Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bitfield Domain #1623

Open
wants to merge 172 commits into
base: master
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
172 commits
Select commit Hold shift + click to select a range
9b0002f
initial tests
ManuelLerchner Oct 23, 2024
582630c
implement first bad solution
ManuelLerchner Oct 23, 2024
3042aae
begin int domain rewrite to include bitfield
ManuelLerchner Oct 27, 2024
a609f3d
fix bitfield domain
ManuelLerchner Oct 29, 2024
696c110
Draft of incredibly messy impls of bitfield shift operations that nee…
iC4rl0s Nov 4, 2024
0630662
some bug fixes
Nov 4, 2024
fd89907
implemented add, sub and mul
Nov 4, 2024
8a91829
reverted some changes due to incorrect implementations
Nov 5, 2024
5c0fdbb
optimized shifts that concretize the shifting constants from an abstr…
iC4rl0s Nov 5, 2024
087d4a9
minor bug in max_shift
iC4rl0s Nov 5, 2024
0116023
comparison bug in max_shift
iC4rl0s Nov 5, 2024
03961c0
begin overflow handling
ManuelLerchner Nov 7, 2024
d42b989
separation of break_down into break_down_to_const_bitfields and break…
iC4rl0s Nov 7, 2024
6a26669
clean up; begin other methods
ManuelLerchner Nov 7, 2024
05b3d8e
format
ManuelLerchner Nov 8, 2024
27c9876
make it more functional. untested
iC4rl0s Nov 8, 2024
ca7c040
bug fix: Bitfields with z set to zero missed
iC4rl0s Nov 8, 2024
1338d65
Implementation of arithmetic operators (including neg) (#8)
AdrianKrauss Nov 12, 2024
447db3d
fix comments
ManuelLerchner Nov 12, 2024
3a00c0b
Merge branch 'master' into overflow-handling
ManuelLerchner Nov 12, 2024
89294a9
delete bitfield ml
ManuelLerchner Nov 12, 2024
c78510b
fix
ManuelLerchner Nov 12, 2024
ec166cb
Merge pull request #5 from ManuelLerchner/overflow-handling
ManuelLerchner Nov 12, 2024
1adccde
hotfix refinements
ManuelLerchner Nov 12, 2024
2e05197
.
Draggon01 Nov 12, 2024
897d6a2
bitfield shifts pr ready
iC4rl0s Nov 12, 2024
7d5913a
Merge branch 'master' into bitfield-shifts. Doesnt compile yet
ManuelLerchner Nov 12, 2024
257cc5b
added norm to almost every function which usess ikind
Nov 12, 2024
24b3719
added correct fil and deleted test file
Nov 12, 2024
cbfbf28
bug fix: signedness with right shift considered
iC4rl0s Nov 12, 2024
87b0189
Merge branch 'bitfield-shifts' of github.com:ManuelLerchner/analyzer …
iC4rl0s Nov 12, 2024
ff8c4c7
refine hotfix2
ManuelLerchner Nov 14, 2024
d405853
Revert "refine hotfix2"
ManuelLerchner Nov 14, 2024
ffc7285
refine hotfix2
ManuelLerchner Nov 14, 2024
5ec64ad
restore refine with congruence, as it was lost during merging
ManuelLerchner Nov 14, 2024
8cd7e62
Merge branch 'master' into 10-extend-norm-to-arithmetic-operations
ManuelLerchner Nov 14, 2024
a31dc67
intDomain.ml is compilable
iC4rl0s Nov 15, 2024
28d9db0
Avoiding unnecessary computation when min{b} > ceil(log2 max{a}) in s…
iC4rl0s Nov 16, 2024
6177b13
begin first unit tests
ManuelLerchner Nov 18, 2024
8e8b9cb
add simple shift unit tests
Draggon01 Nov 18, 2024
ed56bd8
Merge branch 'master' into bitfield-shifts
Draggon01 Nov 18, 2024
9ae2b8f
base test impl
Draggon01 Nov 19, 2024
874e1ed
merge unit tests
Draggon01 Nov 19, 2024
5ce8db7
add simple tests
Draggon01 Nov 19, 2024
4170f7f
fix small bug in constant shifting expecting isSigned ik to check if …
Draggon01 Nov 19, 2024
cd1bd06
Merge pull request #14 from ManuelLerchner/unit-tests
ManuelLerchner Nov 19, 2024
5eafd97
Merge pull request #12 from ManuelLerchner/bitfield-shifts
ManuelLerchner Nov 19, 2024
811590d
added bitfield to quickcheck
Nov 19, 2024
6999a20
two bug fixes
Nov 19, 2024
9f72163
Merge branch 'master' into 10-extend-norm-to-arithmetic-operations
ManuelLerchner Nov 19, 2024
c660277
Merge pull request #13 from ManuelLerchner/10-extend-norm-to-arithmet…
ManuelLerchner Nov 19, 2024
146d858
hotfix compilationn
ManuelLerchner Nov 19, 2024
55bc2b3
Merge branch 'master' into Add-tests
AdrianKrauss Nov 19, 2024
90e1e99
Merge pull request #15 from ManuelLerchner/Add-tests
ManuelLerchner Nov 19, 2024
6a32e42
hotfix compilation again
ManuelLerchner Nov 19, 2024
47b7a56
hotfix name clash after merge
ManuelLerchner Nov 19, 2024
5606e67
logand fix
ManuelLerchner Nov 19, 2024
8b1fbfc
bug fixes for arith ops
Nov 19, 2024
4bf31cc
fixed norm
Nov 19, 2024
0b4b4a1
is_invalid and mul fix
Nov 19, 2024
15520a8
assertion function for shifts
iC4rl0s Nov 19, 2024
d55eab5
bug fix in get_bit and further tests that lead to fails
iC4rl0s Nov 19, 2024
6562161
clean up
ManuelLerchner Nov 19, 2024
2aa27f8
fix compile warnings
ManuelLerchner Nov 19, 2024
ad5f6f8
format
ManuelLerchner Nov 19, 2024
cfa0091
improve arbitrary
ManuelLerchner Nov 19, 2024
98a2d24
Merge branch 'quickcheck-fixes' of github.com:ManuelLerchner/analyzer…
ManuelLerchner Nov 19, 2024
5914695
fix bug after merge
ManuelLerchner Nov 19, 2024
4a542be
Merge branch 'goblint:master' into master
ManuelLerchner Nov 19, 2024
15f7abe
changed narrow and added unit tests for arith ops
Nov 21, 2024
f9f7fce
add some regression tests
ManuelLerchner Nov 24, 2024
1b6459d
reworked bitfield shifts, infix operators and some simple tests. sign…
iC4rl0s Nov 25, 2024
31def4b
shift a b = zero when min{b} >= ceil(log (Size.bit ik))
iC4rl0s Nov 25, 2024
2ba8f38
negative shifts are undefined
iC4rl0s Nov 25, 2024
b6762af
bugfix: zero bits for lsb bitmask
iC4rl0s Nov 25, 2024
b6ee7fa
refactored min and max
Nov 25, 2024
a933c4e
Merge remote-tracking branch 'refs/remotes/origin/quickcheck-fixes' i…
Nov 26, 2024
e2366ff
added infix to all functions
Nov 26, 2024
addda52
extract tuple 6 from intDomain file
Draggon01 Nov 26, 2024
29bcca1
bugfix: shift_right did not shift right
iC4rl0s Nov 26, 2024
7984a0a
to_pretty_bits displays concrete values for a small enough number of …
iC4rl0s Nov 26, 2024
ed1999a
small QoL improvements and bug fixes
iC4rl0s Nov 26, 2024
7fa0100
bugfix: certain zeros and uncertain ones
iC4rl0s Nov 26, 2024
96e5737
add regression test for refinement
ManuelLerchner Nov 27, 2024
90338a7
add more regression tests for refines
ManuelLerchner Nov 27, 2024
f25a578
improve refine with interval; add regression tests
ManuelLerchner Nov 28, 2024
e9286e7
fixed bitshifts
Draggon01 Dec 3, 2024
3e4928a
removed commmented code and old wrong testcases
Draggon01 Dec 3, 2024
9bcd884
fixed edge case where shift with 0 was done without zero in shifting bf
Draggon01 Dec 3, 2024
6fe1162
added of bitfield for refinements
Dec 3, 2024
5301322
Merge pull request #18 from ManuelLerchner/quickcheck-fixes
ManuelLerchner Dec 3, 2024
0fa8ca7
Merge branch 'master' of github.com:ManuelLerchner/analyzer into more…
ManuelLerchner Dec 3, 2024
bad0bb8
remove duplicate function
ManuelLerchner Dec 3, 2024
abde7e4
Revert "remove duplicate function"
ManuelLerchner Dec 3, 2024
937b341
Reapply "remove duplicate function"
ManuelLerchner Dec 3, 2024
ddfaace
fix bug
ManuelLerchner Dec 3, 2024
24f305f
add some more tests
ManuelLerchner Dec 4, 2024
7c4411d
add missing regression tests
ManuelLerchner Dec 4, 2024
6c2c570
simple refinements for base invariant with bitfields
Dec 7, 2024
f237a9e
shift_right and shift_left return bot when the result or the paramete…
iC4rl0s Dec 9, 2024
e4eefd9
added to_bitfield to refine base invariant further and regression test
Dec 9, 2024
8d4a4b8
Merge pull request #19 from ManuelLerchner/more-regression-tests
ManuelLerchner Dec 10, 2024
8d7faf9
Merge pull request #20 from ManuelLerchner/extract-tuple-six
ManuelLerchner Dec 10, 2024
e2568fd
Merge branch 'master' of github.com:ManuelLerchner/analyzer into inva…
ManuelLerchner Dec 10, 2024
ccb13c1
Merge pull request #21 from ManuelLerchner/invariant
ManuelLerchner Dec 10, 2024
88b0dfc
hotfix regression tests
ManuelLerchner Dec 10, 2024
86fdeb5
Merge branch 'goblint:master' into master
ManuelLerchner Dec 10, 2024
60fbbf5
improved property tests for bitshifts
iC4rl0s Dec 11, 2024
ed27d3d
fix show
ManuelLerchner Dec 11, 2024
58eeeb4
Merge branch 'master' of github.com:ManuelLerchner/analyzer
ManuelLerchner Dec 11, 2024
dbe2e00
some property tests failed as generators were not constrained to the ik
iC4rl0s Dec 11, 2024
810a966
fixed overflow in norm
Dec 11, 2024
d7b8755
renaming due to merge conflict
Dec 11, 2024
541a87d
Merge branch 'master' into overflow
AdrianKrauss Dec 11, 2024
686633a
two bug fixes
Dec 11, 2024
4b3a0f8
improved logging
iC4rl0s Dec 11, 2024
dee9036
overflow behavior cannot be checked by property tests
iC4rl0s Dec 11, 2024
d6e3f61
more robust tests with a found bug
iC4rl0s Dec 11, 2024
e3145ad
revert to basic unit tests
iC4rl0s Dec 11, 2024
6c720b8
Merge remote-tracking branch 'origin/overflow' into tests
iC4rl0s Dec 11, 2024
f09ead4
bug in exclude_undefined_bitshifts must be fixed or behavior defined
iC4rl0s Dec 12, 2024
8b53b08
Added distinction between invalid and undefined bitshifts. In the for…
iC4rl0s Dec 12, 2024
c682527
added pape rreferences and refined div
Dec 13, 2024
7a8b3ad
added some more cases
Draggon01 Dec 15, 2024
8cf7192
more tests and overflow bugs detected. comment out TODO fails to see
iC4rl0s Dec 16, 2024
79a859a
bugfix: zero shifted by anything should be zero
iC4rl0s Dec 16, 2024
bfe5dc6
Merge branch 'master' of github.com:goblint/analyzer into goblint-master
ManuelLerchner Dec 16, 2024
ed56056
Merge branch 'goblint-master'
ManuelLerchner Dec 16, 2024
f40fefb
refactored intDomain
Dec 17, 2024
e1d948d
Merge branch 'master' into tests
AdrianKrauss Dec 17, 2024
57ac94a
merge
Draggon01 Dec 17, 2024
6c7f899
exclude bitfield in modules python script as other intdomains
Draggon01 Dec 17, 2024
313adb8
changed to top_of
Dec 17, 2024
ee9f358
merge
Dec 17, 2024
288bf0d
Merge remote-tracking branch 'refs/remotes/origin/tests' into tests
Dec 17, 2024
306aa33
improved refinements with bitfield
Dec 17, 2024
3862f2e
added overflow checking
Draggon01 Dec 17, 2024
b683875
added missing bf in create
Draggon01 Dec 17, 2024
26a23f5
bugfixes for overflow errs
iC4rl0s Dec 17, 2024
f70838d
Merge branch 'tests' of github.com:ManuelLerchner/analyzer into tests
iC4rl0s Dec 17, 2024
2e85cc9
Merge pull request #22 from ManuelLerchner/tests
iC4rl0s Dec 17, 2024
898a68e
fixed all current ocp-indent failures
Draggon01 Dec 18, 2024
0cc16dc
added regression test
Draggon01 Dec 19, 2024
65237fd
fixed overflow handling
Dec 19, 2024
5cf4620
Merge pull request #26 from ManuelLerchner/precission
ManuelLerchner Dec 20, 2024
dc68f48
Merge pull request #25 from ManuelLerchner/indent-fixes
ManuelLerchner Dec 20, 2024
312b0c3
added adapted functions from interval domain to base
Jan 4, 2025
3034ad3
fixed bug in refine with congruence
Jan 6, 2025
1f08a87
fixed Div by zero exception
Jan 7, 2025
552c333
fixed overflow in bitshift
Jan 7, 2025
571cde3
removed test files
Jan 7, 2025
18ee9a9
removed unnecessary file
Jan 7, 2025
51c13e7
Merge branch 'goblint:master' into master
ManuelLerchner Jan 7, 2025
e7c3237
Merge branch 'master' into fixingBase
ManuelLerchner Jan 7, 2025
1376824
Merge pull request #27 from ManuelLerchner/fixingBase
ManuelLerchner Jan 7, 2025
abb48c4
canonize interval-sets after refine with bitfield
ManuelLerchner Jan 8, 2025
dbe3f54
fixed wrong number of shifts in div
Jan 12, 2025
8bd36ce
Merge branch 'goblint:master' into master
ManuelLerchner Jan 14, 2025
6ecd41e
changed overflow/underflow output on bitshifts with larger shifts tha…
Draggon01 Jan 15, 2025
5ba10f8
bug fix in rem
Jan 16, 2025
54856e0
Merge remote-tracking branch 'refs/remotes/origin/bugfixes' into bugf…
Jan 16, 2025
da57955
removed unnecessary variable
Jan 16, 2025
b54ca80
clean up's and one test case less
iC4rl0s Jan 17, 2025
7dcec4c
further clean ups
iC4rl0s Jan 18, 2025
89ff69b
improved undefined behavior handling for bitshifts
iC4rl0s Jan 18, 2025
cf7b349
change in regtest 82 08 to make it pass
iC4rl0s Jan 18, 2025
1d78b29
Merge pull request #28 from ManuelLerchner/bugfixes
ManuelLerchner Jan 18, 2025
4fe0097
Merge branch 'goblint:master' into master
ManuelLerchner Jan 18, 2025
767f998
bug fix in to_bitfield()
Jan 21, 2025
821be43
bugfix: underflow handling
iC4rl0s Jan 22, 2025
a1807b6
Merge branch 'bugfixes' of github.com:ManuelLerchner/analyzer into bu…
iC4rl0s Jan 22, 2025
0a55d08
Merge pull request #29 from ManuelLerchner/bugfixes
ManuelLerchner Jan 22, 2025
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions scripts/goblint-lib-modules.py
Original file line number Diff line number Diff line change
Expand Up @@ -53,6 +53,7 @@
"DefExcDomain", # included in IntDomain
"EnumsDomain", # included in IntDomain
"CongruenceDomain", # included in IntDomain
"BitfieldDomain", #included in IntDomain
"IntDomTuple", # included in IntDomain
"WitnessGhostVar", # included in WitnessGhost

Expand Down
3 changes: 3 additions & 0 deletions src/analyses/base.ml
Original file line number Diff line number Diff line change
Expand Up @@ -624,6 +624,8 @@ struct

let drop_intervalSet = CPA.map (function Int x -> Int (ID.no_intervalSet x) | x -> x )

let drop_bitfield = CPA.map (function Int x -> Int (ID.no_bitfield x) | x -> x )

let context man (fd: fundec) (st: store): store =
let f keep drop_fn (st: store) = if keep then st else { st with cpa = drop_fn st.cpa} in
st |>
Expand All @@ -634,6 +636,7 @@ struct
%> f (ContextUtil.should_keep ~isAttr:GobContext ~keepOption:"ana.base.context.int" ~removeAttr:"base.no-int" ~keepAttr:"base.int" fd) drop_ints
%> f (ContextUtil.should_keep ~isAttr:GobContext ~keepOption:"ana.base.context.interval" ~removeAttr:"base.no-interval" ~keepAttr:"base.interval" fd) drop_interval
%> f (ContextUtil.should_keep ~isAttr:GobContext ~keepOption:"ana.base.context.interval_set" ~removeAttr:"base.no-interval_set" ~keepAttr:"base.interval_set" fd) drop_intervalSet
%> f (ContextUtil.should_keep ~isAttr:GobContext ~keepOption:"ana.base.context.bitfield" ~removeAttr:"base.no-bitfield" ~keepAttr:"base.bitfield" fd) drop_bitfield


let reachable_top_pointers_types man (ps: AD.t) : Queries.TS.t =
Expand Down
42 changes: 35 additions & 7 deletions src/analyses/baseInvariant.ml
Original file line number Diff line number Diff line change
Expand Up @@ -395,27 +395,55 @@ struct
| Le, Some false -> meet_bin (ID.starting ikind (Z.succ l2)) (ID.ending ikind (Z.pred u1))
| _, _ -> a, b)
| _ -> a, b)
| BOr | BXor as op->
if M.tracing then M.tracel "inv" "Unhandled operator %a" d_binop op;
| BOr ->
(* Be careful: inv_exp performs a meet on both arguments of the BOr / BXor. *)
a, b
if PrecisionUtil.get_bitfield () then
let a', b' = ID.meet a (ID.logand a c), ID.meet b (ID.logand b c) in
let (cz, co) = ID.to_bitfield ikind c in
let (az, ao) = ID.to_bitfield ikind a' in
let (bz, bo) = ID.to_bitfield ikind b' in
let cDef1 = Z.logand co (Z.lognot cz) in
let aDef0 = Z.logand az (Z.lognot ao) in
let bDef0 = Z.logand bz (Z.lognot bo) in
let az = Z.logand az (Z.lognot (Z.logand bDef0 cDef1)) in
let bz = Z.logand bz (Z.lognot (Z.logand aDef0 cDef1)) in
Comment on lines +401 to +409
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should most of these computations not be moved inside your domain? (After getting the bitfields).

This works on the internal representation of these bitfield things, so maybe should be in there. Granted, the intervals also leak outside of their domain,but people intuitively understand how they work.

Also, please leave some comment here about what happens. One can puzzle it together, but it took @DrMichaelPetter and me about 10 mins yesterday to do so.

ID.meet a' (ID.of_bitfield ikind (az, ao)), ID.meet b' (ID.of_bitfield ikind (bz, bo))
else a, b
| BXor ->
(* Be careful: inv_exp performs a meet on both arguments of the BOr / BXor. *)
if PrecisionUtil.get_bitfield () then
let a' = ID.meet a (ID.logxor c b)
in let b' = ID.meet b (ID.logxor a c)
Comment on lines +415 to +416
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please change to use standard indentation.

let ... = ... in

in a', b'
else a,b
| LAnd ->
if ID.to_bool c = Some true then
meet_bin c c
else
a, b
| BAnd as op ->
| BAnd ->
(* we only attempt to refine a here *)
let a =
match ID.to_int b with
| Some x when Z.equal x Z.one ->
(match ID.to_bool c with
| Some true -> ID.meet a (ID.of_congruence ikind (Z.one, Z.of_int 2))
| Some false -> ID.meet a (ID.of_congruence ikind (Z.zero, Z.of_int 2))
| None -> if M.tracing then M.tracel "inv" "Unhandled case for operator x %a 1 = %a" d_binop op ID.pretty c; a)
| _ -> if M.tracing then M.tracel "inv" "Unhandled case for operator x %a %a = %a" d_binop op ID.pretty b ID.pretty c; a
| None -> a)
| _ -> a
Comment on lines +432 to +433
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The tracing output should still be produced if bitfield is off.

in
a, b
if PrecisionUtil.get_bitfield () then
let a', b' = ID.meet a (ID.logor a c), ID.meet b (ID.logor b c) in
let (cz, co) = ID.to_bitfield ikind c in
let (az, ao) = ID.to_bitfield ikind a' in
let (bz, bo) = ID.to_bitfield ikind b' in
let cDef0 = Z.logand cz (Z.lognot co) in
let aDef1 = Z.logand ao (Z.lognot az) in
let bDef1 = Z.logand bo (Z.lognot bz) in
let ao = Z.logand ao (Z.lognot (Z.logand bDef1 cDef0)) in
let bo = Z.logand bo (Z.lognot (Z.logand aDef1 cDef0)) in
ID.meet a' (ID.of_bitfield ikind (az, ao)), ID.meet b' (ID.of_bitfield ikind (bz, bo))
else a, b
Comment on lines +435 to +446
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Same as above.

| op ->
if M.tracing then M.tracel "inv" "Unhandled operator %a" d_binop op;
a, b
Expand Down
Loading
Loading