Frama-C Bug Tracking System - Frama-C
View Issue Details
0002416Frama-CPlug-in > E-ACSLpublic2018-12-11 18:202018-12-11 19:42
rmalak 
signoles 
normalminoralways
acknowledgedopen 
x86_64Linux 4.18 Ocaml 4.07.0Debian Sid
Frama-C 18-Argon 
 
0002416: missing E-ACSL code, control flow graph, function pointer
Hi,

Is there a workaround for the function pointer limitation

//////////////// cfg.c
void func(void)
{
  int i = 0 ;
  int *ptr = &i;
  /*@ assert \valid(ptr); */
  *ptr = 0 ;
}

int main(int argc, char **argv)
{
  void (*ptr_func)(void) = &func;
  (*ptr_func)();
  return 0;
}
////////////////
$ frama-c -machdep gcc_x86_64 cfg.c -e-acsl -then-last -print -ocode cfg.e-acsl.c
[kernel] Parsing FRAMAC_SHARE/e-acsl/e_acsl_gmp_api.h (with preprocessing)
[kernel] Parsing FRAMAC_SHARE/e-acsl/e_acsl.h (with preprocessing)
[kernel] Parsing cfg.c (with preprocessing)
[e-acsl] beginning translation.
[e-acsl] cfg.c:12: Warning:
  function pointers may introduce too limited instrumentation.
[e-acsl] translation done in project "e-acsl".

$ gcc -DE_ACSL_SEGMENT_MMODEL -Wno-attributes -I$(frama-c -print-share-path)/e-acsl/ -o cfg.e-acsl cfg.e-acsl.c $(frama-c -print-share-path)/e-acsl/e_acsl_rtl.c $(frama-c -print-share-path)/../../lib/libeacsl-dlmalloc.a $(frama-c -print-share-path)/../../lib/libeacsl-gmp.a -lm

$ ./cfg.e-acsl
Assertion failed at line 5 in function func.
The failing predicate is:
\valid(ptr).
Aborted
I would like to find a solution that do not involve :

- the use of EVA

OR

- modifying the code
No tags attached.
Issue History
2018-12-11 18:20rmalakNew Issue
2018-12-11 18:20rmalakStatusnew => assigned
2018-12-11 18:20rmalakAssigned To => signoles
2018-12-11 19:28signolesNote Added: 0006695
2018-12-11 19:30signolesStatusassigned => acknowledged
2018-12-11 19:40rmalakNote Added: 0006696
2018-12-11 19:42signolesNote Added: 0006697

Notes
(0006695)
signoles   
2018-12-11 19:28   
Yes, you should use the option -e-acsl-full-mmodel (at the price of a slower generated code).
(0006696)
rmalak   
2018-12-11 19:40   
Thanks !

Maybe at some point, I will start to understand that each time I have a question about missing E-ACSL annotation, I should first try this magic option !

And it was written in the manual : "systematically instrument the code for handling potential memory-related annotations even when it is not required"
(0006697)
signoles   
2018-12-11 19:42   
Indeed, this option is most of the time necessary for dealing with large/complex pieces of code (for the time being).