mirror of
https://github.com/golang/go.git
synced 2025-05-05 23:53:05 +00:00
b7c9cdd53c
Improves bound check elimination for:
func arrayLargeEnough(b bool, a [2]int64) int64 {
c := byte(0)
if b {
c = 1
}
// this bound check gets elided
return a[c]
}
We also detect never true branches like:
func cCanOnlyBe0or1(b bool) byte {
var c byte
if b {
c = 1
}
// this statement can never be true so we can elide it
if c == 2 {
c = 3
}
return c
}
Hits a few times:
crypto/internal/sysrand
crypto/internal/sysrand.Read 357 -> 349 (-2.24%)
testing
testing.(*F).Fuzz.func1.1 837 -> 828 (-1.08%)
image/png
image/png.(*Encoder).Encode 1735 -> 1733 (-0.12%)
vendor/golang.org/x/crypto/cryptobyte
vendor/golang.org/x/crypto/cryptobyte.(*Builder).callContinuation 187 -> 185 (-1.07%)
crypto/internal/sysrand [cmd/compile]
crypto/internal/sysrand.Read 357 -> 349 (-2.24%)
go/parser
go/parser.(*parser).parseType 463 -> 457 (-1.30%)
go/parser.(*parser).embeddedElem 633 -> 626 (-1.11%)
go/parser.(*parser).parseFuncDecl 917 -> 914 (-0.33%)
go/parser.(*parser).parseDotsType 393 -> 391 (-0.51%)
go/parser.(*parser).error 1061 -> 1054 (-0.66%)
go/parser.(*parser).parseTypeName 537 -> 532 (-0.93%)
go/parser.(*parser).parseParamDecl 1478 -> 1451 (-1.83%)
go/parser.(*parser).parseFuncTypeOrLit 498 -> 495 (-0.60%)
go/parser.(*parser).parseValue 375 -> 371 (-1.07%)
go/parser.(*parser).parseElementList 594 -> 593 (-0.17%)
go/parser.(*parser).parseResult 593 -> 583 (-1.69%)
go/parser.(*parser).parseElement 506 -> 504 (-0.40%)
go/parser.(*parser).parseImportSpec 1110 -> 1108 (-0.18%)
go/parser.(*parser).parseStructType 741 -> 735 (-0.81%)
go/parser.(*parser).parseTypeSpec 1054 -> 1048 (-0.57%)
go/parser.(*parser).parseIdentList 625 -> 623 (-0.32%)
go/parser.(*parser).parseOperand 1221 -> 1199 (-1.80%)
go/parser.(*parser).parseIndexOrSliceOrInstance 2713 -> 2694 (-0.70%)
go/parser.(*parser).parseSwitchStmt 1458 -> 1447 (-0.75%)
go/parser.(*parser).parseArrayFieldOrTypeInstance 1865 -> 1861 (-0.21%)
go/parser.(*parser).parseExpr 307 -> 305 (-0.65%)
go/parser.(*parser).parseSelector 427 -> 425 (-0.47%)
go/parser.(*parser).parseTypeInstance 1433 -> 1420 (-0.91%)
go/parser.(*parser).parseCaseClause 629 -> 626 (-0.48%)
go/parser.(*parser).parseParameterList 4212 -> 4189 (-0.55%)
go/parser.(*parser).parsePointerType 393 -> 391 (-0.51%)
go/parser.(*parser).parseFuncType 465 -> 463 (-0.43%)
go/parser.(*parser).parseTypeAssertion 559 -> 557 (-0.36%)
go/parser.(*parser).parseSimpleStmt 2443 -> 2388 (-2.25%)
go/parser.(*parser).parseCallOrConversion 1093 -> 1087 (-0.55%)
go/parser.(*parser).parseForStmt 2168 -> 2159 (-0.42%)
go/parser.(*parser).embeddedTerm 657 -> 649 (-1.22%)
go/parser.(*parser).parseCommClause 1509 -> 1501 (-0.53%)
cmd/internal/objfile
cmd/internal/objfile.(*goobjFile).symbols 5299 -> 5274 (-0.47%)
net
net.initConfVal 378 -> 374 (-1.06%)
net.(*conf).hostLookupOrder 269 -> 267 (-0.74%)
net.(*conf).addrLookupOrder 261 -> 255 (-2.30%)
cmd/internal/obj/loong64
cmd/internal/obj/loong64.(*ctxt0).oplook 1829 -> 1813 (-0.87%)
cmd/internal/obj/mips
cmd/internal/obj/mips.(*ctxt0).oplook 1428 -> 1400 (-1.96%)
go/types
go/types.(*typeWriter).signature 605 -> 601 (-0.66%)
go/types.(*Checker).instantiateSignature 1469 -> 1467 (-0.14%)
go/parser [cmd/compile]
go/parser.(*parser).parseSwitchStmt 1458 -> 1447 (-0.75%)
go/parser.(*parser).parseDotsType 393 -> 391 (-0.51%)
go/parser.(*parser).embeddedElem 633 -> 626 (-1.11%)
go/parser.(*parser).parseTypeAssertion 559 -> 557 (-0.36%)
go/parser.(*parser).parseCommClause 1509 -> 1501 (-0.53%)
go/parser.(*parser).parseCaseClause 629 -> 626 (-0.48%)
go/parser.(*parser).parseImportSpec 1110 -> 1108 (-0.18%)
go/parser.(*parser).parseTypeSpec 1054 -> 1048 (-0.57%)
go/parser.(*parser).parseElementList 594 -> 593 (-0.17%)
go/parser.(*parser).parseParamDecl 1478 -> 1451 (-1.83%)
go/parser.(*parser).parseType 463 -> 457 (-1.30%)
go/parser.(*parser).parseSimpleStmt 2443 -> 2388 (-2.25%)
go/parser.(*parser).parseIdentList 625 -> 623 (-0.32%)
go/parser.(*parser).parseTypeInstance 1433 -> 1420 (-0.91%)
go/parser.(*parser).parseResult 593 -> 583 (-1.69%)
go/parser.(*parser).parseValue 375 -> 371 (-1.07%)
go/parser.(*parser).parseFuncDecl 917 -> 914 (-0.33%)
go/parser.(*parser).error 1061 -> 1054 (-0.66%)
go/parser.(*parser).parseElement 506 -> 504 (-0.40%)
go/parser.(*parser).parseFuncType 465 -> 463 (-0.43%)
go/parser.(*parser).parsePointerType 393 -> 391 (-0.51%)
go/parser.(*parser).parseTypeName 537 -> 532 (-0.93%)
go/parser.(*parser).parseExpr 307 -> 305 (-0.65%)
go/parser.(*parser).parseFuncTypeOrLit 498 -> 495 (-0.60%)
go/parser.(*parser).parseStructType 741 -> 735 (-0.81%)
go/parser.(*parser).parseOperand 1221 -> 1199 (-1.80%)
go/parser.(*parser).parseIndexOrSliceOrInstance 2713 -> 2694 (-0.70%)
go/parser.(*parser).parseForStmt 2168 -> 2159 (-0.42%)
go/parser.(*parser).parseParameterList 4212 -> 4189 (-0.55%)
go/parser.(*parser).parseArrayFieldOrTypeInstance 1865 -> 1861 (-0.21%)
go/parser.(*parser).parseSelector 427 -> 425 (-0.47%)
go/parser.(*parser).parseCallOrConversion 1093 -> 1087 (-0.55%)
go/parser.(*parser).embeddedTerm 657 -> 649 (-1.22%)
crypto/tls
crypto/tls.(*Conn).clientHandshake 3430 -> 3421 (-0.26%)
cmd/internal/obj/mips [cmd/compile]
cmd/internal/obj/mips.(*ctxt0).oplook 1428 -> 1400 (-1.96%)
cmd/internal/obj/loong64 [cmd/compile]
cmd/internal/obj/loong64.(*ctxt0).oplook 1829 -> 1813 (-0.87%)
cmd/compile/internal/types2
cmd/compile/internal/types2.(*typeWriter).signature 605 -> 601 (-0.66%)
cmd/compile/internal/types2.(*Checker).infer 10646 -> 10614 (-0.30%)
cmd/compile/internal/types2.(*Checker).instantiateSignature 1567 -> 1561 (-0.38%)
cmd/compile/internal/types2 [cmd/compile]
cmd/compile/internal/types2.(*Checker).instantiateSignature 1567 -> 1561 (-0.38%)
cmd/compile/internal/types2.(*typeWriter).signature 605 -> 601 (-0.66%)
cmd/compile/internal/types2.(*Checker).infer 10718 -> 10654 (-0.60%)
cmd/vendor/golang.org/x/arch/s390x/s390xasm
cmd/vendor/golang.org/x/arch/s390x/s390xasm.GoSyntax 36778 -> 36682 (-0.26%)
net/http
net/http.(*Client).do 4202 -> 4170 (-0.76%)
net/http.(*http2clientStream).writeRequest 3692 -> 3686 (-0.16%)
cmd/vendor/github.com/ianlancetaylor/demangle
cmd/vendor/github.com/ianlancetaylor/demangle.(*rustState).genericArgs 466 -> 463 (-0.64%)
cmd/compile/internal/devirtualize
cmd/compile/internal/devirtualize.ProfileGuided.func1 1364 -> 1357 (-0.51%)
cmd/compile/internal/inline/interleaved
cmd/compile/internal/inline/interleaved.DevirtualizeAndInlinePackage.func2 533 -> 526 (-1.31%)
cmd/compile/internal/devirtualize [cmd/compile]
cmd/compile/internal/devirtualize.ProfileGuided.func1 1343 -> 1332 (-0.82%)
cmd/compile/internal/inline/interleaved [cmd/compile]
cmd/compile/internal/inline/interleaved.DevirtualizeAndInlinePackage.func2 533 -> 526 (-1.31%)
cmd/link/internal/ld
cmd/link/internal/ld.mustLinkExternal 2739 -> 2674 (-2.37%)
cmd/compile/internal/ssa
cmd/compile/internal/ssa.(*poset).Ordered 391 -> 389 (-0.51%)
cmd/compile/internal/ssa.(*poset).Equal 318 -> 313 (-1.57%)
cmd/compile/internal/ssa.(*poset).Undo 1842 -> 1832 (-0.54%)
cmd/compile/internal/ssa.(*expandState).decomposeAsNecessary 4587 -> 4555 (-0.70%)
cmd/compile/internal/ssa.(*poset).OrderedOrEqual 390 -> 389 (-0.26%)
cmd/compile/internal/ssa.(*poset).NonEqual 613 -> 606 (-1.14%)
cmd/compile/internal/ssa [cmd/compile]
cmd/compile/internal/ssa.(*poset).OrderedOrEqual 368 -> 365 (-0.82%)
cmd/compile/internal/ssa.(*poset).Equal 318 -> 313 (-1.57%)
cmd/compile/internal/ssa.(*expandState).decomposeAsNecessary 4952 -> 4938 (-0.28%)
cmd/compile/internal/ssa.(*poset).NonEqual 613 -> 606 (-1.14%)
cmd/compile/internal/ssa.(*poset).SetEqual 2533 -> 2505 (-1.11%)
cmd/compile/internal/ssa.(*poset).SetNonEqual 785 -> 777 (-1.02%)
cmd/compile/internal/ssa.(*poset).Ordered 370 -> 366 (-1.08%)
cmd/compile/internal/gc [cmd/compile]
cmd/compile/internal/gc.Main.DevirtualizeAndInlinePackage.func2 492 -> 489 (-0.61%)
file before after Δ %
crypto/internal/sysrand.s 1553 1545 -8 -0.515%
internal/zstd.s 49179 49190 +11 +0.022%
testing.s 115197 115188 -9 -0.008%
image/png.s 36109 36107 -2 -0.006%
vendor/golang.org/x/crypto/cryptobyte.s 30980 30978 -2 -0.006%
crypto/internal/sysrand [cmd/compile].s 1553 1545 -8 -0.515%
go/parser.s 112638 112354 -284 -0.252%
cmd/internal/objfile.s 49994 49969 -25 -0.050%
net.s 299558 299546 -12 -0.004%
cmd/internal/obj/loong64.s 71651 71635 -16 -0.022%
cmd/internal/obj/mips.s 59681 59653 -28 -0.047%
go/types.s 558839 558833 -6 -0.001%
cmd/compile/internal/types.s 71305 71306 +1 +0.001%
go/parser [cmd/compile].s 112749 112465 -284 -0.252%
crypto/tls.s 388859 388850 -9 -0.002%
cmd/internal/obj/mips [cmd/compile].s 59792 59764 -28 -0.047%
cmd/internal/obj/loong64 [cmd/compile].s 71762 71746 -16 -0.022%
cmd/compile/internal/types2.s 540608 540566 -42 -0.008%
cmd/compile/internal/types2 [cmd/compile].s 577428 577354 -74 -0.013%
cmd/vendor/golang.org/x/arch/s390x/s390xasm.s 267664 267568 -96 -0.036%
net/http.s 620704 620666 -38 -0.006%
cmd/vendor/github.com/ianlancetaylor/demangle.s 299991 299988 -3 -0.001%
cmd/compile/internal/devirtualize.s 21452 21445 -7 -0.033%
cmd/compile/internal/inline/interleaved.s 8358 8351 -7 -0.084%
cmd/compile/internal/devirtualize [cmd/compile].s 20994 20983 -11 -0.052%
cmd/compile/internal/inline/interleaved [cmd/compile].s 8328 8321 -7 -0.084%
cmd/link/internal/ld.s 641802 641737 -65 -0.010%
cmd/compile/internal/ssa.s 3552939 3552957 +18 +0.001%
cmd/compile/internal/ssa [cmd/compile].s 3752191 3752197 +6 +0.000%
cmd/compile/internal/ssagen.s 405780 405786 +6 +0.001%
cmd/compile/internal/ssagen [cmd/compile].s 434472 434496 +24 +0.006%
cmd/compile/internal/gc [cmd/compile].s 38499 38496 -3 -0.008%
total 36185267 36184243 -1024 -0.003%
Change-Id: I867222b0f907b29d32b2676e55c6b5789ec56511
Reviewed-on: https://go-review.googlesource.com/c/go/+/642716
Reviewed-by: Keith Randall <khr@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Cherry Mui <cherryyz@google.com>
Reviewed-by: Keith Randall <khr@golang.org>
1743 lines
33 KiB
Go
1743 lines
33 KiB
Go
// errorcheck -0 -d=ssa/prove/debug=1
|
||
|
||
//go:build amd64
|
||
|
||
// Copyright 2016 The Go Authors. All rights reserved.
|
||
// Use of this source code is governed by a BSD-style
|
||
// license that can be found in the LICENSE file.
|
||
|
||
package main
|
||
|
||
import (
|
||
"math"
|
||
"math/bits"
|
||
)
|
||
|
||
func f0(a []int) int {
|
||
a[0] = 1
|
||
a[0] = 1 // ERROR "Proved IsInBounds$"
|
||
a[6] = 1
|
||
a[6] = 1 // ERROR "Proved IsInBounds$"
|
||
a[5] = 1 // ERROR "Proved IsInBounds$"
|
||
a[5] = 1 // ERROR "Proved IsInBounds$"
|
||
return 13
|
||
}
|
||
|
||
func f1(a []int) int {
|
||
if len(a) <= 5 {
|
||
return 18
|
||
}
|
||
a[0] = 1 // ERROR "Proved IsInBounds$"
|
||
a[0] = 1 // ERROR "Proved IsInBounds$"
|
||
a[6] = 1
|
||
a[6] = 1 // ERROR "Proved IsInBounds$"
|
||
a[5] = 1 // ERROR "Proved IsInBounds$"
|
||
a[5] = 1 // ERROR "Proved IsInBounds$"
|
||
return 26
|
||
}
|
||
|
||
func f1b(a []int, i int, j uint) int {
|
||
if i >= 0 && i < len(a) {
|
||
return a[i] // ERROR "Proved IsInBounds$"
|
||
}
|
||
if i >= 10 && i < len(a) {
|
||
return a[i] // ERROR "Proved IsInBounds$"
|
||
}
|
||
if i >= 10 && i < len(a) {
|
||
return a[i] // ERROR "Proved IsInBounds$"
|
||
}
|
||
if i >= 10 && i < len(a) {
|
||
return a[i-10] // ERROR "Proved IsInBounds$"
|
||
}
|
||
if j < uint(len(a)) {
|
||
return a[j] // ERROR "Proved IsInBounds$"
|
||
}
|
||
return 0
|
||
}
|
||
|
||
func f1c(a []int, i int64) int {
|
||
c := uint64(math.MaxInt64 + 10) // overflows int
|
||
d := int64(c)
|
||
if i >= d && i < int64(len(a)) {
|
||
// d overflows, should not be handled.
|
||
return a[i]
|
||
}
|
||
return 0
|
||
}
|
||
|
||
func f2(a []int) int {
|
||
for i := range a { // ERROR "Induction variable: limits \[0,\?\), increment 1$"
|
||
a[i+1] = i
|
||
a[i+1] = i // ERROR "Proved IsInBounds$"
|
||
}
|
||
return 34
|
||
}
|
||
|
||
func f3(a []uint) int {
|
||
for i := uint(0); i < uint(len(a)); i++ {
|
||
a[i] = i // ERROR "Proved IsInBounds$"
|
||
}
|
||
return 41
|
||
}
|
||
|
||
func f4a(a, b, c int) int {
|
||
if a < b {
|
||
if a == b { // ERROR "Disproved Eq64$"
|
||
return 47
|
||
}
|
||
if a > b { // ERROR "Disproved Less64$"
|
||
return 50
|
||
}
|
||
if a < b { // ERROR "Proved Less64$"
|
||
return 53
|
||
}
|
||
// We can't get to this point and prove knows that, so
|
||
// there's no message for the next (obvious) branch.
|
||
if a != a {
|
||
return 56
|
||
}
|
||
return 61
|
||
}
|
||
return 63
|
||
}
|
||
|
||
func f4b(a, b, c int) int {
|
||
if a <= b {
|
||
if a >= b {
|
||
if a == b { // ERROR "Proved Eq64$"
|
||
return 70
|
||
}
|
||
return 75
|
||
}
|
||
return 77
|
||
}
|
||
return 79
|
||
}
|
||
|
||
func f4c(a, b, c int) int {
|
||
if a <= b {
|
||
if a >= b {
|
||
if a != b { // ERROR "Disproved Neq64$"
|
||
return 73
|
||
}
|
||
return 75
|
||
}
|
||
return 77
|
||
}
|
||
return 79
|
||
}
|
||
|
||
func f4d(a, b, c int) int {
|
||
if a < b {
|
||
if a < c {
|
||
if a < b { // ERROR "Proved Less64$"
|
||
if a < c { // ERROR "Proved Less64$"
|
||
return 87
|
||
}
|
||
return 89
|
||
}
|
||
return 91
|
||
}
|
||
return 93
|
||
}
|
||
return 95
|
||
}
|
||
|
||
func f4e(a, b, c int) int {
|
||
if a < b {
|
||
if b > a { // ERROR "Proved Less64$"
|
||
return 101
|
||
}
|
||
return 103
|
||
}
|
||
return 105
|
||
}
|
||
|
||
func f4f(a, b, c int) int {
|
||
if a <= b {
|
||
if b > a {
|
||
if b == a { // ERROR "Disproved Eq64$"
|
||
return 112
|
||
}
|
||
return 114
|
||
}
|
||
if b >= a { // ERROR "Proved Leq64$"
|
||
if b == a { // ERROR "Proved Eq64$"
|
||
return 118
|
||
}
|
||
return 120
|
||
}
|
||
return 122
|
||
}
|
||
return 124
|
||
}
|
||
|
||
func f5(a, b uint) int {
|
||
if a == b {
|
||
if a <= b { // ERROR "Proved Leq64U$"
|
||
return 130
|
||
}
|
||
return 132
|
||
}
|
||
return 134
|
||
}
|
||
|
||
// These comparisons are compile time constants.
|
||
func f6a(a uint8) int {
|
||
if a < a { // ERROR "Disproved Less8U$"
|
||
return 140
|
||
}
|
||
return 151
|
||
}
|
||
|
||
func f6b(a uint8) int {
|
||
if a < a { // ERROR "Disproved Less8U$"
|
||
return 140
|
||
}
|
||
return 151
|
||
}
|
||
|
||
func f6x(a uint8) int {
|
||
if a > a { // ERROR "Disproved Less8U$"
|
||
return 143
|
||
}
|
||
return 151
|
||
}
|
||
|
||
func f6d(a uint8) int {
|
||
if a <= a { // ERROR "Proved Leq8U$"
|
||
return 146
|
||
}
|
||
return 151
|
||
}
|
||
|
||
func f6e(a uint8) int {
|
||
if a >= a { // ERROR "Proved Leq8U$"
|
||
return 149
|
||
}
|
||
return 151
|
||
}
|
||
|
||
func f7(a []int, b int) int {
|
||
if b < len(a) {
|
||
a[b] = 3
|
||
if b < len(a) { // ERROR "Proved Less64$"
|
||
a[b] = 5 // ERROR "Proved IsInBounds$"
|
||
}
|
||
}
|
||
return 161
|
||
}
|
||
|
||
func f8(a, b uint) int {
|
||
if a == b {
|
||
return 166
|
||
}
|
||
if a > b {
|
||
return 169
|
||
}
|
||
if a < b { // ERROR "Proved Less64U$"
|
||
return 172
|
||
}
|
||
return 174
|
||
}
|
||
|
||
func f9(a, b bool) int {
|
||
if a {
|
||
return 1
|
||
}
|
||
if a || b { // ERROR "Disproved Arg$"
|
||
return 2
|
||
}
|
||
return 3
|
||
}
|
||
|
||
func f10(a string) int {
|
||
n := len(a)
|
||
// We optimize comparisons with small constant strings (see cmd/compile/internal/gc/walk.go),
|
||
// so this string literal must be long.
|
||
if a[:n>>1] == "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" {
|
||
return 0
|
||
}
|
||
return 1
|
||
}
|
||
|
||
func f11a(a []int, i int) {
|
||
useInt(a[i])
|
||
useInt(a[i]) // ERROR "Proved IsInBounds$"
|
||
}
|
||
|
||
func f11b(a []int, i int) {
|
||
useSlice(a[i:])
|
||
useSlice(a[i:]) // ERROR "Proved IsSliceInBounds$"
|
||
}
|
||
|
||
func f11c(a []int, i int) {
|
||
useSlice(a[:i])
|
||
useSlice(a[:i]) // ERROR "Proved IsSliceInBounds$"
|
||
}
|
||
|
||
func f11d(a []int, i int) {
|
||
useInt(a[2*i+7])
|
||
useInt(a[2*i+7]) // ERROR "Proved IsInBounds$"
|
||
}
|
||
|
||
func f12(a []int, b int) {
|
||
useSlice(a[:b])
|
||
}
|
||
|
||
func f13a(a, b, c int, x bool) int {
|
||
if a > 12 {
|
||
if x {
|
||
if a < 12 { // ERROR "Disproved Less64$"
|
||
return 1
|
||
}
|
||
}
|
||
if x {
|
||
if a <= 12 { // ERROR "Disproved Leq64$"
|
||
return 2
|
||
}
|
||
}
|
||
if x {
|
||
if a == 12 { // ERROR "Disproved Eq64$"
|
||
return 3
|
||
}
|
||
}
|
||
if x {
|
||
if a >= 12 { // ERROR "Proved Leq64$"
|
||
return 4
|
||
}
|
||
}
|
||
if x {
|
||
if a > 12 { // ERROR "Proved Less64$"
|
||
return 5
|
||
}
|
||
}
|
||
return 6
|
||
}
|
||
return 0
|
||
}
|
||
|
||
func f13b(a int, x bool) int {
|
||
if a == -9 {
|
||
if x {
|
||
if a < -9 { // ERROR "Disproved Less64$"
|
||
return 7
|
||
}
|
||
}
|
||
if x {
|
||
if a <= -9 { // ERROR "Proved Leq64$"
|
||
return 8
|
||
}
|
||
}
|
||
if x {
|
||
if a == -9 { // ERROR "Proved Eq64$"
|
||
return 9
|
||
}
|
||
}
|
||
if x {
|
||
if a >= -9 { // ERROR "Proved Leq64$"
|
||
return 10
|
||
}
|
||
}
|
||
if x {
|
||
if a > -9 { // ERROR "Disproved Less64$"
|
||
return 11
|
||
}
|
||
}
|
||
return 12
|
||
}
|
||
return 0
|
||
}
|
||
|
||
func f13c(a int, x bool) int {
|
||
if a < 90 {
|
||
if x {
|
||
if a < 90 { // ERROR "Proved Less64$"
|
||
return 13
|
||
}
|
||
}
|
||
if x {
|
||
if a <= 90 { // ERROR "Proved Leq64$"
|
||
return 14
|
||
}
|
||
}
|
||
if x {
|
||
if a == 90 { // ERROR "Disproved Eq64$"
|
||
return 15
|
||
}
|
||
}
|
||
if x {
|
||
if a >= 90 { // ERROR "Disproved Leq64$"
|
||
return 16
|
||
}
|
||
}
|
||
if x {
|
||
if a > 90 { // ERROR "Disproved Less64$"
|
||
return 17
|
||
}
|
||
}
|
||
return 18
|
||
}
|
||
return 0
|
||
}
|
||
|
||
func f13d(a int) int {
|
||
if a < 5 {
|
||
if a < 9 { // ERROR "Proved Less64$"
|
||
return 1
|
||
}
|
||
}
|
||
return 0
|
||
}
|
||
|
||
func f13e(a int) int {
|
||
if a > 9 {
|
||
if a > 5 { // ERROR "Proved Less64$"
|
||
return 1
|
||
}
|
||
}
|
||
return 0
|
||
}
|
||
|
||
func f13f(a, b int64) int64 {
|
||
if b != math.MaxInt64 {
|
||
return 42
|
||
}
|
||
if a > b { // ERROR "Disproved Less64$"
|
||
if a == 0 {
|
||
return 1
|
||
}
|
||
}
|
||
return 0
|
||
}
|
||
|
||
func f13g(a int) int {
|
||
if a < 3 {
|
||
return 5
|
||
}
|
||
if a > 3 {
|
||
return 6
|
||
}
|
||
if a == 3 { // ERROR "Proved Eq64$"
|
||
return 7
|
||
}
|
||
return 8
|
||
}
|
||
|
||
func f13h(a int) int {
|
||
if a < 3 {
|
||
if a > 1 {
|
||
if a == 2 { // ERROR "Proved Eq64$"
|
||
return 5
|
||
}
|
||
}
|
||
}
|
||
return 0
|
||
}
|
||
|
||
func f13i(a uint) int {
|
||
if a == 0 {
|
||
return 1
|
||
}
|
||
if a > 0 { // ERROR "Proved Less64U$"
|
||
return 2
|
||
}
|
||
return 3
|
||
}
|
||
|
||
func f14(p, q *int, a []int) {
|
||
// This crazy ordering usually gives i1 the lowest value ID,
|
||
// j the middle value ID, and i2 the highest value ID.
|
||
// That used to confuse CSE because it ordered the args
|
||
// of the two + ops below differently.
|
||
// That in turn foiled bounds check elimination.
|
||
i1 := *p
|
||
j := *q
|
||
i2 := *p
|
||
useInt(a[i1+j])
|
||
useInt(a[i2+j]) // ERROR "Proved IsInBounds$"
|
||
}
|
||
|
||
func f15(s []int, x int) {
|
||
useSlice(s[x:])
|
||
useSlice(s[:x]) // ERROR "Proved IsSliceInBounds$"
|
||
}
|
||
|
||
func f16(s []int) []int {
|
||
if len(s) >= 10 {
|
||
return s[:10] // ERROR "Proved IsSliceInBounds$"
|
||
}
|
||
return nil
|
||
}
|
||
|
||
func f17(b []int) {
|
||
for i := 0; i < len(b); i++ { // ERROR "Induction variable: limits \[0,\?\), increment 1$"
|
||
// This tests for i <= cap, which we can only prove
|
||
// using the derived relation between len and cap.
|
||
// This depends on finding the contradiction, since we
|
||
// don't query this condition directly.
|
||
useSlice(b[:i]) // ERROR "Proved IsSliceInBounds$"
|
||
}
|
||
}
|
||
|
||
func f18(b []int, x int, y uint) {
|
||
_ = b[x]
|
||
_ = b[y]
|
||
|
||
if x > len(b) { // ERROR "Disproved Less64$"
|
||
return
|
||
}
|
||
if y > uint(len(b)) { // ERROR "Disproved Less64U$"
|
||
return
|
||
}
|
||
if int(y) > len(b) { // ERROR "Disproved Less64$"
|
||
return
|
||
}
|
||
}
|
||
|
||
func f19() (e int64, err error) {
|
||
// Issue 29502: slice[:0] is incorrectly disproved.
|
||
var stack []int64
|
||
stack = append(stack, 123)
|
||
if len(stack) > 1 {
|
||
panic("too many elements")
|
||
}
|
||
last := len(stack) - 1
|
||
e = stack[last]
|
||
// Buggy compiler prints "Disproved Leq64" for the next line.
|
||
stack = stack[:last]
|
||
return e, nil
|
||
}
|
||
|
||
func sm1(b []int, x int) {
|
||
// Test constant argument to slicemask.
|
||
useSlice(b[2:8]) // ERROR "Proved slicemask not needed$"
|
||
// Test non-constant argument with known limits.
|
||
if cap(b) > 10 {
|
||
useSlice(b[2:])
|
||
}
|
||
}
|
||
|
||
func lim1(x, y, z int) {
|
||
// Test relations between signed and unsigned limits.
|
||
if x > 5 {
|
||
if uint(x) > 5 { // ERROR "Proved Less64U$"
|
||
return
|
||
}
|
||
}
|
||
if y >= 0 && y < 4 {
|
||
if uint(y) > 4 { // ERROR "Disproved Less64U$"
|
||
return
|
||
}
|
||
if uint(y) < 5 { // ERROR "Proved Less64U$"
|
||
return
|
||
}
|
||
}
|
||
if z < 4 {
|
||
if uint(z) > 4 { // Not provable without disjunctions.
|
||
return
|
||
}
|
||
}
|
||
}
|
||
|
||
// fence1–4 correspond to the four fence-post implications.
|
||
|
||
func fence1(b []int, x, y int) {
|
||
// Test proofs that rely on fence-post implications.
|
||
if x+1 > y {
|
||
if x < y { // ERROR "Disproved Less64$"
|
||
return
|
||
}
|
||
}
|
||
if len(b) < cap(b) {
|
||
// This eliminates the growslice path.
|
||
b = append(b, 1) // ERROR "Disproved Less64U$"
|
||
}
|
||
}
|
||
|
||
func fence2(x, y int) {
|
||
if x-1 < y {
|
||
if x > y { // ERROR "Disproved Less64$"
|
||
return
|
||
}
|
||
}
|
||
}
|
||
|
||
func fence3(b, c []int, x, y int64) {
|
||
if x-1 >= y {
|
||
if x <= y { // Can't prove because x may have wrapped.
|
||
return
|
||
}
|
||
}
|
||
|
||
if x != math.MinInt64 && x-1 >= y {
|
||
if x <= y { // ERROR "Disproved Leq64$"
|
||
return
|
||
}
|
||
}
|
||
|
||
c[len(c)-1] = 0 // Can't prove because len(c) might be 0
|
||
|
||
if n := len(b); n > 0 {
|
||
b[n-1] = 0 // ERROR "Proved IsInBounds$"
|
||
}
|
||
}
|
||
|
||
func fence4(x, y int64) {
|
||
if x >= y+1 {
|
||
if x <= y {
|
||
return
|
||
}
|
||
}
|
||
if y != math.MaxInt64 && x >= y+1 {
|
||
if x <= y { // ERROR "Disproved Leq64$"
|
||
return
|
||
}
|
||
}
|
||
}
|
||
|
||
// Check transitive relations
|
||
func trans1(x, y int64) {
|
||
if x > 5 {
|
||
if y > x {
|
||
if y > 2 { // ERROR "Proved Less64$"
|
||
return
|
||
}
|
||
} else if y == x {
|
||
if y > 5 { // ERROR "Proved Less64$"
|
||
return
|
||
}
|
||
}
|
||
}
|
||
if x >= 10 {
|
||
if y > x {
|
||
if y > 10 { // ERROR "Proved Less64$"
|
||
return
|
||
}
|
||
}
|
||
}
|
||
}
|
||
|
||
func trans2(a, b []int, i int) {
|
||
if len(a) != len(b) {
|
||
return
|
||
}
|
||
|
||
_ = a[i]
|
||
_ = b[i] // ERROR "Proved IsInBounds$"
|
||
}
|
||
|
||
func trans3(a, b []int, i int) {
|
||
if len(a) > len(b) {
|
||
return
|
||
}
|
||
|
||
_ = a[i]
|
||
_ = b[i] // ERROR "Proved IsInBounds$"
|
||
}
|
||
|
||
func trans4(b []byte, x int) {
|
||
// Issue #42603: slice len/cap transitive relations.
|
||
switch x {
|
||
case 0:
|
||
if len(b) < 20 {
|
||
return
|
||
}
|
||
_ = b[:2] // ERROR "Proved IsSliceInBounds$"
|
||
case 1:
|
||
if len(b) < 40 {
|
||
return
|
||
}
|
||
_ = b[:2] // ERROR "Proved IsSliceInBounds$"
|
||
}
|
||
}
|
||
|
||
// Derived from nat.cmp
|
||
func natcmp(x, y []uint) (r int) {
|
||
m := len(x)
|
||
n := len(y)
|
||
if m != n || m == 0 {
|
||
return
|
||
}
|
||
|
||
i := m - 1
|
||
for i > 0 && // ERROR "Induction variable: limits \(0,\?\], increment 1$"
|
||
x[i] == // ERROR "Proved IsInBounds$"
|
||
y[i] { // ERROR "Proved IsInBounds$"
|
||
i--
|
||
}
|
||
|
||
switch {
|
||
case x[i] < // todo, cannot prove this because it's dominated by i<=0 || x[i]==y[i]
|
||
y[i]: // ERROR "Proved IsInBounds$"
|
||
r = -1
|
||
case x[i] > // ERROR "Proved IsInBounds$"
|
||
y[i]: // ERROR "Proved IsInBounds$"
|
||
r = 1
|
||
}
|
||
return
|
||
}
|
||
|
||
func suffix(s, suffix string) bool {
|
||
// todo, we're still not able to drop the bound check here in the general case
|
||
return len(s) >= len(suffix) && s[len(s)-len(suffix):] == suffix
|
||
}
|
||
|
||
func constsuffix(s string) bool {
|
||
return suffix(s, "abc") // ERROR "Proved IsSliceInBounds$"
|
||
}
|
||
|
||
func atexit(foobar []func()) {
|
||
for i := len(foobar) - 1; i >= 0; i-- { // ERROR "Induction variable: limits \[0,\?\], increment 1"
|
||
f := foobar[i]
|
||
foobar = foobar[:i] // ERROR "IsSliceInBounds"
|
||
f()
|
||
}
|
||
}
|
||
|
||
func make1(n int) []int {
|
||
s := make([]int, n)
|
||
for i := 0; i < n; i++ { // ERROR "Induction variable: limits \[0,\?\), increment 1"
|
||
s[i] = 1 // ERROR "Proved IsInBounds$"
|
||
}
|
||
return s
|
||
}
|
||
|
||
func make2(n int) []int {
|
||
s := make([]int, n)
|
||
for i := range s { // ERROR "Induction variable: limits \[0,\?\), increment 1"
|
||
s[i] = 1 // ERROR "Proved IsInBounds$"
|
||
}
|
||
return s
|
||
}
|
||
|
||
// The range tests below test the index variable of range loops.
|
||
|
||
// range1 compiles to the "efficiently indexable" form of a range loop.
|
||
func range1(b []int) {
|
||
for i, v := range b { // ERROR "Induction variable: limits \[0,\?\), increment 1$"
|
||
b[i] = v + 1 // ERROR "Proved IsInBounds$"
|
||
if i < len(b) { // ERROR "Proved Less64$"
|
||
println("x")
|
||
}
|
||
if i >= 0 { // ERROR "Proved Leq64$"
|
||
println("x")
|
||
}
|
||
}
|
||
}
|
||
|
||
// range2 elements are larger, so they use the general form of a range loop.
|
||
func range2(b [][32]int) {
|
||
for i, v := range b { // ERROR "Induction variable: limits \[0,\?\), increment 1$"
|
||
b[i][0] = v[0] + 1 // ERROR "Proved IsInBounds$"
|
||
if i < len(b) { // ERROR "Proved Less64$"
|
||
println("x")
|
||
}
|
||
if i >= 0 { // ERROR "Proved Leq64$"
|
||
println("x")
|
||
}
|
||
}
|
||
}
|
||
|
||
// signhint1-2 test whether the hint (int >= 0) is propagated into the loop.
|
||
func signHint1(i int, data []byte) {
|
||
if i >= 0 {
|
||
for i < len(data) { // ERROR "Induction variable: limits \[\?,\?\), increment 1$"
|
||
_ = data[i] // ERROR "Proved IsInBounds$"
|
||
i++
|
||
}
|
||
}
|
||
}
|
||
|
||
func signHint2(b []byte, n int) {
|
||
if n < 0 {
|
||
panic("")
|
||
}
|
||
_ = b[25]
|
||
for i := n; i <= 25; i++ { // ERROR "Induction variable: limits \[\?,25\], increment 1$"
|
||
b[i] = 123 // ERROR "Proved IsInBounds$"
|
||
}
|
||
}
|
||
|
||
// indexGT0 tests whether prove learns int index >= 0 from bounds check.
|
||
func indexGT0(b []byte, n int) {
|
||
_ = b[n]
|
||
_ = b[25]
|
||
|
||
for i := n; i <= 25; i++ { // ERROR "Induction variable: limits \[\?,25\], increment 1$"
|
||
b[i] = 123 // ERROR "Proved IsInBounds$"
|
||
}
|
||
}
|
||
|
||
// Induction variable in unrolled loop.
|
||
func unrollUpExcl(a []int) int {
|
||
var i, x int
|
||
for i = 0; i < len(a)-1; i += 2 { // ERROR "Induction variable: limits \[0,\?\), increment 2$"
|
||
x += a[i] // ERROR "Proved IsInBounds$"
|
||
x += a[i+1]
|
||
}
|
||
if i == len(a)-1 {
|
||
x += a[i]
|
||
}
|
||
return x
|
||
}
|
||
|
||
// Induction variable in unrolled loop.
|
||
func unrollUpIncl(a []int) int {
|
||
var i, x int
|
||
for i = 0; i <= len(a)-2; i += 2 { // ERROR "Induction variable: limits \[0,\?\], increment 2$"
|
||
x += a[i] // ERROR "Proved IsInBounds$"
|
||
x += a[i+1]
|
||
}
|
||
if i == len(a)-1 {
|
||
x += a[i]
|
||
}
|
||
return x
|
||
}
|
||
|
||
// Induction variable in unrolled loop.
|
||
func unrollDownExcl0(a []int) int {
|
||
var i, x int
|
||
for i = len(a) - 1; i > 0; i -= 2 { // ERROR "Induction variable: limits \(0,\?\], increment 2$"
|
||
x += a[i] // ERROR "Proved IsInBounds$"
|
||
x += a[i-1] // ERROR "Proved IsInBounds$"
|
||
}
|
||
if i == 0 {
|
||
x += a[i]
|
||
}
|
||
return x
|
||
}
|
||
|
||
// Induction variable in unrolled loop.
|
||
func unrollDownExcl1(a []int) int {
|
||
var i, x int
|
||
for i = len(a) - 1; i >= 1; i -= 2 { // ERROR "Induction variable: limits \(0,\?\], increment 2$"
|
||
x += a[i] // ERROR "Proved IsInBounds$"
|
||
x += a[i-1] // ERROR "Proved IsInBounds$"
|
||
}
|
||
if i == 0 {
|
||
x += a[i]
|
||
}
|
||
return x
|
||
}
|
||
|
||
// Induction variable in unrolled loop.
|
||
func unrollDownInclStep(a []int) int {
|
||
var i, x int
|
||
for i = len(a); i >= 2; i -= 2 { // ERROR "Induction variable: limits \[2,\?\], increment 2$"
|
||
x += a[i-1] // ERROR "Proved IsInBounds$"
|
||
x += a[i-2] // ERROR "Proved IsInBounds$"
|
||
}
|
||
if i == 1 {
|
||
x += a[i-1]
|
||
}
|
||
return x
|
||
}
|
||
|
||
// Not an induction variable (step too large)
|
||
func unrollExclStepTooLarge(a []int) int {
|
||
var i, x int
|
||
for i = 0; i < len(a)-1; i += 3 {
|
||
x += a[i]
|
||
x += a[i+1]
|
||
}
|
||
if i == len(a)-1 {
|
||
x += a[i]
|
||
}
|
||
return x
|
||
}
|
||
|
||
// Not an induction variable (step too large)
|
||
func unrollInclStepTooLarge(a []int) int {
|
||
var i, x int
|
||
for i = 0; i <= len(a)-2; i += 3 {
|
||
x += a[i]
|
||
x += a[i+1]
|
||
}
|
||
if i == len(a)-1 {
|
||
x += a[i]
|
||
}
|
||
return x
|
||
}
|
||
|
||
// Not an induction variable (min too small, iterating down)
|
||
func unrollDecMin(a []int, b int) int {
|
||
if b != math.MinInt64 {
|
||
return 42
|
||
}
|
||
var i, x int
|
||
for i = len(a); i >= b; i -= 2 { // ERROR "Proved Leq64"
|
||
x += a[i-1]
|
||
x += a[i-2]
|
||
}
|
||
if i == 1 {
|
||
x += a[i-1]
|
||
}
|
||
return x
|
||
}
|
||
|
||
// Not an induction variable (min too small, iterating up -- perhaps could allow, but why bother?)
|
||
func unrollIncMin(a []int, b int) int {
|
||
if b != math.MinInt64 {
|
||
return 42
|
||
}
|
||
var i, x int
|
||
for i = len(a); i >= b; i += 2 { // ERROR "Proved Leq64"
|
||
x += a[i-1]
|
||
x += a[i-2]
|
||
}
|
||
if i == 1 {
|
||
x += a[i-1]
|
||
}
|
||
return x
|
||
}
|
||
|
||
// The 4 xxxxExtNto64 functions below test whether prove is looking
|
||
// through value-preserving sign/zero extensions of index values (issue #26292).
|
||
|
||
// Look through all extensions
|
||
func signExtNto64(x []int, j8 int8, j16 int16, j32 int32) int {
|
||
if len(x) < 22 {
|
||
return 0
|
||
}
|
||
if j8 >= 0 && j8 < 22 {
|
||
return x[j8] // ERROR "Proved IsInBounds$"
|
||
}
|
||
if j16 >= 0 && j16 < 22 {
|
||
return x[j16] // ERROR "Proved IsInBounds$"
|
||
}
|
||
if j32 >= 0 && j32 < 22 {
|
||
return x[j32] // ERROR "Proved IsInBounds$"
|
||
}
|
||
return 0
|
||
}
|
||
|
||
func zeroExtNto64(x []int, j8 uint8, j16 uint16, j32 uint32) int {
|
||
if len(x) < 22 {
|
||
return 0
|
||
}
|
||
if j8 >= 0 && j8 < 22 {
|
||
return x[j8] // ERROR "Proved IsInBounds$"
|
||
}
|
||
if j16 >= 0 && j16 < 22 {
|
||
return x[j16] // ERROR "Proved IsInBounds$"
|
||
}
|
||
if j32 >= 0 && j32 < 22 {
|
||
return x[j32] // ERROR "Proved IsInBounds$"
|
||
}
|
||
return 0
|
||
}
|
||
|
||
// Process fence-post implications through 32to64 extensions (issue #29964)
|
||
func signExt32to64Fence(x []int, j int32) int {
|
||
if x[j] != 0 {
|
||
return 1
|
||
}
|
||
if j > 0 && x[j-1] != 0 { // ERROR "Proved IsInBounds$"
|
||
return 1
|
||
}
|
||
return 0
|
||
}
|
||
|
||
func zeroExt32to64Fence(x []int, j uint32) int {
|
||
if x[j] != 0 {
|
||
return 1
|
||
}
|
||
if j > 0 && x[j-1] != 0 { // ERROR "Proved IsInBounds$"
|
||
return 1
|
||
}
|
||
return 0
|
||
}
|
||
|
||
// Ensure that bounds checks with negative indexes are not incorrectly removed.
|
||
func negIndex() {
|
||
n := make([]int, 1)
|
||
for i := -1; i <= 0; i++ { // ERROR "Induction variable: limits \[-1,0\], increment 1$"
|
||
n[i] = 1
|
||
}
|
||
}
|
||
func negIndex2(n int) {
|
||
a := make([]int, 5)
|
||
b := make([]int, 5)
|
||
c := make([]int, 5)
|
||
for i := -1; i <= 0; i-- {
|
||
b[i] = i
|
||
n++
|
||
if n > 10 {
|
||
break
|
||
}
|
||
}
|
||
useSlice(a)
|
||
useSlice(c)
|
||
}
|
||
|
||
// Check that prove is zeroing these right shifts of positive ints by bit-width - 1.
|
||
// e.g (Rsh64x64 <t> n (Const64 <typ.UInt64> [63])) && ft.isNonNegative(n) -> 0
|
||
func sh64(n int64) int64 {
|
||
if n < 0 {
|
||
return n
|
||
}
|
||
return n >> 63 // ERROR "Proved Rsh64x64 shifts to zero"
|
||
}
|
||
|
||
func sh32(n int32) int32 {
|
||
if n < 0 {
|
||
return n
|
||
}
|
||
return n >> 31 // ERROR "Proved Rsh32x64 shifts to zero"
|
||
}
|
||
|
||
func sh32x64(n int32) int32 {
|
||
if n < 0 {
|
||
return n
|
||
}
|
||
return n >> uint64(31) // ERROR "Proved Rsh32x64 shifts to zero"
|
||
}
|
||
|
||
func sh16(n int16) int16 {
|
||
if n < 0 {
|
||
return n
|
||
}
|
||
return n >> 15 // ERROR "Proved Rsh16x64 shifts to zero"
|
||
}
|
||
|
||
func sh64noopt(n int64) int64 {
|
||
return n >> 63 // not optimized; n could be negative
|
||
}
|
||
|
||
// These cases are division of a positive signed integer by a power of 2.
|
||
// The opt pass doesnt have sufficient information to see that n is positive.
|
||
// So, instead, opt rewrites the division with a less-than-optimal replacement.
|
||
// Prove, which can see that n is nonnegative, cannot see the division because
|
||
// opt, an earlier pass, has already replaced it.
|
||
// The fix for this issue allows prove to zero a right shift that was added as
|
||
// part of the less-than-optimal reqwrite. That change by prove then allows
|
||
// lateopt to clean up all the unnecessary parts of the original division
|
||
// replacement. See issue #36159.
|
||
func divShiftClean(n int) int {
|
||
if n < 0 {
|
||
return n
|
||
}
|
||
return n / int(8) // ERROR "Proved Rsh64x64 shifts to zero"
|
||
}
|
||
|
||
func divShiftClean64(n int64) int64 {
|
||
if n < 0 {
|
||
return n
|
||
}
|
||
return n / int64(16) // ERROR "Proved Rsh64x64 shifts to zero"
|
||
}
|
||
|
||
func divShiftClean32(n int32) int32 {
|
||
if n < 0 {
|
||
return n
|
||
}
|
||
return n / int32(16) // ERROR "Proved Rsh32x64 shifts to zero"
|
||
}
|
||
|
||
// Bounds check elimination
|
||
|
||
func sliceBCE1(p []string, h uint) string {
|
||
if len(p) == 0 {
|
||
return ""
|
||
}
|
||
|
||
i := h & uint(len(p)-1)
|
||
return p[i] // ERROR "Proved IsInBounds$"
|
||
}
|
||
|
||
func sliceBCE2(p []string, h int) string {
|
||
if len(p) == 0 {
|
||
return ""
|
||
}
|
||
i := h & (len(p) - 1)
|
||
return p[i] // ERROR "Proved IsInBounds$"
|
||
}
|
||
|
||
func and(p []byte) ([]byte, []byte) { // issue #52563
|
||
const blocksize = 16
|
||
fullBlocks := len(p) &^ (blocksize - 1)
|
||
blk := p[:fullBlocks] // ERROR "Proved IsSliceInBounds$"
|
||
rem := p[fullBlocks:] // ERROR "Proved IsSliceInBounds$"
|
||
return blk, rem
|
||
}
|
||
|
||
func rshu(x, y uint) int {
|
||
z := x >> y
|
||
if z <= x { // ERROR "Proved Leq64U$"
|
||
return 1
|
||
}
|
||
return 0
|
||
}
|
||
|
||
func divu(x, y uint) int {
|
||
z := x / y
|
||
if z <= x { // ERROR "Proved Leq64U$"
|
||
return 1
|
||
}
|
||
return 0
|
||
}
|
||
|
||
func modu1(x, y uint) int {
|
||
z := x % y
|
||
if z < y { // ERROR "Proved Less64U$"
|
||
return 1
|
||
}
|
||
return 0
|
||
}
|
||
|
||
func modu2(x, y uint) int {
|
||
z := x % y
|
||
if z <= x { // ERROR "Proved Leq64U$"
|
||
return 1
|
||
}
|
||
return 0
|
||
}
|
||
|
||
func issue57077(s []int) (left, right []int) {
|
||
middle := len(s) / 2
|
||
left = s[:middle] // ERROR "Proved IsSliceInBounds$"
|
||
right = s[middle:] // ERROR "Proved IsSliceInBounds$"
|
||
return
|
||
}
|
||
|
||
func issue51622(b []byte) int {
|
||
if len(b) >= 3 && b[len(b)-3] == '#' { // ERROR "Proved IsInBounds$"
|
||
return len(b)
|
||
}
|
||
return 0
|
||
}
|
||
|
||
func issue45928(x int) {
|
||
combinedFrac := x / (x | (1 << 31)) // ERROR "Proved Neq64$"
|
||
useInt(combinedFrac)
|
||
}
|
||
|
||
func constantBounds1(i, j uint) int {
|
||
var a [10]int
|
||
if j < 11 && i < j {
|
||
return a[i] // ERROR "Proved IsInBounds$"
|
||
}
|
||
return 0
|
||
}
|
||
|
||
func constantBounds2(i, j uint) int {
|
||
var a [10]int
|
||
if i < j && j < 11 {
|
||
return a[i] // ERROR "Proved IsInBounds"
|
||
}
|
||
return 0
|
||
}
|
||
|
||
func constantBounds3(i, j, k, l uint) int {
|
||
var a [8]int
|
||
if i < j && j < k && k < l && l < 11 {
|
||
return a[i] // ERROR "Proved IsInBounds"
|
||
}
|
||
return 0
|
||
}
|
||
|
||
func equalityPropagation(a [1]int, i, j uint) int {
|
||
if i == j && i == 5 {
|
||
return a[j-5] // ERROR "Proved IsInBounds"
|
||
}
|
||
return 0
|
||
}
|
||
func inequalityPropagation(a [1]int, i, j uint) int {
|
||
if i != j && j >= 5 && j <= 6 && i == 5 {
|
||
return a[j-6] // ERROR "Proved IsInBounds"
|
||
}
|
||
return 0
|
||
}
|
||
|
||
func issue66826a(a [21]byte) {
|
||
for i := 0; i <= 10; i++ { // ERROR "Induction variable: limits \[0,10\], increment 1$"
|
||
_ = a[2*i] // ERROR "Proved IsInBounds"
|
||
}
|
||
}
|
||
func issue66826b(a [31]byte, i int) {
|
||
if i < 0 || i > 10 {
|
||
return
|
||
}
|
||
_ = a[3*i] // ERROR "Proved IsInBounds"
|
||
}
|
||
|
||
func f20(a, b bool) int {
|
||
if a == b {
|
||
if a {
|
||
if b { // ERROR "Proved Arg"
|
||
return 1
|
||
}
|
||
}
|
||
}
|
||
return 0
|
||
}
|
||
|
||
func f21(a, b *int) int {
|
||
if a == b {
|
||
if a != nil {
|
||
if b != nil { // ERROR "Proved IsNonNil"
|
||
return 1
|
||
}
|
||
}
|
||
}
|
||
return 0
|
||
}
|
||
|
||
func f22(b bool, x, y int) int {
|
||
b2 := x < y
|
||
if b == b2 {
|
||
if b {
|
||
if x >= y { // ERROR "Disproved Leq64$"
|
||
return 1
|
||
}
|
||
}
|
||
}
|
||
return 0
|
||
}
|
||
|
||
func ctz64(x uint64, ensureBothBranchesCouldHappen bool) int {
|
||
const max = math.MaxUint64
|
||
sz := bits.Len64(max)
|
||
|
||
log2half := uint64(max) >> (sz / 2)
|
||
if x >= log2half || x == 0 {
|
||
return 42
|
||
}
|
||
|
||
y := bits.TrailingZeros64(x) // ERROR "Proved Ctz64 non-zero$""
|
||
|
||
z := sz / 2
|
||
if ensureBothBranchesCouldHappen {
|
||
if y < z { // ERROR "Proved Less64$"
|
||
return -42
|
||
}
|
||
} else {
|
||
if y >= z { // ERROR "Disproved Leq64$"
|
||
return 1337
|
||
}
|
||
}
|
||
|
||
return y
|
||
}
|
||
func ctz32(x uint32, ensureBothBranchesCouldHappen bool) int {
|
||
const max = math.MaxUint32
|
||
sz := bits.Len32(max)
|
||
|
||
log2half := uint32(max) >> (sz / 2)
|
||
if x >= log2half || x == 0 {
|
||
return 42
|
||
}
|
||
|
||
y := bits.TrailingZeros32(x) // ERROR "Proved Ctz32 non-zero$""
|
||
|
||
z := sz / 2
|
||
if ensureBothBranchesCouldHappen {
|
||
if y < z { // ERROR "Proved Less64$"
|
||
return -42
|
||
}
|
||
} else {
|
||
if y >= z { // ERROR "Disproved Leq64$"
|
||
return 1337
|
||
}
|
||
}
|
||
|
||
return y
|
||
}
|
||
func ctz16(x uint16, ensureBothBranchesCouldHappen bool) int {
|
||
const max = math.MaxUint16
|
||
sz := bits.Len16(max)
|
||
|
||
log2half := uint16(max) >> (sz / 2)
|
||
if x >= log2half || x == 0 {
|
||
return 42
|
||
}
|
||
|
||
y := bits.TrailingZeros16(x) // ERROR "Proved Ctz16 non-zero$""
|
||
|
||
z := sz / 2
|
||
if ensureBothBranchesCouldHappen {
|
||
if y < z { // ERROR "Proved Less64$"
|
||
return -42
|
||
}
|
||
} else {
|
||
if y >= z { // ERROR "Disproved Leq64$"
|
||
return 1337
|
||
}
|
||
}
|
||
|
||
return y
|
||
}
|
||
func ctz8(x uint8, ensureBothBranchesCouldHappen bool) int {
|
||
const max = math.MaxUint8
|
||
sz := bits.Len8(max)
|
||
|
||
log2half := uint8(max) >> (sz / 2)
|
||
if x >= log2half || x == 0 {
|
||
return 42
|
||
}
|
||
|
||
y := bits.TrailingZeros8(x) // ERROR "Proved Ctz8 non-zero$""
|
||
|
||
z := sz / 2
|
||
if ensureBothBranchesCouldHappen {
|
||
if y < z { // ERROR "Proved Less64$"
|
||
return -42
|
||
}
|
||
} else {
|
||
if y >= z { // ERROR "Disproved Leq64$"
|
||
return 1337
|
||
}
|
||
}
|
||
|
||
return y
|
||
}
|
||
|
||
func bitLen64(x uint64, ensureBothBranchesCouldHappen bool) int {
|
||
const max = math.MaxUint64
|
||
sz := bits.Len64(max)
|
||
|
||
if x >= max>>3 {
|
||
return 42
|
||
}
|
||
if x <= max>>6 {
|
||
return 42
|
||
}
|
||
|
||
y := bits.Len64(x)
|
||
|
||
if ensureBothBranchesCouldHappen {
|
||
if sz-6 <= y && y <= sz-3 { // ERROR "Proved Leq64$"
|
||
return -42
|
||
}
|
||
} else {
|
||
if y < sz-6 || sz-3 < y { // ERROR "Disproved Less64$"
|
||
return 1337
|
||
}
|
||
}
|
||
return y
|
||
}
|
||
func bitLen32(x uint32, ensureBothBranchesCouldHappen bool) int {
|
||
const max = math.MaxUint32
|
||
sz := bits.Len32(max)
|
||
|
||
if x >= max>>3 {
|
||
return 42
|
||
}
|
||
if x <= max>>6 {
|
||
return 42
|
||
}
|
||
|
||
y := bits.Len32(x)
|
||
|
||
if ensureBothBranchesCouldHappen {
|
||
if sz-6 <= y && y <= sz-3 { // ERROR "Proved Leq64$"
|
||
return -42
|
||
}
|
||
} else {
|
||
if y < sz-6 || sz-3 < y { // ERROR "Disproved Less64$"
|
||
return 1337
|
||
}
|
||
}
|
||
return y
|
||
}
|
||
func bitLen16(x uint16, ensureBothBranchesCouldHappen bool) int {
|
||
const max = math.MaxUint16
|
||
sz := bits.Len16(max)
|
||
|
||
if x >= max>>3 {
|
||
return 42
|
||
}
|
||
if x <= max>>6 {
|
||
return 42
|
||
}
|
||
|
||
y := bits.Len16(x)
|
||
|
||
if ensureBothBranchesCouldHappen {
|
||
if sz-6 <= y && y <= sz-3 { // ERROR "Proved Leq64$"
|
||
return -42
|
||
}
|
||
} else {
|
||
if y < sz-6 || sz-3 < y { // ERROR "Disproved Less64$"
|
||
return 1337
|
||
}
|
||
}
|
||
return y
|
||
}
|
||
func bitLen8(x uint8, ensureBothBranchesCouldHappen bool) int {
|
||
const max = math.MaxUint8
|
||
sz := bits.Len8(max)
|
||
|
||
if x >= max>>3 {
|
||
return 42
|
||
}
|
||
if x <= max>>6 {
|
||
return 42
|
||
}
|
||
|
||
y := bits.Len8(x)
|
||
|
||
if ensureBothBranchesCouldHappen {
|
||
if sz-6 <= y && y <= sz-3 { // ERROR "Proved Leq64$"
|
||
return -42
|
||
}
|
||
} else {
|
||
if y < sz-6 || sz-3 < y { // ERROR "Disproved Less64$"
|
||
return 1337
|
||
}
|
||
}
|
||
return y
|
||
}
|
||
|
||
func xor64(a, b uint64, ensureBothBranchesCouldHappen bool) int {
|
||
a &= 0xff
|
||
b &= 0xfff
|
||
|
||
z := a ^ b
|
||
|
||
if ensureBothBranchesCouldHappen {
|
||
if z > 0xfff { // ERROR "Disproved Less64U$"
|
||
return 42
|
||
}
|
||
} else {
|
||
if z <= 0xfff { // ERROR "Proved Leq64U$"
|
||
return 1337
|
||
}
|
||
}
|
||
return int(z)
|
||
}
|
||
|
||
func or64(a, b uint64, ensureBothBranchesCouldHappen bool) int {
|
||
a &= 0xff
|
||
b &= 0xfff
|
||
|
||
z := a | b
|
||
|
||
if ensureBothBranchesCouldHappen {
|
||
if z > 0xfff { // ERROR "Disproved Less64U$"
|
||
return 42
|
||
}
|
||
} else {
|
||
if z <= 0xfff { // ERROR "Proved Leq64U$"
|
||
return 1337
|
||
}
|
||
}
|
||
return int(z)
|
||
}
|
||
|
||
func mod64uWithSmallerDividendMax(a, b uint64, ensureBothBranchesCouldHappen bool) int {
|
||
a &= 0xff
|
||
b &= 0xfff
|
||
|
||
z := bits.Len64(a % b) // see go.dev/issue/68857 for bits.Len64
|
||
|
||
if ensureBothBranchesCouldHappen {
|
||
if z > bits.Len64(0xff) { // ERROR "Disproved Less64$"
|
||
return 42
|
||
}
|
||
} else {
|
||
if z <= bits.Len64(0xff) { // ERROR "Proved Leq64$"
|
||
return 1337
|
||
}
|
||
}
|
||
return z
|
||
}
|
||
func mod64uWithSmallerDivisorMax(a, b uint64, ensureBothBranchesCouldHappen bool) int {
|
||
a &= 0xfff
|
||
b &= 0x10 // we need bits.Len64(b.umax) != bits.Len64(b.umax-1)
|
||
|
||
z := bits.Len64(a % b) // see go.dev/issue/68857 for bits.Len64
|
||
|
||
if ensureBothBranchesCouldHappen {
|
||
if z > bits.Len64(0x10-1) { // ERROR "Disproved Less64$"
|
||
return 42
|
||
}
|
||
} else {
|
||
if z <= bits.Len64(0x10-1) { // ERROR "Proved Leq64$"
|
||
return 1337
|
||
}
|
||
}
|
||
return z
|
||
}
|
||
func mod64uWithIdenticalMax(a, b uint64, ensureBothBranchesCouldHappen bool) int {
|
||
a &= 0x10
|
||
b &= 0x10 // we need bits.Len64(b.umax) != bits.Len64(b.umax-1)
|
||
|
||
z := bits.Len64(a % b) // see go.dev/issue/68857 for bits.Len64
|
||
|
||
if ensureBothBranchesCouldHappen {
|
||
if z > bits.Len64(0x10-1) { // ERROR "Disproved Less64$"
|
||
return 42
|
||
}
|
||
} else {
|
||
if z <= bits.Len64(0x10-1) { // ERROR "Proved Leq64$"
|
||
return 1337
|
||
}
|
||
}
|
||
return z
|
||
}
|
||
func mod64sPositiveWithSmallerDividendMax(a, b int64, ensureBothBranchesCouldHappen bool) int64 {
|
||
if a < 0 || b < 0 {
|
||
return 42
|
||
}
|
||
a &= 0xff
|
||
b &= 0xfff
|
||
|
||
z := a % b // ERROR "Proved Mod64 does not need fix-up$"
|
||
|
||
if ensureBothBranchesCouldHappen {
|
||
if z > 0xff { // ERROR "Disproved Less64$"
|
||
return 42
|
||
}
|
||
} else {
|
||
if z <= 0xff { // ERROR "Proved Leq64$"
|
||
return 1337
|
||
}
|
||
}
|
||
return z
|
||
}
|
||
func mod64sPositiveWithSmallerDivisorMax(a, b int64, ensureBothBranchesCouldHappen bool) int64 {
|
||
if a < 0 || b < 0 {
|
||
return 42
|
||
}
|
||
a &= 0xfff
|
||
b &= 0xff
|
||
|
||
z := a % b // ERROR "Proved Mod64 does not need fix-up$"
|
||
|
||
if ensureBothBranchesCouldHappen {
|
||
if z > 0xff-1 { // ERROR "Disproved Less64$"
|
||
return 42
|
||
}
|
||
} else {
|
||
if z <= 0xff-1 { // ERROR "Proved Leq64$"
|
||
return 1337
|
||
}
|
||
}
|
||
return z
|
||
}
|
||
func mod64sPositiveWithIdenticalMax(a, b int64, ensureBothBranchesCouldHappen bool) int64 {
|
||
if a < 0 || b < 0 {
|
||
return 42
|
||
}
|
||
a &= 0xfff
|
||
b &= 0xfff
|
||
|
||
z := a % b // ERROR "Proved Mod64 does not need fix-up$"
|
||
|
||
if ensureBothBranchesCouldHappen {
|
||
if z > 0xfff-1 { // ERROR "Disproved Less64$"
|
||
return 42
|
||
}
|
||
} else {
|
||
if z <= 0xfff-1 { // ERROR "Proved Leq64$"
|
||
return 1337
|
||
}
|
||
}
|
||
return z
|
||
}
|
||
|
||
func div64u(a, b uint64, ensureAllBranchesCouldHappen func() bool) uint64 {
|
||
a &= 0xffff
|
||
a |= 0xfff
|
||
b &= 0xff
|
||
b |= 0xf
|
||
|
||
z := a / b // ERROR "Proved Neq64$"
|
||
|
||
if ensureAllBranchesCouldHappen() && z > 0xffff/0xf { // ERROR "Disproved Less64U$"
|
||
return 42
|
||
}
|
||
if ensureAllBranchesCouldHappen() && z <= 0xffff/0xf { // ERROR "Proved Leq64U$"
|
||
return 1337
|
||
}
|
||
if ensureAllBranchesCouldHappen() && z < 0xfff/0xff { // ERROR "Disproved Less64U$"
|
||
return 42
|
||
}
|
||
if ensureAllBranchesCouldHappen() && z >= 0xfff/0xff { // ERROR "Proved Leq64U$"
|
||
return 42
|
||
}
|
||
return z
|
||
}
|
||
func div64s(a, b int64, ensureAllBranchesCouldHappen func() bool) int64 {
|
||
if a < 0 || b < 0 {
|
||
return 42
|
||
}
|
||
a &= 0xffff
|
||
a |= 0xfff
|
||
b &= 0xff
|
||
b |= 0xf
|
||
|
||
z := a / b // ERROR "(Proved Div64 does not need fix-up|Proved Neq64)$"
|
||
|
||
if ensureAllBranchesCouldHappen() && z > 0xffff/0xf { // ERROR "Disproved Less64$"
|
||
return 42
|
||
}
|
||
if ensureAllBranchesCouldHappen() && z <= 0xffff/0xf { // ERROR "Proved Leq64$"
|
||
return 1337
|
||
}
|
||
if ensureAllBranchesCouldHappen() && z < 0xfff/0xff { // ERROR "Disproved Less64$"
|
||
return 42
|
||
}
|
||
if ensureAllBranchesCouldHappen() && z >= 0xfff/0xff { // ERROR "Proved Leq64$"
|
||
return 42
|
||
}
|
||
return z
|
||
}
|
||
|
||
func trunc64to16(a uint64, ensureAllBranchesCouldHappen func() bool) uint16 {
|
||
a &= 0xfff
|
||
a |= 0xff
|
||
|
||
z := uint16(a)
|
||
if ensureAllBranchesCouldHappen() && z > 0xfff { // ERROR "Disproved Less16U$"
|
||
return 42
|
||
}
|
||
if ensureAllBranchesCouldHappen() && z <= 0xfff { // ERROR "Proved Leq16U$"
|
||
return 1337
|
||
}
|
||
if ensureAllBranchesCouldHappen() && z < 0xff { // ERROR "Disproved Less16U$"
|
||
return 42
|
||
}
|
||
if ensureAllBranchesCouldHappen() && z >= 0xff { // ERROR "Proved Leq16U$"
|
||
return 1337
|
||
}
|
||
return z
|
||
}
|
||
|
||
func com64(a uint64, ensureAllBranchesCouldHappen func() bool) uint64 {
|
||
a &= 0xffff
|
||
a |= 0xff
|
||
|
||
z := ^a
|
||
|
||
if ensureAllBranchesCouldHappen() && z > ^uint64(0xff) { // ERROR "Disproved Less64U$"
|
||
return 42
|
||
}
|
||
if ensureAllBranchesCouldHappen() && z <= ^uint64(0xff) { // ERROR "Proved Leq64U$"
|
||
return 1337
|
||
}
|
||
if ensureAllBranchesCouldHappen() && z < ^uint64(0xffff) { // ERROR "Disproved Less64U$"
|
||
return 42
|
||
}
|
||
if ensureAllBranchesCouldHappen() && z >= ^uint64(0xffff) { // ERROR "Proved Leq64U$"
|
||
return 1337
|
||
}
|
||
return z
|
||
}
|
||
|
||
func neg64(a uint64, ensureAllBranchesCouldHappen func() bool) uint64 {
|
||
var lo, hi uint64 = 0xff, 0xfff
|
||
a &= hi
|
||
a |= lo
|
||
|
||
z := -a
|
||
|
||
if ensureAllBranchesCouldHappen() && z > -lo { // ERROR "Disproved Less64U$"
|
||
return 42
|
||
}
|
||
if ensureAllBranchesCouldHappen() && z <= -lo { // ERROR "Proved Leq64U$"
|
||
return 1337
|
||
}
|
||
if ensureAllBranchesCouldHappen() && z < -hi { // ERROR "Disproved Less64U$"
|
||
return 42
|
||
}
|
||
if ensureAllBranchesCouldHappen() && z >= -hi { // ERROR "Proved Leq64U$"
|
||
return 1337
|
||
}
|
||
return z
|
||
}
|
||
func neg64mightOverflowDuringNeg(a uint64, ensureAllBranchesCouldHappen func() bool) uint64 {
|
||
var lo, hi uint64 = 0, 0xfff
|
||
a &= hi
|
||
a |= lo
|
||
|
||
z := -a
|
||
|
||
if ensureAllBranchesCouldHappen() && z > -lo {
|
||
return 42
|
||
}
|
||
if ensureAllBranchesCouldHappen() && z <= -lo {
|
||
return 1337
|
||
}
|
||
if ensureAllBranchesCouldHappen() && z < -hi {
|
||
return 42
|
||
}
|
||
if ensureAllBranchesCouldHappen() && z >= -hi {
|
||
return 1337
|
||
}
|
||
return z
|
||
}
|
||
|
||
func phiMin(a, b []byte) {
|
||
_ = a[:min(len(a), len(b))] // ERROR "Proved IsSliceInBounds"
|
||
_ = b[:min(len(a), len(b))] // ERROR "Proved IsSliceInBounds"
|
||
_ = a[:max(len(a), len(b))]
|
||
_ = b[:max(len(a), len(b))]
|
||
x := len(a)
|
||
if x > len(b) {
|
||
x = len(b)
|
||
useInt(0)
|
||
}
|
||
_ = a[:x] // ERROR "Proved IsSliceInBounds"
|
||
y := len(a)
|
||
if y > len(b) {
|
||
y = len(b)
|
||
useInt(0)
|
||
} else {
|
||
useInt(1)
|
||
}
|
||
_ = b[:y] // ERROR "Proved IsSliceInBounds"
|
||
}
|
||
|
||
func issue16833(a, b []byte) {
|
||
n := copy(a, b)
|
||
_ = a[n:] // ERROR "Proved IsSliceInBounds"
|
||
_ = b[n:] // ERROR "Proved IsSliceInBounds"
|
||
_ = a[:n] // ERROR "Proved IsSliceInBounds"
|
||
_ = b[:n] // ERROR "Proved IsSliceInBounds"
|
||
}
|
||
|
||
func clampedIdx1(x []int, i int) int {
|
||
if len(x) == 0 {
|
||
return 0
|
||
}
|
||
return x[min(max(0, i), len(x)-1)] // ERROR "Proved IsInBounds"
|
||
}
|
||
func clampedIdx2(x []int, i int) int {
|
||
if len(x) == 0 {
|
||
return 0
|
||
}
|
||
return x[max(min(i, len(x)-1), 0)] // TODO: can't get rid of this bounds check yet
|
||
}
|
||
|
||
func cvtBoolToUint8Disprove(b bool) byte {
|
||
var c byte
|
||
if b {
|
||
c = 1
|
||
}
|
||
if c == 2 { // ERROR "Disproved Eq8"
|
||
c = 3
|
||
}
|
||
return c
|
||
}
|
||
func cvtBoolToUint8BCE(b bool, a [2]int64) int64 {
|
||
c := byte(0)
|
||
if b {
|
||
c = 1
|
||
}
|
||
return a[c] // ERROR "Proved IsInBounds$"
|
||
}
|
||
|
||
//go:noinline
|
||
func useInt(a int) {
|
||
}
|
||
|
||
//go:noinline
|
||
func useSlice(a []int) {
|
||
}
|
||
|
||
func main() {
|
||
}
|