Absolute address usage

Absolute address is assigned to pointer

Description

This check appears when an absolute address is assigned to a pointer.

By default, this check is green. The software assumes the following about the absolute address:

The address is valid.
The type of the pointer to which you assign the address determines the initial value stored in the address.
If you assign the address to an int* pointer, the memory zone that the address points to is initialized with an int value. The value can be anything allowed for the data type int.

To turn this check orange by default for each absolute address usage, use the command-line option -no-assumption-on-absolute-addresses.

Diagnosing This Check

Review and Fix Absolute Address Usage Checks

Examples

expand all

Reading content of absolute address

enum typeList {CHAR,INT,LONG};
enum typeList showType(void);
long int returnLong(void);

void main() {
    int *p = (int *)0x32; //Green absolute address usage
    enum typeList myType = showType();

    char x_char;
    int x_int;
    long int x_long;

    if(myType == CHAR)
        x_char = *p;
    else if(myType == INT)
        x_int = *p;
    else {
        x_long = *p;
        long int x2_long = returnLong();
    }
}

In this example, the option -no-assumption-on-absolute-addresses is not used. Therefore, the Absolute address usage check is green when the pointer p is assigned an absolute address.

Following this check, the verification assumes that the address is initialized with an int value. If you use x86_64 for Target processor type (-target) (sizeof(char) < sizeof(int) < sizeof(long int)), the assumption results in the following:

In the if(myType == CHAR) branch, an orange Overflow occurs because x_char cannot accommodate all values allowed for an int variable.
In the else if(myType == INT) branch, if you place your cursor on x_int in your verification results, the tooltip shows that x_int potentially has all values allowed for an int variable.
In the else branch, if you place your cursor on x_long, the tooltip shows that x_long potentially has all values allowed for an int variable. If you place your cursor on x2_long, the tooltip shows that x2_long potentially has all values allowed for a long int variable. The range of values that x2_long can take is wider than the values allowed for an int variable in the same target.

Arithmetic on pointers with absolute address

void main() {
    int *p = (int *)0x32;
    int x = *p;
    p++;
    x = *p;
}

In this example, the option -no-assumption-on-absolute-addresses is used. The Absolute address usage check is orange when the pointer p is assigned an absolute address.

Following this check:

Polyspace^® considers that p points to a valid memory location. Therefore the Illegally dereferenced pointer check on the following line is green.
In the next two lines, the pointer p is incremented and then dereferenced. In this case, an Illegally dereferenced pointer check appears on the dereference and not an Absolute address usage check even though p still points to an absolute address.

Check Information

Group: Static memory

Language: C | C++

Acronym: ABS_ADDR

Documentation