| View Issue Details [ Jump to Notes ] | [ Issue History ] [ Print ] |
| ID | Project | Category | View Status | Date Submitted | Last Update |
| 0000614 | Frama-C | Plug-in > jessie | public | 2010-10-22 17:18 | 2010-10-22 17:18 |
|
| Reporter | Jochen | |
| Assigned To | cmarche | |
| Priority | normal | Severity | minor | Reproducibility | always |
| Status | assigned | Resolution | open | |
| Platform | | OS | | OS Version | |
| Product Version | Frama-C Boron-20100401 | |
| Target Version | | Fixed in Version | | |
|
| Summary | 0000614: "\valid(&aaa)" unprovable for global variable aaa - missing antecedens in proof obligation? |
| Description | See attached program. Jessie generates the proof obligation "(FORALL (int_P_alloc_table) (IMPLIES TRUE (<= (offset_min int_P_alloc_table aaa) 0)))" for the assert in line 8, and a similar one for offset_max.
Neither of them can be proved by any automatic prover.
I guess, the reason is that the name "aaa" appears unbound in the conclusions of both obligations, but does not appear anywhere else in the file ftest1_why.sx, so nothing is known (by the provers) about it.
If I make "aaa" a local rather than a global variable, the generated proof obligations look completely different; I feel unable to summarize the differences. |
| Tags | No tags attached. |
|
| Attached Files |  ftest1.c [^] (90 bytes) 2010-10-22 17:18 [Show Content] [Hide Content]
#pragma SeparationPolicy(none)
int aaa;
void g(void)
{
//@ assert \valid(&aaa);
}
|
|
Relationships 
Relationships