Value analysis: bad type conversion plus unassigned fields in a struct leads to crash
ID0001477: This issue was created automatically from Mantis Issue 1477. Further discussion may take place here.
| Id | Project | Category | View | Due Date | Updated |
|---|---|---|---|---|---|
| ID0001477 | Frama-C | Plug-in > Eva | public | 2013-09-04 | 2014-03-13 |
| Reporter | djs52 | Assigned To | yakobowski | Resolution | fixed |
| Priority | normal | Severity | crash | Reproducibility | always |
| Platform | - | OS | - | OS Version | - |
| Product Version | Frama-C Fluorine-20130601 | Target Version | - | Fixed in Version | Frama-C Neon-20140301 |
Description :
The attached code crashes value analysis for me (with frama-c -val testcase.c):
[kernel] preprocessing with "gcc -C -E -I. testcase.c" [value] Analyzing a complete application starting at main [value] Computing initial state testcase.c:3:[kernel] warning: overflow in conversion of - 1.0f (-1.) from floating-point to integer. assert -1 < -1.0f < 256; [kernel] Current source was: testcase.c:3 The full backtrace is: Called from file "src/value/initial_state.ml", line 498, characters 14-70 Called from file "list.ml", line 74, characters 24-34 Called from file "src/value/initial_state.ml", line 461, characters 10-1023 Called from file "src/value/initial_state.ml", line 590, characters 20-70 Called from file "list.ml", line 69, characters 12-15 Called from file "src/value/initial_state.ml", line 565, characters 6-1023 Called from file "src/value/initial_state.ml", line 617, characters 13-23 Called from file "src/project/state_builder.ml", line 394, characters 17-21 Called from file "src/value/eval_funs.ml", line 313, characters 14-39 Called from file "src/value/eval_funs.ml", line 564, characters 11-40 Re-raised at file "src/value/eval_funs.ml", line 580, characters 47-50 Called from file "src/project/state_builder.ml", line 839, characters 9-13 Re-raised at file "src/project/state_builder.ml", line 847, characters 15-18 Called from file "src/value/register.ml", line 46, characters 4-24 Called from file "queue.ml", line 134, characters 6-20 Called from file "src/kernel/boot.ml", line 37, characters 4-20 Called from file "src/kernel/cmdline.ml", line 732, characters 2-9 Called from file "src/kernel/cmdline.ml", line 212, characters 4-8
Unexpected error (File "src/memory_state/lmap.ml", line 289, characters 18-24: Assertion failed).
Please report as 'crash' at http://bts.frama-c.com/.
Your Frama-C version is Fluorine-20130601.
Note that a version and a backtrace alone often do not contain enough
information to understand the bug. Guidelines for reporting bugs are at:
http://bts.frama-c.com/dokuwiki/doku.php?id=mantis:frama-c:bug_reporting_guidelines