Frama-C Bug Tracking System - Frama-C
View Issue Details
0001000Frama-CPlug-in > Evapublic2011-10-25 16:262014-02-12 16:54
Reporteryakobowski 
Assigned Toyakobowski 
PrioritynormalSeveritycrashReproducibilityunable to reproduce
StatusclosedResolutionfixed 
PlatformOSOS Version
Product VersionFrama-C Nitrogen-20111001 
Target VersionFixed in VersionFrama-C Oxygen-20120901 
Summary0001000: Evaluation in the logic can cause crashes
DescriptionEvaluation in the logic sometimes causes the warning "using size of void". Worse, this can lead to crashes, as e.g. do_cast raises assert false when it encounters something of type void.

It is not clear how one goes from something that has type void* to something that has type void, but this definitely happens.
Steps To ReproduceThis example can be used to cause the apparition of the warning

frama-c -val -then -print

void main (int i) {
  int x=1;
  while(1)
    Frama_C_memcpy((void *)&x, (void const*)&x, i);
}

The generated assertion cast the pointer to void*, then does arithmetic on it. This is incorrect.
TagsNo tags attached.
Attached Files

There are no notes attached to this issue.

Issue History
2011-10-25 16:26yakobowskiNew Issue
2011-10-25 16:26yakobowskiStatusnew => assigned
2011-10-25 16:26yakobowskiAssigned To => yakobowski
2011-10-25 16:42yakobowskiSteps to Reproduce Updated
2011-10-26 11:25yakobowskiView Statusprivate => public
2011-10-26 11:26svn
2011-10-26 11:26yakobowskiStatusassigned => resolved
2011-10-26 11:26yakobowskiResolutionopen => fixed
2012-09-19 17:15signolesFixed in Version => Frama-C Oxygen-20120901
2012-09-19 17:16signolesStatusresolved => closed
2013-12-19 01:12yakobowskiSource_changeset_attached => framac master 2d4e46c3
2014-02-12 16:54yakobowskiSource_changeset_attached => framac stable/neon 2d4e46c3
2018-01-12 14:26signolesCategoryPlug-in > value analysis => Plug-in > Eva