Frama-C-discuss mailing list archives
This page gathers the archives of the old Frama-C-discuss archives, that was hosted by Inria's gforge before its demise at the end of 2020. To search for mails newer than September 2020, please visit the page of the new mailing list on Renater.
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Frama-c-discuss] How to make sure the loop invariant or loop assign is complete/sufficient for proving those post-conditions?
- Subject: [Frama-c-discuss] How to make sure the loop invariant or loop assign is complete/sufficient for proving those post-conditions?
- From: abiao.yang at gmail.com (David Yang)
- Date: Fri, 15 Nov 2013 14:09:29 +0000
Dear all, As we known, in order to prove the post-conditions of a function with loop we need to provide loop invariant. But I am not very clear on : 1. How many or on what extent should the loop invariant provided? 2. How can we make sure that the provided loop invariant is enough for the verification? 3. What is the main different between loop invariant and loop assign? since sometimes only provide loop assign is enough for proving some post-conditions. Thank you very much. Regards, -david
- Follow-Ups:
- [Frama-c-discuss] How to make sure the loop invariant or loop assign is complete/sufficient for proving those post-conditions?
- From: dmentre at linux-france.org (David MENTRE)
- [Frama-c-discuss] How to make sure the loop invariant or loop assign is complete/sufficient for proving those post-conditions?
- Prev by Date: [Frama-c-discuss] 3rd Workshop on Theorem Proving in Certification
- Next by Date: [Frama-c-discuss] How to make sure the loop invariant or loop assign is complete/sufficient for proving those post-conditions?
- Previous by thread: [Frama-c-discuss] 3rd Workshop on Theorem Proving in Certification
- Next by thread: [Frama-c-discuss] How to make sure the loop invariant or loop assign is complete/sufficient for proving those post-conditions?
- Index(es):