Passing multi-dimensional arrays via reference fails
ID0001093: This issue was created automatically from Mantis Issue 1093. Further discussion may take place here.
| Id | Project | Category | View | Due Date | Updated |
|---|---|---|---|---|---|
| ID0001093 | Frama-C | Plug-in > jessie | public | 2012-02-13 | 2012-02-14 |
| Reporter | flecsim | Assigned To | cmarche | Resolution | open |
| Priority | normal | Severity | crash | Reproducibility | always |
| Platform | - | OS | - | OS Version | - |
| Product Version | Frama-C Nitrogen-20111001 | Target Version | - | Fixed in Version | - |
Description :
Starting from the simple function
#define MAX_SIZE_X 10 typedef int AnArray[MAX_SIZE_X];
void FillArray(AnArray *paTarget, int Value) { int x = 0;
for (x = 0; x < MAX_SIZE_X; x++)
{
(*paTarget)[x] = Value;
}}
the code above is accepted by Jessie and can be verified (annotations removed for brevity here), but as AnArray is extended to two or more dimensions (typedef int AnArray[MAX_SIZE_X][MAX_SIZE_Y]...) - and the filling loops adapted to match - jessie crashes on loading the source file.
Additional Information :
Tested with Frama-C/Nitrogen, why-2.30 and why3-0.71 compiled in cygwin. Loading the code samples in "regular" Frama-C GUI or using WP plug-in does not cause a crash. I actually encountered this when analyzing the tree-dimensional case (parallelized matrix operations); this is the smallest form i found which shows the problem. More variants can be created, e.g. by moving one array dimension from the typedef into the actual argument (AnArray *paTarget[MAX_SIZE_X], int Value). Attached file contains four C sources to demonstrate the problem (to be split at the comment boxes), accompanied by their stacktraces.