Frama-C-discuss mailing list archives
This page gathers the archives of the old Frama-C-discuss archives, that was hosted by Inria's gforge before its demise at the end of 2020. To search for mails newer than September 2020, please visit the page of the new mailing list on Renater.
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Frama-c-discuss] trouble debugging assertions
- Subject: [Frama-c-discuss] trouble debugging assertions
- From: tim.newsham at gmail.com (Tim Newsham)
- Date: Mon, 17 Aug 2015 20:44:54 -1000
I'm getting close on my first small verification attempt (!),
but running across a problem i can't figure out.
I have code with the following specification that is being
validated by frama-c (all showing up with a green dot
in the gui):
/*@ requires \initialized(buf+(0 .. len-1));
ensures \result ≡ 0 ∨ \initialized(*\old(retp)+(0 .. *\old(lenp)-1));
assigns *retp, *lenp;
assigns *retp \from *buf, len;
assigns *lenp \from *buf, len;
*/
int auth(unsigned char *buf, unsigned int len, unsigned char **retp,
unsigned int *lenp)
I even threw in an extra assert before returning to confirm this:
/*@ assert \valid(*retp+(0 .. *lenp-1)); */ ;
__retres = 1;
return_label: return __retres;
now back at the call site I have:
ok = auth(buf,sz,& pay,& paysz);
/*@ assert ok ≡ 0 ∨ \initialized(pay+(0 .. paysz-1)); */ ;
if (ok) {
/*@ assert \initialized(pay+(0 .. paysz-1)); */ ;
there's a green dot saying the analysis is good at the auth()
call. But I have yellow dots next to the two assertions.
What is confusing me is that the assertion right after the
call site is the same (seems to me!) as the "ensures" clause
of the implementation! So why is the analyzer not drawing
the connection? Is there something I can do to help it out?
PS: none of this code is 'secret', so I can provide a full
example if it is helpful.
Tim Newsham | www.thenewsh.com/~newsham | @newshtwit | thenewsh.blogspot.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.gforge.inria.fr/pipermail/frama-c-discuss/attachments/20150817/d7530b78/attachment.html>
- Follow-Ups:
- [Frama-c-discuss] trouble debugging assertions
- From: anne.pacalet at free.fr (Anne Pacalet)
- [Frama-c-discuss] trouble debugging assertions
- From: dmentre at linux-france.org (David MENTRE)
- [Frama-c-discuss] trouble debugging assertions
- Prev by Date: [Frama-c-discuss] memcpy / memset question
- Next by Date: [Frama-c-discuss] trouble debugging assertions
- Previous by thread: [Frama-c-discuss] memcpy / memset question
- Next by thread: [Frama-c-discuss] trouble debugging assertions
- Index(es):