Frama-C-discuss mailing list archives
This page gathers the archives of the old Frama-C-discuss archives, that was hosted by Inria's gforge before its demise at the end of 2020. To search for mails newer than September 2020, please visit the page of the new mailing list on Renater.
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Frama-c-discuss] Feature or bug?
- Subject: [Frama-c-discuss] Feature or bug?
- From: guillaume.melquiond at inria.fr (Guillaume Melquiond)
- Date: Thu, 05 Nov 2009 20:47:53 +0100
- In-reply-to: <42152DCA-6856-46A4-A072-F564021DF6DD@first.fraunhofer.de>
- References: <42152DCA-6856-46A4-A072-F564021DF6DD@first.fraunhofer.de>
Jens Gerlach a ?crit :
> However, all provers "proof" that for the second case the precondition
> is fulfilled (see below).
> Is this behaviour of Jessie intended?
Yes. If you check which property is being sent to the provers on the
right panel of Jessie/Why, you will notice that 0 <= -1 is part of the
hypotheses. So it is fortunate that all the provers are able to prove 0
<= -1, given this hypothesis.
Now, why is this false hypothesis part of the context? Because all
previous preconditions and postconditions are assumed to be true when
proving subsequent properties. In other words, it behaves as if you had
written:
void bar()
{
//@ assert 0 <= -1;
foo(-2);
}
Regards,
Guillaume
- Follow-Ups:
- [Frama-c-discuss] Res: Feature or bug?
- From: joao_paulo_c at yahoo.com (João Paulo Carvalho)
- [Frama-c-discuss] Res: Feature or bug?
- References:
- [Frama-c-discuss] Feature or bug?
- From: jens.gerlach at first.fraunhofer.de (Jens Gerlach)
- [Frama-c-discuss] Feature or bug?
- Prev by Date: [Frama-c-discuss] Feature or bug?
- Next by Date: [Frama-c-discuss] ask for slicing spec
- Previous by thread: [Frama-c-discuss] Feature or bug?
- Next by thread: [Frama-c-discuss] Res: Feature or bug?
- Index(es):