Frama-C-discuss mailing list archives
This page gathers the archives of the old Frama-C-discuss archives, that was hosted by Inria's gforge before its demise at the end of 2020. To search for mails newer than September 2020, please visit the page of the new mailing list on Renater.
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Frama-c-discuss] Behavior specification with ghost variables
- Subject: [Frama-c-discuss] Behavior specification with ghost variables
- From: frank at dordowsky.de (Frank Dordowsky)
- Date: Tue, 29 Apr 2014 14:14:57 +0200 (CEST)
- In-reply-to: <535F434C.7030105@free.fr>
- References: <alpine.LNX.2.03.1404272055440.591@dordowsky.de> <535F434C.7030105@free.fr>
Thank you for the explanation. When I use the Pre label in the final assertion of my example, these cannot be proven either. I have reformulated the behavior specifications into two equivalent ensures clauses as you have suggested, these can then be proved. However, I very much like bhavior specifications because they nicely match informal specifications and they can be labelled for reference in the documentation. Is there any other way apart from ghost variables to achieve my goal with behaviors? Frank
- References:
- [Frama-c-discuss] Behavior specification with ghost variables
- From: frank at dordowsky.de (Frank Dordowsky)
- [Frama-c-discuss] Behavior specification with ghost variables
- From: anne.pacalet at free.fr (Anne Pacalet)
- [Frama-c-discuss] Behavior specification with ghost variables
- Prev by Date: [Frama-c-discuss] Behavior specification with ghost variables
- Next by Date: [Frama-c-discuss] Behavior specification with ghost variables
- Previous by thread: [Frama-c-discuss] Behavior specification with ghost variables
- Next by thread: [Frama-c-discuss] Behavior specification with ghost variables
- Index(es):