From e976d6f92d28ef1756d8326d4c72224f3efc969f Mon Sep 17 00:00:00 2001
From: thk123 <thomas@diffblue.com>
Date: Mon, 5 Feb 2018 17:11:29 +0000
Subject: [PATCH 1/4] Correctly handle wide iload commands

These commands occur when there are >255 local variables. In these cases
the index of the local variable is represented using a u2 rather than a
u1.
---
 src/java_bytecode/java_bytecode_parser.cpp | 17 +++++++++++++----
 1 file changed, 13 insertions(+), 4 deletions(-)

diff --git a/src/java_bytecode/java_bytecode_parser.cpp b/src/java_bytecode/java_bytecode_parser.cpp
index edb251a0fa9..58bfc4f09b5 100644
--- a/src/java_bytecode/java_bytecode_parser.cpp
+++ b/src/java_bytecode/java_bytecode_parser.cpp
@@ -749,7 +749,6 @@ void java_bytecode_parsert::rbytecode(
         instruction.args.push_back(from_integer(c, signedbv_typet(8)));
       }
       address+=1;
-
       break;
 
     case 'o': // two byte branch offset, signed
@@ -776,10 +775,20 @@ void java_bytecode_parsert::rbytecode(
 
     case 'v': // local variable index (one byte)
       {
-        u1 v=read_u1();
-        instruction.args.push_back(from_integer(v, unsignedbv_typet(8)));
+        if(wide_instruction)
+        {
+          u2 v = read_u2();
+          instruction.args.push_back(from_integer(v, unsignedbv_typet(16)));
+          address += 2;
+        }
+        else
+        {
+          u1 v = read_u1();
+          instruction.args.push_back(from_integer(v, unsignedbv_typet(8)));
+          address += 1;
+        }
       }
-      address+=1;
+
       break;
 
     case 'V':

From 5bdaa6418250e3d4f682a09097864e1f53bebe16 Mon Sep 17 00:00:00 2001
From: thk123 <thomas@diffblue.com>
Date: Mon, 5 Feb 2018 17:46:17 +0000
Subject: [PATCH 2/4] Adding test demonstrating the too many variables problem

---
 .../TooManyLocals.class                       | Bin 0 -> 9993 bytes
 .../TooManyLocals.java                        | 518 ++++++++++++++++++
 .../lots_of_local_variables/test.desc         |   6 +
 3 files changed, 524 insertions(+)
 create mode 100644 regression/cbmc-java/lots_of_local_variables/TooManyLocals.class
 create mode 100644 regression/cbmc-java/lots_of_local_variables/TooManyLocals.java
 create mode 100644 regression/cbmc-java/lots_of_local_variables/test.desc

diff --git a/regression/cbmc-java/lots_of_local_variables/TooManyLocals.class b/regression/cbmc-java/lots_of_local_variables/TooManyLocals.class
new file mode 100644
index 0000000000000000000000000000000000000000..b72240605da9ed95e51ee6bc79d5df9131031bb9
GIT binary patch
literal 9993
zcmd^kg?|;-xBcETbH@^32G|rSR-lEnK$#>bNedKrcZUE0f=fbyBBi(%cXu!DUZA+U
zyR^7_fBVe5@9%xy`xhR3K5MOWbJxCeV14eaGdcKq^L7A;!kji3n9+g|W-{<g8&u3_
zU}hV$U{(XOA*9I}-=#}J=cL3A?Yopn>=NI!Z9;PdtcRc%Ol+T+R2V_cou?LpR=h*=
z1cX!-65A(KN^aLQp>qxSW`xugIy8%KTPwbEqFn#ii&|2v#4hsPH9B;t7~j6T|DG;C
z@|dKAE=dSReA~8V+b8i`l=@{E62IpU^+f@>@+3q`h>{R3K}d*^5Gx^$FD$VD+Zfry
z$R<X1F|v)3eT-~mWG5qA8GWzkdp+Ol`CiZWdcN25y`Jy&e6QzwJ>MJYdn0{sr0<RN
zy^+2*()ULC-bmjY>3bu6Z<Ozi^1V^MH_G=$`Q9ks8|8bWd~cNRjq<(GzBk(UM*H4q
z-y7|FqkV6*?~V4o(Y`m@_X^)De6R4m!uJZ_D}1l;y~6hj-z$7?jPH%{y)nKw#`nhf
z-WcB-<9lO#Z;bDa@x8IWH`e#Y`rcUI8|!;xeQ&JqjrF~;zBktQ#`)ej-y7$9<9u(N
z?~U`lalSXs_s03&IQD9s4K_<+w<NYpV!tFFAc-eP;t`T~h9n*$DVQQ7#w(dINx>AE
zGPw$-$ehVlFhwR!u7W8tYrK+SlN3ymag(cHiVU1w1yf|?<SLjVLnl|k6d5~S$=pc_
zrpV;URWL<nPp*O~GJSFtOp*EHl?<SyV2X^OTm@5P2<0l6B4a35!4w%pxeBJpDDp~X
zQBp8PrcthfDKd|86-<$dl&fHh%p|X5C?y3`WGv+>m?DEISHTn+O}PrD$Z*P4Fh$0b
zS2CZHf+;egaurOG8I`MGicG0o1yf{Bc_o7?DVQRoDp$c28CJOprpUO;RWL;cR<436
zGP1mqnUxewk*SrdV2aGGTm@5Pa^)(R5@gp4vg-xe^@8krL3X_$yIzo8FUYPJWY-I_
z>jl~Mg6w)hcD*3GUXWcc$gUS;*9)@i1=;n2?0P|Vy&$_@kX<jxt`}t23$p74+4X|#
zdO>!*AiG|WT`$P47i8B9vg-xe^@8krL3X_$yIzo8FUYPJWY-I_>jl~Mg6w)hcD*3G
zUXWcc$gUS;*9)@i1=;n2?0P|Vy&$_@kX<jxt|zmbqIyz%vo;muJNh>@1JWRv1)H_~
zuiK(sy+d;6W(lPd{hQ$bxX<Nl9p5!R9Bc>+2NNuW^zw!LZR6Xw%wP0Bx7(7PJ9p^J
zAM!t(24)Y(uP_IK^WT=rO<N~4OX9off4@|`E#I~g(lt-$lGr(+`TrlvSDcj0Kj3?I
zJ;)9rFt`PvlU`m1D-}>)6=OKB@-riIC}IQPDi#W)VATB=RY=J?Ja_}70*6-?xc@O{
zsmE1<&0*<WgspaYwV+lgR9F|9Aws6m9bFiXAxy^<mSYLqu|=2@Cc>R?k-|wKQaUL`
zDkqh297nj0D^feDMH(lKNb95(<d8_`q!V8_Ux@ThdXd4&ATl}`MJ6Yc_|o}OWOg!(
zEKU}Y)yXQdIoU*ZC%gE{`AXz)a)_KxPLa#WCBAmP7T-AEh}=$Yk;lm+BAf{Et@Ew;
z&iPK{b@GaQPCk*}$uGWlz83|Y0>X1V5$QyVC?`rpJJCWoLc};RBG!o&aZa50!TCY_
z==>-OIt4``r;sS@6c#@@KZznv5mD4BDvCM9L~*CMDB+Y4C7qI@lv7HSc1nvfP8m_w
zDJ#l3<wSX>yr|$*5EY$@qLNcdRCX$hDozzq)u}3~In_jUr@E-&)DShDnxd9dOVoC1
zi#kpnQP-&}>N)j9eW$)?;4}~oora>3(?~RS8jB`Q6A|yki>6Lf(adQknmf%!f|DRx
zI4wj=r=@7+v=WI<qG;{37Hyn1qOH?bv~${t_D*}z!Ra76IvqtPr<3UHbQWElE+WZE
z63I@o=<0M8KRZ8*ZcaDR-RUlRI6cHK&M%^;(^K?vdWqgnZ_&r;BYt(^SJBsnzT!6*
zeiQv%=qLKS&|eI2VSpIu!ay;|g+XGl3xmZF7lw$TE({gJTo@*XyD(ggaAAZP>B30y
zy9>XIQ7()Uqg@y+#<(y>jCEnG80W$`G2VsoVuA}3#6%Y+ib*a^5|dq+ET*_HMND;J
zs+i`&G%?+U>0*WpGsH|6W{O!Z%o4L*m@VeGFh|UFVXm0x!aOnGh52HE3k$?T7Z!>|
zE-Vs@U05uZxUfVlbz!Mk=E5?u+=b<0g$pahA1?eMR=TiKta4$MSna}UvBrfpVyz2n
z#X1+(iS;h57aLsIAU3+NQEYNyli2LSX0gSEEn=$+Tg5gPwu$X7Y!^FR*dcbhuv6@E
zVVBtL!fx@W3xA3|F6<F|UDzx3xv)?C<-%WLzYF`t0T&L4gDxBthg>)$4!dwz9C6`@
zIO@Vtam<Bd;<yXP#R(Tqh?6dy6sKG`B~H6=TAXp=j5zDUS#i#VbK<-U=fwpVE{KaR
zTojjFxFjySa9Lb&;flEG!c}q2g=^xv3)jUB7jB4~F5DEiT(~7}yKr0Fap8`*>%v`e
z&xL#9z6<xo0~a2Mzg_rS{Nutu;-L!<#UmFUiN`KH7EfGwBA&YNR6KLxnRxEPbMeB3
z7viN0FU2btUWwN(ycTa<cq87r@K(HY;hlKz!h7+-g%9GR3m?TN7e0y4E_@dMy72EF
zzJo@nnJPzUUsjF?Wv(2dlU6yxpit!qll00Fj!p)nK_;U~7NbQrqfKFqVHD07PAM2u
zP)f#>l!`GGIgAduj4q{SOigJR(@<K*v_y<V=@`?|7mQy}ddBpWfiVMRWXwo>QBEe}
z%W}RXzAz^<Wns)hSsAlZHpXm}oiRIo#rPHFV9Y@|8FNxD#$5C@<Ja^J<2RI>F*oI5
z%tH~35%ewNxAYz3ca)bgFXdy*NBJ4^)Ax+uQvt>T<S}{_$rwpdj8PQL7)^pvPz+-X
z#WKcH9Ag~)!1x3G$oL}_WGqO97z<Hh#=`Uy<4;tCu?Q7qEK0=~i&1gL;#7jM1eIhg
zNu?M|QEA4~REDt(m1QhT<rvFRdB*Zofw2NrWUNS)7%Nd_#>!NMu?kgXtV-1wt5J2v
z>QsZV2GwM&NwpYjQEkTBREMz+)n%+p^%(0>ea8CKfUyBJWNb){7#mSz#>Uiyu?fX9
z##2+qrqqnF88v5YP6><&)Pk`EwPb8btr%NTB4Z-8W^7Gu7~4==#<tXsu^qK%Y)>5+
zJ5Wc)j?{^<6Ln_nOkEheP!eMjB{L>dSH`aNGvm+Hjj<bbXY5Wr7<<q!jK5G%#-7xR
zu^07b>`i?b`_QkIBlw$_`bz3cze)Oy`bp|X{U!CM0g?vLKuH5>kfcF0Skhn`B54Q>
zl{A!wNg77OB@L$$l19)-Nh9fZNx#!5Nuy}Aq|r1+(ij>mX)KMCG>*ng8c!1>O`wUA
zCekEHlW4M}$uvdM6q+h&Dov9#jiyVQPBSFUpqY|p(kw}{Xtt!;G)K}Lnk#88&66~b
z=1ZDS3nVR|g_0K1B1wyAv82VcMA8ykDrqS#leCPMOIl7VB(0!7B>h1vC9R}Yl2*}b
zNvmm%q&2iw(pp+4X&tSXw4OFd+CUp6ZKO?-HqmBDn`w)rEwokAR@x?M8*P`gopwmt
zK|3Ywq+ODB(QZk*=}$?2(jG~BXs@Kbv`^AL`b*MZv|rMGIw0u)9h7vC4oNyhhb0}R
zBa)8LQAtPXn51KLT+(qmA?XC2lys6#NjgQRC7q@-lFrasNoVPtq;qs$(s{Zd=>lDp
zbdfGex<r>HU8XCNuFzFUSLvFhYjj=Gb-E$x2Hli&lWs}6MYkp0raO}E&|OJ)>7Jx}
zbYIeadLZcm{VnNl`bW|~^ia}6dL-!)J(l#Co=AE^PbEF2XOf=Lb4kzXg`^ksQqoI$
zCFvEtmh_t5NP0tWCB3D0lHSpKN$=@{q!08_(ntCv=@WgH^qKyZ^zR-*sJt4KDUeYv
z^F^rnnlR6Vuq~k0-2mDS*``(5rp=U!$~wfYTIUjOaQ!y9Ra@MsZAi^+ns}9g-<g^F
zc6NR>7dP!Z;6h&hX#q$B(U2D6_+5n{9TbHxpd_S+vh1h`8KEj<f|~Fp)Ma-=$O7?@
z6%rsDB=V$o@D+4|9FPn-p*v6Q1z$s7_yz_*ZWzL!FajcAG<*x=;X9bjpEe!x!E8Pf
z%!lt`F@N%M@L&~0!a9h8O?(yGK)^1DfxQq52l$GPzz=W&euOhn5H9f5U4g=I1Ac-#
zPy`<El|F)E@C=H>D<}c)_^LlaDLyZh#t@W23(8^&D2FbTM}i8-yTQy*3A00G%mr02
z4^+jxPz?(}b&Q4@7zZ`65Y)n=P#a4^9V`oVu_DyNs!$(mLIbP|4Y46K!gy$m3D5)+
zAs*X7Q|tuIFd3R-cSyiq&;t8HOB?{La0n#g2xyI?p$(3Qwm2Eu;dE$^v!MgdhmN=y
zI^lBYjH{pvu7f1p1j)D!y5cVQ8TUdrJOJJC2=u@c@C%-So_GOz;T7nOH=qyRfnV_f
z^u<T;8$N@6_zL>tI~ahUV4$MFAjN>eN;nKr_?uTr2g8(1FkHz7Ba~b)Qi*`ymHaSD
ziGtBe9E?#4!&s#_j8n?Mc%>ptP^!U1r8Z1b8o*>F9;PTQV5-svrYRj^x{?etlpZis
z=>xNr{xDk^0&|p+FjpB1^OQ+2UzrXIlsT|aSqO`iWw2OT1xu9muvFOs%aon4T-ggN
zl!Nexatu}~r(u<H0ahzlVU2PN)++a5o$?6QE6-tr@&-04A7PV<uvyh%iy8)7RR^}I
z1l!e&utUuXJJp=9OU(nj)qL=$8VP&USlFu;f_-W+_)9Gf`_&3?K&=V~)mm^!tq+IQ
zCU8VefTL<_IHq=h<7yI|P`krPwKtqn`@v~-Fq~0Gz*%(+oKq*ld373GP-nwMbpc#b
zm%?RrC0tS0!BurLTvK<zb#)KiP!GUO^(fp@Pr+^VJls*Qz+Lqw+*9wtef1$cP@loy
z>TCE%{QwU&fJa&g9&0u{(Ne)vEiF9LGQe{!3%t;Bz)LMRywdW*Yt4f<S`56^3c@?B
zD7@E7!3V88eAKGIC#@!Y*6P8(T4R2i(;QJtL`7?ls@4THts924KB#N`(9i~<sSQI*
z8-=zu9>cUL7_QC26xsqzsV&1)+G=#Pjp%CIF}1b_(`W}Vt#%wqJB#VG%lL(M6Vq$=
zF@yFPGiom}llC6J3;|{i>6j%Hj#)#gF<U4-W)Ee-uR=L7M<@bwhQ7yKA%S0q3gS1R
zVwgKr2J?g}VMM3~ejBQX--ViB-cSq77ix?7L!I&aP&X_P>WyBgKSqXzVpM1pMu#S#
z2u;J7&>V~nEyB3a3j86o7Jm$F#)6@pSSYj)3x^KlPoa}oBy=8&hOT0<&}}Rp`Ws7x
zo?^++Yb+J|h^2J}%jhPS)l*_QJuQ~kGhzij8&=f6#!C8kSXuY5iXMwq^}<+9FM-wd
za#%yJf;IJ8SW9n!we_Z0M{k97_4Zg#Pr~|o4{V_SiVgLF*hn9ajrB3uM4yE5`V4HU
z&%<W=5^S!o!~}gkw$Qg?OMN%C()VMceiU2lr?HKG5!>q5v7LSw+v^XpgZ>;l>Tj`=
z{uw(P8g?;kOfnoyHqv2N<4gS6_zJrjxv{&E4|^C<_>1ua_B4uMFQXLpHY#8rqZ<Bd
z)WN<+BmB*1j{S_**x%@g1B|XX(CCGOjQ%*-7=}ZPF*wwijKhpsINVr>Ba9U|(pZPT
z8(VRd@h6Tp4&oT&1dcV%<2d6QjyLY&1mh7-G+yE);{#4M6`W#PIMsA;n)wAzH?!aj
zGZ)S@zr$H(B+fQ}z&U17oNJcBd1hstZ`Q&EW<y+PHpfL~8(eI5#wBKVTx$M`%gjNz
z+#HE3%<=e#ISp5ub8(fq1Xr7@aE-YU*P1(Uow*O!n@4bic^WsGmvEDL6E~X=aEtjA
zx0-KooB0{HTOr(Gh2u^u4eqis;%+ND{%PgLJyw3)YYE(E6~e!)61d+gj|Z%3c+jeg
zhpZ-e*lLMKtoC@+O2%VWPdsk*!xPp}JZX)_Q`RIrZOz0p)&e|hEyr`#T0C!U!3)-I
zyl5T3OV)9`Y@Nd^)>XV}-N9?tL%eRiz#G<kylErevQ4~gr@}jSI=pLV#(Q>7yl;Pt
z4{Q(rw&U<0y9hqCOXDNE5<a$T;uE_8KDC?SGrKiDw>#kryBof=``{~kAilOo;2V1!
zzO|>~J9`ekw-@6FdnJCfH{d6GJAStJ;=lG`1?*D_+7}hYzM-i0eMPgMC?Wf;qK6TG
z`}0#ZJDl%?dYHp^_%z%N%&?Svk0*Z8X7lsHbgUEz53~7RPuw9=g&BOuC(s~un8x>g
z;x0j9$ajC@Mv=k(#2tXRS7f%|aT6eJ7uoGs+y{s|MlSmqw*um(k;i_--GI1n<h37g
zLy)bbfPII10&(|<wr_A-AilOZ`wDjk;vQ1SzQE0axQ!IG&v1Vr?j$Ac6Wk(*ue+>$
zgu4Xs^;fhHaHAmJK~;M%_X^^_HSJy8E{OM1*WSh*gLp3u?M>V?i1!k2uj9T!yq5%f
z6}JxJy(HSpxqA@rrJcQ)8wl}UI@$BNhY;^2*`Cd9gm^FA?djY}i1*UVp3KdJcrShJ
z@!U^{_cFj9%`Js^FGK7R+*OG8GQu9hjfHqGqwN8Hlgb6-?Y`Vzi1#wt?!_I3crVlK
z?%ZUE_cGf~<~~Ebm-%)lZZ*VvS!}oCZbQ76<#r-B9OAvKvJ<%H5btH39nWotcrTmm
zhTM6G_p;5d%gu*)FT3oT+<%Dove&K(rC51zz^(|TSw+GTyDXGp6$K~klHBZw_j1NA
z3guV{xL_B8@~mRuiX8_PSjEB(JDS@c@m}uO1)vhEAK-zV7b>&*5gyrjpbD#k@XXG|
z4N*47S9W%&#;P#9vok|=RzJZfI|I~URRq!I|1nlYF=V??i&ZhS>=aO&RdGyVTTq8p
z33TlcH%)?)NH#(}R;4h5^$F^;Dvg<~chG=U8O(0I;x<a$@p4(upb@Kbn8$hqjaik)
zyw(F~!m0umu<meUCGLLF)(vRNsuIRoSD+cI%2>#{0L@ud!J^g~Zneanu%vYYTCl2y
zWvwI7l2vuAXdQr7tZHCYYcDrn-V4^Wc0p@awXm+W4cf4(jSa0$(3VvljJMWtJ0|Xs
z3DzoT&#E3KTFapWtNPf^S_~aoHNZ~Rd~VRh-7?vl4V_sv!tT~|=)$To_Od2J600WI
z*BZ|)o49ihutq~yR!wn;H3EKS)eJ{iL!cY0<~Z6Kz)hUEi;lPYLJw9gaI)14eqq%T
zr(4~jC#zOC+e+rPPTW!FTb-actJb*KY6pE-wZY|9BK*p#Ev~W>xX}}L*L7Ar{Kl$1
zZn7FeKUN)Zn^hP3v+Bs-#WlJ06L;FZR#h0tsxyE8R)j&Uy6`t|Ss2VJiNAA8^2va>
z>z=WS!cbOS`Fpky3}f{(f5XPXa8}*;yEU3m55yh#j#U6gvg&~kti13$t6%Vul?O(#
z>WR;+TztYH?#8dI>@bE^Z+vHEhOw;r;3q2sjAQkyqF8D96hhEfF|1TDfz@wHxMjmc
zR{a#$3c(~+{grh58;r@U1}K@#4={z*KqZ^`8m6)uq~tQ6!8BHbl?d}8pJs?Vc7F37
z%wRQCi861(Ojg5`IP(h3Vl`YTY@X*64{`S{Zk~cUtVSwj%%d=u)$dA0^8n0aHA<;w
z?%`7raVM{B?tlfX#wZQU&9IQwSS8+E2a8yZQ(BlS`Q$|0)!Ud$VF{}VN=I`6EM+xO
zNj7K0GFFq69_BPYT@iQqKITMN!D@=q-y8#fu$rn2F-O2kR@0P`=3qX75qJBsW<OZX
zYKAh&><w#J%~YnF-C-@OS;`zUiBD<7oqwU(0oJpcqbxI9!v<D!l~rZ}Y-BZ0S#LJs
zlN|9`V2fEFHnUow>@;h^7FG+Dy=GO|%4(5v(5%3xJ>oOMF|#ymXSGB*Z5D$atd=Sl
z%tEk})iUL(8OtX^;<LjoGZJ>QTA|!Gx%0F7LwRK8fjz8ND$mWFd}<^<Q@k;=!ai23
zm5*jd_>0vV6-|Qutk$Z!>F~*tV4WIfhQUEr>s80p;Sj40Dwzm}S#4A^8Xx)eNqh#$
zYP^A?tTwATjpuNT)fP36@d%Ey+N$O=?(+$i_-qns+=7#=wyUwmRXD|Jhg!(E0H;~)
zRErs>`4mfhW+`nPgR`u5s}+ocaE{fVYE@$|oM*L1t!3=wlP>XDroOQSF0$IEHZj)2
zC02i_3C1e8%xb^d+E~V?Vd67R2V)^zWpz+ZGUmWFR)^H?#&o#O>ag0|n8YV$;<Hab
zV=UZcbyOW}jD%aPj;SMzA#j`3adnK*pHJ1qXQGKlAGpivq&m&$0ryy)QfC{<aG%v_
zb%D{5Pu|35rKLt2_?y*Pb*0e){$X`aU1!9@LssY2%|-)0ofDs-b{MtcF{_K}9-|sO
zVRcD8U{r*stS+lZjWT?KCq7%9GK#}<R#(;YMqzlt>Y94Rh=Z4`uB$hVC_d#ApSkWC
z`QbIIo9aU&0^YE?r9Lxq!CO|h)z?NgeiA@@7W-gig7>WMYG9;;53KHKA%mZ`u)43=
zMmRq$Ab6mqG7R|4>TfNrp}@ba{?Rh%pAc9*)Ut3-M^=xt9Qq4XSUuKq>yJ@o^+e07
zKR}JuQ_a(F^HT@nGhK{+4Ruz}wSwIH4OTC-qWT#$S-sRs>BsrW1o2s~ynYC6R<E@x
z`aTR}^+v0y@4|3aZ?$@Sj!41koz__2fGJtM*P83AF%_#1TB5!j9abN;_WB}z!a;mC
z?4r-b)T};h-S}LRhSk4XAAKUG1%8mkPe6bt<G*2qXka@0KmJEHV*KJizh~xN#Q)v=
p$4wnt5Bd}^w1uFlYk(hM{I6eF%YR5N$4Yn+{zt|1^2eCr{{d+&Y~KI?

literal 0
HcmV?d00001

diff --git a/regression/cbmc-java/lots_of_local_variables/TooManyLocals.java b/regression/cbmc-java/lots_of_local_variables/TooManyLocals.java
new file mode 100644
index 00000000000..512a1d0a6d4
--- /dev/null
+++ b/regression/cbmc-java/lots_of_local_variables/TooManyLocals.java
@@ -0,0 +1,518 @@
+public class TooManyLocals {
+  public static void test() {
+    int [] allInts = new int[256];
+    int i0 = 0;
+    int i1 = 1;
+    int i2 = 2;
+    int i3 = 3;
+    int i4 = 4;
+    int i5 = 5;
+    int i6 = 6;
+    int i7 = 7;
+    int i8 = 8;
+    int i9 = 9;
+    int i10 = 10;
+    int i11 = 11;
+    int i12 = 12;
+    int i13 = 13;
+    int i14 = 14;
+    int i15 = 15;
+    int i16 = 16;
+    int i17 = 17;
+    int i18 = 18;
+    int i19 = 19;
+    int i20 = 20;
+    int i21 = 21;
+    int i22 = 22;
+    int i23 = 23;
+    int i24 = 24;
+    int i25 = 25;
+    int i26 = 26;
+    int i27 = 27;
+    int i28 = 28;
+    int i29 = 29;
+    int i30 = 30;
+    int i31 = 31;
+    int i32 = 32;
+    int i33 = 33;
+    int i34 = 34;
+    int i35 = 35;
+    int i36 = 36;
+    int i37 = 37;
+    int i38 = 38;
+    int i39 = 39;
+    int i40 = 40;
+    int i41 = 41;
+    int i42 = 42;
+    int i43 = 43;
+    int i44 = 44;
+    int i45 = 45;
+    int i46 = 46;
+    int i47 = 47;
+    int i48 = 48;
+    int i49 = 49;
+    int i50 = 50;
+    int i51 = 51;
+    int i52 = 52;
+    int i53 = 53;
+    int i54 = 54;
+    int i55 = 55;
+    int i56 = 56;
+    int i57 = 57;
+    int i58 = 58;
+    int i59 = 59;
+    int i60 = 60;
+    int i61 = 61;
+    int i62 = 62;
+    int i63 = 63;
+    int i64 = 64;
+    int i65 = 65;
+    int i66 = 66;
+    int i67 = 67;
+    int i68 = 68;
+    int i69 = 69;
+    int i70 = 70;
+    int i71 = 71;
+    int i72 = 72;
+    int i73 = 73;
+    int i74 = 74;
+    int i75 = 75;
+    int i76 = 76;
+    int i77 = 77;
+    int i78 = 78;
+    int i79 = 79;
+    int i80 = 80;
+    int i81 = 81;
+    int i82 = 82;
+    int i83 = 83;
+    int i84 = 84;
+    int i85 = 85;
+    int i86 = 86;
+    int i87 = 87;
+    int i88 = 88;
+    int i89 = 89;
+    int i90 = 90;
+    int i91 = 91;
+    int i92 = 92;
+    int i93 = 93;
+    int i94 = 94;
+    int i95 = 95;
+    int i96 = 96;
+    int i97 = 97;
+    int i98 = 98;
+    int i99 = 99;
+    int i100 = 100;
+    int i101 = 101;
+    int i102 = 102;
+    int i103 = 103;
+    int i104 = 104;
+    int i105 = 105;
+    int i106 = 106;
+    int i107 = 107;
+    int i108 = 108;
+    int i109 = 109;
+    int i110 = 110;
+    int i111 = 111;
+    int i112 = 112;
+    int i113 = 113;
+    int i114 = 114;
+    int i115 = 115;
+    int i116 = 116;
+    int i117 = 117;
+    int i118 = 118;
+    int i119 = 119;
+    int i120 = 120;
+    int i121 = 121;
+    int i122 = 122;
+    int i123 = 123;
+    int i124 = 124;
+    int i125 = 125;
+    int i126 = 126;
+    int i127 = 127;
+    int i128 = 128;
+    int i129 = 129;
+    int i130 = 130;
+    int i131 = 131;
+    int i132 = 132;
+    int i133 = 133;
+    int i134 = 134;
+    int i135 = 135;
+    int i136 = 136;
+    int i137 = 137;
+    int i138 = 138;
+    int i139 = 139;
+    int i140 = 140;
+    int i141 = 141;
+    int i142 = 142;
+    int i143 = 143;
+    int i144 = 144;
+    int i145 = 145;
+    int i146 = 146;
+    int i147 = 147;
+    int i148 = 148;
+    int i149 = 149;
+    int i150 = 150;
+    int i151 = 151;
+    int i152 = 152;
+    int i153 = 153;
+    int i154 = 154;
+    int i155 = 155;
+    int i156 = 156;
+    int i157 = 157;
+    int i158 = 158;
+    int i159 = 159;
+    int i160 = 160;
+    int i161 = 161;
+    int i162 = 162;
+    int i163 = 163;
+    int i164 = 164;
+    int i165 = 165;
+    int i166 = 166;
+    int i167 = 167;
+    int i168 = 168;
+    int i169 = 169;
+    int i170 = 170;
+    int i171 = 171;
+    int i172 = 172;
+    int i173 = 173;
+    int i174 = 174;
+    int i175 = 175;
+    int i176 = 176;
+    int i177 = 177;
+    int i178 = 178;
+    int i179 = 179;
+    int i180 = 180;
+    int i181 = 181;
+    int i182 = 182;
+    int i183 = 183;
+    int i184 = 184;
+    int i185 = 185;
+    int i186 = 186;
+    int i187 = 187;
+    int i188 = 188;
+    int i189 = 189;
+    int i190 = 190;
+    int i191 = 191;
+    int i192 = 192;
+    int i193 = 193;
+    int i194 = 194;
+    int i195 = 195;
+    int i196 = 196;
+    int i197 = 197;
+    int i198 = 198;
+    int i199 = 199;
+    int i200 = 200;
+    int i201 = 201;
+    int i202 = 202;
+    int i203 = 203;
+    int i204 = 204;
+    int i205 = 205;
+    int i206 = 206;
+    int i207 = 207;
+    int i208 = 208;
+    int i209 = 209;
+    int i210 = 210;
+    int i211 = 211;
+    int i212 = 212;
+    int i213 = 213;
+    int i214 = 214;
+    int i215 = 215;
+    int i216 = 216;
+    int i217 = 217;
+    int i218 = 218;
+    int i219 = 219;
+    int i220 = 220;
+    int i221 = 221;
+    int i222 = 222;
+    int i223 = 223;
+    int i224 = 224;
+    int i225 = 225;
+    int i226 = 226;
+    int i227 = 227;
+    int i228 = 228;
+    int i229 = 229;
+    int i230 = 230;
+    int i231 = 231;
+    int i232 = 232;
+    int i233 = 233;
+    int i234 = 234;
+    int i235 = 235;
+    int i236 = 236;
+    int i237 = 237;
+    int i238 = 238;
+    int i239 = 239;
+    int i240 = 240;
+    int i241 = 241;
+    int i242 = 242;
+    int i243 = 243;
+    int i244 = 244;
+    int i245 = 245;
+    int i246 = 246;
+    int i247 = 247;
+    int i248 = 248;
+    int i249 = 249;
+    int i250 = 250;
+    int i251 = 251;
+    int i252 = 252;
+    int i253 = 253;
+    int i254 = 254;
+    int i255 = 255;
+    allInts[0] = i0;
+    allInts[1] = i1;
+    allInts[2] = i2;
+    allInts[3] = i3;
+    allInts[4] = i4;
+    allInts[5] = i5;
+    allInts[6] = i6;
+    allInts[7] = i7;
+    allInts[8] = i8;
+    allInts[9] = i9;
+    allInts[10] = i10;
+    allInts[11] = i11;
+    allInts[12] = i12;
+    allInts[13] = i13;
+    allInts[14] = i14;
+    allInts[15] = i15;
+    allInts[16] = i16;
+    allInts[17] = i17;
+    allInts[18] = i18;
+    allInts[19] = i19;
+    allInts[20] = i20;
+    allInts[21] = i21;
+    allInts[22] = i22;
+    allInts[23] = i23;
+    allInts[24] = i24;
+    allInts[25] = i25;
+    allInts[26] = i26;
+    allInts[27] = i27;
+    allInts[28] = i28;
+    allInts[29] = i29;
+    allInts[30] = i30;
+    allInts[31] = i31;
+    allInts[32] = i32;
+    allInts[33] = i33;
+    allInts[34] = i34;
+    allInts[35] = i35;
+    allInts[36] = i36;
+    allInts[37] = i37;
+    allInts[38] = i38;
+    allInts[39] = i39;
+    allInts[40] = i40;
+    allInts[41] = i41;
+    allInts[42] = i42;
+    allInts[43] = i43;
+    allInts[44] = i44;
+    allInts[45] = i45;
+    allInts[46] = i46;
+    allInts[47] = i47;
+    allInts[48] = i48;
+    allInts[49] = i49;
+    allInts[50] = i50;
+    allInts[51] = i51;
+    allInts[52] = i52;
+    allInts[53] = i53;
+    allInts[54] = i54;
+    allInts[55] = i55;
+    allInts[56] = i56;
+    allInts[57] = i57;
+    allInts[58] = i58;
+    allInts[59] = i59;
+    allInts[60] = i60;
+    allInts[61] = i61;
+    allInts[62] = i62;
+    allInts[63] = i63;
+    allInts[64] = i64;
+    allInts[65] = i65;
+    allInts[66] = i66;
+    allInts[67] = i67;
+    allInts[68] = i68;
+    allInts[69] = i69;
+    allInts[70] = i70;
+    allInts[71] = i71;
+    allInts[72] = i72;
+    allInts[73] = i73;
+    allInts[74] = i74;
+    allInts[75] = i75;
+    allInts[76] = i76;
+    allInts[77] = i77;
+    allInts[78] = i78;
+    allInts[79] = i79;
+    allInts[80] = i80;
+    allInts[81] = i81;
+    allInts[82] = i82;
+    allInts[83] = i83;
+    allInts[84] = i84;
+    allInts[85] = i85;
+    allInts[86] = i86;
+    allInts[87] = i87;
+    allInts[88] = i88;
+    allInts[89] = i89;
+    allInts[90] = i90;
+    allInts[91] = i91;
+    allInts[92] = i92;
+    allInts[93] = i93;
+    allInts[94] = i94;
+    allInts[95] = i95;
+    allInts[96] = i96;
+    allInts[97] = i97;
+    allInts[98] = i98;
+    allInts[99] = i99;
+    allInts[100] = i100;
+    allInts[101] = i101;
+    allInts[102] = i102;
+    allInts[103] = i103;
+    allInts[104] = i104;
+    allInts[105] = i105;
+    allInts[106] = i106;
+    allInts[107] = i107;
+    allInts[108] = i108;
+    allInts[109] = i109;
+    allInts[110] = i110;
+    allInts[111] = i111;
+    allInts[112] = i112;
+    allInts[113] = i113;
+    allInts[114] = i114;
+    allInts[115] = i115;
+    allInts[116] = i116;
+    allInts[117] = i117;
+    allInts[118] = i118;
+    allInts[119] = i119;
+    allInts[120] = i120;
+    allInts[121] = i121;
+    allInts[122] = i122;
+    allInts[123] = i123;
+    allInts[124] = i124;
+    allInts[125] = i125;
+    allInts[126] = i126;
+    allInts[127] = i127;
+    allInts[128] = i128;
+    allInts[129] = i129;
+    allInts[130] = i130;
+    allInts[131] = i131;
+    allInts[132] = i132;
+    allInts[133] = i133;
+    allInts[134] = i134;
+    allInts[135] = i135;
+    allInts[136] = i136;
+    allInts[137] = i137;
+    allInts[138] = i138;
+    allInts[139] = i139;
+    allInts[140] = i140;
+    allInts[141] = i141;
+    allInts[142] = i142;
+    allInts[143] = i143;
+    allInts[144] = i144;
+    allInts[145] = i145;
+    allInts[146] = i146;
+    allInts[147] = i147;
+    allInts[148] = i148;
+    allInts[149] = i149;
+    allInts[150] = i150;
+    allInts[151] = i151;
+    allInts[152] = i152;
+    allInts[153] = i153;
+    allInts[154] = i154;
+    allInts[155] = i155;
+    allInts[156] = i156;
+    allInts[157] = i157;
+    allInts[158] = i158;
+    allInts[159] = i159;
+    allInts[160] = i160;
+    allInts[161] = i161;
+    allInts[162] = i162;
+    allInts[163] = i163;
+    allInts[164] = i164;
+    allInts[165] = i165;
+    allInts[166] = i166;
+    allInts[167] = i167;
+    allInts[168] = i168;
+    allInts[169] = i169;
+    allInts[170] = i170;
+    allInts[171] = i171;
+    allInts[172] = i172;
+    allInts[173] = i173;
+    allInts[174] = i174;
+    allInts[175] = i175;
+    allInts[176] = i176;
+    allInts[177] = i177;
+    allInts[178] = i178;
+    allInts[179] = i179;
+    allInts[180] = i180;
+    allInts[181] = i181;
+    allInts[182] = i182;
+    allInts[183] = i183;
+    allInts[184] = i184;
+    allInts[185] = i185;
+    allInts[186] = i186;
+    allInts[187] = i187;
+    allInts[188] = i188;
+    allInts[189] = i189;
+    allInts[190] = i190;
+    allInts[191] = i191;
+    allInts[192] = i192;
+    allInts[193] = i193;
+    allInts[194] = i194;
+    allInts[195] = i195;
+    allInts[196] = i196;
+    allInts[197] = i197;
+    allInts[198] = i198;
+    allInts[199] = i199;
+    allInts[200] = i200;
+    allInts[201] = i201;
+    allInts[202] = i202;
+    allInts[203] = i203;
+    allInts[204] = i204;
+    allInts[205] = i205;
+    allInts[206] = i206;
+    allInts[207] = i207;
+    allInts[208] = i208;
+    allInts[209] = i209;
+    allInts[210] = i210;
+    allInts[211] = i211;
+    allInts[212] = i212;
+    allInts[213] = i213;
+    allInts[214] = i214;
+    allInts[215] = i215;
+    allInts[216] = i216;
+    allInts[217] = i217;
+    allInts[218] = i218;
+    allInts[219] = i219;
+    allInts[220] = i220;
+    allInts[221] = i221;
+    allInts[222] = i222;
+    allInts[223] = i223;
+    allInts[224] = i224;
+    allInts[225] = i225;
+    allInts[226] = i226;
+    allInts[227] = i227;
+    allInts[228] = i228;
+    allInts[229] = i229;
+    allInts[230] = i230;
+    allInts[231] = i231;
+    allInts[232] = i232;
+    allInts[233] = i233;
+    allInts[234] = i234;
+    allInts[235] = i235;
+    allInts[236] = i236;
+    allInts[237] = i237;
+    allInts[238] = i238;
+    allInts[239] = i239;
+    allInts[240] = i240;
+    allInts[241] = i241;
+    allInts[242] = i242;
+    allInts[243] = i243;
+    allInts[244] = i244;
+    allInts[245] = i245;
+    allInts[246] = i246;
+    allInts[247] = i247;
+    allInts[248] = i248;
+    allInts[249] = i249;
+    allInts[250] = i250;
+    allInts[251] = i251;
+    allInts[252] = i252;
+    allInts[253] = i253;
+    allInts[254] = i254;
+    allInts[255] = i255;
+    assert(allInts[255] + allInts[0] == 255);
+  }
+}
diff --git a/regression/cbmc-java/lots_of_local_variables/test.desc b/regression/cbmc-java/lots_of_local_variables/test.desc
new file mode 100644
index 00000000000..eaa7d76f397
--- /dev/null
+++ b/regression/cbmc-java/lots_of_local_variables/test.desc
@@ -0,0 +1,6 @@
+CORE
+TooManyLocals.class
+--function TooManyLocals.test
+VERIFICATION SUCCESSFUL
+\[java::TooManyLocals\.test:\(\)V\.assertion\.1\] .*: SUCCESS
+EXIT=0

From 60af1653a11d45483fb7513491eca6c05adcd056 Mon Sep 17 00:00:00 2001
From: thk123 <thomas@diffblue.com>
Date: Tue, 6 Feb 2018 16:56:40 +0000
Subject: [PATCH 3/4] Adding handmade class file exhibiting the same problem

---
 .../ManyLocalVariables.class                  | Bin 0 -> 222 bytes
 .../ManyLocalVariables.j                      |  36 ++++++++++++++++++
 .../lots_local_variables_manual/test.desc     |   4 ++
 3 files changed, 40 insertions(+)
 create mode 100644 regression/cbmc-java/lots_local_variables_manual/ManyLocalVariables.class
 create mode 100644 regression/cbmc-java/lots_local_variables_manual/ManyLocalVariables.j
 create mode 100644 regression/cbmc-java/lots_local_variables_manual/test.desc

diff --git a/regression/cbmc-java/lots_local_variables_manual/ManyLocalVariables.class b/regression/cbmc-java/lots_local_variables_manual/ManyLocalVariables.class
new file mode 100644
index 0000000000000000000000000000000000000000..e33d34c568a37f08447ab0c7b411fb4b340e6f68
GIT binary patch
literal 222
zcmZXOy$*sv5QJyt6vaYgq}NUhr6cwxCMNzA8fy-`7zjcFXyQBh1Qu3QJ{0F->lQmZ
z*_|)@sa|gwn4wGPNAfP6SSA-|??);q2*a&R9-B0f@kwT(^kbFJBZ75EZ&{#LVXO$o
zWV$AZWqM}Q+k}bQ-LAgMj`cY&3Y9Zy@J}+)HbEGp0}FK#PbLIwlidQA)~qApl5n*s
hU51seu57Y(X%k9YSDxoRf5{g27AI>8|HRrr;|q<dH8B7H

literal 0
HcmV?d00001

diff --git a/regression/cbmc-java/lots_local_variables_manual/ManyLocalVariables.j b/regression/cbmc-java/lots_local_variables_manual/ManyLocalVariables.j
new file mode 100644
index 00000000000..78ae053aeb8
--- /dev/null
+++ b/regression/cbmc-java/lots_local_variables_manual/ManyLocalVariables.j
@@ -0,0 +1,36 @@
+; This generates a class file that attempts to access local variables indexed
+; at 255, 256 and 65534
+; The class file is generated from this file using the following command:
+; java -jar jasmin.jar ManyLocalVariables.j
+; The jasmin jar file can be obtained from: http://jasmin.sourceforge.net/
+
+.class public ManyLocalVariables
+.super java/lang/Object
+
+.method public static test()I
+  .limit stack 10
+  .limit locals 65535
+  .line 1
+   iconst_1
+   istore 1
+
+   iconst_1
+   istore 255
+
+   iconst_1
+   istore_w 256
+
+   iconst_1
+   istore_w 65534
+
+   iload 1
+   iload 255
+   iload_w 256
+   iload_w 65534
+
+   iadd
+   iadd
+   iadd
+
+   ireturn
+.end method
diff --git a/regression/cbmc-java/lots_local_variables_manual/test.desc b/regression/cbmc-java/lots_local_variables_manual/test.desc
new file mode 100644
index 00000000000..4d5140cf86d
--- /dev/null
+++ b/regression/cbmc-java/lots_local_variables_manual/test.desc
@@ -0,0 +1,4 @@
+CORE
+ManyLocalVariables.class
+--function ManyLocalVariables.test
+VERIFICATION SUCCESSFUL

From 004626c15abec926ce47bfc4c19f99cf2aecd8b2 Mon Sep 17 00:00:00 2001
From: thk123 <thomas@diffblue.com>
Date: Thu, 8 Feb 2018 17:25:50 +0000
Subject: [PATCH 4/4] Adding invariant to check instruction is normal wide

Only specific instructions can follow a wide byte.
---
 src/java_bytecode/java_bytecode_parser.cpp | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/src/java_bytecode/java_bytecode_parser.cpp b/src/java_bytecode/java_bytecode_parser.cpp
index 58bfc4f09b5..85c63e263b5 100644
--- a/src/java_bytecode/java_bytecode_parser.cpp
+++ b/src/java_bytecode/java_bytecode_parser.cpp
@@ -711,6 +711,13 @@ void java_bytecode_parsert::rbytecode(
       wide_instruction=true;
       address++;
       bytecode=read_u1();
+      // The only valid instructions following a wide byte are
+      // [ifald]load, [ifald]store, ret and iinc
+      // All of these have either format of v, or V
+      INVARIANT(
+        bytecodes[bytecode].format == 'v' || bytecodes[bytecode].format == 'V',
+        "Unexpected wide instruction: " +
+          id2string(bytecodes[bytecode].mnemonic));
     }
 
     instructions.push_back(instructiont());