Frama-C-discuss mailing list archives

This page gathers the archives of the old Frama-C-discuss archives, that was hosted by Inria's gforge before its demise at the end of 2020. To search for mails newer than September 2020, please visit the page of the new mailing list on Renater.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Frama-c-discuss] memory allocation + pointers

Subject: [Frama-c-discuss] memory allocation + pointers
From: guillaume.melquiond at inria.fr (Guillaume Melquiond)
Date: Sat, 09 Aug 2014 09:14:37 +0200
In-reply-to: <CAHRgRYsoSLSongMMgCV0jKfGXB7mJdPi0W_DX4R3Eh+v2ctcGw@mail.gmail.com>
References: <CAHRgRYsoSLSongMMgCV0jKfGXB7mJdPi0W_DX4R3Eh+v2ctcGw@mail.gmail.com>

On 08/08/2014 12:48, Maria Christofi wrote:

> I have a problem with the code below.
> I want to prove the two postconditions with the Jessie plugin, but it
> doesn't seem possible..

Since you code performs xor assignments while your postconditions state 
that it performs additive assignments, the failure seems sensible. After 
changing "^=" into "+=" in the code, the two postconditions are 
instantly verified.

That said, there are a lot of things left to prove. For instance, that 
only "*a" is assigned, which is wrong. And that a[0], a[1], a[4] are 
valid cells, which is impossible to prove. And that b[3] and b[a[4]] are 
valid cells, which is also impossible to prove. So there are quite a few 
things to add or to change in the specification.

Best regards,

Guillaume

Follow-Ups:
- [Frama-c-discuss] memory allocation + pointers
  - From: maria.christofis at gmail.com (Maria Christofi)

References:
- [Frama-c-discuss] memory allocation + pointers
  - From: maria.christofis at gmail.com (Maria Christofi)

Prev by Date: [Frama-c-discuss] memory allocation + pointers
Next by Date: [Frama-c-discuss] memory allocation + pointers
Previous by thread: [Frama-c-discuss] memory allocation + pointers
Next by thread: [Frama-c-discuss] memory allocation + pointers
Index(es):
- Date
- Thread