Frama-C-discuss mailing list archives

This page gathers the archives of the old Frama-C-discuss archives, that was hosted by Inria's gforge before its demise at the end of 2020. To search for mails newer than September 2020, please visit the page of the new mailing list on Renater.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Frama-c-discuss] Using Frama-C as Caduceus

Wow, thanks! It really seems to work. But I'm not sure I got the idea in its
entirety. Do you mean that Jessie restricts "a" and "b" to be in the same
block just when it comes across any order relation between these pointers?
So, for example, if I want these pointers to be in the same block, but don't
want to specify any restriction (so that pointers can overlap and all that),
I'll just need to write something like "requires (a == b) || (a < b) || (a >
b)", right?

- Dmitry

2009/11/24 Claude Marche <Claude.Marche at inria.fr>

>
> The reason is that swap is first interpreted as if a and b were in
> different block, whereas you call it on pointers to the same block.
> A work around is to add a precondition that restrict a and b to be in
> the same block, and anyway you need something to specify that they do
> not overlap, e.g
>
> requires (a==b) || (a + size <= b) || (b + size <= a);
>
>
> - Claude
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.gforge.inria.fr/pipermail/frama-c-discuss/attachments/20091129/a33a6fcd/attachment.htm