eth-sri / elina Goto Github PK

View Code? Open in Web Editor NEW

126.0 126.0 53.0 50.89 MB

ELINA: ETH LIbrary for Numerical Analysis

Home Page: http://elina.ethz.ch/

License: Other

C++ 44.12% C 39.33% Makefile 1.10% Java 0.65% Perl 0.05% Python 12.28% Cuda 2.15% CMake 0.06% Raku 0.03% OCaml 0.22%

elina's People

Contributors

Stargazers

Watchers

elina's Issues

Buffer overrun error in opt_pk_add_dimensions_cons

Hello,

In our tests, it raised a buffer overrun error at line 110. AFAIU, dim(=dimchange->dim) is an array with the size of size(=dimchange->intdim+dimchange->realdim). However, it looks like trying to access dim[size].

ELINA/elina_poly/opt_pk_resize.c

Lines 107 to 112 in bb52375

 while((l < size) && (var==i)){ 

 ncmap[l] = k; 

 l++; 

 var = dim[l] + opk->dec; 

 k++; 

 }

This is the call stack given by address sanitizer.

ERROR: AddressSanitizer: heap-buffer-overflow
#0 opt_pk_add_dimensions_cons elina.1.0/elina_poly/opt_pk_resize.c:110
#1 opt_pk_add_dimensions elina.1.0/elina_poly/opt_pk_resize.c:213
#2 ap_abstract0_add_dimensions apron.20160125/apron/ap_abstract0.c:1231
#3 ap_abstract0_apply_dimchange2 apron.20160125/apron/ap_abstract0.c:1501
#4 ap_abstract1_change_environment apron.20160125/apron/ap_abstract1.c:1019
#5 camlidl_abstract1_ap_abstract1_change_environment apron.20160125/mlapronidl/abstract1_caml.c:1643

Sincerely,
Sungkeun Cho

Use after free in opt_pk_assign.c

Hello Gagan,

I encountered a use-after-free error in opt_pk_assign.c:1220. In my testing, it looks like op->acl->size is freed at line 1215 (by making abs to bottom I think), then is used at line 1220.

ELINA/elina_poly/opt_pk_assign.c

Lines 1214 to 1220 in dc60b03

 else { 

 op = elina_generic_asssub_texpr_array(assign,man,destructive,oa,tdim,texpr,size,ob); 

 } 

 /* Minimize the result if option say so */ 

 array_comp_list_t * acl = op->acl; 

 unsigned short int num_comp = acl->size;

The test code is:

open Apron

let _ =
  let man = Elina_poly.manager_alloc_loose () in
  let a = Var.of_string "a" in
  let env = Environment.make [|a|] [||] in
  let abs = Abstract1.top man env in
  let vars = [|a|] in
  let texprs = [|Parser.texpr1_of_string env "(1-a)*a"|] in
  Abstract1.assign_texpr_array man abs vars texprs None

Message from ASAN is:

AddressSanitizer: heap-use-after-free
READ of size 2 at 0x602000000f38 thread T0
    #0 opt_poly_asssub_texpr_array opt_pk_assign.c:1220
    #1 opt_pk_assign_texpr_array opt_pk_assign.c:1325
    #2 ap_abstract0_asssub_texpr_array ap_abstract0.c:1139
    #3 ap_abstract1_asssub_texpr_array ap_abstract1.c:931
    #4 ap_abstract1_assign_texpr_array ap_abstract1.c:958
    #5 camlidl_abstract1_ap_abstract1_assign_texpr_array abstract1_caml.c:1200
    #6 camlAssign_texpr__entry (assign_texpr.native:x86_64+0x100003d38)

freed by thread T0 here:
    #0 wrap_free (libclang_rt.asan_osx_dynamic.dylib:x86_64h+0x56e8d)
    #1 free_array_comp_list array_comp_list.c:52
    #2 opt_poly_array_clear opt_pk_representation.c:91
    #3 opt_poly_set_bottom opt_pk_constructor.c:47
    #4 opt_pk_meet_lincons_array_cons opt_pk_meetjoin.c:425
    #5 opt_pk_meet_lincons_array opt_pk_meetjoin.c:724
    #6 elina_generic_meet_intlinearize_tcons_array elina_generic.c:223
    #7 opt_pk_meet_tcons_array opt_pk_meetjoin.c:736
    #8 elina_generic_asssub_texpr_array elina_generic.c:506
    #9 opt_poly_asssub_texpr_array opt_pk_assign.c:1215
    #10 opt_pk_assign_texpr_array opt_pk_assign.c:1325
    #11 ap_abstract0_asssub_texpr_array ap_abstract0.c:1139
    #12 ap_abstract1_asssub_texpr_array ap_abstract1.c:931
    #13 ap_abstract1_assign_texpr_array ap_abstract1.c:958
    #14 camlidl_abstract1_ap_abstract1_assign_texpr_array abstract1_caml.c:1200
    #15 camlAssign_texpr__entry (assign_texpr.native:x86_64+0x100003d38)

Sincerely,
Sungkeun Cho

Compilation with APRON fails

Hi,
I've encountered an issue while trying to compile ELISA with APRON.
Following the instructions on your website and using the option IS_APRON = -DHAS_APRON in Makefile.config compilation terminates in two errors:

zonotope_internal.h: In function ‘zonotope_aff_bound’:
zonotope_internal.h:535:7: error: implicit declaration of function ‘elina_coeff_set_interval_double’ [-Werror=implicit-function-declaration]
       elina_coeff_set_interval_double(&linexpr0->p.linterm[k].coeff, p->inf,p->sup);

and

zonotope_internal.h: In function ‘elina_linexpr0_from_zonotope’:
zonotope_internal.h:929:3: error: implicit declaration of function ‘elina_coeff_set_scalar_double’ [-Werror=implicit-function-declaration]
   elina_coeff_set_scalar_double(&res->p.linterm[k].coeff, p->inf);

The problem is obviously that the two functions elina_coeff_set_interval_double() and elina_coeff_set_scalar_double() are declared in elina_coeff.h which is only included in zonotope.h if HAS_APRON is not defined.
Compiling with the option IS_APRON = #-DHAS_APRON results in a successful compilation.

Thanks in advance for looking into this!

Best regards
Alex

Segfault when creating a polyhedra using a tcons_array

The Segfault occurs when using a tree constraint, that includes a coefficient of type double.
Here is a minimal example to recreate the segfault:

int main() {
  elina_tcons0_array_t arr = elina_tcons0_array_make(1);
  elina_coeff_t *cst = elina_coeff_alloc(ELINA_COEFF_SCALAR);
  elina_coeff_set_scalar_double(cst, 1.0);
  elina_texpr0_t *expr = elina_texpr0_cst(cst);
  arr.p[0] = elina_tcons0_make(ELINA_CONS_EQ, expr, NULL);
  elina_manager_t *man = opt_pk_manager_alloc(false);
  elina_abstract0_t *abs = elina_abstract0_of_tcons_array(man, 0, 0, &arr);
  return 0;
}

The problem seems to be in elina_scalar_trunc. The type of the scalar is expected to be the type of the parameter discr, which is passed through from opt_pk_meet_tcons_array with the value ELINA_SCALAR_MPQ.

at 0x493C0A1: __gmpz_tdiv_q (in /usr/lib/libgmp.so.10.4.0)
by 0x4C0BFE4: elina_scalar_trunc_mpq (elina_scalar_arith.c:536)
by 0x4C0BFE4: elina_scalar_trunc (elina_scalar_arith.c:559)
by 0x4C0D350: elina_interval_is_int (elina_interval_arith.c:353)
by 0x4C11F4A: elina_interval_intlinearize_texpr0_rec (elina_linearize_texpr.c:906)
by 0x4C13B1F: elina_intlinearize_elina_tcons0_array (elina_linearize_texpr.c:1597)
by 0x4C13D8F: elina_intlinearize_tcons0_array (elina_linearize_texpr.c:1680)
by 0x4C0A4CE: elina_generic_meet_intlinearize_tcons_array (elina_generic.c:222)
by 0x48A4B3E: opt_pk_meet_tcons_array (opt_pk_meetjoin.c:763)
by 0x48C8678: elina_abstract0_meet_tcons_array (elina_abstract0.c:1003)
by 0x10B4B9: main (test.c:190)

Broken ELINA after 9c99c4d177c691f98f2031657c18fe6fbe4c7571

I am trying to use ERAN and thus I need to build ELINA to use it. I followed the instruction in the ERAN README to the letter. The build went ok, but as soon as I try to run the python3 command at the end, I get the following error:

Traceback (most recent call last):
  File "/usr/lib/python3.8/runpy.py", line 193, in _run_module_as_main
    return _run_code(code, main_globals, None,
  File "/usr/lib/python3.8/runpy.py", line 86, in _run_code
    exec(code, run_globals)
  File "./__main__.py", line 7, in <module>
    from eran import ERAN
  File "./eran.py", line 7, in <module>
    from optimizer import *
  File "./optimizer.py", line 4, in <module>
    from deepzono_nodes import *
  File "./deepzono_nodes.py", line 15, in <module>
    from refine_activation import *
  File "./refine_activation.py", line 9, in <module>
    from krelu import encode_kactivation_cons
  File "./krelu.py", line 5, in <module>
    from fppoly import *
  File "../ELINA/python_interface/fppoly.py", line 22, in <module>
    from fppoly_imports import *
  File "../ELINA/python_interface/fppoly_imports.py", line 25, in <module>
    fppoly_api = CDLL("libfppoly.so")
  File "/usr/lib/python3.8/ctypes/__init__.py", line 373, in __init__
    self._handle = _dlopen(self._name, mode)
OSError: /usr/local/lib/libfppoly.so: undefined symbol: omp_get_num_procs

This seems to come from some recent changes, in particular 9c99c4d

Unfortunately, none of the instructions mention OpenMP or anything similar. I tried installing various libomp-dev version but nothing worked.

Apron support?

I noticed that Apron support was gone since cc697b5, however it was useful to be interfaced with projects already supporting Apron. Moreover it more or less provide OCaml support for free.

Do you plan to reconsider?

Unexpected behavior with Octagons

Hi Gagandeep!

We are experiencing strange issues with Octagons when performing a series of affine transformations. At a high level, we first convert the octagon to linear constraints and then print it. After that, if we don't clear constraints, the transformations yield bot and if we do, we get a nonempty domain. We have repro'd the issue here with more details in the README. When using other domains like boxes or zonotopes, we see consistent behavior. Any assistance would be appreciated.

Regards,
Shankara

OSError: libfppoly.so: cannot open shared object file: No such file or directory

When I run /ELINA/python_interface/fppoly_import, I get an error:
OSError: libfppoly.so: cannot open shared object file: No such file or directory.

I tried looking in directory /usr/local/lib and '/usr/lib' , and I also use the find command to find, but I can't find libfppoly.so

I think I may be missing this file, how can I solve this problem?

Thank you very much for your reply.

Segfault in opt_pk_matrix.c

Segfault encountered using ebpf-verifier. Valgrind trace:

$ valgrind ./check ebpf-samples/cilium/bpf_lxc.o 2/7 --domain=polyElina
==6092== Memcheck, a memory error detector
==6092== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al.
==6092== Using Valgrind-3.13.0 and LibVEX; rerun with -h for copyright info
==6092== Command: ./check ebpf-samples/cilium/bpf_lxc.o 2/7 --domain=polyElina
==6092== 
==6092== Invalid write of size 8
==6092==    at 0x48A56C3: opt_matrix_alloc (opt_pk_matrix.c:71)
==6092==    by 0x48AA8E9: opt_poly_asssub_linexpr_det (opt_pk_assign.c:285)
==6092==    by 0x48AD6A9: opt_poly_asssub_texpr_array (opt_pk_assign.c:1198)
==6092==    by 0x48AD9B8: opt_pk_assign_texpr_array (opt_pk_assign.c:1327)
==6092==    by 0x4867B81: elina_abstract0_asssub_texpr_array (elina_abstract0.c:1106)
==6092==    by 0x48688CF: elina_abstract0_assign_texpr (elina_abstract0.c:1446)
==6092==    by 0x2A605B: assign_texpr (elina_domains.hpp:743)
==6092==    by 0x2A605B: crab::domains::elina_domain_<ikos::z_number, crab::cfg::var_factory_impl::variable_factory<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > >::indexed_string, (crab::domains::elina_domain_id_t)2>::assign(ikos::variable<ikos::z_number, crab::cfg::var_factory_impl::variable_factory<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > >::indexed_string>, ikos::linear_expression<ikos::z_number, crab::cfg::var_factory_impl::variable_factory<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > >::indexed_string>) (elina_domains.hpp:1517)
==6092==    by 0x311BD5: crab::domains::array_expansion_domain<crab::domains::elina_domain_<ikos::z_number, crab::cfg::var_factory_impl::variable_factory<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > >::indexed_string, (crab::domains::elina_domain_id_t)2> >::array_store(ikos::variable<ikos::z_number, crab::cfg::var_factory_impl::variable_factory<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > >::indexed_string>, ikos::linear_expression<ikos::z_number, crab::cfg::var_factory_impl::variable_factory<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > >::indexed_string>, ikos::linear_expression<ikos::z_number, crab::cfg::var_factory_impl::variable_factory<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > >::indexed_string>, ikos::linear_expression<ikos::z_number, crab::cfg::var_factory_impl::variable_factory<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > >::indexed_string>, bool) (array_expansion.hpp:1224)
==6092==    by 0x3137DA: crab::analyzer::intra_abs_transformer<crab::domains::array_expansion_domain<crab::domains::elina_domain_<ikos::z_number, crab::cfg::var_factory_impl::variable_factory<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > >::indexed_string, (crab::domains::elina_domain_id_t)2> > >::exec(crab::cfg::array_store_stmt<ikos::z_number, crab::cfg::var_factory_impl::variable_factory<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > >::indexed_string>&) (abs_transformer.hpp:515)
==6092==    by 0x2A9DA3: crab::analyzer::fwd_analyzer<crab::cfg::cfg_ref<crab::cfg::cfg<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, crab::cfg::var_factory_impl::variable_factory<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > >::indexed_string, ikos::z_number> >, crab::analyzer::intra_abs_transformer<crab::domains::array_expansion_domain<crab::domains::elina_domain_<ikos::z_number, crab::cfg::var_factory_impl::variable_factory<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > >::indexed_string, (crab::domains::elina_domain_id_t)2> > > >::analyze(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, crab::domains::array_expansion_domain<crab::domains::elina_domain_<ikos::z_number, crab::cfg::var_factory_impl::variable_factory<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > >::indexed_string, (crab::domains::elina_domain_id_t)2> >&) (fwd_analyzer.hpp:80)
==6092==    by 0x2AB911: ikos::interleaved_fwd_fixpoint_iterator_impl::wto_iterator<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, crab::cfg::cfg_ref<crab::cfg::cfg<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, crab::cfg::var_factory_impl::variable_factory<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > >::indexed_string, ikos::z_number> >, crab::domains::array_expansion_domain<crab::domains::elina_domain_<ikos::z_number, crab::cfg::var_factory_impl::variable_factory<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > >::indexed_string, (crab::domains::elina_domain_id_t)2> > >::visit(ikos::wto_vertex<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, crab::cfg::cfg_ref<crab::cfg::cfg<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, crab::cfg::var_factory_impl::variable_factory<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > >::indexed_string, ikos::z_number> > >&) (fwd_fixpoint_iterators.hpp:419)
==6092==    by 0x201009: ikos::wto<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, crab::cfg::cfg_ref<crab::cfg::cfg<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, crab::cfg::var_factory_impl::variable_factory<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > >::indexed_string, ikos::z_number> > >::accept(ikos::wto_component_visitor<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, crab::cfg::cfg_ref<crab::cfg::cfg<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, crab::cfg::var_factory_impl::variable_factory<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > >::indexed_string, ikos::z_number> > >*) (wto.hpp:743)
==6092==  Address 0x0 is not stack'd, malloc'd or (recently) free'd
==6092== 
==6092== 
==6092== Process terminating with default action of signal 11 (SIGSEGV)
==6092==  Access not within mapped region at address 0x0
==6092==    at 0x48A56C3: opt_matrix_alloc (opt_pk_matrix.c:71)
==6092==    by 0x48AA8E9: opt_poly_asssub_linexpr_det (opt_pk_assign.c:285)
==6092==    by 0x48AD6A9: opt_poly_asssub_texpr_array (opt_pk_assign.c:1198)
==6092==    by 0x48AD9B8: opt_pk_assign_texpr_array (opt_pk_assign.c:1327)
==6092==    by 0x4867B81: elina_abstract0_asssub_texpr_array (elina_abstract0.c:1106)
==6092==    by 0x48688CF: elina_abstract0_assign_texpr (elina_abstract0.c:1446)
==6092==    by 0x2A605B: assign_texpr (elina_domains.hpp:743)
==6092==    by 0x2A605B: crab::domains::elina_domain_<ikos::z_number, crab::cfg::var_factory_impl::variable_factory<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > >::indexed_string, (crab::domains::elina_domain_id_t)2>::assign(ikos::variable<ikos::z_number, crab::cfg::var_factory_impl::variable_factory<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > >::indexed_string>, ikos::linear_expression<ikos::z_number, crab::cfg::var_factory_impl::variable_factory<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > >::indexed_string>) (elina_domains.hpp:1517)
==6092==    by 0x311BD5: crab::domains::array_expansion_domain<crab::domains::elina_domain_<ikos::z_number, crab::cfg::var_factory_impl::variable_factory<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > >::indexed_string, (crab::domains::elina_domain_id_t)2> >::array_store(ikos::variable<ikos::z_number, crab::cfg::var_factory_impl::variable_factory<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > >::indexed_string>, ikos::linear_expression<ikos::z_number, crab::cfg::var_factory_impl::variable_factory<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > >::indexed_string>, ikos::linear_expression<ikos::z_number, crab::cfg::var_factory_impl::variable_factory<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > >::indexed_string>, ikos::linear_expression<ikos::z_number, crab::cfg::var_factory_impl::variable_factory<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > >::indexed_string>, bool) (array_expansion.hpp:1224)
==6092==    by 0x3137DA: crab::analyzer::intra_abs_transformer<crab::domains::array_expansion_domain<crab::domains::elina_domain_<ikos::z_number, crab::cfg::var_factory_impl::variable_factory<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > >::indexed_string, (crab::domains::elina_domain_id_t)2> > >::exec(crab::cfg::array_store_stmt<ikos::z_number, crab::cfg::var_factory_impl::variable_factory<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > >::indexed_string>&) (abs_transformer.hpp:515)
==6092==    by 0x2A9DA3: crab::analyzer::fwd_analyzer<crab::cfg::cfg_ref<crab::cfg::cfg<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, crab::cfg::var_factory_impl::variable_factory<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > >::indexed_string, ikos::z_number> >, crab::analyzer::intra_abs_transformer<crab::domains::array_expansion_domain<crab::domains::elina_domain_<ikos::z_number, crab::cfg::var_factory_impl::variable_factory<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > >::indexed_string, (crab::domains::elina_domain_id_t)2> > > >::analyze(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, crab::domains::array_expansion_domain<crab::domains::elina_domain_<ikos::z_number, crab::cfg::var_factory_impl::variable_factory<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > >::indexed_string, (crab::domains::elina_domain_id_t)2> >&) (fwd_analyzer.hpp:80)
==6092==    by 0x2AB911: ikos::interleaved_fwd_fixpoint_iterator_impl::wto_iterator<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, crab::cfg::cfg_ref<crab::cfg::cfg<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, crab::cfg::var_factory_impl::variable_factory<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > >::indexed_string, ikos::z_number> >, crab::domains::array_expansion_domain<crab::domains::elina_domain_<ikos::z_number, crab::cfg::var_factory_impl::variable_factory<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > >::indexed_string, (crab::domains::elina_domain_id_t)2> > >::visit(ikos::wto_vertex<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, crab::cfg::cfg_ref<crab::cfg::cfg<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, crab::cfg::var_factory_impl::variable_factory<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > >::indexed_string, ikos::z_number> > >&) (fwd_fixpoint_iterators.hpp:419)
==6092==    by 0x201009: ikos::wto<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, crab::cfg::cfg_ref<crab::cfg::cfg<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, crab::cfg::var_factory_impl::variable_factory<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > >::indexed_string, ikos::z_number> > >::accept(ikos::wto_component_visitor<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, crab::cfg::cfg_ref<crab::cfg::cfg<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, crab::cfg::var_factory_impl::variable_factory<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > >::indexed_string, ikos::z_number> > >*) (wto.hpp:743)
==6092==  If you believe this happened as a result of a stack
==6092==  overflow in your program's main thread (unlikely but
==6092==  possible), you can try to increase the size of the
==6092==  main thread stack using the --main-stacksize= flag.
==6092==  The main thread stack size used in this run was 8388608.
==6092== 
==6092== HEAP SUMMARY:
==6092==     in use at exit: 216,665,945 bytes in 3,566,557 blocks
==6092==   total heap usage: 42,448,431 allocs, 38,881,874 frees, 3,415,306,951 bytes allocated
==6092== 
==6092== LEAK SUMMARY:
==6092==    definitely lost: 2,543,067 bytes in 137,568 blocks
==6092==    indirectly lost: 237,196 bytes in 11,956 blocks
==6092==      possibly lost: 92,732,261 bytes in 661,108 blocks
==6092==    still reachable: 121,153,421 bytes in 2,755,925 blocks
==6092==         suppressed: 0 bytes in 0 blocks
==6092== Rerun with --leak-check=full to see details of leaked memory
==6092== 
==6092== For counts of detected and suppressed errors, rerun with: -v
==6092== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 0 from 0)

cc @caballa

Cannot build with vector instructions on macOS

Hi,

I am trying to build ELINA on macOS 10.13.5. When not using any vector instructions, it builds correctly. However when using either SSE or AVX support, I get compile errors saying that v_double_type is an undeclared identifier.

According to sysctl the following instruction sets are supported by my CPU, so I believe that both of those options should work:

FPU VME DE PSE TSC MSR PAE MCE CX8 APIC SEP MTRR PGE MCA CMOV PAT PSE36 CLFSH DS ACPI MMX FXSR SSE SSE2 SS HTT TM PBE SSE3 PCLMULQDQ DTES64 MON DSCPL VMX EST TM2 SSSE3 FMA CX16 TPR PDCM SSE4.1 SSE4.2 x2APIC MOVBE POPCNT AES PCID XSAVE OSXSAVE SEGLIM64 TSCTMR AVX1.0 RDRAND F16C

My version of clang is:

Apple LLVM version 9.0.0 (clang-900.0.39.2)
Target: x86_64-apple-darwin17.6.0
Thread model: posix
InstalledDir: /Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin

The full error log given by make IS_VECTOR=-DVECTOR is

(cd elina_auxiliary; make all)
make[1]: Nothing to be done for `all'.
(cd elina_linearize; make all)
make[1]: Nothing to be done for `all'.
(cd partitions_api; make all)
make[1]: Nothing to be done for `all'.
(cd elina_oct; make all)
cc -c -Wcast-qual -Wswitch -Wall -Wextra -Wundef -Wcast-align -Wno-unused -U__STRICT_ANSI__ -fPIC -O3 -DNDEBUG -Werror-implicit-function-declaration -Wbad-function-cast -Wstrict-prototypes -std=c99 -g  -DNUM_LONGLONGRAT -DNUM_DOUBLE -DTHRESHOLD=0.75 -DTIMING -D_GNU_SOURCE -pthread -fno-tree-vectorize -m64 -march=native   -I../elina_auxiliary -I../elina_linearize -I../partitions_api   -o opt_oct_closure_dense.o opt_oct_closure_dense.c -L../partitions_api -lpartitions -L../elina_auxiliary -lelinaux -L../elina_linearize -lelinalinearize  -lmpfr  -lgmp -lm
clang: warning: -lpartitions: 'linker' input unused [-Wunused-command-line-argument]
clang: warning: -lelinaux: 'linker' input unused [-Wunused-command-line-argument]
clang: warning: -lelinalinearize: 'linker' input unused [-Wunused-command-line-argument]
clang: warning: -lmpfr: 'linker' input unused [-Wunused-command-line-argument]
clang: warning: -lgmp: 'linker' input unused [-Wunused-command-line-argument]
clang: warning: -lm: 'linker' input unused [-Wunused-command-line-argument]
clang: warning: argument unused during compilation: '-L../partitions_api' [-Wunused-command-line-argument]
clang: warning: argument unused during compilation: '-L../elina_auxiliary' [-Wunused-command-line-argument]
clang: warning: argument unused during compilation: '-L../elina_linearize' [-Wunused-command-line-argument]
In file included from opt_oct_closure_dense.c:22:
In file included from ./opt_oct_closure_dense.h:29:
In file included from ./opt_oct_hmat.h:31:
In file included from ./opt_oct_internal.h:87:
In file included from ./opt_oct.h:38:
In file included from ../elina_linearize/elina_generic.h:35:
In file included from ../elina_linearize/elina_linearize.h:32:
../elina_linearize/elina_rat.h:66:68: warning: unused parameter 'num' [-Wunused-parameter]
static inline bool elina_rat_set_int(elina_rat_t *a, long long int num){
                                                                   ^
opt_oct_closure_dense.c:51:3: error: use of undeclared identifier 'v_double_type'
                v_double_type t1 = v_set1_double(temp[i^1]);
                ^
opt_oct_closure_dense.c:55:4: error: use of undeclared identifier 'v_double_type'
                        v_double_type t2 = v_load_double(temp + j*v_length);
                        ^
opt_oct_closure_dense.c:56:4: error: use of undeclared identifier 'v_double_type'
                        v_double_type op1 = v_add_double(t1,t2);
                        ^
opt_oct_closure_dense.c:57:4: error: use of undeclared identifier 'v_double_type'
                        v_double_type op2 = v_load_double(p + j*v_length);
                        ^
opt_oct_closure_dense.c:58:4: error: use of undeclared identifier 'v_double_type'
                        v_double_type res = v_min_double(op1, op2);
                        ^
opt_oct_closure_dense.c:60:4: error: implicit declaration of function 'v_store_double' is invalid in C99
      [-Werror,-Wimplicit-function-declaration]
                        v_store_double(m + (((i+1)*(i+1))/2) + j*v_length, res);
                        ^
opt_oct_closure_dense.c:60:4: warning: this function declaration is not a prototype [-Wstrict-prototypes]
opt_oct_closure_dense.c:60:55: error: use of undeclared identifier 'res'
                        v_store_double(m + (((i+1)*(i+1))/2) + j*v_length, res);
                                                                           ^
opt_oct_closure_dense.c:100:3: error: use of undeclared identifier 'v_double_type'
                v_double_type t1 = v_set1_double(temp[i^1]);
                ^
opt_oct_closure_dense.c:104:4: error: use of undeclared identifier 'v_double_type'
                        v_double_type t2 = v_load_double(temp + j*v_length);
                        ^
opt_oct_closure_dense.c:105:4: error: use of undeclared identifier 'v_double_type'
                        v_double_type op1 = v_add_double(t1,t2);
                        ^
opt_oct_closure_dense.c:106:4: error: use of undeclared identifier 'v_double_type'
                        v_double_type op2 = v_load_double(p + j*v_length);
                        ^
opt_oct_closure_dense.c:107:4: error: use of undeclared identifier 'v_double_type'
                        v_double_type res = v_min_double(op1, op2);
                        ^
opt_oct_closure_dense.c:109:55: error: use of undeclared identifier 'res'
                        v_store_double(m + (((i+1)*(i+1))/2) + j*v_length, res);
                                                                           ^
opt_oct_closure_dense.c:222:3: error: use of undeclared identifier 'v_double_type'
                v_double_type t1 = v_set1_double(m[ind2]);
                ^
opt_oct_closure_dense.c:223:3: error: use of undeclared identifier 'v_double_type'
                v_double_type t2 = v_set1_double(m[ind1]);
                ^
opt_oct_closure_dense.c:229:4: error: use of undeclared identifier 'v_double_type'
                        v_double_type t3 = v_load_double(p1 + j*v_length);
                        ^
opt_oct_closure_dense.c:230:4: error: use of undeclared identifier 'v_double_type'
                        v_double_type op1 = v_add_double(t1,t3);
                        ^
opt_oct_closure_dense.c:232:4: error: use of undeclared identifier 'v_double_type'
                        v_double_type t4 = v_load_double(p2 + j*v_length);
                        ^
opt_oct_closure_dense.c:233:4: error: use of undeclared identifier 'v_double_type'
                        v_double_type op2 = v_add_double(t2,t4);
                        ^
fatal error: too many errors emitted, stopping now [-ferror-limit=]
2 warnings and 20 errors generated.
make[1]: *** [opt_oct_closure_dense.o] Error 1
make: *** [c] Error 2

Please let me know if there's any other information on my system that you need.

Segmentation fault by minimize

Hello,

The following code, in which it tries to minimize an abstract value, failed with segmentation fault.

open Apron

let _ =
  let man = Elina_poly.manager_alloc_loose () in
  let env = Environment.make [||] [||] in
  let abs = Abstract1.top man env in
  Abstract1.minimize man abs

segmentation fault: 11

Same result in C.

#include <limits.h>
#include "ap_environment.h"
#include "ap_abstract1.h"
#include "opt_pk.h"

int main(int argc, char **argv){
  elina_manager_t* man = opt_pk_manager_alloc(false);
  ap_environment_t* env = ap_environment_alloc_empty();
  ap_abstract1_t abs = ap_abstract1_top(man, env);
  ap_abstract1_minimize(man, &abs);
  return 0;
}

I am suspecting there may be a type mismatch on registering the minimize function. The type of its argument is opt_pk_t*, not opt_pk_array_t*, though I am not sure this is the source of the crash.

void opt_pk_minimize(elina_manager_t* man, opt_pk_t* o);

Infer results on Elina

Hello Gagan,

I tried running our analyzer Infer on Elina and got some signals. I report this because I thought you may be interested in addressing the signals and making Elina more stable. Full report is here.

       NULL_DEREFERENCE: 190
             DEAD_STORE: 127

For NULL_DEREFERENCE, a lot of malloced pointers are used without null checks.
For DEAD_STORE, I think most of them are legit.

  INFERBO_ALLOC_IS_ZERO: 67
      BUFFER_OVERRUN_L3: 46
      BUFFER_OVERRUN_S2: 16
            MEMORY_LEAK: 11
    UNINITIALIZED_VALUE: 9

For the other signals, most of them are false positives, because the buffer overrun checker is under development (experimental) and Infer has not been focusing on C. I believe you can ignore them, though it may include true positives.

Sincerely,
Sungkeun

Using `int` instead of `long`

In elina_linexpr0.h the _frac functions use int and unsigned int but in other parts of the library (e.g., elina_scalar) they use long and unsigned long

Weird results of sat_tcons and sat_lincons

I encountered some weird cases with sat_tcons and sat_lincons and don't know how to understand its return values. This is sample code showing the weirdness.

open Apron

let test_tcons man abs tcons =
  let res = Abstract1.sat_tcons man abs tcons in
  Format.fprintf Format.err_formatter "tcons(%a):%b@." Tcons1.print tcons res

let test_lincons man abs lincons =
  let res = Abstract1.sat_lincons man abs lincons in
  Format.fprintf Format.err_formatter "lincons(%a):%b@." Lincons1.print lincons
    res

let _ =
  let man = Elina_poly.manager_alloc_loose () in
  let var_x = Var.of_string "x" in
  let var_y = Var.of_string "y" in
  let env = Environment.make [|var_x; var_y|] [||] in
  let tab = Parser.lincons1_of_lstring env ["x>=0"] in
  let abs = Abstract1.of_lincons_array man env tab in
  Format.fprintf Format.err_formatter "abs:%a@." Abstract1.print abs ;
  let tcons1 = Parser.tcons1_of_string env "x-y>=0" in
  test_tcons man abs tcons1 ;
  let tcons2 = Parser.tcons1_of_string env "y-x>=0" in
  test_tcons man abs tcons2 ;
  let lincons1 = Parser.lincons1_of_string env "x-y>=0" in
  test_lincons man abs lincons1 ;
  let lincons2 = Parser.lincons1_of_string env "y-x>=0" in
  test_lincons man abs lincons2

It tests the satisfiabilities of x-y>=0 and y-x>=0 under the abstract state x>=0. I expect all return false, because there is no information about y in the abstract state. However, the result is:

abs:[|x>=0|]
tcons(x - y - 0 >= 0):true
tcons(y - x - 0 >= 0):false
lincons(x-y>=0):true
lincons(-x+y>=0):false

If I change the manager to Apron's (by Oct.manager_alloc), it returns all false. Am I missing something for calling sat_tcons and sat_lincons?

Missing import of `limits.h`

The file elina_dimension.h uses UINT_MAX which is defined in limits.h but does not #include that header.

Combination of substitution and dimension removal can crash polyhedra domain

Hi Gagandeep,

I have encountered a case where the polyhedra domain crashes with an internal null pointer exception when doing the following:

Create a top value with 3 dimensions.
Substitute the first dimension by the third by using a linear expression.
Remove the first two dimensions.
Substitute the remaining dimension by a zero vector.

You can reproduce it by using the following (minimal) example:

elina_manager_t *man = opt_pk_manager_alloc(false);
elina_abstract0_t *abs = elina_abstract0_top(man, 0, 3);

elina_dimchange_t removal;
elina_dimchange_init(&removal, 0, 2);
removal.dim[0] = 0;
removal.dim[1] = 1;

elina_linexpr0_t *sub1expr = elina_linexpr0_alloc(ELINA_LINEXPR_DENSE, 3);
elina_coeff_set_scalar_double(sub1expr->p.coeff + 2, 1);

elina_linexpr0_t *sub2expr = elina_linexpr0_alloc(ELINA_LINEXPR_DENSE, 1);

elina_abstract0_substitute_linexpr(man, true, abs, 0, sub1expr, NULL);
elina_abstract0_remove_dimensions(man, true, abs, &removal);
elina_abstract0_substitute_linexpr(man, true, abs, 0, sub2expr, NULL);

Running this code leads a null pointer exception when executing the last line: In opt_pk_assign.c in line 244

nbcons +=  poly_a[k]->C->nbrows;

poly_a[k]->C is NULL.

I am currently on the most recent commit of the master branch.

Best regards,
Tobias

Mistype function name?

In elina_linexpr.h the function elina_linexpr0_set_coeffinterval appears to be misspelled,
following the pattern it should probably be named elina_linexrp0_set_coeff_interval.

GPU or Xeon Phi support?

Is there any plan to add GPU or Xeon Phi support?

Thanks in advance,
Jack

Joining operation throws overflow exception for small coefficients/dimensions

Hi,
The code here joins two 6-dimension boxes. For each dimension, the width is no more than 100. Despite the coefficients, constants, dimensions being relatively small, ELINA throws overflow exception when joining is performed.
Running gdb shows there indeed is an overflow, but what could possibly cause that?

Thanks,
Yiyun

Any plans for `int_64` coefficients or, ideally, `mpz_t` coefficients?

Hello,

Unless I'm misunderstanding ELINA currently supports 32-bit integers for its coefficients but no larger (i.e. there is no elina_coeff_set_interval_int that works with long long int). It seems that ELINA is using long long ints for the coefficients of its linear constraint arrays, but only internally, is that correct?

I was just curious as to whether there were any plans on expanding the possible size of coefficient values. PPL is able to support mpz_t coefficients, is this feasible for ELINA? We'd prefer to use ELINA for its automatic decomposition, etc.

Thanks so much for your work!

-Jose

EXC_BAD_ACCESS when freeing abstract polyhedra values

Hi,

I am encountering issues freeing some abstract values in the polyhedra domain. I have gotten the EXC_BAD_ACCESS exception in ~~two~~ ~~three~~ ~~four~~ ~~five~~ six different places so far:

opt_pk_representation.c line 54 because opo has value 0x1000000000000000
array_comp_list.c line 48 because cl has value 0x1000000000000000
opt_pk_matrix.c line 120 because omat has value 0x8000000000000002
opt_pk_matrix.c line 121 because omat->p has value 0x300000000000000b
opt_pk_satmat.c line 66 because os has value 0x0000000000000004
comp_list.c line 73 because c has value 0x0x4000000000000003

I have also gotten a "freeing value that was not allocated" in opt_pk_representation.c line 89.

Unfortunately I have not found easy (small) examples that reproduce these errors, but I will try to find some and update you with them.

My strategy initially was to just avoid freeing objects for now, however I am now getting to cases where the free function is called by opt_poly_set_bottom after some meets.

Best regards,
Tobias

zonotope_is_leq function not implemented

Hi Gagandeep!

I noticed that zonotope_is_leq is not implemented. I wanted to know if this is something you can add quickly or plan to add? My current work around has been converting zonotopes to boxes and doing the calculation but that is too imprecise.

Regards,
Shankara

Haskell Bindings, and Apron Support Questions

I'm in the process of writing Haskell bindings for ELINA, and having found Apron, I'm considering going through it instead for consistency.

What is the status of ELINA's Apron support? Is it a preferable way forward for implementing language bindings, or should I be binding ELINA directly?

Thanks!

Compilation failure due to wrong path

Hi,

I am installing ELINA as a dependency of the ERAN analyzer.
The make command gave me the following errors:
/usr/bin/ld: cannot find -lmpfr
/usr/bin/ld: cannot find -lgmp
collect2: error: ld returned 1 exit status
Makefile:78: recipe for target 'libelinaux.so' failed
make[1]: *** [libelinaux.so] Error 1

I am running it on a compute cluster, so I don't have sudo rights.
I install m4, gmp, mpfr in my home dir instead of the default dir. Therefore I suppose the failure is due to path not being correctly set?
But I am confused about how to SET the path Correctly. Shall I change some environment variables? Or to run configure with certain options?
I would appreciate it if you could give me a precise answer. Thanks!

Regards,
Yuyi

Parallel assignment outputs top in the octagon domain.

In the octagon domain, performing a parallel assignment yields top even when the assignment operation is identity. There is example code showing this behavior here.

dependency to APRON

README.md says that ELINA is built in top of APRON. On the other hand some recent commit say that the dependency to APRON has been removed and there is a HAS_APRON flag that is never defined. It would be great to update the README to reflect the current state. Thanks!

Complete OPAM packaging

(I copied comments from #16 here, because it seems to be more visible.)

Hi Gagan,

Thank you very much for the review and merge. ❤️

In order to complete the OPAM packaging, we need to do some more things.

Making a tarball (e.g. elina-1.0.tar.gz) for the package manager to get the same files by its version name.
- Since your repository is on GitHub, I think it is enough to add a git tag with the version name, then we can use the tarball link from GitHub, e.g., https://github.com/skcho/ELINA/archive/1.0.tar.gz .
- Otherwise, you can use your own server (http://elina.ethz.ch/) to distribute the tarball.
Adding ELINA's info to the main opam repository: If the tarball link is prepared, we can make a PR to the main opam repository, which makes opam users can easily install ELINA with one command, opam install elina.

Though (1) is impossible for me as I can't change tags on your repository, I can do (2) if you are happy with that. 😉

Sincerely,
Sungkeun

Meet/Join with different dims?

[Help Request]
Is there a way to meet/join/etc with opt_pk_array_t that have dimensions corresponding to different variables?

Say one state has dims corresponding to ["a", "b"] and the other state corresponding to ["c","d"], when doing a join I might expect ["a","b","c","d"] dimensions with corresponding constraints, instead of just the constraints joined from the two states with just 2 variables (since the dims are 0 and 1 for both of the states).

Do I need to keep track if the dim names are different and then change the linconstraints for the different dims before doing the join operation? If so, how would I do this?

configure doesn't generate Makefile.config until -apron-srcroot is set

Hello,

I've tried to build ELINA and found that its build script doesn't work as expected.

If I launch the command
./configure
it prints
Apron source not found, set APRON_SRCROOT
and generates nothing.

But if I run the command even with a fake value of -apron-srcroot option, i.e.
./configure -apron-srcroot 0
it prints

detected configuration:

   optional OCaml support       0
   optional OCamlFind support   0
   optional Java support        0

   installation path            /usr/local

and generates Makefile.config.

The further build with make is possible only if Makefile.config is generated. Moreover, apron is not used during the build, because the further build succeeds even if fake value for -apron-srcroot is set.

Seems that this is a bug.

elina_abstract0_from_zonotope is not defined

Hi Gagandeep,

This is in relation to our use of ERAN with ELINA. We further debugged and we seem to see that the method elina_abstract0_from_zonotope in zonoml.h is undefined in the project. We also see that the associated mapping in the python interface seems to be missing.

Can you verify this? Or could you point us to a version which has these definitions? We see this in a version of ELINA that we cloned today.

We were wondering if the zonoml_reduced_product.c was supposed to contain the implementation, but maybe this was missed during the latest merge.

This is important to our work, so I'm trying to debug it too. Any help would be appreciated :-)

Regards,
Antonio

Memory leaks (Valgrind) in elina_poly

I've found a memory leak with Valgrind on the opt_poly manager. To be precise, in one of these functions (opt_pk_assign_linexpr_array, opt_poly_asssub_linexpr or opt_poly_asssub_linexpr_det) of the opt_pk_assign.c file.

Below lists the Valgrind output:

==10305== Invalid write of size 8
==10305==    at 0x10186647: opt_poly_asssub_linexpr_det (opt_pk_assign.c:305)
==10305==    by 0x1018754C: opt_poly_asssub_linexpr (opt_pk_assign.c:667)
==10305==    by 0x10189022: opt_pk_assign_linexpr_array (opt_pk_assign.c:1285)
==10305==    by 0x7A7E620: elina_abstract0_asssub_linexpr_array (elina_abstract0.c:1046)
==10305==    by 0x7A7E620: elina_abstract0_asssub_linexpr_array (elina_abstract0.c:1019)
==10305==    by 0xFCB8253: elina_abstract1_asssub_linexpr_array (elina_abstract1.c:445)
==10305==    by 0xFCB846A: elina_abstract1_assign_linexpr (elina_abstract1.c:546)
==10305==    by 0xFCB3CF9: assignExpr (elina_interface.c:301)
==10305==    by 0xFCB3CF9: assignExprToReg (elina_interface.c:317)
==10305==    by 0xFCB40C2: initStack (elina_interface.c:411)

==10305==  Address 0x752c668 is 0 bytes after a block of size 24 alloc'd
==10305==    at 0x483577F: malloc (vg_replace_malloc.c:299)
==10305==    by 0x1018C33E: opt_vector_alloc (opt_pk_vector.c:45)
==10305==    by 0x101815E2: opt_matrix_alloc (opt_pk_matrix.c:71)
==10305==    by 0x1018659F: opt_poly_asssub_linexpr_det (opt_pk_assign.c:286)
==10305==    by 0x1018754C: opt_poly_asssub_linexpr (opt_pk_assign.c:667)
==10305==    by 0x10189022: opt_pk_assign_linexpr_array (opt_pk_assign.c:1285)
==10305==    by 0x7A7E620: elina_abstract0_asssub_linexpr_array (elina_abstract0.c:1046)
==10305==    by 0x7A7E620: elina_abstract0_asssub_linexpr_array (elina_abstract0.c:1019)
==10305==    by 0xFCB8253: elina_abstract1_asssub_linexpr_array (elina_abstract1.c:445)
==10305==    by 0xFCB846A: elina_abstract1_assign_linexpr (elina_abstract1.c:546)
==10305==    by 0xFCB3CF9: assignExpr (elina_interface.c:301)
==10305==    by 0xFCB3CF9: assignExprToReg (elina_interface.c:317)
==10305==    by 0xFCB40C2: initStack (elina_interface.c:411)
==10305==    by 0x48978ED: ffi_call_unix64 (in /usr/lib/x86_64-linux-gnu/libffi.so.6.0.4)

==10305== Invalid read of size 8
==10305==    at 0x101937E3: select_variable (opt_pk_project.c:221)
==10305==    by 0x10193E07: opt_poly_projectforget_array (opt_pk_project.c:387)
==10305==    by 0x10186CF1: opt_poly_asssub_linexpr_det (opt_pk_assign.c:386)
==10305==    by 0x1018754C: opt_poly_asssub_linexpr (opt_pk_assign.c:667)
==10305==    by 0x10189022: opt_pk_assign_linexpr_array (opt_pk_assign.c:1285)
==10305==    by 0x7A7E620: elina_abstract0_asssub_linexpr_array (elina_abstract0.c:1046)
==10305==    by 0x7A7E620: elina_abstract0_asssub_linexpr_array (elina_abstract0.c:1019)
==10305==    by 0xFCB8253: elina_abstract1_asssub_linexpr_array (elina_abstract1.c:445)
==10305==    by 0xFCB846A: elina_abstract1_assign_linexpr (elina_abstract1.c:546)
==10305==    by 0xFCB3CF9: assignExpr (elina_interface.c:301)
==10305==    by 0xFCB3CF9: assignExprToReg (elina_interface.c:317)
==10305==    by 0xFCB40C2: initStack (elina_interface.c:411)
==10305==    by 0x48978ED: ffi_call_unix64 (in /usr/lib/x86_64-linux-gnu/libffi.so.6.0.4)
==10305==    by 0x48972BE: ffi_call (in /usr/lib/x86_64-linux-gnu/libffi.so.6.0.4)

==10305==  Address 0xada5b58 is 0 bytes after a block of size 24 alloc'd
==10305==    at 0x483577F: malloc (vg_replace_malloc.c:299)
==10305==    by 0x1018C33E: opt_vector_alloc (opt_pk_vector.c:45)
==10305==    by 0x101815E2: opt_matrix_alloc (opt_pk_matrix.c:71)
==10305==    by 0x101865C8: opt_poly_asssub_linexpr_det (opt_pk_assign.c:287)
==10305==    by 0x1018754C: opt_poly_asssub_linexpr (opt_pk_assign.c:667)
==10305==    by 0x10189022: opt_pk_assign_linexpr_array (opt_pk_assign.c:1285)
==10305==    by 0x7A7E620: elina_abstract0_asssub_linexpr_array (elina_abstract0.c:1046)
==10305==    by 0x7A7E620: elina_abstract0_asssub_linexpr_array (elina_abstract0.c:1019)
==10305==    by 0xFCB8253: elina_abstract1_asssub_linexpr_array (elina_abstract1.c:445)
==10305==    by 0xFCB846A: elina_abstract1_assign_linexpr (elina_abstract1.c:546)
==10305==    by 0xFCB3CF9: assignExpr (elina_interface.c:301)
==10305==    by 0xFCB3CF9: assignExprToReg (elina_interface.c:317)
==10305==    by 0xFCB40C2: initStack (elina_interface.c:411)
==10305==    by 0x48978ED: ffi_call_unix64 (in /usr/lib/x86_64-linux-gnu/libffi.so.6.0.4)

Sorry for not providing a test case. You can ignore the functions initStack, assignExpr* and elina_abstract1*. There are wrappers to ELINA (they are similar to the apron level 1 interface).

In brief, I allocate a linexpr0 (elina_linexpr0_alloc()), and then I assign an expression to it (elina_abstract0_asssub_linexpr_array).

Thank you in advance!!

clang: error: unknown argument: '-mno-fused-madd'

The error is with clang

Apple LLVM version 10.0.0 (clang-1000.10.44.4)
Target: x86_64-apple-darwin18.2.0

It's caused by the option mno-fused-add in Makefile.config:

# Architecture specific flags
AFLAGS = -D_GNU_SOURCE -pthread -fno-tree-vectorize -m64 -march=native -mno-fused-madd

Adding a new variable and interval to Poly

(Help Request, not an issue with the library necessarily)
I am using the library with C++ and don't have access to Apron.

I am wanting to insert a new variable with INT_MIN and INT_MAX interval constraints to a poly. (I know this example is simple, but I want to build on it to keep adding variables and relationships).

auto man_ = createManager(false);
auto newVarlin = elina_linexpr0_alloc(ELINA_LINEXPR_SPARSE, curSize);
elina_linexpr0_set_coeff_scalar_int(newVarlin, curSize, 1);
newVarlin->p.linterm[0].dim = curSize;
elina_linexpr0_set_cst_interval_int(newVarlin, INT_MIN, INT_MAX);
auto lincons = elina_lincons0_make(ELINA_CONS_SUPEQ, newVarlin, nullptr);
auto lincons_array = elina_lincons0_array_make(1);
lincons_array.p[0] = lincons;
auto top = opt_pk_top(man_, curDims.realdim, curDims.intdim + 2);
auto linPoly = opt_pk_meet_lincons_array(man_.get(), false, top, &lincons_array);
elina_lincons0_array_clear(&lincons_array);
//(I know I don't have to convert and back again, but in my actual code I am doing a stuff in between)
elina_lincons0_array_t arr0 = opt_pk_to_lincons_array(man_, linPoly);
elina_lincons0_array_fprint(stdout, &arr0, nullptr);
fflush(stdout);
elina_lincons0_array_clear(&arr0);

If I print the array as above, I will get something like:

1
array of constraints of size 1
0: x0 + 2147483647 >= 0

Is there a different way to do this to include both the INT_MIN and INT_MAX constraints? I am new to this library as well so feel free to point out misconceptions you see.

Test result of Abstract1.expand in mlexample.byte

Hello. When running ocaml_interface/mlexample.byte (and mlexample.opt), the test result of Abstract1.expand looks strange.

abs=[|3x+4y-6=0; 2w+z-1>=0; -2w-z+4>=0; u>=0; -u+5>=0|]
p2=expand(abs,y,[y1,y2]))=[|3x+4v-6=0; y-v=0; u-v=0; 2w+z-1>=0; -2w-z+4>=0;
                            a>=0; -a+5>=0|]

There is no expanded variables such as y1 and y2, in the constraints. The below is the test result after changing it to use Apron's Polka instead of Elina_poly with the same OCaml code.

abs=[|3x+4y-6=0; -2w-z+4>=0; -u+5>=0; u>=0; 2w+z-1>=0|]
p2=expand(abs,y,[y1,y2]))=[|3x+4y2-6=0; 3x+4y1-6=0; 3x+4y-6=0; -2w-z+4>=0;
                            -u+5>=0; u>=0; 2w+z-1>=0|]

Am I the only one who has the issue?

Makefile in fppoly references non-existant sign_approx.o

When trying to make ELINA, make inside fppoly fails. This seems to be because it references sign_approx.o, for which neither a header nor a cpp file exists.

Implementation of `opt_pk_array_fprint` is incomplete.

The implementation of opt_pk_array_fprint (and hence abstract0_fprint) doesn't actually call out to opt_pk_fprint. There's some code there which looks reasonable, but it has been commented out.

I'm assuming there was some problem there I am not seeing?

segmentation fault: ./elina_test_poly 5 5

Hello, I got the same error of #6 in MacOS, though the position of segmentation fault is different.

$ DYLD_LIBRARY_PATH=../partitions_api:../elina_auxiliary:../elina_linearize ./elina_test_poly 5 5
Testing Meet
ELINA Input Polyhedra
4
array of constraints of size 4
 0: x0 + x1 + 2 >= 0
 1: x2 >= 0
 2: x3 + 3x4 + 5 >= 0
 3: 2x3 + x4 + 3 >= 0
4
array of constraints of size 4
 0: 3x0 + 5x1 + 3 >= 0
 1: x2 >= 0
 2: x3 + x4 + 3 >= 0
 3: 3x3 + 2x4 + 9 >= 0
ELINA Output Polyhedron
5
array of constraints of size 5
 0: x3 + 3x4 + 5 >= 0
 1: 2x3 + x4 + 3 >= 0
 2: x2 >= 0
 3: 3x0 + 5x1 + 3 >= 0
 4: x0 + x1 + 2 >= 0
Testing Join
ELINA Input Polyhedra
4
array of constraints of size 4
 0: 3x0 + 2x1 + 5 = 0
 1: x2 >= 0
 2: 2x3 + x4 + 9 >= 0
 3: 2x3 + 3x4 + 1 >= 0
4
array of constraints of size 4
 0: x0 + x1 + 6 >= 0
 1: x2 + 2 >= 0
 2: 2x3 + 3x4 + 4 >= 0
 3: 3x3 + 2x4 + 1 >= 0
ELINA Output Polyhedron
5
array of constraints of size 5
 0: 2x3 + 3x4 + 4 >= 0
 1: 4x3 + 5x4 + 6 >= 0
 2: 6x3 + 4x4 + 23 >= 0
 3: x2 + 2 >= 0
 4: 21x2 + 12x3 + 8x4 + 46 >= 0
Testing Assign
ELINA Input Polyhedron
4
array of constraints of size 4
 0: x0 + 4x1 + 6 = 0
 1: x2 + 1 >= 0
 2: x3 + 2x4 + 8 >= 0
 3: 2x3 + x4 + 1 >= 0
Assignment statement
x3 = x0 + 1
ELINA Output Polyhedron
4
array of constraints of size 4
 0: 2x1 + 3 = 0
 1: x2 + 1 >= 0
 2: x0 + 6 = 0
 3: x0 - x3 + 1 = 0

Testing Parallel Assign
ELINA Input Polyhedron
4
array of constraints of size 4
 0: 5x0 + 4x1 + 5 >= 0
 1: x2 + 2 >= 0
 2: x3 + 2x4 + 4 >= 0
 3: 3x3 + x4 + 7 >= 0
Assignment statement
x3 = 2x0 + 4
x0 = 4x0 + 8
x1 = 3x0 + 2
x3 = 3x0 + 6
x2 = 2x0 + 4
ELINA Output Polyhedron
3
array of constraints of size 3
 0: -x0 + 2x2 = 0
 1: -x0 + 2x3 = 0
 2: -3x0 + 4x1 + 16 = 0

Testing Parallel Substittue
ELINA Input Polyhedron
4
array of constraints of size 4
 0: 3x0 + 4x1 + 8 >= 0
 1: x2 + 4 >= 0
 2: x3 + x4 + 3 >= 0
 3: x3 + 3x4 + 5 >= 0
Substitution statements
x3 = 5x0 + 2
x2 = x0 + 2
x0 = 4x0 + 4
x0 = 4x0 + 8
x2 = 3x0 + 6
ELINA Output Polyhedron
4
array of constraints of size 4
 0: 4x0 + x2 + 12 >= 0
 1: 5x0 + x3 + x4 + 5 >= 0
 2: 5x0 + x3 + 3x4 + 7 >= 0
 3: 6x0 + x1 + 11 >= 0

Testing Fold
ELINA Input Polyhedron
4
array of constraints of size 4
 0: x0 + x1 >= 0
 1: x2 + 1 >= 0
 2: x3 + 2x4 + 8 >= 0
 3: 3x3 + x4 + 1 >= 0
Dimensions: 2 4 
ELINA Output Polyhedron
1
array of constraints of size 1
 0: x0 + x1 >= 0

Testing Expand
ELINA Input Polyhedron
4
array of constraints of size 4
 0: 5x0 + x1 = 0
 1: x2 + 2 >= 0
 2: x3 + 3x4 + 9 >= 0
 3: 3x3 + 2x4 + 9 >= 0
tdim: 1 dimsup: 1
ELINA Output Polyhedron
5
array of constraints of size 5
 0: 5x0 + x5 = 0
 1: x1 - x5 = 0
 2: x2 + 2 >= 0
 3: x3 + 3x4 + 9 >= 0
 4: 3x3 + 2x4 + 9 >= 0

Testing Sat Lincons
 ELINA Input Polyhedron
4
array of constraints of size 4
 0: 4x0 + x1 + 6 >= 0
 1: x2 >= 0
 2: 2x3 + x4 + 4 >= 0
 3: 2x3 + 3x4 + 6 >= 0

Linear constraint
4x1 = 0
segmentation fault: 11

Box manager funptr incomplete

I tried to port some simple examples from APRON to ELINA. This worked for simple linear expressions but resulted in a segmentation fault for t-expressions, which I think are required to perform e.g. multiplication on two intervals.
I could pinpoint the problem to the file elina_box_internal.c where the funptr array is only partly filled with the corresponding function pointers. Obviously accessing the index ELINA_FUNID_ASSIGN_TEXPR_ARRAY had to result in a segmentation fault as for this index there is no function assigned/implemented.
Are you planning to implement those "missing" functions? And if yes do you have a roadmap for this?
Thanks in advance!

Memory leaks in ELINA

Hi!

I am running my application (which uses ELINA) and I'm seeing memory leaks that seem to come from ELINA. The trace shows the following:

==31742== by 0x576DB1A: elina_interval_alloc (elina_interval.c:41)
==31742== by 0x533B272: zonotope_aff_alloc_init (zonotope_internal.h:207)
==31742== by 0x533B272: zonotope_aff_from_linexpr0 (zonotope_internal.c:318)
==31742== by 0x533D5D3: zonotope_meet_lincons_array (zonotope_meetjoin.c:69)
==31742== by 0x5774236: elina_abstract0_meet_lincons_array (elina_abstract0.c:984)
==31742== by 0x1A5741: Powerset::meet_lincons_array(elina_lincons0_array_t*) const (in /home/shankara/project/evaluate)

I am calling elina_abstract0_free for each allocation but I noticed the following code:
https://github.com/eth-sri/ELINA/blob/master/elina_zonotope/zonotope_internal.h#L341

where the free of a->itv is commented out. It seems from git history that this has always been commented out.

Is this supposed to be commented out? Any assistance would be great!

Thanks!

Segfault/Incorrect Results on using a polyhedron after assignment.

I'm experiencing a combination of segfaults and incorrect results when using a polyhedron, after assigning to a dimension using a linexpr.

Here's my (non)-working example:

#include "elina_linexpr0.h"
#include "opt_pk.h"
#include "opt_pk.h"

int main() {
  char* dim_names[] = { "x" };
  elina_manager_t* m = opt_pk_manager_alloc(false);

  opt_pk_array_t* p = opt_pk_top(m, 1, 0);

  elina_linexpr0_t* e = elina_linexpr0_alloc(ELINA_LINEXPR_SPARSE, 1);
  elina_linexpr0_set_cst_scalar_int(e, 23);

  elina_dim_t adim = 0;

  opt_pk_assign_linexpr_array(m, true, p, &adim, &e, 1, NULL);

  elina_lincons0_array_t lca = opt_pk_to_lincons_array(m, p);
  elina_lincons0_array_print(&lca, dim_names);

  elina_lincons0_array_clear(&lca);
  elina_linexpr0_free(e);
  opt_pk_free(m, p);
  elina_manager_free(m);
}

To my best knowledge, the segfault occurs during the conversion to linear constraint array:

Program received signal SIGSEGV, Segmentation fault.
elina_coeff_reinit (coeff=coeff@entry=0x55655555a4d0, coeff_discr=coeff_discr@entry=ELINA_COEFF_SCALAR, elina_scalar_discr=elina_scalar_discr@entry=ELINA_SCALAR_MPQ) at elina_coeff.c:92
92	  switch (coeff->discr){
(gdb) bt
#0  elina_coeff_reinit (coeff=coeff@entry=0x55655555a4d0, coeff_discr=coeff_discr@entry=ELINA_COEFF_SCALAR, elina_scalar_discr=elina_scalar_discr@entry=ELINA_SCALAR_MPQ) at elina_coeff.c:92
#1  0x00007ffff7a402fa in elina_coeff_set_scalar_numint (num=0, coeff=0x55655555a4d0) at opt_pk_user.c:33
#2  opt_lincons0_of_vector (opk=opk@entry=0x555555559260, ov=0x55555555a600, ca=ca@entry=0x555555559e30, vsize=2, size=<optimized out>) at opt_pk_user.c:334
#3  0x00007ffff7a5ab5c in opt_pk_to_lincons_array (man=<optimized out>, oa=0x555555559e10) at opt_pk_extract.c:360
#4  0x000055555555582a in main ()

Additionally, if I initialize p in the example above to bottom, the program does not segfault, but instead returns bottom. My understanding is that this is still an incorrect result.

Do let me know if there is any additional information I can provide.

Polyhedra domain does not set exactness flag correctly when calculating join

Hi Gagandeep,

I have run into another issue with the polyhedra domain. Consider the following two abstract values (with two dimensions each):

x0 - x1 >= 0 ∧ x1 >= 0
x0 >= 0 ∧ -x1 >= 0

Their join is given by x0 - x1 >= 0 ∧ x0 >= 0. ELINA calculates this correctly, but does not set the exactness flag to true, even though this is exact and not an over-approximation.

You can use the following code to reproduce this:

elina_manager_t *man = opt_pk_manager_alloc(false);
elina_funopt_t opt;
elina_funopt_init(&opt);
opt.flag_exact_wanted = true;
opt.algorithm = INT_MAX;
elina_manager_set_funopt(man, ELINA_FUNID_JOIN, &opt);

elina_abstract0_t *abs1 = elina_abstract0_top(man, 0, 2);
elina_abstract0_t *abs2 = elina_abstract0_top(man, 0, 2);

elina_linexpr0_t *expr1 = elina_linexpr0_alloc(ELINA_LINEXPR_DENSE, 2);
elina_coeff_set_scalar_double(expr1->p.coeff, 1);
elina_coeff_set_scalar_double(expr1->p.coeff + 1, -1);

elina_linexpr0_t *expr2 = elina_linexpr0_alloc(ELINA_LINEXPR_DENSE, 2);
elina_coeff_set_scalar_double(expr2->p.coeff + 1, 1);

elina_lincons0_array_t cons_array1 = elina_lincons0_array_make(2);
cons_array1.p[0] = elina_lincons0_make(ELINA_CONS_SUPEQ, expr1, NULL);
cons_array1.p[1] = elina_lincons0_make(ELINA_CONS_SUPEQ, expr2, NULL);

elina_linexpr0_t *expr3 = elina_linexpr0_alloc(ELINA_LINEXPR_DENSE, 2);
elina_coeff_set_scalar_double(expr3->p.coeff, 1);

elina_linexpr0_t *expr4 = elina_linexpr0_alloc(ELINA_LINEXPR_DENSE, 2);
elina_coeff_set_scalar_double(expr4->p.coeff + 1, -1);

elina_lincons0_array_t cons_array2 = elina_lincons0_array_make(2);
cons_array2.p[0] = elina_lincons0_make(ELINA_CONS_SUPEQ, expr3, NULL);
cons_array2.p[1] = elina_lincons0_make(ELINA_CONS_SUPEQ, expr4, NULL);

elina_abstract0_meet_lincons_array(man, true, abs1, &cons_array1);
elina_abstract0_meet_lincons_array(man, true, abs2, &cons_array2);

elina_abstract0_join(man, true, abs1, abs2);

printf("Was exact: %d", elina_manager_get_flag_exact(man));

Best regards,
Tobias

Problems running elina_test_oct

Hi,
I've successfully installed ELINA, but when I try to run the octagon test with:

$ ./elina_oct/elina_test_oct

I get the following error message:

./elina_oct/elina_test_oct: error while loading shared libraries: libelinaux.so: cannot open shared object file: No such file or directory

So where is this mysterious libelinaux.so file? Thanks!

failed compilation of ocaml target

Make in ocaml_interface fails due to path to libraries not being correctly set.
ocamlopt.opt -g -I /home/monniaux/.opam/4.04.0/lib/gmp -I /home/monniaux/.opam/4.04.0/lib/apron -o mlexample.opt bigarray.cmxa gmp.cmxa apron.cmxa elina_poly.cmxa mlexample.ml
/usr/bin/ld: cannot find -lelina_poly_caml
/usr/bin/ld: cannot find -loptpoly
/usr/bin/ld: cannot find -lcamlidl
collect2: error: ld returned 1 exit status
File "caml_startup", line 1:
Error: Error during linking
Makefile:87: recipe for target 'mlexample.opt' failed

'sys/sysinfo.h' cannot be found on mac

This is after commit 28fc733

In file included from zonoml_internal.c:30:
./zonoml_internal.h:36:10: fatal error: 'sys/sysinfo.h' file not found
#include <sys/sysinfo.h>

segmentation fault: ./elina_test_poly 5 5

I tried ./elina_test_poly 5 5 and got
Testing Meet
..ELINA Input Polyhedra
array of constraints of size 4
0: x0 + 3 >= 0
1: x2 + 3 >= 0
2: x3 + 2x4 + 9 >= 0
3: 2x3 + x4 + 7 >= 0
array of constraints of size 4
0: x1 + 6 >= 0
1: x2 >= 0
2: x4 + 3 >= 0
3: 2x3 + x4 >= 0
ELINA Output Polyhedron
array of constraints of size 5
0: x4 + 3 >= 0
1: 2x3 + x4 >= 0
2: x2 >= 0
3: x0 + 3 >= 0
4: x1 + 6 >= 0
Testing Join
..ELINA Input Polyhedra
array of constraints of size 2
0: 2x0 + x1 + 2 >= 0
1: x3 + x4 + 3 >= 0
array of constraints of size 4
0: 2x0 + x1 + 4 >= 0
1: x2 + 4 >= 0
2: x3 >= 0
3: x3 + x4 + 3 >= 0
ELINA Output Polyhedron
array of constraints of size 2
0: x3 + x4 + 3 >= 0
1: 2x0 + x1 + 4 >= 0
Testing Assign
.ELINA Input Polyhedron
array of constraints of size 3
0: x0 + x1 = 0
1: x3 + 2x4 + 9 >= 0
2: 2x3 + x4 + 6 >= 0
Assignment statement
x4 = 2x0 + 5
ELINA Output Polyhedron
array of constraints of size 2
0: 2x0 - x4 + 5 = 0
1: -2x1 - x4 + 5 = 0

Testing Fold
.ELINA Input Polyhedron
array of constraints of size 3
0: x0 + 2x1 + 2 >= 0
1: x2 >= 0
2: x4 + 4 >= 0
Dimensions: 2 3

Then segmentation fault.

Segfault when assigning to a projected, added dimension using a linexpr.

I seem to have arrived at a rather specific corner-case of assignment-related segfaults:

#include "elina_linexpr0.h"
#include "opt_pk.h"
#include "opt_pk.h"

int main() {
  char* dim_names[] = { "x" };
  elina_manager_t* m = opt_pk_manager_alloc(false);

  opt_pk_array_t* p = opt_pk_top(m, 0, 0);

  elina_dimchange_t* dc = elina_dimchange_alloc(1, 0);
  dc->dim[0] = 1;
  opt_pk_add_dimensions(m, true, p, dc, true);

  elina_linexpr0_t* e = elina_linexpr0_alloc(ELINA_LINEXPR_SPARSE, 0);
  elina_linexpr0_set_cst_scalar_int(e, 23);

  elina_dim_t adim = 0;

  opt_pk_assign_linexpr_array(m, true, p, &adim, &e, 1, NULL);

  elina_lincons0_array_t lca = opt_pk_to_lincons_array(m, p);
  elina_lincons0_array_print(&lca, dim_names);

  elina_dimchange_free(dc);
  elina_lincons0_array_clear(&lca);
  elina_linexpr0_free(e);
  opt_pk_free(m, p);
  elina_manager_free(m);
}

The following rather specific conditions need to be true to trigger the segfault:

The dimension must have been added after creating the polyhedron (e.g. a polyhedron created as top initially with the dimension intact, and subsequently projected does not trigger the segfault).
The dimension must be projected (e.g. an unconstrained dimension does not trigger this segfault).
The assignment must be performed with a linexpr (e.g. using a texpr does not trigger this segfault).

It is possible that I have yet again neglected to initialize an important data structure, do let me know if that is the case.

Wrong CDD_PREFIX after ./configure --cdd-prefix

At these lines, -I/usr/local/include/cddlib assumes the location of cddlib.

ELINA/fppoly/Makefile

Line 36 in 2d1f00f

 INCLUDES = -I../elina_auxiliary -I../elina_linearize -I../elina_zonotope -I../partitions_api -I/usr/local/include/cddlib $(MPFR_INCLUDE_FLAG) $(GMP_INCLUDE_FLAG) 

ELINA/fppoly/Makefile

Line 39 in 2d1f00f

 INCLUDES = -I../apron_interface -I$(APRON_PREFIX)/include -I../elina_linearize -I../elina_zonotope -I../partitions_api -I/usr/local/include/cddlib $(MPFR_INCLUDE_FLAG) $(GMP_INCLUDE_FLAG) 

So even if I set it through ./configure --cdd-prefix, it does not include the correct location.

It should be -I$(CDD_PREFIX).

Question on a new release

Hello Gagan,

I am wondering if you have any plan on a new release on opam, e.g., version 1.1 . The official opam repository is pointing at http://files.sri.inf.ethz.ch/elina-1.0.tar.gz that was generated 3 months ago and I think there have been lots of changes including some bug fixes.

If you have a plan on a new release, I would be happy to make a PR to the main opam repository as I did at the first opam release.

Sincerely,
Sungkeun

error: ‘AP_SCALAR_MPFR’ undeclared (first use in this function); did you mean ‘ELINA_SCALAR_MPFR’?

Hey, while trying to install ELINA on my system, I'm constantly facing this issue on compiling using make. With the error message as follows:

make[1]: Entering directory '/home/sum/IRISA/ERAN/ELINA/elina_oct'
cc -c -Wcast-qual -Wswitch -Wall -Wextra -Wundef -Wcast-align -Wno-unused -U__STRICT_ANSI__ -fPIC -O3 -DNDEBUG -Werror-implicit-function-declaration -Wbad-function-cast -Wstrict-prototypes -Wno-strict-overflow -std=c99 -g -DNUM_LONGLONGRAT -DNUM_DOUBLE -DTHRESHOLD=0.75 -DTIMING -D_GNU_SOURCE -pthread -fno-tree-vectorize -m64 -march=native -ffp-contract=off -DVECTOR -I../ -I../elina_auxiliary -I../elina_linearize -I../partitions_api -o opt_oct_closure_comp_sparse.o opt_oct_closure_comp_sparse.c -L../partitions_api -lpartitions -L../elina_auxiliary -lelinaux -L../elina_linearize -lelinalinearize -lmpfr -lgmp -lm
In file included from opt_oct_hmat.h:31,
from opt_oct_closure_comp_sparse.h:28,
from opt_oct_closure_comp_sparse.c:22:
opt_oct_internal.h: In function ‘double_set_elina_scalar’:
opt_oct_internal.h:298:8: error: ‘AP_SCALAR_MPFR’ undeclared (first use in this function); did you mean ‘ELINA_SCALAR_MPFR’?
298 | case AP_SCALAR_MPFR:
| ^~~~~~~~~~~~~~
| ELINA_SCALAR_MPFR
opt_oct_internal.h:298:8: note: each undeclared identifier is reported only once for each function it appears in
make[1]: *** [Makefile:67: opt_oct_closure_comp_sparse.o] Error 1
make[1]: Leaving directory '/home/sum/IRISA/ERAN/ELINA/elina_oct'
make: *** [Makefile:47: c] Error 2

Please help asap!! Thanks in anticipation!

Floating point exception with zones

I'm using the zones domains from crab-llvm and I'm getting a division-by-zero error.
The code that triggers the error is in opt_zones_closure.c in function closure_comp_sparse at line 672:

...
		int nni = calculate_zones_comp_sparsity(oz,cl,dim);
		int comp_mat_size = comp_size*comp_size; 
		count = count + comp_mat_size - nni;
	    	double sparsity = 1- ((double)(nni/comp_mat_size));   <---- FP exception here
	    	if(sparsity < zone_sparse_threshold){
                ...
                }
....

comp_size is zero.
Is it possible for comp_size to be zero ?

	while((l < size) && (var==i)){
	ncmap[l] = k;
	l++;
	var = dim[l] + opk->dec;
	k++;
	}

	else {
	op = elina_generic_asssub_texpr_array(assign,man,destructive,oa,tdim,texpr,size,ob);
	}

	/* Minimize the result if option say so */
	array_comp_list_t * acl = op->acl;
	unsigned short int num_comp = acl->size;

eth-sri / elina Goto Github PK

elina's People

Contributors

Stargazers

Watchers

Forkers

elina's Issues

Recommend Projects

Recommend Topics

Recommend Org

Jobs