Skip to content

Commit f37871c

Browse files
sim642sim642
authored
Merge pull request #1897 from goblint/witness-invariant-bitfield
Simplify witness invariants for bitfield domain
2 parents f69b2d3 + e031370 commit f37871c

9 files changed

Lines changed: 503 additions & 27 deletions

File tree

src/cdomain/value/cdomains/int/bitfieldDomain.ml

Lines changed: 31 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -624,19 +624,39 @@ module BitfieldFunctor (Ints_t : IntOps.IntOps): Bitfield_SOverflow with type in
624624

625625
(* Invariant *)
626626

627-
let invariant_ikind e ik (z,o) =
628-
if z =: BArith.one_mask && o =: BArith.one_mask then
629-
Invariant.top ()
630-
else if BArith.is_invalid (z,o) then
631-
Invariant.none
632-
else
633-
let open GoblintCil.Cil in
627+
let invariant_ikind e ik (z, o) =
628+
assert (not (BArith.is_invalid (z, o)));
629+
let open GoblintCil.Cil in
630+
let ik_type = TInt (ik, []) in
631+
let i1 =
634632
let def0 = z &: (!: o) in
633+
if def0 =: BArith.zero_mask then
634+
Invariant.none
635+
else (
636+
let def0 = Ints_t.to_bigint def0 in
637+
if fitsInInt ik def0 then ( (* At least for _Bool and unsigned types, kintegerCilint can give an incorrect mask if doesn't fit. See https://github.com/goblint/analyzer/pull/1897/changes#r2610251390. *)
638+
let def0 = kintegerCilint ik def0 in
639+
Invariant.of_exp (BinOp (Eq, (BinOp (BAnd, e, def0, ik_type)), kintegerCilint ik Z.zero, intType))
640+
)
641+
else
642+
Invariant.none
643+
)
644+
in
645+
let i2 =
635646
let def1 = o &: (!: z) in
636-
let (def0, def1) = BatTuple.Tuple2.mapn (kintegerCilint ik) (Ints_t.to_bigint def0, Ints_t.to_bigint def1) in
637-
let exp0 = Invariant.of_exp (BinOp (Eq, (BinOp (BAnd, (UnOp (BNot, e, TInt(ik,[]))), def0, TInt(ik,[]))), def0, intType)) in
638-
let exp1 = Invariant.of_exp (BinOp (Eq, (BinOp (BAnd, e, def1, TInt(ik,[]))), def1, intType)) in
639-
Invariant.meet exp0 exp1
647+
if def1 =: BArith.zero_mask then
648+
Invariant.none
649+
else (
650+
let def1 = Ints_t.to_bigint def1 in
651+
if fitsInInt ik def1 then ( (* At least for _Bool and unsigned types, kintegerCilint can give an incorrect mask if doesn't fit. See https://github.com/goblint/analyzer/pull/1897/changes#r2610251390. *)
652+
let def1 = kintegerCilint ik def1 in
653+
Invariant.of_exp (BinOp (Eq, (BinOp (BAnd, e, def1, ik_type)), def1, intType))
654+
)
655+
else
656+
Invariant.none
657+
)
658+
in
659+
Invariant.(i1 && i2)
640660

641661
let starting ik n =
642662
let (min_ik, max_ik) = Size.range ik in

tests/regression/56-witness/46-top-bool-invariant.t

Lines changed: 42 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
def_exc only:
22

3-
$ goblint --enable witness.yaml.enabled --set witness.yaml.invariant-types '["location_invariant"]' --enable ana.int.def_exc --disable ana.int.interval --disable ana.int.enums --disable ana.int.congruence --disable ana.int.interval_set 46-top-bool-invariant.c --enable witness.invariant.inexact-type-bounds
3+
$ goblint --enable witness.yaml.enabled --set witness.yaml.invariant-types '["location_invariant"]' --enable ana.int.def_exc --disable ana.int.interval --disable ana.int.enums --disable ana.int.congruence --disable ana.int.interval_set --disable ana.int.bitfield 46-top-bool-invariant.c --enable witness.invariant.inexact-type-bounds
44
[Info][Deadcode] Logical lines of code (LLoC) summary:
55
live: 2
66
dead: 0
@@ -35,7 +35,7 @@ def_exc only:
3535

3636
interval only:
3737

38-
$ goblint --enable witness.yaml.enabled --set witness.yaml.invariant-types '["location_invariant"]' --disable ana.int.def_exc --enable ana.int.interval --disable ana.int.enums --disable ana.int.congruence --disable ana.int.interval_set 46-top-bool-invariant.c --enable witness.invariant.inexact-type-bounds
38+
$ goblint --enable witness.yaml.enabled --set witness.yaml.invariant-types '["location_invariant"]' --disable ana.int.def_exc --enable ana.int.interval --disable ana.int.enums --disable ana.int.congruence --disable ana.int.interval_set --disable ana.int.bitfield 46-top-bool-invariant.c --enable witness.invariant.inexact-type-bounds
3939
[Info][Deadcode] Logical lines of code (LLoC) summary:
4040
live: 2
4141
dead: 0
@@ -70,7 +70,7 @@ interval only:
7070

7171
enums only:
7272

73-
$ goblint --enable witness.yaml.enabled --set witness.yaml.invariant-types '["location_invariant"]' --disable ana.int.def_exc --disable ana.int.interval --enable ana.int.enums --disable ana.int.congruence --disable ana.int.interval_set 46-top-bool-invariant.c --enable witness.invariant.inexact-type-bounds
73+
$ goblint --enable witness.yaml.enabled --set witness.yaml.invariant-types '["location_invariant"]' --disable ana.int.def_exc --disable ana.int.interval --enable ana.int.enums --disable ana.int.congruence --disable ana.int.interval_set --disable ana.int.bitfield 46-top-bool-invariant.c --enable witness.invariant.inexact-type-bounds
7474
[Info][Deadcode] Logical lines of code (LLoC) summary:
7575
live: 2
7676
dead: 0
@@ -96,7 +96,7 @@ enums only:
9696

9797
congruence only:
9898

99-
$ goblint --enable witness.yaml.enabled --set witness.yaml.invariant-types '["location_invariant"]' --disable ana.int.def_exc --disable ana.int.interval --disable ana.int.enums --enable ana.int.congruence --disable ana.int.interval_set 46-top-bool-invariant.c --enable witness.invariant.inexact-type-bounds
99+
$ goblint --enable witness.yaml.enabled --set witness.yaml.invariant-types '["location_invariant"]' --disable ana.int.def_exc --disable ana.int.interval --disable ana.int.enums --enable ana.int.congruence --disable ana.int.interval_set --disable ana.int.bitfield 46-top-bool-invariant.c --enable witness.invariant.inexact-type-bounds
100100
[Info][Deadcode] Logical lines of code (LLoC) summary:
101101
live: 2
102102
dead: 0
@@ -113,7 +113,42 @@ congruence only:
113113

114114
interval_set only:
115115

116-
$ goblint --enable witness.yaml.enabled --set witness.yaml.invariant-types '["location_invariant"]' --disable ana.int.def_exc --disable ana.int.interval --disable ana.int.enums --disable ana.int.congruence --enable ana.int.interval_set 46-top-bool-invariant.c --enable witness.invariant.inexact-type-bounds
116+
$ goblint --enable witness.yaml.enabled --set witness.yaml.invariant-types '["location_invariant"]' --disable ana.int.def_exc --disable ana.int.interval --disable ana.int.enums --disable ana.int.congruence --enable ana.int.interval_set --disable ana.int.bitfield 46-top-bool-invariant.c --enable witness.invariant.inexact-type-bounds
117+
[Info][Deadcode] Logical lines of code (LLoC) summary:
118+
live: 2
119+
dead: 0
120+
total lines: 2
121+
[Info][Witness] witness generation summary:
122+
location invariants: 2
123+
loop invariants: 0
124+
flow-insensitive invariants: 0
125+
total generation entries: 1
126+
127+
$ yamlWitnessStrip < witness.yml
128+
- entry_type: invariant_set
129+
content:
130+
- invariant:
131+
type: location_invariant
132+
location:
133+
file_name: 46-top-bool-invariant.c
134+
line: 5
135+
column: 3
136+
function: main
137+
value: (_Bool)0 <= x
138+
format: c_expression
139+
- invariant:
140+
type: location_invariant
141+
location:
142+
file_name: 46-top-bool-invariant.c
143+
line: 5
144+
column: 3
145+
function: main
146+
value: x <= (_Bool)1
147+
format: c_expression
148+
149+
bitfield only:
150+
151+
$ goblint --enable witness.yaml.enabled --set witness.yaml.invariant-types '["location_invariant"]' --disable ana.int.def_exc --disable ana.int.interval --disable ana.int.enums --disable ana.int.congruence --disable ana.int.interval_set --enable ana.int.bitfield 46-top-bool-invariant.c --enable witness.invariant.inexact-type-bounds
117152
[Info][Deadcode] Logical lines of code (LLoC) summary:
118153
live: 2
119154
dead: 0
@@ -148,7 +183,7 @@ interval_set only:
148183

149184
all:
150185

151-
$ goblint --enable witness.yaml.enabled --set witness.yaml.invariant-types '["location_invariant"]' --enable ana.int.def_exc --enable ana.int.interval --enable ana.int.enums --enable ana.int.congruence --enable ana.int.interval_set 46-top-bool-invariant.c --enable witness.invariant.inexact-type-bounds
186+
$ goblint --enable witness.yaml.enabled --set witness.yaml.invariant-types '["location_invariant"]' --enable ana.int.def_exc --enable ana.int.interval --enable ana.int.enums --enable ana.int.congruence --enable ana.int.interval_set --enable ana.int.bitfield 46-top-bool-invariant.c --enable witness.invariant.inexact-type-bounds
152187
[Info][Deadcode] Logical lines of code (LLoC) summary:
153188
live: 2
154189
dead: 0
@@ -174,7 +209,7 @@ all:
174209

175210
all without inexact-type-bounds:
176211

177-
$ goblint --enable witness.yaml.enabled --set witness.yaml.invariant-types '["location_invariant"]' --enable ana.int.def_exc --enable ana.int.interval --enable ana.int.enums --enable ana.int.congruence --enable ana.int.interval_set 46-top-bool-invariant.c --disable witness.invariant.inexact-type-bounds
212+
$ goblint --enable witness.yaml.enabled --set witness.yaml.invariant-types '["location_invariant"]' --enable ana.int.def_exc --enable ana.int.interval --enable ana.int.enums --enable ana.int.congruence --enable ana.int.interval_set --enable ana.int.bitfield 46-top-bool-invariant.c --disable witness.invariant.inexact-type-bounds
178213
[Info][Deadcode] Logical lines of code (LLoC) summary:
179214
live: 2
180215
dead: 0

tests/regression/56-witness/47-top-int-invariant.t

Lines changed: 24 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
def_exc only:
22

3-
$ goblint --enable witness.yaml.enabled --set witness.yaml.invariant-types '["location_invariant"]' --enable ana.int.def_exc --disable ana.int.interval --disable ana.int.enums --disable ana.int.congruence --disable ana.int.interval_set 47-top-int-invariant.c --enable witness.invariant.inexact-type-bounds
3+
$ goblint --enable witness.yaml.enabled --set witness.yaml.invariant-types '["location_invariant"]' --enable ana.int.def_exc --disable ana.int.interval --disable ana.int.enums --disable ana.int.congruence --disable ana.int.interval_set --disable ana.int.bitfield 47-top-int-invariant.c --enable witness.invariant.inexact-type-bounds
44
[Info][Deadcode] Logical lines of code (LLoC) summary:
55
live: 2
66
dead: 0
@@ -35,7 +35,7 @@ def_exc only:
3535

3636
interval only:
3737

38-
$ goblint --enable witness.yaml.enabled --set witness.yaml.invariant-types '["location_invariant"]' --disable ana.int.def_exc --enable ana.int.interval --disable ana.int.enums --disable ana.int.congruence --disable ana.int.interval_set 47-top-int-invariant.c --enable witness.invariant.inexact-type-bounds
38+
$ goblint --enable witness.yaml.enabled --set witness.yaml.invariant-types '["location_invariant"]' --disable ana.int.def_exc --enable ana.int.interval --disable ana.int.enums --disable ana.int.congruence --disable ana.int.interval_set --disable ana.int.bitfield 47-top-int-invariant.c --enable witness.invariant.inexact-type-bounds
3939
[Info][Deadcode] Logical lines of code (LLoC) summary:
4040
live: 2
4141
dead: 0
@@ -70,7 +70,7 @@ interval only:
7070

7171
enums only:
7272

73-
$ goblint --enable witness.yaml.enabled --set witness.yaml.invariant-types '["location_invariant"]' --disable ana.int.def_exc --disable ana.int.interval --enable ana.int.enums --disable ana.int.congruence --disable ana.int.interval_set 47-top-int-invariant.c --enable witness.invariant.inexact-type-bounds
73+
$ goblint --enable witness.yaml.enabled --set witness.yaml.invariant-types '["location_invariant"]' --disable ana.int.def_exc --disable ana.int.interval --enable ana.int.enums --disable ana.int.congruence --disable ana.int.interval_set --disable ana.int.bitfield 47-top-int-invariant.c --enable witness.invariant.inexact-type-bounds
7474
[Info][Deadcode] Logical lines of code (LLoC) summary:
7575
live: 2
7676
dead: 0
@@ -105,7 +105,7 @@ enums only:
105105

106106
congruence only:
107107

108-
$ goblint --enable witness.yaml.enabled --set witness.yaml.invariant-types '["location_invariant"]' --disable ana.int.def_exc --disable ana.int.interval --disable ana.int.enums --enable ana.int.congruence --disable ana.int.interval_set 47-top-int-invariant.c --enable witness.invariant.inexact-type-bounds
108+
$ goblint --enable witness.yaml.enabled --set witness.yaml.invariant-types '["location_invariant"]' --disable ana.int.def_exc --disable ana.int.interval --disable ana.int.enums --enable ana.int.congruence --disable ana.int.interval_set --disable ana.int.bitfield 47-top-int-invariant.c --enable witness.invariant.inexact-type-bounds
109109
[Info][Deadcode] Logical lines of code (LLoC) summary:
110110
live: 2
111111
dead: 0
@@ -122,7 +122,7 @@ congruence only:
122122

123123
interval_set only:
124124

125-
$ goblint --enable witness.yaml.enabled --set witness.yaml.invariant-types '["location_invariant"]' --disable ana.int.def_exc --disable ana.int.interval --disable ana.int.enums --disable ana.int.congruence --enable ana.int.interval_set 47-top-int-invariant.c --enable witness.invariant.inexact-type-bounds
125+
$ goblint --enable witness.yaml.enabled --set witness.yaml.invariant-types '["location_invariant"]' --disable ana.int.def_exc --disable ana.int.interval --disable ana.int.enums --disable ana.int.congruence --enable ana.int.interval_set --disable ana.int.bitfield 47-top-int-invariant.c --enable witness.invariant.inexact-type-bounds
126126
[Info][Deadcode] Logical lines of code (LLoC) summary:
127127
live: 2
128128
dead: 0
@@ -155,9 +155,26 @@ interval_set only:
155155
value: x <= 2147483647
156156
format: c_expression
157157

158+
bitfield only:
159+
160+
$ goblint --enable witness.yaml.enabled --set witness.yaml.invariant-types '["location_invariant"]' --disable ana.int.def_exc --disable ana.int.interval --disable ana.int.enums --disable ana.int.congruence --disable ana.int.interval_set --enable ana.int.bitfield 47-top-int-invariant.c --enable witness.invariant.inexact-type-bounds
161+
[Info][Deadcode] Logical lines of code (LLoC) summary:
162+
live: 2
163+
dead: 0
164+
total lines: 2
165+
[Info][Witness] witness generation summary:
166+
location invariants: 0
167+
loop invariants: 0
168+
flow-insensitive invariants: 0
169+
total generation entries: 1
170+
171+
$ yamlWitnessStrip < witness.yml
172+
- entry_type: invariant_set
173+
content: []
174+
158175
all:
159176

160-
$ goblint --enable witness.yaml.enabled --set witness.yaml.invariant-types '["location_invariant"]' --enable ana.int.def_exc --enable ana.int.interval --enable ana.int.enums --enable ana.int.congruence --enable ana.int.interval_set 47-top-int-invariant.c --enable witness.invariant.inexact-type-bounds
177+
$ goblint --enable witness.yaml.enabled --set witness.yaml.invariant-types '["location_invariant"]' --enable ana.int.def_exc --enable ana.int.interval --enable ana.int.enums --enable ana.int.congruence --enable ana.int.interval_set --enable ana.int.bitfield 47-top-int-invariant.c --enable witness.invariant.inexact-type-bounds
161178
[Info][Deadcode] Logical lines of code (LLoC) summary:
162179
live: 2
163180
dead: 0
@@ -192,7 +209,7 @@ all:
192209

193210
all without inexact-type-bounds:
194211

195-
$ goblint --enable witness.yaml.enabled --set witness.yaml.invariant-types '["location_invariant"]' --enable ana.int.def_exc --enable ana.int.interval --enable ana.int.enums --enable ana.int.congruence --enable ana.int.interval_set 47-top-int-invariant.c --disable witness.invariant.inexact-type-bounds
212+
$ goblint --enable witness.yaml.enabled --set witness.yaml.invariant-types '["location_invariant"]' --enable ana.int.def_exc --enable ana.int.interval --enable ana.int.enums --enable ana.int.congruence --enable ana.int.interval_set --enable ana.int.bitfield 47-top-int-invariant.c --disable witness.invariant.inexact-type-bounds
196213
[Info][Deadcode] Logical lines of code (LLoC) summary:
197214
live: 2
198215
dead: 0

0 commit comments

Comments
 (0)