Back to master

Author: michael-schwarz

src/analyses/basePriv.ml

@@ -866,47 +866,6 @@ sig
   include AtomicParam
 end
 
-module P =
-struct
-  include MustVars
-  let name () = "P"
-end
-
-module Sigma' =
-struct
-  include CPA
-  let name () = "Protected Changes"
-end
-
-module type ProtectionDom =
-sig
-  include Lattice.S
-  val add: bool -> varinfo -> VD.t -> t -> t
-  val remove: varinfo -> t -> t
-  val precise_side: varinfo -> VD.t -> t -> VD.t option
-  val empty: unit -> t
-  val getP: t -> P.t
-end
-
-module ProtectionCPASide: ProtectionDom =
-struct
-  include P
-
-  let add _ x _ t = P.add x t
-  let precise_side x v t = Some v
-  let getP t = t
-end
-
-module ProtectionChangesOnlySide: ProtectionDom =
-struct
-  include Lattice.Prod (P) (Sigma')
-  let add invariant x v t = P.add x @@ fst t, if not invariant then Sigma'.add x v @@ snd t else snd t
-  let remove x t = P.remove x @@ fst t, Sigma'.remove x @@ snd t
-  let precise_side x v t = Sigma'.find_opt x @@ snd t
-  let empty () = P.empty (), Sigma'.empty ()
-  let getP t = fst t
-end
-
 (** Protection-Based Reading. *)
 module ProtectionBasedV = struct
   module VUnprot =
@@ -928,24 +887,30 @@ module ProtectionBasedV = struct
 end
 
 (** Protection-Based Reading. *)
-module ProtectionBasedPriv (D: ProtectionDom) (Param: PerGlobalPrivParam)(Wrapper:PrivatizationWrapper): S =
+module ProtectionBasedPriv (Param: PerGlobalPrivParam)(Wrapper:PrivatizationWrapper): S =
 struct
   include NoFinalize
   include ConfCheck.RequireMutexActivatedInit
   open Protection
 
+  module P =
+  struct
+    include MustVars
+    let name () = "P"
+  end
+
   (* W is implicitly represented by CPA domain *)
-  module D = D
+  module D = P
 
   module Wrapper = Wrapper (VD)
   module G = Wrapper.G
   module V = ProtectionBasedV.V
 
-  let startstate () = D.empty ()
+  let startstate () = P.empty ()
 
   let read_global (ask: Queries.ask) getg (st: BaseComponents (D).t) x =
     let getg = Wrapper.getg ask getg in
-    if P.mem x @@ D.getP st.priv then
+    if P.mem x st.priv then
       CPA.find x st.cpa
     else if Param.handle_atomic && ask.f MustBeAtomic then
       VD.join (CPA.find x st.cpa) (getg (V.unprotected x)) (* Account for previous unpublished unprotected writes in current atomic section. *)
@@ -956,7 +921,6 @@ struct
 
   let write_global ?(invariant=false) (ask: Queries.ask) getg sideg (st: BaseComponents (D).t) x v =
     let sideg = Wrapper.sideg ask sideg in
-    let unprotected = is_unprotected ask x in
     if not invariant then (
       if not (Param.handle_atomic && ask.f MustBeAtomic) then
         sideg (V.unprotected x) v; (* Delay publishing unprotected write in the atomic section. *)
@@ -965,11 +929,11 @@ struct
         (* Unlock after invariant will still side effect refined value (if protected) from CPA, because cannot distinguish from non-invariant write since W is implicit. *)
     );
     if Param.handle_atomic && ask.f MustBeAtomic then
-      {st with cpa = CPA.add x v st.cpa; priv = D.add invariant x v st.priv} (* Keep write local as if it were protected by the atomic section. *)
-    else if unprotected then
+      {st with cpa = CPA.add x v st.cpa; priv = P.add x st.priv} (* Keep write local as if it were protected by the atomic section. *)
+    else if is_unprotected ask x then
       st
     else
-      {st with cpa = CPA.add x v st.cpa; priv = D.add invariant x v st.priv}
+      {st with cpa = CPA.add x v st.cpa; priv = P.add x st.priv}
 
   let lock ask getg st m = st
 
@@ -979,22 +943,16 @@ struct
     (* TODO: what about G_m globals in cpa that weren't actually written? *)
     CPA.fold (fun x v (st: BaseComponents (D).t) ->
         if is_protected_by ask m x then ( (* is_in_Gm *)
-          (* Only apply sides for values that were actually written to globals!
-             This excludes invariants inferred through guards. *)
-          begin match D.precise_side x v st.priv with
-            | Some v -> begin
-                (* Extra precision in implementation to pass tests:
-                   If global is read-protected by multiple locks,
-                   then inner unlock shouldn't yet publish. *)
-                if not Param.check_read_unprotected || is_unprotected_without ask ~write:false x m then
-                  sideg (V.protected x) v;
-                if atomic then
-                  sideg (V.unprotected x) v; (* Publish delayed unprotected write as if it were protected by the atomic section. *)
-              end
-            | None -> ()
-          end;
+          (* Extra precision in implementation to pass tests:
+             If global is read-protected by multiple locks,
+             then inner unlock shouldn't yet publish. *)
+          if not Param.check_read_unprotected || is_unprotected_without ask ~write:false x m then
+            sideg (V.protected x) v;
+          if atomic then
+            sideg (V.unprotected x) v; (* Publish delayed unprotected write as if it were protected by the atomic section. *)
+
           if is_unprotected_without ask x m then (* is_in_V' *)
-            {st with cpa = CPA.remove x st.cpa; priv = D.remove x st.priv}
+            {st with cpa = CPA.remove x st.cpa; priv = P.remove x st.priv}
           else
             st
         )
@@ -1010,7 +968,7 @@ struct
           if is_global ask x && is_unprotected ask x then (
             sideg (V.unprotected x) v;
             sideg (V.protected x) v; (* must be like enter_multithreaded *)
-            {st with cpa = CPA.remove x st.cpa; priv = D.remove x st.priv}
+            {st with cpa = CPA.remove x st.cpa; priv = P.remove x st.priv}
           )
           else
             st
@@ -1049,7 +1007,7 @@ struct
         if is_global ask x then (
           sideg (V.unprotected x) v;
           sideg (V.protected x) v;
-          {st with cpa = CPA.remove x st.cpa; priv = D.remove x st.priv}
+          {st with cpa = CPA.remove x st.cpa; priv = P.remove x st.priv}
         )
         else
           st
@@ -2158,21 +2116,19 @@ end
 
 let priv_module: (module S) Lazy.t =
   lazy (
-    let changes_only = get_bool "ana.base.priv.protection.changes-only" in
-    let module ProtDom: ProtectionDom = (val if changes_only then (module ProtectionChangesOnlySide : ProtectionDom) else (module ProtectionCPASide)) in
     let module Priv: S =
       (val match get_string "ana.base.privatization" with
         | "none" -> (module NonePriv: S)
         | "vojdani" -> (module VojdaniPriv: S)
         | "mutex-oplus" -> (module PerMutexOplusPriv)
         | "mutex-meet" -> (module PerMutexMeetPriv)
         | "mutex-meet-tid" -> (module PerMutexMeetTIDPriv (ThreadDigest))
-        | "protection" -> (module ProtectionBasedPriv (ProtDom) (struct let check_read_unprotected = false let handle_atomic = false end)(NoWrapper))
-        | "protection-tid" -> (module ProtectionBasedPriv (ProtDom) (struct let check_read_unprotected = false let handle_atomic = false end)(DigestWrapper(ThreadNotStartedDigest)))
-        | "protection-atomic" -> (module ProtectionBasedPriv (ProtDom) (struct let check_read_unprotected = false let handle_atomic = true end)(NoWrapper)) (* experimental *)
-        | "protection-read" -> (module ProtectionBasedPriv (ProtDom) (struct let check_read_unprotected = true let handle_atomic = false end)(NoWrapper))
-        | "protection-read-tid" -> (module ProtectionBasedPriv (ProtDom) (struct let check_read_unprotected = true let handle_atomic = false end)(DigestWrapper(ThreadNotStartedDigest)))
-        | "protection-read-atomic" -> (module ProtectionBasedPriv (ProtDom) (struct let check_read_unprotected = true let handle_atomic = true end)(NoWrapper)) (* experimental *)
+        | "protection" -> (module ProtectionBasedPriv (struct let check_read_unprotected = false let handle_atomic = false end)(NoWrapper))
+        | "protection-tid" -> (module ProtectionBasedPriv (struct let check_read_unprotected = false let handle_atomic = false end)(DigestWrapper(ThreadNotStartedDigest)))
+        | "protection-atomic" -> (module ProtectionBasedPriv (struct let check_read_unprotected = false let handle_atomic = true end)(NoWrapper)) (* experimental *)
+        | "protection-read" -> (module ProtectionBasedPriv (struct let check_read_unprotected = true let handle_atomic = false end)(NoWrapper))
+        | "protection-read-tid" -> (module ProtectionBasedPriv (struct let check_read_unprotected = true let handle_atomic = false end)(DigestWrapper(ThreadNotStartedDigest)))
+        | "protection-read-atomic" -> (module ProtectionBasedPriv (struct let check_read_unprotected = true let handle_atomic = true end)(NoWrapper)) (* experimental *)
         | "mine" -> (module MinePriv)
         | "mine-nothread" -> (module MineNoThreadPriv)
         | "mine-W" -> (module MineWPriv (struct let side_effect_global_init = true end))