-
Notifications
You must be signed in to change notification settings - Fork 0
/
Fr_bnot.ini
90 lines (77 loc) · 2.77 KB
/
Fr_bnot.ini
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
rdi := nondet as dst ## initialize the first argument
rsi := nondet as src ## initialize the second argument
#rdx := nondet as temp
assume dst & 0b111 = 0 ## alignment constraint
assume src & 0b111 = 0 ## alignment constraint
assume 0x3000 <= dst <= 0x4000 ## arbitrary range
assume 0x5000 <= src <= 0x6000 ## arbitrary range
starting from <Fr_bnot> with
assume 0x7ffff000000 <= rsp <= 0x7ffff800000
#assume 0 <=u rdx <=u 0xffffffffffffffff
#assume 0 <= rdx <= 0x0000000000000100
#assume @[src, 40] = 0x0000000000000000000000000000000000000000000000000000000000001000800000008fffffff
#assume @[dst, 40] = 0x07359fa88c59c9e89f6e5c105a695dd60d0e939ee8c1e556e4a771fc5ab5b8ba0000000001000000
#assume @[src+8, 32] = 0x0000000000000000000000000000000000000000000000000000000000000000
#assume @[dst+8, 32] = 0x0000000000000000000000000000000000000000000000000000000000000000
@[rsp, 8] := <Fr_bnot:last>
q[0, 32] := 0x30644e72e131a029b85045b68181585d2833e84879b9709143e1f593f0000001
@[0x7ffff8aaaa1, 8] := <Fr_toLongNormal>
@[0x7ffffbbbbb1, 8] := <Fr_toNormal>
end
replace <Fr_toLongNormal> by
if @[src, 40]{63} = 0 then
if (@[src, 4]{31}) = 0 then
@[src + 8, 4] := @[src, 4]
@[src + 12, 4] := 0
@[src + 16, 8] := 0
@[src + 24, 8] := 0
@[src + 32, 8] := 0
else
@[src + 8, 32] := sext256 @[src, 4] + q[0, 32]
end
end
@[src, 8] := 0x8000000000000000
return
end
replace <Fr_toNormal> by
print @[src, 40]
if @[src, 40]{63} = 1 && @[src, 40]{62} = 1 then
Rr[0, 32]:= 0x15ebf95182c5551cc8260de4aeb85d5d090ef5a9e111ec87dc5ba0056db1194e
reverse[0,64] := uext512 @[src+8, 32] * uext512 Rr[0, 32] % uext512 q[0, 32]
@[src + 8, 32] := reverse[0,32]
end
@[src, 8] := 0x8000000000000000
return
end
replace <Fr_bnot:last> by
eq<1> := true
eq := eq && @[dst+4, 4] = 0x80000000
print @[src, 40]
print ~@[src+8, 32]
print ~@[src+8, 32] - q[0,32]
print @[dst+8, 32]
if ~@[src+8, 32] >= q[0, 32] then
before[0, 32] := ~@[src+8, 32]
mask[0, 8] := 0x3fffffffffffffff
before[24, 8] := mask[0, 8] & before[24, 8]
after[0, 32] := ~@[src+8, 32] - q[0, 32]
after[24, 8] := mask[0, 8] & after[24, 8]
if before[0,32] >= q[0, 32] then
eq := eq && after[0,32] = @[dst+8, 32]
else
eq := eq && before[0,32] = @[dst+8, 32]
end
end
if ~@[src+8, 32] < q[0, 32] then
eq := eq && ~@[src+8, 32] = @[dst+8, 32]
end
if eq = false then
print @[src, 40]
print ~@[src+8, 32]
print ~@[src+8, 32] - q[0,32]
print @[dst+8, 32]
end
assert eq
halt
end
explore all