Frama-C-discuss mailing list archives

This page gathers the archives of the old Frama-C-discuss archives, that was hosted by Inria's gforge before its demise at the end of 2020. To search for mails newer than September 2020, please visit the page of the new mailing list on Renater.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Frama-c-discuss] Assign clauses with ghost variables

  • Subject: [Frama-c-discuss] Assign clauses with ghost variables
  • From: moy at adacore.com (Yannick Moy)
  • Date: Thu, 28 May 2015 21:15:09 +0200
  • In-reply-to: <CA+yPOVhUwnZLdKMb6dPNZTFmamcACU=ydVMCSnbRr9g3cA4tRw@mail.gmail.com>
  • References: <mailman.23.1432720812.15570.frama-c-discuss@lists.gforge.inria.fr> <alpine.LNX.2.03.1505280924340.1421@dordowsky.de> <5566C92C.1060105@linux-france.org> <CA+yPOVhUwnZLdKMb6dPNZTFmamcACU=ydVMCSnbRr9g3cA4tRw@mail.gmail.com>
-- Virgile Prevosto (2015-05-28)
> 
> You're perfectly right, we lack an option of an abstract memory region
> (and probably some separation formulas saying that the visible part of
> the memory is separated from it).

Or you make this the default, when you define the semantics of these new "abstract state" variables. FWIW, it's how it's done in SPARK: the abstract state of a package can only represent the concrete state defined in the private part and body of the package.

> This shows up for static variables
> C, but would be much more widespread for private members of C++
> classes.

You could then allow defining these abstract state variable for a given file, or a given C++ class (for its static private members).
--
Yannick Moy, Senior Software Engineer, AdaCore




-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.gforge.inria.fr/pipermail/frama-c-discuss/attachments/20150528/3ea52098/attachment.html>