Code Prover warning 'Illegally dereferenced pointer'

5 Mayo 2021
1 Respuesta
Respuesta aceptada
Actualizado a las 6 Mayo 2021
4 Visualizaciones (30 días)

0 votos

While running the code prover i got same Orange warning on many places in the code. For example in the function,
void DD_XYZ_Init( uint32_t addr_mcs_crit_ctrl )
{
( ( *((uint32_t volatile *)((uint32_t)addr_tim_crit_ctrl + ( (uint32_t)((uint32_t)0xf0100000+0x00001024) - (uint32_t)((uint32_t)0xf0100000+0x00001024) ))) ) ) = 0;
}
The Warning that i got,
Illegally dereferenced pointer
Warning: pointer may be outside its bounds
Dereference of expression (pointer to volatile unsigned int 32, size: 32 bits):
Pointer may be null.
Points to 4 bytes at unknown offset in buffer of unknown size, so may be outside bounds.
Pointer may point to dynamically allocated memory.
My Question,
We have given proper range for ‘addr_tim_crit_ctrl’ in constraint specification file, but still getting the warning. What could be the reason?

2 comentarios
Mostrar Ninguno Ocultar Ninguno

Anirban
Anirban el 5 de Mayo de 2021
Can you state what you provided as constraint on addr_tim_crit_ctrl ? The input to the function seems to be addr_mcs_crit_ctrl . Is it a typo or is addr_tim_crit_ctrl actually different from addr_mcs_crit_ctrl?
Nideesh Madhu
Nideesh Madhu el 5 de Mayo de 2021
Sorry..it is a typo.. Function parameter is addr_tim_crit_ctrl and the range I have given is 0×F0130012 - 0×F0130014

Iniciar sesión para comentar.

Iniciar sesión para responder a esta pregunta.

 Respuesta aceptada

Anirban
Anirban el 6 de Mayo de 2021
Editada: Anirban el 6 de Mayo de 2021

0 votos

In your example, you are converting an integer to a pointer. These conversions have results that are implementation-dependent and in the most general case, the pointer might point to an address that is illegal to dereference. That is why Code Prover is showing an orange check.
Even if you constrain the integer to a range of addresses, since Code Prover has no knowledge of the size of your target and the memory layout, this constraint is not sufficient to determine that the addresses are valid and the dereference is ok.
If you are sure that the dereference is ok, you can justify this orange check. See Address Polyspace Results Through Bug Fixes or Justifications.

2 comentarios
Mostrar Ninguno Ocultar Ninguno

Nideesh Madhu
Nideesh Madhu el 6 de Mayo de 2021
Thanks for your reply..Is there any way to specify the size of the target and memory layout in code prover?
Anirban
Anirban el 6 de Mayo de 2021
As of now, there is no way to specify a memory layout. The most you can do is specify the sizes of fundamental data types, alignment, endianness and so on using the option Target processor type. If you contact MathWorks Technical Support, they might provide you specific solutions for your needs.

Iniciar sesión para comentar.

Más respuestas (0)

Categorías

Más información sobre Get Started with Polyspace Code Prover en Centro de ayuda y File Exchange.

Productos

Versión

R2019a

Etiquetas

Preguntada:

Nideesh Madhu
Nideesh Madhu
el 5 de Mayo de 2021

Comentada:

Anirban
Anirban
el 6 de Mayo de 2021

Community Treasure Hunt

Find the treasures in MATLAB Central and discover how the community can help you!

Start Hunting!

Translated by