2021-01-22 20:59 CET
  

View Issue Details Jump to Notes ] Issue History ] Print ]
IDProjectCategoryView StatusDate SubmittedLast Update
0000523Frama-CPlug-in > jessiepublic2010-06-28 19:102010-12-18 11:19
ReporterJochen 
Assigned Tocmarche 
PrioritynormalSeveritycrashReproducibilityalways
StatusclosedResolutionfixed 
Product VersionFrama-C Boron-20100401 
Target VersionFixed in VersionFrama-C Carbon-20101202-beta2 
Summary0000523: struct-type expression in loop-assigns causes crash
DescriptionWhen running the attached program, Jessie asked me to report a crash:

liveness_test.c:75:[jessie] failure: Unexpected failure.
                  Please submit bug report (Ref. "interp.ml:994:8").
[kernel] The full backtrace is:
         Raised at file "src/kernel/log.ml", line 506, characters 30-31
         Called from file "src/kernel/log.ml", line 500, characters 2-9
         Re-raised at file "src/kernel/log.ml", line 503, characters 8-9
         Called from file "src/lib/type.ml", line 746, characters 40-45
         Called from file "queue.ml", line 134, characters 6-20
         Called from file "src/kernel/boot.ml", line 50, characters 4-20
         Called from file "src/kernel/cmdline.ml", line 170, characters 4-8
         
         Plug-in jessie aborted because of an internal error.
         Please report as 'crash' at http://bts.frama-c.com

It seems to be caused by the struct-type expression "hist[t]" in the loop-assigns clause in line 75. When I provide each struct-field by its own (see line 82; you can switch between both versions using the "#define" in line 3), Jessie works without problems.
TagsNo tags attached.
Attached Files
  • c file icon liveness_test.c (1,730 bytes) 2010-06-28 19:10 - 
    // uncomment to demonstrate crash:
#define loopAssignsStruct

typedef int timeT;
typedef int speedT;
typedef int bool;

#define true		((bool)1)
#define false		((bool)0)

#define endOfTime	0x000fffff



/*@ ensures *sp < \old(*sp);
    assigns \nothing;
    //assigns *sp;
*/
extern void doBrake(speedT *sp);



/*@ ensures \result == true || \result == false;
    assigns \nothing;
*/
extern bool boolSensorValue(void);


/*@ 
    requires \valid(emState);
    requires \valid(sp);
    assigns *emState;
    ensures emButton ==> *emState;
    ensures !emButton && *sp == 0 ==> !*emState;
*/
void handleEmergency(
    bool emButton,
    bool *emState,
    speedT *sp)
{
    if (emButton) {
	*emState = true;
    } else if (*sp == 0) {
	*emState = false;
    }
    if (*emState)
	doBrake(sp);
}


struct _state {
    speedT speed;
    bool emState;
    bool emButton;
};

struct _state hist[endOfTime];

/*@ ensures \forall timeT t1; hist[t1].emButton
	==> \exists timeT t2; t2 >= t1 && hist[t2].speed == 0;
*/
void main(void)
{
    timeT t;
    speedT speed;
    bool emState;
    bool emButton;

    emState = false;
#ifdef loopAssignsStruct
    /*@ loop variant endOfTime - t;
	loop invariant 0 <= t <= endOfTime;
	loop invariant emButton ==> emState;
	loop assigns emButton,emState,speed,hist[t];
    */
#else
    /*@ loop variant endOfTime - t;
	loop invariant 0 <= t <= endOfTime;
	loop invariant emButton ==> emState;
	loop assigns emButton,emState,speed,
	     hist[t].speed,hist[t].emState,hist[t].emButton;
    */
#endif
    for (t=0; t<endOfTime; ++t) {
	emButton = boolSensorValue();
	handleEmergency(emButton,&emState,&speed);
	hist[t].speed = speed;
	hist[t].emState = emState;
	hist[t].emButton = emButton;
    }
}
    c file icon liveness_test.c (1,730 bytes) 2010-06-28 19:10 +

-Relationships
+Relationships

-Notes

~0001318

cmarche (developer)

2010-12-16 17:18
Why 2.28 now outputs a better message.
+Notes

-Issue History
Date Modified Username Field Change
2010-06-28 19:10 Jochen New Issue
2010-06-28 19:10 Jochen Status new => assigned
2010-06-28 19:10 Jochen Assigned To => cmarche
2010-06-28 19:10 Jochen File Added: liveness_test.c
2010-12-16 17:18 cmarche Note Added: 0001318
2010-12-16 17:18 cmarche Status assigned => resolved
2010-12-16 17:18 cmarche Resolution open => fixed
2010-12-18 11:18 signoles Fixed in Version => Frama-C Carbon-20101202-beta2
2010-12-18 11:19 signoles Status resolved => closed
+Issue History