Frama-C-discuss mailing list archives
This page gathers the archives of the old Frama-C-discuss archives, that was hosted by Inria's gforge before its demise at the end of 2020. To search for mails newer than September 2020, please visit the page of the new mailing list on Renater.
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Frama-c-discuss] Following execution through function pointer
- Subject: [Frama-c-discuss] Following execution through function pointer
- From: pascal.cuoq at gmail.com (Pascal Cuoq)
- Date: Fri, 14 Dec 2012 08:58:08 +0100
- In-reply-to: <20121214084800.3aac4022@gavalla>
- References: <1355455986.9200.11.camel@linuxFront> <20121214084800.3aac4022@gavalla>
> If you intend to use a plugin that do not support function
> pointers, I'd suggest that you take advantage of the information
> computed by Value Analysis in order to generate the possible cases,
> instead of an external pre-processor. In the easiest case, where each
> function pointer points to a unique function, you just have to call the
> semantic constant folding plug-in to get rid of them.
This looks like this. Original:
int printf(const char *f, ...);
void func1(void)
{
printf("boo!");
}
void func2(void)
{
printf("bah");
}
int main() {
void (*myFunc)();
myFunc = &func1;
if (myFunc == &func1) { func1();} else
if (myFunc == &func2) { func2();} else
{ printf("unhappiness\n"); exit(0); }
myFunc = &func2;
if (myFunc == &func1) { func1();} else
if (myFunc == &func2) { func2();} else
{ printf("unhappiness\n"); exit(0); }
}
$ frama-c -scf t.c
/* Generated by Frama-C */
/*@ assigns \at(\result,Post) \from *f; */
extern int printf(char const *f , ...);
void func1(void)
{
printf("boo!");
return;
}
void func2(void)
{
printf("bah");
return;
}
extern int ( /* missing proto */ exit)(int x_0);
int main(void)
{
int __retres;
void (*myFunc)();
myFunc = (void (*)())(& func1);
if (1) { func1(); }
else {
if (myFunc == & func2) { func2(); }
else {
printf("unhappiness\n");
exit(0); }
}
myFunc = (void (*)())(& func2);
if (0) { func1(); }
else {
if (1) { func2(); }
else {
printf("unhappiness\n");
exit(0); } }
__retres = 0;
return (__retres);
}
The value of variable myFunc has not been replaced inside the if
conditions that were unreachable. Hopefully that won't be an issue.
- References:
- [Frama-c-discuss] Following execution through function pointer
- From: dchapiesky2 at gmail.com (daniel)
- [Frama-c-discuss] Following execution through function pointer
- From: virgile.prevosto at m4x.org (Virgile Prevosto)
- [Frama-c-discuss] Following execution through function pointer
- Prev by Date: [Frama-c-discuss] Following execution through function pointer
- Next by Date: [Frama-c-discuss] Which version of Frama-C/Why to use PVS ? (Jessie or WP)
- Previous by thread: [Frama-c-discuss] Following execution through function pointer
- Next by thread: [Frama-c-discuss] Following execution through function pointer
- Index(es):