module Alarms:sig..end
Alarms Database.
type
| |
Signed |
| |
Unsigned |
| |
Signed_downcast |
| |
Unsigned_downcast |
| |
Pointer_downcast |
Only signed overflows and pointer downcasts are really RTEs. The other kinds may be meaningful nevertheless.
type
| |
For_reading |
| |
For_writing |
type
| |
Lower_bound |
| |
Upper_bound |
type
| |
Division_by_zero of |
|||
| |
Memory_access of |
|||
| |
Index_out_of_bound of |
(* |
| *) |
| |
Invalid_pointer of |
|||
| |
Invalid_shift of |
(* | strict upper bound, if any | *) |
| |
Pointer_comparison of |
(* | First parameter is | *) |
| |
Differing_blocks of |
(* | The two expressions (which evaluate to pointers) must point to the same allocated block | *) |
| |
Overflow of |
(* | Integer parameters is the bound | *) |
| |
Float_to_int of |
(* | Integer parameter is the bound for the integer type. The actual alarm
is | *) |
| |
Not_separated of |
(* | the two lvalues must be separated | *) |
| |
Overlap of |
(* | overlapping read/write: the two lvalues must be separated or equal | *) |
| |
Uninitialized of |
|||
| |
Dangling of |
|||
| |
Is_nan_or_infinite of |
|||
| |
Is_nan of |
|||
| |
Function_pointer of |
(* | the type of the pointer is compatible with the type of the pointed function (first argument). The second argument is the list of the arguments of the call. | *) |
| |
Uninitialized_union of |
|||
| |
Invalid_bool of |
(* | Trap representation of a _Bool variable. | *) |
include Datatype.S_with_collections
val self : State.t
val register : Emitter.t ->
?kf:Cil_types.kernel_function ->
Cil_types.kinstr ->
?loc:Cil_types.location ->
?status:Property_status.emitted_status ->
alarm -> Cil_types.code_annotation * boolRegister the given alarm on the given statement. By default, no status is
emitted. kf must be given only if the kinstr is a statement, and
must be the function enclosing this statement.
kf, loc and
save; also returns the corresponding code_annotationAlarms.to_annot instead.val to_annot : Cil_types.kinstr ->
?loc:Cil_types.location -> alarm -> Cil_types.code_annotation * boolConversion of an alarm to a code_annotation, without any registration.
The returned boolean indicates that the alarm has not been registered
in the kernel yet.
val iter : (Emitter.t ->
Cil_types.kernel_function ->
Cil_types.stmt ->
rank:int -> alarm -> Cil_types.code_annotation -> unit) ->
unitIterator over all alarms and the associated annotations at some program point.
val fold : (Emitter.t ->
Cil_types.kernel_function ->
Cil_types.stmt ->
rank:int -> alarm -> Cil_types.code_annotation -> 'a -> 'a) ->
'a -> 'aFolder over all alarms and the associated annotations at some program point.
val find : Cil_types.code_annotation -> alarm optionval remove : ?filter:(alarm -> bool) ->
?kinstr:Cil_types.kinstr -> Emitter.t -> unitRemove the alarms and the associated annotations emitted by the given
emitter. If kinstr is specified, remove only the ones associated with this
kinstr. If filter is specified, remove only the alarms a such that
filter a is true.
val create_predicate : ?loc:Cil_types.location -> t -> Cil_types.predicateGenerate the predicate corresponding to a given alarm.
val get_name : t -> stringShort name of the alarm, used to prefix the assertion in the AST.
val get_short_name : t -> stringEven shorter name. Similar alarms (e.g. signed overflow vs. unsigned overflow) are aggregated.
val get_description : t -> stringLong description of the alarm, explaining the UB it guards against.