Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Quickcheck int domain abstract operation properties #1609

Open
sim642 opened this issue Oct 30, 2024 · 0 comments
Open

Quickcheck int domain abstract operation properties #1609

sim642 opened this issue Oct 30, 2024 · 0 comments
Labels
precision testing

Comments

@sim642
Copy link
Member

sim642 commented Oct 30, 2024
edited
Loading

For example, def_exc domain implements logand in a non-commutative way:

analyzer/src/cdomain/value/cdomains/intDomain.ml

Lines 2280 to 2291 in 9a8dd4e

let logand ik x y = norm ik (match x,y with
(* We don't bother with exclusion sets: *)
| `Excluded _, `Definite i ->
(* Except in two special cases *)
if Z.equal i Z.zero then
`Definite Z.zero
else if Z.equal i Z.one then
of_interval IBool (Z.zero, Z.one)
else
top ()
| `Definite _, `Excluded _
| `Excluded _, `Excluded _ -> top ()

Same for intervals:

analyzer/src/cdomain/value/cdomains/intDomain.ml

Lines 826 to 835 in 9a8dd4e

let logand ik i1 i2 =
match is_bot i1, is_bot i2 with
| true, true -> bot_of ik
| true, _
| _ , true -> raise (ArithmeticOnIntegerBot (Printf.sprintf "%s op %s" (show i1) (show i2)))
| _ ->
match to_int i1, to_int i2 with
| Some x, Some y -> (try of_int ik (Ints_t.logand x y) |> fst with Division_by_zero -> top_of ik)
| _, Some y when Ints_t.equal y Ints_t.zero -> of_int ik Ints_t.zero |> fst
| _, Some y when Ints_t.equal y Ints_t.one -> of_interval ik (Ints_t.zero, Ints_t.one) |> fst

And congruences:

analyzer/src/cdomain/value/cdomains/intDomain.ml

Lines 3094 to 3104 in 9a8dd4e

let logand ik x y = match x, y with
| None, None -> None
| None, _ | _, None -> raise (ArithmeticOnIntegerBot (Printf.sprintf "%s op %s" (show x) (show y)))
| Some (c, m), Some (c', m') ->
if m =: Z.zero && m' =: Z.zero then
(* both arguments constant *)
Some (Z.logand c c', Z.zero)
else if m' =: Z.zero && c' =: Z.one && Z.rem m (Z.of_int 2) =: Z.zero then
(* x & 1 and x == c (mod 2*z) *)
(* Value is equal to LSB of c *)
Some (Z.logand c c', Z.zero)

The int domain property-based tests check lattice properties (like commutativity of join) and abstraction properties (like abstract logand overapproximates concrete logand) but not properties like commutativity of logand. Such property-based tests could be added for many int domain abstract operations for commutativity, associativity, etc.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
precision testing
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@sim642