PrivPrecCompare: Add bot_in_blob_leq_bot so bot and Blob(bot) c…

…ompare equal
goblint · Dec 17, 2024 · 829d32b · 829d32b
1 parent b68df11
commit 829d32b
Show file tree

Hide file tree

Showing 3 changed files with 11 additions and 2 deletions.
diff --git a/src/cdomain/value/cdomains/valueDomain.ml b/src/cdomain/value/cdomains/valueDomain.ml
@@ -561,7 +561,13 @@ struct
     | (_, Top) -> true
     | (Top, _) -> false
     | (Bot, _) -> true
-    | (_, Bot) -> false
+    | (x, Bot) ->
+      if !AnalysisState.bot_in_blob_leq_bot then
+        match x with
+        | Blob (x,s,o) -> leq x Bot
+        | _ -> false
+      else
+        false
     | (Int x, Int y) -> ID.leq x y
     | (Float x, Float y) -> FD.leq x y
     | (Int x, Address y) when ID.to_int x = Some Z.zero && not (AD.is_not_null y) -> true

diff --git a/src/common/framework/analysisState.ml b/src/common/framework/analysisState.ml
@@ -40,4 +40,6 @@ let verified : bool option ref = ref None
 let unsound_both_branches_dead: bool option ref = ref None
 (** [Some true] if unsound both branches dead occurs in analysis results.
     [Some false] if it doesn't occur.
-    [None] if [ana.dead-code.branches] option is disabled and this isn't checked. *)
+    [None] if [ana.dead-code.branches] option is disabled and this isn't checked. *)
+(* Comparison mode where blobs with bot content that are not zero-initalized are considered equivalent to top-level bot *)
+let bot_in_blob_leq_bot = ref false
diff --git a/src/privPrecCompare.ml b/src/privPrecCompare.ml
@@ -4,4 +4,5 @@ open Goblint_lib
 module A = PrecCompare.MakeDump (PrivPrecCompareUtil)
 
 let () =
+  AnalysisState.bot_in_blob_leq_bot := true;
   A.main ()