Frama-C-discuss mailing list archives

This page gathers the archives of the old Frama-C-discuss archives, that was hosted by Inria's gforge before its demise at the end of 2020. To search for mails newer than September 2020, please visit the page of the new mailing list on Renater.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Frama-c-discuss] Named behavior, proof obligations and ACSL annotations: the string comparisonexample

Sorry I made a mistake for the second one, that becomes:

(\forall integer k ; 0 < k <= (\at(nbBytes, Pre) - nbBytes) ==> (*(pString1-k) == *(pString2-k)))

I manage to verify the first one, that is to say:

  @ && (\forall integer k ; 0 <= k < (\at(nbBytes, Pre) - nbBytes) ==> (*(\at(pString1, Pre)+k) == *(\at(pString2, Pre)+k))) 

The initialization of this invariant is verified by Alt-Ergo, Simplify and Yices.
The preservation of this invariant is verified by Yices only.

But, the preservation of the second one can not be verified.
Since they are equivalent, I only keep the firs one in my annotations.

--
Thomas


-----Message d'origine-----
De : frama-c-discuss-bounces at lists.gforge.inria.fr [mailto:frama-c-discuss-bounces at lists.gforge.inria.fr] De la part de David MENTRE
Envoy? : jeudi 26 mars 2009 18:24
? : Frama-C public discussion
Objet : Re: [Frama-c-discuss] Named behavior,proof obligations and ACSL annotations: the string comparisonexample

Hellom

On Thu, Mar 26, 2009 at 16:59, PAREAUD, Thomas
<Thomas.PAREAUD at astrium.eads.net> wrote:
> Is the 3) point is equivalent to add the predicate below in the loop invariant declaration?
>
> loop invariant
> ? ? ?[...]
> ? && \forall integer k ; 0 <= k < (\at(nbBytes, Pre) - nbBytes) ==> (*(\at(pString1, Pre)+k) == *(\at(pString2, Pre)+k));
>
> This line is equivalent to the following one:
>
> \forall integer k ; 0 <= k < (\at(nbBytes, Pre) - nbBytes) ==> (*(pString1-k) == *(pString2-k));

Are you able to prove the preservation part of these two loop
invariants? It fails with Alt-Ergo.

Yours,
d.

_______________________________________________
Frama-c-discuss mailing list
Frama-c-discuss at lists.gforge.inria.fr
http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/frama-c-discuss

Ce courriel (incluant ses eventuelles pieces jointes) peut contenir des informations confidentielles et/ou protegees ou dont la diffusion est restreinte. Si vous avez recu ce courriel par erreur, vous ne devez ni le copier, ni l'utiliser, ni en divulguer le contenu a quiconque. Merci d'en avertir immediatement l'expediteur et d'effacer ce courriel de votre systeme. Astrium decline toute responsabilite en cas de corruption par virus, d'alteration ou de falsification de ce courriel lors de sa transmission par voie electronique.
This email (including any attachments) may contain confidential and/or privileged information or information otherwise protected from disclosure. If you are not the intended recipient, please notify the sender immediately, do not copy this message or any attachments and do not use it for any purpose or disclose its content to any person, but delete this message and any attachments from your system. Astrium disclaims any and all liability if this email transmission was virus corrupted, altered or falsified. 
---------------------------------------------------------------------
Astrium SAS (393 341 516 RCS Paris) - Siege social: 6 rue Laurent Pichat, 75016 Paris, France