Start a SAW Rust verification tutorial

This patch adds an incomplete tutorial on how to use SAW to verify Rust code, which complements the existing tutorial that covers LLVM and JVM verification. This tutorial currently covers everything that has been implemented in SAW, which includes: * `mir-json` * `mir_verify` basics * References * Arrays * Tuples * Structs * Enums * `mir_fresh_expanded_value` * Slices * Overrides * Statics The final section of the tutorial describes a case study using SAW to verify a real-world piece of Rust code that implements the Salsa20 stream cipher. Related to #1859. [ci skip]
GaloisInc · Dec 16, 2023 · 5330e09 · 5330e09
1 parent 63093c3
commit 5330e09
Show file tree

Hide file tree

Showing 82 changed files with 4,871 additions and 4 deletions.
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
@@ -65,7 +65,7 @@ The top-level repository directories are:
 
 * `saw` - Source for the `saw` executable interpreter for SAWScript.
 
-* `doc` - A tutorial and manual for SAWScript.
+* `doc` - A manual and tutorials for SAWScript.
 
 * `examples` - Various examples of using SAWScript.
 

diff --git a/README.md b/README.md
@@ -11,10 +11,17 @@ incomplete support for the Rust language.
 
 ## Documentation
 
-The [SAWScript tutorial](https://saw.galois.com/tutorial.html) gives an
-introduction to using the SAWScript interpreter. A longer
+There are two SAWScript tutorials that give an introduction to using the
+SAWScript interpreter:
+
+* [This tutorial](https://saw.galois.com/tutorial.html) gives an
+  introduction to verifying C code (using LLVM) and Java code (using JVM).
+* [This tutorial](https://github.com/GaloisInc/saw-script/blob/master/doc/rust-tutorial/rust-tutorial.md)
+  gives an introduction to verifying Rust code (using MIR).
+
+There is also a longer
 [manual](https://github.com/GaloisInc/saw-script/blob/master/doc/manual/manual.md)
-describes the breadth of SAWScript's features.
+that describes the breadth of SAWScript's features.
 
 ## Precompiled Binaries
 

diff --git a/doc/rust-tutorial/Makefile b/doc/rust-tutorial/Makefile
@@ -0,0 +1,66 @@
+TARGET   = tmp/sawScriptRustTutorial
+SRCS     = ${TARGET}.md ${wildcard *.bib} ${wildcard *.cls} ${wildcard *.sty}
+CODE     = ${wildcard code/*.c} \
+           ${wildcard code/*.cry} \
+           ${wildcard code/*.java} \
+           ${wildcard code/*.saw}
+TARBALL  = tmp/saw-rust-tutorial-code.tar.gz
+SPELLSRC = ${TARGET}.tex
+NEWSPELL = ${TARGET}.SPELLNEW
+OLDSPELL = ${TARGET}.SPELLOLD
+SPELL    = aspell -t -l
+AUX      = ${wildcard *.blg} ${wildcard *.bbl} ${wildcard *.aux} \
+           ${wildcard *.eps} ${wildcard *.log} ${wildcard *.toc} \
+           ${TARGET}.md
+PDFARGS   = -H rust-tutorial-head.tex \
+            -B rust-tutorial-before.tex \
+            -A rust-tutorial-after.tex \
+            --toc \
+            --listings \
+            -V documentclass:galois-whitepaper \
+            -V fontsize:12 \
+            --pdf-engine=xelatex
+HTMLARGS  = --css doc.css \
+            -B rust-tutorial-before.html \
+	    --toc \
+            --standalone \
+            --metadata title="SAWScript Rust Tutorial" \
+            --self-contained
+
+all: ${TARGET}.pdf ${TARGET}.html ${TARBALL}
+
+${TARGET}.pdf: ${SRCS} Makefile | tmp
+	pandoc ${PDFARGS} -o $@ ${TARGET}.md
+
+${TARGET}.html: ${SRCS} Makefile | tmp
+	pandoc ${HTMLARGS} -o $@ ${TARGET}.md
+
+${TARBALL}: ${CODE}
+	tar czf ${TARBALL} code
+
+# Pre-processing step. Right now, does nothing.
+${TARGET}.md: rust-tutorial.md docode.hs ${CODE} | tmp
+	runhaskell docode.hs < $< > $@
+
+docode: ${TARGET}.md | tmp
+
+.PHONY: spellClean superClean clean quickSpell
+
+tmp:
+	mkdir -p tmp
+
+clean:
+	-rm -f ${AUX}
+
+superClean: clean
+	-rm -f ${TARGET}.pdf ${TARGET}.html ${TARGET}.md tmp
+
+spellClean:
+	rm -f ${NEWSPELL} ${OLDSPELL}
+
+quickSpell:
+	@touch ${NEWSPELL}
+	@mv -f ${NEWSPELL} ${OLDSPELL}
+	@cat ${SPELLSRC} | ${SPELL} | tr "A-Z" "a-z" | sort | uniq | less > ${NEWSPELL}
+	@echo '(The ones marked with < are new.)'
+	@diff ${NEWSPELL} ${OLDSPELL}
diff --git a/doc/rust-tutorial/README.md b/doc/rust-tutorial/README.md
@@ -0,0 +1,8 @@
+To update the tutorial, edit `rust-tutorial.md` and then run `make`. The output
+is generated in `./tmp`. If you want to version a new copy of the tutorial,
+copy `./tmp/sawScriptRustTutorial.pdf` to `./sawScriptRustTutorial.pdf` and
+commit.
+
+Note that some uses of the `^` character in this tutorial cause problems with
+especially old versions of `pandoc`. I have confirmed that the tutorial builds
+successfully with `pandoc 2.17.1.1` or later.
diff --git a/doc/rust-tutorial/code/.gitignore b/doc/rust-tutorial/code/.gitignore
@@ -0,0 +1,10 @@
+tmp
+
+*.exe
+*.mir
+*.rlib
+
+first-example
+generics-take-1
+generics-take-2
+saw-basics
diff --git a/doc/rust-tutorial/code/Makefile b/doc/rust-tutorial/code/Makefile
@@ -0,0 +1,17 @@
+RS_FILES   := $(wildcard *.rs)
+JSON_FILES := $(RS_FILES:.rs=.linked-mir.json)
+EXE_FILES  := $(RS_FILES:.rs=)
+
+all: $(JSON_FILES)
+
+%.linked-mir.json: %.rs
+	saw-rustc $<
+	$(MAKE) remove-unused-build-artifacts
+
+.PHONY: remove-unused-build-artifacts
+remove-unused-build-artifacts:
+	rm -f test lib*.mir lib*.rlib $(EXE_FILES)
+
+.PHONY: clean
+clean: remove-unused-build-artifacts
+	rm -f *.linked-mir.json
diff --git a/doc/rust-tutorial/code/arrays-fail.saw b/doc/rust-tutorial/code/arrays-fail.saw
@@ -0,0 +1,14 @@
+enable_experimental;
+
+let index_fail_spec = do {
+  arr <- mir_fresh_var "arr" (mir_array 3 mir_u32);
+  idx <- mir_fresh_var "idx" mir_usize;
+
+  mir_execute_func [mir_term arr, mir_term idx];
+
+  mir_return (mir_term {{ arr @ idx }});
+};
+
+m <- mir_load_module "arrays.linked-mir.json";
+
+mir_verify m "arrays::index" [] false index_fail_spec z3;
diff --git a/doc/rust-tutorial/code/arrays.linked-mir.json b/doc/rust-tutorial/code/arrays.linked-mir.json
@@ -0,0 +1 @@
+{"fns":[{"abi":{"kind":"Rust"},"args":[{"is_zst":false,"mut":{"kind":"Not"},"name":"_1","ty":"ty::Array::d8c12f833d14aeb7"},{"is_zst":false,"mut":{"kind":"Not"},"name":"_2","ty":"ty::usize"}],"body":{"blocks":[{"block":{"data":[{"kind":"Assign","lhs":{"data":[],"var":{"is_zst":false,"mut":{"kind":"Not"},"name":"_3","ty":"ty::usize"}},"pos":"arrays.rs:6:10: 6:13","rhs":{"kind":"Use","usevar":{"data":{"data":[],"var":{"is_zst":false,"mut":{"kind":"Not"},"name":"_2","ty":"ty::usize"}},"kind":"Copy"}}},{"kind":"Assign","lhs":{"data":[],"var":{"is_zst":false,"mut":{"kind":"Mut"},"name":"_4","ty":"ty::usize"}},"pos":"arrays.rs:6:6: 6:14","rhs":{"kind":"Use","usevar":{"data":{"rendered":{"kind":"usize","size":8,"val":"3"},"ty":"ty::usize"},"kind":"Constant"}}},{"kind":"Assign","lhs":{"data":[],"var":{"is_zst":false,"mut":{"kind":"Mut"},"name":"_5","ty":"ty::bool"}},"pos":"arrays.rs:6:6: 6:14","rhs":{"L":{"data":{"data":[],"var":{"is_zst":false,"mut":{"kind":"Not"},"name":"_3","ty":"ty::usize"}},"kind":"Copy"},"R":{"data":{"data":[],"var":{"is_zst":false,"mut":{"kind":"Mut"},"name":"_4","ty":"ty::usize"}},"kind":"Copy"},"kind":"BinaryOp","op":{"kind":"Lt"}}}],"terminator":{"cleanup":null,"cond":{"data":{"data":[],"var":{"is_zst":false,"mut":{"kind":"Mut"},"name":"_5","ty":"ty::bool"}},"kind":"Move"},"expected":true,"kind":"Assert","msg":"index out of bounds: the length is move _4 but the index is _3","pos":"arrays.rs:6:6: 6:14","target":"bb1"}},"blockid":"bb0"},{"block":{"data":[{"kind":"Assign","lhs":{"data":[],"var":{"is_zst":false,"mut":{"kind":"Mut"},"name":"_6","ty":"ty::Ref::e028c0f25e8b6323"}},"pos":"arrays.rs:6:5: 6:14","rhs":{"kind":"CopyForDeref","place":{"data":[{"kind":"Index","op":{"is_zst":false,"mut":{"kind":"Not"},"name":"_3","ty":"ty::usize"}}],"var":{"is_zst":false,"mut":{"kind":"Not"},"name":"_1","ty":"ty::Array::d8c12f833d14aeb7"}}}},{"kind":"Assign","lhs":{"data":[],"var":{"is_zst":false,"mut":{"kind":"Mut"},"name":"_0","ty":"ty::u32"}},"pos":"arrays.rs:6:5: 6:14","rhs":{"kind":"Use","usevar":{"data":{"data":[{"kind":"Deref"}],"var":{"is_zst":false,"mut":{"kind":"Mut"},"name":"_6","ty":"ty::Ref::e028c0f25e8b6323"}},"kind":"Copy"}}}],"terminator":{"kind":"Return","pos":"arrays.rs:7:2: 7:2"}},"blockid":"bb1"}],"vars":[{"is_zst":false,"mut":{"kind":"Mut"},"name":"_0","ty":"ty::u32"},{"is_zst":false,"mut":{"kind":"Not"},"name":"_3","ty":"ty::usize"},{"is_zst":false,"mut":{"kind":"Mut"},"name":"_4","ty":"ty::usize"},{"is_zst":false,"mut":{"kind":"Mut"},"name":"_5","ty":"ty::bool"},{"is_zst":false,"mut":{"kind":"Mut"},"name":"_6","ty":"ty::Ref::e028c0f25e8b6323"}]},"name":"arrays/f3339ccb::index_ref_arr","return_ty":"ty::u32","spread_arg":null},{"abi":{"kind":"Rust"},"args":[{"is_zst":false,"mut":{"kind":"Not"},"name":"_1","ty":"ty::Array::30b61a0858282572"},{"is_zst":false,"mut":{"kind":"Not"},"name":"_2","ty":"ty::usize"}],"body":{"blocks":[{"block":{"data":[{"kind":"Assign","lhs":{"data":[],"var":{"is_zst":false,"mut":{"kind":"Not"},"name":"_3","ty":"ty::usize"}},"pos":"arrays.rs:2:9: 2:12","rhs":{"kind":"Use","usevar":{"data":{"data":[],"var":{"is_zst":false,"mut":{"kind":"Not"},"name":"_2","ty":"ty::usize"}},"kind":"Copy"}}},{"kind":"Assign","lhs":{"data":[],"var":{"is_zst":false,"mut":{"kind":"Mut"},"name":"_4","ty":"ty::usize"}},"pos":"arrays.rs:2:5: 2:13","rhs":{"kind":"Use","usevar":{"data":{"rendered":{"kind":"usize","size":8,"val":"3"},"ty":"ty::usize"},"kind":"Constant"}}},{"kind":"Assign","lhs":{"data":[],"var":{"is_zst":false,"mut":{"kind":"Mut"},"name":"_5","ty":"ty::bool"}},"pos":"arrays.rs:2:5: 2:13","rhs":{"L":{"data":{"data":[],"var":{"is_zst":false,"mut":{"kind":"Not"},"name":"_3","ty":"ty::usize"}},"kind":"Copy"},"R":{"data":{"data":[],"var":{"is_zst":false,"mut":{"kind":"Mut"},"name":"_4","ty":"ty::usize"}},"kind":"Copy"},"kind":"BinaryOp","op":{"kind":"Lt"}}}],"terminator":{"cleanup":null,"cond":{"data":{"data":[],"var":{"is_zst":false,"mut":{"kind":"Mut"},"name":"_5","ty":"ty::bool"}},"kind":"Move"},"expected":true,"kind":"Assert","msg":"index out of bounds: the length is move _4 but the index is _3","pos":"arrays.rs:2:5: 2:13","target":"bb1"}},"blockid":"bb0"},{"block":{"data":[{"kind":"Assign","lhs":{"data":[],"var":{"is_zst":false,"mut":{"kind":"Mut"},"name":"_0","ty":"ty::u32"}},"pos":"arrays.rs:2:5: 2:13","rhs":{"kind":"Use","usevar":{"data":{"data":[{"kind":"Index","op":{"is_zst":false,"mut":{"kind":"Not"},"name":"_3","ty":"ty::usize"}}],"var":{"is_zst":false,"mut":{"kind":"Not"},"name":"_1","ty":"ty::Array::30b61a0858282572"}},"kind":"Copy"}}}],"terminator":{"kind":"Return","pos":"arrays.rs:3:2: 3:2"}},"blockid":"bb1"}],"vars":[{"is_zst":false,"mut":{"kind":"Mut"},"name":"_0","ty":"ty::u32"},{"is_zst":false,"mut":{"kind":"Not"},"name":"_3","ty":"ty::usize"},{"is_zst":false,"mut":{"kind":"Mut"},"name":"_4","ty":"ty::usize"},{"is_zst":false,"mut":{"kind":"Mut"},"name":"_5","ty":"ty::bool"}]},"name":"arrays/f3339ccb::index","return_ty":"ty::u32","spread_arg":null}],"adts":[],"statics":[],"vtables":[],"traits":[],"intrinsics":[{"inst":{"def_id":"arrays/f3339ccb::index_ref_arr","kind":"Item","substs":[]},"name":"arrays/f3339ccb::index_ref_arr"},{"inst":{"def_id":"arrays/f3339ccb::index","kind":"Item","substs":[]},"name":"arrays/f3339ccb::index"}],"tys":[{"name":"ty::u32","ty":{"kind":"Uint","uintkind":{"kind":"U32"}}},{"name":"ty::Ref::e028c0f25e8b6323","ty":{"kind":"Ref","mutability":{"kind":"Not"},"ty":"ty::u32"}},{"name":"ty::usize","ty":{"kind":"Uint","uintkind":{"kind":"Usize"}}},{"name":"ty::Array::d8c12f833d14aeb7","ty":{"kind":"Array","size":{"rendered":{"kind":"usize","size":8,"val":"3"},"ty":"ty::usize"},"ty":"ty::Ref::e028c0f25e8b6323"}},{"name":"ty::bool","ty":{"kind":"Bool"}},{"name":"ty::Array::30b61a0858282572","ty":{"kind":"Array","size":{"rendered":{"kind":"usize","size":8,"val":"3"},"ty":"ty::usize"},"ty":"ty::u32"}}],"roots":["arrays/f3339ccb::index","arrays/f3339ccb::index_ref_arr"]}
diff --git a/doc/rust-tutorial/code/arrays.rs b/doc/rust-tutorial/code/arrays.rs
@@ -0,0 +1,7 @@
+pub fn index(arr: [u32; 3], idx: usize) -> u32 {
+    arr[idx]
+}
+
+pub fn index_ref_arr(arr: [&u32; 3], idx: usize) -> u32 {
+    *arr[idx]
+}
diff --git a/doc/rust-tutorial/code/arrays.saw b/doc/rust-tutorial/code/arrays.saw
@@ -0,0 +1,33 @@
+enable_experimental;
+
+let index_spec = do {
+  arr <- mir_fresh_var "arr" (mir_array 3 mir_u32);
+  idx <- mir_fresh_var "idx" mir_usize;
+  mir_precond {{ 0 <= idx }}; // Lower bound of idx
+  mir_precond {{ idx <= 2 }}; // Upper bound of idx
+
+  mir_execute_func [mir_term arr, mir_term idx];
+
+  mir_return (mir_term {{ arr @ idx }});
+};
+
+m <- mir_load_module "arrays.linked-mir.json";
+
+mir_verify m "arrays::index" [] false index_spec z3;
+
+let index_alt_spec = do {
+  arr0 <- mir_fresh_var "arr0" mir_u32;
+  arr1 <- mir_fresh_var "arr1" mir_u32;
+  arr2 <- mir_fresh_var "arr2" mir_u32;
+  let arr = mir_array_value mir_u32 [mir_term arr0, mir_term arr1, mir_term arr2];
+
+  idx <- mir_fresh_var "idx" mir_usize;
+  mir_precond {{ 0 <= idx }}; // Lower bound of idx
+  mir_precond {{ idx <= 2 }}; // Upper bound of idx
+
+  mir_execute_func [arr, mir_term idx];
+
+  mir_return (mir_term {{ [arr0, arr1, arr2] @ idx }});
+};
+
+mir_verify m "arrays::index" [] false index_alt_spec z3;
diff --git a/doc/rust-tutorial/code/enums.linked-mir.json b/doc/rust-tutorial/code/enums.linked-mir.json
@@ -0,0 +1 @@
+{"fns":[{"abi":{"kind":"Rust"},"args":[],"body":{"blocks":[{"block":{"data":[{"kind":"Deinit","pos":"enums.rs:6:5: 6:9"},{"kind":"SetDiscriminant","lvalue":{"data":[],"var":{"is_zst":false,"mut":{"kind":"Mut"},"name":"_0","ty":"ty::Adt::3fa7c2d95c7fce06"}},"pos":"enums.rs:6:5: 6:9","variant_index":0}],"terminator":{"kind":"Return","pos":"enums.rs:7:2: 7:2"}},"blockid":"bb0"}],"vars":[{"is_zst":false,"mut":{"kind":"Mut"},"name":"_0","ty":"ty::Adt::3fa7c2d95c7fce06"}]},"name":"enums/caeb2906::i_got_nothing","return_ty":"ty::Adt::3fa7c2d95c7fce06","spread_arg":null},{"abi":{"kind":"Rust"},"args":[{"is_zst":false,"mut":{"kind":"Not"},"name":"_1","ty":"ty::Adt::3fa7c2d95c7fce06"}],"body":{"blocks":[{"block":{"data":[],"terminator":{"kind":"Return","pos":"enums.rs:11:2: 11:2"}},"blockid":"bb0"}],"vars":[{"is_zst":true,"mut":{"kind":"Mut"},"name":"_0","ty":"ty::Tuple::e93222e871854c41"}]},"name":"enums/caeb2906::do_stuff_with_option","return_ty":"ty::Tuple::e93222e871854c41","spread_arg":null},{"abi":{"kind":"Rust"},"args":[{"is_zst":false,"mut":{"kind":"Not"},"name":"_1","ty":"ty::u32"}],"body":{"blocks":[{"block":{"data":[{"kind":"Assign","lhs":{"data":[],"var":{"is_zst":false,"mut":{"kind":"Mut"},"name":"_2","ty":"ty::u32"}},"pos":"enums.rs:2:10: 2:11","rhs":{"kind":"Use","usevar":{"data":{"data":[],"var":{"is_zst":false,"mut":{"kind":"Not"},"name":"_1","ty":"ty::u32"}},"kind":"Copy"}}},{"kind":"Deinit","pos":"enums.rs:2:5: 2:12"},{"kind":"Assign","lhs":{"data":[{"kind":"Downcast","variant":1},{"field":0,"kind":"Field","ty":"ty::u32"}],"var":{"is_zst":false,"mut":{"kind":"Mut"},"name":"_0","ty":"ty::Adt::3fa7c2d95c7fce06"}},"pos":"enums.rs:2:5: 2:12","rhs":{"kind":"Use","usevar":{"data":{"data":[],"var":{"is_zst":false,"mut":{"kind":"Mut"},"name":"_2","ty":"ty::u32"}},"kind":"Move"}}},{"kind":"SetDiscriminant","lvalue":{"data":[],"var":{"is_zst":false,"mut":{"kind":"Mut"},"name":"_0","ty":"ty::Adt::3fa7c2d95c7fce06"}},"pos":"enums.rs:2:5: 2:12","variant_index":1}],"terminator":{"kind":"Return","pos":"enums.rs:3:2: 3:2"}},"blockid":"bb0"}],"vars":[{"is_zst":false,"mut":{"kind":"Mut"},"name":"_0","ty":"ty::Adt::3fa7c2d95c7fce06"},{"is_zst":false,"mut":{"kind":"Mut"},"name":"_2","ty":"ty::u32"}]},"name":"enums/caeb2906::i_found_something","return_ty":"ty::Adt::3fa7c2d95c7fce06","spread_arg":null}],"adts":[{"kind":{"discr_ty":"ty::isize","kind":"Enum"},"name":"core/73237d41::option::Option::_adtc5e93708b8ca6e2a[0]","orig_def_id":"core/73237d41::option::Option","orig_substs":["ty::u32"],"repr_transparent":false,"size":8,"variants":[{"ctor_kind":{"kind":"Const"},"discr":{"index":0,"kind":"Relative"},"discr_value":"0","fields":[],"inhabited":true,"name":"core/73237d41::option::Option::None"},{"ctor_kind":{"kind":"Fn"},"discr":{"index":1,"kind":"Relative"},"discr_value":"1","fields":[{"name":"core/73237d41::option::Option::Some::0","ty":"ty::u32"}],"inhabited":true,"name":"core/73237d41::option::Option::Some"}]}],"statics":[],"vtables":[],"traits":[],"intrinsics":[{"inst":{"def_id":"enums/caeb2906::i_got_nothing","kind":"Item","substs":[]},"name":"enums/caeb2906::i_got_nothing"},{"inst":{"def_id":"enums/caeb2906::do_stuff_with_option","kind":"Item","substs":[]},"name":"enums/caeb2906::do_stuff_with_option"},{"inst":{"def_id":"enums/caeb2906::i_found_something","kind":"Item","substs":[]},"name":"enums/caeb2906::i_found_something"}],"tys":[{"name":"ty::u32","ty":{"kind":"Uint","uintkind":{"kind":"U32"}}},{"name":"ty::Adt::3fa7c2d95c7fce06","ty":{"kind":"Adt","name":"core/73237d41::option::Option::_adtc5e93708b8ca6e2a[0]","orig_def_id":"core/73237d41::option::Option","substs":["ty::u32"]}},{"name":"ty::Tuple::e93222e871854c41","ty":{"kind":"Tuple","tys":[]}},{"name":"ty::isize","ty":{"intkind":{"kind":"Isize"},"kind":"Int"}}],"roots":["enums/caeb2906::i_found_something","enums/caeb2906::i_got_nothing","enums/caeb2906::do_stuff_with_option"]}
diff --git a/doc/rust-tutorial/code/enums.rs b/doc/rust-tutorial/code/enums.rs
@@ -0,0 +1,11 @@
+pub fn i_found_something(x: u32) -> Option<u32> {
+    Some(x)
+}
+
+pub fn i_got_nothing() -> Option<u32> {
+    None
+}
+
+pub fn do_stuff_with_option(o: Option<u32>) {
+    // ...
+}
diff --git a/doc/rust-tutorial/code/enums.saw b/doc/rust-tutorial/code/enums.saw
@@ -0,0 +1,35 @@
+enable_experimental;
+
+m <- mir_load_module "enums.linked-mir.json";
+
+option_u32 <- mir_find_adt m "core::option::Option" [mir_u32];
+
+let i_found_something_spec = do {
+  x <- mir_fresh_var "x" mir_u32;
+
+  mir_execute_func [mir_term x];
+
+  let ret = mir_enum_value option_u32 "Some" [mir_term x];
+  mir_return ret;
+};
+
+mir_verify m "enums::i_found_something" [] false i_found_something_spec z3;
+
+let i_got_nothing_spec = do {
+  mir_execute_func [];
+
+  let ret = mir_enum_value option_u32 "None" [];
+  mir_return ret;
+};
+
+mir_verify m "enums::i_got_nothing" [] false i_got_nothing_spec z3;
+
+let do_stuff_with_option_spec = do {
+  o <- mir_fresh_expanded_value "o" (mir_adt option_u32);
+
+  mir_execute_func [o];
+
+  // ...
+};
+
+mir_verify m "enums::do_stuff_with_option" [] false do_stuff_with_option_spec z3;
diff --git a/doc/rust-tutorial/code/first-example.linked-mir.json b/doc/rust-tutorial/code/first-example.linked-mir.json
@@ -0,0 +1 @@
+{"fns":[{"abi":{"kind":"Rust"},"args":[{"is_zst":false,"mut":{"kind":"Not"},"name":"_1","ty":"ty::u8"}],"body":{"blocks":[{"block":{"data":[{"kind":"Assign","lhs":{"data":[],"var":{"is_zst":false,"mut":{"kind":"Mut"},"name":"_0","ty":"ty::u8"}},"pos":"first-example.rs:2:5: 2:6","rhs":{"kind":"Use","usevar":{"data":{"data":[],"var":{"is_zst":false,"mut":{"kind":"Not"},"name":"_1","ty":"ty::u8"}},"kind":"Copy"}}}],"terminator":{"kind":"Return","pos":"first-example.rs:3:2: 3:2"}},"blockid":"bb0"}],"vars":[{"is_zst":false,"mut":{"kind":"Mut"},"name":"_0","ty":"ty::u8"}]},"name":"first_example/abef32c5::id_u8","return_ty":"ty::u8","spread_arg":null}],"adts":[],"statics":[],"vtables":[],"traits":[],"intrinsics":[{"inst":{"def_id":"first_example/abef32c5::id_u8","kind":"Item","substs":[]},"name":"first_example/abef32c5::id_u8"}],"tys":[{"name":"ty::u8","ty":{"kind":"Uint","uintkind":{"kind":"U8"}}}],"roots":["first_example/abef32c5::id_u8"]}
diff --git a/doc/rust-tutorial/code/first-example.rs b/doc/rust-tutorial/code/first-example.rs
@@ -0,0 +1,3 @@
+pub fn id_u8(x: u8) -> u8 {
+    x
+}
diff --git a/doc/rust-tutorial/code/generics-take-1.linked-mir.json b/doc/rust-tutorial/code/generics-take-1.linked-mir.json
@@ -0,0 +1 @@
+{"fns":[],"adts":[],"statics":[],"vtables":[],"traits":[],"intrinsics":[],"tys":[],"roots":[]}
diff --git a/doc/rust-tutorial/code/generics-take-1.rs b/doc/rust-tutorial/code/generics-take-1.rs
@@ -0,0 +1,3 @@
+pub fn id<A>(x: A) -> A {
+    x
+}
diff --git a/doc/rust-tutorial/code/generics-take-2.linked-mir.json b/doc/rust-tutorial/code/generics-take-2.linked-mir.json
@@ -0,0 +1 @@
+{"fns":[{"abi":{"kind":"Rust"},"args":[{"is_zst":false,"mut":{"kind":"Not"},"name":"_1","ty":"ty::u8"}],"body":{"blocks":[{"block":{"data":[{"kind":"Assign","lhs":{"data":[],"var":{"is_zst":false,"mut":{"kind":"Mut"},"name":"_2","ty":"ty::u8"}},"pos":"generics-take-2.rs:6:8: 6:9","rhs":{"kind":"Use","usevar":{"data":{"data":[],"var":{"is_zst":false,"mut":{"kind":"Not"},"name":"_1","ty":"ty::u8"}},"kind":"Copy"}}}],"terminator":{"args":[{"data":{"data":[],"var":{"is_zst":false,"mut":{"kind":"Mut"},"name":"_2","ty":"ty::u8"}},"kind":"Move"}],"cleanup":null,"destination":[{"data":[],"var":{"is_zst":false,"mut":{"kind":"Mut"},"name":"_0","ty":"ty::u8"}},"bb1"],"from_hir_call":true,"func":{"data":{"rendered":{"kind":"zst"},"ty":"ty::FnDef::e7e83e5417e656c7"},"kind":"Constant"},"kind":"Call","pos":"generics-take-2.rs:6:5: 6:10"}},"blockid":"bb0"},{"block":{"data":[],"terminator":{"kind":"Return","pos":"generics-take-2.rs:7:2: 7:2"}},"blockid":"bb1"}],"vars":[{"is_zst":false,"mut":{"kind":"Mut"},"name":"_0","ty":"ty::u8"},{"is_zst":false,"mut":{"kind":"Mut"},"name":"_2","ty":"ty::u8"}]},"name":"generics_take_2/8b1bf337::id_u8","return_ty":"ty::u8","spread_arg":null},{"abi":{"kind":"Rust"},"args":[{"is_zst":false,"mut":{"kind":"Not"},"name":"_1","ty":"ty::u8"}],"body":{"blocks":[{"block":{"data":[{"kind":"Assign","lhs":{"data":[],"var":{"is_zst":false,"mut":{"kind":"Mut"},"name":"_0","ty":"ty::u8"}},"pos":"generics-take-2.rs:2:5: 2:6","rhs":{"kind":"Use","usevar":{"data":{"data":[],"var":{"is_zst":false,"mut":{"kind":"Not"},"name":"_1","ty":"ty::u8"}},"kind":"Move"}}}],"terminator":{"kind":"Return","pos":"generics-take-2.rs:3:2: 3:2"}},"blockid":"bb0"}],"vars":[{"is_zst":false,"mut":{"kind":"Mut"},"name":"_0","ty":"ty::u8"}]},"name":"generics_take_2/8b1bf337::id::_instaddce72e1232152c[0]","return_ty":"ty::u8","spread_arg":null}],"adts":[],"statics":[],"vtables":[],"traits":[],"intrinsics":[{"inst":{"def_id":"generics_take_2/8b1bf337::id_u8","kind":"Item","substs":[]},"name":"generics_take_2/8b1bf337::id_u8"},{"inst":{"def_id":"generics_take_2/8b1bf337::id","kind":"Item","substs":["ty::u8"]},"name":"generics_take_2/8b1bf337::id::_instaddce72e1232152c[0]"}],"tys":[{"name":"ty::u8","ty":{"kind":"Uint","uintkind":{"kind":"U8"}}},{"name":"ty::FnDef::e7e83e5417e656c7","ty":{"defid":"generics_take_2/8b1bf337::id::_instaddce72e1232152c[0]","kind":"FnDef"}}],"roots":["generics_take_2/8b1bf337::id_u8"]}