Frama-C-discuss mailing list archives

This page gathers the archives of the old Frama-C-discuss archives, that was hosted by Inria's gforge before its demise at the end of 2020. To search for mails newer than September 2020, please visit the page of the new mailing list on Renater.


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Frama-c-discuss] New user questions



Hello Mike,

I agree that it is not easy to debug proofs in Frama-C/WP.
You shall have a look at the interactive proof editor of Frama-C GUI.
See WP user manual section § 2.3.
In some cases, you will be able to finish difficult proofs beyond the normal capabilities of SMT provers, by applying tactics. When something is wrong in your spec or code, decomposing the proof into different sub-cases will show you where the proof can not be finished. Most of the times, this helps you figuring out a counter-example.

Regards, L.

________________________________________
De : Frama-c-discuss [frama-c-discuss-bounces at lists.gforge.inria.fr] de la part de Whalen, Mike [mww at amazon.com]
Envoyé : lundi 4 mai 2020 16:18
À : Frama-C public discussion
Objet : Re: [Frama-c-discuss] New user questions

Thank you very much for your help and your responses.  Just to be clear, I am not looking for an editor, only a better way to debug proof failures.  So far, I have not had substantial problems, but I will be looking at large code bases and I am sure will run into trouble at some point.  Any strategies for debugging proofs on large codebases would be appreciated!

Perhaps this begs a wider questions.  What do folks on this list see as the major strengths/weaknesses of frama-c using WP/Jessie as opposed to VeriFast?

Thanks again for your time,

Mike

On 5/2/20, 12:53 AM, "Frama-c-discuss on behalf of Gerlach, Jens" <frama-c-discuss-bounces at lists.gforge.inria.fr on behalf of jens.gerlach at fokus.fraunhofer.de> wrote:

    CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you can confirm the sender and know the content is safe.



    Hello Mike,

    > Finally, for debugging is there any kind of symbolic debugger or way to get counterexample information?  The VeriFast tool has a nice IDE where you can forward/back-step through a program with a symbolic heap.  At the moment, when a proof fails, I just stare hard at it and try to figure out how to fix it, but I would expect power-users have a few more things in their bag of tricks.  The WP tutorial did not have a lot of information on this aspect.

    I can totally understand this feeling because I have been working (https://github.com/fraunhoferfokus/acsl-by-example)
    with WP for a long time and also know VeriFast very well.
    The truth, however, is that I got used to it.
    At the same time, proving is expected to require a lot of thinking which sometimes might involve staring for a long time
    on some snippets of code and writing tests to check whether some assumptions that one has made are really valid.
    In fact, Frama-C also supports the combination of formal verification and testing but other people can tell you more about this.

    I am not a Frama-C developer but as far as I understand, Frama-C in general and WP in particular have been originally
    developed for domains where safety is of utmost importance. Think of air planes and nuclear power plants.
    These safety-related domains are regulated by very strict system/software development processes.
    Quick turn-arounds or agile development have only slowly entered these domains.
    In particular, it is often required in these domains that during the process of verification no (accidental) code changes can occur.
    The simplest way to achieve this is to omit the editor in the gui of the verification tool…

    Regards

    Jens




    _______________________________________________
    Frama-c-discuss mailing list
    Frama-c-discuss at lists.gforge.inria.fr
    https://lists.gforge.inria.fr/mailman/listinfo/frama-c-discuss


_______________________________________________
Frama-c-discuss mailing list
Frama-c-discuss at lists.gforge.inria.fr
https://lists.gforge.inria.fr/mailman/listinfo/frama-c-discuss