0

I am trying to check the add value in " temp = (volatile unsigned short*) add " through the temp variable in the following example:

main() {
    unsigned short add = 0x01;
    unsigned short val = 0x00;
    unsigned short *temp;
    temp = (volatile unsigned short*) add;
    *temp = val;
    //@ assert &temp == (unsigned short) 0x01;
}

But I got this error at line "//@ assert &temp == (unsigned short) 0x01;"

[kernel] user error: incompatible types unsigned short and unsigned short **
[kernel] user error: stopping on file "test_func_call.c" that has errors. Add '-kernel-msg-key pp'for preprocessing command.

I know it may be all about C, but I use Frama-C's tag as well. Hope that I can receive the answer on checking the add value by Frama-C.

Thuy Nguyen
  • 353
  • 2
  • 10
  • The address 0x01 is most likely not valid. What are you trying to accomplish by doing this? – dbush Feb 22 '19 at 14:26
  • Yes, you're right. 0x01 is just a dummy value I use in this example. I'm trying to verify for an embedded program. So the value will be different. – Thuy Nguyen Feb 22 '19 at 14:29
  • Any reason you'd expect the address of `temp` to be `0x01`? – Christian Gibbons Feb 22 '19 at 16:07
  • Actually, I am trying to get the add value through the temp variable. Take &temp is one of my attempts. I do not have clear reason for that. It's just a trial. As the error message, I know that &temp is not the right way to get the value of add variable. – Thuy Nguyen Feb 23 '19 at 05:37
  • From your comment, I infer you wanted `//@assert add == 0x01;`, but probably that assertion got status Invalid and then you tried something else? If so, the way to deal with hardware-mapped registers in Frama-C is to use option `-absolute-valid-range`. – anol Feb 25 '19 at 08:16
  • 1
    I'm afraid there are too many very unclear things in your code snippet for us to provide an accurate answer. First, if `add` is an address, it should not be declared as `unsigned short`, but either as `uintptr_t` or directly as `unsigned short *` (with the initializer being `(unsigned short *)0x01`). Second, why do you have a `volatile` in your cast of `add` as address? Third, the assertion really does not make any sense from a typing point of view. You can compare `temp` with `(unsigned short *)` values, or `*temp` with `(unsigned short)` values, or `&temp` with `(unsigned short **)` values. – Virgile Feb 25 '19 at 08:21
  • @Virgile: First, actually, in my code, temp is the address, add is just an unsigned short value. Sorry for confusing variable names. Second, I add "volatile" to show the invariants in source code as I think it will be a valid statement with/ without "volatile". Third, yes, you're right. "Comparing temp with (unsigned short *) 0x01" is the answer to my question. If you don't mind, please write it in the answer section so that I can accept it. – Thuy Nguyen Feb 25 '19 at 17:55
  • @ThuyNguyen Well, I can write an answer if you wish so, but the one of user3629249 below seems already pretty accurate. You can accept it instead. – Virgile Feb 26 '19 at 07:37

1 Answers1

1

regarding: 

assert &temp == (unsigned short) 0x01;

This is trying to compare the address of temp (which is on the stack) with some address (other than that location on the stack). Naturally, the assert() is triggered

The correct way to access the contents of a specific address in memory is:

temp =  *(unsigned short *) 0x01;
user3629249
  • 16,402
  • 1
  • 16
  • 17
  • I think you're right. But I can not accept your answer as the answer to this question. Because what I am looking for is the right way to get the add value through the temp variable. – Thuy Nguyen Feb 23 '19 at 05:39
  • then you should have specified that goal in the question. – user3629249 Feb 23 '19 at 20:38
  • @user3629249 I think your answer might be clearer if you make your second code snippet an assertion like the first one (`assert temp == *(unsigned short *)0x01;`) rather than an assignment. – Virgile Feb 26 '19 at 07:38