reworked the linear and og implementation based on available variables theory

author: Unknown <qadeer@FAIZ-AHMED-FAIZ.redmond.corp.microsoft.com> 2013-05-18 21:15:20 -0700
committer: Unknown <qadeer@FAIZ-AHMED-FAIZ.redmond.corp.microsoft.com> 2013-05-18 21:15:20 -0700
commit: 64d8963508ce048d00db3766f4ca597b792c1b95 (patch)
tree: 67801fe71cd2ceb7eb851833dd489751baa21ce2 /Test
parent: 89b20adf23750478098578895fef9ca3b9170927 (diff)
17 files changed, 202 insertions, 65 deletions
diff --git a/Test/linear/allocator.bpl b/Test/linear/allocator.bpl
index 4b162a83..d723cbed 100644
--- a/Test/linear/allocator.bpl
+++ b/Test/linear/allocator.bpl
@@ -3,7 +3,7 @@ procedure A({:linear "tid"} i': int) returns ({:linear "tid"} i: int);
 
 procedure{:entrypoint} B({:linear "tid"} i': int) returns ({:linear "tid"} i: int) 
 {
-  assume i == i';
+  i := i';
   call i := A(i);
   assert false;
 }
diff --git a/Test/linear/f1.bpl b/Test/linear/f1.bpl
index 0d9189ab..1f451daf 100644
--- a/Test/linear/f1.bpl
+++ b/Test/linear/f1.bpl
@@ -24,9 +24,7 @@ procedure {:entrypoint} main({:linear "1"} x_in: [int]bool)
   requires b1 ==> x_in != mapconstbool(false);
 {
    var {:linear "1"} x: [int] bool;
-   assume x == x_in;
-
-   assume x == mapconstbool(true);
+   x := x_in;
 
    call foo(x);
    
@@ -40,7 +38,7 @@ procedure foo({:linear "1"} x_in: [int]bool)
   requires b3 ==> x_in != mapconstbool(false);
 {
    var {:linear "1"} x: [int] bool;
-   assume x == x_in;
+   x := x_in;
 
    assert b4 ==> x == mapconstbool(true);
    assert b5 ==> x != mapconstbool(false);
diff --git a/Test/linear/f2.bpl b/Test/linear/f2.bpl
index 4e4bfbcf..82871466 100644
--- a/Test/linear/f2.bpl
+++ b/Test/linear/f2.bpl
@@ -4,6 +4,7 @@ function {:builtin "MapOr"} mapunion([int]bool, [int]bool) : [int]bool;
 procedure Split({:linear "1"} xls: [int]bool) returns ({:linear "1"} xls1: [int]bool, {:linear "1"} xls2: [int]bool);
 ensures xls == mapunion(xls1, xls2) && xls1 != mapconstbool(false) && xls2 != mapconstbool(false);
 
+procedure Allocate() returns ({:linear "1"} x: [int]bool);
 
 procedure {:entrypoint} main() 
 {
@@ -11,7 +12,7 @@ procedure {:entrypoint} main()
    var {:linear "1"} x1: [int] bool;
    var {:linear "1"} x2: [int] bool;
 
-   havoc x;
+   call x := Allocate();
    assume x == mapconstbool(true);
 
    call x1, x2 := Split(x);
diff --git a/Test/linear/typecheck.bpl b/Test/linear/typecheck.bpl
index ff2d7da4..7bdb339e 100644
--- a/Test/linear/typecheck.bpl
+++ b/Test/linear/typecheck.bpl
@@ -74,3 +74,9 @@ procedure G(i:int) returns({:linear "x"} r:int)
 {
   r := g;
 }
+
+procedure H(i:int) returns({:linear "x"} r:int)
+modifies g;
+{
+  g := r;
+}
diff --git a/Test/og/Answer b/Test/og/Answer
index 9df32aee..c29d38dc 100644
--- a/Test/og/Answer
+++ b/Test/og/Answer
@@ -60,11 +60,10 @@ Boogie program verifier finished with 5 verified, 0 errors
 Boogie program verifier finished with 4 verified, 0 errors
 
 -------------------- parallel4.bpl --------------------
-parallel4.bpl(14,3): Error BP5001: This assertion might not hold.
+parallel4.bpl(18,3): Error BP5001: This assertion might not hold.
 Execution trace:
-    parallel4.bpl(12,3): anon0
-    (0,0): inline$og_yield$0$Return
-    parallel4.bpl(12,3): anon0$1
+    parallel4.bpl(16,5): anon0
+    parallel4.bpl(16,5): anon0$1
 
 Boogie program verifier finished with 2 verified, 1 error
 
@@ -85,12 +84,17 @@ Boogie program verifier finished with 1 verified, 0 errors
 Boogie program verifier finished with 3 verified, 0 errors
 
 -------------------- t1.bpl --------------------
-t1.bpl(25,5): Error BP5001: This assertion might not hold.
+t1.bpl(35,5): Error BP5001: This assertion might not hold.
 Execution trace:
-    t1.bpl(11,5): anon0
-    (0,0): inline$Proc_YieldChecker_B$0$Return
-    (0,0): inline$og_yield$0$L_0$1
-    (0,0): inline$og_yield$0$Return
-    t1.bpl(11,5): anon0$1
+    t1.bpl(53,13): anon0
+    (0,0): inline$Impl_YieldChecker_A$0$L1
 
 Boogie program verifier finished with 2 verified, 1 error
+
+-------------------- new1.bpl --------------------
+
+Boogie program verifier finished with 2 verified, 0 errors
+
+-------------------- perm.bpl --------------------
+
+Boogie program verifier finished with 2 verified, 0 errors
diff --git a/Test/og/DeviceCacheSimplified.bpl b/Test/og/DeviceCacheSimplified.bpl
index 68387356..d231e17c 100644
--- a/Test/og/DeviceCacheSimplified.bpl
+++ b/Test/og/DeviceCacheSimplified.bpl
@@ -12,7 +12,7 @@ ensures Inv(ghostLock, currsize, newsize);
 ensures old(currsize) <= currsize;
 ensures tid == tid';
 {
-    assume tid == tid';
+    tid := tid';
     yield;
     assert Inv(ghostLock, currsize, newsize);
     assert old(currsize) <= currsize;
@@ -31,7 +31,7 @@ ensures ghostLock == tid;
 ensures currsize <= i;
 ensures newsize == old(newsize);
 {
-    assume tid == tid';
+    tid := tid';
     yield;
     assert Inv(ghostLock, currsize, newsize);
     assert old(currsize) <= currsize;
@@ -65,7 +65,7 @@ ensures 0 <= bytesread && bytesread <= size;
     var copy_currsize: int;
     var i, j, tmp : int;
     var {:linear "tid"} tid: X;
-    assume tid == tid';
+    tid := tid';
 
     bytesread := size;
     call acquire(tid);
@@ -127,7 +127,7 @@ requires Inv(ghostLock, currsize, newsize);
     var start, size, bytesread: int;
     var {:linear "tid"} tid: X;
 
-    assume tid == tid';
+    tid := tid';
     havoc start, size;
     assume (0 <= start && 0 <= size);
     call bytesread := Read(tid, start, size);
@@ -140,8 +140,10 @@ requires currsize == 0 && newsize == 0 && ghostLock == nil && lock == nil;
 
     while (*)
     {
-        havoc tid;
-	assume tid != nil;
+        call tid := Allocate();
         async call thread(tid);
     }
-}
-\ No newline at end of file
+}
+
+procedure Allocate() returns ({:linear "tid"} xls: X);
+ensures xls != nil;
diff --git a/Test/og/FlanaganQadeer.bpl b/Test/og/FlanaganQadeer.bpl
index 217a0401..434d1f14 100644
--- a/Test/og/FlanaganQadeer.bpl
+++ b/Test/og/FlanaganQadeer.bpl
@@ -4,6 +4,9 @@ const nil: X;
 var l: X;
 var x: int;
 
+procedure Allocate() returns ({:linear "tid"} xls: X);
+ensures xls != nil;
+
 procedure {:entrypoint} main()
 {
     var {:linear "tid"} tid: X;
@@ -11,8 +14,8 @@ procedure {:entrypoint} main()
 
     while (*) 
     {
-        havoc tid, val;
-	assume tid != nil;
+        call tid := Allocate();
+        havoc val;
         async call foo(tid, val);
     }
 }
@@ -21,7 +24,7 @@ procedure foo({:linear "tid"} tid': X, val: int)
 requires tid' != nil;
 {
     var {:linear "tid"} tid: X;
-    assume tid == tid';
+    tid := tid';
     
     assume l == nil;
     l := tid;
@@ -38,7 +41,7 @@ requires tid' != nil;
 ensures tid == tid';
 ensures old(l) == tid ==> old(l) == l && old(x) == x;
 {
-    assume tid == tid';
+    tid := tid';
     yield;
     assert tid != nil;
     assert (old(l) == tid ==> old(l) == l && old(x) == x);
diff --git a/Test/og/akash.bpl b/Test/og/akash.bpl
index fbc97d59..f8c32022 100644
--- a/Test/og/akash.bpl
+++ b/Test/og/akash.bpl
@@ -1,5 +1,14 @@
 function {:builtin "MapConst"} mapconstbool(bool) : [int]bool;
 
+procedure Allocate() returns ({:linear "tid"} xls: int);
+ensures xls != 0;
+
+procedure Allocate_1() returns ({:linear "1"} xls: [int]bool);
+ensures xls == mapconstbool(true);
+
+procedure Allocate_2() returns ({:linear "2"} xls: [int]bool);
+ensures xls == mapconstbool(true);
+
 var g: int;
 var h: int;
 
@@ -8,16 +17,16 @@ procedure A({:linear "tid"} tid_in: int) returns ({:linear "tid"} tid_out: int)
     var {:linear "1"} x: [int]bool;
     var {:linear "2"} y: [int]bool;
     var {:linear "tid"} tid_child: int;
-    assume tid_in == tid_out;    
-    assume x == mapconstbool(true);
-    assume y == mapconstbool(true);
+    tid_out := tid_in;    
+    call x := Allocate_1();
+    call y := Allocate_2();
 
     g := 0;
     yield;
     assert g == 0 && x == mapconstbool(true);    
 
     yield;
-    assume tid_child != 0;
+    call tid_child := Allocate();
     async call B(tid_child, x);
 
     yield;
@@ -27,6 +36,7 @@ procedure A({:linear "tid"} tid_in: int) returns ({:linear "tid"} tid_out: int)
     assert h == 0 && y == mapconstbool(true);    
 
     yield;
+    call tid_child := Allocate();
     async call C(tid_child, y);
 }
 
@@ -35,8 +45,8 @@ requires x_in != mapconstbool(false);
 {
     var {:linear "tid"} tid_out: int;
     var {:linear "1"} x: [int]bool;
-    assume tid_in == tid_out;
-    assume x_in == x;    
+    tid_out := tid_in;
+    x := x_in;    
 
     g := 1;
 
@@ -50,8 +60,8 @@ requires y_in != mapconstbool(false);
 {
     var {:linear "tid"} tid_out: int;
     var {:linear "2"} y: [int]bool;
-    assume tid_in == tid_out;
-    assume y_in == y;    
+    tid_out := tid_in;
+    y := y_in;    
 
     h := 1;
 
diff --git a/Test/og/linear-set.bpl b/Test/og/linear-set.bpl
index d188db3a..c2f792ef 100644
--- a/Test/og/linear-set.bpl
+++ b/Test/og/linear-set.bpl
@@ -19,6 +19,8 @@ var l: [X]bool;
 procedure Split({:linear "x"} xls: [X]bool) returns ({:linear "x"} xls1: [X]bool, {:linear "x"} xls2: [X]bool);
 ensures xls == MapOr(xls1, xls2) && xls1 != None() && xls2 != None();
 
+procedure Allocate() returns ({:linear "tid"} xls: [X]bool);
+
 procedure {:entrypoint} main({:linear "tid"} tidls': [X]bool, {:linear "x"} xls': [X]bool) 
 requires tidls' != None() && xls' == All();
 {
@@ -28,18 +30,18 @@ requires tidls' != None() && xls' == All();
     var {:linear "x"} xls1: [X]bool;
     var {:linear "x"} xls2: [X]bool;
 
-    havoc tidls, xls;
-    assume tidls' == tidls && xls' == xls;
+    tidls := tidls';
+    xls := xls';
 
     x := 42;
     yield;
     assert xls == All();
     assert x == 42;
     call xls1, xls2 := Split(xls);
-    havoc lsChild;
+    call lsChild := Allocate();
     assume (lsChild != None());
     async call thread(lsChild, xls1);
-    havoc lsChild;
+    call lsChild := Allocate();
     assume (lsChild != None());
     async call thread(lsChild, xls2);
 }
@@ -50,8 +52,8 @@ requires tidls' != None() && xls' != None();
     var {:linear "x"} xls: [X]bool;
     var {:linear "tid"} tidls: [X]bool;
 
-    havoc tidls, xls;
-    assume tidls' == tidls && xls' == xls;
+    tidls := tidls';
+    xls := xls';
 
     assume l == None();
     l := tidls;
diff --git a/Test/og/linear-set2.bpl b/Test/og/linear-set2.bpl
index 5d627348..ac4a2e21 100644
--- a/Test/og/linear-set2.bpl
+++ b/Test/og/linear-set2.bpl
@@ -20,6 +20,9 @@ const nil: X;
 procedure Split({:linear "x"} xls: [X]bool) returns ({:linear "x"} xls1: [X]bool, {:linear "x"} xls2: [X]bool);
 ensures xls == MapOr(xls1, xls2) && xls1 != None() && xls2 != None();
 
+procedure Allocate() returns ({:linear "tid"} xls: X);
+ensures xls != nil;
+
 procedure {:entrypoint} main({:linear "tid"} tidls': X, {:linear "x"} xls': [X]bool) 
 requires tidls' != nil && xls' == All();
 {
@@ -29,19 +32,17 @@ requires tidls' != nil && xls' == All();
     var {:linear "x"} xls1: [X]bool;
     var {:linear "x"} xls2: [X]bool;
 
-    havoc tidls, xls;
-    assume tidls' == tidls && xls' == xls;
+    tidls := tidls';
+    xls := xls';
 
     x := 42;
     yield;
     assert xls == All();
     assert x == 42;
     call xls1, xls2 := Split(xls);
-    havoc lsChild;
-    assume (lsChild != nil);
+    call lsChild := Allocate();
     async call thread(lsChild, xls1);
-    havoc lsChild;
-    assume (lsChild != nil);
+    call lsChild := Allocate();
     async call thread(lsChild, xls2);
 }
 
@@ -51,8 +52,8 @@ requires tidls' != nil && xls' != None();
     var {:linear "x"} xls: [X]bool;
     var {:linear "tid"} tidls: X;
 
-    havoc tidls, xls;
-    assume tidls' == tidls && xls' == xls;
+    tidls := tidls';
+    xls := xls';
 
     assume l == nil;
     l := tidls;
diff --git a/Test/og/new1.bpl b/Test/og/new1.bpl
new file mode 100644
index 00000000..472e64c6
--- /dev/null
+++ b/Test/og/new1.bpl
@@ -0,0 +1,38 @@
+function {:builtin "MapConst"} mapconstbool(x:bool): [int]bool;
+
+var g:int;
+
+var {:linear "Perm"} Permissions: [int]bool;
+
+procedure Allocate_Perm() returns ({:linear "Perm"} xls: [int]bool);
+modifies Permissions;
+requires Permissions == mapconstbool(true);
+ensures xls == mapconstbool(true) && Permissions == mapconstbool(false);
+
+procedure PB({:linear "Perm"} permVar_in:[int]bool)
+requires permVar_in[0] && g == 0;
+{
+  var {:linear "Perm"} permVar_out: [int]bool;
+  permVar_out := permVar_in;
+
+  yield;
+  assert permVar_out[0];
+  assert g == 0;
+
+  g := g + 1;
+
+  yield;
+  assert permVar_out[0];
+  assert g == 1;
+}
+
+procedure{:entrypoint} Main()
+requires Permissions == mapconstbool(true);
+{
+  var {:linear "Perm"} permVar_out: [int]bool;
+
+  call permVar_out := Allocate_Perm();
+
+  g := 0;
+  async call PB(permVar_out);
+}
diff --git a/Test/og/parallel2.bpl b/Test/og/parallel2.bpl
index f2d45204..116612cb 100644
--- a/Test/og/parallel2.bpl
+++ b/Test/og/parallel2.bpl
@@ -1,16 +1,20 @@
 var a:[int]int;
 
+procedure Allocate() returns ({:linear "tid"} xls: int);
+
 procedure {:entrypoint} main() 
 {
     var {:linear "tid"} i: int;
     var {:linear "tid"} j: int;
+    call i := Allocate();
+    call j := Allocate();
     call i := t(i) | j := t(j);
     call i := u(i) | j := u(j);
 }
 
 procedure t({:linear "tid"} i': int) returns ({:linear "tid"} i: int)
 {
-    assume i == i';
+    i := i';
 
     a[i] := 42;
     call i := Yield(i);
@@ -19,7 +23,7 @@ procedure t({:linear "tid"} i': int) returns ({:linear "tid"} i: int)
 
 procedure u({:linear "tid"} i': int) returns ({:linear "tid"} i: int) 
 {
-    assume i == i';
+    i := i';
 
     a[i] := 42;
     yield;
@@ -30,7 +34,7 @@ procedure Yield({:linear "tid"} i': int) returns ({:linear "tid"} i: int)
 ensures i == i';
 ensures old(a)[i] == a[i];
 {
-    assume i == i';
+    i := i';
     yield;
     assert old(a)[i] == a[i];
 }
 \ No newline at end of file
diff --git a/Test/og/parallel4.bpl b/Test/og/parallel4.bpl
index a5b2768f..8f78fdc5 100644
--- a/Test/og/parallel4.bpl
+++ b/Test/og/parallel4.bpl
@@ -1,15 +1,19 @@
 var a:int;
 
+procedure Allocate() returns ({:linear "tid"} xls: int);
+
 procedure {:entrypoint} main() 
 {
   var {:linear "tid"} i: int;
   var {:linear "tid"} j: int;
+  call i := Allocate();
+  call j := Allocate();
   call i := t(i) | j := t(j);
 }
 
 procedure t({:linear "tid"} i': int) returns ({:linear "tid"} i: int)
 {
-  assume i == i';
+  i := i';
   call Yield();
   assert a == old(a);
   a := a + 1;
diff --git a/Test/og/parallel5.bpl b/Test/og/parallel5.bpl
index 8ee5e436..c583cb3c 100644
--- a/Test/og/parallel5.bpl
+++ b/Test/og/parallel5.bpl
@@ -1,16 +1,20 @@
 var a:[int]int;
 
+procedure Allocate() returns ({:linear "tid"} xls: int);
+
 procedure {:entrypoint} main() 
 {
     var {:linear "tid"} i: int;
     var {:linear "tid"} j: int;
+    call i := Allocate();
+    call j := Allocate();
     call i := t(i) | j := Yield(j);
     call i := u(i) | j := u(j);
 }
 
 procedure t({:linear "tid"} i': int) returns ({:linear "tid"} i: int)
 {
-    assume i == i';
+    i := i';
 
     a[i] := 42;
     call i := Yield(i);
@@ -19,7 +23,7 @@ procedure t({:linear "tid"} i': int) returns ({:linear "tid"} i: int)
 
 procedure u({:linear "tid"} i': int) returns ({:linear "tid"} i: int) 
 {
-    assume i == i';
+    i := i';
 
     a[i] := 42;
     yield;
@@ -30,7 +34,7 @@ procedure Yield({:linear "tid"} i': int) returns ({:linear "tid"} i: int)
 ensures i == i';
 ensures old(a)[i] == a[i];
 {
-    assume i == i';
+    i := i';
     yield;
     assert old(a)[i] == a[i];
 }
 \ No newline at end of file
diff --git a/Test/og/perm.bpl b/Test/og/perm.bpl
new file mode 100644
index 00000000..78889868
--- /dev/null
+++ b/Test/og/perm.bpl
@@ -0,0 +1,50 @@
+var x: int;
+function {:builtin "MapConst"} ch_mapconstbool(x: bool) : [int]bool;
+
+function {:builtin "MapOr"} ch_mapunion(x: [int]bool, y: [int]bool) : [int]bool;
+
+procedure Split({:linear "Perm"} xls: [int]bool) returns ({:linear "Perm"} xls1: [int]bool, {:linear "Perm"} xls2: [int]bool);
+  ensures xls == ch_mapunion(xls1, xls2) && xls1 != ch_mapconstbool(false) && xls2 != ch_mapconstbool(false);
+
+
+procedure {:entrypoint} mainE({:linear "Perm"} permVar_in: [int]bool)
+   free requires permVar_in == ch_mapconstbool(true);
+   free requires permVar_in[0];
+  modifies x;
+{
+    var {:linear "Perm"} permVar_out: [int]bool;
+    var {:linear "Perm"} permVarOut2: [int]bool;
+
+    permVar_out := permVar_in;
+
+    assume x == 0;
+
+    yield;
+    assert x == 0;
+    assert permVar_out[0];
+    assert permVar_out == ch_mapconstbool(true);
+
+    call permVar_out, permVarOut2 := Split(permVar_out);
+    async call foo(permVarOut2);
+}
+
+procedure foo({:linear "Perm"} permVar_in: [int]bool) 
+  free requires permVar_in != ch_mapconstbool(false);
+  free requires permVar_in[1];
+  requires x == 0;
+  modifies x;
+{
+  var {:linear "Perm"} permVar_out: [int]bool;
+  permVar_out := permVar_in;
+  
+  yield;
+  assert permVar_out[1];
+  assert x == 0;
+
+  x := x + 1;
+
+  yield;
+  assert permVar_out[1];
+  assert x == 1;
+}
+
diff --git a/Test/og/runtest.bat b/Test/og/runtest.bat
index 8569f273..dd07b4a4 100644
--- a/Test/og/runtest.bat
+++ b/Test/og/runtest.bat
@@ -9,7 +9,7 @@ for %%f in (foo.bpl bar.bpl one.bpl parallel1.bpl parallel3.bpl) do (
   %BGEXE% %* /nologo /noinfer /doModSetAnalysis /OwickiGries:OwickiGriesDesugared.bpl %%f
 )
 
-for %%f in (linear-set.bpl linear-set2.bpl FlanaganQadeer.bpl DeviceCacheSimplified.bpl parallel2.bpl parallel4.bpl parallel5.bpl parallel6.bpl parallel7.bpl akash.bpl t1.bpl) do (
+for %%f in (linear-set.bpl linear-set2.bpl FlanaganQadeer.bpl DeviceCacheSimplified.bpl parallel2.bpl parallel4.bpl parallel5.bpl parallel6.bpl parallel7.bpl akash.bpl t1.bpl new1.bpl perm.bpl) do (
   echo.
   echo -------------------- %%f --------------------
   %BGEXE% %* /nologo /noinfer /typeEncoding:m /useArrayTheory /doModSetAnalysis /OwickiGries:OwickiGriesDesugared.bpl %%f
diff --git a/Test/og/t1.bpl b/Test/og/t1.bpl
index 01451ac9..28ae5b89 100644
--- a/Test/og/t1.bpl
+++ b/Test/og/t1.bpl
@@ -1,5 +1,14 @@
 function {:builtin "MapConst"} mapconstbool(bool) : [int]bool;
 
+procedure Allocate() returns ({:linear "tid"} xls: int);
+ensures xls != 0;
+
+procedure Allocate_1() returns ({:linear "1"} xls: [int]bool);
+ensures xls == mapconstbool(true);
+
+procedure Allocate_2() returns ({:linear "2"} xls: [int]bool);
+ensures xls == mapconstbool(true);
+
 var g: int;
 var h: int;
 
@@ -8,9 +17,9 @@ procedure A({:linear "tid"} tid_in: int) returns ({:linear "tid"} tid_out: int)
     var {:linear "1"} x: [int]bool;
     var {:linear "2"} y: [int]bool;
     var {:linear "tid"} tid_child: int;
-    assume tid_in == tid_out;    
-    assume x == mapconstbool(true);
-    assume y == mapconstbool(true);
+    tid_out := tid_in;
+    call x := Allocate_1();
+    call y := Allocate_2();
 
     g := 0;
     yield;
@@ -18,7 +27,7 @@ procedure A({:linear "tid"} tid_in: int) returns ({:linear "tid"} tid_out: int)
     assert g == 0;    
 
     yield;
-    assume tid_child != 0;
+    call tid_child := Allocate();
     async call B(tid_child, x);
 
     yield;
@@ -32,6 +41,7 @@ procedure A({:linear "tid"} tid_in: int) returns ({:linear "tid"} tid_out: int)
     assert h == 0 && y == mapconstbool(true);    
 
     yield;
+    call tid_child := Allocate();
     async call C(tid_child, y);
 }
 
@@ -40,8 +50,8 @@ requires x_in != mapconstbool(false);
 {
     var {:linear "tid"} tid_out: int;
     var {:linear "1"} x: [int]bool;
-    assume tid_in == tid_out;
-    assume x_in == x;    
+    tid_out := tid_in;
+    x := x_in;    
 
     g := 1;
 }
@@ -51,8 +61,8 @@ requires y_in != mapconstbool(false);
 {
     var {:linear "tid"} tid_out: int;
     var {:linear "2"} y: [int]bool;
-    assume tid_in == tid_out;
-    assume y_in == y;    
+    tid_out := tid_in;
+    y := y_in;   
 
     h := 1;
 }
author	Unknown <qadeer@FAIZ-AHMED-FAIZ.redmond.corp.microsoft.com>	2013-05-18 21:15:20 -0700
committer	Unknown <qadeer@FAIZ-AHMED-FAIZ.redmond.corp.microsoft.com>	2013-05-18 21:15:20 -0700
commit	64d8963508ce048d00db3766f4ca597b792c1b95 (patch)
tree	67801fe71cd2ceb7eb851833dd489751baa21ce2 /Test
parent	89b20adf23750478098578895fef9ca3b9170927 (diff)