_205_v) with pre_elab; - goto [(((typeOf x_203_p) = Str) or ((typeOf x_205_p) = Str))] then_17 else_16; - then_17: x_203_s := "i__toStringComputed"(x_203_p) with pre_elab; - x_205_s := "i__toStringComputed"(x_205_p) with pre_elab; - x_206 := (x_203_s ++ x_205_s); - goto fi_5; - else_16: x_203_n := "i__toNumber"(x_203_p) with pre_elab; - x_205_n := "i__toNumber"(x_205_p) with pre_elab; - x_207 := (x_203_n + x_205_n); - fi_5: PHI(x_208: x_206, x_207); - x_208_v := "i__getValue"(x_208) with pre_elab; - GPVUnfold(x_208); - x_209 := l-nth(x__sc_fst, 1.); - x_210 := {{ "v", x_209, "dataView", true }}; - x_210_v := "i__getValue"(x_210) with pre_elab; - GPVUnfold(x_210); - x_211 := "i__checkObjectCoercible"(x_210_v) with pre_elab; - x_212 := {{ "o", x_210_v, "byteLength", true }}; - x_212_v := "i__getValue"(x_212) with pre_elab; - GPVUnfold(x_212); - x_213 := "i__abstractComparison"(x_212_v, x_208_v, false) with pre_elab; - goto [(x_213 = undefined)] lab_21 lab_22; - lab_21: x_214 := false; - lab_22: PHI(x_215: x_213, x_214); - x_215_v := "i__getValue"(x_215) with pre_elab; - GPVUnfold(x_215); - x_215_b := "i__toBoolean"(x_215_v) with pre_elab; - goto [x_215_b] then_18 else_17; - then_18: apply PrependCElementI(#view, #outerLoopReadPos, - (#fCount - #fLeft), #doneElList, - #doneElLength, #fLeft, #remElList, - #remElLength) ; - sep_assert (IElement(#view, #outerLoopReadPos, #fCount, #fList, #remElsLength) * - (x__sc_fst == {{ $lg, _lvar_js_14 }}) * - (x__this == #this)) ; - sep_assert (Elements(#definition, #view, #outerLoopReadPos, #eLeft, #fCount, #remElsList, #remElsLength) * - (x__sc_fst == {{ $lg, _lvar_js_15 }}) * - (x__this == #this)) ; - apply PrependCElementsE(#definition, #view, #readPos, - (#eCount - #eLeft), #fCount, - #doneElsList, #doneElsLength, #eLeft, - #remElsList, #remElsLength) ; - x_216_v := "i__getValue"(false) with pre_elab; - GPVUnfold(false); - goto pre_rlab; - goto end_4; - else_17: x_217 := empty; - end_4: PHI(x_218: x_216_v, x_217); - x_219 := l-nth(x__sc_fst, 1.); - x_220 := {{ "v", x_219, "buffer", true }}; - x_220_v := "i__getValue"(x_220) with pre_elab; - GPVUnfold(x_220); - x_221 := "i__checkObjectCoercible"(x_220_v) with pre_elab; - x_222 := {{ "o", x_220_v, "slice", true }}; - x_222_v := "i__getValue"(x_222) with pre_elab; - GPVUnfold(x_222); - x_223 := l-nth(x__sc_fst, 1.); - x_224 := {{ "v", x_223, "readPos", true }}; - x_224_v := "i__getValue"(x_224) with pre_elab; - GPVUnfold(x_224); - x_225 := l-nth(x__sc_fst, 1.); - x_226 := {{ "v", x_225, "readPos", true }}; - x_226_v := "i__getValue"(x_226) with pre_elab; - GPVUnfold(x_226); - x_227 := l-nth(x__sc_fst, 1.); - x_228 := {{ "v", x_227, "length", true }}; - x_228_v := "i__getValue"(x_228) with pre_elab; - GPVUnfold(x_228); - x_226_p := "i__toPrimitive"(x_226_v) with pre_elab; - x_228_p := "i__toPrimitive"(x_228_v) with pre_elab; - goto [(((typeOf x_226_p) = Str) or ((typeOf x_228_p) = Str))] then_19 else_18; - then_19: x_226_s := "i__toStringComputed"(x_226_p) with pre_elab; - x_228_s := "i__toStringComputed"(x_228_p) with pre_elab; - x_229 := (x_226_s ++ x_228_s); - goto fi_6; - else_18: x_226_n := "i__toNumber"(x_226_p) with pre_elab; - x_228_n := "i__toNumber"(x_228_p) with pre_elab; - x_230 := (x_226_n + x_228_n); - fi_6: PHI(x_231: x_229, x_230); - x_231_v := "i__getValue"(x_231) with pre_elab; - GPVUnfold(x_231); - goto [(not ((typeOf x_222_v) = Obj))] pre_elab next_23; - next_23: gvar_aux_137 := x_222_v; - gvar_aux_138 := [GetMetadata](gvar_aux_137); - goto [(l-nth(gvar_aux_138, 1.) = none)] glab_then_12 glab_else_12; - glab_then_12: fail [ResourceError](gvar_aux_137); - glab_else_12: x_233 := l-nth(gvar_aux_138, 1.); - x_232 := "i__isCallable"(x_222_v); - goto [x_232] lab_23 pre_elab; - lab_23: gvar_aux_139 := x_233; - gvar_aux_140 := "@call"; - gvar_aux_141 := [GetCell](gvar_aux_139, gvar_aux_140); - goto [(l-nth(gvar_aux_141, 2.) = none)] glab_then_13 glab_else_13; - glab_then_13: fail [ResourceError](gvar_aux_139, gvar_aux_140); - glab_else_13: x_body_9 := l-nth(gvar_aux_141, 2.); - else_20: gvar_aux_142 := x_233; - gvar_aux_143 := "@scope"; - gvar_aux_144 := [GetCell](gvar_aux_142, gvar_aux_143); - goto [(l-nth(gvar_aux_144, 2.) = none)] glab_then_14 glab_else_14; - glab_then_14: fail [ResourceError](gvar_aux_142, gvar_aux_143); - glab_else_14: x_fscope_9 := l-nth(gvar_aux_144, 2.); - goto [((typeOf x_222) = List)] then_21 else_21; - then_21: goto [(l-nth(x_222, 0.) = "o")] then_22 else_21; - then_22: x_this_11 := l-nth(x_222, 1.); - goto fi_7; - else_21: x_this_12 := undefined; - fi_7: PHI(x_this_13: x_this_11, x_this_12); - x_242 := x_body_9(x_fscope_9, x_this_13, x_224_v, x_231_v) with pre_elab; - x_242_v := "i__getValue"(x_242) with pre_elab; - GPVUnfold(x_242); - x_244 := l-nth(x__sc_fst, 1.); - x_245 := {{ "v", x_244, "fieldBinary", true }}; - x_246 := "i__checkAssignmentErrors"(x_245) with pre_elab; - x_247 := "i__putValue"(x_245, x_242_v) with pre_elab; - GPVUnfold(x_245); - x_248 := empty; - goto [(x_248 = empty)] next_25 next_26; - next_25: skip; - next_26: PHI(x_249: x_248, x_218); - x_250 := l-nth(x__sc_fst, 1.); - x_251 := {{ "v", x_250, "readPos", true }}; - x_251_v := "i__getValue"(x_251) with pre_elab; - GPVUnfold(x_251); - x_252 := l-nth(x__sc_fst, 1.); - x_253 := {{ "v", x_252, "length", true }}; - x_253_v := "i__getValue"(x_253) with pre_elab; - GPVUnfold(x_253); - x_251_p := "i__toPrimitive"(x_251_v) with pre_elab; - x_253_p := "i__toPrimitive"(x_253_v) with pre_elab; - goto [(((typeOf x_251_p) = Str) or ((typeOf x_253_p) = Str))] then_23 else_22; - then_23: x_251_s := "i__toStringComputed"(x_251_p) with pre_elab; - x_253_s := "i__toStringComputed"(x_253_p) with pre_elab; - x_254 := (x_251_s ++ x_253_s); - goto fi_8; - else_22: x_251_n := "i__toNumber"(x_251_p) with pre_elab; - x_253_n := "i__toNumber"(x_253_p) with pre_elab; - x_255 := (x_251_n + x_253_n); - fi_8: PHI(x_256: x_254, x_255); - x_257 := "i__checkAssignmentErrors"(x_251) with pre_elab; - x_258 := "i__putValue"(x_251, x_256) with pre_elab; - GPVUnfold(x_251); - x_256_v := "i__getValue"(x_256) with pre_elab; - GPVUnfold(x_256); - sep_assert ((#remElList == l+ ({{ #fld }}, #rfld)) * - (x__sc_fst == {{ $lg, _lvar_js_16 }}) * - (x__this == #this)) [bind: #fld, - #rfld]; - if (((#definition = "Complete") or (not (#remElsList = {{ }})))) then { - apply AppendFieldCC(#view, #outerLoopReadPos, - (#fCount - #fLeft), #doneElList, - #doneElLength, #fLeft, #fld, #rfld, - #remElLength) - } else { - apply AppendFieldCI(#view, #outerLoopReadPos, (#fCount - #fLeft), - #doneElList, #doneElLength, #fLeft, #fld, #rfld, - #remElLength) - }; - x_259 := l-nth(x__sc_fst, 1.); - x_260 := {{ "v", x_259, "element", true }}; - x_260_v := "i__getValue"(x_260) with pre_elab; - GPVUnfold(x_260); - x_261 := "i__checkObjectCoercible"(x_260_v) with pre_elab; - x_262 := {{ "o", x_260_v, "push", true }}; - x_262_v := "i__getValue"(x_262) with pre_elab; - GPVUnfold(x_262); - x_263 := l-nth(x__sc_fst, 1.); - x_264 := {{ "v", x_263, "fieldBinary", true }}; - x_264_v := "i__getValue"(x_264) with pre_elab; - GPVUnfold(x_264); - goto [(not ((typeOf x_262_v) = Obj))] pre_elab next_27; - next_27: gvar_aux_145 := x_262_v; - gvar_aux_146 := [GetMetadata](gvar_aux_145); - goto [(l-nth(gvar_aux_146, 1.) = none)] glab_then_15 glab_else_15; - glab_then_15: fail [ResourceError](gvar_aux_145); - glab_else_15: x_266 := l-nth(gvar_aux_146, 1.); - x_265 := "i__isCallable"(x_262_v); - goto [x_265] lab_25 pre_elab; - lab_25: gvar_aux_147 := x_266; - gvar_aux_148 := "@call"; - gvar_aux_149 := [GetCell](gvar_aux_147, gvar_aux_148); - goto [(l-nth(gvar_aux_149, 2.) = none)] glab_then_16 glab_else_16; - glab_then_16: fail [ResourceError](gvar_aux_147, gvar_aux_148); - glab_else_16: x_body_11 := l-nth(gvar_aux_149, 2.); - else_24: gvar_aux_150 := x_266; - gvar_aux_151 := "@scope"; - gvar_aux_152 := [GetCell](gvar_aux_150, gvar_aux_151); - goto [(l-nth(gvar_aux_152, 2.) = none)] glab_then_17 glab_else_17; - glab_then_17: fail [ResourceError](gvar_aux_150, gvar_aux_151); - glab_else_17: x_fscope_11 := l-nth(gvar_aux_152, 2.); - goto [((typeOf x_262) = List)] then_25 else_25; - then_25: goto [(l-nth(x_262, 0.) = "o")] then_26 else_25; - then_26: x_this_14 := l-nth(x_262, 1.); - goto fi_9; - else_25: x_this_15 := undefined; - fi_9: PHI(x_this_16: x_this_14, x_this_15); - x_275 := x_body_11(x_fscope_11, x_this_16, x_264_v) with pre_elab; - x_275_v := "i__getValue"(x_275) with pre_elab; - GPVUnfold(x_275); - skip; - loop_c_1: PHI(x_279: x_275_v); - goto [(not (x_279 = empty))] next_29 next_30; - next_29: skip; - next_30: PHI(x_280: x_278, x_279); - goto loop_h_1; - loop_e_1: PHI(x_281: x_278); - goto [(x_281 = empty)] next_31 next_32; - next_31: skip; - next_32: PHI(x_282: x_281, x_278); - goto [(x_282 = empty)] next_33 next_34; - next_33: skip; - next_34: PHI(x_283: x_282, x_142); - unfold CElement(#view, #innerLoopReadPos, #fLeft, #remElList, - #remElLength) ; - apply CElementsAppend(#view, #readPos, (#eCount - #eLeft), - #fCount, #doneElsList, #doneElsLength, - #doneElList, #doneElLength) ; - x_284 := l-nth(x__sc_fst, 1.); - x_285 := {{ "v", x_284, "elements", true }}; - x_285_v := "i__getValue"(x_285) with pre_elab; - GPVUnfold(x_285); - x_286 := "i__checkObjectCoercible"(x_285_v) with pre_elab; - x_287 := {{ "o", x_285_v, "push", true }}; - x_287_v := "i__getValue"(x_287) with pre_elab; - GPVUnfold(x_287); - x_288 := l-nth(x__sc_fst, 1.); - x_289 := {{ "v", x_288, "element", true }}; - x_289_v := "i__getValue"(x_289) with pre_elab; - GPVUnfold(x_289); - goto [(not ((typeOf x_287_v) = Obj))] pre_elab next_35; - next_35: gvar_aux_153 := x_287_v; - gvar_aux_154 := [GetMetadata](gvar_aux_153); - goto [(l-nth(gvar_aux_154, 1.) = none)] glab_then_18 glab_else_18; - glab_then_18: fail [ResourceError](gvar_aux_153); - glab_else_18: x_291 := l-nth(gvar_aux_154, 1.); - x_290 := "i__isCallable"(x_287_v); - goto [x_290] lab_27 pre_elab; - lab_27: gvar_aux_155 := x_291; - gvar_aux_156 := "@call"; - gvar_aux_157 := [GetCell](gvar_aux_155, gvar_aux_156); - goto [(l-nth(gvar_aux_157, 2.) = none)] glab_then_19 glab_else_19; - glab_then_19: fail [ResourceError](gvar_aux_155, gvar_aux_156); - glab_else_19: x_body_13 := l-nth(gvar_aux_157, 2.); - else_27: gvar_aux_158 := x_291; - gvar_aux_159 := "@scope"; - gvar_aux_160 := [GetCell](gvar_aux_158, gvar_aux_159); - goto [(l-nth(gvar_aux_160, 2.) = none)] glab_then_20 glab_else_20; - glab_then_20: fail [ResourceError](gvar_aux_158, gvar_aux_159); - glab_else_20: x_fscope_13 := l-nth(gvar_aux_160, 2.); - goto [((typeOf x_287) = List)] then_28 else_28; - then_28: goto [(l-nth(x_287, 0.) = "o")] then_29 else_28; - then_29: x_this_17 := l-nth(x_287, 1.); - goto fi_10; - else_28: x_this_18 := undefined; - fi_10: PHI(x_this_19: x_this_17, x_this_18); - x_300 := x_body_13(x_fscope_13, x_this_19, x_289_v) with pre_elab; - x_300_v := "i__getValue"(x_300) with pre_elab; - GPVUnfold(x_300); - skip; - loop_c_0: PHI(x_304: x_300_v); - goto [(not (x_304 = empty))] next_37 next_38; - next_37: skip; - next_38: PHI(x_305: x_303, x_304); - goto loop_h_0; - loop_e_0: PHI(x_306: x_303); - goto [(x_306 = empty)] next_39 next_40; - next_39: skip; - next_40: PHI(x_307: x_306, x_303); - goto [(x_307 = empty)] next_41 next_42; - next_41: skip; - next_42: PHI(x_308: x_307, x_125); - unfold Elements(#definition, #view, #outerLoopReadPos, - #eLeft, #fCount, #remElsList, #remElsLength) ; - if ((#definition = "Complete")) then { - unfold CElements(#view, #outerLoopReadPos, #eLeft, #fCount, - #remElsList, #remElsLength) - } else { - unfold IElements(#view, #outerLoopReadPos, #eLeft, #fCount, #remElsList, - #remElsLength) - }; - x_309 := "create_default_object"($lobj_proto); - x_310 := l-nth(x__sc_fst, 1.); - x_311 := {{ "v", x_310, "elements", true }}; - x_311_v := "i__getValue"(x_311) with pre_elab; - GPVUnfold(x_311); - x_desc_0 := {{ "d", x_311_v, true, true, true }}; - x_312 := "defineOwnProperty"(x_309, "elements", x_desc_0, - true) with pre_elab; - x_313 := l-nth(x__sc_fst, 1.); - x_314 := {{ "v", x_313, "readPos", true }}; - x_314_v := "i__getValue"(x_314) with pre_elab; - GPVUnfold(x_314); - x_desc_1 := {{ "d", x_314_v, true, true, true }}; - x_315 := "defineOwnProperty"(x_309, "readPos", x_desc_1, true) with pre_elab; - x_309_v := "i__getValue"(x_309) with pre_elab; - GPVUnfold(x_309); - goto pre_rlab; - x_316 := undefined; - pre_rlab: PHI(ret: x_163_v, x_216_v, x_309_v, x_316); - x_317 := "i__purge"(x__te); - x_317 := "i__purge"(x__se); - x_317 := "i__purge"(x__re); - x__scope_f := x__sc_fst; - return; - pre_elab: PHI(ret: x_18, x_21_v, x_23_v, x_24, x_25_v, x_27_v, x_28, x_29_v, x_31_v, x_32, x_33_v, x__te, x__te, x_46_v, x_49, x_50_v, x_54, x_55, x_58_v, x_60_v, x_61_v, x_62, x_65_v, x_65_b, x_67_v, x_68, x_69_v, x_71_v, x_72, x_75_v, x_76_v, x_77_v, x__te, x__te, x_88, x_88_v, x_91_v, x_93_v, x_94_v, x_95, x_98_v, x_98_b, x_100_v, x_101_v, x_102, x_105_v, x_106_v, x_107_v, x__te, x__te, x_118, x_118_v, x_o_0_v, x_122, x_123, x__se, x_127_v, x_127_n, x_129, x_127_n_v, x_127_n_b, x_o_1_v, x_132, x_133, x_136_v, x_139, x_140, x__se, x_144_v, x_144_n, x_146, x_144_n_v, x_144_n_b, x_148_v, x_149_v, x_148_p, x_150_p, x_148_s, x_151_s, x_148_n, x_153_n, x_155_v, x_157_v, x_158, x_159_v, x_160, x_162_v, x_162_b, x_163_v, x_167_v, x_168, x_169_v, x_171_v, x_172_v, x__te, x__te, x_183, x_183_v, x_187, x_188, x_192_v, x_193_v, x_192_p, x_194_p, x_192_s, x_195_s, x_192_n, x_197_n, x_200, x_201, x_199_v, x_203_v, x_205_v, x_203_p, x_205_p, x_203_s, x_205_s, x_203_n, x_205_n, x_208_v, x_210_v, x_211, x_212_v, x_213, x_215_v, x_215_b, x_216_v, x_220_v, x_221, x_222_v, x_224_v, x_226_v, x_228_v, x_226_p, x_228_p, x_226_s, x_228_s, x_226_n, x_228_n, x_231_v, x__te, x__te, x_242, x_242_v, x_246, x_247, x_251_v, x_253_v, x_251_p, x_253_p, x_251_s, x_253_s, x_251_n, x_253_n, x_257, x_258, x_256_v, x_260_v, x_261, x_262_v, x_264_v, x__te, x__te, x_275, x_275_v, x_285_v, x_286, x_287_v, x_289_v, x__te, x__te, x_300, x_300_v, x_311_v, x_312, x_314_v, x_315, x_309_v); - x__scope_f := x__sc_fst; - throw -}; - - -@nopath -proc main() { - x_0 := "setupInitialHeap"(); - x__scope := {{ $lg }}; - x__sc_fst := {{ $lg }}; - x__this := $lg; - gvar_aux_0 := $lg; - gvar_aux_1 := "EncryptedDataKey"; - gvar_aux_2 := {{ "d", undefined, true, true, false }}; - gvar_aux_3 := [GetCell](gvar_aux_0, gvar_aux_1); - gvar_aux_4 := [SetCell](l-nth(gvar_aux_3, 0.), - l-nth(gvar_aux_3, 1.), gvar_aux_2); - gvar_aux_5 := $lg; - gvar_aux_6 := "toUtf8"; - gvar_aux_7 := {{ "d", undefined, true, true, false }}; - gvar_aux_8 := [GetCell](gvar_aux_5, gvar_aux_6); - gvar_aux_9 := [SetCell](l-nth(gvar_aux_8, 0.), - l-nth(gvar_aux_8, 1.), gvar_aux_7); - gvar_aux_10 := $lg; - gvar_aux_11 := "arguments"; - gvar_aux_12 := {{ "d", undefined, true, true, false }}; - gvar_aux_13 := [GetCell](gvar_aux_10, gvar_aux_11); - gvar_aux_14 := [SetCell](l-nth(gvar_aux_13, 0.), - l-nth(gvar_aux_13, 1.), gvar_aux_12); - x__te := "TypeError"(); - x__se := "SyntaxError"(); - x__re := "ReferenceError"(); - x_f_0 := "create_function_object"(x__sc_fst, "needs", "needs", - {{ "condition", "errorMessage" }}); - x_er_0 := l-nth(x__sc_fst, 0.); - gvar_aux_15 := x_er_0; - gvar_aux_16 := "needs"; - gvar_aux_17 := {{ "d", x_f_0, true, true, false }}; - gvar_aux_18 := [GetCell](gvar_aux_15, gvar_aux_16); - gvar_aux_19 := [SetCell](l-nth(gvar_aux_18, 0.), - l-nth(gvar_aux_18, 1.), gvar_aux_17); - x_f_1 := "create_function_object"(x__sc_fst, "readElements", - "readElements", - {{ "elementCount", - "fieldsPerElement", "buffer", - "readPos" }}); - x_er_1 := l-nth(x__sc_fst, 0.); - gvar_aux_20 := x_er_1; - gvar_aux_21 := "readElements"; - gvar_aux_22 := {{ "d", x_f_1, true, true, false }}; - gvar_aux_23 := [GetCell](gvar_aux_20, gvar_aux_21); - gvar_aux_24 := [SetCell](l-nth(gvar_aux_23, 0.), - l-nth(gvar_aux_23, 1.), gvar_aux_22); - x_f_2 := "create_function_object"(x__sc_fst, - "decodeEncryptionContext", - "decodeEncryptionContext", - {{ "encodedEncryptionContext" }}); - x_er_2 := l-nth(x__sc_fst, 0.); - gvar_aux_25 := x_er_2; - gvar_aux_26 := "decodeEncryptionContext"; - gvar_aux_27 := {{ "d", x_f_2, true, true, false }}; - gvar_aux_28 := [GetCell](gvar_aux_25, gvar_aux_26); - gvar_aux_29 := [SetCell](l-nth(gvar_aux_28, 0.), - l-nth(gvar_aux_28, 1.), gvar_aux_27); - x_1_v := "i__getValue"("use strict") with elab; - GPVUnfold("use strict"); - x_f_3 := "create_function_object"(x__sc_fst, "EncryptedDataKey", - "EncryptedDataKey", {{ "edk" }}); - x_f_3_v := "i__getValue"(x_f_3) with elab; - GPVUnfold(x_f_3); - x_2 := l-nth(x__sc_fst, 0.); - x_3 := {{ "v", x_2, "EncryptedDataKey", true }}; - x_4 := "i__checkAssignmentErrors"(x_3) with elab; - x_5 := "i__putValue"(x_3, x_f_3_v) with elab; - GPVUnfold(x_3); - x_6 := empty; - x_7 := empty; - goto [(x_6 = empty)] next_0 next_1; - next_0: skip; - next_1: PHI(x_8: x_6, x_7); - x_f_4 := "create_function_object"(x__sc_fst, "toUtf8", "toUtf8", - {{ "buffer" }}); - x_f_4_v := "i__getValue"(x_f_4) with elab; - GPVUnfold(x_f_4); - x_9 := l-nth(x__sc_fst, 0.); - x_10 := {{ "v", x_9, "toUtf8", true }}; - x_11 := "i__checkAssignmentErrors"(x_10) with elab; - x_12 := "i__putValue"(x_10, x_f_4_v) with elab; - GPVUnfold(x_10); - x_13 := empty; - goto [(x_13 = empty)] next_2 next_3; - next_2: skip; - next_3: PHI(x_14: x_13, x_8); - ret := empty; - x_15 := "i__purge"(x__te); - x_15 := "i__purge"(x__se); - x_15 := "i__purge"(x__re); - rlab: return; - elab: PHI(ret: x_1_v, x_f_3_v, x_4, x_5, x_f_4_v, x_11, x_12); - throw -}; - - -@nopath -proc toUtf8(x__scope, x__this, buffer) { - gvar_aux_161 := [Alloc](empty, null); - x__er_m := l-nth(gvar_aux_161, 0.); - gvar_aux_162 := [Alloc](empty, x__er_m); - x__er := l-nth(gvar_aux_162, 0.); - gvar_aux_163 := x__er_m; - gvar_aux_164 := "@er"; - gvar_aux_165 := true; - gvar_aux_166 := [GetCell](gvar_aux_163, gvar_aux_164); - gvar_aux_167 := [SetCell](l-nth(gvar_aux_166, 0.), - l-nth(gvar_aux_166, 1.), gvar_aux_165); - gvar_aux_168 := x__er; - gvar_aux_169 := "arguments"; - gvar_aux_170 := undefined; - gvar_aux_171 := [GetCell](gvar_aux_168, gvar_aux_169); - gvar_aux_172 := [SetCell](l-nth(gvar_aux_171, 0.), - l-nth(gvar_aux_171, 1.), gvar_aux_170); - gvar_aux_173 := x__er; - gvar_aux_174 := "buffer"; - gvar_aux_175 := buffer; - gvar_aux_176 := [GetCell](gvar_aux_173, gvar_aux_174); - gvar_aux_177 := [SetCell](l-nth(gvar_aux_176, 0.), - l-nth(gvar_aux_176, 1.), gvar_aux_175); - x__sc_fst := l+ (x__scope, {{ x__er }}); - x__te := "TypeError"(); - x__se := "SyntaxError"(); - x__re := "ReferenceError"(); - x_320 := undefined; - pre_rlab: ret := x_320; - x_321 := "i__purge"(x__te); - x_321 := "i__purge"(x__se); - x_321 := "i__purge"(x__re); - x__scope_f := x__sc_fst; - return; - pre_elab: skip; - x__scope_f := x__sc_fst; - throw -}; - - -@nopath -proc EncryptedDataKey(x__scope, x__this, edk) { - gvar_aux_178 := [Alloc](empty, null); - x__er_m := l-nth(gvar_aux_178, 0.); - gvar_aux_179 := [Alloc](empty, x__er_m); - x__er := l-nth(gvar_aux_179, 0.); - gvar_aux_180 := x__er_m; - gvar_aux_181 := "@er"; - gvar_aux_182 := true; - gvar_aux_183 := [GetCell](gvar_aux_180, gvar_aux_181); - gvar_aux_184 := [SetCell](l-nth(gvar_aux_183, 0.), - l-nth(gvar_aux_183, 1.), gvar_aux_182); - gvar_aux_185 := x__er; - gvar_aux_186 := "arguments"; - gvar_aux_187 := undefined; - gvar_aux_188 := [GetCell](gvar_aux_185, gvar_aux_186); - gvar_aux_189 := [SetCell](l-nth(gvar_aux_188, 0.), - l-nth(gvar_aux_188, 1.), gvar_aux_187); - gvar_aux_190 := x__er; - gvar_aux_191 := "edk"; - gvar_aux_192 := edk; - gvar_aux_193 := [GetCell](gvar_aux_190, gvar_aux_191); - gvar_aux_194 := [SetCell](l-nth(gvar_aux_193, 0.), - l-nth(gvar_aux_193, 1.), gvar_aux_192); - x__sc_fst := l+ (x__scope, {{ x__er }}); - x__te := "TypeError"(); - x__se := "SyntaxError"(); - x__re := "ReferenceError"(); - x_324 := undefined; - pre_rlab: ret := x_324; - x_325 := "i__purge"(x__te); - x_325 := "i__purge"(x__se); - x_325 := "i__purge"(x__re); - x__scope_f := x__sc_fst; - return; - pre_elab: skip; - x__scope_f := x__sc_fst; - throw -}; - - -@nopath -spec decodeEncryptionContext(x__scope, x__this, encodedEncryptionContext) - [[ (#this == undefined) * - (encodedEncryptionContext == #eEC) * - Uint8Array(#eEC, #aBuffer, #byteOffset, #byteLength) * - ArrayBuffer(#aBuffer, #data) * - (#EC == l-sub(#data, #byteOffset, #byteLength)) * - (#definition == "Complete") * - RawEncryptionContext(#definition, #EC, #ECKs, #errorMessage) * - ($lg, "needs"; {{ "d", #needs, true, true, false }}) * - ($lg == l-nth(#n_sc, 0.)) * - (1. == (l-len #n_sc)) * - JSFunctionObject(#needs, "needs", #n_sc, #n_len, #n_proto) * - (#n_sc == {{ $lg }}) * - ($lg, "readElements"; {{ "d", #readElements, true, true, false }}) * - ($lg == l-nth(#rE_sc, 0.)) * - (1. == (l-len #rE_sc)) * - JSFunctionObject(#readElements, "readElements", #rE_sc, #rE_len, #rE_proto) * - (#rE_sc == {{ $lg }}) * - ($lg, "toUtf8"; {{ "d", #toUtf8, true, true, false }}) * - ($lg == l-nth(#t_sc, 0.)) * - (1. == (l-len #t_sc)) * - JSFunctionObject(#toUtf8, "toUtf8", #t_sc, #t_len, #t_proto) * - (#t_sc == {{ $lg }}) * - JSInternals() * - (x__scope == {{ $lg }}) * - (x__this == #this) * - (! (x__scope == empty)) * - (! (x__this == empty)) * - (! (encodedEncryptionContext == empty)) * - (! (x__scope == none)) * - (! (x__this == none)) * - (! (encodedEncryptionContext == none)) * - ((typeOf x__scope) == List) * - (! ((typeOf x__this) == List)) * - (! ((typeOf encodedEncryptionContext) == List)) ]] - [[ Uint8Array(#eEC, #aBuffer, #byteOffset, #byteLength) * - ArrayBuffer(#aBuffer, #data) * - RawEncryptionContext(#definition, #EC, #ECKs, #errorMessage) * - DecodedEncryptionContext(ret, #ECKs) * - ($lg, "needs"; {{ "d", #needs, true, true, false }}) * - ($lg == l-nth(#n_sc, 0.)) * - (1. == (l-len #n_sc)) * - JSFunctionObject(#needs, "needs", #n_sc, #n_len, #n_proto) * - (#n_sc == {{ $lg }}) * - ($lg, "readElements"; {{ "d", #readElements, true, true, false }}) * - ($lg == l-nth(#rE_sc, 0.)) * - (1. == (l-len #rE_sc)) * - JSFunctionObject(#readElements, "readElements", #rE_sc, #rE_len, #rE_proto) * - (#rE_sc == {{ $lg }}) * - ($lg, "toUtf8"; {{ "d", #toUtf8, true, true, false }}) * - ($lg == l-nth(#t_sc, 0.)) * - (1. == (l-len #t_sc)) * - JSFunctionObject(#toUtf8, "toUtf8", #t_sc, #t_len, #t_proto) * - (#t_sc == {{ $lg }}) * - JSInternals() * - (x__this == #this) * - (x__scope == {{ $lg }}) ]] - normal -proc decodeEncryptionContext(x__scope, x__this, encodedEncryptionContext) { - gvar_aux_195 := [Alloc](empty, null); - x__er_m := l-nth(gvar_aux_195, 0.); - gvar_aux_196 := [Alloc](empty, x__er_m); - x__er := l-nth(gvar_aux_196, 0.); - gvar_aux_197 := x__er_m; - gvar_aux_198 := "@er"; - gvar_aux_199 := true; - gvar_aux_200 := [GetCell](gvar_aux_197, gvar_aux_198); - gvar_aux_201 := [SetCell](l-nth(gvar_aux_200, 0.), - l-nth(gvar_aux_200, 1.), - gvar_aux_199); - gvar_aux_202 := x__er; - gvar_aux_203 := "count"; - gvar_aux_204 := undefined; - gvar_aux_205 := [GetCell](gvar_aux_202, gvar_aux_203); - gvar_aux_206 := [SetCell](l-nth(gvar_aux_205, 0.), - l-nth(gvar_aux_205, 1.), - gvar_aux_204); - gvar_aux_207 := x__er; - gvar_aux_208 := "dataView"; - gvar_aux_209 := undefined; - gvar_aux_210 := [GetCell](gvar_aux_207, gvar_aux_208); - gvar_aux_211 := [SetCell](l-nth(gvar_aux_210, 0.), - l-nth(gvar_aux_210, 1.), - gvar_aux_209); - gvar_aux_212 := x__er; - gvar_aux_213 := "elementInfo"; - gvar_aux_214 := undefined; - gvar_aux_215 := [GetCell](gvar_aux_212, gvar_aux_213); - gvar_aux_216 := [SetCell](l-nth(gvar_aux_215, 0.), - l-nth(gvar_aux_215, 1.), - gvar_aux_214); - gvar_aux_217 := x__er; - gvar_aux_218 := "elements"; - gvar_aux_219 := undefined; - gvar_aux_220 := [GetCell](gvar_aux_217, gvar_aux_218); - gvar_aux_221 := [SetCell](l-nth(gvar_aux_220, 0.), - l-nth(gvar_aux_220, 1.), - gvar_aux_219); - gvar_aux_222 := x__er; - gvar_aux_223 := "encryptionContext"; - gvar_aux_224 := undefined; - gvar_aux_225 := [GetCell](gvar_aux_222, gvar_aux_223); - gvar_aux_226 := [SetCell](l-nth(gvar_aux_225, 0.), - l-nth(gvar_aux_225, 1.), - gvar_aux_224); - gvar_aux_227 := x__er; - gvar_aux_228 := "key"; - gvar_aux_229 := undefined; - gvar_aux_230 := [GetCell](gvar_aux_227, gvar_aux_228); - gvar_aux_231 := [SetCell](l-nth(gvar_aux_230, 0.), - l-nth(gvar_aux_230, 1.), - gvar_aux_229); - gvar_aux_232 := x__er; - gvar_aux_233 := "pairsCount"; - gvar_aux_234 := undefined; - gvar_aux_235 := [GetCell](gvar_aux_232, gvar_aux_233); - gvar_aux_236 := [SetCell](l-nth(gvar_aux_235, 0.), - l-nth(gvar_aux_235, 1.), - gvar_aux_234); - gvar_aux_237 := x__er; - gvar_aux_238 := "readPos"; - gvar_aux_239 := undefined; - gvar_aux_240 := [GetCell](gvar_aux_237, gvar_aux_238); - gvar_aux_241 := [SetCell](l-nth(gvar_aux_240, 0.), - l-nth(gvar_aux_240, 1.), - gvar_aux_239); - gvar_aux_242 := x__er; - gvar_aux_243 := "value"; - gvar_aux_244 := undefined; - gvar_aux_245 := [GetCell](gvar_aux_242, gvar_aux_243); - gvar_aux_246 := [SetCell](l-nth(gvar_aux_245, 0.), - l-nth(gvar_aux_245, 1.), - gvar_aux_244); - gvar_aux_247 := x__er; - gvar_aux_248 := "arguments"; - gvar_aux_249 := undefined; - gvar_aux_250 := [GetCell](gvar_aux_247, gvar_aux_248); - gvar_aux_251 := [SetCell](l-nth(gvar_aux_250, 0.), - l-nth(gvar_aux_250, 1.), - gvar_aux_249); - gvar_aux_252 := x__er; - gvar_aux_253 := "encodedEncryptionContext"; - gvar_aux_254 := encodedEncryptionContext; - gvar_aux_255 := [GetCell](gvar_aux_252, gvar_aux_253); - gvar_aux_256 := [SetCell](l-nth(gvar_aux_255, 0.), - l-nth(gvar_aux_255, 1.), - gvar_aux_254); - x__sc_fst := l+ (x__scope, {{ x__er }}); - x__te := "TypeError"(); - x__se := "SyntaxError"(); - x__re := "ReferenceError"(); - if ((#definition = "Complete")) then { - unfold CRawEncryptionContext(#EC, #ECKs) - } else { unfold BRawEncryptionContext(#errorMessage, #EC, #ECKs) - }; - x_328 := "hasProperty"($lg, "Object") with pre_elab; - unfold_all Pi; - goto [x_328] then_30 else_29; - then_30: x_329 := {{ "v", $lg, "Object", true }}; - goto end_5; - else_29: x_330 := {{ "v", undefined, "Object", true }}; - end_5: PHI(x_331: x_329, x_330); - x_331_v := "i__getValue"(x_331) with pre_elab; - GPVUnfold(x_331); - x_332 := "i__checkObjectCoercible"(x_331_v) with pre_elab; - x_333 := {{ "o", x_331_v, "create", true }}; - x_333_v := "i__getValue"(x_333) with pre_elab; - GPVUnfold(x_333); - x_334_v := "i__getValue"(null) with pre_elab; - GPVUnfold(null); - goto [(not ((typeOf x_333_v) = Obj))] pre_elab next_43; - next_43: gvar_aux_257 := x_333_v; - gvar_aux_258 := [GetMetadata](gvar_aux_257); - goto [(l-nth(gvar_aux_258, 1.) = none)] glab_then_21 glab_else_21; - glab_then_21: fail [ResourceError](gvar_aux_257); - glab_else_21: x_336 := l-nth(gvar_aux_258, 1.); - x_335 := "i__isCallable"(x_333_v); - goto [x_335] lab_29 pre_elab; - lab_29: gvar_aux_259 := x_336; - gvar_aux_260 := "@call"; - gvar_aux_261 := [GetCell](gvar_aux_259, gvar_aux_260); - goto [(l-nth(gvar_aux_261, 2.) = none)] glab_then_22 glab_else_22; - glab_then_22: fail [ResourceError](gvar_aux_259, gvar_aux_260); - glab_else_22: x_body_15 := l-nth(gvar_aux_261, 2.); - else_31: gvar_aux_262 := x_336; - gvar_aux_263 := "@scope"; - gvar_aux_264 := [GetCell](gvar_aux_262, gvar_aux_263); - goto [(l-nth(gvar_aux_264, 2.) = none)] glab_then_23 glab_else_23; - glab_then_23: fail [ResourceError](gvar_aux_262, gvar_aux_263); - glab_else_23: x_fscope_15 := l-nth(gvar_aux_264, 2.); - goto [((typeOf x_333) = List)] then_32 else_32; - then_32: goto [(l-nth(x_333, 0.) = "o")] then_33 else_32; - then_33: x_this_20 := l-nth(x_333, 1.); - goto fi_11; - else_32: x_this_21 := undefined; - fi_11: PHI(x_this_22: x_this_20, x_this_21); - x_345 := x_body_15(x_fscope_15, x_this_22, x_334_v) with pre_elab; - x_345_v := "i__getValue"(x_345) with pre_elab; - GPVUnfold(x_345); - x_347 := l-nth(x__sc_fst, 1.); - x_348 := {{ "v", x_347, "encryptionContext", true }}; - x_349 := "i__checkAssignmentErrors"(x_348) with pre_elab; - x_350 := "i__putValue"(x_348, x_345_v) with pre_elab; - GPVUnfold(x_348); - x_351 := empty; - x_352 := l-nth(x__sc_fst, 1.); - x_353 := {{ "v", x_352, "encodedEncryptionContext", true }}; - x_353_v := "i__getValue"(x_353) with pre_elab; - GPVUnfold(x_353); - x_354 := "i__checkObjectCoercible"(x_353_v) with pre_elab; - x_355 := {{ "o", x_353_v, "byteLength", true }}; - x_355_v := "i__getValue"(x_355) with pre_elab; - GPVUnfold(x_355); - x_355_b := "i__toBoolean"(x_355_v) with pre_elab; - x_356 := (not x_355_b); - x_356_v := "i__getValue"(x_356) with pre_elab; - GPVUnfold(x_356); - x_356_b := "i__toBoolean"(x_356_v) with pre_elab; - goto [x_356_b] then_34 else_33; - then_34: sep_assert ((! (l-nth(x__sc_fst, 1.) == $lg)) * - (! (#encryptionContext == none)) * - (l-nth(x__sc_fst, 1.), "encryptionContext"; #encryptionContext) * - JSObjGeneral(#encryptionContext, null, "Object", false) * - toUtf8PairMap(#ECKs, #utf8ECKs) * - FrozenObjectTable(#encryptionContext, #utf8ECKs) * - (x__sc_fst == {{ $lg, _lvar_js_17 }}) * - (x__this == #this)) [bind: #encryptionContext, - #utf8ECKs]; - x_357 := l-nth(x__sc_fst, 1.); - x_358 := {{ "v", x_357, "encryptionContext", true }}; - x_358_v := "i__getValue"(x_358) with pre_elab; - GPVUnfold(x_358); - goto pre_rlab; - goto end_6; - else_33: x_359 := empty; - end_6: PHI(x_360: x_358_v, x_359); - goto [(x_360 = empty)] next_45 next_46; - next_45: skip; - next_46: PHI(x_361: x_360, x_351); - x_362 := "hasProperty"($lg, "DataView") with pre_elab; - unfold_all Pi; - goto [x_362] then_35 else_34; - then_35: x_363 := {{ "v", $lg, "DataView", true }}; - goto end_7; - else_34: x_364 := {{ "v", undefined, "DataView", true }}; - end_7: PHI(x_365: x_363, x_364); - x_365_v := "i__getValue"(x_365) with pre_elab; - GPVUnfold(x_365); - x_366 := l-nth(x__sc_fst, 1.); - x_367 := {{ "v", x_366, "encodedEncryptionContext", true }}; - x_367_v := "i__getValue"(x_367) with pre_elab; - GPVUnfold(x_367); - x_368 := "i__checkObjectCoercible"(x_367_v) with pre_elab; - x_369 := {{ "o", x_367_v, "buffer", true }}; - x_369_v := "i__getValue"(x_369) with pre_elab; - GPVUnfold(x_369); - x_370 := l-nth(x__sc_fst, 1.); - x_371 := {{ "v", x_370, "encodedEncryptionContext", true }}; - x_371_v := "i__getValue"(x_371) with pre_elab; - GPVUnfold(x_371); - x_372 := "i__checkObjectCoercible"(x_371_v) with pre_elab; - x_373 := {{ "o", x_371_v, "byteOffset", true }}; - x_373_v := "i__getValue"(x_373) with pre_elab; - GPVUnfold(x_373); - x_374 := l-nth(x__sc_fst, 1.); - x_375 := {{ "v", x_374, "encodedEncryptionContext", true }}; - x_375_v := "i__getValue"(x_375) with pre_elab; - GPVUnfold(x_375); - x_376 := "i__checkObjectCoercible"(x_375_v) with pre_elab; - x_377 := {{ "o", x_375_v, "byteLength", true }}; - x_377_v := "i__getValue"(x_377) with pre_elab; - GPVUnfold(x_377); - goto [(not ((typeOf x_365_v) = Obj))] pre_elab next_47; - next_47: gvar_aux_265 := x_365_v; - gvar_aux_266 := [GetMetadata](gvar_aux_265); - goto [(l-nth(gvar_aux_266, 1.) = none)] glab_then_24 glab_else_24; - glab_then_24: fail [ResourceError](gvar_aux_265); - glab_else_24: x_378 := l-nth(gvar_aux_266, 1.); - gvar_aux_267 := x_378; - gvar_aux_268 := "@construct"; - gvar_aux_269 := [GetCell](gvar_aux_267, gvar_aux_268); - x_379 := (not (l-nth(gvar_aux_269, 2.) = none)); - goto [x_379] then_36 pre_elab; - then_36: x_390 := {{ "o", x_365_v, "prototype", true }}; - x_390_v := "i__getValue"(x_390) with pre_elab; - GPVUnfold(x_390); - goto [((typeOf x_390_v) = Obj)] else_37 then_39; - then_39: x_391 := $lobj_proto; - else_37: PHI(x_392: x_390_v, x_391); - x_this_24 := "create_default_object"(x_392); - gvar_aux_270 := x_378; - gvar_aux_271 := "@construct"; - gvar_aux_272 := [GetCell](gvar_aux_270, gvar_aux_271); - goto [(l-nth(gvar_aux_272, 2.) = none)] glab_then_25 glab_else_25; - glab_then_25: fail [ResourceError](gvar_aux_270, gvar_aux_271); - glab_else_25: x_body_17 := l-nth(gvar_aux_272, 2.); - gvar_aux_273 := x_378; - gvar_aux_274 := "@scope"; - gvar_aux_275 := [GetCell](gvar_aux_273, gvar_aux_274); - goto [(l-nth(gvar_aux_275, 2.) = none)] glab_then_26 glab_else_26; - glab_then_26: fail [ResourceError](gvar_aux_273, gvar_aux_274); - glab_else_26: x_fscope_17 := l-nth(gvar_aux_275, 2.); - x_393 := x_body_17(x_fscope_17, x_this_24, x_369_v, x_373_v, - x_377_v) with pre_elab; - goto [((typeOf x_393) = Obj)] next_51 next_50; - next_50: skip; - next_51: PHI(x_394: x_393, x_this_24); - x_394_v := "i__getValue"(x_394) with pre_elab; - GPVUnfold(x_394); - x_396 := l-nth(x__sc_fst, 1.); - x_397 := {{ "v", x_396, "dataView", true }}; - x_398 := "i__checkAssignmentErrors"(x_397) with pre_elab; - x_399 := "i__putValue"(x_397, x_394_v) with pre_elab; - GPVUnfold(x_397); - x_400 := empty; - goto [(x_400 = empty)] next_52 next_53; - next_52: skip; - next_53: PHI(x_401: x_400, x_361); - x_402 := l-nth(x__sc_fst, 1.); - x_403 := {{ "v", x_402, "dataView", true }}; - x_403_v := "i__getValue"(x_403) with pre_elab; - GPVUnfold(x_403); - x_404 := "i__checkObjectCoercible"(x_403_v) with pre_elab; - x_405 := {{ "o", x_403_v, "getUint16", true }}; - x_405_v := "i__getValue"(x_405) with pre_elab; - GPVUnfold(x_405); - x_406_v := "i__getValue"(0.) with pre_elab; - GPVUnfold(0.); - x_407_v := "i__getValue"(false) with pre_elab; - GPVUnfold(false); - goto [(not ((typeOf x_405_v) = Obj))] pre_elab next_54; - next_54: gvar_aux_276 := x_405_v; - gvar_aux_277 := [GetMetadata](gvar_aux_276); - goto [(l-nth(gvar_aux_277, 1.) = none)] glab_then_27 glab_else_27; - glab_then_27: fail [ResourceError](gvar_aux_276); - glab_else_27: x_409 := l-nth(gvar_aux_277, 1.); - x_408 := "i__isCallable"(x_405_v); - goto [x_408] lab_32 pre_elab; - lab_32: gvar_aux_278 := x_409; - gvar_aux_279 := "@call"; - gvar_aux_280 := [GetCell](gvar_aux_278, gvar_aux_279); - goto [(l-nth(gvar_aux_280, 2.) = none)] glab_then_28 glab_else_28; - glab_then_28: fail [ResourceError](gvar_aux_278, gvar_aux_279); - glab_else_28: x_body_19 := l-nth(gvar_aux_280, 2.); - else_39: gvar_aux_281 := x_409; - gvar_aux_282 := "@scope"; - gvar_aux_283 := [GetCell](gvar_aux_281, gvar_aux_282); - goto [(l-nth(gvar_aux_283, 2.) = none)] glab_then_29 glab_else_29; - glab_then_29: fail [ResourceError](gvar_aux_281, gvar_aux_282); - glab_else_29: x_fscope_19 := l-nth(gvar_aux_283, 2.); - goto [((typeOf x_405) = List)] then_41 else_40; - then_41: goto [(l-nth(x_405, 0.) = "o")] then_42 else_40; - then_42: x_this_25 := l-nth(x_405, 1.); - goto fi_12; - else_40: x_this_26 := undefined; - fi_12: PHI(x_this_27: x_this_25, x_this_26); - x_418 := x_body_19(x_fscope_19, x_this_27, x_406_v, x_407_v) with pre_elab; - x_418_v := "i__getValue"(x_418) with pre_elab; - GPVUnfold(x_418); - x_420 := l-nth(x__sc_fst, 1.); - x_421 := {{ "v", x_420, "pairsCount", true }}; - x_422 := "i__checkAssignmentErrors"(x_421) with pre_elab; - x_423 := "i__putValue"(x_421, x_418_v) with pre_elab; - GPVUnfold(x_421); - x_424 := empty; - goto [(x_424 = empty)] next_56 next_57; - next_56: skip; - next_57: PHI(x_425: x_424, x_401); - x_426 := l-nth(x__sc_fst, 0.); - x_427 := {{ "v", x_426, "readElements", true }}; - x_427_v := "i__getValue"(x_427) with pre_elab; - GPVUnfold(x_427); - x_428 := l-nth(x__sc_fst, 1.); - x_429 := {{ "v", x_428, "pairsCount", true }}; - x_429_v := "i__getValue"(x_429) with pre_elab; - GPVUnfold(x_429); - x_430_v := "i__getValue"(2.) with pre_elab; - GPVUnfold(2.); - x_431 := l-nth(x__sc_fst, 1.); - x_432 := {{ "v", x_431, "encodedEncryptionContext", true }}; - x_432_v := "i__getValue"(x_432) with pre_elab; - GPVUnfold(x_432); - x_433_v := "i__getValue"(2.) with pre_elab; - GPVUnfold(2.); - goto [(not ((typeOf x_427_v) = Obj))] pre_elab next_58; - next_58: gvar_aux_284 := x_427_v; - gvar_aux_285 := [GetMetadata](gvar_aux_284); - goto [(l-nth(gvar_aux_285, 1.) = none)] glab_then_30 glab_else_30; - glab_then_30: fail [ResourceError](gvar_aux_284); - glab_else_30: x_435 := l-nth(gvar_aux_285, 1.); - x_434 := "i__isCallable"(x_427_v); - goto [x_434] lab_34 pre_elab; - lab_34: gvar_aux_286 := x_435; - gvar_aux_287 := "@call"; - gvar_aux_288 := [GetCell](gvar_aux_286, gvar_aux_287); - goto [(l-nth(gvar_aux_288, 2.) = none)] glab_then_31 glab_else_31; - glab_then_31: fail [ResourceError](gvar_aux_286, gvar_aux_287); - glab_else_31: x_body_21 := l-nth(gvar_aux_288, 2.); - else_42: gvar_aux_289 := x_435; - gvar_aux_290 := "@scope"; - gvar_aux_291 := [GetCell](gvar_aux_289, gvar_aux_290); - goto [(l-nth(gvar_aux_291, 2.) = none)] glab_then_32 glab_else_32; - glab_then_32: fail [ResourceError](gvar_aux_289, gvar_aux_290); - glab_else_32: x_fscope_21 := l-nth(gvar_aux_291, 2.); - goto [((typeOf x_427) = List)] then_44 else_43; - then_44: goto [(l-nth(x_427, 0.) = "o")] then_45 else_43; - then_45: x_this_28 := l-nth(x_427, 1.); - goto fi_13; - else_43: x_this_29 := undefined; - fi_13: PHI(x_this_30: x_this_28, x_this_29); - x_444 := x_body_21(x_fscope_21, x_this_30, x_429_v, x_430_v, - x_432_v, x_433_v) with pre_elab; - x_444_v := "i__getValue"(x_444) with pre_elab; - GPVUnfold(x_444); - x_446 := l-nth(x__sc_fst, 1.); - x_447 := {{ "v", x_446, "elementInfo", true }}; - x_448 := "i__checkAssignmentErrors"(x_447) with pre_elab; - x_449 := "i__putValue"(x_447, x_444_v) with pre_elab; - GPVUnfold(x_447); - x_450 := empty; - goto [(x_450 = empty)] next_60 next_61; - next_60: skip; - next_61: PHI(x_451: x_450, x_425); - x_452 := l-nth(x__sc_fst, 1.); - x_453 := {{ "v", x_452, "elementInfo", true }}; - x_453_v := "i__getValue"(x_453) with pre_elab; - GPVUnfold(x_453); - x_453_b := "i__toBoolean"(x_453_v) with pre_elab; - x_454 := (not x_453_b); - x_454_v := "i__getValue"(x_454) with pre_elab; - GPVUnfold(x_454); - x_454_b := "i__toBoolean"(x_454_v) with pre_elab; - goto [x_454_b] then_51 else_48; - then_51: x_455 := "hasProperty"($lg, "Error") with pre_elab; - unfold_all Pi; - goto [x_455] then_46 else_44; - then_46: x_456 := {{ "v", $lg, "Error", true }}; - goto end_8; - else_44: x_457 := {{ "v", undefined, "Error", true }}; - end_8: PHI(x_458: x_456, x_457); - x_458_v := "i__getValue"(x_458) with pre_elab; - GPVUnfold(x_458); - x_459_v := "i__getValue"("decodeEncryptionContext: Underflow, not enough data.") with pre_elab; - GPVUnfold("decodeEncryptionContext: Underflow, not enough data."); - goto [(not ((typeOf x_458_v) = Obj))] pre_elab next_62; - next_62: gvar_aux_292 := x_458_v; - gvar_aux_293 := [GetMetadata](gvar_aux_292); - goto [(l-nth(gvar_aux_293, 1.) = none)] glab_then_33 glab_else_33; - glab_then_33: fail [ResourceError](gvar_aux_292); - glab_else_33: x_460 := l-nth(gvar_aux_293, 1.); - gvar_aux_294 := x_460; - gvar_aux_295 := "@construct"; - gvar_aux_296 := [GetCell](gvar_aux_294, gvar_aux_295); - x_461 := (not (l-nth(gvar_aux_296, 2.) = none)); - goto [x_461] then_47 pre_elab; - then_47: x_472 := {{ "o", x_458_v, "prototype", true }}; - x_472_v := "i__getValue"(x_472) with pre_elab; - GPVUnfold(x_472); - goto [((typeOf x_472_v) = Obj)] else_47 then_50; - then_50: x_473 := $lobj_proto; - else_47: PHI(x_474: x_472_v, x_473); - x_this_32 := "create_default_object"(x_474); - gvar_aux_297 := x_460; - gvar_aux_298 := "@construct"; - gvar_aux_299 := [GetCell](gvar_aux_297, gvar_aux_298); - goto [(l-nth(gvar_aux_299, 2.) = none)] glab_then_34 glab_else_34; - glab_then_34: fail [ResourceError](gvar_aux_297, gvar_aux_298); - glab_else_34: x_body_23 := l-nth(gvar_aux_299, 2.); - gvar_aux_300 := x_460; - gvar_aux_301 := "@scope"; - gvar_aux_302 := [GetCell](gvar_aux_300, gvar_aux_301); - goto [(l-nth(gvar_aux_302, 2.) = none)] glab_then_35 glab_else_35; - glab_then_35: fail [ResourceError](gvar_aux_300, gvar_aux_301); - glab_else_35: x_fscope_23 := l-nth(gvar_aux_302, 2.); - x_475 := x_body_23(x_fscope_23, x_this_32, x_459_v) with pre_elab; - goto [((typeOf x_475) = Obj)] next_66 next_65; - next_65: skip; - next_66: PHI(x_476: x_475, x_this_32); - x_476_v := "i__getValue"(x_476) with pre_elab; - GPVUnfold(x_476); - goto pre_elab; - x_479 := empty; - goto end_9; - else_48: x_478 := empty; - end_9: PHI(x_480: x_479, x_478); - x_481 := l-nth(x__sc_fst, 1.); - x_482 := {{ "v", x_481, "elementInfo", true }}; - x_482_v := "i__getValue"(x_482) with pre_elab; - GPVUnfold(x_482); - x_483 := "i__checkObjectCoercible"(x_482_v) with pre_elab; - x_484 := {{ "o", x_482_v, "elements", true }}; - x_484_v := "i__getValue"(x_484) with pre_elab; - GPVUnfold(x_484); - x_485 := l-nth(x__sc_fst, 1.); - x_486 := {{ "v", x_485, "elements", true }}; - x_487 := "i__checkAssignmentErrors"(x_486) with pre_elab; - x_488 := "i__putValue"(x_486, x_484_v) with pre_elab; - GPVUnfold(x_486); - x_489 := l-nth(x__sc_fst, 1.); - x_490 := {{ "v", x_489, "elementInfo", true }}; - x_490_v := "i__getValue"(x_490) with pre_elab; - GPVUnfold(x_490); - x_491 := "i__checkObjectCoercible"(x_490_v) with pre_elab; - x_492 := {{ "o", x_490_v, "readPos", true }}; - x_492_v := "i__getValue"(x_492) with pre_elab; - GPVUnfold(x_492); - x_493 := l-nth(x__sc_fst, 1.); - x_494 := {{ "v", x_493, "readPos", true }}; - x_495 := "i__checkAssignmentErrors"(x_494) with pre_elab; - x_496 := "i__putValue"(x_494, x_492_v) with pre_elab; - GPVUnfold(x_494); - x_497 := empty; - goto [(x_497 = empty)] next_67 next_68; - next_67: skip; - next_68: PHI(x_498: x_497, x_480); - x_499 := l-nth(x__sc_fst, 0.); - x_500 := {{ "v", x_499, "needs", true }}; - x_500_v := "i__getValue"(x_500) with pre_elab; - GPVUnfold(x_500); - x_501 := l-nth(x__sc_fst, 1.); - x_502 := {{ "v", x_501, "encodedEncryptionContext", true }}; - x_502_v := "i__getValue"(x_502) with pre_elab; - GPVUnfold(x_502); - x_503 := "i__checkObjectCoercible"(x_502_v) with pre_elab; - x_504 := {{ "o", x_502_v, "byteLength", true }}; - x_504_v := "i__getValue"(x_504) with pre_elab; - GPVUnfold(x_504); - x_505 := l-nth(x__sc_fst, 1.); - x_506 := {{ "v", x_505, "readPos", true }}; - x_506_v := "i__getValue"(x_506) with pre_elab; - GPVUnfold(x_506); - x_507 := "i__strictEquality"(x_504_v, x_506_v) with pre_elab; - x_507_v := "i__getValue"(x_507) with pre_elab; - GPVUnfold(x_507); - x_508_v := "i__getValue"("decodeEncryptionContext: Overflow, too much data.") with pre_elab; - GPVUnfold("decodeEncryptionContext: Overflow, too much data."); - goto [(not ((typeOf x_500_v) = Obj))] pre_elab next_69; - next_69: gvar_aux_303 := x_500_v; - gvar_aux_304 := [GetMetadata](gvar_aux_303); - goto [(l-nth(gvar_aux_304, 1.) = none)] glab_then_36 glab_else_36; - glab_then_36: fail [ResourceError](gvar_aux_303); - glab_else_36: x_510 := l-nth(gvar_aux_304, 1.); - x_509 := "i__isCallable"(x_500_v); - goto [x_509] lab_37 pre_elab; - lab_37: gvar_aux_305 := x_510; - gvar_aux_306 := "@call"; - gvar_aux_307 := [GetCell](gvar_aux_305, gvar_aux_306); - goto [(l-nth(gvar_aux_307, 2.) = none)] glab_then_37 glab_else_37; - glab_then_37: fail [ResourceError](gvar_aux_305, gvar_aux_306); - glab_else_37: x_body_25 := l-nth(gvar_aux_307, 2.); - else_50: gvar_aux_308 := x_510; - gvar_aux_309 := "@scope"; - gvar_aux_310 := [GetCell](gvar_aux_308, gvar_aux_309); - goto [(l-nth(gvar_aux_310, 2.) = none)] glab_then_38 glab_else_38; - glab_then_38: fail [ResourceError](gvar_aux_308, gvar_aux_309); - glab_else_38: x_fscope_25 := l-nth(gvar_aux_310, 2.); - goto [((typeOf x_500) = List)] then_53 else_51; - then_53: goto [(l-nth(x_500, 0.) = "o")] then_54 else_51; - then_54: x_this_33 := l-nth(x_500, 1.); - goto fi_14; - else_51: x_this_34 := undefined; - fi_14: PHI(x_this_35: x_this_33, x_this_34); - x_519 := x_body_25(x_fscope_25, x_this_35, x_507_v, x_508_v) with pre_elab; - x_519_v := "i__getValue"(x_519) with pre_elab; - GPVUnfold(x_519); - sep_assert ((#EC == l+ ({{ #b0, #b1 }}, #rest)) * - Elements("Complete", #EC, 2., ((256. * #b0) + #b1), 2., #ECKs, (l-len #rest)) * - (x__sc_fst == {{ $lg, _lvar_js_18 }}) * - (x__this == #this)) [bind: #b0, - #b1, #rest]; - unfold Elements("Complete", #EC, 2., ((256. * #b0) + #b1), - 2., #ECKs, (l-len #rest)) ; - sep_assert ((! (l-nth(x__sc_fst, 1.) == $lg)) * - (! (#pairsCount == none)) * - (l-nth(x__sc_fst, 1.), "pairsCount"; #pairsCount) * - (#pairsCount == (l-len #ECKs)) * - (! (l-nth(x__sc_fst, 1.) == $lg)) * - (! (#elements == none)) * - (l-nth(x__sc_fst, 1.), "elements"; #elements) * - ArrayOfArraysOfUInt8Arrays(#elements, #ECKs) * - (! (l-nth(x__sc_fst, 1.) == $lg)) * - (! (#dECObj == none)) * - (l-nth(x__sc_fst, 1.), "encryptionContext"; #dECObj) * - JSObjWithProto(#dECObj, null) * - (#dECObj, -{ }-; ) * - toUtf8PairMap(#ECKs, #utf8ECKs) * - FirstProj(#ECKs, #rProps) * - UniqueOrDuplicated(#definition, #rProps, {{ }}, #rProps) * - (x__sc_fst == {{ $lg, _lvar_js_19 }}) * - (x__this == #this)) [bind: #pairsCount, - #elements, #dECObj, #utf8ECKs, #rProps]; - x_521_v := "i__getValue"(0.) with pre_elab; - GPVUnfold(0.); - x_522 := l-nth(x__sc_fst, 1.); - x_523 := {{ "v", x_522, "count", true }}; - x_524 := "i__checkAssignmentErrors"(x_523) with pre_elab; - x_525 := "i__putValue"(x_523, x_521_v) with pre_elab; - GPVUnfold(x_523); - x_523_v := "i__getValue"(x_523) with pre_elab; - GPVUnfold(x_523); - x_526 := empty; - loop_h_2: invariant ((! (l-nth(x__sc_fst, 1.) == $lg)) * - (! (#pairsCount == none)) * - (l-nth(x__sc_fst, 1.), "pairsCount"; #pairsCount) * - (! (l-nth(x__sc_fst, 1.) == $lg)) * - (! (#elements == none)) * - (l-nth(x__sc_fst, 1.), "elements"; #elements) * - (! (l-nth(x__sc_fst, 1.) == $lg)) * - (! (#dECObj == none)) * - (l-nth(x__sc_fst, 1.), "encryptionContext"; #dECObj) * - ($lg, "needs"; {{ "d", #needs, true, true, false }}) * - ($lg == l-nth(#n_sc, 0.)) * - (1. == (l-len #n_sc)) * - JSFunctionObject(#needs, "needs", #n_sc, #n_len, #n_proto) * - (#n_sc == {{ $lg }}) * - ($lg, "toUtf8"; {{ "d", #toUtf8, true, true, false }}) * - ($lg == l-nth(#t_sc, 0.)) * - (1. == (l-len #t_sc)) * - JSFunctionObject(#toUtf8, "toUtf8", #t_sc, #t_len, #t_proto) * - (#t_sc == {{ $lg }}) * - (! (l-nth(x__sc_fst, 1.) == $lg)) * - (! (_lvar_js_20 == none)) * - (l-nth(x__sc_fst, 1.), "key"; _lvar_js_20) * - (! (l-nth(x__sc_fst, 1.) == $lg)) * - (! (_lvar_js_21 == none)) * - (l-nth(x__sc_fst, 1.), "value"; _lvar_js_21) * - toUtf8PairMap(#ECKs, #utf8ECKs) * - FirstProj(#ECKs, #rProps) * - CElements(#EC, 2., ((256. * #b0) + #b1), 2., #ECKs, (l-len #rest)) * - UniqueOrDuplicated(#definition, #rProps, {{ }}, #rProps) * - JSInternals() * - (! (l-nth(x__sc_fst, 1.) == $lg)) * - (! (#count == none)) * - (l-nth(x__sc_fst, 1.), "count"; #count) * - (#count <=# #pairsCount) * - ArrayStructure(#elements, #pairsCount) * - ArrayOfArraysOfUInt8ArraysContents(#elements, #done, 0., #count) * - ArrayOfArraysOfUInt8ArraysContents(#elements, #left, #count, (#pairsCount - #count)) * - (#ECKs == l+ (#done, #left)) * - FirstProj(#done, #doneRProps) * - Unique(#doneRProps) * - FirstProj(#left, #leftRProps) * - UniqueOrDuplicated(#definition, #leftRProps, #doneRProps, #leftRProps) * - toUtf8PairMap(#done, #utf8Done) * - JSObjWithProto(#dECObj, null) * - ObjectTable(#dECObj, #utf8Done) * - (x__sc_fst == {{ $lg, _lvar_js_22 }}) * - (x__this == #this)) [existentials: #count, - #done, - #left, - #doneRProps, - #leftRProps, - #utf8Done]; - PHI(x_624: x_526, x_626); - x_527 := l-nth(x__sc_fst, 1.); - x_528 := {{ "v", x_527, "count", true }}; - x_528_v := "i__getValue"(x_528) with pre_elab; - GPVUnfold(x_528); - x_529 := l-nth(x__sc_fst, 1.); - x_530 := {{ "v", x_529, "pairsCount", true }}; - x_530_v := "i__getValue"(x_530) with pre_elab; - GPVUnfold(x_530); - x_531 := "i__abstractComparison"(x_528_v, x_530_v, true) with pre_elab; - goto [(x_531 = undefined)] lab_39 lab_40; - lab_39: x_532 := false; - lab_40: PHI(x_533: x_531, x_532); - x_533_v := "i__getValue"(x_533) with pre_elab; - GPVUnfold(x_533); - x_533_b := "i__toBoolean"(x_533_v) with pre_elab; - goto [x_533_b] loop_b_3 loop_e_2; - loop_b_3: unfold ArrayStructure(#elements, #pairsCount) ; - unfold UniqueOrDuplicated(#definition, #rProps, {{ }}, - #rProps) ; - unfold UniqueOrDuplicated(#definition, #leftRProps, - #doneRProps, #leftRProps) ; - unfold ArrayOfArraysOfUInt8ArraysContents(#elements, #left, - #count, - (#pairsCount - #count)) [bind: (#elementContents := #ECK) and (#rest := #rest_left)]; - apply CElementsElementLength(#EC, 2., ((256. * #b0) + #b1), - 2., #ECKs, #done, #ECK, - #rest_left) ; - sep_assert ((#ECK == {{ #new_prop, #new_value }}) * - (x__sc_fst == {{ $lg, _lvar_js_23 }}) * - (x__this == #this)) ; - x_538 := l-nth(x__sc_fst, 1.); - x_539 := {{ "v", x_538, "elements", true }}; - x_539_v := "i__getValue"(x_539) with pre_elab; - GPVUnfold(x_539); - x_540 := l-nth(x__sc_fst, 1.); - x_541 := {{ "v", x_540, "count", true }}; - x_541_v := "i__getValue"(x_541) with pre_elab; - GPVUnfold(x_541); - x_542 := "i__checkObjectCoercible"(x_539_v) with pre_elab; - x_541_s := "i__toStringComputed"(x_541_v) with pre_elab; - x_543 := {{ "o", x_539_v, x_541_s, true }}; - x_543_v := "i__getValue"(x_543) with pre_elab; - GPVUnfold(x_543); - x_544 := "i__checkObjectCoercible"(x_543_v) with pre_elab; - x_545 := {{ "o", x_543_v, "map", true }}; - x_545_v := "i__getValue"(x_545) with pre_elab; - GPVUnfold(x_545); - x_546 := l-nth(x__sc_fst, 0.); - x_547 := {{ "v", x_546, "toUtf8", true }}; - x_547_v := "i__getValue"(x_547) with pre_elab; - GPVUnfold(x_547); - goto [(not ((typeOf x_545_v) = Obj))] pre_elab next_71; - next_71: gvar_aux_311 := x_545_v; - gvar_aux_312 := [GetMetadata](gvar_aux_311); - goto [(l-nth(gvar_aux_312, 1.) = none)] glab_then_39 glab_else_39; - glab_then_39: fail [ResourceError](gvar_aux_311); - glab_else_39: x_549 := l-nth(gvar_aux_312, 1.); - x_548 := "i__isCallable"(x_545_v); - goto [x_548] lab_43 pre_elab; - lab_43: gvar_aux_313 := x_549; - gvar_aux_314 := "@call"; - gvar_aux_315 := [GetCell](gvar_aux_313, gvar_aux_314); - goto [(l-nth(gvar_aux_315, 2.) = none)] glab_then_40 glab_else_40; - glab_then_40: fail [ResourceError](gvar_aux_313, gvar_aux_314); - glab_else_40: x_body_27 := l-nth(gvar_aux_315, 2.); - else_53: gvar_aux_316 := x_549; - gvar_aux_317 := "@scope"; - gvar_aux_318 := [GetCell](gvar_aux_316, gvar_aux_317); - goto [(l-nth(gvar_aux_318, 2.) = none)] glab_then_41 glab_else_41; - glab_then_41: fail [ResourceError](gvar_aux_316, gvar_aux_317); - glab_else_41: x_fscope_27 := l-nth(gvar_aux_318, 2.); - goto [((typeOf x_545) = List)] then_56 else_54; - then_56: goto [(l-nth(x_545, 0.) = "o")] then_57 else_54; - then_57: x_this_36 := l-nth(x_545, 1.); - goto fi_15; - else_54: x_this_37 := undefined; - fi_15: PHI(x_this_38: x_this_36, x_this_37); - x_558 := x_body_27(x_fscope_27, x_this_38, x_547_v) with pre_elab; - x_558_v := "i__getValue"(x_558) with pre_elab; - GPVUnfold(x_558); - x_560 := l-nth(x__sc_fst, 1.); - x_561 := {{ "v", x_560, "value", true }}; - x_562 := "i__checkAssignmentErrors"(x_561) with pre_elab; - x_563 := "i__putValue"(x_561, x_558_v) with pre_elab; - GPVUnfold(x_561); - x_564 := l-nth(x__sc_fst, 1.); - x_565 := {{ "v", x_564, "value", true }}; - x_565_v := "i__getValue"(x_565) with pre_elab; - GPVUnfold(x_565); - x_566_v := "i__getValue"(0.) with pre_elab; - GPVUnfold(0.); - x_567 := "i__checkObjectCoercible"(x_565_v) with pre_elab; - x_568_s := "i__toStringComputed"(x_566_v) with pre_elab; - x_569 := {{ "o", x_565_v, x_568_s, true }}; - x_569_v := "i__getValue"(x_569) with pre_elab; - GPVUnfold(x_569); - x_570 := l-nth(x__sc_fst, 1.); - x_571 := {{ "v", x_570, "key", true }}; - x_572 := "i__checkAssignmentErrors"(x_571) with pre_elab; - x_573 := "i__putValue"(x_571, x_569_v) with pre_elab; - GPVUnfold(x_571); - x_574 := l-nth(x__sc_fst, 1.); - x_575 := {{ "v", x_574, "value", true }}; - x_575_v := "i__getValue"(x_575) with pre_elab; - GPVUnfold(x_575); - x_576_v := "i__getValue"(1.) with pre_elab; - GPVUnfold(1.); - x_577 := "i__checkObjectCoercible"(x_575_v) with pre_elab; - x_578_s := "i__toStringComputed"(x_576_v) with pre_elab; - x_579 := {{ "o", x_575_v, x_578_s, true }}; - x_579_v := "i__getValue"(x_579) with pre_elab; - GPVUnfold(x_579); - x_580 := l-nth(x__sc_fst, 1.); - x_581 := {{ "v", x_580, "value", true }}; - x_582 := "i__checkAssignmentErrors"(x_581) with pre_elab; - x_583 := "i__putValue"(x_581, x_579_v) with pre_elab; - GPVUnfold(x_581); - x_584 := empty; - sep_assert (toUtf8(#new_prop, #utf8NProp) * - (x__sc_fst == {{ $lg, _lvar_js_24 }}) * - (x__this == #this)) [bind: #utf8NProp]; - sep_assert (toUtf8(#new_value, #utf8NVal) * - (x__sc_fst == {{ $lg, _lvar_js_25 }}) * - (x__this == #this)) [bind: #utf8NVal]; - unfold ObjectTable(#dECObj, #utf8Done) [bind: (#pList := #doneProps) and (#pSet := #donePropsSet)]; - apply FirstProjConcatSplit(#ECKs, #done, #left) ; - apply ProduceListToSet(#doneRProps) ; - apply ProduceListToSet(#leftRProps) ; - sep_assert (ListToSet(#doneRProps, #doneRPropsSet) * - (x__sc_fst == {{ $lg, _lvar_js_26 }}) * - (x__this == #this)) [bind: #doneRPropsSet]; - unfold FirstProj(#left, #leftRProps) ; - apply HeadInSet(#leftRProps) ; - if ((#definition = "Complete")) then { - apply UniqueConcatSplitNotInSuffix(#rProps, #doneRProps, - #leftRProps, #new_prop) ; - apply FirstProjToUtf8MapPairCompat(#done) ; - apply NotInListToUtf8(#new_prop, #doneRProps) ; - apply ObjectTableAbsentProperty(#dECObj, #utf8Done, - #utf8NProp) - } else { apply FirstProjToUtf8MapPairCompat(#done) ; - unfold Duplicated(#doneRProps, #leftRProps) [bind: (#preSet := #doneRPropsSet2)]; - apply ListToSetFunction(#doneRProps, #doneRPropsSet, #doneRProps, - #doneRPropsSet2) ; - if ((#new_prop -e- #doneRPropsSet)) then { - apply InListToUtf8(#new_prop, #doneRProps) ; - apply ObjectTablePresentProperty(#dECObj, #utf8Done, #utf8NProp) - } else { apply NotInListToUtf8(#new_prop, #doneRProps) ; - apply ObjectTableAbsentProperty(#dECObj, #utf8Done, #utf8NProp) } - }; - x_585 := l-nth(x__sc_fst, 0.); - x_586 := {{ "v", x_585, "needs", true }}; - x_586_v := "i__getValue"(x_586) with pre_elab; - GPVUnfold(x_586); - x_587 := l-nth(x__sc_fst, 1.); - x_588 := {{ "v", x_587, "encryptionContext", true }}; - x_588_v := "i__getValue"(x_588) with pre_elab; - GPVUnfold(x_588); - x_589 := l-nth(x__sc_fst, 1.); - x_590 := {{ "v", x_589, "key", true }}; - x_590_v := "i__getValue"(x_590) with pre_elab; - GPVUnfold(x_590); - x_591 := "i__checkObjectCoercible"(x_588_v) with pre_elab; - x_590_s := "i__toStringComputed"(x_590_v) with pre_elab; - x_592 := {{ "o", x_588_v, x_590_s, true }}; - x_592_v := "i__getValue"(x_592) with pre_elab; - GPVUnfold(x_592); - x_593 := "hasProperty"($lg, "undefined") with pre_elab; - unfold_all Pi; - goto [x_593] then_58 else_55; - then_58: x_594 := {{ "v", $lg, "undefined", true }}; - goto end_10; - else_55: x_595 := {{ "v", undefined, "undefined", true }}; - end_10: PHI(x_596: x_594, x_595); - x_596_v := "i__getValue"(x_596) with pre_elab; - GPVUnfold(x_596); - x_597 := "i__strictEquality"(x_592_v, x_596_v) with pre_elab; - x_597_v := "i__getValue"(x_597) with pre_elab; - GPVUnfold(x_597); - x_598_v := "i__getValue"("decodeEncryptionContext: Duplicate encryption context key value.") with pre_elab; - GPVUnfold("decodeEncryptionContext: Duplicate encryption context key value."); - goto [(not ((typeOf x_586_v) = Obj))] pre_elab next_73; - next_73: gvar_aux_319 := x_586_v; - gvar_aux_320 := [GetMetadata](gvar_aux_319); - goto [(l-nth(gvar_aux_320, 1.) = none)] glab_then_42 glab_else_42; - glab_then_42: fail [ResourceError](gvar_aux_319); - glab_else_42: x_600 := l-nth(gvar_aux_320, 1.); - x_599 := "i__isCallable"(x_586_v); - goto [x_599] lab_45 pre_elab; - lab_45: gvar_aux_321 := x_600; - gvar_aux_322 := "@call"; - gvar_aux_323 := [GetCell](gvar_aux_321, gvar_aux_322); - goto [(l-nth(gvar_aux_323, 2.) = none)] glab_then_43 glab_else_43; - glab_then_43: fail [ResourceError](gvar_aux_321, gvar_aux_322); - glab_else_43: x_body_29 := l-nth(gvar_aux_323, 2.); - else_57: gvar_aux_324 := x_600; - gvar_aux_325 := "@scope"; - gvar_aux_326 := [GetCell](gvar_aux_324, gvar_aux_325); - goto [(l-nth(gvar_aux_326, 2.) = none)] glab_then_44 glab_else_44; - glab_then_44: fail [ResourceError](gvar_aux_324, gvar_aux_325); - glab_else_44: x_fscope_29 := l-nth(gvar_aux_326, 2.); - goto [((typeOf x_586) = List)] then_60 else_58; - then_60: goto [(l-nth(x_586, 0.) = "o")] then_61 else_58; - then_61: x_this_39 := l-nth(x_586, 1.); - goto fi_16; - else_58: x_this_40 := undefined; - fi_16: PHI(x_this_41: x_this_39, x_this_40); - x_609 := x_body_29(x_fscope_29, x_this_41, x_597_v, x_598_v) with pre_elab; - x_609_v := "i__getValue"(x_609) with pre_elab; - GPVUnfold(x_609); - x_611 := l-nth(x__sc_fst, 1.); - x_612 := {{ "v", x_611, "encryptionContext", true }}; - x_612_v := "i__getValue"(x_612) with pre_elab; - GPVUnfold(x_612); - x_613 := l-nth(x__sc_fst, 1.); - x_614 := {{ "v", x_613, "key", true }}; - x_614_v := "i__getValue"(x_614) with pre_elab; - GPVUnfold(x_614); - x_615 := "i__checkObjectCoercible"(x_612_v) with pre_elab; - x_614_s := "i__toStringComputed"(x_614_v) with pre_elab; - x_616 := {{ "o", x_612_v, x_614_s, true }}; - x_617 := l-nth(x__sc_fst, 1.); - x_618 := {{ "v", x_617, "value", true }}; - x_618_v := "i__getValue"(x_618) with pre_elab; - GPVUnfold(x_618); - x_619 := "i__checkAssignmentErrors"(x_616) with pre_elab; - x_620 := "i__putValue"(x_616, x_618_v) with pre_elab; - GPVUnfold(x_616); - skip; - apply ArrayOfArraysOfUInt8ArraysContentsAppend(#elements, - #done, 0., - #count) ; - apply ObjectTableStructureAppendPVPair(#dECObj, #utf8Done, - #utf8NProp, #utf8NVal) ; - apply toUtf8PairMapAppendPair(#done, #utf8Done, #new_prop, - #new_value) ; - apply FirstProjAppendPair(#done, #doneRProps, #new_prop, - #new_value) ; - apply FirstProjAppendPair(#utf8Done, #doneProps, #utf8NProp, - #utf8NVal) ; - apply ListToSetAddElement(#doneProps, #donePropsSet, - #utf8NProp) ; - apply UniqueAppendElement(#doneRProps, #new_prop) ; - if ((#definition = "Complete")) then { - unfold Unique(#leftRProps) - }; - x_621_v := "i__getValue"(0.) with pre_elab; - GPVUnfold(0.); - x_622_v := "i__getValue"(0.) with pre_elab; - GPVUnfold(0.); - x_623 := "i__strictEquality"(x_621_v, x_622_v) with pre_elab; - x_623_v := "i__getValue"(x_623) with pre_elab; - GPVUnfold(x_623); - skip; - loop_c_2: PHI(x_625: x_623_v); - goto [(not (x_625 = empty))] next_75 next_76; - next_75: skip; - next_76: PHI(x_626: x_624, x_625); - x_534 := l-nth(x__sc_fst, 1.); - x_535 := {{ "v", x_534, "count", true }}; - goto [((typeOf x_535) = List)] lab_42 lab_41; - lab_41: goto [((l-nth(x_535, 0.) = "v") and ((l-nth(x_535, 2.) = "eval") or (l-nth(x_535, 2.) = "arguments")))] pre_elab lab_42; - lab_42: x_535_v := "i__getValue"(x_535) with pre_elab; - GPVUnfold(x_535); - x_535_n := "i__toNumber"(x_535_v) with pre_elab; - x_536 := (x_535_n + 1.); - x_537 := "i__putValue"(x_535, x_536) with pre_elab; - GPVUnfold(x_535); - goto loop_h_2; - loop_e_2: PHI(x_627: x_624); - goto [(x_627 = empty)] next_77 next_78; - next_77: skip; - next_78: PHI(x_628: x_627, x_624); - goto [(x_628 = empty)] next_79 next_80; - next_79: skip; - next_80: PHI(x_629: x_628, x_519_v); - unfold ArrayOfArraysOfUInt8ArraysContents(#elements, #left, - #count, - (#pairsCount - #count)) ; - apply toUtf8PairMapInjective(#ECKs, #utf8ECKs, #done, - #utf8Done) ; - if ((#definition = "Broken")) then { - unfold FirstProj(#left, - #leftRProps) ; - unfold UniqueOrDuplicated - (#definition, #leftRProps, - #doneRProps, #leftRProps) ; - unfold Duplicated(#doneRProps, - #leftRProps) - }; - x_630 := "hasProperty"($lg, "Object") with pre_elab; - unfold_all Pi; - goto [x_630] then_62 else_59; - then_62: x_631 := {{ "v", $lg, "Object", true }}; - goto end_11; - else_59: x_632 := {{ "v", undefined, "Object", true }}; - end_11: PHI(x_633: x_631, x_632); - x_633_v := "i__getValue"(x_633) with pre_elab; - GPVUnfold(x_633); - x_634 := "i__checkObjectCoercible"(x_633_v) with pre_elab; - x_635 := {{ "o", x_633_v, "freeze", true }}; - x_635_v := "i__getValue"(x_635) with pre_elab; - GPVUnfold(x_635); - x_636 := l-nth(x__sc_fst, 1.); - x_637 := {{ "v", x_636, "encryptionContext", true }}; - x_637_v := "i__getValue"(x_637) with pre_elab; - GPVUnfold(x_637); - goto [(not ((typeOf x_635_v) = Obj))] pre_elab next_81; - next_81: gvar_aux_327 := x_635_v; - gvar_aux_328 := [GetMetadata](gvar_aux_327); - goto [(l-nth(gvar_aux_328, 1.) = none)] glab_then_45 glab_else_45; - glab_then_45: fail [ResourceError](gvar_aux_327); - glab_else_45: x_639 := l-nth(gvar_aux_328, 1.); - x_638 := "i__isCallable"(x_635_v); - goto [x_638] lab_47 pre_elab; - lab_47: gvar_aux_329 := x_639; - gvar_aux_330 := "@call"; - gvar_aux_331 := [GetCell](gvar_aux_329, gvar_aux_330); - goto [(l-nth(gvar_aux_331, 2.) = none)] glab_then_46 glab_else_46; - glab_then_46: fail [ResourceError](gvar_aux_329, gvar_aux_330); - glab_else_46: x_body_31 := l-nth(gvar_aux_331, 2.); - else_61: gvar_aux_332 := x_639; - gvar_aux_333 := "@scope"; - gvar_aux_334 := [GetCell](gvar_aux_332, gvar_aux_333); - goto [(l-nth(gvar_aux_334, 2.) = none)] glab_then_47 glab_else_47; - glab_then_47: fail [ResourceError](gvar_aux_332, gvar_aux_333); - glab_else_47: x_fscope_31 := l-nth(gvar_aux_334, 2.); - goto [((typeOf x_635) = List)] then_64 else_62; - then_64: goto [(l-nth(x_635, 0.) = "o")] then_65 else_62; - then_65: x_this_42 := l-nth(x_635, 1.); - goto fi_17; - else_62: x_this_43 := undefined; - fi_17: PHI(x_this_44: x_this_42, x_this_43); - x_648 := x_body_31(x_fscope_31, x_this_44, x_637_v) with pre_elab use_subst - [object_table - #PVPairs: #utf8ECKs]; - x_648_v := "i__getValue"(x_648) with pre_elab; - GPVUnfold(x_648); - x_650 := l-nth(x__sc_fst, 1.); - x_651 := {{ "v", x_650, "encryptionContext", true }}; - x_651_v := "i__getValue"(x_651) with pre_elab; - GPVUnfold(x_651); - goto pre_rlab; - x_652 := undefined; - pre_rlab: PHI(ret: x_358_v, x_651_v, x_652); - x_653 := "i__purge"(x__te); - x_653 := "i__purge"(x__se); - x_653 := "i__purge"(x__re); - x__scope_f := x__sc_fst; - return; - pre_elab: PHI(ret: x_328, x_331_v, x_332, x_333_v, x_334_v, x__te, x__te, x_345, x_345_v, x_349, x_350, x_353_v, x_354, x_355_v, x_355_b, x_356_v, x_356_b, x_358_v, x_362, x_365_v, x_367_v, x_368, x_369_v, x_371_v, x_372, x_373_v, x_375_v, x_376, x_377_v, x__te, x__te, x_390_v, x_393, x_394_v, x_398, x_399, x_403_v, x_404, x_405_v, x_406_v, x_407_v, x__te, x__te, x_418, x_418_v, x_422, x_423, x_427_v, x_429_v, x_430_v, x_432_v, x_433_v, x__te, x__te, x_444, x_444_v, x_448, x_449, x_453_v, x_453_b, x_454_v, x_454_b, x_455, x_458_v, x_459_v, x__te, x__te, x_472_v, x_475, x_476_v, x_476_v, x_482_v, x_483, x_484_v, x_487, x_488, x_490_v, x_491, x_492_v, x_495, x_496, x_500_v, x_502_v, x_503, x_504_v, x_506_v, x_507, x_507_v, x_508_v, x__te, x__te, x_519, x_519_v, x_521_v, x_524, x_525, x_523_v, x_528_v, x_530_v, x_531, x_533_v, x_533_b, x_539_v, x_541_v, x_542, x_541_s, x_543_v, x_544, x_545_v, x_547_v, x__te, x__te, x_558, x_558_v, x_562, x_563, x_565_v, x_566_v, x_567, x_568_s, x_569_v, x_572, x_573, x_575_v, x_576_v, x_577, x_578_s, x_579_v, x_582, x_583, x_586_v, x_588_v, x_590_v, x_591, x_590_s, x_592_v, x_593, x_596_v, x_597, x_597_v, x_598_v, x__te, x__te, x_609, x_609_v, x_612_v, x_614_v, x_615, x_614_s, x_618_v, x_619, x_620, x_621_v, x_622_v, x_623, x_623_v, x__se, x_535_v, x_535_n, x_537, x_630, x_633_v, x_634, x_635_v, x_637_v, x__te, x__te, x_648, x_648_v, x_651_v); - x__scope_f := x__sc_fst; - throw -}; - - -@nopath -proc needs(x__scope, x__this, condition, errorMessage) { - gvar_aux_335 := [Alloc](empty, null); - x__er_m := l-nth(gvar_aux_335, 0.); - gvar_aux_336 := [Alloc](empty, x__er_m); - x__er := l-nth(gvar_aux_336, 0.); - gvar_aux_337 := x__er_m; - gvar_aux_338 := "@er"; - gvar_aux_339 := true; - gvar_aux_340 := [GetCell](gvar_aux_337, gvar_aux_338); - gvar_aux_341 := [SetCell](l-nth(gvar_aux_340, 0.), - l-nth(gvar_aux_340, 1.), - gvar_aux_339); - gvar_aux_342 := x__er; - gvar_aux_343 := "arguments"; - gvar_aux_344 := undefined; - gvar_aux_345 := [GetCell](gvar_aux_342, gvar_aux_343); - gvar_aux_346 := [SetCell](l-nth(gvar_aux_345, 0.), - l-nth(gvar_aux_345, 1.), - gvar_aux_344); - gvar_aux_347 := x__er; - gvar_aux_348 := "condition"; - gvar_aux_349 := condition; - gvar_aux_350 := [GetCell](gvar_aux_347, gvar_aux_348); - gvar_aux_351 := [SetCell](l-nth(gvar_aux_350, 0.), - l-nth(gvar_aux_350, 1.), - gvar_aux_349); - gvar_aux_352 := x__er; - gvar_aux_353 := "errorMessage"; - gvar_aux_354 := errorMessage; - gvar_aux_355 := [GetCell](gvar_aux_352, gvar_aux_353); - gvar_aux_356 := [SetCell](l-nth(gvar_aux_355, 0.), - l-nth(gvar_aux_355, 1.), - gvar_aux_354); - x__sc_fst := l+ (x__scope, {{ x__er }}); - x__te := "TypeError"(); - x__se := "SyntaxError"(); - x__re := "ReferenceError"(); - x_656 := l-nth(x__sc_fst, 1.); - x_657 := {{ "v", x_656, "condition", true }}; - x_657_v := "i__getValue"(x_657) with pre_elab; - GPVUnfold(x_657); - x_657_b := "i__toBoolean"(x_657_v) with pre_elab; - x_658 := (not x_657_b); - x_658_v := "i__getValue"(x_658) with pre_elab; - GPVUnfold(x_658); - x_658_b := "i__toBoolean"(x_658_v) with pre_elab; - goto [x_658_b] then_71 else_67; - then_71: x_659 := "hasProperty"($lg, "Error") with pre_elab; - unfold_all Pi; - goto [x_659] then_66 else_63; - then_66: x_660 := {{ "v", $lg, "Error", true }}; - goto end_12; - else_63: x_661 := {{ "v", undefined, "Error", true }}; - end_12: PHI(x_662: x_660, x_661); - x_662_v := "i__getValue"(x_662) with pre_elab; - GPVUnfold(x_662); - x_663 := l-nth(x__sc_fst, 1.); - x_664 := {{ "v", x_663, "errorMessage", true }}; - x_664_v := "i__getValue"(x_664) with pre_elab; - GPVUnfold(x_664); - goto [(not ((typeOf x_662_v) = Obj))] pre_elab next_83; - next_83: gvar_aux_357 := x_662_v; - gvar_aux_358 := [GetMetadata](gvar_aux_357); - goto [(l-nth(gvar_aux_358, 1.) = none)] glab_then_48 glab_else_48; - glab_then_48: fail [ResourceError](gvar_aux_357); - glab_else_48: x_665 := l-nth(gvar_aux_358, 1.); - gvar_aux_359 := x_665; - gvar_aux_360 := "@construct"; - gvar_aux_361 := [GetCell](gvar_aux_359, gvar_aux_360); - x_666 := (not (l-nth(gvar_aux_361, 2.) = none)); - goto [x_666] then_67 pre_elab; - then_67: x_677 := {{ "o", x_662_v, "prototype", true }}; - x_677_v := "i__getValue"(x_677) with pre_elab; - GPVUnfold(x_677); - goto [((typeOf x_677_v) = Obj)] else_66 then_70; - then_70: x_678 := $lobj_proto; - else_66: PHI(x_679: x_677_v, x_678); - x_this_46 := "create_default_object"(x_679); - gvar_aux_362 := x_665; - gvar_aux_363 := "@construct"; - gvar_aux_364 := [GetCell](gvar_aux_362, gvar_aux_363); - goto [(l-nth(gvar_aux_364, 2.) = none)] glab_then_49 glab_else_49; - glab_then_49: fail [ResourceError](gvar_aux_362, gvar_aux_363); - glab_else_49: x_body_33 := l-nth(gvar_aux_364, 2.); - gvar_aux_365 := x_665; - gvar_aux_366 := "@scope"; - gvar_aux_367 := [GetCell](gvar_aux_365, gvar_aux_366); - goto [(l-nth(gvar_aux_367, 2.) = none)] glab_then_50 glab_else_50; - glab_then_50: fail [ResourceError](gvar_aux_365, gvar_aux_366); - glab_else_50: x_fscope_33 := l-nth(gvar_aux_367, 2.); - x_680 := x_body_33(x_fscope_33, x_this_46, x_664_v) with pre_elab; - goto [((typeOf x_680) = Obj)] next_87 next_86; - next_86: skip; - next_87: PHI(x_681: x_680, x_this_46); - x_681_v := "i__getValue"(x_681) with pre_elab; - GPVUnfold(x_681); - goto pre_elab; - x_684 := empty; - goto end_13; - else_67: x_683 := empty; - end_13: PHI(x_685: x_684, x_683); - x_686 := undefined; - pre_rlab: ret := x_686; - x_687 := "i__purge"(x__te); - x_687 := "i__purge"(x__se); - x_687 := "i__purge"(x__re); - x__scope_f := x__sc_fst; - return; - pre_elab: PHI(ret: x_657_v, x_657_b, x_658_v, x_658_b, x_659, x_662_v, x_664_v, x__te, x__te, x_677_v, x_680, x_681_v, x_681_v); - x__scope_f := x__sc_fst; - throw -}; diff --git a/debugger-vscode-extension/sampleWorkspace/js/amazon/bugs/frozen/deserialize_factory.js b/debugger-vscode-extension/sampleWorkspace/js/amazon/bugs/frozen/deserialize_factory.js deleted file mode 100644 index 25182ba0e..000000000 --- a/debugger-vscode-extension/sampleWorkspace/js/amazon/bugs/frozen/deserialize_factory.js +++ /dev/null @@ -1,467 +0,0 @@ -'use strict'; - -/** - @import AmazonLogic.jsil - @import EncryptionHeaderLogic.gil - @import ListLogic.gil - @import Utf8Logic.gil - */ - -/************************* - ************************* - ******* ******* - ******* needs ******* - ******* ******* - ************************* - *************************/ - -/** - * @id needs - */ -function needs(condition, errorMessage) { - if (!condition) { - throw new Error(errorMessage) - } -} - -/******************************** - ******************************** - ******* ******* - ******* readElements ******* - ******* ******* - ******************************** - ********************************/ - -/** - @id readElements - - @pred nounfold innerLoopInvariantFacts(+definition, +remElsList, +view, +innerLoopReadPos, +fLeft, +remElList, +eLength, +remElsLength, +doneElLength, remElLength) : - (definition == "Complete") * CElement(view, innerLoopReadPos, fLeft, remElList, remElLength) * (eLength == doneElLength + remElLength), - (definition == "Incomplete") * (remElsList == {{ }}) * IElement(view, innerLoopReadPos, fLeft, remElList, remElLength) * (remElsLength == doneElLength + remElLength), - (definition == "Incomplete") * (! (remElsList == {{ }})) * CElement(view, innerLoopReadPos, fLeft, remElList, remElLength) * (eLength == doneElLength + remElLength); - - @pre - (elementCount == #eCount) * (fieldsPerElement == #fCount) * (buffer == #buffer) * (readPos == #readPos) * - Uint8Array (#buffer, #ab, #viewOffset, #viewSize) * - ArrayBuffer(#ab, #data) * - (#view == l-sub(#data, #viewOffset, #viewSize)) * - Elements(#definition, #view, #readPos, #eCount, #fCount, #eList, #esLength) * - - scope(needs : #needs) * JSFunctionObject(#needs, "needs", #n_sc, #n_len, #n_proto) * - JSInternals () - - @post - (#definition == "Complete") * - Uint8Array (#buffer, #ab, #viewOffset, #viewSize) * - ArrayBuffer(#ab, #data) * - Elements(#definition, #view, #readPos, #eCount, #fCount, #eList, #esLength) * - scope(needs : #needs) * JSFunctionObject(#needs, "needs", #n_sc, #n_len, #n_proto) * - JSInternals () * - - JSObject(ret) * - DataProp(ret, "elements", #elements) * - ArrayOfArraysOfUInt8Arrays(#elements, #eList) * - DataProp(ret, "readPos", #ret_readPos) * - (#ret_readPos == #readPos + #esLength); - - (#definition == "Incomplete") * - Uint8Array (#buffer, #ab, #viewOffset, #viewSize) * - ArrayBuffer(#ab, #data) * - Elements(#definition, #view, #readPos, #eCount, #fCount, #eList, #esLength) * - - scope(needs : #needs) * JSFunctionObject(#needs, "needs", #n_sc, #n_len, #n_proto) * - JSInternals () * - - (ret == false) -*/ -function readElements(elementCount, fieldsPerElement, buffer, readPos) { - var dataView = new DataView( - buffer.buffer, - buffer.byteOffset, - buffer.byteLength - ); - - needs(readPos >= 0 && dataView.byteLength >= readPos, 'readPos out of bounds.') - /* Precondition: elementCount and fieldsPerElement must be non-negative. */ - needs(elementCount >= 0 && fieldsPerElement >= 0, 'elementCount and fieldsPerElement must be non-negative.') - - var elements = []; - - /* @invariant - scope(buffer: #buffer) * Uint8Array (#buffer, #ab, #viewOffset, #viewSize) * ArrayBuffer(#ab, #data) * - scope(dataView: #dataView) * DataView(#dataView, #ab, #viewOffset, #viewSize) * - scope(elements : #doneEls) * scope(readPos : #outerLoopReadPos) * - scope(elementCount : #eLeft) * scope(fieldsPerElement: #fCount) * - scope(element: _) * scope(fieldCount: _) * scope(fieldBinary: _) * scope(length: _) * - JSInternals() * - - CElements(#view, #readPos, #eCount - #eLeft, #fCount, #doneElsList, #doneElsLength) * - Elements(#definition, #view, #outerLoopReadPos, #eLeft, #fCount, #remElsList, #remElsLength) * - (#eList == l+ (#doneElsList, #remElsList)) * - (#esLength == #doneElsLength + #remElsLength) * - (#readPos + #doneElsLength == #outerLoopReadPos) * - ArrayOfArraysOfUInt8Arrays(#doneEls, #doneElsList) - [bind : #doneEls, #outerLoopReadPos, #eLeft, #remElsList, #remElsLength, #doneElsList, #doneElsLength] */ - while (elementCount--) { - /* @tactic - unfold Elements(#definition, #view, #outerLoopReadPos, #eLeft, #fCount, #remElsList, #remElsLength); - if (#definition = "Complete") then { - unfold CElements(#view, #outerLoopReadPos, #eLeft, #fCount, #remElsList, #remElsLength) [bind: (#element := #fList) and (#eLength := #eLength)] - } else { - unfold IElements(#view, #outerLoopReadPos, #eLeft, #fCount, #remElsList, #remElsLength) [bind: (#fList := #fList) and (#eLength := #eLength)] - } */ - var element = [] - var fieldCount = fieldsPerElement - - /* @invariant - scope(buffer: #buffer) * Uint8Array (#buffer, #ab, #viewOffset, #viewSize) * ArrayBuffer(#ab, #data) * - scope(dataView: #dataView) * DataView(#dataView, #ab, #viewOffset, #viewSize) * - scope(element : #doneEl) * scope(readPos : #innerLoopReadPos) * scope(fieldCount : #fLeft) * - scope(fieldBinary: _) * scope(length: _) * - JSInternals() * - - CElement(#view, #outerLoopReadPos, #fCount - #fLeft, #doneElList, #doneElLength) * - (#fList == l+ (#doneElList, #remElList)) * - innerLoopInvariantFacts(#definition, #remElsList, #view, #innerLoopReadPos, #fLeft, #remElList, #eLength, #remElsLength, #doneElLength, #remElLength) * - (#outerLoopReadPos + #doneElLength == #innerLoopReadPos) * - ArrayOfUInt8Arrays(#doneEl, #doneElList, #fCount - #fLeft) - [bind: #doneEl, #innerLoopReadPos, #fLeft, #remElList, #remElLength, #doneElList, #doneElLength] */ - while (fieldCount--) { - /* @tactic - unfold innerLoopInvariantFacts(#definition, #remElsList, #view, #innerLoopReadPos, #fLeft, #remElList, #eLength, #remElsLength, #doneElLength, #remElLength); - if (#definition = "Complete") then { - unfold CElement(#view, #innerLoopReadPos, #fLeft, #remElList, #remElLength) - } else { - if (#remElsList = {{ }}) then { - unfold IElement(#view, #innerLoopReadPos, #fLeft, #remElList, #remElLength) - } else { - unfold CElement(#view, #innerLoopReadPos, #fLeft, #remElList, #remElLength) - } - } */ - if (readPos + 2 > dataView.byteLength) - /* @tactic - apply PrependCElementI(#view, #outerLoopReadPos, (#fCount - #fLeft), #doneElList, #doneElLength, #fLeft, #remElList, #remElLength); - assert IElement(#view, #outerLoopReadPos, #fCount, #fList, #remElsLength); - assert Elements(#definition, #view, #outerLoopReadPos, #eLeft, #fCount, #remElsList, #remElsLength); - apply PrependCElementsE(#definition, #view, #readPos, (#eCount - #eLeft), #fCount, #doneElsList, #doneElsLength, #eLeft, #remElsList, #remElsLength) - */ - return false - - var length = dataView.getUint16(readPos, false) // big endian - readPos += 2 - - if (readPos + length > dataView.byteLength) - /* @tactic - apply PrependCElementI(#view, #outerLoopReadPos, (#fCount - #fLeft), #doneElList, #doneElLength, #fLeft, #remElList, #remElLength); - assert IElement(#view, #outerLoopReadPos, #fCount, #fList, #remElsLength); - assert Elements(#definition, #view, #outerLoopReadPos, #eLeft, #fCount, #remElsList, #remElsLength); - apply PrependCElementsE(#definition, #view, #readPos, (#eCount - #eLeft), #fCount, #doneElsList, #doneElsLength, #eLeft, #remElsList, #remElsLength) - */ - return false - - var fieldBinary = buffer.slice(readPos, readPos + length) - readPos += length - /* @tactic - assert (#remElList == #fld :: #rfld) [bind: #fld, #rfld]; - if ((#definition = "Complete") or (not (#remElsList = {{ }}))) then { - apply AppendFieldCC(#view, #outerLoopReadPos, #fCount - #fLeft, #doneElList, #doneElLength, #fLeft, #fld, #rfld, #remElLength) - } else { - apply AppendFieldCI(#view, #outerLoopReadPos, #fCount - #fLeft, #doneElList, #doneElLength, #fLeft, #fld, #rfld, #remElLength) - } */ - element.push(fieldBinary) - } - - /* @tactic - unfold CElement(#view, #innerLoopReadPos, #fLeft, #remElList, #remElLength); - apply CElementsAppend(#view, #readPos, (#eCount - #eLeft), #fCount, #doneElsList, #doneElsLength, #doneElList, #doneElLength) */ - elements.push(element); - } - - /* @tactic - unfold Elements(#definition, #view, #outerLoopReadPos, #eLeft, #fCount, #remElsList, #remElsLength); - if (#definition = "Complete") then { - unfold CElements(#view, #outerLoopReadPos, #eLeft, #fCount, #remElsList, #remElsLength) - } else { - unfold IElements(#view, #outerLoopReadPos, #eLeft, #fCount, #remElsList, #remElsLength) - } */ - return { elements, readPos } -} - -/************************************ - ************************************ - ******* ******* - ******* EncryptedDataKey ******* - ******* ******* - ************************************ - ************************************/ - -/** - @id EncryptedDataKey - - @onlyspec EncryptedDataKey (edk) - [[ - (edk == #edk) * - JSObject(#edk) * - DataProp(#edk, "providerId", #pId) * types(#pId : Str) * - DataProp(#edk, "providerInfo", #pInfo) * types(#pInfo : Str) * - DataProp(#edk, "encryptedDataKey", #aEDK) * - Uint8Array (#aEDK, #abEDK, 0, #viewSizeEDK) * - ArrayBuffer(#abEDK, #encryptedDataKey) * - (#viewSizeEDK == l-len #encryptedDataKey) * - DataProp(#edk, "rawInfo", #aRInfo) * - Uint8Array (#aRInfo, #abRInfo, 0, #viewSizeRInfo) * - ArrayBuffer(#abRInfo, #rawInfo) * - (#viewSizeRInfo == l-len #rawInfo) * - JSObjWithProto (this, $l_edk_proto) - ]] - [[ - JSObject(#edk) * - DataProp(#edk, "providerId", #pId) * - DataProp(#edk, "providerInfo", #pInfo) * - DataProp(#edk, "encryptedDataKey", #aEDK) * - Uint8Array (#aEDK, #abEDK, 0, #viewSizeEDK) * - ArrayBuffer(#abEDK, #encryptedDataKey) * - DataProp(#edk, "rawInfo", #aRInfo) * - Uint8Array (#aRInfo, #abRInfo, 0, #viewSizeRInfo) * - ArrayBuffer(#abRInfo, #rawInfo) * - - EncryptedDataKey(this, #pId, #pInfo, #encryptedDataKey, #rawInfo) * - (ret == this) - ]] - normal -*/ -var EncryptedDataKey = function (edk) { }; - -/************************** - ************************** - ******* ******* - ******* toUtf8 ******* - ******* ******* - ************************** - **************************/ - -/** - @id toUtf8 - - @onlyspec toUtf8 (buffer) - [[ - (buffer == #buffer) * - Uint8Array (#buffer, #ab, 0, #length) * - ArrayBuffer(#ab, #element) - ]] - [[ - Uint8Array (#buffer, #ab, 0, #length) * - ArrayBuffer(#ab, #element) * - toUtf8(#element, ret) - ]] - normal -*/ -var toUtf8 = function (buffer) { }; - -/******************************************* - ******************************************* - ******* ******* - ******* decodeEncryptionContext ******* - ******* ******* - ******************************************* - *******************************************/ - -/** - - @pred nounfold UniqueOrDuplicated(definition:Str, lst1:List, lst2:List, lst3:List) : - (definition == "Complete") * Unique(lst1), - (definition == "Broken") * Duplicated(lst2, lst3); - - @id decodeEncryptionContext - - @pre (this == undefined) * (encodedEncryptionContext == #eEC) * - Uint8Array(#eEC, #aBuffer, #byteOffset, #byteLength) * ArrayBuffer(#aBuffer, #data) * - (#EC == l-sub(#data, #byteOffset, #byteLength)) * - (#definition == "Complete") * - RawEncryptionContext(#definition, #EC, #ECKs, #errorMessage) * - - scope(needs : #needs) * JSFunctionObject(#needs, "needs", #n_sc, #n_len, #n_proto) * - scope(readElements : #readElements) * JSFunctionObject(#readElements, "readElements", #rE_sc, #rE_len, #rE_proto) * - scope(toUtf8: #toUtf8) * JSFunctionObject(#toUtf8, "toUtf8", #t_sc, #t_len, #t_proto) * - JSInternals() - - @post Uint8Array(#eEC, #aBuffer, #byteOffset, #byteLength) * ArrayBuffer(#aBuffer, #data) * - RawEncryptionContext(#definition, #EC, #ECKs, #errorMessage) * - - DecodedEncryptionContext(ret, #ECKs) * - - scope(needs : #needs) * JSFunctionObject(#needs, "needs", #n_sc, #n_len, #n_proto) * - scope(readElements : #readElements) * JSFunctionObject(#readElements, "readElements", #rE_sc, #rE_len, #rE_proto) * - scope(toUtf8: #toUtf8) * JSFunctionObject(#toUtf8, "toUtf8", #t_sc, #t_len, #t_proto) * - JSInternals () -*/ -function decodeEncryptionContext(encodedEncryptionContext) { - /* @tactic - if (#definition = "Complete") then { - unfold CRawEncryptionContext(#EC, #ECKs) - } else { - unfold BRawEncryptionContext(#errorMessage, #EC, #ECKs) - } - */ - - var encryptionContext = Object.create(null) - /* Check for early return (Postcondition): The case of 0 length is defined as an empty object. */ - if (!encodedEncryptionContext.byteLength) { - /* ERROR: OBJECT NOT FROZEN */ - - /* @tactic - assert ( - scope(encryptionContext: #encryptionContext) * - JSObjGeneral(#encryptionContext, null, "Object", false) * - toUtf8PairMap(#ECKs, #utf8ECKs) * - FrozenObjectTable(#encryptionContext, #utf8ECKs) - ) [bind: #encryptionContext, #utf8ECKs] - */ - return encryptionContext - } - /* Uint8Array is a view on top of the underlying ArrayBuffer. - * This means that raw underlying memory stored in the ArrayBuffer - * may be larger than the Uint8Array. This is especially true of - * the Node.js Buffer object. The offset and length *must* be - * passed to the DataView otherwise I will get unexpected results. - */ - var dataView = new DataView( - encodedEncryptionContext.buffer, - encodedEncryptionContext.byteOffset, - encodedEncryptionContext.byteLength - ) - var pairsCount = dataView.getUint16(0, false) // big endian - var elementInfo = readElements(pairsCount, 2, encodedEncryptionContext, 2) - /* Postcondition: Since the encryption context has a length, it must have pairs. - * Unlike the encrypted data key section, the encryption context has a length - * element. This means I should always pass the entire section. - */ - if (!elementInfo) throw new Error('decodeEncryptionContext: Underflow, not enough data.') - var { elements, readPos } = elementInfo - - /* Postcondition: The byte length of the encodedEncryptionContext must match the readPos. */ - needs( - encodedEncryptionContext.byteLength === readPos, - 'decodeEncryptionContext: Overflow, too much data.' - ) - - /* - @tactic - assert ( - (#EC == l+ ({{ #b0, #b1 }}, #rest)) * - Elements("Complete", #EC, 2, ((256 * #b0) + #b1), 2, #ECKs, l-len #rest) - ) [bind: #b0, #b1, #rest]; - unfold Elements("Complete", #EC, 2, ((256 * #b0) + #b1), 2, #ECKs, l-len #rest); - assert ( - scope(pairsCount: #pairsCount) * (#pairsCount == l-len #ECKs) * - scope(elements: #elements) * ArrayOfArraysOfUInt8Arrays(#elements, #ECKs) * - scope(encryptionContext: #dECObj) * JSObjWithProto(#dECObj, null) * empty_fields(#dECObj : -{ }-) * - toUtf8PairMap(#ECKs, #utf8ECKs) * FirstProj(#ECKs, #rProps) * UniqueOrDuplicated(#definition, #rProps, {{ }}, #rProps) - ) [bind: #pairsCount, #elements, #dECObj, #utf8ECKs, #rProps] - - @invariant - scope(pairsCount: #pairsCount) * scope(elements: #elements) * scope(encryptionContext: #dECObj) * - scope(needs : #needs) * JSFunctionObject(#needs, "needs", #n_sc, #n_len, #n_proto) * - scope(toUtf8: #toUtf8) * JSFunctionObject(#toUtf8, "toUtf8", #t_sc, #t_len, #t_proto) * - scope(key: _) * scope(value: _) * - toUtf8PairMap(#ECKs, #utf8ECKs) * FirstProj(#ECKs, #rProps) * - CElements(#EC, 2., ((256. * #b0) + #b1), 2., #ECKs, (l-len #rest)) * - UniqueOrDuplicated(#definition, #rProps, {{ }}, #rProps) * - JSInternals() * - - scope(count: #count) * (#count <=# #pairsCount) * - ArrayStructure(#elements, #pairsCount) * - ArrayOfArraysOfUInt8ArraysContents(#elements, #done, 0, #count) * - ArrayOfArraysOfUInt8ArraysContents(#elements, #left, #count, #pairsCount - #count) * - (#ECKs == l+ (#done, #left)) * - FirstProj(#done, #doneRProps) * Unique(#doneRProps) * - FirstProj(#left, #leftRProps) * UniqueOrDuplicated(#definition, #leftRProps, #doneRProps, #leftRProps) * - toUtf8PairMap(#done, #utf8Done) * - JSObjWithProto(#dECObj, null) * ObjectTable(#dECObj, #utf8Done) - [bind: #count, #done, #left, #doneRProps, #leftRProps, #utf8Done] */ - for (var count = 0; count < pairsCount; count++) { - /* - @tactic - unfold ArrayStructure(#elements, #pairsCount); - unfold UniqueOrDuplicated(#definition, #rProps, {{ }}, #rProps); - unfold UniqueOrDuplicated(#definition, #leftRProps, #doneRProps, #leftRProps); - unfold ArrayOfArraysOfUInt8ArraysContents(#elements, #left, #count, #pairsCount - #count) [bind: (#elementContents := #ECK) and (#rest := #rest_left)]; - apply CElementsElementLength(#EC, 2., ((256. * #b0) + #b1), 2., #ECKs, #done, #ECK, #rest_left); - assert (#ECK == {{ #new_prop, #new_value }}) - */ - - // FIXME: FIX THE PARSER! - var [key, value] = elements[count].map(toUtf8) - - /* Postcondition: The number of keys in the encryptionContext must match the pairsCount. - * If the same Key value is serialized... - */ - /* - @tactic - assert (toUtf8(#new_prop, #utf8NProp)) [bind: #utf8NProp]; - assert (toUtf8(#new_value, #utf8NVal)) [bind: #utf8NVal]; - unfold ObjectTable(#dECObj, #utf8Done) [bind: (#pList := #doneProps) and (#pSet := #donePropsSet)]; - apply FirstProjConcatSplit(#ECKs, #done, #left); - apply ProduceListToSet(#doneRProps); apply ProduceListToSet(#leftRProps); - assert (ListToSet(#doneRProps, #doneRPropsSet)) [bind: #doneRPropsSet]; - unfold FirstProj(#left, #leftRProps); - apply HeadInSet(#leftRProps); - if (#definition = "Complete") then { - apply UniqueConcatSplitNotInSuffix(#rProps, #doneRProps, #leftRProps, #new_prop); - apply FirstProjToUtf8MapPairCompat(#done); - apply NotInListToUtf8(#new_prop, #doneRProps); - apply ObjectTableAbsentProperty(#dECObj, #utf8Done, #utf8NProp) - } else { - apply FirstProjToUtf8MapPairCompat(#done); - unfold Duplicated(#doneRProps, #leftRProps) [bind: (#preSet := #doneRPropsSet2)]; - apply ListToSetFunction(#doneRProps, #doneRPropsSet, #doneRProps, #doneRPropsSet2); - if (#new_prop -e- #doneRPropsSet) then { - apply InListToUtf8(#new_prop, #doneRProps); - apply ObjectTablePresentProperty(#dECObj, #utf8Done, #utf8NProp) - } else { - apply NotInListToUtf8(#new_prop, #doneRProps); - apply ObjectTableAbsentProperty(#dECObj, #utf8Done, #utf8NProp) - } - } - */ - needs( - encryptionContext[key] === undefined, - 'decodeEncryptionContext: Duplicate encryption context key value.' - ) - encryptionContext[key] = value - - /* - @tactic - apply ArrayOfArraysOfUInt8ArraysContentsAppend(#elements, #done, 0, #count); - apply ObjectTableStructureAppendPVPair(#dECObj, #utf8Done, #utf8NProp, #utf8NVal); - apply toUtf8PairMapAppendPair(#done, #utf8Done, #new_prop, #new_value); - apply FirstProjAppendPair(#done, #doneRProps, #new_prop, #new_value); - apply FirstProjAppendPair(#utf8Done, #doneProps, #utf8NProp, #utf8NVal); - apply ListToSetAddElement(#doneProps, #donePropsSet, #utf8NProp); - apply UniqueAppendElement(#doneRProps, #new_prop); - if (#definition = "Complete") then { - unfold Unique(#leftRProps) - } - */ - 0 === 0; - } - - /* - @tactic - unfold ArrayOfArraysOfUInt8ArraysContents(#elements, #left, #count, #pairsCount - #count); - apply toUtf8PairMapInjective(#ECKs, #utf8ECKs, #done, #utf8Done); - if (#definition = "Broken") then { - unfold FirstProj(#left, #leftRProps); - unfold UniqueOrDuplicated(#definition, #leftRProps, #doneRProps, #leftRProps); - unfold Duplicated(#doneRProps, #leftRProps) - }; - use_subst [object_table : (#PVPairs: #utf8ECKs) ] - */ - Object.freeze(encryptionContext) - - /** - * dECOb == encryptionContext * - * toUtf8PairMap(ECKs, #utf8ECKs) * - FrozenObjectTable(dECObj, #utf8ECKs); */ - return encryptionContext -} \ No newline at end of file diff --git a/debugger-vscode-extension/sampleWorkspace/js/missing_resource.js b/debugger-vscode-extension/sampleWorkspace/js/missing_resource.js deleted file mode 100644 index 99e540e99..000000000 --- a/debugger-vscode-extension/sampleWorkspace/js/missing_resource.js +++ /dev/null @@ -1,11 +0,0 @@ -/** - @id missingResource - - @pre JSObject(o) - - @post ret == 0 -*/ -function missingResource(o) { - var x = o["foo"]; - return x -} \ No newline at end of file diff --git a/debugger-vscode-extension/sampleWorkspace/kani/c/wpst/llen.c b/debugger-vscode-extension/sampleWorkspace/kani-c/wpst/llen.c similarity index 100% rename from debugger-vscode-extension/sampleWorkspace/kani/c/wpst/llen.c rename to debugger-vscode-extension/sampleWorkspace/kani-c/wpst/llen.c diff --git a/debugger-vscode-extension/sampleWorkspace/kani/c/wpst/llen.c.symtab.json b/debugger-vscode-extension/sampleWorkspace/kani-c/wpst/llen.c.symtab.json similarity index 100% rename from debugger-vscode-extension/sampleWorkspace/kani/c/wpst/llen.c.symtab.json rename to debugger-vscode-extension/sampleWorkspace/kani-c/wpst/llen.c.symtab.json diff --git a/debugger-vscode-extension/sampleWorkspace/kani/c/wpst/simple_branch.c b/debugger-vscode-extension/sampleWorkspace/kani-c/wpst/simple_branch.c similarity index 100% rename from debugger-vscode-extension/sampleWorkspace/kani/c/wpst/simple_branch.c rename to debugger-vscode-extension/sampleWorkspace/kani-c/wpst/simple_branch.c diff --git a/debugger-vscode-extension/sampleWorkspace/kani/c/wpst/simple_branch.c.symtab.gil b/debugger-vscode-extension/sampleWorkspace/kani-c/wpst/simple_branch.c.symtab.gil similarity index 100% rename from debugger-vscode-extension/sampleWorkspace/kani/c/wpst/simple_branch.c.symtab.gil rename to debugger-vscode-extension/sampleWorkspace/kani-c/wpst/simple_branch.c.symtab.gil diff --git a/debugger-vscode-extension/sampleWorkspace/kani/c/wpst/simple_branch.c.symtab.json b/debugger-vscode-extension/sampleWorkspace/kani-c/wpst/simple_branch.c.symtab.json similarity index 100% rename from debugger-vscode-extension/sampleWorkspace/kani/c/wpst/simple_branch.c.symtab.json rename to debugger-vscode-extension/sampleWorkspace/kani-c/wpst/simple_branch.c.symtab.json diff --git a/debugger-vscode-extension/sampleWorkspace/text/test.md b/debugger-vscode-extension/sampleWorkspace/text/test.md deleted file mode 100644 index d107b9473..000000000 --- a/debugger-vscode-extension/sampleWorkspace/text/test.md +++ /dev/null @@ -1,46 +0,0 @@ -# VS Code Mock Debug - -Mock Debug allows to "debug" markdown files (like this). -The text of the markdown is considered the "program to debug" and certain keywords trigger specific functionality: - -* if debugging stops on a line, the line becomes a stack in the CALL STACK with the words shown as frames. - Here is a long stack trace: a b c d e f g h i j k l m n o p q r s t u v w x y z a b c d e f g h i j k l m n o p q r s t u v w x y z a b c d e f g h i j k l m n o p q r s t u v w x y z. -* Variables are just synthesized by Mock Debug, they do not originate from the markdown file. - -## Breakpoints: - -Breakpoints can be set in the breakpoint gutter of the editor (even before a Mock Debug session was started). -If a Mock Debug session is active, breakpoints are "validated" according these rules: - -* if a line is empty or starts with `+` we don't allow to set a breakpoint but move the breakpoint down -* if a line starts with `-` we don't allow to set a breakpoint but move the breakpoint up -* a breakpoint on a line containing the word `lazy` is not immediately validated, but only after hitting it once. - -## Exceptions: - -If a line contains the word `exception` or the pattern `exception(name)` an exception is thrown. - -## Output logging: - -* a line with the pattern `log(xxx)` logs `xxx` to the debug console. If "xxx" is `start` or `end`, a "log group" is started or ended. - -log(start) -log(arbitrary line of text) -log(start) -log(arbitrary line of text level 2) -log(start) -log(arbitrary line of text level 3) -log(start) -log(arbitrary line of text level 4) -log(start) -log(arbitrary line of text level 5) -log(another line of text level 5) -log(end) -log(another line of text level 4) -log(end) -log(another line of text level 3) -log(end) -log(another line of text level 2) -log(end) -log(another line of text) -log(end) diff --git a/debugger-vscode-extension/sampleWorkspace/text/test.txt b/debugger-vscode-extension/sampleWorkspace/text/test.txt deleted file mode 100644 index 582a680d3..000000000 --- a/debugger-vscode-extension/sampleWorkspace/text/test.txt +++ /dev/null @@ -1,47 +0,0 @@ -# VS Code Mock Debug - -Mock Debug allows to "debug" markdown files (like this). -The text of the markdown is considered the "program to debug" and certain keywords trigger specific functionality: - -* if debugging stops on a line, the line becomes a stack in the CALL STACK with the words shown as frames. - Here is a long stack trace: a b c d e f g h i j k l m n o p q r s t u v w x y z a b c d e f g h i j k l m n o p q r s t u v w x y z a b c d e f g h i j k l m n o p q r s t u v w x y z. -* Variables are just synthesized by Mock Debug, they do not originate from the markdown file. - -## Breakpoints: - -Breakpoints can be set in the breakpoint gutter of the editor (even before a Mock Debug session was started). -If a Mock Debug session is active, breakpoints are "validated" according these rules: - -* if a line is empty or starts with `+` we don't allow to set a breakpoint but move the breakpoint down -* if a line starts with `-` we don't allow to set a breakpoint but move the breakpoint up -* a breakpoint on a line containing the word `lazy` is not immediately validated, but only after hitting it once. - -## Exceptions: -To make the debugger stop when an exception is thrown, two "exception options" exist in the BREAKPOINTS view: -- **Named Exception**: if enabled and configured with a condition (e.g. `xxx`) the debugger will break on the `exception(xxx)` pattern. -- **Other Exceptions**: if enabled the debugger will break on the word `exception` and the `exception(...)` pattern. - -## Output logging: - -* a line with the pattern `log(xxx)` logs `xxx` to the debug console. If "xxx" is `start` or `end`, a "log group" is started or ended. - -log(start) -log(arbitrary line of text) -log(start) -log(arbitrary line of text level 2) -log(start) -log(arbitrary line of text level 3) -log(start) -log(arbitrary line of text level 4) -log(start) -log(arbitrary line of text level 5) -log(another line of text level 5) -log(end) -log(another line of text level 4) -log(end) -log(another line of text level 3) -log(end) -log(another line of text level 2) -log(end) -log(another line of text) -log(end) diff --git a/debugger-vscode-extension/sampleWorkspace/wisl_demo/dll/auto.wisl b/debugger-vscode-extension/sampleWorkspace/wisl/lab/dll/auto.wisl similarity index 100% rename from debugger-vscode-extension/sampleWorkspace/wisl_demo/dll/auto.wisl rename to debugger-vscode-extension/sampleWorkspace/wisl/lab/dll/auto.wisl diff --git a/debugger-vscode-extension/sampleWorkspace/wisl_demo/dll/manual.wisl b/debugger-vscode-extension/sampleWorkspace/wisl/lab/dll/manual.wisl similarity index 100% rename from debugger-vscode-extension/sampleWorkspace/wisl_demo/dll/manual.wisl rename to debugger-vscode-extension/sampleWorkspace/wisl/lab/dll/manual.wisl diff --git a/debugger-vscode-extension/sampleWorkspace/wisl_demo/dll/manual_solutions.wisl b/debugger-vscode-extension/sampleWorkspace/wisl/lab/dll/manual_solutions.wisl similarity index 100% rename from debugger-vscode-extension/sampleWorkspace/wisl_demo/dll/manual_solutions.wisl rename to debugger-vscode-extension/sampleWorkspace/wisl/lab/dll/manual_solutions.wisl diff --git a/debugger-vscode-extension/sampleWorkspace/wisl_demo/sll/auto.wisl b/debugger-vscode-extension/sampleWorkspace/wisl/lab/sll/auto.wisl similarity index 100% rename from debugger-vscode-extension/sampleWorkspace/wisl_demo/sll/auto.wisl rename to debugger-vscode-extension/sampleWorkspace/wisl/lab/sll/auto.wisl diff --git a/debugger-vscode-extension/sampleWorkspace/wisl_demo/sll/manual.wisl b/debugger-vscode-extension/sampleWorkspace/wisl/lab/sll/manual.wisl similarity index 100% rename from debugger-vscode-extension/sampleWorkspace/wisl_demo/sll/manual.wisl rename to debugger-vscode-extension/sampleWorkspace/wisl/lab/sll/manual.wisl diff --git a/debugger-vscode-extension/sampleWorkspace/wisl_demo/sll/manual_solutions.wisl b/debugger-vscode-extension/sampleWorkspace/wisl/lab/sll/manual_solutions.wisl similarity index 100% rename from debugger-vscode-extension/sampleWorkspace/wisl_demo/sll/manual_solutions.wisl rename to debugger-vscode-extension/sampleWorkspace/wisl/lab/sll/manual_solutions.wisl diff --git a/debugger-vscode-extension/sampleWorkspace/SLL_ex_complete.wisl b/debugger-vscode-extension/sampleWorkspace/wisl/verify/SLL_ex_complete.wisl similarity index 100% rename from debugger-vscode-extension/sampleWorkspace/SLL_ex_complete.wisl rename to debugger-vscode-extension/sampleWorkspace/wisl/verify/SLL_ex_complete.wisl diff --git a/debugger-vscode-extension/sampleWorkspace/list_dispose.gil b/debugger-vscode-extension/sampleWorkspace/wisl/verify/list_dispose.gil similarity index 100% rename from debugger-vscode-extension/sampleWorkspace/list_dispose.gil rename to debugger-vscode-extension/sampleWorkspace/wisl/verify/list_dispose.gil diff --git a/debugger-vscode-extension/sampleWorkspace/list_dispose.wisl b/debugger-vscode-extension/sampleWorkspace/wisl/verify/list_dispose.wisl similarity index 100% rename from debugger-vscode-extension/sampleWorkspace/list_dispose.wisl rename to debugger-vscode-extension/sampleWorkspace/wisl/verify/list_dispose.wisl diff --git a/debugger-vscode-extension/sampleWorkspace/list_dispose_bad.gil b/debugger-vscode-extension/sampleWorkspace/wisl/verify/list_dispose_bad.gil similarity index 100% rename from debugger-vscode-extension/sampleWorkspace/list_dispose_bad.gil rename to debugger-vscode-extension/sampleWorkspace/wisl/verify/list_dispose_bad.gil diff --git a/debugger-vscode-extension/sampleWorkspace/list_dispose_bad.wisl b/debugger-vscode-extension/sampleWorkspace/wisl/verify/list_dispose_bad.wisl similarity index 100% rename from debugger-vscode-extension/sampleWorkspace/list_dispose_bad.wisl rename to debugger-vscode-extension/sampleWorkspace/wisl/verify/list_dispose_bad.wisl diff --git a/debugger-vscode-extension/sampleWorkspace/list_length_iter.gil b/debugger-vscode-extension/sampleWorkspace/wisl/verify/list_length_iter.gil similarity index 100% rename from debugger-vscode-extension/sampleWorkspace/list_length_iter.gil rename to debugger-vscode-extension/sampleWorkspace/wisl/verify/list_length_iter.gil diff --git a/debugger-vscode-extension/sampleWorkspace/list_length_iter.wisl b/debugger-vscode-extension/sampleWorkspace/wisl/verify/list_length_iter.wisl similarity index 100% rename from debugger-vscode-extension/sampleWorkspace/list_length_iter.wisl rename to debugger-vscode-extension/sampleWorkspace/wisl/verify/list_length_iter.wisl diff --git a/debugger-vscode-extension/sampleWorkspace/list_length_rec.gil b/debugger-vscode-extension/sampleWorkspace/wisl/verify/list_length_rec.gil similarity index 100% rename from debugger-vscode-extension/sampleWorkspace/list_length_rec.gil rename to debugger-vscode-extension/sampleWorkspace/wisl/verify/list_length_rec.gil diff --git a/debugger-vscode-extension/sampleWorkspace/list_length_rec.wisl b/debugger-vscode-extension/sampleWorkspace/wisl/verify/list_length_rec.wisl similarity index 100% rename from debugger-vscode-extension/sampleWorkspace/list_length_rec.wisl rename to debugger-vscode-extension/sampleWorkspace/wisl/verify/list_length_rec.wisl diff --git a/debugger-vscode-extension/sampleWorkspace/list_length_rec_bad.gil b/debugger-vscode-extension/sampleWorkspace/wisl/verify/list_length_rec_bad.gil similarity index 100% rename from debugger-vscode-extension/sampleWorkspace/list_length_rec_bad.gil rename to debugger-vscode-extension/sampleWorkspace/wisl/verify/list_length_rec_bad.gil diff --git a/debugger-vscode-extension/sampleWorkspace/list_length_rec_bad.wisl b/debugger-vscode-extension/sampleWorkspace/wisl/verify/list_length_rec_bad.wisl similarity index 100% rename from debugger-vscode-extension/sampleWorkspace/list_length_rec_bad.wisl rename to debugger-vscode-extension/sampleWorkspace/wisl/verify/list_length_rec_bad.wisl diff --git a/debugger-vscode-extension/sampleWorkspace/wpst/llen_wpst.wisl b/debugger-vscode-extension/sampleWorkspace/wisl/wpst/llen_wpst.wisl similarity index 100% rename from debugger-vscode-extension/sampleWorkspace/wpst/llen_wpst.wisl rename to debugger-vscode-extension/sampleWorkspace/wisl/wpst/llen_wpst.wisl diff --git a/debugger-vscode-extension/sampleWorkspace/wisl_old/errors/double_free.gil b/debugger-vscode-extension/sampleWorkspace/wisl_old/errors/double_free.gil deleted file mode 100644 index 08064dccd..000000000 --- a/debugger-vscode-extension/sampleWorkspace/wisl_old/errors/double_free.gil +++ /dev/null @@ -1,40 +0,0 @@ -import "wisl_pointer_arith.gil", "wisl_core.gil"; - - -spec double_free_one_var(x) - [[ emp ]] - [[ emp ]] - normal -proc double_free_one_var(x) { - x := [alloc](1.); - goto [(l-nth(x, 1.) = 0.)] continue0 fail0; - fail0: fail [InvalidBlockPointer](x); - continue0: gvar0 := [dispose](l-nth(x, 0.)); - goto [(l-nth(x, 1.) = 0.)] continue1 fail1; - fail1: fail [InvalidBlockPointer](x); - continue1: gvar1 := [dispose](l-nth(x, 0.)); - ret := null; - return -}; - - -spec double_free_many_vars() - [[ emp ]] - [[ emp ]] - normal -proc double_free_many_vars() { - y := [alloc](2.); - x := [alloc](3.); - z := x; - goto [(l-nth(x, 1.) = 0.)] continue0 fail0; - fail0: fail [InvalidBlockPointer](x); - continue0: gvar0 := [dispose](l-nth(x, 0.)); - goto [(l-nth(y, 1.) = 0.)] continue1 fail1; - fail1: fail [InvalidBlockPointer](y); - continue1: gvar1 := [dispose](l-nth(y, 0.)); - goto [(l-nth(z, 1.) = 0.)] continue2 fail2; - fail2: fail [InvalidBlockPointer](z); - continue2: gvar2 := [dispose](l-nth(z, 0.)); - ret := null; - return -}; diff --git a/debugger-vscode-extension/sampleWorkspace/wisl_old/errors/double_free.wisl b/debugger-vscode-extension/sampleWorkspace/wisl_old/errors/double_free.wisl deleted file mode 100644 index d3ff7b4a4..000000000 --- a/debugger-vscode-extension/sampleWorkspace/wisl_old/errors/double_free.wisl +++ /dev/null @@ -1,20 +0,0 @@ -{ emp } -function double_free_one_var(x) { - x := new(1); - delete(x); - delete(x); - return null -} -{ emp } - -{ emp } -function double_free_many_vars() { - y := new(2); - x := new(3); - z := x; - delete(x); - delete(y); - delete(z); - return null -} -{ emp } \ No newline at end of file diff --git a/debugger-vscode-extension/sampleWorkspace/wisl_old/errors/missing_resource.gil b/debugger-vscode-extension/sampleWorkspace/wisl_old/errors/missing_resource.gil deleted file mode 100644 index 0e9aa3007..000000000 --- a/debugger-vscode-extension/sampleWorkspace/wisl_old/errors/missing_resource.gil +++ /dev/null @@ -1,46 +0,0 @@ -import "wisl_pointer_arith.gil", "wisl_core.gil"; - - -spec missing_bound(x) - [[ (#lgvar0, #lgvar1; 1.) * - types(#lgvar0 : Obj, #lgvar1 : Num) * - (x == {{ #lgvar0, #lgvar1 }}) ]] - [[ (ret == 1.) ]] - normal -proc missing_bound(x) { - goto [(l-nth(x, 1.) = 0.)] continue0 fail0; - fail0: fail [InvalidBlockPointer](x); - continue0: gvar0 := [dispose](l-nth(x, 0.)); - ret := 1.; - return -}; - - -spec missing_cell(x) - [[ (#lgvar0, #lgvar1; 1.) * - types(#lgvar0 : Obj, #lgvar1 : Num) * - (x == {{ #lgvar0, #lgvar1 }}) ]] - [[ (ret == null) ]] - normal -proc missing_cell(x) { - gvar0 := "i__add"(x, 1.); - gvar1 := [getcell](l-nth(gvar0, 0.), l-nth(gvar0, 1.)); - y := l-nth(gvar1, 2.); - ret := null; - return -}; - - -spec missing_cell_update_lhs(x, y) - [[ (#lgvar0, #lgvar1; 1.) * - types(#lgvar0 : Obj, #lgvar1 : Num) * - (x == {{ #lgvar0, #lgvar1 }}) ]] - [[ (ret == null) ]] - normal -proc missing_cell_update_lhs(x, y) { - gvar0 := "i__add"(x, 1.); - gvar1 := [getcell](l-nth(gvar0, 0.), l-nth(gvar0, 1.)); - gvar2 := [setcell](l-nth(gvar1, 0.), l-nth(gvar1, 1.), 2.); - ret := null; - return -}; diff --git a/debugger-vscode-extension/sampleWorkspace/wisl_old/errors/missing_resource.wisl b/debugger-vscode-extension/sampleWorkspace/wisl_old/errors/missing_resource.wisl deleted file mode 100644 index 14bfa9582..000000000 --- a/debugger-vscode-extension/sampleWorkspace/wisl_old/errors/missing_resource.wisl +++ /dev/null @@ -1,20 +0,0 @@ -{ (x -> 1) } -function missing_cell(x) { - y := [x + 1]; - return null -} -{ ret == null } - -{ (x -> 1) } -function missing_cell_update_lhs(x, y) { - [x + 1] := 2; - return null -} -{ ret == null } - -{ (x -> 1) } -function missing_bound(x) { - delete(x); - return 1 -} -{ ret == 1 } \ No newline at end of file diff --git a/debugger-vscode-extension/sampleWorkspace/wisl_old/errors/out_of_bounds.gil b/debugger-vscode-extension/sampleWorkspace/wisl_old/errors/out_of_bounds.gil deleted file mode 100644 index 6307cacab..000000000 --- a/debugger-vscode-extension/sampleWorkspace/wisl_old/errors/out_of_bounds.gil +++ /dev/null @@ -1,15 +0,0 @@ -import "wisl_pointer_arith.gil", "wisl_core.gil"; - - -spec out_of_bounds() - [[ emp ]] - [[ emp ]] - normal -proc out_of_bounds() { - arr := [alloc](1.); - gvar0 := "i__add"(arr, 1.); - gvar1 := [getcell](l-nth(gvar0, 0.), l-nth(gvar0, 1.)); - x := l-nth(gvar1, 2.); - ret := 0.; - return -}; diff --git a/debugger-vscode-extension/sampleWorkspace/wisl_old/errors/out_of_bounds.wisl b/debugger-vscode-extension/sampleWorkspace/wisl_old/errors/out_of_bounds.wisl deleted file mode 100644 index c4f379c6f..000000000 --- a/debugger-vscode-extension/sampleWorkspace/wisl_old/errors/out_of_bounds.wisl +++ /dev/null @@ -1,7 +0,0 @@ -{ emp } -function out_of_bounds() { - arr := new(1); - x := [arr + 1]; - return 0 -} -{ emp } \ No newline at end of file diff --git a/debugger-vscode-extension/sampleWorkspace/wisl_old/errors/use_after_free.gil b/debugger-vscode-extension/sampleWorkspace/wisl_old/errors/use_after_free.gil deleted file mode 100644 index 5f2fd6cbd..000000000 --- a/debugger-vscode-extension/sampleWorkspace/wisl_old/errors/use_after_free.gil +++ /dev/null @@ -1,77 +0,0 @@ -import "wisl_pointer_arith.gil", "wisl_core.gil"; - - -spec use_after_free_spec(x) - [[ (x == #x) * freed(#x) ]] - [[ (#lgvar0, 0.; 1.) * - (#lgvar0; 1.) * - types(#lgvar0 : Obj) * - (x == {{ #lgvar0, 0. }}) ]] - normal -proc use_after_free_spec(x) { - gvar0 := [getcell](l-nth(x, 0.), l-nth(x, 1.)); - y := l-nth(gvar0, 2.); - ret := y; - return -}; - - -spec lookup_var() - [[ emp ]] - [[ (ret == 1.) ]] - normal -proc lookup_var() { - x := [alloc](1.); - gvar0 := [getcell](l-nth(x, 0.), l-nth(x, 1.)); - gvar1 := [setcell](l-nth(gvar0, 0.), l-nth(gvar0, 1.), 1.); - goto [(l-nth(x, 1.) = 0.)] continue0 fail0; - fail0: fail [InvalidBlockPointer](x); - continue0: gvar2 := [dispose](l-nth(x, 0.)); - y := x; - gvar3 := [getcell](l-nth(x, 0.), l-nth(x, 1.)); - y := l-nth(gvar3, 2.); - ret := y; - return -}; - - -spec lookup_vars_with_arithmetic() - [[ emp ]] - [[ emp ]] - normal -proc lookup_vars_with_arithmetic() { - x := [alloc](2.); - gvar0 := [getcell](l-nth(x, 0.), l-nth(x, 1.)); - gvar1 := [setcell](l-nth(gvar0, 0.), l-nth(gvar0, 1.), 1.); - goto [(l-nth(x, 1.) = 0.)] continue0 fail0; - fail0: fail [InvalidBlockPointer](x); - continue0: gvar2 := [dispose](l-nth(x, 0.)); - y := x; - gvar3 := "i__add"(x, 1.); - gvar4 := [getcell](l-nth(gvar3, 0.), l-nth(gvar3, 1.)); - y := l-nth(gvar4, 2.); - ret := null; - return -}; - - -spec update_vars_with_arithmetic() - [[ emp ]] - [[ emp ]] - normal -proc update_vars_with_arithmetic() { - x := [alloc](2.); - gvar0 := [getcell](l-nth(x, 0.), l-nth(x, 1.)); - gvar1 := [setcell](l-nth(gvar0, 0.), l-nth(gvar0, 1.), 1.); - goto [(l-nth(x, 1.) = 0.)] continue0 fail0; - fail0: fail [InvalidBlockPointer](x); - continue0: gvar2 := [dispose](l-nth(x, 0.)); - gvar3 := "i__add"(x, 1.); - gvar4 := [getcell](l-nth(gvar3, 0.), l-nth(gvar3, 1.)); - gvar5 := [setcell](l-nth(gvar4, 0.), l-nth(gvar4, 1.), 2.); - gvar6 := "i__add"(x, 1.); - gvar7 := [getcell](l-nth(gvar6, 0.), l-nth(gvar6, 1.)); - y := l-nth(gvar7, 2.); - ret := null; - return -}; diff --git a/debugger-vscode-extension/sampleWorkspace/wisl_old/errors/use_after_free.wisl b/debugger-vscode-extension/sampleWorkspace/wisl_old/errors/use_after_free.wisl deleted file mode 100644 index f3eaecc8c..000000000 --- a/debugger-vscode-extension/sampleWorkspace/wisl_old/errors/use_after_free.wisl +++ /dev/null @@ -1,39 +0,0 @@ -{ (x == #x) * freed(#x) } -function use_after_free_spec(x) { - y := [x]; - return y -} -{ x -b> 1 } - -{ emp } -function lookup_var() { - x := new(1); - [x] := 1; - delete(x); - y := x; - y := [x]; - return y -} -{ ret == 1 } - -{ emp } -function lookup_vars_with_arithmetic() { - x := new(2); - [x] := 1; - delete(x); - y := x; - y := [x + 1]; - return null -} -{ emp } - -{ emp } -function update_vars_with_arithmetic() { - x := new(2); - [x] := 1; - delete(x); - [x + 1] := 2; - y := [x + 1]; - return null -} -{ emp } \ No newline at end of file diff --git a/debugger-vscode-extension/sampleWorkspace/wisl_old/list_append.gil b/debugger-vscode-extension/sampleWorkspace/wisl_old/list_append.gil deleted file mode 100644 index fa85f41f7..000000000 --- a/debugger-vscode-extension/sampleWorkspace/wisl_old/list_append.gil +++ /dev/null @@ -1,59 +0,0 @@ -import "wisl_pointer_arith.gil", "wisl_core.gil"; - - -pred list(+x, alpha : List) : (x == null) * (alpha == {{ }}), - (_lvar_0, _lvar_1; #v) * (_lvar_0, (_lvar_1 i+ 1i); #z) * - types(_lvar_0 : Obj, _lvar_1 : Int) * (x == {{ _lvar_0, _lvar_1 }}) * - list(#z, #beta) * (alpha == l+ ({{ #v }}, #beta)); - -spec append_out_of_bounds(x, v) - [[ (x == #x) * (v == #v) * list(#x, #alpha) ]] - [[ list(ret, l+ (#alpha, {{ #v }})) ]] - normal -proc append_out_of_bounds(x, v) { - goto [(x = null)] then0 else0; - then0: x := [alloc](2i); - gvar0 := "i__add"(x, 1i); - gvar1 := [getcell](l-nth(gvar0, 0i), l-nth(gvar0, 1i)); - gvar2 := [setcell](l-nth(gvar1, 0i), l-nth(gvar1, 1i), v); - gvar3 := "i__add"(x, 2i); - gvar4 := [getcell](l-nth(gvar3, 0i), l-nth(gvar3, 1i)); - gvar5 := [setcell](l-nth(gvar4, 0i), l-nth(gvar4, 1i), null); - goto endif0; - else0: gvar6 := "i__add"(x, 1i); - gvar7 := [getcell](l-nth(gvar6, 0i), l-nth(gvar6, 1i)); - t := l-nth(gvar7, 2i); - t := "append"(t, v); - gvar8 := "i__add"(x, 1i); - gvar9 := [getcell](l-nth(gvar8, 0i), l-nth(gvar8, 1i)); - gvar10 := [setcell](l-nth(gvar9, 0i), l-nth(gvar9, 1i), t); - endif0: skip; - ret := x; - return -}; - - -spec append(x, v) - [[ (x == #x) * (v == #v) * list(#x, #alpha) ]] - [[ list(ret, l+ (#alpha, {{ #v }})) ]] - normal -proc append(x, v) { - goto [(x = null)] then0 else0; - then0: x := [alloc](2i); - gvar0 := [getcell](l-nth(x, 0i), l-nth(x, 1i)); - gvar1 := [setcell](l-nth(gvar0, 0i), l-nth(gvar0, 1i), v); - gvar2 := "i__add"(x, 1i); - gvar3 := [getcell](l-nth(gvar2, 0i), l-nth(gvar2, 1i)); - gvar4 := [setcell](l-nth(gvar3, 0i), l-nth(gvar3, 1i), null); - goto endif0; - else0: gvar5 := "i__add"(x, 1i); - gvar6 := [getcell](l-nth(gvar5, 0i), l-nth(gvar5, 1i)); - t := l-nth(gvar6, 2i); - t := "append"(t, v); - gvar7 := "i__add"(x, 1i); - gvar8 := [getcell](l-nth(gvar7, 0i), l-nth(gvar7, 1i)); - gvar9 := [setcell](l-nth(gvar8, 0i), l-nth(gvar8, 1i), t); - endif0: skip; - ret := x; - return -}; diff --git a/debugger-vscode-extension/sampleWorkspace/wisl_old/list_append.wisl b/debugger-vscode-extension/sampleWorkspace/wisl_old/list_append.wisl deleted file mode 100644 index 92e4511f2..000000000 --- a/debugger-vscode-extension/sampleWorkspace/wisl_old/list_append.wisl +++ /dev/null @@ -1,35 +0,0 @@ -predicate list(+x, alpha) { - (x == null) * (alpha == nil); - (x -> #v, #z) * list(#z, #beta) * (alpha == #v::#beta) -} - -{ (x == #x) * (v == #v) * list(#x, #alpha) } -function append(x, v) { - if (x = null) { - x := new(2); - [x] := v; - [x + 1] := null - } else { - t := [x + 1]; - t := append(t, v); - [x + 1] := t - }; - return x -} -{ list(ret, #alpha @ [#v]) } - - -{ (x == #x) * (v == #v) * list(#x, #alpha) } -function append_out_of_bounds(x, v) { - if (x = null) { - x := new(2); - [x + 1] := v; - [x + 2] := null - } else { - t := [x + 1]; - t := append(t, v); - [x + 1] := t - }; - return x -} -{ list(ret, #alpha @ [#v]) } diff --git a/debugger-vscode-extension/sampleWorkspace/wisl_old/list_dispose.gil b/debugger-vscode-extension/sampleWorkspace/wisl_old/list_dispose.gil deleted file mode 100644 index ce3f8026b..000000000 --- a/debugger-vscode-extension/sampleWorkspace/wisl_old/list_dispose.gil +++ /dev/null @@ -1,113 +0,0 @@ -import "wisl_pointer_arith.gil", "wisl_core.gil"; - - -pred freed_ptrs(ptrs : List) : (ptrs == {{ }}), - (ptrs == l+ ({{ #x }}, #rest)) * freed(#x) * freed_ptrs(#rest); - - -pred list(+x, alpha : List, ptrs : List) : (x == null) * (alpha == {{ }}) * - (ptrs == {{ }}), (#lgvar0, 0.; #v) * (#lgvar0; 2.) * - (#lgvar0, 1.; #z) * types(#lgvar0 : Obj) * (x == {{ #lgvar0, 0. }}) * - list(#z, #beta, #rptrs) * (alpha == l+ ({{ #v }}, #beta)) * - (ptrs == l+ ({{ x }}, #rptrs)); - -spec list_dispose_out_of_bounds(x) - [[ (x == #x) * list(#x, #alpha, #ptrs) ]] - [[ freed_ptrs(#ptrs) ]] - normal -proc list_dispose_out_of_bounds(x) { - goto [(not (x = null))] then0 else0; - then0: gvar0 := "i__add"(x, 2.); - gvar1 := [getcell](l-nth(gvar0, 0.), l-nth(gvar0, 1.)); - tail := l-nth(gvar1, 2.); - u := "list_dispose_out_of_bounds"(tail); - goto [(l-nth(x, 1.) = 0.)] continue0 fail0; - fail0: fail [InvalidBlockPointer](x); - continue0: gvar2 := [dispose](l-nth(x, 0.)); - goto endif0; - else0: skip; - endif0: skip; - ret := null; - return -}; - - -spec list_dispose_double_free(x) - [[ (x == #x) * list(#x, #alpha, #ptrs) ]] - [[ freed_ptrs(#ptrs) ]] - normal -proc list_dispose_double_free(x) { - goto [(not (x = null))] then0 else0; - then0: gvar0 := "i__add"(x, 1.); - gvar1 := [getcell](l-nth(gvar0, 0.), l-nth(gvar0, 1.)); - tail := l-nth(gvar1, 2.); - goto [(l-nth(x, 1.) = 0.)] continue0 fail0; - fail0: fail [InvalidBlockPointer](x); - continue0: gvar2 := [dispose](l-nth(x, 0.)); - u := "list_dispose_double_free"(tail); - goto [(l-nth(x, 1.) = 0.)] continue1 fail1; - fail1: fail [InvalidBlockPointer](x); - continue1: gvar3 := [dispose](l-nth(x, 0.)); - goto endif0; - else0: skip; - endif0: skip; - ret := null; - return -}; - - -spec dispose(x) - [[ (x == #x) * list(#x, #alpha, #ptrs) ]] - [[ freed_ptrs(#x) ]] - normal -proc dispose(x) { - gvar0 := "dispose_loop0"(x); - x := l-nth(gvar0, 0.); - ret := null; - return -}; - - -spec dispose_loop0(x) - [[ (x == #pvar_x) * list(#pvar_x, #beta, #rest_ptrs) ]] - [[ list(#new_pvar_x, #beta__new, #rest_ptrs__new) * - (ret == {{ #new_pvar_x }}) * - (#new_pvar_x == null) ]] - normal -proc dispose_loop0(x) { - goto [(not (x = null))] then0 else0; - then0: gvar0 := "i__add"(x, 1.); - gvar1 := [getcell](l-nth(gvar0, 0.), l-nth(gvar0, 1.)); - t := l-nth(gvar1, 2.); - goto [(l-nth(x, 1.) = 0.)] continue0 fail0; - fail0: fail [InvalidBlockPointer](x); - continue0: gvar2 := [dispose](l-nth(x, 0.)); - x := t; - loopretvar__ := "dispose_loop0"(x); - goto endif0; - else0: loopretvar__ := {{ x }}; - endif0: skip; - ret := loopretvar__; - return -}; - - -spec list_dispose_bad_spec(x) - [[ (x == #x) * list(#x, #alpha, #ptrs) ]] - [[ freed_ptrs(#ptrs) ]] - normal -proc list_dispose_bad_spec(x) { - goto [(not (x = null))] then0 else0; - then0: gvar0 := "i__add"(x, 1.); - gvar1 := [getcell](l-nth(gvar0, 0.), l-nth(gvar0, 1.)); - tail := l-nth(gvar1, 2.); - u := "list_dispose_bad_spec"(tail); - goto [(l-nth(x, 1.) = 0.)] continue0 fail0; - fail0: fail [InvalidBlockPointer](x); - continue0: gvar2 := [dispose](l-nth(x, 0.)); - goto endif0; - else0: skip; - endif0: skip; - ret := null; - return -}; diff --git a/debugger-vscode-extension/sampleWorkspace/wisl_old/list_dispose.wisl b/debugger-vscode-extension/sampleWorkspace/wisl_old/list_dispose.wisl deleted file mode 100644 index 4930e25aa..000000000 --- a/debugger-vscode-extension/sampleWorkspace/wisl_old/list_dispose.wisl +++ /dev/null @@ -1,70 +0,0 @@ -predicate list(+x, alpha, ptrs) { - (x == null) * (alpha == nil) * (ptrs == nil); - (x -b> #v, #z) * list(#z, #beta, #rptrs) * - (alpha == #v::#beta) * (ptrs == x::#rptrs) -} - -predicate freed_ptrs(+ptrs) { - (ptrs == nil); - (ptrs == #x::#rest) * freed(#x) * freed_ptrs(#rest) -} - -// Spec without block pointer -// predicate list(+x, alpha) { -// (x == null) * (alpha == nil); -// (x -> #v, #z) * list(#z, #beta) * -// (alpha == #v::#beta) -// } - -{ (x == #x) * list(#x, #alpha, #ptrs) } -function dispose(x) { - [[ invariant {bind: x, #beta, #rest_ptrs} list(x, #beta, #rest_ptrs) ]]; - while (not (x = null)) { - t := [x + 1]; - delete(x); - x := t - }; - return null -} -{ freed_ptrs(#x) } - -{ (x == #x) * list(#x, #alpha, #ptrs) } -function list_dispose_double_free(x) { - if (not (x = null)) { - tail := [x + 1]; - delete(x); - u := list_dispose_double_free(tail); - delete(x) - } else { - skip - }; - return null -} -{ freed_ptrs(#ptrs) } - -// Use commented out spec -{ (x == #x) * list(#x, #alpha, #ptrs) } -function list_dispose_bad_spec(x) { - if (not (x = null)) { - tail := [x + 1]; - u := list_dispose_bad_spec(tail); - delete(x) - } else { - skip - }; - return null -} -{ freed_ptrs(#ptrs) } - -{ (x == #x) * list(#x, #alpha, #ptrs) } -function list_dispose_out_of_bounds(x) { - if (not (x = null)) { - tail := [x + 2]; - u := list_dispose_out_of_bounds(tail); - delete(x) - } else { - skip - }; - return null -} -{ freed_ptrs(#ptrs) } From c7cf09ef5a44c192810133c66d7e2f418dbce86e Mon Sep 17 00:00:00 2001 From: Nat Karmios Date: Fri, 15 Mar 2024 01:24:27 +0000 Subject: [PATCH 2/5] Fix ConfError report IDs --- .../engine/general_semantics/general/g_interpreter.ml | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/GillianCore/engine/general_semantics/general/g_interpreter.ml b/GillianCore/engine/general_semantics/general/g_interpreter.ml index 19f4f2fc4..98b3d8221 100644 --- a/GillianCore/engine/general_semantics/general/g_interpreter.ml +++ b/GillianCore/engine/general_semantics/general/g_interpreter.ml @@ -1739,7 +1739,6 @@ struct | _, (_, LAction _) -> simplify state | _ -> [ state ] in - let prev_cmd_report_id = !report_id_ref in List.concat_map (fun state -> try @@ -1755,7 +1754,7 @@ struct error_state; errors; branch_path = List_utils.cons_opt branch_case branch_path; - prev_cmd_report_id; + prev_cmd_report_id = !report_id_ref; }; ] | State.Internal_State_Error (errs, error_state) -> @@ -1768,7 +1767,7 @@ struct error_state; errors = List.map (fun x -> Exec_err.EState x) errs; branch_path = List_utils.cons_opt branch_case branch_path; - prev_cmd_report_id; + prev_cmd_report_id = !report_id_ref; }; ]) states From 87b210e540810b80b97a4a321e85b81eb10ca72f Mon Sep 17 00:00:00 2001 From: Nat Karmios Date: Fri, 15 Mar 2024 01:24:46 +0000 Subject: [PATCH 3/5] Debug: Fix end-of-branch detection --- .../debugging/debugger/base_debugger.ml | 31 ++++--------------- 1 file changed, 6 insertions(+), 25 deletions(-) diff --git a/GillianCore/debugging/debugger/base_debugger.ml b/GillianCore/debugging/debugger/base_debugger.ml index b3458d6d7..c92c800a6 100644 --- a/GillianCore/debugging/debugger/base_debugger.ml +++ b/GillianCore/debugging/debugger/base_debugger.ml @@ -496,30 +496,11 @@ struct (* A command step with no results *should* mean that we're returning. If we're at the top of the callstack, this *should* mean that we're hitting the end of the program. *) - let is_eob ~content ~type_ ~id = - let is_root = - match - content |> Yojson.Safe.from_string |> ConfigReport.of_yojson - with - | Error _ -> - DL.log (fun m -> - m - "Handle_continue.is_eob: Not a ConfigReport (type %s); I'm \ - not sure what to do here." - type_); - true - | Ok report -> ( - match report.callstack with - | [] -> failwith "HORROR: Empty callstack!" - | [ _ ] -> true - | _ -> false) - in - if is_root then - L.Log_queryer.get_cmd_results id - |> List.for_all (fun (_, content) -> - let result = content |> of_yojson_string CmdResult.of_yojson in - result.errors <> []) - else false + let is_eob ~id = + L.Log_queryer.get_cmd_results id + |> List.for_all (fun (_, content) -> + let result = content |> of_yojson_string CmdResult.of_yojson in + result.errors <> []) type continue_kind = ProcInit | EoB | Continue @@ -529,7 +510,7 @@ struct if type_ = Content_type.proc_init then ( DL.log (fun m -> m "Debugger.%s: Skipping proc_init..." log_context); ProcInit) - else if is_eob ~content ~type_ ~id then ( + else if is_eob ~id then ( DL.log (fun m -> m "Debugger.%s: No non-error results for %a; stepping again \ From aa82fe262803deb625d2546ecc68e68cf1385865 Mon Sep 17 00:00:00 2001 From: Nat Karmios Date: Fri, 15 Mar 2024 01:30:45 +0000 Subject: [PATCH 4/5] Reorganise WISL debug exampels --- .../wisl/verify/gil/SLL_ex_complete.gil | 857 ++++++++++++++++++ .../wisl/verify/{ => gil}/list_dispose.gil | 0 .../verify/{ => gil}/list_dispose_bad.gil | 0 .../verify/{ => gil}/list_length_iter.gil | 0 .../wisl/verify/{ => gil}/list_length_rec.gil | 0 .../list_length_rec_bad_2.gil} | 20 +- .../wisl/verify/list_length_rec_bad_1.wisl | 17 + ...ec_bad.wisl => list_length_rec_bad_2.wisl} | 3 +- .../sampleWorkspace/wisl/wpst/llen_wpst.wisl | 2 +- 9 files changed, 887 insertions(+), 12 deletions(-) create mode 100644 debugger-vscode-extension/sampleWorkspace/wisl/verify/gil/SLL_ex_complete.gil rename debugger-vscode-extension/sampleWorkspace/wisl/verify/{ => gil}/list_dispose.gil (100%) rename debugger-vscode-extension/sampleWorkspace/wisl/verify/{ => gil}/list_dispose_bad.gil (100%) rename debugger-vscode-extension/sampleWorkspace/wisl/verify/{ => gil}/list_length_iter.gil (100%) rename debugger-vscode-extension/sampleWorkspace/wisl/verify/{ => gil}/list_length_rec.gil (100%) rename debugger-vscode-extension/sampleWorkspace/wisl/verify/{list_length_rec_bad.gil => gil/list_length_rec_bad_2.gil} (57%) create mode 100644 debugger-vscode-extension/sampleWorkspace/wisl/verify/list_length_rec_bad_1.wisl rename debugger-vscode-extension/sampleWorkspace/wisl/verify/{list_length_rec_bad.wisl => list_length_rec_bad_2.wisl} (94%) diff --git a/debugger-vscode-extension/sampleWorkspace/wisl/verify/gil/SLL_ex_complete.gil b/debugger-vscode-extension/sampleWorkspace/wisl/verify/gil/SLL_ex_complete.gil new file mode 100644 index 000000000..dca35efa7 --- /dev/null +++ b/debugger-vscode-extension/sampleWorkspace/wisl/verify/gil/SLL_ex_complete.gil @@ -0,0 +1,857 @@ +import "wisl_pointer_arith.gil", "wisl_core.gil"; + + +lemma SLLseg_concat_SLL(x, y) + [[ emp * (x == #x) * (y == #y) * SLLseg(#x, #y, #vx) * SLL(#y, #vy) ]] + [[ SLL(#x, l+ (#vx, #vy)) ]] + [* unfold SLLseg(#x, #y, #vx) ; + if ((not (#vx = {{ }}))) then { + sep_assert ((#wisl__0, 0i; #nv) * + (#wisl__0; 2i) * + (#wisl__0, 1i; #nnext) * + types(#wisl__0 : Obj) * + (#x == {{ #wisl__0, 0i }})) [bind: #wisl__0, + #nv, #nnext]; + apply SLLseg_concat_SLL(#nnext, #y) + } *] + +lemma list_member_append(vs, v, r, w) + [[ emp * (vs == #vs) * (v == #v) * (r == #r) * (w == #w) * + list_member(#vs, #v, #r) ]] + [[ list_member(l+ (#vs, {{ #w }}), #v, (#r or (#w = #v))) ]] + [* if ((#w = #v)) then { + + }; unfold list_member(#vs, #v, #r) ; + if ((not (#vs = {{ }}))) then { + sep_assert ((#vs == l+ ({{ #nv }}, #nvs)) * + list_member(#nvs, #v, #nr)) [bind: #nv, + #nvs, #nr]; + apply list_member_append(#nvs, #v, #nr, #w) + } *] + +lemma SLLseg_to_SLL(x) + [[ emp * (x == #x) * SLLseg(#x, null, #vx) ]] + [[ SLL(#x, #vx) ]] + [* unfold SLLseg(#x, null, #vx) ; + if ((not (#vx = {{ }}))) then { + sep_assert ((#wisl__0, 0i; #nv) * + (#wisl__0; 2i) * + (#wisl__0, 1i; #nnext) * + types(#wisl__0 : Obj) * + (#x == {{ #wisl__0, 0i }})) [bind: #wisl__0, + #nv, #nnext]; apply SLLseg_to_SLL(#nnext) + } *] + +lemma SSLseg_append(x, vs, v, z) + [[ emp * (x == #x) * (vs == #vs) * (v == #v) * (z == #z) * + SLLseg(#x, #y, #vs) * (#wisl__1, 0i; #v) * + (#wisl__1; 2i) * (#wisl__1, 1i; #z) * + types(#wisl__1 : Obj) * (#y == {{ #wisl__1, 0i }}) ]] + [[ SLLseg(#x, #z, l+ (#vs, {{ #v }})) ]] + [* unfold SLLseg(#x, #y, #vs) ; + if ((not (#x = #y))) then { + sep_assert ((#wisl__0, 0i; #nv) * (#wisl__0; 2i) * + (#wisl__0, 1i; #nnext) * types(#wisl__0 : Obj) * + (#x == {{ #wisl__0, 0i }}) * SLLseg(#nnext, #y, #nvs) * + (#vs == l+ ({{ #nv }}, #nvs))) [bind: #wisl__0, + #nv, #nnext, #nvs]; apply SSLseg_append(#nnext, #nvs, #v, #z) ; + fold SLLseg(#x, #z, l+ (#vs, {{ #v }})) + } else { fold SLLseg(#y, #z, {{ #v }}) } *] + +lemma list_member_concat(vs1, vs2, v) + [[ emp * (vs1 == #vs1) * (vs2 == #vs2) * (v == #v) * + list_member(#vs1, #v, #r1) * list_member(#vs2, #v, #r2) ]] + [[ list_member(l+ (#vs1, #vs2), #v, (#r1 or #r2)) ]] + [* unfold list_member(#vs1, #v, #r1) ; + if ((not (#vs1 = {{ }}))) then { + sep_assert ((#vs1 == + l+ ({{ #nv1 }}, #nvs1)) * + list_member(#nvs1, #v, #nr1)) [bind: #nv1, + #nvs1, #nr1]; + apply list_member_concat(#nvs1, #vs2, #v) + } *] +pred SLL(+x, vs : List) : (x == null) * (vs == {{ }}), + (#wisl__1, 0i; #v) * (#wisl__1; 2i) * + (#wisl__1, 1i; #next) * types(#wisl__1 : Obj) * + (x == {{ #wisl__1, 0i }}) * SLL(#next, #vs) * (vs == l+ ({{ #v }}, #vs)); + + +pred SLLseg(+x, y, vs : List) : (x == y) * (vs == {{ }}), + (#wisl__0, 0i; #v) * (#wisl__0; 2i) * + (#wisl__0, 1i; #next) * types(#wisl__0 : Obj) * + (x == {{ #wisl__0, 0i }}) * SLLseg(#next, y, #vs) * + (vs == l+ ({{ #v }}, #vs)); + + +pred list_member(+vs : List, +v, r : Bool) : (vs == {{ }}) * (r == false), + (vs == l+ ({{ v }}, #rest)) * (r == true) * list_member(#rest, v, #mem), + (vs == l+ ({{ #v }}, #rest)) * (! (#v == v)) * list_member(#rest, v, r); + +spec SLL_concat_iter_loop0(head, next, prev) + [[ (prev == #pvar_prev) * + (next == #pvar_next) * + (head == #pvar_head) * + SLLseg(#pvar_head, #pvar_prev, #vs1) * + (#wisl__0, 0i; #v) * + (#wisl__0; 2i) * + (#wisl__0, 1i; #pvar_next) * + types(#wisl__0 : Obj) * + (#pvar_prev == {{ #wisl__0, 0i }}) * + SLL(#pvar_next, #vs2) * + (#vx == l+ (#vs1, l+ ({{ #v }}, #vs2))) ]] + [[ SLLseg(#pvar_head, #new_pvar_prev, #vs1__new) * + (#wisl__1, 0i; #v__new) * + (#wisl__1; 2i) * + (#wisl__1, 1i; #new_pvar_next) * + types(#wisl__1 : Obj) * + (#new_pvar_prev == {{ #wisl__1, 0i }}) * + SLL(#new_pvar_next, #vs2__new) * + (#vx == l+ (#vs1__new, l+ ({{ #v__new }}, #vs2__new))) * + (ret == {{ #pvar_head, #new_pvar_next, #new_pvar_prev }}) * + (#new_pvar_next == null) ]] + normal +proc SLL_concat_iter_loop0(head, next, prev) { + goto [(not (next = null))] then0 else0; + then0: sep_assert ((prev == #prev)) [bind: #prev]; + prev := next; + gvar0 := "i__add"(next, 1i); + goto [((typeOf gvar0) = List)] continue0 fail0; + fail0: fail [InvalidPointer](); + continue0: gvar1 := [getcell](l-nth(gvar0, 0i), l-nth(gvar0, 1i)); + next := l-nth(gvar1, 2i); + apply SSLseg_append(head, #vs1, #v, prev) ; + loopretvar__ := "SLL_concat_iter_loop0"(head, next, prev); + goto endif0; + else0: loopretvar__ := {{ head, next, prev }}; + endif0: skip; + ret := loopretvar__; + return +}; + + +spec SLL_copy(x) + [[ (x == #x) * SLL(#x, #vs) ]] + [[ SLL(#x, #vs) * SLL(ret, #vs) ]] + normal +proc SLL_copy(x) { + y := null; + goto [(not (x = null))] then0 else0; + then0: goto [((typeOf x) = List)] continue0 fail0; + fail0: fail [InvalidPointer](); + continue0: gvar0 := [getcell](l-nth(x, 0i), l-nth(x, 1i)); + k := l-nth(gvar0, 2i); + y := "SLL_allocate_node"(k); + gvar1 := "i__add"(x, 1i); + goto [((typeOf gvar1) = List)] continue1 fail1; + fail1: fail [InvalidPointer](); + continue1: gvar2 := [getcell](l-nth(gvar1, 0i), l-nth(gvar1, 1i)); + t := l-nth(gvar2, 2i); + z := "SLL_copy"(t); + gvar3 := "i__add"(y, 1i); + gvar4 := [getcell](l-nth(gvar3, 0i), l-nth(gvar3, 1i)); + gvar5 := [setcell](l-nth(gvar4, 0i), l-nth(gvar4, 1i), z); + goto endif0; + else0: skip; + endif0: skip; + ret := y; + return +}; + + +spec SLL_remove(x, k) + [[ (x == #x) * (k == #k) * SLL(#x, #vs) * list_member(#vs, #k, #mem) ]] + [[ SLL(ret, #nvs) * list_member(#nvs, #k, false) ]] + normal +proc SLL_remove(x, k) { + goto [(x = null)] then1 else1; + then1: skip; + goto endif1; + else1: goto [((typeOf x) = List)] continue0 fail0; + fail0: fail [InvalidPointer](); + continue0: gvar0 := [getcell](l-nth(x, 0i), l-nth(x, 1i)); + v := l-nth(gvar0, 2i); + gvar1 := "i__add"(x, 1i); + goto [((typeOf gvar1) = List)] continue1 fail1; + fail1: fail [InvalidPointer](); + continue1: gvar2 := [getcell](l-nth(gvar1, 0i), l-nth(gvar1, 1i)); + next := l-nth(gvar2, 2i); + goto [(v = k)] then0 else0; + then0: goto [(l-nth(x, 1i) = 0i)] continue2 fail2; + fail2: fail [InvalidBlockPointer](x); + continue2: gvar3 := [dispose](l-nth(x, 0i)); + x := "SLL_remove"(next, k); + goto endif0; + else0: z := "SLL_remove"(next, k); + gvar4 := "i__add"(x, 1i); + gvar5 := [getcell](l-nth(gvar4, 0i), l-nth(gvar4, 1i)); + gvar6 := [setcell](l-nth(gvar5, 0i), l-nth(gvar5, 1i), z); + endif0: skip; + endif1: skip; + fold list_member({{ }}, + #k, + false); + ret := x; + return +}; + + +spec SLL_copy_iter_loop0(p, t, v, x, y) + [[ (y == #pvar_y) * + (x == #pvar_x) * + (v == #pvar_v) * + (t == #pvar_t) * + (p == #pvar_p) * + SLLseg(#pvar_x, #pvar_t, #alpha1) * + SLL(#pvar_t, #alpha2) * + (#pvar_v == #a) * + (#alpha == l+ (#alpha1, #alpha2)) * + SLLseg(#pvar_y, #pvar_p, #alpha3) * + (#wisl__0, 0i; #a) * + (#wisl__0; 2i) * + (#wisl__0, 1i; null) * + types(#wisl__0 : Obj) * + (#pvar_p == {{ #wisl__0, 0i }}) * + (#alpha1 == l+ (#alpha3, {{ #a }})) ]] + [[ SLLseg(#pvar_x, #new_pvar_t, #alpha1__new) * + SLL(#new_pvar_t, #alpha2__new) * + (#new_pvar_v == #a__new) * + (#alpha == l+ (#alpha1__new, #alpha2__new)) * + SLLseg(#pvar_y, #new_pvar_p, #alpha3__new) * + (#wisl__1, 0i; #a__new) * + (#wisl__1; 2i) * + (#wisl__1, 1i; null) * + types(#wisl__1 : Obj) * + (#new_pvar_p == {{ #wisl__1, 0i }}) * + (#alpha1__new == l+ (#alpha3__new, {{ #a__new }})) * + (ret == {{ #new_pvar_p, #new_pvar_t, #new_pvar_v, #pvar_x, #pvar_y }}) * + (#new_pvar_t == null) ]] + normal +proc SLL_copy_iter_loop0(p, t, v, x, y) { + goto [(not (t = null))] then0 else0; + then0: sep_assert ((t == #t) * (p == #p)) [bind: #t, #p]; + goto [((typeOf t) = List)] continue0 fail0; + fail0: fail [InvalidPointer](); + continue0: gvar0 := [getcell](l-nth(t, 0i), l-nth(t, 1i)); + v := l-nth(gvar0, 2i); + c := [alloc](2i); + gvar1 := [getcell](l-nth(c, 0i), l-nth(c, 1i)); + gvar2 := [setcell](l-nth(gvar1, 0i), l-nth(gvar1, 1i), v); + gvar3 := "i__add"(p, 1i); + gvar4 := [getcell](l-nth(gvar3, 0i), l-nth(gvar3, 1i)); + gvar5 := [setcell](l-nth(gvar4, 0i), l-nth(gvar4, 1i), c); + p := c; + gvar6 := "i__add"(t, 1i); + goto [((typeOf gvar6) = List)] continue1 fail1; + fail1: fail [InvalidPointer](); + continue1: gvar7 := [getcell](l-nth(gvar6, 0i), l-nth(gvar6, 1i)); + t := l-nth(gvar7, 2i); + apply SSLseg_append(x, #alpha1, v, t) ; + apply SSLseg_append(y, #alpha3, #a, p) ; + loopretvar__ := "SLL_copy_iter_loop0"(p, t, v, x, y); + goto endif0; + else0: loopretvar__ := {{ p, t, v, x, y }}; + endif0: skip; + ret := loopretvar__; + return +}; + + +spec SLL_concat_iter(x, y) + [[ (x == #x) * (y == #y) * SLL(#x, #vx) * SLL(#y, #vy) ]] + [[ SLL(ret, l+ (#vx, #vy)) ]] + normal +proc SLL_concat_iter(x, y) { + goto [(x = null)] then0 else0; + then0: head := y; + goto endif0; + else0: head := x; + prev := head; + gvar0 := "i__add"(x, 1i); + goto [((typeOf gvar0) = List)] continue0 fail0; + fail0: fail [InvalidPointer](); + continue0: gvar1 := [getcell](l-nth(gvar0, 0i), l-nth(gvar0, 1i)); + next := l-nth(gvar1, 2i); + gvar2 := "SLL_concat_iter_loop0"(head, next, prev); + head := l-nth(gvar2, 0i); + next := l-nth(gvar2, 1i); + prev := l-nth(gvar2, 2i); + gvar3 := "i__add"(prev, 1i); + gvar4 := [getcell](l-nth(gvar3, 0i), l-nth(gvar3, 1i)); + gvar5 := [setcell](l-nth(gvar4, 0i), l-nth(gvar4, 1i), y); + sep_assert (SLLseg(head, prev, #svs) * + (#wisl__0, 0i; #sv) * (#wisl__0; 2i) * + (#wisl__0, 1i; y) * types(#wisl__0 : Obj) * + (prev == {{ #wisl__0, 0i }})) [bind: #wisl__0, + #svs, #sv]; + apply SSLseg_append(head, #svs, #sv, y) ; + apply SLLseg_concat_SLL(head, y) ; + endif0: skip; + ret := head; + return +}; + + +spec SLL_length_iter_loop0(n, x, y) + [[ (y == #pvar_y) * + (x == #pvar_x) * + (n == #pvar_n) * + SLLseg(#pvar_x, #pvar_y, #nvx) * + SLL(#pvar_y, #nvy) * + (#vx == l+ (#nvx, #nvy)) * + (#pvar_n == (l-len #nvx)) ]] + [[ SLLseg(#pvar_x, #new_pvar_y, #nvx__new) * + SLL(#new_pvar_y, #nvy__new) * + (#vx == l+ (#nvx__new, #nvy__new)) * + (#new_pvar_n == (l-len #nvx__new)) * + (ret == {{ #new_pvar_n, #pvar_x, #new_pvar_y }}) * + (#new_pvar_y == null) ]] + normal +proc SLL_length_iter_loop0(n, x, y) { + goto [(not (y = null))] then0 else0; + then0: sep_assert ((y == #y)) [bind: #y]; + sep_assert ((#wisl__0, 0i; #v) * (#wisl__0; 2i) * + (#wisl__0, 1i; #z) * types(#wisl__0 : Obj) * + (#y == {{ #wisl__0, 0i }})) [bind: #wisl__0, + #v, #z]; + gvar0 := "i__add"(y, 1i); + goto [((typeOf gvar0) = List)] continue0 fail0; + fail0: fail [InvalidPointer](); + continue0: gvar1 := [getcell](l-nth(gvar0, 0i), l-nth(gvar0, 1i)); + y := l-nth(gvar1, 2i); + gvar2 := "i__add"(n, 1i); + n := gvar2; + apply SSLseg_append(x, #nvx, #v, y) ; + loopretvar__ := "SLL_length_iter_loop0"(n, x, y); + goto endif0; + else0: loopretvar__ := {{ n, x, y }}; + endif0: skip; + ret := loopretvar__; + return +}; + + +spec SLL_free_iter_loop0(x) + [[ (x == #pvar_x) * SLL(#pvar_x, #rvs) ]] + [[ SLL(#new_pvar_x, #rvs__new) * + (ret == {{ #new_pvar_x }}) * + (#new_pvar_x == null) ]] + normal +proc SLL_free_iter_loop0(x) { + goto [(not (x = null))] then0 else0; + then0: y := x; + gvar0 := "i__add"(x, 1i); + goto [((typeOf gvar0) = List)] continue0 fail0; + fail0: fail [InvalidPointer](); + continue0: gvar1 := [getcell](l-nth(gvar0, 0i), l-nth(gvar0, 1i)); + x := l-nth(gvar1, 2i); + goto [(l-nth(y, 1i) = 0i)] continue1 fail1; + fail1: fail [InvalidBlockPointer](y); + continue1: gvar2 := [dispose](l-nth(y, 0i)); + loopretvar__ := "SLL_free_iter_loop0"(x); + goto endif0; + else0: loopretvar__ := {{ x }}; + endif0: skip; + ret := loopretvar__; + return +}; + + +spec SLL_length(x) + [[ (x == #x) * SLL(#x, #vs) ]] + [[ (ret == (l-len #vs)) ]] + normal +proc SLL_length(x) { + n := 0i; + goto [(x = null)] then0 else0; + then0: n := 0i; + goto endif0; + else0: gvar0 := "i__add"(x, 1i); + goto [((typeOf gvar0) = List)] continue0 fail0; + fail0: fail [InvalidPointer](); + continue0: gvar1 := [getcell](l-nth(gvar0, 0i), l-nth(gvar0, 1i)); + t := l-nth(gvar1, 2i); + n := "SLL_length"(t); + gvar2 := "i__add"(1i, n); + n := gvar2; + endif0: skip; + ret := n; + return +}; + + +spec SLL_free_iter(x) + [[ (x == #x) * SLL(#x, #vs) ]] + [[ (ret == null) ]] + normal +proc SLL_free_iter(x) { + gvar0 := "SLL_free_iter_loop0"(x); + x := l-nth(gvar0, 0i); + ret := null; + return +}; + + +spec SLL_append(x, k) + [[ (x == #x) * (k == #k) * SLL(#x, #vs) ]] + [[ SLL(ret, l+ (#vs, {{ #k }})) ]] + normal +proc SLL_append(x, k) { + goto [(x = null)] then0 else0; + then0: x := "SLL_allocate_node"(k); + goto endif0; + else0: gvar0 := "i__add"(x, 1i); + goto [((typeOf gvar0) = List)] continue0 fail0; + fail0: fail [InvalidPointer](); + continue0: gvar1 := [getcell](l-nth(gvar0, 0i), l-nth(gvar0, 1i)); + t := l-nth(gvar1, 2i); + z := "SLL_append"(t, k); + gvar2 := "i__add"(x, 1i); + gvar3 := [getcell](l-nth(gvar2, 0i), l-nth(gvar2, 1i)); + gvar4 := [setcell](l-nth(gvar3, 0i), l-nth(gvar3, 1i), z); + endif0: skip; + ret := x; + return +}; + + +spec SLL_append_iter(x, k) + [[ (x == #x) * (k == #k) * SLL(#x, #vx) ]] + [[ SLL(ret, l+ (#vx, {{ #k }})) ]] + normal +proc SLL_append_iter(x, k) { + y := "SLL_allocate_node"(k); + goto [(x = null)] then0 else0; + then0: x := y; + goto endif0; + else0: head := x; + prev := head; + gvar0 := "i__add"(x, 1i); + goto [((typeOf gvar0) = List)] continue0 fail0; + fail0: fail [InvalidPointer](); + continue0: gvar1 := [getcell](l-nth(gvar0, 0i), l-nth(gvar0, 1i)); + next := l-nth(gvar1, 2i); + gvar2 := "SLL_append_iter_loop0"(head, next, prev); + head := l-nth(gvar2, 0i); + next := l-nth(gvar2, 1i); + prev := l-nth(gvar2, 2i); + gvar3 := "i__add"(prev, 1i); + gvar4 := [getcell](l-nth(gvar3, 0i), l-nth(gvar3, 1i)); + gvar5 := [setcell](l-nth(gvar4, 0i), l-nth(gvar4, 1i), y); + sep_assert (SLLseg(head, prev, #svs) * + (#wisl__0, 0i; #sv) * (#wisl__0; 2i) * + (#wisl__0, 1i; y) * types(#wisl__0 : Obj) * + (prev == {{ #wisl__0, 0i }})) [bind: #wisl__0, + #svs, #sv]; + apply SSLseg_append(head, #svs, #sv, y) ; + sep_assert (SLLseg(head, y, #vx)) ; + apply SLLseg_concat_SLL(head, y) ; + endif0: skip; + ret := x; + return +}; + + +spec SLL_length_iter(x) + [[ (x == #x) * SLL(x, #vx) ]] + [[ SLL(#x, #vx) * (ret == (l-len #vx)) ]] + normal +proc SLL_length_iter(x) { + y := x; + n := 0i; + gvar0 := "SLL_length_iter_loop0"(n, x, y); + n := l-nth(gvar0, 0i); + x := l-nth(gvar0, 1i); + y := l-nth(gvar0, 2i); + unfold SLL(null, #nvy) ; + apply SLLseg_to_SLL(x) ; + ret := n; + return +}; + + +spec SLL_append_node_iter(x, y) + [[ (x == #x) * (y == #y) * SLL(#x, #vs) * SLL(#y, {{ #vy }}) ]] + [[ SLL(ret, l+ (#vs, {{ #vy }})) ]] + normal +proc SLL_append_node_iter(x, y) { + goto [(x = null)] then0 else0; + then0: x := y; + goto endif0; + else0: head := x; + prev := head; + gvar0 := "i__add"(x, 1i); + goto [((typeOf gvar0) = List)] continue0 fail0; + fail0: fail [InvalidPointer](); + continue0: gvar1 := [getcell](l-nth(gvar0, 0i), l-nth(gvar0, 1i)); + next := l-nth(gvar1, 2i); + gvar2 := "SLL_append_node_iter_loop0"(head, next, prev); + head := l-nth(gvar2, 0i); + next := l-nth(gvar2, 1i); + prev := l-nth(gvar2, 2i); + gvar3 := "i__add"(prev, 1i); + gvar4 := [getcell](l-nth(gvar3, 0i), l-nth(gvar3, 1i)); + gvar5 := [setcell](l-nth(gvar4, 0i), l-nth(gvar4, 1i), y); + sep_assert (SLLseg(head, prev, #svs) * + (#wisl__0, 0i; #sv) * (#wisl__0; 2i) * + (#wisl__0, 1i; y) * types(#wisl__0 : Obj) * + (prev == {{ #wisl__0, 0i }})) [bind: #wisl__0, + #svs, #sv]; + apply SSLseg_append(head, #svs, #sv, y) ; + sep_assert (SLLseg(head, y, #vs)) ; + apply SLLseg_concat_SLL(head, y) ; + endif0: skip; + ret := x; + return +}; + + +spec SLL_copy_iter(x) + [[ (x == #x) * SLL(#x, #alpha) ]] + [[ SLL(#x, #alpha) * SLL(ret, #alpha) ]] + normal +proc SLL_copy_iter(x) { + y := null; + goto [(x = null)] then0 else0; + then0: skip; + goto endif0; + else0: y := [alloc](2i); + goto [((typeOf x) = List)] continue0 fail0; + fail0: fail [InvalidPointer](); + continue0: gvar0 := [getcell](l-nth(x, 0i), l-nth(x, 1i)); + v := l-nth(gvar0, 2i); + gvar1 := [getcell](l-nth(y, 0i), l-nth(y, 1i)); + gvar2 := [setcell](l-nth(gvar1, 0i), l-nth(gvar1, 1i), v); + gvar3 := "i__add"(x, 1i); + goto [((typeOf gvar3) = List)] continue1 fail1; + fail1: fail [InvalidPointer](); + continue1: gvar4 := [getcell](l-nth(gvar3, 0i), l-nth(gvar3, 1i)); + t := l-nth(gvar4, 2i); + p := y; + fold SLLseg(x, + t, + {{ v }}); + fold SLLseg(y, + p, + {{ }}); + gvar5 := "SLL_copy_iter_loop0"(p, t, v, x, y); + p := l-nth(gvar5, 0i); + t := l-nth(gvar5, 1i); + v := l-nth(gvar5, 2i); + x := l-nth(gvar5, 3i); + y := l-nth(gvar5, 4i); + sep_assert (SLLseg(y, p, #alpha3)) [bind: #alpha3]; + apply SSLseg_append(y, #alpha3, v, null) ; + apply SLLseg_to_SLL(x) ; + apply SLLseg_to_SLL(y) ; + endif0: skip; + ret := y; + return +}; + + +spec SLL_concat(x, y) + [[ (x == #x) * (y == #y) * SLL(#x, #vx) * SLL(#y, #vy) ]] + [[ SLL(ret, l+ (#vx, #vy)) ]] + normal +proc SLL_concat(x, y) { + goto [(x = null)] then0 else0; + then0: x := y; + goto endif0; + else0: gvar0 := "i__add"(x, 1i); + goto [((typeOf gvar0) = List)] continue0 fail0; + fail0: fail [InvalidPointer](); + continue0: gvar1 := [getcell](l-nth(gvar0, 0i), l-nth(gvar0, 1i)); + t := l-nth(gvar1, 2i); + z := "SLL_concat"(t, y); + gvar2 := "i__add"(x, 1i); + gvar3 := [getcell](l-nth(gvar2, 0i), l-nth(gvar2, 1i)); + gvar4 := [setcell](l-nth(gvar3, 0i), l-nth(gvar3, 1i), z); + endif0: skip; + ret := x; + return +}; + + +spec SLL_append_iter_loop0(head, next, prev) + [[ (prev == #pvar_prev) * + (next == #pvar_next) * + (head == #pvar_head) * + SLLseg(#pvar_head, #pvar_prev, #vs1) * + (#wisl__0, 0i; #v) * + (#wisl__0; 2i) * + (#wisl__0, 1i; #pvar_next) * + types(#wisl__0 : Obj) * + (#pvar_prev == {{ #wisl__0, 0i }}) * + SLL(#pvar_next, #vs2) * + (#vx == l+ (#vs1, l+ ({{ #v }}, #vs2))) ]] + [[ SLLseg(#pvar_head, #new_pvar_prev, #vs1__new) * + (#wisl__1, 0i; #v__new) * + (#wisl__1; 2i) * + (#wisl__1, 1i; #new_pvar_next) * + types(#wisl__1 : Obj) * + (#new_pvar_prev == {{ #wisl__1, 0i }}) * + SLL(#new_pvar_next, #vs2__new) * + (#vx == l+ (#vs1__new, l+ ({{ #v__new }}, #vs2__new))) * + (ret == {{ #pvar_head, #new_pvar_next, #new_pvar_prev }}) * + (#new_pvar_next == null) ]] + normal +proc SLL_append_iter_loop0(head, next, prev) { + goto [(not (next = null))] then0 else0; + then0: sep_assert ((prev == #prev)) [bind: #prev]; + prev := next; + gvar0 := "i__add"(next, 1i); + goto [((typeOf gvar0) = List)] continue0 fail0; + fail0: fail [InvalidPointer](); + continue0: gvar1 := [getcell](l-nth(gvar0, 0i), l-nth(gvar0, 1i)); + next := l-nth(gvar1, 2i); + apply SSLseg_append(head, #vs1, #v, prev) ; + loopretvar__ := "SLL_append_iter_loop0"(head, next, prev); + goto endif0; + else0: loopretvar__ := {{ head, next, prev }}; + endif0: skip; + ret := loopretvar__; + return +}; + + +spec SLL_allocate_node(v) + [[ (v == #v) ]] + [[ SLL(ret, {{ #v }}) ]] + normal +proc SLL_allocate_node(v) { + t := [alloc](2i); + gvar0 := [getcell](l-nth(t, 0i), l-nth(t, 1i)); + gvar1 := [setcell](l-nth(gvar0, 0i), l-nth(gvar0, 1i), v); + ret := t; + return +}; + + +spec SLL_append_node(x, y) + [[ (x == #x) * (y == #y) * SLL(#x, #vs) * SLL(#y, {{ #vy }}) ]] + [[ SLL(ret, l+ (#vs, {{ #vy }})) ]] + normal +proc SLL_append_node(x, y) { + goto [(x = null)] then0 else0; + then0: x := y; + goto endif0; + else0: gvar0 := "i__add"(x, 1i); + goto [((typeOf gvar0) = List)] continue0 fail0; + fail0: fail [InvalidPointer](); + continue0: gvar1 := [getcell](l-nth(gvar0, 0i), l-nth(gvar0, 1i)); + t := l-nth(gvar1, 2i); + z := "SLL_append_node"(t, y); + gvar2 := "i__add"(x, 1i); + gvar3 := [getcell](l-nth(gvar2, 0i), l-nth(gvar2, 1i)); + gvar4 := [setcell](l-nth(gvar3, 0i), l-nth(gvar3, 1i), z); + endif0: skip; + ret := x; + return +}; + + +spec SLL_member_iter_loop0(found, k, next, x) + [[ (x == #pvar_x) * + (next == #pvar_next) * + (k == #pvar_k) * + (found == #pvar_found) * + SLLseg(#pvar_x, #pvar_next, #beta) * + SLL(#pvar_next, #gamma) * + (#alpha == l+ (#beta, #gamma)) * + (#r == (#pvar_found or #rg)) * + list_member(#beta, #pvar_k, #pvar_found) * + list_member(#gamma, #pvar_k, #rg) ]] + [[ SLLseg(#pvar_x, #new_pvar_next, #beta__new) * + SLL(#new_pvar_next, #gamma__new) * + (#alpha == l+ (#beta__new, #gamma__new)) * + (#r == (#new_pvar_found or #rg__new)) * + list_member(#beta__new, #pvar_k, #new_pvar_found) * + list_member(#gamma__new, #pvar_k, #rg__new) * + (ret == {{ #new_pvar_found, #pvar_k, #new_pvar_next, #pvar_x }}) * + ((! (#new_pvar_found == false)) \/ + (#new_pvar_next == null)) ]] + normal +proc SLL_member_iter_loop0(found, k, next, x) { + goto [((found = false) and (not (next = null)))] then0 else0; + then0: sep_assert ((found == false)) ; + sep_assert ((next == #next)) [bind: #next]; + sep_assert ((#wisl__0, 0i; #v) * (#wisl__0; 2i) * + (#wisl__0, 1i; #z) * types(#wisl__0 : Obj) * + (#next == {{ #wisl__0, 0i }})) [bind: #wisl__0, + #v, #z]; + goto [((typeOf next) = List)] continue0 fail0; + fail0: fail [InvalidPointer](); + continue0: gvar0 := [getcell](l-nth(next, 0i), l-nth(next, 1i)); + v := l-nth(gvar0, 2i); + found := (v = k); + gvar1 := "i__add"(next, 1i); + goto [((typeOf gvar1) = List)] continue1 fail1; + fail1: fail [InvalidPointer](); + continue1: gvar2 := [getcell](l-nth(gvar1, 0i), l-nth(gvar1, 1i)); + next := l-nth(gvar2, 2i); + apply SSLseg_append(x, #beta, #v, next) ; + unfold list_member(#gamma, k, #rg) ; + apply list_member_append(#beta, k, false, #v) ; + loopretvar__ := "SLL_member_iter_loop0"(found, k, next, x); + goto endif0; + else0: loopretvar__ := {{ found, k, next, x }}; + endif0: skip; + ret := loopretvar__; + return +}; + + +spec SLL_member_iter(x, k) + [[ (x == #x) * (k == #k) * SLL(#x, #alpha) * list_member(#alpha, #k, #r) ]] + [[ SLL(#x, #alpha) * list_member(#alpha, #k, #r) * (ret == #r) ]] + normal +proc SLL_member_iter(x, k) { + found := false; + next := x; + gvar0 := "SLL_member_iter_loop0"(found, k, next, x); + found := l-nth(gvar0, 0i); + k := l-nth(gvar0, 1i); + next := l-nth(gvar0, 2i); + x := l-nth(gvar0, 3i); + if ((found = false)) then { apply SLLseg_to_SLL(#x) ; + unfold list_member({{ }}, #k, false) + } else { + sep_assert (SLLseg(#x, next, #beta) * SLL(next, #gamma)) [bind: #beta, + #gamma]; apply list_member_concat(#beta, #gamma, #k) ; + apply SLLseg_concat_SLL(#x, next) + }; + ret := found; + return +}; + + +spec SLL_reverse(x) + [[ (x == #x) * SLL(#x, #vs) ]] + [[ SLL(ret, (l-rev #vs)) ]] + normal +proc SLL_reverse(x) { + goto [(not (x = null))] then0 else0; + then0: gvar0 := "i__add"(x, 1i); + goto [((typeOf gvar0) = List)] continue0 fail0; + fail0: fail [InvalidPointer](); + continue0: gvar1 := [getcell](l-nth(gvar0, 0i), l-nth(gvar0, 1i)); + t := l-nth(gvar1, 2i); + gvar2 := "i__add"(x, 1i); + gvar3 := [getcell](l-nth(gvar2, 0i), l-nth(gvar2, 1i)); + gvar4 := [setcell](l-nth(gvar3, 0i), l-nth(gvar3, 1i), null); + z := "SLL_reverse"(t); + y := "SLL_append_node"(z, x); + goto endif0; + else0: y := null; + endif0: skip; + ret := y; + return +}; + + +spec SLL_free(x) + [[ (x == #x) * SLL(#x, #vs) ]] + [[ (ret == null) ]] + normal +proc SLL_free(x) { + goto [(x = null)] then0 else0; + then0: skip; + goto endif0; + else0: gvar0 := "i__add"(x, 1i); + goto [((typeOf gvar0) = List)] continue0 fail0; + fail0: fail [InvalidPointer](); + continue0: gvar1 := [getcell](l-nth(gvar0, 0i), l-nth(gvar0, 1i)); + t := l-nth(gvar1, 2i); + z := "SLL_free"(t); + goto [(l-nth(x, 1i) = 0i)] continue1 fail1; + fail1: fail [InvalidBlockPointer](x); + continue1: gvar2 := [dispose](l-nth(x, 0i)); + endif0: skip; + ret := null; + return +}; + + +spec SLL_append_node_iter_loop0(head, next, prev) + [[ (prev == #pvar_prev) * + (next == #pvar_next) * + (head == #pvar_head) * + SLLseg(#pvar_head, #pvar_prev, #vs1) * + (#wisl__0, 0i; #v) * + (#wisl__0; 2i) * + (#wisl__0, 1i; #pvar_next) * + types(#wisl__0 : Obj) * + (#pvar_prev == {{ #wisl__0, 0i }}) * + SLL(#pvar_next, #vs2) * + (#vx == l+ (#vs1, l+ ({{ #v }}, #vs2))) ]] + [[ SLLseg(#pvar_head, #new_pvar_prev, #vs1__new) * + (#wisl__1, 0i; #v__new) * + (#wisl__1; 2i) * + (#wisl__1, 1i; #new_pvar_next) * + types(#wisl__1 : Obj) * + (#new_pvar_prev == {{ #wisl__1, 0i }}) * + SLL(#new_pvar_next, #vs2__new) * + (#vx == l+ (#vs1__new, l+ ({{ #v__new }}, #vs2__new))) * + (ret == {{ #pvar_head, #new_pvar_next, #new_pvar_prev }}) * + (#new_pvar_next == null) ]] + normal +proc SLL_append_node_iter_loop0(head, next, prev) { + goto [(not (next = null))] then0 else0; + then0: sep_assert ((prev == #prev)) [bind: #prev]; + prev := next; + gvar0 := "i__add"(next, 1i); + goto [((typeOf gvar0) = List)] continue0 fail0; + fail0: fail [InvalidPointer](); + continue0: gvar1 := [getcell](l-nth(gvar0, 0i), l-nth(gvar0, 1i)); + next := l-nth(gvar1, 2i); + apply SSLseg_append(head, #vs1, #v, prev) ; + loopretvar__ := "SLL_append_node_iter_loop0"(head, next, prev); + goto endif0; + else0: loopretvar__ := {{ head, next, prev }}; + endif0: skip; + ret := loopretvar__; + return +}; + + +spec SLL_prepend(x, k) + [[ (x == #x) * (k == #k) * SLL(#x, #vs) ]] + [[ SLL(ret, l+ ({{ #k }}, #vs)) ]] + normal +proc SLL_prepend(x, k) { + z := "SLL_allocate_node"(k); + gvar0 := "i__add"(z, 1i); + gvar1 := [getcell](l-nth(gvar0, 0i), l-nth(gvar0, 1i)); + gvar2 := [setcell](l-nth(gvar1, 0i), l-nth(gvar1, 1i), x); + ret := z; + return +}; + + +spec SLL_member(x, k) + [[ (x == #x) * (k == #k) * SLL(#x, #vs) * list_member(#vs, #k, #r) ]] + [[ SLL(#x, #vs) * list_member(#vs, #k, #r) * (ret == #r) ]] + normal +proc SLL_member(x, k) { + found := false; + goto [(x = null)] then1 else1; + then1: skip; + goto endif1; + else1: goto [((typeOf x) = List)] continue0 fail0; + fail0: fail [InvalidPointer](); + continue0: gvar0 := [getcell](l-nth(x, 0i), l-nth(x, 1i)); + v := l-nth(gvar0, 2i); + goto [(v = k)] then0 else0; + then0: found := true; + goto endif0; + else0: gvar1 := "i__add"(x, 1i); + goto [((typeOf gvar1) = List)] continue1 fail1; + fail1: fail [InvalidPointer](); + continue1: gvar2 := [getcell](l-nth(gvar1, 0i), l-nth(gvar1, 1i)); + t := l-nth(gvar2, 2i); + found := "SLL_member"(t, k); + endif0: skip; + endif1: skip; + ret := found; + return +}; diff --git a/debugger-vscode-extension/sampleWorkspace/wisl/verify/list_dispose.gil b/debugger-vscode-extension/sampleWorkspace/wisl/verify/gil/list_dispose.gil similarity index 100% rename from debugger-vscode-extension/sampleWorkspace/wisl/verify/list_dispose.gil rename to debugger-vscode-extension/sampleWorkspace/wisl/verify/gil/list_dispose.gil diff --git a/debugger-vscode-extension/sampleWorkspace/wisl/verify/list_dispose_bad.gil b/debugger-vscode-extension/sampleWorkspace/wisl/verify/gil/list_dispose_bad.gil similarity index 100% rename from debugger-vscode-extension/sampleWorkspace/wisl/verify/list_dispose_bad.gil rename to debugger-vscode-extension/sampleWorkspace/wisl/verify/gil/list_dispose_bad.gil diff --git a/debugger-vscode-extension/sampleWorkspace/wisl/verify/list_length_iter.gil b/debugger-vscode-extension/sampleWorkspace/wisl/verify/gil/list_length_iter.gil similarity index 100% rename from debugger-vscode-extension/sampleWorkspace/wisl/verify/list_length_iter.gil rename to debugger-vscode-extension/sampleWorkspace/wisl/verify/gil/list_length_iter.gil diff --git a/debugger-vscode-extension/sampleWorkspace/wisl/verify/list_length_rec.gil b/debugger-vscode-extension/sampleWorkspace/wisl/verify/gil/list_length_rec.gil similarity index 100% rename from debugger-vscode-extension/sampleWorkspace/wisl/verify/list_length_rec.gil rename to debugger-vscode-extension/sampleWorkspace/wisl/verify/gil/list_length_rec.gil diff --git a/debugger-vscode-extension/sampleWorkspace/wisl/verify/list_length_rec_bad.gil b/debugger-vscode-extension/sampleWorkspace/wisl/verify/gil/list_length_rec_bad_2.gil similarity index 57% rename from debugger-vscode-extension/sampleWorkspace/wisl/verify/list_length_rec_bad.gil rename to debugger-vscode-extension/sampleWorkspace/wisl/verify/gil/list_length_rec_bad_2.gil index 7c7780f8a..052f0e072 100644 --- a/debugger-vscode-extension/sampleWorkspace/wisl/verify/list_length_rec_bad.gil +++ b/debugger-vscode-extension/sampleWorkspace/wisl/verify/gil/list_length_rec_bad_2.gil @@ -14,17 +14,19 @@ proc llen(x) { goto [(x = null)] then0 else0; then0: n := 0i; goto endif0; - else0: goto [(l-nth(x, 1i) = 0i)] continue0 fail0; - fail0: fail [InvalidBlockPointer](x); - continue0: gvar0 := [dispose](l-nth(x, 0i)); - gvar1 := "i__add"(x, 1i); - goto [((typeOf gvar1) = List)] continue1 fail1; + else0: gvar0 := "i__add"(x, 1i); + goto [((typeOf gvar0) = List)] continue0 fail0; + fail0: fail [InvalidPointer](); + continue0: gvar1 := [getcell](l-nth(gvar0, 0i), l-nth(gvar0, 1i)); + t := l-nth(gvar1, 2i); + gvar2 := "i__add"(t, 1i); + goto [((typeOf gvar2) = List)] continue1 fail1; fail1: fail [InvalidPointer](); - continue1: gvar2 := [getcell](l-nth(gvar1, 0i), l-nth(gvar1, 1i)); - t := l-nth(gvar2, 2i); + continue1: gvar3 := [getcell](l-nth(gvar2, 0i), l-nth(gvar2, 1i)); + t := l-nth(gvar3, 2i); n := "llen"(t); - gvar3 := "i__add"(n, 1i); - n := gvar3; + gvar4 := "i__add"(n, 1i); + n := gvar4; endif0: skip; ret := n; return diff --git a/debugger-vscode-extension/sampleWorkspace/wisl/verify/list_length_rec_bad_1.wisl b/debugger-vscode-extension/sampleWorkspace/wisl/verify/list_length_rec_bad_1.wisl new file mode 100644 index 000000000..6ff7fa574 --- /dev/null +++ b/debugger-vscode-extension/sampleWorkspace/wisl/verify/list_length_rec_bad_1.wisl @@ -0,0 +1,17 @@ +predicate list(+x, alpha) { + (x == null) * (alpha == nil); + (x -> #v, #z) * list(#z, #beta) * (alpha == #v::#beta) +} + +{ (x == #x) * list(#x, #alpha) } +function llen(x) { + if (x = null) { + n := 1 + } else { + t := [x+1]; + n := llen(t); + n := n + 1 + }; + return n +} +{ list(#x, #alpha) * (ret == len(#alpha)) } diff --git a/debugger-vscode-extension/sampleWorkspace/wisl/verify/list_length_rec_bad.wisl b/debugger-vscode-extension/sampleWorkspace/wisl/verify/list_length_rec_bad_2.wisl similarity index 94% rename from debugger-vscode-extension/sampleWorkspace/wisl/verify/list_length_rec_bad.wisl rename to debugger-vscode-extension/sampleWorkspace/wisl/verify/list_length_rec_bad_2.wisl index 5f43a3e64..d4291f831 100644 --- a/debugger-vscode-extension/sampleWorkspace/wisl/verify/list_length_rec_bad.wisl +++ b/debugger-vscode-extension/sampleWorkspace/wisl/verify/list_length_rec_bad_2.wisl @@ -5,12 +5,11 @@ predicate list(+x, alpha) { { (x == #x) * list(#x, #alpha) } function llen(x) { - if (x = null) { n := 0 } else { - free(x); t := [x+1]; + t := [t+1]; n := llen(t); n := n + 1 }; diff --git a/debugger-vscode-extension/sampleWorkspace/wisl/wpst/llen_wpst.wisl b/debugger-vscode-extension/sampleWorkspace/wisl/wpst/llen_wpst.wisl index 19182020c..6710a8e71 100644 --- a/debugger-vscode-extension/sampleWorkspace/wisl/wpst/llen_wpst.wisl +++ b/debugger-vscode-extension/sampleWorkspace/wisl/wpst/llen_wpst.wisl @@ -24,7 +24,7 @@ function build_list(size) { function main() { fresh x; - assume_type (x, Int); + // assume_type (x, Int); assume (x >= 2); assume (x <= 3); l := build_list(x); From abc2a7edfc161fb045073a19d28b398dfeeba91d Mon Sep 17 00:00:00 2001 From: Nat Karmios Date: Fri, 15 Mar 2024 01:45:26 +0000 Subject: [PATCH 5/5] Fix end-of-loop detection in WISL lifter --- wisl/lib/debugging/wislLifter.ml | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/wisl/lib/debugging/wislLifter.ml b/wisl/lib/debugging/wislLifter.ml index 9fd771f2d..8332f9c60 100644 --- a/wisl/lib/debugging/wislLifter.ml +++ b/wisl/lib/debugging/wislLifter.ml @@ -106,6 +106,7 @@ struct mutable display : string option; mutable stack_info : (rid list * stack_direction option) option; mutable nest_kind : nest_kind option; + mutable is_loop_end : bool; matches : matching Ext_list.t; errors : string Ext_list.t; } @@ -123,6 +124,7 @@ struct display = None; stack_info = None; nest_kind = None; + is_loop_end = false; matches = Ext_list.make (); errors = Ext_list.make (); } @@ -190,7 +192,7 @@ struct let is_loop_end ~is_loop_func ~proc_name exec_data = is_loop_func && get_fun_call_name exec_data = Some proc_name - let finish ~is_loop_func ~proc_name ~exec_data partial = + let finish ~exec_data partial = let ({ prev; all_ids; @@ -201,6 +203,7 @@ struct nest_kind; matches; errors; + is_loop_end; _; } : partial_data) = @@ -234,10 +237,9 @@ struct let++ cases = ends_to_cases ~nest_kind ends in match cases with | _ when is_return exec_data -> Final + | _ when is_loop_end -> Final | [] -> Final - | [ (Case (Unknown, _), _) ] -> - if is_loop_end ~is_loop_func ~proc_name exec_data then Final - else Normal + | [ (Case (Unknown, _), _) ] -> Normal | _ -> Branch cases in Finished @@ -341,6 +343,7 @@ struct | Some display -> Ok display | None -> if is_loop_end ~is_loop_func ~proc_name exec_data then + let () = partial.is_loop_end <- true in Ok "" else Error "Couldn't get display!" in @@ -413,7 +416,7 @@ struct (* Finish or continue *) match Stack.pop_opt partial.unexplored_paths with - | None -> finish ~is_loop_func ~proc_name ~exec_data partial + | None -> finish ~exec_data partial | Some (id, branch_case) -> step_again ~id ?branch_case () end