MATLAB: Does PolySpace 5.1.1 (R2008a) not warn about possible overflows or underflows when global variables are used

nflovflPolyspace Client for C/C++

I have the following C code. When I run a PolySpace verification, the code that is mentioned in the comments is marked green and I don't receive a warning about possible problems.

unsigned int uintGlobalA, uintGlobalB;
int intGlobalC;
int main () {
    // Subtraction marked with a green check, no warning
    // about possible underflow.
    if ((uintGlobalA - uintGlobalB) < uintGlobalC) {
      //...
    }
    // Addition marked with a green check, no warning
    // about possible overflow.
    if ((uintGlobalA + uintGlobalB) < uintGlobalC) {
      //...
    }
}

Best Answer

This behavior is caused by the fact that the ANSI C90 standard specifies that the value of non-initialized global variables equals zero when a main() function is present.

To change this behavior you can use the following Main Generator option as mentioned in the PolySpace Products for C User's Guide:

 -main-generator-writes-variables

Also, in order for the Main Generator to be able to create a new temporary main(), you will need to set the option "Target/Compilation -> Defined preprocessor Macros" (-D) to, for example,

 main=my_main.

This will allow the global variables to be tested with the full range of possible values.

Related Solutions

MATLAB: Does PolySpace 5.1.1 (R2008a) show a red non-terminating loop (NTL) check in the code

The red NTL check is caused by the red underflow check (UNFL) within the loop. Correcting the code that causes the UNFL check or removing the option "-detect-unsigned-overflows" will cause the NTL check to disappear.

MATLAB: Do I receive a red check or when using -allow-ptr-arith-on-struct option an orange in PolySpace Client for C/C++ 4.2 (R2008a)

Although the ANSI C compliance documentation states that:

 [Fields inside a structure] have addresses that increase in the order in which they are declared.

It also states the following:

 According to the ANSI C standard, pointer arithmetic is to be independent of the size of the object to which the pointer points.

However, in this particular case, the pointer arithmetic is defined for a structure of all CHARs (one byte long), assuming no padding.

In the case where manual editing of the code is possible (as opposed to the current situation involving a code generator), it might be possible to use the DEFINE preprocessor directive and replace the structure with an array as follows:

#define destValue tab[0]
#define srcValue tab[1]

However, in the given situation, the code is not MISRA compliant, since it violates the following compliance rules:

 17.1 (required) : Pointer arithmetic shall only be applied to pointers that address an array or array element.
 17.4 (required) : Array indexing shall be the only allowed form of pointer arithmetic.

Therefore, the only solution to this issue is to use the "-allow-ptr-arith-on-struct" option and treat the orange as safe.

Best Answer

Related Solutions

MATLAB: Does PolySpace 5.1.1 (R2008a) show a red non-terminating loop (NTL) check in the code

MATLAB: Do I receive a red check or when using -allow-ptr​-arith-on-​struct option an orange in PolySpace Client for C/C++ 4.2 (R2008a)

Related Question

MATLAB: Do I receive a red check or when using -allow-ptr-arith-on-struct option an orange in PolySpace Client for C/C++ 4.2 (R2008a)