Merge pull request #1789 from goblint/vojdani-protected-vars

sim642 · web-flow · commit 0f224a81b660 · 2025-09-12T10:40:31.000+03:00
Fix Vojdani privatization protected variables in witnesses
diff --git a/src/analyses/apron/relationPriv.apron.ml b/src/analyses/apron/relationPriv.apron.ml
@@ -431,7 +431,7 @@ struct
 
   let iter_sys_vars getg vq vf = () (* TODO: or report singleton global for any Global query? *)
   let invariant_global ask getg g = Invariant.none
-  let invariant_vars ask getg st = protected_vars ask (* TODO: is this right? *)
+  let invariant_vars ask getg st = protected_vars ask ~kind:Write (* TODO: is this right? *)
 
   let finalize () = ()
 
diff --git a/src/analyses/basePriv.ml b/src/analyses/basePriv.ml
@@ -357,7 +357,7 @@ struct
     | `Thread ->
       st
 
-  let invariant_vars ask getg st = protected_vars ask
+  let invariant_vars ask getg st = protected_vars ask ~kind:Write
 end
 
 module PerMutexMeetPrivBase =
@@ -856,7 +856,7 @@ struct
         ) locks inv
     )
 
-  let invariant_vars ask getg st = protected_vars ask
+  let invariant_vars ask getg st = protected_vars ask ~kind:ReadWrite
 end
 
 
@@ -1102,7 +1102,7 @@ struct
           ) locks inv
       )
 
-  let invariant_vars ask getg st = protected_vars ask
+  let invariant_vars ask getg st = protected_vars ask ~kind:Write
 end
 
 module AbstractLockCenteredGBase (WeakRange: Lattice.S) (SyncRange: Lattice.S) =
diff --git a/src/analyses/commonPriv.ml b/src/analyses/commonPriv.ml
@@ -101,9 +101,9 @@ struct
     not (VD.is_immediate_type x.vtype) &&
     ask.f (Q.MustBeProtectedBy {mutex=m; global=x; kind; protection})
 
-  let protected_vars (ask: Q.ask): varinfo list =
+  let protected_vars (ask: Q.ask) ~(kind): varinfo list =
     LockDomain.MustLockset.fold (fun ml acc ->
-        Q.VS.join (ask.f (Q.MustProtectedVars {mutex = ml; kind = Write})) acc
+        Q.VS.join (ask.f (Q.MustProtectedVars {mutex = ml; kind})) acc
       ) (ask.f Q.MustLockset) (Q.VS.empty ())
     |> Q.VS.elements
 end
diff --git a/tests/regression/13-privatized/19-publish-precision.t b/tests/regression/13-privatized/19-publish-precision.t
@@ -19,3 +19,230 @@
     live: 20
     dead: 0
     total lines: 20
+
+
+Protection succeeds on check in t_fun.
+
+  $ goblint --set ana.base.privatization protection --enable witness.yaml.enabled --set witness.yaml.entry-types '["invariant_set"]' --disable witness.invariant.other 19-publish-precision.c
+  [Success][Assert] Assertion "glob1 == 0" will succeed (19-publish-precision.c:27:3-27:30)
+  [Success][Assert] Assertion "glob1 == 5" will succeed (19-publish-precision.c:17:3-17:30)
+  [Warning][Assert] Assertion "glob1 == 0" is unknown. (19-publish-precision.c:30:3-30:30)
+  [Warning][Assert] Assertion "glob1 == 5" is unknown. (19-publish-precision.c:31:3-31:30)
+  [Info][Deadcode] Logical lines of code (LLoC) summary:
+    live: 20
+    dead: 0
+    total lines: 20
+  [Info][Witness] witness generation summary:
+    location invariants: 10
+    loop invariants: 0
+    flow-insensitive invariants: 0
+    total generation entries: 1
+  [Info][Race] Memory locations race summary:
+    safe: 1
+    vulnerable: 0
+    unsafe: 0
+    total memory locations: 1
+
+  $ yamlWitnessStrip < witness.yml
+  - entry_type: invariant_set
+    content:
+    - invariant:
+        type: location_invariant
+        location:
+          file_name: 19-publish-precision.c
+          line: 11
+          column: 3
+          function: t_fun
+        value: (unsigned long )arg == 0UL
+        format: c_expression
+    - invariant:
+        type: location_invariant
+        location:
+          file_name: 19-publish-precision.c
+          line: 11
+          column: 3
+          function: t_fun
+        value: 0 <= glob1
+        format: c_expression
+    - invariant:
+        type: location_invariant
+        location:
+          file_name: 19-publish-precision.c
+          line: 11
+          column: 3
+          function: t_fun
+        value: glob1 <= 127
+        format: c_expression
+    - invariant:
+        type: location_invariant
+        location:
+          file_name: 19-publish-precision.c
+          line: 12
+          column: 3
+          function: t_fun
+        value: (unsigned long )arg == 0UL
+        format: c_expression
+    - invariant:
+        type: location_invariant
+        location:
+          file_name: 19-publish-precision.c
+          line: 12
+          column: 3
+          function: t_fun
+        value: 0 <= glob1
+        format: c_expression
+    - invariant:
+        type: location_invariant
+        location:
+          file_name: 19-publish-precision.c
+          line: 12
+          column: 3
+          function: t_fun
+        value: glob1 <= 127
+        format: c_expression
+    - invariant:
+        type: location_invariant
+        location:
+          file_name: 19-publish-precision.c
+          line: 17
+          column: 3
+          function: t_fun
+        value: (unsigned long )arg == 0UL
+        format: c_expression
+    - invariant:
+        type: location_invariant
+        location:
+          file_name: 19-publish-precision.c
+          line: 17
+          column: 3
+          function: t_fun
+        value: glob1 == 5
+        format: c_expression
+    - invariant:
+        type: location_invariant
+        location:
+          file_name: 19-publish-precision.c
+          line: 30
+          column: 3
+          function: main
+        value: 0 <= glob1
+        format: c_expression
+    - invariant:
+        type: location_invariant
+        location:
+          file_name: 19-publish-precision.c
+          line: 30
+          column: 3
+          function: main
+        value: glob1 <= 127
+        format: c_expression
+
+
+Vojdani does not succeed on check in t_fun.
+
+  $ goblint --set ana.base.privatization vojdani --enable witness.yaml.enabled --set witness.yaml.entry-types '["invariant_set"]' --disable witness.invariant.other 19-publish-precision.c
+  [Success][Assert] Assertion "glob1 == 0" will succeed (19-publish-precision.c:27:3-27:30)
+  [Warning][Assert] Assertion "glob1 == 5" is unknown. (19-publish-precision.c:17:3-17:30)
+  [Warning][Assert] Assertion "glob1 == 0" is unknown. (19-publish-precision.c:30:3-30:30)
+  [Warning][Assert] Assertion "glob1 == 5" is unknown. (19-publish-precision.c:31:3-31:30)
+  [Info][Deadcode] Logical lines of code (LLoC) summary:
+    live: 20
+    dead: 0
+    total lines: 20
+  [Info][Witness] witness generation summary:
+    location invariants: 9
+    loop invariants: 0
+    flow-insensitive invariants: 0
+    total generation entries: 1
+  [Info][Race] Memory locations race summary:
+    safe: 1
+    vulnerable: 0
+    unsafe: 0
+    total memory locations: 1
+
+Vojdani should not have location_invariant-s on glob1 after locking mutex1 (line 11), only after mutex2.
+
+  $ yamlWitnessStrip < witness.yml
+  - entry_type: invariant_set
+    content:
+    - invariant:
+        type: location_invariant
+        location:
+          file_name: 19-publish-precision.c
+          line: 11
+          column: 3
+          function: t_fun
+        value: (unsigned long )arg == 0UL
+        format: c_expression
+    - invariant:
+        type: location_invariant
+        location:
+          file_name: 19-publish-precision.c
+          line: 12
+          column: 3
+          function: t_fun
+        value: (unsigned long )arg == 0UL
+        format: c_expression
+    - invariant:
+        type: location_invariant
+        location:
+          file_name: 19-publish-precision.c
+          line: 12
+          column: 3
+          function: t_fun
+        value: 0 <= glob1
+        format: c_expression
+    - invariant:
+        type: location_invariant
+        location:
+          file_name: 19-publish-precision.c
+          line: 12
+          column: 3
+          function: t_fun
+        value: glob1 <= 127
+        format: c_expression
+    - invariant:
+        type: location_invariant
+        location:
+          file_name: 19-publish-precision.c
+          line: 17
+          column: 3
+          function: t_fun
+        value: (unsigned long )arg == 0UL
+        format: c_expression
+    - invariant:
+        type: location_invariant
+        location:
+          file_name: 19-publish-precision.c
+          line: 17
+          column: 3
+          function: t_fun
+        value: 0 <= glob1
+        format: c_expression
+    - invariant:
+        type: location_invariant
+        location:
+          file_name: 19-publish-precision.c
+          line: 17
+          column: 3
+          function: t_fun
+        value: glob1 <= 127
+        format: c_expression
+    - invariant:
+        type: location_invariant
+        location:
+          file_name: 19-publish-precision.c
+          line: 30
+          column: 3
+          function: main
+        value: 0 <= glob1
+        format: c_expression
+    - invariant:
+        type: location_invariant
+        location:
+          file_name: 19-publish-precision.c
+          line: 30
+          column: 3
+          function: main
+        value: glob1 <= 127
+        format: c_expression
diff --git a/tests/regression/13-privatized/20-publish-regression.t b/tests/regression/13-privatized/20-publish-regression.t
