summaryrefslogtreecommitdiff
path: root/Test/houdini
diff options
context:
space:
mode:
Diffstat (limited to 'Test/houdini')
-rw-r--r--Test/houdini/deterministic.bpl54
-rw-r--r--Test/houdini/deterministic.bpl.expect6
-rw-r--r--Test/houdini/houd1.bpl42
-rw-r--r--Test/houdini/houd10.bpl50
-rw-r--r--Test/houdini/houd11.bpl30
-rw-r--r--Test/houdini/houd12.bpl118
-rw-r--r--Test/houdini/houd2.bpl58
-rw-r--r--Test/houdini/houd3.bpl58
-rw-r--r--Test/houdini/houd4.bpl58
-rw-r--r--Test/houdini/houd5.bpl62
-rw-r--r--Test/houdini/houd6.bpl92
-rw-r--r--Test/houdini/houd7.bpl74
-rw-r--r--Test/houdini/houd8.bpl64
-rw-r--r--Test/houdini/houd9.bpl68
-rw-r--r--Test/houdini/mergedProgSingle_dac.bpl15232
-rw-r--r--Test/houdini/mergedProgSingle_dac.bpl.expect380
-rw-r--r--Test/houdini/mergedProgSingle_res_ex1.bpl1242
-rw-r--r--Test/houdini/mergedProgSingle_res_ex1.bpl.expect16
-rw-r--r--Test/houdini/mergedProgSingle_res_ex2.bpl1242
-rw-r--r--Test/houdini/mergedProgSingle_res_ex2.bpl.expect16
-rw-r--r--Test/houdini/test1.bpl76
-rw-r--r--Test/houdini/test10.bpl98
-rw-r--r--Test/houdini/test10.bpl.expect14
-rw-r--r--Test/houdini/test2.bpl80
-rw-r--r--Test/houdini/test7.bpl34
-rw-r--r--Test/houdini/test8.bpl46
-rw-r--r--Test/houdini/test9.bpl150
-rw-r--r--Test/houdini/testUnsatCore.bpl72
-rw-r--r--Test/houdini/testUnsatCore.bpl.expect14
29 files changed, 9773 insertions, 9773 deletions
diff --git a/Test/houdini/deterministic.bpl b/Test/houdini/deterministic.bpl
index 8a6c0cd6..f566388a 100644
--- a/Test/houdini/deterministic.bpl
+++ b/Test/houdini/deterministic.bpl
@@ -1,27 +1,27 @@
-// RUN: %boogie /nologo /contractInfer /inlineDepth:1 /printAssignment /noinfer "%s" > "%t"
-// RUN: %diff "%s.expect" "%t"
-
-
-function f(a:int):int;
-
-procedure {:inline 1} Foo(x:int) returns (r:int)
-free ensures r == f(x);
-{
- if (x >0 ) {
- call r := Foo(x);
- r := r + 1;
- havoc r;
- } else {
- r := 0;
- }
- return;
-}
-
-procedure Check(x1:int, x2:int)
-{
- var r1: int, r2:int;
-
- call r1 := Foo(x2); //inlined
- call r2 := Foo(x2); //inlined
- assert r1 == r2;
-}
+// RUN: %boogie /nologo /contractInfer /inlineDepth:1 /printAssignment /noinfer "%s" > "%t"
+// RUN: %diff "%s.expect" "%t"
+
+
+function f(a:int):int;
+
+procedure {:inline 1} Foo(x:int) returns (r:int)
+free ensures r == f(x);
+{
+ if (x >0 ) {
+ call r := Foo(x);
+ r := r + 1;
+ havoc r;
+ } else {
+ r := 0;
+ }
+ return;
+}
+
+procedure Check(x1:int, x2:int)
+{
+ var r1: int, r2:int;
+
+ call r1 := Foo(x2); //inlined
+ call r2 := Foo(x2); //inlined
+ assert r1 == r2;
+}
diff --git a/Test/houdini/deterministic.bpl.expect b/Test/houdini/deterministic.bpl.expect
index 22b480b4..55ced70d 100644
--- a/Test/houdini/deterministic.bpl.expect
+++ b/Test/houdini/deterministic.bpl.expect
@@ -1,3 +1,3 @@
-Assignment computed by Houdini:
-
-Boogie program verifier finished with 1 verified, 0 errors
+Assignment computed by Houdini:
+
+Boogie program verifier finished with 1 verified, 0 errors
diff --git a/Test/houdini/houd1.bpl b/Test/houdini/houd1.bpl
index 0ad0feee..8477064f 100644
--- a/Test/houdini/houd1.bpl
+++ b/Test/houdini/houd1.bpl
@@ -1,21 +1,21 @@
-// RUN: %boogie -noinfer -contractInfer -printAssignment "%s" > "%t"
-// RUN: %diff "%s.expect" "%t"
-const {:existential true} b1:bool;
-
-var myVar: int;
-
-procedure foo (i:int)
-modifies myVar;
-// comment
-ensures b1 ==> myVar>0;
-ensures myVar!=-1;
-{
- if (i>0) {
- myVar := 5;
- } else {
- myVar := 0;
- }
-}
-
-// expected output: Correct
-// expected end assigment: b1->False
+// RUN: %boogie -noinfer -contractInfer -printAssignment "%s" > "%t"
+// RUN: %diff "%s.expect" "%t"
+const {:existential true} b1:bool;
+
+var myVar: int;
+
+procedure foo (i:int)
+modifies myVar;
+// comment
+ensures b1 ==> myVar>0;
+ensures myVar!=-1;
+{
+ if (i>0) {
+ myVar := 5;
+ } else {
+ myVar := 0;
+ }
+}
+
+// expected output: Correct
+// expected end assigment: b1->False
diff --git a/Test/houdini/houd10.bpl b/Test/houdini/houd10.bpl
index 11757320..4e329df3 100644
--- a/Test/houdini/houd10.bpl
+++ b/Test/houdini/houd10.bpl
@@ -1,25 +1,25 @@
-// RUN: %boogie -noinfer -contractInfer -printAssignment "%s" > "%t"
-// RUN: %diff "%s.expect" "%t"
-const {:existential true} b1:bool;
-const {:existential true} b2:bool;
-const {:existential true} b3:bool;
-
-var fooVar: int;
-var xVar: int;
-
-procedure foo()
-modifies fooVar;
-modifies xVar;
-ensures b1 ==> fooVar==0;
-ensures b3 ==> xVar<0;
-{
- fooVar:=5;
- call bar();
-}
-
-procedure bar();
-modifies xVar;
-requires fooVar!=5;
-
-// expected outcome: Errors
-// expected assigment: b1->True,b2->True,b3->True
+// RUN: %boogie -noinfer -contractInfer -printAssignment "%s" > "%t"
+// RUN: %diff "%s.expect" "%t"
+const {:existential true} b1:bool;
+const {:existential true} b2:bool;
+const {:existential true} b3:bool;
+
+var fooVar: int;
+var xVar: int;
+
+procedure foo()
+modifies fooVar;
+modifies xVar;
+ensures b1 ==> fooVar==0;
+ensures b3 ==> xVar<0;
+{
+ fooVar:=5;
+ call bar();
+}
+
+procedure bar();
+modifies xVar;
+requires fooVar!=5;
+
+// expected outcome: Errors
+// expected assigment: b1->True,b2->True,b3->True
diff --git a/Test/houdini/houd11.bpl b/Test/houdini/houd11.bpl
index dc90f900..239d7e29 100644
--- a/Test/houdini/houd11.bpl
+++ b/Test/houdini/houd11.bpl
@@ -1,15 +1,15 @@
-// RUN: %boogie -noinfer -contractInfer -printAssignment "%s" > "%t"
-// RUN: %diff "%s.expect" "%t"
-
-var fooVar: int;
-
-procedure foo()
-modifies fooVar;
-{
- fooVar:=5;
- assert(fooVar==4);
- assert(fooVar==3);
-}
-
-// expected outcome: Errors
-// expected assigment: []
+// RUN: %boogie -noinfer -contractInfer -printAssignment "%s" > "%t"
+// RUN: %diff "%s.expect" "%t"
+
+var fooVar: int;
+
+procedure foo()
+modifies fooVar;
+{
+ fooVar:=5;
+ assert(fooVar==4);
+ assert(fooVar==3);
+}
+
+// expected outcome: Errors
+// expected assigment: []
diff --git a/Test/houdini/houd12.bpl b/Test/houdini/houd12.bpl
index 7e39b8af..9c1a2449 100644
--- a/Test/houdini/houd12.bpl
+++ b/Test/houdini/houd12.bpl
@@ -1,59 +1,59 @@
-// RUN: %boogie -noinfer -contractInfer -printAssignment "%s" | %OutputCheck -d "%s"
-// Example to test candidate annotations on loops
-
-// CHECK-L: Assignment computed by Houdini:
-// CHECK-NEXT-L: b1 = False
-const {:existential true} b1:bool;
-// CHECK-NEXT-L: b2 = True
-const {:existential true} b2:bool;
-// CHECK-NEXT-L: b3 = True
-const {:existential true} b3:bool;
-// CHECK-NEXT-L: b4 = True
-const {:existential true} b4:bool;
-// CHECK-NEXT-L: b5 = True
-const {:existential true} b5:bool;
-// CHECK-NEXT-L: b6 = False
-const {:existential true} b6:bool;
-// CHECK-NEXT-L: b7 = False
-const {:existential true} b7:bool;
-
-var x: int;
-var y: int;
-
-
-procedure foo()
-modifies x;
-modifies y;
-ensures (b4 ==> x == 0);
-ensures (b5 ==> y == 10);
-ensures (b6 ==> x == 10);
-ensures (b7 ==> y == 11);
-
-{
- x := 10;
- y := 0;
-
- goto Head;
-
-Head:
-
- //loop invariants
- assert (b1 ==> x < 0);
- assert (b2 ==> x >= 0);
- assert (b3 ==> x + y == 10);
- goto Body, Exit;
-
-Body:
- assume x > 0;
- x := x - 1;
- y := y + 1;
-
-
- goto Head;
-
-Exit:
- assume !(x > 0);
- return;
-}
-
-// CHECK-L: Boogie program verifier finished with 1 verified, 0 errors
+// RUN: %boogie -noinfer -contractInfer -printAssignment "%s" | %OutputCheck -d "%s"
+// Example to test candidate annotations on loops
+
+// CHECK-L: Assignment computed by Houdini:
+// CHECK-NEXT-L: b1 = False
+const {:existential true} b1:bool;
+// CHECK-NEXT-L: b2 = True
+const {:existential true} b2:bool;
+// CHECK-NEXT-L: b3 = True
+const {:existential true} b3:bool;
+// CHECK-NEXT-L: b4 = True
+const {:existential true} b4:bool;
+// CHECK-NEXT-L: b5 = True
+const {:existential true} b5:bool;
+// CHECK-NEXT-L: b6 = False
+const {:existential true} b6:bool;
+// CHECK-NEXT-L: b7 = False
+const {:existential true} b7:bool;
+
+var x: int;
+var y: int;
+
+
+procedure foo()
+modifies x;
+modifies y;
+ensures (b4 ==> x == 0);
+ensures (b5 ==> y == 10);
+ensures (b6 ==> x == 10);
+ensures (b7 ==> y == 11);
+
+{
+ x := 10;
+ y := 0;
+
+ goto Head;
+
+Head:
+
+ //loop invariants
+ assert (b1 ==> x < 0);
+ assert (b2 ==> x >= 0);
+ assert (b3 ==> x + y == 10);
+ goto Body, Exit;
+
+Body:
+ assume x > 0;
+ x := x - 1;
+ y := y + 1;
+
+
+ goto Head;
+
+Exit:
+ assume !(x > 0);
+ return;
+}
+
+// CHECK-L: Boogie program verifier finished with 1 verified, 0 errors
diff --git a/Test/houdini/houd2.bpl b/Test/houdini/houd2.bpl
index e0bfe4ba..4bd94215 100644
--- a/Test/houdini/houd2.bpl
+++ b/Test/houdini/houd2.bpl
@@ -1,29 +1,29 @@
-// RUN: %boogie -noinfer -contractInfer -printAssignment "%s" > "%t"
-// RUN: %diff "%s.expect" "%t"
-const {:existential true} b1:bool;
-const {:existential true} b2:bool;
-
-
-var myVar: int;
-
-procedure bar(i:int)
-modifies myVar;
-ensures myVar>0;
-{
- call foo(5);
-}
-
-procedure foo (i:int)
-modifies myVar;
-ensures b1 ==> myVar>0;
-ensures myVar!=-1;
-{
- if (i>0) {
- myVar := 5;
- } else {
- myVar := 0;
- }
-}
-
-// expected output: Errors
-// expected end assigment: b1->False b2->True
+// RUN: %boogie -noinfer -contractInfer -printAssignment "%s" > "%t"
+// RUN: %diff "%s.expect" "%t"
+const {:existential true} b1:bool;
+const {:existential true} b2:bool;
+
+
+var myVar: int;
+
+procedure bar(i:int)
+modifies myVar;
+ensures myVar>0;
+{
+ call foo(5);
+}
+
+procedure foo (i:int)
+modifies myVar;
+ensures b1 ==> myVar>0;
+ensures myVar!=-1;
+{
+ if (i>0) {
+ myVar := 5;
+ } else {
+ myVar := 0;
+ }
+}
+
+// expected output: Errors
+// expected end assigment: b1->False b2->True
diff --git a/Test/houdini/houd3.bpl b/Test/houdini/houd3.bpl
index 2f6b1452..a8a49409 100644
--- a/Test/houdini/houd3.bpl
+++ b/Test/houdini/houd3.bpl
@@ -1,29 +1,29 @@
-// RUN: %boogie -noinfer -contractInfer -printAssignment "%s" > "%t"
-// RUN: %diff "%s.expect" "%t"
-const {:existential true} b1:bool;
-const {:existential true} b2:bool;
-
-
-var myVar: int;
-
-procedure bar(i:int)
-modifies myVar;
-ensures b2==>myVar>0;
-{
- call foo(5);
-}
-
-procedure foo (i:int)
-modifies myVar;
-ensures b1 ==> myVar>0;
-ensures myVar!=-1;
-{
- if (i>0) {
- myVar := 5;
- } else {
- myVar := 0;
- }
-}
-
-// expected output: Correct
-// expected end assigment: b1->False b2->False
+// RUN: %boogie -noinfer -contractInfer -printAssignment "%s" > "%t"
+// RUN: %diff "%s.expect" "%t"
+const {:existential true} b1:bool;
+const {:existential true} b2:bool;
+
+
+var myVar: int;
+
+procedure bar(i:int)
+modifies myVar;
+ensures b2==>myVar>0;
+{
+ call foo(5);
+}
+
+procedure foo (i:int)
+modifies myVar;
+ensures b1 ==> myVar>0;
+ensures myVar!=-1;
+{
+ if (i>0) {
+ myVar := 5;
+ } else {
+ myVar := 0;
+ }
+}
+
+// expected output: Correct
+// expected end assigment: b1->False b2->False
diff --git a/Test/houdini/houd4.bpl b/Test/houdini/houd4.bpl
index 0950e422..f3937a8a 100644
--- a/Test/houdini/houd4.bpl
+++ b/Test/houdini/houd4.bpl
@@ -1,29 +1,29 @@
-// RUN: %boogie -noinfer -contractInfer -printAssignment "%s" > "%t"
-// RUN: %diff "%s.expect" "%t"
-const {:existential true} b1:bool;
-const {:existential true} b2:bool;
-const {:existential true} b3:bool;
-const {:existential true} b4:bool;
-
-var array:[int]int;
-
-procedure foo (i:int)
-requires b2 ==> i > 0;
-ensures b3 ==> array[i] > 0;
-modifies array;
-ensures (forall x:int :: {array[x]} x == i || array[x] == old(array)[x]);
-{
- array[i] := 2 * i;
-}
-
-procedure bar (j:int) returns (result:int)
-requires b4 ==> j > 0;
-modifies array;
-ensures (forall x:int :: {array[x]} (b1 && x == j) || array[x] == old(array)[x]);
-{
- call foo(j);
- result := array[j];
-}
-
-// expected outcome: Correct
-// expected assignment: b1->True,b2->True,b3->True,b4->True
+// RUN: %boogie -noinfer -contractInfer -printAssignment "%s" > "%t"
+// RUN: %diff "%s.expect" "%t"
+const {:existential true} b1:bool;
+const {:existential true} b2:bool;
+const {:existential true} b3:bool;
+const {:existential true} b4:bool;
+
+var array:[int]int;
+
+procedure foo (i:int)
+requires b2 ==> i > 0;
+ensures b3 ==> array[i] > 0;
+modifies array;
+ensures (forall x:int :: {array[x]} x == i || array[x] == old(array)[x]);
+{
+ array[i] := 2 * i;
+}
+
+procedure bar (j:int) returns (result:int)
+requires b4 ==> j > 0;
+modifies array;
+ensures (forall x:int :: {array[x]} (b1 && x == j) || array[x] == old(array)[x]);
+{
+ call foo(j);
+ result := array[j];
+}
+
+// expected outcome: Correct
+// expected assignment: b1->True,b2->True,b3->True,b4->True
diff --git a/Test/houdini/houd5.bpl b/Test/houdini/houd5.bpl
index b6ee32dd..73f7143e 100644
--- a/Test/houdini/houd5.bpl
+++ b/Test/houdini/houd5.bpl
@@ -1,31 +1,31 @@
-// RUN: %boogie -noinfer -contractInfer -printAssignment "%s" > "%t"
-// RUN: %diff "%s.expect" "%t"
-const {:existential true} b1:bool;
-const {:existential true} b2:bool;
-const {:existential true} b3:bool;
-const {:existential true} b4:bool;
-const {:existential true} b5:bool;
-
-var array:[int]int;
-
-procedure foo (i:int)
-requires b1 ==> i == 0;
-requires b2 ==> i > 0;
-requires b3 ==> i < 0;
-ensures b4 ==> array[i] > 0;
-modifies array;
-ensures (forall x:int :: {array[x]} x == i || array[x] == old(array)[x]);
-{
- array[i] := 2 * i;
-}
-
-procedure bar (j:int) returns (result:int)
-requires b5 ==> j > 0;
-modifies array;
-{
- call foo(j);
- result := array[j];
-}
-
-// expected outcome: Correct
-// expected assigment: b1->False,b2->true,b3->False,b4->True,b5->True
+// RUN: %boogie -noinfer -contractInfer -printAssignment "%s" > "%t"
+// RUN: %diff "%s.expect" "%t"
+const {:existential true} b1:bool;
+const {:existential true} b2:bool;
+const {:existential true} b3:bool;
+const {:existential true} b4:bool;
+const {:existential true} b5:bool;
+
+var array:[int]int;
+
+procedure foo (i:int)
+requires b1 ==> i == 0;
+requires b2 ==> i > 0;
+requires b3 ==> i < 0;
+ensures b4 ==> array[i] > 0;
+modifies array;
+ensures (forall x:int :: {array[x]} x == i || array[x] == old(array)[x]);
+{
+ array[i] := 2 * i;
+}
+
+procedure bar (j:int) returns (result:int)
+requires b5 ==> j > 0;
+modifies array;
+{
+ call foo(j);
+ result := array[j];
+}
+
+// expected outcome: Correct
+// expected assigment: b1->False,b2->true,b3->False,b4->True,b5->True
diff --git a/Test/houdini/houd6.bpl b/Test/houdini/houd6.bpl
index a1dc7220..7b8903a7 100644
--- a/Test/houdini/houd6.bpl
+++ b/Test/houdini/houd6.bpl
@@ -1,46 +1,46 @@
-// RUN: %boogie -noinfer -contractInfer -printAssignment "%s" > "%t"
-// RUN: %diff "%s.expect" "%t"
-const {:existential true} b1:bool;
-const {:existential true} b2:bool;
-const {:existential true} b3:bool;
-const {:existential true} b4:bool;
-const {:existential true} b5:bool;
-const {:existential true} b6:bool;
-const {:existential true} b7:bool;
-const {:existential true} b8:bool;
-
-var array:[int]int;
-
-procedure foo (i:int)
-requires b6 ==> i < 0;
-requires b5 ==> i == 0;
-requires b2 ==> i > 0;
-ensures b3 ==> array[i] > 0;
-modifies array;
-ensures (forall x:int :: {array[x]} x == i || array[x] == old(array)[x]);
-{
- array[i] := 2 * i;
-}
-
-procedure bar (j:int) returns (result:int)
-requires b8 ==> j < 0;
-requires b7 ==> j == 0;
-requires b4 ==> j > 0;
-modifies array;
-ensures (forall x:int :: {array[x]} (x == j) || array[x] == old(array)[x]);
-ensures (b1 ==> array[j] == old(array)[j]);
-{
- call foo(j);
- result := array[j];
-}
-
-var p:int;
-
-procedure main() returns (result: int)
-modifies array;
-{
- call result:= bar(p);
-}
-
-// expected outcome: Correct
-// expected assigment: bi->False forall i
+// RUN: %boogie -noinfer -contractInfer -printAssignment "%s" > "%t"
+// RUN: %diff "%s.expect" "%t"
+const {:existential true} b1:bool;
+const {:existential true} b2:bool;
+const {:existential true} b3:bool;
+const {:existential true} b4:bool;
+const {:existential true} b5:bool;
+const {:existential true} b6:bool;
+const {:existential true} b7:bool;
+const {:existential true} b8:bool;
+
+var array:[int]int;
+
+procedure foo (i:int)
+requires b6 ==> i < 0;
+requires b5 ==> i == 0;
+requires b2 ==> i > 0;
+ensures b3 ==> array[i] > 0;
+modifies array;
+ensures (forall x:int :: {array[x]} x == i || array[x] == old(array)[x]);
+{
+ array[i] := 2 * i;
+}
+
+procedure bar (j:int) returns (result:int)
+requires b8 ==> j < 0;
+requires b7 ==> j == 0;
+requires b4 ==> j > 0;
+modifies array;
+ensures (forall x:int :: {array[x]} (x == j) || array[x] == old(array)[x]);
+ensures (b1 ==> array[j] == old(array)[j]);
+{
+ call foo(j);
+ result := array[j];
+}
+
+var p:int;
+
+procedure main() returns (result: int)
+modifies array;
+{
+ call result:= bar(p);
+}
+
+// expected outcome: Correct
+// expected assigment: bi->False forall i
diff --git a/Test/houdini/houd7.bpl b/Test/houdini/houd7.bpl
index 6238ee5a..18b4448b 100644
--- a/Test/houdini/houd7.bpl
+++ b/Test/houdini/houd7.bpl
@@ -1,37 +1,37 @@
-// RUN: %boogie -noinfer -contractInfer -printAssignment "%s" > "%t"
-// RUN: %diff "%s.expect" "%t"
-const {:existential true} b1:bool;
-const {:existential true} b2:bool;
-const {:existential true} b3:bool;
-
-var myVar: int;
-
-procedure foo(i:int)
-requires b1 ==> i>0;
-requires b2 ==> i==0;
-requires b3 ==> i<0;
-modifies myVar;
-ensures myVar>0;
-{
- myVar:=5;
-}
-
-procedure bar(i:int)
-modifies myVar;
-{
- call foo(5);
-}
-// expected outcome: Correct
-// expected Assigment: b1->True,b2->False,b3->False
-
-
-
-
-
-
-
-
-
-
-
-
+// RUN: %boogie -noinfer -contractInfer -printAssignment "%s" > "%t"
+// RUN: %diff "%s.expect" "%t"
+const {:existential true} b1:bool;
+const {:existential true} b2:bool;
+const {:existential true} b3:bool;
+
+var myVar: int;
+
+procedure foo(i:int)
+requires b1 ==> i>0;
+requires b2 ==> i==0;
+requires b3 ==> i<0;
+modifies myVar;
+ensures myVar>0;
+{
+ myVar:=5;
+}
+
+procedure bar(i:int)
+modifies myVar;
+{
+ call foo(5);
+}
+// expected outcome: Correct
+// expected Assigment: b1->True,b2->False,b3->False
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/Test/houdini/houd8.bpl b/Test/houdini/houd8.bpl
index 52d49111..1df79b48 100644
--- a/Test/houdini/houd8.bpl
+++ b/Test/houdini/houd8.bpl
@@ -1,32 +1,32 @@
-// RUN: %boogie -noinfer -contractInfer -printAssignment "%s" > "%t"
-// RUN: %diff "%s.expect" "%t"
-const {:existential true} b1:bool;
-const {:existential true} b2:bool;
-const {:existential true} b3:bool;
-
-var myVar: int;
-
-procedure foo(i:int)
-modifies myVar;
-ensures b1 ==> myVar>0;
-ensures b2 ==> myVar==0;
-ensures b3 ==> myVar<0;
-{
- myVar:=5;
-}
-
-// expected outcome: Correct
-// expected assigment: b1->True,b2->False,b3->False
-
-
-
-
-
-
-
-
-
-
-
-
-
+// RUN: %boogie -noinfer -contractInfer -printAssignment "%s" > "%t"
+// RUN: %diff "%s.expect" "%t"
+const {:existential true} b1:bool;
+const {:existential true} b2:bool;
+const {:existential true} b3:bool;
+
+var myVar: int;
+
+procedure foo(i:int)
+modifies myVar;
+ensures b1 ==> myVar>0;
+ensures b2 ==> myVar==0;
+ensures b3 ==> myVar<0;
+{
+ myVar:=5;
+}
+
+// expected outcome: Correct
+// expected assigment: b1->True,b2->False,b3->False
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/Test/houdini/houd9.bpl b/Test/houdini/houd9.bpl
index 0a33896c..c8f91ad4 100644
--- a/Test/houdini/houd9.bpl
+++ b/Test/houdini/houd9.bpl
@@ -1,34 +1,34 @@
-// RUN: %boogie -noinfer -contractInfer -printAssignment "%s" > "%t"
-// RUN: %diff "%s.expect" "%t"
-const {:existential true} b1:bool;
-const {:existential true} b2:bool;
-const {:existential true} b3:bool;
-
-axiom(b1 && b2 && b3);
-
-var fooVar: int;
-var xVar: int;
-
-
-procedure foo()
-modifies fooVar;
-modifies xVar;
-ensures b1 ==> fooVar>0;
-ensures b2 ==> fooVar==0;
-ensures b3 ==> xVar<0;
-{
- fooVar:=5;
- assert(fooVar>5);
- xVar:=0;
- assert(xVar>0);
-}
-
-// expected outcome: Errors
-// expected assigment: b1->True,b2->True,b3->True
-
-
-
-
-
-
-
+// RUN: %boogie -noinfer -contractInfer -printAssignment "%s" > "%t"
+// RUN: %diff "%s.expect" "%t"
+const {:existential true} b1:bool;
+const {:existential true} b2:bool;
+const {:existential true} b3:bool;
+
+axiom(b1 && b2 && b3);
+
+var fooVar: int;
+var xVar: int;
+
+
+procedure foo()
+modifies fooVar;
+modifies xVar;
+ensures b1 ==> fooVar>0;
+ensures b2 ==> fooVar==0;
+ensures b3 ==> xVar<0;
+{
+ fooVar:=5;
+ assert(fooVar>5);
+ xVar:=0;
+ assert(xVar>0);
+}
+
+// expected outcome: Errors
+// expected assigment: b1->True,b2->True,b3->True
+
+
+
+
+
+
+
diff --git a/Test/houdini/mergedProgSingle_dac.bpl b/Test/houdini/mergedProgSingle_dac.bpl
index 26ff38d7..e891254f 100644
--- a/Test/houdini/mergedProgSingle_dac.bpl
+++ b/Test/houdini/mergedProgSingle_dac.bpl
@@ -1,7616 +1,7616 @@
-// RUN: %boogie /nologo /contractInfer /inlineDepth:1 /printAssignment /noinfer "%s" > "%t"
-// RUN: %diff "%s.expect" "%t"
-
-function _v2.ite(b: bool, x: int, y: int) : int;
-
-var _v2.OK: bool;
-
-var {:extern} _v2.Mem: [name][int]int;
-
-var {:extern} _v2.alloc: int;
-
-var {:extern} _v2.Mem_T.A1CHAR: [int]int;
-
-var {:extern} _v2.Mem_T.A5UCHAR: [int]int;
-
-var {:extern} _v2.Mem_T.A6UCHAR: [int]int;
-
-var {:extern} _v2.Mem_T.CHAR: [int]int;
-
-var {:extern} _v2.Mem_T.INT4: [int]int;
-
-var {:extern} _v2.Mem_T.PCHAR: [int]int;
-
-var {:extern} _v2.Mem_T.PUCHAR: [int]int;
-
-var {:extern} _v2.Mem_T.PVOID: [int]int;
-
-var {:extern} _v2.Mem_T.Pieee80211_scan_entry: [int]int;
-
-var {:extern} _v2.Mem_T.UCHAR: [int]int;
-
-var {:extern} _v2.Mem_T.VOID: [int]int;
-
-var {:extern} _v2.Mem_T.ieee80211_scan_entry: [int]int;
-
-var {:extern} _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry: [int]int;
-
-var {:extern} _v2.detChoiceCnt: int;
-
-var {:extern} _v2.Res_KERNEL_SOURCE: [int]int;
-
-var {:extern} _v2.Res_PROBED: [int]int;
-
-const {:extern} unique _v2.T.se_rsn_ie_ieee80211_scan_entry: name;
-
-const {:extern} unique _v2.T.A1CHAR: name;
-
-const {:extern} unique _v2.T.A5UCHAR: name;
-
-const {:extern} unique _v2.T.A6UCHAR: name;
-
-const {:extern} unique _v2.T.CHAR: name;
-
-const {:extern} unique _v2.T.INT4: name;
-
-const {:extern} unique _v2.T.PA1CHAR: name;
-
-const {:extern} unique _v2.T.PA5UCHAR: name;
-
-const {:extern} unique _v2.T.PA6UCHAR: name;
-
-const {:extern} unique _v2.T.PCHAR: name;
-
-const {:extern} unique _v2.T.PINT4: name;
-
-const {:extern} unique _v2.T.PPCHAR: name;
-
-const {:extern} unique _v2.T.PPUCHAR: name;
-
-const {:extern} unique _v2.T.PPVOID: name;
-
-const {:extern} unique _v2.T.PPieee80211_scan_entry: name;
-
-const {:extern} unique _v2.T.PUCHAR: name;
-
-const {:extern} unique _v2.T.PUINT4: name;
-
-const {:extern} unique _v2.T.PVOID: name;
-
-const {:extern} unique _v2.T.Pieee80211_scan_entry: name;
-
-const {:extern} unique _v2.T.UCHAR: name;
-
-const {:extern} unique _v2.T.UINT4: name;
-
-const {:extern} unique _v2.T.VOID: name;
-
-const {:extern} unique _v2.T.ieee80211_scan_entry: name;
-
-const {:extern} {:model_const "p"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 16} unique _v2.__ctobpl_const_8: int;
-
-const {:extern} {:model_const "leader_len"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 13} unique _v2.__ctobpl_const_2: int;
-
-const {:extern} {:model_const "p"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 15} unique _v2.__ctobpl_const_3: int;
-
-const {:extern} {:model_const "buf"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 15} unique _v2.__ctobpl_const_4: int;
-
-const {:extern} {:model_const "p"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 16} unique _v2.__ctobpl_const_5: int;
-
-const {:extern} {:model_const "leader"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 16} unique _v2.__ctobpl_const_6: int;
-
-const {:extern} {:model_const "leader_len"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 16} unique _v2.__ctobpl_const_7: int;
-
-const {:extern} {:model_const "leader"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 16} unique _v2.__ctobpl_const_9: int;
-
-const {:extern} {:model_const "leader_len"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 16} unique _v2.__ctobpl_const_10: int;
-
-const {:extern} {:model_const "encode_ie.arg.4"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 53} unique _v2.__ctobpl_const_44: int;
-
-const {:extern} {:model_const "(se.se_rsn_ie)[0]"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 66} unique _v2.__ctobpl_const_50: int;
-
-const {:extern} {:model_const "se->se_rsn_ie"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 51} unique _v2.__ctobpl_const_34: int;
-
-const {:extern} {:model_const "se.se_rsn_ie"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 67} unique _v2.__ctobpl_const_51: int;
-
-const {:extern} {:model_const "se"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 53} unique _v2.__ctobpl_const_45: int;
-
-const {:extern} {:model_const "(se.se_rsn_ie)[1]"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 67} unique _v2.__ctobpl_const_52: int;
-
-const {:extern} {:model_const "(se->se_rsn_ie)[0]"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 52} unique _v2.__ctobpl_const_37: int;
-
-const {:extern} {:model_const "se"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 53} unique _v2.__ctobpl_const_42: int;
-
-const {:extern} {:model_const "se"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 54} unique _v2.__ctobpl_const_39: int;
-
-const {:extern} {:model_const "encode_ie.arg.4"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 53} unique _v2.__ctobpl_const_47: int;
-
-const {:extern} {:model_const "se->se_rsn_ie"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 54} unique _v2.__ctobpl_const_40: int;
-
-const {:extern} {:model_const "encode_ie.arg.4"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 54} unique _v2.__ctobpl_const_38: int;
-
-const {:extern} {:model_const "se.se_rsn_ie"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 66} unique _v2.__ctobpl_const_49: int;
-
-const {:extern} {:model_const "se"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 52} unique _v2.__ctobpl_const_35: int;
-
-const {:extern} {:model_const "se->se_rsn_ie"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 53} unique _v2.__ctobpl_const_43: int;
-
-const {:extern} {:model_const "se->se_rsn_ie"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 53} unique _v2.__ctobpl_const_46: int;
-
-const {:extern} {:model_const "se.se_rsn_ie"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 65} unique _v2.__ctobpl_const_48: int;
-
-const {:extern} {:model_const "(se->se_rsn_ie)[1]"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 54} unique _v2.__ctobpl_const_41: int;
-
-const {:extern} {:model_const "se->se_rsn_ie"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 52} unique _v2.__ctobpl_const_36: int;
-
-const {:extern} {:model_const "bufsize"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 13} unique _v2.__ctobpl_const_1: int;
-
-const {:extern} {:model_const "buf"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 39} unique _v2.__ctobpl_const_31: int;
-
-const {:extern} {:model_const "ielen"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 20} unique _v2.__ctobpl_const_17: int;
-
-const {:extern} {:model_const "*(p + 1)"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 32} unique _v2.__ctobpl_const_24: int;
-
-const {:extern} {:model_const "i"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 39} unique _v2.__ctobpl_const_18: int;
-
-const {:extern} {:model_const "bufsize"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 34} unique _v2.__ctobpl_const_26: int;
-
-const {:extern} {:model_const "leader_len"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 18} unique _v2.__ctobpl_const_14: int;
-
-const {:extern} {:model_const "i"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 20} unique _v2.__ctobpl_const_27: int;
-
-const {:extern} {:model_const "se"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 51} unique _v2.__ctobpl_const_33: int;
-
-const {:extern} {:model_const "result.question.3"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 39} unique _v2.__ctobpl_const_28: int;
-
-const {:extern} {:model_const "i"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 20} unique _v2.__ctobpl_const_15: int;
-
-const {:extern} {:model_const "bufsize"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 17} unique _v2.__ctobpl_const_11: int;
-
-const {:extern} {:model_const "result.question.3"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 39} unique _v2.__ctobpl_const_29: int;
-
-const {:extern} {:model_const "leader_len"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 17} unique _v2.__ctobpl_const_12: int;
-
-const {:extern} {:model_const "result.question.3"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 39} unique _v2.__ctobpl_const_32: int;
-
-const {:extern} {:model_const "ielen"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 39} unique _v2.__ctobpl_const_19: int;
-
-const {:extern} {:model_const "p"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 30} unique _v2.__ctobpl_const_21: int;
-
-const {:extern} {:model_const "*p"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 30} unique _v2.__ctobpl_const_22: int;
-
-const {:extern} {:model_const "p"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 32} unique _v2.__ctobpl_const_23: int;
-
-const {:extern} {:model_const "i"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 20} unique _v2.__ctobpl_const_16: int;
-
-const {:extern} {:model_const "bufsize"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 20} unique _v2.__ctobpl_const_20: int;
-
-const {:extern} {:model_const "p"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 33} unique _v2.__ctobpl_const_25: int;
-
-const {:extern} {:model_const "p"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 18} unique _v2.__ctobpl_const_13: int;
-
-const {:extern} {:model_const "p"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 39} unique _v2.__ctobpl_const_30: int;
-
-function {:extern} _v2.OneByteToInt(arg_0: byte) : int;
-
-function {:extern} _v2.TwoBytesToInt(arg_0: byte, arg_1: byte) : int;
-
-function {:extern} _v2.FourBytesToInt(arg_0: byte, arg_1: byte, arg_2: byte, arg_3: byte) : int;
-
-function {:extern} _v2.Field(arg_0: int) : name;
-
-function {:extern} _v2.Base(arg_0: int) : int;
-
-function {:extern} _v2.Match(a: int, t: name) : bool;
-
-function {:extern} _v2.MatchBase(b: int, a: int, t: name) : bool;
-
-function {:extern} _v2.HasType(v: int, t: name) : bool;
-
-function {:extern} _v2.T.Ptr(t: name) : name;
-
-function {:extern} _v2.se_rsn_ie_ieee80211_scan_entry(arg_0: int) : int;
-
-function {:extern} _v2.se_rsn_ie_ieee80211_scan_entryInv(arg_0: int) : int;
-
-function {:extern} _v2._S_se_rsn_ie_ieee80211_scan_entry(arg_0: [int]bool) : [int]bool;
-
-function {:extern} _v2._S_se_rsn_ie_ieee80211_scan_entryInv(arg_0: [int]bool) : [int]bool;
-
-function {:extern} _v2.INT_AND(a: int, b: int) : int;
-
-function {:extern} _v2.INT_OR(a: int, b: int) : int;
-
-function {:extern} _v2.INT_XOR(a: int, b: int) : int;
-
-function {:extern} _v2.INT_NOT(a: int) : int;
-
-function {:extern} _v2.POW2(a: int) : bool;
-
-function {:extern} _v2.INT_MINUS_LEFT_PTR(a: int, a_size: int, b: int) : int;
-
-function {:extern} _v2.INT_PLUS(a: int, a_size: int, b: int) : int;
-
-function {:extern} _v2.INT_MULT(a: int, b: int) : int;
-
-function {:extern} _v2.INT_DIV(a: int, b: int) : int;
-
-function {:extern} _v2.INT_BINARY_BOTH_INT(a: int, b: int) : int;
-
-function {:extern} _v2.BV32_EQ(x: bv32, y: bv32) : bool;
-
-function {:extern} _v2.BV32_NEQ(x: bv32, y: bv32) : bool;
-
-function {:extern} {:bvbuiltin "bvadd"} _v2.BV32_ADD(x: bv32, y: bv32) : bv32;
-
-function {:extern} {:bvbuiltin "bvsub"} _v2.BV32_SUB(x: bv32, y: bv32) : bv32;
-
-function {:extern} {:bvbuiltin "bvmul"} _v2.BV32_MULT(x: bv32, y: bv32) : bv32;
-
-function {:extern} {:bvbuiltin "bvudiv"} _v2.BV32_DIV(x: bv32, y: bv32) : bv32;
-
-function {:extern} {:bvbuiltin "bvult"} _v2.BV32_ULT(x: bv32, y: bv32) : bool;
-
-function {:extern} {:bvbuiltin "bvslt"} _v2.BV32_LT(x: bv32, y: bv32) : bool;
-
-function {:extern} {:bvbuiltin "bvule"} _v2.BV32_ULEQ(x: bv32, y: bv32) : bool;
-
-function {:extern} {:bvbuiltin "bvsle"} _v2.BV32_LEQ(x: bv32, y: bv32) : bool;
-
-function {:extern} {:bvbuiltin "bvugt"} _v2.BV32_UGT(x: bv32, y: bv32) : bool;
-
-function {:extern} {:bvbuiltin "bvsgt"} _v2.BV32_GT(x: bv32, y: bv32) : bool;
-
-function {:extern} {:bvbuiltin "bvuge"} _v2.BV32_UGEQ(x: bv32, y: bv32) : bool;
-
-function {:extern} {:bvbuiltin "bvsge"} _v2.BV32_GEQ(x: bv32, y: bv32) : bool;
-
-function {:extern} {:bvbuiltin "bvand"} _v2.BV32_AND(a: bv32, b: bv32) : bv32;
-
-function {:extern} {:bvbuiltin "bvor"} _v2.BV32_OR(a: bv32, b: bv32) : bv32;
-
-function {:extern} {:bvbuiltin "bvxor"} _v2.BV32_XOR(a: bv32, b: bv32) : bv32;
-
-function {:extern} {:bvbuiltin "bvnot"} _v2.BV32_NOT(a: bv32) : bv32;
-
-function {:extern} _v2.BV32_MINUS_BOTH_PTR_OR_BOTH_INT(a: bv32, b: bv32, size: bv32) : bv32;
-
-function {:extern} _v2.BV32_MINUS_LEFT_PTR(a: bv32, a_size: bv32, b: bv32) : bv32;
-
-function {:extern} _v2.BV32_PLUS(a: bv32, a_size: bv32, b: bv32) : bv32;
-
-function {:extern} _v2.BV32_BINARY_BOTH_INT(a: bv32, b: bv32) : bv32;
-
-function {:extern} _v2.bv32ToInt(arg_0: bv32) : int;
-
-function {:extern} _v2.intToBv32(arg_0: int) : bv32;
-
-function {:extern} _v2.choose(a: bool, b: int, c: int) : int;
-
-function {:extern} _v2.LIFT(a: bool) : int;
-
-function {:extern} _v2.PTR_NOT(a: int) : int;
-
-function {:extern} _v2.NULL_CHECK(a: int) : int;
-
-function {:extern} _v2.NewAlloc(x: int, y: int) : int;
-
-function {:extern} _v2.DetChoiceFunc(a: int) : int;
-
-function {:extern} _v2.Res_VALID_REGION(arg_0: int) : int;
-
-function {:extern} _v2.Equal(arg_0: [int]bool, arg_1: [int]bool) : bool;
-
-function {:extern} _v2.Subset(arg_0: [int]bool, arg_1: [int]bool) : bool;
-
-function {:extern} _v2.Disjoint(arg_0: [int]bool, arg_1: [int]bool) : bool;
-
-function {:extern} _v2.Empty() : [int]bool;
-
-function {:extern} _v2.SetTrue() : [int]bool;
-
-function {:extern} _v2.Singleton(arg_0: int) : [int]bool;
-
-function {:extern} _v2.Reachable(arg_0: [int,int]bool, arg_1: int) : [int]bool;
-
-function {:extern} _v2.Union(arg_0: [int]bool, arg_1: [int]bool) : [int]bool;
-
-function {:extern} _v2.Intersection(arg_0: [int]bool, arg_1: [int]bool) : [int]bool;
-
-function {:extern} _v2.Difference(arg_0: [int]bool, arg_1: [int]bool) : [int]bool;
-
-function {:extern} _v2.Dereference(arg_0: [int]bool, arg_1: [int]int) : [int]bool;
-
-function {:extern} _v2.Inverse(f: [int]int, x: int) : [int]bool;
-
-function {:extern} _v2.AtLeast(arg_0: int, arg_1: int) : [int]bool;
-
-function {:extern} _v2.Rep(arg_0: int, arg_1: int) : int;
-
-function {:extern} _v2.Array(arg_0: int, arg_1: int, arg_2: int) : [int]bool;
-
-function {:extern} _v2.Unified(arg_0: [name][int]int) : [int]int;
-
-function {:extern} _v2.value_is(c: int, e: int) : bool;
-
-
-function {:inline true} _v2.se_rsn_ie_ieee80211_scan_entry(x : int) : int
-{
-_v2.INT_ADD(x, 0)
-}
-
-function {:inline true} _v2.INT_EQ(x : int, y : int): bool
-{
-x == y
-}
-
-function {:inline true} _v2.INT_NEQ(x : int, y: int): bool
-{
-x != y
-}
-
-function {:inline true} _v2.INT_ADD(x : int, y : int): int
-{
-x + y
-}
-
-function {:inline true} _v2.INT_SUB(x : int, y : int): int
-{
- x - y
-}
-
-function {:inline true} _v2.INT_LT(x : int, y : int): bool
-{
-x < y
-}
-
-function {:inline true} _v2.INT_ULT(x : int, y : int): bool
-{
-x < y
-}
-
-function {:inline true} _v2.INT_LEQ(x : int, y : int): bool
-{
-x <= y
-}
-
-function {:inline true} _v2.INT_ULEQ(x : int, y : int): bool
-{
-x <= y
-}
-
-function {:inline true} _v2.INT_GT(x : int, y : int): bool
-{
-x > y
-}
-
-function {:inline true} _v2.INT_UGT(x : int, y : int): bool
-{
-x > y
-}
-
-function {:inline true} _v2.INT_GEQ(x : int, y : int): bool
-{
-x >= y
-}
-
-function {:inline true} _v2.INT_UGEQ(x : int, y : int): bool
-{
-x >= y
-}
-
-
-
-procedure _v2.havoc_assert(i: int);
- /* free */ requires i != 0;
- /* free */ ensures _v2.OK ==> old(_v2.OK);
-
-
-
-procedure _v2.havoc_assume(i: int);
- /* free */ ensures i != 0;
- /* free */ ensures _v2.OK ==> old(_v2.OK);
-
-
-
-procedure _v2.__HAVOC_free(a: int);
- /* free */ ensures _v2.OK ==> old(_v2.OK);
-
-
-
-procedure _v2.__HAVOC_malloc(obj_size: int) returns (new: int);
- /* free */ requires _v2.INT_GEQ(obj_size, 0);
- modifies _v2.alloc;
- /* free */ ensures new == old(_v2.alloc);
- /* free */ ensures _v2.INT_GT(_v2.alloc, _v2.INT_ADD(new, obj_size));
- /* free */ ensures _v2.Base(new) == new;
- /* free */ ensures _v2.INT_GEQ(new, 0);
- /* free */ ensures _v2.OK ==> old(_v2.OK);
-
-
-
-procedure _v2.__HAVOC_det_malloc(obj_size: int) returns (new: int);
- /* free */ requires _v2.INT_GEQ(obj_size, 0);
- modifies _v2.alloc;
- /* free */ ensures new == old(_v2.alloc);
- /* free */ ensures _v2.INT_GT(_v2.alloc, _v2.INT_ADD(new, obj_size));
- /* free */ ensures _v2.Base(new) == new;
- /* free */ ensures _v2.alloc == _v2.NewAlloc(old(_v2.alloc), obj_size);
- /* free */ ensures _v2.INT_GEQ(new, 0);
- /* free */ ensures _v2.OK ==> old(_v2.OK);
-
-
-
-
-procedure _v2.nondet_choice() returns (x: int);
- /* free */ ensures _v2.OK ==> old(_v2.OK);
-
-
-
-procedure _v2.det_choice() returns (x: int);
- modifies _v2.detChoiceCnt;
- /* free */ ensures _v2.detChoiceCnt == _v2.INT_ADD(old(_v2.detChoiceCnt), 1);
- /* free */ ensures x == _v2.DetChoiceFunc(old(_v2.detChoiceCnt));
- /* free */ ensures _v2.OK ==> old(_v2.OK);
-
-
-
-procedure _v2._strdup(str: int) returns (new: int);
- /* free */ ensures _v2.OK ==> old(_v2.OK);
-
-
-
-procedure _v2._xstrcasecmp(a0: int, a1: int) returns (ret: int);
- /* free */ ensures _v2.OK ==> old(_v2.OK);
-
-
-
-procedure _v2._xstrcmp(a0: int, a1: int) returns (ret: int);
- /* free */ ensures _v2.OK ==> old(_v2.OK);
-
-
-
-procedure _v2.memcpy(a0: int, a1: int, a2: int) returns (ret: int);
- /* free */ ensures _v2.OK ==> old(_v2.OK);
-
-
-
-procedure _v2.encode_ie(buf_.1: int,
- bufsize_.1: int,
- ie_.1: int,
- ielen_.1: int,
- leader_.1: int,
- leader_len_.1: int)
- returns (result.encode_ie$1: int);
- modifies _v2.OK, _v2.Mem_T.UCHAR;
- /* free */ ensures _v2.OK ==> old(_v2.OK);
-
-
-
-procedure _v2.giwscan_cb(se_.1: int) returns (result.giwscan_cb$1: int);
- modifies _v2.alloc, _v2.OK, _v2.Mem_T.UCHAR;
- /* free */ ensures _v2.OK ==> old(_v2.OK);
-
-
-
-procedure _v2.main() returns (result.main$1: int);
- modifies _v2.alloc, _v2.OK, _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v2.Mem_T.UCHAR;
- /* free */ ensures _v2.OK ==> old(_v2.OK);
-
-
-
-procedure _v2.encode_ie_loop_label_14_head(in_bufsize: int, in_i: int, in_ielen: int, in_p: int, in_tempBoogie0: int)
- returns (out_bufsize: int, out_i: int, out_p: int, out_tempBoogie0: int);
- modifies _v2.Mem_T.UCHAR, _v2.OK;
- /* free */ ensures _v2.OK ==> old(_v2.OK);
-
-
-
-implementation _v2.encode_ie(buf_.1: int,
- bufsize_.1: int,
- ie_.1: int,
- ielen_.1: int,
- leader_.1: int,
- leader_len_.1: int)
- returns (result.encode_ie$1: int)
-{
- var {:extern} havoc_stringTemp: int;
- var {:extern} condVal: int;
- var {:extern} buf: int;
- var {:extern} bufsize: int;
- var {:extern} i: int;
- var {:extern} ie: int;
- var {:extern} ielen: int;
- var {:extern} leader: int;
- var {:extern} leader_len: int;
- var {:extern} p: int;
- var {:extern} result.memcpy$2: int;
- var {:extern} $result.question.3.$$static$: int;
- var {:extern} tempBoogie0: int;
- var {:extern} tempBoogie1: int;
- var {:extern} tempBoogie2: int;
- var {:extern} tempBoogie3: int;
- var {:extern} tempBoogie4: int;
- var {:extern} tempBoogie5: int;
- var {:extern} tempBoogie6: int;
- var {:extern} tempBoogie7: int;
- var {:extern} tempBoogie8: int;
- var {:extern} tempBoogie9: int;
- var {:extern} tempBoogie10: int;
- var {:extern} tempBoogie11: int;
- var {:extern} tempBoogie12: int;
- var {:extern} tempBoogie13: int;
- var {:extern} tempBoogie14: int;
- var {:extern} tempBoogie15: int;
- var {:extern} tempBoogie16: int;
- var {:extern} tempBoogie17: int;
- var {:extern} tempBoogie18: int;
- var {:extern} tempBoogie19: int;
- var {:extern} __havoc_dummy_return: int;
-
- anon0#2:
- havoc_stringTemp := 0;
- goto start#2;
-
- start#2:
- assume _v2.INT_LT(buf_.1, _v2.alloc);
- assume _v2.INT_LT(ie_.1, _v2.alloc);
- assume _v2.INT_LT(leader_.1, _v2.alloc);
- buf := 0;
- assume _v2.INT_GEQ(buf_.1, 0);
- bufsize := 0;
- i := 0;
- ie := 0;
- assume _v2.INT_GEQ(ie_.1, 0);
- ielen := 0;
- leader := 0;
- assume _v2.INT_GEQ(leader_.1, 0);
- leader_len := 0;
- p := 0;
- result.encode_ie$1 := 0;
- result.memcpy$2 := 0;
- $result.question.3.$$static$ := 0;
- buf := buf_.1;
- bufsize := bufsize_.1;
- ie := ie_.1;
- ielen := ielen_.1;
- leader := leader_.1;
- leader_len := leader_len_.1;
- goto label_3#2;
-
- label_3#2:
- _v2.OK := _v2.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 9} true;
- goto label_4#2;
-
- label_4#2:
- _v2.OK := _v2.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 10} true;
- goto label_5#2;
-
- label_5#2:
- _v2.OK := _v2.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 13} true;
- goto label_5_true#2, label_5_false#2;
-
- label_5_false#2:
- assume !_v2.INT_LT(bufsize, leader_len);
- assume _v2.value_is(_v2.__ctobpl_const_1, bufsize);
- assume _v2.value_is(_v2.__ctobpl_const_2, leader_len);
- goto label_6#2;
-
- label_6#2:
- _v2.OK := _v2.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 15} true;
- p := buf;
- assume _v2.value_is(_v2.__ctobpl_const_3, p);
- assume _v2.value_is(_v2.__ctobpl_const_4, buf);
- goto label_8#2;
-
- label_8#2:
- _v2.OK := _v2.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 16} true;
- call result.memcpy$2 := _v2.memcpy(p, leader, leader_len);
- assume _v2.value_is(_v2.__ctobpl_const_5, p);
- assume _v2.value_is(_v2.__ctobpl_const_6, leader);
- assume _v2.value_is(_v2.__ctobpl_const_7, leader_len);
- assume _v2.value_is(_v2.__ctobpl_const_8, p);
- assume _v2.value_is(_v2.__ctobpl_const_9, leader);
- assume _v2.value_is(_v2.__ctobpl_const_10, leader_len);
- goto label_11#2;
-
- label_11#2:
- _v2.OK := _v2.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 17} true;
- havoc tempBoogie0;
- assume _v2.INT_MINUS_BOTH_PTR_OR_BOTH_INT(bufsize, leader_len, 1, tempBoogie0);
- bufsize := tempBoogie0;
- assume _v2.value_is(_v2.__ctobpl_const_11, bufsize);
- assume _v2.value_is(_v2.__ctobpl_const_12, leader_len);
- goto label_12#2;
-
- label_12#2:
- _v2.OK := _v2.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 18} true;
- tempBoogie0 := _v2.INT_PLUS(p, 1, leader_len);
- p := tempBoogie0;
- assume _v2.value_is(_v2.__ctobpl_const_13, p);
- assume _v2.value_is(_v2.__ctobpl_const_14, leader_len);
- goto label_13#2;
-
- label_13#2:
- _v2.OK := _v2.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 20} true;
- i := 0;
- assume _v2.value_is(_v2.__ctobpl_const_15, i);
- goto label_14#2;
-
- label_14#2:
- _v2.OK := _v2.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 20} true;
- goto label_14_head#2;
-
- label_14_head#2:
- call bufsize, i, p, tempBoogie0 := _v2.encode_ie_loop_label_14_head(bufsize, i, ielen, p, tempBoogie0);
- goto label_14_head_last#2;
-
- label_14_head_last#2:
- goto label_14_true#2, label_14_false#2;
-
- label_14_false#2:
- assume !_v2.INT_LT(i, ielen);
- assume _v2.value_is(_v2.__ctobpl_const_16, i);
- assume _v2.value_is(_v2.__ctobpl_const_17, ielen);
- goto label_15#2;
-
- label_14_true#2:
- assume _v2.INT_LT(i, ielen);
- assume _v2.value_is(_v2.__ctobpl_const_16, i);
- assume _v2.value_is(_v2.__ctobpl_const_17, ielen);
- goto label_16#2;
-
- label_16#2:
- _v2.OK := _v2.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 20} true;
- goto label_16_true#2, label_16_false#2;
-
- label_16_false#2:
- assume !_v2.INT_LT(2, bufsize);
- assume _v2.value_is(_v2.__ctobpl_const_20, bufsize);
- goto label_15#2;
-
- label_15#2:
- _v2.OK := _v2.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 39} true;
- goto label_15_true#2, label_15_false#2;
-
- label_15_false#2:
- assume !_v2.INT_EQ(i, ielen);
- assume _v2.value_is(_v2.__ctobpl_const_18, i);
- assume _v2.value_is(_v2.__ctobpl_const_19, ielen);
- goto label_22#2;
-
- label_22#2:
- _v2.OK := _v2.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 39} true;
- $result.question.3.$$static$ := 0;
- assume _v2.value_is(_v2.__ctobpl_const_28, $result.question.3.$$static$);
- goto label_24#2;
-
- label_15_true#2:
- assume _v2.INT_EQ(i, ielen);
- assume _v2.value_is(_v2.__ctobpl_const_18, i);
- assume _v2.value_is(_v2.__ctobpl_const_19, ielen);
- goto label_23#2;
-
- label_23#2:
- _v2.OK := _v2.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 39} true;
- havoc $result.question.3.$$static$;
- assume _v2.INT_MINUS_BOTH_PTR_OR_BOTH_INT(p, buf, 1, $result.question.3.$$static$);
- assume _v2.value_is(_v2.__ctobpl_const_29, $result.question.3.$$static$);
- assume _v2.value_is(_v2.__ctobpl_const_30, p);
- assume _v2.value_is(_v2.__ctobpl_const_31, buf);
- goto label_24#2;
-
- label_24#2:
- _v2.OK := _v2.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 39} true;
- result.encode_ie$1 := $result.question.3.$$static$;
- assume _v2.value_is(_v2.__ctobpl_const_32, $result.question.3.$$static$);
- goto label_1#2;
-
- label_16_true#2:
- assume _v2.INT_LT(2, bufsize);
- assume _v2.value_is(_v2.__ctobpl_const_20, bufsize);
- goto label_17#2;
-
- label_17#2:
- _v2.OK := _v2.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 30} true;
- assume _v2.INT_GEQ(p, 0);
- _v2.OK := _v2.OK && _v2.Res_VALID_REGION(p) == 1;
- assert true;
- _v2.Mem_T.UCHAR := _v2.Mem_T.UCHAR[p := 120];
- assume _v2.value_is(_v2.__ctobpl_const_21, p);
- assume _v2.value_is(_v2.__ctobpl_const_22, _v2.Mem_T.UCHAR[p]);
- goto label_18#2;
-
- label_18#2:
- _v2.OK := _v2.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 32} true;
- assume _v2.INT_GEQ(_v2.INT_PLUS(p, 1, 1), 0);
- _v2.OK := _v2.OK && _v2.Res_VALID_REGION(_v2.INT_PLUS(p, 1, 1)) == 1;
- assert true;
- _v2.Mem_T.UCHAR := _v2.Mem_T.UCHAR[_v2.INT_PLUS(p, 1, 1) := 120];
- assume _v2.value_is(_v2.__ctobpl_const_23, p);
- assume _v2.value_is(_v2.__ctobpl_const_24, _v2.Mem_T.UCHAR[_v2.INT_PLUS(p, 1, 1)]);
- goto label_19#2;
-
- label_19#2:
- _v2.OK := _v2.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 33} true;
- tempBoogie0 := _v2.INT_PLUS(p, 1, 2);
- p := tempBoogie0;
- assume _v2.value_is(_v2.__ctobpl_const_25, p);
- goto label_20#2;
-
- label_20#2:
- _v2.OK := _v2.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 34} true;
- havoc tempBoogie0;
- assume _v2.INT_MINUS_BOTH_PTR_OR_BOTH_INT(bufsize, 2, 1, tempBoogie0);
- bufsize := tempBoogie0;
- assume _v2.value_is(_v2.__ctobpl_const_26, bufsize);
- goto label_21#2;
-
- label_21#2:
- _v2.OK := _v2.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 20} true;
- assume _v2.value_is(_v2.__ctobpl_const_27, i);
- i := _v2.INT_PLUS(i, 1, 1);
- goto label_21_dummy#2;
-
- label_21_dummy#2:
- assume false;
- return;
-
- label_5_true#2:
- assume _v2.INT_LT(bufsize, leader_len);
- assume _v2.value_is(_v2.__ctobpl_const_1, bufsize);
- assume _v2.value_is(_v2.__ctobpl_const_2, leader_len);
- goto label_7#2;
-
- label_7#2:
- _v2.OK := _v2.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 14} true;
- result.encode_ie$1 := 0;
- goto label_1#2;
-
- label_1#2:
- _v2.OK := _v2.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 40} true;
- return;
-}
-
-
-
-implementation _v2.giwscan_cb(se_.1: int) returns (result.giwscan_cb$1: int)
-{
- var {:extern} havoc_stringTemp: int;
- var {:extern} condVal: int;
- var {:extern} buf: int;
- var {:extern} $encode_ie.arg.4$3.$$static$: int;
- var {:extern} result.encode_ie$2: int;
- var {:extern} rsn_leader: int;
- var {:extern} se: int;
- var {:extern} tempBoogie0: int;
- var {:extern} tempBoogie1: int;
- var {:extern} tempBoogie2: int;
- var {:extern} tempBoogie3: int;
- var {:extern} tempBoogie4: int;
- var {:extern} tempBoogie5: int;
- var {:extern} tempBoogie6: int;
- var {:extern} tempBoogie7: int;
- var {:extern} tempBoogie8: int;
- var {:extern} tempBoogie9: int;
- var {:extern} tempBoogie10: int;
- var {:extern} tempBoogie11: int;
- var {:extern} tempBoogie12: int;
- var {:extern} tempBoogie13: int;
- var {:extern} tempBoogie14: int;
- var {:extern} tempBoogie15: int;
- var {:extern} tempBoogie16: int;
- var {:extern} tempBoogie17: int;
- var {:extern} tempBoogie18: int;
- var {:extern} tempBoogie19: int;
- var {:extern} __havoc_dummy_return: int;
-
- anon0#2:
- havoc_stringTemp := 0;
- goto start#2;
-
- start#2:
- assume _v2.INT_LT(se_.1, _v2.alloc);
- call buf := _v2.__HAVOC_det_malloc(6);
- $encode_ie.arg.4$3.$$static$ := 0;
- result.encode_ie$2 := 0;
- result.giwscan_cb$1 := 0;
- call rsn_leader := _v2.__HAVOC_det_malloc(1);
- se := 0;
- assume _v2.INT_GEQ(se_.1, 0);
- se := se_.1;
- goto label_3#2;
-
- label_3#2:
- _v2.OK := _v2.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 46} true;
- goto label_4#2;
-
- label_4#2:
- _v2.OK := _v2.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 47} true;
- goto label_5#2;
-
- label_5#2:
- _v2.OK := _v2.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 51} true;
- assume _v2.INT_GEQ(se, 0);
- _v2.OK := _v2.OK && _v2.Res_VALID_REGION(_v2.se_rsn_ie_ieee80211_scan_entry(se)) == 1;
- assert true;
- goto label_5_true#2, label_5_false#2;
-
- label_5_false#2:
- assume _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)]
- == 0;
- assume _v2.value_is(_v2.__ctobpl_const_33, se);
- assume _v2.value_is(_v2.__ctobpl_const_34,
- _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)]);
- goto label_6#2;
-
- label_5_true#2:
- assume _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)]
- != 0;
- assume _v2.value_is(_v2.__ctobpl_const_33, se);
- assume _v2.value_is(_v2.__ctobpl_const_34,
- _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)]);
- goto label_7#2;
-
- label_7#2:
- _v2.OK := _v2.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 52} true;
- assume _v2.INT_GEQ(se, 0);
- _v2.OK := _v2.OK && _v2.Res_VALID_REGION(_v2.se_rsn_ie_ieee80211_scan_entry(se)) == 1;
- assert true;
- assume _v2.INT_GEQ(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)],
- 0);
- _v2.OK := _v2.OK
- && _v2.Res_VALID_REGION(_v2.INT_PLUS(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)],
- 1,
- 0))
- == 1;
- assert true;
- goto label_7_true#2, label_7_false#2;
-
- label_7_false#2:
- assume !_v2.INT_EQ(_v2.Mem_T.UCHAR[_v2.INT_PLUS(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)],
- 1,
- 0)],
- 200);
- assume _v2.value_is(_v2.__ctobpl_const_35, se);
- assume _v2.value_is(_v2.__ctobpl_const_36,
- _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)]);
- assume _v2.value_is(_v2.__ctobpl_const_37,
- _v2.Mem_T.UCHAR[_v2.INT_PLUS(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)],
- 1,
- 0)]);
- goto label_6#2;
-
- label_7_true#2:
- assume _v2.INT_EQ(_v2.Mem_T.UCHAR[_v2.INT_PLUS(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)],
- 1,
- 0)],
- 200);
- assume _v2.value_is(_v2.__ctobpl_const_35, se);
- assume _v2.value_is(_v2.__ctobpl_const_36,
- _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)]);
- assume _v2.value_is(_v2.__ctobpl_const_37,
- _v2.Mem_T.UCHAR[_v2.INT_PLUS(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)],
- 1,
- 0)]);
- goto label_8#2;
-
- label_8#2:
- _v2.OK := _v2.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 54} true;
- assume _v2.INT_GEQ(se, 0);
- _v2.OK := _v2.OK && _v2.Res_VALID_REGION(_v2.se_rsn_ie_ieee80211_scan_entry(se)) == 1;
- assert true;
- assume _v2.INT_GEQ(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)],
- 0);
- _v2.OK := _v2.OK
- && _v2.Res_VALID_REGION(_v2.INT_PLUS(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)],
- 1,
- 1))
- == 1;
- assert true;
- $encode_ie.arg.4$3.$$static$ := _v2.INT_PLUS(_v2.Mem_T.UCHAR[_v2.INT_PLUS(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)],
- 1,
- 1)],
- 1,
- 2);
- assume _v2.value_is(_v2.__ctobpl_const_38, $encode_ie.arg.4$3.$$static$);
- assume _v2.value_is(_v2.__ctobpl_const_39, se);
- assume _v2.value_is(_v2.__ctobpl_const_40,
- _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)]);
- assume _v2.value_is(_v2.__ctobpl_const_41,
- _v2.Mem_T.UCHAR[_v2.INT_PLUS(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)],
- 1,
- 1)]);
- goto label_9#2;
-
- label_9#2:
- _v2.OK := _v2.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 53} true;
- assume _v2.INT_GEQ(se, 0);
- _v2.OK := _v2.OK && _v2.Res_VALID_REGION(_v2.se_rsn_ie_ieee80211_scan_entry(se)) == 1;
- assert true;
- assume _v2.INT_GEQ(se, 0);
- _v2.OK := _v2.OK && _v2.Res_VALID_REGION(_v2.se_rsn_ie_ieee80211_scan_entry(se)) == 1;
- assert true;
- call result.encode_ie$2 := _v2.encode_ie(buf, 6, _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)], $encode_ie.arg.4$3.$$static$, rsn_leader, 1);
- assume _v2.value_is(_v2.__ctobpl_const_42, se);
- assume _v2.value_is(_v2.__ctobpl_const_43,
- _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)]);
- assume _v2.value_is(_v2.__ctobpl_const_44, $encode_ie.arg.4$3.$$static$);
- assume _v2.value_is(_v2.__ctobpl_const_45, se);
- assume _v2.value_is(_v2.__ctobpl_const_46,
- _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)]);
- assume _v2.value_is(_v2.__ctobpl_const_47, $encode_ie.arg.4$3.$$static$);
- goto label_6#2;
-
- label_6#2:
- _v2.OK := _v2.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 58} true;
- result.giwscan_cb$1 := 0;
- goto label_1#2;
-
- label_1#2:
- _v2.OK := _v2.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 59} true;
- call _v2.__HAVOC_free(buf);
- call _v2.__HAVOC_free(rsn_leader);
- return;
-}
-
-
-
-implementation _v2.main() returns (result.main$1: int)
-{
- var {:extern} havoc_stringTemp: int;
- var {:extern} condVal: int;
- var {:extern} ie: int;
- var {:extern} result.giwscan_cb$2: int;
- var {:extern} se: int;
- var {:extern} tempBoogie0: int;
- var {:extern} tempBoogie1: int;
- var {:extern} tempBoogie2: int;
- var {:extern} tempBoogie3: int;
- var {:extern} tempBoogie4: int;
- var {:extern} tempBoogie5: int;
- var {:extern} tempBoogie6: int;
- var {:extern} tempBoogie7: int;
- var {:extern} tempBoogie8: int;
- var {:extern} tempBoogie9: int;
- var {:extern} tempBoogie10: int;
- var {:extern} tempBoogie11: int;
- var {:extern} tempBoogie12: int;
- var {:extern} tempBoogie13: int;
- var {:extern} tempBoogie14: int;
- var {:extern} tempBoogie15: int;
- var {:extern} tempBoogie16: int;
- var {:extern} tempBoogie17: int;
- var {:extern} tempBoogie18: int;
- var {:extern} tempBoogie19: int;
- var {:extern} __havoc_dummy_return: int;
-
- anon0#2:
- havoc_stringTemp := 0;
- goto start#2;
-
- start#2:
- call ie := _v2.__HAVOC_det_malloc(5);
- result.giwscan_cb$2 := 0;
- result.main$1 := 0;
- call se := _v2.__HAVOC_det_malloc(4);
- goto label_3#2;
-
- label_3#2:
- _v2.OK := _v2.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 63} true;
- goto label_4#2;
-
- label_4#2:
- _v2.OK := _v2.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 64} true;
- goto label_5#2;
-
- label_5#2:
- _v2.OK := _v2.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 65} true;
- _v2.OK := _v2.OK && _v2.Res_VALID_REGION(_v2.se_rsn_ie_ieee80211_scan_entry(se)) == 1;
- assert true;
- _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry := _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se) := ie];
- assume _v2.value_is(_v2.__ctobpl_const_48,
- _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)]);
- goto label_6#2;
-
- label_6#2:
- _v2.OK := _v2.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 66} true;
- _v2.OK := _v2.OK && _v2.Res_VALID_REGION(_v2.se_rsn_ie_ieee80211_scan_entry(se)) == 1;
- assert true;
- assume _v2.INT_GEQ(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)],
- 0);
- _v2.OK := _v2.OK
- && _v2.Res_VALID_REGION(_v2.INT_PLUS(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)],
- 1,
- 0))
- == 1;
- assert true;
- _v2.Mem_T.UCHAR := _v2.Mem_T.UCHAR[_v2.INT_PLUS(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)],
- 1,
- 0) := 200];
- assume _v2.value_is(_v2.__ctobpl_const_49,
- _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)]);
- assume _v2.value_is(_v2.__ctobpl_const_50,
- _v2.Mem_T.UCHAR[_v2.INT_PLUS(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)],
- 1,
- 0)]);
- goto label_7#2;
-
- label_7#2:
- _v2.OK := _v2.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 67} true;
- _v2.OK := _v2.OK && _v2.Res_VALID_REGION(_v2.se_rsn_ie_ieee80211_scan_entry(se)) == 1;
- assert true;
- assume _v2.INT_GEQ(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)],
- 0);
- _v2.OK := _v2.OK
- && _v2.Res_VALID_REGION(_v2.INT_PLUS(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)],
- 1,
- 1))
- == 1;
- assert true;
- _v2.Mem_T.UCHAR := _v2.Mem_T.UCHAR[_v2.INT_PLUS(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)],
- 1,
- 1) := 3];
- assume _v2.value_is(_v2.__ctobpl_const_51,
- _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)]);
- assume _v2.value_is(_v2.__ctobpl_const_52,
- _v2.Mem_T.UCHAR[_v2.INT_PLUS(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)],
- 1,
- 1)]);
- goto label_8#2;
-
- label_8#2:
- _v2.OK := _v2.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 69} true;
- assume _v2.INT_GT(se, 0);
- assume _v2.INT_GT(se, 0);
- call result.giwscan_cb$2 := _v2.giwscan_cb(se);
- goto label_11#2;
-
- label_11#2:
- _v2.OK := _v2.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 71} true;
- result.main$1 := 0;
- goto label_1#2;
-
- label_1#2:
- _v2.OK := _v2.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 72} true;
- call _v2.__HAVOC_free(ie);
- call _v2.__HAVOC_free(se);
- return;
-}
-
-
-
-implementation _v2.encode_ie_loop_label_14_head(in_bufsize: int, in_i: int, in_ielen: int, in_p: int, in_tempBoogie0: int)
- returns (out_bufsize: int, out_i: int, out_p: int, out_tempBoogie0: int)
-{
-
- entry#2:
- out_bufsize, out_i, out_p, out_tempBoogie0 := in_bufsize, in_i, in_p, in_tempBoogie0;
- goto label_14_head#2;
-
- label_14_head#2:
- goto label_14_true#2, label_14_false#2;
-
- label_14_false#2:
- assume !_v2.INT_LT(out_i, in_ielen);
- assume _v2.value_is(_v2.__ctobpl_const_16, out_i);
- assume _v2.value_is(_v2.__ctobpl_const_17, in_ielen);
- out_bufsize, out_i, out_p, out_tempBoogie0 := in_bufsize, in_i, in_p, in_tempBoogie0;
- _v2.Mem_T.UCHAR := old(_v2.Mem_T.UCHAR);
- return;
-
- label_14_true#2:
- assume _v2.INT_LT(out_i, in_ielen);
- assume _v2.value_is(_v2.__ctobpl_const_16, out_i);
- assume _v2.value_is(_v2.__ctobpl_const_17, in_ielen);
- goto label_16#2;
-
- label_16#2:
- _v2.OK := _v2.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 20} true;
- goto label_16_true#2, label_16_false#2;
-
- label_16_false#2:
- assume !_v2.INT_LT(2, out_bufsize);
- assume _v2.value_is(_v2.__ctobpl_const_20, out_bufsize);
- out_bufsize, out_i, out_p, out_tempBoogie0 := in_bufsize, in_i, in_p, in_tempBoogie0;
- _v2.Mem_T.UCHAR := old(_v2.Mem_T.UCHAR);
- return;
-
- label_16_true#2:
- assume _v2.INT_LT(2, out_bufsize);
- assume _v2.value_is(_v2.__ctobpl_const_20, out_bufsize);
- goto label_17#2;
-
- label_17#2:
- _v2.OK := _v2.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 30} true;
- assume _v2.INT_GEQ(out_p, 0);
- _v2.OK := _v2.OK && _v2.Res_VALID_REGION(out_p) == 1;
- assert true;
- _v2.Mem_T.UCHAR := _v2.Mem_T.UCHAR[out_p := 120];
- assume _v2.value_is(_v2.__ctobpl_const_21, out_p);
- assume _v2.value_is(_v2.__ctobpl_const_22, _v2.Mem_T.UCHAR[out_p]);
- goto label_18#2;
-
- label_18#2:
- _v2.OK := _v2.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 32} true;
- assume _v2.INT_GEQ(_v2.INT_PLUS(out_p, 1, 1), 0);
- _v2.OK := _v2.OK && _v2.Res_VALID_REGION(_v2.INT_PLUS(out_p, 1, 1)) == 1;
- assert true;
- _v2.Mem_T.UCHAR := _v2.Mem_T.UCHAR[_v2.INT_PLUS(out_p, 1, 1) := 120];
- assume _v2.value_is(_v2.__ctobpl_const_23, out_p);
- assume _v2.value_is(_v2.__ctobpl_const_24, _v2.Mem_T.UCHAR[_v2.INT_PLUS(out_p, 1, 1)]);
- goto label_19#2;
-
- label_19#2:
- _v2.OK := _v2.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 33} true;
- out_tempBoogie0 := _v2.INT_PLUS(out_p, 1, 2);
- out_p := out_tempBoogie0;
- assume _v2.value_is(_v2.__ctobpl_const_25, out_p);
- goto label_20#2;
-
- label_20#2:
- _v2.OK := _v2.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 34} true;
- havoc out_tempBoogie0;
- assume _v2.INT_MINUS_BOTH_PTR_OR_BOTH_INT(out_bufsize, 2, 1, out_tempBoogie0);
- out_bufsize := out_tempBoogie0;
- assume _v2.value_is(_v2.__ctobpl_const_26, out_bufsize);
- goto label_21#2;
-
- label_21#2:
- _v2.OK := _v2.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 20} true;
- assume _v2.value_is(_v2.__ctobpl_const_27, out_i);
- out_i := _v2.INT_PLUS(out_i, 1, 1);
- goto label_21_dummy#2;
-
- label_21_dummy#2:
- call out_bufsize, out_i, out_p, out_tempBoogie0 := _v2.encode_ie_loop_label_14_head(out_bufsize, out_i, in_ielen, out_p, out_tempBoogie0);
- return;
-}
-
-
-
-function _v1.ite(b: bool, x: int, y: int) : int;
-
-
-var _v1.OK: bool;
-
-var {:extern} _v1.Mem: [name][int]int;
-
-var {:extern} _v1.alloc: int;
-
-var {:extern} _v1.Mem_T.A1CHAR: [int]int;
-
-var {:extern} _v1.Mem_T.A5UCHAR: [int]int;
-
-var {:extern} _v1.Mem_T.A6UCHAR: [int]int;
-
-var {:extern} _v1.Mem_T.CHAR: [int]int;
-
-var {:extern} _v1.Mem_T.INT4: [int]int;
-
-var {:extern} _v1.Mem_T.PCHAR: [int]int;
-
-var {:extern} _v1.Mem_T.PUCHAR: [int]int;
-
-var {:extern} _v1.Mem_T.PVOID: [int]int;
-
-var {:extern} _v1.Mem_T.Pieee80211_scan_entry: [int]int;
-
-var {:extern} _v1.Mem_T.UCHAR: [int]int;
-
-var {:extern} _v1.Mem_T.VOID: [int]int;
-
-var {:extern} _v1.Mem_T.ieee80211_scan_entry: [int]int;
-
-var {:extern} _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry: [int]int;
-
-var {:extern} _v1.detChoiceCnt: int;
-
-var {:extern} _v1.Res_KERNEL_SOURCE: [int]int;
-
-var {:extern} _v1.Res_PROBED: [int]int;
-
-const {:extern} unique _v1.T.se_rsn_ie_ieee80211_scan_entry: name;
-
-const {:extern} unique _v1.T.A1CHAR: name;
-
-const {:extern} unique _v1.T.A5UCHAR: name;
-
-const {:extern} unique _v1.T.A6UCHAR: name;
-
-const {:extern} unique _v1.T.CHAR: name;
-
-const {:extern} unique _v1.T.INT4: name;
-
-const {:extern} unique _v1.T.PA1CHAR: name;
-
-const {:extern} unique _v1.T.PA5UCHAR: name;
-
-const {:extern} unique _v1.T.PA6UCHAR: name;
-
-const {:extern} unique _v1.T.PCHAR: name;
-
-const {:extern} unique _v1.T.PINT4: name;
-
-const {:extern} unique _v1.T.PPCHAR: name;
-
-const {:extern} unique _v1.T.PPUCHAR: name;
-
-const {:extern} unique _v1.T.PPVOID: name;
-
-const {:extern} unique _v1.T.PPieee80211_scan_entry: name;
-
-const {:extern} unique _v1.T.PUCHAR: name;
-
-const {:extern} unique _v1.T.PUINT4: name;
-
-const {:extern} unique _v1.T.PVOID: name;
-
-const {:extern} unique _v1.T.Pieee80211_scan_entry: name;
-
-const {:extern} unique _v1.T.UCHAR: name;
-
-const {:extern} unique _v1.T.UINT4: name;
-
-const {:extern} unique _v1.T.VOID: name;
-
-const {:extern} unique _v1.T.ieee80211_scan_entry: name;
-
-const {:extern} {:model_const "p"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 16} unique _v1.__ctobpl_const_5: int;
-
-const {:extern} {:model_const "leader"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 16} unique _v1.__ctobpl_const_6: int;
-
-const {:extern} {:model_const "leader_len"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 16} unique _v1.__ctobpl_const_7: int;
-
-const {:extern} {:model_const "leader"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 16} unique _v1.__ctobpl_const_9: int;
-
-const {:extern} {:model_const "bufsize"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 13} unique _v1.__ctobpl_const_1: int;
-
-const {:extern} {:model_const "p"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 16} unique _v1.__ctobpl_const_8: int;
-
-const {:extern} {:model_const "leader_len"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 16} unique _v1.__ctobpl_const_10: int;
-
-const {:extern} {:model_const "leader_len"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 13} unique _v1.__ctobpl_const_2: int;
-
-const {:extern} {:model_const "*(p + 1)"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 32} unique _v1.__ctobpl_const_24: int;
-
-const {:extern} {:model_const "p"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 33} unique _v1.__ctobpl_const_25: int;
-
-const {:extern} {:model_const "i"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 20} unique _v1.__ctobpl_const_26: int;
-
-const {:extern} {:model_const "result.question.3"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 38} unique _v1.__ctobpl_const_28: int;
-
-const {:extern} {:model_const "bufsize"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 17} unique _v1.__ctobpl_const_11: int;
-
-const {:extern} {:model_const "p"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 32} unique _v1.__ctobpl_const_23: int;
-
-const {:extern} {:model_const "p"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 18} unique _v1.__ctobpl_const_13: int;
-
-const {:extern} {:model_const "buf"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 38} unique _v1.__ctobpl_const_30: int;
-
-const {:extern} {:model_const "se"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 50} unique _v1.__ctobpl_const_32: int;
-
-const {:extern} {:model_const "leader_len"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 17} unique _v1.__ctobpl_const_12: int;
-
-const {:extern} {:model_const "se->se_rsn_ie"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 50} unique _v1.__ctobpl_const_33: int;
-
-const {:extern} {:model_const "bufsize"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 20} unique _v1.__ctobpl_const_20: int;
-
-const {:extern} {:model_const "*p"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 30} unique _v1.__ctobpl_const_22: int;
-
-const {:extern} {:model_const "i"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 38} unique _v1.__ctobpl_const_18: int;
-
-const {:extern} {:model_const "result.question.3"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 38} unique _v1.__ctobpl_const_31: int;
-
-const {:extern} {:model_const "ielen"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 38} unique _v1.__ctobpl_const_19: int;
-
-const {:extern} {:model_const "i"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 20} unique _v1.__ctobpl_const_16: int;
-
-const {:extern} {:model_const "p"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 30} unique _v1.__ctobpl_const_21: int;
-
-const {:extern} {:model_const "p"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 38} unique _v1.__ctobpl_const_29: int;
-
-const {:extern} {:model_const "result.question.3"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 38} unique _v1.__ctobpl_const_27: int;
-
-const {:extern} {:model_const "ielen"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 20} unique _v1.__ctobpl_const_17: int;
-
-const {:extern} {:model_const "leader_len"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 18} unique _v1.__ctobpl_const_14: int;
-
-const {:extern} {:model_const "i"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 20} unique _v1.__ctobpl_const_15: int;
-
-const {:extern} {:model_const "p"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 15} unique _v1.__ctobpl_const_3: int;
-
-const {:extern} {:model_const "buf"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 15} unique _v1.__ctobpl_const_4: int;
-
-const {:extern} {:model_const "se.se_rsn_ie"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 66} unique _v1.__ctobpl_const_50: int;
-
-const {:extern} {:model_const "(se.se_rsn_ie)[0]"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 65} unique _v1.__ctobpl_const_49: int;
-
-const {:extern} {:model_const "se.se_rsn_ie"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 65} unique _v1.__ctobpl_const_48: int;
-
-const {:extern} {:model_const "(se.se_rsn_ie)[1]"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 66} unique _v1.__ctobpl_const_51: int;
-
-const {:extern} {:model_const "se.se_rsn_ie"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 64} unique _v1.__ctobpl_const_47: int;
-
-const {:extern} {:model_const "se"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 52} unique _v1.__ctobpl_const_41: int;
-
-const {:extern} {:model_const "se->se_rsn_ie"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 52} unique _v1.__ctobpl_const_42: int;
-
-const {:extern} {:model_const "se->se_rsn_ie"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 52} unique _v1.__ctobpl_const_45: int;
-
-const {:extern} {:model_const "se->se_rsn_ie"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 51} unique _v1.__ctobpl_const_35: int;
-
-const {:extern} {:model_const "se"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 52} unique _v1.__ctobpl_const_44: int;
-
-const {:extern} {:model_const "se"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 51} unique _v1.__ctobpl_const_34: int;
-
-const {:extern} {:model_const "(se->se_rsn_ie)[1]"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 53} unique _v1.__ctobpl_const_40: int;
-
-const {:extern} {:model_const "se"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 53} unique _v1.__ctobpl_const_38: int;
-
-const {:extern} {:model_const "encode_ie.arg.4"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 52} unique _v1.__ctobpl_const_43: int;
-
-const {:extern} {:model_const "encode_ie.arg.4"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 52} unique _v1.__ctobpl_const_46: int;
-
-const {:extern} {:model_const "(se->se_rsn_ie)[0]"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 51} unique _v1.__ctobpl_const_36: int;
-
-const {:extern} {:model_const "encode_ie.arg.4"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 53} unique _v1.__ctobpl_const_37: int;
-
-const {:extern} {:model_const "se->se_rsn_ie"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 53} unique _v1.__ctobpl_const_39: int;
-
-function {:inline true} _v2.INT_MINUS_BOTH_PTR_OR_BOTH_INT(a : int, b : int, size : int, result : int) : bool
-{
- (size * result <= a - b) && (a - b < size * (result + 1))
-}
-
-
-
-procedure _v1.havoc_assert(i: int);
- /* free */ requires i != 0;
- /* free */ ensures _v1.OK ==> old(_v1.OK);
-
-
-
-procedure _v1.havoc_assume(i: int);
- /* free */ ensures i != 0;
- /* free */ ensures _v1.OK ==> old(_v1.OK);
-
-
-
-procedure _v1.__HAVOC_free(a: int);
- /* free */ ensures _v1.OK ==> old(_v1.OK);
-
-
-
-procedure _v1.__HAVOC_malloc(obj_size: int) returns (new: int);
- /* free */ requires _v2.INT_GEQ(obj_size, 0);
- modifies _v1.alloc;
- /* free */ ensures new == old(_v1.alloc);
- /* free */ ensures _v2.INT_GT(_v1.alloc, _v2.INT_ADD(new, obj_size));
- /* free */ ensures _v2.Base(new) == new;
- /* free */ ensures _v2.INT_GEQ(new, 0);
- /* free */ ensures _v1.OK ==> old(_v1.OK);
-
-
-
-procedure _v1.__HAVOC_det_malloc(obj_size: int) returns (new: int);
- /* free */ requires _v2.INT_GEQ(obj_size, 0);
- modifies _v1.alloc;
- /* free */ ensures new == old(_v1.alloc);
- /* free */ ensures _v2.INT_GT(_v1.alloc, _v2.INT_ADD(new, obj_size));
- /* free */ ensures _v2.Base(new) == new;
- /* free */ ensures _v1.alloc == _v2.NewAlloc(old(_v1.alloc), obj_size);
- /* free */ ensures _v2.INT_GEQ(new, 0);
- /* free */ ensures _v1.OK ==> old(_v1.OK);
-
-
-
-
-procedure _v1.nondet_choice() returns (x: int);
- /* free */ ensures _v1.OK ==> old(_v1.OK);
-
-
-
-procedure _v1.det_choice() returns (x: int);
- modifies _v1.detChoiceCnt;
- /* free */ ensures _v1.detChoiceCnt == _v2.INT_ADD(old(_v1.detChoiceCnt), 1);
- /* free */ ensures x == _v2.DetChoiceFunc(old(_v1.detChoiceCnt));
- /* free */ ensures _v1.OK ==> old(_v1.OK);
-
-
-
-procedure _v1._strdup(str: int) returns (new: int);
- /* free */ ensures _v1.OK ==> old(_v1.OK);
-
-
-
-procedure _v1._xstrcasecmp(a0: int, a1: int) returns (ret: int);
- /* free */ ensures _v1.OK ==> old(_v1.OK);
-
-
-
-procedure _v1._xstrcmp(a0: int, a1: int) returns (ret: int);
- /* free */ ensures _v1.OK ==> old(_v1.OK);
-
-
-
-procedure _v1.memcpy(a0: int, a1: int, a2: int) returns (ret: int);
- /* free */ ensures _v1.OK ==> old(_v1.OK);
-
-
-
-procedure _v1.encode_ie(buf_.1: int,
- bufsize_.1: int,
- ie_.1: int,
- ielen_.1: int,
- leader_.1: int,
- leader_len_.1: int)
- returns (result.encode_ie$1: int);
- modifies _v1.OK, _v1.Mem_T.UCHAR;
- /* free */ ensures _v1.OK ==> old(_v1.OK);
-
-
-
-procedure _v1.giwscan_cb(se_.1: int) returns (result.giwscan_cb$1: int);
- modifies _v1.alloc, _v1.OK, _v1.Mem_T.UCHAR;
- /* free */ ensures _v1.OK ==> old(_v1.OK);
-
-
-
-procedure _v1.main() returns (result.main$1: int);
- modifies _v1.alloc, _v1.OK, _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v1.Mem_T.UCHAR;
- /* free */ ensures _v1.OK ==> old(_v1.OK);
-
-
-
-procedure _v1.encode_ie_loop_label_14_head(in_bufsize: int, in_i: int, in_ielen: int, in_p: int, in_tempBoogie0: int)
- returns (out_i: int, out_p: int, out_tempBoogie0: int);
- modifies _v1.Mem_T.UCHAR, _v1.OK;
- /* free */ ensures _v1.OK ==> old(_v1.OK);
-
-
-
-implementation _v1.encode_ie(buf_.1: int,
- bufsize_.1: int,
- ie_.1: int,
- ielen_.1: int,
- leader_.1: int,
- leader_len_.1: int)
- returns (result.encode_ie$1: int)
-{
- var {:extern} havoc_stringTemp: int;
- var {:extern} condVal: int;
- var {:extern} buf: int;
- var {:extern} bufsize: int;
- var {:extern} i: int;
- var {:extern} ie: int;
- var {:extern} ielen: int;
- var {:extern} leader: int;
- var {:extern} leader_len: int;
- var {:extern} p: int;
- var {:extern} result.memcpy$2: int;
- var {:extern} $result.question.3.$$static$: int;
- var {:extern} tempBoogie0: int;
- var {:extern} tempBoogie1: int;
- var {:extern} tempBoogie2: int;
- var {:extern} tempBoogie3: int;
- var {:extern} tempBoogie4: int;
- var {:extern} tempBoogie5: int;
- var {:extern} tempBoogie6: int;
- var {:extern} tempBoogie7: int;
- var {:extern} tempBoogie8: int;
- var {:extern} tempBoogie9: int;
- var {:extern} tempBoogie10: int;
- var {:extern} tempBoogie11: int;
- var {:extern} tempBoogie12: int;
- var {:extern} tempBoogie13: int;
- var {:extern} tempBoogie14: int;
- var {:extern} tempBoogie15: int;
- var {:extern} tempBoogie16: int;
- var {:extern} tempBoogie17: int;
- var {:extern} tempBoogie18: int;
- var {:extern} tempBoogie19: int;
- var {:extern} __havoc_dummy_return: int;
-
- anon0#2:
- havoc_stringTemp := 0;
- goto start#2;
-
- start#2:
- assume _v2.INT_LT(buf_.1, _v1.alloc);
- assume _v2.INT_LT(ie_.1, _v1.alloc);
- assume _v2.INT_LT(leader_.1, _v1.alloc);
- buf := 0;
- assume _v2.INT_GEQ(buf_.1, 0);
- bufsize := 0;
- i := 0;
- ie := 0;
- assume _v2.INT_GEQ(ie_.1, 0);
- ielen := 0;
- leader := 0;
- assume _v2.INT_GEQ(leader_.1, 0);
- leader_len := 0;
- p := 0;
- result.encode_ie$1 := 0;
- result.memcpy$2 := 0;
- $result.question.3.$$static$ := 0;
- buf := buf_.1;
- bufsize := bufsize_.1;
- ie := ie_.1;
- ielen := ielen_.1;
- leader := leader_.1;
- leader_len := leader_len_.1;
- goto label_3#2;
-
- label_3#2:
- _v1.OK := _v1.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 9} true;
- goto label_4#2;
-
- label_4#2:
- _v1.OK := _v1.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 10} true;
- goto label_5#2;
-
- label_5#2:
- _v1.OK := _v1.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 13} true;
- goto label_5_true#2, label_5_false#2;
-
- label_5_false#2:
- assume !_v2.INT_LT(bufsize, leader_len);
- assume _v2.value_is(_v1.__ctobpl_const_1, bufsize);
- assume _v2.value_is(_v1.__ctobpl_const_2, leader_len);
- goto label_6#2;
-
- label_6#2:
- _v1.OK := _v1.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 15} true;
- p := buf;
- assume _v2.value_is(_v1.__ctobpl_const_3, p);
- assume _v2.value_is(_v1.__ctobpl_const_4, buf);
- goto label_8#2;
-
- label_8#2:
- _v1.OK := _v1.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 16} true;
- call result.memcpy$2 := _v1.memcpy(p, leader, leader_len);
- assume _v2.value_is(_v1.__ctobpl_const_5, p);
- assume _v2.value_is(_v1.__ctobpl_const_6, leader);
- assume _v2.value_is(_v1.__ctobpl_const_7, leader_len);
- assume _v2.value_is(_v1.__ctobpl_const_8, p);
- assume _v2.value_is(_v1.__ctobpl_const_9, leader);
- assume _v2.value_is(_v1.__ctobpl_const_10, leader_len);
- goto label_11#2;
-
- label_11#2:
- _v1.OK := _v1.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 17} true;
- havoc tempBoogie0;
- assume _v2.INT_MINUS_BOTH_PTR_OR_BOTH_INT(bufsize, leader_len, 1, tempBoogie0);
- bufsize := tempBoogie0;
- assume _v2.value_is(_v1.__ctobpl_const_11, bufsize);
- assume _v2.value_is(_v1.__ctobpl_const_12, leader_len);
- goto label_12#2;
-
- label_12#2:
- _v1.OK := _v1.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 18} true;
- tempBoogie0 := _v2.INT_PLUS(p, 1, leader_len);
- p := tempBoogie0;
- assume _v2.value_is(_v1.__ctobpl_const_13, p);
- assume _v2.value_is(_v1.__ctobpl_const_14, leader_len);
- goto label_13#2;
-
- label_13#2:
- _v1.OK := _v1.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 20} true;
- i := 0;
- assume _v2.value_is(_v1.__ctobpl_const_15, i);
- goto label_14#2;
-
- label_14#2:
- _v1.OK := _v1.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 20} true;
- goto label_14_head#2;
-
- label_14_head#2:
- call i, p, tempBoogie0 := _v1.encode_ie_loop_label_14_head(bufsize, i, ielen, p, tempBoogie0);
- goto label_14_head_last#2;
-
- label_14_head_last#2:
- goto label_14_true#2, label_14_false#2;
-
- label_14_false#2:
- assume !_v2.INT_LT(i, ielen);
- assume _v2.value_is(_v1.__ctobpl_const_16, i);
- assume _v2.value_is(_v1.__ctobpl_const_17, ielen);
- goto label_15#2;
-
- label_14_true#2:
- assume _v2.INT_LT(i, ielen);
- assume _v2.value_is(_v1.__ctobpl_const_16, i);
- assume _v2.value_is(_v1.__ctobpl_const_17, ielen);
- goto label_16#2;
-
- label_16#2:
- _v1.OK := _v1.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 20} true;
- goto label_16_true#2, label_16_false#2;
-
- label_16_false#2:
- assume !_v2.INT_LT(2, bufsize);
- assume _v2.value_is(_v1.__ctobpl_const_20, bufsize);
- goto label_15#2;
-
- label_15#2:
- _v1.OK := _v1.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 38} true;
- goto label_15_true#2, label_15_false#2;
-
- label_15_false#2:
- assume !_v2.INT_EQ(i, ielen);
- assume _v2.value_is(_v1.__ctobpl_const_18, i);
- assume _v2.value_is(_v1.__ctobpl_const_19, ielen);
- goto label_21#2;
-
- label_21#2:
- _v1.OK := _v1.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 38} true;
- $result.question.3.$$static$ := 0;
- assume _v2.value_is(_v1.__ctobpl_const_27, $result.question.3.$$static$);
- goto label_23#2;
-
- label_15_true#2:
- assume _v2.INT_EQ(i, ielen);
- assume _v2.value_is(_v1.__ctobpl_const_18, i);
- assume _v2.value_is(_v1.__ctobpl_const_19, ielen);
- goto label_22#2;
-
- label_22#2:
- _v1.OK := _v1.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 38} true;
- havoc $result.question.3.$$static$;
- assume _v2.INT_MINUS_BOTH_PTR_OR_BOTH_INT(p, buf, 1, $result.question.3.$$static$);
- assume _v2.value_is(_v1.__ctobpl_const_28, $result.question.3.$$static$);
- assume _v2.value_is(_v1.__ctobpl_const_29, p);
- assume _v2.value_is(_v1.__ctobpl_const_30, buf);
- goto label_23#2;
-
- label_23#2:
- _v1.OK := _v1.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 38} true;
- result.encode_ie$1 := $result.question.3.$$static$;
- assume _v2.value_is(_v1.__ctobpl_const_31, $result.question.3.$$static$);
- goto label_1#2;
-
- label_16_true#2:
- assume _v2.INT_LT(2, bufsize);
- assume _v2.value_is(_v1.__ctobpl_const_20, bufsize);
- goto label_17#2;
-
- label_17#2:
- _v1.OK := _v1.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 30} true;
- assume _v2.INT_GEQ(p, 0);
- _v1.OK := _v1.OK && _v2.Res_VALID_REGION(p) == 1;
- assert true;
- _v1.Mem_T.UCHAR := _v1.Mem_T.UCHAR[p := 120];
- assume _v2.value_is(_v1.__ctobpl_const_21, p);
- assume _v2.value_is(_v1.__ctobpl_const_22, _v1.Mem_T.UCHAR[p]);
- goto label_18#2;
-
- label_18#2:
- _v1.OK := _v1.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 32} true;
- assume _v2.INT_GEQ(_v2.INT_PLUS(p, 1, 1), 0);
- _v1.OK := _v1.OK && _v2.Res_VALID_REGION(_v2.INT_PLUS(p, 1, 1)) == 1;
- assert true;
- _v1.Mem_T.UCHAR := _v1.Mem_T.UCHAR[_v2.INT_PLUS(p, 1, 1) := 120];
- assume _v2.value_is(_v1.__ctobpl_const_23, p);
- assume _v2.value_is(_v1.__ctobpl_const_24, _v1.Mem_T.UCHAR[_v2.INT_PLUS(p, 1, 1)]);
- goto label_19#2;
-
- label_19#2:
- _v1.OK := _v1.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 33} true;
- tempBoogie0 := _v2.INT_PLUS(p, 1, 2);
- p := tempBoogie0;
- assume _v2.value_is(_v1.__ctobpl_const_25, p);
- goto label_20#2;
-
- label_20#2:
- _v1.OK := _v1.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 20} true;
- assume _v2.value_is(_v1.__ctobpl_const_26, i);
- i := _v2.INT_PLUS(i, 1, 1);
- goto label_20_dummy#2;
-
- label_20_dummy#2:
- assume false;
- return;
-
- label_5_true#2:
- assume _v2.INT_LT(bufsize, leader_len);
- assume _v2.value_is(_v1.__ctobpl_const_1, bufsize);
- assume _v2.value_is(_v1.__ctobpl_const_2, leader_len);
- goto label_7#2;
-
- label_7#2:
- _v1.OK := _v1.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 14} true;
- result.encode_ie$1 := 0;
- goto label_1#2;
-
- label_1#2:
- _v1.OK := _v1.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 39} true;
- return;
-}
-
-
-
-implementation _v1.giwscan_cb(se_.1: int) returns (result.giwscan_cb$1: int)
-{
- var {:extern} havoc_stringTemp: int;
- var {:extern} condVal: int;
- var {:extern} buf: int;
- var {:extern} $encode_ie.arg.4$3.$$static$: int;
- var {:extern} result.encode_ie$2: int;
- var {:extern} rsn_leader: int;
- var {:extern} se: int;
- var {:extern} tempBoogie0: int;
- var {:extern} tempBoogie1: int;
- var {:extern} tempBoogie2: int;
- var {:extern} tempBoogie3: int;
- var {:extern} tempBoogie4: int;
- var {:extern} tempBoogie5: int;
- var {:extern} tempBoogie6: int;
- var {:extern} tempBoogie7: int;
- var {:extern} tempBoogie8: int;
- var {:extern} tempBoogie9: int;
- var {:extern} tempBoogie10: int;
- var {:extern} tempBoogie11: int;
- var {:extern} tempBoogie12: int;
- var {:extern} tempBoogie13: int;
- var {:extern} tempBoogie14: int;
- var {:extern} tempBoogie15: int;
- var {:extern} tempBoogie16: int;
- var {:extern} tempBoogie17: int;
- var {:extern} tempBoogie18: int;
- var {:extern} tempBoogie19: int;
- var {:extern} __havoc_dummy_return: int;
-
- anon0#2:
- havoc_stringTemp := 0;
- goto start#2;
-
- start#2:
- assume _v2.INT_LT(se_.1, _v1.alloc);
- call buf := _v1.__HAVOC_det_malloc(6);
- $encode_ie.arg.4$3.$$static$ := 0;
- result.encode_ie$2 := 0;
- result.giwscan_cb$1 := 0;
- call rsn_leader := _v1.__HAVOC_det_malloc(1);
- se := 0;
- assume _v2.INT_GEQ(se_.1, 0);
- se := se_.1;
- goto label_3#2;
-
- label_3#2:
- _v1.OK := _v1.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 45} true;
- goto label_4#2;
-
- label_4#2:
- _v1.OK := _v1.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 46} true;
- goto label_5#2;
-
- label_5#2:
- _v1.OK := _v1.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 50} true;
- assume _v2.INT_GEQ(se, 0);
- _v1.OK := _v1.OK && _v2.Res_VALID_REGION(_v2.se_rsn_ie_ieee80211_scan_entry(se)) == 1;
- assert true;
- goto label_5_true#2, label_5_false#2;
-
- label_5_false#2:
- assume _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)]
- == 0;
- assume _v2.value_is(_v1.__ctobpl_const_32, se);
- assume _v2.value_is(_v1.__ctobpl_const_33,
- _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)]);
- goto label_6#2;
-
- label_5_true#2:
- assume _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)]
- != 0;
- assume _v2.value_is(_v1.__ctobpl_const_32, se);
- assume _v2.value_is(_v1.__ctobpl_const_33,
- _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)]);
- goto label_7#2;
-
- label_7#2:
- _v1.OK := _v1.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 51} true;
- assume _v2.INT_GEQ(se, 0);
- _v1.OK := _v1.OK && _v2.Res_VALID_REGION(_v2.se_rsn_ie_ieee80211_scan_entry(se)) == 1;
- assert true;
- assume _v2.INT_GEQ(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)],
- 0);
- _v1.OK := _v1.OK
- && _v2.Res_VALID_REGION(_v2.INT_PLUS(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)],
- 1,
- 0))
- == 1;
- assert true;
- goto label_7_true#2, label_7_false#2;
-
- label_7_false#2:
- assume !_v2.INT_EQ(_v1.Mem_T.UCHAR[_v2.INT_PLUS(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)],
- 1,
- 0)],
- 200);
- assume _v2.value_is(_v1.__ctobpl_const_34, se);
- assume _v2.value_is(_v1.__ctobpl_const_35,
- _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)]);
- assume _v2.value_is(_v1.__ctobpl_const_36,
- _v1.Mem_T.UCHAR[_v2.INT_PLUS(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)],
- 1,
- 0)]);
- goto label_6#2;
-
- label_7_true#2:
- assume _v2.INT_EQ(_v1.Mem_T.UCHAR[_v2.INT_PLUS(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)],
- 1,
- 0)],
- 200);
- assume _v2.value_is(_v1.__ctobpl_const_34, se);
- assume _v2.value_is(_v1.__ctobpl_const_35,
- _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)]);
- assume _v2.value_is(_v1.__ctobpl_const_36,
- _v1.Mem_T.UCHAR[_v2.INT_PLUS(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)],
- 1,
- 0)]);
- goto label_8#2;
-
- label_8#2:
- _v1.OK := _v1.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 53} true;
- assume _v2.INT_GEQ(se, 0);
- _v1.OK := _v1.OK && _v2.Res_VALID_REGION(_v2.se_rsn_ie_ieee80211_scan_entry(se)) == 1;
- assert true;
- assume _v2.INT_GEQ(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)],
- 0);
- _v1.OK := _v1.OK
- && _v2.Res_VALID_REGION(_v2.INT_PLUS(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)],
- 1,
- 1))
- == 1;
- assert true;
- $encode_ie.arg.4$3.$$static$ := _v2.INT_PLUS(_v1.Mem_T.UCHAR[_v2.INT_PLUS(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)],
- 1,
- 1)],
- 1,
- 2);
- assume _v2.value_is(_v1.__ctobpl_const_37, $encode_ie.arg.4$3.$$static$);
- assume _v2.value_is(_v1.__ctobpl_const_38, se);
- assume _v2.value_is(_v1.__ctobpl_const_39,
- _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)]);
- assume _v2.value_is(_v1.__ctobpl_const_40,
- _v1.Mem_T.UCHAR[_v2.INT_PLUS(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)],
- 1,
- 1)]);
- goto label_9#2;
-
- label_9#2:
- _v1.OK := _v1.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 52} true;
- assume _v2.INT_GEQ(se, 0);
- _v1.OK := _v1.OK && _v2.Res_VALID_REGION(_v2.se_rsn_ie_ieee80211_scan_entry(se)) == 1;
- assert true;
- assume _v2.INT_GEQ(se, 0);
- _v1.OK := _v1.OK && _v2.Res_VALID_REGION(_v2.se_rsn_ie_ieee80211_scan_entry(se)) == 1;
- assert true;
- call result.encode_ie$2 := _v1.encode_ie(buf, 6, _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)], $encode_ie.arg.4$3.$$static$, rsn_leader, 1);
- assume _v2.value_is(_v1.__ctobpl_const_41, se);
- assume _v2.value_is(_v1.__ctobpl_const_42,
- _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)]);
- assume _v2.value_is(_v1.__ctobpl_const_43, $encode_ie.arg.4$3.$$static$);
- assume _v2.value_is(_v1.__ctobpl_const_44, se);
- assume _v2.value_is(_v1.__ctobpl_const_45,
- _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)]);
- assume _v2.value_is(_v1.__ctobpl_const_46, $encode_ie.arg.4$3.$$static$);
- goto label_6#2;
-
- label_6#2:
- _v1.OK := _v1.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 57} true;
- result.giwscan_cb$1 := 0;
- goto label_1#2;
-
- label_1#2:
- _v1.OK := _v1.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 58} true;
- call _v1.__HAVOC_free(buf);
- call _v1.__HAVOC_free(rsn_leader);
- return;
-}
-
-
-
-implementation _v1.main() returns (result.main$1: int)
-{
- var {:extern} havoc_stringTemp: int;
- var {:extern} condVal: int;
- var {:extern} ie: int;
- var {:extern} result.giwscan_cb$2: int;
- var {:extern} se: int;
- var {:extern} tempBoogie0: int;
- var {:extern} tempBoogie1: int;
- var {:extern} tempBoogie2: int;
- var {:extern} tempBoogie3: int;
- var {:extern} tempBoogie4: int;
- var {:extern} tempBoogie5: int;
- var {:extern} tempBoogie6: int;
- var {:extern} tempBoogie7: int;
- var {:extern} tempBoogie8: int;
- var {:extern} tempBoogie9: int;
- var {:extern} tempBoogie10: int;
- var {:extern} tempBoogie11: int;
- var {:extern} tempBoogie12: int;
- var {:extern} tempBoogie13: int;
- var {:extern} tempBoogie14: int;
- var {:extern} tempBoogie15: int;
- var {:extern} tempBoogie16: int;
- var {:extern} tempBoogie17: int;
- var {:extern} tempBoogie18: int;
- var {:extern} tempBoogie19: int;
- var {:extern} __havoc_dummy_return: int;
-
- anon0#2:
- havoc_stringTemp := 0;
- goto start#2;
-
- start#2:
- call ie := _v1.__HAVOC_det_malloc(5);
- result.giwscan_cb$2 := 0;
- result.main$1 := 0;
- call se := _v1.__HAVOC_det_malloc(4);
- goto label_3#2;
-
- label_3#2:
- _v1.OK := _v1.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 62} true;
- goto label_4#2;
-
- label_4#2:
- _v1.OK := _v1.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 63} true;
- goto label_5#2;
-
- label_5#2:
- _v1.OK := _v1.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 64} true;
- _v1.OK := _v1.OK && _v2.Res_VALID_REGION(_v2.se_rsn_ie_ieee80211_scan_entry(se)) == 1;
- assert true;
- _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry := _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se) := ie];
- assume _v2.value_is(_v1.__ctobpl_const_47,
- _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)]);
- goto label_6#2;
-
- label_6#2:
- _v1.OK := _v1.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 65} true;
- _v1.OK := _v1.OK && _v2.Res_VALID_REGION(_v2.se_rsn_ie_ieee80211_scan_entry(se)) == 1;
- assert true;
- assume _v2.INT_GEQ(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)],
- 0);
- _v1.OK := _v1.OK
- && _v2.Res_VALID_REGION(_v2.INT_PLUS(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)],
- 1,
- 0))
- == 1;
- assert true;
- _v1.Mem_T.UCHAR := _v1.Mem_T.UCHAR[_v2.INT_PLUS(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)],
- 1,
- 0) := 200];
- assume _v2.value_is(_v1.__ctobpl_const_48,
- _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)]);
- assume _v2.value_is(_v1.__ctobpl_const_49,
- _v1.Mem_T.UCHAR[_v2.INT_PLUS(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)],
- 1,
- 0)]);
- goto label_7#2;
-
- label_7#2:
- _v1.OK := _v1.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 66} true;
- _v1.OK := _v1.OK && _v2.Res_VALID_REGION(_v2.se_rsn_ie_ieee80211_scan_entry(se)) == 1;
- assert true;
- assume _v2.INT_GEQ(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)],
- 0);
- _v1.OK := _v1.OK
- && _v2.Res_VALID_REGION(_v2.INT_PLUS(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)],
- 1,
- 1))
- == 1;
- assert true;
- _v1.Mem_T.UCHAR := _v1.Mem_T.UCHAR[_v2.INT_PLUS(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)],
- 1,
- 1) := 3];
- assume _v2.value_is(_v1.__ctobpl_const_50,
- _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)]);
- assume _v2.value_is(_v1.__ctobpl_const_51,
- _v1.Mem_T.UCHAR[_v2.INT_PLUS(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)],
- 1,
- 1)]);
- goto label_8#2;
-
- label_8#2:
- _v1.OK := _v1.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 68} true;
- assume _v2.INT_GT(se, 0);
- assume _v2.INT_GT(se, 0);
- call result.giwscan_cb$2 := _v1.giwscan_cb(se);
- goto label_11#2;
-
- label_11#2:
- _v1.OK := _v1.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 70} true;
- result.main$1 := 0;
- goto label_1#2;
-
- label_1#2:
- _v1.OK := _v1.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 71} true;
- call _v1.__HAVOC_free(ie);
- call _v1.__HAVOC_free(se);
- return;
-}
-
-
-
-implementation _v1.encode_ie_loop_label_14_head(in_bufsize: int, in_i: int, in_ielen: int, in_p: int, in_tempBoogie0: int)
- returns (out_i: int, out_p: int, out_tempBoogie0: int)
-{
-
- entry#2:
- out_i, out_p, out_tempBoogie0 := in_i, in_p, in_tempBoogie0;
- goto label_14_head#2;
-
- label_14_head#2:
- goto label_14_true#2, label_14_false#2;
-
- label_14_false#2:
- assume !_v2.INT_LT(out_i, in_ielen);
- assume _v2.value_is(_v1.__ctobpl_const_16, out_i);
- assume _v2.value_is(_v1.__ctobpl_const_17, in_ielen);
- out_i, out_p, out_tempBoogie0 := in_i, in_p, in_tempBoogie0;
- _v1.Mem_T.UCHAR := old(_v1.Mem_T.UCHAR);
- return;
-
- label_14_true#2:
- assume _v2.INT_LT(out_i, in_ielen);
- assume _v2.value_is(_v1.__ctobpl_const_16, out_i);
- assume _v2.value_is(_v1.__ctobpl_const_17, in_ielen);
- goto label_16#2;
-
- label_16#2:
- _v1.OK := _v1.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 20} true;
- goto label_16_true#2, label_16_false#2;
-
- label_16_false#2:
- assume !_v2.INT_LT(2, in_bufsize);
- assume _v2.value_is(_v1.__ctobpl_const_20, in_bufsize);
- out_i, out_p, out_tempBoogie0 := in_i, in_p, in_tempBoogie0;
- _v1.Mem_T.UCHAR := old(_v1.Mem_T.UCHAR);
- return;
-
- label_16_true#2:
- assume _v2.INT_LT(2, in_bufsize);
- assume _v2.value_is(_v1.__ctobpl_const_20, in_bufsize);
- goto label_17#2;
-
- label_17#2:
- _v1.OK := _v1.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 30} true;
- assume _v2.INT_GEQ(out_p, 0);
- _v1.OK := _v1.OK && _v2.Res_VALID_REGION(out_p) == 1;
- assert true;
- _v1.Mem_T.UCHAR := _v1.Mem_T.UCHAR[out_p := 120];
- assume _v2.value_is(_v1.__ctobpl_const_21, out_p);
- assume _v2.value_is(_v1.__ctobpl_const_22, _v1.Mem_T.UCHAR[out_p]);
- goto label_18#2;
-
- label_18#2:
- _v1.OK := _v1.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 32} true;
- assume _v2.INT_GEQ(_v2.INT_PLUS(out_p, 1, 1), 0);
- _v1.OK := _v1.OK && _v2.Res_VALID_REGION(_v2.INT_PLUS(out_p, 1, 1)) == 1;
- assert true;
- _v1.Mem_T.UCHAR := _v1.Mem_T.UCHAR[_v2.INT_PLUS(out_p, 1, 1) := 120];
- assume _v2.value_is(_v1.__ctobpl_const_23, out_p);
- assume _v2.value_is(_v1.__ctobpl_const_24, _v1.Mem_T.UCHAR[_v2.INT_PLUS(out_p, 1, 1)]);
- goto label_19#2;
-
- label_19#2:
- _v1.OK := _v1.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 33} true;
- out_tempBoogie0 := _v2.INT_PLUS(out_p, 1, 2);
- out_p := out_tempBoogie0;
- assume _v2.value_is(_v1.__ctobpl_const_25, out_p);
- goto label_20#2;
-
- label_20#2:
- _v1.OK := _v1.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 20} true;
- assume _v2.value_is(_v1.__ctobpl_const_26, out_i);
- out_i := _v2.INT_PLUS(out_i, 1, 1);
- goto label_20_dummy#2;
-
- label_20_dummy#2:
- call out_i, out_p, out_tempBoogie0 := _v1.encode_ie_loop_label_14_head(in_bufsize, out_i, in_ielen, out_p, out_tempBoogie0);
- return;
-}
-
-
-
-type {:extern} name;
-
-type {:extern} byte;
-
-function {:inline true} MS$_v1.havoc_assert$_v2.havoc_assert(_v1.i: int,
- _v1.OK_old: bool,
- _v1.Mem_old: [name][int]int,
- _v1.alloc_old: int,
- _v1.Mem_T.A1CHAR_old: [int]int,
- _v1.Mem_T.A5UCHAR_old: [int]int,
- _v1.Mem_T.A6UCHAR_old: [int]int,
- _v1.Mem_T.CHAR_old: [int]int,
- _v1.Mem_T.INT4_old: [int]int,
- _v1.Mem_T.PCHAR_old: [int]int,
- _v1.Mem_T.PUCHAR_old: [int]int,
- _v1.Mem_T.PVOID_old: [int]int,
- _v1.Mem_T.Pieee80211_scan_entry_old: [int]int,
- _v1.Mem_T.UCHAR_old: [int]int,
- _v1.Mem_T.VOID_old: [int]int,
- _v1.Mem_T.ieee80211_scan_entry_old: [int]int,
- _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry_old: [int]int,
- _v1.detChoiceCnt_old: int,
- _v1.Res_KERNEL_SOURCE_old: [int]int,
- _v1.Res_PROBED_old: [int]int,
- _v2.i: int,
- _v2.OK_old: bool,
- _v2.Mem_old: [name][int]int,
- _v2.alloc_old: int,
- _v2.Mem_T.A1CHAR_old: [int]int,
- _v2.Mem_T.A5UCHAR_old: [int]int,
- _v2.Mem_T.A6UCHAR_old: [int]int,
- _v2.Mem_T.CHAR_old: [int]int,
- _v2.Mem_T.INT4_old: [int]int,
- _v2.Mem_T.PCHAR_old: [int]int,
- _v2.Mem_T.PUCHAR_old: [int]int,
- _v2.Mem_T.PVOID_old: [int]int,
- _v2.Mem_T.Pieee80211_scan_entry_old: [int]int,
- _v2.Mem_T.UCHAR_old: [int]int,
- _v2.Mem_T.VOID_old: [int]int,
- _v2.Mem_T.ieee80211_scan_entry_old: [int]int,
- _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry_old: [int]int,
- _v2.detChoiceCnt_old: int,
- _v2.Res_KERNEL_SOURCE_old: [int]int,
- _v2.Res_PROBED_old: [int]int)
- : bool
-{
- true
-}
-
-procedure MS_Check__v1.havoc_assert___v2.havoc_assert(_v1.i: int, _v2.i: int);
- requires _v1.i == _v2.i
- &&
- (_v1.OK <==> _v2.OK)
- && _v1.Mem == _v2.Mem
- && _v1.alloc == _v2.alloc
- && _v1.Mem_T.A1CHAR == _v2.Mem_T.A1CHAR
- && _v1.Mem_T.A5UCHAR == _v2.Mem_T.A5UCHAR
- && _v1.Mem_T.A6UCHAR == _v2.Mem_T.A6UCHAR
- && _v1.Mem_T.CHAR == _v2.Mem_T.CHAR
- && _v1.Mem_T.INT4 == _v2.Mem_T.INT4
- && _v1.Mem_T.PCHAR == _v2.Mem_T.PCHAR
- && _v1.Mem_T.PUCHAR == _v2.Mem_T.PUCHAR
- && _v1.Mem_T.PVOID == _v2.Mem_T.PVOID
- && _v1.Mem_T.Pieee80211_scan_entry == _v2.Mem_T.Pieee80211_scan_entry
- && _v1.Mem_T.UCHAR == _v2.Mem_T.UCHAR
- && _v1.Mem_T.VOID == _v2.Mem_T.VOID
- && _v1.Mem_T.ieee80211_scan_entry == _v2.Mem_T.ieee80211_scan_entry
- && _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry
- == _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry
- && _v1.detChoiceCnt == _v2.detChoiceCnt
- && _v1.Res_KERNEL_SOURCE == _v2.Res_KERNEL_SOURCE
- && _v1.Res_PROBED == _v2.Res_PROBED;
- ensures MS$_v1.havoc_assert$_v2.havoc_assert(_v1.i,
- old(_v1.OK),
- old(_v1.Mem),
- old(_v1.alloc),
- old(_v1.Mem_T.A1CHAR),
- old(_v1.Mem_T.A5UCHAR),
- old(_v1.Mem_T.A6UCHAR),
- old(_v1.Mem_T.CHAR),
- old(_v1.Mem_T.INT4),
- old(_v1.Mem_T.PCHAR),
- old(_v1.Mem_T.PUCHAR),
- old(_v1.Mem_T.PVOID),
- old(_v1.Mem_T.Pieee80211_scan_entry),
- old(_v1.Mem_T.UCHAR),
- old(_v1.Mem_T.VOID),
- old(_v1.Mem_T.ieee80211_scan_entry),
- old(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry),
- old(_v1.detChoiceCnt),
- old(_v1.Res_KERNEL_SOURCE),
- old(_v1.Res_PROBED),
- _v2.i,
- old(_v2.OK),
- old(_v2.Mem),
- old(_v2.alloc),
- old(_v2.Mem_T.A1CHAR),
- old(_v2.Mem_T.A5UCHAR),
- old(_v2.Mem_T.A6UCHAR),
- old(_v2.Mem_T.CHAR),
- old(_v2.Mem_T.INT4),
- old(_v2.Mem_T.PCHAR),
- old(_v2.Mem_T.PUCHAR),
- old(_v2.Mem_T.PVOID),
- old(_v2.Mem_T.Pieee80211_scan_entry),
- old(_v2.Mem_T.UCHAR),
- old(_v2.Mem_T.VOID),
- old(_v2.Mem_T.ieee80211_scan_entry),
- old(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry),
- old(_v2.detChoiceCnt),
- old(_v2.Res_KERNEL_SOURCE),
- old(_v2.Res_PROBED));
- ensures _v1.OK ==> _v2.OK;
-
-
-
-function {:inline true} MS$_v1.havoc_assume$_v2.havoc_assume(_v1.i: int,
- _v1.OK_old: bool,
- _v1.Mem_old: [name][int]int,
- _v1.alloc_old: int,
- _v1.Mem_T.A1CHAR_old: [int]int,
- _v1.Mem_T.A5UCHAR_old: [int]int,
- _v1.Mem_T.A6UCHAR_old: [int]int,
- _v1.Mem_T.CHAR_old: [int]int,
- _v1.Mem_T.INT4_old: [int]int,
- _v1.Mem_T.PCHAR_old: [int]int,
- _v1.Mem_T.PUCHAR_old: [int]int,
- _v1.Mem_T.PVOID_old: [int]int,
- _v1.Mem_T.Pieee80211_scan_entry_old: [int]int,
- _v1.Mem_T.UCHAR_old: [int]int,
- _v1.Mem_T.VOID_old: [int]int,
- _v1.Mem_T.ieee80211_scan_entry_old: [int]int,
- _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry_old: [int]int,
- _v1.detChoiceCnt_old: int,
- _v1.Res_KERNEL_SOURCE_old: [int]int,
- _v1.Res_PROBED_old: [int]int,
- _v2.i: int,
- _v2.OK_old: bool,
- _v2.Mem_old: [name][int]int,
- _v2.alloc_old: int,
- _v2.Mem_T.A1CHAR_old: [int]int,
- _v2.Mem_T.A5UCHAR_old: [int]int,
- _v2.Mem_T.A6UCHAR_old: [int]int,
- _v2.Mem_T.CHAR_old: [int]int,
- _v2.Mem_T.INT4_old: [int]int,
- _v2.Mem_T.PCHAR_old: [int]int,
- _v2.Mem_T.PUCHAR_old: [int]int,
- _v2.Mem_T.PVOID_old: [int]int,
- _v2.Mem_T.Pieee80211_scan_entry_old: [int]int,
- _v2.Mem_T.UCHAR_old: [int]int,
- _v2.Mem_T.VOID_old: [int]int,
- _v2.Mem_T.ieee80211_scan_entry_old: [int]int,
- _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry_old: [int]int,
- _v2.detChoiceCnt_old: int,
- _v2.Res_KERNEL_SOURCE_old: [int]int,
- _v2.Res_PROBED_old: [int]int)
- : bool
-{
- true
-}
-
-procedure MS_Check__v1.havoc_assume___v2.havoc_assume(_v1.i: int, _v2.i: int);
- requires _v1.i == _v2.i
- &&
- (_v1.OK <==> _v2.OK)
- && _v1.Mem == _v2.Mem
- && _v1.alloc == _v2.alloc
- && _v1.Mem_T.A1CHAR == _v2.Mem_T.A1CHAR
- && _v1.Mem_T.A5UCHAR == _v2.Mem_T.A5UCHAR
- && _v1.Mem_T.A6UCHAR == _v2.Mem_T.A6UCHAR
- && _v1.Mem_T.CHAR == _v2.Mem_T.CHAR
- && _v1.Mem_T.INT4 == _v2.Mem_T.INT4
- && _v1.Mem_T.PCHAR == _v2.Mem_T.PCHAR
- && _v1.Mem_T.PUCHAR == _v2.Mem_T.PUCHAR
- && _v1.Mem_T.PVOID == _v2.Mem_T.PVOID
- && _v1.Mem_T.Pieee80211_scan_entry == _v2.Mem_T.Pieee80211_scan_entry
- && _v1.Mem_T.UCHAR == _v2.Mem_T.UCHAR
- && _v1.Mem_T.VOID == _v2.Mem_T.VOID
- && _v1.Mem_T.ieee80211_scan_entry == _v2.Mem_T.ieee80211_scan_entry
- && _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry
- == _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry
- && _v1.detChoiceCnt == _v2.detChoiceCnt
- && _v1.Res_KERNEL_SOURCE == _v2.Res_KERNEL_SOURCE
- && _v1.Res_PROBED == _v2.Res_PROBED;
- ensures MS$_v1.havoc_assume$_v2.havoc_assume(_v1.i,
- old(_v1.OK),
- old(_v1.Mem),
- old(_v1.alloc),
- old(_v1.Mem_T.A1CHAR),
- old(_v1.Mem_T.A5UCHAR),
- old(_v1.Mem_T.A6UCHAR),
- old(_v1.Mem_T.CHAR),
- old(_v1.Mem_T.INT4),
- old(_v1.Mem_T.PCHAR),
- old(_v1.Mem_T.PUCHAR),
- old(_v1.Mem_T.PVOID),
- old(_v1.Mem_T.Pieee80211_scan_entry),
- old(_v1.Mem_T.UCHAR),
- old(_v1.Mem_T.VOID),
- old(_v1.Mem_T.ieee80211_scan_entry),
- old(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry),
- old(_v1.detChoiceCnt),
- old(_v1.Res_KERNEL_SOURCE),
- old(_v1.Res_PROBED),
- _v2.i,
- old(_v2.OK),
- old(_v2.Mem),
- old(_v2.alloc),
- old(_v2.Mem_T.A1CHAR),
- old(_v2.Mem_T.A5UCHAR),
- old(_v2.Mem_T.A6UCHAR),
- old(_v2.Mem_T.CHAR),
- old(_v2.Mem_T.INT4),
- old(_v2.Mem_T.PCHAR),
- old(_v2.Mem_T.PUCHAR),
- old(_v2.Mem_T.PVOID),
- old(_v2.Mem_T.Pieee80211_scan_entry),
- old(_v2.Mem_T.UCHAR),
- old(_v2.Mem_T.VOID),
- old(_v2.Mem_T.ieee80211_scan_entry),
- old(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry),
- old(_v2.detChoiceCnt),
- old(_v2.Res_KERNEL_SOURCE),
- old(_v2.Res_PROBED));
- ensures _v1.OK ==> _v2.OK;
-
-
-
-function {:inline true} MS$_v1.__HAVOC_free$_v2.__HAVOC_free(_v1.a: int,
- _v1.OK_old: bool,
- _v1.Mem_old: [name][int]int,
- _v1.alloc_old: int,
- _v1.Mem_T.A1CHAR_old: [int]int,
- _v1.Mem_T.A5UCHAR_old: [int]int,
- _v1.Mem_T.A6UCHAR_old: [int]int,
- _v1.Mem_T.CHAR_old: [int]int,
- _v1.Mem_T.INT4_old: [int]int,
- _v1.Mem_T.PCHAR_old: [int]int,
- _v1.Mem_T.PUCHAR_old: [int]int,
- _v1.Mem_T.PVOID_old: [int]int,
- _v1.Mem_T.Pieee80211_scan_entry_old: [int]int,
- _v1.Mem_T.UCHAR_old: [int]int,
- _v1.Mem_T.VOID_old: [int]int,
- _v1.Mem_T.ieee80211_scan_entry_old: [int]int,
- _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry_old: [int]int,
- _v1.detChoiceCnt_old: int,
- _v1.Res_KERNEL_SOURCE_old: [int]int,
- _v1.Res_PROBED_old: [int]int,
- _v2.a: int,
- _v2.OK_old: bool,
- _v2.Mem_old: [name][int]int,
- _v2.alloc_old: int,
- _v2.Mem_T.A1CHAR_old: [int]int,
- _v2.Mem_T.A5UCHAR_old: [int]int,
- _v2.Mem_T.A6UCHAR_old: [int]int,
- _v2.Mem_T.CHAR_old: [int]int,
- _v2.Mem_T.INT4_old: [int]int,
- _v2.Mem_T.PCHAR_old: [int]int,
- _v2.Mem_T.PUCHAR_old: [int]int,
- _v2.Mem_T.PVOID_old: [int]int,
- _v2.Mem_T.Pieee80211_scan_entry_old: [int]int,
- _v2.Mem_T.UCHAR_old: [int]int,
- _v2.Mem_T.VOID_old: [int]int,
- _v2.Mem_T.ieee80211_scan_entry_old: [int]int,
- _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry_old: [int]int,
- _v2.detChoiceCnt_old: int,
- _v2.Res_KERNEL_SOURCE_old: [int]int,
- _v2.Res_PROBED_old: [int]int)
- : bool
-{
- true
-}
-
-const {:existential true} _houdini_0: bool;
-
-const {:existential true} _houdini_1: bool;
-
-const {:existential true} _houdini_2: bool;
-
-const {:existential true} _houdini_3: bool;
-
-const {:existential true} _houdini_4: bool;
-
-const {:existential true} _houdini_5: bool;
-
-const {:existential true} _houdini_6: bool;
-
-const {:existential true} _houdini_7: bool;
-
-const {:existential true} _houdini_8: bool;
-
-const {:existential true} _houdini_9: bool;
-
-const {:existential true} _houdini_10: bool;
-
-const {:existential true} _houdini_11: bool;
-
-const {:existential true} _houdini_12: bool;
-
-const {:existential true} _houdini_13: bool;
-
-const {:existential true} _houdini_14: bool;
-
-const {:existential true} _houdini_15: bool;
-
-const {:existential true} _houdini_16: bool;
-
-const {:existential true} _houdini_17: bool;
-
-const {:existential true} _houdini_18: bool;
-
-const {:existential true} _houdini_19: bool;
-
-const {:existential true} _houdini_20: bool;
-
-const {:existential true} _houdini_21: bool;
-
-const {:existential true} _houdini_22: bool;
-
-const {:existential true} _houdini_23: bool;
-
-procedure MS_Check__v1.__HAVOC_free___v2.__HAVOC_free(_v1.a: int, _v2.a: int);
- requires _houdini_0 ==> _v1.a <= _v2.a;
- requires _houdini_1 ==> _v2.a <= _v1.a;
- requires _houdini_2 ==> _v1.OK ==> _v2.OK;
- requires _houdini_3 ==> _v2.OK ==> _v1.OK;
- requires _houdini_4 ==> _v1.Mem == _v2.Mem;
- requires _houdini_5 ==> _v1.alloc <= _v2.alloc;
- requires _houdini_6 ==> _v2.alloc <= _v1.alloc;
- requires _houdini_7 ==> _v1.Mem_T.A1CHAR == _v2.Mem_T.A1CHAR;
- requires _houdini_8 ==> _v1.Mem_T.A5UCHAR == _v2.Mem_T.A5UCHAR;
- requires _houdini_9 ==> _v1.Mem_T.A6UCHAR == _v2.Mem_T.A6UCHAR;
- requires _houdini_10 ==> _v1.Mem_T.CHAR == _v2.Mem_T.CHAR;
- requires _houdini_11 ==> _v1.Mem_T.INT4 == _v2.Mem_T.INT4;
- requires _houdini_12 ==> _v1.Mem_T.PCHAR == _v2.Mem_T.PCHAR;
- requires _houdini_13 ==> _v1.Mem_T.PUCHAR == _v2.Mem_T.PUCHAR;
- requires _houdini_14 ==> _v1.Mem_T.PVOID == _v2.Mem_T.PVOID;
- requires _houdini_15
- ==> _v1.Mem_T.Pieee80211_scan_entry == _v2.Mem_T.Pieee80211_scan_entry;
- requires _houdini_16 ==> _v1.Mem_T.UCHAR == _v2.Mem_T.UCHAR;
- requires _houdini_17 ==> _v1.Mem_T.VOID == _v2.Mem_T.VOID;
- requires _houdini_18 ==> _v1.Mem_T.ieee80211_scan_entry == _v2.Mem_T.ieee80211_scan_entry;
- requires _houdini_19
- ==> _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry
- == _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry;
- requires _houdini_20 ==> _v1.detChoiceCnt <= _v2.detChoiceCnt;
- requires _houdini_21 ==> _v2.detChoiceCnt <= _v1.detChoiceCnt;
- requires _houdini_22 ==> _v1.Res_KERNEL_SOURCE == _v2.Res_KERNEL_SOURCE;
- requires _houdini_23 ==> _v1.Res_PROBED == _v2.Res_PROBED;
- ensures MS$_v1.__HAVOC_free$_v2.__HAVOC_free(_v1.a,
- old(_v1.OK),
- old(_v1.Mem),
- old(_v1.alloc),
- old(_v1.Mem_T.A1CHAR),
- old(_v1.Mem_T.A5UCHAR),
- old(_v1.Mem_T.A6UCHAR),
- old(_v1.Mem_T.CHAR),
- old(_v1.Mem_T.INT4),
- old(_v1.Mem_T.PCHAR),
- old(_v1.Mem_T.PUCHAR),
- old(_v1.Mem_T.PVOID),
- old(_v1.Mem_T.Pieee80211_scan_entry),
- old(_v1.Mem_T.UCHAR),
- old(_v1.Mem_T.VOID),
- old(_v1.Mem_T.ieee80211_scan_entry),
- old(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry),
- old(_v1.detChoiceCnt),
- old(_v1.Res_KERNEL_SOURCE),
- old(_v1.Res_PROBED),
- _v2.a,
- old(_v2.OK),
- old(_v2.Mem),
- old(_v2.alloc),
- old(_v2.Mem_T.A1CHAR),
- old(_v2.Mem_T.A5UCHAR),
- old(_v2.Mem_T.A6UCHAR),
- old(_v2.Mem_T.CHAR),
- old(_v2.Mem_T.INT4),
- old(_v2.Mem_T.PCHAR),
- old(_v2.Mem_T.PUCHAR),
- old(_v2.Mem_T.PVOID),
- old(_v2.Mem_T.Pieee80211_scan_entry),
- old(_v2.Mem_T.UCHAR),
- old(_v2.Mem_T.VOID),
- old(_v2.Mem_T.ieee80211_scan_entry),
- old(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry),
- old(_v2.detChoiceCnt),
- old(_v2.Res_KERNEL_SOURCE),
- old(_v2.Res_PROBED));
- ensures old(_v1.a == _v2.a) ==> true;
-
-
-
-function {:inline true} MS$_v1.__HAVOC_malloc$_v2.__HAVOC_malloc(_v1.obj_size: int,
- _v1.OK_old: bool,
- _v1.Mem_old: [name][int]int,
- _v1.alloc_old: int,
- _v1.Mem_T.A1CHAR_old: [int]int,
- _v1.Mem_T.A5UCHAR_old: [int]int,
- _v1.Mem_T.A6UCHAR_old: [int]int,
- _v1.Mem_T.CHAR_old: [int]int,
- _v1.Mem_T.INT4_old: [int]int,
- _v1.Mem_T.PCHAR_old: [int]int,
- _v1.Mem_T.PUCHAR_old: [int]int,
- _v1.Mem_T.PVOID_old: [int]int,
- _v1.Mem_T.Pieee80211_scan_entry_old: [int]int,
- _v1.Mem_T.UCHAR_old: [int]int,
- _v1.Mem_T.VOID_old: [int]int,
- _v1.Mem_T.ieee80211_scan_entry_old: [int]int,
- _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry_old: [int]int,
- _v1.detChoiceCnt_old: int,
- _v1.Res_KERNEL_SOURCE_old: [int]int,
- _v1.Res_PROBED_old: [int]int,
- _v1.alloc_: int,
- _v1.new: int,
- _v2.obj_size: int,
- _v2.OK_old: bool,
- _v2.Mem_old: [name][int]int,
- _v2.alloc_old: int,
- _v2.Mem_T.A1CHAR_old: [int]int,
- _v2.Mem_T.A5UCHAR_old: [int]int,
- _v2.Mem_T.A6UCHAR_old: [int]int,
- _v2.Mem_T.CHAR_old: [int]int,
- _v2.Mem_T.INT4_old: [int]int,
- _v2.Mem_T.PCHAR_old: [int]int,
- _v2.Mem_T.PUCHAR_old: [int]int,
- _v2.Mem_T.PVOID_old: [int]int,
- _v2.Mem_T.Pieee80211_scan_entry_old: [int]int,
- _v2.Mem_T.UCHAR_old: [int]int,
- _v2.Mem_T.VOID_old: [int]int,
- _v2.Mem_T.ieee80211_scan_entry_old: [int]int,
- _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry_old: [int]int,
- _v2.detChoiceCnt_old: int,
- _v2.Res_KERNEL_SOURCE_old: [int]int,
- _v2.Res_PROBED_old: [int]int,
- _v2.alloc_: int,
- _v2.new: int)
- : bool
-{
- true
-}
-
-procedure MS_Check__v1.__HAVOC_malloc___v2.__HAVOC_malloc(_v1.obj_size: int, _v2.obj_size: int) returns (_v1.new: int, _v2.new: int);
- requires _v1.obj_size == _v2.obj_size
- &&
- (_v1.OK <==> _v2.OK)
- && _v1.Mem == _v2.Mem
- && _v1.alloc == _v2.alloc
- && _v1.Mem_T.A1CHAR == _v2.Mem_T.A1CHAR
- && _v1.Mem_T.A5UCHAR == _v2.Mem_T.A5UCHAR
- && _v1.Mem_T.A6UCHAR == _v2.Mem_T.A6UCHAR
- && _v1.Mem_T.CHAR == _v2.Mem_T.CHAR
- && _v1.Mem_T.INT4 == _v2.Mem_T.INT4
- && _v1.Mem_T.PCHAR == _v2.Mem_T.PCHAR
- && _v1.Mem_T.PUCHAR == _v2.Mem_T.PUCHAR
- && _v1.Mem_T.PVOID == _v2.Mem_T.PVOID
- && _v1.Mem_T.Pieee80211_scan_entry == _v2.Mem_T.Pieee80211_scan_entry
- && _v1.Mem_T.UCHAR == _v2.Mem_T.UCHAR
- && _v1.Mem_T.VOID == _v2.Mem_T.VOID
- && _v1.Mem_T.ieee80211_scan_entry == _v2.Mem_T.ieee80211_scan_entry
- && _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry
- == _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry
- && _v1.detChoiceCnt == _v2.detChoiceCnt
- && _v1.Res_KERNEL_SOURCE == _v2.Res_KERNEL_SOURCE
- && _v1.Res_PROBED == _v2.Res_PROBED;
- modifies _v1.alloc, _v2.alloc;
- ensures MS$_v1.__HAVOC_malloc$_v2.__HAVOC_malloc(_v1.obj_size,
- old(_v1.OK),
- old(_v1.Mem),
- old(_v1.alloc),
- old(_v1.Mem_T.A1CHAR),
- old(_v1.Mem_T.A5UCHAR),
- old(_v1.Mem_T.A6UCHAR),
- old(_v1.Mem_T.CHAR),
- old(_v1.Mem_T.INT4),
- old(_v1.Mem_T.PCHAR),
- old(_v1.Mem_T.PUCHAR),
- old(_v1.Mem_T.PVOID),
- old(_v1.Mem_T.Pieee80211_scan_entry),
- old(_v1.Mem_T.UCHAR),
- old(_v1.Mem_T.VOID),
- old(_v1.Mem_T.ieee80211_scan_entry),
- old(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry),
- old(_v1.detChoiceCnt),
- old(_v1.Res_KERNEL_SOURCE),
- old(_v1.Res_PROBED),
- _v1.alloc,
- _v1.new,
- _v2.obj_size,
- old(_v2.OK),
- old(_v2.Mem),
- old(_v2.alloc),
- old(_v2.Mem_T.A1CHAR),
- old(_v2.Mem_T.A5UCHAR),
- old(_v2.Mem_T.A6UCHAR),
- old(_v2.Mem_T.CHAR),
- old(_v2.Mem_T.INT4),
- old(_v2.Mem_T.PCHAR),
- old(_v2.Mem_T.PUCHAR),
- old(_v2.Mem_T.PVOID),
- old(_v2.Mem_T.Pieee80211_scan_entry),
- old(_v2.Mem_T.UCHAR),
- old(_v2.Mem_T.VOID),
- old(_v2.Mem_T.ieee80211_scan_entry),
- old(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry),
- old(_v2.detChoiceCnt),
- old(_v2.Res_KERNEL_SOURCE),
- old(_v2.Res_PROBED),
- _v2.alloc,
- _v2.new);
- ensures _v1.OK ==> _v2.OK;
-
-
-
-function {:inline true} MS$_v1.__HAVOC_det_malloc$_v2.__HAVOC_det_malloc(_v1.obj_size: int,
- _v1.OK_old: bool,
- _v1.Mem_old: [name][int]int,
- _v1.alloc_old: int,
- _v1.Mem_T.A1CHAR_old: [int]int,
- _v1.Mem_T.A5UCHAR_old: [int]int,
- _v1.Mem_T.A6UCHAR_old: [int]int,
- _v1.Mem_T.CHAR_old: [int]int,
- _v1.Mem_T.INT4_old: [int]int,
- _v1.Mem_T.PCHAR_old: [int]int,
- _v1.Mem_T.PUCHAR_old: [int]int,
- _v1.Mem_T.PVOID_old: [int]int,
- _v1.Mem_T.Pieee80211_scan_entry_old: [int]int,
- _v1.Mem_T.UCHAR_old: [int]int,
- _v1.Mem_T.VOID_old: [int]int,
- _v1.Mem_T.ieee80211_scan_entry_old: [int]int,
- _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry_old: [int]int,
- _v1.detChoiceCnt_old: int,
- _v1.Res_KERNEL_SOURCE_old: [int]int,
- _v1.Res_PROBED_old: [int]int,
- _v1.alloc_: int,
- _v1.new: int,
- _v2.obj_size: int,
- _v2.OK_old: bool,
- _v2.Mem_old: [name][int]int,
- _v2.alloc_old: int,
- _v2.Mem_T.A1CHAR_old: [int]int,
- _v2.Mem_T.A5UCHAR_old: [int]int,
- _v2.Mem_T.A6UCHAR_old: [int]int,
- _v2.Mem_T.CHAR_old: [int]int,
- _v2.Mem_T.INT4_old: [int]int,
- _v2.Mem_T.PCHAR_old: [int]int,
- _v2.Mem_T.PUCHAR_old: [int]int,
- _v2.Mem_T.PVOID_old: [int]int,
- _v2.Mem_T.Pieee80211_scan_entry_old: [int]int,
- _v2.Mem_T.UCHAR_old: [int]int,
- _v2.Mem_T.VOID_old: [int]int,
- _v2.Mem_T.ieee80211_scan_entry_old: [int]int,
- _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry_old: [int]int,
- _v2.detChoiceCnt_old: int,
- _v2.Res_KERNEL_SOURCE_old: [int]int,
- _v2.Res_PROBED_old: [int]int,
- _v2.alloc_: int,
- _v2.new: int)
- : bool
-{
- true
-}
-
-const {:existential true} _houdini_24: bool;
-
-const {:existential true} _houdini_25: bool;
-
-const {:existential true} _houdini_26: bool;
-
-const {:existential true} _houdini_27: bool;
-
-const {:existential true} _houdini_28: bool;
-
-const {:existential true} _houdini_29: bool;
-
-const {:existential true} _houdini_30: bool;
-
-const {:existential true} _houdini_31: bool;
-
-const {:existential true} _houdini_32: bool;
-
-const {:existential true} _houdini_33: bool;
-
-const {:existential true} _houdini_34: bool;
-
-const {:existential true} _houdini_35: bool;
-
-const {:existential true} _houdini_36: bool;
-
-const {:existential true} _houdini_37: bool;
-
-const {:existential true} _houdini_38: bool;
-
-const {:existential true} _houdini_39: bool;
-
-const {:existential true} _houdini_40: bool;
-
-const {:existential true} _houdini_41: bool;
-
-const {:existential true} _houdini_42: bool;
-
-const {:existential true} _houdini_43: bool;
-
-const {:existential true} _houdini_44: bool;
-
-const {:existential true} _houdini_45: bool;
-
-const {:existential true} _houdini_46: bool;
-
-const {:existential true} _houdini_47: bool;
-
-procedure MS_Check__v1.__HAVOC_det_malloc___v2.__HAVOC_det_malloc(_v1.obj_size: int, _v2.obj_size: int) returns (_v1.new: int, _v2.new: int);
- requires _houdini_24 ==> _v1.obj_size <= _v2.obj_size;
- requires _houdini_25 ==> _v2.obj_size <= _v1.obj_size;
- requires _houdini_26 ==> _v1.OK ==> _v2.OK;
- requires _houdini_27 ==> _v2.OK ==> _v1.OK;
- requires _houdini_28 ==> _v1.Mem == _v2.Mem;
- requires _houdini_29 ==> _v1.alloc <= _v2.alloc;
- requires _houdini_30 ==> _v2.alloc <= _v1.alloc;
- requires _houdini_31 ==> _v1.Mem_T.A1CHAR == _v2.Mem_T.A1CHAR;
- requires _houdini_32 ==> _v1.Mem_T.A5UCHAR == _v2.Mem_T.A5UCHAR;
- requires _houdini_33 ==> _v1.Mem_T.A6UCHAR == _v2.Mem_T.A6UCHAR;
- requires _houdini_34 ==> _v1.Mem_T.CHAR == _v2.Mem_T.CHAR;
- requires _houdini_35 ==> _v1.Mem_T.INT4 == _v2.Mem_T.INT4;
- requires _houdini_36 ==> _v1.Mem_T.PCHAR == _v2.Mem_T.PCHAR;
- requires _houdini_37 ==> _v1.Mem_T.PUCHAR == _v2.Mem_T.PUCHAR;
- requires _houdini_38 ==> _v1.Mem_T.PVOID == _v2.Mem_T.PVOID;
- requires _houdini_39
- ==> _v1.Mem_T.Pieee80211_scan_entry == _v2.Mem_T.Pieee80211_scan_entry;
- requires _houdini_40 ==> _v1.Mem_T.UCHAR == _v2.Mem_T.UCHAR;
- requires _houdini_41 ==> _v1.Mem_T.VOID == _v2.Mem_T.VOID;
- requires _houdini_42 ==> _v1.Mem_T.ieee80211_scan_entry == _v2.Mem_T.ieee80211_scan_entry;
- requires _houdini_43
- ==> _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry
- == _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry;
- requires _houdini_44 ==> _v1.detChoiceCnt <= _v2.detChoiceCnt;
- requires _houdini_45 ==> _v2.detChoiceCnt <= _v1.detChoiceCnt;
- requires _houdini_46 ==> _v1.Res_KERNEL_SOURCE == _v2.Res_KERNEL_SOURCE;
- requires _houdini_47 ==> _v1.Res_PROBED == _v2.Res_PROBED;
- modifies _v1.alloc, _v2.alloc;
- ensures MS$_v1.__HAVOC_det_malloc$_v2.__HAVOC_det_malloc(_v1.obj_size,
- old(_v1.OK),
- old(_v1.Mem),
- old(_v1.alloc),
- old(_v1.Mem_T.A1CHAR),
- old(_v1.Mem_T.A5UCHAR),
- old(_v1.Mem_T.A6UCHAR),
- old(_v1.Mem_T.CHAR),
- old(_v1.Mem_T.INT4),
- old(_v1.Mem_T.PCHAR),
- old(_v1.Mem_T.PUCHAR),
- old(_v1.Mem_T.PVOID),
- old(_v1.Mem_T.Pieee80211_scan_entry),
- old(_v1.Mem_T.UCHAR),
- old(_v1.Mem_T.VOID),
- old(_v1.Mem_T.ieee80211_scan_entry),
- old(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry),
- old(_v1.detChoiceCnt),
- old(_v1.Res_KERNEL_SOURCE),
- old(_v1.Res_PROBED),
- _v1.alloc,
- _v1.new,
- _v2.obj_size,
- old(_v2.OK),
- old(_v2.Mem),
- old(_v2.alloc),
- old(_v2.Mem_T.A1CHAR),
- old(_v2.Mem_T.A5UCHAR),
- old(_v2.Mem_T.A6UCHAR),
- old(_v2.Mem_T.CHAR),
- old(_v2.Mem_T.INT4),
- old(_v2.Mem_T.PCHAR),
- old(_v2.Mem_T.PUCHAR),
- old(_v2.Mem_T.PVOID),
- old(_v2.Mem_T.Pieee80211_scan_entry),
- old(_v2.Mem_T.UCHAR),
- old(_v2.Mem_T.VOID),
- old(_v2.Mem_T.ieee80211_scan_entry),
- old(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry),
- old(_v2.detChoiceCnt),
- old(_v2.Res_KERNEL_SOURCE),
- old(_v2.Res_PROBED),
- _v2.alloc,
- _v2.new);
- ensures old(_v1.obj_size == _v2.obj_size && _v1.alloc == _v2.alloc)
- ==> _v1.new <= _v2.new
- && _v2.new <= _v1.new
- && _v1.alloc <= _v2.alloc
- && _v2.alloc <= _v1.alloc;
-
-
-
-function {:inline true} MS$_v1.__HAVOC_memset_split_1$_v2.__HAVOC_memset_split_1(_v1.A: [int]int,
- _v1.p: int,
- _v1.c: int,
- _v1.n: int,
- _v1.OK_old: bool,
- _v1.Mem_old: [name][int]int,
- _v1.alloc_old: int,
- _v1.Mem_T.A1CHAR_old: [int]int,
- _v1.Mem_T.A5UCHAR_old: [int]int,
- _v1.Mem_T.A6UCHAR_old: [int]int,
- _v1.Mem_T.CHAR_old: [int]int,
- _v1.Mem_T.INT4_old: [int]int,
- _v1.Mem_T.PCHAR_old: [int]int,
- _v1.Mem_T.PUCHAR_old: [int]int,
- _v1.Mem_T.PVOID_old: [int]int,
- _v1.Mem_T.Pieee80211_scan_entry_old: [int]int,
- _v1.Mem_T.UCHAR_old: [int]int,
- _v1.Mem_T.VOID_old: [int]int,
- _v1.Mem_T.ieee80211_scan_entry_old: [int]int,
- _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry_old: [int]int,
- _v1.detChoiceCnt_old: int,
- _v1.Res_KERNEL_SOURCE_old: [int]int,
- _v1.Res_PROBED_old: [int]int,
- _v1.ret: [int]int,
- _v2.A: [int]int,
- _v2.p: int,
- _v2.c: int,
- _v2.n: int,
- _v2.OK_old: bool,
- _v2.Mem_old: [name][int]int,
- _v2.alloc_old: int,
- _v2.Mem_T.A1CHAR_old: [int]int,
- _v2.Mem_T.A5UCHAR_old: [int]int,
- _v2.Mem_T.A6UCHAR_old: [int]int,
- _v2.Mem_T.CHAR_old: [int]int,
- _v2.Mem_T.INT4_old: [int]int,
- _v2.Mem_T.PCHAR_old: [int]int,
- _v2.Mem_T.PUCHAR_old: [int]int,
- _v2.Mem_T.PVOID_old: [int]int,
- _v2.Mem_T.Pieee80211_scan_entry_old: [int]int,
- _v2.Mem_T.UCHAR_old: [int]int,
- _v2.Mem_T.VOID_old: [int]int,
- _v2.Mem_T.ieee80211_scan_entry_old: [int]int,
- _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry_old: [int]int,
- _v2.detChoiceCnt_old: int,
- _v2.Res_KERNEL_SOURCE_old: [int]int,
- _v2.Res_PROBED_old: [int]int,
- _v2.ret: [int]int)
- : bool
-{
- true
-}
-
-procedure MS_Check__v1.__HAVOC_memset_split_1___v2.__HAVOC_memset_split_1(_v1.A: [int]int,
- _v1.p: int,
- _v1.c: int,
- _v1.n: int,
- _v2.A: [int]int,
- _v2.p: int,
- _v2.c: int,
- _v2.n: int)
- returns (_v1.ret: [int]int, _v2.ret: [int]int);
- requires _v1.A == _v2.A
- && _v1.p == _v2.p
- && _v1.c == _v2.c
- && _v1.n == _v2.n
- &&
- (_v1.OK <==> _v2.OK)
- && _v1.Mem == _v2.Mem
- && _v1.alloc == _v2.alloc
- && _v1.Mem_T.A1CHAR == _v2.Mem_T.A1CHAR
- && _v1.Mem_T.A5UCHAR == _v2.Mem_T.A5UCHAR
- && _v1.Mem_T.A6UCHAR == _v2.Mem_T.A6UCHAR
- && _v1.Mem_T.CHAR == _v2.Mem_T.CHAR
- && _v1.Mem_T.INT4 == _v2.Mem_T.INT4
- && _v1.Mem_T.PCHAR == _v2.Mem_T.PCHAR
- && _v1.Mem_T.PUCHAR == _v2.Mem_T.PUCHAR
- && _v1.Mem_T.PVOID == _v2.Mem_T.PVOID
- && _v1.Mem_T.Pieee80211_scan_entry == _v2.Mem_T.Pieee80211_scan_entry
- && _v1.Mem_T.UCHAR == _v2.Mem_T.UCHAR
- && _v1.Mem_T.VOID == _v2.Mem_T.VOID
- && _v1.Mem_T.ieee80211_scan_entry == _v2.Mem_T.ieee80211_scan_entry
- && _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry
- == _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry
- && _v1.detChoiceCnt == _v2.detChoiceCnt
- && _v1.Res_KERNEL_SOURCE == _v2.Res_KERNEL_SOURCE
- && _v1.Res_PROBED == _v2.Res_PROBED;
- ensures MS$_v1.__HAVOC_memset_split_1$_v2.__HAVOC_memset_split_1(_v1.A,
- _v1.p,
- _v1.c,
- _v1.n,
- old(_v1.OK),
- old(_v1.Mem),
- old(_v1.alloc),
- old(_v1.Mem_T.A1CHAR),
- old(_v1.Mem_T.A5UCHAR),
- old(_v1.Mem_T.A6UCHAR),
- old(_v1.Mem_T.CHAR),
- old(_v1.Mem_T.INT4),
- old(_v1.Mem_T.PCHAR),
- old(_v1.Mem_T.PUCHAR),
- old(_v1.Mem_T.PVOID),
- old(_v1.Mem_T.Pieee80211_scan_entry),
- old(_v1.Mem_T.UCHAR),
- old(_v1.Mem_T.VOID),
- old(_v1.Mem_T.ieee80211_scan_entry),
- old(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry),
- old(_v1.detChoiceCnt),
- old(_v1.Res_KERNEL_SOURCE),
- old(_v1.Res_PROBED),
- _v1.ret,
- _v2.A,
- _v2.p,
- _v2.c,
- _v2.n,
- old(_v2.OK),
- old(_v2.Mem),
- old(_v2.alloc),
- old(_v2.Mem_T.A1CHAR),
- old(_v2.Mem_T.A5UCHAR),
- old(_v2.Mem_T.A6UCHAR),
- old(_v2.Mem_T.CHAR),
- old(_v2.Mem_T.INT4),
- old(_v2.Mem_T.PCHAR),
- old(_v2.Mem_T.PUCHAR),
- old(_v2.Mem_T.PVOID),
- old(_v2.Mem_T.Pieee80211_scan_entry),
- old(_v2.Mem_T.UCHAR),
- old(_v2.Mem_T.VOID),
- old(_v2.Mem_T.ieee80211_scan_entry),
- old(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry),
- old(_v2.detChoiceCnt),
- old(_v2.Res_KERNEL_SOURCE),
- old(_v2.Res_PROBED),
- _v2.ret);
- ensures _v1.OK ==> _v2.OK;
-
-
-
-function {:inline true} MS$_v1.__HAVOC_memset_split_2$_v2.__HAVOC_memset_split_2(_v1.A: [int]int,
- _v1.p: int,
- _v1.c: int,
- _v1.n: int,
- _v1.OK_old: bool,
- _v1.Mem_old: [name][int]int,
- _v1.alloc_old: int,
- _v1.Mem_T.A1CHAR_old: [int]int,
- _v1.Mem_T.A5UCHAR_old: [int]int,
- _v1.Mem_T.A6UCHAR_old: [int]int,
- _v1.Mem_T.CHAR_old: [int]int,
- _v1.Mem_T.INT4_old: [int]int,
- _v1.Mem_T.PCHAR_old: [int]int,
- _v1.Mem_T.PUCHAR_old: [int]int,
- _v1.Mem_T.PVOID_old: [int]int,
- _v1.Mem_T.Pieee80211_scan_entry_old: [int]int,
- _v1.Mem_T.UCHAR_old: [int]int,
- _v1.Mem_T.VOID_old: [int]int,
- _v1.Mem_T.ieee80211_scan_entry_old: [int]int,
- _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry_old: [int]int,
- _v1.detChoiceCnt_old: int,
- _v1.Res_KERNEL_SOURCE_old: [int]int,
- _v1.Res_PROBED_old: [int]int,
- _v1.ret: [int]int,
- _v2.A: [int]int,
- _v2.p: int,
- _v2.c: int,
- _v2.n: int,
- _v2.OK_old: bool,
- _v2.Mem_old: [name][int]int,
- _v2.alloc_old: int,
- _v2.Mem_T.A1CHAR_old: [int]int,
- _v2.Mem_T.A5UCHAR_old: [int]int,
- _v2.Mem_T.A6UCHAR_old: [int]int,
- _v2.Mem_T.CHAR_old: [int]int,
- _v2.Mem_T.INT4_old: [int]int,
- _v2.Mem_T.PCHAR_old: [int]int,
- _v2.Mem_T.PUCHAR_old: [int]int,
- _v2.Mem_T.PVOID_old: [int]int,
- _v2.Mem_T.Pieee80211_scan_entry_old: [int]int,
- _v2.Mem_T.UCHAR_old: [int]int,
- _v2.Mem_T.VOID_old: [int]int,
- _v2.Mem_T.ieee80211_scan_entry_old: [int]int,
- _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry_old: [int]int,
- _v2.detChoiceCnt_old: int,
- _v2.Res_KERNEL_SOURCE_old: [int]int,
- _v2.Res_PROBED_old: [int]int,
- _v2.ret: [int]int)
- : bool
-{
- true
-}
-
-procedure MS_Check__v1.__HAVOC_memset_split_2___v2.__HAVOC_memset_split_2(_v1.A: [int]int,
- _v1.p: int,
- _v1.c: int,
- _v1.n: int,
- _v2.A: [int]int,
- _v2.p: int,
- _v2.c: int,
- _v2.n: int)
- returns (_v1.ret: [int]int, _v2.ret: [int]int);
- requires _v1.A == _v2.A
- && _v1.p == _v2.p
- && _v1.c == _v2.c
- && _v1.n == _v2.n
- &&
- (_v1.OK <==> _v2.OK)
- && _v1.Mem == _v2.Mem
- && _v1.alloc == _v2.alloc
- && _v1.Mem_T.A1CHAR == _v2.Mem_T.A1CHAR
- && _v1.Mem_T.A5UCHAR == _v2.Mem_T.A5UCHAR
- && _v1.Mem_T.A6UCHAR == _v2.Mem_T.A6UCHAR
- && _v1.Mem_T.CHAR == _v2.Mem_T.CHAR
- && _v1.Mem_T.INT4 == _v2.Mem_T.INT4
- && _v1.Mem_T.PCHAR == _v2.Mem_T.PCHAR
- && _v1.Mem_T.PUCHAR == _v2.Mem_T.PUCHAR
- && _v1.Mem_T.PVOID == _v2.Mem_T.PVOID
- && _v1.Mem_T.Pieee80211_scan_entry == _v2.Mem_T.Pieee80211_scan_entry
- && _v1.Mem_T.UCHAR == _v2.Mem_T.UCHAR
- && _v1.Mem_T.VOID == _v2.Mem_T.VOID
- && _v1.Mem_T.ieee80211_scan_entry == _v2.Mem_T.ieee80211_scan_entry
- && _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry
- == _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry
- && _v1.detChoiceCnt == _v2.detChoiceCnt
- && _v1.Res_KERNEL_SOURCE == _v2.Res_KERNEL_SOURCE
- && _v1.Res_PROBED == _v2.Res_PROBED;
- ensures MS$_v1.__HAVOC_memset_split_2$_v2.__HAVOC_memset_split_2(_v1.A,
- _v1.p,
- _v1.c,
- _v1.n,
- old(_v1.OK),
- old(_v1.Mem),
- old(_v1.alloc),
- old(_v1.Mem_T.A1CHAR),
- old(_v1.Mem_T.A5UCHAR),
- old(_v1.Mem_T.A6UCHAR),
- old(_v1.Mem_T.CHAR),
- old(_v1.Mem_T.INT4),
- old(_v1.Mem_T.PCHAR),
- old(_v1.Mem_T.PUCHAR),
- old(_v1.Mem_T.PVOID),
- old(_v1.Mem_T.Pieee80211_scan_entry),
- old(_v1.Mem_T.UCHAR),
- old(_v1.Mem_T.VOID),
- old(_v1.Mem_T.ieee80211_scan_entry),
- old(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry),
- old(_v1.detChoiceCnt),
- old(_v1.Res_KERNEL_SOURCE),
- old(_v1.Res_PROBED),
- _v1.ret,
- _v2.A,
- _v2.p,
- _v2.c,
- _v2.n,
- old(_v2.OK),
- old(_v2.Mem),
- old(_v2.alloc),
- old(_v2.Mem_T.A1CHAR),
- old(_v2.Mem_T.A5UCHAR),
- old(_v2.Mem_T.A6UCHAR),
- old(_v2.Mem_T.CHAR),
- old(_v2.Mem_T.INT4),
- old(_v2.Mem_T.PCHAR),
- old(_v2.Mem_T.PUCHAR),
- old(_v2.Mem_T.PVOID),
- old(_v2.Mem_T.Pieee80211_scan_entry),
- old(_v2.Mem_T.UCHAR),
- old(_v2.Mem_T.VOID),
- old(_v2.Mem_T.ieee80211_scan_entry),
- old(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry),
- old(_v2.detChoiceCnt),
- old(_v2.Res_KERNEL_SOURCE),
- old(_v2.Res_PROBED),
- _v2.ret);
- ensures _v1.OK ==> _v2.OK;
-
-
-
-function {:inline true} MS$_v1.__HAVOC_memset_split_4$_v2.__HAVOC_memset_split_4(_v1.A: [int]int,
- _v1.p: int,
- _v1.c: int,
- _v1.n: int,
- _v1.OK_old: bool,
- _v1.Mem_old: [name][int]int,
- _v1.alloc_old: int,
- _v1.Mem_T.A1CHAR_old: [int]int,
- _v1.Mem_T.A5UCHAR_old: [int]int,
- _v1.Mem_T.A6UCHAR_old: [int]int,
- _v1.Mem_T.CHAR_old: [int]int,
- _v1.Mem_T.INT4_old: [int]int,
- _v1.Mem_T.PCHAR_old: [int]int,
- _v1.Mem_T.PUCHAR_old: [int]int,
- _v1.Mem_T.PVOID_old: [int]int,
- _v1.Mem_T.Pieee80211_scan_entry_old: [int]int,
- _v1.Mem_T.UCHAR_old: [int]int,
- _v1.Mem_T.VOID_old: [int]int,
- _v1.Mem_T.ieee80211_scan_entry_old: [int]int,
- _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry_old: [int]int,
- _v1.detChoiceCnt_old: int,
- _v1.Res_KERNEL_SOURCE_old: [int]int,
- _v1.Res_PROBED_old: [int]int,
- _v1.ret: [int]int,
- _v2.A: [int]int,
- _v2.p: int,
- _v2.c: int,
- _v2.n: int,
- _v2.OK_old: bool,
- _v2.Mem_old: [name][int]int,
- _v2.alloc_old: int,
- _v2.Mem_T.A1CHAR_old: [int]int,
- _v2.Mem_T.A5UCHAR_old: [int]int,
- _v2.Mem_T.A6UCHAR_old: [int]int,
- _v2.Mem_T.CHAR_old: [int]int,
- _v2.Mem_T.INT4_old: [int]int,
- _v2.Mem_T.PCHAR_old: [int]int,
- _v2.Mem_T.PUCHAR_old: [int]int,
- _v2.Mem_T.PVOID_old: [int]int,
- _v2.Mem_T.Pieee80211_scan_entry_old: [int]int,
- _v2.Mem_T.UCHAR_old: [int]int,
- _v2.Mem_T.VOID_old: [int]int,
- _v2.Mem_T.ieee80211_scan_entry_old: [int]int,
- _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry_old: [int]int,
- _v2.detChoiceCnt_old: int,
- _v2.Res_KERNEL_SOURCE_old: [int]int,
- _v2.Res_PROBED_old: [int]int,
- _v2.ret: [int]int)
- : bool
-{
- true
-}
-
-procedure MS_Check__v1.__HAVOC_memset_split_4___v2.__HAVOC_memset_split_4(_v1.A: [int]int,
- _v1.p: int,
- _v1.c: int,
- _v1.n: int,
- _v2.A: [int]int,
- _v2.p: int,
- _v2.c: int,
- _v2.n: int)
- returns (_v1.ret: [int]int, _v2.ret: [int]int);
- requires _v1.A == _v2.A
- && _v1.p == _v2.p
- && _v1.c == _v2.c
- && _v1.n == _v2.n
- &&
- (_v1.OK <==> _v2.OK)
- && _v1.Mem == _v2.Mem
- && _v1.alloc == _v2.alloc
- && _v1.Mem_T.A1CHAR == _v2.Mem_T.A1CHAR
- && _v1.Mem_T.A5UCHAR == _v2.Mem_T.A5UCHAR
- && _v1.Mem_T.A6UCHAR == _v2.Mem_T.A6UCHAR
- && _v1.Mem_T.CHAR == _v2.Mem_T.CHAR
- && _v1.Mem_T.INT4 == _v2.Mem_T.INT4
- && _v1.Mem_T.PCHAR == _v2.Mem_T.PCHAR
- && _v1.Mem_T.PUCHAR == _v2.Mem_T.PUCHAR
- && _v1.Mem_T.PVOID == _v2.Mem_T.PVOID
- && _v1.Mem_T.Pieee80211_scan_entry == _v2.Mem_T.Pieee80211_scan_entry
- && _v1.Mem_T.UCHAR == _v2.Mem_T.UCHAR
- && _v1.Mem_T.VOID == _v2.Mem_T.VOID
- && _v1.Mem_T.ieee80211_scan_entry == _v2.Mem_T.ieee80211_scan_entry
- && _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry
- == _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry
- && _v1.detChoiceCnt == _v2.detChoiceCnt
- && _v1.Res_KERNEL_SOURCE == _v2.Res_KERNEL_SOURCE
- && _v1.Res_PROBED == _v2.Res_PROBED;
- ensures MS$_v1.__HAVOC_memset_split_4$_v2.__HAVOC_memset_split_4(_v1.A,
- _v1.p,
- _v1.c,
- _v1.n,
- old(_v1.OK),
- old(_v1.Mem),
- old(_v1.alloc),
- old(_v1.Mem_T.A1CHAR),
- old(_v1.Mem_T.A5UCHAR),
- old(_v1.Mem_T.A6UCHAR),
- old(_v1.Mem_T.CHAR),
- old(_v1.Mem_T.INT4),
- old(_v1.Mem_T.PCHAR),
- old(_v1.Mem_T.PUCHAR),
- old(_v1.Mem_T.PVOID),
- old(_v1.Mem_T.Pieee80211_scan_entry),
- old(_v1.Mem_T.UCHAR),
- old(_v1.Mem_T.VOID),
- old(_v1.Mem_T.ieee80211_scan_entry),
- old(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry),
- old(_v1.detChoiceCnt),
- old(_v1.Res_KERNEL_SOURCE),
- old(_v1.Res_PROBED),
- _v1.ret,
- _v2.A,
- _v2.p,
- _v2.c,
- _v2.n,
- old(_v2.OK),
- old(_v2.Mem),
- old(_v2.alloc),
- old(_v2.Mem_T.A1CHAR),
- old(_v2.Mem_T.A5UCHAR),
- old(_v2.Mem_T.A6UCHAR),
- old(_v2.Mem_T.CHAR),
- old(_v2.Mem_T.INT4),
- old(_v2.Mem_T.PCHAR),
- old(_v2.Mem_T.PUCHAR),
- old(_v2.Mem_T.PVOID),
- old(_v2.Mem_T.Pieee80211_scan_entry),
- old(_v2.Mem_T.UCHAR),
- old(_v2.Mem_T.VOID),
- old(_v2.Mem_T.ieee80211_scan_entry),
- old(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry),
- old(_v2.detChoiceCnt),
- old(_v2.Res_KERNEL_SOURCE),
- old(_v2.Res_PROBED),
- _v2.ret);
- ensures _v1.OK ==> _v2.OK;
-
-
-
-function {:inline true} MS$_v1.nondet_choice$_v2.nondet_choice(_v1.OK_old: bool,
- _v1.Mem_old: [name][int]int,
- _v1.alloc_old: int,
- _v1.Mem_T.A1CHAR_old: [int]int,
- _v1.Mem_T.A5UCHAR_old: [int]int,
- _v1.Mem_T.A6UCHAR_old: [int]int,
- _v1.Mem_T.CHAR_old: [int]int,
- _v1.Mem_T.INT4_old: [int]int,
- _v1.Mem_T.PCHAR_old: [int]int,
- _v1.Mem_T.PUCHAR_old: [int]int,
- _v1.Mem_T.PVOID_old: [int]int,
- _v1.Mem_T.Pieee80211_scan_entry_old: [int]int,
- _v1.Mem_T.UCHAR_old: [int]int,
- _v1.Mem_T.VOID_old: [int]int,
- _v1.Mem_T.ieee80211_scan_entry_old: [int]int,
- _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry_old: [int]int,
- _v1.detChoiceCnt_old: int,
- _v1.Res_KERNEL_SOURCE_old: [int]int,
- _v1.Res_PROBED_old: [int]int,
- _v1.x: int,
- _v2.OK_old: bool,
- _v2.Mem_old: [name][int]int,
- _v2.alloc_old: int,
- _v2.Mem_T.A1CHAR_old: [int]int,
- _v2.Mem_T.A5UCHAR_old: [int]int,
- _v2.Mem_T.A6UCHAR_old: [int]int,
- _v2.Mem_T.CHAR_old: [int]int,
- _v2.Mem_T.INT4_old: [int]int,
- _v2.Mem_T.PCHAR_old: [int]int,
- _v2.Mem_T.PUCHAR_old: [int]int,
- _v2.Mem_T.PVOID_old: [int]int,
- _v2.Mem_T.Pieee80211_scan_entry_old: [int]int,
- _v2.Mem_T.UCHAR_old: [int]int,
- _v2.Mem_T.VOID_old: [int]int,
- _v2.Mem_T.ieee80211_scan_entry_old: [int]int,
- _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry_old: [int]int,
- _v2.detChoiceCnt_old: int,
- _v2.Res_KERNEL_SOURCE_old: [int]int,
- _v2.Res_PROBED_old: [int]int,
- _v2.x: int)
- : bool
-{
- true
-}
-
-procedure MS_Check__v1.nondet_choice___v2.nondet_choice() returns (_v1.x: int, _v2.x: int);
- requires (_v1.OK <==> _v2.OK)
- && _v1.Mem == _v2.Mem
- && _v1.alloc == _v2.alloc
- && _v1.Mem_T.A1CHAR == _v2.Mem_T.A1CHAR
- && _v1.Mem_T.A5UCHAR == _v2.Mem_T.A5UCHAR
- && _v1.Mem_T.A6UCHAR == _v2.Mem_T.A6UCHAR
- && _v1.Mem_T.CHAR == _v2.Mem_T.CHAR
- && _v1.Mem_T.INT4 == _v2.Mem_T.INT4
- && _v1.Mem_T.PCHAR == _v2.Mem_T.PCHAR
- && _v1.Mem_T.PUCHAR == _v2.Mem_T.PUCHAR
- && _v1.Mem_T.PVOID == _v2.Mem_T.PVOID
- && _v1.Mem_T.Pieee80211_scan_entry == _v2.Mem_T.Pieee80211_scan_entry
- && _v1.Mem_T.UCHAR == _v2.Mem_T.UCHAR
- && _v1.Mem_T.VOID == _v2.Mem_T.VOID
- && _v1.Mem_T.ieee80211_scan_entry == _v2.Mem_T.ieee80211_scan_entry
- && _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry
- == _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry
- && _v1.detChoiceCnt == _v2.detChoiceCnt
- && _v1.Res_KERNEL_SOURCE == _v2.Res_KERNEL_SOURCE
- && _v1.Res_PROBED == _v2.Res_PROBED;
- ensures MS$_v1.nondet_choice$_v2.nondet_choice(old(_v1.OK),
- old(_v1.Mem),
- old(_v1.alloc),
- old(_v1.Mem_T.A1CHAR),
- old(_v1.Mem_T.A5UCHAR),
- old(_v1.Mem_T.A6UCHAR),
- old(_v1.Mem_T.CHAR),
- old(_v1.Mem_T.INT4),
- old(_v1.Mem_T.PCHAR),
- old(_v1.Mem_T.PUCHAR),
- old(_v1.Mem_T.PVOID),
- old(_v1.Mem_T.Pieee80211_scan_entry),
- old(_v1.Mem_T.UCHAR),
- old(_v1.Mem_T.VOID),
- old(_v1.Mem_T.ieee80211_scan_entry),
- old(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry),
- old(_v1.detChoiceCnt),
- old(_v1.Res_KERNEL_SOURCE),
- old(_v1.Res_PROBED),
- _v1.x,
- old(_v2.OK),
- old(_v2.Mem),
- old(_v2.alloc),
- old(_v2.Mem_T.A1CHAR),
- old(_v2.Mem_T.A5UCHAR),
- old(_v2.Mem_T.A6UCHAR),
- old(_v2.Mem_T.CHAR),
- old(_v2.Mem_T.INT4),
- old(_v2.Mem_T.PCHAR),
- old(_v2.Mem_T.PUCHAR),
- old(_v2.Mem_T.PVOID),
- old(_v2.Mem_T.Pieee80211_scan_entry),
- old(_v2.Mem_T.UCHAR),
- old(_v2.Mem_T.VOID),
- old(_v2.Mem_T.ieee80211_scan_entry),
- old(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry),
- old(_v2.detChoiceCnt),
- old(_v2.Res_KERNEL_SOURCE),
- old(_v2.Res_PROBED),
- _v2.x);
- ensures _v1.OK ==> _v2.OK;
-
-
-
-function {:inline true} MS$_v1.det_choice$_v2.det_choice(_v1.OK_old: bool,
- _v1.Mem_old: [name][int]int,
- _v1.alloc_old: int,
- _v1.Mem_T.A1CHAR_old: [int]int,
- _v1.Mem_T.A5UCHAR_old: [int]int,
- _v1.Mem_T.A6UCHAR_old: [int]int,
- _v1.Mem_T.CHAR_old: [int]int,
- _v1.Mem_T.INT4_old: [int]int,
- _v1.Mem_T.PCHAR_old: [int]int,
- _v1.Mem_T.PUCHAR_old: [int]int,
- _v1.Mem_T.PVOID_old: [int]int,
- _v1.Mem_T.Pieee80211_scan_entry_old: [int]int,
- _v1.Mem_T.UCHAR_old: [int]int,
- _v1.Mem_T.VOID_old: [int]int,
- _v1.Mem_T.ieee80211_scan_entry_old: [int]int,
- _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry_old: [int]int,
- _v1.detChoiceCnt_old: int,
- _v1.Res_KERNEL_SOURCE_old: [int]int,
- _v1.Res_PROBED_old: [int]int,
- _v1.detChoiceCnt_: int,
- _v1.x: int,
- _v2.OK_old: bool,
- _v2.Mem_old: [name][int]int,
- _v2.alloc_old: int,
- _v2.Mem_T.A1CHAR_old: [int]int,
- _v2.Mem_T.A5UCHAR_old: [int]int,
- _v2.Mem_T.A6UCHAR_old: [int]int,
- _v2.Mem_T.CHAR_old: [int]int,
- _v2.Mem_T.INT4_old: [int]int,
- _v2.Mem_T.PCHAR_old: [int]int,
- _v2.Mem_T.PUCHAR_old: [int]int,
- _v2.Mem_T.PVOID_old: [int]int,
- _v2.Mem_T.Pieee80211_scan_entry_old: [int]int,
- _v2.Mem_T.UCHAR_old: [int]int,
- _v2.Mem_T.VOID_old: [int]int,
- _v2.Mem_T.ieee80211_scan_entry_old: [int]int,
- _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry_old: [int]int,
- _v2.detChoiceCnt_old: int,
- _v2.Res_KERNEL_SOURCE_old: [int]int,
- _v2.Res_PROBED_old: [int]int,
- _v2.detChoiceCnt_: int,
- _v2.x: int)
- : bool
-{
- true
-}
-
-procedure MS_Check__v1.det_choice___v2.det_choice() returns (_v1.x: int, _v2.x: int);
- requires (_v1.OK <==> _v2.OK)
- && _v1.Mem == _v2.Mem
- && _v1.alloc == _v2.alloc
- && _v1.Mem_T.A1CHAR == _v2.Mem_T.A1CHAR
- && _v1.Mem_T.A5UCHAR == _v2.Mem_T.A5UCHAR
- && _v1.Mem_T.A6UCHAR == _v2.Mem_T.A6UCHAR
- && _v1.Mem_T.CHAR == _v2.Mem_T.CHAR
- && _v1.Mem_T.INT4 == _v2.Mem_T.INT4
- && _v1.Mem_T.PCHAR == _v2.Mem_T.PCHAR
- && _v1.Mem_T.PUCHAR == _v2.Mem_T.PUCHAR
- && _v1.Mem_T.PVOID == _v2.Mem_T.PVOID
- && _v1.Mem_T.Pieee80211_scan_entry == _v2.Mem_T.Pieee80211_scan_entry
- && _v1.Mem_T.UCHAR == _v2.Mem_T.UCHAR
- && _v1.Mem_T.VOID == _v2.Mem_T.VOID
- && _v1.Mem_T.ieee80211_scan_entry == _v2.Mem_T.ieee80211_scan_entry
- && _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry
- == _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry
- && _v1.detChoiceCnt == _v2.detChoiceCnt
- && _v1.Res_KERNEL_SOURCE == _v2.Res_KERNEL_SOURCE
- && _v1.Res_PROBED == _v2.Res_PROBED;
- modifies _v1.detChoiceCnt, _v2.detChoiceCnt;
- ensures MS$_v1.det_choice$_v2.det_choice(old(_v1.OK),
- old(_v1.Mem),
- old(_v1.alloc),
- old(_v1.Mem_T.A1CHAR),
- old(_v1.Mem_T.A5UCHAR),
- old(_v1.Mem_T.A6UCHAR),
- old(_v1.Mem_T.CHAR),
- old(_v1.Mem_T.INT4),
- old(_v1.Mem_T.PCHAR),
- old(_v1.Mem_T.PUCHAR),
- old(_v1.Mem_T.PVOID),
- old(_v1.Mem_T.Pieee80211_scan_entry),
- old(_v1.Mem_T.UCHAR),
- old(_v1.Mem_T.VOID),
- old(_v1.Mem_T.ieee80211_scan_entry),
- old(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry),
- old(_v1.detChoiceCnt),
- old(_v1.Res_KERNEL_SOURCE),
- old(_v1.Res_PROBED),
- _v1.detChoiceCnt,
- _v1.x,
- old(_v2.OK),
- old(_v2.Mem),
- old(_v2.alloc),
- old(_v2.Mem_T.A1CHAR),
- old(_v2.Mem_T.A5UCHAR),
- old(_v2.Mem_T.A6UCHAR),
- old(_v2.Mem_T.CHAR),
- old(_v2.Mem_T.INT4),
- old(_v2.Mem_T.PCHAR),
- old(_v2.Mem_T.PUCHAR),
- old(_v2.Mem_T.PVOID),
- old(_v2.Mem_T.Pieee80211_scan_entry),
- old(_v2.Mem_T.UCHAR),
- old(_v2.Mem_T.VOID),
- old(_v2.Mem_T.ieee80211_scan_entry),
- old(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry),
- old(_v2.detChoiceCnt),
- old(_v2.Res_KERNEL_SOURCE),
- old(_v2.Res_PROBED),
- _v2.detChoiceCnt,
- _v2.x);
- ensures _v1.OK ==> _v2.OK;
-
-
-
-function {:inline true} MS$_v1._strdup$_v2._strdup(_v1.str: int,
- _v1.OK_old: bool,
- _v1.Mem_old: [name][int]int,
- _v1.alloc_old: int,
- _v1.Mem_T.A1CHAR_old: [int]int,
- _v1.Mem_T.A5UCHAR_old: [int]int,
- _v1.Mem_T.A6UCHAR_old: [int]int,
- _v1.Mem_T.CHAR_old: [int]int,
- _v1.Mem_T.INT4_old: [int]int,
- _v1.Mem_T.PCHAR_old: [int]int,
- _v1.Mem_T.PUCHAR_old: [int]int,
- _v1.Mem_T.PVOID_old: [int]int,
- _v1.Mem_T.Pieee80211_scan_entry_old: [int]int,
- _v1.Mem_T.UCHAR_old: [int]int,
- _v1.Mem_T.VOID_old: [int]int,
- _v1.Mem_T.ieee80211_scan_entry_old: [int]int,
- _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry_old: [int]int,
- _v1.detChoiceCnt_old: int,
- _v1.Res_KERNEL_SOURCE_old: [int]int,
- _v1.Res_PROBED_old: [int]int,
- _v1.new: int,
- _v2.str: int,
- _v2.OK_old: bool,
- _v2.Mem_old: [name][int]int,
- _v2.alloc_old: int,
- _v2.Mem_T.A1CHAR_old: [int]int,
- _v2.Mem_T.A5UCHAR_old: [int]int,
- _v2.Mem_T.A6UCHAR_old: [int]int,
- _v2.Mem_T.CHAR_old: [int]int,
- _v2.Mem_T.INT4_old: [int]int,
- _v2.Mem_T.PCHAR_old: [int]int,
- _v2.Mem_T.PUCHAR_old: [int]int,
- _v2.Mem_T.PVOID_old: [int]int,
- _v2.Mem_T.Pieee80211_scan_entry_old: [int]int,
- _v2.Mem_T.UCHAR_old: [int]int,
- _v2.Mem_T.VOID_old: [int]int,
- _v2.Mem_T.ieee80211_scan_entry_old: [int]int,
- _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry_old: [int]int,
- _v2.detChoiceCnt_old: int,
- _v2.Res_KERNEL_SOURCE_old: [int]int,
- _v2.Res_PROBED_old: [int]int,
- _v2.new: int)
- : bool
-{
- true
-}
-
-procedure MS_Check__v1._strdup___v2._strdup(_v1.str: int, _v2.str: int) returns (_v1.new: int, _v2.new: int);
- requires _v1.str == _v2.str
- &&
- (_v1.OK <==> _v2.OK)
- && _v1.Mem == _v2.Mem
- && _v1.alloc == _v2.alloc
- && _v1.Mem_T.A1CHAR == _v2.Mem_T.A1CHAR
- && _v1.Mem_T.A5UCHAR == _v2.Mem_T.A5UCHAR
- && _v1.Mem_T.A6UCHAR == _v2.Mem_T.A6UCHAR
- && _v1.Mem_T.CHAR == _v2.Mem_T.CHAR
- && _v1.Mem_T.INT4 == _v2.Mem_T.INT4
- && _v1.Mem_T.PCHAR == _v2.Mem_T.PCHAR
- && _v1.Mem_T.PUCHAR == _v2.Mem_T.PUCHAR
- && _v1.Mem_T.PVOID == _v2.Mem_T.PVOID
- && _v1.Mem_T.Pieee80211_scan_entry == _v2.Mem_T.Pieee80211_scan_entry
- && _v1.Mem_T.UCHAR == _v2.Mem_T.UCHAR
- && _v1.Mem_T.VOID == _v2.Mem_T.VOID
- && _v1.Mem_T.ieee80211_scan_entry == _v2.Mem_T.ieee80211_scan_entry
- && _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry
- == _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry
- && _v1.detChoiceCnt == _v2.detChoiceCnt
- && _v1.Res_KERNEL_SOURCE == _v2.Res_KERNEL_SOURCE
- && _v1.Res_PROBED == _v2.Res_PROBED;
- ensures MS$_v1._strdup$_v2._strdup(_v1.str,
- old(_v1.OK),
- old(_v1.Mem),
- old(_v1.alloc),
- old(_v1.Mem_T.A1CHAR),
- old(_v1.Mem_T.A5UCHAR),
- old(_v1.Mem_T.A6UCHAR),
- old(_v1.Mem_T.CHAR),
- old(_v1.Mem_T.INT4),
- old(_v1.Mem_T.PCHAR),
- old(_v1.Mem_T.PUCHAR),
- old(_v1.Mem_T.PVOID),
- old(_v1.Mem_T.Pieee80211_scan_entry),
- old(_v1.Mem_T.UCHAR),
- old(_v1.Mem_T.VOID),
- old(_v1.Mem_T.ieee80211_scan_entry),
- old(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry),
- old(_v1.detChoiceCnt),
- old(_v1.Res_KERNEL_SOURCE),
- old(_v1.Res_PROBED),
- _v1.new,
- _v2.str,
- old(_v2.OK),
- old(_v2.Mem),
- old(_v2.alloc),
- old(_v2.Mem_T.A1CHAR),
- old(_v2.Mem_T.A5UCHAR),
- old(_v2.Mem_T.A6UCHAR),
- old(_v2.Mem_T.CHAR),
- old(_v2.Mem_T.INT4),
- old(_v2.Mem_T.PCHAR),
- old(_v2.Mem_T.PUCHAR),
- old(_v2.Mem_T.PVOID),
- old(_v2.Mem_T.Pieee80211_scan_entry),
- old(_v2.Mem_T.UCHAR),
- old(_v2.Mem_T.VOID),
- old(_v2.Mem_T.ieee80211_scan_entry),
- old(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry),
- old(_v2.detChoiceCnt),
- old(_v2.Res_KERNEL_SOURCE),
- old(_v2.Res_PROBED),
- _v2.new);
- ensures _v1.OK ==> _v2.OK;
-
-
-
-function {:inline true} MS$_v1._xstrcasecmp$_v2._xstrcasecmp(_v1.a0: int,
- _v1.a1: int,
- _v1.OK_old: bool,
- _v1.Mem_old: [name][int]int,
- _v1.alloc_old: int,
- _v1.Mem_T.A1CHAR_old: [int]int,
- _v1.Mem_T.A5UCHAR_old: [int]int,
- _v1.Mem_T.A6UCHAR_old: [int]int,
- _v1.Mem_T.CHAR_old: [int]int,
- _v1.Mem_T.INT4_old: [int]int,
- _v1.Mem_T.PCHAR_old: [int]int,
- _v1.Mem_T.PUCHAR_old: [int]int,
- _v1.Mem_T.PVOID_old: [int]int,
- _v1.Mem_T.Pieee80211_scan_entry_old: [int]int,
- _v1.Mem_T.UCHAR_old: [int]int,
- _v1.Mem_T.VOID_old: [int]int,
- _v1.Mem_T.ieee80211_scan_entry_old: [int]int,
- _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry_old: [int]int,
- _v1.detChoiceCnt_old: int,
- _v1.Res_KERNEL_SOURCE_old: [int]int,
- _v1.Res_PROBED_old: [int]int,
- _v1.ret: int,
- _v2.a0: int,
- _v2.a1: int,
- _v2.OK_old: bool,
- _v2.Mem_old: [name][int]int,
- _v2.alloc_old: int,
- _v2.Mem_T.A1CHAR_old: [int]int,
- _v2.Mem_T.A5UCHAR_old: [int]int,
- _v2.Mem_T.A6UCHAR_old: [int]int,
- _v2.Mem_T.CHAR_old: [int]int,
- _v2.Mem_T.INT4_old: [int]int,
- _v2.Mem_T.PCHAR_old: [int]int,
- _v2.Mem_T.PUCHAR_old: [int]int,
- _v2.Mem_T.PVOID_old: [int]int,
- _v2.Mem_T.Pieee80211_scan_entry_old: [int]int,
- _v2.Mem_T.UCHAR_old: [int]int,
- _v2.Mem_T.VOID_old: [int]int,
- _v2.Mem_T.ieee80211_scan_entry_old: [int]int,
- _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry_old: [int]int,
- _v2.detChoiceCnt_old: int,
- _v2.Res_KERNEL_SOURCE_old: [int]int,
- _v2.Res_PROBED_old: [int]int,
- _v2.ret: int)
- : bool
-{
- true
-}
-
-procedure MS_Check__v1._xstrcasecmp___v2._xstrcasecmp(_v1.a0: int, _v1.a1: int, _v2.a0: int, _v2.a1: int)
- returns (_v1.ret: int, _v2.ret: int);
- requires _v1.a0 == _v2.a0
- && _v1.a1 == _v2.a1
- &&
- (_v1.OK <==> _v2.OK)
- && _v1.Mem == _v2.Mem
- && _v1.alloc == _v2.alloc
- && _v1.Mem_T.A1CHAR == _v2.Mem_T.A1CHAR
- && _v1.Mem_T.A5UCHAR == _v2.Mem_T.A5UCHAR
- && _v1.Mem_T.A6UCHAR == _v2.Mem_T.A6UCHAR
- && _v1.Mem_T.CHAR == _v2.Mem_T.CHAR
- && _v1.Mem_T.INT4 == _v2.Mem_T.INT4
- && _v1.Mem_T.PCHAR == _v2.Mem_T.PCHAR
- && _v1.Mem_T.PUCHAR == _v2.Mem_T.PUCHAR
- && _v1.Mem_T.PVOID == _v2.Mem_T.PVOID
- && _v1.Mem_T.Pieee80211_scan_entry == _v2.Mem_T.Pieee80211_scan_entry
- && _v1.Mem_T.UCHAR == _v2.Mem_T.UCHAR
- && _v1.Mem_T.VOID == _v2.Mem_T.VOID
- && _v1.Mem_T.ieee80211_scan_entry == _v2.Mem_T.ieee80211_scan_entry
- && _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry
- == _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry
- && _v1.detChoiceCnt == _v2.detChoiceCnt
- && _v1.Res_KERNEL_SOURCE == _v2.Res_KERNEL_SOURCE
- && _v1.Res_PROBED == _v2.Res_PROBED;
- ensures MS$_v1._xstrcasecmp$_v2._xstrcasecmp(_v1.a0,
- _v1.a1,
- old(_v1.OK),
- old(_v1.Mem),
- old(_v1.alloc),
- old(_v1.Mem_T.A1CHAR),
- old(_v1.Mem_T.A5UCHAR),
- old(_v1.Mem_T.A6UCHAR),
- old(_v1.Mem_T.CHAR),
- old(_v1.Mem_T.INT4),
- old(_v1.Mem_T.PCHAR),
- old(_v1.Mem_T.PUCHAR),
- old(_v1.Mem_T.PVOID),
- old(_v1.Mem_T.Pieee80211_scan_entry),
- old(_v1.Mem_T.UCHAR),
- old(_v1.Mem_T.VOID),
- old(_v1.Mem_T.ieee80211_scan_entry),
- old(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry),
- old(_v1.detChoiceCnt),
- old(_v1.Res_KERNEL_SOURCE),
- old(_v1.Res_PROBED),
- _v1.ret,
- _v2.a0,
- _v2.a1,
- old(_v2.OK),
- old(_v2.Mem),
- old(_v2.alloc),
- old(_v2.Mem_T.A1CHAR),
- old(_v2.Mem_T.A5UCHAR),
- old(_v2.Mem_T.A6UCHAR),
- old(_v2.Mem_T.CHAR),
- old(_v2.Mem_T.INT4),
- old(_v2.Mem_T.PCHAR),
- old(_v2.Mem_T.PUCHAR),
- old(_v2.Mem_T.PVOID),
- old(_v2.Mem_T.Pieee80211_scan_entry),
- old(_v2.Mem_T.UCHAR),
- old(_v2.Mem_T.VOID),
- old(_v2.Mem_T.ieee80211_scan_entry),
- old(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry),
- old(_v2.detChoiceCnt),
- old(_v2.Res_KERNEL_SOURCE),
- old(_v2.Res_PROBED),
- _v2.ret);
- ensures _v1.OK ==> _v2.OK;
-
-
-
-function {:inline true} MS$_v1._xstrcmp$_v2._xstrcmp(_v1.a0: int,
- _v1.a1: int,
- _v1.OK_old: bool,
- _v1.Mem_old: [name][int]int,
- _v1.alloc_old: int,
- _v1.Mem_T.A1CHAR_old: [int]int,
- _v1.Mem_T.A5UCHAR_old: [int]int,
- _v1.Mem_T.A6UCHAR_old: [int]int,
- _v1.Mem_T.CHAR_old: [int]int,
- _v1.Mem_T.INT4_old: [int]int,
- _v1.Mem_T.PCHAR_old: [int]int,
- _v1.Mem_T.PUCHAR_old: [int]int,
- _v1.Mem_T.PVOID_old: [int]int,
- _v1.Mem_T.Pieee80211_scan_entry_old: [int]int,
- _v1.Mem_T.UCHAR_old: [int]int,
- _v1.Mem_T.VOID_old: [int]int,
- _v1.Mem_T.ieee80211_scan_entry_old: [int]int,
- _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry_old: [int]int,
- _v1.detChoiceCnt_old: int,
- _v1.Res_KERNEL_SOURCE_old: [int]int,
- _v1.Res_PROBED_old: [int]int,
- _v1.ret: int,
- _v2.a0: int,
- _v2.a1: int,
- _v2.OK_old: bool,
- _v2.Mem_old: [name][int]int,
- _v2.alloc_old: int,
- _v2.Mem_T.A1CHAR_old: [int]int,
- _v2.Mem_T.A5UCHAR_old: [int]int,
- _v2.Mem_T.A6UCHAR_old: [int]int,
- _v2.Mem_T.CHAR_old: [int]int,
- _v2.Mem_T.INT4_old: [int]int,
- _v2.Mem_T.PCHAR_old: [int]int,
- _v2.Mem_T.PUCHAR_old: [int]int,
- _v2.Mem_T.PVOID_old: [int]int,
- _v2.Mem_T.Pieee80211_scan_entry_old: [int]int,
- _v2.Mem_T.UCHAR_old: [int]int,
- _v2.Mem_T.VOID_old: [int]int,
- _v2.Mem_T.ieee80211_scan_entry_old: [int]int,
- _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry_old: [int]int,
- _v2.detChoiceCnt_old: int,
- _v2.Res_KERNEL_SOURCE_old: [int]int,
- _v2.Res_PROBED_old: [int]int,
- _v2.ret: int)
- : bool
-{
- true
-}
-
-procedure MS_Check__v1._xstrcmp___v2._xstrcmp(_v1.a0: int, _v1.a1: int, _v2.a0: int, _v2.a1: int)
- returns (_v1.ret: int, _v2.ret: int);
- requires _v1.a0 == _v2.a0
- && _v1.a1 == _v2.a1
- &&
- (_v1.OK <==> _v2.OK)
- && _v1.Mem == _v2.Mem
- && _v1.alloc == _v2.alloc
- && _v1.Mem_T.A1CHAR == _v2.Mem_T.A1CHAR
- && _v1.Mem_T.A5UCHAR == _v2.Mem_T.A5UCHAR
- && _v1.Mem_T.A6UCHAR == _v2.Mem_T.A6UCHAR
- && _v1.Mem_T.CHAR == _v2.Mem_T.CHAR
- && _v1.Mem_T.INT4 == _v2.Mem_T.INT4
- && _v1.Mem_T.PCHAR == _v2.Mem_T.PCHAR
- && _v1.Mem_T.PUCHAR == _v2.Mem_T.PUCHAR
- && _v1.Mem_T.PVOID == _v2.Mem_T.PVOID
- && _v1.Mem_T.Pieee80211_scan_entry == _v2.Mem_T.Pieee80211_scan_entry
- && _v1.Mem_T.UCHAR == _v2.Mem_T.UCHAR
- && _v1.Mem_T.VOID == _v2.Mem_T.VOID
- && _v1.Mem_T.ieee80211_scan_entry == _v2.Mem_T.ieee80211_scan_entry
- && _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry
- == _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry
- && _v1.detChoiceCnt == _v2.detChoiceCnt
- && _v1.Res_KERNEL_SOURCE == _v2.Res_KERNEL_SOURCE
- && _v1.Res_PROBED == _v2.Res_PROBED;
- ensures MS$_v1._xstrcmp$_v2._xstrcmp(_v1.a0,
- _v1.a1,
- old(_v1.OK),
- old(_v1.Mem),
- old(_v1.alloc),
- old(_v1.Mem_T.A1CHAR),
- old(_v1.Mem_T.A5UCHAR),
- old(_v1.Mem_T.A6UCHAR),
- old(_v1.Mem_T.CHAR),
- old(_v1.Mem_T.INT4),
- old(_v1.Mem_T.PCHAR),
- old(_v1.Mem_T.PUCHAR),
- old(_v1.Mem_T.PVOID),
- old(_v1.Mem_T.Pieee80211_scan_entry),
- old(_v1.Mem_T.UCHAR),
- old(_v1.Mem_T.VOID),
- old(_v1.Mem_T.ieee80211_scan_entry),
- old(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry),
- old(_v1.detChoiceCnt),
- old(_v1.Res_KERNEL_SOURCE),
- old(_v1.Res_PROBED),
- _v1.ret,
- _v2.a0,
- _v2.a1,
- old(_v2.OK),
- old(_v2.Mem),
- old(_v2.alloc),
- old(_v2.Mem_T.A1CHAR),
- old(_v2.Mem_T.A5UCHAR),
- old(_v2.Mem_T.A6UCHAR),
- old(_v2.Mem_T.CHAR),
- old(_v2.Mem_T.INT4),
- old(_v2.Mem_T.PCHAR),
- old(_v2.Mem_T.PUCHAR),
- old(_v2.Mem_T.PVOID),
- old(_v2.Mem_T.Pieee80211_scan_entry),
- old(_v2.Mem_T.UCHAR),
- old(_v2.Mem_T.VOID),
- old(_v2.Mem_T.ieee80211_scan_entry),
- old(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry),
- old(_v2.detChoiceCnt),
- old(_v2.Res_KERNEL_SOURCE),
- old(_v2.Res_PROBED),
- _v2.ret);
- ensures _v1.OK ==> _v2.OK;
-
-
-
-function {:inline true} MS$_v1.memcpy$_v2.memcpy(_v1.a0: int,
- _v1.a1: int,
- _v1.a2: int,
- _v1.OK_old: bool,
- _v1.Mem_old: [name][int]int,
- _v1.alloc_old: int,
- _v1.Mem_T.A1CHAR_old: [int]int,
- _v1.Mem_T.A5UCHAR_old: [int]int,
- _v1.Mem_T.A6UCHAR_old: [int]int,
- _v1.Mem_T.CHAR_old: [int]int,
- _v1.Mem_T.INT4_old: [int]int,
- _v1.Mem_T.PCHAR_old: [int]int,
- _v1.Mem_T.PUCHAR_old: [int]int,
- _v1.Mem_T.PVOID_old: [int]int,
- _v1.Mem_T.Pieee80211_scan_entry_old: [int]int,
- _v1.Mem_T.UCHAR_old: [int]int,
- _v1.Mem_T.VOID_old: [int]int,
- _v1.Mem_T.ieee80211_scan_entry_old: [int]int,
- _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry_old: [int]int,
- _v1.detChoiceCnt_old: int,
- _v1.Res_KERNEL_SOURCE_old: [int]int,
- _v1.Res_PROBED_old: [int]int,
- _v1.ret: int,
- _v2.a0: int,
- _v2.a1: int,
- _v2.a2: int,
- _v2.OK_old: bool,
- _v2.Mem_old: [name][int]int,
- _v2.alloc_old: int,
- _v2.Mem_T.A1CHAR_old: [int]int,
- _v2.Mem_T.A5UCHAR_old: [int]int,
- _v2.Mem_T.A6UCHAR_old: [int]int,
- _v2.Mem_T.CHAR_old: [int]int,
- _v2.Mem_T.INT4_old: [int]int,
- _v2.Mem_T.PCHAR_old: [int]int,
- _v2.Mem_T.PUCHAR_old: [int]int,
- _v2.Mem_T.PVOID_old: [int]int,
- _v2.Mem_T.Pieee80211_scan_entry_old: [int]int,
- _v2.Mem_T.UCHAR_old: [int]int,
- _v2.Mem_T.VOID_old: [int]int,
- _v2.Mem_T.ieee80211_scan_entry_old: [int]int,
- _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry_old: [int]int,
- _v2.detChoiceCnt_old: int,
- _v2.Res_KERNEL_SOURCE_old: [int]int,
- _v2.Res_PROBED_old: [int]int,
- _v2.ret: int)
- : bool
-{
- true
-}
-
-const {:existential true} _houdini_48: bool;
-
-const {:existential true} _houdini_49: bool;
-
-const {:existential true} _houdini_50: bool;
-
-const {:existential true} _houdini_51: bool;
-
-const {:existential true} _houdini_52: bool;
-
-const {:existential true} _houdini_53: bool;
-
-const {:existential true} _houdini_54: bool;
-
-const {:existential true} _houdini_55: bool;
-
-const {:existential true} _houdini_56: bool;
-
-const {:existential true} _houdini_57: bool;
-
-const {:existential true} _houdini_58: bool;
-
-const {:existential true} _houdini_59: bool;
-
-const {:existential true} _houdini_60: bool;
-
-const {:existential true} _houdini_61: bool;
-
-const {:existential true} _houdini_62: bool;
-
-const {:existential true} _houdini_63: bool;
-
-const {:existential true} _houdini_64: bool;
-
-const {:existential true} _houdini_65: bool;
-
-const {:existential true} _houdini_66: bool;
-
-const {:existential true} _houdini_67: bool;
-
-const {:existential true} _houdini_68: bool;
-
-const {:existential true} _houdini_69: bool;
-
-const {:existential true} _houdini_70: bool;
-
-const {:existential true} _houdini_71: bool;
-
-const {:existential true} _houdini_72: bool;
-
-const {:existential true} _houdini_73: bool;
-
-const {:existential true} _houdini_74: bool;
-
-const {:existential true} _houdini_75: bool;
-
-procedure MS_Check__v1.memcpy___v2.memcpy(_v1.a0: int, _v1.a1: int, _v1.a2: int, _v2.a0: int, _v2.a1: int, _v2.a2: int)
- returns (_v1.ret: int, _v2.ret: int);
- requires _houdini_48 ==> _v1.a0 <= _v2.a0;
- requires _houdini_49 ==> _v2.a0 <= _v1.a0;
- requires _houdini_50 ==> _v1.a1 <= _v2.a1;
- requires _houdini_51 ==> _v2.a1 <= _v1.a1;
- requires _houdini_52 ==> _v1.a2 <= _v2.a2;
- requires _houdini_53 ==> _v2.a2 <= _v1.a2;
- requires _houdini_54 ==> _v1.OK ==> _v2.OK;
- requires _houdini_55 ==> _v2.OK ==> _v1.OK;
- requires _houdini_56 ==> _v1.Mem == _v2.Mem;
- requires _houdini_57 ==> _v1.alloc <= _v2.alloc;
- requires _houdini_58 ==> _v2.alloc <= _v1.alloc;
- requires _houdini_59 ==> _v1.Mem_T.A1CHAR == _v2.Mem_T.A1CHAR;
- requires _houdini_60 ==> _v1.Mem_T.A5UCHAR == _v2.Mem_T.A5UCHAR;
- requires _houdini_61 ==> _v1.Mem_T.A6UCHAR == _v2.Mem_T.A6UCHAR;
- requires _houdini_62 ==> _v1.Mem_T.CHAR == _v2.Mem_T.CHAR;
- requires _houdini_63 ==> _v1.Mem_T.INT4 == _v2.Mem_T.INT4;
- requires _houdini_64 ==> _v1.Mem_T.PCHAR == _v2.Mem_T.PCHAR;
- requires _houdini_65 ==> _v1.Mem_T.PUCHAR == _v2.Mem_T.PUCHAR;
- requires _houdini_66 ==> _v1.Mem_T.PVOID == _v2.Mem_T.PVOID;
- requires _houdini_67
- ==> _v1.Mem_T.Pieee80211_scan_entry == _v2.Mem_T.Pieee80211_scan_entry;
- requires _houdini_68 ==> _v1.Mem_T.UCHAR == _v2.Mem_T.UCHAR;
- requires _houdini_69 ==> _v1.Mem_T.VOID == _v2.Mem_T.VOID;
- requires _houdini_70 ==> _v1.Mem_T.ieee80211_scan_entry == _v2.Mem_T.ieee80211_scan_entry;
- requires _houdini_71
- ==> _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry
- == _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry;
- requires _houdini_72 ==> _v1.detChoiceCnt <= _v2.detChoiceCnt;
- requires _houdini_73 ==> _v2.detChoiceCnt <= _v1.detChoiceCnt;
- requires _houdini_74 ==> _v1.Res_KERNEL_SOURCE == _v2.Res_KERNEL_SOURCE;
- requires _houdini_75 ==> _v1.Res_PROBED == _v2.Res_PROBED;
- ensures MS$_v1.memcpy$_v2.memcpy(_v1.a0,
- _v1.a1,
- _v1.a2,
- old(_v1.OK),
- old(_v1.Mem),
- old(_v1.alloc),
- old(_v1.Mem_T.A1CHAR),
- old(_v1.Mem_T.A5UCHAR),
- old(_v1.Mem_T.A6UCHAR),
- old(_v1.Mem_T.CHAR),
- old(_v1.Mem_T.INT4),
- old(_v1.Mem_T.PCHAR),
- old(_v1.Mem_T.PUCHAR),
- old(_v1.Mem_T.PVOID),
- old(_v1.Mem_T.Pieee80211_scan_entry),
- old(_v1.Mem_T.UCHAR),
- old(_v1.Mem_T.VOID),
- old(_v1.Mem_T.ieee80211_scan_entry),
- old(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry),
- old(_v1.detChoiceCnt),
- old(_v1.Res_KERNEL_SOURCE),
- old(_v1.Res_PROBED),
- _v1.ret,
- _v2.a0,
- _v2.a1,
- _v2.a2,
- old(_v2.OK),
- old(_v2.Mem),
- old(_v2.alloc),
- old(_v2.Mem_T.A1CHAR),
- old(_v2.Mem_T.A5UCHAR),
- old(_v2.Mem_T.A6UCHAR),
- old(_v2.Mem_T.CHAR),
- old(_v2.Mem_T.INT4),
- old(_v2.Mem_T.PCHAR),
- old(_v2.Mem_T.PUCHAR),
- old(_v2.Mem_T.PVOID),
- old(_v2.Mem_T.Pieee80211_scan_entry),
- old(_v2.Mem_T.UCHAR),
- old(_v2.Mem_T.VOID),
- old(_v2.Mem_T.ieee80211_scan_entry),
- old(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry),
- old(_v2.detChoiceCnt),
- old(_v2.Res_KERNEL_SOURCE),
- old(_v2.Res_PROBED),
- _v2.ret);
- ensures old(_v1.a0 == _v2.a0 && _v1.a1 == _v2.a1 && _v1.a2 == _v2.a2)
- ==> _v1.ret <= _v2.ret && _v2.ret <= _v1.ret;
-
-
-
-function {:inline true} MS$_v1.encode_ie$_v2.encode_ie(_v1.buf_.1: int,
- _v1.bufsize_.1: int,
- _v1.ie_.1: int,
- _v1.ielen_.1: int,
- _v1.leader_.1: int,
- _v1.leader_len_.1: int,
- _v1.OK_old: bool,
- _v1.Mem_old: [name][int]int,
- _v1.alloc_old: int,
- _v1.Mem_T.A1CHAR_old: [int]int,
- _v1.Mem_T.A5UCHAR_old: [int]int,
- _v1.Mem_T.A6UCHAR_old: [int]int,
- _v1.Mem_T.CHAR_old: [int]int,
- _v1.Mem_T.INT4_old: [int]int,
- _v1.Mem_T.PCHAR_old: [int]int,
- _v1.Mem_T.PUCHAR_old: [int]int,
- _v1.Mem_T.PVOID_old: [int]int,
- _v1.Mem_T.Pieee80211_scan_entry_old: [int]int,
- _v1.Mem_T.UCHAR_old: [int]int,
- _v1.Mem_T.VOID_old: [int]int,
- _v1.Mem_T.ieee80211_scan_entry_old: [int]int,
- _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry_old: [int]int,
- _v1.detChoiceCnt_old: int,
- _v1.Res_KERNEL_SOURCE_old: [int]int,
- _v1.Res_PROBED_old: [int]int,
- _v1.OK_: bool,
- _v1.Mem_T.UCHAR_: [int]int,
- _v1.result.encode_ie$1: int,
- _v2.buf_.1: int,
- _v2.bufsize_.1: int,
- _v2.ie_.1: int,
- _v2.ielen_.1: int,
- _v2.leader_.1: int,
- _v2.leader_len_.1: int,
- _v2.OK_old: bool,
- _v2.Mem_old: [name][int]int,
- _v2.alloc_old: int,
- _v2.Mem_T.A1CHAR_old: [int]int,
- _v2.Mem_T.A5UCHAR_old: [int]int,
- _v2.Mem_T.A6UCHAR_old: [int]int,
- _v2.Mem_T.CHAR_old: [int]int,
- _v2.Mem_T.INT4_old: [int]int,
- _v2.Mem_T.PCHAR_old: [int]int,
- _v2.Mem_T.PUCHAR_old: [int]int,
- _v2.Mem_T.PVOID_old: [int]int,
- _v2.Mem_T.Pieee80211_scan_entry_old: [int]int,
- _v2.Mem_T.UCHAR_old: [int]int,
- _v2.Mem_T.VOID_old: [int]int,
- _v2.Mem_T.ieee80211_scan_entry_old: [int]int,
- _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry_old: [int]int,
- _v2.detChoiceCnt_old: int,
- _v2.Res_KERNEL_SOURCE_old: [int]int,
- _v2.Res_PROBED_old: [int]int,
- _v2.OK_: bool,
- _v2.Mem_T.UCHAR_: [int]int,
- _v2.result.encode_ie$1: int)
- : bool
-{
- true
-}
-
-const {:existential true} _houdini_76: bool;
-
-const {:existential true} _houdini_77: bool;
-
-const {:existential true} _houdini_78: bool;
-
-const {:existential true} _houdini_79: bool;
-
-const {:existential true} _houdini_80: bool;
-
-const {:existential true} _houdini_81: bool;
-
-const {:existential true} _houdini_82: bool;
-
-const {:existential true} _houdini_83: bool;
-
-const {:existential true} _houdini_84: bool;
-
-const {:existential true} _houdini_85: bool;
-
-const {:existential true} _houdini_86: bool;
-
-const {:existential true} _houdini_87: bool;
-
-const {:existential true} _houdini_88: bool;
-
-const {:existential true} _houdini_89: bool;
-
-const {:existential true} _houdini_90: bool;
-
-const {:existential true} _houdini_91: bool;
-
-const {:existential true} _houdini_92: bool;
-
-const {:existential true} _houdini_93: bool;
-
-const {:existential true} _houdini_94: bool;
-
-const {:existential true} _houdini_95: bool;
-
-const {:existential true} _houdini_96: bool;
-
-const {:existential true} _houdini_97: bool;
-
-const {:existential true} _houdini_98: bool;
-
-const {:existential true} _houdini_99: bool;
-
-const {:existential true} _houdini_100: bool;
-
-const {:existential true} _houdini_101: bool;
-
-const {:existential true} _houdini_102: bool;
-
-const {:existential true} _houdini_103: bool;
-
-const {:existential true} _houdini_104: bool;
-
-const {:existential true} _houdini_105: bool;
-
-const {:existential true} _houdini_106: bool;
-
-const {:existential true} _houdini_107: bool;
-
-const {:existential true} _houdini_108: bool;
-
-const {:existential true} _houdini_109: bool;
-
-const {:existential true} _houdini_110: bool;
-
-const {:existential true} _houdini_111: bool;
-
-const {:existential true} _houdini_112: bool;
-
-const {:existential true} _houdini_113: bool;
-
-const {:existential true} _houdini_114: bool;
-
-procedure MS_Check__v1.encode_ie___v2.encode_ie(_v1.buf_.1: int,
- _v1.bufsize_.1: int,
- _v1.ie_.1: int,
- _v1.ielen_.1: int,
- _v1.leader_.1: int,
- _v1.leader_len_.1: int,
- _v2.buf_.1: int,
- _v2.bufsize_.1: int,
- _v2.ie_.1: int,
- _v2.ielen_.1: int,
- _v2.leader_.1: int,
- _v2.leader_len_.1: int)
- returns (_v1.result.encode_ie$1: int, _v2.result.encode_ie$1: int);
- requires _houdini_81 ==> _v1.buf_.1 <= _v2.buf_.1;
- requires _houdini_82 ==> _v2.buf_.1 <= _v1.buf_.1;
- requires _houdini_83 ==> _v1.bufsize_.1 <= _v2.bufsize_.1;
- requires _houdini_84 ==> _v2.bufsize_.1 <= _v1.bufsize_.1;
- requires _houdini_85 ==> _v1.ie_.1 <= _v2.ie_.1;
- requires _houdini_86 ==> _v2.ie_.1 <= _v1.ie_.1;
- requires _houdini_87 ==> _v1.ielen_.1 <= _v2.ielen_.1;
- requires _houdini_88 ==> _v2.ielen_.1 <= _v1.ielen_.1;
- requires _houdini_89 ==> _v1.leader_.1 <= _v2.leader_.1;
- requires _houdini_90 ==> _v2.leader_.1 <= _v1.leader_.1;
- requires _houdini_91 ==> _v1.leader_len_.1 <= _v2.leader_len_.1;
- requires _houdini_92 ==> _v2.leader_len_.1 <= _v1.leader_len_.1;
- requires _houdini_93 ==> _v1.OK ==> _v2.OK;
- requires _houdini_94 ==> _v2.OK ==> _v1.OK;
- requires _houdini_95 ==> _v1.Mem == _v2.Mem;
- requires _houdini_96 ==> _v1.alloc <= _v2.alloc;
- requires _houdini_97 ==> _v2.alloc <= _v1.alloc;
- requires _houdini_98 ==> _v1.Mem_T.A1CHAR == _v2.Mem_T.A1CHAR;
- requires _houdini_99 ==> _v1.Mem_T.A5UCHAR == _v2.Mem_T.A5UCHAR;
- requires _houdini_100 ==> _v1.Mem_T.A6UCHAR == _v2.Mem_T.A6UCHAR;
- requires _houdini_101 ==> _v1.Mem_T.CHAR == _v2.Mem_T.CHAR;
- requires _houdini_102 ==> _v1.Mem_T.INT4 == _v2.Mem_T.INT4;
- requires _houdini_103 ==> _v1.Mem_T.PCHAR == _v2.Mem_T.PCHAR;
- requires _houdini_104 ==> _v1.Mem_T.PUCHAR == _v2.Mem_T.PUCHAR;
- requires _houdini_105 ==> _v1.Mem_T.PVOID == _v2.Mem_T.PVOID;
- requires _houdini_106
- ==> _v1.Mem_T.Pieee80211_scan_entry == _v2.Mem_T.Pieee80211_scan_entry;
- requires _houdini_107 ==> _v1.Mem_T.UCHAR == _v2.Mem_T.UCHAR;
- requires _houdini_108 ==> _v1.Mem_T.VOID == _v2.Mem_T.VOID;
- requires _houdini_109
- ==> _v1.Mem_T.ieee80211_scan_entry == _v2.Mem_T.ieee80211_scan_entry;
- requires _houdini_110
- ==> _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry
- == _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry;
- requires _houdini_111 ==> _v1.detChoiceCnt <= _v2.detChoiceCnt;
- requires _houdini_112 ==> _v2.detChoiceCnt <= _v1.detChoiceCnt;
- requires _houdini_113 ==> _v1.Res_KERNEL_SOURCE == _v2.Res_KERNEL_SOURCE;
- requires _houdini_114 ==> _v1.Res_PROBED == _v2.Res_PROBED;
- modifies _v1.OK, _v1.Mem_T.UCHAR, _v2.OK, _v2.Mem_T.UCHAR;
- ensures MS$_v1.encode_ie$_v2.encode_ie(_v1.buf_.1,
- _v1.bufsize_.1,
- _v1.ie_.1,
- _v1.ielen_.1,
- _v1.leader_.1,
- _v1.leader_len_.1,
- old(_v1.OK),
- old(_v1.Mem),
- old(_v1.alloc),
- old(_v1.Mem_T.A1CHAR),
- old(_v1.Mem_T.A5UCHAR),
- old(_v1.Mem_T.A6UCHAR),
- old(_v1.Mem_T.CHAR),
- old(_v1.Mem_T.INT4),
- old(_v1.Mem_T.PCHAR),
- old(_v1.Mem_T.PUCHAR),
- old(_v1.Mem_T.PVOID),
- old(_v1.Mem_T.Pieee80211_scan_entry),
- old(_v1.Mem_T.UCHAR),
- old(_v1.Mem_T.VOID),
- old(_v1.Mem_T.ieee80211_scan_entry),
- old(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry),
- old(_v1.detChoiceCnt),
- old(_v1.Res_KERNEL_SOURCE),
- old(_v1.Res_PROBED),
- _v1.OK,
- _v1.Mem_T.UCHAR,
- _v1.result.encode_ie$1,
- _v2.buf_.1,
- _v2.bufsize_.1,
- _v2.ie_.1,
- _v2.ielen_.1,
- _v2.leader_.1,
- _v2.leader_len_.1,
- old(_v2.OK),
- old(_v2.Mem),
- old(_v2.alloc),
- old(_v2.Mem_T.A1CHAR),
- old(_v2.Mem_T.A5UCHAR),
- old(_v2.Mem_T.A6UCHAR),
- old(_v2.Mem_T.CHAR),
- old(_v2.Mem_T.INT4),
- old(_v2.Mem_T.PCHAR),
- old(_v2.Mem_T.PUCHAR),
- old(_v2.Mem_T.PVOID),
- old(_v2.Mem_T.Pieee80211_scan_entry),
- old(_v2.Mem_T.UCHAR),
- old(_v2.Mem_T.VOID),
- old(_v2.Mem_T.ieee80211_scan_entry),
- old(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry),
- old(_v2.detChoiceCnt),
- old(_v2.Res_KERNEL_SOURCE),
- old(_v2.Res_PROBED),
- _v2.OK,
- _v2.Mem_T.UCHAR,
- _v2.result.encode_ie$1);
- ensures _houdini_76 ==> _v1.result.encode_ie$1 <= _v2.result.encode_ie$1;
- ensures _houdini_77 ==> _v2.result.encode_ie$1 <= _v1.result.encode_ie$1;
- ensures _houdini_78 ==> _v1.OK ==> _v2.OK;
- ensures _houdini_79 ==> _v2.OK ==> _v1.OK;
- ensures _houdini_80 ==> _v1.Mem_T.UCHAR == _v2.Mem_T.UCHAR;
-
-
-
-implementation MS_Check__v1.encode_ie___v2.encode_ie(_v1.buf_.1: int,
- _v1.bufsize_.1: int,
- _v1.ie_.1: int,
- _v1.ielen_.1: int,
- _v1.leader_.1: int,
- _v1.leader_len_.1: int,
- _v2.buf_.1: int,
- _v2.bufsize_.1: int,
- _v2.ie_.1: int,
- _v2.ielen_.1: int,
- _v2.leader_.1: int,
- _v2.leader_len_.1: int)
- returns (_v1.result.encode_ie$1: int, _v2.result.encode_ie$1: int)
-{
- var inline$_v1.encode_ie$0$havoc_stringTemp: int;
- var inline$_v1.encode_ie$0$condVal: int;
- var inline$_v1.encode_ie$0$buf: int;
- var inline$_v1.encode_ie$0$bufsize: int;
- var inline$_v1.encode_ie$0$i: int;
- var inline$_v1.encode_ie$0$ie: int;
- var inline$_v1.encode_ie$0$ielen: int;
- var inline$_v1.encode_ie$0$leader: int;
- var inline$_v1.encode_ie$0$leader_len: int;
- var inline$_v1.encode_ie$0$p: int;
- var inline$_v1.encode_ie$0$result.memcpy$2: int;
- var inline$_v1.encode_ie$0$$result.question.3.$$static$: int;
- var inline$_v1.encode_ie$0$tempBoogie0: int;
- var inline$_v1.encode_ie$0$tempBoogie1: int;
- var inline$_v1.encode_ie$0$tempBoogie2: int;
- var inline$_v1.encode_ie$0$tempBoogie3: int;
- var inline$_v1.encode_ie$0$tempBoogie4: int;
- var inline$_v1.encode_ie$0$tempBoogie5: int;
- var inline$_v1.encode_ie$0$tempBoogie6: int;
- var inline$_v1.encode_ie$0$tempBoogie7: int;
- var inline$_v1.encode_ie$0$tempBoogie8: int;
- var inline$_v1.encode_ie$0$tempBoogie9: int;
- var inline$_v1.encode_ie$0$tempBoogie10: int;
- var inline$_v1.encode_ie$0$tempBoogie11: int;
- var inline$_v1.encode_ie$0$tempBoogie12: int;
- var inline$_v1.encode_ie$0$tempBoogie13: int;
- var inline$_v1.encode_ie$0$tempBoogie14: int;
- var inline$_v1.encode_ie$0$tempBoogie15: int;
- var inline$_v1.encode_ie$0$tempBoogie16: int;
- var inline$_v1.encode_ie$0$tempBoogie17: int;
- var inline$_v1.encode_ie$0$tempBoogie18: int;
- var inline$_v1.encode_ie$0$tempBoogie19: int;
- var inline$_v1.encode_ie$0$__havoc_dummy_return: int;
- var inline$_v1.encode_ie$0$buf_.1: int;
- var inline$_v1.encode_ie$0$bufsize_.1: int;
- var inline$_v1.encode_ie$0$ie_.1: int;
- var inline$_v1.encode_ie$0$ielen_.1: int;
- var inline$_v1.encode_ie$0$leader_.1: int;
- var inline$_v1.encode_ie$0$leader_len_.1: int;
- var inline$_v1.encode_ie$0$result.encode_ie$1: int;
- var inline$_v1.encode_ie$0$_v1.OK: bool;
- var inline$_v1.encode_ie$0$_v1.Mem_T.UCHAR: [int]int;
- var inline$_v2.encode_ie$0$havoc_stringTemp: int;
- var inline$_v2.encode_ie$0$condVal: int;
- var inline$_v2.encode_ie$0$buf: int;
- var inline$_v2.encode_ie$0$bufsize: int;
- var inline$_v2.encode_ie$0$i: int;
- var inline$_v2.encode_ie$0$ie: int;
- var inline$_v2.encode_ie$0$ielen: int;
- var inline$_v2.encode_ie$0$leader: int;
- var inline$_v2.encode_ie$0$leader_len: int;
- var inline$_v2.encode_ie$0$p: int;
- var inline$_v2.encode_ie$0$result.memcpy$2: int;
- var inline$_v2.encode_ie$0$$result.question.3.$$static$: int;
- var inline$_v2.encode_ie$0$tempBoogie0: int;
- var inline$_v2.encode_ie$0$tempBoogie1: int;
- var inline$_v2.encode_ie$0$tempBoogie2: int;
- var inline$_v2.encode_ie$0$tempBoogie3: int;
- var inline$_v2.encode_ie$0$tempBoogie4: int;
- var inline$_v2.encode_ie$0$tempBoogie5: int;
- var inline$_v2.encode_ie$0$tempBoogie6: int;
- var inline$_v2.encode_ie$0$tempBoogie7: int;
- var inline$_v2.encode_ie$0$tempBoogie8: int;
- var inline$_v2.encode_ie$0$tempBoogie9: int;
- var inline$_v2.encode_ie$0$tempBoogie10: int;
- var inline$_v2.encode_ie$0$tempBoogie11: int;
- var inline$_v2.encode_ie$0$tempBoogie12: int;
- var inline$_v2.encode_ie$0$tempBoogie13: int;
- var inline$_v2.encode_ie$0$tempBoogie14: int;
- var inline$_v2.encode_ie$0$tempBoogie15: int;
- var inline$_v2.encode_ie$0$tempBoogie16: int;
- var inline$_v2.encode_ie$0$tempBoogie17: int;
- var inline$_v2.encode_ie$0$tempBoogie18: int;
- var inline$_v2.encode_ie$0$tempBoogie19: int;
- var inline$_v2.encode_ie$0$__havoc_dummy_return: int;
- var inline$_v2.encode_ie$0$buf_.1: int;
- var inline$_v2.encode_ie$0$bufsize_.1: int;
- var inline$_v2.encode_ie$0$ie_.1: int;
- var inline$_v2.encode_ie$0$ielen_.1: int;
- var inline$_v2.encode_ie$0$leader_.1: int;
- var inline$_v2.encode_ie$0$leader_len_.1: int;
- var inline$_v2.encode_ie$0$result.encode_ie$1: int;
- var inline$_v2.encode_ie$0$_v2.OK: bool;
- var inline$_v2.encode_ie$0$_v2.Mem_T.UCHAR: [int]int;
- var _v1.memcpy_1_done: bool;
- var _v1.memcpy_in_1_0: int;
- var _v1.memcpy_in_1_1: int;
- var _v1.memcpy_in_1_2: int;
- var _v1.memcpy_in_1_3: bool;
- var _v1.memcpy_in_1_4: [int]int;
- var _v1.memcpy_out_1_0: int;
- var _v1.encode_ie_loop_label_14_head_2_done: bool;
- var _v1.encode_ie_loop_label_14_head_in_2_0: int;
- var _v1.encode_ie_loop_label_14_head_in_2_1: int;
- var _v1.encode_ie_loop_label_14_head_in_2_2: int;
- var _v1.encode_ie_loop_label_14_head_in_2_3: int;
- var _v1.encode_ie_loop_label_14_head_in_2_4: int;
- var _v1.encode_ie_loop_label_14_head_in_2_5: bool;
- var _v1.encode_ie_loop_label_14_head_in_2_6: [int]int;
- var _v1.encode_ie_loop_label_14_head_out_2_0: int;
- var _v1.encode_ie_loop_label_14_head_out_2_1: int;
- var _v1.encode_ie_loop_label_14_head_out_2_2: int;
- var _v1.encode_ie_loop_label_14_head_out_2_3: [int]int;
- var _v1.encode_ie_loop_label_14_head_out_2_4: bool;
- var _v2.memcpy_3_done: bool;
- var _v2.memcpy_in_3_0: int;
- var _v2.memcpy_in_3_1: int;
- var _v2.memcpy_in_3_2: int;
- var _v2.memcpy_in_3_3: bool;
- var _v2.memcpy_in_3_4: [int]int;
- var _v2.memcpy_out_3_0: int;
- var _v2.encode_ie_loop_label_14_head_4_done: bool;
- var _v2.encode_ie_loop_label_14_head_in_4_0: int;
- var _v2.encode_ie_loop_label_14_head_in_4_1: int;
- var _v2.encode_ie_loop_label_14_head_in_4_2: int;
- var _v2.encode_ie_loop_label_14_head_in_4_3: int;
- var _v2.encode_ie_loop_label_14_head_in_4_4: int;
- var _v2.encode_ie_loop_label_14_head_in_4_5: bool;
- var _v2.encode_ie_loop_label_14_head_in_4_6: [int]int;
- var _v2.encode_ie_loop_label_14_head_out_4_0: int;
- var _v2.encode_ie_loop_label_14_head_out_4_1: int;
- var _v2.encode_ie_loop_label_14_head_out_4_2: int;
- var _v2.encode_ie_loop_label_14_head_out_4_3: int;
- var _v2.encode_ie_loop_label_14_head_out_4_4: [int]int;
- var _v2.encode_ie_loop_label_14_head_out_4_5: bool;
- var store__0__v1.OK: bool;
- var store__0__v1.Mem_T.UCHAR: [int]int;
- var store__0__v2.OK: bool;
- var store__0__v2.Mem_T.UCHAR: [int]int;
- var out__v1.memcpy_out_1_0_0: int;
- var out__v2.memcpy_out_3_0_0: int;
- var store__1__v1.OK: bool;
- var store__1__v1.Mem_T.UCHAR: [int]int;
- var store__1__v2.OK: bool;
- var store__1__v2.Mem_T.UCHAR: [int]int;
- var out__v1.encode_ie_loop_label_14_head_out_2_0_1: int;
- var out__v1.encode_ie_loop_label_14_head_out_2_1_1: int;
- var out__v1.encode_ie_loop_label_14_head_out_2_2_1: int;
- var out__v2.encode_ie_loop_label_14_head_out_4_0_1: int;
- var out__v2.encode_ie_loop_label_14_head_out_4_1_1: int;
- var out__v2.encode_ie_loop_label_14_head_out_4_2_1: int;
- var out__v2.encode_ie_loop_label_14_head_out_4_3_1: int;
-
- START:
- _v1.memcpy_1_done, _v1.encode_ie_loop_label_14_head_2_done, _v2.memcpy_3_done, _v2.encode_ie_loop_label_14_head_4_done := false, false, false, false;
- goto inline$_v1.encode_ie$0$Entry;
-
- inline$_v1.encode_ie$0$Entry:
- inline$_v1.encode_ie$0$buf_.1 := _v1.buf_.1;
- inline$_v1.encode_ie$0$bufsize_.1 := _v1.bufsize_.1;
- inline$_v1.encode_ie$0$ie_.1 := _v1.ie_.1;
- inline$_v1.encode_ie$0$ielen_.1 := _v1.ielen_.1;
- inline$_v1.encode_ie$0$leader_.1 := _v1.leader_.1;
- inline$_v1.encode_ie$0$leader_len_.1 := _v1.leader_len_.1;
- havoc inline$_v1.encode_ie$0$havoc_stringTemp, inline$_v1.encode_ie$0$condVal, inline$_v1.encode_ie$0$buf, inline$_v1.encode_ie$0$bufsize, inline$_v1.encode_ie$0$i, inline$_v1.encode_ie$0$ie, inline$_v1.encode_ie$0$ielen, inline$_v1.encode_ie$0$leader, inline$_v1.encode_ie$0$leader_len, inline$_v1.encode_ie$0$p, inline$_v1.encode_ie$0$result.memcpy$2, inline$_v1.encode_ie$0$$result.question.3.$$static$, inline$_v1.encode_ie$0$tempBoogie0, inline$_v1.encode_ie$0$tempBoogie1, inline$_v1.encode_ie$0$tempBoogie2, inline$_v1.encode_ie$0$tempBoogie3, inline$_v1.encode_ie$0$tempBoogie4, inline$_v1.encode_ie$0$tempBoogie5, inline$_v1.encode_ie$0$tempBoogie6, inline$_v1.encode_ie$0$tempBoogie7, inline$_v1.encode_ie$0$tempBoogie8, inline$_v1.encode_ie$0$tempBoogie9, inline$_v1.encode_ie$0$tempBoogie10, inline$_v1.encode_ie$0$tempBoogie11, inline$_v1.encode_ie$0$tempBoogie12, inline$_v1.encode_ie$0$tempBoogie13, inline$_v1.encode_ie$0$tempBoogie14, inline$_v1.encode_ie$0$tempBoogie15, inline$_v1.encode_ie$0$tempBoogie16, inline$_v1.encode_ie$0$tempBoogie17, inline$_v1.encode_ie$0$tempBoogie18, inline$_v1.encode_ie$0$tempBoogie19, inline$_v1.encode_ie$0$__havoc_dummy_return, inline$_v1.encode_ie$0$result.encode_ie$1;
- inline$_v1.encode_ie$0$_v1.OK := _v1.OK;
- inline$_v1.encode_ie$0$_v1.Mem_T.UCHAR := _v1.Mem_T.UCHAR;
- goto inline$_v1.encode_ie$0$anon0#2;
-
- inline$_v1.encode_ie$0$anon0#2:
- inline$_v1.encode_ie$0$havoc_stringTemp := 0;
- goto inline$_v1.encode_ie$0$start#2;
-
- inline$_v1.encode_ie$0$start#2:
- assume _v2.INT_LT(inline$_v1.encode_ie$0$buf_.1, _v1.alloc);
- assume _v2.INT_LT(inline$_v1.encode_ie$0$ie_.1, _v1.alloc);
- assume _v2.INT_LT(inline$_v1.encode_ie$0$leader_.1, _v1.alloc);
- inline$_v1.encode_ie$0$buf := 0;
- assume _v2.INT_GEQ(inline$_v1.encode_ie$0$buf_.1, 0);
- inline$_v1.encode_ie$0$bufsize := 0;
- inline$_v1.encode_ie$0$i := 0;
- inline$_v1.encode_ie$0$ie := 0;
- assume _v2.INT_GEQ(inline$_v1.encode_ie$0$ie_.1, 0);
- inline$_v1.encode_ie$0$ielen := 0;
- inline$_v1.encode_ie$0$leader := 0;
- assume _v2.INT_GEQ(inline$_v1.encode_ie$0$leader_.1, 0);
- inline$_v1.encode_ie$0$leader_len := 0;
- inline$_v1.encode_ie$0$p := 0;
- inline$_v1.encode_ie$0$result.encode_ie$1 := 0;
- inline$_v1.encode_ie$0$result.memcpy$2 := 0;
- inline$_v1.encode_ie$0$$result.question.3.$$static$ := 0;
- inline$_v1.encode_ie$0$buf := inline$_v1.encode_ie$0$buf_.1;
- inline$_v1.encode_ie$0$bufsize := inline$_v1.encode_ie$0$bufsize_.1;
- inline$_v1.encode_ie$0$ie := inline$_v1.encode_ie$0$ie_.1;
- inline$_v1.encode_ie$0$ielen := inline$_v1.encode_ie$0$ielen_.1;
- inline$_v1.encode_ie$0$leader := inline$_v1.encode_ie$0$leader_.1;
- inline$_v1.encode_ie$0$leader_len := inline$_v1.encode_ie$0$leader_len_.1;
- goto inline$_v1.encode_ie$0$label_3#2;
-
- inline$_v1.encode_ie$0$label_3#2:
- _v1.OK := _v1.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 9} true;
- goto inline$_v1.encode_ie$0$label_4#2;
-
- inline$_v1.encode_ie$0$label_4#2:
- _v1.OK := _v1.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 10} true;
- goto inline$_v1.encode_ie$0$label_5#2;
-
- inline$_v1.encode_ie$0$label_5#2:
- _v1.OK := _v1.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 13} true;
- goto inline$_v1.encode_ie$0$label_5_true#2, inline$_v1.encode_ie$0$label_5_false#2;
-
- inline$_v1.encode_ie$0$label_5_false#2:
- assume !_v2.INT_LT(inline$_v1.encode_ie$0$bufsize, inline$_v1.encode_ie$0$leader_len);
- assume _v2.value_is(_v1.__ctobpl_const_1, inline$_v1.encode_ie$0$bufsize);
- assume _v2.value_is(_v1.__ctobpl_const_2, inline$_v1.encode_ie$0$leader_len);
- goto inline$_v1.encode_ie$0$label_6#2;
-
- inline$_v1.encode_ie$0$label_6#2:
- _v1.OK := _v1.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 15} true;
- inline$_v1.encode_ie$0$p := inline$_v1.encode_ie$0$buf;
- assume _v2.value_is(_v1.__ctobpl_const_3, inline$_v1.encode_ie$0$p);
- assume _v2.value_is(_v1.__ctobpl_const_4, inline$_v1.encode_ie$0$buf);
- goto inline$_v1.encode_ie$0$label_8#2;
-
- inline$_v1.encode_ie$0$label_8#2:
- _v1.OK := _v1.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 16} true;
- _v1.memcpy_in_1_0, _v1.memcpy_in_1_1, _v1.memcpy_in_1_2, _v1.memcpy_in_1_3, _v1.memcpy_in_1_4 := inline$_v1.encode_ie$0$p, inline$_v1.encode_ie$0$leader, inline$_v1.encode_ie$0$leader_len, _v1.OK, _v1.Mem_T.UCHAR;
- call inline$_v1.encode_ie$0$result.memcpy$2 := _v1.memcpy(inline$_v1.encode_ie$0$p, inline$_v1.encode_ie$0$leader, inline$_v1.encode_ie$0$leader_len);
- _v1.memcpy_1_done := true;
- _v1.memcpy_out_1_0 := inline$_v1.encode_ie$0$result.memcpy$2;
- assume _v2.value_is(_v1.__ctobpl_const_5, inline$_v1.encode_ie$0$p);
- assume _v2.value_is(_v1.__ctobpl_const_6, inline$_v1.encode_ie$0$leader);
- assume _v2.value_is(_v1.__ctobpl_const_7, inline$_v1.encode_ie$0$leader_len);
- assume _v2.value_is(_v1.__ctobpl_const_8, inline$_v1.encode_ie$0$p);
- assume _v2.value_is(_v1.__ctobpl_const_9, inline$_v1.encode_ie$0$leader);
- assume _v2.value_is(_v1.__ctobpl_const_10, inline$_v1.encode_ie$0$leader_len);
- goto inline$_v1.encode_ie$0$label_11#2;
-
- inline$_v1.encode_ie$0$label_11#2:
- _v1.OK := _v1.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 17} true;
- havoc inline$_v1.encode_ie$0$tempBoogie0;
- assume _v2.INT_MINUS_BOTH_PTR_OR_BOTH_INT(inline$_v1.encode_ie$0$bufsize, inline$_v1.encode_ie$0$leader_len, 1, inline$_v1.encode_ie$0$tempBoogie0);
- inline$_v1.encode_ie$0$bufsize := inline$_v1.encode_ie$0$tempBoogie0;
- assume _v2.value_is(_v1.__ctobpl_const_11, inline$_v1.encode_ie$0$bufsize);
- assume _v2.value_is(_v1.__ctobpl_const_12, inline$_v1.encode_ie$0$leader_len);
- goto inline$_v1.encode_ie$0$label_12#2;
-
- inline$_v1.encode_ie$0$label_12#2:
- _v1.OK := _v1.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 18} true;
- inline$_v1.encode_ie$0$tempBoogie0 := _v2.INT_PLUS(inline$_v1.encode_ie$0$p, 1, inline$_v1.encode_ie$0$leader_len);
- inline$_v1.encode_ie$0$p := inline$_v1.encode_ie$0$tempBoogie0;
- assume _v2.value_is(_v1.__ctobpl_const_13, inline$_v1.encode_ie$0$p);
- assume _v2.value_is(_v1.__ctobpl_const_14, inline$_v1.encode_ie$0$leader_len);
- goto inline$_v1.encode_ie$0$label_13#2;
-
- inline$_v1.encode_ie$0$label_13#2:
- _v1.OK := _v1.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 20} true;
- inline$_v1.encode_ie$0$i := 0;
- assume _v2.value_is(_v1.__ctobpl_const_15, inline$_v1.encode_ie$0$i);
- goto inline$_v1.encode_ie$0$label_14#2;
-
- inline$_v1.encode_ie$0$label_14#2:
- _v1.OK := _v1.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 20} true;
- goto inline$_v1.encode_ie$0$label_14_head#2;
-
- inline$_v1.encode_ie$0$label_14_head#2:
- _v1.encode_ie_loop_label_14_head_in_2_0, _v1.encode_ie_loop_label_14_head_in_2_1, _v1.encode_ie_loop_label_14_head_in_2_2, _v1.encode_ie_loop_label_14_head_in_2_3, _v1.encode_ie_loop_label_14_head_in_2_4, _v1.encode_ie_loop_label_14_head_in_2_5, _v1.encode_ie_loop_label_14_head_in_2_6 := inline$_v1.encode_ie$0$bufsize, inline$_v1.encode_ie$0$i, inline$_v1.encode_ie$0$ielen, inline$_v1.encode_ie$0$p, inline$_v1.encode_ie$0$tempBoogie0, _v1.OK, _v1.Mem_T.UCHAR;
- call inline$_v1.encode_ie$0$i, inline$_v1.encode_ie$0$p, inline$_v1.encode_ie$0$tempBoogie0 := _v1.encode_ie_loop_label_14_head(inline$_v1.encode_ie$0$bufsize, inline$_v1.encode_ie$0$i, inline$_v1.encode_ie$0$ielen, inline$_v1.encode_ie$0$p, inline$_v1.encode_ie$0$tempBoogie0);
- _v1.encode_ie_loop_label_14_head_2_done := true;
- _v1.encode_ie_loop_label_14_head_out_2_0, _v1.encode_ie_loop_label_14_head_out_2_1, _v1.encode_ie_loop_label_14_head_out_2_2, _v1.encode_ie_loop_label_14_head_out_2_3, _v1.encode_ie_loop_label_14_head_out_2_4 := inline$_v1.encode_ie$0$i, inline$_v1.encode_ie$0$p, inline$_v1.encode_ie$0$tempBoogie0, _v1.Mem_T.UCHAR, _v1.OK;
- goto inline$_v1.encode_ie$0$label_14_head_last#2;
-
- inline$_v1.encode_ie$0$label_14_head_last#2:
- goto inline$_v1.encode_ie$0$label_14_true#2, inline$_v1.encode_ie$0$label_14_false#2;
-
- inline$_v1.encode_ie$0$label_14_false#2:
- assume !_v2.INT_LT(inline$_v1.encode_ie$0$i, inline$_v1.encode_ie$0$ielen);
- assume _v2.value_is(_v1.__ctobpl_const_16, inline$_v1.encode_ie$0$i);
- assume _v2.value_is(_v1.__ctobpl_const_17, inline$_v1.encode_ie$0$ielen);
- goto inline$_v1.encode_ie$0$label_15#2;
-
- inline$_v1.encode_ie$0$label_14_true#2:
- assume _v2.INT_LT(inline$_v1.encode_ie$0$i, inline$_v1.encode_ie$0$ielen);
- assume _v2.value_is(_v1.__ctobpl_const_16, inline$_v1.encode_ie$0$i);
- assume _v2.value_is(_v1.__ctobpl_const_17, inline$_v1.encode_ie$0$ielen);
- goto inline$_v1.encode_ie$0$label_16#2;
-
- inline$_v1.encode_ie$0$label_16#2:
- _v1.OK := _v1.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 20} true;
- goto inline$_v1.encode_ie$0$label_16_true#2, inline$_v1.encode_ie$0$label_16_false#2;
-
- inline$_v1.encode_ie$0$label_16_false#2:
- assume !_v2.INT_LT(2, inline$_v1.encode_ie$0$bufsize);
- assume _v2.value_is(_v1.__ctobpl_const_20, inline$_v1.encode_ie$0$bufsize);
- goto inline$_v1.encode_ie$0$label_15#2;
-
- inline$_v1.encode_ie$0$label_15#2:
- _v1.OK := _v1.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 38} true;
- goto inline$_v1.encode_ie$0$label_15_true#2, inline$_v1.encode_ie$0$label_15_false#2;
-
- inline$_v1.encode_ie$0$label_15_false#2:
- assume !_v2.INT_EQ(inline$_v1.encode_ie$0$i, inline$_v1.encode_ie$0$ielen);
- assume _v2.value_is(_v1.__ctobpl_const_18, inline$_v1.encode_ie$0$i);
- assume _v2.value_is(_v1.__ctobpl_const_19, inline$_v1.encode_ie$0$ielen);
- goto inline$_v1.encode_ie$0$label_21#2;
-
- inline$_v1.encode_ie$0$label_21#2:
- _v1.OK := _v1.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 38} true;
- inline$_v1.encode_ie$0$$result.question.3.$$static$ := 0;
- assume _v2.value_is(_v1.__ctobpl_const_27, inline$_v1.encode_ie$0$$result.question.3.$$static$);
- goto inline$_v1.encode_ie$0$label_23#2;
-
- inline$_v1.encode_ie$0$label_15_true#2:
- assume _v2.INT_EQ(inline$_v1.encode_ie$0$i, inline$_v1.encode_ie$0$ielen);
- assume _v2.value_is(_v1.__ctobpl_const_18, inline$_v1.encode_ie$0$i);
- assume _v2.value_is(_v1.__ctobpl_const_19, inline$_v1.encode_ie$0$ielen);
- goto inline$_v1.encode_ie$0$label_22#2;
-
- inline$_v1.encode_ie$0$label_22#2:
- _v1.OK := _v1.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 38} true;
- havoc inline$_v1.encode_ie$0$$result.question.3.$$static$;
- assume _v2.INT_MINUS_BOTH_PTR_OR_BOTH_INT(inline$_v1.encode_ie$0$p, inline$_v1.encode_ie$0$buf, 1, inline$_v1.encode_ie$0$$result.question.3.$$static$);
- assume _v2.value_is(_v1.__ctobpl_const_28, inline$_v1.encode_ie$0$$result.question.3.$$static$);
- assume _v2.value_is(_v1.__ctobpl_const_29, inline$_v1.encode_ie$0$p);
- assume _v2.value_is(_v1.__ctobpl_const_30, inline$_v1.encode_ie$0$buf);
- goto inline$_v1.encode_ie$0$label_23#2;
-
- inline$_v1.encode_ie$0$label_23#2:
- _v1.OK := _v1.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 38} true;
- inline$_v1.encode_ie$0$result.encode_ie$1 := inline$_v1.encode_ie$0$$result.question.3.$$static$;
- assume _v2.value_is(_v1.__ctobpl_const_31, inline$_v1.encode_ie$0$$result.question.3.$$static$);
- goto inline$_v1.encode_ie$0$label_1#2;
-
- inline$_v1.encode_ie$0$label_16_true#2:
- assume _v2.INT_LT(2, inline$_v1.encode_ie$0$bufsize);
- assume _v2.value_is(_v1.__ctobpl_const_20, inline$_v1.encode_ie$0$bufsize);
- goto inline$_v1.encode_ie$0$label_17#2;
-
- inline$_v1.encode_ie$0$label_17#2:
- _v1.OK := _v1.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 30} true;
- assume _v2.INT_GEQ(inline$_v1.encode_ie$0$p, 0);
- _v1.OK := _v1.OK && _v2.Res_VALID_REGION(inline$_v1.encode_ie$0$p) == 1;
- assert true;
- _v1.Mem_T.UCHAR := _v1.Mem_T.UCHAR[inline$_v1.encode_ie$0$p := 120];
- assume _v2.value_is(_v1.__ctobpl_const_21, inline$_v1.encode_ie$0$p);
- assume _v2.value_is(_v1.__ctobpl_const_22, _v1.Mem_T.UCHAR[inline$_v1.encode_ie$0$p]);
- goto inline$_v1.encode_ie$0$label_18#2;
-
- inline$_v1.encode_ie$0$label_18#2:
- _v1.OK := _v1.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 32} true;
- assume _v2.INT_GEQ(_v2.INT_PLUS(inline$_v1.encode_ie$0$p, 1, 1), 0);
- _v1.OK := _v1.OK
- && _v2.Res_VALID_REGION(_v2.INT_PLUS(inline$_v1.encode_ie$0$p, 1, 1)) == 1;
- assert true;
- _v1.Mem_T.UCHAR := _v1.Mem_T.UCHAR[_v2.INT_PLUS(inline$_v1.encode_ie$0$p, 1, 1) := 120];
- assume _v2.value_is(_v1.__ctobpl_const_23, inline$_v1.encode_ie$0$p);
- assume _v2.value_is(_v1.__ctobpl_const_24,
- _v1.Mem_T.UCHAR[_v2.INT_PLUS(inline$_v1.encode_ie$0$p, 1, 1)]);
- goto inline$_v1.encode_ie$0$label_19#2;
-
- inline$_v1.encode_ie$0$label_19#2:
- _v1.OK := _v1.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 33} true;
- inline$_v1.encode_ie$0$tempBoogie0 := _v2.INT_PLUS(inline$_v1.encode_ie$0$p, 1, 2);
- inline$_v1.encode_ie$0$p := inline$_v1.encode_ie$0$tempBoogie0;
- assume _v2.value_is(_v1.__ctobpl_const_25, inline$_v1.encode_ie$0$p);
- goto inline$_v1.encode_ie$0$label_20#2;
-
- inline$_v1.encode_ie$0$label_20#2:
- _v1.OK := _v1.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 20} true;
- assume _v2.value_is(_v1.__ctobpl_const_26, inline$_v1.encode_ie$0$i);
- inline$_v1.encode_ie$0$i := _v2.INT_PLUS(inline$_v1.encode_ie$0$i, 1, 1);
- goto inline$_v1.encode_ie$0$label_20_dummy#2;
-
- inline$_v1.encode_ie$0$label_20_dummy#2:
- assume false;
- goto inline$_v1.encode_ie$0$Return;
-
- inline$_v1.encode_ie$0$label_5_true#2:
- assume _v2.INT_LT(inline$_v1.encode_ie$0$bufsize, inline$_v1.encode_ie$0$leader_len);
- assume _v2.value_is(_v1.__ctobpl_const_1, inline$_v1.encode_ie$0$bufsize);
- assume _v2.value_is(_v1.__ctobpl_const_2, inline$_v1.encode_ie$0$leader_len);
- goto inline$_v1.encode_ie$0$label_7#2;
-
- inline$_v1.encode_ie$0$label_7#2:
- _v1.OK := _v1.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 14} true;
- inline$_v1.encode_ie$0$result.encode_ie$1 := 0;
- goto inline$_v1.encode_ie$0$label_1#2;
-
- inline$_v1.encode_ie$0$label_1#2:
- _v1.OK := _v1.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 39} true;
- goto inline$_v1.encode_ie$0$Return;
-
- inline$_v1.encode_ie$0$Return:
- assume true;
- _v1.result.encode_ie$1 := inline$_v1.encode_ie$0$result.encode_ie$1;
- goto START$1;
-
- START$1:
- goto inline$_v2.encode_ie$0$Entry;
-
- inline$_v2.encode_ie$0$Entry:
- inline$_v2.encode_ie$0$buf_.1 := _v2.buf_.1;
- inline$_v2.encode_ie$0$bufsize_.1 := _v2.bufsize_.1;
- inline$_v2.encode_ie$0$ie_.1 := _v2.ie_.1;
- inline$_v2.encode_ie$0$ielen_.1 := _v2.ielen_.1;
- inline$_v2.encode_ie$0$leader_.1 := _v2.leader_.1;
- inline$_v2.encode_ie$0$leader_len_.1 := _v2.leader_len_.1;
- havoc inline$_v2.encode_ie$0$havoc_stringTemp, inline$_v2.encode_ie$0$condVal, inline$_v2.encode_ie$0$buf, inline$_v2.encode_ie$0$bufsize, inline$_v2.encode_ie$0$i, inline$_v2.encode_ie$0$ie, inline$_v2.encode_ie$0$ielen, inline$_v2.encode_ie$0$leader, inline$_v2.encode_ie$0$leader_len, inline$_v2.encode_ie$0$p, inline$_v2.encode_ie$0$result.memcpy$2, inline$_v2.encode_ie$0$$result.question.3.$$static$, inline$_v2.encode_ie$0$tempBoogie0, inline$_v2.encode_ie$0$tempBoogie1, inline$_v2.encode_ie$0$tempBoogie2, inline$_v2.encode_ie$0$tempBoogie3, inline$_v2.encode_ie$0$tempBoogie4, inline$_v2.encode_ie$0$tempBoogie5, inline$_v2.encode_ie$0$tempBoogie6, inline$_v2.encode_ie$0$tempBoogie7, inline$_v2.encode_ie$0$tempBoogie8, inline$_v2.encode_ie$0$tempBoogie9, inline$_v2.encode_ie$0$tempBoogie10, inline$_v2.encode_ie$0$tempBoogie11, inline$_v2.encode_ie$0$tempBoogie12, inline$_v2.encode_ie$0$tempBoogie13, inline$_v2.encode_ie$0$tempBoogie14, inline$_v2.encode_ie$0$tempBoogie15, inline$_v2.encode_ie$0$tempBoogie16, inline$_v2.encode_ie$0$tempBoogie17, inline$_v2.encode_ie$0$tempBoogie18, inline$_v2.encode_ie$0$tempBoogie19, inline$_v2.encode_ie$0$__havoc_dummy_return, inline$_v2.encode_ie$0$result.encode_ie$1;
- inline$_v2.encode_ie$0$_v2.OK := _v2.OK;
- inline$_v2.encode_ie$0$_v2.Mem_T.UCHAR := _v2.Mem_T.UCHAR;
- goto inline$_v2.encode_ie$0$anon0#2;
-
- inline$_v2.encode_ie$0$anon0#2:
- inline$_v2.encode_ie$0$havoc_stringTemp := 0;
- goto inline$_v2.encode_ie$0$start#2;
-
- inline$_v2.encode_ie$0$start#2:
- assume _v2.INT_LT(inline$_v2.encode_ie$0$buf_.1, _v2.alloc);
- assume _v2.INT_LT(inline$_v2.encode_ie$0$ie_.1, _v2.alloc);
- assume _v2.INT_LT(inline$_v2.encode_ie$0$leader_.1, _v2.alloc);
- inline$_v2.encode_ie$0$buf := 0;
- assume _v2.INT_GEQ(inline$_v2.encode_ie$0$buf_.1, 0);
- inline$_v2.encode_ie$0$bufsize := 0;
- inline$_v2.encode_ie$0$i := 0;
- inline$_v2.encode_ie$0$ie := 0;
- assume _v2.INT_GEQ(inline$_v2.encode_ie$0$ie_.1, 0);
- inline$_v2.encode_ie$0$ielen := 0;
- inline$_v2.encode_ie$0$leader := 0;
- assume _v2.INT_GEQ(inline$_v2.encode_ie$0$leader_.1, 0);
- inline$_v2.encode_ie$0$leader_len := 0;
- inline$_v2.encode_ie$0$p := 0;
- inline$_v2.encode_ie$0$result.encode_ie$1 := 0;
- inline$_v2.encode_ie$0$result.memcpy$2 := 0;
- inline$_v2.encode_ie$0$$result.question.3.$$static$ := 0;
- inline$_v2.encode_ie$0$buf := inline$_v2.encode_ie$0$buf_.1;
- inline$_v2.encode_ie$0$bufsize := inline$_v2.encode_ie$0$bufsize_.1;
- inline$_v2.encode_ie$0$ie := inline$_v2.encode_ie$0$ie_.1;
- inline$_v2.encode_ie$0$ielen := inline$_v2.encode_ie$0$ielen_.1;
- inline$_v2.encode_ie$0$leader := inline$_v2.encode_ie$0$leader_.1;
- inline$_v2.encode_ie$0$leader_len := inline$_v2.encode_ie$0$leader_len_.1;
- goto inline$_v2.encode_ie$0$label_3#2;
-
- inline$_v2.encode_ie$0$label_3#2:
- _v2.OK := _v2.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 9} true;
- goto inline$_v2.encode_ie$0$label_4#2;
-
- inline$_v2.encode_ie$0$label_4#2:
- _v2.OK := _v2.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 10} true;
- goto inline$_v2.encode_ie$0$label_5#2;
-
- inline$_v2.encode_ie$0$label_5#2:
- _v2.OK := _v2.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 13} true;
- goto inline$_v2.encode_ie$0$label_5_true#2, inline$_v2.encode_ie$0$label_5_false#2;
-
- inline$_v2.encode_ie$0$label_5_false#2:
- assume !_v2.INT_LT(inline$_v2.encode_ie$0$bufsize, inline$_v2.encode_ie$0$leader_len);
- assume _v2.value_is(_v2.__ctobpl_const_1, inline$_v2.encode_ie$0$bufsize);
- assume _v2.value_is(_v2.__ctobpl_const_2, inline$_v2.encode_ie$0$leader_len);
- goto inline$_v2.encode_ie$0$label_6#2;
-
- inline$_v2.encode_ie$0$label_6#2:
- _v2.OK := _v2.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 15} true;
- inline$_v2.encode_ie$0$p := inline$_v2.encode_ie$0$buf;
- assume _v2.value_is(_v2.__ctobpl_const_3, inline$_v2.encode_ie$0$p);
- assume _v2.value_is(_v2.__ctobpl_const_4, inline$_v2.encode_ie$0$buf);
- goto inline$_v2.encode_ie$0$label_8#2;
-
- inline$_v2.encode_ie$0$label_8#2:
- _v2.OK := _v2.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 16} true;
- _v2.memcpy_in_3_0, _v2.memcpy_in_3_1, _v2.memcpy_in_3_2, _v2.memcpy_in_3_3, _v2.memcpy_in_3_4 := inline$_v2.encode_ie$0$p, inline$_v2.encode_ie$0$leader, inline$_v2.encode_ie$0$leader_len, _v2.OK, _v2.Mem_T.UCHAR;
- call inline$_v2.encode_ie$0$result.memcpy$2 := _v2.memcpy(inline$_v2.encode_ie$0$p, inline$_v2.encode_ie$0$leader, inline$_v2.encode_ie$0$leader_len);
- _v2.memcpy_3_done := true;
- _v2.memcpy_out_3_0 := inline$_v2.encode_ie$0$result.memcpy$2;
- assume _v2.value_is(_v2.__ctobpl_const_5, inline$_v2.encode_ie$0$p);
- assume _v2.value_is(_v2.__ctobpl_const_6, inline$_v2.encode_ie$0$leader);
- assume _v2.value_is(_v2.__ctobpl_const_7, inline$_v2.encode_ie$0$leader_len);
- assume _v2.value_is(_v2.__ctobpl_const_8, inline$_v2.encode_ie$0$p);
- assume _v2.value_is(_v2.__ctobpl_const_9, inline$_v2.encode_ie$0$leader);
- assume _v2.value_is(_v2.__ctobpl_const_10, inline$_v2.encode_ie$0$leader_len);
- goto inline$_v2.encode_ie$0$label_11#2;
-
- inline$_v2.encode_ie$0$label_11#2:
- _v2.OK := _v2.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 17} true;
- havoc inline$_v2.encode_ie$0$tempBoogie0;
- assume _v2.INT_MINUS_BOTH_PTR_OR_BOTH_INT(inline$_v2.encode_ie$0$bufsize, inline$_v2.encode_ie$0$leader_len, 1, inline$_v2.encode_ie$0$tempBoogie0);
- inline$_v2.encode_ie$0$bufsize := inline$_v2.encode_ie$0$tempBoogie0;
- assume _v2.value_is(_v2.__ctobpl_const_11, inline$_v2.encode_ie$0$bufsize);
- assume _v2.value_is(_v2.__ctobpl_const_12, inline$_v2.encode_ie$0$leader_len);
- goto inline$_v2.encode_ie$0$label_12#2;
-
- inline$_v2.encode_ie$0$label_12#2:
- _v2.OK := _v2.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 18} true;
- inline$_v2.encode_ie$0$tempBoogie0 := _v2.INT_PLUS(inline$_v2.encode_ie$0$p, 1, inline$_v2.encode_ie$0$leader_len);
- inline$_v2.encode_ie$0$p := inline$_v2.encode_ie$0$tempBoogie0;
- assume _v2.value_is(_v2.__ctobpl_const_13, inline$_v2.encode_ie$0$p);
- assume _v2.value_is(_v2.__ctobpl_const_14, inline$_v2.encode_ie$0$leader_len);
- goto inline$_v2.encode_ie$0$label_13#2;
-
- inline$_v2.encode_ie$0$label_13#2:
- _v2.OK := _v2.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 20} true;
- inline$_v2.encode_ie$0$i := 0;
- assume _v2.value_is(_v2.__ctobpl_const_15, inline$_v2.encode_ie$0$i);
- goto inline$_v2.encode_ie$0$label_14#2;
-
- inline$_v2.encode_ie$0$label_14#2:
- _v2.OK := _v2.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 20} true;
- goto inline$_v2.encode_ie$0$label_14_head#2;
-
- inline$_v2.encode_ie$0$label_14_head#2:
- _v2.encode_ie_loop_label_14_head_in_4_0, _v2.encode_ie_loop_label_14_head_in_4_1, _v2.encode_ie_loop_label_14_head_in_4_2, _v2.encode_ie_loop_label_14_head_in_4_3, _v2.encode_ie_loop_label_14_head_in_4_4, _v2.encode_ie_loop_label_14_head_in_4_5, _v2.encode_ie_loop_label_14_head_in_4_6 := inline$_v2.encode_ie$0$bufsize, inline$_v2.encode_ie$0$i, inline$_v2.encode_ie$0$ielen, inline$_v2.encode_ie$0$p, inline$_v2.encode_ie$0$tempBoogie0, _v2.OK, _v2.Mem_T.UCHAR;
- call inline$_v2.encode_ie$0$bufsize, inline$_v2.encode_ie$0$i, inline$_v2.encode_ie$0$p, inline$_v2.encode_ie$0$tempBoogie0 := _v2.encode_ie_loop_label_14_head(inline$_v2.encode_ie$0$bufsize, inline$_v2.encode_ie$0$i, inline$_v2.encode_ie$0$ielen, inline$_v2.encode_ie$0$p, inline$_v2.encode_ie$0$tempBoogie0);
- _v2.encode_ie_loop_label_14_head_4_done := true;
- _v2.encode_ie_loop_label_14_head_out_4_0, _v2.encode_ie_loop_label_14_head_out_4_1, _v2.encode_ie_loop_label_14_head_out_4_2, _v2.encode_ie_loop_label_14_head_out_4_3, _v2.encode_ie_loop_label_14_head_out_4_4, _v2.encode_ie_loop_label_14_head_out_4_5 := inline$_v2.encode_ie$0$bufsize, inline$_v2.encode_ie$0$i, inline$_v2.encode_ie$0$p, inline$_v2.encode_ie$0$tempBoogie0, _v2.Mem_T.UCHAR, _v2.OK;
- goto inline$_v2.encode_ie$0$label_14_head_last#2;
-
- inline$_v2.encode_ie$0$label_14_head_last#2:
- goto inline$_v2.encode_ie$0$label_14_true#2, inline$_v2.encode_ie$0$label_14_false#2;
-
- inline$_v2.encode_ie$0$label_14_false#2:
- assume !_v2.INT_LT(inline$_v2.encode_ie$0$i, inline$_v2.encode_ie$0$ielen);
- assume _v2.value_is(_v2.__ctobpl_const_16, inline$_v2.encode_ie$0$i);
- assume _v2.value_is(_v2.__ctobpl_const_17, inline$_v2.encode_ie$0$ielen);
- goto inline$_v2.encode_ie$0$label_15#2;
-
- inline$_v2.encode_ie$0$label_14_true#2:
- assume _v2.INT_LT(inline$_v2.encode_ie$0$i, inline$_v2.encode_ie$0$ielen);
- assume _v2.value_is(_v2.__ctobpl_const_16, inline$_v2.encode_ie$0$i);
- assume _v2.value_is(_v2.__ctobpl_const_17, inline$_v2.encode_ie$0$ielen);
- goto inline$_v2.encode_ie$0$label_16#2;
-
- inline$_v2.encode_ie$0$label_16#2:
- _v2.OK := _v2.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 20} true;
- goto inline$_v2.encode_ie$0$label_16_true#2, inline$_v2.encode_ie$0$label_16_false#2;
-
- inline$_v2.encode_ie$0$label_16_false#2:
- assume !_v2.INT_LT(2, inline$_v2.encode_ie$0$bufsize);
- assume _v2.value_is(_v2.__ctobpl_const_20, inline$_v2.encode_ie$0$bufsize);
- goto inline$_v2.encode_ie$0$label_15#2;
-
- inline$_v2.encode_ie$0$label_15#2:
- _v2.OK := _v2.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 39} true;
- goto inline$_v2.encode_ie$0$label_15_true#2, inline$_v2.encode_ie$0$label_15_false#2;
-
- inline$_v2.encode_ie$0$label_15_false#2:
- assume !_v2.INT_EQ(inline$_v2.encode_ie$0$i, inline$_v2.encode_ie$0$ielen);
- assume _v2.value_is(_v2.__ctobpl_const_18, inline$_v2.encode_ie$0$i);
- assume _v2.value_is(_v2.__ctobpl_const_19, inline$_v2.encode_ie$0$ielen);
- goto inline$_v2.encode_ie$0$label_22#2;
-
- inline$_v2.encode_ie$0$label_22#2:
- _v2.OK := _v2.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 39} true;
- inline$_v2.encode_ie$0$$result.question.3.$$static$ := 0;
- assume _v2.value_is(_v2.__ctobpl_const_28, inline$_v2.encode_ie$0$$result.question.3.$$static$);
- goto inline$_v2.encode_ie$0$label_24#2;
-
- inline$_v2.encode_ie$0$label_15_true#2:
- assume _v2.INT_EQ(inline$_v2.encode_ie$0$i, inline$_v2.encode_ie$0$ielen);
- assume _v2.value_is(_v2.__ctobpl_const_18, inline$_v2.encode_ie$0$i);
- assume _v2.value_is(_v2.__ctobpl_const_19, inline$_v2.encode_ie$0$ielen);
- goto inline$_v2.encode_ie$0$label_23#2;
-
- inline$_v2.encode_ie$0$label_23#2:
- _v2.OK := _v2.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 39} true;
- havoc inline$_v2.encode_ie$0$$result.question.3.$$static$;
- assume _v2.INT_MINUS_BOTH_PTR_OR_BOTH_INT(inline$_v2.encode_ie$0$p, inline$_v2.encode_ie$0$buf, 1, inline$_v2.encode_ie$0$$result.question.3.$$static$);
- assume _v2.value_is(_v2.__ctobpl_const_29, inline$_v2.encode_ie$0$$result.question.3.$$static$);
- assume _v2.value_is(_v2.__ctobpl_const_30, inline$_v2.encode_ie$0$p);
- assume _v2.value_is(_v2.__ctobpl_const_31, inline$_v2.encode_ie$0$buf);
- goto inline$_v2.encode_ie$0$label_24#2;
-
- inline$_v2.encode_ie$0$label_24#2:
- _v2.OK := _v2.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 39} true;
- inline$_v2.encode_ie$0$result.encode_ie$1 := inline$_v2.encode_ie$0$$result.question.3.$$static$;
- assume _v2.value_is(_v2.__ctobpl_const_32, inline$_v2.encode_ie$0$$result.question.3.$$static$);
- goto inline$_v2.encode_ie$0$label_1#2;
-
- inline$_v2.encode_ie$0$label_16_true#2:
- assume _v2.INT_LT(2, inline$_v2.encode_ie$0$bufsize);
- assume _v2.value_is(_v2.__ctobpl_const_20, inline$_v2.encode_ie$0$bufsize);
- goto inline$_v2.encode_ie$0$label_17#2;
-
- inline$_v2.encode_ie$0$label_17#2:
- _v2.OK := _v2.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 30} true;
- assume _v2.INT_GEQ(inline$_v2.encode_ie$0$p, 0);
- _v2.OK := _v2.OK && _v2.Res_VALID_REGION(inline$_v2.encode_ie$0$p) == 1;
- assert true;
- _v2.Mem_T.UCHAR := _v2.Mem_T.UCHAR[inline$_v2.encode_ie$0$p := 120];
- assume _v2.value_is(_v2.__ctobpl_const_21, inline$_v2.encode_ie$0$p);
- assume _v2.value_is(_v2.__ctobpl_const_22, _v2.Mem_T.UCHAR[inline$_v2.encode_ie$0$p]);
- goto inline$_v2.encode_ie$0$label_18#2;
-
- inline$_v2.encode_ie$0$label_18#2:
- _v2.OK := _v2.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 32} true;
- assume _v2.INT_GEQ(_v2.INT_PLUS(inline$_v2.encode_ie$0$p, 1, 1), 0);
- _v2.OK := _v2.OK
- && _v2.Res_VALID_REGION(_v2.INT_PLUS(inline$_v2.encode_ie$0$p, 1, 1)) == 1;
- assert true;
- _v2.Mem_T.UCHAR := _v2.Mem_T.UCHAR[_v2.INT_PLUS(inline$_v2.encode_ie$0$p, 1, 1) := 120];
- assume _v2.value_is(_v2.__ctobpl_const_23, inline$_v2.encode_ie$0$p);
- assume _v2.value_is(_v2.__ctobpl_const_24,
- _v2.Mem_T.UCHAR[_v2.INT_PLUS(inline$_v2.encode_ie$0$p, 1, 1)]);
- goto inline$_v2.encode_ie$0$label_19#2;
-
- inline$_v2.encode_ie$0$label_19#2:
- _v2.OK := _v2.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 33} true;
- inline$_v2.encode_ie$0$tempBoogie0 := _v2.INT_PLUS(inline$_v2.encode_ie$0$p, 1, 2);
- inline$_v2.encode_ie$0$p := inline$_v2.encode_ie$0$tempBoogie0;
- assume _v2.value_is(_v2.__ctobpl_const_25, inline$_v2.encode_ie$0$p);
- goto inline$_v2.encode_ie$0$label_20#2;
-
- inline$_v2.encode_ie$0$label_20#2:
- _v2.OK := _v2.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 34} true;
- havoc inline$_v2.encode_ie$0$tempBoogie0;
- assume _v2.INT_MINUS_BOTH_PTR_OR_BOTH_INT(inline$_v2.encode_ie$0$bufsize, 2, 1, inline$_v2.encode_ie$0$tempBoogie0);
- inline$_v2.encode_ie$0$bufsize := inline$_v2.encode_ie$0$tempBoogie0;
- assume _v2.value_is(_v2.__ctobpl_const_26, inline$_v2.encode_ie$0$bufsize);
- goto inline$_v2.encode_ie$0$label_21#2;
-
- inline$_v2.encode_ie$0$label_21#2:
- _v2.OK := _v2.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 20} true;
- assume _v2.value_is(_v2.__ctobpl_const_27, inline$_v2.encode_ie$0$i);
- inline$_v2.encode_ie$0$i := _v2.INT_PLUS(inline$_v2.encode_ie$0$i, 1, 1);
- goto inline$_v2.encode_ie$0$label_21_dummy#2;
-
- inline$_v2.encode_ie$0$label_21_dummy#2:
- assume false;
- goto inline$_v2.encode_ie$0$Return;
-
- inline$_v2.encode_ie$0$label_5_true#2:
- assume _v2.INT_LT(inline$_v2.encode_ie$0$bufsize, inline$_v2.encode_ie$0$leader_len);
- assume _v2.value_is(_v2.__ctobpl_const_1, inline$_v2.encode_ie$0$bufsize);
- assume _v2.value_is(_v2.__ctobpl_const_2, inline$_v2.encode_ie$0$leader_len);
- goto inline$_v2.encode_ie$0$label_7#2;
-
- inline$_v2.encode_ie$0$label_7#2:
- _v2.OK := _v2.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 14} true;
- inline$_v2.encode_ie$0$result.encode_ie$1 := 0;
- goto inline$_v2.encode_ie$0$label_1#2;
-
- inline$_v2.encode_ie$0$label_1#2:
- _v2.OK := _v2.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 40} true;
- goto inline$_v2.encode_ie$0$Return;
-
- inline$_v2.encode_ie$0$Return:
- assume true;
- _v2.result.encode_ie$1 := inline$_v2.encode_ie$0$result.encode_ie$1;
- goto START$2;
-
- START$2:
- goto MS_L_0_1;
-
- MS_L_0_0:
- goto MS_L_taken_0, MS_L_not_taken_0;
-
- MS_L_taken_0:
- assume _v1.memcpy_1_done && _v2.memcpy_3_done;
- store__0__v1.OK, store__0__v1.Mem_T.UCHAR := _v1.OK, _v1.Mem_T.UCHAR;
- store__0__v2.OK, store__0__v2.Mem_T.UCHAR := _v2.OK, _v2.Mem_T.UCHAR;
- _v1.OK, _v1.Mem_T.UCHAR := _v1.memcpy_in_1_3, _v1.memcpy_in_1_4;
- _v2.OK, _v2.Mem_T.UCHAR := _v2.memcpy_in_3_3, _v2.memcpy_in_3_4;
- call out__v1.memcpy_out_1_0_0, out__v2.memcpy_out_3_0_0 := MS_Check__v1.memcpy___v2.memcpy(_v1.memcpy_in_1_0, _v1.memcpy_in_1_1, _v1.memcpy_in_1_2, _v2.memcpy_in_3_0, _v2.memcpy_in_3_1, _v2.memcpy_in_3_2);
- assume true;
- assume true;
- assume _v1.memcpy_out_1_0 == out__v1.memcpy_out_1_0_0
- && _v2.memcpy_out_3_0 == out__v2.memcpy_out_3_0_0;
- _v1.OK, _v1.Mem_T.UCHAR := store__0__v1.OK, store__0__v1.Mem_T.UCHAR;
- _v2.OK, _v2.Mem_T.UCHAR := store__0__v2.OK, store__0__v2.Mem_T.UCHAR;
- goto MS_L_meet_0;
-
- MS_L_not_taken_0:
- assume !(_v1.memcpy_1_done && _v2.memcpy_3_done);
- goto MS_L_meet_0;
-
- MS_L_meet_0:
- return;
-
- MS_L_0_1:
- goto MS_L_taken_1, MS_L_not_taken_1;
-
- MS_L_taken_1:
- assume _v1.encode_ie_loop_label_14_head_2_done
- && _v2.encode_ie_loop_label_14_head_4_done;
- store__1__v1.OK, store__1__v1.Mem_T.UCHAR := _v1.OK, _v1.Mem_T.UCHAR;
- store__1__v2.OK, store__1__v2.Mem_T.UCHAR := _v2.OK, _v2.Mem_T.UCHAR;
- _v1.OK, _v1.Mem_T.UCHAR := _v1.encode_ie_loop_label_14_head_in_2_5, _v1.encode_ie_loop_label_14_head_in_2_6;
- _v2.OK, _v2.Mem_T.UCHAR := _v2.encode_ie_loop_label_14_head_in_4_5, _v2.encode_ie_loop_label_14_head_in_4_6;
- call out__v1.encode_ie_loop_label_14_head_out_2_0_1, out__v1.encode_ie_loop_label_14_head_out_2_1_1, out__v1.encode_ie_loop_label_14_head_out_2_2_1, out__v2.encode_ie_loop_label_14_head_out_4_0_1, out__v2.encode_ie_loop_label_14_head_out_4_1_1, out__v2.encode_ie_loop_label_14_head_out_4_2_1, out__v2.encode_ie_loop_label_14_head_out_4_3_1 := MS_Check__v1.encode_ie_loop_label_14_head___v2.encode_ie_loop_label_14_head(_v1.encode_ie_loop_label_14_head_in_2_0, _v1.encode_ie_loop_label_14_head_in_2_1, _v1.encode_ie_loop_label_14_head_in_2_2, _v1.encode_ie_loop_label_14_head_in_2_3, _v1.encode_ie_loop_label_14_head_in_2_4, _v2.encode_ie_loop_label_14_head_in_4_0, _v2.encode_ie_loop_label_14_head_in_4_1, _v2.encode_ie_loop_label_14_head_in_4_2, _v2.encode_ie_loop_label_14_head_in_4_3, _v2.encode_ie_loop_label_14_head_in_4_4);
- assume _v1.Mem_T.UCHAR == _v1.encode_ie_loop_label_14_head_out_2_3
- && (_v1.OK <==> _v1.encode_ie_loop_label_14_head_out_2_4);
- assume _v2.Mem_T.UCHAR == _v2.encode_ie_loop_label_14_head_out_4_4
- && (_v2.OK <==> _v2.encode_ie_loop_label_14_head_out_4_5);
- assume _v1.encode_ie_loop_label_14_head_out_2_0
- == out__v1.encode_ie_loop_label_14_head_out_2_0_1
- && _v1.encode_ie_loop_label_14_head_out_2_1
- == out__v1.encode_ie_loop_label_14_head_out_2_1_1
- && _v1.encode_ie_loop_label_14_head_out_2_2
- == out__v1.encode_ie_loop_label_14_head_out_2_2_1
- && _v2.encode_ie_loop_label_14_head_out_4_0
- == out__v2.encode_ie_loop_label_14_head_out_4_0_1
- && _v2.encode_ie_loop_label_14_head_out_4_1
- == out__v2.encode_ie_loop_label_14_head_out_4_1_1
- && _v2.encode_ie_loop_label_14_head_out_4_2
- == out__v2.encode_ie_loop_label_14_head_out_4_2_1
- && _v2.encode_ie_loop_label_14_head_out_4_3
- == out__v2.encode_ie_loop_label_14_head_out_4_3_1;
- _v1.OK, _v1.Mem_T.UCHAR := store__1__v1.OK, store__1__v1.Mem_T.UCHAR;
- _v2.OK, _v2.Mem_T.UCHAR := store__1__v2.OK, store__1__v2.Mem_T.UCHAR;
- goto MS_L_meet_1;
-
- MS_L_not_taken_1:
- assume !(_v1.encode_ie_loop_label_14_head_2_done
- && _v2.encode_ie_loop_label_14_head_4_done);
- goto MS_L_meet_1;
-
- MS_L_meet_1:
- goto MS_L_0_0;
-}
-
-
-
-function {:inline true} MS$_v1.encode_ie_loop_label_14_head$_v2.encode_ie_loop_label_14_head(_v1.in_bufsize: int,
- _v1.in_i: int,
- _v1.in_ielen: int,
- _v1.in_p: int,
- _v1.in_tempBoogie0: int,
- _v1.OK_old: bool,
- _v1.Mem_old: [name][int]int,
- _v1.alloc_old: int,
- _v1.Mem_T.A1CHAR_old: [int]int,
- _v1.Mem_T.A5UCHAR_old: [int]int,
- _v1.Mem_T.A6UCHAR_old: [int]int,
- _v1.Mem_T.CHAR_old: [int]int,
- _v1.Mem_T.INT4_old: [int]int,
- _v1.Mem_T.PCHAR_old: [int]int,
- _v1.Mem_T.PUCHAR_old: [int]int,
- _v1.Mem_T.PVOID_old: [int]int,
- _v1.Mem_T.Pieee80211_scan_entry_old: [int]int,
- _v1.Mem_T.UCHAR_old: [int]int,
- _v1.Mem_T.VOID_old: [int]int,
- _v1.Mem_T.ieee80211_scan_entry_old: [int]int,
- _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry_old: [int]int,
- _v1.detChoiceCnt_old: int,
- _v1.Res_KERNEL_SOURCE_old: [int]int,
- _v1.Res_PROBED_old: [int]int,
- _v1.Mem_T.UCHAR_: [int]int,
- _v1.OK_: bool,
- _v1.out_i: int,
- _v1.out_p: int,
- _v1.out_tempBoogie0: int,
- _v2.in_bufsize: int,
- _v2.in_i: int,
- _v2.in_ielen: int,
- _v2.in_p: int,
- _v2.in_tempBoogie0: int,
- _v2.OK_old: bool,
- _v2.Mem_old: [name][int]int,
- _v2.alloc_old: int,
- _v2.Mem_T.A1CHAR_old: [int]int,
- _v2.Mem_T.A5UCHAR_old: [int]int,
- _v2.Mem_T.A6UCHAR_old: [int]int,
- _v2.Mem_T.CHAR_old: [int]int,
- _v2.Mem_T.INT4_old: [int]int,
- _v2.Mem_T.PCHAR_old: [int]int,
- _v2.Mem_T.PUCHAR_old: [int]int,
- _v2.Mem_T.PVOID_old: [int]int,
- _v2.Mem_T.Pieee80211_scan_entry_old: [int]int,
- _v2.Mem_T.UCHAR_old: [int]int,
- _v2.Mem_T.VOID_old: [int]int,
- _v2.Mem_T.ieee80211_scan_entry_old: [int]int,
- _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry_old: [int]int,
- _v2.detChoiceCnt_old: int,
- _v2.Res_KERNEL_SOURCE_old: [int]int,
- _v2.Res_PROBED_old: [int]int,
- _v2.Mem_T.UCHAR_: [int]int,
- _v2.OK_: bool,
- _v2.out_bufsize: int,
- _v2.out_i: int,
- _v2.out_p: int,
- _v2.out_tempBoogie0: int)
- : bool
-{
- true
-}
-
-const {:existential true} _houdini_115: bool;
-
-const {:existential true} _houdini_116: bool;
-
-const {:existential true} _houdini_117: bool;
-
-const {:existential true} _houdini_118: bool;
-
-const {:existential true} _houdini_119: bool;
-
-const {:existential true} _houdini_120: bool;
-
-const {:existential true} _houdini_121: bool;
-
-const {:existential true} _houdini_122: bool;
-
-const {:existential true} _houdini_123: bool;
-
-const {:existential true} _houdini_124: bool;
-
-const {:existential true} _houdini_125: bool;
-
-const {:existential true} _houdini_126: bool;
-
-const {:existential true} _houdini_127: bool;
-
-const {:existential true} _houdini_128: bool;
-
-const {:existential true} _houdini_129: bool;
-
-const {:existential true} _houdini_130: bool;
-
-const {:existential true} _houdini_131: bool;
-
-const {:existential true} _houdini_132: bool;
-
-const {:existential true} _houdini_133: bool;
-
-const {:existential true} _houdini_134: bool;
-
-const {:existential true} _houdini_135: bool;
-
-const {:existential true} _houdini_136: bool;
-
-const {:existential true} _houdini_137: bool;
-
-const {:existential true} _houdini_138: bool;
-
-const {:existential true} _houdini_139: bool;
-
-const {:existential true} _houdini_140: bool;
-
-const {:existential true} _houdini_141: bool;
-
-const {:existential true} _houdini_142: bool;
-
-const {:existential true} _houdini_143: bool;
-
-const {:existential true} _houdini_144: bool;
-
-const {:existential true} _houdini_145: bool;
-
-const {:existential true} _houdini_146: bool;
-
-const {:existential true} _houdini_147: bool;
-
-const {:existential true} _houdini_148: bool;
-
-const {:existential true} _houdini_149: bool;
-
-const {:existential true} _houdini_150: bool;
-
-const {:existential true} _houdini_151: bool;
-
-const {:existential true} _houdini_152: bool;
-
-const {:existential true} _houdini_153: bool;
-
-const {:existential true} _houdini_154: bool;
-
-const {:existential true} _houdini_155: bool;
-
-procedure MS_Check__v1.encode_ie_loop_label_14_head___v2.encode_ie_loop_label_14_head(_v1.in_bufsize: int,
- _v1.in_i: int,
- _v1.in_ielen: int,
- _v1.in_p: int,
- _v1.in_tempBoogie0: int,
- _v2.in_bufsize: int,
- _v2.in_i: int,
- _v2.in_ielen: int,
- _v2.in_p: int,
- _v2.in_tempBoogie0: int)
- returns (_v1.out_i: int,
- _v1.out_p: int,
- _v1.out_tempBoogie0: int,
- _v2.out_bufsize: int,
- _v2.out_i: int,
- _v2.out_p: int,
- _v2.out_tempBoogie0: int);
- requires _houdini_124 ==> _v1.in_bufsize <= _v2.in_bufsize;
- requires _houdini_125 ==> _v2.in_bufsize <= _v1.in_bufsize;
- requires _houdini_126 ==> _v1.in_i <= _v2.in_i;
- requires _houdini_127 ==> _v2.in_i <= _v1.in_i;
- requires _houdini_128 ==> _v1.in_ielen <= _v2.in_ielen;
- requires _houdini_129 ==> _v2.in_ielen <= _v1.in_ielen;
- requires _houdini_130 ==> _v1.in_p <= _v2.in_p;
- requires _houdini_131 ==> _v2.in_p <= _v1.in_p;
- requires _houdini_132 ==> _v1.in_tempBoogie0 <= _v2.in_tempBoogie0;
- requires _houdini_133 ==> _v2.in_tempBoogie0 <= _v1.in_tempBoogie0;
- requires _houdini_134 ==> _v1.OK ==> _v2.OK;
- requires _houdini_135 ==> _v2.OK ==> _v1.OK;
- requires _houdini_136 ==> _v1.Mem == _v2.Mem;
- requires _houdini_137 ==> _v1.alloc <= _v2.alloc;
- requires _houdini_138 ==> _v2.alloc <= _v1.alloc;
- requires _houdini_139 ==> _v1.Mem_T.A1CHAR == _v2.Mem_T.A1CHAR;
- requires _houdini_140 ==> _v1.Mem_T.A5UCHAR == _v2.Mem_T.A5UCHAR;
- requires _houdini_141 ==> _v1.Mem_T.A6UCHAR == _v2.Mem_T.A6UCHAR;
- requires _houdini_142 ==> _v1.Mem_T.CHAR == _v2.Mem_T.CHAR;
- requires _houdini_143 ==> _v1.Mem_T.INT4 == _v2.Mem_T.INT4;
- requires _houdini_144 ==> _v1.Mem_T.PCHAR == _v2.Mem_T.PCHAR;
- requires _houdini_145 ==> _v1.Mem_T.PUCHAR == _v2.Mem_T.PUCHAR;
- requires _houdini_146 ==> _v1.Mem_T.PVOID == _v2.Mem_T.PVOID;
- requires _houdini_147
- ==> _v1.Mem_T.Pieee80211_scan_entry == _v2.Mem_T.Pieee80211_scan_entry;
- requires _houdini_148 ==> _v1.Mem_T.UCHAR == _v2.Mem_T.UCHAR;
- requires _houdini_149 ==> _v1.Mem_T.VOID == _v2.Mem_T.VOID;
- requires _houdini_150
- ==> _v1.Mem_T.ieee80211_scan_entry == _v2.Mem_T.ieee80211_scan_entry;
- requires _houdini_151
- ==> _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry
- == _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry;
- requires _houdini_152 ==> _v1.detChoiceCnt <= _v2.detChoiceCnt;
- requires _houdini_153 ==> _v2.detChoiceCnt <= _v1.detChoiceCnt;
- requires _houdini_154 ==> _v1.Res_KERNEL_SOURCE == _v2.Res_KERNEL_SOURCE;
- requires _houdini_155 ==> _v1.Res_PROBED == _v2.Res_PROBED;
- modifies _v1.Mem_T.UCHAR, _v1.OK, _v2.Mem_T.UCHAR, _v2.OK;
- ensures MS$_v1.encode_ie_loop_label_14_head$_v2.encode_ie_loop_label_14_head(_v1.in_bufsize,
- _v1.in_i,
- _v1.in_ielen,
- _v1.in_p,
- _v1.in_tempBoogie0,
- old(_v1.OK),
- old(_v1.Mem),
- old(_v1.alloc),
- old(_v1.Mem_T.A1CHAR),
- old(_v1.Mem_T.A5UCHAR),
- old(_v1.Mem_T.A6UCHAR),
- old(_v1.Mem_T.CHAR),
- old(_v1.Mem_T.INT4),
- old(_v1.Mem_T.PCHAR),
- old(_v1.Mem_T.PUCHAR),
- old(_v1.Mem_T.PVOID),
- old(_v1.Mem_T.Pieee80211_scan_entry),
- old(_v1.Mem_T.UCHAR),
- old(_v1.Mem_T.VOID),
- old(_v1.Mem_T.ieee80211_scan_entry),
- old(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry),
- old(_v1.detChoiceCnt),
- old(_v1.Res_KERNEL_SOURCE),
- old(_v1.Res_PROBED),
- _v1.Mem_T.UCHAR,
- _v1.OK,
- _v1.out_i,
- _v1.out_p,
- _v1.out_tempBoogie0,
- _v2.in_bufsize,
- _v2.in_i,
- _v2.in_ielen,
- _v2.in_p,
- _v2.in_tempBoogie0,
- old(_v2.OK),
- old(_v2.Mem),
- old(_v2.alloc),
- old(_v2.Mem_T.A1CHAR),
- old(_v2.Mem_T.A5UCHAR),
- old(_v2.Mem_T.A6UCHAR),
- old(_v2.Mem_T.CHAR),
- old(_v2.Mem_T.INT4),
- old(_v2.Mem_T.PCHAR),
- old(_v2.Mem_T.PUCHAR),
- old(_v2.Mem_T.PVOID),
- old(_v2.Mem_T.Pieee80211_scan_entry),
- old(_v2.Mem_T.UCHAR),
- old(_v2.Mem_T.VOID),
- old(_v2.Mem_T.ieee80211_scan_entry),
- old(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry),
- old(_v2.detChoiceCnt),
- old(_v2.Res_KERNEL_SOURCE),
- old(_v2.Res_PROBED),
- _v2.Mem_T.UCHAR,
- _v2.OK,
- _v2.out_bufsize,
- _v2.out_i,
- _v2.out_p,
- _v2.out_tempBoogie0);
- ensures _houdini_115 ==> _v1.out_i <= _v2.out_i;
- ensures _houdini_116 ==> _v2.out_i <= _v1.out_i;
- ensures _houdini_117 ==> _v1.out_p <= _v2.out_p;
- ensures _houdini_118 ==> _v2.out_p <= _v1.out_p;
- ensures _houdini_119 ==> _v1.out_tempBoogie0 <= _v2.out_tempBoogie0;
- ensures _houdini_120 ==> _v2.out_tempBoogie0 <= _v1.out_tempBoogie0;
- ensures _houdini_121 ==> _v1.Mem_T.UCHAR == _v2.Mem_T.UCHAR;
- ensures _houdini_122 ==> _v1.OK ==> _v2.OK;
- ensures _houdini_123 ==> _v2.OK ==> _v1.OK;
-
-
-
-implementation MS_Check__v1.encode_ie_loop_label_14_head___v2.encode_ie_loop_label_14_head(_v1.in_bufsize: int,
- _v1.in_i: int,
- _v1.in_ielen: int,
- _v1.in_p: int,
- _v1.in_tempBoogie0: int,
- _v2.in_bufsize: int,
- _v2.in_i: int,
- _v2.in_ielen: int,
- _v2.in_p: int,
- _v2.in_tempBoogie0: int)
- returns (_v1.out_i: int,
- _v1.out_p: int,
- _v1.out_tempBoogie0: int,
- _v2.out_bufsize: int,
- _v2.out_i: int,
- _v2.out_p: int,
- _v2.out_tempBoogie0: int)
-{
- var inline$_v1.encode_ie_loop_label_14_head$0$in_bufsize: int;
- var inline$_v1.encode_ie_loop_label_14_head$0$in_i: int;
- var inline$_v1.encode_ie_loop_label_14_head$0$in_ielen: int;
- var inline$_v1.encode_ie_loop_label_14_head$0$in_p: int;
- var inline$_v1.encode_ie_loop_label_14_head$0$in_tempBoogie0: int;
- var inline$_v1.encode_ie_loop_label_14_head$0$out_i: int;
- var inline$_v1.encode_ie_loop_label_14_head$0$out_p: int;
- var inline$_v1.encode_ie_loop_label_14_head$0$out_tempBoogie0: int;
- var inline$_v1.encode_ie_loop_label_14_head$0$_v1.Mem_T.UCHAR: [int]int;
- var inline$_v1.encode_ie_loop_label_14_head$0$_v1.OK: bool;
- var inline$_v2.encode_ie_loop_label_14_head$0$in_bufsize: int;
- var inline$_v2.encode_ie_loop_label_14_head$0$in_i: int;
- var inline$_v2.encode_ie_loop_label_14_head$0$in_ielen: int;
- var inline$_v2.encode_ie_loop_label_14_head$0$in_p: int;
- var inline$_v2.encode_ie_loop_label_14_head$0$in_tempBoogie0: int;
- var inline$_v2.encode_ie_loop_label_14_head$0$out_bufsize: int;
- var inline$_v2.encode_ie_loop_label_14_head$0$out_i: int;
- var inline$_v2.encode_ie_loop_label_14_head$0$out_p: int;
- var inline$_v2.encode_ie_loop_label_14_head$0$out_tempBoogie0: int;
- var inline$_v2.encode_ie_loop_label_14_head$0$_v2.Mem_T.UCHAR: [int]int;
- var inline$_v2.encode_ie_loop_label_14_head$0$_v2.OK: bool;
- var _v1.encode_ie_loop_label_14_head_1_done: bool;
- var _v1.encode_ie_loop_label_14_head_in_1_0: int;
- var _v1.encode_ie_loop_label_14_head_in_1_1: int;
- var _v1.encode_ie_loop_label_14_head_in_1_2: int;
- var _v1.encode_ie_loop_label_14_head_in_1_3: int;
- var _v1.encode_ie_loop_label_14_head_in_1_4: int;
- var _v1.encode_ie_loop_label_14_head_in_1_5: [int]int;
- var _v1.encode_ie_loop_label_14_head_in_1_6: bool;
- var _v1.encode_ie_loop_label_14_head_out_1_0: int;
- var _v1.encode_ie_loop_label_14_head_out_1_1: int;
- var _v1.encode_ie_loop_label_14_head_out_1_2: int;
- var _v1.encode_ie_loop_label_14_head_out_1_3: [int]int;
- var _v1.encode_ie_loop_label_14_head_out_1_4: bool;
- var _v2.encode_ie_loop_label_14_head_2_done: bool;
- var _v2.encode_ie_loop_label_14_head_in_2_0: int;
- var _v2.encode_ie_loop_label_14_head_in_2_1: int;
- var _v2.encode_ie_loop_label_14_head_in_2_2: int;
- var _v2.encode_ie_loop_label_14_head_in_2_3: int;
- var _v2.encode_ie_loop_label_14_head_in_2_4: int;
- var _v2.encode_ie_loop_label_14_head_in_2_5: [int]int;
- var _v2.encode_ie_loop_label_14_head_in_2_6: bool;
- var _v2.encode_ie_loop_label_14_head_out_2_0: int;
- var _v2.encode_ie_loop_label_14_head_out_2_1: int;
- var _v2.encode_ie_loop_label_14_head_out_2_2: int;
- var _v2.encode_ie_loop_label_14_head_out_2_3: int;
- var _v2.encode_ie_loop_label_14_head_out_2_4: [int]int;
- var _v2.encode_ie_loop_label_14_head_out_2_5: bool;
- var store__0__v1.Mem_T.UCHAR: [int]int;
- var store__0__v1.OK: bool;
- var store__0__v2.Mem_T.UCHAR: [int]int;
- var store__0__v2.OK: bool;
- var out__v1.encode_ie_loop_label_14_head_out_1_0_0: int;
- var out__v1.encode_ie_loop_label_14_head_out_1_1_0: int;
- var out__v1.encode_ie_loop_label_14_head_out_1_2_0: int;
- var out__v2.encode_ie_loop_label_14_head_out_2_0_0: int;
- var out__v2.encode_ie_loop_label_14_head_out_2_1_0: int;
- var out__v2.encode_ie_loop_label_14_head_out_2_2_0: int;
- var out__v2.encode_ie_loop_label_14_head_out_2_3_0: int;
-
- START:
- _v1.encode_ie_loop_label_14_head_1_done, _v2.encode_ie_loop_label_14_head_2_done := false, false;
- goto inline$_v1.encode_ie_loop_label_14_head$0$Entry;
-
- inline$_v1.encode_ie_loop_label_14_head$0$Entry:
- inline$_v1.encode_ie_loop_label_14_head$0$in_bufsize := _v1.in_bufsize;
- inline$_v1.encode_ie_loop_label_14_head$0$in_i := _v1.in_i;
- inline$_v1.encode_ie_loop_label_14_head$0$in_ielen := _v1.in_ielen;
- inline$_v1.encode_ie_loop_label_14_head$0$in_p := _v1.in_p;
- inline$_v1.encode_ie_loop_label_14_head$0$in_tempBoogie0 := _v1.in_tempBoogie0;
- havoc inline$_v1.encode_ie_loop_label_14_head$0$out_i, inline$_v1.encode_ie_loop_label_14_head$0$out_p, inline$_v1.encode_ie_loop_label_14_head$0$out_tempBoogie0;
- inline$_v1.encode_ie_loop_label_14_head$0$_v1.Mem_T.UCHAR := _v1.Mem_T.UCHAR;
- inline$_v1.encode_ie_loop_label_14_head$0$_v1.OK := _v1.OK;
- goto inline$_v1.encode_ie_loop_label_14_head$0$entry#2;
-
- inline$_v1.encode_ie_loop_label_14_head$0$entry#2:
- inline$_v1.encode_ie_loop_label_14_head$0$out_i, inline$_v1.encode_ie_loop_label_14_head$0$out_p, inline$_v1.encode_ie_loop_label_14_head$0$out_tempBoogie0 := inline$_v1.encode_ie_loop_label_14_head$0$in_i, inline$_v1.encode_ie_loop_label_14_head$0$in_p, inline$_v1.encode_ie_loop_label_14_head$0$in_tempBoogie0;
- goto inline$_v1.encode_ie_loop_label_14_head$0$label_14_head#2;
-
- inline$_v1.encode_ie_loop_label_14_head$0$label_14_head#2:
- goto inline$_v1.encode_ie_loop_label_14_head$0$label_14_true#2, inline$_v1.encode_ie_loop_label_14_head$0$label_14_false#2;
-
- inline$_v1.encode_ie_loop_label_14_head$0$label_14_false#2:
- assume !_v2.INT_LT(inline$_v1.encode_ie_loop_label_14_head$0$out_i,
- inline$_v1.encode_ie_loop_label_14_head$0$in_ielen);
- assume _v2.value_is(_v1.__ctobpl_const_16, inline$_v1.encode_ie_loop_label_14_head$0$out_i);
- assume _v2.value_is(_v1.__ctobpl_const_17, inline$_v1.encode_ie_loop_label_14_head$0$in_ielen);
- inline$_v1.encode_ie_loop_label_14_head$0$out_i, inline$_v1.encode_ie_loop_label_14_head$0$out_p, inline$_v1.encode_ie_loop_label_14_head$0$out_tempBoogie0 := inline$_v1.encode_ie_loop_label_14_head$0$in_i, inline$_v1.encode_ie_loop_label_14_head$0$in_p, inline$_v1.encode_ie_loop_label_14_head$0$in_tempBoogie0;
- _v1.Mem_T.UCHAR := inline$_v1.encode_ie_loop_label_14_head$0$_v1.Mem_T.UCHAR;
- goto inline$_v1.encode_ie_loop_label_14_head$0$Return;
-
- inline$_v1.encode_ie_loop_label_14_head$0$label_14_true#2:
- assume _v2.INT_LT(inline$_v1.encode_ie_loop_label_14_head$0$out_i,
- inline$_v1.encode_ie_loop_label_14_head$0$in_ielen);
- assume _v2.value_is(_v1.__ctobpl_const_16, inline$_v1.encode_ie_loop_label_14_head$0$out_i);
- assume _v2.value_is(_v1.__ctobpl_const_17, inline$_v1.encode_ie_loop_label_14_head$0$in_ielen);
- goto inline$_v1.encode_ie_loop_label_14_head$0$label_16#2;
-
- inline$_v1.encode_ie_loop_label_14_head$0$label_16#2:
- _v1.OK := _v1.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 20} true;
- goto inline$_v1.encode_ie_loop_label_14_head$0$label_16_true#2, inline$_v1.encode_ie_loop_label_14_head$0$label_16_false#2;
-
- inline$_v1.encode_ie_loop_label_14_head$0$label_16_false#2:
- assume !_v2.INT_LT(2, inline$_v1.encode_ie_loop_label_14_head$0$in_bufsize);
- assume _v2.value_is(_v1.__ctobpl_const_20, inline$_v1.encode_ie_loop_label_14_head$0$in_bufsize);
- inline$_v1.encode_ie_loop_label_14_head$0$out_i, inline$_v1.encode_ie_loop_label_14_head$0$out_p, inline$_v1.encode_ie_loop_label_14_head$0$out_tempBoogie0 := inline$_v1.encode_ie_loop_label_14_head$0$in_i, inline$_v1.encode_ie_loop_label_14_head$0$in_p, inline$_v1.encode_ie_loop_label_14_head$0$in_tempBoogie0;
- _v1.Mem_T.UCHAR := inline$_v1.encode_ie_loop_label_14_head$0$_v1.Mem_T.UCHAR;
- goto inline$_v1.encode_ie_loop_label_14_head$0$Return;
-
- inline$_v1.encode_ie_loop_label_14_head$0$label_16_true#2:
- assume _v2.INT_LT(2, inline$_v1.encode_ie_loop_label_14_head$0$in_bufsize);
- assume _v2.value_is(_v1.__ctobpl_const_20, inline$_v1.encode_ie_loop_label_14_head$0$in_bufsize);
- goto inline$_v1.encode_ie_loop_label_14_head$0$label_17#2;
-
- inline$_v1.encode_ie_loop_label_14_head$0$label_17#2:
- _v1.OK := _v1.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 30} true;
- assume _v2.INT_GEQ(inline$_v1.encode_ie_loop_label_14_head$0$out_p, 0);
- _v1.OK := _v1.OK
- && _v2.Res_VALID_REGION(inline$_v1.encode_ie_loop_label_14_head$0$out_p) == 1;
- assert true;
- _v1.Mem_T.UCHAR := _v1.Mem_T.UCHAR[inline$_v1.encode_ie_loop_label_14_head$0$out_p := 120];
- assume _v2.value_is(_v1.__ctobpl_const_21, inline$_v1.encode_ie_loop_label_14_head$0$out_p);
- assume _v2.value_is(_v1.__ctobpl_const_22,
- _v1.Mem_T.UCHAR[inline$_v1.encode_ie_loop_label_14_head$0$out_p]);
- goto inline$_v1.encode_ie_loop_label_14_head$0$label_18#2;
-
- inline$_v1.encode_ie_loop_label_14_head$0$label_18#2:
- _v1.OK := _v1.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 32} true;
- assume _v2.INT_GEQ(_v2.INT_PLUS(inline$_v1.encode_ie_loop_label_14_head$0$out_p, 1, 1), 0);
- _v1.OK := _v1.OK
- && _v2.Res_VALID_REGION(_v2.INT_PLUS(inline$_v1.encode_ie_loop_label_14_head$0$out_p, 1, 1))
- == 1;
- assert true;
- _v1.Mem_T.UCHAR := _v1.Mem_T.UCHAR[_v2.INT_PLUS(inline$_v1.encode_ie_loop_label_14_head$0$out_p, 1, 1) := 120];
- assume _v2.value_is(_v1.__ctobpl_const_23, inline$_v1.encode_ie_loop_label_14_head$0$out_p);
- assume _v2.value_is(_v1.__ctobpl_const_24,
- _v1.Mem_T.UCHAR[_v2.INT_PLUS(inline$_v1.encode_ie_loop_label_14_head$0$out_p, 1, 1)]);
- goto inline$_v1.encode_ie_loop_label_14_head$0$label_19#2;
-
- inline$_v1.encode_ie_loop_label_14_head$0$label_19#2:
- _v1.OK := _v1.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 33} true;
- inline$_v1.encode_ie_loop_label_14_head$0$out_tempBoogie0 := _v2.INT_PLUS(inline$_v1.encode_ie_loop_label_14_head$0$out_p, 1, 2);
- inline$_v1.encode_ie_loop_label_14_head$0$out_p := inline$_v1.encode_ie_loop_label_14_head$0$out_tempBoogie0;
- assume _v2.value_is(_v1.__ctobpl_const_25, inline$_v1.encode_ie_loop_label_14_head$0$out_p);
- goto inline$_v1.encode_ie_loop_label_14_head$0$label_20#2;
-
- inline$_v1.encode_ie_loop_label_14_head$0$label_20#2:
- _v1.OK := _v1.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 20} true;
- assume _v2.value_is(_v1.__ctobpl_const_26, inline$_v1.encode_ie_loop_label_14_head$0$out_i);
- inline$_v1.encode_ie_loop_label_14_head$0$out_i := _v2.INT_PLUS(inline$_v1.encode_ie_loop_label_14_head$0$out_i, 1, 1);
- goto inline$_v1.encode_ie_loop_label_14_head$0$label_20_dummy#2;
-
- inline$_v1.encode_ie_loop_label_14_head$0$label_20_dummy#2:
- _v1.encode_ie_loop_label_14_head_in_1_0, _v1.encode_ie_loop_label_14_head_in_1_1, _v1.encode_ie_loop_label_14_head_in_1_2, _v1.encode_ie_loop_label_14_head_in_1_3, _v1.encode_ie_loop_label_14_head_in_1_4, _v1.encode_ie_loop_label_14_head_in_1_5, _v1.encode_ie_loop_label_14_head_in_1_6 := inline$_v1.encode_ie_loop_label_14_head$0$in_bufsize, inline$_v1.encode_ie_loop_label_14_head$0$out_i, inline$_v1.encode_ie_loop_label_14_head$0$in_ielen, inline$_v1.encode_ie_loop_label_14_head$0$out_p, inline$_v1.encode_ie_loop_label_14_head$0$out_tempBoogie0, _v1.Mem_T.UCHAR, _v1.OK;
- call inline$_v1.encode_ie_loop_label_14_head$0$out_i, inline$_v1.encode_ie_loop_label_14_head$0$out_p, inline$_v1.encode_ie_loop_label_14_head$0$out_tempBoogie0 := _v1.encode_ie_loop_label_14_head(inline$_v1.encode_ie_loop_label_14_head$0$in_bufsize, inline$_v1.encode_ie_loop_label_14_head$0$out_i, inline$_v1.encode_ie_loop_label_14_head$0$in_ielen, inline$_v1.encode_ie_loop_label_14_head$0$out_p, inline$_v1.encode_ie_loop_label_14_head$0$out_tempBoogie0);
- _v1.encode_ie_loop_label_14_head_1_done := true;
- _v1.encode_ie_loop_label_14_head_out_1_0, _v1.encode_ie_loop_label_14_head_out_1_1, _v1.encode_ie_loop_label_14_head_out_1_2, _v1.encode_ie_loop_label_14_head_out_1_3, _v1.encode_ie_loop_label_14_head_out_1_4 := inline$_v1.encode_ie_loop_label_14_head$0$out_i, inline$_v1.encode_ie_loop_label_14_head$0$out_p, inline$_v1.encode_ie_loop_label_14_head$0$out_tempBoogie0, _v1.Mem_T.UCHAR, _v1.OK;
- goto inline$_v1.encode_ie_loop_label_14_head$0$Return;
-
- inline$_v1.encode_ie_loop_label_14_head$0$Return:
- assume true;
- _v1.out_i := inline$_v1.encode_ie_loop_label_14_head$0$out_i;
- _v1.out_p := inline$_v1.encode_ie_loop_label_14_head$0$out_p;
- _v1.out_tempBoogie0 := inline$_v1.encode_ie_loop_label_14_head$0$out_tempBoogie0;
- goto START$1;
-
- START$1:
- goto inline$_v2.encode_ie_loop_label_14_head$0$Entry;
-
- inline$_v2.encode_ie_loop_label_14_head$0$Entry:
- inline$_v2.encode_ie_loop_label_14_head$0$in_bufsize := _v2.in_bufsize;
- inline$_v2.encode_ie_loop_label_14_head$0$in_i := _v2.in_i;
- inline$_v2.encode_ie_loop_label_14_head$0$in_ielen := _v2.in_ielen;
- inline$_v2.encode_ie_loop_label_14_head$0$in_p := _v2.in_p;
- inline$_v2.encode_ie_loop_label_14_head$0$in_tempBoogie0 := _v2.in_tempBoogie0;
- havoc inline$_v2.encode_ie_loop_label_14_head$0$out_bufsize, inline$_v2.encode_ie_loop_label_14_head$0$out_i, inline$_v2.encode_ie_loop_label_14_head$0$out_p, inline$_v2.encode_ie_loop_label_14_head$0$out_tempBoogie0;
- inline$_v2.encode_ie_loop_label_14_head$0$_v2.Mem_T.UCHAR := _v2.Mem_T.UCHAR;
- inline$_v2.encode_ie_loop_label_14_head$0$_v2.OK := _v2.OK;
- goto inline$_v2.encode_ie_loop_label_14_head$0$entry#2;
-
- inline$_v2.encode_ie_loop_label_14_head$0$entry#2:
- inline$_v2.encode_ie_loop_label_14_head$0$out_bufsize, inline$_v2.encode_ie_loop_label_14_head$0$out_i, inline$_v2.encode_ie_loop_label_14_head$0$out_p, inline$_v2.encode_ie_loop_label_14_head$0$out_tempBoogie0 := inline$_v2.encode_ie_loop_label_14_head$0$in_bufsize, inline$_v2.encode_ie_loop_label_14_head$0$in_i, inline$_v2.encode_ie_loop_label_14_head$0$in_p, inline$_v2.encode_ie_loop_label_14_head$0$in_tempBoogie0;
- goto inline$_v2.encode_ie_loop_label_14_head$0$label_14_head#2;
-
- inline$_v2.encode_ie_loop_label_14_head$0$label_14_head#2:
- goto inline$_v2.encode_ie_loop_label_14_head$0$label_14_true#2, inline$_v2.encode_ie_loop_label_14_head$0$label_14_false#2;
-
- inline$_v2.encode_ie_loop_label_14_head$0$label_14_false#2:
- assume !_v2.INT_LT(inline$_v2.encode_ie_loop_label_14_head$0$out_i,
- inline$_v2.encode_ie_loop_label_14_head$0$in_ielen);
- assume _v2.value_is(_v2.__ctobpl_const_16, inline$_v2.encode_ie_loop_label_14_head$0$out_i);
- assume _v2.value_is(_v2.__ctobpl_const_17, inline$_v2.encode_ie_loop_label_14_head$0$in_ielen);
- inline$_v2.encode_ie_loop_label_14_head$0$out_bufsize, inline$_v2.encode_ie_loop_label_14_head$0$out_i, inline$_v2.encode_ie_loop_label_14_head$0$out_p, inline$_v2.encode_ie_loop_label_14_head$0$out_tempBoogie0 := inline$_v2.encode_ie_loop_label_14_head$0$in_bufsize, inline$_v2.encode_ie_loop_label_14_head$0$in_i, inline$_v2.encode_ie_loop_label_14_head$0$in_p, inline$_v2.encode_ie_loop_label_14_head$0$in_tempBoogie0;
- _v2.Mem_T.UCHAR := inline$_v2.encode_ie_loop_label_14_head$0$_v2.Mem_T.UCHAR;
- goto inline$_v2.encode_ie_loop_label_14_head$0$Return;
-
- inline$_v2.encode_ie_loop_label_14_head$0$label_14_true#2:
- assume _v2.INT_LT(inline$_v2.encode_ie_loop_label_14_head$0$out_i,
- inline$_v2.encode_ie_loop_label_14_head$0$in_ielen);
- assume _v2.value_is(_v2.__ctobpl_const_16, inline$_v2.encode_ie_loop_label_14_head$0$out_i);
- assume _v2.value_is(_v2.__ctobpl_const_17, inline$_v2.encode_ie_loop_label_14_head$0$in_ielen);
- goto inline$_v2.encode_ie_loop_label_14_head$0$label_16#2;
-
- inline$_v2.encode_ie_loop_label_14_head$0$label_16#2:
- _v2.OK := _v2.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 20} true;
- goto inline$_v2.encode_ie_loop_label_14_head$0$label_16_true#2, inline$_v2.encode_ie_loop_label_14_head$0$label_16_false#2;
-
- inline$_v2.encode_ie_loop_label_14_head$0$label_16_false#2:
- assume !_v2.INT_LT(2, inline$_v2.encode_ie_loop_label_14_head$0$out_bufsize);
- assume _v2.value_is(_v2.__ctobpl_const_20, inline$_v2.encode_ie_loop_label_14_head$0$out_bufsize);
- inline$_v2.encode_ie_loop_label_14_head$0$out_bufsize, inline$_v2.encode_ie_loop_label_14_head$0$out_i, inline$_v2.encode_ie_loop_label_14_head$0$out_p, inline$_v2.encode_ie_loop_label_14_head$0$out_tempBoogie0 := inline$_v2.encode_ie_loop_label_14_head$0$in_bufsize, inline$_v2.encode_ie_loop_label_14_head$0$in_i, inline$_v2.encode_ie_loop_label_14_head$0$in_p, inline$_v2.encode_ie_loop_label_14_head$0$in_tempBoogie0;
- _v2.Mem_T.UCHAR := inline$_v2.encode_ie_loop_label_14_head$0$_v2.Mem_T.UCHAR;
- goto inline$_v2.encode_ie_loop_label_14_head$0$Return;
-
- inline$_v2.encode_ie_loop_label_14_head$0$label_16_true#2:
- assume _v2.INT_LT(2, inline$_v2.encode_ie_loop_label_14_head$0$out_bufsize);
- assume _v2.value_is(_v2.__ctobpl_const_20, inline$_v2.encode_ie_loop_label_14_head$0$out_bufsize);
- goto inline$_v2.encode_ie_loop_label_14_head$0$label_17#2;
-
- inline$_v2.encode_ie_loop_label_14_head$0$label_17#2:
- _v2.OK := _v2.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 30} true;
- assume _v2.INT_GEQ(inline$_v2.encode_ie_loop_label_14_head$0$out_p, 0);
- _v2.OK := _v2.OK
- && _v2.Res_VALID_REGION(inline$_v2.encode_ie_loop_label_14_head$0$out_p) == 1;
- assert true;
- _v2.Mem_T.UCHAR := _v2.Mem_T.UCHAR[inline$_v2.encode_ie_loop_label_14_head$0$out_p := 120];
- assume _v2.value_is(_v2.__ctobpl_const_21, inline$_v2.encode_ie_loop_label_14_head$0$out_p);
- assume _v2.value_is(_v2.__ctobpl_const_22,
- _v2.Mem_T.UCHAR[inline$_v2.encode_ie_loop_label_14_head$0$out_p]);
- goto inline$_v2.encode_ie_loop_label_14_head$0$label_18#2;
-
- inline$_v2.encode_ie_loop_label_14_head$0$label_18#2:
- _v2.OK := _v2.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 32} true;
- assume _v2.INT_GEQ(_v2.INT_PLUS(inline$_v2.encode_ie_loop_label_14_head$0$out_p, 1, 1), 0);
- _v2.OK := _v2.OK
- && _v2.Res_VALID_REGION(_v2.INT_PLUS(inline$_v2.encode_ie_loop_label_14_head$0$out_p, 1, 1))
- == 1;
- assert true;
- _v2.Mem_T.UCHAR := _v2.Mem_T.UCHAR[_v2.INT_PLUS(inline$_v2.encode_ie_loop_label_14_head$0$out_p, 1, 1) := 120];
- assume _v2.value_is(_v2.__ctobpl_const_23, inline$_v2.encode_ie_loop_label_14_head$0$out_p);
- assume _v2.value_is(_v2.__ctobpl_const_24,
- _v2.Mem_T.UCHAR[_v2.INT_PLUS(inline$_v2.encode_ie_loop_label_14_head$0$out_p, 1, 1)]);
- goto inline$_v2.encode_ie_loop_label_14_head$0$label_19#2;
-
- inline$_v2.encode_ie_loop_label_14_head$0$label_19#2:
- _v2.OK := _v2.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 33} true;
- inline$_v2.encode_ie_loop_label_14_head$0$out_tempBoogie0 := _v2.INT_PLUS(inline$_v2.encode_ie_loop_label_14_head$0$out_p, 1, 2);
- inline$_v2.encode_ie_loop_label_14_head$0$out_p := inline$_v2.encode_ie_loop_label_14_head$0$out_tempBoogie0;
- assume _v2.value_is(_v2.__ctobpl_const_25, inline$_v2.encode_ie_loop_label_14_head$0$out_p);
- goto inline$_v2.encode_ie_loop_label_14_head$0$label_20#2;
-
- inline$_v2.encode_ie_loop_label_14_head$0$label_20#2:
- _v2.OK := _v2.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 34} true;
- havoc inline$_v2.encode_ie_loop_label_14_head$0$out_tempBoogie0;
- assume _v2.INT_MINUS_BOTH_PTR_OR_BOTH_INT(inline$_v2.encode_ie_loop_label_14_head$0$out_bufsize, 2, 1, inline$_v2.encode_ie_loop_label_14_head$0$out_tempBoogie0);
- inline$_v2.encode_ie_loop_label_14_head$0$out_bufsize := inline$_v2.encode_ie_loop_label_14_head$0$out_tempBoogie0;
- assume _v2.value_is(_v2.__ctobpl_const_26, inline$_v2.encode_ie_loop_label_14_head$0$out_bufsize);
- goto inline$_v2.encode_ie_loop_label_14_head$0$label_21#2;
-
- inline$_v2.encode_ie_loop_label_14_head$0$label_21#2:
- _v2.OK := _v2.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 20} true;
- assume _v2.value_is(_v2.__ctobpl_const_27, inline$_v2.encode_ie_loop_label_14_head$0$out_i);
- inline$_v2.encode_ie_loop_label_14_head$0$out_i := _v2.INT_PLUS(inline$_v2.encode_ie_loop_label_14_head$0$out_i, 1, 1);
- goto inline$_v2.encode_ie_loop_label_14_head$0$label_21_dummy#2;
-
- inline$_v2.encode_ie_loop_label_14_head$0$label_21_dummy#2:
- _v2.encode_ie_loop_label_14_head_in_2_0, _v2.encode_ie_loop_label_14_head_in_2_1, _v2.encode_ie_loop_label_14_head_in_2_2, _v2.encode_ie_loop_label_14_head_in_2_3, _v2.encode_ie_loop_label_14_head_in_2_4, _v2.encode_ie_loop_label_14_head_in_2_5, _v2.encode_ie_loop_label_14_head_in_2_6 := inline$_v2.encode_ie_loop_label_14_head$0$out_bufsize, inline$_v2.encode_ie_loop_label_14_head$0$out_i, inline$_v2.encode_ie_loop_label_14_head$0$in_ielen, inline$_v2.encode_ie_loop_label_14_head$0$out_p, inline$_v2.encode_ie_loop_label_14_head$0$out_tempBoogie0, _v2.Mem_T.UCHAR, _v2.OK;
- call inline$_v2.encode_ie_loop_label_14_head$0$out_bufsize, inline$_v2.encode_ie_loop_label_14_head$0$out_i, inline$_v2.encode_ie_loop_label_14_head$0$out_p, inline$_v2.encode_ie_loop_label_14_head$0$out_tempBoogie0 := _v2.encode_ie_loop_label_14_head(inline$_v2.encode_ie_loop_label_14_head$0$out_bufsize, inline$_v2.encode_ie_loop_label_14_head$0$out_i, inline$_v2.encode_ie_loop_label_14_head$0$in_ielen, inline$_v2.encode_ie_loop_label_14_head$0$out_p, inline$_v2.encode_ie_loop_label_14_head$0$out_tempBoogie0);
- _v2.encode_ie_loop_label_14_head_2_done := true;
- _v2.encode_ie_loop_label_14_head_out_2_0, _v2.encode_ie_loop_label_14_head_out_2_1, _v2.encode_ie_loop_label_14_head_out_2_2, _v2.encode_ie_loop_label_14_head_out_2_3, _v2.encode_ie_loop_label_14_head_out_2_4, _v2.encode_ie_loop_label_14_head_out_2_5 := inline$_v2.encode_ie_loop_label_14_head$0$out_bufsize, inline$_v2.encode_ie_loop_label_14_head$0$out_i, inline$_v2.encode_ie_loop_label_14_head$0$out_p, inline$_v2.encode_ie_loop_label_14_head$0$out_tempBoogie0, _v2.Mem_T.UCHAR, _v2.OK;
- goto inline$_v2.encode_ie_loop_label_14_head$0$Return;
-
- inline$_v2.encode_ie_loop_label_14_head$0$Return:
- assume true;
- _v2.out_bufsize := inline$_v2.encode_ie_loop_label_14_head$0$out_bufsize;
- _v2.out_i := inline$_v2.encode_ie_loop_label_14_head$0$out_i;
- _v2.out_p := inline$_v2.encode_ie_loop_label_14_head$0$out_p;
- _v2.out_tempBoogie0 := inline$_v2.encode_ie_loop_label_14_head$0$out_tempBoogie0;
- goto START$2;
-
- START$2:
- goto MS_L_0_0;
-
- MS_L_0_0:
- goto MS_L_taken_0, MS_L_not_taken_0;
-
- MS_L_taken_0:
- assume _v1.encode_ie_loop_label_14_head_1_done
- && _v2.encode_ie_loop_label_14_head_2_done;
- store__0__v1.Mem_T.UCHAR, store__0__v1.OK := _v1.Mem_T.UCHAR, _v1.OK;
- store__0__v2.Mem_T.UCHAR, store__0__v2.OK := _v2.Mem_T.UCHAR, _v2.OK;
- _v1.Mem_T.UCHAR, _v1.OK := _v1.encode_ie_loop_label_14_head_in_1_5, _v1.encode_ie_loop_label_14_head_in_1_6;
- _v2.Mem_T.UCHAR, _v2.OK := _v2.encode_ie_loop_label_14_head_in_2_5, _v2.encode_ie_loop_label_14_head_in_2_6;
- call out__v1.encode_ie_loop_label_14_head_out_1_0_0, out__v1.encode_ie_loop_label_14_head_out_1_1_0, out__v1.encode_ie_loop_label_14_head_out_1_2_0, out__v2.encode_ie_loop_label_14_head_out_2_0_0, out__v2.encode_ie_loop_label_14_head_out_2_1_0, out__v2.encode_ie_loop_label_14_head_out_2_2_0, out__v2.encode_ie_loop_label_14_head_out_2_3_0 := MS_Check__v1.encode_ie_loop_label_14_head___v2.encode_ie_loop_label_14_head(_v1.encode_ie_loop_label_14_head_in_1_0, _v1.encode_ie_loop_label_14_head_in_1_1, _v1.encode_ie_loop_label_14_head_in_1_2, _v1.encode_ie_loop_label_14_head_in_1_3, _v1.encode_ie_loop_label_14_head_in_1_4, _v2.encode_ie_loop_label_14_head_in_2_0, _v2.encode_ie_loop_label_14_head_in_2_1, _v2.encode_ie_loop_label_14_head_in_2_2, _v2.encode_ie_loop_label_14_head_in_2_3, _v2.encode_ie_loop_label_14_head_in_2_4);
- assume _v1.Mem_T.UCHAR == _v1.encode_ie_loop_label_14_head_out_1_3
- && (_v1.OK <==> _v1.encode_ie_loop_label_14_head_out_1_4);
- assume _v2.Mem_T.UCHAR == _v2.encode_ie_loop_label_14_head_out_2_4
- && (_v2.OK <==> _v2.encode_ie_loop_label_14_head_out_2_5);
- assume _v1.encode_ie_loop_label_14_head_out_1_0
- == out__v1.encode_ie_loop_label_14_head_out_1_0_0
- && _v1.encode_ie_loop_label_14_head_out_1_1
- == out__v1.encode_ie_loop_label_14_head_out_1_1_0
- && _v1.encode_ie_loop_label_14_head_out_1_2
- == out__v1.encode_ie_loop_label_14_head_out_1_2_0
- && _v2.encode_ie_loop_label_14_head_out_2_0
- == out__v2.encode_ie_loop_label_14_head_out_2_0_0
- && _v2.encode_ie_loop_label_14_head_out_2_1
- == out__v2.encode_ie_loop_label_14_head_out_2_1_0
- && _v2.encode_ie_loop_label_14_head_out_2_2
- == out__v2.encode_ie_loop_label_14_head_out_2_2_0
- && _v2.encode_ie_loop_label_14_head_out_2_3
- == out__v2.encode_ie_loop_label_14_head_out_2_3_0;
- _v1.Mem_T.UCHAR, _v1.OK := store__0__v1.Mem_T.UCHAR, store__0__v1.OK;
- _v2.Mem_T.UCHAR, _v2.OK := store__0__v2.Mem_T.UCHAR, store__0__v2.OK;
- goto MS_L_meet_0;
-
- MS_L_not_taken_0:
- assume !(_v1.encode_ie_loop_label_14_head_1_done
- && _v2.encode_ie_loop_label_14_head_2_done);
- goto MS_L_meet_0;
-
- MS_L_meet_0:
- return;
-}
-
-
-
-function {:inline true} MS$_v1.giwscan_cb$_v2.giwscan_cb(_v1.se_.1: int,
- _v1.OK_old: bool,
- _v1.Mem_old: [name][int]int,
- _v1.alloc_old: int,
- _v1.Mem_T.A1CHAR_old: [int]int,
- _v1.Mem_T.A5UCHAR_old: [int]int,
- _v1.Mem_T.A6UCHAR_old: [int]int,
- _v1.Mem_T.CHAR_old: [int]int,
- _v1.Mem_T.INT4_old: [int]int,
- _v1.Mem_T.PCHAR_old: [int]int,
- _v1.Mem_T.PUCHAR_old: [int]int,
- _v1.Mem_T.PVOID_old: [int]int,
- _v1.Mem_T.Pieee80211_scan_entry_old: [int]int,
- _v1.Mem_T.UCHAR_old: [int]int,
- _v1.Mem_T.VOID_old: [int]int,
- _v1.Mem_T.ieee80211_scan_entry_old: [int]int,
- _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry_old: [int]int,
- _v1.detChoiceCnt_old: int,
- _v1.Res_KERNEL_SOURCE_old: [int]int,
- _v1.Res_PROBED_old: [int]int,
- _v1.alloc_: int,
- _v1.OK_: bool,
- _v1.Mem_T.UCHAR_: [int]int,
- _v1.result.giwscan_cb$1: int,
- _v2.se_.1: int,
- _v2.OK_old: bool,
- _v2.Mem_old: [name][int]int,
- _v2.alloc_old: int,
- _v2.Mem_T.A1CHAR_old: [int]int,
- _v2.Mem_T.A5UCHAR_old: [int]int,
- _v2.Mem_T.A6UCHAR_old: [int]int,
- _v2.Mem_T.CHAR_old: [int]int,
- _v2.Mem_T.INT4_old: [int]int,
- _v2.Mem_T.PCHAR_old: [int]int,
- _v2.Mem_T.PUCHAR_old: [int]int,
- _v2.Mem_T.PVOID_old: [int]int,
- _v2.Mem_T.Pieee80211_scan_entry_old: [int]int,
- _v2.Mem_T.UCHAR_old: [int]int,
- _v2.Mem_T.VOID_old: [int]int,
- _v2.Mem_T.ieee80211_scan_entry_old: [int]int,
- _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry_old: [int]int,
- _v2.detChoiceCnt_old: int,
- _v2.Res_KERNEL_SOURCE_old: [int]int,
- _v2.Res_PROBED_old: [int]int,
- _v2.alloc_: int,
- _v2.OK_: bool,
- _v2.Mem_T.UCHAR_: [int]int,
- _v2.result.giwscan_cb$1: int)
- : bool
-{
- true
-}
-
-const {:existential true} _houdini_156: bool;
-
-const {:existential true} _houdini_157: bool;
-
-const {:existential true} _houdini_158: bool;
-
-const {:existential true} _houdini_159: bool;
-
-const {:existential true} _houdini_160: bool;
-
-const {:existential true} _houdini_161: bool;
-
-const {:existential true} _houdini_162: bool;
-
-const {:existential true} _houdini_163: bool;
-
-const {:existential true} _houdini_164: bool;
-
-const {:existential true} _houdini_165: bool;
-
-const {:existential true} _houdini_166: bool;
-
-const {:existential true} _houdini_167: bool;
-
-const {:existential true} _houdini_168: bool;
-
-const {:existential true} _houdini_169: bool;
-
-const {:existential true} _houdini_170: bool;
-
-const {:existential true} _houdini_171: bool;
-
-const {:existential true} _houdini_172: bool;
-
-const {:existential true} _houdini_173: bool;
-
-const {:existential true} _houdini_174: bool;
-
-const {:existential true} _houdini_175: bool;
-
-const {:existential true} _houdini_176: bool;
-
-const {:existential true} _houdini_177: bool;
-
-const {:existential true} _houdini_178: bool;
-
-const {:existential true} _houdini_179: bool;
-
-const {:existential true} _houdini_180: bool;
-
-const {:existential true} _houdini_181: bool;
-
-const {:existential true} _houdini_182: bool;
-
-const {:existential true} _houdini_183: bool;
-
-const {:existential true} _houdini_184: bool;
-
-const {:existential true} _houdini_185: bool;
-
-const {:existential true} _houdini_186: bool;
-
-procedure MS_Check__v1.giwscan_cb___v2.giwscan_cb(_v1.se_.1: int, _v2.se_.1: int)
- returns (_v1.result.giwscan_cb$1: int, _v2.result.giwscan_cb$1: int);
- requires _houdini_163 ==> _v1.se_.1 <= _v2.se_.1;
- requires _houdini_164 ==> _v2.se_.1 <= _v1.se_.1;
- requires _houdini_165 ==> _v1.OK ==> _v2.OK;
- requires _houdini_166 ==> _v2.OK ==> _v1.OK;
- requires _houdini_167 ==> _v1.Mem == _v2.Mem;
- requires _houdini_168 ==> _v1.alloc <= _v2.alloc;
- requires _houdini_169 ==> _v2.alloc <= _v1.alloc;
- requires _houdini_170 ==> _v1.Mem_T.A1CHAR == _v2.Mem_T.A1CHAR;
- requires _houdini_171 ==> _v1.Mem_T.A5UCHAR == _v2.Mem_T.A5UCHAR;
- requires _houdini_172 ==> _v1.Mem_T.A6UCHAR == _v2.Mem_T.A6UCHAR;
- requires _houdini_173 ==> _v1.Mem_T.CHAR == _v2.Mem_T.CHAR;
- requires _houdini_174 ==> _v1.Mem_T.INT4 == _v2.Mem_T.INT4;
- requires _houdini_175 ==> _v1.Mem_T.PCHAR == _v2.Mem_T.PCHAR;
- requires _houdini_176 ==> _v1.Mem_T.PUCHAR == _v2.Mem_T.PUCHAR;
- requires _houdini_177 ==> _v1.Mem_T.PVOID == _v2.Mem_T.PVOID;
- requires _houdini_178
- ==> _v1.Mem_T.Pieee80211_scan_entry == _v2.Mem_T.Pieee80211_scan_entry;
- requires _houdini_179 ==> _v1.Mem_T.UCHAR == _v2.Mem_T.UCHAR;
- requires _houdini_180 ==> _v1.Mem_T.VOID == _v2.Mem_T.VOID;
- requires _houdini_181
- ==> _v1.Mem_T.ieee80211_scan_entry == _v2.Mem_T.ieee80211_scan_entry;
- requires _houdini_182
- ==> _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry
- == _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry;
- requires _houdini_183 ==> _v1.detChoiceCnt <= _v2.detChoiceCnt;
- requires _houdini_184 ==> _v2.detChoiceCnt <= _v1.detChoiceCnt;
- requires _houdini_185 ==> _v1.Res_KERNEL_SOURCE == _v2.Res_KERNEL_SOURCE;
- requires _houdini_186 ==> _v1.Res_PROBED == _v2.Res_PROBED;
- modifies _v1.alloc, _v1.OK, _v1.Mem_T.UCHAR, _v2.alloc, _v2.OK, _v2.Mem_T.UCHAR;
- ensures MS$_v1.giwscan_cb$_v2.giwscan_cb(_v1.se_.1,
- old(_v1.OK),
- old(_v1.Mem),
- old(_v1.alloc),
- old(_v1.Mem_T.A1CHAR),
- old(_v1.Mem_T.A5UCHAR),
- old(_v1.Mem_T.A6UCHAR),
- old(_v1.Mem_T.CHAR),
- old(_v1.Mem_T.INT4),
- old(_v1.Mem_T.PCHAR),
- old(_v1.Mem_T.PUCHAR),
- old(_v1.Mem_T.PVOID),
- old(_v1.Mem_T.Pieee80211_scan_entry),
- old(_v1.Mem_T.UCHAR),
- old(_v1.Mem_T.VOID),
- old(_v1.Mem_T.ieee80211_scan_entry),
- old(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry),
- old(_v1.detChoiceCnt),
- old(_v1.Res_KERNEL_SOURCE),
- old(_v1.Res_PROBED),
- _v1.alloc,
- _v1.OK,
- _v1.Mem_T.UCHAR,
- _v1.result.giwscan_cb$1,
- _v2.se_.1,
- old(_v2.OK),
- old(_v2.Mem),
- old(_v2.alloc),
- old(_v2.Mem_T.A1CHAR),
- old(_v2.Mem_T.A5UCHAR),
- old(_v2.Mem_T.A6UCHAR),
- old(_v2.Mem_T.CHAR),
- old(_v2.Mem_T.INT4),
- old(_v2.Mem_T.PCHAR),
- old(_v2.Mem_T.PUCHAR),
- old(_v2.Mem_T.PVOID),
- old(_v2.Mem_T.Pieee80211_scan_entry),
- old(_v2.Mem_T.UCHAR),
- old(_v2.Mem_T.VOID),
- old(_v2.Mem_T.ieee80211_scan_entry),
- old(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry),
- old(_v2.detChoiceCnt),
- old(_v2.Res_KERNEL_SOURCE),
- old(_v2.Res_PROBED),
- _v2.alloc,
- _v2.OK,
- _v2.Mem_T.UCHAR,
- _v2.result.giwscan_cb$1);
- ensures _houdini_156 ==> _v1.result.giwscan_cb$1 <= _v2.result.giwscan_cb$1;
- ensures _houdini_157 ==> _v2.result.giwscan_cb$1 <= _v1.result.giwscan_cb$1;
- ensures _houdini_158 ==> _v1.alloc <= _v2.alloc;
- ensures _houdini_159 ==> _v2.alloc <= _v1.alloc;
- ensures _houdini_160 ==> _v1.OK ==> _v2.OK;
- ensures _houdini_161 ==> _v2.OK ==> _v1.OK;
- ensures _houdini_162 ==> _v1.Mem_T.UCHAR == _v2.Mem_T.UCHAR;
-
-
-
-implementation MS_Check__v1.giwscan_cb___v2.giwscan_cb(_v1.se_.1: int, _v2.se_.1: int)
- returns (_v1.result.giwscan_cb$1: int, _v2.result.giwscan_cb$1: int)
-{
- var inline$_v1.giwscan_cb$0$havoc_stringTemp: int;
- var inline$_v1.giwscan_cb$0$condVal: int;
- var inline$_v1.giwscan_cb$0$buf: int;
- var inline$_v1.giwscan_cb$0$$encode_ie.arg.4$3.$$static$: int;
- var inline$_v1.giwscan_cb$0$result.encode_ie$2: int;
- var inline$_v1.giwscan_cb$0$rsn_leader: int;
- var inline$_v1.giwscan_cb$0$se: int;
- var inline$_v1.giwscan_cb$0$tempBoogie0: int;
- var inline$_v1.giwscan_cb$0$tempBoogie1: int;
- var inline$_v1.giwscan_cb$0$tempBoogie2: int;
- var inline$_v1.giwscan_cb$0$tempBoogie3: int;
- var inline$_v1.giwscan_cb$0$tempBoogie4: int;
- var inline$_v1.giwscan_cb$0$tempBoogie5: int;
- var inline$_v1.giwscan_cb$0$tempBoogie6: int;
- var inline$_v1.giwscan_cb$0$tempBoogie7: int;
- var inline$_v1.giwscan_cb$0$tempBoogie8: int;
- var inline$_v1.giwscan_cb$0$tempBoogie9: int;
- var inline$_v1.giwscan_cb$0$tempBoogie10: int;
- var inline$_v1.giwscan_cb$0$tempBoogie11: int;
- var inline$_v1.giwscan_cb$0$tempBoogie12: int;
- var inline$_v1.giwscan_cb$0$tempBoogie13: int;
- var inline$_v1.giwscan_cb$0$tempBoogie14: int;
- var inline$_v1.giwscan_cb$0$tempBoogie15: int;
- var inline$_v1.giwscan_cb$0$tempBoogie16: int;
- var inline$_v1.giwscan_cb$0$tempBoogie17: int;
- var inline$_v1.giwscan_cb$0$tempBoogie18: int;
- var inline$_v1.giwscan_cb$0$tempBoogie19: int;
- var inline$_v1.giwscan_cb$0$__havoc_dummy_return: int;
- var inline$_v1.giwscan_cb$0$se_.1: int;
- var inline$_v1.giwscan_cb$0$result.giwscan_cb$1: int;
- var inline$_v1.giwscan_cb$0$_v1.alloc: int;
- var inline$_v1.giwscan_cb$0$_v1.OK: bool;
- var inline$_v1.giwscan_cb$0$_v1.Mem_T.UCHAR: [int]int;
- var inline$_v2.giwscan_cb$0$havoc_stringTemp: int;
- var inline$_v2.giwscan_cb$0$condVal: int;
- var inline$_v2.giwscan_cb$0$buf: int;
- var inline$_v2.giwscan_cb$0$$encode_ie.arg.4$3.$$static$: int;
- var inline$_v2.giwscan_cb$0$result.encode_ie$2: int;
- var inline$_v2.giwscan_cb$0$rsn_leader: int;
- var inline$_v2.giwscan_cb$0$se: int;
- var inline$_v2.giwscan_cb$0$tempBoogie0: int;
- var inline$_v2.giwscan_cb$0$tempBoogie1: int;
- var inline$_v2.giwscan_cb$0$tempBoogie2: int;
- var inline$_v2.giwscan_cb$0$tempBoogie3: int;
- var inline$_v2.giwscan_cb$0$tempBoogie4: int;
- var inline$_v2.giwscan_cb$0$tempBoogie5: int;
- var inline$_v2.giwscan_cb$0$tempBoogie6: int;
- var inline$_v2.giwscan_cb$0$tempBoogie7: int;
- var inline$_v2.giwscan_cb$0$tempBoogie8: int;
- var inline$_v2.giwscan_cb$0$tempBoogie9: int;
- var inline$_v2.giwscan_cb$0$tempBoogie10: int;
- var inline$_v2.giwscan_cb$0$tempBoogie11: int;
- var inline$_v2.giwscan_cb$0$tempBoogie12: int;
- var inline$_v2.giwscan_cb$0$tempBoogie13: int;
- var inline$_v2.giwscan_cb$0$tempBoogie14: int;
- var inline$_v2.giwscan_cb$0$tempBoogie15: int;
- var inline$_v2.giwscan_cb$0$tempBoogie16: int;
- var inline$_v2.giwscan_cb$0$tempBoogie17: int;
- var inline$_v2.giwscan_cb$0$tempBoogie18: int;
- var inline$_v2.giwscan_cb$0$tempBoogie19: int;
- var inline$_v2.giwscan_cb$0$__havoc_dummy_return: int;
- var inline$_v2.giwscan_cb$0$se_.1: int;
- var inline$_v2.giwscan_cb$0$result.giwscan_cb$1: int;
- var inline$_v2.giwscan_cb$0$_v2.alloc: int;
- var inline$_v2.giwscan_cb$0$_v2.OK: bool;
- var inline$_v2.giwscan_cb$0$_v2.Mem_T.UCHAR: [int]int;
- var _v1.__HAVOC_det_malloc_1_done: bool;
- var _v1.__HAVOC_det_malloc_in_1_0: int;
- var _v1.__HAVOC_det_malloc_in_1_1: int;
- var _v1.__HAVOC_det_malloc_in_1_2: bool;
- var _v1.__HAVOC_det_malloc_in_1_3: [int]int;
- var _v1.__HAVOC_det_malloc_out_1_0: int;
- var _v1.__HAVOC_det_malloc_out_1_1: int;
- var _v1.__HAVOC_det_malloc_2_done: bool;
- var _v1.__HAVOC_det_malloc_in_2_0: int;
- var _v1.__HAVOC_det_malloc_in_2_1: int;
- var _v1.__HAVOC_det_malloc_in_2_2: bool;
- var _v1.__HAVOC_det_malloc_in_2_3: [int]int;
- var _v1.__HAVOC_det_malloc_out_2_0: int;
- var _v1.__HAVOC_det_malloc_out_2_1: int;
- var _v1.encode_ie_3_done: bool;
- var _v1.encode_ie_in_3_0: int;
- var _v1.encode_ie_in_3_1: int;
- var _v1.encode_ie_in_3_2: int;
- var _v1.encode_ie_in_3_3: int;
- var _v1.encode_ie_in_3_4: int;
- var _v1.encode_ie_in_3_5: int;
- var _v1.encode_ie_in_3_6: int;
- var _v1.encode_ie_in_3_7: bool;
- var _v1.encode_ie_in_3_8: [int]int;
- var _v1.encode_ie_out_3_0: int;
- var _v1.encode_ie_out_3_1: bool;
- var _v1.encode_ie_out_3_2: [int]int;
- var _v1.__HAVOC_free_4_done: bool;
- var _v1.__HAVOC_free_in_4_0: int;
- var _v1.__HAVOC_free_in_4_1: int;
- var _v1.__HAVOC_free_in_4_2: bool;
- var _v1.__HAVOC_free_in_4_3: [int]int;
- var _v1.__HAVOC_free_5_done: bool;
- var _v1.__HAVOC_free_in_5_0: int;
- var _v1.__HAVOC_free_in_5_1: int;
- var _v1.__HAVOC_free_in_5_2: bool;
- var _v1.__HAVOC_free_in_5_3: [int]int;
- var _v2.__HAVOC_det_malloc_6_done: bool;
- var _v2.__HAVOC_det_malloc_in_6_0: int;
- var _v2.__HAVOC_det_malloc_in_6_1: int;
- var _v2.__HAVOC_det_malloc_in_6_2: bool;
- var _v2.__HAVOC_det_malloc_in_6_3: [int]int;
- var _v2.__HAVOC_det_malloc_out_6_0: int;
- var _v2.__HAVOC_det_malloc_out_6_1: int;
- var _v2.__HAVOC_det_malloc_7_done: bool;
- var _v2.__HAVOC_det_malloc_in_7_0: int;
- var _v2.__HAVOC_det_malloc_in_7_1: int;
- var _v2.__HAVOC_det_malloc_in_7_2: bool;
- var _v2.__HAVOC_det_malloc_in_7_3: [int]int;
- var _v2.__HAVOC_det_malloc_out_7_0: int;
- var _v2.__HAVOC_det_malloc_out_7_1: int;
- var _v2.encode_ie_8_done: bool;
- var _v2.encode_ie_in_8_0: int;
- var _v2.encode_ie_in_8_1: int;
- var _v2.encode_ie_in_8_2: int;
- var _v2.encode_ie_in_8_3: int;
- var _v2.encode_ie_in_8_4: int;
- var _v2.encode_ie_in_8_5: int;
- var _v2.encode_ie_in_8_6: int;
- var _v2.encode_ie_in_8_7: bool;
- var _v2.encode_ie_in_8_8: [int]int;
- var _v2.encode_ie_out_8_0: int;
- var _v2.encode_ie_out_8_1: bool;
- var _v2.encode_ie_out_8_2: [int]int;
- var _v2.__HAVOC_free_9_done: bool;
- var _v2.__HAVOC_free_in_9_0: int;
- var _v2.__HAVOC_free_in_9_1: int;
- var _v2.__HAVOC_free_in_9_2: bool;
- var _v2.__HAVOC_free_in_9_3: [int]int;
- var _v2.__HAVOC_free_10_done: bool;
- var _v2.__HAVOC_free_in_10_0: int;
- var _v2.__HAVOC_free_in_10_1: int;
- var _v2.__HAVOC_free_in_10_2: bool;
- var _v2.__HAVOC_free_in_10_3: [int]int;
- var store__0__v1.alloc: int;
- var store__0__v1.OK: bool;
- var store__0__v1.Mem_T.UCHAR: [int]int;
- var store__0__v2.alloc: int;
- var store__0__v2.OK: bool;
- var store__0__v2.Mem_T.UCHAR: [int]int;
- var out__v1.__HAVOC_det_malloc_out_1_0_0: int;
- var out__v2.__HAVOC_det_malloc_out_6_0_0: int;
- var store__1__v1.alloc: int;
- var store__1__v1.OK: bool;
- var store__1__v1.Mem_T.UCHAR: [int]int;
- var store__1__v2.alloc: int;
- var store__1__v2.OK: bool;
- var store__1__v2.Mem_T.UCHAR: [int]int;
- var out__v1.__HAVOC_det_malloc_out_1_0_1: int;
- var out__v2.__HAVOC_det_malloc_out_7_0_1: int;
- var store__2__v1.alloc: int;
- var store__2__v1.OK: bool;
- var store__2__v1.Mem_T.UCHAR: [int]int;
- var store__2__v2.alloc: int;
- var store__2__v2.OK: bool;
- var store__2__v2.Mem_T.UCHAR: [int]int;
- var out__v1.__HAVOC_det_malloc_out_2_0_2: int;
- var out__v2.__HAVOC_det_malloc_out_6_0_2: int;
- var store__3__v1.alloc: int;
- var store__3__v1.OK: bool;
- var store__3__v1.Mem_T.UCHAR: [int]int;
- var store__3__v2.alloc: int;
- var store__3__v2.OK: bool;
- var store__3__v2.Mem_T.UCHAR: [int]int;
- var out__v1.__HAVOC_det_malloc_out_2_0_3: int;
- var out__v2.__HAVOC_det_malloc_out_7_0_3: int;
- var store__4__v1.alloc: int;
- var store__4__v1.OK: bool;
- var store__4__v1.Mem_T.UCHAR: [int]int;
- var store__4__v2.alloc: int;
- var store__4__v2.OK: bool;
- var store__4__v2.Mem_T.UCHAR: [int]int;
- var out__v1.encode_ie_out_3_0_4: int;
- var out__v2.encode_ie_out_8_0_4: int;
- var store__5__v1.alloc: int;
- var store__5__v1.OK: bool;
- var store__5__v1.Mem_T.UCHAR: [int]int;
- var store__5__v2.alloc: int;
- var store__5__v2.OK: bool;
- var store__5__v2.Mem_T.UCHAR: [int]int;
- var store__6__v1.alloc: int;
- var store__6__v1.OK: bool;
- var store__6__v1.Mem_T.UCHAR: [int]int;
- var store__6__v2.alloc: int;
- var store__6__v2.OK: bool;
- var store__6__v2.Mem_T.UCHAR: [int]int;
- var store__7__v1.alloc: int;
- var store__7__v1.OK: bool;
- var store__7__v1.Mem_T.UCHAR: [int]int;
- var store__7__v2.alloc: int;
- var store__7__v2.OK: bool;
- var store__7__v2.Mem_T.UCHAR: [int]int;
- var store__8__v1.alloc: int;
- var store__8__v1.OK: bool;
- var store__8__v1.Mem_T.UCHAR: [int]int;
- var store__8__v2.alloc: int;
- var store__8__v2.OK: bool;
- var store__8__v2.Mem_T.UCHAR: [int]int;
-
- START:
- _v1.__HAVOC_det_malloc_1_done, _v1.__HAVOC_det_malloc_2_done, _v1.encode_ie_3_done, _v1.__HAVOC_free_4_done, _v1.__HAVOC_free_5_done, _v2.__HAVOC_det_malloc_6_done, _v2.__HAVOC_det_malloc_7_done, _v2.encode_ie_8_done, _v2.__HAVOC_free_9_done, _v2.__HAVOC_free_10_done := false, false, false, false, false, false, false, false, false, false;
- goto inline$_v1.giwscan_cb$0$Entry;
-
- inline$_v1.giwscan_cb$0$Entry:
- inline$_v1.giwscan_cb$0$se_.1 := _v1.se_.1;
- havoc inline$_v1.giwscan_cb$0$havoc_stringTemp, inline$_v1.giwscan_cb$0$condVal, inline$_v1.giwscan_cb$0$buf, inline$_v1.giwscan_cb$0$$encode_ie.arg.4$3.$$static$, inline$_v1.giwscan_cb$0$result.encode_ie$2, inline$_v1.giwscan_cb$0$rsn_leader, inline$_v1.giwscan_cb$0$se, inline$_v1.giwscan_cb$0$tempBoogie0, inline$_v1.giwscan_cb$0$tempBoogie1, inline$_v1.giwscan_cb$0$tempBoogie2, inline$_v1.giwscan_cb$0$tempBoogie3, inline$_v1.giwscan_cb$0$tempBoogie4, inline$_v1.giwscan_cb$0$tempBoogie5, inline$_v1.giwscan_cb$0$tempBoogie6, inline$_v1.giwscan_cb$0$tempBoogie7, inline$_v1.giwscan_cb$0$tempBoogie8, inline$_v1.giwscan_cb$0$tempBoogie9, inline$_v1.giwscan_cb$0$tempBoogie10, inline$_v1.giwscan_cb$0$tempBoogie11, inline$_v1.giwscan_cb$0$tempBoogie12, inline$_v1.giwscan_cb$0$tempBoogie13, inline$_v1.giwscan_cb$0$tempBoogie14, inline$_v1.giwscan_cb$0$tempBoogie15, inline$_v1.giwscan_cb$0$tempBoogie16, inline$_v1.giwscan_cb$0$tempBoogie17, inline$_v1.giwscan_cb$0$tempBoogie18, inline$_v1.giwscan_cb$0$tempBoogie19, inline$_v1.giwscan_cb$0$__havoc_dummy_return, inline$_v1.giwscan_cb$0$result.giwscan_cb$1;
- inline$_v1.giwscan_cb$0$_v1.alloc := _v1.alloc;
- inline$_v1.giwscan_cb$0$_v1.OK := _v1.OK;
- inline$_v1.giwscan_cb$0$_v1.Mem_T.UCHAR := _v1.Mem_T.UCHAR;
- goto inline$_v1.giwscan_cb$0$anon0#2;
-
- inline$_v1.giwscan_cb$0$anon0#2:
- inline$_v1.giwscan_cb$0$havoc_stringTemp := 0;
- goto inline$_v1.giwscan_cb$0$start#2;
-
- inline$_v1.giwscan_cb$0$start#2:
- assume _v2.INT_LT(inline$_v1.giwscan_cb$0$se_.1, _v1.alloc);
- _v1.__HAVOC_det_malloc_in_1_0, _v1.__HAVOC_det_malloc_in_1_1, _v1.__HAVOC_det_malloc_in_1_2, _v1.__HAVOC_det_malloc_in_1_3 := 6, _v1.alloc, _v1.OK, _v1.Mem_T.UCHAR;
- call inline$_v1.giwscan_cb$0$buf := _v1.__HAVOC_det_malloc(6);
- _v1.__HAVOC_det_malloc_1_done := true;
- _v1.__HAVOC_det_malloc_out_1_0, _v1.__HAVOC_det_malloc_out_1_1 := inline$_v1.giwscan_cb$0$buf, _v1.alloc;
- inline$_v1.giwscan_cb$0$$encode_ie.arg.4$3.$$static$ := 0;
- inline$_v1.giwscan_cb$0$result.encode_ie$2 := 0;
- inline$_v1.giwscan_cb$0$result.giwscan_cb$1 := 0;
- _v1.__HAVOC_det_malloc_in_2_0, _v1.__HAVOC_det_malloc_in_2_1, _v1.__HAVOC_det_malloc_in_2_2, _v1.__HAVOC_det_malloc_in_2_3 := 1, _v1.alloc, _v1.OK, _v1.Mem_T.UCHAR;
- call inline$_v1.giwscan_cb$0$rsn_leader := _v1.__HAVOC_det_malloc(1);
- _v1.__HAVOC_det_malloc_2_done := true;
- _v1.__HAVOC_det_malloc_out_2_0, _v1.__HAVOC_det_malloc_out_2_1 := inline$_v1.giwscan_cb$0$rsn_leader, _v1.alloc;
- inline$_v1.giwscan_cb$0$se := 0;
- assume _v2.INT_GEQ(inline$_v1.giwscan_cb$0$se_.1, 0);
- inline$_v1.giwscan_cb$0$se := inline$_v1.giwscan_cb$0$se_.1;
- goto inline$_v1.giwscan_cb$0$label_3#2;
-
- inline$_v1.giwscan_cb$0$label_3#2:
- _v1.OK := _v1.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 45} true;
- goto inline$_v1.giwscan_cb$0$label_4#2;
-
- inline$_v1.giwscan_cb$0$label_4#2:
- _v1.OK := _v1.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 46} true;
- goto inline$_v1.giwscan_cb$0$label_5#2;
-
- inline$_v1.giwscan_cb$0$label_5#2:
- _v1.OK := _v1.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 50} true;
- assume _v2.INT_GEQ(inline$_v1.giwscan_cb$0$se, 0);
- _v1.OK := _v1.OK
- && _v2.Res_VALID_REGION(_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v1.giwscan_cb$0$se))
- == 1;
- assert true;
- goto inline$_v1.giwscan_cb$0$label_5_true#2, inline$_v1.giwscan_cb$0$label_5_false#2;
-
- inline$_v1.giwscan_cb$0$label_5_false#2:
- assume _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v1.giwscan_cb$0$se)]
- == 0;
- assume _v2.value_is(_v1.__ctobpl_const_32, inline$_v1.giwscan_cb$0$se);
- assume _v2.value_is(_v1.__ctobpl_const_33,
- _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v1.giwscan_cb$0$se)]);
- goto inline$_v1.giwscan_cb$0$label_6#2;
-
- inline$_v1.giwscan_cb$0$label_5_true#2:
- assume _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v1.giwscan_cb$0$se)]
- != 0;
- assume _v2.value_is(_v1.__ctobpl_const_32, inline$_v1.giwscan_cb$0$se);
- assume _v2.value_is(_v1.__ctobpl_const_33,
- _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v1.giwscan_cb$0$se)]);
- goto inline$_v1.giwscan_cb$0$label_7#2;
-
- inline$_v1.giwscan_cb$0$label_7#2:
- _v1.OK := _v1.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 51} true;
- assume _v2.INT_GEQ(inline$_v1.giwscan_cb$0$se, 0);
- _v1.OK := _v1.OK
- && _v2.Res_VALID_REGION(_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v1.giwscan_cb$0$se))
- == 1;
- assert true;
- assume _v2.INT_GEQ(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v1.giwscan_cb$0$se)],
- 0);
- _v1.OK := _v1.OK
- && _v2.Res_VALID_REGION(_v2.INT_PLUS(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v1.giwscan_cb$0$se)],
- 1,
- 0))
- == 1;
- assert true;
- goto inline$_v1.giwscan_cb$0$label_7_true#2, inline$_v1.giwscan_cb$0$label_7_false#2;
-
- inline$_v1.giwscan_cb$0$label_7_false#2:
- assume !_v2.INT_EQ(_v1.Mem_T.UCHAR[_v2.INT_PLUS(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v1.giwscan_cb$0$se)],
- 1,
- 0)],
- 200);
- assume _v2.value_is(_v1.__ctobpl_const_34, inline$_v1.giwscan_cb$0$se);
- assume _v2.value_is(_v1.__ctobpl_const_35,
- _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v1.giwscan_cb$0$se)]);
- assume _v2.value_is(_v1.__ctobpl_const_36,
- _v1.Mem_T.UCHAR[_v2.INT_PLUS(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v1.giwscan_cb$0$se)],
- 1,
- 0)]);
- goto inline$_v1.giwscan_cb$0$label_6#2;
-
- inline$_v1.giwscan_cb$0$label_7_true#2:
- assume _v2.INT_EQ(_v1.Mem_T.UCHAR[_v2.INT_PLUS(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v1.giwscan_cb$0$se)],
- 1,
- 0)],
- 200);
- assume _v2.value_is(_v1.__ctobpl_const_34, inline$_v1.giwscan_cb$0$se);
- assume _v2.value_is(_v1.__ctobpl_const_35,
- _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v1.giwscan_cb$0$se)]);
- assume _v2.value_is(_v1.__ctobpl_const_36,
- _v1.Mem_T.UCHAR[_v2.INT_PLUS(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v1.giwscan_cb$0$se)],
- 1,
- 0)]);
- goto inline$_v1.giwscan_cb$0$label_8#2;
-
- inline$_v1.giwscan_cb$0$label_8#2:
- _v1.OK := _v1.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 53} true;
- assume _v2.INT_GEQ(inline$_v1.giwscan_cb$0$se, 0);
- _v1.OK := _v1.OK
- && _v2.Res_VALID_REGION(_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v1.giwscan_cb$0$se))
- == 1;
- assert true;
- assume _v2.INT_GEQ(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v1.giwscan_cb$0$se)],
- 0);
- _v1.OK := _v1.OK
- && _v2.Res_VALID_REGION(_v2.INT_PLUS(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v1.giwscan_cb$0$se)],
- 1,
- 1))
- == 1;
- assert true;
- inline$_v1.giwscan_cb$0$$encode_ie.arg.4$3.$$static$ := _v2.INT_PLUS(_v1.Mem_T.UCHAR[_v2.INT_PLUS(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v1.giwscan_cb$0$se)],
- 1,
- 1)],
- 1,
- 2);
- assume _v2.value_is(_v1.__ctobpl_const_37, inline$_v1.giwscan_cb$0$$encode_ie.arg.4$3.$$static$);
- assume _v2.value_is(_v1.__ctobpl_const_38, inline$_v1.giwscan_cb$0$se);
- assume _v2.value_is(_v1.__ctobpl_const_39,
- _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v1.giwscan_cb$0$se)]);
- assume _v2.value_is(_v1.__ctobpl_const_40,
- _v1.Mem_T.UCHAR[_v2.INT_PLUS(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v1.giwscan_cb$0$se)],
- 1,
- 1)]);
- goto inline$_v1.giwscan_cb$0$label_9#2;
-
- inline$_v1.giwscan_cb$0$label_9#2:
- _v1.OK := _v1.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 52} true;
- assume _v2.INT_GEQ(inline$_v1.giwscan_cb$0$se, 0);
- _v1.OK := _v1.OK
- && _v2.Res_VALID_REGION(_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v1.giwscan_cb$0$se))
- == 1;
- assert true;
- assume _v2.INT_GEQ(inline$_v1.giwscan_cb$0$se, 0);
- _v1.OK := _v1.OK
- && _v2.Res_VALID_REGION(_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v1.giwscan_cb$0$se))
- == 1;
- assert true;
- _v1.encode_ie_in_3_0, _v1.encode_ie_in_3_1, _v1.encode_ie_in_3_2, _v1.encode_ie_in_3_3, _v1.encode_ie_in_3_4, _v1.encode_ie_in_3_5, _v1.encode_ie_in_3_6, _v1.encode_ie_in_3_7, _v1.encode_ie_in_3_8 := inline$_v1.giwscan_cb$0$buf, 6, _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v1.giwscan_cb$0$se)], inline$_v1.giwscan_cb$0$$encode_ie.arg.4$3.$$static$, inline$_v1.giwscan_cb$0$rsn_leader, 1, _v1.alloc, _v1.OK, _v1.Mem_T.UCHAR;
- call inline$_v1.giwscan_cb$0$result.encode_ie$2 := _v1.encode_ie(inline$_v1.giwscan_cb$0$buf, 6, _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v1.giwscan_cb$0$se)], inline$_v1.giwscan_cb$0$$encode_ie.arg.4$3.$$static$, inline$_v1.giwscan_cb$0$rsn_leader, 1);
- _v1.encode_ie_3_done := true;
- _v1.encode_ie_out_3_0, _v1.encode_ie_out_3_1, _v1.encode_ie_out_3_2 := inline$_v1.giwscan_cb$0$result.encode_ie$2, _v1.OK, _v1.Mem_T.UCHAR;
- assume _v2.value_is(_v1.__ctobpl_const_41, inline$_v1.giwscan_cb$0$se);
- assume _v2.value_is(_v1.__ctobpl_const_42,
- _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v1.giwscan_cb$0$se)]);
- assume _v2.value_is(_v1.__ctobpl_const_43, inline$_v1.giwscan_cb$0$$encode_ie.arg.4$3.$$static$);
- assume _v2.value_is(_v1.__ctobpl_const_44, inline$_v1.giwscan_cb$0$se);
- assume _v2.value_is(_v1.__ctobpl_const_45,
- _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v1.giwscan_cb$0$se)]);
- assume _v2.value_is(_v1.__ctobpl_const_46, inline$_v1.giwscan_cb$0$$encode_ie.arg.4$3.$$static$);
- goto inline$_v1.giwscan_cb$0$label_6#2;
-
- inline$_v1.giwscan_cb$0$label_6#2:
- _v1.OK := _v1.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 57} true;
- inline$_v1.giwscan_cb$0$result.giwscan_cb$1 := 0;
- goto inline$_v1.giwscan_cb$0$label_1#2;
-
- inline$_v1.giwscan_cb$0$label_1#2:
- _v1.OK := _v1.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 58} true;
- _v1.__HAVOC_free_in_4_0, _v1.__HAVOC_free_in_4_1, _v1.__HAVOC_free_in_4_2, _v1.__HAVOC_free_in_4_3 := inline$_v1.giwscan_cb$0$buf, _v1.alloc, _v1.OK, _v1.Mem_T.UCHAR;
- call _v1.__HAVOC_free(inline$_v1.giwscan_cb$0$buf);
- _v1.__HAVOC_free_4_done := true;
- _v1.__HAVOC_free_in_5_0, _v1.__HAVOC_free_in_5_1, _v1.__HAVOC_free_in_5_2, _v1.__HAVOC_free_in_5_3 := inline$_v1.giwscan_cb$0$rsn_leader, _v1.alloc, _v1.OK, _v1.Mem_T.UCHAR;
- call _v1.__HAVOC_free(inline$_v1.giwscan_cb$0$rsn_leader);
- _v1.__HAVOC_free_5_done := true;
- goto inline$_v1.giwscan_cb$0$Return;
-
- inline$_v1.giwscan_cb$0$Return:
- assume true;
- _v1.result.giwscan_cb$1 := inline$_v1.giwscan_cb$0$result.giwscan_cb$1;
- goto START$1;
-
- START$1:
- goto inline$_v2.giwscan_cb$0$Entry;
-
- inline$_v2.giwscan_cb$0$Entry:
- inline$_v2.giwscan_cb$0$se_.1 := _v2.se_.1;
- havoc inline$_v2.giwscan_cb$0$havoc_stringTemp, inline$_v2.giwscan_cb$0$condVal, inline$_v2.giwscan_cb$0$buf, inline$_v2.giwscan_cb$0$$encode_ie.arg.4$3.$$static$, inline$_v2.giwscan_cb$0$result.encode_ie$2, inline$_v2.giwscan_cb$0$rsn_leader, inline$_v2.giwscan_cb$0$se, inline$_v2.giwscan_cb$0$tempBoogie0, inline$_v2.giwscan_cb$0$tempBoogie1, inline$_v2.giwscan_cb$0$tempBoogie2, inline$_v2.giwscan_cb$0$tempBoogie3, inline$_v2.giwscan_cb$0$tempBoogie4, inline$_v2.giwscan_cb$0$tempBoogie5, inline$_v2.giwscan_cb$0$tempBoogie6, inline$_v2.giwscan_cb$0$tempBoogie7, inline$_v2.giwscan_cb$0$tempBoogie8, inline$_v2.giwscan_cb$0$tempBoogie9, inline$_v2.giwscan_cb$0$tempBoogie10, inline$_v2.giwscan_cb$0$tempBoogie11, inline$_v2.giwscan_cb$0$tempBoogie12, inline$_v2.giwscan_cb$0$tempBoogie13, inline$_v2.giwscan_cb$0$tempBoogie14, inline$_v2.giwscan_cb$0$tempBoogie15, inline$_v2.giwscan_cb$0$tempBoogie16, inline$_v2.giwscan_cb$0$tempBoogie17, inline$_v2.giwscan_cb$0$tempBoogie18, inline$_v2.giwscan_cb$0$tempBoogie19, inline$_v2.giwscan_cb$0$__havoc_dummy_return, inline$_v2.giwscan_cb$0$result.giwscan_cb$1;
- inline$_v2.giwscan_cb$0$_v2.alloc := _v2.alloc;
- inline$_v2.giwscan_cb$0$_v2.OK := _v2.OK;
- inline$_v2.giwscan_cb$0$_v2.Mem_T.UCHAR := _v2.Mem_T.UCHAR;
- goto inline$_v2.giwscan_cb$0$anon0#2;
-
- inline$_v2.giwscan_cb$0$anon0#2:
- inline$_v2.giwscan_cb$0$havoc_stringTemp := 0;
- goto inline$_v2.giwscan_cb$0$start#2;
-
- inline$_v2.giwscan_cb$0$start#2:
- assume _v2.INT_LT(inline$_v2.giwscan_cb$0$se_.1, _v2.alloc);
- _v2.__HAVOC_det_malloc_in_6_0, _v2.__HAVOC_det_malloc_in_6_1, _v2.__HAVOC_det_malloc_in_6_2, _v2.__HAVOC_det_malloc_in_6_3 := 6, _v2.alloc, _v2.OK, _v2.Mem_T.UCHAR;
- call inline$_v2.giwscan_cb$0$buf := _v2.__HAVOC_det_malloc(6);
- _v2.__HAVOC_det_malloc_6_done := true;
- _v2.__HAVOC_det_malloc_out_6_0, _v2.__HAVOC_det_malloc_out_6_1 := inline$_v2.giwscan_cb$0$buf, _v2.alloc;
- inline$_v2.giwscan_cb$0$$encode_ie.arg.4$3.$$static$ := 0;
- inline$_v2.giwscan_cb$0$result.encode_ie$2 := 0;
- inline$_v2.giwscan_cb$0$result.giwscan_cb$1 := 0;
- _v2.__HAVOC_det_malloc_in_7_0, _v2.__HAVOC_det_malloc_in_7_1, _v2.__HAVOC_det_malloc_in_7_2, _v2.__HAVOC_det_malloc_in_7_3 := 1, _v2.alloc, _v2.OK, _v2.Mem_T.UCHAR;
- call inline$_v2.giwscan_cb$0$rsn_leader := _v2.__HAVOC_det_malloc(1);
- _v2.__HAVOC_det_malloc_7_done := true;
- _v2.__HAVOC_det_malloc_out_7_0, _v2.__HAVOC_det_malloc_out_7_1 := inline$_v2.giwscan_cb$0$rsn_leader, _v2.alloc;
- inline$_v2.giwscan_cb$0$se := 0;
- assume _v2.INT_GEQ(inline$_v2.giwscan_cb$0$se_.1, 0);
- inline$_v2.giwscan_cb$0$se := inline$_v2.giwscan_cb$0$se_.1;
- goto inline$_v2.giwscan_cb$0$label_3#2;
-
- inline$_v2.giwscan_cb$0$label_3#2:
- _v2.OK := _v2.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 46} true;
- goto inline$_v2.giwscan_cb$0$label_4#2;
-
- inline$_v2.giwscan_cb$0$label_4#2:
- _v2.OK := _v2.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 47} true;
- goto inline$_v2.giwscan_cb$0$label_5#2;
-
- inline$_v2.giwscan_cb$0$label_5#2:
- _v2.OK := _v2.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 51} true;
- assume _v2.INT_GEQ(inline$_v2.giwscan_cb$0$se, 0);
- _v2.OK := _v2.OK
- && _v2.Res_VALID_REGION(_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v2.giwscan_cb$0$se))
- == 1;
- assert true;
- goto inline$_v2.giwscan_cb$0$label_5_true#2, inline$_v2.giwscan_cb$0$label_5_false#2;
-
- inline$_v2.giwscan_cb$0$label_5_false#2:
- assume _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v2.giwscan_cb$0$se)]
- == 0;
- assume _v2.value_is(_v2.__ctobpl_const_33, inline$_v2.giwscan_cb$0$se);
- assume _v2.value_is(_v2.__ctobpl_const_34,
- _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v2.giwscan_cb$0$se)]);
- goto inline$_v2.giwscan_cb$0$label_6#2;
-
- inline$_v2.giwscan_cb$0$label_5_true#2:
- assume _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v2.giwscan_cb$0$se)]
- != 0;
- assume _v2.value_is(_v2.__ctobpl_const_33, inline$_v2.giwscan_cb$0$se);
- assume _v2.value_is(_v2.__ctobpl_const_34,
- _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v2.giwscan_cb$0$se)]);
- goto inline$_v2.giwscan_cb$0$label_7#2;
-
- inline$_v2.giwscan_cb$0$label_7#2:
- _v2.OK := _v2.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 52} true;
- assume _v2.INT_GEQ(inline$_v2.giwscan_cb$0$se, 0);
- _v2.OK := _v2.OK
- && _v2.Res_VALID_REGION(_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v2.giwscan_cb$0$se))
- == 1;
- assert true;
- assume _v2.INT_GEQ(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v2.giwscan_cb$0$se)],
- 0);
- _v2.OK := _v2.OK
- && _v2.Res_VALID_REGION(_v2.INT_PLUS(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v2.giwscan_cb$0$se)],
- 1,
- 0))
- == 1;
- assert true;
- goto inline$_v2.giwscan_cb$0$label_7_true#2, inline$_v2.giwscan_cb$0$label_7_false#2;
-
- inline$_v2.giwscan_cb$0$label_7_false#2:
- assume !_v2.INT_EQ(_v2.Mem_T.UCHAR[_v2.INT_PLUS(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v2.giwscan_cb$0$se)],
- 1,
- 0)],
- 200);
- assume _v2.value_is(_v2.__ctobpl_const_35, inline$_v2.giwscan_cb$0$se);
- assume _v2.value_is(_v2.__ctobpl_const_36,
- _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v2.giwscan_cb$0$se)]);
- assume _v2.value_is(_v2.__ctobpl_const_37,
- _v2.Mem_T.UCHAR[_v2.INT_PLUS(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v2.giwscan_cb$0$se)],
- 1,
- 0)]);
- goto inline$_v2.giwscan_cb$0$label_6#2;
-
- inline$_v2.giwscan_cb$0$label_7_true#2:
- assume _v2.INT_EQ(_v2.Mem_T.UCHAR[_v2.INT_PLUS(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v2.giwscan_cb$0$se)],
- 1,
- 0)],
- 200);
- assume _v2.value_is(_v2.__ctobpl_const_35, inline$_v2.giwscan_cb$0$se);
- assume _v2.value_is(_v2.__ctobpl_const_36,
- _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v2.giwscan_cb$0$se)]);
- assume _v2.value_is(_v2.__ctobpl_const_37,
- _v2.Mem_T.UCHAR[_v2.INT_PLUS(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v2.giwscan_cb$0$se)],
- 1,
- 0)]);
- goto inline$_v2.giwscan_cb$0$label_8#2;
-
- inline$_v2.giwscan_cb$0$label_8#2:
- _v2.OK := _v2.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 54} true;
- assume _v2.INT_GEQ(inline$_v2.giwscan_cb$0$se, 0);
- _v2.OK := _v2.OK
- && _v2.Res_VALID_REGION(_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v2.giwscan_cb$0$se))
- == 1;
- assert true;
- assume _v2.INT_GEQ(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v2.giwscan_cb$0$se)],
- 0);
- _v2.OK := _v2.OK
- && _v2.Res_VALID_REGION(_v2.INT_PLUS(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v2.giwscan_cb$0$se)],
- 1,
- 1))
- == 1;
- assert true;
- inline$_v2.giwscan_cb$0$$encode_ie.arg.4$3.$$static$ := _v2.INT_PLUS(_v2.Mem_T.UCHAR[_v2.INT_PLUS(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v2.giwscan_cb$0$se)],
- 1,
- 1)],
- 1,
- 2);
- assume _v2.value_is(_v2.__ctobpl_const_38, inline$_v2.giwscan_cb$0$$encode_ie.arg.4$3.$$static$);
- assume _v2.value_is(_v2.__ctobpl_const_39, inline$_v2.giwscan_cb$0$se);
- assume _v2.value_is(_v2.__ctobpl_const_40,
- _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v2.giwscan_cb$0$se)]);
- assume _v2.value_is(_v2.__ctobpl_const_41,
- _v2.Mem_T.UCHAR[_v2.INT_PLUS(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v2.giwscan_cb$0$se)],
- 1,
- 1)]);
- goto inline$_v2.giwscan_cb$0$label_9#2;
-
- inline$_v2.giwscan_cb$0$label_9#2:
- _v2.OK := _v2.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 53} true;
- assume _v2.INT_GEQ(inline$_v2.giwscan_cb$0$se, 0);
- _v2.OK := _v2.OK
- && _v2.Res_VALID_REGION(_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v2.giwscan_cb$0$se))
- == 1;
- assert true;
- assume _v2.INT_GEQ(inline$_v2.giwscan_cb$0$se, 0);
- _v2.OK := _v2.OK
- && _v2.Res_VALID_REGION(_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v2.giwscan_cb$0$se))
- == 1;
- assert true;
- _v2.encode_ie_in_8_0, _v2.encode_ie_in_8_1, _v2.encode_ie_in_8_2, _v2.encode_ie_in_8_3, _v2.encode_ie_in_8_4, _v2.encode_ie_in_8_5, _v2.encode_ie_in_8_6, _v2.encode_ie_in_8_7, _v2.encode_ie_in_8_8 := inline$_v2.giwscan_cb$0$buf, 6, _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v2.giwscan_cb$0$se)], inline$_v2.giwscan_cb$0$$encode_ie.arg.4$3.$$static$, inline$_v2.giwscan_cb$0$rsn_leader, 1, _v2.alloc, _v2.OK, _v2.Mem_T.UCHAR;
- call inline$_v2.giwscan_cb$0$result.encode_ie$2 := _v2.encode_ie(inline$_v2.giwscan_cb$0$buf, 6, _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v2.giwscan_cb$0$se)], inline$_v2.giwscan_cb$0$$encode_ie.arg.4$3.$$static$, inline$_v2.giwscan_cb$0$rsn_leader, 1);
- _v2.encode_ie_8_done := true;
- _v2.encode_ie_out_8_0, _v2.encode_ie_out_8_1, _v2.encode_ie_out_8_2 := inline$_v2.giwscan_cb$0$result.encode_ie$2, _v2.OK, _v2.Mem_T.UCHAR;
- assume _v2.value_is(_v2.__ctobpl_const_42, inline$_v2.giwscan_cb$0$se);
- assume _v2.value_is(_v2.__ctobpl_const_43,
- _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v2.giwscan_cb$0$se)]);
- assume _v2.value_is(_v2.__ctobpl_const_44, inline$_v2.giwscan_cb$0$$encode_ie.arg.4$3.$$static$);
- assume _v2.value_is(_v2.__ctobpl_const_45, inline$_v2.giwscan_cb$0$se);
- assume _v2.value_is(_v2.__ctobpl_const_46,
- _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v2.giwscan_cb$0$se)]);
- assume _v2.value_is(_v2.__ctobpl_const_47, inline$_v2.giwscan_cb$0$$encode_ie.arg.4$3.$$static$);
- goto inline$_v2.giwscan_cb$0$label_6#2;
-
- inline$_v2.giwscan_cb$0$label_6#2:
- _v2.OK := _v2.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 58} true;
- inline$_v2.giwscan_cb$0$result.giwscan_cb$1 := 0;
- goto inline$_v2.giwscan_cb$0$label_1#2;
-
- inline$_v2.giwscan_cb$0$label_1#2:
- _v2.OK := _v2.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 59} true;
- _v2.__HAVOC_free_in_9_0, _v2.__HAVOC_free_in_9_1, _v2.__HAVOC_free_in_9_2, _v2.__HAVOC_free_in_9_3 := inline$_v2.giwscan_cb$0$buf, _v2.alloc, _v2.OK, _v2.Mem_T.UCHAR;
- call _v2.__HAVOC_free(inline$_v2.giwscan_cb$0$buf);
- _v2.__HAVOC_free_9_done := true;
- _v2.__HAVOC_free_in_10_0, _v2.__HAVOC_free_in_10_1, _v2.__HAVOC_free_in_10_2, _v2.__HAVOC_free_in_10_3 := inline$_v2.giwscan_cb$0$rsn_leader, _v2.alloc, _v2.OK, _v2.Mem_T.UCHAR;
- call _v2.__HAVOC_free(inline$_v2.giwscan_cb$0$rsn_leader);
- _v2.__HAVOC_free_10_done := true;
- goto inline$_v2.giwscan_cb$0$Return;
-
- inline$_v2.giwscan_cb$0$Return:
- assume true;
- _v2.result.giwscan_cb$1 := inline$_v2.giwscan_cb$0$result.giwscan_cb$1;
- goto START$2;
-
- START$2:
- goto MS_L_0_8;
-
- MS_L_0_0:
- goto MS_L_taken_0, MS_L_not_taken_0;
-
- MS_L_taken_0:
- assume _v1.__HAVOC_det_malloc_1_done && _v2.__HAVOC_det_malloc_6_done;
- store__0__v1.alloc, store__0__v1.OK, store__0__v1.Mem_T.UCHAR := _v1.alloc, _v1.OK, _v1.Mem_T.UCHAR;
- store__0__v2.alloc, store__0__v2.OK, store__0__v2.Mem_T.UCHAR := _v2.alloc, _v2.OK, _v2.Mem_T.UCHAR;
- _v1.alloc, _v1.OK, _v1.Mem_T.UCHAR := _v1.__HAVOC_det_malloc_in_1_1, _v1.__HAVOC_det_malloc_in_1_2, _v1.__HAVOC_det_malloc_in_1_3;
- _v2.alloc, _v2.OK, _v2.Mem_T.UCHAR := _v2.__HAVOC_det_malloc_in_6_1, _v2.__HAVOC_det_malloc_in_6_2, _v2.__HAVOC_det_malloc_in_6_3;
- call out__v1.__HAVOC_det_malloc_out_1_0_0, out__v2.__HAVOC_det_malloc_out_6_0_0 := MS_Check__v1.__HAVOC_det_malloc___v2.__HAVOC_det_malloc(_v1.__HAVOC_det_malloc_in_1_0, _v2.__HAVOC_det_malloc_in_6_0);
- assume _v1.alloc == _v1.__HAVOC_det_malloc_out_1_1;
- assume _v2.alloc == _v2.__HAVOC_det_malloc_out_6_1;
- assume _v1.__HAVOC_det_malloc_out_1_0 == out__v1.__HAVOC_det_malloc_out_1_0_0
- && _v2.__HAVOC_det_malloc_out_6_0 == out__v2.__HAVOC_det_malloc_out_6_0_0;
- _v1.alloc, _v1.OK, _v1.Mem_T.UCHAR := store__0__v1.alloc, store__0__v1.OK, store__0__v1.Mem_T.UCHAR;
- _v2.alloc, _v2.OK, _v2.Mem_T.UCHAR := store__0__v2.alloc, store__0__v2.OK, store__0__v2.Mem_T.UCHAR;
- goto MS_L_meet_0;
-
- MS_L_not_taken_0:
- assume !(_v1.__HAVOC_det_malloc_1_done && _v2.__HAVOC_det_malloc_6_done);
- goto MS_L_meet_0;
-
- MS_L_meet_0:
- return;
-
- MS_L_0_1:
- goto MS_L_taken_1, MS_L_not_taken_1;
-
- MS_L_taken_1:
- assume _v1.__HAVOC_det_malloc_1_done && _v2.__HAVOC_det_malloc_7_done;
- store__1__v1.alloc, store__1__v1.OK, store__1__v1.Mem_T.UCHAR := _v1.alloc, _v1.OK, _v1.Mem_T.UCHAR;
- store__1__v2.alloc, store__1__v2.OK, store__1__v2.Mem_T.UCHAR := _v2.alloc, _v2.OK, _v2.Mem_T.UCHAR;
- _v1.alloc, _v1.OK, _v1.Mem_T.UCHAR := _v1.__HAVOC_det_malloc_in_1_1, _v1.__HAVOC_det_malloc_in_1_2, _v1.__HAVOC_det_malloc_in_1_3;
- _v2.alloc, _v2.OK, _v2.Mem_T.UCHAR := _v2.__HAVOC_det_malloc_in_7_1, _v2.__HAVOC_det_malloc_in_7_2, _v2.__HAVOC_det_malloc_in_7_3;
- call out__v1.__HAVOC_det_malloc_out_1_0_1, out__v2.__HAVOC_det_malloc_out_7_0_1 := MS_Check__v1.__HAVOC_det_malloc___v2.__HAVOC_det_malloc(_v1.__HAVOC_det_malloc_in_1_0, _v2.__HAVOC_det_malloc_in_7_0);
- assume _v1.alloc == _v1.__HAVOC_det_malloc_out_1_1;
- assume _v2.alloc == _v2.__HAVOC_det_malloc_out_7_1;
- assume _v1.__HAVOC_det_malloc_out_1_0 == out__v1.__HAVOC_det_malloc_out_1_0_1
- && _v2.__HAVOC_det_malloc_out_7_0 == out__v2.__HAVOC_det_malloc_out_7_0_1;
- _v1.alloc, _v1.OK, _v1.Mem_T.UCHAR := store__1__v1.alloc, store__1__v1.OK, store__1__v1.Mem_T.UCHAR;
- _v2.alloc, _v2.OK, _v2.Mem_T.UCHAR := store__1__v2.alloc, store__1__v2.OK, store__1__v2.Mem_T.UCHAR;
- goto MS_L_meet_1;
-
- MS_L_not_taken_1:
- assume !(_v1.__HAVOC_det_malloc_1_done && _v2.__HAVOC_det_malloc_7_done);
- goto MS_L_meet_1;
-
- MS_L_meet_1:
- goto MS_L_0_0;
-
- MS_L_0_2:
- goto MS_L_taken_2, MS_L_not_taken_2;
-
- MS_L_taken_2:
- assume _v1.__HAVOC_det_malloc_2_done && _v2.__HAVOC_det_malloc_6_done;
- store__2__v1.alloc, store__2__v1.OK, store__2__v1.Mem_T.UCHAR := _v1.alloc, _v1.OK, _v1.Mem_T.UCHAR;
- store__2__v2.alloc, store__2__v2.OK, store__2__v2.Mem_T.UCHAR := _v2.alloc, _v2.OK, _v2.Mem_T.UCHAR;
- _v1.alloc, _v1.OK, _v1.Mem_T.UCHAR := _v1.__HAVOC_det_malloc_in_2_1, _v1.__HAVOC_det_malloc_in_2_2, _v1.__HAVOC_det_malloc_in_2_3;
- _v2.alloc, _v2.OK, _v2.Mem_T.UCHAR := _v2.__HAVOC_det_malloc_in_6_1, _v2.__HAVOC_det_malloc_in_6_2, _v2.__HAVOC_det_malloc_in_6_3;
- call out__v1.__HAVOC_det_malloc_out_2_0_2, out__v2.__HAVOC_det_malloc_out_6_0_2 := MS_Check__v1.__HAVOC_det_malloc___v2.__HAVOC_det_malloc(_v1.__HAVOC_det_malloc_in_2_0, _v2.__HAVOC_det_malloc_in_6_0);
- assume _v1.alloc == _v1.__HAVOC_det_malloc_out_2_1;
- assume _v2.alloc == _v2.__HAVOC_det_malloc_out_6_1;
- assume _v1.__HAVOC_det_malloc_out_2_0 == out__v1.__HAVOC_det_malloc_out_2_0_2
- && _v2.__HAVOC_det_malloc_out_6_0 == out__v2.__HAVOC_det_malloc_out_6_0_2;
- _v1.alloc, _v1.OK, _v1.Mem_T.UCHAR := store__2__v1.alloc, store__2__v1.OK, store__2__v1.Mem_T.UCHAR;
- _v2.alloc, _v2.OK, _v2.Mem_T.UCHAR := store__2__v2.alloc, store__2__v2.OK, store__2__v2.Mem_T.UCHAR;
- goto MS_L_meet_2;
-
- MS_L_not_taken_2:
- assume !(_v1.__HAVOC_det_malloc_2_done && _v2.__HAVOC_det_malloc_6_done);
- goto MS_L_meet_2;
-
- MS_L_meet_2:
- goto MS_L_0_1;
-
- MS_L_0_3:
- goto MS_L_taken_3, MS_L_not_taken_3;
-
- MS_L_taken_3:
- assume _v1.__HAVOC_det_malloc_2_done && _v2.__HAVOC_det_malloc_7_done;
- store__3__v1.alloc, store__3__v1.OK, store__3__v1.Mem_T.UCHAR := _v1.alloc, _v1.OK, _v1.Mem_T.UCHAR;
- store__3__v2.alloc, store__3__v2.OK, store__3__v2.Mem_T.UCHAR := _v2.alloc, _v2.OK, _v2.Mem_T.UCHAR;
- _v1.alloc, _v1.OK, _v1.Mem_T.UCHAR := _v1.__HAVOC_det_malloc_in_2_1, _v1.__HAVOC_det_malloc_in_2_2, _v1.__HAVOC_det_malloc_in_2_3;
- _v2.alloc, _v2.OK, _v2.Mem_T.UCHAR := _v2.__HAVOC_det_malloc_in_7_1, _v2.__HAVOC_det_malloc_in_7_2, _v2.__HAVOC_det_malloc_in_7_3;
- call out__v1.__HAVOC_det_malloc_out_2_0_3, out__v2.__HAVOC_det_malloc_out_7_0_3 := MS_Check__v1.__HAVOC_det_malloc___v2.__HAVOC_det_malloc(_v1.__HAVOC_det_malloc_in_2_0, _v2.__HAVOC_det_malloc_in_7_0);
- assume _v1.alloc == _v1.__HAVOC_det_malloc_out_2_1;
- assume _v2.alloc == _v2.__HAVOC_det_malloc_out_7_1;
- assume _v1.__HAVOC_det_malloc_out_2_0 == out__v1.__HAVOC_det_malloc_out_2_0_3
- && _v2.__HAVOC_det_malloc_out_7_0 == out__v2.__HAVOC_det_malloc_out_7_0_3;
- _v1.alloc, _v1.OK, _v1.Mem_T.UCHAR := store__3__v1.alloc, store__3__v1.OK, store__3__v1.Mem_T.UCHAR;
- _v2.alloc, _v2.OK, _v2.Mem_T.UCHAR := store__3__v2.alloc, store__3__v2.OK, store__3__v2.Mem_T.UCHAR;
- goto MS_L_meet_3;
-
- MS_L_not_taken_3:
- assume !(_v1.__HAVOC_det_malloc_2_done && _v2.__HAVOC_det_malloc_7_done);
- goto MS_L_meet_3;
-
- MS_L_meet_3:
- goto MS_L_0_2;
-
- MS_L_0_4:
- goto MS_L_taken_4, MS_L_not_taken_4;
-
- MS_L_taken_4:
- assume _v1.encode_ie_3_done && _v2.encode_ie_8_done;
- store__4__v1.alloc, store__4__v1.OK, store__4__v1.Mem_T.UCHAR := _v1.alloc, _v1.OK, _v1.Mem_T.UCHAR;
- store__4__v2.alloc, store__4__v2.OK, store__4__v2.Mem_T.UCHAR := _v2.alloc, _v2.OK, _v2.Mem_T.UCHAR;
- _v1.alloc, _v1.OK, _v1.Mem_T.UCHAR := _v1.encode_ie_in_3_6, _v1.encode_ie_in_3_7, _v1.encode_ie_in_3_8;
- _v2.alloc, _v2.OK, _v2.Mem_T.UCHAR := _v2.encode_ie_in_8_6, _v2.encode_ie_in_8_7, _v2.encode_ie_in_8_8;
- call out__v1.encode_ie_out_3_0_4, out__v2.encode_ie_out_8_0_4 := MS_Check__v1.encode_ie___v2.encode_ie(_v1.encode_ie_in_3_0, _v1.encode_ie_in_3_1, _v1.encode_ie_in_3_2, _v1.encode_ie_in_3_3, _v1.encode_ie_in_3_4, _v1.encode_ie_in_3_5, _v2.encode_ie_in_8_0, _v2.encode_ie_in_8_1, _v2.encode_ie_in_8_2, _v2.encode_ie_in_8_3, _v2.encode_ie_in_8_4, _v2.encode_ie_in_8_5);
- assume (_v1.OK <==> _v1.encode_ie_out_3_1) && _v1.Mem_T.UCHAR == _v1.encode_ie_out_3_2;
- assume (_v2.OK <==> _v2.encode_ie_out_8_1) && _v2.Mem_T.UCHAR == _v2.encode_ie_out_8_2;
- assume _v1.encode_ie_out_3_0 == out__v1.encode_ie_out_3_0_4
- && _v2.encode_ie_out_8_0 == out__v2.encode_ie_out_8_0_4;
- _v1.alloc, _v1.OK, _v1.Mem_T.UCHAR := store__4__v1.alloc, store__4__v1.OK, store__4__v1.Mem_T.UCHAR;
- _v2.alloc, _v2.OK, _v2.Mem_T.UCHAR := store__4__v2.alloc, store__4__v2.OK, store__4__v2.Mem_T.UCHAR;
- goto MS_L_meet_4;
-
- MS_L_not_taken_4:
- assume !(_v1.encode_ie_3_done && _v2.encode_ie_8_done);
- goto MS_L_meet_4;
-
- MS_L_meet_4:
- goto MS_L_0_3;
-
- MS_L_0_5:
- goto MS_L_taken_5, MS_L_not_taken_5;
-
- MS_L_taken_5:
- assume _v1.__HAVOC_free_4_done && _v2.__HAVOC_free_9_done;
- store__5__v1.alloc, store__5__v1.OK, store__5__v1.Mem_T.UCHAR := _v1.alloc, _v1.OK, _v1.Mem_T.UCHAR;
- store__5__v2.alloc, store__5__v2.OK, store__5__v2.Mem_T.UCHAR := _v2.alloc, _v2.OK, _v2.Mem_T.UCHAR;
- _v1.alloc, _v1.OK, _v1.Mem_T.UCHAR := _v1.__HAVOC_free_in_4_1, _v1.__HAVOC_free_in_4_2, _v1.__HAVOC_free_in_4_3;
- _v2.alloc, _v2.OK, _v2.Mem_T.UCHAR := _v2.__HAVOC_free_in_9_1, _v2.__HAVOC_free_in_9_2, _v2.__HAVOC_free_in_9_3;
- call MS_Check__v1.__HAVOC_free___v2.__HAVOC_free(_v1.__HAVOC_free_in_4_0, _v2.__HAVOC_free_in_9_0);
- assume true;
- assume true;
- assume true;
- _v1.alloc, _v1.OK, _v1.Mem_T.UCHAR := store__5__v1.alloc, store__5__v1.OK, store__5__v1.Mem_T.UCHAR;
- _v2.alloc, _v2.OK, _v2.Mem_T.UCHAR := store__5__v2.alloc, store__5__v2.OK, store__5__v2.Mem_T.UCHAR;
- goto MS_L_meet_5;
-
- MS_L_not_taken_5:
- assume !(_v1.__HAVOC_free_4_done && _v2.__HAVOC_free_9_done);
- goto MS_L_meet_5;
-
- MS_L_meet_5:
- goto MS_L_0_4;
-
- MS_L_0_6:
- goto MS_L_taken_6, MS_L_not_taken_6;
-
- MS_L_taken_6:
- assume _v1.__HAVOC_free_4_done && _v2.__HAVOC_free_10_done;
- store__6__v1.alloc, store__6__v1.OK, store__6__v1.Mem_T.UCHAR := _v1.alloc, _v1.OK, _v1.Mem_T.UCHAR;
- store__6__v2.alloc, store__6__v2.OK, store__6__v2.Mem_T.UCHAR := _v2.alloc, _v2.OK, _v2.Mem_T.UCHAR;
- _v1.alloc, _v1.OK, _v1.Mem_T.UCHAR := _v1.__HAVOC_free_in_4_1, _v1.__HAVOC_free_in_4_2, _v1.__HAVOC_free_in_4_3;
- _v2.alloc, _v2.OK, _v2.Mem_T.UCHAR := _v2.__HAVOC_free_in_10_1, _v2.__HAVOC_free_in_10_2, _v2.__HAVOC_free_in_10_3;
- call MS_Check__v1.__HAVOC_free___v2.__HAVOC_free(_v1.__HAVOC_free_in_4_0, _v2.__HAVOC_free_in_10_0);
- assume true;
- assume true;
- assume true;
- _v1.alloc, _v1.OK, _v1.Mem_T.UCHAR := store__6__v1.alloc, store__6__v1.OK, store__6__v1.Mem_T.UCHAR;
- _v2.alloc, _v2.OK, _v2.Mem_T.UCHAR := store__6__v2.alloc, store__6__v2.OK, store__6__v2.Mem_T.UCHAR;
- goto MS_L_meet_6;
-
- MS_L_not_taken_6:
- assume !(_v1.__HAVOC_free_4_done && _v2.__HAVOC_free_10_done);
- goto MS_L_meet_6;
-
- MS_L_meet_6:
- goto MS_L_0_5;
-
- MS_L_0_7:
- goto MS_L_taken_7, MS_L_not_taken_7;
-
- MS_L_taken_7:
- assume _v1.__HAVOC_free_5_done && _v2.__HAVOC_free_9_done;
- store__7__v1.alloc, store__7__v1.OK, store__7__v1.Mem_T.UCHAR := _v1.alloc, _v1.OK, _v1.Mem_T.UCHAR;
- store__7__v2.alloc, store__7__v2.OK, store__7__v2.Mem_T.UCHAR := _v2.alloc, _v2.OK, _v2.Mem_T.UCHAR;
- _v1.alloc, _v1.OK, _v1.Mem_T.UCHAR := _v1.__HAVOC_free_in_5_1, _v1.__HAVOC_free_in_5_2, _v1.__HAVOC_free_in_5_3;
- _v2.alloc, _v2.OK, _v2.Mem_T.UCHAR := _v2.__HAVOC_free_in_9_1, _v2.__HAVOC_free_in_9_2, _v2.__HAVOC_free_in_9_3;
- call MS_Check__v1.__HAVOC_free___v2.__HAVOC_free(_v1.__HAVOC_free_in_5_0, _v2.__HAVOC_free_in_9_0);
- assume true;
- assume true;
- assume true;
- _v1.alloc, _v1.OK, _v1.Mem_T.UCHAR := store__7__v1.alloc, store__7__v1.OK, store__7__v1.Mem_T.UCHAR;
- _v2.alloc, _v2.OK, _v2.Mem_T.UCHAR := store__7__v2.alloc, store__7__v2.OK, store__7__v2.Mem_T.UCHAR;
- goto MS_L_meet_7;
-
- MS_L_not_taken_7:
- assume !(_v1.__HAVOC_free_5_done && _v2.__HAVOC_free_9_done);
- goto MS_L_meet_7;
-
- MS_L_meet_7:
- goto MS_L_0_6;
-
- MS_L_0_8:
- goto MS_L_taken_8, MS_L_not_taken_8;
-
- MS_L_taken_8:
- assume _v1.__HAVOC_free_5_done && _v2.__HAVOC_free_10_done;
- store__8__v1.alloc, store__8__v1.OK, store__8__v1.Mem_T.UCHAR := _v1.alloc, _v1.OK, _v1.Mem_T.UCHAR;
- store__8__v2.alloc, store__8__v2.OK, store__8__v2.Mem_T.UCHAR := _v2.alloc, _v2.OK, _v2.Mem_T.UCHAR;
- _v1.alloc, _v1.OK, _v1.Mem_T.UCHAR := _v1.__HAVOC_free_in_5_1, _v1.__HAVOC_free_in_5_2, _v1.__HAVOC_free_in_5_3;
- _v2.alloc, _v2.OK, _v2.Mem_T.UCHAR := _v2.__HAVOC_free_in_10_1, _v2.__HAVOC_free_in_10_2, _v2.__HAVOC_free_in_10_3;
- call MS_Check__v1.__HAVOC_free___v2.__HAVOC_free(_v1.__HAVOC_free_in_5_0, _v2.__HAVOC_free_in_10_0);
- assume true;
- assume true;
- assume true;
- _v1.alloc, _v1.OK, _v1.Mem_T.UCHAR := store__8__v1.alloc, store__8__v1.OK, store__8__v1.Mem_T.UCHAR;
- _v2.alloc, _v2.OK, _v2.Mem_T.UCHAR := store__8__v2.alloc, store__8__v2.OK, store__8__v2.Mem_T.UCHAR;
- goto MS_L_meet_8;
-
- MS_L_not_taken_8:
- assume !(_v1.__HAVOC_free_5_done && _v2.__HAVOC_free_10_done);
- goto MS_L_meet_8;
-
- MS_L_meet_8:
- goto MS_L_0_7;
-}
-
-
-
-function {:inline true} MS$_v1.main$_v2.main(_v1.OK_old: bool,
- _v1.Mem_old: [name][int]int,
- _v1.alloc_old: int,
- _v1.Mem_T.A1CHAR_old: [int]int,
- _v1.Mem_T.A5UCHAR_old: [int]int,
- _v1.Mem_T.A6UCHAR_old: [int]int,
- _v1.Mem_T.CHAR_old: [int]int,
- _v1.Mem_T.INT4_old: [int]int,
- _v1.Mem_T.PCHAR_old: [int]int,
- _v1.Mem_T.PUCHAR_old: [int]int,
- _v1.Mem_T.PVOID_old: [int]int,
- _v1.Mem_T.Pieee80211_scan_entry_old: [int]int,
- _v1.Mem_T.UCHAR_old: [int]int,
- _v1.Mem_T.VOID_old: [int]int,
- _v1.Mem_T.ieee80211_scan_entry_old: [int]int,
- _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry_old: [int]int,
- _v1.detChoiceCnt_old: int,
- _v1.Res_KERNEL_SOURCE_old: [int]int,
- _v1.Res_PROBED_old: [int]int,
- _v1.alloc_: int,
- _v1.OK_: bool,
- _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry_: [int]int,
- _v1.Mem_T.UCHAR_: [int]int,
- _v1.result.main$1: int,
- _v2.OK_old: bool,
- _v2.Mem_old: [name][int]int,
- _v2.alloc_old: int,
- _v2.Mem_T.A1CHAR_old: [int]int,
- _v2.Mem_T.A5UCHAR_old: [int]int,
- _v2.Mem_T.A6UCHAR_old: [int]int,
- _v2.Mem_T.CHAR_old: [int]int,
- _v2.Mem_T.INT4_old: [int]int,
- _v2.Mem_T.PCHAR_old: [int]int,
- _v2.Mem_T.PUCHAR_old: [int]int,
- _v2.Mem_T.PVOID_old: [int]int,
- _v2.Mem_T.Pieee80211_scan_entry_old: [int]int,
- _v2.Mem_T.UCHAR_old: [int]int,
- _v2.Mem_T.VOID_old: [int]int,
- _v2.Mem_T.ieee80211_scan_entry_old: [int]int,
- _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry_old: [int]int,
- _v2.detChoiceCnt_old: int,
- _v2.Res_KERNEL_SOURCE_old: [int]int,
- _v2.Res_PROBED_old: [int]int,
- _v2.alloc_: int,
- _v2.OK_: bool,
- _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry_: [int]int,
- _v2.Mem_T.UCHAR_: [int]int,
- _v2.result.main$1: int)
- : bool
-{
- true
-}
-
-procedure MS_Check__v1.main___v2.main() returns (_v1.result.main$1: int, _v2.result.main$1: int);
- requires (_v1.OK <==> _v2.OK)
- && _v1.Mem == _v2.Mem
- && _v1.alloc == _v2.alloc
- && _v1.Mem_T.A1CHAR == _v2.Mem_T.A1CHAR
- && _v1.Mem_T.A5UCHAR == _v2.Mem_T.A5UCHAR
- && _v1.Mem_T.A6UCHAR == _v2.Mem_T.A6UCHAR
- && _v1.Mem_T.CHAR == _v2.Mem_T.CHAR
- && _v1.Mem_T.INT4 == _v2.Mem_T.INT4
- && _v1.Mem_T.PCHAR == _v2.Mem_T.PCHAR
- && _v1.Mem_T.PUCHAR == _v2.Mem_T.PUCHAR
- && _v1.Mem_T.PVOID == _v2.Mem_T.PVOID
- && _v1.Mem_T.Pieee80211_scan_entry == _v2.Mem_T.Pieee80211_scan_entry
- && _v1.Mem_T.UCHAR == _v2.Mem_T.UCHAR
- && _v1.Mem_T.VOID == _v2.Mem_T.VOID
- && _v1.Mem_T.ieee80211_scan_entry == _v2.Mem_T.ieee80211_scan_entry
- && _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry
- == _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry
- && _v1.detChoiceCnt == _v2.detChoiceCnt
- && _v1.Res_KERNEL_SOURCE == _v2.Res_KERNEL_SOURCE
- && _v1.Res_PROBED == _v2.Res_PROBED;
- modifies _v1.alloc, _v1.OK, _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v1.Mem_T.UCHAR, _v2.alloc, _v2.OK, _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v2.Mem_T.UCHAR;
- ensures MS$_v1.main$_v2.main(old(_v1.OK),
- old(_v1.Mem),
- old(_v1.alloc),
- old(_v1.Mem_T.A1CHAR),
- old(_v1.Mem_T.A5UCHAR),
- old(_v1.Mem_T.A6UCHAR),
- old(_v1.Mem_T.CHAR),
- old(_v1.Mem_T.INT4),
- old(_v1.Mem_T.PCHAR),
- old(_v1.Mem_T.PUCHAR),
- old(_v1.Mem_T.PVOID),
- old(_v1.Mem_T.Pieee80211_scan_entry),
- old(_v1.Mem_T.UCHAR),
- old(_v1.Mem_T.VOID),
- old(_v1.Mem_T.ieee80211_scan_entry),
- old(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry),
- old(_v1.detChoiceCnt),
- old(_v1.Res_KERNEL_SOURCE),
- old(_v1.Res_PROBED),
- _v1.alloc,
- _v1.OK,
- _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry,
- _v1.Mem_T.UCHAR,
- _v1.result.main$1,
- old(_v2.OK),
- old(_v2.Mem),
- old(_v2.alloc),
- old(_v2.Mem_T.A1CHAR),
- old(_v2.Mem_T.A5UCHAR),
- old(_v2.Mem_T.A6UCHAR),
- old(_v2.Mem_T.CHAR),
- old(_v2.Mem_T.INT4),
- old(_v2.Mem_T.PCHAR),
- old(_v2.Mem_T.PUCHAR),
- old(_v2.Mem_T.PVOID),
- old(_v2.Mem_T.Pieee80211_scan_entry),
- old(_v2.Mem_T.UCHAR),
- old(_v2.Mem_T.VOID),
- old(_v2.Mem_T.ieee80211_scan_entry),
- old(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry),
- old(_v2.detChoiceCnt),
- old(_v2.Res_KERNEL_SOURCE),
- old(_v2.Res_PROBED),
- _v2.alloc,
- _v2.OK,
- _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry,
- _v2.Mem_T.UCHAR,
- _v2.result.main$1);
- ensures _v1.OK ==> _v2.OK;
-
-
-
-implementation MS_Check__v1.main___v2.main() returns (_v1.result.main$1: int, _v2.result.main$1: int)
-{
- var inline$_v1.main$0$havoc_stringTemp: int;
- var inline$_v1.main$0$condVal: int;
- var inline$_v1.main$0$ie: int;
- var inline$_v1.main$0$result.giwscan_cb$2: int;
- var inline$_v1.main$0$se: int;
- var inline$_v1.main$0$tempBoogie0: int;
- var inline$_v1.main$0$tempBoogie1: int;
- var inline$_v1.main$0$tempBoogie2: int;
- var inline$_v1.main$0$tempBoogie3: int;
- var inline$_v1.main$0$tempBoogie4: int;
- var inline$_v1.main$0$tempBoogie5: int;
- var inline$_v1.main$0$tempBoogie6: int;
- var inline$_v1.main$0$tempBoogie7: int;
- var inline$_v1.main$0$tempBoogie8: int;
- var inline$_v1.main$0$tempBoogie9: int;
- var inline$_v1.main$0$tempBoogie10: int;
- var inline$_v1.main$0$tempBoogie11: int;
- var inline$_v1.main$0$tempBoogie12: int;
- var inline$_v1.main$0$tempBoogie13: int;
- var inline$_v1.main$0$tempBoogie14: int;
- var inline$_v1.main$0$tempBoogie15: int;
- var inline$_v1.main$0$tempBoogie16: int;
- var inline$_v1.main$0$tempBoogie17: int;
- var inline$_v1.main$0$tempBoogie18: int;
- var inline$_v1.main$0$tempBoogie19: int;
- var inline$_v1.main$0$__havoc_dummy_return: int;
- var inline$_v1.main$0$result.main$1: int;
- var inline$_v1.main$0$_v1.alloc: int;
- var inline$_v1.main$0$_v1.OK: bool;
- var inline$_v1.main$0$_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry: [int]int;
- var inline$_v1.main$0$_v1.Mem_T.UCHAR: [int]int;
- var inline$_v2.main$0$havoc_stringTemp: int;
- var inline$_v2.main$0$condVal: int;
- var inline$_v2.main$0$ie: int;
- var inline$_v2.main$0$result.giwscan_cb$2: int;
- var inline$_v2.main$0$se: int;
- var inline$_v2.main$0$tempBoogie0: int;
- var inline$_v2.main$0$tempBoogie1: int;
- var inline$_v2.main$0$tempBoogie2: int;
- var inline$_v2.main$0$tempBoogie3: int;
- var inline$_v2.main$0$tempBoogie4: int;
- var inline$_v2.main$0$tempBoogie5: int;
- var inline$_v2.main$0$tempBoogie6: int;
- var inline$_v2.main$0$tempBoogie7: int;
- var inline$_v2.main$0$tempBoogie8: int;
- var inline$_v2.main$0$tempBoogie9: int;
- var inline$_v2.main$0$tempBoogie10: int;
- var inline$_v2.main$0$tempBoogie11: int;
- var inline$_v2.main$0$tempBoogie12: int;
- var inline$_v2.main$0$tempBoogie13: int;
- var inline$_v2.main$0$tempBoogie14: int;
- var inline$_v2.main$0$tempBoogie15: int;
- var inline$_v2.main$0$tempBoogie16: int;
- var inline$_v2.main$0$tempBoogie17: int;
- var inline$_v2.main$0$tempBoogie18: int;
- var inline$_v2.main$0$tempBoogie19: int;
- var inline$_v2.main$0$__havoc_dummy_return: int;
- var inline$_v2.main$0$result.main$1: int;
- var inline$_v2.main$0$_v2.alloc: int;
- var inline$_v2.main$0$_v2.OK: bool;
- var inline$_v2.main$0$_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry: [int]int;
- var inline$_v2.main$0$_v2.Mem_T.UCHAR: [int]int;
- var _v1.__HAVOC_det_malloc_1_done: bool;
- var _v1.__HAVOC_det_malloc_in_1_0: int;
- var _v1.__HAVOC_det_malloc_in_1_1: int;
- var _v1.__HAVOC_det_malloc_in_1_2: bool;
- var _v1.__HAVOC_det_malloc_in_1_3: [int]int;
- var _v1.__HAVOC_det_malloc_in_1_4: [int]int;
- var _v1.__HAVOC_det_malloc_out_1_0: int;
- var _v1.__HAVOC_det_malloc_out_1_1: int;
- var _v1.__HAVOC_det_malloc_2_done: bool;
- var _v1.__HAVOC_det_malloc_in_2_0: int;
- var _v1.__HAVOC_det_malloc_in_2_1: int;
- var _v1.__HAVOC_det_malloc_in_2_2: bool;
- var _v1.__HAVOC_det_malloc_in_2_3: [int]int;
- var _v1.__HAVOC_det_malloc_in_2_4: [int]int;
- var _v1.__HAVOC_det_malloc_out_2_0: int;
- var _v1.__HAVOC_det_malloc_out_2_1: int;
- var _v1.giwscan_cb_3_done: bool;
- var _v1.giwscan_cb_in_3_0: int;
- var _v1.giwscan_cb_in_3_1: int;
- var _v1.giwscan_cb_in_3_2: bool;
- var _v1.giwscan_cb_in_3_3: [int]int;
- var _v1.giwscan_cb_in_3_4: [int]int;
- var _v1.giwscan_cb_out_3_0: int;
- var _v1.giwscan_cb_out_3_1: int;
- var _v1.giwscan_cb_out_3_2: bool;
- var _v1.giwscan_cb_out_3_3: [int]int;
- var _v1.__HAVOC_free_4_done: bool;
- var _v1.__HAVOC_free_in_4_0: int;
- var _v1.__HAVOC_free_in_4_1: int;
- var _v1.__HAVOC_free_in_4_2: bool;
- var _v1.__HAVOC_free_in_4_3: [int]int;
- var _v1.__HAVOC_free_in_4_4: [int]int;
- var _v1.__HAVOC_free_5_done: bool;
- var _v1.__HAVOC_free_in_5_0: int;
- var _v1.__HAVOC_free_in_5_1: int;
- var _v1.__HAVOC_free_in_5_2: bool;
- var _v1.__HAVOC_free_in_5_3: [int]int;
- var _v1.__HAVOC_free_in_5_4: [int]int;
- var _v2.__HAVOC_det_malloc_6_done: bool;
- var _v2.__HAVOC_det_malloc_in_6_0: int;
- var _v2.__HAVOC_det_malloc_in_6_1: int;
- var _v2.__HAVOC_det_malloc_in_6_2: bool;
- var _v2.__HAVOC_det_malloc_in_6_3: [int]int;
- var _v2.__HAVOC_det_malloc_in_6_4: [int]int;
- var _v2.__HAVOC_det_malloc_out_6_0: int;
- var _v2.__HAVOC_det_malloc_out_6_1: int;
- var _v2.__HAVOC_det_malloc_7_done: bool;
- var _v2.__HAVOC_det_malloc_in_7_0: int;
- var _v2.__HAVOC_det_malloc_in_7_1: int;
- var _v2.__HAVOC_det_malloc_in_7_2: bool;
- var _v2.__HAVOC_det_malloc_in_7_3: [int]int;
- var _v2.__HAVOC_det_malloc_in_7_4: [int]int;
- var _v2.__HAVOC_det_malloc_out_7_0: int;
- var _v2.__HAVOC_det_malloc_out_7_1: int;
- var _v2.giwscan_cb_8_done: bool;
- var _v2.giwscan_cb_in_8_0: int;
- var _v2.giwscan_cb_in_8_1: int;
- var _v2.giwscan_cb_in_8_2: bool;
- var _v2.giwscan_cb_in_8_3: [int]int;
- var _v2.giwscan_cb_in_8_4: [int]int;
- var _v2.giwscan_cb_out_8_0: int;
- var _v2.giwscan_cb_out_8_1: int;
- var _v2.giwscan_cb_out_8_2: bool;
- var _v2.giwscan_cb_out_8_3: [int]int;
- var _v2.__HAVOC_free_9_done: bool;
- var _v2.__HAVOC_free_in_9_0: int;
- var _v2.__HAVOC_free_in_9_1: int;
- var _v2.__HAVOC_free_in_9_2: bool;
- var _v2.__HAVOC_free_in_9_3: [int]int;
- var _v2.__HAVOC_free_in_9_4: [int]int;
- var _v2.__HAVOC_free_10_done: bool;
- var _v2.__HAVOC_free_in_10_0: int;
- var _v2.__HAVOC_free_in_10_1: int;
- var _v2.__HAVOC_free_in_10_2: bool;
- var _v2.__HAVOC_free_in_10_3: [int]int;
- var _v2.__HAVOC_free_in_10_4: [int]int;
- var store__0__v1.alloc: int;
- var store__0__v1.OK: bool;
- var store__0__v1.Mem_T.se_rsn_ie_ieee80211_scan_entry: [int]int;
- var store__0__v1.Mem_T.UCHAR: [int]int;
- var store__0__v2.alloc: int;
- var store__0__v2.OK: bool;
- var store__0__v2.Mem_T.se_rsn_ie_ieee80211_scan_entry: [int]int;
- var store__0__v2.Mem_T.UCHAR: [int]int;
- var out__v1.__HAVOC_det_malloc_out_1_0_0: int;
- var out__v2.__HAVOC_det_malloc_out_6_0_0: int;
- var store__1__v1.alloc: int;
- var store__1__v1.OK: bool;
- var store__1__v1.Mem_T.se_rsn_ie_ieee80211_scan_entry: [int]int;
- var store__1__v1.Mem_T.UCHAR: [int]int;
- var store__1__v2.alloc: int;
- var store__1__v2.OK: bool;
- var store__1__v2.Mem_T.se_rsn_ie_ieee80211_scan_entry: [int]int;
- var store__1__v2.Mem_T.UCHAR: [int]int;
- var out__v1.__HAVOC_det_malloc_out_1_0_1: int;
- var out__v2.__HAVOC_det_malloc_out_7_0_1: int;
- var store__2__v1.alloc: int;
- var store__2__v1.OK: bool;
- var store__2__v1.Mem_T.se_rsn_ie_ieee80211_scan_entry: [int]int;
- var store__2__v1.Mem_T.UCHAR: [int]int;
- var store__2__v2.alloc: int;
- var store__2__v2.OK: bool;
- var store__2__v2.Mem_T.se_rsn_ie_ieee80211_scan_entry: [int]int;
- var store__2__v2.Mem_T.UCHAR: [int]int;
- var out__v1.__HAVOC_det_malloc_out_2_0_2: int;
- var out__v2.__HAVOC_det_malloc_out_6_0_2: int;
- var store__3__v1.alloc: int;
- var store__3__v1.OK: bool;
- var store__3__v1.Mem_T.se_rsn_ie_ieee80211_scan_entry: [int]int;
- var store__3__v1.Mem_T.UCHAR: [int]int;
- var store__3__v2.alloc: int;
- var store__3__v2.OK: bool;
- var store__3__v2.Mem_T.se_rsn_ie_ieee80211_scan_entry: [int]int;
- var store__3__v2.Mem_T.UCHAR: [int]int;
- var out__v1.__HAVOC_det_malloc_out_2_0_3: int;
- var out__v2.__HAVOC_det_malloc_out_7_0_3: int;
- var store__4__v1.alloc: int;
- var store__4__v1.OK: bool;
- var store__4__v1.Mem_T.se_rsn_ie_ieee80211_scan_entry: [int]int;
- var store__4__v1.Mem_T.UCHAR: [int]int;
- var store__4__v2.alloc: int;
- var store__4__v2.OK: bool;
- var store__4__v2.Mem_T.se_rsn_ie_ieee80211_scan_entry: [int]int;
- var store__4__v2.Mem_T.UCHAR: [int]int;
- var out__v1.giwscan_cb_out_3_0_4: int;
- var out__v2.giwscan_cb_out_8_0_4: int;
- var store__5__v1.alloc: int;
- var store__5__v1.OK: bool;
- var store__5__v1.Mem_T.se_rsn_ie_ieee80211_scan_entry: [int]int;
- var store__5__v1.Mem_T.UCHAR: [int]int;
- var store__5__v2.alloc: int;
- var store__5__v2.OK: bool;
- var store__5__v2.Mem_T.se_rsn_ie_ieee80211_scan_entry: [int]int;
- var store__5__v2.Mem_T.UCHAR: [int]int;
- var store__6__v1.alloc: int;
- var store__6__v1.OK: bool;
- var store__6__v1.Mem_T.se_rsn_ie_ieee80211_scan_entry: [int]int;
- var store__6__v1.Mem_T.UCHAR: [int]int;
- var store__6__v2.alloc: int;
- var store__6__v2.OK: bool;
- var store__6__v2.Mem_T.se_rsn_ie_ieee80211_scan_entry: [int]int;
- var store__6__v2.Mem_T.UCHAR: [int]int;
- var store__7__v1.alloc: int;
- var store__7__v1.OK: bool;
- var store__7__v1.Mem_T.se_rsn_ie_ieee80211_scan_entry: [int]int;
- var store__7__v1.Mem_T.UCHAR: [int]int;
- var store__7__v2.alloc: int;
- var store__7__v2.OK: bool;
- var store__7__v2.Mem_T.se_rsn_ie_ieee80211_scan_entry: [int]int;
- var store__7__v2.Mem_T.UCHAR: [int]int;
- var store__8__v1.alloc: int;
- var store__8__v1.OK: bool;
- var store__8__v1.Mem_T.se_rsn_ie_ieee80211_scan_entry: [int]int;
- var store__8__v1.Mem_T.UCHAR: [int]int;
- var store__8__v2.alloc: int;
- var store__8__v2.OK: bool;
- var store__8__v2.Mem_T.se_rsn_ie_ieee80211_scan_entry: [int]int;
- var store__8__v2.Mem_T.UCHAR: [int]int;
-
- START:
- _v1.__HAVOC_det_malloc_1_done, _v1.__HAVOC_det_malloc_2_done, _v1.giwscan_cb_3_done, _v1.__HAVOC_free_4_done, _v1.__HAVOC_free_5_done, _v2.__HAVOC_det_malloc_6_done, _v2.__HAVOC_det_malloc_7_done, _v2.giwscan_cb_8_done, _v2.__HAVOC_free_9_done, _v2.__HAVOC_free_10_done := false, false, false, false, false, false, false, false, false, false;
- goto inline$_v1.main$0$Entry;
-
- inline$_v1.main$0$Entry:
- havoc inline$_v1.main$0$havoc_stringTemp, inline$_v1.main$0$condVal, inline$_v1.main$0$ie, inline$_v1.main$0$result.giwscan_cb$2, inline$_v1.main$0$se, inline$_v1.main$0$tempBoogie0, inline$_v1.main$0$tempBoogie1, inline$_v1.main$0$tempBoogie2, inline$_v1.main$0$tempBoogie3, inline$_v1.main$0$tempBoogie4, inline$_v1.main$0$tempBoogie5, inline$_v1.main$0$tempBoogie6, inline$_v1.main$0$tempBoogie7, inline$_v1.main$0$tempBoogie8, inline$_v1.main$0$tempBoogie9, inline$_v1.main$0$tempBoogie10, inline$_v1.main$0$tempBoogie11, inline$_v1.main$0$tempBoogie12, inline$_v1.main$0$tempBoogie13, inline$_v1.main$0$tempBoogie14, inline$_v1.main$0$tempBoogie15, inline$_v1.main$0$tempBoogie16, inline$_v1.main$0$tempBoogie17, inline$_v1.main$0$tempBoogie18, inline$_v1.main$0$tempBoogie19, inline$_v1.main$0$__havoc_dummy_return, inline$_v1.main$0$result.main$1;
- inline$_v1.main$0$_v1.alloc := _v1.alloc;
- inline$_v1.main$0$_v1.OK := _v1.OK;
- inline$_v1.main$0$_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry := _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry;
- inline$_v1.main$0$_v1.Mem_T.UCHAR := _v1.Mem_T.UCHAR;
- goto inline$_v1.main$0$anon0#2;
-
- inline$_v1.main$0$anon0#2:
- inline$_v1.main$0$havoc_stringTemp := 0;
- goto inline$_v1.main$0$start#2;
-
- inline$_v1.main$0$start#2:
- _v1.__HAVOC_det_malloc_in_1_0, _v1.__HAVOC_det_malloc_in_1_1, _v1.__HAVOC_det_malloc_in_1_2, _v1.__HAVOC_det_malloc_in_1_3, _v1.__HAVOC_det_malloc_in_1_4 := 5, _v1.alloc, _v1.OK, _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v1.Mem_T.UCHAR;
- call inline$_v1.main$0$ie := _v1.__HAVOC_det_malloc(5);
- _v1.__HAVOC_det_malloc_1_done := true;
- _v1.__HAVOC_det_malloc_out_1_0, _v1.__HAVOC_det_malloc_out_1_1 := inline$_v1.main$0$ie, _v1.alloc;
- inline$_v1.main$0$result.giwscan_cb$2 := 0;
- inline$_v1.main$0$result.main$1 := 0;
- _v1.__HAVOC_det_malloc_in_2_0, _v1.__HAVOC_det_malloc_in_2_1, _v1.__HAVOC_det_malloc_in_2_2, _v1.__HAVOC_det_malloc_in_2_3, _v1.__HAVOC_det_malloc_in_2_4 := 4, _v1.alloc, _v1.OK, _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v1.Mem_T.UCHAR;
- call inline$_v1.main$0$se := _v1.__HAVOC_det_malloc(4);
- _v1.__HAVOC_det_malloc_2_done := true;
- _v1.__HAVOC_det_malloc_out_2_0, _v1.__HAVOC_det_malloc_out_2_1 := inline$_v1.main$0$se, _v1.alloc;
- goto inline$_v1.main$0$label_3#2;
-
- inline$_v1.main$0$label_3#2:
- _v1.OK := _v1.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 62} true;
- goto inline$_v1.main$0$label_4#2;
-
- inline$_v1.main$0$label_4#2:
- _v1.OK := _v1.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 63} true;
- goto inline$_v1.main$0$label_5#2;
-
- inline$_v1.main$0$label_5#2:
- _v1.OK := _v1.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 64} true;
- _v1.OK := _v1.OK
- && _v2.Res_VALID_REGION(_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v1.main$0$se))
- == 1;
- assert true;
- _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry := _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v1.main$0$se) := inline$_v1.main$0$ie];
- assume _v2.value_is(_v1.__ctobpl_const_47,
- _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v1.main$0$se)]);
- goto inline$_v1.main$0$label_6#2;
-
- inline$_v1.main$0$label_6#2:
- _v1.OK := _v1.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 65} true;
- _v1.OK := _v1.OK
- && _v2.Res_VALID_REGION(_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v1.main$0$se))
- == 1;
- assert true;
- assume _v2.INT_GEQ(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v1.main$0$se)],
- 0);
- _v1.OK := _v1.OK
- && _v2.Res_VALID_REGION(_v2.INT_PLUS(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v1.main$0$se)],
- 1,
- 0))
- == 1;
- assert true;
- _v1.Mem_T.UCHAR := _v1.Mem_T.UCHAR[_v2.INT_PLUS(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v1.main$0$se)],
- 1,
- 0) := 200];
- assume _v2.value_is(_v1.__ctobpl_const_48,
- _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v1.main$0$se)]);
- assume _v2.value_is(_v1.__ctobpl_const_49,
- _v1.Mem_T.UCHAR[_v2.INT_PLUS(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v1.main$0$se)],
- 1,
- 0)]);
- goto inline$_v1.main$0$label_7#2;
-
- inline$_v1.main$0$label_7#2:
- _v1.OK := _v1.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 66} true;
- _v1.OK := _v1.OK
- && _v2.Res_VALID_REGION(_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v1.main$0$se))
- == 1;
- assert true;
- assume _v2.INT_GEQ(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v1.main$0$se)],
- 0);
- _v1.OK := _v1.OK
- && _v2.Res_VALID_REGION(_v2.INT_PLUS(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v1.main$0$se)],
- 1,
- 1))
- == 1;
- assert true;
- _v1.Mem_T.UCHAR := _v1.Mem_T.UCHAR[_v2.INT_PLUS(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v1.main$0$se)],
- 1,
- 1) := 3];
- assume _v2.value_is(_v1.__ctobpl_const_50,
- _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v1.main$0$se)]);
- assume _v2.value_is(_v1.__ctobpl_const_51,
- _v1.Mem_T.UCHAR[_v2.INT_PLUS(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v1.main$0$se)],
- 1,
- 1)]);
- goto inline$_v1.main$0$label_8#2;
-
- inline$_v1.main$0$label_8#2:
- _v1.OK := _v1.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 68} true;
- assume _v2.INT_GT(inline$_v1.main$0$se, 0);
- assume _v2.INT_GT(inline$_v1.main$0$se, 0);
- _v1.giwscan_cb_in_3_0, _v1.giwscan_cb_in_3_1, _v1.giwscan_cb_in_3_2, _v1.giwscan_cb_in_3_3, _v1.giwscan_cb_in_3_4 := inline$_v1.main$0$se, _v1.alloc, _v1.OK, _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v1.Mem_T.UCHAR;
- call inline$_v1.main$0$result.giwscan_cb$2 := _v1.giwscan_cb(inline$_v1.main$0$se);
- _v1.giwscan_cb_3_done := true;
- _v1.giwscan_cb_out_3_0, _v1.giwscan_cb_out_3_1, _v1.giwscan_cb_out_3_2, _v1.giwscan_cb_out_3_3 := inline$_v1.main$0$result.giwscan_cb$2, _v1.alloc, _v1.OK, _v1.Mem_T.UCHAR;
- goto inline$_v1.main$0$label_11#2;
-
- inline$_v1.main$0$label_11#2:
- _v1.OK := _v1.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 70} true;
- inline$_v1.main$0$result.main$1 := 0;
- goto inline$_v1.main$0$label_1#2;
-
- inline$_v1.main$0$label_1#2:
- _v1.OK := _v1.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 71} true;
- _v1.__HAVOC_free_in_4_0, _v1.__HAVOC_free_in_4_1, _v1.__HAVOC_free_in_4_2, _v1.__HAVOC_free_in_4_3, _v1.__HAVOC_free_in_4_4 := inline$_v1.main$0$ie, _v1.alloc, _v1.OK, _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v1.Mem_T.UCHAR;
- call _v1.__HAVOC_free(inline$_v1.main$0$ie);
- _v1.__HAVOC_free_4_done := true;
- _v1.__HAVOC_free_in_5_0, _v1.__HAVOC_free_in_5_1, _v1.__HAVOC_free_in_5_2, _v1.__HAVOC_free_in_5_3, _v1.__HAVOC_free_in_5_4 := inline$_v1.main$0$se, _v1.alloc, _v1.OK, _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v1.Mem_T.UCHAR;
- call _v1.__HAVOC_free(inline$_v1.main$0$se);
- _v1.__HAVOC_free_5_done := true;
- goto inline$_v1.main$0$Return;
-
- inline$_v1.main$0$Return:
- assume true;
- _v1.result.main$1 := inline$_v1.main$0$result.main$1;
- goto START$1;
-
- START$1:
- goto inline$_v2.main$0$Entry;
-
- inline$_v2.main$0$Entry:
- havoc inline$_v2.main$0$havoc_stringTemp, inline$_v2.main$0$condVal, inline$_v2.main$0$ie, inline$_v2.main$0$result.giwscan_cb$2, inline$_v2.main$0$se, inline$_v2.main$0$tempBoogie0, inline$_v2.main$0$tempBoogie1, inline$_v2.main$0$tempBoogie2, inline$_v2.main$0$tempBoogie3, inline$_v2.main$0$tempBoogie4, inline$_v2.main$0$tempBoogie5, inline$_v2.main$0$tempBoogie6, inline$_v2.main$0$tempBoogie7, inline$_v2.main$0$tempBoogie8, inline$_v2.main$0$tempBoogie9, inline$_v2.main$0$tempBoogie10, inline$_v2.main$0$tempBoogie11, inline$_v2.main$0$tempBoogie12, inline$_v2.main$0$tempBoogie13, inline$_v2.main$0$tempBoogie14, inline$_v2.main$0$tempBoogie15, inline$_v2.main$0$tempBoogie16, inline$_v2.main$0$tempBoogie17, inline$_v2.main$0$tempBoogie18, inline$_v2.main$0$tempBoogie19, inline$_v2.main$0$__havoc_dummy_return, inline$_v2.main$0$result.main$1;
- inline$_v2.main$0$_v2.alloc := _v2.alloc;
- inline$_v2.main$0$_v2.OK := _v2.OK;
- inline$_v2.main$0$_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry := _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry;
- inline$_v2.main$0$_v2.Mem_T.UCHAR := _v2.Mem_T.UCHAR;
- goto inline$_v2.main$0$anon0#2;
-
- inline$_v2.main$0$anon0#2:
- inline$_v2.main$0$havoc_stringTemp := 0;
- goto inline$_v2.main$0$start#2;
-
- inline$_v2.main$0$start#2:
- _v2.__HAVOC_det_malloc_in_6_0, _v2.__HAVOC_det_malloc_in_6_1, _v2.__HAVOC_det_malloc_in_6_2, _v2.__HAVOC_det_malloc_in_6_3, _v2.__HAVOC_det_malloc_in_6_4 := 5, _v2.alloc, _v2.OK, _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v2.Mem_T.UCHAR;
- call inline$_v2.main$0$ie := _v2.__HAVOC_det_malloc(5);
- _v2.__HAVOC_det_malloc_6_done := true;
- _v2.__HAVOC_det_malloc_out_6_0, _v2.__HAVOC_det_malloc_out_6_1 := inline$_v2.main$0$ie, _v2.alloc;
- inline$_v2.main$0$result.giwscan_cb$2 := 0;
- inline$_v2.main$0$result.main$1 := 0;
- _v2.__HAVOC_det_malloc_in_7_0, _v2.__HAVOC_det_malloc_in_7_1, _v2.__HAVOC_det_malloc_in_7_2, _v2.__HAVOC_det_malloc_in_7_3, _v2.__HAVOC_det_malloc_in_7_4 := 4, _v2.alloc, _v2.OK, _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v2.Mem_T.UCHAR;
- call inline$_v2.main$0$se := _v2.__HAVOC_det_malloc(4);
- _v2.__HAVOC_det_malloc_7_done := true;
- _v2.__HAVOC_det_malloc_out_7_0, _v2.__HAVOC_det_malloc_out_7_1 := inline$_v2.main$0$se, _v2.alloc;
- goto inline$_v2.main$0$label_3#2;
-
- inline$_v2.main$0$label_3#2:
- _v2.OK := _v2.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 63} true;
- goto inline$_v2.main$0$label_4#2;
-
- inline$_v2.main$0$label_4#2:
- _v2.OK := _v2.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 64} true;
- goto inline$_v2.main$0$label_5#2;
-
- inline$_v2.main$0$label_5#2:
- _v2.OK := _v2.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 65} true;
- _v2.OK := _v2.OK
- && _v2.Res_VALID_REGION(_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v2.main$0$se))
- == 1;
- assert true;
- _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry := _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v2.main$0$se) := inline$_v2.main$0$ie];
- assume _v2.value_is(_v2.__ctobpl_const_48,
- _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v2.main$0$se)]);
- goto inline$_v2.main$0$label_6#2;
-
- inline$_v2.main$0$label_6#2:
- _v2.OK := _v2.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 66} true;
- _v2.OK := _v2.OK
- && _v2.Res_VALID_REGION(_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v2.main$0$se))
- == 1;
- assert true;
- assume _v2.INT_GEQ(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v2.main$0$se)],
- 0);
- _v2.OK := _v2.OK
- && _v2.Res_VALID_REGION(_v2.INT_PLUS(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v2.main$0$se)],
- 1,
- 0))
- == 1;
- assert true;
- _v2.Mem_T.UCHAR := _v2.Mem_T.UCHAR[_v2.INT_PLUS(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v2.main$0$se)],
- 1,
- 0) := 200];
- assume _v2.value_is(_v2.__ctobpl_const_49,
- _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v2.main$0$se)]);
- assume _v2.value_is(_v2.__ctobpl_const_50,
- _v2.Mem_T.UCHAR[_v2.INT_PLUS(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v2.main$0$se)],
- 1,
- 0)]);
- goto inline$_v2.main$0$label_7#2;
-
- inline$_v2.main$0$label_7#2:
- _v2.OK := _v2.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 67} true;
- _v2.OK := _v2.OK
- && _v2.Res_VALID_REGION(_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v2.main$0$se))
- == 1;
- assert true;
- assume _v2.INT_GEQ(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v2.main$0$se)],
- 0);
- _v2.OK := _v2.OK
- && _v2.Res_VALID_REGION(_v2.INT_PLUS(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v2.main$0$se)],
- 1,
- 1))
- == 1;
- assert true;
- _v2.Mem_T.UCHAR := _v2.Mem_T.UCHAR[_v2.INT_PLUS(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v2.main$0$se)],
- 1,
- 1) := 3];
- assume _v2.value_is(_v2.__ctobpl_const_51,
- _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v2.main$0$se)]);
- assume _v2.value_is(_v2.__ctobpl_const_52,
- _v2.Mem_T.UCHAR[_v2.INT_PLUS(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v2.main$0$se)],
- 1,
- 1)]);
- goto inline$_v2.main$0$label_8#2;
-
- inline$_v2.main$0$label_8#2:
- _v2.OK := _v2.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 69} true;
- assume _v2.INT_GT(inline$_v2.main$0$se, 0);
- assume _v2.INT_GT(inline$_v2.main$0$se, 0);
- _v2.giwscan_cb_in_8_0, _v2.giwscan_cb_in_8_1, _v2.giwscan_cb_in_8_2, _v2.giwscan_cb_in_8_3, _v2.giwscan_cb_in_8_4 := inline$_v2.main$0$se, _v2.alloc, _v2.OK, _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v2.Mem_T.UCHAR;
- call inline$_v2.main$0$result.giwscan_cb$2 := _v2.giwscan_cb(inline$_v2.main$0$se);
- _v2.giwscan_cb_8_done := true;
- _v2.giwscan_cb_out_8_0, _v2.giwscan_cb_out_8_1, _v2.giwscan_cb_out_8_2, _v2.giwscan_cb_out_8_3 := inline$_v2.main$0$result.giwscan_cb$2, _v2.alloc, _v2.OK, _v2.Mem_T.UCHAR;
- goto inline$_v2.main$0$label_11#2;
-
- inline$_v2.main$0$label_11#2:
- _v2.OK := _v2.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 71} true;
- inline$_v2.main$0$result.main$1 := 0;
- goto inline$_v2.main$0$label_1#2;
-
- inline$_v2.main$0$label_1#2:
- _v2.OK := _v2.OK && true;
- assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 72} true;
- _v2.__HAVOC_free_in_9_0, _v2.__HAVOC_free_in_9_1, _v2.__HAVOC_free_in_9_2, _v2.__HAVOC_free_in_9_3, _v2.__HAVOC_free_in_9_4 := inline$_v2.main$0$ie, _v2.alloc, _v2.OK, _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v2.Mem_T.UCHAR;
- call _v2.__HAVOC_free(inline$_v2.main$0$ie);
- _v2.__HAVOC_free_9_done := true;
- _v2.__HAVOC_free_in_10_0, _v2.__HAVOC_free_in_10_1, _v2.__HAVOC_free_in_10_2, _v2.__HAVOC_free_in_10_3, _v2.__HAVOC_free_in_10_4 := inline$_v2.main$0$se, _v2.alloc, _v2.OK, _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v2.Mem_T.UCHAR;
- call _v2.__HAVOC_free(inline$_v2.main$0$se);
- _v2.__HAVOC_free_10_done := true;
- goto inline$_v2.main$0$Return;
-
- inline$_v2.main$0$Return:
- assume true;
- _v2.result.main$1 := inline$_v2.main$0$result.main$1;
- goto START$2;
-
- START$2:
- goto MS_L_0_8;
-
- MS_L_0_0:
- goto MS_L_taken_0, MS_L_not_taken_0;
-
- MS_L_taken_0:
- assume _v1.__HAVOC_det_malloc_1_done && _v2.__HAVOC_det_malloc_6_done;
- store__0__v1.alloc, store__0__v1.OK, store__0__v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, store__0__v1.Mem_T.UCHAR := _v1.alloc, _v1.OK, _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v1.Mem_T.UCHAR;
- store__0__v2.alloc, store__0__v2.OK, store__0__v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, store__0__v2.Mem_T.UCHAR := _v2.alloc, _v2.OK, _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v2.Mem_T.UCHAR;
- _v1.alloc, _v1.OK, _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v1.Mem_T.UCHAR := _v1.__HAVOC_det_malloc_in_1_1, _v1.__HAVOC_det_malloc_in_1_2, _v1.__HAVOC_det_malloc_in_1_3, _v1.__HAVOC_det_malloc_in_1_4;
- _v2.alloc, _v2.OK, _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v2.Mem_T.UCHAR := _v2.__HAVOC_det_malloc_in_6_1, _v2.__HAVOC_det_malloc_in_6_2, _v2.__HAVOC_det_malloc_in_6_3, _v2.__HAVOC_det_malloc_in_6_4;
- call out__v1.__HAVOC_det_malloc_out_1_0_0, out__v2.__HAVOC_det_malloc_out_6_0_0 := MS_Check__v1.__HAVOC_det_malloc___v2.__HAVOC_det_malloc(_v1.__HAVOC_det_malloc_in_1_0, _v2.__HAVOC_det_malloc_in_6_0);
- assume _v1.alloc == _v1.__HAVOC_det_malloc_out_1_1;
- assume _v2.alloc == _v2.__HAVOC_det_malloc_out_6_1;
- assume _v1.__HAVOC_det_malloc_out_1_0 == out__v1.__HAVOC_det_malloc_out_1_0_0
- && _v2.__HAVOC_det_malloc_out_6_0 == out__v2.__HAVOC_det_malloc_out_6_0_0;
- _v1.alloc, _v1.OK, _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v1.Mem_T.UCHAR := store__0__v1.alloc, store__0__v1.OK, store__0__v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, store__0__v1.Mem_T.UCHAR;
- _v2.alloc, _v2.OK, _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v2.Mem_T.UCHAR := store__0__v2.alloc, store__0__v2.OK, store__0__v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, store__0__v2.Mem_T.UCHAR;
- goto MS_L_meet_0;
-
- MS_L_not_taken_0:
- assume !(_v1.__HAVOC_det_malloc_1_done && _v2.__HAVOC_det_malloc_6_done);
- goto MS_L_meet_0;
-
- MS_L_meet_0:
- return;
-
- MS_L_0_1:
- goto MS_L_taken_1, MS_L_not_taken_1;
-
- MS_L_taken_1:
- assume _v1.__HAVOC_det_malloc_1_done && _v2.__HAVOC_det_malloc_7_done;
- store__1__v1.alloc, store__1__v1.OK, store__1__v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, store__1__v1.Mem_T.UCHAR := _v1.alloc, _v1.OK, _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v1.Mem_T.UCHAR;
- store__1__v2.alloc, store__1__v2.OK, store__1__v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, store__1__v2.Mem_T.UCHAR := _v2.alloc, _v2.OK, _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v2.Mem_T.UCHAR;
- _v1.alloc, _v1.OK, _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v1.Mem_T.UCHAR := _v1.__HAVOC_det_malloc_in_1_1, _v1.__HAVOC_det_malloc_in_1_2, _v1.__HAVOC_det_malloc_in_1_3, _v1.__HAVOC_det_malloc_in_1_4;
- _v2.alloc, _v2.OK, _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v2.Mem_T.UCHAR := _v2.__HAVOC_det_malloc_in_7_1, _v2.__HAVOC_det_malloc_in_7_2, _v2.__HAVOC_det_malloc_in_7_3, _v2.__HAVOC_det_malloc_in_7_4;
- call out__v1.__HAVOC_det_malloc_out_1_0_1, out__v2.__HAVOC_det_malloc_out_7_0_1 := MS_Check__v1.__HAVOC_det_malloc___v2.__HAVOC_det_malloc(_v1.__HAVOC_det_malloc_in_1_0, _v2.__HAVOC_det_malloc_in_7_0);
- assume _v1.alloc == _v1.__HAVOC_det_malloc_out_1_1;
- assume _v2.alloc == _v2.__HAVOC_det_malloc_out_7_1;
- assume _v1.__HAVOC_det_malloc_out_1_0 == out__v1.__HAVOC_det_malloc_out_1_0_1
- && _v2.__HAVOC_det_malloc_out_7_0 == out__v2.__HAVOC_det_malloc_out_7_0_1;
- _v1.alloc, _v1.OK, _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v1.Mem_T.UCHAR := store__1__v1.alloc, store__1__v1.OK, store__1__v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, store__1__v1.Mem_T.UCHAR;
- _v2.alloc, _v2.OK, _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v2.Mem_T.UCHAR := store__1__v2.alloc, store__1__v2.OK, store__1__v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, store__1__v2.Mem_T.UCHAR;
- goto MS_L_meet_1;
-
- MS_L_not_taken_1:
- assume !(_v1.__HAVOC_det_malloc_1_done && _v2.__HAVOC_det_malloc_7_done);
- goto MS_L_meet_1;
-
- MS_L_meet_1:
- goto MS_L_0_0;
-
- MS_L_0_2:
- goto MS_L_taken_2, MS_L_not_taken_2;
-
- MS_L_taken_2:
- assume _v1.__HAVOC_det_malloc_2_done && _v2.__HAVOC_det_malloc_6_done;
- store__2__v1.alloc, store__2__v1.OK, store__2__v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, store__2__v1.Mem_T.UCHAR := _v1.alloc, _v1.OK, _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v1.Mem_T.UCHAR;
- store__2__v2.alloc, store__2__v2.OK, store__2__v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, store__2__v2.Mem_T.UCHAR := _v2.alloc, _v2.OK, _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v2.Mem_T.UCHAR;
- _v1.alloc, _v1.OK, _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v1.Mem_T.UCHAR := _v1.__HAVOC_det_malloc_in_2_1, _v1.__HAVOC_det_malloc_in_2_2, _v1.__HAVOC_det_malloc_in_2_3, _v1.__HAVOC_det_malloc_in_2_4;
- _v2.alloc, _v2.OK, _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v2.Mem_T.UCHAR := _v2.__HAVOC_det_malloc_in_6_1, _v2.__HAVOC_det_malloc_in_6_2, _v2.__HAVOC_det_malloc_in_6_3, _v2.__HAVOC_det_malloc_in_6_4;
- call out__v1.__HAVOC_det_malloc_out_2_0_2, out__v2.__HAVOC_det_malloc_out_6_0_2 := MS_Check__v1.__HAVOC_det_malloc___v2.__HAVOC_det_malloc(_v1.__HAVOC_det_malloc_in_2_0, _v2.__HAVOC_det_malloc_in_6_0);
- assume _v1.alloc == _v1.__HAVOC_det_malloc_out_2_1;
- assume _v2.alloc == _v2.__HAVOC_det_malloc_out_6_1;
- assume _v1.__HAVOC_det_malloc_out_2_0 == out__v1.__HAVOC_det_malloc_out_2_0_2
- && _v2.__HAVOC_det_malloc_out_6_0 == out__v2.__HAVOC_det_malloc_out_6_0_2;
- _v1.alloc, _v1.OK, _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v1.Mem_T.UCHAR := store__2__v1.alloc, store__2__v1.OK, store__2__v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, store__2__v1.Mem_T.UCHAR;
- _v2.alloc, _v2.OK, _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v2.Mem_T.UCHAR := store__2__v2.alloc, store__2__v2.OK, store__2__v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, store__2__v2.Mem_T.UCHAR;
- goto MS_L_meet_2;
-
- MS_L_not_taken_2:
- assume !(_v1.__HAVOC_det_malloc_2_done && _v2.__HAVOC_det_malloc_6_done);
- goto MS_L_meet_2;
-
- MS_L_meet_2:
- goto MS_L_0_1;
-
- MS_L_0_3:
- goto MS_L_taken_3, MS_L_not_taken_3;
-
- MS_L_taken_3:
- assume _v1.__HAVOC_det_malloc_2_done && _v2.__HAVOC_det_malloc_7_done;
- store__3__v1.alloc, store__3__v1.OK, store__3__v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, store__3__v1.Mem_T.UCHAR := _v1.alloc, _v1.OK, _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v1.Mem_T.UCHAR;
- store__3__v2.alloc, store__3__v2.OK, store__3__v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, store__3__v2.Mem_T.UCHAR := _v2.alloc, _v2.OK, _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v2.Mem_T.UCHAR;
- _v1.alloc, _v1.OK, _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v1.Mem_T.UCHAR := _v1.__HAVOC_det_malloc_in_2_1, _v1.__HAVOC_det_malloc_in_2_2, _v1.__HAVOC_det_malloc_in_2_3, _v1.__HAVOC_det_malloc_in_2_4;
- _v2.alloc, _v2.OK, _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v2.Mem_T.UCHAR := _v2.__HAVOC_det_malloc_in_7_1, _v2.__HAVOC_det_malloc_in_7_2, _v2.__HAVOC_det_malloc_in_7_3, _v2.__HAVOC_det_malloc_in_7_4;
- call out__v1.__HAVOC_det_malloc_out_2_0_3, out__v2.__HAVOC_det_malloc_out_7_0_3 := MS_Check__v1.__HAVOC_det_malloc___v2.__HAVOC_det_malloc(_v1.__HAVOC_det_malloc_in_2_0, _v2.__HAVOC_det_malloc_in_7_0);
- assume _v1.alloc == _v1.__HAVOC_det_malloc_out_2_1;
- assume _v2.alloc == _v2.__HAVOC_det_malloc_out_7_1;
- assume _v1.__HAVOC_det_malloc_out_2_0 == out__v1.__HAVOC_det_malloc_out_2_0_3
- && _v2.__HAVOC_det_malloc_out_7_0 == out__v2.__HAVOC_det_malloc_out_7_0_3;
- _v1.alloc, _v1.OK, _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v1.Mem_T.UCHAR := store__3__v1.alloc, store__3__v1.OK, store__3__v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, store__3__v1.Mem_T.UCHAR;
- _v2.alloc, _v2.OK, _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v2.Mem_T.UCHAR := store__3__v2.alloc, store__3__v2.OK, store__3__v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, store__3__v2.Mem_T.UCHAR;
- goto MS_L_meet_3;
-
- MS_L_not_taken_3:
- assume !(_v1.__HAVOC_det_malloc_2_done && _v2.__HAVOC_det_malloc_7_done);
- goto MS_L_meet_3;
-
- MS_L_meet_3:
- goto MS_L_0_2;
-
- MS_L_0_4:
- goto MS_L_taken_4, MS_L_not_taken_4;
-
- MS_L_taken_4:
- assume _v1.giwscan_cb_3_done && _v2.giwscan_cb_8_done;
- store__4__v1.alloc, store__4__v1.OK, store__4__v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, store__4__v1.Mem_T.UCHAR := _v1.alloc, _v1.OK, _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v1.Mem_T.UCHAR;
- store__4__v2.alloc, store__4__v2.OK, store__4__v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, store__4__v2.Mem_T.UCHAR := _v2.alloc, _v2.OK, _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v2.Mem_T.UCHAR;
- _v1.alloc, _v1.OK, _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v1.Mem_T.UCHAR := _v1.giwscan_cb_in_3_1, _v1.giwscan_cb_in_3_2, _v1.giwscan_cb_in_3_3, _v1.giwscan_cb_in_3_4;
- _v2.alloc, _v2.OK, _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v2.Mem_T.UCHAR := _v2.giwscan_cb_in_8_1, _v2.giwscan_cb_in_8_2, _v2.giwscan_cb_in_8_3, _v2.giwscan_cb_in_8_4;
- call out__v1.giwscan_cb_out_3_0_4, out__v2.giwscan_cb_out_8_0_4 := MS_Check__v1.giwscan_cb___v2.giwscan_cb(_v1.giwscan_cb_in_3_0, _v2.giwscan_cb_in_8_0);
- assume _v1.alloc == _v1.giwscan_cb_out_3_1
- && (_v1.OK <==> _v1.giwscan_cb_out_3_2)
- && _v1.Mem_T.UCHAR == _v1.giwscan_cb_out_3_3;
- assume _v2.alloc == _v2.giwscan_cb_out_8_1
- && (_v2.OK <==> _v2.giwscan_cb_out_8_2)
- && _v2.Mem_T.UCHAR == _v2.giwscan_cb_out_8_3;
- assume _v1.giwscan_cb_out_3_0 == out__v1.giwscan_cb_out_3_0_4
- && _v2.giwscan_cb_out_8_0 == out__v2.giwscan_cb_out_8_0_4;
- _v1.alloc, _v1.OK, _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v1.Mem_T.UCHAR := store__4__v1.alloc, store__4__v1.OK, store__4__v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, store__4__v1.Mem_T.UCHAR;
- _v2.alloc, _v2.OK, _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v2.Mem_T.UCHAR := store__4__v2.alloc, store__4__v2.OK, store__4__v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, store__4__v2.Mem_T.UCHAR;
- goto MS_L_meet_4;
-
- MS_L_not_taken_4:
- assume !(_v1.giwscan_cb_3_done && _v2.giwscan_cb_8_done);
- goto MS_L_meet_4;
-
- MS_L_meet_4:
- goto MS_L_0_3;
-
- MS_L_0_5:
- goto MS_L_taken_5, MS_L_not_taken_5;
-
- MS_L_taken_5:
- assume _v1.__HAVOC_free_4_done && _v2.__HAVOC_free_9_done;
- store__5__v1.alloc, store__5__v1.OK, store__5__v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, store__5__v1.Mem_T.UCHAR := _v1.alloc, _v1.OK, _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v1.Mem_T.UCHAR;
- store__5__v2.alloc, store__5__v2.OK, store__5__v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, store__5__v2.Mem_T.UCHAR := _v2.alloc, _v2.OK, _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v2.Mem_T.UCHAR;
- _v1.alloc, _v1.OK, _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v1.Mem_T.UCHAR := _v1.__HAVOC_free_in_4_1, _v1.__HAVOC_free_in_4_2, _v1.__HAVOC_free_in_4_3, _v1.__HAVOC_free_in_4_4;
- _v2.alloc, _v2.OK, _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v2.Mem_T.UCHAR := _v2.__HAVOC_free_in_9_1, _v2.__HAVOC_free_in_9_2, _v2.__HAVOC_free_in_9_3, _v2.__HAVOC_free_in_9_4;
- call MS_Check__v1.__HAVOC_free___v2.__HAVOC_free(_v1.__HAVOC_free_in_4_0, _v2.__HAVOC_free_in_9_0);
- assume true;
- assume true;
- assume true;
- _v1.alloc, _v1.OK, _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v1.Mem_T.UCHAR := store__5__v1.alloc, store__5__v1.OK, store__5__v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, store__5__v1.Mem_T.UCHAR;
- _v2.alloc, _v2.OK, _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v2.Mem_T.UCHAR := store__5__v2.alloc, store__5__v2.OK, store__5__v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, store__5__v2.Mem_T.UCHAR;
- goto MS_L_meet_5;
-
- MS_L_not_taken_5:
- assume !(_v1.__HAVOC_free_4_done && _v2.__HAVOC_free_9_done);
- goto MS_L_meet_5;
-
- MS_L_meet_5:
- goto MS_L_0_4;
-
- MS_L_0_6:
- goto MS_L_taken_6, MS_L_not_taken_6;
-
- MS_L_taken_6:
- assume _v1.__HAVOC_free_4_done && _v2.__HAVOC_free_10_done;
- store__6__v1.alloc, store__6__v1.OK, store__6__v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, store__6__v1.Mem_T.UCHAR := _v1.alloc, _v1.OK, _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v1.Mem_T.UCHAR;
- store__6__v2.alloc, store__6__v2.OK, store__6__v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, store__6__v2.Mem_T.UCHAR := _v2.alloc, _v2.OK, _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v2.Mem_T.UCHAR;
- _v1.alloc, _v1.OK, _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v1.Mem_T.UCHAR := _v1.__HAVOC_free_in_4_1, _v1.__HAVOC_free_in_4_2, _v1.__HAVOC_free_in_4_3, _v1.__HAVOC_free_in_4_4;
- _v2.alloc, _v2.OK, _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v2.Mem_T.UCHAR := _v2.__HAVOC_free_in_10_1, _v2.__HAVOC_free_in_10_2, _v2.__HAVOC_free_in_10_3, _v2.__HAVOC_free_in_10_4;
- call MS_Check__v1.__HAVOC_free___v2.__HAVOC_free(_v1.__HAVOC_free_in_4_0, _v2.__HAVOC_free_in_10_0);
- assume true;
- assume true;
- assume true;
- _v1.alloc, _v1.OK, _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v1.Mem_T.UCHAR := store__6__v1.alloc, store__6__v1.OK, store__6__v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, store__6__v1.Mem_T.UCHAR;
- _v2.alloc, _v2.OK, _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v2.Mem_T.UCHAR := store__6__v2.alloc, store__6__v2.OK, store__6__v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, store__6__v2.Mem_T.UCHAR;
- goto MS_L_meet_6;
-
- MS_L_not_taken_6:
- assume !(_v1.__HAVOC_free_4_done && _v2.__HAVOC_free_10_done);
- goto MS_L_meet_6;
-
- MS_L_meet_6:
- goto MS_L_0_5;
-
- MS_L_0_7:
- goto MS_L_taken_7, MS_L_not_taken_7;
-
- MS_L_taken_7:
- assume _v1.__HAVOC_free_5_done && _v2.__HAVOC_free_9_done;
- store__7__v1.alloc, store__7__v1.OK, store__7__v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, store__7__v1.Mem_T.UCHAR := _v1.alloc, _v1.OK, _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v1.Mem_T.UCHAR;
- store__7__v2.alloc, store__7__v2.OK, store__7__v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, store__7__v2.Mem_T.UCHAR := _v2.alloc, _v2.OK, _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v2.Mem_T.UCHAR;
- _v1.alloc, _v1.OK, _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v1.Mem_T.UCHAR := _v1.__HAVOC_free_in_5_1, _v1.__HAVOC_free_in_5_2, _v1.__HAVOC_free_in_5_3, _v1.__HAVOC_free_in_5_4;
- _v2.alloc, _v2.OK, _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v2.Mem_T.UCHAR := _v2.__HAVOC_free_in_9_1, _v2.__HAVOC_free_in_9_2, _v2.__HAVOC_free_in_9_3, _v2.__HAVOC_free_in_9_4;
- call MS_Check__v1.__HAVOC_free___v2.__HAVOC_free(_v1.__HAVOC_free_in_5_0, _v2.__HAVOC_free_in_9_0);
- assume true;
- assume true;
- assume true;
- _v1.alloc, _v1.OK, _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v1.Mem_T.UCHAR := store__7__v1.alloc, store__7__v1.OK, store__7__v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, store__7__v1.Mem_T.UCHAR;
- _v2.alloc, _v2.OK, _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v2.Mem_T.UCHAR := store__7__v2.alloc, store__7__v2.OK, store__7__v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, store__7__v2.Mem_T.UCHAR;
- goto MS_L_meet_7;
-
- MS_L_not_taken_7:
- assume !(_v1.__HAVOC_free_5_done && _v2.__HAVOC_free_9_done);
- goto MS_L_meet_7;
-
- MS_L_meet_7:
- goto MS_L_0_6;
-
- MS_L_0_8:
- goto MS_L_taken_8, MS_L_not_taken_8;
-
- MS_L_taken_8:
- assume _v1.__HAVOC_free_5_done && _v2.__HAVOC_free_10_done;
- store__8__v1.alloc, store__8__v1.OK, store__8__v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, store__8__v1.Mem_T.UCHAR := _v1.alloc, _v1.OK, _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v1.Mem_T.UCHAR;
- store__8__v2.alloc, store__8__v2.OK, store__8__v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, store__8__v2.Mem_T.UCHAR := _v2.alloc, _v2.OK, _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v2.Mem_T.UCHAR;
- _v1.alloc, _v1.OK, _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v1.Mem_T.UCHAR := _v1.__HAVOC_free_in_5_1, _v1.__HAVOC_free_in_5_2, _v1.__HAVOC_free_in_5_3, _v1.__HAVOC_free_in_5_4;
- _v2.alloc, _v2.OK, _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v2.Mem_T.UCHAR := _v2.__HAVOC_free_in_10_1, _v2.__HAVOC_free_in_10_2, _v2.__HAVOC_free_in_10_3, _v2.__HAVOC_free_in_10_4;
- call MS_Check__v1.__HAVOC_free___v2.__HAVOC_free(_v1.__HAVOC_free_in_5_0, _v2.__HAVOC_free_in_10_0);
- assume true;
- assume true;
- assume true;
- _v1.alloc, _v1.OK, _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v1.Mem_T.UCHAR := store__8__v1.alloc, store__8__v1.OK, store__8__v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, store__8__v1.Mem_T.UCHAR;
- _v2.alloc, _v2.OK, _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v2.Mem_T.UCHAR := store__8__v2.alloc, store__8__v2.OK, store__8__v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, store__8__v2.Mem_T.UCHAR;
- goto MS_L_meet_8;
-
- MS_L_not_taken_8:
- assume !(_v1.__HAVOC_free_5_done && _v2.__HAVOC_free_10_done);
- goto MS_L_meet_8;
-
- MS_L_meet_8:
- goto MS_L_0_7;
-}
-
-
+// RUN: %boogie /nologo /contractInfer /inlineDepth:1 /printAssignment /noinfer "%s" > "%t"
+// RUN: %diff "%s.expect" "%t"
+
+function _v2.ite(b: bool, x: int, y: int) : int;
+
+var _v2.OK: bool;
+
+var {:extern} _v2.Mem: [name][int]int;
+
+var {:extern} _v2.alloc: int;
+
+var {:extern} _v2.Mem_T.A1CHAR: [int]int;
+
+var {:extern} _v2.Mem_T.A5UCHAR: [int]int;
+
+var {:extern} _v2.Mem_T.A6UCHAR: [int]int;
+
+var {:extern} _v2.Mem_T.CHAR: [int]int;
+
+var {:extern} _v2.Mem_T.INT4: [int]int;
+
+var {:extern} _v2.Mem_T.PCHAR: [int]int;
+
+var {:extern} _v2.Mem_T.PUCHAR: [int]int;
+
+var {:extern} _v2.Mem_T.PVOID: [int]int;
+
+var {:extern} _v2.Mem_T.Pieee80211_scan_entry: [int]int;
+
+var {:extern} _v2.Mem_T.UCHAR: [int]int;
+
+var {:extern} _v2.Mem_T.VOID: [int]int;
+
+var {:extern} _v2.Mem_T.ieee80211_scan_entry: [int]int;
+
+var {:extern} _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry: [int]int;
+
+var {:extern} _v2.detChoiceCnt: int;
+
+var {:extern} _v2.Res_KERNEL_SOURCE: [int]int;
+
+var {:extern} _v2.Res_PROBED: [int]int;
+
+const {:extern} unique _v2.T.se_rsn_ie_ieee80211_scan_entry: name;
+
+const {:extern} unique _v2.T.A1CHAR: name;
+
+const {:extern} unique _v2.T.A5UCHAR: name;
+
+const {:extern} unique _v2.T.A6UCHAR: name;
+
+const {:extern} unique _v2.T.CHAR: name;
+
+const {:extern} unique _v2.T.INT4: name;
+
+const {:extern} unique _v2.T.PA1CHAR: name;
+
+const {:extern} unique _v2.T.PA5UCHAR: name;
+
+const {:extern} unique _v2.T.PA6UCHAR: name;
+
+const {:extern} unique _v2.T.PCHAR: name;
+
+const {:extern} unique _v2.T.PINT4: name;
+
+const {:extern} unique _v2.T.PPCHAR: name;
+
+const {:extern} unique _v2.T.PPUCHAR: name;
+
+const {:extern} unique _v2.T.PPVOID: name;
+
+const {:extern} unique _v2.T.PPieee80211_scan_entry: name;
+
+const {:extern} unique _v2.T.PUCHAR: name;
+
+const {:extern} unique _v2.T.PUINT4: name;
+
+const {:extern} unique _v2.T.PVOID: name;
+
+const {:extern} unique _v2.T.Pieee80211_scan_entry: name;
+
+const {:extern} unique _v2.T.UCHAR: name;
+
+const {:extern} unique _v2.T.UINT4: name;
+
+const {:extern} unique _v2.T.VOID: name;
+
+const {:extern} unique _v2.T.ieee80211_scan_entry: name;
+
+const {:extern} {:model_const "p"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 16} unique _v2.__ctobpl_const_8: int;
+
+const {:extern} {:model_const "leader_len"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 13} unique _v2.__ctobpl_const_2: int;
+
+const {:extern} {:model_const "p"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 15} unique _v2.__ctobpl_const_3: int;
+
+const {:extern} {:model_const "buf"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 15} unique _v2.__ctobpl_const_4: int;
+
+const {:extern} {:model_const "p"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 16} unique _v2.__ctobpl_const_5: int;
+
+const {:extern} {:model_const "leader"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 16} unique _v2.__ctobpl_const_6: int;
+
+const {:extern} {:model_const "leader_len"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 16} unique _v2.__ctobpl_const_7: int;
+
+const {:extern} {:model_const "leader"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 16} unique _v2.__ctobpl_const_9: int;
+
+const {:extern} {:model_const "leader_len"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 16} unique _v2.__ctobpl_const_10: int;
+
+const {:extern} {:model_const "encode_ie.arg.4"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 53} unique _v2.__ctobpl_const_44: int;
+
+const {:extern} {:model_const "(se.se_rsn_ie)[0]"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 66} unique _v2.__ctobpl_const_50: int;
+
+const {:extern} {:model_const "se->se_rsn_ie"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 51} unique _v2.__ctobpl_const_34: int;
+
+const {:extern} {:model_const "se.se_rsn_ie"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 67} unique _v2.__ctobpl_const_51: int;
+
+const {:extern} {:model_const "se"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 53} unique _v2.__ctobpl_const_45: int;
+
+const {:extern} {:model_const "(se.se_rsn_ie)[1]"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 67} unique _v2.__ctobpl_const_52: int;
+
+const {:extern} {:model_const "(se->se_rsn_ie)[0]"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 52} unique _v2.__ctobpl_const_37: int;
+
+const {:extern} {:model_const "se"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 53} unique _v2.__ctobpl_const_42: int;
+
+const {:extern} {:model_const "se"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 54} unique _v2.__ctobpl_const_39: int;
+
+const {:extern} {:model_const "encode_ie.arg.4"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 53} unique _v2.__ctobpl_const_47: int;
+
+const {:extern} {:model_const "se->se_rsn_ie"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 54} unique _v2.__ctobpl_const_40: int;
+
+const {:extern} {:model_const "encode_ie.arg.4"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 54} unique _v2.__ctobpl_const_38: int;
+
+const {:extern} {:model_const "se.se_rsn_ie"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 66} unique _v2.__ctobpl_const_49: int;
+
+const {:extern} {:model_const "se"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 52} unique _v2.__ctobpl_const_35: int;
+
+const {:extern} {:model_const "se->se_rsn_ie"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 53} unique _v2.__ctobpl_const_43: int;
+
+const {:extern} {:model_const "se->se_rsn_ie"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 53} unique _v2.__ctobpl_const_46: int;
+
+const {:extern} {:model_const "se.se_rsn_ie"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 65} unique _v2.__ctobpl_const_48: int;
+
+const {:extern} {:model_const "(se->se_rsn_ie)[1]"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 54} unique _v2.__ctobpl_const_41: int;
+
+const {:extern} {:model_const "se->se_rsn_ie"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 52} unique _v2.__ctobpl_const_36: int;
+
+const {:extern} {:model_const "bufsize"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 13} unique _v2.__ctobpl_const_1: int;
+
+const {:extern} {:model_const "buf"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 39} unique _v2.__ctobpl_const_31: int;
+
+const {:extern} {:model_const "ielen"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 20} unique _v2.__ctobpl_const_17: int;
+
+const {:extern} {:model_const "*(p + 1)"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 32} unique _v2.__ctobpl_const_24: int;
+
+const {:extern} {:model_const "i"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 39} unique _v2.__ctobpl_const_18: int;
+
+const {:extern} {:model_const "bufsize"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 34} unique _v2.__ctobpl_const_26: int;
+
+const {:extern} {:model_const "leader_len"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 18} unique _v2.__ctobpl_const_14: int;
+
+const {:extern} {:model_const "i"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 20} unique _v2.__ctobpl_const_27: int;
+
+const {:extern} {:model_const "se"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 51} unique _v2.__ctobpl_const_33: int;
+
+const {:extern} {:model_const "result.question.3"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 39} unique _v2.__ctobpl_const_28: int;
+
+const {:extern} {:model_const "i"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 20} unique _v2.__ctobpl_const_15: int;
+
+const {:extern} {:model_const "bufsize"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 17} unique _v2.__ctobpl_const_11: int;
+
+const {:extern} {:model_const "result.question.3"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 39} unique _v2.__ctobpl_const_29: int;
+
+const {:extern} {:model_const "leader_len"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 17} unique _v2.__ctobpl_const_12: int;
+
+const {:extern} {:model_const "result.question.3"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 39} unique _v2.__ctobpl_const_32: int;
+
+const {:extern} {:model_const "ielen"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 39} unique _v2.__ctobpl_const_19: int;
+
+const {:extern} {:model_const "p"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 30} unique _v2.__ctobpl_const_21: int;
+
+const {:extern} {:model_const "*p"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 30} unique _v2.__ctobpl_const_22: int;
+
+const {:extern} {:model_const "p"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 32} unique _v2.__ctobpl_const_23: int;
+
+const {:extern} {:model_const "i"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 20} unique _v2.__ctobpl_const_16: int;
+
+const {:extern} {:model_const "bufsize"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 20} unique _v2.__ctobpl_const_20: int;
+
+const {:extern} {:model_const "p"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 33} unique _v2.__ctobpl_const_25: int;
+
+const {:extern} {:model_const "p"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 18} unique _v2.__ctobpl_const_13: int;
+
+const {:extern} {:model_const "p"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceLine 39} unique _v2.__ctobpl_const_30: int;
+
+function {:extern} _v2.OneByteToInt(arg_0: byte) : int;
+
+function {:extern} _v2.TwoBytesToInt(arg_0: byte, arg_1: byte) : int;
+
+function {:extern} _v2.FourBytesToInt(arg_0: byte, arg_1: byte, arg_2: byte, arg_3: byte) : int;
+
+function {:extern} _v2.Field(arg_0: int) : name;
+
+function {:extern} _v2.Base(arg_0: int) : int;
+
+function {:extern} _v2.Match(a: int, t: name) : bool;
+
+function {:extern} _v2.MatchBase(b: int, a: int, t: name) : bool;
+
+function {:extern} _v2.HasType(v: int, t: name) : bool;
+
+function {:extern} _v2.T.Ptr(t: name) : name;
+
+function {:extern} _v2.se_rsn_ie_ieee80211_scan_entry(arg_0: int) : int;
+
+function {:extern} _v2.se_rsn_ie_ieee80211_scan_entryInv(arg_0: int) : int;
+
+function {:extern} _v2._S_se_rsn_ie_ieee80211_scan_entry(arg_0: [int]bool) : [int]bool;
+
+function {:extern} _v2._S_se_rsn_ie_ieee80211_scan_entryInv(arg_0: [int]bool) : [int]bool;
+
+function {:extern} _v2.INT_AND(a: int, b: int) : int;
+
+function {:extern} _v2.INT_OR(a: int, b: int) : int;
+
+function {:extern} _v2.INT_XOR(a: int, b: int) : int;
+
+function {:extern} _v2.INT_NOT(a: int) : int;
+
+function {:extern} _v2.POW2(a: int) : bool;
+
+function {:extern} _v2.INT_MINUS_LEFT_PTR(a: int, a_size: int, b: int) : int;
+
+function {:extern} _v2.INT_PLUS(a: int, a_size: int, b: int) : int;
+
+function {:extern} _v2.INT_MULT(a: int, b: int) : int;
+
+function {:extern} _v2.INT_DIV(a: int, b: int) : int;
+
+function {:extern} _v2.INT_BINARY_BOTH_INT(a: int, b: int) : int;
+
+function {:extern} _v2.BV32_EQ(x: bv32, y: bv32) : bool;
+
+function {:extern} _v2.BV32_NEQ(x: bv32, y: bv32) : bool;
+
+function {:extern} {:bvbuiltin "bvadd"} _v2.BV32_ADD(x: bv32, y: bv32) : bv32;
+
+function {:extern} {:bvbuiltin "bvsub"} _v2.BV32_SUB(x: bv32, y: bv32) : bv32;
+
+function {:extern} {:bvbuiltin "bvmul"} _v2.BV32_MULT(x: bv32, y: bv32) : bv32;
+
+function {:extern} {:bvbuiltin "bvudiv"} _v2.BV32_DIV(x: bv32, y: bv32) : bv32;
+
+function {:extern} {:bvbuiltin "bvult"} _v2.BV32_ULT(x: bv32, y: bv32) : bool;
+
+function {:extern} {:bvbuiltin "bvslt"} _v2.BV32_LT(x: bv32, y: bv32) : bool;
+
+function {:extern} {:bvbuiltin "bvule"} _v2.BV32_ULEQ(x: bv32, y: bv32) : bool;
+
+function {:extern} {:bvbuiltin "bvsle"} _v2.BV32_LEQ(x: bv32, y: bv32) : bool;
+
+function {:extern} {:bvbuiltin "bvugt"} _v2.BV32_UGT(x: bv32, y: bv32) : bool;
+
+function {:extern} {:bvbuiltin "bvsgt"} _v2.BV32_GT(x: bv32, y: bv32) : bool;
+
+function {:extern} {:bvbuiltin "bvuge"} _v2.BV32_UGEQ(x: bv32, y: bv32) : bool;
+
+function {:extern} {:bvbuiltin "bvsge"} _v2.BV32_GEQ(x: bv32, y: bv32) : bool;
+
+function {:extern} {:bvbuiltin "bvand"} _v2.BV32_AND(a: bv32, b: bv32) : bv32;
+
+function {:extern} {:bvbuiltin "bvor"} _v2.BV32_OR(a: bv32, b: bv32) : bv32;
+
+function {:extern} {:bvbuiltin "bvxor"} _v2.BV32_XOR(a: bv32, b: bv32) : bv32;
+
+function {:extern} {:bvbuiltin "bvnot"} _v2.BV32_NOT(a: bv32) : bv32;
+
+function {:extern} _v2.BV32_MINUS_BOTH_PTR_OR_BOTH_INT(a: bv32, b: bv32, size: bv32) : bv32;
+
+function {:extern} _v2.BV32_MINUS_LEFT_PTR(a: bv32, a_size: bv32, b: bv32) : bv32;
+
+function {:extern} _v2.BV32_PLUS(a: bv32, a_size: bv32, b: bv32) : bv32;
+
+function {:extern} _v2.BV32_BINARY_BOTH_INT(a: bv32, b: bv32) : bv32;
+
+function {:extern} _v2.bv32ToInt(arg_0: bv32) : int;
+
+function {:extern} _v2.intToBv32(arg_0: int) : bv32;
+
+function {:extern} _v2.choose(a: bool, b: int, c: int) : int;
+
+function {:extern} _v2.LIFT(a: bool) : int;
+
+function {:extern} _v2.PTR_NOT(a: int) : int;
+
+function {:extern} _v2.NULL_CHECK(a: int) : int;
+
+function {:extern} _v2.NewAlloc(x: int, y: int) : int;
+
+function {:extern} _v2.DetChoiceFunc(a: int) : int;
+
+function {:extern} _v2.Res_VALID_REGION(arg_0: int) : int;
+
+function {:extern} _v2.Equal(arg_0: [int]bool, arg_1: [int]bool) : bool;
+
+function {:extern} _v2.Subset(arg_0: [int]bool, arg_1: [int]bool) : bool;
+
+function {:extern} _v2.Disjoint(arg_0: [int]bool, arg_1: [int]bool) : bool;
+
+function {:extern} _v2.Empty() : [int]bool;
+
+function {:extern} _v2.SetTrue() : [int]bool;
+
+function {:extern} _v2.Singleton(arg_0: int) : [int]bool;
+
+function {:extern} _v2.Reachable(arg_0: [int,int]bool, arg_1: int) : [int]bool;
+
+function {:extern} _v2.Union(arg_0: [int]bool, arg_1: [int]bool) : [int]bool;
+
+function {:extern} _v2.Intersection(arg_0: [int]bool, arg_1: [int]bool) : [int]bool;
+
+function {:extern} _v2.Difference(arg_0: [int]bool, arg_1: [int]bool) : [int]bool;
+
+function {:extern} _v2.Dereference(arg_0: [int]bool, arg_1: [int]int) : [int]bool;
+
+function {:extern} _v2.Inverse(f: [int]int, x: int) : [int]bool;
+
+function {:extern} _v2.AtLeast(arg_0: int, arg_1: int) : [int]bool;
+
+function {:extern} _v2.Rep(arg_0: int, arg_1: int) : int;
+
+function {:extern} _v2.Array(arg_0: int, arg_1: int, arg_2: int) : [int]bool;
+
+function {:extern} _v2.Unified(arg_0: [name][int]int) : [int]int;
+
+function {:extern} _v2.value_is(c: int, e: int) : bool;
+
+
+function {:inline true} _v2.se_rsn_ie_ieee80211_scan_entry(x : int) : int
+{
+_v2.INT_ADD(x, 0)
+}
+
+function {:inline true} _v2.INT_EQ(x : int, y : int): bool
+{
+x == y
+}
+
+function {:inline true} _v2.INT_NEQ(x : int, y: int): bool
+{
+x != y
+}
+
+function {:inline true} _v2.INT_ADD(x : int, y : int): int
+{
+x + y
+}
+
+function {:inline true} _v2.INT_SUB(x : int, y : int): int
+{
+ x - y
+}
+
+function {:inline true} _v2.INT_LT(x : int, y : int): bool
+{
+x < y
+}
+
+function {:inline true} _v2.INT_ULT(x : int, y : int): bool
+{
+x < y
+}
+
+function {:inline true} _v2.INT_LEQ(x : int, y : int): bool
+{
+x <= y
+}
+
+function {:inline true} _v2.INT_ULEQ(x : int, y : int): bool
+{
+x <= y
+}
+
+function {:inline true} _v2.INT_GT(x : int, y : int): bool
+{
+x > y
+}
+
+function {:inline true} _v2.INT_UGT(x : int, y : int): bool
+{
+x > y
+}
+
+function {:inline true} _v2.INT_GEQ(x : int, y : int): bool
+{
+x >= y
+}
+
+function {:inline true} _v2.INT_UGEQ(x : int, y : int): bool
+{
+x >= y
+}
+
+
+
+procedure _v2.havoc_assert(i: int);
+ /* free */ requires i != 0;
+ /* free */ ensures _v2.OK ==> old(_v2.OK);
+
+
+
+procedure _v2.havoc_assume(i: int);
+ /* free */ ensures i != 0;
+ /* free */ ensures _v2.OK ==> old(_v2.OK);
+
+
+
+procedure _v2.__HAVOC_free(a: int);
+ /* free */ ensures _v2.OK ==> old(_v2.OK);
+
+
+
+procedure _v2.__HAVOC_malloc(obj_size: int) returns (new: int);
+ /* free */ requires _v2.INT_GEQ(obj_size, 0);
+ modifies _v2.alloc;
+ /* free */ ensures new == old(_v2.alloc);
+ /* free */ ensures _v2.INT_GT(_v2.alloc, _v2.INT_ADD(new, obj_size));
+ /* free */ ensures _v2.Base(new) == new;
+ /* free */ ensures _v2.INT_GEQ(new, 0);
+ /* free */ ensures _v2.OK ==> old(_v2.OK);
+
+
+
+procedure _v2.__HAVOC_det_malloc(obj_size: int) returns (new: int);
+ /* free */ requires _v2.INT_GEQ(obj_size, 0);
+ modifies _v2.alloc;
+ /* free */ ensures new == old(_v2.alloc);
+ /* free */ ensures _v2.INT_GT(_v2.alloc, _v2.INT_ADD(new, obj_size));
+ /* free */ ensures _v2.Base(new) == new;
+ /* free */ ensures _v2.alloc == _v2.NewAlloc(old(_v2.alloc), obj_size);
+ /* free */ ensures _v2.INT_GEQ(new, 0);
+ /* free */ ensures _v2.OK ==> old(_v2.OK);
+
+
+
+
+procedure _v2.nondet_choice() returns (x: int);
+ /* free */ ensures _v2.OK ==> old(_v2.OK);
+
+
+
+procedure _v2.det_choice() returns (x: int);
+ modifies _v2.detChoiceCnt;
+ /* free */ ensures _v2.detChoiceCnt == _v2.INT_ADD(old(_v2.detChoiceCnt), 1);
+ /* free */ ensures x == _v2.DetChoiceFunc(old(_v2.detChoiceCnt));
+ /* free */ ensures _v2.OK ==> old(_v2.OK);
+
+
+
+procedure _v2._strdup(str: int) returns (new: int);
+ /* free */ ensures _v2.OK ==> old(_v2.OK);
+
+
+
+procedure _v2._xstrcasecmp(a0: int, a1: int) returns (ret: int);
+ /* free */ ensures _v2.OK ==> old(_v2.OK);
+
+
+
+procedure _v2._xstrcmp(a0: int, a1: int) returns (ret: int);
+ /* free */ ensures _v2.OK ==> old(_v2.OK);
+
+
+
+procedure _v2.memcpy(a0: int, a1: int, a2: int) returns (ret: int);
+ /* free */ ensures _v2.OK ==> old(_v2.OK);
+
+
+
+procedure _v2.encode_ie(buf_.1: int,
+ bufsize_.1: int,
+ ie_.1: int,
+ ielen_.1: int,
+ leader_.1: int,
+ leader_len_.1: int)
+ returns (result.encode_ie$1: int);
+ modifies _v2.OK, _v2.Mem_T.UCHAR;
+ /* free */ ensures _v2.OK ==> old(_v2.OK);
+
+
+
+procedure _v2.giwscan_cb(se_.1: int) returns (result.giwscan_cb$1: int);
+ modifies _v2.alloc, _v2.OK, _v2.Mem_T.UCHAR;
+ /* free */ ensures _v2.OK ==> old(_v2.OK);
+
+
+
+procedure _v2.main() returns (result.main$1: int);
+ modifies _v2.alloc, _v2.OK, _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v2.Mem_T.UCHAR;
+ /* free */ ensures _v2.OK ==> old(_v2.OK);
+
+
+
+procedure _v2.encode_ie_loop_label_14_head(in_bufsize: int, in_i: int, in_ielen: int, in_p: int, in_tempBoogie0: int)
+ returns (out_bufsize: int, out_i: int, out_p: int, out_tempBoogie0: int);
+ modifies _v2.Mem_T.UCHAR, _v2.OK;
+ /* free */ ensures _v2.OK ==> old(_v2.OK);
+
+
+
+implementation _v2.encode_ie(buf_.1: int,
+ bufsize_.1: int,
+ ie_.1: int,
+ ielen_.1: int,
+ leader_.1: int,
+ leader_len_.1: int)
+ returns (result.encode_ie$1: int)
+{
+ var {:extern} havoc_stringTemp: int;
+ var {:extern} condVal: int;
+ var {:extern} buf: int;
+ var {:extern} bufsize: int;
+ var {:extern} i: int;
+ var {:extern} ie: int;
+ var {:extern} ielen: int;
+ var {:extern} leader: int;
+ var {:extern} leader_len: int;
+ var {:extern} p: int;
+ var {:extern} result.memcpy$2: int;
+ var {:extern} $result.question.3.$$static$: int;
+ var {:extern} tempBoogie0: int;
+ var {:extern} tempBoogie1: int;
+ var {:extern} tempBoogie2: int;
+ var {:extern} tempBoogie3: int;
+ var {:extern} tempBoogie4: int;
+ var {:extern} tempBoogie5: int;
+ var {:extern} tempBoogie6: int;
+ var {:extern} tempBoogie7: int;
+ var {:extern} tempBoogie8: int;
+ var {:extern} tempBoogie9: int;
+ var {:extern} tempBoogie10: int;
+ var {:extern} tempBoogie11: int;
+ var {:extern} tempBoogie12: int;
+ var {:extern} tempBoogie13: int;
+ var {:extern} tempBoogie14: int;
+ var {:extern} tempBoogie15: int;
+ var {:extern} tempBoogie16: int;
+ var {:extern} tempBoogie17: int;
+ var {:extern} tempBoogie18: int;
+ var {:extern} tempBoogie19: int;
+ var {:extern} __havoc_dummy_return: int;
+
+ anon0#2:
+ havoc_stringTemp := 0;
+ goto start#2;
+
+ start#2:
+ assume _v2.INT_LT(buf_.1, _v2.alloc);
+ assume _v2.INT_LT(ie_.1, _v2.alloc);
+ assume _v2.INT_LT(leader_.1, _v2.alloc);
+ buf := 0;
+ assume _v2.INT_GEQ(buf_.1, 0);
+ bufsize := 0;
+ i := 0;
+ ie := 0;
+ assume _v2.INT_GEQ(ie_.1, 0);
+ ielen := 0;
+ leader := 0;
+ assume _v2.INT_GEQ(leader_.1, 0);
+ leader_len := 0;
+ p := 0;
+ result.encode_ie$1 := 0;
+ result.memcpy$2 := 0;
+ $result.question.3.$$static$ := 0;
+ buf := buf_.1;
+ bufsize := bufsize_.1;
+ ie := ie_.1;
+ ielen := ielen_.1;
+ leader := leader_.1;
+ leader_len := leader_len_.1;
+ goto label_3#2;
+
+ label_3#2:
+ _v2.OK := _v2.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 9} true;
+ goto label_4#2;
+
+ label_4#2:
+ _v2.OK := _v2.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 10} true;
+ goto label_5#2;
+
+ label_5#2:
+ _v2.OK := _v2.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 13} true;
+ goto label_5_true#2, label_5_false#2;
+
+ label_5_false#2:
+ assume !_v2.INT_LT(bufsize, leader_len);
+ assume _v2.value_is(_v2.__ctobpl_const_1, bufsize);
+ assume _v2.value_is(_v2.__ctobpl_const_2, leader_len);
+ goto label_6#2;
+
+ label_6#2:
+ _v2.OK := _v2.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 15} true;
+ p := buf;
+ assume _v2.value_is(_v2.__ctobpl_const_3, p);
+ assume _v2.value_is(_v2.__ctobpl_const_4, buf);
+ goto label_8#2;
+
+ label_8#2:
+ _v2.OK := _v2.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 16} true;
+ call result.memcpy$2 := _v2.memcpy(p, leader, leader_len);
+ assume _v2.value_is(_v2.__ctobpl_const_5, p);
+ assume _v2.value_is(_v2.__ctobpl_const_6, leader);
+ assume _v2.value_is(_v2.__ctobpl_const_7, leader_len);
+ assume _v2.value_is(_v2.__ctobpl_const_8, p);
+ assume _v2.value_is(_v2.__ctobpl_const_9, leader);
+ assume _v2.value_is(_v2.__ctobpl_const_10, leader_len);
+ goto label_11#2;
+
+ label_11#2:
+ _v2.OK := _v2.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 17} true;
+ havoc tempBoogie0;
+ assume _v2.INT_MINUS_BOTH_PTR_OR_BOTH_INT(bufsize, leader_len, 1, tempBoogie0);
+ bufsize := tempBoogie0;
+ assume _v2.value_is(_v2.__ctobpl_const_11, bufsize);
+ assume _v2.value_is(_v2.__ctobpl_const_12, leader_len);
+ goto label_12#2;
+
+ label_12#2:
+ _v2.OK := _v2.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 18} true;
+ tempBoogie0 := _v2.INT_PLUS(p, 1, leader_len);
+ p := tempBoogie0;
+ assume _v2.value_is(_v2.__ctobpl_const_13, p);
+ assume _v2.value_is(_v2.__ctobpl_const_14, leader_len);
+ goto label_13#2;
+
+ label_13#2:
+ _v2.OK := _v2.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 20} true;
+ i := 0;
+ assume _v2.value_is(_v2.__ctobpl_const_15, i);
+ goto label_14#2;
+
+ label_14#2:
+ _v2.OK := _v2.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 20} true;
+ goto label_14_head#2;
+
+ label_14_head#2:
+ call bufsize, i, p, tempBoogie0 := _v2.encode_ie_loop_label_14_head(bufsize, i, ielen, p, tempBoogie0);
+ goto label_14_head_last#2;
+
+ label_14_head_last#2:
+ goto label_14_true#2, label_14_false#2;
+
+ label_14_false#2:
+ assume !_v2.INT_LT(i, ielen);
+ assume _v2.value_is(_v2.__ctobpl_const_16, i);
+ assume _v2.value_is(_v2.__ctobpl_const_17, ielen);
+ goto label_15#2;
+
+ label_14_true#2:
+ assume _v2.INT_LT(i, ielen);
+ assume _v2.value_is(_v2.__ctobpl_const_16, i);
+ assume _v2.value_is(_v2.__ctobpl_const_17, ielen);
+ goto label_16#2;
+
+ label_16#2:
+ _v2.OK := _v2.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 20} true;
+ goto label_16_true#2, label_16_false#2;
+
+ label_16_false#2:
+ assume !_v2.INT_LT(2, bufsize);
+ assume _v2.value_is(_v2.__ctobpl_const_20, bufsize);
+ goto label_15#2;
+
+ label_15#2:
+ _v2.OK := _v2.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 39} true;
+ goto label_15_true#2, label_15_false#2;
+
+ label_15_false#2:
+ assume !_v2.INT_EQ(i, ielen);
+ assume _v2.value_is(_v2.__ctobpl_const_18, i);
+ assume _v2.value_is(_v2.__ctobpl_const_19, ielen);
+ goto label_22#2;
+
+ label_22#2:
+ _v2.OK := _v2.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 39} true;
+ $result.question.3.$$static$ := 0;
+ assume _v2.value_is(_v2.__ctobpl_const_28, $result.question.3.$$static$);
+ goto label_24#2;
+
+ label_15_true#2:
+ assume _v2.INT_EQ(i, ielen);
+ assume _v2.value_is(_v2.__ctobpl_const_18, i);
+ assume _v2.value_is(_v2.__ctobpl_const_19, ielen);
+ goto label_23#2;
+
+ label_23#2:
+ _v2.OK := _v2.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 39} true;
+ havoc $result.question.3.$$static$;
+ assume _v2.INT_MINUS_BOTH_PTR_OR_BOTH_INT(p, buf, 1, $result.question.3.$$static$);
+ assume _v2.value_is(_v2.__ctobpl_const_29, $result.question.3.$$static$);
+ assume _v2.value_is(_v2.__ctobpl_const_30, p);
+ assume _v2.value_is(_v2.__ctobpl_const_31, buf);
+ goto label_24#2;
+
+ label_24#2:
+ _v2.OK := _v2.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 39} true;
+ result.encode_ie$1 := $result.question.3.$$static$;
+ assume _v2.value_is(_v2.__ctobpl_const_32, $result.question.3.$$static$);
+ goto label_1#2;
+
+ label_16_true#2:
+ assume _v2.INT_LT(2, bufsize);
+ assume _v2.value_is(_v2.__ctobpl_const_20, bufsize);
+ goto label_17#2;
+
+ label_17#2:
+ _v2.OK := _v2.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 30} true;
+ assume _v2.INT_GEQ(p, 0);
+ _v2.OK := _v2.OK && _v2.Res_VALID_REGION(p) == 1;
+ assert true;
+ _v2.Mem_T.UCHAR := _v2.Mem_T.UCHAR[p := 120];
+ assume _v2.value_is(_v2.__ctobpl_const_21, p);
+ assume _v2.value_is(_v2.__ctobpl_const_22, _v2.Mem_T.UCHAR[p]);
+ goto label_18#2;
+
+ label_18#2:
+ _v2.OK := _v2.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 32} true;
+ assume _v2.INT_GEQ(_v2.INT_PLUS(p, 1, 1), 0);
+ _v2.OK := _v2.OK && _v2.Res_VALID_REGION(_v2.INT_PLUS(p, 1, 1)) == 1;
+ assert true;
+ _v2.Mem_T.UCHAR := _v2.Mem_T.UCHAR[_v2.INT_PLUS(p, 1, 1) := 120];
+ assume _v2.value_is(_v2.__ctobpl_const_23, p);
+ assume _v2.value_is(_v2.__ctobpl_const_24, _v2.Mem_T.UCHAR[_v2.INT_PLUS(p, 1, 1)]);
+ goto label_19#2;
+
+ label_19#2:
+ _v2.OK := _v2.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 33} true;
+ tempBoogie0 := _v2.INT_PLUS(p, 1, 2);
+ p := tempBoogie0;
+ assume _v2.value_is(_v2.__ctobpl_const_25, p);
+ goto label_20#2;
+
+ label_20#2:
+ _v2.OK := _v2.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 34} true;
+ havoc tempBoogie0;
+ assume _v2.INT_MINUS_BOTH_PTR_OR_BOTH_INT(bufsize, 2, 1, tempBoogie0);
+ bufsize := tempBoogie0;
+ assume _v2.value_is(_v2.__ctobpl_const_26, bufsize);
+ goto label_21#2;
+
+ label_21#2:
+ _v2.OK := _v2.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 20} true;
+ assume _v2.value_is(_v2.__ctobpl_const_27, i);
+ i := _v2.INT_PLUS(i, 1, 1);
+ goto label_21_dummy#2;
+
+ label_21_dummy#2:
+ assume false;
+ return;
+
+ label_5_true#2:
+ assume _v2.INT_LT(bufsize, leader_len);
+ assume _v2.value_is(_v2.__ctobpl_const_1, bufsize);
+ assume _v2.value_is(_v2.__ctobpl_const_2, leader_len);
+ goto label_7#2;
+
+ label_7#2:
+ _v2.OK := _v2.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 14} true;
+ result.encode_ie$1 := 0;
+ goto label_1#2;
+
+ label_1#2:
+ _v2.OK := _v2.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 40} true;
+ return;
+}
+
+
+
+implementation _v2.giwscan_cb(se_.1: int) returns (result.giwscan_cb$1: int)
+{
+ var {:extern} havoc_stringTemp: int;
+ var {:extern} condVal: int;
+ var {:extern} buf: int;
+ var {:extern} $encode_ie.arg.4$3.$$static$: int;
+ var {:extern} result.encode_ie$2: int;
+ var {:extern} rsn_leader: int;
+ var {:extern} se: int;
+ var {:extern} tempBoogie0: int;
+ var {:extern} tempBoogie1: int;
+ var {:extern} tempBoogie2: int;
+ var {:extern} tempBoogie3: int;
+ var {:extern} tempBoogie4: int;
+ var {:extern} tempBoogie5: int;
+ var {:extern} tempBoogie6: int;
+ var {:extern} tempBoogie7: int;
+ var {:extern} tempBoogie8: int;
+ var {:extern} tempBoogie9: int;
+ var {:extern} tempBoogie10: int;
+ var {:extern} tempBoogie11: int;
+ var {:extern} tempBoogie12: int;
+ var {:extern} tempBoogie13: int;
+ var {:extern} tempBoogie14: int;
+ var {:extern} tempBoogie15: int;
+ var {:extern} tempBoogie16: int;
+ var {:extern} tempBoogie17: int;
+ var {:extern} tempBoogie18: int;
+ var {:extern} tempBoogie19: int;
+ var {:extern} __havoc_dummy_return: int;
+
+ anon0#2:
+ havoc_stringTemp := 0;
+ goto start#2;
+
+ start#2:
+ assume _v2.INT_LT(se_.1, _v2.alloc);
+ call buf := _v2.__HAVOC_det_malloc(6);
+ $encode_ie.arg.4$3.$$static$ := 0;
+ result.encode_ie$2 := 0;
+ result.giwscan_cb$1 := 0;
+ call rsn_leader := _v2.__HAVOC_det_malloc(1);
+ se := 0;
+ assume _v2.INT_GEQ(se_.1, 0);
+ se := se_.1;
+ goto label_3#2;
+
+ label_3#2:
+ _v2.OK := _v2.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 46} true;
+ goto label_4#2;
+
+ label_4#2:
+ _v2.OK := _v2.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 47} true;
+ goto label_5#2;
+
+ label_5#2:
+ _v2.OK := _v2.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 51} true;
+ assume _v2.INT_GEQ(se, 0);
+ _v2.OK := _v2.OK && _v2.Res_VALID_REGION(_v2.se_rsn_ie_ieee80211_scan_entry(se)) == 1;
+ assert true;
+ goto label_5_true#2, label_5_false#2;
+
+ label_5_false#2:
+ assume _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)]
+ == 0;
+ assume _v2.value_is(_v2.__ctobpl_const_33, se);
+ assume _v2.value_is(_v2.__ctobpl_const_34,
+ _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)]);
+ goto label_6#2;
+
+ label_5_true#2:
+ assume _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)]
+ != 0;
+ assume _v2.value_is(_v2.__ctobpl_const_33, se);
+ assume _v2.value_is(_v2.__ctobpl_const_34,
+ _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)]);
+ goto label_7#2;
+
+ label_7#2:
+ _v2.OK := _v2.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 52} true;
+ assume _v2.INT_GEQ(se, 0);
+ _v2.OK := _v2.OK && _v2.Res_VALID_REGION(_v2.se_rsn_ie_ieee80211_scan_entry(se)) == 1;
+ assert true;
+ assume _v2.INT_GEQ(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)],
+ 0);
+ _v2.OK := _v2.OK
+ && _v2.Res_VALID_REGION(_v2.INT_PLUS(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)],
+ 1,
+ 0))
+ == 1;
+ assert true;
+ goto label_7_true#2, label_7_false#2;
+
+ label_7_false#2:
+ assume !_v2.INT_EQ(_v2.Mem_T.UCHAR[_v2.INT_PLUS(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)],
+ 1,
+ 0)],
+ 200);
+ assume _v2.value_is(_v2.__ctobpl_const_35, se);
+ assume _v2.value_is(_v2.__ctobpl_const_36,
+ _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)]);
+ assume _v2.value_is(_v2.__ctobpl_const_37,
+ _v2.Mem_T.UCHAR[_v2.INT_PLUS(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)],
+ 1,
+ 0)]);
+ goto label_6#2;
+
+ label_7_true#2:
+ assume _v2.INT_EQ(_v2.Mem_T.UCHAR[_v2.INT_PLUS(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)],
+ 1,
+ 0)],
+ 200);
+ assume _v2.value_is(_v2.__ctobpl_const_35, se);
+ assume _v2.value_is(_v2.__ctobpl_const_36,
+ _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)]);
+ assume _v2.value_is(_v2.__ctobpl_const_37,
+ _v2.Mem_T.UCHAR[_v2.INT_PLUS(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)],
+ 1,
+ 0)]);
+ goto label_8#2;
+
+ label_8#2:
+ _v2.OK := _v2.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 54} true;
+ assume _v2.INT_GEQ(se, 0);
+ _v2.OK := _v2.OK && _v2.Res_VALID_REGION(_v2.se_rsn_ie_ieee80211_scan_entry(se)) == 1;
+ assert true;
+ assume _v2.INT_GEQ(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)],
+ 0);
+ _v2.OK := _v2.OK
+ && _v2.Res_VALID_REGION(_v2.INT_PLUS(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)],
+ 1,
+ 1))
+ == 1;
+ assert true;
+ $encode_ie.arg.4$3.$$static$ := _v2.INT_PLUS(_v2.Mem_T.UCHAR[_v2.INT_PLUS(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)],
+ 1,
+ 1)],
+ 1,
+ 2);
+ assume _v2.value_is(_v2.__ctobpl_const_38, $encode_ie.arg.4$3.$$static$);
+ assume _v2.value_is(_v2.__ctobpl_const_39, se);
+ assume _v2.value_is(_v2.__ctobpl_const_40,
+ _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)]);
+ assume _v2.value_is(_v2.__ctobpl_const_41,
+ _v2.Mem_T.UCHAR[_v2.INT_PLUS(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)],
+ 1,
+ 1)]);
+ goto label_9#2;
+
+ label_9#2:
+ _v2.OK := _v2.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 53} true;
+ assume _v2.INT_GEQ(se, 0);
+ _v2.OK := _v2.OK && _v2.Res_VALID_REGION(_v2.se_rsn_ie_ieee80211_scan_entry(se)) == 1;
+ assert true;
+ assume _v2.INT_GEQ(se, 0);
+ _v2.OK := _v2.OK && _v2.Res_VALID_REGION(_v2.se_rsn_ie_ieee80211_scan_entry(se)) == 1;
+ assert true;
+ call result.encode_ie$2 := _v2.encode_ie(buf, 6, _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)], $encode_ie.arg.4$3.$$static$, rsn_leader, 1);
+ assume _v2.value_is(_v2.__ctobpl_const_42, se);
+ assume _v2.value_is(_v2.__ctobpl_const_43,
+ _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)]);
+ assume _v2.value_is(_v2.__ctobpl_const_44, $encode_ie.arg.4$3.$$static$);
+ assume _v2.value_is(_v2.__ctobpl_const_45, se);
+ assume _v2.value_is(_v2.__ctobpl_const_46,
+ _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)]);
+ assume _v2.value_is(_v2.__ctobpl_const_47, $encode_ie.arg.4$3.$$static$);
+ goto label_6#2;
+
+ label_6#2:
+ _v2.OK := _v2.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 58} true;
+ result.giwscan_cb$1 := 0;
+ goto label_1#2;
+
+ label_1#2:
+ _v2.OK := _v2.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 59} true;
+ call _v2.__HAVOC_free(buf);
+ call _v2.__HAVOC_free(rsn_leader);
+ return;
+}
+
+
+
+implementation _v2.main() returns (result.main$1: int)
+{
+ var {:extern} havoc_stringTemp: int;
+ var {:extern} condVal: int;
+ var {:extern} ie: int;
+ var {:extern} result.giwscan_cb$2: int;
+ var {:extern} se: int;
+ var {:extern} tempBoogie0: int;
+ var {:extern} tempBoogie1: int;
+ var {:extern} tempBoogie2: int;
+ var {:extern} tempBoogie3: int;
+ var {:extern} tempBoogie4: int;
+ var {:extern} tempBoogie5: int;
+ var {:extern} tempBoogie6: int;
+ var {:extern} tempBoogie7: int;
+ var {:extern} tempBoogie8: int;
+ var {:extern} tempBoogie9: int;
+ var {:extern} tempBoogie10: int;
+ var {:extern} tempBoogie11: int;
+ var {:extern} tempBoogie12: int;
+ var {:extern} tempBoogie13: int;
+ var {:extern} tempBoogie14: int;
+ var {:extern} tempBoogie15: int;
+ var {:extern} tempBoogie16: int;
+ var {:extern} tempBoogie17: int;
+ var {:extern} tempBoogie18: int;
+ var {:extern} tempBoogie19: int;
+ var {:extern} __havoc_dummy_return: int;
+
+ anon0#2:
+ havoc_stringTemp := 0;
+ goto start#2;
+
+ start#2:
+ call ie := _v2.__HAVOC_det_malloc(5);
+ result.giwscan_cb$2 := 0;
+ result.main$1 := 0;
+ call se := _v2.__HAVOC_det_malloc(4);
+ goto label_3#2;
+
+ label_3#2:
+ _v2.OK := _v2.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 63} true;
+ goto label_4#2;
+
+ label_4#2:
+ _v2.OK := _v2.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 64} true;
+ goto label_5#2;
+
+ label_5#2:
+ _v2.OK := _v2.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 65} true;
+ _v2.OK := _v2.OK && _v2.Res_VALID_REGION(_v2.se_rsn_ie_ieee80211_scan_entry(se)) == 1;
+ assert true;
+ _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry := _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se) := ie];
+ assume _v2.value_is(_v2.__ctobpl_const_48,
+ _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)]);
+ goto label_6#2;
+
+ label_6#2:
+ _v2.OK := _v2.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 66} true;
+ _v2.OK := _v2.OK && _v2.Res_VALID_REGION(_v2.se_rsn_ie_ieee80211_scan_entry(se)) == 1;
+ assert true;
+ assume _v2.INT_GEQ(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)],
+ 0);
+ _v2.OK := _v2.OK
+ && _v2.Res_VALID_REGION(_v2.INT_PLUS(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)],
+ 1,
+ 0))
+ == 1;
+ assert true;
+ _v2.Mem_T.UCHAR := _v2.Mem_T.UCHAR[_v2.INT_PLUS(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)],
+ 1,
+ 0) := 200];
+ assume _v2.value_is(_v2.__ctobpl_const_49,
+ _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)]);
+ assume _v2.value_is(_v2.__ctobpl_const_50,
+ _v2.Mem_T.UCHAR[_v2.INT_PLUS(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)],
+ 1,
+ 0)]);
+ goto label_7#2;
+
+ label_7#2:
+ _v2.OK := _v2.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 67} true;
+ _v2.OK := _v2.OK && _v2.Res_VALID_REGION(_v2.se_rsn_ie_ieee80211_scan_entry(se)) == 1;
+ assert true;
+ assume _v2.INT_GEQ(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)],
+ 0);
+ _v2.OK := _v2.OK
+ && _v2.Res_VALID_REGION(_v2.INT_PLUS(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)],
+ 1,
+ 1))
+ == 1;
+ assert true;
+ _v2.Mem_T.UCHAR := _v2.Mem_T.UCHAR[_v2.INT_PLUS(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)],
+ 1,
+ 1) := 3];
+ assume _v2.value_is(_v2.__ctobpl_const_51,
+ _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)]);
+ assume _v2.value_is(_v2.__ctobpl_const_52,
+ _v2.Mem_T.UCHAR[_v2.INT_PLUS(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)],
+ 1,
+ 1)]);
+ goto label_8#2;
+
+ label_8#2:
+ _v2.OK := _v2.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 69} true;
+ assume _v2.INT_GT(se, 0);
+ assume _v2.INT_GT(se, 0);
+ call result.giwscan_cb$2 := _v2.giwscan_cb(se);
+ goto label_11#2;
+
+ label_11#2:
+ _v2.OK := _v2.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 71} true;
+ result.main$1 := 0;
+ goto label_1#2;
+
+ label_1#2:
+ _v2.OK := _v2.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 72} true;
+ call _v2.__HAVOC_free(ie);
+ call _v2.__HAVOC_free(se);
+ return;
+}
+
+
+
+implementation _v2.encode_ie_loop_label_14_head(in_bufsize: int, in_i: int, in_ielen: int, in_p: int, in_tempBoogie0: int)
+ returns (out_bufsize: int, out_i: int, out_p: int, out_tempBoogie0: int)
+{
+
+ entry#2:
+ out_bufsize, out_i, out_p, out_tempBoogie0 := in_bufsize, in_i, in_p, in_tempBoogie0;
+ goto label_14_head#2;
+
+ label_14_head#2:
+ goto label_14_true#2, label_14_false#2;
+
+ label_14_false#2:
+ assume !_v2.INT_LT(out_i, in_ielen);
+ assume _v2.value_is(_v2.__ctobpl_const_16, out_i);
+ assume _v2.value_is(_v2.__ctobpl_const_17, in_ielen);
+ out_bufsize, out_i, out_p, out_tempBoogie0 := in_bufsize, in_i, in_p, in_tempBoogie0;
+ _v2.Mem_T.UCHAR := old(_v2.Mem_T.UCHAR);
+ return;
+
+ label_14_true#2:
+ assume _v2.INT_LT(out_i, in_ielen);
+ assume _v2.value_is(_v2.__ctobpl_const_16, out_i);
+ assume _v2.value_is(_v2.__ctobpl_const_17, in_ielen);
+ goto label_16#2;
+
+ label_16#2:
+ _v2.OK := _v2.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 20} true;
+ goto label_16_true#2, label_16_false#2;
+
+ label_16_false#2:
+ assume !_v2.INT_LT(2, out_bufsize);
+ assume _v2.value_is(_v2.__ctobpl_const_20, out_bufsize);
+ out_bufsize, out_i, out_p, out_tempBoogie0 := in_bufsize, in_i, in_p, in_tempBoogie0;
+ _v2.Mem_T.UCHAR := old(_v2.Mem_T.UCHAR);
+ return;
+
+ label_16_true#2:
+ assume _v2.INT_LT(2, out_bufsize);
+ assume _v2.value_is(_v2.__ctobpl_const_20, out_bufsize);
+ goto label_17#2;
+
+ label_17#2:
+ _v2.OK := _v2.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 30} true;
+ assume _v2.INT_GEQ(out_p, 0);
+ _v2.OK := _v2.OK && _v2.Res_VALID_REGION(out_p) == 1;
+ assert true;
+ _v2.Mem_T.UCHAR := _v2.Mem_T.UCHAR[out_p := 120];
+ assume _v2.value_is(_v2.__ctobpl_const_21, out_p);
+ assume _v2.value_is(_v2.__ctobpl_const_22, _v2.Mem_T.UCHAR[out_p]);
+ goto label_18#2;
+
+ label_18#2:
+ _v2.OK := _v2.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 32} true;
+ assume _v2.INT_GEQ(_v2.INT_PLUS(out_p, 1, 1), 0);
+ _v2.OK := _v2.OK && _v2.Res_VALID_REGION(_v2.INT_PLUS(out_p, 1, 1)) == 1;
+ assert true;
+ _v2.Mem_T.UCHAR := _v2.Mem_T.UCHAR[_v2.INT_PLUS(out_p, 1, 1) := 120];
+ assume _v2.value_is(_v2.__ctobpl_const_23, out_p);
+ assume _v2.value_is(_v2.__ctobpl_const_24, _v2.Mem_T.UCHAR[_v2.INT_PLUS(out_p, 1, 1)]);
+ goto label_19#2;
+
+ label_19#2:
+ _v2.OK := _v2.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 33} true;
+ out_tempBoogie0 := _v2.INT_PLUS(out_p, 1, 2);
+ out_p := out_tempBoogie0;
+ assume _v2.value_is(_v2.__ctobpl_const_25, out_p);
+ goto label_20#2;
+
+ label_20#2:
+ _v2.OK := _v2.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 34} true;
+ havoc out_tempBoogie0;
+ assume _v2.INT_MINUS_BOTH_PTR_OR_BOTH_INT(out_bufsize, 2, 1, out_tempBoogie0);
+ out_bufsize := out_tempBoogie0;
+ assume _v2.value_is(_v2.__ctobpl_const_26, out_bufsize);
+ goto label_21#2;
+
+ label_21#2:
+ _v2.OK := _v2.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 20} true;
+ assume _v2.value_is(_v2.__ctobpl_const_27, out_i);
+ out_i := _v2.INT_PLUS(out_i, 1, 1);
+ goto label_21_dummy#2;
+
+ label_21_dummy#2:
+ call out_bufsize, out_i, out_p, out_tempBoogie0 := _v2.encode_ie_loop_label_14_head(out_bufsize, out_i, in_ielen, out_p, out_tempBoogie0);
+ return;
+}
+
+
+
+function _v1.ite(b: bool, x: int, y: int) : int;
+
+
+var _v1.OK: bool;
+
+var {:extern} _v1.Mem: [name][int]int;
+
+var {:extern} _v1.alloc: int;
+
+var {:extern} _v1.Mem_T.A1CHAR: [int]int;
+
+var {:extern} _v1.Mem_T.A5UCHAR: [int]int;
+
+var {:extern} _v1.Mem_T.A6UCHAR: [int]int;
+
+var {:extern} _v1.Mem_T.CHAR: [int]int;
+
+var {:extern} _v1.Mem_T.INT4: [int]int;
+
+var {:extern} _v1.Mem_T.PCHAR: [int]int;
+
+var {:extern} _v1.Mem_T.PUCHAR: [int]int;
+
+var {:extern} _v1.Mem_T.PVOID: [int]int;
+
+var {:extern} _v1.Mem_T.Pieee80211_scan_entry: [int]int;
+
+var {:extern} _v1.Mem_T.UCHAR: [int]int;
+
+var {:extern} _v1.Mem_T.VOID: [int]int;
+
+var {:extern} _v1.Mem_T.ieee80211_scan_entry: [int]int;
+
+var {:extern} _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry: [int]int;
+
+var {:extern} _v1.detChoiceCnt: int;
+
+var {:extern} _v1.Res_KERNEL_SOURCE: [int]int;
+
+var {:extern} _v1.Res_PROBED: [int]int;
+
+const {:extern} unique _v1.T.se_rsn_ie_ieee80211_scan_entry: name;
+
+const {:extern} unique _v1.T.A1CHAR: name;
+
+const {:extern} unique _v1.T.A5UCHAR: name;
+
+const {:extern} unique _v1.T.A6UCHAR: name;
+
+const {:extern} unique _v1.T.CHAR: name;
+
+const {:extern} unique _v1.T.INT4: name;
+
+const {:extern} unique _v1.T.PA1CHAR: name;
+
+const {:extern} unique _v1.T.PA5UCHAR: name;
+
+const {:extern} unique _v1.T.PA6UCHAR: name;
+
+const {:extern} unique _v1.T.PCHAR: name;
+
+const {:extern} unique _v1.T.PINT4: name;
+
+const {:extern} unique _v1.T.PPCHAR: name;
+
+const {:extern} unique _v1.T.PPUCHAR: name;
+
+const {:extern} unique _v1.T.PPVOID: name;
+
+const {:extern} unique _v1.T.PPieee80211_scan_entry: name;
+
+const {:extern} unique _v1.T.PUCHAR: name;
+
+const {:extern} unique _v1.T.PUINT4: name;
+
+const {:extern} unique _v1.T.PVOID: name;
+
+const {:extern} unique _v1.T.Pieee80211_scan_entry: name;
+
+const {:extern} unique _v1.T.UCHAR: name;
+
+const {:extern} unique _v1.T.UINT4: name;
+
+const {:extern} unique _v1.T.VOID: name;
+
+const {:extern} unique _v1.T.ieee80211_scan_entry: name;
+
+const {:extern} {:model_const "p"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 16} unique _v1.__ctobpl_const_5: int;
+
+const {:extern} {:model_const "leader"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 16} unique _v1.__ctobpl_const_6: int;
+
+const {:extern} {:model_const "leader_len"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 16} unique _v1.__ctobpl_const_7: int;
+
+const {:extern} {:model_const "leader"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 16} unique _v1.__ctobpl_const_9: int;
+
+const {:extern} {:model_const "bufsize"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 13} unique _v1.__ctobpl_const_1: int;
+
+const {:extern} {:model_const "p"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 16} unique _v1.__ctobpl_const_8: int;
+
+const {:extern} {:model_const "leader_len"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 16} unique _v1.__ctobpl_const_10: int;
+
+const {:extern} {:model_const "leader_len"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 13} unique _v1.__ctobpl_const_2: int;
+
+const {:extern} {:model_const "*(p + 1)"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 32} unique _v1.__ctobpl_const_24: int;
+
+const {:extern} {:model_const "p"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 33} unique _v1.__ctobpl_const_25: int;
+
+const {:extern} {:model_const "i"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 20} unique _v1.__ctobpl_const_26: int;
+
+const {:extern} {:model_const "result.question.3"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 38} unique _v1.__ctobpl_const_28: int;
+
+const {:extern} {:model_const "bufsize"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 17} unique _v1.__ctobpl_const_11: int;
+
+const {:extern} {:model_const "p"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 32} unique _v1.__ctobpl_const_23: int;
+
+const {:extern} {:model_const "p"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 18} unique _v1.__ctobpl_const_13: int;
+
+const {:extern} {:model_const "buf"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 38} unique _v1.__ctobpl_const_30: int;
+
+const {:extern} {:model_const "se"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 50} unique _v1.__ctobpl_const_32: int;
+
+const {:extern} {:model_const "leader_len"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 17} unique _v1.__ctobpl_const_12: int;
+
+const {:extern} {:model_const "se->se_rsn_ie"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 50} unique _v1.__ctobpl_const_33: int;
+
+const {:extern} {:model_const "bufsize"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 20} unique _v1.__ctobpl_const_20: int;
+
+const {:extern} {:model_const "*p"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 30} unique _v1.__ctobpl_const_22: int;
+
+const {:extern} {:model_const "i"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 38} unique _v1.__ctobpl_const_18: int;
+
+const {:extern} {:model_const "result.question.3"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 38} unique _v1.__ctobpl_const_31: int;
+
+const {:extern} {:model_const "ielen"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 38} unique _v1.__ctobpl_const_19: int;
+
+const {:extern} {:model_const "i"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 20} unique _v1.__ctobpl_const_16: int;
+
+const {:extern} {:model_const "p"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 30} unique _v1.__ctobpl_const_21: int;
+
+const {:extern} {:model_const "p"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 38} unique _v1.__ctobpl_const_29: int;
+
+const {:extern} {:model_const "result.question.3"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 38} unique _v1.__ctobpl_const_27: int;
+
+const {:extern} {:model_const "ielen"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 20} unique _v1.__ctobpl_const_17: int;
+
+const {:extern} {:model_const "leader_len"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 18} unique _v1.__ctobpl_const_14: int;
+
+const {:extern} {:model_const "i"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 20} unique _v1.__ctobpl_const_15: int;
+
+const {:extern} {:model_const "p"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 15} unique _v1.__ctobpl_const_3: int;
+
+const {:extern} {:model_const "buf"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 15} unique _v1.__ctobpl_const_4: int;
+
+const {:extern} {:model_const "se.se_rsn_ie"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 66} unique _v1.__ctobpl_const_50: int;
+
+const {:extern} {:model_const "(se.se_rsn_ie)[0]"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 65} unique _v1.__ctobpl_const_49: int;
+
+const {:extern} {:model_const "se.se_rsn_ie"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 65} unique _v1.__ctobpl_const_48: int;
+
+const {:extern} {:model_const "(se.se_rsn_ie)[1]"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 66} unique _v1.__ctobpl_const_51: int;
+
+const {:extern} {:model_const "se.se_rsn_ie"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 64} unique _v1.__ctobpl_const_47: int;
+
+const {:extern} {:model_const "se"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 52} unique _v1.__ctobpl_const_41: int;
+
+const {:extern} {:model_const "se->se_rsn_ie"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 52} unique _v1.__ctobpl_const_42: int;
+
+const {:extern} {:model_const "se->se_rsn_ie"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 52} unique _v1.__ctobpl_const_45: int;
+
+const {:extern} {:model_const "se->se_rsn_ie"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 51} unique _v1.__ctobpl_const_35: int;
+
+const {:extern} {:model_const "se"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 52} unique _v1.__ctobpl_const_44: int;
+
+const {:extern} {:model_const "se"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 51} unique _v1.__ctobpl_const_34: int;
+
+const {:extern} {:model_const "(se->se_rsn_ie)[1]"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 53} unique _v1.__ctobpl_const_40: int;
+
+const {:extern} {:model_const "se"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 53} unique _v1.__ctobpl_const_38: int;
+
+const {:extern} {:model_const "encode_ie.arg.4"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 52} unique _v1.__ctobpl_const_43: int;
+
+const {:extern} {:model_const "encode_ie.arg.4"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 52} unique _v1.__ctobpl_const_46: int;
+
+const {:extern} {:model_const "(se->se_rsn_ie)[0]"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 51} unique _v1.__ctobpl_const_36: int;
+
+const {:extern} {:model_const "encode_ie.arg.4"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 53} unique _v1.__ctobpl_const_37: int;
+
+const {:extern} {:model_const "se->se_rsn_ie"} {:sourceFile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceLine 53} unique _v1.__ctobpl_const_39: int;
+
+function {:inline true} _v2.INT_MINUS_BOTH_PTR_OR_BOTH_INT(a : int, b : int, size : int, result : int) : bool
+{
+ (size * result <= a - b) && (a - b < size * (result + 1))
+}
+
+
+
+procedure _v1.havoc_assert(i: int);
+ /* free */ requires i != 0;
+ /* free */ ensures _v1.OK ==> old(_v1.OK);
+
+
+
+procedure _v1.havoc_assume(i: int);
+ /* free */ ensures i != 0;
+ /* free */ ensures _v1.OK ==> old(_v1.OK);
+
+
+
+procedure _v1.__HAVOC_free(a: int);
+ /* free */ ensures _v1.OK ==> old(_v1.OK);
+
+
+
+procedure _v1.__HAVOC_malloc(obj_size: int) returns (new: int);
+ /* free */ requires _v2.INT_GEQ(obj_size, 0);
+ modifies _v1.alloc;
+ /* free */ ensures new == old(_v1.alloc);
+ /* free */ ensures _v2.INT_GT(_v1.alloc, _v2.INT_ADD(new, obj_size));
+ /* free */ ensures _v2.Base(new) == new;
+ /* free */ ensures _v2.INT_GEQ(new, 0);
+ /* free */ ensures _v1.OK ==> old(_v1.OK);
+
+
+
+procedure _v1.__HAVOC_det_malloc(obj_size: int) returns (new: int);
+ /* free */ requires _v2.INT_GEQ(obj_size, 0);
+ modifies _v1.alloc;
+ /* free */ ensures new == old(_v1.alloc);
+ /* free */ ensures _v2.INT_GT(_v1.alloc, _v2.INT_ADD(new, obj_size));
+ /* free */ ensures _v2.Base(new) == new;
+ /* free */ ensures _v1.alloc == _v2.NewAlloc(old(_v1.alloc), obj_size);
+ /* free */ ensures _v2.INT_GEQ(new, 0);
+ /* free */ ensures _v1.OK ==> old(_v1.OK);
+
+
+
+
+procedure _v1.nondet_choice() returns (x: int);
+ /* free */ ensures _v1.OK ==> old(_v1.OK);
+
+
+
+procedure _v1.det_choice() returns (x: int);
+ modifies _v1.detChoiceCnt;
+ /* free */ ensures _v1.detChoiceCnt == _v2.INT_ADD(old(_v1.detChoiceCnt), 1);
+ /* free */ ensures x == _v2.DetChoiceFunc(old(_v1.detChoiceCnt));
+ /* free */ ensures _v1.OK ==> old(_v1.OK);
+
+
+
+procedure _v1._strdup(str: int) returns (new: int);
+ /* free */ ensures _v1.OK ==> old(_v1.OK);
+
+
+
+procedure _v1._xstrcasecmp(a0: int, a1: int) returns (ret: int);
+ /* free */ ensures _v1.OK ==> old(_v1.OK);
+
+
+
+procedure _v1._xstrcmp(a0: int, a1: int) returns (ret: int);
+ /* free */ ensures _v1.OK ==> old(_v1.OK);
+
+
+
+procedure _v1.memcpy(a0: int, a1: int, a2: int) returns (ret: int);
+ /* free */ ensures _v1.OK ==> old(_v1.OK);
+
+
+
+procedure _v1.encode_ie(buf_.1: int,
+ bufsize_.1: int,
+ ie_.1: int,
+ ielen_.1: int,
+ leader_.1: int,
+ leader_len_.1: int)
+ returns (result.encode_ie$1: int);
+ modifies _v1.OK, _v1.Mem_T.UCHAR;
+ /* free */ ensures _v1.OK ==> old(_v1.OK);
+
+
+
+procedure _v1.giwscan_cb(se_.1: int) returns (result.giwscan_cb$1: int);
+ modifies _v1.alloc, _v1.OK, _v1.Mem_T.UCHAR;
+ /* free */ ensures _v1.OK ==> old(_v1.OK);
+
+
+
+procedure _v1.main() returns (result.main$1: int);
+ modifies _v1.alloc, _v1.OK, _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v1.Mem_T.UCHAR;
+ /* free */ ensures _v1.OK ==> old(_v1.OK);
+
+
+
+procedure _v1.encode_ie_loop_label_14_head(in_bufsize: int, in_i: int, in_ielen: int, in_p: int, in_tempBoogie0: int)
+ returns (out_i: int, out_p: int, out_tempBoogie0: int);
+ modifies _v1.Mem_T.UCHAR, _v1.OK;
+ /* free */ ensures _v1.OK ==> old(_v1.OK);
+
+
+
+implementation _v1.encode_ie(buf_.1: int,
+ bufsize_.1: int,
+ ie_.1: int,
+ ielen_.1: int,
+ leader_.1: int,
+ leader_len_.1: int)
+ returns (result.encode_ie$1: int)
+{
+ var {:extern} havoc_stringTemp: int;
+ var {:extern} condVal: int;
+ var {:extern} buf: int;
+ var {:extern} bufsize: int;
+ var {:extern} i: int;
+ var {:extern} ie: int;
+ var {:extern} ielen: int;
+ var {:extern} leader: int;
+ var {:extern} leader_len: int;
+ var {:extern} p: int;
+ var {:extern} result.memcpy$2: int;
+ var {:extern} $result.question.3.$$static$: int;
+ var {:extern} tempBoogie0: int;
+ var {:extern} tempBoogie1: int;
+ var {:extern} tempBoogie2: int;
+ var {:extern} tempBoogie3: int;
+ var {:extern} tempBoogie4: int;
+ var {:extern} tempBoogie5: int;
+ var {:extern} tempBoogie6: int;
+ var {:extern} tempBoogie7: int;
+ var {:extern} tempBoogie8: int;
+ var {:extern} tempBoogie9: int;
+ var {:extern} tempBoogie10: int;
+ var {:extern} tempBoogie11: int;
+ var {:extern} tempBoogie12: int;
+ var {:extern} tempBoogie13: int;
+ var {:extern} tempBoogie14: int;
+ var {:extern} tempBoogie15: int;
+ var {:extern} tempBoogie16: int;
+ var {:extern} tempBoogie17: int;
+ var {:extern} tempBoogie18: int;
+ var {:extern} tempBoogie19: int;
+ var {:extern} __havoc_dummy_return: int;
+
+ anon0#2:
+ havoc_stringTemp := 0;
+ goto start#2;
+
+ start#2:
+ assume _v2.INT_LT(buf_.1, _v1.alloc);
+ assume _v2.INT_LT(ie_.1, _v1.alloc);
+ assume _v2.INT_LT(leader_.1, _v1.alloc);
+ buf := 0;
+ assume _v2.INT_GEQ(buf_.1, 0);
+ bufsize := 0;
+ i := 0;
+ ie := 0;
+ assume _v2.INT_GEQ(ie_.1, 0);
+ ielen := 0;
+ leader := 0;
+ assume _v2.INT_GEQ(leader_.1, 0);
+ leader_len := 0;
+ p := 0;
+ result.encode_ie$1 := 0;
+ result.memcpy$2 := 0;
+ $result.question.3.$$static$ := 0;
+ buf := buf_.1;
+ bufsize := bufsize_.1;
+ ie := ie_.1;
+ ielen := ielen_.1;
+ leader := leader_.1;
+ leader_len := leader_len_.1;
+ goto label_3#2;
+
+ label_3#2:
+ _v1.OK := _v1.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 9} true;
+ goto label_4#2;
+
+ label_4#2:
+ _v1.OK := _v1.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 10} true;
+ goto label_5#2;
+
+ label_5#2:
+ _v1.OK := _v1.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 13} true;
+ goto label_5_true#2, label_5_false#2;
+
+ label_5_false#2:
+ assume !_v2.INT_LT(bufsize, leader_len);
+ assume _v2.value_is(_v1.__ctobpl_const_1, bufsize);
+ assume _v2.value_is(_v1.__ctobpl_const_2, leader_len);
+ goto label_6#2;
+
+ label_6#2:
+ _v1.OK := _v1.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 15} true;
+ p := buf;
+ assume _v2.value_is(_v1.__ctobpl_const_3, p);
+ assume _v2.value_is(_v1.__ctobpl_const_4, buf);
+ goto label_8#2;
+
+ label_8#2:
+ _v1.OK := _v1.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 16} true;
+ call result.memcpy$2 := _v1.memcpy(p, leader, leader_len);
+ assume _v2.value_is(_v1.__ctobpl_const_5, p);
+ assume _v2.value_is(_v1.__ctobpl_const_6, leader);
+ assume _v2.value_is(_v1.__ctobpl_const_7, leader_len);
+ assume _v2.value_is(_v1.__ctobpl_const_8, p);
+ assume _v2.value_is(_v1.__ctobpl_const_9, leader);
+ assume _v2.value_is(_v1.__ctobpl_const_10, leader_len);
+ goto label_11#2;
+
+ label_11#2:
+ _v1.OK := _v1.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 17} true;
+ havoc tempBoogie0;
+ assume _v2.INT_MINUS_BOTH_PTR_OR_BOTH_INT(bufsize, leader_len, 1, tempBoogie0);
+ bufsize := tempBoogie0;
+ assume _v2.value_is(_v1.__ctobpl_const_11, bufsize);
+ assume _v2.value_is(_v1.__ctobpl_const_12, leader_len);
+ goto label_12#2;
+
+ label_12#2:
+ _v1.OK := _v1.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 18} true;
+ tempBoogie0 := _v2.INT_PLUS(p, 1, leader_len);
+ p := tempBoogie0;
+ assume _v2.value_is(_v1.__ctobpl_const_13, p);
+ assume _v2.value_is(_v1.__ctobpl_const_14, leader_len);
+ goto label_13#2;
+
+ label_13#2:
+ _v1.OK := _v1.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 20} true;
+ i := 0;
+ assume _v2.value_is(_v1.__ctobpl_const_15, i);
+ goto label_14#2;
+
+ label_14#2:
+ _v1.OK := _v1.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 20} true;
+ goto label_14_head#2;
+
+ label_14_head#2:
+ call i, p, tempBoogie0 := _v1.encode_ie_loop_label_14_head(bufsize, i, ielen, p, tempBoogie0);
+ goto label_14_head_last#2;
+
+ label_14_head_last#2:
+ goto label_14_true#2, label_14_false#2;
+
+ label_14_false#2:
+ assume !_v2.INT_LT(i, ielen);
+ assume _v2.value_is(_v1.__ctobpl_const_16, i);
+ assume _v2.value_is(_v1.__ctobpl_const_17, ielen);
+ goto label_15#2;
+
+ label_14_true#2:
+ assume _v2.INT_LT(i, ielen);
+ assume _v2.value_is(_v1.__ctobpl_const_16, i);
+ assume _v2.value_is(_v1.__ctobpl_const_17, ielen);
+ goto label_16#2;
+
+ label_16#2:
+ _v1.OK := _v1.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 20} true;
+ goto label_16_true#2, label_16_false#2;
+
+ label_16_false#2:
+ assume !_v2.INT_LT(2, bufsize);
+ assume _v2.value_is(_v1.__ctobpl_const_20, bufsize);
+ goto label_15#2;
+
+ label_15#2:
+ _v1.OK := _v1.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 38} true;
+ goto label_15_true#2, label_15_false#2;
+
+ label_15_false#2:
+ assume !_v2.INT_EQ(i, ielen);
+ assume _v2.value_is(_v1.__ctobpl_const_18, i);
+ assume _v2.value_is(_v1.__ctobpl_const_19, ielen);
+ goto label_21#2;
+
+ label_21#2:
+ _v1.OK := _v1.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 38} true;
+ $result.question.3.$$static$ := 0;
+ assume _v2.value_is(_v1.__ctobpl_const_27, $result.question.3.$$static$);
+ goto label_23#2;
+
+ label_15_true#2:
+ assume _v2.INT_EQ(i, ielen);
+ assume _v2.value_is(_v1.__ctobpl_const_18, i);
+ assume _v2.value_is(_v1.__ctobpl_const_19, ielen);
+ goto label_22#2;
+
+ label_22#2:
+ _v1.OK := _v1.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 38} true;
+ havoc $result.question.3.$$static$;
+ assume _v2.INT_MINUS_BOTH_PTR_OR_BOTH_INT(p, buf, 1, $result.question.3.$$static$);
+ assume _v2.value_is(_v1.__ctobpl_const_28, $result.question.3.$$static$);
+ assume _v2.value_is(_v1.__ctobpl_const_29, p);
+ assume _v2.value_is(_v1.__ctobpl_const_30, buf);
+ goto label_23#2;
+
+ label_23#2:
+ _v1.OK := _v1.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 38} true;
+ result.encode_ie$1 := $result.question.3.$$static$;
+ assume _v2.value_is(_v1.__ctobpl_const_31, $result.question.3.$$static$);
+ goto label_1#2;
+
+ label_16_true#2:
+ assume _v2.INT_LT(2, bufsize);
+ assume _v2.value_is(_v1.__ctobpl_const_20, bufsize);
+ goto label_17#2;
+
+ label_17#2:
+ _v1.OK := _v1.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 30} true;
+ assume _v2.INT_GEQ(p, 0);
+ _v1.OK := _v1.OK && _v2.Res_VALID_REGION(p) == 1;
+ assert true;
+ _v1.Mem_T.UCHAR := _v1.Mem_T.UCHAR[p := 120];
+ assume _v2.value_is(_v1.__ctobpl_const_21, p);
+ assume _v2.value_is(_v1.__ctobpl_const_22, _v1.Mem_T.UCHAR[p]);
+ goto label_18#2;
+
+ label_18#2:
+ _v1.OK := _v1.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 32} true;
+ assume _v2.INT_GEQ(_v2.INT_PLUS(p, 1, 1), 0);
+ _v1.OK := _v1.OK && _v2.Res_VALID_REGION(_v2.INT_PLUS(p, 1, 1)) == 1;
+ assert true;
+ _v1.Mem_T.UCHAR := _v1.Mem_T.UCHAR[_v2.INT_PLUS(p, 1, 1) := 120];
+ assume _v2.value_is(_v1.__ctobpl_const_23, p);
+ assume _v2.value_is(_v1.__ctobpl_const_24, _v1.Mem_T.UCHAR[_v2.INT_PLUS(p, 1, 1)]);
+ goto label_19#2;
+
+ label_19#2:
+ _v1.OK := _v1.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 33} true;
+ tempBoogie0 := _v2.INT_PLUS(p, 1, 2);
+ p := tempBoogie0;
+ assume _v2.value_is(_v1.__ctobpl_const_25, p);
+ goto label_20#2;
+
+ label_20#2:
+ _v1.OK := _v1.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 20} true;
+ assume _v2.value_is(_v1.__ctobpl_const_26, i);
+ i := _v2.INT_PLUS(i, 1, 1);
+ goto label_20_dummy#2;
+
+ label_20_dummy#2:
+ assume false;
+ return;
+
+ label_5_true#2:
+ assume _v2.INT_LT(bufsize, leader_len);
+ assume _v2.value_is(_v1.__ctobpl_const_1, bufsize);
+ assume _v2.value_is(_v1.__ctobpl_const_2, leader_len);
+ goto label_7#2;
+
+ label_7#2:
+ _v1.OK := _v1.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 14} true;
+ result.encode_ie$1 := 0;
+ goto label_1#2;
+
+ label_1#2:
+ _v1.OK := _v1.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 39} true;
+ return;
+}
+
+
+
+implementation _v1.giwscan_cb(se_.1: int) returns (result.giwscan_cb$1: int)
+{
+ var {:extern} havoc_stringTemp: int;
+ var {:extern} condVal: int;
+ var {:extern} buf: int;
+ var {:extern} $encode_ie.arg.4$3.$$static$: int;
+ var {:extern} result.encode_ie$2: int;
+ var {:extern} rsn_leader: int;
+ var {:extern} se: int;
+ var {:extern} tempBoogie0: int;
+ var {:extern} tempBoogie1: int;
+ var {:extern} tempBoogie2: int;
+ var {:extern} tempBoogie3: int;
+ var {:extern} tempBoogie4: int;
+ var {:extern} tempBoogie5: int;
+ var {:extern} tempBoogie6: int;
+ var {:extern} tempBoogie7: int;
+ var {:extern} tempBoogie8: int;
+ var {:extern} tempBoogie9: int;
+ var {:extern} tempBoogie10: int;
+ var {:extern} tempBoogie11: int;
+ var {:extern} tempBoogie12: int;
+ var {:extern} tempBoogie13: int;
+ var {:extern} tempBoogie14: int;
+ var {:extern} tempBoogie15: int;
+ var {:extern} tempBoogie16: int;
+ var {:extern} tempBoogie17: int;
+ var {:extern} tempBoogie18: int;
+ var {:extern} tempBoogie19: int;
+ var {:extern} __havoc_dummy_return: int;
+
+ anon0#2:
+ havoc_stringTemp := 0;
+ goto start#2;
+
+ start#2:
+ assume _v2.INT_LT(se_.1, _v1.alloc);
+ call buf := _v1.__HAVOC_det_malloc(6);
+ $encode_ie.arg.4$3.$$static$ := 0;
+ result.encode_ie$2 := 0;
+ result.giwscan_cb$1 := 0;
+ call rsn_leader := _v1.__HAVOC_det_malloc(1);
+ se := 0;
+ assume _v2.INT_GEQ(se_.1, 0);
+ se := se_.1;
+ goto label_3#2;
+
+ label_3#2:
+ _v1.OK := _v1.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 45} true;
+ goto label_4#2;
+
+ label_4#2:
+ _v1.OK := _v1.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 46} true;
+ goto label_5#2;
+
+ label_5#2:
+ _v1.OK := _v1.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 50} true;
+ assume _v2.INT_GEQ(se, 0);
+ _v1.OK := _v1.OK && _v2.Res_VALID_REGION(_v2.se_rsn_ie_ieee80211_scan_entry(se)) == 1;
+ assert true;
+ goto label_5_true#2, label_5_false#2;
+
+ label_5_false#2:
+ assume _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)]
+ == 0;
+ assume _v2.value_is(_v1.__ctobpl_const_32, se);
+ assume _v2.value_is(_v1.__ctobpl_const_33,
+ _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)]);
+ goto label_6#2;
+
+ label_5_true#2:
+ assume _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)]
+ != 0;
+ assume _v2.value_is(_v1.__ctobpl_const_32, se);
+ assume _v2.value_is(_v1.__ctobpl_const_33,
+ _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)]);
+ goto label_7#2;
+
+ label_7#2:
+ _v1.OK := _v1.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 51} true;
+ assume _v2.INT_GEQ(se, 0);
+ _v1.OK := _v1.OK && _v2.Res_VALID_REGION(_v2.se_rsn_ie_ieee80211_scan_entry(se)) == 1;
+ assert true;
+ assume _v2.INT_GEQ(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)],
+ 0);
+ _v1.OK := _v1.OK
+ && _v2.Res_VALID_REGION(_v2.INT_PLUS(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)],
+ 1,
+ 0))
+ == 1;
+ assert true;
+ goto label_7_true#2, label_7_false#2;
+
+ label_7_false#2:
+ assume !_v2.INT_EQ(_v1.Mem_T.UCHAR[_v2.INT_PLUS(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)],
+ 1,
+ 0)],
+ 200);
+ assume _v2.value_is(_v1.__ctobpl_const_34, se);
+ assume _v2.value_is(_v1.__ctobpl_const_35,
+ _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)]);
+ assume _v2.value_is(_v1.__ctobpl_const_36,
+ _v1.Mem_T.UCHAR[_v2.INT_PLUS(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)],
+ 1,
+ 0)]);
+ goto label_6#2;
+
+ label_7_true#2:
+ assume _v2.INT_EQ(_v1.Mem_T.UCHAR[_v2.INT_PLUS(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)],
+ 1,
+ 0)],
+ 200);
+ assume _v2.value_is(_v1.__ctobpl_const_34, se);
+ assume _v2.value_is(_v1.__ctobpl_const_35,
+ _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)]);
+ assume _v2.value_is(_v1.__ctobpl_const_36,
+ _v1.Mem_T.UCHAR[_v2.INT_PLUS(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)],
+ 1,
+ 0)]);
+ goto label_8#2;
+
+ label_8#2:
+ _v1.OK := _v1.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 53} true;
+ assume _v2.INT_GEQ(se, 0);
+ _v1.OK := _v1.OK && _v2.Res_VALID_REGION(_v2.se_rsn_ie_ieee80211_scan_entry(se)) == 1;
+ assert true;
+ assume _v2.INT_GEQ(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)],
+ 0);
+ _v1.OK := _v1.OK
+ && _v2.Res_VALID_REGION(_v2.INT_PLUS(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)],
+ 1,
+ 1))
+ == 1;
+ assert true;
+ $encode_ie.arg.4$3.$$static$ := _v2.INT_PLUS(_v1.Mem_T.UCHAR[_v2.INT_PLUS(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)],
+ 1,
+ 1)],
+ 1,
+ 2);
+ assume _v2.value_is(_v1.__ctobpl_const_37, $encode_ie.arg.4$3.$$static$);
+ assume _v2.value_is(_v1.__ctobpl_const_38, se);
+ assume _v2.value_is(_v1.__ctobpl_const_39,
+ _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)]);
+ assume _v2.value_is(_v1.__ctobpl_const_40,
+ _v1.Mem_T.UCHAR[_v2.INT_PLUS(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)],
+ 1,
+ 1)]);
+ goto label_9#2;
+
+ label_9#2:
+ _v1.OK := _v1.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 52} true;
+ assume _v2.INT_GEQ(se, 0);
+ _v1.OK := _v1.OK && _v2.Res_VALID_REGION(_v2.se_rsn_ie_ieee80211_scan_entry(se)) == 1;
+ assert true;
+ assume _v2.INT_GEQ(se, 0);
+ _v1.OK := _v1.OK && _v2.Res_VALID_REGION(_v2.se_rsn_ie_ieee80211_scan_entry(se)) == 1;
+ assert true;
+ call result.encode_ie$2 := _v1.encode_ie(buf, 6, _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)], $encode_ie.arg.4$3.$$static$, rsn_leader, 1);
+ assume _v2.value_is(_v1.__ctobpl_const_41, se);
+ assume _v2.value_is(_v1.__ctobpl_const_42,
+ _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)]);
+ assume _v2.value_is(_v1.__ctobpl_const_43, $encode_ie.arg.4$3.$$static$);
+ assume _v2.value_is(_v1.__ctobpl_const_44, se);
+ assume _v2.value_is(_v1.__ctobpl_const_45,
+ _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)]);
+ assume _v2.value_is(_v1.__ctobpl_const_46, $encode_ie.arg.4$3.$$static$);
+ goto label_6#2;
+
+ label_6#2:
+ _v1.OK := _v1.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 57} true;
+ result.giwscan_cb$1 := 0;
+ goto label_1#2;
+
+ label_1#2:
+ _v1.OK := _v1.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 58} true;
+ call _v1.__HAVOC_free(buf);
+ call _v1.__HAVOC_free(rsn_leader);
+ return;
+}
+
+
+
+implementation _v1.main() returns (result.main$1: int)
+{
+ var {:extern} havoc_stringTemp: int;
+ var {:extern} condVal: int;
+ var {:extern} ie: int;
+ var {:extern} result.giwscan_cb$2: int;
+ var {:extern} se: int;
+ var {:extern} tempBoogie0: int;
+ var {:extern} tempBoogie1: int;
+ var {:extern} tempBoogie2: int;
+ var {:extern} tempBoogie3: int;
+ var {:extern} tempBoogie4: int;
+ var {:extern} tempBoogie5: int;
+ var {:extern} tempBoogie6: int;
+ var {:extern} tempBoogie7: int;
+ var {:extern} tempBoogie8: int;
+ var {:extern} tempBoogie9: int;
+ var {:extern} tempBoogie10: int;
+ var {:extern} tempBoogie11: int;
+ var {:extern} tempBoogie12: int;
+ var {:extern} tempBoogie13: int;
+ var {:extern} tempBoogie14: int;
+ var {:extern} tempBoogie15: int;
+ var {:extern} tempBoogie16: int;
+ var {:extern} tempBoogie17: int;
+ var {:extern} tempBoogie18: int;
+ var {:extern} tempBoogie19: int;
+ var {:extern} __havoc_dummy_return: int;
+
+ anon0#2:
+ havoc_stringTemp := 0;
+ goto start#2;
+
+ start#2:
+ call ie := _v1.__HAVOC_det_malloc(5);
+ result.giwscan_cb$2 := 0;
+ result.main$1 := 0;
+ call se := _v1.__HAVOC_det_malloc(4);
+ goto label_3#2;
+
+ label_3#2:
+ _v1.OK := _v1.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 62} true;
+ goto label_4#2;
+
+ label_4#2:
+ _v1.OK := _v1.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 63} true;
+ goto label_5#2;
+
+ label_5#2:
+ _v1.OK := _v1.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 64} true;
+ _v1.OK := _v1.OK && _v2.Res_VALID_REGION(_v2.se_rsn_ie_ieee80211_scan_entry(se)) == 1;
+ assert true;
+ _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry := _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se) := ie];
+ assume _v2.value_is(_v1.__ctobpl_const_47,
+ _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)]);
+ goto label_6#2;
+
+ label_6#2:
+ _v1.OK := _v1.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 65} true;
+ _v1.OK := _v1.OK && _v2.Res_VALID_REGION(_v2.se_rsn_ie_ieee80211_scan_entry(se)) == 1;
+ assert true;
+ assume _v2.INT_GEQ(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)],
+ 0);
+ _v1.OK := _v1.OK
+ && _v2.Res_VALID_REGION(_v2.INT_PLUS(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)],
+ 1,
+ 0))
+ == 1;
+ assert true;
+ _v1.Mem_T.UCHAR := _v1.Mem_T.UCHAR[_v2.INT_PLUS(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)],
+ 1,
+ 0) := 200];
+ assume _v2.value_is(_v1.__ctobpl_const_48,
+ _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)]);
+ assume _v2.value_is(_v1.__ctobpl_const_49,
+ _v1.Mem_T.UCHAR[_v2.INT_PLUS(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)],
+ 1,
+ 0)]);
+ goto label_7#2;
+
+ label_7#2:
+ _v1.OK := _v1.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 66} true;
+ _v1.OK := _v1.OK && _v2.Res_VALID_REGION(_v2.se_rsn_ie_ieee80211_scan_entry(se)) == 1;
+ assert true;
+ assume _v2.INT_GEQ(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)],
+ 0);
+ _v1.OK := _v1.OK
+ && _v2.Res_VALID_REGION(_v2.INT_PLUS(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)],
+ 1,
+ 1))
+ == 1;
+ assert true;
+ _v1.Mem_T.UCHAR := _v1.Mem_T.UCHAR[_v2.INT_PLUS(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)],
+ 1,
+ 1) := 3];
+ assume _v2.value_is(_v1.__ctobpl_const_50,
+ _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)]);
+ assume _v2.value_is(_v1.__ctobpl_const_51,
+ _v1.Mem_T.UCHAR[_v2.INT_PLUS(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(se)],
+ 1,
+ 1)]);
+ goto label_8#2;
+
+ label_8#2:
+ _v1.OK := _v1.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 68} true;
+ assume _v2.INT_GT(se, 0);
+ assume _v2.INT_GT(se, 0);
+ call result.giwscan_cb$2 := _v1.giwscan_cb(se);
+ goto label_11#2;
+
+ label_11#2:
+ _v1.OK := _v1.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 70} true;
+ result.main$1 := 0;
+ goto label_1#2;
+
+ label_1#2:
+ _v1.OK := _v1.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 71} true;
+ call _v1.__HAVOC_free(ie);
+ call _v1.__HAVOC_free(se);
+ return;
+}
+
+
+
+implementation _v1.encode_ie_loop_label_14_head(in_bufsize: int, in_i: int, in_ielen: int, in_p: int, in_tempBoogie0: int)
+ returns (out_i: int, out_p: int, out_tempBoogie0: int)
+{
+
+ entry#2:
+ out_i, out_p, out_tempBoogie0 := in_i, in_p, in_tempBoogie0;
+ goto label_14_head#2;
+
+ label_14_head#2:
+ goto label_14_true#2, label_14_false#2;
+
+ label_14_false#2:
+ assume !_v2.INT_LT(out_i, in_ielen);
+ assume _v2.value_is(_v1.__ctobpl_const_16, out_i);
+ assume _v2.value_is(_v1.__ctobpl_const_17, in_ielen);
+ out_i, out_p, out_tempBoogie0 := in_i, in_p, in_tempBoogie0;
+ _v1.Mem_T.UCHAR := old(_v1.Mem_T.UCHAR);
+ return;
+
+ label_14_true#2:
+ assume _v2.INT_LT(out_i, in_ielen);
+ assume _v2.value_is(_v1.__ctobpl_const_16, out_i);
+ assume _v2.value_is(_v1.__ctobpl_const_17, in_ielen);
+ goto label_16#2;
+
+ label_16#2:
+ _v1.OK := _v1.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 20} true;
+ goto label_16_true#2, label_16_false#2;
+
+ label_16_false#2:
+ assume !_v2.INT_LT(2, in_bufsize);
+ assume _v2.value_is(_v1.__ctobpl_const_20, in_bufsize);
+ out_i, out_p, out_tempBoogie0 := in_i, in_p, in_tempBoogie0;
+ _v1.Mem_T.UCHAR := old(_v1.Mem_T.UCHAR);
+ return;
+
+ label_16_true#2:
+ assume _v2.INT_LT(2, in_bufsize);
+ assume _v2.value_is(_v1.__ctobpl_const_20, in_bufsize);
+ goto label_17#2;
+
+ label_17#2:
+ _v1.OK := _v1.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 30} true;
+ assume _v2.INT_GEQ(out_p, 0);
+ _v1.OK := _v1.OK && _v2.Res_VALID_REGION(out_p) == 1;
+ assert true;
+ _v1.Mem_T.UCHAR := _v1.Mem_T.UCHAR[out_p := 120];
+ assume _v2.value_is(_v1.__ctobpl_const_21, out_p);
+ assume _v2.value_is(_v1.__ctobpl_const_22, _v1.Mem_T.UCHAR[out_p]);
+ goto label_18#2;
+
+ label_18#2:
+ _v1.OK := _v1.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 32} true;
+ assume _v2.INT_GEQ(_v2.INT_PLUS(out_p, 1, 1), 0);
+ _v1.OK := _v1.OK && _v2.Res_VALID_REGION(_v2.INT_PLUS(out_p, 1, 1)) == 1;
+ assert true;
+ _v1.Mem_T.UCHAR := _v1.Mem_T.UCHAR[_v2.INT_PLUS(out_p, 1, 1) := 120];
+ assume _v2.value_is(_v1.__ctobpl_const_23, out_p);
+ assume _v2.value_is(_v1.__ctobpl_const_24, _v1.Mem_T.UCHAR[_v2.INT_PLUS(out_p, 1, 1)]);
+ goto label_19#2;
+
+ label_19#2:
+ _v1.OK := _v1.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 33} true;
+ out_tempBoogie0 := _v2.INT_PLUS(out_p, 1, 2);
+ out_p := out_tempBoogie0;
+ assume _v2.value_is(_v1.__ctobpl_const_25, out_p);
+ goto label_20#2;
+
+ label_20#2:
+ _v1.OK := _v1.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 20} true;
+ assume _v2.value_is(_v1.__ctobpl_const_26, out_i);
+ out_i := _v2.INT_PLUS(out_i, 1, 1);
+ goto label_20_dummy#2;
+
+ label_20_dummy#2:
+ call out_i, out_p, out_tempBoogie0 := _v1.encode_ie_loop_label_14_head(in_bufsize, out_i, in_ielen, out_p, out_tempBoogie0);
+ return;
+}
+
+
+
+type {:extern} name;
+
+type {:extern} byte;
+
+function {:inline true} MS$_v1.havoc_assert$_v2.havoc_assert(_v1.i: int,
+ _v1.OK_old: bool,
+ _v1.Mem_old: [name][int]int,
+ _v1.alloc_old: int,
+ _v1.Mem_T.A1CHAR_old: [int]int,
+ _v1.Mem_T.A5UCHAR_old: [int]int,
+ _v1.Mem_T.A6UCHAR_old: [int]int,
+ _v1.Mem_T.CHAR_old: [int]int,
+ _v1.Mem_T.INT4_old: [int]int,
+ _v1.Mem_T.PCHAR_old: [int]int,
+ _v1.Mem_T.PUCHAR_old: [int]int,
+ _v1.Mem_T.PVOID_old: [int]int,
+ _v1.Mem_T.Pieee80211_scan_entry_old: [int]int,
+ _v1.Mem_T.UCHAR_old: [int]int,
+ _v1.Mem_T.VOID_old: [int]int,
+ _v1.Mem_T.ieee80211_scan_entry_old: [int]int,
+ _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry_old: [int]int,
+ _v1.detChoiceCnt_old: int,
+ _v1.Res_KERNEL_SOURCE_old: [int]int,
+ _v1.Res_PROBED_old: [int]int,
+ _v2.i: int,
+ _v2.OK_old: bool,
+ _v2.Mem_old: [name][int]int,
+ _v2.alloc_old: int,
+ _v2.Mem_T.A1CHAR_old: [int]int,
+ _v2.Mem_T.A5UCHAR_old: [int]int,
+ _v2.Mem_T.A6UCHAR_old: [int]int,
+ _v2.Mem_T.CHAR_old: [int]int,
+ _v2.Mem_T.INT4_old: [int]int,
+ _v2.Mem_T.PCHAR_old: [int]int,
+ _v2.Mem_T.PUCHAR_old: [int]int,
+ _v2.Mem_T.PVOID_old: [int]int,
+ _v2.Mem_T.Pieee80211_scan_entry_old: [int]int,
+ _v2.Mem_T.UCHAR_old: [int]int,
+ _v2.Mem_T.VOID_old: [int]int,
+ _v2.Mem_T.ieee80211_scan_entry_old: [int]int,
+ _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry_old: [int]int,
+ _v2.detChoiceCnt_old: int,
+ _v2.Res_KERNEL_SOURCE_old: [int]int,
+ _v2.Res_PROBED_old: [int]int)
+ : bool
+{
+ true
+}
+
+procedure MS_Check__v1.havoc_assert___v2.havoc_assert(_v1.i: int, _v2.i: int);
+ requires _v1.i == _v2.i
+ &&
+ (_v1.OK <==> _v2.OK)
+ && _v1.Mem == _v2.Mem
+ && _v1.alloc == _v2.alloc
+ && _v1.Mem_T.A1CHAR == _v2.Mem_T.A1CHAR
+ && _v1.Mem_T.A5UCHAR == _v2.Mem_T.A5UCHAR
+ && _v1.Mem_T.A6UCHAR == _v2.Mem_T.A6UCHAR
+ && _v1.Mem_T.CHAR == _v2.Mem_T.CHAR
+ && _v1.Mem_T.INT4 == _v2.Mem_T.INT4
+ && _v1.Mem_T.PCHAR == _v2.Mem_T.PCHAR
+ && _v1.Mem_T.PUCHAR == _v2.Mem_T.PUCHAR
+ && _v1.Mem_T.PVOID == _v2.Mem_T.PVOID
+ && _v1.Mem_T.Pieee80211_scan_entry == _v2.Mem_T.Pieee80211_scan_entry
+ && _v1.Mem_T.UCHAR == _v2.Mem_T.UCHAR
+ && _v1.Mem_T.VOID == _v2.Mem_T.VOID
+ && _v1.Mem_T.ieee80211_scan_entry == _v2.Mem_T.ieee80211_scan_entry
+ && _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry
+ == _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry
+ && _v1.detChoiceCnt == _v2.detChoiceCnt
+ && _v1.Res_KERNEL_SOURCE == _v2.Res_KERNEL_SOURCE
+ && _v1.Res_PROBED == _v2.Res_PROBED;
+ ensures MS$_v1.havoc_assert$_v2.havoc_assert(_v1.i,
+ old(_v1.OK),
+ old(_v1.Mem),
+ old(_v1.alloc),
+ old(_v1.Mem_T.A1CHAR),
+ old(_v1.Mem_T.A5UCHAR),
+ old(_v1.Mem_T.A6UCHAR),
+ old(_v1.Mem_T.CHAR),
+ old(_v1.Mem_T.INT4),
+ old(_v1.Mem_T.PCHAR),
+ old(_v1.Mem_T.PUCHAR),
+ old(_v1.Mem_T.PVOID),
+ old(_v1.Mem_T.Pieee80211_scan_entry),
+ old(_v1.Mem_T.UCHAR),
+ old(_v1.Mem_T.VOID),
+ old(_v1.Mem_T.ieee80211_scan_entry),
+ old(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry),
+ old(_v1.detChoiceCnt),
+ old(_v1.Res_KERNEL_SOURCE),
+ old(_v1.Res_PROBED),
+ _v2.i,
+ old(_v2.OK),
+ old(_v2.Mem),
+ old(_v2.alloc),
+ old(_v2.Mem_T.A1CHAR),
+ old(_v2.Mem_T.A5UCHAR),
+ old(_v2.Mem_T.A6UCHAR),
+ old(_v2.Mem_T.CHAR),
+ old(_v2.Mem_T.INT4),
+ old(_v2.Mem_T.PCHAR),
+ old(_v2.Mem_T.PUCHAR),
+ old(_v2.Mem_T.PVOID),
+ old(_v2.Mem_T.Pieee80211_scan_entry),
+ old(_v2.Mem_T.UCHAR),
+ old(_v2.Mem_T.VOID),
+ old(_v2.Mem_T.ieee80211_scan_entry),
+ old(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry),
+ old(_v2.detChoiceCnt),
+ old(_v2.Res_KERNEL_SOURCE),
+ old(_v2.Res_PROBED));
+ ensures _v1.OK ==> _v2.OK;
+
+
+
+function {:inline true} MS$_v1.havoc_assume$_v2.havoc_assume(_v1.i: int,
+ _v1.OK_old: bool,
+ _v1.Mem_old: [name][int]int,
+ _v1.alloc_old: int,
+ _v1.Mem_T.A1CHAR_old: [int]int,
+ _v1.Mem_T.A5UCHAR_old: [int]int,
+ _v1.Mem_T.A6UCHAR_old: [int]int,
+ _v1.Mem_T.CHAR_old: [int]int,
+ _v1.Mem_T.INT4_old: [int]int,
+ _v1.Mem_T.PCHAR_old: [int]int,
+ _v1.Mem_T.PUCHAR_old: [int]int,
+ _v1.Mem_T.PVOID_old: [int]int,
+ _v1.Mem_T.Pieee80211_scan_entry_old: [int]int,
+ _v1.Mem_T.UCHAR_old: [int]int,
+ _v1.Mem_T.VOID_old: [int]int,
+ _v1.Mem_T.ieee80211_scan_entry_old: [int]int,
+ _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry_old: [int]int,
+ _v1.detChoiceCnt_old: int,
+ _v1.Res_KERNEL_SOURCE_old: [int]int,
+ _v1.Res_PROBED_old: [int]int,
+ _v2.i: int,
+ _v2.OK_old: bool,
+ _v2.Mem_old: [name][int]int,
+ _v2.alloc_old: int,
+ _v2.Mem_T.A1CHAR_old: [int]int,
+ _v2.Mem_T.A5UCHAR_old: [int]int,
+ _v2.Mem_T.A6UCHAR_old: [int]int,
+ _v2.Mem_T.CHAR_old: [int]int,
+ _v2.Mem_T.INT4_old: [int]int,
+ _v2.Mem_T.PCHAR_old: [int]int,
+ _v2.Mem_T.PUCHAR_old: [int]int,
+ _v2.Mem_T.PVOID_old: [int]int,
+ _v2.Mem_T.Pieee80211_scan_entry_old: [int]int,
+ _v2.Mem_T.UCHAR_old: [int]int,
+ _v2.Mem_T.VOID_old: [int]int,
+ _v2.Mem_T.ieee80211_scan_entry_old: [int]int,
+ _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry_old: [int]int,
+ _v2.detChoiceCnt_old: int,
+ _v2.Res_KERNEL_SOURCE_old: [int]int,
+ _v2.Res_PROBED_old: [int]int)
+ : bool
+{
+ true
+}
+
+procedure MS_Check__v1.havoc_assume___v2.havoc_assume(_v1.i: int, _v2.i: int);
+ requires _v1.i == _v2.i
+ &&
+ (_v1.OK <==> _v2.OK)
+ && _v1.Mem == _v2.Mem
+ && _v1.alloc == _v2.alloc
+ && _v1.Mem_T.A1CHAR == _v2.Mem_T.A1CHAR
+ && _v1.Mem_T.A5UCHAR == _v2.Mem_T.A5UCHAR
+ && _v1.Mem_T.A6UCHAR == _v2.Mem_T.A6UCHAR
+ && _v1.Mem_T.CHAR == _v2.Mem_T.CHAR
+ && _v1.Mem_T.INT4 == _v2.Mem_T.INT4
+ && _v1.Mem_T.PCHAR == _v2.Mem_T.PCHAR
+ && _v1.Mem_T.PUCHAR == _v2.Mem_T.PUCHAR
+ && _v1.Mem_T.PVOID == _v2.Mem_T.PVOID
+ && _v1.Mem_T.Pieee80211_scan_entry == _v2.Mem_T.Pieee80211_scan_entry
+ && _v1.Mem_T.UCHAR == _v2.Mem_T.UCHAR
+ && _v1.Mem_T.VOID == _v2.Mem_T.VOID
+ && _v1.Mem_T.ieee80211_scan_entry == _v2.Mem_T.ieee80211_scan_entry
+ && _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry
+ == _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry
+ && _v1.detChoiceCnt == _v2.detChoiceCnt
+ && _v1.Res_KERNEL_SOURCE == _v2.Res_KERNEL_SOURCE
+ && _v1.Res_PROBED == _v2.Res_PROBED;
+ ensures MS$_v1.havoc_assume$_v2.havoc_assume(_v1.i,
+ old(_v1.OK),
+ old(_v1.Mem),
+ old(_v1.alloc),
+ old(_v1.Mem_T.A1CHAR),
+ old(_v1.Mem_T.A5UCHAR),
+ old(_v1.Mem_T.A6UCHAR),
+ old(_v1.Mem_T.CHAR),
+ old(_v1.Mem_T.INT4),
+ old(_v1.Mem_T.PCHAR),
+ old(_v1.Mem_T.PUCHAR),
+ old(_v1.Mem_T.PVOID),
+ old(_v1.Mem_T.Pieee80211_scan_entry),
+ old(_v1.Mem_T.UCHAR),
+ old(_v1.Mem_T.VOID),
+ old(_v1.Mem_T.ieee80211_scan_entry),
+ old(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry),
+ old(_v1.detChoiceCnt),
+ old(_v1.Res_KERNEL_SOURCE),
+ old(_v1.Res_PROBED),
+ _v2.i,
+ old(_v2.OK),
+ old(_v2.Mem),
+ old(_v2.alloc),
+ old(_v2.Mem_T.A1CHAR),
+ old(_v2.Mem_T.A5UCHAR),
+ old(_v2.Mem_T.A6UCHAR),
+ old(_v2.Mem_T.CHAR),
+ old(_v2.Mem_T.INT4),
+ old(_v2.Mem_T.PCHAR),
+ old(_v2.Mem_T.PUCHAR),
+ old(_v2.Mem_T.PVOID),
+ old(_v2.Mem_T.Pieee80211_scan_entry),
+ old(_v2.Mem_T.UCHAR),
+ old(_v2.Mem_T.VOID),
+ old(_v2.Mem_T.ieee80211_scan_entry),
+ old(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry),
+ old(_v2.detChoiceCnt),
+ old(_v2.Res_KERNEL_SOURCE),
+ old(_v2.Res_PROBED));
+ ensures _v1.OK ==> _v2.OK;
+
+
+
+function {:inline true} MS$_v1.__HAVOC_free$_v2.__HAVOC_free(_v1.a: int,
+ _v1.OK_old: bool,
+ _v1.Mem_old: [name][int]int,
+ _v1.alloc_old: int,
+ _v1.Mem_T.A1CHAR_old: [int]int,
+ _v1.Mem_T.A5UCHAR_old: [int]int,
+ _v1.Mem_T.A6UCHAR_old: [int]int,
+ _v1.Mem_T.CHAR_old: [int]int,
+ _v1.Mem_T.INT4_old: [int]int,
+ _v1.Mem_T.PCHAR_old: [int]int,
+ _v1.Mem_T.PUCHAR_old: [int]int,
+ _v1.Mem_T.PVOID_old: [int]int,
+ _v1.Mem_T.Pieee80211_scan_entry_old: [int]int,
+ _v1.Mem_T.UCHAR_old: [int]int,
+ _v1.Mem_T.VOID_old: [int]int,
+ _v1.Mem_T.ieee80211_scan_entry_old: [int]int,
+ _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry_old: [int]int,
+ _v1.detChoiceCnt_old: int,
+ _v1.Res_KERNEL_SOURCE_old: [int]int,
+ _v1.Res_PROBED_old: [int]int,
+ _v2.a: int,
+ _v2.OK_old: bool,
+ _v2.Mem_old: [name][int]int,
+ _v2.alloc_old: int,
+ _v2.Mem_T.A1CHAR_old: [int]int,
+ _v2.Mem_T.A5UCHAR_old: [int]int,
+ _v2.Mem_T.A6UCHAR_old: [int]int,
+ _v2.Mem_T.CHAR_old: [int]int,
+ _v2.Mem_T.INT4_old: [int]int,
+ _v2.Mem_T.PCHAR_old: [int]int,
+ _v2.Mem_T.PUCHAR_old: [int]int,
+ _v2.Mem_T.PVOID_old: [int]int,
+ _v2.Mem_T.Pieee80211_scan_entry_old: [int]int,
+ _v2.Mem_T.UCHAR_old: [int]int,
+ _v2.Mem_T.VOID_old: [int]int,
+ _v2.Mem_T.ieee80211_scan_entry_old: [int]int,
+ _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry_old: [int]int,
+ _v2.detChoiceCnt_old: int,
+ _v2.Res_KERNEL_SOURCE_old: [int]int,
+ _v2.Res_PROBED_old: [int]int)
+ : bool
+{
+ true
+}
+
+const {:existential true} _houdini_0: bool;
+
+const {:existential true} _houdini_1: bool;
+
+const {:existential true} _houdini_2: bool;
+
+const {:existential true} _houdini_3: bool;
+
+const {:existential true} _houdini_4: bool;
+
+const {:existential true} _houdini_5: bool;
+
+const {:existential true} _houdini_6: bool;
+
+const {:existential true} _houdini_7: bool;
+
+const {:existential true} _houdini_8: bool;
+
+const {:existential true} _houdini_9: bool;
+
+const {:existential true} _houdini_10: bool;
+
+const {:existential true} _houdini_11: bool;
+
+const {:existential true} _houdini_12: bool;
+
+const {:existential true} _houdini_13: bool;
+
+const {:existential true} _houdini_14: bool;
+
+const {:existential true} _houdini_15: bool;
+
+const {:existential true} _houdini_16: bool;
+
+const {:existential true} _houdini_17: bool;
+
+const {:existential true} _houdini_18: bool;
+
+const {:existential true} _houdini_19: bool;
+
+const {:existential true} _houdini_20: bool;
+
+const {:existential true} _houdini_21: bool;
+
+const {:existential true} _houdini_22: bool;
+
+const {:existential true} _houdini_23: bool;
+
+procedure MS_Check__v1.__HAVOC_free___v2.__HAVOC_free(_v1.a: int, _v2.a: int);
+ requires _houdini_0 ==> _v1.a <= _v2.a;
+ requires _houdini_1 ==> _v2.a <= _v1.a;
+ requires _houdini_2 ==> _v1.OK ==> _v2.OK;
+ requires _houdini_3 ==> _v2.OK ==> _v1.OK;
+ requires _houdini_4 ==> _v1.Mem == _v2.Mem;
+ requires _houdini_5 ==> _v1.alloc <= _v2.alloc;
+ requires _houdini_6 ==> _v2.alloc <= _v1.alloc;
+ requires _houdini_7 ==> _v1.Mem_T.A1CHAR == _v2.Mem_T.A1CHAR;
+ requires _houdini_8 ==> _v1.Mem_T.A5UCHAR == _v2.Mem_T.A5UCHAR;
+ requires _houdini_9 ==> _v1.Mem_T.A6UCHAR == _v2.Mem_T.A6UCHAR;
+ requires _houdini_10 ==> _v1.Mem_T.CHAR == _v2.Mem_T.CHAR;
+ requires _houdini_11 ==> _v1.Mem_T.INT4 == _v2.Mem_T.INT4;
+ requires _houdini_12 ==> _v1.Mem_T.PCHAR == _v2.Mem_T.PCHAR;
+ requires _houdini_13 ==> _v1.Mem_T.PUCHAR == _v2.Mem_T.PUCHAR;
+ requires _houdini_14 ==> _v1.Mem_T.PVOID == _v2.Mem_T.PVOID;
+ requires _houdini_15
+ ==> _v1.Mem_T.Pieee80211_scan_entry == _v2.Mem_T.Pieee80211_scan_entry;
+ requires _houdini_16 ==> _v1.Mem_T.UCHAR == _v2.Mem_T.UCHAR;
+ requires _houdini_17 ==> _v1.Mem_T.VOID == _v2.Mem_T.VOID;
+ requires _houdini_18 ==> _v1.Mem_T.ieee80211_scan_entry == _v2.Mem_T.ieee80211_scan_entry;
+ requires _houdini_19
+ ==> _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry
+ == _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry;
+ requires _houdini_20 ==> _v1.detChoiceCnt <= _v2.detChoiceCnt;
+ requires _houdini_21 ==> _v2.detChoiceCnt <= _v1.detChoiceCnt;
+ requires _houdini_22 ==> _v1.Res_KERNEL_SOURCE == _v2.Res_KERNEL_SOURCE;
+ requires _houdini_23 ==> _v1.Res_PROBED == _v2.Res_PROBED;
+ ensures MS$_v1.__HAVOC_free$_v2.__HAVOC_free(_v1.a,
+ old(_v1.OK),
+ old(_v1.Mem),
+ old(_v1.alloc),
+ old(_v1.Mem_T.A1CHAR),
+ old(_v1.Mem_T.A5UCHAR),
+ old(_v1.Mem_T.A6UCHAR),
+ old(_v1.Mem_T.CHAR),
+ old(_v1.Mem_T.INT4),
+ old(_v1.Mem_T.PCHAR),
+ old(_v1.Mem_T.PUCHAR),
+ old(_v1.Mem_T.PVOID),
+ old(_v1.Mem_T.Pieee80211_scan_entry),
+ old(_v1.Mem_T.UCHAR),
+ old(_v1.Mem_T.VOID),
+ old(_v1.Mem_T.ieee80211_scan_entry),
+ old(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry),
+ old(_v1.detChoiceCnt),
+ old(_v1.Res_KERNEL_SOURCE),
+ old(_v1.Res_PROBED),
+ _v2.a,
+ old(_v2.OK),
+ old(_v2.Mem),
+ old(_v2.alloc),
+ old(_v2.Mem_T.A1CHAR),
+ old(_v2.Mem_T.A5UCHAR),
+ old(_v2.Mem_T.A6UCHAR),
+ old(_v2.Mem_T.CHAR),
+ old(_v2.Mem_T.INT4),
+ old(_v2.Mem_T.PCHAR),
+ old(_v2.Mem_T.PUCHAR),
+ old(_v2.Mem_T.PVOID),
+ old(_v2.Mem_T.Pieee80211_scan_entry),
+ old(_v2.Mem_T.UCHAR),
+ old(_v2.Mem_T.VOID),
+ old(_v2.Mem_T.ieee80211_scan_entry),
+ old(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry),
+ old(_v2.detChoiceCnt),
+ old(_v2.Res_KERNEL_SOURCE),
+ old(_v2.Res_PROBED));
+ ensures old(_v1.a == _v2.a) ==> true;
+
+
+
+function {:inline true} MS$_v1.__HAVOC_malloc$_v2.__HAVOC_malloc(_v1.obj_size: int,
+ _v1.OK_old: bool,
+ _v1.Mem_old: [name][int]int,
+ _v1.alloc_old: int,
+ _v1.Mem_T.A1CHAR_old: [int]int,
+ _v1.Mem_T.A5UCHAR_old: [int]int,
+ _v1.Mem_T.A6UCHAR_old: [int]int,
+ _v1.Mem_T.CHAR_old: [int]int,
+ _v1.Mem_T.INT4_old: [int]int,
+ _v1.Mem_T.PCHAR_old: [int]int,
+ _v1.Mem_T.PUCHAR_old: [int]int,
+ _v1.Mem_T.PVOID_old: [int]int,
+ _v1.Mem_T.Pieee80211_scan_entry_old: [int]int,
+ _v1.Mem_T.UCHAR_old: [int]int,
+ _v1.Mem_T.VOID_old: [int]int,
+ _v1.Mem_T.ieee80211_scan_entry_old: [int]int,
+ _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry_old: [int]int,
+ _v1.detChoiceCnt_old: int,
+ _v1.Res_KERNEL_SOURCE_old: [int]int,
+ _v1.Res_PROBED_old: [int]int,
+ _v1.alloc_: int,
+ _v1.new: int,
+ _v2.obj_size: int,
+ _v2.OK_old: bool,
+ _v2.Mem_old: [name][int]int,
+ _v2.alloc_old: int,
+ _v2.Mem_T.A1CHAR_old: [int]int,
+ _v2.Mem_T.A5UCHAR_old: [int]int,
+ _v2.Mem_T.A6UCHAR_old: [int]int,
+ _v2.Mem_T.CHAR_old: [int]int,
+ _v2.Mem_T.INT4_old: [int]int,
+ _v2.Mem_T.PCHAR_old: [int]int,
+ _v2.Mem_T.PUCHAR_old: [int]int,
+ _v2.Mem_T.PVOID_old: [int]int,
+ _v2.Mem_T.Pieee80211_scan_entry_old: [int]int,
+ _v2.Mem_T.UCHAR_old: [int]int,
+ _v2.Mem_T.VOID_old: [int]int,
+ _v2.Mem_T.ieee80211_scan_entry_old: [int]int,
+ _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry_old: [int]int,
+ _v2.detChoiceCnt_old: int,
+ _v2.Res_KERNEL_SOURCE_old: [int]int,
+ _v2.Res_PROBED_old: [int]int,
+ _v2.alloc_: int,
+ _v2.new: int)
+ : bool
+{
+ true
+}
+
+procedure MS_Check__v1.__HAVOC_malloc___v2.__HAVOC_malloc(_v1.obj_size: int, _v2.obj_size: int) returns (_v1.new: int, _v2.new: int);
+ requires _v1.obj_size == _v2.obj_size
+ &&
+ (_v1.OK <==> _v2.OK)
+ && _v1.Mem == _v2.Mem
+ && _v1.alloc == _v2.alloc
+ && _v1.Mem_T.A1CHAR == _v2.Mem_T.A1CHAR
+ && _v1.Mem_T.A5UCHAR == _v2.Mem_T.A5UCHAR
+ && _v1.Mem_T.A6UCHAR == _v2.Mem_T.A6UCHAR
+ && _v1.Mem_T.CHAR == _v2.Mem_T.CHAR
+ && _v1.Mem_T.INT4 == _v2.Mem_T.INT4
+ && _v1.Mem_T.PCHAR == _v2.Mem_T.PCHAR
+ && _v1.Mem_T.PUCHAR == _v2.Mem_T.PUCHAR
+ && _v1.Mem_T.PVOID == _v2.Mem_T.PVOID
+ && _v1.Mem_T.Pieee80211_scan_entry == _v2.Mem_T.Pieee80211_scan_entry
+ && _v1.Mem_T.UCHAR == _v2.Mem_T.UCHAR
+ && _v1.Mem_T.VOID == _v2.Mem_T.VOID
+ && _v1.Mem_T.ieee80211_scan_entry == _v2.Mem_T.ieee80211_scan_entry
+ && _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry
+ == _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry
+ && _v1.detChoiceCnt == _v2.detChoiceCnt
+ && _v1.Res_KERNEL_SOURCE == _v2.Res_KERNEL_SOURCE
+ && _v1.Res_PROBED == _v2.Res_PROBED;
+ modifies _v1.alloc, _v2.alloc;
+ ensures MS$_v1.__HAVOC_malloc$_v2.__HAVOC_malloc(_v1.obj_size,
+ old(_v1.OK),
+ old(_v1.Mem),
+ old(_v1.alloc),
+ old(_v1.Mem_T.A1CHAR),
+ old(_v1.Mem_T.A5UCHAR),
+ old(_v1.Mem_T.A6UCHAR),
+ old(_v1.Mem_T.CHAR),
+ old(_v1.Mem_T.INT4),
+ old(_v1.Mem_T.PCHAR),
+ old(_v1.Mem_T.PUCHAR),
+ old(_v1.Mem_T.PVOID),
+ old(_v1.Mem_T.Pieee80211_scan_entry),
+ old(_v1.Mem_T.UCHAR),
+ old(_v1.Mem_T.VOID),
+ old(_v1.Mem_T.ieee80211_scan_entry),
+ old(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry),
+ old(_v1.detChoiceCnt),
+ old(_v1.Res_KERNEL_SOURCE),
+ old(_v1.Res_PROBED),
+ _v1.alloc,
+ _v1.new,
+ _v2.obj_size,
+ old(_v2.OK),
+ old(_v2.Mem),
+ old(_v2.alloc),
+ old(_v2.Mem_T.A1CHAR),
+ old(_v2.Mem_T.A5UCHAR),
+ old(_v2.Mem_T.A6UCHAR),
+ old(_v2.Mem_T.CHAR),
+ old(_v2.Mem_T.INT4),
+ old(_v2.Mem_T.PCHAR),
+ old(_v2.Mem_T.PUCHAR),
+ old(_v2.Mem_T.PVOID),
+ old(_v2.Mem_T.Pieee80211_scan_entry),
+ old(_v2.Mem_T.UCHAR),
+ old(_v2.Mem_T.VOID),
+ old(_v2.Mem_T.ieee80211_scan_entry),
+ old(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry),
+ old(_v2.detChoiceCnt),
+ old(_v2.Res_KERNEL_SOURCE),
+ old(_v2.Res_PROBED),
+ _v2.alloc,
+ _v2.new);
+ ensures _v1.OK ==> _v2.OK;
+
+
+
+function {:inline true} MS$_v1.__HAVOC_det_malloc$_v2.__HAVOC_det_malloc(_v1.obj_size: int,
+ _v1.OK_old: bool,
+ _v1.Mem_old: [name][int]int,
+ _v1.alloc_old: int,
+ _v1.Mem_T.A1CHAR_old: [int]int,
+ _v1.Mem_T.A5UCHAR_old: [int]int,
+ _v1.Mem_T.A6UCHAR_old: [int]int,
+ _v1.Mem_T.CHAR_old: [int]int,
+ _v1.Mem_T.INT4_old: [int]int,
+ _v1.Mem_T.PCHAR_old: [int]int,
+ _v1.Mem_T.PUCHAR_old: [int]int,
+ _v1.Mem_T.PVOID_old: [int]int,
+ _v1.Mem_T.Pieee80211_scan_entry_old: [int]int,
+ _v1.Mem_T.UCHAR_old: [int]int,
+ _v1.Mem_T.VOID_old: [int]int,
+ _v1.Mem_T.ieee80211_scan_entry_old: [int]int,
+ _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry_old: [int]int,
+ _v1.detChoiceCnt_old: int,
+ _v1.Res_KERNEL_SOURCE_old: [int]int,
+ _v1.Res_PROBED_old: [int]int,
+ _v1.alloc_: int,
+ _v1.new: int,
+ _v2.obj_size: int,
+ _v2.OK_old: bool,
+ _v2.Mem_old: [name][int]int,
+ _v2.alloc_old: int,
+ _v2.Mem_T.A1CHAR_old: [int]int,
+ _v2.Mem_T.A5UCHAR_old: [int]int,
+ _v2.Mem_T.A6UCHAR_old: [int]int,
+ _v2.Mem_T.CHAR_old: [int]int,
+ _v2.Mem_T.INT4_old: [int]int,
+ _v2.Mem_T.PCHAR_old: [int]int,
+ _v2.Mem_T.PUCHAR_old: [int]int,
+ _v2.Mem_T.PVOID_old: [int]int,
+ _v2.Mem_T.Pieee80211_scan_entry_old: [int]int,
+ _v2.Mem_T.UCHAR_old: [int]int,
+ _v2.Mem_T.VOID_old: [int]int,
+ _v2.Mem_T.ieee80211_scan_entry_old: [int]int,
+ _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry_old: [int]int,
+ _v2.detChoiceCnt_old: int,
+ _v2.Res_KERNEL_SOURCE_old: [int]int,
+ _v2.Res_PROBED_old: [int]int,
+ _v2.alloc_: int,
+ _v2.new: int)
+ : bool
+{
+ true
+}
+
+const {:existential true} _houdini_24: bool;
+
+const {:existential true} _houdini_25: bool;
+
+const {:existential true} _houdini_26: bool;
+
+const {:existential true} _houdini_27: bool;
+
+const {:existential true} _houdini_28: bool;
+
+const {:existential true} _houdini_29: bool;
+
+const {:existential true} _houdini_30: bool;
+
+const {:existential true} _houdini_31: bool;
+
+const {:existential true} _houdini_32: bool;
+
+const {:existential true} _houdini_33: bool;
+
+const {:existential true} _houdini_34: bool;
+
+const {:existential true} _houdini_35: bool;
+
+const {:existential true} _houdini_36: bool;
+
+const {:existential true} _houdini_37: bool;
+
+const {:existential true} _houdini_38: bool;
+
+const {:existential true} _houdini_39: bool;
+
+const {:existential true} _houdini_40: bool;
+
+const {:existential true} _houdini_41: bool;
+
+const {:existential true} _houdini_42: bool;
+
+const {:existential true} _houdini_43: bool;
+
+const {:existential true} _houdini_44: bool;
+
+const {:existential true} _houdini_45: bool;
+
+const {:existential true} _houdini_46: bool;
+
+const {:existential true} _houdini_47: bool;
+
+procedure MS_Check__v1.__HAVOC_det_malloc___v2.__HAVOC_det_malloc(_v1.obj_size: int, _v2.obj_size: int) returns (_v1.new: int, _v2.new: int);
+ requires _houdini_24 ==> _v1.obj_size <= _v2.obj_size;
+ requires _houdini_25 ==> _v2.obj_size <= _v1.obj_size;
+ requires _houdini_26 ==> _v1.OK ==> _v2.OK;
+ requires _houdini_27 ==> _v2.OK ==> _v1.OK;
+ requires _houdini_28 ==> _v1.Mem == _v2.Mem;
+ requires _houdini_29 ==> _v1.alloc <= _v2.alloc;
+ requires _houdini_30 ==> _v2.alloc <= _v1.alloc;
+ requires _houdini_31 ==> _v1.Mem_T.A1CHAR == _v2.Mem_T.A1CHAR;
+ requires _houdini_32 ==> _v1.Mem_T.A5UCHAR == _v2.Mem_T.A5UCHAR;
+ requires _houdini_33 ==> _v1.Mem_T.A6UCHAR == _v2.Mem_T.A6UCHAR;
+ requires _houdini_34 ==> _v1.Mem_T.CHAR == _v2.Mem_T.CHAR;
+ requires _houdini_35 ==> _v1.Mem_T.INT4 == _v2.Mem_T.INT4;
+ requires _houdini_36 ==> _v1.Mem_T.PCHAR == _v2.Mem_T.PCHAR;
+ requires _houdini_37 ==> _v1.Mem_T.PUCHAR == _v2.Mem_T.PUCHAR;
+ requires _houdini_38 ==> _v1.Mem_T.PVOID == _v2.Mem_T.PVOID;
+ requires _houdini_39
+ ==> _v1.Mem_T.Pieee80211_scan_entry == _v2.Mem_T.Pieee80211_scan_entry;
+ requires _houdini_40 ==> _v1.Mem_T.UCHAR == _v2.Mem_T.UCHAR;
+ requires _houdini_41 ==> _v1.Mem_T.VOID == _v2.Mem_T.VOID;
+ requires _houdini_42 ==> _v1.Mem_T.ieee80211_scan_entry == _v2.Mem_T.ieee80211_scan_entry;
+ requires _houdini_43
+ ==> _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry
+ == _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry;
+ requires _houdini_44 ==> _v1.detChoiceCnt <= _v2.detChoiceCnt;
+ requires _houdini_45 ==> _v2.detChoiceCnt <= _v1.detChoiceCnt;
+ requires _houdini_46 ==> _v1.Res_KERNEL_SOURCE == _v2.Res_KERNEL_SOURCE;
+ requires _houdini_47 ==> _v1.Res_PROBED == _v2.Res_PROBED;
+ modifies _v1.alloc, _v2.alloc;
+ ensures MS$_v1.__HAVOC_det_malloc$_v2.__HAVOC_det_malloc(_v1.obj_size,
+ old(_v1.OK),
+ old(_v1.Mem),
+ old(_v1.alloc),
+ old(_v1.Mem_T.A1CHAR),
+ old(_v1.Mem_T.A5UCHAR),
+ old(_v1.Mem_T.A6UCHAR),
+ old(_v1.Mem_T.CHAR),
+ old(_v1.Mem_T.INT4),
+ old(_v1.Mem_T.PCHAR),
+ old(_v1.Mem_T.PUCHAR),
+ old(_v1.Mem_T.PVOID),
+ old(_v1.Mem_T.Pieee80211_scan_entry),
+ old(_v1.Mem_T.UCHAR),
+ old(_v1.Mem_T.VOID),
+ old(_v1.Mem_T.ieee80211_scan_entry),
+ old(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry),
+ old(_v1.detChoiceCnt),
+ old(_v1.Res_KERNEL_SOURCE),
+ old(_v1.Res_PROBED),
+ _v1.alloc,
+ _v1.new,
+ _v2.obj_size,
+ old(_v2.OK),
+ old(_v2.Mem),
+ old(_v2.alloc),
+ old(_v2.Mem_T.A1CHAR),
+ old(_v2.Mem_T.A5UCHAR),
+ old(_v2.Mem_T.A6UCHAR),
+ old(_v2.Mem_T.CHAR),
+ old(_v2.Mem_T.INT4),
+ old(_v2.Mem_T.PCHAR),
+ old(_v2.Mem_T.PUCHAR),
+ old(_v2.Mem_T.PVOID),
+ old(_v2.Mem_T.Pieee80211_scan_entry),
+ old(_v2.Mem_T.UCHAR),
+ old(_v2.Mem_T.VOID),
+ old(_v2.Mem_T.ieee80211_scan_entry),
+ old(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry),
+ old(_v2.detChoiceCnt),
+ old(_v2.Res_KERNEL_SOURCE),
+ old(_v2.Res_PROBED),
+ _v2.alloc,
+ _v2.new);
+ ensures old(_v1.obj_size == _v2.obj_size && _v1.alloc == _v2.alloc)
+ ==> _v1.new <= _v2.new
+ && _v2.new <= _v1.new
+ && _v1.alloc <= _v2.alloc
+ && _v2.alloc <= _v1.alloc;
+
+
+
+function {:inline true} MS$_v1.__HAVOC_memset_split_1$_v2.__HAVOC_memset_split_1(_v1.A: [int]int,
+ _v1.p: int,
+ _v1.c: int,
+ _v1.n: int,
+ _v1.OK_old: bool,
+ _v1.Mem_old: [name][int]int,
+ _v1.alloc_old: int,
+ _v1.Mem_T.A1CHAR_old: [int]int,
+ _v1.Mem_T.A5UCHAR_old: [int]int,
+ _v1.Mem_T.A6UCHAR_old: [int]int,
+ _v1.Mem_T.CHAR_old: [int]int,
+ _v1.Mem_T.INT4_old: [int]int,
+ _v1.Mem_T.PCHAR_old: [int]int,
+ _v1.Mem_T.PUCHAR_old: [int]int,
+ _v1.Mem_T.PVOID_old: [int]int,
+ _v1.Mem_T.Pieee80211_scan_entry_old: [int]int,
+ _v1.Mem_T.UCHAR_old: [int]int,
+ _v1.Mem_T.VOID_old: [int]int,
+ _v1.Mem_T.ieee80211_scan_entry_old: [int]int,
+ _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry_old: [int]int,
+ _v1.detChoiceCnt_old: int,
+ _v1.Res_KERNEL_SOURCE_old: [int]int,
+ _v1.Res_PROBED_old: [int]int,
+ _v1.ret: [int]int,
+ _v2.A: [int]int,
+ _v2.p: int,
+ _v2.c: int,
+ _v2.n: int,
+ _v2.OK_old: bool,
+ _v2.Mem_old: [name][int]int,
+ _v2.alloc_old: int,
+ _v2.Mem_T.A1CHAR_old: [int]int,
+ _v2.Mem_T.A5UCHAR_old: [int]int,
+ _v2.Mem_T.A6UCHAR_old: [int]int,
+ _v2.Mem_T.CHAR_old: [int]int,
+ _v2.Mem_T.INT4_old: [int]int,
+ _v2.Mem_T.PCHAR_old: [int]int,
+ _v2.Mem_T.PUCHAR_old: [int]int,
+ _v2.Mem_T.PVOID_old: [int]int,
+ _v2.Mem_T.Pieee80211_scan_entry_old: [int]int,
+ _v2.Mem_T.UCHAR_old: [int]int,
+ _v2.Mem_T.VOID_old: [int]int,
+ _v2.Mem_T.ieee80211_scan_entry_old: [int]int,
+ _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry_old: [int]int,
+ _v2.detChoiceCnt_old: int,
+ _v2.Res_KERNEL_SOURCE_old: [int]int,
+ _v2.Res_PROBED_old: [int]int,
+ _v2.ret: [int]int)
+ : bool
+{
+ true
+}
+
+procedure MS_Check__v1.__HAVOC_memset_split_1___v2.__HAVOC_memset_split_1(_v1.A: [int]int,
+ _v1.p: int,
+ _v1.c: int,
+ _v1.n: int,
+ _v2.A: [int]int,
+ _v2.p: int,
+ _v2.c: int,
+ _v2.n: int)
+ returns (_v1.ret: [int]int, _v2.ret: [int]int);
+ requires _v1.A == _v2.A
+ && _v1.p == _v2.p
+ && _v1.c == _v2.c
+ && _v1.n == _v2.n
+ &&
+ (_v1.OK <==> _v2.OK)
+ && _v1.Mem == _v2.Mem
+ && _v1.alloc == _v2.alloc
+ && _v1.Mem_T.A1CHAR == _v2.Mem_T.A1CHAR
+ && _v1.Mem_T.A5UCHAR == _v2.Mem_T.A5UCHAR
+ && _v1.Mem_T.A6UCHAR == _v2.Mem_T.A6UCHAR
+ && _v1.Mem_T.CHAR == _v2.Mem_T.CHAR
+ && _v1.Mem_T.INT4 == _v2.Mem_T.INT4
+ && _v1.Mem_T.PCHAR == _v2.Mem_T.PCHAR
+ && _v1.Mem_T.PUCHAR == _v2.Mem_T.PUCHAR
+ && _v1.Mem_T.PVOID == _v2.Mem_T.PVOID
+ && _v1.Mem_T.Pieee80211_scan_entry == _v2.Mem_T.Pieee80211_scan_entry
+ && _v1.Mem_T.UCHAR == _v2.Mem_T.UCHAR
+ && _v1.Mem_T.VOID == _v2.Mem_T.VOID
+ && _v1.Mem_T.ieee80211_scan_entry == _v2.Mem_T.ieee80211_scan_entry
+ && _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry
+ == _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry
+ && _v1.detChoiceCnt == _v2.detChoiceCnt
+ && _v1.Res_KERNEL_SOURCE == _v2.Res_KERNEL_SOURCE
+ && _v1.Res_PROBED == _v2.Res_PROBED;
+ ensures MS$_v1.__HAVOC_memset_split_1$_v2.__HAVOC_memset_split_1(_v1.A,
+ _v1.p,
+ _v1.c,
+ _v1.n,
+ old(_v1.OK),
+ old(_v1.Mem),
+ old(_v1.alloc),
+ old(_v1.Mem_T.A1CHAR),
+ old(_v1.Mem_T.A5UCHAR),
+ old(_v1.Mem_T.A6UCHAR),
+ old(_v1.Mem_T.CHAR),
+ old(_v1.Mem_T.INT4),
+ old(_v1.Mem_T.PCHAR),
+ old(_v1.Mem_T.PUCHAR),
+ old(_v1.Mem_T.PVOID),
+ old(_v1.Mem_T.Pieee80211_scan_entry),
+ old(_v1.Mem_T.UCHAR),
+ old(_v1.Mem_T.VOID),
+ old(_v1.Mem_T.ieee80211_scan_entry),
+ old(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry),
+ old(_v1.detChoiceCnt),
+ old(_v1.Res_KERNEL_SOURCE),
+ old(_v1.Res_PROBED),
+ _v1.ret,
+ _v2.A,
+ _v2.p,
+ _v2.c,
+ _v2.n,
+ old(_v2.OK),
+ old(_v2.Mem),
+ old(_v2.alloc),
+ old(_v2.Mem_T.A1CHAR),
+ old(_v2.Mem_T.A5UCHAR),
+ old(_v2.Mem_T.A6UCHAR),
+ old(_v2.Mem_T.CHAR),
+ old(_v2.Mem_T.INT4),
+ old(_v2.Mem_T.PCHAR),
+ old(_v2.Mem_T.PUCHAR),
+ old(_v2.Mem_T.PVOID),
+ old(_v2.Mem_T.Pieee80211_scan_entry),
+ old(_v2.Mem_T.UCHAR),
+ old(_v2.Mem_T.VOID),
+ old(_v2.Mem_T.ieee80211_scan_entry),
+ old(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry),
+ old(_v2.detChoiceCnt),
+ old(_v2.Res_KERNEL_SOURCE),
+ old(_v2.Res_PROBED),
+ _v2.ret);
+ ensures _v1.OK ==> _v2.OK;
+
+
+
+function {:inline true} MS$_v1.__HAVOC_memset_split_2$_v2.__HAVOC_memset_split_2(_v1.A: [int]int,
+ _v1.p: int,
+ _v1.c: int,
+ _v1.n: int,
+ _v1.OK_old: bool,
+ _v1.Mem_old: [name][int]int,
+ _v1.alloc_old: int,
+ _v1.Mem_T.A1CHAR_old: [int]int,
+ _v1.Mem_T.A5UCHAR_old: [int]int,
+ _v1.Mem_T.A6UCHAR_old: [int]int,
+ _v1.Mem_T.CHAR_old: [int]int,
+ _v1.Mem_T.INT4_old: [int]int,
+ _v1.Mem_T.PCHAR_old: [int]int,
+ _v1.Mem_T.PUCHAR_old: [int]int,
+ _v1.Mem_T.PVOID_old: [int]int,
+ _v1.Mem_T.Pieee80211_scan_entry_old: [int]int,
+ _v1.Mem_T.UCHAR_old: [int]int,
+ _v1.Mem_T.VOID_old: [int]int,
+ _v1.Mem_T.ieee80211_scan_entry_old: [int]int,
+ _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry_old: [int]int,
+ _v1.detChoiceCnt_old: int,
+ _v1.Res_KERNEL_SOURCE_old: [int]int,
+ _v1.Res_PROBED_old: [int]int,
+ _v1.ret: [int]int,
+ _v2.A: [int]int,
+ _v2.p: int,
+ _v2.c: int,
+ _v2.n: int,
+ _v2.OK_old: bool,
+ _v2.Mem_old: [name][int]int,
+ _v2.alloc_old: int,
+ _v2.Mem_T.A1CHAR_old: [int]int,
+ _v2.Mem_T.A5UCHAR_old: [int]int,
+ _v2.Mem_T.A6UCHAR_old: [int]int,
+ _v2.Mem_T.CHAR_old: [int]int,
+ _v2.Mem_T.INT4_old: [int]int,
+ _v2.Mem_T.PCHAR_old: [int]int,
+ _v2.Mem_T.PUCHAR_old: [int]int,
+ _v2.Mem_T.PVOID_old: [int]int,
+ _v2.Mem_T.Pieee80211_scan_entry_old: [int]int,
+ _v2.Mem_T.UCHAR_old: [int]int,
+ _v2.Mem_T.VOID_old: [int]int,
+ _v2.Mem_T.ieee80211_scan_entry_old: [int]int,
+ _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry_old: [int]int,
+ _v2.detChoiceCnt_old: int,
+ _v2.Res_KERNEL_SOURCE_old: [int]int,
+ _v2.Res_PROBED_old: [int]int,
+ _v2.ret: [int]int)
+ : bool
+{
+ true
+}
+
+procedure MS_Check__v1.__HAVOC_memset_split_2___v2.__HAVOC_memset_split_2(_v1.A: [int]int,
+ _v1.p: int,
+ _v1.c: int,
+ _v1.n: int,
+ _v2.A: [int]int,
+ _v2.p: int,
+ _v2.c: int,
+ _v2.n: int)
+ returns (_v1.ret: [int]int, _v2.ret: [int]int);
+ requires _v1.A == _v2.A
+ && _v1.p == _v2.p
+ && _v1.c == _v2.c
+ && _v1.n == _v2.n
+ &&
+ (_v1.OK <==> _v2.OK)
+ && _v1.Mem == _v2.Mem
+ && _v1.alloc == _v2.alloc
+ && _v1.Mem_T.A1CHAR == _v2.Mem_T.A1CHAR
+ && _v1.Mem_T.A5UCHAR == _v2.Mem_T.A5UCHAR
+ && _v1.Mem_T.A6UCHAR == _v2.Mem_T.A6UCHAR
+ && _v1.Mem_T.CHAR == _v2.Mem_T.CHAR
+ && _v1.Mem_T.INT4 == _v2.Mem_T.INT4
+ && _v1.Mem_T.PCHAR == _v2.Mem_T.PCHAR
+ && _v1.Mem_T.PUCHAR == _v2.Mem_T.PUCHAR
+ && _v1.Mem_T.PVOID == _v2.Mem_T.PVOID
+ && _v1.Mem_T.Pieee80211_scan_entry == _v2.Mem_T.Pieee80211_scan_entry
+ && _v1.Mem_T.UCHAR == _v2.Mem_T.UCHAR
+ && _v1.Mem_T.VOID == _v2.Mem_T.VOID
+ && _v1.Mem_T.ieee80211_scan_entry == _v2.Mem_T.ieee80211_scan_entry
+ && _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry
+ == _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry
+ && _v1.detChoiceCnt == _v2.detChoiceCnt
+ && _v1.Res_KERNEL_SOURCE == _v2.Res_KERNEL_SOURCE
+ && _v1.Res_PROBED == _v2.Res_PROBED;
+ ensures MS$_v1.__HAVOC_memset_split_2$_v2.__HAVOC_memset_split_2(_v1.A,
+ _v1.p,
+ _v1.c,
+ _v1.n,
+ old(_v1.OK),
+ old(_v1.Mem),
+ old(_v1.alloc),
+ old(_v1.Mem_T.A1CHAR),
+ old(_v1.Mem_T.A5UCHAR),
+ old(_v1.Mem_T.A6UCHAR),
+ old(_v1.Mem_T.CHAR),
+ old(_v1.Mem_T.INT4),
+ old(_v1.Mem_T.PCHAR),
+ old(_v1.Mem_T.PUCHAR),
+ old(_v1.Mem_T.PVOID),
+ old(_v1.Mem_T.Pieee80211_scan_entry),
+ old(_v1.Mem_T.UCHAR),
+ old(_v1.Mem_T.VOID),
+ old(_v1.Mem_T.ieee80211_scan_entry),
+ old(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry),
+ old(_v1.detChoiceCnt),
+ old(_v1.Res_KERNEL_SOURCE),
+ old(_v1.Res_PROBED),
+ _v1.ret,
+ _v2.A,
+ _v2.p,
+ _v2.c,
+ _v2.n,
+ old(_v2.OK),
+ old(_v2.Mem),
+ old(_v2.alloc),
+ old(_v2.Mem_T.A1CHAR),
+ old(_v2.Mem_T.A5UCHAR),
+ old(_v2.Mem_T.A6UCHAR),
+ old(_v2.Mem_T.CHAR),
+ old(_v2.Mem_T.INT4),
+ old(_v2.Mem_T.PCHAR),
+ old(_v2.Mem_T.PUCHAR),
+ old(_v2.Mem_T.PVOID),
+ old(_v2.Mem_T.Pieee80211_scan_entry),
+ old(_v2.Mem_T.UCHAR),
+ old(_v2.Mem_T.VOID),
+ old(_v2.Mem_T.ieee80211_scan_entry),
+ old(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry),
+ old(_v2.detChoiceCnt),
+ old(_v2.Res_KERNEL_SOURCE),
+ old(_v2.Res_PROBED),
+ _v2.ret);
+ ensures _v1.OK ==> _v2.OK;
+
+
+
+function {:inline true} MS$_v1.__HAVOC_memset_split_4$_v2.__HAVOC_memset_split_4(_v1.A: [int]int,
+ _v1.p: int,
+ _v1.c: int,
+ _v1.n: int,
+ _v1.OK_old: bool,
+ _v1.Mem_old: [name][int]int,
+ _v1.alloc_old: int,
+ _v1.Mem_T.A1CHAR_old: [int]int,
+ _v1.Mem_T.A5UCHAR_old: [int]int,
+ _v1.Mem_T.A6UCHAR_old: [int]int,
+ _v1.Mem_T.CHAR_old: [int]int,
+ _v1.Mem_T.INT4_old: [int]int,
+ _v1.Mem_T.PCHAR_old: [int]int,
+ _v1.Mem_T.PUCHAR_old: [int]int,
+ _v1.Mem_T.PVOID_old: [int]int,
+ _v1.Mem_T.Pieee80211_scan_entry_old: [int]int,
+ _v1.Mem_T.UCHAR_old: [int]int,
+ _v1.Mem_T.VOID_old: [int]int,
+ _v1.Mem_T.ieee80211_scan_entry_old: [int]int,
+ _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry_old: [int]int,
+ _v1.detChoiceCnt_old: int,
+ _v1.Res_KERNEL_SOURCE_old: [int]int,
+ _v1.Res_PROBED_old: [int]int,
+ _v1.ret: [int]int,
+ _v2.A: [int]int,
+ _v2.p: int,
+ _v2.c: int,
+ _v2.n: int,
+ _v2.OK_old: bool,
+ _v2.Mem_old: [name][int]int,
+ _v2.alloc_old: int,
+ _v2.Mem_T.A1CHAR_old: [int]int,
+ _v2.Mem_T.A5UCHAR_old: [int]int,
+ _v2.Mem_T.A6UCHAR_old: [int]int,
+ _v2.Mem_T.CHAR_old: [int]int,
+ _v2.Mem_T.INT4_old: [int]int,
+ _v2.Mem_T.PCHAR_old: [int]int,
+ _v2.Mem_T.PUCHAR_old: [int]int,
+ _v2.Mem_T.PVOID_old: [int]int,
+ _v2.Mem_T.Pieee80211_scan_entry_old: [int]int,
+ _v2.Mem_T.UCHAR_old: [int]int,
+ _v2.Mem_T.VOID_old: [int]int,
+ _v2.Mem_T.ieee80211_scan_entry_old: [int]int,
+ _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry_old: [int]int,
+ _v2.detChoiceCnt_old: int,
+ _v2.Res_KERNEL_SOURCE_old: [int]int,
+ _v2.Res_PROBED_old: [int]int,
+ _v2.ret: [int]int)
+ : bool
+{
+ true
+}
+
+procedure MS_Check__v1.__HAVOC_memset_split_4___v2.__HAVOC_memset_split_4(_v1.A: [int]int,
+ _v1.p: int,
+ _v1.c: int,
+ _v1.n: int,
+ _v2.A: [int]int,
+ _v2.p: int,
+ _v2.c: int,
+ _v2.n: int)
+ returns (_v1.ret: [int]int, _v2.ret: [int]int);
+ requires _v1.A == _v2.A
+ && _v1.p == _v2.p
+ && _v1.c == _v2.c
+ && _v1.n == _v2.n
+ &&
+ (_v1.OK <==> _v2.OK)
+ && _v1.Mem == _v2.Mem
+ && _v1.alloc == _v2.alloc
+ && _v1.Mem_T.A1CHAR == _v2.Mem_T.A1CHAR
+ && _v1.Mem_T.A5UCHAR == _v2.Mem_T.A5UCHAR
+ && _v1.Mem_T.A6UCHAR == _v2.Mem_T.A6UCHAR
+ && _v1.Mem_T.CHAR == _v2.Mem_T.CHAR
+ && _v1.Mem_T.INT4 == _v2.Mem_T.INT4
+ && _v1.Mem_T.PCHAR == _v2.Mem_T.PCHAR
+ && _v1.Mem_T.PUCHAR == _v2.Mem_T.PUCHAR
+ && _v1.Mem_T.PVOID == _v2.Mem_T.PVOID
+ && _v1.Mem_T.Pieee80211_scan_entry == _v2.Mem_T.Pieee80211_scan_entry
+ && _v1.Mem_T.UCHAR == _v2.Mem_T.UCHAR
+ && _v1.Mem_T.VOID == _v2.Mem_T.VOID
+ && _v1.Mem_T.ieee80211_scan_entry == _v2.Mem_T.ieee80211_scan_entry
+ && _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry
+ == _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry
+ && _v1.detChoiceCnt == _v2.detChoiceCnt
+ && _v1.Res_KERNEL_SOURCE == _v2.Res_KERNEL_SOURCE
+ && _v1.Res_PROBED == _v2.Res_PROBED;
+ ensures MS$_v1.__HAVOC_memset_split_4$_v2.__HAVOC_memset_split_4(_v1.A,
+ _v1.p,
+ _v1.c,
+ _v1.n,
+ old(_v1.OK),
+ old(_v1.Mem),
+ old(_v1.alloc),
+ old(_v1.Mem_T.A1CHAR),
+ old(_v1.Mem_T.A5UCHAR),
+ old(_v1.Mem_T.A6UCHAR),
+ old(_v1.Mem_T.CHAR),
+ old(_v1.Mem_T.INT4),
+ old(_v1.Mem_T.PCHAR),
+ old(_v1.Mem_T.PUCHAR),
+ old(_v1.Mem_T.PVOID),
+ old(_v1.Mem_T.Pieee80211_scan_entry),
+ old(_v1.Mem_T.UCHAR),
+ old(_v1.Mem_T.VOID),
+ old(_v1.Mem_T.ieee80211_scan_entry),
+ old(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry),
+ old(_v1.detChoiceCnt),
+ old(_v1.Res_KERNEL_SOURCE),
+ old(_v1.Res_PROBED),
+ _v1.ret,
+ _v2.A,
+ _v2.p,
+ _v2.c,
+ _v2.n,
+ old(_v2.OK),
+ old(_v2.Mem),
+ old(_v2.alloc),
+ old(_v2.Mem_T.A1CHAR),
+ old(_v2.Mem_T.A5UCHAR),
+ old(_v2.Mem_T.A6UCHAR),
+ old(_v2.Mem_T.CHAR),
+ old(_v2.Mem_T.INT4),
+ old(_v2.Mem_T.PCHAR),
+ old(_v2.Mem_T.PUCHAR),
+ old(_v2.Mem_T.PVOID),
+ old(_v2.Mem_T.Pieee80211_scan_entry),
+ old(_v2.Mem_T.UCHAR),
+ old(_v2.Mem_T.VOID),
+ old(_v2.Mem_T.ieee80211_scan_entry),
+ old(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry),
+ old(_v2.detChoiceCnt),
+ old(_v2.Res_KERNEL_SOURCE),
+ old(_v2.Res_PROBED),
+ _v2.ret);
+ ensures _v1.OK ==> _v2.OK;
+
+
+
+function {:inline true} MS$_v1.nondet_choice$_v2.nondet_choice(_v1.OK_old: bool,
+ _v1.Mem_old: [name][int]int,
+ _v1.alloc_old: int,
+ _v1.Mem_T.A1CHAR_old: [int]int,
+ _v1.Mem_T.A5UCHAR_old: [int]int,
+ _v1.Mem_T.A6UCHAR_old: [int]int,
+ _v1.Mem_T.CHAR_old: [int]int,
+ _v1.Mem_T.INT4_old: [int]int,
+ _v1.Mem_T.PCHAR_old: [int]int,
+ _v1.Mem_T.PUCHAR_old: [int]int,
+ _v1.Mem_T.PVOID_old: [int]int,
+ _v1.Mem_T.Pieee80211_scan_entry_old: [int]int,
+ _v1.Mem_T.UCHAR_old: [int]int,
+ _v1.Mem_T.VOID_old: [int]int,
+ _v1.Mem_T.ieee80211_scan_entry_old: [int]int,
+ _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry_old: [int]int,
+ _v1.detChoiceCnt_old: int,
+ _v1.Res_KERNEL_SOURCE_old: [int]int,
+ _v1.Res_PROBED_old: [int]int,
+ _v1.x: int,
+ _v2.OK_old: bool,
+ _v2.Mem_old: [name][int]int,
+ _v2.alloc_old: int,
+ _v2.Mem_T.A1CHAR_old: [int]int,
+ _v2.Mem_T.A5UCHAR_old: [int]int,
+ _v2.Mem_T.A6UCHAR_old: [int]int,
+ _v2.Mem_T.CHAR_old: [int]int,
+ _v2.Mem_T.INT4_old: [int]int,
+ _v2.Mem_T.PCHAR_old: [int]int,
+ _v2.Mem_T.PUCHAR_old: [int]int,
+ _v2.Mem_T.PVOID_old: [int]int,
+ _v2.Mem_T.Pieee80211_scan_entry_old: [int]int,
+ _v2.Mem_T.UCHAR_old: [int]int,
+ _v2.Mem_T.VOID_old: [int]int,
+ _v2.Mem_T.ieee80211_scan_entry_old: [int]int,
+ _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry_old: [int]int,
+ _v2.detChoiceCnt_old: int,
+ _v2.Res_KERNEL_SOURCE_old: [int]int,
+ _v2.Res_PROBED_old: [int]int,
+ _v2.x: int)
+ : bool
+{
+ true
+}
+
+procedure MS_Check__v1.nondet_choice___v2.nondet_choice() returns (_v1.x: int, _v2.x: int);
+ requires (_v1.OK <==> _v2.OK)
+ && _v1.Mem == _v2.Mem
+ && _v1.alloc == _v2.alloc
+ && _v1.Mem_T.A1CHAR == _v2.Mem_T.A1CHAR
+ && _v1.Mem_T.A5UCHAR == _v2.Mem_T.A5UCHAR
+ && _v1.Mem_T.A6UCHAR == _v2.Mem_T.A6UCHAR
+ && _v1.Mem_T.CHAR == _v2.Mem_T.CHAR
+ && _v1.Mem_T.INT4 == _v2.Mem_T.INT4
+ && _v1.Mem_T.PCHAR == _v2.Mem_T.PCHAR
+ && _v1.Mem_T.PUCHAR == _v2.Mem_T.PUCHAR
+ && _v1.Mem_T.PVOID == _v2.Mem_T.PVOID
+ && _v1.Mem_T.Pieee80211_scan_entry == _v2.Mem_T.Pieee80211_scan_entry
+ && _v1.Mem_T.UCHAR == _v2.Mem_T.UCHAR
+ && _v1.Mem_T.VOID == _v2.Mem_T.VOID
+ && _v1.Mem_T.ieee80211_scan_entry == _v2.Mem_T.ieee80211_scan_entry
+ && _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry
+ == _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry
+ && _v1.detChoiceCnt == _v2.detChoiceCnt
+ && _v1.Res_KERNEL_SOURCE == _v2.Res_KERNEL_SOURCE
+ && _v1.Res_PROBED == _v2.Res_PROBED;
+ ensures MS$_v1.nondet_choice$_v2.nondet_choice(old(_v1.OK),
+ old(_v1.Mem),
+ old(_v1.alloc),
+ old(_v1.Mem_T.A1CHAR),
+ old(_v1.Mem_T.A5UCHAR),
+ old(_v1.Mem_T.A6UCHAR),
+ old(_v1.Mem_T.CHAR),
+ old(_v1.Mem_T.INT4),
+ old(_v1.Mem_T.PCHAR),
+ old(_v1.Mem_T.PUCHAR),
+ old(_v1.Mem_T.PVOID),
+ old(_v1.Mem_T.Pieee80211_scan_entry),
+ old(_v1.Mem_T.UCHAR),
+ old(_v1.Mem_T.VOID),
+ old(_v1.Mem_T.ieee80211_scan_entry),
+ old(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry),
+ old(_v1.detChoiceCnt),
+ old(_v1.Res_KERNEL_SOURCE),
+ old(_v1.Res_PROBED),
+ _v1.x,
+ old(_v2.OK),
+ old(_v2.Mem),
+ old(_v2.alloc),
+ old(_v2.Mem_T.A1CHAR),
+ old(_v2.Mem_T.A5UCHAR),
+ old(_v2.Mem_T.A6UCHAR),
+ old(_v2.Mem_T.CHAR),
+ old(_v2.Mem_T.INT4),
+ old(_v2.Mem_T.PCHAR),
+ old(_v2.Mem_T.PUCHAR),
+ old(_v2.Mem_T.PVOID),
+ old(_v2.Mem_T.Pieee80211_scan_entry),
+ old(_v2.Mem_T.UCHAR),
+ old(_v2.Mem_T.VOID),
+ old(_v2.Mem_T.ieee80211_scan_entry),
+ old(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry),
+ old(_v2.detChoiceCnt),
+ old(_v2.Res_KERNEL_SOURCE),
+ old(_v2.Res_PROBED),
+ _v2.x);
+ ensures _v1.OK ==> _v2.OK;
+
+
+
+function {:inline true} MS$_v1.det_choice$_v2.det_choice(_v1.OK_old: bool,
+ _v1.Mem_old: [name][int]int,
+ _v1.alloc_old: int,
+ _v1.Mem_T.A1CHAR_old: [int]int,
+ _v1.Mem_T.A5UCHAR_old: [int]int,
+ _v1.Mem_T.A6UCHAR_old: [int]int,
+ _v1.Mem_T.CHAR_old: [int]int,
+ _v1.Mem_T.INT4_old: [int]int,
+ _v1.Mem_T.PCHAR_old: [int]int,
+ _v1.Mem_T.PUCHAR_old: [int]int,
+ _v1.Mem_T.PVOID_old: [int]int,
+ _v1.Mem_T.Pieee80211_scan_entry_old: [int]int,
+ _v1.Mem_T.UCHAR_old: [int]int,
+ _v1.Mem_T.VOID_old: [int]int,
+ _v1.Mem_T.ieee80211_scan_entry_old: [int]int,
+ _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry_old: [int]int,
+ _v1.detChoiceCnt_old: int,
+ _v1.Res_KERNEL_SOURCE_old: [int]int,
+ _v1.Res_PROBED_old: [int]int,
+ _v1.detChoiceCnt_: int,
+ _v1.x: int,
+ _v2.OK_old: bool,
+ _v2.Mem_old: [name][int]int,
+ _v2.alloc_old: int,
+ _v2.Mem_T.A1CHAR_old: [int]int,
+ _v2.Mem_T.A5UCHAR_old: [int]int,
+ _v2.Mem_T.A6UCHAR_old: [int]int,
+ _v2.Mem_T.CHAR_old: [int]int,
+ _v2.Mem_T.INT4_old: [int]int,
+ _v2.Mem_T.PCHAR_old: [int]int,
+ _v2.Mem_T.PUCHAR_old: [int]int,
+ _v2.Mem_T.PVOID_old: [int]int,
+ _v2.Mem_T.Pieee80211_scan_entry_old: [int]int,
+ _v2.Mem_T.UCHAR_old: [int]int,
+ _v2.Mem_T.VOID_old: [int]int,
+ _v2.Mem_T.ieee80211_scan_entry_old: [int]int,
+ _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry_old: [int]int,
+ _v2.detChoiceCnt_old: int,
+ _v2.Res_KERNEL_SOURCE_old: [int]int,
+ _v2.Res_PROBED_old: [int]int,
+ _v2.detChoiceCnt_: int,
+ _v2.x: int)
+ : bool
+{
+ true
+}
+
+procedure MS_Check__v1.det_choice___v2.det_choice() returns (_v1.x: int, _v2.x: int);
+ requires (_v1.OK <==> _v2.OK)
+ && _v1.Mem == _v2.Mem
+ && _v1.alloc == _v2.alloc
+ && _v1.Mem_T.A1CHAR == _v2.Mem_T.A1CHAR
+ && _v1.Mem_T.A5UCHAR == _v2.Mem_T.A5UCHAR
+ && _v1.Mem_T.A6UCHAR == _v2.Mem_T.A6UCHAR
+ && _v1.Mem_T.CHAR == _v2.Mem_T.CHAR
+ && _v1.Mem_T.INT4 == _v2.Mem_T.INT4
+ && _v1.Mem_T.PCHAR == _v2.Mem_T.PCHAR
+ && _v1.Mem_T.PUCHAR == _v2.Mem_T.PUCHAR
+ && _v1.Mem_T.PVOID == _v2.Mem_T.PVOID
+ && _v1.Mem_T.Pieee80211_scan_entry == _v2.Mem_T.Pieee80211_scan_entry
+ && _v1.Mem_T.UCHAR == _v2.Mem_T.UCHAR
+ && _v1.Mem_T.VOID == _v2.Mem_T.VOID
+ && _v1.Mem_T.ieee80211_scan_entry == _v2.Mem_T.ieee80211_scan_entry
+ && _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry
+ == _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry
+ && _v1.detChoiceCnt == _v2.detChoiceCnt
+ && _v1.Res_KERNEL_SOURCE == _v2.Res_KERNEL_SOURCE
+ && _v1.Res_PROBED == _v2.Res_PROBED;
+ modifies _v1.detChoiceCnt, _v2.detChoiceCnt;
+ ensures MS$_v1.det_choice$_v2.det_choice(old(_v1.OK),
+ old(_v1.Mem),
+ old(_v1.alloc),
+ old(_v1.Mem_T.A1CHAR),
+ old(_v1.Mem_T.A5UCHAR),
+ old(_v1.Mem_T.A6UCHAR),
+ old(_v1.Mem_T.CHAR),
+ old(_v1.Mem_T.INT4),
+ old(_v1.Mem_T.PCHAR),
+ old(_v1.Mem_T.PUCHAR),
+ old(_v1.Mem_T.PVOID),
+ old(_v1.Mem_T.Pieee80211_scan_entry),
+ old(_v1.Mem_T.UCHAR),
+ old(_v1.Mem_T.VOID),
+ old(_v1.Mem_T.ieee80211_scan_entry),
+ old(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry),
+ old(_v1.detChoiceCnt),
+ old(_v1.Res_KERNEL_SOURCE),
+ old(_v1.Res_PROBED),
+ _v1.detChoiceCnt,
+ _v1.x,
+ old(_v2.OK),
+ old(_v2.Mem),
+ old(_v2.alloc),
+ old(_v2.Mem_T.A1CHAR),
+ old(_v2.Mem_T.A5UCHAR),
+ old(_v2.Mem_T.A6UCHAR),
+ old(_v2.Mem_T.CHAR),
+ old(_v2.Mem_T.INT4),
+ old(_v2.Mem_T.PCHAR),
+ old(_v2.Mem_T.PUCHAR),
+ old(_v2.Mem_T.PVOID),
+ old(_v2.Mem_T.Pieee80211_scan_entry),
+ old(_v2.Mem_T.UCHAR),
+ old(_v2.Mem_T.VOID),
+ old(_v2.Mem_T.ieee80211_scan_entry),
+ old(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry),
+ old(_v2.detChoiceCnt),
+ old(_v2.Res_KERNEL_SOURCE),
+ old(_v2.Res_PROBED),
+ _v2.detChoiceCnt,
+ _v2.x);
+ ensures _v1.OK ==> _v2.OK;
+
+
+
+function {:inline true} MS$_v1._strdup$_v2._strdup(_v1.str: int,
+ _v1.OK_old: bool,
+ _v1.Mem_old: [name][int]int,
+ _v1.alloc_old: int,
+ _v1.Mem_T.A1CHAR_old: [int]int,
+ _v1.Mem_T.A5UCHAR_old: [int]int,
+ _v1.Mem_T.A6UCHAR_old: [int]int,
+ _v1.Mem_T.CHAR_old: [int]int,
+ _v1.Mem_T.INT4_old: [int]int,
+ _v1.Mem_T.PCHAR_old: [int]int,
+ _v1.Mem_T.PUCHAR_old: [int]int,
+ _v1.Mem_T.PVOID_old: [int]int,
+ _v1.Mem_T.Pieee80211_scan_entry_old: [int]int,
+ _v1.Mem_T.UCHAR_old: [int]int,
+ _v1.Mem_T.VOID_old: [int]int,
+ _v1.Mem_T.ieee80211_scan_entry_old: [int]int,
+ _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry_old: [int]int,
+ _v1.detChoiceCnt_old: int,
+ _v1.Res_KERNEL_SOURCE_old: [int]int,
+ _v1.Res_PROBED_old: [int]int,
+ _v1.new: int,
+ _v2.str: int,
+ _v2.OK_old: bool,
+ _v2.Mem_old: [name][int]int,
+ _v2.alloc_old: int,
+ _v2.Mem_T.A1CHAR_old: [int]int,
+ _v2.Mem_T.A5UCHAR_old: [int]int,
+ _v2.Mem_T.A6UCHAR_old: [int]int,
+ _v2.Mem_T.CHAR_old: [int]int,
+ _v2.Mem_T.INT4_old: [int]int,
+ _v2.Mem_T.PCHAR_old: [int]int,
+ _v2.Mem_T.PUCHAR_old: [int]int,
+ _v2.Mem_T.PVOID_old: [int]int,
+ _v2.Mem_T.Pieee80211_scan_entry_old: [int]int,
+ _v2.Mem_T.UCHAR_old: [int]int,
+ _v2.Mem_T.VOID_old: [int]int,
+ _v2.Mem_T.ieee80211_scan_entry_old: [int]int,
+ _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry_old: [int]int,
+ _v2.detChoiceCnt_old: int,
+ _v2.Res_KERNEL_SOURCE_old: [int]int,
+ _v2.Res_PROBED_old: [int]int,
+ _v2.new: int)
+ : bool
+{
+ true
+}
+
+procedure MS_Check__v1._strdup___v2._strdup(_v1.str: int, _v2.str: int) returns (_v1.new: int, _v2.new: int);
+ requires _v1.str == _v2.str
+ &&
+ (_v1.OK <==> _v2.OK)
+ && _v1.Mem == _v2.Mem
+ && _v1.alloc == _v2.alloc
+ && _v1.Mem_T.A1CHAR == _v2.Mem_T.A1CHAR
+ && _v1.Mem_T.A5UCHAR == _v2.Mem_T.A5UCHAR
+ && _v1.Mem_T.A6UCHAR == _v2.Mem_T.A6UCHAR
+ && _v1.Mem_T.CHAR == _v2.Mem_T.CHAR
+ && _v1.Mem_T.INT4 == _v2.Mem_T.INT4
+ && _v1.Mem_T.PCHAR == _v2.Mem_T.PCHAR
+ && _v1.Mem_T.PUCHAR == _v2.Mem_T.PUCHAR
+ && _v1.Mem_T.PVOID == _v2.Mem_T.PVOID
+ && _v1.Mem_T.Pieee80211_scan_entry == _v2.Mem_T.Pieee80211_scan_entry
+ && _v1.Mem_T.UCHAR == _v2.Mem_T.UCHAR
+ && _v1.Mem_T.VOID == _v2.Mem_T.VOID
+ && _v1.Mem_T.ieee80211_scan_entry == _v2.Mem_T.ieee80211_scan_entry
+ && _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry
+ == _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry
+ && _v1.detChoiceCnt == _v2.detChoiceCnt
+ && _v1.Res_KERNEL_SOURCE == _v2.Res_KERNEL_SOURCE
+ && _v1.Res_PROBED == _v2.Res_PROBED;
+ ensures MS$_v1._strdup$_v2._strdup(_v1.str,
+ old(_v1.OK),
+ old(_v1.Mem),
+ old(_v1.alloc),
+ old(_v1.Mem_T.A1CHAR),
+ old(_v1.Mem_T.A5UCHAR),
+ old(_v1.Mem_T.A6UCHAR),
+ old(_v1.Mem_T.CHAR),
+ old(_v1.Mem_T.INT4),
+ old(_v1.Mem_T.PCHAR),
+ old(_v1.Mem_T.PUCHAR),
+ old(_v1.Mem_T.PVOID),
+ old(_v1.Mem_T.Pieee80211_scan_entry),
+ old(_v1.Mem_T.UCHAR),
+ old(_v1.Mem_T.VOID),
+ old(_v1.Mem_T.ieee80211_scan_entry),
+ old(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry),
+ old(_v1.detChoiceCnt),
+ old(_v1.Res_KERNEL_SOURCE),
+ old(_v1.Res_PROBED),
+ _v1.new,
+ _v2.str,
+ old(_v2.OK),
+ old(_v2.Mem),
+ old(_v2.alloc),
+ old(_v2.Mem_T.A1CHAR),
+ old(_v2.Mem_T.A5UCHAR),
+ old(_v2.Mem_T.A6UCHAR),
+ old(_v2.Mem_T.CHAR),
+ old(_v2.Mem_T.INT4),
+ old(_v2.Mem_T.PCHAR),
+ old(_v2.Mem_T.PUCHAR),
+ old(_v2.Mem_T.PVOID),
+ old(_v2.Mem_T.Pieee80211_scan_entry),
+ old(_v2.Mem_T.UCHAR),
+ old(_v2.Mem_T.VOID),
+ old(_v2.Mem_T.ieee80211_scan_entry),
+ old(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry),
+ old(_v2.detChoiceCnt),
+ old(_v2.Res_KERNEL_SOURCE),
+ old(_v2.Res_PROBED),
+ _v2.new);
+ ensures _v1.OK ==> _v2.OK;
+
+
+
+function {:inline true} MS$_v1._xstrcasecmp$_v2._xstrcasecmp(_v1.a0: int,
+ _v1.a1: int,
+ _v1.OK_old: bool,
+ _v1.Mem_old: [name][int]int,
+ _v1.alloc_old: int,
+ _v1.Mem_T.A1CHAR_old: [int]int,
+ _v1.Mem_T.A5UCHAR_old: [int]int,
+ _v1.Mem_T.A6UCHAR_old: [int]int,
+ _v1.Mem_T.CHAR_old: [int]int,
+ _v1.Mem_T.INT4_old: [int]int,
+ _v1.Mem_T.PCHAR_old: [int]int,
+ _v1.Mem_T.PUCHAR_old: [int]int,
+ _v1.Mem_T.PVOID_old: [int]int,
+ _v1.Mem_T.Pieee80211_scan_entry_old: [int]int,
+ _v1.Mem_T.UCHAR_old: [int]int,
+ _v1.Mem_T.VOID_old: [int]int,
+ _v1.Mem_T.ieee80211_scan_entry_old: [int]int,
+ _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry_old: [int]int,
+ _v1.detChoiceCnt_old: int,
+ _v1.Res_KERNEL_SOURCE_old: [int]int,
+ _v1.Res_PROBED_old: [int]int,
+ _v1.ret: int,
+ _v2.a0: int,
+ _v2.a1: int,
+ _v2.OK_old: bool,
+ _v2.Mem_old: [name][int]int,
+ _v2.alloc_old: int,
+ _v2.Mem_T.A1CHAR_old: [int]int,
+ _v2.Mem_T.A5UCHAR_old: [int]int,
+ _v2.Mem_T.A6UCHAR_old: [int]int,
+ _v2.Mem_T.CHAR_old: [int]int,
+ _v2.Mem_T.INT4_old: [int]int,
+ _v2.Mem_T.PCHAR_old: [int]int,
+ _v2.Mem_T.PUCHAR_old: [int]int,
+ _v2.Mem_T.PVOID_old: [int]int,
+ _v2.Mem_T.Pieee80211_scan_entry_old: [int]int,
+ _v2.Mem_T.UCHAR_old: [int]int,
+ _v2.Mem_T.VOID_old: [int]int,
+ _v2.Mem_T.ieee80211_scan_entry_old: [int]int,
+ _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry_old: [int]int,
+ _v2.detChoiceCnt_old: int,
+ _v2.Res_KERNEL_SOURCE_old: [int]int,
+ _v2.Res_PROBED_old: [int]int,
+ _v2.ret: int)
+ : bool
+{
+ true
+}
+
+procedure MS_Check__v1._xstrcasecmp___v2._xstrcasecmp(_v1.a0: int, _v1.a1: int, _v2.a0: int, _v2.a1: int)
+ returns (_v1.ret: int, _v2.ret: int);
+ requires _v1.a0 == _v2.a0
+ && _v1.a1 == _v2.a1
+ &&
+ (_v1.OK <==> _v2.OK)
+ && _v1.Mem == _v2.Mem
+ && _v1.alloc == _v2.alloc
+ && _v1.Mem_T.A1CHAR == _v2.Mem_T.A1CHAR
+ && _v1.Mem_T.A5UCHAR == _v2.Mem_T.A5UCHAR
+ && _v1.Mem_T.A6UCHAR == _v2.Mem_T.A6UCHAR
+ && _v1.Mem_T.CHAR == _v2.Mem_T.CHAR
+ && _v1.Mem_T.INT4 == _v2.Mem_T.INT4
+ && _v1.Mem_T.PCHAR == _v2.Mem_T.PCHAR
+ && _v1.Mem_T.PUCHAR == _v2.Mem_T.PUCHAR
+ && _v1.Mem_T.PVOID == _v2.Mem_T.PVOID
+ && _v1.Mem_T.Pieee80211_scan_entry == _v2.Mem_T.Pieee80211_scan_entry
+ && _v1.Mem_T.UCHAR == _v2.Mem_T.UCHAR
+ && _v1.Mem_T.VOID == _v2.Mem_T.VOID
+ && _v1.Mem_T.ieee80211_scan_entry == _v2.Mem_T.ieee80211_scan_entry
+ && _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry
+ == _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry
+ && _v1.detChoiceCnt == _v2.detChoiceCnt
+ && _v1.Res_KERNEL_SOURCE == _v2.Res_KERNEL_SOURCE
+ && _v1.Res_PROBED == _v2.Res_PROBED;
+ ensures MS$_v1._xstrcasecmp$_v2._xstrcasecmp(_v1.a0,
+ _v1.a1,
+ old(_v1.OK),
+ old(_v1.Mem),
+ old(_v1.alloc),
+ old(_v1.Mem_T.A1CHAR),
+ old(_v1.Mem_T.A5UCHAR),
+ old(_v1.Mem_T.A6UCHAR),
+ old(_v1.Mem_T.CHAR),
+ old(_v1.Mem_T.INT4),
+ old(_v1.Mem_T.PCHAR),
+ old(_v1.Mem_T.PUCHAR),
+ old(_v1.Mem_T.PVOID),
+ old(_v1.Mem_T.Pieee80211_scan_entry),
+ old(_v1.Mem_T.UCHAR),
+ old(_v1.Mem_T.VOID),
+ old(_v1.Mem_T.ieee80211_scan_entry),
+ old(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry),
+ old(_v1.detChoiceCnt),
+ old(_v1.Res_KERNEL_SOURCE),
+ old(_v1.Res_PROBED),
+ _v1.ret,
+ _v2.a0,
+ _v2.a1,
+ old(_v2.OK),
+ old(_v2.Mem),
+ old(_v2.alloc),
+ old(_v2.Mem_T.A1CHAR),
+ old(_v2.Mem_T.A5UCHAR),
+ old(_v2.Mem_T.A6UCHAR),
+ old(_v2.Mem_T.CHAR),
+ old(_v2.Mem_T.INT4),
+ old(_v2.Mem_T.PCHAR),
+ old(_v2.Mem_T.PUCHAR),
+ old(_v2.Mem_T.PVOID),
+ old(_v2.Mem_T.Pieee80211_scan_entry),
+ old(_v2.Mem_T.UCHAR),
+ old(_v2.Mem_T.VOID),
+ old(_v2.Mem_T.ieee80211_scan_entry),
+ old(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry),
+ old(_v2.detChoiceCnt),
+ old(_v2.Res_KERNEL_SOURCE),
+ old(_v2.Res_PROBED),
+ _v2.ret);
+ ensures _v1.OK ==> _v2.OK;
+
+
+
+function {:inline true} MS$_v1._xstrcmp$_v2._xstrcmp(_v1.a0: int,
+ _v1.a1: int,
+ _v1.OK_old: bool,
+ _v1.Mem_old: [name][int]int,
+ _v1.alloc_old: int,
+ _v1.Mem_T.A1CHAR_old: [int]int,
+ _v1.Mem_T.A5UCHAR_old: [int]int,
+ _v1.Mem_T.A6UCHAR_old: [int]int,
+ _v1.Mem_T.CHAR_old: [int]int,
+ _v1.Mem_T.INT4_old: [int]int,
+ _v1.Mem_T.PCHAR_old: [int]int,
+ _v1.Mem_T.PUCHAR_old: [int]int,
+ _v1.Mem_T.PVOID_old: [int]int,
+ _v1.Mem_T.Pieee80211_scan_entry_old: [int]int,
+ _v1.Mem_T.UCHAR_old: [int]int,
+ _v1.Mem_T.VOID_old: [int]int,
+ _v1.Mem_T.ieee80211_scan_entry_old: [int]int,
+ _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry_old: [int]int,
+ _v1.detChoiceCnt_old: int,
+ _v1.Res_KERNEL_SOURCE_old: [int]int,
+ _v1.Res_PROBED_old: [int]int,
+ _v1.ret: int,
+ _v2.a0: int,
+ _v2.a1: int,
+ _v2.OK_old: bool,
+ _v2.Mem_old: [name][int]int,
+ _v2.alloc_old: int,
+ _v2.Mem_T.A1CHAR_old: [int]int,
+ _v2.Mem_T.A5UCHAR_old: [int]int,
+ _v2.Mem_T.A6UCHAR_old: [int]int,
+ _v2.Mem_T.CHAR_old: [int]int,
+ _v2.Mem_T.INT4_old: [int]int,
+ _v2.Mem_T.PCHAR_old: [int]int,
+ _v2.Mem_T.PUCHAR_old: [int]int,
+ _v2.Mem_T.PVOID_old: [int]int,
+ _v2.Mem_T.Pieee80211_scan_entry_old: [int]int,
+ _v2.Mem_T.UCHAR_old: [int]int,
+ _v2.Mem_T.VOID_old: [int]int,
+ _v2.Mem_T.ieee80211_scan_entry_old: [int]int,
+ _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry_old: [int]int,
+ _v2.detChoiceCnt_old: int,
+ _v2.Res_KERNEL_SOURCE_old: [int]int,
+ _v2.Res_PROBED_old: [int]int,
+ _v2.ret: int)
+ : bool
+{
+ true
+}
+
+procedure MS_Check__v1._xstrcmp___v2._xstrcmp(_v1.a0: int, _v1.a1: int, _v2.a0: int, _v2.a1: int)
+ returns (_v1.ret: int, _v2.ret: int);
+ requires _v1.a0 == _v2.a0
+ && _v1.a1 == _v2.a1
+ &&
+ (_v1.OK <==> _v2.OK)
+ && _v1.Mem == _v2.Mem
+ && _v1.alloc == _v2.alloc
+ && _v1.Mem_T.A1CHAR == _v2.Mem_T.A1CHAR
+ && _v1.Mem_T.A5UCHAR == _v2.Mem_T.A5UCHAR
+ && _v1.Mem_T.A6UCHAR == _v2.Mem_T.A6UCHAR
+ && _v1.Mem_T.CHAR == _v2.Mem_T.CHAR
+ && _v1.Mem_T.INT4 == _v2.Mem_T.INT4
+ && _v1.Mem_T.PCHAR == _v2.Mem_T.PCHAR
+ && _v1.Mem_T.PUCHAR == _v2.Mem_T.PUCHAR
+ && _v1.Mem_T.PVOID == _v2.Mem_T.PVOID
+ && _v1.Mem_T.Pieee80211_scan_entry == _v2.Mem_T.Pieee80211_scan_entry
+ && _v1.Mem_T.UCHAR == _v2.Mem_T.UCHAR
+ && _v1.Mem_T.VOID == _v2.Mem_T.VOID
+ && _v1.Mem_T.ieee80211_scan_entry == _v2.Mem_T.ieee80211_scan_entry
+ && _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry
+ == _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry
+ && _v1.detChoiceCnt == _v2.detChoiceCnt
+ && _v1.Res_KERNEL_SOURCE == _v2.Res_KERNEL_SOURCE
+ && _v1.Res_PROBED == _v2.Res_PROBED;
+ ensures MS$_v1._xstrcmp$_v2._xstrcmp(_v1.a0,
+ _v1.a1,
+ old(_v1.OK),
+ old(_v1.Mem),
+ old(_v1.alloc),
+ old(_v1.Mem_T.A1CHAR),
+ old(_v1.Mem_T.A5UCHAR),
+ old(_v1.Mem_T.A6UCHAR),
+ old(_v1.Mem_T.CHAR),
+ old(_v1.Mem_T.INT4),
+ old(_v1.Mem_T.PCHAR),
+ old(_v1.Mem_T.PUCHAR),
+ old(_v1.Mem_T.PVOID),
+ old(_v1.Mem_T.Pieee80211_scan_entry),
+ old(_v1.Mem_T.UCHAR),
+ old(_v1.Mem_T.VOID),
+ old(_v1.Mem_T.ieee80211_scan_entry),
+ old(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry),
+ old(_v1.detChoiceCnt),
+ old(_v1.Res_KERNEL_SOURCE),
+ old(_v1.Res_PROBED),
+ _v1.ret,
+ _v2.a0,
+ _v2.a1,
+ old(_v2.OK),
+ old(_v2.Mem),
+ old(_v2.alloc),
+ old(_v2.Mem_T.A1CHAR),
+ old(_v2.Mem_T.A5UCHAR),
+ old(_v2.Mem_T.A6UCHAR),
+ old(_v2.Mem_T.CHAR),
+ old(_v2.Mem_T.INT4),
+ old(_v2.Mem_T.PCHAR),
+ old(_v2.Mem_T.PUCHAR),
+ old(_v2.Mem_T.PVOID),
+ old(_v2.Mem_T.Pieee80211_scan_entry),
+ old(_v2.Mem_T.UCHAR),
+ old(_v2.Mem_T.VOID),
+ old(_v2.Mem_T.ieee80211_scan_entry),
+ old(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry),
+ old(_v2.detChoiceCnt),
+ old(_v2.Res_KERNEL_SOURCE),
+ old(_v2.Res_PROBED),
+ _v2.ret);
+ ensures _v1.OK ==> _v2.OK;
+
+
+
+function {:inline true} MS$_v1.memcpy$_v2.memcpy(_v1.a0: int,
+ _v1.a1: int,
+ _v1.a2: int,
+ _v1.OK_old: bool,
+ _v1.Mem_old: [name][int]int,
+ _v1.alloc_old: int,
+ _v1.Mem_T.A1CHAR_old: [int]int,
+ _v1.Mem_T.A5UCHAR_old: [int]int,
+ _v1.Mem_T.A6UCHAR_old: [int]int,
+ _v1.Mem_T.CHAR_old: [int]int,
+ _v1.Mem_T.INT4_old: [int]int,
+ _v1.Mem_T.PCHAR_old: [int]int,
+ _v1.Mem_T.PUCHAR_old: [int]int,
+ _v1.Mem_T.PVOID_old: [int]int,
+ _v1.Mem_T.Pieee80211_scan_entry_old: [int]int,
+ _v1.Mem_T.UCHAR_old: [int]int,
+ _v1.Mem_T.VOID_old: [int]int,
+ _v1.Mem_T.ieee80211_scan_entry_old: [int]int,
+ _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry_old: [int]int,
+ _v1.detChoiceCnt_old: int,
+ _v1.Res_KERNEL_SOURCE_old: [int]int,
+ _v1.Res_PROBED_old: [int]int,
+ _v1.ret: int,
+ _v2.a0: int,
+ _v2.a1: int,
+ _v2.a2: int,
+ _v2.OK_old: bool,
+ _v2.Mem_old: [name][int]int,
+ _v2.alloc_old: int,
+ _v2.Mem_T.A1CHAR_old: [int]int,
+ _v2.Mem_T.A5UCHAR_old: [int]int,
+ _v2.Mem_T.A6UCHAR_old: [int]int,
+ _v2.Mem_T.CHAR_old: [int]int,
+ _v2.Mem_T.INT4_old: [int]int,
+ _v2.Mem_T.PCHAR_old: [int]int,
+ _v2.Mem_T.PUCHAR_old: [int]int,
+ _v2.Mem_T.PVOID_old: [int]int,
+ _v2.Mem_T.Pieee80211_scan_entry_old: [int]int,
+ _v2.Mem_T.UCHAR_old: [int]int,
+ _v2.Mem_T.VOID_old: [int]int,
+ _v2.Mem_T.ieee80211_scan_entry_old: [int]int,
+ _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry_old: [int]int,
+ _v2.detChoiceCnt_old: int,
+ _v2.Res_KERNEL_SOURCE_old: [int]int,
+ _v2.Res_PROBED_old: [int]int,
+ _v2.ret: int)
+ : bool
+{
+ true
+}
+
+const {:existential true} _houdini_48: bool;
+
+const {:existential true} _houdini_49: bool;
+
+const {:existential true} _houdini_50: bool;
+
+const {:existential true} _houdini_51: bool;
+
+const {:existential true} _houdini_52: bool;
+
+const {:existential true} _houdini_53: bool;
+
+const {:existential true} _houdini_54: bool;
+
+const {:existential true} _houdini_55: bool;
+
+const {:existential true} _houdini_56: bool;
+
+const {:existential true} _houdini_57: bool;
+
+const {:existential true} _houdini_58: bool;
+
+const {:existential true} _houdini_59: bool;
+
+const {:existential true} _houdini_60: bool;
+
+const {:existential true} _houdini_61: bool;
+
+const {:existential true} _houdini_62: bool;
+
+const {:existential true} _houdini_63: bool;
+
+const {:existential true} _houdini_64: bool;
+
+const {:existential true} _houdini_65: bool;
+
+const {:existential true} _houdini_66: bool;
+
+const {:existential true} _houdini_67: bool;
+
+const {:existential true} _houdini_68: bool;
+
+const {:existential true} _houdini_69: bool;
+
+const {:existential true} _houdini_70: bool;
+
+const {:existential true} _houdini_71: bool;
+
+const {:existential true} _houdini_72: bool;
+
+const {:existential true} _houdini_73: bool;
+
+const {:existential true} _houdini_74: bool;
+
+const {:existential true} _houdini_75: bool;
+
+procedure MS_Check__v1.memcpy___v2.memcpy(_v1.a0: int, _v1.a1: int, _v1.a2: int, _v2.a0: int, _v2.a1: int, _v2.a2: int)
+ returns (_v1.ret: int, _v2.ret: int);
+ requires _houdini_48 ==> _v1.a0 <= _v2.a0;
+ requires _houdini_49 ==> _v2.a0 <= _v1.a0;
+ requires _houdini_50 ==> _v1.a1 <= _v2.a1;
+ requires _houdini_51 ==> _v2.a1 <= _v1.a1;
+ requires _houdini_52 ==> _v1.a2 <= _v2.a2;
+ requires _houdini_53 ==> _v2.a2 <= _v1.a2;
+ requires _houdini_54 ==> _v1.OK ==> _v2.OK;
+ requires _houdini_55 ==> _v2.OK ==> _v1.OK;
+ requires _houdini_56 ==> _v1.Mem == _v2.Mem;
+ requires _houdini_57 ==> _v1.alloc <= _v2.alloc;
+ requires _houdini_58 ==> _v2.alloc <= _v1.alloc;
+ requires _houdini_59 ==> _v1.Mem_T.A1CHAR == _v2.Mem_T.A1CHAR;
+ requires _houdini_60 ==> _v1.Mem_T.A5UCHAR == _v2.Mem_T.A5UCHAR;
+ requires _houdini_61 ==> _v1.Mem_T.A6UCHAR == _v2.Mem_T.A6UCHAR;
+ requires _houdini_62 ==> _v1.Mem_T.CHAR == _v2.Mem_T.CHAR;
+ requires _houdini_63 ==> _v1.Mem_T.INT4 == _v2.Mem_T.INT4;
+ requires _houdini_64 ==> _v1.Mem_T.PCHAR == _v2.Mem_T.PCHAR;
+ requires _houdini_65 ==> _v1.Mem_T.PUCHAR == _v2.Mem_T.PUCHAR;
+ requires _houdini_66 ==> _v1.Mem_T.PVOID == _v2.Mem_T.PVOID;
+ requires _houdini_67
+ ==> _v1.Mem_T.Pieee80211_scan_entry == _v2.Mem_T.Pieee80211_scan_entry;
+ requires _houdini_68 ==> _v1.Mem_T.UCHAR == _v2.Mem_T.UCHAR;
+ requires _houdini_69 ==> _v1.Mem_T.VOID == _v2.Mem_T.VOID;
+ requires _houdini_70 ==> _v1.Mem_T.ieee80211_scan_entry == _v2.Mem_T.ieee80211_scan_entry;
+ requires _houdini_71
+ ==> _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry
+ == _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry;
+ requires _houdini_72 ==> _v1.detChoiceCnt <= _v2.detChoiceCnt;
+ requires _houdini_73 ==> _v2.detChoiceCnt <= _v1.detChoiceCnt;
+ requires _houdini_74 ==> _v1.Res_KERNEL_SOURCE == _v2.Res_KERNEL_SOURCE;
+ requires _houdini_75 ==> _v1.Res_PROBED == _v2.Res_PROBED;
+ ensures MS$_v1.memcpy$_v2.memcpy(_v1.a0,
+ _v1.a1,
+ _v1.a2,
+ old(_v1.OK),
+ old(_v1.Mem),
+ old(_v1.alloc),
+ old(_v1.Mem_T.A1CHAR),
+ old(_v1.Mem_T.A5UCHAR),
+ old(_v1.Mem_T.A6UCHAR),
+ old(_v1.Mem_T.CHAR),
+ old(_v1.Mem_T.INT4),
+ old(_v1.Mem_T.PCHAR),
+ old(_v1.Mem_T.PUCHAR),
+ old(_v1.Mem_T.PVOID),
+ old(_v1.Mem_T.Pieee80211_scan_entry),
+ old(_v1.Mem_T.UCHAR),
+ old(_v1.Mem_T.VOID),
+ old(_v1.Mem_T.ieee80211_scan_entry),
+ old(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry),
+ old(_v1.detChoiceCnt),
+ old(_v1.Res_KERNEL_SOURCE),
+ old(_v1.Res_PROBED),
+ _v1.ret,
+ _v2.a0,
+ _v2.a1,
+ _v2.a2,
+ old(_v2.OK),
+ old(_v2.Mem),
+ old(_v2.alloc),
+ old(_v2.Mem_T.A1CHAR),
+ old(_v2.Mem_T.A5UCHAR),
+ old(_v2.Mem_T.A6UCHAR),
+ old(_v2.Mem_T.CHAR),
+ old(_v2.Mem_T.INT4),
+ old(_v2.Mem_T.PCHAR),
+ old(_v2.Mem_T.PUCHAR),
+ old(_v2.Mem_T.PVOID),
+ old(_v2.Mem_T.Pieee80211_scan_entry),
+ old(_v2.Mem_T.UCHAR),
+ old(_v2.Mem_T.VOID),
+ old(_v2.Mem_T.ieee80211_scan_entry),
+ old(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry),
+ old(_v2.detChoiceCnt),
+ old(_v2.Res_KERNEL_SOURCE),
+ old(_v2.Res_PROBED),
+ _v2.ret);
+ ensures old(_v1.a0 == _v2.a0 && _v1.a1 == _v2.a1 && _v1.a2 == _v2.a2)
+ ==> _v1.ret <= _v2.ret && _v2.ret <= _v1.ret;
+
+
+
+function {:inline true} MS$_v1.encode_ie$_v2.encode_ie(_v1.buf_.1: int,
+ _v1.bufsize_.1: int,
+ _v1.ie_.1: int,
+ _v1.ielen_.1: int,
+ _v1.leader_.1: int,
+ _v1.leader_len_.1: int,
+ _v1.OK_old: bool,
+ _v1.Mem_old: [name][int]int,
+ _v1.alloc_old: int,
+ _v1.Mem_T.A1CHAR_old: [int]int,
+ _v1.Mem_T.A5UCHAR_old: [int]int,
+ _v1.Mem_T.A6UCHAR_old: [int]int,
+ _v1.Mem_T.CHAR_old: [int]int,
+ _v1.Mem_T.INT4_old: [int]int,
+ _v1.Mem_T.PCHAR_old: [int]int,
+ _v1.Mem_T.PUCHAR_old: [int]int,
+ _v1.Mem_T.PVOID_old: [int]int,
+ _v1.Mem_T.Pieee80211_scan_entry_old: [int]int,
+ _v1.Mem_T.UCHAR_old: [int]int,
+ _v1.Mem_T.VOID_old: [int]int,
+ _v1.Mem_T.ieee80211_scan_entry_old: [int]int,
+ _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry_old: [int]int,
+ _v1.detChoiceCnt_old: int,
+ _v1.Res_KERNEL_SOURCE_old: [int]int,
+ _v1.Res_PROBED_old: [int]int,
+ _v1.OK_: bool,
+ _v1.Mem_T.UCHAR_: [int]int,
+ _v1.result.encode_ie$1: int,
+ _v2.buf_.1: int,
+ _v2.bufsize_.1: int,
+ _v2.ie_.1: int,
+ _v2.ielen_.1: int,
+ _v2.leader_.1: int,
+ _v2.leader_len_.1: int,
+ _v2.OK_old: bool,
+ _v2.Mem_old: [name][int]int,
+ _v2.alloc_old: int,
+ _v2.Mem_T.A1CHAR_old: [int]int,
+ _v2.Mem_T.A5UCHAR_old: [int]int,
+ _v2.Mem_T.A6UCHAR_old: [int]int,
+ _v2.Mem_T.CHAR_old: [int]int,
+ _v2.Mem_T.INT4_old: [int]int,
+ _v2.Mem_T.PCHAR_old: [int]int,
+ _v2.Mem_T.PUCHAR_old: [int]int,
+ _v2.Mem_T.PVOID_old: [int]int,
+ _v2.Mem_T.Pieee80211_scan_entry_old: [int]int,
+ _v2.Mem_T.UCHAR_old: [int]int,
+ _v2.Mem_T.VOID_old: [int]int,
+ _v2.Mem_T.ieee80211_scan_entry_old: [int]int,
+ _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry_old: [int]int,
+ _v2.detChoiceCnt_old: int,
+ _v2.Res_KERNEL_SOURCE_old: [int]int,
+ _v2.Res_PROBED_old: [int]int,
+ _v2.OK_: bool,
+ _v2.Mem_T.UCHAR_: [int]int,
+ _v2.result.encode_ie$1: int)
+ : bool
+{
+ true
+}
+
+const {:existential true} _houdini_76: bool;
+
+const {:existential true} _houdini_77: bool;
+
+const {:existential true} _houdini_78: bool;
+
+const {:existential true} _houdini_79: bool;
+
+const {:existential true} _houdini_80: bool;
+
+const {:existential true} _houdini_81: bool;
+
+const {:existential true} _houdini_82: bool;
+
+const {:existential true} _houdini_83: bool;
+
+const {:existential true} _houdini_84: bool;
+
+const {:existential true} _houdini_85: bool;
+
+const {:existential true} _houdini_86: bool;
+
+const {:existential true} _houdini_87: bool;
+
+const {:existential true} _houdini_88: bool;
+
+const {:existential true} _houdini_89: bool;
+
+const {:existential true} _houdini_90: bool;
+
+const {:existential true} _houdini_91: bool;
+
+const {:existential true} _houdini_92: bool;
+
+const {:existential true} _houdini_93: bool;
+
+const {:existential true} _houdini_94: bool;
+
+const {:existential true} _houdini_95: bool;
+
+const {:existential true} _houdini_96: bool;
+
+const {:existential true} _houdini_97: bool;
+
+const {:existential true} _houdini_98: bool;
+
+const {:existential true} _houdini_99: bool;
+
+const {:existential true} _houdini_100: bool;
+
+const {:existential true} _houdini_101: bool;
+
+const {:existential true} _houdini_102: bool;
+
+const {:existential true} _houdini_103: bool;
+
+const {:existential true} _houdini_104: bool;
+
+const {:existential true} _houdini_105: bool;
+
+const {:existential true} _houdini_106: bool;
+
+const {:existential true} _houdini_107: bool;
+
+const {:existential true} _houdini_108: bool;
+
+const {:existential true} _houdini_109: bool;
+
+const {:existential true} _houdini_110: bool;
+
+const {:existential true} _houdini_111: bool;
+
+const {:existential true} _houdini_112: bool;
+
+const {:existential true} _houdini_113: bool;
+
+const {:existential true} _houdini_114: bool;
+
+procedure MS_Check__v1.encode_ie___v2.encode_ie(_v1.buf_.1: int,
+ _v1.bufsize_.1: int,
+ _v1.ie_.1: int,
+ _v1.ielen_.1: int,
+ _v1.leader_.1: int,
+ _v1.leader_len_.1: int,
+ _v2.buf_.1: int,
+ _v2.bufsize_.1: int,
+ _v2.ie_.1: int,
+ _v2.ielen_.1: int,
+ _v2.leader_.1: int,
+ _v2.leader_len_.1: int)
+ returns (_v1.result.encode_ie$1: int, _v2.result.encode_ie$1: int);
+ requires _houdini_81 ==> _v1.buf_.1 <= _v2.buf_.1;
+ requires _houdini_82 ==> _v2.buf_.1 <= _v1.buf_.1;
+ requires _houdini_83 ==> _v1.bufsize_.1 <= _v2.bufsize_.1;
+ requires _houdini_84 ==> _v2.bufsize_.1 <= _v1.bufsize_.1;
+ requires _houdini_85 ==> _v1.ie_.1 <= _v2.ie_.1;
+ requires _houdini_86 ==> _v2.ie_.1 <= _v1.ie_.1;
+ requires _houdini_87 ==> _v1.ielen_.1 <= _v2.ielen_.1;
+ requires _houdini_88 ==> _v2.ielen_.1 <= _v1.ielen_.1;
+ requires _houdini_89 ==> _v1.leader_.1 <= _v2.leader_.1;
+ requires _houdini_90 ==> _v2.leader_.1 <= _v1.leader_.1;
+ requires _houdini_91 ==> _v1.leader_len_.1 <= _v2.leader_len_.1;
+ requires _houdini_92 ==> _v2.leader_len_.1 <= _v1.leader_len_.1;
+ requires _houdini_93 ==> _v1.OK ==> _v2.OK;
+ requires _houdini_94 ==> _v2.OK ==> _v1.OK;
+ requires _houdini_95 ==> _v1.Mem == _v2.Mem;
+ requires _houdini_96 ==> _v1.alloc <= _v2.alloc;
+ requires _houdini_97 ==> _v2.alloc <= _v1.alloc;
+ requires _houdini_98 ==> _v1.Mem_T.A1CHAR == _v2.Mem_T.A1CHAR;
+ requires _houdini_99 ==> _v1.Mem_T.A5UCHAR == _v2.Mem_T.A5UCHAR;
+ requires _houdini_100 ==> _v1.Mem_T.A6UCHAR == _v2.Mem_T.A6UCHAR;
+ requires _houdini_101 ==> _v1.Mem_T.CHAR == _v2.Mem_T.CHAR;
+ requires _houdini_102 ==> _v1.Mem_T.INT4 == _v2.Mem_T.INT4;
+ requires _houdini_103 ==> _v1.Mem_T.PCHAR == _v2.Mem_T.PCHAR;
+ requires _houdini_104 ==> _v1.Mem_T.PUCHAR == _v2.Mem_T.PUCHAR;
+ requires _houdini_105 ==> _v1.Mem_T.PVOID == _v2.Mem_T.PVOID;
+ requires _houdini_106
+ ==> _v1.Mem_T.Pieee80211_scan_entry == _v2.Mem_T.Pieee80211_scan_entry;
+ requires _houdini_107 ==> _v1.Mem_T.UCHAR == _v2.Mem_T.UCHAR;
+ requires _houdini_108 ==> _v1.Mem_T.VOID == _v2.Mem_T.VOID;
+ requires _houdini_109
+ ==> _v1.Mem_T.ieee80211_scan_entry == _v2.Mem_T.ieee80211_scan_entry;
+ requires _houdini_110
+ ==> _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry
+ == _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry;
+ requires _houdini_111 ==> _v1.detChoiceCnt <= _v2.detChoiceCnt;
+ requires _houdini_112 ==> _v2.detChoiceCnt <= _v1.detChoiceCnt;
+ requires _houdini_113 ==> _v1.Res_KERNEL_SOURCE == _v2.Res_KERNEL_SOURCE;
+ requires _houdini_114 ==> _v1.Res_PROBED == _v2.Res_PROBED;
+ modifies _v1.OK, _v1.Mem_T.UCHAR, _v2.OK, _v2.Mem_T.UCHAR;
+ ensures MS$_v1.encode_ie$_v2.encode_ie(_v1.buf_.1,
+ _v1.bufsize_.1,
+ _v1.ie_.1,
+ _v1.ielen_.1,
+ _v1.leader_.1,
+ _v1.leader_len_.1,
+ old(_v1.OK),
+ old(_v1.Mem),
+ old(_v1.alloc),
+ old(_v1.Mem_T.A1CHAR),
+ old(_v1.Mem_T.A5UCHAR),
+ old(_v1.Mem_T.A6UCHAR),
+ old(_v1.Mem_T.CHAR),
+ old(_v1.Mem_T.INT4),
+ old(_v1.Mem_T.PCHAR),
+ old(_v1.Mem_T.PUCHAR),
+ old(_v1.Mem_T.PVOID),
+ old(_v1.Mem_T.Pieee80211_scan_entry),
+ old(_v1.Mem_T.UCHAR),
+ old(_v1.Mem_T.VOID),
+ old(_v1.Mem_T.ieee80211_scan_entry),
+ old(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry),
+ old(_v1.detChoiceCnt),
+ old(_v1.Res_KERNEL_SOURCE),
+ old(_v1.Res_PROBED),
+ _v1.OK,
+ _v1.Mem_T.UCHAR,
+ _v1.result.encode_ie$1,
+ _v2.buf_.1,
+ _v2.bufsize_.1,
+ _v2.ie_.1,
+ _v2.ielen_.1,
+ _v2.leader_.1,
+ _v2.leader_len_.1,
+ old(_v2.OK),
+ old(_v2.Mem),
+ old(_v2.alloc),
+ old(_v2.Mem_T.A1CHAR),
+ old(_v2.Mem_T.A5UCHAR),
+ old(_v2.Mem_T.A6UCHAR),
+ old(_v2.Mem_T.CHAR),
+ old(_v2.Mem_T.INT4),
+ old(_v2.Mem_T.PCHAR),
+ old(_v2.Mem_T.PUCHAR),
+ old(_v2.Mem_T.PVOID),
+ old(_v2.Mem_T.Pieee80211_scan_entry),
+ old(_v2.Mem_T.UCHAR),
+ old(_v2.Mem_T.VOID),
+ old(_v2.Mem_T.ieee80211_scan_entry),
+ old(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry),
+ old(_v2.detChoiceCnt),
+ old(_v2.Res_KERNEL_SOURCE),
+ old(_v2.Res_PROBED),
+ _v2.OK,
+ _v2.Mem_T.UCHAR,
+ _v2.result.encode_ie$1);
+ ensures _houdini_76 ==> _v1.result.encode_ie$1 <= _v2.result.encode_ie$1;
+ ensures _houdini_77 ==> _v2.result.encode_ie$1 <= _v1.result.encode_ie$1;
+ ensures _houdini_78 ==> _v1.OK ==> _v2.OK;
+ ensures _houdini_79 ==> _v2.OK ==> _v1.OK;
+ ensures _houdini_80 ==> _v1.Mem_T.UCHAR == _v2.Mem_T.UCHAR;
+
+
+
+implementation MS_Check__v1.encode_ie___v2.encode_ie(_v1.buf_.1: int,
+ _v1.bufsize_.1: int,
+ _v1.ie_.1: int,
+ _v1.ielen_.1: int,
+ _v1.leader_.1: int,
+ _v1.leader_len_.1: int,
+ _v2.buf_.1: int,
+ _v2.bufsize_.1: int,
+ _v2.ie_.1: int,
+ _v2.ielen_.1: int,
+ _v2.leader_.1: int,
+ _v2.leader_len_.1: int)
+ returns (_v1.result.encode_ie$1: int, _v2.result.encode_ie$1: int)
+{
+ var inline$_v1.encode_ie$0$havoc_stringTemp: int;
+ var inline$_v1.encode_ie$0$condVal: int;
+ var inline$_v1.encode_ie$0$buf: int;
+ var inline$_v1.encode_ie$0$bufsize: int;
+ var inline$_v1.encode_ie$0$i: int;
+ var inline$_v1.encode_ie$0$ie: int;
+ var inline$_v1.encode_ie$0$ielen: int;
+ var inline$_v1.encode_ie$0$leader: int;
+ var inline$_v1.encode_ie$0$leader_len: int;
+ var inline$_v1.encode_ie$0$p: int;
+ var inline$_v1.encode_ie$0$result.memcpy$2: int;
+ var inline$_v1.encode_ie$0$$result.question.3.$$static$: int;
+ var inline$_v1.encode_ie$0$tempBoogie0: int;
+ var inline$_v1.encode_ie$0$tempBoogie1: int;
+ var inline$_v1.encode_ie$0$tempBoogie2: int;
+ var inline$_v1.encode_ie$0$tempBoogie3: int;
+ var inline$_v1.encode_ie$0$tempBoogie4: int;
+ var inline$_v1.encode_ie$0$tempBoogie5: int;
+ var inline$_v1.encode_ie$0$tempBoogie6: int;
+ var inline$_v1.encode_ie$0$tempBoogie7: int;
+ var inline$_v1.encode_ie$0$tempBoogie8: int;
+ var inline$_v1.encode_ie$0$tempBoogie9: int;
+ var inline$_v1.encode_ie$0$tempBoogie10: int;
+ var inline$_v1.encode_ie$0$tempBoogie11: int;
+ var inline$_v1.encode_ie$0$tempBoogie12: int;
+ var inline$_v1.encode_ie$0$tempBoogie13: int;
+ var inline$_v1.encode_ie$0$tempBoogie14: int;
+ var inline$_v1.encode_ie$0$tempBoogie15: int;
+ var inline$_v1.encode_ie$0$tempBoogie16: int;
+ var inline$_v1.encode_ie$0$tempBoogie17: int;
+ var inline$_v1.encode_ie$0$tempBoogie18: int;
+ var inline$_v1.encode_ie$0$tempBoogie19: int;
+ var inline$_v1.encode_ie$0$__havoc_dummy_return: int;
+ var inline$_v1.encode_ie$0$buf_.1: int;
+ var inline$_v1.encode_ie$0$bufsize_.1: int;
+ var inline$_v1.encode_ie$0$ie_.1: int;
+ var inline$_v1.encode_ie$0$ielen_.1: int;
+ var inline$_v1.encode_ie$0$leader_.1: int;
+ var inline$_v1.encode_ie$0$leader_len_.1: int;
+ var inline$_v1.encode_ie$0$result.encode_ie$1: int;
+ var inline$_v1.encode_ie$0$_v1.OK: bool;
+ var inline$_v1.encode_ie$0$_v1.Mem_T.UCHAR: [int]int;
+ var inline$_v2.encode_ie$0$havoc_stringTemp: int;
+ var inline$_v2.encode_ie$0$condVal: int;
+ var inline$_v2.encode_ie$0$buf: int;
+ var inline$_v2.encode_ie$0$bufsize: int;
+ var inline$_v2.encode_ie$0$i: int;
+ var inline$_v2.encode_ie$0$ie: int;
+ var inline$_v2.encode_ie$0$ielen: int;
+ var inline$_v2.encode_ie$0$leader: int;
+ var inline$_v2.encode_ie$0$leader_len: int;
+ var inline$_v2.encode_ie$0$p: int;
+ var inline$_v2.encode_ie$0$result.memcpy$2: int;
+ var inline$_v2.encode_ie$0$$result.question.3.$$static$: int;
+ var inline$_v2.encode_ie$0$tempBoogie0: int;
+ var inline$_v2.encode_ie$0$tempBoogie1: int;
+ var inline$_v2.encode_ie$0$tempBoogie2: int;
+ var inline$_v2.encode_ie$0$tempBoogie3: int;
+ var inline$_v2.encode_ie$0$tempBoogie4: int;
+ var inline$_v2.encode_ie$0$tempBoogie5: int;
+ var inline$_v2.encode_ie$0$tempBoogie6: int;
+ var inline$_v2.encode_ie$0$tempBoogie7: int;
+ var inline$_v2.encode_ie$0$tempBoogie8: int;
+ var inline$_v2.encode_ie$0$tempBoogie9: int;
+ var inline$_v2.encode_ie$0$tempBoogie10: int;
+ var inline$_v2.encode_ie$0$tempBoogie11: int;
+ var inline$_v2.encode_ie$0$tempBoogie12: int;
+ var inline$_v2.encode_ie$0$tempBoogie13: int;
+ var inline$_v2.encode_ie$0$tempBoogie14: int;
+ var inline$_v2.encode_ie$0$tempBoogie15: int;
+ var inline$_v2.encode_ie$0$tempBoogie16: int;
+ var inline$_v2.encode_ie$0$tempBoogie17: int;
+ var inline$_v2.encode_ie$0$tempBoogie18: int;
+ var inline$_v2.encode_ie$0$tempBoogie19: int;
+ var inline$_v2.encode_ie$0$__havoc_dummy_return: int;
+ var inline$_v2.encode_ie$0$buf_.1: int;
+ var inline$_v2.encode_ie$0$bufsize_.1: int;
+ var inline$_v2.encode_ie$0$ie_.1: int;
+ var inline$_v2.encode_ie$0$ielen_.1: int;
+ var inline$_v2.encode_ie$0$leader_.1: int;
+ var inline$_v2.encode_ie$0$leader_len_.1: int;
+ var inline$_v2.encode_ie$0$result.encode_ie$1: int;
+ var inline$_v2.encode_ie$0$_v2.OK: bool;
+ var inline$_v2.encode_ie$0$_v2.Mem_T.UCHAR: [int]int;
+ var _v1.memcpy_1_done: bool;
+ var _v1.memcpy_in_1_0: int;
+ var _v1.memcpy_in_1_1: int;
+ var _v1.memcpy_in_1_2: int;
+ var _v1.memcpy_in_1_3: bool;
+ var _v1.memcpy_in_1_4: [int]int;
+ var _v1.memcpy_out_1_0: int;
+ var _v1.encode_ie_loop_label_14_head_2_done: bool;
+ var _v1.encode_ie_loop_label_14_head_in_2_0: int;
+ var _v1.encode_ie_loop_label_14_head_in_2_1: int;
+ var _v1.encode_ie_loop_label_14_head_in_2_2: int;
+ var _v1.encode_ie_loop_label_14_head_in_2_3: int;
+ var _v1.encode_ie_loop_label_14_head_in_2_4: int;
+ var _v1.encode_ie_loop_label_14_head_in_2_5: bool;
+ var _v1.encode_ie_loop_label_14_head_in_2_6: [int]int;
+ var _v1.encode_ie_loop_label_14_head_out_2_0: int;
+ var _v1.encode_ie_loop_label_14_head_out_2_1: int;
+ var _v1.encode_ie_loop_label_14_head_out_2_2: int;
+ var _v1.encode_ie_loop_label_14_head_out_2_3: [int]int;
+ var _v1.encode_ie_loop_label_14_head_out_2_4: bool;
+ var _v2.memcpy_3_done: bool;
+ var _v2.memcpy_in_3_0: int;
+ var _v2.memcpy_in_3_1: int;
+ var _v2.memcpy_in_3_2: int;
+ var _v2.memcpy_in_3_3: bool;
+ var _v2.memcpy_in_3_4: [int]int;
+ var _v2.memcpy_out_3_0: int;
+ var _v2.encode_ie_loop_label_14_head_4_done: bool;
+ var _v2.encode_ie_loop_label_14_head_in_4_0: int;
+ var _v2.encode_ie_loop_label_14_head_in_4_1: int;
+ var _v2.encode_ie_loop_label_14_head_in_4_2: int;
+ var _v2.encode_ie_loop_label_14_head_in_4_3: int;
+ var _v2.encode_ie_loop_label_14_head_in_4_4: int;
+ var _v2.encode_ie_loop_label_14_head_in_4_5: bool;
+ var _v2.encode_ie_loop_label_14_head_in_4_6: [int]int;
+ var _v2.encode_ie_loop_label_14_head_out_4_0: int;
+ var _v2.encode_ie_loop_label_14_head_out_4_1: int;
+ var _v2.encode_ie_loop_label_14_head_out_4_2: int;
+ var _v2.encode_ie_loop_label_14_head_out_4_3: int;
+ var _v2.encode_ie_loop_label_14_head_out_4_4: [int]int;
+ var _v2.encode_ie_loop_label_14_head_out_4_5: bool;
+ var store__0__v1.OK: bool;
+ var store__0__v1.Mem_T.UCHAR: [int]int;
+ var store__0__v2.OK: bool;
+ var store__0__v2.Mem_T.UCHAR: [int]int;
+ var out__v1.memcpy_out_1_0_0: int;
+ var out__v2.memcpy_out_3_0_0: int;
+ var store__1__v1.OK: bool;
+ var store__1__v1.Mem_T.UCHAR: [int]int;
+ var store__1__v2.OK: bool;
+ var store__1__v2.Mem_T.UCHAR: [int]int;
+ var out__v1.encode_ie_loop_label_14_head_out_2_0_1: int;
+ var out__v1.encode_ie_loop_label_14_head_out_2_1_1: int;
+ var out__v1.encode_ie_loop_label_14_head_out_2_2_1: int;
+ var out__v2.encode_ie_loop_label_14_head_out_4_0_1: int;
+ var out__v2.encode_ie_loop_label_14_head_out_4_1_1: int;
+ var out__v2.encode_ie_loop_label_14_head_out_4_2_1: int;
+ var out__v2.encode_ie_loop_label_14_head_out_4_3_1: int;
+
+ START:
+ _v1.memcpy_1_done, _v1.encode_ie_loop_label_14_head_2_done, _v2.memcpy_3_done, _v2.encode_ie_loop_label_14_head_4_done := false, false, false, false;
+ goto inline$_v1.encode_ie$0$Entry;
+
+ inline$_v1.encode_ie$0$Entry:
+ inline$_v1.encode_ie$0$buf_.1 := _v1.buf_.1;
+ inline$_v1.encode_ie$0$bufsize_.1 := _v1.bufsize_.1;
+ inline$_v1.encode_ie$0$ie_.1 := _v1.ie_.1;
+ inline$_v1.encode_ie$0$ielen_.1 := _v1.ielen_.1;
+ inline$_v1.encode_ie$0$leader_.1 := _v1.leader_.1;
+ inline$_v1.encode_ie$0$leader_len_.1 := _v1.leader_len_.1;
+ havoc inline$_v1.encode_ie$0$havoc_stringTemp, inline$_v1.encode_ie$0$condVal, inline$_v1.encode_ie$0$buf, inline$_v1.encode_ie$0$bufsize, inline$_v1.encode_ie$0$i, inline$_v1.encode_ie$0$ie, inline$_v1.encode_ie$0$ielen, inline$_v1.encode_ie$0$leader, inline$_v1.encode_ie$0$leader_len, inline$_v1.encode_ie$0$p, inline$_v1.encode_ie$0$result.memcpy$2, inline$_v1.encode_ie$0$$result.question.3.$$static$, inline$_v1.encode_ie$0$tempBoogie0, inline$_v1.encode_ie$0$tempBoogie1, inline$_v1.encode_ie$0$tempBoogie2, inline$_v1.encode_ie$0$tempBoogie3, inline$_v1.encode_ie$0$tempBoogie4, inline$_v1.encode_ie$0$tempBoogie5, inline$_v1.encode_ie$0$tempBoogie6, inline$_v1.encode_ie$0$tempBoogie7, inline$_v1.encode_ie$0$tempBoogie8, inline$_v1.encode_ie$0$tempBoogie9, inline$_v1.encode_ie$0$tempBoogie10, inline$_v1.encode_ie$0$tempBoogie11, inline$_v1.encode_ie$0$tempBoogie12, inline$_v1.encode_ie$0$tempBoogie13, inline$_v1.encode_ie$0$tempBoogie14, inline$_v1.encode_ie$0$tempBoogie15, inline$_v1.encode_ie$0$tempBoogie16, inline$_v1.encode_ie$0$tempBoogie17, inline$_v1.encode_ie$0$tempBoogie18, inline$_v1.encode_ie$0$tempBoogie19, inline$_v1.encode_ie$0$__havoc_dummy_return, inline$_v1.encode_ie$0$result.encode_ie$1;
+ inline$_v1.encode_ie$0$_v1.OK := _v1.OK;
+ inline$_v1.encode_ie$0$_v1.Mem_T.UCHAR := _v1.Mem_T.UCHAR;
+ goto inline$_v1.encode_ie$0$anon0#2;
+
+ inline$_v1.encode_ie$0$anon0#2:
+ inline$_v1.encode_ie$0$havoc_stringTemp := 0;
+ goto inline$_v1.encode_ie$0$start#2;
+
+ inline$_v1.encode_ie$0$start#2:
+ assume _v2.INT_LT(inline$_v1.encode_ie$0$buf_.1, _v1.alloc);
+ assume _v2.INT_LT(inline$_v1.encode_ie$0$ie_.1, _v1.alloc);
+ assume _v2.INT_LT(inline$_v1.encode_ie$0$leader_.1, _v1.alloc);
+ inline$_v1.encode_ie$0$buf := 0;
+ assume _v2.INT_GEQ(inline$_v1.encode_ie$0$buf_.1, 0);
+ inline$_v1.encode_ie$0$bufsize := 0;
+ inline$_v1.encode_ie$0$i := 0;
+ inline$_v1.encode_ie$0$ie := 0;
+ assume _v2.INT_GEQ(inline$_v1.encode_ie$0$ie_.1, 0);
+ inline$_v1.encode_ie$0$ielen := 0;
+ inline$_v1.encode_ie$0$leader := 0;
+ assume _v2.INT_GEQ(inline$_v1.encode_ie$0$leader_.1, 0);
+ inline$_v1.encode_ie$0$leader_len := 0;
+ inline$_v1.encode_ie$0$p := 0;
+ inline$_v1.encode_ie$0$result.encode_ie$1 := 0;
+ inline$_v1.encode_ie$0$result.memcpy$2 := 0;
+ inline$_v1.encode_ie$0$$result.question.3.$$static$ := 0;
+ inline$_v1.encode_ie$0$buf := inline$_v1.encode_ie$0$buf_.1;
+ inline$_v1.encode_ie$0$bufsize := inline$_v1.encode_ie$0$bufsize_.1;
+ inline$_v1.encode_ie$0$ie := inline$_v1.encode_ie$0$ie_.1;
+ inline$_v1.encode_ie$0$ielen := inline$_v1.encode_ie$0$ielen_.1;
+ inline$_v1.encode_ie$0$leader := inline$_v1.encode_ie$0$leader_.1;
+ inline$_v1.encode_ie$0$leader_len := inline$_v1.encode_ie$0$leader_len_.1;
+ goto inline$_v1.encode_ie$0$label_3#2;
+
+ inline$_v1.encode_ie$0$label_3#2:
+ _v1.OK := _v1.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 9} true;
+ goto inline$_v1.encode_ie$0$label_4#2;
+
+ inline$_v1.encode_ie$0$label_4#2:
+ _v1.OK := _v1.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 10} true;
+ goto inline$_v1.encode_ie$0$label_5#2;
+
+ inline$_v1.encode_ie$0$label_5#2:
+ _v1.OK := _v1.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 13} true;
+ goto inline$_v1.encode_ie$0$label_5_true#2, inline$_v1.encode_ie$0$label_5_false#2;
+
+ inline$_v1.encode_ie$0$label_5_false#2:
+ assume !_v2.INT_LT(inline$_v1.encode_ie$0$bufsize, inline$_v1.encode_ie$0$leader_len);
+ assume _v2.value_is(_v1.__ctobpl_const_1, inline$_v1.encode_ie$0$bufsize);
+ assume _v2.value_is(_v1.__ctobpl_const_2, inline$_v1.encode_ie$0$leader_len);
+ goto inline$_v1.encode_ie$0$label_6#2;
+
+ inline$_v1.encode_ie$0$label_6#2:
+ _v1.OK := _v1.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 15} true;
+ inline$_v1.encode_ie$0$p := inline$_v1.encode_ie$0$buf;
+ assume _v2.value_is(_v1.__ctobpl_const_3, inline$_v1.encode_ie$0$p);
+ assume _v2.value_is(_v1.__ctobpl_const_4, inline$_v1.encode_ie$0$buf);
+ goto inline$_v1.encode_ie$0$label_8#2;
+
+ inline$_v1.encode_ie$0$label_8#2:
+ _v1.OK := _v1.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 16} true;
+ _v1.memcpy_in_1_0, _v1.memcpy_in_1_1, _v1.memcpy_in_1_2, _v1.memcpy_in_1_3, _v1.memcpy_in_1_4 := inline$_v1.encode_ie$0$p, inline$_v1.encode_ie$0$leader, inline$_v1.encode_ie$0$leader_len, _v1.OK, _v1.Mem_T.UCHAR;
+ call inline$_v1.encode_ie$0$result.memcpy$2 := _v1.memcpy(inline$_v1.encode_ie$0$p, inline$_v1.encode_ie$0$leader, inline$_v1.encode_ie$0$leader_len);
+ _v1.memcpy_1_done := true;
+ _v1.memcpy_out_1_0 := inline$_v1.encode_ie$0$result.memcpy$2;
+ assume _v2.value_is(_v1.__ctobpl_const_5, inline$_v1.encode_ie$0$p);
+ assume _v2.value_is(_v1.__ctobpl_const_6, inline$_v1.encode_ie$0$leader);
+ assume _v2.value_is(_v1.__ctobpl_const_7, inline$_v1.encode_ie$0$leader_len);
+ assume _v2.value_is(_v1.__ctobpl_const_8, inline$_v1.encode_ie$0$p);
+ assume _v2.value_is(_v1.__ctobpl_const_9, inline$_v1.encode_ie$0$leader);
+ assume _v2.value_is(_v1.__ctobpl_const_10, inline$_v1.encode_ie$0$leader_len);
+ goto inline$_v1.encode_ie$0$label_11#2;
+
+ inline$_v1.encode_ie$0$label_11#2:
+ _v1.OK := _v1.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 17} true;
+ havoc inline$_v1.encode_ie$0$tempBoogie0;
+ assume _v2.INT_MINUS_BOTH_PTR_OR_BOTH_INT(inline$_v1.encode_ie$0$bufsize, inline$_v1.encode_ie$0$leader_len, 1, inline$_v1.encode_ie$0$tempBoogie0);
+ inline$_v1.encode_ie$0$bufsize := inline$_v1.encode_ie$0$tempBoogie0;
+ assume _v2.value_is(_v1.__ctobpl_const_11, inline$_v1.encode_ie$0$bufsize);
+ assume _v2.value_is(_v1.__ctobpl_const_12, inline$_v1.encode_ie$0$leader_len);
+ goto inline$_v1.encode_ie$0$label_12#2;
+
+ inline$_v1.encode_ie$0$label_12#2:
+ _v1.OK := _v1.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 18} true;
+ inline$_v1.encode_ie$0$tempBoogie0 := _v2.INT_PLUS(inline$_v1.encode_ie$0$p, 1, inline$_v1.encode_ie$0$leader_len);
+ inline$_v1.encode_ie$0$p := inline$_v1.encode_ie$0$tempBoogie0;
+ assume _v2.value_is(_v1.__ctobpl_const_13, inline$_v1.encode_ie$0$p);
+ assume _v2.value_is(_v1.__ctobpl_const_14, inline$_v1.encode_ie$0$leader_len);
+ goto inline$_v1.encode_ie$0$label_13#2;
+
+ inline$_v1.encode_ie$0$label_13#2:
+ _v1.OK := _v1.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 20} true;
+ inline$_v1.encode_ie$0$i := 0;
+ assume _v2.value_is(_v1.__ctobpl_const_15, inline$_v1.encode_ie$0$i);
+ goto inline$_v1.encode_ie$0$label_14#2;
+
+ inline$_v1.encode_ie$0$label_14#2:
+ _v1.OK := _v1.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 20} true;
+ goto inline$_v1.encode_ie$0$label_14_head#2;
+
+ inline$_v1.encode_ie$0$label_14_head#2:
+ _v1.encode_ie_loop_label_14_head_in_2_0, _v1.encode_ie_loop_label_14_head_in_2_1, _v1.encode_ie_loop_label_14_head_in_2_2, _v1.encode_ie_loop_label_14_head_in_2_3, _v1.encode_ie_loop_label_14_head_in_2_4, _v1.encode_ie_loop_label_14_head_in_2_5, _v1.encode_ie_loop_label_14_head_in_2_6 := inline$_v1.encode_ie$0$bufsize, inline$_v1.encode_ie$0$i, inline$_v1.encode_ie$0$ielen, inline$_v1.encode_ie$0$p, inline$_v1.encode_ie$0$tempBoogie0, _v1.OK, _v1.Mem_T.UCHAR;
+ call inline$_v1.encode_ie$0$i, inline$_v1.encode_ie$0$p, inline$_v1.encode_ie$0$tempBoogie0 := _v1.encode_ie_loop_label_14_head(inline$_v1.encode_ie$0$bufsize, inline$_v1.encode_ie$0$i, inline$_v1.encode_ie$0$ielen, inline$_v1.encode_ie$0$p, inline$_v1.encode_ie$0$tempBoogie0);
+ _v1.encode_ie_loop_label_14_head_2_done := true;
+ _v1.encode_ie_loop_label_14_head_out_2_0, _v1.encode_ie_loop_label_14_head_out_2_1, _v1.encode_ie_loop_label_14_head_out_2_2, _v1.encode_ie_loop_label_14_head_out_2_3, _v1.encode_ie_loop_label_14_head_out_2_4 := inline$_v1.encode_ie$0$i, inline$_v1.encode_ie$0$p, inline$_v1.encode_ie$0$tempBoogie0, _v1.Mem_T.UCHAR, _v1.OK;
+ goto inline$_v1.encode_ie$0$label_14_head_last#2;
+
+ inline$_v1.encode_ie$0$label_14_head_last#2:
+ goto inline$_v1.encode_ie$0$label_14_true#2, inline$_v1.encode_ie$0$label_14_false#2;
+
+ inline$_v1.encode_ie$0$label_14_false#2:
+ assume !_v2.INT_LT(inline$_v1.encode_ie$0$i, inline$_v1.encode_ie$0$ielen);
+ assume _v2.value_is(_v1.__ctobpl_const_16, inline$_v1.encode_ie$0$i);
+ assume _v2.value_is(_v1.__ctobpl_const_17, inline$_v1.encode_ie$0$ielen);
+ goto inline$_v1.encode_ie$0$label_15#2;
+
+ inline$_v1.encode_ie$0$label_14_true#2:
+ assume _v2.INT_LT(inline$_v1.encode_ie$0$i, inline$_v1.encode_ie$0$ielen);
+ assume _v2.value_is(_v1.__ctobpl_const_16, inline$_v1.encode_ie$0$i);
+ assume _v2.value_is(_v1.__ctobpl_const_17, inline$_v1.encode_ie$0$ielen);
+ goto inline$_v1.encode_ie$0$label_16#2;
+
+ inline$_v1.encode_ie$0$label_16#2:
+ _v1.OK := _v1.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 20} true;
+ goto inline$_v1.encode_ie$0$label_16_true#2, inline$_v1.encode_ie$0$label_16_false#2;
+
+ inline$_v1.encode_ie$0$label_16_false#2:
+ assume !_v2.INT_LT(2, inline$_v1.encode_ie$0$bufsize);
+ assume _v2.value_is(_v1.__ctobpl_const_20, inline$_v1.encode_ie$0$bufsize);
+ goto inline$_v1.encode_ie$0$label_15#2;
+
+ inline$_v1.encode_ie$0$label_15#2:
+ _v1.OK := _v1.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 38} true;
+ goto inline$_v1.encode_ie$0$label_15_true#2, inline$_v1.encode_ie$0$label_15_false#2;
+
+ inline$_v1.encode_ie$0$label_15_false#2:
+ assume !_v2.INT_EQ(inline$_v1.encode_ie$0$i, inline$_v1.encode_ie$0$ielen);
+ assume _v2.value_is(_v1.__ctobpl_const_18, inline$_v1.encode_ie$0$i);
+ assume _v2.value_is(_v1.__ctobpl_const_19, inline$_v1.encode_ie$0$ielen);
+ goto inline$_v1.encode_ie$0$label_21#2;
+
+ inline$_v1.encode_ie$0$label_21#2:
+ _v1.OK := _v1.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 38} true;
+ inline$_v1.encode_ie$0$$result.question.3.$$static$ := 0;
+ assume _v2.value_is(_v1.__ctobpl_const_27, inline$_v1.encode_ie$0$$result.question.3.$$static$);
+ goto inline$_v1.encode_ie$0$label_23#2;
+
+ inline$_v1.encode_ie$0$label_15_true#2:
+ assume _v2.INT_EQ(inline$_v1.encode_ie$0$i, inline$_v1.encode_ie$0$ielen);
+ assume _v2.value_is(_v1.__ctobpl_const_18, inline$_v1.encode_ie$0$i);
+ assume _v2.value_is(_v1.__ctobpl_const_19, inline$_v1.encode_ie$0$ielen);
+ goto inline$_v1.encode_ie$0$label_22#2;
+
+ inline$_v1.encode_ie$0$label_22#2:
+ _v1.OK := _v1.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 38} true;
+ havoc inline$_v1.encode_ie$0$$result.question.3.$$static$;
+ assume _v2.INT_MINUS_BOTH_PTR_OR_BOTH_INT(inline$_v1.encode_ie$0$p, inline$_v1.encode_ie$0$buf, 1, inline$_v1.encode_ie$0$$result.question.3.$$static$);
+ assume _v2.value_is(_v1.__ctobpl_const_28, inline$_v1.encode_ie$0$$result.question.3.$$static$);
+ assume _v2.value_is(_v1.__ctobpl_const_29, inline$_v1.encode_ie$0$p);
+ assume _v2.value_is(_v1.__ctobpl_const_30, inline$_v1.encode_ie$0$buf);
+ goto inline$_v1.encode_ie$0$label_23#2;
+
+ inline$_v1.encode_ie$0$label_23#2:
+ _v1.OK := _v1.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 38} true;
+ inline$_v1.encode_ie$0$result.encode_ie$1 := inline$_v1.encode_ie$0$$result.question.3.$$static$;
+ assume _v2.value_is(_v1.__ctobpl_const_31, inline$_v1.encode_ie$0$$result.question.3.$$static$);
+ goto inline$_v1.encode_ie$0$label_1#2;
+
+ inline$_v1.encode_ie$0$label_16_true#2:
+ assume _v2.INT_LT(2, inline$_v1.encode_ie$0$bufsize);
+ assume _v2.value_is(_v1.__ctobpl_const_20, inline$_v1.encode_ie$0$bufsize);
+ goto inline$_v1.encode_ie$0$label_17#2;
+
+ inline$_v1.encode_ie$0$label_17#2:
+ _v1.OK := _v1.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 30} true;
+ assume _v2.INT_GEQ(inline$_v1.encode_ie$0$p, 0);
+ _v1.OK := _v1.OK && _v2.Res_VALID_REGION(inline$_v1.encode_ie$0$p) == 1;
+ assert true;
+ _v1.Mem_T.UCHAR := _v1.Mem_T.UCHAR[inline$_v1.encode_ie$0$p := 120];
+ assume _v2.value_is(_v1.__ctobpl_const_21, inline$_v1.encode_ie$0$p);
+ assume _v2.value_is(_v1.__ctobpl_const_22, _v1.Mem_T.UCHAR[inline$_v1.encode_ie$0$p]);
+ goto inline$_v1.encode_ie$0$label_18#2;
+
+ inline$_v1.encode_ie$0$label_18#2:
+ _v1.OK := _v1.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 32} true;
+ assume _v2.INT_GEQ(_v2.INT_PLUS(inline$_v1.encode_ie$0$p, 1, 1), 0);
+ _v1.OK := _v1.OK
+ && _v2.Res_VALID_REGION(_v2.INT_PLUS(inline$_v1.encode_ie$0$p, 1, 1)) == 1;
+ assert true;
+ _v1.Mem_T.UCHAR := _v1.Mem_T.UCHAR[_v2.INT_PLUS(inline$_v1.encode_ie$0$p, 1, 1) := 120];
+ assume _v2.value_is(_v1.__ctobpl_const_23, inline$_v1.encode_ie$0$p);
+ assume _v2.value_is(_v1.__ctobpl_const_24,
+ _v1.Mem_T.UCHAR[_v2.INT_PLUS(inline$_v1.encode_ie$0$p, 1, 1)]);
+ goto inline$_v1.encode_ie$0$label_19#2;
+
+ inline$_v1.encode_ie$0$label_19#2:
+ _v1.OK := _v1.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 33} true;
+ inline$_v1.encode_ie$0$tempBoogie0 := _v2.INT_PLUS(inline$_v1.encode_ie$0$p, 1, 2);
+ inline$_v1.encode_ie$0$p := inline$_v1.encode_ie$0$tempBoogie0;
+ assume _v2.value_is(_v1.__ctobpl_const_25, inline$_v1.encode_ie$0$p);
+ goto inline$_v1.encode_ie$0$label_20#2;
+
+ inline$_v1.encode_ie$0$label_20#2:
+ _v1.OK := _v1.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 20} true;
+ assume _v2.value_is(_v1.__ctobpl_const_26, inline$_v1.encode_ie$0$i);
+ inline$_v1.encode_ie$0$i := _v2.INT_PLUS(inline$_v1.encode_ie$0$i, 1, 1);
+ goto inline$_v1.encode_ie$0$label_20_dummy#2;
+
+ inline$_v1.encode_ie$0$label_20_dummy#2:
+ assume false;
+ goto inline$_v1.encode_ie$0$Return;
+
+ inline$_v1.encode_ie$0$label_5_true#2:
+ assume _v2.INT_LT(inline$_v1.encode_ie$0$bufsize, inline$_v1.encode_ie$0$leader_len);
+ assume _v2.value_is(_v1.__ctobpl_const_1, inline$_v1.encode_ie$0$bufsize);
+ assume _v2.value_is(_v1.__ctobpl_const_2, inline$_v1.encode_ie$0$leader_len);
+ goto inline$_v1.encode_ie$0$label_7#2;
+
+ inline$_v1.encode_ie$0$label_7#2:
+ _v1.OK := _v1.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 14} true;
+ inline$_v1.encode_ie$0$result.encode_ie$1 := 0;
+ goto inline$_v1.encode_ie$0$label_1#2;
+
+ inline$_v1.encode_ie$0$label_1#2:
+ _v1.OK := _v1.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 39} true;
+ goto inline$_v1.encode_ie$0$Return;
+
+ inline$_v1.encode_ie$0$Return:
+ assume true;
+ _v1.result.encode_ie$1 := inline$_v1.encode_ie$0$result.encode_ie$1;
+ goto START$1;
+
+ START$1:
+ goto inline$_v2.encode_ie$0$Entry;
+
+ inline$_v2.encode_ie$0$Entry:
+ inline$_v2.encode_ie$0$buf_.1 := _v2.buf_.1;
+ inline$_v2.encode_ie$0$bufsize_.1 := _v2.bufsize_.1;
+ inline$_v2.encode_ie$0$ie_.1 := _v2.ie_.1;
+ inline$_v2.encode_ie$0$ielen_.1 := _v2.ielen_.1;
+ inline$_v2.encode_ie$0$leader_.1 := _v2.leader_.1;
+ inline$_v2.encode_ie$0$leader_len_.1 := _v2.leader_len_.1;
+ havoc inline$_v2.encode_ie$0$havoc_stringTemp, inline$_v2.encode_ie$0$condVal, inline$_v2.encode_ie$0$buf, inline$_v2.encode_ie$0$bufsize, inline$_v2.encode_ie$0$i, inline$_v2.encode_ie$0$ie, inline$_v2.encode_ie$0$ielen, inline$_v2.encode_ie$0$leader, inline$_v2.encode_ie$0$leader_len, inline$_v2.encode_ie$0$p, inline$_v2.encode_ie$0$result.memcpy$2, inline$_v2.encode_ie$0$$result.question.3.$$static$, inline$_v2.encode_ie$0$tempBoogie0, inline$_v2.encode_ie$0$tempBoogie1, inline$_v2.encode_ie$0$tempBoogie2, inline$_v2.encode_ie$0$tempBoogie3, inline$_v2.encode_ie$0$tempBoogie4, inline$_v2.encode_ie$0$tempBoogie5, inline$_v2.encode_ie$0$tempBoogie6, inline$_v2.encode_ie$0$tempBoogie7, inline$_v2.encode_ie$0$tempBoogie8, inline$_v2.encode_ie$0$tempBoogie9, inline$_v2.encode_ie$0$tempBoogie10, inline$_v2.encode_ie$0$tempBoogie11, inline$_v2.encode_ie$0$tempBoogie12, inline$_v2.encode_ie$0$tempBoogie13, inline$_v2.encode_ie$0$tempBoogie14, inline$_v2.encode_ie$0$tempBoogie15, inline$_v2.encode_ie$0$tempBoogie16, inline$_v2.encode_ie$0$tempBoogie17, inline$_v2.encode_ie$0$tempBoogie18, inline$_v2.encode_ie$0$tempBoogie19, inline$_v2.encode_ie$0$__havoc_dummy_return, inline$_v2.encode_ie$0$result.encode_ie$1;
+ inline$_v2.encode_ie$0$_v2.OK := _v2.OK;
+ inline$_v2.encode_ie$0$_v2.Mem_T.UCHAR := _v2.Mem_T.UCHAR;
+ goto inline$_v2.encode_ie$0$anon0#2;
+
+ inline$_v2.encode_ie$0$anon0#2:
+ inline$_v2.encode_ie$0$havoc_stringTemp := 0;
+ goto inline$_v2.encode_ie$0$start#2;
+
+ inline$_v2.encode_ie$0$start#2:
+ assume _v2.INT_LT(inline$_v2.encode_ie$0$buf_.1, _v2.alloc);
+ assume _v2.INT_LT(inline$_v2.encode_ie$0$ie_.1, _v2.alloc);
+ assume _v2.INT_LT(inline$_v2.encode_ie$0$leader_.1, _v2.alloc);
+ inline$_v2.encode_ie$0$buf := 0;
+ assume _v2.INT_GEQ(inline$_v2.encode_ie$0$buf_.1, 0);
+ inline$_v2.encode_ie$0$bufsize := 0;
+ inline$_v2.encode_ie$0$i := 0;
+ inline$_v2.encode_ie$0$ie := 0;
+ assume _v2.INT_GEQ(inline$_v2.encode_ie$0$ie_.1, 0);
+ inline$_v2.encode_ie$0$ielen := 0;
+ inline$_v2.encode_ie$0$leader := 0;
+ assume _v2.INT_GEQ(inline$_v2.encode_ie$0$leader_.1, 0);
+ inline$_v2.encode_ie$0$leader_len := 0;
+ inline$_v2.encode_ie$0$p := 0;
+ inline$_v2.encode_ie$0$result.encode_ie$1 := 0;
+ inline$_v2.encode_ie$0$result.memcpy$2 := 0;
+ inline$_v2.encode_ie$0$$result.question.3.$$static$ := 0;
+ inline$_v2.encode_ie$0$buf := inline$_v2.encode_ie$0$buf_.1;
+ inline$_v2.encode_ie$0$bufsize := inline$_v2.encode_ie$0$bufsize_.1;
+ inline$_v2.encode_ie$0$ie := inline$_v2.encode_ie$0$ie_.1;
+ inline$_v2.encode_ie$0$ielen := inline$_v2.encode_ie$0$ielen_.1;
+ inline$_v2.encode_ie$0$leader := inline$_v2.encode_ie$0$leader_.1;
+ inline$_v2.encode_ie$0$leader_len := inline$_v2.encode_ie$0$leader_len_.1;
+ goto inline$_v2.encode_ie$0$label_3#2;
+
+ inline$_v2.encode_ie$0$label_3#2:
+ _v2.OK := _v2.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 9} true;
+ goto inline$_v2.encode_ie$0$label_4#2;
+
+ inline$_v2.encode_ie$0$label_4#2:
+ _v2.OK := _v2.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 10} true;
+ goto inline$_v2.encode_ie$0$label_5#2;
+
+ inline$_v2.encode_ie$0$label_5#2:
+ _v2.OK := _v2.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 13} true;
+ goto inline$_v2.encode_ie$0$label_5_true#2, inline$_v2.encode_ie$0$label_5_false#2;
+
+ inline$_v2.encode_ie$0$label_5_false#2:
+ assume !_v2.INT_LT(inline$_v2.encode_ie$0$bufsize, inline$_v2.encode_ie$0$leader_len);
+ assume _v2.value_is(_v2.__ctobpl_const_1, inline$_v2.encode_ie$0$bufsize);
+ assume _v2.value_is(_v2.__ctobpl_const_2, inline$_v2.encode_ie$0$leader_len);
+ goto inline$_v2.encode_ie$0$label_6#2;
+
+ inline$_v2.encode_ie$0$label_6#2:
+ _v2.OK := _v2.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 15} true;
+ inline$_v2.encode_ie$0$p := inline$_v2.encode_ie$0$buf;
+ assume _v2.value_is(_v2.__ctobpl_const_3, inline$_v2.encode_ie$0$p);
+ assume _v2.value_is(_v2.__ctobpl_const_4, inline$_v2.encode_ie$0$buf);
+ goto inline$_v2.encode_ie$0$label_8#2;
+
+ inline$_v2.encode_ie$0$label_8#2:
+ _v2.OK := _v2.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 16} true;
+ _v2.memcpy_in_3_0, _v2.memcpy_in_3_1, _v2.memcpy_in_3_2, _v2.memcpy_in_3_3, _v2.memcpy_in_3_4 := inline$_v2.encode_ie$0$p, inline$_v2.encode_ie$0$leader, inline$_v2.encode_ie$0$leader_len, _v2.OK, _v2.Mem_T.UCHAR;
+ call inline$_v2.encode_ie$0$result.memcpy$2 := _v2.memcpy(inline$_v2.encode_ie$0$p, inline$_v2.encode_ie$0$leader, inline$_v2.encode_ie$0$leader_len);
+ _v2.memcpy_3_done := true;
+ _v2.memcpy_out_3_0 := inline$_v2.encode_ie$0$result.memcpy$2;
+ assume _v2.value_is(_v2.__ctobpl_const_5, inline$_v2.encode_ie$0$p);
+ assume _v2.value_is(_v2.__ctobpl_const_6, inline$_v2.encode_ie$0$leader);
+ assume _v2.value_is(_v2.__ctobpl_const_7, inline$_v2.encode_ie$0$leader_len);
+ assume _v2.value_is(_v2.__ctobpl_const_8, inline$_v2.encode_ie$0$p);
+ assume _v2.value_is(_v2.__ctobpl_const_9, inline$_v2.encode_ie$0$leader);
+ assume _v2.value_is(_v2.__ctobpl_const_10, inline$_v2.encode_ie$0$leader_len);
+ goto inline$_v2.encode_ie$0$label_11#2;
+
+ inline$_v2.encode_ie$0$label_11#2:
+ _v2.OK := _v2.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 17} true;
+ havoc inline$_v2.encode_ie$0$tempBoogie0;
+ assume _v2.INT_MINUS_BOTH_PTR_OR_BOTH_INT(inline$_v2.encode_ie$0$bufsize, inline$_v2.encode_ie$0$leader_len, 1, inline$_v2.encode_ie$0$tempBoogie0);
+ inline$_v2.encode_ie$0$bufsize := inline$_v2.encode_ie$0$tempBoogie0;
+ assume _v2.value_is(_v2.__ctobpl_const_11, inline$_v2.encode_ie$0$bufsize);
+ assume _v2.value_is(_v2.__ctobpl_const_12, inline$_v2.encode_ie$0$leader_len);
+ goto inline$_v2.encode_ie$0$label_12#2;
+
+ inline$_v2.encode_ie$0$label_12#2:
+ _v2.OK := _v2.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 18} true;
+ inline$_v2.encode_ie$0$tempBoogie0 := _v2.INT_PLUS(inline$_v2.encode_ie$0$p, 1, inline$_v2.encode_ie$0$leader_len);
+ inline$_v2.encode_ie$0$p := inline$_v2.encode_ie$0$tempBoogie0;
+ assume _v2.value_is(_v2.__ctobpl_const_13, inline$_v2.encode_ie$0$p);
+ assume _v2.value_is(_v2.__ctobpl_const_14, inline$_v2.encode_ie$0$leader_len);
+ goto inline$_v2.encode_ie$0$label_13#2;
+
+ inline$_v2.encode_ie$0$label_13#2:
+ _v2.OK := _v2.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 20} true;
+ inline$_v2.encode_ie$0$i := 0;
+ assume _v2.value_is(_v2.__ctobpl_const_15, inline$_v2.encode_ie$0$i);
+ goto inline$_v2.encode_ie$0$label_14#2;
+
+ inline$_v2.encode_ie$0$label_14#2:
+ _v2.OK := _v2.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 20} true;
+ goto inline$_v2.encode_ie$0$label_14_head#2;
+
+ inline$_v2.encode_ie$0$label_14_head#2:
+ _v2.encode_ie_loop_label_14_head_in_4_0, _v2.encode_ie_loop_label_14_head_in_4_1, _v2.encode_ie_loop_label_14_head_in_4_2, _v2.encode_ie_loop_label_14_head_in_4_3, _v2.encode_ie_loop_label_14_head_in_4_4, _v2.encode_ie_loop_label_14_head_in_4_5, _v2.encode_ie_loop_label_14_head_in_4_6 := inline$_v2.encode_ie$0$bufsize, inline$_v2.encode_ie$0$i, inline$_v2.encode_ie$0$ielen, inline$_v2.encode_ie$0$p, inline$_v2.encode_ie$0$tempBoogie0, _v2.OK, _v2.Mem_T.UCHAR;
+ call inline$_v2.encode_ie$0$bufsize, inline$_v2.encode_ie$0$i, inline$_v2.encode_ie$0$p, inline$_v2.encode_ie$0$tempBoogie0 := _v2.encode_ie_loop_label_14_head(inline$_v2.encode_ie$0$bufsize, inline$_v2.encode_ie$0$i, inline$_v2.encode_ie$0$ielen, inline$_v2.encode_ie$0$p, inline$_v2.encode_ie$0$tempBoogie0);
+ _v2.encode_ie_loop_label_14_head_4_done := true;
+ _v2.encode_ie_loop_label_14_head_out_4_0, _v2.encode_ie_loop_label_14_head_out_4_1, _v2.encode_ie_loop_label_14_head_out_4_2, _v2.encode_ie_loop_label_14_head_out_4_3, _v2.encode_ie_loop_label_14_head_out_4_4, _v2.encode_ie_loop_label_14_head_out_4_5 := inline$_v2.encode_ie$0$bufsize, inline$_v2.encode_ie$0$i, inline$_v2.encode_ie$0$p, inline$_v2.encode_ie$0$tempBoogie0, _v2.Mem_T.UCHAR, _v2.OK;
+ goto inline$_v2.encode_ie$0$label_14_head_last#2;
+
+ inline$_v2.encode_ie$0$label_14_head_last#2:
+ goto inline$_v2.encode_ie$0$label_14_true#2, inline$_v2.encode_ie$0$label_14_false#2;
+
+ inline$_v2.encode_ie$0$label_14_false#2:
+ assume !_v2.INT_LT(inline$_v2.encode_ie$0$i, inline$_v2.encode_ie$0$ielen);
+ assume _v2.value_is(_v2.__ctobpl_const_16, inline$_v2.encode_ie$0$i);
+ assume _v2.value_is(_v2.__ctobpl_const_17, inline$_v2.encode_ie$0$ielen);
+ goto inline$_v2.encode_ie$0$label_15#2;
+
+ inline$_v2.encode_ie$0$label_14_true#2:
+ assume _v2.INT_LT(inline$_v2.encode_ie$0$i, inline$_v2.encode_ie$0$ielen);
+ assume _v2.value_is(_v2.__ctobpl_const_16, inline$_v2.encode_ie$0$i);
+ assume _v2.value_is(_v2.__ctobpl_const_17, inline$_v2.encode_ie$0$ielen);
+ goto inline$_v2.encode_ie$0$label_16#2;
+
+ inline$_v2.encode_ie$0$label_16#2:
+ _v2.OK := _v2.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 20} true;
+ goto inline$_v2.encode_ie$0$label_16_true#2, inline$_v2.encode_ie$0$label_16_false#2;
+
+ inline$_v2.encode_ie$0$label_16_false#2:
+ assume !_v2.INT_LT(2, inline$_v2.encode_ie$0$bufsize);
+ assume _v2.value_is(_v2.__ctobpl_const_20, inline$_v2.encode_ie$0$bufsize);
+ goto inline$_v2.encode_ie$0$label_15#2;
+
+ inline$_v2.encode_ie$0$label_15#2:
+ _v2.OK := _v2.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 39} true;
+ goto inline$_v2.encode_ie$0$label_15_true#2, inline$_v2.encode_ie$0$label_15_false#2;
+
+ inline$_v2.encode_ie$0$label_15_false#2:
+ assume !_v2.INT_EQ(inline$_v2.encode_ie$0$i, inline$_v2.encode_ie$0$ielen);
+ assume _v2.value_is(_v2.__ctobpl_const_18, inline$_v2.encode_ie$0$i);
+ assume _v2.value_is(_v2.__ctobpl_const_19, inline$_v2.encode_ie$0$ielen);
+ goto inline$_v2.encode_ie$0$label_22#2;
+
+ inline$_v2.encode_ie$0$label_22#2:
+ _v2.OK := _v2.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 39} true;
+ inline$_v2.encode_ie$0$$result.question.3.$$static$ := 0;
+ assume _v2.value_is(_v2.__ctobpl_const_28, inline$_v2.encode_ie$0$$result.question.3.$$static$);
+ goto inline$_v2.encode_ie$0$label_24#2;
+
+ inline$_v2.encode_ie$0$label_15_true#2:
+ assume _v2.INT_EQ(inline$_v2.encode_ie$0$i, inline$_v2.encode_ie$0$ielen);
+ assume _v2.value_is(_v2.__ctobpl_const_18, inline$_v2.encode_ie$0$i);
+ assume _v2.value_is(_v2.__ctobpl_const_19, inline$_v2.encode_ie$0$ielen);
+ goto inline$_v2.encode_ie$0$label_23#2;
+
+ inline$_v2.encode_ie$0$label_23#2:
+ _v2.OK := _v2.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 39} true;
+ havoc inline$_v2.encode_ie$0$$result.question.3.$$static$;
+ assume _v2.INT_MINUS_BOTH_PTR_OR_BOTH_INT(inline$_v2.encode_ie$0$p, inline$_v2.encode_ie$0$buf, 1, inline$_v2.encode_ie$0$$result.question.3.$$static$);
+ assume _v2.value_is(_v2.__ctobpl_const_29, inline$_v2.encode_ie$0$$result.question.3.$$static$);
+ assume _v2.value_is(_v2.__ctobpl_const_30, inline$_v2.encode_ie$0$p);
+ assume _v2.value_is(_v2.__ctobpl_const_31, inline$_v2.encode_ie$0$buf);
+ goto inline$_v2.encode_ie$0$label_24#2;
+
+ inline$_v2.encode_ie$0$label_24#2:
+ _v2.OK := _v2.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 39} true;
+ inline$_v2.encode_ie$0$result.encode_ie$1 := inline$_v2.encode_ie$0$$result.question.3.$$static$;
+ assume _v2.value_is(_v2.__ctobpl_const_32, inline$_v2.encode_ie$0$$result.question.3.$$static$);
+ goto inline$_v2.encode_ie$0$label_1#2;
+
+ inline$_v2.encode_ie$0$label_16_true#2:
+ assume _v2.INT_LT(2, inline$_v2.encode_ie$0$bufsize);
+ assume _v2.value_is(_v2.__ctobpl_const_20, inline$_v2.encode_ie$0$bufsize);
+ goto inline$_v2.encode_ie$0$label_17#2;
+
+ inline$_v2.encode_ie$0$label_17#2:
+ _v2.OK := _v2.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 30} true;
+ assume _v2.INT_GEQ(inline$_v2.encode_ie$0$p, 0);
+ _v2.OK := _v2.OK && _v2.Res_VALID_REGION(inline$_v2.encode_ie$0$p) == 1;
+ assert true;
+ _v2.Mem_T.UCHAR := _v2.Mem_T.UCHAR[inline$_v2.encode_ie$0$p := 120];
+ assume _v2.value_is(_v2.__ctobpl_const_21, inline$_v2.encode_ie$0$p);
+ assume _v2.value_is(_v2.__ctobpl_const_22, _v2.Mem_T.UCHAR[inline$_v2.encode_ie$0$p]);
+ goto inline$_v2.encode_ie$0$label_18#2;
+
+ inline$_v2.encode_ie$0$label_18#2:
+ _v2.OK := _v2.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 32} true;
+ assume _v2.INT_GEQ(_v2.INT_PLUS(inline$_v2.encode_ie$0$p, 1, 1), 0);
+ _v2.OK := _v2.OK
+ && _v2.Res_VALID_REGION(_v2.INT_PLUS(inline$_v2.encode_ie$0$p, 1, 1)) == 1;
+ assert true;
+ _v2.Mem_T.UCHAR := _v2.Mem_T.UCHAR[_v2.INT_PLUS(inline$_v2.encode_ie$0$p, 1, 1) := 120];
+ assume _v2.value_is(_v2.__ctobpl_const_23, inline$_v2.encode_ie$0$p);
+ assume _v2.value_is(_v2.__ctobpl_const_24,
+ _v2.Mem_T.UCHAR[_v2.INT_PLUS(inline$_v2.encode_ie$0$p, 1, 1)]);
+ goto inline$_v2.encode_ie$0$label_19#2;
+
+ inline$_v2.encode_ie$0$label_19#2:
+ _v2.OK := _v2.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 33} true;
+ inline$_v2.encode_ie$0$tempBoogie0 := _v2.INT_PLUS(inline$_v2.encode_ie$0$p, 1, 2);
+ inline$_v2.encode_ie$0$p := inline$_v2.encode_ie$0$tempBoogie0;
+ assume _v2.value_is(_v2.__ctobpl_const_25, inline$_v2.encode_ie$0$p);
+ goto inline$_v2.encode_ie$0$label_20#2;
+
+ inline$_v2.encode_ie$0$label_20#2:
+ _v2.OK := _v2.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 34} true;
+ havoc inline$_v2.encode_ie$0$tempBoogie0;
+ assume _v2.INT_MINUS_BOTH_PTR_OR_BOTH_INT(inline$_v2.encode_ie$0$bufsize, 2, 1, inline$_v2.encode_ie$0$tempBoogie0);
+ inline$_v2.encode_ie$0$bufsize := inline$_v2.encode_ie$0$tempBoogie0;
+ assume _v2.value_is(_v2.__ctobpl_const_26, inline$_v2.encode_ie$0$bufsize);
+ goto inline$_v2.encode_ie$0$label_21#2;
+
+ inline$_v2.encode_ie$0$label_21#2:
+ _v2.OK := _v2.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 20} true;
+ assume _v2.value_is(_v2.__ctobpl_const_27, inline$_v2.encode_ie$0$i);
+ inline$_v2.encode_ie$0$i := _v2.INT_PLUS(inline$_v2.encode_ie$0$i, 1, 1);
+ goto inline$_v2.encode_ie$0$label_21_dummy#2;
+
+ inline$_v2.encode_ie$0$label_21_dummy#2:
+ assume false;
+ goto inline$_v2.encode_ie$0$Return;
+
+ inline$_v2.encode_ie$0$label_5_true#2:
+ assume _v2.INT_LT(inline$_v2.encode_ie$0$bufsize, inline$_v2.encode_ie$0$leader_len);
+ assume _v2.value_is(_v2.__ctobpl_const_1, inline$_v2.encode_ie$0$bufsize);
+ assume _v2.value_is(_v2.__ctobpl_const_2, inline$_v2.encode_ie$0$leader_len);
+ goto inline$_v2.encode_ie$0$label_7#2;
+
+ inline$_v2.encode_ie$0$label_7#2:
+ _v2.OK := _v2.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 14} true;
+ inline$_v2.encode_ie$0$result.encode_ie$1 := 0;
+ goto inline$_v2.encode_ie$0$label_1#2;
+
+ inline$_v2.encode_ie$0$label_1#2:
+ _v2.OK := _v2.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 40} true;
+ goto inline$_v2.encode_ie$0$Return;
+
+ inline$_v2.encode_ie$0$Return:
+ assume true;
+ _v2.result.encode_ie$1 := inline$_v2.encode_ie$0$result.encode_ie$1;
+ goto START$2;
+
+ START$2:
+ goto MS_L_0_1;
+
+ MS_L_0_0:
+ goto MS_L_taken_0, MS_L_not_taken_0;
+
+ MS_L_taken_0:
+ assume _v1.memcpy_1_done && _v2.memcpy_3_done;
+ store__0__v1.OK, store__0__v1.Mem_T.UCHAR := _v1.OK, _v1.Mem_T.UCHAR;
+ store__0__v2.OK, store__0__v2.Mem_T.UCHAR := _v2.OK, _v2.Mem_T.UCHAR;
+ _v1.OK, _v1.Mem_T.UCHAR := _v1.memcpy_in_1_3, _v1.memcpy_in_1_4;
+ _v2.OK, _v2.Mem_T.UCHAR := _v2.memcpy_in_3_3, _v2.memcpy_in_3_4;
+ call out__v1.memcpy_out_1_0_0, out__v2.memcpy_out_3_0_0 := MS_Check__v1.memcpy___v2.memcpy(_v1.memcpy_in_1_0, _v1.memcpy_in_1_1, _v1.memcpy_in_1_2, _v2.memcpy_in_3_0, _v2.memcpy_in_3_1, _v2.memcpy_in_3_2);
+ assume true;
+ assume true;
+ assume _v1.memcpy_out_1_0 == out__v1.memcpy_out_1_0_0
+ && _v2.memcpy_out_3_0 == out__v2.memcpy_out_3_0_0;
+ _v1.OK, _v1.Mem_T.UCHAR := store__0__v1.OK, store__0__v1.Mem_T.UCHAR;
+ _v2.OK, _v2.Mem_T.UCHAR := store__0__v2.OK, store__0__v2.Mem_T.UCHAR;
+ goto MS_L_meet_0;
+
+ MS_L_not_taken_0:
+ assume !(_v1.memcpy_1_done && _v2.memcpy_3_done);
+ goto MS_L_meet_0;
+
+ MS_L_meet_0:
+ return;
+
+ MS_L_0_1:
+ goto MS_L_taken_1, MS_L_not_taken_1;
+
+ MS_L_taken_1:
+ assume _v1.encode_ie_loop_label_14_head_2_done
+ && _v2.encode_ie_loop_label_14_head_4_done;
+ store__1__v1.OK, store__1__v1.Mem_T.UCHAR := _v1.OK, _v1.Mem_T.UCHAR;
+ store__1__v2.OK, store__1__v2.Mem_T.UCHAR := _v2.OK, _v2.Mem_T.UCHAR;
+ _v1.OK, _v1.Mem_T.UCHAR := _v1.encode_ie_loop_label_14_head_in_2_5, _v1.encode_ie_loop_label_14_head_in_2_6;
+ _v2.OK, _v2.Mem_T.UCHAR := _v2.encode_ie_loop_label_14_head_in_4_5, _v2.encode_ie_loop_label_14_head_in_4_6;
+ call out__v1.encode_ie_loop_label_14_head_out_2_0_1, out__v1.encode_ie_loop_label_14_head_out_2_1_1, out__v1.encode_ie_loop_label_14_head_out_2_2_1, out__v2.encode_ie_loop_label_14_head_out_4_0_1, out__v2.encode_ie_loop_label_14_head_out_4_1_1, out__v2.encode_ie_loop_label_14_head_out_4_2_1, out__v2.encode_ie_loop_label_14_head_out_4_3_1 := MS_Check__v1.encode_ie_loop_label_14_head___v2.encode_ie_loop_label_14_head(_v1.encode_ie_loop_label_14_head_in_2_0, _v1.encode_ie_loop_label_14_head_in_2_1, _v1.encode_ie_loop_label_14_head_in_2_2, _v1.encode_ie_loop_label_14_head_in_2_3, _v1.encode_ie_loop_label_14_head_in_2_4, _v2.encode_ie_loop_label_14_head_in_4_0, _v2.encode_ie_loop_label_14_head_in_4_1, _v2.encode_ie_loop_label_14_head_in_4_2, _v2.encode_ie_loop_label_14_head_in_4_3, _v2.encode_ie_loop_label_14_head_in_4_4);
+ assume _v1.Mem_T.UCHAR == _v1.encode_ie_loop_label_14_head_out_2_3
+ && (_v1.OK <==> _v1.encode_ie_loop_label_14_head_out_2_4);
+ assume _v2.Mem_T.UCHAR == _v2.encode_ie_loop_label_14_head_out_4_4
+ && (_v2.OK <==> _v2.encode_ie_loop_label_14_head_out_4_5);
+ assume _v1.encode_ie_loop_label_14_head_out_2_0
+ == out__v1.encode_ie_loop_label_14_head_out_2_0_1
+ && _v1.encode_ie_loop_label_14_head_out_2_1
+ == out__v1.encode_ie_loop_label_14_head_out_2_1_1
+ && _v1.encode_ie_loop_label_14_head_out_2_2
+ == out__v1.encode_ie_loop_label_14_head_out_2_2_1
+ && _v2.encode_ie_loop_label_14_head_out_4_0
+ == out__v2.encode_ie_loop_label_14_head_out_4_0_1
+ && _v2.encode_ie_loop_label_14_head_out_4_1
+ == out__v2.encode_ie_loop_label_14_head_out_4_1_1
+ && _v2.encode_ie_loop_label_14_head_out_4_2
+ == out__v2.encode_ie_loop_label_14_head_out_4_2_1
+ && _v2.encode_ie_loop_label_14_head_out_4_3
+ == out__v2.encode_ie_loop_label_14_head_out_4_3_1;
+ _v1.OK, _v1.Mem_T.UCHAR := store__1__v1.OK, store__1__v1.Mem_T.UCHAR;
+ _v2.OK, _v2.Mem_T.UCHAR := store__1__v2.OK, store__1__v2.Mem_T.UCHAR;
+ goto MS_L_meet_1;
+
+ MS_L_not_taken_1:
+ assume !(_v1.encode_ie_loop_label_14_head_2_done
+ && _v2.encode_ie_loop_label_14_head_4_done);
+ goto MS_L_meet_1;
+
+ MS_L_meet_1:
+ goto MS_L_0_0;
+}
+
+
+
+function {:inline true} MS$_v1.encode_ie_loop_label_14_head$_v2.encode_ie_loop_label_14_head(_v1.in_bufsize: int,
+ _v1.in_i: int,
+ _v1.in_ielen: int,
+ _v1.in_p: int,
+ _v1.in_tempBoogie0: int,
+ _v1.OK_old: bool,
+ _v1.Mem_old: [name][int]int,
+ _v1.alloc_old: int,
+ _v1.Mem_T.A1CHAR_old: [int]int,
+ _v1.Mem_T.A5UCHAR_old: [int]int,
+ _v1.Mem_T.A6UCHAR_old: [int]int,
+ _v1.Mem_T.CHAR_old: [int]int,
+ _v1.Mem_T.INT4_old: [int]int,
+ _v1.Mem_T.PCHAR_old: [int]int,
+ _v1.Mem_T.PUCHAR_old: [int]int,
+ _v1.Mem_T.PVOID_old: [int]int,
+ _v1.Mem_T.Pieee80211_scan_entry_old: [int]int,
+ _v1.Mem_T.UCHAR_old: [int]int,
+ _v1.Mem_T.VOID_old: [int]int,
+ _v1.Mem_T.ieee80211_scan_entry_old: [int]int,
+ _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry_old: [int]int,
+ _v1.detChoiceCnt_old: int,
+ _v1.Res_KERNEL_SOURCE_old: [int]int,
+ _v1.Res_PROBED_old: [int]int,
+ _v1.Mem_T.UCHAR_: [int]int,
+ _v1.OK_: bool,
+ _v1.out_i: int,
+ _v1.out_p: int,
+ _v1.out_tempBoogie0: int,
+ _v2.in_bufsize: int,
+ _v2.in_i: int,
+ _v2.in_ielen: int,
+ _v2.in_p: int,
+ _v2.in_tempBoogie0: int,
+ _v2.OK_old: bool,
+ _v2.Mem_old: [name][int]int,
+ _v2.alloc_old: int,
+ _v2.Mem_T.A1CHAR_old: [int]int,
+ _v2.Mem_T.A5UCHAR_old: [int]int,
+ _v2.Mem_T.A6UCHAR_old: [int]int,
+ _v2.Mem_T.CHAR_old: [int]int,
+ _v2.Mem_T.INT4_old: [int]int,
+ _v2.Mem_T.PCHAR_old: [int]int,
+ _v2.Mem_T.PUCHAR_old: [int]int,
+ _v2.Mem_T.PVOID_old: [int]int,
+ _v2.Mem_T.Pieee80211_scan_entry_old: [int]int,
+ _v2.Mem_T.UCHAR_old: [int]int,
+ _v2.Mem_T.VOID_old: [int]int,
+ _v2.Mem_T.ieee80211_scan_entry_old: [int]int,
+ _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry_old: [int]int,
+ _v2.detChoiceCnt_old: int,
+ _v2.Res_KERNEL_SOURCE_old: [int]int,
+ _v2.Res_PROBED_old: [int]int,
+ _v2.Mem_T.UCHAR_: [int]int,
+ _v2.OK_: bool,
+ _v2.out_bufsize: int,
+ _v2.out_i: int,
+ _v2.out_p: int,
+ _v2.out_tempBoogie0: int)
+ : bool
+{
+ true
+}
+
+const {:existential true} _houdini_115: bool;
+
+const {:existential true} _houdini_116: bool;
+
+const {:existential true} _houdini_117: bool;
+
+const {:existential true} _houdini_118: bool;
+
+const {:existential true} _houdini_119: bool;
+
+const {:existential true} _houdini_120: bool;
+
+const {:existential true} _houdini_121: bool;
+
+const {:existential true} _houdini_122: bool;
+
+const {:existential true} _houdini_123: bool;
+
+const {:existential true} _houdini_124: bool;
+
+const {:existential true} _houdini_125: bool;
+
+const {:existential true} _houdini_126: bool;
+
+const {:existential true} _houdini_127: bool;
+
+const {:existential true} _houdini_128: bool;
+
+const {:existential true} _houdini_129: bool;
+
+const {:existential true} _houdini_130: bool;
+
+const {:existential true} _houdini_131: bool;
+
+const {:existential true} _houdini_132: bool;
+
+const {:existential true} _houdini_133: bool;
+
+const {:existential true} _houdini_134: bool;
+
+const {:existential true} _houdini_135: bool;
+
+const {:existential true} _houdini_136: bool;
+
+const {:existential true} _houdini_137: bool;
+
+const {:existential true} _houdini_138: bool;
+
+const {:existential true} _houdini_139: bool;
+
+const {:existential true} _houdini_140: bool;
+
+const {:existential true} _houdini_141: bool;
+
+const {:existential true} _houdini_142: bool;
+
+const {:existential true} _houdini_143: bool;
+
+const {:existential true} _houdini_144: bool;
+
+const {:existential true} _houdini_145: bool;
+
+const {:existential true} _houdini_146: bool;
+
+const {:existential true} _houdini_147: bool;
+
+const {:existential true} _houdini_148: bool;
+
+const {:existential true} _houdini_149: bool;
+
+const {:existential true} _houdini_150: bool;
+
+const {:existential true} _houdini_151: bool;
+
+const {:existential true} _houdini_152: bool;
+
+const {:existential true} _houdini_153: bool;
+
+const {:existential true} _houdini_154: bool;
+
+const {:existential true} _houdini_155: bool;
+
+procedure MS_Check__v1.encode_ie_loop_label_14_head___v2.encode_ie_loop_label_14_head(_v1.in_bufsize: int,
+ _v1.in_i: int,
+ _v1.in_ielen: int,
+ _v1.in_p: int,
+ _v1.in_tempBoogie0: int,
+ _v2.in_bufsize: int,
+ _v2.in_i: int,
+ _v2.in_ielen: int,
+ _v2.in_p: int,
+ _v2.in_tempBoogie0: int)
+ returns (_v1.out_i: int,
+ _v1.out_p: int,
+ _v1.out_tempBoogie0: int,
+ _v2.out_bufsize: int,
+ _v2.out_i: int,
+ _v2.out_p: int,
+ _v2.out_tempBoogie0: int);
+ requires _houdini_124 ==> _v1.in_bufsize <= _v2.in_bufsize;
+ requires _houdini_125 ==> _v2.in_bufsize <= _v1.in_bufsize;
+ requires _houdini_126 ==> _v1.in_i <= _v2.in_i;
+ requires _houdini_127 ==> _v2.in_i <= _v1.in_i;
+ requires _houdini_128 ==> _v1.in_ielen <= _v2.in_ielen;
+ requires _houdini_129 ==> _v2.in_ielen <= _v1.in_ielen;
+ requires _houdini_130 ==> _v1.in_p <= _v2.in_p;
+ requires _houdini_131 ==> _v2.in_p <= _v1.in_p;
+ requires _houdini_132 ==> _v1.in_tempBoogie0 <= _v2.in_tempBoogie0;
+ requires _houdini_133 ==> _v2.in_tempBoogie0 <= _v1.in_tempBoogie0;
+ requires _houdini_134 ==> _v1.OK ==> _v2.OK;
+ requires _houdini_135 ==> _v2.OK ==> _v1.OK;
+ requires _houdini_136 ==> _v1.Mem == _v2.Mem;
+ requires _houdini_137 ==> _v1.alloc <= _v2.alloc;
+ requires _houdini_138 ==> _v2.alloc <= _v1.alloc;
+ requires _houdini_139 ==> _v1.Mem_T.A1CHAR == _v2.Mem_T.A1CHAR;
+ requires _houdini_140 ==> _v1.Mem_T.A5UCHAR == _v2.Mem_T.A5UCHAR;
+ requires _houdini_141 ==> _v1.Mem_T.A6UCHAR == _v2.Mem_T.A6UCHAR;
+ requires _houdini_142 ==> _v1.Mem_T.CHAR == _v2.Mem_T.CHAR;
+ requires _houdini_143 ==> _v1.Mem_T.INT4 == _v2.Mem_T.INT4;
+ requires _houdini_144 ==> _v1.Mem_T.PCHAR == _v2.Mem_T.PCHAR;
+ requires _houdini_145 ==> _v1.Mem_T.PUCHAR == _v2.Mem_T.PUCHAR;
+ requires _houdini_146 ==> _v1.Mem_T.PVOID == _v2.Mem_T.PVOID;
+ requires _houdini_147
+ ==> _v1.Mem_T.Pieee80211_scan_entry == _v2.Mem_T.Pieee80211_scan_entry;
+ requires _houdini_148 ==> _v1.Mem_T.UCHAR == _v2.Mem_T.UCHAR;
+ requires _houdini_149 ==> _v1.Mem_T.VOID == _v2.Mem_T.VOID;
+ requires _houdini_150
+ ==> _v1.Mem_T.ieee80211_scan_entry == _v2.Mem_T.ieee80211_scan_entry;
+ requires _houdini_151
+ ==> _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry
+ == _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry;
+ requires _houdini_152 ==> _v1.detChoiceCnt <= _v2.detChoiceCnt;
+ requires _houdini_153 ==> _v2.detChoiceCnt <= _v1.detChoiceCnt;
+ requires _houdini_154 ==> _v1.Res_KERNEL_SOURCE == _v2.Res_KERNEL_SOURCE;
+ requires _houdini_155 ==> _v1.Res_PROBED == _v2.Res_PROBED;
+ modifies _v1.Mem_T.UCHAR, _v1.OK, _v2.Mem_T.UCHAR, _v2.OK;
+ ensures MS$_v1.encode_ie_loop_label_14_head$_v2.encode_ie_loop_label_14_head(_v1.in_bufsize,
+ _v1.in_i,
+ _v1.in_ielen,
+ _v1.in_p,
+ _v1.in_tempBoogie0,
+ old(_v1.OK),
+ old(_v1.Mem),
+ old(_v1.alloc),
+ old(_v1.Mem_T.A1CHAR),
+ old(_v1.Mem_T.A5UCHAR),
+ old(_v1.Mem_T.A6UCHAR),
+ old(_v1.Mem_T.CHAR),
+ old(_v1.Mem_T.INT4),
+ old(_v1.Mem_T.PCHAR),
+ old(_v1.Mem_T.PUCHAR),
+ old(_v1.Mem_T.PVOID),
+ old(_v1.Mem_T.Pieee80211_scan_entry),
+ old(_v1.Mem_T.UCHAR),
+ old(_v1.Mem_T.VOID),
+ old(_v1.Mem_T.ieee80211_scan_entry),
+ old(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry),
+ old(_v1.detChoiceCnt),
+ old(_v1.Res_KERNEL_SOURCE),
+ old(_v1.Res_PROBED),
+ _v1.Mem_T.UCHAR,
+ _v1.OK,
+ _v1.out_i,
+ _v1.out_p,
+ _v1.out_tempBoogie0,
+ _v2.in_bufsize,
+ _v2.in_i,
+ _v2.in_ielen,
+ _v2.in_p,
+ _v2.in_tempBoogie0,
+ old(_v2.OK),
+ old(_v2.Mem),
+ old(_v2.alloc),
+ old(_v2.Mem_T.A1CHAR),
+ old(_v2.Mem_T.A5UCHAR),
+ old(_v2.Mem_T.A6UCHAR),
+ old(_v2.Mem_T.CHAR),
+ old(_v2.Mem_T.INT4),
+ old(_v2.Mem_T.PCHAR),
+ old(_v2.Mem_T.PUCHAR),
+ old(_v2.Mem_T.PVOID),
+ old(_v2.Mem_T.Pieee80211_scan_entry),
+ old(_v2.Mem_T.UCHAR),
+ old(_v2.Mem_T.VOID),
+ old(_v2.Mem_T.ieee80211_scan_entry),
+ old(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry),
+ old(_v2.detChoiceCnt),
+ old(_v2.Res_KERNEL_SOURCE),
+ old(_v2.Res_PROBED),
+ _v2.Mem_T.UCHAR,
+ _v2.OK,
+ _v2.out_bufsize,
+ _v2.out_i,
+ _v2.out_p,
+ _v2.out_tempBoogie0);
+ ensures _houdini_115 ==> _v1.out_i <= _v2.out_i;
+ ensures _houdini_116 ==> _v2.out_i <= _v1.out_i;
+ ensures _houdini_117 ==> _v1.out_p <= _v2.out_p;
+ ensures _houdini_118 ==> _v2.out_p <= _v1.out_p;
+ ensures _houdini_119 ==> _v1.out_tempBoogie0 <= _v2.out_tempBoogie0;
+ ensures _houdini_120 ==> _v2.out_tempBoogie0 <= _v1.out_tempBoogie0;
+ ensures _houdini_121 ==> _v1.Mem_T.UCHAR == _v2.Mem_T.UCHAR;
+ ensures _houdini_122 ==> _v1.OK ==> _v2.OK;
+ ensures _houdini_123 ==> _v2.OK ==> _v1.OK;
+
+
+
+implementation MS_Check__v1.encode_ie_loop_label_14_head___v2.encode_ie_loop_label_14_head(_v1.in_bufsize: int,
+ _v1.in_i: int,
+ _v1.in_ielen: int,
+ _v1.in_p: int,
+ _v1.in_tempBoogie0: int,
+ _v2.in_bufsize: int,
+ _v2.in_i: int,
+ _v2.in_ielen: int,
+ _v2.in_p: int,
+ _v2.in_tempBoogie0: int)
+ returns (_v1.out_i: int,
+ _v1.out_p: int,
+ _v1.out_tempBoogie0: int,
+ _v2.out_bufsize: int,
+ _v2.out_i: int,
+ _v2.out_p: int,
+ _v2.out_tempBoogie0: int)
+{
+ var inline$_v1.encode_ie_loop_label_14_head$0$in_bufsize: int;
+ var inline$_v1.encode_ie_loop_label_14_head$0$in_i: int;
+ var inline$_v1.encode_ie_loop_label_14_head$0$in_ielen: int;
+ var inline$_v1.encode_ie_loop_label_14_head$0$in_p: int;
+ var inline$_v1.encode_ie_loop_label_14_head$0$in_tempBoogie0: int;
+ var inline$_v1.encode_ie_loop_label_14_head$0$out_i: int;
+ var inline$_v1.encode_ie_loop_label_14_head$0$out_p: int;
+ var inline$_v1.encode_ie_loop_label_14_head$0$out_tempBoogie0: int;
+ var inline$_v1.encode_ie_loop_label_14_head$0$_v1.Mem_T.UCHAR: [int]int;
+ var inline$_v1.encode_ie_loop_label_14_head$0$_v1.OK: bool;
+ var inline$_v2.encode_ie_loop_label_14_head$0$in_bufsize: int;
+ var inline$_v2.encode_ie_loop_label_14_head$0$in_i: int;
+ var inline$_v2.encode_ie_loop_label_14_head$0$in_ielen: int;
+ var inline$_v2.encode_ie_loop_label_14_head$0$in_p: int;
+ var inline$_v2.encode_ie_loop_label_14_head$0$in_tempBoogie0: int;
+ var inline$_v2.encode_ie_loop_label_14_head$0$out_bufsize: int;
+ var inline$_v2.encode_ie_loop_label_14_head$0$out_i: int;
+ var inline$_v2.encode_ie_loop_label_14_head$0$out_p: int;
+ var inline$_v2.encode_ie_loop_label_14_head$0$out_tempBoogie0: int;
+ var inline$_v2.encode_ie_loop_label_14_head$0$_v2.Mem_T.UCHAR: [int]int;
+ var inline$_v2.encode_ie_loop_label_14_head$0$_v2.OK: bool;
+ var _v1.encode_ie_loop_label_14_head_1_done: bool;
+ var _v1.encode_ie_loop_label_14_head_in_1_0: int;
+ var _v1.encode_ie_loop_label_14_head_in_1_1: int;
+ var _v1.encode_ie_loop_label_14_head_in_1_2: int;
+ var _v1.encode_ie_loop_label_14_head_in_1_3: int;
+ var _v1.encode_ie_loop_label_14_head_in_1_4: int;
+ var _v1.encode_ie_loop_label_14_head_in_1_5: [int]int;
+ var _v1.encode_ie_loop_label_14_head_in_1_6: bool;
+ var _v1.encode_ie_loop_label_14_head_out_1_0: int;
+ var _v1.encode_ie_loop_label_14_head_out_1_1: int;
+ var _v1.encode_ie_loop_label_14_head_out_1_2: int;
+ var _v1.encode_ie_loop_label_14_head_out_1_3: [int]int;
+ var _v1.encode_ie_loop_label_14_head_out_1_4: bool;
+ var _v2.encode_ie_loop_label_14_head_2_done: bool;
+ var _v2.encode_ie_loop_label_14_head_in_2_0: int;
+ var _v2.encode_ie_loop_label_14_head_in_2_1: int;
+ var _v2.encode_ie_loop_label_14_head_in_2_2: int;
+ var _v2.encode_ie_loop_label_14_head_in_2_3: int;
+ var _v2.encode_ie_loop_label_14_head_in_2_4: int;
+ var _v2.encode_ie_loop_label_14_head_in_2_5: [int]int;
+ var _v2.encode_ie_loop_label_14_head_in_2_6: bool;
+ var _v2.encode_ie_loop_label_14_head_out_2_0: int;
+ var _v2.encode_ie_loop_label_14_head_out_2_1: int;
+ var _v2.encode_ie_loop_label_14_head_out_2_2: int;
+ var _v2.encode_ie_loop_label_14_head_out_2_3: int;
+ var _v2.encode_ie_loop_label_14_head_out_2_4: [int]int;
+ var _v2.encode_ie_loop_label_14_head_out_2_5: bool;
+ var store__0__v1.Mem_T.UCHAR: [int]int;
+ var store__0__v1.OK: bool;
+ var store__0__v2.Mem_T.UCHAR: [int]int;
+ var store__0__v2.OK: bool;
+ var out__v1.encode_ie_loop_label_14_head_out_1_0_0: int;
+ var out__v1.encode_ie_loop_label_14_head_out_1_1_0: int;
+ var out__v1.encode_ie_loop_label_14_head_out_1_2_0: int;
+ var out__v2.encode_ie_loop_label_14_head_out_2_0_0: int;
+ var out__v2.encode_ie_loop_label_14_head_out_2_1_0: int;
+ var out__v2.encode_ie_loop_label_14_head_out_2_2_0: int;
+ var out__v2.encode_ie_loop_label_14_head_out_2_3_0: int;
+
+ START:
+ _v1.encode_ie_loop_label_14_head_1_done, _v2.encode_ie_loop_label_14_head_2_done := false, false;
+ goto inline$_v1.encode_ie_loop_label_14_head$0$Entry;
+
+ inline$_v1.encode_ie_loop_label_14_head$0$Entry:
+ inline$_v1.encode_ie_loop_label_14_head$0$in_bufsize := _v1.in_bufsize;
+ inline$_v1.encode_ie_loop_label_14_head$0$in_i := _v1.in_i;
+ inline$_v1.encode_ie_loop_label_14_head$0$in_ielen := _v1.in_ielen;
+ inline$_v1.encode_ie_loop_label_14_head$0$in_p := _v1.in_p;
+ inline$_v1.encode_ie_loop_label_14_head$0$in_tempBoogie0 := _v1.in_tempBoogie0;
+ havoc inline$_v1.encode_ie_loop_label_14_head$0$out_i, inline$_v1.encode_ie_loop_label_14_head$0$out_p, inline$_v1.encode_ie_loop_label_14_head$0$out_tempBoogie0;
+ inline$_v1.encode_ie_loop_label_14_head$0$_v1.Mem_T.UCHAR := _v1.Mem_T.UCHAR;
+ inline$_v1.encode_ie_loop_label_14_head$0$_v1.OK := _v1.OK;
+ goto inline$_v1.encode_ie_loop_label_14_head$0$entry#2;
+
+ inline$_v1.encode_ie_loop_label_14_head$0$entry#2:
+ inline$_v1.encode_ie_loop_label_14_head$0$out_i, inline$_v1.encode_ie_loop_label_14_head$0$out_p, inline$_v1.encode_ie_loop_label_14_head$0$out_tempBoogie0 := inline$_v1.encode_ie_loop_label_14_head$0$in_i, inline$_v1.encode_ie_loop_label_14_head$0$in_p, inline$_v1.encode_ie_loop_label_14_head$0$in_tempBoogie0;
+ goto inline$_v1.encode_ie_loop_label_14_head$0$label_14_head#2;
+
+ inline$_v1.encode_ie_loop_label_14_head$0$label_14_head#2:
+ goto inline$_v1.encode_ie_loop_label_14_head$0$label_14_true#2, inline$_v1.encode_ie_loop_label_14_head$0$label_14_false#2;
+
+ inline$_v1.encode_ie_loop_label_14_head$0$label_14_false#2:
+ assume !_v2.INT_LT(inline$_v1.encode_ie_loop_label_14_head$0$out_i,
+ inline$_v1.encode_ie_loop_label_14_head$0$in_ielen);
+ assume _v2.value_is(_v1.__ctobpl_const_16, inline$_v1.encode_ie_loop_label_14_head$0$out_i);
+ assume _v2.value_is(_v1.__ctobpl_const_17, inline$_v1.encode_ie_loop_label_14_head$0$in_ielen);
+ inline$_v1.encode_ie_loop_label_14_head$0$out_i, inline$_v1.encode_ie_loop_label_14_head$0$out_p, inline$_v1.encode_ie_loop_label_14_head$0$out_tempBoogie0 := inline$_v1.encode_ie_loop_label_14_head$0$in_i, inline$_v1.encode_ie_loop_label_14_head$0$in_p, inline$_v1.encode_ie_loop_label_14_head$0$in_tempBoogie0;
+ _v1.Mem_T.UCHAR := inline$_v1.encode_ie_loop_label_14_head$0$_v1.Mem_T.UCHAR;
+ goto inline$_v1.encode_ie_loop_label_14_head$0$Return;
+
+ inline$_v1.encode_ie_loop_label_14_head$0$label_14_true#2:
+ assume _v2.INT_LT(inline$_v1.encode_ie_loop_label_14_head$0$out_i,
+ inline$_v1.encode_ie_loop_label_14_head$0$in_ielen);
+ assume _v2.value_is(_v1.__ctobpl_const_16, inline$_v1.encode_ie_loop_label_14_head$0$out_i);
+ assume _v2.value_is(_v1.__ctobpl_const_17, inline$_v1.encode_ie_loop_label_14_head$0$in_ielen);
+ goto inline$_v1.encode_ie_loop_label_14_head$0$label_16#2;
+
+ inline$_v1.encode_ie_loop_label_14_head$0$label_16#2:
+ _v1.OK := _v1.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 20} true;
+ goto inline$_v1.encode_ie_loop_label_14_head$0$label_16_true#2, inline$_v1.encode_ie_loop_label_14_head$0$label_16_false#2;
+
+ inline$_v1.encode_ie_loop_label_14_head$0$label_16_false#2:
+ assume !_v2.INT_LT(2, inline$_v1.encode_ie_loop_label_14_head$0$in_bufsize);
+ assume _v2.value_is(_v1.__ctobpl_const_20, inline$_v1.encode_ie_loop_label_14_head$0$in_bufsize);
+ inline$_v1.encode_ie_loop_label_14_head$0$out_i, inline$_v1.encode_ie_loop_label_14_head$0$out_p, inline$_v1.encode_ie_loop_label_14_head$0$out_tempBoogie0 := inline$_v1.encode_ie_loop_label_14_head$0$in_i, inline$_v1.encode_ie_loop_label_14_head$0$in_p, inline$_v1.encode_ie_loop_label_14_head$0$in_tempBoogie0;
+ _v1.Mem_T.UCHAR := inline$_v1.encode_ie_loop_label_14_head$0$_v1.Mem_T.UCHAR;
+ goto inline$_v1.encode_ie_loop_label_14_head$0$Return;
+
+ inline$_v1.encode_ie_loop_label_14_head$0$label_16_true#2:
+ assume _v2.INT_LT(2, inline$_v1.encode_ie_loop_label_14_head$0$in_bufsize);
+ assume _v2.value_is(_v1.__ctobpl_const_20, inline$_v1.encode_ie_loop_label_14_head$0$in_bufsize);
+ goto inline$_v1.encode_ie_loop_label_14_head$0$label_17#2;
+
+ inline$_v1.encode_ie_loop_label_14_head$0$label_17#2:
+ _v1.OK := _v1.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 30} true;
+ assume _v2.INT_GEQ(inline$_v1.encode_ie_loop_label_14_head$0$out_p, 0);
+ _v1.OK := _v1.OK
+ && _v2.Res_VALID_REGION(inline$_v1.encode_ie_loop_label_14_head$0$out_p) == 1;
+ assert true;
+ _v1.Mem_T.UCHAR := _v1.Mem_T.UCHAR[inline$_v1.encode_ie_loop_label_14_head$0$out_p := 120];
+ assume _v2.value_is(_v1.__ctobpl_const_21, inline$_v1.encode_ie_loop_label_14_head$0$out_p);
+ assume _v2.value_is(_v1.__ctobpl_const_22,
+ _v1.Mem_T.UCHAR[inline$_v1.encode_ie_loop_label_14_head$0$out_p]);
+ goto inline$_v1.encode_ie_loop_label_14_head$0$label_18#2;
+
+ inline$_v1.encode_ie_loop_label_14_head$0$label_18#2:
+ _v1.OK := _v1.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 32} true;
+ assume _v2.INT_GEQ(_v2.INT_PLUS(inline$_v1.encode_ie_loop_label_14_head$0$out_p, 1, 1), 0);
+ _v1.OK := _v1.OK
+ && _v2.Res_VALID_REGION(_v2.INT_PLUS(inline$_v1.encode_ie_loop_label_14_head$0$out_p, 1, 1))
+ == 1;
+ assert true;
+ _v1.Mem_T.UCHAR := _v1.Mem_T.UCHAR[_v2.INT_PLUS(inline$_v1.encode_ie_loop_label_14_head$0$out_p, 1, 1) := 120];
+ assume _v2.value_is(_v1.__ctobpl_const_23, inline$_v1.encode_ie_loop_label_14_head$0$out_p);
+ assume _v2.value_is(_v1.__ctobpl_const_24,
+ _v1.Mem_T.UCHAR[_v2.INT_PLUS(inline$_v1.encode_ie_loop_label_14_head$0$out_p, 1, 1)]);
+ goto inline$_v1.encode_ie_loop_label_14_head$0$label_19#2;
+
+ inline$_v1.encode_ie_loop_label_14_head$0$label_19#2:
+ _v1.OK := _v1.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 33} true;
+ inline$_v1.encode_ie_loop_label_14_head$0$out_tempBoogie0 := _v2.INT_PLUS(inline$_v1.encode_ie_loop_label_14_head$0$out_p, 1, 2);
+ inline$_v1.encode_ie_loop_label_14_head$0$out_p := inline$_v1.encode_ie_loop_label_14_head$0$out_tempBoogie0;
+ assume _v2.value_is(_v1.__ctobpl_const_25, inline$_v1.encode_ie_loop_label_14_head$0$out_p);
+ goto inline$_v1.encode_ie_loop_label_14_head$0$label_20#2;
+
+ inline$_v1.encode_ie_loop_label_14_head$0$label_20#2:
+ _v1.OK := _v1.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 20} true;
+ assume _v2.value_is(_v1.__ctobpl_const_26, inline$_v1.encode_ie_loop_label_14_head$0$out_i);
+ inline$_v1.encode_ie_loop_label_14_head$0$out_i := _v2.INT_PLUS(inline$_v1.encode_ie_loop_label_14_head$0$out_i, 1, 1);
+ goto inline$_v1.encode_ie_loop_label_14_head$0$label_20_dummy#2;
+
+ inline$_v1.encode_ie_loop_label_14_head$0$label_20_dummy#2:
+ _v1.encode_ie_loop_label_14_head_in_1_0, _v1.encode_ie_loop_label_14_head_in_1_1, _v1.encode_ie_loop_label_14_head_in_1_2, _v1.encode_ie_loop_label_14_head_in_1_3, _v1.encode_ie_loop_label_14_head_in_1_4, _v1.encode_ie_loop_label_14_head_in_1_5, _v1.encode_ie_loop_label_14_head_in_1_6 := inline$_v1.encode_ie_loop_label_14_head$0$in_bufsize, inline$_v1.encode_ie_loop_label_14_head$0$out_i, inline$_v1.encode_ie_loop_label_14_head$0$in_ielen, inline$_v1.encode_ie_loop_label_14_head$0$out_p, inline$_v1.encode_ie_loop_label_14_head$0$out_tempBoogie0, _v1.Mem_T.UCHAR, _v1.OK;
+ call inline$_v1.encode_ie_loop_label_14_head$0$out_i, inline$_v1.encode_ie_loop_label_14_head$0$out_p, inline$_v1.encode_ie_loop_label_14_head$0$out_tempBoogie0 := _v1.encode_ie_loop_label_14_head(inline$_v1.encode_ie_loop_label_14_head$0$in_bufsize, inline$_v1.encode_ie_loop_label_14_head$0$out_i, inline$_v1.encode_ie_loop_label_14_head$0$in_ielen, inline$_v1.encode_ie_loop_label_14_head$0$out_p, inline$_v1.encode_ie_loop_label_14_head$0$out_tempBoogie0);
+ _v1.encode_ie_loop_label_14_head_1_done := true;
+ _v1.encode_ie_loop_label_14_head_out_1_0, _v1.encode_ie_loop_label_14_head_out_1_1, _v1.encode_ie_loop_label_14_head_out_1_2, _v1.encode_ie_loop_label_14_head_out_1_3, _v1.encode_ie_loop_label_14_head_out_1_4 := inline$_v1.encode_ie_loop_label_14_head$0$out_i, inline$_v1.encode_ie_loop_label_14_head$0$out_p, inline$_v1.encode_ie_loop_label_14_head$0$out_tempBoogie0, _v1.Mem_T.UCHAR, _v1.OK;
+ goto inline$_v1.encode_ie_loop_label_14_head$0$Return;
+
+ inline$_v1.encode_ie_loop_label_14_head$0$Return:
+ assume true;
+ _v1.out_i := inline$_v1.encode_ie_loop_label_14_head$0$out_i;
+ _v1.out_p := inline$_v1.encode_ie_loop_label_14_head$0$out_p;
+ _v1.out_tempBoogie0 := inline$_v1.encode_ie_loop_label_14_head$0$out_tempBoogie0;
+ goto START$1;
+
+ START$1:
+ goto inline$_v2.encode_ie_loop_label_14_head$0$Entry;
+
+ inline$_v2.encode_ie_loop_label_14_head$0$Entry:
+ inline$_v2.encode_ie_loop_label_14_head$0$in_bufsize := _v2.in_bufsize;
+ inline$_v2.encode_ie_loop_label_14_head$0$in_i := _v2.in_i;
+ inline$_v2.encode_ie_loop_label_14_head$0$in_ielen := _v2.in_ielen;
+ inline$_v2.encode_ie_loop_label_14_head$0$in_p := _v2.in_p;
+ inline$_v2.encode_ie_loop_label_14_head$0$in_tempBoogie0 := _v2.in_tempBoogie0;
+ havoc inline$_v2.encode_ie_loop_label_14_head$0$out_bufsize, inline$_v2.encode_ie_loop_label_14_head$0$out_i, inline$_v2.encode_ie_loop_label_14_head$0$out_p, inline$_v2.encode_ie_loop_label_14_head$0$out_tempBoogie0;
+ inline$_v2.encode_ie_loop_label_14_head$0$_v2.Mem_T.UCHAR := _v2.Mem_T.UCHAR;
+ inline$_v2.encode_ie_loop_label_14_head$0$_v2.OK := _v2.OK;
+ goto inline$_v2.encode_ie_loop_label_14_head$0$entry#2;
+
+ inline$_v2.encode_ie_loop_label_14_head$0$entry#2:
+ inline$_v2.encode_ie_loop_label_14_head$0$out_bufsize, inline$_v2.encode_ie_loop_label_14_head$0$out_i, inline$_v2.encode_ie_loop_label_14_head$0$out_p, inline$_v2.encode_ie_loop_label_14_head$0$out_tempBoogie0 := inline$_v2.encode_ie_loop_label_14_head$0$in_bufsize, inline$_v2.encode_ie_loop_label_14_head$0$in_i, inline$_v2.encode_ie_loop_label_14_head$0$in_p, inline$_v2.encode_ie_loop_label_14_head$0$in_tempBoogie0;
+ goto inline$_v2.encode_ie_loop_label_14_head$0$label_14_head#2;
+
+ inline$_v2.encode_ie_loop_label_14_head$0$label_14_head#2:
+ goto inline$_v2.encode_ie_loop_label_14_head$0$label_14_true#2, inline$_v2.encode_ie_loop_label_14_head$0$label_14_false#2;
+
+ inline$_v2.encode_ie_loop_label_14_head$0$label_14_false#2:
+ assume !_v2.INT_LT(inline$_v2.encode_ie_loop_label_14_head$0$out_i,
+ inline$_v2.encode_ie_loop_label_14_head$0$in_ielen);
+ assume _v2.value_is(_v2.__ctobpl_const_16, inline$_v2.encode_ie_loop_label_14_head$0$out_i);
+ assume _v2.value_is(_v2.__ctobpl_const_17, inline$_v2.encode_ie_loop_label_14_head$0$in_ielen);
+ inline$_v2.encode_ie_loop_label_14_head$0$out_bufsize, inline$_v2.encode_ie_loop_label_14_head$0$out_i, inline$_v2.encode_ie_loop_label_14_head$0$out_p, inline$_v2.encode_ie_loop_label_14_head$0$out_tempBoogie0 := inline$_v2.encode_ie_loop_label_14_head$0$in_bufsize, inline$_v2.encode_ie_loop_label_14_head$0$in_i, inline$_v2.encode_ie_loop_label_14_head$0$in_p, inline$_v2.encode_ie_loop_label_14_head$0$in_tempBoogie0;
+ _v2.Mem_T.UCHAR := inline$_v2.encode_ie_loop_label_14_head$0$_v2.Mem_T.UCHAR;
+ goto inline$_v2.encode_ie_loop_label_14_head$0$Return;
+
+ inline$_v2.encode_ie_loop_label_14_head$0$label_14_true#2:
+ assume _v2.INT_LT(inline$_v2.encode_ie_loop_label_14_head$0$out_i,
+ inline$_v2.encode_ie_loop_label_14_head$0$in_ielen);
+ assume _v2.value_is(_v2.__ctobpl_const_16, inline$_v2.encode_ie_loop_label_14_head$0$out_i);
+ assume _v2.value_is(_v2.__ctobpl_const_17, inline$_v2.encode_ie_loop_label_14_head$0$in_ielen);
+ goto inline$_v2.encode_ie_loop_label_14_head$0$label_16#2;
+
+ inline$_v2.encode_ie_loop_label_14_head$0$label_16#2:
+ _v2.OK := _v2.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 20} true;
+ goto inline$_v2.encode_ie_loop_label_14_head$0$label_16_true#2, inline$_v2.encode_ie_loop_label_14_head$0$label_16_false#2;
+
+ inline$_v2.encode_ie_loop_label_14_head$0$label_16_false#2:
+ assume !_v2.INT_LT(2, inline$_v2.encode_ie_loop_label_14_head$0$out_bufsize);
+ assume _v2.value_is(_v2.__ctobpl_const_20, inline$_v2.encode_ie_loop_label_14_head$0$out_bufsize);
+ inline$_v2.encode_ie_loop_label_14_head$0$out_bufsize, inline$_v2.encode_ie_loop_label_14_head$0$out_i, inline$_v2.encode_ie_loop_label_14_head$0$out_p, inline$_v2.encode_ie_loop_label_14_head$0$out_tempBoogie0 := inline$_v2.encode_ie_loop_label_14_head$0$in_bufsize, inline$_v2.encode_ie_loop_label_14_head$0$in_i, inline$_v2.encode_ie_loop_label_14_head$0$in_p, inline$_v2.encode_ie_loop_label_14_head$0$in_tempBoogie0;
+ _v2.Mem_T.UCHAR := inline$_v2.encode_ie_loop_label_14_head$0$_v2.Mem_T.UCHAR;
+ goto inline$_v2.encode_ie_loop_label_14_head$0$Return;
+
+ inline$_v2.encode_ie_loop_label_14_head$0$label_16_true#2:
+ assume _v2.INT_LT(2, inline$_v2.encode_ie_loop_label_14_head$0$out_bufsize);
+ assume _v2.value_is(_v2.__ctobpl_const_20, inline$_v2.encode_ie_loop_label_14_head$0$out_bufsize);
+ goto inline$_v2.encode_ie_loop_label_14_head$0$label_17#2;
+
+ inline$_v2.encode_ie_loop_label_14_head$0$label_17#2:
+ _v2.OK := _v2.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 30} true;
+ assume _v2.INT_GEQ(inline$_v2.encode_ie_loop_label_14_head$0$out_p, 0);
+ _v2.OK := _v2.OK
+ && _v2.Res_VALID_REGION(inline$_v2.encode_ie_loop_label_14_head$0$out_p) == 1;
+ assert true;
+ _v2.Mem_T.UCHAR := _v2.Mem_T.UCHAR[inline$_v2.encode_ie_loop_label_14_head$0$out_p := 120];
+ assume _v2.value_is(_v2.__ctobpl_const_21, inline$_v2.encode_ie_loop_label_14_head$0$out_p);
+ assume _v2.value_is(_v2.__ctobpl_const_22,
+ _v2.Mem_T.UCHAR[inline$_v2.encode_ie_loop_label_14_head$0$out_p]);
+ goto inline$_v2.encode_ie_loop_label_14_head$0$label_18#2;
+
+ inline$_v2.encode_ie_loop_label_14_head$0$label_18#2:
+ _v2.OK := _v2.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 32} true;
+ assume _v2.INT_GEQ(_v2.INT_PLUS(inline$_v2.encode_ie_loop_label_14_head$0$out_p, 1, 1), 0);
+ _v2.OK := _v2.OK
+ && _v2.Res_VALID_REGION(_v2.INT_PLUS(inline$_v2.encode_ie_loop_label_14_head$0$out_p, 1, 1))
+ == 1;
+ assert true;
+ _v2.Mem_T.UCHAR := _v2.Mem_T.UCHAR[_v2.INT_PLUS(inline$_v2.encode_ie_loop_label_14_head$0$out_p, 1, 1) := 120];
+ assume _v2.value_is(_v2.__ctobpl_const_23, inline$_v2.encode_ie_loop_label_14_head$0$out_p);
+ assume _v2.value_is(_v2.__ctobpl_const_24,
+ _v2.Mem_T.UCHAR[_v2.INT_PLUS(inline$_v2.encode_ie_loop_label_14_head$0$out_p, 1, 1)]);
+ goto inline$_v2.encode_ie_loop_label_14_head$0$label_19#2;
+
+ inline$_v2.encode_ie_loop_label_14_head$0$label_19#2:
+ _v2.OK := _v2.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 33} true;
+ inline$_v2.encode_ie_loop_label_14_head$0$out_tempBoogie0 := _v2.INT_PLUS(inline$_v2.encode_ie_loop_label_14_head$0$out_p, 1, 2);
+ inline$_v2.encode_ie_loop_label_14_head$0$out_p := inline$_v2.encode_ie_loop_label_14_head$0$out_tempBoogie0;
+ assume _v2.value_is(_v2.__ctobpl_const_25, inline$_v2.encode_ie_loop_label_14_head$0$out_p);
+ goto inline$_v2.encode_ie_loop_label_14_head$0$label_20#2;
+
+ inline$_v2.encode_ie_loop_label_14_head$0$label_20#2:
+ _v2.OK := _v2.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 34} true;
+ havoc inline$_v2.encode_ie_loop_label_14_head$0$out_tempBoogie0;
+ assume _v2.INT_MINUS_BOTH_PTR_OR_BOTH_INT(inline$_v2.encode_ie_loop_label_14_head$0$out_bufsize, 2, 1, inline$_v2.encode_ie_loop_label_14_head$0$out_tempBoogie0);
+ inline$_v2.encode_ie_loop_label_14_head$0$out_bufsize := inline$_v2.encode_ie_loop_label_14_head$0$out_tempBoogie0;
+ assume _v2.value_is(_v2.__ctobpl_const_26, inline$_v2.encode_ie_loop_label_14_head$0$out_bufsize);
+ goto inline$_v2.encode_ie_loop_label_14_head$0$label_21#2;
+
+ inline$_v2.encode_ie_loop_label_14_head$0$label_21#2:
+ _v2.OK := _v2.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 20} true;
+ assume _v2.value_is(_v2.__ctobpl_const_27, inline$_v2.encode_ie_loop_label_14_head$0$out_i);
+ inline$_v2.encode_ie_loop_label_14_head$0$out_i := _v2.INT_PLUS(inline$_v2.encode_ie_loop_label_14_head$0$out_i, 1, 1);
+ goto inline$_v2.encode_ie_loop_label_14_head$0$label_21_dummy#2;
+
+ inline$_v2.encode_ie_loop_label_14_head$0$label_21_dummy#2:
+ _v2.encode_ie_loop_label_14_head_in_2_0, _v2.encode_ie_loop_label_14_head_in_2_1, _v2.encode_ie_loop_label_14_head_in_2_2, _v2.encode_ie_loop_label_14_head_in_2_3, _v2.encode_ie_loop_label_14_head_in_2_4, _v2.encode_ie_loop_label_14_head_in_2_5, _v2.encode_ie_loop_label_14_head_in_2_6 := inline$_v2.encode_ie_loop_label_14_head$0$out_bufsize, inline$_v2.encode_ie_loop_label_14_head$0$out_i, inline$_v2.encode_ie_loop_label_14_head$0$in_ielen, inline$_v2.encode_ie_loop_label_14_head$0$out_p, inline$_v2.encode_ie_loop_label_14_head$0$out_tempBoogie0, _v2.Mem_T.UCHAR, _v2.OK;
+ call inline$_v2.encode_ie_loop_label_14_head$0$out_bufsize, inline$_v2.encode_ie_loop_label_14_head$0$out_i, inline$_v2.encode_ie_loop_label_14_head$0$out_p, inline$_v2.encode_ie_loop_label_14_head$0$out_tempBoogie0 := _v2.encode_ie_loop_label_14_head(inline$_v2.encode_ie_loop_label_14_head$0$out_bufsize, inline$_v2.encode_ie_loop_label_14_head$0$out_i, inline$_v2.encode_ie_loop_label_14_head$0$in_ielen, inline$_v2.encode_ie_loop_label_14_head$0$out_p, inline$_v2.encode_ie_loop_label_14_head$0$out_tempBoogie0);
+ _v2.encode_ie_loop_label_14_head_2_done := true;
+ _v2.encode_ie_loop_label_14_head_out_2_0, _v2.encode_ie_loop_label_14_head_out_2_1, _v2.encode_ie_loop_label_14_head_out_2_2, _v2.encode_ie_loop_label_14_head_out_2_3, _v2.encode_ie_loop_label_14_head_out_2_4, _v2.encode_ie_loop_label_14_head_out_2_5 := inline$_v2.encode_ie_loop_label_14_head$0$out_bufsize, inline$_v2.encode_ie_loop_label_14_head$0$out_i, inline$_v2.encode_ie_loop_label_14_head$0$out_p, inline$_v2.encode_ie_loop_label_14_head$0$out_tempBoogie0, _v2.Mem_T.UCHAR, _v2.OK;
+ goto inline$_v2.encode_ie_loop_label_14_head$0$Return;
+
+ inline$_v2.encode_ie_loop_label_14_head$0$Return:
+ assume true;
+ _v2.out_bufsize := inline$_v2.encode_ie_loop_label_14_head$0$out_bufsize;
+ _v2.out_i := inline$_v2.encode_ie_loop_label_14_head$0$out_i;
+ _v2.out_p := inline$_v2.encode_ie_loop_label_14_head$0$out_p;
+ _v2.out_tempBoogie0 := inline$_v2.encode_ie_loop_label_14_head$0$out_tempBoogie0;
+ goto START$2;
+
+ START$2:
+ goto MS_L_0_0;
+
+ MS_L_0_0:
+ goto MS_L_taken_0, MS_L_not_taken_0;
+
+ MS_L_taken_0:
+ assume _v1.encode_ie_loop_label_14_head_1_done
+ && _v2.encode_ie_loop_label_14_head_2_done;
+ store__0__v1.Mem_T.UCHAR, store__0__v1.OK := _v1.Mem_T.UCHAR, _v1.OK;
+ store__0__v2.Mem_T.UCHAR, store__0__v2.OK := _v2.Mem_T.UCHAR, _v2.OK;
+ _v1.Mem_T.UCHAR, _v1.OK := _v1.encode_ie_loop_label_14_head_in_1_5, _v1.encode_ie_loop_label_14_head_in_1_6;
+ _v2.Mem_T.UCHAR, _v2.OK := _v2.encode_ie_loop_label_14_head_in_2_5, _v2.encode_ie_loop_label_14_head_in_2_6;
+ call out__v1.encode_ie_loop_label_14_head_out_1_0_0, out__v1.encode_ie_loop_label_14_head_out_1_1_0, out__v1.encode_ie_loop_label_14_head_out_1_2_0, out__v2.encode_ie_loop_label_14_head_out_2_0_0, out__v2.encode_ie_loop_label_14_head_out_2_1_0, out__v2.encode_ie_loop_label_14_head_out_2_2_0, out__v2.encode_ie_loop_label_14_head_out_2_3_0 := MS_Check__v1.encode_ie_loop_label_14_head___v2.encode_ie_loop_label_14_head(_v1.encode_ie_loop_label_14_head_in_1_0, _v1.encode_ie_loop_label_14_head_in_1_1, _v1.encode_ie_loop_label_14_head_in_1_2, _v1.encode_ie_loop_label_14_head_in_1_3, _v1.encode_ie_loop_label_14_head_in_1_4, _v2.encode_ie_loop_label_14_head_in_2_0, _v2.encode_ie_loop_label_14_head_in_2_1, _v2.encode_ie_loop_label_14_head_in_2_2, _v2.encode_ie_loop_label_14_head_in_2_3, _v2.encode_ie_loop_label_14_head_in_2_4);
+ assume _v1.Mem_T.UCHAR == _v1.encode_ie_loop_label_14_head_out_1_3
+ && (_v1.OK <==> _v1.encode_ie_loop_label_14_head_out_1_4);
+ assume _v2.Mem_T.UCHAR == _v2.encode_ie_loop_label_14_head_out_2_4
+ && (_v2.OK <==> _v2.encode_ie_loop_label_14_head_out_2_5);
+ assume _v1.encode_ie_loop_label_14_head_out_1_0
+ == out__v1.encode_ie_loop_label_14_head_out_1_0_0
+ && _v1.encode_ie_loop_label_14_head_out_1_1
+ == out__v1.encode_ie_loop_label_14_head_out_1_1_0
+ && _v1.encode_ie_loop_label_14_head_out_1_2
+ == out__v1.encode_ie_loop_label_14_head_out_1_2_0
+ && _v2.encode_ie_loop_label_14_head_out_2_0
+ == out__v2.encode_ie_loop_label_14_head_out_2_0_0
+ && _v2.encode_ie_loop_label_14_head_out_2_1
+ == out__v2.encode_ie_loop_label_14_head_out_2_1_0
+ && _v2.encode_ie_loop_label_14_head_out_2_2
+ == out__v2.encode_ie_loop_label_14_head_out_2_2_0
+ && _v2.encode_ie_loop_label_14_head_out_2_3
+ == out__v2.encode_ie_loop_label_14_head_out_2_3_0;
+ _v1.Mem_T.UCHAR, _v1.OK := store__0__v1.Mem_T.UCHAR, store__0__v1.OK;
+ _v2.Mem_T.UCHAR, _v2.OK := store__0__v2.Mem_T.UCHAR, store__0__v2.OK;
+ goto MS_L_meet_0;
+
+ MS_L_not_taken_0:
+ assume !(_v1.encode_ie_loop_label_14_head_1_done
+ && _v2.encode_ie_loop_label_14_head_2_done);
+ goto MS_L_meet_0;
+
+ MS_L_meet_0:
+ return;
+}
+
+
+
+function {:inline true} MS$_v1.giwscan_cb$_v2.giwscan_cb(_v1.se_.1: int,
+ _v1.OK_old: bool,
+ _v1.Mem_old: [name][int]int,
+ _v1.alloc_old: int,
+ _v1.Mem_T.A1CHAR_old: [int]int,
+ _v1.Mem_T.A5UCHAR_old: [int]int,
+ _v1.Mem_T.A6UCHAR_old: [int]int,
+ _v1.Mem_T.CHAR_old: [int]int,
+ _v1.Mem_T.INT4_old: [int]int,
+ _v1.Mem_T.PCHAR_old: [int]int,
+ _v1.Mem_T.PUCHAR_old: [int]int,
+ _v1.Mem_T.PVOID_old: [int]int,
+ _v1.Mem_T.Pieee80211_scan_entry_old: [int]int,
+ _v1.Mem_T.UCHAR_old: [int]int,
+ _v1.Mem_T.VOID_old: [int]int,
+ _v1.Mem_T.ieee80211_scan_entry_old: [int]int,
+ _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry_old: [int]int,
+ _v1.detChoiceCnt_old: int,
+ _v1.Res_KERNEL_SOURCE_old: [int]int,
+ _v1.Res_PROBED_old: [int]int,
+ _v1.alloc_: int,
+ _v1.OK_: bool,
+ _v1.Mem_T.UCHAR_: [int]int,
+ _v1.result.giwscan_cb$1: int,
+ _v2.se_.1: int,
+ _v2.OK_old: bool,
+ _v2.Mem_old: [name][int]int,
+ _v2.alloc_old: int,
+ _v2.Mem_T.A1CHAR_old: [int]int,
+ _v2.Mem_T.A5UCHAR_old: [int]int,
+ _v2.Mem_T.A6UCHAR_old: [int]int,
+ _v2.Mem_T.CHAR_old: [int]int,
+ _v2.Mem_T.INT4_old: [int]int,
+ _v2.Mem_T.PCHAR_old: [int]int,
+ _v2.Mem_T.PUCHAR_old: [int]int,
+ _v2.Mem_T.PVOID_old: [int]int,
+ _v2.Mem_T.Pieee80211_scan_entry_old: [int]int,
+ _v2.Mem_T.UCHAR_old: [int]int,
+ _v2.Mem_T.VOID_old: [int]int,
+ _v2.Mem_T.ieee80211_scan_entry_old: [int]int,
+ _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry_old: [int]int,
+ _v2.detChoiceCnt_old: int,
+ _v2.Res_KERNEL_SOURCE_old: [int]int,
+ _v2.Res_PROBED_old: [int]int,
+ _v2.alloc_: int,
+ _v2.OK_: bool,
+ _v2.Mem_T.UCHAR_: [int]int,
+ _v2.result.giwscan_cb$1: int)
+ : bool
+{
+ true
+}
+
+const {:existential true} _houdini_156: bool;
+
+const {:existential true} _houdini_157: bool;
+
+const {:existential true} _houdini_158: bool;
+
+const {:existential true} _houdini_159: bool;
+
+const {:existential true} _houdini_160: bool;
+
+const {:existential true} _houdini_161: bool;
+
+const {:existential true} _houdini_162: bool;
+
+const {:existential true} _houdini_163: bool;
+
+const {:existential true} _houdini_164: bool;
+
+const {:existential true} _houdini_165: bool;
+
+const {:existential true} _houdini_166: bool;
+
+const {:existential true} _houdini_167: bool;
+
+const {:existential true} _houdini_168: bool;
+
+const {:existential true} _houdini_169: bool;
+
+const {:existential true} _houdini_170: bool;
+
+const {:existential true} _houdini_171: bool;
+
+const {:existential true} _houdini_172: bool;
+
+const {:existential true} _houdini_173: bool;
+
+const {:existential true} _houdini_174: bool;
+
+const {:existential true} _houdini_175: bool;
+
+const {:existential true} _houdini_176: bool;
+
+const {:existential true} _houdini_177: bool;
+
+const {:existential true} _houdini_178: bool;
+
+const {:existential true} _houdini_179: bool;
+
+const {:existential true} _houdini_180: bool;
+
+const {:existential true} _houdini_181: bool;
+
+const {:existential true} _houdini_182: bool;
+
+const {:existential true} _houdini_183: bool;
+
+const {:existential true} _houdini_184: bool;
+
+const {:existential true} _houdini_185: bool;
+
+const {:existential true} _houdini_186: bool;
+
+procedure MS_Check__v1.giwscan_cb___v2.giwscan_cb(_v1.se_.1: int, _v2.se_.1: int)
+ returns (_v1.result.giwscan_cb$1: int, _v2.result.giwscan_cb$1: int);
+ requires _houdini_163 ==> _v1.se_.1 <= _v2.se_.1;
+ requires _houdini_164 ==> _v2.se_.1 <= _v1.se_.1;
+ requires _houdini_165 ==> _v1.OK ==> _v2.OK;
+ requires _houdini_166 ==> _v2.OK ==> _v1.OK;
+ requires _houdini_167 ==> _v1.Mem == _v2.Mem;
+ requires _houdini_168 ==> _v1.alloc <= _v2.alloc;
+ requires _houdini_169 ==> _v2.alloc <= _v1.alloc;
+ requires _houdini_170 ==> _v1.Mem_T.A1CHAR == _v2.Mem_T.A1CHAR;
+ requires _houdini_171 ==> _v1.Mem_T.A5UCHAR == _v2.Mem_T.A5UCHAR;
+ requires _houdini_172 ==> _v1.Mem_T.A6UCHAR == _v2.Mem_T.A6UCHAR;
+ requires _houdini_173 ==> _v1.Mem_T.CHAR == _v2.Mem_T.CHAR;
+ requires _houdini_174 ==> _v1.Mem_T.INT4 == _v2.Mem_T.INT4;
+ requires _houdini_175 ==> _v1.Mem_T.PCHAR == _v2.Mem_T.PCHAR;
+ requires _houdini_176 ==> _v1.Mem_T.PUCHAR == _v2.Mem_T.PUCHAR;
+ requires _houdini_177 ==> _v1.Mem_T.PVOID == _v2.Mem_T.PVOID;
+ requires _houdini_178
+ ==> _v1.Mem_T.Pieee80211_scan_entry == _v2.Mem_T.Pieee80211_scan_entry;
+ requires _houdini_179 ==> _v1.Mem_T.UCHAR == _v2.Mem_T.UCHAR;
+ requires _houdini_180 ==> _v1.Mem_T.VOID == _v2.Mem_T.VOID;
+ requires _houdini_181
+ ==> _v1.Mem_T.ieee80211_scan_entry == _v2.Mem_T.ieee80211_scan_entry;
+ requires _houdini_182
+ ==> _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry
+ == _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry;
+ requires _houdini_183 ==> _v1.detChoiceCnt <= _v2.detChoiceCnt;
+ requires _houdini_184 ==> _v2.detChoiceCnt <= _v1.detChoiceCnt;
+ requires _houdini_185 ==> _v1.Res_KERNEL_SOURCE == _v2.Res_KERNEL_SOURCE;
+ requires _houdini_186 ==> _v1.Res_PROBED == _v2.Res_PROBED;
+ modifies _v1.alloc, _v1.OK, _v1.Mem_T.UCHAR, _v2.alloc, _v2.OK, _v2.Mem_T.UCHAR;
+ ensures MS$_v1.giwscan_cb$_v2.giwscan_cb(_v1.se_.1,
+ old(_v1.OK),
+ old(_v1.Mem),
+ old(_v1.alloc),
+ old(_v1.Mem_T.A1CHAR),
+ old(_v1.Mem_T.A5UCHAR),
+ old(_v1.Mem_T.A6UCHAR),
+ old(_v1.Mem_T.CHAR),
+ old(_v1.Mem_T.INT4),
+ old(_v1.Mem_T.PCHAR),
+ old(_v1.Mem_T.PUCHAR),
+ old(_v1.Mem_T.PVOID),
+ old(_v1.Mem_T.Pieee80211_scan_entry),
+ old(_v1.Mem_T.UCHAR),
+ old(_v1.Mem_T.VOID),
+ old(_v1.Mem_T.ieee80211_scan_entry),
+ old(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry),
+ old(_v1.detChoiceCnt),
+ old(_v1.Res_KERNEL_SOURCE),
+ old(_v1.Res_PROBED),
+ _v1.alloc,
+ _v1.OK,
+ _v1.Mem_T.UCHAR,
+ _v1.result.giwscan_cb$1,
+ _v2.se_.1,
+ old(_v2.OK),
+ old(_v2.Mem),
+ old(_v2.alloc),
+ old(_v2.Mem_T.A1CHAR),
+ old(_v2.Mem_T.A5UCHAR),
+ old(_v2.Mem_T.A6UCHAR),
+ old(_v2.Mem_T.CHAR),
+ old(_v2.Mem_T.INT4),
+ old(_v2.Mem_T.PCHAR),
+ old(_v2.Mem_T.PUCHAR),
+ old(_v2.Mem_T.PVOID),
+ old(_v2.Mem_T.Pieee80211_scan_entry),
+ old(_v2.Mem_T.UCHAR),
+ old(_v2.Mem_T.VOID),
+ old(_v2.Mem_T.ieee80211_scan_entry),
+ old(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry),
+ old(_v2.detChoiceCnt),
+ old(_v2.Res_KERNEL_SOURCE),
+ old(_v2.Res_PROBED),
+ _v2.alloc,
+ _v2.OK,
+ _v2.Mem_T.UCHAR,
+ _v2.result.giwscan_cb$1);
+ ensures _houdini_156 ==> _v1.result.giwscan_cb$1 <= _v2.result.giwscan_cb$1;
+ ensures _houdini_157 ==> _v2.result.giwscan_cb$1 <= _v1.result.giwscan_cb$1;
+ ensures _houdini_158 ==> _v1.alloc <= _v2.alloc;
+ ensures _houdini_159 ==> _v2.alloc <= _v1.alloc;
+ ensures _houdini_160 ==> _v1.OK ==> _v2.OK;
+ ensures _houdini_161 ==> _v2.OK ==> _v1.OK;
+ ensures _houdini_162 ==> _v1.Mem_T.UCHAR == _v2.Mem_T.UCHAR;
+
+
+
+implementation MS_Check__v1.giwscan_cb___v2.giwscan_cb(_v1.se_.1: int, _v2.se_.1: int)
+ returns (_v1.result.giwscan_cb$1: int, _v2.result.giwscan_cb$1: int)
+{
+ var inline$_v1.giwscan_cb$0$havoc_stringTemp: int;
+ var inline$_v1.giwscan_cb$0$condVal: int;
+ var inline$_v1.giwscan_cb$0$buf: int;
+ var inline$_v1.giwscan_cb$0$$encode_ie.arg.4$3.$$static$: int;
+ var inline$_v1.giwscan_cb$0$result.encode_ie$2: int;
+ var inline$_v1.giwscan_cb$0$rsn_leader: int;
+ var inline$_v1.giwscan_cb$0$se: int;
+ var inline$_v1.giwscan_cb$0$tempBoogie0: int;
+ var inline$_v1.giwscan_cb$0$tempBoogie1: int;
+ var inline$_v1.giwscan_cb$0$tempBoogie2: int;
+ var inline$_v1.giwscan_cb$0$tempBoogie3: int;
+ var inline$_v1.giwscan_cb$0$tempBoogie4: int;
+ var inline$_v1.giwscan_cb$0$tempBoogie5: int;
+ var inline$_v1.giwscan_cb$0$tempBoogie6: int;
+ var inline$_v1.giwscan_cb$0$tempBoogie7: int;
+ var inline$_v1.giwscan_cb$0$tempBoogie8: int;
+ var inline$_v1.giwscan_cb$0$tempBoogie9: int;
+ var inline$_v1.giwscan_cb$0$tempBoogie10: int;
+ var inline$_v1.giwscan_cb$0$tempBoogie11: int;
+ var inline$_v1.giwscan_cb$0$tempBoogie12: int;
+ var inline$_v1.giwscan_cb$0$tempBoogie13: int;
+ var inline$_v1.giwscan_cb$0$tempBoogie14: int;
+ var inline$_v1.giwscan_cb$0$tempBoogie15: int;
+ var inline$_v1.giwscan_cb$0$tempBoogie16: int;
+ var inline$_v1.giwscan_cb$0$tempBoogie17: int;
+ var inline$_v1.giwscan_cb$0$tempBoogie18: int;
+ var inline$_v1.giwscan_cb$0$tempBoogie19: int;
+ var inline$_v1.giwscan_cb$0$__havoc_dummy_return: int;
+ var inline$_v1.giwscan_cb$0$se_.1: int;
+ var inline$_v1.giwscan_cb$0$result.giwscan_cb$1: int;
+ var inline$_v1.giwscan_cb$0$_v1.alloc: int;
+ var inline$_v1.giwscan_cb$0$_v1.OK: bool;
+ var inline$_v1.giwscan_cb$0$_v1.Mem_T.UCHAR: [int]int;
+ var inline$_v2.giwscan_cb$0$havoc_stringTemp: int;
+ var inline$_v2.giwscan_cb$0$condVal: int;
+ var inline$_v2.giwscan_cb$0$buf: int;
+ var inline$_v2.giwscan_cb$0$$encode_ie.arg.4$3.$$static$: int;
+ var inline$_v2.giwscan_cb$0$result.encode_ie$2: int;
+ var inline$_v2.giwscan_cb$0$rsn_leader: int;
+ var inline$_v2.giwscan_cb$0$se: int;
+ var inline$_v2.giwscan_cb$0$tempBoogie0: int;
+ var inline$_v2.giwscan_cb$0$tempBoogie1: int;
+ var inline$_v2.giwscan_cb$0$tempBoogie2: int;
+ var inline$_v2.giwscan_cb$0$tempBoogie3: int;
+ var inline$_v2.giwscan_cb$0$tempBoogie4: int;
+ var inline$_v2.giwscan_cb$0$tempBoogie5: int;
+ var inline$_v2.giwscan_cb$0$tempBoogie6: int;
+ var inline$_v2.giwscan_cb$0$tempBoogie7: int;
+ var inline$_v2.giwscan_cb$0$tempBoogie8: int;
+ var inline$_v2.giwscan_cb$0$tempBoogie9: int;
+ var inline$_v2.giwscan_cb$0$tempBoogie10: int;
+ var inline$_v2.giwscan_cb$0$tempBoogie11: int;
+ var inline$_v2.giwscan_cb$0$tempBoogie12: int;
+ var inline$_v2.giwscan_cb$0$tempBoogie13: int;
+ var inline$_v2.giwscan_cb$0$tempBoogie14: int;
+ var inline$_v2.giwscan_cb$0$tempBoogie15: int;
+ var inline$_v2.giwscan_cb$0$tempBoogie16: int;
+ var inline$_v2.giwscan_cb$0$tempBoogie17: int;
+ var inline$_v2.giwscan_cb$0$tempBoogie18: int;
+ var inline$_v2.giwscan_cb$0$tempBoogie19: int;
+ var inline$_v2.giwscan_cb$0$__havoc_dummy_return: int;
+ var inline$_v2.giwscan_cb$0$se_.1: int;
+ var inline$_v2.giwscan_cb$0$result.giwscan_cb$1: int;
+ var inline$_v2.giwscan_cb$0$_v2.alloc: int;
+ var inline$_v2.giwscan_cb$0$_v2.OK: bool;
+ var inline$_v2.giwscan_cb$0$_v2.Mem_T.UCHAR: [int]int;
+ var _v1.__HAVOC_det_malloc_1_done: bool;
+ var _v1.__HAVOC_det_malloc_in_1_0: int;
+ var _v1.__HAVOC_det_malloc_in_1_1: int;
+ var _v1.__HAVOC_det_malloc_in_1_2: bool;
+ var _v1.__HAVOC_det_malloc_in_1_3: [int]int;
+ var _v1.__HAVOC_det_malloc_out_1_0: int;
+ var _v1.__HAVOC_det_malloc_out_1_1: int;
+ var _v1.__HAVOC_det_malloc_2_done: bool;
+ var _v1.__HAVOC_det_malloc_in_2_0: int;
+ var _v1.__HAVOC_det_malloc_in_2_1: int;
+ var _v1.__HAVOC_det_malloc_in_2_2: bool;
+ var _v1.__HAVOC_det_malloc_in_2_3: [int]int;
+ var _v1.__HAVOC_det_malloc_out_2_0: int;
+ var _v1.__HAVOC_det_malloc_out_2_1: int;
+ var _v1.encode_ie_3_done: bool;
+ var _v1.encode_ie_in_3_0: int;
+ var _v1.encode_ie_in_3_1: int;
+ var _v1.encode_ie_in_3_2: int;
+ var _v1.encode_ie_in_3_3: int;
+ var _v1.encode_ie_in_3_4: int;
+ var _v1.encode_ie_in_3_5: int;
+ var _v1.encode_ie_in_3_6: int;
+ var _v1.encode_ie_in_3_7: bool;
+ var _v1.encode_ie_in_3_8: [int]int;
+ var _v1.encode_ie_out_3_0: int;
+ var _v1.encode_ie_out_3_1: bool;
+ var _v1.encode_ie_out_3_2: [int]int;
+ var _v1.__HAVOC_free_4_done: bool;
+ var _v1.__HAVOC_free_in_4_0: int;
+ var _v1.__HAVOC_free_in_4_1: int;
+ var _v1.__HAVOC_free_in_4_2: bool;
+ var _v1.__HAVOC_free_in_4_3: [int]int;
+ var _v1.__HAVOC_free_5_done: bool;
+ var _v1.__HAVOC_free_in_5_0: int;
+ var _v1.__HAVOC_free_in_5_1: int;
+ var _v1.__HAVOC_free_in_5_2: bool;
+ var _v1.__HAVOC_free_in_5_3: [int]int;
+ var _v2.__HAVOC_det_malloc_6_done: bool;
+ var _v2.__HAVOC_det_malloc_in_6_0: int;
+ var _v2.__HAVOC_det_malloc_in_6_1: int;
+ var _v2.__HAVOC_det_malloc_in_6_2: bool;
+ var _v2.__HAVOC_det_malloc_in_6_3: [int]int;
+ var _v2.__HAVOC_det_malloc_out_6_0: int;
+ var _v2.__HAVOC_det_malloc_out_6_1: int;
+ var _v2.__HAVOC_det_malloc_7_done: bool;
+ var _v2.__HAVOC_det_malloc_in_7_0: int;
+ var _v2.__HAVOC_det_malloc_in_7_1: int;
+ var _v2.__HAVOC_det_malloc_in_7_2: bool;
+ var _v2.__HAVOC_det_malloc_in_7_3: [int]int;
+ var _v2.__HAVOC_det_malloc_out_7_0: int;
+ var _v2.__HAVOC_det_malloc_out_7_1: int;
+ var _v2.encode_ie_8_done: bool;
+ var _v2.encode_ie_in_8_0: int;
+ var _v2.encode_ie_in_8_1: int;
+ var _v2.encode_ie_in_8_2: int;
+ var _v2.encode_ie_in_8_3: int;
+ var _v2.encode_ie_in_8_4: int;
+ var _v2.encode_ie_in_8_5: int;
+ var _v2.encode_ie_in_8_6: int;
+ var _v2.encode_ie_in_8_7: bool;
+ var _v2.encode_ie_in_8_8: [int]int;
+ var _v2.encode_ie_out_8_0: int;
+ var _v2.encode_ie_out_8_1: bool;
+ var _v2.encode_ie_out_8_2: [int]int;
+ var _v2.__HAVOC_free_9_done: bool;
+ var _v2.__HAVOC_free_in_9_0: int;
+ var _v2.__HAVOC_free_in_9_1: int;
+ var _v2.__HAVOC_free_in_9_2: bool;
+ var _v2.__HAVOC_free_in_9_3: [int]int;
+ var _v2.__HAVOC_free_10_done: bool;
+ var _v2.__HAVOC_free_in_10_0: int;
+ var _v2.__HAVOC_free_in_10_1: int;
+ var _v2.__HAVOC_free_in_10_2: bool;
+ var _v2.__HAVOC_free_in_10_3: [int]int;
+ var store__0__v1.alloc: int;
+ var store__0__v1.OK: bool;
+ var store__0__v1.Mem_T.UCHAR: [int]int;
+ var store__0__v2.alloc: int;
+ var store__0__v2.OK: bool;
+ var store__0__v2.Mem_T.UCHAR: [int]int;
+ var out__v1.__HAVOC_det_malloc_out_1_0_0: int;
+ var out__v2.__HAVOC_det_malloc_out_6_0_0: int;
+ var store__1__v1.alloc: int;
+ var store__1__v1.OK: bool;
+ var store__1__v1.Mem_T.UCHAR: [int]int;
+ var store__1__v2.alloc: int;
+ var store__1__v2.OK: bool;
+ var store__1__v2.Mem_T.UCHAR: [int]int;
+ var out__v1.__HAVOC_det_malloc_out_1_0_1: int;
+ var out__v2.__HAVOC_det_malloc_out_7_0_1: int;
+ var store__2__v1.alloc: int;
+ var store__2__v1.OK: bool;
+ var store__2__v1.Mem_T.UCHAR: [int]int;
+ var store__2__v2.alloc: int;
+ var store__2__v2.OK: bool;
+ var store__2__v2.Mem_T.UCHAR: [int]int;
+ var out__v1.__HAVOC_det_malloc_out_2_0_2: int;
+ var out__v2.__HAVOC_det_malloc_out_6_0_2: int;
+ var store__3__v1.alloc: int;
+ var store__3__v1.OK: bool;
+ var store__3__v1.Mem_T.UCHAR: [int]int;
+ var store__3__v2.alloc: int;
+ var store__3__v2.OK: bool;
+ var store__3__v2.Mem_T.UCHAR: [int]int;
+ var out__v1.__HAVOC_det_malloc_out_2_0_3: int;
+ var out__v2.__HAVOC_det_malloc_out_7_0_3: int;
+ var store__4__v1.alloc: int;
+ var store__4__v1.OK: bool;
+ var store__4__v1.Mem_T.UCHAR: [int]int;
+ var store__4__v2.alloc: int;
+ var store__4__v2.OK: bool;
+ var store__4__v2.Mem_T.UCHAR: [int]int;
+ var out__v1.encode_ie_out_3_0_4: int;
+ var out__v2.encode_ie_out_8_0_4: int;
+ var store__5__v1.alloc: int;
+ var store__5__v1.OK: bool;
+ var store__5__v1.Mem_T.UCHAR: [int]int;
+ var store__5__v2.alloc: int;
+ var store__5__v2.OK: bool;
+ var store__5__v2.Mem_T.UCHAR: [int]int;
+ var store__6__v1.alloc: int;
+ var store__6__v1.OK: bool;
+ var store__6__v1.Mem_T.UCHAR: [int]int;
+ var store__6__v2.alloc: int;
+ var store__6__v2.OK: bool;
+ var store__6__v2.Mem_T.UCHAR: [int]int;
+ var store__7__v1.alloc: int;
+ var store__7__v1.OK: bool;
+ var store__7__v1.Mem_T.UCHAR: [int]int;
+ var store__7__v2.alloc: int;
+ var store__7__v2.OK: bool;
+ var store__7__v2.Mem_T.UCHAR: [int]int;
+ var store__8__v1.alloc: int;
+ var store__8__v1.OK: bool;
+ var store__8__v1.Mem_T.UCHAR: [int]int;
+ var store__8__v2.alloc: int;
+ var store__8__v2.OK: bool;
+ var store__8__v2.Mem_T.UCHAR: [int]int;
+
+ START:
+ _v1.__HAVOC_det_malloc_1_done, _v1.__HAVOC_det_malloc_2_done, _v1.encode_ie_3_done, _v1.__HAVOC_free_4_done, _v1.__HAVOC_free_5_done, _v2.__HAVOC_det_malloc_6_done, _v2.__HAVOC_det_malloc_7_done, _v2.encode_ie_8_done, _v2.__HAVOC_free_9_done, _v2.__HAVOC_free_10_done := false, false, false, false, false, false, false, false, false, false;
+ goto inline$_v1.giwscan_cb$0$Entry;
+
+ inline$_v1.giwscan_cb$0$Entry:
+ inline$_v1.giwscan_cb$0$se_.1 := _v1.se_.1;
+ havoc inline$_v1.giwscan_cb$0$havoc_stringTemp, inline$_v1.giwscan_cb$0$condVal, inline$_v1.giwscan_cb$0$buf, inline$_v1.giwscan_cb$0$$encode_ie.arg.4$3.$$static$, inline$_v1.giwscan_cb$0$result.encode_ie$2, inline$_v1.giwscan_cb$0$rsn_leader, inline$_v1.giwscan_cb$0$se, inline$_v1.giwscan_cb$0$tempBoogie0, inline$_v1.giwscan_cb$0$tempBoogie1, inline$_v1.giwscan_cb$0$tempBoogie2, inline$_v1.giwscan_cb$0$tempBoogie3, inline$_v1.giwscan_cb$0$tempBoogie4, inline$_v1.giwscan_cb$0$tempBoogie5, inline$_v1.giwscan_cb$0$tempBoogie6, inline$_v1.giwscan_cb$0$tempBoogie7, inline$_v1.giwscan_cb$0$tempBoogie8, inline$_v1.giwscan_cb$0$tempBoogie9, inline$_v1.giwscan_cb$0$tempBoogie10, inline$_v1.giwscan_cb$0$tempBoogie11, inline$_v1.giwscan_cb$0$tempBoogie12, inline$_v1.giwscan_cb$0$tempBoogie13, inline$_v1.giwscan_cb$0$tempBoogie14, inline$_v1.giwscan_cb$0$tempBoogie15, inline$_v1.giwscan_cb$0$tempBoogie16, inline$_v1.giwscan_cb$0$tempBoogie17, inline$_v1.giwscan_cb$0$tempBoogie18, inline$_v1.giwscan_cb$0$tempBoogie19, inline$_v1.giwscan_cb$0$__havoc_dummy_return, inline$_v1.giwscan_cb$0$result.giwscan_cb$1;
+ inline$_v1.giwscan_cb$0$_v1.alloc := _v1.alloc;
+ inline$_v1.giwscan_cb$0$_v1.OK := _v1.OK;
+ inline$_v1.giwscan_cb$0$_v1.Mem_T.UCHAR := _v1.Mem_T.UCHAR;
+ goto inline$_v1.giwscan_cb$0$anon0#2;
+
+ inline$_v1.giwscan_cb$0$anon0#2:
+ inline$_v1.giwscan_cb$0$havoc_stringTemp := 0;
+ goto inline$_v1.giwscan_cb$0$start#2;
+
+ inline$_v1.giwscan_cb$0$start#2:
+ assume _v2.INT_LT(inline$_v1.giwscan_cb$0$se_.1, _v1.alloc);
+ _v1.__HAVOC_det_malloc_in_1_0, _v1.__HAVOC_det_malloc_in_1_1, _v1.__HAVOC_det_malloc_in_1_2, _v1.__HAVOC_det_malloc_in_1_3 := 6, _v1.alloc, _v1.OK, _v1.Mem_T.UCHAR;
+ call inline$_v1.giwscan_cb$0$buf := _v1.__HAVOC_det_malloc(6);
+ _v1.__HAVOC_det_malloc_1_done := true;
+ _v1.__HAVOC_det_malloc_out_1_0, _v1.__HAVOC_det_malloc_out_1_1 := inline$_v1.giwscan_cb$0$buf, _v1.alloc;
+ inline$_v1.giwscan_cb$0$$encode_ie.arg.4$3.$$static$ := 0;
+ inline$_v1.giwscan_cb$0$result.encode_ie$2 := 0;
+ inline$_v1.giwscan_cb$0$result.giwscan_cb$1 := 0;
+ _v1.__HAVOC_det_malloc_in_2_0, _v1.__HAVOC_det_malloc_in_2_1, _v1.__HAVOC_det_malloc_in_2_2, _v1.__HAVOC_det_malloc_in_2_3 := 1, _v1.alloc, _v1.OK, _v1.Mem_T.UCHAR;
+ call inline$_v1.giwscan_cb$0$rsn_leader := _v1.__HAVOC_det_malloc(1);
+ _v1.__HAVOC_det_malloc_2_done := true;
+ _v1.__HAVOC_det_malloc_out_2_0, _v1.__HAVOC_det_malloc_out_2_1 := inline$_v1.giwscan_cb$0$rsn_leader, _v1.alloc;
+ inline$_v1.giwscan_cb$0$se := 0;
+ assume _v2.INT_GEQ(inline$_v1.giwscan_cb$0$se_.1, 0);
+ inline$_v1.giwscan_cb$0$se := inline$_v1.giwscan_cb$0$se_.1;
+ goto inline$_v1.giwscan_cb$0$label_3#2;
+
+ inline$_v1.giwscan_cb$0$label_3#2:
+ _v1.OK := _v1.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 45} true;
+ goto inline$_v1.giwscan_cb$0$label_4#2;
+
+ inline$_v1.giwscan_cb$0$label_4#2:
+ _v1.OK := _v1.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 46} true;
+ goto inline$_v1.giwscan_cb$0$label_5#2;
+
+ inline$_v1.giwscan_cb$0$label_5#2:
+ _v1.OK := _v1.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 50} true;
+ assume _v2.INT_GEQ(inline$_v1.giwscan_cb$0$se, 0);
+ _v1.OK := _v1.OK
+ && _v2.Res_VALID_REGION(_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v1.giwscan_cb$0$se))
+ == 1;
+ assert true;
+ goto inline$_v1.giwscan_cb$0$label_5_true#2, inline$_v1.giwscan_cb$0$label_5_false#2;
+
+ inline$_v1.giwscan_cb$0$label_5_false#2:
+ assume _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v1.giwscan_cb$0$se)]
+ == 0;
+ assume _v2.value_is(_v1.__ctobpl_const_32, inline$_v1.giwscan_cb$0$se);
+ assume _v2.value_is(_v1.__ctobpl_const_33,
+ _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v1.giwscan_cb$0$se)]);
+ goto inline$_v1.giwscan_cb$0$label_6#2;
+
+ inline$_v1.giwscan_cb$0$label_5_true#2:
+ assume _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v1.giwscan_cb$0$se)]
+ != 0;
+ assume _v2.value_is(_v1.__ctobpl_const_32, inline$_v1.giwscan_cb$0$se);
+ assume _v2.value_is(_v1.__ctobpl_const_33,
+ _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v1.giwscan_cb$0$se)]);
+ goto inline$_v1.giwscan_cb$0$label_7#2;
+
+ inline$_v1.giwscan_cb$0$label_7#2:
+ _v1.OK := _v1.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 51} true;
+ assume _v2.INT_GEQ(inline$_v1.giwscan_cb$0$se, 0);
+ _v1.OK := _v1.OK
+ && _v2.Res_VALID_REGION(_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v1.giwscan_cb$0$se))
+ == 1;
+ assert true;
+ assume _v2.INT_GEQ(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v1.giwscan_cb$0$se)],
+ 0);
+ _v1.OK := _v1.OK
+ && _v2.Res_VALID_REGION(_v2.INT_PLUS(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v1.giwscan_cb$0$se)],
+ 1,
+ 0))
+ == 1;
+ assert true;
+ goto inline$_v1.giwscan_cb$0$label_7_true#2, inline$_v1.giwscan_cb$0$label_7_false#2;
+
+ inline$_v1.giwscan_cb$0$label_7_false#2:
+ assume !_v2.INT_EQ(_v1.Mem_T.UCHAR[_v2.INT_PLUS(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v1.giwscan_cb$0$se)],
+ 1,
+ 0)],
+ 200);
+ assume _v2.value_is(_v1.__ctobpl_const_34, inline$_v1.giwscan_cb$0$se);
+ assume _v2.value_is(_v1.__ctobpl_const_35,
+ _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v1.giwscan_cb$0$se)]);
+ assume _v2.value_is(_v1.__ctobpl_const_36,
+ _v1.Mem_T.UCHAR[_v2.INT_PLUS(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v1.giwscan_cb$0$se)],
+ 1,
+ 0)]);
+ goto inline$_v1.giwscan_cb$0$label_6#2;
+
+ inline$_v1.giwscan_cb$0$label_7_true#2:
+ assume _v2.INT_EQ(_v1.Mem_T.UCHAR[_v2.INT_PLUS(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v1.giwscan_cb$0$se)],
+ 1,
+ 0)],
+ 200);
+ assume _v2.value_is(_v1.__ctobpl_const_34, inline$_v1.giwscan_cb$0$se);
+ assume _v2.value_is(_v1.__ctobpl_const_35,
+ _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v1.giwscan_cb$0$se)]);
+ assume _v2.value_is(_v1.__ctobpl_const_36,
+ _v1.Mem_T.UCHAR[_v2.INT_PLUS(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v1.giwscan_cb$0$se)],
+ 1,
+ 0)]);
+ goto inline$_v1.giwscan_cb$0$label_8#2;
+
+ inline$_v1.giwscan_cb$0$label_8#2:
+ _v1.OK := _v1.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 53} true;
+ assume _v2.INT_GEQ(inline$_v1.giwscan_cb$0$se, 0);
+ _v1.OK := _v1.OK
+ && _v2.Res_VALID_REGION(_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v1.giwscan_cb$0$se))
+ == 1;
+ assert true;
+ assume _v2.INT_GEQ(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v1.giwscan_cb$0$se)],
+ 0);
+ _v1.OK := _v1.OK
+ && _v2.Res_VALID_REGION(_v2.INT_PLUS(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v1.giwscan_cb$0$se)],
+ 1,
+ 1))
+ == 1;
+ assert true;
+ inline$_v1.giwscan_cb$0$$encode_ie.arg.4$3.$$static$ := _v2.INT_PLUS(_v1.Mem_T.UCHAR[_v2.INT_PLUS(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v1.giwscan_cb$0$se)],
+ 1,
+ 1)],
+ 1,
+ 2);
+ assume _v2.value_is(_v1.__ctobpl_const_37, inline$_v1.giwscan_cb$0$$encode_ie.arg.4$3.$$static$);
+ assume _v2.value_is(_v1.__ctobpl_const_38, inline$_v1.giwscan_cb$0$se);
+ assume _v2.value_is(_v1.__ctobpl_const_39,
+ _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v1.giwscan_cb$0$se)]);
+ assume _v2.value_is(_v1.__ctobpl_const_40,
+ _v1.Mem_T.UCHAR[_v2.INT_PLUS(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v1.giwscan_cb$0$se)],
+ 1,
+ 1)]);
+ goto inline$_v1.giwscan_cb$0$label_9#2;
+
+ inline$_v1.giwscan_cb$0$label_9#2:
+ _v1.OK := _v1.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 52} true;
+ assume _v2.INT_GEQ(inline$_v1.giwscan_cb$0$se, 0);
+ _v1.OK := _v1.OK
+ && _v2.Res_VALID_REGION(_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v1.giwscan_cb$0$se))
+ == 1;
+ assert true;
+ assume _v2.INT_GEQ(inline$_v1.giwscan_cb$0$se, 0);
+ _v1.OK := _v1.OK
+ && _v2.Res_VALID_REGION(_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v1.giwscan_cb$0$se))
+ == 1;
+ assert true;
+ _v1.encode_ie_in_3_0, _v1.encode_ie_in_3_1, _v1.encode_ie_in_3_2, _v1.encode_ie_in_3_3, _v1.encode_ie_in_3_4, _v1.encode_ie_in_3_5, _v1.encode_ie_in_3_6, _v1.encode_ie_in_3_7, _v1.encode_ie_in_3_8 := inline$_v1.giwscan_cb$0$buf, 6, _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v1.giwscan_cb$0$se)], inline$_v1.giwscan_cb$0$$encode_ie.arg.4$3.$$static$, inline$_v1.giwscan_cb$0$rsn_leader, 1, _v1.alloc, _v1.OK, _v1.Mem_T.UCHAR;
+ call inline$_v1.giwscan_cb$0$result.encode_ie$2 := _v1.encode_ie(inline$_v1.giwscan_cb$0$buf, 6, _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v1.giwscan_cb$0$se)], inline$_v1.giwscan_cb$0$$encode_ie.arg.4$3.$$static$, inline$_v1.giwscan_cb$0$rsn_leader, 1);
+ _v1.encode_ie_3_done := true;
+ _v1.encode_ie_out_3_0, _v1.encode_ie_out_3_1, _v1.encode_ie_out_3_2 := inline$_v1.giwscan_cb$0$result.encode_ie$2, _v1.OK, _v1.Mem_T.UCHAR;
+ assume _v2.value_is(_v1.__ctobpl_const_41, inline$_v1.giwscan_cb$0$se);
+ assume _v2.value_is(_v1.__ctobpl_const_42,
+ _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v1.giwscan_cb$0$se)]);
+ assume _v2.value_is(_v1.__ctobpl_const_43, inline$_v1.giwscan_cb$0$$encode_ie.arg.4$3.$$static$);
+ assume _v2.value_is(_v1.__ctobpl_const_44, inline$_v1.giwscan_cb$0$se);
+ assume _v2.value_is(_v1.__ctobpl_const_45,
+ _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v1.giwscan_cb$0$se)]);
+ assume _v2.value_is(_v1.__ctobpl_const_46, inline$_v1.giwscan_cb$0$$encode_ie.arg.4$3.$$static$);
+ goto inline$_v1.giwscan_cb$0$label_6#2;
+
+ inline$_v1.giwscan_cb$0$label_6#2:
+ _v1.OK := _v1.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 57} true;
+ inline$_v1.giwscan_cb$0$result.giwscan_cb$1 := 0;
+ goto inline$_v1.giwscan_cb$0$label_1#2;
+
+ inline$_v1.giwscan_cb$0$label_1#2:
+ _v1.OK := _v1.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 58} true;
+ _v1.__HAVOC_free_in_4_0, _v1.__HAVOC_free_in_4_1, _v1.__HAVOC_free_in_4_2, _v1.__HAVOC_free_in_4_3 := inline$_v1.giwscan_cb$0$buf, _v1.alloc, _v1.OK, _v1.Mem_T.UCHAR;
+ call _v1.__HAVOC_free(inline$_v1.giwscan_cb$0$buf);
+ _v1.__HAVOC_free_4_done := true;
+ _v1.__HAVOC_free_in_5_0, _v1.__HAVOC_free_in_5_1, _v1.__HAVOC_free_in_5_2, _v1.__HAVOC_free_in_5_3 := inline$_v1.giwscan_cb$0$rsn_leader, _v1.alloc, _v1.OK, _v1.Mem_T.UCHAR;
+ call _v1.__HAVOC_free(inline$_v1.giwscan_cb$0$rsn_leader);
+ _v1.__HAVOC_free_5_done := true;
+ goto inline$_v1.giwscan_cb$0$Return;
+
+ inline$_v1.giwscan_cb$0$Return:
+ assume true;
+ _v1.result.giwscan_cb$1 := inline$_v1.giwscan_cb$0$result.giwscan_cb$1;
+ goto START$1;
+
+ START$1:
+ goto inline$_v2.giwscan_cb$0$Entry;
+
+ inline$_v2.giwscan_cb$0$Entry:
+ inline$_v2.giwscan_cb$0$se_.1 := _v2.se_.1;
+ havoc inline$_v2.giwscan_cb$0$havoc_stringTemp, inline$_v2.giwscan_cb$0$condVal, inline$_v2.giwscan_cb$0$buf, inline$_v2.giwscan_cb$0$$encode_ie.arg.4$3.$$static$, inline$_v2.giwscan_cb$0$result.encode_ie$2, inline$_v2.giwscan_cb$0$rsn_leader, inline$_v2.giwscan_cb$0$se, inline$_v2.giwscan_cb$0$tempBoogie0, inline$_v2.giwscan_cb$0$tempBoogie1, inline$_v2.giwscan_cb$0$tempBoogie2, inline$_v2.giwscan_cb$0$tempBoogie3, inline$_v2.giwscan_cb$0$tempBoogie4, inline$_v2.giwscan_cb$0$tempBoogie5, inline$_v2.giwscan_cb$0$tempBoogie6, inline$_v2.giwscan_cb$0$tempBoogie7, inline$_v2.giwscan_cb$0$tempBoogie8, inline$_v2.giwscan_cb$0$tempBoogie9, inline$_v2.giwscan_cb$0$tempBoogie10, inline$_v2.giwscan_cb$0$tempBoogie11, inline$_v2.giwscan_cb$0$tempBoogie12, inline$_v2.giwscan_cb$0$tempBoogie13, inline$_v2.giwscan_cb$0$tempBoogie14, inline$_v2.giwscan_cb$0$tempBoogie15, inline$_v2.giwscan_cb$0$tempBoogie16, inline$_v2.giwscan_cb$0$tempBoogie17, inline$_v2.giwscan_cb$0$tempBoogie18, inline$_v2.giwscan_cb$0$tempBoogie19, inline$_v2.giwscan_cb$0$__havoc_dummy_return, inline$_v2.giwscan_cb$0$result.giwscan_cb$1;
+ inline$_v2.giwscan_cb$0$_v2.alloc := _v2.alloc;
+ inline$_v2.giwscan_cb$0$_v2.OK := _v2.OK;
+ inline$_v2.giwscan_cb$0$_v2.Mem_T.UCHAR := _v2.Mem_T.UCHAR;
+ goto inline$_v2.giwscan_cb$0$anon0#2;
+
+ inline$_v2.giwscan_cb$0$anon0#2:
+ inline$_v2.giwscan_cb$0$havoc_stringTemp := 0;
+ goto inline$_v2.giwscan_cb$0$start#2;
+
+ inline$_v2.giwscan_cb$0$start#2:
+ assume _v2.INT_LT(inline$_v2.giwscan_cb$0$se_.1, _v2.alloc);
+ _v2.__HAVOC_det_malloc_in_6_0, _v2.__HAVOC_det_malloc_in_6_1, _v2.__HAVOC_det_malloc_in_6_2, _v2.__HAVOC_det_malloc_in_6_3 := 6, _v2.alloc, _v2.OK, _v2.Mem_T.UCHAR;
+ call inline$_v2.giwscan_cb$0$buf := _v2.__HAVOC_det_malloc(6);
+ _v2.__HAVOC_det_malloc_6_done := true;
+ _v2.__HAVOC_det_malloc_out_6_0, _v2.__HAVOC_det_malloc_out_6_1 := inline$_v2.giwscan_cb$0$buf, _v2.alloc;
+ inline$_v2.giwscan_cb$0$$encode_ie.arg.4$3.$$static$ := 0;
+ inline$_v2.giwscan_cb$0$result.encode_ie$2 := 0;
+ inline$_v2.giwscan_cb$0$result.giwscan_cb$1 := 0;
+ _v2.__HAVOC_det_malloc_in_7_0, _v2.__HAVOC_det_malloc_in_7_1, _v2.__HAVOC_det_malloc_in_7_2, _v2.__HAVOC_det_malloc_in_7_3 := 1, _v2.alloc, _v2.OK, _v2.Mem_T.UCHAR;
+ call inline$_v2.giwscan_cb$0$rsn_leader := _v2.__HAVOC_det_malloc(1);
+ _v2.__HAVOC_det_malloc_7_done := true;
+ _v2.__HAVOC_det_malloc_out_7_0, _v2.__HAVOC_det_malloc_out_7_1 := inline$_v2.giwscan_cb$0$rsn_leader, _v2.alloc;
+ inline$_v2.giwscan_cb$0$se := 0;
+ assume _v2.INT_GEQ(inline$_v2.giwscan_cb$0$se_.1, 0);
+ inline$_v2.giwscan_cb$0$se := inline$_v2.giwscan_cb$0$se_.1;
+ goto inline$_v2.giwscan_cb$0$label_3#2;
+
+ inline$_v2.giwscan_cb$0$label_3#2:
+ _v2.OK := _v2.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 46} true;
+ goto inline$_v2.giwscan_cb$0$label_4#2;
+
+ inline$_v2.giwscan_cb$0$label_4#2:
+ _v2.OK := _v2.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 47} true;
+ goto inline$_v2.giwscan_cb$0$label_5#2;
+
+ inline$_v2.giwscan_cb$0$label_5#2:
+ _v2.OK := _v2.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 51} true;
+ assume _v2.INT_GEQ(inline$_v2.giwscan_cb$0$se, 0);
+ _v2.OK := _v2.OK
+ && _v2.Res_VALID_REGION(_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v2.giwscan_cb$0$se))
+ == 1;
+ assert true;
+ goto inline$_v2.giwscan_cb$0$label_5_true#2, inline$_v2.giwscan_cb$0$label_5_false#2;
+
+ inline$_v2.giwscan_cb$0$label_5_false#2:
+ assume _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v2.giwscan_cb$0$se)]
+ == 0;
+ assume _v2.value_is(_v2.__ctobpl_const_33, inline$_v2.giwscan_cb$0$se);
+ assume _v2.value_is(_v2.__ctobpl_const_34,
+ _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v2.giwscan_cb$0$se)]);
+ goto inline$_v2.giwscan_cb$0$label_6#2;
+
+ inline$_v2.giwscan_cb$0$label_5_true#2:
+ assume _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v2.giwscan_cb$0$se)]
+ != 0;
+ assume _v2.value_is(_v2.__ctobpl_const_33, inline$_v2.giwscan_cb$0$se);
+ assume _v2.value_is(_v2.__ctobpl_const_34,
+ _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v2.giwscan_cb$0$se)]);
+ goto inline$_v2.giwscan_cb$0$label_7#2;
+
+ inline$_v2.giwscan_cb$0$label_7#2:
+ _v2.OK := _v2.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 52} true;
+ assume _v2.INT_GEQ(inline$_v2.giwscan_cb$0$se, 0);
+ _v2.OK := _v2.OK
+ && _v2.Res_VALID_REGION(_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v2.giwscan_cb$0$se))
+ == 1;
+ assert true;
+ assume _v2.INT_GEQ(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v2.giwscan_cb$0$se)],
+ 0);
+ _v2.OK := _v2.OK
+ && _v2.Res_VALID_REGION(_v2.INT_PLUS(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v2.giwscan_cb$0$se)],
+ 1,
+ 0))
+ == 1;
+ assert true;
+ goto inline$_v2.giwscan_cb$0$label_7_true#2, inline$_v2.giwscan_cb$0$label_7_false#2;
+
+ inline$_v2.giwscan_cb$0$label_7_false#2:
+ assume !_v2.INT_EQ(_v2.Mem_T.UCHAR[_v2.INT_PLUS(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v2.giwscan_cb$0$se)],
+ 1,
+ 0)],
+ 200);
+ assume _v2.value_is(_v2.__ctobpl_const_35, inline$_v2.giwscan_cb$0$se);
+ assume _v2.value_is(_v2.__ctobpl_const_36,
+ _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v2.giwscan_cb$0$se)]);
+ assume _v2.value_is(_v2.__ctobpl_const_37,
+ _v2.Mem_T.UCHAR[_v2.INT_PLUS(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v2.giwscan_cb$0$se)],
+ 1,
+ 0)]);
+ goto inline$_v2.giwscan_cb$0$label_6#2;
+
+ inline$_v2.giwscan_cb$0$label_7_true#2:
+ assume _v2.INT_EQ(_v2.Mem_T.UCHAR[_v2.INT_PLUS(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v2.giwscan_cb$0$se)],
+ 1,
+ 0)],
+ 200);
+ assume _v2.value_is(_v2.__ctobpl_const_35, inline$_v2.giwscan_cb$0$se);
+ assume _v2.value_is(_v2.__ctobpl_const_36,
+ _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v2.giwscan_cb$0$se)]);
+ assume _v2.value_is(_v2.__ctobpl_const_37,
+ _v2.Mem_T.UCHAR[_v2.INT_PLUS(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v2.giwscan_cb$0$se)],
+ 1,
+ 0)]);
+ goto inline$_v2.giwscan_cb$0$label_8#2;
+
+ inline$_v2.giwscan_cb$0$label_8#2:
+ _v2.OK := _v2.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 54} true;
+ assume _v2.INT_GEQ(inline$_v2.giwscan_cb$0$se, 0);
+ _v2.OK := _v2.OK
+ && _v2.Res_VALID_REGION(_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v2.giwscan_cb$0$se))
+ == 1;
+ assert true;
+ assume _v2.INT_GEQ(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v2.giwscan_cb$0$se)],
+ 0);
+ _v2.OK := _v2.OK
+ && _v2.Res_VALID_REGION(_v2.INT_PLUS(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v2.giwscan_cb$0$se)],
+ 1,
+ 1))
+ == 1;
+ assert true;
+ inline$_v2.giwscan_cb$0$$encode_ie.arg.4$3.$$static$ := _v2.INT_PLUS(_v2.Mem_T.UCHAR[_v2.INT_PLUS(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v2.giwscan_cb$0$se)],
+ 1,
+ 1)],
+ 1,
+ 2);
+ assume _v2.value_is(_v2.__ctobpl_const_38, inline$_v2.giwscan_cb$0$$encode_ie.arg.4$3.$$static$);
+ assume _v2.value_is(_v2.__ctobpl_const_39, inline$_v2.giwscan_cb$0$se);
+ assume _v2.value_is(_v2.__ctobpl_const_40,
+ _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v2.giwscan_cb$0$se)]);
+ assume _v2.value_is(_v2.__ctobpl_const_41,
+ _v2.Mem_T.UCHAR[_v2.INT_PLUS(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v2.giwscan_cb$0$se)],
+ 1,
+ 1)]);
+ goto inline$_v2.giwscan_cb$0$label_9#2;
+
+ inline$_v2.giwscan_cb$0$label_9#2:
+ _v2.OK := _v2.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 53} true;
+ assume _v2.INT_GEQ(inline$_v2.giwscan_cb$0$se, 0);
+ _v2.OK := _v2.OK
+ && _v2.Res_VALID_REGION(_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v2.giwscan_cb$0$se))
+ == 1;
+ assert true;
+ assume _v2.INT_GEQ(inline$_v2.giwscan_cb$0$se, 0);
+ _v2.OK := _v2.OK
+ && _v2.Res_VALID_REGION(_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v2.giwscan_cb$0$se))
+ == 1;
+ assert true;
+ _v2.encode_ie_in_8_0, _v2.encode_ie_in_8_1, _v2.encode_ie_in_8_2, _v2.encode_ie_in_8_3, _v2.encode_ie_in_8_4, _v2.encode_ie_in_8_5, _v2.encode_ie_in_8_6, _v2.encode_ie_in_8_7, _v2.encode_ie_in_8_8 := inline$_v2.giwscan_cb$0$buf, 6, _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v2.giwscan_cb$0$se)], inline$_v2.giwscan_cb$0$$encode_ie.arg.4$3.$$static$, inline$_v2.giwscan_cb$0$rsn_leader, 1, _v2.alloc, _v2.OK, _v2.Mem_T.UCHAR;
+ call inline$_v2.giwscan_cb$0$result.encode_ie$2 := _v2.encode_ie(inline$_v2.giwscan_cb$0$buf, 6, _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v2.giwscan_cb$0$se)], inline$_v2.giwscan_cb$0$$encode_ie.arg.4$3.$$static$, inline$_v2.giwscan_cb$0$rsn_leader, 1);
+ _v2.encode_ie_8_done := true;
+ _v2.encode_ie_out_8_0, _v2.encode_ie_out_8_1, _v2.encode_ie_out_8_2 := inline$_v2.giwscan_cb$0$result.encode_ie$2, _v2.OK, _v2.Mem_T.UCHAR;
+ assume _v2.value_is(_v2.__ctobpl_const_42, inline$_v2.giwscan_cb$0$se);
+ assume _v2.value_is(_v2.__ctobpl_const_43,
+ _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v2.giwscan_cb$0$se)]);
+ assume _v2.value_is(_v2.__ctobpl_const_44, inline$_v2.giwscan_cb$0$$encode_ie.arg.4$3.$$static$);
+ assume _v2.value_is(_v2.__ctobpl_const_45, inline$_v2.giwscan_cb$0$se);
+ assume _v2.value_is(_v2.__ctobpl_const_46,
+ _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v2.giwscan_cb$0$se)]);
+ assume _v2.value_is(_v2.__ctobpl_const_47, inline$_v2.giwscan_cb$0$$encode_ie.arg.4$3.$$static$);
+ goto inline$_v2.giwscan_cb$0$label_6#2;
+
+ inline$_v2.giwscan_cb$0$label_6#2:
+ _v2.OK := _v2.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 58} true;
+ inline$_v2.giwscan_cb$0$result.giwscan_cb$1 := 0;
+ goto inline$_v2.giwscan_cb$0$label_1#2;
+
+ inline$_v2.giwscan_cb$0$label_1#2:
+ _v2.OK := _v2.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 59} true;
+ _v2.__HAVOC_free_in_9_0, _v2.__HAVOC_free_in_9_1, _v2.__HAVOC_free_in_9_2, _v2.__HAVOC_free_in_9_3 := inline$_v2.giwscan_cb$0$buf, _v2.alloc, _v2.OK, _v2.Mem_T.UCHAR;
+ call _v2.__HAVOC_free(inline$_v2.giwscan_cb$0$buf);
+ _v2.__HAVOC_free_9_done := true;
+ _v2.__HAVOC_free_in_10_0, _v2.__HAVOC_free_in_10_1, _v2.__HAVOC_free_in_10_2, _v2.__HAVOC_free_in_10_3 := inline$_v2.giwscan_cb$0$rsn_leader, _v2.alloc, _v2.OK, _v2.Mem_T.UCHAR;
+ call _v2.__HAVOC_free(inline$_v2.giwscan_cb$0$rsn_leader);
+ _v2.__HAVOC_free_10_done := true;
+ goto inline$_v2.giwscan_cb$0$Return;
+
+ inline$_v2.giwscan_cb$0$Return:
+ assume true;
+ _v2.result.giwscan_cb$1 := inline$_v2.giwscan_cb$0$result.giwscan_cb$1;
+ goto START$2;
+
+ START$2:
+ goto MS_L_0_8;
+
+ MS_L_0_0:
+ goto MS_L_taken_0, MS_L_not_taken_0;
+
+ MS_L_taken_0:
+ assume _v1.__HAVOC_det_malloc_1_done && _v2.__HAVOC_det_malloc_6_done;
+ store__0__v1.alloc, store__0__v1.OK, store__0__v1.Mem_T.UCHAR := _v1.alloc, _v1.OK, _v1.Mem_T.UCHAR;
+ store__0__v2.alloc, store__0__v2.OK, store__0__v2.Mem_T.UCHAR := _v2.alloc, _v2.OK, _v2.Mem_T.UCHAR;
+ _v1.alloc, _v1.OK, _v1.Mem_T.UCHAR := _v1.__HAVOC_det_malloc_in_1_1, _v1.__HAVOC_det_malloc_in_1_2, _v1.__HAVOC_det_malloc_in_1_3;
+ _v2.alloc, _v2.OK, _v2.Mem_T.UCHAR := _v2.__HAVOC_det_malloc_in_6_1, _v2.__HAVOC_det_malloc_in_6_2, _v2.__HAVOC_det_malloc_in_6_3;
+ call out__v1.__HAVOC_det_malloc_out_1_0_0, out__v2.__HAVOC_det_malloc_out_6_0_0 := MS_Check__v1.__HAVOC_det_malloc___v2.__HAVOC_det_malloc(_v1.__HAVOC_det_malloc_in_1_0, _v2.__HAVOC_det_malloc_in_6_0);
+ assume _v1.alloc == _v1.__HAVOC_det_malloc_out_1_1;
+ assume _v2.alloc == _v2.__HAVOC_det_malloc_out_6_1;
+ assume _v1.__HAVOC_det_malloc_out_1_0 == out__v1.__HAVOC_det_malloc_out_1_0_0
+ && _v2.__HAVOC_det_malloc_out_6_0 == out__v2.__HAVOC_det_malloc_out_6_0_0;
+ _v1.alloc, _v1.OK, _v1.Mem_T.UCHAR := store__0__v1.alloc, store__0__v1.OK, store__0__v1.Mem_T.UCHAR;
+ _v2.alloc, _v2.OK, _v2.Mem_T.UCHAR := store__0__v2.alloc, store__0__v2.OK, store__0__v2.Mem_T.UCHAR;
+ goto MS_L_meet_0;
+
+ MS_L_not_taken_0:
+ assume !(_v1.__HAVOC_det_malloc_1_done && _v2.__HAVOC_det_malloc_6_done);
+ goto MS_L_meet_0;
+
+ MS_L_meet_0:
+ return;
+
+ MS_L_0_1:
+ goto MS_L_taken_1, MS_L_not_taken_1;
+
+ MS_L_taken_1:
+ assume _v1.__HAVOC_det_malloc_1_done && _v2.__HAVOC_det_malloc_7_done;
+ store__1__v1.alloc, store__1__v1.OK, store__1__v1.Mem_T.UCHAR := _v1.alloc, _v1.OK, _v1.Mem_T.UCHAR;
+ store__1__v2.alloc, store__1__v2.OK, store__1__v2.Mem_T.UCHAR := _v2.alloc, _v2.OK, _v2.Mem_T.UCHAR;
+ _v1.alloc, _v1.OK, _v1.Mem_T.UCHAR := _v1.__HAVOC_det_malloc_in_1_1, _v1.__HAVOC_det_malloc_in_1_2, _v1.__HAVOC_det_malloc_in_1_3;
+ _v2.alloc, _v2.OK, _v2.Mem_T.UCHAR := _v2.__HAVOC_det_malloc_in_7_1, _v2.__HAVOC_det_malloc_in_7_2, _v2.__HAVOC_det_malloc_in_7_3;
+ call out__v1.__HAVOC_det_malloc_out_1_0_1, out__v2.__HAVOC_det_malloc_out_7_0_1 := MS_Check__v1.__HAVOC_det_malloc___v2.__HAVOC_det_malloc(_v1.__HAVOC_det_malloc_in_1_0, _v2.__HAVOC_det_malloc_in_7_0);
+ assume _v1.alloc == _v1.__HAVOC_det_malloc_out_1_1;
+ assume _v2.alloc == _v2.__HAVOC_det_malloc_out_7_1;
+ assume _v1.__HAVOC_det_malloc_out_1_0 == out__v1.__HAVOC_det_malloc_out_1_0_1
+ && _v2.__HAVOC_det_malloc_out_7_0 == out__v2.__HAVOC_det_malloc_out_7_0_1;
+ _v1.alloc, _v1.OK, _v1.Mem_T.UCHAR := store__1__v1.alloc, store__1__v1.OK, store__1__v1.Mem_T.UCHAR;
+ _v2.alloc, _v2.OK, _v2.Mem_T.UCHAR := store__1__v2.alloc, store__1__v2.OK, store__1__v2.Mem_T.UCHAR;
+ goto MS_L_meet_1;
+
+ MS_L_not_taken_1:
+ assume !(_v1.__HAVOC_det_malloc_1_done && _v2.__HAVOC_det_malloc_7_done);
+ goto MS_L_meet_1;
+
+ MS_L_meet_1:
+ goto MS_L_0_0;
+
+ MS_L_0_2:
+ goto MS_L_taken_2, MS_L_not_taken_2;
+
+ MS_L_taken_2:
+ assume _v1.__HAVOC_det_malloc_2_done && _v2.__HAVOC_det_malloc_6_done;
+ store__2__v1.alloc, store__2__v1.OK, store__2__v1.Mem_T.UCHAR := _v1.alloc, _v1.OK, _v1.Mem_T.UCHAR;
+ store__2__v2.alloc, store__2__v2.OK, store__2__v2.Mem_T.UCHAR := _v2.alloc, _v2.OK, _v2.Mem_T.UCHAR;
+ _v1.alloc, _v1.OK, _v1.Mem_T.UCHAR := _v1.__HAVOC_det_malloc_in_2_1, _v1.__HAVOC_det_malloc_in_2_2, _v1.__HAVOC_det_malloc_in_2_3;
+ _v2.alloc, _v2.OK, _v2.Mem_T.UCHAR := _v2.__HAVOC_det_malloc_in_6_1, _v2.__HAVOC_det_malloc_in_6_2, _v2.__HAVOC_det_malloc_in_6_3;
+ call out__v1.__HAVOC_det_malloc_out_2_0_2, out__v2.__HAVOC_det_malloc_out_6_0_2 := MS_Check__v1.__HAVOC_det_malloc___v2.__HAVOC_det_malloc(_v1.__HAVOC_det_malloc_in_2_0, _v2.__HAVOC_det_malloc_in_6_0);
+ assume _v1.alloc == _v1.__HAVOC_det_malloc_out_2_1;
+ assume _v2.alloc == _v2.__HAVOC_det_malloc_out_6_1;
+ assume _v1.__HAVOC_det_malloc_out_2_0 == out__v1.__HAVOC_det_malloc_out_2_0_2
+ && _v2.__HAVOC_det_malloc_out_6_0 == out__v2.__HAVOC_det_malloc_out_6_0_2;
+ _v1.alloc, _v1.OK, _v1.Mem_T.UCHAR := store__2__v1.alloc, store__2__v1.OK, store__2__v1.Mem_T.UCHAR;
+ _v2.alloc, _v2.OK, _v2.Mem_T.UCHAR := store__2__v2.alloc, store__2__v2.OK, store__2__v2.Mem_T.UCHAR;
+ goto MS_L_meet_2;
+
+ MS_L_not_taken_2:
+ assume !(_v1.__HAVOC_det_malloc_2_done && _v2.__HAVOC_det_malloc_6_done);
+ goto MS_L_meet_2;
+
+ MS_L_meet_2:
+ goto MS_L_0_1;
+
+ MS_L_0_3:
+ goto MS_L_taken_3, MS_L_not_taken_3;
+
+ MS_L_taken_3:
+ assume _v1.__HAVOC_det_malloc_2_done && _v2.__HAVOC_det_malloc_7_done;
+ store__3__v1.alloc, store__3__v1.OK, store__3__v1.Mem_T.UCHAR := _v1.alloc, _v1.OK, _v1.Mem_T.UCHAR;
+ store__3__v2.alloc, store__3__v2.OK, store__3__v2.Mem_T.UCHAR := _v2.alloc, _v2.OK, _v2.Mem_T.UCHAR;
+ _v1.alloc, _v1.OK, _v1.Mem_T.UCHAR := _v1.__HAVOC_det_malloc_in_2_1, _v1.__HAVOC_det_malloc_in_2_2, _v1.__HAVOC_det_malloc_in_2_3;
+ _v2.alloc, _v2.OK, _v2.Mem_T.UCHAR := _v2.__HAVOC_det_malloc_in_7_1, _v2.__HAVOC_det_malloc_in_7_2, _v2.__HAVOC_det_malloc_in_7_3;
+ call out__v1.__HAVOC_det_malloc_out_2_0_3, out__v2.__HAVOC_det_malloc_out_7_0_3 := MS_Check__v1.__HAVOC_det_malloc___v2.__HAVOC_det_malloc(_v1.__HAVOC_det_malloc_in_2_0, _v2.__HAVOC_det_malloc_in_7_0);
+ assume _v1.alloc == _v1.__HAVOC_det_malloc_out_2_1;
+ assume _v2.alloc == _v2.__HAVOC_det_malloc_out_7_1;
+ assume _v1.__HAVOC_det_malloc_out_2_0 == out__v1.__HAVOC_det_malloc_out_2_0_3
+ && _v2.__HAVOC_det_malloc_out_7_0 == out__v2.__HAVOC_det_malloc_out_7_0_3;
+ _v1.alloc, _v1.OK, _v1.Mem_T.UCHAR := store__3__v1.alloc, store__3__v1.OK, store__3__v1.Mem_T.UCHAR;
+ _v2.alloc, _v2.OK, _v2.Mem_T.UCHAR := store__3__v2.alloc, store__3__v2.OK, store__3__v2.Mem_T.UCHAR;
+ goto MS_L_meet_3;
+
+ MS_L_not_taken_3:
+ assume !(_v1.__HAVOC_det_malloc_2_done && _v2.__HAVOC_det_malloc_7_done);
+ goto MS_L_meet_3;
+
+ MS_L_meet_3:
+ goto MS_L_0_2;
+
+ MS_L_0_4:
+ goto MS_L_taken_4, MS_L_not_taken_4;
+
+ MS_L_taken_4:
+ assume _v1.encode_ie_3_done && _v2.encode_ie_8_done;
+ store__4__v1.alloc, store__4__v1.OK, store__4__v1.Mem_T.UCHAR := _v1.alloc, _v1.OK, _v1.Mem_T.UCHAR;
+ store__4__v2.alloc, store__4__v2.OK, store__4__v2.Mem_T.UCHAR := _v2.alloc, _v2.OK, _v2.Mem_T.UCHAR;
+ _v1.alloc, _v1.OK, _v1.Mem_T.UCHAR := _v1.encode_ie_in_3_6, _v1.encode_ie_in_3_7, _v1.encode_ie_in_3_8;
+ _v2.alloc, _v2.OK, _v2.Mem_T.UCHAR := _v2.encode_ie_in_8_6, _v2.encode_ie_in_8_7, _v2.encode_ie_in_8_8;
+ call out__v1.encode_ie_out_3_0_4, out__v2.encode_ie_out_8_0_4 := MS_Check__v1.encode_ie___v2.encode_ie(_v1.encode_ie_in_3_0, _v1.encode_ie_in_3_1, _v1.encode_ie_in_3_2, _v1.encode_ie_in_3_3, _v1.encode_ie_in_3_4, _v1.encode_ie_in_3_5, _v2.encode_ie_in_8_0, _v2.encode_ie_in_8_1, _v2.encode_ie_in_8_2, _v2.encode_ie_in_8_3, _v2.encode_ie_in_8_4, _v2.encode_ie_in_8_5);
+ assume (_v1.OK <==> _v1.encode_ie_out_3_1) && _v1.Mem_T.UCHAR == _v1.encode_ie_out_3_2;
+ assume (_v2.OK <==> _v2.encode_ie_out_8_1) && _v2.Mem_T.UCHAR == _v2.encode_ie_out_8_2;
+ assume _v1.encode_ie_out_3_0 == out__v1.encode_ie_out_3_0_4
+ && _v2.encode_ie_out_8_0 == out__v2.encode_ie_out_8_0_4;
+ _v1.alloc, _v1.OK, _v1.Mem_T.UCHAR := store__4__v1.alloc, store__4__v1.OK, store__4__v1.Mem_T.UCHAR;
+ _v2.alloc, _v2.OK, _v2.Mem_T.UCHAR := store__4__v2.alloc, store__4__v2.OK, store__4__v2.Mem_T.UCHAR;
+ goto MS_L_meet_4;
+
+ MS_L_not_taken_4:
+ assume !(_v1.encode_ie_3_done && _v2.encode_ie_8_done);
+ goto MS_L_meet_4;
+
+ MS_L_meet_4:
+ goto MS_L_0_3;
+
+ MS_L_0_5:
+ goto MS_L_taken_5, MS_L_not_taken_5;
+
+ MS_L_taken_5:
+ assume _v1.__HAVOC_free_4_done && _v2.__HAVOC_free_9_done;
+ store__5__v1.alloc, store__5__v1.OK, store__5__v1.Mem_T.UCHAR := _v1.alloc, _v1.OK, _v1.Mem_T.UCHAR;
+ store__5__v2.alloc, store__5__v2.OK, store__5__v2.Mem_T.UCHAR := _v2.alloc, _v2.OK, _v2.Mem_T.UCHAR;
+ _v1.alloc, _v1.OK, _v1.Mem_T.UCHAR := _v1.__HAVOC_free_in_4_1, _v1.__HAVOC_free_in_4_2, _v1.__HAVOC_free_in_4_3;
+ _v2.alloc, _v2.OK, _v2.Mem_T.UCHAR := _v2.__HAVOC_free_in_9_1, _v2.__HAVOC_free_in_9_2, _v2.__HAVOC_free_in_9_3;
+ call MS_Check__v1.__HAVOC_free___v2.__HAVOC_free(_v1.__HAVOC_free_in_4_0, _v2.__HAVOC_free_in_9_0);
+ assume true;
+ assume true;
+ assume true;
+ _v1.alloc, _v1.OK, _v1.Mem_T.UCHAR := store__5__v1.alloc, store__5__v1.OK, store__5__v1.Mem_T.UCHAR;
+ _v2.alloc, _v2.OK, _v2.Mem_T.UCHAR := store__5__v2.alloc, store__5__v2.OK, store__5__v2.Mem_T.UCHAR;
+ goto MS_L_meet_5;
+
+ MS_L_not_taken_5:
+ assume !(_v1.__HAVOC_free_4_done && _v2.__HAVOC_free_9_done);
+ goto MS_L_meet_5;
+
+ MS_L_meet_5:
+ goto MS_L_0_4;
+
+ MS_L_0_6:
+ goto MS_L_taken_6, MS_L_not_taken_6;
+
+ MS_L_taken_6:
+ assume _v1.__HAVOC_free_4_done && _v2.__HAVOC_free_10_done;
+ store__6__v1.alloc, store__6__v1.OK, store__6__v1.Mem_T.UCHAR := _v1.alloc, _v1.OK, _v1.Mem_T.UCHAR;
+ store__6__v2.alloc, store__6__v2.OK, store__6__v2.Mem_T.UCHAR := _v2.alloc, _v2.OK, _v2.Mem_T.UCHAR;
+ _v1.alloc, _v1.OK, _v1.Mem_T.UCHAR := _v1.__HAVOC_free_in_4_1, _v1.__HAVOC_free_in_4_2, _v1.__HAVOC_free_in_4_3;
+ _v2.alloc, _v2.OK, _v2.Mem_T.UCHAR := _v2.__HAVOC_free_in_10_1, _v2.__HAVOC_free_in_10_2, _v2.__HAVOC_free_in_10_3;
+ call MS_Check__v1.__HAVOC_free___v2.__HAVOC_free(_v1.__HAVOC_free_in_4_0, _v2.__HAVOC_free_in_10_0);
+ assume true;
+ assume true;
+ assume true;
+ _v1.alloc, _v1.OK, _v1.Mem_T.UCHAR := store__6__v1.alloc, store__6__v1.OK, store__6__v1.Mem_T.UCHAR;
+ _v2.alloc, _v2.OK, _v2.Mem_T.UCHAR := store__6__v2.alloc, store__6__v2.OK, store__6__v2.Mem_T.UCHAR;
+ goto MS_L_meet_6;
+
+ MS_L_not_taken_6:
+ assume !(_v1.__HAVOC_free_4_done && _v2.__HAVOC_free_10_done);
+ goto MS_L_meet_6;
+
+ MS_L_meet_6:
+ goto MS_L_0_5;
+
+ MS_L_0_7:
+ goto MS_L_taken_7, MS_L_not_taken_7;
+
+ MS_L_taken_7:
+ assume _v1.__HAVOC_free_5_done && _v2.__HAVOC_free_9_done;
+ store__7__v1.alloc, store__7__v1.OK, store__7__v1.Mem_T.UCHAR := _v1.alloc, _v1.OK, _v1.Mem_T.UCHAR;
+ store__7__v2.alloc, store__7__v2.OK, store__7__v2.Mem_T.UCHAR := _v2.alloc, _v2.OK, _v2.Mem_T.UCHAR;
+ _v1.alloc, _v1.OK, _v1.Mem_T.UCHAR := _v1.__HAVOC_free_in_5_1, _v1.__HAVOC_free_in_5_2, _v1.__HAVOC_free_in_5_3;
+ _v2.alloc, _v2.OK, _v2.Mem_T.UCHAR := _v2.__HAVOC_free_in_9_1, _v2.__HAVOC_free_in_9_2, _v2.__HAVOC_free_in_9_3;
+ call MS_Check__v1.__HAVOC_free___v2.__HAVOC_free(_v1.__HAVOC_free_in_5_0, _v2.__HAVOC_free_in_9_0);
+ assume true;
+ assume true;
+ assume true;
+ _v1.alloc, _v1.OK, _v1.Mem_T.UCHAR := store__7__v1.alloc, store__7__v1.OK, store__7__v1.Mem_T.UCHAR;
+ _v2.alloc, _v2.OK, _v2.Mem_T.UCHAR := store__7__v2.alloc, store__7__v2.OK, store__7__v2.Mem_T.UCHAR;
+ goto MS_L_meet_7;
+
+ MS_L_not_taken_7:
+ assume !(_v1.__HAVOC_free_5_done && _v2.__HAVOC_free_9_done);
+ goto MS_L_meet_7;
+
+ MS_L_meet_7:
+ goto MS_L_0_6;
+
+ MS_L_0_8:
+ goto MS_L_taken_8, MS_L_not_taken_8;
+
+ MS_L_taken_8:
+ assume _v1.__HAVOC_free_5_done && _v2.__HAVOC_free_10_done;
+ store__8__v1.alloc, store__8__v1.OK, store__8__v1.Mem_T.UCHAR := _v1.alloc, _v1.OK, _v1.Mem_T.UCHAR;
+ store__8__v2.alloc, store__8__v2.OK, store__8__v2.Mem_T.UCHAR := _v2.alloc, _v2.OK, _v2.Mem_T.UCHAR;
+ _v1.alloc, _v1.OK, _v1.Mem_T.UCHAR := _v1.__HAVOC_free_in_5_1, _v1.__HAVOC_free_in_5_2, _v1.__HAVOC_free_in_5_3;
+ _v2.alloc, _v2.OK, _v2.Mem_T.UCHAR := _v2.__HAVOC_free_in_10_1, _v2.__HAVOC_free_in_10_2, _v2.__HAVOC_free_in_10_3;
+ call MS_Check__v1.__HAVOC_free___v2.__HAVOC_free(_v1.__HAVOC_free_in_5_0, _v2.__HAVOC_free_in_10_0);
+ assume true;
+ assume true;
+ assume true;
+ _v1.alloc, _v1.OK, _v1.Mem_T.UCHAR := store__8__v1.alloc, store__8__v1.OK, store__8__v1.Mem_T.UCHAR;
+ _v2.alloc, _v2.OK, _v2.Mem_T.UCHAR := store__8__v2.alloc, store__8__v2.OK, store__8__v2.Mem_T.UCHAR;
+ goto MS_L_meet_8;
+
+ MS_L_not_taken_8:
+ assume !(_v1.__HAVOC_free_5_done && _v2.__HAVOC_free_10_done);
+ goto MS_L_meet_8;
+
+ MS_L_meet_8:
+ goto MS_L_0_7;
+}
+
+
+
+function {:inline true} MS$_v1.main$_v2.main(_v1.OK_old: bool,
+ _v1.Mem_old: [name][int]int,
+ _v1.alloc_old: int,
+ _v1.Mem_T.A1CHAR_old: [int]int,
+ _v1.Mem_T.A5UCHAR_old: [int]int,
+ _v1.Mem_T.A6UCHAR_old: [int]int,
+ _v1.Mem_T.CHAR_old: [int]int,
+ _v1.Mem_T.INT4_old: [int]int,
+ _v1.Mem_T.PCHAR_old: [int]int,
+ _v1.Mem_T.PUCHAR_old: [int]int,
+ _v1.Mem_T.PVOID_old: [int]int,
+ _v1.Mem_T.Pieee80211_scan_entry_old: [int]int,
+ _v1.Mem_T.UCHAR_old: [int]int,
+ _v1.Mem_T.VOID_old: [int]int,
+ _v1.Mem_T.ieee80211_scan_entry_old: [int]int,
+ _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry_old: [int]int,
+ _v1.detChoiceCnt_old: int,
+ _v1.Res_KERNEL_SOURCE_old: [int]int,
+ _v1.Res_PROBED_old: [int]int,
+ _v1.alloc_: int,
+ _v1.OK_: bool,
+ _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry_: [int]int,
+ _v1.Mem_T.UCHAR_: [int]int,
+ _v1.result.main$1: int,
+ _v2.OK_old: bool,
+ _v2.Mem_old: [name][int]int,
+ _v2.alloc_old: int,
+ _v2.Mem_T.A1CHAR_old: [int]int,
+ _v2.Mem_T.A5UCHAR_old: [int]int,
+ _v2.Mem_T.A6UCHAR_old: [int]int,
+ _v2.Mem_T.CHAR_old: [int]int,
+ _v2.Mem_T.INT4_old: [int]int,
+ _v2.Mem_T.PCHAR_old: [int]int,
+ _v2.Mem_T.PUCHAR_old: [int]int,
+ _v2.Mem_T.PVOID_old: [int]int,
+ _v2.Mem_T.Pieee80211_scan_entry_old: [int]int,
+ _v2.Mem_T.UCHAR_old: [int]int,
+ _v2.Mem_T.VOID_old: [int]int,
+ _v2.Mem_T.ieee80211_scan_entry_old: [int]int,
+ _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry_old: [int]int,
+ _v2.detChoiceCnt_old: int,
+ _v2.Res_KERNEL_SOURCE_old: [int]int,
+ _v2.Res_PROBED_old: [int]int,
+ _v2.alloc_: int,
+ _v2.OK_: bool,
+ _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry_: [int]int,
+ _v2.Mem_T.UCHAR_: [int]int,
+ _v2.result.main$1: int)
+ : bool
+{
+ true
+}
+
+procedure MS_Check__v1.main___v2.main() returns (_v1.result.main$1: int, _v2.result.main$1: int);
+ requires (_v1.OK <==> _v2.OK)
+ && _v1.Mem == _v2.Mem
+ && _v1.alloc == _v2.alloc
+ && _v1.Mem_T.A1CHAR == _v2.Mem_T.A1CHAR
+ && _v1.Mem_T.A5UCHAR == _v2.Mem_T.A5UCHAR
+ && _v1.Mem_T.A6UCHAR == _v2.Mem_T.A6UCHAR
+ && _v1.Mem_T.CHAR == _v2.Mem_T.CHAR
+ && _v1.Mem_T.INT4 == _v2.Mem_T.INT4
+ && _v1.Mem_T.PCHAR == _v2.Mem_T.PCHAR
+ && _v1.Mem_T.PUCHAR == _v2.Mem_T.PUCHAR
+ && _v1.Mem_T.PVOID == _v2.Mem_T.PVOID
+ && _v1.Mem_T.Pieee80211_scan_entry == _v2.Mem_T.Pieee80211_scan_entry
+ && _v1.Mem_T.UCHAR == _v2.Mem_T.UCHAR
+ && _v1.Mem_T.VOID == _v2.Mem_T.VOID
+ && _v1.Mem_T.ieee80211_scan_entry == _v2.Mem_T.ieee80211_scan_entry
+ && _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry
+ == _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry
+ && _v1.detChoiceCnt == _v2.detChoiceCnt
+ && _v1.Res_KERNEL_SOURCE == _v2.Res_KERNEL_SOURCE
+ && _v1.Res_PROBED == _v2.Res_PROBED;
+ modifies _v1.alloc, _v1.OK, _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v1.Mem_T.UCHAR, _v2.alloc, _v2.OK, _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v2.Mem_T.UCHAR;
+ ensures MS$_v1.main$_v2.main(old(_v1.OK),
+ old(_v1.Mem),
+ old(_v1.alloc),
+ old(_v1.Mem_T.A1CHAR),
+ old(_v1.Mem_T.A5UCHAR),
+ old(_v1.Mem_T.A6UCHAR),
+ old(_v1.Mem_T.CHAR),
+ old(_v1.Mem_T.INT4),
+ old(_v1.Mem_T.PCHAR),
+ old(_v1.Mem_T.PUCHAR),
+ old(_v1.Mem_T.PVOID),
+ old(_v1.Mem_T.Pieee80211_scan_entry),
+ old(_v1.Mem_T.UCHAR),
+ old(_v1.Mem_T.VOID),
+ old(_v1.Mem_T.ieee80211_scan_entry),
+ old(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry),
+ old(_v1.detChoiceCnt),
+ old(_v1.Res_KERNEL_SOURCE),
+ old(_v1.Res_PROBED),
+ _v1.alloc,
+ _v1.OK,
+ _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry,
+ _v1.Mem_T.UCHAR,
+ _v1.result.main$1,
+ old(_v2.OK),
+ old(_v2.Mem),
+ old(_v2.alloc),
+ old(_v2.Mem_T.A1CHAR),
+ old(_v2.Mem_T.A5UCHAR),
+ old(_v2.Mem_T.A6UCHAR),
+ old(_v2.Mem_T.CHAR),
+ old(_v2.Mem_T.INT4),
+ old(_v2.Mem_T.PCHAR),
+ old(_v2.Mem_T.PUCHAR),
+ old(_v2.Mem_T.PVOID),
+ old(_v2.Mem_T.Pieee80211_scan_entry),
+ old(_v2.Mem_T.UCHAR),
+ old(_v2.Mem_T.VOID),
+ old(_v2.Mem_T.ieee80211_scan_entry),
+ old(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry),
+ old(_v2.detChoiceCnt),
+ old(_v2.Res_KERNEL_SOURCE),
+ old(_v2.Res_PROBED),
+ _v2.alloc,
+ _v2.OK,
+ _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry,
+ _v2.Mem_T.UCHAR,
+ _v2.result.main$1);
+ ensures _v1.OK ==> _v2.OK;
+
+
+
+implementation MS_Check__v1.main___v2.main() returns (_v1.result.main$1: int, _v2.result.main$1: int)
+{
+ var inline$_v1.main$0$havoc_stringTemp: int;
+ var inline$_v1.main$0$condVal: int;
+ var inline$_v1.main$0$ie: int;
+ var inline$_v1.main$0$result.giwscan_cb$2: int;
+ var inline$_v1.main$0$se: int;
+ var inline$_v1.main$0$tempBoogie0: int;
+ var inline$_v1.main$0$tempBoogie1: int;
+ var inline$_v1.main$0$tempBoogie2: int;
+ var inline$_v1.main$0$tempBoogie3: int;
+ var inline$_v1.main$0$tempBoogie4: int;
+ var inline$_v1.main$0$tempBoogie5: int;
+ var inline$_v1.main$0$tempBoogie6: int;
+ var inline$_v1.main$0$tempBoogie7: int;
+ var inline$_v1.main$0$tempBoogie8: int;
+ var inline$_v1.main$0$tempBoogie9: int;
+ var inline$_v1.main$0$tempBoogie10: int;
+ var inline$_v1.main$0$tempBoogie11: int;
+ var inline$_v1.main$0$tempBoogie12: int;
+ var inline$_v1.main$0$tempBoogie13: int;
+ var inline$_v1.main$0$tempBoogie14: int;
+ var inline$_v1.main$0$tempBoogie15: int;
+ var inline$_v1.main$0$tempBoogie16: int;
+ var inline$_v1.main$0$tempBoogie17: int;
+ var inline$_v1.main$0$tempBoogie18: int;
+ var inline$_v1.main$0$tempBoogie19: int;
+ var inline$_v1.main$0$__havoc_dummy_return: int;
+ var inline$_v1.main$0$result.main$1: int;
+ var inline$_v1.main$0$_v1.alloc: int;
+ var inline$_v1.main$0$_v1.OK: bool;
+ var inline$_v1.main$0$_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry: [int]int;
+ var inline$_v1.main$0$_v1.Mem_T.UCHAR: [int]int;
+ var inline$_v2.main$0$havoc_stringTemp: int;
+ var inline$_v2.main$0$condVal: int;
+ var inline$_v2.main$0$ie: int;
+ var inline$_v2.main$0$result.giwscan_cb$2: int;
+ var inline$_v2.main$0$se: int;
+ var inline$_v2.main$0$tempBoogie0: int;
+ var inline$_v2.main$0$tempBoogie1: int;
+ var inline$_v2.main$0$tempBoogie2: int;
+ var inline$_v2.main$0$tempBoogie3: int;
+ var inline$_v2.main$0$tempBoogie4: int;
+ var inline$_v2.main$0$tempBoogie5: int;
+ var inline$_v2.main$0$tempBoogie6: int;
+ var inline$_v2.main$0$tempBoogie7: int;
+ var inline$_v2.main$0$tempBoogie8: int;
+ var inline$_v2.main$0$tempBoogie9: int;
+ var inline$_v2.main$0$tempBoogie10: int;
+ var inline$_v2.main$0$tempBoogie11: int;
+ var inline$_v2.main$0$tempBoogie12: int;
+ var inline$_v2.main$0$tempBoogie13: int;
+ var inline$_v2.main$0$tempBoogie14: int;
+ var inline$_v2.main$0$tempBoogie15: int;
+ var inline$_v2.main$0$tempBoogie16: int;
+ var inline$_v2.main$0$tempBoogie17: int;
+ var inline$_v2.main$0$tempBoogie18: int;
+ var inline$_v2.main$0$tempBoogie19: int;
+ var inline$_v2.main$0$__havoc_dummy_return: int;
+ var inline$_v2.main$0$result.main$1: int;
+ var inline$_v2.main$0$_v2.alloc: int;
+ var inline$_v2.main$0$_v2.OK: bool;
+ var inline$_v2.main$0$_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry: [int]int;
+ var inline$_v2.main$0$_v2.Mem_T.UCHAR: [int]int;
+ var _v1.__HAVOC_det_malloc_1_done: bool;
+ var _v1.__HAVOC_det_malloc_in_1_0: int;
+ var _v1.__HAVOC_det_malloc_in_1_1: int;
+ var _v1.__HAVOC_det_malloc_in_1_2: bool;
+ var _v1.__HAVOC_det_malloc_in_1_3: [int]int;
+ var _v1.__HAVOC_det_malloc_in_1_4: [int]int;
+ var _v1.__HAVOC_det_malloc_out_1_0: int;
+ var _v1.__HAVOC_det_malloc_out_1_1: int;
+ var _v1.__HAVOC_det_malloc_2_done: bool;
+ var _v1.__HAVOC_det_malloc_in_2_0: int;
+ var _v1.__HAVOC_det_malloc_in_2_1: int;
+ var _v1.__HAVOC_det_malloc_in_2_2: bool;
+ var _v1.__HAVOC_det_malloc_in_2_3: [int]int;
+ var _v1.__HAVOC_det_malloc_in_2_4: [int]int;
+ var _v1.__HAVOC_det_malloc_out_2_0: int;
+ var _v1.__HAVOC_det_malloc_out_2_1: int;
+ var _v1.giwscan_cb_3_done: bool;
+ var _v1.giwscan_cb_in_3_0: int;
+ var _v1.giwscan_cb_in_3_1: int;
+ var _v1.giwscan_cb_in_3_2: bool;
+ var _v1.giwscan_cb_in_3_3: [int]int;
+ var _v1.giwscan_cb_in_3_4: [int]int;
+ var _v1.giwscan_cb_out_3_0: int;
+ var _v1.giwscan_cb_out_3_1: int;
+ var _v1.giwscan_cb_out_3_2: bool;
+ var _v1.giwscan_cb_out_3_3: [int]int;
+ var _v1.__HAVOC_free_4_done: bool;
+ var _v1.__HAVOC_free_in_4_0: int;
+ var _v1.__HAVOC_free_in_4_1: int;
+ var _v1.__HAVOC_free_in_4_2: bool;
+ var _v1.__HAVOC_free_in_4_3: [int]int;
+ var _v1.__HAVOC_free_in_4_4: [int]int;
+ var _v1.__HAVOC_free_5_done: bool;
+ var _v1.__HAVOC_free_in_5_0: int;
+ var _v1.__HAVOC_free_in_5_1: int;
+ var _v1.__HAVOC_free_in_5_2: bool;
+ var _v1.__HAVOC_free_in_5_3: [int]int;
+ var _v1.__HAVOC_free_in_5_4: [int]int;
+ var _v2.__HAVOC_det_malloc_6_done: bool;
+ var _v2.__HAVOC_det_malloc_in_6_0: int;
+ var _v2.__HAVOC_det_malloc_in_6_1: int;
+ var _v2.__HAVOC_det_malloc_in_6_2: bool;
+ var _v2.__HAVOC_det_malloc_in_6_3: [int]int;
+ var _v2.__HAVOC_det_malloc_in_6_4: [int]int;
+ var _v2.__HAVOC_det_malloc_out_6_0: int;
+ var _v2.__HAVOC_det_malloc_out_6_1: int;
+ var _v2.__HAVOC_det_malloc_7_done: bool;
+ var _v2.__HAVOC_det_malloc_in_7_0: int;
+ var _v2.__HAVOC_det_malloc_in_7_1: int;
+ var _v2.__HAVOC_det_malloc_in_7_2: bool;
+ var _v2.__HAVOC_det_malloc_in_7_3: [int]int;
+ var _v2.__HAVOC_det_malloc_in_7_4: [int]int;
+ var _v2.__HAVOC_det_malloc_out_7_0: int;
+ var _v2.__HAVOC_det_malloc_out_7_1: int;
+ var _v2.giwscan_cb_8_done: bool;
+ var _v2.giwscan_cb_in_8_0: int;
+ var _v2.giwscan_cb_in_8_1: int;
+ var _v2.giwscan_cb_in_8_2: bool;
+ var _v2.giwscan_cb_in_8_3: [int]int;
+ var _v2.giwscan_cb_in_8_4: [int]int;
+ var _v2.giwscan_cb_out_8_0: int;
+ var _v2.giwscan_cb_out_8_1: int;
+ var _v2.giwscan_cb_out_8_2: bool;
+ var _v2.giwscan_cb_out_8_3: [int]int;
+ var _v2.__HAVOC_free_9_done: bool;
+ var _v2.__HAVOC_free_in_9_0: int;
+ var _v2.__HAVOC_free_in_9_1: int;
+ var _v2.__HAVOC_free_in_9_2: bool;
+ var _v2.__HAVOC_free_in_9_3: [int]int;
+ var _v2.__HAVOC_free_in_9_4: [int]int;
+ var _v2.__HAVOC_free_10_done: bool;
+ var _v2.__HAVOC_free_in_10_0: int;
+ var _v2.__HAVOC_free_in_10_1: int;
+ var _v2.__HAVOC_free_in_10_2: bool;
+ var _v2.__HAVOC_free_in_10_3: [int]int;
+ var _v2.__HAVOC_free_in_10_4: [int]int;
+ var store__0__v1.alloc: int;
+ var store__0__v1.OK: bool;
+ var store__0__v1.Mem_T.se_rsn_ie_ieee80211_scan_entry: [int]int;
+ var store__0__v1.Mem_T.UCHAR: [int]int;
+ var store__0__v2.alloc: int;
+ var store__0__v2.OK: bool;
+ var store__0__v2.Mem_T.se_rsn_ie_ieee80211_scan_entry: [int]int;
+ var store__0__v2.Mem_T.UCHAR: [int]int;
+ var out__v1.__HAVOC_det_malloc_out_1_0_0: int;
+ var out__v2.__HAVOC_det_malloc_out_6_0_0: int;
+ var store__1__v1.alloc: int;
+ var store__1__v1.OK: bool;
+ var store__1__v1.Mem_T.se_rsn_ie_ieee80211_scan_entry: [int]int;
+ var store__1__v1.Mem_T.UCHAR: [int]int;
+ var store__1__v2.alloc: int;
+ var store__1__v2.OK: bool;
+ var store__1__v2.Mem_T.se_rsn_ie_ieee80211_scan_entry: [int]int;
+ var store__1__v2.Mem_T.UCHAR: [int]int;
+ var out__v1.__HAVOC_det_malloc_out_1_0_1: int;
+ var out__v2.__HAVOC_det_malloc_out_7_0_1: int;
+ var store__2__v1.alloc: int;
+ var store__2__v1.OK: bool;
+ var store__2__v1.Mem_T.se_rsn_ie_ieee80211_scan_entry: [int]int;
+ var store__2__v1.Mem_T.UCHAR: [int]int;
+ var store__2__v2.alloc: int;
+ var store__2__v2.OK: bool;
+ var store__2__v2.Mem_T.se_rsn_ie_ieee80211_scan_entry: [int]int;
+ var store__2__v2.Mem_T.UCHAR: [int]int;
+ var out__v1.__HAVOC_det_malloc_out_2_0_2: int;
+ var out__v2.__HAVOC_det_malloc_out_6_0_2: int;
+ var store__3__v1.alloc: int;
+ var store__3__v1.OK: bool;
+ var store__3__v1.Mem_T.se_rsn_ie_ieee80211_scan_entry: [int]int;
+ var store__3__v1.Mem_T.UCHAR: [int]int;
+ var store__3__v2.alloc: int;
+ var store__3__v2.OK: bool;
+ var store__3__v2.Mem_T.se_rsn_ie_ieee80211_scan_entry: [int]int;
+ var store__3__v2.Mem_T.UCHAR: [int]int;
+ var out__v1.__HAVOC_det_malloc_out_2_0_3: int;
+ var out__v2.__HAVOC_det_malloc_out_7_0_3: int;
+ var store__4__v1.alloc: int;
+ var store__4__v1.OK: bool;
+ var store__4__v1.Mem_T.se_rsn_ie_ieee80211_scan_entry: [int]int;
+ var store__4__v1.Mem_T.UCHAR: [int]int;
+ var store__4__v2.alloc: int;
+ var store__4__v2.OK: bool;
+ var store__4__v2.Mem_T.se_rsn_ie_ieee80211_scan_entry: [int]int;
+ var store__4__v2.Mem_T.UCHAR: [int]int;
+ var out__v1.giwscan_cb_out_3_0_4: int;
+ var out__v2.giwscan_cb_out_8_0_4: int;
+ var store__5__v1.alloc: int;
+ var store__5__v1.OK: bool;
+ var store__5__v1.Mem_T.se_rsn_ie_ieee80211_scan_entry: [int]int;
+ var store__5__v1.Mem_T.UCHAR: [int]int;
+ var store__5__v2.alloc: int;
+ var store__5__v2.OK: bool;
+ var store__5__v2.Mem_T.se_rsn_ie_ieee80211_scan_entry: [int]int;
+ var store__5__v2.Mem_T.UCHAR: [int]int;
+ var store__6__v1.alloc: int;
+ var store__6__v1.OK: bool;
+ var store__6__v1.Mem_T.se_rsn_ie_ieee80211_scan_entry: [int]int;
+ var store__6__v1.Mem_T.UCHAR: [int]int;
+ var store__6__v2.alloc: int;
+ var store__6__v2.OK: bool;
+ var store__6__v2.Mem_T.se_rsn_ie_ieee80211_scan_entry: [int]int;
+ var store__6__v2.Mem_T.UCHAR: [int]int;
+ var store__7__v1.alloc: int;
+ var store__7__v1.OK: bool;
+ var store__7__v1.Mem_T.se_rsn_ie_ieee80211_scan_entry: [int]int;
+ var store__7__v1.Mem_T.UCHAR: [int]int;
+ var store__7__v2.alloc: int;
+ var store__7__v2.OK: bool;
+ var store__7__v2.Mem_T.se_rsn_ie_ieee80211_scan_entry: [int]int;
+ var store__7__v2.Mem_T.UCHAR: [int]int;
+ var store__8__v1.alloc: int;
+ var store__8__v1.OK: bool;
+ var store__8__v1.Mem_T.se_rsn_ie_ieee80211_scan_entry: [int]int;
+ var store__8__v1.Mem_T.UCHAR: [int]int;
+ var store__8__v2.alloc: int;
+ var store__8__v2.OK: bool;
+ var store__8__v2.Mem_T.se_rsn_ie_ieee80211_scan_entry: [int]int;
+ var store__8__v2.Mem_T.UCHAR: [int]int;
+
+ START:
+ _v1.__HAVOC_det_malloc_1_done, _v1.__HAVOC_det_malloc_2_done, _v1.giwscan_cb_3_done, _v1.__HAVOC_free_4_done, _v1.__HAVOC_free_5_done, _v2.__HAVOC_det_malloc_6_done, _v2.__HAVOC_det_malloc_7_done, _v2.giwscan_cb_8_done, _v2.__HAVOC_free_9_done, _v2.__HAVOC_free_10_done := false, false, false, false, false, false, false, false, false, false;
+ goto inline$_v1.main$0$Entry;
+
+ inline$_v1.main$0$Entry:
+ havoc inline$_v1.main$0$havoc_stringTemp, inline$_v1.main$0$condVal, inline$_v1.main$0$ie, inline$_v1.main$0$result.giwscan_cb$2, inline$_v1.main$0$se, inline$_v1.main$0$tempBoogie0, inline$_v1.main$0$tempBoogie1, inline$_v1.main$0$tempBoogie2, inline$_v1.main$0$tempBoogie3, inline$_v1.main$0$tempBoogie4, inline$_v1.main$0$tempBoogie5, inline$_v1.main$0$tempBoogie6, inline$_v1.main$0$tempBoogie7, inline$_v1.main$0$tempBoogie8, inline$_v1.main$0$tempBoogie9, inline$_v1.main$0$tempBoogie10, inline$_v1.main$0$tempBoogie11, inline$_v1.main$0$tempBoogie12, inline$_v1.main$0$tempBoogie13, inline$_v1.main$0$tempBoogie14, inline$_v1.main$0$tempBoogie15, inline$_v1.main$0$tempBoogie16, inline$_v1.main$0$tempBoogie17, inline$_v1.main$0$tempBoogie18, inline$_v1.main$0$tempBoogie19, inline$_v1.main$0$__havoc_dummy_return, inline$_v1.main$0$result.main$1;
+ inline$_v1.main$0$_v1.alloc := _v1.alloc;
+ inline$_v1.main$0$_v1.OK := _v1.OK;
+ inline$_v1.main$0$_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry := _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry;
+ inline$_v1.main$0$_v1.Mem_T.UCHAR := _v1.Mem_T.UCHAR;
+ goto inline$_v1.main$0$anon0#2;
+
+ inline$_v1.main$0$anon0#2:
+ inline$_v1.main$0$havoc_stringTemp := 0;
+ goto inline$_v1.main$0$start#2;
+
+ inline$_v1.main$0$start#2:
+ _v1.__HAVOC_det_malloc_in_1_0, _v1.__HAVOC_det_malloc_in_1_1, _v1.__HAVOC_det_malloc_in_1_2, _v1.__HAVOC_det_malloc_in_1_3, _v1.__HAVOC_det_malloc_in_1_4 := 5, _v1.alloc, _v1.OK, _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v1.Mem_T.UCHAR;
+ call inline$_v1.main$0$ie := _v1.__HAVOC_det_malloc(5);
+ _v1.__HAVOC_det_malloc_1_done := true;
+ _v1.__HAVOC_det_malloc_out_1_0, _v1.__HAVOC_det_malloc_out_1_1 := inline$_v1.main$0$ie, _v1.alloc;
+ inline$_v1.main$0$result.giwscan_cb$2 := 0;
+ inline$_v1.main$0$result.main$1 := 0;
+ _v1.__HAVOC_det_malloc_in_2_0, _v1.__HAVOC_det_malloc_in_2_1, _v1.__HAVOC_det_malloc_in_2_2, _v1.__HAVOC_det_malloc_in_2_3, _v1.__HAVOC_det_malloc_in_2_4 := 4, _v1.alloc, _v1.OK, _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v1.Mem_T.UCHAR;
+ call inline$_v1.main$0$se := _v1.__HAVOC_det_malloc(4);
+ _v1.__HAVOC_det_malloc_2_done := true;
+ _v1.__HAVOC_det_malloc_out_2_0, _v1.__HAVOC_det_malloc_out_2_1 := inline$_v1.main$0$se, _v1.alloc;
+ goto inline$_v1.main$0$label_3#2;
+
+ inline$_v1.main$0$label_3#2:
+ _v1.OK := _v1.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 62} true;
+ goto inline$_v1.main$0$label_4#2;
+
+ inline$_v1.main$0$label_4#2:
+ _v1.OK := _v1.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 63} true;
+ goto inline$_v1.main$0$label_5#2;
+
+ inline$_v1.main$0$label_5#2:
+ _v1.OK := _v1.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 64} true;
+ _v1.OK := _v1.OK
+ && _v2.Res_VALID_REGION(_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v1.main$0$se))
+ == 1;
+ assert true;
+ _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry := _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v1.main$0$se) := inline$_v1.main$0$ie];
+ assume _v2.value_is(_v1.__ctobpl_const_47,
+ _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v1.main$0$se)]);
+ goto inline$_v1.main$0$label_6#2;
+
+ inline$_v1.main$0$label_6#2:
+ _v1.OK := _v1.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 65} true;
+ _v1.OK := _v1.OK
+ && _v2.Res_VALID_REGION(_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v1.main$0$se))
+ == 1;
+ assert true;
+ assume _v2.INT_GEQ(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v1.main$0$se)],
+ 0);
+ _v1.OK := _v1.OK
+ && _v2.Res_VALID_REGION(_v2.INT_PLUS(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v1.main$0$se)],
+ 1,
+ 0))
+ == 1;
+ assert true;
+ _v1.Mem_T.UCHAR := _v1.Mem_T.UCHAR[_v2.INT_PLUS(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v1.main$0$se)],
+ 1,
+ 0) := 200];
+ assume _v2.value_is(_v1.__ctobpl_const_48,
+ _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v1.main$0$se)]);
+ assume _v2.value_is(_v1.__ctobpl_const_49,
+ _v1.Mem_T.UCHAR[_v2.INT_PLUS(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v1.main$0$se)],
+ 1,
+ 0)]);
+ goto inline$_v1.main$0$label_7#2;
+
+ inline$_v1.main$0$label_7#2:
+ _v1.OK := _v1.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 66} true;
+ _v1.OK := _v1.OK
+ && _v2.Res_VALID_REGION(_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v1.main$0$se))
+ == 1;
+ assert true;
+ assume _v2.INT_GEQ(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v1.main$0$se)],
+ 0);
+ _v1.OK := _v1.OK
+ && _v2.Res_VALID_REGION(_v2.INT_PLUS(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v1.main$0$se)],
+ 1,
+ 1))
+ == 1;
+ assert true;
+ _v1.Mem_T.UCHAR := _v1.Mem_T.UCHAR[_v2.INT_PLUS(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v1.main$0$se)],
+ 1,
+ 1) := 3];
+ assume _v2.value_is(_v1.__ctobpl_const_50,
+ _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v1.main$0$se)]);
+ assume _v2.value_is(_v1.__ctobpl_const_51,
+ _v1.Mem_T.UCHAR[_v2.INT_PLUS(_v1.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v1.main$0$se)],
+ 1,
+ 1)]);
+ goto inline$_v1.main$0$label_8#2;
+
+ inline$_v1.main$0$label_8#2:
+ _v1.OK := _v1.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 68} true;
+ assume _v2.INT_GT(inline$_v1.main$0$se, 0);
+ assume _v2.INT_GT(inline$_v1.main$0$se, 0);
+ _v1.giwscan_cb_in_3_0, _v1.giwscan_cb_in_3_1, _v1.giwscan_cb_in_3_2, _v1.giwscan_cb_in_3_3, _v1.giwscan_cb_in_3_4 := inline$_v1.main$0$se, _v1.alloc, _v1.OK, _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v1.Mem_T.UCHAR;
+ call inline$_v1.main$0$result.giwscan_cb$2 := _v1.giwscan_cb(inline$_v1.main$0$se);
+ _v1.giwscan_cb_3_done := true;
+ _v1.giwscan_cb_out_3_0, _v1.giwscan_cb_out_3_1, _v1.giwscan_cb_out_3_2, _v1.giwscan_cb_out_3_3 := inline$_v1.main$0$result.giwscan_cb$2, _v1.alloc, _v1.OK, _v1.Mem_T.UCHAR;
+ goto inline$_v1.main$0$label_11#2;
+
+ inline$_v1.main$0$label_11#2:
+ _v1.OK := _v1.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 70} true;
+ inline$_v1.main$0$result.main$1 := 0;
+ goto inline$_v1.main$0$label_1#2;
+
+ inline$_v1.main$0$label_1#2:
+ _v1.OK := _v1.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\bad\interproc_bad.c"} {:sourceline 71} true;
+ _v1.__HAVOC_free_in_4_0, _v1.__HAVOC_free_in_4_1, _v1.__HAVOC_free_in_4_2, _v1.__HAVOC_free_in_4_3, _v1.__HAVOC_free_in_4_4 := inline$_v1.main$0$ie, _v1.alloc, _v1.OK, _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v1.Mem_T.UCHAR;
+ call _v1.__HAVOC_free(inline$_v1.main$0$ie);
+ _v1.__HAVOC_free_4_done := true;
+ _v1.__HAVOC_free_in_5_0, _v1.__HAVOC_free_in_5_1, _v1.__HAVOC_free_in_5_2, _v1.__HAVOC_free_in_5_3, _v1.__HAVOC_free_in_5_4 := inline$_v1.main$0$se, _v1.alloc, _v1.OK, _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v1.Mem_T.UCHAR;
+ call _v1.__HAVOC_free(inline$_v1.main$0$se);
+ _v1.__HAVOC_free_5_done := true;
+ goto inline$_v1.main$0$Return;
+
+ inline$_v1.main$0$Return:
+ assume true;
+ _v1.result.main$1 := inline$_v1.main$0$result.main$1;
+ goto START$1;
+
+ START$1:
+ goto inline$_v2.main$0$Entry;
+
+ inline$_v2.main$0$Entry:
+ havoc inline$_v2.main$0$havoc_stringTemp, inline$_v2.main$0$condVal, inline$_v2.main$0$ie, inline$_v2.main$0$result.giwscan_cb$2, inline$_v2.main$0$se, inline$_v2.main$0$tempBoogie0, inline$_v2.main$0$tempBoogie1, inline$_v2.main$0$tempBoogie2, inline$_v2.main$0$tempBoogie3, inline$_v2.main$0$tempBoogie4, inline$_v2.main$0$tempBoogie5, inline$_v2.main$0$tempBoogie6, inline$_v2.main$0$tempBoogie7, inline$_v2.main$0$tempBoogie8, inline$_v2.main$0$tempBoogie9, inline$_v2.main$0$tempBoogie10, inline$_v2.main$0$tempBoogie11, inline$_v2.main$0$tempBoogie12, inline$_v2.main$0$tempBoogie13, inline$_v2.main$0$tempBoogie14, inline$_v2.main$0$tempBoogie15, inline$_v2.main$0$tempBoogie16, inline$_v2.main$0$tempBoogie17, inline$_v2.main$0$tempBoogie18, inline$_v2.main$0$tempBoogie19, inline$_v2.main$0$__havoc_dummy_return, inline$_v2.main$0$result.main$1;
+ inline$_v2.main$0$_v2.alloc := _v2.alloc;
+ inline$_v2.main$0$_v2.OK := _v2.OK;
+ inline$_v2.main$0$_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry := _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry;
+ inline$_v2.main$0$_v2.Mem_T.UCHAR := _v2.Mem_T.UCHAR;
+ goto inline$_v2.main$0$anon0#2;
+
+ inline$_v2.main$0$anon0#2:
+ inline$_v2.main$0$havoc_stringTemp := 0;
+ goto inline$_v2.main$0$start#2;
+
+ inline$_v2.main$0$start#2:
+ _v2.__HAVOC_det_malloc_in_6_0, _v2.__HAVOC_det_malloc_in_6_1, _v2.__HAVOC_det_malloc_in_6_2, _v2.__HAVOC_det_malloc_in_6_3, _v2.__HAVOC_det_malloc_in_6_4 := 5, _v2.alloc, _v2.OK, _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v2.Mem_T.UCHAR;
+ call inline$_v2.main$0$ie := _v2.__HAVOC_det_malloc(5);
+ _v2.__HAVOC_det_malloc_6_done := true;
+ _v2.__HAVOC_det_malloc_out_6_0, _v2.__HAVOC_det_malloc_out_6_1 := inline$_v2.main$0$ie, _v2.alloc;
+ inline$_v2.main$0$result.giwscan_cb$2 := 0;
+ inline$_v2.main$0$result.main$1 := 0;
+ _v2.__HAVOC_det_malloc_in_7_0, _v2.__HAVOC_det_malloc_in_7_1, _v2.__HAVOC_det_malloc_in_7_2, _v2.__HAVOC_det_malloc_in_7_3, _v2.__HAVOC_det_malloc_in_7_4 := 4, _v2.alloc, _v2.OK, _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v2.Mem_T.UCHAR;
+ call inline$_v2.main$0$se := _v2.__HAVOC_det_malloc(4);
+ _v2.__HAVOC_det_malloc_7_done := true;
+ _v2.__HAVOC_det_malloc_out_7_0, _v2.__HAVOC_det_malloc_out_7_1 := inline$_v2.main$0$se, _v2.alloc;
+ goto inline$_v2.main$0$label_3#2;
+
+ inline$_v2.main$0$label_3#2:
+ _v2.OK := _v2.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 63} true;
+ goto inline$_v2.main$0$label_4#2;
+
+ inline$_v2.main$0$label_4#2:
+ _v2.OK := _v2.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 64} true;
+ goto inline$_v2.main$0$label_5#2;
+
+ inline$_v2.main$0$label_5#2:
+ _v2.OK := _v2.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 65} true;
+ _v2.OK := _v2.OK
+ && _v2.Res_VALID_REGION(_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v2.main$0$se))
+ == 1;
+ assert true;
+ _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry := _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v2.main$0$se) := inline$_v2.main$0$ie];
+ assume _v2.value_is(_v2.__ctobpl_const_48,
+ _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v2.main$0$se)]);
+ goto inline$_v2.main$0$label_6#2;
+
+ inline$_v2.main$0$label_6#2:
+ _v2.OK := _v2.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 66} true;
+ _v2.OK := _v2.OK
+ && _v2.Res_VALID_REGION(_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v2.main$0$se))
+ == 1;
+ assert true;
+ assume _v2.INT_GEQ(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v2.main$0$se)],
+ 0);
+ _v2.OK := _v2.OK
+ && _v2.Res_VALID_REGION(_v2.INT_PLUS(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v2.main$0$se)],
+ 1,
+ 0))
+ == 1;
+ assert true;
+ _v2.Mem_T.UCHAR := _v2.Mem_T.UCHAR[_v2.INT_PLUS(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v2.main$0$se)],
+ 1,
+ 0) := 200];
+ assume _v2.value_is(_v2.__ctobpl_const_49,
+ _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v2.main$0$se)]);
+ assume _v2.value_is(_v2.__ctobpl_const_50,
+ _v2.Mem_T.UCHAR[_v2.INT_PLUS(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v2.main$0$se)],
+ 1,
+ 0)]);
+ goto inline$_v2.main$0$label_7#2;
+
+ inline$_v2.main$0$label_7#2:
+ _v2.OK := _v2.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 67} true;
+ _v2.OK := _v2.OK
+ && _v2.Res_VALID_REGION(_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v2.main$0$se))
+ == 1;
+ assert true;
+ assume _v2.INT_GEQ(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v2.main$0$se)],
+ 0);
+ _v2.OK := _v2.OK
+ && _v2.Res_VALID_REGION(_v2.INT_PLUS(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v2.main$0$se)],
+ 1,
+ 1))
+ == 1;
+ assert true;
+ _v2.Mem_T.UCHAR := _v2.Mem_T.UCHAR[_v2.INT_PLUS(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v2.main$0$se)],
+ 1,
+ 1) := 3];
+ assume _v2.value_is(_v2.__ctobpl_const_51,
+ _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v2.main$0$se)]);
+ assume _v2.value_is(_v2.__ctobpl_const_52,
+ _v2.Mem_T.UCHAR[_v2.INT_PLUS(_v2.Mem_T.se_rsn_ie_ieee80211_scan_entry[_v2.se_rsn_ie_ieee80211_scan_entry(inline$_v2.main$0$se)],
+ 1,
+ 1)]);
+ goto inline$_v2.main$0$label_8#2;
+
+ inline$_v2.main$0$label_8#2:
+ _v2.OK := _v2.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 69} true;
+ assume _v2.INT_GT(inline$_v2.main$0$se, 0);
+ assume _v2.INT_GT(inline$_v2.main$0$se, 0);
+ _v2.giwscan_cb_in_8_0, _v2.giwscan_cb_in_8_1, _v2.giwscan_cb_in_8_2, _v2.giwscan_cb_in_8_3, _v2.giwscan_cb_in_8_4 := inline$_v2.main$0$se, _v2.alloc, _v2.OK, _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v2.Mem_T.UCHAR;
+ call inline$_v2.main$0$result.giwscan_cb$2 := _v2.giwscan_cb(inline$_v2.main$0$se);
+ _v2.giwscan_cb_8_done := true;
+ _v2.giwscan_cb_out_8_0, _v2.giwscan_cb_out_8_1, _v2.giwscan_cb_out_8_2, _v2.giwscan_cb_out_8_3 := inline$_v2.main$0$result.giwscan_cb$2, _v2.alloc, _v2.OK, _v2.Mem_T.UCHAR;
+ goto inline$_v2.main$0$label_11#2;
+
+ inline$_v2.main$0$label_11#2:
+ _v2.OK := _v2.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 71} true;
+ inline$_v2.main$0$result.main$1 := 0;
+ goto inline$_v2.main$0$label_1#2;
+
+ inline$_v2.main$0$label_1#2:
+ _v2.OK := _v2.OK && true;
+ assert {:sourcefile "d:\tvm\projects\symb_diff\benchmarks\verisec-suite\programs\apps\madwifi\cve-2006-6332\ok\interproc_ok.c"} {:sourceline 72} true;
+ _v2.__HAVOC_free_in_9_0, _v2.__HAVOC_free_in_9_1, _v2.__HAVOC_free_in_9_2, _v2.__HAVOC_free_in_9_3, _v2.__HAVOC_free_in_9_4 := inline$_v2.main$0$ie, _v2.alloc, _v2.OK, _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v2.Mem_T.UCHAR;
+ call _v2.__HAVOC_free(inline$_v2.main$0$ie);
+ _v2.__HAVOC_free_9_done := true;
+ _v2.__HAVOC_free_in_10_0, _v2.__HAVOC_free_in_10_1, _v2.__HAVOC_free_in_10_2, _v2.__HAVOC_free_in_10_3, _v2.__HAVOC_free_in_10_4 := inline$_v2.main$0$se, _v2.alloc, _v2.OK, _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v2.Mem_T.UCHAR;
+ call _v2.__HAVOC_free(inline$_v2.main$0$se);
+ _v2.__HAVOC_free_10_done := true;
+ goto inline$_v2.main$0$Return;
+
+ inline$_v2.main$0$Return:
+ assume true;
+ _v2.result.main$1 := inline$_v2.main$0$result.main$1;
+ goto START$2;
+
+ START$2:
+ goto MS_L_0_8;
+
+ MS_L_0_0:
+ goto MS_L_taken_0, MS_L_not_taken_0;
+
+ MS_L_taken_0:
+ assume _v1.__HAVOC_det_malloc_1_done && _v2.__HAVOC_det_malloc_6_done;
+ store__0__v1.alloc, store__0__v1.OK, store__0__v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, store__0__v1.Mem_T.UCHAR := _v1.alloc, _v1.OK, _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v1.Mem_T.UCHAR;
+ store__0__v2.alloc, store__0__v2.OK, store__0__v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, store__0__v2.Mem_T.UCHAR := _v2.alloc, _v2.OK, _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v2.Mem_T.UCHAR;
+ _v1.alloc, _v1.OK, _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v1.Mem_T.UCHAR := _v1.__HAVOC_det_malloc_in_1_1, _v1.__HAVOC_det_malloc_in_1_2, _v1.__HAVOC_det_malloc_in_1_3, _v1.__HAVOC_det_malloc_in_1_4;
+ _v2.alloc, _v2.OK, _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v2.Mem_T.UCHAR := _v2.__HAVOC_det_malloc_in_6_1, _v2.__HAVOC_det_malloc_in_6_2, _v2.__HAVOC_det_malloc_in_6_3, _v2.__HAVOC_det_malloc_in_6_4;
+ call out__v1.__HAVOC_det_malloc_out_1_0_0, out__v2.__HAVOC_det_malloc_out_6_0_0 := MS_Check__v1.__HAVOC_det_malloc___v2.__HAVOC_det_malloc(_v1.__HAVOC_det_malloc_in_1_0, _v2.__HAVOC_det_malloc_in_6_0);
+ assume _v1.alloc == _v1.__HAVOC_det_malloc_out_1_1;
+ assume _v2.alloc == _v2.__HAVOC_det_malloc_out_6_1;
+ assume _v1.__HAVOC_det_malloc_out_1_0 == out__v1.__HAVOC_det_malloc_out_1_0_0
+ && _v2.__HAVOC_det_malloc_out_6_0 == out__v2.__HAVOC_det_malloc_out_6_0_0;
+ _v1.alloc, _v1.OK, _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v1.Mem_T.UCHAR := store__0__v1.alloc, store__0__v1.OK, store__0__v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, store__0__v1.Mem_T.UCHAR;
+ _v2.alloc, _v2.OK, _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v2.Mem_T.UCHAR := store__0__v2.alloc, store__0__v2.OK, store__0__v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, store__0__v2.Mem_T.UCHAR;
+ goto MS_L_meet_0;
+
+ MS_L_not_taken_0:
+ assume !(_v1.__HAVOC_det_malloc_1_done && _v2.__HAVOC_det_malloc_6_done);
+ goto MS_L_meet_0;
+
+ MS_L_meet_0:
+ return;
+
+ MS_L_0_1:
+ goto MS_L_taken_1, MS_L_not_taken_1;
+
+ MS_L_taken_1:
+ assume _v1.__HAVOC_det_malloc_1_done && _v2.__HAVOC_det_malloc_7_done;
+ store__1__v1.alloc, store__1__v1.OK, store__1__v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, store__1__v1.Mem_T.UCHAR := _v1.alloc, _v1.OK, _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v1.Mem_T.UCHAR;
+ store__1__v2.alloc, store__1__v2.OK, store__1__v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, store__1__v2.Mem_T.UCHAR := _v2.alloc, _v2.OK, _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v2.Mem_T.UCHAR;
+ _v1.alloc, _v1.OK, _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v1.Mem_T.UCHAR := _v1.__HAVOC_det_malloc_in_1_1, _v1.__HAVOC_det_malloc_in_1_2, _v1.__HAVOC_det_malloc_in_1_3, _v1.__HAVOC_det_malloc_in_1_4;
+ _v2.alloc, _v2.OK, _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v2.Mem_T.UCHAR := _v2.__HAVOC_det_malloc_in_7_1, _v2.__HAVOC_det_malloc_in_7_2, _v2.__HAVOC_det_malloc_in_7_3, _v2.__HAVOC_det_malloc_in_7_4;
+ call out__v1.__HAVOC_det_malloc_out_1_0_1, out__v2.__HAVOC_det_malloc_out_7_0_1 := MS_Check__v1.__HAVOC_det_malloc___v2.__HAVOC_det_malloc(_v1.__HAVOC_det_malloc_in_1_0, _v2.__HAVOC_det_malloc_in_7_0);
+ assume _v1.alloc == _v1.__HAVOC_det_malloc_out_1_1;
+ assume _v2.alloc == _v2.__HAVOC_det_malloc_out_7_1;
+ assume _v1.__HAVOC_det_malloc_out_1_0 == out__v1.__HAVOC_det_malloc_out_1_0_1
+ && _v2.__HAVOC_det_malloc_out_7_0 == out__v2.__HAVOC_det_malloc_out_7_0_1;
+ _v1.alloc, _v1.OK, _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v1.Mem_T.UCHAR := store__1__v1.alloc, store__1__v1.OK, store__1__v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, store__1__v1.Mem_T.UCHAR;
+ _v2.alloc, _v2.OK, _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v2.Mem_T.UCHAR := store__1__v2.alloc, store__1__v2.OK, store__1__v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, store__1__v2.Mem_T.UCHAR;
+ goto MS_L_meet_1;
+
+ MS_L_not_taken_1:
+ assume !(_v1.__HAVOC_det_malloc_1_done && _v2.__HAVOC_det_malloc_7_done);
+ goto MS_L_meet_1;
+
+ MS_L_meet_1:
+ goto MS_L_0_0;
+
+ MS_L_0_2:
+ goto MS_L_taken_2, MS_L_not_taken_2;
+
+ MS_L_taken_2:
+ assume _v1.__HAVOC_det_malloc_2_done && _v2.__HAVOC_det_malloc_6_done;
+ store__2__v1.alloc, store__2__v1.OK, store__2__v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, store__2__v1.Mem_T.UCHAR := _v1.alloc, _v1.OK, _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v1.Mem_T.UCHAR;
+ store__2__v2.alloc, store__2__v2.OK, store__2__v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, store__2__v2.Mem_T.UCHAR := _v2.alloc, _v2.OK, _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v2.Mem_T.UCHAR;
+ _v1.alloc, _v1.OK, _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v1.Mem_T.UCHAR := _v1.__HAVOC_det_malloc_in_2_1, _v1.__HAVOC_det_malloc_in_2_2, _v1.__HAVOC_det_malloc_in_2_3, _v1.__HAVOC_det_malloc_in_2_4;
+ _v2.alloc, _v2.OK, _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v2.Mem_T.UCHAR := _v2.__HAVOC_det_malloc_in_6_1, _v2.__HAVOC_det_malloc_in_6_2, _v2.__HAVOC_det_malloc_in_6_3, _v2.__HAVOC_det_malloc_in_6_4;
+ call out__v1.__HAVOC_det_malloc_out_2_0_2, out__v2.__HAVOC_det_malloc_out_6_0_2 := MS_Check__v1.__HAVOC_det_malloc___v2.__HAVOC_det_malloc(_v1.__HAVOC_det_malloc_in_2_0, _v2.__HAVOC_det_malloc_in_6_0);
+ assume _v1.alloc == _v1.__HAVOC_det_malloc_out_2_1;
+ assume _v2.alloc == _v2.__HAVOC_det_malloc_out_6_1;
+ assume _v1.__HAVOC_det_malloc_out_2_0 == out__v1.__HAVOC_det_malloc_out_2_0_2
+ && _v2.__HAVOC_det_malloc_out_6_0 == out__v2.__HAVOC_det_malloc_out_6_0_2;
+ _v1.alloc, _v1.OK, _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v1.Mem_T.UCHAR := store__2__v1.alloc, store__2__v1.OK, store__2__v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, store__2__v1.Mem_T.UCHAR;
+ _v2.alloc, _v2.OK, _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v2.Mem_T.UCHAR := store__2__v2.alloc, store__2__v2.OK, store__2__v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, store__2__v2.Mem_T.UCHAR;
+ goto MS_L_meet_2;
+
+ MS_L_not_taken_2:
+ assume !(_v1.__HAVOC_det_malloc_2_done && _v2.__HAVOC_det_malloc_6_done);
+ goto MS_L_meet_2;
+
+ MS_L_meet_2:
+ goto MS_L_0_1;
+
+ MS_L_0_3:
+ goto MS_L_taken_3, MS_L_not_taken_3;
+
+ MS_L_taken_3:
+ assume _v1.__HAVOC_det_malloc_2_done && _v2.__HAVOC_det_malloc_7_done;
+ store__3__v1.alloc, store__3__v1.OK, store__3__v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, store__3__v1.Mem_T.UCHAR := _v1.alloc, _v1.OK, _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v1.Mem_T.UCHAR;
+ store__3__v2.alloc, store__3__v2.OK, store__3__v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, store__3__v2.Mem_T.UCHAR := _v2.alloc, _v2.OK, _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v2.Mem_T.UCHAR;
+ _v1.alloc, _v1.OK, _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v1.Mem_T.UCHAR := _v1.__HAVOC_det_malloc_in_2_1, _v1.__HAVOC_det_malloc_in_2_2, _v1.__HAVOC_det_malloc_in_2_3, _v1.__HAVOC_det_malloc_in_2_4;
+ _v2.alloc, _v2.OK, _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v2.Mem_T.UCHAR := _v2.__HAVOC_det_malloc_in_7_1, _v2.__HAVOC_det_malloc_in_7_2, _v2.__HAVOC_det_malloc_in_7_3, _v2.__HAVOC_det_malloc_in_7_4;
+ call out__v1.__HAVOC_det_malloc_out_2_0_3, out__v2.__HAVOC_det_malloc_out_7_0_3 := MS_Check__v1.__HAVOC_det_malloc___v2.__HAVOC_det_malloc(_v1.__HAVOC_det_malloc_in_2_0, _v2.__HAVOC_det_malloc_in_7_0);
+ assume _v1.alloc == _v1.__HAVOC_det_malloc_out_2_1;
+ assume _v2.alloc == _v2.__HAVOC_det_malloc_out_7_1;
+ assume _v1.__HAVOC_det_malloc_out_2_0 == out__v1.__HAVOC_det_malloc_out_2_0_3
+ && _v2.__HAVOC_det_malloc_out_7_0 == out__v2.__HAVOC_det_malloc_out_7_0_3;
+ _v1.alloc, _v1.OK, _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v1.Mem_T.UCHAR := store__3__v1.alloc, store__3__v1.OK, store__3__v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, store__3__v1.Mem_T.UCHAR;
+ _v2.alloc, _v2.OK, _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v2.Mem_T.UCHAR := store__3__v2.alloc, store__3__v2.OK, store__3__v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, store__3__v2.Mem_T.UCHAR;
+ goto MS_L_meet_3;
+
+ MS_L_not_taken_3:
+ assume !(_v1.__HAVOC_det_malloc_2_done && _v2.__HAVOC_det_malloc_7_done);
+ goto MS_L_meet_3;
+
+ MS_L_meet_3:
+ goto MS_L_0_2;
+
+ MS_L_0_4:
+ goto MS_L_taken_4, MS_L_not_taken_4;
+
+ MS_L_taken_4:
+ assume _v1.giwscan_cb_3_done && _v2.giwscan_cb_8_done;
+ store__4__v1.alloc, store__4__v1.OK, store__4__v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, store__4__v1.Mem_T.UCHAR := _v1.alloc, _v1.OK, _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v1.Mem_T.UCHAR;
+ store__4__v2.alloc, store__4__v2.OK, store__4__v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, store__4__v2.Mem_T.UCHAR := _v2.alloc, _v2.OK, _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v2.Mem_T.UCHAR;
+ _v1.alloc, _v1.OK, _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v1.Mem_T.UCHAR := _v1.giwscan_cb_in_3_1, _v1.giwscan_cb_in_3_2, _v1.giwscan_cb_in_3_3, _v1.giwscan_cb_in_3_4;
+ _v2.alloc, _v2.OK, _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v2.Mem_T.UCHAR := _v2.giwscan_cb_in_8_1, _v2.giwscan_cb_in_8_2, _v2.giwscan_cb_in_8_3, _v2.giwscan_cb_in_8_4;
+ call out__v1.giwscan_cb_out_3_0_4, out__v2.giwscan_cb_out_8_0_4 := MS_Check__v1.giwscan_cb___v2.giwscan_cb(_v1.giwscan_cb_in_3_0, _v2.giwscan_cb_in_8_0);
+ assume _v1.alloc == _v1.giwscan_cb_out_3_1
+ && (_v1.OK <==> _v1.giwscan_cb_out_3_2)
+ && _v1.Mem_T.UCHAR == _v1.giwscan_cb_out_3_3;
+ assume _v2.alloc == _v2.giwscan_cb_out_8_1
+ && (_v2.OK <==> _v2.giwscan_cb_out_8_2)
+ && _v2.Mem_T.UCHAR == _v2.giwscan_cb_out_8_3;
+ assume _v1.giwscan_cb_out_3_0 == out__v1.giwscan_cb_out_3_0_4
+ && _v2.giwscan_cb_out_8_0 == out__v2.giwscan_cb_out_8_0_4;
+ _v1.alloc, _v1.OK, _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v1.Mem_T.UCHAR := store__4__v1.alloc, store__4__v1.OK, store__4__v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, store__4__v1.Mem_T.UCHAR;
+ _v2.alloc, _v2.OK, _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v2.Mem_T.UCHAR := store__4__v2.alloc, store__4__v2.OK, store__4__v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, store__4__v2.Mem_T.UCHAR;
+ goto MS_L_meet_4;
+
+ MS_L_not_taken_4:
+ assume !(_v1.giwscan_cb_3_done && _v2.giwscan_cb_8_done);
+ goto MS_L_meet_4;
+
+ MS_L_meet_4:
+ goto MS_L_0_3;
+
+ MS_L_0_5:
+ goto MS_L_taken_5, MS_L_not_taken_5;
+
+ MS_L_taken_5:
+ assume _v1.__HAVOC_free_4_done && _v2.__HAVOC_free_9_done;
+ store__5__v1.alloc, store__5__v1.OK, store__5__v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, store__5__v1.Mem_T.UCHAR := _v1.alloc, _v1.OK, _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v1.Mem_T.UCHAR;
+ store__5__v2.alloc, store__5__v2.OK, store__5__v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, store__5__v2.Mem_T.UCHAR := _v2.alloc, _v2.OK, _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v2.Mem_T.UCHAR;
+ _v1.alloc, _v1.OK, _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v1.Mem_T.UCHAR := _v1.__HAVOC_free_in_4_1, _v1.__HAVOC_free_in_4_2, _v1.__HAVOC_free_in_4_3, _v1.__HAVOC_free_in_4_4;
+ _v2.alloc, _v2.OK, _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v2.Mem_T.UCHAR := _v2.__HAVOC_free_in_9_1, _v2.__HAVOC_free_in_9_2, _v2.__HAVOC_free_in_9_3, _v2.__HAVOC_free_in_9_4;
+ call MS_Check__v1.__HAVOC_free___v2.__HAVOC_free(_v1.__HAVOC_free_in_4_0, _v2.__HAVOC_free_in_9_0);
+ assume true;
+ assume true;
+ assume true;
+ _v1.alloc, _v1.OK, _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v1.Mem_T.UCHAR := store__5__v1.alloc, store__5__v1.OK, store__5__v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, store__5__v1.Mem_T.UCHAR;
+ _v2.alloc, _v2.OK, _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v2.Mem_T.UCHAR := store__5__v2.alloc, store__5__v2.OK, store__5__v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, store__5__v2.Mem_T.UCHAR;
+ goto MS_L_meet_5;
+
+ MS_L_not_taken_5:
+ assume !(_v1.__HAVOC_free_4_done && _v2.__HAVOC_free_9_done);
+ goto MS_L_meet_5;
+
+ MS_L_meet_5:
+ goto MS_L_0_4;
+
+ MS_L_0_6:
+ goto MS_L_taken_6, MS_L_not_taken_6;
+
+ MS_L_taken_6:
+ assume _v1.__HAVOC_free_4_done && _v2.__HAVOC_free_10_done;
+ store__6__v1.alloc, store__6__v1.OK, store__6__v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, store__6__v1.Mem_T.UCHAR := _v1.alloc, _v1.OK, _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v1.Mem_T.UCHAR;
+ store__6__v2.alloc, store__6__v2.OK, store__6__v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, store__6__v2.Mem_T.UCHAR := _v2.alloc, _v2.OK, _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v2.Mem_T.UCHAR;
+ _v1.alloc, _v1.OK, _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v1.Mem_T.UCHAR := _v1.__HAVOC_free_in_4_1, _v1.__HAVOC_free_in_4_2, _v1.__HAVOC_free_in_4_3, _v1.__HAVOC_free_in_4_4;
+ _v2.alloc, _v2.OK, _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v2.Mem_T.UCHAR := _v2.__HAVOC_free_in_10_1, _v2.__HAVOC_free_in_10_2, _v2.__HAVOC_free_in_10_3, _v2.__HAVOC_free_in_10_4;
+ call MS_Check__v1.__HAVOC_free___v2.__HAVOC_free(_v1.__HAVOC_free_in_4_0, _v2.__HAVOC_free_in_10_0);
+ assume true;
+ assume true;
+ assume true;
+ _v1.alloc, _v1.OK, _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v1.Mem_T.UCHAR := store__6__v1.alloc, store__6__v1.OK, store__6__v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, store__6__v1.Mem_T.UCHAR;
+ _v2.alloc, _v2.OK, _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v2.Mem_T.UCHAR := store__6__v2.alloc, store__6__v2.OK, store__6__v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, store__6__v2.Mem_T.UCHAR;
+ goto MS_L_meet_6;
+
+ MS_L_not_taken_6:
+ assume !(_v1.__HAVOC_free_4_done && _v2.__HAVOC_free_10_done);
+ goto MS_L_meet_6;
+
+ MS_L_meet_6:
+ goto MS_L_0_5;
+
+ MS_L_0_7:
+ goto MS_L_taken_7, MS_L_not_taken_7;
+
+ MS_L_taken_7:
+ assume _v1.__HAVOC_free_5_done && _v2.__HAVOC_free_9_done;
+ store__7__v1.alloc, store__7__v1.OK, store__7__v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, store__7__v1.Mem_T.UCHAR := _v1.alloc, _v1.OK, _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v1.Mem_T.UCHAR;
+ store__7__v2.alloc, store__7__v2.OK, store__7__v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, store__7__v2.Mem_T.UCHAR := _v2.alloc, _v2.OK, _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v2.Mem_T.UCHAR;
+ _v1.alloc, _v1.OK, _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v1.Mem_T.UCHAR := _v1.__HAVOC_free_in_5_1, _v1.__HAVOC_free_in_5_2, _v1.__HAVOC_free_in_5_3, _v1.__HAVOC_free_in_5_4;
+ _v2.alloc, _v2.OK, _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v2.Mem_T.UCHAR := _v2.__HAVOC_free_in_9_1, _v2.__HAVOC_free_in_9_2, _v2.__HAVOC_free_in_9_3, _v2.__HAVOC_free_in_9_4;
+ call MS_Check__v1.__HAVOC_free___v2.__HAVOC_free(_v1.__HAVOC_free_in_5_0, _v2.__HAVOC_free_in_9_0);
+ assume true;
+ assume true;
+ assume true;
+ _v1.alloc, _v1.OK, _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v1.Mem_T.UCHAR := store__7__v1.alloc, store__7__v1.OK, store__7__v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, store__7__v1.Mem_T.UCHAR;
+ _v2.alloc, _v2.OK, _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v2.Mem_T.UCHAR := store__7__v2.alloc, store__7__v2.OK, store__7__v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, store__7__v2.Mem_T.UCHAR;
+ goto MS_L_meet_7;
+
+ MS_L_not_taken_7:
+ assume !(_v1.__HAVOC_free_5_done && _v2.__HAVOC_free_9_done);
+ goto MS_L_meet_7;
+
+ MS_L_meet_7:
+ goto MS_L_0_6;
+
+ MS_L_0_8:
+ goto MS_L_taken_8, MS_L_not_taken_8;
+
+ MS_L_taken_8:
+ assume _v1.__HAVOC_free_5_done && _v2.__HAVOC_free_10_done;
+ store__8__v1.alloc, store__8__v1.OK, store__8__v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, store__8__v1.Mem_T.UCHAR := _v1.alloc, _v1.OK, _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v1.Mem_T.UCHAR;
+ store__8__v2.alloc, store__8__v2.OK, store__8__v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, store__8__v2.Mem_T.UCHAR := _v2.alloc, _v2.OK, _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v2.Mem_T.UCHAR;
+ _v1.alloc, _v1.OK, _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v1.Mem_T.UCHAR := _v1.__HAVOC_free_in_5_1, _v1.__HAVOC_free_in_5_2, _v1.__HAVOC_free_in_5_3, _v1.__HAVOC_free_in_5_4;
+ _v2.alloc, _v2.OK, _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v2.Mem_T.UCHAR := _v2.__HAVOC_free_in_10_1, _v2.__HAVOC_free_in_10_2, _v2.__HAVOC_free_in_10_3, _v2.__HAVOC_free_in_10_4;
+ call MS_Check__v1.__HAVOC_free___v2.__HAVOC_free(_v1.__HAVOC_free_in_5_0, _v2.__HAVOC_free_in_10_0);
+ assume true;
+ assume true;
+ assume true;
+ _v1.alloc, _v1.OK, _v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v1.Mem_T.UCHAR := store__8__v1.alloc, store__8__v1.OK, store__8__v1.Mem_T.se_rsn_ie_ieee80211_scan_entry, store__8__v1.Mem_T.UCHAR;
+ _v2.alloc, _v2.OK, _v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, _v2.Mem_T.UCHAR := store__8__v2.alloc, store__8__v2.OK, store__8__v2.Mem_T.se_rsn_ie_ieee80211_scan_entry, store__8__v2.Mem_T.UCHAR;
+ goto MS_L_meet_8;
+
+ MS_L_not_taken_8:
+ assume !(_v1.__HAVOC_free_5_done && _v2.__HAVOC_free_10_done);
+ goto MS_L_meet_8;
+
+ MS_L_meet_8:
+ goto MS_L_0_7;
+}
+
+
diff --git a/Test/houdini/mergedProgSingle_dac.bpl.expect b/Test/houdini/mergedProgSingle_dac.bpl.expect
index 75750967..e9e7034a 100644
--- a/Test/houdini/mergedProgSingle_dac.bpl.expect
+++ b/Test/houdini/mergedProgSingle_dac.bpl.expect
@@ -1,190 +1,190 @@
-Assignment computed by Houdini:
-_houdini_0 = False
-_houdini_1 = False
-_houdini_2 = False
-_houdini_3 = False
-_houdini_4 = True
-_houdini_5 = True
-_houdini_6 = True
-_houdini_7 = True
-_houdini_8 = True
-_houdini_9 = True
-_houdini_10 = True
-_houdini_11 = True
-_houdini_12 = True
-_houdini_13 = True
-_houdini_14 = True
-_houdini_15 = True
-_houdini_16 = False
-_houdini_17 = True
-_houdini_18 = True
-_houdini_19 = True
-_houdini_20 = True
-_houdini_21 = True
-_houdini_22 = True
-_houdini_23 = True
-_houdini_24 = False
-_houdini_25 = False
-_houdini_26 = True
-_houdini_27 = True
-_houdini_28 = True
-_houdini_29 = False
-_houdini_30 = False
-_houdini_31 = True
-_houdini_32 = True
-_houdini_33 = True
-_houdini_34 = True
-_houdini_35 = True
-_houdini_36 = True
-_houdini_37 = True
-_houdini_38 = True
-_houdini_39 = True
-_houdini_40 = True
-_houdini_41 = True
-_houdini_42 = True
-_houdini_43 = True
-_houdini_44 = True
-_houdini_45 = True
-_houdini_46 = True
-_houdini_47 = True
-_houdini_48 = True
-_houdini_49 = True
-_houdini_50 = True
-_houdini_51 = True
-_houdini_52 = True
-_houdini_53 = True
-_houdini_54 = True
-_houdini_55 = True
-_houdini_56 = True
-_houdini_57 = True
-_houdini_58 = True
-_houdini_59 = True
-_houdini_60 = True
-_houdini_61 = True
-_houdini_62 = True
-_houdini_63 = True
-_houdini_64 = True
-_houdini_65 = True
-_houdini_66 = True
-_houdini_67 = True
-_houdini_68 = True
-_houdini_69 = True
-_houdini_70 = True
-_houdini_71 = True
-_houdini_72 = True
-_houdini_73 = True
-_houdini_74 = True
-_houdini_75 = True
-_houdini_76 = False
-_houdini_77 = False
-_houdini_78 = True
-_houdini_79 = False
-_houdini_80 = False
-_houdini_81 = True
-_houdini_82 = True
-_houdini_83 = True
-_houdini_84 = True
-_houdini_85 = True
-_houdini_86 = True
-_houdini_87 = True
-_houdini_88 = True
-_houdini_89 = True
-_houdini_90 = True
-_houdini_91 = True
-_houdini_92 = True
-_houdini_93 = True
-_houdini_94 = True
-_houdini_95 = True
-_houdini_96 = True
-_houdini_97 = True
-_houdini_98 = True
-_houdini_99 = True
-_houdini_100 = True
-_houdini_101 = True
-_houdini_102 = True
-_houdini_103 = True
-_houdini_104 = True
-_houdini_105 = True
-_houdini_106 = True
-_houdini_107 = True
-_houdini_108 = True
-_houdini_109 = True
-_houdini_110 = True
-_houdini_111 = True
-_houdini_112 = True
-_houdini_113 = True
-_houdini_114 = True
-_houdini_115 = False
-_houdini_116 = False
-_houdini_117 = False
-_houdini_118 = False
-_houdini_119 = False
-_houdini_120 = False
-_houdini_121 = False
-_houdini_122 = True
-_houdini_123 = False
-_houdini_124 = False
-_houdini_125 = True
-_houdini_126 = True
-_houdini_127 = True
-_houdini_128 = True
-_houdini_129 = True
-_houdini_130 = True
-_houdini_131 = True
-_houdini_132 = False
-_houdini_133 = False
-_houdini_134 = True
-_houdini_135 = True
-_houdini_136 = True
-_houdini_137 = True
-_houdini_138 = True
-_houdini_139 = True
-_houdini_140 = True
-_houdini_141 = True
-_houdini_142 = True
-_houdini_143 = True
-_houdini_144 = True
-_houdini_145 = True
-_houdini_146 = True
-_houdini_147 = True
-_houdini_148 = True
-_houdini_149 = True
-_houdini_150 = True
-_houdini_151 = True
-_houdini_152 = True
-_houdini_153 = True
-_houdini_154 = True
-_houdini_155 = True
-_houdini_156 = True
-_houdini_157 = True
-_houdini_158 = True
-_houdini_159 = True
-_houdini_160 = True
-_houdini_161 = False
-_houdini_162 = False
-_houdini_163 = True
-_houdini_164 = True
-_houdini_165 = True
-_houdini_166 = True
-_houdini_167 = True
-_houdini_168 = True
-_houdini_169 = True
-_houdini_170 = True
-_houdini_171 = True
-_houdini_172 = True
-_houdini_173 = True
-_houdini_174 = True
-_houdini_175 = True
-_houdini_176 = True
-_houdini_177 = True
-_houdini_178 = True
-_houdini_179 = True
-_houdini_180 = True
-_houdini_181 = True
-_houdini_182 = True
-_houdini_183 = True
-_houdini_184 = True
-_houdini_185 = True
-_houdini_186 = True
-
-Boogie program verifier finished with 12 verified, 0 errors
+Assignment computed by Houdini:
+_houdini_0 = False
+_houdini_1 = False
+_houdini_2 = False
+_houdini_3 = False
+_houdini_4 = True
+_houdini_5 = True
+_houdini_6 = True
+_houdini_7 = True
+_houdini_8 = True
+_houdini_9 = True
+_houdini_10 = True
+_houdini_11 = True
+_houdini_12 = True
+_houdini_13 = True
+_houdini_14 = True
+_houdini_15 = True
+_houdini_16 = False
+_houdini_17 = True
+_houdini_18 = True
+_houdini_19 = True
+_houdini_20 = True
+_houdini_21 = True
+_houdini_22 = True
+_houdini_23 = True
+_houdini_24 = False
+_houdini_25 = False
+_houdini_26 = True
+_houdini_27 = True
+_houdini_28 = True
+_houdini_29 = False
+_houdini_30 = False
+_houdini_31 = True
+_houdini_32 = True
+_houdini_33 = True
+_houdini_34 = True
+_houdini_35 = True
+_houdini_36 = True
+_houdini_37 = True
+_houdini_38 = True
+_houdini_39 = True
+_houdini_40 = True
+_houdini_41 = True
+_houdini_42 = True
+_houdini_43 = True
+_houdini_44 = True
+_houdini_45 = True
+_houdini_46 = True
+_houdini_47 = True
+_houdini_48 = True
+_houdini_49 = True
+_houdini_50 = True
+_houdini_51 = True
+_houdini_52 = True
+_houdini_53 = True
+_houdini_54 = True
+_houdini_55 = True
+_houdini_56 = True
+_houdini_57 = True
+_houdini_58 = True
+_houdini_59 = True
+_houdini_60 = True
+_houdini_61 = True
+_houdini_62 = True
+_houdini_63 = True
+_houdini_64 = True
+_houdini_65 = True
+_houdini_66 = True
+_houdini_67 = True
+_houdini_68 = True
+_houdini_69 = True
+_houdini_70 = True
+_houdini_71 = True
+_houdini_72 = True
+_houdini_73 = True
+_houdini_74 = True
+_houdini_75 = True
+_houdini_76 = False
+_houdini_77 = False
+_houdini_78 = True
+_houdini_79 = False
+_houdini_80 = False
+_houdini_81 = True
+_houdini_82 = True
+_houdini_83 = True
+_houdini_84 = True
+_houdini_85 = True
+_houdini_86 = True
+_houdini_87 = True
+_houdini_88 = True
+_houdini_89 = True
+_houdini_90 = True
+_houdini_91 = True
+_houdini_92 = True
+_houdini_93 = True
+_houdini_94 = True
+_houdini_95 = True
+_houdini_96 = True
+_houdini_97 = True
+_houdini_98 = True
+_houdini_99 = True
+_houdini_100 = True
+_houdini_101 = True
+_houdini_102 = True
+_houdini_103 = True
+_houdini_104 = True
+_houdini_105 = True
+_houdini_106 = True
+_houdini_107 = True
+_houdini_108 = True
+_houdini_109 = True
+_houdini_110 = True
+_houdini_111 = True
+_houdini_112 = True
+_houdini_113 = True
+_houdini_114 = True
+_houdini_115 = False
+_houdini_116 = False
+_houdini_117 = False
+_houdini_118 = False
+_houdini_119 = False
+_houdini_120 = False
+_houdini_121 = False
+_houdini_122 = True
+_houdini_123 = False
+_houdini_124 = False
+_houdini_125 = True
+_houdini_126 = True
+_houdini_127 = True
+_houdini_128 = True
+_houdini_129 = True
+_houdini_130 = True
+_houdini_131 = True
+_houdini_132 = False
+_houdini_133 = False
+_houdini_134 = True
+_houdini_135 = True
+_houdini_136 = True
+_houdini_137 = True
+_houdini_138 = True
+_houdini_139 = True
+_houdini_140 = True
+_houdini_141 = True
+_houdini_142 = True
+_houdini_143 = True
+_houdini_144 = True
+_houdini_145 = True
+_houdini_146 = True
+_houdini_147 = True
+_houdini_148 = True
+_houdini_149 = True
+_houdini_150 = True
+_houdini_151 = True
+_houdini_152 = True
+_houdini_153 = True
+_houdini_154 = True
+_houdini_155 = True
+_houdini_156 = True
+_houdini_157 = True
+_houdini_158 = True
+_houdini_159 = True
+_houdini_160 = True
+_houdini_161 = False
+_houdini_162 = False
+_houdini_163 = True
+_houdini_164 = True
+_houdini_165 = True
+_houdini_166 = True
+_houdini_167 = True
+_houdini_168 = True
+_houdini_169 = True
+_houdini_170 = True
+_houdini_171 = True
+_houdini_172 = True
+_houdini_173 = True
+_houdini_174 = True
+_houdini_175 = True
+_houdini_176 = True
+_houdini_177 = True
+_houdini_178 = True
+_houdini_179 = True
+_houdini_180 = True
+_houdini_181 = True
+_houdini_182 = True
+_houdini_183 = True
+_houdini_184 = True
+_houdini_185 = True
+_houdini_186 = True
+
+Boogie program verifier finished with 12 verified, 0 errors
diff --git a/Test/houdini/mergedProgSingle_res_ex1.bpl b/Test/houdini/mergedProgSingle_res_ex1.bpl
index 9313075a..eaaa9945 100644
--- a/Test/houdini/mergedProgSingle_res_ex1.bpl
+++ b/Test/houdini/mergedProgSingle_res_ex1.bpl
@@ -1,621 +1,621 @@
-// RUN: %boogie /nologo /contractInfer /inlineDepth:1 /printAssignment /noinfer "%s" > "%t"
-// RUN: %diff "%s.expect" "%t"
-
-var _v2.control_flag: int;
-
-function _v2.control_UIF(arg_0: int, arg_1: int) : int;
-
-procedure _v2.Eval(x: int) returns (result: int);
- modifies _v2.control_flag;
- free ensures {:io_dependency "control_flag", "control_flag", "x"} true;
- free ensures {:io_dependency "result", "x"} true;
- free ensures {:io_dependency "control_flag", "control_flag", "x"} true;
- free ensures {:io_dependency "result", "x"} true;
-
-
-
-procedure _v2.Eval_loop_anon3_LoopHead(in_result: int, in_x: int) returns (out_result: int, out_x: int);
- modifies _v2.control_flag;
- free ensures {:io_dependency "control_flag", "control_flag", "in_x"} true;
- free ensures {:io_dependency "out_result", "in_result", "in_x"} true;
- free ensures {:io_dependency "out_x", "in_x"} true;
- free ensures {:io_dependency "control_flag", "control_flag", "in_x"} true;
- free ensures {:io_dependency "out_result", "in_result", "in_x"} true;
- free ensures {:io_dependency "out_x", "in_x"} true;
-
-
-
-implementation _v2.Eval(x.1: int) returns (result: int)
-{
- var x: int;
-
- anon0:
- x := x.1;
- result := 0;
- _v2.control_flag := 0;
- goto anon3_LoopHead;
-
- anon3_LoopHead:
- call result, x := _v2.Eval_loop_anon3_LoopHead(result, x);
- goto anon3_LoopHead_last;
-
- anon3_LoopHead_last:
- goto anon3_LoopDone, anon3_LoopBody;
-
- anon3_LoopBody:
- assume {:partition} x > 0;
- _v2.control_flag := _v2.control_UIF(_v2.control_flag, 1);
- result := result + x;
- havoc result;
- x := x - 1;
- goto anon3_LoopBody_dummy;
-
- anon3_LoopBody_dummy:
- assume false;
- return;
-
- anon3_LoopDone:
- assume {:partition} 0 >= x;
- goto anon2;
-
- anon2:
- _v2.control_flag := _v2.control_UIF(_v2.control_flag, 2);
- return;
-}
-
-
-
-implementation _v2.Eval_loop_anon3_LoopHead(in_result: int, in_x: int) returns (out_result: int, out_x: int)
-{
-
- entry:
- out_result, out_x := in_result, in_x;
- goto anon3_LoopHead;
-
- anon3_LoopHead:
- goto anon3_LoopDone, anon3_LoopBody;
-
- anon3_LoopBody:
- assume {:partition} out_x > 0;
- _v2.control_flag := _v2.control_UIF(_v2.control_flag, 1);
- out_result := out_result + out_x;
- havoc out_result;
- out_x := out_x - 1;
- goto anon3_LoopBody_dummy;
-
- anon3_LoopBody_dummy:
- call out_result, out_x := _v2.Eval_loop_anon3_LoopHead(out_result, out_x);
- return;
-
- anon3_LoopDone:
- assume {:partition} 0 >= out_x;
- out_result, out_x := in_result, in_x;
- _v2.control_flag := old(_v2.control_flag);
- return;
-}
-
-
-
-var _v1.control_flag: int;
-
-procedure _v1.Eval(x: int) returns (result: int);
- modifies _v1.control_flag;
- free ensures {:io_dependency "control_flag", "control_flag", "x"} true;
- free ensures {:io_dependency "result", "x"} true;
- free ensures {:io_dependency "control_flag", "control_flag", "x"} true;
- free ensures {:io_dependency "result", "x"} true;
-
-
-
-procedure _v1.Eval_loop_anon3_LoopHead(in_result: int, in_x: int) returns (out_result: int, out_x: int);
- modifies _v1.control_flag;
- free ensures {:io_dependency "control_flag", "control_flag", "in_x"} true;
- free ensures {:io_dependency "out_result", "in_result", "in_x"} true;
- free ensures {:io_dependency "out_x", "in_x"} true;
- free ensures {:io_dependency "control_flag", "control_flag", "in_x"} true;
- free ensures {:io_dependency "out_result", "in_result", "in_x"} true;
- free ensures {:io_dependency "out_x", "in_x"} true;
-
-
-
-implementation _v1.Eval(x.1: int) returns (result: int)
-{
- var x: int;
-
- anon0:
- x := x.1;
- result := 0;
- _v1.control_flag := 0;
- goto anon3_LoopHead;
-
- anon3_LoopHead:
- call result, x := _v1.Eval_loop_anon3_LoopHead(result, x);
- goto anon3_LoopHead_last;
-
- anon3_LoopHead_last:
- goto anon3_LoopDone, anon3_LoopBody;
-
- anon3_LoopBody:
- assume {:partition} x > 0;
- _v1.control_flag := _v2.control_UIF(_v1.control_flag, 1);
- result := result + x;
- x := x - 1;
- goto anon3_LoopBody_dummy;
-
- anon3_LoopBody_dummy:
- assume false;
- return;
-
- anon3_LoopDone:
- assume {:partition} 0 >= x;
- goto anon2;
-
- anon2:
- _v1.control_flag := _v2.control_UIF(_v1.control_flag, 2);
- return;
-}
-
-
-
-implementation _v1.Eval_loop_anon3_LoopHead(in_result: int, in_x: int) returns (out_result: int, out_x: int)
-{
-
- entry:
- out_result, out_x := in_result, in_x;
- goto anon3_LoopHead;
-
- anon3_LoopHead:
- goto anon3_LoopDone, anon3_LoopBody;
-
- anon3_LoopBody:
- assume {:partition} out_x > 0;
- _v1.control_flag := _v2.control_UIF(_v1.control_flag, 1);
- out_result := out_result + out_x;
- out_x := out_x - 1;
- goto anon3_LoopBody_dummy;
-
- anon3_LoopBody_dummy:
- call out_result, out_x := _v1.Eval_loop_anon3_LoopHead(out_result, out_x);
- return;
-
- anon3_LoopDone:
- assume {:partition} 0 >= out_x;
- out_result, out_x := in_result, in_x;
- _v1.control_flag := old(_v1.control_flag);
- return;
-}
-
-
-
-function {:inline true} MS$_v1.Eval$_v2.Eval(_v1.x: int,
- _v1.control_flag_old: int,
- _v1.control_flag_: int,
- _v1.result: int,
- _v2.x: int,
- _v2.control_flag_old: int,
- _v2.control_flag_: int,
- _v2.result: int)
- : bool
-{
- true
-}
-
-const {:existential true} _houdini_Eval_control_flag_0: bool;
-
-const {:existential true} _houdini_Eval_result_1: bool;
-
-procedure MS_Check__v1.Eval___v2.Eval(_v1.x: int, _v2.x: int) returns (_v1.result: int, _v2.result: int);
- modifies _v1.control_flag, _v2.control_flag;
- ensures MS$_v1.Eval$_v2.Eval(_v1.x,
- old(_v1.control_flag),
- _v1.control_flag,
- _v1.result,
- _v2.x,
- old(_v2.control_flag),
- _v2.control_flag,
- _v2.result);
- ensures _houdini_Eval_control_flag_0
- ==>
- old(_v1.control_flag == _v2.control_flag && _v1.x == _v2.x)
- ==> _v1.control_flag == _v2.control_flag;
- ensures _houdini_Eval_result_1 ==> old(_v1.x == _v2.x) ==> _v1.result == _v2.result;
-
-
-
-implementation MS_Check__v1.Eval___v2.Eval(_v1.x: int, _v2.x: int) returns (_v1.result: int, _v2.result: int)
-{
- var inline$_v1.Eval$0$x: int;
- var inline$_v1.Eval$0$x.1: int;
- var inline$_v1.Eval$0$result: int;
- var inline$_v1.Eval$0$_v1.control_flag: int;
- var inline$_v2.Eval$0$x: int;
- var inline$_v2.Eval$0$x.1: int;
- var inline$_v2.Eval$0$result: int;
- var inline$_v2.Eval$0$_v2.control_flag: int;
- var _v1.Eval_loop_anon3_LoopHead_1_done: bool;
- var _v1.Eval_loop_anon3_LoopHead_in_1_0: int;
- var _v1.Eval_loop_anon3_LoopHead_in_1_1: int;
- var _v1.Eval_loop_anon3_LoopHead_in_1_2: int;
- var _v1.Eval_loop_anon3_LoopHead_out_1_0: int;
- var _v1.Eval_loop_anon3_LoopHead_out_1_1: int;
- var _v1.Eval_loop_anon3_LoopHead_out_1_2: int;
- var _v2.Eval_loop_anon3_LoopHead_2_done: bool;
- var _v2.Eval_loop_anon3_LoopHead_in_2_0: int;
- var _v2.Eval_loop_anon3_LoopHead_in_2_1: int;
- var _v2.Eval_loop_anon3_LoopHead_in_2_2: int;
- var _v2.Eval_loop_anon3_LoopHead_out_2_0: int;
- var _v2.Eval_loop_anon3_LoopHead_out_2_1: int;
- var _v2.Eval_loop_anon3_LoopHead_out_2_2: int;
- var store__0__v1.control_flag: int;
- var store__0__v2.control_flag: int;
- var out__v1.Eval_loop_anon3_LoopHead_out_1_0_0: int;
- var out__v1.Eval_loop_anon3_LoopHead_out_1_1_0: int;
- var out__v2.Eval_loop_anon3_LoopHead_out_2_0_0: int;
- var out__v2.Eval_loop_anon3_LoopHead_out_2_1_0: int;
-
- START:
- _v1.Eval_loop_anon3_LoopHead_1_done, _v2.Eval_loop_anon3_LoopHead_2_done := false, false;
- goto inline$_v1.Eval$0$Entry;
-
- inline$_v1.Eval$0$Entry:
- inline$_v1.Eval$0$x.1 := _v1.x;
- havoc inline$_v1.Eval$0$x, inline$_v1.Eval$0$result;
- inline$_v1.Eval$0$_v1.control_flag := _v1.control_flag;
- goto inline$_v1.Eval$0$anon0;
-
- inline$_v1.Eval$0$anon0:
- inline$_v1.Eval$0$x := inline$_v1.Eval$0$x.1;
- inline$_v1.Eval$0$result := 0;
- _v1.control_flag := 0;
- goto inline$_v1.Eval$0$anon3_LoopHead;
-
- inline$_v1.Eval$0$anon3_LoopHead:
- _v1.Eval_loop_anon3_LoopHead_in_1_0, _v1.Eval_loop_anon3_LoopHead_in_1_1, _v1.Eval_loop_anon3_LoopHead_in_1_2 := inline$_v1.Eval$0$result, inline$_v1.Eval$0$x, _v1.control_flag;
- call inline$_v1.Eval$0$result, inline$_v1.Eval$0$x := _v1.Eval_loop_anon3_LoopHead(inline$_v1.Eval$0$result, inline$_v1.Eval$0$x);
- _v1.Eval_loop_anon3_LoopHead_1_done := true;
- _v1.Eval_loop_anon3_LoopHead_out_1_0, _v1.Eval_loop_anon3_LoopHead_out_1_1, _v1.Eval_loop_anon3_LoopHead_out_1_2 := inline$_v1.Eval$0$result, inline$_v1.Eval$0$x, _v1.control_flag;
- goto inline$_v1.Eval$0$anon3_LoopHead_last;
-
- inline$_v1.Eval$0$anon3_LoopHead_last:
- goto inline$_v1.Eval$0$anon3_LoopDone, inline$_v1.Eval$0$anon3_LoopBody;
-
- inline$_v1.Eval$0$anon3_LoopBody:
- assume {:partition} inline$_v1.Eval$0$x > 0;
- _v1.control_flag := _v2.control_UIF(_v1.control_flag, 1);
- inline$_v1.Eval$0$result := inline$_v1.Eval$0$result + inline$_v1.Eval$0$x;
- inline$_v1.Eval$0$x := inline$_v1.Eval$0$x - 1;
- goto inline$_v1.Eval$0$anon3_LoopBody_dummy;
-
- inline$_v1.Eval$0$anon3_LoopBody_dummy:
- assume false;
- goto inline$_v1.Eval$0$Return;
-
- inline$_v1.Eval$0$anon3_LoopDone:
- assume {:partition} 0 >= inline$_v1.Eval$0$x;
- goto inline$_v1.Eval$0$anon2;
-
- inline$_v1.Eval$0$anon2:
- _v1.control_flag := _v2.control_UIF(_v1.control_flag, 2);
- goto inline$_v1.Eval$0$Return;
-
- inline$_v1.Eval$0$Return:
- assume true;
- assume true;
- assume true;
- assume true;
- _v1.result := inline$_v1.Eval$0$result;
- goto START$1;
-
- START$1:
- goto inline$_v2.Eval$0$Entry;
-
- inline$_v2.Eval$0$Entry:
- inline$_v2.Eval$0$x.1 := _v2.x;
- havoc inline$_v2.Eval$0$x, inline$_v2.Eval$0$result;
- inline$_v2.Eval$0$_v2.control_flag := _v2.control_flag;
- goto inline$_v2.Eval$0$anon0;
-
- inline$_v2.Eval$0$anon0:
- inline$_v2.Eval$0$x := inline$_v2.Eval$0$x.1;
- inline$_v2.Eval$0$result := 0;
- _v2.control_flag := 0;
- goto inline$_v2.Eval$0$anon3_LoopHead;
-
- inline$_v2.Eval$0$anon3_LoopHead:
- _v2.Eval_loop_anon3_LoopHead_in_2_0, _v2.Eval_loop_anon3_LoopHead_in_2_1, _v2.Eval_loop_anon3_LoopHead_in_2_2 := inline$_v2.Eval$0$result, inline$_v2.Eval$0$x, _v2.control_flag;
- call inline$_v2.Eval$0$result, inline$_v2.Eval$0$x := _v2.Eval_loop_anon3_LoopHead(inline$_v2.Eval$0$result, inline$_v2.Eval$0$x);
- _v2.Eval_loop_anon3_LoopHead_2_done := true;
- _v2.Eval_loop_anon3_LoopHead_out_2_0, _v2.Eval_loop_anon3_LoopHead_out_2_1, _v2.Eval_loop_anon3_LoopHead_out_2_2 := inline$_v2.Eval$0$result, inline$_v2.Eval$0$x, _v2.control_flag;
- goto inline$_v2.Eval$0$anon3_LoopHead_last;
-
- inline$_v2.Eval$0$anon3_LoopHead_last:
- goto inline$_v2.Eval$0$anon3_LoopDone, inline$_v2.Eval$0$anon3_LoopBody;
-
- inline$_v2.Eval$0$anon3_LoopBody:
- assume {:partition} inline$_v2.Eval$0$x > 0;
- _v2.control_flag := _v2.control_UIF(_v2.control_flag, 1);
- inline$_v2.Eval$0$result := inline$_v2.Eval$0$result + inline$_v2.Eval$0$x;
- havoc inline$_v2.Eval$0$result;
- inline$_v2.Eval$0$x := inline$_v2.Eval$0$x - 1;
- goto inline$_v2.Eval$0$anon3_LoopBody_dummy;
-
- inline$_v2.Eval$0$anon3_LoopBody_dummy:
- assume false;
- goto inline$_v2.Eval$0$Return;
-
- inline$_v2.Eval$0$anon3_LoopDone:
- assume {:partition} 0 >= inline$_v2.Eval$0$x;
- goto inline$_v2.Eval$0$anon2;
-
- inline$_v2.Eval$0$anon2:
- _v2.control_flag := _v2.control_UIF(_v2.control_flag, 2);
- goto inline$_v2.Eval$0$Return;
-
- inline$_v2.Eval$0$Return:
- assume true;
- assume true;
- assume true;
- assume true;
- _v2.result := inline$_v2.Eval$0$result;
- goto START$2;
-
- START$2:
- goto MS_L_0_0;
-
- MS_L_0_0:
- goto MS_L_taken_0, MS_L_not_taken_0;
-
- MS_L_taken_0:
- assume _v1.Eval_loop_anon3_LoopHead_1_done && _v2.Eval_loop_anon3_LoopHead_2_done;
- store__0__v1.control_flag := _v1.control_flag;
- store__0__v2.control_flag := _v2.control_flag;
- _v1.control_flag := _v1.Eval_loop_anon3_LoopHead_in_1_2;
- _v2.control_flag := _v2.Eval_loop_anon3_LoopHead_in_2_2;
- call out__v1.Eval_loop_anon3_LoopHead_out_1_0_0, out__v1.Eval_loop_anon3_LoopHead_out_1_1_0, out__v2.Eval_loop_anon3_LoopHead_out_2_0_0, out__v2.Eval_loop_anon3_LoopHead_out_2_1_0 := MS_Check__v1.Eval_loop_anon3_LoopHead___v2.Eval_loop_anon3_LoopHead(_v1.Eval_loop_anon3_LoopHead_in_1_0, _v1.Eval_loop_anon3_LoopHead_in_1_1, _v2.Eval_loop_anon3_LoopHead_in_2_0, _v2.Eval_loop_anon3_LoopHead_in_2_1);
- assume _v1.control_flag == _v1.Eval_loop_anon3_LoopHead_out_1_2;
- assume _v2.control_flag == _v2.Eval_loop_anon3_LoopHead_out_2_2;
- assume _v1.Eval_loop_anon3_LoopHead_out_1_0
- == out__v1.Eval_loop_anon3_LoopHead_out_1_0_0
- && _v1.Eval_loop_anon3_LoopHead_out_1_1
- == out__v1.Eval_loop_anon3_LoopHead_out_1_1_0
- && _v2.Eval_loop_anon3_LoopHead_out_2_0
- == out__v2.Eval_loop_anon3_LoopHead_out_2_0_0
- && _v2.Eval_loop_anon3_LoopHead_out_2_1
- == out__v2.Eval_loop_anon3_LoopHead_out_2_1_0;
- _v1.control_flag := store__0__v1.control_flag;
- _v2.control_flag := store__0__v2.control_flag;
- goto MS_L_meet_0;
-
- MS_L_not_taken_0:
- assume !(_v1.Eval_loop_anon3_LoopHead_1_done && _v2.Eval_loop_anon3_LoopHead_2_done);
- goto MS_L_meet_0;
-
- MS_L_meet_0:
- return;
-}
-
-
-
-function {:inline true} MS$_v1.Eval_loop_anon3_LoopHead$_v2.Eval_loop_anon3_LoopHead(_v1.in_result: int,
- _v1.in_x: int,
- _v1.control_flag_old: int,
- _v1.control_flag_: int,
- _v1.out_result: int,
- _v1.out_x: int,
- _v2.in_result: int,
- _v2.in_x: int,
- _v2.control_flag_old: int,
- _v2.control_flag_: int,
- _v2.out_result: int,
- _v2.out_x: int)
- : bool
-{
- true
-}
-
-const {:existential true} _houdini_Eval_loop_anon3_LoopHead_control_flag_2: bool;
-
-const {:existential true} _houdini_Eval_loop_anon3_LoopHead_out_result_3: bool;
-
-const {:existential true} _houdini_Eval_loop_anon3_LoopHead_out_x_4: bool;
-
-procedure MS_Check__v1.Eval_loop_anon3_LoopHead___v2.Eval_loop_anon3_LoopHead(_v1.in_result: int, _v1.in_x: int, _v2.in_result: int, _v2.in_x: int)
- returns (_v1.out_result: int, _v1.out_x: int, _v2.out_result: int, _v2.out_x: int);
- modifies _v1.control_flag, _v2.control_flag;
- ensures MS$_v1.Eval_loop_anon3_LoopHead$_v2.Eval_loop_anon3_LoopHead(_v1.in_result,
- _v1.in_x,
- old(_v1.control_flag),
- _v1.control_flag,
- _v1.out_result,
- _v1.out_x,
- _v2.in_result,
- _v2.in_x,
- old(_v2.control_flag),
- _v2.control_flag,
- _v2.out_result,
- _v2.out_x);
- ensures _houdini_Eval_loop_anon3_LoopHead_control_flag_2
- ==>
- old(_v1.control_flag == _v2.control_flag && _v1.in_x == _v2.in_x)
- ==> _v1.control_flag == _v2.control_flag;
- ensures _houdini_Eval_loop_anon3_LoopHead_out_result_3
- ==>
- old(_v1.in_result == _v2.in_result && _v1.in_x == _v2.in_x)
- ==> _v1.out_result == _v2.out_result;
- ensures _houdini_Eval_loop_anon3_LoopHead_out_x_4
- ==>
- old(_v1.in_x == _v2.in_x)
- ==> _v1.out_x == _v2.out_x;
-
-
-
-implementation MS_Check__v1.Eval_loop_anon3_LoopHead___v2.Eval_loop_anon3_LoopHead(_v1.in_result: int, _v1.in_x: int, _v2.in_result: int, _v2.in_x: int)
- returns (_v1.out_result: int, _v1.out_x: int, _v2.out_result: int, _v2.out_x: int)
-{
- var inline$_v1.Eval_loop_anon3_LoopHead$0$in_result: int;
- var inline$_v1.Eval_loop_anon3_LoopHead$0$in_x: int;
- var inline$_v1.Eval_loop_anon3_LoopHead$0$out_result: int;
- var inline$_v1.Eval_loop_anon3_LoopHead$0$out_x: int;
- var inline$_v1.Eval_loop_anon3_LoopHead$0$_v1.control_flag: int;
- var inline$_v2.Eval_loop_anon3_LoopHead$0$in_result: int;
- var inline$_v2.Eval_loop_anon3_LoopHead$0$in_x: int;
- var inline$_v2.Eval_loop_anon3_LoopHead$0$out_result: int;
- var inline$_v2.Eval_loop_anon3_LoopHead$0$out_x: int;
- var inline$_v2.Eval_loop_anon3_LoopHead$0$_v2.control_flag: int;
- var _v1.Eval_loop_anon3_LoopHead_1_done: bool;
- var _v1.Eval_loop_anon3_LoopHead_in_1_0: int;
- var _v1.Eval_loop_anon3_LoopHead_in_1_1: int;
- var _v1.Eval_loop_anon3_LoopHead_in_1_2: int;
- var _v1.Eval_loop_anon3_LoopHead_out_1_0: int;
- var _v1.Eval_loop_anon3_LoopHead_out_1_1: int;
- var _v1.Eval_loop_anon3_LoopHead_out_1_2: int;
- var _v2.Eval_loop_anon3_LoopHead_2_done: bool;
- var _v2.Eval_loop_anon3_LoopHead_in_2_0: int;
- var _v2.Eval_loop_anon3_LoopHead_in_2_1: int;
- var _v2.Eval_loop_anon3_LoopHead_in_2_2: int;
- var _v2.Eval_loop_anon3_LoopHead_out_2_0: int;
- var _v2.Eval_loop_anon3_LoopHead_out_2_1: int;
- var _v2.Eval_loop_anon3_LoopHead_out_2_2: int;
- var store__0__v1.control_flag: int;
- var store__0__v2.control_flag: int;
- var out__v1.Eval_loop_anon3_LoopHead_out_1_0_0: int;
- var out__v1.Eval_loop_anon3_LoopHead_out_1_1_0: int;
- var out__v2.Eval_loop_anon3_LoopHead_out_2_0_0: int;
- var out__v2.Eval_loop_anon3_LoopHead_out_2_1_0: int;
-
- START:
- _v1.Eval_loop_anon3_LoopHead_1_done, _v2.Eval_loop_anon3_LoopHead_2_done := false, false;
- goto inline$_v1.Eval_loop_anon3_LoopHead$0$Entry;
-
- inline$_v1.Eval_loop_anon3_LoopHead$0$Entry:
- inline$_v1.Eval_loop_anon3_LoopHead$0$in_result := _v1.in_result;
- inline$_v1.Eval_loop_anon3_LoopHead$0$in_x := _v1.in_x;
- havoc inline$_v1.Eval_loop_anon3_LoopHead$0$out_result, inline$_v1.Eval_loop_anon3_LoopHead$0$out_x;
- inline$_v1.Eval_loop_anon3_LoopHead$0$_v1.control_flag := _v1.control_flag;
- goto inline$_v1.Eval_loop_anon3_LoopHead$0$entry;
-
- inline$_v1.Eval_loop_anon3_LoopHead$0$entry:
- inline$_v1.Eval_loop_anon3_LoopHead$0$out_result, inline$_v1.Eval_loop_anon3_LoopHead$0$out_x := inline$_v1.Eval_loop_anon3_LoopHead$0$in_result, inline$_v1.Eval_loop_anon3_LoopHead$0$in_x;
- goto inline$_v1.Eval_loop_anon3_LoopHead$0$anon3_LoopHead;
-
- inline$_v1.Eval_loop_anon3_LoopHead$0$anon3_LoopHead:
- goto inline$_v1.Eval_loop_anon3_LoopHead$0$anon3_LoopDone, inline$_v1.Eval_loop_anon3_LoopHead$0$anon3_LoopBody;
-
- inline$_v1.Eval_loop_anon3_LoopHead$0$anon3_LoopBody:
- assume {:partition} inline$_v1.Eval_loop_anon3_LoopHead$0$out_x > 0;
- _v1.control_flag := _v2.control_UIF(_v1.control_flag, 1);
- inline$_v1.Eval_loop_anon3_LoopHead$0$out_result := inline$_v1.Eval_loop_anon3_LoopHead$0$out_result
- + inline$_v1.Eval_loop_anon3_LoopHead$0$out_x;
- inline$_v1.Eval_loop_anon3_LoopHead$0$out_x := inline$_v1.Eval_loop_anon3_LoopHead$0$out_x - 1;
- goto inline$_v1.Eval_loop_anon3_LoopHead$0$anon3_LoopBody_dummy;
-
- inline$_v1.Eval_loop_anon3_LoopHead$0$anon3_LoopBody_dummy:
- _v1.Eval_loop_anon3_LoopHead_in_1_0, _v1.Eval_loop_anon3_LoopHead_in_1_1, _v1.Eval_loop_anon3_LoopHead_in_1_2 := inline$_v1.Eval_loop_anon3_LoopHead$0$out_result, inline$_v1.Eval_loop_anon3_LoopHead$0$out_x, _v1.control_flag;
- call inline$_v1.Eval_loop_anon3_LoopHead$0$out_result, inline$_v1.Eval_loop_anon3_LoopHead$0$out_x := _v1.Eval_loop_anon3_LoopHead(inline$_v1.Eval_loop_anon3_LoopHead$0$out_result, inline$_v1.Eval_loop_anon3_LoopHead$0$out_x);
- _v1.Eval_loop_anon3_LoopHead_1_done := true;
- _v1.Eval_loop_anon3_LoopHead_out_1_0, _v1.Eval_loop_anon3_LoopHead_out_1_1, _v1.Eval_loop_anon3_LoopHead_out_1_2 := inline$_v1.Eval_loop_anon3_LoopHead$0$out_result, inline$_v1.Eval_loop_anon3_LoopHead$0$out_x, _v1.control_flag;
- goto inline$_v1.Eval_loop_anon3_LoopHead$0$Return;
-
- inline$_v1.Eval_loop_anon3_LoopHead$0$anon3_LoopDone:
- assume {:partition} 0 >= inline$_v1.Eval_loop_anon3_LoopHead$0$out_x;
- inline$_v1.Eval_loop_anon3_LoopHead$0$out_result, inline$_v1.Eval_loop_anon3_LoopHead$0$out_x := inline$_v1.Eval_loop_anon3_LoopHead$0$in_result, inline$_v1.Eval_loop_anon3_LoopHead$0$in_x;
- _v1.control_flag := inline$_v1.Eval_loop_anon3_LoopHead$0$_v1.control_flag;
- goto inline$_v1.Eval_loop_anon3_LoopHead$0$Return;
-
- inline$_v1.Eval_loop_anon3_LoopHead$0$Return:
- assume true;
- assume true;
- assume true;
- assume true;
- assume true;
- assume true;
- _v1.out_result := inline$_v1.Eval_loop_anon3_LoopHead$0$out_result;
- _v1.out_x := inline$_v1.Eval_loop_anon3_LoopHead$0$out_x;
- goto START$1;
-
- START$1:
- goto inline$_v2.Eval_loop_anon3_LoopHead$0$Entry;
-
- inline$_v2.Eval_loop_anon3_LoopHead$0$Entry:
- inline$_v2.Eval_loop_anon3_LoopHead$0$in_result := _v2.in_result;
- inline$_v2.Eval_loop_anon3_LoopHead$0$in_x := _v2.in_x;
- havoc inline$_v2.Eval_loop_anon3_LoopHead$0$out_result, inline$_v2.Eval_loop_anon3_LoopHead$0$out_x;
- inline$_v2.Eval_loop_anon3_LoopHead$0$_v2.control_flag := _v2.control_flag;
- goto inline$_v2.Eval_loop_anon3_LoopHead$0$entry;
-
- inline$_v2.Eval_loop_anon3_LoopHead$0$entry:
- inline$_v2.Eval_loop_anon3_LoopHead$0$out_result, inline$_v2.Eval_loop_anon3_LoopHead$0$out_x := inline$_v2.Eval_loop_anon3_LoopHead$0$in_result, inline$_v2.Eval_loop_anon3_LoopHead$0$in_x;
- goto inline$_v2.Eval_loop_anon3_LoopHead$0$anon3_LoopHead;
-
- inline$_v2.Eval_loop_anon3_LoopHead$0$anon3_LoopHead:
- goto inline$_v2.Eval_loop_anon3_LoopHead$0$anon3_LoopDone, inline$_v2.Eval_loop_anon3_LoopHead$0$anon3_LoopBody;
-
- inline$_v2.Eval_loop_anon3_LoopHead$0$anon3_LoopBody:
- assume {:partition} inline$_v2.Eval_loop_anon3_LoopHead$0$out_x > 0;
- _v2.control_flag := _v2.control_UIF(_v2.control_flag, 1);
- inline$_v2.Eval_loop_anon3_LoopHead$0$out_result := inline$_v2.Eval_loop_anon3_LoopHead$0$out_result
- + inline$_v2.Eval_loop_anon3_LoopHead$0$out_x;
- havoc inline$_v2.Eval_loop_anon3_LoopHead$0$out_result;
- inline$_v2.Eval_loop_anon3_LoopHead$0$out_x := inline$_v2.Eval_loop_anon3_LoopHead$0$out_x - 1;
- goto inline$_v2.Eval_loop_anon3_LoopHead$0$anon3_LoopBody_dummy;
-
- inline$_v2.Eval_loop_anon3_LoopHead$0$anon3_LoopBody_dummy:
- _v2.Eval_loop_anon3_LoopHead_in_2_0, _v2.Eval_loop_anon3_LoopHead_in_2_1, _v2.Eval_loop_anon3_LoopHead_in_2_2 := inline$_v2.Eval_loop_anon3_LoopHead$0$out_result, inline$_v2.Eval_loop_anon3_LoopHead$0$out_x, _v2.control_flag;
- call inline$_v2.Eval_loop_anon3_LoopHead$0$out_result, inline$_v2.Eval_loop_anon3_LoopHead$0$out_x := _v2.Eval_loop_anon3_LoopHead(inline$_v2.Eval_loop_anon3_LoopHead$0$out_result, inline$_v2.Eval_loop_anon3_LoopHead$0$out_x);
- _v2.Eval_loop_anon3_LoopHead_2_done := true;
- _v2.Eval_loop_anon3_LoopHead_out_2_0, _v2.Eval_loop_anon3_LoopHead_out_2_1, _v2.Eval_loop_anon3_LoopHead_out_2_2 := inline$_v2.Eval_loop_anon3_LoopHead$0$out_result, inline$_v2.Eval_loop_anon3_LoopHead$0$out_x, _v2.control_flag;
- goto inline$_v2.Eval_loop_anon3_LoopHead$0$Return;
-
- inline$_v2.Eval_loop_anon3_LoopHead$0$anon3_LoopDone:
- assume {:partition} 0 >= inline$_v2.Eval_loop_anon3_LoopHead$0$out_x;
- inline$_v2.Eval_loop_anon3_LoopHead$0$out_result, inline$_v2.Eval_loop_anon3_LoopHead$0$out_x := inline$_v2.Eval_loop_anon3_LoopHead$0$in_result, inline$_v2.Eval_loop_anon3_LoopHead$0$in_x;
- _v2.control_flag := inline$_v2.Eval_loop_anon3_LoopHead$0$_v2.control_flag;
- goto inline$_v2.Eval_loop_anon3_LoopHead$0$Return;
-
- inline$_v2.Eval_loop_anon3_LoopHead$0$Return:
- assume true;
- assume true;
- assume true;
- assume true;
- assume true;
- assume true;
- _v2.out_result := inline$_v2.Eval_loop_anon3_LoopHead$0$out_result;
- _v2.out_x := inline$_v2.Eval_loop_anon3_LoopHead$0$out_x;
- goto START$2;
-
- START$2:
- goto MS_L_0_0;
-
- MS_L_0_0:
- goto MS_L_taken_0, MS_L_not_taken_0;
-
- MS_L_taken_0:
- assume _v1.Eval_loop_anon3_LoopHead_1_done && _v2.Eval_loop_anon3_LoopHead_2_done;
- store__0__v1.control_flag := _v1.control_flag;
- store__0__v2.control_flag := _v2.control_flag;
- _v1.control_flag := _v1.Eval_loop_anon3_LoopHead_in_1_2;
- _v2.control_flag := _v2.Eval_loop_anon3_LoopHead_in_2_2;
- call out__v1.Eval_loop_anon3_LoopHead_out_1_0_0, out__v1.Eval_loop_anon3_LoopHead_out_1_1_0, out__v2.Eval_loop_anon3_LoopHead_out_2_0_0, out__v2.Eval_loop_anon3_LoopHead_out_2_1_0 := MS_Check__v1.Eval_loop_anon3_LoopHead___v2.Eval_loop_anon3_LoopHead(_v1.Eval_loop_anon3_LoopHead_in_1_0, _v1.Eval_loop_anon3_LoopHead_in_1_1, _v2.Eval_loop_anon3_LoopHead_in_2_0, _v2.Eval_loop_anon3_LoopHead_in_2_1);
- assume _v1.control_flag == _v1.Eval_loop_anon3_LoopHead_out_1_2;
- assume _v2.control_flag == _v2.Eval_loop_anon3_LoopHead_out_2_2;
- assume _v1.Eval_loop_anon3_LoopHead_out_1_0
- == out__v1.Eval_loop_anon3_LoopHead_out_1_0_0
- && _v1.Eval_loop_anon3_LoopHead_out_1_1
- == out__v1.Eval_loop_anon3_LoopHead_out_1_1_0
- && _v2.Eval_loop_anon3_LoopHead_out_2_0
- == out__v2.Eval_loop_anon3_LoopHead_out_2_0_0
- && _v2.Eval_loop_anon3_LoopHead_out_2_1
- == out__v2.Eval_loop_anon3_LoopHead_out_2_1_0;
- _v1.control_flag := store__0__v1.control_flag;
- _v2.control_flag := store__0__v2.control_flag;
- goto MS_L_meet_0;
-
- MS_L_not_taken_0:
- assume !(_v1.Eval_loop_anon3_LoopHead_1_done && _v2.Eval_loop_anon3_LoopHead_2_done);
- goto MS_L_meet_0;
-
- MS_L_meet_0:
- return;
-}
-
-
+// RUN: %boogie /nologo /contractInfer /inlineDepth:1 /printAssignment /noinfer "%s" > "%t"
+// RUN: %diff "%s.expect" "%t"
+
+var _v2.control_flag: int;
+
+function _v2.control_UIF(arg_0: int, arg_1: int) : int;
+
+procedure _v2.Eval(x: int) returns (result: int);
+ modifies _v2.control_flag;
+ free ensures {:io_dependency "control_flag", "control_flag", "x"} true;
+ free ensures {:io_dependency "result", "x"} true;
+ free ensures {:io_dependency "control_flag", "control_flag", "x"} true;
+ free ensures {:io_dependency "result", "x"} true;
+
+
+
+procedure _v2.Eval_loop_anon3_LoopHead(in_result: int, in_x: int) returns (out_result: int, out_x: int);
+ modifies _v2.control_flag;
+ free ensures {:io_dependency "control_flag", "control_flag", "in_x"} true;
+ free ensures {:io_dependency "out_result", "in_result", "in_x"} true;
+ free ensures {:io_dependency "out_x", "in_x"} true;
+ free ensures {:io_dependency "control_flag", "control_flag", "in_x"} true;
+ free ensures {:io_dependency "out_result", "in_result", "in_x"} true;
+ free ensures {:io_dependency "out_x", "in_x"} true;
+
+
+
+implementation _v2.Eval(x.1: int) returns (result: int)
+{
+ var x: int;
+
+ anon0:
+ x := x.1;
+ result := 0;
+ _v2.control_flag := 0;
+ goto anon3_LoopHead;
+
+ anon3_LoopHead:
+ call result, x := _v2.Eval_loop_anon3_LoopHead(result, x);
+ goto anon3_LoopHead_last;
+
+ anon3_LoopHead_last:
+ goto anon3_LoopDone, anon3_LoopBody;
+
+ anon3_LoopBody:
+ assume {:partition} x > 0;
+ _v2.control_flag := _v2.control_UIF(_v2.control_flag, 1);
+ result := result + x;
+ havoc result;
+ x := x - 1;
+ goto anon3_LoopBody_dummy;
+
+ anon3_LoopBody_dummy:
+ assume false;
+ return;
+
+ anon3_LoopDone:
+ assume {:partition} 0 >= x;
+ goto anon2;
+
+ anon2:
+ _v2.control_flag := _v2.control_UIF(_v2.control_flag, 2);
+ return;
+}
+
+
+
+implementation _v2.Eval_loop_anon3_LoopHead(in_result: int, in_x: int) returns (out_result: int, out_x: int)
+{
+
+ entry:
+ out_result, out_x := in_result, in_x;
+ goto anon3_LoopHead;
+
+ anon3_LoopHead:
+ goto anon3_LoopDone, anon3_LoopBody;
+
+ anon3_LoopBody:
+ assume {:partition} out_x > 0;
+ _v2.control_flag := _v2.control_UIF(_v2.control_flag, 1);
+ out_result := out_result + out_x;
+ havoc out_result;
+ out_x := out_x - 1;
+ goto anon3_LoopBody_dummy;
+
+ anon3_LoopBody_dummy:
+ call out_result, out_x := _v2.Eval_loop_anon3_LoopHead(out_result, out_x);
+ return;
+
+ anon3_LoopDone:
+ assume {:partition} 0 >= out_x;
+ out_result, out_x := in_result, in_x;
+ _v2.control_flag := old(_v2.control_flag);
+ return;
+}
+
+
+
+var _v1.control_flag: int;
+
+procedure _v1.Eval(x: int) returns (result: int);
+ modifies _v1.control_flag;
+ free ensures {:io_dependency "control_flag", "control_flag", "x"} true;
+ free ensures {:io_dependency "result", "x"} true;
+ free ensures {:io_dependency "control_flag", "control_flag", "x"} true;
+ free ensures {:io_dependency "result", "x"} true;
+
+
+
+procedure _v1.Eval_loop_anon3_LoopHead(in_result: int, in_x: int) returns (out_result: int, out_x: int);
+ modifies _v1.control_flag;
+ free ensures {:io_dependency "control_flag", "control_flag", "in_x"} true;
+ free ensures {:io_dependency "out_result", "in_result", "in_x"} true;
+ free ensures {:io_dependency "out_x", "in_x"} true;
+ free ensures {:io_dependency "control_flag", "control_flag", "in_x"} true;
+ free ensures {:io_dependency "out_result", "in_result", "in_x"} true;
+ free ensures {:io_dependency "out_x", "in_x"} true;
+
+
+
+implementation _v1.Eval(x.1: int) returns (result: int)
+{
+ var x: int;
+
+ anon0:
+ x := x.1;
+ result := 0;
+ _v1.control_flag := 0;
+ goto anon3_LoopHead;
+
+ anon3_LoopHead:
+ call result, x := _v1.Eval_loop_anon3_LoopHead(result, x);
+ goto anon3_LoopHead_last;
+
+ anon3_LoopHead_last:
+ goto anon3_LoopDone, anon3_LoopBody;
+
+ anon3_LoopBody:
+ assume {:partition} x > 0;
+ _v1.control_flag := _v2.control_UIF(_v1.control_flag, 1);
+ result := result + x;
+ x := x - 1;
+ goto anon3_LoopBody_dummy;
+
+ anon3_LoopBody_dummy:
+ assume false;
+ return;
+
+ anon3_LoopDone:
+ assume {:partition} 0 >= x;
+ goto anon2;
+
+ anon2:
+ _v1.control_flag := _v2.control_UIF(_v1.control_flag, 2);
+ return;
+}
+
+
+
+implementation _v1.Eval_loop_anon3_LoopHead(in_result: int, in_x: int) returns (out_result: int, out_x: int)
+{
+
+ entry:
+ out_result, out_x := in_result, in_x;
+ goto anon3_LoopHead;
+
+ anon3_LoopHead:
+ goto anon3_LoopDone, anon3_LoopBody;
+
+ anon3_LoopBody:
+ assume {:partition} out_x > 0;
+ _v1.control_flag := _v2.control_UIF(_v1.control_flag, 1);
+ out_result := out_result + out_x;
+ out_x := out_x - 1;
+ goto anon3_LoopBody_dummy;
+
+ anon3_LoopBody_dummy:
+ call out_result, out_x := _v1.Eval_loop_anon3_LoopHead(out_result, out_x);
+ return;
+
+ anon3_LoopDone:
+ assume {:partition} 0 >= out_x;
+ out_result, out_x := in_result, in_x;
+ _v1.control_flag := old(_v1.control_flag);
+ return;
+}
+
+
+
+function {:inline true} MS$_v1.Eval$_v2.Eval(_v1.x: int,
+ _v1.control_flag_old: int,
+ _v1.control_flag_: int,
+ _v1.result: int,
+ _v2.x: int,
+ _v2.control_flag_old: int,
+ _v2.control_flag_: int,
+ _v2.result: int)
+ : bool
+{
+ true
+}
+
+const {:existential true} _houdini_Eval_control_flag_0: bool;
+
+const {:existential true} _houdini_Eval_result_1: bool;
+
+procedure MS_Check__v1.Eval___v2.Eval(_v1.x: int, _v2.x: int) returns (_v1.result: int, _v2.result: int);
+ modifies _v1.control_flag, _v2.control_flag;
+ ensures MS$_v1.Eval$_v2.Eval(_v1.x,
+ old(_v1.control_flag),
+ _v1.control_flag,
+ _v1.result,
+ _v2.x,
+ old(_v2.control_flag),
+ _v2.control_flag,
+ _v2.result);
+ ensures _houdini_Eval_control_flag_0
+ ==>
+ old(_v1.control_flag == _v2.control_flag && _v1.x == _v2.x)
+ ==> _v1.control_flag == _v2.control_flag;
+ ensures _houdini_Eval_result_1 ==> old(_v1.x == _v2.x) ==> _v1.result == _v2.result;
+
+
+
+implementation MS_Check__v1.Eval___v2.Eval(_v1.x: int, _v2.x: int) returns (_v1.result: int, _v2.result: int)
+{
+ var inline$_v1.Eval$0$x: int;
+ var inline$_v1.Eval$0$x.1: int;
+ var inline$_v1.Eval$0$result: int;
+ var inline$_v1.Eval$0$_v1.control_flag: int;
+ var inline$_v2.Eval$0$x: int;
+ var inline$_v2.Eval$0$x.1: int;
+ var inline$_v2.Eval$0$result: int;
+ var inline$_v2.Eval$0$_v2.control_flag: int;
+ var _v1.Eval_loop_anon3_LoopHead_1_done: bool;
+ var _v1.Eval_loop_anon3_LoopHead_in_1_0: int;
+ var _v1.Eval_loop_anon3_LoopHead_in_1_1: int;
+ var _v1.Eval_loop_anon3_LoopHead_in_1_2: int;
+ var _v1.Eval_loop_anon3_LoopHead_out_1_0: int;
+ var _v1.Eval_loop_anon3_LoopHead_out_1_1: int;
+ var _v1.Eval_loop_anon3_LoopHead_out_1_2: int;
+ var _v2.Eval_loop_anon3_LoopHead_2_done: bool;
+ var _v2.Eval_loop_anon3_LoopHead_in_2_0: int;
+ var _v2.Eval_loop_anon3_LoopHead_in_2_1: int;
+ var _v2.Eval_loop_anon3_LoopHead_in_2_2: int;
+ var _v2.Eval_loop_anon3_LoopHead_out_2_0: int;
+ var _v2.Eval_loop_anon3_LoopHead_out_2_1: int;
+ var _v2.Eval_loop_anon3_LoopHead_out_2_2: int;
+ var store__0__v1.control_flag: int;
+ var store__0__v2.control_flag: int;
+ var out__v1.Eval_loop_anon3_LoopHead_out_1_0_0: int;
+ var out__v1.Eval_loop_anon3_LoopHead_out_1_1_0: int;
+ var out__v2.Eval_loop_anon3_LoopHead_out_2_0_0: int;
+ var out__v2.Eval_loop_anon3_LoopHead_out_2_1_0: int;
+
+ START:
+ _v1.Eval_loop_anon3_LoopHead_1_done, _v2.Eval_loop_anon3_LoopHead_2_done := false, false;
+ goto inline$_v1.Eval$0$Entry;
+
+ inline$_v1.Eval$0$Entry:
+ inline$_v1.Eval$0$x.1 := _v1.x;
+ havoc inline$_v1.Eval$0$x, inline$_v1.Eval$0$result;
+ inline$_v1.Eval$0$_v1.control_flag := _v1.control_flag;
+ goto inline$_v1.Eval$0$anon0;
+
+ inline$_v1.Eval$0$anon0:
+ inline$_v1.Eval$0$x := inline$_v1.Eval$0$x.1;
+ inline$_v1.Eval$0$result := 0;
+ _v1.control_flag := 0;
+ goto inline$_v1.Eval$0$anon3_LoopHead;
+
+ inline$_v1.Eval$0$anon3_LoopHead:
+ _v1.Eval_loop_anon3_LoopHead_in_1_0, _v1.Eval_loop_anon3_LoopHead_in_1_1, _v1.Eval_loop_anon3_LoopHead_in_1_2 := inline$_v1.Eval$0$result, inline$_v1.Eval$0$x, _v1.control_flag;
+ call inline$_v1.Eval$0$result, inline$_v1.Eval$0$x := _v1.Eval_loop_anon3_LoopHead(inline$_v1.Eval$0$result, inline$_v1.Eval$0$x);
+ _v1.Eval_loop_anon3_LoopHead_1_done := true;
+ _v1.Eval_loop_anon3_LoopHead_out_1_0, _v1.Eval_loop_anon3_LoopHead_out_1_1, _v1.Eval_loop_anon3_LoopHead_out_1_2 := inline$_v1.Eval$0$result, inline$_v1.Eval$0$x, _v1.control_flag;
+ goto inline$_v1.Eval$0$anon3_LoopHead_last;
+
+ inline$_v1.Eval$0$anon3_LoopHead_last:
+ goto inline$_v1.Eval$0$anon3_LoopDone, inline$_v1.Eval$0$anon3_LoopBody;
+
+ inline$_v1.Eval$0$anon3_LoopBody:
+ assume {:partition} inline$_v1.Eval$0$x > 0;
+ _v1.control_flag := _v2.control_UIF(_v1.control_flag, 1);
+ inline$_v1.Eval$0$result := inline$_v1.Eval$0$result + inline$_v1.Eval$0$x;
+ inline$_v1.Eval$0$x := inline$_v1.Eval$0$x - 1;
+ goto inline$_v1.Eval$0$anon3_LoopBody_dummy;
+
+ inline$_v1.Eval$0$anon3_LoopBody_dummy:
+ assume false;
+ goto inline$_v1.Eval$0$Return;
+
+ inline$_v1.Eval$0$anon3_LoopDone:
+ assume {:partition} 0 >= inline$_v1.Eval$0$x;
+ goto inline$_v1.Eval$0$anon2;
+
+ inline$_v1.Eval$0$anon2:
+ _v1.control_flag := _v2.control_UIF(_v1.control_flag, 2);
+ goto inline$_v1.Eval$0$Return;
+
+ inline$_v1.Eval$0$Return:
+ assume true;
+ assume true;
+ assume true;
+ assume true;
+ _v1.result := inline$_v1.Eval$0$result;
+ goto START$1;
+
+ START$1:
+ goto inline$_v2.Eval$0$Entry;
+
+ inline$_v2.Eval$0$Entry:
+ inline$_v2.Eval$0$x.1 := _v2.x;
+ havoc inline$_v2.Eval$0$x, inline$_v2.Eval$0$result;
+ inline$_v2.Eval$0$_v2.control_flag := _v2.control_flag;
+ goto inline$_v2.Eval$0$anon0;
+
+ inline$_v2.Eval$0$anon0:
+ inline$_v2.Eval$0$x := inline$_v2.Eval$0$x.1;
+ inline$_v2.Eval$0$result := 0;
+ _v2.control_flag := 0;
+ goto inline$_v2.Eval$0$anon3_LoopHead;
+
+ inline$_v2.Eval$0$anon3_LoopHead:
+ _v2.Eval_loop_anon3_LoopHead_in_2_0, _v2.Eval_loop_anon3_LoopHead_in_2_1, _v2.Eval_loop_anon3_LoopHead_in_2_2 := inline$_v2.Eval$0$result, inline$_v2.Eval$0$x, _v2.control_flag;
+ call inline$_v2.Eval$0$result, inline$_v2.Eval$0$x := _v2.Eval_loop_anon3_LoopHead(inline$_v2.Eval$0$result, inline$_v2.Eval$0$x);
+ _v2.Eval_loop_anon3_LoopHead_2_done := true;
+ _v2.Eval_loop_anon3_LoopHead_out_2_0, _v2.Eval_loop_anon3_LoopHead_out_2_1, _v2.Eval_loop_anon3_LoopHead_out_2_2 := inline$_v2.Eval$0$result, inline$_v2.Eval$0$x, _v2.control_flag;
+ goto inline$_v2.Eval$0$anon3_LoopHead_last;
+
+ inline$_v2.Eval$0$anon3_LoopHead_last:
+ goto inline$_v2.Eval$0$anon3_LoopDone, inline$_v2.Eval$0$anon3_LoopBody;
+
+ inline$_v2.Eval$0$anon3_LoopBody:
+ assume {:partition} inline$_v2.Eval$0$x > 0;
+ _v2.control_flag := _v2.control_UIF(_v2.control_flag, 1);
+ inline$_v2.Eval$0$result := inline$_v2.Eval$0$result + inline$_v2.Eval$0$x;
+ havoc inline$_v2.Eval$0$result;
+ inline$_v2.Eval$0$x := inline$_v2.Eval$0$x - 1;
+ goto inline$_v2.Eval$0$anon3_LoopBody_dummy;
+
+ inline$_v2.Eval$0$anon3_LoopBody_dummy:
+ assume false;
+ goto inline$_v2.Eval$0$Return;
+
+ inline$_v2.Eval$0$anon3_LoopDone:
+ assume {:partition} 0 >= inline$_v2.Eval$0$x;
+ goto inline$_v2.Eval$0$anon2;
+
+ inline$_v2.Eval$0$anon2:
+ _v2.control_flag := _v2.control_UIF(_v2.control_flag, 2);
+ goto inline$_v2.Eval$0$Return;
+
+ inline$_v2.Eval$0$Return:
+ assume true;
+ assume true;
+ assume true;
+ assume true;
+ _v2.result := inline$_v2.Eval$0$result;
+ goto START$2;
+
+ START$2:
+ goto MS_L_0_0;
+
+ MS_L_0_0:
+ goto MS_L_taken_0, MS_L_not_taken_0;
+
+ MS_L_taken_0:
+ assume _v1.Eval_loop_anon3_LoopHead_1_done && _v2.Eval_loop_anon3_LoopHead_2_done;
+ store__0__v1.control_flag := _v1.control_flag;
+ store__0__v2.control_flag := _v2.control_flag;
+ _v1.control_flag := _v1.Eval_loop_anon3_LoopHead_in_1_2;
+ _v2.control_flag := _v2.Eval_loop_anon3_LoopHead_in_2_2;
+ call out__v1.Eval_loop_anon3_LoopHead_out_1_0_0, out__v1.Eval_loop_anon3_LoopHead_out_1_1_0, out__v2.Eval_loop_anon3_LoopHead_out_2_0_0, out__v2.Eval_loop_anon3_LoopHead_out_2_1_0 := MS_Check__v1.Eval_loop_anon3_LoopHead___v2.Eval_loop_anon3_LoopHead(_v1.Eval_loop_anon3_LoopHead_in_1_0, _v1.Eval_loop_anon3_LoopHead_in_1_1, _v2.Eval_loop_anon3_LoopHead_in_2_0, _v2.Eval_loop_anon3_LoopHead_in_2_1);
+ assume _v1.control_flag == _v1.Eval_loop_anon3_LoopHead_out_1_2;
+ assume _v2.control_flag == _v2.Eval_loop_anon3_LoopHead_out_2_2;
+ assume _v1.Eval_loop_anon3_LoopHead_out_1_0
+ == out__v1.Eval_loop_anon3_LoopHead_out_1_0_0
+ && _v1.Eval_loop_anon3_LoopHead_out_1_1
+ == out__v1.Eval_loop_anon3_LoopHead_out_1_1_0
+ && _v2.Eval_loop_anon3_LoopHead_out_2_0
+ == out__v2.Eval_loop_anon3_LoopHead_out_2_0_0
+ && _v2.Eval_loop_anon3_LoopHead_out_2_1
+ == out__v2.Eval_loop_anon3_LoopHead_out_2_1_0;
+ _v1.control_flag := store__0__v1.control_flag;
+ _v2.control_flag := store__0__v2.control_flag;
+ goto MS_L_meet_0;
+
+ MS_L_not_taken_0:
+ assume !(_v1.Eval_loop_anon3_LoopHead_1_done && _v2.Eval_loop_anon3_LoopHead_2_done);
+ goto MS_L_meet_0;
+
+ MS_L_meet_0:
+ return;
+}
+
+
+
+function {:inline true} MS$_v1.Eval_loop_anon3_LoopHead$_v2.Eval_loop_anon3_LoopHead(_v1.in_result: int,
+ _v1.in_x: int,
+ _v1.control_flag_old: int,
+ _v1.control_flag_: int,
+ _v1.out_result: int,
+ _v1.out_x: int,
+ _v2.in_result: int,
+ _v2.in_x: int,
+ _v2.control_flag_old: int,
+ _v2.control_flag_: int,
+ _v2.out_result: int,
+ _v2.out_x: int)
+ : bool
+{
+ true
+}
+
+const {:existential true} _houdini_Eval_loop_anon3_LoopHead_control_flag_2: bool;
+
+const {:existential true} _houdini_Eval_loop_anon3_LoopHead_out_result_3: bool;
+
+const {:existential true} _houdini_Eval_loop_anon3_LoopHead_out_x_4: bool;
+
+procedure MS_Check__v1.Eval_loop_anon3_LoopHead___v2.Eval_loop_anon3_LoopHead(_v1.in_result: int, _v1.in_x: int, _v2.in_result: int, _v2.in_x: int)
+ returns (_v1.out_result: int, _v1.out_x: int, _v2.out_result: int, _v2.out_x: int);
+ modifies _v1.control_flag, _v2.control_flag;
+ ensures MS$_v1.Eval_loop_anon3_LoopHead$_v2.Eval_loop_anon3_LoopHead(_v1.in_result,
+ _v1.in_x,
+ old(_v1.control_flag),
+ _v1.control_flag,
+ _v1.out_result,
+ _v1.out_x,
+ _v2.in_result,
+ _v2.in_x,
+ old(_v2.control_flag),
+ _v2.control_flag,
+ _v2.out_result,
+ _v2.out_x);
+ ensures _houdini_Eval_loop_anon3_LoopHead_control_flag_2
+ ==>
+ old(_v1.control_flag == _v2.control_flag && _v1.in_x == _v2.in_x)
+ ==> _v1.control_flag == _v2.control_flag;
+ ensures _houdini_Eval_loop_anon3_LoopHead_out_result_3
+ ==>
+ old(_v1.in_result == _v2.in_result && _v1.in_x == _v2.in_x)
+ ==> _v1.out_result == _v2.out_result;
+ ensures _houdini_Eval_loop_anon3_LoopHead_out_x_4
+ ==>
+ old(_v1.in_x == _v2.in_x)
+ ==> _v1.out_x == _v2.out_x;
+
+
+
+implementation MS_Check__v1.Eval_loop_anon3_LoopHead___v2.Eval_loop_anon3_LoopHead(_v1.in_result: int, _v1.in_x: int, _v2.in_result: int, _v2.in_x: int)
+ returns (_v1.out_result: int, _v1.out_x: int, _v2.out_result: int, _v2.out_x: int)
+{
+ var inline$_v1.Eval_loop_anon3_LoopHead$0$in_result: int;
+ var inline$_v1.Eval_loop_anon3_LoopHead$0$in_x: int;
+ var inline$_v1.Eval_loop_anon3_LoopHead$0$out_result: int;
+ var inline$_v1.Eval_loop_anon3_LoopHead$0$out_x: int;
+ var inline$_v1.Eval_loop_anon3_LoopHead$0$_v1.control_flag: int;
+ var inline$_v2.Eval_loop_anon3_LoopHead$0$in_result: int;
+ var inline$_v2.Eval_loop_anon3_LoopHead$0$in_x: int;
+ var inline$_v2.Eval_loop_anon3_LoopHead$0$out_result: int;
+ var inline$_v2.Eval_loop_anon3_LoopHead$0$out_x: int;
+ var inline$_v2.Eval_loop_anon3_LoopHead$0$_v2.control_flag: int;
+ var _v1.Eval_loop_anon3_LoopHead_1_done: bool;
+ var _v1.Eval_loop_anon3_LoopHead_in_1_0: int;
+ var _v1.Eval_loop_anon3_LoopHead_in_1_1: int;
+ var _v1.Eval_loop_anon3_LoopHead_in_1_2: int;
+ var _v1.Eval_loop_anon3_LoopHead_out_1_0: int;
+ var _v1.Eval_loop_anon3_LoopHead_out_1_1: int;
+ var _v1.Eval_loop_anon3_LoopHead_out_1_2: int;
+ var _v2.Eval_loop_anon3_LoopHead_2_done: bool;
+ var _v2.Eval_loop_anon3_LoopHead_in_2_0: int;
+ var _v2.Eval_loop_anon3_LoopHead_in_2_1: int;
+ var _v2.Eval_loop_anon3_LoopHead_in_2_2: int;
+ var _v2.Eval_loop_anon3_LoopHead_out_2_0: int;
+ var _v2.Eval_loop_anon3_LoopHead_out_2_1: int;
+ var _v2.Eval_loop_anon3_LoopHead_out_2_2: int;
+ var store__0__v1.control_flag: int;
+ var store__0__v2.control_flag: int;
+ var out__v1.Eval_loop_anon3_LoopHead_out_1_0_0: int;
+ var out__v1.Eval_loop_anon3_LoopHead_out_1_1_0: int;
+ var out__v2.Eval_loop_anon3_LoopHead_out_2_0_0: int;
+ var out__v2.Eval_loop_anon3_LoopHead_out_2_1_0: int;
+
+ START:
+ _v1.Eval_loop_anon3_LoopHead_1_done, _v2.Eval_loop_anon3_LoopHead_2_done := false, false;
+ goto inline$_v1.Eval_loop_anon3_LoopHead$0$Entry;
+
+ inline$_v1.Eval_loop_anon3_LoopHead$0$Entry:
+ inline$_v1.Eval_loop_anon3_LoopHead$0$in_result := _v1.in_result;
+ inline$_v1.Eval_loop_anon3_LoopHead$0$in_x := _v1.in_x;
+ havoc inline$_v1.Eval_loop_anon3_LoopHead$0$out_result, inline$_v1.Eval_loop_anon3_LoopHead$0$out_x;
+ inline$_v1.Eval_loop_anon3_LoopHead$0$_v1.control_flag := _v1.control_flag;
+ goto inline$_v1.Eval_loop_anon3_LoopHead$0$entry;
+
+ inline$_v1.Eval_loop_anon3_LoopHead$0$entry:
+ inline$_v1.Eval_loop_anon3_LoopHead$0$out_result, inline$_v1.Eval_loop_anon3_LoopHead$0$out_x := inline$_v1.Eval_loop_anon3_LoopHead$0$in_result, inline$_v1.Eval_loop_anon3_LoopHead$0$in_x;
+ goto inline$_v1.Eval_loop_anon3_LoopHead$0$anon3_LoopHead;
+
+ inline$_v1.Eval_loop_anon3_LoopHead$0$anon3_LoopHead:
+ goto inline$_v1.Eval_loop_anon3_LoopHead$0$anon3_LoopDone, inline$_v1.Eval_loop_anon3_LoopHead$0$anon3_LoopBody;
+
+ inline$_v1.Eval_loop_anon3_LoopHead$0$anon3_LoopBody:
+ assume {:partition} inline$_v1.Eval_loop_anon3_LoopHead$0$out_x > 0;
+ _v1.control_flag := _v2.control_UIF(_v1.control_flag, 1);
+ inline$_v1.Eval_loop_anon3_LoopHead$0$out_result := inline$_v1.Eval_loop_anon3_LoopHead$0$out_result
+ + inline$_v1.Eval_loop_anon3_LoopHead$0$out_x;
+ inline$_v1.Eval_loop_anon3_LoopHead$0$out_x := inline$_v1.Eval_loop_anon3_LoopHead$0$out_x - 1;
+ goto inline$_v1.Eval_loop_anon3_LoopHead$0$anon3_LoopBody_dummy;
+
+ inline$_v1.Eval_loop_anon3_LoopHead$0$anon3_LoopBody_dummy:
+ _v1.Eval_loop_anon3_LoopHead_in_1_0, _v1.Eval_loop_anon3_LoopHead_in_1_1, _v1.Eval_loop_anon3_LoopHead_in_1_2 := inline$_v1.Eval_loop_anon3_LoopHead$0$out_result, inline$_v1.Eval_loop_anon3_LoopHead$0$out_x, _v1.control_flag;
+ call inline$_v1.Eval_loop_anon3_LoopHead$0$out_result, inline$_v1.Eval_loop_anon3_LoopHead$0$out_x := _v1.Eval_loop_anon3_LoopHead(inline$_v1.Eval_loop_anon3_LoopHead$0$out_result, inline$_v1.Eval_loop_anon3_LoopHead$0$out_x);
+ _v1.Eval_loop_anon3_LoopHead_1_done := true;
+ _v1.Eval_loop_anon3_LoopHead_out_1_0, _v1.Eval_loop_anon3_LoopHead_out_1_1, _v1.Eval_loop_anon3_LoopHead_out_1_2 := inline$_v1.Eval_loop_anon3_LoopHead$0$out_result, inline$_v1.Eval_loop_anon3_LoopHead$0$out_x, _v1.control_flag;
+ goto inline$_v1.Eval_loop_anon3_LoopHead$0$Return;
+
+ inline$_v1.Eval_loop_anon3_LoopHead$0$anon3_LoopDone:
+ assume {:partition} 0 >= inline$_v1.Eval_loop_anon3_LoopHead$0$out_x;
+ inline$_v1.Eval_loop_anon3_LoopHead$0$out_result, inline$_v1.Eval_loop_anon3_LoopHead$0$out_x := inline$_v1.Eval_loop_anon3_LoopHead$0$in_result, inline$_v1.Eval_loop_anon3_LoopHead$0$in_x;
+ _v1.control_flag := inline$_v1.Eval_loop_anon3_LoopHead$0$_v1.control_flag;
+ goto inline$_v1.Eval_loop_anon3_LoopHead$0$Return;
+
+ inline$_v1.Eval_loop_anon3_LoopHead$0$Return:
+ assume true;
+ assume true;
+ assume true;
+ assume true;
+ assume true;
+ assume true;
+ _v1.out_result := inline$_v1.Eval_loop_anon3_LoopHead$0$out_result;
+ _v1.out_x := inline$_v1.Eval_loop_anon3_LoopHead$0$out_x;
+ goto START$1;
+
+ START$1:
+ goto inline$_v2.Eval_loop_anon3_LoopHead$0$Entry;
+
+ inline$_v2.Eval_loop_anon3_LoopHead$0$Entry:
+ inline$_v2.Eval_loop_anon3_LoopHead$0$in_result := _v2.in_result;
+ inline$_v2.Eval_loop_anon3_LoopHead$0$in_x := _v2.in_x;
+ havoc inline$_v2.Eval_loop_anon3_LoopHead$0$out_result, inline$_v2.Eval_loop_anon3_LoopHead$0$out_x;
+ inline$_v2.Eval_loop_anon3_LoopHead$0$_v2.control_flag := _v2.control_flag;
+ goto inline$_v2.Eval_loop_anon3_LoopHead$0$entry;
+
+ inline$_v2.Eval_loop_anon3_LoopHead$0$entry:
+ inline$_v2.Eval_loop_anon3_LoopHead$0$out_result, inline$_v2.Eval_loop_anon3_LoopHead$0$out_x := inline$_v2.Eval_loop_anon3_LoopHead$0$in_result, inline$_v2.Eval_loop_anon3_LoopHead$0$in_x;
+ goto inline$_v2.Eval_loop_anon3_LoopHead$0$anon3_LoopHead;
+
+ inline$_v2.Eval_loop_anon3_LoopHead$0$anon3_LoopHead:
+ goto inline$_v2.Eval_loop_anon3_LoopHead$0$anon3_LoopDone, inline$_v2.Eval_loop_anon3_LoopHead$0$anon3_LoopBody;
+
+ inline$_v2.Eval_loop_anon3_LoopHead$0$anon3_LoopBody:
+ assume {:partition} inline$_v2.Eval_loop_anon3_LoopHead$0$out_x > 0;
+ _v2.control_flag := _v2.control_UIF(_v2.control_flag, 1);
+ inline$_v2.Eval_loop_anon3_LoopHead$0$out_result := inline$_v2.Eval_loop_anon3_LoopHead$0$out_result
+ + inline$_v2.Eval_loop_anon3_LoopHead$0$out_x;
+ havoc inline$_v2.Eval_loop_anon3_LoopHead$0$out_result;
+ inline$_v2.Eval_loop_anon3_LoopHead$0$out_x := inline$_v2.Eval_loop_anon3_LoopHead$0$out_x - 1;
+ goto inline$_v2.Eval_loop_anon3_LoopHead$0$anon3_LoopBody_dummy;
+
+ inline$_v2.Eval_loop_anon3_LoopHead$0$anon3_LoopBody_dummy:
+ _v2.Eval_loop_anon3_LoopHead_in_2_0, _v2.Eval_loop_anon3_LoopHead_in_2_1, _v2.Eval_loop_anon3_LoopHead_in_2_2 := inline$_v2.Eval_loop_anon3_LoopHead$0$out_result, inline$_v2.Eval_loop_anon3_LoopHead$0$out_x, _v2.control_flag;
+ call inline$_v2.Eval_loop_anon3_LoopHead$0$out_result, inline$_v2.Eval_loop_anon3_LoopHead$0$out_x := _v2.Eval_loop_anon3_LoopHead(inline$_v2.Eval_loop_anon3_LoopHead$0$out_result, inline$_v2.Eval_loop_anon3_LoopHead$0$out_x);
+ _v2.Eval_loop_anon3_LoopHead_2_done := true;
+ _v2.Eval_loop_anon3_LoopHead_out_2_0, _v2.Eval_loop_anon3_LoopHead_out_2_1, _v2.Eval_loop_anon3_LoopHead_out_2_2 := inline$_v2.Eval_loop_anon3_LoopHead$0$out_result, inline$_v2.Eval_loop_anon3_LoopHead$0$out_x, _v2.control_flag;
+ goto inline$_v2.Eval_loop_anon3_LoopHead$0$Return;
+
+ inline$_v2.Eval_loop_anon3_LoopHead$0$anon3_LoopDone:
+ assume {:partition} 0 >= inline$_v2.Eval_loop_anon3_LoopHead$0$out_x;
+ inline$_v2.Eval_loop_anon3_LoopHead$0$out_result, inline$_v2.Eval_loop_anon3_LoopHead$0$out_x := inline$_v2.Eval_loop_anon3_LoopHead$0$in_result, inline$_v2.Eval_loop_anon3_LoopHead$0$in_x;
+ _v2.control_flag := inline$_v2.Eval_loop_anon3_LoopHead$0$_v2.control_flag;
+ goto inline$_v2.Eval_loop_anon3_LoopHead$0$Return;
+
+ inline$_v2.Eval_loop_anon3_LoopHead$0$Return:
+ assume true;
+ assume true;
+ assume true;
+ assume true;
+ assume true;
+ assume true;
+ _v2.out_result := inline$_v2.Eval_loop_anon3_LoopHead$0$out_result;
+ _v2.out_x := inline$_v2.Eval_loop_anon3_LoopHead$0$out_x;
+ goto START$2;
+
+ START$2:
+ goto MS_L_0_0;
+
+ MS_L_0_0:
+ goto MS_L_taken_0, MS_L_not_taken_0;
+
+ MS_L_taken_0:
+ assume _v1.Eval_loop_anon3_LoopHead_1_done && _v2.Eval_loop_anon3_LoopHead_2_done;
+ store__0__v1.control_flag := _v1.control_flag;
+ store__0__v2.control_flag := _v2.control_flag;
+ _v1.control_flag := _v1.Eval_loop_anon3_LoopHead_in_1_2;
+ _v2.control_flag := _v2.Eval_loop_anon3_LoopHead_in_2_2;
+ call out__v1.Eval_loop_anon3_LoopHead_out_1_0_0, out__v1.Eval_loop_anon3_LoopHead_out_1_1_0, out__v2.Eval_loop_anon3_LoopHead_out_2_0_0, out__v2.Eval_loop_anon3_LoopHead_out_2_1_0 := MS_Check__v1.Eval_loop_anon3_LoopHead___v2.Eval_loop_anon3_LoopHead(_v1.Eval_loop_anon3_LoopHead_in_1_0, _v1.Eval_loop_anon3_LoopHead_in_1_1, _v2.Eval_loop_anon3_LoopHead_in_2_0, _v2.Eval_loop_anon3_LoopHead_in_2_1);
+ assume _v1.control_flag == _v1.Eval_loop_anon3_LoopHead_out_1_2;
+ assume _v2.control_flag == _v2.Eval_loop_anon3_LoopHead_out_2_2;
+ assume _v1.Eval_loop_anon3_LoopHead_out_1_0
+ == out__v1.Eval_loop_anon3_LoopHead_out_1_0_0
+ && _v1.Eval_loop_anon3_LoopHead_out_1_1
+ == out__v1.Eval_loop_anon3_LoopHead_out_1_1_0
+ && _v2.Eval_loop_anon3_LoopHead_out_2_0
+ == out__v2.Eval_loop_anon3_LoopHead_out_2_0_0
+ && _v2.Eval_loop_anon3_LoopHead_out_2_1
+ == out__v2.Eval_loop_anon3_LoopHead_out_2_1_0;
+ _v1.control_flag := store__0__v1.control_flag;
+ _v2.control_flag := store__0__v2.control_flag;
+ goto MS_L_meet_0;
+
+ MS_L_not_taken_0:
+ assume !(_v1.Eval_loop_anon3_LoopHead_1_done && _v2.Eval_loop_anon3_LoopHead_2_done);
+ goto MS_L_meet_0;
+
+ MS_L_meet_0:
+ return;
+}
+
+
diff --git a/Test/houdini/mergedProgSingle_res_ex1.bpl.expect b/Test/houdini/mergedProgSingle_res_ex1.bpl.expect
index ead49d31..f7d607c3 100644
--- a/Test/houdini/mergedProgSingle_res_ex1.bpl.expect
+++ b/Test/houdini/mergedProgSingle_res_ex1.bpl.expect
@@ -1,8 +1,8 @@
-Assignment computed by Houdini:
-_houdini_Eval_control_flag_0 = True
-_houdini_Eval_result_1 = False
-_houdini_Eval_loop_anon3_LoopHead_control_flag_2 = True
-_houdini_Eval_loop_anon3_LoopHead_out_result_3 = False
-_houdini_Eval_loop_anon3_LoopHead_out_x_4 = True
-
-Boogie program verifier finished with 6 verified, 0 errors
+Assignment computed by Houdini:
+_houdini_Eval_control_flag_0 = True
+_houdini_Eval_result_1 = False
+_houdini_Eval_loop_anon3_LoopHead_control_flag_2 = True
+_houdini_Eval_loop_anon3_LoopHead_out_result_3 = False
+_houdini_Eval_loop_anon3_LoopHead_out_x_4 = True
+
+Boogie program verifier finished with 6 verified, 0 errors
diff --git a/Test/houdini/mergedProgSingle_res_ex2.bpl b/Test/houdini/mergedProgSingle_res_ex2.bpl
index 2337d434..ae5688aa 100644
--- a/Test/houdini/mergedProgSingle_res_ex2.bpl
+++ b/Test/houdini/mergedProgSingle_res_ex2.bpl
@@ -1,621 +1,621 @@
-// RUN: %boogie /nologo /contractInfer /inlineDepth:1 /printAssignment /noinfer "%s" > "%t"
-// RUN: %diff "%s.expect" "%t"
-
-var _v2.control_flag: int;
-
-function _v2.control_UIF(arg_0: int, arg_1: int) : int;
-
-procedure _v2.Eval(x: int) returns (result: int);
- modifies _v2.control_flag;
- free ensures {:io_dependency "control_flag", "control_flag", "x"} true;
- free ensures {:io_dependency "result", "x"} true;
- free ensures {:io_dependency "control_flag", "control_flag", "x"} true;
- free ensures {:io_dependency "result", "x"} true;
-
-
-
-procedure _v2.Eval_loop_anon3_LoopHead(in_result: int, in_x: int) returns (out_result: int, out_x: int);
- modifies _v2.control_flag;
- free ensures {:io_dependency "control_flag", "control_flag", "in_x"} true;
- free ensures {:io_dependency "out_result", "in_result", "in_x"} true;
- free ensures {:io_dependency "out_x", "in_x"} true;
- free ensures {:io_dependency "control_flag", "control_flag", "in_x"} true;
- free ensures {:io_dependency "out_result", "in_result", "in_x"} true;
- free ensures {:io_dependency "out_x", "in_x"} true;
-
-
-
-implementation _v2.Eval(x.1: int) returns (result: int)
-{
- var x: int;
-
- anon0:
- x := x.1;
- result := 0;
- _v2.control_flag := 0;
- goto anon3_LoopHead;
-
- anon3_LoopHead:
- call result, x := _v2.Eval_loop_anon3_LoopHead(result, x);
- goto anon3_LoopHead_last;
-
- anon3_LoopHead_last:
- goto anon3_LoopDone, anon3_LoopBody;
-
- anon3_LoopBody:
- assume {:partition} x > 0;
- _v2.control_flag := _v2.control_UIF(_v2.control_flag, 1);
- result := result + x;
- x := x - 1;
- havoc x;
- goto anon3_LoopBody_dummy;
-
- anon3_LoopBody_dummy:
- assume false;
- return;
-
- anon3_LoopDone:
- assume {:partition} 0 >= x;
- goto anon2;
-
- anon2:
- _v2.control_flag := _v2.control_UIF(_v2.control_flag, 2);
- return;
-}
-
-
-
-implementation _v2.Eval_loop_anon3_LoopHead(in_result: int, in_x: int) returns (out_result: int, out_x: int)
-{
-
- entry:
- out_result, out_x := in_result, in_x;
- goto anon3_LoopHead;
-
- anon3_LoopHead:
- goto anon3_LoopDone, anon3_LoopBody;
-
- anon3_LoopBody:
- assume {:partition} out_x > 0;
- _v2.control_flag := _v2.control_UIF(_v2.control_flag, 1);
- out_result := out_result + out_x;
- out_x := out_x - 1;
- havoc out_x;
- goto anon3_LoopBody_dummy;
-
- anon3_LoopBody_dummy:
- call out_result, out_x := _v2.Eval_loop_anon3_LoopHead(out_result, out_x);
- return;
-
- anon3_LoopDone:
- assume {:partition} 0 >= out_x;
- out_result, out_x := in_result, in_x;
- _v2.control_flag := old(_v2.control_flag);
- return;
-}
-
-
-
-var _v1.control_flag: int;
-
-procedure _v1.Eval(x: int) returns (result: int);
- modifies _v1.control_flag;
- free ensures {:io_dependency "control_flag", "control_flag", "x"} true;
- free ensures {:io_dependency "result", "x"} true;
- free ensures {:io_dependency "control_flag", "control_flag", "x"} true;
- free ensures {:io_dependency "result", "x"} true;
-
-
-
-procedure _v1.Eval_loop_anon3_LoopHead(in_result: int, in_x: int) returns (out_result: int, out_x: int);
- modifies _v1.control_flag;
- free ensures {:io_dependency "control_flag", "control_flag", "in_x"} true;
- free ensures {:io_dependency "out_result", "in_result", "in_x"} true;
- free ensures {:io_dependency "out_x", "in_x"} true;
- free ensures {:io_dependency "control_flag", "control_flag", "in_x"} true;
- free ensures {:io_dependency "out_result", "in_result", "in_x"} true;
- free ensures {:io_dependency "out_x", "in_x"} true;
-
-
-
-implementation _v1.Eval(x.1: int) returns (result: int)
-{
- var x: int;
-
- anon0:
- x := x.1;
- result := 0;
- _v1.control_flag := 0;
- goto anon3_LoopHead;
-
- anon3_LoopHead:
- call result, x := _v1.Eval_loop_anon3_LoopHead(result, x);
- goto anon3_LoopHead_last;
-
- anon3_LoopHead_last:
- goto anon3_LoopDone, anon3_LoopBody;
-
- anon3_LoopBody:
- assume {:partition} x > 0;
- _v1.control_flag := _v2.control_UIF(_v1.control_flag, 1);
- result := result + x;
- x := x - 1;
- goto anon3_LoopBody_dummy;
-
- anon3_LoopBody_dummy:
- assume false;
- return;
-
- anon3_LoopDone:
- assume {:partition} 0 >= x;
- goto anon2;
-
- anon2:
- _v1.control_flag := _v2.control_UIF(_v1.control_flag, 2);
- return;
-}
-
-
-
-implementation _v1.Eval_loop_anon3_LoopHead(in_result: int, in_x: int) returns (out_result: int, out_x: int)
-{
-
- entry:
- out_result, out_x := in_result, in_x;
- goto anon3_LoopHead;
-
- anon3_LoopHead:
- goto anon3_LoopDone, anon3_LoopBody;
-
- anon3_LoopBody:
- assume {:partition} out_x > 0;
- _v1.control_flag := _v2.control_UIF(_v1.control_flag, 1);
- out_result := out_result + out_x;
- out_x := out_x - 1;
- goto anon3_LoopBody_dummy;
-
- anon3_LoopBody_dummy:
- call out_result, out_x := _v1.Eval_loop_anon3_LoopHead(out_result, out_x);
- return;
-
- anon3_LoopDone:
- assume {:partition} 0 >= out_x;
- out_result, out_x := in_result, in_x;
- _v1.control_flag := old(_v1.control_flag);
- return;
-}
-
-
-
-function {:inline true} MS$_v1.Eval$_v2.Eval(_v1.x: int,
- _v1.control_flag_old: int,
- _v1.control_flag_: int,
- _v1.result: int,
- _v2.x: int,
- _v2.control_flag_old: int,
- _v2.control_flag_: int,
- _v2.result: int)
- : bool
-{
- true
-}
-
-const {:existential true} _houdini_Eval_control_flag_0: bool;
-
-const {:existential true} _houdini_Eval_result_1: bool;
-
-procedure MS_Check__v1.Eval___v2.Eval(_v1.x: int, _v2.x: int) returns (_v1.result: int, _v2.result: int);
- modifies _v1.control_flag, _v2.control_flag;
- ensures MS$_v1.Eval$_v2.Eval(_v1.x,
- old(_v1.control_flag),
- _v1.control_flag,
- _v1.result,
- _v2.x,
- old(_v2.control_flag),
- _v2.control_flag,
- _v2.result);
- ensures _houdini_Eval_control_flag_0
- ==>
- old(_v1.control_flag == _v2.control_flag && _v1.x == _v2.x)
- ==> _v1.control_flag == _v2.control_flag;
- ensures _houdini_Eval_result_1 ==> old(_v1.x == _v2.x) ==> _v1.result == _v2.result;
-
-
-
-implementation MS_Check__v1.Eval___v2.Eval(_v1.x: int, _v2.x: int) returns (_v1.result: int, _v2.result: int)
-{
- var inline$_v1.Eval$0$x: int;
- var inline$_v1.Eval$0$x.1: int;
- var inline$_v1.Eval$0$result: int;
- var inline$_v1.Eval$0$_v1.control_flag: int;
- var inline$_v2.Eval$0$x: int;
- var inline$_v2.Eval$0$x.1: int;
- var inline$_v2.Eval$0$result: int;
- var inline$_v2.Eval$0$_v2.control_flag: int;
- var _v1.Eval_loop_anon3_LoopHead_1_done: bool;
- var _v1.Eval_loop_anon3_LoopHead_in_1_0: int;
- var _v1.Eval_loop_anon3_LoopHead_in_1_1: int;
- var _v1.Eval_loop_anon3_LoopHead_in_1_2: int;
- var _v1.Eval_loop_anon3_LoopHead_out_1_0: int;
- var _v1.Eval_loop_anon3_LoopHead_out_1_1: int;
- var _v1.Eval_loop_anon3_LoopHead_out_1_2: int;
- var _v2.Eval_loop_anon3_LoopHead_2_done: bool;
- var _v2.Eval_loop_anon3_LoopHead_in_2_0: int;
- var _v2.Eval_loop_anon3_LoopHead_in_2_1: int;
- var _v2.Eval_loop_anon3_LoopHead_in_2_2: int;
- var _v2.Eval_loop_anon3_LoopHead_out_2_0: int;
- var _v2.Eval_loop_anon3_LoopHead_out_2_1: int;
- var _v2.Eval_loop_anon3_LoopHead_out_2_2: int;
- var store__0__v1.control_flag: int;
- var store__0__v2.control_flag: int;
- var out__v1.Eval_loop_anon3_LoopHead_out_1_0_0: int;
- var out__v1.Eval_loop_anon3_LoopHead_out_1_1_0: int;
- var out__v2.Eval_loop_anon3_LoopHead_out_2_0_0: int;
- var out__v2.Eval_loop_anon3_LoopHead_out_2_1_0: int;
-
- START:
- _v1.Eval_loop_anon3_LoopHead_1_done, _v2.Eval_loop_anon3_LoopHead_2_done := false, false;
- goto inline$_v1.Eval$0$Entry;
-
- inline$_v1.Eval$0$Entry:
- inline$_v1.Eval$0$x.1 := _v1.x;
- havoc inline$_v1.Eval$0$x, inline$_v1.Eval$0$result;
- inline$_v1.Eval$0$_v1.control_flag := _v1.control_flag;
- goto inline$_v1.Eval$0$anon0;
-
- inline$_v1.Eval$0$anon0:
- inline$_v1.Eval$0$x := inline$_v1.Eval$0$x.1;
- inline$_v1.Eval$0$result := 0;
- _v1.control_flag := 0;
- goto inline$_v1.Eval$0$anon3_LoopHead;
-
- inline$_v1.Eval$0$anon3_LoopHead:
- _v1.Eval_loop_anon3_LoopHead_in_1_0, _v1.Eval_loop_anon3_LoopHead_in_1_1, _v1.Eval_loop_anon3_LoopHead_in_1_2 := inline$_v1.Eval$0$result, inline$_v1.Eval$0$x, _v1.control_flag;
- call inline$_v1.Eval$0$result, inline$_v1.Eval$0$x := _v1.Eval_loop_anon3_LoopHead(inline$_v1.Eval$0$result, inline$_v1.Eval$0$x);
- _v1.Eval_loop_anon3_LoopHead_1_done := true;
- _v1.Eval_loop_anon3_LoopHead_out_1_0, _v1.Eval_loop_anon3_LoopHead_out_1_1, _v1.Eval_loop_anon3_LoopHead_out_1_2 := inline$_v1.Eval$0$result, inline$_v1.Eval$0$x, _v1.control_flag;
- goto inline$_v1.Eval$0$anon3_LoopHead_last;
-
- inline$_v1.Eval$0$anon3_LoopHead_last:
- goto inline$_v1.Eval$0$anon3_LoopDone, inline$_v1.Eval$0$anon3_LoopBody;
-
- inline$_v1.Eval$0$anon3_LoopBody:
- assume {:partition} inline$_v1.Eval$0$x > 0;
- _v1.control_flag := _v2.control_UIF(_v1.control_flag, 1);
- inline$_v1.Eval$0$result := inline$_v1.Eval$0$result + inline$_v1.Eval$0$x;
- inline$_v1.Eval$0$x := inline$_v1.Eval$0$x - 1;
- goto inline$_v1.Eval$0$anon3_LoopBody_dummy;
-
- inline$_v1.Eval$0$anon3_LoopBody_dummy:
- assume false;
- goto inline$_v1.Eval$0$Return;
-
- inline$_v1.Eval$0$anon3_LoopDone:
- assume {:partition} 0 >= inline$_v1.Eval$0$x;
- goto inline$_v1.Eval$0$anon2;
-
- inline$_v1.Eval$0$anon2:
- _v1.control_flag := _v2.control_UIF(_v1.control_flag, 2);
- goto inline$_v1.Eval$0$Return;
-
- inline$_v1.Eval$0$Return:
- assume true;
- assume true;
- assume true;
- assume true;
- _v1.result := inline$_v1.Eval$0$result;
- goto START$1;
-
- START$1:
- goto inline$_v2.Eval$0$Entry;
-
- inline$_v2.Eval$0$Entry:
- inline$_v2.Eval$0$x.1 := _v2.x;
- havoc inline$_v2.Eval$0$x, inline$_v2.Eval$0$result;
- inline$_v2.Eval$0$_v2.control_flag := _v2.control_flag;
- goto inline$_v2.Eval$0$anon0;
-
- inline$_v2.Eval$0$anon0:
- inline$_v2.Eval$0$x := inline$_v2.Eval$0$x.1;
- inline$_v2.Eval$0$result := 0;
- _v2.control_flag := 0;
- goto inline$_v2.Eval$0$anon3_LoopHead;
-
- inline$_v2.Eval$0$anon3_LoopHead:
- _v2.Eval_loop_anon3_LoopHead_in_2_0, _v2.Eval_loop_anon3_LoopHead_in_2_1, _v2.Eval_loop_anon3_LoopHead_in_2_2 := inline$_v2.Eval$0$result, inline$_v2.Eval$0$x, _v2.control_flag;
- call inline$_v2.Eval$0$result, inline$_v2.Eval$0$x := _v2.Eval_loop_anon3_LoopHead(inline$_v2.Eval$0$result, inline$_v2.Eval$0$x);
- _v2.Eval_loop_anon3_LoopHead_2_done := true;
- _v2.Eval_loop_anon3_LoopHead_out_2_0, _v2.Eval_loop_anon3_LoopHead_out_2_1, _v2.Eval_loop_anon3_LoopHead_out_2_2 := inline$_v2.Eval$0$result, inline$_v2.Eval$0$x, _v2.control_flag;
- goto inline$_v2.Eval$0$anon3_LoopHead_last;
-
- inline$_v2.Eval$0$anon3_LoopHead_last:
- goto inline$_v2.Eval$0$anon3_LoopDone, inline$_v2.Eval$0$anon3_LoopBody;
-
- inline$_v2.Eval$0$anon3_LoopBody:
- assume {:partition} inline$_v2.Eval$0$x > 0;
- _v2.control_flag := _v2.control_UIF(_v2.control_flag, 1);
- inline$_v2.Eval$0$result := inline$_v2.Eval$0$result + inline$_v2.Eval$0$x;
- inline$_v2.Eval$0$x := inline$_v2.Eval$0$x - 1;
- havoc inline$_v2.Eval$0$x;
- goto inline$_v2.Eval$0$anon3_LoopBody_dummy;
-
- inline$_v2.Eval$0$anon3_LoopBody_dummy:
- assume false;
- goto inline$_v2.Eval$0$Return;
-
- inline$_v2.Eval$0$anon3_LoopDone:
- assume {:partition} 0 >= inline$_v2.Eval$0$x;
- goto inline$_v2.Eval$0$anon2;
-
- inline$_v2.Eval$0$anon2:
- _v2.control_flag := _v2.control_UIF(_v2.control_flag, 2);
- goto inline$_v2.Eval$0$Return;
-
- inline$_v2.Eval$0$Return:
- assume true;
- assume true;
- assume true;
- assume true;
- _v2.result := inline$_v2.Eval$0$result;
- goto START$2;
-
- START$2:
- goto MS_L_0_0;
-
- MS_L_0_0:
- goto MS_L_taken_0, MS_L_not_taken_0;
-
- MS_L_taken_0:
- assume _v1.Eval_loop_anon3_LoopHead_1_done && _v2.Eval_loop_anon3_LoopHead_2_done;
- store__0__v1.control_flag := _v1.control_flag;
- store__0__v2.control_flag := _v2.control_flag;
- _v1.control_flag := _v1.Eval_loop_anon3_LoopHead_in_1_2;
- _v2.control_flag := _v2.Eval_loop_anon3_LoopHead_in_2_2;
- call out__v1.Eval_loop_anon3_LoopHead_out_1_0_0, out__v1.Eval_loop_anon3_LoopHead_out_1_1_0, out__v2.Eval_loop_anon3_LoopHead_out_2_0_0, out__v2.Eval_loop_anon3_LoopHead_out_2_1_0 := MS_Check__v1.Eval_loop_anon3_LoopHead___v2.Eval_loop_anon3_LoopHead(_v1.Eval_loop_anon3_LoopHead_in_1_0, _v1.Eval_loop_anon3_LoopHead_in_1_1, _v2.Eval_loop_anon3_LoopHead_in_2_0, _v2.Eval_loop_anon3_LoopHead_in_2_1);
- assume _v1.control_flag == _v1.Eval_loop_anon3_LoopHead_out_1_2;
- assume _v2.control_flag == _v2.Eval_loop_anon3_LoopHead_out_2_2;
- assume _v1.Eval_loop_anon3_LoopHead_out_1_0
- == out__v1.Eval_loop_anon3_LoopHead_out_1_0_0
- && _v1.Eval_loop_anon3_LoopHead_out_1_1
- == out__v1.Eval_loop_anon3_LoopHead_out_1_1_0
- && _v2.Eval_loop_anon3_LoopHead_out_2_0
- == out__v2.Eval_loop_anon3_LoopHead_out_2_0_0
- && _v2.Eval_loop_anon3_LoopHead_out_2_1
- == out__v2.Eval_loop_anon3_LoopHead_out_2_1_0;
- _v1.control_flag := store__0__v1.control_flag;
- _v2.control_flag := store__0__v2.control_flag;
- goto MS_L_meet_0;
-
- MS_L_not_taken_0:
- assume !(_v1.Eval_loop_anon3_LoopHead_1_done && _v2.Eval_loop_anon3_LoopHead_2_done);
- goto MS_L_meet_0;
-
- MS_L_meet_0:
- return;
-}
-
-
-
-function {:inline true} MS$_v1.Eval_loop_anon3_LoopHead$_v2.Eval_loop_anon3_LoopHead(_v1.in_result: int,
- _v1.in_x: int,
- _v1.control_flag_old: int,
- _v1.control_flag_: int,
- _v1.out_result: int,
- _v1.out_x: int,
- _v2.in_result: int,
- _v2.in_x: int,
- _v2.control_flag_old: int,
- _v2.control_flag_: int,
- _v2.out_result: int,
- _v2.out_x: int)
- : bool
-{
- true
-}
-
-const {:existential true} _houdini_Eval_loop_anon3_LoopHead_control_flag_2: bool;
-
-const {:existential true} _houdini_Eval_loop_anon3_LoopHead_out_result_3: bool;
-
-const {:existential true} _houdini_Eval_loop_anon3_LoopHead_out_x_4: bool;
-
-procedure MS_Check__v1.Eval_loop_anon3_LoopHead___v2.Eval_loop_anon3_LoopHead(_v1.in_result: int, _v1.in_x: int, _v2.in_result: int, _v2.in_x: int)
- returns (_v1.out_result: int, _v1.out_x: int, _v2.out_result: int, _v2.out_x: int);
- modifies _v1.control_flag, _v2.control_flag;
- ensures MS$_v1.Eval_loop_anon3_LoopHead$_v2.Eval_loop_anon3_LoopHead(_v1.in_result,
- _v1.in_x,
- old(_v1.control_flag),
- _v1.control_flag,
- _v1.out_result,
- _v1.out_x,
- _v2.in_result,
- _v2.in_x,
- old(_v2.control_flag),
- _v2.control_flag,
- _v2.out_result,
- _v2.out_x);
- ensures _houdini_Eval_loop_anon3_LoopHead_control_flag_2
- ==>
- old(_v1.control_flag == _v2.control_flag && _v1.in_x == _v2.in_x)
- ==> _v1.control_flag == _v2.control_flag;
- ensures _houdini_Eval_loop_anon3_LoopHead_out_result_3
- ==>
- old(_v1.in_result == _v2.in_result && _v1.in_x == _v2.in_x)
- ==> _v1.out_result == _v2.out_result;
- ensures _houdini_Eval_loop_anon3_LoopHead_out_x_4
- ==>
- old(_v1.in_x == _v2.in_x)
- ==> _v1.out_x == _v2.out_x;
-
-
-
-implementation MS_Check__v1.Eval_loop_anon3_LoopHead___v2.Eval_loop_anon3_LoopHead(_v1.in_result: int, _v1.in_x: int, _v2.in_result: int, _v2.in_x: int)
- returns (_v1.out_result: int, _v1.out_x: int, _v2.out_result: int, _v2.out_x: int)
-{
- var inline$_v1.Eval_loop_anon3_LoopHead$0$in_result: int;
- var inline$_v1.Eval_loop_anon3_LoopHead$0$in_x: int;
- var inline$_v1.Eval_loop_anon3_LoopHead$0$out_result: int;
- var inline$_v1.Eval_loop_anon3_LoopHead$0$out_x: int;
- var inline$_v1.Eval_loop_anon3_LoopHead$0$_v1.control_flag: int;
- var inline$_v2.Eval_loop_anon3_LoopHead$0$in_result: int;
- var inline$_v2.Eval_loop_anon3_LoopHead$0$in_x: int;
- var inline$_v2.Eval_loop_anon3_LoopHead$0$out_result: int;
- var inline$_v2.Eval_loop_anon3_LoopHead$0$out_x: int;
- var inline$_v2.Eval_loop_anon3_LoopHead$0$_v2.control_flag: int;
- var _v1.Eval_loop_anon3_LoopHead_1_done: bool;
- var _v1.Eval_loop_anon3_LoopHead_in_1_0: int;
- var _v1.Eval_loop_anon3_LoopHead_in_1_1: int;
- var _v1.Eval_loop_anon3_LoopHead_in_1_2: int;
- var _v1.Eval_loop_anon3_LoopHead_out_1_0: int;
- var _v1.Eval_loop_anon3_LoopHead_out_1_1: int;
- var _v1.Eval_loop_anon3_LoopHead_out_1_2: int;
- var _v2.Eval_loop_anon3_LoopHead_2_done: bool;
- var _v2.Eval_loop_anon3_LoopHead_in_2_0: int;
- var _v2.Eval_loop_anon3_LoopHead_in_2_1: int;
- var _v2.Eval_loop_anon3_LoopHead_in_2_2: int;
- var _v2.Eval_loop_anon3_LoopHead_out_2_0: int;
- var _v2.Eval_loop_anon3_LoopHead_out_2_1: int;
- var _v2.Eval_loop_anon3_LoopHead_out_2_2: int;
- var store__0__v1.control_flag: int;
- var store__0__v2.control_flag: int;
- var out__v1.Eval_loop_anon3_LoopHead_out_1_0_0: int;
- var out__v1.Eval_loop_anon3_LoopHead_out_1_1_0: int;
- var out__v2.Eval_loop_anon3_LoopHead_out_2_0_0: int;
- var out__v2.Eval_loop_anon3_LoopHead_out_2_1_0: int;
-
- START:
- _v1.Eval_loop_anon3_LoopHead_1_done, _v2.Eval_loop_anon3_LoopHead_2_done := false, false;
- goto inline$_v1.Eval_loop_anon3_LoopHead$0$Entry;
-
- inline$_v1.Eval_loop_anon3_LoopHead$0$Entry:
- inline$_v1.Eval_loop_anon3_LoopHead$0$in_result := _v1.in_result;
- inline$_v1.Eval_loop_anon3_LoopHead$0$in_x := _v1.in_x;
- havoc inline$_v1.Eval_loop_anon3_LoopHead$0$out_result, inline$_v1.Eval_loop_anon3_LoopHead$0$out_x;
- inline$_v1.Eval_loop_anon3_LoopHead$0$_v1.control_flag := _v1.control_flag;
- goto inline$_v1.Eval_loop_anon3_LoopHead$0$entry;
-
- inline$_v1.Eval_loop_anon3_LoopHead$0$entry:
- inline$_v1.Eval_loop_anon3_LoopHead$0$out_result, inline$_v1.Eval_loop_anon3_LoopHead$0$out_x := inline$_v1.Eval_loop_anon3_LoopHead$0$in_result, inline$_v1.Eval_loop_anon3_LoopHead$0$in_x;
- goto inline$_v1.Eval_loop_anon3_LoopHead$0$anon3_LoopHead;
-
- inline$_v1.Eval_loop_anon3_LoopHead$0$anon3_LoopHead:
- goto inline$_v1.Eval_loop_anon3_LoopHead$0$anon3_LoopDone, inline$_v1.Eval_loop_anon3_LoopHead$0$anon3_LoopBody;
-
- inline$_v1.Eval_loop_anon3_LoopHead$0$anon3_LoopBody:
- assume {:partition} inline$_v1.Eval_loop_anon3_LoopHead$0$out_x > 0;
- _v1.control_flag := _v2.control_UIF(_v1.control_flag, 1);
- inline$_v1.Eval_loop_anon3_LoopHead$0$out_result := inline$_v1.Eval_loop_anon3_LoopHead$0$out_result
- + inline$_v1.Eval_loop_anon3_LoopHead$0$out_x;
- inline$_v1.Eval_loop_anon3_LoopHead$0$out_x := inline$_v1.Eval_loop_anon3_LoopHead$0$out_x - 1;
- goto inline$_v1.Eval_loop_anon3_LoopHead$0$anon3_LoopBody_dummy;
-
- inline$_v1.Eval_loop_anon3_LoopHead$0$anon3_LoopBody_dummy:
- _v1.Eval_loop_anon3_LoopHead_in_1_0, _v1.Eval_loop_anon3_LoopHead_in_1_1, _v1.Eval_loop_anon3_LoopHead_in_1_2 := inline$_v1.Eval_loop_anon3_LoopHead$0$out_result, inline$_v1.Eval_loop_anon3_LoopHead$0$out_x, _v1.control_flag;
- call inline$_v1.Eval_loop_anon3_LoopHead$0$out_result, inline$_v1.Eval_loop_anon3_LoopHead$0$out_x := _v1.Eval_loop_anon3_LoopHead(inline$_v1.Eval_loop_anon3_LoopHead$0$out_result, inline$_v1.Eval_loop_anon3_LoopHead$0$out_x);
- _v1.Eval_loop_anon3_LoopHead_1_done := true;
- _v1.Eval_loop_anon3_LoopHead_out_1_0, _v1.Eval_loop_anon3_LoopHead_out_1_1, _v1.Eval_loop_anon3_LoopHead_out_1_2 := inline$_v1.Eval_loop_anon3_LoopHead$0$out_result, inline$_v1.Eval_loop_anon3_LoopHead$0$out_x, _v1.control_flag;
- goto inline$_v1.Eval_loop_anon3_LoopHead$0$Return;
-
- inline$_v1.Eval_loop_anon3_LoopHead$0$anon3_LoopDone:
- assume {:partition} 0 >= inline$_v1.Eval_loop_anon3_LoopHead$0$out_x;
- inline$_v1.Eval_loop_anon3_LoopHead$0$out_result, inline$_v1.Eval_loop_anon3_LoopHead$0$out_x := inline$_v1.Eval_loop_anon3_LoopHead$0$in_result, inline$_v1.Eval_loop_anon3_LoopHead$0$in_x;
- _v1.control_flag := inline$_v1.Eval_loop_anon3_LoopHead$0$_v1.control_flag;
- goto inline$_v1.Eval_loop_anon3_LoopHead$0$Return;
-
- inline$_v1.Eval_loop_anon3_LoopHead$0$Return:
- assume true;
- assume true;
- assume true;
- assume true;
- assume true;
- assume true;
- _v1.out_result := inline$_v1.Eval_loop_anon3_LoopHead$0$out_result;
- _v1.out_x := inline$_v1.Eval_loop_anon3_LoopHead$0$out_x;
- goto START$1;
-
- START$1:
- goto inline$_v2.Eval_loop_anon3_LoopHead$0$Entry;
-
- inline$_v2.Eval_loop_anon3_LoopHead$0$Entry:
- inline$_v2.Eval_loop_anon3_LoopHead$0$in_result := _v2.in_result;
- inline$_v2.Eval_loop_anon3_LoopHead$0$in_x := _v2.in_x;
- havoc inline$_v2.Eval_loop_anon3_LoopHead$0$out_result, inline$_v2.Eval_loop_anon3_LoopHead$0$out_x;
- inline$_v2.Eval_loop_anon3_LoopHead$0$_v2.control_flag := _v2.control_flag;
- goto inline$_v2.Eval_loop_anon3_LoopHead$0$entry;
-
- inline$_v2.Eval_loop_anon3_LoopHead$0$entry:
- inline$_v2.Eval_loop_anon3_LoopHead$0$out_result, inline$_v2.Eval_loop_anon3_LoopHead$0$out_x := inline$_v2.Eval_loop_anon3_LoopHead$0$in_result, inline$_v2.Eval_loop_anon3_LoopHead$0$in_x;
- goto inline$_v2.Eval_loop_anon3_LoopHead$0$anon3_LoopHead;
-
- inline$_v2.Eval_loop_anon3_LoopHead$0$anon3_LoopHead:
- goto inline$_v2.Eval_loop_anon3_LoopHead$0$anon3_LoopDone, inline$_v2.Eval_loop_anon3_LoopHead$0$anon3_LoopBody;
-
- inline$_v2.Eval_loop_anon3_LoopHead$0$anon3_LoopBody:
- assume {:partition} inline$_v2.Eval_loop_anon3_LoopHead$0$out_x > 0;
- _v2.control_flag := _v2.control_UIF(_v2.control_flag, 1);
- inline$_v2.Eval_loop_anon3_LoopHead$0$out_result := inline$_v2.Eval_loop_anon3_LoopHead$0$out_result
- + inline$_v2.Eval_loop_anon3_LoopHead$0$out_x;
- inline$_v2.Eval_loop_anon3_LoopHead$0$out_x := inline$_v2.Eval_loop_anon3_LoopHead$0$out_x - 1;
- havoc inline$_v2.Eval_loop_anon3_LoopHead$0$out_x;
- goto inline$_v2.Eval_loop_anon3_LoopHead$0$anon3_LoopBody_dummy;
-
- inline$_v2.Eval_loop_anon3_LoopHead$0$anon3_LoopBody_dummy:
- _v2.Eval_loop_anon3_LoopHead_in_2_0, _v2.Eval_loop_anon3_LoopHead_in_2_1, _v2.Eval_loop_anon3_LoopHead_in_2_2 := inline$_v2.Eval_loop_anon3_LoopHead$0$out_result, inline$_v2.Eval_loop_anon3_LoopHead$0$out_x, _v2.control_flag;
- call inline$_v2.Eval_loop_anon3_LoopHead$0$out_result, inline$_v2.Eval_loop_anon3_LoopHead$0$out_x := _v2.Eval_loop_anon3_LoopHead(inline$_v2.Eval_loop_anon3_LoopHead$0$out_result, inline$_v2.Eval_loop_anon3_LoopHead$0$out_x);
- _v2.Eval_loop_anon3_LoopHead_2_done := true;
- _v2.Eval_loop_anon3_LoopHead_out_2_0, _v2.Eval_loop_anon3_LoopHead_out_2_1, _v2.Eval_loop_anon3_LoopHead_out_2_2 := inline$_v2.Eval_loop_anon3_LoopHead$0$out_result, inline$_v2.Eval_loop_anon3_LoopHead$0$out_x, _v2.control_flag;
- goto inline$_v2.Eval_loop_anon3_LoopHead$0$Return;
-
- inline$_v2.Eval_loop_anon3_LoopHead$0$anon3_LoopDone:
- assume {:partition} 0 >= inline$_v2.Eval_loop_anon3_LoopHead$0$out_x;
- inline$_v2.Eval_loop_anon3_LoopHead$0$out_result, inline$_v2.Eval_loop_anon3_LoopHead$0$out_x := inline$_v2.Eval_loop_anon3_LoopHead$0$in_result, inline$_v2.Eval_loop_anon3_LoopHead$0$in_x;
- _v2.control_flag := inline$_v2.Eval_loop_anon3_LoopHead$0$_v2.control_flag;
- goto inline$_v2.Eval_loop_anon3_LoopHead$0$Return;
-
- inline$_v2.Eval_loop_anon3_LoopHead$0$Return:
- assume true;
- assume true;
- assume true;
- assume true;
- assume true;
- assume true;
- _v2.out_result := inline$_v2.Eval_loop_anon3_LoopHead$0$out_result;
- _v2.out_x := inline$_v2.Eval_loop_anon3_LoopHead$0$out_x;
- goto START$2;
-
- START$2:
- goto MS_L_0_0;
-
- MS_L_0_0:
- goto MS_L_taken_0, MS_L_not_taken_0;
-
- MS_L_taken_0:
- assume _v1.Eval_loop_anon3_LoopHead_1_done && _v2.Eval_loop_anon3_LoopHead_2_done;
- store__0__v1.control_flag := _v1.control_flag;
- store__0__v2.control_flag := _v2.control_flag;
- _v1.control_flag := _v1.Eval_loop_anon3_LoopHead_in_1_2;
- _v2.control_flag := _v2.Eval_loop_anon3_LoopHead_in_2_2;
- call out__v1.Eval_loop_anon3_LoopHead_out_1_0_0, out__v1.Eval_loop_anon3_LoopHead_out_1_1_0, out__v2.Eval_loop_anon3_LoopHead_out_2_0_0, out__v2.Eval_loop_anon3_LoopHead_out_2_1_0 := MS_Check__v1.Eval_loop_anon3_LoopHead___v2.Eval_loop_anon3_LoopHead(_v1.Eval_loop_anon3_LoopHead_in_1_0, _v1.Eval_loop_anon3_LoopHead_in_1_1, _v2.Eval_loop_anon3_LoopHead_in_2_0, _v2.Eval_loop_anon3_LoopHead_in_2_1);
- assume _v1.control_flag == _v1.Eval_loop_anon3_LoopHead_out_1_2;
- assume _v2.control_flag == _v2.Eval_loop_anon3_LoopHead_out_2_2;
- assume _v1.Eval_loop_anon3_LoopHead_out_1_0
- == out__v1.Eval_loop_anon3_LoopHead_out_1_0_0
- && _v1.Eval_loop_anon3_LoopHead_out_1_1
- == out__v1.Eval_loop_anon3_LoopHead_out_1_1_0
- && _v2.Eval_loop_anon3_LoopHead_out_2_0
- == out__v2.Eval_loop_anon3_LoopHead_out_2_0_0
- && _v2.Eval_loop_anon3_LoopHead_out_2_1
- == out__v2.Eval_loop_anon3_LoopHead_out_2_1_0;
- _v1.control_flag := store__0__v1.control_flag;
- _v2.control_flag := store__0__v2.control_flag;
- goto MS_L_meet_0;
-
- MS_L_not_taken_0:
- assume !(_v1.Eval_loop_anon3_LoopHead_1_done && _v2.Eval_loop_anon3_LoopHead_2_done);
- goto MS_L_meet_0;
-
- MS_L_meet_0:
- return;
-}
-
-
+// RUN: %boogie /nologo /contractInfer /inlineDepth:1 /printAssignment /noinfer "%s" > "%t"
+// RUN: %diff "%s.expect" "%t"
+
+var _v2.control_flag: int;
+
+function _v2.control_UIF(arg_0: int, arg_1: int) : int;
+
+procedure _v2.Eval(x: int) returns (result: int);
+ modifies _v2.control_flag;
+ free ensures {:io_dependency "control_flag", "control_flag", "x"} true;
+ free ensures {:io_dependency "result", "x"} true;
+ free ensures {:io_dependency "control_flag", "control_flag", "x"} true;
+ free ensures {:io_dependency "result", "x"} true;
+
+
+
+procedure _v2.Eval_loop_anon3_LoopHead(in_result: int, in_x: int) returns (out_result: int, out_x: int);
+ modifies _v2.control_flag;
+ free ensures {:io_dependency "control_flag", "control_flag", "in_x"} true;
+ free ensures {:io_dependency "out_result", "in_result", "in_x"} true;
+ free ensures {:io_dependency "out_x", "in_x"} true;
+ free ensures {:io_dependency "control_flag", "control_flag", "in_x"} true;
+ free ensures {:io_dependency "out_result", "in_result", "in_x"} true;
+ free ensures {:io_dependency "out_x", "in_x"} true;
+
+
+
+implementation _v2.Eval(x.1: int) returns (result: int)
+{
+ var x: int;
+
+ anon0:
+ x := x.1;
+ result := 0;
+ _v2.control_flag := 0;
+ goto anon3_LoopHead;
+
+ anon3_LoopHead:
+ call result, x := _v2.Eval_loop_anon3_LoopHead(result, x);
+ goto anon3_LoopHead_last;
+
+ anon3_LoopHead_last:
+ goto anon3_LoopDone, anon3_LoopBody;
+
+ anon3_LoopBody:
+ assume {:partition} x > 0;
+ _v2.control_flag := _v2.control_UIF(_v2.control_flag, 1);
+ result := result + x;
+ x := x - 1;
+ havoc x;
+ goto anon3_LoopBody_dummy;
+
+ anon3_LoopBody_dummy:
+ assume false;
+ return;
+
+ anon3_LoopDone:
+ assume {:partition} 0 >= x;
+ goto anon2;
+
+ anon2:
+ _v2.control_flag := _v2.control_UIF(_v2.control_flag, 2);
+ return;
+}
+
+
+
+implementation _v2.Eval_loop_anon3_LoopHead(in_result: int, in_x: int) returns (out_result: int, out_x: int)
+{
+
+ entry:
+ out_result, out_x := in_result, in_x;
+ goto anon3_LoopHead;
+
+ anon3_LoopHead:
+ goto anon3_LoopDone, anon3_LoopBody;
+
+ anon3_LoopBody:
+ assume {:partition} out_x > 0;
+ _v2.control_flag := _v2.control_UIF(_v2.control_flag, 1);
+ out_result := out_result + out_x;
+ out_x := out_x - 1;
+ havoc out_x;
+ goto anon3_LoopBody_dummy;
+
+ anon3_LoopBody_dummy:
+ call out_result, out_x := _v2.Eval_loop_anon3_LoopHead(out_result, out_x);
+ return;
+
+ anon3_LoopDone:
+ assume {:partition} 0 >= out_x;
+ out_result, out_x := in_result, in_x;
+ _v2.control_flag := old(_v2.control_flag);
+ return;
+}
+
+
+
+var _v1.control_flag: int;
+
+procedure _v1.Eval(x: int) returns (result: int);
+ modifies _v1.control_flag;
+ free ensures {:io_dependency "control_flag", "control_flag", "x"} true;
+ free ensures {:io_dependency "result", "x"} true;
+ free ensures {:io_dependency "control_flag", "control_flag", "x"} true;
+ free ensures {:io_dependency "result", "x"} true;
+
+
+
+procedure _v1.Eval_loop_anon3_LoopHead(in_result: int, in_x: int) returns (out_result: int, out_x: int);
+ modifies _v1.control_flag;
+ free ensures {:io_dependency "control_flag", "control_flag", "in_x"} true;
+ free ensures {:io_dependency "out_result", "in_result", "in_x"} true;
+ free ensures {:io_dependency "out_x", "in_x"} true;
+ free ensures {:io_dependency "control_flag", "control_flag", "in_x"} true;
+ free ensures {:io_dependency "out_result", "in_result", "in_x"} true;
+ free ensures {:io_dependency "out_x", "in_x"} true;
+
+
+
+implementation _v1.Eval(x.1: int) returns (result: int)
+{
+ var x: int;
+
+ anon0:
+ x := x.1;
+ result := 0;
+ _v1.control_flag := 0;
+ goto anon3_LoopHead;
+
+ anon3_LoopHead:
+ call result, x := _v1.Eval_loop_anon3_LoopHead(result, x);
+ goto anon3_LoopHead_last;
+
+ anon3_LoopHead_last:
+ goto anon3_LoopDone, anon3_LoopBody;
+
+ anon3_LoopBody:
+ assume {:partition} x > 0;
+ _v1.control_flag := _v2.control_UIF(_v1.control_flag, 1);
+ result := result + x;
+ x := x - 1;
+ goto anon3_LoopBody_dummy;
+
+ anon3_LoopBody_dummy:
+ assume false;
+ return;
+
+ anon3_LoopDone:
+ assume {:partition} 0 >= x;
+ goto anon2;
+
+ anon2:
+ _v1.control_flag := _v2.control_UIF(_v1.control_flag, 2);
+ return;
+}
+
+
+
+implementation _v1.Eval_loop_anon3_LoopHead(in_result: int, in_x: int) returns (out_result: int, out_x: int)
+{
+
+ entry:
+ out_result, out_x := in_result, in_x;
+ goto anon3_LoopHead;
+
+ anon3_LoopHead:
+ goto anon3_LoopDone, anon3_LoopBody;
+
+ anon3_LoopBody:
+ assume {:partition} out_x > 0;
+ _v1.control_flag := _v2.control_UIF(_v1.control_flag, 1);
+ out_result := out_result + out_x;
+ out_x := out_x - 1;
+ goto anon3_LoopBody_dummy;
+
+ anon3_LoopBody_dummy:
+ call out_result, out_x := _v1.Eval_loop_anon3_LoopHead(out_result, out_x);
+ return;
+
+ anon3_LoopDone:
+ assume {:partition} 0 >= out_x;
+ out_result, out_x := in_result, in_x;
+ _v1.control_flag := old(_v1.control_flag);
+ return;
+}
+
+
+
+function {:inline true} MS$_v1.Eval$_v2.Eval(_v1.x: int,
+ _v1.control_flag_old: int,
+ _v1.control_flag_: int,
+ _v1.result: int,
+ _v2.x: int,
+ _v2.control_flag_old: int,
+ _v2.control_flag_: int,
+ _v2.result: int)
+ : bool
+{
+ true
+}
+
+const {:existential true} _houdini_Eval_control_flag_0: bool;
+
+const {:existential true} _houdini_Eval_result_1: bool;
+
+procedure MS_Check__v1.Eval___v2.Eval(_v1.x: int, _v2.x: int) returns (_v1.result: int, _v2.result: int);
+ modifies _v1.control_flag, _v2.control_flag;
+ ensures MS$_v1.Eval$_v2.Eval(_v1.x,
+ old(_v1.control_flag),
+ _v1.control_flag,
+ _v1.result,
+ _v2.x,
+ old(_v2.control_flag),
+ _v2.control_flag,
+ _v2.result);
+ ensures _houdini_Eval_control_flag_0
+ ==>
+ old(_v1.control_flag == _v2.control_flag && _v1.x == _v2.x)
+ ==> _v1.control_flag == _v2.control_flag;
+ ensures _houdini_Eval_result_1 ==> old(_v1.x == _v2.x) ==> _v1.result == _v2.result;
+
+
+
+implementation MS_Check__v1.Eval___v2.Eval(_v1.x: int, _v2.x: int) returns (_v1.result: int, _v2.result: int)
+{
+ var inline$_v1.Eval$0$x: int;
+ var inline$_v1.Eval$0$x.1: int;
+ var inline$_v1.Eval$0$result: int;
+ var inline$_v1.Eval$0$_v1.control_flag: int;
+ var inline$_v2.Eval$0$x: int;
+ var inline$_v2.Eval$0$x.1: int;
+ var inline$_v2.Eval$0$result: int;
+ var inline$_v2.Eval$0$_v2.control_flag: int;
+ var _v1.Eval_loop_anon3_LoopHead_1_done: bool;
+ var _v1.Eval_loop_anon3_LoopHead_in_1_0: int;
+ var _v1.Eval_loop_anon3_LoopHead_in_1_1: int;
+ var _v1.Eval_loop_anon3_LoopHead_in_1_2: int;
+ var _v1.Eval_loop_anon3_LoopHead_out_1_0: int;
+ var _v1.Eval_loop_anon3_LoopHead_out_1_1: int;
+ var _v1.Eval_loop_anon3_LoopHead_out_1_2: int;
+ var _v2.Eval_loop_anon3_LoopHead_2_done: bool;
+ var _v2.Eval_loop_anon3_LoopHead_in_2_0: int;
+ var _v2.Eval_loop_anon3_LoopHead_in_2_1: int;
+ var _v2.Eval_loop_anon3_LoopHead_in_2_2: int;
+ var _v2.Eval_loop_anon3_LoopHead_out_2_0: int;
+ var _v2.Eval_loop_anon3_LoopHead_out_2_1: int;
+ var _v2.Eval_loop_anon3_LoopHead_out_2_2: int;
+ var store__0__v1.control_flag: int;
+ var store__0__v2.control_flag: int;
+ var out__v1.Eval_loop_anon3_LoopHead_out_1_0_0: int;
+ var out__v1.Eval_loop_anon3_LoopHead_out_1_1_0: int;
+ var out__v2.Eval_loop_anon3_LoopHead_out_2_0_0: int;
+ var out__v2.Eval_loop_anon3_LoopHead_out_2_1_0: int;
+
+ START:
+ _v1.Eval_loop_anon3_LoopHead_1_done, _v2.Eval_loop_anon3_LoopHead_2_done := false, false;
+ goto inline$_v1.Eval$0$Entry;
+
+ inline$_v1.Eval$0$Entry:
+ inline$_v1.Eval$0$x.1 := _v1.x;
+ havoc inline$_v1.Eval$0$x, inline$_v1.Eval$0$result;
+ inline$_v1.Eval$0$_v1.control_flag := _v1.control_flag;
+ goto inline$_v1.Eval$0$anon0;
+
+ inline$_v1.Eval$0$anon0:
+ inline$_v1.Eval$0$x := inline$_v1.Eval$0$x.1;
+ inline$_v1.Eval$0$result := 0;
+ _v1.control_flag := 0;
+ goto inline$_v1.Eval$0$anon3_LoopHead;
+
+ inline$_v1.Eval$0$anon3_LoopHead:
+ _v1.Eval_loop_anon3_LoopHead_in_1_0, _v1.Eval_loop_anon3_LoopHead_in_1_1, _v1.Eval_loop_anon3_LoopHead_in_1_2 := inline$_v1.Eval$0$result, inline$_v1.Eval$0$x, _v1.control_flag;
+ call inline$_v1.Eval$0$result, inline$_v1.Eval$0$x := _v1.Eval_loop_anon3_LoopHead(inline$_v1.Eval$0$result, inline$_v1.Eval$0$x);
+ _v1.Eval_loop_anon3_LoopHead_1_done := true;
+ _v1.Eval_loop_anon3_LoopHead_out_1_0, _v1.Eval_loop_anon3_LoopHead_out_1_1, _v1.Eval_loop_anon3_LoopHead_out_1_2 := inline$_v1.Eval$0$result, inline$_v1.Eval$0$x, _v1.control_flag;
+ goto inline$_v1.Eval$0$anon3_LoopHead_last;
+
+ inline$_v1.Eval$0$anon3_LoopHead_last:
+ goto inline$_v1.Eval$0$anon3_LoopDone, inline$_v1.Eval$0$anon3_LoopBody;
+
+ inline$_v1.Eval$0$anon3_LoopBody:
+ assume {:partition} inline$_v1.Eval$0$x > 0;
+ _v1.control_flag := _v2.control_UIF(_v1.control_flag, 1);
+ inline$_v1.Eval$0$result := inline$_v1.Eval$0$result + inline$_v1.Eval$0$x;
+ inline$_v1.Eval$0$x := inline$_v1.Eval$0$x - 1;
+ goto inline$_v1.Eval$0$anon3_LoopBody_dummy;
+
+ inline$_v1.Eval$0$anon3_LoopBody_dummy:
+ assume false;
+ goto inline$_v1.Eval$0$Return;
+
+ inline$_v1.Eval$0$anon3_LoopDone:
+ assume {:partition} 0 >= inline$_v1.Eval$0$x;
+ goto inline$_v1.Eval$0$anon2;
+
+ inline$_v1.Eval$0$anon2:
+ _v1.control_flag := _v2.control_UIF(_v1.control_flag, 2);
+ goto inline$_v1.Eval$0$Return;
+
+ inline$_v1.Eval$0$Return:
+ assume true;
+ assume true;
+ assume true;
+ assume true;
+ _v1.result := inline$_v1.Eval$0$result;
+ goto START$1;
+
+ START$1:
+ goto inline$_v2.Eval$0$Entry;
+
+ inline$_v2.Eval$0$Entry:
+ inline$_v2.Eval$0$x.1 := _v2.x;
+ havoc inline$_v2.Eval$0$x, inline$_v2.Eval$0$result;
+ inline$_v2.Eval$0$_v2.control_flag := _v2.control_flag;
+ goto inline$_v2.Eval$0$anon0;
+
+ inline$_v2.Eval$0$anon0:
+ inline$_v2.Eval$0$x := inline$_v2.Eval$0$x.1;
+ inline$_v2.Eval$0$result := 0;
+ _v2.control_flag := 0;
+ goto inline$_v2.Eval$0$anon3_LoopHead;
+
+ inline$_v2.Eval$0$anon3_LoopHead:
+ _v2.Eval_loop_anon3_LoopHead_in_2_0, _v2.Eval_loop_anon3_LoopHead_in_2_1, _v2.Eval_loop_anon3_LoopHead_in_2_2 := inline$_v2.Eval$0$result, inline$_v2.Eval$0$x, _v2.control_flag;
+ call inline$_v2.Eval$0$result, inline$_v2.Eval$0$x := _v2.Eval_loop_anon3_LoopHead(inline$_v2.Eval$0$result, inline$_v2.Eval$0$x);
+ _v2.Eval_loop_anon3_LoopHead_2_done := true;
+ _v2.Eval_loop_anon3_LoopHead_out_2_0, _v2.Eval_loop_anon3_LoopHead_out_2_1, _v2.Eval_loop_anon3_LoopHead_out_2_2 := inline$_v2.Eval$0$result, inline$_v2.Eval$0$x, _v2.control_flag;
+ goto inline$_v2.Eval$0$anon3_LoopHead_last;
+
+ inline$_v2.Eval$0$anon3_LoopHead_last:
+ goto inline$_v2.Eval$0$anon3_LoopDone, inline$_v2.Eval$0$anon3_LoopBody;
+
+ inline$_v2.Eval$0$anon3_LoopBody:
+ assume {:partition} inline$_v2.Eval$0$x > 0;
+ _v2.control_flag := _v2.control_UIF(_v2.control_flag, 1);
+ inline$_v2.Eval$0$result := inline$_v2.Eval$0$result + inline$_v2.Eval$0$x;
+ inline$_v2.Eval$0$x := inline$_v2.Eval$0$x - 1;
+ havoc inline$_v2.Eval$0$x;
+ goto inline$_v2.Eval$0$anon3_LoopBody_dummy;
+
+ inline$_v2.Eval$0$anon3_LoopBody_dummy:
+ assume false;
+ goto inline$_v2.Eval$0$Return;
+
+ inline$_v2.Eval$0$anon3_LoopDone:
+ assume {:partition} 0 >= inline$_v2.Eval$0$x;
+ goto inline$_v2.Eval$0$anon2;
+
+ inline$_v2.Eval$0$anon2:
+ _v2.control_flag := _v2.control_UIF(_v2.control_flag, 2);
+ goto inline$_v2.Eval$0$Return;
+
+ inline$_v2.Eval$0$Return:
+ assume true;
+ assume true;
+ assume true;
+ assume true;
+ _v2.result := inline$_v2.Eval$0$result;
+ goto START$2;
+
+ START$2:
+ goto MS_L_0_0;
+
+ MS_L_0_0:
+ goto MS_L_taken_0, MS_L_not_taken_0;
+
+ MS_L_taken_0:
+ assume _v1.Eval_loop_anon3_LoopHead_1_done && _v2.Eval_loop_anon3_LoopHead_2_done;
+ store__0__v1.control_flag := _v1.control_flag;
+ store__0__v2.control_flag := _v2.control_flag;
+ _v1.control_flag := _v1.Eval_loop_anon3_LoopHead_in_1_2;
+ _v2.control_flag := _v2.Eval_loop_anon3_LoopHead_in_2_2;
+ call out__v1.Eval_loop_anon3_LoopHead_out_1_0_0, out__v1.Eval_loop_anon3_LoopHead_out_1_1_0, out__v2.Eval_loop_anon3_LoopHead_out_2_0_0, out__v2.Eval_loop_anon3_LoopHead_out_2_1_0 := MS_Check__v1.Eval_loop_anon3_LoopHead___v2.Eval_loop_anon3_LoopHead(_v1.Eval_loop_anon3_LoopHead_in_1_0, _v1.Eval_loop_anon3_LoopHead_in_1_1, _v2.Eval_loop_anon3_LoopHead_in_2_0, _v2.Eval_loop_anon3_LoopHead_in_2_1);
+ assume _v1.control_flag == _v1.Eval_loop_anon3_LoopHead_out_1_2;
+ assume _v2.control_flag == _v2.Eval_loop_anon3_LoopHead_out_2_2;
+ assume _v1.Eval_loop_anon3_LoopHead_out_1_0
+ == out__v1.Eval_loop_anon3_LoopHead_out_1_0_0
+ && _v1.Eval_loop_anon3_LoopHead_out_1_1
+ == out__v1.Eval_loop_anon3_LoopHead_out_1_1_0
+ && _v2.Eval_loop_anon3_LoopHead_out_2_0
+ == out__v2.Eval_loop_anon3_LoopHead_out_2_0_0
+ && _v2.Eval_loop_anon3_LoopHead_out_2_1
+ == out__v2.Eval_loop_anon3_LoopHead_out_2_1_0;
+ _v1.control_flag := store__0__v1.control_flag;
+ _v2.control_flag := store__0__v2.control_flag;
+ goto MS_L_meet_0;
+
+ MS_L_not_taken_0:
+ assume !(_v1.Eval_loop_anon3_LoopHead_1_done && _v2.Eval_loop_anon3_LoopHead_2_done);
+ goto MS_L_meet_0;
+
+ MS_L_meet_0:
+ return;
+}
+
+
+
+function {:inline true} MS$_v1.Eval_loop_anon3_LoopHead$_v2.Eval_loop_anon3_LoopHead(_v1.in_result: int,
+ _v1.in_x: int,
+ _v1.control_flag_old: int,
+ _v1.control_flag_: int,
+ _v1.out_result: int,
+ _v1.out_x: int,
+ _v2.in_result: int,
+ _v2.in_x: int,
+ _v2.control_flag_old: int,
+ _v2.control_flag_: int,
+ _v2.out_result: int,
+ _v2.out_x: int)
+ : bool
+{
+ true
+}
+
+const {:existential true} _houdini_Eval_loop_anon3_LoopHead_control_flag_2: bool;
+
+const {:existential true} _houdini_Eval_loop_anon3_LoopHead_out_result_3: bool;
+
+const {:existential true} _houdini_Eval_loop_anon3_LoopHead_out_x_4: bool;
+
+procedure MS_Check__v1.Eval_loop_anon3_LoopHead___v2.Eval_loop_anon3_LoopHead(_v1.in_result: int, _v1.in_x: int, _v2.in_result: int, _v2.in_x: int)
+ returns (_v1.out_result: int, _v1.out_x: int, _v2.out_result: int, _v2.out_x: int);
+ modifies _v1.control_flag, _v2.control_flag;
+ ensures MS$_v1.Eval_loop_anon3_LoopHead$_v2.Eval_loop_anon3_LoopHead(_v1.in_result,
+ _v1.in_x,
+ old(_v1.control_flag),
+ _v1.control_flag,
+ _v1.out_result,
+ _v1.out_x,
+ _v2.in_result,
+ _v2.in_x,
+ old(_v2.control_flag),
+ _v2.control_flag,
+ _v2.out_result,
+ _v2.out_x);
+ ensures _houdini_Eval_loop_anon3_LoopHead_control_flag_2
+ ==>
+ old(_v1.control_flag == _v2.control_flag && _v1.in_x == _v2.in_x)
+ ==> _v1.control_flag == _v2.control_flag;
+ ensures _houdini_Eval_loop_anon3_LoopHead_out_result_3
+ ==>
+ old(_v1.in_result == _v2.in_result && _v1.in_x == _v2.in_x)
+ ==> _v1.out_result == _v2.out_result;
+ ensures _houdini_Eval_loop_anon3_LoopHead_out_x_4
+ ==>
+ old(_v1.in_x == _v2.in_x)
+ ==> _v1.out_x == _v2.out_x;
+
+
+
+implementation MS_Check__v1.Eval_loop_anon3_LoopHead___v2.Eval_loop_anon3_LoopHead(_v1.in_result: int, _v1.in_x: int, _v2.in_result: int, _v2.in_x: int)
+ returns (_v1.out_result: int, _v1.out_x: int, _v2.out_result: int, _v2.out_x: int)
+{
+ var inline$_v1.Eval_loop_anon3_LoopHead$0$in_result: int;
+ var inline$_v1.Eval_loop_anon3_LoopHead$0$in_x: int;
+ var inline$_v1.Eval_loop_anon3_LoopHead$0$out_result: int;
+ var inline$_v1.Eval_loop_anon3_LoopHead$0$out_x: int;
+ var inline$_v1.Eval_loop_anon3_LoopHead$0$_v1.control_flag: int;
+ var inline$_v2.Eval_loop_anon3_LoopHead$0$in_result: int;
+ var inline$_v2.Eval_loop_anon3_LoopHead$0$in_x: int;
+ var inline$_v2.Eval_loop_anon3_LoopHead$0$out_result: int;
+ var inline$_v2.Eval_loop_anon3_LoopHead$0$out_x: int;
+ var inline$_v2.Eval_loop_anon3_LoopHead$0$_v2.control_flag: int;
+ var _v1.Eval_loop_anon3_LoopHead_1_done: bool;
+ var _v1.Eval_loop_anon3_LoopHead_in_1_0: int;
+ var _v1.Eval_loop_anon3_LoopHead_in_1_1: int;
+ var _v1.Eval_loop_anon3_LoopHead_in_1_2: int;
+ var _v1.Eval_loop_anon3_LoopHead_out_1_0: int;
+ var _v1.Eval_loop_anon3_LoopHead_out_1_1: int;
+ var _v1.Eval_loop_anon3_LoopHead_out_1_2: int;
+ var _v2.Eval_loop_anon3_LoopHead_2_done: bool;
+ var _v2.Eval_loop_anon3_LoopHead_in_2_0: int;
+ var _v2.Eval_loop_anon3_LoopHead_in_2_1: int;
+ var _v2.Eval_loop_anon3_LoopHead_in_2_2: int;
+ var _v2.Eval_loop_anon3_LoopHead_out_2_0: int;
+ var _v2.Eval_loop_anon3_LoopHead_out_2_1: int;
+ var _v2.Eval_loop_anon3_LoopHead_out_2_2: int;
+ var store__0__v1.control_flag: int;
+ var store__0__v2.control_flag: int;
+ var out__v1.Eval_loop_anon3_LoopHead_out_1_0_0: int;
+ var out__v1.Eval_loop_anon3_LoopHead_out_1_1_0: int;
+ var out__v2.Eval_loop_anon3_LoopHead_out_2_0_0: int;
+ var out__v2.Eval_loop_anon3_LoopHead_out_2_1_0: int;
+
+ START:
+ _v1.Eval_loop_anon3_LoopHead_1_done, _v2.Eval_loop_anon3_LoopHead_2_done := false, false;
+ goto inline$_v1.Eval_loop_anon3_LoopHead$0$Entry;
+
+ inline$_v1.Eval_loop_anon3_LoopHead$0$Entry:
+ inline$_v1.Eval_loop_anon3_LoopHead$0$in_result := _v1.in_result;
+ inline$_v1.Eval_loop_anon3_LoopHead$0$in_x := _v1.in_x;
+ havoc inline$_v1.Eval_loop_anon3_LoopHead$0$out_result, inline$_v1.Eval_loop_anon3_LoopHead$0$out_x;
+ inline$_v1.Eval_loop_anon3_LoopHead$0$_v1.control_flag := _v1.control_flag;
+ goto inline$_v1.Eval_loop_anon3_LoopHead$0$entry;
+
+ inline$_v1.Eval_loop_anon3_LoopHead$0$entry:
+ inline$_v1.Eval_loop_anon3_LoopHead$0$out_result, inline$_v1.Eval_loop_anon3_LoopHead$0$out_x := inline$_v1.Eval_loop_anon3_LoopHead$0$in_result, inline$_v1.Eval_loop_anon3_LoopHead$0$in_x;
+ goto inline$_v1.Eval_loop_anon3_LoopHead$0$anon3_LoopHead;
+
+ inline$_v1.Eval_loop_anon3_LoopHead$0$anon3_LoopHead:
+ goto inline$_v1.Eval_loop_anon3_LoopHead$0$anon3_LoopDone, inline$_v1.Eval_loop_anon3_LoopHead$0$anon3_LoopBody;
+
+ inline$_v1.Eval_loop_anon3_LoopHead$0$anon3_LoopBody:
+ assume {:partition} inline$_v1.Eval_loop_anon3_LoopHead$0$out_x > 0;
+ _v1.control_flag := _v2.control_UIF(_v1.control_flag, 1);
+ inline$_v1.Eval_loop_anon3_LoopHead$0$out_result := inline$_v1.Eval_loop_anon3_LoopHead$0$out_result
+ + inline$_v1.Eval_loop_anon3_LoopHead$0$out_x;
+ inline$_v1.Eval_loop_anon3_LoopHead$0$out_x := inline$_v1.Eval_loop_anon3_LoopHead$0$out_x - 1;
+ goto inline$_v1.Eval_loop_anon3_LoopHead$0$anon3_LoopBody_dummy;
+
+ inline$_v1.Eval_loop_anon3_LoopHead$0$anon3_LoopBody_dummy:
+ _v1.Eval_loop_anon3_LoopHead_in_1_0, _v1.Eval_loop_anon3_LoopHead_in_1_1, _v1.Eval_loop_anon3_LoopHead_in_1_2 := inline$_v1.Eval_loop_anon3_LoopHead$0$out_result, inline$_v1.Eval_loop_anon3_LoopHead$0$out_x, _v1.control_flag;
+ call inline$_v1.Eval_loop_anon3_LoopHead$0$out_result, inline$_v1.Eval_loop_anon3_LoopHead$0$out_x := _v1.Eval_loop_anon3_LoopHead(inline$_v1.Eval_loop_anon3_LoopHead$0$out_result, inline$_v1.Eval_loop_anon3_LoopHead$0$out_x);
+ _v1.Eval_loop_anon3_LoopHead_1_done := true;
+ _v1.Eval_loop_anon3_LoopHead_out_1_0, _v1.Eval_loop_anon3_LoopHead_out_1_1, _v1.Eval_loop_anon3_LoopHead_out_1_2 := inline$_v1.Eval_loop_anon3_LoopHead$0$out_result, inline$_v1.Eval_loop_anon3_LoopHead$0$out_x, _v1.control_flag;
+ goto inline$_v1.Eval_loop_anon3_LoopHead$0$Return;
+
+ inline$_v1.Eval_loop_anon3_LoopHead$0$anon3_LoopDone:
+ assume {:partition} 0 >= inline$_v1.Eval_loop_anon3_LoopHead$0$out_x;
+ inline$_v1.Eval_loop_anon3_LoopHead$0$out_result, inline$_v1.Eval_loop_anon3_LoopHead$0$out_x := inline$_v1.Eval_loop_anon3_LoopHead$0$in_result, inline$_v1.Eval_loop_anon3_LoopHead$0$in_x;
+ _v1.control_flag := inline$_v1.Eval_loop_anon3_LoopHead$0$_v1.control_flag;
+ goto inline$_v1.Eval_loop_anon3_LoopHead$0$Return;
+
+ inline$_v1.Eval_loop_anon3_LoopHead$0$Return:
+ assume true;
+ assume true;
+ assume true;
+ assume true;
+ assume true;
+ assume true;
+ _v1.out_result := inline$_v1.Eval_loop_anon3_LoopHead$0$out_result;
+ _v1.out_x := inline$_v1.Eval_loop_anon3_LoopHead$0$out_x;
+ goto START$1;
+
+ START$1:
+ goto inline$_v2.Eval_loop_anon3_LoopHead$0$Entry;
+
+ inline$_v2.Eval_loop_anon3_LoopHead$0$Entry:
+ inline$_v2.Eval_loop_anon3_LoopHead$0$in_result := _v2.in_result;
+ inline$_v2.Eval_loop_anon3_LoopHead$0$in_x := _v2.in_x;
+ havoc inline$_v2.Eval_loop_anon3_LoopHead$0$out_result, inline$_v2.Eval_loop_anon3_LoopHead$0$out_x;
+ inline$_v2.Eval_loop_anon3_LoopHead$0$_v2.control_flag := _v2.control_flag;
+ goto inline$_v2.Eval_loop_anon3_LoopHead$0$entry;
+
+ inline$_v2.Eval_loop_anon3_LoopHead$0$entry:
+ inline$_v2.Eval_loop_anon3_LoopHead$0$out_result, inline$_v2.Eval_loop_anon3_LoopHead$0$out_x := inline$_v2.Eval_loop_anon3_LoopHead$0$in_result, inline$_v2.Eval_loop_anon3_LoopHead$0$in_x;
+ goto inline$_v2.Eval_loop_anon3_LoopHead$0$anon3_LoopHead;
+
+ inline$_v2.Eval_loop_anon3_LoopHead$0$anon3_LoopHead:
+ goto inline$_v2.Eval_loop_anon3_LoopHead$0$anon3_LoopDone, inline$_v2.Eval_loop_anon3_LoopHead$0$anon3_LoopBody;
+
+ inline$_v2.Eval_loop_anon3_LoopHead$0$anon3_LoopBody:
+ assume {:partition} inline$_v2.Eval_loop_anon3_LoopHead$0$out_x > 0;
+ _v2.control_flag := _v2.control_UIF(_v2.control_flag, 1);
+ inline$_v2.Eval_loop_anon3_LoopHead$0$out_result := inline$_v2.Eval_loop_anon3_LoopHead$0$out_result
+ + inline$_v2.Eval_loop_anon3_LoopHead$0$out_x;
+ inline$_v2.Eval_loop_anon3_LoopHead$0$out_x := inline$_v2.Eval_loop_anon3_LoopHead$0$out_x - 1;
+ havoc inline$_v2.Eval_loop_anon3_LoopHead$0$out_x;
+ goto inline$_v2.Eval_loop_anon3_LoopHead$0$anon3_LoopBody_dummy;
+
+ inline$_v2.Eval_loop_anon3_LoopHead$0$anon3_LoopBody_dummy:
+ _v2.Eval_loop_anon3_LoopHead_in_2_0, _v2.Eval_loop_anon3_LoopHead_in_2_1, _v2.Eval_loop_anon3_LoopHead_in_2_2 := inline$_v2.Eval_loop_anon3_LoopHead$0$out_result, inline$_v2.Eval_loop_anon3_LoopHead$0$out_x, _v2.control_flag;
+ call inline$_v2.Eval_loop_anon3_LoopHead$0$out_result, inline$_v2.Eval_loop_anon3_LoopHead$0$out_x := _v2.Eval_loop_anon3_LoopHead(inline$_v2.Eval_loop_anon3_LoopHead$0$out_result, inline$_v2.Eval_loop_anon3_LoopHead$0$out_x);
+ _v2.Eval_loop_anon3_LoopHead_2_done := true;
+ _v2.Eval_loop_anon3_LoopHead_out_2_0, _v2.Eval_loop_anon3_LoopHead_out_2_1, _v2.Eval_loop_anon3_LoopHead_out_2_2 := inline$_v2.Eval_loop_anon3_LoopHead$0$out_result, inline$_v2.Eval_loop_anon3_LoopHead$0$out_x, _v2.control_flag;
+ goto inline$_v2.Eval_loop_anon3_LoopHead$0$Return;
+
+ inline$_v2.Eval_loop_anon3_LoopHead$0$anon3_LoopDone:
+ assume {:partition} 0 >= inline$_v2.Eval_loop_anon3_LoopHead$0$out_x;
+ inline$_v2.Eval_loop_anon3_LoopHead$0$out_result, inline$_v2.Eval_loop_anon3_LoopHead$0$out_x := inline$_v2.Eval_loop_anon3_LoopHead$0$in_result, inline$_v2.Eval_loop_anon3_LoopHead$0$in_x;
+ _v2.control_flag := inline$_v2.Eval_loop_anon3_LoopHead$0$_v2.control_flag;
+ goto inline$_v2.Eval_loop_anon3_LoopHead$0$Return;
+
+ inline$_v2.Eval_loop_anon3_LoopHead$0$Return:
+ assume true;
+ assume true;
+ assume true;
+ assume true;
+ assume true;
+ assume true;
+ _v2.out_result := inline$_v2.Eval_loop_anon3_LoopHead$0$out_result;
+ _v2.out_x := inline$_v2.Eval_loop_anon3_LoopHead$0$out_x;
+ goto START$2;
+
+ START$2:
+ goto MS_L_0_0;
+
+ MS_L_0_0:
+ goto MS_L_taken_0, MS_L_not_taken_0;
+
+ MS_L_taken_0:
+ assume _v1.Eval_loop_anon3_LoopHead_1_done && _v2.Eval_loop_anon3_LoopHead_2_done;
+ store__0__v1.control_flag := _v1.control_flag;
+ store__0__v2.control_flag := _v2.control_flag;
+ _v1.control_flag := _v1.Eval_loop_anon3_LoopHead_in_1_2;
+ _v2.control_flag := _v2.Eval_loop_anon3_LoopHead_in_2_2;
+ call out__v1.Eval_loop_anon3_LoopHead_out_1_0_0, out__v1.Eval_loop_anon3_LoopHead_out_1_1_0, out__v2.Eval_loop_anon3_LoopHead_out_2_0_0, out__v2.Eval_loop_anon3_LoopHead_out_2_1_0 := MS_Check__v1.Eval_loop_anon3_LoopHead___v2.Eval_loop_anon3_LoopHead(_v1.Eval_loop_anon3_LoopHead_in_1_0, _v1.Eval_loop_anon3_LoopHead_in_1_1, _v2.Eval_loop_anon3_LoopHead_in_2_0, _v2.Eval_loop_anon3_LoopHead_in_2_1);
+ assume _v1.control_flag == _v1.Eval_loop_anon3_LoopHead_out_1_2;
+ assume _v2.control_flag == _v2.Eval_loop_anon3_LoopHead_out_2_2;
+ assume _v1.Eval_loop_anon3_LoopHead_out_1_0
+ == out__v1.Eval_loop_anon3_LoopHead_out_1_0_0
+ && _v1.Eval_loop_anon3_LoopHead_out_1_1
+ == out__v1.Eval_loop_anon3_LoopHead_out_1_1_0
+ && _v2.Eval_loop_anon3_LoopHead_out_2_0
+ == out__v2.Eval_loop_anon3_LoopHead_out_2_0_0
+ && _v2.Eval_loop_anon3_LoopHead_out_2_1
+ == out__v2.Eval_loop_anon3_LoopHead_out_2_1_0;
+ _v1.control_flag := store__0__v1.control_flag;
+ _v2.control_flag := store__0__v2.control_flag;
+ goto MS_L_meet_0;
+
+ MS_L_not_taken_0:
+ assume !(_v1.Eval_loop_anon3_LoopHead_1_done && _v2.Eval_loop_anon3_LoopHead_2_done);
+ goto MS_L_meet_0;
+
+ MS_L_meet_0:
+ return;
+}
+
+
diff --git a/Test/houdini/mergedProgSingle_res_ex2.bpl.expect b/Test/houdini/mergedProgSingle_res_ex2.bpl.expect
index f551fc90..aff2f6ec 100644
--- a/Test/houdini/mergedProgSingle_res_ex2.bpl.expect
+++ b/Test/houdini/mergedProgSingle_res_ex2.bpl.expect
@@ -1,8 +1,8 @@
-Assignment computed by Houdini:
-_houdini_Eval_control_flag_0 = False
-_houdini_Eval_result_1 = False
-_houdini_Eval_loop_anon3_LoopHead_control_flag_2 = False
-_houdini_Eval_loop_anon3_LoopHead_out_result_3 = False
-_houdini_Eval_loop_anon3_LoopHead_out_x_4 = False
-
-Boogie program verifier finished with 6 verified, 0 errors
+Assignment computed by Houdini:
+_houdini_Eval_control_flag_0 = False
+_houdini_Eval_result_1 = False
+_houdini_Eval_loop_anon3_LoopHead_control_flag_2 = False
+_houdini_Eval_loop_anon3_LoopHead_out_result_3 = False
+_houdini_Eval_loop_anon3_LoopHead_out_x_4 = False
+
+Boogie program verifier finished with 6 verified, 0 errors
diff --git a/Test/houdini/test1.bpl b/Test/houdini/test1.bpl
index 7a8db5e8..72c4fb65 100644
--- a/Test/houdini/test1.bpl
+++ b/Test/houdini/test1.bpl
@@ -1,38 +1,38 @@
-// RUN: %boogie -noinfer -contractInfer -printAssignment -inlineDepth:1 "%s" > "%t"
-// RUN: %diff "%s.expect" "%t"
-var g: bool;
-
-procedure foo()
-modifies g;
-ensures b0 ==> (!old(g) ==> old(g) == g);
-{
- call AcquireLock();
- call ReleaseLock();
-}
-
-procedure AcquireLock()
-modifies g;
-ensures b1 ==> old(g) == g;
-{
- g := true;
-}
-
-procedure ReleaseLock()
-modifies g;
-ensures b2 ==> old(g) == g;
-{
- g := false;
-}
-
-procedure main()
-modifies g;
-{
- g := false;
- call foo();
- assert !g;
-}
-
-const {:existential true} b0: bool;
-const {:existential true} b1: bool;
-const {:existential true } b2: bool;
-
+// RUN: %boogie -noinfer -contractInfer -printAssignment -inlineDepth:1 "%s" > "%t"
+// RUN: %diff "%s.expect" "%t"
+var g: bool;
+
+procedure foo()
+modifies g;
+ensures b0 ==> (!old(g) ==> old(g) == g);
+{
+ call AcquireLock();
+ call ReleaseLock();
+}
+
+procedure AcquireLock()
+modifies g;
+ensures b1 ==> old(g) == g;
+{
+ g := true;
+}
+
+procedure ReleaseLock()
+modifies g;
+ensures b2 ==> old(g) == g;
+{
+ g := false;
+}
+
+procedure main()
+modifies g;
+{
+ g := false;
+ call foo();
+ assert !g;
+}
+
+const {:existential true} b0: bool;
+const {:existential true} b1: bool;
+const {:existential true } b2: bool;
+
diff --git a/Test/houdini/test10.bpl b/Test/houdini/test10.bpl
index f77d0c87..7c1c7e11 100644
--- a/Test/houdini/test10.bpl
+++ b/Test/houdini/test10.bpl
@@ -1,49 +1,49 @@
-// RUN: %boogie -noinfer -contractInfer -printAssignment -inlineDepth:1 "%s" > "%t"
-// RUN: %diff "%s.expect" "%t"
-var sdv_7: int;
-var sdv_21: int;
-const {:existential true} b1: bool;
-const{:existential true} b2: bool;
-const{:existential true} b3: bool;
-const{:existential true} b4: bool;
-
-procedure push(a:int)
-modifies sdv_7, sdv_21;
-{
- sdv_21 := sdv_7;
- sdv_7 := a;
-}
-
-procedure pop()
-modifies sdv_7, sdv_21;
-{
- sdv_7 := sdv_21;
- havoc sdv_21;
-}
-
-procedure foo()
-modifies sdv_7, sdv_21;
-requires {:candidate} b1 ==> (sdv_7 == 0);
-ensures{:candidate} b2 ==> (sdv_7 == old(sdv_7));
-{
- call push(2);
- call pop();
- call bar();
-}
-
-procedure bar()
-requires{:candidate} b3 ==> (sdv_7 == 0);
-ensures{:candidate} b4 ==> (sdv_7 == old(sdv_7));
-modifies sdv_7, sdv_21;
-{
- call push(1);
- call pop();
-}
-
-procedure main()
-modifies sdv_7, sdv_21;
-{
- sdv_7 := 0;
- call foo();
-}
-
+// RUN: %boogie -noinfer -contractInfer -printAssignment -inlineDepth:1 "%s" > "%t"
+// RUN: %diff "%s.expect" "%t"
+var sdv_7: int;
+var sdv_21: int;
+const {:existential true} b1: bool;
+const{:existential true} b2: bool;
+const{:existential true} b3: bool;
+const{:existential true} b4: bool;
+
+procedure push(a:int)
+modifies sdv_7, sdv_21;
+{
+ sdv_21 := sdv_7;
+ sdv_7 := a;
+}
+
+procedure pop()
+modifies sdv_7, sdv_21;
+{
+ sdv_7 := sdv_21;
+ havoc sdv_21;
+}
+
+procedure foo()
+modifies sdv_7, sdv_21;
+requires {:candidate} b1 ==> (sdv_7 == 0);
+ensures{:candidate} b2 ==> (sdv_7 == old(sdv_7));
+{
+ call push(2);
+ call pop();
+ call bar();
+}
+
+procedure bar()
+requires{:candidate} b3 ==> (sdv_7 == 0);
+ensures{:candidate} b4 ==> (sdv_7 == old(sdv_7));
+modifies sdv_7, sdv_21;
+{
+ call push(1);
+ call pop();
+}
+
+procedure main()
+modifies sdv_7, sdv_21;
+{
+ sdv_7 := 0;
+ call foo();
+}
+
diff --git a/Test/houdini/test10.bpl.expect b/Test/houdini/test10.bpl.expect
index d6c787d1..9ebabc6f 100644
--- a/Test/houdini/test10.bpl.expect
+++ b/Test/houdini/test10.bpl.expect
@@ -1,7 +1,7 @@
-Assignment computed by Houdini:
-b1 = True
-b2 = True
-b3 = False
-b4 = True
-
-Boogie program verifier finished with 5 verified, 0 errors
+Assignment computed by Houdini:
+b1 = True
+b2 = True
+b3 = False
+b4 = True
+
+Boogie program verifier finished with 5 verified, 0 errors
diff --git a/Test/houdini/test2.bpl b/Test/houdini/test2.bpl
index 5639dc61..e89e40be 100644
--- a/Test/houdini/test2.bpl
+++ b/Test/houdini/test2.bpl
@@ -1,40 +1,40 @@
-// RUN: %boogie -noinfer -contractInfer -printAssignment -inlineDepth:1 "%s" > "%t"
-// RUN: %diff "%s.expect" "%t"
-var g: int;
-var h: int;
-
-procedure foo()
-modifies g, h;
-ensures b0 ==> old(g) == g;
-{
- call AcquireLock();
- call ReleaseLock();
-}
-
-procedure AcquireLock()
-modifies g, h;
-ensures b1 ==> old(g) == g;
-{
- h := g;
- g := 1;
-}
-
-procedure ReleaseLock()
-modifies g, h;
-ensures b2 ==> old(g) == g;
-{
- g := h;
-}
-
-procedure main()
-modifies g, h;
-{
- g := 0;
- call foo();
- assert g == 0;
-}
-
-const {:existential true} b0: bool;
-const {:existential true} b1: bool;
-const {:existential true } b2: bool;
-
+// RUN: %boogie -noinfer -contractInfer -printAssignment -inlineDepth:1 "%s" > "%t"
+// RUN: %diff "%s.expect" "%t"
+var g: int;
+var h: int;
+
+procedure foo()
+modifies g, h;
+ensures b0 ==> old(g) == g;
+{
+ call AcquireLock();
+ call ReleaseLock();
+}
+
+procedure AcquireLock()
+modifies g, h;
+ensures b1 ==> old(g) == g;
+{
+ h := g;
+ g := 1;
+}
+
+procedure ReleaseLock()
+modifies g, h;
+ensures b2 ==> old(g) == g;
+{
+ g := h;
+}
+
+procedure main()
+modifies g, h;
+{
+ g := 0;
+ call foo();
+ assert g == 0;
+}
+
+const {:existential true} b0: bool;
+const {:existential true} b1: bool;
+const {:existential true } b2: bool;
+
diff --git a/Test/houdini/test7.bpl b/Test/houdini/test7.bpl
index 4f0a832d..dc3e350f 100644
--- a/Test/houdini/test7.bpl
+++ b/Test/houdini/test7.bpl
@@ -1,17 +1,17 @@
-// RUN: %boogie -noinfer -contractInfer -printAssignment -inlineDepth:1 "%s" > "%t"
-// RUN: %diff "%s.expect" "%t"
-var g: int;
-
-procedure main()
-modifies g;
-{
- g := 0;
- call foo();
- assert g == 1;
-}
-
-procedure foo()
-modifies g;
-{
- g := g + 1;
-}
+// RUN: %boogie -noinfer -contractInfer -printAssignment -inlineDepth:1 "%s" > "%t"
+// RUN: %diff "%s.expect" "%t"
+var g: int;
+
+procedure main()
+modifies g;
+{
+ g := 0;
+ call foo();
+ assert g == 1;
+}
+
+procedure foo()
+modifies g;
+{
+ g := g + 1;
+}
diff --git a/Test/houdini/test8.bpl b/Test/houdini/test8.bpl
index 79738a9b..d8de97a3 100644
--- a/Test/houdini/test8.bpl
+++ b/Test/houdini/test8.bpl
@@ -1,23 +1,23 @@
-// RUN: %boogie -noinfer -contractInfer -printAssignment -inlineDepth:1 "%s" > "%t"
-// RUN: %diff "%s.expect" "%t"
-var g: int;
-
-procedure main()
-modifies g;
-{
- g := 0;
- call foo();
- assert g == 1;
-}
-
-procedure {:inline 1} foo()
-modifies g;
-{
- call bar();
-}
-
-procedure bar()
-modifies g;
-{
- g := g + 1;
-}
+// RUN: %boogie -noinfer -contractInfer -printAssignment -inlineDepth:1 "%s" > "%t"
+// RUN: %diff "%s.expect" "%t"
+var g: int;
+
+procedure main()
+modifies g;
+{
+ g := 0;
+ call foo();
+ assert g == 1;
+}
+
+procedure {:inline 1} foo()
+modifies g;
+{
+ call bar();
+}
+
+procedure bar()
+modifies g;
+{
+ g := g + 1;
+}
diff --git a/Test/houdini/test9.bpl b/Test/houdini/test9.bpl
index 68404a8f..a56443bf 100644
--- a/Test/houdini/test9.bpl
+++ b/Test/houdini/test9.bpl
@@ -1,75 +1,75 @@
-// RUN: %boogie -noinfer -contractInfer -printAssignment -inlineDepth:1 "%s" > "%t"
-// RUN: %diff "%s.expect" "%t"
-var v1: int;
-var v2: int;
-var v3: int;
-const{:existential true} b1: bool;
-const{:existential true} b2: bool;
-const{:existential true} b3: bool;
-const{:existential true} b4: bool;
-const{:existential true} b5: bool;
-const{:existential true} b6: bool;
-const{:existential true} b7: bool;
-const{:existential true} b8: bool;
-const{:existential true} b9: bool;
-const{:existential true} b10: bool;
-const{:existential true} b11: bool;
-const{:existential true} b12: bool;
-const{:existential true} b13: bool;
-const{:existential true} b14: bool;
-const{:existential true} b15: bool;
-const{:existential true} b16: bool;
-
-procedure push()
-requires {:candidate} b1 ==> v1 == 0;
-requires {:candidate} b2 ==> v1 == 1;
-ensures {:candidate} b3 ==> v1 == 0;
-ensures {:candidate} b4 ==> v1 == 1;
-modifies v1,v2;
-{
- v2 := v1;
- v1 := 1;
-}
-
-procedure pop()
-modifies v1,v2;
-requires {:candidate} b5 ==> v1 == 0;
-requires {:candidate} b6 ==> v1 == 1;
-ensures {:candidate} b7 ==> v1 == 0;
-ensures {:candidate} b8 ==> v1 == 1;
-{
- v1 := v2;
- havoc v2;
-}
-
-procedure foo()
-modifies v1,v2;
-requires {:candidate} b9 ==> v1 == 0;
-requires {:candidate} b10 ==> v1 == 1;
-ensures {:candidate} b11 ==> v1 == 0;
-ensures {:candidate} b12 ==> v1 == 1;
-{
- call push();
- call pop();
-}
-
-procedure bar()
-modifies v1,v2;
-requires {:candidate} b13 ==> v1 == 0;
-requires {:candidate} b14 ==> v1 == 1;
-ensures {:candidate} b15 ==> v1 == 0;
-ensures {:candidate} b16 ==> v1 == 1;
-{
- call push();
- call pop();
-}
-
-procedure main()
-modifies v1,v2;
-{
- v1 := 1;
- call foo();
- havoc v1;
- call bar();
-}
-
+// RUN: %boogie -noinfer -contractInfer -printAssignment -inlineDepth:1 "%s" > "%t"
+// RUN: %diff "%s.expect" "%t"
+var v1: int;
+var v2: int;
+var v3: int;
+const{:existential true} b1: bool;
+const{:existential true} b2: bool;
+const{:existential true} b3: bool;
+const{:existential true} b4: bool;
+const{:existential true} b5: bool;
+const{:existential true} b6: bool;
+const{:existential true} b7: bool;
+const{:existential true} b8: bool;
+const{:existential true} b9: bool;
+const{:existential true} b10: bool;
+const{:existential true} b11: bool;
+const{:existential true} b12: bool;
+const{:existential true} b13: bool;
+const{:existential true} b14: bool;
+const{:existential true} b15: bool;
+const{:existential true} b16: bool;
+
+procedure push()
+requires {:candidate} b1 ==> v1 == 0;
+requires {:candidate} b2 ==> v1 == 1;
+ensures {:candidate} b3 ==> v1 == 0;
+ensures {:candidate} b4 ==> v1 == 1;
+modifies v1,v2;
+{
+ v2 := v1;
+ v1 := 1;
+}
+
+procedure pop()
+modifies v1,v2;
+requires {:candidate} b5 ==> v1 == 0;
+requires {:candidate} b6 ==> v1 == 1;
+ensures {:candidate} b7 ==> v1 == 0;
+ensures {:candidate} b8 ==> v1 == 1;
+{
+ v1 := v2;
+ havoc v2;
+}
+
+procedure foo()
+modifies v1,v2;
+requires {:candidate} b9 ==> v1 == 0;
+requires {:candidate} b10 ==> v1 == 1;
+ensures {:candidate} b11 ==> v1 == 0;
+ensures {:candidate} b12 ==> v1 == 1;
+{
+ call push();
+ call pop();
+}
+
+procedure bar()
+modifies v1,v2;
+requires {:candidate} b13 ==> v1 == 0;
+requires {:candidate} b14 ==> v1 == 1;
+ensures {:candidate} b15 ==> v1 == 0;
+ensures {:candidate} b16 ==> v1 == 1;
+{
+ call push();
+ call pop();
+}
+
+procedure main()
+modifies v1,v2;
+{
+ v1 := 1;
+ call foo();
+ havoc v1;
+ call bar();
+}
+
diff --git a/Test/houdini/testUnsatCore.bpl b/Test/houdini/testUnsatCore.bpl
index 19066269..0ac1b9e8 100644
--- a/Test/houdini/testUnsatCore.bpl
+++ b/Test/houdini/testUnsatCore.bpl
@@ -1,37 +1,37 @@
-// RUN: %boogie -noinfer -contractInfer -printAssignment -useUnsatCoreForContractInfer "%s" > "%t"
-// RUN: %diff "%s.expect" "%t"
-
-// Example to exercise the unsatcore to optimize houdini
-
-procedure foo(x:int, y:int, z:int)
-//requires
-requires br0 ==> x == 1;
-requires br1 ==> y == 1;
-requires br2 ==> z == 1;
-//ensures
-ensures be0 ==> x == 1;
-{
-
-}
-
-procedure bar()
-{
- call foo(1, 2, 3);
-
-}
-
-const {:existential true} br0: bool;
-const {:existential true} br1: bool;
-const {:existential true} br2: bool;
-const {:existential true} be0: bool;
-
-
-// The output does not have any details to illustrate the flag (its an optimization)
-// One way to make sure it works is to run with -trace
-//
-// $boogie_codeplex\binaries\boogie.exe -noinfer -contractInfer -printAssignment -trace testUnsatCore.bpl
-//
-// and lookout for the following lines
-//
-// Number of unsat core prover queries = 2
+// RUN: %boogie -noinfer -contractInfer -printAssignment -useUnsatCoreForContractInfer "%s" > "%t"
+// RUN: %diff "%s.expect" "%t"
+
+// Example to exercise the unsatcore to optimize houdini
+
+procedure foo(x:int, y:int, z:int)
+//requires
+requires br0 ==> x == 1;
+requires br1 ==> y == 1;
+requires br2 ==> z == 1;
+//ensures
+ensures be0 ==> x == 1;
+{
+
+}
+
+procedure bar()
+{
+ call foo(1, 2, 3);
+
+}
+
+const {:existential true} br0: bool;
+const {:existential true} br1: bool;
+const {:existential true} br2: bool;
+const {:existential true} be0: bool;
+
+
+// The output does not have any details to illustrate the flag (its an optimization)
+// One way to make sure it works is to run with -trace
+//
+// $boogie_codeplex\binaries\boogie.exe -noinfer -contractInfer -printAssignment -trace testUnsatCore.bpl
+//
+// and lookout for the following lines
+//
+// Number of unsat core prover queries = 2
// Number of unsat core prunings = 2 \ No newline at end of file
diff --git a/Test/houdini/testUnsatCore.bpl.expect b/Test/houdini/testUnsatCore.bpl.expect
index cff391b2..dd748334 100644
--- a/Test/houdini/testUnsatCore.bpl.expect
+++ b/Test/houdini/testUnsatCore.bpl.expect
@@ -1,7 +1,7 @@
-Assignment computed by Houdini:
-br0 = True
-br1 = False
-br2 = False
-be0 = True
-
-Boogie program verifier finished with 2 verified, 0 errors
+Assignment computed by Houdini:
+br0 = True
+br1 = False
+br2 = False
+be0 = True
+
+Boogie program verifier finished with 2 verified, 0 errors
generated by cgit v1.2.3 (git 2.39.1) at 2024-05-15 19:48:47 +0000