Cil wrongly authorizes references to local variables in static arrays
ID0000892: This issue was created automatically from Mantis Issue 892. Further discussion may take place here.
| Id | Project | Category | View | Due Date | Updated |
|---|---|---|---|---|---|
| ID0000892 | Frama-C | Kernel | public | 2011-07-26 | 2014-02-12 |
| Reporter | yakobowski | Assigned To | monate | Resolution | fixed |
| Priority | normal | Severity | crash | Reproducibility | always |
| Platform | - | OS | - | OS Version | - |
| Product Version | Frama-C Carbon-20110201 | Target Version | - | Fixed in Version | Frama-C Nitrogen-20111001 |
Description :
frama-c -check crashes on the following code.
int tab[16];
void* main(void) { int i;
static const int* t[] = { &tab[1], &tab[3], &tab[4], &i };
return &t; }
Declaring t as static causes Cil to lift the array to the global scope of the module, but this is incorrect because of &i. I think the program is incorrect in the first place, but Cil should reject it, instead of silently producing a wrong AST.